| Index: chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| diff --git a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| index f2b266485a86e94be1f639cba479736e2fecb1c3..009da04087bcbd25dc681a3889596aeb41b60a60 100644
|
| --- a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| +++ b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| @@ -22,7 +22,6 @@
|
| #include "chromeos/dbus/dbus_thread_manager.h"
|
| #include "chromeos/tpm_token_loader.h"
|
| #include "components/ownership/owner_key_util.h"
|
| -#include "components/policy/core/common/cloud/cloud_policy_constants.h"
|
| #include "components/user_manager/user.h"
|
| #include "content/public/browser/browser_thread.h"
|
| #include "content/public/browser/notification_details.h"
|
| @@ -148,8 +147,40 @@ void DoesPrivateKeyExistAsync(
|
| callback);
|
| }
|
|
|
| +// Returns true if it is okay to transfer from the current mode to the new
|
| +// mode. This function should be called in SetManagementMode().
|
| +bool CheckManagementModeTransition(policy::ManagementMode current_mode,
|
| + policy::ManagementMode new_mode) {
|
| + // Mode is not changed.
|
| + if (current_mode == new_mode)
|
| + return true;
|
| +
|
| + switch (current_mode) {
|
| + case policy::MANAGEMENT_MODE_LOCAL_OWNER:
|
| + // For consumer management enrollment.
|
| + return new_mode == policy::MANAGEMENT_MODE_CONSUMER_MANAGED;
|
| +
|
| + case policy::MANAGEMENT_MODE_ENTERPRISE_MANAGED:
|
| + // Management mode cannot be set when it is currently ENTERPRISE_MANAGED.
|
| + return false;
|
| +
|
| + case policy::MANAGEMENT_MODE_CONSUMER_MANAGED:
|
| + // For consumer management unenrollment.
|
| + return new_mode == policy::MANAGEMENT_MODE_LOCAL_OWNER;
|
| + }
|
| +
|
| + NOTREACHED();
|
| + return false;
|
| +}
|
| +
|
| } // namespace
|
|
|
| +OwnerSettingsServiceChromeOS::ManagementSettings::ManagementSettings() {
|
| +}
|
| +
|
| +OwnerSettingsServiceChromeOS::ManagementSettings::~ManagementSettings() {
|
| +}
|
| +
|
| OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS(
|
| DeviceSettingsService* device_settings_service,
|
| Profile* profile,
|
| @@ -159,6 +190,7 @@ OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS(
|
| profile_(profile),
|
| waiting_for_profile_creation_(true),
|
| waiting_for_tpm_token_(true),
|
| + has_pending_management_settings_(false),
|
| weak_factory_(this),
|
| store_settings_factory_(this) {
|
| if (TPMTokenLoader::IsInitialized()) {
|
| @@ -289,6 +321,38 @@ void OwnerSettingsServiceChromeOS::OnDeviceSettingsServiceShutdown() {
|
| device_settings_service_ = nullptr;
|
| }
|
|
|
| +void OwnerSettingsServiceChromeOS::SetManagementSettings(
|
| + const ManagementSettings& settings,
|
| + const OnManagementSettingsSetCallback& callback) {
|
| + if ((!IsOwner() && !IsOwnerInTests(user_id_))) {
|
| + if (!callback.is_null())
|
| + callback.Run(false /* success */);
|
| + return;
|
| + }
|
| +
|
| + policy::ManagementMode current_mode = policy::MANAGEMENT_MODE_LOCAL_OWNER;
|
| + if (has_pending_management_settings_) {
|
| + current_mode = pending_management_settings_.management_mode;
|
| + } else if (device_settings_service_ &&
|
| + device_settings_service_->policy_data()) {
|
| + current_mode =
|
| + policy::GetManagementMode(*device_settings_service_->policy_data());
|
| + }
|
| +
|
| + if (!CheckManagementModeTransition(current_mode, settings.management_mode)) {
|
| + LOG(ERROR) << "Invalid management mode transition: current mode = "
|
| + << current_mode << ", new mode = " << settings.management_mode;
|
| + if (!callback.is_null())
|
| + callback.Run(false /* success */);
|
| + return;
|
| + }
|
| +
|
| + pending_management_settings_ = settings;
|
| + has_pending_management_settings_ = true;
|
| + pending_management_settings_callbacks_.push_back(callback);
|
| + StorePendingChanges();
|
| +}
|
| +
|
| // static
|
| void OwnerSettingsServiceChromeOS::IsOwnerForSafeModeAsync(
|
| const std::string& user_hash,
|
| @@ -617,6 +681,15 @@ void OwnerSettingsServiceChromeOS::StorePendingChanges() {
|
|
|
| scoped_ptr<em::PolicyData> policy = AssemblePolicy(
|
| user_id_, device_settings_service_->policy_data(), &settings);
|
| +
|
| + if (has_pending_management_settings_) {
|
| + policy::SetManagementMode(*policy,
|
| + pending_management_settings_.management_mode);
|
| + policy->set_request_token(pending_management_settings_.request_token);
|
| + policy->set_device_id(pending_management_settings_.device_id);
|
| + }
|
| + has_pending_management_settings_ = false;
|
| +
|
| bool rv = AssembleAndSignPolicyAsync(
|
| content::BrowserThread::GetBlockingPool(), policy.Pass(),
|
| base::Bind(&OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned,
|
| @@ -641,7 +714,7 @@ void OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned(
|
| void OwnerSettingsServiceChromeOS::OnSignedPolicyStored(bool success) {
|
| CHECK(device_settings_service_);
|
| ReportStatusAndContinueStoring(success &&
|
| - device_settings_service_->status() !=
|
| + device_settings_service_->status() ==
|
| DeviceSettingsService::STORE_SUCCESS);
|
| }
|
|
|
| @@ -650,6 +723,13 @@ void OwnerSettingsServiceChromeOS::ReportStatusAndContinueStoring(
|
| store_settings_factory_.InvalidateWeakPtrs();
|
| FOR_EACH_OBSERVER(OwnerSettingsService::Observer, observers_,
|
| OnSignedPolicyStored(success));
|
| +
|
| + std::vector<OnManagementSettingsSetCallback> callbacks;
|
| + pending_management_settings_callbacks_.swap(callbacks);
|
| + for (const auto& callback : callbacks) {
|
| + if (!callback.is_null())
|
| + callback.Run(success);
|
| + }
|
| StorePendingChanges();
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 769703003:
SetManagementSettings() is moved to OwnerSettingsServiceChromeOS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master