15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 25d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// found in the LICENSE file. 45d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 55d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" 65d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 75c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include <string> 8116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/bind.h" 9116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/bind_helpers.h" 105c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include "base/command_line.h" 115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/files/file_path.h" 12116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/location.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/logging.h" 14116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/message_loop/message_loop.h" 155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/message_loop/message_loop_proxy.h" 165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/path_service.h" 175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/prefs/pref_registry_simple.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/sequenced_task_runner.h" 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/strings/utf_string_conversions.h" 205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/threading/sequenced_worker_pool.h" 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/app_pack_updater.h" 226e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#include "chrome/browser/chromeos/policy/consumer_management_service.h" 23116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" 24116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_cloud_policy_invalidator.h" 255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h" 265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" 275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_local_account.h" 285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" 295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" 305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" 31010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" 325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/cros_settings.h" 335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/device_settings_service.h" 345c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include "chrome/browser/policy/device_management_service_configuration.h" 355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/common/pref_names.h" 365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/chromeos_paths.h" 375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/chromeos_switches.h" 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/cryptohome/system_salt_getter.h" 396e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#include "chromeos/dbus/cryptohome_client.h" 405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/dbus/dbus_thread_manager.h" 415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/network/network_handler.h" 425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/network/onc/onc_certificate_importer_impl.h" 435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/cros_settings_names.h" 445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/cros_settings_provider.h" 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/timezone_settings.h" 465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_client.h" 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/proxy_policy_provider.h" 495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "content/public/browser/browser_thread.h" 505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "google_apis/gaia/gaia_auth_util.h" 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "net/url_request/url_request_context_getter.h" 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)using content::BrowserThread; 545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace policy { 565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace { 585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 595c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// TODO(davidyu): Update the URL to the real one once it is ready. 605c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// http://crbug.com/366491. 615c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// 625c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// The URL for the consumer device management server. 635c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liuconst char kDefaultConsumerDeviceManagementServerUrl[] = 645c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu "https://m.google.com/devicemanagement/data/api"; 655c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Install attributes for tests. 675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)EnterpriseInstallAttributes* g_testing_install_attributes = NULL; 685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Helper that returns a new SequencedTaskRunner backed by the blocking pool. 705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Each SequencedTaskRunner returned is independent from the others. 715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)scoped_refptr<base::SequencedTaskRunner> GetBackgroundTaskRunner() { 725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::SequencedWorkerPool* pool = BrowserThread::GetBlockingPool(); 735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CHECK(pool); 745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return pool->GetSequencedTaskRunnerWithShutdownBehavior( 755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) pool->GetSequenceToken(), base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); 765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 786e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)std::string GetDeviceManagementServerUrlForConsumer() { 795c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu const CommandLine* command_line = CommandLine::ForCurrentProcess(); 805c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (command_line->HasSwitch( 815c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu chromeos::switches::kConsumerDeviceManagementUrl)) { 825c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu return command_line->GetSwitchValueASCII( 835c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu chromeos::switches::kConsumerDeviceManagementUrl); 845c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 855c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu return kDefaultConsumerDeviceManagementServerUrl; 86116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 875c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace 895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)BrowserPolicyConnectorChromeOS::BrowserPolicyConnectorChromeOS() 915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) : device_cloud_policy_manager_(NULL), 925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_(NULL), 935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) weak_ptr_factory_(this) { 945c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (g_testing_install_attributes) { 955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.reset(g_testing_install_attributes); 965c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu g_testing_install_attributes = NULL; 975c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // SystemSaltGetter or DBusThreadManager may be uninitialized on unit tests. 1005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // TODO(satorux): Remove SystemSaltGetter::IsInitialized() when it's ready 1025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // (removing it now breaks tests). crbug.com/141016. 1035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (chromeos::SystemSaltGetter::IsInitialized() && 1045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DBusThreadManager::IsInitialized()) { 105010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) state_keys_broker_.reset(new ServerBackedStateKeysBroker( 106010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 107010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) base::MessageLoopProxy::current())); 108010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 1095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CryptohomeClient* cryptohome_client = 1105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DBusThreadManager::Get()->GetCryptohomeClient(); 1115c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (!install_attributes_) { 1125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.reset( 1135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new EnterpriseInstallAttributes(cryptohome_client)); 1145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FilePath install_attrs_file; 1165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CHECK(PathService::Get(chromeos::FILE_INSTALL_ATTRIBUTES, 1175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &install_attrs_file)); 1185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_->ReadCacheFile(install_attrs_file); 1195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store( 1215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new DeviceCloudPolicyStoreChromeOS( 1225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DeviceSettingsService::Get(), 1235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.get(), 1245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) GetBackgroundTaskRunner())); 1255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) device_cloud_policy_manager_ = 1265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new DeviceCloudPolicyManagerChromeOS(device_cloud_policy_store.Pass(), 1275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::MessageLoopProxy::current(), 128010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) state_keys_broker_.get()); 1295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) AddPolicyProvider( 1305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<ConfigurationPolicyProvider>(device_cloud_policy_manager_)); 1315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_ = new ProxyPolicyProvider(); 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) AddPolicyProvider(scoped_ptr<ConfigurationPolicyProvider>( 1355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_)); 1365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 1375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)BrowserPolicyConnectorChromeOS::~BrowserPolicyConnectorChromeOS() {} 1395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::Init( 1415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PrefService* local_state, 1425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_refptr<net::URLRequestContextGetter> request_context) { 1435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ChromeBrowserPolicyConnector::Init(local_state, request_context); 1445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1455c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu scoped_ptr<DeviceManagementService::Configuration> configuration( 1465c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu new DeviceManagementServiceConfiguration( 1476e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) GetDeviceManagementServerUrlForConsumer())); 1485c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu consumer_device_management_service_.reset( 1495c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu new DeviceManagementService(configuration.Pass())); 1505c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu consumer_device_management_service_->ScheduleInitialization( 1515c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu kServiceInitializationStartupDelay); 1525c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 1536e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) const CommandLine* command_line = CommandLine::ForCurrentProcess(); 1546e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) if (command_line->HasSwitch(chromeos::switches::kEnableConsumerManagement)) { 1556e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) chromeos::CryptohomeClient* cryptohome_client = 1566e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) chromeos::DBusThreadManager::Get()->GetCryptohomeClient(); 1576e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) consumer_management_service_.reset( 1581320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci new ConsumerManagementService(cryptohome_client, 1591320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci chromeos::DeviceSettingsService::Get())); 1606e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) } 1616e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) 1625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (device_cloud_policy_manager_) { 1635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Note: for now the |device_cloud_policy_manager_| is using the global 1645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // schema registry. Eventually it will have its own registry, once device 1655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // cloud policy for extensions is introduced. That means it'd have to be 1665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // initialized from here instead of BrowserPolicyConnector::Init(). 1675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 168116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_->Initialize(local_state); 169116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 170116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_.reset( 171116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch new DeviceCloudPolicyInitializer( 1725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) local_state, 173116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_management_service(), 1746e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) GetDeviceManagementServiceForConsumer(), 175116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch GetBackgroundTaskRunner(), 176116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch install_attributes_.get(), 177116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch state_keys_broker_.get(), 178116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_->device_store(), 179116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_, 1805f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) chromeos::DeviceSettingsService::Get(), 181116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::Bind(&BrowserPolicyConnectorChromeOS:: 182116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch OnDeviceCloudPolicyManagerConnected, 183116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::Unretained(this)))); 18403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) device_cloud_policy_initializer_->Init(); 1855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 187a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) device_local_account_policy_service_.reset( 188a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) new DeviceLocalAccountPolicyService( 189a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 190a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::DeviceSettingsService::Get(), 191a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::CrosSettings::Get(), 192a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 193a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 194a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 195a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) content::BrowserThread::GetMessageLoopProxyForThread( 196a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) content::BrowserThread::IO), 197a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) request_context)); 198a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) device_local_account_policy_service_->Connect(device_management_service()); 199116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_invalidator_.reset(new DeviceCloudPolicyInvalidator); 2005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // request_context is NULL in unit tests. 2021320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci if (request_context.get() && install_attributes_) { 2035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) app_pack_updater_.reset( 2041320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci new AppPackUpdater(request_context.get(), install_attributes_.get())); 2055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 2065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetTimezoneIfPolicyAvailable(); 2085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) network_configuration_updater_ = 2105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DeviceNetworkConfigurationUpdater::CreateForDevicePolicy( 2115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) GetPolicyService(), 2125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::NetworkHandler::Get() 2135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ->managed_network_configuration_handler(), 2145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::NetworkHandler::Get()->network_device_handler(), 2155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()); 2165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 21803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::PreShutdown() { 21903b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // Let the |device_cloud_policy_invalidator_| unregister itself as an 22003b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // observer of per-Profile InvalidationServices and the device-global 22103b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // invalidation::TiclInvalidationService it may have created as an observer of 22203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // the DeviceOAuth2TokenService that is destroyed before Shutdown() is called. 223116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_invalidator_.reset(); 22403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) 22503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // The |consumer_management_service_| may be observing a 22603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // ProfileOAuth2TokenService and needs to be destroyed before the token 22703b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // service. 22803b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) consumer_management_service_.reset(); 229116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 230116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::Shutdown() { 23203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) // Verify that PreShutdown() has been called first. 233116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch DCHECK(!device_cloud_policy_invalidator_); 23403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) DCHECK(!consumer_management_service_); 235116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // The AppPackUpdater may be observing the |device_cloud_policy_manager_|. 2375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Delete it first. 2385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) app_pack_updater_.reset(); 2395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) network_configuration_updater_.reset(); 2415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (device_local_account_policy_service_) 2435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) device_local_account_policy_service_->Shutdown(); 2445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 245116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (device_cloud_policy_initializer_) 246116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_->Shutdown(); 247116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ChromeBrowserPolicyConnector::Shutdown(); 2495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)bool BrowserPolicyConnectorChromeOS::IsEnterpriseManaged() { 2525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ && install_attributes_->IsEnterpriseDevice(); 2535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)std::string BrowserPolicyConnectorChromeOS::GetEnterpriseDomain() { 2565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ ? install_attributes_->GetDomain() : std::string(); 2575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)DeviceMode BrowserPolicyConnectorChromeOS::GetDeviceMode() { 2605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ ? install_attributes_->GetMode() 2615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) : DEVICE_MODE_NOT_SET; 2625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)UserAffiliation BrowserPolicyConnectorChromeOS::GetUserAffiliation( 2655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& user_name) { 2665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // An empty username means incognito user in case of ChromiumOS and 2675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // no logged-in user in case of Chromium (SigninService). Many tests use 2685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // nonsense email addresses (e.g. 'test') so treat those as non-enterprise 2695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // users. 2705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (user_name.empty() || user_name.find('@') == std::string::npos) 2715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_NONE; 2725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (install_attributes_ && 2745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) (gaia::ExtractDomainName(gaia::CanonicalizeEmail(user_name)) == 2755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_->GetDomain() || 2765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy::IsDeviceLocalAccountUser(user_name, NULL))) { 2775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_MANAGED; 2785d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 2795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_NONE; 2815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)AppPackUpdater* BrowserPolicyConnectorChromeOS::GetAppPackUpdater() { 2845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return app_pack_updater_.get(); 2855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetUserPolicyDelegate( 2885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConfigurationPolicyProvider* user_policy_provider) { 2895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_->SetDelegate(user_policy_provider); 2905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 29203b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetDeviceCloudPolicyInitializerForTesting( 29303b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) scoped_ptr<DeviceCloudPolicyInitializer> initializer) { 29403b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) device_cloud_policy_initializer_ = initializer.Pass(); 29503b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles)} 29603b57e008b61dfcb1fbad3aea950ae0e001748b0Torne (Richard Coles) 2975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting( 2985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EnterpriseInstallAttributes* attributes) { 2995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DCHECK(!g_testing_install_attributes); 3005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) g_testing_install_attributes = attributes; 3015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 3025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3035c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liuvoid BrowserPolicyConnectorChromeOS::RemoveInstallAttributesForTesting() { 3045c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (g_testing_install_attributes) { 3055c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu delete g_testing_install_attributes; 3065c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu g_testing_install_attributes = NULL; 3075c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 3085c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu} 3095c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 3105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// static 3115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::RegisterPrefs( 3125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PrefRegistrySimple* registry) { 3135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) registry->RegisterIntegerPref( 3145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) prefs::kDevicePolicyRefreshRate, 3155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CloudPolicyRefreshScheduler::kDefaultRefreshDelayMs); 3165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 3175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetTimezoneIfPolicyAvailable() { 3195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) typedef chromeos::CrosSettingsProvider Provider; 3205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Provider::TrustedStatus result = 3215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()->PrepareTrustedValues(base::Bind( 3225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &BrowserPolicyConnectorChromeOS::SetTimezoneIfPolicyAvailable, 3235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) weak_ptr_factory_.GetWeakPtr())); 3245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (result != Provider::TRUSTED) 3265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return; 3275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) std::string timezone; 3295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (chromeos::CrosSettings::Get()->GetString(chromeos::kSystemTimezonePolicy, 3305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &timezone) && 3315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) !timezone.empty()) { 3325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::system::TimezoneSettings::GetInstance()->SetTimezoneFromID( 3335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::UTF8ToUTF16(timezone)); 3345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 3355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 3365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 337116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid BrowserPolicyConnectorChromeOS::OnDeviceCloudPolicyManagerConnected() { 338116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // This function is invoked by DCPInitializer, so we should release the 339116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // initializer after this function returns. 340116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (device_cloud_policy_initializer_) { 341116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_->Shutdown(); 342116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::MessageLoop::current()->DeleteSoon( 343116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch FROM_HERE, device_cloud_policy_initializer_.release()); 344116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 345116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 346116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 3475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace policy 348