browser_policy_connector_chromeos.cc revision 5f1c94371a64b3196d4be9466099bb892df9b88e
15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 25d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// found in the LICENSE file. 45d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 55d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" 65d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 75c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include <string> 8116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/bind.h" 9116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/bind_helpers.h" 105c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include "base/command_line.h" 115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/files/file_path.h" 12116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/location.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/logging.h" 14116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/message_loop/message_loop.h" 155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/message_loop/message_loop_proxy.h" 165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/path_service.h" 175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/prefs/pref_registry_simple.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/sequenced_task_runner.h" 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/strings/utf_string_conversions.h" 205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/threading/sequenced_worker_pool.h" 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/app_pack_updater.h" 22116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" 23116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_cloud_policy_invalidator.h" 245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h" 255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" 265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_local_account.h" 275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" 285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" 295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" 30010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" 315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/cros_settings.h" 325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/device_settings_service.h" 335c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include "chrome/browser/policy/device_management_service_configuration.h" 345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/common/pref_names.h" 355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/chromeos_paths.h" 365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/chromeos_switches.h" 375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/cryptohome/system_salt_getter.h" 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/dbus/dbus_thread_manager.h" 395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/network/network_handler.h" 405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/network/onc/onc_certificate_importer_impl.h" 415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/cros_settings_names.h" 425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/cros_settings_provider.h" 435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/settings/timezone_settings.h" 445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_client.h" 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" 465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/proxy_policy_provider.h" 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "content/public/browser/browser_thread.h" 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "google_apis/gaia/gaia_auth_util.h" 495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "net/url_request/url_request_context_getter.h" 505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)using content::BrowserThread; 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace policy { 545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace { 565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 575c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// TODO(davidyu): Update the URL to the real one once it is ready. 585c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// http://crbug.com/366491. 595c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// 605c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu// The URL for the consumer device management server. 615c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liuconst char kDefaultConsumerDeviceManagementServerUrl[] = 625c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu "https://m.google.com/devicemanagement/data/api"; 635c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Install attributes for tests. 655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)EnterpriseInstallAttributes* g_testing_install_attributes = NULL; 665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Helper that returns a new SequencedTaskRunner backed by the blocking pool. 685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Each SequencedTaskRunner returned is independent from the others. 695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)scoped_refptr<base::SequencedTaskRunner> GetBackgroundTaskRunner() { 705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::SequencedWorkerPool* pool = BrowserThread::GetBlockingPool(); 715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CHECK(pool); 725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return pool->GetSequencedTaskRunnerWithShutdownBehavior( 735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) pool->GetSequenceToken(), base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); 745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 765c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liustd::string GetConsumerDeviceManagementServerUrl() { 775c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu const CommandLine* command_line = CommandLine::ForCurrentProcess(); 785c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (command_line->HasSwitch( 795c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu chromeos::switches::kConsumerDeviceManagementUrl)) { 805c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu return command_line->GetSwitchValueASCII( 815c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu chromeos::switches::kConsumerDeviceManagementUrl); 825c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 835c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu return kDefaultConsumerDeviceManagementServerUrl; 84116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 855c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace 875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)BrowserPolicyConnectorChromeOS::BrowserPolicyConnectorChromeOS() 895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) : device_cloud_policy_manager_(NULL), 905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_(NULL), 915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) weak_ptr_factory_(this) { 925c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (g_testing_install_attributes) { 935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.reset(g_testing_install_attributes); 945c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu g_testing_install_attributes = NULL; 955c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // SystemSaltGetter or DBusThreadManager may be uninitialized on unit tests. 985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // TODO(satorux): Remove SystemSaltGetter::IsInitialized() when it's ready 1005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // (removing it now breaks tests). crbug.com/141016. 1015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (chromeos::SystemSaltGetter::IsInitialized() && 1025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DBusThreadManager::IsInitialized()) { 103010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) state_keys_broker_.reset(new ServerBackedStateKeysBroker( 104010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 105010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) base::MessageLoopProxy::current())); 106010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 1075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CryptohomeClient* cryptohome_client = 1085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DBusThreadManager::Get()->GetCryptohomeClient(); 1095c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (!install_attributes_) { 1105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.reset( 1115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new EnterpriseInstallAttributes(cryptohome_client)); 1125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FilePath install_attrs_file; 1145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CHECK(PathService::Get(chromeos::FILE_INSTALL_ATTRIBUTES, 1155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &install_attrs_file)); 1165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_->ReadCacheFile(install_attrs_file); 1175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store( 1195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new DeviceCloudPolicyStoreChromeOS( 1205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::DeviceSettingsService::Get(), 1215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_.get(), 1225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) GetBackgroundTaskRunner())); 1235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) device_cloud_policy_manager_ = 1245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new DeviceCloudPolicyManagerChromeOS(device_cloud_policy_store.Pass(), 1255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::MessageLoopProxy::current(), 126010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) state_keys_broker_.get()); 1275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) AddPolicyProvider( 1285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<ConfigurationPolicyProvider>(device_cloud_policy_manager_)); 1295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_ = new ProxyPolicyProvider(); 1325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) AddPolicyProvider(scoped_ptr<ConfigurationPolicyProvider>( 1335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_)); 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 1355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)BrowserPolicyConnectorChromeOS::~BrowserPolicyConnectorChromeOS() {} 1375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::Init( 1395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PrefService* local_state, 1405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_refptr<net::URLRequestContextGetter> request_context) { 1415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ChromeBrowserPolicyConnector::Init(local_state, request_context); 1425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1435c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu scoped_ptr<DeviceManagementService::Configuration> configuration( 1445c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu new DeviceManagementServiceConfiguration( 1455c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu GetConsumerDeviceManagementServerUrl())); 1465c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu consumer_device_management_service_.reset( 1475c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu new DeviceManagementService(configuration.Pass())); 1485c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu consumer_device_management_service_->ScheduleInitialization( 1495c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu kServiceInitializationStartupDelay); 1505c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 1515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (device_cloud_policy_manager_) { 1525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Note: for now the |device_cloud_policy_manager_| is using the global 1535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // schema registry. Eventually it will have its own registry, once device 1545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // cloud policy for extensions is introduced. That means it'd have to be 1555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // initialized from here instead of BrowserPolicyConnector::Init(). 1565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 157116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_->Initialize(local_state); 158116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 159116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_.reset( 160116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch new DeviceCloudPolicyInitializer( 1615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) local_state, 162116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_management_service(), 163116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch consumer_device_management_service(), 164116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch GetBackgroundTaskRunner(), 165116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch install_attributes_.get(), 166116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch state_keys_broker_.get(), 167116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_->device_store(), 168116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_manager_, 1695f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) chromeos::DeviceSettingsService::Get(), 170116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::Bind(&BrowserPolicyConnectorChromeOS:: 171116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch OnDeviceCloudPolicyManagerConnected, 172116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::Unretained(this)))); 1735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 175a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) device_local_account_policy_service_.reset( 176a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) new DeviceLocalAccountPolicyService( 177a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 178a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::DeviceSettingsService::Get(), 179a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) chromeos::CrosSettings::Get(), 180a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 181a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 182a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) GetBackgroundTaskRunner(), 183a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) content::BrowserThread::GetMessageLoopProxyForThread( 184a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) content::BrowserThread::IO), 185a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) request_context)); 186a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) device_local_account_policy_service_->Connect(device_management_service()); 187116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_invalidator_.reset(new DeviceCloudPolicyInvalidator); 1885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // request_context is NULL in unit tests. 1905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (request_context && install_attributes_) { 1915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) app_pack_updater_.reset( 1925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new AppPackUpdater(request_context, install_attributes_.get())); 1935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetTimezoneIfPolicyAvailable(); 1965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) network_configuration_updater_ = 1985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DeviceNetworkConfigurationUpdater::CreateForDevicePolicy( 1995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) GetPolicyService(), 2005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::NetworkHandler::Get() 2015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ->managed_network_configuration_handler(), 2025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::NetworkHandler::Get()->network_device_handler(), 2035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()); 2045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 206116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid BrowserPolicyConnectorChromeOS::ShutdownInvalidator() { 207116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_invalidator_.reset(); 208116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 209116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::Shutdown() { 211116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // Verify that ShutdownInvalidator() has been called first. 212116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch DCHECK(!device_cloud_policy_invalidator_); 213116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // The AppPackUpdater may be observing the |device_cloud_policy_manager_|. 2155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Delete it first. 2165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) app_pack_updater_.reset(); 2175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) network_configuration_updater_.reset(); 2195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (device_local_account_policy_service_) 2215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) device_local_account_policy_service_->Shutdown(); 2225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 223116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (device_cloud_policy_initializer_) 224116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_->Shutdown(); 225116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ChromeBrowserPolicyConnector::Shutdown(); 2275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)bool BrowserPolicyConnectorChromeOS::IsEnterpriseManaged() { 2305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ && install_attributes_->IsEnterpriseDevice(); 2315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)std::string BrowserPolicyConnectorChromeOS::GetEnterpriseDomain() { 2345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ ? install_attributes_->GetDomain() : std::string(); 2355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)DeviceMode BrowserPolicyConnectorChromeOS::GetDeviceMode() { 2385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return install_attributes_ ? install_attributes_->GetMode() 2395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) : DEVICE_MODE_NOT_SET; 2405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)UserAffiliation BrowserPolicyConnectorChromeOS::GetUserAffiliation( 2435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& user_name) { 2445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // An empty username means incognito user in case of ChromiumOS and 2455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // no logged-in user in case of Chromium (SigninService). Many tests use 2465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // nonsense email addresses (e.g. 'test') so treat those as non-enterprise 2475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // users. 2485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (user_name.empty() || user_name.find('@') == std::string::npos) 2495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_NONE; 2505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (install_attributes_ && 2525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) (gaia::ExtractDomainName(gaia::CanonicalizeEmail(user_name)) == 2535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) install_attributes_->GetDomain() || 2545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy::IsDeviceLocalAccountUser(user_name, NULL))) { 2555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_MANAGED; 2565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 2575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return USER_AFFILIATION_NONE; 2595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)AppPackUpdater* BrowserPolicyConnectorChromeOS::GetAppPackUpdater() { 2625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return app_pack_updater_.get(); 2635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetUserPolicyDelegate( 2665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConfigurationPolicyProvider* user_policy_provider) { 2675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) global_user_cloud_policy_provider_->SetDelegate(user_policy_provider); 2685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetInstallAttributesForTesting( 2715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EnterpriseInstallAttributes* attributes) { 2725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DCHECK(!g_testing_install_attributes); 2735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) g_testing_install_attributes = attributes; 2745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2765c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liuvoid BrowserPolicyConnectorChromeOS::RemoveInstallAttributesForTesting() { 2775c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu if (g_testing_install_attributes) { 2785c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu delete g_testing_install_attributes; 2795c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu g_testing_install_attributes = NULL; 2805c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu } 2815c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu} 2825c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu 2835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// static 2845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::RegisterPrefs( 2855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PrefRegistrySimple* registry) { 2865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) registry->RegisterIntegerPref( 2875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) prefs::kDevicePolicyRefreshRate, 2885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CloudPolicyRefreshScheduler::kDefaultRefreshDelayMs); 2895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void BrowserPolicyConnectorChromeOS::SetTimezoneIfPolicyAvailable() { 2925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) typedef chromeos::CrosSettingsProvider Provider; 2935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Provider::TrustedStatus result = 2945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()->PrepareTrustedValues(base::Bind( 2955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &BrowserPolicyConnectorChromeOS::SetTimezoneIfPolicyAvailable, 2965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) weak_ptr_factory_.GetWeakPtr())); 2975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (result != Provider::TRUSTED) 2995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return; 3005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) std::string timezone; 3025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (chromeos::CrosSettings::Get()->GetString(chromeos::kSystemTimezonePolicy, 3035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &timezone) && 3045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) !timezone.empty()) { 3055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::system::TimezoneSettings::GetInstance()->SetTimezoneFromID( 3065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::UTF8ToUTF16(timezone)); 3075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 3085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 3095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 310116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid BrowserPolicyConnectorChromeOS::OnDeviceCloudPolicyManagerConnected() { 311116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // This function is invoked by DCPInitializer, so we should release the 312116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // initializer after this function returns. 313116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (device_cloud_policy_initializer_) { 314116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch device_cloud_policy_initializer_->Shutdown(); 315116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::MessageLoop::current()->DeleteSoon( 316116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch FROM_HERE, device_cloud_policy_initializer_.release()); 317116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 318116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 319116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 3205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace policy 321