configuration_policy_handler_chromeos.cc revision 7dbb3d5cf0c15f500944d211057644d6a2f37371
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/policy/configuration_policy_handler_chromeos.h" 6 7#include <string> 8 9#include "ash/magnifier/magnifier_constants.h" 10#include "base/callback.h" 11#include "base/json/json_reader.h" 12#include "base/json/json_writer.h" 13#include "base/memory/scoped_ptr.h" 14#include "base/prefs/pref_value_map.h" 15#include "base/strings/string_util.h" 16#include "base/values.h" 17#include "chrome/browser/policy/external_data_fetcher.h" 18#include "chrome/browser/policy/policy_error_map.h" 19#include "chrome/browser/policy/policy_map.h" 20#include "chrome/browser/ui/ash/chrome_launcher_prefs.h" 21#include "chrome/common/pref_names.h" 22#include "chromeos/network/onc/onc_constants.h" 23#include "chromeos/network/onc/onc_signature.h" 24#include "chromeos/network/onc/onc_utils.h" 25#include "chromeos/network/onc/onc_validator.h" 26#include "grit/generated_resources.h" 27#include "policy/policy_constants.h" 28 29namespace onc = chromeos::onc; 30 31namespace policy { 32 33// static 34NetworkConfigurationPolicyHandler* 35NetworkConfigurationPolicyHandler::CreateForUserPolicy() { 36 return new NetworkConfigurationPolicyHandler( 37 key::kOpenNetworkConfiguration, onc::ONC_SOURCE_USER_POLICY); 38} 39 40// static 41NetworkConfigurationPolicyHandler* 42NetworkConfigurationPolicyHandler::CreateForDevicePolicy() { 43 return new NetworkConfigurationPolicyHandler( 44 key::kDeviceOpenNetworkConfiguration, onc::ONC_SOURCE_DEVICE_POLICY); 45} 46 47NetworkConfigurationPolicyHandler::~NetworkConfigurationPolicyHandler() {} 48 49bool NetworkConfigurationPolicyHandler::CheckPolicySettings( 50 const PolicyMap& policies, 51 PolicyErrorMap* errors) { 52 const base::Value* value; 53 if (!CheckAndGetValue(policies, errors, &value)) 54 return false; 55 56 if (value) { 57 std::string onc_blob; 58 value->GetAsString(&onc_blob); 59 scoped_ptr<base::DictionaryValue> root_dict = 60 onc::ReadDictionaryFromJson(onc_blob); 61 if (root_dict.get() == NULL) { 62 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_FAILED); 63 return false; 64 } 65 66 // Validate the ONC dictionary. We are liberal and ignore unknown field 67 // names and ignore invalid field names in kRecommended arrays. 68 onc::Validator validator(false, // Ignore unknown fields. 69 false, // Ignore invalid recommended field names. 70 true, // Fail on missing fields. 71 true); // Validate for managed ONC 72 validator.SetOncSource(onc_source_); 73 74 // ONC policies are always unencrypted. 75 onc::Validator::Result validation_result; 76 root_dict = validator.ValidateAndRepairObject( 77 &onc::kToplevelConfigurationSignature, *root_dict, &validation_result); 78 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) { 79 errors->AddError(policy_name(), 80 IDS_POLICY_NETWORK_CONFIG_IMPORT_PARTIAL); 81 } else if (validation_result == onc::Validator::INVALID) { 82 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_IMPORT_FAILED); 83 } 84 85 // In any case, don't reject the policy as some networks or certificates 86 // could still be applied. 87 } 88 89 return true; 90} 91 92void NetworkConfigurationPolicyHandler::ApplyPolicySettings( 93 const PolicyMap& policies, 94 PrefValueMap* prefs) { 95 // Network policy is read directly from the provider and injected into 96 // NetworkLibrary, so no need to convert the policy settings into prefs. 97} 98 99void NetworkConfigurationPolicyHandler::PrepareForDisplaying( 100 PolicyMap* policies) const { 101 const PolicyMap::Entry* entry = policies->Get(policy_name()); 102 if (!entry) 103 return; 104 base::Value* sanitized_config = SanitizeNetworkConfig(entry->value); 105 if (!sanitized_config) 106 sanitized_config = base::Value::CreateNullValue(); 107 108 policies->Set(policy_name(), entry->level, entry->scope, 109 sanitized_config, NULL); 110} 111 112NetworkConfigurationPolicyHandler::NetworkConfigurationPolicyHandler( 113 const char* policy_name, 114 chromeos::onc::ONCSource onc_source) 115 : TypeCheckingPolicyHandler(policy_name, base::Value::TYPE_STRING), 116 onc_source_(onc_source) { 117} 118 119// static 120base::Value* NetworkConfigurationPolicyHandler::SanitizeNetworkConfig( 121 const base::Value* config) { 122 std::string json_string; 123 if (!config->GetAsString(&json_string)) 124 return NULL; 125 126 scoped_ptr<base::DictionaryValue> toplevel_dict = 127 onc::ReadDictionaryFromJson(json_string); 128 if (!toplevel_dict) 129 return NULL; 130 131 // Placeholder to insert in place of the filtered setting. 132 const char kPlaceholder[] = "********"; 133 134 toplevel_dict = onc::MaskCredentialsInOncObject( 135 onc::kToplevelConfigurationSignature, 136 *toplevel_dict, 137 kPlaceholder); 138 139 base::JSONWriter::WriteWithOptions(toplevel_dict.get(), 140 base::JSONWriter::OPTIONS_DO_NOT_ESCAPE | 141 base::JSONWriter::OPTIONS_PRETTY_PRINT, 142 &json_string); 143 return base::Value::CreateStringValue(json_string); 144} 145 146PinnedLauncherAppsPolicyHandler::PinnedLauncherAppsPolicyHandler() 147 : ExtensionListPolicyHandler(key::kPinnedLauncherApps, 148 prefs::kPinnedLauncherApps, 149 false) {} 150 151PinnedLauncherAppsPolicyHandler::~PinnedLauncherAppsPolicyHandler() {} 152 153void PinnedLauncherAppsPolicyHandler::ApplyPolicySettings( 154 const PolicyMap& policies, 155 PrefValueMap* prefs) { 156 PolicyErrorMap errors; 157 const base::Value* policy_value = policies.GetValue(policy_name()); 158 const base::ListValue* policy_list = NULL; 159 if (policy_value && policy_value->GetAsList(&policy_list) && policy_list) { 160 base::ListValue* pinned_apps_list = new base::ListValue(); 161 for (base::ListValue::const_iterator entry(policy_list->begin()); 162 entry != policy_list->end(); ++entry) { 163 std::string id; 164 if ((*entry)->GetAsString(&id)) { 165 base::DictionaryValue* app_dict = new base::DictionaryValue(); 166 app_dict->SetString(ash::kPinnedAppsPrefAppIDPath, id); 167 pinned_apps_list->Append(app_dict); 168 } 169 } 170 prefs->SetValue(pref_path(), pinned_apps_list); 171 } 172} 173 174ScreenMagnifierPolicyHandler::ScreenMagnifierPolicyHandler() 175 : IntRangePolicyHandlerBase(key::kScreenMagnifierType, 176 0, ash::MAGNIFIER_FULL, false) { 177} 178 179ScreenMagnifierPolicyHandler::~ScreenMagnifierPolicyHandler() { 180} 181 182void ScreenMagnifierPolicyHandler::ApplyPolicySettings( 183 const PolicyMap& policies, 184 PrefValueMap* prefs) { 185 const base::Value* value = policies.GetValue(policy_name()); 186 int value_in_range; 187 if (value && EnsureInRange(value, &value_in_range, NULL)) { 188 prefs->SetValue(prefs::kScreenMagnifierEnabled, 189 base::Value::CreateBooleanValue(value_in_range != 0)); 190 prefs->SetValue(prefs::kScreenMagnifierType, 191 base::Value::CreateIntegerValue(value_in_range)); 192 } 193} 194 195} // namespace policy 196