1c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Copyright (c) 2013 The Chromium Authors. All rights reserved. 2c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// found in the LICENSE file. 4c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 5c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.h" 6c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 7f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/bind.h" 8c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/command_line.h" 9c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/files/file_path.h" 10c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/logging.h" 11d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "base/memory/ref_counted.h" 12d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "base/message_loop/message_loop_proxy.h" 13c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/path_service.h" 14d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "base/sequenced_task_runner.h" 15d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "base/threading/sequenced_worker_pool.h" 1658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)#include "base/time/time.h" 17c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/browser_process.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/login/login_utils.h" 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" 20d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "chrome/browser/chromeos/policy/user_cloud_external_data_manager.h" 21c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" 22c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" 23c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/chromeos/profiles/profile_helper.h" 24f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "chrome/browser/policy/schema_registry_service.h" 25f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "chrome/browser/policy/schema_registry_service_factory.h" 26c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chrome/browser/profiles/profile.h" 27c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chromeos/chromeos_paths.h" 28c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chromeos/chromeos_switches.h" 29c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "chromeos/dbus/dbus_thread_manager.h" 30a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#include "components/keyed_service/content/browser_context_dependency_manager.h" 31116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/policy/core/browser/browser_policy_connector.h" 32a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_external_data_manager.h" 33a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/device_management_service.h" 345f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "components/user_manager/user.h" 356e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#include "components/user_manager/user_manager.h" 36116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/user_manager/user_type.h" 37d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "content/public/browser/browser_thread.h" 38c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/url_request/url_request_context_getter.h" 39d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "policy/policy_constants.h" 40c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 41c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace policy { 42c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 43c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace { 44c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 45c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Subdirectory in the user's profile for storing legacy user policies. 46c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const base::FilePath::CharType kDeviceManagementDir[] = 47c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) FILE_PATH_LITERAL("Device Management"); 48f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 49c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// File in the above directory for storing legacy user policy dmtokens. 50c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const base::FilePath::CharType kToken[] = FILE_PATH_LITERAL("Token"); 51f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 52c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// This constant is used to build two different paths. It can be a file inside 53c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// kDeviceManagementDir where legacy user policy data is stored, and it can be 54c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// a directory inside the profile directory where other resources are stored. 55c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const base::FilePath::CharType kPolicy[] = FILE_PATH_LITERAL("Policy"); 56f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 57f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Directory under kPolicy, in the user's profile dir, where policy for 58f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// components is cached. 59f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)const base::FilePath::CharType kComponentsDir[] = 60f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) FILE_PATH_LITERAL("Components"); 61f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 62d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)// Directory in which to store external policy data. This is specified relative 63d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)// to kPolicy. 64d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)const base::FilePath::CharType kPolicyExternalDataDir[] = 65d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) FILE_PATH_LITERAL("External Data"); 66c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 6758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// Timeout in seconds after which to abandon the initial policy fetch and start 6858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// the session regardless. 6958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)const int kInitialPolicyFetchTimeoutSeconds = 10; 7058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 71c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace 72c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 73c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// static 74c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)UserCloudPolicyManagerFactoryChromeOS* 75c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerFactoryChromeOS::GetInstance() { 76c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return Singleton<UserCloudPolicyManagerFactoryChromeOS>::get(); 77c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 78c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 79c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// static 80c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)UserCloudPolicyManagerChromeOS* 81c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerFactoryChromeOS::GetForProfile( 82c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile) { 83c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return GetInstance()->GetManagerForProfile(profile); 84c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 85c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 86c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// static 87c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)scoped_ptr<UserCloudPolicyManagerChromeOS> 88c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerFactoryChromeOS::CreateForProfile( 89c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile, 908bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) bool force_immediate_load, 918bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) scoped_refptr<base::SequencedTaskRunner> background_task_runner) { 928bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) return GetInstance()->CreateManagerForProfile( 938bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) profile, force_immediate_load, background_task_runner); 94c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 95c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 96c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)UserCloudPolicyManagerFactoryChromeOS::UserCloudPolicyManagerFactoryChromeOS() 9790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) : BrowserContextKeyedBaseFactory( 9890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) "UserCloudPolicyManagerChromeOS", 99f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) BrowserContextDependencyManager::GetInstance()) { 100f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) DependsOn(SchemaRegistryServiceFactory::GetInstance()); 101f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 102c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 103c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)UserCloudPolicyManagerFactoryChromeOS:: 104c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) ~UserCloudPolicyManagerFactoryChromeOS() {} 105c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 106c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)UserCloudPolicyManagerChromeOS* 107c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerFactoryChromeOS::GetManagerForProfile( 108c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile) { 109c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Get the manager for the original profile, since the PolicyService is 110c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // also shared between the incognito Profile and the original Profile. 111c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) ManagerMap::const_iterator it = managers_.find(profile->GetOriginalProfile()); 112c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return it != managers_.end() ? it->second : NULL; 113c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 114c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 115c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)scoped_ptr<UserCloudPolicyManagerChromeOS> 116c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerFactoryChromeOS::CreateManagerForProfile( 117c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile, 1188bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) bool force_immediate_load, 1198bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) scoped_refptr<base::SequencedTaskRunner> background_task_runner) { 120c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const CommandLine* command_line = CommandLine::ForCurrentProcess(); 121c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Don't initialize cloud policy for the signin profile. 122c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (chromeos::ProfileHelper::IsSigninProfile(profile)) 123c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return scoped_ptr<UserCloudPolicyManagerChromeOS>(); 124c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 125c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // |user| should never be NULL except for the signin profile. This object is 126c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // created as part of the Profile creation, which happens right after 127c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // sign-in. The just-signed-in User is the active user during that time. 1285f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) user_manager::User* user = 129116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch chromeos::ProfileHelper::Get()->GetUserByProfile(profile); 130c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CHECK(user); 131c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 132c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Only USER_TYPE_REGULAR users have user cloud policy. 13358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // USER_TYPE_RETAIL_MODE, USER_TYPE_KIOSK_APP, USER_TYPE_GUEST and 1345f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // USER_TYPE_SUPERVISED are not signed in and can't authenticate the 13558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // policy registration. 136c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // USER_TYPE_PUBLIC_ACCOUNT gets its policy from the 137c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // DeviceLocalAccountPolicyService. 138116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // Non-managed domains will be skipped by the below check 139c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const std::string& username = user->email(); 140116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (user->GetType() != user_manager::USER_TYPE_REGULAR || 141c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) BrowserPolicyConnector::IsNonEnterpriseUser(username)) { 142c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return scoped_ptr<UserCloudPolicyManagerChromeOS>(); 143c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 144c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 1455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy::BrowserPolicyConnectorChromeOS* connector = 1465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) g_browser_process->platform_part()->browser_policy_connector_chromeos(); 147c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserAffiliation affiliation = connector->GetUserAffiliation(username); 148116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const bool is_affiliated_user = affiliation == USER_AFFILIATION_MANAGED; 149c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const bool is_browser_restart = 150116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch command_line->HasSwitch(chromeos::switches::kLoginUser); 151116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const bool wait_for_initial_policy = 152116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch !is_browser_restart && 1536e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) (user_manager::UserManager::Get()->IsCurrentUserNew() || 1546e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) is_affiliated_user); 155116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 156116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const base::TimeDelta initial_policy_fetch_timeout = 1576e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) user_manager::UserManager::Get()->IsCurrentUserNew() 158116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ? base::TimeDelta::Max() 159116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch : base::TimeDelta::FromSeconds(kInitialPolicyFetchTimeoutSeconds); 160c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 161c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) DeviceManagementService* device_management_service = 162c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) connector->device_management_service(); 163c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (wait_for_initial_policy) 164c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) device_management_service->ScheduleInitialization(0); 165c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 166c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::FilePath profile_dir = profile->GetPath(); 167c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const base::FilePath legacy_dir = profile_dir.Append(kDeviceManagementDir); 168c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const base::FilePath policy_cache_file = legacy_dir.Append(kPolicy); 169c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const base::FilePath token_cache_file = legacy_dir.Append(kToken); 170f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const base::FilePath component_policy_cache_dir = 171f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) profile_dir.Append(kPolicy).Append(kComponentsDir); 172d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) const base::FilePath external_data_dir = 173d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) profile_dir.Append(kPolicy).Append(kPolicyExternalDataDir); 174c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::FilePath policy_key_dir; 175c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CHECK(PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &policy_key_dir)); 176c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 177bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben Murdoch scoped_ptr<UserCloudPolicyStoreChromeOS> store( 178c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) new UserCloudPolicyStoreChromeOS( 179c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) chromeos::DBusThreadManager::Get()->GetCryptohomeClient(), 180c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 1818bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) background_task_runner, 182c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) username, policy_key_dir, token_cache_file, policy_cache_file)); 183d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 184d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) scoped_refptr<base::SequencedTaskRunner> backend_task_runner = 185d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) content::BrowserThread::GetBlockingPool()->GetSequencedTaskRunner( 186d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) content::BrowserThread::GetBlockingPool()->GetSequenceToken()); 187d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) scoped_refptr<base::SequencedTaskRunner> io_task_runner = 188d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) content::BrowserThread::GetMessageLoopProxyForThread( 189d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) content::BrowserThread::IO); 190d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) scoped_ptr<CloudExternalDataManager> external_data_manager( 191f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) new UserCloudExternalDataManager(base::Bind(&GetChromePolicyDetails), 192d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) backend_task_runner, 193d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) io_task_runner, 194d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) external_data_dir, 195d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) store.get())); 196bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben Murdoch if (force_immediate_load) 197bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben Murdoch store->LoadImmediately(); 198bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben Murdoch 199f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) scoped_refptr<base::SequencedTaskRunner> file_task_runner = 200f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) content::BrowserThread::GetMessageLoopProxyForThread( 201f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) content::BrowserThread::FILE); 202bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben Murdoch 203c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<UserCloudPolicyManagerChromeOS> manager( 20458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) new UserCloudPolicyManagerChromeOS( 20558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) store.PassAs<CloudPolicyStore>(), 206d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) external_data_manager.Pass(), 207f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) component_policy_cache_dir, 20858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) wait_for_initial_policy, 209116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch initial_policy_fetch_timeout, 210f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) base::MessageLoopProxy::current(), 211f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) file_task_runner, 212f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) io_task_runner)); 2135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool wildcard_match = false; 2155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (connector->IsEnterpriseManaged() && 2165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::LoginUtils::IsWhitelisted(username, &wildcard_match) && 2175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) wildcard_match && 2185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) !connector->IsNonEnterpriseUser(username)) { 2195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) manager->EnableWildcardLoginCheck(username); 2205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 2215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2226d86b77056ed63eb6871182f42a9fd5f07550f90Torne (Richard Coles) manager->Init( 2236d86b77056ed63eb6871182f42a9fd5f07550f90Torne (Richard Coles) SchemaRegistryServiceFactory::GetForContext(profile)->registry()); 224c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) manager->Connect(g_browser_process->local_state(), 225c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) device_management_service, 226c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) g_browser_process->system_request_context(), 227c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) affiliation); 228c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 229c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) DCHECK(managers_.find(profile) == managers_.end()); 230c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) managers_[profile] = manager.get(); 231c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return manager.Pass(); 232c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 233c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 23490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)void UserCloudPolicyManagerFactoryChromeOS::BrowserContextShutdown( 235c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) content::BrowserContext* context) { 236c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile = static_cast<Profile*>(context); 237c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (profile->IsOffTheRecord()) 238c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return; 239c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) UserCloudPolicyManagerChromeOS* manager = GetManagerForProfile(profile); 240c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (manager) 241c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) manager->Shutdown(); 242c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 243c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 24490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)void UserCloudPolicyManagerFactoryChromeOS::BrowserContextDestroyed( 245c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) content::BrowserContext* context) { 246c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) Profile* profile = static_cast<Profile*>(context); 247c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) managers_.erase(profile); 24890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) BrowserContextKeyedBaseFactory::BrowserContextDestroyed(context); 249c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 250c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 251c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)void UserCloudPolicyManagerFactoryChromeOS::SetEmptyTestingFactory( 252c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) content::BrowserContext* context) {} 253c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 254116680a4aac90f2aa7413d9095a592090648e557Ben Murdochbool UserCloudPolicyManagerFactoryChromeOS::HasTestingFactory( 255116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch content::BrowserContext* context) { 256116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch return false; 257116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 258116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 259c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)void UserCloudPolicyManagerFactoryChromeOS::CreateServiceNow( 260c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) content::BrowserContext* context) {} 261c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 262c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace policy 263