15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 25d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// found in the LICENSE file. 45d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 55d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/policy/chrome_browser_policy_connector.h" 65d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 75d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include <string> 85d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 95d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/callback.h" 105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/command_line.h" 115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/files/file_path.h" 125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/logging.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/path_service.h" 155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/strings/sys_string_conversions.h" 165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/policy/configuration_policy_handler_list_factory.h" 175c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu#include "chrome/browser/policy/device_management_service_configuration.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/common/chrome_paths.h" 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/async_policy_provider.h" 205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/cloud/device_management_service.h" 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/configuration_policy_provider.h" 22010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "components/policy/core/common/policy_map.h" 23010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "components/policy/core/common/policy_namespace.h" 24010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "components/policy/core/common/policy_service.h" 255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/policy_types.h" 26010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)#include "components/signin/core/common/signin_switches.h" 275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "content/public/browser/browser_thread.h" 285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "net/url_request/url_request_context_getter.h" 295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "policy/policy_constants.h" 305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#if defined(OS_WIN) 325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/policy_loader_win.h" 335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_MACOSX) 345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include <CoreFoundation/CoreFoundation.h> 355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/policy_loader_mac.h" 365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/preferences_mac.h" 375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_POSIX) && !defined(OS_ANDROID) 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/config_dir_policy_loader.h" 395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_ANDROID) 405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "components/policy/core/common/policy_provider_android.h" 415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#endif 425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)using content::BrowserThread; 445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace policy { 465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace { 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#if defined(OS_MACOSX) 505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)base::FilePath GetManagedPolicyPath() { 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // This constructs the path to the plist file in which Mac OS X stores the 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // managed preference for the application. This is undocumented and therefore 535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // fragile, but if it doesn't work out, AsyncPolicyLoader has a task that 545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // polls periodically in order to reload managed preferences later even if we 555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // missed the change. 565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FilePath path; 575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (!PathService::Get(chrome::DIR_MANAGED_PREFS, &path)) 585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return base::FilePath(); 595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CFBundleRef bundle(CFBundleGetMainBundle()); 615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (!bundle) 625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return base::FilePath(); 635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CFStringRef bundle_id = CFBundleGetIdentifier(bundle); 655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (!bundle_id) 665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return base::FilePath(); 675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return path.Append(base::SysCFStringRefToUTF8(bundle_id) + ".plist"); 695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#endif // defined(OS_MACOSX) 715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace 735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ChromeBrowserPolicyConnector::ChromeBrowserPolicyConnector() 755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) : BrowserPolicyConnector(base::Bind(&BuildHandlerList)) { 765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ConfigurationPolicyProvider* platform_provider = CreatePlatformProvider(); 775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (platform_provider) 785d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPlatformPolicyProvider(make_scoped_ptr(platform_provider)); 795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ChromeBrowserPolicyConnector::~ChromeBrowserPolicyConnector() {} 825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)void ChromeBrowserPolicyConnector::Init( 845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PrefService* local_state, 855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_refptr<net::URLRequestContextGetter> request_context) { 865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Initialization of some of the providers requires the FILE thread; make 875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // sure that threading is ready at this point. 885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DCHECK(BrowserThread::IsThreadInitialized(BrowserThread::FILE)); 895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<DeviceManagementService::Configuration> configuration( 915c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu new DeviceManagementServiceConfiguration( 925c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu BrowserPolicyConnector::GetDeviceManagementUrl())); 935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<DeviceManagementService> device_management_service( 945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new DeviceManagementService(configuration.Pass())); 955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) device_management_service->ScheduleInitialization( 965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) kServiceInitializationStartupDelay); 975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) BrowserPolicyConnector::Init( 995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) local_state, request_context, device_management_service.Pass()); 100010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 101010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) AppendExtraFlagPerPolicy(); 1025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 1035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)ConfigurationPolicyProvider* 1055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ChromeBrowserPolicyConnector::CreatePlatformProvider() { 1065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#if defined(OS_WIN) 1075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<AsyncPolicyLoader> loader(PolicyLoaderWin::Create( 1085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE), 1095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) kRegistryChromePolicyKey)); 1105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass()); 1115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_MACOSX) 1125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<AsyncPolicyLoader> loader(new PolicyLoaderMac( 1135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE), 1145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) GetManagedPolicyPath(), 1155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new MacPreferences())); 1165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass()); 1175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_POSIX) && !defined(OS_ANDROID) 1185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FilePath config_dir_path; 1195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (PathService::Get(chrome::DIR_POLICY_FILES, &config_dir_path)) { 1205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<AsyncPolicyLoader> loader(new ConfigDirPolicyLoader( 1215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE), 1225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) config_dir_path, 1235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) POLICY_SCOPE_MACHINE)); 1245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass()); 1255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } else { 1265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return NULL; 1275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#elif defined(OS_ANDROID) 1295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return new PolicyProviderAndroid(); 1305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#else 1315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return NULL; 1325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#endif 1335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 135010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)void ChromeBrowserPolicyConnector::AppendExtraFlagPerPolicy() { 136010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) PolicyService* policy_service = GetPolicyService(); 137010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) PolicyNamespace chrome_ns = PolicyNamespace(POLICY_DOMAIN_CHROME, ""); 138010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) const PolicyMap& chrome_policy = policy_service->GetPolicies(chrome_ns); 139010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) const base::Value* policy_value = 140010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) chrome_policy.GetValue(key::kEnableWebBasedSignin); 141010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) bool enabled = false; 142010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) CommandLine* command_line = CommandLine::ForCurrentProcess(); 143010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) if (policy_value && policy_value->GetAsBoolean(&enabled) && enabled && 144010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) !command_line->HasSwitch(switches::kEnableWebBasedSignin)) { 145010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) command_line->AppendSwitch(switches::kEnableWebBasedSignin); 146010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) } 147010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles)} 148010d83a9304c5a91596085d917d248abff47903aTorne (Richard Coles) 1495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace policy 150