Introduce user and device policy for shipping network configuration.

BUG=19411
TEST=None


Review URL: http://codereview.chromium.org/8144005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@104310 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 75 insertions, 23 deletions

diff --git a/chrome/app/policy/policy_templates.json b/chrome/app/policy/policy_templates.json
index 47ac224..5501964 100644
--- a/chrome/app/policy/policy_templates.json
+++ b/chrome/app/policy/policy_templates.json
@@ -94,7 +94,7 @@
 #   persistent IDs for all fields (but not for groups!) are needed. These are
 #   specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,
 #   because doing so would break the deployed wire format!
-#   For your editing convenience: highest ID currently used: 106
+#   For your editing convenience: highest ID currently used: 108
 #
 # Placeholders:
 #   The following placeholder strings are automatically substituted:
@@ -1815,7 +1815,29 @@
 
       This policy is limited to 100 entries; subsequent entries will be ignored.''',
     },
-
+    {
+      'name': 'UserNetworkConfiguration',
+      'type': 'string',
+      'supported_on': ['chrome_os:0.16-'],
+      'features': {'dynamic_refresh': 1},
+      'future': False,
+      'example_value': '{ "NetworkConfigurations": [ { "GUID": "{4b224dfd-6849-7a63-5e394343244ae9c9}", "Name": "my WiFi", "Type": "WiFi", "WiFi": { "SSID": "my WiFi", "HiddenSSID": false, "Security": "None", "AutoConnect": true } } ] }',
+      'id': 107,
+      'caption': '''User-level network configuration''',
+      'desc': '''Allows pushing network configuration to be applied per-user to a <ph name="PRODUCT_OS_NAME">$2<ex>Chromium OS</ex></ph> device. The network configuration is a JSON-formatted string as defined by the Open Network Configuration format described at https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/open-network-configuration''',
+    },
+    {
+      'name': 'DeviceNetworkConfiguration',
+      'type': 'string',
+      'supported_on': ['chrome_os:0.16-'],
+      'device_only': True,
+      'features': {'dynamic_refresh': 1},
+      'future': True,
+      'example_value': '{ "NetworkConfigurations": [ { "GUID": "{4b224dfd-6849-7a63-5e394343244ae9c9}", "Name": "my WiFi", "Type": "WiFi", "WiFi": { "SSID": "my WiFi", "HiddenSSID": false, "Security": "None", "AutoConnect": true } } ] }',
+      'id': 108,
+      'caption': '''Device-level network configuration''',
+      'desc': '''Allows pushing network configuration to be applied for all useers of a <ph name="PRODUCT_OS_NAME">$2<ex>Chromium OS</ex></ph> device. The network configuration is a JSON-formatted string as defined by the Open Network Configuration format described at https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/open-network-configuration''',
+    },
   ],
   'messages': {
     # Messages that are not associated to any policies.
diff --git a/chrome/browser/policy/device_policy_cache.cc b/chrome/browser/policy/device_policy_cache.cc
index 14109ab..dab3f91 100644
--- a/chrome/browser/policy/device_policy_cache.cc
+++ b/chrome/browser/policy/device_policy_cache.cc
@@ -344,14 +344,21 @@ void DevicePolicyCache::DecodeDevicePolicy(
 
   if (policy.has_release_channel() &&
       policy.release_channel().has_release_channel()) {
-    std::string channel = policy.release_channel().release_channel();
-    mandatory->Set(
-        kPolicyChromeOsReleaseChannel, Value::CreateStringValue(channel));
+    std::string channel(policy.release_channel().release_channel());
+    mandatory->Set(kPolicyChromeOsReleaseChannel,
+                   Value::CreateStringValue(channel));
     // TODO(dubroy): Once http://crosbug.com/17015 is implemented, we won't
     // have to pass the channel in here, only ping the update engine to tell
     // it to fetch the channel from the policy.
     chromeos::CrosLibrary::Get()->GetUpdateLibrary()->SetReleaseTrack(channel);
   }
+
+  if (policy.has_network_configuration() &&
+      policy.network_configuration().has_network_configuration()) {
+    std::string config(policy.network_configuration().network_configuration());
+    mandatory->Set(kPolicyDeviceNetworkConfiguration,
+                   Value::CreateStringValue(config));
+  }
 }
 
 }  // namespace policy
diff --git a/chrome/browser/policy/device_policy_cache_unittest.cc b/chrome/browser/policy/device_policy_cache_unittest.cc
index 35c3cdc..cb3be92 100644
--- a/chrome/browser/policy/device_policy_cache_unittest.cc
+++ b/chrome/browser/policy/device_policy_cache_unittest.cc
@@ -20,18 +20,15 @@ namespace {
 const char kTestUser[] = "test@example.com";
 
 using ::chromeos::SignedSettings;
-using ::testing::_;
 using ::testing::InSequence;
+using ::testing::_;
 
-void CreateRefreshRatePolicy(em::PolicyFetchResponse* policy,
-                             const std::string& user,
-                             int refresh_rate) {
+void CreatePolicy(em::PolicyFetchResponse* policy,
+                  const std::string& user,
+                  em::ChromeDeviceSettingsProto& settings) {
   // This method omits a few fields which currently aren't needed by tests:
   // timestamp, machine_name, policy_type, public key info.
   em::PolicyData signed_response;
-  em::ChromeDeviceSettingsProto settings;
-  settings.mutable_device_policy_refresh_rate()->
-      set_device_policy_refresh_rate(refresh_rate);
   signed_response.set_username(user);
   signed_response.set_request_token("dmtoken");
   signed_response.set_device_id("deviceid");
@@ -42,13 +39,21 @@ void CreateRefreshRatePolicy(em::PolicyFetchResponse* policy,
   policy->set_policy_data(serialized_signed_response);
 }
 
+void CreateRefreshRatePolicy(em::PolicyFetchResponse* policy,
+                             const std::string& user,
+                             int refresh_rate) {
+  em::ChromeDeviceSettingsProto settings;
+  settings.mutable_device_policy_refresh_rate()->
+      set_device_policy_refresh_rate(refresh_rate);
+  CreatePolicy(policy, user, settings);
+}
+
 void CreateProxyPolicy(em::PolicyFetchResponse* policy,
                        const std::string& user,
                        const std::string& proxy_mode,
                        const std::string& proxy_server,
                        const std::string& proxy_pac_url,
                        const std::string& proxy_bypass_list) {
-  em::PolicyData signed_response;
   em::ChromeDeviceSettingsProto settings;
   em::DeviceProxySettingsProto* proxy_settings =
       settings.mutable_device_proxy_settings();
@@ -56,14 +61,7 @@ void CreateProxyPolicy(em::PolicyFetchResponse* policy,
   proxy_settings->set_proxy_server(proxy_server);
   proxy_settings->set_proxy_pac_url(proxy_pac_url);
   proxy_settings->set_proxy_bypass_list(proxy_bypass_list);
-  signed_response.set_username(user);
-  signed_response.set_request_token("dmtoken");
-  signed_response.set_device_id("deviceid");
-  EXPECT_TRUE(
-      settings.SerializeToString(signed_response.mutable_policy_value()));
-  std::string serialized_signed_response;
-  EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response));
-  policy->set_policy_data(serialized_signed_response);
+  CreatePolicy(policy, user, settings);
 }
 
 }  // namespace
@@ -211,8 +209,6 @@ TEST_F(DevicePolicyCacheTest, SetPolicyNonEnterpriseDevice) {
 }
 
 TEST_F(DevicePolicyCacheTest, SetProxyPolicy) {
-  InSequence s;
-
   MakeEnterpriseDevice(kTestUser);
 
   // Startup.
@@ -238,4 +234,25 @@ TEST_F(DevicePolicyCacheTest, SetProxyPolicy) {
                             GetRecommendedPolicy(kPolicyProxyBypassList)));
 }
 
+TEST_F(DevicePolicyCacheTest, SetDeviceNetworkConfigurationPolicy) {
+  MakeEnterpriseDevice(kTestUser);
+
+  // Startup.
+  std::string fake_config("{ 'NetworkConfigurations': [] }");
+  em::PolicyFetchResponse policy;
+  em::ChromeDeviceSettingsProto settings;
+  settings.mutable_network_configuration()->set_network_configuration(
+      fake_config);
+  CreatePolicy(&policy, kTestUser, settings);
+  EXPECT_CALL(signed_settings_helper_, StartRetrievePolicyOp(_)).WillOnce(
+      MockSignedSettingsHelperRetrievePolicy(SignedSettings::SUCCESS,
+                                             policy));
+  cache_->Load();
+  testing::Mock::VerifyAndClearExpectations(&signed_settings_helper_);
+  StringValue expected_config(fake_config);
+  EXPECT_TRUE(
+      Value::Equals(&expected_config,
+                    GetMandatoryPolicy(kPolicyDeviceNetworkConfiguration)));
+}
+
 }  // namespace policy
diff --git a/chrome/browser/policy/proto/chrome_device_policy.proto b/chrome/browser/policy/proto/chrome_device_policy.proto
index f2e58e0..d0846b3 100644
--- a/chrome/browser/policy/proto/chrome_device_policy.proto
+++ b/chrome/browser/policy/proto/chrome_device_policy.proto
@@ -80,6 +80,11 @@ message ReleaseChannelProto {
   optional string release_channel = 1;
 }
 
+message NetworkConfigurationProto {
+  // The network configuration blob. This is a JSON string as specified by ONC.
+  optional string network_configuration = 1;
+}
+
 message ChromeDeviceSettingsProto {
   optional DevicePolicyRefreshRateProto device_policy_refresh_rate = 1;
   optional UserWhitelistProto user_whitelist = 2;
@@ -91,4 +96,5 @@ message ChromeDeviceSettingsProto {
   optional AllowNewUsersProto allow_new_users = 8;
   optional MetricsEnabledProto metrics_enabled = 9;
   optional ReleaseChannelProto release_channel = 10;
+  optional NetworkConfigurationProto network_configuration = 11;
 }