diff options
author | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-21 00:03:03 +0000 |
---|---|---|
committer | bauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-21 00:03:03 +0000 |
commit | a19df3e39dfcf782db89917cc979ade4d6785101 (patch) | |
tree | b0fbdc8b94d23709defce9a701d08851d8416ab2 /chrome | |
parent | 189f80fb7c09dcdc5d82a55052eaf675fcf2830a (diff) | |
download | chromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.zip chromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.tar.gz chromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.tar.bz2 |
Set up Sync for managed users.
When a managed user is created, silently set up Sync for them to sync managed user settings. Also, add a command line flag for testing.
TBR=erg@chromium.org,sky@chromium.org
BUG=226449
Review URL: https://chromiumcodereview.appspot.com/12889004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201174 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
15 files changed, 355 insertions, 107 deletions
diff --git a/chrome/browser/managed_mode/managed_user_service.cc b/chrome/browser/managed_mode/managed_user_service.cc index d227b1d..96f1cc8 100644 --- a/chrome/browser/managed_mode/managed_user_service.cc +++ b/chrome/browser/managed_mode/managed_user_service.cc @@ -4,6 +4,7 @@ #include "chrome/browser/managed_mode/managed_user_service.h" +#include "base/command_line.h" #include "base/memory/ref_counted.h" #include "base/prefs/pref_service.h" #include "base/sequenced_task_runner.h" @@ -18,14 +19,21 @@ #include "chrome/browser/policy/profile_policy_connector_factory.h" #include "chrome/browser/prefs/scoped_user_pref_update.h" #include "chrome/browser/profiles/profile.h" +#include "chrome/browser/signin/token_service.h" +#include "chrome/browser/signin/token_service_factory.h" +#include "chrome/browser/sync/glue/session_model_associator.h" +#include "chrome/browser/sync/profile_sync_service.h" +#include "chrome/browser/sync/profile_sync_service_factory.h" #include "chrome/browser/ui/browser.h" #include "chrome/browser/ui/tabs/tab_strip_model.h" #include "chrome/common/chrome_notification_types.h" +#include "chrome/common/chrome_switches.h" #include "chrome/common/extensions/api/managed_mode_private/managed_mode_handler.h" #include "chrome/common/extensions/extension_set.h" #include "chrome/common/pref_names.h" #include "components/user_prefs/pref_registry_syncable.h" #include "content/public/browser/browser_thread.h" +#include "google_apis/gaia/gaia_constants.h" #include "google_apis/gaia/google_service_auth_error.h" #include "grit/generated_resources.h" #include "policy/policy_constants.h" @@ -37,6 +45,8 @@ using content::BrowserThread; namespace { +const char kManagedUserPseudoEmail[] = "managed_user@localhost"; + std::string CanonicalizeHostname(const std::string& hostname) { std::string canonicalized; url_canon::StdStringCanonOutput output(&canonicalized); @@ -118,11 +128,15 @@ ManagedUserService::ManagedUserService(Profile* profile) profile_(profile), elevated_for_testing_(false) {} -ManagedUserService::~ManagedUserService() { -} +ManagedUserService::~ManagedUserService() {} bool ManagedUserService::ProfileIsManaged() const { - return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); + return ProfileIsManaged(profile_); +} + +// static +bool ManagedUserService::ProfileIsManaged(Profile* profile) { + return profile->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); } bool ManagedUserService::IsElevatedForWebContents( @@ -172,16 +186,13 @@ void ManagedUserService::RegisterUserPrefs( prefs::kManagedModeManualURLs, user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); registry->RegisterIntegerPref( - prefs::kDefaultManagedModeFilteringBehavior, - ManagedModeURLFilter::ALLOW, + prefs::kDefaultManagedModeFilteringBehavior, ManagedModeURLFilter::ALLOW, user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); registry->RegisterStringPref( - prefs::kManagedModeLocalPassphrase, - std::string(), + prefs::kManagedModeLocalPassphrase, std::string(), user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); registry->RegisterStringPref( - prefs::kManagedModeLocalSalt, - std::string(), + prefs::kManagedModeLocalSalt, std::string(), user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); } @@ -211,7 +222,7 @@ int ManagedUserService::GetCategory(const GURL& url) { // static void ManagedUserService::GetCategoryNames(CategoryList* list) { ManagedModeSiteList::GetCategoryNames(list); -}; +} std::string ManagedUserService::GetDebugPolicyProviderName() const { // Save the string space in official builds. @@ -439,10 +450,42 @@ void ManagedUserService::InitForTesting() { Init(); } +void ManagedUserService::InitSync(const std::string& sync_token) { + ProfileSyncService* service = + ProfileSyncServiceFactory::GetForProfile(profile_); + DCHECK(!service->sync_initialized()); + // Tell the sync service that setup is in progress so we don't start syncing + // until we've finished configuration. + service->SetSetupInProgress(true); + + TokenService* token_service = TokenServiceFactory::GetForProfile(profile_); + token_service->AddAuthTokenManually(GaiaConstants::kSyncService, sync_token); + + bool sync_everything = false; + syncer::ModelTypeSet synced_datatypes; + synced_datatypes.Put(syncer::MANAGED_USER_SETTINGS); + service->OnUserChoseDatatypes(sync_everything, synced_datatypes); + + // Notify ProfileSyncService that we are done with configuration. + service->SetSetupInProgress(false); + service->SetSyncSetupCompleted(); +} + +// static +const char* ManagedUserService::GetManagedUserPseudoEmail() { + return kManagedUserPseudoEmail; +} + void ManagedUserService::Init() { if (!ProfileIsManaged()) return; + CommandLine* command_line = CommandLine::ForCurrentProcess(); + if (command_line->HasSwitch(switches::kManagedUserSyncToken)) { + InitSync( + command_line->GetSwitchValueASCII(switches::kManagedUserSyncToken)); + } + extensions::ExtensionSystem* extension_system = extensions::ExtensionSystem::Get(profile_); extensions::ManagementPolicy* management_policy = @@ -458,15 +501,12 @@ void ManagedUserService::Init() { pref_change_registrar_.Init(profile_->GetPrefs()); pref_change_registrar_.Add( prefs::kDefaultManagedModeFilteringBehavior, - base::Bind( - &ManagedUserService::OnDefaultFilteringBehaviorChanged, + base::Bind(&ManagedUserService::OnDefaultFilteringBehaviorChanged, base::Unretained(this))); - pref_change_registrar_.Add( - prefs::kManagedModeManualHosts, + pref_change_registrar_.Add(prefs::kManagedModeManualHosts, base::Bind(&ManagedUserService::UpdateManualHosts, base::Unretained(this))); - pref_change_registrar_.Add( - prefs::kManagedModeManualURLs, + pref_change_registrar_.Add(prefs::kManagedModeManualURLs, base::Bind(&ManagedUserService::UpdateManualURLs, base::Unretained(this))); @@ -484,10 +524,6 @@ void ManagedUserService::Init() { UpdateManualURLs(); } -void ManagedUserService::InitSync(const std::string& token) { - // TODO(bauerb): This is a dummy implementation. -} - void ManagedUserService::RegisterAndInitSync( ManagedUserRegistrationService* registration_service) { string16 name = UTF8ToUTF16(profile_->GetProfileName()); diff --git a/chrome/browser/managed_mode/managed_user_service.h b/chrome/browser/managed_mode/managed_user_service.h index fc25e8e..c7c09df 100644 --- a/chrome/browser/managed_mode/managed_user_service.h +++ b/chrome/browser/managed_mode/managed_user_service.h @@ -50,6 +50,10 @@ class ManagedUserService : public ProfileKeyedService, bool ProfileIsManaged() const; + // Checks whether the given profile is managed without constructing a + // ManagedUserService (which could lead to cyclic dependencies). + static bool ProfileIsManaged(Profile* profile); + // Returns the elevation state for specific WebContents. bool IsElevatedForWebContents(const content::WebContents* web_contents) const; @@ -108,8 +112,8 @@ class ManagedUserService : public ProfileKeyedService, // Marks the profile as managed and initializes it. void InitForTesting(); - // Initializes this object for syncing managed-user-related data with the - // server. + // Initializes this profile for syncing, using the provided |token| to + // authenticate requests. void InitSync(const std::string& token); // Convenience method that registers this managed user with @@ -119,6 +123,10 @@ class ManagedUserService : public ProfileKeyedService, void RegisterAndInitSync( ManagedUserRegistrationService* registration_service); + // Returns a pseudo-email address for systems that expect well-formed email + // addresses (like Sync), even though we're not signed in. + static const char* GetManagedUserPseudoEmail(); + void set_elevated_for_testing(bool skip) { elevated_for_testing_ = skip; } diff --git a/chrome/browser/managed_mode/managed_user_service_unittest.cc b/chrome/browser/managed_mode/managed_user_service_unittest.cc index 835efa5..3cdf171 100644 --- a/chrome/browser/managed_mode/managed_user_service_unittest.cc +++ b/chrome/browser/managed_mode/managed_user_service_unittest.cc @@ -16,6 +16,7 @@ #include "chrome/common/chrome_paths.h" #include "chrome/common/pref_names.h" #include "chrome/test/base/testing_profile.h" +#include "content/public/test/test_browser_thread.h" #include "content/public/test/test_utils.h" #include "testing/gtest/include/gtest/gtest.h" @@ -54,57 +55,63 @@ class ManagedModeURLFilterObserver : public ManagedModeURLFilter::Observer { scoped_refptr<MessageLoopRunner> message_loop_runner_; }; +class ManagedUserServiceTest : public ::testing::Test { + public: + ManagedUserServiceTest() : ui_thread_(content::BrowserThread::UI, + &message_loop_), + managed_user_service_(&profile_) {} + virtual ~ManagedUserServiceTest() {} + + protected: + MessageLoop message_loop_; + content::TestBrowserThread ui_thread_; + TestingProfile profile_; + ManagedUserService managed_user_service_; +}; + } // namespace -TEST(ManagedUserServiceTest, ExtensionManagementPolicyProvider) { - MessageLoop message_loop; - TestingProfile profile; - { - ManagedUserService managed_user_service(&profile); - EXPECT_FALSE(managed_user_service.ProfileIsManaged()); +TEST_F(ManagedUserServiceTest, ExtensionManagementPolicyProviderUnmanaged) { + EXPECT_FALSE(managed_user_service_.ProfileIsManaged()); - string16 error_1; - EXPECT_TRUE(managed_user_service.UserMayLoad(NULL, &error_1)); - EXPECT_EQ(string16(), error_1); + string16 error_1; + EXPECT_TRUE(managed_user_service_.UserMayLoad(NULL, &error_1)); + EXPECT_EQ(string16(), error_1); - string16 error_2; - EXPECT_TRUE(managed_user_service.UserMayModifySettings(NULL, &error_2)); - EXPECT_EQ(string16(), error_2); - } + string16 error_2; + EXPECT_TRUE(managed_user_service_.UserMayModifySettings(NULL, &error_2)); + EXPECT_EQ(string16(), error_2); +} - { - ManagedUserService managed_user_service(&profile); - ManagedModeURLFilterObserver observer( - managed_user_service.GetURLFilterForUIThread()); - managed_user_service.InitForTesting(); - EXPECT_TRUE(managed_user_service.ProfileIsManaged()); +TEST_F(ManagedUserServiceTest, ExtensionManagementPolicyProviderManaged) { + ManagedModeURLFilterObserver observer( + managed_user_service_.GetURLFilterForUIThread()); + managed_user_service_.InitForTesting(); + EXPECT_TRUE(managed_user_service_.ProfileIsManaged()); - string16 error_1; - EXPECT_FALSE(managed_user_service.UserMayLoad(NULL, &error_1)); - EXPECT_FALSE(error_1.empty()); + string16 error_1; + EXPECT_FALSE(managed_user_service_.UserMayLoad(NULL, &error_1)); + EXPECT_FALSE(error_1.empty()); - string16 error_2; - EXPECT_FALSE(managed_user_service.UserMayModifySettings(NULL, &error_2)); - EXPECT_FALSE(error_2.empty()); + string16 error_2; + EXPECT_FALSE(managed_user_service_.UserMayModifySettings(NULL, &error_2)); + EXPECT_FALSE(error_2.empty()); #ifndef NDEBUG - EXPECT_FALSE(managed_user_service.GetDebugPolicyProviderName().empty()); + EXPECT_FALSE(managed_user_service_.GetDebugPolicyProviderName().empty()); #endif - // Wait for the initial update to finish (otherwise we'll get leaks). - observer.Wait(); - } + // Wait for the initial update to finish (otherwise we'll get leaks). + observer.Wait(); } -TEST(ManagedUserServiceTest, GetManualExceptionsForHost) { - TestingProfile profile; - ManagedUserService managed_user_service(&profile); +TEST_F(ManagedUserServiceTest, GetManualExceptionsForHost) { GURL kExampleFooURL("http://www.example.com/foo"); GURL kExampleBarURL("http://www.example.com/bar"); GURL kExampleFooNoWWWURL("http://example.com/foo"); GURL kBlurpURL("http://blurp.net/bla"); GURL kMooseURL("http://moose.org/baz"); { - DictionaryPrefUpdate update(profile.GetPrefs(), + DictionaryPrefUpdate update(profile_.GetPrefs(), prefs::kManagedModeManualURLs); base::DictionaryValue* dict = update.Get(); dict->SetBooleanWithoutPathExpansion(kExampleFooURL.spec(), true); @@ -114,24 +121,24 @@ TEST(ManagedUserServiceTest, GetManualExceptionsForHost) { } EXPECT_EQ(ManagedUserService::MANUAL_ALLOW, - managed_user_service.GetManualBehaviorForURL(kExampleFooURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleFooURL)); EXPECT_EQ(ManagedUserService::MANUAL_BLOCK, - managed_user_service.GetManualBehaviorForURL(kExampleBarURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleBarURL)); EXPECT_EQ(ManagedUserService::MANUAL_ALLOW, - managed_user_service.GetManualBehaviorForURL(kExampleFooNoWWWURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleFooNoWWWURL)); EXPECT_EQ(ManagedUserService::MANUAL_ALLOW, - managed_user_service.GetManualBehaviorForURL(kBlurpURL)); + managed_user_service_.GetManualBehaviorForURL(kBlurpURL)); EXPECT_EQ(ManagedUserService::MANUAL_NONE, - managed_user_service.GetManualBehaviorForURL(kMooseURL)); + managed_user_service_.GetManualBehaviorForURL(kMooseURL)); std::vector<GURL> exceptions; - managed_user_service.GetManualExceptionsForHost("www.example.com", + managed_user_service_.GetManualExceptionsForHost("www.example.com", &exceptions); ASSERT_EQ(2u, exceptions.size()); EXPECT_EQ(kExampleBarURL, exceptions[0]); EXPECT_EQ(kExampleFooURL, exceptions[1]); { - DictionaryPrefUpdate update(profile.GetPrefs(), + DictionaryPrefUpdate update(profile_.GetPrefs(), prefs::kManagedModeManualURLs); base::DictionaryValue* dict = update.Get(); for (std::vector<GURL>::iterator it = exceptions.begin(); @@ -141,15 +148,15 @@ TEST(ManagedUserServiceTest, GetManualExceptionsForHost) { } EXPECT_EQ(ManagedUserService::MANUAL_NONE, - managed_user_service.GetManualBehaviorForURL(kExampleFooURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleFooURL)); EXPECT_EQ(ManagedUserService::MANUAL_NONE, - managed_user_service.GetManualBehaviorForURL(kExampleBarURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleBarURL)); EXPECT_EQ(ManagedUserService::MANUAL_ALLOW, - managed_user_service.GetManualBehaviorForURL(kExampleFooNoWWWURL)); + managed_user_service_.GetManualBehaviorForURL(kExampleFooNoWWWURL)); EXPECT_EQ(ManagedUserService::MANUAL_ALLOW, - managed_user_service.GetManualBehaviorForURL(kBlurpURL)); + managed_user_service_.GetManualBehaviorForURL(kBlurpURL)); EXPECT_EQ(ManagedUserService::MANUAL_NONE, - managed_user_service.GetManualBehaviorForURL(kMooseURL)); + managed_user_service_.GetManualBehaviorForURL(kMooseURL)); } class ManagedUserServiceExtensionTest : public ExtensionServiceTestBase { diff --git a/chrome/browser/policy/cloud/user_policy_signin_service.cc b/chrome/browser/policy/cloud/user_policy_signin_service.cc index cdb4bc0..f93bf21 100644 --- a/chrome/browser/policy/cloud/user_policy_signin_service.cc +++ b/chrome/browser/policy/cloud/user_policy_signin_service.cc @@ -364,7 +364,6 @@ void UserPolicySigninService::Observe( // Note that the profile manager is NULL in unit tests. if (g_browser_process->profile_manager() && g_browser_process->profile_manager()->will_import()) { - DCHECK_EQ(chrome::NOTIFICATION_PROFILE_ADDED, type); return; } diff --git a/chrome/browser/policy/managed_mode_policy_provider.cc b/chrome/browser/policy/managed_mode_policy_provider.cc index 1145e32..626f17bf 100644 --- a/chrome/browser/policy/managed_mode_policy_provider.cc +++ b/chrome/browser/policy/managed_mode_policy_provider.cc @@ -4,6 +4,8 @@ #include "chrome/browser/policy/managed_mode_policy_provider.h" +#include "base/json/json_reader.h" +#include "base/json/json_writer.h" #include "base/prefs/json_pref_store.h" #include "base/threading/sequenced_worker_pool.h" #include "chrome/browser/managed_mode/managed_mode_url_filter.h" @@ -13,10 +15,36 @@ #include "chrome/common/chrome_constants.h" #include "content/public/browser/browser_thread.h" #include "policy/policy_constants.h" +#include "sync/api/sync_change.h" +#include "sync/protocol/sync.pb.h" using base::DictionaryValue; using base::Value; using content::BrowserThread; +using syncer::MANAGED_USER_SETTINGS; +using syncer::ModelType; +using syncer::SyncChange; +using syncer::SyncChangeList; +using syncer::SyncChangeProcessor; +using syncer::SyncData; +using syncer::SyncDataList; +using syncer::SyncError; +using syncer::SyncErrorFactory; +using syncer::SyncMergeResult; + +namespace { + +SyncData CreateSyncDataForLocalPolicy(const std::string& name, + const Value* value) { + std::string json_value; + base::JSONWriter::Write(value, &json_value); + ::sync_pb::EntitySpecifics specifics; + specifics.mutable_managed_user_setting()->set_name(name); + specifics.mutable_managed_user_setting()->set_value(json_value); + return SyncData::CreateLocalData(name, name, specifics); +} + +} // namespace namespace policy { @@ -110,6 +138,7 @@ void ManagedModePolicyProvider::SetPolicy(const std::string& key, else dict->RemoveWithoutPathExpansion(key, NULL); + // TODO(bauerb): Report changes to sync. store_->ReportValueChanged(kPolicies); UpdatePolicyFromCache(); } @@ -137,6 +166,106 @@ void ManagedModePolicyProvider::OnInitializationCompleted(bool success) { UpdatePolicyFromCache(); } +SyncMergeResult ManagedModePolicyProvider::MergeDataAndStartSyncing( + ModelType type, + const SyncDataList& initial_sync_data, + scoped_ptr<SyncChangeProcessor> sync_processor, + scoped_ptr<SyncErrorFactory> error_handler) { + DCHECK_EQ(MANAGED_USER_SETTINGS, type); + sync_processor_ = sync_processor.Pass(); + error_handler_ = error_handler.Pass(); + DictionaryValue* policy = GetCachedPolicy(); + base::JSONReader reader; + std::set<std::string> seen_keys; + for (SyncDataList::const_iterator it = initial_sync_data.begin(); + it != initial_sync_data.end(); ++it) { + DCHECK_EQ(MANAGED_USER_SETTINGS, it->GetDataType()); + const ::sync_pb::ManagedUserSettingSpecifics& managed_user_setting = + it->GetSpecifics().managed_user_setting(); + Value* value = reader.Read(managed_user_setting.value()); + seen_keys.insert(managed_user_setting.name()); + policy->SetWithoutPathExpansion(managed_user_setting.name(), value); + } + + SyncChangeList change_list; + for (DictionaryValue::Iterator it(*policy); !it.IsAtEnd(); it.Advance()) { + // Send all local policies that are not in the initial sync list + // to the server. + if (seen_keys.find(it.key()) != seen_keys.end()) + continue; + + SyncData data = CreateSyncDataForLocalPolicy(it.key(), &it.value()); + change_list.push_back(SyncChange(FROM_HERE, SyncChange::ACTION_ADD, data)); + } + sync_processor_->ProcessSyncChanges(FROM_HERE, change_list); + + store_->ReportValueChanged(kPolicies); + UpdatePolicyFromCache(); + + SyncMergeResult result(MANAGED_USER_SETTINGS); + return result; +} + +void ManagedModePolicyProvider::StopSyncing(ModelType type) { + DCHECK_EQ(syncer::MANAGED_USER_SETTINGS, type); + sync_processor_.reset(); + error_handler_.reset(); +} + +SyncDataList ManagedModePolicyProvider::GetAllSyncData(ModelType type) const { + DCHECK_EQ(syncer::MANAGED_USER_SETTINGS, type); + SyncDataList data; + DictionaryValue* policy = GetCachedPolicy(); + for (DictionaryValue::Iterator it(*policy); !it.IsAtEnd(); it.Advance()) { + data.push_back(CreateSyncDataForLocalPolicy(it.key(), &it.value())); + } + return data; +} + +SyncError ManagedModePolicyProvider::ProcessSyncChanges( + const tracked_objects::Location& from_here, + const SyncChangeList& change_list) { + SyncError error; + DictionaryValue* policy = GetCachedPolicy(); + base::JSONReader reader; + for (SyncChangeList::const_iterator it = change_list.begin(); + it != change_list.end(); ++it) { + SyncData data = it->sync_data(); + DCHECK_EQ(MANAGED_USER_SETTINGS, data.GetDataType()); + const ::sync_pb::ManagedUserSettingSpecifics& managed_user_setting = + data.GetSpecifics().managed_user_setting(); + switch (it->change_type()) { + case SyncChange::ACTION_ADD: + case SyncChange::ACTION_UPDATE: { + Value* value = reader.Read(managed_user_setting.value()); + if (policy->HasKey(managed_user_setting.name())) { + DLOG_IF(WARNING, it->change_type() == SyncChange::ACTION_ADD) + << "Value for key " << managed_user_setting.name() + << " already exists"; + } else { + DLOG_IF(WARNING, it->change_type() == SyncChange::ACTION_UPDATE) + << "Value for key " << managed_user_setting.name() + << " doesn't exist yet"; + } + policy->SetWithoutPathExpansion(managed_user_setting.name(), value); + break; + } + case SyncChange::ACTION_DELETE: { + DLOG_IF(WARNING, !policy->HasKey(managed_user_setting.name())) + << "Trying to delete non-existing key " + << managed_user_setting.name(); + policy->RemoveWithoutPathExpansion(managed_user_setting.name(), NULL); + break; + } + case SyncChange::ACTION_INVALID: { + NOTREACHED(); + break; + } + } + } + return error; +} + DictionaryValue* ManagedModePolicyProvider::GetCachedPolicy() const { Value* value = NULL; if (!store_->GetMutableValue(kPolicies, &value)) @@ -152,9 +281,8 @@ void ManagedModePolicyProvider::UpdatePolicyFromCache() { scoped_ptr<PolicyBundle> policy_bundle(new PolicyBundle); DictionaryValue* policies = GetCachedPolicy(); if (policies) { - PolicyMap* policy_map = - &policy_bundle->Get(PolicyNamespace(POLICY_DOMAIN_CHROME, - std::string())); + PolicyMap* policy_map = &policy_bundle->Get( + PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())); policy_map->LoadFrom(policies, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER); } UpdatePolicy(policy_bundle.Pass()); diff --git a/chrome/browser/policy/managed_mode_policy_provider.h b/chrome/browser/policy/managed_mode_policy_provider.h index ab7cf1c..248cb00 100644 --- a/chrome/browser/policy/managed_mode_policy_provider.h +++ b/chrome/browser/policy/managed_mode_policy_provider.h @@ -8,6 +8,8 @@ #include "base/memory/ref_counted.h" #include "base/prefs/pref_store.h" #include "chrome/browser/policy/configuration_policy_provider.h" +#include "sync/api/sync_error_factory.h" +#include "sync/api/syncable_service.h" class PersistentPrefStore; class Profile; @@ -23,7 +25,8 @@ namespace policy { // JSON format. class ManagedModePolicyProvider : public ConfigurationPolicyProvider, - public PrefStore::Observer { + public PrefStore::Observer, + public syncer::SyncableService { public: // The dictionary key under which we store the policy dictionary. Public for // testing. @@ -80,6 +83,19 @@ class ManagedModePolicyProvider virtual void OnPrefValueChanged(const std::string& key) OVERRIDE; virtual void OnInitializationCompleted(bool success) OVERRIDE; + // SyncableService implementation: + virtual syncer::SyncMergeResult MergeDataAndStartSyncing( + syncer::ModelType type, + const syncer::SyncDataList& initial_sync_data, + scoped_ptr<syncer::SyncChangeProcessor> sync_processor, + scoped_ptr<syncer::SyncErrorFactory> error_handler) OVERRIDE; + virtual void StopSyncing(syncer::ModelType type) OVERRIDE; + virtual syncer::SyncDataList GetAllSyncData( + syncer::ModelType type) const OVERRIDE; + virtual syncer::SyncError ProcessSyncChanges( + const tracked_objects::Location& from_here, + const syncer::SyncChangeList& change_list) OVERRIDE; + private: base::DictionaryValue* GetCachedPolicy() const; void UpdatePolicyFromCache(); @@ -87,6 +103,9 @@ class ManagedModePolicyProvider // Used for persisting policies. Unlike other PrefStores, this one is not // hooked up to the PrefService. scoped_refptr<PersistentPrefStore> store_; + + scoped_ptr<syncer::SyncChangeProcessor> sync_processor_; + scoped_ptr<syncer::SyncErrorFactory> error_handler_; }; } // namespace policy diff --git a/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc b/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc index e4a3d15..fc33cdb 100644 --- a/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc +++ b/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc @@ -100,6 +100,10 @@ #endif #endif +#if defined(ENABLE_MANAGED_USERS) +#include "chrome/browser/managed_mode/managed_user_service_factory.h" +#endif + #if defined(OS_CHROMEOS) #include "chrome/browser/chromeos/extensions/input_method_api.h" #include "chrome/browser/chromeos/extensions/media_player_api.h" @@ -147,7 +151,7 @@ ChromeBrowserMainExtraPartsProfiles::~ChromeBrowserMainExtraPartsProfiles() { void ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() { AboutSigninInternalsFactory::GetInstance(); - + autofill::PersonalDataManagerFactory::GetInstance(); #if defined(ENABLE_BACKGROUND) BackgroundContentsServiceFactory::GetInstance(); #endif @@ -156,6 +160,12 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() { captive_portal::CaptivePortalServiceFactory::GetInstance(); #endif ChromeGeolocationPermissionContextFactory::GetInstance(); +#if defined(OS_CHROMEOS) + chromeos::NetworkingPrivateEventRouterFactory::GetInstance(); +#endif +#if defined(ENABLE_INPUT_SPEECH) + ChromeSpeechRecognitionPreferences::InitializeFactory(); +#endif #if defined(ENABLE_PRINTING) CloudPrintProxyServiceFactory::GetInstance(); #endif @@ -226,16 +236,15 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() { GlobalErrorServiceFactory::GetInstance(); GoogleURLTrackerFactory::GetInstance(); HistoryServiceFactory::GetInstance(); +#if defined(ENABLE_MANAGED_USERS) + ManagedUserServiceFactory::GetInstance(); +#endif #if !defined(OS_ANDROID) - notifier::ChromeNotifierServiceFactory::GetInstance(); MediaGalleriesPreferencesFactory::GetInstance(); -#endif -#if defined(OS_CHROMEOS) - chromeos::NetworkingPrivateEventRouterFactory::GetInstance(); + notifier::ChromeNotifierServiceFactory::GetInstance(); #endif NTPResourceCacheFactory::GetInstance(); PasswordStoreFactory::GetInstance(); - autofill::PersonalDataManagerFactory::GetInstance(); #if !defined(OS_ANDROID) PinnedTabServiceFactory::GetInstance(); #endif @@ -263,12 +272,9 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() { SessionServiceFactory::GetInstance(); #endif ShortcutsBackendFactory::GetInstance(); - ThumbnailServiceFactory::GetInstance(); SigninManagerFactory::GetInstance(); -#if defined(ENABLE_INPUT_SPEECH) - ChromeSpeechRecognitionPreferences::InitializeFactory(); -#endif SpellcheckServiceFactory::GetInstance(); + ThumbnailServiceFactory::GetInstance(); TabRestoreServiceFactory::GetInstance(); TemplateURLFetcherFactory::GetInstance(); TemplateURLServiceFactory::GetInstance(); diff --git a/chrome/browser/profiles/profile_metrics.cc b/chrome/browser/profiles/profile_metrics.cc index 3855e11..6087a95 100644 --- a/chrome/browser/profiles/profile_metrics.cc +++ b/chrome/browser/profiles/profile_metrics.cc @@ -9,7 +9,6 @@ #include "base/metrics/histogram.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/managed_mode/managed_user_service.h" -#include "chrome/browser/managed_mode/managed_user_service_factory.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/profiles/profile_info_cache.h" #include "chrome/browser/profiles/profile_manager.h" @@ -233,9 +232,7 @@ void ProfileMetrics::LogProfileLaunch(Profile* profile) { GetProfileType(profile_path), NUM_PROFILE_TYPE_METRICS); - ManagedUserService* service = - ManagedUserServiceFactory::GetForProfile(profile); - if (service->ProfileIsManaged()) { + if (ManagedUserService::ProfileIsManaged(profile)) { content::RecordAction( content::UserMetricsAction("ManagedMode_NewManagedUserWindow")); } diff --git a/chrome/browser/sync/profile_sync_components_factory_impl.cc b/chrome/browser/sync/profile_sync_components_factory_impl.cc index 17937d4..417f046 100644 --- a/chrome/browser/sync/profile_sync_components_factory_impl.cc +++ b/chrome/browser/sync/profile_sync_components_factory_impl.cc @@ -11,11 +11,6 @@ #include "chrome/browser/extensions/extension_system_factory.h" #include "chrome/browser/history/history_service.h" #include "chrome/browser/history/history_service_factory.h" -#include "components/autofill/browser/webdata/autofill_webdata_service.h" -#if !defined(OS_ANDROID) -#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service.h" -#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service_factory.h" -#endif #include "chrome/browser/prefs/pref_model_associator.h" #include "chrome/browser/prefs/pref_service_syncable.h" #include "chrome/browser/profiles/profile.h" @@ -60,9 +55,22 @@ #include "chrome/browser/webdata/autofill_profile_syncable_service.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/pref_names.h" +#include "components/autofill/browser/webdata/autofill_webdata_service.h" #include "content/public/browser/browser_thread.h" #include "sync/api/syncable_service.h" +#if defined(ENABLE_MANAGED_USERS) +#include "chrome/browser/managed_mode/managed_user_service.h" +#include "chrome/browser/policy/managed_mode_policy_provider.h" +#include "chrome/browser/policy/profile_policy_connector.h" +#include "chrome/browser/policy/profile_policy_connector_factory.h" +#endif + +#if !defined(OS_ANDROID) +#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service.h" +#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service_factory.h" +#endif + using browser_sync::AutofillDataTypeController; using browser_sync::AutofillProfileDataTypeController; using browser_sync::BookmarkChangeProcessor; @@ -274,6 +282,13 @@ void ProfileSyncComponentsFactoryImpl::RegisterDesktopDataTypes( } #endif +#if defined(ENABLE_MANAGED_USERS) + if (ManagedUserService::ProfileIsManaged(profile_)) { + pss->RegisterDataTypeController( + new UIDataTypeController( + syncer::MANAGED_USER_SETTINGS, this, profile_, pss)); + } +#endif } DataTypeManager* ProfileSyncComponentsFactoryImpl::CreateDataTypeManager( @@ -368,6 +383,11 @@ base::WeakPtr<syncer::SyncableService> ProfileSyncComponentsFactoryImpl:: case syncer::FAVICON_TRACKING: return ProfileSyncServiceFactory::GetForProfile(profile_)-> GetSessionModelAssociator()->GetFaviconCache()->AsWeakPtr(); +#if defined(ENABLE_MANAGED_USERS) + case syncer::MANAGED_USER_SETTINGS: + return policy::ProfilePolicyConnectorFactory::GetForProfile(profile_)-> + managed_mode_policy_provider()->AsWeakPtr(); +#endif default: // The following datatypes still need to be transitioned to the // syncer::SyncableService API: diff --git a/chrome/browser/sync/profile_sync_service.cc b/chrome/browser/sync/profile_sync_service.cc index 68a76cb..818d579 100644 --- a/chrome/browser/sync/profile_sync_service.cc +++ b/chrome/browser/sync/profile_sync_service.cc @@ -77,6 +77,10 @@ #include "sync/util/cryptographer.h" #include "ui/base/l10n/l10n_util.h" +#if defined(ENABLE_MANAGED_USERS) +#include "chrome/browser/managed_mode/managed_user_service.h" +#endif + #if defined(OS_ANDROID) #include "sync/internal_api/public/read_transaction.h" #endif @@ -185,8 +189,8 @@ bool ProfileSyncService::IsSyncEnabledAndLoggedIn() { if (IsManaged() || sync_prefs_.IsStartSuppressed()) return false; - // Sync is logged in if there is a non-empty authenticated username. - return !signin_->GetAuthenticatedUsername().empty(); + // Sync is logged in if there is a non-empty effective username. + return !GetEffectiveUsername().empty(); } bool ProfileSyncService::IsSyncTokenAvailable() { @@ -234,7 +238,7 @@ void ProfileSyncService::Initialize() { RegisterAuthNotifications(); - if (!HasSyncSetupCompleted() || signin_->GetAuthenticatedUsername().empty()) { + if (!HasSyncSetupCompleted() || GetEffectiveUsername().empty()) { // Clean up in case of previous crash / setup abort / signout. DisableForUser(); } @@ -420,7 +424,7 @@ void ProfileSyncService::InitSettings() { SyncCredentials ProfileSyncService::GetCredentials() { SyncCredentials credentials; - credentials.email = signin_->GetAuthenticatedUsername(); + credentials.email = GetEffectiveUsername(); DCHECK(!credentials.email.empty()); TokenService* service = TokenServiceFactory::GetForProfile(profile_); if (service->HasTokenForService(GaiaConstants::kSyncService)) { @@ -2095,3 +2099,15 @@ void ProfileSyncService::UpdateInvalidatorRegistrarState() { << syncer::InvalidatorStateToString(effective_state); invalidator_registrar_->UpdateInvalidatorState(effective_state); } + +std::string ProfileSyncService::GetEffectiveUsername() { +#if defined(ENABLE_MANAGED_USERS) + if (ManagedUserService::ProfileIsManaged(profile_)) { + DCHECK_EQ(std::string(), signin_->GetAuthenticatedUsername()); + return ManagedUserService::GetManagedUserPseudoEmail(); + } +#endif + + return signin_->GetAuthenticatedUsername(); +} + diff --git a/chrome/browser/sync/profile_sync_service.h b/chrome/browser/sync/profile_sync_service.h index cb6731a..f09adfc 100644 --- a/chrome/browser/sync/profile_sync_service.h +++ b/chrome/browser/sync/profile_sync_service.h @@ -797,7 +797,11 @@ class ProfileSyncService : public ProfileSyncServiceBase, // |invalidator_registrar_| is not NULL). void UpdateInvalidatorRegistrarState(); - // Factory used to create various dependent objects. + // Returns the username (in form of an email address) that should be used in + // the credentials. + std::string GetEffectiveUsername(); + + // Factory used to create various dependent objects. scoped_ptr<ProfileSyncComponentsFactory> factory_; // The profile whose data we are synchronizing. diff --git a/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc b/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc index ff2f4de..d679740 100644 --- a/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc +++ b/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc @@ -40,6 +40,12 @@ IN_PROC_BROWSER_TEST_F(SingleClientManagedUserSettingsSyncTest, Sanity) { new base::FundamentalValue(true)); policy_provider->SetPolicy(policy::key::kSigninAllowed, allow_signin.PassAs<Value>()); + + // The user should not be signed in. + std::string username; + // ProfileSyncServiceHarness sets the password, which can't be empty. + std::string password = "password"; + GetClient(i)->SetCredentials(username, password); } ASSERT_TRUE(SetupSync()); } diff --git a/chrome/browser/ui/browser_tab_contents.cc b/chrome/browser/ui/browser_tab_contents.cc index 3ec3771c..19d73e3 100644 --- a/chrome/browser/ui/browser_tab_contents.cc +++ b/chrome/browser/ui/browser_tab_contents.cc @@ -13,7 +13,6 @@ #include "chrome/browser/favicon/favicon_tab_helper.h" #include "chrome/browser/history/history_tab_helper.h" #include "chrome/browser/infobars/infobar_service.h" -#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h" #include "chrome/browser/net/load_time_stats.h" #include "chrome/browser/net/net_error_tab_helper.h" #include "chrome/browser/omnibox_search_hint.h" @@ -59,8 +58,8 @@ #endif #if defined(ENABLE_MANAGED_USERS) +#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h" #include "chrome/browser/managed_mode/managed_user_service.h" -#include "chrome/browser/managed_mode/managed_user_service_factory.h" #endif #if defined(ENABLE_PRINTING) @@ -173,9 +172,7 @@ void BrowserTabContents::AttachTabHelpers(WebContents* web_contents) { #endif #if defined(ENABLE_MANAGED_USERS) - ManagedUserService* service = - ManagedUserServiceFactory::GetForProfile(profile); - if (service->ProfileIsManaged()) + if (ManagedUserService::ProfileIsManaged(profile)) ManagedModeNavigationObserver::CreateForWebContents(web_contents); #endif diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 97f3d1c..9774636 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -872,15 +872,16 @@ const char kLoadExtension[] = "load-extension"; // to a separate file if a file name is given. const char kLogNetLog[] = "log-net-log"; -// Uninstalls an extension with the specified extension id. -const char kUninstallExtension[] = "uninstall-extension"; +// Makes Chrome default browser +const char kMakeDefaultBrowser[] = "make-default-browser"; + +// Used to authenticate requests to the Sync service for managed users. Setting +// this switch also causes Sync to be set up for a managed user. +const char kManagedUserSyncToken[] = "managed-user-sync-token"; // Starts the browser in managed mode. const char kManaged[] = "managed"; -// Makes Chrome default browser -const char kMakeDefaultBrowser[] = "make-default-browser"; - // Forces the maximum disk space to be used by the media cache, in bytes. const char kMediaCacheSize[] = "media-cache-size"; @@ -1412,6 +1413,9 @@ const char kTrustedSpdyProxy[] = "trusted-spdy-proxy"; // be used only by the upgrade process. const char kTryChromeAgain[] = "try-chrome-again"; +// Uninstalls an extension with the specified extension id. +const char kUninstallExtension[] = "uninstall-extension"; + // Runs un-installation steps that were done by chrome first-run. const char kUninstall[] = "uninstall"; diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 6d429b2..e48121d 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -237,9 +237,9 @@ extern const char kLimitedInstallFromWebstore[]; extern const char kLoadAndLaunchApp[]; extern const char kLoadComponentExtension[]; extern const char kLoadExtension[]; -extern const char kUninstallExtension[]; extern const char kLogNetLog[]; extern const char kMakeDefaultBrowser[]; +extern const char kManagedUserSyncToken[]; extern const char kManaged[]; extern const char kMediaCacheSize[]; extern const char kMemoryProfiling[]; @@ -374,6 +374,7 @@ extern const char kTrackActiveVisitTime[]; extern const char kTranslateScriptURL[]; extern const char kTrustedSpdyProxy[]; extern const char kTryChromeAgain[]; +extern const char kUninstallExtension[]; extern const char kUninstall[]; extern const char kUnlimitedStorage[]; extern const char kUseSimpleCacheBackend[]; |