summaryrefslogtreecommitdiffstats
path: root/chrome
diff options
context:
space:
mode:
authorbauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-05-21 00:03:03 +0000
committerbauerb@chromium.org <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-05-21 00:03:03 +0000
commita19df3e39dfcf782db89917cc979ade4d6785101 (patch)
treeb0fbdc8b94d23709defce9a701d08851d8416ab2 /chrome
parent189f80fb7c09dcdc5d82a55052eaf675fcf2830a (diff)
downloadchromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.zip
chromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.tar.gz
chromium_src-a19df3e39dfcf782db89917cc979ade4d6785101.tar.bz2
Set up Sync for managed users.
When a managed user is created, silently set up Sync for them to sync managed user settings. Also, add a command line flag for testing. TBR=erg@chromium.org,sky@chromium.org BUG=226449 Review URL: https://chromiumcodereview.appspot.com/12889004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201174 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
-rw-r--r--chrome/browser/managed_mode/managed_user_service.cc76
-rw-r--r--chrome/browser/managed_mode/managed_user_service.h12
-rw-r--r--chrome/browser/managed_mode/managed_user_service_unittest.cc97
-rw-r--r--chrome/browser/policy/cloud/user_policy_signin_service.cc1
-rw-r--r--chrome/browser/policy/managed_mode_policy_provider.cc134
-rw-r--r--chrome/browser/policy/managed_mode_policy_provider.h21
-rw-r--r--chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc26
-rw-r--r--chrome/browser/profiles/profile_metrics.cc5
-rw-r--r--chrome/browser/sync/profile_sync_components_factory_impl.cc30
-rw-r--r--chrome/browser/sync/profile_sync_service.cc24
-rw-r--r--chrome/browser/sync/profile_sync_service.h6
-rw-r--r--chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc6
-rw-r--r--chrome/browser/ui/browser_tab_contents.cc7
-rw-r--r--chrome/common/chrome_switches.cc14
-rw-r--r--chrome/common/chrome_switches.h3
15 files changed, 355 insertions, 107 deletions
diff --git a/chrome/browser/managed_mode/managed_user_service.cc b/chrome/browser/managed_mode/managed_user_service.cc
index d227b1d..96f1cc8 100644
--- a/chrome/browser/managed_mode/managed_user_service.cc
+++ b/chrome/browser/managed_mode/managed_user_service.cc
@@ -4,6 +4,7 @@
#include "chrome/browser/managed_mode/managed_user_service.h"
+#include "base/command_line.h"
#include "base/memory/ref_counted.h"
#include "base/prefs/pref_service.h"
#include "base/sequenced_task_runner.h"
@@ -18,14 +19,21 @@
#include "chrome/browser/policy/profile_policy_connector_factory.h"
#include "chrome/browser/prefs/scoped_user_pref_update.h"
#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/signin/token_service.h"
+#include "chrome/browser/signin/token_service_factory.h"
+#include "chrome/browser/sync/glue/session_model_associator.h"
+#include "chrome/browser/sync/profile_sync_service.h"
+#include "chrome/browser/sync/profile_sync_service_factory.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
#include "chrome/common/chrome_notification_types.h"
+#include "chrome/common/chrome_switches.h"
#include "chrome/common/extensions/api/managed_mode_private/managed_mode_handler.h"
#include "chrome/common/extensions/extension_set.h"
#include "chrome/common/pref_names.h"
#include "components/user_prefs/pref_registry_syncable.h"
#include "content/public/browser/browser_thread.h"
+#include "google_apis/gaia/gaia_constants.h"
#include "google_apis/gaia/google_service_auth_error.h"
#include "grit/generated_resources.h"
#include "policy/policy_constants.h"
@@ -37,6 +45,8 @@ using content::BrowserThread;
namespace {
+const char kManagedUserPseudoEmail[] = "managed_user@localhost";
+
std::string CanonicalizeHostname(const std::string& hostname) {
std::string canonicalized;
url_canon::StdStringCanonOutput output(&canonicalized);
@@ -118,11 +128,15 @@ ManagedUserService::ManagedUserService(Profile* profile)
profile_(profile),
elevated_for_testing_(false) {}
-ManagedUserService::~ManagedUserService() {
-}
+ManagedUserService::~ManagedUserService() {}
bool ManagedUserService::ProfileIsManaged() const {
- return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged);
+ return ProfileIsManaged(profile_);
+}
+
+// static
+bool ManagedUserService::ProfileIsManaged(Profile* profile) {
+ return profile->GetPrefs()->GetBoolean(prefs::kProfileIsManaged);
}
bool ManagedUserService::IsElevatedForWebContents(
@@ -172,16 +186,13 @@ void ManagedUserService::RegisterUserPrefs(
prefs::kManagedModeManualURLs,
user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
registry->RegisterIntegerPref(
- prefs::kDefaultManagedModeFilteringBehavior,
- ManagedModeURLFilter::ALLOW,
+ prefs::kDefaultManagedModeFilteringBehavior, ManagedModeURLFilter::ALLOW,
user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
registry->RegisterStringPref(
- prefs::kManagedModeLocalPassphrase,
- std::string(),
+ prefs::kManagedModeLocalPassphrase, std::string(),
user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
registry->RegisterStringPref(
- prefs::kManagedModeLocalSalt,
- std::string(),
+ prefs::kManagedModeLocalSalt, std::string(),
user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
}
@@ -211,7 +222,7 @@ int ManagedUserService::GetCategory(const GURL& url) {
// static
void ManagedUserService::GetCategoryNames(CategoryList* list) {
ManagedModeSiteList::GetCategoryNames(list);
-};
+}
std::string ManagedUserService::GetDebugPolicyProviderName() const {
// Save the string space in official builds.
@@ -439,10 +450,42 @@ void ManagedUserService::InitForTesting() {
Init();
}
+void ManagedUserService::InitSync(const std::string& sync_token) {
+ ProfileSyncService* service =
+ ProfileSyncServiceFactory::GetForProfile(profile_);
+ DCHECK(!service->sync_initialized());
+ // Tell the sync service that setup is in progress so we don't start syncing
+ // until we've finished configuration.
+ service->SetSetupInProgress(true);
+
+ TokenService* token_service = TokenServiceFactory::GetForProfile(profile_);
+ token_service->AddAuthTokenManually(GaiaConstants::kSyncService, sync_token);
+
+ bool sync_everything = false;
+ syncer::ModelTypeSet synced_datatypes;
+ synced_datatypes.Put(syncer::MANAGED_USER_SETTINGS);
+ service->OnUserChoseDatatypes(sync_everything, synced_datatypes);
+
+ // Notify ProfileSyncService that we are done with configuration.
+ service->SetSetupInProgress(false);
+ service->SetSyncSetupCompleted();
+}
+
+// static
+const char* ManagedUserService::GetManagedUserPseudoEmail() {
+ return kManagedUserPseudoEmail;
+}
+
void ManagedUserService::Init() {
if (!ProfileIsManaged())
return;
+ CommandLine* command_line = CommandLine::ForCurrentProcess();
+ if (command_line->HasSwitch(switches::kManagedUserSyncToken)) {
+ InitSync(
+ command_line->GetSwitchValueASCII(switches::kManagedUserSyncToken));
+ }
+
extensions::ExtensionSystem* extension_system =
extensions::ExtensionSystem::Get(profile_);
extensions::ManagementPolicy* management_policy =
@@ -458,15 +501,12 @@ void ManagedUserService::Init() {
pref_change_registrar_.Init(profile_->GetPrefs());
pref_change_registrar_.Add(
prefs::kDefaultManagedModeFilteringBehavior,
- base::Bind(
- &ManagedUserService::OnDefaultFilteringBehaviorChanged,
+ base::Bind(&ManagedUserService::OnDefaultFilteringBehaviorChanged,
base::Unretained(this)));
- pref_change_registrar_.Add(
- prefs::kManagedModeManualHosts,
+ pref_change_registrar_.Add(prefs::kManagedModeManualHosts,
base::Bind(&ManagedUserService::UpdateManualHosts,
base::Unretained(this)));
- pref_change_registrar_.Add(
- prefs::kManagedModeManualURLs,
+ pref_change_registrar_.Add(prefs::kManagedModeManualURLs,
base::Bind(&ManagedUserService::UpdateManualURLs,
base::Unretained(this)));
@@ -484,10 +524,6 @@ void ManagedUserService::Init() {
UpdateManualURLs();
}
-void ManagedUserService::InitSync(const std::string& token) {
- // TODO(bauerb): This is a dummy implementation.
-}
-
void ManagedUserService::RegisterAndInitSync(
ManagedUserRegistrationService* registration_service) {
string16 name = UTF8ToUTF16(profile_->GetProfileName());
diff --git a/chrome/browser/managed_mode/managed_user_service.h b/chrome/browser/managed_mode/managed_user_service.h
index fc25e8e..c7c09df 100644
--- a/chrome/browser/managed_mode/managed_user_service.h
+++ b/chrome/browser/managed_mode/managed_user_service.h
@@ -50,6 +50,10 @@ class ManagedUserService : public ProfileKeyedService,
bool ProfileIsManaged() const;
+ // Checks whether the given profile is managed without constructing a
+ // ManagedUserService (which could lead to cyclic dependencies).
+ static bool ProfileIsManaged(Profile* profile);
+
// Returns the elevation state for specific WebContents.
bool IsElevatedForWebContents(const content::WebContents* web_contents) const;
@@ -108,8 +112,8 @@ class ManagedUserService : public ProfileKeyedService,
// Marks the profile as managed and initializes it.
void InitForTesting();
- // Initializes this object for syncing managed-user-related data with the
- // server.
+ // Initializes this profile for syncing, using the provided |token| to
+ // authenticate requests.
void InitSync(const std::string& token);
// Convenience method that registers this managed user with
@@ -119,6 +123,10 @@ class ManagedUserService : public ProfileKeyedService,
void RegisterAndInitSync(
ManagedUserRegistrationService* registration_service);
+ // Returns a pseudo-email address for systems that expect well-formed email
+ // addresses (like Sync), even though we're not signed in.
+ static const char* GetManagedUserPseudoEmail();
+
void set_elevated_for_testing(bool skip) {
elevated_for_testing_ = skip;
}
diff --git a/chrome/browser/managed_mode/managed_user_service_unittest.cc b/chrome/browser/managed_mode/managed_user_service_unittest.cc
index 835efa5..3cdf171 100644
--- a/chrome/browser/managed_mode/managed_user_service_unittest.cc
+++ b/chrome/browser/managed_mode/managed_user_service_unittest.cc
@@ -16,6 +16,7 @@
#include "chrome/common/chrome_paths.h"
#include "chrome/common/pref_names.h"
#include "chrome/test/base/testing_profile.h"
+#include "content/public/test/test_browser_thread.h"
#include "content/public/test/test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -54,57 +55,63 @@ class ManagedModeURLFilterObserver : public ManagedModeURLFilter::Observer {
scoped_refptr<MessageLoopRunner> message_loop_runner_;
};
+class ManagedUserServiceTest : public ::testing::Test {
+ public:
+ ManagedUserServiceTest() : ui_thread_(content::BrowserThread::UI,
+ &message_loop_),
+ managed_user_service_(&profile_) {}
+ virtual ~ManagedUserServiceTest() {}
+
+ protected:
+ MessageLoop message_loop_;
+ content::TestBrowserThread ui_thread_;
+ TestingProfile profile_;
+ ManagedUserService managed_user_service_;
+};
+
} // namespace
-TEST(ManagedUserServiceTest, ExtensionManagementPolicyProvider) {
- MessageLoop message_loop;
- TestingProfile profile;
- {
- ManagedUserService managed_user_service(&profile);
- EXPECT_FALSE(managed_user_service.ProfileIsManaged());
+TEST_F(ManagedUserServiceTest, ExtensionManagementPolicyProviderUnmanaged) {
+ EXPECT_FALSE(managed_user_service_.ProfileIsManaged());
- string16 error_1;
- EXPECT_TRUE(managed_user_service.UserMayLoad(NULL, &error_1));
- EXPECT_EQ(string16(), error_1);
+ string16 error_1;
+ EXPECT_TRUE(managed_user_service_.UserMayLoad(NULL, &error_1));
+ EXPECT_EQ(string16(), error_1);
- string16 error_2;
- EXPECT_TRUE(managed_user_service.UserMayModifySettings(NULL, &error_2));
- EXPECT_EQ(string16(), error_2);
- }
+ string16 error_2;
+ EXPECT_TRUE(managed_user_service_.UserMayModifySettings(NULL, &error_2));
+ EXPECT_EQ(string16(), error_2);
+}
- {
- ManagedUserService managed_user_service(&profile);
- ManagedModeURLFilterObserver observer(
- managed_user_service.GetURLFilterForUIThread());
- managed_user_service.InitForTesting();
- EXPECT_TRUE(managed_user_service.ProfileIsManaged());
+TEST_F(ManagedUserServiceTest, ExtensionManagementPolicyProviderManaged) {
+ ManagedModeURLFilterObserver observer(
+ managed_user_service_.GetURLFilterForUIThread());
+ managed_user_service_.InitForTesting();
+ EXPECT_TRUE(managed_user_service_.ProfileIsManaged());
- string16 error_1;
- EXPECT_FALSE(managed_user_service.UserMayLoad(NULL, &error_1));
- EXPECT_FALSE(error_1.empty());
+ string16 error_1;
+ EXPECT_FALSE(managed_user_service_.UserMayLoad(NULL, &error_1));
+ EXPECT_FALSE(error_1.empty());
- string16 error_2;
- EXPECT_FALSE(managed_user_service.UserMayModifySettings(NULL, &error_2));
- EXPECT_FALSE(error_2.empty());
+ string16 error_2;
+ EXPECT_FALSE(managed_user_service_.UserMayModifySettings(NULL, &error_2));
+ EXPECT_FALSE(error_2.empty());
#ifndef NDEBUG
- EXPECT_FALSE(managed_user_service.GetDebugPolicyProviderName().empty());
+ EXPECT_FALSE(managed_user_service_.GetDebugPolicyProviderName().empty());
#endif
- // Wait for the initial update to finish (otherwise we'll get leaks).
- observer.Wait();
- }
+ // Wait for the initial update to finish (otherwise we'll get leaks).
+ observer.Wait();
}
-TEST(ManagedUserServiceTest, GetManualExceptionsForHost) {
- TestingProfile profile;
- ManagedUserService managed_user_service(&profile);
+TEST_F(ManagedUserServiceTest, GetManualExceptionsForHost) {
GURL kExampleFooURL("http://www.example.com/foo");
GURL kExampleBarURL("http://www.example.com/bar");
GURL kExampleFooNoWWWURL("http://example.com/foo");
GURL kBlurpURL("http://blurp.net/bla");
GURL kMooseURL("http://moose.org/baz");
{
- DictionaryPrefUpdate update(profile.GetPrefs(),
+ DictionaryPrefUpdate update(profile_.GetPrefs(),
prefs::kManagedModeManualURLs);
base::DictionaryValue* dict = update.Get();
dict->SetBooleanWithoutPathExpansion(kExampleFooURL.spec(), true);
@@ -114,24 +121,24 @@ TEST(ManagedUserServiceTest, GetManualExceptionsForHost) {
}
EXPECT_EQ(ManagedUserService::MANUAL_ALLOW,
- managed_user_service.GetManualBehaviorForURL(kExampleFooURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleFooURL));
EXPECT_EQ(ManagedUserService::MANUAL_BLOCK,
- managed_user_service.GetManualBehaviorForURL(kExampleBarURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleBarURL));
EXPECT_EQ(ManagedUserService::MANUAL_ALLOW,
- managed_user_service.GetManualBehaviorForURL(kExampleFooNoWWWURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleFooNoWWWURL));
EXPECT_EQ(ManagedUserService::MANUAL_ALLOW,
- managed_user_service.GetManualBehaviorForURL(kBlurpURL));
+ managed_user_service_.GetManualBehaviorForURL(kBlurpURL));
EXPECT_EQ(ManagedUserService::MANUAL_NONE,
- managed_user_service.GetManualBehaviorForURL(kMooseURL));
+ managed_user_service_.GetManualBehaviorForURL(kMooseURL));
std::vector<GURL> exceptions;
- managed_user_service.GetManualExceptionsForHost("www.example.com",
+ managed_user_service_.GetManualExceptionsForHost("www.example.com",
&exceptions);
ASSERT_EQ(2u, exceptions.size());
EXPECT_EQ(kExampleBarURL, exceptions[0]);
EXPECT_EQ(kExampleFooURL, exceptions[1]);
{
- DictionaryPrefUpdate update(profile.GetPrefs(),
+ DictionaryPrefUpdate update(profile_.GetPrefs(),
prefs::kManagedModeManualURLs);
base::DictionaryValue* dict = update.Get();
for (std::vector<GURL>::iterator it = exceptions.begin();
@@ -141,15 +148,15 @@ TEST(ManagedUserServiceTest, GetManualExceptionsForHost) {
}
EXPECT_EQ(ManagedUserService::MANUAL_NONE,
- managed_user_service.GetManualBehaviorForURL(kExampleFooURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleFooURL));
EXPECT_EQ(ManagedUserService::MANUAL_NONE,
- managed_user_service.GetManualBehaviorForURL(kExampleBarURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleBarURL));
EXPECT_EQ(ManagedUserService::MANUAL_ALLOW,
- managed_user_service.GetManualBehaviorForURL(kExampleFooNoWWWURL));
+ managed_user_service_.GetManualBehaviorForURL(kExampleFooNoWWWURL));
EXPECT_EQ(ManagedUserService::MANUAL_ALLOW,
- managed_user_service.GetManualBehaviorForURL(kBlurpURL));
+ managed_user_service_.GetManualBehaviorForURL(kBlurpURL));
EXPECT_EQ(ManagedUserService::MANUAL_NONE,
- managed_user_service.GetManualBehaviorForURL(kMooseURL));
+ managed_user_service_.GetManualBehaviorForURL(kMooseURL));
}
class ManagedUserServiceExtensionTest : public ExtensionServiceTestBase {
diff --git a/chrome/browser/policy/cloud/user_policy_signin_service.cc b/chrome/browser/policy/cloud/user_policy_signin_service.cc
index cdb4bc0..f93bf21 100644
--- a/chrome/browser/policy/cloud/user_policy_signin_service.cc
+++ b/chrome/browser/policy/cloud/user_policy_signin_service.cc
@@ -364,7 +364,6 @@ void UserPolicySigninService::Observe(
// Note that the profile manager is NULL in unit tests.
if (g_browser_process->profile_manager() &&
g_browser_process->profile_manager()->will_import()) {
- DCHECK_EQ(chrome::NOTIFICATION_PROFILE_ADDED, type);
return;
}
diff --git a/chrome/browser/policy/managed_mode_policy_provider.cc b/chrome/browser/policy/managed_mode_policy_provider.cc
index 1145e32..626f17bf 100644
--- a/chrome/browser/policy/managed_mode_policy_provider.cc
+++ b/chrome/browser/policy/managed_mode_policy_provider.cc
@@ -4,6 +4,8 @@
#include "chrome/browser/policy/managed_mode_policy_provider.h"
+#include "base/json/json_reader.h"
+#include "base/json/json_writer.h"
#include "base/prefs/json_pref_store.h"
#include "base/threading/sequenced_worker_pool.h"
#include "chrome/browser/managed_mode/managed_mode_url_filter.h"
@@ -13,10 +15,36 @@
#include "chrome/common/chrome_constants.h"
#include "content/public/browser/browser_thread.h"
#include "policy/policy_constants.h"
+#include "sync/api/sync_change.h"
+#include "sync/protocol/sync.pb.h"
using base::DictionaryValue;
using base::Value;
using content::BrowserThread;
+using syncer::MANAGED_USER_SETTINGS;
+using syncer::ModelType;
+using syncer::SyncChange;
+using syncer::SyncChangeList;
+using syncer::SyncChangeProcessor;
+using syncer::SyncData;
+using syncer::SyncDataList;
+using syncer::SyncError;
+using syncer::SyncErrorFactory;
+using syncer::SyncMergeResult;
+
+namespace {
+
+SyncData CreateSyncDataForLocalPolicy(const std::string& name,
+ const Value* value) {
+ std::string json_value;
+ base::JSONWriter::Write(value, &json_value);
+ ::sync_pb::EntitySpecifics specifics;
+ specifics.mutable_managed_user_setting()->set_name(name);
+ specifics.mutable_managed_user_setting()->set_value(json_value);
+ return SyncData::CreateLocalData(name, name, specifics);
+}
+
+} // namespace
namespace policy {
@@ -110,6 +138,7 @@ void ManagedModePolicyProvider::SetPolicy(const std::string& key,
else
dict->RemoveWithoutPathExpansion(key, NULL);
+ // TODO(bauerb): Report changes to sync.
store_->ReportValueChanged(kPolicies);
UpdatePolicyFromCache();
}
@@ -137,6 +166,106 @@ void ManagedModePolicyProvider::OnInitializationCompleted(bool success) {
UpdatePolicyFromCache();
}
+SyncMergeResult ManagedModePolicyProvider::MergeDataAndStartSyncing(
+ ModelType type,
+ const SyncDataList& initial_sync_data,
+ scoped_ptr<SyncChangeProcessor> sync_processor,
+ scoped_ptr<SyncErrorFactory> error_handler) {
+ DCHECK_EQ(MANAGED_USER_SETTINGS, type);
+ sync_processor_ = sync_processor.Pass();
+ error_handler_ = error_handler.Pass();
+ DictionaryValue* policy = GetCachedPolicy();
+ base::JSONReader reader;
+ std::set<std::string> seen_keys;
+ for (SyncDataList::const_iterator it = initial_sync_data.begin();
+ it != initial_sync_data.end(); ++it) {
+ DCHECK_EQ(MANAGED_USER_SETTINGS, it->GetDataType());
+ const ::sync_pb::ManagedUserSettingSpecifics& managed_user_setting =
+ it->GetSpecifics().managed_user_setting();
+ Value* value = reader.Read(managed_user_setting.value());
+ seen_keys.insert(managed_user_setting.name());
+ policy->SetWithoutPathExpansion(managed_user_setting.name(), value);
+ }
+
+ SyncChangeList change_list;
+ for (DictionaryValue::Iterator it(*policy); !it.IsAtEnd(); it.Advance()) {
+ // Send all local policies that are not in the initial sync list
+ // to the server.
+ if (seen_keys.find(it.key()) != seen_keys.end())
+ continue;
+
+ SyncData data = CreateSyncDataForLocalPolicy(it.key(), &it.value());
+ change_list.push_back(SyncChange(FROM_HERE, SyncChange::ACTION_ADD, data));
+ }
+ sync_processor_->ProcessSyncChanges(FROM_HERE, change_list);
+
+ store_->ReportValueChanged(kPolicies);
+ UpdatePolicyFromCache();
+
+ SyncMergeResult result(MANAGED_USER_SETTINGS);
+ return result;
+}
+
+void ManagedModePolicyProvider::StopSyncing(ModelType type) {
+ DCHECK_EQ(syncer::MANAGED_USER_SETTINGS, type);
+ sync_processor_.reset();
+ error_handler_.reset();
+}
+
+SyncDataList ManagedModePolicyProvider::GetAllSyncData(ModelType type) const {
+ DCHECK_EQ(syncer::MANAGED_USER_SETTINGS, type);
+ SyncDataList data;
+ DictionaryValue* policy = GetCachedPolicy();
+ for (DictionaryValue::Iterator it(*policy); !it.IsAtEnd(); it.Advance()) {
+ data.push_back(CreateSyncDataForLocalPolicy(it.key(), &it.value()));
+ }
+ return data;
+}
+
+SyncError ManagedModePolicyProvider::ProcessSyncChanges(
+ const tracked_objects::Location& from_here,
+ const SyncChangeList& change_list) {
+ SyncError error;
+ DictionaryValue* policy = GetCachedPolicy();
+ base::JSONReader reader;
+ for (SyncChangeList::const_iterator it = change_list.begin();
+ it != change_list.end(); ++it) {
+ SyncData data = it->sync_data();
+ DCHECK_EQ(MANAGED_USER_SETTINGS, data.GetDataType());
+ const ::sync_pb::ManagedUserSettingSpecifics& managed_user_setting =
+ data.GetSpecifics().managed_user_setting();
+ switch (it->change_type()) {
+ case SyncChange::ACTION_ADD:
+ case SyncChange::ACTION_UPDATE: {
+ Value* value = reader.Read(managed_user_setting.value());
+ if (policy->HasKey(managed_user_setting.name())) {
+ DLOG_IF(WARNING, it->change_type() == SyncChange::ACTION_ADD)
+ << "Value for key " << managed_user_setting.name()
+ << " already exists";
+ } else {
+ DLOG_IF(WARNING, it->change_type() == SyncChange::ACTION_UPDATE)
+ << "Value for key " << managed_user_setting.name()
+ << " doesn't exist yet";
+ }
+ policy->SetWithoutPathExpansion(managed_user_setting.name(), value);
+ break;
+ }
+ case SyncChange::ACTION_DELETE: {
+ DLOG_IF(WARNING, !policy->HasKey(managed_user_setting.name()))
+ << "Trying to delete non-existing key "
+ << managed_user_setting.name();
+ policy->RemoveWithoutPathExpansion(managed_user_setting.name(), NULL);
+ break;
+ }
+ case SyncChange::ACTION_INVALID: {
+ NOTREACHED();
+ break;
+ }
+ }
+ }
+ return error;
+}
+
DictionaryValue* ManagedModePolicyProvider::GetCachedPolicy() const {
Value* value = NULL;
if (!store_->GetMutableValue(kPolicies, &value))
@@ -152,9 +281,8 @@ void ManagedModePolicyProvider::UpdatePolicyFromCache() {
scoped_ptr<PolicyBundle> policy_bundle(new PolicyBundle);
DictionaryValue* policies = GetCachedPolicy();
if (policies) {
- PolicyMap* policy_map =
- &policy_bundle->Get(PolicyNamespace(POLICY_DOMAIN_CHROME,
- std::string()));
+ PolicyMap* policy_map = &policy_bundle->Get(
+ PolicyNamespace(POLICY_DOMAIN_CHROME, std::string()));
policy_map->LoadFrom(policies, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER);
}
UpdatePolicy(policy_bundle.Pass());
diff --git a/chrome/browser/policy/managed_mode_policy_provider.h b/chrome/browser/policy/managed_mode_policy_provider.h
index ab7cf1c..248cb00 100644
--- a/chrome/browser/policy/managed_mode_policy_provider.h
+++ b/chrome/browser/policy/managed_mode_policy_provider.h
@@ -8,6 +8,8 @@
#include "base/memory/ref_counted.h"
#include "base/prefs/pref_store.h"
#include "chrome/browser/policy/configuration_policy_provider.h"
+#include "sync/api/sync_error_factory.h"
+#include "sync/api/syncable_service.h"
class PersistentPrefStore;
class Profile;
@@ -23,7 +25,8 @@ namespace policy {
// JSON format.
class ManagedModePolicyProvider
: public ConfigurationPolicyProvider,
- public PrefStore::Observer {
+ public PrefStore::Observer,
+ public syncer::SyncableService {
public:
// The dictionary key under which we store the policy dictionary. Public for
// testing.
@@ -80,6 +83,19 @@ class ManagedModePolicyProvider
virtual void OnPrefValueChanged(const std::string& key) OVERRIDE;
virtual void OnInitializationCompleted(bool success) OVERRIDE;
+ // SyncableService implementation:
+ virtual syncer::SyncMergeResult MergeDataAndStartSyncing(
+ syncer::ModelType type,
+ const syncer::SyncDataList& initial_sync_data,
+ scoped_ptr<syncer::SyncChangeProcessor> sync_processor,
+ scoped_ptr<syncer::SyncErrorFactory> error_handler) OVERRIDE;
+ virtual void StopSyncing(syncer::ModelType type) OVERRIDE;
+ virtual syncer::SyncDataList GetAllSyncData(
+ syncer::ModelType type) const OVERRIDE;
+ virtual syncer::SyncError ProcessSyncChanges(
+ const tracked_objects::Location& from_here,
+ const syncer::SyncChangeList& change_list) OVERRIDE;
+
private:
base::DictionaryValue* GetCachedPolicy() const;
void UpdatePolicyFromCache();
@@ -87,6 +103,9 @@ class ManagedModePolicyProvider
// Used for persisting policies. Unlike other PrefStores, this one is not
// hooked up to the PrefService.
scoped_refptr<PersistentPrefStore> store_;
+
+ scoped_ptr<syncer::SyncChangeProcessor> sync_processor_;
+ scoped_ptr<syncer::SyncErrorFactory> error_handler_;
};
} // namespace policy
diff --git a/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc b/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc
index e4a3d15..fc33cdb 100644
--- a/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc
+++ b/chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.cc
@@ -100,6 +100,10 @@
#endif
#endif
+#if defined(ENABLE_MANAGED_USERS)
+#include "chrome/browser/managed_mode/managed_user_service_factory.h"
+#endif
+
#if defined(OS_CHROMEOS)
#include "chrome/browser/chromeos/extensions/input_method_api.h"
#include "chrome/browser/chromeos/extensions/media_player_api.h"
@@ -147,7 +151,7 @@ ChromeBrowserMainExtraPartsProfiles::~ChromeBrowserMainExtraPartsProfiles() {
void
ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() {
AboutSigninInternalsFactory::GetInstance();
-
+ autofill::PersonalDataManagerFactory::GetInstance();
#if defined(ENABLE_BACKGROUND)
BackgroundContentsServiceFactory::GetInstance();
#endif
@@ -156,6 +160,12 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() {
captive_portal::CaptivePortalServiceFactory::GetInstance();
#endif
ChromeGeolocationPermissionContextFactory::GetInstance();
+#if defined(OS_CHROMEOS)
+ chromeos::NetworkingPrivateEventRouterFactory::GetInstance();
+#endif
+#if defined(ENABLE_INPUT_SPEECH)
+ ChromeSpeechRecognitionPreferences::InitializeFactory();
+#endif
#if defined(ENABLE_PRINTING)
CloudPrintProxyServiceFactory::GetInstance();
#endif
@@ -226,16 +236,15 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() {
GlobalErrorServiceFactory::GetInstance();
GoogleURLTrackerFactory::GetInstance();
HistoryServiceFactory::GetInstance();
+#if defined(ENABLE_MANAGED_USERS)
+ ManagedUserServiceFactory::GetInstance();
+#endif
#if !defined(OS_ANDROID)
- notifier::ChromeNotifierServiceFactory::GetInstance();
MediaGalleriesPreferencesFactory::GetInstance();
-#endif
-#if defined(OS_CHROMEOS)
- chromeos::NetworkingPrivateEventRouterFactory::GetInstance();
+ notifier::ChromeNotifierServiceFactory::GetInstance();
#endif
NTPResourceCacheFactory::GetInstance();
PasswordStoreFactory::GetInstance();
- autofill::PersonalDataManagerFactory::GetInstance();
#if !defined(OS_ANDROID)
PinnedTabServiceFactory::GetInstance();
#endif
@@ -263,12 +272,9 @@ ChromeBrowserMainExtraPartsProfiles::EnsureProfileKeyedServiceFactoriesBuilt() {
SessionServiceFactory::GetInstance();
#endif
ShortcutsBackendFactory::GetInstance();
- ThumbnailServiceFactory::GetInstance();
SigninManagerFactory::GetInstance();
-#if defined(ENABLE_INPUT_SPEECH)
- ChromeSpeechRecognitionPreferences::InitializeFactory();
-#endif
SpellcheckServiceFactory::GetInstance();
+ ThumbnailServiceFactory::GetInstance();
TabRestoreServiceFactory::GetInstance();
TemplateURLFetcherFactory::GetInstance();
TemplateURLServiceFactory::GetInstance();
diff --git a/chrome/browser/profiles/profile_metrics.cc b/chrome/browser/profiles/profile_metrics.cc
index 3855e11..6087a95 100644
--- a/chrome/browser/profiles/profile_metrics.cc
+++ b/chrome/browser/profiles/profile_metrics.cc
@@ -9,7 +9,6 @@
#include "base/metrics/histogram.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/managed_mode/managed_user_service.h"
-#include "chrome/browser/managed_mode/managed_user_service_factory.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/profiles/profile_info_cache.h"
#include "chrome/browser/profiles/profile_manager.h"
@@ -233,9 +232,7 @@ void ProfileMetrics::LogProfileLaunch(Profile* profile) {
GetProfileType(profile_path),
NUM_PROFILE_TYPE_METRICS);
- ManagedUserService* service =
- ManagedUserServiceFactory::GetForProfile(profile);
- if (service->ProfileIsManaged()) {
+ if (ManagedUserService::ProfileIsManaged(profile)) {
content::RecordAction(
content::UserMetricsAction("ManagedMode_NewManagedUserWindow"));
}
diff --git a/chrome/browser/sync/profile_sync_components_factory_impl.cc b/chrome/browser/sync/profile_sync_components_factory_impl.cc
index 17937d4..417f046 100644
--- a/chrome/browser/sync/profile_sync_components_factory_impl.cc
+++ b/chrome/browser/sync/profile_sync_components_factory_impl.cc
@@ -11,11 +11,6 @@
#include "chrome/browser/extensions/extension_system_factory.h"
#include "chrome/browser/history/history_service.h"
#include "chrome/browser/history/history_service_factory.h"
-#include "components/autofill/browser/webdata/autofill_webdata_service.h"
-#if !defined(OS_ANDROID)
-#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service.h"
-#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service_factory.h"
-#endif
#include "chrome/browser/prefs/pref_model_associator.h"
#include "chrome/browser/prefs/pref_service_syncable.h"
#include "chrome/browser/profiles/profile.h"
@@ -60,9 +55,22 @@
#include "chrome/browser/webdata/autofill_profile_syncable_service.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/common/pref_names.h"
+#include "components/autofill/browser/webdata/autofill_webdata_service.h"
#include "content/public/browser/browser_thread.h"
#include "sync/api/syncable_service.h"
+#if defined(ENABLE_MANAGED_USERS)
+#include "chrome/browser/managed_mode/managed_user_service.h"
+#include "chrome/browser/policy/managed_mode_policy_provider.h"
+#include "chrome/browser/policy/profile_policy_connector.h"
+#include "chrome/browser/policy/profile_policy_connector_factory.h"
+#endif
+
+#if !defined(OS_ANDROID)
+#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service.h"
+#include "chrome/browser/notifications/sync_notifier/chrome_notifier_service_factory.h"
+#endif
+
using browser_sync::AutofillDataTypeController;
using browser_sync::AutofillProfileDataTypeController;
using browser_sync::BookmarkChangeProcessor;
@@ -274,6 +282,13 @@ void ProfileSyncComponentsFactoryImpl::RegisterDesktopDataTypes(
}
#endif
+#if defined(ENABLE_MANAGED_USERS)
+ if (ManagedUserService::ProfileIsManaged(profile_)) {
+ pss->RegisterDataTypeController(
+ new UIDataTypeController(
+ syncer::MANAGED_USER_SETTINGS, this, profile_, pss));
+ }
+#endif
}
DataTypeManager* ProfileSyncComponentsFactoryImpl::CreateDataTypeManager(
@@ -368,6 +383,11 @@ base::WeakPtr<syncer::SyncableService> ProfileSyncComponentsFactoryImpl::
case syncer::FAVICON_TRACKING:
return ProfileSyncServiceFactory::GetForProfile(profile_)->
GetSessionModelAssociator()->GetFaviconCache()->AsWeakPtr();
+#if defined(ENABLE_MANAGED_USERS)
+ case syncer::MANAGED_USER_SETTINGS:
+ return policy::ProfilePolicyConnectorFactory::GetForProfile(profile_)->
+ managed_mode_policy_provider()->AsWeakPtr();
+#endif
default:
// The following datatypes still need to be transitioned to the
// syncer::SyncableService API:
diff --git a/chrome/browser/sync/profile_sync_service.cc b/chrome/browser/sync/profile_sync_service.cc
index 68a76cb..818d579 100644
--- a/chrome/browser/sync/profile_sync_service.cc
+++ b/chrome/browser/sync/profile_sync_service.cc
@@ -77,6 +77,10 @@
#include "sync/util/cryptographer.h"
#include "ui/base/l10n/l10n_util.h"
+#if defined(ENABLE_MANAGED_USERS)
+#include "chrome/browser/managed_mode/managed_user_service.h"
+#endif
+
#if defined(OS_ANDROID)
#include "sync/internal_api/public/read_transaction.h"
#endif
@@ -185,8 +189,8 @@ bool ProfileSyncService::IsSyncEnabledAndLoggedIn() {
if (IsManaged() || sync_prefs_.IsStartSuppressed())
return false;
- // Sync is logged in if there is a non-empty authenticated username.
- return !signin_->GetAuthenticatedUsername().empty();
+ // Sync is logged in if there is a non-empty effective username.
+ return !GetEffectiveUsername().empty();
}
bool ProfileSyncService::IsSyncTokenAvailable() {
@@ -234,7 +238,7 @@ void ProfileSyncService::Initialize() {
RegisterAuthNotifications();
- if (!HasSyncSetupCompleted() || signin_->GetAuthenticatedUsername().empty()) {
+ if (!HasSyncSetupCompleted() || GetEffectiveUsername().empty()) {
// Clean up in case of previous crash / setup abort / signout.
DisableForUser();
}
@@ -420,7 +424,7 @@ void ProfileSyncService::InitSettings() {
SyncCredentials ProfileSyncService::GetCredentials() {
SyncCredentials credentials;
- credentials.email = signin_->GetAuthenticatedUsername();
+ credentials.email = GetEffectiveUsername();
DCHECK(!credentials.email.empty());
TokenService* service = TokenServiceFactory::GetForProfile(profile_);
if (service->HasTokenForService(GaiaConstants::kSyncService)) {
@@ -2095,3 +2099,15 @@ void ProfileSyncService::UpdateInvalidatorRegistrarState() {
<< syncer::InvalidatorStateToString(effective_state);
invalidator_registrar_->UpdateInvalidatorState(effective_state);
}
+
+std::string ProfileSyncService::GetEffectiveUsername() {
+#if defined(ENABLE_MANAGED_USERS)
+ if (ManagedUserService::ProfileIsManaged(profile_)) {
+ DCHECK_EQ(std::string(), signin_->GetAuthenticatedUsername());
+ return ManagedUserService::GetManagedUserPseudoEmail();
+ }
+#endif
+
+ return signin_->GetAuthenticatedUsername();
+}
+
diff --git a/chrome/browser/sync/profile_sync_service.h b/chrome/browser/sync/profile_sync_service.h
index cb6731a..f09adfc 100644
--- a/chrome/browser/sync/profile_sync_service.h
+++ b/chrome/browser/sync/profile_sync_service.h
@@ -797,7 +797,11 @@ class ProfileSyncService : public ProfileSyncServiceBase,
// |invalidator_registrar_| is not NULL).
void UpdateInvalidatorRegistrarState();
- // Factory used to create various dependent objects.
+ // Returns the username (in form of an email address) that should be used in
+ // the credentials.
+ std::string GetEffectiveUsername();
+
+ // Factory used to create various dependent objects.
scoped_ptr<ProfileSyncComponentsFactory> factory_;
// The profile whose data we are synchronizing.
diff --git a/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc b/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc
index ff2f4de..d679740 100644
--- a/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc
+++ b/chrome/browser/sync/test/integration/single_client_managed_user_settings_sync_test.cc
@@ -40,6 +40,12 @@ IN_PROC_BROWSER_TEST_F(SingleClientManagedUserSettingsSyncTest, Sanity) {
new base::FundamentalValue(true));
policy_provider->SetPolicy(policy::key::kSigninAllowed,
allow_signin.PassAs<Value>());
+
+ // The user should not be signed in.
+ std::string username;
+ // ProfileSyncServiceHarness sets the password, which can't be empty.
+ std::string password = "password";
+ GetClient(i)->SetCredentials(username, password);
}
ASSERT_TRUE(SetupSync());
}
diff --git a/chrome/browser/ui/browser_tab_contents.cc b/chrome/browser/ui/browser_tab_contents.cc
index 3ec3771c..19d73e3 100644
--- a/chrome/browser/ui/browser_tab_contents.cc
+++ b/chrome/browser/ui/browser_tab_contents.cc
@@ -13,7 +13,6 @@
#include "chrome/browser/favicon/favicon_tab_helper.h"
#include "chrome/browser/history/history_tab_helper.h"
#include "chrome/browser/infobars/infobar_service.h"
-#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h"
#include "chrome/browser/net/load_time_stats.h"
#include "chrome/browser/net/net_error_tab_helper.h"
#include "chrome/browser/omnibox_search_hint.h"
@@ -59,8 +58,8 @@
#endif
#if defined(ENABLE_MANAGED_USERS)
+#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h"
#include "chrome/browser/managed_mode/managed_user_service.h"
-#include "chrome/browser/managed_mode/managed_user_service_factory.h"
#endif
#if defined(ENABLE_PRINTING)
@@ -173,9 +172,7 @@ void BrowserTabContents::AttachTabHelpers(WebContents* web_contents) {
#endif
#if defined(ENABLE_MANAGED_USERS)
- ManagedUserService* service =
- ManagedUserServiceFactory::GetForProfile(profile);
- if (service->ProfileIsManaged())
+ if (ManagedUserService::ProfileIsManaged(profile))
ManagedModeNavigationObserver::CreateForWebContents(web_contents);
#endif
diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc
index 97f3d1c..9774636 100644
--- a/chrome/common/chrome_switches.cc
+++ b/chrome/common/chrome_switches.cc
@@ -872,15 +872,16 @@ const char kLoadExtension[] = "load-extension";
// to a separate file if a file name is given.
const char kLogNetLog[] = "log-net-log";
-// Uninstalls an extension with the specified extension id.
-const char kUninstallExtension[] = "uninstall-extension";
+// Makes Chrome default browser
+const char kMakeDefaultBrowser[] = "make-default-browser";
+
+// Used to authenticate requests to the Sync service for managed users. Setting
+// this switch also causes Sync to be set up for a managed user.
+const char kManagedUserSyncToken[] = "managed-user-sync-token";
// Starts the browser in managed mode.
const char kManaged[] = "managed";
-// Makes Chrome default browser
-const char kMakeDefaultBrowser[] = "make-default-browser";
-
// Forces the maximum disk space to be used by the media cache, in bytes.
const char kMediaCacheSize[] = "media-cache-size";
@@ -1412,6 +1413,9 @@ const char kTrustedSpdyProxy[] = "trusted-spdy-proxy";
// be used only by the upgrade process.
const char kTryChromeAgain[] = "try-chrome-again";
+// Uninstalls an extension with the specified extension id.
+const char kUninstallExtension[] = "uninstall-extension";
+
// Runs un-installation steps that were done by chrome first-run.
const char kUninstall[] = "uninstall";
diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h
index 6d429b2..e48121d 100644
--- a/chrome/common/chrome_switches.h
+++ b/chrome/common/chrome_switches.h
@@ -237,9 +237,9 @@ extern const char kLimitedInstallFromWebstore[];
extern const char kLoadAndLaunchApp[];
extern const char kLoadComponentExtension[];
extern const char kLoadExtension[];
-extern const char kUninstallExtension[];
extern const char kLogNetLog[];
extern const char kMakeDefaultBrowser[];
+extern const char kManagedUserSyncToken[];
extern const char kManaged[];
extern const char kMediaCacheSize[];
extern const char kMemoryProfiling[];
@@ -374,6 +374,7 @@ extern const char kTrackActiveVisitTime[];
extern const char kTranslateScriptURL[];
extern const char kTrustedSpdyProxy[];
extern const char kTryChromeAgain[];
+extern const char kUninstallExtension[];
extern const char kUninstall[];
extern const char kUnlimitedStorage[];
extern const char kUseSimpleCacheBackend[];