diff options
author | pneubeck <pneubeck@chromium.org> | 2014-09-09 06:16:13 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2014-09-09 13:20:24 +0000 |
commit | 49d77fc25ca944fcfb4a1e39862483656e208f85 (patch) | |
tree | b0a60909d0f8183110d04cade0b3afa13d21d922 /chromeos | |
parent | 4c2d33ac8c061cf27a594473d6f9a450ee6c3c89 (diff) | |
download | chromium_src-49d77fc25ca944fcfb4a1e39862483656e208f85.zip chromium_src-49d77fc25ca944fcfb4a1e39862483656e208f85.tar.gz chromium_src-49d77fc25ca944fcfb4a1e39862483656e208f85.tar.bz2 |
ONC: Remove augmentation of unmanaged network properties.
Before read-only properties which cannot be set by the user or policy, were explicitly marked as 'unmanaged' in the augmented dictionary returned by getManagedProperties.
Now, instead these properties are returned as plain values, which simplifies the consumer side, especially of Array typed properties like IPConfigs (compare this with SavedIPConfig).
BUG=410877
Review URL: https://codereview.chromium.org/551753002
Cr-Commit-Position: refs/heads/master@{#293931}
Diffstat (limited to 'chromeos')
-rw-r--r-- | chromeos/network/onc/onc_merger.cc | 125 | ||||
-rw-r--r-- | chromeos/test/data/network/augmented_merge.json | 37 |
2 files changed, 71 insertions, 91 deletions
diff --git a/chromeos/network/onc/onc_merger.cc b/chromeos/network/onc/onc_merger.cc index 52694e5..4dcaae9 100644 --- a/chromeos/network/onc/onc_merger.cc +++ b/chromeos/network/onc/onc_merger.cc @@ -361,80 +361,81 @@ class MergeToAugmented : public MergeToEffective { virtual scoped_ptr<base::Value> MergeValues( const std::string& key, const ValueParams& values) OVERRIDE { + const OncFieldSignature* field = NULL; + if (signature_) + field = GetFieldSignature(*signature_, key); + + if (!field) { + // This field is not part of the provided ONCSignature, thus it cannot be + // controlled by policy. Return the plain active value instead of an + // augmented dictionary. + return make_scoped_ptr(values.active_setting->DeepCopy()); + } + + // This field is part of the provided ONCSignature, thus it can be + // controlled by policy. + std::string which_effective; + scoped_ptr<base::Value> effective_value = + MergeToEffective::MergeValues(key, values, &which_effective); + + if (IsIdentifierField(*signature_, key)) { + // Don't augment the GUID but write the plain value. + if (!effective_value) { + LOG(ERROR) << "GUID field has no effective value"; + return make_scoped_ptr<base::Value>(NULL); + } + + // DCHECK that all provided GUIDs are identical. + DCHECK(AllPresentValuesEqual(values, *effective_value)); + + // Return the un-augmented GUID. + return effective_value.Pass(); + } + scoped_ptr<base::DictionaryValue> augmented_value( new base::DictionaryValue); + if (values.active_setting) { augmented_value->SetWithoutPathExpansion( ::onc::kAugmentationActiveSetting, values.active_setting->DeepCopy()); } - const OncFieldSignature* field = NULL; - if (signature_) - field = GetFieldSignature(*signature_, key); - - if (field) { - // This field is part of the provided ONCSignature, thus it can be - // controlled by policy. - std::string which_effective; - scoped_ptr<base::Value> effective_value = - MergeToEffective::MergeValues(key, values, &which_effective); - - if (IsIdentifierField(*signature_, key)) { - // Don't augment the GUID but write the plain value. - if (!effective_value) { - LOG(ERROR) << "GUID field has no effective value"; - return make_scoped_ptr<base::Value>(NULL); - } - - // DCHECK that all provided GUIDs are identical. - DCHECK(AllPresentValuesEqual(values, *effective_value)); - - // Return the un-augmented GUID. - return effective_value.Pass(); - } + if (!which_effective.empty()) { + augmented_value->SetStringWithoutPathExpansion( + ::onc::kAugmentationEffectiveSetting, which_effective); + } - if (!which_effective.empty()) { - augmented_value->SetStringWithoutPathExpansion( - ::onc::kAugmentationEffectiveSetting, which_effective); - } - bool is_credential = onc::FieldIsCredential(*signature_, key); - - // Prevent credentials from being forwarded in cleartext to - // UI. User/shared credentials are not stored separately, so they cannot - // leak here. - if (!is_credential) { - if (values.user_policy) { - augmented_value->SetWithoutPathExpansion( - ::onc::kAugmentationUserPolicy, values.user_policy->DeepCopy()); - } - if (values.device_policy) { - augmented_value->SetWithoutPathExpansion( - ::onc::kAugmentationDevicePolicy, - values.device_policy->DeepCopy()); - } - } - if (values.user_setting) { + // Prevent credentials from being forwarded in cleartext to + // UI. User/shared credentials are not stored separately, so they cannot + // leak here. + bool is_credential = onc::FieldIsCredential(*signature_, key); + if (!is_credential) { + if (values.user_policy) { augmented_value->SetWithoutPathExpansion( - ::onc::kAugmentationUserSetting, values.user_setting->DeepCopy()); + ::onc::kAugmentationUserPolicy, values.user_policy->DeepCopy()); } - if (values.shared_setting) { + if (values.device_policy) { augmented_value->SetWithoutPathExpansion( - ::onc::kAugmentationSharedSetting, - values.shared_setting->DeepCopy()); - } - if (HasUserPolicy() && values.user_editable) { - augmented_value->SetBooleanWithoutPathExpansion( - ::onc::kAugmentationUserEditable, true); - } - if (HasDevicePolicy() && values.device_editable) { - augmented_value->SetBooleanWithoutPathExpansion( - ::onc::kAugmentationDeviceEditable, true); + ::onc::kAugmentationDevicePolicy, + values.device_policy->DeepCopy()); } - } else { - // This field is not part of the provided ONCSignature, thus it cannot be - // controlled by policy. - augmented_value->SetStringWithoutPathExpansion( - ::onc::kAugmentationEffectiveSetting, ::onc::kAugmentationUnmanaged); + } + if (values.user_setting) { + augmented_value->SetWithoutPathExpansion( + ::onc::kAugmentationUserSetting, values.user_setting->DeepCopy()); + } + if (values.shared_setting) { + augmented_value->SetWithoutPathExpansion( + ::onc::kAugmentationSharedSetting, + values.shared_setting->DeepCopy()); + } + if (HasUserPolicy() && values.user_editable) { + augmented_value->SetBooleanWithoutPathExpansion( + ::onc::kAugmentationUserEditable, true); + } + if (HasDevicePolicy() && values.device_editable) { + augmented_value->SetBooleanWithoutPathExpansion( + ::onc::kAugmentationDeviceEditable, true); } if (augmented_value->empty()) augmented_value.reset(); diff --git a/chromeos/test/data/network/augmented_merge.json b/chromeos/test/data/network/augmented_merge.json index 48322b2..5c7c434 100644 --- a/chromeos/test/data/network/augmented_merge.json +++ b/chromeos/test/data/network/augmented_merge.json @@ -1,40 +1,19 @@ { - "ConnectionState": { - "Active": "Connected", - "Effective": "Unmanaged" - }, + "ConnectionState": "Connected", "GUID": "123", - "IPConfigs": { - "Active": [ { + "IPConfigs": [ { "Gateway": "2001:db8:85a3::7a2e:370:7331", "IPAddress": "2001:0db8:85a3:0000:0000:8a2e:0370:7334", "NameServers": [ ], "RoutingPrefix": 12, "Type": "IPv6" - } ], - "Effective": "Unmanaged" - }, + } ], "SavedIPConfig": { - "Gateway": { - "Active": "1.1.1.4", - "Effective": "Unmanaged" - }, - "IPAddress": { - "Active": "124.124.124.124", - "Effective": "Unmanaged" - }, - "NameServers": { - "Active": [ "1.1.1.5", "1.1.1.6" ], - "Effective": "Unmanaged" - }, - "RoutingPrefix": { - "Active": 25, - "Effective": "Unmanaged" - }, - "Type": { - "Active": "IPv4", - "Effective": "Unmanaged" - } + "Gateway": "1.1.1.4", + "IPAddress": "124.124.124.124", + "NameServers": [ "1.1.1.5", "1.1.1.6" ], + "RoutingPrefix": 25, + "Type": "IPv4", }, "StaticIPConfig": { "IPAddress": { |