#include "base/command_line.h"
#include "base/message_loop/message_loop.h"
#include "chrome/browser/chrome_notification_types.h"
-#include "chrome/browser/policy/browser_policy_connector.h"
-#include "chrome/browser/policy/cloud/device_management_service.h"
-#include "chrome/browser/policy/cloud/user_cloud_policy_manager.h"
#include "chrome/browser/policy/cloud/user_cloud_policy_manager_factory.h"
-#include "chrome/browser/signin/signin_manager.h"
+#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/signin/signin_manager_factory.h"
+#include "chrome/common/chrome_content_client.h"
#include "chrome/common/chrome_switches.h"
+#include "components/policy/core/browser/browser_policy_connector.h"
+#include "components/policy/core/common/cloud/device_management_service.h"
+#include "components/policy/core/common/cloud/system_policy_request_context.h"
+#include "components/policy/core/common/cloud/user_cloud_policy_manager.h"
+#include "components/policy/core/common/cloud/user_policy_request_context.h"
+#include "components/signin/core/browser/signin_manager.h"
#include "content/public/browser/notification_source.h"
#include "net/url_request/url_request_context_getter.h"
UserPolicySigninServiceBase::UserPolicySigninServiceBase(
Profile* profile,
PrefService* local_state,
- scoped_refptr<net::URLRequestContextGetter> request_context,
- DeviceManagementService* device_management_service)
- : profile_(profile),
+ DeviceManagementService* device_management_service,
+ UserCloudPolicyManager* policy_manager,
+ SigninManager* signin_manager,
+ scoped_refptr<net::URLRequestContextGetter> system_request_context)
+ : policy_manager_(policy_manager),
+ signin_manager_(signin_manager),
local_state_(local_state),
- request_context_(request_context),
device_management_service_(device_management_service),
+ system_request_context_(system_request_context),
weak_factory_(this) {
- // Initialize/shutdown the UserCloudPolicyManager when the user signs out.
- registrar_.Add(this,
- chrome::NOTIFICATION_GOOGLE_SIGNED_OUT,
- content::Source<Profile>(profile));
-
// Register a listener to be called back once the current profile has finished
- // initializing, so we can startup the UserCloudPolicyManager.
+ // initializing, so we can startup/shutdown the UserCloudPolicyManager.
registrar_.Add(this,
chrome::NOTIFICATION_PROFILE_ADDED,
content::Source<Profile>(profile));
UserPolicySigninServiceBase::~UserPolicySigninServiceBase() {}
void UserPolicySigninServiceBase::FetchPolicyForSignedInUser(
- scoped_ptr<CloudPolicyClient> client,
+ const std::string& username,
+ const std::string& dm_token,
+ const std::string& client_id,
+ scoped_refptr<net::URLRequestContextGetter> profile_request_context,
const PolicyFetchCallback& callback) {
- DCHECK(client);
+ scoped_ptr<CloudPolicyClient> client(
+ UserCloudPolicyManager::CreateCloudPolicyClient(
+ device_management_service_,
+ CreateUserRequestContext(profile_request_context)).Pass());
+ client->SetupRegistration(dm_token, client_id);
DCHECK(client->is_registered());
// The user has just signed in, so the UserCloudPolicyManager should not yet
// be initialized. This routine will initialize the UserCloudPolicyManager
// with the passed client and will proactively ask the client to fetch
// policy without waiting for the CloudPolicyService to finish initialization.
- UserCloudPolicyManager* manager = GetManager();
+ UserCloudPolicyManager* manager = policy_manager();
DCHECK(manager);
DCHECK(!manager->core()->client());
- InitializeUserCloudPolicyManager(client.Pass());
+ InitializeUserCloudPolicyManager(username, client.Pass());
DCHECK(manager->IsClientRegistered());
// Now initiate a policy fetch.
manager->core()->service()->RefreshPolicy(callback);
}
+void UserPolicySigninServiceBase::GoogleSignedOut(const std::string& username) {
+ ShutdownUserCloudPolicyManager();
+}
+
void UserPolicySigninServiceBase::Observe(
int type,
const content::NotificationSource& source,
const content::NotificationDetails& details) {
- // If using a TestingProfile with no SigninManager or UserCloudPolicyManager,
- // skip initialization.
- if (!GetManager() || !GetSigninManager()) {
- DVLOG(1) << "Skipping initialization for tests due to missing components.";
- return;
- }
-
switch (type) {
- case chrome::NOTIFICATION_GOOGLE_SIGNED_OUT:
- ShutdownUserCloudPolicyManager();
- break;
case chrome::NOTIFICATION_PROFILE_ADDED:
// A new profile has been loaded - if it's signed in, then initialize the
// UCPM, otherwise shut down the UCPM (which deletes any cached policy
// SSLConfigServiceManager have not been created yet).
// TODO(atwilson): Switch to using a timer instead, to avoid contention
// with other services at startup (http://crbug.com/165468).
- InitializeOnProfileReady();
+ InitializeOnProfileReady(content::Source<Profile>(source).ptr());
break;
default:
NOTREACHED();
}
void UserPolicySigninServiceBase::Shutdown() {
+ if (signin_manager())
+ signin_manager()->RemoveObserver(this);
PrepareForUserCloudPolicyManagerShutdown();
}
void UserPolicySigninServiceBase::PrepareForUserCloudPolicyManagerShutdown() {
- UserCloudPolicyManager* manager = GetManager();
+ UserCloudPolicyManager* manager = policy_manager();
if (manager && manager->core()->client())
manager->core()->client()->RemoveObserver(this);
if (manager && manager->core()->service())
manager->core()->service()->RemoveObserver(this);
}
-// static
-bool UserPolicySigninServiceBase::ShouldForceLoadPolicy() {
- return CommandLine::ForCurrentProcess()->HasSwitch(
- switches::kForceLoadCloudPolicy);
-}
-
-scoped_ptr<CloudPolicyClient> UserPolicySigninServiceBase::PrepareToRegister(
+scoped_ptr<CloudPolicyClient>
+UserPolicySigninServiceBase::CreateClientForRegistrationOnly(
const std::string& username) {
DCHECK(!username.empty());
// We should not be called with a client already initialized.
- DCHECK(!GetManager() || !GetManager()->core()->client());
+#if !defined(OS_IOS)
+ // On iOS we check if an account has policy while the profile is signed in
+ // to another account.
+ DCHECK(!policy_manager() || !policy_manager()->core()->client());
+#endif
// If the user should not get policy, just bail out.
- if (!GetManager() || !ShouldLoadPolicyForUser(username)) {
+ if (!policy_manager() || !ShouldLoadPolicyForUser(username)) {
DVLOG(1) << "Signed in user is not in the whitelist";
return scoped_ptr<CloudPolicyClient>();
}
// Create a new CloudPolicyClient for fetching the DMToken.
return UserCloudPolicyManager::CreateCloudPolicyClient(
- device_management_service_);
+ device_management_service_, CreateSystemRequestContext());
}
bool UserPolicySigninServiceBase::ShouldLoadPolicyForUser(
if (username.empty())
return false; // Not signed in.
- if (ShouldForceLoadPolicy())
- return true;
-
return !BrowserPolicyConnector::IsNonEnterpriseUser(username);
}
-void UserPolicySigninServiceBase::InitializeOnProfileReady() {
- std::string username = GetSigninManager()->GetAuthenticatedUsername();
+void UserPolicySigninServiceBase::InitializeOnProfileReady(Profile* profile) {
+ // If using a TestingProfile with no SigninManager or UserCloudPolicyManager,
+ // skip initialization.
+ if (!policy_manager() || !signin_manager()) {
+ DVLOG(1) << "Skipping initialization for tests due to missing components.";
+ return;
+ }
+
+ // Shutdown the UserCloudPolicyManager when the user signs out. We start
+ // observing the SigninManager here because we don't want to get signout
+ // notifications until after the profile has started initializing
+ // (http://crbug.com/316229).
+ signin_manager()->AddObserver(this);
+
+ std::string username = signin_manager()->GetAuthenticatedUsername();
if (username.empty())
ShutdownUserCloudPolicyManager();
else
- InitializeForSignedInUser(username);
+ InitializeForSignedInUser(username, profile->GetRequestContext());
}
void UserPolicySigninServiceBase::InitializeForSignedInUser(
- const std::string& username) {
+ const std::string& username,
+ scoped_refptr<net::URLRequestContextGetter> profile_request_context) {
DCHECK(!username.empty());
if (!ShouldLoadPolicyForUser(username)) {
DVLOG(1) << "Policy load not enabled for user: " << username;
return;
}
- UserCloudPolicyManager* manager = GetManager();
+ UserCloudPolicyManager* manager = policy_manager();
// Initialize the UCPM if it is not already initialized.
if (!manager->core()->service()) {
// If there is no cached DMToken then we can detect this when the
// OnInitializationCompleted() callback is invoked and this will
// initiate a policy fetch.
InitializeUserCloudPolicyManager(
+ username,
UserCloudPolicyManager::CreateCloudPolicyClient(
- device_management_service_).Pass());
+ device_management_service_,
+ CreateUserRequestContext(profile_request_context)).Pass());
+ } else {
+ manager->SetSigninUsername(username);
}
// If the CloudPolicyService is initialized, kick off registration.
}
void UserPolicySigninServiceBase::InitializeUserCloudPolicyManager(
+ const std::string& username,
scoped_ptr<CloudPolicyClient> client) {
- UserCloudPolicyManager* manager = GetManager();
+ DCHECK(client);
+ UserCloudPolicyManager* manager = policy_manager();
+ manager->SetSigninUsername(username);
DCHECK(!manager->core()->client());
- manager->Connect(local_state_, request_context_, client.Pass());
+ scoped_refptr<net::URLRequestContextGetter> context =
+ client->GetRequestContext();
+ manager->Connect(local_state_, context, client.Pass());
DCHECK(manager->core()->service());
// Observe the client to detect errors fetching policy.
void UserPolicySigninServiceBase::ShutdownUserCloudPolicyManager() {
PrepareForUserCloudPolicyManagerShutdown();
- UserCloudPolicyManager* manager = GetManager();
+ UserCloudPolicyManager* manager = policy_manager();
if (manager)
manager->DisconnectAndRemovePolicy();
}
-UserCloudPolicyManager* UserPolicySigninServiceBase::GetManager() {
- return UserCloudPolicyManagerFactory::GetForProfile(profile_);
+scoped_refptr<net::URLRequestContextGetter>
+UserPolicySigninServiceBase::CreateSystemRequestContext() {
+ return new SystemPolicyRequestContext(
+ system_request_context(), GetUserAgent());
}
-SigninManager* UserPolicySigninServiceBase::GetSigninManager() {
- return SigninManagerFactory::GetForProfile(profile_);
+scoped_refptr<net::URLRequestContextGetter>
+UserPolicySigninServiceBase::CreateUserRequestContext(
+ scoped_refptr<net::URLRequestContextGetter> profile_request_context) {
+ return new UserPolicyRequestContext(
+ profile_request_context, system_request_context(), GetUserAgent());
}
} // namespace policy