1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h"
9 #include "base/callback.h"
10 #include "base/logging.h"
11 #include "base/values.h"
12 #include "chrome/browser/chromeos/policy/device_local_account.h"
13 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
15 #include "chromeos/dbus/dbus_thread_manager.h"
16 #include "chromeos/dbus/update_engine_client.h"
17 #include "chromeos/settings/cros_settings_names.h"
18 #include "components/policy/core/common/external_data_fetcher.h"
19 #include "components/policy/core/common/policy_map.h"
20 #include "policy/policy_constants.h"
21 #include "third_party/cros_system_api/dbus/service_constants.h"
23 using google::protobuf::RepeatedField;
24 using google::protobuf::RepeatedPtrField;
26 namespace em = enterprise_management;
32 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership
33 // of the return Value*. Returns NULL in case the input value is out of bounds.
34 base::Value* DecodeIntegerValue(google::protobuf::int64 value) {
35 if (value < std::numeric_limits<int>::min() ||
36 value > std::numeric_limits<int>::max()) {
37 LOG(WARNING) << "Integer value " << value
38 << " out of numeric limits, ignoring.";
42 return base::Value::CreateIntegerValue(static_cast<int>(value));
45 base::Value* DecodeConnectionType(int value) {
46 static const char* const kConnectionTypes[] = {
50 shill::kTypeBluetooth,
54 if (value < 0 || value >= static_cast<int>(arraysize(kConnectionTypes)))
57 return base::Value::CreateStringValue(kConnectionTypes[value]);
60 void DecodeLoginPolicies(const em::ChromeDeviceSettingsProto& policy,
61 PolicyMap* policies) {
62 if (policy.has_guest_mode_enabled()) {
63 const em::GuestModeEnabledProto& container(policy.guest_mode_enabled());
64 if (container.has_guest_mode_enabled()) {
65 policies->Set(key::kDeviceGuestModeEnabled,
66 POLICY_LEVEL_MANDATORY,
68 base::Value::CreateBooleanValue(
69 container.guest_mode_enabled()),
74 if (policy.has_show_user_names()) {
75 const em::ShowUserNamesOnSigninProto& container(policy.show_user_names());
76 if (container.has_show_user_names()) {
77 policies->Set(key::kDeviceShowUserNamesOnSignin,
78 POLICY_LEVEL_MANDATORY,
80 base::Value::CreateBooleanValue(
81 container.show_user_names()),
86 if (policy.has_allow_new_users()) {
87 const em::AllowNewUsersProto& container(policy.allow_new_users());
88 if (container.has_allow_new_users()) {
89 policies->Set(key::kDeviceAllowNewUsers,
90 POLICY_LEVEL_MANDATORY,
92 base::Value::CreateBooleanValue(
93 container.allow_new_users()),
98 if (policy.has_user_whitelist()) {
99 const em::UserWhitelistProto& container(policy.user_whitelist());
100 base::ListValue* whitelist = new base::ListValue();
101 RepeatedPtrField<std::string>::const_iterator entry;
102 for (entry = container.user_whitelist().begin();
103 entry != container.user_whitelist().end();
105 whitelist->Append(base::Value::CreateStringValue(*entry));
107 policies->Set(key::kDeviceUserWhitelist,
108 POLICY_LEVEL_MANDATORY,
109 POLICY_SCOPE_MACHINE,
114 if (policy.has_ephemeral_users_enabled()) {
115 const em::EphemeralUsersEnabledProto& container(
116 policy.ephemeral_users_enabled());
117 if (container.has_ephemeral_users_enabled()) {
118 policies->Set(key::kDeviceEphemeralUsersEnabled,
119 POLICY_LEVEL_MANDATORY,
120 POLICY_SCOPE_MACHINE,
121 base::Value::CreateBooleanValue(
122 container.ephemeral_users_enabled()),
127 if (policy.has_device_local_accounts()) {
128 const em::DeviceLocalAccountsProto& container(
129 policy.device_local_accounts());
130 const RepeatedPtrField<em::DeviceLocalAccountInfoProto>& accounts =
132 scoped_ptr<base::ListValue> account_list(new base::ListValue());
133 RepeatedPtrField<em::DeviceLocalAccountInfoProto>::const_iterator entry;
134 for (entry = accounts.begin(); entry != accounts.end(); ++entry) {
135 scoped_ptr<base::DictionaryValue> entry_dict(
136 new base::DictionaryValue());
137 if (entry->has_type()) {
138 if (entry->has_account_id()) {
139 entry_dict->SetStringWithoutPathExpansion(
140 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
141 entry->account_id());
143 entry_dict->SetIntegerWithoutPathExpansion(
144 chromeos::kAccountsPrefDeviceLocalAccountsKeyType, entry->type());
145 if (entry->kiosk_app().has_app_id()) {
146 entry_dict->SetStringWithoutPathExpansion(
147 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
148 entry->kiosk_app().app_id());
150 } else if (entry->has_deprecated_public_session_id()) {
151 // Deprecated public session specification.
152 entry_dict->SetStringWithoutPathExpansion(
153 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
154 entry->deprecated_public_session_id());
155 entry_dict->SetIntegerWithoutPathExpansion(
156 chromeos::kAccountsPrefDeviceLocalAccountsKeyType,
157 DeviceLocalAccount::TYPE_PUBLIC_SESSION);
159 account_list->Append(entry_dict.release());
161 policies->Set(key::kDeviceLocalAccounts,
162 POLICY_LEVEL_MANDATORY,
163 POLICY_SCOPE_MACHINE,
164 account_list.release(),
166 if (container.has_auto_login_id()) {
167 policies->Set(key::kDeviceLocalAccountAutoLoginId,
168 POLICY_LEVEL_MANDATORY,
169 POLICY_SCOPE_MACHINE,
170 base::Value::CreateStringValue(container.auto_login_id()),
173 if (container.has_auto_login_delay()) {
174 policies->Set(key::kDeviceLocalAccountAutoLoginDelay,
175 POLICY_LEVEL_MANDATORY,
176 POLICY_SCOPE_MACHINE,
177 DecodeIntegerValue(container.auto_login_delay()),
180 if (container.has_enable_auto_login_bailout()) {
181 policies->Set(key::kDeviceLocalAccountAutoLoginBailoutEnabled,
182 POLICY_LEVEL_MANDATORY,
183 POLICY_SCOPE_MACHINE,
184 base::Value::CreateBooleanValue(
185 container.enable_auto_login_bailout()),
188 if (container.has_prompt_for_network_when_offline()) {
189 policies->Set(key::kDeviceLocalAccountPromptForNetworkWhenOffline,
190 POLICY_LEVEL_MANDATORY,
191 POLICY_SCOPE_MACHINE,
192 base::Value::CreateBooleanValue(
193 container.prompt_for_network_when_offline()),
198 if (policy.has_supervised_users_settings()) {
199 const em::SupervisedUsersSettingsProto& container =
200 policy.supervised_users_settings();
201 if (container.has_supervised_users_enabled()) {
202 base::Value* value = base::Value::CreateBooleanValue(
203 container.supervised_users_enabled());
204 policies->Set(key::kSupervisedUsersEnabled,
205 POLICY_LEVEL_MANDATORY,
206 POLICY_SCOPE_MACHINE,
213 void DecodeKioskPolicies(const em::ChromeDeviceSettingsProto& policy,
215 EnterpriseInstallAttributes* install_attributes) {
216 // No policies if this is not KIOSK.
217 if (install_attributes->GetMode() != DEVICE_MODE_RETAIL_KIOSK)
220 if (policy.has_forced_logout_timeouts()) {
221 const em::ForcedLogoutTimeoutsProto& container(
222 policy.forced_logout_timeouts());
223 if (container.has_idle_logout_timeout()) {
224 policies->Set(key::kDeviceIdleLogoutTimeout,
225 POLICY_LEVEL_MANDATORY,
226 POLICY_SCOPE_MACHINE,
227 DecodeIntegerValue(container.idle_logout_timeout()),
230 if (container.has_idle_logout_warning_duration()) {
231 policies->Set(key::kDeviceIdleLogoutWarningDuration,
232 POLICY_LEVEL_MANDATORY,
233 POLICY_SCOPE_MACHINE,
235 container.idle_logout_warning_duration()),
240 if (policy.has_login_screen_saver()) {
241 const em::ScreenSaverProto& container(
242 policy.login_screen_saver());
243 if (container.has_screen_saver_extension_id()) {
244 policies->Set(key::kDeviceLoginScreenSaverId,
245 POLICY_LEVEL_MANDATORY,
246 POLICY_SCOPE_MACHINE,
247 base::Value::CreateStringValue(
248 container.screen_saver_extension_id()),
251 if (container.has_screen_saver_timeout()) {
252 policies->Set(key::kDeviceLoginScreenSaverTimeout,
253 POLICY_LEVEL_MANDATORY,
254 POLICY_SCOPE_MACHINE,
255 DecodeIntegerValue(container.screen_saver_timeout()),
260 if (policy.has_app_pack()) {
261 const em::AppPackProto& container(policy.app_pack());
262 base::ListValue* app_pack_list = new base::ListValue();
263 for (int i = 0; i < container.app_pack_size(); ++i) {
264 const em::AppPackEntryProto& entry(container.app_pack(i));
265 if (entry.has_extension_id() && entry.has_update_url()) {
266 base::DictionaryValue* dict = new base::DictionaryValue();
267 dict->SetString(chromeos::kAppPackKeyExtensionId, entry.extension_id());
268 dict->SetString(chromeos::kAppPackKeyUpdateUrl, entry.update_url());
269 app_pack_list->Append(dict);
272 policies->Set(key::kDeviceAppPack,
273 POLICY_LEVEL_MANDATORY,
274 POLICY_SCOPE_MACHINE,
279 if (policy.has_pinned_apps()) {
280 const em::PinnedAppsProto& container(policy.pinned_apps());
281 base::ListValue* pinned_apps_list = new base::ListValue();
282 for (int i = 0; i < container.app_id_size(); ++i) {
283 pinned_apps_list->Append(
284 base::Value::CreateStringValue(container.app_id(i)));
287 policies->Set(key::kPinnedLauncherApps,
288 POLICY_LEVEL_RECOMMENDED,
289 POLICY_SCOPE_MACHINE,
295 void DecodeNetworkPolicies(const em::ChromeDeviceSettingsProto& policy,
297 EnterpriseInstallAttributes* install_attributes) {
298 if (policy.has_device_proxy_settings()) {
299 const em::DeviceProxySettingsProto& container(
300 policy.device_proxy_settings());
301 scoped_ptr<base::DictionaryValue> proxy_settings(new base::DictionaryValue);
302 if (container.has_proxy_mode())
303 proxy_settings->SetString(key::kProxyMode, container.proxy_mode());
304 if (container.has_proxy_server())
305 proxy_settings->SetString(key::kProxyServer, container.proxy_server());
306 if (container.has_proxy_pac_url())
307 proxy_settings->SetString(key::kProxyPacUrl, container.proxy_pac_url());
308 if (container.has_proxy_bypass_list()) {
309 proxy_settings->SetString(key::kProxyBypassList,
310 container.proxy_bypass_list());
313 // Figure out the level. Proxy policy is mandatory in kiosk mode.
314 PolicyLevel level = POLICY_LEVEL_RECOMMENDED;
315 if (install_attributes->GetMode() == DEVICE_MODE_RETAIL_KIOSK)
316 level = POLICY_LEVEL_MANDATORY;
318 if (!proxy_settings->empty()) {
319 policies->Set(key::kProxySettings,
321 POLICY_SCOPE_MACHINE,
322 proxy_settings.release(),
327 if (policy.has_data_roaming_enabled()) {
328 const em::DataRoamingEnabledProto& container(policy.data_roaming_enabled());
329 if (container.has_data_roaming_enabled()) {
330 policies->Set(key::kDeviceDataRoamingEnabled,
331 POLICY_LEVEL_MANDATORY,
332 POLICY_SCOPE_MACHINE,
333 base::Value::CreateBooleanValue(
334 container.data_roaming_enabled()),
339 if (policy.has_open_network_configuration() &&
340 policy.open_network_configuration().has_open_network_configuration()) {
342 policy.open_network_configuration().open_network_configuration());
343 policies->Set(key::kDeviceOpenNetworkConfiguration,
344 POLICY_LEVEL_MANDATORY,
345 POLICY_SCOPE_MACHINE,
346 base::Value::CreateStringValue(config),
351 void DecodeReportingPolicies(const em::ChromeDeviceSettingsProto& policy,
352 PolicyMap* policies) {
353 if (policy.has_device_reporting()) {
354 const em::DeviceReportingProto& container(policy.device_reporting());
355 if (container.has_report_version_info()) {
356 policies->Set(key::kReportDeviceVersionInfo,
357 POLICY_LEVEL_MANDATORY,
358 POLICY_SCOPE_MACHINE,
359 base::Value::CreateBooleanValue(
360 container.report_version_info()),
363 if (container.has_report_activity_times()) {
364 policies->Set(key::kReportDeviceActivityTimes,
365 POLICY_LEVEL_MANDATORY,
366 POLICY_SCOPE_MACHINE,
367 base::Value::CreateBooleanValue(
368 container.report_activity_times()),
371 if (container.has_report_boot_mode()) {
372 policies->Set(key::kReportDeviceBootMode,
373 POLICY_LEVEL_MANDATORY,
374 POLICY_SCOPE_MACHINE,
375 base::Value::CreateBooleanValue(
376 container.report_boot_mode()),
379 if (container.has_report_location()) {
380 policies->Set(key::kReportDeviceLocation,
381 POLICY_LEVEL_MANDATORY,
382 POLICY_SCOPE_MACHINE,
383 base::Value::CreateBooleanValue(
384 container.report_location()),
387 if (container.has_report_network_interfaces()) {
388 policies->Set(key::kReportDeviceNetworkInterfaces,
389 POLICY_LEVEL_MANDATORY,
390 POLICY_SCOPE_MACHINE,
391 base::Value::CreateBooleanValue(
392 container.report_network_interfaces()),
395 if (container.has_report_users()) {
396 policies->Set(key::kReportDeviceUsers,
397 POLICY_LEVEL_MANDATORY,
398 POLICY_SCOPE_MACHINE,
399 base::Value::CreateBooleanValue(container.report_users()),
405 void DecodeAutoUpdatePolicies(const em::ChromeDeviceSettingsProto& policy,
406 PolicyMap* policies) {
407 if (policy.has_release_channel()) {
408 const em::ReleaseChannelProto& container(policy.release_channel());
409 if (container.has_release_channel()) {
410 std::string channel(container.release_channel());
411 policies->Set(key::kChromeOsReleaseChannel,
412 POLICY_LEVEL_MANDATORY,
413 POLICY_SCOPE_MACHINE,
414 base::Value::CreateStringValue(channel),
416 // TODO(dubroy): Once http://crosbug.com/17015 is implemented, we won't
417 // have to pass the channel in here, only ping the update engine to tell
418 // it to fetch the channel from the policy.
419 chromeos::DBusThreadManager::Get()->GetUpdateEngineClient()->
420 SetChannel(channel, false);
422 if (container.has_release_channel_delegated()) {
423 policies->Set(key::kChromeOsReleaseChannelDelegated,
424 POLICY_LEVEL_MANDATORY,
425 POLICY_SCOPE_MACHINE,
426 base::Value::CreateBooleanValue(
427 container.release_channel_delegated()),
432 if (policy.has_auto_update_settings()) {
433 const em::AutoUpdateSettingsProto& container(policy.auto_update_settings());
434 if (container.has_update_disabled()) {
435 policies->Set(key::kDeviceAutoUpdateDisabled,
436 POLICY_LEVEL_MANDATORY,
437 POLICY_SCOPE_MACHINE,
438 base::Value::CreateBooleanValue(
439 container.update_disabled()),
443 if (container.has_target_version_prefix()) {
444 policies->Set(key::kDeviceTargetVersionPrefix,
445 POLICY_LEVEL_MANDATORY,
446 POLICY_SCOPE_MACHINE,
447 base::Value::CreateStringValue(
448 container.target_version_prefix()),
452 // target_version_display_name is not actually a policy, but a display
453 // string for target_version_prefix, so we ignore it.
455 if (container.has_scatter_factor_in_seconds()) {
456 policies->Set(key::kDeviceUpdateScatterFactor,
457 POLICY_LEVEL_MANDATORY,
458 POLICY_SCOPE_MACHINE,
459 base::Value::CreateIntegerValue(
460 container.scatter_factor_in_seconds()),
464 if (container.allowed_connection_types_size()) {
465 base::ListValue* allowed_connection_types = new base::ListValue();
466 RepeatedField<int>::const_iterator entry;
467 for (entry = container.allowed_connection_types().begin();
468 entry != container.allowed_connection_types().end();
470 base::Value* value = DecodeConnectionType(*entry);
472 allowed_connection_types->Append(value);
474 policies->Set(key::kDeviceUpdateAllowedConnectionTypes,
475 POLICY_LEVEL_MANDATORY,
476 POLICY_SCOPE_MACHINE,
477 allowed_connection_types,
481 if (container.has_http_downloads_enabled()) {
483 key::kDeviceUpdateHttpDownloadsEnabled,
484 POLICY_LEVEL_MANDATORY,
485 POLICY_SCOPE_MACHINE,
486 base::Value::CreateBooleanValue(container.http_downloads_enabled()),
490 if (container.has_reboot_after_update()) {
491 policies->Set(key::kRebootAfterUpdate,
492 POLICY_LEVEL_MANDATORY,
493 POLICY_SCOPE_MACHINE,
494 base::Value::CreateBooleanValue(
495 container.reboot_after_update()),
499 if (container.has_p2p_enabled()) {
500 policies->Set(key::kDeviceAutoUpdateP2PEnabled,
501 POLICY_LEVEL_MANDATORY,
502 POLICY_SCOPE_MACHINE,
503 base::Value::CreateBooleanValue(container.p2p_enabled()),
509 void DecodeAccessibilityPolicies(const em::ChromeDeviceSettingsProto& policy,
510 PolicyMap* policies) {
511 if (policy.has_accessibility_settings()) {
512 const em::AccessibilitySettingsProto&
513 container(policy.accessibility_settings());
515 if (container.has_login_screen_default_large_cursor_enabled()) {
517 key::kDeviceLoginScreenDefaultLargeCursorEnabled,
518 POLICY_LEVEL_MANDATORY,
519 POLICY_SCOPE_MACHINE,
520 base::Value::CreateBooleanValue(
521 container.login_screen_default_large_cursor_enabled()),
525 if (container.has_login_screen_default_spoken_feedback_enabled()) {
527 key::kDeviceLoginScreenDefaultSpokenFeedbackEnabled,
528 POLICY_LEVEL_MANDATORY,
529 POLICY_SCOPE_MACHINE,
530 base::Value::CreateBooleanValue(
531 container.login_screen_default_spoken_feedback_enabled()),
535 if (container.has_login_screen_default_high_contrast_enabled()) {
537 key::kDeviceLoginScreenDefaultHighContrastEnabled,
538 POLICY_LEVEL_MANDATORY,
539 POLICY_SCOPE_MACHINE,
540 base::Value::CreateBooleanValue(
541 container.login_screen_default_high_contrast_enabled()),
545 if (container.has_login_screen_default_screen_magnifier_type()) {
547 key::kDeviceLoginScreenDefaultScreenMagnifierType,
548 POLICY_LEVEL_MANDATORY,
549 POLICY_SCOPE_MACHINE,
551 container.login_screen_default_screen_magnifier_type()),
554 if (container.has_login_screen_default_virtual_keyboard_enabled()) {
556 key::kDeviceLoginScreenDefaultVirtualKeyboardEnabled,
557 POLICY_LEVEL_MANDATORY,
558 POLICY_SCOPE_MACHINE,
559 base::Value::CreateBooleanValue(
560 container.login_screen_default_virtual_keyboard_enabled()),
566 void DecodeGenericPolicies(const em::ChromeDeviceSettingsProto& policy,
567 PolicyMap* policies) {
568 if (policy.has_device_policy_refresh_rate()) {
569 const em::DevicePolicyRefreshRateProto& container(
570 policy.device_policy_refresh_rate());
571 if (container.has_device_policy_refresh_rate()) {
572 policies->Set(key::kDevicePolicyRefreshRate,
573 POLICY_LEVEL_MANDATORY,
574 POLICY_SCOPE_MACHINE,
575 DecodeIntegerValue(container.device_policy_refresh_rate()),
580 if (policy.has_metrics_enabled()) {
581 const em::MetricsEnabledProto& container(policy.metrics_enabled());
582 if (container.has_metrics_enabled()) {
583 policies->Set(key::kDeviceMetricsReportingEnabled,
584 POLICY_LEVEL_MANDATORY,
585 POLICY_SCOPE_MACHINE,
586 base::Value::CreateBooleanValue(
587 container.metrics_enabled()),
592 if (policy.has_start_up_urls()) {
593 const em::StartUpUrlsProto& container(policy.start_up_urls());
594 base::ListValue* urls = new base::ListValue();
595 RepeatedPtrField<std::string>::const_iterator entry;
596 for (entry = container.start_up_urls().begin();
597 entry != container.start_up_urls().end();
599 urls->Append(base::Value::CreateStringValue(*entry));
601 policies->Set(key::kDeviceStartUpUrls,
602 POLICY_LEVEL_MANDATORY,
603 POLICY_SCOPE_MACHINE,
608 if (policy.has_system_timezone()) {
609 if (policy.system_timezone().has_timezone()) {
610 policies->Set(key::kSystemTimezone,
611 POLICY_LEVEL_MANDATORY,
612 POLICY_SCOPE_MACHINE,
613 base::Value::CreateStringValue(
614 policy.system_timezone().timezone()),
619 if (policy.has_use_24hour_clock()) {
620 if (policy.use_24hour_clock().has_use_24hour_clock()) {
621 policies->Set(key::kSystemUse24HourClock,
622 POLICY_LEVEL_MANDATORY,
623 POLICY_SCOPE_MACHINE,
624 base::Value::CreateBooleanValue(
625 policy.use_24hour_clock().use_24hour_clock()),
630 if (policy.has_allow_redeem_offers()) {
631 const em::AllowRedeemChromeOsRegistrationOffersProto& container(
632 policy.allow_redeem_offers());
633 if (container.has_allow_redeem_offers()) {
634 policies->Set(key::kDeviceAllowRedeemChromeOsRegistrationOffers,
635 POLICY_LEVEL_MANDATORY,
636 POLICY_SCOPE_MACHINE,
637 base::Value::CreateBooleanValue(
638 container.allow_redeem_offers()),
643 if (policy.has_uptime_limit()) {
644 const em::UptimeLimitProto& container(policy.uptime_limit());
645 if (container.has_uptime_limit()) {
646 policies->Set(key::kUptimeLimit,
647 POLICY_LEVEL_MANDATORY,
648 POLICY_SCOPE_MACHINE,
649 DecodeIntegerValue(container.uptime_limit()),
654 if (policy.has_start_up_flags()) {
655 const em::StartUpFlagsProto& container(policy.start_up_flags());
656 base::ListValue* flags = new base::ListValue();
657 RepeatedPtrField<std::string>::const_iterator entry;
658 for (entry = container.flags().begin();
659 entry != container.flags().end();
661 flags->Append(base::Value::CreateStringValue(*entry));
663 policies->Set(key::kDeviceStartUpFlags,
664 POLICY_LEVEL_MANDATORY,
665 POLICY_SCOPE_MACHINE,
670 if (policy.has_variations_parameter()) {
671 if (policy.variations_parameter().has_parameter()) {
672 policies->Set(key::kDeviceVariationsRestrictParameter,
673 POLICY_LEVEL_MANDATORY,
674 POLICY_SCOPE_MACHINE,
675 base::Value::CreateStringValue(
676 policy.variations_parameter().parameter()),
681 if (policy.has_attestation_settings()) {
682 if (policy.attestation_settings().has_attestation_enabled()) {
683 policies->Set(key::kAttestationEnabledForDevice,
684 POLICY_LEVEL_MANDATORY,
685 POLICY_SCOPE_MACHINE,
686 base::Value::CreateBooleanValue(
687 policy.attestation_settings().attestation_enabled()),
690 if (policy.attestation_settings().has_content_protection_enabled()) {
692 key::kAttestationForContentProtectionEnabled,
693 POLICY_LEVEL_MANDATORY,
694 POLICY_SCOPE_MACHINE,
695 base::Value::CreateBooleanValue(
696 policy.attestation_settings().content_protection_enabled()),
701 if (policy.has_login_screen_power_management()) {
702 const em::LoginScreenPowerManagementProto& container(
703 policy.login_screen_power_management());
704 if (container.has_login_screen_power_management()) {
705 policies->Set(key::kDeviceLoginScreenPowerManagement,
706 POLICY_LEVEL_MANDATORY,
707 POLICY_SCOPE_MACHINE,
708 base::Value::CreateStringValue(
709 container.login_screen_power_management()),
713 if (policy.has_auto_clean_up_settings()) {
714 const em::AutoCleanupSettigsProto& container(
715 policy.auto_clean_up_settings());
716 if (container.has_clean_up_strategy()) {
717 policies->Set(key::kAutoCleanUpStrategy,
718 POLICY_LEVEL_MANDATORY,
719 POLICY_SCOPE_MACHINE,
720 base::Value::CreateStringValue(
721 container.clean_up_strategy()),
729 void DecodeDevicePolicy(const em::ChromeDeviceSettingsProto& policy,
731 EnterpriseInstallAttributes* install_attributes) {
732 // TODO(achuith): Remove this once crbug.com/263527 is resolved.
733 VLOG(2) << "DecodeDevicePolicy " << policy.SerializeAsString();
735 // Decode the various groups of policies.
736 DecodeLoginPolicies(policy, policies);
737 DecodeKioskPolicies(policy, policies, install_attributes);
738 DecodeNetworkPolicies(policy, policies, install_attributes);
739 DecodeReportingPolicies(policy, policies);
740 DecodeAutoUpdatePolicies(policy, policies);
741 DecodeAccessibilityPolicies(policy, policies);
742 DecodeGenericPolicies(policy, policies);
745 } // namespace policy
projects / platform / framework / web / crosswalk.git / blob