Check USB device path access when prompting users to select a device.
[chromium-blink-merge.git] / chrome / browser / chromeos / proxy_config_service_impl.cc
blob8b59c5d3872c05245466d2f82a228a8e3bcd14dc
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/proxy_config_service_impl.h"
7 #include "base/bind.h"
8 #include "base/bind_helpers.h"
9 #include "base/callback.h"
10 #include "base/location.h"
11 #include "base/logging.h"
12 #include "base/prefs/pref_service.h"
13 #include "base/values.h"
14 #include "chrome/browser/browser_process.h"
15 #include "chrome/browser/chromeos/net/proxy_config_handler.h"
16 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
17 #include "chrome/browser/prefs/proxy_config_dictionary.h"
18 #include "chrome/browser/prefs/proxy_prefs.h"
19 #include "chrome/common/pref_names.h"
20 #include "chromeos/network/network_profile.h"
21 #include "chromeos/network/network_profile_handler.h"
22 #include "chromeos/network/network_state.h"
23 #include "chromeos/network/network_state_handler.h"
24 #include "chromeos/network/onc/onc_utils.h"
25 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
26 #include "components/user_manager/user_manager.h"
28 namespace chromeos {
30 namespace {
32 // Writes the proxy config of |network| to |proxy_config|. Set |onc_source| to
33 // the source of this configuration. Returns false if no
34 // proxy was configured for this network.
35 bool GetProxyConfig(const PrefService* profile_prefs,
36 const PrefService* local_state_prefs,
37 const NetworkState& network,
38 net::ProxyConfig* proxy_config,
39 ::onc::ONCSource* onc_source) {
40 scoped_ptr<ProxyConfigDictionary> proxy_dict =
41 proxy_config::GetProxyConfigForNetwork(
42 profile_prefs, local_state_prefs, network, onc_source);
43 if (!proxy_dict)
44 return false;
45 return PrefProxyConfigTrackerImpl::PrefConfigToNetConfig(*proxy_dict,
46 proxy_config);
49 } // namespace
51 ProxyConfigServiceImpl::ProxyConfigServiceImpl(PrefService* profile_prefs,
52 PrefService* local_state_prefs)
53 : PrefProxyConfigTrackerImpl(profile_prefs ? profile_prefs
54 : local_state_prefs),
55 active_config_state_(ProxyPrefs::CONFIG_UNSET),
56 profile_prefs_(profile_prefs),
57 local_state_prefs_(local_state_prefs),
58 pointer_factory_(this) {
59 const base::Closure proxy_change_callback = base::Bind(
60 &ProxyConfigServiceImpl::OnProxyPrefChanged, base::Unretained(this));
62 if (profile_prefs) {
63 profile_pref_registrar_.Init(profile_prefs);
64 profile_pref_registrar_.Add(prefs::kOpenNetworkConfiguration,
65 proxy_change_callback);
66 profile_pref_registrar_.Add(prefs::kUseSharedProxies,
67 proxy_change_callback);
69 local_state_pref_registrar_.Init(local_state_prefs);
70 local_state_pref_registrar_.Add(prefs::kDeviceOpenNetworkConfiguration,
71 proxy_change_callback);
73 // Register for changes to the default network.
74 NetworkStateHandler* state_handler =
75 NetworkHandler::Get()->network_state_handler();
76 state_handler->AddObserver(this, FROM_HERE);
77 DefaultNetworkChanged(state_handler->DefaultNetwork());
80 ProxyConfigServiceImpl::~ProxyConfigServiceImpl() {
81 if (NetworkHandler::IsInitialized()) {
82 NetworkHandler::Get()->network_state_handler()->RemoveObserver(
83 this, FROM_HERE);
87 void ProxyConfigServiceImpl::OnProxyConfigChanged(
88 ProxyPrefs::ConfigState config_state,
89 const net::ProxyConfig& config) {
90 VLOG(1) << "Got prefs change: "
91 << ProxyPrefs::ConfigStateToDebugString(config_state)
92 << ", mode=" << config.proxy_rules().type;
93 DetermineEffectiveConfigFromDefaultNetwork();
96 void ProxyConfigServiceImpl::OnProxyPrefChanged() {
97 DetermineEffectiveConfigFromDefaultNetwork();
100 void ProxyConfigServiceImpl::DefaultNetworkChanged(
101 const NetworkState* new_network) {
102 std::string new_network_path;
103 if (new_network)
104 new_network_path = new_network->path();
106 VLOG(1) << "DefaultNetworkChanged to '" << new_network_path << "'.";
107 VLOG_IF(1, new_network) << "New network: name=" << new_network->name()
108 << ", profile=" << new_network->profile_path();
110 // Even if the default network is the same, its proxy config (e.g. if private
111 // version of network replaces the shared version after login), or
112 // use-shared-proxies setting (e.g. after login) may have changed, so
113 // re-determine effective proxy config, and activate if different.
114 DetermineEffectiveConfigFromDefaultNetwork();
117 // static
118 bool ProxyConfigServiceImpl::IgnoreProxy(const PrefService* profile_prefs,
119 const std::string network_profile_path,
120 ::onc::ONCSource onc_source) {
121 if (!profile_prefs) {
122 // If the profile preference are not available, this must be the object
123 // associated to local state used for system requests or login-profile. Make
124 // sure that proxies are enabled.
125 VLOG(1) << "Use proxy for system requests and sign-in screen.";
126 return false;
129 if (network_profile_path.empty())
130 return true;
132 const NetworkProfile* profile = NetworkHandler::Get()
133 ->network_profile_handler()->GetProfileForPath(network_profile_path);
134 if (!profile) {
135 VLOG(1) << "Unknown profile_path '" << network_profile_path
136 << "'. Ignoring proxy.";
137 return true;
139 if (profile->type() == NetworkProfile::TYPE_USER) {
140 VLOG(1) << "Respect proxy of not-shared networks.";
141 return false;
143 if (onc_source == ::onc::ONC_SOURCE_USER_POLICY) {
144 // Note that this case can occur if the network is shared (e.g. ethernet)
145 // but the proxy is determined by user policy.
146 // See https://crbug.com/454966 .
147 VLOG(1) << "Respect proxy from user policy although network is shared.";
148 return false;
150 if (onc_source == ::onc::ONC_SOURCE_DEVICE_POLICY) {
151 policy::BrowserPolicyConnectorChromeOS* connector =
152 g_browser_process->platform_part()->browser_policy_connector_chromeos();
153 const user_manager::User* logged_in_user =
154 user_manager::UserManager::Get()->GetLoggedInUser();
155 if (connector->GetUserAffiliation(logged_in_user->email()) ==
156 policy::USER_AFFILIATION_MANAGED) {
157 VLOG(1) << "Respecting proxy for network, as logged-in user belongs to "
158 << "the domain the device is enrolled to.";
159 return false;
163 // This network is shared and not managed by the user's domain.
164 bool use_shared_proxies = profile_prefs->GetBoolean(prefs::kUseSharedProxies);
165 VLOG(1) << "Use proxy of shared network: " << use_shared_proxies;
166 return !use_shared_proxies;
169 void ProxyConfigServiceImpl::DetermineEffectiveConfigFromDefaultNetwork() {
170 NetworkStateHandler* handler = NetworkHandler::Get()->network_state_handler();
171 const NetworkState* network = handler->DefaultNetwork();
173 // Get prefs proxy config if available.
174 net::ProxyConfig pref_config;
175 ProxyPrefs::ConfigState pref_state = GetProxyConfig(&pref_config);
177 // Get network proxy config if available.
178 net::ProxyConfig network_config;
179 net::ProxyConfigService::ConfigAvailability network_availability =
180 net::ProxyConfigService::CONFIG_UNSET;
181 bool ignore_proxy = true;
182 if (network) {
183 ::onc::ONCSource onc_source = ::onc::ONC_SOURCE_NONE;
184 const bool network_proxy_configured = chromeos::GetProxyConfig(
185 prefs(), local_state_prefs_, *network, &network_config, &onc_source);
186 ignore_proxy =
187 IgnoreProxy(profile_prefs_, network->profile_path(), onc_source);
189 // If network is shared but use-shared-proxies is off, use direct mode.
190 if (ignore_proxy) {
191 network_config = net::ProxyConfig();
192 network_availability = net::ProxyConfigService::CONFIG_VALID;
193 } else if (network_proxy_configured) {
194 // Network is private or shared with user using shared proxies.
195 VLOG(1) << this << ": using proxy of network " << network->path();
196 network_availability = net::ProxyConfigService::CONFIG_VALID;
200 // Determine effective proxy config, either from prefs or network.
201 ProxyPrefs::ConfigState effective_config_state;
202 net::ProxyConfig effective_config;
203 GetEffectiveProxyConfig(pref_state, pref_config,
204 network_availability, network_config, ignore_proxy,
205 &effective_config_state, &effective_config);
207 // Activate effective proxy and store into |active_config_|.
208 // If last update didn't complete, we definitely update now.
209 bool update_now = update_pending();
210 if (!update_now) { // Otherwise, only update now if there're changes.
211 update_now = active_config_state_ != effective_config_state ||
212 (active_config_state_ != ProxyPrefs::CONFIG_UNSET &&
213 !active_config_.Equals(effective_config));
215 if (update_now) { // Activate and store new effective config.
216 active_config_state_ = effective_config_state;
217 if (active_config_state_ != ProxyPrefs::CONFIG_UNSET)
218 active_config_ = effective_config;
219 // If effective config is from system (i.e. network), it's considered a
220 // special kind of prefs that ranks below policy/extension but above
221 // others, so bump it up to CONFIG_OTHER_PRECEDE to force its precedence
222 // when PrefProxyConfigTrackerImpl pushes it to ChromeProxyConfigService.
223 if (effective_config_state == ProxyPrefs::CONFIG_SYSTEM)
224 effective_config_state = ProxyPrefs::CONFIG_OTHER_PRECEDE;
225 // If config is manual, add rule to bypass local host.
226 if (effective_config.proxy_rules().type !=
227 net::ProxyConfig::ProxyRules::TYPE_NO_RULES) {
228 effective_config.proxy_rules().bypass_rules.AddRuleToBypassLocal();
230 PrefProxyConfigTrackerImpl::OnProxyConfigChanged(effective_config_state,
231 effective_config);
232 if (VLOG_IS_ON(1) && !update_pending()) { // Update was successful.
233 scoped_ptr<base::DictionaryValue> config_dict(effective_config.ToValue());
234 VLOG(1) << this << ": Proxy changed: "
235 << ProxyPrefs::ConfigStateToDebugString(active_config_state_)
236 << ", " << *config_dict;
241 } // namespace chromeos