Revert of Add button to add new FSP services to Files app. (patchset #8 id:140001...
[chromium-blink-merge.git] / chrome / browser / chromeos / policy / device_cloud_policy_manager_chromeos.cc
blob7595eae10cf45fb05893bc262be79a4645bcd27e
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
7 #include "base/bind.h"
8 #include "base/bind_helpers.h"
9 #include "base/callback.h"
10 #include "base/command_line.h"
11 #include "base/logging.h"
12 #include "base/port.h"
13 #include "base/prefs/pref_registry_simple.h"
14 #include "base/prefs/pref_service.h"
15 #include "base/strings/string_number_conversions.h"
16 #include "base/time/time.h"
17 #include "chrome/browser/browser_process.h"
18 #include "chrome/browser/chromeos/attestation/attestation_policy_observer.h"
19 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h"
20 #include "chrome/browser/chromeos/login/startup_utils.h"
21 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h"
22 #include "chrome/browser/chromeos/policy/device_status_collector.h"
23 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
24 #include "chrome/browser/chromeos/policy/heartbeat_scheduler.h"
25 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h"
26 #include "chrome/browser/chromeos/policy/status_uploader.h"
27 #include "chrome/common/pref_names.h"
28 #include "chromeos/chromeos_constants.h"
29 #include "chromeos/chromeos_switches.h"
30 #include "chromeos/system/statistics_provider.h"
31 #include "components/policy/core/common/cloud/cloud_policy_core.h"
32 #include "components/policy/core/common/cloud/cloud_policy_service.h"
33 #include "components/policy/core/common/cloud/cloud_policy_store.h"
34 #include "content/public/browser/browser_thread.h"
35 #include "crypto/sha2.h"
36 #include "policy/proto/device_management_backend.pb.h"
37 #include "url/gurl.h"
39 using content::BrowserThread;
41 namespace em = enterprise_management;
43 namespace policy {
45 namespace {
47 const char kNoRequisition[] = "none";
48 const char kRemoraRequisition[] = "remora";
49 const char kSharkRequisition[] = "shark";
51 // These are the machine serial number keys that we check in order until we
52 // find a non-empty serial number. The VPD spec says the serial number should be
53 // in the "serial_number" key for v2+ VPDs. However, legacy devices used a
54 // different key to report their serial number, which we fall back to if
55 // "serial_number" is not present.
57 // Product_S/N is still special-cased due to inconsistencies with serial
58 // numbers on Lumpy devices: On these devices, serial_number is identical to
59 // Product_S/N with an appended checksum. Unfortunately, the sticker on the
60 // packaging doesn't include that checksum either (the sticker on the device
61 // does though!). The former sticker is the source of the serial number used by
62 // device management service, so we prefer Product_S/N over serial number to
63 // match the server.
65 // TODO(mnissler): Move serial_number back to the top once the server side uses
66 // the correct serial number.
67 const char* const kMachineInfoSerialNumberKeys[] = {
68 "Product_S/N", // Lumpy/Alex devices
69 "serial_number", // VPD v2+ devices
70 "Product_SN", // Mario
71 "sn", // old ZGB devices (more recent ones use serial_number)
74 // Fetches a machine statistic value from StatisticsProvider, returns an empty
75 // string on failure.
76 std::string GetMachineStatistic(const std::string& key) {
77 std::string value;
78 chromeos::system::StatisticsProvider* provider =
79 chromeos::system::StatisticsProvider::GetInstance();
80 if (!provider->GetMachineStatistic(key, &value))
81 return std::string();
83 return value;
86 // Gets a machine flag from StatisticsProvider, returns the given
87 // |default_value| if not present.
88 bool GetMachineFlag(const std::string& key, bool default_value) {
89 bool value = default_value;
90 chromeos::system::StatisticsProvider* provider =
91 chromeos::system::StatisticsProvider::GetInstance();
92 if (!provider->GetMachineFlag(key, &value))
93 return default_value;
95 return value;
98 // Checks whether forced re-enrollment is enabled.
99 bool ForcedReEnrollmentEnabled() {
100 return chromeos::AutoEnrollmentController::GetMode() ==
101 chromeos::AutoEnrollmentController::MODE_FORCED_RE_ENROLLMENT;
104 } // namespace
106 DeviceCloudPolicyManagerChromeOS::DeviceCloudPolicyManagerChromeOS(
107 scoped_ptr<DeviceCloudPolicyStoreChromeOS> store,
108 const scoped_refptr<base::SequencedTaskRunner>& task_runner,
109 ServerBackedStateKeysBroker* state_keys_broker)
110 : CloudPolicyManager(
111 dm_protocol::kChromeDevicePolicyType,
112 std::string(),
113 store.get(),
114 task_runner,
115 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
116 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)),
117 device_store_(store.Pass()),
118 state_keys_broker_(state_keys_broker),
119 task_runner_(task_runner),
120 local_state_(nullptr) {
123 DeviceCloudPolicyManagerChromeOS::~DeviceCloudPolicyManagerChromeOS() {}
125 void DeviceCloudPolicyManagerChromeOS::Initialize(PrefService* local_state) {
126 CHECK(local_state);
128 local_state_ = local_state;
130 state_keys_update_subscription_ = state_keys_broker_->RegisterUpdateCallback(
131 base::Bind(&DeviceCloudPolicyManagerChromeOS::OnStateKeysUpdated,
132 base::Unretained(this)));
134 InitializeRequisition();
137 void DeviceCloudPolicyManagerChromeOS::AddDeviceCloudPolicyManagerObserver(
138 Observer* observer) {
139 observers_.AddObserver(observer);
142 void DeviceCloudPolicyManagerChromeOS::RemoveDeviceCloudPolicyManagerObserver(
143 Observer* observer) {
144 observers_.RemoveObserver(observer);
147 std::string DeviceCloudPolicyManagerChromeOS::GetDeviceRequisition() const {
148 std::string requisition;
149 const PrefService::Preference* pref = local_state_->FindPreference(
150 prefs::kDeviceEnrollmentRequisition);
151 if (!pref->IsDefaultValue())
152 pref->GetValue()->GetAsString(&requisition);
154 if (requisition == kNoRequisition)
155 requisition.clear();
157 return requisition;
160 void DeviceCloudPolicyManagerChromeOS::SetDeviceRequisition(
161 const std::string& requisition) {
162 VLOG(1) << "SetDeviceRequisition " << requisition;
163 if (local_state_) {
164 if (requisition.empty()) {
165 local_state_->ClearPref(prefs::kDeviceEnrollmentRequisition);
166 local_state_->ClearPref(prefs::kDeviceEnrollmentAutoStart);
167 local_state_->ClearPref(prefs::kDeviceEnrollmentCanExit);
168 } else {
169 local_state_->SetString(prefs::kDeviceEnrollmentRequisition, requisition);
170 if (requisition == kNoRequisition) {
171 local_state_->ClearPref(prefs::kDeviceEnrollmentAutoStart);
172 local_state_->ClearPref(prefs::kDeviceEnrollmentCanExit);
173 } else {
174 local_state_->SetBoolean(prefs::kDeviceEnrollmentAutoStart, true);
175 local_state_->SetBoolean(prefs::kDeviceEnrollmentCanExit, false);
181 bool DeviceCloudPolicyManagerChromeOS::IsRemoraRequisition() const {
182 return GetDeviceRequisition() == kRemoraRequisition;
185 bool DeviceCloudPolicyManagerChromeOS::IsSharkRequisition() const {
186 return GetDeviceRequisition() == kSharkRequisition;
189 void DeviceCloudPolicyManagerChromeOS::Shutdown() {
190 status_uploader_.reset();
191 heartbeat_scheduler_.reset();
192 state_keys_update_subscription_.reset();
193 CloudPolicyManager::Shutdown();
196 // static
197 void DeviceCloudPolicyManagerChromeOS::RegisterPrefs(
198 PrefRegistrySimple* registry) {
199 registry->RegisterStringPref(prefs::kDeviceEnrollmentRequisition,
200 std::string());
201 registry->RegisterBooleanPref(prefs::kDeviceEnrollmentAutoStart, false);
202 registry->RegisterBooleanPref(prefs::kDeviceEnrollmentCanExit, true);
203 registry->RegisterDictionaryPref(prefs::kServerBackedDeviceState);
206 // static
207 std::string DeviceCloudPolicyManagerChromeOS::GetMachineID() {
208 std::string machine_id;
209 chromeos::system::StatisticsProvider* provider =
210 chromeos::system::StatisticsProvider::GetInstance();
211 for (size_t i = 0; i < arraysize(kMachineInfoSerialNumberKeys); i++) {
212 if (provider->GetMachineStatistic(kMachineInfoSerialNumberKeys[i],
213 &machine_id) &&
214 !machine_id.empty()) {
215 break;
219 if (machine_id.empty())
220 LOG(WARNING) << "Failed to get machine id.";
222 return machine_id;
225 // static
226 std::string DeviceCloudPolicyManagerChromeOS::GetMachineModel() {
227 return GetMachineStatistic(chromeos::system::kHardwareClassKey);
230 void DeviceCloudPolicyManagerChromeOS::StartConnection(
231 scoped_ptr<CloudPolicyClient> client_to_connect,
232 EnterpriseInstallAttributes* install_attributes) {
233 CHECK(!service());
235 // Set state keys here so the first policy fetch submits them to the server.
236 if (ForcedReEnrollmentEnabled())
237 client_to_connect->SetStateKeysToUpload(state_keys_broker_->state_keys());
239 core()->Connect(client_to_connect.Pass());
240 core()->StartRefreshScheduler();
241 core()->TrackRefreshDelayPref(local_state_,
242 prefs::kDevicePolicyRefreshRate);
243 attestation_policy_observer_.reset(
244 new chromeos::attestation::AttestationPolicyObserver(client()));
246 // Enable device reporting and status monitoring for enterprise enrolled
247 // devices. We want to create these objects for enrolled devices, even if
248 // monitoring is currently inactive, in case monitoring is turned back on in
249 // a future policy fetch - the classes themselves track the current state of
250 // the monitoring settings and only perform monitoring if it is active.
251 if (install_attributes->IsEnterpriseDevice()) {
252 CreateStatusUploader();
253 heartbeat_scheduler_.reset(
254 new HeartbeatScheduler(g_browser_process->gcm_driver(),
255 install_attributes->GetDomain(),
256 install_attributes->GetDeviceId(),
257 task_runner_));
260 NotifyConnected();
263 void DeviceCloudPolicyManagerChromeOS::Unregister(
264 const UnregisterCallback& callback) {
265 if (!service()) {
266 LOG(ERROR) << "Tried to unregister but DeviceCloudPolicyManagerChromeOS is "
267 << "not connected.";
268 callback.Run(false);
269 return;
272 service()->Unregister(callback);
275 void DeviceCloudPolicyManagerChromeOS::Disconnect() {
276 status_uploader_.reset();
277 heartbeat_scheduler_.reset();
278 core()->Disconnect();
280 NotifyDisconnected();
283 void DeviceCloudPolicyManagerChromeOS::OnStateKeysUpdated() {
284 if (client() && ForcedReEnrollmentEnabled())
285 client()->SetStateKeysToUpload(state_keys_broker_->state_keys());
288 void DeviceCloudPolicyManagerChromeOS::InitializeRequisition() {
289 // OEM statistics are only loaded when OOBE is not completed.
290 if (chromeos::StartupUtils::IsOobeCompleted())
291 return;
293 const PrefService::Preference* pref = local_state_->FindPreference(
294 prefs::kDeviceEnrollmentRequisition);
295 if (pref->IsDefaultValue()) {
296 std::string requisition =
297 GetMachineStatistic(chromeos::system::kOemDeviceRequisitionKey);
299 if (!requisition.empty()) {
300 local_state_->SetString(prefs::kDeviceEnrollmentRequisition,
301 requisition);
302 if (requisition == kRemoraRequisition ||
303 requisition == kSharkRequisition) {
304 local_state_->SetBoolean(prefs::kDeviceEnrollmentAutoStart, true);
305 local_state_->SetBoolean(prefs::kDeviceEnrollmentCanExit, false);
306 } else {
307 local_state_->SetBoolean(
308 prefs::kDeviceEnrollmentAutoStart,
309 GetMachineFlag(chromeos::system::kOemIsEnterpriseManagedKey,
310 false));
311 local_state_->SetBoolean(
312 prefs::kDeviceEnrollmentCanExit,
313 GetMachineFlag(chromeos::system::kOemCanExitEnterpriseEnrollmentKey,
314 false));
320 void DeviceCloudPolicyManagerChromeOS::NotifyConnected() {
321 FOR_EACH_OBSERVER(
322 Observer, observers_, OnDeviceCloudPolicyManagerConnected());
325 void DeviceCloudPolicyManagerChromeOS::NotifyDisconnected() {
326 FOR_EACH_OBSERVER(
327 Observer, observers_, OnDeviceCloudPolicyManagerDisconnected());
330 void DeviceCloudPolicyManagerChromeOS::CreateStatusUploader() {
331 status_uploader_.reset(new StatusUploader(
332 client(),
333 make_scoped_ptr(new DeviceStatusCollector(
334 local_state_, chromeos::system::StatisticsProvider::GetInstance(),
335 DeviceStatusCollector::LocationUpdateRequester(),
336 DeviceStatusCollector::VolumeInfoFetcher(),
337 DeviceStatusCollector::CPUStatisticsFetcher())),
338 task_runner_));
341 } // namespace policy