chrome/browser/policy/chrome_browser_policy_connector.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/policy/chrome_browser_policy_connector.h"
   6
   7 #include <string>
   8
   9 #include "base/callback.h"
  10 #include "base/command_line.h"
  11 #include "base/files/file_path.h"
  12 #include "base/logging.h"
  13 #include "base/memory/scoped_ptr.h"
  14 #include "base/path_service.h"
  15 #include "base/strings/sys_string_conversions.h"
  16 #include "chrome/browser/policy/configuration_policy_handler_list_factory.h"
  17 #include "chrome/browser/policy/device_management_service_configuration.h"
  18 #include "chrome/common/chrome_paths.h"
  19 #include "components/policy/core/common/async_policy_provider.h"
  20 #include "components/policy/core/common/cloud/device_management_service.h"
  21 #include "components/policy/core/common/configuration_policy_provider.h"
  22 #include "components/policy/core/common/policy_map.h"
  23 #include "components/policy/core/common/policy_namespace.h"
  24 #include "components/policy/core/common/policy_service.h"
  25 #include "components/policy/core/common/policy_types.h"
  26 #include "components/signin/core/common/signin_switches.h"
  27 #include "content/public/browser/browser_thread.h"
  28 #include "content/public/common/content_switches.h"
  29 #include "net/url_request/url_request_context_getter.h"
  30 #include "policy/policy_constants.h"
  31
  32 #if defined(OS_WIN)
  33 #include "components/policy/core/common/policy_loader_win.h"
  34 #elif defined(OS_MACOSX)
  35 #include <CoreFoundation/CoreFoundation.h>
  36 #include "components/policy/core/common/policy_loader_mac.h"
  37 #include "components/policy/core/common/preferences_mac.h"
  38 #elif defined(OS_POSIX) && !defined(OS_ANDROID)
  39 #include "components/policy/core/common/config_dir_policy_loader.h"
  40 #elif defined(OS_ANDROID)
  41 #include "components/policy/core/common/policy_provider_android.h"
  42 #endif
  43
  44 using content::BrowserThread;
  45
  46 namespace policy {
  47
  48 namespace {
  49
  50 #if defined(OS_MACOSX)
  51 base::FilePath GetManagedPolicyPath() {
  52   CFBundleRef bundle(CFBundleGetMainBundle());
  53   if (!bundle)
  54     return base::FilePath();
  55
  56   CFStringRef bundle_id = CFBundleGetIdentifier(bundle);
  57   if (!bundle_id)
  58     return base::FilePath();
  59
  60   return policy::PolicyLoaderMac::GetManagedPolicyPath(bundle_id);
  61 }
  62 #endif  // defined(OS_MACOSX)
  63
  64 }  // namespace
  65
  66 ChromeBrowserPolicyConnector::ChromeBrowserPolicyConnector()
  67     : BrowserPolicyConnector(base::Bind(&BuildHandlerList)) {
  68   ConfigurationPolicyProvider* platform_provider = CreatePlatformProvider();
  69   if (platform_provider)
  70     SetPlatformPolicyProvider(make_scoped_ptr(platform_provider));
  71 }
  72
  73 ChromeBrowserPolicyConnector::~ChromeBrowserPolicyConnector() {}
  74
  75 void ChromeBrowserPolicyConnector::Init(
  76     PrefService* local_state,
  77     scoped_refptr<net::URLRequestContextGetter> request_context) {
  78   // Initialization of some of the providers requires the FILE thread; make
  79   // sure that threading is ready at this point.
  80   DCHECK(BrowserThread::IsThreadInitialized(BrowserThread::FILE));
  81
  82   scoped_ptr<DeviceManagementService::Configuration> configuration(
  83       new DeviceManagementServiceConfiguration(
  84           BrowserPolicyConnector::GetDeviceManagementUrl()));
  85   scoped_ptr<DeviceManagementService> device_management_service(
  86       new DeviceManagementService(configuration.Pass()));
  87   device_management_service->ScheduleInitialization(
  88       kServiceInitializationStartupDelay);
  89
  90   BrowserPolicyConnector::Init(
  91       local_state, request_context, device_management_service.Pass());
  92
  93   AppendExtraFlagsPerPolicy();
  94 }
  95
  96 ConfigurationPolicyProvider*
  97     ChromeBrowserPolicyConnector::CreatePlatformProvider() {
  98 #if defined(OS_WIN)
  99   scoped_ptr<AsyncPolicyLoader> loader(PolicyLoaderWin::Create(
 100       BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
 101       kRegistryChromePolicyKey));
 102   return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
 103 #elif defined(OS_MACOSX)
 104   scoped_ptr<AsyncPolicyLoader> loader(new PolicyLoaderMac(
 105       BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
 106       GetManagedPolicyPath(),
 107       new MacPreferences()));
 108   return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
 109 #elif defined(OS_POSIX) && !defined(OS_ANDROID)
 110   base::FilePath config_dir_path;
 111   if (PathService::Get(chrome::DIR_POLICY_FILES, &config_dir_path)) {
 112     scoped_ptr<AsyncPolicyLoader> loader(new ConfigDirPolicyLoader(
 113         BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
 114         config_dir_path,
 115         POLICY_SCOPE_MACHINE));
 116     return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
 117   } else {
 118     return NULL;
 119   }
 120 #elif defined(OS_ANDROID)
 121   return new PolicyProviderAndroid();
 122 #else
 123   return NULL;
 124 #endif
 125 }
 126
 127 void ChromeBrowserPolicyConnector::AppendExtraFlagsPerPolicy() {
 128   PolicyService* policy_service = GetPolicyService();
 129   PolicyNamespace chrome_ns = PolicyNamespace(POLICY_DOMAIN_CHROME, "");
 130   const PolicyMap& chrome_policy = policy_service->GetPolicies(chrome_ns);
 131   const base::Value* policy_value =
 132       chrome_policy.GetValue(key::kEnableDeprecatedWebBasedSignin);
 133   bool enabled = false;
 134   base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
 135   if (policy_value && policy_value->GetAsBoolean(&enabled) && enabled) {
 136     if (!command_line->HasSwitch(switches::kEnableWebBasedSignin))
 137       command_line->AppendSwitch(switches::kEnableWebBasedSignin);
 138     // In M41, to fully enable web-based sign in, the kEnableIframeBasedSignin
 139     // must also be specified.
 140     if (!command_line->HasSwitch(switches::kEnableIframeBasedSignin))
 141       command_line->AppendSwitch(switches::kEnableIframeBasedSignin);
 142   }
 143
 144   if (command_line->HasSwitch(switches::kEnableNpapi))
 145     return;
 146
 147   // The list of Plugin related policies that re-enable NPAPI. Remove once NPAPI
 148   // is dead.
 149   const std::string plugin_policies[] = { key::kEnabledPlugins,
 150                                           key::kPluginsAllowedForUrls,
 151                                           key::kPluginsBlockedForUrls,
 152                                           key::kDisabledPluginsExceptions,
 153                                           key::kDisabledPlugins };
 154   for (auto policy : plugin_policies) {
 155     if (chrome_policy.GetValue(policy)) {
 156       command_line->AppendSwitch(switches::kEnableNpapi);
 157       break;
 158     }
 159   }
 160 }
 161
 162 }  // namespace policy