Roll src/third_party/WebKit eac3800:0237a66 (svn 202606:202607)
[chromium-blink-merge.git] / chrome / browser / chromeos / policy / device_policy_decoder_chromeos.cc
blob3b1570189fc5aaa3d4c0b6070c772e0483b737c0
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h"
7 #include <limits>
8 #include <string>
10 #include "base/callback.h"
11 #include "base/json/json_reader.h"
12 #include "base/logging.h"
13 #include "base/values.h"
14 #include "chrome/browser/browser_process.h"
15 #include "chrome/browser/chromeos/policy/device_local_account.h"
16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
17 #include "chromeos/dbus/dbus_thread_manager.h"
18 #include "chromeos/dbus/update_engine_client.h"
19 #include "chromeos/settings/cros_settings_names.h"
20 #include "components/policy/core/browser/browser_policy_connector.h"
21 #include "components/policy/core/common/external_data_fetcher.h"
22 #include "components/policy/core/common/policy_map.h"
23 #include "components/policy/core/common/policy_types.h"
24 #include "components/policy/core/common/schema.h"
25 #include "policy/policy_constants.h"
26 #include "third_party/cros_system_api/dbus/service_constants.h"
28 using google::protobuf::RepeatedField;
29 using google::protobuf::RepeatedPtrField;
31 namespace em = enterprise_management;
33 namespace policy {
35 namespace {
37 // Decodes a protobuf integer to an IntegerValue. Returns NULL in case the input
38 // value is out of bounds.
39 scoped_ptr<base::Value> DecodeIntegerValue(google::protobuf::int64 value) {
40 if (value < std::numeric_limits<int>::min() ||
41 value > std::numeric_limits<int>::max()) {
42 LOG(WARNING) << "Integer value " << value
43 << " out of numeric limits, ignoring.";
44 return scoped_ptr<base::Value>();
47 return scoped_ptr<base::Value>(
48 new base::FundamentalValue(static_cast<int>(value)));
51 // Decodes a JSON string to a base::Value, and drops unknown properties
52 // according to a policy schema. |policy_name| is the name of a policy schema
53 // defined in policy_templates.json. Returns NULL in case the input is not a
54 // valid JSON string.
55 scoped_ptr<base::Value> DecodeJsonStringAndDropUnknownBySchema(
56 const std::string& json_string,
57 const std::string& policy_name) {
58 std::string error;
59 scoped_ptr<base::Value> root = base::JSONReader::ReadAndReturnError(
60 json_string, base::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
62 if (!root) {
63 LOG(WARNING) << "Invalid JSON string: " << error << ", ignoring.";
64 return scoped_ptr<base::Value>();
67 const Schema& schema = g_browser_process
68 ->browser_policy_connector()
69 ->GetChromeSchema()
70 .GetKnownProperty(policy_name);
72 if (schema.valid()) {
73 std::string error_path;
74 bool changed = false;
76 if (!schema.Normalize(root.get(), SCHEMA_ALLOW_UNKNOWN, &error_path, &error,
77 &changed)) {
78 LOG(WARNING) << "Invalid policy value for " << policy_name << ": "
79 << error << " at " << error_path << ".";
80 return scoped_ptr<base::Value>();
83 if (changed) {
84 LOG(WARNING) << "Some properties in " << policy_name
85 << " were dropped: " << error << " at " << error_path << ".";
87 } else {
88 LOG(WARNING) << "Unknown or invalid policy schema for " << policy_name
89 << ".";
90 return scoped_ptr<base::Value>();
93 return root;
96 base::Value* DecodeConnectionType(int value) {
97 static const char* const kConnectionTypes[] = {
98 shill::kTypeEthernet,
99 shill::kTypeWifi,
100 shill::kTypeWimax,
101 shill::kTypeBluetooth,
102 shill::kTypeCellular,
105 if (value < 0 || value >= static_cast<int>(arraysize(kConnectionTypes)))
106 return NULL;
108 return new base::StringValue(kConnectionTypes[value]);
111 void DecodeLoginPolicies(const em::ChromeDeviceSettingsProto& policy,
112 PolicyMap* policies) {
113 if (policy.has_guest_mode_enabled()) {
114 const em::GuestModeEnabledProto& container(policy.guest_mode_enabled());
115 if (container.has_guest_mode_enabled()) {
116 policies->Set(key::kDeviceGuestModeEnabled,
117 POLICY_LEVEL_MANDATORY,
118 POLICY_SCOPE_MACHINE,
119 POLICY_SOURCE_CLOUD,
120 new base::FundamentalValue(
121 container.guest_mode_enabled()),
122 NULL);
126 if (policy.has_reboot_on_shutdown()) {
127 const em::RebootOnShutdownProto& container(policy.reboot_on_shutdown());
128 if (container.has_reboot_on_shutdown()) {
129 policies->Set(key::kDeviceRebootOnShutdown, POLICY_LEVEL_MANDATORY,
130 POLICY_SCOPE_MACHINE,
131 POLICY_SOURCE_CLOUD,
132 new base::FundamentalValue(container.reboot_on_shutdown()),
133 NULL);
137 if (policy.has_show_user_names()) {
138 const em::ShowUserNamesOnSigninProto& container(policy.show_user_names());
139 if (container.has_show_user_names()) {
140 policies->Set(key::kDeviceShowUserNamesOnSignin,
141 POLICY_LEVEL_MANDATORY,
142 POLICY_SCOPE_MACHINE,
143 POLICY_SOURCE_CLOUD,
144 new base::FundamentalValue(
145 container.show_user_names()),
146 NULL);
150 if (policy.has_allow_new_users()) {
151 const em::AllowNewUsersProto& container(policy.allow_new_users());
152 if (container.has_allow_new_users()) {
153 policies->Set(key::kDeviceAllowNewUsers,
154 POLICY_LEVEL_MANDATORY,
155 POLICY_SCOPE_MACHINE,
156 POLICY_SOURCE_CLOUD,
157 new base::FundamentalValue(
158 container.allow_new_users()),
159 NULL);
163 if (policy.has_user_whitelist()) {
164 const em::UserWhitelistProto& container(policy.user_whitelist());
165 base::ListValue* whitelist = new base::ListValue();
166 RepeatedPtrField<std::string>::const_iterator entry;
167 for (entry = container.user_whitelist().begin();
168 entry != container.user_whitelist().end();
169 ++entry) {
170 whitelist->Append(new base::StringValue(*entry));
172 policies->Set(key::kDeviceUserWhitelist,
173 POLICY_LEVEL_MANDATORY,
174 POLICY_SCOPE_MACHINE,
175 POLICY_SOURCE_CLOUD,
176 whitelist,
177 NULL);
180 if (policy.has_ephemeral_users_enabled()) {
181 const em::EphemeralUsersEnabledProto& container(
182 policy.ephemeral_users_enabled());
183 if (container.has_ephemeral_users_enabled()) {
184 policies->Set(key::kDeviceEphemeralUsersEnabled,
185 POLICY_LEVEL_MANDATORY,
186 POLICY_SCOPE_MACHINE,
187 POLICY_SOURCE_CLOUD,
188 new base::FundamentalValue(
189 container.ephemeral_users_enabled()),
190 NULL);
194 if (policy.has_device_local_accounts()) {
195 const em::DeviceLocalAccountsProto& container(
196 policy.device_local_accounts());
197 const RepeatedPtrField<em::DeviceLocalAccountInfoProto>& accounts =
198 container.account();
199 scoped_ptr<base::ListValue> account_list(new base::ListValue());
200 RepeatedPtrField<em::DeviceLocalAccountInfoProto>::const_iterator entry;
201 for (entry = accounts.begin(); entry != accounts.end(); ++entry) {
202 scoped_ptr<base::DictionaryValue> entry_dict(
203 new base::DictionaryValue());
204 if (entry->has_type()) {
205 if (entry->has_account_id()) {
206 entry_dict->SetStringWithoutPathExpansion(
207 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
208 entry->account_id());
210 entry_dict->SetIntegerWithoutPathExpansion(
211 chromeos::kAccountsPrefDeviceLocalAccountsKeyType, entry->type());
212 if (entry->kiosk_app().has_app_id()) {
213 entry_dict->SetStringWithoutPathExpansion(
214 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
215 entry->kiosk_app().app_id());
217 if (entry->kiosk_app().has_update_url()) {
218 entry_dict->SetStringWithoutPathExpansion(
219 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppUpdateURL,
220 entry->kiosk_app().update_url());
222 } else if (entry->has_deprecated_public_session_id()) {
223 // Deprecated public session specification.
224 entry_dict->SetStringWithoutPathExpansion(
225 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
226 entry->deprecated_public_session_id());
227 entry_dict->SetIntegerWithoutPathExpansion(
228 chromeos::kAccountsPrefDeviceLocalAccountsKeyType,
229 DeviceLocalAccount::TYPE_PUBLIC_SESSION);
231 account_list->Append(entry_dict.release());
233 policies->Set(key::kDeviceLocalAccounts,
234 POLICY_LEVEL_MANDATORY,
235 POLICY_SCOPE_MACHINE,
236 POLICY_SOURCE_CLOUD,
237 account_list.release(),
238 NULL);
239 if (container.has_auto_login_id()) {
240 policies->Set(key::kDeviceLocalAccountAutoLoginId,
241 POLICY_LEVEL_MANDATORY,
242 POLICY_SCOPE_MACHINE,
243 POLICY_SOURCE_CLOUD,
244 new base::StringValue(container.auto_login_id()),
245 NULL);
247 if (container.has_auto_login_delay()) {
248 policies->Set(key::kDeviceLocalAccountAutoLoginDelay,
249 POLICY_LEVEL_MANDATORY,
250 POLICY_SCOPE_MACHINE,
251 POLICY_SOURCE_CLOUD,
252 DecodeIntegerValue(container.auto_login_delay()).release(),
253 NULL);
255 if (container.has_enable_auto_login_bailout()) {
256 policies->Set(key::kDeviceLocalAccountAutoLoginBailoutEnabled,
257 POLICY_LEVEL_MANDATORY,
258 POLICY_SCOPE_MACHINE,
259 POLICY_SOURCE_CLOUD,
260 new base::FundamentalValue(
261 container.enable_auto_login_bailout()),
262 NULL);
264 if (container.has_prompt_for_network_when_offline()) {
265 policies->Set(key::kDeviceLocalAccountPromptForNetworkWhenOffline,
266 POLICY_LEVEL_MANDATORY,
267 POLICY_SCOPE_MACHINE,
268 POLICY_SOURCE_CLOUD,
269 new base::FundamentalValue(
270 container.prompt_for_network_when_offline()),
271 NULL);
275 if (policy.has_supervised_users_settings()) {
276 const em::SupervisedUsersSettingsProto& container =
277 policy.supervised_users_settings();
278 if (container.has_supervised_users_enabled()) {
279 base::Value* value = new base::FundamentalValue(
280 container.supervised_users_enabled());
281 policies->Set(key::kSupervisedUsersEnabled,
282 POLICY_LEVEL_MANDATORY,
283 POLICY_SCOPE_MACHINE,
284 POLICY_SOURCE_CLOUD,
285 value,
286 NULL);
290 if (policy.has_saml_settings()) {
291 const em::SAMLSettingsProto& container(policy.saml_settings());
292 if (container.has_transfer_saml_cookies()) {
293 policies->Set(key::kDeviceTransferSAMLCookies,
294 POLICY_LEVEL_MANDATORY,
295 POLICY_SCOPE_MACHINE,
296 POLICY_SOURCE_CLOUD,
297 new base::FundamentalValue(
298 container.transfer_saml_cookies()),
299 NULL);
304 void DecodeNetworkPolicies(const em::ChromeDeviceSettingsProto& policy,
305 PolicyMap* policies) {
306 if (policy.has_data_roaming_enabled()) {
307 const em::DataRoamingEnabledProto& container(policy.data_roaming_enabled());
308 if (container.has_data_roaming_enabled()) {
309 policies->Set(key::kDeviceDataRoamingEnabled,
310 POLICY_LEVEL_MANDATORY,
311 POLICY_SCOPE_MACHINE,
312 POLICY_SOURCE_CLOUD,
313 new base::FundamentalValue(
314 container.data_roaming_enabled()),
315 NULL);
319 if (policy.has_open_network_configuration() &&
320 policy.open_network_configuration().has_open_network_configuration()) {
321 std::string config(
322 policy.open_network_configuration().open_network_configuration());
323 policies->Set(key::kDeviceOpenNetworkConfiguration,
324 POLICY_LEVEL_MANDATORY,
325 POLICY_SCOPE_MACHINE,
326 POLICY_SOURCE_CLOUD,
327 new base::StringValue(config),
328 NULL);
332 void DecodeReportingPolicies(const em::ChromeDeviceSettingsProto& policy,
333 PolicyMap* policies) {
334 if (policy.has_device_reporting()) {
335 const em::DeviceReportingProto& container(policy.device_reporting());
336 if (container.has_report_version_info()) {
337 policies->Set(key::kReportDeviceVersionInfo,
338 POLICY_LEVEL_MANDATORY,
339 POLICY_SCOPE_MACHINE,
340 POLICY_SOURCE_CLOUD,
341 new base::FundamentalValue(
342 container.report_version_info()),
343 NULL);
345 if (container.has_report_activity_times()) {
346 policies->Set(key::kReportDeviceActivityTimes,
347 POLICY_LEVEL_MANDATORY,
348 POLICY_SCOPE_MACHINE,
349 POLICY_SOURCE_CLOUD,
350 new base::FundamentalValue(
351 container.report_activity_times()),
352 NULL);
354 if (container.has_report_boot_mode()) {
355 policies->Set(key::kReportDeviceBootMode,
356 POLICY_LEVEL_MANDATORY,
357 POLICY_SCOPE_MACHINE,
358 POLICY_SOURCE_CLOUD,
359 new base::FundamentalValue(
360 container.report_boot_mode()),
361 NULL);
363 if (container.has_report_location()) {
364 policies->Set(key::kReportDeviceLocation,
365 POLICY_LEVEL_MANDATORY,
366 POLICY_SCOPE_MACHINE,
367 POLICY_SOURCE_CLOUD,
368 new base::FundamentalValue(
369 container.report_location()),
370 NULL);
372 if (container.has_report_network_interfaces()) {
373 policies->Set(key::kReportDeviceNetworkInterfaces,
374 POLICY_LEVEL_MANDATORY,
375 POLICY_SCOPE_MACHINE,
376 POLICY_SOURCE_CLOUD,
377 new base::FundamentalValue(
378 container.report_network_interfaces()),
379 NULL);
381 if (container.has_report_users()) {
382 policies->Set(key::kReportDeviceUsers,
383 POLICY_LEVEL_MANDATORY,
384 POLICY_SCOPE_MACHINE,
385 POLICY_SOURCE_CLOUD,
386 new base::FundamentalValue(container.report_users()),
387 NULL);
389 if (container.has_report_hardware_status()) {
390 policies->Set(key::kReportDeviceHardwareStatus,
391 POLICY_LEVEL_MANDATORY,
392 POLICY_SCOPE_MACHINE,
393 POLICY_SOURCE_CLOUD,
394 new base::FundamentalValue(
395 container.report_hardware_status()),
396 NULL);
398 if (container.has_report_session_status()) {
399 policies->Set(key::kReportDeviceSessionStatus,
400 POLICY_LEVEL_MANDATORY,
401 POLICY_SCOPE_MACHINE,
402 POLICY_SOURCE_CLOUD,
403 new base::FundamentalValue(
404 container.report_session_status()),
405 NULL);
407 if (container.has_device_status_frequency()) {
408 policies->Set(key::kReportUploadFrequency,
409 POLICY_LEVEL_MANDATORY,
410 POLICY_SCOPE_MACHINE,
411 POLICY_SOURCE_CLOUD,
412 DecodeIntegerValue(
413 container.device_status_frequency()).release(),
414 NULL);
418 if (policy.has_device_heartbeat_settings()) {
419 const em::DeviceHeartbeatSettingsProto& container(
420 policy.device_heartbeat_settings());
421 if (container.has_heartbeat_enabled()) {
422 policies->Set(key::kHeartbeatEnabled,
423 POLICY_LEVEL_MANDATORY,
424 POLICY_SCOPE_MACHINE,
425 POLICY_SOURCE_CLOUD,
426 new base::FundamentalValue(
427 container.heartbeat_enabled()),
428 NULL);
430 if (container.has_heartbeat_frequency()) {
431 policies->Set(key::kHeartbeatFrequency,
432 POLICY_LEVEL_MANDATORY,
433 POLICY_SCOPE_MACHINE,
434 POLICY_SOURCE_CLOUD,
435 DecodeIntegerValue(
436 container.heartbeat_frequency()).release(),
437 NULL);
441 if (policy.has_device_log_upload_settings()) {
442 const em::DeviceLogUploadSettingsProto& container(
443 policy.device_log_upload_settings());
444 if (container.has_system_log_upload_enabled()) {
445 policies->Set(
446 key::kLogUploadEnabled, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_MACHINE,
447 POLICY_SOURCE_CLOUD,
448 new base::FundamentalValue(container.system_log_upload_enabled()),
449 NULL);
454 void DecodeAutoUpdatePolicies(const em::ChromeDeviceSettingsProto& policy,
455 PolicyMap* policies) {
456 if (policy.has_release_channel()) {
457 const em::ReleaseChannelProto& container(policy.release_channel());
458 if (container.has_release_channel()) {
459 std::string channel(container.release_channel());
460 policies->Set(key::kChromeOsReleaseChannel,
461 POLICY_LEVEL_MANDATORY,
462 POLICY_SCOPE_MACHINE,
463 POLICY_SOURCE_CLOUD,
464 new base::StringValue(channel),
465 NULL);
466 // TODO(dubroy): Once http://crosbug.com/17015 is implemented, we won't
467 // have to pass the channel in here, only ping the update engine to tell
468 // it to fetch the channel from the policy.
469 chromeos::DBusThreadManager::Get()->GetUpdateEngineClient()->
470 SetChannel(channel, false);
472 if (container.has_release_channel_delegated()) {
473 policies->Set(key::kChromeOsReleaseChannelDelegated,
474 POLICY_LEVEL_MANDATORY,
475 POLICY_SCOPE_MACHINE,
476 POLICY_SOURCE_CLOUD,
477 new base::FundamentalValue(
478 container.release_channel_delegated()),
479 NULL);
483 if (policy.has_auto_update_settings()) {
484 const em::AutoUpdateSettingsProto& container(policy.auto_update_settings());
485 if (container.has_update_disabled()) {
486 policies->Set(key::kDeviceAutoUpdateDisabled,
487 POLICY_LEVEL_MANDATORY,
488 POLICY_SCOPE_MACHINE,
489 POLICY_SOURCE_CLOUD,
490 new base::FundamentalValue(
491 container.update_disabled()),
492 NULL);
495 if (container.has_target_version_prefix()) {
496 policies->Set(key::kDeviceTargetVersionPrefix,
497 POLICY_LEVEL_MANDATORY,
498 POLICY_SCOPE_MACHINE,
499 POLICY_SOURCE_CLOUD,
500 new base::StringValue(
501 container.target_version_prefix()),
502 NULL);
505 // target_version_display_name is not actually a policy, but a display
506 // string for target_version_prefix, so we ignore it.
508 if (container.has_scatter_factor_in_seconds()) {
509 policies->Set(key::kDeviceUpdateScatterFactor,
510 POLICY_LEVEL_MANDATORY,
511 POLICY_SCOPE_MACHINE,
512 POLICY_SOURCE_CLOUD,
513 new base::FundamentalValue(static_cast<int>(
514 container.scatter_factor_in_seconds())),
515 NULL);
518 if (container.allowed_connection_types_size()) {
519 base::ListValue* allowed_connection_types = new base::ListValue();
520 RepeatedField<int>::const_iterator entry;
521 for (entry = container.allowed_connection_types().begin();
522 entry != container.allowed_connection_types().end();
523 ++entry) {
524 base::Value* value = DecodeConnectionType(*entry);
525 if (value)
526 allowed_connection_types->Append(value);
528 policies->Set(key::kDeviceUpdateAllowedConnectionTypes,
529 POLICY_LEVEL_MANDATORY,
530 POLICY_SCOPE_MACHINE,
531 POLICY_SOURCE_CLOUD,
532 allowed_connection_types,
533 NULL);
536 if (container.has_http_downloads_enabled()) {
537 policies->Set(
538 key::kDeviceUpdateHttpDownloadsEnabled,
539 POLICY_LEVEL_MANDATORY,
540 POLICY_SCOPE_MACHINE,
541 POLICY_SOURCE_CLOUD,
542 new base::FundamentalValue(container.http_downloads_enabled()),
543 NULL);
546 if (container.has_reboot_after_update()) {
547 policies->Set(key::kRebootAfterUpdate,
548 POLICY_LEVEL_MANDATORY,
549 POLICY_SCOPE_MACHINE,
550 POLICY_SOURCE_CLOUD,
551 new base::FundamentalValue(
552 container.reboot_after_update()),
553 NULL);
556 if (container.has_p2p_enabled()) {
557 policies->Set(key::kDeviceAutoUpdateP2PEnabled,
558 POLICY_LEVEL_MANDATORY,
559 POLICY_SCOPE_MACHINE,
560 POLICY_SOURCE_CLOUD,
561 new base::FundamentalValue(container.p2p_enabled()),
562 NULL);
567 void DecodeAccessibilityPolicies(const em::ChromeDeviceSettingsProto& policy,
568 PolicyMap* policies) {
569 if (policy.has_accessibility_settings()) {
570 const em::AccessibilitySettingsProto&
571 container(policy.accessibility_settings());
573 if (container.has_login_screen_default_large_cursor_enabled()) {
574 policies->Set(
575 key::kDeviceLoginScreenDefaultLargeCursorEnabled,
576 POLICY_LEVEL_MANDATORY,
577 POLICY_SCOPE_MACHINE,
578 POLICY_SOURCE_CLOUD,
579 new base::FundamentalValue(
580 container.login_screen_default_large_cursor_enabled()),
581 NULL);
584 if (container.has_login_screen_default_spoken_feedback_enabled()) {
585 policies->Set(
586 key::kDeviceLoginScreenDefaultSpokenFeedbackEnabled,
587 POLICY_LEVEL_MANDATORY,
588 POLICY_SCOPE_MACHINE,
589 POLICY_SOURCE_CLOUD,
590 new base::FundamentalValue(
591 container.login_screen_default_spoken_feedback_enabled()),
592 NULL);
595 if (container.has_login_screen_default_high_contrast_enabled()) {
596 policies->Set(
597 key::kDeviceLoginScreenDefaultHighContrastEnabled,
598 POLICY_LEVEL_MANDATORY,
599 POLICY_SCOPE_MACHINE,
600 POLICY_SOURCE_CLOUD,
601 new base::FundamentalValue(
602 container.login_screen_default_high_contrast_enabled()),
603 NULL);
606 if (container.has_login_screen_default_screen_magnifier_type()) {
607 policies->Set(
608 key::kDeviceLoginScreenDefaultScreenMagnifierType,
609 POLICY_LEVEL_MANDATORY,
610 POLICY_SCOPE_MACHINE,
611 POLICY_SOURCE_CLOUD,
612 DecodeIntegerValue(
613 container.login_screen_default_screen_magnifier_type()).release(),
614 NULL);
617 if (container.has_login_screen_default_virtual_keyboard_enabled()) {
618 policies->Set(
619 key::kDeviceLoginScreenDefaultVirtualKeyboardEnabled,
620 POLICY_LEVEL_MANDATORY,
621 POLICY_SCOPE_MACHINE,
622 POLICY_SOURCE_CLOUD,
623 new base::FundamentalValue(
624 container.login_screen_default_virtual_keyboard_enabled()),
625 NULL);
630 void DecodeGenericPolicies(const em::ChromeDeviceSettingsProto& policy,
631 PolicyMap* policies) {
632 if (policy.has_device_policy_refresh_rate()) {
633 const em::DevicePolicyRefreshRateProto& container(
634 policy.device_policy_refresh_rate());
635 if (container.has_device_policy_refresh_rate()) {
636 policies->Set(
637 key::kDevicePolicyRefreshRate,
638 POLICY_LEVEL_MANDATORY,
639 POLICY_SCOPE_MACHINE,
640 POLICY_SOURCE_CLOUD,
641 DecodeIntegerValue(container.device_policy_refresh_rate()).release(),
642 NULL);
646 if (policy.has_metrics_enabled()) {
647 const em::MetricsEnabledProto& container(policy.metrics_enabled());
648 if (container.has_metrics_enabled()) {
649 policies->Set(key::kDeviceMetricsReportingEnabled,
650 POLICY_LEVEL_MANDATORY,
651 POLICY_SCOPE_MACHINE,
652 POLICY_SOURCE_CLOUD,
653 new base::FundamentalValue(
654 container.metrics_enabled()),
655 NULL);
659 if (policy.has_system_timezone()) {
660 if (policy.system_timezone().has_timezone()) {
661 policies->Set(key::kSystemTimezone,
662 POLICY_LEVEL_MANDATORY,
663 POLICY_SCOPE_MACHINE,
664 POLICY_SOURCE_CLOUD,
665 new base::StringValue(
666 policy.system_timezone().timezone()),
667 NULL);
671 if (policy.has_use_24hour_clock()) {
672 if (policy.use_24hour_clock().has_use_24hour_clock()) {
673 policies->Set(key::kSystemUse24HourClock,
674 POLICY_LEVEL_MANDATORY,
675 POLICY_SCOPE_MACHINE,
676 POLICY_SOURCE_CLOUD,
677 new base::FundamentalValue(
678 policy.use_24hour_clock().use_24hour_clock()),
679 NULL);
683 if (policy.has_allow_redeem_offers()) {
684 const em::AllowRedeemChromeOsRegistrationOffersProto& container(
685 policy.allow_redeem_offers());
686 if (container.has_allow_redeem_offers()) {
687 policies->Set(key::kDeviceAllowRedeemChromeOsRegistrationOffers,
688 POLICY_LEVEL_MANDATORY,
689 POLICY_SCOPE_MACHINE,
690 POLICY_SOURCE_CLOUD,
691 new base::FundamentalValue(
692 container.allow_redeem_offers()),
693 NULL);
697 if (policy.has_uptime_limit()) {
698 const em::UptimeLimitProto& container(policy.uptime_limit());
699 if (container.has_uptime_limit()) {
700 policies->Set(key::kUptimeLimit,
701 POLICY_LEVEL_MANDATORY,
702 POLICY_SCOPE_MACHINE,
703 POLICY_SOURCE_CLOUD,
704 DecodeIntegerValue(container.uptime_limit()).release(),
705 NULL);
709 if (policy.has_start_up_flags()) {
710 const em::StartUpFlagsProto& container(policy.start_up_flags());
711 base::ListValue* flags = new base::ListValue();
712 RepeatedPtrField<std::string>::const_iterator entry;
713 for (entry = container.flags().begin();
714 entry != container.flags().end();
715 ++entry) {
716 flags->Append(new base::StringValue(*entry));
718 policies->Set(key::kDeviceStartUpFlags,
719 POLICY_LEVEL_MANDATORY,
720 POLICY_SCOPE_MACHINE,
721 POLICY_SOURCE_CLOUD,
722 flags,
723 NULL);
726 if (policy.has_variations_parameter()) {
727 if (policy.variations_parameter().has_parameter()) {
728 policies->Set(key::kDeviceVariationsRestrictParameter,
729 POLICY_LEVEL_MANDATORY,
730 POLICY_SCOPE_MACHINE,
731 POLICY_SOURCE_CLOUD,
732 new base::StringValue(
733 policy.variations_parameter().parameter()),
734 NULL);
738 if (policy.has_attestation_settings()) {
739 if (policy.attestation_settings().has_attestation_enabled()) {
740 policies->Set(key::kAttestationEnabledForDevice,
741 POLICY_LEVEL_MANDATORY,
742 POLICY_SCOPE_MACHINE,
743 POLICY_SOURCE_CLOUD,
744 new base::FundamentalValue(
745 policy.attestation_settings().attestation_enabled()),
746 NULL);
748 if (policy.attestation_settings().has_content_protection_enabled()) {
749 policies->Set(
750 key::kAttestationForContentProtectionEnabled,
751 POLICY_LEVEL_MANDATORY,
752 POLICY_SCOPE_MACHINE,
753 POLICY_SOURCE_CLOUD,
754 new base::FundamentalValue(
755 policy.attestation_settings().content_protection_enabled()),
756 NULL);
760 if (policy.has_login_screen_power_management()) {
761 const em::LoginScreenPowerManagementProto& container(
762 policy.login_screen_power_management());
763 if (container.has_login_screen_power_management()) {
764 scoped_ptr<base::Value> decoded_json;
765 decoded_json = DecodeJsonStringAndDropUnknownBySchema(
766 container.login_screen_power_management(),
767 key::kDeviceLoginScreenPowerManagement);
768 if (decoded_json) {
769 policies->Set(key::kDeviceLoginScreenPowerManagement,
770 POLICY_LEVEL_MANDATORY,
771 POLICY_SCOPE_MACHINE,
772 POLICY_SOURCE_CLOUD,
773 decoded_json.release(),
774 NULL);
779 if (policy.has_system_settings()) {
780 const em::SystemSettingsProto& container(policy.system_settings());
781 if (container.has_block_devmode()) {
782 policies->Set(
783 key::kDeviceBlockDevmode,
784 POLICY_LEVEL_MANDATORY,
785 POLICY_SCOPE_MACHINE,
786 POLICY_SOURCE_CLOUD,
787 new base::FundamentalValue(container.block_devmode()),
788 NULL);
792 if (policy.has_extension_cache_size()) {
793 const em::ExtensionCacheSizeProto& container(policy.extension_cache_size());
794 if (container.has_extension_cache_size()) {
795 policies->Set(
796 key::kExtensionCacheSize, POLICY_LEVEL_MANDATORY,
797 POLICY_SCOPE_MACHINE, POLICY_SOURCE_CLOUD,
798 DecodeIntegerValue(container.extension_cache_size()).release(),
799 nullptr);
803 if (policy.has_login_screen_domain_auto_complete()) {
804 const em::LoginScreenDomainAutoCompleteProto& container(
805 policy.login_screen_domain_auto_complete());
806 policies->Set(
807 key::kDeviceLoginScreenDomainAutoComplete, POLICY_LEVEL_MANDATORY,
808 POLICY_SCOPE_MACHINE, POLICY_SOURCE_CLOUD,
809 new base::StringValue(container.login_screen_domain_auto_complete()),
810 nullptr);
814 } // namespace
816 void DecodeDevicePolicy(const em::ChromeDeviceSettingsProto& policy,
817 PolicyMap* policies) {
818 // Decode the various groups of policies.
819 DecodeLoginPolicies(policy, policies);
820 DecodeNetworkPolicies(policy, policies);
821 DecodeReportingPolicies(policy, policies);
822 DecodeAutoUpdatePolicies(policy, policies);
823 DecodeAccessibilityPolicies(policy, policies);
824 DecodeGenericPolicies(policy, policies);
827 } // namespace policy