search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / browser / chromeos / policy / device_policy_decoder_chromeos.cc
blob57a780bb403cca716952e15633e432b75c815a41
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h"
6
7 #include <limits>
8 #include <string>
9
10 #include "base/callback.h"
11 #include "base/json/json_reader.h"
12 #include "base/logging.h"
13 #include "base/values.h"
14 #include "chrome/browser/browser_process.h"
15 #include "chrome/browser/chromeos/policy/device_local_account.h"
16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
17 #include "chromeos/dbus/dbus_thread_manager.h"
18 #include "chromeos/dbus/update_engine_client.h"
19 #include "chromeos/settings/cros_settings_names.h"
20 #include "components/policy/core/browser/browser_policy_connector.h"
21 #include "components/policy/core/common/external_data_fetcher.h"
22 #include "components/policy/core/common/policy_map.h"
23 #include "components/policy/core/common/schema.h"
24 #include "policy/policy_constants.h"
25 #include "third_party/cros_system_api/dbus/service_constants.h"
26
27 using google::protobuf::RepeatedField;
28 using google::protobuf::RepeatedPtrField;
29
30 namespace em = enterprise_management;
31
32 namespace policy {
33
34 namespace {
35
36 // Decodes a protobuf integer to an IntegerValue. Returns NULL in case the input
37 // value is out of bounds.
38 scoped_ptr<base::Value> DecodeIntegerValue(google::protobuf::int64 value) {
39 if (value < std::numeric_limits<int>::min() ||
40 value > std::numeric_limits<int>::max()) {
41 LOG(WARNING) << "Integer value " << value
42 << " out of numeric limits, ignoring.";
43 return scoped_ptr<base::Value>();
44 }
45
46 return scoped_ptr<base::Value>(
47 new base::FundamentalValue(static_cast<int>(value)));
48 }
49
50 // Decodes a JSON string to a base::Value, and drops unknown properties
51 // according to a policy schema. |policy_name| is the name of a policy schema
52 // defined in policy_templates.json. Returns NULL in case the input is not a
53 // valid JSON string.
54 scoped_ptr<base::Value> DecodeJsonStringAndDropUnknownBySchema(
55 const std::string& json_string,
56 const std::string& policy_name) {
57 std::string error;
58 scoped_ptr<base::Value> root = base::JSONReader::ReadAndReturnError(
59 json_string, base::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
60
61 if (!root) {
62 LOG(WARNING) << "Invalid JSON string: " << error << ", ignoring.";
63 return scoped_ptr<base::Value>();
64 }
65
66 const Schema& schema = g_browser_process
67 ->browser_policy_connector()
68 ->GetChromeSchema()
69 .GetKnownProperty(policy_name);
70
71 if (schema.valid()) {
72 std::string error_path;
73 bool changed = false;
74
75 if (!schema.Normalize(root.get(), SCHEMA_ALLOW_UNKNOWN, &error_path, &error,
76 &changed)) {
77 LOG(WARNING) << "Invalid policy value for " << policy_name << ": "
78 << error << " at " << error_path << ".";
79 return scoped_ptr<base::Value>();
80 }
81
82 if (changed) {
83 LOG(WARNING) << "Some properties in " << policy_name
84 << " were dropped: " << error << " at " << error_path << ".";
85 }
86 } else {
87 LOG(WARNING) << "Unknown or invalid policy schema for " << policy_name
88 << ".";
89 return scoped_ptr<base::Value>();
90 }
91
92 return root;
93 }
94
95 base::Value* DecodeConnectionType(int value) {
96 static const char* const kConnectionTypes[] = {
97 shill::kTypeEthernet,
98 shill::kTypeWifi,
99 shill::kTypeWimax,
100 shill::kTypeBluetooth,
101 shill::kTypeCellular,
102 };
103
104 if (value < 0 || value >= static_cast<int>(arraysize(kConnectionTypes)))
105 return NULL;
106
107 return new base::StringValue(kConnectionTypes[value]);
108 }
109
110 void DecodeLoginPolicies(const em::ChromeDeviceSettingsProto& policy,
111 PolicyMap* policies) {
112 if (policy.has_guest_mode_enabled()) {
113 const em::GuestModeEnabledProto& container(policy.guest_mode_enabled());
114 if (container.has_guest_mode_enabled()) {
115 policies->Set(key::kDeviceGuestModeEnabled,
116 POLICY_LEVEL_MANDATORY,
117 POLICY_SCOPE_MACHINE,
118 new base::FundamentalValue(
119 container.guest_mode_enabled()),
120 NULL);
121 }
122 }
123
124 if (policy.has_reboot_on_shutdown()) {
125 const em::RebootOnShutdownProto& container(policy.reboot_on_shutdown());
126 if (container.has_reboot_on_shutdown()) {
127 policies->Set(key::kDeviceRebootOnShutdown, POLICY_LEVEL_MANDATORY,
128 POLICY_SCOPE_MACHINE,
129 new base::FundamentalValue(container.reboot_on_shutdown()),
130 NULL);
131 }
132 }
133
134 if (policy.has_show_user_names()) {
135 const em::ShowUserNamesOnSigninProto& container(policy.show_user_names());
136 if (container.has_show_user_names()) {
137 policies->Set(key::kDeviceShowUserNamesOnSignin,
138 POLICY_LEVEL_MANDATORY,
139 POLICY_SCOPE_MACHINE,
140 new base::FundamentalValue(
141 container.show_user_names()),
142 NULL);
143 }
144 }
145
146 if (policy.has_allow_new_users()) {
147 const em::AllowNewUsersProto& container(policy.allow_new_users());
148 if (container.has_allow_new_users()) {
149 policies->Set(key::kDeviceAllowNewUsers,
150 POLICY_LEVEL_MANDATORY,
151 POLICY_SCOPE_MACHINE,
152 new base::FundamentalValue(
153 container.allow_new_users()),
154 NULL);
155 }
156 }
157
158 if (policy.has_user_whitelist()) {
159 const em::UserWhitelistProto& container(policy.user_whitelist());
160 base::ListValue* whitelist = new base::ListValue();
161 RepeatedPtrField<std::string>::const_iterator entry;
162 for (entry = container.user_whitelist().begin();
163 entry != container.user_whitelist().end();
164 ++entry) {
165 whitelist->Append(new base::StringValue(*entry));
166 }
167 policies->Set(key::kDeviceUserWhitelist,
168 POLICY_LEVEL_MANDATORY,
169 POLICY_SCOPE_MACHINE,
170 whitelist,
171 NULL);
172 }
173
174 if (policy.has_ephemeral_users_enabled()) {
175 const em::EphemeralUsersEnabledProto& container(
176 policy.ephemeral_users_enabled());
177 if (container.has_ephemeral_users_enabled()) {
178 policies->Set(key::kDeviceEphemeralUsersEnabled,
179 POLICY_LEVEL_MANDATORY,
180 POLICY_SCOPE_MACHINE,
181 new base::FundamentalValue(
182 container.ephemeral_users_enabled()),
183 NULL);
184 }
185 }
186
187 if (policy.has_device_local_accounts()) {
188 const em::DeviceLocalAccountsProto& container(
189 policy.device_local_accounts());
190 const RepeatedPtrField<em::DeviceLocalAccountInfoProto>& accounts =
191 container.account();
192 scoped_ptr<base::ListValue> account_list(new base::ListValue());
193 RepeatedPtrField<em::DeviceLocalAccountInfoProto>::const_iterator entry;
194 for (entry = accounts.begin(); entry != accounts.end(); ++entry) {
195 scoped_ptr<base::DictionaryValue> entry_dict(
196 new base::DictionaryValue());
197 if (entry->has_type()) {
198 if (entry->has_account_id()) {
199 entry_dict->SetStringWithoutPathExpansion(
200 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
201 entry->account_id());
202 }
203 entry_dict->SetIntegerWithoutPathExpansion(
204 chromeos::kAccountsPrefDeviceLocalAccountsKeyType, entry->type());
205 if (entry->kiosk_app().has_app_id()) {
206 entry_dict->SetStringWithoutPathExpansion(
207 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
208 entry->kiosk_app().app_id());
209 }
210 if (entry->kiosk_app().has_update_url()) {
211 entry_dict->SetStringWithoutPathExpansion(
212 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppUpdateURL,
213 entry->kiosk_app().update_url());
214 }
215 } else if (entry->has_deprecated_public_session_id()) {
216 // Deprecated public session specification.
217 entry_dict->SetStringWithoutPathExpansion(
218 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
219 entry->deprecated_public_session_id());
220 entry_dict->SetIntegerWithoutPathExpansion(
221 chromeos::kAccountsPrefDeviceLocalAccountsKeyType,
222 DeviceLocalAccount::TYPE_PUBLIC_SESSION);
223 }
224 account_list->Append(entry_dict.release());
225 }
226 policies->Set(key::kDeviceLocalAccounts,
227 POLICY_LEVEL_MANDATORY,
228 POLICY_SCOPE_MACHINE,
229 account_list.release(),
230 NULL);
231 if (container.has_auto_login_id()) {
232 policies->Set(key::kDeviceLocalAccountAutoLoginId,
233 POLICY_LEVEL_MANDATORY,
234 POLICY_SCOPE_MACHINE,
235 new base::StringValue(container.auto_login_id()),
236 NULL);
237 }
238 if (container.has_auto_login_delay()) {
239 policies->Set(key::kDeviceLocalAccountAutoLoginDelay,
240 POLICY_LEVEL_MANDATORY,
241 POLICY_SCOPE_MACHINE,
242 DecodeIntegerValue(container.auto_login_delay()).release(),
243 NULL);
244 }
245 if (container.has_enable_auto_login_bailout()) {
246 policies->Set(key::kDeviceLocalAccountAutoLoginBailoutEnabled,
247 POLICY_LEVEL_MANDATORY,
248 POLICY_SCOPE_MACHINE,
249 new base::FundamentalValue(
250 container.enable_auto_login_bailout()),
251 NULL);
252 }
253 if (container.has_prompt_for_network_when_offline()) {
254 policies->Set(key::kDeviceLocalAccountPromptForNetworkWhenOffline,
255 POLICY_LEVEL_MANDATORY,
256 POLICY_SCOPE_MACHINE,
257 new base::FundamentalValue(
258 container.prompt_for_network_when_offline()),
259 NULL);
260 }
261 }
262
263 if (policy.has_supervised_users_settings()) {
264 const em::SupervisedUsersSettingsProto& container =
265 policy.supervised_users_settings();
266 if (container.has_supervised_users_enabled()) {
267 base::Value* value = new base::FundamentalValue(
268 container.supervised_users_enabled());
269 policies->Set(key::kSupervisedUsersEnabled,
270 POLICY_LEVEL_MANDATORY,
271 POLICY_SCOPE_MACHINE,
272 value,
273 NULL);
274 }
275 }
276
277 if (policy.has_saml_settings()) {
278 const em::SAMLSettingsProto& container(policy.saml_settings());
279 if (container.has_transfer_saml_cookies()) {
280 policies->Set(key::kDeviceTransferSAMLCookies,
281 POLICY_LEVEL_MANDATORY,
282 POLICY_SCOPE_MACHINE,
283 new base::FundamentalValue(
284 container.transfer_saml_cookies()),
285 NULL);
286 }
287 }
288 }
289
290 void DecodeNetworkPolicies(const em::ChromeDeviceSettingsProto& policy,
291 PolicyMap* policies) {
292 if (policy.has_data_roaming_enabled()) {
293 const em::DataRoamingEnabledProto& container(policy.data_roaming_enabled());
294 if (container.has_data_roaming_enabled()) {
295 policies->Set(key::kDeviceDataRoamingEnabled,
296 POLICY_LEVEL_MANDATORY,
297 POLICY_SCOPE_MACHINE,
298 new base::FundamentalValue(
299 container.data_roaming_enabled()),
300 NULL);
301 }
302 }
303
304 if (policy.has_open_network_configuration() &&
305 policy.open_network_configuration().has_open_network_configuration()) {
306 std::string config(
307 policy.open_network_configuration().open_network_configuration());
308 policies->Set(key::kDeviceOpenNetworkConfiguration,
309 POLICY_LEVEL_MANDATORY,
310 POLICY_SCOPE_MACHINE,
311 new base::StringValue(config),
312 NULL);
313 }
314 }
315
316 void DecodeReportingPolicies(const em::ChromeDeviceSettingsProto& policy,
317 PolicyMap* policies) {
318 if (policy.has_device_reporting()) {
319 const em::DeviceReportingProto& container(policy.device_reporting());
320 if (container.has_report_version_info()) {
321 policies->Set(key::kReportDeviceVersionInfo,
322 POLICY_LEVEL_MANDATORY,
323 POLICY_SCOPE_MACHINE,
324 new base::FundamentalValue(
325 container.report_version_info()),
326 NULL);
327 }
328 if (container.has_report_activity_times()) {
329 policies->Set(key::kReportDeviceActivityTimes,
330 POLICY_LEVEL_MANDATORY,
331 POLICY_SCOPE_MACHINE,
332 new base::FundamentalValue(
333 container.report_activity_times()),
334 NULL);
335 }
336 if (container.has_report_boot_mode()) {
337 policies->Set(key::kReportDeviceBootMode,
338 POLICY_LEVEL_MANDATORY,
339 POLICY_SCOPE_MACHINE,
340 new base::FundamentalValue(
341 container.report_boot_mode()),
342 NULL);
343 }
344 if (container.has_report_location()) {
345 policies->Set(key::kReportDeviceLocation,
346 POLICY_LEVEL_MANDATORY,
347 POLICY_SCOPE_MACHINE,
348 new base::FundamentalValue(
349 container.report_location()),
350 NULL);
351 }
352 if (container.has_report_network_interfaces()) {
353 policies->Set(key::kReportDeviceNetworkInterfaces,
354 POLICY_LEVEL_MANDATORY,
355 POLICY_SCOPE_MACHINE,
356 new base::FundamentalValue(
357 container.report_network_interfaces()),
358 NULL);
359 }
360 if (container.has_report_users()) {
361 policies->Set(key::kReportDeviceUsers,
362 POLICY_LEVEL_MANDATORY,
363 POLICY_SCOPE_MACHINE,
364 new base::FundamentalValue(container.report_users()),
365 NULL);
366 }
367 if (container.has_report_hardware_status()) {
368 policies->Set(key::kReportDeviceHardwareStatus,
369 POLICY_LEVEL_MANDATORY,
370 POLICY_SCOPE_MACHINE,
371 new base::FundamentalValue(
372 container.report_hardware_status()),
373 NULL);
374 }
375 if (container.has_report_session_status()) {
376 policies->Set(key::kReportDeviceSessionStatus,
377 POLICY_LEVEL_MANDATORY,
378 POLICY_SCOPE_MACHINE,
379 new base::FundamentalValue(
380 container.report_session_status()),
381 NULL);
382 }
383 if (container.has_device_status_frequency()) {
384 policies->Set(key::kReportUploadFrequency,
385 POLICY_LEVEL_MANDATORY,
386 POLICY_SCOPE_MACHINE,
387 DecodeIntegerValue(
388 container.device_status_frequency()).release(),
389 NULL);
390 }
391 }
392
393 if (policy.has_device_heartbeat_settings()) {
394 const em::DeviceHeartbeatSettingsProto& container(
395 policy.device_heartbeat_settings());
396 if (container.has_heartbeat_enabled()) {
397 policies->Set(key::kHeartbeatEnabled,
398 POLICY_LEVEL_MANDATORY,
399 POLICY_SCOPE_MACHINE,
400 new base::FundamentalValue(
401 container.heartbeat_enabled()),
402 NULL);
403 }
404 if (container.has_heartbeat_frequency()) {
405 policies->Set(key::kHeartbeatFrequency,
406 POLICY_LEVEL_MANDATORY,
407 POLICY_SCOPE_MACHINE,
408 DecodeIntegerValue(
409 container.heartbeat_frequency()).release(),
410 NULL);
411 }
412 }
413 }
414
415 void DecodeAutoUpdatePolicies(const em::ChromeDeviceSettingsProto& policy,
416 PolicyMap* policies) {
417 if (policy.has_release_channel()) {
418 const em::ReleaseChannelProto& container(policy.release_channel());
419 if (container.has_release_channel()) {
420 std::string channel(container.release_channel());
421 policies->Set(key::kChromeOsReleaseChannel,
422 POLICY_LEVEL_MANDATORY,
423 POLICY_SCOPE_MACHINE,
424 new base::StringValue(channel),
425 NULL);
426 // TODO(dubroy): Once http://crosbug.com/17015 is implemented, we won't
427 // have to pass the channel in here, only ping the update engine to tell
428 // it to fetch the channel from the policy.
429 chromeos::DBusThreadManager::Get()->GetUpdateEngineClient()->
430 SetChannel(channel, false);
431 }
432 if (container.has_release_channel_delegated()) {
433 policies->Set(key::kChromeOsReleaseChannelDelegated,
434 POLICY_LEVEL_MANDATORY,
435 POLICY_SCOPE_MACHINE,
436 new base::FundamentalValue(
437 container.release_channel_delegated()),
438 NULL);
439 }
440 }
441
442 if (policy.has_auto_update_settings()) {
443 const em::AutoUpdateSettingsProto& container(policy.auto_update_settings());
444 if (container.has_update_disabled()) {
445 policies->Set(key::kDeviceAutoUpdateDisabled,
446 POLICY_LEVEL_MANDATORY,
447 POLICY_SCOPE_MACHINE,
448 new base::FundamentalValue(
449 container.update_disabled()),
450 NULL);
451 }
452
453 if (container.has_target_version_prefix()) {
454 policies->Set(key::kDeviceTargetVersionPrefix,
455 POLICY_LEVEL_MANDATORY,
456 POLICY_SCOPE_MACHINE,
457 new base::StringValue(
458 container.target_version_prefix()),
459 NULL);
460 }
461
462 // target_version_display_name is not actually a policy, but a display
463 // string for target_version_prefix, so we ignore it.
464
465 if (container.has_scatter_factor_in_seconds()) {
466 policies->Set(key::kDeviceUpdateScatterFactor,
467 POLICY_LEVEL_MANDATORY,
468 POLICY_SCOPE_MACHINE,
469 new base::FundamentalValue(static_cast<int>(
470 container.scatter_factor_in_seconds())),
471 NULL);
472 }
473
474 if (container.allowed_connection_types_size()) {
475 base::ListValue* allowed_connection_types = new base::ListValue();
476 RepeatedField<int>::const_iterator entry;
477 for (entry = container.allowed_connection_types().begin();
478 entry != container.allowed_connection_types().end();
479 ++entry) {
480 base::Value* value = DecodeConnectionType(*entry);
481 if (value)
482 allowed_connection_types->Append(value);
483 }
484 policies->Set(key::kDeviceUpdateAllowedConnectionTypes,
485 POLICY_LEVEL_MANDATORY,
486 POLICY_SCOPE_MACHINE,
487 allowed_connection_types,
488 NULL);
489 }
490
491 if (container.has_http_downloads_enabled()) {
492 policies->Set(
493 key::kDeviceUpdateHttpDownloadsEnabled,
494 POLICY_LEVEL_MANDATORY,
495 POLICY_SCOPE_MACHINE,
496 new base::FundamentalValue(container.http_downloads_enabled()),
497 NULL);
498 }
499
500 if (container.has_reboot_after_update()) {
501 policies->Set(key::kRebootAfterUpdate,
502 POLICY_LEVEL_MANDATORY,
503 POLICY_SCOPE_MACHINE,
504 new base::FundamentalValue(
505 container.reboot_after_update()),
506 NULL);
507 }
508
509 if (container.has_p2p_enabled()) {
510 policies->Set(key::kDeviceAutoUpdateP2PEnabled,
511 POLICY_LEVEL_MANDATORY,
512 POLICY_SCOPE_MACHINE,
513 new base::FundamentalValue(container.p2p_enabled()),
514 NULL);
515 }
516 }
517 }
518
519 void DecodeAccessibilityPolicies(const em::ChromeDeviceSettingsProto& policy,
520 PolicyMap* policies) {
521 if (policy.has_accessibility_settings()) {
522 const em::AccessibilitySettingsProto&
523 container(policy.accessibility_settings());
524
525 if (container.has_login_screen_default_large_cursor_enabled()) {
526 policies->Set(
527 key::kDeviceLoginScreenDefaultLargeCursorEnabled,
528 POLICY_LEVEL_MANDATORY,
529 POLICY_SCOPE_MACHINE,
530 new base::FundamentalValue(
531 container.login_screen_default_large_cursor_enabled()),
532 NULL);
533 }
534
535 if (container.has_login_screen_default_spoken_feedback_enabled()) {
536 policies->Set(
537 key::kDeviceLoginScreenDefaultSpokenFeedbackEnabled,
538 POLICY_LEVEL_MANDATORY,
539 POLICY_SCOPE_MACHINE,
540 new base::FundamentalValue(
541 container.login_screen_default_spoken_feedback_enabled()),
542 NULL);
543 }
544
545 if (container.has_login_screen_default_high_contrast_enabled()) {
546 policies->Set(
547 key::kDeviceLoginScreenDefaultHighContrastEnabled,
548 POLICY_LEVEL_MANDATORY,
549 POLICY_SCOPE_MACHINE,
550 new base::FundamentalValue(
551 container.login_screen_default_high_contrast_enabled()),
552 NULL);
553 }
554
555 if (container.has_login_screen_default_screen_magnifier_type()) {
556 policies->Set(
557 key::kDeviceLoginScreenDefaultScreenMagnifierType,
558 POLICY_LEVEL_MANDATORY,
559 POLICY_SCOPE_MACHINE,
560 DecodeIntegerValue(
561 container.login_screen_default_screen_magnifier_type()).release(),
562 NULL);
563 }
564
565 if (container.has_login_screen_default_virtual_keyboard_enabled()) {
566 policies->Set(
567 key::kDeviceLoginScreenDefaultVirtualKeyboardEnabled,
568 POLICY_LEVEL_MANDATORY,
569 POLICY_SCOPE_MACHINE,
570 new base::FundamentalValue(
571 container.login_screen_default_virtual_keyboard_enabled()),
572 NULL);
573 }
574 }
575 }
576
577 void DecodeGenericPolicies(const em::ChromeDeviceSettingsProto& policy,
578 PolicyMap* policies) {
579 if (policy.has_device_policy_refresh_rate()) {
580 const em::DevicePolicyRefreshRateProto& container(
581 policy.device_policy_refresh_rate());
582 if (container.has_device_policy_refresh_rate()) {
583 policies->Set(
584 key::kDevicePolicyRefreshRate,
585 POLICY_LEVEL_MANDATORY,
586 POLICY_SCOPE_MACHINE,
587 DecodeIntegerValue(container.device_policy_refresh_rate()).release(),
588 NULL);
589 }
590 }
591
592 if (policy.has_metrics_enabled()) {
593 const em::MetricsEnabledProto& container(policy.metrics_enabled());
594 if (container.has_metrics_enabled()) {
595 policies->Set(key::kDeviceMetricsReportingEnabled,
596 POLICY_LEVEL_MANDATORY,
597 POLICY_SCOPE_MACHINE,
598 new base::FundamentalValue(
599 container.metrics_enabled()),
600 NULL);
601 }
602 }
603
604 if (policy.has_system_timezone()) {
605 if (policy.system_timezone().has_timezone()) {
606 policies->Set(key::kSystemTimezone,
607 POLICY_LEVEL_MANDATORY,
608 POLICY_SCOPE_MACHINE,
609 new base::StringValue(
610 policy.system_timezone().timezone()),
611 NULL);
612 }
613 }
614
615 if (policy.has_use_24hour_clock()) {
616 if (policy.use_24hour_clock().has_use_24hour_clock()) {
617 policies->Set(key::kSystemUse24HourClock,
618 POLICY_LEVEL_MANDATORY,
619 POLICY_SCOPE_MACHINE,
620 new base::FundamentalValue(
621 policy.use_24hour_clock().use_24hour_clock()),
622 NULL);
623 }
624 }
625
626 if (policy.has_allow_redeem_offers()) {
627 const em::AllowRedeemChromeOsRegistrationOffersProto& container(
628 policy.allow_redeem_offers());
629 if (container.has_allow_redeem_offers()) {
630 policies->Set(key::kDeviceAllowRedeemChromeOsRegistrationOffers,
631 POLICY_LEVEL_MANDATORY,
632 POLICY_SCOPE_MACHINE,
633 new base::FundamentalValue(
634 container.allow_redeem_offers()),
635 NULL);
636 }
637 }
638
639 if (policy.has_uptime_limit()) {
640 const em::UptimeLimitProto& container(policy.uptime_limit());
641 if (container.has_uptime_limit()) {
642 policies->Set(key::kUptimeLimit,
643 POLICY_LEVEL_MANDATORY,
644 POLICY_SCOPE_MACHINE,
645 DecodeIntegerValue(container.uptime_limit()).release(),
646 NULL);
647 }
648 }
649
650 if (policy.has_start_up_flags()) {
651 const em::StartUpFlagsProto& container(policy.start_up_flags());
652 base::ListValue* flags = new base::ListValue();
653 RepeatedPtrField<std::string>::const_iterator entry;
654 for (entry = container.flags().begin();
655 entry != container.flags().end();
656 ++entry) {
657 flags->Append(new base::StringValue(*entry));
658 }
659 policies->Set(key::kDeviceStartUpFlags,
660 POLICY_LEVEL_MANDATORY,
661 POLICY_SCOPE_MACHINE,
662 flags,
663 NULL);
664 }
665
666 if (policy.has_variations_parameter()) {
667 if (policy.variations_parameter().has_parameter()) {
668 policies->Set(key::kDeviceVariationsRestrictParameter,
669 POLICY_LEVEL_MANDATORY,
670 POLICY_SCOPE_MACHINE,
671 new base::StringValue(
672 policy.variations_parameter().parameter()),
673 NULL);
674 }
675 }
676
677 if (policy.has_attestation_settings()) {
678 if (policy.attestation_settings().has_attestation_enabled()) {
679 policies->Set(key::kAttestationEnabledForDevice,
680 POLICY_LEVEL_MANDATORY,
681 POLICY_SCOPE_MACHINE,
682 new base::FundamentalValue(
683 policy.attestation_settings().attestation_enabled()),
684 NULL);
685 }
686 if (policy.attestation_settings().has_content_protection_enabled()) {
687 policies->Set(
688 key::kAttestationForContentProtectionEnabled,
689 POLICY_LEVEL_MANDATORY,
690 POLICY_SCOPE_MACHINE,
691 new base::FundamentalValue(
692 policy.attestation_settings().content_protection_enabled()),
693 NULL);
694 }
695 }
696
697 if (policy.has_login_screen_power_management()) {
698 const em::LoginScreenPowerManagementProto& container(
699 policy.login_screen_power_management());
700 if (container.has_login_screen_power_management()) {
701 scoped_ptr<base::Value> decoded_json;
702 decoded_json = DecodeJsonStringAndDropUnknownBySchema(
703 container.login_screen_power_management(),
704 key::kDeviceLoginScreenPowerManagement);
705 if (decoded_json) {
706 policies->Set(key::kDeviceLoginScreenPowerManagement,
707 POLICY_LEVEL_MANDATORY,
708 POLICY_SCOPE_MACHINE,
709 decoded_json.release(),
710 NULL);
711 }
712 }
713 }
714
715 if (policy.has_system_settings()) {
716 const em::SystemSettingsProto& container(policy.system_settings());
717 if (container.has_block_devmode()) {
718 policies->Set(
719 key::kDeviceBlockDevmode,
720 POLICY_LEVEL_MANDATORY,
721 POLICY_SCOPE_MACHINE,
722 new base::FundamentalValue(container.block_devmode()),
723 NULL);
724 }
725 }
726
727 if (policy.has_extension_cache_size()) {
728 const em::ExtensionCacheSizeProto& container(policy.extension_cache_size());
729 if (container.has_extension_cache_size()) {
730 policies->Set(
731 key::kExtensionCacheSize, POLICY_LEVEL_MANDATORY,
732 POLICY_SCOPE_MACHINE,
733 DecodeIntegerValue(container.extension_cache_size()).release(),
734 nullptr);
735 }
736 }
737
738 if (policy.has_login_screen_domain_auto_complete()) {
739 const em::LoginScreenDomainAutoCompleteProto& container(
740 policy.login_screen_domain_auto_complete());
741 policies->Set(
742 key::kDeviceLoginScreenDomainAutoComplete, POLICY_LEVEL_MANDATORY,
743 POLICY_SCOPE_MACHINE,
744 new base::StringValue(container.login_screen_domain_auto_complete()),
745 nullptr);
746 }
747 }
748
749 } // namespace
750
751 void DecodeDevicePolicy(const em::ChromeDeviceSettingsProto& policy,
752 PolicyMap* policies) {
753 // Decode the various groups of policies.
754 DecodeLoginPolicies(policy, policies);
755 DecodeNetworkPolicies(policy, policies);
756 DecodeReportingPolicies(policy, policies);
757 DecodeAutoUpdatePolicies(policy, policies);
758 DecodeAccessibilityPolicies(policy, policies);
759 DecodeGenericPolicies(policy, policies);
760 }
761
762 } // namespace policy