search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / chromeos / policy / device_policy_decoder_chromeos.cc
blobda02e02bb320c005773a83669149775910a4ab58
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/policy/device_policy_decoder_chromeos.h"
6
7 #include <limits>
8
9 #include "base/callback.h"
10 #include "base/logging.h"
11 #include "base/values.h"
12 #include "chrome/browser/chromeos/policy/device_local_account.h"
13 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
15 #include "chromeos/dbus/dbus_thread_manager.h"
16 #include "chromeos/dbus/update_engine_client.h"
17 #include "chromeos/settings/cros_settings_names.h"
18 #include "components/policy/core/common/external_data_fetcher.h"
19 #include "components/policy/core/common/policy_map.h"
20 #include "policy/policy_constants.h"
21 #include "third_party/cros_system_api/dbus/service_constants.h"
22
23 using google::protobuf::RepeatedField;
24 using google::protobuf::RepeatedPtrField;
25
26 namespace em = enterprise_management;
27
28 namespace policy {
29
30 namespace {
31
32 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership
33 // of the return Value*. Returns NULL in case the input value is out of bounds.
34 base::Value* DecodeIntegerValue(google::protobuf::int64 value) {
35 if (value < std::numeric_limits<int>::min() ||
36 value > std::numeric_limits<int>::max()) {
37 LOG(WARNING) << "Integer value " << value
38 << " out of numeric limits, ignoring.";
39 return NULL;
40 }
41
42 return base::Value::CreateIntegerValue(static_cast<int>(value));
43 }
44
45 base::Value* DecodeConnectionType(int value) {
46 static const char* const kConnectionTypes[] = {
47 shill::kTypeEthernet,
48 shill::kTypeWifi,
49 shill::kTypeWimax,
50 shill::kTypeBluetooth,
51 shill::kTypeCellular,
52 };
53
54 if (value < 0 || value >= static_cast<int>(arraysize(kConnectionTypes)))
55 return NULL;
56
57 return base::Value::CreateStringValue(kConnectionTypes[value]);
58 }
59
60 void DecodeLoginPolicies(const em::ChromeDeviceSettingsProto& policy,
61 PolicyMap* policies) {
62 if (policy.has_guest_mode_enabled()) {
63 const em::GuestModeEnabledProto& container(policy.guest_mode_enabled());
64 if (container.has_guest_mode_enabled()) {
65 policies->Set(key::kDeviceGuestModeEnabled,
66 POLICY_LEVEL_MANDATORY,
67 POLICY_SCOPE_MACHINE,
68 base::Value::CreateBooleanValue(
69 container.guest_mode_enabled()),
70 NULL);
71 }
72 }
73
74 if (policy.has_show_user_names()) {
75 const em::ShowUserNamesOnSigninProto& container(policy.show_user_names());
76 if (container.has_show_user_names()) {
77 policies->Set(key::kDeviceShowUserNamesOnSignin,
78 POLICY_LEVEL_MANDATORY,
79 POLICY_SCOPE_MACHINE,
80 base::Value::CreateBooleanValue(
81 container.show_user_names()),
82 NULL);
83 }
84 }
85
86 if (policy.has_allow_new_users()) {
87 const em::AllowNewUsersProto& container(policy.allow_new_users());
88 if (container.has_allow_new_users()) {
89 policies->Set(key::kDeviceAllowNewUsers,
90 POLICY_LEVEL_MANDATORY,
91 POLICY_SCOPE_MACHINE,
92 base::Value::CreateBooleanValue(
93 container.allow_new_users()),
94 NULL);
95 }
96 }
97
98 if (policy.has_user_whitelist()) {
99 const em::UserWhitelistProto& container(policy.user_whitelist());
100 base::ListValue* whitelist = new base::ListValue();
101 RepeatedPtrField<std::string>::const_iterator entry;
102 for (entry = container.user_whitelist().begin();
103 entry != container.user_whitelist().end();
104 ++entry) {
105 whitelist->Append(base::Value::CreateStringValue(*entry));
106 }
107 policies->Set(key::kDeviceUserWhitelist,
108 POLICY_LEVEL_MANDATORY,
109 POLICY_SCOPE_MACHINE,
110 whitelist,
111 NULL);
112 }
113
114 if (policy.has_ephemeral_users_enabled()) {
115 const em::EphemeralUsersEnabledProto& container(
116 policy.ephemeral_users_enabled());
117 if (container.has_ephemeral_users_enabled()) {
118 policies->Set(key::kDeviceEphemeralUsersEnabled,
119 POLICY_LEVEL_MANDATORY,
120 POLICY_SCOPE_MACHINE,
121 base::Value::CreateBooleanValue(
122 container.ephemeral_users_enabled()),
123 NULL);
124 }
125 }
126
127 if (policy.has_device_local_accounts()) {
128 const em::DeviceLocalAccountsProto& container(
129 policy.device_local_accounts());
130 const RepeatedPtrField<em::DeviceLocalAccountInfoProto>& accounts =
131 container.account();
132 scoped_ptr<base::ListValue> account_list(new base::ListValue());
133 RepeatedPtrField<em::DeviceLocalAccountInfoProto>::const_iterator entry;
134 for (entry = accounts.begin(); entry != accounts.end(); ++entry) {
135 scoped_ptr<base::DictionaryValue> entry_dict(
136 new base::DictionaryValue());
137 if (entry->has_type()) {
138 if (entry->has_account_id()) {
139 entry_dict->SetStringWithoutPathExpansion(
140 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
141 entry->account_id());
142 }
143 entry_dict->SetIntegerWithoutPathExpansion(
144 chromeos::kAccountsPrefDeviceLocalAccountsKeyType, entry->type());
145 if (entry->kiosk_app().has_app_id()) {
146 entry_dict->SetStringWithoutPathExpansion(
147 chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
148 entry->kiosk_app().app_id());
149 }
150 } else if (entry->has_deprecated_public_session_id()) {
151 // Deprecated public session specification.
152 entry_dict->SetStringWithoutPathExpansion(
153 chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
154 entry->deprecated_public_session_id());
155 entry_dict->SetIntegerWithoutPathExpansion(
156 chromeos::kAccountsPrefDeviceLocalAccountsKeyType,
157 DeviceLocalAccount::TYPE_PUBLIC_SESSION);
158 }
159 account_list->Append(entry_dict.release());
160 }
161 policies->Set(key::kDeviceLocalAccounts,
162 POLICY_LEVEL_MANDATORY,
163 POLICY_SCOPE_MACHINE,
164 account_list.release(),
165 NULL);
166 if (container.has_auto_login_id()) {
167 policies->Set(key::kDeviceLocalAccountAutoLoginId,
168 POLICY_LEVEL_MANDATORY,
169 POLICY_SCOPE_MACHINE,
170 base::Value::CreateStringValue(container.auto_login_id()),
171 NULL);
172 }
173 if (container.has_auto_login_delay()) {
174 policies->Set(key::kDeviceLocalAccountAutoLoginDelay,
175 POLICY_LEVEL_MANDATORY,
176 POLICY_SCOPE_MACHINE,
177 DecodeIntegerValue(container.auto_login_delay()),
178 NULL);
179 }
180 if (container.has_enable_auto_login_bailout()) {
181 policies->Set(key::kDeviceLocalAccountAutoLoginBailoutEnabled,
182 POLICY_LEVEL_MANDATORY,
183 POLICY_SCOPE_MACHINE,
184 base::Value::CreateBooleanValue(
185 container.enable_auto_login_bailout()),
186 NULL);
187 }
188 if (container.has_prompt_for_network_when_offline()) {
189 policies->Set(key::kDeviceLocalAccountPromptForNetworkWhenOffline,
190 POLICY_LEVEL_MANDATORY,
191 POLICY_SCOPE_MACHINE,
192 base::Value::CreateBooleanValue(
193 container.prompt_for_network_when_offline()),
194 NULL);
195 }
196 }
197
198 if (policy.has_supervised_users_settings()) {
199 const em::SupervisedUsersSettingsProto& container =
200 policy.supervised_users_settings();
201 if (container.has_supervised_users_enabled()) {
202 base::Value* value = base::Value::CreateBooleanValue(
203 container.supervised_users_enabled());
204 policies->Set(key::kSupervisedUsersEnabled,
205 POLICY_LEVEL_MANDATORY,
206 POLICY_SCOPE_MACHINE,
207 value,
208 NULL);
209 }
210 }
211 }
212
213 void DecodeKioskPolicies(const em::ChromeDeviceSettingsProto& policy,
214 PolicyMap* policies,
215 EnterpriseInstallAttributes* install_attributes) {
216 // No policies if this is not KIOSK.
217 if (install_attributes->GetMode() != DEVICE_MODE_RETAIL_KIOSK)
218 return;
219
220 if (policy.has_forced_logout_timeouts()) {
221 const em::ForcedLogoutTimeoutsProto& container(
222 policy.forced_logout_timeouts());
223 if (container.has_idle_logout_timeout()) {
224 policies->Set(key::kDeviceIdleLogoutTimeout,
225 POLICY_LEVEL_MANDATORY,
226 POLICY_SCOPE_MACHINE,
227 DecodeIntegerValue(container.idle_logout_timeout()),
228 NULL);
229 }
230 if (container.has_idle_logout_warning_duration()) {
231 policies->Set(key::kDeviceIdleLogoutWarningDuration,
232 POLICY_LEVEL_MANDATORY,
233 POLICY_SCOPE_MACHINE,
234 DecodeIntegerValue(
235 container.idle_logout_warning_duration()),
236 NULL);
237 }
238 }
239
240 if (policy.has_login_screen_saver()) {
241 const em::ScreenSaverProto& container(
242 policy.login_screen_saver());
243 if (container.has_screen_saver_extension_id()) {
244 policies->Set(key::kDeviceLoginScreenSaverId,
245 POLICY_LEVEL_MANDATORY,
246 POLICY_SCOPE_MACHINE,
247 base::Value::CreateStringValue(
248 container.screen_saver_extension_id()),
249 NULL);
250 }
251 if (container.has_screen_saver_timeout()) {
252 policies->Set(key::kDeviceLoginScreenSaverTimeout,
253 POLICY_LEVEL_MANDATORY,
254 POLICY_SCOPE_MACHINE,
255 DecodeIntegerValue(container.screen_saver_timeout()),
256 NULL);
257 }
258 }
259
260 if (policy.has_app_pack()) {
261 const em::AppPackProto& container(policy.app_pack());
262 base::ListValue* app_pack_list = new base::ListValue();
263 for (int i = 0; i < container.app_pack_size(); ++i) {
264 const em::AppPackEntryProto& entry(container.app_pack(i));
265 if (entry.has_extension_id() && entry.has_update_url()) {
266 base::DictionaryValue* dict = new base::DictionaryValue();
267 dict->SetString(chromeos::kAppPackKeyExtensionId, entry.extension_id());
268 dict->SetString(chromeos::kAppPackKeyUpdateUrl, entry.update_url());
269 app_pack_list->Append(dict);
270 }
271 }
272 policies->Set(key::kDeviceAppPack,
273 POLICY_LEVEL_MANDATORY,
274 POLICY_SCOPE_MACHINE,
275 app_pack_list,
276 NULL);
277 }
278
279 if (policy.has_pinned_apps()) {
280 const em::PinnedAppsProto& container(policy.pinned_apps());
281 base::ListValue* pinned_apps_list = new base::ListValue();
282 for (int i = 0; i < container.app_id_size(); ++i) {
283 pinned_apps_list->Append(
284 base::Value::CreateStringValue(container.app_id(i)));
285 }
286
287 policies->Set(key::kPinnedLauncherApps,
288 POLICY_LEVEL_RECOMMENDED,
289 POLICY_SCOPE_MACHINE,
290 pinned_apps_list,
291 NULL);
292 }
293 }
294
295 void DecodeNetworkPolicies(const em::ChromeDeviceSettingsProto& policy,
296 PolicyMap* policies,
297 EnterpriseInstallAttributes* install_attributes) {
298 if (policy.has_device_proxy_settings()) {
299 const em::DeviceProxySettingsProto& container(
300 policy.device_proxy_settings());
301 scoped_ptr<base::DictionaryValue> proxy_settings(new base::DictionaryValue);
302 if (container.has_proxy_mode())
303 proxy_settings->SetString(key::kProxyMode, container.proxy_mode());
304 if (container.has_proxy_server())
305 proxy_settings->SetString(key::kProxyServer, container.proxy_server());
306 if (container.has_proxy_pac_url())
307 proxy_settings->SetString(key::kProxyPacUrl, container.proxy_pac_url());
308 if (container.has_proxy_bypass_list()) {
309 proxy_settings->SetString(key::kProxyBypassList,
310 container.proxy_bypass_list());
311 }
312
313 // Figure out the level. Proxy policy is mandatory in kiosk mode.
314 PolicyLevel level = POLICY_LEVEL_RECOMMENDED;
315 if (install_attributes->GetMode() == DEVICE_MODE_RETAIL_KIOSK)
316 level = POLICY_LEVEL_MANDATORY;
317
318 if (!proxy_settings->empty()) {
319 policies->Set(key::kProxySettings,
320 level,
321 POLICY_SCOPE_MACHINE,
322 proxy_settings.release(),
323 NULL);
324 }
325 }
326
327 if (policy.has_data_roaming_enabled()) {
328 const em::DataRoamingEnabledProto& container(policy.data_roaming_enabled());
329 if (container.has_data_roaming_enabled()) {
330 policies->Set(key::kDeviceDataRoamingEnabled,
331 POLICY_LEVEL_MANDATORY,
332 POLICY_SCOPE_MACHINE,
333 base::Value::CreateBooleanValue(
334 container.data_roaming_enabled()),
335 NULL);
336 }
337 }
338
339 if (policy.has_open_network_configuration() &&
340 policy.open_network_configuration().has_open_network_configuration()) {
341 std::string config(
342 policy.open_network_configuration().open_network_configuration());
343 policies->Set(key::kDeviceOpenNetworkConfiguration,
344 POLICY_LEVEL_MANDATORY,
345 POLICY_SCOPE_MACHINE,
346 base::Value::CreateStringValue(config),
347 NULL);
348 }
349 }
350
351 void DecodeReportingPolicies(const em::ChromeDeviceSettingsProto& policy,
352 PolicyMap* policies) {
353 if (policy.has_device_reporting()) {
354 const em::DeviceReportingProto& container(policy.device_reporting());
355 if (container.has_report_version_info()) {
356 policies->Set(key::kReportDeviceVersionInfo,
357 POLICY_LEVEL_MANDATORY,
358 POLICY_SCOPE_MACHINE,
359 base::Value::CreateBooleanValue(
360 container.report_version_info()),
361 NULL);
362 }
363 if (container.has_report_activity_times()) {
364 policies->Set(key::kReportDeviceActivityTimes,
365 POLICY_LEVEL_MANDATORY,
366 POLICY_SCOPE_MACHINE,
367 base::Value::CreateBooleanValue(
368 container.report_activity_times()),
369 NULL);
370 }
371 if (container.has_report_boot_mode()) {
372 policies->Set(key::kReportDeviceBootMode,
373 POLICY_LEVEL_MANDATORY,
374 POLICY_SCOPE_MACHINE,
375 base::Value::CreateBooleanValue(
376 container.report_boot_mode()),
377 NULL);
378 }
379 if (container.has_report_location()) {
380 policies->Set(key::kReportDeviceLocation,
381 POLICY_LEVEL_MANDATORY,
382 POLICY_SCOPE_MACHINE,
383 base::Value::CreateBooleanValue(
384 container.report_location()),
385 NULL);
386 }
387 if (container.has_report_network_interfaces()) {
388 policies->Set(key::kReportDeviceNetworkInterfaces,
389 POLICY_LEVEL_MANDATORY,
390 POLICY_SCOPE_MACHINE,
391 base::Value::CreateBooleanValue(
392 container.report_network_interfaces()),
393 NULL);
394 }
395 if (container.has_report_users()) {
396 policies->Set(key::kReportDeviceUsers,
397 POLICY_LEVEL_MANDATORY,
398 POLICY_SCOPE_MACHINE,
399 base::Value::CreateBooleanValue(container.report_users()),
400 NULL);
401 }
402 }
403 }
404
405 void DecodeAutoUpdatePolicies(const em::ChromeDeviceSettingsProto& policy,
406 PolicyMap* policies) {
407 if (policy.has_release_channel()) {
408 const em::ReleaseChannelProto& container(policy.release_channel());
409 if (container.has_release_channel()) {
410 std::string channel(container.release_channel());
411 policies->Set(key::kChromeOsReleaseChannel,
412 POLICY_LEVEL_MANDATORY,
413 POLICY_SCOPE_MACHINE,
414 base::Value::CreateStringValue(channel),
415 NULL);
416 // TODO(dubroy): Once http://crosbug.com/17015 is implemented, we won't
417 // have to pass the channel in here, only ping the update engine to tell
418 // it to fetch the channel from the policy.
419 chromeos::DBusThreadManager::Get()->GetUpdateEngineClient()->
420 SetChannel(channel, false);
421 }
422 if (container.has_release_channel_delegated()) {
423 policies->Set(key::kChromeOsReleaseChannelDelegated,
424 POLICY_LEVEL_MANDATORY,
425 POLICY_SCOPE_MACHINE,
426 base::Value::CreateBooleanValue(
427 container.release_channel_delegated()),
428 NULL);
429 }
430 }
431
432 if (policy.has_auto_update_settings()) {
433 const em::AutoUpdateSettingsProto& container(policy.auto_update_settings());
434 if (container.has_update_disabled()) {
435 policies->Set(key::kDeviceAutoUpdateDisabled,
436 POLICY_LEVEL_MANDATORY,
437 POLICY_SCOPE_MACHINE,
438 base::Value::CreateBooleanValue(
439 container.update_disabled()),
440 NULL);
441 }
442
443 if (container.has_target_version_prefix()) {
444 policies->Set(key::kDeviceTargetVersionPrefix,
445 POLICY_LEVEL_MANDATORY,
446 POLICY_SCOPE_MACHINE,
447 base::Value::CreateStringValue(
448 container.target_version_prefix()),
449 NULL);
450 }
451
452 // target_version_display_name is not actually a policy, but a display
453 // string for target_version_prefix, so we ignore it.
454
455 if (container.has_scatter_factor_in_seconds()) {
456 policies->Set(key::kDeviceUpdateScatterFactor,
457 POLICY_LEVEL_MANDATORY,
458 POLICY_SCOPE_MACHINE,
459 base::Value::CreateIntegerValue(
460 container.scatter_factor_in_seconds()),
461 NULL);
462 }
463
464 if (container.allowed_connection_types_size()) {
465 base::ListValue* allowed_connection_types = new base::ListValue();
466 RepeatedField<int>::const_iterator entry;
467 for (entry = container.allowed_connection_types().begin();
468 entry != container.allowed_connection_types().end();
469 ++entry) {
470 base::Value* value = DecodeConnectionType(*entry);
471 if (value)
472 allowed_connection_types->Append(value);
473 }
474 policies->Set(key::kDeviceUpdateAllowedConnectionTypes,
475 POLICY_LEVEL_MANDATORY,
476 POLICY_SCOPE_MACHINE,
477 allowed_connection_types,
478 NULL);
479 }
480
481 if (container.has_http_downloads_enabled()) {
482 policies->Set(
483 key::kDeviceUpdateHttpDownloadsEnabled,
484 POLICY_LEVEL_MANDATORY,
485 POLICY_SCOPE_MACHINE,
486 base::Value::CreateBooleanValue(container.http_downloads_enabled()),
487 NULL);
488 }
489
490 if (container.has_reboot_after_update()) {
491 policies->Set(key::kRebootAfterUpdate,
492 POLICY_LEVEL_MANDATORY,
493 POLICY_SCOPE_MACHINE,
494 base::Value::CreateBooleanValue(
495 container.reboot_after_update()),
496 NULL);
497 }
498
499 if (container.has_p2p_enabled()) {
500 policies->Set(key::kDeviceAutoUpdateP2PEnabled,
501 POLICY_LEVEL_MANDATORY,
502 POLICY_SCOPE_MACHINE,
503 base::Value::CreateBooleanValue(container.p2p_enabled()),
504 NULL);
505 }
506 }
507 }
508
509 void DecodeAccessibilityPolicies(const em::ChromeDeviceSettingsProto& policy,
510 PolicyMap* policies) {
511 if (policy.has_accessibility_settings()) {
512 const em::AccessibilitySettingsProto&
513 container(policy.accessibility_settings());
514
515 if (container.has_login_screen_default_large_cursor_enabled()) {
516 policies->Set(
517 key::kDeviceLoginScreenDefaultLargeCursorEnabled,
518 POLICY_LEVEL_MANDATORY,
519 POLICY_SCOPE_MACHINE,
520 base::Value::CreateBooleanValue(
521 container.login_screen_default_large_cursor_enabled()),
522 NULL);
523 }
524
525 if (container.has_login_screen_default_spoken_feedback_enabled()) {
526 policies->Set(
527 key::kDeviceLoginScreenDefaultSpokenFeedbackEnabled,
528 POLICY_LEVEL_MANDATORY,
529 POLICY_SCOPE_MACHINE,
530 base::Value::CreateBooleanValue(
531 container.login_screen_default_spoken_feedback_enabled()),
532 NULL);
533 }
534
535 if (container.has_login_screen_default_high_contrast_enabled()) {
536 policies->Set(
537 key::kDeviceLoginScreenDefaultHighContrastEnabled,
538 POLICY_LEVEL_MANDATORY,
539 POLICY_SCOPE_MACHINE,
540 base::Value::CreateBooleanValue(
541 container.login_screen_default_high_contrast_enabled()),
542 NULL);
543 }
544
545 if (container.has_login_screen_default_screen_magnifier_type()) {
546 policies->Set(
547 key::kDeviceLoginScreenDefaultScreenMagnifierType,
548 POLICY_LEVEL_MANDATORY,
549 POLICY_SCOPE_MACHINE,
550 DecodeIntegerValue(
551 container.login_screen_default_screen_magnifier_type()),
552 NULL);
553 }
554 }
555 }
556
557 void DecodeGenericPolicies(const em::ChromeDeviceSettingsProto& policy,
558 PolicyMap* policies) {
559 if (policy.has_device_policy_refresh_rate()) {
560 const em::DevicePolicyRefreshRateProto& container(
561 policy.device_policy_refresh_rate());
562 if (container.has_device_policy_refresh_rate()) {
563 policies->Set(key::kDevicePolicyRefreshRate,
564 POLICY_LEVEL_MANDATORY,
565 POLICY_SCOPE_MACHINE,
566 DecodeIntegerValue(container.device_policy_refresh_rate()),
567 NULL);
568 }
569 }
570
571 if (policy.has_metrics_enabled()) {
572 const em::MetricsEnabledProto& container(policy.metrics_enabled());
573 if (container.has_metrics_enabled()) {
574 policies->Set(key::kDeviceMetricsReportingEnabled,
575 POLICY_LEVEL_MANDATORY,
576 POLICY_SCOPE_MACHINE,
577 base::Value::CreateBooleanValue(
578 container.metrics_enabled()),
579 NULL);
580 }
581 }
582
583 if (policy.has_start_up_urls()) {
584 const em::StartUpUrlsProto& container(policy.start_up_urls());
585 base::ListValue* urls = new base::ListValue();
586 RepeatedPtrField<std::string>::const_iterator entry;
587 for (entry = container.start_up_urls().begin();
588 entry != container.start_up_urls().end();
589 ++entry) {
590 urls->Append(base::Value::CreateStringValue(*entry));
591 }
592 policies->Set(key::kDeviceStartUpUrls,
593 POLICY_LEVEL_MANDATORY,
594 POLICY_SCOPE_MACHINE,
595 urls,
596 NULL);
597 }
598
599 if (policy.has_system_timezone()) {
600 if (policy.system_timezone().has_timezone()) {
601 policies->Set(key::kSystemTimezone,
602 POLICY_LEVEL_MANDATORY,
603 POLICY_SCOPE_MACHINE,
604 base::Value::CreateStringValue(
605 policy.system_timezone().timezone()),
606 NULL);
607 }
608 }
609
610 if (policy.has_use_24hour_clock()) {
611 if (policy.use_24hour_clock().has_use_24hour_clock()) {
612 policies->Set(key::kSystemUse24HourClock,
613 POLICY_LEVEL_MANDATORY,
614 POLICY_SCOPE_MACHINE,
615 base::Value::CreateBooleanValue(
616 policy.use_24hour_clock().use_24hour_clock()),
617 NULL);
618 }
619 }
620
621 if (policy.has_allow_redeem_offers()) {
622 const em::AllowRedeemChromeOsRegistrationOffersProto& container(
623 policy.allow_redeem_offers());
624 if (container.has_allow_redeem_offers()) {
625 policies->Set(key::kDeviceAllowRedeemChromeOsRegistrationOffers,
626 POLICY_LEVEL_MANDATORY,
627 POLICY_SCOPE_MACHINE,
628 base::Value::CreateBooleanValue(
629 container.allow_redeem_offers()),
630 NULL);
631 }
632 }
633
634 if (policy.has_uptime_limit()) {
635 const em::UptimeLimitProto& container(policy.uptime_limit());
636 if (container.has_uptime_limit()) {
637 policies->Set(key::kUptimeLimit,
638 POLICY_LEVEL_MANDATORY,
639 POLICY_SCOPE_MACHINE,
640 DecodeIntegerValue(container.uptime_limit()),
641 NULL);
642 }
643 }
644
645 if (policy.has_start_up_flags()) {
646 const em::StartUpFlagsProto& container(policy.start_up_flags());
647 base::ListValue* flags = new base::ListValue();
648 RepeatedPtrField<std::string>::const_iterator entry;
649 for (entry = container.flags().begin();
650 entry != container.flags().end();
651 ++entry) {
652 flags->Append(base::Value::CreateStringValue(*entry));
653 }
654 policies->Set(key::kDeviceStartUpFlags,
655 POLICY_LEVEL_MANDATORY,
656 POLICY_SCOPE_MACHINE,
657 flags,
658 NULL);
659 }
660
661 if (policy.has_variations_parameter()) {
662 if (policy.variations_parameter().has_parameter()) {
663 policies->Set(key::kDeviceVariationsRestrictParameter,
664 POLICY_LEVEL_MANDATORY,
665 POLICY_SCOPE_MACHINE,
666 base::Value::CreateStringValue(
667 policy.variations_parameter().parameter()),
668 NULL);
669 }
670 }
671
672 if (policy.has_attestation_settings()) {
673 if (policy.attestation_settings().has_attestation_enabled()) {
674 policies->Set(key::kAttestationEnabledForDevice,
675 POLICY_LEVEL_MANDATORY,
676 POLICY_SCOPE_MACHINE,
677 base::Value::CreateBooleanValue(
678 policy.attestation_settings().attestation_enabled()),
679 NULL);
680 }
681 if (policy.attestation_settings().has_content_protection_enabled()) {
682 policies->Set(
683 key::kAttestationForContentProtectionEnabled,
684 POLICY_LEVEL_MANDATORY,
685 POLICY_SCOPE_MACHINE,
686 base::Value::CreateBooleanValue(
687 policy.attestation_settings().content_protection_enabled()),
688 NULL);
689 }
690 }
691
692 if (policy.has_login_screen_power_management()) {
693 const em::LoginScreenPowerManagementProto& container(
694 policy.login_screen_power_management());
695 if (container.has_login_screen_power_management()) {
696 policies->Set(key::kDeviceLoginScreenPowerManagement,
697 POLICY_LEVEL_MANDATORY,
698 POLICY_SCOPE_MACHINE,
699 base::Value::CreateStringValue(
700 container.login_screen_power_management()),
701 NULL);
702 }
703 }
704 if (policy.has_auto_clean_up_settings()) {
705 const em::AutoCleanupSettigsProto& container(
706 policy.auto_clean_up_settings());
707 if (container.has_clean_up_strategy()) {
708 policies->Set(key::kAutoCleanUpStrategy,
709 POLICY_LEVEL_MANDATORY,
710 POLICY_SCOPE_MACHINE,
711 base::Value::CreateStringValue(
712 container.clean_up_strategy()),
713 NULL);
714 }
715 }
716 }
717
718 } // namespace
719
720 void DecodeDevicePolicy(const em::ChromeDeviceSettingsProto& policy,
721 PolicyMap* policies,
722 EnterpriseInstallAttributes* install_attributes) {
723 // TODO(achuith): Remove this once crbug.com/263527 is resolved.
724 VLOG(2) << "DecodeDevicePolicy " << policy.SerializeAsString();
725
726 // Decode the various groups of policies.
727 DecodeLoginPolicies(policy, policies);
728 DecodeKioskPolicies(policy, policies, install_attributes);
729 DecodeNetworkPolicies(policy, policies, install_attributes);
730 DecodeReportingPolicies(policy, policies);
731 DecodeAutoUpdatePolicies(policy, policies);
732 DecodeAccessibilityPolicies(policy, policies);
733 DecodeGenericPolicies(policy, policies);
734 }
735
736 } // namespace policy