chrome/browser/chromeos/policy/user_network_configuration_updater_factory.cc - chromium/src.git - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_factory.h"

 #include "base/memory/singleton.h"
 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h"
 #include "chrome/browser/chromeos/profiles/profile_helper.h"
 #include "chrome/browser/policy/profile_policy_connector.h"
 #include "chrome/browser/policy/profile_policy_connector_factory.h"
 #include "chrome/browser/profiles/incognito_helpers.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chromeos/network/network_handler.h"
 #include "components/keyed_service/content/browser_context_dependency_manager.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
 #include "components/user_manager/user.h"
 #include "components/user_manager/user_manager.h"

 namespace policy {

 // static
 UserNetworkConfigurationUpdater*
 UserNetworkConfigurationUpdaterFactory::GetForProfile(Profile* profile) {
   return static_cast<UserNetworkConfigurationUpdater*>(
       GetInstance()->GetServiceForBrowserContext(profile, true));
 }

 // static
 UserNetworkConfigurationUpdaterFactory*
 UserNetworkConfigurationUpdaterFactory::GetInstance() {
   return base::Singleton<UserNetworkConfigurationUpdaterFactory>::get();
 }

 UserNetworkConfigurationUpdaterFactory::UserNetworkConfigurationUpdaterFactory()
     : BrowserContextKeyedServiceFactory(
           "UserNetworkConfigurationUpdater",
           BrowserContextDependencyManager::GetInstance()) {
   DependsOn(ProfilePolicyConnectorFactory::GetInstance());
 }

 UserNetworkConfigurationUpdaterFactory::
     ~UserNetworkConfigurationUpdaterFactory() {}

 content::BrowserContext*
 UserNetworkConfigurationUpdaterFactory::GetBrowserContextToUse(
     content::BrowserContext* context) const {
   return chrome::GetBrowserContextRedirectedInIncognito(context);
 }

 bool
 UserNetworkConfigurationUpdaterFactory::ServiceIsCreatedWithBrowserContext()
     const {
   return true;
 }

 bool UserNetworkConfigurationUpdaterFactory::ServiceIsNULLWhileTesting() const {
   return true;
 }

 KeyedService* UserNetworkConfigurationUpdaterFactory::BuildServiceInstanceFor(
     content::BrowserContext* context) const {
   // On the login/lock screen only device network policies apply.
   Profile* profile = Profile::FromBrowserContext(context);
   if (chromeos::ProfileHelper::IsSigninProfile(profile) ||
       chromeos::ProfileHelper::IsLockScreenAppProfile(profile)) {
     return nullptr;
   }

   const user_manager::User* user =
       chromeos::ProfileHelper::Get()->GetUserByProfile(profile);
   DCHECK(user);
   // Currently, only the network policy of the primary user is supported. See
   // also http://crbug.com/310685 .
   if (user != user_manager::UserManager::Get()->GetPrimaryUser())
     return nullptr;

   ProfilePolicyConnector* profile_connector =
       ProfilePolicyConnectorFactory::GetForBrowserContext(context);

   return UserNetworkConfigurationUpdater::CreateForUserPolicy(
              profile, AllowTrustedCertsFromPolicy(user), *user,
              profile_connector->policy_service(),
              chromeos::NetworkHandler::Get()
                  ->managed_network_configuration_handler())
       .release();
 }

 // static
 bool UserNetworkConfigurationUpdaterFactory::AllowTrustedCertsFromPolicy(
     const user_manager::User* user) {
   user_manager::UserType user_type = user->GetType();

   // Disallow trusted root certs for public sessions.
   // Also, guest sessions don't get user policy, but a
   // UserNetworkCofnigurationUpdater can be created for them anyway.
   return user_type != user_manager::USER_TYPE_GUEST &&
          user_type != user_manager::USER_TYPE_PUBLIC_ACCOUNT;
 }

 }  // namespace policy
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "chrome/browser/chromeos/policy/user_network_configuration_updater_factory.h"

	#include "base/memory/singleton.h"
	#include "chrome/browser/chromeos/policy/user_network_configuration_updater.h"
	#include "chrome/browser/chromeos/profiles/profile_helper.h"
	#include "chrome/browser/policy/profile_policy_connector.h"
	#include "chrome/browser/policy/profile_policy_connector_factory.h"
	#include "chrome/browser/profiles/incognito_helpers.h"
	#include "chrome/browser/profiles/profile.h"
	#include "chromeos/network/network_handler.h"
	#include "components/keyed_service/content/browser_context_dependency_manager.h"
	#include "components/policy/core/common/cloud/cloud_policy_constants.h"
	#include "components/user_manager/user.h"
	#include "components/user_manager/user_manager.h"

	namespace policy {

	// static
	UserNetworkConfigurationUpdater*
	UserNetworkConfigurationUpdaterFactory::GetForProfile(Profile* profile) {
	return static_cast<UserNetworkConfigurationUpdater*>(
	GetInstance()->GetServiceForBrowserContext(profile, true));
	}

	// static
	UserNetworkConfigurationUpdaterFactory*
	UserNetworkConfigurationUpdaterFactory::GetInstance() {
	return base::Singleton<UserNetworkConfigurationUpdaterFactory>::get();
	}

	UserNetworkConfigurationUpdaterFactory::UserNetworkConfigurationUpdaterFactory()
	: BrowserContextKeyedServiceFactory(
	"UserNetworkConfigurationUpdater",
	BrowserContextDependencyManager::GetInstance()) {
	DependsOn(ProfilePolicyConnectorFactory::GetInstance());
	}

	UserNetworkConfigurationUpdaterFactory::
	~UserNetworkConfigurationUpdaterFactory() {}

	content::BrowserContext*
	UserNetworkConfigurationUpdaterFactory::GetBrowserContextToUse(
	content::BrowserContext* context) const {
	return chrome::GetBrowserContextRedirectedInIncognito(context);
	}

	bool
	UserNetworkConfigurationUpdaterFactory::ServiceIsCreatedWithBrowserContext()
	const {
	return true;
	}

	bool UserNetworkConfigurationUpdaterFactory::ServiceIsNULLWhileTesting() const {
	return true;
	}

	KeyedService* UserNetworkConfigurationUpdaterFactory::BuildServiceInstanceFor(
	content::BrowserContext* context) const {
	// On the login/lock screen only device network policies apply.
	Profile* profile = Profile::FromBrowserContext(context);
	if (chromeos::ProfileHelper::IsSigninProfile(profile) \|\|
	chromeos::ProfileHelper::IsLockScreenAppProfile(profile)) {
	return nullptr;
	}

	const user_manager::User* user =
	chromeos::ProfileHelper::Get()->GetUserByProfile(profile);
	DCHECK(user);
	// Currently, only the network policy of the primary user is supported. See
	// also http://crbug.com/310685 .
	if (user != user_manager::UserManager::Get()->GetPrimaryUser())
	return nullptr;

	ProfilePolicyConnector* profile_connector =
	ProfilePolicyConnectorFactory::GetForBrowserContext(context);

	return UserNetworkConfigurationUpdater::CreateForUserPolicy(
	profile, AllowTrustedCertsFromPolicy(user), *user,
	profile_connector->policy_service(),
	chromeos::NetworkHandler::Get()
	->managed_network_configuration_handler())
	.release();
	}

	// static
	bool UserNetworkConfigurationUpdaterFactory::AllowTrustedCertsFromPolicy(
	const user_manager::User* user) {
	user_manager::UserType user_type = user->GetType();

	// Disallow trusted root certs for public sessions.
	// Also, guest sessions don't get user policy, but a
	// UserNetworkCofnigurationUpdater can be created for them anyway.
	return user_type != user_manager::USER_TYPE_GUEST &&
	user_type != user_manager::USER_TYPE_PUBLIC_ACCOUNT;
	}

	} // namespace policy