1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/policy/browser_policy_connector.h"
6
7 #include <algorithm>
8 #include <iterator>
9
10 #include "base/bind.h"
11 #include "base/bind_helpers.h"
12 #include "base/command_line.h"
13 #include "base/files/file_path.h"
14 #include "base/logging.h"
15 #include "base/message_loop/message_loop.h"
16 #include "base/message_loop/message_loop_proxy.h"
17 #include "base/path_service.h"
18 #include "base/prefs/pref_registry_simple.h"
19 #include "base/prefs/pref_service.h"
20 #include "base/sequenced_task_runner.h"
21 #include "base/strings/string_util.h"
22 #include "base/strings/stringprintf.h"
23 #include "base/strings/sys_string_conversions.h"
24 #include "base/strings/utf_string_conversions.h"
25 #include "base/sys_info.h"
26 #include "base/threading/sequenced_worker_pool.h"
27 #include "chrome/browser/browser_process.h"
28 #include "chrome/browser/policy/configuration_policy_handler_list_factory.h"
29 #include "chrome/common/chrome_paths.h"
30 #include "chrome/common/chrome_switches.h"
31 #include "chrome/common/chrome_version_info.h"
32 #include "chrome/common/pref_names.h"
33 #include "components/policy/core/common/async_policy_provider.h"
34 #include "components/policy/core/common/cloud/cloud_policy_client.h"
35 #include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h"
36 #include "components/policy/core/common/cloud/cloud_policy_service.h"
37 #include "components/policy/core/common/cloud/device_management_service.h"
38 #include "components/policy/core/common/configuration_policy_provider.h"
39 #include "components/policy/core/common/policy_namespace.h"
40 #include "components/policy/core/common/policy_pref_names.h"
41 #include "components/policy/core/common/policy_service_impl.h"
42 #include "components/policy/core/common/policy_statistics_collector.h"
43 #include "components/policy/core/common/schema.h"
44 #include "content/public/browser/browser_thread.h"
45 #include "content/public/common/content_client.h"
46 #include "google_apis/gaia/gaia_auth_util.h"
47 #include "google_apis/gaia/gaia_constants.h"
48 #include "grit/generated_resources.h"
49 #include "net/url_request/url_request_context_getter.h"
50 #include "policy/policy_constants.h"
51 #include "third_party/icu/source/i18n/unicode/regex.h"
52 #include "url/gurl.h"
53
54 #if defined(OS_WIN)
55 #include "components/policy/core/common/policy_loader_win.h"
56 #elif defined(OS_MACOSX) && !defined(OS_IOS)
57 #include <CoreFoundation/CoreFoundation.h>
58 #include "components/policy/core/common/policy_loader_mac.h"
59 #include "components/policy/core/common/preferences_mac.h"
60 #elif defined(OS_POSIX) && !defined(OS_ANDROID)
61 #include "components/policy/core/common/config_dir_policy_loader.h"
62 #endif
63
64 #if defined(OS_CHROMEOS)
65 #include "chrome/browser/chromeos/login/user_manager.h"
66 #include "chrome/browser/chromeos/policy/app_pack_updater.h"
67 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
68 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h"
69 #include "chrome/browser/chromeos/policy/device_local_account.h"
70 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h"
71 #include "chrome/browser/chromeos/policy/device_status_collector.h"
72 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
73 #include "chrome/browser/chromeos/policy/network_configuration_updater.h"
74 #include "chrome/browser/chromeos/settings/cros_settings.h"
75 #include "chrome/browser/chromeos/settings/device_settings_service.h"
76 #include "chromeos/chromeos_paths.h"
77 #include "chromeos/chromeos_switches.h"
78 #include "chromeos/cryptohome/system_salt_getter.h"
79 #include "chromeos/dbus/cryptohome_client.h"
80 #include "chromeos/dbus/dbus_thread_manager.h"
81 #include "chromeos/network/network_handler.h"
82 #include "chromeos/network/onc/onc_certificate_importer_impl.h"
83 #include "chromeos/settings/cros_settings_provider.h"
84 #include "chromeos/settings/timezone_settings.h"
85 #include "chromeos/system/statistics_provider.h"
86 #endif
87
88 using content::BrowserThread;
89
90 namespace policy {
91
92 namespace {
93
94 // The following constants define delays applied before the initial policy fetch
95 // on startup. (So that displaying Chrome's GUI does not get delayed.)
96 // Delay in milliseconds from startup.
97 const int64 kServiceInitializationStartupDelay = 5000;
98
99 // The URL for the device management server.
100 const char kDefaultDeviceManagementServerUrl[] =
101 "https://m.google.com/devicemanagement/data/api";
102
103 #if defined(OS_CHROMEOS)
104 // Install attributes for tests.
105 EnterpriseInstallAttributes* g_testing_install_attributes = NULL;
106 #endif // defined(OS_CHROMEOS)
107
108 // Used in BrowserPolicyConnector::SetPolicyProviderForTesting.
109 ConfigurationPolicyProvider* g_testing_provider = NULL;
110
111 #if defined(OS_CHROMEOS)
112 // Helper that returns a new SequencedTaskRunner backed by the blocking pool.
113 // Each SequencedTaskRunner returned is independent from the others.
GetBackgroundTaskRunner()114 scoped_refptr<base::SequencedTaskRunner> GetBackgroundTaskRunner() {
115 base::SequencedWorkerPool* pool = BrowserThread::GetBlockingPool();
116 CHECK(pool);
117 return pool->GetSequencedTaskRunnerWithShutdownBehavior(
118 pool->GetSequenceToken(), base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
119 }
120 #endif // defined(OS_CHROMEOS)
121
122 #if defined(OS_MACOSX) && !defined(OS_IOS)
GetManagedPolicyPath()123 base::FilePath GetManagedPolicyPath() {
124 // This constructs the path to the plist file in which Mac OS X stores the
125 // managed preference for the application. This is undocumented and therefore
126 // fragile, but if it doesn't work out, AsyncPolicyLoader has a task that
127 // polls periodically in order to reload managed preferences later even if we
128 // missed the change.
129 base::FilePath path;
130 if (!PathService::Get(chrome::DIR_MANAGED_PREFS, &path))
131 return base::FilePath();
132
133 CFBundleRef bundle(CFBundleGetMainBundle());
134 if (!bundle)
135 return base::FilePath();
136
137 CFStringRef bundle_id = CFBundleGetIdentifier(bundle);
138 if (!bundle_id)
139 return base::FilePath();
140
141 return path.Append(base::SysCFStringRefToUTF8(bundle_id) + ".plist");
142 }
143 #endif // defined(OS_MACOSX) && !defined(OS_IOS)
144
145 class DeviceManagementServiceConfiguration
146 : public DeviceManagementService::Configuration {
147 public:
DeviceManagementServiceConfiguration()148 DeviceManagementServiceConfiguration() {}
~DeviceManagementServiceConfiguration()149 virtual ~DeviceManagementServiceConfiguration() {}
150
GetServerUrl()151 virtual std::string GetServerUrl() OVERRIDE {
152 CommandLine* command_line = CommandLine::ForCurrentProcess();
153 if (command_line->HasSwitch(switches::kDeviceManagementUrl))
154 return command_line->GetSwitchValueASCII(switches::kDeviceManagementUrl);
155 else
156 return kDefaultDeviceManagementServerUrl;
157 }
158
GetAgentParameter()159 virtual std::string GetAgentParameter() OVERRIDE {
160 chrome::VersionInfo version_info;
161 return base::StringPrintf("%s %s(%s)",
162 version_info.Name().c_str(),
163 version_info.Version().c_str(),
164 version_info.LastChange().c_str());
165 }
166
GetPlatformParameter()167 virtual std::string GetPlatformParameter() OVERRIDE {
168 std::string os_name = base::SysInfo::OperatingSystemName();
169 std::string os_hardware = base::SysInfo::OperatingSystemArchitecture();
170
171 #if defined(OS_CHROMEOS)
172 chromeos::system::StatisticsProvider* provider =
173 chromeos::system::StatisticsProvider::GetInstance();
174
175 std::string hwclass;
176 if (!provider->GetMachineStatistic(chromeos::system::kHardwareClassKey,
177 &hwclass)) {
178 LOG(ERROR) << "Failed to get machine information";
179 }
180 os_name += ",CrOS," + base::SysInfo::GetLsbReleaseBoard();
181 os_hardware += "," + hwclass;
182 #endif
183
184 std::string os_version("-");
185 #if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_CHROMEOS)
186 int32 os_major_version = 0;
187 int32 os_minor_version = 0;
188 int32 os_bugfix_version = 0;
189 base::SysInfo::OperatingSystemVersionNumbers(&os_major_version,
190 &os_minor_version,
191 &os_bugfix_version);
192 os_version = base::StringPrintf("%d.%d.%d",
193 os_major_version,
194 os_minor_version,
195 os_bugfix_version);
196 #endif
197
198 return base::StringPrintf(
199 "%s|%s|%s", os_name.c_str(), os_hardware.c_str(), os_version.c_str());
200 }
201 };
202
203 } // namespace
204
BrowserPolicyConnector()205 BrowserPolicyConnector::BrowserPolicyConnector()
206 : is_initialized_(false),
207 local_state_(NULL),
208 handler_list_(BuildHandlerList().Pass()),
209 weak_ptr_factory_(this) {
210 // GetPolicyService() must be ready after the constructor is done.
211 // The connector is created very early during startup, when the browser
212 // threads aren't running yet; initialize components that need local_state,
213 // the system request context or other threads (e.g. FILE) at Init().
214
215 // Initialize the SchemaRegistry with the Chrome schema before creating any
216 // of the policy providers.
217 chrome_schema_ = Schema::Wrap(GetChromeSchemaData());
218 schema_registry_.RegisterComponent(PolicyNamespace(POLICY_DOMAIN_CHROME, ""),
219 chrome_schema_);
220
221 platform_provider_.reset(CreatePlatformProvider());
222
223 #if defined(OS_CHROMEOS)
224 if (g_testing_install_attributes)
225 install_attributes_.reset(g_testing_install_attributes);
226
227 // SystemSaltGetter or DBusThreadManager may be uninitialized on unit tests.
228
229 // TODO(satorux): Remove SystemSaltGetter::IsInitialized() when it's ready
230 // (removing it now breaks tests). crbug.com/141016.
231 if (chromeos::SystemSaltGetter::IsInitialized() &&
232 chromeos::DBusThreadManager::IsInitialized()) {
233 chromeos::CryptohomeClient* cryptohome_client =
234 chromeos::DBusThreadManager::Get()->GetCryptohomeClient();
235 if (!g_testing_install_attributes) {
236 install_attributes_.reset(
237 new EnterpriseInstallAttributes(cryptohome_client));
238 }
239 base::FilePath install_attrs_file;
240 CHECK(PathService::Get(chromeos::FILE_INSTALL_ATTRIBUTES,
241 &install_attrs_file));
242 install_attributes_->ReadCacheFile(install_attrs_file);
243
244 scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store(
245 new DeviceCloudPolicyStoreChromeOS(
246 chromeos::DeviceSettingsService::Get(),
247 install_attributes_.get(),
248 GetBackgroundTaskRunner()));
249 device_cloud_policy_manager_.reset(
250 new DeviceCloudPolicyManagerChromeOS(
251 device_cloud_policy_store.Pass(),
252 base::MessageLoopProxy::current(),
253 GetBackgroundTaskRunner(),
254 install_attributes_.get()));
255 }
256 #endif
257 }
258
~BrowserPolicyConnector()259 BrowserPolicyConnector::~BrowserPolicyConnector() {
260 if (is_initialized()) {
261 // Shutdown() wasn't invoked by our owner after having called Init().
262 // This usually means it's an early shutdown and
263 // BrowserProcessImpl::StartTearDown() wasn't invoked.
264 // Cleanup properly in those cases and avoid crashing the ToastCrasher test.
265 Shutdown();
266 }
267 }
268
Init(PrefService * local_state,scoped_refptr<net::URLRequestContextGetter> request_context)269 void BrowserPolicyConnector::Init(
270 PrefService* local_state,
271 scoped_refptr<net::URLRequestContextGetter> request_context) {
272 // Initialization of some of the providers requires the FILE thread; make
273 // sure that threading is ready at this point.
274 DCHECK(BrowserThread::IsThreadInitialized(BrowserThread::FILE));
275 DCHECK(!is_initialized()) << "BrowserPolicyConnector::Init() called twice.";
276
277 local_state_ = local_state;
278 request_context_ = request_context;
279
280 scoped_ptr<DeviceManagementService::Configuration> configuration(
281 new DeviceManagementServiceConfiguration);
282 device_management_service_.reset(
283 new DeviceManagementService(configuration.Pass()));
284 device_management_service_->ScheduleInitialization(
285 kServiceInitializationStartupDelay);
286
287 if (g_testing_provider)
288 g_testing_provider->Init(GetSchemaRegistry());
289 if (platform_provider_)
290 platform_provider_->Init(GetSchemaRegistry());
291
292 #if defined(OS_CHROMEOS)
293 global_user_cloud_policy_provider_.Init(GetSchemaRegistry());
294
295 if (device_cloud_policy_manager_) {
296 // For now the |device_cloud_policy_manager_| is using the global schema
297 // registry. Eventually it will have its own registry, once device cloud
298 // policy for extensions is introduced.
299 device_cloud_policy_manager_->Init(GetSchemaRegistry());
300 scoped_ptr<CloudPolicyClient::StatusProvider> status_provider(
301 new DeviceStatusCollector(
302 local_state_,
303 chromeos::system::StatisticsProvider::GetInstance(),
304 NULL));
305 device_cloud_policy_manager_->Connect(
306 local_state_,
307 device_management_service_.get(),
308 status_provider.Pass());
309 }
310
311 CommandLine* command_line = CommandLine::ForCurrentProcess();
312 if (!command_line->HasSwitch(chromeos::switches::kDisableLocalAccounts)) {
313 device_local_account_policy_service_.reset(
314 new DeviceLocalAccountPolicyService(
315 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),
316 chromeos::DeviceSettingsService::Get(),
317 chromeos::CrosSettings::Get(),
318 GetBackgroundTaskRunner(),
319 GetBackgroundTaskRunner(),
320 GetBackgroundTaskRunner(),
321 content::BrowserThread::GetMessageLoopProxyForThread(
322 content::BrowserThread::IO),
323 request_context));
324 device_local_account_policy_service_->Connect(
325 device_management_service_.get());
326 }
327
328 GetAppPackUpdater();
329
330 SetTimezoneIfPolicyAvailable();
331 #endif
332
333 policy_statistics_collector_.reset(
334 new policy::PolicyStatisticsCollector(
335 base::Bind(&GetChromePolicyDetails),
336 GetChromeSchema(),
337 GetPolicyService(),
338 local_state_,
339 base::MessageLoop::current()->message_loop_proxy()));
340 policy_statistics_collector_->Initialize();
341
342 #if defined(OS_CHROMEOS)
343 network_configuration_updater_ =
344 NetworkConfigurationUpdater::CreateForDevicePolicy(
345 scoped_ptr<chromeos::onc::CertificateImporter>(
346 new chromeos::onc::CertificateImporterImpl),
347 GetPolicyService(),
348 chromeos::NetworkHandler::Get()
349 ->managed_network_configuration_handler());
350 #endif
351
352 is_initialized_ = true;
353 }
354
Shutdown()355 void BrowserPolicyConnector::Shutdown() {
356 is_initialized_ = false;
357
358 if (g_testing_provider)
359 g_testing_provider->Shutdown();
360 // Drop g_testing_provider so that tests executed with --single_process can
361 // call SetPolicyProviderForTesting() again. It is still owned by the test.
362 g_testing_provider = NULL;
363 if (platform_provider_)
364 platform_provider_->Shutdown();
365
366 #if defined(OS_CHROMEOS)
367 // The AppPackUpdater may be observing the |device_cloud_policy_subsystem_|.
368 // Delete it first.
369 app_pack_updater_.reset();
370
371 network_configuration_updater_.reset();
372
373 if (device_cloud_policy_manager_)
374 device_cloud_policy_manager_->Shutdown();
375 if (device_local_account_policy_service_)
376 device_local_account_policy_service_->Shutdown();
377 global_user_cloud_policy_provider_.Shutdown();
378 #endif
379
380 device_management_service_.reset();
381
382 request_context_ = NULL;
383 }
384
GetPolicyService()385 PolicyService* BrowserPolicyConnector::GetPolicyService() {
386 if (!policy_service_) {
387 // |providers| in decreasing order of priority.
388 std::vector<ConfigurationPolicyProvider*> providers;
389 if (g_testing_provider) {
390 providers.push_back(g_testing_provider);
391 } else {
392 if (platform_provider_)
393 providers.push_back(platform_provider_.get());
394 #if defined(OS_CHROMEOS)
395 if (device_cloud_policy_manager_)
396 providers.push_back(device_cloud_policy_manager_.get());
397 providers.push_back(&global_user_cloud_policy_provider_);
398 #endif
399 }
400 policy_service_.reset(new PolicyServiceImpl(providers));
401 }
402 return policy_service_.get();
403 }
404
GetChromeSchema() const405 const Schema& BrowserPolicyConnector::GetChromeSchema() const {
406 return chrome_schema_;
407 }
408
GetSchemaRegistry()409 CombinedSchemaRegistry* BrowserPolicyConnector::GetSchemaRegistry() {
410 return &schema_registry_;
411 }
412
GetPlatformProvider()413 ConfigurationPolicyProvider* BrowserPolicyConnector::GetPlatformProvider() {
414 if (g_testing_provider)
415 return g_testing_provider;
416 return platform_provider_.get();
417 }
418
419 #if defined(OS_CHROMEOS)
IsEnterpriseManaged()420 bool BrowserPolicyConnector::IsEnterpriseManaged() {
421 return install_attributes_ && install_attributes_->IsEnterpriseDevice();
422 }
423
GetEnterpriseDomain()424 std::string BrowserPolicyConnector::GetEnterpriseDomain() {
425 return install_attributes_ ? install_attributes_->GetDomain() : std::string();
426 }
427
GetDeviceMode()428 DeviceMode BrowserPolicyConnector::GetDeviceMode() {
429 return install_attributes_ ? install_attributes_->GetMode()
430 : DEVICE_MODE_NOT_SET;
431 }
432 #endif
433
ScheduleServiceInitialization(int64 delay_milliseconds)434 void BrowserPolicyConnector::ScheduleServiceInitialization(
435 int64 delay_milliseconds) {
436 // Skip device initialization if the BrowserPolicyConnector was never
437 // initialized (unit tests).
438 if (device_management_service_)
439 device_management_service_->ScheduleInitialization(delay_milliseconds);
440 }
441
442 const ConfigurationPolicyHandlerList*
GetHandlerList() const443 BrowserPolicyConnector::GetHandlerList() const {
444 return handler_list_.get();
445 }
446
GetUserAffiliation(const std::string & user_name)447 UserAffiliation BrowserPolicyConnector::GetUserAffiliation(
448 const std::string& user_name) {
449 #if defined(OS_CHROMEOS)
450 // An empty username means incognito user in case of ChromiumOS and
451 // no logged-in user in case of Chromium (SigninService). Many tests use
452 // nonsense email addresses (e.g. 'test') so treat those as non-enterprise
453 // users.
454 if (user_name.empty() || user_name.find('@') == std::string::npos)
455 return USER_AFFILIATION_NONE;
456 if (install_attributes_ &&
457 (gaia::ExtractDomainName(gaia::CanonicalizeEmail(user_name)) ==
458 install_attributes_->GetDomain() ||
459 policy::IsDeviceLocalAccountUser(user_name, NULL))) {
460 return USER_AFFILIATION_MANAGED;
461 }
462 #endif
463
464 return USER_AFFILIATION_NONE;
465 }
466
467 #if defined(OS_CHROMEOS)
GetAppPackUpdater()468 AppPackUpdater* BrowserPolicyConnector::GetAppPackUpdater() {
469 // request_context_ is NULL in unit tests.
470 if (!app_pack_updater_ && request_context_.get()) {
471 app_pack_updater_.reset(
472 new AppPackUpdater(request_context_.get(), install_attributes_.get()));
473 }
474 return app_pack_updater_.get();
475 }
476
SetUserPolicyDelegate(ConfigurationPolicyProvider * user_policy_provider)477 void BrowserPolicyConnector::SetUserPolicyDelegate(
478 ConfigurationPolicyProvider* user_policy_provider) {
479 global_user_cloud_policy_provider_.SetDelegate(user_policy_provider);
480 }
481
SetInstallAttributesForTesting(EnterpriseInstallAttributes * attributes)482 void BrowserPolicyConnector::SetInstallAttributesForTesting(
483 EnterpriseInstallAttributes* attributes) {
484 DCHECK(!g_testing_install_attributes);
485 g_testing_install_attributes = attributes;
486 }
487 #endif
488
489 // static
SetPolicyProviderForTesting(ConfigurationPolicyProvider * provider)490 void BrowserPolicyConnector::SetPolicyProviderForTesting(
491 ConfigurationPolicyProvider* provider) {
492 CHECK(!g_browser_process) << "Must be invoked before the browser is created";
493 DCHECK(!g_testing_provider);
494 g_testing_provider = provider;
495 }
496
497 namespace {
498
499 // Returns true if |domain| matches the regex |pattern|.
MatchDomain(const base::string16 & domain,const base::string16 & pattern)500 bool MatchDomain(const base::string16& domain, const base::string16& pattern) {
501 UErrorCode status = U_ZERO_ERROR;
502 const icu::UnicodeString icu_pattern(pattern.data(), pattern.length());
503 icu::RegexMatcher matcher(icu_pattern, UREGEX_CASE_INSENSITIVE, status);
504 DCHECK(U_SUCCESS(status)) << "Invalid domain pattern: " << pattern;
505 icu::UnicodeString icu_input(domain.data(), domain.length());
506 matcher.reset(icu_input);
507 status = U_ZERO_ERROR;
508 UBool match = matcher.matches(status);
509 DCHECK(U_SUCCESS(status));
510 return !!match; // !! == convert from UBool to bool
511 }
512
513 } // namespace
514
515 // static
IsNonEnterpriseUser(const std::string & username)516 bool BrowserPolicyConnector::IsNonEnterpriseUser(const std::string& username) {
517 if (username.empty() || username.find('@') == std::string::npos) {
518 // An empty username means incognito user in case of ChromiumOS and
519 // no logged-in user in case of Chromium (SigninService). Many tests use
520 // nonsense email addresses (e.g. 'test') so treat those as non-enterprise
521 // users.
522 return true;
523 }
524
525 // Exclude many of the larger public email providers as we know these users
526 // are not from hosted enterprise domains.
527 static const wchar_t* kNonManagedDomainPatterns[] = {
528 L"aol\\.com",
529 L"googlemail\\.com",
530 L"gmail\\.com",
531 L"hotmail(\\.co|\\.com|)\\.[^.]+", // hotmail.com, hotmail.it, hotmail.co.uk
532 L"live\\.com",
533 L"mail\\.ru",
534 L"msn\\.com",
535 L"qq\\.com",
536 L"yahoo(\\.co|\\.com|)\\.[^.]+", // yahoo.com, yahoo.co.uk, yahoo.com.tw
537 L"yandex\\.ru",
538 };
539 const base::string16 domain =
540 UTF8ToUTF16(gaia::ExtractDomainName(gaia::CanonicalizeEmail(username)));
541 for (size_t i = 0; i < arraysize(kNonManagedDomainPatterns); i++) {
542 base::string16 pattern = WideToUTF16(kNonManagedDomainPatterns[i]);
543 if (MatchDomain(domain, pattern))
544 return true;
545 }
546 return false;
547 }
548
549 // static
RegisterPrefs(PrefRegistrySimple * registry)550 void BrowserPolicyConnector::RegisterPrefs(PrefRegistrySimple* registry) {
551 registry->RegisterIntegerPref(
552 policy_prefs::kUserPolicyRefreshRate,
553 CloudPolicyRefreshScheduler::kDefaultRefreshDelayMs);
554 #if defined(OS_CHROMEOS)
555 registry->RegisterIntegerPref(
556 prefs::kDevicePolicyRefreshRate,
557 CloudPolicyRefreshScheduler::kDefaultRefreshDelayMs);
558 #endif
559 }
560
SetTimezoneIfPolicyAvailable()561 void BrowserPolicyConnector::SetTimezoneIfPolicyAvailable() {
562 #if defined(OS_CHROMEOS)
563 typedef chromeos::CrosSettingsProvider Provider;
564 Provider::TrustedStatus result =
565 chromeos::CrosSettings::Get()->PrepareTrustedValues(
566 base::Bind(&BrowserPolicyConnector::SetTimezoneIfPolicyAvailable,
567 weak_ptr_factory_.GetWeakPtr()));
568
569 if (result != Provider::TRUSTED)
570 return;
571
572 std::string timezone;
573 if (chromeos::CrosSettings::Get()->GetString(chromeos::kSystemTimezonePolicy,
574 &timezone) &&
575 !timezone.empty()) {
576 chromeos::system::TimezoneSettings::GetInstance()->SetTimezoneFromID(
577 UTF8ToUTF16(timezone));
578 }
579 #endif
580 }
581
CreatePlatformProvider()582 ConfigurationPolicyProvider* BrowserPolicyConnector::CreatePlatformProvider() {
583 #if defined(OS_WIN)
584 scoped_ptr<AsyncPolicyLoader> loader(PolicyLoaderWin::Create(
585 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
586 kRegistryChromePolicyKey));
587 return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
588 #elif defined(OS_MACOSX) && !defined(OS_IOS)
589 scoped_ptr<AsyncPolicyLoader> loader(new PolicyLoaderMac(
590 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
591 GetManagedPolicyPath(),
592 new MacPreferences()));
593 return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
594 #elif defined(OS_POSIX) && !defined(OS_ANDROID)
595 base::FilePath config_dir_path;
596 if (PathService::Get(chrome::DIR_POLICY_FILES, &config_dir_path)) {
597 scoped_ptr<AsyncPolicyLoader> loader(new ConfigDirPolicyLoader(
598 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE),
599 config_dir_path,
600 POLICY_SCOPE_MACHINE));
601 return new AsyncPolicyProvider(GetSchemaRegistry(), loader.Pass());
602 } else {
603 return NULL;
604 }
605 #else
606 return NULL;
607 #endif
608 }
609
610 } // namespace policy
611