// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/policy/chrome_browser_cloud_management_controller_android.h"
#include <utility>
#include "base/functional/bind.h"
#include "base/functional/callback.h"
#include "base/task/single_thread_task_runner.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/enterprise/reporting/reporting_delegate_factory_android.h"
#include "chrome/browser/net/system_network_context_manager.h"
#include "chrome/browser/policy/android/cloud_management_shared_preferences.h"
#include "chrome/browser/policy/browser_dm_token_storage_android.h"
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
#include "chrome/browser/policy/client_data_delegate_android.h"
#include "chrome/common/chrome_paths.h"
#include "components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.h"
#include "components/policy/core/common/configuration_policy_provider.h"
#include "components/policy/core/common/policy_namespace.h"
#include "components/policy/core/common/policy_service.h"
#include "components/policy/policy_constants.h"
#include "content/public/browser/browser_task_traits.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/network_service_instance.h"
#include "services/network/public/cpp/shared_url_loader_factory.h"
namespace policy {
namespace {
// Responsible for triggering initialization once it can be determined if an
// enrollment token is set by non-CBCM policy providers.
class DeferredInitializationRunner
: public PolicyService::ProviderUpdateObserver {
public:
explicit DeferredInitializationRunner(base::OnceClosure callback);
DeferredInitializationRunner(const DeferredInitializationRunner&) = delete;
DeferredInitializationRunner& operator=(const DeferredInitializationRunner&) =
delete;
~DeferredInitializationRunner() override;
// PolicyService::ProviderUpdateObserver implementation:
void OnProviderUpdatePropagated(
ConfigurationPolicyProvider* provider) override;
private:
// If set, a callback to be invoked by |OnProviderUpdatePropagated|.
base::OnceClosure callback_;
};
DeferredInitializationRunner::DeferredInitializationRunner(
base::OnceClosure callback)
: callback_(std::move(callback)) {
PolicyService* policy_service =
g_browser_process->browser_policy_connector()->GetPolicyService();
policy_service->AddProviderUpdateObserver(this);
}
DeferredInitializationRunner::~DeferredInitializationRunner() {
if (callback_) {
PolicyService* policy_service =
g_browser_process->browser_policy_connector()->GetPolicyService();
policy_service->RemoveProviderUpdateObserver(this);
}
}
void DeferredInitializationRunner::OnProviderUpdatePropagated(
ConfigurationPolicyProvider* provider) {
if (!callback_ || provider != g_browser_process->browser_policy_connector()
->GetPlatformProvider()) {
return;
}
PolicyService* policy_service =
g_browser_process->browser_policy_connector()->GetPolicyService();
if (!policy_service
->GetPolicies(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string()))
.Get(key::kCloudManagementEnrollmentToken)) {
return;
}
policy_service->RemoveProviderUpdateObserver(this);
std::move(callback_).Run();
}
bool CloudManagementEnrollmentTokenPolicyAvailable() {
DCHECK(g_browser_process);
DCHECK(g_browser_process->browser_policy_connector());
DCHECK(g_browser_process->browser_policy_connector()->GetPolicyService());
return g_browser_process->browser_policy_connector()
->GetPolicyService()
->GetPolicies(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string()))
.Get(key::kCloudManagementEnrollmentToken);
}
} // namespace
ChromeBrowserCloudManagementControllerAndroid::
ChromeBrowserCloudManagementControllerAndroid() = default;
ChromeBrowserCloudManagementControllerAndroid::
~ChromeBrowserCloudManagementControllerAndroid() = default;
void ChromeBrowserCloudManagementControllerAndroid::
SetDMTokenStorageDelegate() {
BrowserDMTokenStorage::SetDelegate(
std::make_unique<BrowserDMTokenStorageAndroid>());
}
int ChromeBrowserCloudManagementControllerAndroid::GetUserDataDirKey() {
return chrome::DIR_USER_DATA;
}
base::FilePath
ChromeBrowserCloudManagementControllerAndroid::GetExternalPolicyDir() {
// External policies are not supported on Android.
return base::FilePath();
}
ChromeBrowserCloudManagementController::Delegate::NetworkConnectionTrackerGetter
ChromeBrowserCloudManagementControllerAndroid::
CreateNetworkConnectionTrackerGetter() {
return base::BindRepeating(&content::GetNetworkConnectionTracker);
}
void ChromeBrowserCloudManagementControllerAndroid::InitializeOAuthTokenFactory(
scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory,
PrefService* local_state) {
// Policy invalidations aren't currently supported on Android.
}
void ChromeBrowserCloudManagementControllerAndroid::StartWatchingRegistration(
ChromeBrowserCloudManagementController* controller) {
// Enrollment isn't blocking or mandatory on Android.
}
bool ChromeBrowserCloudManagementControllerAndroid::
IsEnterpriseStartupDialogShowing() {
// There is no enterprise startup dialog on Android.
return false;
}
bool ChromeBrowserCloudManagementControllerAndroid::
WaitUntilPolicyEnrollmentFinished() {
// Enrollment currently isn't blocking or mandatory on Android, so this method
// isn't used. Always report success.
return true;
}
void ChromeBrowserCloudManagementControllerAndroid::OnServiceAccountSet(
CloudPolicyClient* client,
const std::string& account_email) {
// Policy invalidations aren't currently supported on Android.
}
void ChromeBrowserCloudManagementControllerAndroid::ShutDown() {
// No additional shutdown to perform on Android.
}
MachineLevelUserCloudPolicyManager*
ChromeBrowserCloudManagementControllerAndroid::
GetMachineLevelUserCloudPolicyManager() {
return g_browser_process->browser_policy_connector()
->machine_level_user_cloud_policy_manager();
}
DeviceManagementService*
ChromeBrowserCloudManagementControllerAndroid::GetDeviceManagementService() {
return g_browser_process->browser_policy_connector()
->device_management_service();
}
scoped_refptr<network::SharedURLLoaderFactory>
ChromeBrowserCloudManagementControllerAndroid::GetSharedURLLoaderFactory() {
return g_browser_process->system_network_context_manager()
->GetSharedURLLoaderFactory();
}
scoped_refptr<base::SingleThreadTaskRunner>
ChromeBrowserCloudManagementControllerAndroid::GetBestEffortTaskRunner() {
// ChromeBrowserCloudManagementControllerAndroid is bound to BrowserThread::UI
// and so must its best-effort task runner.
DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
return content::GetUIThreadTaskRunner({base::TaskPriority::BEST_EFFORT});
}
std::unique_ptr<enterprise_reporting::ReportingDelegateFactory>
ChromeBrowserCloudManagementControllerAndroid::GetReportingDelegateFactory() {
return std::make_unique<
enterprise_reporting::ReportingDelegateFactoryAndroid>();
}
void ChromeBrowserCloudManagementControllerAndroid::SetGaiaURLLoaderFactory(
scoped_refptr<network::SharedURLLoaderFactory> url_loader_factory) {
// Policy invalidations aren't currently supported on Android.
}
bool ChromeBrowserCloudManagementControllerAndroid::
ReadyToCreatePolicyManager() {
// On Android, policy manager creation can happen if either:
// - a DM token was cached in Shared Preferences by a previous browser run;
// - an enrollment token is available via platform policies.
//
// If a DM token is available, then the policy manager can be created right
// away.
//
// Otherwise, creation needs to be postponed until the PolicyService has been
// initialized. Since this method can be called during PolicyService creation,
// additional checks (such as if the g_browser_process variable is set) are
// needed. When postponed, policy manager creation will happen during
// controller initialization, when it's guaranteed that the PolicyService
// exists and is initialized.
return !android::ReadDmTokenFromSharedPreferences().empty() ||
(g_browser_process && g_browser_process->browser_policy_connector() &&
g_browser_process->browser_policy_connector()->HasPolicyService() &&
CloudManagementEnrollmentTokenPolicyAvailable());
}
bool ChromeBrowserCloudManagementControllerAndroid::ReadyToInit() {
return !android::ReadDmTokenFromSharedPreferences().empty() ||
CloudManagementEnrollmentTokenPolicyAvailable();
}
std::unique_ptr<ClientDataDelegate>
ChromeBrowserCloudManagementControllerAndroid::CreateClientDataDelegate() {
return std::make_unique<ClientDataDelegateAndroid>();
}
void ChromeBrowserCloudManagementControllerAndroid::DeferInitialization(
base::OnceClosure callback) {
DCHECK(callback);
DCHECK(g_browser_process);
DCHECK(g_browser_process->browser_policy_connector());
provider_update_observer_ =
std::make_unique<DeferredInitializationRunner>(std::move(callback));
}
} // namespace policy
Codebase Browser
chromium