1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113
|
// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/policy/schema_registry_service_builder.h"
#include <memory>
#include <utility>
#include "base/check.h"
#include "build/build_config.h"
#include "chrome/browser/policy/schema_registry_service.h"
#include "components/policy/core/common/schema.h"
#include "components/policy/core/common/schema_registry.h"
#include "content/public/browser/browser_context.h"
#if BUILDFLAG(IS_CHROMEOS)
#include "chrome/browser/ash/policy/core/browser_policy_connector_ash.h"
#include "chrome/browser/ash/policy/core/device_cloud_policy_manager_ash.h"
#include "chrome/browser/ash/policy/core/device_local_account_policy_service.h"
#include "chrome/browser/ash/profiles/profile_helper.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/browser_process_platform_part_ash.h"
#include "chrome/browser/profiles/profile.h"
#include "components/user_manager/user.h"
#include "components/user_manager/user_manager.h"
#endif
namespace policy {
#if BUILDFLAG(IS_CHROMEOS)
namespace {
DeviceLocalAccountPolicyBroker* GetBroker(content::BrowserContext* context) {
Profile* profile = Profile::FromBrowserContext(context);
if (ash::ProfileHelper::IsSigninProfile(profile))
return nullptr;
if (!user_manager::UserManager::IsInitialized()) {
// Bail out in unit tests that don't have a UserManager.
return nullptr;
}
const user_manager::User* user =
ash::ProfileHelper::Get()->GetUserByProfile(profile);
if (!user)
return nullptr;
BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
DeviceLocalAccountPolicyService* service =
connector->GetDeviceLocalAccountPolicyService();
if (!service)
return nullptr;
return service->GetBrokerForUser(user->GetAccountId().GetUserEmail());
}
} // namespace
#endif // BUILDFLAG(IS_CHROMEOS)
std::unique_ptr<SchemaRegistryService> BuildSchemaRegistryServiceForProfile(
content::BrowserContext* context,
const Schema& chrome_schema,
CombinedSchemaRegistry* global_registry) {
DCHECK(!context->IsOffTheRecord());
std::unique_ptr<SchemaRegistry> registry;
#if BUILDFLAG(IS_CHROMEOS)
DeviceLocalAccountPolicyBroker* broker = GetBroker(context);
if (broker) {
// The SchemaRegistry for a device-local account is owned by its
// DeviceLocalAccountPolicyBroker, which uses the registry to fetch and
// cache policy even if there is no active session for that account.
// Use a ForwardingSchemaRegistry that wraps this SchemaRegistry.
registry =
std::make_unique<ForwardingSchemaRegistry>(broker->schema_registry());
}
#endif
if (!registry)
registry = std::make_unique<SchemaRegistry>();
#if BUILDFLAG(IS_CHROMEOS)
Profile* const profile = Profile::FromBrowserContext(context);
if (ash::ProfileHelper::IsSigninProfile(profile)) {
// Pass the SchemaRegistry of the signin profile to the device policy
// managers, for being used for fetching the component policies.
BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
policy::DeviceCloudPolicyManagerAsh* cloud_manager =
connector->GetDeviceCloudPolicyManager();
if (cloud_manager)
cloud_manager->SetSigninProfileSchemaRegistry(registry.get());
}
#endif
return BuildSchemaRegistryService(std::move(registry), chrome_schema,
global_registry);
}
std::unique_ptr<SchemaRegistryService> BuildSchemaRegistryService(
std::unique_ptr<SchemaRegistry> registry,
const Schema& chrome_schema,
CombinedSchemaRegistry* global_registry) {
return std::make_unique<SchemaRegistryService>(
std::move(registry), chrome_schema, global_registry);
}
} // namespace policy
|