Change naming to CloudManagementEnrollmentToken on all platforms.

Change-Id: Icfd4b43ed64252e0530ee033fc06f12186bcc2b6
Reviewed-on: https://chromium-review.googlesource.com/c/1347059Reviewed-by: Greg Thompson <grt@chromium.org>
Reviewed-by: Owen Min <zmin@chromium.org>
Commit-Queue: Georges Khalil <georgesak@chromium.org>
Cr-Commit-Position: refs/heads/master@{#611232}

chrome/browser/policy/browser_dm_token_storage_linux.cc

@@ -32,6 +32,9 @@ namespace {
 
 const char kDmTokenBaseDir[] = FILE_PATH_LITERAL("Policy/Enrollment/");
 const char kEnrollmentTokenFilename[] =
+    FILE_PATH_LITERAL("enrollment/CloudManagementEnrollmentToken");
+// TODO(crbug.com/907589) : Remove once no longer in use.
+const char kEnrollmentTokenOldFilename[] =
     FILE_PATH_LITERAL("enrollment/enrollment_token");
 const char kMachineIdFilename[] = FILE_PATH_LITERAL("/etc/machine-id");
 
@@ -115,8 +118,15 @@ std::string BrowserDMTokenStorageLinux::InitEnrollmentToken() {
   base::FilePath token_file_path =
       dir_policy_files_path.Append(kEnrollmentTokenFilename);
 
-  if (!base::ReadFileToString(token_file_path, &enrollment_token))
-    return std::string();
+  // Read the enrollment token from the new location. If that fails, try the old
+  // location (which will be deprecated soon). If that also fails, bail as there
+  // is no token set.
+  if (!base::ReadFileToString(token_file_path, &enrollment_token)) {
+    // TODO(crbug.com/907589) : Remove once no longer in use.
+    token_file_path = dir_policy_files_path.Append(kEnrollmentTokenOldFilename);
+    if (!base::ReadFileToString(token_file_path, &enrollment_token))
+      return std::string();
+  }
 
   return base::TrimWhitespaceASCII(enrollment_token, base::TRIM_ALL)
       .as_string();

chrome/browser/policy/browser_dm_token_storage_linux.h

@@ -43,6 +43,9 @@ class BrowserDMTokenStorageLinux : public BrowserDMTokenStorage {
 
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageLinuxTest, InitClientId);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageLinuxTest, InitEnrollmentToken);
+  // TODO(crbug.com/907589): Remove once no longer in use.
+  FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageLinuxTest,
+                           InitOldEnrollmentToken);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageLinuxTest, InitDMToken);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageLinuxTest,
                            InitDMTokenWithoutDirectory);

chrome/browser/policy/browser_dm_token_storage_linux_unittest.cc

@@ -27,6 +27,9 @@ namespace {
 
 const char kDmTokenBaseDir[] = FILE_PATH_LITERAL("Policy/Enrollment/");
 const char kEnrollmentTokenFilename[] =
+    FILE_PATH_LITERAL("enrollment/CloudManagementEnrollmentToken");
+// TODO(crbug.com/907589): Remove once no longer in use.
+const char kEnrollmentTokenOldFilename[] =
     FILE_PATH_LITERAL("enrollment/enrollment_token");
 
 const char kMachineId[] = "a1254c624234b270985170c3549725f1";
@@ -77,6 +80,32 @@ TEST_F(BrowserDMTokenStorageLinuxTest, InitEnrollmentToken) {
   EXPECT_EQ(kEnrollmentToken, storage.InitEnrollmentToken());
 }
 
+// TODO(crbug.com/907589): Remove once no longer in use.
+TEST_F(BrowserDMTokenStorageLinuxTest, InitOldEnrollmentToken) {
+  std::unique_ptr<base::ScopedPathOverride> path_override;
+  base::ScopedTempDir fake_policy_dir;
+
+  ASSERT_TRUE(fake_policy_dir.CreateUniqueTempDir());
+  path_override.reset(new base::ScopedPathOverride(chrome::DIR_POLICY_FILES,
+                                                   fake_policy_dir.GetPath()));
+
+  base::FilePath dir_policy_files_path;
+  ASSERT_TRUE(
+      base::PathService::Get(chrome::DIR_POLICY_FILES, &dir_policy_files_path));
+  base::FilePath enrollment_token_file_path =
+      dir_policy_files_path.Append(kEnrollmentTokenOldFilename);
+
+  ASSERT_TRUE(base::CreateDirectory(enrollment_token_file_path.DirName()));
+
+  int bytes_written =
+      base::WriteFile(base::FilePath(enrollment_token_file_path),
+                      kEnrollmentToken, strlen(kEnrollmentToken));
+  ASSERT_EQ(static_cast<int>(strlen(kEnrollmentToken)), bytes_written);
+
+  MockBrowserDMTokenStorageLinux storage;
+  EXPECT_EQ(kEnrollmentToken, storage.InitEnrollmentToken());
+}
+
 TEST_F(BrowserDMTokenStorageLinuxTest, InitDMToken) {
   std::unique_ptr<base::ScopedPathOverride> path_override;
   base::ScopedTempDir fake_user_data_dir;

chrome/browser/policy/browser_dm_token_storage_mac.mm

@@ -37,16 +37,15 @@ namespace {
 const char kDmTokenBaseDir[] =
     FILE_PATH_LITERAL("Google/Chrome Cloud Enrollment/");
 const CFStringRef kEnrollmentTokenPolicyName =
+    CFSTR("CloudManagementEnrollmentToken");
+// TODO(crbug.com/907589) : Remove once no longer in use.
+const CFStringRef kEnrollmentTokenOldPolicyName =
     CFSTR("MachineLevelUserCloudPolicyEnrollmentToken");
 const char kEnrollmentTokenFilePath[] =
-#if defined(GOOGLE_CHROME_BUILD)
-    FILE_PATH_LITERAL(
-        "/Library/Google/Chrome/MachineLevelUserCloudPolicyEnrollmentToken");
-#else
-    FILE_PATH_LITERAL(
-        "/Library/Application "
-        "Support/Chromium/MachineLevelUserCloudPolicyEnrollmentToken");
-#endif
+    FILE_PATH_LITERAL("/Library/Google/Chrome/CloudManagementEnrollmentToken");
+// TODO(crbug.com/907589) : Remove once no longer in use.
+const char kEnrollmentTokenOldFilePath[] = FILE_PATH_LITERAL(
+    "/Library/Google/Chrome/MachineLevelUserCloudPolicyEnrollmentToken");
 
 bool GetDmTokenFilePath(base::FilePath* token_file_path,
                         const std::string& client_id,
@@ -96,9 +95,18 @@ bool GetEnrollmentTokenFromPolicy(std::string* enrollment_token) {
   base::ScopedCFTypeRef<CFPropertyListRef> value(
       CFPreferencesCopyAppValue(kEnrollmentTokenPolicyName, bundle_id));
 
+  // Read the enrollment token from the new location. If that fails, try the old
+  // location (which will be deprecated soon). If that also fails, bail as there
+  // is no token set.
   if (!value ||
       !CFPreferencesAppValueIsForced(kEnrollmentTokenPolicyName, bundle_id)) {
-    return false;
+    // TODO(crbug.com/907589) : Remove once no longer in use.
+    value.reset(
+        CFPreferencesCopyAppValue(kEnrollmentTokenOldPolicyName, bundle_id));
+    if (!value || !CFPreferencesAppValueIsForced(kEnrollmentTokenOldPolicyName,
+                                                 bundle_id)) {
+      return false;
+    }
   }
   CFStringRef value_string = base::mac::CFCast<CFStringRef>(value);
   if (!value_string)
@@ -109,9 +117,16 @@ bool GetEnrollmentTokenFromPolicy(std::string* enrollment_token) {
 }
 
 bool GetEnrollmentTokenFromFile(std::string* enrollment_token) {
+  // Read the enrollment token from the new location. If that fails, try the old
+  // location (which will be deprecated soon). If that also fails, bail as there
+  // is no token set.
   if (!base::ReadFileToString(base::FilePath(kEnrollmentTokenFilePath),
                               enrollment_token)) {
-    return false;
+    // TODO(crbug.com/907589) : Remove once no longer in use.
+    if (!base::ReadFileToString(base::FilePath(kEnrollmentTokenOldFilePath),
+                                enrollment_token)) {
+      return false;
+    }
   }
   *enrollment_token =
       base::TrimWhitespaceASCII(*enrollment_token, base::TRIM_ALL).as_string();

chrome/browser/policy/browser_dm_token_storage_win.h

@@ -41,6 +41,12 @@ class BrowserDMTokenStorageWin : public BrowserDMTokenStorage {
 
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest, InitClientId);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest, InitEnrollmentToken);
+  // TODO(crbug.com/907589): Remove once no longer in use.
+  FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest,
+                           InitOldEnrollmentToken);
+  // TODO(crbug.com/907589): Remove once no longer in use.
+  FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest,
+                           InitOldEnrollmentTokenPriority);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest, InitDMToken);
   FRIEND_TEST_ALL_PREFIXES(BrowserDMTokenStorageWinTest, SaveDMToken);
 

chrome/browser/policy/browser_dm_token_storage_win_unittest.cc

@@ -21,6 +21,7 @@ namespace {
 
 constexpr wchar_t kClientId1[] = L"fake-client-id-1";
 constexpr wchar_t kEnrollmentToken1[] = L"fake-enrollment-token-1";
+constexpr wchar_t kEnrollmentToken2[] = L"fake-enrollment-token-2";
 constexpr char kDMToken1[] = "fake-dm-token-1";
 
 }  // namespace
@@ -45,8 +46,9 @@ class BrowserDMTokenStorageWinTest : public testing::Test {
   bool SetEnrollmentToken(const wchar_t* enrollment_token) {
     base::string16 key_path;
     base::string16 value_name;
+    base::string16 old_value_name;
     InstallUtil::GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
-        &key_path, &value_name);
+        &key_path, &value_name, &old_value_name);
     base::win::RegKey key;
     return (key.Create(HKEY_LOCAL_MACHINE, key_path.c_str(), KEY_SET_VALUE) ==
             ERROR_SUCCESS) &&
@@ -54,6 +56,20 @@ class BrowserDMTokenStorageWinTest : public testing::Test {
             ERROR_SUCCESS);
   }
 
+  // TODO(crbug.com/907589): Remove once no longer in use.
+  bool SetOldEnrollmentToken(const wchar_t* enrollment_token) {
+    base::string16 key_path;
+    base::string16 value_name;
+    base::string16 old_value_name;
+    InstallUtil::GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
+        &key_path, &value_name, &old_value_name);
+    base::win::RegKey key;
+    return (key.Create(HKEY_LOCAL_MACHINE, key_path.c_str(), KEY_SET_VALUE) ==
+            ERROR_SUCCESS) &&
+           (key.WriteValue(old_value_name.c_str(), enrollment_token) ==
+            ERROR_SUCCESS);
+  }
+
   bool SetDMToken(const std::string& dm_token) {
     base::win::RegKey key;
     base::string16 dm_token_key_path;
@@ -84,6 +100,46 @@ TEST_F(BrowserDMTokenStorageWinTest, InitEnrollmentToken) {
   EXPECT_EQ(base::WideToUTF8(kEnrollmentToken1), storage.InitEnrollmentToken());
 }
 
+// TODO(crbug.com/907589): Remove once no longer in use.
+TEST_F(BrowserDMTokenStorageWinTest, InitOldEnrollmentToken) {
+  ASSERT_TRUE(SetMachineGuid(kClientId1));
+  ASSERT_TRUE(SetOldEnrollmentToken(kEnrollmentToken1));
+
+  BrowserDMTokenStorageWin storage;
+  EXPECT_EQ(base::WideToUTF8(kEnrollmentToken1), storage.InitEnrollmentToken());
+}
+
+// This test ensures that the new location has precedence over the old one, if
+// both are set.
+// TODO(crbug.com/907589): Remove once no longer in use.
+TEST_F(BrowserDMTokenStorageWinTest, InitOldEnrollmentTokenPriority) {
+  ASSERT_TRUE(SetMachineGuid(kClientId1));
+
+  base::string16 key_path;
+  base::string16 value_name;
+  base::string16 old_value_name;
+  InstallUtil::GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
+      &key_path, &value_name, &old_value_name);
+
+  base::win::RegKey key;
+  bool success1 = (key.Create(HKEY_LOCAL_MACHINE, key_path.c_str(),
+                              KEY_SET_VALUE) == ERROR_SUCCESS) &&
+                  (key.WriteValue(L"CloudManagementEnrollmentToken",
+                                  kEnrollmentToken1) == ERROR_SUCCESS);
+
+  ASSERT_TRUE(success1);
+
+  bool success2 = (key.Create(HKEY_LOCAL_MACHINE, key_path.c_str(),
+                              KEY_SET_VALUE) == ERROR_SUCCESS) &&
+                  (key.WriteValue(L"MachineLevelUserCloudPolicyEnrollmentToken",
+                                  kEnrollmentToken2) == ERROR_SUCCESS);
+
+  ASSERT_TRUE(success2);
+
+  BrowserDMTokenStorageWin storage;
+  EXPECT_EQ(base::WideToUTF8(kEnrollmentToken1), storage.InitEnrollmentToken());
+}
+
 TEST_F(BrowserDMTokenStorageWinTest, InitDMToken) {
   ASSERT_TRUE(SetMachineGuid(kClientId1));
 

chrome/installer/util/install_util.cc

@@ -120,7 +120,7 @@ HWND CreateUACForegroundWindow() {
   return foreground_window;
 }
 
-// Returns Regstiry key path of Chrome policies. This is used by the policies
+// Returns Registry key path of Chrome policies. This is used by the policies
 // that are shared between Chrome and installer.
 base::string16 GetChromePoliciesRegistryPath() {
   base::string16 key_path = L"SOFTWARE\\Policies\\";
@@ -646,12 +646,14 @@ void InstallUtil::AddUpdateDowngradeVersionItem(
 // static
 void InstallUtil::GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
     base::string16* key_path,
-    base::string16* value_name) {
+    base::string16* value_name,
+    base::string16* old_value_name) {
   // This token applies to all installs on the machine, even though only a
   // system install can set it.  This is to prevent users from doing a user
   // install of chrome to get around policies.
   *key_path = GetChromePoliciesRegistryPath();
-  *value_name = L"MachineLevelUserCloudPolicyEnrollmentToken";
+  *value_name = L"CloudManagementEnrollmentToken";
+  *old_value_name = L"MachineLevelUserCloudPolicyEnrollmentToken";
 }
 
 // static
@@ -682,12 +684,14 @@ base::string16 InstallUtil::GetMachineLevelUserCloudPolicyEnrollmentToken() {
   // the enrollment and/or DM tokens.  See crbug.com/823852 for details.
   base::string16 key_path;
   base::string16 value_name;
-  GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(&key_path,
-                                                            &value_name);
+  base::string16 old_value_name;
+  GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
+      &key_path, &value_name, &old_value_name);
 
   base::string16 value;
   RegKey key(HKEY_LOCAL_MACHINE, key_path.c_str(), KEY_QUERY_VALUE);
-  key.ReadValue(value_name.c_str(), &value);
+  if (key.ReadValue(value_name.c_str(), &value) == ERROR_FILE_NOT_FOUND)
+    key.ReadValue(old_value_name.c_str(), &value);
 
   return value;
 }

chrome/installer/util/install_util.h

@@ -180,12 +180,16 @@ class InstallUtil {
 
   // Returns the registry key path and value name where the enrollment token is
   // stored for machine level user cloud policies.
+  // Note that the value name was recently changed, we still need to return the
+  // old for some time until it's no longer in use.
+  // TODO(crbug.com/907589) : Remove |old_value_name| once no longer in use.
   static void GetMachineLevelUserCloudPolicyEnrollmentTokenRegistryPath(
       base::string16* key_path,
-      base::string16* value_name);
+      base::string16* value_name,
+      base::string16* old_value_name);
 
-  // Returns the registry key path and value name where the enrollment token is
-  // stored for machine level user cloud policies.
+  // Returns the registry key path and value name where the DM token is stored
+  // for machine level user cloud policies.
   static void GetMachineLevelUserCloudPolicyDMTokenRegistryPath(
       base::string16* key_path,
       base::string16* value_name);