Add AffiliatedInvalidationServiceProvider

Device policy pushing requires a connected invalidation service which belongs to an account that is affiliated with the device's enrollment domain. If an affiliated user is logged in and has a connected per-profile invalidation service, that service is used. Otherwise, a device-global invalidation service is spun up. This CL extracts the mechanism from DeviceCloudPolicyInvalidator and generalizes it so that it can be used by any number of consumers. This will allow the same invalidation service to be resued by e.g. device policy pushing, device-local account policy pushing and device remote commands. The CL adds a new AffiliatedInvalidationServiceProvider with tests but does not switch the DeviceCloudPolicyInvalidator to this new infrastructure yet. That will be done in a follow-up CL. BUG=442800 TEST=New unit tests Review URL: https://codereview.chromium.org/828953004 Cr-Commit-Position: refs/heads/master@{#313488}

Add AffiliatedInvalidationServiceProvider
Device policy pushing requires a connected invalidation service which belongs to an account that is affiliated with the device's enrollment domain. If an affiliated user is logged in and has a connected per-profile invalidation service, that service is used. Otherwise, a device-global invalidation service is spun up. This CL extracts the mechanism from DeviceCloudPolicyInvalidator and generalizes it so that it can be used by any number of consumers. This will allow the same invalidation service to be resued by e.g. device policy pushing, device-local account policy pushing and device remote commands. The CL adds a new AffiliatedInvalidationServiceProvider with tests but does not switch the DeviceCloudPolicyInvalidator to this new infrastructure yet. That will be done in a follow-up CL. BUG=442800 TEST=New unit tests Review URL: https://codereview.chromium.org/828953004 Cr-Commit-Position: refs/heads/master@{#313488}
465d8a5a · bartfab · Commit bot · ac59daac · 465d8a5a · 465d8a5a
Commit 465d8a5a authored Jan 28, 2015 by bartfab Committed by Commit bot Jan 28, 2015
8 changed files
--- a/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider.cc
+++ b/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider.cc
--- a/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider.h
+++ b/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider.h
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef CHROME_BROWSER_CHROMEOS_POLICY_AFFILIATED_INVALIDATION_SERVICE_PROVIDER_H_
+#define CHROME_BROWSER_CHROMEOS_POLICY_AFFILIATED_INVALIDATION_SERVICE_PROVIDER_H_
+#include "base/macros.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/memory/scoped_vector.h"
+#include "base/observer_list.h"
+#include "content/public/browser/notification_observer.h"
+#include "content/public/browser/notification_registrar.h"
+namespace invalidation {
+class InvalidationService;
+class TiclInvalidationService;
+}
+namespace policy {
+// This class provides access to an |InvalidationService| that can be used to
+// subscribe to invalidations generated by the device's enrollment domain, e.g.
+// policy pushing and remote commands for:
+// * the device itself
+// * device-local accounts
+// * other users affiliated with the enrollment domain
+//
+// If an affiliated user with a connected invalidation service is logged in,
+// that invalidation service will be used to conserve server resources. If there
+// are no logged-in users matching these criteria, a device-global
+// |TiclInvalidationService| is spun up.
+// The class monitors the status of the invalidation services and switches
+// between them whenever the service currently in use disconnects or the
+// device-global invalidation service can be replaced with another service that
+// just connected.
+class AffiliatedInvalidationServiceProvider
+    : public content::NotificationObserver {
+ public:
+  class Consumer {
+   public:
+    // This method is called when the invalidation service that the consumer
+    // should use changes:
+    // * If |invalidation_service| is a nullptr, no invalidation service is
+    //   currently available for use.
+    // * Otherwise, |invalidation_service| is the invalidation service that the
+    //   consumer should use. It is guaranteed to be connected. Any previously
+    //   provided invalidation services must no longer be used.
+    virtual void OnInvalidationServiceSet(
+        invalidation::InvalidationService* invalidation_service) = 0;
+   protected:
+    virtual ~Consumer();
+  };
+  AffiliatedInvalidationServiceProvider();
+  ~AffiliatedInvalidationServiceProvider() override;
+  // content::NotificationObserver:
+  void Observe(int type,
+               const content::NotificationSource& source,
+               const content::NotificationDetails& details) override;
+  // Indicates that |consumer| is interested in using the shared
+  // |InvalidationService|. The consumer's OnInvalidationServiceSet() method
+  // will be called back when a connected invalidation service becomes
+  // available. If an invalidation service is available already, the callback
+  // will occur synchronously. The |consumer| must be unregistered before |this|
+  // is destroyed.
+  void RegisterConsumer(Consumer* consumer);
+  // Indicates that |consumer| is no longer interested in using the
+  // shared |InvalidationService|.
+  void UnregisterConsumer(Consumer* consumer);
+  // Shuts down the provider. Once the provider is shut down, it no longer makes
+  // any invalidation service available to consumers, no longer observes any
+  // per-profile invalidation services and no longer maintains a device-global
+  // invalidation service.
+  void Shutdown();
+  invalidation::TiclInvalidationService*
+      GetDeviceInvalidationServiceForTest() const;
+ private:
+  // Helper that monitors the status of a single |InvalidationService|.
+  class InvalidationServiceObserver;
+  // Status updates received from |InvalidationServiceObserver|s.
+  void OnInvalidationServiceConnected(
+      invalidation::InvalidationService* invalidation_service);
+  void OnInvalidationServiceDisconnected(
+      invalidation::InvalidationService* invalidation_service);
+  // Checks whether a connected |InvalidationService| affiliated with the
+  // device's enrollment domain is available. If so, notifies the consumers.
+  // Otherwise, consumers will be notified once such an invalidation service
+  // becomes available.
+  // Further ensures that a device-global invalidation service is running iff
+  // there is no other connected service available for use and there is at least
+  // one registered consumer.
+  void FindConnectedInvalidationService();
+  // Choose |invalidation_service| as the shared invalidation service and notify
+  // consumers.
+  void SetInvalidationService(
+      invalidation::InvalidationService* invalidation_service);
+  // Destroy the device-global invalidation service, if any.
+  void DestroyDeviceInvalidationService();
+  content::NotificationRegistrar registrar_;
+  // Device-global invalidation service.
+  scoped_ptr<invalidation::TiclInvalidationService>
+      device_invalidation_service_;
+  // State observer for the device-global invalidation service.
+  scoped_ptr<InvalidationServiceObserver> device_invalidation_service_observer_;
+  // State observers for logged-in users' invalidation services.
+  ScopedVector<InvalidationServiceObserver>
+      profile_invalidation_service_observers_;
+  // The invalidation service currently used by consumers. nullptr if there are
+  // no registered consumers or no connected invalidation service is available
+  // for use.
+  invalidation::InvalidationService* invalidation_service_;
+  ObserverList<Consumer, true> consumers_;
+  int consumer_count_;
+  bool is_shut_down_;
+  DISALLOW_COPY_AND_ASSIGN(AffiliatedInvalidationServiceProvider);
+};
+}  // namespace policy
+#endif  // CHROME_BROWSER_CHROMEOS_POLICY_AFFILIATED_INVALIDATION_SERVICE_PROVIDER_H_
--- a/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider_unittest.cc
+++ b/chrome/browser/chromeos/policy/affiliated_invalidation_service_provider_unittest.cc
--- a/chrome/browser/chromeos/policy/browser_policy_connector_chromeos.cc
+++ b/chrome/browser/chromeos/policy/browser_policy_connector_chromeos.cc
@@ -17,6 +17,7 @@
 #include "base/sequenced_task_runner.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/threading/sequenced_worker_pool.h"
+#include "chrome/browser/chromeos/policy/affiliated_invalidation_service_provider.h"
 #include "chrome/browser/chromeos/policy/consumer_management_service.h"
 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
 #include "chrome/browser/chromeos/policy/device_cloud_policy_invalidator.h"
@@ -152,6 +153,9 @@ void BrowserPolicyConnectorChromeOS::Init(
  local_state_ = local_state;
  ChromeBrowserPolicyConnector::Init(local_state, request_context);
+  affiliated_invalidation_service_provider_.reset(
+      new AffiliatedInvalidationServiceProvider);
  const base::CommandLine* command_line =
      base::CommandLine::ForCurrentProcess();
  if (command_line->HasSwitch(chromeos::switches::kEnableConsumerManagement)) {
@@ -201,6 +205,13 @@ void BrowserPolicyConnectorChromeOS::Init(
 }
 void BrowserPolicyConnectorChromeOS::PreShutdown() {
+  // Let the |affiliated_invalidation_service_provider_| unregister itself as an
+  // observer of per-Profile InvalidationServices and the device-global
+  // invalidation::TiclInvalidationService it may have created as an observer of
+  // the DeviceOAuth2TokenService that is destroyed before Shutdown() is called.
+  if (affiliated_invalidation_service_provider_)
+    affiliated_invalidation_service_provider_->Shutdown();
  // Let the |device_cloud_policy_invalidator_| unregister itself as an
  // observer of per-Profile InvalidationServices and the device-global
  // invalidation::TiclInvalidationService it may have created as an observer of

--- a/chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h
+++ b/chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h
@@ -24,6 +24,7 @@ class URLRequestContextGetter;
 namespace policy {
+class AffiliatedInvalidationServiceProvider;
 class ConsumerManagementService;
 class DeviceCloudPolicyInitializer;
 class DeviceCloudPolicyInvalidator;
@@ -150,6 +151,8 @@ class BrowserPolicyConnectorChromeOS
  // Components of the device cloud policy implementation.
  scoped_ptr<ServerBackedStateKeysBroker> state_keys_broker_;
  scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
+  scoped_ptr<AffiliatedInvalidationServiceProvider>
+      affiliated_invalidation_service_provider_;
  scoped_ptr<ConsumerManagementService> consumer_management_service_;
  DeviceCloudPolicyManagerChromeOS* device_cloud_policy_manager_;
  PrefService* local_state_;

--- a/chrome/browser/invalidation/profile_invalidation_provider_factory.h
+++ b/chrome/browser/invalidation/profile_invalidation_provider_factory.h
@@ -10,6 +10,7 @@
 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
 namespace policy {
+class AffiliatedInvalidationServiceProviderTest;
 class DeviceCloudPolicyInvalidatorTest;
 }
@@ -48,6 +49,7 @@ class ProfileInvalidationProviderFactory
 private:
  friend class ProfileInvalidationProviderFactoryTestBase;
+  friend class policy::AffiliatedInvalidationServiceProviderTest;
  friend class policy::DeviceCloudPolicyInvalidatorTest;
  friend struct DefaultSingletonTraits<ProfileInvalidationProviderFactory>;

--- a/chrome/chrome_browser_chromeos.gypi
+++ b/chrome/chrome_browser_chromeos.gypi
@@ -727,6 +727,8 @@
        'browser/chromeos/platform_keys/platform_keys_service.h',
        'browser/chromeos/platform_keys/platform_keys_service_factory.cc',
        'browser/chromeos/platform_keys/platform_keys_service_factory.h',
+        'browser/chromeos/policy/affiliated_invalidation_service_provider.cc',
+        'browser/chromeos/policy/affiliated_invalidation_service_provider.h',
        'browser/chromeos/policy/auto_enrollment_client.cc',
        'browser/chromeos/policy/auto_enrollment_client.h',
        'browser/chromeos/policy/browser_policy_connector_chromeos.cc',

--- a/chrome/chrome_tests_unit.gypi
+++ b/chrome/chrome_tests_unit.gypi
@@ -1244,6 +1244,7 @@
      'browser/chromeos/ownership/fake_owner_settings_service.cc',
      'browser/chromeos/ownership/fake_owner_settings_service.h',
      'browser/chromeos/ownership/owner_settings_service_chromeos_unittest.cc',
+      'browser/chromeos/policy/affiliated_invalidation_service_provider_unittest.cc',
      'browser/chromeos/policy/auto_enrollment_client_unittest.cc',
      'browser/chromeos/policy/cloud_external_data_manager_base_unittest.cc',
      'browser/chromeos/policy/cloud_external_data_policy_observer_unittest.cc',