Fix no policies are fetched when extension install policies are active [chromium/src : main]
0 views
Skip to first unread message
Yann Dago (Gerrit)
Feb 19, 2026, 3:11:38 PM (13 hours ago) Feb 19
to Lei Zhang, Nicolas Ouellet-Payeur, Enterprise Policy Reviews, AyeAye, Chromium LUCI CQ, Owen Min, eic+...@google.com, marq+...@chromium.org, ios-revie...@chromium.org, ios-r...@chromium.org, cros-report...@google.com, chromium-a...@chromium.org, extension...@chromium.org
Attention needed from Artem Sumaneev and Owen Min
Yann Dago voted and added 1 comment![]( "Open in Gerrit")
Votes added by Yann Dago
| Commit-Queue | +2 |
1 comment
Commit Message
Line 7, Patchset 21:
Fix bug where no policies are fetched when extension install policies are active and reactivate policy verificationLei Zhang . resolved
Yann DagoCan the summarize line be shortened?
Done
Related details
Attention is currently required from:
- Artem Sumaneev
- Owen Min
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Yann Dago (Gerrit)
Feb 19, 2026, 6:09:01 PM (11 hours ago) Feb 19
to Lei Zhang, Nicolas Ouellet-Payeur, Enterprise Policy Reviews, AyeAye, Chromium LUCI CQ, Owen Min, eic+...@google.com, marq+...@chromium.org, ios-revie...@chromium.org, ios-r...@chromium.org, cros-report...@google.com, chromium-a...@chromium.org, extension...@chromium.org
Attention needed from Artem Sumaneev and Owen Min
Yann Dago voted Commit-Queue+2![]( "Open in Gerrit")
| Commit-Queue | +2 |
Related details
Attention is currently required from:
- Artem Sumaneev
- Owen Min
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Chromium LUCI CQ (Gerrit)
Feb 19, 2026, 7:52:49 PM (9 hours ago) Feb 19
to Yann Dago, Lei Zhang, Nicolas Ouellet-Payeur, Enterprise Policy Reviews, AyeAye, Owen Min, eic+...@google.com, marq+...@chromium.org, ios-revie...@chromium.org, ios-r...@chromium.org, cros-report...@google.com, chromium-a...@chromium.org, extension...@chromium.org
Chromium LUCI CQ submitted the change with unreviewed changes![]( "Open in Gerrit")
Unreviewed changes
21 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: chrome/browser/policy/cloud/extension_install_policy_service.cc
Insertions: 3, Deletions: 1.
@@ -148,7 +148,9 @@
return;
}
client_observation_.Reset();
- std::move(callback_).Run(&manager_.get());
+ if (callback_) {
+ std::move(callback_).Run(&manager_.get());
+ }
}
CloudPolicyManager* GetManager() const { return &manager_.get(); }
```
```
The name of the file: components/policy/core/common/cloud/cloud_policy_manager.h
Insertions: 0, Deletions: 2.
@@ -170,8 +170,6 @@
std::unique_ptr<ComponentCloudPolicyService> component_policy_service_;
base::ScopedObservation<CloudPolicyStore, CloudPolicyStore::Observer>
- store_observation_{this};
- base::ScopedObservation<CloudPolicyStore, CloudPolicyStore::Observer>
extension_install_store_observation_{this};
// Has component policy ever been published.
```
```
The name of the file: components/policy/core/common/cloud/cloud_policy_manager.cc
Insertions: 2, Deletions: 2.
@@ -130,7 +130,7 @@
void CloudPolicyManager::Init(SchemaRegistry* registry) {
ConfigurationPolicyProvider::Init(registry);
- store_observation_.Observe(store());
+ store()->AddObserver(this);
// If the underlying store is already initialized, pretend it was loaded now.
// Note: It is not enough to just copy OnStoreLoaded's contents here because
@@ -144,7 +144,7 @@
void CloudPolicyManager::Shutdown() {
component_policy_service_.reset();
core_.Disconnect();
- store_observation_.Reset();
+ store()->RemoveObserver(this);
if (extension_install_core_) {
extension_install_core_->Disconnect();
}
```
Change information
Commit message:
Fix no policies are fetched when extension install policies are active
The server does not allow fetching 2 primary policy types in the same
request. This warrant a refactor on the client side to separate the
fetching of all policy types.
This change refactors how extension install policies are managed.
Instead of having a single CloudPolicyCore and therefore a single
CloudPolicy?Client handle both the main policy and the extension install
policy, a separate CloudPolicyCore instance is created within
CloudPolicyManager specifically for extension install policies.
The new extension install core is initialized by
ExtensionInstallPolicyServiceImpl only after the main
CloudPolicyManager's client is registered. This allows for better
isolation and on-demand initialization of the extension install policy
fetching mechanism.
Signature verification for extension install policies is also
re-enabled, as the separate core structure addresses the previous
issues.
Bug: 485872483
Fixed: 483099777
Change-Id: I682e9dee7f2d33ee0312fc2378d1fd4134d8d236
Reviewed-by: Nicolas Ouellet-Payeur <nico...@chromium.org>
Commit-Queue: Yann Dago <yd...@chromium.org>
Reviewed-by: Lei Zhang <the...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1587527}
Files:
- M chrome/browser/ash/policy/core/device_local_account_policy_broker.cc
- M chrome/browser/policy/cloud/cloud_policy_invalidator.cc
- M chrome/browser/policy/cloud/cloud_policy_invalidator.h
- M chrome/browser/policy/cloud/cloud_policy_invalidator_unittest.cc
- M chrome/browser/policy/cloud/extension_install_policy_invalidator.cc
- M chrome/browser/policy/cloud/extension_install_policy_invalidator.h
- M chrome/browser/policy/cloud/extension_install_policy_invalidator_unittest.cc
- M chrome/browser/policy/cloud/extension_install_policy_service.cc
- M chrome/browser/policy/cloud/extension_install_policy_service.h
- M chrome/browser/policy/cloud/extension_install_policy_service_unittest.cc
- M chrome/browser/policy/cloud/fm_registration_token_uploader_unittest.cc
- M chrome/browser/policy/cloud/policy_invalidator.cc
- M chrome/browser/policy/cloud/policy_invalidator.h
- M chrome/browser/policy/messaging_layer/util/reporting_server_connector_test_util.cc
- M chrome/browser/policy/messaging_layer/util/reporting_server_connector_test_util.h
- M components/policy/core/common/cloud/affiliation_unittest.cc
- M components/policy/core/common/cloud/cloud_policy_client.cc
- M components/policy/core/common/cloud/cloud_policy_client.h
- M components/policy/core/common/cloud/cloud_policy_core.cc
- M components/policy/core/common/cloud/cloud_policy_core.h
- M components/policy/core/common/cloud/cloud_policy_core_unittest.cc
- M components/policy/core/common/cloud/cloud_policy_manager.cc
- M components/policy/core/common/cloud/cloud_policy_manager.h
- M components/policy/core/common/cloud/cloud_policy_manager_unittest.cc
- M components/policy/core/common/cloud/cloud_policy_service.cc
- M components/policy/core/common/cloud/cloud_policy_validator.cc
- M components/policy/core/common/cloud/component_cloud_policy_service_unittest.cc
- M components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.cc
- M components/policy/core/common/cloud/machine_level_user_cloud_policy_store.h
- M components/policy/core/common/cloud/profile_cloud_policy_manager_unittest.cc
- M components/policy/core/common/cloud/user_cloud_policy_manager.cc
- M components/policy/core/common/cloud/user_cloud_policy_manager_unittest.cc
- M components/policy/core/common/policy_types.h
- M components/policy/core/common/remote_commands/remote_commands_invalidator_unittest.cc
- M components/policy/proto/device_management_backend.proto
- M ios/chrome/browser/policy/model/status_provider/user_cloud_policy_status_provider_unittest.mm
Change size: L
Delta: 36 files changed, 390 insertions(+), 321 deletions(-)
Branch: refs/heads/main
Submit Requirements:
Code-Review: +1 by Lei Zhang, +1 by Nicolas Ouellet-Payeur
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages