Chromium Code Reviews Chromium Code Reviews
Issue 10928036:
Implement Chrome OS device enrollment on the new cloud policy stack. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | |
| 6 #define CHROME_BROWSER_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/basictypes.h" | |
| 11 #include "base/callback_forward.h" | |
|
Joao da Silva
2012/09/07 14:01:42
nit: not used
Mattias Nissler (ping if slow)
2012/10/23 15:30:41
Done.
| |
| 12 #include "base/compiler_specific.h" | |
| 13 #include "base/memory/scoped_ptr.h" | |
| 14 #include "chrome/browser/policy/cloud_policy_client.h" | |
| 15 #include "chrome/browser/policy/cloud_policy_store.h" | |
| 16 #include "chrome/browser/policy/cloud_policy_validator.h" | |
| 17 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" | |
| 18 | |
| 19 namespace enterprise_management { | |
| 20 class PolicyFetchResponse; | |
| 21 } | |
| 22 | |
| 23 namespace policy { | |
| 24 | |
| 25 class EnterpriseInstallAttributes; | |
| 26 | |
| 27 // Implements the logic that establishes enterprise enrollment for Chromium OS | |
| 28 // devices. The process is as follows: | |
| 29 // 1. Given an auth token, register with the policy service. | |
| 30 // 2. Download the initial policy blob from the service. | |
| 31 // 3. Verify the policy blob. Everything up to this point doesn't touch device | |
| 32 // state. | |
| 33 // 4. Establish the device lock in installation-time attributes. | |
| 34 // 5. Store the policy blob. | |
| 35 class EnrollmentHandlerChromeOS : public CloudPolicyClient::Observer, | |
| 36 public CloudPolicyStore::Observer { | |
| 37 public: | |
| 38 typedef DeviceCloudPolicyManagerChromeOS::EnrollmentCallback | |
| 39 CompletionCallback; | |
| 40 | |
| 41 // |store| and |install_attributes| must remain valid for the life time of the | |
| 42 // enrollment handler. | |
| 43 EnrollmentHandlerChromeOS(DeviceCloudPolicyStoreChromeOS* store, | |
| 44 EnterpriseInstallAttributes* install_attributes, | |
| 45 scoped_ptr<CloudPolicyClient> client, | |
| 46 const std::string& auth_token, | |
| 47 const CompletionCallback& completion_callback); | |
| 48 ~EnrollmentHandlerChromeOS(); | |
| 49 | |
| 50 // Starts the enrollment process and reports the result to | |
| 51 // |completion_callback|. | |
| 52 void StartEnrollment(); | |
| 53 | |
| 54 // Releases the client. | |
| 55 scoped_ptr<CloudPolicyClient> ReleaseClient(); | |
| 56 | |
| 57 // CloudPolicyClient::Observer: | |
| 58 virtual void OnPolicyFetched(CloudPolicyClient* client) OVERRIDE; | |
| 59 virtual void OnRegistrationStateChanged(CloudPolicyClient* client) OVERRIDE; | |
| 60 virtual void OnClientError(CloudPolicyClient* client) OVERRIDE; | |
| 61 | |
| 62 // CloudPolicyStore::Observer: | |
| 63 virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE; | |
| 64 virtual void OnStoreError(CloudPolicyStore* store) OVERRIDE; | |
| 65 | |
| 66 private: | |
| 67 // Indicates what step of the process is currently pending. | |
| 68 enum EnrollmentStep { | |
| 69 STEP_IDLE, // Not started yet. | |
| 70 STEP_REGISTRATION, // Currently registering the client. | |
| 71 STEP_POLICY_FETCH, // Fetching policy. | |
| 72 STEP_VALIDATION, // Policy validation. | |
| 73 STEP_LOCK_DEVICE, // Writing installation-time attributes. | |
| 74 STEP_STORE_POLICY, // Storing policy. | |
| 75 STEP_DONE, // All done. | |
| 76 }; | |
| 77 | |
| 78 // Starts registration if the store is initialized. | |
| 79 void AttemptRegistration(); | |
| 80 | |
| 81 // Handles the policy validation result, proceeding with installation-time | |
| 82 // attributes locking if successful. | |
| 83 void PolicyValidated(DeviceCloudPolicyValidator* validator); | |
| 84 | |
| 85 // Writes install attributes and proceeds to policy installation. If | |
| 86 // unsuccessful, reports the result. | |
| 87 void WriteInstallAttributes(const std::string& user, | |
| 88 DeviceMode device_mode, | |
| 89 const std::string& device_id); | |
| 90 | |
| 91 // Resets all transient state, disregarding any pending actions. | |
| 92 void Reset(); | |
| 93 | |
| 94 // Reports the result of the enrollment process to the initiator. | |
| 95 void ReportResult(EnrollmentStatus status, | |
| 96 DeviceManagementStatus dm_status, | |
| 97 CloudPolicyValidatorBase::Status validator_status, | |
| 98 CloudPolicyStore::Status store_status); | |
| 99 | |
| 100 DeviceCloudPolicyStoreChromeOS* store_; | |
| 101 EnterpriseInstallAttributes* install_attributes_; | |
| 102 scoped_ptr<CloudPolicyClient> client_; | |
| 103 | |
| 104 std::string auth_token_; | |
| 105 CompletionCallback completion_callback_; | |
| 106 | |
| 107 // The device mode as received in the registration request. | |
| 108 DeviceMode device_mode_; | |
| 109 | |
| 110 // The validated policy response to be installed in the store. | |
| 111 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; | |
| 112 | |
| 113 // Current enrollment step. | |
| 114 EnrollmentStep enrollment_step_; | |
| 115 | |
| 116 // Total amount of time in milliseconds spent waiting for lockbox | |
| 117 // initialization. | |
| 118 int lockbox_init_duration_; | |
| 119 | |
| 120 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_factory_; | |
|
Joao da Silva
2012/09/07 14:01:42
#include "base/memory/weak_ptr.h"
Mattias Nissler (ping if slow)
2012/10/23 15:30:41
Done.
| |
| 121 | |
| 122 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); | |
| 123 }; | |
| 124 | |
| 125 } // namespace policy | |
| 126 | |
| 127 #endif // CHROME_BROWSER_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ | |
| OLD | NEW |
