Add initial device policy infrastructure.

chrome/browser/policy/cloud_policy_cache.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "chrome/browser/policy/device_management_policy_cache.h"
+#include "chrome/browser/policy/cloud_policy_cache.h"
 
 #include <limits>
 #include <string>
 
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/task.h"
 #include "base/values.h"
 #include "chrome/browser/browser_thread.h"
+#include "chrome/browser/policy/configuration_policy_pref_store.h"
+#include "chrome/browser/policy/configuration_policy_provider.h"
 #include "chrome/browser/policy/proto/device_management_constants.h"
 #include "chrome/browser/policy/proto/device_management_local.pb.h"
 
 using google::protobuf::RepeatedField;
 using google::protobuf::RepeatedPtrField;
 
 namespace policy {
 
+// A thin ConfigurationPolicyProvider implementation sitting on top of
+// CloudPolicyCache for hooking up with ConfigurationPolicyPrefStore.
+class CloudPolicyCache::CloudPolicyProvider
+    : public ConfigurationPolicyProvider {
+ public:
+  CloudPolicyProvider(const PolicyDefinitionList* policy_list,
+                      CloudPolicyCache* cache,
+                      CloudPolicyCache::PolicyLevel level)
+      : ConfigurationPolicyProvider(policy_list),
+        cache_(cache),
+        level_(level) {}
+  virtual ~CloudPolicyProvider() {}
+
+  virtual bool Provide(ConfigurationPolicyStoreInterface* store) {
+    // TODO(mnissler) handle level once we have support for that in the cache.
+    DecodePolicyValueTree(cache_->policy_.get(), store);
+    return true;
+  }
+
+  virtual bool IsInitializationComplete() const {
+    return cache_->initialization_complete_;
+  }
+
+  virtual void AddObserver(ConfigurationPolicyProvider::Observer* observer) {
+    cache_->observer_list_.AddObserver(observer);
+  }
+  virtual void RemoveObserver(ConfigurationPolicyProvider::Observer* observer) {
+    cache_->observer_list_.RemoveObserver(observer);
+  }
+
+ private:
+  // The underlying policy cache.
+  CloudPolicyCache* cache_;
+  // Policy level this provider will handle.
+  CloudPolicyCache::PolicyLevel level_;
+
+  DISALLOW_COPY_AND_ASSIGN(CloudPolicyProvider);
+};
+
 // Saves policy information to a file.
 class PersistPolicyTask : public Task {
  public:
   PersistPolicyTask(const FilePath& path,
                     const em::DevicePolicyResponse* policy,
                     const base::Time& timestamp,
                     const bool is_device_unmanaged)
       : path_(path),
         policy_(policy),
         timestamp_(timestamp),
@@ skipping 22 matching lines @@
     return;
   }
 
   int size = data.size();
   if (file_util::WriteFile(path_, data.c_str(), size) != size) {
     LOG(WARNING) << "Failed to write " << path_.value();
     return;
   }
 }
 
-DeviceManagementPolicyCache::DeviceManagementPolicyCache(
+CloudPolicyCache::CloudPolicyCache(
     const FilePath& backing_file_path)
     : backing_file_path_(backing_file_path),
       policy_(new DictionaryValue),
-      fresh_policy_(false),
+      initialization_complete_(false),
       is_device_unmanaged_(false) {
+  managed_policy_provider_.reset(
+      new CloudPolicyProvider(
+          ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
+          this,
+          POLICY_LEVEL_MANDATORY));
+  recommended_policy_provider_.reset(
+      new CloudPolicyProvider(
+          ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
+          this,
+          POLICY_LEVEL_RECOMMENDED));
 }
 
-DeviceManagementPolicyCache::~DeviceManagementPolicyCache() {}
+CloudPolicyCache::~CloudPolicyCache() {
+  FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
+                    observer_list_, OnProviderGoingAway());
+}
 
-void DeviceManagementPolicyCache::LoadPolicyFromFile() {
-  if (!file_util::PathExists(backing_file_path_) || fresh_policy_)
+void CloudPolicyCache::LoadFromFile() {
+  if (!file_util::PathExists(backing_file_path_) || initialization_complete_)
     return;
 
   // Read the protobuf from the file.
   std::string data;
   if (!file_util::ReadFileToString(backing_file_path_, &data)) {
     LOG(WARNING) << "Failed to read policy data from "
                  << backing_file_path_.value();
     return;
   }
 
   em::CachedDevicePolicyResponse cached_policy;
   if (!cached_policy.ParseFromArray(data.c_str(), data.size())) {
     LOG(WARNING) << "Failed to parse policy data read from "
                  << backing_file_path_.value();
     return;
   }
 
   // Reject files that claim to be from the future.
   base::Time timestamp = base::Time::FromInternalValue(
       cached_policy.timestamp());
   if (timestamp > base::Time::NowFromSystemTime()) {
     LOG(WARNING) << "Rejected policy data from " << backing_file_path_.value()
                  << ", file is from the future.";
     return;
   }
-  is_device_unmanaged_ = cached_policy.unmanaged();
 
   // Decode and swap in the new policy information.
   scoped_ptr<DictionaryValue> value(DecodePolicy(cached_policy.policy()));
-  {
-    base::AutoLock lock(lock_);
-    if (!fresh_policy_)
-      policy_.reset(value.release());
-    last_policy_refresh_time_ = timestamp;
-  }
+  initialization_complete_ = true;
+  is_device_unmanaged_ = cached_policy.unmanaged();
+  policy_.reset(value.release());
+  last_policy_refresh_time_ = timestamp;
+
+  FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
+                    observer_list_, OnUpdatePolicy());
 }
 
-bool DeviceManagementPolicyCache::SetPolicy(
+bool CloudPolicyCache::SetPolicy(
     const em::DevicePolicyResponse& policy) {
   is_device_unmanaged_ = false;
-  DictionaryValue* value = DeviceManagementPolicyCache::DecodePolicy(policy);
+  DictionaryValue* value = CloudPolicyCache::DecodePolicy(policy);
   const bool new_policy_differs = !(value->Equals(policy_.get()));
   base::Time now(base::Time::NowFromSystemTime());
-  {
-    base::AutoLock lock(lock_);
-    policy_.reset(value);
-    fresh_policy_ = true;
-    last_policy_refresh_time_ = now;
-  }
+  policy_.reset(value);
+  initialization_complete_ = true;
+  last_policy_refresh_time_ = now;
+
+  FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
+                    observer_list_, OnUpdatePolicy());
 
   em::DevicePolicyResponse* policy_copy = new em::DevicePolicyResponse;
   policy_copy->CopyFrom(policy);
   BrowserThread::PostTask(
       BrowserThread::FILE,
       FROM_HERE,
       new PersistPolicyTask(backing_file_path_, policy_copy, now, false));
   return new_policy_differs;
 }
 
-DictionaryValue* DeviceManagementPolicyCache::GetPolicy() {
-  base::AutoLock lock(lock_);
-  return policy_->DeepCopy();
+ConfigurationPolicyProvider* CloudPolicyCache::GetManagedPolicyProvider() {
+  return managed_policy_provider_.get();

[danno, 2011/02/04 16:01:33]

Make this class nonthreadsafe?

[Jakob Kummerow, 2011/02/14 13:50:34]

Done.

 }
 
-void DeviceManagementPolicyCache::SetDeviceUnmanaged() {
+ConfigurationPolicyProvider* CloudPolicyCache::GetRecommendedPolicyProvider() {
+  return recommended_policy_provider_.get();
+}
+
+void CloudPolicyCache::SetDeviceUnmanaged() {
   is_device_unmanaged_ = true;
   base::Time now(base::Time::NowFromSystemTime());
-  {
-    base::AutoLock lock(lock_);
-    policy_.reset(new DictionaryValue);
-    last_policy_refresh_time_ = now;
-  }
+  policy_.reset(new DictionaryValue);
+  last_policy_refresh_time_ = now;
+
+  FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
+                    observer_list_, OnUpdatePolicy());
+
   BrowserThread::PostTask(
       BrowserThread::FILE,
       FROM_HERE,
       new PersistPolicyTask(backing_file_path_, NULL, now, true));
 }
 
 // static
-Value* DeviceManagementPolicyCache::DecodeIntegerValue(
+Value* CloudPolicyCache::DecodeIntegerValue(
     google::protobuf::int64 value) {
   if (value < std::numeric_limits<int>::min() ||
       value > std::numeric_limits<int>::max()) {
     LOG(WARNING) << "Integer value " << value
                  << " out of numeric limits, ignoring.";
     return NULL;
   }
 
   return Value::CreateIntegerValue(static_cast<int>(value));
 }
 
 // static
-Value* DeviceManagementPolicyCache::DecodeValue(const em::GenericValue& value) {
+Value* CloudPolicyCache::DecodeValue(const em::GenericValue& value) {
   if (!value.has_value_type())
     return NULL;
 
   switch (value.value_type()) {
     case em::GenericValue::VALUE_TYPE_BOOL:
       if (value.has_bool_value())
         return Value::CreateBooleanValue(value.bool_value());
       return NULL;
     case em::GenericValue::VALUE_TYPE_INT64:
       if (value.has_int64_value())
@@ skipping 48 matching lines @@
       return list;
     }
     default:
       NOTREACHED() << "Unhandled value type";
   }
 
   return NULL;
 }
 
 // static
-DictionaryValue* DeviceManagementPolicyCache::DecodePolicy(
+DictionaryValue* CloudPolicyCache::DecodePolicy(
     const em::DevicePolicyResponse& policy) {
   DictionaryValue* result = new DictionaryValue;
   RepeatedPtrField<em::DevicePolicySetting>::const_iterator setting;
   for (setting = policy.setting().begin();
        setting != policy.setting().end();
        ++setting) {
     // Wrong policy key? Skip.
     if (setting->policy_key().compare(kChromeDevicePolicySettingKey) != 0)
       continue;
 
     // No policy value? Skip.
     if (!setting->has_policy_value())
       continue;
 
     // Iterate through all the name-value pairs wrapped in |setting|.
     const em::GenericSetting& policy_value(setting->policy_value());
     RepeatedPtrField<em::GenericNamedValue>::const_iterator named_value;
     for (named_value = policy_value.named_value().begin();
          named_value != policy_value.named_value().end();
          ++named_value) {
       if (named_value->has_value()) {
         Value* decoded_value =
-            DeviceManagementPolicyCache::DecodeValue(named_value->value());
+            CloudPolicyCache::DecodeValue(named_value->value());
         if (decoded_value)
           result->Set(named_value->name(), decoded_value);
       }
     }
   }
   return result;
 }
 
 }  // namespace policy