OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
11 #include "base/gtest_prod_util.h" | 11 #include "base/gtest_prod_util.h" |
| 12 #include "base/observer_list.h" |
12 #include "base/ref_counted.h" | 13 #include "base/ref_counted.h" |
13 #include "base/scoped_ptr.h" | 14 #include "base/scoped_ptr.h" |
14 #include "base/synchronization/lock.h" | 15 #include "base/threading/non_thread_safe.h" |
15 #include "base/time.h" | 16 #include "base/time.h" |
16 #include "chrome/browser/policy/configuration_policy_provider.h" | 17 #include "chrome/browser/policy/configuration_policy_provider.h" |
17 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 18 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
18 #include "policy/configuration_policy_type.h" | 19 #include "policy/configuration_policy_type.h" |
19 | 20 |
20 class DictionaryValue; | 21 class DictionaryValue; |
21 class ListValue; | 22 class ListValue; |
22 class Value; | 23 class Value; |
23 | 24 |
24 using google::protobuf::RepeatedPtrField; | 25 using google::protobuf::RepeatedPtrField; |
25 | 26 |
26 namespace policy { | 27 namespace policy { |
27 | 28 |
28 namespace em = enterprise_management; | 29 namespace em = enterprise_management; |
29 | 30 |
30 // Decodes a CloudPolicySettings object into two maps with mandatory and | 31 // Decodes a CloudPolicySettings object into two maps with mandatory and |
31 // recommended settings, respectively. The implementation is generated code | 32 // recommended settings, respectively. The implementation is generated code |
32 // in policy/cloud_policy_generated.cc. | 33 // in policy/cloud_policy_generated.cc. |
33 void DecodePolicy(const em::CloudPolicySettings& policy, | 34 void DecodePolicy(const em::CloudPolicySettings& policy, |
34 ConfigurationPolicyProvider::PolicyMapType* mandatory, | 35 ConfigurationPolicyProvider::PolicyMapType* mandatory, |
35 ConfigurationPolicyProvider::PolicyMapType* recommended); | 36 ConfigurationPolicyProvider::PolicyMapType* recommended); |
36 | 37 |
37 // Keeps the authoritative copy of cloud policy information as read from the | 38 // Keeps the authoritative copy of cloud policy information as read from the |
38 // persistence file or determined by the policy backend. The cache doesn't talk | 39 // persistence file or determined by the policy backend. The cache doesn't talk |
39 // to the service directly, but receives updated policy information through | 40 // to the service directly, but receives updated policy information through |
40 // SetPolicy() calls, which is then persisted and decoded into the internal | 41 // SetPolicy() calls, which is then persisted and decoded into the internal |
41 // Value representation chrome uses. | 42 // Value representation chrome uses. |
42 class CloudPolicyCache { | 43 class CloudPolicyCache : public base::NonThreadSafe { |
43 public: | 44 public: |
44 typedef ConfigurationPolicyProvider::PolicyMapType PolicyMapType; | 45 typedef ConfigurationPolicyProvider::PolicyMapType PolicyMapType; |
45 | 46 |
| 47 // Used to distinguish mandatory from recommended policies. |
| 48 enum PolicyLevel { |
| 49 // Policy is forced upon the user and should always take effect. |
| 50 POLICY_LEVEL_MANDATORY, |
| 51 // The value is just a recommendation that the user may override. |
| 52 POLICY_LEVEL_RECOMMENDED, |
| 53 }; |
| 54 |
46 explicit CloudPolicyCache(const FilePath& backing_file_path); | 55 explicit CloudPolicyCache(const FilePath& backing_file_path); |
47 ~CloudPolicyCache(); | 56 ~CloudPolicyCache(); |
48 | 57 |
49 // Loads policy information from the backing file. Non-existing or erroneous | 58 // Loads policy information from the backing file. Non-existing or erroneous |
50 // cache files are ignored. | 59 // cache files are ignored. |
51 void LoadPolicyFromFile(); | 60 void LoadFromFile(); |
52 | 61 |
53 // Resets the policy information. Returns true if the new policy is different | 62 // Resets the policy information. Returns true if the new policy is different |
54 // from the previously stored policy. | 63 // from the previously stored policy. |
55 bool SetPolicy(const em::CloudPolicyResponse& policy); | 64 bool SetPolicy(const em::CloudPolicyResponse& policy); |
56 bool SetDevicePolicy(const em::DevicePolicyResponse& policy); | 65 bool SetDevicePolicy(const em::DevicePolicyResponse& policy); |
57 | 66 |
58 // Gets the policy information. Ownership of the return value is transferred | 67 ConfigurationPolicyProvider* GetManagedPolicyProvider(); |
59 // to the caller. | 68 ConfigurationPolicyProvider* GetRecommendedPolicyProvider(); |
60 DictionaryValue* GetDevicePolicy(); | |
61 const PolicyMapType* GetMandatoryPolicy() const; | |
62 const PolicyMapType* GetRecommendedPolicy() const; | |
63 | 69 |
64 void SetUnmanaged(); | 70 void SetUnmanaged(); |
65 bool is_unmanaged() const { | 71 bool is_unmanaged() const { |
66 return is_unmanaged_; | 72 return is_unmanaged_; |
67 } | 73 } |
68 | 74 |
69 // Returns the time at which the policy was last fetched. | 75 // Returns the time at which the policy was last fetched. |
70 base::Time last_policy_refresh_time() const { | 76 base::Time last_policy_refresh_time() const { |
71 return last_policy_refresh_time_; | 77 return last_policy_refresh_time_; |
72 } | 78 } |
73 | 79 |
74 // Returns true if this cache holds (old-style) device policy that should be | 80 // Returns true if this cache holds (old-style) device policy that should be |
75 // given preference over (new-style) mandatory/recommended policy. | 81 // given preference over (new-style) mandatory/recommended policy. |
76 bool has_device_policy() const { | 82 bool has_device_policy() const { |
77 return has_device_policy_; | 83 return has_device_policy_; |
78 } | 84 } |
79 | 85 |
80 private: | 86 private: |
| 87 class CloudPolicyProvider; |
| 88 |
81 friend class CloudPolicyCacheTest; | 89 friend class CloudPolicyCacheTest; |
| 90 friend class DeviceManagementPolicyCacheTest; |
82 friend class DeviceManagementPolicyCacheDecodeTest; | 91 friend class DeviceManagementPolicyCacheDecodeTest; |
83 | 92 |
84 // Decodes a CloudPolicyResponse into two (ConfigurationPolicyType -> Value*) | 93 // Decodes a CloudPolicyResponse into two (ConfigurationPolicyType -> Value*) |
85 // maps and a timestamp. Also performs verification, returns NULL if any | 94 // maps and a timestamp. Also performs verification, returns NULL if any |
86 // check fails. | 95 // check fails. |
87 static bool DecodePolicyResponse( | 96 static bool DecodePolicyResponse( |
88 const em::CloudPolicyResponse& policy_response, | 97 const em::CloudPolicyResponse& policy_response, |
89 PolicyMapType* mandatory, | 98 PolicyMapType* mandatory, |
90 PolicyMapType* recommended, | 99 PolicyMapType* recommended, |
91 base::Time* timestamp); | 100 base::Time* timestamp); |
(...skipping 19 matching lines...) Expand all Loading... |
111 static Value* DecodeValue(const em::GenericValue& value); | 120 static Value* DecodeValue(const em::GenericValue& value); |
112 | 121 |
113 // Decodes a policy message and returns it in Value representation. Ownership | 122 // Decodes a policy message and returns it in Value representation. Ownership |
114 // of the returned dictionary is transferred to the caller. | 123 // of the returned dictionary is transferred to the caller. |
115 static DictionaryValue* DecodeDevicePolicy( | 124 static DictionaryValue* DecodeDevicePolicy( |
116 const em::DevicePolicyResponse& response); | 125 const em::DevicePolicyResponse& response); |
117 | 126 |
118 // The file in which we store a cached version of the policy information. | 127 // The file in which we store a cached version of the policy information. |
119 const FilePath backing_file_path_; | 128 const FilePath backing_file_path_; |
120 | 129 |
121 // Protects both |mandatory_policy_| and |recommended_policy_| as well as | |
122 // |device_policy_|. | |
123 base::Lock lock_; | |
124 | |
125 // Policy key-value information. | 130 // Policy key-value information. |
126 PolicyMapType mandatory_policy_; | 131 PolicyMapType mandatory_policy_; |
127 PolicyMapType recommended_policy_; | 132 PolicyMapType recommended_policy_; |
128 scoped_ptr<DictionaryValue> device_policy_; | 133 scoped_ptr<DictionaryValue> device_policy_; |
129 | 134 |
130 // Tracks whether the store received a SetPolicy() call, which overrides any | 135 // Whether initialization has been completed. This is the case when we have |
131 // information loaded from the file. | 136 // valid policy, learned that the device is unmanaged or ran into |
132 bool fresh_policy_; | 137 // unrecoverable errors. |
| 138 bool initialization_complete_; |
133 | 139 |
| 140 // Whether the the server has indicated this device is unmanaged. |
134 bool is_unmanaged_; | 141 bool is_unmanaged_; |
135 | 142 |
136 // Tracks whether the cache currently stores |device_policy_| that should be | 143 // Tracks whether the cache currently stores |device_policy_| that should be |
137 // given preference over |mandatory_policy_| and |recommended_policy_|. | 144 // given preference over |mandatory_policy_| and |recommended_policy_|. |
138 bool has_device_policy_; | 145 bool has_device_policy_; |
139 | 146 |
140 // The time at which the policy was last refreshed. | 147 // The time at which the policy was last refreshed. |
141 base::Time last_policy_refresh_time_; | 148 base::Time last_policy_refresh_time_; |
| 149 |
| 150 // Policy providers. |
| 151 scoped_ptr<ConfigurationPolicyProvider> managed_policy_provider_; |
| 152 scoped_ptr<ConfigurationPolicyProvider> recommended_policy_provider_; |
| 153 |
| 154 // Provider observers that are registered with this cache's providers. |
| 155 ObserverList<ConfigurationPolicyProvider::Observer, true> observer_list_; |
142 }; | 156 }; |
143 | 157 |
144 } // namespace policy | 158 } // namespace policy |
145 | 159 |
146 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 160 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
OLD | NEW |