| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_POLICY_DEVICE_MANAGEMENT_POLICY_PROVIDER_H_ | |
| 6 #define CHROME_BROWSER_POLICY_DEVICE_MANAGEMENT_POLICY_PROVIDER_H_ | |
| 7 #pragma once | |
| 8 | |
| 9 #include <string> | |
| 10 | |
| 11 #include "base/file_path.h" | |
| 12 #include "base/observer_list.h" | |
| 13 #include "base/scoped_ptr.h" | |
| 14 #include "base/time.h" | |
| 15 #include "chrome/browser/policy/configuration_policy_provider.h" | |
| 16 #include "chrome/browser/policy/device_management_backend.h" | |
| 17 #include "chrome/browser/policy/device_token_fetcher.h" | |
| 18 | |
| 19 class Profile; | |
| 20 class TokenService; | |
| 21 | |
| 22 namespace policy { | |
| 23 | |
| 24 class CloudPolicyCache; | |
| 25 class DeviceManagementBackend; | |
| 26 | |
| 27 // Provides policy fetched from the device management server. With the exception | |
| 28 // of the Provide method, which can be called on the FILE thread, all public | |
| 29 // methods must be called on the UI thread. | |
| 30 class DeviceManagementPolicyProvider | |
| 31 : public ConfigurationPolicyProvider, | |
| 32 public DeviceManagementBackend::DevicePolicyResponseDelegate, | |
| 33 public DeviceTokenFetcher::Observer { | |
| 34 public: | |
| 35 DeviceManagementPolicyProvider(const PolicyDefinitionList* policy_list, | |
| 36 DeviceManagementBackend* backend, | |
| 37 Profile* profile); | |
| 38 | |
| 39 virtual ~DeviceManagementPolicyProvider(); | |
| 40 | |
| 41 // ConfigurationPolicyProvider implementation: | |
| 42 virtual bool Provide(ConfigurationPolicyStoreInterface* store); | |
| 43 virtual bool IsInitializationComplete() const; | |
| 44 | |
| 45 // DevicePolicyResponseDelegate implementation: | |
| 46 virtual void HandlePolicyResponse( | |
| 47 const em::DevicePolicyResponse& response); // deprecated. | |
| 48 virtual void HandleCloudPolicyResponse( | |
| 49 const em::CloudPolicyResponse& response); | |
| 50 virtual void OnError(DeviceManagementBackend::ErrorCode code); | |
| 51 | |
| 52 // DeviceTokenFetcher::Observer implementation: | |
| 53 virtual void OnTokenSuccess(); | |
| 54 virtual void OnTokenError(); | |
| 55 virtual void OnNotManaged(); | |
| 56 | |
| 57 // Sets the refresh rate at which to re-fetch policy information. | |
| 58 void SetRefreshRate(int64 refresh_rate_milliseconds); | |
| 59 | |
| 60 private: | |
| 61 // Indicates the current state the provider is in. | |
| 62 enum ProviderState { | |
| 63 // The provider is initializing, policy information not yet available. | |
| 64 STATE_INITIALIZING, | |
| 65 // This device is not managed through policy. | |
| 66 STATE_UNMANAGED, | |
| 67 // The token is valid, but policy is yet to be fetched. | |
| 68 STATE_TOKEN_VALID, | |
| 69 // Policy information is available and valid. | |
| 70 STATE_POLICY_VALID, | |
| 71 // The token was found to be invalid and needs to be obtained again. | |
| 72 STATE_TOKEN_RESET, | |
| 73 // There has been an error fetching the token, retry later. | |
| 74 STATE_TOKEN_ERROR, | |
| 75 // The service returned an error when requesting policy, ask again later. | |
| 76 STATE_POLICY_ERROR, | |
| 77 }; | |
| 78 | |
| 79 class RefreshTask; | |
| 80 | |
| 81 friend class DeviceManagementPolicyProviderTest; | |
| 82 | |
| 83 // More configurable constructor for use by test cases. | |
| 84 DeviceManagementPolicyProvider(const PolicyDefinitionList* policy_list, | |
| 85 DeviceManagementBackend* backend, | |
| 86 Profile* profile, | |
| 87 int64 policy_refresh_rate_ms, | |
| 88 int policy_refresh_deviation_factor_percent, | |
| 89 int64 policy_refresh_deviation_max_ms, | |
| 90 int64 policy_refresh_error_delay_ms, | |
| 91 int64 token_fetch_error_delay_ms, | |
| 92 int64 unmanaged_device_refresh_rate_ms); | |
| 93 | |
| 94 // Called by constructors to perform shared initialization. Initialization | |
| 95 // requiring the IOThread must not be performed directly in this method, | |
| 96 // rather must be deferred until the IOThread is fully initialized. This is | |
| 97 // the case in InitializeAfterIOThreadExists. | |
| 98 void Initialize(DeviceManagementBackend* backend, | |
| 99 Profile* profile, | |
| 100 int64 policy_refresh_rate_ms, | |
| 101 int policy_refresh_deviation_factor_percent, | |
| 102 int64 policy_refresh_deviation_max_ms, | |
| 103 int64 policy_refresh_error_delay_ms, | |
| 104 int64 token_fetch_error_delay_ms, | |
| 105 int64 unmanaged_device_refresh_rate_ms); | |
| 106 | |
| 107 // ConfigurationPolicyProvider overrides: | |
| 108 virtual void AddObserver(ConfigurationPolicyProvider::Observer* observer); | |
| 109 virtual void RemoveObserver(ConfigurationPolicyProvider::Observer* observer); | |
| 110 | |
| 111 // Sends a request to the device manager backend to fetch policy if one isn't | |
| 112 // already outstanding. | |
| 113 void SendPolicyRequest(); | |
| 114 | |
| 115 // Triggers policy refresh, re-requesting device token and policy information | |
| 116 // as necessary. | |
| 117 void RefreshTaskExecute(); | |
| 118 | |
| 119 // Cancels the refresh task. | |
| 120 void CancelRefreshTask(); | |
| 121 | |
| 122 // Notify observers about a policy update. | |
| 123 void NotifyCloudPolicyUpdate(); | |
| 124 | |
| 125 // The path of the device token file. | |
| 126 FilePath GetTokenPath(); | |
| 127 | |
| 128 // Used only by tests. | |
| 129 void SetDeviceTokenFetcher(DeviceTokenFetcher* token_fetcher); | |
| 130 | |
| 131 // Switches to a new state and triggers any appropriate actions. | |
| 132 void SetState(ProviderState new_state); | |
| 133 | |
| 134 // Check whether the current state is one in which the token is available. | |
| 135 bool TokenAvailable() const; | |
| 136 | |
| 137 // Computes the refresh delay to use. | |
| 138 int64 GetRefreshDelay(); | |
| 139 | |
| 140 // Provides the URL at which requests are sent to from the device management | |
| 141 // backend. | |
| 142 static std::string GetDeviceManagementURL(); | |
| 143 | |
| 144 // Returns the path to the sub-directory in the user data directory | |
| 145 // in which device management persistent state is stored. | |
| 146 static FilePath GetOrCreateDeviceManagementDir( | |
| 147 const FilePath& user_data_dir); | |
| 148 | |
| 149 scoped_ptr<DeviceManagementBackend> backend_; | |
| 150 Profile* profile_; // weak | |
| 151 scoped_ptr<CloudPolicyCache> cache_; | |
| 152 bool fallback_to_old_protocol_; | |
| 153 scoped_refptr<DeviceTokenFetcher> token_fetcher_; | |
| 154 DeviceTokenFetcher::ObserverRegistrar registrar_; | |
| 155 ObserverList<ConfigurationPolicyProvider::Observer, true> observer_list_; | |
| 156 FilePath storage_dir_; | |
| 157 ProviderState state_; | |
| 158 bool initial_fetch_done_; | |
| 159 RefreshTask* refresh_task_; | |
| 160 int64 policy_refresh_rate_ms_; | |
| 161 int policy_refresh_deviation_factor_percent_; | |
| 162 int64 policy_refresh_deviation_max_ms_; | |
| 163 int64 policy_refresh_error_delay_ms_; | |
| 164 int64 effective_policy_refresh_error_delay_ms_; | |
| 165 int64 token_fetch_error_delay_ms_; | |
| 166 int64 effective_token_fetch_error_delay_ms_; | |
| 167 int64 unmanaged_device_refresh_rate_ms_; | |
| 168 | |
| 169 DISALLOW_COPY_AND_ASSIGN(DeviceManagementPolicyProvider); | |
| 170 }; | |
| 171 | |
| 172 } // namespace policy | |
| 173 | |
| 174 #endif // CHROME_BROWSER_POLICY_DEVICE_MANAGEMENT_POLICY_PROVIDER_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6520008:
Device policy infrastructure (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src