Chromium Code Reviews Chromium Code Reviews
Issue 6537020:
Update policy backend and testserver for the newest policy protocol (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 5 #ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
| 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 6 #define CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 45 }; | 45 }; |
| 46 | 46 |
| 47 explicit CloudPolicyCache(const FilePath& backing_file_path); | 47 explicit CloudPolicyCache(const FilePath& backing_file_path); |
| 48 ~CloudPolicyCache(); | 48 ~CloudPolicyCache(); |
| 49 | 49 |
| 50 // Loads policy information from the backing file. Non-existing or erroneous | 50 // Loads policy information from the backing file. Non-existing or erroneous |
| 51 // cache files are ignored. | 51 // cache files are ignored. |
| 52 void LoadFromFile(); | 52 void LoadFromFile(); |
| 53 | 53 |
| 54 // Resets the policy information. | 54 // Resets the policy information. |
| 55 void SetPolicy(const em::CloudPolicyResponse& policy); | 55 void SetPolicy(const em::PolicyFetchResponse& policy); |
| 56 void SetDevicePolicy(const em::DevicePolicyResponse& policy); | 56 void SetDevicePolicy(const em::DevicePolicyResponse& policy); |
| 57 | 57 |
| 58 ConfigurationPolicyProvider* GetManagedPolicyProvider(); | 58 ConfigurationPolicyProvider* GetManagedPolicyProvider(); |
| 59 ConfigurationPolicyProvider* GetRecommendedPolicyProvider(); | 59 ConfigurationPolicyProvider* GetRecommendedPolicyProvider(); |
| 60 | 60 |
| 61 void SetUnmanaged(); | 61 void SetUnmanaged(); |
| 62 bool is_unmanaged() const { | 62 bool is_unmanaged() const { |
| 63 return is_unmanaged_; | 63 return is_unmanaged_; |
| 64 } | 64 } |
| 65 | 65 |
| 66 // Returns the time at which the policy was last fetched. | 66 // Returns the time at which the policy was last fetched. |
| 67 base::Time last_policy_refresh_time() const { | 67 base::Time last_policy_refresh_time() const { |
| 68 return last_policy_refresh_time_; | 68 return last_policy_refresh_time_; |
| 69 } | 69 } |
| 70 | 70 |
| 71 int64 last_policy_server_timestamp() { | |
| 72 return last_policy_server_timestamp_; | |
| 73 } | |
| 74 | |
| 71 // Returns true if this cache holds (old-style) device policy that should be | 75 // Returns true if this cache holds (old-style) device policy that should be |
| 72 // given preference over (new-style) mandatory/recommended policy. | 76 // given preference over (new-style) mandatory/recommended policy. |
| 73 bool has_device_policy() const { | 77 bool has_device_policy() const { |
| 74 return has_device_policy_; | 78 return has_device_policy_; |
| 75 } | 79 } |
| 76 | 80 |
| 77 private: | 81 private: |
| 78 class CloudPolicyProvider; | 82 class CloudPolicyProvider; |
| 79 | 83 |
| 80 friend class CloudPolicyCacheTest; | 84 friend class CloudPolicyCacheTest; |
| 81 friend class DeviceManagementPolicyCacheTest; | 85 friend class DeviceManagementPolicyCacheTest; |
| 82 friend class DeviceManagementPolicyCacheDecodeTest; | 86 friend class DeviceManagementPolicyCacheDecodeTest; |
| 83 | 87 |
| 84 // Decodes a CloudPolicyResponse into two (ConfigurationPolicyType -> Value*) | 88 // Decodes a CloudPolicyResponse into two (ConfigurationPolicyType -> Value*) |
| 85 // maps and a timestamp. Also performs verification, returns NULL if any | 89 // maps and a timestamp. Also performs verification, returns NULL if any |
| 86 // check fails. | 90 // check fails. |
| 87 static bool DecodePolicyResponse( | 91 static bool DecodePolicyResponse( |
| 88 const em::CloudPolicyResponse& policy_response, | 92 const em::PolicyFetchResponse& policy_response, |
| 89 PolicyMap* mandatory, | 93 PolicyMap* mandatory, |
| 90 PolicyMap* recommended, | 94 PolicyMap* recommended, |
| 91 base::Time* timestamp); | 95 base::Time* timestamp, |
| 96 int64* raw_timestamp); | |
| 92 | 97 |
| 93 // Returns true if |certificate_chain| is trusted and a |signature| created | 98 // Returns true if |certificate_chain| is trusted and a |signature| created |
| 94 // from it matches |data|. | 99 // from it matches |data|. |
| 95 static bool VerifySignature( | 100 static bool VerifySignature( |
| 96 const std::string& signature, | 101 const std::string& signature, |
| 97 const std::string& data, | 102 const std::string& data, |
| 98 const RepeatedPtrField<std::string>& certificate_chain); | 103 const RepeatedPtrField<std::string>& certificate_chain); |
| 99 | 104 |
| 100 // Decodes an int64 value. Checks whether the passed value fits the numeric | 105 // Decodes an int64 value. Checks whether the passed value fits the numeric |
| 101 // limits of the value representation. Returns a value (ownership is | 106 // limits of the value representation. Returns a value (ownership is |
| (...skipping 25 matching lines...) Expand all Loading... | |
| 127 // Whether the the server has indicated this device is unmanaged. | 132 // Whether the the server has indicated this device is unmanaged. |
| 128 bool is_unmanaged_; | 133 bool is_unmanaged_; |
| 129 | 134 |
| 130 // Tracks whether the cache currently stores |device_policy_| that should be | 135 // Tracks whether the cache currently stores |device_policy_| that should be |
| 131 // given preference over |mandatory_policy_| and |recommended_policy_|. | 136 // given preference over |mandatory_policy_| and |recommended_policy_|. |
| 132 bool has_device_policy_; | 137 bool has_device_policy_; |
| 133 | 138 |
| 134 // The time at which the policy was last refreshed. | 139 // The time at which the policy was last refreshed. |
| 135 base::Time last_policy_refresh_time_; | 140 base::Time last_policy_refresh_time_; |
| 136 | 141 |
| 142 // The last timestamp received from the server with policy. | |
| 143 int64 last_policy_server_timestamp_; | |
|
Jakob Kummerow
2011/02/28 11:06:31
Why do we need this as a separate field? As discus
gfeher
2011/02/28 12:21:32
Another reason for using this was that SetUnmanage
| |
| 144 | |
| 137 // Policy providers. | 145 // Policy providers. |
| 138 scoped_ptr<ConfigurationPolicyProvider> managed_policy_provider_; | 146 scoped_ptr<ConfigurationPolicyProvider> managed_policy_provider_; |
| 139 scoped_ptr<ConfigurationPolicyProvider> recommended_policy_provider_; | 147 scoped_ptr<ConfigurationPolicyProvider> recommended_policy_provider_; |
| 140 | 148 |
| 141 // Provider observers that are registered with this cache's providers. | 149 // Provider observers that are registered with this cache's providers. |
| 142 ObserverList<ConfigurationPolicyProvider::Observer, true> observer_list_; | 150 ObserverList<ConfigurationPolicyProvider::Observer, true> observer_list_; |
| 143 | 151 |
| 144 DISALLOW_COPY_AND_ASSIGN(CloudPolicyCache); | 152 DISALLOW_COPY_AND_ASSIGN(CloudPolicyCache); |
| 145 }; | 153 }; |
| 146 | 154 |
| 147 } // namespace policy | 155 } // namespace policy |
| 148 | 156 |
| 149 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ | 157 #endif // CHROME_BROWSER_POLICY_CLOUD_POLICY_CACHE_H_ |
| OLD | NEW |
