OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ |
6 #define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ | 6 #define CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "chrome/browser/chromeos/cros/network_constants.h" | 10 #include "chrome/browser/chromeos/cros/network_constants.h" |
11 #include "chrome/browser/chromeos/cros/network_library.h" | 11 #include "chrome/browser/chromeos/cros/network_library.h" |
12 #include "chrome/browser/chromeos/cros/network_ui_data.h" | 12 #include "chrome/browser/chromeos/cros/network_ui_data.h" |
13 #include "chrome/browser/policy/policy_service.h" | 13 #include "chrome/browser/policy/policy_service.h" |
14 #include "chromeos/network/onc/onc_constants.h" | 14 #include "chromeos/network/onc/onc_constants.h" |
15 | 15 |
16 namespace base { | 16 namespace base { |
17 class Value; | 17 class Value; |
18 } | 18 } |
19 | 19 |
20 namespace net { | |
21 class CertTrustAnchorProvider; | |
22 } | |
23 | |
20 namespace policy { | 24 namespace policy { |
21 | 25 |
22 class PolicyMap; | 26 class PolicyMap; |
23 | 27 |
24 // Keeps track of the network configuration policy settings and Shill's | 28 // Keeps track of the network configuration policy settings and Shill's |
25 // profiles. Requests the NetworkLibrary to apply the ONC of the network | 29 // profiles. Requests the NetworkLibrary to apply the ONC of the network |
26 // policies every time one of the relevant policies or Shill's profiles changes | 30 // policies every time one of the relevant policies or Shill's profiles changes |
27 // or OnUserPolicyInitialized() is called. If the user policy is available, | 31 // or OnUserPolicyInitialized() is called. If the user policy is available, |
28 // always both the device and the user policy are applied. Otherwise only the | 32 // always both the device and the user policy are applied. Otherwise only the |
29 // device policy is applied. | 33 // device policy is applied. |
30 class NetworkConfigurationUpdater | 34 class NetworkConfigurationUpdater |
31 : public chromeos::NetworkLibrary::NetworkProfileObserver { | 35 : public chromeos::NetworkLibrary::NetworkProfileObserver { |
32 public: | 36 public: |
33 NetworkConfigurationUpdater(PolicyService* policy_service, | 37 NetworkConfigurationUpdater(PolicyService* policy_service, |
34 chromeos::NetworkLibrary* network_library); | 38 chromeos::NetworkLibrary* network_library); |
35 virtual ~NetworkConfigurationUpdater(); | 39 virtual ~NetworkConfigurationUpdater(); |
36 | 40 |
37 // NetworkProfileObserver overrides. | 41 // NetworkProfileObserver overrides. |
38 virtual void OnProfileListChanged() OVERRIDE; | 42 virtual void OnProfileListChanged() OVERRIDE; |
39 | 43 |
40 // Notifies this updater that the user policy is initialized. Before this | 44 // Notifies this updater that the user policy is initialized. Before this |
41 // function is called, the user policy is not applied. Afterwards, always both | 45 // function is called, the user policy is not applied. Afterwards, always both |
42 // device and user policy are applied as described in the class comment. This | 46 // device and user policy are applied as described in the class comment. This |
43 // function also triggers an immediate policy application of both device and | 47 // function also triggers an immediate policy application of both device and |
44 // user policy. | 48 // user policy. |
45 void OnUserPolicyInitialized(); | 49 void OnUserPolicyInitialized(); |
46 | 50 |
47 // Web trust isn't given to certificates imported from ONC by default. Setting | 51 // Web trust isn't given to certificates imported from ONC by default. Setting |
48 // |allow_web_trust| to true allows giving Web trust to the certificates that | 52 // |allow| to true allows giving Web trust to the certificates that |
49 // request it. | 53 // request it. |
50 void set_allow_web_trust(bool allow) { allow_web_trust_ = allow; } | 54 void set_allow_trusted_certificates_from_policy(bool allow) { |
55 allow_trusted_certificates_from_policy_ = allow; | |
56 } | |
57 | |
58 // Returns a CertTrustAnchorProvider that provides the list of server and | |
59 // CA certificates with the Web trust flag set that were retrieved from the | |
60 // last user ONC policy update. | |
61 // This getter must be used on UI, and the provider must be used on IO. It | |
Greg Spencer (Chromium)
2013/04/01 16:03:42
"on UI" --> "on the UI thread"
(same with IO)
Joao da Silva
2013/04/03 15:24:39
Done.
| |
62 // is only valid as long as the NetworkConfigurationUpdater is valid; the | |
63 // NetworkConfigurationUpdater outlives all the profiles, and deletes the | |
64 // provider on the IO thread. | |
65 net::CertTrustAnchorProvider* GetCertTrustAnchorProvider(); | |
51 | 66 |
52 private: | 67 private: |
53 // Callback that's called by |policy_service_| if the respective ONC policy | 68 // Callback that's called by |policy_service_| if the respective ONC policy |
54 // changed. | 69 // changed. |
55 void OnPolicyChanged(chromeos::onc::ONCSource onc_source, | 70 void OnPolicyChanged(chromeos::onc::ONCSource onc_source, |
56 const base::Value* previous, | 71 const base::Value* previous, |
57 const base::Value* current); | 72 const base::Value* current); |
58 | 73 |
59 // Retrieves the ONC policies from |policy_service_| and pushes the | 74 // Retrieves the ONC policies from |policy_service_| and pushes the |
60 // configurations to |network_library_|. Ensures that a device policy is | 75 // configurations to |network_library_|. Ensures that a device policy is |
61 // always overwritten by a user policy. | 76 // always overwritten by a user policy. |
62 void ApplyNetworkConfigurations(); | 77 void ApplyNetworkConfigurations(); |
63 | 78 |
64 // Push the policy stored at |policy_key| for |onc_source| to | 79 // Push the policy stored at |policy_key| for |onc_source| to |
65 // |network_library_|. | 80 // |network_library_|. |
66 void ApplyNetworkConfiguration(const std::string& policy_key, | 81 void ApplyNetworkConfiguration(const std::string& policy_key, |
67 chromeos::onc::ONCSource onc_source); | 82 chromeos::onc::ONCSource onc_source); |
68 | 83 |
69 // Wraps the policy service we read network configuration from. | 84 // Wraps the policy service we read network configuration from. |
70 PolicyChangeRegistrar policy_change_registrar_; | 85 PolicyChangeRegistrar policy_change_registrar_; |
71 | 86 |
72 // Network library to write network configuration to. | 87 // Network library to write network configuration to. |
73 chromeos::NetworkLibrary* network_library_; | 88 chromeos::NetworkLibrary* network_library_; |
74 | 89 |
75 // Whether the user policy is already available. | 90 // Whether the user policy is already available. |
76 bool user_policy_initialized_; | 91 bool user_policy_initialized_; |
77 | 92 |
78 // Whether Web trust is allowed or not. | 93 // Whether Web trust is allowed or not. |
79 bool allow_web_trust_; | 94 bool allow_trusted_certificates_from_policy_; |
80 | 95 |
81 // The policy service storing the ONC policies. | 96 // The policy service storing the ONC policies. |
82 PolicyService* policy_service_; | 97 PolicyService* policy_service_; |
83 | 98 |
99 // An implementation of CertTrustAnchorProvider. Owned by the updater, but | |
100 // lives on the IO thread. | |
101 net::CertTrustAnchorProvider* cert_trust_provider_; | |
102 | |
84 DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater); | 103 DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationUpdater); |
85 }; | 104 }; |
86 | 105 |
87 } // namespace policy | 106 } // namespace policy |
88 | 107 |
89 #endif // CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ | 108 #endif // CHROME_BROWSER_CHROMEOS_POLICY_NETWORK_CONFIGURATION_UPDATER_H_ |
OLD | NEW |