OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ |
6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ |
7 | 7 |
| 8 #include <memory> |
8 #include <string> | 9 #include <string> |
9 #include <vector> | 10 #include <vector> |
10 | 11 |
11 #include "base/callback_forward.h" | 12 #include "base/callback_forward.h" |
12 #include "base/macros.h" | 13 #include "base/macros.h" |
13 #include "base/memory/scoped_ptr.h" | |
14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
15 | 15 |
16 class PrefService; | 16 class PrefService; |
17 | 17 |
18 namespace base { | 18 namespace base { |
19 class DictionaryValue; | 19 class DictionaryValue; |
20 class Value; | 20 class Value; |
21 } | 21 } |
22 | 22 |
23 namespace extensions { | 23 namespace extensions { |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
75 public: | 75 public: |
76 // Allows querying and modifying permissions and registering keys for a | 76 // Allows querying and modifying permissions and registering keys for a |
77 // specific extension. | 77 // specific extension. |
78 class PermissionsForExtension { | 78 class PermissionsForExtension { |
79 public: | 79 public: |
80 // |key_permissions| must not be null and outlive this object. | 80 // |key_permissions| must not be null and outlive this object. |
81 // Methods of this object refer implicitly to the extension with the id | 81 // Methods of this object refer implicitly to the extension with the id |
82 // |extension_id|. Don't use this constructor directly. Call | 82 // |extension_id|. Don't use this constructor directly. Call |
83 // |KeyPermissions::GetPermissionsForExtension| instead. | 83 // |KeyPermissions::GetPermissionsForExtension| instead. |
84 PermissionsForExtension(const std::string& extension_id, | 84 PermissionsForExtension(const std::string& extension_id, |
85 scoped_ptr<base::Value> state_store_value, | 85 std::unique_ptr<base::Value> state_store_value, |
86 PrefService* profile_prefs, | 86 PrefService* profile_prefs, |
87 policy::PolicyService* profile_policies, | 87 policy::PolicyService* profile_policies, |
88 KeyPermissions* key_permissions); | 88 KeyPermissions* key_permissions); |
89 | 89 |
90 ~PermissionsForExtension(); | 90 ~PermissionsForExtension(); |
91 | 91 |
92 // Returns true if the private key matching |public_key_spki_der| can be | 92 // Returns true if the private key matching |public_key_spki_der| can be |
93 // used for signing by the extension with id |extension_id|. | 93 // used for signing by the extension with id |extension_id|. |
94 // |public_key_spki_der| must be the DER of a Subject Public Key Info. | 94 // |public_key_spki_der| must be the DER of a Subject Public Key Info. |
95 bool CanUseKeyForSigning(const std::string& public_key_spki_der); | 95 bool CanUseKeyForSigning(const std::string& public_key_spki_der); |
(...skipping 23 matching lines...) Expand all Loading... |
119 // Writes the current |state_store_entries_| to the state store of | 119 // Writes the current |state_store_entries_| to the state store of |
120 // |extension_id_|. | 120 // |extension_id_|. |
121 void WriteToStateStore(); | 121 void WriteToStateStore(); |
122 | 122 |
123 // Reads a KeyEntry list from |state| and stores them in | 123 // Reads a KeyEntry list from |state| and stores them in |
124 // |state_store_entries_|. | 124 // |state_store_entries_|. |
125 void KeyEntriesFromState(const base::Value& state); | 125 void KeyEntriesFromState(const base::Value& state); |
126 | 126 |
127 // Converts |state_store_entries_| to a base::Value for storing in the state | 127 // Converts |state_store_entries_| to a base::Value for storing in the state |
128 // store. | 128 // store. |
129 scoped_ptr<base::Value> KeyEntriesToState(); | 129 std::unique_ptr<base::Value> KeyEntriesToState(); |
130 | 130 |
131 // Returns an existing entry for |public_key_spki_der_b64| from | 131 // Returns an existing entry for |public_key_spki_der_b64| from |
132 // |state_store_entries_|. If there is no existing entry, creates, adds and | 132 // |state_store_entries_|. If there is no existing entry, creates, adds and |
133 // returns a new entry. | 133 // returns a new entry. |
134 // |public_key_spki_der| must be the base64 encoding of the DER of a Subject | 134 // |public_key_spki_der| must be the base64 encoding of the DER of a Subject |
135 // Public Key Info. | 135 // Public Key Info. |
136 KeyPermissions::PermissionsForExtension::KeyEntry* GetStateStoreEntry( | 136 KeyPermissions::PermissionsForExtension::KeyEntry* GetStateStoreEntry( |
137 const std::string& public_key_spki_der_b64); | 137 const std::string& public_key_spki_der_b64); |
138 | 138 |
139 bool PolicyAllowsCorporateKeyUsage() const; | 139 bool PolicyAllowsCorporateKeyUsage() const; |
(...skipping 14 matching lines...) Expand all Loading... |
154 // |profile_is_managed| determines the default usage and permissions for | 154 // |profile_is_managed| determines the default usage and permissions for |
155 // keys without explicitly assigned usage. | 155 // keys without explicitly assigned usage. |
156 KeyPermissions(bool profile_is_managed, | 156 KeyPermissions(bool profile_is_managed, |
157 PrefService* profile_prefs, | 157 PrefService* profile_prefs, |
158 policy::PolicyService* profile_policies, | 158 policy::PolicyService* profile_policies, |
159 extensions::StateStore* extensions_state_store); | 159 extensions::StateStore* extensions_state_store); |
160 | 160 |
161 ~KeyPermissions(); | 161 ~KeyPermissions(); |
162 | 162 |
163 using PermissionsCallback = | 163 using PermissionsCallback = |
164 base::Callback<void(scoped_ptr<PermissionsForExtension>)>; | 164 base::Callback<void(std::unique_ptr<PermissionsForExtension>)>; |
165 | 165 |
166 // Passes an object managing the key permissions of the extension with id | 166 // Passes an object managing the key permissions of the extension with id |
167 // |extension_id| to |callback|. This can happen synchronously or | 167 // |extension_id| to |callback|. This can happen synchronously or |
168 // asynchronously. | 168 // asynchronously. |
169 void GetPermissionsForExtension(const std::string& extension_id, | 169 void GetPermissionsForExtension(const std::string& extension_id, |
170 const PermissionsCallback& callback); | 170 const PermissionsCallback& callback); |
171 | 171 |
172 // Returns true if the user can grant any permission for |public_key_spki_der| | 172 // Returns true if the user can grant any permission for |public_key_spki_der| |
173 // to extensions. |public_key_spki_der| must be the DER of a Subject Public | 173 // to extensions. |public_key_spki_der| must be the DER of a Subject Public |
174 // Key Info. | 174 // Key Info. |
175 bool CanUserGrantPermissionFor(const std::string& public_key_spki_der) const; | 175 bool CanUserGrantPermissionFor(const std::string& public_key_spki_der) const; |
176 | 176 |
177 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); | 177 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); |
178 | 178 |
179 private: | 179 private: |
180 bool IsCorporateKey(const std::string& public_key_spki_der_b64) const; | 180 bool IsCorporateKey(const std::string& public_key_spki_der_b64) const; |
181 | 181 |
182 // Creates a PermissionsForExtension object from |extension_id| and |value| | 182 // Creates a PermissionsForExtension object from |extension_id| and |value| |
183 // and passes the object to |callback|. | 183 // and passes the object to |callback|. |
184 void CreatePermissionObjectAndPassToCallback( | 184 void CreatePermissionObjectAndPassToCallback( |
185 const std::string& extension_id, | 185 const std::string& extension_id, |
186 const PermissionsCallback& callback, | 186 const PermissionsCallback& callback, |
187 scoped_ptr<base::Value> value); | 187 std::unique_ptr<base::Value> value); |
188 | 188 |
189 // Writes |value| to the state store of the extension with id |extension_id|. | 189 // Writes |value| to the state store of the extension with id |extension_id|. |
190 void SetPlatformKeysOfExtension(const std::string& extension_id, | 190 void SetPlatformKeysOfExtension(const std::string& extension_id, |
191 scoped_ptr<base::Value> value); | 191 std::unique_ptr<base::Value> value); |
192 | 192 |
193 const base::DictionaryValue* GetPrefsEntry( | 193 const base::DictionaryValue* GetPrefsEntry( |
194 const std::string& public_key_spki_der_b64) const; | 194 const std::string& public_key_spki_der_b64) const; |
195 | 195 |
196 const bool profile_is_managed_; | 196 const bool profile_is_managed_; |
197 PrefService* const profile_prefs_; | 197 PrefService* const profile_prefs_; |
198 policy::PolicyService* const profile_policies_; | 198 policy::PolicyService* const profile_policies_; |
199 extensions::StateStore* const extensions_state_store_; | 199 extensions::StateStore* const extensions_state_store_; |
200 base::WeakPtrFactory<KeyPermissions> weak_factory_; | 200 base::WeakPtrFactory<KeyPermissions> weak_factory_; |
201 | 201 |
202 DISALLOW_COPY_AND_ASSIGN(KeyPermissions); | 202 DISALLOW_COPY_AND_ASSIGN(KeyPermissions); |
203 }; | 203 }; |
204 | 204 |
205 } // namespace chromeos | 205 } // namespace chromeos |
206 | 206 |
207 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ | 207 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_KEY_PERMISSIONS_H_ |
OLD | NEW |