Implement cloud policy invalidations using the invalidation service framework.

chrome/browser/policy/cloud/cloud_policy_invalidator.h

Index: chrome/browser/policy/cloud/cloud_policy_invalidator.h
diff --git a/chrome/browser/policy/cloud/cloud_policy_invalidator.h b/chrome/browser/policy/cloud/cloud_policy_invalidator.h
new file mode 100644
index 0000000000000000000000000000000000000000..e47a200c514d97f6f1ab357d26ac0a800c81646b
--- /dev/null
+++ b/chrome/browser/policy/cloud/cloud_policy_invalidator.h
@@ -0,0 +1,161 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_POLICY_CLOUD_CLOUD_POLICY_INVALIDATOR_H_
+#define CHROME_BROWSER_POLICY_CLOUD_CLOUD_POLICY_INVALIDATOR_H_
+
+#include <string>

[Joao da Silva, 2013/07/23 20:44:47]

Not used

[Steve Condie, 2013/07/24 01:42:04]

Done.

+
+#include "base/basictypes.h"
+#include "base/callback.h"
+#include "base/files/file_path.h"

[Joao da Silva, 2013/07/23 20:44:47]

Not used

[Steve Condie, 2013/07/24 01:42:04]

Done.

+#include "base/memory/ref_counted.h"
+#include "base/memory/weak_ptr.h"
+#include "base/threading/thread_checker.h"
+#include "chrome/browser/policy/cloud/cloud_policy_store.h"
+#include "sync/notifier/invalidation_handler.h"
+
+namespace base {
+class SequencedTaskRunner;
+}
+
+namespace invalidation {
+class InvalidationService;
+}
+
+namespace policy {
+
+class CloudPolicyClient;
+class CloudPolicyStore;

[Joao da Silva, 2013/07/23 20:44:47]

cloud_policy_store.h already included

[Steve Condie, 2013/07/24 01:42:04]

Done.

+
+// Listens for and provides user policy invalidations.
+class CloudPolicyInvalidator : public syncer::InvalidationHandler,
+                                   public CloudPolicyStore::Observer {

[rlarocque, 2013/07/23 17:43:08]

nit: indentation.

[Steve Condie, 2013/07/24 01:42:04]

Done.

+ public:
+  // The number of minutes to delay a policy refresh after receiving an
+  // invalidation with no payload.
+  static const int kMissingPayloadDelay;
+
+  // The default, min and max values for max_fetch_delay_.
+  static const int kMaxFetchDelayDefault;
+  static const int kMaxFetchDelayMin;
+  static const int kMaxFetchDelayMax;
+
+  // |invalidation_service| is the invalidation service which generates the
+  // invalidations and must remain valid during the lifetime of this object.
+  // |client| is cloud policy client. It must remain valid during the lifetime
+  // of this object.
+  // |store| is cloud policy store. It must remain valid during the lifetime
+  // of this object.
+  // |task_runner| is used for scheduling delayed tasks. It must post tasks to
+  // the main policy thread.
+  // |invalidate| is called when a user policy invalidation is
+  // received and must remain callable during the lifetime of this object.
+  // This callback should schedule a policy refresh in the near future to
+  // fetch the updated policy.
+  CloudPolicyInvalidator(
+      invalidation::InvalidationService* invalidation_service,
+      CloudPolicyClient* client,
+      CloudPolicyStore* store,
+      const scoped_refptr<base::SequencedTaskRunner>& task_runner,
+      const base::Closure& invalidate);
+  ~CloudPolicyInvalidator();

[Joao da Silva, 2013/07/23 20:44:47]

virtual

[Steve Condie, 2013/07/24 01:42:04]

Done. Trybot caught this for me as well.

+
+  // Unregisters the policy object from the invalidation service. This method
+  // should only be called when policy is no longer applied; it should not be
+  // called for normal browser shutdown. This object should be destroyed
+  // immediately after calling this method.
+  void Unregister();
+
+  // syncer::InvalidationHandler:
+  virtual void OnInvalidatorStateChange(
+      syncer::InvalidatorState state) OVERRIDE;
+  virtual void OnIncomingInvalidation(
+      const syncer::ObjectIdInvalidationMap& invalidation_map) OVERRIDE;
+
+  // CloudPolicyStore::Observer:
+  virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE;
+  virtual void OnStoreError(CloudPolicyStore* store) OVERRIDE;
+
+ private:
+  // Handle an invalidation to the policy.
+  void HandleInvalidation(const syncer::Invalidation& invalidation);
+
+  // Update object registration with the invalidation service based on the
+  // given policy data.
+  void UpdateRegistration(const enterprise_management::PolicyData* policy);
+
+  // Update |max_fetch_delay_| based on the given policy map.
+  void UpdateMaxFetchDelay(const PolicyMap& policy_map);
+  void set_max_fetch_delay(int delay);
+
+  // Run the invalidate callback. is_missing_payload is set to true if the
+  // callback is being invoked in response to an invalidation with a missing
+  // payload.
+  void RunInvalidateCallback(bool is_missing_payload);
+
+  // Acknowledge the latest invalidation.
+  void AcknowledgeInvalidation();
+
+  // Get the kMetricPolicyRefresh histogram metric which should be incremented
+  // when a policy is stored.
+  int GetPolicyRefreshMetric();
+
+  // The invalidation service.
+  invalidation::InvalidationService* invalidation_service_;
+
+  // The cloud policy client.
+  CloudPolicyClient* client_;
+
+  // The cloud policy store.
+  CloudPolicyStore* store_;
+
+  // Schedules delayed tasks.
+  const scoped_refptr<base::SequencedTaskRunner> task_runner_;
+
+  // The callback called when a user policy invalidation is received.
+  base::Closure invalidate_;
+
+  // The timestamp of the PolicyData at which this object registered for policy
+  // invalidations. Set to zero if the object has not registered yet.
+  int64 registered_timestamp_;

[rlarocque, 2013/07/23 17:43:08]

Make this a base::Time?

[Steve Condie, 2013/07/24 01:42:04]

Since this variable is used to do an equality comparison to a proto buffer field
of type int64 and to check for zero/non-zero, and there are no time-specific
operations, I prefer leaving as int64.

+
+  // The object id representing the policy in the invalidation service.
+  invalidation::ObjectId object_id_;
+
+  // Whether the policy is current invalid. This is set to true when an
+  // invalidation is received and reset when the policy fetched due to the
+  // invalidation is stored.
+  bool invalid_;
+
+  // The version of the latest invalidation received. This is compared to
+  // the invalidation version of policy stored to determine when the
+  // invalidated policy is up-to-date.
+  int64 invalidation_version_;
+
+  // The number of invalidations with unknown version received. Since such
+  // invalidations do not provide a version number, this count is used to set
+  // invalidation_version_ when such invalidations occur.
+  int unknown_version_invalidation_count_;
+
+  // The acknowledgment handle for the current invalidation.
+  syncer::AckHandle ack_handle_;
+
+  // WeakPtrFactory used to create callbacks to this object.
+  base::WeakPtrFactory<CloudPolicyInvalidator> weak_factory_;
+
+  // The maximum random delay, in ms, between receiving an invalidation and
+  // fetching the new policy.
+  int max_fetch_delay_;
+
+  // A thread checker to make sure that callbacks are invoked on the correct
+  // thread.
+  base::ThreadChecker thread_checker_;

[Joao da Silva, 2013/07/23 20:44:47]

It's more common to inherit from NonThreadSafe and then assert
CalledOnValidThread()

[Steve Condie, 2013/07/24 01:42:04]

From thread_checker.h:
// The choice between having a
// ThreadChecker member and inheriting from base::NonThreadSafe should be based
// on whether:
//  - Derived classes need to know the thread they belong to, as opposed to
//    having that functionality fully encapsulated in the base class.
//  - Derived classes should be able to reassign the base class to another
//    thread, via DetachFromThread.
//
// If neither of these are true, then having a ThreadChecker member and calling
// CalledOnValidThread is the preferable solution.

Following this comment, it sounds like ThreadChecker member is preferable, but
of course I can change it if you'd like.

+
+  DISALLOW_COPY_AND_ASSIGN(CloudPolicyInvalidator);
+};
+
+}  // namespace policy
+
+#endif  // CHROME_BROWSER_POLICY_CLOUD_CLOUD_POLICY_INVALIDATOR_H_