| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 class SequencedTaskRunner; | 23 class SequencedTaskRunner; |
| 24 } | 24 } |
| 25 | 25 |
| 26 namespace chromeos { | 26 namespace chromeos { |
| 27 class CryptohomeClient; | 27 class CryptohomeClient; |
| 28 class SessionManagerClient; | 28 class SessionManagerClient; |
| 29 } | 29 } |
| 30 | 30 |
| 31 namespace policy { | 31 namespace policy { |
| 32 | 32 |
| 33 class LegacyPolicyCacheLoader; | |
| 34 | |
| 35 // Implements a cloud policy store backed by the Chrome OS' session_manager, | 33 // Implements a cloud policy store backed by the Chrome OS' session_manager, |
| 36 // which takes care of persisting policy to disk and is accessed via DBus calls | 34 // which takes care of persisting policy to disk and is accessed via DBus calls |
| 37 // through SessionManagerClient. | 35 // through SessionManagerClient. |
| 38 // | |
| 39 // Additionally, this class drives legacy UserPolicyTokenCache and | |
| 40 // UserPolicyDiskCache instances, migrating policy from these to session_manager | |
| 41 // storage on the fly. | |
| 42 class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { | 36 class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { |
| 43 public: | 37 public: |
| 44 UserCloudPolicyStoreChromeOS( | 38 UserCloudPolicyStoreChromeOS( |
| 45 chromeos::CryptohomeClient* cryptohome_client, | 39 chromeos::CryptohomeClient* cryptohome_client, |
| 46 chromeos::SessionManagerClient* session_manager_client, | 40 chromeos::SessionManagerClient* session_manager_client, |
| 47 scoped_refptr<base::SequencedTaskRunner> background_task_runner, | 41 scoped_refptr<base::SequencedTaskRunner> background_task_runner, |
| 48 const AccountId& account_id, | 42 const AccountId& account_id, |
| 49 const base::FilePath& user_policy_key_dir, | 43 const base::FilePath& user_policy_key_dir); |
| 50 const base::FilePath& legacy_token_cache_file, | |
| 51 const base::FilePath& legacy_policy_cache_file); | |
| 52 ~UserCloudPolicyStoreChromeOS() override; | 44 ~UserCloudPolicyStoreChromeOS() override; |
| 53 | 45 |
| 54 // CloudPolicyStore: | 46 // CloudPolicyStore: |
| 55 void Store(const enterprise_management::PolicyFetchResponse& policy) override; | 47 void Store(const enterprise_management::PolicyFetchResponse& policy) override; |
| 56 void Load() override; | 48 void Load() override; |
| 57 | 49 |
| 58 // Loads the policy synchronously on the current thread. | 50 // Loads the policy synchronously on the current thread. |
| 59 void LoadImmediately(); | 51 void LoadImmediately(); |
| 60 | 52 |
| 61 private: | 53 private: |
| (...skipping 12 matching lines...) Expand all Loading... |
| 74 void OnPolicyRetrieved(const std::string& policy_blob); | 66 void OnPolicyRetrieved(const std::string& policy_blob); |
| 75 | 67 |
| 76 // Starts validation of the loaded |policy| before installing it. | 68 // Starts validation of the loaded |policy| before installing it. |
| 77 void ValidateRetrievedPolicy( | 69 void ValidateRetrievedPolicy( |
| 78 std::unique_ptr<enterprise_management::PolicyFetchResponse> policy); | 70 std::unique_ptr<enterprise_management::PolicyFetchResponse> policy); |
| 79 | 71 |
| 80 // Completion handler for policy validation on the Load() path. Installs the | 72 // Completion handler for policy validation on the Load() path. Installs the |
| 81 // policy and publishes it if validation succeeded. | 73 // policy and publishes it if validation succeeded. |
| 82 void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator); | 74 void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator); |
| 83 | 75 |
| 84 // Callback for loading legacy caches. | |
| 85 void OnLegacyLoadFinished( | |
| 86 const std::string& dm_token, | |
| 87 const std::string& device_id, | |
| 88 Status status, | |
| 89 std::unique_ptr<enterprise_management::PolicyFetchResponse>); | |
| 90 | |
| 91 // Completion callback for legacy policy validation. | |
| 92 void OnLegacyPolicyValidated(const std::string& dm_token, | |
| 93 const std::string& device_id, | |
| 94 UserCloudPolicyValidator* validator); | |
| 95 | |
| 96 // Installs legacy tokens. | |
| 97 void InstallLegacyTokens(const std::string& dm_token, | |
| 98 const std::string& device_id); | |
| 99 | |
| 100 // Removes the passed-in legacy cache directory. | |
| 101 static void RemoveLegacyCacheDir(const base::FilePath& dir); | |
| 102 | |
| 103 // Invokes |callback| after reloading |policy_key_|. | 76 // Invokes |callback| after reloading |policy_key_|. |
| 104 void ReloadPolicyKey(const base::Closure& callback); | 77 void ReloadPolicyKey(const base::Closure& callback); |
| 105 | 78 |
| 106 // Reads the contents of |path| into |key|. | 79 // Reads the contents of |path| into |key|. |
| 107 static void LoadPolicyKey(const base::FilePath& path, | 80 static void LoadPolicyKey(const base::FilePath& path, |
| 108 std::string* key); | 81 std::string* key); |
| 109 | 82 |
| 110 // Callback for the key reloading. | 83 // Callback for the key reloading. |
| 111 void OnPolicyKeyReloaded(std::string* key, | 84 void OnPolicyKeyReloaded(std::string* key, |
| 112 const base::Closure& callback); | 85 const base::Closure& callback); |
| 113 | 86 |
| 114 // Invokes |callback| after creating |policy_key_|, if it hasn't been created | 87 // Invokes |callback| after creating |policy_key_|, if it hasn't been created |
| 115 // yet; otherwise invokes |callback| immediately. | 88 // yet; otherwise invokes |callback| immediately. |
| 116 void EnsurePolicyKeyLoaded(const base::Closure& callback); | 89 void EnsurePolicyKeyLoaded(const base::Closure& callback); |
| 117 | 90 |
| 118 // Callback for getting the sanitized username from |cryptohome_client_|. | 91 // Callback for getting the sanitized username from |cryptohome_client_|. |
| 119 void OnGetSanitizedUsername(const base::Closure& callback, | 92 void OnGetSanitizedUsername(const base::Closure& callback, |
| 120 chromeos::DBusMethodCallStatus call_status, | 93 chromeos::DBusMethodCallStatus call_status, |
| 121 const std::string& sanitized_username); | 94 const std::string& sanitized_username); |
| 122 | 95 |
| 123 std::unique_ptr<UserCloudPolicyValidator> CreateValidatorForLoad( | 96 std::unique_ptr<UserCloudPolicyValidator> CreateValidatorForLoad( |
| 124 std::unique_ptr<enterprise_management::PolicyFetchResponse> policy); | 97 std::unique_ptr<enterprise_management::PolicyFetchResponse> policy); |
| 125 | 98 |
| 126 chromeos::CryptohomeClient* cryptohome_client_; | 99 chromeos::CryptohomeClient* cryptohome_client_; |
| 127 chromeos::SessionManagerClient* session_manager_client_; | 100 chromeos::SessionManagerClient* session_manager_client_; |
| 128 const AccountId account_id_; | 101 const AccountId account_id_; |
| 129 base::FilePath user_policy_key_dir_; | 102 base::FilePath user_policy_key_dir_; |
| 130 | 103 |
| 131 // TODO(mnissler): Remove all the legacy policy support members below after | |
| 132 // the number of pre-M20 clients drops back to zero. | |
| 133 base::FilePath legacy_cache_dir_; | |
| 134 std::unique_ptr<LegacyPolicyCacheLoader> legacy_loader_; | |
| 135 bool legacy_caches_loaded_; | |
| 136 | |
| 137 bool policy_key_loaded_; | 104 bool policy_key_loaded_; |
| 138 base::FilePath policy_key_path_; | 105 base::FilePath policy_key_path_; |
| 139 std::string policy_key_; | 106 std::string policy_key_; |
| 140 | 107 |
| 141 base::WeakPtrFactory<UserCloudPolicyStoreChromeOS> weak_factory_; | 108 base::WeakPtrFactory<UserCloudPolicyStoreChromeOS> weak_factory_; |
| 142 | 109 |
| 143 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOS); | 110 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOS); |
| 144 }; | 111 }; |
| 145 | 112 |
| 146 } // namespace policy | 113 } // namespace policy |
| 147 | 114 |
| 148 #endif // CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ | 115 #endif // CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2487703002:
Remove legacy policy cache support on chromeos (Closed)
