Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ | 6 #define CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback_forward.h" | 10 #include "base/callback_forward.h" |
| 11 #include "base/compiler_specific.h" | 11 #include "base/compiler_specific.h" |
| 12 #include "base/macros.h" | 12 #include "base/macros.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/memory/weak_ptr.h" | 14 #include "base/memory/weak_ptr.h" |
| 15 #include "base/observer_list.h" | |
| 15 #include "base/strings/string16.h" | 16 #include "base/strings/string16.h" |
| 17 #include "chrome/browser/chromeos/settings/device_settings_service.h" | |
| 16 #include "chrome/browser/notifications/notification_delegate.h" | 18 #include "chrome/browser/notifications/notification_delegate.h" |
| 17 #include "chromeos/dbus/dbus_method_call_status.h" | 19 #include "chromeos/dbus/dbus_method_call_status.h" |
| 18 #include "content/public/browser/notification_observer.h" | 20 #include "content/public/browser/notification_observer.h" |
| 19 #include "content/public/browser/notification_registrar.h" | 21 #include "content/public/browser/notification_registrar.h" |
| 20 #include "google_apis/gaia/oauth2_token_service.h" | 22 #include "google_apis/gaia/oauth2_token_service.h" |
| 21 | 23 |
| 22 class PrefRegistrySimple; | 24 class PrefRegistrySimple; |
| 23 class Profile; | 25 class Profile; |
| 24 class ProfileOAuth2TokenService; | 26 class ProfileOAuth2TokenService; |
|
bartfab (slow)
2014/08/21 11:39:35
Nit: No longer used.
davidyu
2014/08/22 05:14:13
Done.
| |
| 25 | 27 |
| 26 namespace chromeos { | 28 namespace chromeos { |
| 27 class CryptohomeClient; | 29 class CryptohomeClient; |
| 28 } | 30 } |
| 29 | 31 |
| 30 namespace cryptohome { | 32 namespace cryptohome { |
| 31 class BaseReply; | 33 class BaseReply; |
| 32 } | 34 } |
| 33 | 35 |
| 34 namespace policy { | 36 namespace policy { |
| 35 | 37 |
| 36 class EnrollmentStatus; | 38 class EnrollmentStatus; |
| 37 | 39 |
| 38 // The consumer management service handles several things: | 40 // The consumer management service handles several things: |
| 39 // | 41 // |
| 40 // 1. The consumer enrollment state: The consumer enrollment state is an enum | 42 // 1. The consumer enrollment state: The consumer enrollment state is an enum |
| 41 // value stored in local state to pass the information across reboots and | 43 // value stored in local state to pass the information across reboots and |
| 42 // between components, including settings page, sign-in screen, and user | 44 // between components, including settings page, sign-in screen, and user |
| 43 // notification. | 45 // notification. |
| 44 // | 46 // |
| 45 // 2. Boot lockbox owner ID: Unlike the owner ID in CrosSettings, the owner ID | 47 // 2. Boot lockbox owner ID: Unlike the owner ID in CrosSettings, the owner ID |
| 46 // stored in the boot lockbox can only be modified after reboot and before | 48 // stored in the boot lockbox can only be modified after reboot and before |
| 47 // the first session starts. It is guaranteed that if the device is consumer | 49 // the first session starts. It is guaranteed that if the device is consumer |
| 48 // managed, the owner ID in the boot lockbox will be available, but not the | 50 // managed, the owner ID in the boot lockbox will be available, but not the |
| 49 // other way. | 51 // other way. |
| 50 // | 52 // |
| 51 // 3. Consumer management enrollment process: The service kicks off the last | 53 // 3. Consumer management enrollment process: The service kicks off the last |
| 52 // part of the consumer management enrollment process after the owner ID is | 54 // part of the consumer management enrollment process after the owner ID is |
| 53 // stored in the boot lockbox and the owner signs in. | 55 // stored in the boot lockbox and the owner signs in. |
| 54 class ConsumerManagementService : public content::NotificationObserver, | 56 class ConsumerManagementService |
| 55 public OAuth2TokenService::Consumer, | 57 : public chromeos::DeviceSettingsService::Observer, |
| 56 public OAuth2TokenService::Observer { | 58 public content::NotificationObserver, |
| 59 public OAuth2TokenService::Consumer, | |
| 60 public OAuth2TokenService::Observer { | |
| 57 public: | 61 public: |
| 58 enum ConsumerEnrollmentState { | 62 // Indicating if the device is enrolled, or if enrollment or unenrollment is |
|
bartfab (slow)
2014/08/21 11:39:35
Nit: Make this an actual sentence. As it stands, i
davidyu
2014/08/22 05:14:13
Done.
| |
| 59 ENROLLMENT_NONE = 0, // Not enrolled, or enrollment is completed. | 63 // in progress. If you want to add a value here, please also update |
| 60 ENROLLMENT_REQUESTED, // Enrollment is requested by the owner. | 64 // |kStatusString| in .cc file. |
| 61 ENROLLMENT_OWNER_STORED, // The owner ID is stored in the boot lockbox. | 65 enum Status { |
| 62 ENROLLMENT_SUCCESS, // Success. The notification is not sent yet. | 66 // The status is currently unavailable. |
| 67 STATUS_UNKNOWN = 0, | |
| 63 | 68 |
| 64 // Error states. | 69 STATUS_ENROLLED, |
| 65 ENROLLMENT_CANCELED, // Canceled by the user. | 70 STATUS_ENROLLING, |
| 66 ENROLLMENT_BOOT_LOCKBOX_FAILED, // Failed to write to the boot lockbox. | 71 STATUS_UNENROLLED, |
| 67 ENROLLMENT_GET_TOKEN_FAILED, // Failed to get the access token. | 72 STATUS_UNENROLLING, |
| 68 ENROLLMENT_DM_SERVER_FAILED, // Failed to register the device. | |
| 69 | 73 |
| 70 ENROLLMENT_LAST, // This should always be the last one. | 74 // This should always be the last one. |
| 75 STATUS_LAST, | |
| 76 }; | |
| 77 | |
| 78 // Indicating which stage the enrollment process is in. | |
| 79 enum EnrollmentStage { | |
| 80 // Not enrolled, or enrollment is completed. | |
| 81 ENROLLMENT_STAGE_NONE = 0, | |
| 82 // Enrollment is requested by the owner. | |
| 83 ENROLLMENT_STAGE_REQUESTED, | |
| 84 // The owner ID is stored in the boot lockbox. | |
| 85 ENROLLMENT_STAGE_OWNER_STORED, | |
| 86 // Success. The notification is not sent yet. | |
| 87 ENROLLMENT_STAGE_SUCCESS, | |
| 88 | |
| 89 // Error stages. | |
| 90 // Canceled by the user. | |
| 91 ENROLLMENT_STAGE_CANCELED, | |
| 92 // Failed to write to the boot lockbox. | |
| 93 ENROLLMENT_STAGE_BOOT_LOCKBOX_FAILED, | |
| 94 // Failed to get the access token. | |
| 95 ENROLLMENT_STAGE_GET_TOKEN_FAILED, | |
| 96 // Failed to register the device. | |
| 97 ENROLLMENT_STAGE_DM_SERVER_FAILED, | |
| 98 | |
| 99 // This should always be the last one. | |
| 100 ENROLLMENT_STAGE_LAST, | |
| 101 }; | |
| 102 | |
| 103 class Observer { | |
| 104 public: | |
| 105 // Called when the status changes. | |
| 106 virtual void OnConsumerManagementStatusChanged(Status status) = 0; | |
| 71 }; | 107 }; |
| 72 | 108 |
| 73 // GetOwner() invokes this with an argument set to the owner user ID, | 109 // GetOwner() invokes this with an argument set to the owner user ID, |
| 74 // or an empty string on failure. | 110 // or an empty string on failure. |
| 75 typedef base::Callback<void(const std::string&)> GetOwnerCallback; | 111 typedef base::Callback<void(const std::string&)> GetOwnerCallback; |
| 76 | 112 |
| 77 // SetOwner() invokes this with an argument indicating success or failure. | 113 // SetOwner() invokes this with an argument indicating success or failure. |
| 78 typedef base::Callback<void(bool)> SetOwnerCallback; | 114 typedef base::Callback<void(bool)> SetOwnerCallback; |
| 79 | 115 |
| 80 explicit ConsumerManagementService(chromeos::CryptohomeClient* client); | 116 ConsumerManagementService( |
| 117 chromeos::CryptohomeClient* client, | |
| 118 chromeos::DeviceSettingsService* device_settings_service); | |
| 81 | 119 |
| 82 virtual ~ConsumerManagementService(); | 120 virtual ~ConsumerManagementService(); |
| 83 | 121 |
| 84 // Registers prefs. | 122 // Registers prefs. |
| 85 static void RegisterPrefs(PrefRegistrySimple* registry); | 123 static void RegisterPrefs(PrefRegistrySimple* registry); |
| 86 | 124 |
| 87 // Returns the enrollment state. | 125 void AddObserver(Observer* observer); |
| 88 ConsumerEnrollmentState GetEnrollmentState() const; | 126 void RemoveObserver(Observer* observer); |
| 89 | 127 |
| 90 // Sets the enrollment state. | 128 // Returns the status. |
| 91 void SetEnrollmentState(ConsumerEnrollmentState state); | 129 Status GetStatus() const; |
| 130 | |
| 131 // Returns the string of the value. | |
| 132 static std::string GetStatusString(Status status); | |
| 133 | |
| 134 // Returns the enrollment stage. | |
| 135 EnrollmentStage GetEnrollmentStage() const; | |
| 136 | |
| 137 // Sets the enrollment stage. | |
| 138 void SetEnrollmentStage(EnrollmentStage stage); | |
| 92 | 139 |
| 93 // Returns the device owner stored in the boot lockbox via |callback|. | 140 // Returns the device owner stored in the boot lockbox via |callback|. |
| 94 void GetOwner(const GetOwnerCallback& callback); | 141 void GetOwner(const GetOwnerCallback& callback); |
| 95 | 142 |
| 96 // Stores the device owner user ID into the boot lockbox and signs it. | 143 // Stores the device owner user ID into the boot lockbox and signs it. |
| 97 // |callback| is invoked with an agument indicating success or failure. | 144 // |callback| is invoked with an agument indicating success or failure. |
| 98 void SetOwner(const std::string& user_id, const SetOwnerCallback& callback); | 145 void SetOwner(const std::string& user_id, const SetOwnerCallback& callback); |
| 99 | 146 |
| 147 // chromeos::DeviceSettingsService::Observer: | |
| 148 virtual void OwnershipStatusChanged() OVERRIDE; | |
| 149 virtual void DeviceSettingsUpdated() OVERRIDE; | |
| 150 | |
| 100 // content::NotificationObserver implmentation. | 151 // content::NotificationObserver implmentation. |
| 101 virtual void Observe(int type, | 152 virtual void Observe(int type, |
| 102 const content::NotificationSource& source, | 153 const content::NotificationSource& source, |
| 103 const content::NotificationDetails& details) OVERRIDE; | 154 const content::NotificationDetails& details) OVERRIDE; |
| 104 | 155 |
| 105 // OAuth2TokenService::Observer implementation. | 156 // OAuth2TokenService::Observer: |
| 106 virtual void OnRefreshTokenAvailable(const std::string& account_id) OVERRIDE; | 157 virtual void OnRefreshTokenAvailable(const std::string& account_id) OVERRIDE; |
| 107 | 158 |
| 108 // OAuth2TokenService::Consumer implementation. | 159 // OAuth2TokenService::Consumer: |
| 109 virtual void OnGetTokenSuccess( | 160 virtual void OnGetTokenSuccess( |
| 110 const OAuth2TokenService::Request* request, | 161 const OAuth2TokenService::Request* request, |
| 111 const std::string& access_token, | 162 const std::string& access_token, |
| 112 const base::Time& expiration_time) OVERRIDE; | 163 const base::Time& expiration_time) OVERRIDE; |
| 113 virtual void OnGetTokenFailure( | 164 virtual void OnGetTokenFailure( |
| 114 const OAuth2TokenService::Request* request, | 165 const OAuth2TokenService::Request* request, |
| 115 const GoogleServiceAuthError& error) OVERRIDE; | 166 const GoogleServiceAuthError& error) OVERRIDE; |
| 116 | 167 |
| 117 OAuth2TokenService::Request* GetTokenRequestForTesting() { | 168 OAuth2TokenService::Request* GetTokenRequestForTesting() { |
| 118 return token_request_.get(); | 169 return token_request_.get(); |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 173 void OnOwnerRefreshTokenAvailable(); | 224 void OnOwnerRefreshTokenAvailable(); |
| 174 | 225 |
| 175 // Called when the owner's access token for device management is available. | 226 // Called when the owner's access token for device management is available. |
| 176 void OnOwnerAccessTokenAvailable(const std::string& access_token); | 227 void OnOwnerAccessTokenAvailable(const std::string& access_token); |
| 177 | 228 |
| 178 // Called upon the completion of the enrollment process. | 229 // Called upon the completion of the enrollment process. |
| 179 void OnEnrollmentCompleted(EnrollmentStatus status); | 230 void OnEnrollmentCompleted(EnrollmentStatus status); |
| 180 | 231 |
| 181 // Ends the enrollment process and shows a desktop notification if the | 232 // Ends the enrollment process and shows a desktop notification if the |
| 182 // current user is the owner. | 233 // current user is the owner. |
| 183 void EndEnrollment(ConsumerEnrollmentState state); | 234 void EndEnrollment(EnrollmentStage stage); |
| 184 | 235 |
| 185 // Shows a desktop notification and resets the enrollment state. | 236 // Shows a desktop notification and resets the enrollment stage. |
| 186 void ShowDesktopNotificationAndResetState(ConsumerEnrollmentState state, | 237 void ShowDesktopNotificationAndResetStage( |
| 187 Profile* profile); | 238 EnrollmentStage stage, Profile* profile); |
|
bartfab (slow)
2014/08/21 11:39:35
Nit: One argument per line in declarations and def
davidyu
2014/08/22 05:14:13
Done.
| |
| 188 | 239 |
| 189 // Opens the settings page. | 240 // Opens the settings page. |
| 190 void OpenSettingsPage(Profile* profile) const; | 241 void OpenSettingsPage(Profile* profile) const; |
| 191 | 242 |
| 192 // Opens the enrollment confirmation dialog in the settings page. | 243 // Opens the enrollment confirmation dialog in the settings page. |
| 193 void TryEnrollmentAgain(Profile* profile) const; | 244 void TryEnrollmentAgain(Profile* profile) const; |
| 194 | 245 |
| 195 // Returns the sign-in authenticated account ID of the profile. | 246 // Returns the sign-in authenticated account ID of the profile. |
|
bartfab (slow)
2014/08/21 11:39:35
Nit 1: "sign-in authenticated account ID" is reall
davidyu
2014/08/22 05:14:13
Done.
| |
| 196 const std::string& GetAccountIdFromProfile(Profile* profile) const; | 247 const std::string& GetAccountIdFromProfile(Profile* profile) const; |
| 197 | 248 |
| 249 void NotifyStatusChanged(); | |
| 250 | |
| 198 chromeos::CryptohomeClient* client_; | 251 chromeos::CryptohomeClient* client_; |
| 252 chromeos::DeviceSettingsService* device_settings_service_; | |
| 199 | 253 |
| 200 Profile* enrolling_profile_; | 254 Profile* enrolling_profile_; |
| 201 scoped_ptr<OAuth2TokenService::Request> token_request_; | 255 scoped_ptr<OAuth2TokenService::Request> token_request_; |
| 202 content::NotificationRegistrar registrar_; | 256 content::NotificationRegistrar registrar_; |
| 257 ObserverList<Observer, true> observers_; | |
| 203 base::WeakPtrFactory<ConsumerManagementService> weak_ptr_factory_; | 258 base::WeakPtrFactory<ConsumerManagementService> weak_ptr_factory_; |
| 204 | 259 |
| 205 DISALLOW_COPY_AND_ASSIGN(ConsumerManagementService); | 260 DISALLOW_COPY_AND_ASSIGN(ConsumerManagementService); |
| 206 }; | 261 }; |
| 207 | 262 |
| 208 } // namespace policy | 263 } // namespace policy |
| 209 | 264 |
| 210 #endif // CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ | 265 #endif // CHROME_BROWSER_CHROMEOS_POLICY_CONSUMER_MANAGEMENT_SERVICE_H_ |
| OLD | NEW |