| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ | 5 #ifndef REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ |
| 6 #define REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ | 6 #define REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ |
| 7 | 7 |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/memory/weak_ptr.h" | 9 #include "base/memory/weak_ptr.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| 11 #include "components/policy/core/common/policy_service.h" | |
| 12 | 11 |
| 13 namespace base { | 12 namespace base { |
| 14 class SingleThreadTaskRunner; | 13 class SingleThreadTaskRunner; |
| 15 class TimeDelta; | 14 class TimeDelta; |
| 16 class WaitableEvent; | 15 class WaitableEvent; |
| 17 } // namespace base | 16 } // namespace base |
| 18 | 17 |
| 18 namespace policy { |
| 19 class PolicyService; |
| 20 } // namespace policy |
| 21 |
| 19 namespace remoting { | 22 namespace remoting { |
| 20 namespace policy_hack { | 23 namespace policy_hack { |
| 21 | 24 |
| 22 // Watches for changes to the managed remote access host policies. | 25 // Watches for changes to the managed remote access host policies. |
| 23 // If StartWatching() has been called, then before this object can be deleted, | 26 // If StartWatching() has been called, then before this object can be deleted, |
| 24 // StopWatching() have completed (the provided |done| event must be signaled). | 27 // StopWatching() have completed (the provided |done| event must be signaled). |
| 25 class PolicyWatcher { | 28 class PolicyWatcher { |
| 26 public: | 29 public: |
| 27 // Called first with all policies, and subsequently with any changed policies. | 30 // Called first with all policies, and subsequently with any changed policies. |
| 28 typedef base::Callback<void(scoped_ptr<base::DictionaryValue>)> | 31 typedef base::Callback<void(scoped_ptr<base::DictionaryValue>)> |
| 29 PolicyUpdatedCallback; | 32 PolicyUpdatedCallback; |
| 30 | 33 |
| 34 // TODO(lukasza): PolicyErrorCallback never gets called by |
| 35 // PolicyServiceWatcher. Need to either 1) remove error-handling from |
| 36 // PolicyWatcher or 2) add error-handling around PolicyService |
| 37 // 2a) Add policy name/type validation via policy::Schema::Normalize. |
| 38 // 2b) Consider exposing parsing errors from policy::ConfigDirPolicyLoader. |
| 39 |
| 31 // Called after detecting malformed policies. | 40 // Called after detecting malformed policies. |
| 32 typedef base::Callback<void()> PolicyErrorCallback; | 41 typedef base::Callback<void()> PolicyErrorCallback; |
| 33 | 42 |
| 43 // Derived classes specify which |task_runner| should be used for calling |
| 44 // their StartWatchingInternal and StopWatchingInternal methods. |
| 45 // Derived classes promise back to call UpdatePolicies and other instance |
| 46 // methods on the same |task_runner|. |
| 34 explicit PolicyWatcher( | 47 explicit PolicyWatcher( |
| 35 scoped_refptr<base::SingleThreadTaskRunner> task_runner); | 48 const scoped_refptr<base::SingleThreadTaskRunner>& task_runner); |
| 49 |
| 36 virtual ~PolicyWatcher(); | 50 virtual ~PolicyWatcher(); |
| 37 | 51 |
| 38 // This guarantees that the |policy_updated_callback| is called at least once | 52 // This guarantees that the |policy_updated_callback| is called at least once |
| 39 // with the current policies. After that, |policy_updated_callback| will be | 53 // with the current policies. After that, |policy_updated_callback| will be |
| 40 // called whenever a change to any policy is detected. It will then be called | 54 // called whenever a change to any policy is detected. It will then be called |
| 41 // only with the changed policies. | 55 // only with the changed policies. |
| 42 // | 56 // |
| 43 // |policy_error_callback| will be called when malformed policies are detected | 57 // |policy_error_callback| will be called when malformed policies are detected |
| 44 // (i.e. wrong type of policy value, or unparseable files under | 58 // (i.e. wrong type of policy value, or unparseable files under |
| 45 // /etc/opt/chrome/policies/managed). | 59 // /etc/opt/chrome/policies/managed). |
| 46 // When called, the |policy_error_callback| is responsible for mitigating the | 60 // When called, the |policy_error_callback| is responsible for mitigating the |
| 47 // security risk of running with incorrectly formulated policies (by either | 61 // security risk of running with incorrectly formulated policies (by either |
| 48 // shutting down or locking down the host). | 62 // shutting down or locking down the host). |
| 49 // After calling |policy_error_callback| PolicyWatcher will continue watching | 63 // After calling |policy_error_callback| PolicyWatcher will continue watching |
| 50 // for policy changes and will call |policy_updated_callback| when the error | 64 // for policy changes and will call |policy_updated_callback| when the error |
| 51 // is recovered from and may call |policy_error_callback| when new errors are | 65 // is recovered from and may call |policy_error_callback| when new errors are |
| 52 // found. | 66 // found. |
| 67 // |
| 68 // See |Create| method's description for comments about which thread will |
| 69 // be used to run the callbacks. |
| 53 virtual void StartWatching( | 70 virtual void StartWatching( |
| 54 const PolicyUpdatedCallback& policy_updated_callback, | 71 const PolicyUpdatedCallback& policy_updated_callback, |
| 55 const PolicyErrorCallback& policy_error_callback); | 72 const PolicyErrorCallback& policy_error_callback); |
| 56 | 73 |
| 57 // Should be called after StartWatching() before the object is deleted. Calls | 74 // Should be called after StartWatching() before the object is deleted. Calls |
| 58 // should wait for |stopped_callback| to be called before deleting it. | 75 // should wait for |stopped_callback| to be called before deleting it. |
| 59 virtual void StopWatching(const base::Closure& stopped_callback); | 76 virtual void StopWatching(const base::Closure& stopped_callback); |
| 60 | 77 |
| 61 // Implemented by each platform. |task_runner| should be an IO message loop. | 78 // Specify a |policy_service| to borrow (on Chrome OS, from the browser |
| 62 // |policy_service| is currently only used on ChromeOS. The caller must | 79 // process) or specify nullptr to internally construct and use a new |
| 63 // ensure that |policy_service| remains valid for the lifetime of | 80 // PolicyService (on other OS-es). |
| 64 // PolicyWatcher. | 81 // |
| 82 // When |policy_service| is null, then |task_runner| is used for reading the |
| 83 // policy from files / registry / preferences. PolicyUpdatedCallback and |
| 84 // PolicyErrorCallback will be called on the same |task_runner|. |
| 85 // |task_runner| should be of TYPE_IO type. |
| 86 // |
| 87 // When |policy_service| is specified then |task_runner| argument is ignored |
| 88 // and 1) BrowserThread::UI is used for PolicyUpdatedCallback and |
| 89 // PolicyErrorCallback and 2) BrowserThread::FILE is used for reading the |
| 90 // policy from files / registry / preferences (although (2) is just an |
| 91 // implementation detail and should likely be ignored outside of |
| 92 // PolicyWatcher). |
| 65 static scoped_ptr<PolicyWatcher> Create( | 93 static scoped_ptr<PolicyWatcher> Create( |
| 66 policy::PolicyService* policy_service, | 94 policy::PolicyService* policy_service, |
| 67 scoped_refptr<base::SingleThreadTaskRunner> task_runner); | 95 const scoped_refptr<base::SingleThreadTaskRunner>& task_runner); |
| 68 | 96 |
| 69 protected: | 97 protected: |
| 70 virtual void StartWatchingInternal() = 0; | 98 virtual void StartWatchingInternal() = 0; |
| 71 virtual void StopWatchingInternal() = 0; | 99 virtual void StopWatchingInternal() = 0; |
| 72 virtual void Reload() = 0; | |
| 73 | 100 |
| 74 // Used to check if the class is on the right thread. | 101 // Used to check if the class is on the right thread. |
| 75 bool OnPolicyWatcherThread() const; | 102 bool OnPolicyWatcherThread() const; |
| 76 | 103 |
| 77 // Takes the policy dictionary from the OS specific store and extracts the | 104 // Takes the policy dictionary from the OS specific store and extracts the |
| 78 // relevant policies. | 105 // relevant policies. |
| 79 void UpdatePolicies(const base::DictionaryValue* new_policy); | 106 void UpdatePolicies(const base::DictionaryValue* new_policy); |
| 80 | 107 |
| 81 // Signals policy error to the registered |PolicyErrorCallback|. | 108 // Signals policy error to the registered |PolicyErrorCallback|. |
| 82 void SignalPolicyError(); | 109 void SignalPolicyError(); |
| 83 | 110 |
| 84 // Called whenever a transient error occurs during reading of policy files. | 111 // Called whenever a transient error occurs during reading of policy files. |
| 85 // This will increment a counter, and will trigger a call to | 112 // This will increment a counter, and will trigger a call to |
| 86 // SignalPolicyError() only after a threshold count is reached. | 113 // SignalPolicyError() only after a threshold count is reached. |
| 87 // The counter is reset whenever policy has been successfully read. | 114 // The counter is reset whenever policy has been successfully read. |
| 88 void SignalTransientPolicyError(); | 115 void SignalTransientPolicyError(); |
| 89 | 116 |
| 90 // Used for time-based reloads in case something goes wrong with the | |
| 91 // notification system. | |
| 92 void ScheduleFallbackReloadTask(); | |
| 93 void ScheduleReloadTask(const base::TimeDelta& delay); | |
| 94 | |
| 95 // Returns a DictionaryValue containing the default values for each policy. | 117 // Returns a DictionaryValue containing the default values for each policy. |
| 96 const base::DictionaryValue& Defaults() const; | 118 const base::DictionaryValue& Defaults() const; |
| 97 | 119 |
| 98 private: | 120 private: |
| 99 void StopWatchingOnPolicyWatcherThread(); | 121 void StopWatchingOnPolicyWatcherThread(); |
| 100 scoped_refptr<base::SingleThreadTaskRunner> task_runner_; | 122 scoped_refptr<base::SingleThreadTaskRunner> task_runner_; |
| 101 | 123 |
| 102 PolicyUpdatedCallback policy_updated_callback_; | 124 PolicyUpdatedCallback policy_updated_callback_; |
| 103 PolicyErrorCallback policy_error_callback_; | 125 PolicyErrorCallback policy_error_callback_; |
| 104 int transient_policy_error_retry_counter_; | 126 int transient_policy_error_retry_counter_; |
| 105 | 127 |
| 106 scoped_ptr<base::DictionaryValue> old_policies_; | 128 scoped_ptr<base::DictionaryValue> old_policies_; |
| 107 scoped_ptr<base::DictionaryValue> default_values_; | 129 scoped_ptr<base::DictionaryValue> default_values_; |
| 108 scoped_ptr<base::DictionaryValue> bad_type_values_; | 130 scoped_ptr<base::DictionaryValue> bad_type_values_; |
| 109 | 131 |
| 110 // Allows us to cancel any inflight FileWatcher events or scheduled reloads. | 132 // Allows us to cancel any inflight FileWatcher events or scheduled reloads. |
| 111 base::WeakPtrFactory<PolicyWatcher> weak_factory_; | 133 base::WeakPtrFactory<PolicyWatcher> weak_factory_; |
| 112 }; | 134 }; |
| 113 | 135 |
| 114 } // namespace policy_hack | 136 } // namespace policy_hack |
| 115 } // namespace remoting | 137 } // namespace remoting |
| 116 | 138 |
| 117 #endif // REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ | 139 #endif // REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 830193002:
Using PolicyServiceWatcher instead of PolicyWatcherLinux/Win/Mac. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master