| OLD | NEW |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ |
| 6 #define CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ | 6 #define CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 58 std::string request_token; | 58 std::string request_token; |
| 59 std::string device_id; | 59 std::string device_id; |
| 60 }; | 60 }; |
| 61 | 61 |
| 62 ~OwnerSettingsServiceChromeOS() override; | 62 ~OwnerSettingsServiceChromeOS() override; |
| 63 | 63 |
| 64 static OwnerSettingsServiceChromeOS* FromWebUI(content::WebUI* web_ui); | 64 static OwnerSettingsServiceChromeOS* FromWebUI(content::WebUI* web_ui); |
| 65 | 65 |
| 66 void OnTPMTokenReady(bool tpm_token_enabled); | 66 void OnTPMTokenReady(bool tpm_token_enabled); |
| 67 | 67 |
| 68 bool HasPendingChanges() const; |
| 69 |
| 68 // ownership::OwnerSettingsService implementation: | 70 // ownership::OwnerSettingsService implementation: |
| 69 bool HandlesSetting(const std::string& setting) override; | 71 bool HandlesSetting(const std::string& setting) override; |
| 70 bool Set(const std::string& setting, const base::Value& value) override; | 72 bool Set(const std::string& setting, const base::Value& value) override; |
| 71 bool AppendToList(const std::string& setting, | 73 bool AppendToList(const std::string& setting, |
| 72 const base::Value& value) override; | 74 const base::Value& value) override; |
| 73 bool RemoveFromList(const std::string& setting, | 75 bool RemoveFromList(const std::string& setting, |
| 74 const base::Value& value) override; | 76 const base::Value& value) override; |
| 75 bool CommitTentativeDeviceSettings( | 77 bool CommitTentativeDeviceSettings( |
| 76 scoped_ptr<enterprise_management::PolicyData> policy) override; | 78 scoped_ptr<enterprise_management::PolicyData> policy) override; |
| 77 | 79 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 93 const ManagementSettings& settings, | 95 const ManagementSettings& settings, |
| 94 const OnManagementSettingsSetCallback& callback); | 96 const OnManagementSettingsSetCallback& callback); |
| 95 | 97 |
| 96 // Checks if the user is the device owner, without the user profile having to | 98 // Checks if the user is the device owner, without the user profile having to |
| 97 // been initialized. Should be used only if login state is in safe mode. | 99 // been initialized. Should be used only if login state is in safe mode. |
| 98 static void IsOwnerForSafeModeAsync( | 100 static void IsOwnerForSafeModeAsync( |
| 99 const std::string& user_hash, | 101 const std::string& user_hash, |
| 100 const scoped_refptr<ownership::OwnerKeyUtil>& owner_key_util, | 102 const scoped_refptr<ownership::OwnerKeyUtil>& owner_key_util, |
| 101 const IsOwnerCallback& callback); | 103 const IsOwnerCallback& callback); |
| 102 | 104 |
| 103 // Assembles PolicyData based on |settings|, |policy_data| and | 105 // Assembles PolicyData based on |settings|, |policy_data|, |user_id| and |
| 104 // |user_id|. | 106 // |pending_management_settings|. Applies local-owner policy fixups if needed. |
| 105 static scoped_ptr<enterprise_management::PolicyData> AssemblePolicy( | 107 static scoped_ptr<enterprise_management::PolicyData> AssemblePolicy( |
| 106 const std::string& user_id, | 108 const std::string& user_id, |
| 107 const enterprise_management::PolicyData* policy_data, | 109 const enterprise_management::PolicyData* policy_data, |
| 108 const enterprise_management::ChromeDeviceSettingsProto* settings); | 110 bool apply_pending_mangement_settings, |
| 111 const ManagementSettings& pending_management_settings, |
| 112 enterprise_management::ChromeDeviceSettingsProto* settings); |
| 109 | 113 |
| 110 // Updates device |settings|. | 114 // Updates device |settings|. |
| 111 static void UpdateDeviceSettings( | 115 static void UpdateDeviceSettings( |
| 112 const std::string& path, | 116 const std::string& path, |
| 113 const base::Value& value, | 117 const base::Value& value, |
| 114 enterprise_management::ChromeDeviceSettingsProto& settings); | 118 enterprise_management::ChromeDeviceSettingsProto& settings); |
| 115 | 119 |
| 116 bool has_pending_changes() const { | |
| 117 return !pending_changes_.empty() || tentative_settings_.get() || | |
| 118 has_pending_management_settings_; | |
| 119 } | |
| 120 | |
| 121 protected: | 120 protected: |
| 122 OwnerSettingsServiceChromeOS( | 121 OwnerSettingsServiceChromeOS( |
| 123 DeviceSettingsService* device_settings_service, | 122 DeviceSettingsService* device_settings_service, |
| 124 Profile* profile, | 123 Profile* profile, |
| 125 const scoped_refptr<ownership::OwnerKeyUtil>& owner_key_util); | 124 const scoped_refptr<ownership::OwnerKeyUtil>& owner_key_util); |
| 126 | 125 |
| 127 private: | 126 private: |
| 128 friend class OwnerSettingsServiceChromeOSFactory; | 127 friend class OwnerSettingsServiceChromeOSFactory; |
| 129 | 128 |
| 129 // Perform fixups required to ensure sensical local-owner device policy: |
| 130 // 1) user whitelisting must be explicitly allowed or disallowed, and |
| 131 // 2) the owner user must be on the whitelist, if it's enforced. |
| 132 static void FixupLocalOwnerPolicy( |
| 133 const std::string& user_id, |
| 134 enterprise_management::ChromeDeviceSettingsProto* settings); |
| 135 |
| 130 // OwnerSettingsService protected interface overrides: | 136 // OwnerSettingsService protected interface overrides: |
| 131 | 137 |
| 132 // Reloads private key from profile's NSS slots, responds via |callback|. | 138 // Reloads private key from profile's NSS slots, responds via |callback|. |
| 133 void ReloadKeypairImpl(const base::Callback< | 139 void ReloadKeypairImpl(const base::Callback< |
| 134 void(const scoped_refptr<ownership::PublicKey>& public_key, | 140 void(const scoped_refptr<ownership::PublicKey>& public_key, |
| 135 const scoped_refptr<ownership::PrivateKey>& private_key)>& callback) | 141 const scoped_refptr<ownership::PrivateKey>& private_key)>& callback) |
| 136 override; | 142 override; |
| 137 | 143 |
| 138 // Possibly notifies DeviceSettingsService that owner's keypair is loaded. | 144 // Possibly notifies DeviceSettingsService that owner's keypair is loaded. |
| 139 void OnPostKeypairLoadedActions() override; | 145 void OnPostKeypairLoadedActions() override; |
| (...skipping 21 matching lines...) Expand all Loading... |
| 161 | 167 |
| 162 // User ID this service instance belongs to. | 168 // User ID this service instance belongs to. |
| 163 std::string user_id_; | 169 std::string user_id_; |
| 164 | 170 |
| 165 // Whether profile still needs to be initialized. | 171 // Whether profile still needs to be initialized. |
| 166 bool waiting_for_profile_creation_; | 172 bool waiting_for_profile_creation_; |
| 167 | 173 |
| 168 // Whether TPM token still needs to be initialized. | 174 // Whether TPM token still needs to be initialized. |
| 169 bool waiting_for_tpm_token_; | 175 bool waiting_for_tpm_token_; |
| 170 | 176 |
| 177 // True if local-owner policy fixups are still pending. |
| 178 bool has_pending_fixups_; |
| 179 |
| 171 // A set of pending changes to device settings. | 180 // A set of pending changes to device settings. |
| 172 base::ScopedPtrHashMap<std::string, base::Value> pending_changes_; | 181 base::ScopedPtrHashMap<std::string, base::Value> pending_changes_; |
| 173 | 182 |
| 174 // True if there're pending changes to management settings. | 183 // True if there're pending changes to management settings. |
| 175 bool has_pending_management_settings_; | 184 bool has_pending_management_settings_; |
| 176 | 185 |
| 177 // A set of pending changes to management settings. | 186 // A set of pending changes to management settings. |
| 178 ManagementSettings pending_management_settings_; | 187 ManagementSettings pending_management_settings_; |
| 179 | 188 |
| 180 // A set of callbacks that need to be run after management settings | 189 // A set of callbacks that need to be run after management settings |
| (...skipping 10 matching lines...) Expand all Loading... |
| 191 base::WeakPtrFactory<OwnerSettingsServiceChromeOS> weak_factory_; | 200 base::WeakPtrFactory<OwnerSettingsServiceChromeOS> weak_factory_; |
| 192 | 201 |
| 193 base::WeakPtrFactory<OwnerSettingsServiceChromeOS> store_settings_factory_; | 202 base::WeakPtrFactory<OwnerSettingsServiceChromeOS> store_settings_factory_; |
| 194 | 203 |
| 195 DISALLOW_COPY_AND_ASSIGN(OwnerSettingsServiceChromeOS); | 204 DISALLOW_COPY_AND_ASSIGN(OwnerSettingsServiceChromeOS); |
| 196 }; | 205 }; |
| 197 | 206 |
| 198 } // namespace chromeos | 207 } // namespace chromeos |
| 199 | 208 |
| 200 #endif // CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ | 209 #endif // CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_ |
| OLD | NEW |