1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_
6#define CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_
7
8#include <string>
9
10#include "base/basictypes.h"
11#include "base/callback.h"
12#include "base/strings/string16.h"
13#include "base/values.h"
14#include "chrome/browser/profiles/profile.h"
15
16class PrefRegistrySimple;
17
18namespace user_manager {
19class User;
20}
21
22namespace chromeos {
23
24class SupervisedUserAuthentication;
25
26// Keys in dictionary with supervised password information.
27extern const char kSchemaVersion[];
28extern const char kPasswordRevision[];
29extern const char kSalt[];
30extern const char kRequirePasswordUpdate[];
31extern const char kHasIncompleteKey[];
32extern const int kMinPasswordRevision;
33
34// Values for these keys are not stored in local state.
35extern const char kEncryptedPassword[];
36extern const char kPasswordSignature[];
37extern const char kPasswordEncryptionKey[];
38extern const char kPasswordSignatureKey[];
39
40extern const char kPasswordUpdateFile[];
41
42// Base class for SupervisedUserManagerImpl - provides a mechanism for getting
43// and setting specific values for supervised users, as well as additional
44// lookup methods that make sense only for supervised users.
45class SupervisedUserManager {
46 public:
47  typedef base::Callback<void(const std::string& /* token */)>
48      LoadTokenCallback;
49
50  // Registers user manager preferences.
51  static void RegisterPrefs(PrefRegistrySimple* registry);
52
53  SupervisedUserManager() {}
54  virtual ~SupervisedUserManager() {}
55
56  // Checks if given user have supervised users on this device.
57
58  virtual bool HasSupervisedUsers(const std::string& manager_id) const = 0;
59
60  // Creates supervised user with given |display_name| and |local_user_id|
61  // and persists that to user list. Also links this user identified by
62  // |sync_user_id| to manager with a |manager_id|.
63  // Returns created user, or existing user if there already
64  // was a supervised user with such display name.
65  // TODO(antrim): Refactor into a single struct to have only 1 getter.
66  virtual const user_manager::User* CreateUserRecord(
67      const std::string& manager_id,
68      const std::string& local_user_id,
69      const std::string& sync_user_id,
70      const base::string16& display_name) = 0;
71
72  // Generates unique user ID for supervised user.
73  virtual std::string GenerateUserId() = 0;
74
75  // Returns the supervised user with the given |display_name| if found in
76  // the persistent list. Returns |NULL| otherwise.
77  virtual const user_manager::User* FindByDisplayName(
78      const base::string16& display_name) const = 0;
79
80  // Returns the supervised user with the given |sync_id| if found in
81  // the persistent list. Returns |NULL| otherwise.
82  virtual const user_manager::User* FindBySyncId(
83      const std::string& sync_id) const = 0;
84
85  // Returns sync_user_id for supervised user with |user_id| or empty string if
86  // such user is not found or it doesn't have user_id defined.
87  virtual std::string GetUserSyncId(const std::string& user_id) const = 0;
88
89  // Returns the display name for manager of user |user_id| if it is known
90  // (was previously set by a |SaveUserDisplayName| call).
91  // Otherwise, returns a manager id.
92  virtual base::string16 GetManagerDisplayName(
93      const std::string& user_id) const = 0;
94
95  // Returns the user id for manager of user |user_id| if it is known (user is
96  // actually a managed user).
97  // Otherwise, returns an empty string.
98  virtual std::string GetManagerUserId(const std::string& user_id) const = 0;
99
100  // Returns the display email for manager of user |user_id| if it is known
101  // (user is actually a managed user).
102  // Otherwise, returns an empty string.
103  virtual std::string GetManagerDisplayEmail(const std::string& user_id)
104      const = 0;
105
106  // Create a record about starting supervised user creation transaction.
107  virtual void StartCreationTransaction(const base::string16& display_name) = 0;
108
109  // Add user id to supervised user creation transaction record.
110  virtual void SetCreationTransactionUserId(const std::string& user_id) = 0;
111
112  // Remove supervised user creation transaction record.
113  virtual void CommitCreationTransaction() = 0;
114
115  // Return object that handles specifics of supervised user authentication.
116  virtual SupervisedUserAuthentication* GetAuthentication() = 0;
117
118  // Fill |result| with public password-specific data for |user_id| from Local
119  // State.
120  virtual void GetPasswordInformation(const std::string& user_id,
121                                      base::DictionaryValue* result) = 0;
122
123  // Stores public password-specific data from |password_info| for |user_id| in
124  // Local State.
125  virtual void SetPasswordInformation(
126      const std::string& user_id,
127      const base::DictionaryValue* password_info) = 0;
128
129  // Loads a sync oauth token in background, and passes it to callback.
130  virtual void LoadSupervisedUserToken(Profile* profile,
131                                       const LoadTokenCallback& callback) = 0;
132
133  // Configures sync service with oauth token.
134  virtual void ConfigureSyncWithToken(Profile* profile,
135                                      const std::string& token) = 0;
136
137 private:
138  DISALLOW_COPY_AND_ASSIGN(SupervisedUserManager);
139};
140
141}  // namespace chromeos
142
143#endif  // CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_
144