1cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 28bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 38bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// found in the LICENSE file. 48bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 5cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_ 6cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_ 78bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 88bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#include <string> 98bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 108bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#include "base/basictypes.h" 115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/callback.h" 128bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#include "base/strings/string16.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "base/values.h" 145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/profiles/profile.h" 158bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 168bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)class PrefRegistrySimple; 178bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 185f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)namespace user_manager { 195f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class User; 205f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)} 215f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 228bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)namespace chromeos { 238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)class SupervisedUserAuthentication; 255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Keys in dictionary with supervised password information. 275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const char kSchemaVersion[]; 285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const char kPasswordRevision[]; 295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const char kSalt[]; 305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const char kRequirePasswordUpdate[]; 31effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochextern const char kHasIncompleteKey[]; 325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const int kMinPasswordRevision; 335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 3423730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles)// Values for these keys are not stored in local state. 3523730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles)extern const char kEncryptedPassword[]; 3623730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles)extern const char kPasswordSignature[]; 3723730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles)extern const char kPasswordEncryptionKey[]; 3823730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles)extern const char kPasswordSignatureKey[]; 3923730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) 405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)extern const char kPasswordUpdateFile[]; 418bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 428bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// Base class for SupervisedUserManagerImpl - provides a mechanism for getting 438bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// and setting specific values for supervised users, as well as additional 448bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)// lookup methods that make sense only for supervised users. 458bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)class SupervisedUserManager { 468bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) public: 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) typedef base::Callback<void(const std::string& /* token */)> 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) LoadTokenCallback; 495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 508bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Registers user manager preferences. 518bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) static void RegisterPrefs(PrefRegistrySimple* registry); 528bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 538bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SupervisedUserManager() {} 548bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual ~SupervisedUserManager() {} 558bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Checks if given user have supervised users on this device. 575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual bool HasSupervisedUsers(const std::string& manager_id) const = 0; 595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 608bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Creates supervised user with given |display_name| and |local_user_id| 618bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // and persists that to user list. Also links this user identified by 628bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // |sync_user_id| to manager with a |manager_id|. 638bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns created user, or existing user if there already 645f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // was a supervised user with such display name. 658bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // TODO(antrim): Refactor into a single struct to have only 1 getter. 665f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual const user_manager::User* CreateUserRecord( 678bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const std::string& manager_id, 688bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const std::string& local_user_id, 698bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const std::string& sync_user_id, 70a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16& display_name) = 0; 718bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 728bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Generates unique user ID for supervised user. 738bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual std::string GenerateUserId() = 0; 748bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 758bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns the supervised user with the given |display_name| if found in 768bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // the persistent list. Returns |NULL| otherwise. 775f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual const user_manager::User* FindByDisplayName( 78a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16& display_name) const = 0; 798bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 808bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns the supervised user with the given |sync_id| if found in 818bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // the persistent list. Returns |NULL| otherwise. 825f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual const user_manager::User* FindBySyncId( 835f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) const std::string& sync_id) const = 0; 848bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 858bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns sync_user_id for supervised user with |user_id| or empty string if 868bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // such user is not found or it doesn't have user_id defined. 878bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual std::string GetUserSyncId(const std::string& user_id) const = 0; 888bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 898bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns the display name for manager of user |user_id| if it is known 908bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // (was previously set by a |SaveUserDisplayName| call). 918bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Otherwise, returns a manager id. 92a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual base::string16 GetManagerDisplayName( 93a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const std::string& user_id) const = 0; 948bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 958bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns the user id for manager of user |user_id| if it is known (user is 968bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // actually a managed user). 978bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Otherwise, returns an empty string. 988bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual std::string GetManagerUserId(const std::string& user_id) const = 0; 998bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1008bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Returns the display email for manager of user |user_id| if it is known 1018bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // (user is actually a managed user). 1028bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Otherwise, returns an empty string. 1038bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual std::string GetManagerDisplayEmail(const std::string& user_id) 1048bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const = 0; 1058bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1068bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Create a record about starting supervised user creation transaction. 107a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) virtual void StartCreationTransaction(const base::string16& display_name) = 0; 1088bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1098bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) // Add user id to supervised user creation transaction record. 1108bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual void SetCreationTransactionUserId(const std::string& user_id) = 0; 1118bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1125f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Remove supervised user creation transaction record. 1138bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) virtual void CommitCreationTransaction() = 0; 1148bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Return object that handles specifics of supervised user authentication. 1165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual SupervisedUserAuthentication* GetAuthentication() = 0; 1175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Fill |result| with public password-specific data for |user_id| from Local 1195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // State. 1205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void GetPasswordInformation(const std::string& user_id, 1215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::DictionaryValue* result) = 0; 1225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Stores public password-specific data from |password_info| for |user_id| in 1245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Local State. 1255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void SetPasswordInformation( 1265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& user_id, 1275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const base::DictionaryValue* password_info) = 0; 1285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1295d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Loads a sync oauth token in background, and passes it to callback. 1305d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void LoadSupervisedUserToken(Profile* profile, 1315d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const LoadTokenCallback& callback) = 0; 1325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1335d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Configures sync service with oauth token. 1345d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void ConfigureSyncWithToken(Profile* profile, 1355d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& token) = 0; 1365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1378bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) private: 1388bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SupervisedUserManager); 1398bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)}; 1408bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1418bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)} // namespace chromeos 1428bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 143cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#endif // CHROME_BROWSER_CHROMEOS_LOGIN_USERS_SUPERVISED_USER_MANAGER_H_ 144