enterprise_install_attributes.h revision b2df76ea8fec9e32f6f3718986dba0d95315b29c
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_ 7 8#include <map> 9#include <string> 10 11#include "base/basictypes.h" 12#include "base/callback.h" 13#include "base/compiler_specific.h" 14#include "base/files/file_path.h" 15#include "base/memory/weak_ptr.h" 16#include "chrome/browser/policy/cloud/cloud_policy_constants.h" 17#include "chromeos/dbus/cryptohome_client.h" 18#include "chromeos/dbus/dbus_method_call_status.h" 19 20namespace chromeos { 21class CryptohomeLibrary; 22} 23 24namespace policy { 25 26// Brokers access to the enterprise-related installation-time attributes on 27// ChromeOS. 28class EnterpriseInstallAttributes { 29 public: 30 // Return codes for LockDevice(). 31 enum LockResult { 32 LOCK_SUCCESS, 33 LOCK_NOT_READY, 34 LOCK_BACKEND_ERROR, 35 LOCK_WRONG_USER, 36 }; 37 38 // A callback to handle responses of methods returning a LockResult value. 39 typedef base::Callback<void(LockResult lock_result)> LockResultCallback; 40 41 // Constants for the possible device modes that can be stored in the lockbox. 42 static const char kConsumerDeviceMode[]; 43 static const char kEnterpiseDeviceMode[]; 44 static const char kKioskDeviceMode[]; 45 static const char kUnknownDeviceMode[]; 46 47 // Field names in the lockbox. 48 static const char kAttrEnterpriseDeviceId[]; 49 static const char kAttrEnterpriseDomain[]; 50 static const char kAttrEnterpriseMode[]; 51 static const char kAttrEnterpriseOwned[]; 52 static const char kAttrEnterpriseUser[]; 53 54 EnterpriseInstallAttributes( 55 chromeos::CryptohomeLibrary* cryptohome, 56 chromeos::CryptohomeClient* cryptohome_client); 57 ~EnterpriseInstallAttributes(); 58 59 // Reads data from the cache file. The cache file is used to work around slow 60 // cryptohome startup, which takes a while to register its DBus interface. 61 // See http://crosbug.com/37367 for background on this. 62 void ReadCacheFile(const base::FilePath& cache_file); 63 64 // Makes sure the local caches for enterprise-related install attributes are 65 // up-to-date with what cryptohome has. This method checks the readiness of 66 // attributes and read them if ready. Actual read will be performed in 67 // ReadAttributesIfReady(). 68 void ReadImmutableAttributes(const base::Closure& callback); 69 70 // Locks the device to be an enterprise device registered by the given user. 71 // This can also be called after the lock has already been taken, in which 72 // case it checks that the passed user agrees with the locked attribute. 73 // |callback| must not be null and is called with the result. 74 void LockDevice(const std::string& user, 75 DeviceMode device_mode, 76 const std::string& device_id, 77 const LockResultCallback& callback); 78 79 // Checks whether this is an enterprise device. 80 bool IsEnterpriseDevice(); 81 82 // Gets the domain this device belongs to or an empty string if the device is 83 // not an enterprise device. 84 std::string GetDomain(); 85 86 // Gets the user that registered the device. Returns an empty string if the 87 // device is not an enterprise device. 88 std::string GetRegistrationUser(); 89 90 // Gets the device id that was generated when the device was registered. 91 // Returns an empty string if the device is not an enterprise device or the 92 // device id was not stored in the lockbox (prior to R19). 93 std::string GetDeviceId(); 94 95 // Gets the mode the device was enrolled to. The return value for devices that 96 // are not locked yet will be DEVICE_MODE_UNKNOWN. 97 DeviceMode GetMode(); 98 99 protected: 100 bool device_locked_; 101 std::string registration_user_; 102 std::string registration_domain_; 103 std::string registration_device_id_; 104 DeviceMode registration_mode_; 105 106 private: 107 // Decodes the install attributes provided in |attr_map|. 108 void DecodeInstallAttributes( 109 const std::map<std::string, std::string>& attr_map); 110 111 // Helper for ReadImmutableAttributes. 112 void ReadAttributesIfReady( 113 const base::Closure& callback, 114 chromeos::DBusMethodCallStatus call_status, 115 bool result); 116 117 // Helper for LockDevice(). Handles the result of InstallAttributesIsReady() 118 // and continue processing LockDevice if the result is true. 119 void LockDeviceIfAttributesIsReady( 120 const std::string& user, 121 DeviceMode device_mode, 122 const std::string& device_id, 123 const LockResultCallback& callback, 124 chromeos::DBusMethodCallStatus call_status, 125 bool result); 126 127 // Confirms the registered user and invoke the callback. 128 void OnReadImmutableAttributes(const std::string& user, 129 const LockResultCallback& callback); 130 131 chromeos::CryptohomeLibrary* cryptohome_; 132 chromeos::CryptohomeClient* cryptohome_client_; 133 134 base::WeakPtrFactory<EnterpriseInstallAttributes> weak_ptr_factory_; 135 136 DISALLOW_COPY_AND_ASSIGN(EnterpriseInstallAttributes); 137}; 138 139} // namespace policy 140 141#endif // CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_ 142