user_cloud_policy_store_chromeos.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/basictypes.h" 12#include "base/compiler_specific.h" 13#include "base/files/file_path.h" 14#include "base/memory/scoped_ptr.h" 15#include "base/memory/weak_ptr.h" 16#include "chrome/browser/policy/cloud/cloud_policy_validator.h" 17#include "chrome/browser/policy/cloud/user_cloud_policy_store_base.h" 18#include "chromeos/dbus/dbus_method_call_status.h" 19 20namespace chromeos { 21class CryptohomeClient; 22class SessionManagerClient; 23} 24 25namespace policy { 26 27class LegacyPolicyCacheLoader; 28 29// Implements a cloud policy store backed by the Chrome OS' session_manager, 30// which takes care of persisting policy to disk and is accessed via DBus calls 31// through SessionManagerClient. 32// 33// Additionally, this class drives legacy UserPolicyTokenCache and 34// UserPolicyDiskCache instances, migrating policy from these to session_manager 35// storage on the fly. 36class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { 37 public: 38 UserCloudPolicyStoreChromeOS( 39 chromeos::CryptohomeClient* cryptohome_client, 40 chromeos::SessionManagerClient* session_manager_client, 41 const std::string& username, 42 const base::FilePath& user_policy_key_dir, 43 const base::FilePath& legacy_token_cache_file, 44 const base::FilePath& legacy_policy_cache_file); 45 virtual ~UserCloudPolicyStoreChromeOS(); 46 47 // CloudPolicyStore: 48 virtual void Store( 49 const enterprise_management::PolicyFetchResponse& policy) OVERRIDE; 50 virtual void Load() OVERRIDE; 51 52 private: 53 // Starts validation of |policy| before storing it. 54 void ValidatePolicyForStore( 55 scoped_ptr<enterprise_management::PolicyFetchResponse> policy); 56 57 // Completion handler for policy validation on the Store() path. 58 // Starts a store operation if the validation succeeded. 59 void OnPolicyToStoreValidated(UserCloudPolicyValidator* validator); 60 61 // Called back from SessionManagerClient for policy store operations. 62 void OnPolicyStored(bool); 63 64 // Called back from SessionManagerClient for policy load operations. 65 void OnPolicyRetrieved(const std::string& policy_blob); 66 67 // Starts validation of the loaded |policy| before installing it. 68 void ValidateRetrievedPolicy( 69 scoped_ptr<enterprise_management::PolicyFetchResponse> policy); 70 71 // Completion handler for policy validation on the Load() path. Installs the 72 // policy and publishes it if validation succeeded. 73 void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator); 74 75 // Callback for loading legacy caches. 76 void OnLegacyLoadFinished( 77 const std::string& dm_token, 78 const std::string& device_id, 79 Status status, 80 scoped_ptr<enterprise_management::PolicyFetchResponse>); 81 82 // Completion callback for legacy policy validation. 83 void OnLegacyPolicyValidated(const std::string& dm_token, 84 const std::string& device_id, 85 UserCloudPolicyValidator* validator); 86 87 // Installs legacy tokens. 88 void InstallLegacyTokens(const std::string& dm_token, 89 const std::string& device_id); 90 91 // Removes the passed-in legacy cache directory. 92 static void RemoveLegacyCacheDir(const base::FilePath& dir); 93 94 // Invokes |callback| after reloading |policy_key_|. 95 void ReloadPolicyKey(const base::Closure& callback); 96 97 // Reads the contents of |path| into |key|. 98 static void LoadPolicyKey(const base::FilePath& path, 99 std::vector<uint8>* key); 100 101 // Callback for the key reloading. 102 void OnPolicyKeyReloaded(std::vector<uint8>* key, 103 const base::Closure& callback); 104 105 // Invokes |callback| after creating |policy_key_|, if it hasn't been created 106 // yet; otherwise invokes |callback| immediately. 107 void EnsurePolicyKeyLoaded(const base::Closure& callback); 108 109 // Callback for getting the sanitized username from |cryptohome_client_|. 110 void OnGetSanitizedUsername(const base::Closure& callback, 111 chromeos::DBusMethodCallStatus call_status, 112 const std::string& sanitized_username); 113 114 chromeos::CryptohomeClient* cryptohome_client_; 115 chromeos::SessionManagerClient* session_manager_client_; 116 const std::string username_; 117 base::FilePath user_policy_key_dir_; 118 119 base::WeakPtrFactory<UserCloudPolicyStoreChromeOS> weak_factory_; 120 121 // TODO(mnissler): Remove all the legacy policy support members below after 122 // the number of pre-M20 clients drops back to zero. 123 base::FilePath legacy_cache_dir_; 124 scoped_ptr<LegacyPolicyCacheLoader> legacy_loader_; 125 bool legacy_caches_loaded_; 126 127 bool policy_key_loaded_; 128 base::FilePath policy_key_path_; 129 std::vector<uint8> policy_key_; 130 131 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOS); 132}; 133 134} // namespace policy 135 136#endif // CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 137