user_cloud_policy_store_chromeos.h revision 8bcbed890bc3ce4d7a057a8f32cab53fa534672e
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 6#define CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/basictypes.h" 12#include "base/compiler_specific.h" 13#include "base/files/file_path.h" 14#include "base/memory/ref_counted.h" 15#include "base/memory/scoped_ptr.h" 16#include "base/memory/weak_ptr.h" 17#include "chrome/browser/policy/cloud/cloud_policy_validator.h" 18#include "chrome/browser/policy/cloud/user_cloud_policy_store_base.h" 19#include "chromeos/dbus/dbus_method_call_status.h" 20 21namespace base { 22class SequencedTaskRunner; 23} 24 25namespace chromeos { 26class CryptohomeClient; 27class SessionManagerClient; 28} 29 30namespace policy { 31 32class LegacyPolicyCacheLoader; 33 34// Implements a cloud policy store backed by the Chrome OS' session_manager, 35// which takes care of persisting policy to disk and is accessed via DBus calls 36// through SessionManagerClient. 37// 38// Additionally, this class drives legacy UserPolicyTokenCache and 39// UserPolicyDiskCache instances, migrating policy from these to session_manager 40// storage on the fly. 41class UserCloudPolicyStoreChromeOS : public UserCloudPolicyStoreBase { 42 public: 43 UserCloudPolicyStoreChromeOS( 44 chromeos::CryptohomeClient* cryptohome_client, 45 chromeos::SessionManagerClient* session_manager_client, 46 scoped_refptr<base::SequencedTaskRunner> background_task_runner, 47 const std::string& username, 48 const base::FilePath& user_policy_key_dir, 49 const base::FilePath& legacy_token_cache_file, 50 const base::FilePath& legacy_policy_cache_file); 51 virtual ~UserCloudPolicyStoreChromeOS(); 52 53 // CloudPolicyStore: 54 virtual void Store( 55 const enterprise_management::PolicyFetchResponse& policy) OVERRIDE; 56 virtual void Load() OVERRIDE; 57 58 // Loads the policy synchronously on the current thread. 59 void LoadImmediately(); 60 61 private: 62 // Starts validation of |policy| before storing it. 63 void ValidatePolicyForStore( 64 scoped_ptr<enterprise_management::PolicyFetchResponse> policy); 65 66 // Completion handler for policy validation on the Store() path. 67 // Starts a store operation if the validation succeeded. 68 void OnPolicyToStoreValidated(UserCloudPolicyValidator* validator); 69 70 // Called back from SessionManagerClient for policy store operations. 71 void OnPolicyStored(bool); 72 73 // Called back from SessionManagerClient for policy load operations. 74 void OnPolicyRetrieved(const std::string& policy_blob); 75 76 // Starts validation of the loaded |policy| before installing it. 77 void ValidateRetrievedPolicy( 78 scoped_ptr<enterprise_management::PolicyFetchResponse> policy); 79 80 // Completion handler for policy validation on the Load() path. Installs the 81 // policy and publishes it if validation succeeded. 82 void OnRetrievedPolicyValidated(UserCloudPolicyValidator* validator); 83 84 // Callback for loading legacy caches. 85 void OnLegacyLoadFinished( 86 const std::string& dm_token, 87 const std::string& device_id, 88 Status status, 89 scoped_ptr<enterprise_management::PolicyFetchResponse>); 90 91 // Completion callback for legacy policy validation. 92 void OnLegacyPolicyValidated(const std::string& dm_token, 93 const std::string& device_id, 94 UserCloudPolicyValidator* validator); 95 96 // Installs legacy tokens. 97 void InstallLegacyTokens(const std::string& dm_token, 98 const std::string& device_id); 99 100 // Removes the passed-in legacy cache directory. 101 static void RemoveLegacyCacheDir(const base::FilePath& dir); 102 103 // Invokes |callback| after reloading |policy_key_|. 104 void ReloadPolicyKey(const base::Closure& callback); 105 106 // Reads the contents of |path| into |key|. 107 static void LoadPolicyKey(const base::FilePath& path, 108 std::vector<uint8>* key); 109 110 // Callback for the key reloading. 111 void OnPolicyKeyReloaded(std::vector<uint8>* key, 112 const base::Closure& callback); 113 114 // Invokes |callback| after creating |policy_key_|, if it hasn't been created 115 // yet; otherwise invokes |callback| immediately. 116 void EnsurePolicyKeyLoaded(const base::Closure& callback); 117 118 // Callback for getting the sanitized username from |cryptohome_client_|. 119 void OnGetSanitizedUsername(const base::Closure& callback, 120 chromeos::DBusMethodCallStatus call_status, 121 const std::string& sanitized_username); 122 123 chromeos::CryptohomeClient* cryptohome_client_; 124 chromeos::SessionManagerClient* session_manager_client_; 125 const std::string username_; 126 base::FilePath user_policy_key_dir_; 127 128 base::WeakPtrFactory<UserCloudPolicyStoreChromeOS> weak_factory_; 129 130 // TODO(mnissler): Remove all the legacy policy support members below after 131 // the number of pre-M20 clients drops back to zero. 132 base::FilePath legacy_cache_dir_; 133 scoped_ptr<LegacyPolicyCacheLoader> legacy_loader_; 134 bool legacy_caches_loaded_; 135 136 bool policy_key_loaded_; 137 base::FilePath policy_key_path_; 138 std::vector<uint8> policy_key_; 139 140 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOS); 141}; 142 143} // namespace policy 144 145#endif // CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_STORE_CHROMEOS_H_ 146