device_settings_service.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 6#define CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 7 8#include <deque> 9#include <string> 10#include <vector> 11 12#include "base/basictypes.h" 13#include "base/callback.h" 14#include "base/memory/ref_counted.h" 15#include "base/memory/scoped_ptr.h" 16#include "base/observer_list.h" 17#include "chrome/browser/policy/cloud/cloud_policy_validator.h" 18#include "chromeos/dbus/session_manager_client.h" 19 20namespace base { 21template <typename T> struct DefaultLazyInstanceTraits; 22} 23 24namespace crypto { 25class RSAPrivateKey; 26} 27 28namespace enterprise_management { 29class ChromeDeviceSettingsProto; 30class PolicyData; 31class PolicyFetchResponse; 32} 33 34namespace chromeos { 35 36class OwnerKeyUtil; 37class SessionManagerOperation; 38 39// Keeps the public and private halves of the owner key. Both may be missing, 40// but if the private key is present, the public half will be as well. This 41// class is immutable and refcounted in order to allow safe access from any 42// thread. 43class OwnerKey : public base::RefCountedThreadSafe<OwnerKey> { 44 public: 45 OwnerKey(scoped_ptr<std::vector<uint8> > public_key, 46 scoped_ptr<crypto::RSAPrivateKey> private_key); 47 48 const std::vector<uint8>* public_key() { 49 return public_key_.get(); 50 } 51 crypto::RSAPrivateKey* private_key() { 52 return private_key_.get(); 53 } 54 55 private: 56 friend class base::RefCountedThreadSafe<OwnerKey>; 57 ~OwnerKey(); 58 59 scoped_ptr<std::vector<uint8> > public_key_; 60 scoped_ptr<crypto::RSAPrivateKey> private_key_; 61 62 DISALLOW_COPY_AND_ASSIGN(OwnerKey); 63}; 64 65// Deals with the low-level interface to Chromium OS device settings. Device 66// settings are stored in a protobuf that's protected by a cryptographic 67// signature generated by a key in the device owner's possession. Key and 68// settings are brokered by the session_manager daemon. 69// 70// The purpose of DeviceSettingsService is to keep track of the current key and 71// settings blob. For reading and writing device settings, use CrosSettings 72// instead, which provides a high-level interface that allows for manipulation 73// of individual settings. 74// 75// DeviceSettingsService generates notifications for key and policy update 76// events so interested parties can reload state as appropriate. 77class DeviceSettingsService : public SessionManagerClient::Observer { 78 public: 79 // Indicates ownership status of the device. 80 enum OwnershipStatus { 81 // Listed in upgrade order. 82 OWNERSHIP_UNKNOWN = 0, 83 OWNERSHIP_NONE, 84 OWNERSHIP_TAKEN 85 }; 86 87 typedef base::Callback<void(OwnershipStatus, bool)> OwnershipStatusCallback; 88 89 // Status codes for Store(). 90 enum Status { 91 STORE_SUCCESS, 92 STORE_KEY_UNAVAILABLE, // Owner key not yet configured. 93 STORE_POLICY_ERROR, // Failure constructing the settings blob. 94 STORE_OPERATION_FAILED, // IPC to session_manager daemon failed. 95 STORE_NO_POLICY, // No settings blob present. 96 STORE_INVALID_POLICY, // Invalid settings blob. 97 STORE_VALIDATION_ERROR, // Unrecoverable policy validation failure. 98 STORE_TEMP_VALIDATION_ERROR, // Temporary policy validation failure. 99 }; 100 101 // Observer interface. 102 class Observer { 103 public: 104 virtual ~Observer(); 105 106 // Indicates device ownership status changes. 107 virtual void OwnershipStatusChanged() = 0; 108 109 // Gets call after updates to the device settings. 110 virtual void DeviceSettingsUpdated() = 0; 111 }; 112 113 // Creates a device settings service instance. This is meant for unit tests, 114 // production code uses the singleton returned by Get() below. 115 DeviceSettingsService(); 116 ~DeviceSettingsService(); 117 118 // Returns the singleton instance. 119 static DeviceSettingsService* Get(); 120 121 // To be called on startup once threads are initialized and DBus is ready. 122 void Initialize(SessionManagerClient* session_manager_client, 123 scoped_refptr<OwnerKeyUtil> owner_key_util); 124 125 // Prevents the service from making further calls to session_manager_client 126 // and stops any pending operations. 127 void Shutdown(); 128 129 // Returns the currently active device settings. Returns NULL if the device 130 // settings have not been retrieved from session_manager yet. 131 const enterprise_management::PolicyData* policy_data() { 132 return policy_data_.get(); 133 } 134 const enterprise_management::ChromeDeviceSettingsProto* 135 device_settings() const { 136 return device_settings_.get(); 137 } 138 139 // Returns the currently used owner key. 140 scoped_refptr<OwnerKey> GetOwnerKey(); 141 142 // Returns the status generated by the last operation. 143 Status status() { 144 return store_status_; 145 } 146 147 // Triggers an attempt to pull the public half of the owner key from disk and 148 // load the device settings. 149 void Load(); 150 151 // Signs |settings| with the private half of the owner key and sends the 152 // resulting policy blob to session manager for storage. The result of the 153 // operation is reported through |callback|. If successful, the updated device 154 // settings are present in policy_data() and device_settings() when the 155 // callback runs. 156 void SignAndStore( 157 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings, 158 const base::Closure& callback); 159 160 // Stores a policy blob to session_manager. The result of the operation is 161 // reported through |callback|. If successful, the updated device settings are 162 // present in policy_data() and device_settings() when the callback runs. 163 void Store(scoped_ptr<enterprise_management::PolicyFetchResponse> policy, 164 const base::Closure& callback); 165 166 // Returns the ownership status. May return OWNERSHIP_UNKNOWN if the disk 167 // hasn't been checked yet. 168 OwnershipStatus GetOwnershipStatus(); 169 170 // Determines the ownership status and reports the result to |callback|. This 171 // is guaranteed to never return OWNERSHIP_UNKNOWN. 172 void GetOwnershipStatusAsync(const OwnershipStatusCallback& callback); 173 174 // Checks whether we have the private owner key. 175 bool HasPrivateOwnerKey(); 176 177 // Sets the identity of the user that's interacting with the service. This is 178 // relevant only for writing settings through SignAndStore(). 179 void SetUsername(const std::string& username); 180 const std::string& GetUsername() const; 181 182 // Adds an observer. 183 void AddObserver(Observer* observer); 184 // Removes an observer. 185 void RemoveObserver(Observer* observer); 186 187 // SessionManagerClient::Observer: 188 virtual void OwnerKeySet(bool success) OVERRIDE; 189 virtual void PropertyChangeComplete(bool success) OVERRIDE; 190 191 private: 192 // Enqueues a new operation. Takes ownership of |operation| and starts it 193 // right away if there is no active operation currently. 194 void Enqueue(SessionManagerOperation* operation); 195 196 // Enqueues a load operation. 197 void EnqueueLoad(bool force_key_load); 198 199 // Makes sure there's a reload operation so changes to the settings (and key, 200 // in case force_key_load is set) are getting picked up. 201 void EnsureReload(bool force_key_load); 202 203 // Runs the next pending operation. 204 void StartNextOperation(); 205 206 // Updates status, policy data and owner key from a finished operation. 207 // Starts the next pending operation if available. 208 void HandleCompletedOperation(const base::Closure& callback, 209 SessionManagerOperation* operation, 210 Status status); 211 212 SessionManagerClient* session_manager_client_; 213 scoped_refptr<OwnerKeyUtil> owner_key_util_; 214 215 base::WeakPtrFactory<DeviceSettingsService> weak_factory_; 216 217 Status store_status_; 218 219 std::vector<OwnershipStatusCallback> pending_ownership_status_callbacks_; 220 221 std::string username_; 222 scoped_refptr<OwnerKey> owner_key_; 223 224 scoped_ptr<enterprise_management::PolicyData> policy_data_; 225 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_; 226 227 // The queue of pending operations. The first operation on the queue is 228 // currently active; it gets removed and destroyed once it completes. 229 std::deque<SessionManagerOperation*> pending_operations_; 230 231 ObserverList<Observer, true> observers_; 232 233 // For recoverable load errors how many retries are left before we give up. 234 int load_retries_left_; 235 236 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsService); 237}; 238 239} // namespace chromeos 240 241#endif // CHROME_BROWSER_CHROMEOS_SETTINGS_DEVICE_SETTINGS_SERVICE_H_ 242