session_manager_operation.h revision f8ee788a64d60abd8f2d742a5fdedde054ecd910 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
6#define CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
7
8#include "base/basictypes.h"
9#include "base/callback.h"
10#include "base/memory/ref_counted.h"
11#include "base/memory/scoped_ptr.h"
12#include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h"
13#include "chrome/browser/chromeos/settings/device_settings_service.h"
14#include "net/cert/x509_util_nss.h"
15
16namespace enterprise_management {
17class ChromeDeviceSettingsProto;
18class PolicyData;
19class PolicyFetchResponse;
20}
21
22namespace chromeos {
23
24class OwnerKeyUtil;
25class SessionManagerClient;
26
27// Handles a single transaction with session manager. This is a virtual base
28// class that contains common infrastructure for key and policy loading. There
29// are subclasses for loading, storing and signing policy blobs.
30class SessionManagerOperation {
31 public:
32  typedef base::Callback<void(SessionManagerOperation*,
33                              DeviceSettingsService::Status)> Callback;
34
35  // Creates a new load operation.
36  explicit SessionManagerOperation(const Callback& callback);
37  virtual ~SessionManagerOperation();
38
39  // Starts the operation.
40  void Start(SessionManagerClient* session_manager_client,
41             scoped_refptr<OwnerKeyUtil> owner_key_util,
42             scoped_refptr<PublicKey> public_key);
43
44  // Restarts a load operation (if that part is already in progress).
45  void RestartLoad(bool key_changed);
46
47  // Accessors for recovering the loaded policy data after completion.
48  scoped_ptr<enterprise_management::PolicyData>& policy_data() {
49    return policy_data_;
50  }
51  scoped_ptr<enterprise_management::ChromeDeviceSettingsProto>&
52      device_settings() {
53    return device_settings_;
54  }
55
56  // Public part of the owner key as configured/loaded from disk.
57  scoped_refptr<PublicKey> public_key() { return public_key_; }
58
59  // Whether the load operation is underway.
60  bool is_loading() const { return is_loading_; }
61
62  void set_force_key_load(bool force_key_load) {
63    force_key_load_ = force_key_load;
64  }
65
66  void set_username(const std::string& username) { username_ = username; }
67
68  void set_delegate(const base::WeakPtr<
69      DeviceSettingsService::PrivateKeyDelegate>& delegate) {
70    delegate_ = delegate;
71  }
72
73 protected:
74  // Runs the operation. The result is reported through |callback_|.
75  virtual void Run() = 0;
76
77  // Ensures the public key is loaded.
78  void EnsurePublicKey(const base::Closure& callback);
79
80  // Starts a load operation.
81  void StartLoading();
82
83  // Reports the result status of the operation. Once this gets called, the
84  // operation should not perform further processing or trigger callbacks.
85  void ReportResult(DeviceSettingsService::Status status);
86
87  SessionManagerClient* session_manager_client() {
88    return session_manager_client_;
89  }
90
91  base::WeakPtr<DeviceSettingsService::PrivateKeyDelegate> delegate_;
92
93 private:
94  // Loads the owner key from disk. Must be run on a thread that can do I/O.
95  static scoped_refptr<PublicKey> LoadPublicKey(
96      scoped_refptr<OwnerKeyUtil> util,
97      scoped_refptr<PublicKey> current_key);
98
99  // Stores the owner key loaded by LoadOwnerKey and calls |callback|.
100  void StorePublicKey(const base::Closure& callback,
101                      scoped_refptr<PublicKey> new_key);
102
103  // Triggers a device settings load.
104  void RetrieveDeviceSettings();
105
106  // Validates device settings after retrieval from session_manager.
107  void ValidateDeviceSettings(const std::string& policy_blob);
108
109  // Extracts status and device settings from the validator and reports them.
110  void ReportValidatorStatus(policy::DeviceCloudPolicyValidator* validator);
111
112  SessionManagerClient* session_manager_client_;
113  scoped_refptr<OwnerKeyUtil> owner_key_util_;
114
115  base::WeakPtrFactory<SessionManagerOperation> weak_factory_;
116
117  Callback callback_;
118
119  scoped_refptr<PublicKey> public_key_;
120  bool force_key_load_;
121  std::string username_;
122
123  bool is_loading_;
124  scoped_ptr<enterprise_management::PolicyData> policy_data_;
125  scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_;
126
127  DISALLOW_COPY_AND_ASSIGN(SessionManagerOperation);
128};
129
130// This operation loads the public owner key from disk if appropriate, fetches
131// the policy blob from session manager, and validates the loaded policy blob.
132class LoadSettingsOperation : public SessionManagerOperation {
133 public:
134  // Creates a new load operation.
135  explicit LoadSettingsOperation(const Callback& callback);
136  virtual ~LoadSettingsOperation();
137
138 protected:
139  // SessionManagerOperation:
140  virtual void Run() OVERRIDE;
141
142 private:
143  DISALLOW_COPY_AND_ASSIGN(LoadSettingsOperation);
144};
145
146// Stores a pre-generated policy blob and reloads the device settings from
147// session_manager.
148class StoreSettingsOperation : public SessionManagerOperation {
149 public:
150  // Creates a new store operation.
151  StoreSettingsOperation(
152      const Callback& callback,
153      scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
154  virtual ~StoreSettingsOperation();
155
156 protected:
157  // SessionManagerOperation:
158  virtual void Run() OVERRIDE;
159
160 private:
161  // Handles the result of the store operation and triggers the load.
162  void HandleStoreResult(bool success);
163
164  scoped_ptr<enterprise_management::PolicyFetchResponse> policy_;
165
166  base::WeakPtrFactory<StoreSettingsOperation> weak_factory_;
167
168  DISALLOW_COPY_AND_ASSIGN(StoreSettingsOperation);
169};
170
171// Signs device settings and stores the resulting blob to session_manager.
172class SignAndStoreSettingsOperation : public SessionManagerOperation {
173 public:
174  // Creates a new sign-and-store operation.
175  SignAndStoreSettingsOperation(
176      const Callback& callback,
177      scoped_ptr<enterprise_management::PolicyData> new_policy);
178  virtual ~SignAndStoreSettingsOperation();
179
180  // SessionManagerOperation:
181  virtual void Run() OVERRIDE;
182
183 private:
184  void StartSigning(bool has_private_key);
185
186  // Stores the signed device settings blob.
187  void StoreDeviceSettingsBlob(std::string device_settings_blob);
188
189  // Handles the result of the store operation and triggers the load.
190  void HandleStoreResult(bool success);
191
192  scoped_ptr<enterprise_management::PolicyData> new_policy_;
193
194  base::WeakPtrFactory<SignAndStoreSettingsOperation> weak_factory_;
195
196  DISALLOW_COPY_AND_ASSIGN(SignAndStoreSettingsOperation);
197};
198
199}  // namespace chromeos
200
201#endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
202