profile_policy_connector.h revision 58537e28ecd584eab876aee8be7156509866d23a
1// Copyright (c) 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_POLICY_PROFILE_POLICY_CONNECTOR_H_ 6#define CHROME_BROWSER_POLICY_PROFILE_POLICY_CONNECTOR_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/basictypes.h" 12#include "base/callback.h" 13#include "base/memory/ref_counted.h" 14#include "base/memory/scoped_ptr.h" 15#include "base/memory/weak_ptr.h" 16#include "components/browser_context_keyed_service/browser_context_keyed_service.h" 17 18#if defined(OS_CHROMEOS) 19#include "chromeos/dbus/dbus_method_call_status.h" 20#endif 21 22class Profile; 23 24namespace base { 25class SequencedTaskRunner; 26} 27 28namespace net { 29class CertTrustAnchorProvider; 30} 31 32namespace net { 33class X509Certificate; 34typedef std::vector<scoped_refptr<X509Certificate> > CertificateList; 35} 36 37namespace policy { 38 39class ConfigurationPolicyProvider; 40class UserNetworkConfigurationUpdater; 41class PolicyService; 42class PolicyCertVerifier; 43 44// A BrowserContextKeyedService that creates and manages the per-Profile policy 45// components. 46class ProfilePolicyConnector : public BrowserContextKeyedService { 47 public: 48 explicit ProfilePolicyConnector(Profile* profile); 49 virtual ~ProfilePolicyConnector(); 50 51 // If |force_immediate_load| then disk caches will be loaded synchronously. 52 void Init(bool force_immediate_load, 53 base::SequencedTaskRunner* sequenced_task_runner); 54 55 void InitForTesting(scoped_ptr<PolicyService> service); 56 57 // BrowserContextKeyedService: 58 virtual void Shutdown() OVERRIDE; 59 60 // This is never NULL. 61 PolicyService* policy_service() const { return policy_service_.get(); } 62 63#if defined(OS_CHROMEOS) 64 // Sets the CertVerifier on which the current list of Web trusted server and 65 // CA certificates will be set. Policy updates will trigger further calls to 66 // |cert_verifier| later. |cert_verifier| must be valid until 67 // SetPolicyCertVerifier is called again (with another CertVerifier or NULL) 68 // or until this Connector is destructed. |cert_verifier|'s methods are only 69 // called on the IO thread. This function must be called on the UI thread. 70 void SetPolicyCertVerifier(PolicyCertVerifier* cert_verifier); 71 72 // Returns a callback that should be called if a policy installed certificate 73 // was trusted for the associated profile. The closure can be safely used (on 74 // the UI thread) even after this Connector is destructed. 75 base::Closure GetPolicyCertTrustedCallback(); 76 77 // Sets |certs| to the list of Web trusted server and CA certificates from the 78 // last received ONC user policy. 79 void GetWebTrustedCertificates(net::CertificateList* certs) const; 80#endif 81 82 // Returns true if |profile()| has used certificates installed via policy 83 // to establish a secure connection before. This means that it may have 84 // cached content from an untrusted source. 85 bool UsedPolicyCertificates(); 86 87 private: 88#if defined(ENABLE_CONFIGURATION_POLICY) 89 90#if defined(OS_CHROMEOS) 91 void SetUsedPolicyCertificatesOnce(); 92 void InitializeDeviceLocalAccountPolicyProvider(const std::string& username); 93#endif 94 95#if defined(OS_CHROMEOS) 96 // Some of the user policy configuration affects browser global state, and 97 // can only come from one Profile. |is_primary_user_| is true if this 98 // connector belongs to the first signed-in Profile, and in that case that 99 // Profile's policy is the one that affects global policy settings in 100 // local state. 101 bool is_primary_user_; 102 103 scoped_ptr<ConfigurationPolicyProvider> special_user_policy_provider_; 104 scoped_ptr<UserNetworkConfigurationUpdater> network_configuration_updater_; 105 106 base::WeakPtrFactory<ProfilePolicyConnector> weak_ptr_factory_; 107#endif 108 109 Profile* profile_; 110 111#endif // ENABLE_CONFIGURATION_POLICY 112 113 scoped_ptr<PolicyService> policy_service_; 114 115 DISALLOW_COPY_AND_ASSIGN(ProfilePolicyConnector); 116}; 117 118} // namespace policy 119 120#endif // CHROME_BROWSER_POLICY_PROFILE_POLICY_CONNECTOR_H_ 121