15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved.
25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be
35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file.
45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
5a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_
6a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#define COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_
75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/basictypes.h"
95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/scoped_ptr.h"
103240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch#include "base/memory/weak_ptr.h"
115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/observer_list.h"
12a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_validator.h"
13f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/policy_map.h"
14a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/policy_export.h"
15a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "policy/proto/device_management_backend.pb.h"
165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace policy {
185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
193240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdochclass CloudExternalDataManager;
203240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch
215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Defines the low-level interface used by the cloud policy code to:
225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//   1. Validate policy blobs that should be applied locally
235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//   2. Persist policy blobs
245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)//   3. Decode policy blobs to PolicyMap representation
25a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class POLICY_EXPORT CloudPolicyStore {
265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public:
275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Status codes.
285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  enum Status {
295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Everything is in good order.
305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_OK,
315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Loading policy from the underlying data store failed.
325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_LOAD_ERROR,
335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Failed to store policy to the data store.
345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_STORE_ERROR,
355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Failed to parse the policy read from the data store.
365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_PARSE_ERROR,
375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Failed to serialize policy for storage.
385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_SERIALIZE_ERROR,
395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Validation error.
405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_VALIDATION_ERROR,
415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Store cannot accept policy (e.g. non-enterprise device).
425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    STATUS_BAD_STATE,
435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  };
445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Callbacks for policy store events. Most importantly, policy updates.
46a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)  class POLICY_EXPORT Observer {
475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)   public:
485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    virtual ~Observer();
495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Called on changes to store->policy() and/or store->policy_map().
515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    virtual void OnStoreLoaded(CloudPolicyStore* store) = 0;
525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    // Called upon encountering errors.
545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    virtual void OnStoreError(CloudPolicyStore* store) = 0;
555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  };
565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CloudPolicyStore();
585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  virtual ~CloudPolicyStore();
595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Indicates whether the store has been fully initialized. This is
615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // accomplished by calling Load() after startup.
625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  bool is_initialized() const { return is_initialized_; }
635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
643240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  base::WeakPtr<CloudExternalDataManager> external_data_manager() const {
653240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch    return external_data_manager_;
663240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  }
673240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch
685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  const PolicyMap& policy_map() const { return policy_map_; }
695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  bool has_policy() const {
705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return policy_.get() != NULL;
715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  const enterprise_management::PolicyData* policy() const {
735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return policy_.get();
745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  bool is_managed() const {
765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return policy_.get() &&
775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)           policy_->state() == enterprise_management::PolicyData::ACTIVE;
785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  Status status() const { return status_; }
805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CloudPolicyValidatorBase::Status validation_status() const {
815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)    return validation_status_;
825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  }
835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Store a new policy blob. Pending load/store operations will be canceled.
855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // The store operation may proceed asynchronously and observers are notified
865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // once the operation finishes. If successful, OnStoreLoaded() will be invoked
875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // on the observers and the updated policy can be read through policy().
885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Errors generate OnStoreError() notifications.
89a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // |invalidation_version| is the invalidation version of the policy to be
90a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // stored.
91a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  void Store(
92a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)      const enterprise_management::PolicyFetchResponse& policy,
93a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)      int64 invalidation_version);
94a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)
955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  virtual void Store(
965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)      const enterprise_management::PolicyFetchResponse& policy) = 0;
975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Load the current policy blob from persistent storage. Pending load/store
995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // operations will be canceled. This may trigger asynchronous operations.
1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Upon success, OnStoreLoaded() will be called on the registered observers.
1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Otherwise, OnStoreError() reports the reason for failure.
1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  virtual void Load() = 0;
1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Registers an observer to be notified when policy changes.
1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  void AddObserver(Observer* observer);
1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Removes the specified observer.
1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  void RemoveObserver(Observer* observer);
1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
110a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // The invalidation version of the last policy stored. This value can be read
111a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // by observers to determine which version of the policy is now available.
112a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  int64 invalidation_version() {
113a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)    return invalidation_version_;
114a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  }
115a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)
1163240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  // Indicate that external data referenced by policies in this store is managed
1173240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  // by |external_data_manager|. The |external_data_manager| will be notified
1183240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  // about policy changes before any other observers.
1193240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  void SetExternalDataManager(
1203240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch      base::WeakPtr<CloudExternalDataManager> external_data_manager);
1213240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch
122d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // Replaces |policy_map_| and calls the registered observers, simulating a
123d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // successful load of |policy_map| from persistent storage.
124d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // TODO(bartfab): This override is only needed because there are no policies
125d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // that reference external data and therefore, no ExternalDataFetchers in the
126d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // |policy_map_|. Once the first such policy is added, use that policy in
127d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  // tests and remove the override.
128d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)  void SetPolicyMapForTesting(const PolicyMap& policy_map);
129d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)
1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected:
1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Invokes the corresponding callback on all registered observers.
1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  void NotifyStoreLoaded();
1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  void NotifyStoreError();
1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1353240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  // Manages external data referenced by policies.
1363240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch  base::WeakPtr<CloudExternalDataManager> external_data_manager_;
1373240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch
1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Decoded version of the currently effective policy.
1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  PolicyMap policy_map_;
1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Currently effective policy.
1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  scoped_ptr<enterprise_management::PolicyData> policy_;
1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Latest status code.
1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  Status status_;
1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Latest validation status.
1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  CloudPolicyValidatorBase::Status validation_status_;
1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
150a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  // The invalidation version of the last policy stored.
151a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)  int64 invalidation_version_;
152a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)
1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private:
1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // Whether the store has completed asynchronous initialization, which is
1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  // triggered by calling Load().
1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  bool is_initialized_;
1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  ObserverList<Observer, true> observers_;
1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)  DISALLOW_COPY_AND_ASSIGN(CloudPolicyStore);
1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)};
1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}  // namespace policy
1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)
165a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#endif  // COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_
166