cloud_policy_store.h revision a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7
15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_ 6a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#define COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/basictypes.h" 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 103240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch#include "base/memory/weak_ptr.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/observer_list.h" 12a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/cloud_policy_validator.h" 13f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/policy_map.h" 14a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/policy_export.h" 15a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "policy/proto/device_management_backend.pb.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace policy { 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 193240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdochclass CloudExternalDataManager; 203240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Defines the low-level interface used by the cloud policy code to: 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 1. Validate policy blobs that should be applied locally 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 2. Persist policy blobs 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 3. Decode policy blobs to PolicyMap representation 25a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class POLICY_EXPORT CloudPolicyStore { 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Status codes. 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) enum Status { 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Everything is in good order. 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_OK, 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Loading policy from the underlying data store failed. 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_LOAD_ERROR, 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to store policy to the data store. 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_STORE_ERROR, 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to parse the policy read from the data store. 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_PARSE_ERROR, 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to serialize policy for storage. 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_SERIALIZE_ERROR, 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Validation error. 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_VALIDATION_ERROR, 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Store cannot accept policy (e.g. non-enterprise device). 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) STATUS_BAD_STATE, 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Callbacks for policy store events. Most importantly, policy updates. 46a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) class POLICY_EXPORT Observer { 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~Observer(); 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Called on changes to store->policy() and/or store->policy_map(). 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void OnStoreLoaded(CloudPolicyStore* store) = 0; 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Called upon encountering errors. 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void OnStoreError(CloudPolicyStore* store) = 0; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CloudPolicyStore(); 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual ~CloudPolicyStore(); 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Indicates whether the store has been fully initialized. This is 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // accomplished by calling Load() after startup. 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_initialized() const { return is_initialized_; } 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 643240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch base::WeakPtr<CloudExternalDataManager> external_data_manager() const { 653240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch return external_data_manager_; 663240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch } 673240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const PolicyMap& policy_map() const { return policy_map_; } 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool has_policy() const { 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return policy_.get() != NULL; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const enterprise_management::PolicyData* policy() const { 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return policy_.get(); 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_managed() const { 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return policy_.get() && 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) policy_->state() == enterprise_management::PolicyData::ACTIVE; 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Status status() const { return status_; } 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CloudPolicyValidatorBase::Status validation_status() const { 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return validation_status_; 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Store a new policy blob. Pending load/store operations will be canceled. 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The store operation may proceed asynchronously and observers are notified 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // once the operation finishes. If successful, OnStoreLoaded() will be invoked 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // on the observers and the updated policy can be read through policy(). 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Errors generate OnStoreError() notifications. 89a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) // |invalidation_version| is the invalidation version of the policy to be 90a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) // stored. 91a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) void Store( 92a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) const enterprise_management::PolicyFetchResponse& policy, 93a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) int64 invalidation_version); 94a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void Store( 965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const enterprise_management::PolicyFetchResponse& policy) = 0; 975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load the current policy blob from persistent storage. Pending load/store 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // operations will be canceled. This may trigger asynchronous operations. 1005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Upon success, OnStoreLoaded() will be called on the registered observers. 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Otherwise, OnStoreError() reports the reason for failure. 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void Load() = 0; 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Registers an observer to be notified when policy changes. 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void AddObserver(Observer* observer); 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Removes the specified observer. 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void RemoveObserver(Observer* observer); 1095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 110a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) // The invalidation version of the last policy stored. This value can be read 111a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) // by observers to determine which version of the policy is now available. 112a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) int64 invalidation_version() { 113a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) return invalidation_version_; 114a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) } 115a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) 1163240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch // Indicate that external data referenced by policies in this store is managed 1173240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch // by |external_data_manager|. The |external_data_manager| will be notified 1183240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch // about policy changes before any other observers. 1193240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch void SetExternalDataManager( 1203240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch base::WeakPtr<CloudExternalDataManager> external_data_manager); 1213240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch 122d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // Replaces |policy_map_| and calls the registered observers, simulating a 123d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // successful load of |policy_map| from persistent storage. 124d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // TODO(bartfab): This override is only needed because there are no policies 125d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // that reference external data and therefore, no ExternalDataFetchers in the 126d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // |policy_map_|. Once the first such policy is added, use that policy in 127d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) // tests and remove the override. 128d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) void SetPolicyMapForTesting(const PolicyMap& policy_map); 129d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles) 1305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Invokes the corresponding callback on all registered observers. 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void NotifyStoreLoaded(); 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void NotifyStoreError(); 1345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1353240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch // Manages external data referenced by policies. 1363240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch base::WeakPtr<CloudExternalDataManager> external_data_manager_; 1373240926e260ce088908e02ac07a6cf7b0c0cbf44Ben Murdoch 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Decoded version of the currently effective policy. 1395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) PolicyMap policy_map_; 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Currently effective policy. 1425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<enterprise_management::PolicyData> policy_; 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Latest status code. 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Status status_; 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Latest validation status. 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CloudPolicyValidatorBase::Status validation_status_; 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 150a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) // The invalidation version of the last policy stored. 151a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) int64 invalidation_version_; 152a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Whether the store has completed asynchronous initialization, which is 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // triggered by calling Load(). 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_initialized_; 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ObserverList<Observer, true> observers_; 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(CloudPolicyStore); 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace policy 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 165a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_CLOUD_POLICY_STORE_H_ 166