12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2013 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 5a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#ifndef COMPONENTS_POLICY_CORE_COMMON_CLOUD_COMPONENT_CLOUD_POLICY_STORE_H_ 6a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#define COMPONENTS_POLICY_CORE_COMMON_CLOUD_COMPONENT_CLOUD_POLICY_STORE_H_ 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <map> 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <string> 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/basictypes.h" 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/threading/non_thread_safe.h" 14a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/cloud/resource_cache.h" 15f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/policy_bundle.h" 161e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles)#include "components/policy/core/common/policy_namespace.h" 17a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/policy_export.h" 182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace enterprise_management { 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class ExternalPolicyData; 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class PolicyData; 222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class PolicyFetchResponse; 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace policy { 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Validates protobufs for external policy data, validates the data itself, and 282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// caches both locally. 29a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)class POLICY_EXPORT ComponentCloudPolicyStore : public base::NonThreadSafe { 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 31a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) class POLICY_EXPORT Delegate { 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~Delegate(); 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Invoked whenever the policies served by policy() have changed, except 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // for the initial Load(). 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnComponentCloudPolicyStoreUpdated() = 0; 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Both the |delegate| and the |cache| must outlive this object. 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ComponentCloudPolicyStore(Delegate* delegate, 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ResourceCache* cache); 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ~ComponentCloudPolicyStore(); 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Helper that returns true for PolicyDomains that can be managed by this 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // store. 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) static bool SupportsDomain(PolicyDomain domain); 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns true if |domain| can be managed by this store; in that case, the 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // dm_protocol policy type that corresponds to |domain| is stored in 512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // |policy_type|. Otherwise returns false. 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) static bool GetPolicyType(PolicyDomain domain, std::string* policy_type); 532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns true if |policy_type| corresponds to a policy domain that can be 552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // managed by this store; in that case, the domain constants is assigned to 562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // |domain|. Otherwise returns false. 572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) static bool GetPolicyDomain(const std::string& policy_type, 582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) PolicyDomain* domain); 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The current list of policies. 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const PolicyBundle& policy() const { return policy_bundle_; } 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The cached hash for namespace |ns|, or the empty string if |ns| is not 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // cached. 652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& GetCachedHash(const PolicyNamespace& ns) const; 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // |username| and |dm_token| are used to validate the cached data, and data 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // stored later. 692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // All ValidatePolicy() requests without credentials fail. 702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void SetCredentials(const std::string& username, 712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& dm_token); 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Loads and validates all the currently cached protobufs and policy data. 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // This is performed synchronously, and policy() will return the cached 752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // policies after this call. 762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void Load(); 772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Stores the protobuf and |data| for namespace |ns|. The protobuf is passed 792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // serialized in |serialized_policy_proto|, and must have been validated 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // before. 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The |data| is validated during this call, and its secure hash must match 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // |secure_hash|. 832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns false if |data| failed validation, otherwise returns true and the 842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // data was stored in the cache. 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool Store(const PolicyNamespace& ns, 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& serialized_policy_proto, 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& secure_hash, 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& data); 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Deletes the storage of namespace |ns| and stops serving its policies. 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void Delete(const PolicyNamespace& ns); 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 93f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Deletes the storage of all components of |domain| that pass then given 94f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // |filter|, and stops serving their policies. 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void Purge(PolicyDomain domain, 96f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const ResourceCache::SubkeyFilter& filter); 97f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 98f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Deletes the storage of every component. 99f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) void Clear(); 1002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Validates |proto| and returns the corresponding policy namespace in |ns|, 1022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // and the parsed ExternalPolicyData in |payload|. 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // If |proto| validates successfully then its |payload| can be trusted, and 1042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // the data referenced there can be downloaded. A |proto| must be validated 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // before attempting to download the data, and before storing both. 1062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool ValidatePolicy( 1072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<enterprise_management::PolicyFetchResponse> proto, 1082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) PolicyNamespace* ns, 1092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) enterprise_management::ExternalPolicyData* payload); 1102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 1122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Helper for ValidatePolicy(), that's also used to validate protobufs 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // loaded from the disk cache. 1142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool ValidateProto( 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<enterprise_management::PolicyFetchResponse> proto, 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& policy_type, 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& settings_entity_id, 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) enterprise_management::ExternalPolicyData* payload, 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) enterprise_management::PolicyData* policy_data); 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Validates the JSON policy serialized in |data|, and verifies its hash 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // with |secure_hash|. Returns true on success, and in that case stores the 1232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // parsed policies in |policy|. 1242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool ValidateData(const std::string& data, 1252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::string& secure_hash, 1262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) PolicyMap* policy); 1272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Parses the JSON policy in |data| into |policy|, and returns true if the 1292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // parse was successful. 1302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool ParsePolicy(const std::string& data, PolicyMap* policy); 1312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Delegate* delegate_; 1332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ResourceCache* cache_; 1342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string username_; 1352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string dm_token_; 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) PolicyBundle policy_bundle_; 1382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::map<PolicyNamespace, std::string> cached_hashes_; 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(ComponentCloudPolicyStore); 1412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 1422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} // namespace policy 1442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 145a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#endif // COMPONENTS_POLICY_CORE_COMMON_CLOUD_COMPONENT_CLOUD_POLICY_STORE_H_ 146