1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_ 6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_ 7 8 #include "base/basictypes.h" 9 #include "base/callback.h" 10 #include "base/memory/ref_counted.h" 11 #include "base/memory/scoped_ptr.h" 12 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h" 13 #include "chrome/browser/chromeos/settings/device_settings_service.h" 14 15 namespace enterprise_management { 16 class ChromeDeviceSettingsProto; 17 class PolicyData; 18 class PolicyFetchResponse; 19 } 20 21 namespace chromeos { 22 23 class OwnerKeyUtil; 24 class SessionManagerClient; 25 26 // Handles a single transaction with session manager. This is a virtual base 27 // class that contains common infrastructure for key and policy loading. There 28 // are subclasses for loading, storing and signing policy blobs. 29 class SessionManagerOperation { 30 public: 31 typedef base::Callback<void(SessionManagerOperation*, 32 DeviceSettingsService::Status)> Callback; 33 34 // Creates a new load operation. 35 explicit SessionManagerOperation(const Callback& callback); 36 virtual ~SessionManagerOperation(); 37 38 // Starts the operation. 39 void Start(SessionManagerClient* session_manager_client, 40 scoped_refptr<OwnerKeyUtil> owner_key_util, 41 scoped_refptr<OwnerKey> owner_key); 42 43 // Restarts a load operation (if that part is already in progress). 44 void RestartLoad(bool key_changed); 45 46 // Accessors for recovering the loaded policy data after completion. policy_data()47 scoped_ptr<enterprise_management::PolicyData>& policy_data() { 48 return policy_data_; 49 } 50 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto>& device_settings()51 device_settings() { 52 return device_settings_; 53 } 54 55 // Owner key as configured/loaded from disk. owner_key()56 scoped_refptr<OwnerKey> owner_key() { 57 return owner_key_; 58 } 59 60 // Whether the load operation is underway. is_loading()61 bool is_loading() const { 62 return is_loading_; 63 } 64 set_force_key_load(bool force_key_load)65 void set_force_key_load(bool force_key_load) { 66 force_key_load_ = force_key_load; 67 } 68 69 protected: 70 // Runs the operation. The result is reported through |callback_|. 71 virtual void Run() = 0; 72 73 // Ensures the owner key is loaded. 74 void EnsureOwnerKey(const base::Closure& callback); 75 76 // Starts a load operation. 77 void StartLoading(); 78 79 // Reports the result status of the operation. Once this gets called, the 80 // operation should not perform further processing or trigger callbacks. 81 void ReportResult(DeviceSettingsService::Status status); 82 session_manager_client()83 SessionManagerClient* session_manager_client() { 84 return session_manager_client_; 85 } 86 87 private: 88 // Loads the owner key from disk. Must be run on a thread that can do I/O. 89 static scoped_refptr<OwnerKey> LoadOwnerKey( 90 scoped_refptr<OwnerKeyUtil> util, 91 scoped_refptr<OwnerKey> current_key); 92 93 // Stores the owner key loaded by LoadOwnerKey and calls |callback|. 94 void StoreOwnerKey(const base::Closure& callback, 95 scoped_refptr<OwnerKey> new_key); 96 97 // Triggers a device settings load. 98 void RetrieveDeviceSettings(); 99 100 // Validates device settings after retrieval from session_manager. 101 void ValidateDeviceSettings(const std::string& policy_blob); 102 103 // Extracts status and device settings from the validator and reports them. 104 void ReportValidatorStatus(policy::DeviceCloudPolicyValidator* validator); 105 106 SessionManagerClient* session_manager_client_; 107 scoped_refptr<OwnerKeyUtil> owner_key_util_; 108 109 base::WeakPtrFactory<SessionManagerOperation> weak_factory_; 110 111 Callback callback_; 112 113 scoped_refptr<OwnerKey> owner_key_; 114 bool force_key_load_; 115 116 bool is_loading_; 117 scoped_ptr<enterprise_management::PolicyData> policy_data_; 118 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_; 119 120 DISALLOW_COPY_AND_ASSIGN(SessionManagerOperation); 121 }; 122 123 // This operation loads the public owner key from disk if appropriate, fetches 124 // the policy blob from session manager, and validates the loaded policy blob. 125 class LoadSettingsOperation : public SessionManagerOperation { 126 public: 127 // Creates a new load operation. 128 explicit LoadSettingsOperation(const Callback& callback); 129 virtual ~LoadSettingsOperation(); 130 131 protected: 132 // SessionManagerOperation: 133 virtual void Run() OVERRIDE; 134 135 private: 136 DISALLOW_COPY_AND_ASSIGN(LoadSettingsOperation); 137 }; 138 139 // Stores a pre-generated policy blob and reloads the device settings from 140 // session_manager. 141 class StoreSettingsOperation : public SessionManagerOperation { 142 public: 143 // Creates a new store operation. 144 StoreSettingsOperation( 145 const Callback& callback, 146 scoped_ptr<enterprise_management::PolicyFetchResponse> policy); 147 virtual ~StoreSettingsOperation(); 148 149 protected: 150 // SessionManagerOperation: 151 virtual void Run() OVERRIDE; 152 153 private: 154 // Handles the result of the store operation and triggers the load. 155 void HandleStoreResult(bool success); 156 157 scoped_ptr<enterprise_management::PolicyFetchResponse> policy_; 158 159 base::WeakPtrFactory<StoreSettingsOperation> weak_factory_; 160 161 DISALLOW_COPY_AND_ASSIGN(StoreSettingsOperation); 162 }; 163 164 // Signs device settings and stores the resulting blob to session_manager. 165 class SignAndStoreSettingsOperation : public SessionManagerOperation { 166 public: 167 // Creates a new sign-and-store operation. 168 SignAndStoreSettingsOperation( 169 const Callback& callback, 170 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings, 171 const std::string& username); 172 virtual ~SignAndStoreSettingsOperation(); 173 174 // SessionManagerOperation: 175 virtual void Run() OVERRIDE; 176 177 private: 178 // Given an owner key, starts the signing operation. 179 void StartSigning(); 180 181 // Builds the policy blob and signs it using the owner key. 182 static std::string AssembleAndSignPolicy( 183 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> settings, 184 const std::string& username, 185 scoped_refptr<OwnerKey> owner_key); 186 187 // Stores the signed device settings blob. 188 void StoreDeviceSettingsBlob(std::string device_settings_blob); 189 190 // Handles the result of the store operation and triggers the load. 191 void HandleStoreResult(bool success); 192 193 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings_; 194 std::string username_; 195 196 base::WeakPtrFactory<SignAndStoreSettingsOperation> weak_factory_; 197 198 DISALLOW_COPY_AND_ASSIGN(SignAndStoreSettingsOperation); 199 }; 200 201 } // namespace 202 203 #endif // CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_ 204