• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
7 
8 #include "base/basictypes.h"
9 #include "base/callback.h"
10 #include "base/memory/ref_counted.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h"
13 #include "chrome/browser/chromeos/settings/device_settings_service.h"
14 
15 namespace enterprise_management {
16 class ChromeDeviceSettingsProto;
17 class PolicyData;
18 class PolicyFetchResponse;
19 }
20 
21 namespace chromeos {
22 
23 class OwnerKeyUtil;
24 class SessionManagerClient;
25 
26 // Handles a single transaction with session manager. This is a virtual base
27 // class that contains common infrastructure for key and policy loading. There
28 // are subclasses for loading, storing and signing policy blobs.
29 class SessionManagerOperation {
30  public:
31   typedef base::Callback<void(SessionManagerOperation*,
32                               DeviceSettingsService::Status)> Callback;
33 
34   // Creates a new load operation.
35   explicit SessionManagerOperation(const Callback& callback);
36   virtual ~SessionManagerOperation();
37 
38   // Starts the operation.
39   void Start(SessionManagerClient* session_manager_client,
40              scoped_refptr<OwnerKeyUtil> owner_key_util,
41              scoped_refptr<OwnerKey> owner_key);
42 
43   // Restarts a load operation (if that part is already in progress).
44   void RestartLoad(bool key_changed);
45 
46   // Accessors for recovering the loaded policy data after completion.
policy_data()47   scoped_ptr<enterprise_management::PolicyData>& policy_data() {
48     return policy_data_;
49   }
50   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto>&
device_settings()51       device_settings() {
52     return device_settings_;
53   }
54 
55   // Owner key as configured/loaded from disk.
owner_key()56   scoped_refptr<OwnerKey> owner_key() {
57     return owner_key_;
58   }
59 
60   // Whether the load operation is underway.
is_loading()61   bool is_loading() const {
62     return is_loading_;
63   }
64 
set_force_key_load(bool force_key_load)65   void set_force_key_load(bool force_key_load) {
66     force_key_load_ = force_key_load;
67   }
68 
69  protected:
70   // Runs the operation. The result is reported through |callback_|.
71   virtual void Run() = 0;
72 
73   // Ensures the owner key is loaded.
74   void EnsureOwnerKey(const base::Closure& callback);
75 
76   // Starts a load operation.
77   void StartLoading();
78 
79   // Reports the result status of the operation. Once this gets called, the
80   // operation should not perform further processing or trigger callbacks.
81   void ReportResult(DeviceSettingsService::Status status);
82 
session_manager_client()83   SessionManagerClient* session_manager_client() {
84     return session_manager_client_;
85   }
86 
87  private:
88   // Loads the owner key from disk. Must be run on a thread that can do I/O.
89   static scoped_refptr<OwnerKey> LoadOwnerKey(
90       scoped_refptr<OwnerKeyUtil> util,
91       scoped_refptr<OwnerKey> current_key);
92 
93   // Stores the owner key loaded by LoadOwnerKey and calls |callback|.
94   void StoreOwnerKey(const base::Closure& callback,
95                      scoped_refptr<OwnerKey> new_key);
96 
97   // Triggers a device settings load.
98   void RetrieveDeviceSettings();
99 
100   // Validates device settings after retrieval from session_manager.
101   void ValidateDeviceSettings(const std::string& policy_blob);
102 
103   // Extracts status and device settings from the validator and reports them.
104   void ReportValidatorStatus(policy::DeviceCloudPolicyValidator* validator);
105 
106   SessionManagerClient* session_manager_client_;
107   scoped_refptr<OwnerKeyUtil> owner_key_util_;
108 
109   base::WeakPtrFactory<SessionManagerOperation> weak_factory_;
110 
111   Callback callback_;
112 
113   scoped_refptr<OwnerKey> owner_key_;
114   bool force_key_load_;
115 
116   bool is_loading_;
117   scoped_ptr<enterprise_management::PolicyData> policy_data_;
118   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_;
119 
120   DISALLOW_COPY_AND_ASSIGN(SessionManagerOperation);
121 };
122 
123 // This operation loads the public owner key from disk if appropriate, fetches
124 // the policy blob from session manager, and validates the loaded policy blob.
125 class LoadSettingsOperation : public SessionManagerOperation {
126  public:
127   // Creates a new load operation.
128   explicit LoadSettingsOperation(const Callback& callback);
129   virtual ~LoadSettingsOperation();
130 
131  protected:
132   // SessionManagerOperation:
133   virtual void Run() OVERRIDE;
134 
135  private:
136   DISALLOW_COPY_AND_ASSIGN(LoadSettingsOperation);
137 };
138 
139 // Stores a pre-generated policy blob and reloads the device settings from
140 // session_manager.
141 class StoreSettingsOperation : public SessionManagerOperation {
142  public:
143   // Creates a new store operation.
144   StoreSettingsOperation(
145       const Callback& callback,
146       scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
147   virtual ~StoreSettingsOperation();
148 
149  protected:
150   // SessionManagerOperation:
151   virtual void Run() OVERRIDE;
152 
153  private:
154   // Handles the result of the store operation and triggers the load.
155   void HandleStoreResult(bool success);
156 
157   scoped_ptr<enterprise_management::PolicyFetchResponse> policy_;
158 
159   base::WeakPtrFactory<StoreSettingsOperation> weak_factory_;
160 
161   DISALLOW_COPY_AND_ASSIGN(StoreSettingsOperation);
162 };
163 
164 // Signs device settings and stores the resulting blob to session_manager.
165 class SignAndStoreSettingsOperation : public SessionManagerOperation {
166  public:
167   // Creates a new sign-and-store operation.
168   SignAndStoreSettingsOperation(
169       const Callback& callback,
170       scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings,
171       const std::string& username);
172   virtual ~SignAndStoreSettingsOperation();
173 
174   // SessionManagerOperation:
175   virtual void Run() OVERRIDE;
176 
177  private:
178   // Given an owner key, starts the signing operation.
179   void StartSigning();
180 
181   // Builds the policy blob and signs it using the owner key.
182   static std::string AssembleAndSignPolicy(
183       scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> settings,
184       const std::string& username,
185       scoped_refptr<OwnerKey> owner_key);
186 
187   // Stores the signed device settings blob.
188   void StoreDeviceSettingsBlob(std::string device_settings_blob);
189 
190   // Handles the result of the store operation and triggers the load.
191   void HandleStoreResult(bool success);
192 
193   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> new_settings_;
194   std::string username_;
195 
196   base::WeakPtrFactory<SignAndStoreSettingsOperation> weak_factory_;
197 
198   DISALLOW_COPY_AND_ASSIGN(SignAndStoreSettingsOperation);
199 };
200 
201 }  // namespace
202 
203 #endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
204