• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
6 #define REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
7 
8 #include "base/callback.h"
9 #include "base/memory/weak_ptr.h"
10 #include "base/values.h"
11 
12 namespace base {
13 class SingleThreadTaskRunner;
14 class TimeDelta;
15 class WaitableEvent;
16 }  // namespace base
17 
18 namespace remoting {
19 namespace policy_hack {
20 
21 // Watches for changes to the managed remote access host policies.
22 // If StartWatching() has been called, then before this object can be deleted,
23 // StopWatching() have completed (the provided |done| event must be signaled).
24 class PolicyWatcher {
25  public:
26   // Called first with all policies, and subsequently with any changed policies.
27   typedef base::Callback<void(scoped_ptr<base::DictionaryValue>)>
28       PolicyCallback;
29 
30   explicit PolicyWatcher(
31       scoped_refptr<base::SingleThreadTaskRunner> task_runner);
32   virtual ~PolicyWatcher();
33 
34   // This guarantees that the |policy_callback| is called at least once with
35   // the current policies.  After that, |policy_callback| will be called
36   // whenever a change to any policy is detected. It will then be called only
37   // with the changed policies.
38   virtual void StartWatching(const PolicyCallback& policy_callback);
39 
40   // Should be called after StartWatching() before the object is deleted. Calls
41   // just wait for |done| to be signaled before deleting the object.
42   virtual void StopWatching(base::WaitableEvent* done);
43 
44   // Implemented by each platform.  This message loop should be an IO message
45   // loop.
46   static PolicyWatcher* Create(
47       scoped_refptr<base::SingleThreadTaskRunner> task_runner);
48 
49   // The name of the NAT traversal policy.
50   static const char kNatPolicyName[];
51 
52   // The name of the policy for requiring 2-factor authentication.
53   static const char kHostRequireTwoFactorPolicyName[];
54 
55   // The name of the host domain policy.
56   static const char kHostDomainPolicyName[];
57 
58   // The name of the username policy. This policy is ignored on Windows.
59   // This policy is currently considered 'internal only' and so is not
60   // documented in policy_templates.json.
61   static const char kHostMatchUsernamePolicyName[];
62 
63   // The name of the policy that controls the host talkgadget prefix.
64   static const char kHostTalkGadgetPrefixPolicyName[];
65 
66   // The name of the policy for requiring curtain-mode.
67   static const char kHostRequireCurtainPolicyName[];
68 
69   // The names of the policies for token authentication URLs.
70   static const char kHostTokenUrlPolicyName[];
71   static const char kHostTokenValidationUrlPolicyName[];
72   static const char kHostTokenValidationCertIssuerPolicyName[];
73 
74   // The name of the policy for disabling PIN-less authentication.
75   static const char kHostAllowClientPairing[];
76 
77   // The name of the policy for disabling gnubbyd forwarding.
78   static const char kHostAllowGnubbyAuthPolicyName[];
79 
80   // The name of the policy for allowing use of relay servers.
81   static const char kRelayPolicyName[];
82 
83   // The name of the policy that restricts the range of host UDP ports.
84   static const char kUdpPortRangePolicyName[];
85 
86   // The name of the policy for overriding policies, for use in testing.
87   static const char kHostDebugOverridePoliciesName[];
88 
89  protected:
90   virtual void StartWatchingInternal() = 0;
91   virtual void StopWatchingInternal() = 0;
92   virtual void Reload() = 0;
93 
94   // Used to check if the class is on the right thread.
95   bool OnPolicyWatcherThread() const;
96 
97   // Takes the policy dictionary from the OS specific store and extracts the
98   // relevant policies.
99   void UpdatePolicies(const base::DictionaryValue* new_policy);
100 
101   // Used for time-based reloads in case something goes wrong with the
102   // notification system.
103   void ScheduleFallbackReloadTask();
104   void ScheduleReloadTask(const base::TimeDelta& delay);
105 
106   // Returns a DictionaryValue containing the default values for each policy.
107   const base::DictionaryValue& Defaults() const;
108 
109  private:
110   scoped_refptr<base::SingleThreadTaskRunner> task_runner_;
111 
112   PolicyCallback policy_callback_;
113 
114   scoped_ptr<base::DictionaryValue> old_policies_;
115   scoped_ptr<base::DictionaryValue> default_values_;
116   scoped_ptr<base::DictionaryValue> bad_type_values_;
117 
118   // Allows us to cancel any inflight FileWatcher events or scheduled reloads.
119   base::WeakPtrFactory<PolicyWatcher> weak_factory_;
120 };
121 
122 }  // namespace policy_hack
123 }  // namespace remoting
124 
125 #endif  // REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
126