1 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef LIBBRILLO_POLICY_DEVICE_POLICY_H_ 6 #define LIBBRILLO_POLICY_DEVICE_POLICY_H_ 7 8 #include <stdint.h> 9 10 #include <set> 11 #include <string> 12 #include <vector> 13 14 #include <base/macros.h> 15 16 #pragma GCC visibility push(default) 17 18 namespace policy { 19 20 // This class holds device settings that are to be enforced across all users. 21 // It is also responsible for loading the policy blob from disk and verifying 22 // the signature against the owner's key. 23 // 24 // This class defines the interface for querying device policy on ChromeOS. 25 // The implementation is hidden in DevicePolicyImpl to prevent protobuf 26 // definition from leaking into the libraries using this interface. 27 class DevicePolicy { 28 public: 29 DevicePolicy(); 30 virtual ~DevicePolicy(); 31 32 // Load the signed policy off of disk into |policy_|. 33 // Returns true unless there is a policy on disk and loading it fails. 34 virtual bool LoadPolicy() = 0; 35 36 // Writes the value of the DevicePolicyRefreshRate policy in |rate|. Returns 37 // true on success. 38 virtual bool GetPolicyRefreshRate(int* rate) const = 0; 39 40 // Writes the value of the UserWhitelist policy in |user_whitelist|. Returns 41 // true on success. 42 virtual bool GetUserWhitelist( 43 std::vector<std::string>* user_whitelist) const = 0; 44 45 // Writes the value of the GuestModeEnabled policy in |guest_mode_enabled|. 46 // Returns true on success. 47 virtual bool GetGuestModeEnabled(bool* guest_mode_enabled) const = 0; 48 49 // Writes the value of the CameraEnabled policy in |camera_enabled|. Returns 50 // true on success. 51 virtual bool GetCameraEnabled(bool* camera_enabled) const = 0; 52 53 // Writes the value of the ShowUserNamesOnSignIn policy in |show_user_names|. 54 // Returns true on success. 55 virtual bool GetShowUserNames(bool* show_user_names) const = 0; 56 57 // Writes the value of the DataRoamingEnabled policy in |data_roaming_enabled| 58 // Returns true on success. 59 virtual bool GetDataRoamingEnabled(bool* data_roaming_enabled) const = 0; 60 61 // Writes the value of the AllowNewUsers policy in |allow_new_users|. Returns 62 // true on success. 63 virtual bool GetAllowNewUsers(bool* allow_new_users) const = 0; 64 65 // Writes the value of MetricEnabled policy in |metrics_enabled|. Returns true 66 // on success. 67 virtual bool GetMetricsEnabled(bool* metrics_enabled) const = 0; 68 69 // Writes the value of ReportVersionInfo policy in |report_version_info|. 70 // Returns true on success. 71 virtual bool GetReportVersionInfo(bool* report_version_info) const = 0; 72 73 // Writes the value of ReportActivityTimes policy in |report_activity_times|. 74 // Returns true on success. 75 virtual bool GetReportActivityTimes(bool* report_activity_times) const = 0; 76 77 // Writes the value of ReportBootMode policy in |report_boot_mode|. Returns 78 // true on success. 79 virtual bool GetReportBootMode(bool* report_boot_mode) const = 0; 80 81 // Writes the value of the EphemeralUsersEnabled policy in 82 // |ephemeral_users_enabled|. Returns true on success. 83 virtual bool GetEphemeralUsersEnabled( 84 bool* ephemeral_users_enabled) const = 0; 85 86 // Writes the value of the release channel policy in |release_channel|. 87 // Returns true on success. 88 virtual bool GetReleaseChannel(std::string* release_channel) const = 0; 89 90 // Writes the value of the release_channel_delegated policy in 91 // |release_channel_delegated|. Returns true on success. 92 virtual bool GetReleaseChannelDelegated( 93 bool* release_channel_delegated) const = 0; 94 95 // Writes the value of the update_disabled policy in |update_disabled|. 96 // Returns true on success. 97 virtual bool GetUpdateDisabled(bool* update_disabled) const = 0; 98 99 // Writes the value of the target_version_prefix policy in 100 // |target_version_prefix|. Returns true on success. 101 virtual bool GetTargetVersionPrefix( 102 std::string* target_version_prefix) const = 0; 103 104 // Writes the value of the scatter_factor_in_seconds policy in 105 // |scatter_factor_in_seconds|. Returns true on success. 106 virtual bool GetScatterFactorInSeconds( 107 int64_t* scatter_factor_in_seconds) const = 0; 108 109 // Writes the connection types on which updates are allowed to 110 // |connection_types|. The identifiers returned are intended to be consistent 111 // with what the connection manager users: ethernet, wifi, wimax, bluetooth, 112 // cellular. 113 virtual bool GetAllowedConnectionTypesForUpdate( 114 std::set<std::string>* connection_types) const = 0; 115 116 // Writes the value of the OpenNetworkConfiguration policy in 117 // |open_network_configuration|. Returns true on success. 118 virtual bool GetOpenNetworkConfiguration( 119 std::string* open_network_configuration) const = 0; 120 121 // Writes the name of the device owner in |owner|. For enterprise enrolled 122 // devices, this will be an empty string. 123 // Returns true on success. 124 virtual bool GetOwner(std::string* owner) const = 0; 125 126 // Write the value of http_downloads_enabled policy in 127 // |http_downloads_enabled|. Returns true on success. 128 virtual bool GetHttpDownloadsEnabled(bool* http_downloads_enabled) const = 0; 129 130 // Writes the value of au_p2p_enabled policy in 131 // |au_p2p_enabled|. Returns true on success. 132 virtual bool GetAuP2PEnabled(bool* au_p2p_enabled) const = 0; 133 134 private: 135 // Verifies that the policy files are owned by root and exist. 136 virtual bool VerifyPolicyFiles() = 0; 137 138 // Verifies that the policy signature is correct. 139 virtual bool VerifyPolicySignature() = 0; 140 141 DISALLOW_COPY_AND_ASSIGN(DevicePolicy); 142 }; 143 } // namespace policy 144 145 #pragma GCC visibility pop 146 147 #endif // LIBBRILLO_POLICY_DEVICE_POLICY_H_ 148