Home | History | Annotate | Download | only in policy 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_POLICY_MANAGED_MODE_POLICY_PROVIDER_H_
      6 #define CHROME_BROWSER_POLICY_MANAGED_MODE_POLICY_PROVIDER_H_
      7 
      8 #include "base/memory/ref_counted.h"
      9 #include "base/prefs/pref_store.h"
     10 #include "chrome/browser/policy/configuration_policy_provider.h"
     11 #include "sync/api/sync_error_factory.h"
     12 #include "sync/api/syncable_service.h"
     13 
     14 class PersistentPrefStore;
     15 class Profile;
     16 
     17 namespace base {
     18 class SequencedTaskRunner;
     19 }
     20 
     21 namespace policy {
     22 
     23 // This class syncs managed user settings from a server, which are mapped to
     24 // policies. The downloaded settings are persisted in a PrefStore.
     25 // Settings are key-value pairs. The key uniquely identifies the setting, and
     26 // in most cases corresponds to a policy key. The value is a string containing
     27 // a JSON serialization of an arbitrary value, which is the value of the policy.
     28 //
     29 // There are two kinds of settings handled by this class: Atomic and split
     30 // settings.
     31 // Atomic settings consist of a single key (that corresponds to a policy name)
     32 // and a single (arbitrary) value.
     33 // Split settings encode a dictionary value and are stored as multiple Sync
     34 // items, one for each dictionary entry. The key for each of these Sync items
     35 // is the key of the split setting, followed by a separator (':') and the key
     36 // for the dictionary entry. The value of the Sync item is the value of the
     37 // dictionary entry.
     38 //
     39 // As an example, a split setting with key "Moose" and value
     40 //   {
     41 //     "foo": "bar",
     42 //     "baz": "blurp"
     43 //   }
     44 // would be encoded as two sync items, one with key "Moose:foo" and value "bar",
     45 // and one with key "Moose:baz" and value "blurp".
     46 //
     47 // TODO(bauerb): This should be split up into a SyncableService and a
     48 // ConfigurationPolicyProvider.
     49 class ManagedModePolicyProvider
     50     : public ConfigurationPolicyProvider,
     51       public PrefStore::Observer,
     52       public syncer::SyncableService {
     53  public:
     54   // Creates a new ManagedModePolicyProvider that caches its policies in a JSON
     55   // file inside the profile folder. |sequenced_task_runner| ensures that all
     56   // file I/O operations are executed in the order that does not collide
     57   // with Profile's file operations. If |force_immediate_policy_load| is true,
     58   // then the underlying policies are loaded immediately before this call
     59   // returns, otherwise they will be loaded asynchronously in the background.
     60   static scoped_ptr<ManagedModePolicyProvider> Create(
     61       Profile* profile,
     62       base::SequencedTaskRunner* sequenced_task_runner,
     63       bool force_immediate_policy_load);
     64 
     65   // Use this constructor to inject a different PrefStore (e.g. for testing).
     66   explicit ManagedModePolicyProvider(PersistentPrefStore* store);
     67   virtual ~ManagedModePolicyProvider();
     68 
     69   // Sets all local policies, i.e. policies that will not be configured via
     70   // the server.
     71   void InitLocalPolicies();
     72 
     73   // Clears all managed user settings and items.
     74   void Clear();
     75 
     76   // Constructs a key for a split managed user setting from a prefix and a
     77   // variable key.
     78   static std::string MakeSplitSettingKey(const std::string& prefix,
     79                                          const std::string& key);
     80 
     81   // Uploads an item to the Sync server. Items are the same data structure as
     82   // managed user settings (i.e. key-value pairs, as described at the top of
     83   // the file), but they are only uploaded (whereas managed user settings are
     84   // only downloaded), and never passed to the policy system.
     85   // An example of an uploaded item is an access request to a blocked URL.
     86   void UploadItem(const std::string& key, scoped_ptr<Value> value);
     87 
     88   // Sets the policy with the given |key| to a copy of the given |value|.
     89   // Note that policies are updated asynchronously, so the policy won't take
     90   // effect immediately after this method.
     91   void SetLocalPolicyForTesting(const std::string& key,
     92                                 scoped_ptr<base::Value> value);
     93 
     94   // Public for testing.
     95   static syncer::SyncData CreateSyncDataForPolicy(const std::string& name,
     96                                                   const Value* value);
     97 
     98   // ConfigurationPolicyProvider implementation:
     99   virtual void Shutdown() OVERRIDE;
    100   virtual void RefreshPolicies() OVERRIDE;
    101   virtual bool IsInitializationComplete(PolicyDomain domain) const OVERRIDE;
    102 
    103   // PrefStore::Observer implementation:
    104   virtual void OnPrefValueChanged(const std::string& key) OVERRIDE;
    105   virtual void OnInitializationCompleted(bool success) OVERRIDE;
    106 
    107   // SyncableService implementation:
    108   virtual syncer::SyncMergeResult MergeDataAndStartSyncing(
    109       syncer::ModelType type,
    110       const syncer::SyncDataList& initial_sync_data,
    111       scoped_ptr<syncer::SyncChangeProcessor> sync_processor,
    112       scoped_ptr<syncer::SyncErrorFactory> error_handler) OVERRIDE;
    113   virtual void StopSyncing(syncer::ModelType type) OVERRIDE;
    114   virtual syncer::SyncDataList GetAllSyncData(
    115       syncer::ModelType type) const OVERRIDE;
    116   virtual syncer::SyncError ProcessSyncChanges(
    117       const tracked_objects::Location& from_here,
    118       const syncer::SyncChangeList& change_list) OVERRIDE;
    119 
    120  private:
    121   base::DictionaryValue* GetOrCreateDictionary(const std::string& key) const;
    122   base::DictionaryValue* GetAtomicSettings() const;
    123   base::DictionaryValue* GetSplitSettings() const;
    124   base::DictionaryValue* GetQueuedItems() const;
    125 
    126   // Returns the dictionary where a given Sync item should be stored, depending
    127   // on whether the managed user setting is atomic or split. In case of a split
    128   // setting, the split setting prefix of |key| is removed, so that |key| can
    129   // be used to update the returned dictionary.
    130   DictionaryValue* GetDictionaryAndSplitKey(std::string* key) const;
    131   void UpdatePolicyFromCache();
    132 
    133   // Used for persisting policies. Unlike other PrefStores, this one is not
    134   // hooked up to the PrefService.
    135   scoped_refptr<PersistentPrefStore> store_;
    136 
    137   // A set of local policies that are fixed and not configured remotely.
    138   scoped_ptr<base::DictionaryValue> local_policies_;
    139 
    140   scoped_ptr<syncer::SyncChangeProcessor> sync_processor_;
    141   scoped_ptr<syncer::SyncErrorFactory> error_handler_;
    142 };
    143 
    144 }  // namespace policy
    145 
    146 #endif  // CHROME_BROWSER_POLICY_MANAGED_MODE_POLICY_PROVIDER_H_
    147