1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_ 6 #define CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_ 7 8 #include <bitset> 9 #include <string> 10 11 #include "base/basictypes.h" 12 #include "base/callback.h" 13 #include "base/compiler_specific.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h" 16 #include "chrome/browser/policy/cloud/cloud_policy_client.h" 17 #include "chrome/browser/policy/cloud/cloud_policy_manager.h" 18 #include "chrome/browser/policy/cloud/cloud_policy_store.h" 19 20 namespace chromeos { 21 namespace attestation { 22 class AttestationPolicyObserver; 23 } 24 } 25 26 class PrefRegistrySimple; 27 class PrefService; 28 29 namespace policy { 30 31 class DeviceCloudPolicyStoreChromeOS; 32 class DeviceManagementService; 33 class EnrollmentHandlerChromeOS; 34 class EnterpriseInstallAttributes; 35 36 // CloudPolicyManager specialization for device policy on Chrome OS. The most 37 // significant addition is support for device enrollment. 38 class DeviceCloudPolicyManagerChromeOS : public CloudPolicyManager { 39 public: 40 typedef std::bitset<32> AllowedDeviceModes; 41 typedef base::Callback<void(EnrollmentStatus)> EnrollmentCallback; 42 43 DeviceCloudPolicyManagerChromeOS( 44 scoped_ptr<DeviceCloudPolicyStoreChromeOS> store, 45 EnterpriseInstallAttributes* install_attributes); 46 virtual ~DeviceCloudPolicyManagerChromeOS(); 47 48 // Establishes the connection to the cloud, updating policy as necessary. 49 void Connect( 50 PrefService* local_state, 51 DeviceManagementService* device_management_service, 52 scoped_ptr<CloudPolicyClient::StatusProvider> device_status_provider); 53 54 // Starts enrollment or re-enrollment. Once the enrollment process completes, 55 // |callback| is invoked and gets passed the status of the operation. 56 // |allowed_modes| specifies acceptable DEVICE_MODE_* constants for 57 // enrollment. 58 void StartEnrollment(const std::string& auth_token, 59 bool is_auto_enrollment, 60 const AllowedDeviceModes& allowed_modes, 61 const EnrollmentCallback& callback); 62 63 // Cancels a pending enrollment operation, if any. 64 void CancelEnrollment(); 65 66 // Gets/Sets the device requisition. 67 std::string GetDeviceRequisition() const; 68 void SetDeviceRequisition(const std::string& requisition); 69 70 // Checks whether enterprise enrollment should be a regular step during OOBE. 71 bool ShouldAutoStartEnrollment() const; 72 73 // Checks whether the user can cancel enrollment. 74 bool CanExitEnrollment() const; 75 76 // CloudPolicyManager: 77 virtual void Shutdown() OVERRIDE; 78 79 // CloudPolicyStore::Observer: 80 virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE; 81 82 // Pref registration helper. 83 static void RegisterPrefs(PrefRegistrySimple* registry); 84 85 // Returns the device serial number, or an empty string if not available. 86 static std::string GetMachineID(); 87 88 // Returns the machine model, or an empty string if not available. 89 static std::string GetMachineModel(); 90 91 // Returns the robot 'email address' associated with the device robot 92 // account (sometimes called a service account) associated with this device 93 // during enterprise enrollment. 94 std::string GetRobotAccountId(); 95 96 private: 97 // Creates a new CloudPolicyClient. 98 scoped_ptr<CloudPolicyClient> CreateClient(); 99 100 // Starts policy refreshes if |store_| indicates a managed device and the 101 // necessary dependencies have been provided via Initialize(). 102 void StartIfManaged(); 103 104 // Handles completion signaled by |enrollment_handler_|. 105 void EnrollmentCompleted(const EnrollmentCallback& callback, 106 EnrollmentStatus status); 107 108 // Points to the same object as the base CloudPolicyManager::store(), but with 109 // actual device policy specific type. 110 scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_store_; 111 EnterpriseInstallAttributes* install_attributes_; 112 113 DeviceManagementService* device_management_service_; 114 scoped_ptr<CloudPolicyClient::StatusProvider> device_status_provider_; 115 116 // PrefService instance to read the policy refresh rate from. 117 PrefService* local_state_; 118 119 // Non-null if there is an enrollment operation pending. 120 scoped_ptr<EnrollmentHandlerChromeOS> enrollment_handler_; 121 122 scoped_ptr<chromeos::attestation::AttestationPolicyObserver> 123 attestation_policy_observer_; 124 125 DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOS); 126 }; 127 128 } // namespace policy 129 130 #endif // CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_ 131