Home | History | Annotate | Download | only in policy 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_
      6 #define CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_
      7 
      8 #include <bitset>
      9 #include <string>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/callback.h"
     13 #include "base/compiler_specific.h"
     14 #include "base/memory/scoped_ptr.h"
     15 #include "chrome/browser/chromeos/policy/enrollment_status_chromeos.h"
     16 #include "chrome/browser/policy/cloud/cloud_policy_client.h"
     17 #include "chrome/browser/policy/cloud/cloud_policy_manager.h"
     18 #include "chrome/browser/policy/cloud/cloud_policy_store.h"
     19 
     20 namespace chromeos {
     21 namespace attestation {
     22 class AttestationPolicyObserver;
     23 }
     24 }
     25 
     26 class PrefRegistrySimple;
     27 class PrefService;
     28 
     29 namespace policy {
     30 
     31 class DeviceCloudPolicyStoreChromeOS;
     32 class DeviceManagementService;
     33 class EnrollmentHandlerChromeOS;
     34 class EnterpriseInstallAttributes;
     35 
     36 // CloudPolicyManager specialization for device policy on Chrome OS. The most
     37 // significant addition is support for device enrollment.
     38 class DeviceCloudPolicyManagerChromeOS : public CloudPolicyManager {
     39  public:
     40   typedef std::bitset<32> AllowedDeviceModes;
     41   typedef base::Callback<void(EnrollmentStatus)> EnrollmentCallback;
     42 
     43   DeviceCloudPolicyManagerChromeOS(
     44       scoped_ptr<DeviceCloudPolicyStoreChromeOS> store,
     45       EnterpriseInstallAttributes* install_attributes);
     46   virtual ~DeviceCloudPolicyManagerChromeOS();
     47 
     48   // Establishes the connection to the cloud, updating policy as necessary.
     49   void Connect(
     50       PrefService* local_state,
     51       DeviceManagementService* device_management_service,
     52       scoped_ptr<CloudPolicyClient::StatusProvider> device_status_provider);
     53 
     54   // Starts enrollment or re-enrollment. Once the enrollment process completes,
     55   // |callback| is invoked and gets passed the status of the operation.
     56   // |allowed_modes| specifies acceptable DEVICE_MODE_* constants for
     57   // enrollment.
     58   void StartEnrollment(const std::string& auth_token,
     59                        bool is_auto_enrollment,
     60                        const AllowedDeviceModes& allowed_modes,
     61                        const EnrollmentCallback& callback);
     62 
     63   // Cancels a pending enrollment operation, if any.
     64   void CancelEnrollment();
     65 
     66   // Gets/Sets the device requisition.
     67   std::string GetDeviceRequisition() const;
     68   void SetDeviceRequisition(const std::string& requisition);
     69 
     70   // Checks whether enterprise enrollment should be a regular step during OOBE.
     71   bool ShouldAutoStartEnrollment() const;
     72 
     73   // Checks whether the user can cancel enrollment.
     74   bool CanExitEnrollment() const;
     75 
     76   // CloudPolicyManager:
     77   virtual void Shutdown() OVERRIDE;
     78 
     79   // CloudPolicyStore::Observer:
     80   virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE;
     81 
     82   // Pref registration helper.
     83   static void RegisterPrefs(PrefRegistrySimple* registry);
     84 
     85   // Returns the device serial number, or an empty string if not available.
     86   static std::string GetMachineID();
     87 
     88   // Returns the machine model, or an empty string if not available.
     89   static std::string GetMachineModel();
     90 
     91   // Returns the robot 'email address' associated with the device robot
     92   // account (sometimes called a service account) associated with this device
     93   // during enterprise enrollment.
     94   std::string GetRobotAccountId();
     95 
     96  private:
     97   // Creates a new CloudPolicyClient.
     98   scoped_ptr<CloudPolicyClient> CreateClient();
     99 
    100   // Starts policy refreshes if |store_| indicates a managed device and the
    101   // necessary dependencies have been provided via Initialize().
    102   void StartIfManaged();
    103 
    104   // Handles completion signaled by |enrollment_handler_|.
    105   void EnrollmentCompleted(const EnrollmentCallback& callback,
    106                            EnrollmentStatus status);
    107 
    108   // Points to the same object as the base CloudPolicyManager::store(), but with
    109   // actual device policy specific type.
    110   scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_store_;
    111   EnterpriseInstallAttributes* install_attributes_;
    112 
    113   DeviceManagementService* device_management_service_;
    114   scoped_ptr<CloudPolicyClient::StatusProvider> device_status_provider_;
    115 
    116   // PrefService instance to read the policy refresh rate from.
    117   PrefService* local_state_;
    118 
    119   // Non-null if there is an enrollment operation pending.
    120   scoped_ptr<EnrollmentHandlerChromeOS> enrollment_handler_;
    121 
    122   scoped_ptr<chromeos::attestation::AttestationPolicyObserver>
    123       attestation_policy_observer_;
    124 
    125   DISALLOW_COPY_AND_ASSIGN(DeviceCloudPolicyManagerChromeOS);
    126 };
    127 
    128 }  // namespace policy
    129 
    130 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_CLOUD_POLICY_MANAGER_CHROMEOS_H_
    131