Home | History | Annotate | Download | only in settings
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
      6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
      7 
      8 #include "base/basictypes.h"
      9 #include "base/callback.h"
     10 #include "base/memory/ref_counted.h"
     11 #include "base/memory/scoped_ptr.h"
     12 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h"
     13 #include "chrome/browser/chromeos/settings/device_settings_service.h"
     14 #include "net/cert/x509_util_nss.h"
     15 
     16 namespace enterprise_management {
     17 class ChromeDeviceSettingsProto;
     18 class PolicyData;
     19 class PolicyFetchResponse;
     20 }
     21 
     22 namespace chromeos {
     23 
     24 class OwnerKeyUtil;
     25 class SessionManagerClient;
     26 
     27 // Handles a single transaction with session manager. This is a virtual base
     28 // class that contains common infrastructure for key and policy loading. There
     29 // are subclasses for loading, storing and signing policy blobs.
     30 class SessionManagerOperation {
     31  public:
     32   typedef base::Callback<void(SessionManagerOperation*,
     33                               DeviceSettingsService::Status)> Callback;
     34 
     35   // Creates a new load operation.
     36   explicit SessionManagerOperation(const Callback& callback);
     37   virtual ~SessionManagerOperation();
     38 
     39   // Starts the operation.
     40   void Start(SessionManagerClient* session_manager_client,
     41              scoped_refptr<OwnerKeyUtil> owner_key_util,
     42              scoped_refptr<PublicKey> public_key);
     43 
     44   // Restarts a load operation (if that part is already in progress).
     45   void RestartLoad(bool key_changed);
     46 
     47   // Accessors for recovering the loaded policy data after completion.
     48   scoped_ptr<enterprise_management::PolicyData>& policy_data() {
     49     return policy_data_;
     50   }
     51   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto>&
     52       device_settings() {
     53     return device_settings_;
     54   }
     55 
     56   // Public part of the owner key as configured/loaded from disk.
     57   scoped_refptr<PublicKey> public_key() { return public_key_; }
     58 
     59   // Whether the load operation is underway.
     60   bool is_loading() const { return is_loading_; }
     61 
     62   void set_force_key_load(bool force_key_load) {
     63     force_key_load_ = force_key_load;
     64   }
     65 
     66   void set_username(const std::string& username) { username_ = username; }
     67 
     68   void set_delegate(const base::WeakPtr<
     69       DeviceSettingsService::PrivateKeyDelegate>& delegate) {
     70     delegate_ = delegate;
     71   }
     72 
     73  protected:
     74   // Runs the operation. The result is reported through |callback_|.
     75   virtual void Run() = 0;
     76 
     77   // Ensures the public key is loaded.
     78   void EnsurePublicKey(const base::Closure& callback);
     79 
     80   // Starts a load operation.
     81   void StartLoading();
     82 
     83   // Reports the result status of the operation. Once this gets called, the
     84   // operation should not perform further processing or trigger callbacks.
     85   void ReportResult(DeviceSettingsService::Status status);
     86 
     87   SessionManagerClient* session_manager_client() {
     88     return session_manager_client_;
     89   }
     90 
     91   base::WeakPtr<DeviceSettingsService::PrivateKeyDelegate> delegate_;
     92 
     93  private:
     94   // Loads the owner key from disk. Must be run on a thread that can do I/O.
     95   static scoped_refptr<PublicKey> LoadPublicKey(
     96       scoped_refptr<OwnerKeyUtil> util,
     97       scoped_refptr<PublicKey> current_key);
     98 
     99   // Stores the owner key loaded by LoadOwnerKey and calls |callback|.
    100   void StorePublicKey(const base::Closure& callback,
    101                       scoped_refptr<PublicKey> new_key);
    102 
    103   // Triggers a device settings load.
    104   void RetrieveDeviceSettings();
    105 
    106   // Validates device settings after retrieval from session_manager.
    107   void ValidateDeviceSettings(const std::string& policy_blob);
    108 
    109   // Extracts status and device settings from the validator and reports them.
    110   void ReportValidatorStatus(policy::DeviceCloudPolicyValidator* validator);
    111 
    112   SessionManagerClient* session_manager_client_;
    113   scoped_refptr<OwnerKeyUtil> owner_key_util_;
    114 
    115   base::WeakPtrFactory<SessionManagerOperation> weak_factory_;
    116 
    117   Callback callback_;
    118 
    119   scoped_refptr<PublicKey> public_key_;
    120   bool force_key_load_;
    121   std::string username_;
    122 
    123   bool is_loading_;
    124   scoped_ptr<enterprise_management::PolicyData> policy_data_;
    125   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_;
    126 
    127   DISALLOW_COPY_AND_ASSIGN(SessionManagerOperation);
    128 };
    129 
    130 // This operation loads the public owner key from disk if appropriate, fetches
    131 // the policy blob from session manager, and validates the loaded policy blob.
    132 class LoadSettingsOperation : public SessionManagerOperation {
    133  public:
    134   // Creates a new load operation.
    135   explicit LoadSettingsOperation(const Callback& callback);
    136   virtual ~LoadSettingsOperation();
    137 
    138  protected:
    139   // SessionManagerOperation:
    140   virtual void Run() OVERRIDE;
    141 
    142  private:
    143   DISALLOW_COPY_AND_ASSIGN(LoadSettingsOperation);
    144 };
    145 
    146 // Stores a pre-generated policy blob and reloads the device settings from
    147 // session_manager.
    148 class StoreSettingsOperation : public SessionManagerOperation {
    149  public:
    150   // Creates a new store operation.
    151   StoreSettingsOperation(
    152       const Callback& callback,
    153       scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
    154   virtual ~StoreSettingsOperation();
    155 
    156  protected:
    157   // SessionManagerOperation:
    158   virtual void Run() OVERRIDE;
    159 
    160  private:
    161   // Handles the result of the store operation and triggers the load.
    162   void HandleStoreResult(bool success);
    163 
    164   scoped_ptr<enterprise_management::PolicyFetchResponse> policy_;
    165 
    166   base::WeakPtrFactory<StoreSettingsOperation> weak_factory_;
    167 
    168   DISALLOW_COPY_AND_ASSIGN(StoreSettingsOperation);
    169 };
    170 
    171 // Signs device settings and stores the resulting blob to session_manager.
    172 class SignAndStoreSettingsOperation : public SessionManagerOperation {
    173  public:
    174   // Creates a new sign-and-store operation.
    175   SignAndStoreSettingsOperation(
    176       const Callback& callback,
    177       scoped_ptr<enterprise_management::PolicyData> new_policy);
    178   virtual ~SignAndStoreSettingsOperation();
    179 
    180   // SessionManagerOperation:
    181   virtual void Run() OVERRIDE;
    182 
    183  private:
    184   void StartSigning(bool has_private_key);
    185 
    186   // Stores the signed device settings blob.
    187   void StoreDeviceSettingsBlob(std::string device_settings_blob);
    188 
    189   // Handles the result of the store operation and triggers the load.
    190   void HandleStoreResult(bool success);
    191 
    192   scoped_ptr<enterprise_management::PolicyData> new_policy_;
    193 
    194   base::WeakPtrFactory<SignAndStoreSettingsOperation> weak_factory_;
    195 
    196   DISALLOW_COPY_AND_ASSIGN(SignAndStoreSettingsOperation);
    197 };
    198 
    199 }  // namespace chromeos
    200 
    201 #endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
    202