Home | History | Annotate | Download | only in policy_hack 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
      6 #define REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
      7 
      8 #include "base/callback.h"
      9 #include "base/memory/weak_ptr.h"
     10 #include "base/values.h"
     11 
     12 namespace base {
     13 class SingleThreadTaskRunner;
     14 class TimeDelta;
     15 class WaitableEvent;
     16 }  // namespace base
     17 
     18 namespace remoting {
     19 namespace policy_hack {
     20 
     21 // Watches for changes to the managed remote access host policies.
     22 // If StartWatching() has been called, then before this object can be deleted,
     23 // StopWatching() have completed (the provided |done| event must be signaled).
     24 class PolicyWatcher {
     25  public:
     26   // Called first with all policies, and subsequently with any changed policies.
     27   typedef base::Callback<void(scoped_ptr<base::DictionaryValue>)>
     28       PolicyCallback;
     29 
     30   explicit PolicyWatcher(
     31       scoped_refptr<base::SingleThreadTaskRunner> task_runner);
     32   virtual ~PolicyWatcher();
     33 
     34   // This guarantees that the |policy_callback| is called at least once with
     35   // the current policies.  After that, |policy_callback| will be called
     36   // whenever a change to any policy is detected. It will then be called only
     37   // with the changed policies.
     38   virtual void StartWatching(const PolicyCallback& policy_callback);
     39 
     40   // Should be called after StartWatching() before the object is deleted. Calls
     41   // just wait for |done| to be signaled before deleting the object.
     42   virtual void StopWatching(base::WaitableEvent* done);
     43 
     44   // Implemented by each platform.  This message loop should be an IO message
     45   // loop.
     46   static PolicyWatcher* Create(
     47       scoped_refptr<base::SingleThreadTaskRunner> task_runner);
     48 
     49   // The name of the NAT traversal policy.
     50   static const char kNatPolicyName[];
     51 
     52   // The name of the policy for requiring 2-factor authentication.
     53   static const char kHostRequireTwoFactorPolicyName[];
     54 
     55   // The name of the host domain policy.
     56   static const char kHostDomainPolicyName[];
     57 
     58   // The name of the username policy. This policy is ignored on Windows.
     59   // This policy is currently considered 'internal only' and so is not
     60   // documented in policy_templates.json.
     61   static const char kHostMatchUsernamePolicyName[];
     62 
     63   // The name of the policy that controls the host talkgadget prefix.
     64   static const char kHostTalkGadgetPrefixPolicyName[];
     65 
     66   // The name of the policy for requiring curtain-mode.
     67   static const char kHostRequireCurtainPolicyName[];
     68 
     69   // The names of the policies for token authentication URLs.
     70   static const char kHostTokenUrlPolicyName[];
     71   static const char kHostTokenValidationUrlPolicyName[];
     72   static const char kHostTokenValidationCertIssuerPolicyName[];
     73 
     74   // The name of the policy for disabling PIN-less authentication.
     75   static const char kHostAllowClientPairing[];
     76 
     77   // The name of the policy for disabling gnubbyd forwarding.
     78   static const char kHostAllowGnubbyAuthPolicyName[];
     79 
     80   // The name of the policy for allowing use of relay servers.
     81   static const char kRelayPolicyName[];
     82 
     83   // The name of the policy that restricts the range of host UDP ports.
     84   static const char kUdpPortRangePolicyName[];
     85 
     86   // The name of the policy for overriding policies, for use in testing.
     87   static const char kHostDebugOverridePoliciesName[];
     88 
     89  protected:
     90   virtual void StartWatchingInternal() = 0;
     91   virtual void StopWatchingInternal() = 0;
     92   virtual void Reload() = 0;
     93 
     94   // Used to check if the class is on the right thread.
     95   bool OnPolicyWatcherThread() const;
     96 
     97   // Takes the policy dictionary from the OS specific store and extracts the
     98   // relevant policies.
     99   void UpdatePolicies(const base::DictionaryValue* new_policy);
    100 
    101   // Used for time-based reloads in case something goes wrong with the
    102   // notification system.
    103   void ScheduleFallbackReloadTask();
    104   void ScheduleReloadTask(const base::TimeDelta& delay);
    105 
    106   // Returns a DictionaryValue containing the default values for each policy.
    107   const base::DictionaryValue& Defaults() const;
    108 
    109  private:
    110   scoped_refptr<base::SingleThreadTaskRunner> task_runner_;
    111 
    112   PolicyCallback policy_callback_;
    113 
    114   scoped_ptr<base::DictionaryValue> old_policies_;
    115   scoped_ptr<base::DictionaryValue> default_values_;
    116   scoped_ptr<base::DictionaryValue> bad_type_values_;
    117 
    118   // Allows us to cancel any inflight FileWatcher events or scheduled reloads.
    119   base::WeakPtrFactory<PolicyWatcher> weak_factory_;
    120 };
    121 
    122 }  // namespace policy_hack
    123 }  // namespace remoting
    124 
    125 #endif  // REMOTING_HOST_POLICY_HACK_POLICY_WATCHER_H_
    126