1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef COMPONENTS_POLICY_CORE_BROWSER_CONFIGURATION_POLICY_HANDLER_H_ 6 #define COMPONENTS_POLICY_CORE_BROWSER_CONFIGURATION_POLICY_HANDLER_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/basictypes.h" 12 #include "base/callback.h" 13 #include "base/compiler_specific.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "base/memory/scoped_vector.h" 16 #include "base/values.h" 17 #include "components/policy/core/common/schema.h" 18 #include "components/policy/policy_export.h" 19 20 class PrefValueMap; 21 22 namespace policy { 23 24 class PolicyErrorMap; 25 struct PolicyHandlerParameters; 26 class PolicyMap; 27 28 // Maps a policy type to a preference path, and to the expected value type. 29 struct POLICY_EXPORT PolicyToPreferenceMapEntry { 30 const char* const policy_name; 31 const char* const preference_path; 32 const base::Value::Type value_type; 33 }; 34 35 // An abstract super class that subclasses should implement to map policies to 36 // their corresponding preferences, and to check whether the policies are valid. 37 class POLICY_EXPORT ConfigurationPolicyHandler { 38 public: 39 static std::string ValueTypeToString(base::Value::Type type); 40 41 ConfigurationPolicyHandler(); 42 virtual ~ConfigurationPolicyHandler(); 43 44 // Returns whether the policy settings handled by this 45 // ConfigurationPolicyHandler can be applied. Fills |errors| with error 46 // messages or warnings. |errors| may contain error messages even when 47 // |CheckPolicySettings()| returns true. 48 virtual bool CheckPolicySettings(const PolicyMap& policies, 49 PolicyErrorMap* errors) = 0; 50 51 // Processes the policies handled by this ConfigurationPolicyHandler and sets 52 // the appropriate preferences in |prefs|. 53 virtual void ApplyPolicySettingsWithParameters( 54 const PolicyMap& policies, 55 const PolicyHandlerParameters& parameters, 56 PrefValueMap* prefs); 57 58 // This is a convenience version of ApplyPolicySettingsWithParameters() 59 // that leaves out the |parameters|. Anyone extending 60 // ConfigurationPolicyHandler should implement either ApplyPolicySettings or 61 // ApplyPolicySettingsWithParameters. 62 virtual void ApplyPolicySettings(const PolicyMap& policies, 63 PrefValueMap* prefs); 64 65 // Modifies the values of some of the policies in |policies| so that they 66 // are more suitable to display to the user. This can be used to remove 67 // sensitive values such as passwords, or to pretty-print values. 68 virtual void PrepareForDisplaying(PolicyMap* policies) const; 69 70 private: 71 DISALLOW_COPY_AND_ASSIGN(ConfigurationPolicyHandler); 72 }; 73 74 // Abstract class derived from ConfigurationPolicyHandler that should be 75 // subclassed to handle a single policy (not a combination of policies). 76 class POLICY_EXPORT TypeCheckingPolicyHandler 77 : public ConfigurationPolicyHandler { 78 public: 79 TypeCheckingPolicyHandler(const char* policy_name, 80 base::Value::Type value_type); 81 virtual ~TypeCheckingPolicyHandler(); 82 83 // ConfigurationPolicyHandler methods: 84 virtual bool CheckPolicySettings(const PolicyMap& policies, 85 PolicyErrorMap* errors) OVERRIDE; 86 87 const char* policy_name() const; 88 89 protected: 90 // Runs policy checks and returns the policy value if successful. 91 bool CheckAndGetValue(const PolicyMap& policies, 92 PolicyErrorMap* errors, 93 const base::Value** value); 94 95 private: 96 // The name of the policy. 97 const char* policy_name_; 98 99 // The type the value of the policy should have. 100 base::Value::Type value_type_; 101 102 DISALLOW_COPY_AND_ASSIGN(TypeCheckingPolicyHandler); 103 }; 104 105 // Abstract class derived from TypeCheckingPolicyHandler that ensures an int 106 // policy's value lies in an allowed range. Either clamps or rejects values 107 // outside the range. 108 class POLICY_EXPORT IntRangePolicyHandlerBase 109 : public TypeCheckingPolicyHandler { 110 public: 111 IntRangePolicyHandlerBase(const char* policy_name, 112 int min, 113 int max, 114 bool clamp); 115 116 // ConfigurationPolicyHandler: 117 virtual bool CheckPolicySettings(const PolicyMap& policies, 118 PolicyErrorMap* errors) OVERRIDE; 119 120 protected: 121 virtual ~IntRangePolicyHandlerBase(); 122 123 // Ensures that the value is in the allowed range. Returns false if the value 124 // cannot be parsed or lies outside the allowed range and clamping is 125 // disabled. 126 bool EnsureInRange(const base::Value* input, 127 int* output, 128 PolicyErrorMap* errors); 129 130 private: 131 // The minimum value allowed. 132 int min_; 133 134 // The maximum value allowed. 135 int max_; 136 137 // Whether to clamp values lying outside the allowed range instead of 138 // rejecting them. 139 bool clamp_; 140 141 DISALLOW_COPY_AND_ASSIGN(IntRangePolicyHandlerBase); 142 }; 143 144 // ConfigurationPolicyHandler for policies that map directly to a preference. 145 class POLICY_EXPORT SimplePolicyHandler : public TypeCheckingPolicyHandler { 146 public: 147 SimplePolicyHandler(const char* policy_name, 148 const char* pref_path, 149 base::Value::Type value_type); 150 virtual ~SimplePolicyHandler(); 151 152 // ConfigurationPolicyHandler methods: 153 virtual void ApplyPolicySettings(const PolicyMap& policies, 154 PrefValueMap* prefs) OVERRIDE; 155 156 private: 157 // The DictionaryValue path of the preference the policy maps to. 158 const char* pref_path_; 159 160 DISALLOW_COPY_AND_ASSIGN(SimplePolicyHandler); 161 }; 162 163 // Base class that encapsulates logic for mapping from a string enum list 164 // to a separate matching type value. 165 class POLICY_EXPORT StringMappingListPolicyHandler 166 : public TypeCheckingPolicyHandler { 167 public: 168 // Data structure representing the map between policy strings and 169 // matching pref values. 170 class POLICY_EXPORT MappingEntry { 171 public: 172 MappingEntry(const char* policy_value, scoped_ptr<base::Value> map); 173 ~MappingEntry(); 174 175 const char* enum_value; 176 scoped_ptr<base::Value> mapped_value; 177 }; 178 179 // Callback that generates the map for this instance. 180 typedef base::Callback<void(ScopedVector<MappingEntry>*)> GenerateMapCallback; 181 182 StringMappingListPolicyHandler(const char* policy_name, 183 const char* pref_path, 184 const GenerateMapCallback& map_generator); 185 virtual ~StringMappingListPolicyHandler(); 186 187 // ConfigurationPolicyHandler methods: 188 virtual bool CheckPolicySettings(const PolicyMap& policies, 189 PolicyErrorMap* errors) OVERRIDE; 190 virtual void ApplyPolicySettings(const PolicyMap& policies, 191 PrefValueMap* prefs) OVERRIDE; 192 193 private: 194 // Attempts to convert the list in |input| to |output| according to the table, 195 // returns false on errors. 196 bool Convert(const base::Value* input, 197 base::ListValue* output, 198 PolicyErrorMap* errors); 199 200 // Helper method that converts from a policy value string to the associated 201 // pref value. 202 scoped_ptr<base::Value> Map(const std::string& entry_value); 203 204 // Name of the pref to write. 205 const char* pref_path_; 206 207 // The callback invoked to generate the map for this instance. 208 GenerateMapCallback map_getter_; 209 210 // Map of string policy values to local pref values. This is generated lazily 211 // so the generation does not have to happen if no policy is present. 212 ScopedVector<MappingEntry> map_; 213 214 DISALLOW_COPY_AND_ASSIGN(StringMappingListPolicyHandler); 215 }; 216 217 // A policy handler implementation that ensures an int policy's value lies in an 218 // allowed range. 219 class POLICY_EXPORT IntRangePolicyHandler : public IntRangePolicyHandlerBase { 220 public: 221 IntRangePolicyHandler(const char* policy_name, 222 const char* pref_path, 223 int min, 224 int max, 225 bool clamp); 226 virtual ~IntRangePolicyHandler(); 227 228 // ConfigurationPolicyHandler: 229 virtual void ApplyPolicySettings(const PolicyMap& policies, 230 PrefValueMap* prefs) OVERRIDE; 231 232 private: 233 // Name of the pref to write. 234 const char* pref_path_; 235 236 DISALLOW_COPY_AND_ASSIGN(IntRangePolicyHandler); 237 }; 238 239 // A policy handler implementation that maps an int percentage value to a 240 // double. 241 class POLICY_EXPORT IntPercentageToDoublePolicyHandler 242 : public IntRangePolicyHandlerBase { 243 public: 244 IntPercentageToDoublePolicyHandler(const char* policy_name, 245 const char* pref_path, 246 int min, 247 int max, 248 bool clamp); 249 virtual ~IntPercentageToDoublePolicyHandler(); 250 251 // ConfigurationPolicyHandler: 252 virtual void ApplyPolicySettings(const PolicyMap& policies, 253 PrefValueMap* prefs) OVERRIDE; 254 255 private: 256 // Name of the pref to write. 257 const char* pref_path_; 258 259 DISALLOW_COPY_AND_ASSIGN(IntPercentageToDoublePolicyHandler); 260 }; 261 262 // Like TypeCheckingPolicyHandler, but validates against a schema instead of a 263 // single type. |schema| is the schema used for this policy, and |strategy| is 264 // the strategy used for schema validation errors. 265 class POLICY_EXPORT SchemaValidatingPolicyHandler 266 : public ConfigurationPolicyHandler { 267 public: 268 SchemaValidatingPolicyHandler(const char* policy_name, 269 Schema schema, 270 SchemaOnErrorStrategy strategy); 271 virtual ~SchemaValidatingPolicyHandler(); 272 273 // ConfigurationPolicyHandler: 274 virtual bool CheckPolicySettings(const PolicyMap& policies, 275 PolicyErrorMap* errors) OVERRIDE; 276 277 const char* policy_name() const; 278 279 protected: 280 // Runs policy checks and returns the policy value if successful. 281 bool CheckAndGetValue(const PolicyMap& policies, 282 PolicyErrorMap* errors, 283 scoped_ptr<base::Value>* output); 284 285 private: 286 const char* policy_name_; 287 Schema schema_; 288 SchemaOnErrorStrategy strategy_; 289 290 DISALLOW_COPY_AND_ASSIGN(SchemaValidatingPolicyHandler); 291 }; 292 293 // Maps policy to pref like SimplePolicyHandler while ensuring that the value 294 // set matches the schema. |schema| is the schema used for policies, and 295 // |strategy| is the strategy used for schema validation errors. The 296 // |recommended_permission| and |mandatory_permission| flags indicate the levels 297 // at which the policy can be set. A value set at an unsupported level will be 298 // ignored. 299 class POLICY_EXPORT SimpleSchemaValidatingPolicyHandler 300 : public SchemaValidatingPolicyHandler { 301 public: 302 enum MandatoryPermission { MANDATORY_ALLOWED, MANDATORY_PROHIBITED }; 303 enum RecommendedPermission { RECOMMENDED_ALLOWED, RECOMMENDED_PROHIBITED }; 304 305 SimpleSchemaValidatingPolicyHandler( 306 const char* policy_name, 307 const char* pref_path, 308 Schema schema, 309 SchemaOnErrorStrategy strategy, 310 RecommendedPermission recommended_permission, 311 MandatoryPermission mandatory_permission); 312 virtual ~SimpleSchemaValidatingPolicyHandler(); 313 314 // ConfigurationPolicyHandler: 315 virtual bool CheckPolicySettings(const PolicyMap& policies, 316 PolicyErrorMap* errors) OVERRIDE; 317 virtual void ApplyPolicySettings(const PolicyMap& policies, 318 PrefValueMap* prefs) OVERRIDE; 319 320 private: 321 const char* pref_path_; 322 const bool allow_recommended_; 323 const bool allow_mandatory_; 324 325 DISALLOW_COPY_AND_ASSIGN(SimpleSchemaValidatingPolicyHandler); 326 }; 327 328 // A policy handler to deprecate multiple legacy policies with a new one. 329 // This handler will completely ignore any of legacy policy values if the new 330 // one is set. 331 class POLICY_EXPORT LegacyPoliciesDeprecatingPolicyHandler 332 : public ConfigurationPolicyHandler { 333 public: 334 LegacyPoliciesDeprecatingPolicyHandler( 335 ScopedVector<ConfigurationPolicyHandler> legacy_policy_handlers, 336 scoped_ptr<SchemaValidatingPolicyHandler> new_policy_handler); 337 virtual ~LegacyPoliciesDeprecatingPolicyHandler(); 338 339 // ConfigurationPolicyHandler: 340 virtual bool CheckPolicySettings(const PolicyMap& policies, 341 PolicyErrorMap* errors) OVERRIDE; 342 virtual void ApplyPolicySettings(const PolicyMap& policies, 343 PrefValueMap* prefs) OVERRIDE; 344 345 private: 346 ScopedVector<ConfigurationPolicyHandler> legacy_policy_handlers_; 347 scoped_ptr<SchemaValidatingPolicyHandler> new_policy_handler_; 348 349 DISALLOW_COPY_AND_ASSIGN(LegacyPoliciesDeprecatingPolicyHandler); 350 }; 351 352 } // namespace policy 353 354 #endif // COMPONENTS_POLICY_CORE_BROWSER_CONFIGURATION_POLICY_HANDLER_H_ 355