chrome/browser/chromeos/settings/session_manager_operation.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
   6 #define CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_
   7
   8 #include "base/basictypes.h"
   9 #include "base/callback.h"
  10 #include "base/memory/ref_counted.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "chrome/browser/chromeos/policy/device_cloud_policy_validator.h"
  13 #include "chrome/browser/chromeos/settings/device_settings_service.h"
  14 #include "components/ownership/owner_settings_service.h"
  15 #include "net/cert/x509_util_nss.h"
  16
  17 namespace enterprise_management {
  18 class ChromeDeviceSettingsProto;
  19 class PolicyData;
  20 class PolicyFetchResponse;
  21 }
  22
  23 namespace ownership {
  24 class OwnerKeyUtil;
  25 class PublicKey;
  26 }
  27
  28 namespace chromeos {
  29
  30 class SessionManagerClient;
  31
  32 // Handles a single transaction with session manager. This is a virtual base
  33 // class that contains common infrastructure for key and policy loading. There
  34 // are subclasses for loading, storing and signing policy blobs.
  35 class SessionManagerOperation {
  36  public:
  37   typedef base::Callback<void(SessionManagerOperation*,
  38                               DeviceSettingsService::Status)> Callback;
  39
  40   // Creates a new load operation.
  41   explicit SessionManagerOperation(const Callback& callback);
  42   virtual ~SessionManagerOperation();
  43
  44   // Starts the operation.
  45   void Start(SessionManagerClient* session_manager_client,
  46              scoped_refptr<ownership::OwnerKeyUtil> owner_key_util,
  47              scoped_refptr<ownership::PublicKey> public_key);
  48
  49   // Restarts a load operation (if that part is already in progress).
  50   void RestartLoad(bool key_changed);
  51
  52   // Accessors for recovering the loaded policy data after completion.
  53   scoped_ptr<enterprise_management::PolicyData>& policy_data() {
  54     return policy_data_;
  55   }
  56   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto>&
  57       device_settings() {
  58     return device_settings_;
  59   }
  60
  61   // Public part of the owner key as configured/loaded from disk.
  62   scoped_refptr<ownership::PublicKey> public_key() { return public_key_; }
  63
  64   // Whether the load operation is underway.
  65   bool is_loading() const { return is_loading_; }
  66
  67   void set_force_key_load(bool force_key_load) {
  68     force_key_load_ = force_key_load;
  69   }
  70
  71   void set_username(const std::string& username) { username_ = username; }
  72
  73   void set_owner_settings_service(const base::WeakPtr<
  74       ownership::OwnerSettingsService>& owner_settings_service) {
  75     owner_settings_service_ = owner_settings_service;
  76   }
  77
  78  protected:
  79   // Runs the operation. The result is reported through |callback_|.
  80   virtual void Run() = 0;
  81
  82   // Ensures the public key is loaded.
  83   void EnsurePublicKey(const base::Closure& callback);
  84
  85   // Starts a load operation.
  86   void StartLoading();
  87
  88   // Reports the result status of the operation. Once this gets called, the
  89   // operation should not perform further processing or trigger callbacks.
  90   void ReportResult(DeviceSettingsService::Status status);
  91
  92   SessionManagerClient* session_manager_client() {
  93     return session_manager_client_;
  94   }
  95
  96   base::WeakPtr<ownership::OwnerSettingsService> owner_settings_service_;
  97
  98  private:
  99   // Loads the owner key from disk. Must be run on a thread that can do I/O.
 100   static scoped_refptr<ownership::PublicKey> LoadPublicKey(
 101       scoped_refptr<ownership::OwnerKeyUtil> util,
 102       scoped_refptr<ownership::PublicKey> current_key);
 103
 104   // Stores the owner key loaded by LoadOwnerKey and calls |callback|.
 105   void StorePublicKey(const base::Closure& callback,
 106                       scoped_refptr<ownership::PublicKey> new_key);
 107
 108   // Triggers a device settings load.
 109   void RetrieveDeviceSettings();
 110
 111   // Validates device settings after retrieval from session_manager.
 112   void ValidateDeviceSettings(const std::string& policy_blob);
 113
 114   // Extracts status and device settings from the validator and reports them.
 115   void ReportValidatorStatus(policy::DeviceCloudPolicyValidator* validator);
 116
 117   SessionManagerClient* session_manager_client_;
 118   scoped_refptr<ownership::OwnerKeyUtil> owner_key_util_;
 119
 120   Callback callback_;
 121
 122   scoped_refptr<ownership::PublicKey> public_key_;
 123   bool force_key_load_;
 124   std::string username_;
 125
 126   bool is_loading_;
 127   scoped_ptr<enterprise_management::PolicyData> policy_data_;
 128   scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> device_settings_;
 129
 130   base::WeakPtrFactory<SessionManagerOperation> weak_factory_;
 131
 132   DISALLOW_COPY_AND_ASSIGN(SessionManagerOperation);
 133 };
 134
 135 // This operation loads the public owner key from disk if appropriate, fetches
 136 // the policy blob from session manager, and validates the loaded policy blob.
 137 class LoadSettingsOperation : public SessionManagerOperation {
 138  public:
 139   // Creates a new load operation.
 140   explicit LoadSettingsOperation(const Callback& callback);
 141   virtual ~LoadSettingsOperation();
 142
 143  protected:
 144   // SessionManagerOperation:
 145   virtual void Run() override;
 146
 147  private:
 148   DISALLOW_COPY_AND_ASSIGN(LoadSettingsOperation);
 149 };
 150
 151 // Stores a pre-generated policy blob and reloads the device settings from
 152 // session_manager.
 153 class StoreSettingsOperation : public SessionManagerOperation {
 154  public:
 155   // Creates a new store operation.
 156   StoreSettingsOperation(
 157       const Callback& callback,
 158       scoped_ptr<enterprise_management::PolicyFetchResponse> policy);
 159   virtual ~StoreSettingsOperation();
 160
 161  protected:
 162   // SessionManagerOperation:
 163   virtual void Run() override;
 164
 165  private:
 166   // Handles the result of the store operation and triggers the load.
 167   void HandleStoreResult(bool success);
 168
 169   scoped_ptr<enterprise_management::PolicyFetchResponse> policy_;
 170
 171   base::WeakPtrFactory<StoreSettingsOperation> weak_factory_;
 172
 173   DISALLOW_COPY_AND_ASSIGN(StoreSettingsOperation);
 174 };
 175
 176 // Signs device settings and stores the resulting blob to session_manager.
 177 class SignAndStoreSettingsOperation : public SessionManagerOperation {
 178  public:
 179   // Creates a new sign-and-store operation.
 180   SignAndStoreSettingsOperation(
 181       const Callback& callback,
 182       scoped_ptr<enterprise_management::PolicyData> new_policy);
 183   virtual ~SignAndStoreSettingsOperation();
 184
 185   // SessionManagerOperation:
 186   virtual void Run() override;
 187
 188  private:
 189   void StartSigning(bool has_private_key);
 190
 191   // Stores the signed device settings blob.
 192   void StoreDeviceSettings(
 193       scoped_ptr<enterprise_management::PolicyFetchResponse> policy_response);
 194
 195   // Handles the result of the store operation and triggers the load.
 196   void HandleStoreResult(bool success);
 197
 198   scoped_ptr<enterprise_management::PolicyData> new_policy_;
 199
 200   base::WeakPtrFactory<SignAndStoreSettingsOperation> weak_factory_;
 201
 202   DISALLOW_COPY_AND_ASSIGN(SignAndStoreSettingsOperation);
 203 };
 204
 205 }  // namespace chromeos
 206
 207 #endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_SESSION_MANAGER_OPERATION_H_