search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert 264226 "Reduce dependency of TiclInvalidationService on P..."
[chromium-blink-merge.git] / remoting / host / policy_hack / policy_watcher.cc
blobfd1a37b07b7926894deefdac15139f915f949ec5
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // Most of this code is copied from:
6 // src/chrome/browser/policy/asynchronous_policy_loader.{h,cc}
7
8 #include "remoting/host/policy_hack/policy_watcher.h"
9
10 #include "base/bind.h"
11 #include "base/compiler_specific.h"
12 #include "base/location.h"
13 #include "base/memory/weak_ptr.h"
14 #include "base/single_thread_task_runner.h"
15 #include "base/synchronization/waitable_event.h"
16 #include "base/time/time.h"
17 #include "base/values.h"
18 #include "remoting/host/dns_blackhole_checker.h"
19
20 #if !defined(NDEBUG)
21 #include "base/json/json_reader.h"
22 #endif
23
24 namespace remoting {
25 namespace policy_hack {
26
27 namespace {
28
29 // The time interval for rechecking policy. This is our fallback in case the
30 // delegate never reports a change to the ReloadObserver.
31 const int kFallbackReloadDelayMinutes = 15;
32
33 // Copies all policy values from one dictionary to another, using values from
34 // |default| if they are not set in |from|, or values from |bad_type_values| if
35 // the value in |from| has the wrong type.
36 scoped_ptr<base::DictionaryValue> CopyGoodValuesAndAddDefaults(
37 const base::DictionaryValue* from,
38 const base::DictionaryValue* default_values,
39 const base::DictionaryValue* bad_type_values) {
40 scoped_ptr<base::DictionaryValue> to(default_values->DeepCopy());
41 for (base::DictionaryValue::Iterator i(*default_values);
42 !i.IsAtEnd(); i.Advance()) {
43
44 const base::Value* value = NULL;
45
46 // If the policy isn't in |from|, use the default.
47 if (!from->Get(i.key(), &value)) {
48 continue;
49 }
50
51 // If the policy is the wrong type, use the value from |bad_type_values|.
52 if (!value->IsType(i.value().GetType())) {
53 CHECK(bad_type_values->Get(i.key(), &value));
54 }
55
56 to->Set(i.key(), value->DeepCopy());
57 }
58
59 #if !defined(NDEBUG)
60 // Replace values with those specified in DebugOverridePolicies, if present.
61 std::string policy_overrides;
62 if (from->GetString(PolicyWatcher::kHostDebugOverridePoliciesName,
63 &policy_overrides)) {
64 scoped_ptr<base::Value> value(base::JSONReader::Read(policy_overrides));
65 const base::DictionaryValue* override_values;
66 if (value && value->GetAsDictionary(&override_values)) {
67 to->MergeDictionary(override_values);
68 }
69 }
70 #endif // defined(NDEBUG)
71
72 return to.Pass();
73 }
74
75 } // namespace
76
77 const char PolicyWatcher::kNatPolicyName[] =
78 "RemoteAccessHostFirewallTraversal";
79
80 const char PolicyWatcher::kHostRequireTwoFactorPolicyName[] =
81 "RemoteAccessHostRequireTwoFactor";
82
83 const char PolicyWatcher::kHostDomainPolicyName[] =
84 "RemoteAccessHostDomain";
85
86 const char PolicyWatcher::kHostMatchUsernamePolicyName[] =
87 "RemoteAccessHostMatchUsername";
88
89 const char PolicyWatcher::kHostTalkGadgetPrefixPolicyName[] =
90 "RemoteAccessHostTalkGadgetPrefix";
91
92 const char PolicyWatcher::kHostRequireCurtainPolicyName[] =
93 "RemoteAccessHostRequireCurtain";
94
95 const char PolicyWatcher::kHostTokenUrlPolicyName[] =
96 "RemoteAccessHostTokenUrl";
97
98 const char PolicyWatcher::kHostTokenValidationUrlPolicyName[] =
99 "RemoteAccessHostTokenValidationUrl";
100
101 const char PolicyWatcher::kHostTokenValidationCertIssuerPolicyName[] =
102 "RemoteAccessHostTokenValidationCertificateIssuer";
103
104 const char PolicyWatcher::kHostAllowClientPairing[] =
105 "RemoteAccessHostAllowClientPairing";
106
107 const char PolicyWatcher::kHostAllowGnubbyAuthPolicyName[] =
108 "RemoteAccessHostAllowGnubbyAuth";
109
110 const char PolicyWatcher::kHostDebugOverridePoliciesName[] =
111 "RemoteAccessHostDebugOverridePolicies";
112
113 PolicyWatcher::PolicyWatcher(
114 scoped_refptr<base::SingleThreadTaskRunner> task_runner)
115 : task_runner_(task_runner),
116 old_policies_(new base::DictionaryValue()),
117 default_values_(new base::DictionaryValue()),
118 weak_factory_(this) {
119 // Initialize the default values for each policy.
120 default_values_->SetBoolean(kNatPolicyName, true);
121 default_values_->SetBoolean(kHostRequireTwoFactorPolicyName, false);
122 default_values_->SetBoolean(kHostRequireCurtainPolicyName, false);
123 default_values_->SetBoolean(kHostMatchUsernamePolicyName, false);
124 default_values_->SetString(kHostDomainPolicyName, std::string());
125 default_values_->SetString(kHostTalkGadgetPrefixPolicyName,
126 kDefaultHostTalkGadgetPrefix);
127 default_values_->SetString(kHostTokenUrlPolicyName, std::string());
128 default_values_->SetString(kHostTokenValidationUrlPolicyName, std::string());
129 default_values_->SetString(kHostTokenValidationCertIssuerPolicyName,
130 std::string());
131 default_values_->SetBoolean(kHostAllowClientPairing, true);
132 default_values_->SetBoolean(kHostAllowGnubbyAuthPolicyName, true);
133 #if !defined(NDEBUG)
134 default_values_->SetString(kHostDebugOverridePoliciesName, std::string());
135 #endif
136
137 // Initialize the fall-back values to use for unreadable policies.
138 // For most policies these match the defaults.
139 bad_type_values_.reset(default_values_->DeepCopy());
140 bad_type_values_->SetBoolean(kNatPolicyName, false);
141 }
142
143 PolicyWatcher::~PolicyWatcher() {
144 }
145
146 void PolicyWatcher::StartWatching(const PolicyCallback& policy_callback) {
147 if (!OnPolicyWatcherThread()) {
148 task_runner_->PostTask(FROM_HERE,
149 base::Bind(&PolicyWatcher::StartWatching,
150 base::Unretained(this),
151 policy_callback));
152 return;
153 }
154
155 policy_callback_ = policy_callback;
156 StartWatchingInternal();
157 }
158
159 void PolicyWatcher::StopWatching(base::WaitableEvent* done) {
160 if (!OnPolicyWatcherThread()) {
161 task_runner_->PostTask(FROM_HERE,
162 base::Bind(&PolicyWatcher::StopWatching,
163 base::Unretained(this), done));
164 return;
165 }
166
167 StopWatchingInternal();
168 weak_factory_.InvalidateWeakPtrs();
169 policy_callback_.Reset();
170
171 done->Signal();
172 }
173
174 void PolicyWatcher::ScheduleFallbackReloadTask() {
175 DCHECK(OnPolicyWatcherThread());
176 ScheduleReloadTask(
177 base::TimeDelta::FromMinutes(kFallbackReloadDelayMinutes));
178 }
179
180 void PolicyWatcher::ScheduleReloadTask(const base::TimeDelta& delay) {
181 DCHECK(OnPolicyWatcherThread());
182 task_runner_->PostDelayedTask(
183 FROM_HERE,
184 base::Bind(&PolicyWatcher::Reload, weak_factory_.GetWeakPtr()),
185 delay);
186 }
187
188 const base::DictionaryValue& PolicyWatcher::Defaults() const {
189 return *default_values_;
190 }
191
192 bool PolicyWatcher::OnPolicyWatcherThread() const {
193 return task_runner_->BelongsToCurrentThread();
194 }
195
196 void PolicyWatcher::UpdatePolicies(
197 const base::DictionaryValue* new_policies_raw) {
198 DCHECK(OnPolicyWatcherThread());
199
200 // Use default values for any missing policies.
201 scoped_ptr<base::DictionaryValue> new_policies =
202 CopyGoodValuesAndAddDefaults(
203 new_policies_raw, default_values_.get(), bad_type_values_.get());
204
205 // Find the changed policies.
206 scoped_ptr<base::DictionaryValue> changed_policies(
207 new base::DictionaryValue());
208 base::DictionaryValue::Iterator iter(*new_policies);
209 while (!iter.IsAtEnd()) {
210 base::Value* old_policy;
211 if (!(old_policies_->Get(iter.key(), &old_policy) &&
212 old_policy->Equals(&iter.value()))) {
213 changed_policies->Set(iter.key(), iter.value().DeepCopy());
214 }
215 iter.Advance();
216 }
217
218 // Save the new policies.
219 old_policies_.swap(new_policies);
220
221 // Notify our client of the changed policies.
222 if (!changed_policies->empty()) {
223 policy_callback_.Run(changed_policies.Pass());
224 }
225 }
226
227 } // namespace policy_hack
228 } // namespace remoting