chrome/browser/policy/browser_policy_connector.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_POLICY_BROWSER_POLICY_CONNECTOR_H_
   6 #define CHROME_BROWSER_POLICY_BROWSER_POLICY_CONNECTOR_H_
   7
   8 #include <string>
   9
  10 #include "base/basictypes.h"
  11 #include "base/memory/ref_counted.h"
  12 #include "base/memory/scoped_ptr.h"
  13 #include "base/memory/weak_ptr.h"
  14 #include "components/policy/core/browser/configuration_policy_handler_list.h"
  15 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
  16 #include "components/policy/core/common/schema.h"
  17 #include "components/policy/core/common/schema_registry.h"
  18
  19 #if defined(OS_CHROMEOS)
  20 #include "chrome/browser/chromeos/policy/proxy_policy_provider.h"
  21 #endif
  22
  23 class PrefRegistrySimple;
  24 class PrefService;
  25
  26 namespace net {
  27 class URLRequestContextGetter;
  28 }
  29
  30 namespace policy {
  31
  32 class ConfigurationPolicyProvider;
  33 class DeviceManagementService;
  34 class PolicyService;
  35 class PolicyStatisticsCollector;
  36
  37 #if defined(OS_CHROMEOS)
  38 class AppPackUpdater;
  39 class DeviceCloudPolicyManagerChromeOS;
  40 class DeviceLocalAccountPolicyService;
  41 class EnterpriseInstallAttributes;
  42 class NetworkConfigurationUpdater;
  43 #endif
  44
  45 // Manages the lifecycle of browser-global policy infrastructure, such as the
  46 // platform policy providers, device- and the user-cloud policy infrastructure.
  47 class BrowserPolicyConnector {
  48  public:
  49   // Builds an uninitialized BrowserPolicyConnector, suitable for testing.
  50   // Init() should be called to create and start the policy machinery.
  51   BrowserPolicyConnector();
  52
  53   // Invoke Shutdown() before deleting, see below.
  54   virtual ~BrowserPolicyConnector();
  55
  56   // Finalizes the initialization of the connector. This call can be skipped on
  57   // tests that don't require the full policy system running.
  58   void Init(PrefService* local_state,
  59             scoped_refptr<net::URLRequestContextGetter> request_context);
  60
  61   // Stops the policy providers and cleans up the connector before it can be
  62   // safely deleted. This must be invoked before the destructor and while the
  63   // threads are still running. The policy providers are still valid but won't
  64   // update anymore after this call.
  65   void Shutdown();
  66
  67   // Returns true if Init() has been called but Shutdown() hasn't been yet.
  68   bool is_initialized() const { return is_initialized_; }
  69
  70   // Returns a handle to the Chrome schema.
  71   const Schema& GetChromeSchema() const;
  72
  73   // Returns the global CombinedSchemaRegistry. SchemaRegistries from Profiles
  74   // should be tracked by the global registry, so that the global policy
  75   // providers also load policies for the components of each Profile.
  76   CombinedSchemaRegistry* GetSchemaRegistry();
  77
  78   // Returns the platform policy provider.
  79   ConfigurationPolicyProvider* GetPlatformProvider();
  80
  81   // Returns the browser-global PolicyService, that contains policies for the
  82   // whole browser.
  83   PolicyService* GetPolicyService();
  84
  85 #if defined(OS_CHROMEOS)
  86   // Returns true if this device is managed by an enterprise (as opposed to
  87   // a local owner).
  88   bool IsEnterpriseManaged();
  89
  90   // Returns the enterprise domain if device is managed.
  91   std::string GetEnterpriseDomain();
  92
  93   // Returns the device mode. For ChromeOS this function will return the mode
  94   // stored in the lockbox, or DEVICE_MODE_CONSUMER if the lockbox has been
  95   // locked empty, or DEVICE_MODE_UNKNOWN if the device has not been owned yet.
  96   // For other OSes the function will always return DEVICE_MODE_CONSUMER.
  97   DeviceMode GetDeviceMode();
  98 #endif
  99
 100   // Schedules initialization of the cloud policy backend services, if the
 101   // services are already constructed.
 102   void ScheduleServiceInitialization(int64 delay_milliseconds);
 103
 104   const ConfigurationPolicyHandlerList* GetHandlerList() const;
 105
 106   // Works out the user affiliation by checking the given |user_name| against
 107   // the installation attributes.
 108   UserAffiliation GetUserAffiliation(const std::string& user_name);
 109
 110   DeviceManagementService* device_management_service() {
 111     return device_management_service_.get();
 112   }
 113
 114 #if defined(OS_CHROMEOS)
 115   AppPackUpdater* GetAppPackUpdater();
 116
 117   DeviceCloudPolicyManagerChromeOS* GetDeviceCloudPolicyManager() {
 118     return device_cloud_policy_manager_.get();
 119   }
 120   DeviceLocalAccountPolicyService* GetDeviceLocalAccountPolicyService() {
 121     return device_local_account_policy_service_.get();
 122   }
 123   EnterpriseInstallAttributes* GetInstallAttributes() {
 124     return install_attributes_.get();
 125   }
 126
 127   // The browser-global PolicyService is created before Profiles are ready, to
 128   // provide managed values for the local state PrefService. It includes a
 129   // policy provider that forwards policies from a delegate policy provider.
 130   // This call can be used to set the user policy provider as that delegate
 131   // once the Profile is ready, so that user policies can also affect local
 132   // state preferences.
 133   // Only one user policy provider can be set as a delegate at a time, and any
 134   // previously set delegate is removed. Passing NULL removes the current
 135   // delegate, if there is one.
 136   void SetUserPolicyDelegate(ConfigurationPolicyProvider* user_policy_provider);
 137
 138   // Sets the install attributes for testing. Must be called before the browser
 139   // is created. Takes ownership of |attributes|.
 140   static void SetInstallAttributesForTesting(
 141       EnterpriseInstallAttributes* attributes);
 142 #endif
 143
 144   // Sets a |provider| that will be included in PolicyServices returned by
 145   // CreatePolicyService. This is a static method because local state is
 146   // created immediately after the connector, and tests don't have a chance to
 147   // inject the provider otherwise. |provider| must outlive the connector, and
 148   // its ownership is not taken though the connector will initialize and shut it
 149   // down.
 150   static void SetPolicyProviderForTesting(
 151       ConfigurationPolicyProvider* provider);
 152
 153   // Check whether a user is known to be non-enterprise. Domains such as
 154   // gmail.com and googlemail.com are known to not be managed. Also returns
 155   // false if the username is empty.
 156   static bool IsNonEnterpriseUser(const std::string& username);
 157
 158   // Registers refresh rate prefs.
 159   static void RegisterPrefs(PrefRegistrySimple* registry);
 160
 161  private:
 162   // Set the timezone as soon as the policies are available.
 163   void SetTimezoneIfPolicyAvailable();
 164
 165   ConfigurationPolicyProvider* CreatePlatformProvider();
 166
 167   // Whether Init() but not Shutdown() has been invoked.
 168   bool is_initialized_;
 169
 170   PrefService* local_state_;
 171   scoped_refptr<net::URLRequestContextGetter> request_context_;
 172
 173   // Used to convert policies to preferences. The providers declared below
 174   // may trigger policy updates during shutdown, which will result in
 175   // |handler_list_| being consulted for policy translation.
 176   // Therefore, it's important to destroy |handler_list_| after the providers.
 177   scoped_ptr<ConfigurationPolicyHandlerList> handler_list_;
 178
 179   // The Chrome schema. This wraps the structure generated by
 180   // generate_policy_source.py at compile time.
 181   Schema chrome_schema_;
 182
 183   // The global SchemaRegistry, which will track all the other registries.
 184   CombinedSchemaRegistry schema_registry_;
 185
 186   scoped_ptr<ConfigurationPolicyProvider> platform_provider_;
 187
 188   // Components of the device cloud policy implementation.
 189 #if defined(OS_CHROMEOS)
 190   scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
 191   scoped_ptr<DeviceCloudPolicyManagerChromeOS> device_cloud_policy_manager_;
 192   scoped_ptr<DeviceLocalAccountPolicyService>
 193       device_local_account_policy_service_;
 194
 195   // This policy provider is used on Chrome OS to feed user policy into the
 196   // global PolicyService instance. This works by installing the cloud policy
 197   // provider of the primary profile as the delegate of the ProxyPolicyProvider,
 198   // after login.
 199   ProxyPolicyProvider global_user_cloud_policy_provider_;
 200 #endif
 201
 202   // Must be deleted before all the policy providers.
 203   scoped_ptr<PolicyService> policy_service_;
 204
 205   scoped_ptr<PolicyStatisticsCollector> policy_statistics_collector_;
 206
 207   scoped_ptr<DeviceManagementService> device_management_service_;
 208
 209   // Used to initialize the device policy subsystem once the message loops
 210   // are spinning.
 211   base::WeakPtrFactory<BrowserPolicyConnector> weak_ptr_factory_;
 212
 213 #if defined(OS_CHROMEOS)
 214   scoped_ptr<AppPackUpdater> app_pack_updater_;
 215   scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_;
 216 #endif
 217
 218   DISALLOW_COPY_AND_ASSIGN(BrowserPolicyConnector);
 219 };
 220
 221 }  // namespace policy
 222
 223 #endif  // CHROME_BROWSER_POLICY_BROWSER_POLICY_CONNECTOR_H_