1 // Copyright 2015 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef REMOTING_HOST_POLICY_WATCHER_H_ 6 #define REMOTING_HOST_POLICY_WATCHER_H_ 7 8 #include <memory> 9 10 #include "base/callback.h" 11 #include "base/macros.h" 12 #include "base/memory/ref_counted.h" 13 #include "base/sequence_checker.h" 14 #include "components/policy/core/common/policy_service.h" 15 16 namespace base { 17 class DictionaryValue; 18 class SingleThreadTaskRunner; 19 } // namespace base 20 21 namespace policy { 22 class AsyncPolicyLoader; 23 class ConfigurationPolicyProvider; 24 class Schema; 25 class SchemaRegistry; 26 } // namespace policy 27 28 namespace remoting { 29 30 // Watches for changes to the managed remote access host policies. 31 class PolicyWatcher : public policy::PolicyService::Observer { 32 public: 33 // Called first with all policies, and subsequently with any changed policies. 34 typedef base::RepeatingCallback<void(std::unique_ptr<base::DictionaryValue>)> 35 PolicyUpdatedCallback; 36 37 // Called after detecting malformed policies. 38 typedef base::RepeatingCallback<void()> PolicyErrorCallback; 39 40 ~PolicyWatcher() override; 41 42 // This guarantees that the |policy_updated_callback| is called at least once 43 // with the current policies. After that, |policy_updated_callback| will be 44 // called whenever a change to any policy is detected. It will then be called 45 // only with the changed policies. 46 // 47 // |policy_error_callback| will be called when malformed policies are detected 48 // (i.e. wrong type of policy value, or unparseable files under 49 // /etc/opt/chrome/policies/managed). 50 // When called, the |policy_error_callback| is responsible for mitigating the 51 // security risk of running with incorrectly formulated policies (by either 52 // shutting down or locking down the host). 53 // After calling |policy_error_callback| PolicyWatcher will continue watching 54 // for policy changes and will call |policy_updated_callback| when the error 55 // is recovered from and may call |policy_error_callback| when new errors are 56 // found. 57 virtual void StartWatching( 58 const PolicyUpdatedCallback& policy_updated_callback, 59 const PolicyErrorCallback& policy_error_callback); 60 61 // Return the current policies. If the policies have not yet been read, or if 62 // an error occurred, the returned dictionary will be empty. 63 std::unique_ptr<base::DictionaryValue> GetCurrentPolicies(); 64 65 // Return the default policies. 66 static std::unique_ptr<base::DictionaryValue> GetDefaultPolicies(); 67 68 // Specify a |policy_service| to borrow (on Chrome OS, from the browser 69 // process). PolicyWatcher must be used on the thread on which it is created. 70 // |policy_service| is called on the same thread. 71 // 72 // When |policy_service| is specified then BrowserThread::UI is used for 73 // PolicyUpdatedCallback and PolicyErrorCallback. 74 static std::unique_ptr<PolicyWatcher> CreateWithPolicyService( 75 policy::PolicyService* policy_service); 76 77 // Construct and a new PolicyService for non-ChromeOS platforms. 78 // PolicyWatcher must be used on the thread on which it is created. 79 // 80 // |file_task_runner| is used for reading the policy from files / registry / 81 // preferences (which are blocking operations). |file_task_runner| should be 82 // of TYPE_IO type. 83 static std::unique_ptr<PolicyWatcher> CreateWithTaskRunner( 84 const scoped_refptr<base::SingleThreadTaskRunner>& file_task_runner); 85 86 // Creates a PolicyWatcher from the given loader instead of loading the policy 87 // from the default location. 88 // 89 // This can be used with FakeAsyncPolicyLoader to test policy handling of 90 // other components. 91 static std::unique_ptr<PolicyWatcher> CreateFromPolicyLoaderForTesting( 92 std::unique_ptr<policy::AsyncPolicyLoader> async_policy_loader); 93 94 private: 95 friend class PolicyWatcherTest; 96 97 // Gets Chromoting schema stored inside |owned_schema_registry_|. 98 const policy::Schema* GetPolicySchema() const; 99 100 // Normalizes policies using Schema::Normalize and converts deprecated 101 // policies. 102 // 103 // - Returns false if |dict| is invalid (i.e. contains mistyped policy 104 // values). 105 // - Returns true if |dict| was valid or got normalized. 106 bool NormalizePolicies(base::DictionaryValue* dict); 107 108 // Converts each deprecated policy to its replacement if and only if the 109 // replacement policy is not set, and removes deprecated policied from dict. 110 void HandleDeprecatedPolicies(base::DictionaryValue* dict); 111 112 // Stores |new_policies| into |old_policies_|. Returns dictionary with items 113 // from |new_policies| that are different from the old |old_policies_|. 114 std::unique_ptr<base::DictionaryValue> StoreNewAndReturnChangedPolicies( 115 std::unique_ptr<base::DictionaryValue> new_policies); 116 117 // Signals policy error to the registered |PolicyErrorCallback|. 118 void SignalPolicyError(); 119 120 // |policy_service_task_runner| is the task runner where it is safe 121 // to call |policy_service_| methods and where we expect to get callbacks 122 // from |policy_service_|. 123 PolicyWatcher(policy::PolicyService* policy_service, 124 std::unique_ptr<policy::PolicyService> owned_policy_service, 125 std::unique_ptr<policy::ConfigurationPolicyProvider> 126 owned_policy_provider, 127 std::unique_ptr<policy::SchemaRegistry> owned_schema_registry); 128 129 // Creates PolicyWatcher that wraps the owned |async_policy_loader| with an 130 // appropriate PolicySchema. 131 // 132 // |policy_service_task_runner| is passed through to the constructor of 133 // PolicyWatcher. 134 static std::unique_ptr<PolicyWatcher> CreateFromPolicyLoader( 135 std::unique_ptr<policy::AsyncPolicyLoader> async_policy_loader); 136 137 // PolicyService::Observer interface. 138 void OnPolicyUpdated(const policy::PolicyNamespace& ns, 139 const policy::PolicyMap& previous, 140 const policy::PolicyMap& current) override; 141 void OnPolicyServiceInitialized(policy::PolicyDomain domain) override; 142 143 PolicyUpdatedCallback policy_updated_callback_; 144 PolicyErrorCallback policy_error_callback_; 145 146 std::unique_ptr<base::DictionaryValue> old_policies_; 147 std::unique_ptr<base::DictionaryValue> default_values_; 148 149 policy::PolicyService* policy_service_; 150 151 // Order of fields below is important to ensure destruction takes object 152 // dependencies into account: 153 // - |owned_policy_service_| uses |owned_policy_provider_| 154 // - |owned_policy_provider_| uses |owned_schema_registry_| 155 std::unique_ptr<policy::SchemaRegistry> owned_schema_registry_; 156 std::unique_ptr<policy::ConfigurationPolicyProvider> owned_policy_provider_; 157 std::unique_ptr<policy::PolicyService> owned_policy_service_; 158 159 SEQUENCE_CHECKER(sequence_checker_); 160 161 DISALLOW_COPY_AND_ASSIGN(PolicyWatcher); 162 }; 163 164 } // namespace remoting 165 166 #endif // REMOTING_HOST_POLICY_WATCHER_H_ 167