chrome/browser/policy/cloud_policy_controller.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROME_BROWSER_POLICY_CLOUD_POLICY_CONTROLLER_H_
#define CHROME_BROWSER_POLICY_CLOUD_POLICY_CONTROLLER_H_
#pragma once

#include <string>

#include "base/file_path.h"
#include "base/observer_list.h"
#include "base/scoped_ptr.h"
#include "base/task.h"
#include "base/time.h"
#include "chrome/browser/policy/cloud_policy_identity_strategy.h"
#include "chrome/browser/policy/configuration_policy_provider.h"
#include "chrome/browser/policy/device_management_backend.h"
#include "chrome/browser/policy/device_token_fetcher.h"

class Profile;
class TokenService;

namespace policy {

class CloudPolicyCache;
class DeviceManagementBackend;

// Coordinates the actions of DeviceTokenFetcher, CloudPolicyIdentityStrategy,
// DeviceManagementBackend, and CloudPolicyCache: calls their methods and
// listens to their callbacks/notifications.
class CloudPolicyController
    : public DeviceManagementBackend::DevicePolicyResponseDelegate,
      public DeviceTokenFetcher::Observer,
      public CloudPolicyIdentityStrategy::Observer {
 public:
  // Takes ownership of |backend|; the other parameters are weak pointers.
  CloudPolicyController(CloudPolicyCache* cache,
                        DeviceManagementBackend* backend,
                        DeviceTokenFetcher* token_fetcher,
                        CloudPolicyIdentityStrategy* identity_strategy);
  virtual ~CloudPolicyController();

  // Sets the refresh rate at which to re-fetch policy information.
  void SetRefreshRate(int64 refresh_rate_milliseconds);

  // DevicePolicyResponseDelegate implementation:
  virtual void HandlePolicyResponse(
      const em::DevicePolicyResponse& response);
  virtual void OnError(DeviceManagementBackend::ErrorCode code);

  // DeviceTokenFetcher::Observer implementation:
  virtual void OnDeviceTokenAvailable();

  // CloudPolicyIdentityStrategy::Observer implementation:
  virtual void OnDeviceTokenChanged();
  virtual void OnCredentialsChanged();

 private:
  // Indicates the current state the controller is in.
  enum ControllerState {
    // The controller is initializing, policy information not yet available.
    STATE_TOKEN_UNAVAILABLE,
    // The device is not managed. Should retry fetching the token after delay.
    STATE_TOKEN_UNMANAGED,
    // The token is not valid and should be refetched with exponential back-off.
    STATE_TOKEN_ERROR,
    // The token is valid, but policy is yet to be fetched.
    STATE_TOKEN_VALID,
    // Policy information is available and valid.
    STATE_POLICY_VALID,
    // The service returned an error when requesting policy, ask again later.
    STATE_POLICY_ERROR,
  };

  friend class CloudPolicyControllerTest;

  // More configurable constructor for use by test cases.
  CloudPolicyController(CloudPolicyCache* cache,
                        DeviceManagementBackend* backend,
                        DeviceTokenFetcher* token_fetcher,
                        CloudPolicyIdentityStrategy* identity_strategy,
                        int64 policy_refresh_rate_ms,
                        int policy_refresh_deviation_factor_percent,
                        int64 policy_refresh_deviation_max_ms,
                        int64 policy_refresh_error_delay_ms);

  // Called by constructors to perform shared initialization.
  void Initialize(CloudPolicyCache* cache,
                  DeviceManagementBackend* backend,
                  DeviceTokenFetcher* token_fetcher,
                  CloudPolicyIdentityStrategy* identity_strategy,
                  int64 policy_refresh_rate_ms,
                  int policy_refresh_deviation_factor_percent,
                  int64 policy_refresh_deviation_max_ms,
                  int64 policy_refresh_error_delay_ms);

  // Asks the token fetcher to fetch a new token.
  void FetchToken();

  // Sends a request to the device management backend to fetch policy if one
  // isn't already outstanding.
  void SendPolicyRequest();

  // Called back from the delayed work task. Performs whatever action is
  // required in the current state, e.g. refreshing policy.
  void DoDelayedWork();

  // Cancels the delayed work task.
  void CancelDelayedWork();

  // Switches to a new state and triggers any appropriate actions.
  void SetState(ControllerState new_state);

  // Computes the policy refresh delay to use.
  int64 GetRefreshDelay();

  CloudPolicyCache* cache_;
  scoped_ptr<DeviceManagementBackend> backend_;
  CloudPolicyIdentityStrategy* identity_strategy_;
  DeviceTokenFetcher* token_fetcher_;
  ControllerState state_;
  bool initial_fetch_done_;

  int64 policy_refresh_rate_ms_;
  int policy_refresh_deviation_factor_percent_;
  int64 policy_refresh_deviation_max_ms_;
  int64 policy_refresh_error_delay_ms_;
  int64 effective_policy_refresh_error_delay_ms_;

  CancelableTask* delayed_work_task_;
  ScopedRunnableMethodFactory<CloudPolicyController> method_factory_;

  DISALLOW_COPY_AND_ASSIGN(CloudPolicyController);
};

}  // namespace policy

#endif  // CHROME_BROWSER_POLICY_CLOUD_POLICY_CONTROLLER_H_