1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_
6 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_
10 #include "base/callback.h"
11 #include "base/gtest_prod_util.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/observer_list_threadsafe.h"
15 #include "base/threading/thread.h"
16 #include "base/threading/thread_checker.h"
17 #include "base/time/time.h"
18 #include "components/password_manager/core/browser/password_store_change.h"
19 #include "components/password_manager/core/browser/password_store_sync.h"
20 #include "sync/api/syncable_service.h"
28 namespace browser_sync {
29 class PasswordChangeProcessor;
30 class PasswordDataTypeController;
31 class PasswordModelAssociator;
32 class PasswordModelWorker;
35 namespace password_manager {
37 } // namespace password_manager
39 namespace passwords_helper {
40 void AddLogin(password_manager::PasswordStore* store,
41 const autofill::PasswordForm& form);
42 void RemoveLogin(password_manager::PasswordStore* store,
43 const autofill::PasswordForm& form);
44 void UpdateLogin(password_manager::PasswordStore* store,
45 const autofill::PasswordForm& form);
49 class SyncableService;
52 namespace password_manager {
54 class PasswordStoreConsumer;
55 class PasswordSyncableService;
57 // Interface for storing form passwords in a platform-specific secure way.
58 // The login request/manipulation API is not threadsafe and must be used
59 // from the UI thread.
60 // PasswordStoreSync is a hidden base class because only PasswordSyncableService
61 // needs to access these methods.
62 class PasswordStore : protected PasswordStoreSync,
63 public base::RefCountedThreadSafe<PasswordStore> {
65 // Whether or not it's acceptable for Chrome to request access to locked
66 // passwords, which requires prompting the user for permission.
67 enum AuthorizationPromptPolicy {
72 // PasswordForm vector elements are meant to be owned by the
73 // PasswordStoreConsumer. However, if the request is canceled after the
74 // allocation, then the request must take care of the deletion.
75 class GetLoginsRequest {
77 explicit GetLoginsRequest(PasswordStoreConsumer* consumer);
78 virtual ~GetLoginsRequest();
80 void set_ignore_logins_cutoff(const base::Time& cutoff) {
81 ignore_logins_cutoff_ = cutoff;
84 // Removes any logins in the result list that were saved before the cutoff.
85 void ApplyIgnoreLoginsCutoff();
87 // Forward the result to the consumer on the original message loop.
90 std::vector<autofill::PasswordForm*>* result() const {
95 // See GetLogins(). Logins older than this will be removed from the reply.
96 base::Time ignore_logins_cutoff_;
98 base::WeakPtr<PasswordStoreConsumer> consumer_weak_;
100 // The result of the request. It is filled in on the PasswordStore's task
101 // thread and consumed on the UI thread.
102 // TODO(dubroy): Remove this, and instead pass the vector directly to the
104 scoped_ptr< std::vector<autofill::PasswordForm*> > result_;
106 base::ThreadChecker thread_checker_;
107 scoped_refptr<base::MessageLoopProxy> origin_loop_;
109 DISALLOW_COPY_AND_ASSIGN(GetLoginsRequest);
112 // An interface used to notify clients (observers) of this object that data in
113 // the password store has changed. Register the observer via
114 // PasswordStore::AddObserver.
117 // Notifies the observer that password data changed. Will be called from
119 virtual void OnLoginsChanged(const PasswordStoreChangeList& changes) = 0;
122 virtual ~Observer() {}
126 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner,
127 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner);
129 // Reimplement this to add custom initialization. Always call this too.
130 virtual bool Init(const syncer::SyncableService::StartSyncFlare& flare);
132 // Adds the given PasswordForm to the secure password store asynchronously.
133 virtual void AddLogin(const autofill::PasswordForm& form);
135 // Updates the matching PasswordForm in the secure password store (async).
136 virtual void UpdateLogin(const autofill::PasswordForm& form);
138 // Removes the matching PasswordForm from the secure password store (async).
139 virtual void RemoveLogin(const autofill::PasswordForm& form);
141 // Removes all logins created in the given date range.
142 virtual void RemoveLoginsCreatedBetween(const base::Time& delete_begin,
143 const base::Time& delete_end);
145 // Searches for a matching PasswordForm, and notifies |consumer| on
146 // completion. The request will be cancelled if the consumer is destroyed.
147 // |prompt_policy| indicates whether it's permissible to prompt the user to
148 // authorize access to locked passwords. This argument is only used on
149 // platforms that support prompting the user for access (such as Mac OS).
150 // NOTE: This means that this method can return different results depending
151 // on the value of |prompt_policy|.
152 virtual void GetLogins(
153 const autofill::PasswordForm& form,
154 AuthorizationPromptPolicy prompt_policy,
155 PasswordStoreConsumer* consumer);
157 // Gets the complete list of PasswordForms that are not blacklist entries--and
158 // are thus auto-fillable. |consumer| will be notified on completion.
159 // The request will be cancelled if the consumer is destroyed.
160 virtual void GetAutofillableLogins(PasswordStoreConsumer* consumer);
162 // Gets the complete list of PasswordForms that are blacklist entries,
163 // and notify |consumer| on completion. The request will be cancelled if the
164 // consumer is destroyed.
165 virtual void GetBlacklistLogins(PasswordStoreConsumer* consumer);
167 // Reports usage metrics for the database.
168 virtual void ReportMetrics();
170 // Adds an observer to be notified when the password store data changes.
171 void AddObserver(Observer* observer);
173 // Removes |observer| from the observer list.
174 void RemoveObserver(Observer* observer);
176 // Schedules the given |task| to be run on the PasswordStore's TaskRunner.
177 bool ScheduleTask(const base::Closure& task);
179 // Before you destruct the store, call Shutdown to indicate that the store
180 // needs to shut itself down.
181 virtual void Shutdown();
183 #if defined(PASSWORD_MANAGER_ENABLE_SYNC)
184 base::WeakPtr<syncer::SyncableService> GetPasswordSyncableService();
188 friend class base::RefCountedThreadSafe<PasswordStore>;
189 FRIEND_TEST_ALL_PREFIXES(PasswordStoreTest, IgnoreOldWwwGoogleLogins);
191 typedef base::Callback<PasswordStoreChangeList(void)> ModificationTask;
193 virtual ~PasswordStore();
195 // Get the TaskRunner to use for PasswordStore background tasks.
196 // By default, a SingleThreadTaskRunner on the DB thread is used, but
197 // subclasses can override.
198 virtual scoped_refptr<base::SingleThreadTaskRunner> GetBackgroundTaskRunner();
200 // Methods below will be run in PasswordStore's own thread.
201 // Synchronous implementation that reports usage metrics.
202 virtual void ReportMetricsImpl() = 0;
204 // Bring PasswordStoreSync methods to the scope of PasswordStore. Otherwise,
205 // base::Bind can't be used with them because it fails to cast PasswordStore
206 // to PasswordStoreSync.
207 virtual PasswordStoreChangeList AddLoginImpl(
208 const autofill::PasswordForm& form) = 0;
209 virtual PasswordStoreChangeList UpdateLoginImpl(
210 const autofill::PasswordForm& form) = 0;
211 virtual PasswordStoreChangeList RemoveLoginImpl(
212 const autofill::PasswordForm& form) = 0;
214 // Synchronous implementation to remove the given logins.
215 virtual PasswordStoreChangeList RemoveLoginsCreatedBetweenImpl(
216 const base::Time& delete_begin, const base::Time& delete_end) = 0;
218 typedef base::Callback<void(const std::vector<autofill::PasswordForm*>&)>
219 ConsumerCallbackRunner; // Owns all PasswordForms in the vector.
221 // Should find all PasswordForms with the same signon_realm. The results
222 // will then be scored by the PasswordFormManager. Once they are found
223 // (or not), the consumer should be notified.
224 virtual void GetLoginsImpl(
225 const autofill::PasswordForm& form,
226 AuthorizationPromptPolicy prompt_policy,
227 const ConsumerCallbackRunner& callback_runner) = 0;
229 // Finds all non-blacklist PasswordForms, and notifies the consumer.
230 virtual void GetAutofillableLoginsImpl(GetLoginsRequest* request) = 0;
232 // Finds all blacklist PasswordForms, and notifies the consumer.
233 virtual void GetBlacklistLoginsImpl(GetLoginsRequest* request) = 0;
235 // Dispatches the result to the PasswordStoreConsumer on the original caller's
236 // thread so the callback can be executed there. This should be the UI thread.
237 virtual void ForwardLoginsResult(GetLoginsRequest* request);
239 // Log UMA stats for number of bulk deletions.
240 void LogStatsForBulkDeletion(int num_deletions);
242 // TaskRunner for tasks that run on the main thread (usually the UI thread).
243 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner_;
245 // TaskRunner for the DB thread. By default, this is the task runner used for
246 // background tasks -- see |GetBackgroundTaskRunner|.
247 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner_;
249 scoped_ptr<PasswordSyncableService> syncable_service_;
252 // Schedule the given |func| to be run in the PasswordStore's own thread with
253 // responses delivered to |consumer| on the current thread.
254 template<typename BackendFunc>
255 void Schedule(BackendFunc func, PasswordStoreConsumer* consumer);
257 // Wrapper method called on the destination thread (DB for non-mac) that
258 // invokes |task| and then calls back into the source thread to notify
259 // observers that the password store may have been modified via
260 // NotifyLoginsChanged(). Note that there is no guarantee that the called
261 // method will actually modify the password store data.
262 virtual void WrapModificationTask(ModificationTask task);
264 // PasswordStoreSync:
265 // Called by WrapModificationTask() once the underlying data-modifying
266 // operation has been performed. Notifies observers that password store data
267 // may have been changed.
268 virtual void NotifyLoginsChanged(
269 const PasswordStoreChangeList& changes) OVERRIDE;
271 // Copies |matched_forms| into the request's result vector, then calls
272 // |ForwardLoginsResult|. Temporarily used as an adapter between the API of
273 // |GetLoginsImpl| and |PasswordStoreConsumer|.
274 // TODO(dubroy): Get rid of this.
275 void CopyAndForwardLoginsResult(
276 PasswordStore::GetLoginsRequest* request,
277 const std::vector<autofill::PasswordForm*>& matched_forms);
279 #if defined(PASSWORD_MANAGER_ENABLE_SYNC)
280 // Creates PasswordSyncableService instance on the background thread.
281 void InitSyncableService(
282 const syncer::SyncableService::StartSyncFlare& flare);
284 // Deletes PasswordSyncableService instance on the background thread.
285 void DestroySyncableService();
289 scoped_refptr<ObserverListThreadSafe<Observer> > observers_;
291 bool shutdown_called_;
293 DISALLOW_COPY_AND_ASSIGN(PasswordStore);
296 } // namespace password_manager
298 #endif // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_