1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_H_
6 #define CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_H_
11 #include "base/callback.h"
12 #include "base/compiler_specific.h"
13 #include "base/macros.h"
14 #include "base/memory/weak_ptr.h"
15 #include "base/threading/thread_checker.h"
16 #include "chrome/browser/chromeos/settings/device_settings_service.h"
17 #include "chrome/browser/chromeos/settings/owner_key_util.h"
18 #include "chromeos/dbus/session_manager_client.h"
19 #include "chromeos/tpm_token_loader.h"
20 #include "components/keyed_service/core/keyed_service.h"
21 #include "content/public/browser/notification_observer.h"
22 #include "content/public/browser/notification_registrar.h"
28 class SessionManagerOperation;
30 // This class reloads owner key from profile NSS slots.
32 // TODO (ygorshenin@): move write path for device settings here
33 // (crbug.com/230018).
34 class OwnerSettingsService : public DeviceSettingsService::PrivateKeyDelegate,
36 public content::NotificationObserver,
37 public TPMTokenLoader::Observer,
38 public SessionManagerClient::Observer {
40 virtual ~OwnerSettingsService();
42 base::WeakPtr<OwnerSettingsService> as_weak_ptr() {
43 return weak_factory_.GetWeakPtr();
46 // DeviceSettingsService::PrivateKeyDelegate implementation:
47 virtual bool IsOwner() OVERRIDE;
48 virtual void IsOwnerAsync(const IsOwnerCallback& callback) OVERRIDE;
49 virtual bool AssembleAndSignPolicyAsync(
50 scoped_ptr<enterprise_management::PolicyData> policy,
51 const AssembleAndSignPolicyCallback& callback) OVERRIDE;
52 virtual void SignAndStoreAsync(
53 scoped_ptr<enterprise_management::ChromeDeviceSettingsProto> settings,
54 const base::Closure& callback) OVERRIDE;
55 virtual void SetManagementSettingsAsync(
56 enterprise_management::PolicyData::ManagementMode management_mode,
57 const std::string& request_token,
58 const std::string& device_id,
59 const base::Closure& callback) OVERRIDE;
61 // NotificationObserver implementation:
62 virtual void Observe(int type,
63 const content::NotificationSource& source,
64 const content::NotificationDetails& details) OVERRIDE;
66 // TPMTokenLoader::Observer:
67 virtual void OnTPMTokenReady() OVERRIDE;
69 // SessionManagerClient::Observer:
70 virtual void OwnerKeySet(bool success) OVERRIDE;
72 // Checks if the user is the device owner, without the user profile having to
73 // been initialized. Should be used only if login state is in safe mode.
74 static void IsOwnerForSafeModeAsync(const std::string& user_id,
75 const std::string& user_hash,
76 const IsOwnerCallback& callback);
78 static void SetOwnerKeyUtilForTesting(
79 const scoped_refptr<OwnerKeyUtil>& owner_key_util);
81 static void SetDeviceSettingsServiceForTesting(
82 DeviceSettingsService* device_settings_service);
85 friend class OwnerSettingsServiceFactory;
87 explicit OwnerSettingsService(Profile* profile);
89 // Reloads private key from profile's NSS slots. Responds via call
90 // to OnPrivateKeyLoaded().
91 void ReloadPrivateKey();
93 // Called when ReloadPrivateKey() completes it's work.
94 void OnPrivateKeyLoaded(scoped_refptr<PublicKey> public_key,
95 scoped_refptr<PrivateKey> private_key);
97 // Puts request to perform sign-and-store operation in the queue.
98 void EnqueueSignAndStore(scoped_ptr<enterprise_management::PolicyData> policy,
99 const base::Closure& callback);
101 // Performs next operation in the queue.
102 void StartNextOperation();
104 // Called when sign-and-store operation completes it's work.
105 void HandleCompletedOperation(const base::Closure& callback,
106 SessionManagerOperation* operation,
107 DeviceSettingsService::Status status);
109 // Called when it's not possible to store settings.
110 void HandleError(DeviceSettingsService::Status status,
111 const base::Closure& callback);
113 // Returns testing instance of OwnerKeyUtil when it's set, otherwise
114 // returns |owner_key_util_|.
115 scoped_refptr<OwnerKeyUtil> GetOwnerKeyUtil();
117 // Returns testing instance of DeviceSettingsService when it's set,
118 // otherwise returns pointer to a singleton instance, when it's
120 DeviceSettingsService* GetDeviceSettingsService();
122 // Profile this service instance belongs to.
125 // User ID this service instance belongs to.
126 std::string user_id_;
128 scoped_refptr<PublicKey> public_key_;
130 scoped_refptr<PrivateKey> private_key_;
132 scoped_refptr<OwnerKeyUtil> owner_key_util_;
134 std::vector<IsOwnerCallback> pending_is_owner_callbacks_;
136 // Whether profile still needs to be initialized.
137 bool waiting_for_profile_creation_;
139 // Whether TPM token still needs to be initialized.
140 bool waiting_for_tpm_token_;
142 // The queue of pending sign-and-store operations. The first operation on the
143 // queue is currently active; it gets removed and destroyed once it completes.
144 std::deque<SessionManagerOperation*> pending_operations_;
146 content::NotificationRegistrar registrar_;
148 base::ThreadChecker thread_checker_;
150 base::WeakPtrFactory<OwnerSettingsService> weak_factory_;
152 DISALLOW_COPY_AND_ASSIGN(OwnerSettingsService);
155 } // namespace chromeos
157 #endif // CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_H_