1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_
6 #define COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_
10 #include "base/callback.h"
11 #include "base/gtest_prod_util.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/observer_list_threadsafe.h"
15 #include "base/threading/thread.h"
16 #include "base/threading/thread_checker.h"
17 #include "base/time/time.h"
18 #include "components/password_manager/core/browser/password_store_change.h"
21 class PasswordStoreConsumer;
22 class PasswordSyncableService;
29 namespace browser_sync {
30 class PasswordChangeProcessor;
31 class PasswordDataTypeController;
32 class PasswordModelAssociator;
33 class PasswordModelWorker;
36 namespace passwords_helper {
37 void AddLogin(PasswordStore* store, const autofill::PasswordForm& form);
38 void RemoveLogin(PasswordStore* store, const autofill::PasswordForm& form);
39 void UpdateLogin(PasswordStore* store, const autofill::PasswordForm& form);
42 // Interface for storing form passwords in a platform-specific secure way.
43 // The login request/manipulation API is not threadsafe and must be used
44 // from the UI thread.
45 class PasswordStore : public base::RefCountedThreadSafe<PasswordStore> {
47 // Whether or not it's acceptable for Chrome to request access to locked
48 // passwords, which requires prompting the user for permission.
49 enum AuthorizationPromptPolicy {
54 // PasswordForm vector elements are meant to be owned by the
55 // PasswordStoreConsumer. However, if the request is canceled after the
56 // allocation, then the request must take care of the deletion.
57 class GetLoginsRequest {
59 explicit GetLoginsRequest(PasswordStoreConsumer* consumer);
60 virtual ~GetLoginsRequest();
62 void set_ignore_logins_cutoff(const base::Time& cutoff) {
63 ignore_logins_cutoff_ = cutoff;
66 // Removes any logins in the result list that were saved before the cutoff.
67 void ApplyIgnoreLoginsCutoff();
69 // Forward the result to the consumer on the original message loop.
72 std::vector<autofill::PasswordForm*>* result() const {
77 // See GetLogins(). Logins older than this will be removed from the reply.
78 base::Time ignore_logins_cutoff_;
80 base::WeakPtr<PasswordStoreConsumer> consumer_weak_;
82 // The result of the request. It is filled in on the PasswordStore's task
83 // thread and consumed on the UI thread.
84 // TODO(dubroy): Remove this, and instead pass the vector directly to the
86 scoped_ptr< std::vector<autofill::PasswordForm*> > result_;
88 base::ThreadChecker thread_checker_;
89 scoped_refptr<base::MessageLoopProxy> origin_loop_;
91 DISALLOW_COPY_AND_ASSIGN(GetLoginsRequest);
94 // An interface used to notify clients (observers) of this object that data in
95 // the password store has changed. Register the observer via
96 // PasswordStore::AddObserver.
99 // Notifies the observer that password data changed. Will be called from
101 virtual void OnLoginsChanged(const PasswordStoreChangeList& changes) = 0;
104 virtual ~Observer() {}
108 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner,
109 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner);
111 // Reimplement this to add custom initialization. Always call this too.
114 // Adds the given PasswordForm to the secure password store asynchronously.
115 virtual void AddLogin(const autofill::PasswordForm& form);
117 // Updates the matching PasswordForm in the secure password store (async).
118 void UpdateLogin(const autofill::PasswordForm& form);
120 // Removes the matching PasswordForm from the secure password store (async).
121 void RemoveLogin(const autofill::PasswordForm& form);
123 // Removes all logins created in the given date range.
124 void RemoveLoginsCreatedBetween(const base::Time& delete_begin,
125 const base::Time& delete_end);
127 // Searches for a matching PasswordForm, and notifies |consumer| on
128 // completion. The request will be cancelled if the consumer is destroyed.
129 // |prompt_policy| indicates whether it's permissible to prompt the user to
130 // authorize access to locked passwords. This argument is only used on
131 // platforms that support prompting the user for access (such as Mac OS).
132 // NOTE: This means that this method can return different results depending
133 // on the value of |prompt_policy|.
134 virtual void GetLogins(
135 const autofill::PasswordForm& form,
136 AuthorizationPromptPolicy prompt_policy,
137 PasswordStoreConsumer* consumer);
139 // Gets the complete list of PasswordForms that are not blacklist entries--and
140 // are thus auto-fillable. |consumer| will be notified on completion.
141 // The request will be cancelled if the consumer is destroyed.
142 void GetAutofillableLogins(PasswordStoreConsumer* consumer);
144 // Gets the complete list of PasswordForms that are blacklist entries,
145 // and notify |consumer| on completion. The request will be cancelled if the
146 // consumer is destroyed.
147 void GetBlacklistLogins(PasswordStoreConsumer* consumer);
149 // Reports usage metrics for the database.
150 void ReportMetrics();
152 // Adds an observer to be notified when the password store data changes.
153 void AddObserver(Observer* observer);
155 // Removes |observer| from the observer list.
156 void RemoveObserver(Observer* observer);
158 // Before you destruct the store, call Shutdown to indicate that the store
159 // needs to shut itself down.
160 virtual void Shutdown();
163 friend class base::RefCountedThreadSafe<PasswordStore>;
164 // Sync's interaction with password store needs to be synchronous.
165 // Since the synchronous methods are private these classes are made
166 // as friends. This can be fixed by moving the private impl to a new
167 // class. See http://crbug.com/307750
168 friend class browser_sync::PasswordChangeProcessor;
169 friend class browser_sync::PasswordDataTypeController;
170 friend class browser_sync::PasswordModelAssociator;
171 friend class browser_sync::PasswordModelWorker;
172 friend class PasswordSyncableService;
173 friend void passwords_helper::AddLogin(PasswordStore*,
174 const autofill::PasswordForm&);
175 friend void passwords_helper::RemoveLogin(PasswordStore*,
176 const autofill::PasswordForm&);
177 friend void passwords_helper::UpdateLogin(PasswordStore*,
178 const autofill::PasswordForm&);
179 FRIEND_TEST_ALL_PREFIXES(PasswordStoreTest, IgnoreOldWwwGoogleLogins);
181 typedef base::Callback<PasswordStoreChangeList(void)> ModificationTask;
183 virtual ~PasswordStore();
185 // Schedules the given |task| to be run on the PasswordStore's TaskRunner.
186 bool ScheduleTask(const base::Closure& task);
188 // Get the TaskRunner to use for PasswordStore background tasks.
189 // By default, a SingleThreadTaskRunner on the DB thread is used, but
190 // subclasses can override.
191 virtual scoped_refptr<base::SingleThreadTaskRunner> GetBackgroundTaskRunner();
193 // These will be run in PasswordStore's own thread.
194 // Synchronous implementation that reports usage metrics.
195 virtual void ReportMetricsImpl() = 0;
196 // Synchronous implementation to add the given login.
197 virtual PasswordStoreChangeList AddLoginImpl(
198 const autofill::PasswordForm& form) = 0;
199 // Synchronous implementation to update the given login.
200 virtual PasswordStoreChangeList UpdateLoginImpl(
201 const autofill::PasswordForm& form) = 0;
202 // Synchronous implementation to remove the given login.
203 virtual PasswordStoreChangeList RemoveLoginImpl(
204 const autofill::PasswordForm& form) = 0;
205 // Synchronous implementation to remove the given logins.
206 virtual PasswordStoreChangeList RemoveLoginsCreatedBetweenImpl(
207 const base::Time& delete_begin, const base::Time& delete_end) = 0;
209 typedef base::Callback<void(const std::vector<autofill::PasswordForm*>&)>
210 ConsumerCallbackRunner; // Owns all PasswordForms in the vector.
212 // Should find all PasswordForms with the same signon_realm. The results
213 // will then be scored by the PasswordFormManager. Once they are found
214 // (or not), the consumer should be notified.
215 virtual void GetLoginsImpl(
216 const autofill::PasswordForm& form,
217 AuthorizationPromptPolicy prompt_policy,
218 const ConsumerCallbackRunner& callback_runner) = 0;
220 // Finds all non-blacklist PasswordForms, and notifies the consumer.
221 virtual void GetAutofillableLoginsImpl(GetLoginsRequest* request) = 0;
223 // Finds all blacklist PasswordForms, and notifies the consumer.
224 virtual void GetBlacklistLoginsImpl(GetLoginsRequest* request) = 0;
226 // Finds all non-blacklist PasswordForms, and fills the vector.
227 virtual bool FillAutofillableLogins(
228 std::vector<autofill::PasswordForm*>* forms) = 0;
230 // Finds all blacklist PasswordForms, and fills the vector.
231 virtual bool FillBlacklistLogins(
232 std::vector<autofill::PasswordForm*>* forms) = 0;
234 // Dispatches the result to the PasswordStoreConsumer on the original caller's
235 // thread so the callback can be executed there. This should be the UI thread.
236 virtual void ForwardLoginsResult(GetLoginsRequest* request);
238 // Log UMA stats for number of bulk deletions.
239 void LogStatsForBulkDeletion(int num_deletions);
241 // TaskRunner for tasks that run on the main thread (usually the UI thread).
242 scoped_refptr<base::SingleThreadTaskRunner> main_thread_runner_;
244 // TaskRunner for the DB thread. By default, this is the task runner used for
245 // background tasks -- see |GetBackgroundTaskRunner|.
246 scoped_refptr<base::SingleThreadTaskRunner> db_thread_runner_;
249 // Schedule the given |func| to be run in the PasswordStore's own thread with
250 // responses delivered to |consumer| on the current thread.
251 template<typename BackendFunc>
252 void Schedule(BackendFunc func, PasswordStoreConsumer* consumer);
254 // Wrapper method called on the destination thread (DB for non-mac) that
255 // invokes |task| and then calls back into the source thread to notify
256 // observers that the password store may have been modified via
257 // NotifyLoginsChanged(). Note that there is no guarantee that the called
258 // method will actually modify the password store data.
259 virtual void WrapModificationTask(ModificationTask task);
261 // Called by WrapModificationTask() once the underlying data-modifying
262 // operation has been performed. Notifies observers that password store data
263 // may have been changed.
264 void NotifyLoginsChanged(const PasswordStoreChangeList& changes);
266 // Copies |matched_forms| into the request's result vector, then calls
267 // |ForwardLoginsResult|. Temporarily used as an adapter between the API of
268 // |GetLoginsImpl| and |PasswordStoreConsumer|.
269 // TODO(dubroy): Get rid of this.
270 void CopyAndForwardLoginsResult(
271 PasswordStore::GetLoginsRequest* request,
272 const std::vector<autofill::PasswordForm*>& matched_forms);
275 scoped_refptr<ObserverListThreadSafe<Observer> > observers_;
277 bool shutdown_called_;
279 DISALLOW_COPY_AND_ASSIGN(PasswordStore);
282 #endif // COMPONENTS_PASSWORD_MANAGER_CORE_BROWSER_PASSWORD_STORE_H_