File: policy_applicator.h

package info (click to toggle)
chromium 138.0.7204.183-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 6,071,908 kB
  • sloc: cpp: 34,937,088; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,953; asm: 946,768; xml: 739,971; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,806; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (198 lines) | stat: -rw-r--r-- 8,588 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
 
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_APPLICATOR_H_
#define CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_APPLICATOR_H_

#include <memory>
#include <string>
#include <vector>

#include "base/containers/flat_map.h"
#include "base/containers/flat_set.h"
#include "base/functional/callback_forward.h"
#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "base/sequence_checker.h"
#include "base/values.h"
#include "chromeos/ash/components/network/network_profile.h"

namespace ash {

class ManagedCellularPrefHandler;
class NetworkUIData;

// This class compares (entry point is Run()) |modified_policies| with the
// existing entries in the provided Shill profile |profile|. It fetches all
// entries in parallel (GetProfilePropertiesCallback), compares each entry with
// the current policies (GetEntryCallback) and adds all missing policies
// (~PolicyApplicator).
class PolicyApplicator {
 public:
  class ConfigurationHandler {
   public:
    ConfigurationHandler& operator=(const ConfigurationHandler&) = delete;

    virtual ~ConfigurationHandler() = default;
    // Write the new configuration with the properties `shill_properties` to
    // Shill. This configuration comes from a policy. Any conflicting or
    // existing configuration for the same network will have been removed
    // before.
    // `callback` does not necessarily signal success and is only used for
    // completion - it will be called after the configuration update has been
    // reflected in NetworkStateHandler or when an error has occurred.
    virtual void CreateConfigurationFromPolicy(
        const base::Value::Dict& shill_properties,
        base::OnceClosure callback) = 0;

    // Modifies the properties of an already-configured network.
    // `existing_properties` is used to find the network.
    // `callback` does not necessarily signal success and is only used for
    // completion - it will be called after the configuration update has been
    // reflected in NetworkStateHandler or when an error has occurred.
    virtual void UpdateExistingConfigurationWithPropertiesFromPolicy(
        const base::Value::Dict& existing_properties,
        const base::Value::Dict& new_properties,
        base::OnceClosure callback) = 0;

    // Called after all policies for |profile| were applied except for new
    // cellular policies.
    // The set of new cellular policy guids is passed in
    // `new_cellular_policy_guids`.
    // At this point, the list of networks should be updated.
    virtual void OnPoliciesApplied(
        const NetworkProfile& profile,
        const base::flat_set<std::string>& new_cellular_policy_guids) = 0;
  };

  struct Options {
    Options();
    Options(Options&& other);
    Options& operator=(Options&& other);
    Options(const Options&) = delete;
    Options& operator=(const Options&) = delete;
    ~Options();

    // Merges this `Options` instance with `other`, ORing the requested
    // operation flags.
    void Merge(const Options& other);

    // When this is set to true, all managed configurations with at least one
    // "Recommended" field will be reset to only contain the managed settings.
    bool reset_recommended_managed_configs = false;

    // When this is set to true, all unmanaged configurations will be removed.
    bool remove_unmanaged_configs = false;
  };

  // `handler` and `managed_cellular_pref_handler` must outlive this object.
  PolicyApplicator(const NetworkProfile& profile,
                   base::flat_map<std::string, base::Value::Dict> all_policies,
                   base::Value::Dict global_network_config,
                   ConfigurationHandler* handler,
                   ManagedCellularPrefHandler* managed_cellular_pref_handler,
                   base::flat_set<std::string> modified_policy_guids,
                   Options options);

  PolicyApplicator(const PolicyApplicator&) = delete;
  PolicyApplicator& operator=(const PolicyApplicator&) = delete;

  ~PolicyApplicator();

  void Run();

 private:
  // Called with the properties of the profile |profile_|. Requests the
  // properties of each entry, which are processed by GetEntryCallback.
  void GetProfilePropertiesCallback(base::Value::Dict profile_properties);
  void GetProfilePropertiesError(const std::string& error_name,
                                 const std::string& error_message);

  // Called with the properties of the profile entry |entry_identifier|. Checks
  // whether the entry was previously managed, whether a current policy applies
  // and then either updates, deletes or not touches the entry.
  void GetEntryCallback(const std::string& entry_identifier,
                        base::Value::Dict entry_properties);
  void GetEntryError(const std::string& entry_identifier,
                     const std::string& error_name,
                     const std::string& error_message);

  // Applies |new_policy| for |entry_identifier|.
  // |entry_properties| are the current properties for the entry. |ui_data| is
  // the NetworkUIData extracted from |entry_properties| and is passed so it
  // doesn't have to be re-extracted. |old_guid| is the current GUID of the
  // entry and may be empty.
  // |callback| will be called when policy application for |entry_identifier|
  // has finished.
  void ApplyOncPolicy(const std::string& entry_identifier,
                      const base::Value::Dict& entry_properties,
                      std::unique_ptr<NetworkUIData> ui_data,
                      const std::string& old_guid,
                      const std::string& new_guid,
                      const base::Value::Dict& new_policy,
                      base::OnceClosure callback);

  // Applies the global network policy (if any) on |entry_identifier|,
  // |entry_properties|}  are the current properties for the entry.
  // |callback| will be called when policy application for |entry_identifier|
  // has finished or immediately if no global network policy is present.
  void ApplyGlobalPolicyOnUnmanagedEntry(
      const std::string& entry_identifier,
      const base::Value::Dict& entry_properties,
      base::OnceClosure callback);

  // Sends Shill the command to delete profile entry |entry_identifier| from
  // |profile_|. |callback| will be called when the profile entry has been
  // deleted in shill.
  void DeleteEntry(const std::string& entry_identifier,
                   base::OnceClosure callback);

  // Applies |shill_dictionary| in shill. |policy_ is the ONC policy blob which
  // lead to the policy application. |callback| will be called when policy
  // application has finished, i.e. when the policy has been applied in shill
  // NetworkStateHandler in chrome has reflected the changes.
  void WriteNewShillConfiguration(base::Value::Dict shill_dictionary,
                                  base::Value::Dict policy,
                                  base::OnceClosure callback);

  // Removes |entry_identifier| from the list of pending profile entries.
  // If all entries were processed, applies the remaining policies and notifies
  // |handler_|.
  void ProfileEntryFinished(const std::string& entry_identifier);

  // Creates new entries for all remaining policies, i.e. for which no matching
  // Profile entry was found.
  // This should only be called if all profile entries were processed.
  void ApplyRemainingPolicies();

  // This is called when the remaining policy application for |guid| scheduled
  // by ApplyRemainingPolicies has finished.
  void RemainingPolicyApplied(const std::string& guid);

  // Called after all policies are applied or an error occurred. Notifies
  // |handler_|.
  void NotifyConfigurationHandlerAndFinish();

  const raw_ptr<ConfigurationHandler> handler_;
  raw_ptr<ManagedCellularPrefHandler> managed_cellular_pref_handler_ = nullptr;
  NetworkProfile profile_;
  base::flat_map<std::string, base::Value::Dict> all_policies_;
  base::Value::Dict global_network_config_;
  const Options options_;

  base::flat_set<std::string> remaining_policy_guids_;
  base::flat_set<std::string> pending_get_entry_calls_;

  // Contains GUIDs of new cellular policies so they can be reported back to
  // the caller.
  base::flat_set<std::string> new_cellular_policy_guids_;

  SEQUENCE_CHECKER(sequence_checker_);

  base::WeakPtrFactory<PolicyApplicator> weak_ptr_factory_{this};
};

}  // namespace ash

#endif  // CHROMEOS_ASH_COMPONENTS_NETWORK_POLICY_APPLICATOR_H_