chrome/browser/ash/policy/remote_commands/crd_lockout_strategy.h - chromium/src - Git at Google

 // Copyright 2021 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_
 #define CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_

 #include "base/time/time.h"
 #include "chrome/browser/ash/policy/remote_commands/crd_connection_observer.h"
 #include "third_party/abseil-cpp/absl/types/optional.h"

 namespace policy {

 // Helper class that decides when the admin is locked out from attempting to
 // start a remote CRD session.
 // This prevents the admin from spamming the host user.
 class CrdLockoutStrategy : public CrdConnectionObserver {
  public:
   CrdLockoutStrategy() = default;
   CrdLockoutStrategy(const CrdLockoutStrategy&) = delete;
   CrdLockoutStrategy& operator=(const CrdLockoutStrategy&) = delete;
   ~CrdLockoutStrategy() override = default;

   // Returns true if the admin can attempt a CRD command, or false if a timeout
   // is in effect.
   virtual bool CanAttemptConnection() const = 0;
 };

 // Simple lockout strategy that blocks attempts for a fixed time after a
 // given number of rejected attempts.
 class CrdFixedTimeoutLockoutStrategy : public CrdLockoutStrategy {
  public:
   constexpr static base::TimeDelta kLockoutDuration =
       base::TimeDelta::FromMinutes(5);
   constexpr static int kNumRejectedAttemptsAllowed = 3;

   CrdFixedTimeoutLockoutStrategy() = default;
   CrdFixedTimeoutLockoutStrategy(const CrdFixedTimeoutLockoutStrategy&) =
       delete;
   CrdFixedTimeoutLockoutStrategy& operator=(
       const CrdFixedTimeoutLockoutStrategy&) = delete;
   ~CrdFixedTimeoutLockoutStrategy() override = default;

   // CrdLockoutStrategy implementation:
   void OnConnectionRejected() override;
   void OnConnectionEstablished() override;
   bool CanAttemptConnection() const override;

  private:
   int num_rejected_connections_ = 0;

   base::Time time_until_which_attempts_are_blocked_ = base::Time::Min();
 };

 }  // namespace policy

 #endif  // CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_
	// Copyright 2021 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_
	#define CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_

	#include "base/time/time.h"
	#include "chrome/browser/ash/policy/remote_commands/crd_connection_observer.h"
	#include "third_party/abseil-cpp/absl/types/optional.h"

	namespace policy {

	// Helper class that decides when the admin is locked out from attempting to
	// start a remote CRD session.
	// This prevents the admin from spamming the host user.
	class CrdLockoutStrategy : public CrdConnectionObserver {
	public:
	CrdLockoutStrategy() = default;
	CrdLockoutStrategy(const CrdLockoutStrategy&) = delete;
	CrdLockoutStrategy& operator=(const CrdLockoutStrategy&) = delete;
	~CrdLockoutStrategy() override = default;

	// Returns true if the admin can attempt a CRD command, or false if a timeout
	// is in effect.
	virtual bool CanAttemptConnection() const = 0;
	};

	// Simple lockout strategy that blocks attempts for a fixed time after a
	// given number of rejected attempts.
	class CrdFixedTimeoutLockoutStrategy : public CrdLockoutStrategy {
	public:
	constexpr static base::TimeDelta kLockoutDuration =
	base::TimeDelta::FromMinutes(5);
	constexpr static int kNumRejectedAttemptsAllowed = 3;

	CrdFixedTimeoutLockoutStrategy() = default;
	CrdFixedTimeoutLockoutStrategy(const CrdFixedTimeoutLockoutStrategy&) =
	delete;
	CrdFixedTimeoutLockoutStrategy& operator=(
	const CrdFixedTimeoutLockoutStrategy&) = delete;
	~CrdFixedTimeoutLockoutStrategy() override = default;

	// CrdLockoutStrategy implementation:
	void OnConnectionRejected() override;
	void OnConnectionEstablished() override;
	bool CanAttemptConnection() const override;

	private:
	int num_rejected_connections_ = 0;

	base::Time time_until_which_attempts_are_blocked_ = base::Time::Min();
	};

	} // namespace policy

	#endif // CHROME_BROWSER_ASH_POLICY_REMOTE_COMMANDS_CRD_LOCKOUT_STRATEGY_H_