device_policy.h - chromiumos/platform/login_manager - Git at Google

 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef LOGIN_MANAGER_DEVICE_POLICY_H_
 #define LOGIN_MANAGER_DEVICE_POLICY_H_

 #include <glib.h>
 #include <string>

 #include <base/basictypes.h>
 #include <base/file_path.h>

 #include "login_manager/bindings/device_management_backend.pb.h"

 namespace login_manager {
 class OwnerKey;

 // This class holds device settings that are to be enforced across all users.
 //
 // If there is a policy on disk at creation time, we will load it
 // along with its signature.  A new policy and its attendant signature can
 // be set at any time and persisted to disk on-demand.
 //
 // THIS CLASS DOES NO SIGNATURE VALIDATION.
 class DevicePolicy {
  public:
   explicit DevicePolicy(const FilePath& policy_path);
   virtual ~DevicePolicy();

   // Load the signed policy off of disk into |policy_|.
   // Returns true unless there is a policy on disk and loading it fails.
   virtual bool LoadOrCreate();

   virtual const enterprise_management::PolicyFetchResponse& Get() const;

   // Persist |policy_| to disk at |policy_file_|
   // Returns false if there's an error while writing data.
   virtual bool Persist();

   virtual bool SerializeToString(std::string* output) const;

   // Clobber the stored policy with new data.
   virtual void Set(const enterprise_management::PolicyFetchResponse& policy);

   // Assuming the current user has access to the owner private key
   // (read: is the owner), this call whitelists |current_user_| and sets a
   // property indicating |current_user_| is the owner in the current policy
   // and schedules a PersistPolicy().
   // Returns false on failure, with |error| set appropriately.
   // |error| can be NULL, should you wish to ignore the particulars.
   bool StoreOwnerProperties(OwnerKey* key,
                             const std::string& current_user,
                             GError** error);

   static const char kDefaultPath[];
   // Format of this string is documented in device_management_backend.proto.
   static const char kDevicePolicyType[];

  private:
   enterprise_management::PolicyFetchResponse policy_;
   const FilePath policy_path_;

   DISALLOW_COPY_AND_ASSIGN(DevicePolicy);
 };
 }  // namespace login_manager

 #endif  // LOGIN_MANAGER_DEVICE_POLICY_H_
	// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef LOGIN_MANAGER_DEVICE_POLICY_H_
	#define LOGIN_MANAGER_DEVICE_POLICY_H_

	#include <glib.h>
	#include <string>

	#include <base/basictypes.h>
	#include <base/file_path.h>

	#include "login_manager/bindings/device_management_backend.pb.h"

	namespace login_manager {
	class OwnerKey;

	// This class holds device settings that are to be enforced across all users.
	//
	// If there is a policy on disk at creation time, we will load it
	// along with its signature. A new policy and its attendant signature can
	// be set at any time and persisted to disk on-demand.
	//
	// THIS CLASS DOES NO SIGNATURE VALIDATION.
	class DevicePolicy {
	public:
	explicit DevicePolicy(const FilePath& policy_path);
	virtual ~DevicePolicy();

	// Load the signed policy off of disk into \|policy_\|.
	// Returns true unless there is a policy on disk and loading it fails.
	virtual bool LoadOrCreate();

	virtual const enterprise_management::PolicyFetchResponse& Get() const;

	// Persist \|policy_\| to disk at \|policy_file_\|
	// Returns false if there's an error while writing data.
	virtual bool Persist();

	virtual bool SerializeToString(std::string* output) const;

	// Clobber the stored policy with new data.
	virtual void Set(const enterprise_management::PolicyFetchResponse& policy);

	// Assuming the current user has access to the owner private key
	// (read: is the owner), this call whitelists \|current_user_\| and sets a
	// property indicating \|current_user_\| is the owner in the current policy
	// and schedules a PersistPolicy().
	// Returns false on failure, with \|error\| set appropriately.
	// \|error\| can be NULL, should you wish to ignore the particulars.
	bool StoreOwnerProperties(OwnerKey* key,
	const std::string& current_user,
	GError** error);

	static const char kDefaultPath[];
	// Format of this string is documented in device_management_backend.proto.
	static const char kDevicePolicyType[];

	private:
	enterprise_management::PolicyFetchResponse policy_;
	const FilePath policy_path_;

	DISALLOW_COPY_AND_ASSIGN(DevicePolicy);
	};
	} // namespace login_manager

	#endif // LOGIN_MANAGER_DEVICE_POLICY_H_