1 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_
6 #define LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_
7 
8 #include <memory>
9 #include <set>
10 #include <string>
11 #include <utility>
12 #include <vector>
13 
14 #include <base/files/file_path.h>
15 #include <base/macros.h>
16 
17 #include "bindings/chrome_device_policy.pb.h"
18 #include "bindings/device_management_backend.pb.h"
19 #include "install_attributes/libinstallattributes.h"
20 #include "policy/device_policy.h"
21 
22 #pragma GCC visibility push(default)
23 
24 namespace policy {
25 
26 // This class holds device settings that are to be enforced across all users.
27 //
28 // Before serving it to the users this class verifies that the policy is valid
29 // against its signature and the owner's key and also that the policy files
30 // are owned by root.
31 class DevicePolicyImpl : public DevicePolicy {
32  public:
33   DevicePolicyImpl();
34   ~DevicePolicyImpl() override;
35 
get_device_policy()36   const enterprise_management::ChromeDeviceSettingsProto& get_device_policy()
37       const {
38     return device_policy_;
39   }
40 
41   // DevicePolicy overrides:
42   bool LoadPolicy() override;
43   bool GetPolicyRefreshRate(int* rate) const override;
44   bool GetUserWhitelist(
45       std::vector<std::string>* user_whitelist) const override;
46   bool GetGuestModeEnabled(bool* guest_mode_enabled) const override;
47   bool GetCameraEnabled(bool* camera_enabled) const override;
48   bool GetShowUserNames(bool* show_user_names) const override;
49   bool GetDataRoamingEnabled(bool* data_roaming_enabled) const override;
50   bool GetAllowNewUsers(bool* allow_new_users) const override;
51   bool GetMetricsEnabled(bool* metrics_enabled) const override;
52   bool GetReportVersionInfo(bool* report_version_info) const override;
53   bool GetReportActivityTimes(bool* report_activity_times) const override;
54   bool GetReportBootMode(bool* report_boot_mode) const override;
55   bool GetEphemeralUsersEnabled(bool* ephemeral_users_enabled) const override;
56   bool GetReleaseChannel(std::string* release_channel) const override;
57   bool GetReleaseChannelDelegated(
58       bool* release_channel_delegated) const override;
59   bool GetUpdateDisabled(bool* update_disabled) const override;
60   bool GetTargetVersionPrefix(
61       std::string* target_version_prefix) const override;
62   bool GetRollbackToTargetVersion(
63       int* rollback_to_target_version) const override;
64   bool GetRollbackAllowedMilestones(
65       int* rollback_allowed_milestones) const override;
66   bool GetScatterFactorInSeconds(
67       int64_t* scatter_factor_in_seconds) const override;
68   bool GetAllowedConnectionTypesForUpdate(
69       std::set<std::string>* connection_types) const override;
70   bool GetOpenNetworkConfiguration(
71       std::string* open_network_configuration) const override;
72   bool GetOwner(std::string* owner) const override;
73   bool GetHttpDownloadsEnabled(bool* http_downloads_enabled) const override;
74   bool GetAuP2PEnabled(bool* au_p2p_enabled) const override;
75   bool GetAllowKioskAppControlChromeVersion(
76       bool* allow_kiosk_app_control_chrome_version) const override;
77   bool GetUsbDetachableWhitelist(
78       std::vector<UsbDeviceId>* usb_whitelist) const override;
79   bool GetAutoLaunchedKioskAppId(std::string* app_id_out) const override;
80   bool IsEnterpriseManaged() const override;
81   bool GetSecondFactorAuthenticationMode(int* mode_out) const override;
82   bool GetDisallowedTimeIntervals(
83       std::vector<WeeklyTimeInterval>* intervals_out) const override;
84   bool GetDeviceUpdateStagingSchedule(
85       std::vector<DayPercentagePair> *staging_schedule_out) const override;
86 
87   // Methods that can be used only for testing.
set_policy_data_for_testing(const enterprise_management::PolicyData & policy_data)88   void set_policy_data_for_testing(
89       const enterprise_management::PolicyData& policy_data) {
90     policy_data_ = policy_data;
91   }
set_verify_root_ownership_for_testing(bool verify_root_ownership)92   void set_verify_root_ownership_for_testing(bool verify_root_ownership) {
93     verify_root_ownership_ = verify_root_ownership;
94   }
set_install_attributes_for_testing(std::unique_ptr<InstallAttributesReader> install_attributes_reader)95   void set_install_attributes_for_testing(
96       std::unique_ptr<InstallAttributesReader> install_attributes_reader) {
97     install_attributes_reader_ = std::move(install_attributes_reader);
98   }
set_policy_for_testing(const enterprise_management::ChromeDeviceSettingsProto & device_policy)99   void set_policy_for_testing(
100       const enterprise_management::ChromeDeviceSettingsProto& device_policy) {
101     device_policy_ = device_policy;
102   }
set_policy_path_for_testing(const base::FilePath & policy_path)103   void set_policy_path_for_testing(const base::FilePath& policy_path) {
104     policy_path_ = policy_path;
105   }
set_key_file_path_for_testing(const base::FilePath & keyfile_path)106   void set_key_file_path_for_testing(const base::FilePath& keyfile_path) {
107     keyfile_path_ = keyfile_path;
108   }
set_verify_policy_for_testing(bool value)109   void set_verify_policy_for_testing(bool value) { verify_policy_ = value; }
110 
111  private:
112   // Verifies that both the policy file and the signature file exist and are
113   // owned by the root. Does nothing when |verify_root_ownership_| is set to
114   // false.
115   bool VerifyPolicyFile(const base::FilePath& policy_path);
116 
117   // Verifies that the policy signature is correct.
118   bool VerifyPolicySignature() override;
119 
120   // Loads policy off of disk from |policy_path| into |policy_|. Returns true if
121   // the |policy_path| is present on disk and loading it is successful.
122   bool LoadPolicyFromFile(const base::FilePath& policy_path);
123 
124   // Path of the default policy file, e.g. /path/to/policy. In order to make
125   // device policy more resilient against broken files, this class also tries to
126   // load indexed paths /path/to/policy.1, /path/to/policy.2 etc., see
127   // resilient_policy_utils.h.
128   base::FilePath policy_path_;
129   base::FilePath keyfile_path_;
130   std::unique_ptr<InstallAttributesReader> install_attributes_reader_;
131   enterprise_management::PolicyFetchResponse policy_;
132   enterprise_management::PolicyData policy_data_;
133   enterprise_management::ChromeDeviceSettingsProto device_policy_;
134 
135   // If true, verify that policy files are owned by root. True in production
136   // but can be set to false by tests.
137   bool verify_root_ownership_ = true;
138   // If false, all types of verification are disabled. True in production
139   // but can be set to false by tests.
140   bool verify_policy_ = true;
141 
142   DISALLOW_COPY_AND_ASSIGN(DevicePolicyImpl);
143 };
144 }  // namespace policy
145 
146 #pragma GCC visibility pop
147 
148 #endif  // LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_
149