1 // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 6 #define LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 7 8 #include <set> 9 #include <string> 10 #include <vector> 11 12 #include <base/files/file_path.h> 13 #include <base/macros.h> 14 15 #include "bindings/chrome_device_policy.pb.h" 16 #include "bindings/device_management_backend.pb.h" 17 #include "policy/device_policy.h" 18 19 #pragma GCC visibility push(default) 20 21 namespace policy { 22 23 // This class holds device settings that are to be enforced across all users. 24 // 25 // Before serving it to the users this class verifies that the policy is valid 26 // against its signature and the owner's key and also that the policy files 27 // are owned by root. 28 class DevicePolicyImpl : public DevicePolicy { 29 public: 30 DevicePolicyImpl(); 31 virtual ~DevicePolicyImpl(); 32 33 virtual bool LoadPolicy(); 34 virtual bool GetPolicyRefreshRate(int* rate) const; 35 virtual bool GetUserWhitelist(std::vector<std::string>* user_whitelist) const; 36 virtual bool GetGuestModeEnabled(bool* guest_mode_enabled) const; 37 virtual bool GetCameraEnabled(bool* camera_enabled) const; 38 virtual bool GetShowUserNames(bool* show_user_names) const; 39 virtual bool GetDataRoamingEnabled(bool* data_roaming_enabled) const; 40 virtual bool GetAllowNewUsers(bool* allow_new_users) const; 41 virtual bool GetMetricsEnabled(bool* metrics_enabled) const; 42 virtual bool GetReportVersionInfo(bool* report_version_info) const; 43 virtual bool GetReportActivityTimes(bool* report_activity_times) const; 44 virtual bool GetReportBootMode(bool* report_boot_mode) const; 45 virtual bool GetEphemeralUsersEnabled(bool* ephemeral_users_enabled) const; 46 virtual bool GetReleaseChannel(std::string* release_channel) const; 47 virtual bool GetReleaseChannelDelegated( 48 bool* release_channel_delegated) const; 49 virtual bool GetUpdateDisabled(bool* update_disabled) const; 50 virtual bool GetTargetVersionPrefix( 51 std::string* target_version_prefix) const; 52 virtual bool GetScatterFactorInSeconds( 53 int64_t* scatter_factor_in_seconds) const; 54 virtual bool GetAllowedConnectionTypesForUpdate( 55 std::set<std::string>* connection_types) const; 56 virtual bool GetOpenNetworkConfiguration( 57 std::string* open_network_configuration) const; 58 virtual bool GetOwner(std::string* owner) const; 59 virtual bool GetHttpDownloadsEnabled(bool* http_downloads_enabled) const; 60 virtual bool GetAuP2PEnabled(bool* au_p2p_enabled) const; 61 virtual bool GetAllowKioskAppControlChromeVersion( 62 bool* allow_kiosk_app_control_chrome_version) const; 63 virtual bool GetUsbDetachableWhitelist( 64 std::vector<UsbDeviceId>* usb_whitelist) const; 65 66 protected: 67 // Verifies that the policy files are owned by root and exist. 68 virtual bool VerifyPolicyFiles(); 69 70 base::FilePath policy_path_; 71 base::FilePath keyfile_path_; 72 73 private: 74 // Verifies that the policy signature is correct. 75 virtual bool VerifyPolicySignature(); 76 77 enterprise_management::PolicyFetchResponse policy_; 78 enterprise_management::PolicyData policy_data_; 79 enterprise_management::ChromeDeviceSettingsProto device_policy_; 80 81 DISALLOW_COPY_AND_ASSIGN(DevicePolicyImpl); 82 }; 83 } // namespace policy 84 85 #pragma GCC visibility pop 86 87 #endif // LIBBRILLO_POLICY_DEVICE_POLICY_IMPL_H_ 88