| // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "components/policy/core/common/cloud/component_cloud_policy_store.h" |
| |
| #include <stddef.h> |
| #include <utility> |
| |
| #include "base/callback.h" |
| #include "base/json/json_reader.h" |
| #include "base/logging.h" |
| #include "base/macros.h" |
| #include "base/strings/string_util.h" |
| #include "base/values.h" |
| #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| #include "components/policy/core/common/cloud/cloud_policy_validator.h" |
| #include "components/policy/core/common/external_data_fetcher.h" |
| #include "components/policy/core/common/policy_map.h" |
| #include "components/policy/core/common/policy_types.h" |
| #include "crypto/sha2.h" |
| #include "policy/proto/chrome_extension_policy.pb.h" |
| #include "policy/proto/device_management_backend.pb.h" |
| #include "url/gurl.h" |
| |
| namespace em = enterprise_management; |
| |
| namespace policy { |
| |
| namespace { |
| |
| const char kValue[] = "Value"; |
| const char kLevel[] = "Level"; |
| const char kRecommended[] = "Recommended"; |
| |
| const struct DomainConstants { |
| PolicyDomain domain; |
| const char* proto_cache_key; |
| const char* data_cache_key; |
| const char* policy_type; |
| } kDomains[] = { |
| { |
| POLICY_DOMAIN_EXTENSIONS, |
| "extension-policy", |
| "extension-policy-data", |
| dm_protocol::kChromeExtensionPolicyType, |
| }, |
| }; |
| |
| const DomainConstants* GetDomainConstants(PolicyDomain domain) { |
| for (size_t i = 0; i < arraysize(kDomains); ++i) { |
| if (kDomains[i].domain == domain) |
| return &kDomains[i]; |
| } |
| return NULL; |
| } |
| |
| const DomainConstants* GetDomainConstantsForType(const std::string& type) { |
| for (size_t i = 0; i < arraysize(kDomains); ++i) { |
| if (kDomains[i].policy_type == type) |
| return &kDomains[i]; |
| } |
| return NULL; |
| } |
| |
| } // namespace |
| |
| ComponentCloudPolicyStore::Delegate::~Delegate() {} |
| |
| ComponentCloudPolicyStore::ComponentCloudPolicyStore( |
| Delegate* delegate, |
| ResourceCache* cache) |
| : delegate_(delegate), |
| cache_(cache) { |
| // Allow the store to be created on a different thread than the thread that |
| // will end up using it. |
| DetachFromThread(); |
| } |
| |
| ComponentCloudPolicyStore::~ComponentCloudPolicyStore() { |
| DCHECK(CalledOnValidThread()); |
| } |
| |
| // static |
| bool ComponentCloudPolicyStore::SupportsDomain(PolicyDomain domain) { |
| return GetDomainConstants(domain) != NULL; |
| } |
| |
| // static |
| bool ComponentCloudPolicyStore::GetPolicyType(PolicyDomain domain, |
| std::string* policy_type) { |
| const DomainConstants* constants = GetDomainConstants(domain); |
| if (constants) |
| *policy_type = constants->policy_type; |
| return constants != NULL; |
| } |
| |
| // static |
| bool ComponentCloudPolicyStore::GetPolicyDomain(const std::string& policy_type, |
| PolicyDomain* domain) { |
| const DomainConstants* constants = GetDomainConstantsForType(policy_type); |
| if (constants) |
| *domain = constants->domain; |
| return constants != NULL; |
| } |
| |
| const std::string& ComponentCloudPolicyStore::GetCachedHash( |
| const PolicyNamespace& ns) const { |
| DCHECK(CalledOnValidThread()); |
| std::map<PolicyNamespace, std::string>::const_iterator it = |
| cached_hashes_.find(ns); |
| return it == cached_hashes_.end() ? base::EmptyString() : it->second; |
| } |
| |
| void ComponentCloudPolicyStore::SetCredentials(const std::string& username, |
| const std::string& dm_token) { |
| DCHECK(CalledOnValidThread()); |
| DCHECK(username_.empty() || username == username_); |
| DCHECK(dm_token_.empty() || dm_token == dm_token_); |
| username_ = username; |
| dm_token_ = dm_token; |
| } |
| |
| void ComponentCloudPolicyStore::Load() { |
| DCHECK(CalledOnValidThread()); |
| typedef std::map<std::string, std::string> ContentMap; |
| |
| // Load all cached policy protobufs for each domain. |
| for (size_t domain = 0; domain < arraysize(kDomains); ++domain) { |
| const DomainConstants& constants = kDomains[domain]; |
| ContentMap protos; |
| cache_->LoadAllSubkeys(constants.proto_cache_key, &protos); |
| for (ContentMap::iterator it = protos.begin(); it != protos.end(); ++it) { |
| const std::string& id(it->first); |
| PolicyNamespace ns(constants.domain, id); |
| |
| // Validate each protobuf. |
| std::unique_ptr<em::PolicyFetchResponse> proto( |
| new em::PolicyFetchResponse); |
| em::ExternalPolicyData payload; |
| if (!proto->ParseFromString(it->second) || |
| !ValidateProto(std::move(proto), constants.policy_type, id, &payload, |
| NULL)) { |
| Delete(ns); |
| continue; |
| } |
| |
| // The protobuf looks good; load the policy data. |
| std::string data; |
| PolicyMap policy; |
| if (cache_->Load(constants.data_cache_key, id, &data) && |
| ValidateData(data, payload.secure_hash(), &policy)) { |
| // The data is also good; expose the policies. |
| policy_bundle_.Get(ns).Swap(&policy); |
| cached_hashes_[ns] = payload.secure_hash(); |
| } else { |
| // The data for this proto couldn't be loaded or is corrupted. |
| Delete(ns); |
| } |
| } |
| } |
| } |
| |
| bool ComponentCloudPolicyStore::Store(const PolicyNamespace& ns, |
| const std::string& serialized_policy, |
| const std::string& secure_hash, |
| const std::string& data) { |
| DCHECK(CalledOnValidThread()); |
| const DomainConstants* constants = GetDomainConstants(ns.domain); |
| PolicyMap policy; |
| // |serialized_policy| has already been validated; validate the data now. |
| if (!constants || !ValidateData(data, secure_hash, &policy)) |
| return false; |
| |
| // Flush the proto and the data to the cache. |
| cache_->Store(constants->proto_cache_key, ns.component_id, serialized_policy); |
| cache_->Store(constants->data_cache_key, ns.component_id, data); |
| // And expose the policy. |
| policy_bundle_.Get(ns).Swap(&policy); |
| cached_hashes_[ns] = secure_hash; |
| delegate_->OnComponentCloudPolicyStoreUpdated(); |
| return true; |
| } |
| |
| void ComponentCloudPolicyStore::Delete(const PolicyNamespace& ns) { |
| DCHECK(CalledOnValidThread()); |
| const DomainConstants* constants = GetDomainConstants(ns.domain); |
| if (!constants) |
| return; |
| |
| cache_->Delete(constants->proto_cache_key, ns.component_id); |
| cache_->Delete(constants->data_cache_key, ns.component_id); |
| |
| if (!policy_bundle_.Get(ns).empty()) { |
| policy_bundle_.Get(ns).Clear(); |
| delegate_->OnComponentCloudPolicyStoreUpdated(); |
| } |
| } |
| |
| void ComponentCloudPolicyStore::Purge( |
| PolicyDomain domain, |
| const ResourceCache::SubkeyFilter& filter) { |
| DCHECK(CalledOnValidThread()); |
| const DomainConstants* constants = GetDomainConstants(domain); |
| if (!constants) |
| return; |
| |
| cache_->FilterSubkeys(constants->proto_cache_key, filter); |
| cache_->FilterSubkeys(constants->data_cache_key, filter); |
| |
| // Stop serving policies for purged namespaces. |
| bool purged_current_policies = false; |
| for (PolicyBundle::const_iterator it = policy_bundle_.begin(); |
| it != policy_bundle_.end(); ++it) { |
| if (it->first.domain == domain && |
| filter.Run(it->first.component_id) && |
| !policy_bundle_.Get(it->first).empty()) { |
| policy_bundle_.Get(it->first).Clear(); |
| purged_current_policies = true; |
| } |
| } |
| |
| // Purge cached hashes, so that those namespaces can be fetched again if the |
| // policy state changes. |
| std::map<PolicyNamespace, std::string>::iterator it = cached_hashes_.begin(); |
| while (it != cached_hashes_.end()) { |
| if (it->first.domain == domain && filter.Run(it->first.component_id)) { |
| std::map<PolicyNamespace, std::string>::iterator prev = it; |
| ++it; |
| cached_hashes_.erase(prev); |
| } else { |
| ++it; |
| } |
| } |
| |
| if (purged_current_policies) |
| delegate_->OnComponentCloudPolicyStoreUpdated(); |
| } |
| |
| void ComponentCloudPolicyStore::Clear() { |
| for (size_t i = 0; i < arraysize(kDomains); ++i) { |
| cache_->Clear(kDomains[i].proto_cache_key); |
| cache_->Clear(kDomains[i].data_cache_key); |
| } |
| cached_hashes_.clear(); |
| const PolicyBundle empty_bundle; |
| if (!policy_bundle_.Equals(empty_bundle)) { |
| policy_bundle_.Clear(); |
| delegate_->OnComponentCloudPolicyStoreUpdated(); |
| } |
| } |
| |
| bool ComponentCloudPolicyStore::ValidatePolicy( |
| std::unique_ptr<em::PolicyFetchResponse> proto, |
| PolicyNamespace* ns, |
| em::ExternalPolicyData* payload) { |
| em::PolicyData policy_data; |
| if (!ValidateProto(std::move(proto), std::string(), std::string(), payload, |
| &policy_data)) { |
| return false; |
| } |
| |
| if (!policy_data.has_policy_type()) |
| return false; |
| |
| const DomainConstants* constants = |
| GetDomainConstantsForType(policy_data.policy_type()); |
| if (!constants || !policy_data.has_settings_entity_id()) |
| return false; |
| |
| ns->domain = constants->domain; |
| ns->component_id = policy_data.settings_entity_id(); |
| return true; |
| } |
| |
| bool ComponentCloudPolicyStore::ValidateProto( |
| std::unique_ptr<em::PolicyFetchResponse> proto, |
| const std::string& policy_type, |
| const std::string& settings_entity_id, |
| em::ExternalPolicyData* payload, |
| em::PolicyData* policy_data) { |
| if (username_.empty() || dm_token_.empty()) |
| return false; |
| |
| std::unique_ptr<ComponentCloudPolicyValidator> validator( |
| ComponentCloudPolicyValidator::Create( |
| std::move(proto), scoped_refptr<base::SequencedTaskRunner>())); |
| validator->ValidateUsername(username_, true); |
| validator->ValidateDMToken(dm_token_, |
| ComponentCloudPolicyValidator::DM_TOKEN_REQUIRED); |
| if (!policy_type.empty()) |
| validator->ValidatePolicyType(policy_type); |
| if (!settings_entity_id.empty()) |
| validator->ValidateSettingsEntityId(settings_entity_id); |
| validator->ValidatePayload(); |
| // TODO(joaodasilva): validate signature. |
| validator->RunValidation(); |
| if (!validator->success()) |
| return false; |
| |
| em::ExternalPolicyData* data = validator->payload().get(); |
| // The download URL must be empty, or must be a valid URL. |
| // An empty download URL signals that this component doesn't have cloud |
| // policy, or that the policy has been removed. |
| if (data->has_download_url() && !data->download_url().empty()) { |
| if (!GURL(data->download_url()).is_valid() || |
| !data->has_secure_hash() || |
| data->secure_hash().empty()) { |
| return false; |
| } |
| } else if (data->has_secure_hash()) { |
| return false; |
| } |
| |
| if (payload) |
| payload->Swap(validator->payload().get()); |
| if (policy_data) |
| policy_data->Swap(validator->policy_data().get()); |
| return true; |
| } |
| |
| bool ComponentCloudPolicyStore::ValidateData( |
| const std::string& data, |
| const std::string& secure_hash, |
| PolicyMap* policy) { |
| return crypto::SHA256HashString(data) == secure_hash && |
| ParsePolicy(data, policy); |
| } |
| |
| bool ComponentCloudPolicyStore::ParsePolicy(const std::string& data, |
| PolicyMap* policy) { |
| std::unique_ptr<base::Value> json = base::JSONReader::Read( |
| data, base::JSON_PARSE_RFC | base::JSON_DETACHABLE_CHILDREN); |
| base::DictionaryValue* dict = NULL; |
| if (!json || !json->GetAsDictionary(&dict)) |
| return false; |
| |
| // Each top-level key maps a policy name to its description. |
| // |
| // Each description is an object that contains the policy value under the |
| // "Value" key. The optional "Level" key is either "Mandatory" (default) or |
| // "Recommended". |
| for (base::DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { |
| base::DictionaryValue* description = NULL; |
| if (!dict->GetDictionaryWithoutPathExpansion(it.key(), &description)) |
| return false; |
| |
| std::unique_ptr<base::Value> value; |
| if (!description->RemoveWithoutPathExpansion(kValue, &value)) |
| return false; |
| |
| PolicyLevel level = POLICY_LEVEL_MANDATORY; |
| std::string level_string; |
| if (description->GetStringWithoutPathExpansion(kLevel, &level_string) && |
| level_string == kRecommended) { |
| level = POLICY_LEVEL_RECOMMENDED; |
| } |
| |
| // If policy for components is ever used for device-level settings then |
| // this must support a configurable scope; assuming POLICY_SCOPE_USER is |
| // fine for now. |
| policy->Set(it.key(), level, POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, |
| std::move(value), nullptr); |
| } |
| |
| return true; |
| } |
| |
| } // namespace policy |