-
Notifications
You must be signed in to change notification settings - Fork 6.7k
/
policy_merger.h
128 lines (100 loc) · 4.9 KB
/
policy_merger.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
// Copyright 2019 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_POLICY_CORE_COMMON_POLICY_MERGER_H_
#define COMPONENTS_POLICY_CORE_COMMON_POLICY_MERGER_H_
#include <stddef.h>
#include <memory>
#include <string>
#include <vector>
#include "base/containers/flat_set.h"
#include "base/macros.h"
#include "components/policy/core/common/policy_map.h"
#include "components/policy/policy_export.h"
namespace policy {
// Abstract class that provides an interface to apply custom merging logic on a
// set of policies.
class POLICY_EXPORT PolicyMerger {
public:
PolicyMerger();
// Determines if a policy value is eligible for merging depending on several
// factors including its scope, source, and level.
static bool ConflictCanBeMerged(const PolicyMap::Entry& conflict,
const PolicyMap::Entry& policy,
const bool is_user_cloud_merging_enabled);
virtual ~PolicyMerger();
virtual void Merge(PolicyMap::PolicyMapType* policies) const = 0;
};
// PolicyListMerger allows the merging of policy lists that have multiple
// sources. Each policy that has to be merged will have the values from its
// multiple sources concatenated without duplicates.
class POLICY_EXPORT PolicyListMerger : public PolicyMerger {
public:
explicit PolicyListMerger(base::flat_set<std::string> policies_to_merge);
~PolicyListMerger() override;
// Merges the list policies from |policies| that have multiple sources.
void Merge(PolicyMap::PolicyMapType* policies) const override;
// Sets the variable used for determining if user cloud merging is enabled.
void SetAllowUserCloudPolicyMerging(bool allowed);
private:
// Returns True if |policy_name| is in the list of policies to merge and if
// |policy| has values from different sources that share the same level,
// target and scope.
bool CanMerge(const std::string& policy_name, PolicyMap::Entry& policy) const;
// Returns True if user cloud policy merging is enabled through the
// CloudUserPolicyMerge policy and the current user is affiliated.
bool AllowUserCloudPolicyMerging() const;
// Merges the values of |policy| if they come from multiple sources. Keeps
// track of the original values by leaving them as conflicts. |policy| must
// remain unchanged if there is nothing to merge.
void DoMerge(PolicyMap::Entry* policy) const;
bool allow_user_cloud_policy_merging_ = false;
const base::flat_set<std::string> policies_to_merge_;
DISALLOW_COPY_AND_ASSIGN(PolicyListMerger);
};
// PolicyDictionaryMerger allows the merging of policy dictionaries that have
// multiple sources. Each policy that has to be merged will have its first level
// keys merged into one dictionary, each conflict will be resolved by
// using the key coming from the highest priority source.
class POLICY_EXPORT PolicyDictionaryMerger : public PolicyMerger {
public:
explicit PolicyDictionaryMerger(
base::flat_set<std::string> policies_to_merge);
~PolicyDictionaryMerger() override;
// Merges the dictionary policies from |policies| that have multiple sources.
void Merge(PolicyMap::PolicyMapType* policies) const override;
void SetAllowedPoliciesForTesting(
base::flat_set<std::string> allowed_policies);
// Sets the variable used for determining if user cloud merging is enabled.
void SetAllowUserCloudPolicyMerging(bool allowed);
private:
// Returns True if |policy_name| is in the list of policies to merge and if
// |policy| has values from different sources that share the same level,
// target and scope.
bool CanMerge(const std::string& policy_name, PolicyMap::Entry& policy) const;
// Returns True if user cloud policy merging is enabled through the
// CloudUserPolicyMerge policy and the current user is affiliated.
bool AllowUserCloudPolicyMerging() const;
// Merges the values of |policy| if they come from multiple sources. Keeps
// track of the original values by leaving them as conflicts. |policy| stays
// intact if there is nothing to merge.
void DoMerge(PolicyMap::Entry* policy) const;
bool allow_user_cloud_policy_merging_ = false;
const base::flat_set<std::string> policies_to_merge_;
base::flat_set<std::string> allowed_policies_;
DISALLOW_COPY_AND_ASSIGN(PolicyDictionaryMerger);
};
// PolicyGroupMerger enforces atomic policy groups. It disables the policies
// from a group that do not share the highest priority from that group.
class POLICY_EXPORT PolicyGroupMerger : public PolicyMerger {
public:
PolicyGroupMerger();
~PolicyGroupMerger() override;
// Disables policies from atomic groups that do not share the highest priority
// from that group.
void Merge(PolicyMap::PolicyMapType* result) const override;
private:
DISALLOW_COPY_AND_ASSIGN(PolicyGroupMerger);
};
} // namespace policy
#endif // COMPONENTS_POLICY_CORE_COMMON_POLICY_MERGER_H_