Add support for kiosk mode on the client. Make sure the settings are written in the lockbox.

chrome/browser/policy/device_token_fetcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/policy/device_token_fetcher.h"
 
 #include <algorithm>
 
 #include "base/bind.h"
 #include "base/metrics/histogram.h"
 #include "base/time.h"
 #include "chrome/browser/policy/cloud_policy_cache_base.h"
 #include "chrome/browser/policy/cloud_policy_constants.h"
 #include "chrome/browser/policy/cloud_policy_data_store.h"
 #include "chrome/browser/policy/delayed_work_scheduler.h"
 #include "chrome/browser/policy/device_management_service.h"
+#include "chrome/browser/policy/enterprise_install_attributes.h"
 #include "chrome/browser/policy/enterprise_metrics.h"
 #include "chrome/browser/policy/policy_notifier.h"
 #include "chrome/browser/policy/proto/device_management_local.pb.h"
 
+namespace em = enterprise_management;
+
 namespace policy {
 
 namespace {
 
 // Retry after 5 minutes (with exponential backoff) after token fetch errors.
 const int64 kTokenFetchErrorDelayMilliseconds = 5 * 60 * 1000;
 // Retry after max 3 hours after token fetch errors.
 const int64 kTokenFetchErrorMaxDelayMilliseconds = 3 * 60 * 60 * 1000;
 // For unmanaged devices, check once per day whether they're still unmanaged.
 const int64 kUnmanagedDeviceRefreshRateMilliseconds = 24 * 60 * 60 * 1000;
@@ skipping 33 matching lines @@
     case DM_STATUS_HTTP_STATUS_ERROR:
       sample = kMetricTokenFetchServerFailed;
       break;
   }
   if (sample != -1)
     UMA_HISTOGRAM_ENUMERATION(kMetricToken, sample, kMetricTokenSize);
   else
     NOTREACHED();
 }
 
+// Translates the DeviceRegisterResponse::DeviceMode |mode| to the enum used
+// internally throughout ChromeOS to represent different device modes.
+EnterpriseInstallAttributes::DeviceMode
+    TranslateProtobufDeviceMode(em::DeviceRegisterResponse::DeviceMode mode) {
+  switch (mode) {
+    case em::DeviceRegisterResponse::ENTERPRISE:
+      return EnterpriseInstallAttributes::DEVICE_MODE_ENTERPRISE;
+    case em::DeviceRegisterResponse::KIOSK:
+      return EnterpriseInstallAttributes::DEVICE_MODE_KIOSK;
+  }
+  LOG(ERROR) << "Unknown enrollment mode in registration response: " << mode;
+  return  EnterpriseInstallAttributes::DEVICE_MODE_UNKNOWN;
+}
+
 }  // namespace
 
-namespace em = enterprise_management;
-
 DeviceTokenFetcher::DeviceTokenFetcher(
     DeviceManagementService* service,
     CloudPolicyCacheBase* cache,
     CloudPolicyDataStore* data_store,
     PolicyNotifier* notifier)
     : effective_token_fetch_error_delay_ms_(
           kTokenFetchErrorDelayMilliseconds) {
   Initialize(service,
              cache,
              data_store,
@@ skipping 92 matching lines @@
 
   SampleErrorStatus(status);
 
   switch (status) {
     case DM_STATUS_SUCCESS: {
       const em::DeviceRegisterResponse& register_response =
           response.register_response();
       if (register_response.has_device_management_token()) {
         UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchOK,
                                   kMetricTokenSize);
+
+        EnterpriseInstallAttributes::DeviceMode mode =
+            EnterpriseInstallAttributes::DEVICE_MODE_UNKNOWN;
+        if (register_response.has_enrollment_type()) {
+          mode =
+              TranslateProtobufDeviceMode(register_response.enrollment_type());
+        }
+        if (mode == EnterpriseInstallAttributes::DEVICE_MODE_UNKNOWN) {
+          LOG(ERROR) << "Enrollment mode missing or unknown!";
+          SetState(STATE_BAD_ENROLLMENT_MODE);
+          return;
+        }
+        data_store_->set_device_mode(mode);
         data_store_->SetDeviceToken(register_response.device_management_token(),
                                     false);
         SetState(STATE_TOKEN_AVAILABLE);
       } else {
         NOTREACHED();
         UMA_HISTOGRAM_ENUMERATION(kMetricToken, kMetricTokenFetchBadResponse,
                                   kMetricTokenSize);
         SetState(STATE_ERROR);
       }
       return;
@@ skipping 44 matching lines @@
     case STATE_TOKEN_AVAILABLE:
       notifier_->Inform(CloudPolicySubsystem::SUCCESS,
                         CloudPolicySubsystem::NO_DETAILS,
                         PolicyNotifier::TOKEN_FETCHER);
       break;
     case STATE_BAD_SERIAL:
       notifier_->Inform(CloudPolicySubsystem::UNENROLLED,
                         CloudPolicySubsystem::BAD_SERIAL_NUMBER,
                         PolicyNotifier::TOKEN_FETCHER);
       break;
+    case STATE_BAD_ENROLLMENT_MODE:
+      notifier_->Inform(CloudPolicySubsystem::UNENROLLED,
+                        CloudPolicySubsystem::BAD_ENROLLMENT_MODE,
+                        PolicyNotifier::TOKEN_FETCHER);
+      break;
     case STATE_UNMANAGED:
       delayed_work_at = cache_->last_policy_refresh_time() +
           base::TimeDelta::FromMilliseconds(
               kUnmanagedDeviceRefreshRateMilliseconds);
       notifier_->Inform(CloudPolicySubsystem::UNMANAGED,
                         CloudPolicySubsystem::NO_DETAILS,
                         PolicyNotifier::TOKEN_FETCHER);
       break;
     case STATE_TEMPORARY_ERROR:
       delayed_work_at = base::Time::Now() +
@@ skipping 35 matching lines @@
   // Inform the cache if a token fetch attempt has failed.
   if (state_ != STATE_INACTIVE && state_ != STATE_TOKEN_AVAILABLE)
     cache_->SetFetchingDone();
 }
 
 void DeviceTokenFetcher::DoWork() {
   switch (state_) {
     case STATE_INACTIVE:
     case STATE_TOKEN_AVAILABLE:
     case STATE_BAD_SERIAL:
+    case STATE_BAD_ENROLLMENT_MODE:
       break;
     case STATE_UNMANAGED:
     case STATE_ERROR:
     case STATE_TEMPORARY_ERROR:
     case STATE_BAD_AUTH:
       FetchTokenInternal();
       break;
   }
 }
 
 }  // namespace policy