Add support for kiosk mode on the client. Make sure the settings are written in the lockbox.

chrome/browser/policy/enterprise_install_attributes.cc

-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/policy/enterprise_install_attributes.h"
 
 #include "base/logging.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
 
+namespace em = enterprise_management;
+
+namespace policy {
+
 namespace {
+// Constants for the possible device modes that can be stored in the lockbox.
+const char kConsumerDeviceMode[] = "consumer";
+const char kEnterpiseDeviceMode[] = "enterprise";
+const char kKioskDeviceMode[] = "kiosk";
+const char kUnknownDeviceMode[] = "unknown";
 
+// Field names in the lockbox.
 const char kAttrEnterpriseOwned[] = "enterprise.owned";
 const char kAttrEnterpriseUser[] = "enterprise.user";
+const char kAttrEnterpriseDomain[] = "enterprise.domain";
+const char kAttrEnterpriseMode[] = "enterprise.mode";
+const char kAttrEnterpriseDeviceId[] = "enterprise.device_id";
+
+// Extract the domain from a given email.
+std::string ExtractDomainName(const std::string& email) {
+  size_t separator_pos = email.find('@');
+  if (separator_pos != email.npos && separator_pos < email.length() - 1)
+    return email.substr(separator_pos + 1);
+  else
+    NOTREACHED() << "Not a proper email address: " << email;
+  return std::string();
+}
+
+// Translates DeviceMode constants to strings used in the lockbox.
+std::string GetDeviceModeString(EnterpriseInstallAttributes::DeviceMode mode) {
+  switch (mode) {
+    case EnterpriseInstallAttributes::DEVICE_MODE_CONSUMER:
+      return kConsumerDeviceMode;
+    case EnterpriseInstallAttributes::DEVICE_MODE_ENTERPRISE:
+      return kEnterpiseDeviceMode;
+    case EnterpriseInstallAttributes::DEVICE_MODE_KIOSK:
+      return kKioskDeviceMode;
+    case EnterpriseInstallAttributes::DEVICE_MODE_UNKNOWN:
+      break;
+  }
+  NOTREACHED() << "Invalid device mode.";
+  return kUnknownDeviceMode;
+}
+
+// Translates strings used in the lockbox to DeviceMode values.
+EnterpriseInstallAttributes::DeviceMode GetDeviceModeFromString(
+    const std::string& mode) {
+  if (mode == kConsumerDeviceMode)
+    return EnterpriseInstallAttributes::DEVICE_MODE_CONSUMER;
+  else if (mode == kEnterpiseDeviceMode)
+    return EnterpriseInstallAttributes::DEVICE_MODE_ENTERPRISE;
+  else if (mode == kKioskDeviceMode)
+    return EnterpriseInstallAttributes::DEVICE_MODE_KIOSK;
+  NOTREACHED() << "Unknown device mode string: " << mode;
+  return EnterpriseInstallAttributes::DEVICE_MODE_UNKNOWN;
+}
 
 }  // namespace
 
-namespace policy {
-
 EnterpriseInstallAttributes::EnterpriseInstallAttributes(
     chromeos::CryptohomeLibrary* cryptohome)
     : cryptohome_(cryptohome),
-      device_locked_(false) {}
+      device_locked_(false),
+      registration_mode_(DEVICE_MODE_UNKNOWN) {}
 
 EnterpriseInstallAttributes::LockResult EnterpriseInstallAttributes::LockDevice(
-    const std::string& user) {
+    const std::string& user,
+    EnterpriseInstallAttributes::DeviceMode device_mode,
+    const std::string& device_id) {
+  CHECK(device_mode != DEVICE_MODE_UNKNOWN);

[Mattias Nissler (ping if slow), 2012/02/20 12:22:54]

CHECK_NE

[pastarmovj, 2012/02/20 14:26:30]

Done.

+
   // Check for existing lock first.
   if (device_locked_) {
     return !registration_user_.empty() && user == registration_user_ ?
         LOCK_SUCCESS : LOCK_WRONG_USER;
   }
 
   if (!cryptohome_ || !cryptohome_->InstallAttributesIsReady())
     return LOCK_NOT_READY;
 
   // Clearing the TPM password seems to be always a good deal.
   if (cryptohome_->TpmIsEnabled() &&
       !cryptohome_->TpmIsBeingOwned() &&
       cryptohome_->TpmIsOwned()) {
     cryptohome_->TpmClearStoredPassword();
   }
 
   // Make sure we really have a working InstallAttrs.
   if (cryptohome_->InstallAttributesIsInvalid()) {
     LOG(ERROR) << "Install attributes invalid.";
     return LOCK_BACKEND_ERROR;
   }
 
   if (!cryptohome_->InstallAttributesIsFirstInstall())
     return LOCK_WRONG_USER;
 
+  std::string domain = ExtractDomainName(user);
+  std::string mode = GetDeviceModeString(device_mode);
+
   // Set values in the InstallAttrs and lock it.
   if (!cryptohome_->InstallAttributesSet(kAttrEnterpriseOwned, "true") ||
-      !cryptohome_->InstallAttributesSet(kAttrEnterpriseUser, user)) {
+      !cryptohome_->InstallAttributesSet(kAttrEnterpriseUser, user) ||
+      !cryptohome_->InstallAttributesSet(kAttrEnterpriseDomain, domain) ||
+      !cryptohome_->InstallAttributesSet(kAttrEnterpriseMode, mode) ||
+      !cryptohome_->InstallAttributesSet(kAttrEnterpriseDeviceId, device_id)) {
     LOG(ERROR) << "Failed writing attributes";
     return LOCK_BACKEND_ERROR;
   }
 
   if (!cryptohome_->InstallAttributesFinalize() ||
       cryptohome_->InstallAttributesIsFirstInstall() ||
       GetRegistrationUser() != user) {
     LOG(ERROR) << "Failed locking.";
     return LOCK_BACKEND_ERROR;
   }
@@ skipping 12 matching lines @@
   if (!device_locked_)
     return std::string();
 
   return registration_user_;
 }
 
 std::string EnterpriseInstallAttributes::GetDomain() {
   if (!IsEnterpriseDevice())
     return std::string();
 
-  std::string domain;
-  size_t pos = registration_user_.find('@');
-  if (pos != std::string::npos)
-    domain = registration_user_.substr(pos + 1);
+  return registration_domain_;
+}
 
-  return domain;
+std::string EnterpriseInstallAttributes::GetDeviceId() {
+  if (!IsEnterpriseDevice())
+    return std::string();
+
+  return registration_device_id_;
+}
+
+EnterpriseInstallAttributes::DeviceMode EnterpriseInstallAttributes::GetMode() {
+  ReadImmutableAttributes();
+  // |registration_user_| is empty on consumer devices.
+  if (device_locked_ && registration_user_.empty())
+    return DEVICE_MODE_CONSUMER;

[Mattias Nissler (ping if slow), 2012/02/20 12:22:54]

shouldn't we rather put this logic in ReadImmutableAttributes below for the case
when the attributes are actually not present?

[pastarmovj, 2012/02/20 14:26:30]

Done.

+
+  return registration_mode_;
 }
 
 void EnterpriseInstallAttributes::ReadImmutableAttributes() {
   if (device_locked_)
     return;
 
   if (cryptohome_ &&
       cryptohome_->InstallAttributesIsReady() &&
       !cryptohome_->InstallAttributesIsInvalid() &&
       !cryptohome_->InstallAttributesIsFirstInstall()) {
     device_locked_ = true;
     std::string enterprise_owned;
     std::string enterprise_user;
     if (cryptohome_->InstallAttributesGet(kAttrEnterpriseOwned,
                                           &enterprise_owned) &&
         cryptohome_->InstallAttributesGet(kAttrEnterpriseUser,
                                           &enterprise_user) &&
         enterprise_owned == "true" &&
         !enterprise_user.empty()) {
       registration_user_ = enterprise_user;
+      // Initialize the mode to the legacy enterprise mode here and update below
+      // if more information is present.
+      registration_mode_ = DEVICE_MODE_ENTERPRISE;
+      // If we could extract basic setting we should try to extract the extended
+      // ones too. We try to set those to defaults as good as possible if not
+      // present.
+      if (!cryptohome_->InstallAttributesGet(kAttrEnterpriseDomain,
+                                             &registration_domain_)) {
+        registration_domain_ = ExtractDomainName(registration_user_);
+      }
+      if (!cryptohome_->InstallAttributesGet(kAttrEnterpriseDeviceId,
+                                             &registration_device_id_)) {
+        registration_device_id_.clear();
+      }
+      std::string mode;
+      if (cryptohome_->InstallAttributesGet(kAttrEnterpriseMode, &mode))
+        registration_mode_ = GetDeviceModeFromString(mode);
     }
   }
 }
 
 }  // namespace policy