Implement ephemeral users

chrome/browser/chromeos/login/user_manager.h

Index: chrome/browser/chromeos/login/user_manager.h
diff --git a/chrome/browser/chromeos/login/user_manager.h b/chrome/browser/chromeos/login/user_manager.h
index 6e70d7cccc4a2a00169a9fe6400573e316668955..ac5038a90a3b4f1bab1162e6a7ff763c3775d4e0 100644
--- a/chrome/browser/chromeos/login/user_manager.h
+++ b/chrome/browser/chromeos/login/user_manager.h
@@ -48,12 +48,12 @@ class UserManager : public ProfileDownloaderDelegate,
   // Registers user manager preferences.
   static void RegisterPrefs(PrefService* local_state);
 
-  // Returns a list of the users who have logged into this device previously.
-  // It is sorted in order of recency, with most recent at the beginning.
+  // Returns a list of users who have logged into this device previously. This
+  // is sorted by last login date with the most recent user at the beginning.
   const UserList& GetUsers() const;
 
-  // Indicates that a user with the given email has just logged in.
-  // The persistent list will be updated accordingly.
+  // Indicates that a user with the given email has just logged in. The
+  // persistent list is updated accordingly if the user is not ephemeral.
   void UserLoggedIn(const std::string& email);
 
   // Indicates that user just logged on as the demo user.
@@ -72,10 +72,12 @@ class UserManager : public ProfileDownloaderDelegate,
   // picture.
   void RemoveUserFromList(const std::string& email);
 
-  // Returns true if given user has logged into the device before.
+  // Returns true if a user with the given email address is found in the
+  // persistent list or currently logged in as ephemeral.
   virtual bool IsKnownUser(const std::string& email) const;
 
-  // Returns a user with given email or |NULL| if no such user exists.
+  // Returns the user with the given email address if found in the persistent
+  // list or currently logged in as ephemeral. Returns |NULL| otherwise.
   const User* FindUser(const std::string& email) const;
 
   // Returns the logged-in user.
@@ -142,6 +144,11 @@ class UserManager : public ProfileDownloaderDelegate,
     return current_user_is_new_;
   }
 
+  // Accessor for current_user_is_ephemeral_.
+  bool current_user_is_ephemeral() const {

[Nikita (slow), 2012/03/07 10:03:04]

needs merge:

Rename to IsCurrentUserEphemeral().
Add to the UserManager interface and mock.

[use bartfab instead, 2012/03/07 11:10:08]

After addressing your other comments, the method is actually gone completely
now.

+    return current_user_is_ephemeral_;
+  }
+
   bool user_is_logged_in() const { return user_is_logged_in_; }
 
   // Returns true if we're logged in as a demo user.
@@ -180,16 +187,38 @@ class UserManager : public ProfileDownloaderDelegate,
   FilePath GetImagePathForUser(const std::string& username);
 
  private:
+  friend class UserManagerTest;
+
   // Loads |users_| from Local State if the list has not been loaded yet.
   // Subsequent calls have no effect. Must be called on the UI thread.
   void EnsureUsersLoaded();
 
+  // Retrieves trusted device policies and removes users from the persistent
+  // list if ephemeral users are enabled. Schedules a callback to itself if
+  // trusted device policies are not yet available.
+  void RetrieveTrustedDevicePolicies();
+
+  // Returns true if trusted device policies have successfully been retrieved
+  // and ephemeral users are enabled.
+  bool AreEphemeralUsersEnabled() const;
+
+  // Returns true if the user with the given email address is to be treated as
+  // ephemeral.
+  bool IsEphemeralUser(const std::string& email) const;
+
+  // Returns the user with the given email address if found in the persistent
+  // list. Returns |NULL| otherwise.
+  const User* FindUserInList(const std::string& email) const;
+
   // Makes stub user the current logged-in user (for test paths).
   void StubUserLoggedIn();
 
   // Notifies on new user session.
   void NotifyOnLogin();
 
+  // Resets internal state to the initial values before user login.
+  void LogoutForTest();
+
   // Reads user's oauth token status from local state preferences.
   User::OAuthTokenStatus LoadUserOAuthStatus(const std::string& username) const;
 
@@ -250,11 +279,15 @@ class UserManager : public ProfileDownloaderDelegate,
   // Creates a new User instance.
   User* CreateUser(const std::string& email) const;
 
+  // Removes the user from the persistent list only. Also removes the user's
+  // picture.
+  void RemoveUserFromListInternal(const std::string& email);
+
   // Loads user image from its file.
   scoped_refptr<UserImageLoader> image_loader_;
 
   // List of all known users. User instances are owned by |this| and deleted
-  // when a user is removed with |RemoveUser|.
+  // when users are removed by |RemoveUserFromListInternal|.
   mutable UserList users_;
 
   // Map of users' display names used to determine which users have unique
@@ -271,8 +304,9 @@ class UserManager : public ProfileDownloaderDelegate,
   User stub_user_;
 
   // The logged-in user. NULL until a user has logged in, then points to one
-  // of the User instances in |users_| or to the |guest_user_| instance.
-  // In test paths without login points to the |stub_user_| instance.
+  // of the User instances in |users_|, the |guest_user_| instance or an
+  // ephemeral user instance. In test paths without login points to the
+  // |stub_user_| instance.
   User* logged_in_user_;
 
   // Cached flag of whether currently logged-in user is owner or not.
@@ -284,9 +318,23 @@ class UserManager : public ProfileDownloaderDelegate,
   // login.
   bool current_user_is_new_;
 
+  // Cached flag of whether the currently logged-in user is ephemeral. Storage
+  // of persistent information is avoided for such users by not adding them to
+  // the user list in local state, not downloading their custom user images and
+  // mounting their cryptohomes using tmpfs.
+  bool current_user_is_ephemeral_;

[Nikita (slow), 2012/03/07 10:03:04]

nit: Should follow naming that other members in UserManagerImpl use.
is_current_user_ephemeral_

[use bartfab instead, 2012/03/07 11:10:08]

Done.

+
   // Cached flag of whether any user is logged in at the moment.
   bool user_is_logged_in_;
 
+  // Cached flag indicating whether ephemeral users are enabled. Defaults to
+  // |false| if the value has not been read from trusted device policy yet.
+  bool ephemeral_users_enabled_;
+
+  // Cached name of device owner. Defaults to empty string if the value has not
+  // been read from trusted device policy yet.
+  std::string owner_email_;

[Nikita (slow), 2012/03/07 10:03:04]

We already have cached versions of trusted settings available.

Why do we need to cache ephemeral_users_enabled_, owner_email_ in one more
place?

[use bartfab instead, 2012/03/07 11:10:08]

Before accessing cached trusted settings, GetTrusted() must be called to check
whether they are available. If the settings are not yet available, this sets up
a callback. Every access to cached trusted settings can therefore lead to an
additional callback being set up.

Caching the settings locally allows a single well-defined callback to be used
for their retrieval.

+
   content::NotificationRegistrar registrar_;
 
   // Profile sync service which is observed to take actions after sync