| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 5 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| 6 | 6 |
| 7 #include "base/memory/singleton.h" | 7 #include "base/memory/singleton.h" |
| 8 #include "base/prefs/pref_registry_simple.h" | 8 #include "base/prefs/pref_registry_simple.h" |
| 9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
| 10 #include "base/prefs/scoped_user_pref_update.h" | 10 #include "base/prefs/scoped_user_pref_update.h" |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 return service->CreatePolicyCertVerifier(); | 40 return service->CreatePolicyCertVerifier(); |
| 41 } | 41 } |
| 42 | 42 |
| 43 // static | 43 // static |
| 44 PolicyCertServiceFactory* PolicyCertServiceFactory::GetInstance() { | 44 PolicyCertServiceFactory* PolicyCertServiceFactory::GetInstance() { |
| 45 return Singleton<PolicyCertServiceFactory>::get(); | 45 return Singleton<PolicyCertServiceFactory>::get(); |
| 46 } | 46 } |
| 47 | 47 |
| 48 // static | 48 // static |
| 49 void PolicyCertServiceFactory::SetUsedPolicyCertificates( | 49 void PolicyCertServiceFactory::SetUsedPolicyCertificates( |
| 50 const std::string& user_id) { | 50 const user_manager::UserID& user_id) { |
| 51 if (UsedPolicyCertificates(user_id)) | 51 if (UsedPolicyCertificates(user_id)) |
| 52 return; | 52 return; |
| 53 ListPrefUpdate update(g_browser_process->local_state(), | 53 ListPrefUpdate update(g_browser_process->local_state(), |
| 54 prefs::kUsedPolicyCertificates); | 54 prefs::kUsedPolicyCertificates); |
| 55 update->AppendString(user_id); | 55 update->AppendString(user_id.GetUserEmail()); |
| 56 } | 56 } |
| 57 | 57 |
| 58 // static | 58 // static |
| 59 void PolicyCertServiceFactory::ClearUsedPolicyCertificates( | 59 void PolicyCertServiceFactory::ClearUsedPolicyCertificates( |
| 60 const std::string& user_id) { | 60 const user_manager::UserID& user_id) { |
| 61 ListPrefUpdate update(g_browser_process->local_state(), | 61 ListPrefUpdate update(g_browser_process->local_state(), |
| 62 prefs::kUsedPolicyCertificates); | 62 prefs::kUsedPolicyCertificates); |
| 63 update->Remove(base::StringValue(user_id), NULL); | 63 update->Remove(base::StringValue(user_id.GetUserEmail()), NULL); |
| 64 } | 64 } |
| 65 | 65 |
| 66 // static | 66 // static |
| 67 bool PolicyCertServiceFactory::UsedPolicyCertificates( | 67 bool PolicyCertServiceFactory::UsedPolicyCertificates( |
| 68 const std::string& user_id) { | 68 const user_manager::UserID& user_id) { |
| 69 base::StringValue value(user_id); | 69 base::StringValue value(user_id.GetUserEmail()); |
| 70 const base::ListValue* list = | 70 const base::ListValue* list = |
| 71 g_browser_process->local_state()->GetList(prefs::kUsedPolicyCertificates); | 71 g_browser_process->local_state()->GetList(prefs::kUsedPolicyCertificates); |
| 72 if (!list) { | 72 if (!list) { |
| 73 NOTREACHED(); | 73 NOTREACHED(); |
| 74 return false; | 74 return false; |
| 75 } | 75 } |
| 76 return list->Find(value) != list->end(); | 76 return list->Find(value) != list->end(); |
| 77 } | 77 } |
| 78 | 78 |
| 79 // static | 79 // static |
| (...skipping 21 matching lines...) Expand all Loading... |
| 101 if (!user) | 101 if (!user) |
| 102 return NULL; | 102 return NULL; |
| 103 | 103 |
| 104 // Backwards compatibility: profiles that used policy-pushed certificates used | 104 // Backwards compatibility: profiles that used policy-pushed certificates used |
| 105 // to have this condition marked in their prefs. This signal has moved to | 105 // to have this condition marked in their prefs. This signal has moved to |
| 106 // local_state though, to support checking it before the profile is loaded. | 106 // local_state though, to support checking it before the profile is loaded. |
| 107 // Check the profile here and update the local_state, if appropriate. | 107 // Check the profile here and update the local_state, if appropriate. |
| 108 // TODO(joaodasilva): remove this, eventually. | 108 // TODO(joaodasilva): remove this, eventually. |
| 109 PrefService* prefs = profile->GetOriginalProfile()->GetPrefs(); | 109 PrefService* prefs = profile->GetOriginalProfile()->GetPrefs(); |
| 110 if (prefs->GetBoolean(prefs::kUsedPolicyCertificatesOnce)) { | 110 if (prefs->GetBoolean(prefs::kUsedPolicyCertificatesOnce)) { |
| 111 SetUsedPolicyCertificates(user->email()); | 111 SetUsedPolicyCertificates(user->GetUserID()); |
| 112 prefs->ClearPref(prefs::kUsedPolicyCertificatesOnce); | 112 prefs->ClearPref(prefs::kUsedPolicyCertificatesOnce); |
| 113 | 113 |
| 114 if (user_manager->GetLoggedInUsers().size() > 1u) { | 114 if (user_manager->GetLoggedInUsers().size() > 1u) { |
| 115 // This login should not have been allowed. After rebooting, local_state | 115 // This login should not have been allowed. After rebooting, local_state |
| 116 // will contain the updated list of users that used policy-pushed | 116 // will contain the updated list of users that used policy-pushed |
| 117 // certificates and this won't happen again. | 117 // certificates and this won't happen again. |
| 118 // Note that a user becomes logged in before his profile is created. | 118 // Note that a user becomes logged in before his profile is created. |
| 119 LOG(ERROR) << "Shutdown session because a tainted profile was added."; | 119 LOG(ERROR) << "Shutdown session because a tainted profile was added."; |
| 120 g_browser_process->local_state()->CommitPendingWrite(); | 120 g_browser_process->local_state()->CommitPendingWrite(); |
| 121 prefs->CommitPendingWrite(); | 121 prefs->CommitPendingWrite(); |
| 122 chrome::AttemptUserExit(); | 122 chrome::AttemptUserExit(); |
| 123 } | 123 } |
| 124 } | 124 } |
| 125 | 125 |
| 126 UserNetworkConfigurationUpdater* net_conf_updater = | 126 UserNetworkConfigurationUpdater* net_conf_updater = |
| 127 UserNetworkConfigurationUpdaterFactory::GetForProfile(profile); | 127 UserNetworkConfigurationUpdaterFactory::GetForProfile(profile); |
| 128 if (!net_conf_updater) | 128 if (!net_conf_updater) |
| 129 return NULL; | 129 return NULL; |
| 130 | 130 |
| 131 return new PolicyCertService(user->email(), net_conf_updater, user_manager); | 131 return new PolicyCertService(user->GetUserID(), net_conf_updater, user_manager
); |
| 132 } | 132 } |
| 133 | 133 |
| 134 content::BrowserContext* PolicyCertServiceFactory::GetBrowserContextToUse( | 134 content::BrowserContext* PolicyCertServiceFactory::GetBrowserContextToUse( |
| 135 content::BrowserContext* context) const { | 135 content::BrowserContext* context) const { |
| 136 return chrome::GetBrowserContextOwnInstanceInIncognito(context); | 136 return chrome::GetBrowserContextOwnInstanceInIncognito(context); |
| 137 } | 137 } |
| 138 | 138 |
| 139 void PolicyCertServiceFactory::RegisterProfilePrefs( | 139 void PolicyCertServiceFactory::RegisterProfilePrefs( |
| 140 user_prefs::PrefRegistrySyncable* registry) { | 140 user_prefs::PrefRegistrySyncable* registry) { |
| 141 // TODO(joaodasilva): this is used for backwards compatibility. | 141 // TODO(joaodasilva): this is used for backwards compatibility. |
| 142 // Remove once it's not necessary anymore. | 142 // Remove once it's not necessary anymore. |
| 143 registry->RegisterBooleanPref(prefs::kUsedPolicyCertificatesOnce, false); | 143 registry->RegisterBooleanPref(prefs::kUsedPolicyCertificatesOnce, false); |
| 144 } | 144 } |
| 145 | 145 |
| 146 bool PolicyCertServiceFactory::ServiceIsNULLWhileTesting() const { | 146 bool PolicyCertServiceFactory::ServiceIsNULLWhileTesting() const { |
| 147 return true; | 147 return true; |
| 148 } | 148 } |
| 149 | 149 |
| 150 } // namespace policy | 150 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master