Chromium Code Reviews Chromium Code Reviews
Issue 11783008:
Add a lock to the managed user settings page and require authentication for unlocking. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/options/managed_user_passphrase_handler.h" | 5 #include "chrome/browser/ui/webui/options/managed_user_passphrase_handler.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| 11 #include "chrome/browser/managed_mode/managed_user_passphrase.h" | 11 #include "chrome/browser/managed_mode/managed_user_passphrase.h" |
| 12 #include "chrome/browser/managed_mode/managed_user_service.h" | 12 #include "chrome/browser/managed_mode/managed_user_service.h" |
| 13 #include "chrome/browser/managed_mode/managed_user_service_factory.h" | 13 #include "chrome/browser/managed_mode/managed_user_service_factory.h" |
| 14 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
| 15 #include "chrome/browser/ui/webui/managed_user_passphrase_dialog.h" | |
| 15 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 16 #include "content/public/browser/web_contents.h" | 17 #include "content/public/browser/web_contents.h" |
| 17 #include "content/public/browser/web_ui.h" | 18 #include "content/public/browser/web_ui.h" |
| 18 #include "grit/generated_resources.h" | 19 #include "grit/generated_resources.h" |
| 19 | 20 |
| 20 namespace options { | 21 namespace options { |
| 21 | 22 |
| 22 ManagedUserPassphraseHandler::ManagedUserPassphraseHandler() | 23 ManagedUserPassphraseHandler::ManagedUserPassphraseHandler() |
| 23 : weak_ptr_factory_(this) { | 24 : weak_ptr_factory_(this) { |
| 24 } | 25 } |
| 25 | 26 |
| 26 ManagedUserPassphraseHandler::~ManagedUserPassphraseHandler() { | 27 ManagedUserPassphraseHandler::~ManagedUserPassphraseHandler() { |
| 27 } | 28 } |
| 28 | 29 |
| 29 void ManagedUserPassphraseHandler::InitializeHandler() { | 30 void ManagedUserPassphraseHandler::InitializeHandler() { |
| 30 } | 31 } |
| 31 | 32 |
| 32 void ManagedUserPassphraseHandler::RegisterMessages() { | 33 void ManagedUserPassphraseHandler::RegisterMessages() { |
| 33 web_ui()->RegisterMessageCallback( | 34 web_ui()->RegisterMessageCallback( |
| 34 "setPassphrase", | 35 "setPassphrase", |
| 35 base::Bind(&ManagedUserPassphraseHandler::SetLocalPassphrase, | 36 base::Bind(&ManagedUserPassphraseHandler::SetLocalPassphrase, |
| 36 weak_ptr_factory_.GetWeakPtr())); | 37 weak_ptr_factory_.GetWeakPtr())); |
| 38 web_ui()->RegisterMessageCallback( | |
| 39 "displayPassphraseDialog", | |
| 40 base::Bind(&ManagedUserPassphraseHandler::DisplayPassphraseDialog, | |
| 41 weak_ptr_factory_.GetWeakPtr())); | |
| 42 web_ui()->RegisterMessageCallback( | |
| 43 "endAuthentication", | |
| 44 base::Bind(&ManagedUserPassphraseHandler::EndAuthentication, | |
| 45 weak_ptr_factory_.GetWeakPtr())); | |
| 46 web_ui()->RegisterMessageCallback( | |
| 47 "isPassphraseSet", | |
| 48 base::Bind(&ManagedUserPassphraseHandler::IsPassphraseSet, | |
| 49 weak_ptr_factory_.GetWeakPtr())); | |
| 50 web_ui()->RegisterMessageCallback( | |
| 51 "resetPassphrase", | |
| 52 base::Bind(&ManagedUserPassphraseHandler::ResetPassphrase, | |
| 53 weak_ptr_factory_.GetWeakPtr())); | |
| 37 } | 54 } |
| 38 | 55 |
| 39 void ManagedUserPassphraseHandler::GetLocalizedValues( | 56 void ManagedUserPassphraseHandler::GetLocalizedValues( |
| 40 base::DictionaryValue* localized_strings) { | 57 base::DictionaryValue* localized_strings) { |
| 41 DCHECK(localized_strings); | 58 DCHECK(localized_strings); |
| 42 | 59 |
| 43 static OptionsStringResource resources[] = { | 60 static OptionsStringResource resources[] = { |
| 44 { "confirmPassphrase", IDS_CONFIRM_PASSPHRASE_LABEL }, | 61 { "confirmPassphrase", IDS_CONFIRM_PASSPHRASE_LABEL }, |
| 45 { "enterPassphrase", IDS_ENTER_PASSPHRASE_LABEL }, | 62 { "enterPassphrase", IDS_ENTER_PASSPHRASE_LABEL }, |
| 46 { "savePassphrase", IDS_SAVE_PASSPHRASE_BUTTON }, | 63 { "savePassphrase", IDS_SAVE_PASSPHRASE_BUTTON }, |
| 47 { "setPassphraseInstructions", IDS_SET_PASSPHRASE_INSTRUCTIONS }, | 64 { "setPassphraseInstructions", IDS_SET_PASSPHRASE_INSTRUCTIONS }, |
| 48 { "passphraseMismatch", IDS_PASSPHRASE_MISMATCH }, | 65 { "passphraseMismatch", IDS_PASSPHRASE_MISMATCH }, |
| 49 }; | 66 }; |
| 50 RegisterStrings(localized_strings, resources, arraysize(resources)); | 67 RegisterStrings(localized_strings, resources, arraysize(resources)); |
| 51 | 68 |
| 52 RegisterTitle(localized_strings, | 69 RegisterTitle(localized_strings, |
| 53 "setPassphraseTitle", | 70 "setPassphraseTitle", |
| 54 IDS_SET_PASSPHRASE_TITLE); | 71 IDS_SET_PASSPHRASE_TITLE); |
| 55 } | 72 } |
| 56 | 73 |
| 74 void ManagedUserPassphraseHandler::PassphraseDialogCallback(bool success) { | |
| 75 base::FundamentalValue unlock_success(success); | |
| 76 web_ui()->CallJavascriptFunction(callback_function_name_, unlock_success); | |
| 77 } | |
| 78 | |
| 79 void ManagedUserPassphraseHandler::DisplayPassphraseDialog( | |
| 80 const base::ListValue* args) { | |
| 81 // Store the name of the callback function. | |
| 82 args->GetString(0, &callback_function_name_); | |
| 83 Profile* profile = Profile::FromWebUI(web_ui()); | |
| 84 ManagedUserService* managed_user_service = | |
| 85 ManagedUserServiceFactory::GetForProfile(profile); | |
| 86 if (managed_user_service->IsElevated()) { | |
| 87 // If the custodian is already authenticated, skip the passphrase dialog. | |
| 88 PassphraseDialogCallback(true); | |
| 89 return; | |
| 90 } | |
| 91 // This is deleted automatically when the dialog is closed. | |
|
James Hawkins
2013/02/20 17:24:56
What does 'this' refer to?
Adrian Kuegel
2013/02/20 18:05:02
It refers to the ManagedUserPassphraseDialog objec
| |
| 92 new ManagedUserPassphraseDialog( | |
| 93 web_ui()->GetWebContents(), | |
| 94 base::Bind(&ManagedUserPassphraseHandler::PassphraseDialogCallback, | |
| 95 weak_ptr_factory_.GetWeakPtr())); | |
| 96 } | |
| 97 | |
| 98 void ManagedUserPassphraseHandler::EndAuthentication( | |
| 99 const base::ListValue* args) { | |
| 100 Profile* profile = Profile::FromWebUI(web_ui()); | |
| 101 ManagedUserService* managed_user_service = | |
| 102 ManagedUserServiceFactory::GetForProfile(profile); | |
| 103 managed_user_service->SetElevated(false); | |
| 104 } | |
| 105 | |
| 106 void ManagedUserPassphraseHandler::IsPassphraseSet( | |
| 107 const base::ListValue* args) { | |
| 108 // Get the name of the callback function. | |
| 109 std::string callback_function_name; | |
| 110 args->GetString(0, &callback_function_name); | |
| 111 PrefService* pref_service = Profile::FromWebUI(web_ui())->GetPrefs(); | |
| 112 base::FundamentalValue is_passphrase_set(!pref_service->GetString( | |
| 113 prefs::kManagedModeLocalPassphrase).empty()); | |
| 114 web_ui()->CallJavascriptFunction(callback_function_name, | |
| 115 is_passphrase_set); | |
| 116 } | |
| 117 | |
| 118 void ManagedUserPassphraseHandler::ResetPassphrase( | |
| 119 const base::ListValue* args) { | |
| 120 PrefService* pref_service = Profile::FromWebUI(web_ui())->GetPrefs(); | |
| 121 pref_service->SetString(prefs::kManagedModeLocalPassphrase, ""); | |
| 122 pref_service->SetString(prefs::kManagedModeLocalSalt, ""); | |
| 123 } | |
| 124 | |
| 57 void ManagedUserPassphraseHandler::SetLocalPassphrase( | 125 void ManagedUserPassphraseHandler::SetLocalPassphrase( |
| 58 const base::ListValue* args) { | 126 const base::ListValue* args) { |
| 127 // Only change the passphrase if the custodian is authenticated. | |
| 128 Profile* profile = Profile::FromWebUI(web_ui()); | |
| 129 ManagedUserService* managed_user_service = | |
| 130 ManagedUserServiceFactory::GetForProfile(profile); | |
| 131 if (!managed_user_service->IsElevated()) | |
| 132 return; | |
| 133 | |
| 59 std::string passphrase; | 134 std::string passphrase; |
| 60 args->GetString(0, &passphrase); | 135 args->GetString(0, &passphrase); |
| 61 ManagedUserPassphrase passphrase_key_generator((std::string())); | 136 ManagedUserPassphrase passphrase_key_generator((std::string())); |
| 62 std::string encoded_passphrase_hash; | 137 std::string encoded_passphrase_hash; |
| 63 bool success = passphrase_key_generator.GenerateHashFromPassphrase( | 138 bool success = passphrase_key_generator.GenerateHashFromPassphrase( |
| 64 passphrase, | 139 passphrase, |
| 65 &encoded_passphrase_hash); | 140 &encoded_passphrase_hash); |
| 66 if (success) { | 141 if (success) { |
| 67 PrefService* pref_service = Profile::FromWebUI(web_ui())->GetPrefs(); | 142 PrefService* pref_service = Profile::FromWebUI(web_ui())->GetPrefs(); |
| 68 pref_service->SetString(prefs::kManagedModeLocalPassphrase, | 143 pref_service->SetString(prefs::kManagedModeLocalPassphrase, |
| 69 encoded_passphrase_hash); | 144 encoded_passphrase_hash); |
| 70 pref_service->SetString(prefs::kManagedModeLocalSalt, | 145 pref_service->SetString(prefs::kManagedModeLocalSalt, |
| 71 passphrase_key_generator.GetSalt()); | 146 passphrase_key_generator.GetSalt()); |
| 72 } | 147 } |
| 73 // TODO(akuegel): Give failure back to the UI. | 148 // TODO(akuegel): Give failure back to the UI. |
| 74 } | 149 } |
| 75 | 150 |
| 76 } // namespace options | 151 } // namespace options |
| OLD | NEW |
