Disable/enable echo for enterprise device.

chrome/browser/chromeos/extensions/echo_private_api.cc

Index: chrome/browser/chromeos/extensions/echo_private_api.cc
diff --git a/chrome/browser/chromeos/extensions/echo_private_api.cc b/chrome/browser/chromeos/extensions/echo_private_api.cc
index 51f195dbf4e0e44638fb24e52fb98891c716a1bf..e28a6eba6adb96b170ac3ab738b02a4435df9a24 100644
--- a/chrome/browser/chromeos/extensions/echo_private_api.cc
+++ b/chrome/browser/chromeos/extensions/echo_private_api.cc
@@ -14,6 +14,7 @@
 #include "base/time.h"
 #include "base/values.h"
 #include "chrome/browser/chromeos/kiosk_mode/kiosk_mode_settings.h"
+#include "chrome/browser/chromeos/settings/cros_settings.h"
 #include "chrome/browser/chromeos/system/statistics_provider.h"
 #include "chrome/common/extensions/extension.h"
 #include "content/public/browser/browser_thread.h"
@@ -34,6 +35,7 @@ base::Value* GetValueForRegistrationCodeType(std::string& type) {
   chromeos::system::StatisticsProvider* provider =
       chromeos::system::StatisticsProvider::GetInstance();
   std::string result;
+  // TODO(oscarpan) update to use PrepareTrustedValues.
   if (!chromeos::KioskModeSettings::Get()->IsKioskModeEnabled()) {
     // In Kiosk mode, we effectively disable the registration API
     // by always returning an empty code.
@@ -98,3 +100,33 @@ bool GetOobeTimestampFunction::GetOobeTimestampOnFileThread() {
   SetResult(new base::StringValue(timestamp));
   return true;
 }
+
+AllowRedeemOffersFunction::AllowRedeemOffersFunction() {
+}
+
+AllowRedeemOffersFunction::~AllowRedeemOffersFunction() {
+}
+
+void AllowRedeemOffersFunction::AllowRedeemOffersCallback() {
+  if (chromeos::CrosSettingsProvider::TRUSTED !=

[Mattias Nissler (ping if slow), 2013/02/06 10:03:26]

There's an edge case here: Devices that don't have an owner yet (for example,
guest sessions immediately after OOBE), will return PERMANENTLY_UNTRUSTED.

Is allowing ECHO the right call for these cases? I guess so, just checking.

However, in these cases you don't get a callback, so you may want to change the
logic to only post the callback if the return value is TEMPORARILY_UNTRUSTED.

[oscarpan, 2013/02/07 00:26:12]

I think we should only disable echo when we are certain about the value. So yes,
i think we should allow echo in those cases.
On 2013/02/06 10:03:26, Mattias Nissler wrote:

+          chromeos::CrosSettings::Get()->PrepareTrustedValues(
+              base::Bind(&AllowRedeemOffersFunction::AllowRedeemOffersCallback,
+                         base::Unretained(this)))) {
+    return;

[xiyuan, 2013/02/06 05:28:11]

Let's add a AddRef() before return here to ensure this object does not go away
before the callback happens. And balance it by adding a Release() after
SendResponse below.

I wonder if that would fix the request_sender.cc error you saw in your test.

[oscarpan, 2013/02/07 00:26:12]

This seems fixed by other my other changes. No longer needed.
On 2013/02/06 05:28:11, xiyuan wrote:

+  }
+  bool allow;
+  if (!chromeos::CrosSettings::Get()->GetBoolean(
+          chromeos::kAllowRedeemChromeOsRegistrationOffers, &allow)) {
+    allow = true;
+  }
+  SetResult(new base::FundamentalValue(allow));
+  SendResponse(true);
+}
+
+// Check the enterprise policy kAllowRedeemChromeOsRegistrationOffers flag
+// value. This policy is used to controll whether user can redeem offers using

[Mattias Nissler (ping if slow), 2013/02/06 10:03:26]

*control

[oscarpan, 2013/02/07 00:26:12]

Done.

+// enterprise device.
+bool AllowRedeemOffersFunction::RunImpl() {
+  AllowRedeemOffersCallback();
+  return false;

[xiyuan, 2013/02/06 05:28:11]

It does not matter result for AsyncExtensionFunction. But we should return true
here to indicate the call succeeds to be consistent with other code. My bad. :p

[oscarpan, 2013/02/07 00:26:12]

Done.

+}