Implement a policy to autologin a public account.

chrome/browser/chromeos/login/existing_user_controller.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/existing_user_controller.h"
 
 #include <vector>
 
+#include "ash/wm/user_activity_detector.h"
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/message_loop.h"
 #include "base/metrics/histogram.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "base/utf_string_conversions.h"
@@ skipping 117 matching lines @@
 ExistingUserController::ExistingUserController(LoginDisplayHost* host)
     : login_status_consumer_(NULL),
       host_(host),
       login_display_(host_->CreateLoginDisplay(this)),
       num_login_attempts_(0),
       cros_settings_(CrosSettings::Get()),
       weak_factory_(this),
       offline_failed_(false),
       is_login_in_progress_(false),
       password_changed_(false),
-      do_auto_enrollment_(false) {
+      do_auto_enrollment_(false),
+      signin_screen_ready_(false) {
   DCHECK(current_controller_ == NULL);
   current_controller_ = this;
 
   registrar_.Add(this,
                  chrome::NOTIFICATION_LOGIN_USER_IMAGE_CHANGED,
                  content::NotificationService::AllSources());
   registrar_.Add(this,
                  chrome::NOTIFICATION_USER_LIST_CHANGED,
                  content::NotificationService::AllSources());
   registrar_.Add(this,
                  chrome::NOTIFICATION_AUTH_SUPPLIED,
                  content::NotificationService::AllSources());
   registrar_.Add(this,
                  chrome::NOTIFICATION_SESSION_STARTED,
                  content::NotificationService::AllSources());
   cros_settings_->AddSettingsObserver(kAccountsPrefShowUserNamesOnSignIn, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefAllowNewUser, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefAllowGuest, this);
   cros_settings_->AddSettingsObserver(kAccountsPrefUsers, this);
+  cros_settings_->AddSettingsObserver(
+      kAccountsPrefDeviceLocalAccountAutoLoginId,
+      this);
+  cros_settings_->AddSettingsObserver(
+      kAccountsPrefDeviceLocalAccountAutoLoginDelay,
+      this);
 }
 
 void ExistingUserController::Init(const UserList& users) {
   time_init_ = base::Time::Now();
   UpdateLoginDisplay(users);
+  ConfigurePublicSessionAutoLogin();
 
   LoginUtils::Get()->PrewarmAuthentication();
   DBusThreadManager::Get()->GetSessionManagerClient()->EmitLoginPromptReady();
 }
 
 void ExistingUserController::UpdateLoginDisplay(const UserList& users) {
   bool show_users_on_signin;
   UserList filtered_users;
 
   cros_settings_->GetBoolean(kAccountsPrefShowUserNamesOnSignIn,
@@ skipping 40 matching lines @@
     const content::NotificationSource& source,
     const content::NotificationDetails& details) {
   if (type == chrome::NOTIFICATION_SESSION_STARTED) {
     // Stop listening to any notification once session has started.
     // Sign in screen objects are marked for deletion with DeleteSoon so
     // make sure no object would be used after session has started.
     // http://crbug.com/125276
     registrar_.RemoveAll();
     return;
   }
+  if (type == chrome::NOTIFICATION_SYSTEM_SETTING_CHANGED) {
+    std::string setting = *content::Details<const std::string>(details).ptr();
+    if (setting == kAccountsPrefDeviceLocalAccountAutoLoginId ||
+        setting == kAccountsPrefDeviceLocalAccountAutoLoginDelay) {
+      ConfigurePublicSessionAutoLogin();
+    }
+  }
   if (type == chrome::NOTIFICATION_SYSTEM_SETTING_CHANGED ||
       type == chrome::NOTIFICATION_USER_LIST_CHANGED) {
     if (host_ != NULL) {
       // Signed settings or user list changed. Notify views and update them.
       UpdateLoginDisplay(chromeos::UserManager::Get()->GetUsers());
       return;
     }
   }
   if (type == chrome::NOTIFICATION_AUTH_SUPPLIED) {
     // Possibly the user has authenticated against a proxy server and we might
@@ skipping 29 matching lines @@
 // ExistingUserController, private:
 
 ExistingUserController::~ExistingUserController() {
   LoginUtils::Get()->DelegateDeleted(this);
 
   cros_settings_->RemoveSettingsObserver(kAccountsPrefShowUserNamesOnSignIn,
                                          this);
   cros_settings_->RemoveSettingsObserver(kAccountsPrefAllowNewUser, this);
   cros_settings_->RemoveSettingsObserver(kAccountsPrefAllowGuest, this);
   cros_settings_->RemoveSettingsObserver(kAccountsPrefUsers, this);
+  cros_settings_->RemoveSettingsObserver(
+      kAccountsPrefDeviceLocalAccountAutoLoginId,
+      this);
+  cros_settings_->RemoveSettingsObserver(
+      kAccountsPrefDeviceLocalAccountAutoLoginDelay,
+      this);
 
   if (current_controller_ == this) {
     current_controller_ = NULL;
   } else {
     NOTREACHED() << "More than one controller are alive.";
   }
   DCHECK(login_display_.get());
 }
 
 ////////////////////////////////////////////////////////////////////////////////
@@ skipping 34 matching lines @@
   // TODO(nkostylev): A11y message.
 }
 
 void ExistingUserController::CompleteLogin(const std::string& username,
                                            const std::string& password) {
   if (!host_) {
     // Complete login event was generated already from UI. Ignore notification.
     return;
   }
 
+  // Stop the auto-login timer when attempting login.
+  StopPublicSessionAutoLoginTimer();
+
   // Disable UI while loading user profile.
   login_display_->SetUIEnabled(false);
 
   if (!time_init_.is_null()) {
     base::TimeDelta delta = base::Time::Now() - time_init_;
     UMA_HISTOGRAM_MEDIUM_TIMES("Login.PromptToCompleteLoginTime", delta);
     time_init_ = base::Time();  // Reset to null.
   }
 
   host_->OnCompleteLogin();
@@ skipping 36 matching lines @@
 }
 
 string16 ExistingUserController::GetConnectedNetworkName() {
   return GetCurrentNetworkName();
 }
 
 void ExistingUserController::Login(const std::string& username,
                                    const std::string& password) {
   if (username.empty() || password.empty())
     return;
+
+  // Stop the auto-login timer when attempting login.
+  StopPublicSessionAutoLoginTimer();
+
   // Disable clicking on other windows.
   login_display_->SetUIEnabled(false);
 
   BootTimesLoader::Get()->RecordLoginAttempted();
 
   if (last_login_attempt_username_ != username) {
     last_login_attempt_username_ = username;
     num_login_attempts_ = 0;
     // Also reset state variables, which are used to determine password change.
     offline_failed_ = false;
@@ skipping 27 matching lines @@
           UserManager::kLocallyManagedUserDomain) {
     login_performer_->LoginAsLocallyManagedUser(username, password);
   } else {
     login_performer_->PerformLogin(username, password, auth_mode);
   }
   accessibility::MaybeSpeak(
       l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN));
 }
 
 void ExistingUserController::LoginAsRetailModeUser() {
+  // Stop the auto-login timer when attempting login.
+  StopPublicSessionAutoLoginTimer();
+
   // Disable clicking on other windows.
   login_display_->SetUIEnabled(false);
   // TODO(rkc): Add a CHECK to make sure retail mode logins are allowed once
   // the enterprise policy wiring is done for retail mode.
 
   // Only one instance of LoginPerformer should exist at a time.
   login_performer_.reset(NULL);
   login_performer_.reset(new LoginPerformer(this));
   is_login_in_progress_ = true;
   login_performer_->LoginRetailMode();
   accessibility::MaybeSpeak(
       l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNIN_DEMOUSER));
 }
 
 void ExistingUserController::LoginAsGuest() {
+  // Stop the auto-login timer when attempting login.
+  StopPublicSessionAutoLoginTimer();
+
   // Disable clicking on other windows.
   login_display_->SetUIEnabled(false);
 
   CrosSettingsProvider::TrustedStatus status =
       cros_settings_->PrepareTrustedValues(
           base::Bind(&ExistingUserController::LoginAsGuest,
                      weak_factory_.GetWeakPtr()));
   // Must not proceed without signature verification.
   if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) {
     login_display_->ShowError(IDS_LOGIN_ERROR_OWNER_KEY_LOST, 1,
                               HelpAppLauncher::HELP_CANT_ACCESS_ACCOUNT);
     // Reenable clicking on other windows and status area.
     login_display_->SetUIEnabled(true);
+    StartPublicSessionAutoLoginTimer();
     display_email_.clear();
     return;
   } else if (status != CrosSettingsProvider::TRUSTED) {
     // Value of AllowNewUser setting is still not verified.
     // Another attempt will be invoked after verification completion.
+    StartPublicSessionAutoLoginTimer();
     return;
   }
 
   bool allow_guest;
   cros_settings_->GetBoolean(kAccountsPrefAllowGuest, &allow_guest);
   if (!allow_guest) {
     // Disallowed. The UI should normally not show the guest pod but if for some
     // reason this has been made available to the user here is the time to tell
     // this nicely.
     login_display_->ShowError(IDS_LOGIN_ERROR_WHITELIST, 1,
                               HelpAppLauncher::HELP_CANT_ACCESS_ACCOUNT);
     // Reenable clicking on other windows and status area.
     login_display_->SetUIEnabled(true);
+    StartPublicSessionAutoLoginTimer();
     display_email_.clear();
     return;
   }
 
   // Only one instance of LoginPerformer should exist at a time.
   login_performer_.reset(NULL);
   login_performer_.reset(new LoginPerformer(this));
   is_login_in_progress_ = true;
   login_performer_->LoginOffTheRecord();
   accessibility::MaybeSpeak(
       l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNIN_OFFRECORD));
 }
 
 void ExistingUserController::MigrateUserData(const std::string& old_password) {
   RecoverEncryptedData(old_password);
 }
 
 void ExistingUserController::LoginAsPublicAccount(
     const std::string& username) {
+  // Stop the auto-login timer when attempting login.
+  StopPublicSessionAutoLoginTimer();
+
   // Disable clicking on other windows.
   login_display_->SetUIEnabled(false);
 
   CrosSettingsProvider::TrustedStatus status =
       cros_settings_->PrepareTrustedValues(
           base::Bind(&ExistingUserController::LoginAsPublicAccount,
                      weak_factory_.GetWeakPtr(),
                      username));
   // If device policy is permanently unavailable, logging into public accounts
   // is not possible.
   if (status == CrosSettingsProvider::PERMANENTLY_UNTRUSTED) {
     login_display_->ShowError(IDS_LOGIN_ERROR_OWNER_KEY_LOST, 1,
                               HelpAppLauncher::HELP_CANT_ACCESS_ACCOUNT);
     // Re-enable clicking on other windows.
     login_display_->SetUIEnabled(true);
     return;
   }
 
   // If device policy is not verified yet, this function will be called again
   // when verification finishes.
-  if (status != CrosSettingsProvider::TRUSTED)
+  if (status != CrosSettingsProvider::TRUSTED) {
+    StartPublicSessionAutoLoginTimer();
     return;
+  }
 
   // If there is no public account with the given |username|, logging in is not
   // possible.
   const User* user = UserManager::Get()->FindUser(username);
   if (!user || user->GetType() != User::USER_TYPE_PUBLIC_ACCOUNT) {
     // Re-enable clicking on other windows.
     login_display_->SetUIEnabled(true);
+    StartPublicSessionAutoLoginTimer();
     return;
   }
 
   // Only one instance of LoginPerformer should exist at a time.
   login_performer_.reset(NULL);
   login_performer_.reset(new LoginPerformer(this));
   is_login_in_progress_ = true;
   login_performer_->LoginAsPublicAccount(username);
   accessibility::MaybeSpeak(
       l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNIN_PUBLIC_ACCOUNT));
 }
 
+void ExistingUserController::OnSigninScreenReady() {
+  signin_screen_ready_ = true;
+  StartPublicSessionAutoLoginTimer();
+}
+
 void ExistingUserController::OnUserSelected(const std::string& username) {
   login_performer_.reset(NULL);
   num_login_attempts_ = 0;
 }
 
 void ExistingUserController::OnStartEnterpriseEnrollment() {
   DeviceSettingsService::Get()->GetOwnershipStatusAsync(
       base::Bind(&ExistingUserController::OnEnrollmentOwnershipCheckCompleted,
                  weak_factory_.GetWeakPtr()));
 }
@@ skipping 120 matching lines @@
     }
     // Reenable clicking on other windows and status area.
     login_display_->SetUIEnabled(true);
   }
 
   if (login_status_consumer_)
     login_status_consumer_->OnLoginFailure(failure);
 
   // Clear the recorded displayed email so it won't affect any future attempts.
   display_email_.clear();
+
+  StartPublicSessionAutoLoginTimer();
 }
 
 void ExistingUserController::OnLoginSuccess(
     const std::string& username,
     const std::string& password,
     bool pending_requests,
     bool using_oauth) {
   is_login_in_progress_ = false;
   offline_failed_ = false;
 
@@ skipping 134 matching lines @@
   display_email_.clear();
 }
 
 void ExistingUserController::PolicyLoadFailed() {
   ShowError(IDS_LOGIN_ERROR_OWNER_KEY_LOST, "");
 
   // Reenable clicking on other windows and status area.
   login_display_->SetUIEnabled(true);
 
   display_email_.clear();
+
+  // Policy load failure stops login attempts---restart the timer.
+  StartPublicSessionAutoLoginTimer();
 }
 
 void ExistingUserController::OnOnlineChecked(const std::string& username,
                                              bool success) {
   if (success && last_login_attempt_username_ == username) {
     online_succeeded_for_ = username;
     // Wait for login attempt to end, if it hasn't yet.
     if (offline_failed_ && !is_login_in_progress_)
       ShowGaiaPasswordChanged(username);
   }
@@ skipping 21 matching lines @@
 
 void ExistingUserController::ActivateWizard(const std::string& screen_name) {
   DictionaryValue* params = NULL;
   if (chromeos::UserManager::Get()->IsLoggedInAsGuest()) {
     params = new DictionaryValue;
     params->SetString("start_url", guest_mode_url_.spec());
   }
   host_->StartWizard(screen_name, params);
 }
 
+void ExistingUserController::ConfigurePublicSessionAutoLogin() {
+  if (!cros_settings_->GetString(
+          kAccountsPrefDeviceLocalAccountAutoLoginId,
+          &public_session_auto_login_username_) ||
+      public_session_auto_login_username_.empty()) {
+    public_session_auto_login_username_ = "";
+  }
+  if (!cros_settings_->GetInteger(
+          kAccountsPrefDeviceLocalAccountAutoLoginDelay,
+          &public_session_auto_login_delay_)) {
+    public_session_auto_login_delay_ = 0;
+  }
+
+  if (!public_session_auto_login_username_.empty()) {
+    if (!ash::Shell::GetInstance()->user_activity_detector()->HasObserver(this))
+      ash::Shell::GetInstance()->user_activity_detector()->AddObserver(this);

[Nikita (slow), 2013/02/11 17:30:29]

Remove observer in dtor?

[bartfab (slow), 2013/02/11 17:37:31]

The observer could be unconditionally added and removed. No harm in having it
always there, except a small amount of overhead.

[Nikita (slow), 2013/02/11 17:51:31]

Ok then.

[dconnelly, 2013/02/21 10:42:21]

Done.

+    StartPublicSessionAutoLoginTimer();
+  } else {
+    ash::Shell::GetInstance()->user_activity_detector()->RemoveObserver(this);

[Nikita (slow), 2013/02/11 17:30:29]

On a normal boot path (i.e. no public accounts configured) you'll be removing
observer that you hadn't in fact added.

[bartfab (slow), 2013/02/11 17:37:31]

It's actually benign to remove an observer that does not exists.
ObserverListBase just ignores it.

[Nikita (slow), 2013/02/11 17:51:31]

I thought that previously it had a such check so it was either removed or I'm
confusing that with a different check.

[dconnelly, 2013/02/21 10:42:21]

You're not confused--there was a check before.  I was replicating some other
code that performs a similar task, but then I looked at the header for
ObserverList and found what Bartosz just said, so I removed the check.

+    StopPublicSessionAutoLoginTimer();
+  }
+}
+
+void ExistingUserController::OnUserActivity() {
+  if (auto_login_timer_.IsRunning()) {
+    StopPublicSessionAutoLoginTimer();
+    StartPublicSessionAutoLoginTimer();

[Nikita (slow), 2013/02/11 17:30:29]

What's the point of restarting timer?

[bartfab (slow), 2013/02/11 17:37:31]

The idea is that the timer performs an auto-login X minutes after the last user
activity on the login screen.

* If the device boots and nobody touches it -> auto login after X minutes.
* If the device boots and someone logs in within X minutes -> no auto login.
* If the device boots, someone tries to log in but changes their mind / fails ->
auto-login X minutes after the last user activity.

This requires that the timer be restarted whenever there is user activity or
when a login fails.

[Nikita (slow), 2013/02/11 17:57:17]

Take into account that device will power off after a period of inactivity on
login screen.

I see that user_activity_detector() observer is not removed when login is
successful. Consider the situation that user has started (new) session and has
some UI that is rendered by the login screen. So ExistingUserController instance
does still exist but auto-login timer doesn't make sense at this point.

+  }
+}
+
+void ExistingUserController::StopPublicSessionAutoLoginTimer() {
+  auto_login_timer_.Stop();
+}
+
+void ExistingUserController::StartPublicSessionAutoLoginTimer() {
+  if (!signin_screen_ready_ || public_session_auto_login_username_.empty())
+    return;
+  auto_login_timer_.Start(FROM_HERE,
+                          base::TimeDelta::FromMilliseconds(
+                              public_session_auto_login_delay_),
+                          base::Bind(
+                              &ExistingUserController::LoginAsPublicAccount,
+                              weak_factory_.GetWeakPtr(),
+                              public_session_auto_login_username_));
+}
+
 gfx::NativeWindow ExistingUserController::GetNativeWindow() const {
   return host_->GetNativeWindow();
 }
 
 void ExistingUserController::InitializeStartUrls() const {
   std::vector<std::string> start_urls;
 
   PrefService* prefs = g_browser_process->local_state();
   const base::ListValue *urls;
   bool show_getstarted_guide = false;
@@ skipping 125 matching lines @@
   // changed.
   UserManager::Get()->SaveUserOAuthStatus(
       username,
       User::OAUTH2_TOKEN_STATUS_INVALID);
 
   login_display_->SetUIEnabled(true);
   login_display_->ShowGaiaPasswordChanged(username);
 }
 
 }  // namespace chromeos