OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/user_manager_impl.h" | 5 #include "chrome/browser/chromeos/login/user_manager_impl.h" |
6 | 6 |
7 #include <cstddef> | 7 #include <cstddef> |
8 #include <set> | 8 #include <set> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
76 | 76 |
77 // A vector pref of the public accounts defined on this device. | 77 // A vector pref of the public accounts defined on this device. |
78 const char kPublicAccounts[] = "PublicAccounts"; | 78 const char kPublicAccounts[] = "PublicAccounts"; |
79 | 79 |
80 // A string pref that gets set when a public account is removed but a user is | 80 // A string pref that gets set when a public account is removed but a user is |
81 // currently logged into that account, requiring the account's data to be | 81 // currently logged into that account, requiring the account's data to be |
82 // removed after logout. | 82 // removed after logout. |
83 const char kPublicAccountPendingDataRemoval[] = | 83 const char kPublicAccountPendingDataRemoval[] = |
84 "PublicAccountPendingDataRemoval"; | 84 "PublicAccountPendingDataRemoval"; |
85 | 85 |
86 // A dictionary that maps usernames to the displayed name. | 86 // A dictionary that maps user IDs to the displayed name. |
87 const char kUserDisplayName[] = "UserDisplayName"; | 87 const char kUserDisplayName[] = "UserDisplayName"; |
88 | 88 |
89 // A dictionary that maps usernames to the user's given name. | 89 // A dictionary that maps user IDs to the user's given name. |
90 const char kUserGivenName[] = "UserGivenName"; | 90 const char kUserGivenName[] = "UserGivenName"; |
91 | 91 |
92 // A dictionary that maps usernames to the displayed (non-canonical) emails. | 92 // A dictionary that maps user IDs to the displayed (non-canonical) emails. |
93 const char kUserDisplayEmail[] = "UserDisplayEmail"; | 93 const char kUserDisplayEmail[] = "UserDisplayEmail"; |
94 | 94 |
95 // A dictionary that maps usernames to OAuth token presence flag. | 95 // A dictionary that maps user IDs to OAuth token presence flag. |
96 const char kUserOAuthTokenStatus[] = "OAuthTokenStatus"; | 96 const char kUserOAuthTokenStatus[] = "OAuthTokenStatus"; |
97 | 97 |
| 98 // A dictionary that maps user IDs to a flag indicating whether online |
| 99 // authentication against GAIA should be enforced during the next sign-in. |
| 100 const char kUserForceOnlineSignin[] = "UserForceOnlineSignin"; |
| 101 |
98 // A string pref containing the ID of the last user who logged in if it was | 102 // A string pref containing the ID of the last user who logged in if it was |
99 // a regular user or an empty string if it was another type of user (guest, | 103 // a regular user or an empty string if it was another type of user (guest, |
100 // kiosk, public account, etc.). | 104 // kiosk, public account, etc.). |
101 const char kLastLoggedInRegularUser[] = "LastLoggedInRegularUser"; | 105 const char kLastLoggedInRegularUser[] = "LastLoggedInRegularUser"; |
102 | 106 |
103 // Upper bound for a histogram metric reporting the amount of time between | 107 // Upper bound for a histogram metric reporting the amount of time between |
104 // one regular user logging out and a different regular user logging in. | 108 // one regular user logging out and a different regular user logging in. |
105 const int kLogoutToLoginDelayMaxSec = 1800; | 109 const int kLogoutToLoginDelayMaxSec = 1800; |
106 | 110 |
107 // Callback that is called after user removal is complete. | 111 // Callback that is called after user removal is complete. |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 } | 168 } |
165 | 169 |
166 } // namespace | 170 } // namespace |
167 | 171 |
168 // static | 172 // static |
169 void UserManager::RegisterPrefs(PrefRegistrySimple* registry) { | 173 void UserManager::RegisterPrefs(PrefRegistrySimple* registry) { |
170 registry->RegisterListPref(kRegularUsers); | 174 registry->RegisterListPref(kRegularUsers); |
171 registry->RegisterListPref(kPublicAccounts); | 175 registry->RegisterListPref(kPublicAccounts); |
172 registry->RegisterStringPref(kPublicAccountPendingDataRemoval, ""); | 176 registry->RegisterStringPref(kPublicAccountPendingDataRemoval, ""); |
173 registry->RegisterStringPref(kLastLoggedInRegularUser, ""); | 177 registry->RegisterStringPref(kLastLoggedInRegularUser, ""); |
174 registry->RegisterDictionaryPref(kUserOAuthTokenStatus); | |
175 registry->RegisterDictionaryPref(kUserDisplayName); | 178 registry->RegisterDictionaryPref(kUserDisplayName); |
176 registry->RegisterDictionaryPref(kUserGivenName); | 179 registry->RegisterDictionaryPref(kUserGivenName); |
177 registry->RegisterDictionaryPref(kUserDisplayEmail); | 180 registry->RegisterDictionaryPref(kUserDisplayEmail); |
| 181 registry->RegisterDictionaryPref(kUserOAuthTokenStatus); |
| 182 registry->RegisterDictionaryPref(kUserForceOnlineSignin); |
178 SupervisedUserManager::RegisterPrefs(registry); | 183 SupervisedUserManager::RegisterPrefs(registry); |
179 SessionLengthLimiter::RegisterPrefs(registry); | 184 SessionLengthLimiter::RegisterPrefs(registry); |
180 } | 185 } |
181 | 186 |
182 UserManagerImpl::UserManagerImpl() | 187 UserManagerImpl::UserManagerImpl() |
183 : cros_settings_(CrosSettings::Get()), | 188 : cros_settings_(CrosSettings::Get()), |
184 device_local_account_policy_service_(NULL), | 189 device_local_account_policy_service_(NULL), |
185 user_loading_stage_(STAGE_NOT_LOADED), | 190 user_loading_stage_(STAGE_NOT_LOADED), |
186 active_user_(NULL), | 191 active_user_(NULL), |
187 primary_user_(NULL), | 192 primary_user_(NULL), |
(...skipping 479 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
667 User::OAuthTokenStatus oauth_token_status) { | 672 User::OAuthTokenStatus oauth_token_status) { |
668 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 673 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
669 | 674 |
670 DVLOG(1) << "Saving user OAuth token status in Local State"; | 675 DVLOG(1) << "Saving user OAuth token status in Local State"; |
671 User* user = FindUserAndModify(user_id); | 676 User* user = FindUserAndModify(user_id); |
672 if (user) | 677 if (user) |
673 user->set_oauth_token_status(oauth_token_status); | 678 user->set_oauth_token_status(oauth_token_status); |
674 | 679 |
675 GetUserFlow(user_id)->HandleOAuthTokenStatusChange(oauth_token_status); | 680 GetUserFlow(user_id)->HandleOAuthTokenStatusChange(oauth_token_status); |
676 | 681 |
677 // Do not update local store if data stored or cached outside the user's | 682 // Do not update local state if data stored or cached outside the user's |
678 // cryptohome is to be treated as ephemeral. | 683 // cryptohome is to be treated as ephemeral. |
679 if (IsUserNonCryptohomeDataEphemeral(user_id)) | 684 if (IsUserNonCryptohomeDataEphemeral(user_id)) |
680 return; | 685 return; |
681 | 686 |
682 PrefService* local_state = g_browser_process->local_state(); | 687 PrefService* local_state = g_browser_process->local_state(); |
683 | 688 |
684 DictionaryPrefUpdate oauth_status_update(local_state, kUserOAuthTokenStatus); | 689 DictionaryPrefUpdate oauth_status_update(local_state, kUserOAuthTokenStatus); |
685 oauth_status_update->SetWithoutPathExpansion(user_id, | 690 oauth_status_update->SetWithoutPathExpansion(user_id, |
686 new base::FundamentalValue(static_cast<int>(oauth_token_status))); | 691 new base::FundamentalValue(static_cast<int>(oauth_token_status))); |
687 } | 692 } |
688 | 693 |
689 User::OAuthTokenStatus UserManagerImpl::LoadUserOAuthStatus( | 694 void UserManagerImpl::SaveForceOnlineSignin(const std::string& user_id, |
690 const std::string& user_id) const { | 695 bool force_online_signin) { |
691 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 696 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
692 | 697 |
693 PrefService* local_state = g_browser_process->local_state(); | 698 // Do not update local state if data stored or cached outside the user's |
694 const base::DictionaryValue* prefs_oauth_status = | 699 // cryptohome is to be treated as ephemeral. |
695 local_state->GetDictionary(kUserOAuthTokenStatus); | 700 if (IsUserNonCryptohomeDataEphemeral(user_id)) |
696 int oauth_token_status = User::OAUTH_TOKEN_STATUS_UNKNOWN; | 701 return; |
697 if (prefs_oauth_status && | 702 |
698 prefs_oauth_status->GetIntegerWithoutPathExpansion( | 703 DictionaryPrefUpdate force_online_update(g_browser_process->local_state(), |
699 user_id, &oauth_token_status)) { | 704 kUserForceOnlineSignin); |
700 User::OAuthTokenStatus result = | 705 force_online_update->SetBooleanWithoutPathExpansion(user_id, |
701 static_cast<User::OAuthTokenStatus>(oauth_token_status); | 706 force_online_signin); |
702 if (result == User::OAUTH2_TOKEN_STATUS_INVALID) | |
703 GetUserFlow(user_id)->HandleOAuthTokenStatusChange(result); | |
704 return result; | |
705 } | |
706 return User::OAUTH_TOKEN_STATUS_UNKNOWN; | |
707 } | 707 } |
708 | 708 |
709 void UserManagerImpl::SaveUserDisplayName(const std::string& user_id, | 709 void UserManagerImpl::SaveUserDisplayName(const std::string& user_id, |
710 const base::string16& display_name) { | 710 const base::string16& display_name) { |
711 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 711 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
712 | 712 |
713 if (User* user = FindUserAndModify(user_id)) { | 713 if (User* user = FindUserAndModify(user_id)) { |
714 user->set_display_name(display_name); | 714 user->set_display_name(display_name); |
715 | 715 |
716 // Do not update local store if data stored or cached outside the user's | 716 // Do not update local state if data stored or cached outside the user's |
717 // cryptohome is to be treated as ephemeral. | 717 // cryptohome is to be treated as ephemeral. |
718 if (!IsUserNonCryptohomeDataEphemeral(user_id)) { | 718 if (!IsUserNonCryptohomeDataEphemeral(user_id)) { |
719 PrefService* local_state = g_browser_process->local_state(); | 719 PrefService* local_state = g_browser_process->local_state(); |
720 | 720 |
721 DictionaryPrefUpdate display_name_update(local_state, kUserDisplayName); | 721 DictionaryPrefUpdate display_name_update(local_state, kUserDisplayName); |
722 display_name_update->SetWithoutPathExpansion( | 722 display_name_update->SetWithoutPathExpansion( |
723 user_id, | 723 user_id, |
724 new base::StringValue(display_name)); | 724 new base::StringValue(display_name)); |
725 | 725 |
726 supervised_user_manager_->UpdateManagerName(user_id, display_name); | 726 supervised_user_manager_->UpdateManagerName(user_id, display_name); |
(...skipping 10 matching lines...) Expand all Loading... |
737 void UserManagerImpl::SaveUserDisplayEmail(const std::string& user_id, | 737 void UserManagerImpl::SaveUserDisplayEmail(const std::string& user_id, |
738 const std::string& display_email) { | 738 const std::string& display_email) { |
739 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 739 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
740 | 740 |
741 User* user = FindUserAndModify(user_id); | 741 User* user = FindUserAndModify(user_id); |
742 if (!user) | 742 if (!user) |
743 return; // Ignore if there is no such user. | 743 return; // Ignore if there is no such user. |
744 | 744 |
745 user->set_display_email(display_email); | 745 user->set_display_email(display_email); |
746 | 746 |
747 // Do not update local store if data stored or cached outside the user's | 747 // Do not update local state if data stored or cached outside the user's |
748 // cryptohome is to be treated as ephemeral. | 748 // cryptohome is to be treated as ephemeral. |
749 if (IsUserNonCryptohomeDataEphemeral(user_id)) | 749 if (IsUserNonCryptohomeDataEphemeral(user_id)) |
750 return; | 750 return; |
751 | 751 |
752 PrefService* local_state = g_browser_process->local_state(); | 752 PrefService* local_state = g_browser_process->local_state(); |
753 | 753 |
754 DictionaryPrefUpdate display_email_update(local_state, kUserDisplayEmail); | 754 DictionaryPrefUpdate display_email_update(local_state, kUserDisplayEmail); |
755 display_email_update->SetWithoutPathExpansion( | 755 display_email_update->SetWithoutPathExpansion( |
756 user_id, | 756 user_id, |
757 new base::StringValue(display_email)); | 757 new base::StringValue(display_email)); |
(...skipping 374 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1132 ®ular_users, ®ular_users_set); | 1132 ®ular_users, ®ular_users_set); |
1133 for (std::vector<std::string>::const_iterator it = regular_users.begin(); | 1133 for (std::vector<std::string>::const_iterator it = regular_users.begin(); |
1134 it != regular_users.end(); ++it) { | 1134 it != regular_users.end(); ++it) { |
1135 User* user = NULL; | 1135 User* user = NULL; |
1136 const std::string domain = gaia::ExtractDomainName(*it); | 1136 const std::string domain = gaia::ExtractDomainName(*it); |
1137 if (domain == UserManager::kLocallyManagedUserDomain) | 1137 if (domain == UserManager::kLocallyManagedUserDomain) |
1138 user = User::CreateLocallyManagedUser(*it); | 1138 user = User::CreateLocallyManagedUser(*it); |
1139 else | 1139 else |
1140 user = User::CreateRegularUser(*it); | 1140 user = User::CreateRegularUser(*it); |
1141 user->set_oauth_token_status(LoadUserOAuthStatus(*it)); | 1141 user->set_oauth_token_status(LoadUserOAuthStatus(*it)); |
| 1142 user->set_force_online_signin(LoadForceOnlineSignin(*it)); |
1142 users_.push_back(user); | 1143 users_.push_back(user); |
1143 | 1144 |
1144 base::string16 display_name; | 1145 base::string16 display_name; |
1145 if (prefs_display_names->GetStringWithoutPathExpansion(*it, | 1146 if (prefs_display_names->GetStringWithoutPathExpansion(*it, |
1146 &display_name)) { | 1147 &display_name)) { |
1147 user->set_display_name(display_name); | 1148 user->set_display_name(display_name); |
1148 } | 1149 } |
1149 | 1150 |
1150 base::string16 given_name; | 1151 base::string16 given_name; |
1151 if (prefs_given_names->GetStringWithoutPathExpansion(*it, &given_name)) { | 1152 if (prefs_given_names->GetStringWithoutPathExpansion(*it, &given_name)) { |
(...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1439 | 1440 |
1440 // Owner must be first user in session. DeviceSettingsService can't deal with | 1441 // Owner must be first user in session. DeviceSettingsService can't deal with |
1441 // multiple user and will mix up ownership, crbug.com/230018. | 1442 // multiple user and will mix up ownership, crbug.com/230018. |
1442 if (GetLoggedInUsers().size() == 1) { | 1443 if (GetLoggedInUsers().size() == 1) { |
1443 // Indicate to DeviceSettingsService that the owner key may have become | 1444 // Indicate to DeviceSettingsService that the owner key may have become |
1444 // available. | 1445 // available. |
1445 DeviceSettingsService::Get()->SetUsername(active_user_->email()); | 1446 DeviceSettingsService::Get()->SetUsername(active_user_->email()); |
1446 } | 1447 } |
1447 } | 1448 } |
1448 | 1449 |
| 1450 User::OAuthTokenStatus UserManagerImpl::LoadUserOAuthStatus( |
| 1451 const std::string& user_id) const { |
| 1452 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 1453 |
| 1454 PrefService* local_state = g_browser_process->local_state(); |
| 1455 const base::DictionaryValue* prefs_oauth_status = |
| 1456 local_state->GetDictionary(kUserOAuthTokenStatus); |
| 1457 int oauth_token_status = User::OAUTH_TOKEN_STATUS_UNKNOWN; |
| 1458 if (prefs_oauth_status && |
| 1459 prefs_oauth_status->GetIntegerWithoutPathExpansion( |
| 1460 user_id, &oauth_token_status)) { |
| 1461 User::OAuthTokenStatus result = |
| 1462 static_cast<User::OAuthTokenStatus>(oauth_token_status); |
| 1463 if (result == User::OAUTH2_TOKEN_STATUS_INVALID) |
| 1464 GetUserFlow(user_id)->HandleOAuthTokenStatusChange(result); |
| 1465 return result; |
| 1466 } |
| 1467 return User::OAUTH_TOKEN_STATUS_UNKNOWN; |
| 1468 } |
| 1469 |
| 1470 bool UserManagerImpl::LoadForceOnlineSignin(const std::string& user_id) const { |
| 1471 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 1472 |
| 1473 PrefService* local_state = g_browser_process->local_state(); |
| 1474 const base::DictionaryValue* prefs_force_online = |
| 1475 local_state->GetDictionary(kUserForceOnlineSignin); |
| 1476 bool force_online_signin = false; |
| 1477 if (prefs_force_online) { |
| 1478 prefs_force_online->GetBooleanWithoutPathExpansion(user_id, |
| 1479 &force_online_signin); |
| 1480 } |
| 1481 return force_online_signin; |
| 1482 } |
| 1483 |
1449 void UserManagerImpl::UpdateOwnership() { | 1484 void UserManagerImpl::UpdateOwnership() { |
1450 bool is_owner = DeviceSettingsService::Get()->HasPrivateOwnerKey(); | 1485 bool is_owner = DeviceSettingsService::Get()->HasPrivateOwnerKey(); |
1451 VLOG(1) << "Current user " << (is_owner ? "is owner" : "is not owner"); | 1486 VLOG(1) << "Current user " << (is_owner ? "is owner" : "is not owner"); |
1452 | 1487 |
1453 SetCurrentUserIsOwner(is_owner); | 1488 SetCurrentUserIsOwner(is_owner); |
1454 } | 1489 } |
1455 | 1490 |
1456 void UserManagerImpl::RemoveNonCryptohomeData(const std::string& user_id) { | 1491 void UserManagerImpl::RemoveNonCryptohomeData(const std::string& user_id) { |
1457 WallpaperManager::Get()->RemoveUserWallpaperInfo(user_id); | 1492 WallpaperManager::Get()->RemoveUserWallpaperInfo(user_id); |
1458 GetUserImageManager(user_id)->DeleteUserImage(); | 1493 GetUserImageManager(user_id)->DeleteUserImage(); |
1459 | 1494 |
1460 PrefService* prefs = g_browser_process->local_state(); | 1495 PrefService* prefs = g_browser_process->local_state(); |
1461 DictionaryPrefUpdate prefs_oauth_update(prefs, kUserOAuthTokenStatus); | |
1462 int oauth_status; | |
1463 prefs_oauth_update->GetIntegerWithoutPathExpansion(user_id, &oauth_status); | |
1464 prefs_oauth_update->RemoveWithoutPathExpansion(user_id, NULL); | |
1465 | |
1466 DictionaryPrefUpdate prefs_display_name_update(prefs, kUserDisplayName); | 1496 DictionaryPrefUpdate prefs_display_name_update(prefs, kUserDisplayName); |
1467 prefs_display_name_update->RemoveWithoutPathExpansion(user_id, NULL); | 1497 prefs_display_name_update->RemoveWithoutPathExpansion(user_id, NULL); |
1468 | 1498 |
1469 DictionaryPrefUpdate prefs_given_name_update(prefs, kUserGivenName); | 1499 DictionaryPrefUpdate prefs_given_name_update(prefs, kUserGivenName); |
1470 prefs_given_name_update->RemoveWithoutPathExpansion(user_id, NULL); | 1500 prefs_given_name_update->RemoveWithoutPathExpansion(user_id, NULL); |
1471 | 1501 |
1472 DictionaryPrefUpdate prefs_display_email_update(prefs, kUserDisplayEmail); | 1502 DictionaryPrefUpdate prefs_display_email_update(prefs, kUserDisplayEmail); |
1473 prefs_display_email_update->RemoveWithoutPathExpansion(user_id, NULL); | 1503 prefs_display_email_update->RemoveWithoutPathExpansion(user_id, NULL); |
1474 | 1504 |
| 1505 DictionaryPrefUpdate prefs_oauth_update(prefs, kUserOAuthTokenStatus); |
| 1506 prefs_oauth_update->RemoveWithoutPathExpansion(user_id, NULL); |
| 1507 |
| 1508 DictionaryPrefUpdate prefs_force_online_update(prefs, kUserForceOnlineSignin); |
| 1509 prefs_force_online_update->RemoveWithoutPathExpansion(user_id, NULL); |
| 1510 |
1475 supervised_user_manager_->RemoveNonCryptohomeData(user_id); | 1511 supervised_user_manager_->RemoveNonCryptohomeData(user_id); |
1476 | 1512 |
1477 multi_profile_user_controller_->RemoveCachedValues(user_id); | 1513 multi_profile_user_controller_->RemoveCachedValues(user_id); |
1478 } | 1514 } |
1479 | 1515 |
1480 User* UserManagerImpl::RemoveRegularOrLocallyManagedUserFromList( | 1516 User* UserManagerImpl::RemoveRegularOrLocallyManagedUserFromList( |
1481 const std::string& user_id) { | 1517 const std::string& user_id) { |
1482 ListPrefUpdate prefs_users_update(g_browser_process->local_state(), | 1518 ListPrefUpdate prefs_users_update(g_browser_process->local_state(), |
1483 kRegularUsers); | 1519 kRegularUsers); |
1484 prefs_users_update->Clear(); | 1520 prefs_users_update->Clear(); |
(...skipping 435 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1920 if (User* user = FindUserAndModify(user_id)) | 1956 if (User* user = FindUserAndModify(user_id)) |
1921 user->SetAccountLocale(resolved_locale); | 1957 user->SetAccountLocale(resolved_locale); |
1922 } | 1958 } |
1923 | 1959 |
1924 void UserManagerImpl::UpdateNumberOfUsers() { | 1960 void UserManagerImpl::UpdateNumberOfUsers() { |
1925 base::debug::SetCrashKeyValue(crash_keys::kNumberOfUsers, | 1961 base::debug::SetCrashKeyValue(crash_keys::kNumberOfUsers, |
1926 base::StringPrintf("%" PRIuS, GetLoggedInUsers().size())); | 1962 base::StringPrintf("%" PRIuS, GetLoggedInUsers().size())); |
1927 } | 1963 } |
1928 | 1964 |
1929 } // namespace chromeos | 1965 } // namespace chromeos |
OLD | NEW |