signin: move SigninManagerBase::Signout to SigninManager.

chrome/browser/signin/signin_manager.h

Index: chrome/browser/signin/signin_manager.h
diff --git a/chrome/browser/signin/signin_manager.h b/chrome/browser/signin/signin_manager.h
index ce9d6498c8b02cf8e369958404db0421a23d9d7f..443f0e6c60d0dc95c1450f9cd43b0862dd401e9e 100644
--- a/chrome/browser/signin/signin_manager.h
+++ b/chrome/browser/signin/signin_manager.h
@@ -73,6 +73,10 @@ class SigninManager : public SigninManagerBase,
   explicit SigninManager(scoped_ptr<SigninManagerDelegate> delegate);
   virtual ~SigninManager();
 
+  // Returns true if the username is allowed based on the policy string.
+  static bool IsUsernameAllowedByPolicy(const std::string& username,
+                                        const std::string& policy);
+
   // Attempt to sign in this user with ClientLogin. If successful, set a
   // preference indicating the signed in user and send out a notification,
   // then start fetching tokens for the user.
@@ -110,7 +114,12 @@ class SigninManager : public SigninManagerBase,
 
   // Sign a user out, removing the preference, erasing all keys
   // associated with the user, and canceling all auth in progress.
-  virtual void SignOut() OVERRIDE;
+  virtual void SignOut();
+
+  // On platforms where SigninManager is responsible for dealing with
+  // invalid username policy updates, we need to check this during
+  // initialization and sign the user out.
+  virtual void Initialize(Profile* profile) OVERRIDE;
 
   // Invoked from an OAuthTokenFetchedCallback to complete user signin.
   virtual void CompletePendingSignin();
@@ -118,6 +127,12 @@ class SigninManager : public SigninManagerBase,
   // Returns true if there's a signin in progress.
   virtual bool AuthInProgress() const OVERRIDE;
 
+  virtual bool IsSigninAllowed() const OVERRIDE;
+
+  // Returns true if the passed username is allowed by policy. Virtual for
+  // mocking in tests.
+  virtual bool IsAllowedUsername(const std::string& username) const;
+
   // If an authentication is in progress, return the username being
   // authenticated. Returns an empty string if no auth is in progress.
   const std::string& GetUsernameForAuthInProgress() const;
@@ -160,6 +175,11 @@ class SigninManager : public SigninManagerBase,
   // ignored).
   bool IsSignoutProhibited() const;
 
+  // Checks if signin is allowed for the profile that owns |io_data|. This must
+  // be invoked on the IO thread, and can be used to check if signin is enabled
+  // on that thread.
+  static bool IsSigninAllowedOnIOThread(ProfileIOData* io_data);
+
   // Allows the SigninManager to track the privileged signin process
   // identified by |process_id| so that we can later ask (via IsSigninProcess)
   // if it is safe to sign the user in from the current context (see
@@ -223,6 +243,9 @@ class SigninManager : public SigninManagerBase,
   // token.
   void RevokeOAuthLoginToken();
 
+  void OnSigninAllowedPrefChanged();
+  void OnGoogleServicesUsernamePatternChanged();
+
   // ClientLogin identity.
   std::string possibly_invalid_username_;
   std::string password_;  // This is kept empty whenever possible.
@@ -268,6 +291,13 @@ class SigninManager : public SigninManagerBase,
 
   scoped_ptr<SigninManagerDelegate> delegate_;
 
+  // Helper object to listen for changes to signin preferences stored in non-
+  // profile-specific local prefs (like kGoogleServicesUsernamePattern).
+  PrefChangeRegistrar local_state_pref_registrar_;
+
+  // Helper object to listen for changes to the signin allowed preference.
+  BooleanPrefMember signin_allowed_;
+
   DISALLOW_COPY_AND_ASSIGN(SigninManager);
 };