Translate device-local account IDs to user IDs

chrome/browser/chromeos/login/user_manager_impl.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/user_manager_impl.h"
 
 #include <cstddef>
 #include <set>
-#include <vector>
 
 #include "ash/shell.h"
 #include "base/bind.h"
 #include "base/chromeos/chromeos_version.h"
 #include "base/command_line.h"
 #include "base/compiler_specific.h"
 #include "base/file_util.h"
 #include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "base/utf_string_conversions.h"
 #include "base/values.h"
 #include "chrome/browser/app_mode/app_mode_utils.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/cros/cert_library.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/login/default_pinned_apps_field_trial.h"
 #include "chrome/browser/chromeos/login/login_display.h"
 #include "chrome/browser/chromeos/login/remove_user_delegate.h"
 #include "chrome/browser/chromeos/login/user_image_manager_impl.h"
 #include "chrome/browser/chromeos/login/wizard_controller.h"
+#include "chrome/browser/chromeos/policy/device_local_account.h"
 #include "chrome/browser/chromeos/session_length_limiter.h"
+#include "chrome/browser/chromeos/settings/cros_settings_names.h"
 #include "chrome/browser/policy/browser_policy_connector.h"
 #include "chrome/browser/prefs/scoped_user_pref_update.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/sync/profile_sync_service.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chromeos/chromeos_switches.h"
 #include "chromeos/cryptohome/async_method_caller.h"
@@ skipping 603 matching lines @@
     // http://crbug.com/230860
     // TODO(nkostylev): Figure out whether we want to have observers
     // for each logged in user.
     // TODO(nkostyelv): Change observer after active user has changed.
     SaveUserOAuthStatus(
         active_user_->email(),
         User::OAUTH2_TOKEN_STATUS_INVALID);
   }
 }
 
-void UserManagerImpl::OnPolicyUpdated(const std::string& account_id) {
-  UpdatePublicAccountDisplayName(account_id);
+void UserManagerImpl::OnPolicyUpdated(const std::string& user_id) {
+  UpdatePublicAccountDisplayName(user_id);
   NotifyUserListChanged();
 }
 
 void UserManagerImpl::OnDeviceLocalAccountsChanged() {
   // No action needed here, changes to the list of device-local accounts get
   // handled via the kAccountsPrefDeviceLocalAccounts device setting observer.
 }
 
 bool UserManagerImpl::IsCurrentUserOwner() const {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
@@ skipping 231 matching lines @@
   // Schedule a callback if device policy has not yet been verified.
   if (CrosSettingsProvider::TRUSTED != cros_settings_->PrepareTrustedValues(
       base::Bind(&UserManagerImpl::RetrieveTrustedDevicePolicies,
                  base::Unretained(this)))) {
     return;
   }
 
   cros_settings_->GetBoolean(kAccountsPrefEphemeralUsersEnabled,
                              &ephemeral_users_enabled_);
   cros_settings_->GetString(kDeviceOwner, &owner_email_);
-  base::ListValue public_accounts;
-  ReadPublicAccounts(&public_accounts);
+  const base::ListValue* device_local_accounts;
+  cros_settings_->GetList(kAccountsPrefDeviceLocalAccounts,
+                          &device_local_accounts);
 
   EnsureUsersLoaded();
 
-  bool changed = UpdateAndCleanUpPublicAccounts(public_accounts);
+  bool changed = UpdateAndCleanUpPublicAccounts(
+      policy::DecodeDeviceLocalAccountsList(device_local_accounts));
 
   // If ephemeral users are enabled and we are on the login screen, take this
   // opportunity to clean up by removing all regular users except the owner.
   if (ephemeral_users_enabled_  && !IsUserLoggedIn()) {
     ListPrefUpdate prefs_users_update(g_browser_process->local_state(),
                                       kRegularUsers);
     prefs_users_update->Clear();
     for (UserList::iterator it = users_.begin(); it != users_.end(); ) {
       const std::string user_email = (*it)->email();
       if ((*it)->GetType() == User::USER_TYPE_REGULAR &&
@@ skipping 249 matching lines @@
           (*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) {
         prefs_users_update->Append(new base::StringValue(user_email));
       }
       ++it;
     }
   }
   return user;
 }
 
 bool UserManagerImpl::UpdateAndCleanUpPublicAccounts(
-    const base::ListValue& public_accounts) {
+    const std::vector<policy::DeviceLocalAccount>& device_local_accounts) {
   PrefService* local_state = g_browser_process->local_state();
 
   // Determine the currently logged-in user's email.
   std::string active_user_email;
   if (IsUserLoggedIn())
     active_user_email = GetLoggedInUser()->email();
 
   // If there is a public account whose data is pending removal and the user is
   // not currently logged in with that account, take this opportunity to remove
   // the data.
   std::string public_account_pending_data_removal =
       local_state->GetString(kPublicAccountPendingDataRemoval);
   if (!public_account_pending_data_removal.empty() &&
       public_account_pending_data_removal != active_user_email) {
     RemoveNonCryptohomeData(public_account_pending_data_removal);
     local_state->ClearPref(kPublicAccountPendingDataRemoval);
   }
 
   // Split the current user list public accounts and regular users.
   std::vector<std::string> old_public_accounts;
   std::set<std::string> regular_users;
   for (UserList::const_iterator it = users_.begin(); it != users_.end(); ++it) {
     if ((*it)->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT)
       old_public_accounts.push_back((*it)->email());
     else
       regular_users.insert((*it)->email());
   }
 
   // Get the new list of public accounts from policy.
+  scoped_ptr<base::ListValue> prefs_public_accounts(new base::ListValue);
   std::vector<std::string> new_public_accounts;
-  std::set<std::string> new_public_accounts_set;
-  if (!ParseUserList(public_accounts, regular_users, active_user_email,
-                     &new_public_accounts, &new_public_accounts_set) &&
-      IsLoggedInAsPublicAccount()) {
-    // If the user is currently logged into a public account that has been
-    // removed from the list, mark the account's data as pending removal after
-    // logout.
+  bool logged_in_user_on_list = false;
+  for (std::vector<policy::DeviceLocalAccount>::const_iterator it =
+           device_local_accounts.begin();
+       it != device_local_accounts.end(); ++it) {
+    if (it->type != policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION)
+      continue;
+    prefs_public_accounts->AppendString(it->user_id);
+    if (it->user_id == active_user_email) {
+      logged_in_user_on_list = true;
+      continue;
+    }
+    new_public_accounts.push_back(it->user_id);
+  }
+
+  // If the user is currently logged into a public account that has been removed
+  // from the list, mark the account's data as pending removal after logout.
+  if (!logged_in_user_on_list && IsLoggedInAsPublicAccount()) {
     local_state->SetString(kPublicAccountPendingDataRemoval,
                            active_user_email);
   }
 
   // Persist the new list of public accounts in a pref.
   ListPrefUpdate prefs_public_accounts_update(local_state, kPublicAccounts);
-  scoped_ptr<base::ListValue> prefs_public_accounts(public_accounts.DeepCopy());
   prefs_public_accounts_update->Swap(prefs_public_accounts.get());
 
   // If the list of public accounts has not changed, return.
   if (new_public_accounts.size() == old_public_accounts.size()) {
     bool changed = false;
     for (size_t i = 0; i < new_public_accounts.size(); ++i) {
       if (new_public_accounts[i] != old_public_accounts[i]) {
         changed = true;
         break;
       }
@@ skipping 29 matching lines @@
 
   return true;
 }
 
 void UserManagerImpl::UpdatePublicAccountDisplayName(
     const std::string& username) {
   std::string display_name;
 
   if (device_local_account_policy_service_) {
     policy::DeviceLocalAccountPolicyBroker* broker =
-        device_local_account_policy_service_->GetBrokerForAccount(username);
+        device_local_account_policy_service_->GetBrokerForUser(username);
     if (broker)
       display_name = broker->GetDisplayName();
   }
 
   // Set or clear the display name.
   SaveUserDisplayName(username, UTF8ToUTF16(display_name));
 }
 
 void UserManagerImpl::StartLocallyManagedUserCreationTransaction(
       const string16& display_name) {
@@ skipping 164 matching lines @@
   else if (active_user_->GetType() == User::USER_TYPE_LOCALLY_MANAGED)
     login_user_type = LoginState::LOGGED_IN_USER_LOCALLY_MANAGED;
   else if (active_user_->GetType() == User::USER_TYPE_KIOSK_APP)
     login_user_type = LoginState::LOGGED_IN_USER_KIOSK_APP;
   else
     login_user_type = LoginState::LOGGED_IN_USER_REGULAR;
 
   LoginState::Get()->SetLoggedInState(logged_in_state, login_user_type);
 }
 
-void UserManagerImpl::ReadPublicAccounts(base::ListValue* public_accounts) {
-  const base::ListValue* accounts = NULL;
-  if (cros_settings_->GetList(kAccountsPrefDeviceLocalAccounts, &accounts)) {
-    for (base::ListValue::const_iterator entry(accounts->begin());
-         entry != accounts->end(); ++entry) {
-      const base::DictionaryValue* entry_dict = NULL;
-      if (!(*entry)->GetAsDictionary(&entry_dict)) {
-        NOTREACHED();
-        continue;
-      }
-
-      int type = DEVICE_LOCAL_ACCOUNT_TYPE_PUBLIC_SESSION;
-      entry_dict->GetIntegerWithoutPathExpansion(
-          kAccountsPrefDeviceLocalAccountsKeyType, &type);
-      switch (type) {
-        case DEVICE_LOCAL_ACCOUNT_TYPE_PUBLIC_SESSION: {
-          std::string id;
-          if (entry_dict->GetStringWithoutPathExpansion(
-                  kAccountsPrefDeviceLocalAccountsKeyId, &id)) {
-            public_accounts->AppendString(id);
-          }
-          break;
-        }
-        case DEVICE_LOCAL_ACCOUNT_TYPE_KIOSK_APP:
-          // TODO(mnissler, nkostylev, bartfab): Process Kiosk Apps within the
-          // standard login framework: http://crbug.com/234694
-          break;
-      }
-    }
-  }
-}
-
 }  // namespace chromeos