Translate device-local account IDs to user IDs

chrome/browser/chromeos/login/user_manager_impl.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/user_manager_impl.h"
 
 #include <cstddef>
 #include <set>
 
 #include "ash/shell.h"
@@ skipping 12 matching lines @@
 #include "base/values.h"
 #include "chrome/browser/app_mode/app_mode_utils.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/cros/cert_library.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/login/default_pinned_apps_field_trial.h"
 #include "chrome/browser/chromeos/login/login_display.h"
 #include "chrome/browser/chromeos/login/remove_user_delegate.h"
 #include "chrome/browser/chromeos/login/user_image_manager_impl.h"
 #include "chrome/browser/chromeos/login/wizard_controller.h"
+#include "chrome/browser/chromeos/policy/device_local_account.h"
 #include "chrome/browser/chromeos/session_length_limiter.h"
+#include "chrome/browser/chromeos/settings/cros_settings_names.h"
 #include "chrome/browser/policy/browser_policy_connector.h"
 #include "chrome/browser/prefs/scoped_user_pref_update.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/sync/profile_sync_service.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chromeos/chromeos_switches.h"
 #include "chromeos/cryptohome/async_method_caller.h"
@@ skipping 202 matching lines @@
   if (!CommandLine::ForCurrentProcess()->HasSwitch(::switches::kMultiProfiles))
     DCHECK(!IsUserLoggedIn());
 
   if (active_user_)
     active_user_->set_is_active(false);
 
   if (email == kGuestUserEMail) {
     GuestUserLoggedIn();
   } else if (email == kRetailModeUserEMail) {
     RetailModeUserLoggedIn();
-  } else if (gaia::ExtractDomainName(email) == kKioskAppUserDomain) {
+  } else if (policy::IsKioskAppUser(email)) {
     KioskAppLoggedIn(email);
   } else {
     EnsureUsersLoaded();
 
     User* user = FindUserInListAndModify(email);
     if (user && user->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT) {
       PublicAccountUserLoggedIn(user);
     } else if ((user &&
                 user->GetType() == User::USER_TYPE_LOCALLY_MANAGED) ||
                (!user &&
@@ skipping 371 matching lines @@
     // http://crbug.com/230860
     // TODO(nkostylev): Figure out whether we want to have observers
     // for each logged in user.
     // TODO(nkostyelv): Change observer after active user has changed.
     SaveUserOAuthStatus(
         active_user_->email(),
         User::OAUTH2_TOKEN_STATUS_INVALID);
   }
 }
 
-void UserManagerImpl::OnPolicyUpdated(const std::string& account_id) {
-  UpdatePublicAccountDisplayName(account_id);
+void UserManagerImpl::OnPolicyUpdated(const std::string& user_id) {
+  UpdatePublicAccountDisplayName(user_id);
   NotifyUserListChanged();
 }
 
 void UserManagerImpl::OnDeviceLocalAccountsChanged() {
   // No action needed here, changes to the list of device-local accounts get
   // handled via the kAccountsPrefDeviceLocalAccounts device setting observer.
 }
 
 bool UserManagerImpl::IsCurrentUserOwner() const {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
@@ skipping 231 matching lines @@
   // Schedule a callback if device policy has not yet been verified.
   if (CrosSettingsProvider::TRUSTED != cros_settings_->PrepareTrustedValues(
       base::Bind(&UserManagerImpl::RetrieveTrustedDevicePolicies,
                  base::Unretained(this)))) {
     return;
   }
 
   cros_settings_->GetBoolean(kAccountsPrefEphemeralUsersEnabled,
                              &ephemeral_users_enabled_);
   cros_settings_->GetString(kDeviceOwner, &owner_email_);
-  base::ListValue public_accounts;
-  ReadPublicAccounts(&public_accounts);
 
   EnsureUsersLoaded();
 
-  bool changed = UpdateAndCleanUpPublicAccounts(public_accounts);
+  bool changed = UpdateAndCleanUpPublicAccounts(
+      policy::GetDeviceLocalAccounts(cros_settings_));
 
   // If ephemeral users are enabled and we are on the login screen, take this
   // opportunity to clean up by removing all regular users except the owner.
   if (ephemeral_users_enabled_  && !IsUserLoggedIn()) {
     ListPrefUpdate prefs_users_update(g_browser_process->local_state(),
                                       kRegularUsers);
     prefs_users_update->Clear();
     for (UserList::iterator it = users_.begin(); it != users_.end(); ) {
       const std::string user_email = (*it)->email();
       if ((*it)->GetType() == User::USER_TYPE_REGULAR &&
@@ skipping 151 matching lines @@
   active_user_ = user;
   // The UserImageManager chooses a random avatar picture when a user logs in
   // for the first time. Tell the UserImageManager that this user is not new to
   // prevent the avatar from getting changed.
   user_image_manager_->UserLoggedIn(user->email(), false, true);
   WallpaperManager::Get()->EnsureLoggedInUserWallpaperLoaded();
 }
 
 void UserManagerImpl::KioskAppLoggedIn(const std::string& username) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  DCHECK_EQ(gaia::ExtractDomainName(username), kKioskAppUserDomain);
+  DCHECK(policy::IsKioskAppUser(username));
 
   WallpaperManager::Get()->SetInitialUserWallpaper(username, false);
   active_user_ = User::CreateKioskAppUser(username);
   active_user_->SetStubImage(User::kInvalidImageIndex, false);
 
+  // TODO(bartfab): Add KioskAppUsers to the users_ list and keep metadata like

[Mattias Nissler (ping if slow), 2013/05/17 14:29:44]

not sure whether we want to do this half-way. Maybe it's simpler to keep the
<app_id>@kiosk-apps.device-local-accounts.localhost for kiosk apps for now.

[bartfab (slow), 2013/05/17 16:08:47]

I would prefer to go for
${opaque_identifier}@kiosk-apps.device-local-accounts.localhost straight away.
That way, this CL implements a well-defined step that moves all device-local
accounts to a new naming scheme with opaque identifiers. It is not a half-way
step at all.

Adding device-local accounts to the users_ list is a separate improvement that
can then be done in a second step.

Any move that changes user IDs is a risky undertaking. Stuff may break. I would
rather do it once, right now, than having to do it twice:

Now:
${app_id}@kiosk-apps.localhost
=>
${app_id}@kiosk-apps.device-local-accounts.localhost

Later:
${app_id}@kiosk-apps.device-local-accounts.localhost
=>
${opaque_identifier}@kiosk-apps.device-local-accounts.localhost

+  // the kiosk_app_id in these objects, removing the need to re-parse the
+  // device-local account list here to extract the kiosk_app_id.
+  const std::vector<policy::DeviceLocalAccount> device_local_accounts =
+      policy::GetDeviceLocalAccounts(cros_settings_);
+  const policy::DeviceLocalAccount* account = NULL;
+  for (std::vector<policy::DeviceLocalAccount>::const_iterator
+           it = device_local_accounts.begin();
+       it != device_local_accounts.end(); ++it) {
+    if (it->user_id == username) {
+      account = &*it;
+      break;
+    }
+  }
+  std::string kiosk_app_id;
+  if (account) {
+    kiosk_app_id = account->kiosk_app_id;
+  } else {
+    LOG(ERROR) << "Logged into nonexistent kiosk-app account: " << username;
+    NOTREACHED();
+  }
+
   CommandLine* command_line = CommandLine::ForCurrentProcess();
   command_line->AppendSwitch(::switches::kForceAppMode);
-  command_line->AppendSwitchASCII(::switches::kAppId,
-                                  active_user_->GetAccountName(false));
+  command_line->AppendSwitchASCII(::switches::kAppId, kiosk_app_id);
+
   // Disable window animation since kiosk app runs in a single full screen
   // window and window animation causes start-up janks.
   command_line->AppendSwitch(
       views::corewm::switches::kWindowAnimationsDisabled);
 }
 
 void UserManagerImpl::RetailModeUserLoggedIn() {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   is_current_user_new_ = true;
   active_user_ = User::CreateRetailModeUser();
@@ skipping 67 matching lines @@
       if ((*it)->GetType() == User::USER_TYPE_REGULAR ||
           (*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) {
         prefs_users_update->Append(new base::StringValue(user_email));
       }
       ++it;
     }
   }
   return user;
 }
 
+void UserManagerImpl::CleanUpPublicAccountNonCryptohomeDataPendingRemoval() {
+  PrefService* local_state = g_browser_process->local_state();
+  const std::string public_account_pending_data_removal =
+      local_state->GetString(kPublicAccountPendingDataRemoval);
+  if (public_account_pending_data_removal.empty() ||
+      (IsUserLoggedIn() &&
+       public_account_pending_data_removal == GetActiveUser()->email())) {
+    return;
+  }
+
+  RemoveNonCryptohomeData(public_account_pending_data_removal);
+  local_state->ClearPref(kPublicAccountPendingDataRemoval);
+}
+
 void UserManagerImpl::CleanUpPublicAccountNonCryptohomeData(
     const std::vector<std::string>& old_public_accounts) {
   std::set<std::string> users;
   for (UserList::const_iterator it = users_.begin(); it != users_.end(); ++it)
     users.insert((*it)->email());
 
   // If the user is logged into a public account that has been removed from the
   // user list, mark the account's data as pending removal after logout.
   if (IsLoggedInAsPublicAccount()) {
     const std::string active_user_id = GetActiveUser()->email();
     if (users.find(active_user_id) == users.end()) {
       g_browser_process->local_state()->SetString(
           kPublicAccountPendingDataRemoval, active_user_id);
       users.insert(active_user_id);
     }
   }
 
   // Remove the data belonging to any other public accounts that are no longer
   // found on the user list.
   for (std::vector<std::string>::const_iterator
            it = old_public_accounts.begin();
        it != old_public_accounts.end(); ++it) {
     if (users.find(*it) == users.end())
       RemoveNonCryptohomeData(*it);
   }
 }
 
 bool UserManagerImpl::UpdateAndCleanUpPublicAccounts(
-    const base::ListValue& public_accounts) {
-  PrefService* local_state = g_browser_process->local_state();
+    const std::vector<policy::DeviceLocalAccount>& device_local_accounts) {
+  // Try to remove any public account data marked as pending removal.
+  CleanUpPublicAccountNonCryptohomeDataPendingRemoval();
 
-  // Determine the currently logged-in user's email.
-  std::string active_user_email;
-  if (IsUserLoggedIn())
-    active_user_email = GetLoggedInUser()->email();
-
-  // If there is a public account whose data is pending removal and the user is
-  // not currently logged in with that account, take this opportunity to remove
-  // the data.
-  std::string public_account_pending_data_removal =
-      local_state->GetString(kPublicAccountPendingDataRemoval);
-  if (!public_account_pending_data_removal.empty() &&
-      public_account_pending_data_removal != active_user_email) {
-    RemoveNonCryptohomeData(public_account_pending_data_removal);
-    local_state->ClearPref(kPublicAccountPendingDataRemoval);
-  }
-
-  // Split the current user list public accounts and regular users.
+  // Get the current list of public accounts.
   std::vector<std::string> old_public_accounts;
-  std::set<std::string> regular_users;
   for (UserList::const_iterator it = users_.begin(); it != users_.end(); ++it) {
     if ((*it)->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT)
       old_public_accounts.push_back((*it)->email());
-    else
-      regular_users.insert((*it)->email());
   }
 
   // Get the new list of public accounts from policy.
   std::vector<std::string> new_public_accounts;
-  std::set<std::string> new_public_accounts_set;
-  ParseUserList(public_accounts, regular_users,
-                &new_public_accounts, &new_public_accounts_set);
-
-  // Persist the new list of public accounts in a pref.
-  ListPrefUpdate prefs_public_accounts_update(local_state, kPublicAccounts);
-  scoped_ptr<base::ListValue> prefs_public_accounts(public_accounts.DeepCopy());
-  prefs_public_accounts_update->Swap(prefs_public_accounts.get());
+  for (std::vector<policy::DeviceLocalAccount>::const_iterator it =
+           device_local_accounts.begin();
+       it != device_local_accounts.end(); ++it) {
+    // TODO(mnissler, nkostylev, bartfab): Process Kiosk Apps within the
+    // standard login framework: http://crbug.com/234694
+    if (it->type == policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION)
+      new_public_accounts.push_back(it->user_id);
+  }
 
   // If the list of public accounts has not changed, return.
   if (new_public_accounts.size() == old_public_accounts.size()) {
     bool changed = false;
     for (size_t i = 0; i < new_public_accounts.size(); ++i) {
       if (new_public_accounts[i] != old_public_accounts[i]) {
         changed = true;
         break;
       }
     }
     if (!changed)
       return false;
   }
 
+  // Persist the new list of public accounts in a pref.
+  ListPrefUpdate prefs_public_accounts_update(g_browser_process->local_state(),
+                                              kPublicAccounts);
+  prefs_public_accounts_update->Clear();
+  for (std::vector<std::string>::const_iterator
+           it = new_public_accounts.begin();
+       it != new_public_accounts.end(); ++it) {
+    prefs_public_accounts_update->AppendString(*it);
+  }
+
   // Remove the old public accounts from the user list.
   for (UserList::iterator it = users_.begin(); it != users_.end(); ) {
     if ((*it)->GetType() == User::USER_TYPE_PUBLIC_ACCOUNT) {
       if (*it != GetLoggedInUser())
         delete *it;
       it = users_.erase(it);
     } else {
       ++it;
     }
   }
 
   // Add the new public accounts to the front of the user list.
   for (std::vector<std::string>::const_reverse_iterator
            it = new_public_accounts.rbegin();
        it != new_public_accounts.rend(); ++it) {
-    if (IsLoggedInAsPublicAccount() && *it == active_user_email)
+    if (IsLoggedInAsPublicAccount() && *it == GetActiveUser()->email())
       users_.insert(users_.begin(), GetLoggedInUser());
     else
       users_.insert(users_.begin(), User::CreatePublicAccountUser(*it));
     UpdatePublicAccountDisplayName(*it);
   }
 
   user_image_manager_->LoadUserImages(
       UserList(users_.begin(), users_.begin() + new_public_accounts.size()));
 
   // Remove data belonging to public accounts that are no longer found on the
   // user list.
   CleanUpPublicAccountNonCryptohomeData(old_public_accounts);
 
   return true;
 }
 
 void UserManagerImpl::UpdatePublicAccountDisplayName(
     const std::string& username) {
   std::string display_name;
 
   if (device_local_account_policy_service_) {
     policy::DeviceLocalAccountPolicyBroker* broker =
-        device_local_account_policy_service_->GetBrokerForAccount(username);
+        device_local_account_policy_service_->GetBrokerForUser(username);
     if (broker)
       display_name = broker->GetDisplayName();
   }
 
   // Set or clear the display name.
   SaveUserDisplayName(username, UTF8ToUTF16(display_name));
 }
 
 void UserManagerImpl::StartLocallyManagedUserCreationTransaction(
       const string16& display_name) {
@@ skipping 164 matching lines @@
   else if (active_user_->GetType() == User::USER_TYPE_LOCALLY_MANAGED)
     login_user_type = LoginState::LOGGED_IN_USER_LOCALLY_MANAGED;
   else if (active_user_->GetType() == User::USER_TYPE_KIOSK_APP)
     login_user_type = LoginState::LOGGED_IN_USER_KIOSK_APP;
   else
     login_user_type = LoginState::LOGGED_IN_USER_REGULAR;
 
   LoginState::Get()->SetLoggedInState(logged_in_state, login_user_type);
 }
 
-void UserManagerImpl::ReadPublicAccounts(base::ListValue* public_accounts) {
-  const base::ListValue* accounts = NULL;
-  if (cros_settings_->GetList(kAccountsPrefDeviceLocalAccounts, &accounts)) {
-    for (base::ListValue::const_iterator entry(accounts->begin());
-         entry != accounts->end(); ++entry) {
-      const base::DictionaryValue* entry_dict = NULL;
-      if (!(*entry)->GetAsDictionary(&entry_dict)) {
-        NOTREACHED();
-        continue;
-      }
-
-      int type = DEVICE_LOCAL_ACCOUNT_TYPE_PUBLIC_SESSION;
-      entry_dict->GetIntegerWithoutPathExpansion(
-          kAccountsPrefDeviceLocalAccountsKeyType, &type);
-      switch (type) {
-        case DEVICE_LOCAL_ACCOUNT_TYPE_PUBLIC_SESSION: {
-          std::string id;
-          if (entry_dict->GetStringWithoutPathExpansion(
-                  kAccountsPrefDeviceLocalAccountsKeyId, &id)) {
-            public_accounts->AppendString(id);
-          }
-          break;
-        }
-        case DEVICE_LOCAL_ACCOUNT_TYPE_KIOSK_APP:
-          // TODO(mnissler, nkostylev, bartfab): Process Kiosk Apps within the
-          // standard login framework: http://crbug.com/234694
-          break;
-      }
-    }
-  }
-}
-
 }  // namespace chromeos