Chromium Code Reviews Chromium Code Reviews
Issue 17546004:
Added policy for disabling locally managed users. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/existing_user_controller.h" | 5 #include "chrome/browser/chromeos/login/existing_user_controller.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 174 | 174 |
| 175 void ExistingUserController::UpdateLoginDisplay(const UserList& users) { | 175 void ExistingUserController::UpdateLoginDisplay(const UserList& users) { |
| 176 bool show_users_on_signin; | 176 bool show_users_on_signin; |
| 177 UserList filtered_users; | 177 UserList filtered_users; |
| 178 | 178 |
| 179 cros_settings_->GetBoolean(kAccountsPrefShowUserNamesOnSignIn, | 179 cros_settings_->GetBoolean(kAccountsPrefShowUserNamesOnSignIn, |
| 180 &show_users_on_signin); | 180 &show_users_on_signin); |
| 181 if (show_users_on_signin) { | 181 if (show_users_on_signin) { |
| 182 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { | 182 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { |
| 183 // TODO(xiyuan): Clean user profile whose email is not in whitelist. | 183 // TODO(xiyuan): Clean user profile whose email is not in whitelist. |
| 184 if (LoginUtils::IsWhitelisted((*it)->email()) || | 184 if (((*it)->GetType() != User::USER_TYPE_LOCALLY_MANAGED || |
|
Denis Kuznetsov (DE-MUC)
2013/06/21 12:28:52
Please extract this as a boolean var, so that it w
dzhioev (left Google)
2013/06/21 13:42:29
Done.
| |
| 185 (*it)->GetType() != User::USER_TYPE_REGULAR) { | 185 UserManager::Get()->AreLocallyManagedUsersAllowed()) && |
| 186 (LoginUtils::IsWhitelisted((*it)->email()) || | |
| 187 (*it)->GetType() != User::USER_TYPE_REGULAR)) { | |
| 186 filtered_users.push_back(*it); | 188 filtered_users.push_back(*it); |
| 187 } | 189 } |
| 188 } | 190 } |
| 189 } | 191 } |
| 190 | 192 |
| 191 // If no user pods are visible, fallback to single new user pod which will | 193 // If no user pods are visible, fallback to single new user pod which will |
| 192 // have guest session link. | 194 // have guest session link. |
| 193 bool show_guest; | 195 bool show_guest; |
| 194 cros_settings_->GetBoolean(kAccountsPrefAllowGuest, &show_guest); | 196 cros_settings_->GetBoolean(kAccountsPrefAllowGuest, &show_guest); |
| 195 bool show_users; | 197 bool show_users; |
| (...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 431 if (login_performer_delegate_.get()) | 433 if (login_performer_delegate_.get()) |
| 432 delegate = login_performer_delegate_.get(); | 434 delegate = login_performer_delegate_.get(); |
| 433 // Only one instance of LoginPerformer should exist at a time. | 435 // Only one instance of LoginPerformer should exist at a time. |
| 434 login_performer_.reset(NULL); | 436 login_performer_.reset(NULL); |
| 435 login_performer_.reset(new LoginPerformer(delegate)); | 437 login_performer_.reset(new LoginPerformer(delegate)); |
| 436 } | 438 } |
| 437 | 439 |
| 438 is_login_in_progress_ = true; | 440 is_login_in_progress_ = true; |
| 439 if (gaia::ExtractDomainName(user_context.username) == | 441 if (gaia::ExtractDomainName(user_context.username) == |
| 440 UserManager::kLocallyManagedUserDomain) { | 442 UserManager::kLocallyManagedUserDomain) { |
| 443 if (!UserManager::Get()->AreLocallyManagedUsersAllowed()) { | |
| 444 LOG(ERROR) << "Login attempt of locally managed user detected."; | |
| 445 login_display_->SetUIEnabled(true); | |
| 446 return; | |
| 447 } | |
| 441 login_performer_->LoginAsLocallyManagedUser( | 448 login_performer_->LoginAsLocallyManagedUser( |
| 442 UserContext(user_context.username, | 449 UserContext(user_context.username, |
| 443 user_context.password, | 450 user_context.password, |
| 444 std::string())); // auth_code | 451 std::string())); // auth_code |
| 445 } else { | 452 } else { |
| 446 login_performer_->PerformLogin(user_context, auth_mode); | 453 login_performer_->PerformLogin(user_context, auth_mode); |
| 447 } | 454 } |
| 448 AccessibilityManager::Get()->MaybeSpeak( | 455 AccessibilityManager::Get()->MaybeSpeak( |
| 449 l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN)); | 456 l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN)); |
| 450 } | 457 } |
| (...skipping 705 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1156 // changed. | 1163 // changed. |
| 1157 UserManager::Get()->SaveUserOAuthStatus( | 1164 UserManager::Get()->SaveUserOAuthStatus( |
| 1158 username, | 1165 username, |
| 1159 User::OAUTH2_TOKEN_STATUS_INVALID); | 1166 User::OAUTH2_TOKEN_STATUS_INVALID); |
| 1160 | 1167 |
| 1161 login_display_->SetUIEnabled(true); | 1168 login_display_->SetUIEnabled(true); |
| 1162 login_display_->ShowGaiaPasswordChanged(username); | 1169 login_display_->ShowGaiaPasswordChanged(username); |
| 1163 } | 1170 } |
| 1164 | 1171 |
| 1165 } // namespace chromeos | 1172 } // namespace chromeos |
| OLD | NEW |
