Fix cyclic dependency between ProfilePolicyConnector and PrefService.

chrome/browser/chromeos/policy/network_policy_service.cc

+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/policy/network_policy_service.h"
+
+#include "base/bind.h"
+#include "base/bind_helpers.h"
+#include "base/logging.h"
+#include "base/prefs/pref_service.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/login/user.h"
+#include "chrome/browser/chromeos/login/user_manager.h"
+#include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
+#include "chrome/browser/chromeos/policy/user_network_configuration_updater.h"
+#include "chrome/browser/policy/browser_policy_connector.h"
+#include "chrome/common/pref_names.h"
+#include "chromeos/network/network_handler.h"
+#include "chromeos/network/onc/onc_certificate_importer_impl.h"
+
+namespace policy {
+
+NetworkPolicyService::~NetworkPolicyService() {}
+
+NetworkPolicyService::NetworkPolicyService(PrefService* user_prefs,
+                                           PolicyService* policy_service)
+    : user_prefs_(user_prefs) {
+  chromeos::UserManager* user_manager = chromeos::UserManager::Get();
+  chromeos::User* user = user_manager->GetActiveUser();

[Joao da Silva, 2013/10/16 12:44:58]

Pass |user| in the ctor

[pneubeck (no reviews), 2013/10/22 18:47:41]

Done.

+  CHECK(user);
+  std::string username = user->email();
+
+  BrowserPolicyConnector* connector =
+      g_browser_process->browser_policy_connector();
+  // Allow trusted certs from policy only for accounts with managed user
+  // affiliation, i.e users that are managed by the same domain as the device.
+  bool allow_trusted_certs_from_policy =
+      connector->GetUserAffiliation(username) == USER_AFFILIATION_MANAGED &&
+      user->GetType() == chromeos::User::USER_TYPE_REGULAR;

[Joao da Silva, 2013/10/16 12:44:58]

pass in ctor

[pneubeck (no reviews), 2013/10/22 18:47:41]

do you mean, that I should forward user to 
UserNetworkConfigurationUpdater::CreateForUserPolicy and determine
|allow_trusted_certs_from_policy| there?

[Joao da Silva, 2013/10/23 07:45:54]

I was suggesting to pass |allow_trusted_certs_from_policy| as a boolean to
NetworkPolicyService::NetworkPolicyService() (this ctor), and determine its
value from network_policy_service_factory.cc.

[pneubeck (no reviews), 2013/10/23 11:22:09]

Done.

+
+  network_configuration_updater_ =
+      UserNetworkConfigurationUpdater::CreateForUserPolicy(
+          allow_trusted_certs_from_policy,
+          *user,
+          scoped_ptr<chromeos::onc::CertificateImporter>(
+              new chromeos::onc::CertificateImporterImpl),
+          policy_service,
+          chromeos::NetworkHandler::Get()
+              ->managed_network_configuration_handler());
+}
+
+void NetworkPolicyService::SetPolicyCertVerifier(
+    PolicyCertVerifier* cert_verifier) {
+  network_configuration_updater_->SetPolicyCertVerifier(cert_verifier);
+  cert_verifier_subscription_ = cert_verifier->RegisterAnchorUsedCallback(
+      base::Bind(&NetworkPolicyService::SetUsedPolicyCertificatesOnce,
+                 base::Unretained(this)));
+}
+
+void NetworkPolicyService::GetWebTrustedCertificates(
+    net::CertificateList* certs) const {
+  certs->clear();
+  network_configuration_updater_->GetWebTrustedCertificates(certs);
+}
+
+bool NetworkPolicyService::UsedPolicyCertificates() {
+  return user_prefs_->GetBoolean(prefs::kUsedPolicyCertificatesOnce);
+}
+
+void NetworkPolicyService::Shutdown() {
+  network_configuration_updater_.reset();
+  user_prefs_ = NULL;
+}
+
+void NetworkPolicyService::SetUsedPolicyCertificatesOnce() {
+  DCHECK(user_prefs_);
+  user_prefs_->SetBoolean(prefs::kUsedPolicyCertificatesOnce, true);
+}
+
+}  // namespace policy