Lock profile before sign in when force sign in is enabled.

chrome/browser/profiles/profile_attributes_entry.cc

Index: chrome/browser/profiles/profile_attributes_entry.cc
diff --git a/chrome/browser/profiles/profile_attributes_entry.cc b/chrome/browser/profiles/profile_attributes_entry.cc
index 0db57cbe4eb6f82f3bccbf2d3140d37f2e740d5c..5a27638f365a38115bdd1fe2af473b9d35bde733 100644
--- a/chrome/browser/profiles/profile_attributes_entry.cc
+++ b/chrome/browser/profiles/profile_attributes_entry.cc
@@ -1,13 +1,22 @@
 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-
+//
+#include "chrome/browser/browser_process.h"
 #include "chrome/browser/profiles/profile_attributes_entry.h"
 #include "chrome/browser/profiles/profile_info_cache.h"
+#include "chrome/common/pref_names.h"
+#include "components/prefs/pref_service.h"
+
+namespace {
+bool IsForceSigninEnabled() {
+  PrefService* prefs = g_browser_process->local_state();
+  return prefs && prefs->GetBoolean(prefs::kForceBrowserSignin);
+}
+}  // namespace
 
 ProfileAttributesEntry::ProfileAttributesEntry()
-    : profile_info_cache_(nullptr),
-      profile_path_(base::FilePath()) {}
+    : profile_info_cache_(nullptr), profile_path_(base::FilePath()) {}
 
 void ProfileAttributesEntry::Initialize(
     ProfileInfoCache* cache, const base::FilePath& path) {
@@ -17,6 +26,9 @@ void ProfileAttributesEntry::Initialize(
   DCHECK(profile_path_.empty());
   DCHECK(!path.empty());
   profile_path_ = path;
+  is_force_signin_enabled_ = IsForceSigninEnabled();

[Roger Tawa OOO till Jul 10th, 2016/11/08 15:16:11]

Do you really need to save IsForceSigninEnabled() in a member?  Seems like you
could just call IsForceSigninEnabled() each time you needed it.  Is
LockForceSigninProfile() a function that is called often and is performance
critical?

[zmin, 2016/11/08 18:39:07]

force_signin flag will be checked every time the SetIsSigninRequired get called.

+  if (!IsAuthenticated() && is_force_signin_enabled_)
+    is_force_signin_profile_locked_ = true;
 }
 
 base::string16 ProfileAttributesEntry::GetName() const {
@@ -96,7 +108,8 @@ bool ProfileAttributesEntry::IsOmitted() const {
 }
 
 bool ProfileAttributesEntry::IsSigninRequired() const {
-  return profile_info_cache_->ProfileIsSigninRequiredAtIndex(profile_index());
+  return profile_info_cache_->ProfileIsSigninRequiredAtIndex(profile_index()) ||
+         is_force_signin_profile_locked_;
 }
 
 std::string ProfileAttributesEntry::GetSupervisedUserId() const {
@@ -223,6 +236,12 @@ void ProfileAttributesEntry::SetIsUsingGAIAPicture(bool value) {
 
 void ProfileAttributesEntry::SetIsSigninRequired(bool value) {
   profile_info_cache_->SetProfileSigninRequiredAtIndex(profile_index(), value);
+  LockForceSigninProfile(value);
+}
+
+void ProfileAttributesEntry::LockForceSigninProfile(bool is_lock) {
+  if (is_force_signin_enabled_)

[Roger Tawa OOO till Jul 10th, 2016/11/08 15:16:11]

Should this be a DCHECK instead of if statement?

[zmin, 2016/11/08 18:39:07]

SetIsSigninRequired() will call LockForceSigninProfile().

I'll move the if statement to SetIsSigninRequired() and add the DCHECK here. I
think it makes more sense.

+    is_force_signin_profile_locked_ = is_lock;
 }
 
 void ProfileAttributesEntry::SetIsEphemeral(bool value) {