Move more utility functions to arc_util.

chrome/browser/chromeos/arc/arc_session_manager.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/arc/arc_session_manager.h"
 
 #include <utility>
 
 #include "ash/common/shelf/shelf_delegate.h"
 #include "ash/common/wm_shell.h"
 #include "base/bind.h"
 #include "base/callback_helpers.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/memory/ptr_util.h"
 #include "base/strings/string16.h"
 #include "base/threading/thread_task_runner_handle.h"
 #include "base/time/time.h"
 #include "chrome/browser/chromeos/arc/arc_auth_context.h"
 #include "chrome/browser/chromeos/arc/arc_auth_notification.h"
 #include "chrome/browser/chromeos/arc/arc_optin_uma.h"
 #include "chrome/browser/chromeos/arc/arc_support_host.h"
+#include "chrome/browser/chromeos/arc/arc_util.h"
 #include "chrome/browser/chromeos/arc/optin/arc_terms_of_service_negotiator.h"
 #include "chrome/browser/chromeos/arc/policy/arc_android_management_checker.h"
 #include "chrome/browser/chromeos/arc/policy/arc_policy_util.h"
-#include "chrome/browser/chromeos/login/user_flow.h"
-#include "chrome/browser/chromeos/login/users/chrome_user_manager.h"
-#include "chrome/browser/chromeos/profiles/profile_helper.h"
 #include "chrome/browser/lifetime/application_lifetime.h"
 #include "chrome/browser/policy/profile_policy_connector.h"
 #include "chrome/browser/policy/profile_policy_connector_factory.h"
 #include "chrome/browser/prefs/pref_service_syncable_util.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ui/app_list/arc/arc_app_launcher.h"
 #include "chrome/browser/ui/app_list/arc/arc_app_utils.h"
 #include "chrome/browser/ui/ash/multi_user/multi_user_util.h"
 #include "chrome/browser/ui/browser_commands.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/grit/generated_resources.h"
 #include "chromeos/chromeos_switches.h"
 #include "chromeos/cryptohome/cryptohome_parameters.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/dbus/session_manager_client.h"
 #include "components/arc/arc_bridge_service.h"
 #include "components/arc/arc_session_runner.h"
+#include "components/arc/arc_util.h"
 #include "components/pref_registry/pref_registry_syncable.h"
 #include "components/prefs/pref_service.h"
 #include "components/sync_preferences/pref_service_syncable.h"
-#include "components/user_manager/user.h"
 #include "content/public/browser/browser_thread.h"
 #include "extensions/browser/extension_prefs.h"
 
 namespace arc {
 
 namespace {
 
 // Weak pointer.  This class is owned by ArcServiceManager.
 ArcSessionManager* g_arc_session_manager = nullptr;
 
@@ skipping 69 matching lines @@
   g_disable_ui_for_testing = true;
 }
 
 // static
 void ArcSessionManager::SetShelfDelegateForTesting(
     ash::ShelfDelegate* shelf_delegate) {
   g_shelf_delegate_for_testing = shelf_delegate;
 }
 
 // static
-bool ArcSessionManager::IsOptInVerificationDisabled() {
-  return base::CommandLine::ForCurrentProcess()->HasSwitch(
-      chromeos::switches::kDisableArcOptInVerification);
-}
-
-// static
 void ArcSessionManager::EnableCheckAndroidManagementForTesting() {
   g_enable_check_android_management_for_testing = true;
 }
 
-// static
-bool ArcSessionManager::IsAllowedForProfile(const Profile* profile) {
-  if (!ArcBridgeService::GetEnabled(base::CommandLine::ForCurrentProcess())) {
-    VLOG(1) << "Arc is not enabled.";
-    return false;
-  }
-
-  if (!profile) {
-    VLOG(1) << "ARC is not supported for systems without profile.";
-    return false;
-  }
-
-  if (!chromeos::ProfileHelper::IsPrimaryProfile(profile)) {
-    VLOG(1) << "Non-primary users are not supported in ARC.";
-    return false;
-  }
-
-  // IsPrimaryProfile can return true for an incognito profile corresponding
-  // to the primary profile, but ARC does not support it.
-  if (profile->IsOffTheRecord()) {
-    VLOG(1) << "Incognito profile is not supported in ARC.";
-    return false;
-  }
-
-  if (profile->IsLegacySupervised()) {
-    VLOG(1) << "Supervised users are not supported in ARC.";
-    return false;
-  }
-
-  user_manager::User const* const user =
-      chromeos::ProfileHelper::Get()->GetUserByProfile(profile);
-  if ((!user || !user->HasGaiaAccount()) && !IsArcKioskMode()) {
-    VLOG(1) << "Users without GAIA accounts are not supported in ARC.";
-    return false;
-  }
-
-  chromeos::UserFlow* user_flow =
-      chromeos::ChromeUserManager::Get()->GetUserFlow(user->GetAccountId());
-  if (!user_flow || !user_flow->CanStartArc()) {
-    VLOG(1) << "ARC is not allowed in the current user flow.";
-    return false;
-  }
-
-  if (user_manager::UserManager::Get()
-          ->IsCurrentUserCryptohomeDataEphemeral()) {
-    VLOG(2) << "Users with ephemeral data are not supported in Arc.";
-    return false;
-  }
-
-  return true;
-}
-
-// static
-bool ArcSessionManager::IsArcKioskMode() {
-  return user_manager::UserManager::Get()->IsLoggedInAsArcKioskApp();
-}
-
 void ArcSessionManager::OnSessionReady() {
   for (auto& observer : arc_session_observer_list_)
     observer.OnSessionReady();
 }
 
 void ArcSessionManager::OnSessionStopped(StopReason reason) {
   // TODO(crbug.com/625923): Use |reason| to report more detailed errors.
   if (arc_sign_in_timer_.IsRunning())
     OnProvisioningFinished(ProvisioningResult::ARC_STOPPED);
 
@@ skipping 95 matching lines @@
     DCHECK_NE(result, ProvisioningResult::SUCCESS);
     // TODO (khmel): Consider changing LOG to NOTREACHED once we guaranty that
     // no double message can happen in production.
     LOG(WARNING) << "Provisioning result was already reported. Ignoring "
                  << "additional result " << static_cast<int>(result) << ".";
     return;
   }
   provisioning_reported_ = true;
 
   if (result == ProvisioningResult::CHROME_SERVER_COMMUNICATION_ERROR) {
-    if (IsArcKioskMode()) {
+    if (util::IsArcKioskMode()) {
       VLOG(1) << "Robot account auth code fetching error";
       // Log out the user. All the cleanup will be done in Shutdown() method.
       // The callback is not called because auth code is empty.
       attempt_user_exit_callback_.Run();
       return;
     }
 
     // For backwards compatibility, use NETWORK_ERROR for
     // CHROME_SERVER_COMMUNICATION_ERROR case.
     UpdateOptInCancelUMA(OptInCancelReason::NETWORK_ERROR);
@@ skipping 12 matching lines @@
   if (result == ProvisioningResult::SUCCESS) {
     if (support_host_)
       support_host_->Close();
 
     if (profile_->GetPrefs()->GetBoolean(prefs::kArcSignedIn))
       return;
 
     profile_->GetPrefs()->SetBoolean(prefs::kArcSignedIn, true);
     // Don't show Play Store app for ARC Kiosk because the only one UI in kiosk
     // mode must be the kiosk app and device is not needed for opt-in.
-    if (!IsOptInVerificationDisabled() && !IsArcKioskMode()) {
+    if (!util::IsOptInVerificationDisabled() && !util::IsArcKioskMode()) {
       playstore_launcher_.reset(
           new ArcAppLauncher(profile_, kPlayStoreAppId, true));
     }
 
     for (auto& observer : observer_list_)
       observer.OnArcInitialStart();
     return;
   }
 
   ArcSupportHost::Error error;
@@ skipping 63 matching lines @@
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   return profile_ != nullptr;
 }
 
 void ArcSessionManager::OnPrimaryUserProfilePrepared(Profile* profile) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
   DCHECK(profile && profile != profile_);
 
   Shutdown();
 
-  if (!IsAllowedForProfile(profile))
+  if (!util::IsArcAllowedForProfile(profile))
     return;
 
-  // TODO(khmel): Move this to IsAllowedForProfile.
+  // TODO(khmel): Move this to IsArcAllowedForProfile.
   if (policy_util::IsArcDisabledForEnterprise() &&
       policy_util::IsAccountManaged(profile)) {
     VLOG(2) << "Enterprise users are not supported in ARC.";
     return;
   }
 
   profile_ = profile;
 
   // Create the support host at initialization. Note that, practically,
   // ARC support Chrome app is rarely used (only opt-in and re-auth flow).
   // So, it may be better to initialize it lazily.
   // TODO(hidehiko): Revisit to think about lazy initialization.
   //
   // Don't show UI for ARC Kiosk because the only one UI in kiosk mode must
   // be the kiosk app. In case of error the UI will be useless as well, because
   // in typical use case there will be no one nearby the kiosk device, who can
   // do some action to solve the problem be means of UI.
-  if (!g_disable_ui_for_testing && !IsOptInVerificationDisabled() &&
-      !IsArcKioskMode()) {
+  if (!g_disable_ui_for_testing && !util::IsOptInVerificationDisabled() &&
+      !util::IsArcKioskMode()) {
     DCHECK(!support_host_);
     support_host_ = base::MakeUnique<ArcSupportHost>(profile_);
     support_host_->AddObserver(this);
   }
 
   DCHECK_EQ(State::NOT_INITIALIZED, state_);
   SetState(State::STOPPED);
 
   PrefServiceSyncableFromProfile(profile_)->AddSyncedPrefObserver(
       prefs::kArcEnabled, this);
@@ skipping 131 matching lines @@
     reenable_arc_ = true;
     return;
   }
 
   if (support_host_)
     support_host_->SetArcManaged(IsArcManaged());
 
   // For ARC Kiosk we skip ToS because it is very likely that near the device
   // there will be no one who is eligible to accept them.
   // TODO(poromov): Move to more Kiosk dedicated set-up phase.
-  if (IsArcKioskMode())
+  if (util::IsArcKioskMode())
     profile_->GetPrefs()->SetBoolean(prefs::kArcTermsAccepted, true);
 
   // If it is marked that sign in has been successfully done, then directly
   // start ARC.
   // For testing, and for Kisok mode, we also skip ToS negotiation procedure.
   // For backward compatibility, this check needs to be prior to the
   // kArcTermsAccepted check below.
   if (profile_->GetPrefs()->GetBoolean(prefs::kArcSignedIn) ||
-      IsOptInVerificationDisabled() || IsArcKioskMode()) {
+      util::IsOptInVerificationDisabled() || util::IsArcKioskMode()) {
     StartArc();
 
     // Skip Android management check for testing.
     // We also skip if Android management check for Kiosk mode,
     // because there are no managed human users for Kiosk exist.
-    if (IsOptInVerificationDisabled() || IsArcKioskMode() ||
+    if (util::IsOptInVerificationDisabled() || util::IsArcKioskMode() ||
         (g_disable_ui_for_testing &&
          !g_enable_check_android_management_for_testing)) {
       return;
     }
 
     // Check Android management in parallel.
     // Note: Because the callback may be called in synchronous way (i.e. called
     // on the same stack), StartCheck() needs to be called *after* StartArc().
     // Otherwise, DisableArc() which may be called in
     // OnBackgroundAndroidManagementChecked() could be ignored.
@@ skipping 368 matching lines @@
       return os << "ACTIVE";
   }
 
   // Some compiler reports an error even if all values of an enum-class are
   // covered indivisually in a switch statement.
   NOTREACHED();
   return os;
 }
 
 }  // namespace arc