Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(840)

Side by Side Diff: chrome/browser/chromeos/login/existing_user_controller.cc

Issue 2798023005: Force encryption migration if the device supports ARC. (Closed)
Patch Set: Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/login/existing_user_controller.h" 5 #include "chrome/browser/chromeos/login/existing_user_controller.h"
6 6
7 #include <memory> 7 #include <memory>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
51 #include "chrome/browser/ui/webui/chromeos/login/l10n_util.h" 51 #include "chrome/browser/ui/webui/chromeos/login/l10n_util.h"
52 #include "chrome/common/channel_info.h" 52 #include "chrome/common/channel_info.h"
53 #include "chrome/common/chrome_switches.h" 53 #include "chrome/common/chrome_switches.h"
54 #include "chrome/common/url_constants.h" 54 #include "chrome/common/url_constants.h"
55 #include "chrome/grit/generated_resources.h" 55 #include "chrome/grit/generated_resources.h"
56 #include "chromeos/chromeos_switches.h" 56 #include "chromeos/chromeos_switches.h"
57 #include "chromeos/dbus/dbus_thread_manager.h" 57 #include "chromeos/dbus/dbus_thread_manager.h"
58 #include "chromeos/dbus/power_manager_client.h" 58 #include "chromeos/dbus/power_manager_client.h"
59 #include "chromeos/dbus/session_manager_client.h" 59 #include "chromeos/dbus/session_manager_client.h"
60 #include "chromeos/settings/cros_settings_names.h" 60 #include "chromeos/settings/cros_settings_names.h"
61 #include "components/arc/arc_util.h"
61 #include "components/google/core/browser/google_util.h" 62 #include "components/google/core/browser/google_util.h"
62 #include "components/policy/core/common/cloud/cloud_policy_core.h" 63 #include "components/policy/core/common/cloud/cloud_policy_core.h"
63 #include "components/policy/core/common/cloud/cloud_policy_store.h" 64 #include "components/policy/core/common/cloud/cloud_policy_store.h"
64 #include "components/policy/core/common/policy_map.h" 65 #include "components/policy/core/common/policy_map.h"
65 #include "components/policy/core/common/policy_service.h" 66 #include "components/policy/core/common/policy_service.h"
66 #include "components/policy/core/common/policy_types.h" 67 #include "components/policy/core/common/policy_types.h"
67 #include "components/policy/policy_constants.h" 68 #include "components/policy/policy_constants.h"
68 #include "components/prefs/pref_service.h" 69 #include "components/prefs/pref_service.h"
69 #include "components/session_manager/core/session_manager.h" 70 #include "components/session_manager/core/session_manager.h"
70 #include "components/signin/core/account_id/account_id.h" 71 #include "components/signin/core/account_id/account_id.h"
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
170 base::CommandLine::ForCurrentProcess()->HasSwitch( 171 base::CommandLine::ForCurrentProcess()->HasSwitch(
171 chromeos::switches::kLoginManager) && 172 chromeos::switches::kLoginManager) &&
172 !session_manager::SessionManager::Get()->IsSessionStarted(); 173 !session_manager::SessionManager::Get()->IsSessionStarted();
173 } 174 }
174 175
175 void RecordPasswordChangeFlow(LoginPasswordChangeFlow flow) { 176 void RecordPasswordChangeFlow(LoginPasswordChangeFlow flow) {
176 UMA_HISTOGRAM_ENUMERATION("Login.PasswordChangeFlow", flow, 177 UMA_HISTOGRAM_ENUMERATION("Login.PasswordChangeFlow", flow,
177 LOGIN_PASSWORD_CHANGE_FLOW_COUNT); 178 LOGIN_PASSWORD_CHANGE_FLOW_COUNT);
178 } 179 }
179 180
181 bool ShouldForceDircrypto() {
182 return base::CommandLine::ForCurrentProcess()->HasSwitch(
183 chromeos::switches::kEnableEncryptionMigration) &&
184 arc::IsArcAvailable();
185 }
186
180 } // namespace 187 } // namespace
181 188
182 // static 189 // static
183 ExistingUserController* ExistingUserController::current_controller_ = nullptr; 190 ExistingUserController* ExistingUserController::current_controller_ = nullptr;
184 191
185 //////////////////////////////////////////////////////////////////////////////// 192 ////////////////////////////////////////////////////////////////////////////////
186 // ExistingUserController, public: 193 // ExistingUserController, public:
187 194
188 ExistingUserController::ExistingUserController(LoginDisplayHost* host) 195 ExistingUserController::ExistingUserController(LoginDisplayHost* host)
189 : host_(host), 196 : host_(host),
(...skipping 264 matching lines...) Expand 10 before | Expand all | Expand 10 after
454 PerformLoginFinishedActions(false /* don't start auto login timer */); 461 PerformLoginFinishedActions(false /* don't start auto login timer */);
455 ShowError(IDS_LOGIN_ERROR_GOOGLE_ACCOUNT_NOT_ALLOWED, 462 ShowError(IDS_LOGIN_ERROR_GOOGLE_ACCOUNT_NOT_ALLOWED,
456 "Google accounts are not allowed on this device"); 463 "Google accounts are not allowed on this device");
457 return; 464 return;
458 } 465 }
459 466
460 if (gaia::ExtractDomainName(user_context.GetAccountId().GetUserEmail()) == 467 if (gaia::ExtractDomainName(user_context.GetAccountId().GetUserEmail()) ==
461 user_manager::kSupervisedUserDomain) { 468 user_manager::kSupervisedUserDomain) {
462 login_performer_->LoginAsSupervisedUser(user_context); 469 login_performer_->LoginAsSupervisedUser(user_context);
463 } else { 470 } else {
464 login_performer_->PerformLogin(user_context, auth_mode); 471 // If a regular user log in to a device which supports ARC, we should make
465 RecordPasswordLoginEvent(user_context); 472 // sure that the user's cryptohome is encrypted in ext4 dircrypto to run the
473 // latest Android runtime.
474 UserContext new_user_context = user_context;
475 new_user_context.SetIsForcingDircrypto(ShouldForceDircrypto());
476 login_performer_->PerformLogin(new_user_context, auth_mode);
477 RecordPasswordLoginEvent(new_user_context);
466 } 478 }
467 SendAccessibilityAlert( 479 SendAccessibilityAlert(
468 l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN)); 480 l10n_util::GetStringUTF8(IDS_CHROMEOS_ACC_LOGIN_SIGNING_IN));
469 } 481 }
470 482
471 void ExistingUserController::MigrateUserData(const std::string& old_password) { 483 void ExistingUserController::MigrateUserData(const std::string& old_password) {
472 // LoginPerformer instance has state of the user so it should exist. 484 // LoginPerformer instance has state of the user so it should exist.
473 if (login_performer_.get()) { 485 if (login_performer_.get()) {
474 VLOG(1) << "Migrate the existing cryptohome to new password."; 486 VLOG(1) << "Migrate the existing cryptohome to new password.";
475 login_performer_->RecoverEncryptedData(old_password); 487 login_performer_->RecoverEncryptedData(old_password);
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after
600 612
601 void ExistingUserController::ShowEncryptionMigrationScreen( 613 void ExistingUserController::ShowEncryptionMigrationScreen(
602 const UserContext& user_context) { 614 const UserContext& user_context) {
603 host_->StartWizard(OobeScreen::SCREEN_ENCRYPTION_MIGRATION); 615 host_->StartWizard(OobeScreen::SCREEN_ENCRYPTION_MIGRATION);
604 616
605 EncryptionMigrationScreen* migration_screen = 617 EncryptionMigrationScreen* migration_screen =
606 static_cast<EncryptionMigrationScreen*>( 618 static_cast<EncryptionMigrationScreen*>(
607 host_->GetWizardController()->current_screen()); 619 host_->GetWizardController()->current_screen());
608 DCHECK(migration_screen); 620 DCHECK(migration_screen);
609 migration_screen->SetUserContext(user_context); 621 migration_screen->SetUserContext(user_context);
622 migration_screen->SetLoginPerformer(login_performer_.get());
fukino 2017/04/05 15:59:56 I'm not sure if we can keep adding state to the mi
xiyuan 2017/04/05 21:15:11 I am fine with adding new state. But let's not pas
fukino 2017/04/06 14:22:16 Done. I updated it to pass the callback to screen
610 } 623 }
611 624
612 void ExistingUserController::ShowTPMError() { 625 void ExistingUserController::ShowTPMError() {
613 login_display_->SetUIEnabled(false); 626 login_display_->SetUIEnabled(false);
614 login_display_->ShowErrorScreen(LoginDisplay::TPM_ERROR); 627 login_display_->ShowErrorScreen(LoginDisplay::TPM_ERROR);
615 } 628 }
616 629
617 void ExistingUserController::ShowPasswordChangedDialog() { 630 void ExistingUserController::ShowPasswordChangedDialog() {
618 RecordPasswordChangeFlow(LOGIN_PASSWORD_CHANGE_FLOW_PASSWORD_CHANGED); 631 RecordPasswordChangeFlow(LOGIN_PASSWORD_CHANGE_FLOW_PASSWORD_CHANGED);
619 632
(...skipping 790 matching lines...) Expand 10 before | Expand all | Expand 10 after
1410 login_display_->ShowUnrecoverableCrypthomeErrorDialog(); 1423 login_display_->ShowUnrecoverableCrypthomeErrorDialog();
1411 } 1424 }
1412 1425
1413 void ExistingUserController::ClearRecordedNames() { 1426 void ExistingUserController::ClearRecordedNames() {
1414 display_email_.clear(); 1427 display_email_.clear();
1415 display_name_.clear(); 1428 display_name_.clear();
1416 given_name_.clear(); 1429 given_name_.clear();
1417 } 1430 }
1418 1431
1419 } // namespace chromeos 1432 } // namespace chromeos
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698