Abandon user sign in when policy is retrieved before session started

chrome/browser/chromeos/policy/device_local_account_policy_store.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h"
 
 #include <utility>
 
 #include "base/bind.h"
 #include "base/callback.h"
@@ skipping 41 matching lines @@
   // However, on those paths we must load policy synchronously so that the
   // Profile initialization never sees unmanaged prefs, which would lead to
   // data loss. http://crbug.com/263061
 
   // Cancel all running async loads.
   weak_factory_.InvalidateWeakPtrs();
 
   const std::string policy_blob =
       session_manager_client_->BlockingRetrieveDeviceLocalAccountPolicy(
           account_id_);
-  ValidateLoadedPolicyBlob(false /*validate_in_background*/, policy_blob);
+  ValidateLoadedPolicyBlob(false /*validate_in_background*/, policy_blob,
+                           chromeos::SessionManagerClient::SUCCESS);

[emaxx, 2017/04/18 15:03:16]

It's a bit weird that the asynchronous method
(RetrieveDeviceLocalAccountPolicy()) was changed to support passing the error,
while the synchronous method (BlockingRetrieveDeviceLocalAccountPolicy())
wasn't.
They should really behave in the same way. And also we shouldn't pass SUCCESS
here without actually knowing whether the operation was successful.

So I guess when choosing a solution (either pass the error in both cases or
don't pass it at all), the right question is: should we protect the device-local
accounts from reading policy before session start? If yes (which I guess is the
case), then the error should be passed and actually handled in
ValidateLoadedPolicyBlob() below.

[igorcov, 2017/04/20 14:52:29]

Changed to have the same pattern for all.

 }
 
 void DeviceLocalAccountPolicyStore::Store(
     const em::PolicyFetchResponse& policy) {
   weak_factory_.InvalidateWeakPtrs();
   CheckKeyAndValidate(
       true, base::MakeUnique<em::PolicyFetchResponse>(policy),
       true /*validate_in_background*/,
       base::Bind(&DeviceLocalAccountPolicyStore::StoreValidatedPolicy,
                  weak_factory_.GetWeakPtr()));
 }
 
 void DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob(
     bool validate_in_background,
-    const std::string& policy_blob) {
+    const std::string& policy_blob,
+    const chromeos::SessionManagerClient::RetrievePolicyResponseType&
+        response_type) {
   if (policy_blob.empty()) {
     status_ = CloudPolicyStore::STATUS_LOAD_ERROR;
     NotifyStoreError();
   } else {
     std::unique_ptr<em::PolicyFetchResponse> policy(
         new em::PolicyFetchResponse());
     if (policy->ParseFromString(policy_blob)) {
       CheckKeyAndValidate(
           false, std::move(policy), validate_in_background,
           base::Bind(&DeviceLocalAccountPolicyStore::UpdatePolicy,
@@ skipping 129 matching lines @@
     validator.release()->StartValidation(
         base::Bind(callback, key->as_string()));
   } else {
     validator->RunValidation();
 
     UpdatePolicy(key->as_string(), validator.get());
   }
 }
 
 }  // namespace policy