Index: chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc |
diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc |
index f73ec0ceb7924b4cee34ba619a98db1525294b92..e69e5c151c13ee80aeb3b7a3a4cbf060c9c67cc3 100644 |
--- a/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc |
+++ b/chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc |
@@ -19,9 +19,9 @@ |
#include "base/stl_util.h" |
#include "base/strings/stringprintf.h" |
#include "chrome/browser/chromeos/policy/user_policy_token_loader.h" |
+#include "chrome/browser/lifetime/application_lifetime.h" |
#include "chromeos/cryptohome/cryptohome_parameters.h" |
#include "chromeos/dbus/cryptohome_client.h" |
-#include "chromeos/dbus/session_manager_client.h" |
#include "components/policy/core/common/cloud/cloud_policy_constants.h" |
#include "components/policy/proto/cloud_policy.pb.h" |
#include "components/policy/proto/device_management_local.pb.h" |
@@ -214,7 +214,19 @@ void UserCloudPolicyStoreChromeOS::OnPolicyStored(bool success) { |
} |
void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( |
- const std::string& policy_blob) { |
+ const std::string& policy_blob, |
+ const chromeos::SessionManagerClient::RetrievePolicyResponseType& |
+ response_type) { |
+ // Disallow the sign in when the error is dbus_error::kSessionDoesNotExist |
emaxx
2017/04/18 15:03:17
nit: Please rephrase the comment to be explanatory
igorcov
2017/04/20 14:52:29
Done.
|
+ // from session manager. |
+ // TODO(igorcov): crbug/689206. Find the root cause for the behavior that |
emaxx
2017/04/18 15:03:17
nit: Is this TODO really needed here? I thought th
igorcov
2017/04/20 14:52:29
Done.
|
+ // makes Chrome request the user policy before the session is started. |
+ if (response_type == chromeos::SessionManagerClient:: |
+ RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { |
+ chrome::AttemptUserExit(); |
+ return; |
+ } |
+ |
if (policy_blob.empty()) { |
// session_manager doesn't have policy. Adjust internal state and notify |
// the world about the policy update. |