Chromium Code Reviews Chromium Code Reviews
Issue 2828713002:
Enable client certificate patterns in device ONC policy (Closed)
| Index: chrome/browser/chromeos/enrollment_dialog_view.cc |
| diff --git a/chrome/browser/chromeos/enrollment_dialog_view.cc b/chrome/browser/chromeos/enrollment_dialog_view.cc |
| index 33f3af5a4bfdb2e073d95eb3517c9a7d5c812f09..cbd9cc184285798511e46b419671ca18e2f18240 100644 |
| --- a/chrome/browser/chromeos/enrollment_dialog_view.cc |
| +++ b/chrome/browser/chromeos/enrollment_dialog_view.cc |
| @@ -270,6 +270,8 @@ bool CreateEnrollmentDialog(const std::string& network_id, |
| Browser* browser = chrome::FindBrowserWithWindow(owning_window); |
| Profile* profile = |
| browser ? browser->profile() : ProfileManager::GetPrimaryUserProfile(); |
| + if (chromeos::ProfileHelper::IsSigninProfile(profile)) |
|
emaxx
2017/04/24 21:23:13
So what about other types of sessions - aren't we
pmarko
2017/04/25 12:10:02
Oh yes, good point.
I've thought about getting the
|
| + return false; |
|
stevenjb
2017/04/24 15:53:59
Could you add a comment for this exit?
pmarko
2017/04/25 12:10:02
Done. (on the new method - if you'd like an explic
|
| std::string username_hash = ProfileHelper::GetUserIdHashFromProfile(profile); |
| onc::ONCSource onc_source = onc::ONC_SOURCE_NONE; |
| @@ -278,14 +280,11 @@ bool CreateEnrollmentDialog(const std::string& network_id, |
| ->managed_network_configuration_handler() |
| ->FindPolicyByGUID(username_hash, network_id, &onc_source); |
| - // We skip certificate patterns for device policy ONC so that an unmanaged |
| - // user can't get to the place where a cert is presented for them |
| - // involuntarily. |
| - if (!policy || onc_source == onc::ONC_SOURCE_DEVICE_POLICY) |
| + if (!policy) |
| return false; |
| client_cert::ClientCertConfig cert_config; |
| - OncToClientCertConfig(*policy, &cert_config); |
| + OncToClientCertConfig(onc_source, *policy, &cert_config); |
| if (cert_config.client_cert_type != onc::client_cert::kPattern) |
| return false; |
