Add permission request creator class.

chrome/browser/managed_mode/managed_user_service.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/managed_mode/managed_user_service.h"
 
 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/prefs/pref_service.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/managed_mode/custodian_profile_downloader_service.h"
 #include "chrome/browser/managed_mode/custodian_profile_downloader_service_factory.h"
 #include "chrome/browser/managed_mode/managed_mode_site_list.h"
 #include "chrome/browser/managed_mode/managed_user_constants.h"
 #include "chrome/browser/managed_mode/managed_user_registration_utility.h"
 #include "chrome/browser/managed_mode/managed_user_settings_service.h"
 #include "chrome/browser/managed_mode/managed_user_settings_service_factory.h"
-#include "chrome/browser/managed_mode/managed_user_shared_settings_service.h"
 #include "chrome/browser/managed_mode/managed_user_shared_settings_service_factory.h"
 #include "chrome/browser/managed_mode/managed_user_sync_service.h"
 #include "chrome/browser/managed_mode/managed_user_sync_service_factory.h"
+#include "chrome/browser/managed_mode/permission_request_creator_apiary.h"
+#include "chrome/browser/managed_mode/permission_request_creator_sync.h"
 #include "chrome/browser/managed_mode/supervised_user_pref_mapping_service.h"
 #include "chrome/browser/managed_mode/supervised_user_pref_mapping_service_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_info_cache.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h"
 #include "chrome/browser/signin/signin_manager_factory.h"
 #include "chrome/browser/sync/profile_sync_service.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/browser/ui/browser.h"
@@ skipping 18 matching lines @@
 
 #if defined(OS_CHROMEOS)
 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h"
 #include "chrome/browser/chromeos/login/users/user_manager.h"
 #endif
 
 using base::DictionaryValue;
 using base::UserMetricsAction;
 using content::BrowserThread;
 
-const char kManagedUserAccessRequestKeyPrefix[] =
-    "X-ManagedUser-AccessRequests";
-const char kManagedUserAccessRequestTime[] = "timestamp";
-const char kManagedUserName[] = "name";
-
-// Key for the notification setting of the custodian. This is a shared setting
-// so we can include the setting in the access request data that is used to
-// trigger notifications.
-const char kNotificationSetting[] = "custodian-notification-setting";
-
 ManagedUserService::URLFilterContext::URLFilterContext()
     : ui_url_filter_(new ManagedModeURLFilter),
       io_url_filter_(new ManagedModeURLFilter) {}
 ManagedUserService::URLFilterContext::~URLFilterContext() {}
 
 ManagedModeURLFilter*
 ManagedUserService::URLFilterContext::ui_url_filter() const {
   return ui_url_filter_.get();
 }
 
@@ skipping 49 matching lines @@
       base::Bind(&ManagedModeURLFilter::SetManualURLs,
                  io_url_filter_, base::Owned(url_map.release())));
 }
 
 ManagedUserService::ManagedUserService(Profile* profile)
     : profile_(profile),
       waiting_for_sync_initialization_(false),
       is_profile_active_(false),
       elevated_for_testing_(false),
       did_shutdown_(false),
+      waiting_for_permissions_(false),
       weak_ptr_factory_(this) {
 }
 
 ManagedUserService::~ManagedUserService() {
   DCHECK(did_shutdown_);
 }
 
 void ManagedUserService::Shutdown() {
   did_shutdown_ = true;
   if (ProfileIsManaged()) {
@@ skipping 284 matching lines @@
   ManagedModeURLFilter::FilteringBehavior behavior =
       ManagedModeURLFilter::BehaviorFromInt(behavior_value);
   url_filter_context_.SetDefaultFilteringBehavior(behavior);
 }
 
 void ManagedUserService::UpdateSiteLists() {
   url_filter_context_.LoadWhitelists(GetActiveSiteLists());
 }
 
 bool ManagedUserService::AccessRequestsEnabled() {
+  if (waiting_for_permissions_)
+    return false;
+
   ProfileSyncService* service =
       ProfileSyncServiceFactory::GetForProfile(profile_);
   GoogleServiceAuthError::State state = service->GetAuthError().state();
   // We allow requesting access if Sync is working or has a transient error.
   return (state == GoogleServiceAuthError::NONE ||
           state == GoogleServiceAuthError::CONNECTION_FAILED ||
           state == GoogleServiceAuthError::SERVICE_UNAVAILABLE);
 }
 
+void ManagedUserService::OnPermissionRequestIssued(
+    const GoogleServiceAuthError& error) {

[Bernhard Bauer, 2014/05/19 17:11:26]

Given that GoogleServiceAuthError leaks the (Apiary) implementation and we don't
really know how to surface the error anyway, I'm wondering whether it would make
more sense to change the callback to a base::Closure for now? We can still
return more information when we have a use for it.

[Adrian Kuegel, 2014/05/20 08:38:06]

Done.

Should I keep the basic structure to support returning the proper error in
PermissionRequestApiary, or simplify that also?

[Bernhard Bauer, 2014/05/20 09:04:04]

I think keeping the structure in PermissionRequestCreatorApiary around is okay,
as that is a legitimate thing for an Apiary client to return, we just don't have
a place for it in the PermissionRequestCreator interface right now.

+  waiting_for_permissions_ = false;
+  // TODO(akuegel): Figure out how to show the result of issuing the permission
+  // request in the UI. Currently, we assume the permission request was created
+  // successfully.
+}
+
 void ManagedUserService::AddAccessRequest(const GURL& url) {
   // Normalize the URL.
   GURL normalized_url = ManagedModeURLFilter::Normalize(url);
 
   // Escape the URL.
   std::string output(net::EscapeQueryParamValue(normalized_url.spec(), true));
 
-  // Add the prefix.
-  std::string key = ManagedUserSettingsService::MakeSplitSettingKey(
-      kManagedUserAccessRequestKeyPrefix, output);
-
-  scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue);
-
-  // TODO(sergiu): Use sane time here when it's ready.
-  dict->SetDouble(kManagedUserAccessRequestTime, base::Time::Now().ToJsTime());
-
-  dict->SetString(kManagedUserName,
-                  profile_->GetPrefs()->GetString(prefs::kProfileName));
-
-  // Copy the notification setting of the custodian.
-  std::string managed_user_id =
-      profile_->GetPrefs()->GetString(prefs::kManagedUserId);
-  const base::Value* value =
-      ManagedUserSharedSettingsServiceFactory::GetForBrowserContext(profile_)
-          ->GetValue(managed_user_id, kNotificationSetting);
-  bool notifications_enabled = false;
-  if (CommandLine::ForCurrentProcess()->HasSwitch(
-          switches::kEnableAccessRequestNotifications)) {
-    notifications_enabled = true;
-  } else if (value) {
-    bool success = value->GetAsBoolean(&notifications_enabled);
-    DCHECK(success);
-  }
-  dict->SetBoolean(kNotificationSetting, notifications_enabled);
-
-  GetSettingsService()->UploadItem(key, dict.PassAs<base::Value>());
+  waiting_for_permissions_ = true;
+  permissions_creator_->CreatePermissionRequest(
+      output,
+      base::Bind(&ManagedUserService::OnPermissionRequestIssued,
+                 weak_ptr_factory_.GetWeakPtr()));
 }
 
 ManagedUserService::ManualBehavior ManagedUserService::GetManualBehaviorForHost(
     const std::string& hostname) {
   const base::DictionaryValue* dict =
       profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualHosts);
   bool allow = false;
   if (!dict->GetBooleanWithoutPathExpansion(hostname, &allow))
     return MANUAL_NONE;
 
@@ skipping 59 matching lines @@
 
   CommandLine* command_line = CommandLine::ForCurrentProcess();
   if (command_line->HasSwitch(switches::kManagedUserSyncToken)) {
     InitSync(
         command_line->GetSwitchValueASCII(switches::kManagedUserSyncToken));
   }
 
   ProfileOAuth2TokenService* token_service =
       ProfileOAuth2TokenServiceFactory::GetForProfile(profile_);
   token_service->LoadCredentials(managed_users::kManagedUserPseudoEmail);
+  if (CommandLine::ForCurrentProcess()->HasSwitch(
+          switches::kPermissionRequestApiUrl)) {
+    permissions_creator_ =
+        PermissionRequestCreatorApiary::CreateWithProfile(profile_);
+  } else {
+    PrefService* pref_service = profile_->GetPrefs();
+    permissions_creator_ = PermissionRequestCreatorSync::Create(
+        settings_service,
+        ManagedUserSharedSettingsServiceFactory::GetForBrowserContext(profile_),
+        pref_service->GetString(prefs::kProfileName),
+        pref_service->GetString(prefs::kManagedUserId));
+  }
 
   extensions::ExtensionSystem* extension_system =
       extensions::ExtensionSystem::Get(profile_);
   extensions::ManagementPolicy* management_policy =
       extension_system->management_policy();
   if (management_policy)
     extension_system->management_policy()->RegisterProvider(this);
 
   registrar_.Add(this,
                  chrome::NOTIFICATION_EXTENSION_LOADED_DEPRECATED,
@@ skipping 115 matching lines @@
 
 void ManagedUserService::OnBrowserSetLastActive(Browser* browser) {
   bool profile_became_active = profile_->IsSameProfile(browser->profile());
   if (!is_profile_active_ && profile_became_active)
     content::RecordAction(UserMetricsAction("ManagedUsers_OpenProfile"));
   else if (is_profile_active_ && !profile_became_active)
     content::RecordAction(UserMetricsAction("ManagedUsers_SwitchProfile"));
 
   is_profile_active_ = profile_became_active;
 }