Allow the powerwash shortcut only for devices without FRE

chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/logging.h"
@@ skipping 37 matching lines @@
   }
   if (int_value > policy::AutoEnrollmentClient::kMaximumPower) {
     LOG(ERROR) << "Switch \"" << switch_name << "\" can't be greater than "
                << policy::AutoEnrollmentClient::kMaximumPower << ". Using "
                << policy::AutoEnrollmentClient::kMaximumPower;
     return policy::AutoEnrollmentClient::kMaximumPower;
   }
   return int_value;
 }
 
-// Returns whether the auto-enrollment check is required. When
-// kCheckEnrollmentKey VPD entry is present, it is explicitly stating whether
-// the forced re-enrollment is required or not. Otherwise, for backward
-// compatibility with devices upgrading from an older version of Chrome OS, the
-// kActivateDateKey VPD entry is queried. If it's missing, FRE is not required.
-// This enables factories to start full guest sessions for testing, see
-// http://crbug.com/397354 for more context. The requirement for the machine
-// serial number to be present is a sanity-check to ensure that the VPD has
-// actually been read successfully. If VPD read failed, the FRE check is
-// required.
-AutoEnrollmentController::FRERequirement GetFRERequirement() {
-  std::string check_enrollment_value;
-  system::StatisticsProvider* provider =
-      system::StatisticsProvider::GetInstance();
-  bool fre_flag_found = provider->GetMachineStatistic(
-      system::kCheckEnrollmentKey, &check_enrollment_value);
-
-  if (fre_flag_found) {
-    if (check_enrollment_value == "0")
-      return AutoEnrollmentController::EXPLICITLY_NOT_REQUIRED;
-    if (check_enrollment_value == "1")
-      return AutoEnrollmentController::EXPLICITLY_REQUIRED;
-  }
-  if (!provider->GetMachineStatistic(system::kActivateDateKey, nullptr) &&
-      !provider->GetEnterpriseMachineID().empty()) {
-    return AutoEnrollmentController::NOT_REQUIRED;
-  }
-  return AutoEnrollmentController::REQUIRED;
-}
-
 std::string FRERequirementToString(
     AutoEnrollmentController::FRERequirement requirement) {
   switch (requirement) {
     case AutoEnrollmentController::REQUIRED:
       return "Auto-enrollment required.";
     case AutoEnrollmentController::NOT_REQUIRED:
       return "Auto-enrollment disabled: first setup.";
     case AutoEnrollmentController::EXPLICITLY_REQUIRED:
       return "Auto-enrollment required: flag in VPD.";
     case AutoEnrollmentController::EXPLICITLY_NOT_REQUIRED:
       return "Auto-enrollment disabled: flag in VPD.";
   }
 
   NOTREACHED();
   return std::string();
 }
 
 }  // namespace
 
 const char AutoEnrollmentController::kForcedReEnrollmentAlways[] = "always";
 const char AutoEnrollmentController::kForcedReEnrollmentNever[] = "never";
 const char AutoEnrollmentController::kForcedReEnrollmentOfficialBuild[] =
     "official";
 
+// static
 AutoEnrollmentController::Mode AutoEnrollmentController::GetMode() {
   base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
 
   std::string command_line_mode = command_line->GetSwitchValueASCII(
       switches::kEnterpriseEnableForcedReEnrollment);
   if (command_line_mode == kForcedReEnrollmentAlways) {
     return MODE_FORCED_RE_ENROLLMENT;
   } else if (command_line_mode.empty() ||
              command_line_mode == kForcedReEnrollmentOfficialBuild) {
 #if defined(OFFICIAL_BUILD)
     std::string firmware_type;
     const bool non_chrome_firmware =
         system::StatisticsProvider::GetInstance()->GetMachineStatistic(
             system::kFirmwareTypeKey, &firmware_type) &&
         firmware_type == system::kFirmwareTypeValueNonchrome;
     return non_chrome_firmware ? MODE_NONE : MODE_FORCED_RE_ENROLLMENT;
 #else
     return MODE_NONE;
 #endif
   } else if (command_line_mode == kForcedReEnrollmentNever) {
     return MODE_NONE;
   }
 
   LOG(FATAL) << "Unknown auto-enrollment mode " << command_line_mode;
   return MODE_NONE;
 }
 
+// static
+AutoEnrollmentController::FRERequirement
+AutoEnrollmentController::GetFRERequirement() {
+  std::string check_enrollment_value;
+  system::StatisticsProvider* provider =
+      system::StatisticsProvider::GetInstance();
+  bool fre_flag_found = provider->GetMachineStatistic(
+      system::kCheckEnrollmentKey, &check_enrollment_value);
+
+  if (fre_flag_found) {
+    if (check_enrollment_value == "0")
+      return AutoEnrollmentController::EXPLICITLY_NOT_REQUIRED;
+    if (check_enrollment_value == "1")
+      return AutoEnrollmentController::EXPLICITLY_REQUIRED;
+  }
+  if (!provider->GetMachineStatistic(system::kActivateDateKey, nullptr) &&
+      !provider->GetEnterpriseMachineID().empty()) {
+    return AutoEnrollmentController::NOT_REQUIRED;
+  }
+  return AutoEnrollmentController::REQUIRED;
+}
+
 AutoEnrollmentController::AutoEnrollmentController() {}
 
 AutoEnrollmentController::~AutoEnrollmentController() {}
 
 void AutoEnrollmentController::Start() {
   switch (state_) {
     case policy::AUTO_ENROLLMENT_STATE_PENDING:
       // Abort re-start if the check is still running.
       return;
     case policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT:
@@ skipping 202 matching lines @@
     // Cancelling the |client_| allows it to determine whether
     // its protocol finished before login was complete.
     client_.release()->CancelAndDeleteSoon();
   }
 
   // Make sure to nuke pending |client_| start sequences.
   client_start_weak_factory_.InvalidateWeakPtrs();
 }
 
 }  // namespace chromeos