OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/arc/arc_session_manager.h" | 5 #include "chrome/browser/chromeos/arc/arc_session_manager.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
(...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
268 // no double message can happen in production. | 268 // no double message can happen in production. |
269 LOG(WARNING) << "Provisioning result was already reported. Ignoring " | 269 LOG(WARNING) << "Provisioning result was already reported. Ignoring " |
270 << "additional result " << static_cast<int>(result) << "."; | 270 << "additional result " << static_cast<int>(result) << "."; |
271 return; | 271 return; |
272 } | 272 } |
273 provisioning_reported_ = true; | 273 provisioning_reported_ = true; |
274 if (scoped_opt_in_tracker_ && result != ProvisioningResult::SUCCESS) | 274 if (scoped_opt_in_tracker_ && result != ProvisioningResult::SUCCESS) |
275 scoped_opt_in_tracker_->TrackError(); | 275 scoped_opt_in_tracker_->TrackError(); |
276 | 276 |
277 if (result == ProvisioningResult::CHROME_SERVER_COMMUNICATION_ERROR) { | 277 if (result == ProvisioningResult::CHROME_SERVER_COMMUNICATION_ERROR) { |
278 if (IsArcKioskMode()) { | 278 // TODO(poromov): Consider PublicSession offline mode. |
279 if (IsArcKioskMode() || IsPublicSessionMode()) { | |
279 VLOG(1) << "Robot account auth code fetching error"; | 280 VLOG(1) << "Robot account auth code fetching error"; |
280 // Log out the user. All the cleanup will be done in Shutdown() method. | 281 // Log out the user. All the cleanup will be done in Shutdown() method. |
281 // The callback is not called because auth code is empty. | 282 // The callback is not called because auth code is empty. |
282 attempt_user_exit_callback_.Run(); | 283 attempt_user_exit_callback_.Run(); |
283 return; | 284 return; |
284 } | 285 } |
285 | 286 |
286 // For backwards compatibility, use NETWORK_ERROR for | 287 // For backwards compatibility, use NETWORK_ERROR for |
287 // CHROME_SERVER_COMMUNICATION_ERROR case. | 288 // CHROME_SERVER_COMMUNICATION_ERROR case. |
288 UpdateOptInCancelUMA(OptInCancelReason::NETWORK_ERROR); | 289 UpdateOptInCancelUMA(OptInCancelReason::NETWORK_ERROR); |
(...skipping 21 matching lines...) Expand all Loading... | |
310 if (profile_->GetPrefs()->GetBoolean(prefs::kArcSignedIn)) | 311 if (profile_->GetPrefs()->GetBoolean(prefs::kArcSignedIn)) |
311 return; | 312 return; |
312 | 313 |
313 profile_->GetPrefs()->SetBoolean(prefs::kArcSignedIn, true); | 314 profile_->GetPrefs()->SetBoolean(prefs::kArcSignedIn, true); |
314 | 315 |
315 // Launch Play Store app, except for the following cases: | 316 // Launch Play Store app, except for the following cases: |
316 // * When Opt-in verification is disabled (for tests); | 317 // * When Opt-in verification is disabled (for tests); |
317 // * In case ARC is enabled from OOBE. | 318 // * In case ARC is enabled from OOBE. |
318 // * In ARC Kiosk mode, because the only one UI in kiosk mode must be the | 319 // * In ARC Kiosk mode, because the only one UI in kiosk mode must be the |
319 // kiosk app and device is not needed for opt-in; | 320 // kiosk app and device is not needed for opt-in; |
321 // * In Public Session mode, because Play Store will be hidden from users | |
322 // and only apps configured by policy should be installed. | |
320 // * When ARC is managed and all OptIn preferences are managed/unused, too, | 323 // * When ARC is managed and all OptIn preferences are managed/unused, too, |
321 // because the whole OptIn flow should happen as seamless as possible for | 324 // because the whole OptIn flow should happen as seamless as possible for |
322 // the user. | 325 // the user. |
326 // For Active Directory users we always show a page notifying them that they | |
327 // have to authenticate with their identity provider (through SAML) to make | |
328 // it less weird that a browser window pops up. | |
323 const bool suppress_play_store_app = | 329 const bool suppress_play_store_app = |
324 !IsPlayStoreAvailable() || IsArcOptInVerificationDisabled() || | 330 !IsPlayStoreAvailable() || IsArcOptInVerificationDisabled() || |
325 IsArcKioskMode() || oobe_start_ || | 331 IsArcKioskMode() || IsPublicSessionMode() || oobe_start_ || |
326 (IsArcPlayStoreEnabledPreferenceManagedForProfile(profile_) && | 332 (IsArcPlayStoreEnabledPreferenceManagedForProfile(profile_) && |
327 AreArcAllOptInPreferencesIgnorableForProfile(profile_)); | 333 AreArcAllOptInPreferencesIgnorableForProfile(profile_)); |
328 if (!suppress_play_store_app) { | 334 if (!suppress_play_store_app) { |
329 playstore_launcher_ = base::MakeUnique<ArcAppLauncher>( | 335 playstore_launcher_ = base::MakeUnique<ArcAppLauncher>( |
330 profile_, kPlayStoreAppId, | 336 profile_, kPlayStoreAppId, |
331 GetLaunchIntent(kPlayStorePackage, kPlayStoreActivity, | 337 GetLaunchIntent(kPlayStorePackage, kPlayStoreActivity, |
332 {kInitialStartParam}), | 338 {kInitialStartParam}), |
333 true, false); | 339 true, false); |
334 } | 340 } |
335 | 341 |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
425 // Create the support host at initialization. Note that, practically, | 431 // Create the support host at initialization. Note that, practically, |
426 // ARC support Chrome app is rarely used (only opt-in and re-auth flow). | 432 // ARC support Chrome app is rarely used (only opt-in and re-auth flow). |
427 // So, it may be better to initialize it lazily. | 433 // So, it may be better to initialize it lazily. |
428 // TODO(hidehiko): Revisit to think about lazy initialization. | 434 // TODO(hidehiko): Revisit to think about lazy initialization. |
429 // | 435 // |
430 // Don't show UI for ARC Kiosk because the only one UI in kiosk mode must | 436 // Don't show UI for ARC Kiosk because the only one UI in kiosk mode must |
431 // be the kiosk app. In case of error the UI will be useless as well, because | 437 // be the kiosk app. In case of error the UI will be useless as well, because |
432 // in typical use case there will be no one nearby the kiosk device, who can | 438 // in typical use case there will be no one nearby the kiosk device, who can |
433 // do some action to solve the problem be means of UI. | 439 // do some action to solve the problem be means of UI. |
434 if (!g_disable_ui_for_testing && !IsArcOptInVerificationDisabled() && | 440 if (!g_disable_ui_for_testing && !IsArcOptInVerificationDisabled() && |
435 !IsArcKioskMode()) { | 441 !IsArcKioskMode() && !IsPublicSessionMode()) { |
436 DCHECK(!support_host_); | 442 DCHECK(!support_host_); |
437 support_host_ = base::MakeUnique<ArcSupportHost>(profile_); | 443 support_host_ = base::MakeUnique<ArcSupportHost>(profile_); |
438 support_host_->SetErrorDelegate(this); | 444 support_host_->SetErrorDelegate(this); |
439 } | 445 } |
440 | 446 |
441 context_ = base::MakeUnique<ArcAuthContext>(profile_); | 447 context_ = base::MakeUnique<ArcAuthContext>(profile_); |
442 | 448 |
443 if (!g_disable_ui_for_testing || | 449 if (!g_disable_ui_for_testing || |
444 g_enable_check_android_management_for_testing) { | 450 g_enable_check_android_management_for_testing) { |
445 ArcAndroidManagementChecker::StartClient(); | 451 ArcAndroidManagementChecker::StartClient(); |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
620 } | 626 } |
621 | 627 |
622 oobe_start_ = IsOobeOptInActive(); | 628 oobe_start_ = IsOobeOptInActive(); |
623 | 629 |
624 PrefService* const prefs = profile_->GetPrefs(); | 630 PrefService* const prefs = profile_->GetPrefs(); |
625 | 631 |
626 // If it is marked that sign in has been successfully done, if ARC has been | 632 // If it is marked that sign in has been successfully done, if ARC has been |
627 // set up to always start, then directly start ARC. | 633 // set up to always start, then directly start ARC. |
628 // For Kiosk mode, skip ToS because it is very likely that near the device | 634 // For Kiosk mode, skip ToS because it is very likely that near the device |
629 // there will be no one who is eligible to accept them. | 635 // there will be no one who is eligible to accept them. |
630 // If opt-in verification is disabled, skip negotiation, too. This is for | 636 // In Public Session mode ARC should be started silently without user |
631 // testing purpose. | 637 // interaction. If opt-in verification is disabled, skip negotiation, too. |
638 // This is for testing purpose. | |
632 const bool start_arc_directly = prefs->GetBoolean(prefs::kArcSignedIn) || | 639 const bool start_arc_directly = prefs->GetBoolean(prefs::kArcSignedIn) || |
633 ShouldArcAlwaysStart() || IsArcKioskMode() || | 640 ShouldArcAlwaysStart() || IsArcKioskMode() || |
641 IsPublicSessionMode() || | |
634 IsArcOptInVerificationDisabled(); | 642 IsArcOptInVerificationDisabled(); |
635 | 643 |
636 // When ARC is blocked because of filesystem compatibility, do not proceed | 644 // When ARC is blocked because of filesystem compatibility, do not proceed |
637 // to starting ARC nor follow further state transitions. | 645 // to starting ARC nor follow further state transitions. |
638 if (IsArcBlockedDueToIncompatibleFileSystem(profile_)) { | 646 if (IsArcBlockedDueToIncompatibleFileSystem(profile_)) { |
639 // If the next step was the ToS negotiation, show a notification instead. | 647 // If the next step was the ToS negotiation, show a notification instead. |
640 // Otherwise, be silent now. Users are notified when clicking ARC app icons. | 648 // Otherwise, be silent now. Users are notified when clicking ARC app icons. |
641 if (!start_arc_directly && !g_disable_ui_for_testing) | 649 if (!start_arc_directly && !g_disable_ui_for_testing) |
642 arc::ShowArcMigrationGuideNotification(profile_); | 650 arc::ShowArcMigrationGuideNotification(profile_); |
643 return false; | 651 return false; |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
728 DCHECK(arc_session_runner_->IsStopped()); | 736 DCHECK(arc_session_runner_->IsStopped()); |
729 MaybeStartArcDataRemoval(); | 737 MaybeStartArcDataRemoval(); |
730 } | 738 } |
731 } | 739 } |
732 | 740 |
733 void ArcSessionManager::MaybeStartTermsOfServiceNegotiation() { | 741 void ArcSessionManager::MaybeStartTermsOfServiceNegotiation() { |
734 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 742 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
735 DCHECK(profile_); | 743 DCHECK(profile_); |
736 DCHECK(arc_session_runner_->IsStopped()); | 744 DCHECK(arc_session_runner_->IsStopped()); |
737 DCHECK(!terms_of_service_negotiator_); | 745 DCHECK(!terms_of_service_negotiator_); |
738 // In Kiosk-mode, Terms of Service negotiation should be skipped. | 746 // In Kiosk and PublicSession-mode, Terms of Service negotiation should be |
Luis Héctor Chávez
2017/08/28 18:33:28
nit: Public Session (for consistency)
Sergey Poromov
2017/08/28 18:47:24
Done.
| |
739 // See also RequestEnableImpl(). | 747 // skipped. See also RequestEnableImpl(). |
740 DCHECK(!IsArcKioskMode()); | 748 DCHECK(!IsArcKioskMode()); |
749 DCHECK(!IsPublicSessionMode()); | |
741 // If opt-in verification is disabled, Terms of Service negotiation should | 750 // If opt-in verification is disabled, Terms of Service negotiation should |
742 // be skipped, too. See also RequestEnableImpl(). | 751 // be skipped, too. See also RequestEnableImpl(). |
743 DCHECK(!IsArcOptInVerificationDisabled()); | 752 DCHECK(!IsArcOptInVerificationDisabled()); |
744 | 753 |
745 DCHECK_EQ(state_, State::STOPPED); | 754 DCHECK_EQ(state_, State::STOPPED); |
746 state_ = State::NEGOTIATING_TERMS_OF_SERVICE; | 755 state_ = State::NEGOTIATING_TERMS_OF_SERVICE; |
747 | 756 |
748 // TODO(hidehiko): In kArcSignedIn = true case, this method should never | 757 // TODO(hidehiko): In kArcSignedIn = true case, this method should never |
749 // be called. Remove the check. | 758 // be called. Remove the check. |
750 // Conceptually, this is starting ToS negotiation, rather than opt-in flow. | 759 // Conceptually, this is starting ToS negotiation, rather than opt-in flow. |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
893 break; | 902 break; |
894 } | 903 } |
895 } | 904 } |
896 | 905 |
897 void ArcSessionManager::StartBackgroundAndroidManagementCheck() { | 906 void ArcSessionManager::StartBackgroundAndroidManagementCheck() { |
898 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 907 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
899 DCHECK_EQ(state_, State::ACTIVE); | 908 DCHECK_EQ(state_, State::ACTIVE); |
900 DCHECK(!android_management_checker_); | 909 DCHECK(!android_management_checker_); |
901 | 910 |
902 // Skip Android management check for testing. | 911 // Skip Android management check for testing. |
903 // We also skip if Android management check for Kiosk mode, | 912 // We also skip if Android management check for Kiosk and Public Session mode, |
904 // because there are no managed human users for Kiosk exist. | 913 // because there are no managed human users for them exist. |
905 if (IsArcOptInVerificationDisabled() || IsArcKioskMode() || | 914 if (IsArcOptInVerificationDisabled() || IsArcKioskMode() || |
915 IsPublicSessionMode() || | |
906 (g_disable_ui_for_testing && | 916 (g_disable_ui_for_testing && |
907 !g_enable_check_android_management_for_testing)) { | 917 !g_enable_check_android_management_for_testing)) { |
908 return; | 918 return; |
909 } | 919 } |
910 | 920 |
911 android_management_checker_ = base::MakeUnique<ArcAndroidManagementChecker>( | 921 android_management_checker_ = base::MakeUnique<ArcAndroidManagementChecker>( |
912 profile_, context_->token_service(), context_->account_id(), | 922 profile_, context_->token_service(), context_->account_id(), |
913 true /* retry_on_error */); | 923 true /* retry_on_error */); |
914 android_management_checker_->StartCheck( | 924 android_management_checker_->StartCheck( |
915 base::Bind(&ArcSessionManager::OnBackgroundAndroidManagementChecked, | 925 base::Bind(&ArcSessionManager::OnBackgroundAndroidManagementChecked, |
(...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1124 | 1134 |
1125 #undef MAP_STATE | 1135 #undef MAP_STATE |
1126 | 1136 |
1127 // Some compilers report an error even if all values of an enum-class are | 1137 // Some compilers report an error even if all values of an enum-class are |
1128 // covered exhaustively in a switch statement. | 1138 // covered exhaustively in a switch statement. |
1129 NOTREACHED() << "Invalid value " << static_cast<int>(state); | 1139 NOTREACHED() << "Invalid value " << static_cast<int>(state); |
1130 return os; | 1140 return os; |
1131 } | 1141 } |
1132 | 1142 |
1133 } // namespace arc | 1143 } // namespace arc |
OLD | NEW |