Chromad: Prevent session from starting without policy

chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_MANAGER_CHROMEOS_H_
 #define CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_MANAGER_CHROMEOS_H_
 
 #include <memory>
 #include <string>
 
@@ skipping 27 matching lines @@
 class DeviceManagementService;
 class PolicyOAuth2TokenFetcher;
 class WildcardLoginChecker;
 
 // Implements logic for initializing user policy on Chrome OS.
 class UserCloudPolicyManagerChromeOS : public CloudPolicyManager,
                                        public CloudPolicyClient::Observer,
                                        public CloudPolicyService::Observer,
                                        public KeyedService {
  public:
-  // If |wait_for_policy_fetch| is true, IsInitializationComplete() is forced to
-  // false until either there has been a successful policy fetch from the server
-  // or |initial_policy_fetch_timeout| has expired. (The timeout may be set to
-  // TimeDelta::Max() to block permanently.)
+  // If |initial_policy_fetch_timeout| is non-zero, IsInitializationComplete()
+  // is forced to false until either there has been a successful policy fetch
+  // from the server or |initial_policy_fetch_timeout| has expired. (The timeout
+  // may be set to TimeDelta::Max() to block permanently.)
   // |task_runner| is the runner for policy refresh tasks.
   // |file_task_runner| is used for file operations. Currently this must be the
   // FILE BrowserThread.
   // |io_task_runner| is used for network IO. Currently this must be the IO
   // BrowserThread.
   UserCloudPolicyManagerChromeOS(
       std::unique_ptr<CloudPolicyStore> store,
       std::unique_ptr<CloudExternalDataManager> external_data_manager,
       const base::FilePath& component_policy_cache_path,
-      bool wait_for_policy_fetch,
       base::TimeDelta initial_policy_fetch_timeout,
       const scoped_refptr<base::SequencedTaskRunner>& task_runner,
       const scoped_refptr<base::SequencedTaskRunner>& file_task_runner,
       const scoped_refptr<base::SequencedTaskRunner>& io_task_runner);
   ~UserCloudPolicyManagerChromeOS() override;
 
   // Initializes the cloud connection. |local_state| and
   // |device_management_service| must stay valid until this object is deleted.
   void Connect(
       PrefService* local_state,
@@ skipping 48 matching lines @@
   // authentication context of the signin context, and calls back
   // OnOAuth2PolicyTokenFetched when done.
   void FetchPolicyOAuthToken();
 
   // Called once the policy access token is available, and starts the
   // registration with the policy server if the token was successfully fetched.
   void OnOAuth2PolicyTokenFetched(const std::string& policy_token,
                                   const GoogleServiceAuthError& error);
 
   // Completion handler for the explicit policy fetch triggered on startup in
-  // case |wait_for_policy_fetch_| is true. |success| is true if the fetch was
-  // successful.
+  // case |waiting_for_initial_policy_fetch_| is true. |success| is true if the
+  // fetch was successful.
   void OnInitialPolicyFetchComplete(bool success);
 
-  // Called when |policy_fetch_timeout_| times out, to cancel the blocking
-  // wait for the initial policy fetch.
+  // Called when |policy_fetch_timeout_| times out, to cancel the blocking wait
+  // for the initial policy fetch.
   void OnBlockingFetchTimeout();
 
-  // Cancels waiting for the policy fetch and flags the
+  // Cancels waiting for the initial policy fetch and flags the
   // ConfigurationPolicyProvider ready (assuming all other initialization tasks
-  // have completed). Pass |true| if policy fetch was successful (either
-  // because policy was successfully fetched, or if DMServer has notified us
-  // that the user is not managed).
+  // have completed). Pass |true| if policy fetch was successful (either because
+  // policy was successfully fetched, or if DMServer has notified us that the
+  // user is not managed).
   void CancelWaitForPolicyFetch(bool success);
 
   void StartRefreshSchedulerIfReady();
 
   // Owns the store, note that CloudPolicyManager just keeps a plain pointer.
   std::unique_ptr<CloudPolicyStore> store_;
 
   // Manages external data referenced by policies.
   std::unique_ptr<CloudExternalDataManager> external_data_manager_;
 
   // Username for the wildcard login check if applicable, empty otherwise.
   std::string wildcard_username_;
 
   // Path where policy for components will be cached.
   base::FilePath component_policy_cache_path_;
 
-  // Whether to wait for a policy fetch to complete before reporting
+  // Whether we're waiting for a policy fetch to complete before reporting
   // IsInitializationComplete().
-  bool wait_for_policy_fetch_;
+  bool waiting_for_initial_policy_fetch_;
 
-  // Whether we should allow policy fetches to fail, or wait forever until they
-  // succeed (typically we won't allow them to fail until we have loaded policy
-  // at least once).
-  bool allow_failed_policy_fetches_;
+  // Whether the user session is continued in case of failure of initial policy
+  // fetch.
+  bool initial_policy_fetch_may_fail_;
 
   // A timer that puts a hard limit on the maximum time to wait for the initial
   // policy fetch.
-  base::Timer policy_fetch_timeout_{false, false};
+  base::Timer policy_fetch_timeout_{false /* retain_user_task */,
+                                    false /* is_repeating */};
 
   // The pref service to pass to the refresh scheduler on initialization.
   PrefService* local_state_;
 
   // Used to fetch the policy OAuth token, when necessary. This object holds
   // a callback with an unretained reference to the manager, when it exists.
   std::unique_ptr<PolicyOAuth2TokenFetcher> token_fetcher_;
 
   // Keeps alive the wildcard checker while its running.
   std::unique_ptr<WildcardLoginChecker> wildcard_login_checker_;
@@ skipping 12 matching lines @@
   // TODO(emaxx): Remove after the crashes tracked at https://crbug.com/685996
   // are fixed.
   base::debug::StackTrace connect_callstack_;
 
   DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyManagerChromeOS);
 };
 
 }  // namespace policy
 
 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_USER_CLOUD_POLICY_MANAGER_CHROMEOS_H_