Force enterprise enrollment flow upon detection of inconsistent state.

chrome/browser/chromeos/policy/device_cloud_policy_initializer.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/logging.h"
 #include "base/prefs/pref_service.h"
 #include "base/sequenced_task_runner.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/login/startup_utils.h"
 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h"
 #include "chrome/browser/chromeos/policy/device_status_collector.h"
 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h"
 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
 #include "chrome/browser/chromeos/policy/server_backed_device_state.h"
 #include "chrome/common/chrome_content_client.h"
 #include "chrome/common/pref_names.h"
 #include "chromeos/system/statistics_provider.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
@@ skipping 97 matching lines @@
       restore_mode == kDeviceStateRestoreModeReEnrollmentEnforced) {
     return true;
   }
 
   if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentAutoStart))
     return local_state_->GetBoolean(prefs::kDeviceEnrollmentAutoStart);
 
   return GetMachineFlag(chromeos::system::kOemIsEnterpriseManagedKey, false);
 }
 
+bool DeviceCloudPolicyInitializer::ShouldRecoverEnrollment() const {
+  if (install_attributes_->IsEnterpriseDevice() &&
+      chromeos::StartupUtils::IsEnrollmentRecoveryRequired()) {
+    LOG(WARNING) << "Enrollment recovery required according to pref.";
+    std::string machine_id;
+    bool machine_id_success =
+        chromeos::system::StatisticsProvider::GetInstance()
+            ->GetMachineStatistic(chromeos::system::kHardwareClassKey,
+                                  &machine_id);
+    if (machine_id_success && machine_id != "")
+      return true;
+    LOG(WARNING) << "Postponing recovery because machine id is missing.";
+  }
+  return false;
+}
+
 bool DeviceCloudPolicyInitializer::CanExitEnrollment() const {
   if (GetRestoreMode() == kDeviceStateRestoreModeReEnrollmentEnforced)
     return false;
 
   if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentCanExit))
     return local_state_->GetBoolean(prefs::kDeviceEnrollmentCanExit);
 
   return GetMachineFlag(chromeos::system::kOemCanExitEnterpriseEnrollmentKey,
                         true);
 }
@@ skipping 46 matching lines @@
                             kPolicyVerificationKeyHash,
                             USER_AFFILIATION_NONE,
                             device_status_provider_.get(),
                             device_management_service,
                             request_context));
 }
 
 void DeviceCloudPolicyInitializer::TryToCreateClient() {
   if (device_store_->is_initialized() &&
       device_store_->has_policy() &&
+      !device_store_->policy()->request_token().empty() &&
       !state_keys_broker_->pending() &&
       !enrollment_handler_) {
     DeviceManagementService* service;
     if (device_store_->policy()->management_mode() ==
         em::PolicyData::CONSUMER_MANAGED) {
       service = consumer_service_;
     } else {
       service = enterprise_service_;
     }
     StartConnection(CreateClient(service));
@@ skipping 13 matching lines @@
 
 std::string DeviceCloudPolicyInitializer::GetRestoreMode() const {
   const base::DictionaryValue* device_state_dict =
       local_state_->GetDictionary(prefs::kServerBackedDeviceState);
   std::string restore_mode;
   device_state_dict->GetString(kDeviceStateRestoreMode, &restore_mode);
   return restore_mode;
 }
 
 }  // namespace policy