Fixed misuse of GetProfileByUser in MultiProfileUserController.

chrome/browser/chromeos/login/users/multi_profile_user_controller.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h"
 
 #include "base/bind.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/prefs/pref_change_registrar.h"
 #include "base/prefs/pref_registry_simple.h"
@@ skipping 75 matching lines @@
       false,
       user_prefs::PrefRegistrySyncable::SYNCABLE_PREF);
 }
 
 // static
 MultiProfileUserController::UserAllowedInSessionReason
 MultiProfileUserController::GetPrimaryUserPolicy() {
   UserManager* user_manager = UserManager::Get();
   CHECK(user_manager);
 
-  const user_manager::User* primary_user = user_manager->GetPrimaryUser();
-  if (!primary_user)
+  const user_manager::User* user = user_manager->GetPrimaryUser();
+  if (!user)
     return ALLOWED;
-  Profile* primary_user_profile =
-      ProfileHelper::Get()->GetProfileByUserUnsafe(primary_user);
-
-  std::string primary_user_email = primary_user->email();
 
   // Don't allow any secondary profiles if the primary profile is tainted.
-  if (policy::PolicyCertServiceFactory::UsedPolicyCertificates(
-          primary_user_email)) {
+  if (policy::PolicyCertServiceFactory::UsedPolicyCertificates(user->email())) {
     // Check directly in local_state before checking if the primary user has
     // a PolicyCertService. His profile may have been tainted previously though
     // he didn't get a PolicyCertService created for this session.
     return NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED;
   }
 
-  // If the primary profile already has policy certificates installed but hasn't
-  // used them yet then it can become tainted at any time during this session;
-  // disable secondary profiles in this case too.
+  Profile* profile = ProfileHelper::Get()->GetProfileByUser(user);
+  if (!profile)
+    return ALLOWED;
+
+  // If the primary profile already has policy certificates installed but
+  // hasn't used them yet then it can become tainted at any time during this
+  // session disable secondary profiles in this case too.
   policy::PolicyCertService* service =
-      primary_user_profile ? policy::PolicyCertServiceFactory::GetForProfile(
-                                 primary_user_profile)
-                           : NULL;
+      policy::PolicyCertServiceFactory::GetForProfile(profile);
   if (service && service->has_policy_certificates())
     return NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED;
 
   // No user is allowed if the primary user policy forbids it.
-  const std::string primary_user_behavior =
-      primary_user_profile->GetPrefs()->GetString(
-          prefs::kMultiProfileUserBehavior);
-  if (primary_user_behavior == kBehaviorNotAllowed)
+  const std::string behavior = profile->GetPrefs()->GetString(
+      prefs::kMultiProfileUserBehavior);
+  if (behavior == kBehaviorNotAllowed)
     return NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS;
 
   return ALLOWED;
 }
 
 bool MultiProfileUserController::IsUserAllowedInSession(
     const std::string& user_email,
     MultiProfileUserController::UserAllowedInSessionReason* reason) const {
   UserManager* user_manager = UserManager::Get();
   CHECK(user_manager);
@@ skipping 102 matching lines @@
   } else {
     const std::string behavior =
         prefs->GetString(prefs::kMultiProfileUserBehavior);
     SetCachedValue(user_email, behavior);
   }
 
   CheckSessionUsers();
 }
 
 }  // namespace chromeos