OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" | 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
9 #include "base/prefs/pref_change_registrar.h" | 9 #include "base/prefs/pref_change_registrar.h" |
10 #include "base/prefs/pref_registry_simple.h" | 10 #include "base/prefs/pref_registry_simple.h" |
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
135 const user_manager::User* primary_user = user_manager->GetPrimaryUser(); | 135 const user_manager::User* primary_user = user_manager->GetPrimaryUser(); |
136 std::string primary_user_email; | 136 std::string primary_user_email; |
137 if (primary_user) | 137 if (primary_user) |
138 primary_user_email = primary_user->email(); | 138 primary_user_email = primary_user->email(); |
139 | 139 |
140 // Always allow if there is no primary user or user being checked is the | 140 // Always allow if there is no primary user or user being checked is the |
141 // primary user. | 141 // primary user. |
142 if (primary_user_email.empty() || primary_user_email == user_email) | 142 if (primary_user_email.empty() || primary_user_email == user_email) |
143 return SetUserAllowedReason(reason, ALLOWED); | 143 return SetUserAllowedReason(reason, ALLOWED); |
144 | 144 |
145 // Owner is not allowed to be secondary user. | |
146 if (user_manager->GetOwnerEmail() == user_email) | |
147 return SetUserAllowedReason(reason, NOT_ALLOWED_OWNER_AS_SECONDARY); | |
148 | |
149 // Don't allow profiles potentially tainted by data fetched with policy-pushed | 145 // Don't allow profiles potentially tainted by data fetched with policy-pushed |
150 // certificates to join a multiprofile session. | 146 // certificates to join a multiprofile session. |
151 if (policy::PolicyCertServiceFactory::UsedPolicyCertificates(user_email)) | 147 if (policy::PolicyCertServiceFactory::UsedPolicyCertificates(user_email)) |
152 return SetUserAllowedReason(reason, NOT_ALLOWED_POLICY_CERT_TAINTED); | 148 return SetUserAllowedReason(reason, NOT_ALLOWED_POLICY_CERT_TAINTED); |
153 | 149 |
154 UserAllowedInSessionReason primary_user_policy = GetPrimaryUserPolicy(); | 150 UserAllowedInSessionReason primary_user_policy = GetPrimaryUserPolicy(); |
155 if (primary_user_policy != ALLOWED) | 151 if (primary_user_policy != ALLOWED) |
156 return SetUserAllowedReason(reason, primary_user_policy); | 152 return SetUserAllowedReason(reason, primary_user_policy); |
157 | 153 |
158 // The user must have 'unrestricted' policy to be a secondary user. | 154 // The user must have 'unrestricted' policy to be a secondary user. |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
237 } else { | 233 } else { |
238 const std::string behavior = | 234 const std::string behavior = |
239 prefs->GetString(prefs::kMultiProfileUserBehavior); | 235 prefs->GetString(prefs::kMultiProfileUserBehavior); |
240 SetCachedValue(user_email, behavior); | 236 SetCachedValue(user_email, behavior); |
241 } | 237 } |
242 | 238 |
243 CheckSessionUsers(); | 239 CheckSessionUsers(); |
244 } | 240 } |
245 | 241 |
246 } // namespace chromeos | 242 } // namespace chromeos |
OLD | NEW |