Add a flag to ProfileSyncService that says whether encrypting all data is allowed.

chrome/browser/sync/profile_sync_service.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_
 #define CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_
 
 #include <set>
 #include <string>
 #include <utility>
@@ skipping 649 matching lines @@
   // passphrase with this API.
   virtual void SetEncryptionPassphrase(const std::string& passphrase,
                                        PassphraseType type);
 
   // Asynchronously decrypts pending keys using |passphrase|. Returns false
   // immediately if the passphrase could not be used to decrypt a locally cached
   // copy of encrypted keys; returns true otherwise.
   virtual bool SetDecryptionPassphrase(const std::string& passphrase)
       WARN_UNUSED_RESULT;
 
+  // Returns true if encrypting all the sync data is allowed. If this method
+  // returns false, EnableEncryptEverything() should not be called.
+  virtual bool EncryptEverythingAllowed() const;
+
+  // Sets whether encrypting all the sync data is allowed or not.
+  virtual void SetEncryptEverythingAllowed(bool allowed);
+
   // Turns on encryption for all data. Callers must call OnUserChoseDatatypes()
   // after calling this to force the encryption to occur.
   virtual void EnableEncryptEverything();
 
   // Returns true if we are currently set to encrypt all the sync data. Note:
   // this is based on the cryptographer's settings, so if the user has recently
   // requested encryption to be turned on, this may not be true yet. For that,
   // encryption_pending() must be checked.
   virtual bool EncryptEverythingEnabled() const;
 
@@ skipping 359 matching lines @@
   // Sometimes we need to temporarily hold on to a passphrase because we don't
   // yet have a backend to send it to.  This happens during initialization as
   // we don't StartUp until we have a valid token, which happens after valid
   // credentials were provided.
   std::string cached_passphrase_;
 
   // The current set of encrypted types.  Always a superset of
   // syncer::Cryptographer::SensitiveTypes().
   syncer::ModelTypeSet encrypted_types_;
 
+  // Whether encrypting everything is allowed.
+  bool encrypt_everything_allowed_;
+
   // Whether we want to encrypt everything.
   bool encrypt_everything_;
 
   // Whether we're waiting for an attempt to encryption all sync data to
   // complete. We track this at this layer in order to allow the user to cancel
   // if they e.g. don't remember their explicit passphrase.
   bool encryption_pending_;
 
   scoped_ptr<browser_sync::BackendMigrator> migrator_;
 
@@ skipping 92 matching lines @@
   BrowsingDataRemover::Observer* browsing_data_remover_observer_;
 
   DISALLOW_COPY_AND_ASSIGN(ProfileSyncService);
 };
 
 bool ShouldShowActionOnUI(
     const syncer::SyncProtocolError& error);
 
 
 #endif  // CHROME_BROWSER_SYNC_PROFILE_SYNC_SERVICE_H_