Fix up Owner settings on first load

chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_
 #define CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_
 
 #include <string>
 #include <vector>
 
@@ skipping 16 matching lines @@
 namespace content {
 class WebUI;
 }
 
 namespace ownership {
 class OwnerKeyUtil;
 }
 
 namespace chromeos {
 
+class CrosSettings;
 class FakeOwnerSettingsService;
 
 // The class is a profile-keyed service which holds public/private
 // keypair corresponds to a profile. The keypair is reloaded automatically when
 // profile is created and TPM token is ready. Note that the private part of a
 // key can be loaded only for the owner.
 //
 // TODO (ygorshenin@): move write path for device settings here
 // (crbug.com/230018).
 class OwnerSettingsServiceChromeOS : public ownership::OwnerSettingsService,
@@ skipping 67 matching lines @@
       enterprise_management::ChromeDeviceSettingsProto& settings);
 
   bool has_pending_changes() const {
     return !pending_changes_.empty() || tentative_settings_.get() ||
            has_pending_management_settings_;
   }
 
  protected:
   OwnerSettingsServiceChromeOS(
       DeviceSettingsService* device_settings_service,
+      CrosSettings* cros_settings,
       Profile* profile,
       const scoped_refptr<ownership::OwnerKeyUtil>& owner_key_util);
 
  private:
   friend class OwnerSettingsServiceChromeOSFactory;
 
   // OwnerSettingsService protected interface overrides:
 
   // Reloads private key from profile's NSS slots, responds via |callback|.
   void ReloadKeypairImpl(const base::Callback<
       void(const scoped_refptr<ownership::PublicKey>& public_key,
            const scoped_refptr<ownership::PrivateKey>& private_key)>& callback)
       override;
 
   // Possibly notifies DeviceSettingsService that owner's keypair is loaded.
   void OnPostKeypairLoadedActions() override;
 
+  // Once trusted settings are loaded, ensures that the Owner's user_id_ is
+  // on the user account whitelist.
+  void FixupLocalOwnerPolicy();
+
   // Tries to apply recent changes to device settings proto, sign it and store.
   void StorePendingChanges();
 
   // Called when current device settings are successfully signed.
   // Sends signed settings for storage.
   void OnPolicyAssembledAndSigned(
       scoped_ptr<enterprise_management::PolicyFetchResponse> policy_response);
 
   // Called by DeviceSettingsService when modified and signed device
   // settings are stored.
   void OnSignedPolicyStored(bool success);
 
   // Report status to observers and tries to continue storing pending chages to
   // device settings.
   void ReportStatusAndContinueStoring(bool success);
 
   DeviceSettingsService* device_settings_service_;
 
+  CrosSettings* cros_settings_;
+
   // Profile this service instance belongs to.
   Profile* profile_;
 
   // User ID this service instance belongs to.
   std::string user_id_;
 
   // Whether profile still needs to be initialized.
   bool waiting_for_profile_creation_;
 
   // Whether TPM token still needs to be initialized.
@@ skipping 22 matching lines @@
   base::WeakPtrFactory<OwnerSettingsServiceChromeOS> weak_factory_;
 
   base::WeakPtrFactory<OwnerSettingsServiceChromeOS> store_settings_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(OwnerSettingsServiceChromeOS);
 };
 
 }  // namespace chromeos
 
 #endif  // CHROME_BROWSER_CHROMEOS_OWNERSHIP_OWNER_SETTINGS_SERVICE_CHROMEOS_H_