Add first implemenation for SU password sync

chrome/browser/chromeos/login/supervised_user_manager_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h"
 
 #include "base/prefs/pref_registry_simple.h"
 #include "base/prefs/pref_service.h"
 #include "base/prefs/scoped_user_pref_update.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/login/managed/supervised_user_authentication.h"
 #include "chrome/browser/chromeos/login/user_manager_impl.h"
 #include "chromeos/settings/cros_settings_names.h"
 #include "content/public/browser/browser_thread.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 
 using content::BrowserThread;
 
 namespace {
 
 // A map from locally managed user local user id to sync user id.
@@ skipping 21 matching lines @@
     "LocallyManagedUsersNextId";
 
 // A pref of the next id for locally managed users generation.
 const char kLocallyManagedUserCreationTransactionDisplayName[] =
     "LocallyManagedUserCreationTransactionDisplayName";
 
 // A pref of the next id for locally managed users generation.
 const char kLocallyManagedUserCreationTransactionUserId[] =
     "LocallyManagedUserCreationTransactionUserId";
 
+// A map from user id to password schema version,

[Nikita (slow), 2013/12/09 16:42:16]

nit: revision, dot at the end.

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+const char kSupervisedUserPasswordSchemaVersion[] =
+    "SupervisedUserPasswordSchemaVersion";
+
+// A map from user id to password version.
+const char kSupervisedUserPasswordSalt[] =
+    "SupervisedUserPasswordSalt";
+
+// A map from user id to password salt.
+const char kSupervisedUserPasswordVersion[] =
+    "SupervisedUserPasswordVersion";
+
 } // namespace
 
 namespace chromeos {
 
+const char kSchemaVersion[] = "SchemaVersion";

[Nikita (slow), 2013/12/09 16:42:16]

nit: One small comment about these would be helpful.

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

+const char kPasswordVersion[] = "PasswordVersion";
+const char kSalt[] = "PasswordSalt";
+const char kEncryptedPassword[] = "EncryptedPassword";
+
 // static
 void SupervisedUserManager::RegisterPrefs(PrefRegistrySimple* registry) {
   registry->RegisterListPref(kLocallyManagedUsersFirstRun);
   registry->RegisterIntegerPref(kLocallyManagedUsersNextId, 0);
   registry->RegisterStringPref(
       kLocallyManagedUserCreationTransactionDisplayName, "");
   registry->RegisterStringPref(
       kLocallyManagedUserCreationTransactionUserId, "");
   registry->RegisterDictionaryPref(kManagedUserSyncId);
   registry->RegisterDictionaryPref(kManagedUserManagers);
   registry->RegisterDictionaryPref(kManagedUserManagerNames);
   registry->RegisterDictionaryPref(kManagedUserManagerDisplayEmails);
+
+  registry->RegisterDictionaryPref(kSupervisedUserPasswordSchemaVersion);
+  registry->RegisterDictionaryPref(kSupervisedUserPasswordSalt);
+  registry->RegisterDictionaryPref(kSupervisedUserPasswordVersion);
 }
 
 SupervisedUserManagerImpl::SupervisedUserManagerImpl(UserManagerImpl* owner)
     : owner_(owner),
       cros_settings_(CrosSettings::Get()) {
   // SupervisedUserManager instance should be used only on UI thread.
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  authentication_.reset(new SupervisedUserAuthentication(this));
 }
 
 SupervisedUserManagerImpl::~SupervisedUserManagerImpl() {
 }
 
 std::string SupervisedUserManagerImpl::GenerateUserId() {
   int counter = g_browser_process->local_state()->
       GetInteger(kLocallyManagedUsersNextId);
   std::string id;
   bool user_exists;
@@ skipping 54 matching lines @@
       new base::StringValue(manager->display_email()));
 
   owner_->SaveUserDisplayName(local_user_id, display_name);
 
   g_browser_process->local_state()->CommitPendingWrite();
   return new_user;
 }
 
 std::string SupervisedUserManagerImpl::GetUserSyncId(const std::string& user_id)
     const {
-  PrefService* local_state = g_browser_process->local_state();
-  const DictionaryValue* sync_ids =
-      local_state->GetDictionary(kManagedUserSyncId);
   std::string result;
-  sync_ids->GetStringWithoutPathExpansion(user_id, &result);
+  GetUserValue(user_id, kManagedUserSyncId, &result);
   return result;
 }
 
 string16 SupervisedUserManagerImpl::GetManagerDisplayName(
     const std::string& user_id) const {
   PrefService* local_state = g_browser_process->local_state();
   const DictionaryValue* manager_names =
       local_state->GetDictionary(kManagedUserManagerNames);
   string16 result;
   if (manager_names->GetStringWithoutPathExpansion(user_id, &result) &&
       !result.empty())
     return result;
   return UTF8ToUTF16(GetManagerDisplayEmail(user_id));
 }
 
 std::string SupervisedUserManagerImpl::GetManagerUserId(
       const std::string& user_id) const {
-  PrefService* local_state = g_browser_process->local_state();
-  const DictionaryValue* manager_ids =
-      local_state->GetDictionary(kManagedUserManagers);
   std::string result;
-  manager_ids->GetStringWithoutPathExpansion(user_id, &result);
+  GetUserValue(user_id, kManagedUserManagers, &result);
   return result;
 }
 
 std::string SupervisedUserManagerImpl::GetManagerDisplayEmail(
       const std::string& user_id) const {
+  std::string result;
+  if (GetUserValue(user_id, kManagedUserManagerDisplayEmails, &result) &&
+      !result.empty())
+    return result;
+  return GetManagerUserId(user_id);
+}
+
+void SupervisedUserManagerImpl::GetPasswordInformation(
+    const std::string& user_id,
+    base::DictionaryValue* result) {

[Bernhard Bauer, 2013/12/11 14:46:43]

You don't really need to pass a dictionary here that can hold arbitrary
key-value pairs. You could just pass three out params, or create a struct for
them.

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

I want to keep things simple - same dictionary will be used to store data in
sync (json blob), and I want intermediate layers to be independent of actual
values needed for schema.
I like static typing, but in this case I believe that using dictionary will
serve better.

[Bernhard Bauer, 2013/12/13 00:30:50]

Like I explained above, it won't be the exact same dictionary.
Well, the only thing that's independent of the actual schema is the interface,
and both client and implementor of the interface will need to know which keys
are in the dictionary. I don't think that will keep things easier, but if you
want to, I'm not going to stop you.

+  std::string holder;
+  if (GetUserValue(user_id, kSupervisedUserPasswordSchemaVersion, &holder))
+    result->SetStringWithoutPathExpansion(kSchemaVersion, holder);
+  if (GetUserValue(user_id, kSupervisedUserPasswordVersion, &holder))
+    result->SetStringWithoutPathExpansion(kPasswordVersion, holder);
+  if (GetUserValue(user_id, kSupervisedUserPasswordSalt, &holder))
+    result->SetStringWithoutPathExpansion(kSalt, holder);
+}
+
+void SupervisedUserManagerImpl::SetPasswordInformation(
+      const std::string& user_id,
+      const base::DictionaryValue* password_info) {
+  std::string holder;
+  if (password_info->GetStringWithoutPathExpansion(kSchemaVersion, &holder))
+    SetUserValue(user_id, kSupervisedUserPasswordSchemaVersion, holder);
+  if (password_info->GetStringWithoutPathExpansion(kPasswordVersion, &holder))
+    SetUserValue(user_id, kSupervisedUserPasswordVersion, holder);
+  if (password_info->GetStringWithoutPathExpansion(kSalt, &holder))
+    SetUserValue(user_id, kSupervisedUserPasswordSalt, holder);
+  g_browser_process->local_state()->CommitPendingWrite();
+}
+
+bool SupervisedUserManagerImpl::GetUserValue(
+    const std::string& user_id,
+    const char* key,
+    std::string* out_value) const {
   PrefService* local_state = g_browser_process->local_state();
-  const DictionaryValue* manager_mails =
-      local_state->GetDictionary(kManagedUserManagerDisplayEmails);
-  std::string result;
-  if (manager_mails->GetStringWithoutPathExpansion(user_id, &result) &&
-      !result.empty()) {
-    return result;
-  }
-  return GetManagerUserId(user_id);
+  const DictionaryValue* dictionary = local_state->GetDictionary(key);
+  return dictionary->GetStringWithoutPathExpansion(user_id, out_value);
+}
+
+void SupervisedUserManagerImpl::SetUserValue(
+    const std::string& user_id,
+    const char* key,
+    const std::string& value) {
+  PrefService* local_state = g_browser_process->local_state();
+  DictionaryPrefUpdate update(local_state, key);
+  update->SetWithoutPathExpansion(user_id, new base::StringValue(value));

[Bernhard Bauer, 2013/12/11 14:46:43]

SetStringWithoutPathExpansion()

[Denis Kuznetsov (DE-MUC), 2013/12/12 19:45:24]

Done.

 }
 
 const User* SupervisedUserManagerImpl::FindByDisplayName(
     const string16& display_name) const {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   const UserList& users = owner_->GetUsers();
   for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) {
     if (((*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) &&
         ((*it)->display_name() == display_name)) {
       return *it;
@@ skipping 78 matching lines @@
   prefs->ClearPref(kLocallyManagedUserCreationTransactionUserId);
   prefs->CommitPendingWrite();
 }
 
 void SupervisedUserManagerImpl::RemoveNonCryptohomeData(
     const std::string& user_id) {
   PrefService* prefs = g_browser_process->local_state();
   ListPrefUpdate prefs_new_users_update(prefs, kLocallyManagedUsersFirstRun);
   prefs_new_users_update->Remove(base::StringValue(user_id), NULL);
 
-  DictionaryPrefUpdate synd_id_update(prefs, kManagedUserSyncId);
-  synd_id_update->RemoveWithoutPathExpansion(user_id, NULL);
+  CleanPref(user_id, kManagedUserSyncId);
+  CleanPref(user_id, kManagedUserManagers);
+  CleanPref(user_id, kManagedUserManagerNames);
+  CleanPref(user_id, kManagedUserManagerDisplayEmails);
+  CleanPref(user_id, kSupervisedUserPasswordSalt);
+  CleanPref(user_id, kSupervisedUserPasswordSchemaVersion);
+  CleanPref(user_id, kSupervisedUserPasswordVersion);
+}
 
-  DictionaryPrefUpdate managers_update(prefs, kManagedUserManagers);
-  managers_update->RemoveWithoutPathExpansion(user_id, NULL);
-
-  DictionaryPrefUpdate manager_names_update(prefs,
-                                            kManagedUserManagerNames);
-  manager_names_update->RemoveWithoutPathExpansion(user_id, NULL);
-
-  DictionaryPrefUpdate manager_emails_update(prefs,
-                                             kManagedUserManagerDisplayEmails);
-  manager_emails_update->RemoveWithoutPathExpansion(user_id, NULL);
+void SupervisedUserManagerImpl::CleanPref(const std::string& user_id,
+                                          const char* key) {
+  PrefService* prefs = g_browser_process->local_state();
+  DictionaryPrefUpdate dict_update(prefs, key);
+  dict_update->RemoveWithoutPathExpansion(user_id, NULL);
 }
 
 bool SupervisedUserManagerImpl::CheckForFirstRun(const std::string& user_id) {
   ListPrefUpdate prefs_new_users_update(g_browser_process->local_state(),
                                         kLocallyManagedUsersFirstRun);
   return prefs_new_users_update->Remove(base::StringValue(user_id), NULL);
 }
 
 void SupervisedUserManagerImpl::UpdateManagerName(const std::string& manager_id,
     const string16& new_display_name) {
@@ skipping 10 matching lines @@
     bool has_manager_id = it.value().GetAsString(&user_id);
     DCHECK(has_manager_id);
     if (user_id == manager_id) {
       manager_name_update->SetWithoutPathExpansion(
           it.key(),
           new base::StringValue(new_display_name));
     }
   }
 }
 
+SupervisedUserAuthentication* SupervisedUserManagerImpl::
+    GetSupervisedUserAuthentication() {
+  return authentication_.get();
+}
 
 }  // namespace chromeos