OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h" | 5 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h" |
6 | 6 |
7 #include "base/prefs/pref_registry_simple.h" | 7 #include "base/prefs/pref_registry_simple.h" |
8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
9 #include "base/prefs/scoped_user_pref_update.h" | 9 #include "base/prefs/scoped_user_pref_update.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
11 #include "base/strings/stringprintf.h" | 11 #include "base/strings/stringprintf.h" |
12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
13 #include "base/values.h" | 13 #include "base/values.h" |
14 #include "chrome/browser/browser_process.h" | 14 #include "chrome/browser/browser_process.h" |
| 15 #include "chrome/browser/chromeos/login/managed/supervised_user_authentication.h
" |
15 #include "chrome/browser/chromeos/login/user_manager_impl.h" | 16 #include "chrome/browser/chromeos/login/user_manager_impl.h" |
16 #include "chromeos/settings/cros_settings_names.h" | 17 #include "chromeos/settings/cros_settings_names.h" |
17 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
18 #include "google_apis/gaia/gaia_auth_util.h" | 19 #include "google_apis/gaia/gaia_auth_util.h" |
19 | 20 |
20 using content::BrowserThread; | 21 using content::BrowserThread; |
21 | 22 |
22 namespace { | 23 namespace { |
23 | 24 |
| 25 // Names for pref keys in Local State. |
24 // A map from locally managed user local user id to sync user id. | 26 // A map from locally managed user local user id to sync user id. |
25 const char kManagedUserSyncId[] = | 27 const char kManagedUserSyncId[] = |
26 "ManagedUserSyncId"; | 28 "ManagedUserSyncId"; |
27 | 29 |
28 // A map from locally managed user id to manager user id. | 30 // A map from locally managed user id to manager user id. |
29 const char kManagedUserManagers[] = | 31 const char kManagedUserManagers[] = |
30 "ManagedUserManagers"; | 32 "ManagedUserManagers"; |
31 | 33 |
32 // A map from locally managed user id to manager display name. | 34 // A map from locally managed user id to manager display name. |
33 const char kManagedUserManagerNames[] = | 35 const char kManagedUserManagerNames[] = |
(...skipping 12 matching lines...) Expand all Loading... |
46 "LocallyManagedUsersNextId"; | 48 "LocallyManagedUsersNextId"; |
47 | 49 |
48 // A pref of the next id for locally managed users generation. | 50 // A pref of the next id for locally managed users generation. |
49 const char kLocallyManagedUserCreationTransactionDisplayName[] = | 51 const char kLocallyManagedUserCreationTransactionDisplayName[] = |
50 "LocallyManagedUserCreationTransactionDisplayName"; | 52 "LocallyManagedUserCreationTransactionDisplayName"; |
51 | 53 |
52 // A pref of the next id for locally managed users generation. | 54 // A pref of the next id for locally managed users generation. |
53 const char kLocallyManagedUserCreationTransactionUserId[] = | 55 const char kLocallyManagedUserCreationTransactionUserId[] = |
54 "LocallyManagedUserCreationTransactionUserId"; | 56 "LocallyManagedUserCreationTransactionUserId"; |
55 | 57 |
| 58 // A map from user id to password schema id. |
| 59 const char kSupervisedUserPasswordSchema[] = |
| 60 "SupervisedUserPasswordSchema"; |
| 61 |
| 62 // A map from user id to password salt. |
| 63 const char kSupervisedUserPasswordSalt[] = |
| 64 "SupervisedUserPasswordSalt"; |
| 65 |
| 66 // A map from user id to password revision. |
| 67 const char kSupervisedUserPasswordRevision[] = |
| 68 "SupervisedUserPasswordRevision"; |
| 69 |
56 } // namespace | 70 } // namespace |
57 | 71 |
58 namespace chromeos { | 72 namespace chromeos { |
59 | 73 |
| 74 const char kSchemaVersion[] = "SchemaVersion"; |
| 75 const char kPasswordRevision[] = "PasswordRevision"; |
| 76 const char kSalt[] = "PasswordSalt"; |
| 77 const char kEncryptedPassword[] = "EncryptedPassword"; |
| 78 const int kMinPasswordRevision = 1; |
| 79 |
60 // static | 80 // static |
61 void SupervisedUserManager::RegisterPrefs(PrefRegistrySimple* registry) { | 81 void SupervisedUserManager::RegisterPrefs(PrefRegistrySimple* registry) { |
62 registry->RegisterListPref(kLocallyManagedUsersFirstRun); | 82 registry->RegisterListPref(kLocallyManagedUsersFirstRun); |
63 registry->RegisterIntegerPref(kLocallyManagedUsersNextId, 0); | 83 registry->RegisterIntegerPref(kLocallyManagedUsersNextId, 0); |
64 registry->RegisterStringPref( | 84 registry->RegisterStringPref( |
65 kLocallyManagedUserCreationTransactionDisplayName, ""); | 85 kLocallyManagedUserCreationTransactionDisplayName, ""); |
66 registry->RegisterStringPref( | 86 registry->RegisterStringPref( |
67 kLocallyManagedUserCreationTransactionUserId, ""); | 87 kLocallyManagedUserCreationTransactionUserId, ""); |
68 registry->RegisterDictionaryPref(kManagedUserSyncId); | 88 registry->RegisterDictionaryPref(kManagedUserSyncId); |
69 registry->RegisterDictionaryPref(kManagedUserManagers); | 89 registry->RegisterDictionaryPref(kManagedUserManagers); |
70 registry->RegisterDictionaryPref(kManagedUserManagerNames); | 90 registry->RegisterDictionaryPref(kManagedUserManagerNames); |
71 registry->RegisterDictionaryPref(kManagedUserManagerDisplayEmails); | 91 registry->RegisterDictionaryPref(kManagedUserManagerDisplayEmails); |
| 92 |
| 93 registry->RegisterDictionaryPref(kSupervisedUserPasswordSchema); |
| 94 registry->RegisterDictionaryPref(kSupervisedUserPasswordSalt); |
| 95 registry->RegisterDictionaryPref(kSupervisedUserPasswordRevision); |
72 } | 96 } |
73 | 97 |
74 SupervisedUserManagerImpl::SupervisedUserManagerImpl(UserManagerImpl* owner) | 98 SupervisedUserManagerImpl::SupervisedUserManagerImpl(UserManagerImpl* owner) |
75 : owner_(owner), | 99 : owner_(owner), |
76 cros_settings_(CrosSettings::Get()) { | 100 cros_settings_(CrosSettings::Get()) { |
77 // SupervisedUserManager instance should be used only on UI thread. | 101 // SupervisedUserManager instance should be used only on UI thread. |
78 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 102 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 103 authentication_.reset(new SupervisedUserAuthentication(this)); |
79 } | 104 } |
80 | 105 |
81 SupervisedUserManagerImpl::~SupervisedUserManagerImpl() { | 106 SupervisedUserManagerImpl::~SupervisedUserManagerImpl() { |
82 } | 107 } |
83 | 108 |
84 std::string SupervisedUserManagerImpl::GenerateUserId() { | 109 std::string SupervisedUserManagerImpl::GenerateUserId() { |
85 int counter = g_browser_process->local_state()-> | 110 int counter = g_browser_process->local_state()-> |
86 GetInteger(kLocallyManagedUsersNextId); | 111 GetInteger(kLocallyManagedUsersNextId); |
87 std::string id; | 112 std::string id; |
88 bool user_exists; | 113 bool user_exists; |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
143 new base::StringValue(manager->display_email())); | 168 new base::StringValue(manager->display_email())); |
144 | 169 |
145 owner_->SaveUserDisplayName(local_user_id, display_name); | 170 owner_->SaveUserDisplayName(local_user_id, display_name); |
146 | 171 |
147 g_browser_process->local_state()->CommitPendingWrite(); | 172 g_browser_process->local_state()->CommitPendingWrite(); |
148 return new_user; | 173 return new_user; |
149 } | 174 } |
150 | 175 |
151 std::string SupervisedUserManagerImpl::GetUserSyncId(const std::string& user_id) | 176 std::string SupervisedUserManagerImpl::GetUserSyncId(const std::string& user_id) |
152 const { | 177 const { |
153 PrefService* local_state = g_browser_process->local_state(); | |
154 const DictionaryValue* sync_ids = | |
155 local_state->GetDictionary(kManagedUserSyncId); | |
156 std::string result; | 178 std::string result; |
157 sync_ids->GetStringWithoutPathExpansion(user_id, &result); | 179 GetUserStringValue(user_id, kManagedUserSyncId, &result); |
158 return result; | 180 return result; |
159 } | 181 } |
160 | 182 |
161 base::string16 SupervisedUserManagerImpl::GetManagerDisplayName( | 183 base::string16 SupervisedUserManagerImpl::GetManagerDisplayName( |
162 const std::string& user_id) const { | 184 const std::string& user_id) const { |
163 PrefService* local_state = g_browser_process->local_state(); | 185 PrefService* local_state = g_browser_process->local_state(); |
164 const DictionaryValue* manager_names = | 186 const DictionaryValue* manager_names = |
165 local_state->GetDictionary(kManagedUserManagerNames); | 187 local_state->GetDictionary(kManagedUserManagerNames); |
166 base::string16 result; | 188 base::string16 result; |
167 if (manager_names->GetStringWithoutPathExpansion(user_id, &result) && | 189 if (manager_names->GetStringWithoutPathExpansion(user_id, &result) && |
168 !result.empty()) | 190 !result.empty()) |
169 return result; | 191 return result; |
170 return UTF8ToUTF16(GetManagerDisplayEmail(user_id)); | 192 return UTF8ToUTF16(GetManagerDisplayEmail(user_id)); |
171 } | 193 } |
172 | 194 |
173 std::string SupervisedUserManagerImpl::GetManagerUserId( | 195 std::string SupervisedUserManagerImpl::GetManagerUserId( |
174 const std::string& user_id) const { | 196 const std::string& user_id) const { |
175 PrefService* local_state = g_browser_process->local_state(); | |
176 const DictionaryValue* manager_ids = | |
177 local_state->GetDictionary(kManagedUserManagers); | |
178 std::string result; | 197 std::string result; |
179 manager_ids->GetStringWithoutPathExpansion(user_id, &result); | 198 GetUserStringValue(user_id, kManagedUserManagers, &result); |
180 return result; | 199 return result; |
181 } | 200 } |
182 | 201 |
183 std::string SupervisedUserManagerImpl::GetManagerDisplayEmail( | 202 std::string SupervisedUserManagerImpl::GetManagerDisplayEmail( |
184 const std::string& user_id) const { | 203 const std::string& user_id) const { |
| 204 std::string result; |
| 205 if (GetUserStringValue(user_id, kManagedUserManagerDisplayEmails, &result) && |
| 206 !result.empty()) |
| 207 return result; |
| 208 return GetManagerUserId(user_id); |
| 209 } |
| 210 |
| 211 void SupervisedUserManagerImpl::GetPasswordInformation( |
| 212 const std::string& user_id, |
| 213 base::DictionaryValue* result) { |
| 214 int value; |
| 215 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, &value)) |
| 216 result->SetIntegerWithoutPathExpansion(kSchemaVersion, value); |
| 217 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, &value)) |
| 218 result->SetIntegerWithoutPathExpansion(kPasswordRevision, value); |
| 219 |
| 220 std::string salt; |
| 221 if (GetUserStringValue(user_id, kSupervisedUserPasswordSalt, &salt)) |
| 222 result->SetStringWithoutPathExpansion(kSalt, salt); |
| 223 } |
| 224 |
| 225 void SupervisedUserManagerImpl::SetPasswordInformation( |
| 226 const std::string& user_id, |
| 227 const base::DictionaryValue* password_info) { |
| 228 int value; |
| 229 if (password_info->GetIntegerWithoutPathExpansion(kSchemaVersion, &value)) |
| 230 SetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, value); |
| 231 if (password_info->GetIntegerWithoutPathExpansion(kPasswordRevision, &value)) |
| 232 SetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, value); |
| 233 |
| 234 std::string salt; |
| 235 if (password_info->GetStringWithoutPathExpansion(kSalt, &salt)) |
| 236 SetUserStringValue(user_id, kSupervisedUserPasswordSalt, salt); |
| 237 g_browser_process->local_state()->CommitPendingWrite(); |
| 238 } |
| 239 |
| 240 bool SupervisedUserManagerImpl::GetUserStringValue( |
| 241 const std::string& user_id, |
| 242 const char* key, |
| 243 std::string* out_value) const { |
185 PrefService* local_state = g_browser_process->local_state(); | 244 PrefService* local_state = g_browser_process->local_state(); |
186 const DictionaryValue* manager_mails = | 245 const DictionaryValue* dictionary = local_state->GetDictionary(key); |
187 local_state->GetDictionary(kManagedUserManagerDisplayEmails); | 246 return dictionary->GetStringWithoutPathExpansion(user_id, out_value); |
188 std::string result; | 247 } |
189 if (manager_mails->GetStringWithoutPathExpansion(user_id, &result) && | 248 |
190 !result.empty()) { | 249 bool SupervisedUserManagerImpl::GetUserIntegerValue( |
191 return result; | 250 const std::string& user_id, |
192 } | 251 const char* key, |
193 return GetManagerUserId(user_id); | 252 int* out_value) const { |
| 253 PrefService* local_state = g_browser_process->local_state(); |
| 254 const DictionaryValue* dictionary = local_state->GetDictionary(key); |
| 255 return dictionary->GetIntegerWithoutPathExpansion(user_id, out_value); |
| 256 } |
| 257 |
| 258 void SupervisedUserManagerImpl::SetUserStringValue( |
| 259 const std::string& user_id, |
| 260 const char* key, |
| 261 const std::string& value) { |
| 262 PrefService* local_state = g_browser_process->local_state(); |
| 263 DictionaryPrefUpdate update(local_state, key); |
| 264 update->SetStringWithoutPathExpansion(user_id, value); |
| 265 } |
| 266 |
| 267 void SupervisedUserManagerImpl::SetUserIntegerValue( |
| 268 const std::string& user_id, |
| 269 const char* key, |
| 270 const int value) { |
| 271 PrefService* local_state = g_browser_process->local_state(); |
| 272 DictionaryPrefUpdate update(local_state, key); |
| 273 update->SetIntegerWithoutPathExpansion(user_id, value); |
194 } | 274 } |
195 | 275 |
196 const User* SupervisedUserManagerImpl::FindByDisplayName( | 276 const User* SupervisedUserManagerImpl::FindByDisplayName( |
197 const base::string16& display_name) const { | 277 const base::string16& display_name) const { |
198 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 278 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
199 const UserList& users = owner_->GetUsers(); | 279 const UserList& users = owner_->GetUsers(); |
200 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { | 280 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { |
201 if (((*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) && | 281 if (((*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) && |
202 ((*it)->display_name() == display_name)) { | 282 ((*it)->display_name() == display_name)) { |
203 return *it; | 283 return *it; |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
282 prefs->ClearPref(kLocallyManagedUserCreationTransactionUserId); | 362 prefs->ClearPref(kLocallyManagedUserCreationTransactionUserId); |
283 prefs->CommitPendingWrite(); | 363 prefs->CommitPendingWrite(); |
284 } | 364 } |
285 | 365 |
286 void SupervisedUserManagerImpl::RemoveNonCryptohomeData( | 366 void SupervisedUserManagerImpl::RemoveNonCryptohomeData( |
287 const std::string& user_id) { | 367 const std::string& user_id) { |
288 PrefService* prefs = g_browser_process->local_state(); | 368 PrefService* prefs = g_browser_process->local_state(); |
289 ListPrefUpdate prefs_new_users_update(prefs, kLocallyManagedUsersFirstRun); | 369 ListPrefUpdate prefs_new_users_update(prefs, kLocallyManagedUsersFirstRun); |
290 prefs_new_users_update->Remove(base::StringValue(user_id), NULL); | 370 prefs_new_users_update->Remove(base::StringValue(user_id), NULL); |
291 | 371 |
292 DictionaryPrefUpdate synd_id_update(prefs, kManagedUserSyncId); | 372 CleanPref(user_id, kManagedUserSyncId); |
293 synd_id_update->RemoveWithoutPathExpansion(user_id, NULL); | 373 CleanPref(user_id, kManagedUserManagers); |
| 374 CleanPref(user_id, kManagedUserManagerNames); |
| 375 CleanPref(user_id, kManagedUserManagerDisplayEmails); |
| 376 CleanPref(user_id, kSupervisedUserPasswordSalt); |
| 377 CleanPref(user_id, kSupervisedUserPasswordSchema); |
| 378 CleanPref(user_id, kSupervisedUserPasswordRevision); |
| 379 } |
294 | 380 |
295 DictionaryPrefUpdate managers_update(prefs, kManagedUserManagers); | 381 void SupervisedUserManagerImpl::CleanPref(const std::string& user_id, |
296 managers_update->RemoveWithoutPathExpansion(user_id, NULL); | 382 const char* key) { |
297 | 383 PrefService* prefs = g_browser_process->local_state(); |
298 DictionaryPrefUpdate manager_names_update(prefs, | 384 DictionaryPrefUpdate dict_update(prefs, key); |
299 kManagedUserManagerNames); | 385 dict_update->RemoveWithoutPathExpansion(user_id, NULL); |
300 manager_names_update->RemoveWithoutPathExpansion(user_id, NULL); | |
301 | |
302 DictionaryPrefUpdate manager_emails_update(prefs, | |
303 kManagedUserManagerDisplayEmails); | |
304 manager_emails_update->RemoveWithoutPathExpansion(user_id, NULL); | |
305 } | 386 } |
306 | 387 |
307 bool SupervisedUserManagerImpl::CheckForFirstRun(const std::string& user_id) { | 388 bool SupervisedUserManagerImpl::CheckForFirstRun(const std::string& user_id) { |
308 ListPrefUpdate prefs_new_users_update(g_browser_process->local_state(), | 389 ListPrefUpdate prefs_new_users_update(g_browser_process->local_state(), |
309 kLocallyManagedUsersFirstRun); | 390 kLocallyManagedUsersFirstRun); |
310 return prefs_new_users_update->Remove(base::StringValue(user_id), NULL); | 391 return prefs_new_users_update->Remove(base::StringValue(user_id), NULL); |
311 } | 392 } |
312 | 393 |
313 void SupervisedUserManagerImpl::UpdateManagerName(const std::string& manager_id, | 394 void SupervisedUserManagerImpl::UpdateManagerName(const std::string& manager_id, |
314 const base::string16& new_display_name) { | 395 const base::string16& new_display_name) { |
(...skipping 10 matching lines...) Expand all Loading... |
325 bool has_manager_id = it.value().GetAsString(&user_id); | 406 bool has_manager_id = it.value().GetAsString(&user_id); |
326 DCHECK(has_manager_id); | 407 DCHECK(has_manager_id); |
327 if (user_id == manager_id) { | 408 if (user_id == manager_id) { |
328 manager_name_update->SetWithoutPathExpansion( | 409 manager_name_update->SetWithoutPathExpansion( |
329 it.key(), | 410 it.key(), |
330 new base::StringValue(new_display_name)); | 411 new base::StringValue(new_display_name)); |
331 } | 412 } |
332 } | 413 } |
333 } | 414 } |
334 | 415 |
| 416 SupervisedUserAuthentication* SupervisedUserManagerImpl::GetAuthentication() { |
| 417 return authentication_.get(); |
| 418 } |
335 | 419 |
336 } // namespace chromeos | 420 } // namespace chromeos |
OLD | NEW |