Add a lock to the managed user settings page and require authentication for unlocking.

chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc

Index: chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc
diff --git a/chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc b/chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc
new file mode 100644
index 0000000000000000000000000000000000000000..c14b1cb9fac69be7f24032ef6e2f528afab809a8
--- /dev/null
+++ b/chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.cc
@@ -0,0 +1,177 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ui/webui/managed_user_passphrase_dialog_webui.h"
+
+#include <string>
+#include <vector>
+
+#include "base/bind.h"
+#include "base/memory/weak_ptr.h"
+#include "base/values.h"
+#include "chrome/browser/managed_mode/managed_user_passphrase.h"
+#include "chrome/browser/prefs/pref_service.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ui/webui/chrome_url_data_manager.h"
+#include "chrome/browser/ui/webui/chrome_web_ui_data_source.h"
+#include "chrome/browser/ui/webui/constrained_web_dialog_ui.h"
+#include "chrome/common/pref_names.h"
+#include "chrome/common/url_constants.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/browser/web_ui_message_handler.h"
+#include "grit/browser_resources.h"
+#include "grit/generated_resources.h"
+#include "ui/gfx/size.h"
+
+namespace {
+
+class ManagedUserPassphraseDialogMessageHandler
+    : public content::WebUIMessageHandler {
+
+ public:
+  ManagedUserPassphraseDialogMessageHandler();
+  virtual ~ManagedUserPassphraseDialogMessageHandler() {}
+  virtual void RegisterMessages() OVERRIDE;
+
+ private:
+  void CheckPassphrase(const base::ListValue* args);
+
+  base::WeakPtrFactory<ManagedUserPassphraseDialogMessageHandler> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(ManagedUserPassphraseDialogMessageHandler);
+};
+
+ManagedUserPassphraseDialogMessageHandler
+    ::ManagedUserPassphraseDialogMessageHandler() : weak_factory_(this) {
+}
+
+void ManagedUserPassphraseDialogMessageHandler::RegisterMessages() {
+  web_ui()->RegisterMessageCallback("checkPassphrase",
+      base::Bind(&ManagedUserPassphraseDialogMessageHandler::CheckPassphrase,
+      weak_factory_.GetWeakPtr()));
+}
+
+void ManagedUserPassphraseDialogMessageHandler::CheckPassphrase(
+    const base::ListValue* args) {
+  const base::Value* passphrase_arg = NULL;
+  args->Get(0, &passphrase_arg);
+  std::string passphrase;
+  passphrase_arg->GetAsString(&passphrase);
+  const PrefService* pref_service = Profile::FromWebUI(web_ui())->GetPrefs();
+  const PrefService::Preference* pref =
+      pref_service->FindPreference(prefs::kManagedModeLocalPassphrase);
+  DCHECK(pref);

[Bernhard Bauer, 2013/01/08 17:43:14]

The pref checks are unnecessary again.

Oh, and you don't actually need to go via FindPreference(), you can directly
call GetString().

[Adrian Kuegel, 2013/01/09 12:10:05]

Done.

+  std::string stored_passphrase_hash;
+  bool success = pref->GetValue()->GetAsString(&stored_passphrase_hash);
+  DCHECK(success);
+  pref = pref_service->FindPreference(prefs::kManagedModeLocalSalt);
+  DCHECK(pref);
+  std::string salt;
+  success = pref->GetValue()->GetAsString(&salt);
+  DCHECK(success);
+  ManagedUserPassphrase passphrase_key_generator(salt);
+  std::string encoded_passphrase_hash;
+  passphrase_key_generator.GenerateHashFromPassphrase(passphrase,
+      &encoded_passphrase_hash);

[Bernhard Bauer, 2013/01/08 17:43:14]

Align with previous parameter, please.

[Adrian Kuegel, 2013/01/09 12:10:05]

Done.

+  if (stored_passphrase_hash == encoded_passphrase_hash) {
+    web_ui()->CallJavascriptFunction("passphraseCorrect");
+  } else {
+    web_ui()->CallJavascriptFunction("passphraseIncorrect");
+  }
+}
+
+}  // namespace
+
+const int kDialogWidth = 400;
+const int kDialogHeight = 310;
+
+void ManagedUserPassphraseDialogWebUI::CreateManagedUserPassphraseDialog(
+    content::WebContents* web_contents,
+    const base::Callback<void(bool)>& callback) {
+  // This is deleted automatically when the user closes the dialog.
+  new ManagedUserPassphraseDialogWebUI(web_contents, callback);
+}
+
+ui::ModalType ManagedUserPassphraseDialogWebUI::GetDialogModalType() const {
+  return ui::MODAL_TYPE_WINDOW;
+}
+
+string16 ManagedUserPassphraseDialogWebUI::GetDialogTitle() const {
+  return string16();
+}
+
+GURL ManagedUserPassphraseDialogWebUI::GetDialogContentURL() const {
+  return GURL(chrome::kChromeUIManagedUserPassphrasePageURL);
+}
+
+// This function is called by the constrained window delegate.
+void ManagedUserPassphraseDialogWebUI::GetWebUIMessageHandlers(
+    std::vector<content::WebUIMessageHandler*>* handlers) const {
+  DCHECK(handlers);
+  // The constrained window delegate takes care of registering the handler.
+  // The handler is also deleted automatically.
+  handlers->push_back(new ManagedUserPassphraseDialogMessageHandler());
+}
+
+void ManagedUserPassphraseDialogWebUI::GetDialogSize(gfx::Size* size) const {
+  size->SetSize(kDialogWidth, kDialogHeight);
+}
+
+std::string ManagedUserPassphraseDialogWebUI::GetDialogArgs() const {
+  return std::string();
+}
+
+void ManagedUserPassphraseDialogWebUI::OnDialogClosed(
+    const std::string& json_retval) {
+  if (closing_)
+    return;
+
+  closing_ = true;
+  callback_.Run(!json_retval.empty());
+}
+
+void ManagedUserPassphraseDialogWebUI::OnCloseContents(
+    content::WebContents* source, bool* out_close_dialog) {}
+
+bool ManagedUserPassphraseDialogWebUI::ShouldShowDialogTitle() const {
+  return false;
+}
+
+ManagedUserPassphraseDialogWebUI::ManagedUserPassphraseDialogWebUI(
+    content::WebContents* web_contents,
+    const base::Callback<void(bool)>& callback) : callback_(callback),
+    closing_(false) {
+  Profile* profile =
+      Profile::FromBrowserContext(web_contents->GetBrowserContext());
+  CreateDataSource(profile);
+  CreateConstrainedWebDialog(profile, this, NULL, web_contents);
+}
+
+ManagedUserPassphraseDialogWebUI::~ManagedUserPassphraseDialogWebUI() {
+}
+
+void ManagedUserPassphraseDialogWebUI::CreateDataSource(Profile* profile) {
+  ChromeWebUIDataSource* data_source =
+      new ChromeWebUIDataSource(chrome::kChromeUIManagedUserPassphrasePageHost);
+  data_source->set_default_resource(IDR_MANAGED_USER_PASSPHRASE_DIALOG_HTML);
+  data_source->add_resource_path("managed_user_passphrase_dialog.js",
+      IDR_MANAGED_USER_PASSPHRASE_DIALOG_JS);
+  data_source->add_resource_path("managed_user_passphrase_dialog.css",
+      IDR_MANAGED_USER_PASSPHRASE_DIALOG_CSS);
+  data_source->add_resource_path("chrome_kid.png",
+      IDR_MANAGED_USER_PASSPHRASE_DIALOG_IMG);
+  data_source->AddLocalizedString("managedModePassphrasePage",
+      IDS_PASSPHRASE_TITLE);
+  data_source->AddLocalizedString("forgot_passphrase", IDS_FORGOT_PASSPHRASE);
+  data_source->AddLocalizedString("unlock_passphrase_button",
+      IDS_UNLOCK_PASSPHRASE_BUTTON);
+  data_source->AddLocalizedString("passphrase_instruction",
+      IDS_PASSPHRASE_INSTRUCTION);
+  data_source->AddLocalizedString("incorrect_passphrase_warning",
+      IDS_INCORRECT_PASSPHRASE_WARNING);
+  data_source->AddLocalizedString("cancel_passphrase_button", IDS_CANCEL);
+  data_source->set_json_path("strings.js");
+  data_source->set_use_json_js_format_v2();
+  ChromeURLDataManager::AddDataSource(profile, data_source);
+}