Chromium Code Reviews Chromium Code Reviews
Issue 221813006:
Various supervised user password fixes - 2 (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h" | 5 #include "chrome/browser/chromeos/login/supervised_user_manager_impl.h" |
| 6 | 6 |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/prefs/pref_registry_simple.h" | 9 #include "base/prefs/pref_registry_simple.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 67 "SupervisedUserPasswordSchema"; | 67 "SupervisedUserPasswordSchema"; |
| 68 | 68 |
| 69 // A map from user id to password salt. | 69 // A map from user id to password salt. |
| 70 const char kSupervisedUserPasswordSalt[] = | 70 const char kSupervisedUserPasswordSalt[] = |
| 71 "SupervisedUserPasswordSalt"; | 71 "SupervisedUserPasswordSalt"; |
| 72 | 72 |
| 73 // A map from user id to password revision. | 73 // A map from user id to password revision. |
| 74 const char kSupervisedUserPasswordRevision[] = | 74 const char kSupervisedUserPasswordRevision[] = |
| 75 "SupervisedUserPasswordRevision"; | 75 "SupervisedUserPasswordRevision"; |
| 76 | 76 |
| 77 // A map from user id to flag indicating if password should be updated upon | |
| 78 // signin. | |
| 79 const char kSupervisedUserNeedPasswordUpdate[] = | |
| 80 "SupervisedUserNeedPasswordUpdate"; | |
| 81 | |
| 82 // A map from user id to flag indicating if cryptohome does not have signature | |
| 83 // key. | |
| 84 const char kSupervisedUserIncompleteKey[] = "SupervisedUserHasIncompleteKey"; | |
| 85 | |
| 77 std::string LoadSyncToken(base::FilePath profile_dir) { | 86 std::string LoadSyncToken(base::FilePath profile_dir) { |
| 78 std::string token; | 87 std::string token; |
| 79 base::FilePath token_file = | 88 base::FilePath token_file = |
| 80 profile_dir.Append(chromeos::kManagedUserTokenFilename); | 89 profile_dir.Append(chromeos::kManagedUserTokenFilename); |
| 81 VLOG(1) << "Loading" << token_file.value(); | 90 VLOG(1) << "Loading" << token_file.value(); |
| 82 if (!base::ReadFileToString(token_file, &token)) | 91 if (!base::ReadFileToString(token_file, &token)) |
| 83 return std::string(); | 92 return std::string(); |
| 84 return token; | 93 return token; |
| 85 } | 94 } |
| 86 | 95 |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 110 registry->RegisterStringPref( | 119 registry->RegisterStringPref( |
| 111 kLocallyManagedUserCreationTransactionUserId, ""); | 120 kLocallyManagedUserCreationTransactionUserId, ""); |
| 112 registry->RegisterDictionaryPref(kManagedUserSyncId); | 121 registry->RegisterDictionaryPref(kManagedUserSyncId); |
| 113 registry->RegisterDictionaryPref(kManagedUserManagers); | 122 registry->RegisterDictionaryPref(kManagedUserManagers); |
| 114 registry->RegisterDictionaryPref(kManagedUserManagerNames); | 123 registry->RegisterDictionaryPref(kManagedUserManagerNames); |
| 115 registry->RegisterDictionaryPref(kManagedUserManagerDisplayEmails); | 124 registry->RegisterDictionaryPref(kManagedUserManagerDisplayEmails); |
| 116 | 125 |
| 117 registry->RegisterDictionaryPref(kSupervisedUserPasswordSchema); | 126 registry->RegisterDictionaryPref(kSupervisedUserPasswordSchema); |
| 118 registry->RegisterDictionaryPref(kSupervisedUserPasswordSalt); | 127 registry->RegisterDictionaryPref(kSupervisedUserPasswordSalt); |
| 119 registry->RegisterDictionaryPref(kSupervisedUserPasswordRevision); | 128 registry->RegisterDictionaryPref(kSupervisedUserPasswordRevision); |
| 129 | |
| 130 registry->RegisterDictionaryPref(kSupervisedUserNeedPasswordUpdate); | |
| 131 registry->RegisterDictionaryPref(kSupervisedUserIncompleteKey); | |
| 120 } | 132 } |
| 121 | 133 |
| 122 SupervisedUserManagerImpl::SupervisedUserManagerImpl(UserManagerImpl* owner) | 134 SupervisedUserManagerImpl::SupervisedUserManagerImpl(UserManagerImpl* owner) |
| 123 : owner_(owner), | 135 : owner_(owner), |
| 124 cros_settings_(CrosSettings::Get()) { | 136 cros_settings_(CrosSettings::Get()) { |
| 125 // SupervisedUserManager instance should be used only on UI thread. | 137 // SupervisedUserManager instance should be used only on UI thread. |
| 126 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 138 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 127 authentication_.reset(new SupervisedUserAuthentication(this)); | 139 authentication_.reset(new SupervisedUserAuthentication(this)); |
| 128 } | 140 } |
| 129 | 141 |
| (...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 246 | 258 |
| 247 void SupervisedUserManagerImpl::GetPasswordInformation( | 259 void SupervisedUserManagerImpl::GetPasswordInformation( |
| 248 const std::string& user_id, | 260 const std::string& user_id, |
| 249 base::DictionaryValue* result) { | 261 base::DictionaryValue* result) { |
| 250 int value; | 262 int value; |
| 251 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, &value)) | 263 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, &value)) |
| 252 result->SetIntegerWithoutPathExpansion(kSchemaVersion, value); | 264 result->SetIntegerWithoutPathExpansion(kSchemaVersion, value); |
| 253 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, &value)) | 265 if (GetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, &value)) |
| 254 result->SetIntegerWithoutPathExpansion(kPasswordRevision, value); | 266 result->SetIntegerWithoutPathExpansion(kPasswordRevision, value); |
| 255 | 267 |
| 268 bool flag; | |
| 269 if (GetUserBooleanValue(user_id, kSupervisedUserNeedPasswordUpdate, &flag)) | |
| 270 result->SetBooleanWithoutPathExpansion(kRequirePasswordUpdate, flag); | |
| 271 if (GetUserBooleanValue(user_id, kSupervisedUserIncompleteKey, &flag)) | |
| 272 result->SetBooleanWithoutPathExpansion(kHasIncompleteKey, flag); | |
| 273 | |
| 256 std::string salt; | 274 std::string salt; |
| 257 if (GetUserStringValue(user_id, kSupervisedUserPasswordSalt, &salt)) | 275 if (GetUserStringValue(user_id, kSupervisedUserPasswordSalt, &salt)) |
| 258 result->SetStringWithoutPathExpansion(kSalt, salt); | 276 result->SetStringWithoutPathExpansion(kSalt, salt); |
| 259 } | 277 } |
| 260 | 278 |
| 261 void SupervisedUserManagerImpl::SetPasswordInformation( | 279 void SupervisedUserManagerImpl::SetPasswordInformation( |
| 262 const std::string& user_id, | 280 const std::string& user_id, |
| 263 const base::DictionaryValue* password_info) { | 281 const base::DictionaryValue* password_info) { |
| 264 int value; | 282 int value; |
| 265 if (password_info->GetIntegerWithoutPathExpansion(kSchemaVersion, &value)) | 283 if (password_info->GetIntegerWithoutPathExpansion(kSchemaVersion, &value)) |
| 266 SetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, value); | 284 SetUserIntegerValue(user_id, kSupervisedUserPasswordSchema, value); |
| 267 if (password_info->GetIntegerWithoutPathExpansion(kPasswordRevision, &value)) | 285 if (password_info->GetIntegerWithoutPathExpansion(kPasswordRevision, &value)) |
| 268 SetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, value); | 286 SetUserIntegerValue(user_id, kSupervisedUserPasswordRevision, value); |
| 269 | 287 |
| 288 bool flag; | |
| 289 if (password_info->GetBooleanWithoutPathExpansion(kRequirePasswordUpdate, | |
| 290 &flag)) | |
|
Bernhard Bauer
2014/04/02 14:05:28
If the condition is more than one line, use braces
Denis Kuznetsov (DE-MUC)
2014/04/02 14:48:51
Done.
| |
| 291 SetUserBooleanValue(user_id, kSupervisedUserNeedPasswordUpdate, flag); | |
| 292 if (password_info->GetBooleanWithoutPathExpansion(kHasIncompleteKey, &flag)) | |
| 293 SetUserBooleanValue(user_id, kSupervisedUserIncompleteKey, flag); | |
| 294 | |
| 270 std::string salt; | 295 std::string salt; |
| 271 if (password_info->GetStringWithoutPathExpansion(kSalt, &salt)) | 296 if (password_info->GetStringWithoutPathExpansion(kSalt, &salt)) |
| 272 SetUserStringValue(user_id, kSupervisedUserPasswordSalt, salt); | 297 SetUserStringValue(user_id, kSupervisedUserPasswordSalt, salt); |
| 273 g_browser_process->local_state()->CommitPendingWrite(); | 298 g_browser_process->local_state()->CommitPendingWrite(); |
| 274 } | 299 } |
| 275 | 300 |
| 276 bool SupervisedUserManagerImpl::GetUserStringValue( | 301 bool SupervisedUserManagerImpl::GetUserStringValue( |
| 277 const std::string& user_id, | 302 const std::string& user_id, |
| 278 const char* key, | 303 const char* key, |
| 279 std::string* out_value) const { | 304 std::string* out_value) const { |
| 280 PrefService* local_state = g_browser_process->local_state(); | 305 PrefService* local_state = g_browser_process->local_state(); |
| 281 const base::DictionaryValue* dictionary = local_state->GetDictionary(key); | 306 const base::DictionaryValue* dictionary = local_state->GetDictionary(key); |
| 282 return dictionary->GetStringWithoutPathExpansion(user_id, out_value); | 307 return dictionary->GetStringWithoutPathExpansion(user_id, out_value); |
| 283 } | 308 } |
| 284 | 309 |
| 285 bool SupervisedUserManagerImpl::GetUserIntegerValue( | 310 bool SupervisedUserManagerImpl::GetUserIntegerValue( |
| 286 const std::string& user_id, | 311 const std::string& user_id, |
| 287 const char* key, | 312 const char* key, |
| 288 int* out_value) const { | 313 int* out_value) const { |
| 289 PrefService* local_state = g_browser_process->local_state(); | 314 PrefService* local_state = g_browser_process->local_state(); |
| 290 const base::DictionaryValue* dictionary = local_state->GetDictionary(key); | 315 const base::DictionaryValue* dictionary = local_state->GetDictionary(key); |
| 291 return dictionary->GetIntegerWithoutPathExpansion(user_id, out_value); | 316 return dictionary->GetIntegerWithoutPathExpansion(user_id, out_value); |
| 292 } | 317 } |
| 293 | 318 |
| 319 bool SupervisedUserManagerImpl::GetUserBooleanValue(const std::string& user_id, | |
| 320 const char* key, | |
| 321 bool* out_value) const { | |
| 322 PrefService* local_state = g_browser_process->local_state(); | |
| 323 const base::DictionaryValue* dictionary = local_state->GetDictionary(key); | |
| 324 return dictionary->GetBooleanWithoutPathExpansion(user_id, out_value); | |
| 325 } | |
| 326 | |
| 294 void SupervisedUserManagerImpl::SetUserStringValue( | 327 void SupervisedUserManagerImpl::SetUserStringValue( |
| 295 const std::string& user_id, | 328 const std::string& user_id, |
| 296 const char* key, | 329 const char* key, |
| 297 const std::string& value) { | 330 const std::string& value) { |
| 298 PrefService* local_state = g_browser_process->local_state(); | 331 PrefService* local_state = g_browser_process->local_state(); |
| 299 DictionaryPrefUpdate update(local_state, key); | 332 DictionaryPrefUpdate update(local_state, key); |
| 300 update->SetStringWithoutPathExpansion(user_id, value); | 333 update->SetStringWithoutPathExpansion(user_id, value); |
| 301 } | 334 } |
| 302 | 335 |
| 303 void SupervisedUserManagerImpl::SetUserIntegerValue( | 336 void SupervisedUserManagerImpl::SetUserIntegerValue( |
| 304 const std::string& user_id, | 337 const std::string& user_id, |
| 305 const char* key, | 338 const char* key, |
| 306 const int value) { | 339 const int value) { |
| 307 PrefService* local_state = g_browser_process->local_state(); | 340 PrefService* local_state = g_browser_process->local_state(); |
| 308 DictionaryPrefUpdate update(local_state, key); | 341 DictionaryPrefUpdate update(local_state, key); |
| 309 update->SetIntegerWithoutPathExpansion(user_id, value); | 342 update->SetIntegerWithoutPathExpansion(user_id, value); |
| 310 } | 343 } |
| 311 | 344 |
| 345 void SupervisedUserManagerImpl::SetUserBooleanValue(const std::string& user_id, | |
| 346 const char* key, | |
| 347 const bool value) { | |
| 348 PrefService* local_state = g_browser_process->local_state(); | |
| 349 DictionaryPrefUpdate update(local_state, key); | |
| 350 update->SetBooleanWithoutPathExpansion(user_id, value); | |
| 351 } | |
| 352 | |
| 312 const User* SupervisedUserManagerImpl::FindByDisplayName( | 353 const User* SupervisedUserManagerImpl::FindByDisplayName( |
| 313 const base::string16& display_name) const { | 354 const base::string16& display_name) const { |
| 314 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 355 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 315 const UserList& users = owner_->GetUsers(); | 356 const UserList& users = owner_->GetUsers(); |
| 316 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { | 357 for (UserList::const_iterator it = users.begin(); it != users.end(); ++it) { |
| 317 if (((*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) && | 358 if (((*it)->GetType() == User::USER_TYPE_LOCALLY_MANAGED) && |
| 318 ((*it)->display_name() == display_name)) { | 359 ((*it)->display_name() == display_name)) { |
| 319 return *it; | 360 return *it; |
| 320 } | 361 } |
| 321 } | 362 } |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 405 ListPrefUpdate prefs_new_users_update(prefs, kLocallyManagedUsersFirstRun); | 446 ListPrefUpdate prefs_new_users_update(prefs, kLocallyManagedUsersFirstRun); |
| 406 prefs_new_users_update->Remove(base::StringValue(user_id), NULL); | 447 prefs_new_users_update->Remove(base::StringValue(user_id), NULL); |
| 407 | 448 |
| 408 CleanPref(user_id, kManagedUserSyncId); | 449 CleanPref(user_id, kManagedUserSyncId); |
| 409 CleanPref(user_id, kManagedUserManagers); | 450 CleanPref(user_id, kManagedUserManagers); |
| 410 CleanPref(user_id, kManagedUserManagerNames); | 451 CleanPref(user_id, kManagedUserManagerNames); |
| 411 CleanPref(user_id, kManagedUserManagerDisplayEmails); | 452 CleanPref(user_id, kManagedUserManagerDisplayEmails); |
| 412 CleanPref(user_id, kSupervisedUserPasswordSalt); | 453 CleanPref(user_id, kSupervisedUserPasswordSalt); |
| 413 CleanPref(user_id, kSupervisedUserPasswordSchema); | 454 CleanPref(user_id, kSupervisedUserPasswordSchema); |
| 414 CleanPref(user_id, kSupervisedUserPasswordRevision); | 455 CleanPref(user_id, kSupervisedUserPasswordRevision); |
| 456 CleanPref(user_id, kSupervisedUserNeedPasswordUpdate); | |
| 457 CleanPref(user_id, kSupervisedUserIncompleteKey); | |
| 415 } | 458 } |
| 416 | 459 |
| 417 void SupervisedUserManagerImpl::CleanPref(const std::string& user_id, | 460 void SupervisedUserManagerImpl::CleanPref(const std::string& user_id, |
| 418 const char* key) { | 461 const char* key) { |
| 419 PrefService* prefs = g_browser_process->local_state(); | 462 PrefService* prefs = g_browser_process->local_state(); |
| 420 DictionaryPrefUpdate dict_update(prefs, key); | 463 DictionaryPrefUpdate dict_update(prefs, key); |
| 421 dict_update->RemoveWithoutPathExpansion(user_id, NULL); | 464 dict_update->RemoveWithoutPathExpansion(user_id, NULL); |
| 422 } | 465 } |
| 423 | 466 |
| 424 bool SupervisedUserManagerImpl::CheckForFirstRun(const std::string& user_id) { | 467 bool SupervisedUserManagerImpl::CheckForFirstRun(const std::string& user_id) { |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 467 } | 510 } |
| 468 | 511 |
| 469 void SupervisedUserManagerImpl::ConfigureSyncWithToken( | 512 void SupervisedUserManagerImpl::ConfigureSyncWithToken( |
| 470 Profile* profile, | 513 Profile* profile, |
| 471 const std::string& token) { | 514 const std::string& token) { |
| 472 if (!token.empty()) | 515 if (!token.empty()) |
| 473 ManagedUserServiceFactory::GetForProfile(profile)->InitSync(token); | 516 ManagedUserServiceFactory::GetForProfile(profile)->InitSync(token); |
| 474 } | 517 } |
| 475 | 518 |
| 476 } // namespace chromeos | 519 } // namespace chromeos |
| OLD | NEW |
