chrome/browser/chromeos/policy/device_local_account.h

   1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_
   6 #define CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 namespace chromeos {
  12 class CrosSettings;
  13 }
  14
  15 namespace policy {
  16
  17 // This must match DeviceLocalAccountInfoProto.AccountType in
  18 // chrome_device_policy.proto.
  19 struct DeviceLocalAccount {
  20   enum Type {
  21     // A login-less, policy-configured browsing session.
  22     TYPE_PUBLIC_SESSION,
  23     // An account that serves as a container for a single full-screen app.
  24     TYPE_KIOSK_APP,
  25     // Sentinel, must be last.
  26     TYPE_COUNT
  27   };
  28
  29   DeviceLocalAccount(Type type,
  30                      const std::string& account_id,
  31                      const std::string& kiosk_app_id,
  32                      const std::string& kiosk_app_update_url);
  33   ~DeviceLocalAccount();
  34
  35   Type type;
  36   // A device-local account has two identifiers:
  37   // * The |account_id| is chosen by the entity that defines the device-local
  38   //   account. The only constraints are that the |account_id| be unique and,
  39   //   for legacy reasons, it contain an @ symbol.
  40   // * The |user_id| is a synthesized identifier that is guaranteed to be
  41   //   unique, contain an @ symbol, not collide with the |user_id| of any other
  42   //   user on the device (such as regular users or supervised users) and be
  43   //   identifiable as belonging to a device-local account by.
  44   // The |account_id| is primarily used by policy code: If device policy defines
  45   // a device-local account with a certain |account_id|, the user policy for
  46   // that account has to be fetched by referencing the same |account_id|.
  47   // The |user_id| is passed to the user_manager::UserManager where it becomes
  48   // part
  49   // of the global user list on the device. The |account_id| would not be safe
  50   // to use here as it is a free-form identifier that could conflict with
  51   // another |user_id| on the device and cannot be easily identified as
  52   // belonging to a device-local account.
  53   std::string account_id;
  54   std::string user_id;
  55   std::string kiosk_app_id;
  56   std::string kiosk_app_update_url;
  57 };
  58
  59 std::string GenerateDeviceLocalAccountUserId(const std::string& account_id,
  60                                              DeviceLocalAccount::Type type);
  61
  62 // Determines whether |user_id| belongs to a device-local account and if so,
  63 // returns the type of device-local account in |type| unless |type| is NULL.
  64 bool IsDeviceLocalAccountUser(const std::string& user_id,
  65                               DeviceLocalAccount::Type* type);
  66
  67 // Stores a list of device-local accounts in |cros_settings|. The accounts are
  68 // stored as a list of dictionaries with each dictionary containing the
  69 // information about one |DeviceLocalAccount|.
  70 void SetDeviceLocalAccounts(
  71     chromeos::CrosSettings* cros_settings,
  72     const std::vector<DeviceLocalAccount>& accounts);
  73
  74 // Retrieves a list of device-local accounts from |cros_settings|.
  75 std::vector<DeviceLocalAccount> GetDeviceLocalAccounts(
  76     chromeos::CrosSettings* cros_settings);
  77
  78 }  // namespace policy
  79
  80 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_