chrome/browser/chromeos/policy/device_local_account.cc

   1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/policy/device_local_account.h"
   6
   7 #include <set>
   8
   9 #include "base/basictypes.h"
  10 #include "base/logging.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/strings/string_number_conversions.h"
  13 #include "base/strings/string_util.h"
  14 #include "base/values.h"
  15 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
  16 #include "chrome/browser/chromeos/settings/cros_settings.h"
  17 #include "chromeos/login/user_names.h"
  18 #include "chromeos/settings/cros_settings_names.h"
  19 #include "google_apis/gaia/gaia_auth_util.h"
  20
  21 namespace policy {
  22
  23 namespace {
  24
  25 const char kPublicAccountDomainPrefix[] = "public-accounts";
  26 const char kKioskAppAccountDomainPrefix[] = "kiosk-apps";
  27 const char kDeviceLocalAccountDomainSuffix[] = ".device-local.localhost";
  28
  29 }  // namespace
  30
  31 DeviceLocalAccount::DeviceLocalAccount(Type type,
  32                                        const std::string& account_id,
  33                                        const std::string& kiosk_app_id,
  34                                        const std::string& kiosk_app_update_url)
  35     : type(type),
  36       account_id(account_id),
  37       user_id(GenerateDeviceLocalAccountUserId(account_id, type)),
  38       kiosk_app_id(kiosk_app_id),
  39       kiosk_app_update_url(kiosk_app_update_url) {
  40 }
  41
  42 DeviceLocalAccount::~DeviceLocalAccount() {
  43 }
  44
  45 std::string GenerateDeviceLocalAccountUserId(const std::string& account_id,
  46                                              DeviceLocalAccount::Type type) {
  47   std::string domain_prefix;
  48   switch (type) {
  49     case DeviceLocalAccount::TYPE_PUBLIC_SESSION:
  50       domain_prefix = kPublicAccountDomainPrefix;
  51       break;
  52     case DeviceLocalAccount::TYPE_KIOSK_APP:
  53       domain_prefix = kKioskAppAccountDomainPrefix;
  54       break;
  55     case DeviceLocalAccount::TYPE_COUNT:
  56       NOTREACHED();
  57       break;
  58   }
  59   return gaia::CanonicalizeEmail(
  60       base::HexEncode(account_id.c_str(), account_id.size()) + "@" +
  61       domain_prefix + kDeviceLocalAccountDomainSuffix);
  62 }
  63
  64 bool IsDeviceLocalAccountUser(const std::string& user_id,
  65                               DeviceLocalAccount::Type* type) {
  66   // For historical reasons, the guest user ID does not contain an @ symbol and
  67   // therefore, cannot be parsed by gaia::ExtractDomainName().
  68   if (user_id == chromeos::login::kGuestUserName)
  69     return false;
  70   const std::string domain = gaia::ExtractDomainName(user_id);
  71   if (!base::EndsWith(domain, kDeviceLocalAccountDomainSuffix,
  72                       base::CompareCase::SENSITIVE))
  73     return false;
  74
  75   const std::string domain_prefix = domain.substr(
  76       0, domain.size() - arraysize(kDeviceLocalAccountDomainSuffix) + 1);
  77
  78   if (domain_prefix == kPublicAccountDomainPrefix) {
  79     if (type)
  80       *type = DeviceLocalAccount::TYPE_PUBLIC_SESSION;
  81     return true;
  82   }
  83   if (domain_prefix == kKioskAppAccountDomainPrefix) {
  84     if (type)
  85       *type = DeviceLocalAccount::TYPE_KIOSK_APP;
  86     return true;
  87   }
  88
  89   // |user_id| is a device-local account but its type is not recognized.
  90   NOTREACHED();
  91   if (type)
  92     *type = DeviceLocalAccount::TYPE_COUNT;
  93   return true;
  94 }
  95
  96 void SetDeviceLocalAccounts(chromeos::OwnerSettingsServiceChromeOS* service,
  97                             const std::vector<DeviceLocalAccount>& accounts) {
  98   base::ListValue list;
  99   for (std::vector<DeviceLocalAccount>::const_iterator it = accounts.begin();
 100        it != accounts.end(); ++it) {
 101     scoped_ptr<base::DictionaryValue> entry(new base::DictionaryValue);
 102     entry->SetStringWithoutPathExpansion(
 103         chromeos::kAccountsPrefDeviceLocalAccountsKeyId,
 104         it->account_id);
 105     entry->SetIntegerWithoutPathExpansion(
 106         chromeos::kAccountsPrefDeviceLocalAccountsKeyType,
 107         it->type);
 108     if (it->type == DeviceLocalAccount::TYPE_KIOSK_APP) {
 109       entry->SetStringWithoutPathExpansion(
 110           chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
 111           it->kiosk_app_id);
 112       if (!it->kiosk_app_update_url.empty()) {
 113         entry->SetStringWithoutPathExpansion(
 114             chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppUpdateURL,
 115             it->kiosk_app_update_url);
 116       }
 117     }
 118     list.Append(entry.release());
 119   }
 120
 121   service->Set(chromeos::kAccountsPrefDeviceLocalAccounts, list);
 122 }
 123
 124 std::vector<DeviceLocalAccount> GetDeviceLocalAccounts(
 125     chromeos::CrosSettings* cros_settings) {
 126   std::vector<DeviceLocalAccount> accounts;
 127
 128   const base::ListValue* list = NULL;
 129   cros_settings->GetList(chromeos::kAccountsPrefDeviceLocalAccounts, &list);
 130   if (!list)
 131     return accounts;
 132
 133   std::set<std::string> account_ids;
 134   for (size_t i = 0; i < list->GetSize(); ++i) {
 135     const base::DictionaryValue* entry = NULL;
 136     if (!list->GetDictionary(i, &entry)) {
 137       LOG(ERROR) << "Corrupt entry in device-local account list at index " << i
 138                  << ".";
 139       continue;
 140     }
 141
 142     std::string account_id;
 143     if (!entry->GetStringWithoutPathExpansion(
 144             chromeos::kAccountsPrefDeviceLocalAccountsKeyId, &account_id) ||
 145         account_id.empty()) {
 146       LOG(ERROR) << "Missing account ID in device-local account list at index "
 147                  << i << ".";
 148       continue;
 149     }
 150
 151     int type;
 152     if (!entry->GetIntegerWithoutPathExpansion(
 153             chromeos::kAccountsPrefDeviceLocalAccountsKeyType, &type) ||
 154         type < 0 || type >= DeviceLocalAccount::TYPE_COUNT) {
 155       LOG(ERROR) << "Missing or invalid account type in device-local account "
 156                  << "list at index " << i << ".";
 157       continue;
 158     }
 159
 160     std::string kiosk_app_id;
 161     std::string kiosk_app_update_url;
 162     if (type == DeviceLocalAccount::TYPE_KIOSK_APP) {
 163       if (!entry->GetStringWithoutPathExpansion(
 164               chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
 165               &kiosk_app_id)) {
 166         LOG(ERROR) << "Missing app ID in device-local account entry at index "
 167                    << i << ".";
 168         continue;
 169       }
 170       entry->GetStringWithoutPathExpansion(
 171           chromeos::kAccountsPrefDeviceLocalAccountsKeyKioskAppUpdateURL,
 172           &kiosk_app_update_url);
 173     }
 174
 175     if (!account_ids.insert(account_id).second) {
 176       LOG(ERROR) << "Duplicate entry in device-local account list at index "
 177                  << i << ": " << account_id << ".";
 178       continue;
 179     }
 180
 181     accounts.push_back(
 182         DeviceLocalAccount(static_cast<DeviceLocalAccount::Type>(type),
 183                            account_id,
 184                            kiosk_app_id,
 185                            kiosk_app_update_url));
 186   }
 187   return accounts;
 188 }
 189
 190 }  // namespace policy