Don't do auto-enrollment if ActivateDate key is present in VPD.

This is a simplified implementation that pulls the ActivateDate key directly via StatisticsProvider instead of passing it into Chrome along with server-backed state keys from session_manager. The latter code will be removed in a subsequent CL. BUG=chromium:397354 Review URL: https://codereview.chromium.org/650033003 Cr-Commit-Position: refs/heads/master@{#299462}
author: mnissler <mnissler@chromium.org> 2014-10-14 04:58:16 -0700
committer: Commit bot <commit-bot@chromium.org> 2014-10-14 11:58:27 +0000
commit: bbf7538fb0e8bfe7c9929993ea3587b521045a5b (patch)
tree: b4bf6e7b54e8d07412b9fc04f8c52dedb67cf18a
parent: a0b9d8cd4fb52e849aeb8174657518f6404c4008 (diff)
download: chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.zip
chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.tar.gz
chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.tar.bz2
7 files changed, 101 insertions, 2 deletions
diff --git a/chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc b/chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc
index d24d75c..1a8d98d 100644
--- a/chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc
+++ b/chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc
@@ -14,6 +14,7 @@
 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h"
 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h"
 #include "chromeos/chromeos_switches.h"
+#include "chromeos/system/statistics_provider.h"
 #include "components/policy/core/common/cloud/device_management_service.h"
 #include "net/url_request/url_request_context_getter.h"
 
@@ -48,6 +49,18 @@ int GetSanitizedArg(const std::string& switch_name) {
   return int_value;
 }
 
+// Checks whether the device is yet to be set up by the first user in its
+// lifetime. After first setup, the activation date gets stored in the R/W VPD,
+// the absence of this key signals the device is factory-fresh. The requirement
+// for the machine serial number to be present as well is a sanity-check to
+// ensure that the VPD has actually been read successfully.
+bool IsFirstDeviceSetup() {
+  std::string activate_date;
+  return !system::StatisticsProvider::GetInstance()->HasMachineStatistic(
+             system::kActivateDateKey) &&
+         !policy::DeviceCloudPolicyManagerChromeOS::GetMachineID().empty();
+}
+
 }  // namespace
 
 const char AutoEnrollmentController::kForcedReEnrollmentAlways[] = "always";
@@ -95,6 +108,9 @@ void AutoEnrollmentController::Start() {
   // 1. we are running telemetry tests.
   // 2. modulus configuration is not present.
   // 3. Auto-enrollment is disabled via the command line.
+  // 4. This is the first boot ever, so re-enrollment checks are pointless. This
+  //    also enables factories to start full guest sessions for testing, see
+  //    http://crbug.com/397354 for more context.
 
   CommandLine* command_line = CommandLine::ForCurrentProcess();
   if (command_line->HasSwitch(chromeos::switches::kDisableGaiaServices) ||
@@ -102,7 +118,8 @@ void AutoEnrollmentController::Start() {
            chromeos::switches::kEnterpriseEnrollmentInitialModulus) &&
        !command_line->HasSwitch(
            chromeos::switches::kEnterpriseEnrollmentModulusLimit)) ||
-      GetMode() == MODE_NONE) {
+      GetMode() == MODE_NONE ||
+      IsFirstDeviceSetup()) {
     VLOG(1) << "Auto-enrollment disabled.";
     UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT);
     return;
diff --git a/chrome/browser/chromeos/login/kiosk_browsertest.cc b/chrome/browser/chromeos/login/kiosk_browsertest.cc
index b3a7417..3ef15e6 100644
--- a/chrome/browser/chromeos/login/kiosk_browsertest.cc
+++ b/chrome/browser/chromeos/login/kiosk_browsertest.cc
@@ -46,6 +46,8 @@
 #include "chromeos/chromeos_switches.h"
 #include "chromeos/dbus/cryptohome_client.h"
 #include "chromeos/disks/disk_mount_manager.h"
+#include "chromeos/system/fake_statistics_provider.h"
+#include "chromeos/system/statistics_provider.h"
 #include "components/signin/core/common/signin_pref_names.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_observer.h"
@@ -964,6 +966,9 @@ IN_PROC_BROWSER_TEST_F(KioskTest, KioskEnableConfirmed) {
 
 IN_PROC_BROWSER_TEST_F(KioskTest, KioskEnableAbortedWithAutoEnrollment) {
   // Fake an auto enrollment is going to be enforced.
+  system::ScopedFakeStatisticsProvider fake_statistics_provider_;
+  fake_statistics_provider_.SetMachineStatistic(system::kActivateDateKey,
+                                                "2000-01");
   CommandLine::ForCurrentProcess()->AppendSwitchASCII(
       switches::kEnterpriseEnrollmentInitialModulus, "1");
   CommandLine::ForCurrentProcess()->AppendSwitchASCII(
diff --git a/chrome/browser/chromeos/login/wizard_controller_browsertest.cc b/chrome/browser/chromeos/login/wizard_controller_browsertest.cc
index 40a256a..c97fb4b 100644
--- a/chrome/browser/chromeos/login/wizard_controller_browsertest.cc
+++ b/chrome/browser/chromeos/login/wizard_controller_browsertest.cc
@@ -62,6 +62,8 @@
 #include "chromeos/network/network_state.h"
 #include "chromeos/network/network_state_handler.h"
 #include "chromeos/settings/timezone_settings.h"
+#include "chromeos/system/fake_statistics_provider.h"
+#include "chromeos/system/statistics_provider.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/test_utils.h"
 #include "net/test/spawned_test_server/spawned_test_server.h"
@@ -693,7 +695,11 @@ IN_PROC_BROWSER_TEST_F(WizardControllerFlowTest,
 
 class WizardControllerEnrollmentFlowTest : public WizardControllerFlowTest {
  protected:
-  WizardControllerEnrollmentFlowTest() {}
+  WizardControllerEnrollmentFlowTest() {
+    fake_statistics_provider_.SetMachineStatistic("serial_number", "test");
+    fake_statistics_provider_.SetMachineStatistic(system::kActivateDateKey,
+                                                  "2000-01");
+  }
 
   virtual void SetUpCommandLine(CommandLine* command_line) override {
     WizardControllerFlowTest::SetUpCommandLine(command_line);
@@ -707,6 +713,8 @@ class WizardControllerEnrollmentFlowTest : public WizardControllerFlowTest {
         switches::kEnterpriseEnrollmentModulusLimit, "2");
   }
 
+  system::ScopedFakeStatisticsProvider fake_statistics_provider_;
+
  private:
   DISALLOW_COPY_AND_ASSIGN(WizardControllerEnrollmentFlowTest);
 };
@@ -765,6 +773,43 @@ IN_PROC_BROWSER_TEST_F(WizardControllerEnrollmentFlowTest,
   EXPECT_TRUE(StartupUtils::IsOobeCompleted());
 }
 
+IN_PROC_BROWSER_TEST_F(WizardControllerEnrollmentFlowTest,
+                       ControlFlowNoForcedReEnrollmentOnFirstBoot) {
+  fake_statistics_provider_.ClearMachineStatistic(system::kActivateDateKey);
+  EXPECT_NE(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT,
+            LoginDisplayHostImpl::default_host()
+                ->GetAutoEnrollmentController()
+                ->state());
+
+  CheckCurrentScreen(WizardController::kNetworkScreenName);
+  EXPECT_CALL(*mock_network_screen_, Hide()).Times(1);
+  EXPECT_CALL(*mock_eula_screen_, Show()).Times(1);
+  OnExit(ScreenObserver::NETWORK_CONNECTED);
+
+  CheckCurrentScreen(WizardController::kEulaScreenName);
+  EXPECT_CALL(*mock_eula_screen_, Hide()).Times(1);
+  EXPECT_CALL(*mock_update_screen_, StartNetworkCheck()).Times(1);
+  EXPECT_CALL(*mock_update_screen_, Show()).Times(1);
+  OnExit(ScreenObserver::EULA_ACCEPTED);
+  // Let update screen smooth time process (time = 0ms).
+  content::RunAllPendingInMessageLoop();
+
+  CheckCurrentScreen(WizardController::kUpdateScreenName);
+  EXPECT_CALL(*mock_update_screen_, Hide()).Times(1);
+  EXPECT_CALL(*mock_auto_enrollment_check_screen_, Show()).Times(1);
+  OnExit(ScreenObserver::UPDATE_INSTALLED);
+
+  AutoEnrollmentCheckScreen* screen =
+      AutoEnrollmentCheckScreen::Get(WizardController::default_controller());
+  EXPECT_EQ(screen,
+            WizardController::default_controller()->current_screen());
+  screen->Start();
+  EXPECT_EQ(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT,
+            LoginDisplayHostImpl::default_host()
+                ->GetAutoEnrollmentController()
+                ->state());
+}
+
 class WizardControllerBrokenLocalStateTest : public WizardControllerTest {
  protected:
   WizardControllerBrokenLocalStateTest()
diff --git a/chromeos/system/fake_statistics_provider.cc b/chromeos/system/fake_statistics_provider.cc
index e9f530b..0f264c4 100644
--- a/chromeos/system/fake_statistics_provider.cc
+++ b/chromeos/system/fake_statistics_provider.cc
@@ -27,6 +27,10 @@ bool FakeStatisticsProvider::GetMachineStatistic(const std::string& name,
   return match != machine_statistics_.end();
 }
 
+bool FakeStatisticsProvider::HasMachineStatistic(const std::string& name) {
+  return machine_statistics_.find(name) != machine_statistics_.end();
+}
+
 bool FakeStatisticsProvider::GetMachineFlag(const std::string& name,
                                             bool* result) {
   std::map<std::string, bool>::const_iterator match = machine_flags_.find(name);
@@ -35,6 +39,10 @@ bool FakeStatisticsProvider::GetMachineFlag(const std::string& name,
   return match != machine_flags_.end();
 }
 
+bool FakeStatisticsProvider::HasMachineFlag(const std::string& name) {
+  return machine_flags_.find(name) != machine_flags_.end();
+}
+
 void FakeStatisticsProvider::Shutdown() {
 }
 
diff --git a/chromeos/system/fake_statistics_provider.h b/chromeos/system/fake_statistics_provider.h
index 7953c40..c2dde04 100644
--- a/chromeos/system/fake_statistics_provider.h
+++ b/chromeos/system/fake_statistics_provider.h
@@ -25,7 +25,9 @@ class FakeStatisticsProvider : public StatisticsProvider {
       bool load_oem_manifest) override;
   virtual bool GetMachineStatistic(const std::string& name,
                                    std::string* result) override;
+  virtual bool HasMachineStatistic(const std::string& name) override;
   virtual bool GetMachineFlag(const std::string& name, bool* result) override;
+  virtual bool HasMachineFlag(const std::string& name) override;
   virtual void Shutdown() override;
 
   void SetMachineStatistic(const std::string& key, const std::string& value);
diff --git a/chromeos/system/statistics_provider.cc b/chromeos/system/statistics_provider.cc
index 48ff3d7..68a3f9c 100644
--- a/chromeos/system/statistics_provider.cc
+++ b/chromeos/system/statistics_provider.cc
@@ -74,6 +74,7 @@ const char kHardwareClassKey[] = "hardware_class";
 const char kOffersCouponCodeKey[] = "ubind_attribute";
 const char kOffersGroupCodeKey[] = "gbind_attribute";
 const char kRlzBrandCodeKey[] = "rlz_brand_code";
+const char kActivateDateKey[] = "ActivateDate";
 
 // OEM specific statistics. Must be prefixed with "oem_".
 const char kOemCanExitEnterpriseEnrollmentKey[] = "oem_can_exit_enrollment";
@@ -94,7 +95,9 @@ class StatisticsProviderImpl : public StatisticsProvider {
       bool load_oem_manifest) override;
   virtual bool GetMachineStatistic(const std::string& name,
                                    std::string* result) override;
+  virtual bool HasMachineStatistic(const std::string& name) override;
   virtual bool GetMachineFlag(const std::string& name, bool* result) override;
+  virtual bool HasMachineFlag(const std::string& name) override;
   virtual void Shutdown() override;
 
   static StatisticsProviderImpl* GetInstance();
@@ -171,6 +174,11 @@ bool StatisticsProviderImpl::GetMachineStatistic(const std::string& name,
   return true;
 }
 
+bool StatisticsProviderImpl::HasMachineStatistic(const std::string& name) {
+  std::string result;
+  return GetMachineStatistic(name, &result);
+}
+
 bool StatisticsProviderImpl::GetMachineFlag(const std::string& name,
                                             bool* result) {
   VLOG(1) << "Machine Flag requested: " << name;
@@ -191,6 +199,11 @@ bool StatisticsProviderImpl::GetMachineFlag(const std::string& name,
   return true;
 }
 
+bool StatisticsProviderImpl::HasMachineFlag(const std::string& name) {
+  bool result = false;
+  return GetMachineFlag(name, &result);
+}
+
 void StatisticsProviderImpl::Shutdown() {
   cancellation_flag_.Set();  // Cancel any pending loads
 }
diff --git a/chromeos/system/statistics_provider.h b/chromeos/system/statistics_provider.h
index d1dd22c..be477055a 100644
--- a/chromeos/system/statistics_provider.h
+++ b/chromeos/system/statistics_provider.h
@@ -49,6 +49,9 @@ CHROMEOS_EXPORT extern const char kOffersGroupCodeKey[];
 // Release Brand Code key.
 CHROMEOS_EXPORT extern const char kRlzBrandCodeKey[];
 
+// Activation date key.
+CHROMEOS_EXPORT extern const char kActivateDateKey[];
+
 // This interface provides access to Chrome OS statistics.
 class CHROMEOS_EXPORT StatisticsProvider {
  public:
@@ -66,9 +69,15 @@ class CHROMEOS_EXPORT StatisticsProvider {
   virtual bool GetMachineStatistic(const std::string& name,
                                    std::string* result) = 0;
 
+  // Checks whether a machine statistic is present.
+  virtual bool HasMachineStatistic(const std::string& name) = 0;
+
   // Similar to GetMachineStatistic for boolean flags.
   virtual bool GetMachineFlag(const std::string& name, bool* result) = 0;
 
+  // Checks whether a machine flag is present.
+  virtual bool HasMachineFlag(const std::string& name) = 0;
+
   // Cancels any pending file operations.
   virtual void Shutdown() = 0;
author	mnissler <mnissler@chromium.org>	2014-10-14 04:58:16 -0700
committer	Commit bot <commit-bot@chromium.org>	2014-10-14 11:58:27 +0000
commit	bbf7538fb0e8bfe7c9929993ea3587b521045a5b (patch)
tree	b4bf6e7b54e8d07412b9fc04f8c52dedb67cf18a
parent	a0b9d8cd4fb52e849aeb8174657518f6404c4008 (diff)
download	chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.zip chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.tar.gz chromium_src-bbf7538fb0e8bfe7c9929993ea3587b521045a5b.tar.bz2