Allow explicitly whitelisted apps/extensions in public sessions

This CL adds an extension management policy provider that allows explicitly whitelisted apps/extensions to be installed in public sessions. Right now, QuickOffice and all hosted apps are whitelisted. BUG=296868 TEST=New browser and unit tests Review URL: https://codereview.chromium.org/24261010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@226494 0039d316-1c4b-4281-b951-d872f2087c98
author: bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-10-02 17:47:44 +0000
committer: bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-10-02 17:47:44 +0000
commit: 022e91b582c710188fbc7a030462d3396d8c899f (patch)
tree: ee18a2b9c9689e8d9c86546228f119c9331397fc /chrome/browser/chromeos/policy/device_local_account.cc
parent: 8211dd35b6ad528c9964ccdf1adccf9ab989d5a9 (diff)
download: chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.zip
chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.tar.gz
chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.tar.bz2
1 files changed, 25 insertions, 9 deletions
diff --git a/chrome/browser/chromeos/policy/device_local_account.cc b/chrome/browser/chromeos/policy/device_local_account.cc
index 2ad53ea..62c10a5 100644
--- a/chrome/browser/chromeos/policy/device_local_account.cc
+++ b/chrome/browser/chromeos/policy/device_local_account.cc
@@ -6,6 +6,7 @@
 
 #include <set>
 
+#include "base/basictypes.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string_number_conversions.h"
@@ -56,16 +57,31 @@ std::string GenerateDeviceLocalAccountUserId(const std::string& account_id,
       domain_prefix + kDeviceLocalAccountDomainSuffix);
 }
 
-bool IsDeviceLocalAccountUser(const std::string& user_id) {
-  return EndsWith(gaia::ExtractDomainName(user_id),
-                  kDeviceLocalAccountDomainSuffix,
-                  true);
-}
+bool IsDeviceLocalAccountUser(const std::string& user_id,
+                              DeviceLocalAccount::Type* type) {
+  const std::string domain = gaia::ExtractDomainName(user_id);
+  if (!EndsWith(domain, kDeviceLocalAccountDomainSuffix, true))
+    return false;
+
+  const std::string domain_prefix = domain.substr(
+      0, domain.size() - arraysize(kDeviceLocalAccountDomainSuffix) + 1);
+
+  if (domain_prefix == kPublicAccountDomainPrefix) {
+    if (type)
+      *type = DeviceLocalAccount::TYPE_PUBLIC_SESSION;
+    return true;
+  }
+  if (domain_prefix == kKioskAppAccountDomainPrefix) {
+    if (type)
+      *type = DeviceLocalAccount::TYPE_KIOSK_APP;
+    return true;
+  }
 
-bool IsKioskAppUser(const std::string& user_id) {
-  return gaia::ExtractDomainName(user_id) ==
-      std::string(kKioskAppAccountDomainPrefix) +
-          kDeviceLocalAccountDomainSuffix;
+  // |user_id| is a device-local account but its type is not recognized.
+  NOTREACHED();
+  if (type)
+    *type = DeviceLocalAccount::TYPE_COUNT;
+  return true;
 }
 
 void SetDeviceLocalAccounts(
author	bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-10-02 17:47:44 +0000
committer	bartfab@chromium.org <bartfab@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-10-02 17:47:44 +0000
commit	022e91b582c710188fbc7a030462d3396d8c899f (patch)
tree	ee18a2b9c9689e8d9c86546228f119c9331397fc /chrome/browser/chromeos/policy/device_local_account.cc
parent	8211dd35b6ad528c9964ccdf1adccf9ab989d5a9 (diff)
download	chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.zip chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.tar.gz chromium_src-022e91b582c710188fbc7a030462d3396d8c899f.tar.bz2