device_local_account.h revision 6e8cce623b6e4fe0c9e4af605d675dd9d0338c38 
1// Copyright (c) 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_
6#define CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_
7
8#include <string>
9#include <vector>
10
11namespace chromeos {
12class CrosSettings;
13}
14
15namespace policy {
16
17// This must match DeviceLocalAccountInfoProto.AccountType in
18// chrome_device_policy.proto.
19struct DeviceLocalAccount {
20  enum Type {
21    // A login-less, policy-configured browsing session.
22    TYPE_PUBLIC_SESSION,
23    // An account that serves as a container for a single full-screen app.
24    TYPE_KIOSK_APP,
25    // Sentinel, must be last.
26    TYPE_COUNT
27  };
28
29  DeviceLocalAccount(Type type,
30                     const std::string& account_id,
31                     const std::string& kiosk_app_id);
32  ~DeviceLocalAccount();
33
34  Type type;
35  // A device-local account has two identifiers:
36  // * The |account_id| is chosen by the entity that defines the device-local
37  //   account. The only constraints are that the |account_id| be unique and,
38  //   for legacy reasons, it contain an @ symbol.
39  // * The |user_id| is a synthesized identifier that is guaranteed to be
40  //   unique, contain an @ symbol, not collide with the |user_id| of any other
41  //   user on the device (such as regular users or supervised users) and be
42  //   identifiable as belonging to a device-local account by.
43  // The |account_id| is primarily used by policy code: If device policy defines
44  // a device-local account with a certain |account_id|, the user policy for
45  // that account has to be fetched by referencing the same |account_id|.
46  // The |user_id| is passed to the user_manager::UserManager where it becomes
47  // part
48  // of the global user list on the device. The |account_id| would not be safe
49  // to use here as it is a free-form identifier that could conflict with
50  // another |user_id| on the device and cannot be easily identified as
51  // belonging to a device-local account.
52  std::string account_id;
53  std::string user_id;
54  std::string kiosk_app_id;
55};
56
57std::string GenerateDeviceLocalAccountUserId(const std::string& account_id,
58                                             DeviceLocalAccount::Type type);
59
60// Determines whether |user_id| belongs to a device-local account and if so,
61// returns the type of device-local account in |type| unless |type| is NULL.
62bool IsDeviceLocalAccountUser(const std::string& user_id,
63                              DeviceLocalAccount::Type* type);
64
65// Stores a list of device-local accounts in |cros_settings|. The accounts are
66// stored as a list of dictionaries with each dictionary containing the
67// information about one |DeviceLocalAccount|.
68void SetDeviceLocalAccounts(
69    chromeos::CrosSettings* cros_settings,
70    const std::vector<DeviceLocalAccount>& accounts);
71
72// Retrieves a list of device-local accounts from |cros_settings|.
73std::vector<DeviceLocalAccount> GetDeviceLocalAccounts(
74    chromeos::CrosSettings* cros_settings);
75
76}  // namespace policy
77
78#endif  // CHROME_BROWSER_CHROMEOS_POLICY_DEVICE_LOCAL_ACCOUNT_H_
79