class UserManager;
// MultiProfileUserController decides whether a user is allowed to be in a
-// multi-profiles session. It caches the multiprofile user behavior pref backed
+// multi-profiles session. It caches the multi-profile user behavior pref backed
// by user policy into local state so that the value is available before the
// user login and checks if the meaning of the value is respected.
class MultiProfileUserController {
public:
+ // Return value of IsUserAllowedInSession().
+ enum UserAllowedInSessionResult {
+ // User is allowed in multi-profile session.
+ ALLOWED,
+
+ // Owner of the device is not allowed to be added as a secondary user.
+ NOT_ALLOWED_OWNER_AS_SECONDARY,
+
+ // Not allowed since it is potentially "tainted" with policy-pushed
+ // certificates.
+ NOT_ALLOWED_POLICY_CERT_TAINTED,
+
+ // Not allowed since primary user is already "tainted" with policy-pushed
+ // certificates.
+ NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED,
+
+ // Not allowed since primary user policy forbids it to be part of
+ // multi-profiles session.
+ NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS,
+
+ // Not allowed since user policy forbids this user being part of
+ // multi-profiles session. Either 'primary-only' or 'not-allowed'.
+ NOT_ALLOWED_POLICY_FORBIDS
+ };
+
MultiProfileUserController(MultiProfileUserControllerDelegate* delegate,
PrefService* local_state);
~MultiProfileUserController();
static void RegisterPrefs(PrefRegistrySimple* registry);
static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
- // Returns true if the user is allowed to be in the current session.
- bool IsUserAllowedInSession(const std::string& user_email) const;
+ // Returns the cached policy value for |user_email|.
+ std::string GetCachedValue(const std::string& user_email) const;
+
+ // Returns UserAllowedInSessionResult enum that describe whether the user is
+ // allowed to be in the current session.
+ UserAllowedInSessionResult IsUserAllowedInSession(
+ const std::string& user_email) const;
// Starts to observe the multiprofile user behavior pref of the given profile.
void StartObserving(Profile* user_profile);
private:
friend class MultiProfileUserControllerTest;
- // Gets/sets the cached policy value.
- std::string GetCachedValue(const std::string& user_email) const;
+ // Sets the cached policy value.
void SetCachedValue(const std::string& user_email,
const std::string& behavior);