Improve SaveCredentials handling in VPN UI

When persisting credential fields in UIData to shill, distinguish
between the cases 'no credential saved' (empty string will be written)
and 'some credential saved' (kFakeCredential will be written). A comment
mentions that this should be done, but it has not been done yet.

With this in place, the network config UI displays empty password field
if no credential has been saved or some number of asterisk if some
credential has been saved.

Also fix "Save identity and password" not being populated from
SaveCredentials due to managedProperties.typeProperties.vpn.type being
treated as having a sub-field 'value' while it's a plain enum.

Bug: 1103234
Change-Id: I301ea1290785c3260c372d21b36b3aa08597b9c1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2450274
Commit-Queue: Pavol Marko <pmarko@chromium.org>
Reviewed-by: Steven Bennetts <stevenjb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#816334}

chromeos/network/policy_util.cc

@@ -20,6 +20,7 @@
 #include "chromeos/network/shill_property_util.h"
 #include "components/onc/onc_constants.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
+#include "third_party/cros_system_api/dbus/shill/dbus-constants.h"
 
 namespace chromeos {
 
@@ -374,10 +375,20 @@ std::unique_ptr<base::DictionaryValue> CreateShillConfiguration(
     // Shill's GetProperties doesn't return credentials. Masking credentials
     // instead of just removing them, allows remembering if a credential is set
     // or not.
+    //
+    // If we're not saving credentials, explicitly set credentials in UIData to
+    // empty string so the UI will display empty text fields for them the next
+    // time they're viewed (instead of masked-out-placeholders, which would
+    // suggest that a credential has been saved).
+    const bool saving_credentials =
+        shill_dictionary->FindBoolKey(shill::kSaveCredentialsProperty)
+            .value_or(true);
+    const std::string credential_mask =
+        saving_credentials ? kFakeCredential : std::string();
     std::unique_ptr<base::Value> sanitized_user_settings =
         base::Value::ToUniquePtrValue(
             onc::MaskCredentialsInOncObject(onc::kNetworkConfigurationSignature,
-                                            *user_settings, kFakeCredential));
+                                            *user_settings, credential_mask));
     ui_data->SetUserSettingsDictionary(std::move(sanitized_user_settings));
   }
 

ui/webui/resources/cr_components/chromeos/network/network_config.js

@@ -595,10 +595,9 @@ Polymer({
     if (this.mojoType_ === mojom.NetworkType.kVPN) {
       let saveCredentials = false;
       const vpn = managedProperties.typeProperties.vpn;
-      const vpnType = vpn.type && vpn.type.value;
-      if (vpnType === mojom.VpnType.kOpenVPN) {
+      if (vpn.type === mojom.VpnType.kOpenVPN) {
         saveCredentials = this.getActiveBoolean_(vpn.openVpn.saveCredentials);
-      } else if (vpnType === mojom.VpnType.kL2TPIPsec) {
+      } else if (vpn.type === mojom.VpnType.kL2TPIPsec) {
         saveCredentials = this.getActiveBoolean_(vpn.ipSec.saveCredentials) ||
             this.getActiveBoolean_(vpn.l2tp.saveCredentials);
       }