Make Easy unlock disabled by default for enterprise user.

BUG=402797 TBR=joaodasilva@chromium.org Review URL: https://codereview.chromium.org/478773002 Cr-Commit-Position: refs/heads/master@{#293239}

Make Easy unlock disabled by default for enterprise user.
BUG=402797 TBR=joaodasilva@chromium.org Review URL: https://codereview.chromium.org/478773002 Cr-Commit-Position: refs/heads/master@{#293239}
c65c2f95 · xiyuan · Commit bot · cfca18fc · c65c2f95 · c65c2f95
Commit c65c2f95 authored Sep 03, 2014 by xiyuan Committed by Commit bot Sep 04, 2014
4 changed files
--- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc
+++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc
@@ -289,6 +289,16 @@ void UserCloudPolicyManagerChromeOS::GetChromePolicy(PolicyMap* policy_map) {
                    new base::StringValue("primary-only"),
                    NULL);
  }
+  // Set EasyUnlockAllowed policy to false by default for managed accounts.
+  if (store()->has_policy() &&
+      !policy_map->Get(key::kEasyUnlockAllowed)) {
+    policy_map->Set(key::kEasyUnlockAllowed,
+                    POLICY_LEVEL_MANDATORY,
+                    POLICY_SCOPE_USER,
+                    new base::FundamentalValue(false),
+                    NULL);
+  }
 }
 void UserCloudPolicyManagerChromeOS::FetchPolicyOAuthTokenUsingSigninProfile() {

--- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_unittest.cc
+++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_unittest.cc
@@ -119,6 +119,10 @@ class UserCloudPolicyManagerChromeOSTest : public testing::Test {
                    POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
                    new base::StringValue("primary-only"),
                    NULL);
+    policy_map_.Set(key::kEasyUnlockAllowed,
+                    POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
+                    new base::FundamentalValue(false),
+                    NULL);
    expected_bundle_.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string()))
        .CopyFrom(policy_map_);

--- a/chrome/browser/policy/cloud/cloud_policy_browsertest.cc
+++ b/chrome/browser/policy/cloud/cloud_policy_browsertest.cc
@@ -142,6 +142,11 @@ void GetExpectedDefaultPolicy(PolicyMap* policy_map) {
                  POLICY_SCOPE_USER,
                  new base::StringValue("primary-only"),
                  NULL);
+  policy_map->Set(key::kEasyUnlockAllowed,
+                  POLICY_LEVEL_MANDATORY,
+                  POLICY_SCOPE_USER,
+                  new base::FundamentalValue(false),
+                  NULL);
 #endif
 }
@@ -178,6 +183,11 @@ void GetExpectedTestPolicy(PolicyMap* expected, const char* homepage) {
                POLICY_SCOPE_USER,
                new base::StringValue("primary-only"),
                NULL);
+  expected->Set(key::kEasyUnlockAllowed,
+                POLICY_LEVEL_MANDATORY,
+                POLICY_SCOPE_USER,
+                new base::FundamentalValue(false),
+                NULL);
 #endif
 }

--- a/components/policy/resources/policy_templates.json
+++ b/components/policy/resources/policy_templates.json
@@ -6612,8 +6612,7 @@
      If you disable this setting, users will not be allowed to use EasyUnlock.
-      If this policy is left not set, EasyUnlock is allowed if the requirements for the feature are satified.
+      If this policy is left not set, the default is not allowed for enterprise-managed users and allowed for non-managed users.''',
-      ''',
    },
    {
      'name': 'SessionLocales',