Disable Smart Lock if device has ephemeral users policy enabled.
BUG=455505
Review URL: https://codereview.chromium.org/898213002
Cr-Commit-Position: refs/heads/master@{#315519}
(cherry picked from commit dd019ccc75b1c0c1c361265e78995ee2d5880ac0)
TBR=xiyuan@chromium.org
Review URL: https://codereview.chromium.org/933363002
Cr-Commit-Position: refs/branch-heads/2272@{#326}
Cr-Branched-From: 827a380cfdb31aa54c8d56e63ce2c3fd8c3ba4d4-refs/heads/master@{#310958}
diff --git a/chrome/browser/signin/easy_unlock_service_regular.cc b/chrome/browser/signin/easy_unlock_service_regular.cc
index 1132a46..a833a8c7 100644
--- a/chrome/browser/signin/easy_unlock_service_regular.cc
+++ b/chrome/browser/signin/easy_unlock_service_regular.cc
@@ -18,6 +18,7 @@
#include "chrome/browser/ui/extensions/application_launch.h"
#include "chrome/common/extensions/extension_constants.h"
#include "chrome/common/pref_names.h"
+#include "chromeos/login/user_names.h"
#include "components/pref_registry/pref_registry_syncable.h"
#include "components/proximity_auth/cryptauth/cryptauth_account_token_fetcher.h"
#include "components/proximity_auth/cryptauth/cryptauth_client.h"
@@ -274,6 +275,18 @@
if (!user_manager::UserManager::Get()->IsLoggedInAsUserWithGaiaAccount())
return false;
+ // TODO(tengs): Ephemeral accounts generate a new enrollment every time they
+ // are added, so disable Smart Lock to reduce enrollments on server. However,
+ // ephemeral accounts can be locked, so we should revisit this use case.
+ // TODO(tengs): Remove this special case and test this code path after test
+ // refactoring is landed (crbug.com/414829).
+ user_manager::User* user =
+ chromeos::ProfileHelper::Get()->GetUserByProfile(profile());
+ user_manager::UserManager* user_manager = user_manager::UserManager::Get();
+ if (user->email() != chromeos::login::kStubUser &&
+ user_manager->IsCurrentUserNonCryptohomeDataEphemeral())
+ return false;
+
if (!chromeos::ProfileHelper::IsPrimaryProfile(profile()))
return false;