buffet: Store anonymous_access_role in buffet config and state

Default value can be set by manufacturer by changing buffet.conf.
Future changes will implement base.updateBaseConfiguration which can
modify option and store in state file.

BUG=brillo:947
TEST=FEATURE=test emerge-gizmo privetd

Change-Id: I01105ac931c29a0d67670f85cb2c90538b2f59a6
Reviewed-on: https://chromium-review.googlesource.com/268686
Tested-by: Vitaly Buka <vitalybuka@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>
diff --git a/buffet/buffet_config.cc b/buffet/buffet_config.cc
index d8e0324..7a9939b 100644
--- a/buffet/buffet_config.cc
+++ b/buffet/buffet_config.cc
@@ -39,6 +39,11 @@
   return std::string();
 }
 
+bool IsValidAccessRole(const std::string& role) {
+  return role == "none" || role == "viewer" || role == "user" ||
+         role == "owner";
+}
+
 }  // namespace
 
 namespace buffet {
@@ -53,11 +58,11 @@
 const char kName[] = "name";
 const char kDescription[] = "description";
 const char kLocation[] = "location";
+const char kAnonymousAccessRole[] = "anonymous_access_role";
 const char kOemName[] = "oem_name";
 const char kModelName[] = "model_name";
 const char kModelId[] = "model_id";
-
-const char kPollingPeriodMs[]      = "polling_period_ms";
+const char kPollingPeriodMs[] = "polling_period_ms";
 
 }  // namespace config_keys
 
@@ -102,6 +107,10 @@
 
   store.GetString(config_keys::kDescription, &description_);
   store.GetString(config_keys::kLocation, &location_);
+
+  store.GetString(config_keys::kAnonymousAccessRole, &anonymous_access_role_);
+  CHECK(IsValidAccessRole(anonymous_access_role_))
+      << "Invalid role: " << anonymous_access_role_;
 }
 
 void BuffetConfig::set_name(const std::string& name) {
@@ -109,4 +118,12 @@
   name_ = name;
 }
 
+void BuffetConfig::set_anonymous_access_role(const std::string& role) {
+  if (IsValidAccessRole(role)) {
+    anonymous_access_role_ = role;
+  } else {
+    LOG(ERROR) << "Invalid role: " << role;
+  }
+}
+
 }  // namespace buffet
diff --git a/buffet/buffet_config.h b/buffet/buffet_config.h
index 64c936f..e3fc6ba 100644
--- a/buffet/buffet_config.h
+++ b/buffet/buffet_config.h
@@ -33,12 +33,14 @@
   const std::string& name() const { return name_; }
   const std::string& description() const { return description_; }
   const std::string& location() const { return location_; }
+  std::string anonymous_access_role() const { return anonymous_access_role_; }
 
   void set_name(const std::string& name);
   void set_description(const std::string& description) {
     description_ = description;
   }
   void set_location(const std::string& location) { location_ = location; }
+  void set_anonymous_access_role(const std::string& role);
 
  private:
   std::string client_id_{"58855907228.apps.googleusercontent.com"};
@@ -49,6 +51,7 @@
   std::string name_{"Developer device"};
   std::string description_;
   std::string location_;
+  std::string anonymous_access_role_{"viewer"};
   std::string oem_name_{"Chromium"};
   std::string model_name_{"Brillo"};
   std::string model_id_{"AAAAA"};
diff --git a/buffet/dbus_bindings/org.chromium.Buffet.Manager.xml b/buffet/dbus_bindings/org.chromium.Buffet.Manager.xml
index 6cf9535..fefcfa0 100644
--- a/buffet/dbus_bindings/org.chromium.Buffet.Manager.xml
+++ b/buffet/dbus_bindings/org.chromium.Buffet.Manager.xml
@@ -125,5 +125,21 @@
         Location of the device.
       </tp:docstring>
     </property>
+    <property name="AnonymousAccessRole" type="s" access="read">
+      <tp:docstring>
+        Max role granted to anonymous user when accessing device over the local
+        network.
+        Possible values include:
+          "none": Device does not allow local access by unauthenticated users.
+
+          "viewer": Device allows everyone authenticated to access device.
+
+          "user": Device allows everyone authenticated as 'user' to access
+                  device.
+
+          "owner": Device allows everyone authenticated as 'owner' to access
+                  device.
+      </tp:docstring>
+    </property>
   </interface>
 </node>
diff --git a/buffet/device_registration_info.cc b/buffet/device_registration_info.cc
index 136513d..3ed70a8 100644
--- a/buffet/device_registration_info.cc
+++ b/buffet/device_registration_info.cc
@@ -39,12 +39,13 @@
 namespace storage_keys {
 
 // Persistent keys
-const char kRefreshToken[]  = "refresh_token";
-const char kDeviceId[]      = "device_id";
-const char kRobotAccount[]  = "robot_account";
-const char kName[]          = "name";
-const char kDescription[]   = "description";
-const char kLocation[]      = "location";
+const char kRefreshToken[] = "refresh_token";
+const char kDeviceId[] = "device_id";
+const char kRobotAccount[] = "robot_account";
+const char kName[] = "name";
+const char kDescription[] = "description";
+const char kLocation[] = "location";
+const char kAnonymousAccessRole[] = "anonymous_access_role";
 
 }  // namespace storage_keys
 }  // namespace buffet
@@ -199,6 +200,10 @@
   if (dict->GetString(storage_keys::kLocation, &location))
     config_->set_location(location);
 
+  std::string access_role;
+  if (dict->GetString(storage_keys::kAnonymousAccessRole, &access_role))
+    config_->set_anonymous_access_role(access_role);
+
   dict->GetString(storage_keys::kRefreshToken, &refresh_token_);
   dict->GetString(storage_keys::kRobotAccount, &device_robot_account_);
 
@@ -228,6 +233,8 @@
   dict.SetString(storage_keys::kName, config_->name());
   dict.SetString(storage_keys::kDescription, config_->description());
   dict.SetString(storage_keys::kLocation, config_->location());
+  dict.SetString(storage_keys::kAnonymousAccessRole,
+                 config_->anonymous_access_role());
 
   return storage_->Save(&dict);
 }
@@ -1033,6 +1040,7 @@
   manager_->SetName(config_->name());
   manager_->SetDescription(config_->description());
   manager_->SetLocation(config_->location());
+  manager_->SetAnonymousAccessRole(config_->anonymous_access_role());
 }
 
 void DeviceRegistrationInfo::OnCommandDefsChanged() {
diff --git a/buffet/device_registration_info_unittest.cc b/buffet/device_registration_info_unittest.cc
index ee230ab..0deaa6e 100644
--- a/buffet/device_registration_info_unittest.cc
+++ b/buffet/device_registration_info_unittest.cc
@@ -198,6 +198,7 @@
     config_store.SetString("name",  "Coffee Pot");
     config_store.SetString("description", "Easy to clean");
     config_store.SetString("location", "Kitchen");
+    config_store.SetString("anonymous_access_role", "viewer");
     config_store.SetString("model_id", "AAAAA");
     config_store.SetString("oauth_url", test_data::kOAuthURL);
     config_store.SetString("service_url", test_data::kServiceURL);
@@ -247,6 +248,7 @@
   data.SetString(storage_keys::kName, "k");
   data.SetString(storage_keys::kDescription, "l");
   data.SetString(storage_keys::kLocation, "m");
+  data.SetString(storage_keys::kAnonymousAccessRole, "user");
 
   storage_->Save(&data);
 
diff --git a/buffet/device_registration_storage_keys.h b/buffet/device_registration_storage_keys.h
index 18323f0..d48bbf8 100644
--- a/buffet/device_registration_storage_keys.h
+++ b/buffet/device_registration_storage_keys.h
@@ -17,6 +17,7 @@
 extern const char kName[];
 extern const char kDescription[];
 extern const char kLocation[];
+extern const char kAnonymousAccessRole[];
 
 }  // namespace storage_keys
 }  // namespace buffet