// Copyright 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

module ash.mojom;

import "ash/public/interfaces/user_info.mojom";
import "ash/public/interfaces/login_user_info.mojom";
import "ash/public/interfaces/kiosk_app_info.mojom";
import "chromeos/components/proximity_auth/public/interfaces/auth_type.mojom";
import "components/account_id/interfaces/account_id.mojom";
import "mojo/public/mojom/base/string16.mojom";
import "mojo/public/mojom/base/time.mojom";

// State of the Oobe UI dialog, which is used to update the visibility of login
// shelf buttons.
// This comes from SIGNIN_UI_STATE defined in display_manager.js, with an
// additional value HIDDEN to indicate the visibility of the oobe ui dialog.
enum OobeDialogState {
  // Showing other screen, which does not impact the visibility of login shelf
  // buttons.
  NONE = 0,

  // Showing gaia signin screen.
  GAIA_SIGNIN = 1,

  // 2 is unused to keep in sync with display_manager.js

  // Showing wrong hardware identification screen.
  WRONG_HWID_WARNING = 3,

  // Showing supervised user creation screen.
  SUPERVISED_USER_CREATION_FLOW = 4,

  // Showing SAML password confirmation screen.
  SAML_PASSWORD_CONFIRM = 5,

  // Showing password changed screen.
  PASSWORD_CHANGED = 6,

  // Showing device enrollment screen.
  ENROLLMENT = 7,

  // Showing error screen.
  ERROR = 8,

  // Showing sync consent screen.
  SYNC_CONSENT = 9,

  // Oobe UI dialog is currently hidden.
  HIDDEN = 10,
};

// Reason why the auth is disabled. This is used to personalize the UI.
enum AuthDisabledReason {
  // Auth is disabled because the device is locked by a time limit override.
  TIME_LIMIT_OVERRIDE,

  // Auth is disabled because the user has reached their daily usage limit on
  // the device.
  TIME_USAGE_LIMIT,

  // Auth is disabled because the device is within a locked time window.
  TIME_WINDOW_LIMIT,
};

// The data needed to customize the lock screen when auth is disabled.
struct AuthDisabledData {
  // Reason why auth is disabled.
  AuthDisabledReason reason;

  // A future time when auth will be enabled. This value is for display purpose
  // only, auth won't be automatically enabled when this time is reached.
  mojo_base.mojom.Time auth_reenabled_time;

  // The amount of time that the user used this device.
  mojo_base.mojom.TimeDelta device_used_time;
};

// Allows clients (e.g. the browser process) to send messages to the ash
// login/lock/user-add screens.
interface LoginScreen {
  // Sets the client interface.
  SetClient(LoginScreenClient client);

  // Displays the lock screen. |did_show| is true iff the lock UI was
  // successfully displayed.
  ShowLockScreen() => (bool did_show);

  // Displays the login screen. |did_show| is true iff the login UI was
  // successfully displayed.
  ShowLoginScreen() => (bool did_show);

  // Requests to show error message in the ash lock screen.
  // TODO(xiaoyinh): login_attempts is probably not needed from chrome,
  // remove it when we start to count the login attempts in ash lock screen.
  // |login_attempts|: The number of the login authentication attempts.
  // |error_text|:     The error text to be shown in lock screen.
  // |help_link_text|: The help link to be shown in lock screen.
  // |help_topic_id|:  The id of the help app topic regarding this error.
  ShowErrorMessage(int32 login_attempts,
                   string error_text,
                   string help_link_text,
                   int32 help_topic_id);

  // Shows a warning banner message on the login screen. A warning banner is
  // used to notify users of important messages before they log in to their
  // session. (e.g. Tell the user that an update of the user data will start
  // on login)
  // |message|: The message to show.
  ShowWarningBanner(mojo_base.mojom.String16 message);

  // Hide a warning banner if it is displayed.
  // TODO(fukino): Ideally chrome-side should not have this level of UI
  // control. Make the API simpler and let ash determine the UI behavior.
  HideWarningBanner();

  // Requests to close any displayed error messages in ash lock screen.
  ClearErrors();

  // Requests to show the custom icon in the user pod.
  // |account_id|:  The account id of the user in the user pod.
  // |icon|:        Information regarding the icon.
  ShowUserPodCustomIcon(signin.mojom.AccountId account_id,
                        EasyUnlockIconOptions icon);

  // Requests to hide the custom icon in the user pod.
  // |account_id|:  The account id of the user in the user pod.
  HideUserPodCustomIcon(signin.mojom.AccountId account_id);

  // Requests to set the authentication type.
  // |account_id|:    The account id of the user in the user pod.
  // |auth_type|:     Authentication type.
  // |initial_value|: A message shown in the password field of the user pod.
  SetAuthType(signin.mojom.AccountId account_id,
              proximity_auth.mojom.AuthType auth_type,
              mojo_base.mojom.String16 initial_value);

  // Set the users who are displayed on the login UI. |users| is filtered
  // and does not correspond to every user on the device.
  SetUserList(array<LoginUserInfo> users);

  // Notification if pin is enabled or disabled for the given user.
  // |account_id|:   The account id of the user in the user pod.
  // |is_enabled|:   True if pin unlock is enabled.
  SetPinEnabledForUser(signin.mojom.AccountId account_id, bool is_enabled);

  // Update the status of fingerprint for |account_id|.
  SetFingerprintState(signin.mojom.AccountId account_id,
                      FingerprintState state);

  // Called after a fingerprint authentication attempt has been made. If
  // |successful| is true, then the fingerprint authentication attempt was
  // successful and the device should be unlocked. If false, an error message
  // should be shown to the user.
  NotifyFingerprintAuthResult(signin.mojom.AccountId account_id,
                              bool successful);

  // Change the user's avatar. Some avatars may take a long time to load and the
  // login screen may already be visible.
  SetAvatarForUser(signin.mojom.AccountId account_id, UserAvatar avatar);

  // Called when auth should be enabled for the given user. When auth is
  // disabled, the user cannot unlock the device. Auth is enabled by default.
  // |account_id|:            The account id of the user in the user pod.
  EnableAuthForUser(signin.mojom.AccountId account_id);

  // Called when auth should be disabled for the given user. When auth is
  // disabled, the user cannot unlock the device. Auth is enabled by default.
  // |account_id|:            The account id of the user in the user pod.
  // |auth_disabled_data|:    The data needed to customize the lock screen UI.
  DisableAuthForUser(signin.mojom.AccountId account_id,
                      AuthDisabledData auth_disabled_data);

  // Called when focus is reported to be leaving a lock screen app window.
  // Requests focus to be handed off to the next suitable widget.
  // |reverse|:   Whether the tab order is reversed.
  HandleFocusLeavingLockScreenApps(bool reverse);

  // Called when new system information is available.
  // |show_if_hidden|: If true, the system information should be displayed to
  //                   the user if it is currently hidden. If false, the system
  //                   information should remain hidden if not already shown.
  //                   Hidden system information can be shown by pressing alt-v.
  // |os_version_label_text|: The OS version.
  // |enterprise_info_text|:  The enterprise info.
  // |bluetooth_name|:        The name of the bluetooth adapter.
  SetSystemInfo(bool show_if_hidden,
                string os_version_label_text,
                string enterprise_info_text,
                string bluetooth_name);

  // Check if the login/lock screen is ready for a password.
  IsReadyForPassword() => (bool is_ready);

  // Set the public session display name for user with |account_id|.
  SetPublicSessionDisplayName(signin.mojom.AccountId account_id,
                              string display_name);

  // Set the public session locales for user with |account_id|.
  // |locales|:            Available locales for this user.
  // |default_locale|:     Default locale for this user.
  // |show_advanced_view|: True if we should show the advanced expanded user
  //                       view for the public session.
  SetPublicSessionLocales(signin.mojom.AccountId account_id,
                          array<LocaleItem> locales,
                          string default_locale,
                          bool show_advanced_view);

  // Set the public session keyboard layouts for user with |account_id|.
  // |locale|: The locale that |keyboard_layouts| can be used for.
  SetPublicSessionKeyboardLayouts(signin.mojom.AccountId account_id,
                                  string locale,
                                  array<InputMethodItem> keyboard_layouts);

  // Sets whether full management disclosure is needed for the public/managed
  // session login screen.
  SetPublicSessionShowFullManagementDisclosure(
      bool show_full_management_disclosure);

  // Update the kiosk app data for the login screen.
  // Returns true on success.
  SetKioskApps(array<KioskAppInfo> kiosk_apps) => (bool success);

  // Display a toast describing the latest kiosk app launch error.
  ShowKioskAppError(string message);

  // Called when the dialog hosting oobe has changed state. The oobe dialog
  // provides support for any part of login that is implemented in JS/HTML, such
  // as add user or powerwash.
  NotifyOobeDialogState(OobeDialogState state);

  // Sets whether users can be added from the login screen.
  SetAddUserButtonEnabled(bool enable);

  // Sets whether shutdown button is enabled in the login screen.
  SetShutdownButtonEnabled(bool enable);

  // Sets if the guest button on the login shelf can be shown. Even if set to
  // true the button may still not be visible.
  SetAllowLoginAsGuest(bool allow_guest);

  // Sets if the guest button on the login shelf can be shown during OOBE.
  SetShowGuestButtonInOobe(bool show);

  // Sets whether parent access button can be shown on the login shelf.
  SetShowParentAccessButton(bool show);

  // Sets whether parent access code input dialog is shown on the lock screen.
  SetShowParentAccessDialog(bool show);

  // Transitions focus to the shelf area. If |reverse|, focuses the status area.
  FocusLoginShelf(bool reverse);
};

// Allows ash lock screen to control a client (e.g. Chrome browser). Requests
// often involve preferences or talk to cryptohome that is not available to ash.
interface LoginScreenClient {
  // Attempt to authenticate a user with a password or PIN.
  //
  // If auth succeeds:
  // chrome will hide the lock screen and clear any displayed error messages.
  // If auth fails:
  // chrome will request lock screen to show error messages.
  // |account_id|: The AccountId to authenticate against.
  // |password|: The submitted password.
  // |authenticated_by_pin|: True if we are using pin to authenticate.
  //
  // The result will be set to true if auth was successful, false if not.
  //
  // TODO(jdufault): Extract authenticated_by_pin into a separate mojom method,
  //                 similar to the other Authenticate* methods
  AuthenticateUserWithPasswordOrPin(
      signin.mojom.AccountId account_id,
      string password,
      bool authenticated_by_pin) => (bool auth_success);

  // Attempt to authenticate the user with with an external binary.
  AuthenticateUserWithExternalBinary(signin.mojom.AccountId account_id)
      => (bool auth_success);

  // Attempt to enroll a user in the external binary authentication system.
  EnrollUserWithExternalBinary() => (bool enrollment_success);

  // Try to authenticate |account_id| using easy unlock. This can be used on the
  // login or lock screen.
  // |account_id|: The account id of the user we are authenticating.
  //
  // TODO(jdufault): Refactor this method to return an auth_success, similar to
  // the other auth methods above.
  AuthenticateUserWithEasyUnlock(signin.mojom.AccountId account_id);

  // Validates parent access code for the user identified by |account_id|.
  // Passes validation result in the callback.
  // Note: This should only be used for child user.
  ValidateParentAccessCode(
    signin.mojom.AccountId account_id,
    string access_code) => (bool access_code_valid);

  // Request to hard lock the user pod.
  // |account_id|:    The account id of the user in the user pod.
  HardlockPod(signin.mojom.AccountId account_id);

  // Focus user pod of user with |account_id|.
  OnFocusPod(signin.mojom.AccountId account_id);

  // Notify that no user pod is focused.
  OnNoPodFocused();

  // Load wallpaper of user with |account_id|.
  LoadWallpaper(signin.mojom.AccountId account_id);

  // Sign out current user.
  SignOutUser();

  // Close add user screen.
  CancelAddUser();

  // Launches guest mode.
  LoginAsGuest();

  // User with |account_id| has reached maximum incorrect password attempts.
  OnMaxIncorrectPasswordAttempted(signin.mojom.AccountId account_id);

  // Should pass the focus to the active lock screen app window, if there is
  // one. This is called when a lock screen app is reported to be active (using
  // tray_action mojo interface), and is next in the tab order.
  // |HandleFocusLeavingLockScreenApps| should be called to return focus to the
  // lock screen.
  // |reverse|:   Whether the tab order is reversed.
  FocusLockScreenApps(bool reverse);

  // Passes focus to the OOBE dialog if it is showing. No-op otherwise.
  FocusOobeDialog();

  // Show the gaia sign-in dialog. If |can_close| is true, the dialog can be
  // closed. The value in |prefilled_account| will be used to prefill the
  // sign-in dialog so the user does not need to type the account email.
  ShowGaiaSignin(bool can_close, signin.mojom.AccountId? prefilled_account);

  // Notification that the remove user warning was shown.
  OnRemoveUserWarningShown();

  // Try to remove |account_id|.
  RemoveUser(signin.mojom.AccountId account_id);

  // Launch a public session for user with |account_id|.
  // |locale|:       Locale for this user.
  //                 The value is language code like "en-US", "zh-CN"
  // |input_method|: Input method for this user.
  //                 This is the id of InputMethodDescriptor like
  //                 "t:latn-post", "pinyin".
  LaunchPublicSession(signin.mojom.AccountId account_id,
                      string locale,
                      string input_method);

  // Request public session keyboard layouts for user with |account_id|.
  // This function send a request to chrome and the result will be returned by
  // SetPublicSessionKeyboardLayouts.
  // |locale|: Request a list of keyboard layouts that can be used by this
  //           locale.
  RequestPublicSessionKeyboardLayouts(signin.mojom.AccountId account_id,
                                      string locale);

  // Request to show a feedback report dialog in chrome.
  ShowFeedback();

  // Launch the specific kiosk app.
  LaunchKioskApp(string app_id);

  // Launch the specific ARC++ kiosk app.
  LaunchArcKioskApp(signin.mojom.AccountId account_id);

  // Show the powerwash (device reset) dialog.
  ShowResetScreen();

  // Show the help app for when users have trouble signing in to their account.
  ShowAccountAccessHelpApp();

  // Called when the keyboard focus is about to leave from the sytem tray in
  // the login screen / OOBE. |reverse| is true when the focus moves in the
  // reversed direction.
  OnFocusLeavingSystemTray(bool reverse);

  // Used by Ash to signal that user activity occurred on the login screen.
  OnUserActivity();
};