refactor(accounts1): remove guest user functionality

[ComixHe]

Remove guest user feature to address security vulnerability identified in security report. The CreateGuestUser() function had a race condition when creating home directories in /tmp, which could allow other users to pre-create directories under their control. Since guest user functionality is no longer needed, it has been completely removed.

Pms: BUG-349985

Summary by Sourcery

Remove deprecated guest user account support from the accounts1 manager and its D-Bus interface.

Enhancements:

• Drop Manager fields, helpers, and D-Bus exported methods related to guest account handling.
• Update SPDX copyright years for accounts1 manager source files.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Removes the deprecated guest user feature from the accounts1 service, including D-Bus methods, configuration handling, and backing implementation, while updating copyright years.

Sequence diagram for the removed CreateGuestAccount flow

sequenceDiagram
    actor Client
    participant Manager as Manager(CreateGuestAccount)
    participant Users as usersPackage

    Client->>Manager: CreateGuestAccount(sender)
    Manager->>Manager: checkAuth(sender)
    alt authorized
        Manager->>Users: CreateGuestUser()
        Users-->>Manager: name
        Manager->>Users: GetUserInfoByName(name)
        Users-->>Manager: info(Uid)
        Manager-->>Client: userDBusPathPrefix + info.Uid
    else not authorized
        Manager-->>Client: dbus.Error (authorization failed)
    end

    %% Entire CreateGuestAccount interaction has been removed in the refactor

Loading

Class diagram for refactored Manager without guest user support

classDiagram
    class ManagerBefore {
        <<struct>>
        %% fields
        dbusutil.Service service
        map~string, *User~ usersMap
        []string UserList
        sync.RWMutex UserListMu
        string GuestIcon
        bool AllowGuest
        []string GroupList
        %% methods
        AllowGuestAccount(sender dbus.Sender, allow bool) *dbus.Error
        CreateGuestAccount(sender dbus.Sender) (string, *dbus.Error)
        isGuestUserEnabled() bool
        setPropAllowGuest(value bool) bool
        emitPropChangedAllowGuest(value bool) error
    }

    class ManagerAfter {
        <<struct>>
        %% fields
        dbusutil.Service service
        map~string, *User~ usersMap
        []string UserList
        sync.RWMutex UserListMu
        []string GroupList
        %% methods
        %% guest-related methods removed
    }

    ManagerBefore <|-- ManagerAfter

Loading

File-Level Changes

Change	Details	Files
Remove guest account D-Bus API surface from Manager	Delete AllowGuestAccount and CreateGuestAccount methods from the Manager interface implementation Drop registration of AllowGuestAccount and CreateGuestAccount from the exported D-Bus methods table Remove AllowGuest and GuestIcon fields from Manager and their initialization in NewManager	accounts1/manager_ifc.go accounts1/exported_methods_auto.go accounts1/manager.go
Remove guest account configuration and state handling	Remove actConfigKeyGuest constant and associated guest enablement logic Delete isGuestUserEnabled helper and no longer read/write AllowGuest from accounts.ini Drop AllowGuest property setter and change emitter helpers	accounts1/manager.go accounts1/accounts_dbusutil.go
Remove guest user implementation and related utilities	Delete guest user implementation file defining CreateGuestUser and related logic Remove unused dutils import now that guest account configuration is gone	accounts1/users/guest.go accounts1/manager_ifc.go
Update SPDX copyright headers	Extend copyright year range from 2018-2022 to 2018-2026 in accounts1 manager files	accounts1/manager_ifc.go accounts1/manager.go

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[deepin-ci-robot]

deepin pr auto review

这段代码 diff 的主要目的是移除系统中的访客账户（Guest Account）功能。通过删除与访客账户相关的属性、方法、DBUS 接口以及辅助工具函数，简化了账户管理逻辑。

以下是对代码变更的详细审查意见，分为语法逻辑、代码质量、代码性能和代码安全四个方面：

1. 语法逻辑

• 整体逻辑：代码变更的逻辑是连贯且正确的。它遵循了“删除功能”的标准模式：移除 DBus 导出方法 -> 移除 Manager 结构体中的状态字段 -> 移除配置文件读取逻辑 -> 移除实现逻辑 -> 移除底层工具函数。
• 版权年份更新：
  • manager.go 和 manager_ifc.go 中的 SPDX-FileCopyrightText 从 2018 - 2022 更新为 2018 - 2026。
  • 意见：通常版权年份应更新为当前实际年份（例如 2023 或 2024），直接跳到 2026 年不太符合常规，除非是长期规划。建议确认是否需要修改为当前年份。

2. 代码质量

• 清理彻底性：
  • 优点：不仅删除了高层业务逻辑（AllowGuestAccount），还删除了底层的用户创建逻辑（users.CreateGuestUser）和配置项常量（actConfigKeyGuest）。这种清理非常彻底，避免了死代码的残留。
  • 注意点：请确保 users.CreateGuestUser 没有被项目中的其他模块（非 accounts1）引用，否则会导致编译错误。
• 依赖清理：
  • 在 manager_ifc.go 中，删除了 dutils "github.com/linuxdeepin/go-lib/utils" 的引用。
  • 意见：这是一个好的改进，减少了不必要的包依赖。请检查 manager_ifc.go 文件其余部分是否还在使用 dutils，如果不再使用，这一步是完美的；如果还有其他地方使用，会导致编译失败。

3. 代码性能

• 内存占用减少：
  • 删除了 Manager 结构体中的 GuestIcon 和 AllowGuest 字段。
  • 意见：这减少了每个 Manager 实例的内存占用，虽然影响微小，但在高频创建实例的场景下是有益的。
• 启动性能：
  • 删除了 NewManager 中对 isGuestUserEnabled() 的调用（该函数涉及文件 I/O 读取配置）。
  • 意见：这轻微提升了服务的启动速度，因为减少了一次配置文件的读取操作。

4. 代码安全

• 移除潜在安全风险：
  • 随机数生成：删除了 users/guest.go 中的 getGuestUserName 函数。原代码使用了 math/rand（且在循环中重复调用 rand.Seed），这是一个伪随机数生成器，不是加密安全的。虽然用于生成用户名可能不是直接的安全漏洞，但移除它消除了潜在的不可预测性问题。
  • 临时目录：CreateGuestUser 曾使用 /tmp/ 作为家目录（-d /tmp/username）。移除此功能消除了临时目录权限管理不当可能带来的风险。
  • 攻击面减少：移除 AllowGuestAccount 和 CreateGuestAccount 这两个 DBus 方法，直接减少了系统的攻击面。攻击者无法再利用 DBus 接口尝试创建或启用访客账户。

总结与改进建议

这段代码变更质量很高，成功移除了一个不再需要的功能模块，并随之清理了相关的依赖和配置，有助于提升系统的简洁性和安全性。

改进建议：

1. 版权年份：建议将 manager.go 和 manager_ifc.go 中的版权年份 2026 修改为当前实际年份（如 2024），以符合开源项目的常规维护习惯。
2. 全库搜索：建议在合并前进行一次全库搜索（grep），确认 CreateGuestUser 或 AllowGuest 等标识符没有在其他未被 diff 覆盖的文件中被引用。
3. 配置文件迁移：虽然代码删除了读取 actConfigKeyGuest 的逻辑，但用户的系统中可能还残留着旧的配置项。如果这是系统升级的一部分，建议在升级脚本中考虑清理 /etc/deepin/dde-daemon/accounts.ini 中的 AllowGuest 配置项，以保持配置文件的整洁。

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ComixHe, fly602

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment