The event was used by the old Options UI, but no longer used by new Settings UI. Specifically the way the certificates are initialized happens at [1], where a call to refereshCertificates() is triggered, and a listener is added for certificates-changed. Note that accordingc to [2], calling refreshCertificates() triggers a series of events.

Not sure if there is anything to fix here (besides maybe just removing the event?). It seems that the UI is waiting for 'changed' events to populate itself, therefore it does not risk accessing certificate_manager_model_ before it is ready.


[1] https://cs.chromium.org/chromium/src/ui/webui/resources/cr_components/certificate_manager/certificate_manager.js?l=112-114
[2] https://cs.chromium.org/chromium/src/ui/webui/resources/cr_components/certificate_manager/certificates_browser_proxy.js?l=89-91

It's true that the certificate list isn't populated before the manager is ready, but the Import buttons are clickable, and they rely on the manager being ready too.

Ok, so you are basically saying that we either need to disable the buttons until the model is ready, or we should add a CHECK on the C++ side when imports are being processed to ensure that the model is ready by that time?

Yes. And I'm not certain, but should the "Bind and Import" button be clickable if TPM isn't available? I figured that was why certificates-model-ready included the tpm_available_value arg. (Not sure what user_db_available_value is for though.)

cc'ing stevenjb@ for "Import and bind" question, which is CrOS only.

Can tpm_available be false? If so, should the "Import and bind" button be hidden/disabled in the UI?

[1] https://cs.chromium.org/chromium/src/chrome/browser/ui/webui/certificates_handler.cc?t&l=997

In principal we should disable "Import and bind" if tpm_available is false. In practice that should never be the case on an actual CrOS device (but could be on a Linux build or a third party build).