[signin] Update signin-allowed policy

The signin-allowed policy is now tied to the new pref signin.allowed_on_next_startup. This means that changes only take effect on the next startup. Note: This change only affects Desktop. Additional change: - Move the signin-allowed toggle to the top of the privacy page. Screenshot: https://drive.google.com/file/d/1FD0gQRmwlnIFeiAMpU7U_3x4ErUu91Tb/view?usp=sharing TBR=scottchen@chromium.org Bug: 888776 Change-Id: I4f7281a3b7eee8e799c48cf829dde12c7e9cbcc8 Reviewed-on: https://chromium-review.googlesource.com/1249021Reviewed-by: Thomas Tangl <tangltom@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Reviewed-by: David Roger <droger@chromium.org> Commit-Queue: Thomas Tangl <tangltom@chromium.org> Cr-Commit-Position: refs/heads/master@{#594705}

[signin] Update signin-allowed policy
The signin-allowed policy is now tied to the new pref signin.allowed_on_next_startup. This means that changes only take effect on the next startup. Note: This change only affects Desktop. Additional change: - Move the signin-allowed toggle to the top of the privacy page. Screenshot: https://drive.google.com/file/d/1FD0gQRmwlnIFeiAMpU7U_3x4ErUu91Tb/view?usp=sharing TBR=scottchen@chromium.org Bug: 888776 Change-Id: I4f7281a3b7eee8e799c48cf829dde12c7e9cbcc8 Reviewed-on: https://chromium-review.googlesource.com/1249021Reviewed-by: Thomas Tangl <tangltom@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Reviewed-by: David Roger <droger@chromium.org> Commit-Queue: Thomas Tangl <tangltom@chromium.org> Cr-Commit-Position: refs/heads/master@{#594705}
0b6f7fec · Thomas Tangl · Commit Bot · 65c31a67 · 0b6f7fec · 0b6f7fec
Commit 0b6f7fec authored Sep 27, 2018 by Thomas Tangl Committed by Commit Bot Sep 27, 2018
4 changed files
--- a/chrome/browser/policy/configuration_policy_handler_list_factory.cc
+++ b/chrome/browser/policy/configuration_policy_handler_list_factory.cc
@@ -266,7 +266,14 @@ const PolicyToPreferenceMapEntry kSimplePolicyMap[] = {
    prefs::kManagedDefaultGeolocationSetting,
    base::Value::Type::INTEGER },
  { key::kSigninAllowed,
+#if defined(OS_ANDROID)
+    // The new kSigninAllowedOnNextStartup pref is only used on Desktop.
+    // Keep the old kSigninAllowed pref for Android until the policy is
+    // fully depricated in M71 and can be removed.
    prefs::kSigninAllowed,
+#else
+    prefs::kSigninAllowedOnNextStartup,
+#endif
    base::Value::Type::BOOLEAN },
  { key::kEnableOnlineRevocationChecks,
    prefs::kCertRevocationCheckingEnabled,

--- a/chrome/browser/resources/settings/privacy_page/privacy_page.html
+++ b/chrome/browser/resources/settings/privacy_page/privacy_page.html
@@ -88,10 +88,6 @@
              $i18nRaw{improveBrowsingExperience}
            </p>
          </div>
-          <settings-personalization-options prefs="{{prefs}}"
-              page-visibility="[[pageVisibility]]"
-              unified-consent-enabled="[[unifiedConsentEnabled_]]">
-          </settings-personalization-options>
        </template>
 <if expr="not chromeos">
        <settings-toggle-button id="signinAllowedToggle"
@@ -101,6 +97,12 @@
            on-settings-boolean-control-change="onSigninAllowedChange_">
        </settings-toggle-button>
 </if><!-- not chromeos -->
+        <template is="dom-if" if="[[!unifiedConsentEnabled_]]">
+          <settings-personalization-options prefs="{{prefs}}"
+              page-visibility="[[pageVisibility]]"
+              unified-consent-enabled="[[unifiedConsentEnabled_]]">
+          </settings-personalization-options>
+        </template>
        <settings-toggle-button id="doNotTrack"
            pref="{{prefs.enable_do_not_track}}" label="$i18n{doNotTrack}"
            on-settings-boolean-control-change="onDoNotTrackChange_"

--- a/chrome/browser/signin/account_consistency_mode_manager.cc
+++ b/chrome/browser/signin/account_consistency_mode_manager.cc
@@ -123,19 +123,15 @@ AccountConsistencyModeManager::AccountConsistencyModeManager(Profile* profile)
  DCHECK(profile_);
  DCHECK(!profile_->IsOffTheRecord());
+#if BUILDFLAG(ENABLE_DICE_SUPPORT)
  PrefService* prefs = profile->GetPrefs();
-  bool signin_allowed = prefs->GetBoolean(prefs::kSigninAllowed);
+  // Propagate settings changes from the previous launch to the signin-allowed
-  if (prefs->IsUserModifiablePreference(prefs::kSigninAllowed)) {
+  // pref.
-    // Propagate settings changes from the previous launch to the signin-allowed
+  bool signin_allowed = prefs->GetBoolean(prefs::kSigninAllowedOnNextStartup);
-    // pref.
+  prefs->SetBoolean(prefs::kSigninAllowed, signin_allowed);
-    signin_allowed = prefs->GetBoolean(prefs::kSigninAllowedOnNextStartup);
-    prefs->SetBoolean(prefs::kSigninAllowed, signin_allowed);
-  } else {
-    // When the signin-allowed pref is not user-modifiable(e.g. managed), reset
-    // signin-allowed-on-next-startup.
-    prefs->SetBoolean(prefs::kSigninAllowedOnNextStartup, signin_allowed);
-  }
  UMA_HISTOGRAM_BOOLEAN("Signin.SigninAllowed", signin_allowed);
+#endif
  account_consistency_ = ComputeAccountConsistencyMethod(profile_);

--- a/chrome/test/data/policy/policy_test_cases.json
+++ b/chrome/test/data/policy/policy_test_cases.json
@@ -640,7 +640,7 @@
    "os": ["win", "linux", "mac"],
    "test_policy": { "SigninAllowed": true },
    "pref_mappings": [
-      { "pref": "signin.allowed" }
+      { "pref": "signin.allowed_on_next_startup" }
    ]
  },