Migrate consumers of SigninManager::IsAllowedUsername()

Use identity::IsUsernameAllowedByPattern() instead so that we can migrate
those consumers entirely to the IdentityManager in follow-up patches.

Also, in order to make it explicit that this API should not be used any
more, make SigninManager::IsAllowedUsername() a private method and friend
it with the relevant test cases from SigninManagerTest, so that it can
only be used from there. And while at it, also remove some stale lines
"friending" SigninManager with test cases that no longer exist.

Bug: 890794, 890815, 906085
Change-Id: I2a5be231ff70d3e390aa1718c795aef9d8b255ff
Reviewed-on: https://chromium-review.googlesource.com/c/1353894Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Reviewed-by: Sylvain Defresne <sdefresne@chromium.org>
Commit-Queue: Mario Sanchez Prada <mario@igalia.com>
Cr-Commit-Position: refs/heads/master@{#611764}

chrome/browser/signin/signin_ui_util.cc

@@ -11,6 +11,7 @@
 #include "base/strings/sys_string_conversions.h"
 #include "base/strings/utf_string_conversions.h"
 #include "build/build_config.h"
+#include "chrome/browser/browser_process.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/signin/account_tracker_service_factory.h"
 #include "chrome/browser/signin/gaia_cookie_manager_service_factory.h"
@@ -31,7 +32,9 @@
 #include "components/signin/core/browser/account_info.h"
 #include "components/signin/core/browser/account_tracker_service.h"
 #include "components/signin/core/browser/gaia_cookie_manager_service.h"
+#include "components/signin/core/browser/identity_utils.h"
 #include "components/signin/core/browser/signin_manager.h"
+#include "components/signin/core/browser/signin_pref_names.h"
 #include "components/user_manager/user_manager.h"
 #include "services/identity/public/cpp/identity_manager.h"
 #include "third_party/re2/src/re2/re2.h"
@@ -240,7 +243,9 @@ std::vector<AccountInfo> GetAccountsForDicePromos(Profile* profile) {
   std::vector<AccountInfo> accounts;
   for (auto account_info : accounts_with_tokens) {
     DCHECK(!account_info.IsEmpty());
-    if (!signin_manager->IsAllowedUsername(account_info.email)) {
+    if (!identity::LegacyIsUsernameAllowedByPatternFromPrefs(
+            g_browser_process->local_state(), account_info.email,
+            prefs::kGoogleServicesUsernamePattern)) {
       continue;
     }
     if (account_info.account_id == default_account_id)

chrome/browser/signin/signin_util.cc

@@ -30,7 +30,9 @@
 #include "chrome/grit/generated_resources.h"
 #include "components/google/core/common/google_util.h"
 #include "components/prefs/pref_service.h"
+#include "components/signin/core/browser/identity_utils.h"
 #include "components/signin/core/browser/signin_manager.h"
+#include "components/signin/core/browser/signin_pref_names.h"
 #include "ui/base/l10n/l10n_util.h"
 
 namespace signin_util {
@@ -214,7 +216,9 @@ void EnsurePrimaryAccountAllowedForProfile(Profile* profile) {
 
   AccountInfo primary_account = signin_manager->GetAuthenticatedAccountInfo();
   if (signin_manager->IsSigninAllowed() &&
-      signin_manager->IsAllowedUsername(primary_account.email)) {
+      identity::LegacyIsUsernameAllowedByPatternFromPrefs(
+          g_browser_process->local_state(), primary_account.email,
+          prefs::kGoogleServicesUsernamePattern)) {
     return;
   }
 

chrome/browser/ui/webui/signin/signin_utils_desktop.cc

@@ -18,6 +18,7 @@
 #include "chrome/grit/chromium_strings.h"
 #include "chrome/grit/generated_resources.h"
 #include "components/guest_view/browser/guest_view_manager.h"
+#include "components/signin/core/browser/identity_utils.h"
 #include "components/signin/core/browser/signin_manager.h"
 #include "components/signin/core/browser/signin_pref_names.h"
 #include "ui/base/l10n/l10n_util.h"
@@ -45,7 +46,9 @@ bool CanOfferSignin(Profile* profile,
       return false;
 
     // Make sure this username is not prohibited by policy.
-    if (!manager->IsAllowedUsername(email)) {
+    if (!identity::LegacyIsUsernameAllowedByPatternFromPrefs(
+            g_browser_process->local_state(), email,
+            prefs::kGoogleServicesUsernamePattern)) {
       if (error_message) {
         error_message->assign(
             l10n_util::GetStringUTF8(IDS_SYNC_LOGIN_NAME_PROHIBITED));

components/signin/core/browser/signin_manager.h

@@ -168,10 +168,6 @@ class SigninManager : public SigninManagerBase,
   // Sets whether sign-in is allowed or not.
   void SetSigninAllowed(bool allowed);
 
-  // Returns true if the passed username is allowed by policy. Virtual for
-  // mocking in tests.
-  virtual bool IsAllowedUsername(const std::string& username) const;
-
   // If an authentication is in progress, return the account id being
   // authenticated. Returns an empty string if no auth is in progress.
   const std::string& GetAccountIdForAuthInProgress() const;
@@ -202,9 +198,8 @@ class SigninManager : public SigninManagerBase,
   std::string SigninTypeToString(SigninType type);
   friend class FakeSigninManager;
   friend class identity::IdentityManager;
-  FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ClearTransientSigninData);
-  FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorSuccess);
-  FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, ProvideSecondFactorFailure);
+  FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, Prohibited);
+  FRIEND_TEST_ALL_PREFIXES(SigninManagerTest, TestAlternateWildcard);
 
   // Called to setup the transient signin data during one of the
   // StartSigninXXX methods.  |type| indicates which of the methods is being
@@ -256,6 +251,9 @@ class SigninManager : public SigninManagerBase,
   void OnSigninAllowedPrefChanged();
   void OnGoogleServicesUsernamePatternChanged();
 
+  // Returns true if the passed username is allowed by policy.
+  bool IsAllowedUsername(const std::string& username) const;
+
   std::string possibly_invalid_account_id_;
   std::string possibly_invalid_gaia_id_;
   std::string possibly_invalid_email_;