Write policies dump to log directory so they can be uploaded alongside logs

Bug: 771918
Change-Id: I97aa23f789d70dcc611fae05cb10b4e9b18009ed
Reviewed-on: https://chromium-review.googlesource.com/820310Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
Commit-Queue: Denis Kuznetsov <antrim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#523796}

chrome/browser/BUILD.gn

@@ -1025,6 +1025,8 @@ split_static_library("browser") {
     "policy/managed_bookmarks_policy_handler.h",
     "policy/network_prediction_policy_handler.cc",
     "policy/network_prediction_policy_handler.h",
+    "policy/policy_conversions.cc",
+    "policy/policy_conversions.h",
     "policy/policy_helpers.cc",
     "policy/policy_helpers.h",
     "policy/profile_policy_connector.cc",

chrome/browser/chromeos/policy/system_log_uploader.cc

@@ -21,9 +21,12 @@
 #include "chrome/browser/chromeos/policy/upload_job_impl.h"
 #include "chrome/browser/chromeos/settings/device_oauth2_token_service.h"
 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h"
+#include "chrome/browser/policy/policy_conversions.h"
+#include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/common/chrome_switches.h"
 #include "components/feedback/anonymizer_tool.h"
 #include "components/policy/core/browser/browser_policy_connector.h"
+#include "components/user_manager/user_manager.h"
 #include "net/http/http_request_headers.h"
 
 namespace policy {
@@ -39,6 +42,10 @@ constexpr char kSystemLogUploadUrlTail[] = "/upload";
 // The cutoff point (in bytes) after which log contents are ignored.
 const size_t kLogCutoffSize = 50 * 1024 * 1024;  // 50 MiB.
 
+// Pseudo-location of policy dump file. Policy is uploaded from memory,
+// there is no actual file on disk.
+constexpr char kPolicyDumpFileLocation[] = "/var/log/policy_dump.json";
+
 // The file names of the system logs to upload.
 // Note: do not add anything to this list without checking for PII in the file.
 const char* const kSystemLogFileNames[] = {
@@ -91,7 +98,8 @@ class SystemLogDelegate : public SystemLogUploader::Delegate {
   ~SystemLogDelegate() override;
 
   // SystemLogUploader::Delegate:
-  void LoadSystemLogs(const LogUploadCallback& upload_callback) override;
+  std::string GetPolicyAsJSON() override;
+  void LoadSystemLogs(LogUploadCallback upload_callback) override;
 
   std::unique_ptr<UploadJob> CreateUploadJob(
       const GURL& upload_url,
@@ -110,13 +118,24 @@ SystemLogDelegate::SystemLogDelegate(
 
 SystemLogDelegate::~SystemLogDelegate() {}
 
-void SystemLogDelegate::LoadSystemLogs(
-    const LogUploadCallback& upload_callback) {
+std::string SystemLogDelegate::GetPolicyAsJSON() {
+  bool include_user_policies = false;
+  if (user_manager::UserManager::IsInitialized()) {
+    if (user_manager::UserManager::Get()->GetPrimaryUser()) {
+      include_user_policies =
+          user_manager::UserManager::Get()->GetPrimaryUser()->IsAffiliated();
+    }
+  }
+  return policy::GetAllPolicyValuesAsJSON(
+      ProfileManager::GetActiveUserProfile(), include_user_policies);
+}
+
+void SystemLogDelegate::LoadSystemLogs(LogUploadCallback upload_callback) {
   // Run ReadFiles() in the thread that interacts with the file system and
   // return system logs to |upload_callback| on the current thread.
   base::PostTaskWithTraitsAndReplyWithResult(
       FROM_HERE, {base::MayBlock(), base::TaskPriority::BACKGROUND},
-      base::Bind(&ReadFiles), upload_callback);
+      base::BindOnce(&ReadFiles), std::move(upload_callback));
 }
 
 std::unique_ptr<UploadJob> SystemLogDelegate::CreateUploadJob(
@@ -311,10 +330,10 @@ void SystemLogUploader::StartLogUpload() {
   DCHECK(thread_checker_.CalledOnValidThread());
 
   if (upload_enabled_) {
-    SYSLOG(INFO) << "Starting system log upload.";
+    SYSLOG(INFO) << "Reading system logs for upload.";
     log_upload_in_progress_ = true;
-    syslog_delegate_->LoadSystemLogs(base::Bind(
-        &SystemLogUploader::UploadSystemLogs, weak_factory_.GetWeakPtr()));
+    syslog_delegate_->LoadSystemLogs(base::BindOnce(
+        &SystemLogUploader::OnSystemLogsLoaded, weak_factory_.GetWeakPtr()));
   } else {
     // If upload is disabled, schedule the next attempt after 12h.
     SYSLOG(INFO) << "System log upload is disabled, rescheduling.";
@@ -324,6 +343,16 @@ void SystemLogUploader::StartLogUpload() {
   }
 }
 
+void SystemLogUploader::OnSystemLogsLoaded(
+    std::unique_ptr<SystemLogs> system_logs) {
+  // Must be called on the main thread.
+  DCHECK(thread_checker_.CalledOnValidThread());
+  system_logs->push_back(std::make_pair(kPolicyDumpFileLocation,
+                                        syslog_delegate_->GetPolicyAsJSON()));
+  SYSLOG(INFO) << "Starting system log upload.";
+  UploadSystemLogs(std::move(system_logs));
+}
+
 void SystemLogUploader::ScheduleNextSystemLogUpload(base::TimeDelta frequency) {
   // Don't schedule a new system log upload if there's a log upload in progress
   // (it will be scheduled once the current one completes).

chrome/browser/chromeos/policy/system_log_uploader.h

@@ -59,12 +59,15 @@ class SystemLogUploader : public UploadJob::Delegate {
   class Delegate {
    public:
     using LogUploadCallback =
-        base::Callback<void(std::unique_ptr<SystemLogs> system_logs)>;
+        base::OnceCallback<void(std::unique_ptr<SystemLogs> system_logs)>;
 
     virtual ~Delegate() {}
 
+    // Returns current policy dump in JSON format.
+    virtual std::string GetPolicyAsJSON() = 0;
+
     // Loads system logs and invokes |upload_callback|.
-    virtual void LoadSystemLogs(const LogUploadCallback& upload_callback) = 0;
+    virtual void LoadSystemLogs(LogUploadCallback upload_callback) = 0;
 
     // Creates a new fully configured instance of an UploadJob. This method
     // will be called exactly once per every system log upload.
@@ -101,7 +104,10 @@ class SystemLogUploader : public UploadJob::Delegate {
   void StartLogUpload();
 
   // The callback is invoked by the Delegate if system logs have been loaded
-  // from disk, uploads system logs.
+  // from disk, adds policy dump and calls UploadSystemLogs.
+  void OnSystemLogsLoaded(std::unique_ptr<SystemLogs> system_logs);
+
+  // Uploads system logs.
   void UploadSystemLogs(std::unique_ptr<SystemLogs> system_logs);
 
   // Helper method that figures out when the next system log upload should

chrome/browser/chromeos/policy/system_log_uploader_unittest.cc

@@ -21,6 +21,10 @@ namespace policy {
 
 namespace {
 
+// Pseudo-location of policy dump file.
+constexpr char kPolicyDumpFileLocation[] = "/var/log/policy_dump.json";
+constexpr char kPolicyDump[] = "{}";
+
 // The list of tested system log file names.
 const char* const kTestSystemLogFileNames[] = {"name1.txt", "name32.txt"};
 
@@ -81,7 +85,11 @@ void MockUploadJob::AddDataSegment(
                                file_index_ + 1),
             name);
 
-  EXPECT_EQ(kTestSystemLogFileNames[file_index_], filename);
+  if (file_index_ == max_files_ - 1) {
+    EXPECT_EQ(kPolicyDumpFileLocation, filename);
+  } else {
+    EXPECT_EQ(kTestSystemLogFileNames[file_index_], filename);
+  }
 
   EXPECT_EQ(2U, header_entries.size());
   EXPECT_EQ(
@@ -90,7 +98,11 @@ void MockUploadJob::AddDataSegment(
   EXPECT_EQ(SystemLogUploader::kContentTypePlainText,
             header_entries.find(net::HttpRequestHeaders::kContentType)->second);
 
-  EXPECT_EQ(kTestSystemLogFileNames[file_index_], *data);
+  if (file_index_ == max_files_ - 1) {
+    EXPECT_EQ(kPolicyDump, *data);
+  } else {
+    EXPECT_EQ(kTestSystemLogFileNames[file_index_], *data);
+  }
 
   file_index_++;
 }
@@ -117,9 +129,11 @@ class MockSystemLogDelegate : public SystemLogUploader::Delegate {
       : is_upload_error_(is_upload_error), system_logs_(system_logs) {}
   ~MockSystemLogDelegate() override {}
 
-  void LoadSystemLogs(const LogUploadCallback& upload_callback) override {
+  std::string GetPolicyAsJSON() override { return kPolicyDump; }
+
+  void LoadSystemLogs(LogUploadCallback upload_callback) override {
     EXPECT_TRUE(is_upload_allowed_);
-    upload_callback.Run(
+    std::move(upload_callback).Run(
         base::MakeUnique<SystemLogUploader::SystemLogs>(system_logs_));
   }
 
@@ -127,7 +141,7 @@ class MockSystemLogDelegate : public SystemLogUploader::Delegate {
       const GURL& url,
       UploadJob::Delegate* delegate) override {
     return base::MakeUnique<MockUploadJob>(url, delegate, is_upload_error_,
-                                           system_logs_.size());
+                                           system_logs_.size() + 1);
   }
 
   void set_upload_allowed(bool is_upload_allowed) {

chrome/browser/policy/policy_conversions.cc

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/policy/policy_conversions.h"
+
+#include "base/json/json_writer.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/policy/profile_policy_connector.h"
+#include "chrome/browser/policy/profile_policy_connector_factory.h"
+#include "chrome/browser/profiles/profile.h"
+#include "components/policy/core/browser/browser_policy_connector.h"
+#include "components/policy/core/browser/policy_error_map.h"
+#include "components/policy/core/common/policy_details.h"
+#include "components/policy/core/common/policy_namespace.h"
+#include "components/policy/core/common/policy_service.h"
+#include "components/policy/core/common/policy_types.h"
+#include "components/policy/policy_constants.h"
+#include "components/strings/grit/components_strings.h"
+#include "extensions/features/features.h"
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+#include "extensions/browser/extension_registry.h"
+#include "extensions/common/extension.h"
+#include "extensions/common/manifest.h"
+#include "extensions/common/manifest_constants.h"
+#endif
+
+namespace policy {
+
+namespace {
+
+struct PolicyStringMap {
+  const char* key;
+  int string_id;
+};
+
+const PolicyStringMap kPolicySources[policy::POLICY_SOURCE_COUNT] = {
+    {"sourceEnterpriseDefault", IDS_POLICY_SOURCE_ENTERPRISE_DEFAULT},
+    {"sourceCloud", IDS_POLICY_SOURCE_CLOUD},
+    {"sourceActiveDirectory", IDS_POLICY_SOURCE_ACTIVE_DIRECTORY},
+    {"sourcePublicSessionOverride", IDS_POLICY_SOURCE_PUBLIC_SESSION_OVERRIDE},
+    {"sourcePlatform", IDS_POLICY_SOURCE_PLATFORM},
+};
+
+// Utility function that returns a JSON serialization of the given |dict|.
+std::unique_ptr<base::Value> DictionaryToJSONString(
+    const base::DictionaryValue& dict) {
+  std::string json_string;
+  base::JSONWriter::WriteWithOptions(
+      dict, base::JSONWriter::OPTIONS_PRETTY_PRINT, &json_string);
+  return std::make_unique<base::Value>(json_string);
+}
+
+// Returns a copy of |value|. If necessary (which is specified by
+// |convert_values|), converts some values to a representation that
+// i18n_template.js will display.
+std::unique_ptr<base::Value> CopyAndMaybeConvert(const base::Value* value,
+                                                 bool convert_values) {
+  if (!convert_values)
+    return value->CreateDeepCopy();
+  const base::DictionaryValue* dict = NULL;
+  if (value->GetAsDictionary(&dict))
+    return DictionaryToJSONString(*dict);
+
+  std::unique_ptr<base::Value> copy = value->CreateDeepCopy();
+  base::ListValue* list = NULL;
+  if (copy->GetAsList(&list)) {
+    for (size_t i = 0; i < list->GetSize(); ++i) {
+      if (list->GetDictionary(i, &dict))
+        list->Set(i, DictionaryToJSONString(*dict));
+    }
+  }
+
+  return copy;
+}
+
+PolicyService* GetPolicyService(content::BrowserContext* context) {
+  return ProfilePolicyConnectorFactory::GetForBrowserContext(context)
+      ->policy_service();
+}
+
+// Inserts a description of each policy in |policy_map| into |values|, using
+// the optional errors in |errors| to determine the status of each policy. If
+// |convert_values| is true, converts the values to show them in javascript.
+
+void GetPolicyValues(const policy::PolicyMap& map,
+                     policy::PolicyErrorMap* errors,
+                     base::DictionaryValue* values,
+                     bool with_user_policies,
+                     bool convert_values) {
+  for (const auto& entry : map) {
+    if (entry.second.scope == policy::POLICY_SCOPE_USER && !with_user_policies)
+      continue;
+    std::unique_ptr<base::DictionaryValue> value(new base::DictionaryValue);
+    value->Set("value",
+               CopyAndMaybeConvert(entry.second.value.get(), convert_values));
+    if (entry.second.scope == policy::POLICY_SCOPE_USER)
+      value->SetString("scope", "user");
+    else
+      value->SetString("scope", "machine");
+    if (entry.second.level == policy::POLICY_LEVEL_RECOMMENDED)
+      value->SetString("level", "recommended");
+    else
+      value->SetString("level", "mandatory");
+    value->SetString("source", kPolicySources[entry.second.source].key);
+    base::string16 error = errors->GetErrors(entry.first);
+    if (!error.empty())
+      value->SetString("error", error);
+    values->SetWithoutPathExpansion(entry.first, std::move(value));
+  }
+}
+
+void GetChromePolicyValues(content::BrowserContext* context,
+                           base::DictionaryValue* values,
+                           bool keep_user_policies,
+                           bool convert_values) {
+  policy::PolicyService* policy_service = GetPolicyService(context);
+  policy::PolicyMap map;
+
+  // Make a copy that can be modified, since some policy values are modified
+  // before being displayed.
+  map.CopyFrom(policy_service->GetPolicies(
+      policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, std::string())));
+
+  // Get a list of all the errors in the policy values.
+  const policy::ConfigurationPolicyHandlerList* handler_list =
+      g_browser_process->browser_policy_connector()->GetHandlerList();
+  policy::PolicyErrorMap errors;
+  handler_list->ApplyPolicySettings(map, NULL, &errors);
+
+  // Convert dictionary values to strings for display.
+  handler_list->PrepareForDisplaying(&map);
+
+  GetPolicyValues(map, &errors, values, keep_user_policies, convert_values);
+}
+
+}  // namespace
+
+std::unique_ptr<base::DictionaryValue> GetAllPolicyValuesAsDictionary(
+    content::BrowserContext* context,
+    bool with_user_policies,
+    bool convert_values) {
+  base::DictionaryValue all_policies;
+  if (!context)
+    return std::make_unique<base::DictionaryValue>(std::move(all_policies));
+
+  // Add Chrome policy values.
+  auto chrome_policies = std::make_unique<base::DictionaryValue>();
+  GetChromePolicyValues(context, chrome_policies.get(), with_user_policies,
+                        convert_values);
+  all_policies.Set("chromePolicies", std::move(chrome_policies));
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+  // Add extension policy values.
+  extensions::ExtensionRegistry* registry =
+      extensions::ExtensionRegistry::Get(Profile::FromBrowserContext(context));
+  auto extension_values = std::make_unique<base::DictionaryValue>();
+
+  for (const scoped_refptr<const extensions::Extension>& extension :
+       registry->enabled_extensions()) {
+    // Skip this extension if it's not an enterprise extension.
+    if (!extension->manifest()->HasPath(
+            extensions::manifest_keys::kStorageManagedSchema))
+      continue;
+    auto extension_policies = std::make_unique<base::DictionaryValue>();
+    policy::PolicyNamespace policy_namespace = policy::PolicyNamespace(
+        policy::POLICY_DOMAIN_EXTENSIONS, extension->id());
+    policy::PolicyErrorMap empty_error_map;
+    GetPolicyValues(GetPolicyService(context)->GetPolicies(policy_namespace),
+                    &empty_error_map, extension_policies.get(),
+                    with_user_policies, convert_values);
+    extension_values->Set(extension->id(), std::move(extension_policies));
+  }
+  all_policies.Set("extensionPolicies", std::move(extension_values));
+#endif
+  return std::make_unique<base::DictionaryValue>(std::move(all_policies));
+}
+
+std::string GetAllPolicyValuesAsJSON(content::BrowserContext* context,
+                                     bool with_user_policies) {
+  std::unique_ptr<base::DictionaryValue> all_policies =
+      policy::GetAllPolicyValuesAsDictionary(context, with_user_policies,
+                                             false /* convert_values */);
+  return DictionaryToJSONString(*all_policies)->GetString();
+}
+
+}  // namespace policy

chrome/browser/policy/policy_conversions.h

+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_POLICY_POLICY_CONVERSIONS_H_
+#define CHROME_BROWSER_POLICY_POLICY_CONVERSIONS_H_
+
+#include <memory>
+
+#include "base/values.h"
+
+namespace content {
+class BrowserContext;
+}  // namespace content
+
+namespace policy {
+// Returns a dictionary with the values of all set policies, with some values
+// converted to be shown in javascript, if it is specified.
+// |with_user_policies| governs if values with POLICY_SCOPE_USER are included.
+std::unique_ptr<base::DictionaryValue> GetAllPolicyValuesAsDictionary(
+    content::BrowserContext* context,
+    bool with_user_policies,
+    bool convert_values);
+
+// Returns a JSON with the values of all set policies.
+// |with_user_policies| governs if values with POLICY_SCOPE_USER are included.
+std::string GetAllPolicyValuesAsJSON(content::BrowserContext* context,
+                                     bool with_user_policies);
+
+}  // namespace policy
+
+#endif  // CHROME_BROWSER_POLICY_POLICY_CONVERSIONS_H_

chrome/browser/ui/webui/policy_ui_handler.cc

@@ -26,6 +26,7 @@
 #include "build/build_config.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/download/download_prefs.h"
+#include "chrome/browser/policy/policy_conversions.h"
 #include "chrome/browser/policy/profile_policy_connector.h"
 #include "chrome/browser/policy/profile_policy_connector_factory.h"
 #include "chrome/browser/policy/schema_registry_service.h"
@@ -176,39 +177,6 @@ void ExtractDomainFromUsername(base::DictionaryValue* dict) {
     dict->SetString("domain", gaia::ExtractDomainName(username));
 }
 
-// Utility function that returns a JSON serialization of the given |dict|.
-std::unique_ptr<base::Value> DictionaryToJSONString(
-    const base::DictionaryValue& dict) {
-  std::string json_string;
-  base::JSONWriter::WriteWithOptions(dict,
-                                     base::JSONWriter::OPTIONS_PRETTY_PRINT,
-                                     &json_string);
-  return std::make_unique<base::Value>(json_string);
-}
-
-// Returns a copy of |value|. If necessary (which is specified by
-// |convert_values|), converts some values to a representation that
-// i18n_template.js will display.
-std::unique_ptr<base::Value> CopyAndMaybeConvert(const base::Value* value,
-                                                 bool convert_values) {
-  if (!convert_values)
-    return value->CreateDeepCopy();
-  const base::DictionaryValue* dict = NULL;
-  if (value->GetAsDictionary(&dict))
-    return DictionaryToJSONString(*dict);
-
-  std::unique_ptr<base::Value> copy = value->CreateDeepCopy();
-  base::ListValue* list = NULL;
-  if (copy->GetAsList(&list)) {
-    for (size_t i = 0; i < list->GetSize(); ++i) {
-      if (list->GetDictionary(i, &dict))
-        list->Set(i, DictionaryToJSONString(*dict));
-    }
-  }
-
-  return copy;
-}
-
 }  // namespace
 
 // An interface for querying the status of a policy provider.  It surfaces
@@ -765,93 +733,15 @@ void PolicyUIHandler::SendPolicyNames() const {
   web_ui()->CallJavascriptFunctionUnsafe("policy.Page.setPolicyNames", names);
 }
 
-std::unique_ptr<base::DictionaryValue> PolicyUIHandler::GetAllPolicyValues(
-    bool convert_values) const {
-  base::DictionaryValue all_policies;
-
-  // Add Chrome policy values.
-  auto chrome_policies = std::make_unique<base::DictionaryValue>();
-  GetChromePolicyValues(chrome_policies.get(), convert_values);
-  all_policies.Set("chromePolicies", std::move(chrome_policies));
-
-#if BUILDFLAG(ENABLE_EXTENSIONS)
-  // Add extension policy values.
-  extensions::ExtensionRegistry* registry =
-      extensions::ExtensionRegistry::Get(Profile::FromWebUI(web_ui()));
-  auto extension_values = std::make_unique<base::DictionaryValue>();
-
-  for (const scoped_refptr<const extensions::Extension>& extension :
-       registry->enabled_extensions()) {
-    // Skip this extension if it's not an enterprise extension.
-    if (!extension->manifest()->HasPath(
-        extensions::manifest_keys::kStorageManagedSchema))
-      continue;
-    auto extension_policies = std::make_unique<base::DictionaryValue>();
-    policy::PolicyNamespace policy_namespace = policy::PolicyNamespace(
-        policy::POLICY_DOMAIN_EXTENSIONS, extension->id());
-    policy::PolicyErrorMap empty_error_map;
-    GetPolicyValues(GetPolicyService()->GetPolicies(policy_namespace),
-                    &empty_error_map, extension_policies.get(), convert_values);
-    extension_values->Set(extension->id(), std::move(extension_policies));
-  }
-  all_policies.Set("extensionPolicies", std::move(extension_values));
-#endif
-  return std::make_unique<base::DictionaryValue>(std::move(all_policies));
-}
-
 void PolicyUIHandler::SendPolicyValues() const {
   std::unique_ptr<base::DictionaryValue> all_policies =
-      GetAllPolicyValues(true);
+      policy::GetAllPolicyValuesAsDictionary(
+          web_ui()->GetWebContents()->GetBrowserContext(),
+          true /* with_user_policies */, true /* convert_values */);
   web_ui()->CallJavascriptFunctionUnsafe("policy.Page.setPolicyValues",
                                          *all_policies);
 }
 
-void PolicyUIHandler::GetPolicyValues(const policy::PolicyMap& map,
-                                      policy::PolicyErrorMap* errors,
-                                      base::DictionaryValue* values,
-                                      bool convert_values) const {
-  for (const auto& entry : map) {
-    std::unique_ptr<base::DictionaryValue> value(new base::DictionaryValue);
-    value->Set("value",
-               CopyAndMaybeConvert(entry.second.value.get(), convert_values));
-    if (entry.second.scope == policy::POLICY_SCOPE_USER)
-      value->SetString("scope", "user");
-    else
-      value->SetString("scope", "machine");
-    if (entry.second.level == policy::POLICY_LEVEL_RECOMMENDED)
-      value->SetString("level", "recommended");
-    else
-      value->SetString("level", "mandatory");
-    value->SetString("source", kPolicySources[entry.second.source].key);
-    base::string16 error = errors->GetErrors(entry.first);
-    if (!error.empty())
-      value->SetString("error", error);
-    values->SetWithoutPathExpansion(entry.first, std::move(value));
-  }
-}
-
-void PolicyUIHandler::GetChromePolicyValues(base::DictionaryValue* values,
-                                            bool convert_values) const {
-  policy::PolicyService* policy_service = GetPolicyService();
-  policy::PolicyMap map;
-
-  // Make a copy that can be modified, since some policy values are modified
-  // before being displayed.
-  map.CopyFrom(policy_service->GetPolicies(
-      policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME, std::string())));
-
-  // Get a list of all the errors in the policy values.
-  const policy::ConfigurationPolicyHandlerList* handler_list =
-      g_browser_process->browser_policy_connector()->GetHandlerList();
-  policy::PolicyErrorMap errors;
-  handler_list->ApplyPolicySettings(map, NULL, &errors);
-
-  // Convert dictionary values to strings for display.
-  handler_list->PrepareForDisplaying(&map);
-
-  GetPolicyValues(map, &errors, values, convert_values);
-}
-
 void PolicyUIHandler::SendStatus() const {
   std::unique_ptr<base::DictionaryValue> device_status(
       new base::DictionaryValue);
@@ -909,10 +799,9 @@ void DoWritePoliciesToJSONFile(const base::FilePath& path,
 
 void PolicyUIHandler::WritePoliciesToJSONFile(
     const base::FilePath& path) const {
-  std::unique_ptr<base::DictionaryValue> all_policies =
-      GetAllPolicyValues(false);
-  std::string json_policies =
-      DictionaryToJSONString(*all_policies)->GetString();
+  std::string json_policies = policy::GetAllPolicyValuesAsJSON(
+      web_ui()->GetWebContents()->GetBrowserContext(),
+      true /* with_user_policies */);
 
   base::PostTaskWithTraits(
       FROM_HERE,

chrome/browser/ui/webui/policy_ui_handler.h

@@ -98,22 +98,6 @@ class PolicyUIHandler : public content::WebUIMessageHandler,
   // information is sent.
   void SendStatus() const;
 
-  // Inserts a description of each policy in |policy_map| into |values|, using
-  // the optional errors in |errors| to determine the status of each policy. If
-  // |convert_values| is true, converts the values to show them in javascript.
-  void GetPolicyValues(const policy::PolicyMap& policy_map,
-                       policy::PolicyErrorMap* errors,
-                       base::DictionaryValue* values,
-                       bool convert_values) const;
-
-  // Returns a dictionary with the values of all set policies, with some values
-  // converted to be shown in javascript, if it is specified.
-  std::unique_ptr<base::DictionaryValue> GetAllPolicyValues(
-      bool convert_values) const;
-
-  void GetChromePolicyValues(base::DictionaryValue* values,
-                             bool convert_values) const;
-
   void WritePoliciesToJSONFile(const base::FilePath& path) const;
 
   void HandleInitialized(const base::ListValue* args);