Remove cloud_policy_generated.cc

Store enough metadata in policy_constants.cc that we can use it to decode policies, and so don't need to generate any more code in cloud_policy_generated.cc The metadata required to decode a policy from a proto is the key, the type (both the raw type ie integer or string, and also whether it is JSON or external), and pointers to both has_policyproto() and policyproto() functions, where policyproto is the message field that holds this policy. The metadata that is stored in policy_constants.cc looks like so - the lines starting with &em are function pointers into the CloudPolicySettings proto: constexpr BooleanPolicyAccess kBooleanPolicyAccess[] = { {key::kAbusiveExperienceInterventionEnforce, &em::CloudPolicySettings::has_abusiveexperienceinterventionenforce, &em::CloudPolicySettings::abusiveexperienceinterventionenforce}, {key::kAllowCrossOriginAuthPrompt, &em::CloudPolicySettings::has_allowcrossoriginauthprompt, &em::CloudPolicySettings::allowcrossoriginauthprompt}, ... {nullptr, nullptr, nullptr}, }; constexpr IntegerPolicyAccess kIntegerPolicyAccess[] = { {key::kAdsSettingForIntrusiveAdsSites, &em::CloudPolicySettings::has_adssettingforintrusiveadssites, &em::CloudPolicySettings::adssettingforintrusiveadssites}, {key::kArcBackupRestoreServiceEnabled, &em::CloudPolicySettings::has_arcbackuprestoreserviceenabled, &em::CloudPolicySettings::arcbackuprestoreserviceenabled}, ... {nullptr, nullptr, nullptr}, }; constexpr StringPolicyAccess kStringPolicyAccess[] = { {key::kAllowedDomainsForApps, &em::CloudPolicySettings::has_alloweddomainsforapps, &em::CloudPolicySettings::alloweddomainsforapps, StringPolicyType::STRING}, {key::kContentPackManualBehaviorHosts, &em::CloudPolicySettings::has_contentpackmanualbehaviorhosts, &em::CloudPolicySettings::contentpackmanualbehaviorhosts, StringPolicyType::JSON}, {key::kNativePrintersBulkConfiguration, &em::CloudPolicySettings::has_nativeprintersbulkconfiguration, &em::CloudPolicySettings::nativeprintersbulkconfiguration, StringPolicyType::EXTERNAL}, ... {nullptr, nullptr, nullptr}, }; constexpr StringListPolicyAccess kStringListPolicyAccess[] = { {key::kAllowedInputMethods, &em::CloudPolicySettings::has_allowedinputmethods, &em::CloudPolicySettings::allowedinputmethods}, ... {nullptr, nullptr, nullptr}, }; Bug: 852366 Change-Id: I1b8a0ebc0c6d5019e63d81a4cb7e1cd1cb461bb3 Reviewed-on: https://chromium-review.googlesource.com/1110219 Commit-Queue: A Olsen <olsen@chromium.org> Reviewed-by: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#572212}

Remove cloud_policy_generated.cc
Store enough metadata in policy_constants.cc that we can use it to decode policies, and so don't need to generate any more code in cloud_policy_generated.cc The metadata required to decode a policy from a proto is the key, the type (both the raw type ie integer or string, and also whether it is JSON or external), and pointers to both has_policyproto() and policyproto() functions, where policyproto is the message field that holds this policy. The metadata that is stored in policy_constants.cc looks like so - the lines starting with &em are function pointers into the CloudPolicySettings proto: constexpr BooleanPolicyAccess kBooleanPolicyAccess[] = { {key::kAbusiveExperienceInterventionEnforce, &em::CloudPolicySettings::has_abusiveexperienceinterventionenforce, &em::CloudPolicySettings::abusiveexperienceinterventionenforce}, {key::kAllowCrossOriginAuthPrompt, &em::CloudPolicySettings::has_allowcrossoriginauthprompt, &em::CloudPolicySettings::allowcrossoriginauthprompt}, ... {nullptr, nullptr, nullptr}, }; constexpr IntegerPolicyAccess kIntegerPolicyAccess[] = { {key::kAdsSettingForIntrusiveAdsSites, &em::CloudPolicySettings::has_adssettingforintrusiveadssites, &em::CloudPolicySettings::adssettingforintrusiveadssites}, {key::kArcBackupRestoreServiceEnabled, &em::CloudPolicySettings::has_arcbackuprestoreserviceenabled, &em::CloudPolicySettings::arcbackuprestoreserviceenabled}, ... {nullptr, nullptr, nullptr}, }; constexpr StringPolicyAccess kStringPolicyAccess[] = { {key::kAllowedDomainsForApps, &em::CloudPolicySettings::has_alloweddomainsforapps, &em::CloudPolicySettings::alloweddomainsforapps, StringPolicyType::STRING}, {key::kContentPackManualBehaviorHosts, &em::CloudPolicySettings::has_contentpackmanualbehaviorhosts, &em::CloudPolicySettings::contentpackmanualbehaviorhosts, StringPolicyType::JSON}, {key::kNativePrintersBulkConfiguration, &em::CloudPolicySettings::has_nativeprintersbulkconfiguration, &em::CloudPolicySettings::nativeprintersbulkconfiguration, StringPolicyType::EXTERNAL}, ... {nullptr, nullptr, nullptr}, }; constexpr StringListPolicyAccess kStringListPolicyAccess[] = { {key::kAllowedInputMethods, &em::CloudPolicySettings::has_allowedinputmethods, &em::CloudPolicySettings::allowedinputmethods}, ... {nullptr, nullptr, nullptr}, }; Bug: 852366 Change-Id: I1b8a0ebc0c6d5019e63d81a4cb7e1cd1cb461bb3 Reviewed-on: https://chromium-review.googlesource.com/1110219 Commit-Queue: A Olsen <olsen@chromium.org> Reviewed-by: Lutz Justen <ljusten@chromium.org> Cr-Commit-Position: refs/heads/master@{#572212}
bc6e1f6c · A Olsen · Commit Bot · 9360e3ca · bc6e1f6c · bc6e1f6c
Commit bc6e1f6c authored Jul 03, 2018 by A Olsen Committed by Commit Bot Jul 03, 2018
6 changed files
--- a/components/policy/BUILD.gn
+++ b/components/policy/BUILD.gn
@@ -78,7 +78,6 @@ chrome_settings_full_runtime_proto_path =

 constants_header_path = "$target_gen_dir/policy_constants.h"
 constants_source_path = "$target_gen_dir/policy_constants.cc"
-protobuf_decoder_path = "$target_gen_dir/cloud_policy_generated.cc"
 app_restrictions_path = "$target_gen_dir/app_restrictions.xml"
 risk_tag_header_path = "$target_gen_dir/risk_tag.h"

@@ -100,7 +99,6 @@ action("cloud_policy_code_generate") {
  outputs = [
    constants_header_path,
    constants_source_path,
-    protobuf_decoder_path,
    chrome_settings_proto_path,
    cloud_policy_proto_path,
    app_restrictions_path,
@@ -120,8 +118,6 @@ action("cloud_policy_code_generate") {
        rebase_path(chrome_settings_proto_path, root_build_dir),
    "--cloud-policy-protobuf=" +
        rebase_path(cloud_policy_proto_path, root_build_dir),
-    "--cloud-policy-decoder=" +
-        rebase_path(protobuf_decoder_path, root_build_dir),
    "--app-restrictions-definition=" +
        rebase_path(app_restrictions_path, root_build_dir),
    "--risk-tag-header=" + rebase_path(risk_tag_header_path, root_build_dir),
@@ -334,7 +330,6 @@ static_library("generated") {
  sources = [
    constants_header_path,
    constants_source_path,
-    protobuf_decoder_path,
    risk_tag_header_path,
  ]


--- a/components/policy/core/common/BUILD.gn
+++ b/components/policy/core/common/BUILD.gn
@@ -108,6 +108,8 @@ source_set("internal") {
    "policy_namespace.h",
    "policy_pref_names.cc",
    "policy_pref_names.h",
+    "policy_proto_decoders.cc",
+    "policy_proto_decoders.h",
    "policy_service.cc",
    "policy_service.h",
    "policy_service_impl.cc",

--- a/components/policy/core/common/cloud/user_cloud_policy_store_base.cc
+++ b/components/policy/core/common/cloud/user_cloud_policy_store_base.cc
@@ -10,17 +10,11 @@
 #include "components/policy/core/common/cloud/cloud_external_data_manager.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
 #include "components/policy/core/common/policy_map.h"
+#include "components/policy/core/common/policy_proto_decoders.h"
 #include "components/policy/proto/cloud_policy.pb.h"

 namespace policy {

-// Decodes a CloudPolicySettings object into a policy map. The implementation is
-// generated code in policy/cloud_policy_generated.cc.
-void DecodePolicy(const enterprise_management::CloudPolicySettings& policy,
-                  base::WeakPtr<CloudExternalDataManager> external_data_manager,
-                  PolicyMap* policies,
-                  PolicyScope scope);
-
 UserCloudPolicyStoreBase::UserCloudPolicyStoreBase(
    scoped_refptr<base::SequencedTaskRunner> background_task_runner,
    PolicyScope policy_scope)
@@ -51,7 +45,8 @@ void UserCloudPolicyStoreBase::InstallPolicy(
    const std::string& policy_signature_public_key) {
  // Decode the payload.
  policy_map_.Clear();
-  DecodePolicy(*payload, external_data_manager(), &policy_map_, policy_scope_);
+  DecodeProtoFields(*payload, external_data_manager(), POLICY_SOURCE_CLOUD,
+                    policy_scope_, &policy_map_);
  policy_ = std::move(policy_data);
  policy_signature_public_key_ = policy_signature_public_key;
 }

--- a/components/policy/core/common/policy_proto_decoders.cc
+++ b/components/policy/core/common/policy_proto_decoders.cc
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/policy/core/common/policy_proto_decoders.h"
+
+#include <limits>
+#include <memory>
+
+#include "base/json/json_reader.h"
+#include "base/logging.h"
+#include "base/values.h"
+#include "components/policy/core/common/cloud/cloud_external_data_manager.h"
+#include "components/policy/core/common/policy_map.h"
+#include "components/policy/policy_constants.h"
+#include "components/policy/proto/cloud_policy.pb.h"
+
+namespace policy {
+
+namespace em = enterprise_management;
+
+namespace {
+
+// Returns true and sets |level| to a PolicyLevel if the policy has been set
+// at that level. Returns false if the policy is not set, or has been set at
+// the level of PolicyOptions::UNSET.
+template <class AnyPolicyProto>
+bool GetPolicyLevel(const AnyPolicyProto& policy_proto, PolicyLevel* level) {
+  if (!policy_proto.has_value()) {
+    return false;
+  }
+  if (!policy_proto.has_policy_options()) {
+    *level = POLICY_LEVEL_MANDATORY;  // Default level.
+    return true;
+  }
+  switch (policy_proto.policy_options().mode()) {
+    case em::PolicyOptions::MANDATORY:
+      *level = POLICY_LEVEL_MANDATORY;
+      return true;
+    case em::PolicyOptions::RECOMMENDED:
+      *level = POLICY_LEVEL_RECOMMENDED;
+      return true;
+    case em::PolicyOptions::UNSET:
+      return false;
+  }
+}
+
+// Convert a BooleanPolicyProto to a bool base::Value.
+std::unique_ptr<base::Value> DecodeBooleanProto(
+    const em::BooleanPolicyProto& proto) {
+  return std::make_unique<base::Value>(proto.value());
+}
+
+// Convert an IntegerPolicyProto to an int base::Value.
+std::unique_ptr<base::Value> DecodeIntegerProto(
+    const em::IntegerPolicyProto& proto,
+    std::string* error) {
+  google::protobuf::int64 value = proto.value();
+
+  if (value < std::numeric_limits<int>::min() ||
+      value > std::numeric_limits<int>::max()) {
+    LOG(WARNING) << "Integer value " << value << " out of numeric limits";
+    *error = "Number out of range - invalid int32";
+    return std::make_unique<base::Value>(std::to_string(value));
+  }
+
+  return std::make_unique<base::Value>(static_cast<int>(value));
+}
+
+// Convert a StringPolicyProto to a string base::Value.
+std::unique_ptr<base::Value> DecodeStringProto(
+    const em::StringPolicyProto& proto) {
+  return std::make_unique<base::Value>(proto.value());
+}
+
+// Convert a StringListPolicyProto to a List base::Value, where each list value
+// is of Type::STRING.
+std::unique_ptr<base::Value> DecodeStringListProto(
+    const em::StringListPolicyProto& proto) {
+  auto list_value = std::make_unique<base::ListValue>();
+  for (const auto& entry : proto.value().entries())
+    list_value->AppendString(entry);
+  return std::move(list_value);
+}
+
+// Convert a StringPolicyProto to a base::Value of any type (for example,
+// Type::DICTIONARY or Type::LIST) by parsing it as JSON.
+std::unique_ptr<base::Value> DecodeJsonProto(const em::StringPolicyProto& proto,
+                                             std::string* error) {
+  const std::string& json = proto.value();
+  std::unique_ptr<base::Value> parsed_value =
+      base::JSONReader::ReadAndReturnError(
+          json, base::JSON_ALLOW_TRAILING_COMMAS, nullptr, error);
+
+  if (!parsed_value) {
+    // Can't parse as JSON so return it as a string, and leave it to the handler
+    // to validate.
+    LOG(WARNING) << "Invalid JSON: " << json;
+    return std::make_unique<base::Value>(json);
+  }
+
+  // Accept any Value type that parsed as JSON, and leave it to the handler to
+  // convert and check the concrete type.
+  error->clear();
+  return parsed_value;
+}
+
+}  // namespace
+
+void DecodeProtoFields(
+    const em::CloudPolicySettings& policy,
+    base::WeakPtr<CloudExternalDataManager> external_data_manager,
+    PolicySource source,
+    PolicyScope scope,
+    PolicyMap* map) {
+  PolicyLevel level;
+
+  // Access arrays are terminated by a struct that contains only nullptrs.
+  for (const BooleanPolicyAccess* access = &kBooleanPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::BooleanPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    map->Set(access->policy_key, level, scope, source,
+             DecodeBooleanProto(proto), nullptr);
+  }
+
+  for (const IntegerPolicyAccess* access = &kIntegerPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::IntegerPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    std::string error;
+    map->Set(access->policy_key, level, scope, source,
+             DecodeIntegerProto(proto, &error), nullptr);
+    if (!error.empty())
+      map->SetError(access->policy_key, error);
+  }
+
+  for (const StringPolicyAccess* access = &kStringPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::StringPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    std::string error;
+    std::unique_ptr<base::Value> value =
+        (access->type == StringPolicyType::STRING)
+            ? DecodeStringProto(proto)
+            : DecodeJsonProto(proto, &error);
+
+    std::unique_ptr<ExternalDataFetcher> external_data_fetcher =
+        (access->type == StringPolicyType::EXTERNAL)
+            ? std::make_unique<ExternalDataFetcher>(external_data_manager,
+                                                    access->policy_key)
+            : nullptr;
+
+    map->Set(access->policy_key, level, scope, source, std::move(value),
+             std::move(external_data_fetcher));
+    if (!error.empty())
+      map->SetError(access->policy_key, error);
+  }
+
+  for (const StringListPolicyAccess* access = &kStringListPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::StringListPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    map->Set(access->policy_key, level, scope, source,
+             DecodeStringListProto(proto), nullptr);
+  }
+}
+
+}  // namespace policy
\ No newline at end of file
--- a/components/policy/core/common/policy_proto_decoders.h
+++ b/components/policy/core/common/policy_proto_decoders.h
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_
+#define COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_
+
+#include <string>
+
+#include "base/memory/weak_ptr.h"
+#include "components/policy/core/common/policy_types.h"
+
+namespace enterprise_management {
+class CloudPolicySettings;
+}  // namespace enterprise_management
+
+namespace policy {
+
+class CloudExternalDataManager;
+class PolicyMap;
+
+// Decode all of the fields in |policy| which are recognized (see the metadata
+// in policy_constants.cc) and store them in the given |map|, with the given
+// |source| and |scope|.
+void DecodeProtoFields(
+    const enterprise_management::CloudPolicySettings& policy,
+    base::WeakPtr<CloudExternalDataManager> external_data_manager,
+    PolicySource source,
+    PolicyScope scope,
+    PolicyMap* map);
+
+}  // namespace policy
+
+#endif  // COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_
--- a/components/policy/tools/generate_policy_source.py
+++ b/components/policy/tools/generate_policy_source.py
@@ -202,10 +202,6 @@ def main():
                    dest='chrome_settings_full_runtime_proto_path',
                    help='generate chrome settings full runtime protobuf',
                    metavar='FILE')
-  parser.add_option('--cpd', '--cloud-policy-decoder',
-                    dest='cloud_policy_decoder_path',
-                    help='generate C++ code decoding the cloud policy protobuf',
-                    metavar='FILE')
  parser.add_option('--ard', '--app-restrictions-definition',
                    dest='app_restrictions_path',
                    help='generate an XML file as specified by '
@@ -271,8 +267,6 @@ def main():
  if opts.chrome_settings_full_runtime_proto_path:
    GenerateFile(opts.chrome_settings_full_runtime_proto_path,
        _WriteChromeSettingsFullRuntimeProtobuf)
-  if opts.cloud_policy_decoder_path:
-    GenerateFile(opts.cloud_policy_decoder_path, _WriteCloudPolicyDecoder)

  if os == 'android' and opts.app_restrictions_path:
    GenerateFile(opts.app_restrictions_path, _WriteAppRestrictions, xml=True)
@@ -343,6 +337,7 @@ def _WritePolicyConstantHeader(policies, os, f, risk_tags):
          '#include "base/values.h"\n'
          '#include "components/policy/core/common/policy_details.h"\n'
          '#include "components/policy/core/common/policy_map.h"\n'
+          '#include "components/policy/proto/cloud_policy.pb.h"\n'
          '\n'
          'namespace policy {\n'
          '\n'
@@ -376,10 +371,38 @@ def _WritePolicyConstantHeader(policies, os, f, risk_tags):
    # so that these names can be conditional on 'policy.is_supported'.
    # http://crbug.com/223616
    f.write('extern const char k' + policy.name + '[];\n')
-  f.write('\n}  // namespace key\n\n'
-          '}  // namespace policy\n\n'
+  f.write('\n}  // namespace key\n\n')
+
+  f.write('enum class StringPolicyType {\n'
+          '  STRING,\n'
+          '  JSON,\n'
+          '  EXTERNAL,\n'
+          '};\n\n');
+
+  # User policy proto pointers, one struct for each protobuf type.
+  protobuf_types = _GetProtobufTypes(policies)
+  for protobuf_type in protobuf_types:
+    _WriteChromePolicyAccessHeader(f, protobuf_type)
+
+  f.write('\n}  // namespace policy\n\n'
          '#endif  // CHROME_COMMON_POLICY_CONSTANTS_H_\n')

+def _WriteChromePolicyAccessHeader(f, protobuf_type):
+  f.write('// Read access to the protobufs of all supported %s user policies.\n'
+          % protobuf_type.lower())
+  f.write('struct %sPolicyAccess {\n' %  protobuf_type)
+  f.write('  const char* policy_key;\n'
+          '  bool (enterprise_management::CloudPolicySettings::'
+          '*has_proto)() const;\n'
+          '  const enterprise_management::%sPolicyProto&\n'
+          '      (enterprise_management::CloudPolicySettings::'
+          '*get_proto)() const;\n' % protobuf_type)
+  if protobuf_type == 'String':
+    f.write('  const StringPolicyType type;\n')
+  f.write('};\n')
+  f.write('extern const %sPolicyAccess k%sPolicyAccess[];\n\n'
+          % (protobuf_type, protobuf_type))
+

 #------------------ policy constants source ------------------------#

@@ -754,8 +777,11 @@ def _WritePolicyConstantSource(policies, os, f, risk_tags):
          '#include "base/logging.h"\n'
          '#include "components/policy/core/common/policy_types.h"\n'
          '#include "components/policy/core/common/schema_internal.h"\n'
+          '#include "components/policy/proto/cloud_policy.pb.h"\n'
          '#include "components/policy/risk_tag.h"\n'
          '\n'
+          'namespace em = enterprise_management;\n\n'
+          '\n'
          'namespace policy {\n'
          '\n')

@@ -900,8 +926,44 @@ def _WritePolicyConstantSource(policies, os, f, risk_tags):
    # so that these names can be conditional on 'policy.is_supported'.
    # http://crbug.com/223616
    f.write('const char k{name}[] = "{name}";\n'.format(name=policy.name))
-  f.write('\n}  // namespace key\n\n'
-          '}  // namespace policy\n')
+  f.write('\n}  // namespace key\n\n')
+
+  supported_user_policies = [p for p in policies
+                             if p.is_supported and not p.is_device_only]
+  protobuf_types = _GetProtobufTypes(supported_user_policies)
+  for protobuf_type in protobuf_types:
+    _WriteChromePolicyAccessSource(supported_user_policies, f, protobuf_type)
+
+  f.write('\n}  // namespace policy\n')
+
+# Return the StringPolicyType enum value for a particular policy type.
+def _GetStringPolicyType(policy_type):
+  if policy_type == 'Type::STRING':
+    return 'StringPolicyType::STRING'
+  elif policy_type == 'Type::DICTIONARY':
+    return 'StringPolicyType::JSON'
+  elif policy_type == 'TYPE_EXTERNAL':
+    return 'StringPolicyType::EXTERNAL'
+  raise RuntimeError('Invalid string type: ' + policy_type + '!\n')
+
+# Writes an array that contains the pointers to the proto field for each policy
+# in |policies| of the given |protobuf_type|.
+def _WriteChromePolicyAccessSource(policies, f, protobuf_type):
+  f.write('const %sPolicyAccess k%sPolicyAccess[] = {\n'
+          % (protobuf_type, protobuf_type))
+  extra_args = ''
+  for policy in policies:
+    if policy.policy_protobuf_type == protobuf_type:
+      name = policy.name
+      if protobuf_type == 'String':
+          extra_args = ',\n   ' + _GetStringPolicyType(policy.policy_type)
+      f.write('  {key::k%s,\n'
+              '   &em::CloudPolicySettings::has_%s,\n'
+              '   &em::CloudPolicySettings::%s%s},\n'
+              % (name, name.lower(), name.lower(), extra_args))
+  # The list is nullptr-terminated.
+  f.write('  {nullptr, nullptr, nullptr},\n'
+          '};\n\n')


 #------------------ policy risk tag header -------------------------#
@@ -1139,171 +1201,6 @@ def _WriteCloudPolicyFullRuntimeProtobuf(policies, os, f, risk_tags):
               policy.id + RESERVED_IDS))
  f.write('}\n\n')

-
-#------------------ protobuf decoder -------------------------------#
-
-# This code applies to both Active Directory and Google cloud management.
-
-CLOUD_POLICY_DECODER_CPP_HEAD = '''
-#include <limits>
-#include <memory>
-#include <utility>
-#include <string>
-
-#include "base/callback.h"
-#include "base/json/json_reader.h"
-#include "base/logging.h"
-#include "base/memory/ptr_util.h"
-#include "base/memory/weak_ptr.h"
-#include "base/values.h"
-#include "components/policy/core/common/cloud/cloud_external_data_manager.h"
-#include "components/policy/core/common/external_data_fetcher.h"
-#include "components/policy/core/common/policy_map.h"
-#include "components/policy/core/common/policy_types.h"
-#include "components/policy/policy_constants.h"
-#include "components/policy/proto/cloud_policy.pb.h"
-
-using google::protobuf::RepeatedPtrField;
-
-namespace policy {
-
-namespace em = enterprise_management;
-
-namespace {
-
-std::unique_ptr<base::Value> DecodeIntegerValue(
-    google::protobuf::int64 value, std::string* error) {
-  if (value < std::numeric_limits<int>::min() ||
-      value > std::numeric_limits<int>::max()) {
-    LOG(WARNING) << "Integer value out of numeric limits: " << value;
-    *error = "Number out of range - invalid int32";
-    return std::make_unique<base::Value>(std::to_string(value));
-  }
-
-  return base::WrapUnique(
-      new base::Value(static_cast<int>(value)));
-}
-
-std::unique_ptr<base::ListValue> DecodeStringList(
-    const em::StringList& string_list) {
-  std::unique_ptr<base::ListValue> list_value(new base::ListValue);
-  for (const auto& entry : string_list.entries())
-    list_value->AppendString(entry);
-  return list_value;
-}
-
-std::unique_ptr<base::Value> DecodeJson(const std::string& json,
-                                        std::string* error) {
-
-  std::unique_ptr<base::Value> parsed_value =
-      base::JSONReader::ReadAndReturnError(
-          json, base::JSON_ALLOW_TRAILING_COMMAS, nullptr, error);
-
-  if (!parsed_value) {
-    // Can't parse as JSON so return it as a string for the handler to validate.
-    LOG(WARNING) << "Invalid JSON: " << json;
-    return std::make_unique<base::Value>(json);
-  }
-
-  // Accept any Value type that parsed as JSON, and leave it to the handler to
-  // convert and check the concrete type.
-  error->clear();
-  return parsed_value;
-}
-
-// Returns true and sets |level| to a PolicyLevel if the policy has been set
-// at that level. Returns false if the policy is not set, or has been set at
-// the level of PolicyOptions::UNSET.
-template <class AnyPolicyProto>
-bool GetPolicyLevel(const AnyPolicyProto& policy_proto, PolicyLevel* level) {
-  if (!policy_proto.has_value()) {
-    return false;
-  }
-  if (!policy_proto.has_policy_options()) {
-    *level = POLICY_LEVEL_MANDATORY;  // Default level.
-    return true;
-  }
-  switch (policy_proto.policy_options().mode()) {
-    case em::PolicyOptions::MANDATORY:
-      *level = POLICY_LEVEL_MANDATORY;
-      return true;
-    case em::PolicyOptions::RECOMMENDED:
-      *level = POLICY_LEVEL_RECOMMENDED;
-      return true;
-    case em::PolicyOptions::UNSET:
-      return false;
-  }
-}
-
-} // namespace
-
-void DecodePolicy(const em::CloudPolicySettings& policy,
-                  base::WeakPtr<CloudExternalDataManager> external_data_manager,
-                  PolicyMap* map,
-                  PolicyScope scope) {
-'''
-
-
-CLOUD_POLICY_DECODER_CPP_FOOT = '''}
-
-}  // namespace policy
-'''
-
-
-def _CreateValue(type, arg):
-  if type == 'Type::BOOLEAN':
-    return 'new base::Value(%s)' % arg
-  elif type == 'Type::INTEGER':
-    return 'DecodeIntegerValue(%s, &error)' % arg
-  elif type == 'Type::STRING':
-    return 'new base::Value(%s)' % arg
-  elif type == 'Type::LIST':
-    return 'DecodeStringList(%s)' % arg
-  elif type == 'Type::DICTIONARY' or type == 'TYPE_EXTERNAL':
-    return 'DecodeJson(%s, &error)' % arg
-  else:
-    raise NotImplementedError('Unknown type %s' % type)
-
-
-def _CreateExternalDataFetcher(type, name):
-  if type == 'TYPE_EXTERNAL':
-    return 'new ExternalDataFetcher(external_data_manager, key::k%s)' % name
-  return 'nullptr'
-
-
-def _WriteCloudPolicyDecoderCode(f, policy):
-  membername = policy.name.lower()
-  proto_type = '%sPolicyProto' % policy.policy_protobuf_type
-  f.write('  if (policy.has_%s()) {\n' % membername)
-  f.write('    const em::%s& policy_proto = policy.%s();\n' %
-          (proto_type, membername))
-  f.write('    PolicyLevel level;\n'
-          '    if (GetPolicyLevel(policy_proto, &level)) {\n'
-          '      std::string error;\n')
-  f.write('      std::unique_ptr<base::Value> value(%s);\n' %
-          (_CreateValue(policy.policy_type, 'policy_proto.value()')))
-  f.write('      std::unique_ptr<ExternalDataFetcher>\n')
-  f.write('          external_data_fetcher(%s);\n' %
-          _CreateExternalDataFetcher(policy.policy_type, policy.name))
-  f.write('      map->Set(key::k%s, \n' % policy.name)
-  f.write('               level, \n'
-          '               scope, \n'
-          '               POLICY_SOURCE_CLOUD, \n'
-          '               std::move(value), \n'
-          '               std::move(external_data_fetcher));\n')
-  f.write('      map->SetError(key::k%s, error);\n' % policy.name)
-  f.write('    }\n'
-          '  }\n')
-
-
-def _WriteCloudPolicyDecoder(policies, os, f, risk_tags):
-  f.write(CLOUD_POLICY_DECODER_CPP_HEAD)
-  for policy in policies:
-    if policy.is_supported and not policy.is_device_only:
-      _WriteCloudPolicyDecoderCode(f, policy)
-  f.write(CLOUD_POLICY_DECODER_CPP_FOOT)
-
-
 #------------------ Chrome OS policy constants header --------------#

 # This code applies to Active Directory management only.