Remove cloud_policy_generated.cc

Store enough metadata in policy_constants.cc that we can
use it to decode policies, and so don't need to generate any
more code in cloud_policy_generated.cc

The metadata required to decode a policy from a proto is
the key, the type (both the raw type ie integer or string,
and also whether it is JSON or external), and pointers to
both has_policyproto() and policyproto() functions, where
policyproto is the message field that holds this policy.

The metadata that is stored in policy_constants.cc looks like so -
the lines starting with &em are function pointers into the
CloudPolicySettings proto:

constexpr BooleanPolicyAccess kBooleanPolicyAccess[] = {
  {key::kAbusiveExperienceInterventionEnforce,
   &em::CloudPolicySettings::has_abusiveexperienceinterventionenforce,
   &em::CloudPolicySettings::abusiveexperienceinterventionenforce},
  {key::kAllowCrossOriginAuthPrompt,
   &em::CloudPolicySettings::has_allowcrossoriginauthprompt,
   &em::CloudPolicySettings::allowcrossoriginauthprompt},
  ...
  {nullptr, nullptr, nullptr},
};

constexpr IntegerPolicyAccess kIntegerPolicyAccess[] = {
  {key::kAdsSettingForIntrusiveAdsSites,
   &em::CloudPolicySettings::has_adssettingforintrusiveadssites,
   &em::CloudPolicySettings::adssettingforintrusiveadssites},
  {key::kArcBackupRestoreServiceEnabled,
   &em::CloudPolicySettings::has_arcbackuprestoreserviceenabled,
   &em::CloudPolicySettings::arcbackuprestoreserviceenabled},
  ...
  {nullptr, nullptr, nullptr},
};

constexpr StringPolicyAccess kStringPolicyAccess[] = {
  {key::kAllowedDomainsForApps,
   &em::CloudPolicySettings::has_alloweddomainsforapps,
   &em::CloudPolicySettings::alloweddomainsforapps,
   StringPolicyType::STRING},
  {key::kContentPackManualBehaviorHosts,
   &em::CloudPolicySettings::has_contentpackmanualbehaviorhosts,
   &em::CloudPolicySettings::contentpackmanualbehaviorhosts,
   StringPolicyType::JSON},
  {key::kNativePrintersBulkConfiguration,
   &em::CloudPolicySettings::has_nativeprintersbulkconfiguration,
   &em::CloudPolicySettings::nativeprintersbulkconfiguration,
   StringPolicyType::EXTERNAL},
  ...
  {nullptr, nullptr, nullptr},
};

constexpr StringListPolicyAccess kStringListPolicyAccess[] = {
  {key::kAllowedInputMethods,
   &em::CloudPolicySettings::has_allowedinputmethods,
   &em::CloudPolicySettings::allowedinputmethods},
  ...
  {nullptr, nullptr, nullptr},
};


Bug: 852366
Change-Id: I1b8a0ebc0c6d5019e63d81a4cb7e1cd1cb461bb3
Reviewed-on: https://chromium-review.googlesource.com/1110219
Commit-Queue: A Olsen <olsen@chromium.org>
Reviewed-by: Lutz Justen <ljusten@chromium.org>
Cr-Commit-Position: refs/heads/master@{#572212}

components/policy/BUILD.gn

@@ -78,7 +78,6 @@ chrome_settings_full_runtime_proto_path =
 
 constants_header_path = "$target_gen_dir/policy_constants.h"
 constants_source_path = "$target_gen_dir/policy_constants.cc"
-protobuf_decoder_path = "$target_gen_dir/cloud_policy_generated.cc"
 app_restrictions_path = "$target_gen_dir/app_restrictions.xml"
 risk_tag_header_path = "$target_gen_dir/risk_tag.h"
 
@@ -100,7 +99,6 @@ action("cloud_policy_code_generate") {
   outputs = [
     constants_header_path,
     constants_source_path,
-    protobuf_decoder_path,
     chrome_settings_proto_path,
     cloud_policy_proto_path,
     app_restrictions_path,
@@ -120,8 +118,6 @@ action("cloud_policy_code_generate") {
         rebase_path(chrome_settings_proto_path, root_build_dir),
     "--cloud-policy-protobuf=" +
         rebase_path(cloud_policy_proto_path, root_build_dir),
-    "--cloud-policy-decoder=" +
-        rebase_path(protobuf_decoder_path, root_build_dir),
     "--app-restrictions-definition=" +
         rebase_path(app_restrictions_path, root_build_dir),
     "--risk-tag-header=" + rebase_path(risk_tag_header_path, root_build_dir),
@@ -334,7 +330,6 @@ static_library("generated") {
   sources = [
     constants_header_path,
     constants_source_path,
-    protobuf_decoder_path,
     risk_tag_header_path,
   ]
 

components/policy/core/common/BUILD.gn

@@ -108,6 +108,8 @@ source_set("internal") {
     "policy_namespace.h",
     "policy_pref_names.cc",
     "policy_pref_names.h",
+    "policy_proto_decoders.cc",
+    "policy_proto_decoders.h",
     "policy_service.cc",
     "policy_service.h",
     "policy_service_impl.cc",

components/policy/core/common/cloud/user_cloud_policy_store_base.cc

@@ -10,17 +10,11 @@
 #include "components/policy/core/common/cloud/cloud_external_data_manager.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
 #include "components/policy/core/common/policy_map.h"
+#include "components/policy/core/common/policy_proto_decoders.h"
 #include "components/policy/proto/cloud_policy.pb.h"
 
 namespace policy {
 
-// Decodes a CloudPolicySettings object into a policy map. The implementation is
-// generated code in policy/cloud_policy_generated.cc.
-void DecodePolicy(const enterprise_management::CloudPolicySettings& policy,
-                  base::WeakPtr<CloudExternalDataManager> external_data_manager,
-                  PolicyMap* policies,
-                  PolicyScope scope);
-
 UserCloudPolicyStoreBase::UserCloudPolicyStoreBase(
     scoped_refptr<base::SequencedTaskRunner> background_task_runner,
     PolicyScope policy_scope)
@@ -51,7 +45,8 @@ void UserCloudPolicyStoreBase::InstallPolicy(
     const std::string& policy_signature_public_key) {
   // Decode the payload.
   policy_map_.Clear();
-  DecodePolicy(*payload, external_data_manager(), &policy_map_, policy_scope_);
+  DecodeProtoFields(*payload, external_data_manager(), POLICY_SOURCE_CLOUD,
+                    policy_scope_, &policy_map_);
   policy_ = std::move(policy_data);
   policy_signature_public_key_ = policy_signature_public_key;
 }

components/policy/core/common/policy_proto_decoders.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/policy/core/common/policy_proto_decoders.h"
+
+#include <limits>
+#include <memory>
+
+#include "base/json/json_reader.h"
+#include "base/logging.h"
+#include "base/values.h"
+#include "components/policy/core/common/cloud/cloud_external_data_manager.h"
+#include "components/policy/core/common/policy_map.h"
+#include "components/policy/policy_constants.h"
+#include "components/policy/proto/cloud_policy.pb.h"
+
+namespace policy {
+
+namespace em = enterprise_management;
+
+namespace {
+
+// Returns true and sets |level| to a PolicyLevel if the policy has been set
+// at that level. Returns false if the policy is not set, or has been set at
+// the level of PolicyOptions::UNSET.
+template <class AnyPolicyProto>
+bool GetPolicyLevel(const AnyPolicyProto& policy_proto, PolicyLevel* level) {
+  if (!policy_proto.has_value()) {
+    return false;
+  }
+  if (!policy_proto.has_policy_options()) {
+    *level = POLICY_LEVEL_MANDATORY;  // Default level.
+    return true;
+  }
+  switch (policy_proto.policy_options().mode()) {
+    case em::PolicyOptions::MANDATORY:
+      *level = POLICY_LEVEL_MANDATORY;
+      return true;
+    case em::PolicyOptions::RECOMMENDED:
+      *level = POLICY_LEVEL_RECOMMENDED;
+      return true;
+    case em::PolicyOptions::UNSET:
+      return false;
+  }
+}
+
+// Convert a BooleanPolicyProto to a bool base::Value.
+std::unique_ptr<base::Value> DecodeBooleanProto(
+    const em::BooleanPolicyProto& proto) {
+  return std::make_unique<base::Value>(proto.value());
+}
+
+// Convert an IntegerPolicyProto to an int base::Value.
+std::unique_ptr<base::Value> DecodeIntegerProto(
+    const em::IntegerPolicyProto& proto,
+    std::string* error) {
+  google::protobuf::int64 value = proto.value();
+
+  if (value < std::numeric_limits<int>::min() ||
+      value > std::numeric_limits<int>::max()) {
+    LOG(WARNING) << "Integer value " << value << " out of numeric limits";
+    *error = "Number out of range - invalid int32";
+    return std::make_unique<base::Value>(std::to_string(value));
+  }
+
+  return std::make_unique<base::Value>(static_cast<int>(value));
+}
+
+// Convert a StringPolicyProto to a string base::Value.
+std::unique_ptr<base::Value> DecodeStringProto(
+    const em::StringPolicyProto& proto) {
+  return std::make_unique<base::Value>(proto.value());
+}
+
+// Convert a StringListPolicyProto to a List base::Value, where each list value
+// is of Type::STRING.
+std::unique_ptr<base::Value> DecodeStringListProto(
+    const em::StringListPolicyProto& proto) {
+  auto list_value = std::make_unique<base::ListValue>();
+  for (const auto& entry : proto.value().entries())
+    list_value->AppendString(entry);
+  return std::move(list_value);
+}
+
+// Convert a StringPolicyProto to a base::Value of any type (for example,
+// Type::DICTIONARY or Type::LIST) by parsing it as JSON.
+std::unique_ptr<base::Value> DecodeJsonProto(const em::StringPolicyProto& proto,
+                                             std::string* error) {
+  const std::string& json = proto.value();
+  std::unique_ptr<base::Value> parsed_value =
+      base::JSONReader::ReadAndReturnError(
+          json, base::JSON_ALLOW_TRAILING_COMMAS, nullptr, error);
+
+  if (!parsed_value) {
+    // Can't parse as JSON so return it as a string, and leave it to the handler
+    // to validate.
+    LOG(WARNING) << "Invalid JSON: " << json;
+    return std::make_unique<base::Value>(json);
+  }
+
+  // Accept any Value type that parsed as JSON, and leave it to the handler to
+  // convert and check the concrete type.
+  error->clear();
+  return parsed_value;
+}
+
+}  // namespace
+
+void DecodeProtoFields(
+    const em::CloudPolicySettings& policy,
+    base::WeakPtr<CloudExternalDataManager> external_data_manager,
+    PolicySource source,
+    PolicyScope scope,
+    PolicyMap* map) {
+  PolicyLevel level;
+
+  // Access arrays are terminated by a struct that contains only nullptrs.
+  for (const BooleanPolicyAccess* access = &kBooleanPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::BooleanPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    map->Set(access->policy_key, level, scope, source,
+             DecodeBooleanProto(proto), nullptr);
+  }
+
+  for (const IntegerPolicyAccess* access = &kIntegerPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::IntegerPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    std::string error;
+    map->Set(access->policy_key, level, scope, source,
+             DecodeIntegerProto(proto, &error), nullptr);
+    if (!error.empty())
+      map->SetError(access->policy_key, error);
+  }
+
+  for (const StringPolicyAccess* access = &kStringPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::StringPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    std::string error;
+    std::unique_ptr<base::Value> value =
+        (access->type == StringPolicyType::STRING)
+            ? DecodeStringProto(proto)
+            : DecodeJsonProto(proto, &error);
+
+    std::unique_ptr<ExternalDataFetcher> external_data_fetcher =
+        (access->type == StringPolicyType::EXTERNAL)
+            ? std::make_unique<ExternalDataFetcher>(external_data_manager,
+                                                    access->policy_key)
+            : nullptr;
+
+    map->Set(access->policy_key, level, scope, source, std::move(value),
+             std::move(external_data_fetcher));
+    if (!error.empty())
+      map->SetError(access->policy_key, error);
+  }
+
+  for (const StringListPolicyAccess* access = &kStringListPolicyAccess[0];
+       access->policy_key; access++) {
+    if (!(policy.*access->has_proto)())
+      continue;
+
+    const em::StringListPolicyProto& proto = (policy.*access->get_proto)();
+    if (!GetPolicyLevel(proto, &level))
+      continue;
+
+    map->Set(access->policy_key, level, scope, source,
+             DecodeStringListProto(proto), nullptr);
+  }
+}
+
+}  // namespace policy
\ No newline at end of file

components/policy/core/common/policy_proto_decoders.h

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_
+#define COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_
+
+#include <string>
+
+#include "base/memory/weak_ptr.h"
+#include "components/policy/core/common/policy_types.h"
+
+namespace enterprise_management {
+class CloudPolicySettings;
+}  // namespace enterprise_management
+
+namespace policy {
+
+class CloudExternalDataManager;
+class PolicyMap;
+
+// Decode all of the fields in |policy| which are recognized (see the metadata
+// in policy_constants.cc) and store them in the given |map|, with the given
+// |source| and |scope|.
+void DecodeProtoFields(
+    const enterprise_management::CloudPolicySettings& policy,
+    base::WeakPtr<CloudExternalDataManager> external_data_manager,
+    PolicySource source,
+    PolicyScope scope,
+    PolicyMap* map);
+
+}  // namespace policy
+
+#endif  // COMPONENTS_POLICY_CORE_COMMON_POLICY_PROTO_DECODERS_H_