Add BrowserPolicyConnector::HasMachineLevelPolicies()

It returns true when there are any policies at the machine level,
whether that's from a platform provider, or from cloud policies.

Bug: 893626, 893628
Change-Id: I6e90ff54ee400a82df04c2f671d408d04b3e3bc5
Reviewed-on: https://chromium-review.googlesource.com/c/1269764
Commit-Queue: Nicolas Ouellet-Payeur <nicolaso@chromium.org>
Reviewed-by: Maksim Ivanov <emaxx@chromium.org>
Cr-Commit-Position: refs/heads/master@{#600866}

chrome/browser/chromeos/policy/browser_policy_connector_chromeos.cc

@@ -246,6 +246,11 @@ bool BrowserPolicyConnectorChromeOS::IsEnterpriseManaged() const {
   return chromeos::InstallAttributes::Get()->IsEnterpriseManaged();
 }
 
+bool BrowserPolicyConnectorChromeOS::HasMachineLevelPolicies() {
+  NOTREACHED() << "This method is only defined for desktop Chrome";
+  return false;
+}
+
 bool BrowserPolicyConnectorChromeOS::IsCloudManaged() const {
   return chromeos::InstallAttributes::Get()->IsCloudManaged();
 }

chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h

@@ -67,6 +67,8 @@ class BrowserPolicyConnectorChromeOS
   // Checks whether this devices is under any kind of enterprise management.
   bool IsEnterpriseManaged() const override;
 
+  bool HasMachineLevelPolicies() override;
+
   // Shutdown() is called from BrowserProcessImpl::StartTearDown() but |this|
   // observes some objects that get destroyed earlier. PreShutdown() is called
   // from ChromeBrowserMainPartsChromeos::PostMainMessageLoopRun(), allowing the

chrome/browser/policy/chrome_browser_policy_connector.cc

@@ -67,6 +67,16 @@ void AddMigrators(ConfigurationPolicyProvider* provider) {
 #endif  // !defined(OS_CHROMEOS) && BUILDFLAG(ENABLE_EXTENSIONS)
 }
 
+bool ProviderHasPolicies(const ConfigurationPolicyProvider* provider) {
+  if (!provider)
+    return false;
+  for (const auto& pair : provider->policies()) {
+    if (!pair.second->empty())
+      return true;
+  }
+  return false;
+}
+
 }  // namespace
 
 ChromeBrowserPolicyConnector::ChromeBrowserPolicyConnector()
@@ -107,6 +117,16 @@ bool ChromeBrowserPolicyConnector::IsEnterpriseManaged() const {
   return false;
 }
 
+bool ChromeBrowserPolicyConnector::HasMachineLevelPolicies() {
+  if (ProviderHasPolicies(GetPlatformProvider()))
+    return true;
+#if !defined(OS_ANDROID) && !defined(OS_CHROMEOS)
+  if (ProviderHasPolicies(machine_level_user_cloud_policy_manager_))
+    return true;
+#endif  // !defined(OS_ANDROID) && !defined(OS_CHROMEOS)
+  return false;
+}
+
 void ChromeBrowserPolicyConnector::Shutdown() {
 #if !defined(OS_ANDROID) && !defined(OS_CHROMEOS)
   // Reset the controller before calling base class so that

chrome/browser/policy/chrome_browser_policy_connector.h

@@ -49,6 +49,8 @@ class ChromeBrowserPolicyConnector : public BrowserPolicyConnector {
 
   bool IsEnterpriseManaged() const override;
 
+  bool HasMachineLevelPolicies() override;
+
   void Shutdown() override;
 
   ConfigurationPolicyProvider* GetPlatformProvider();

chrome/browser/policy/chrome_browser_policy_connector_unittest.cc

+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/policy/chrome_browser_policy_connector.h"
+
+#include <memory>
+
+#include "base/values.h"
+#include "build/build_config.h"
+#include "components/policy/core/common/mock_configuration_policy_provider.h"
+#include "components/policy/core/common/policy_map.h"
+#include "components/policy/core/common/policy_types.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace policy {
+
+#if !defined(OS_CHROMEOS)
+// HasMachineLevelPolicies() is not implemented on ChromeOS.
+TEST(ChromeBrowserPolicyConnectorTest, HasMachineLevelPolicies) {
+  MockConfigurationPolicyProvider provider;
+  BrowserPolicyConnectorBase::SetPolicyProviderForTesting(&provider);
+
+  ChromeBrowserPolicyConnector connector;
+  EXPECT_FALSE(connector.HasMachineLevelPolicies());
+
+  PolicyMap map;
+  map.Set("test-policy", POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
+          POLICY_SOURCE_PLATFORM, std::make_unique<base::Value>("hello"),
+          nullptr);
+  provider.UpdateChromePolicy(map);
+  EXPECT_TRUE(connector.HasMachineLevelPolicies());
+}
+#endif  // !defined(OS_CHROMEOS)
+
+}  // namespace policy

chrome/test/BUILD.gn

@@ -2573,6 +2573,7 @@ test("unit_tests") {
     "../browser/policy/browser_dm_token_storage_mac_unittest.cc",
     "../browser/policy/browser_dm_token_storage_unittest.cc",
     "../browser/policy/browser_dm_token_storage_win_unittest.cc",
+    "../browser/policy/chrome_browser_policy_connector_unittest.cc",
     "../browser/policy/cloud/cloud_policy_invalidator_unittest.cc",
     "../browser/policy/cloud/cloud_policy_test_utils.cc",
     "../browser/policy/cloud/cloud_policy_test_utils.h",

components/policy/core/browser/browser_policy_connector.h

@@ -42,6 +42,9 @@ class POLICY_EXPORT BrowserPolicyConnector : public BrowserPolicyConnectorBase {
   // Checks whether this device is under any kind of enterprise management.
   virtual bool IsEnterpriseManaged() const = 0;
 
+  // Checks whether there are any machine-level policies configured.
+  virtual bool HasMachineLevelPolicies() = 0;
+
   // Cleans up the connector before it can be safely deleted.
   void Shutdown() override;