Extract SigninManager::IsUsernameAllowedByPolicy to a free function

This is the first step of those that will allow us remove the dependency from SigninManager::IsAllowedUsername() in the long run, as part of our effort to migrate parts of the code base to the Identity service. Note that this free function will be in the |identity| namespace even if it's actually declared & defined in signin_manager.[h|cc] for now, which should be ok since this is just a temporary situation until we get to a state where SigninManager is not used by any consumers outside //services/identity, at which point we'd simply move it to the public C++ API in there. We can't do it now, though, because doing so would create a dependency cycle as //components/signin would have to depend on //services/identity (which in turn depends on //components/signin). Bug: 906081 Change-Id: I0ec5817661c0cfd27c7a08ef67eae389beff1230 Reviewed-on: https://chromium-review.googlesource.com/c/1344145Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Commit-Queue: Mario Sanchez Prada <mario@igalia.com> Cr-Commit-Position: refs/heads/master@{#609998}

Extract SigninManager::IsUsernameAllowedByPolicy to a free function
This is the first step of those that will allow us remove the dependency from SigninManager::IsAllowedUsername() in the long run, as part of our effort to migrate parts of the code base to the Identity service. Note that this free function will be in the |identity| namespace even if it's actually declared & defined in signin_manager.[h|cc] for now, which should be ok since this is just a temporary situation until we get to a state where SigninManager is not used by any consumers outside //services/identity, at which point we'd simply move it to the public C++ API in there. We can't do it now, though, because doing so would create a dependency cycle as //components/signin would have to depend on //services/identity (which in turn depends on //components/signin). Bug: 906081 Change-Id: I0ec5817661c0cfd27c7a08ef67eae389beff1230 Reviewed-on: https://chromium-review.googlesource.com/c/1344145Reviewed-by: Sylvain Defresne <sdefresne@chromium.org> Commit-Queue: Mario Sanchez Prada <mario@igalia.com> Cr-Commit-Position: refs/heads/master@{#609998}
fa2d589a · Mario Sanchez Prada · Commit Bot · 419bd1bc · fa2d589a · fa2d589a
Commit fa2d589a authored Nov 21, 2018 by Mario Sanchez Prada Committed by Commit Bot Nov 21, 2018
Showing with 46 additions and 39 deletions

components/signin/core/browser/signin_manager.cc components/signin/core/browser/signin_manager.cc +39 -34

components/signin/core/browser/signin_manager.h components/signin/core/browser/signin_manager.h +7 -5

No files found.
--- a/components/signin/core/browser/signin_manager.cc
+++ b/components/signin/core/browser/signin_manager.cc
@@ -24,6 +24,44 @@
 #include "google_apis/gaia/google_service_auth_error.h"
 #include "third_party/icu/source/i18n/unicode/regex.h"
+namespace identity {
+bool IsUsernameAllowedByPattern(base::StringPiece username,
+                                base::StringPiece pattern) {
+  if (pattern.empty())
+    return true;
+  // Patterns like "*@foo.com" are not accepted by our regex engine (since they
+  // are not valid regular expressions - they should instead be ".*@foo.com").
+  // For convenience, detect these patterns and insert a "." character at the
+  // front.
+  base::string16 utf16_pattern = base::UTF8ToUTF16(pattern);
+  if (utf16_pattern[0] == L'*')
+    utf16_pattern.insert(utf16_pattern.begin(), L'.');
+  // See if the username matches the policy-provided pattern.
+  UErrorCode status = U_ZERO_ERROR;
+  const icu::UnicodeString icu_pattern(FALSE, utf16_pattern.data(),
+                                       utf16_pattern.length());
+  icu::RegexMatcher matcher(icu_pattern, UREGEX_CASE_INSENSITIVE, status);
+  if (!U_SUCCESS(status)) {
+    LOG(ERROR) << "Invalid login regex: " << utf16_pattern
+               << ", status: " << status;
+    // If an invalid pattern is provided, then prohibit *all* logins (better to
+    // break signin than to quietly allow users to sign in).
+    return false;
+  }
+  // The default encoding is UTF-8 in Chromium's ICU.
+  icu::UnicodeString icu_input(username.data());
+  matcher.reset(icu_input);
+  status = U_ZERO_ERROR;
+  UBool match = matcher.matches(status);
+  DCHECK(U_SUCCESS(status));
+  return !!match;  // !! == convert from UBool to bool.
+}
+}  // namespace identity
 SigninManager::SigninManager(
    SigninClient* client,
    ProfileOAuth2TokenService* token_service,
@@ -334,39 +372,6 @@ void SigninManager::OnSigninAllowedPrefChanged() {
            signin_metrics::SignoutDelete::IGNORE_METRIC);
 }
-// static
-bool SigninManager::IsUsernameAllowedByPolicy(const std::string& username,
-                                              const std::string& policy) {
-  if (policy.empty())
-    return true;
-  // Patterns like "*@foo.com" are not accepted by our regex engine (since they
-  // are not valid regular expressions - they should instead be ".*@foo.com").
-  // For convenience, detect these patterns and insert a "." character at the
-  // front.
-  base::string16 pattern = base::UTF8ToUTF16(policy);
-  if (pattern[0] == L'*')
-    pattern.insert(pattern.begin(), L'.');
-  // See if the username matches the policy-provided pattern.
-  UErrorCode status = U_ZERO_ERROR;
-  const icu::UnicodeString icu_pattern(FALSE, pattern.data(), pattern.length());
-  icu::RegexMatcher matcher(icu_pattern, UREGEX_CASE_INSENSITIVE, status);
-  if (!U_SUCCESS(status)) {
-    LOG(ERROR) << "Invalid login regex: " << pattern << ", status: " << status;
-    // If an invalid pattern is provided, then prohibit *all* logins (better to
-    // break signin than to quietly allow users to sign in).
-    return false;
-  }
-  // The default encoding is UTF-8 in Chromium's ICU.
-  icu::UnicodeString icu_input(username.data());
-  matcher.reset(icu_input);
-  status = U_ZERO_ERROR;
-  UBool match = matcher.matches(status);
-  DCHECK(U_SUCCESS(status));
-  return !!match;  // !! == convert from UBool to bool.
-}
 // static
 SigninManager* SigninManager::FromSigninManagerBase(
    SigninManagerBase* manager) {
@@ -380,7 +385,7 @@ bool SigninManager::IsAllowedUsername(const std::string& username) const {
  std::string pattern =
      local_state->GetString(prefs::kGoogleServicesUsernamePattern);
-  return IsUsernameAllowedByPolicy(username, pattern);
+  return identity::IsUsernameAllowedByPattern(username, pattern);
 }
 bool SigninManager::AuthInProgress() const {

--- a/components/signin/core/browser/signin_manager.h
+++ b/components/signin/core/browser/signin_manager.h
@@ -31,6 +31,7 @@
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/observer_list.h"
+#include "base/strings/string_piece.h"
 #include "components/keyed_service/core/keyed_service.h"
 #include "components/prefs/pref_change_registrar.h"
 #include "components/prefs/pref_member.h"
@@ -52,8 +53,13 @@ class SigninClient;
 class SigninErrorController;
 namespace identity {
 class IdentityManager;
-}
+// Returns true if the username is allowed based on the pattern string.
+bool IsUsernameAllowedByPattern(base::StringPiece username,
+                                base::StringPiece pattern);
+}  // namespace identity
 class SigninManager : public SigninManagerBase,
                      public AccountTrackerService::Observer,
@@ -90,10 +96,6 @@ class SigninManager : public SigninManagerBase,
                signin::AccountConsistencyMethod account_consistency);
  ~SigninManager() override;
-  // Returns true if the username is allowed based on the policy string.
-  static bool IsUsernameAllowedByPolicy(const std::string& username,
-                                        const std::string& policy);
  // Returns |manager| as a SigninManager instance. Relies on the fact that on
  // platforms where signin_manager.* is built, all SigninManagerBase instances
  // are actually SigninManager instances.