ios/chrome/browser/policy/ui_bundled/management_util.mm - chromium/src - Git at Google

 // Copyright 2024 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #import "ios/chrome/browser/policy/ui_bundled/management_util.h"

 #import <UIKit/UIKit.h>

 #import "base/strings/string_split.h"
 #import "components/account_id/account_id.h"
 #import "components/policy/core/browser/policy_data_utils.h"
 #import "components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.h"
 #import "components/policy/core/common/cloud/user_cloud_policy_manager.h"
 #import "components/signin/public/identity_manager/account_info.h"
 #import "components/signin/public/identity_manager/account_managed_status_finder.h"
 #import "components/signin/public/identity_manager/identity_manager.h"
 #import "google_apis/gaia/gaia_auth_util.h"
 #import "ios/chrome/browser/policy/model/browser_policy_connector_ios.h"
 #import "ios/chrome/browser/policy/ui_bundled/user_policy_util.h"
 #import "ios/chrome/browser/shared/model/application_context/application_context.h"
 #import "ios/chrome/browser/shared/model/profile/features.h"
 #import "ios/chrome/browser/shared/model/profile/profile_ios.h"
 #import "ios/chrome/browser/signin/model/authentication_service.h"
 #import "ios/chrome/grit/ios_branded_strings.h"
 #import "ios/chrome/grit/ios_strings.h"
 #import "ui/base/l10n/l10n_util_mac.h"

 namespace {

 // Gets the AccountId from the provided `account_info`.
 AccountId AccountIdFromAccountInfo(const CoreAccountInfo& account_info) {
   if (account_info.email.empty() || account_info.gaia.empty()) {
     return EmptyAccountId();
   }

   return AccountId::FromUserEmailGaiaId(
       gaia::CanonicalizeEmail(account_info.email), account_info.gaia);
 }

 // Extracts the domain from the email. Returns std::nullopt if there is no
 // domain.
 std::optional<std::string> ExtractDomainFromEmail(const std::string& email) {
   std::vector<std::string> components = base::SplitString(
       email, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
   if (components.size() != 2) {
     return std::nullopt;
   }
   const std::string domain = components[1];
   if (domain.empty()) {
     return std::nullopt;
   }

   return domain;
 }

 std::optional<std::string> GetMachineLevelPolicyDomain() {
   policy::MachineLevelUserCloudPolicyManager* manager =
       GetApplicationContext()
           ->GetBrowserPolicyConnector()
           ->machine_level_user_cloud_policy_manager();
   return policy::GetManagedBy(manager);
 }

 std::optional<std::string> GetUserPolicyDomain(
     signin::IdentityManager* identity_manager,
     AuthenticationService* auth_service,
     PrefService* prefs) {
   if (!CanFetchUserPolicy(auth_service, prefs)) {
     return std::nullopt;
   }

   AccountId account_id = AccountIdFromAccountInfo(
       identity_manager->GetPrimaryAccountInfo(signin::ConsentLevel::kSignin));

   const std::string user_email = account_id.GetUserEmail();

   if (user_email.empty()) {
     return std::nullopt;
   }

   if (!signin::AccountManagedStatusFinder::MayBeEnterpriseUserBasedOnEmail(
           user_email)) {
     return std::nullopt;
   }

   return ExtractDomainFromEmail(user_email);
 }

 }  // namespace

 ManagementState GetManagementState(signin::IdentityManager* identity_manager,
                                    AuthenticationService* auth_service,
                                    PrefService* prefs) {
   ManagementState management_state;
   management_state.machine_level_domain = GetMachineLevelPolicyDomain();
   management_state.user_level_domain =
       GetUserPolicyDomain(identity_manager, auth_service, prefs);

   BrowserPolicyConnectorIOS* policy_connector =
       GetApplicationContext()->GetBrowserPolicyConnector();
   management_state.has_machine_level_policy =
       policy_connector && policy_connector->HasMachineLevelPolicies();

   return management_state;
 }

 NSString* GetManagementDescription(ManagementState management_state) {
   if (!management_state.is_managed()) {
     return nil;
   }
   if (AreSeparateProfilesForManagedAccountsEnabled()) {
     if (management_state.is_profile_managed() &&
         !management_state.is_managed_by_same_entity()) {
       return l10n_util::GetNSString(IDS_IOS_ENTERPRISE_ACCOUNT_MANAGED);
     }
     return l10n_util::GetNSString(IDS_IOS_ENTERPRISE_BROWSER_MANAGED);
   }

   return management_state.is_profile_managed()
              ? l10n_util::GetNSString(
                    IDS_IOS_ENTERPRISE_MANAGED_BY_YOUR_ORGANIZATION)
              : nil;
 }
	// Copyright 2024 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#import "ios/chrome/browser/policy/ui_bundled/management_util.h"

	#import <UIKit/UIKit.h>

	#import "base/strings/string_split.h"
	#import "components/account_id/account_id.h"
	#import "components/policy/core/browser/policy_data_utils.h"
	#import "components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.h"
	#import "components/policy/core/common/cloud/user_cloud_policy_manager.h"
	#import "components/signin/public/identity_manager/account_info.h"
	#import "components/signin/public/identity_manager/account_managed_status_finder.h"
	#import "components/signin/public/identity_manager/identity_manager.h"
	#import "google_apis/gaia/gaia_auth_util.h"
	#import "ios/chrome/browser/policy/model/browser_policy_connector_ios.h"
	#import "ios/chrome/browser/policy/ui_bundled/user_policy_util.h"
	#import "ios/chrome/browser/shared/model/application_context/application_context.h"
	#import "ios/chrome/browser/shared/model/profile/features.h"
	#import "ios/chrome/browser/shared/model/profile/profile_ios.h"
	#import "ios/chrome/browser/signin/model/authentication_service.h"
	#import "ios/chrome/grit/ios_branded_strings.h"
	#import "ios/chrome/grit/ios_strings.h"
	#import "ui/base/l10n/l10n_util_mac.h"

	namespace {

	// Gets the AccountId from the provided `account_info`.
	AccountId AccountIdFromAccountInfo(const CoreAccountInfo& account_info) {
	if (account_info.email.empty() \|\| account_info.gaia.empty()) {
	return EmptyAccountId();
	}

	return AccountId::FromUserEmailGaiaId(
	gaia::CanonicalizeEmail(account_info.email), account_info.gaia);
	}

	// Extracts the domain from the email. Returns std::nullopt if there is no
	// domain.
	std::optional<std::string> ExtractDomainFromEmail(const std::string& email) {
	std::vector<std::string> components = base::SplitString(
	email, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
	if (components.size() != 2) {
	return std::nullopt;
	}
	const std::string domain = components[1];
	if (domain.empty()) {
	return std::nullopt;
	}

	return domain;
	}

	std::optional<std::string> GetMachineLevelPolicyDomain() {
	policy::MachineLevelUserCloudPolicyManager* manager =
	GetApplicationContext()
	->GetBrowserPolicyConnector()
	->machine_level_user_cloud_policy_manager();
	return policy::GetManagedBy(manager);
	}

	std::optional<std::string> GetUserPolicyDomain(
	signin::IdentityManager* identity_manager,
	AuthenticationService* auth_service,
	PrefService* prefs) {
	if (!CanFetchUserPolicy(auth_service, prefs)) {
	return std::nullopt;
	}

	AccountId account_id = AccountIdFromAccountInfo(
	identity_manager->GetPrimaryAccountInfo(signin::ConsentLevel::kSignin));

	const std::string user_email = account_id.GetUserEmail();

	if (user_email.empty()) {
	return std::nullopt;
	}

	if (!signin::AccountManagedStatusFinder::MayBeEnterpriseUserBasedOnEmail(
	user_email)) {
	return std::nullopt;
	}

	return ExtractDomainFromEmail(user_email);
	}

	} // namespace

	ManagementState GetManagementState(signin::IdentityManager* identity_manager,
	AuthenticationService* auth_service,
	PrefService* prefs) {
	ManagementState management_state;
	management_state.machine_level_domain = GetMachineLevelPolicyDomain();
	management_state.user_level_domain =
	GetUserPolicyDomain(identity_manager, auth_service, prefs);

	BrowserPolicyConnectorIOS* policy_connector =
	GetApplicationContext()->GetBrowserPolicyConnector();
	management_state.has_machine_level_policy =
	policy_connector && policy_connector->HasMachineLevelPolicies();

	return management_state;
	}

	NSString* GetManagementDescription(ManagementState management_state) {
	if (!management_state.is_managed()) {
	return nil;
	}
	if (AreSeparateProfilesForManagedAccountsEnabled()) {
	if (management_state.is_profile_managed() &&
	!management_state.is_managed_by_same_entity()) {
	return l10n_util::GetNSString(IDS_IOS_ENTERPRISE_ACCOUNT_MANAGED);
	}
	return l10n_util::GetNSString(IDS_IOS_ENTERPRISE_BROWSER_MANAGED);
	}

	return management_state.is_profile_managed()
	? l10n_util::GetNSString(
	IDS_IOS_ENTERPRISE_MANAGED_BY_YOUR_ORGANIZATION)
	: nil;
	}