Ignore updates policy for the updater itself.

Bug: 330548757
Change-Id: Ibc7bdec3ace359a8132922b8a01374500474af93
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5383771
Commit-Queue: Xiaoling Bao <xiaolingbao@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1275898}

chrome/updater/policy/service.cc

@@ -264,6 +264,9 @@ PolicyStatus<int> PolicyService::GetPolicyForAppInstalls(
 PolicyStatus<int> PolicyService::GetPolicyForAppUpdates(
     const std::string& app_id) const {
   DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
+  if (app_id == kUpdaterAppId) {
+    return {};  // Self-updates for the updater can't be disabled by policy.
+  }
   return QueryAppPolicy(
       &PolicyManagerInterface::GetEffectivePolicyForAppUpdates, app_id);
 }

chrome/updater/test/integration_tests_impl.cc

@@ -232,7 +232,8 @@ void ExpectUpdateCheckSequence(UpdaterScope scope,
        request::GetContentMatcher(
            {base::StringPrintf(R"(.*"appid":"%s".*)", app_id.c_str())}),
        request::GetScopeMatcher(scope),
-       request::GetAppPriorityMatcher(app_id, priority)},
+       request::GetAppPriorityMatcher(app_id, priority),
+       request::GetUpdaterEnableUpdatesMatcher()},
       GetUpdateResponse(app_id, "", test_server->download_url().spec(),
                         to_version, crx_path, kDoNothingCRXRun, {}));
 
@@ -278,7 +279,8 @@ void ExpectUpdateSequence(UpdaterScope scope,
                       install_data_index.c_str())
                       .c_str()}),
        request::GetScopeMatcher(scope),
-       request::GetAppPriorityMatcher(app_id, priority)},
+       request::GetAppPriorityMatcher(app_id, priority),
+       request::GetUpdaterEnableUpdatesMatcher()},
       GetUpdateResponse(app_id, install_data_index,
                         test_server->download_url().spec(), to_version,
                         crx_path, kDoNothingCRXRun, {}));
@@ -599,7 +601,8 @@ void ExpectAppsUpdateSequence(UpdaterScope scope,
                            request::GetUpdaterUserAgentMatcher(),
                            request::GetContentMatcher(attributes),
                            request::GetContentMatcher(app_requests),
-                           request::GetScopeMatcher(scope)},
+                           request::GetScopeMatcher(scope),
+                           request::GetUpdaterEnableUpdatesMatcher()},
                           GetUpdateResponse(app_responses));
 
   for (const AppUpdateExpectation& app : apps) {

chrome/updater/test/request_matcher.cc

@@ -16,6 +16,7 @@
 #include "base/strings/stringprintf.h"
 #include "base/test/bind.h"
 #include "base/values.h"
+#include "chrome/updater/constants.h"
 #include "chrome/updater/test/http_request.h"
 #include "chrome/updater/update_service.h"
 #include "chrome/updater/updater_scope.h"
@@ -163,6 +164,39 @@ Matcher GetAppPriorityMatcher(const std::string& app_id,
   });
 }
 
+Matcher GetUpdaterEnableUpdatesMatcher() {
+  return base::BindLambdaForTesting([](const HttpRequest& request) {
+    const bool update_disabled = [&request] {
+      const std::optional<base::Value> doc =
+          base::JSONReader::Read(request.decoded_content);
+      if (!doc || !doc->is_dict()) {
+        return false;
+      }
+      const base::Value::List* app_list =
+          doc->GetDict().FindListByDottedPath("request.app");
+      if (!app_list) {
+        return false;
+      }
+      for (const base::Value& app : *app_list) {
+        if (const auto* dict = app.GetIfDict()) {
+          if (const auto* appid = dict->FindString("appid");
+              *appid == kUpdaterAppId) {
+            if (const auto* update_check = dict->FindDict("updatecheck")) {
+              return update_check->FindBool("updatedisabled").value_or(false);
+            }
+          }
+        }
+      }
+      return false;
+    }();
+    if (update_disabled) {
+      ADD_FAILURE() << R"(Update is wrongfully disabled for updater itself: )"
+                    << GetPrintableContent(request);
+    }
+    return !update_disabled;
+  });
+}
+
 Matcher GetMultipartContentMatcher(
     const std::vector<FormExpectations>& form_expections) {
   return base::BindLambdaForTesting([form_expections](

chrome/updater/test/request_matcher.h

@@ -52,6 +52,9 @@ Matcher GetUpdaterUserAgentMatcher();
 [[nodiscard]] Matcher GetAppPriorityMatcher(const std::string& app_id,
                                             UpdateService::Priority priority);
 
+// Returns a matcher which checks that update is enabled for updater itself.
+[[nodiscard]] Matcher GetUpdaterEnableUpdatesMatcher();
+
 // Defines the expectations of a form in a multipart content.
 struct FormExpectations {
   FormExpectations(const std::string& name, std::vector<std::string> regexes);

docs/updater/functional_spec.md

@@ -887,10 +887,22 @@ be effective.
 
 ### Enterprise Policies
 Enterprise policies can prevent the installation of applications:
-*   A per-application setting may specify whether an application is installable.
+
-*   If no per-application setting specifies otherwise, the default install
+* A per-application setting may specify whether an application is installable.
-    policy is used.
+* If no per-application setting specifies otherwise, the default install
-*   If the default install policy is unset, the application may be installed.
+  policy is used.
+* If the default install policy is unset, the application may be installed.
+
+Enterprise policies can control the updates of applications:
+
+* Update policy can be set to be always enabled, automatic updates only, manual
+  updates only or disabled.
+* Update policy can be set per-application.
+* If no per-application setting specifies otherwise, the default update
+  policy is used.
+* If the default update policy is unset, the application may be updated.
+* Updates are always enabled for the updater itself and can't be disabled by
+  policy..
 
 Refer to chrome/updater/protos/omaha\_settings.proto for more details.