Adding a DownloadRestrictions group policy.

components/policy/resources/policy_templates.json

Index: components/policy/resources/policy_templates.json
diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json
index 134ba1d5e0feafaac85b6b4192418d6352b5fe1d..070503d0b716c9cce3a5917569726651fe88a931 100644
--- a/components/policy/resources/policy_templates.json
+++ b/components/policy/resources/policy_templates.json
@@ -139,7 +139,7 @@
 #   persistent IDs for all fields (but not for groups!) are needed. These are
 #   specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,
 #   because doing so would break the deployed wire format!
-#   For your editing convenience: highest ID currently used: 365
+#   For your editing convenience: highest ID currently used: 366
 #   And don't forget to also update the EnterprisePolicies enum of
 #   histograms.xml.
 #
@@ -296,7 +296,7 @@
           'name': 'NewTabPageLocation',
           'type': 'string',
           'schema': { 'type': 'string' },
-          'supported_on': ['chrome.*:57-', 'chrome_os:57-'],
+          'supported_on': ['chrome.*:58-', 'chrome_os:58-'],
           'features': {
             'can_be_recommended': True,
             'dynamic_refresh': True,
@@ -1689,6 +1689,60 @@
       'label': '''Set media disk cache size''',
     },
     {
+      'name': 'DownloadRestrictions',
+      'type': 'int-enum',
+      'schema': {
+        'type': 'integer',
+        'enum': [ 0, 1, 2, 3 ],
+      },
+      'items': [
+        {
+          'name': 'AllowDownloads',
+          'value': 0,
+          'caption': '''No restrictions''',
+        },
+        {
+          'name': 'DisableBlockedFiles',
+          'value': 1,
+          'caption': '''Disable blocked files''',
+        },
+        {
+          'name': 'DisableBlockedAndDangerousFiles',
+          'value': 2,
+          'caption': '''Disable blocked and dangerous files''',
+        },
+        {
+          'name': 'DisableDownloads',
+          'value': 3,
+          'caption': '''No downloads allowed''',
+        },
+      ],
+      'supported_on': ['chrome.*:58-', 'chrome_os:58-'],
+      'features': {
+        'can_be_recommended': True,
+        'dynamic_refresh': True,
+        'per_profile': True,
+      },
+      'example_value': 2,
+      'id': 366,
+      'caption': '''Allow download restrictions''',
+      'tags': ['local-data-access'],
+      'desc': '''Configures the type of downloads that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will allow.
+
+      If you set this policy, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will prevent certain types of downloads.
+
+      When the 'Disabled blocked files' option is chosen, all downloads are allowed, except for those that carry SafeBrowsing warnings.
+
+      When the 'Disable blocked and dangerous files' option is chosen, all downloads allowed, except for those that carry SafeBrowsing warnings or are of potentially dangerous filetypes.
+
+      When the 'No downloads allowed' option is chosen, download functionality is completely disabled.
+
+      Note that these restrictions apply to downloads triggered from web page content, as well as the 'download link...' context menu option.
+
+      But these restrictions do not apply to the save / download of the currently displayed page, nor does it apply to saving as PDF from the printing options.''',
+      'label': '''Download restrictions''',
+    },
+    {
       'name': 'DownloadDirectory',
       'type': 'string',
       'schema': { 'type': 'string' },