DLP: Add check to image capture mode.

Before capturing image (screenshot) in Capture Mode,
it should be checked whether the captured area is allowed
according to the currently set Data Leak Prevention rules.

Bug: 1133324
Test: Enable features, configure DLP policy, use Capture Mode
Change-Id: If96f9b3ba277df4ba9a316b49246bd90183d9b2c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2437437Reviewed-by: Ahmed Fakhry <afakhry@chromium.org>
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Commit-Queue: Sergey Poromov <poromov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#815270}

ash/capture_mode/capture_mode_controller.cc

@@ -290,8 +290,12 @@ void CaptureModeController::EndVideoRecording() {
 }
 
 bool CaptureModeController::IsCaptureAllowed() const {
-  // TODO(afakhry): Fill in here.
-  return true;
+  const base::Optional<CaptureParams> capture_params = GetCaptureParams();
+  if (!capture_params)
+    return false;
+  return delegate_->IsCaptureAllowed(
+      capture_params->window, capture_params->bounds,
+      /*for_video=*/type_ == CaptureModeType::kVideo);
 }
 
 base::Optional<CaptureModeController::CaptureParams>

ash/capture_mode/test_capture_mode_delegate.cc

@@ -20,4 +20,10 @@ bool TestCaptureModeDelegate::Uses24HourFormat() const {
   return false;
 }
 
+bool TestCaptureModeDelegate::IsCaptureAllowed(const aura::Window* window,
+                                               const gfx::Rect& bounds,
+                                               bool for_video) const {
+  return true;
+}
+
 }  // namespace ash

ash/capture_mode/test_capture_mode_delegate.h

@@ -20,6 +20,9 @@ class TestCaptureModeDelegate : public CaptureModeDelegate {
   base::FilePath GetActiveUserDownloadsDir() const override;
   void ShowScreenCaptureItemInFolder(const base::FilePath& file_path) override;
   bool Uses24HourFormat() const override;
+  bool IsCaptureAllowed(const aura::Window* window,
+                        const gfx::Rect& bounds,
+                        bool for_video) const override;
 };
 
 }  // namespace ash

ash/public/cpp/capture_mode_delegate.h

@@ -7,10 +7,18 @@
 
 #include "ash/public/cpp/ash_public_export.h"
 
+namespace aura {
+class Window;
+}  // namespace aura
+
 namespace base {
 class FilePath;
 }  // namespace base
 
+namespace gfx {
+class Rect;
+}  // namespace gfx
+
 namespace ash {
 
 // Defines the interface for the delegate of CaptureModeController, that can be
@@ -32,6 +40,12 @@ class ASH_PUBLIC_EXPORT CaptureModeDelegate {
   // vs. 2:00 PM). This is used to build the file name of the captured image or
   // video.
   virtual bool Uses24HourFormat() const = 0;
+
+  // Returns whether capture of the region defined by |window| and |bounds|
+  // is currently allowed or not.
+  virtual bool IsCaptureAllowed(const aura::Window* window,
+                                const gfx::Rect& bounds,
+                                bool for_video) const = 0;
 };
 
 }  // namespace ash

chrome/browser/chromeos/policy/dlp/dlp_content_manager.cc

@@ -9,7 +9,7 @@
 #include "base/stl_util.h"
 #include "base/threading/thread_task_runner_handle.h"
 #include "chrome/browser/chromeos/policy/dlp/dlp_rules_manager.h"
-#include "chrome/browser/ui/ash/chrome_screenshot_grabber.h"
+#include "chrome/browser/ui/ash/screenshot_area.h"
 #include "content/public/browser/visibility.h"
 #include "content/public/browser/web_contents.h"
 #include "extensions/browser/guest_view/mime_handler_view/mime_handler_view_guest.h"

chrome/browser/chromeos/policy/dlp/dlp_content_manager_browsertest.cc

@@ -4,7 +4,7 @@
 
 #include "chrome/browser/chromeos/policy/dlp/dlp_content_manager.h"
 
-#include "chrome/browser/ui/ash/chrome_screenshot_grabber.h"
+#include "chrome/browser/ui/ash/screenshot_area.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_window.h"
 #include "chrome/test/base/in_process_browser_test.h"

chrome/browser/ui/BUILD.gn

@@ -2010,6 +2010,8 @@ static_library("ui") {
       "ash/quick_answers/quick_answers_browser_client_impl.h",
       "ash/screen_orientation_delegate_chromeos.cc",
       "ash/screen_orientation_delegate_chromeos.h",
+      "ash/screenshot_area.cc",
+      "ash/screenshot_area.h",
       "ash/session_controller_client_impl.cc",
       "ash/session_controller_client_impl.h",
       "ash/session_util.cc",

chrome/browser/ui/ash/chrome_capture_mode_delegate.cc

@@ -6,12 +6,26 @@
 
 #include "base/files/file_path.h"
 #include "base/i18n/time_formatting.h"
+#include "chrome/browser/chromeos/policy/dlp/dlp_content_manager.h"
 #include "chrome/browser/download/download_prefs.h"
 #include "chrome/browser/platform_util.h"
 #include "chrome/browser/profiles/profile_manager.h"
+#include "chrome/browser/ui/ash/screenshot_area.h"
 #include "chrome/common/pref_names.h"
 #include "chromeos/login/login_state/login_state.h"
 #include "components/prefs/pref_service.h"
+#include "ui/aura/window.h"
+
+namespace {
+
+ScreenshotArea ConvertToScreenshotArea(const aura::Window* window,
+                                       const gfx::Rect& bounds) {
+  return window->IsRootWindow()
+             ? ScreenshotArea::CreateForPartialWindow(window, bounds)
+             : ScreenshotArea::CreateForWindow(window);
+}
+
+}  // namespace
 
 ChromeCaptureModeDelegate::ChromeCaptureModeDelegate() = default;
 
@@ -38,3 +52,13 @@ bool ChromeCaptureModeDelegate::Uses24HourFormat() const {
     return profile->GetPrefs()->GetBoolean(prefs::kUse24HourClock);
   return base::GetHourClockType() == base::k24HourClock;
 }
+
+bool ChromeCaptureModeDelegate::IsCaptureAllowed(const aura::Window* window,
+                                                 const gfx::Rect& bounds,
+                                                 bool for_video) const {
+  policy::DlpContentManager* dlp_content_manager =
+      policy::DlpContentManager::Get();
+  const ScreenshotArea area = ConvertToScreenshotArea(window, bounds);
+  // TODO(poromov): Implement check for video capture.
+  return for_video ? true : !dlp_content_manager->IsScreenshotRestricted(area);
+}

chrome/browser/ui/ash/chrome_capture_mode_delegate.h

@@ -21,6 +21,9 @@ class ChromeCaptureModeDelegate : public ash::CaptureModeDelegate {
   base::FilePath GetActiveUserDownloadsDir() const override;
   void ShowScreenCaptureItemInFolder(const base::FilePath& file_path) override;
   bool Uses24HourFormat() const override;
+  bool IsCaptureAllowed(const aura::Window* window,
+                        const gfx::Rect& bounds,
+                        bool for_video) const override;
 };
 
 #endif  // CHROME_BROWSER_UI_ASH_CHROME_CAPTURE_MODE_DELEGATE_H_

chrome/browser/ui/ash/chrome_screenshot_grabber.cc

@@ -277,31 +277,6 @@ void EnsureLocalDirectoryExists(
 
 }  // namespace
 
-// static
-ScreenshotArea ScreenshotArea::CreateForAllRootWindows() {
-  return ScreenshotArea(ScreenshotType::kAllRootWindows, nullptr,
-                        base::nullopt);
-}
-
-// static
-ScreenshotArea ScreenshotArea::CreateForWindow(const aura::Window* window) {
-  return ScreenshotArea(ScreenshotType::kWindow, window, base::nullopt);
-}
-
-// static
-ScreenshotArea ScreenshotArea::CreateForPartialWindow(
-    const aura::Window* window,
-    const gfx::Rect rect) {
-  return ScreenshotArea(ScreenshotType::kPartialWindow, window, rect);
-}
-
-ScreenshotArea::ScreenshotArea(const ScreenshotArea& area) = default;
-
-ScreenshotArea::ScreenshotArea(ScreenshotType type,
-                               const aura::Window* window,
-                               base::Optional<const gfx::Rect> rect)
-    : type(type), window(window), rect(rect) {}
-
 ChromeScreenshotGrabber::ChromeScreenshotGrabber()
     : screenshot_grabber_(new ui::ScreenshotGrabber) {
   DCHECK(!g_chrome_screenshot_grabber_instance);

chrome/browser/ui/ash/chrome_screenshot_grabber.h

@@ -14,6 +14,7 @@
 #include "base/observer_list.h"
 #include "base/optional.h"
 #include "build/build_config.h"
+#include "chrome/browser/ui/ash/screenshot_area.h"
 #include "ui/gfx/image/image.h"
 #include "ui/message_center/public/cpp/notification.h"
 #include "ui/snapshot/screenshot_grabber.h"
@@ -39,34 +40,6 @@ enum class ScreenshotFileResult {
   CREATE_FAILED
 };
 
-// Type of the screenshot mode.
-enum class ScreenshotType {
-  kAllRootWindows,
-  kPartialWindow,
-  kWindow,
-};
-
-// Structure representing the area of screenshot.
-// For kWindow screenshots |window| should be set.
-// For kPartialWindow screenshots |rect| and |window| should be set.
-struct ScreenshotArea {
-  static ScreenshotArea CreateForAllRootWindows();
-  static ScreenshotArea CreateForWindow(const aura::Window* window);
-  static ScreenshotArea CreateForPartialWindow(const aura::Window* window,
-                                               const gfx::Rect rect);
-
-  ScreenshotArea(const ScreenshotArea& area);
-
-  const ScreenshotType type;
-  const aura::Window* window = nullptr;
-  const base::Optional<const gfx::Rect> rect;
-
- private:
-  ScreenshotArea(ScreenshotType type,
-                 const aura::Window* window,
-                 base::Optional<const gfx::Rect> rect);
-};
-
 class ChromeScreenshotGrabber : public ash::ScreenshotDelegate {
  public:
   // Callback called with the |result| of trying to create a local writable

chrome/browser/ui/ash/screenshot_area.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ui/ash/screenshot_area.h"
+
+// static
+ScreenshotArea ScreenshotArea::CreateForAllRootWindows() {
+  return ScreenshotArea(ScreenshotType::kAllRootWindows, nullptr,
+                        base::nullopt);
+}
+
+// static
+ScreenshotArea ScreenshotArea::CreateForWindow(const aura::Window* window) {
+  return ScreenshotArea(ScreenshotType::kWindow, window, base::nullopt);
+}
+
+// static
+ScreenshotArea ScreenshotArea::CreateForPartialWindow(
+    const aura::Window* window,
+    const gfx::Rect rect) {
+  return ScreenshotArea(ScreenshotType::kPartialWindow, window, rect);
+}
+
+ScreenshotArea::ScreenshotArea(const ScreenshotArea& area) = default;
+
+ScreenshotArea::ScreenshotArea(ScreenshotType type,
+                               const aura::Window* window,
+                               base::Optional<const gfx::Rect> rect)
+    : type(type), window(window), rect(rect) {}

chrome/browser/ui/ash/screenshot_area.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_UI_ASH_SCREENSHOT_AREA_H_
+#define CHROME_BROWSER_UI_ASH_SCREENSHOT_AREA_H_
+
+#include "base/optional.h"
+#include "ui/gfx/geometry/rect.h"
+
+namespace aura {
+class Window;
+}  // namespace aura
+
+// Type of the screenshot mode.
+enum class ScreenshotType {
+  kAllRootWindows,
+  kPartialWindow,
+  kWindow,
+};
+
+// Structure representing the area of screenshot.
+// For kWindow screenshots |window| should be set.
+// For kPartialWindow screenshots |rect| and |window| should be set.
+struct ScreenshotArea {
+  static ScreenshotArea CreateForAllRootWindows();
+  static ScreenshotArea CreateForWindow(const aura::Window* window);
+  static ScreenshotArea CreateForPartialWindow(const aura::Window* window,
+                                               const gfx::Rect rect);
+
+  ScreenshotArea(const ScreenshotArea& area);
+
+  const ScreenshotType type;
+  const aura::Window* window = nullptr;
+  const base::Optional<const gfx::Rect> rect;
+
+ private:
+  ScreenshotArea(ScreenshotType type,
+                 const aura::Window* window,
+                 base::Optional<const gfx::Rect> rect);
+};
+
+#endif  // CHROME_BROWSER_UI_ASH_SCREENSHOT_AREA_H_