DLP: Support ARC as a separate data endpoint

- Added kArc as a data endpoint type of the clipboard data. - Changed the notification strings of the toast shown when the clipboard data sharing with ARC++ fails. Bug: 1129345 Change-Id: I8e61ddbb1dc9ea9f36d1965152fe57e471787479 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2428970 Commit-Queue: Aya Elsayed <ayaelattar@chromium.org> Reviewed-by: Sergey Poromov <poromov@chromium.org> Reviewed-by: Darwin Huang <huangdarwin@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Nikita Podguzov <nikitapodguzov@chromium.org> Cr-Commit-Position: refs/heads/master@{#811671}

DLP: Support ARC as a separate data endpoint
- Added kArc as a data endpoint type of the clipboard data. - Changed the notification strings of the toast shown when the clipboard data sharing with ARC++ fails. Bug: 1129345 Change-Id: I8e61ddbb1dc9ea9f36d1965152fe57e471787479 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2428970 Commit-Queue: Aya Elsayed <ayaelattar@chromium.org> Reviewed-by: Sergey Poromov <poromov@chromium.org> Reviewed-by: Darwin Huang <huangdarwin@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Nikita Podguzov <nikitapodguzov@chromium.org> Cr-Commit-Position: refs/heads/master@{#811671}
554a491b · Aya ElAttar · Commit Bot · e10716b7 · 554a491b · 554a491b
Commit 554a491b authored Sep 29, 2020 by Aya ElAttar Committed by Commit Bot Sep 29, 2020
6 changed files
--- a/chrome/browser/chromeos/policy/dlp/enterprise_clipboard_dlp_controller.cc
+++ b/chrome/browser/chromeos/policy/dlp/enterprise_clipboard_dlp_controller.cc
@@ -8,6 +8,7 @@

 #include "ash/public/cpp/toast_data.h"
 #include "ash/public/cpp/toast_manager.h"
+#include "base/notreached.h"
 #include "base/optional.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/crostini/crostini_util.h"
@@ -60,10 +61,13 @@ bool EnterpriseClipboardDlpController::IsDataReadAllowed(
            DlpRulesManager::Component::kPluginVm,
            DlpRulesManager::Component::kCrostini},
        DlpRulesManager::Restriction::kClipboard);
+  } else if (data_dst->type() == ui::EndpointType::kArc) {
+    level = DlpRulesManager::Get()->IsRestrictedComponent(
+        data_src->origin()->GetURL(), DlpRulesManager::Component::kArc,
+        DlpRulesManager::Restriction::kClipboard);
  } else {
    NOTREACHED();
  }
-  // TODO(crbug.com/1129345): Add a separate handling for ARC

  if (level == DlpRulesManager::Level::kBlock) {
    ShowBlockToast(GetToastText(data_dst));
@@ -107,6 +111,13 @@ base::string16 EnterpriseClipboardDlpController::GetToastText(
      NOTREACHED();
    }
  }
+
+  if (data_dst && data_dst->type() == ui::EndpointType::kArc) {
+    return l10n_util::GetStringFUTF16(
+        IDS_POLICY_DLP_CLIPBOARD_BLOCKED_ON_COPY_VM,
+        l10n_util::GetStringUTF16(IDS_POLICY_DLP_ANDROID_APPS));
+  }
+
  return l10n_util::GetStringUTF16(IDS_POLICY_DLP_CLIPBOARD_BLOCKED_ON_PASTE);
 }


--- a/chrome/browser/chromeos/policy/dlp/enterprise_clipboard_dlp_controller.h
+++ b/chrome/browser/chromeos/policy/dlp/enterprise_clipboard_dlp_controller.h
@@ -38,7 +38,7 @@ class EnterpriseClipboardDlpController : public ui::ClipboardDlpController {
  void ShowBlockToast(const base::string16& text) const;

  // The text will be different if the clipboard data is shared with Crostini
-  // or Parallels or both of them.
+  // or Parallels or ARC.
  base::string16 GetToastText(
      const ui::ClipboardDataEndpoint* const data_dst) const;
 };

--- a/components/arc/clipboard/arc_clipboard_bridge.cc
+++ b/components/arc/clipboard/arc_clipboard_bridge.cc
@@ -49,7 +49,7 @@ mojom::ClipRepresentationPtr CreateHTML(const ui::Clipboard* clipboard) {
  // Unused. URL is sent from CreatePlainText() by reading it from the Bookmark.
  std::string url;
  uint32_t fragment_start, fragment_end;
-  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kGuestOs);
+  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kArc);

  clipboard->ReadHTML(ui::ClipboardBuffer::kCopyPaste, &data_dst, &markup16,
                      &url, &fragment_start, &fragment_end);
@@ -71,7 +71,7 @@ mojom::ClipRepresentationPtr CreatePlainText(const ui::Clipboard* clipboard) {
  base::string16 title;
  std::string text;
  std::string mime_type(ui::kMimeTypeText);
-  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kGuestOs);
+  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kArc);

  // Both Bookmark and AsciiText are represented by text/plain. If both are
  // present, only use Bookmark.
@@ -87,7 +87,7 @@ mojom::ClipDataPtr GetClipData(const ui::Clipboard* clipboard) {
  DCHECK(clipboard);

  std::vector<base::string16> mime_types;
-  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kGuestOs);
+  const ui::ClipboardDataEndpoint data_dst(ui::EndpointType::kArc);
  clipboard->ReadAvailableTypes(ui::ClipboardBuffer::kCopyPaste, &data_dst,
                                &mime_types);

@@ -178,7 +178,7 @@ void ArcClipboardBridge::SetClipContent(mojom::ClipDataPtr clip_data) {
  base::AutoReset<bool> auto_reset(&event_originated_at_instance_, true);
  ui::ScopedClipboardWriter writer(
      ui::ClipboardBuffer::kCopyPaste,
-      std::make_unique<ui::ClipboardDataEndpoint>(ui::EndpointType::kGuestOs));
+      std::make_unique<ui::ClipboardDataEndpoint>(ui::EndpointType::kArc));

  for (const auto& repr : clip_data->representations) {
    const std::string& mime_type(repr->mime_type);

--- a/components/policy_strings.grdp
+++ b/components/policy_strings.grdp
@@ -579,6 +579,9 @@ Additional details:
  <message name="IDS_POLICY_DLP_CLIPBOARD_BLOCKED_ON_COPY_TWO_VMS" desc="A toast informing the user that sharing clipboard data to VMs is blocked.">
    Your administrator has blocked sharing this content to <ph name="VM_NAME_1">$1<ex>Linux</ex></ph> and <ph name="VM_NAME_2">$2<ex>Parallels</ex></ph>
  </message>
+  <message name="IDS_POLICY_DLP_ANDROID_APPS" desc="Name shown for ARC in data leak prevention toasts.">
+    Android apps
+  </message>
  <message name="IDS_POLICY_DLP_PRINTING_BLOCKED" desc="A toast informing the user that printing is blocked.">
    Printing of this content is blocked by your administrator
  </message>

--- a/components/policy_strings_grdp/IDS_POLICY_DLP_ANDROID_APPS.png.sha1
+++ b/components/policy_strings_grdp/IDS_POLICY_DLP_ANDROID_APPS.png.sha1
+c8b41368266afc8b1d606cea145ddc2c5ab62527
\ No newline at end of file
--- a/ui/base/clipboard/clipboard_data_endpoint.h
+++ b/ui/base/clipboard/clipboard_data_endpoint.h
@@ -16,11 +16,14 @@ namespace ui {
 // Whenever a new format is supported, a new enum should be added.
 enum class EndpointType {
 #if defined(OS_CHROMEOS) || (OS_LINUX) || (OS_FUCHSIA)
-  kGuestOs = 0,  // Guest OS: ARC++, PluginVM, Crostini.
-#endif
-  kUrl = 1,  // Website URL e.g. www.example.com.
-  kClipboardHistory =
-      2,  // Clipboard History UI has privileged access to any clipboard data.
+  kGuestOs = 0,  // Guest OS: PluginVM, Crostini.
+#endif           // defined(OS_CHROMEOS) || (OS_LINUX) || (OS_FUCHSIA)
+#if defined(OS_CHROMEOS)
+  kArc = 1,               // ARC.
+#endif                    // defined(OS_CHROMEOS)
+  kUrl = 2,               // Website URL e.g. www.example.com.
+  kClipboardHistory = 3,  // Clipboard History UI has privileged access to any
+                          // clipboard data.
  kMaxValue = kClipboardHistory
 };