Disable clear buttons in Site Settings for supervised users

Disable the "clear and reset" and the "clear storage" buttons in Site
Settings for supervised users on Android.

Bug: 1081944
Change-Id: I20c39ef8e62d7fea775bbaca9ea05bbe475fef84
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2201756
Commit-Queue: Christian Dullweber <dullweber@chromium.org>
Reviewed-by: Finnur Thorarinsson <finnur@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#768817}

chrome/browser/permissions/chrome_permissions_client.cc

@@ -19,6 +19,7 @@
 #include "chrome/browser/usb/usb_chooser_context.h"
 #include "chrome/browser/usb/usb_chooser_context_factory.h"
 #include "chrome/common/url_constants.h"
+#include "components/google/core/common/google_util.h"
 #include "components/permissions/features.h"
 #include "components/ukm/content/source_url_recorder.h"
 #include "extensions/common/constants.h"
@@ -121,6 +122,18 @@ void ChromePermissionsClient::AreSitesImportant(
   }
 }
 
+// Some Google-affiliated domains are not allowed to delete cookies for
+// supervised accounts.
+bool ChromePermissionsClient::IsCookieDeletionDisabled(
+    content::BrowserContext* browser_context,
+    const GURL& origin) {
+  if (!Profile::FromBrowserContext(browser_context)->IsChild())
+    return false;
+
+  return google_util::IsYoutubeDomainUrl(origin, google_util::ALLOW_SUBDOMAIN,
+                                         google_util::ALLOW_NON_STANDARD_PORTS);
+}
+
 void ChromePermissionsClient::GetUkmSourceId(
     content::BrowserContext* browser_context,
     const content::WebContents* web_contents,

chrome/browser/permissions/chrome_permissions_client.h

@@ -28,6 +28,8 @@ class ChromePermissionsClient : public permissions::PermissionsClient {
   void AreSitesImportant(
       content::BrowserContext* browser_context,
       std::vector<std::pair<url::Origin, bool>>* urls) override;
+  bool IsCookieDeletionDisabled(content::BrowserContext* browser_context,
+                                const GURL& origin) override;
   void GetUkmSourceId(content::BrowserContext* browser_context,
                       const content::WebContents* web_contents,
                       const GURL& requesting_origin,

components/browser_ui/site_settings/android/java/src/org/chromium/components/browser_ui/site_settings/SingleWebsiteSettings.java

@@ -334,7 +334,7 @@ public class SingleWebsiteSettings extends SiteSettingsPreferenceFragment
         } else if (PREF_CLEAR_DATA.equals(preference.getKey())) {
             setUpClearDataPreference((ClearWebsiteStorage) preference);
         } else if (PREF_RESET_SITE.equals(preference.getKey())) {
-            preference.setOnPreferenceClickListener(this);
+            setupResetSitePreference(preference);
         } else {
             assert PERMISSION_PREFERENCE_KEYS.length
                     == ContentSettingException.Type.NUM_ENTRIES + PermissionInfo.Type.NUM_ENTRIES;
@@ -385,11 +385,25 @@ public class SingleWebsiteSettings extends SiteSettingsPreferenceFragment
                     String.format(context.getString(R.string.origin_settings_storage_usage_brief),
                             Formatter.formatShortFileSize(context, usage)));
             preference.setDataForDisplay(mSite.getTitle(), appFound);
+            if (WebsitePreferenceBridge.isCookieDeletionDisabled(
+                        getSiteSettingsClient().getBrowserContextHandle(),
+                        mSite.getAddress().getOrigin())) {
+                preference.setEnabled(false);
+            }
         } else {
             getPreferenceScreen().removePreference(preference);
         }
     }
 
+    private void setupResetSitePreference(Preference preference) {
+        preference.setOnPreferenceClickListener(this);
+        if (WebsitePreferenceBridge.isCookieDeletionDisabled(
+                    getSiteSettingsClient().getBrowserContextHandle(),
+                    mSite.getAddress().getOrigin())) {
+            preference.setEnabled(false);
+        }
+    }
+
     private Intent getNotificationSettingsIntent(String packageName) {
         Intent intent = new Intent();
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {

components/browser_ui/site_settings/android/java/src/org/chromium/components/browser_ui/site_settings/WebsitePreferenceBridge.java

@@ -496,6 +496,17 @@ public class WebsitePreferenceBridge {
                 browserContextHandle);
     }
 
+    /**
+     * Some Google-affiliated domains are not allowed to delete cookies for supervised accounts.
+     *
+     * @return Whether deleting cookies is disabled for |origin|.
+     */
+    public static boolean isCookieDeletionDisabled(
+            BrowserContextHandle browserContextHandle, String origin) {
+        return WebsitePreferenceBridgeJni.get().isCookieDeletionDisabled(
+                browserContextHandle, origin);
+    }
+
     /**
      * @return Whether geolocation information can be shared with content.
      */
@@ -671,6 +682,7 @@ public class WebsitePreferenceBridge {
                 BrowserContextHandle browserContextHandle, int contentSettingType);
         boolean isContentSettingManaged(
                 BrowserContextHandle browserContextHandle, int contentSettingType);
+        boolean isCookieDeletionDisabled(BrowserContextHandle browserContextHandle, String origin);
         void setContentSettingEnabled(
                 BrowserContextHandle browserContextHandle, int contentSettingType, boolean allow);
         void getContentSettingsExceptions(BrowserContextHandle browserContextHandle,

components/browser_ui/site_settings/android/website_preference_bridge.cc

@@ -1017,6 +1017,15 @@ static jboolean JNI_WebsitePreferenceBridge_IsContentSettingManaged(
       static_cast<ContentSettingsType>(content_settings_type));
 }
 
+static jboolean JNI_WebsitePreferenceBridge_IsCookieDeletionDisabled(
+    JNIEnv* env,
+    const JavaParamRef<jobject>& jbrowser_context_handle,
+    const JavaParamRef<jstring>& jorigin) {
+  std::string origin = ConvertJavaStringToUTF8(env, jorigin);
+  return permissions::PermissionsClient::Get()->IsCookieDeletionDisabled(
+      unwrap(jbrowser_context_handle), GURL(origin));
+}
+
 static jboolean JNI_WebsitePreferenceBridge_IsContentSettingEnabled(
     JNIEnv* env,
     const JavaParamRef<jobject>& jbrowser_context_handle,

components/permissions/permissions_client.cc

@@ -44,6 +44,12 @@ void PermissionsClient::AreSitesImportant(
     entry.second = false;
 }
 
+bool PermissionsClient::IsCookieDeletionDisabled(
+    content::BrowserContext* browser_context,
+    const GURL& origin) {
+  return false;
+}
+
 void PermissionsClient::GetUkmSourceId(content::BrowserContext* browser_context,
                                        const content::WebContents* web_contents,
                                        const GURL& requesting_origin,

components/permissions/permissions_client.h

@@ -82,6 +82,12 @@ class PermissionsClient {
       content::BrowserContext* browser_context,
       std::vector<std::pair<url::Origin, bool>>* origins);
 
+  // Returns whether cookie deletion is allowed for |browser_context| and
+  // |origin|.
+  virtual bool IsCookieDeletionDisabled(
+      content::BrowserContext* browser_context,
+      const GURL& origin);
+
   // Retrieves the ukm::SourceId (if any) associated with this |browser_context|
   // and |web_contents|. |web_contents| may be null. |callback| will be called
   // with the result, and may be run synchronously if the result is available