DLP: Connect DlpContentManager to the policy.

By implementing GetRestrictionSetForURL() we finally connect on screen content restrictions to the policy rules engine (DlpRulesManager) and resolve the TODO. Bug: 1109783 Change-Id: I29e62a2b33e7051cfc00b40179bfe5c8d48d0e72 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2421895Reviewed-by: Aya Elsayed <ayaelattar@chromium.org> Reviewed-by: Nikita Podguzov <nikitapodguzov@chromium.org> Commit-Queue: Sergey Poromov <poromov@chromium.org> Cr-Commit-Position: refs/heads/master@{#810505}

DLP: Connect DlpContentManager to the policy.
By implementing GetRestrictionSetForURL() we finally connect on screen content restrictions to the policy rules engine (DlpRulesManager) and resolve the TODO. Bug: 1109783 Change-Id: I29e62a2b33e7051cfc00b40179bfe5c8d48d0e72 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2421895Reviewed-by: Aya Elsayed <ayaelattar@chromium.org> Reviewed-by: Nikita Podguzov <nikitapodguzov@chromium.org> Commit-Queue: Sergey Poromov <poromov@chromium.org> Cr-Commit-Position: refs/heads/master@{#810505}
8f301d90 · Sergey Poromov · Commit Bot · c9569b31 · 8f301d90 · 8f301d90
Commit 8f301d90 authored Sep 25, 2020 by Sergey Poromov Committed by Commit Bot Sep 25, 2020
3 changed files
--- a/chrome/browser/chromeos/policy/dlp/dlp_content_manager.cc
+++ b/chrome/browser/chromeos/policy/dlp/dlp_content_manager.cc
@@ -8,6 +8,7 @@
 #include "base/bind.h"
 #include "base/stl_util.h"
 #include "base/threading/thread_task_runner_handle.h"
+#include "chrome/browser/chromeos/policy/dlp/dlp_rules_manager.h"
 #include "chrome/browser/ui/ash/chrome_screenshot_grabber.h"
 #include "content/public/browser/visibility.h"
 #include "content/public/browser/web_contents.h"
@@ -150,7 +151,26 @@ void DlpContentManager::OnWebContentsDestroyed(
 DlpContentRestrictionSet DlpContentManager::GetRestrictionSetForURL(
    const GURL& url) const {
  DlpContentRestrictionSet set;
-  // TODO(crbug/1109783): Implement based on the policy.
+  if (!DlpRulesManager::IsInitialized())
+    return set;
+  DlpRulesManager* dlp_rules_manager = DlpRulesManager::Get();
+  static const base::NoDestructor<
+      base::flat_map<DlpRulesManager::Restriction, DlpContentRestriction>>
+      kRestrictionsMap({{DlpRulesManager::Restriction::kScreenshot,
+                         DlpContentRestriction::kScreenshot},
+                        {DlpRulesManager::Restriction::kPrivacyScreen,
+                         DlpContentRestriction::kPrivacyScreen},
+                        {DlpRulesManager::Restriction::kPrinting,
+                         DlpContentRestriction::kPrint}});
+  for (const auto& restriction : *kRestrictionsMap) {
+    if (dlp_rules_manager->IsRestricted(url, restriction.first) ==
+        DlpRulesManager::Level::kBlock) {
+      set.SetRestriction(restriction.second);
+    }
+  }
  return set;
 }

--- a/chrome/browser/chromeos/policy/dlp/dlp_rules_manager.cc
+++ b/chrome/browser/chromeos/policy/dlp/dlp_rules_manager.cc
@@ -107,6 +107,11 @@ void DlpRulesManager::Init() {
    g_dlp_rules_manager = new DlpRulesManager();
 }
+// static
+bool DlpRulesManager::IsInitialized() {
+  return g_dlp_rules_manager != nullptr;
+}
 // static
 DlpRulesManager* DlpRulesManager::Get() {
  DCHECK(g_dlp_rules_manager);

--- a/chrome/browser/chromeos/policy/dlp/dlp_rules_manager.h
+++ b/chrome/browser/chromeos/policy/dlp/dlp_rules_manager.h
@@ -75,9 +75,13 @@ class DlpRulesManager {
  using RuleId = int;
-  // Creates a signleton instance of the class.
+  // Creates a singleton instance of the class.
  static void Init();
+  // Returns whether DlpRulesManager was already created after user policy stack
+  // is initialized.
+  static bool IsInitialized();
  // Returns a pointer to the existing instance of the class.
  static DlpRulesManager* Get();