[sync] Expose whether recoverability is degraded in profile menu

The goal of the UI is to notify the user if the recoverability of the account that holds the sync data is not good enough, and the user may run into data loss. To fix this case, the user can press the button in the profile menu. The actual action corresponding to this button is not introduced yet in this patch but instead TODOs have been added, to be addressed in follow-up patches. All logic is behind a feature toggle in lower layers (SyncServiceCrypto) and disabled by default. Change-Id: I86977e710b6109d86f2384b235dbeafaebd762fb Bug: 1081649 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2461326 Commit-Queue: Mikel Astiz <mastiz@chromium.org> Reviewed-by: David Roger <droger@chromium.org> Cr-Commit-Position: refs/heads/master@{#826301}

[sync] Expose whether recoverability is degraded in profile menu
The goal of the UI is to notify the user if the recoverability of the account that holds the sync data is not good enough, and the user may run into data loss. To fix this case, the user can press the button in the profile menu. The actual action corresponding to this button is not introduced yet in this patch but instead TODOs have been added, to be addressed in follow-up patches. All logic is behind a feature toggle in lower layers (SyncServiceCrypto) and disabled by default. Change-Id: I86977e710b6109d86f2384b235dbeafaebd762fb Bug: 1081649 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2461326 Commit-Queue: Mikel Astiz <mastiz@chromium.org> Reviewed-by: David Roger <droger@chromium.org> Cr-Commit-Position: refs/heads/master@{#826301}
9bf0182d · Mikel Astiz · Commit Bot · 1f673896 · 9bf0182d · 9bf0182d
Commit 9bf0182d authored Nov 11, 2020 by Mikel Astiz Committed by Commit Bot Nov 11, 2020
13 changed files
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -8306,12 +8306,21 @@ Please help our engineers fix this problem. Tell us what happened right before y
      <message name="IDS_SYNC_ERROR_PASSWORDS_USER_MENU_TITLE" desc="Title of the sync/signin error header of desktop user menu.">
        Password sync isn't working
      </message>
+      <message name="IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_USER_MENU_TITLE" desc="Title of a sync error header of desktop user menu that prompts the user to add recovery options.">
+        Make sure you can always access your sync data
+      </message>
+      <message name="IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_USER_MENU_TITLE" desc="Title of a sync error header of desktop user menu that prompts the user to add recovery options.">
+        Make sure you can always access your saved passwords
+      </message>
      <message name="IDS_SYNC_ERROR_USER_MENU_SIGNIN_BUTTON" desc="Button in the header of desktop user menu that prompts the user to sign in again to fix the out-of-date signin info error.">
        Sign in again
      </message>
      <message name="IDS_SYNC_ERROR_USER_MENU_PASSPHRASE_BUTTON" desc="Button in the header of desktop user menu that prompts the user to enter the sync passphrase to fix the out-of-date passphrase error.">
        Enter passphrase
      </message>
+      <message name="IDS_SYNC_ERROR_USER_MENU_RECOVERABILITY_BUTTON" desc="Button in the header of desktop user menu that prompts the user to reauthentication to fix the sync error affecting encrypted datatypes.">
+        Fix now
+      </message>
      <message name="IDS_SYNC_ERROR_USER_MENU_RETRIEVE_KEYS_BUTTON" desc="Button in the header of desktop user menu that prompts the user to reauthentication to fix the sync error affecting encrypted datatypes.">
        Fix now
      </message>

--- a/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_USER_MENU_TITLE.png.sha1
+++ b/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_USER_MENU_TITLE.png.sha1
+9dbb28b3abd28a8046da9dfabdb8f786ef65c213
\ No newline at end of file
--- a/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_USER_MENU_TITLE.png.sha1
+++ b/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_USER_MENU_TITLE.png.sha1
+a52e087aa4b3cb0c688d973c4df00af1652c968f
\ No newline at end of file
--- a/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_USER_MENU_RECOVERABILITY_BUTTON.png.sha1
+++ b/chrome/app/generated_resources_grd/IDS_SYNC_ERROR_USER_MENU_RECOVERABILITY_BUTTON.png.sha1
+a52e087aa4b3cb0c688d973c4df00af1652c968f
\ No newline at end of file
--- a/chrome/browser/sync/sync_ui_util.cc
+++ b/chrome/browser/sync/sync_ui_util.cc
@@ -280,6 +280,13 @@ AvatarSyncErrorType GetAvatarSyncErrorType(Profile* profile) {
               : TRUSTED_VAULT_KEY_MISSING_FOR_PASSWORDS_ERROR;
  }
+  // Check for trusted vault recoverability state.
+  if (ShouldShowTrustedVaultDegradedRecoverabilityError(service)) {
+    return service->GetUserSettings()->IsEncryptEverythingEnabled()
+               ? TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_ERROR
+               : TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR;
+  }
  // There is no error.
  return NO_SYNC_ERROR;
 }
@@ -314,6 +321,13 @@ bool ShouldShowSyncKeysMissingError(const syncer::SyncService* service) {
         settings->IsTrustedVaultKeyRequiredForPreferredDataTypes();
 }
+bool ShouldShowTrustedVaultDegradedRecoverabilityError(
+    const syncer::SyncService* service) {
+  const syncer::SyncUserSettings* settings = service->GetUserSettings();
+  return HasUserOptedInToSync(settings) &&
+         settings->IsTrustedVaultRecoverabilityDegraded();
+}
 void OpenTabForSyncKeyRetrieval(
    Browser* browser,
    syncer::KeyRetrievalTriggerForUMA key_retrieval_trigger) {

--- a/chrome/browser/sync/sync_ui_util.h
+++ b/chrome/browser/sync/sync_ui_util.h
@@ -35,7 +35,7 @@ enum MessageType {
  PASSWORDS_ONLY_SYNC_ERROR,
 };
-// The action associated with the sync status.
+// The action associated with the sync status in settings.
 enum ActionType {
  // No action to take.
  NO_ACTION,
@@ -72,6 +72,11 @@ enum AvatarSyncErrorType {
  TRUSTED_VAULT_KEY_MISSING_FOR_EVERYTHING_ERROR,
  // Trusted vault keys missing for always-encrypted datatypes (passwords).
  TRUSTED_VAULT_KEY_MISSING_FOR_PASSWORDS_ERROR,
+  // User needs to improve recoverability of the trusted vault (encrypt
+  // everything is enabled).
+  TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_ERROR,
+  // User needs to improve recoverability of the trusted vault (passwords).
+  TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR,
  // Sync settings dialog not confirmed yet.
  SETTINGS_UNCONFIRMED_ERROR,
 };
@@ -115,6 +120,11 @@ bool ShouldShowPassphraseError(const syncer::SyncService* service);
 // up encrypted datatypes.
 bool ShouldShowSyncKeysMissingError(const syncer::SyncService* service);
+// Returns whether user action is required to improve the recoverability of the
+// trusted vault.
+bool ShouldShowTrustedVaultDegradedRecoverabilityError(
+    const syncer::SyncService* service);
 // Opens a tab to trigger a reauth to retrieve the trusted vault keys.
 void OpenTabForSyncKeyRetrieval(
    Browser* browser,

--- a/chrome/browser/sync/sync_ui_util_unittest.cc
+++ b/chrome/browser/sync/sync_ui_util_unittest.cc
@@ -65,6 +65,7 @@ enum DistinctState {
  STATUS_CASE_CONFIRM_SYNC_SETTINGS,
  STATUS_CASE_PASSPHRASE_ERROR,
  STATUS_CASE_TRUSTED_VAULT_KEYS_ERROR,
+  STATUS_CASE_TRUSTED_VAULT_RECOVERABILITY_ERROR,
  STATUS_CASE_SYNCED,
  STATUS_CASE_SYNC_DISABLED_BY_POLICY,
  STATUS_CASE_SYNC_RESET_FROM_DASHBOARD,
@@ -164,6 +165,15 @@ StatusLabels SetUpDistinctCase(
      service->SetTrustedVaultKeyRequiredForPreferredDataTypes(true);
      return {PASSWORDS_ONLY_SYNC_ERROR, IDS_SETTINGS_EMPTY_STRING,
              IDS_SYNC_STATUS_NEEDS_KEYS_BUTTON, RETRIEVE_TRUSTED_VAULT_KEYS};
+    case STATUS_CASE_TRUSTED_VAULT_RECOVERABILITY_ERROR:
+      service->SetFirstSetupComplete(true);
+      service->SetTransportState(syncer::SyncService::TransportState::ACTIVE);
+      service->SetDetailedSyncStatus(false, syncer::SyncStatus());
+      service->SetDisableReasons(syncer::SyncService::DisableReasonSet());
+      service->SetPassphraseRequired(false);
+      service->SetTrustedVaultRecoverabilityDegraded(true);
+      return {SYNCED, IDS_SYNC_ACCOUNT_SYNCING, IDS_SETTINGS_EMPTY_STRING,
+              NO_ACTION};
    case STATUS_CASE_SYNCED: {
      service->SetFirstSetupComplete(true);
      service->SetTransportState(syncer::SyncService::TransportState::ACTIVE);

--- a/chrome/browser/sync/test/integration/single_client_nigori_sync_test.cc
+++ b/chrome/browser/sync/test/integration/single_client_nigori_sync_test.cc
@@ -597,6 +597,8 @@ IN_PROC_BROWSER_TEST_F(SingleClientNigoriWithWebApiTest,
                   ->IsTrustedVaultRecoverabilityDegraded());
  EXPECT_TRUE(GetSyncService(0)->GetActiveDataTypes().Has(syncer::PASSWORDS));
  EXPECT_FALSE(sync_ui_util::ShouldShowSyncKeysMissingError(GetSyncService(0)));
+  EXPECT_FALSE(sync_ui_util::ShouldShowTrustedVaultDegradedRecoverabilityError(
+      GetSyncService(0)));
  EXPECT_THAT(
      sync_ui_util::GetStatusLabels(GetProfile(0)),
      StatusLabelsMatch(sync_ui_util::SYNCED, IDS_SYNC_ACCOUNT_SYNCING,
@@ -980,6 +982,15 @@ IN_PROC_BROWSER_TEST_F(SingleClientNigoriWithRecoverySyncTest,
  EXPECT_TRUE(GetSyncService(0)
                  ->GetUserSettings()
                  ->IsTrustedVaultRecoverabilityDegraded());
+  EXPECT_TRUE(sync_ui_util::ShouldShowTrustedVaultDegradedRecoverabilityError(
+      GetSyncService(0)));
+#if !defined(OS_CHROMEOS)
+  // Verify the profile-menu error string is empty.
+  EXPECT_EQ(
+      sync_ui_util::TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR,
+      sync_ui_util::GetAvatarSyncErrorType(GetProfile(0)));
+#endif  // !defined(OS_CHROMEOS)
  // No messages expected in settings.
  EXPECT_THAT(
@@ -1001,6 +1012,8 @@ IN_PROC_BROWSER_TEST_F(SingleClientNigoriWithRecoverySyncTest,
  EXPECT_TRUE(
      TrustedVaultRecoverabilityNotDegradedChecker(GetSyncService(0)).Wait());
+  EXPECT_FALSE(sync_ui_util::ShouldShowTrustedVaultDegradedRecoverabilityError(
+      GetSyncService(0)));
 #if !defined(OS_CHROMEOS)
  // Verify the profile-menu error string is empty.

--- a/chrome/browser/ui/views/profiles/profile_menu_view.cc
+++ b/chrome/browser/ui/views/profiles/profile_menu_view.cc
@@ -104,6 +104,18 @@ ProfileMenuViewBase::SyncInfo GetSyncInfoForAvatarErrorType(
      return {IDS_SYNC_ERROR_PASSWORDS_USER_MENU_TITLE,
              IDS_SYNC_ERROR_USER_MENU_RETRIEVE_KEYS_BUTTON,
              ProfileMenuViewBase::SyncInfoContainerBackgroundState::kError};
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_ERROR:
+      return {
+          IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_USER_MENU_TITLE,
+          IDS_SYNC_ERROR_USER_MENU_RECOVERABILITY_BUTTON,
+          ProfileMenuViewBase::SyncInfoContainerBackgroundState::kError};
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR:
+      return {
+          IDS_SYNC_ERROR_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_USER_MENU_TITLE,
+          IDS_SYNC_ERROR_USER_MENU_RECOVERABILITY_BUTTON,
+          ProfileMenuViewBase::SyncInfoContainerBackgroundState::kError};
    case sync_ui_util::SETTINGS_UNCONFIRMED_ERROR:
      return GetStandardSyncErrorInfo(
          IDS_SYNC_ERROR_USER_MENU_CONFIRM_SYNC_SETTINGS_BUTTON);
@@ -228,6 +240,10 @@ gfx::ImageSkia ProfileMenuView::GetSyncIcon() const {
    case sync_ui_util::PASSPHRASE_ERROR:
    case sync_ui_util::TRUSTED_VAULT_KEY_MISSING_FOR_EVERYTHING_ERROR:
    case sync_ui_util::TRUSTED_VAULT_KEY_MISSING_FOR_PASSWORDS_ERROR:
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_ERROR:
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR:
    case sync_ui_util::SETTINGS_UNCONFIRMED_ERROR:
      icon = &kSyncPausedCircleIcon;
      color_id = ui::NativeTheme::kColorId_AlertSeverityHigh;
@@ -348,6 +364,14 @@ void ProfileMenuView::OnSyncErrorButtonClicked(
      sync_ui_util::OpenTabForSyncKeyRetrieval(
          browser(), syncer::KeyRetrievalTriggerForUMA::kProfileMenu);
      break;
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_EVERYTHING_ERROR:
+    case sync_ui_util::
+        TRUSTED_VAULT_RECOVERABILITY_DEGRADED_FOR_PASSWORDS_ERROR:
+      // TODO(crbug.com/1081649): This should use a dedicated function.
+      sync_ui_util::OpenTabForSyncKeyRetrieval(
+          browser(), syncer::KeyRetrievalTriggerForUMA::kProfileMenu);
+      break;
    case sync_ui_util::PASSPHRASE_ERROR:
    case sync_ui_util::SETTINGS_UNCONFIRMED_ERROR:
      chrome::ShowSettingsSubPage(browser(), chrome::kSyncSetupSubPage);

--- a/components/sync/driver/test_sync_service.cc
+++ b/components/sync/driver/test_sync_service.cc
@@ -128,6 +128,10 @@ void TestSyncService::SetTrustedVaultKeyRequiredForPreferredDataTypes(
  user_settings_.SetTrustedVaultKeyRequiredForPreferredDataTypes(required);
 }
+void TestSyncService::SetTrustedVaultRecoverabilityDegraded(bool degraded) {
+  user_settings_.SetTrustedVaultRecoverabilityDegraded(degraded);
+}
 void TestSyncService::SetIsUsingSecondaryPassphrase(bool enabled) {
  user_settings_.SetIsUsingSecondaryPassphrase(enabled);
 }

--- a/components/sync/driver/test_sync_service.h
+++ b/components/sync/driver/test_sync_service.h
@@ -49,6 +49,7 @@ class TestSyncService : public SyncService {
  void SetPassphraseRequiredForPreferredDataTypes(bool required);
  void SetTrustedVaultKeyRequired(bool required);
  void SetTrustedVaultKeyRequiredForPreferredDataTypes(bool required);
+  void SetTrustedVaultRecoverabilityDegraded(bool degraded);
  void SetIsUsingSecondaryPassphrase(bool enabled);
  void FireStateChanged();

--- a/components/sync/driver/test_sync_user_settings.cc
+++ b/components/sync/driver/test_sync_user_settings.cc
@@ -178,7 +178,7 @@ bool TestSyncUserSettings::IsTrustedVaultKeyRequiredForPreferredDataTypes()
 }
 bool TestSyncUserSettings::IsTrustedVaultRecoverabilityDegraded() const {
-  return false;
+  return trusted_vault_recoverability_degraded_;
 }
 bool TestSyncUserSettings::IsUsingSecondaryPassphrase() const {
@@ -228,6 +228,11 @@ void TestSyncUserSettings::SetTrustedVaultKeyRequiredForPreferredDataTypes(
  trusted_vault_key_required_for_preferred_data_types_ = required;
 }
+void TestSyncUserSettings::SetTrustedVaultRecoverabilityDegraded(
+    bool degraded) {
+  trusted_vault_recoverability_degraded_ = degraded;
+}
 void TestSyncUserSettings::SetIsUsingSecondaryPassphrase(bool enabled) {
  using_secondary_passphrase_ = enabled;
 }

--- a/components/sync/driver/test_sync_user_settings.h
+++ b/components/sync/driver/test_sync_user_settings.h
@@ -69,6 +69,7 @@ class TestSyncUserSettings : public SyncUserSettings {
  void SetPassphraseRequiredForPreferredDataTypes(bool required);
  void SetTrustedVaultKeyRequired(bool required);
  void SetTrustedVaultKeyRequiredForPreferredDataTypes(bool required);
+  void SetTrustedVaultRecoverabilityDegraded(bool degraded);
  void SetIsUsingSecondaryPassphrase(bool enabled);
 private:
@@ -85,6 +86,7 @@ class TestSyncUserSettings : public SyncUserSettings {
  bool passphrase_required_for_preferred_data_types_ = false;
  bool trusted_vault_key_required_ = false;
  bool trusted_vault_key_required_for_preferred_data_types_ = false;
+  bool trusted_vault_recoverability_degraded_ = false;
  bool using_secondary_passphrase_ = false;
 };