[Passwords] Reset skip_zero_click in account store

This CL resets skip_zero_click in the account store before
credentials are passed to the javascript API in CredentialManagementAPI

Bug: 1093286
Change-Id: Ic62341369446c90b9f0986eb30cea3924bc28864
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2307335
Commit-Queue: Mohamed Amir Yosef <mamir@chromium.org>
Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org>
Cr-Commit-Position: refs/heads/master@{#794979}

components/password_manager/core/browser/credential_manager_impl.cc

@@ -202,7 +202,10 @@ void CredentialManagerImpl::SendPasswordForm(
             ? CredentialType::CREDENTIAL_TYPE_PASSWORD
             : CredentialType::CREDENTIAL_TYPE_FEDERATED;
     info = CredentialInfo(*form, type_to_return);
-    if (PasswordStore* store = GetProfilePasswordStore()) {
+    PasswordStore* store = form->IsUsingAccountStore()
+                               ? GetAccountPasswordStore()
+                               : GetProfilePasswordStore();
+    if (store) {
       if (form->skip_zero_click && IsZeroClickAllowed()) {
         autofill::PasswordForm update_form = *form;
         update_form.skip_zero_click = false;

components/password_manager/core/browser/credential_manager_impl_unittest.cc

@@ -1302,7 +1302,7 @@ TEST_P(CredentialManagerImplTest,
   EXPECT_NE(CredentialType::CREDENTIAL_TYPE_EMPTY, credential_1->type);
 }
 
-TEST_P(CredentialManagerImplTest, ResetSkipZeroClickAfterPrompt) {
+TEST_P(CredentialManagerImplTest, ResetSkipZeroClickInProfileStoreAfterPrompt) {
   // Turn on the global zero-click flag, and add two credentials in separate
   // origins, both set to skip zero-click.
   client_->set_zero_click_enabled(true);
@@ -1351,6 +1351,92 @@ TEST_P(CredentialManagerImplTest, ResetSkipZeroClickAfterPrompt) {
   EXPECT_TRUE(passwords[cross_origin_form_.signon_realm][0].skip_zero_click);
 }
 
+TEST_P(CredentialManagerImplTest, ResetSkipZeroClickInAccountStoreAfterPrompt) {
+  // This test is relevant only for account store users.
+  if (!GetParam())
+    return;
+  DCHECK(account_store_);
+  // This is simplified version of the test above that tests against the account
+  // store.
+  // Turn on the global zero-click flag, and add the credential for
+  // |kTestWebOrigin| and set to skip zero-click.
+  client_->set_zero_click_enabled(true);
+  form_.skip_zero_click = true;
+  account_store_->AddLogin(form_);
+
+  // Trigger a request which should return the credential found in |form_|, and
+  // wait for it to process.
+  // Check that the form in the database has been updated. `OnRequestCredential`
+  // generates a call to prompt the user to choose a credential.
+  // MockPasswordManagerClient mocks a user choice, and when users choose a
+  // credential (and have the global zero-click flag enabled), we make sure that
+  // they'll be logged in again next time.
+  EXPECT_CALL(*client_, PromptUserToChooseCredentialsPtr)
+      .Times(testing::Exactly(1));
+  EXPECT_CALL(*client_, NotifyUserAutoSigninPtr()).Times(testing::Exactly(0));
+
+  bool called = false;
+  CredentialManagerError error;
+  base::Optional<CredentialInfo> credential;
+  CallGet(CredentialMediationRequirement::kOptional, true, /*federations=*/{},
+          base::BindOnce(&GetCredentialCallback, &called, &error, &credential));
+
+  RunAllPendingTasks();
+
+  TestPasswordStore::PasswordMap passwords = account_store_->stored_passwords();
+  ASSERT_EQ(1U, passwords.size());
+  ASSERT_EQ(1U, passwords[form_.signon_realm].size());
+  EXPECT_FALSE(passwords[form_.signon_realm][0].skip_zero_click);
+}
+
+TEST_P(CredentialManagerImplTest,
+       ResetSkipZeroClickInAccountStoreAfterPromptIfExistsInBothStores) {
+  // This test is relevant only for account store users.
+  if (!GetParam())
+    return;
+  DCHECK(account_store_);
+  // This is simplified version of the test above that tests against both the
+  // profile the account stores. When the same credential is stored in both
+  // stores, we favor the one in the account.
+
+  // Turn on the global zero-click flag, and add the credential for
+  // |kTestWebOrigin| , both set to skip zero-click on both stores.
+  client_->set_zero_click_enabled(true);
+  form_.skip_zero_click = true;
+  account_store_->AddLogin(form_);
+  store_->AddLogin(form_);
+
+  // Trigger a request which should return the credential found in |form_|, and
+  // wait for it to process.
+  // Check that the form in the database has been updated. `OnRequestCredential`
+  // generates a call to prompt the user to choose a credential.
+  // MockPasswordManagerClient mocks a user choice, and when users choose a
+  // credential (and have the global zero-click flag enabled), we make sure that
+  // they'll be logged in again next time.
+  EXPECT_CALL(*client_, PromptUserToChooseCredentialsPtr)
+      .Times(testing::Exactly(1));
+  EXPECT_CALL(*client_, NotifyUserAutoSigninPtr()).Times(testing::Exactly(0));
+
+  bool called = false;
+  CredentialManagerError error;
+  base::Optional<CredentialInfo> credential;
+  CallGet(CredentialMediationRequirement::kOptional, true, /*federations=*/{},
+          base::BindOnce(&GetCredentialCallback, &called, &error, &credential));
+
+  RunAllPendingTasks();
+
+  // Only the one in the account store is affected.
+  TestPasswordStore::PasswordMap passwords = store_->stored_passwords();
+  ASSERT_EQ(1U, passwords.size());
+  ASSERT_EQ(1U, passwords[form_.signon_realm].size());
+  EXPECT_TRUE(passwords[form_.signon_realm][0].skip_zero_click);
+
+  passwords = account_store_->stored_passwords();
+  ASSERT_EQ(1U, passwords.size());
+  ASSERT_EQ(1U, passwords[form_.signon_realm].size());
+  EXPECT_FALSE(passwords[form_.signon_realm][0].skip_zero_click);
+}
+
 TEST_P(CredentialManagerImplTest, IncognitoZeroClickRequestCredential) {
   EXPECT_CALL(*client_, IsIncognito()).WillRepeatedly(testing::Return(true));
   store_->AddLogin(form_);