[Permissions] Creates DevToolsPermissionOverrides.

Creates class for DevTools permission overrides to maintain logic of overrides as they get more complicated. This maintains a mapping from URL (origin only) to PermissionTypes and their corresponding override status. If no override status is defined, the interface indicates this - it is up to the caller to determine what status to give if no override is given. Design doc: go/permission-overrides-refactor Tested: Unit tests. BUG: 986605 Change-Id: I0ec28e08afbcb97fb9e18f8798cf95f8a63f972d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713436 Commit-Queue: Rohan Pavone <rohpavone@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#681372}

[Permissions] Creates DevToolsPermissionOverrides.
Creates class for DevTools permission overrides to maintain logic of overrides as they get more complicated. This maintains a mapping from URL (origin only) to PermissionTypes and their corresponding override status. If no override status is defined, the interface indicates this - it is up to the caller to determine what status to give if no override is given. Design doc: go/permission-overrides-refactor Tested: Unit tests. BUG: 986605 Change-Id: I0ec28e08afbcb97fb9e18f8798cf95f8a63f972d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1713436 Commit-Queue: Rohan Pavone <rohpavone@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#681372}
caa66379 · Rohan Pavone · Commit Bot · 12d66d35 · caa66379 · caa66379
Commit caa66379 authored Jul 26, 2019 by Rohan Pavone Committed by Commit Bot Jul 26, 2019
5 changed files
--- a/content/public/browser/BUILD.gn
+++ b/content/public/browser/BUILD.gn
@@ -138,6 +138,8 @@ jumbo_source_set("browser_sources") {
    "devtools_manager_delegate.cc",
    "devtools_manager_delegate.h",
    "devtools_network_transaction_factory.h",
+    "devtools_permission_overrides.cc",
+    "devtools_permission_overrides.h",
    "devtools_socket_factory.h",
    "dom_storage_context.h",
    "download_item_utils.h",

--- a/content/public/browser/devtools_permission_overrides.cc
+++ b/content/public/browser/devtools_permission_overrides.cc
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/public/browser/devtools_permission_overrides.h"
+
+#include "base/no_destructor.h"
+
+namespace content {
+using PermissionOverrides = DevToolsPermissionOverrides::PermissionOverrides;
+using PermissionStatus = blink::mojom::PermissionStatus;
+
+DevToolsPermissionOverrides::DevToolsPermissionOverrides() = default;
+DevToolsPermissionOverrides::~DevToolsPermissionOverrides() = default;
+DevToolsPermissionOverrides::DevToolsPermissionOverrides(
+    DevToolsPermissionOverrides&& other) = default;
+DevToolsPermissionOverrides& DevToolsPermissionOverrides::operator=(
+    DevToolsPermissionOverrides&& other) = default;
+
+void DevToolsPermissionOverrides::Set(const url::Origin& origin,
+                                      const PermissionType& permission,
+                                      const PermissionStatus status) {
+  overrides_[origin][permission] = status;
+}
+
+base::Optional<PermissionStatus> DevToolsPermissionOverrides::Get(
+    const url::Origin& origin,
+    const PermissionType& type) const {
+  auto current_override = overrides_.find(origin);
+  if (current_override == overrides_.end())
+    return base::nullopt;
+
+  auto new_status = current_override->second.find(type);
+  if (new_status == current_override->second.end())
+    return base::nullopt;
+
+  return base::make_optional(new_status->second);
+}
+
+const PermissionOverrides& DevToolsPermissionOverrides::GetAll(
+    const url::Origin& origin) const {
+  static const base::NoDestructor<PermissionOverrides> empty_overrides;
+  auto it = overrides_.find(origin);
+  if (it == overrides_.end())
+    return *empty_overrides;
+  return it->second;
+}
+
+void DevToolsPermissionOverrides::GrantPermissions(
+    const url::Origin& origin,
+    const std::vector<PermissionType>& permissions) {
+  const std::vector<PermissionType>& kAllPermissionTypes =
+      GetAllPermissionTypes();
+  PermissionOverrides granted_overrides;
+  for (const auto& permission : kAllPermissionTypes)
+    granted_overrides[permission] = PermissionStatus::DENIED;
+  for (const auto& permission : permissions)
+    granted_overrides[permission] = PermissionStatus::GRANTED;
+  Reset(origin);
+  SetAll(origin, granted_overrides);
+}
+
+void DevToolsPermissionOverrides::SetAll(const url::Origin& origin,
+                                         const PermissionOverrides& overrides) {
+  PermissionOverrides& current_override = overrides_[origin];
+  for (const auto& setting : overrides)
+    current_override[setting.first] = setting.second;
+}
+
+}  // namespace content
--- a/content/public/browser/devtools_permission_overrides.h
+++ b/content/public/browser/devtools_permission_overrides.h
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_PUBLIC_BROWSER_DEVTOOLS_PERMISSION_OVERRIDES_H_
+#define CONTENT_PUBLIC_BROWSER_DEVTOOLS_PERMISSION_OVERRIDES_H_
+
+#include <vector>
+
+#include "base/containers/flat_map.h"
+#include "base/optional.h"
+#include "content/common/content_export.h"
+#include "content/public/browser/permission_type.h"
+#include "third_party/blink/public/mojom/permissions/permission_status.mojom.h"
+#include "url/origin.h"
+
+namespace content {
+
+// Maintains permission overrides for each origin.
+class CONTENT_EXPORT DevToolsPermissionOverrides {
+ public:
+  explicit DevToolsPermissionOverrides();
+  ~DevToolsPermissionOverrides();
+  DevToolsPermissionOverrides(DevToolsPermissionOverrides&& other);
+  DevToolsPermissionOverrides& operator=(DevToolsPermissionOverrides&& other);
+
+  DevToolsPermissionOverrides(const DevToolsPermissionOverrides&) = delete;
+  DevToolsPermissionOverrides& operator=(const DevToolsPermissionOverrides&) =
+      delete;
+
+  using PermissionOverrides =
+      base::flat_map<PermissionType, blink::mojom::PermissionStatus>;
+
+  // Set permission override for |permission| at |origin| to |status|.
+  void Set(const url::Origin& origin,
+           const PermissionType& permission,
+           const blink::mojom::PermissionStatus status);
+
+  // Get override for |origin| set for |permission|, if specified.
+  base::Optional<blink::mojom::PermissionStatus> Get(
+      const url::Origin& origin,
+      const PermissionType& permission) const;
+
+  // Get all overrides for particular |origin|, stored in |overrides| if found.
+  // Will return empty overrides if none previously existed.
+  const PermissionOverrides& GetAll(const url::Origin& origin) const;
+
+  // Resets overrides for |origin|.
+  void Reset(const url::Origin& origin) { overrides_.erase(origin); }
+
+  // Sets status for |permissions| to GRANTED in |origin|, and DENIED for all
+  // others.
+  void GrantPermissions(const url::Origin& origin,
+                        const std::vector<PermissionType>& permissions);
+
+ private:
+  // Insert/adds every entry of |overrides| to |origin|'s overrides.
+  void SetAll(const url::Origin& origin, const PermissionOverrides& overrides);
+
+  base::flat_map<url::Origin, PermissionOverrides> overrides_;
+};
+
+}  // namespace content
+
+#endif  // CONTENT_PUBLIC_BROWSER_DEVTOOLS_PERMISSION_OVERRIDES_H_
--- a/content/public/test/devtools_permission_overrides_unittest.cc
+++ b/content/public/test/devtools_permission_overrides_unittest.cc
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/public/browser/devtools_permission_overrides.h"
+
+#include "content/public/browser/permission_type.h"
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "third_party/blink/public/mojom/permissions/permission_status.mojom.h"
+#include "url/gurl.h"
+#include "url/origin.h"
+
+namespace content {
+
+namespace {
+using blink::mojom::PermissionStatus;
+using PermissionOverrides = DevToolsPermissionOverrides::PermissionOverrides;
+using url::Origin;
+
+TEST(DevToolsPermissionOverridesTest, GetOriginNoOverrides) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  EXPECT_FALSE(overrides.Get(url, PermissionType::GEOLOCATION).has_value());
+}
+
+TEST(DevToolsPermissionOverridesTest, GetBasic) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+
+  EXPECT_EQ(*overrides.Get(url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+}
+
+TEST(DevToolsPermissionOverridesTest, GetAllStates) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  // Override some settings.
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+  overrides.Set(url, PermissionType::NOTIFICATIONS, PermissionStatus::DENIED);
+  overrides.Set(url, PermissionType::AUDIO_CAPTURE, PermissionStatus::ASK);
+
+  // Check that overrides are saved for the given url.
+  EXPECT_EQ(*overrides.Get(url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+
+  EXPECT_EQ(*overrides.Get(url, PermissionType::NOTIFICATIONS),
+            PermissionStatus::DENIED);
+
+  EXPECT_EQ(*overrides.Get(url, PermissionType::AUDIO_CAPTURE),
+            PermissionStatus::ASK);
+}
+
+TEST(DevToolsPermissionOverridesTest, GetReturnsNullOptionalIfMissingOverride) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  // Override some settings.
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+  overrides.Set(url, PermissionType::NOTIFICATIONS, PermissionStatus::DENIED);
+  overrides.Set(url, PermissionType::AUDIO_CAPTURE, PermissionStatus::ASK);
+
+  // If type was not overridden, report false.
+  EXPECT_FALSE(overrides.Get(url, PermissionType::BACKGROUND_SYNC).has_value());
+
+  // If URL not overridden, should report false.
+  EXPECT_FALSE(overrides
+                   .Get(Origin::Create(GURL("https://facebook.com/")),
+                        PermissionType::GEOLOCATION)
+                   .has_value());
+}
+
+TEST(DevToolsPermissionOverridesTest, GetAllOverrides) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  // Override some settings.
+  PermissionOverrides expected_override_for_origin;
+  expected_override_for_origin[PermissionType::GEOLOCATION] =
+      PermissionStatus::GRANTED;
+  expected_override_for_origin[PermissionType::NOTIFICATIONS] =
+      PermissionStatus::DENIED;
+  expected_override_for_origin[PermissionType::AUDIO_CAPTURE] =
+      PermissionStatus::ASK;
+
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+  overrides.Set(url, PermissionType::NOTIFICATIONS, PermissionStatus::DENIED);
+  overrides.Set(url, PermissionType::AUDIO_CAPTURE, PermissionStatus::ASK);
+
+  EXPECT_THAT(overrides.GetAll(url), testing::Eq(expected_override_for_origin));
+  EXPECT_THAT(overrides.GetAll(Origin::Create(GURL("https://imgur.com/"))),
+              testing::IsEmpty());
+}
+
+TEST(DevToolsPermissionOverridesTest, SameOriginSameOverrides) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  // Override some settings.
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+  overrides.Set(url, PermissionType::NOTIFICATIONS, PermissionStatus::DENIED);
+  overrides.Set(url, PermissionType::AUDIO_CAPTURE, PermissionStatus::ASK);
+
+  EXPECT_EQ(*overrides.Get(Origin::Create(GURL("https://google.com")),
+                           PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+  EXPECT_EQ(*overrides.Get(Origin::Create(GURL("https://google.com/")),
+                           PermissionType::AUDIO_CAPTURE),
+            PermissionStatus::ASK);
+}
+
+TEST(DevToolsPermissionOverridesTest, DifferentOriginExpectations) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+
+  // Override some settings.
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+
+  // Different origin examples.
+  EXPECT_FALSE(overrides
+                   .Get(Origin::Create(GURL("https://www.google.com")),
+                        PermissionType::GEOLOCATION)
+                   .has_value());
+  EXPECT_FALSE(
+      overrides
+          .Get(Origin::Create(GURL("google.com")), PermissionType::GEOLOCATION)
+          .has_value());
+  EXPECT_FALSE(overrides
+                   .Get(Origin::Create(GURL("http://google.com")),
+                        PermissionType::GEOLOCATION)
+                   .has_value());
+}
+
+TEST(DevToolsPermissionOverridesTest, DifferentOriginsDifferentOverrides) {
+  DevToolsPermissionOverrides overrides;
+  Origin first_url = Origin::Create(GURL("https://google.com/search?q=foo"));
+  Origin second_url = Origin::Create(GURL("https://tumblr.com/fizz_buzz"));
+
+  // Override some settings.
+  overrides.Set(first_url, PermissionType::GEOLOCATION,
+                PermissionStatus::GRANTED);
+  overrides.Set(second_url, PermissionType::NOTIFICATIONS,
+                PermissionStatus::ASK);
+
+  // Origins do not interfere.
+  EXPECT_EQ(*overrides.Get(first_url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+  EXPECT_FALSE(
+      overrides.Get(first_url, PermissionType::NOTIFICATIONS).has_value());
+  EXPECT_EQ(overrides.Get(second_url, PermissionType::NOTIFICATIONS),
+            PermissionStatus::ASK);
+  EXPECT_FALSE(
+      overrides.Get(second_url, PermissionType::GEOLOCATION).has_value());
+}
+
+TEST(DevToolsPermissionOverridesTest, ResetOneOrigin) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=foo"));
+  Origin other_url = Origin::Create(GURL("https://pinterest.com/index.php"));
+
+  overrides.Set(url, PermissionType::GEOLOCATION, PermissionStatus::GRANTED);
+  overrides.Set(other_url, PermissionType::GEOLOCATION,
+                PermissionStatus::GRANTED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+  EXPECT_EQ(*overrides.Get(other_url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+
+  overrides.Reset(url);
+  EXPECT_FALSE(overrides.Get(url, PermissionType::GEOLOCATION).has_value());
+  EXPECT_EQ(*overrides.Get(other_url, PermissionType::GEOLOCATION),
+            PermissionStatus::GRANTED);
+}
+
+TEST(DevToolsPermissionOverridesTest, GrantPermissionsSetsSomeBlocksRest) {
+  DevToolsPermissionOverrides overrides;
+  Origin url = Origin::Create(GURL("https://google.com/search?q=all"));
+
+  overrides.GrantPermissions(
+      url, {PermissionType::BACKGROUND_SYNC, PermissionType::BACKGROUND_FETCH,
+            PermissionType::NOTIFICATIONS});
+
+  // All other types should be blocked - will test a set of them.
+  EXPECT_EQ(*overrides.Get(url, PermissionType::GEOLOCATION),
+            PermissionStatus::DENIED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::AUDIO_CAPTURE),
+            PermissionStatus::DENIED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::MIDI_SYSEX),
+            PermissionStatus::DENIED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::CLIPBOARD_READ),
+            PermissionStatus::DENIED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::WAKE_LOCK_SYSTEM),
+            PermissionStatus::DENIED);
+
+  // Specified types are granted.
+  EXPECT_EQ(*overrides.Get(url, PermissionType::NOTIFICATIONS),
+            PermissionStatus::GRANTED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::BACKGROUND_SYNC),
+            PermissionStatus::GRANTED);
+  EXPECT_EQ(*overrides.Get(url, PermissionType::BACKGROUND_FETCH),
+            PermissionStatus::GRANTED);
+}
+
+}  // namespace
+}  // namespace content
--- a/content/test/BUILD.gn
+++ b/content/test/BUILD.gn
@@ -1892,6 +1892,7 @@ test("content_unittests") {
    # TODO(jam): move these network/ tests to services/network.
    "../public/common/drop_data_unittest.cc",
    "../public/common/url_utils_unittest.cc",
+    "../public/test/devtools_permission_overrides_unittest.cc",
    "../public/test/no_renderer_crashes_assertion_unittest.cc",
    "../public/test/permission_type_unittest.cc",
    "../public/test/referrer_unittest.cc",