Allow Real Time Url Checks for Enhanced Protection

Real time url checks are currently allowed for MBB
users. Real time url checks with tokens are allowed
for only users with MBB and sync enabled. Now, users
will only have to enabled enhanced protection to get
real time url check with or without tokens.

Bug: 1059994
Change-Id: I470ed7396dbc16fa95ebb3d44699f41f0c0e09c5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2095917
Commit-Queue: Bettina Dea <bdea@chromium.org>
Reviewed-by: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Cr-Commit-Position: refs/heads/master@{#749002}

components/safe_browsing/core/realtime/policy_engine.cc

@@ -56,7 +56,9 @@ bool RealTimePolicyEngine::IsUrlLookupEnabled() {
 // static
 bool RealTimePolicyEngine::IsUserOptedIn(PrefService* pref_service) {
   return pref_service->GetBoolean(
-      unified_consent::prefs::kUrlKeyedAnonymizedDataCollectionEnabled);
+             unified_consent::prefs::
+                 kUrlKeyedAnonymizedDataCollectionEnabled) ||
+         IsEnhancedProtectionEnabled(*pref_service);
 }
 
 // static
@@ -90,6 +92,9 @@ bool RealTimePolicyEngine::CanPerformFullURLLookupWithToken(
     return false;
   }
 
+  if (IsEnhancedProtectionEnabled(*pref_service)) {
+    return true;
+  }
   // |sync_service| can be null in Incognito, and also be set to null by a
   // cmdline param.
   if (!sync_service) {

components/safe_browsing/core/realtime/policy_engine.h

@@ -62,7 +62,7 @@ class RealTimePolicyEngine {
   // Is the feature to perform real-time URL lookup enabled?
   static bool IsUrlLookupEnabled();
 
-  // Is user opted-in to the feature?
+  // Whether the user has opted-in to MBB or Enhanced Protection.
   static bool IsUserOptedIn(PrefService* pref_service);
 
   // Is the feature enabled due to enterprise policy?

components/safe_browsing/core/realtime/policy_engine_unittest.cc

@@ -151,6 +151,15 @@ TEST_F(RealTimePolicyEngineTest, TestCanPerformFullURLLookup_EnabledUserOptin) {
   ASSERT_TRUE(IsUserOptedIn());
 }
 
+TEST_F(RealTimePolicyEngineTest,
+       TestCanPerformFullURLLookup_EnhancedProtection) {
+  base::test::ScopedFeatureList feature_list;
+  pref_service_.SetBoolean(prefs::kSafeBrowsingEnhanced, true);
+  ASSERT_FALSE(IsUserOptedIn());
+  feature_list.InitAndEnableFeature(kEnhancedProtection);
+  ASSERT_TRUE(IsUserOptedIn());
+}
+
 TEST_F(RealTimePolicyEngineTest,
        TestCanPerformFullURLLookupWithToken_SyncControlled) {
   base::test::ScopedFeatureList feature_list;
@@ -182,11 +191,6 @@ TEST_F(RealTimePolicyEngineTest,
   EXPECT_FALSE(CanPerformFullURLLookupWithToken(/* is_off_the_record */ false,
                                                 &sync_service));
 
-  // Sync is enabled.
-  sync_service.SetDisableReasons({});
-  sync_service.SetTransportState(syncer::SyncService::TransportState::ACTIVE);
-  EXPECT_TRUE(CanPerformFullURLLookupWithToken(/* is_off_the_record */ false,
-                                               &sync_service));
 
   // History sync is disabled.
   sync_service.GetUserSettings()->SetSelectedTypes(
@@ -202,6 +206,43 @@ TEST_F(RealTimePolicyEngineTest,
                                                 &sync_service));
 }
 
+TEST_F(RealTimePolicyEngineTest,
+       TestCanPerformFullURLLookupWithToken_EnhancedProtection) {
+  base::test::ScopedFeatureList feature_list;
+#if defined(OS_ANDROID)
+  int system_memory_size = base::SysInfo::AmountOfPhysicalMemoryMB();
+  int memory_size_lower_threshold = system_memory_size - 1;
+  feature_list.InitWithFeaturesAndParameters(
+      /* enabled_features */ {{kRealTimeUrlLookupEnabled,
+                               {{kRealTimeUrlLookupMemoryLowerThresholdMb,
+                                 base::NumberToString(
+                                     memory_size_lower_threshold)}}},
+                              {kRealTimeUrlLookupEnabledWithToken, {}},
+                              {kEnhancedProtection, {}}},
+      /* disabled_features */ {});
+#else
+  feature_list.InitWithFeatures(
+      /* enabled_features */ {kRealTimeUrlLookupEnabled,
+                              kRealTimeUrlLookupEnabledWithToken,
+                              kEnhancedProtection},
+      /* disabled_features */ {});
+#endif
+  syncer::TestSyncService sync_service;
+  // Only enhanced protection is on.
+  pref_service_.SetBoolean(prefs::kSafeBrowsingEnhanced, true);
+  EXPECT_TRUE(CanPerformFullURLLookupWithToken(/* is_off_the_record */ false,
+                                               &sync_service));
+
+  // Sync and history sync is disabled but enhanced protection is enabled.
+  sync_service.SetDisableReasons(
+      {syncer::SyncService::DISABLE_REASON_USER_CHOICE});
+  sync_service.SetTransportState(syncer::SyncService::TransportState::DISABLED);
+  sync_service.GetUserSettings()->SetSelectedTypes(
+      /* sync_everything */ false, {});
+  EXPECT_TRUE(CanPerformFullURLLookupWithToken(/*is_off_the_record=*/false,
+                                               &sync_service));
+}
+
 TEST_F(RealTimePolicyEngineTest,
        TestCanPerformFullURLLookup_EnabledMainFrameOnly) {
   for (int i = 0; i <= static_cast<int>(ResourceType::kMaxValue); i++) {