Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Side by Side Diff: chrome/browser/media/protected_media_identifier_permission_context.cc

Issue 1001723002: media: Refactor PlatformVerificationFlow. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: comments addressed Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/media/protected_media_identifier_permission_context.h" 5 #include "chrome/browser/media/protected_media_identifier_permission_context.h"
6 6
7 #include "base/prefs/pref_service.h" 7 #include "base/prefs/pref_service.h"
8 #include "chrome/browser/content_settings/tab_specific_content_settings.h" 8 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
9 #include "chrome/browser/profiles/profile.h" 9 #include "chrome/browser/profiles/profile.h"
10 #include "chrome/common/pref_names.h" 10 #include "chrome/common/pref_names.h"
11 #include "components/content_settings/core/common/permission_request_id.h" 11 #include "components/content_settings/core/common/permission_request_id.h"
12 #include "content/public/browser/browser_thread.h" 12 #include "content/public/browser/browser_thread.h"
13 #include "content/public/browser/user_metrics.h"
13 #include "content/public/browser/web_contents.h" 14 #include "content/public/browser/web_contents.h"
14 15
15 #if defined(OS_CHROMEOS) 16 #if defined(OS_CHROMEOS)
16 #include <utility> 17 #include <utility>
17 18
18 #include "chrome/browser/chromeos/attestation/platform_verification_dialog.h" 19 #include "chrome/browser/chromeos/attestation/platform_verification_dialog.h"
19 #include "chrome/browser/chromeos/settings/cros_settings.h" 20 #include "chrome/browser/chromeos/settings/cros_settings.h"
20 #include "chromeos/settings/cros_settings_names.h" 21 #include "chromeos/settings/cros_settings_names.h"
22 #include "components/pref_registry/pref_registry_syncable.h"
23 #include "components/user_prefs/user_prefs.h"
21 #include "ui/views/widget/widget.h" 24 #include "ui/views/widget/widget.h"
22 25
23 using chromeos::attestation::PlatformVerificationDialog; 26 using chromeos::attestation::PlatformVerificationDialog;
24 using chromeos::attestation::PlatformVerificationFlow;
25 #endif 27 #endif
26 28
27 ProtectedMediaIdentifierPermissionContext:: 29 ProtectedMediaIdentifierPermissionContext::
28 ProtectedMediaIdentifierPermissionContext(Profile* profile) 30 ProtectedMediaIdentifierPermissionContext(Profile* profile)
29 : PermissionContextBase(profile, 31 : PermissionContextBase(profile,
30 CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER) 32 CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER)
31 #if defined(OS_CHROMEOS) 33 #if defined(OS_CHROMEOS)
32 , 34 ,
33 weak_factory_(this) 35 weak_factory_(this)
34 #endif 36 #endif
35 { 37 {
36 } 38 }
37 39
38 ProtectedMediaIdentifierPermissionContext:: 40 ProtectedMediaIdentifierPermissionContext::
39 ~ProtectedMediaIdentifierPermissionContext() { 41 ~ProtectedMediaIdentifierPermissionContext() {
40 } 42 }
41 43
44 #if defined(OS_CHROMEOS)
45 // static
46 void ProtectedMediaIdentifierPermissionContext::RegisterProfilePrefs(
47 user_prefs::PrefRegistrySyncable* prefs) {
48 prefs->RegisterBooleanPref(prefs::kRAConsentGranted,
49 false, // Default value.
50 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
51 }
52 #endif
53
42 void ProtectedMediaIdentifierPermissionContext::RequestPermission( 54 void ProtectedMediaIdentifierPermissionContext::RequestPermission(
43 content::WebContents* web_contents, 55 content::WebContents* web_contents,
44 const PermissionRequestID& id, 56 const PermissionRequestID& id,
45 const GURL& requesting_origin, 57 const GURL& requesting_origin,
46 bool user_gesture, 58 bool user_gesture,
47 const BrowserPermissionCallback& callback) { 59 const BrowserPermissionCallback& callback) {
48 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); 60 DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
49 61
50 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin(); 62 GURL embedding_origin = web_contents->GetLastCommittedURL().GetOrigin();
51 63
52 if (!requesting_origin.is_valid() || !embedding_origin.is_valid() || 64 DVLOG(1) << __FUNCTION__ << ": (" << requesting_origin.spec() << ", "
53 !IsProtectedMediaIdentifierEnabled()) { 65 << embedding_origin.spec() << ")";
54 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
55 false /* persist */, CONTENT_SETTING_BLOCK);
56 return;
57 }
58 66
59 #if defined(OS_CHROMEOS)
60 // On ChromeOS, we don't use PermissionContextBase::RequestPermission() which
61 // uses the standard permission infobar/bubble UI. See http://crbug.com/454847
62 // Instead, we check the content setting and show the existing platform
63 // verification UI.
64 // TODO(xhwang): Remove when http://crbug.com/454847 is fixed.
65 ContentSetting content_setting = 67 ContentSetting content_setting =
66 GetPermissionStatus(requesting_origin, embedding_origin); 68 GetPermissionStatus(requesting_origin, embedding_origin);
67 69
68 if (content_setting == CONTENT_SETTING_ALLOW || 70 if (content_setting == CONTENT_SETTING_ALLOW ||
69 content_setting == CONTENT_SETTING_BLOCK) { 71 content_setting == CONTENT_SETTING_BLOCK) {
70 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, 72 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback,
71 false /* persist */, content_setting); 73 false /* persist */, content_setting);
72 return; 74 return;
73 } 75 }
74 76
77 DCHECK_EQ(CONTENT_SETTING_ASK, content_setting);
78
79 #if defined(OS_CHROMEOS)
75 // Since the dialog is modal, we only support one prompt per |web_contents|. 80 // Since the dialog is modal, we only support one prompt per |web_contents|.
76 // Reject the new one if there is already one pending. See 81 // Reject the new one if there is already one pending. See
77 // http://crbug.com/447005 82 // http://crbug.com/447005
78 if (pending_requests_.count(web_contents)) { 83 if (pending_requests_.count(web_contents)) {
79 callback.Run(CONTENT_SETTING_DEFAULT); 84 callback.Run(CONTENT_SETTING_ASK);
ddorwin 2015/03/13 22:11:52 What happens when we return ASK? Does it block, re
xhwang 2015/03/13 22:18:56 I talked to bauberb@. CONTENT_SETTING_DEFAULT mean
80 return; 85 return;
81 } 86 }
82 87
88 // On ChromeOS, we don't use PermissionContextBase::RequestPermission() which
89 // uses the standard permission infobar/bubble UI. See http://crbug.com/454847
90 // Instead, we show the existing platform verification UI.
91 // TODO(xhwang): Remove when http://crbug.com/454847 is fixed.
83 views::Widget* widget = PlatformVerificationDialog::ShowDialog( 92 views::Widget* widget = PlatformVerificationDialog::ShowDialog(
84 web_contents, requesting_origin, 93 web_contents, requesting_origin,
85 base::Bind(&ProtectedMediaIdentifierPermissionContext:: 94 base::Bind(&ProtectedMediaIdentifierPermissionContext::
86 OnPlatformVerificationResult, 95 OnPlatformVerificationConsentResponse,
87 weak_factory_.GetWeakPtr(), web_contents, id, 96 weak_factory_.GetWeakPtr(), web_contents, id,
88 requesting_origin, embedding_origin, callback)); 97 requesting_origin, embedding_origin, callback));
89 pending_requests_.insert( 98 pending_requests_.insert(
90 std::make_pair(web_contents, std::make_pair(widget, id))); 99 std::make_pair(web_contents, std::make_pair(widget, id)));
91 #else 100 #else
92 PermissionContextBase::RequestPermission(web_contents, id, requesting_origin, 101 PermissionContextBase::RequestPermission(web_contents, id, requesting_origin,
93 user_gesture, callback); 102 user_gesture, callback);
94 #endif 103 #endif
95 } 104 }
96 105
97 ContentSetting ProtectedMediaIdentifierPermissionContext::GetPermissionStatus( 106 ContentSetting ProtectedMediaIdentifierPermissionContext::GetPermissionStatus(
98 const GURL& requesting_origin, 107 const GURL& requesting_origin,
99 const GURL& embedding_origin) const { 108 const GURL& embedding_origin) const {
100 if (!IsProtectedMediaIdentifierEnabled()) 109 DVLOG(1) << __FUNCTION__ << ": (" << requesting_origin.spec() << ", "
110 << embedding_origin.spec() << ")";
111
112 if (!requesting_origin.is_valid() || !embedding_origin.is_valid() ||
113 !IsProtectedMediaIdentifierEnabled()) {
101 return CONTENT_SETTING_BLOCK; 114 return CONTENT_SETTING_BLOCK;
115 }
102 116
103 return PermissionContextBase::GetPermissionStatus(requesting_origin, 117 ContentSetting content_setting = PermissionContextBase::GetPermissionStatus(
104 embedding_origin); 118 requesting_origin, embedding_origin);
119 DCHECK(content_setting == CONTENT_SETTING_ALLOW ||
120 content_setting == CONTENT_SETTING_BLOCK ||
121 content_setting == CONTENT_SETTING_ASK);
122
123 #if defined(OS_CHROMEOS)
124 if (content_setting == CONTENT_SETTING_ALLOW) {
125 // Check kRAConsentGranted here because it's possible that user dismissed
126 // the dialog triggered by RequestPermission() and the content setting is
127 // set to "allow" by server sync. In this case, we should still "ask".
128 if (profile()->GetPrefs()->GetBoolean(prefs::kRAConsentGranted))
129 return CONTENT_SETTING_ALLOW;
130 else
131 return CONTENT_SETTING_ASK;
132 }
133 #endif
134
135 return content_setting;
105 } 136 }
106 137
107 void ProtectedMediaIdentifierPermissionContext::CancelPermissionRequest( 138 void ProtectedMediaIdentifierPermissionContext::CancelPermissionRequest(
108 content::WebContents* web_contents, 139 content::WebContents* web_contents,
109 const PermissionRequestID& id) { 140 const PermissionRequestID& id) {
110 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); 141 DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
111 142
112 #if defined(OS_CHROMEOS) 143 #if defined(OS_CHROMEOS)
113 PendingRequestMap::iterator request = pending_requests_.find(web_contents); 144 PendingRequestMap::iterator request = pending_requests_.find(web_contents);
114 if (request == pending_requests_.end() || !request->second.second.Equals(id)) 145 if (request == pending_requests_.end() || !request->second.second.Equals(id))
115 return; 146 return;
116 147
117 // Close the |widget_|. OnPlatformVerificationResult() will be fired 148 // Close the |widget_|. OnPlatformVerificationConsentResponse() will be fired
118 // during this process, but since |web_contents| is removed from 149 // during this process, but since |web_contents| is removed from
119 // |pending_requests_|, the callback will simply be dropped. 150 // |pending_requests_|, the callback will simply be dropped.
120 views::Widget* widget = request->second.first; 151 views::Widget* widget = request->second.first;
121 pending_requests_.erase(request); 152 pending_requests_.erase(request);
122 widget->Close(); 153 widget->Close();
123 #else 154 #else
124 PermissionContextBase::CancelPermissionRequest(web_contents, id); 155 PermissionContextBase::CancelPermissionRequest(web_contents, id);
125 #endif 156 #endif
126 } 157 }
127 158
(...skipping 10 matching lines...) Expand all
138 if (content_settings) { 169 if (content_settings) {
139 content_settings->OnProtectedMediaIdentifierPermissionSet( 170 content_settings->OnProtectedMediaIdentifierPermissionSet(
140 requesting_frame.GetOrigin(), allowed); 171 requesting_frame.GetOrigin(), allowed);
141 } 172 }
142 } 173 }
143 174
144 // TODO(xhwang): We should consolidate the "protected content" related pref 175 // TODO(xhwang): We should consolidate the "protected content" related pref
145 // across platforms. 176 // across platforms.
146 bool ProtectedMediaIdentifierPermissionContext:: 177 bool ProtectedMediaIdentifierPermissionContext::
147 IsProtectedMediaIdentifierEnabled() const { 178 IsProtectedMediaIdentifierEnabled() const {
148 bool enabled = false; 179 #if defined(OS_ANDROID)
180 if (!profile()->GetPrefs()->GetBoolean(
181 prefs::kProtectedMediaIdentifierEnabled)) {
182 DVLOG(1) << "Protected media identifier disabled by a user master switch.";
183 return false;
184 }
185 #elif defined(OS_CHROMEOS)
186 // Platform verification is not allowed in incognito or guest mode.
187 if (profile()->IsOffTheRecord() || profile()->IsGuestSession()) {
188 DVLOG(1) << "Protected media identifier disabled in incognito or guest "
189 "mode.";
190 return false;
191 }
149 192
150 #if defined(OS_ANDROID) 193 // This could be disabled by the device policy or by user's master switch.
151 enabled = profile()->GetPrefs()->GetBoolean( 194 bool enabled_for_device = false;
152 prefs::kProtectedMediaIdentifierEnabled); 195 if (!chromeos::CrosSettings::Get()->GetBoolean(
196 chromeos::kAttestationForContentProtectionEnabled,
197 &enabled_for_device) ||
198 !enabled_for_device ||
199 !profile()->GetPrefs()->GetBoolean(prefs::kEnableDRM)) {
200 DVLOG(1) << "Protected media identifier disabled by the user or by device "
201 "policy.";
202 return false;
203 }
153 #endif 204 #endif
154 205
155 #if defined(OS_CHROMEOS) 206 return true;
156 // This could be disabled by the device policy.
157 bool enabled_for_device = false;
158 enabled = chromeos::CrosSettings::Get()->GetBoolean(
159 chromeos::kAttestationForContentProtectionEnabled,
160 &enabled_for_device) &&
161 enabled_for_device &&
162 profile()->GetPrefs()->GetBoolean(prefs::kEnableDRM);
163 #endif
164
165 DVLOG_IF(1, !enabled)
166 << "Protected media identifier disabled by the user or by device policy.";
167 return enabled;
168 } 207 }
169 208
170 #if defined(OS_CHROMEOS) 209 #if defined(OS_CHROMEOS)
171 void ProtectedMediaIdentifierPermissionContext::OnPlatformVerificationResult( 210 static void RecordRAConsentGranted(content::WebContents* web_contents) {
172 content::WebContents* web_contents, 211 PrefService* pref_service =
173 const PermissionRequestID& id, 212 user_prefs::UserPrefs::Get(web_contents->GetBrowserContext());
174 const GURL& requesting_origin, 213 if (!pref_service) {
175 const GURL& embedding_origin, 214 LOG(ERROR) << "Failed to get user prefs.";
176 const BrowserPermissionCallback& callback, 215 return;
177 chromeos::attestation::PlatformVerificationFlow::ConsentResponse response) { 216 }
217 pref_service->SetBoolean(prefs::kRAConsentGranted, true);
218 }
219
220 void ProtectedMediaIdentifierPermissionContext::
221 OnPlatformVerificationConsentResponse(
222 content::WebContents* web_contents,
223 const PermissionRequestID& id,
224 const GURL& requesting_origin,
225 const GURL& embedding_origin,
226 const BrowserPermissionCallback& callback,
227 chromeos::attestation::PlatformVerificationDialog::ConsentResponse
228 response) {
178 // The request may have been canceled. Drop the callback in that case. 229 // The request may have been canceled. Drop the callback in that case.
179 PendingRequestMap::iterator request = pending_requests_.find(web_contents); 230 PendingRequestMap::iterator request = pending_requests_.find(web_contents);
180 if (request == pending_requests_.end()) 231 if (request == pending_requests_.end())
181 return; 232 return;
182 233
183 DCHECK(request->second.second.Equals(id)); 234 DCHECK(request->second.second.Equals(id));
184 pending_requests_.erase(request); 235 pending_requests_.erase(request);
185 236
186 ContentSetting content_setting = CONTENT_SETTING_DEFAULT; 237 ContentSetting content_setting = CONTENT_SETTING_ASK;
187 bool persist = false; // Whether the ContentSetting should be saved. 238 bool persist = false; // Whether the ContentSetting should be saved.
188 switch (response) { 239 switch (response) {
189 case PlatformVerificationFlow::CONSENT_RESPONSE_NONE: 240 case PlatformVerificationDialog::CONSENT_RESPONSE_NONE:
190 content_setting = CONTENT_SETTING_DEFAULT; 241 content_setting = CONTENT_SETTING_ASK;
191 persist = false; 242 persist = false;
192 break; 243 break;
193 case PlatformVerificationFlow::CONSENT_RESPONSE_ALLOW: 244 case PlatformVerificationDialog::CONSENT_RESPONSE_ALLOW:
245 VLOG(1) << "Platform verification accepted by user.";
246 content::RecordAction(
247 base::UserMetricsAction("PlatformVerificationAccepted"));
248 RecordRAConsentGranted(web_contents);
194 content_setting = CONTENT_SETTING_ALLOW; 249 content_setting = CONTENT_SETTING_ALLOW;
195 persist = true; 250 persist = true;
196 break; 251 break;
197 case PlatformVerificationFlow::CONSENT_RESPONSE_DENY: 252 case PlatformVerificationDialog::CONSENT_RESPONSE_DENY:
253 VLOG(1) << "Platform verification denied by user.";
254 content::RecordAction(
255 base::UserMetricsAction("PlatformVerificationRejected"));
198 content_setting = CONTENT_SETTING_BLOCK; 256 content_setting = CONTENT_SETTING_BLOCK;
199 persist = true; 257 persist = true;
200 break; 258 break;
201 } 259 }
202 260
203 NotifyPermissionSet( 261 NotifyPermissionSet(
204 id, requesting_origin, embedding_origin, callback, 262 id, requesting_origin, embedding_origin, callback,
205 persist, content_setting); 263 persist, content_setting);
206 } 264 }
207 #endif 265 #endif
OLDNEW
« no previous file with comments | « chrome/browser/media/protected_media_identifier_permission_context.h ('k') | chrome/browser/prefs/browser_prefs.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698