Refactor connection_security into SecurityStateModel

chrome/browser/ui/browser.cc

Index: chrome/browser/ui/browser.cc
diff --git a/chrome/browser/ui/browser.cc b/chrome/browser/ui/browser.cc
index 5ad781c63e1c0d52ad5d5abeda232e7c3ee7c987..35939447085023b28c87a5653203a9853f564f07 100644
--- a/chrome/browser/ui/browser.cc
+++ b/chrome/browser/ui/browser.cc
@@ -77,6 +77,7 @@
 #include "chrome/browser/sessions/session_tab_helper.h"
 #include "chrome/browser/sessions/tab_restore_service.h"
 #include "chrome/browser/sessions/tab_restore_service_factory.h"
+#include "chrome/browser/ssl/security_state_model.h"
 #include "chrome/browser/sync/profile_sync_service.h"
 #include "chrome/browser/sync/profile_sync_service_factory.h"
 #include "chrome/browser/sync/sync_ui_util.h"
@@ -254,6 +255,28 @@ bool IsFastTabUnloadEnabled() {
       switches::kEnableFastUnload);
 }
 
+// Note: This is a lossy operation. Not all of the policies that can be
+// expressed by a SecurityLevel (a //chrome concept) can be expressed by
+// a content::SecurityStyle.
+content::SecurityStyle SecurityLevelToSecurityStyle(
+    SecurityStateModel::SecurityLevel security_level) {
+  switch (security_level) {
+    case SecurityStateModel::NONE:
+      return content::SECURITY_STYLE_UNAUTHENTICATED;
+    case SecurityStateModel::SECURITY_WARNING:
+    case SecurityStateModel::SECURITY_POLICY_WARNING:
+      return content::SECURITY_STYLE_WARNING;
+    case SecurityStateModel::EV_SECURE:
+    case SecurityStateModel::SECURE:
+      return content::SECURITY_STYLE_AUTHENTICATED;
+    case SecurityStateModel::SECURITY_ERROR:
+      return content::SECURITY_STYLE_AUTHENTICATION_BROKEN;
+  }
+
+  NOTREACHED();
+  return content::SECURITY_STYLE_UNKNOWN;
+}
+
 }  // namespace
 
 ////////////////////////////////////////////////////////////////////////////////
@@ -1296,14 +1319,18 @@ bool Browser::CanDragEnter(content::WebContents* source,
 content::SecurityStyle Browser::GetSecurityStyle(
     WebContents* web_contents,
     content::SecurityStyleExplanations* security_style_explanations) {
-  connection_security::SecurityInfo security_info;
-  connection_security::GetSecurityInfoForWebContents(web_contents,
-                                                     &security_info);
+  SecurityStateModel* model = SecurityStateModel::FromWebContents(web_contents);
+  DCHECK(model);
+  const SecurityStateModel::SecurityInfo& security_info =
+      model->security_info();
+
+  const content::SecurityStyle security_style =
+      SecurityLevelToSecurityStyle(security_info.security_level);
 
   security_style_explanations->ran_insecure_content_style =
-      connection_security::kRanInsecureContentStyle;
+      SecurityStateModel::kRanInsecureContentStyle;
   security_style_explanations->displayed_insecure_content_style =
-      connection_security::kDisplayedInsecureContentStyle;
+      SecurityStateModel::kDisplayedInsecureContentStyle;
 
   // Check if the page is HTTP; if so, no explanations are needed. Note
   // that SECURITY_STYLE_UNAUTHENTICATED does not necessarily mean that
@@ -1314,19 +1341,18 @@ content::SecurityStyle Browser::GetSecurityStyle(
   // algorithms with the same UI treatment as HTTP pages).
   security_style_explanations->scheme_is_cryptographic =
       security_info.scheme_is_cryptographic;
-  if (!security_info.scheme_is_cryptographic ||
-      security_info.security_style == content::SECURITY_STYLE_UNKNOWN) {
-    return security_info.security_style;
+  if (!security_info.scheme_is_cryptographic) {
+    return security_style;
   }
 
   if (security_info.sha1_deprecation_status ==
-      connection_security::DEPRECATED_SHA1_BROKEN) {
+      SecurityStateModel::DEPRECATED_SHA1_BROKEN) {
     security_style_explanations->broken_explanations.push_back(
         content::SecurityStyleExplanation(
             l10n_util::GetStringUTF8(IDS_BROKEN_SHA1),
             l10n_util::GetStringUTF8(IDS_BROKEN_SHA1_DESCRIPTION)));
   } else if (security_info.sha1_deprecation_status ==
-             connection_security::DEPRECATED_SHA1_WARNING) {
+             SecurityStateModel::DEPRECATED_SHA1_WARNING) {
     security_style_explanations->warning_explanations.push_back(
         content::SecurityStyleExplanation(
             l10n_util::GetStringUTF8(IDS_WARNING_SHA1),
@@ -1335,14 +1361,14 @@ content::SecurityStyle Browser::GetSecurityStyle(
 
   security_style_explanations->ran_insecure_content =
       security_info.mixed_content_status ==
-          connection_security::RAN_MIXED_CONTENT ||
+          SecurityStateModel::RAN_MIXED_CONTENT ||
       security_info.mixed_content_status ==
-          connection_security::RAN_AND_DISPLAYED_MIXED_CONTENT;
+          SecurityStateModel::RAN_AND_DISPLAYED_MIXED_CONTENT;
   security_style_explanations->displayed_insecure_content =
       security_info.mixed_content_status ==
-          connection_security::DISPLAYED_MIXED_CONTENT ||
+          SecurityStateModel::DISPLAYED_MIXED_CONTENT ||
       security_info.mixed_content_status ==
-          connection_security::RAN_AND_DISPLAYED_MIXED_CONTENT;
+          SecurityStateModel::RAN_AND_DISPLAYED_MIXED_CONTENT;
 
   if (net::IsCertStatusError(security_info.cert_status)) {
     base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(
@@ -1362,7 +1388,7 @@ content::SecurityStyle Browser::GetSecurityStyle(
     // deprecated SHA1, then add an explanation that the certificate is
     // valid.
     if (security_info.sha1_deprecation_status ==
-        connection_security::NO_DEPRECATED_SHA1) {
+        SecurityStateModel::NO_DEPRECATED_SHA1) {
       security_style_explanations->secure_explanations.push_back(
           content::SecurityStyleExplanation(
               l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE),
@@ -1371,7 +1397,7 @@ content::SecurityStyle Browser::GetSecurityStyle(
     }
   }
 
-  return security_info.security_style;
+  return security_style;
 }
 
 bool Browser::IsMouseLocked() const {
@@ -1472,10 +1498,18 @@ void Browser::NavigationStateChanged(WebContents* source,
     hosted_app_controller_->UpdateLocationBarVisibility(true);
 }
 
-void Browser::VisibleSSLStateChanged(const WebContents* source) {
+void Browser::VisibleSSLStateChanged(WebContents* source) {
   // When the current tab's SSL state changes, we need to update the URL
   // bar to reflect the new state.
   DCHECK(source);
+
+  // Notify the model that the security state has changed, so that the
+  // URL bar updates with up-to-date data computed by the model.
+  SecurityStateModel::CreateForWebContents(source);

[Avi (use Gerrit), 2015/09/03 22:57:36]

Why are you creating it here? We probably want one of these things on all the
tabs of a Browser, so create it along with all the other tab helpers in
tab_helpers.cc.

[estark, 2015/09/03 23:16:40]

Done.

+  SecurityStateModel* model = SecurityStateModel::FromWebContents(source);
+  DCHECK(model);
+  model->SecurityStateChanged();
+
   if (tab_strip_model_->GetActiveWebContents() == source)
     UpdateToolbar(false);
 }