[SafeBrowsing] Conditionalize unverified download blocking on whitelist.

chrome/test/ppapi/ppapi_filechooser_browsertest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/files/file_util.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/thread_task_runner_handle.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/test/ppapi/ppapi_test.h"
 #include "ppapi/shared_impl/test_utils.h"
 #include "ui/shell_dialogs/select_file_dialog.h"
 #include "ui/shell_dialogs/select_file_dialog_factory.h"
 #include "ui/shell_dialogs/selected_file_info.h"
 
+#if defined(FULL_SAFE_BROWSING)
+#include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/browser/safe_browsing/test_database_manager.h"
+#endif
+
 namespace {
 
 class TestSelectFileDialogFactory final : public ui::SelectFileDialogFactory {
  public:
   using SelectedFileInfoList = std::vector<ui::SelectedFileInfo>;
 
   enum Mode {
     RESPOND_WITH_FILE_LIST,
     CANCEL,
     REPLACE_BASENAME,
@@ skipping 177 matching lines @@
 }
 
 IN_PROC_BROWSER_TEST_F(PPAPIFileChooserTest, FileChooser_SaveAs_Cancel) {
   TestSelectFileDialogFactory test_dialog_factory(
       TestSelectFileDialogFactory::CANCEL,
       TestSelectFileDialogFactory::SelectedFileInfoList());
   RunTestViaHTTP("FileChooser_SaveAsCancel");
 }
 
 #if defined(FULL_SAFE_BROWSING)
-// These two tests only make sense when SafeBrowsing is enabled. They verify
+// These tests only make sense when SafeBrowsing is enabled. They verify
 // that files written via the FileChooser_Trusted API are properly passed
 // through Safe Browsing.
 
 IN_PROC_BROWSER_TEST_F(PPAPIFileChooserTest,
                        FileChooser_SaveAs_DangerousExecutable_Allowed) {
   base::CommandLine::ForCurrentProcess()->AppendSwitch(
       switches::kAllowUncheckedDangerousDownloads);
   base::ScopedTempDir temp_dir;
   ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
   base::FilePath suggested_filename = temp_dir.path().AppendASCII("foo");
@@ skipping 16 matching lines @@
 IN_PROC_BROWSER_TEST_F(PPAPIFileChooserTest,
                        FileChooser_SaveAs_DangerousExecutable_Disallowed) {
   base::CommandLine::ForCurrentProcess()->AppendSwitch(
       switches::kDisallowUncheckedDangerousDownloads);
   TestSelectFileDialogFactory test_dialog_factory(
       TestSelectFileDialogFactory::NOT_REACHED,
       TestSelectFileDialogFactory::SelectedFileInfoList());
   RunTestViaHTTP("FileChooser_SaveAsDangerousExecutableDisallowed");
 }
 
+namespace {

[bbudge, 2015/10/28 00:13:20]

Can these classes be moved to the first anonymous namespace above?

[asanka, 2015/10/28 14:10:04]

Done.

+
+class FakeDatabaseManager : public TestSafeBrowsingDatabaseManager {
+ public:
+  bool IsSupported() const override { return true; }
+  bool MatchDownloadWhitelistUrl(const GURL& url) override {
+    // This matches the behavior in RunTestViaHTTP().
+    return url.SchemeIsHTTPOrHTTPS() && url.has_path() &&
+           url.path().find("/files/test_case.html") == 0;
+  }
+
+ protected:
+  ~FakeDatabaseManager() override {}
+};
+
+class TestSafeBrowsingService : public SafeBrowsingService {
+ public:
+  SafeBrowsingDatabaseManager* CreateDatabaseManager() override {
+    return new FakeDatabaseManager();
+  }
+
+ protected:
+  ~TestSafeBrowsingService() override {}
+};
+
+class TestSafeBrowsingServiceFactory : public SafeBrowsingServiceFactory {
+ public:
+  SafeBrowsingService* CreateSafeBrowsingService() override {
+    SafeBrowsingService* service = new TestSafeBrowsingService();
+    return service;
+  }
+};
+
+class PPAPIFileChooserTestWithSBService : public PPAPIFileChooserTest {
+ public:
+  void SetUp() override {
+    SafeBrowsingService::RegisterFactory(&safe_browsing_service_factory_);
+    PPAPIFileChooserTest::SetUp();
+  }
+  void TearDown() override {
+    PPAPIFileChooserTest::TearDown();
+    SafeBrowsingService::RegisterFactory(nullptr);
+  }
+
+ private:
+  TestSafeBrowsingServiceFactory safe_browsing_service_factory_;
+};
+
+// The kDisallowUncheckedDangerousDownloads switch (whose behavior is verified
+// by the FileChooser_SaveAs_DangerousExecutable_Disallowed test above) should
+// block the file being downloaded. However, the FakeDatabaseManager reports
+// that the requestors document URL matches the Safe Browsing whitelist. Hence
+// the download succeeds.
+IN_PROC_BROWSER_TEST_F(PPAPIFileChooserTestWithSBService,

[bbudge, 2015/10/28 00:13:20]

Is there a reason this is in the anonymous namespace?

[asanka, 2015/10/28 14:10:04]

Nope. Accidental. Fixed!

+                       FileChooser_SaveAs_DangerousExecutable_Whitelist) {
+  base::CommandLine::ForCurrentProcess()->AppendSwitch(
+      switches::kDisallowUncheckedDangerousDownloads);
+  base::ScopedTempDir temp_dir;
+  ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
+  base::FilePath suggested_filename = temp_dir.path().AppendASCII("foo");
+
+  TestSelectFileDialogFactory::SelectedFileInfoList file_info_list;
+  file_info_list.push_back(
+      ui::SelectedFileInfo(suggested_filename, suggested_filename));
+  TestSelectFileDialogFactory test_dialog_factory(
+      TestSelectFileDialogFactory::REPLACE_BASENAME, file_info_list);
+
+  RunTestViaHTTP("FileChooser_SaveAsDangerousExecutableAllowed");
+  base::FilePath actual_filename = temp_dir.path().AppendASCII("dangerous.exe");
+
+  ASSERT_TRUE(base::PathExists(actual_filename));
+  std::string file_contents;
+  ASSERT_TRUE(base::ReadFileToString(actual_filename, &file_contents, 100));
+  EXPECT_EQ("Hello from PPAPI", file_contents);
+}
+
+}  // namespace
+
 #endif  // FULL_SAFE_BROWSING