Supervised user web restrictions content provider

components/web_restriction/java/src/org/chromium/components/webrestriction/WebRestrictionsContentProvider.java

Index: components/web_restriction/java/src/org/chromium/components/webrestriction/WebRestrictionsContentProvider.java
diff --git a/components/web_restriction/java/src/org/chromium/components/webrestriction/WebRestrictionsContentProvider.java b/components/web_restriction/java/src/org/chromium/components/webrestriction/WebRestrictionsContentProvider.java
new file mode 100644
index 0000000000000000000000000000000000000000..e7d09611e40b6636d4d6a71336ccf6e721b627f9
--- /dev/null
+++ b/components/web_restriction/java/src/org/chromium/components/webrestriction/WebRestrictionsContentProvider.java
@@ -0,0 +1,160 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.components.webrestriction;
+
+import android.content.ContentProvider;
+import android.content.ContentValues;
+import android.content.Context;
+import android.content.pm.ProviderInfo;
+import android.database.AbstractCursor;
+import android.database.Cursor;
+import android.net.Uri;
+import android.util.Pair;
+
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * Abstract content provider for providing web restrictions, i.e. for providing a filter for URLs
+ * so that they can be blocked or permitted, and a means of requesting permission for new URLs.
+ */
+public abstract class WebRestrictionsContentProvider extends ContentProvider {
+    // This class heavily distorts the documented intention of content providers as database

[Bernhard Bauer, 2015/12/14 17:58:38]

One way to improve on this would be to have the "insertions" be insertions into
a different "table" than the one we read restrictions from (where the tables are
identified by URI, right?). Then there would be no expectation that query()
after an insert() would return something different.

Also, at some point in the future we could allow querying the set of requests
(to show different UI when the user has already requested access to a site), so
at that point we could model that as a query() on the other "table". We just
don't currently have the backend for that, I think.

[aberent, 2015/12/16 15:20:37]

Done.

+    // wrappers. In particular insert doesn't actually insert, but simply requests insertion by a
+    // third party, and getType is reused to indicate whether insertion is possible.
+
+    public static final int BLOCKED = 0;
+    public static final int PROCEED = 1;
+
+    private final Pattern mSelectionPattern;
+    private Uri mContentUri;
+
+    protected WebRestrictionsContentProvider() {
+        // Pattern to extract the URL from the selection.
+        // Matches patterns of the form "url = '<url>'" with arbitrary spacing around the "=" etc.
+        mSelectionPattern = Pattern.compile("\\s*url\\s*=\\s*'([^']*)'");
+    }
+
+    @Override
+    public boolean onCreate() {
+        return true;
+    }
+
+    @Override
+    public void attachInfo(Context context, ProviderInfo info) {
+        super.attachInfo(context, info);
+        mContentUri = new Uri.Builder().scheme("content").authority(info.authority).build();
+    }
+
+    @Override
+    public Cursor query(Uri uri, String[] projection, String selection, String[] selectionArgs,
+            String sortOrder) {
+        // If the selection is of the right form get the url we are querying.
+        Matcher matcher = mSelectionPattern.matcher(selection);
+        if (!matcher.find()) return null;
+        final String url = matcher.group(1);
+        final Pair<Boolean, String> result = shouldProceed(url);
+
+        return new AbstractCursor() {
+
+            @Override
+            public int getCount() {
+                return 1;
+            }
+
+            @Override
+            public String[] getColumnNames() {
+                return new String[] {"Should Proceed", "Error message"};
+            }
+
+            @Override
+            public String getString(int column) {
+                if (column == 1) return result.second;
+                return null;
+            }
+
+            @Override
+            public short getShort(int column) {
+                return 0;
+            }
+
+            @Override
+            public int getInt(int column) {
+                if (column == 0) return result.first ? PROCEED : BLOCKED;
+                return 0;
+            }
+
+            @Override
+            public long getLong(int column) {
+                return 0;
+            }
+
+            @Override
+            public float getFloat(int column) {
+                return 0;
+            }
+
+            @Override
+            public double getDouble(int column) {
+                return 0;
+            }
+
+            @Override
+            public boolean isNull(int column) {
+                return false;
+            }
+        };
+    }
+
+    @Override
+    public String getType(Uri uri) {
+        // Abused to return whether we can insert
+        return canInsert() ? "text/plain" : null;
+    }
+
+    @Override
+    public Uri insert(Uri uri, ContentValues values) {
+        String url = values.getAsString("url");
+        requestInsert(url);
+        return null;
+    }
+
+    @Override
+    public int delete(Uri uri, String selection, String[] selectionArgs) {
+        return 0;
+    }
+
+    @Override
+    public int update(Uri uri, ContentValues values, String selection, String[] selectionArgs) {
+        return 0;
+    }
+
+    /**
+     * @param url the URL that is wanted.
+     * @return a pair containing the result and the HTML error message.
+     *         result is true if safe to proceed, false otherwise.
+     *         error message is only meaningful if result is false,
+     *         a null error message means use application default.
+     */
+    protected abstract Pair<Boolean, String> shouldProceed(final String url);

[Bernhard Bauer, 2015/12/14 17:58:38]

We could also model this via a class hierarchy, i.e. one subclass that is
"proceed" and one that is "fail with this error page".

[aberent, 2015/12/16 15:20:37]

I think that would add a (relatively) a lot of code for not much benefit. Unless
I am misunderstanding we would define an interface and two classes, and then
using the result would be quite messy, involving casting the result to the
success and failure classes.

+
+    /**
+     * @return whether the content provider allows insertions.
+     */
+    protected abstract boolean canInsert();
+
+    /**
+     * Start a request that a URL should be permitted
+     * @param url the URL that is wanted.
+     */
+    protected abstract void requestInsert(final String url);
+
+    /**
+    * Call to tell observers that the filter has changed.
+    */
+    protected void onFilterChanged() {
+        getContext().getContentResolver().notifyChange(mContentUri, null);
+    }
+}