OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/notifications/notification_permission_context.h" | 5 #include "chrome/browser/notifications/notification_permission_context.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/test/test_mock_time_task_runner.h" |
| 10 #include "base/time/time.h" |
| 11 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
8 #include "chrome/browser/notifications/desktop_notification_profile_util.h" | 12 #include "chrome/browser/notifications/desktop_notification_profile_util.h" |
| 13 #include "chrome/browser/permissions/permission_request_id.h" |
9 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
| 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
10 #include "chrome/test/base/testing_profile.h" | 16 #include "chrome/test/base/testing_profile.h" |
11 #include "components/content_settings/core/browser/host_content_settings_map.h" | 17 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 18 #include "content/public/browser/render_process_host.h" |
| 19 #include "content/public/browser/web_contents.h" |
12 #include "content/public/test/test_browser_thread_bundle.h" | 20 #include "content/public/test/test_browser_thread_bundle.h" |
13 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
14 #include "url/gurl.h" | 22 #include "url/gurl.h" |
15 | 23 |
| 24 namespace { |
| 25 |
| 26 void DoNothing(ContentSetting content_setting) {} |
| 27 |
| 28 class TestNotificationPermissionContext : public NotificationPermissionContext { |
| 29 public: |
| 30 explicit TestNotificationPermissionContext(Profile* profile) |
| 31 : NotificationPermissionContext(profile), |
| 32 permission_set_count_(0), |
| 33 last_permission_set_persisted_(false), |
| 34 last_permission_set_setting_(CONTENT_SETTING_DEFAULT) {} |
| 35 |
| 36 int permission_set_count() const { return permission_set_count_; } |
| 37 bool last_permission_set_persisted() const { |
| 38 return last_permission_set_persisted_; |
| 39 } |
| 40 ContentSetting last_permission_set_setting() const { |
| 41 return last_permission_set_setting_; |
| 42 } |
| 43 |
| 44 ContentSetting GetContentSettingFromMap(const GURL& url_a, |
| 45 const GURL& url_b) { |
| 46 return HostContentSettingsMapFactory::GetForProfile(profile()) |
| 47 ->GetContentSetting(url_a.GetOrigin(), url_b.GetOrigin(), |
| 48 content_settings_type(), std::string()); |
| 49 } |
| 50 |
| 51 private: |
| 52 // NotificationPermissionContext: |
| 53 void NotifyPermissionSet(const PermissionRequestID& id, |
| 54 const GURL& requesting_origin, |
| 55 const GURL& embedder_origin, |
| 56 const BrowserPermissionCallback& callback, |
| 57 bool persist, |
| 58 ContentSetting content_setting) override { |
| 59 permission_set_count_++; |
| 60 last_permission_set_persisted_ = persist; |
| 61 last_permission_set_setting_ = content_setting; |
| 62 NotificationPermissionContext::NotifyPermissionSet( |
| 63 id, requesting_origin, embedder_origin, callback, persist, |
| 64 content_setting); |
| 65 } |
| 66 |
| 67 int permission_set_count_; |
| 68 bool last_permission_set_persisted_; |
| 69 ContentSetting last_permission_set_setting_; |
| 70 }; |
| 71 |
| 72 class NotificationPermissionContextTest |
| 73 : public ChromeRenderViewHostTestHarness {}; |
| 74 |
| 75 } // namespace |
| 76 |
16 // Web Notification permission requests will completely ignore the embedder | 77 // Web Notification permission requests will completely ignore the embedder |
17 // origin. See https://crbug.com/416894. | 78 // origin. See https://crbug.com/416894. |
18 TEST(NotificationPermissionContextTest, IgnoresEmbedderOrigin) { | 79 TEST_F(NotificationPermissionContextTest, IgnoresEmbedderOrigin) { |
19 content::TestBrowserThreadBundle thread_bundle; | |
20 TestingProfile profile; | |
21 | |
22 GURL requesting_origin("https://example.com"); | 80 GURL requesting_origin("https://example.com"); |
23 GURL embedding_origin("https://chrome.com"); | 81 GURL embedding_origin("https://chrome.com"); |
24 GURL different_origin("https://foobar.com"); | 82 GURL different_origin("https://foobar.com"); |
25 | 83 |
26 NotificationPermissionContext context(&profile); | 84 NotificationPermissionContext context(profile()); |
27 context.UpdateContentSetting(requesting_origin, | 85 context.UpdateContentSetting(requesting_origin, |
28 embedding_origin, | 86 embedding_origin, |
29 CONTENT_SETTING_ALLOW); | 87 CONTENT_SETTING_ALLOW); |
30 | 88 |
31 EXPECT_EQ(CONTENT_SETTING_ALLOW, | 89 EXPECT_EQ(CONTENT_SETTING_ALLOW, |
32 context.GetPermissionStatus(requesting_origin, embedding_origin)); | 90 context.GetPermissionStatus(requesting_origin, embedding_origin)); |
33 | 91 |
34 EXPECT_EQ(CONTENT_SETTING_ALLOW, | 92 EXPECT_EQ(CONTENT_SETTING_ALLOW, |
35 context.GetPermissionStatus(requesting_origin, different_origin)); | 93 context.GetPermissionStatus(requesting_origin, different_origin)); |
36 | 94 |
37 context.ResetPermission(requesting_origin, embedding_origin); | 95 context.ResetPermission(requesting_origin, embedding_origin); |
38 | 96 |
39 EXPECT_EQ(CONTENT_SETTING_ASK, | 97 EXPECT_EQ(CONTENT_SETTING_ASK, |
40 context.GetPermissionStatus(requesting_origin, embedding_origin)); | 98 context.GetPermissionStatus(requesting_origin, embedding_origin)); |
41 | 99 |
42 EXPECT_EQ(CONTENT_SETTING_ASK, | 100 EXPECT_EQ(CONTENT_SETTING_ASK, |
43 context.GetPermissionStatus(requesting_origin, different_origin)); | 101 context.GetPermissionStatus(requesting_origin, different_origin)); |
44 } | 102 } |
45 | 103 |
46 // Web Notifications do not require a secure origin when requesting permission. | 104 // Web Notifications do not require a secure origin when requesting permission. |
47 // See https://crbug.com/404095. | 105 // See https://crbug.com/404095. |
48 TEST(NotificationPermissionContextTest, NoSecureOriginRequirement) { | 106 TEST_F(NotificationPermissionContextTest, NoSecureOriginRequirement) { |
49 content::TestBrowserThreadBundle thread_bundle; | |
50 TestingProfile profile; | |
51 | |
52 GURL origin("http://example.com"); | 107 GURL origin("http://example.com"); |
53 | 108 |
54 NotificationPermissionContext context(&profile); | 109 NotificationPermissionContext context(profile()); |
55 EXPECT_EQ(CONTENT_SETTING_ASK, | 110 EXPECT_EQ(CONTENT_SETTING_ASK, |
56 context.GetPermissionStatus(origin, origin)); | 111 context.GetPermissionStatus(origin, origin)); |
57 | 112 |
58 context.UpdateContentSetting(origin, origin, CONTENT_SETTING_ALLOW); | 113 context.UpdateContentSetting(origin, origin, CONTENT_SETTING_ALLOW); |
59 | 114 |
60 EXPECT_EQ(CONTENT_SETTING_ALLOW, | 115 EXPECT_EQ(CONTENT_SETTING_ALLOW, |
61 context.GetPermissionStatus(origin, origin)); | 116 context.GetPermissionStatus(origin, origin)); |
62 } | 117 } |
| 118 |
| 119 // Tests auto-denial after a time delay in incognito. |
| 120 TEST_F(NotificationPermissionContextTest, TestDenyInIncognitoAfterDelay) { |
| 121 TestNotificationPermissionContext permission_context( |
| 122 profile()->GetOffTheRecordProfile()); |
| 123 GURL url("https://www.example.com"); |
| 124 NavigateAndCommit(url); |
| 125 |
| 126 const PermissionRequestID id(web_contents()->GetRenderProcessHost()->GetID(), |
| 127 web_contents()->GetMainFrame()->GetRoutingID(), |
| 128 -1); |
| 129 |
| 130 scoped_refptr<base::SingleThreadTaskRunner> old_task_runner( |
| 131 base::MessageLoop::current()->task_runner()); |
| 132 scoped_refptr<base::TestMockTimeTaskRunner> task_runner( |
| 133 new base::TestMockTimeTaskRunner(base::Time::Now(), |
| 134 base::TimeTicks::Now())); |
| 135 base::MessageLoop::current()->SetTaskRunner(task_runner); |
| 136 |
| 137 ASSERT_EQ(0, permission_context.permission_set_count()); |
| 138 ASSERT_FALSE(permission_context.last_permission_set_persisted()); |
| 139 ASSERT_EQ(CONTENT_SETTING_DEFAULT, |
| 140 permission_context.last_permission_set_setting()); |
| 141 |
| 142 permission_context.RequestPermission( |
| 143 web_contents(), id, url, true /* user_gesture */, base::Bind(&DoNothing)); |
| 144 |
| 145 // Should be blocked after 1-2 seconds, but the timer is reset whenever the |
| 146 // tab is not visible, so these 500ms never add up to >= 1 second. |
| 147 for (int n = 0; n < 10; n++) { |
| 148 web_contents()->WasShown(); |
| 149 task_runner->FastForwardBy(base::TimeDelta::FromMilliseconds(500)); |
| 150 web_contents()->WasHidden(); |
| 151 } |
| 152 |
| 153 EXPECT_EQ(0, permission_context.permission_set_count()); |
| 154 EXPECT_EQ(CONTENT_SETTING_ASK, |
| 155 permission_context.GetContentSettingFromMap(url, url)); |
| 156 |
| 157 // Time elapsed whilst hidden is not counted. |
| 158 // n.b. This line also clears out any old scheduled timer tasks. This is |
| 159 // important, because otherwise Timer::Reset (triggered by |
| 160 // VisibilityTimerTabHelper::WasShown) may choose to re-use an existing |
| 161 // scheduled task, and when it fires Timer::RunScheduledTask will call |
| 162 // TimeTicks::Now() (which unlike task_runner->NowTicks(), we can't fake), |
| 163 // and miscalculate the remaining delay at which to fire the timer. |
| 164 task_runner->FastForwardBy(base::TimeDelta::FromDays(1)); |
| 165 |
| 166 EXPECT_EQ(0, permission_context.permission_set_count()); |
| 167 EXPECT_EQ(CONTENT_SETTING_ASK, |
| 168 permission_context.GetContentSettingFromMap(url, url)); |
| 169 |
| 170 // Should be blocked after 1-2 seconds. So 500ms is not enough. |
| 171 web_contents()->WasShown(); |
| 172 task_runner->FastForwardBy(base::TimeDelta::FromMilliseconds(500)); |
| 173 |
| 174 EXPECT_EQ(0, permission_context.permission_set_count()); |
| 175 EXPECT_EQ(CONTENT_SETTING_ASK, |
| 176 permission_context.GetContentSettingFromMap(url, url)); |
| 177 |
| 178 // But 5*500ms > 2 seconds, so it should now be blocked. |
| 179 for (int n = 0; n < 4; n++) |
| 180 task_runner->FastForwardBy(base::TimeDelta::FromMilliseconds(500)); |
| 181 |
| 182 EXPECT_EQ(1, permission_context.permission_set_count()); |
| 183 EXPECT_TRUE(permission_context.last_permission_set_persisted()); |
| 184 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 185 permission_context.last_permission_set_setting()); |
| 186 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 187 permission_context.GetContentSettingFromMap(url, url)); |
| 188 |
| 189 base::MessageLoop::current()->SetTaskRunner(old_task_runner); |
| 190 } |
| 191 |
| 192 // Tests how multiple parallel permission requests get auto-denied in incognito. |
| 193 TEST_F(NotificationPermissionContextTest, TestParallelDenyInIncognito) { |
| 194 TestNotificationPermissionContext permission_context( |
| 195 profile()->GetOffTheRecordProfile()); |
| 196 GURL url("https://www.example.com"); |
| 197 NavigateAndCommit(url); |
| 198 web_contents()->WasShown(); |
| 199 |
| 200 const PermissionRequestID id0(web_contents()->GetRenderProcessHost()->GetID(), |
| 201 web_contents()->GetMainFrame()->GetRoutingID(), |
| 202 0); |
| 203 const PermissionRequestID id1(web_contents()->GetRenderProcessHost()->GetID(), |
| 204 web_contents()->GetMainFrame()->GetRoutingID(), |
| 205 1); |
| 206 |
| 207 scoped_refptr<base::SingleThreadTaskRunner> old_task_runner( |
| 208 base::MessageLoop::current()->task_runner()); |
| 209 scoped_refptr<base::TestMockTimeTaskRunner> task_runner( |
| 210 new base::TestMockTimeTaskRunner(base::Time::Now(), |
| 211 base::TimeTicks::Now())); |
| 212 base::MessageLoop::current()->SetTaskRunner(task_runner); |
| 213 |
| 214 ASSERT_EQ(0, permission_context.permission_set_count()); |
| 215 ASSERT_FALSE(permission_context.last_permission_set_persisted()); |
| 216 ASSERT_EQ(CONTENT_SETTING_DEFAULT, |
| 217 permission_context.last_permission_set_setting()); |
| 218 |
| 219 permission_context.RequestPermission(web_contents(), id0, url, |
| 220 true /* user_gesture */, |
| 221 base::Bind(&DoNothing)); |
| 222 permission_context.RequestPermission(web_contents(), id1, url, |
| 223 true /* user_gesture */, |
| 224 base::Bind(&DoNothing)); |
| 225 |
| 226 EXPECT_EQ(0, permission_context.permission_set_count()); |
| 227 EXPECT_EQ(CONTENT_SETTING_ASK, |
| 228 permission_context.GetContentSettingFromMap(url, url)); |
| 229 |
| 230 // Fast forward up to 2.5 seconds. Stop as soon as the first permission |
| 231 // request is auto-denied. |
| 232 for (int n = 0; n < 5; n++) { |
| 233 task_runner->FastForwardBy(base::TimeDelta::FromMilliseconds(500)); |
| 234 if (permission_context.permission_set_count()) |
| 235 break; |
| 236 } |
| 237 |
| 238 // Only the first permission request receives a response (crbug.com/577336). |
| 239 EXPECT_EQ(1, permission_context.permission_set_count()); |
| 240 EXPECT_TRUE(permission_context.last_permission_set_persisted()); |
| 241 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 242 permission_context.last_permission_set_setting()); |
| 243 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 244 permission_context.GetContentSettingFromMap(url, url)); |
| 245 |
| 246 // After another 2.5 seconds, the second permission request should also have |
| 247 // received a response. |
| 248 task_runner->FastForwardBy(base::TimeDelta::FromMilliseconds(2500)); |
| 249 EXPECT_EQ(2, permission_context.permission_set_count()); |
| 250 EXPECT_TRUE(permission_context.last_permission_set_persisted()); |
| 251 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 252 permission_context.last_permission_set_setting()); |
| 253 EXPECT_EQ(CONTENT_SETTING_BLOCK, |
| 254 permission_context.GetContentSettingFromMap(url, url)); |
| 255 |
| 256 base::MessageLoop::current()->SetTaskRunner(old_task_runner); |
| 257 } |
OLD | NEW |