SafeBrowsing: Adds response handler for API blacklist check in Database Manager.

components/safe_browsing_db/database_manager.cc

Index: components/safe_browsing_db/database_manager.cc
diff --git a/components/safe_browsing_db/database_manager.cc b/components/safe_browsing_db/database_manager.cc
index c8d7aa30afa2ae750bd85757b4927043b5e5bae0..df67504207e3e34c1e977978165770c5dcc82378 100644
--- a/components/safe_browsing_db/database_manager.cc
+++ b/components/safe_browsing_db/database_manager.cc
@@ -86,7 +86,22 @@ void SafeBrowsingDatabaseManager::HandleGetHashesWithApisResults(
     const std::vector<SBFullHashResult>& full_hash_results,
     const base::TimeDelta& negative_cache_duration) {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
-  // TODO(kcarattini): Implement response handler.
+  DCHECK(check);

[Nathan Parker, 2016/04/15 23:22:00]

Sounds like a microphone check.  "Check. Check. Check one two."

[kcarattini, 2016/04/18 07:12:02]

Acknowledged.

+
+  ThreatMetadata md;
+  // Merge the metadata from all matching results.
+  for (const SBFullHashResult& result : full_hash_results) {

[Nathan Parker, 2016/04/15 23:22:00]

This is sort of O(N^2), where N is small but could easily be 10.  Maybe add a
todo to look at performance? This could be optimized by making one of them a
map, or sorting them and doing a binary search, etc.

[kcarattini, 2016/04/18 07:12:02]

Done.

+    for (const SBFullHash& full_hash : check->full_hashes()) {
+      if (SBFullHashEqual(full_hash, result.hash)) {
+        md.api_permissions.insert(md.api_permissions.end(),
+                                  result.metadata.api_permissions.begin(),
+                                  result.metadata.api_permissions.end());
+        break;
+      }
+    }
+  }
+
+  check->client()->OnCheckApiBlacklistUrlResult(check->url(), md);

[Nathan Parker, 2016/04/15 23:22:00]

Consider if we need the URL to be passed here, and remove it if not.
Some of the other client->methods have some fields they don't need.

[kcarattini, 2016/04/18 07:12:02]

I can imagine a client making calls for multiple urls and needing to know which
one the reply is for. I think it's useful.

[Nathan Parker, 2016/04/18 17:34:09]

k.  Another approach is that the caller could use different client objects, so
they can keep track of whatever state they want in them.

I think the localdbmanager has the requirement that any single client ptr can
have at most one outstanding callback.  Otherwise, when you cancel(client), it
wouldn't know which one to cancel.

 }
 
 SafeBrowsingDatabaseManager::SafeBrowsingApiCheck::SafeBrowsingApiCheck(