[DurableStorage] Don't grant durable if origin cannot write cookies.

chrome/browser/storage/durable_storage_permission_context_unittest.cc

Index: chrome/browser/storage/durable_storage_permission_context_unittest.cc
diff --git a/chrome/browser/storage/durable_storage_permission_context_unittest.cc b/chrome/browser/storage/durable_storage_permission_context_unittest.cc
index 101df28604542250ca15d7bc5bea4529e26920d8..18055a2674b243523b51ea36a1aef62eb9fb79c0 100644
--- a/chrome/browser/storage/durable_storage_permission_context_unittest.cc
+++ b/chrome/browser/storage/durable_storage_permission_context_unittest.cc
@@ -4,11 +4,76 @@
 
 #include "chrome/browser/storage/durable_storage_permission_context.h"
 
+#include "base/bind.h"
 #include "base/macros.h"
+#include "base/strings/utf_string_conversions.h"
+#include "chrome/browser/bookmarks/bookmark_model_factory.h"
+#include "chrome/browser/content_settings/cookie_settings_factory.h"
+#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
+#include "chrome/browser/permissions/permission_request_id.h"
+#include "chrome/browser/permissions/permission_request_manager.h"
+#include "chrome/test/base/chrome_render_view_host_test_harness.h"
+#include "chrome/test/base/testing_profile.h"
+#include "components/bookmarks/test/bookmark_test_helpers.h"
+#include "components/content_settings/core/browser/cookie_settings.h"
+#include "components/content_settings/core/browser/host_content_settings_map.h"
+#include "content/public/browser/permission_manager.h"
+#include "content/public/browser/render_process_host.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using bookmarks::BookmarkModel;
 
+namespace {
+
+void DoNothing(ContentSetting content_setting) {}
+
+class TestDurablePermissionContext : public DurableStoragePermissionContext {
+ public:
+  explicit TestDurablePermissionContext(Profile* profile)
+      : DurableStoragePermissionContext(profile),
+        permission_set_count_(0),
+        last_permission_set_persisted_(false),
+        last_permission_set_setting_(CONTENT_SETTING_DEFAULT) {}
+
+  int permission_set_count() const { return permission_set_count_; }
+  bool last_permission_set_persisted() const {
+    return last_permission_set_persisted_;
+  }
+  ContentSetting last_permission_set_setting() const {
+    return last_permission_set_setting_;
+  }
+
+  ContentSetting GetContentSettingFromMap(const GURL& url_a,
+                                          const GURL& url_b) {
+    return HostContentSettingsMapFactory::GetForProfile(profile())
+        ->GetContentSetting(url_a.GetOrigin(), url_b.GetOrigin(),
+                            CONTENT_SETTINGS_TYPE_DURABLE_STORAGE,
+                            std::string());
+  }
+
+ private:
+  // NotificationPermissionContext:
+  void NotifyPermissionSet(const PermissionRequestID& id,
+                           const GURL& requesting_origin,
+                           const GURL& embedder_origin,
+                           const BrowserPermissionCallback& callback,
+                           bool persist,
+                           ContentSetting content_setting) override {
+    permission_set_count_++;
+    last_permission_set_persisted_ = persist;
+    last_permission_set_setting_ = content_setting;
+    DurableStoragePermissionContext::NotifyPermissionSet(
+        id, requesting_origin, embedder_origin, callback, persist,
+        content_setting);
+  }
+
+  int permission_set_count_;
+  bool last_permission_set_persisted_;
+  ContentSetting last_permission_set_setting_;
+};
+
+}  // namespace
+
 class BookmarksOriginTest : public ::testing::Test {
  protected:
   static std::vector<BookmarkModel::URLAndTitle> MakeBookmarks(
@@ -49,3 +114,111 @@ TEST_F(BookmarksOriginTest, DoesntExist) {
   EXPECT_FALSE(DurableStoragePermissionContext::IsOriginBookmarked(
       bookmarks, looking_for));
 }
+
+class DurableStoragePermissionContextTest
+    : public ChromeRenderViewHostTestHarness {
+ protected:
+  void SetUp() override {
+    ChromeRenderViewHostTestHarness::SetUp();
+#if defined(OS_ANDROID)
+    InfoBarService::CreateForWebContents(web_contents());
+#else
+    PermissionRequestManager::CreateForWebContents(web_contents());
+#endif
+  }
+
+  void AddBookmark(const GURL& origin) {
+    if (!model_) {
+      profile()->CreateBookmarkModel(true);
+      model_ = BookmarkModelFactory::GetForBrowserContext(profile());
+      bookmarks::test::WaitForBookmarkModelToLoad(model_);
+    }
+
+    model_->AddURL(model_->bookmark_bar_node(), 0,
+                   base::ASCIIToUTF16(origin.spec()), origin);
+  }
+
+  BookmarkModel* model_ = nullptr;
+};
+
+TEST_F(DurableStoragePermissionContextTest, Bookmark) {
+  TestDurablePermissionContext permission_context(
+      profile()->GetOffTheRecordProfile());
+  GURL url("http://www.google.com");
+  AddBookmark(url);
+  NavigateAndCommit(url);
+
+  const PermissionRequestID id(web_contents()->GetRenderProcessHost()->GetID(),
+                               web_contents()->GetMainFrame()->GetRoutingID(),
+                               -1);
+
+  ASSERT_EQ(0, permission_context.permission_set_count());
+  ASSERT_FALSE(permission_context.last_permission_set_persisted());
+  ASSERT_EQ(CONTENT_SETTING_DEFAULT,
+            permission_context.last_permission_set_setting());
+
+  permission_context.DecidePermission(web_contents(), id, url, url,
+                                      true /* user_gesture */,
+                                      base::Bind(&DoNothing));
+
+  EXPECT_EQ(1, permission_context.permission_set_count());
+  EXPECT_TRUE(permission_context.last_permission_set_persisted());
+  EXPECT_EQ(CONTENT_SETTING_ALLOW,
+            permission_context.last_permission_set_setting());
+}
+
+TEST_F(DurableStoragePermissionContextTest, NoBookmark) {
+  TestDurablePermissionContext permission_context(
+      profile()->GetOffTheRecordProfile());
+  GURL url("http://www.google.com");
+  NavigateAndCommit(url);
+
+  const PermissionRequestID id(web_contents()->GetRenderProcessHost()->GetID(),
+                               web_contents()->GetMainFrame()->GetRoutingID(),
+                               -1);
+
+  ASSERT_EQ(0, permission_context.permission_set_count());
+  ASSERT_FALSE(permission_context.last_permission_set_persisted());
+  ASSERT_EQ(CONTENT_SETTING_DEFAULT,
+            permission_context.last_permission_set_setting());
+
+  permission_context.DecidePermission(web_contents(), id, url, url,
+                                      true /* user_gesture */,
+                                      base::Bind(&DoNothing));
+
+  EXPECT_EQ(1, permission_context.permission_set_count());
+  EXPECT_FALSE(permission_context.last_permission_set_persisted());
+  EXPECT_EQ(CONTENT_SETTING_DEFAULT,
+            permission_context.last_permission_set_setting());
+}
+
+TEST_F(DurableStoragePermissionContextTest, CookiesNotAllowed) {

[jww, 2016/10/01 04:46:20]

You probably want a "CookiesAllowed" variant of this test to make sure that
durable storage is allowed, no?

[dmurph, 2016/10/04 22:00:45]

Cookies are allowed in all other tests.

+  TestDurablePermissionContext permission_context(
+      profile()->GetOffTheRecordProfile());
+  GURL url("http://www.google.com");
+  AddBookmark(url);
+  NavigateAndCommit(url);
+
+  scoped_refptr<content_settings::CookieSettings> cookie_settings =
+      CookieSettingsFactory::GetForProfile(profile());
+
+  cookie_settings->SetCookieSetting(url, CONTENT_SETTING_BLOCK);
+
+  const PermissionRequestID id(web_contents()->GetRenderProcessHost()->GetID(),
+                               web_contents()->GetMainFrame()->GetRoutingID(),
+                               -1);
+
+  ASSERT_EQ(0, permission_context.permission_set_count());
+  ASSERT_FALSE(permission_context.last_permission_set_persisted());
+  ASSERT_EQ(CONTENT_SETTING_DEFAULT,
+            permission_context.last_permission_set_setting());
+
+  permission_context.DecidePermission(web_contents(), id, url, url,

[jww, 2016/10/01 04:46:20]

Maybe a few other sanity checks of other variants of this? Like with different
emebedder and requestor URLs? Also user gesture false? Things like that?

[dmurph, 2016/10/04 22:00:45]

Added test for different embedder & requestor urls, which now should be blocked.

User gestures aren't considered.

+                                      true /* user_gesture */,
+                                      base::Bind(&DoNothing));
+
+  EXPECT_EQ(1, permission_context.permission_set_count());
+  EXPECT_FALSE(permission_context.last_permission_set_persisted());
+  EXPECT_EQ(CONTENT_SETTING_DEFAULT,
+            permission_context.last_permission_set_setting());
+}