Implement embargo in PermissionDecisionAutoBlocker

chrome/browser/permissions/permission_decision_auto_blocker.h

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_
 #define CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_
 
-#include "base/callback_forward.h"
+#include "base/callback.h"
 #include "base/macros.h"
+#include "base/memory/ref_counted.h"
 #include "content/public/browser/permission_type.h"
 #include "url/gurl.h"
 
 class GURL;
 class Profile;
 
+namespace content {
+class WebContents;
+}
+
+namespace safe_browsing {
+class SafeBrowsingDatabaseManager;
+}
+
+namespace base {
+class Time;
+}
+
+class HostContentSettingsMap;
+
+// The PermissionDecisionAutoBlocker decides whether or not a given origin
+// should be automatically blocked from requesting a permission. When an origin
+// is blocked, it is placed under an "embargo". Until the embargo expires, any
+// requests made by the origin are automatically blocked. Once the embargo is
+// lifted, the origin will be permitted to request a permission again, which may
+// result in it being placed under embargo again. Currently, an origin is only
+// embargoed if it appears on Safe Browsing's API blacklist.
+// TODO(meredithl): Incorporate embargoing into blocking on repeated dismissals.

[raymes, 2017/01/18 03:15:20]

I think the TODO is less of a TODO now? Could we just describe the repeated
dismissals part here instead?

[meredithl, 2017/01/18 08:28:16]

Done.

 class PermissionDecisionAutoBlocker {
  public:
   // Removes any recorded counts for urls which match |filter| under |profile|.
   static void RemoveCountsByUrl(Profile* profile,
                                 base::Callback<bool(const GURL& url)> filter);
 
   // Returns the current number of dismisses recorded for |permission| type at
   // |url|.
   static int GetDismissCount(const GURL& url,
                              content::PermissionType permission,
@@ skipping 17 matching lines @@
 
   // Records that a dismissal of a prompt for |permission| was made, and returns
   // true if this dismissal should be considered a block. False otherwise.
   static bool ShouldChangeDismissalToBlock(const GURL& url,
                                            content::PermissionType permission,
                                            Profile* profile);
 
   // Updates the threshold to start blocking prompts from the field trial.
   static void UpdateFromVariations();
 
+  // Checks if the |request_origin| is under embargo for the requested
+  // |permission|. Internally, this will make a call to IsUnderEmbargo to check
+  // the content setting first, but may also make a call to Safe Browsing to
+  // check if the |request_origin| is blacklisted for |permission|, which is
+  // performed asynchronously.
+  static void UpdateEmbargoedStatus(
+      scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> db_manager,
+      content::PermissionType permission,
+      const GURL& request_origin,
+      content::WebContents* web_contents,
+      int timeout,
+      Profile* profile,
+      base::Time current_time,
+      base::Callback<void(bool)> callback);
+
+  // Checks the status of the content setting to determine if |request_origin|
+  // is under embargo for the |permission|. This check is done synchronously.

[raymes, 2017/01/18 03:15:20]

nit: the last sentence is probably unnecessary as it's implied from the API
design

[meredithl, 2017/01/18 08:28:16]

Done.

+  static bool IsUnderEmbargo(content::PermissionType permission,
+                             Profile* profile,
+                             const GURL& request_origin,
+                             base::Time current_time);
+
  private:
   friend class PermissionContextBaseTests;
+  friend class PermissionDecisionAutoBlockerUnitTest;
+
+  // Sets the embargo status of the |request_origin| inside the |permission|
+  // dictionary for testing.
+  static void PlaceUnderEmbargoForTest(content::PermissionType permission,
+                                       const GURL& request_origin,
+                                       HostContentSettingsMap* map,
+                                       base::Time current_time);
+
+  // Gets the embargo status of the |request_origin| inside the |permission|
+  // dictionary for testing.
+  static bool GetEmbargoStatusForTest(content::PermissionType permission,
+                                      const GURL& request_origin,
+                                      HostContentSettingsMap* map);
 
   // Keys used for storing count data in a website setting.
   static const char kPromptDismissCountKey[];
   static const char kPromptIgnoreCountKey[];
+  static const char kPermissionDismissalEmbargoKey[];
+  static const char kPermissionBlacklistEmbargoKey[];
 
   DISALLOW_IMPLICIT_CONSTRUCTORS(PermissionDecisionAutoBlocker);
 };
 
 #endif  // CHROME_BROWSER_PERMISSIONS_PERMISSION_DECISION_AUTO_BLOCKER_H_