Introduce new PasswordForm attributes for Credential Management API.

components/password_manager/core/browser/login_database.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/password_manager/core/browser/login_database.h"
 
 #include <algorithm>
 #include <limits>
 
 #include "base/bind.h"
 #include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
 #include "base/pickle.h"
 #include "base/strings/string_util.h"
 #include "base/time/time.h"
 #include "components/autofill/core/common/password_form.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "sql/connection.h"
 #include "sql/statement.h"
 #include "sql/transaction.h"
 
 using autofill::PasswordForm;
 
 namespace password_manager {
 
-static const int kCurrentVersionNumber = 6;
+static const int kCurrentVersionNumber = 7;
 static const int kCompatibleVersionNumber = 1;
 
 Pickle SerializeVector(const std::vector<base::string16>& vec) {
   Pickle p;
   for (size_t i = 0; i < vec.size(); ++i) {
     p.WriteString16(vec[i]);
   }
   return p;
 }
 
@@ skipping 23 matching lines @@
   COLUMN_SSL_VALID,
   COLUMN_PREFERRED,
   COLUMN_DATE_CREATED,
   COLUMN_BLACKLISTED_BY_USER,
   COLUMN_SCHEME,
   COLUMN_PASSWORD_TYPE,
   COLUMN_POSSIBLE_USERNAMES,
   COLUMN_TIMES_USED,
   COLUMN_FORM_DATA,
   COLUMN_USE_ADDITIONAL_AUTH,
-  COLUMN_DATE_SYNCED
+  COLUMN_DATE_SYNCED,
+  COLUMN_DISPLAY_NAME,
+  COLUMN_AVATAR_URL,
+  COLUMN_FEDERATION_URL,
+  COLUMN_ZERO_CLICK,
 };
 
 void BindAddStatement(const PasswordForm& form,
                       const std::string& encrypted_password,
                       sql::Statement* s) {
   s->BindString(COLUMN_ORIGIN_URL, form.origin.spec());
   s->BindString(COLUMN_ACTION_URL, form.action.spec());
   s->BindString16(COLUMN_USERNAME_ELEMENT, form.username_element);
   s->BindString16(COLUMN_USERNAME_VALUE, form.username_value);
   s->BindString16(COLUMN_PASSWORD_ELEMENT, form.password_element);
@@ skipping 12 matching lines @@
               usernames_pickle.data(),
               usernames_pickle.size());
   s->BindInt(COLUMN_TIMES_USED, form.times_used);
   Pickle form_data_pickle;
   autofill::SerializeFormData(form.form_data, &form_data_pickle);
   s->BindBlob(COLUMN_FORM_DATA,
               form_data_pickle.data(),
               form_data_pickle.size());
   s->BindInt(COLUMN_USE_ADDITIONAL_AUTH, form.use_additional_authentication);
   s->BindInt64(COLUMN_DATE_SYNCED, form.date_synced.ToInternalValue());
+  s->BindString16(COLUMN_DISPLAY_NAME, form.display_name);
+  s->BindString(COLUMN_AVATAR_URL, form.avatar_url.spec());
+  s->BindString(COLUMN_FEDERATION_URL, form.federation_url.spec());

[Mike West, 2014/08/18 18:52:11]

How do we deal with invalid URLs here? Perhaps a DCHECK somewhere?

[vasilii, 2014/08/20 11:45:34]

GURL::spec() will assert and return the empty string for invalid URL. I guess
that PasswordManager should handle this.

+  s->BindInt(COLUMN_ZERO_CLICK, form.is_zero_click);

[Mike West, 2014/08/18 18:52:11]

Nit: I'd suggest standardizing on either "zero click" or "is zero click".

[vasilii, 2014/08/20 11:45:34]

Done.

 }
 
 void AddCallback(int err, sql::Statement* /*stmt*/) {
   if (err == 19 /*SQLITE_CONSTRAINT*/)
     DLOG(WARNING) << "LoginDatabase::AddLogin updated an existing form";
 }
 
 }  // namespace
 
 LoginDatabase::LoginDatabase() {
@@ skipping 81 matching lines @@
       meta_table_.SetVersionNumber(4);
       // Fall through.
     case 4:
       if (!db_.Execute(
           "ALTER TABLE logins ADD COLUMN use_additional_auth INTEGER")) {
         return false;
       }
       meta_table_.SetVersionNumber(5);
       // Fall through.
     case 5:
-      if (!db_.Execute(
-          "ALTER TABLE logins ADD COLUMN date_synced INTEGER")) {
+      if (!db_.Execute("ALTER TABLE logins ADD COLUMN date_synced INTEGER")) {
         return false;
       }
       meta_table_.SetVersionNumber(6);
       // Fall through.
+    case 6:
+      if (!db_.Execute("ALTER TABLE logins ADD COLUMN display_name VARCHAR") ||
+          !db_.Execute("ALTER TABLE logins ADD COLUMN avatar_url VARCHAR") ||
+          !db_.Execute("ALTER TABLE logins "
+                       "ADD COLUMN federation_url VARCHAR") ||
+          !db_.Execute("ALTER TABLE logins ADD COLUMN is_zero_click INTEGER")) {
+        return false;
+      }
+      meta_table_.SetVersionNumber(7);
+      // Fall through.
     case kCurrentVersionNumber:
       // Already up to date
       return true;
     default:
       NOTREACHED();
       return false;
   }
 }
 
 bool LoginDatabase::InitLoginsTable() {
@@ skipping 11 matching lines @@
                      "preferred INTEGER NOT NULL,"
                      "date_created INTEGER NOT NULL,"
                      "blacklisted_by_user INTEGER NOT NULL,"
                      "scheme INTEGER NOT NULL,"
                      "password_type INTEGER,"
                      "possible_usernames BLOB,"
                      "times_used INTEGER,"
                      "form_data BLOB,"
                      "use_additional_auth INTEGER,"
                      "date_synced INTEGER,"
+                     "display_name VARCHAR,"
+                     "avatar_url VARCHAR,"
+                     "federation_url VARCHAR,"
+                     "is_zero_click INTEGER,"
                      "UNIQUE "
                      "(origin_url, username_element, "
                      "username_value, password_element, "
                      "submit_element, signon_realm))")) {
       NOTREACHED();
       return false;
     }
     if (!db_.Execute("CREATE INDEX logins_signon ON "
                      "logins (signon_realm)")) {
       NOTREACHED();
@@ skipping 84 matching lines @@
           ENCRYPTION_RESULT_SUCCESS)
     return list;
 
   // You *must* change LoginTableColumns if this query changes.
   sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE,
       "INSERT INTO logins "
       "(origin_url, action_url, username_element, username_value, "
       " password_element, password_value, submit_element, "
       " signon_realm, ssl_valid, preferred, date_created, blacklisted_by_user, "
       " scheme, password_type, possible_usernames, times_used, form_data, "
-      " use_additional_auth, date_synced) VALUES "
-      "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"));
+      " use_additional_auth, date_synced, display_name, avatar_url,"
+      " federation_url, is_zero_click) VALUES "
+      "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"));
   BindAddStatement(form, encrypted_password, &s);
   db_.set_error_callback(base::Bind(&AddCallback));
   const bool success = s.Run();
   db_.reset_error_callback();
   if (success) {
     list.push_back(PasswordStoreChange(PasswordStoreChange::ADD, form));
     return list;
   }
   // Repeat the same statement but with REPLACE semantic.
   s.Assign(db_.GetCachedStatement(SQL_FROM_HERE,
       "INSERT OR REPLACE INTO logins "
       "(origin_url, action_url, username_element, username_value, "
       " password_element, password_value, submit_element, "
       " signon_realm, ssl_valid, preferred, date_created, blacklisted_by_user, "
       " scheme, password_type, possible_usernames, times_used, form_data, "
-      " use_additional_auth, date_synced) VALUES "
-      "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"));
+      " use_additional_auth, date_synced, display_name, avatar_url,"
+      " federation_url, is_zero_click) VALUES "
+      "(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"));
   BindAddStatement(form, encrypted_password, &s);
   if (s.Run()) {
     list.push_back(PasswordStoreChange(PasswordStoreChange::REMOVE, form));
     list.push_back(PasswordStoreChange(PasswordStoreChange::ADD, form));
   }
   return list;
 }
 
 PasswordStoreChangeList LoginDatabase::UpdateLogin(const PasswordForm& form) {
   std::string encrypted_password;
   if (EncryptedString(form.password_value, &encrypted_password) !=
           ENCRYPTION_RESULT_SUCCESS)
     return PasswordStoreChangeList();
 
   // Replacement is necessary to deal with updating imported credentials. See
   // crbug.com/349138 for details.
   sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE,
                                           "UPDATE OR REPLACE logins SET "
                                           "action_url = ?, "
                                           "password_value = ?, "
                                           "ssl_valid = ?, "
                                           "preferred = ?, "
                                           "possible_usernames = ?, "
                                           "times_used = ?, "
                                           "submit_element = ?, "
                                           "date_synced = ?, "
                                           "date_created = ?, "
                                           "blacklisted_by_user = ?, "
                                           "scheme = ?, "
-                                          "password_type = ? "
+                                          "password_type = ?, "
+                                          "display_name = ?, "
+                                          "avatar_url = ?, "
+                                          "federation_url = ?, "
+                                          "is_zero_click = ? "
                                           "WHERE origin_url = ? AND "
                                           "username_element = ? AND "
                                           "username_value = ? AND "
                                           "password_element = ? AND "
                                           "signon_realm = ?"));
   s.BindString(0, form.action.spec());
   s.BindBlob(1, encrypted_password.data(),
              static_cast<int>(encrypted_password.length()));
   s.BindInt(2, form.ssl_valid);
   s.BindInt(3, form.preferred);
   Pickle pickle = SerializeVector(form.other_possible_usernames);
   s.BindBlob(4, pickle.data(), pickle.size());
   s.BindInt(5, form.times_used);
   s.BindString16(6, form.submit_element);
   s.BindInt64(7, form.date_synced.ToInternalValue());
   s.BindInt64(8, form.date_created.ToTimeT());
   s.BindInt(9, form.blacklisted_by_user);
   s.BindInt(10, form.scheme);
   s.BindInt(11, form.type);
+  s.BindString16(12, form.display_name);
+  s.BindString(13, form.avatar_url.spec());
+  s.BindString(14, form.federation_url.spec());
+  s.BindInt(15, form.is_zero_click);
 
-  s.BindString(12, form.origin.spec());
-  s.BindString16(13, form.username_element);
-  s.BindString16(14, form.username_value);
-  s.BindString16(15, form.password_element);
-  s.BindString(16, form.signon_realm);
+  s.BindString(16, form.origin.spec());

[Mike West, 2014/08/18 18:52:11]

Nit: It's probably worth adding a "// WHERE starts here." comment, as this
confused me for a moment.

[vasilii, 2014/08/20 11:45:34]

Done.

+  s.BindString16(17, form.username_element);
+  s.BindString16(18, form.username_value);
+  s.BindString16(19, form.password_element);
+  s.BindString(20, form.signon_realm);
 
   if (!s.Run())
     return PasswordStoreChangeList();
 
   PasswordStoreChangeList list;
   if (db_.GetLastChangeCount())
     list.push_back(PasswordStoreChange(PasswordStoreChange::UPDATE, form));
 
   return list;
 }
@@ skipping 87 matching lines @@
     Pickle form_data_pickle(
         static_cast<const char*>(s.ColumnBlob(COLUMN_FORM_DATA)),
         s.ColumnByteLength(COLUMN_FORM_DATA));
     PickleIterator form_data_iter(form_data_pickle);
     autofill::DeserializeFormData(&form_data_iter, &form->form_data);
   }
   form->use_additional_authentication =
       (s.ColumnInt(COLUMN_USE_ADDITIONAL_AUTH) > 0);
   form->date_synced = base::Time::FromInternalValue(
       s.ColumnInt64(COLUMN_DATE_SYNCED));
+  form->display_name = s.ColumnString16(COLUMN_DISPLAY_NAME);
+  form->avatar_url = GURL(s.ColumnString(COLUMN_AVATAR_URL));
+  form->federation_url = GURL(s.ColumnString(COLUMN_FEDERATION_URL));

[Mike West, 2014/08/18 18:52:11]

Nit: Do we do error handling anywhere else for things like malformed GURLs? If
not, perhaps we should DCHECK that the URLs are valid.

[vasilii, 2014/08/20 11:45:34]

But empty URLs are invalid too.

+  form->is_zero_click = (s.ColumnInt(COLUMN_ZERO_CLICK) > 0);
   return ENCRYPTION_RESULT_SUCCESS;
 }
 
 bool LoginDatabase::GetLogins(const PasswordForm& form,
                               std::vector<PasswordForm*>* forms) const {
   DCHECK(forms);
   // You *must* change LoginTableColumns if this query changes.
   const std::string sql_query = "SELECT origin_url, action_url, "
       "username_element, username_value, "
       "password_element, password_value, submit_element, "
       "signon_realm, ssl_valid, preferred, date_created, blacklisted_by_user, "
       "scheme, password_type, possible_usernames, times_used, form_data, "
-      "use_additional_auth, date_synced FROM logins WHERE signon_realm == ? ";
+      "use_additional_auth, date_synced, display_name, avatar_url, "
+      "federation_url, is_zero_click FROM logins WHERE signon_realm == ? ";
   sql::Statement s;
   const GURL signon_realm(form.signon_realm);
   std::string registered_domain =
       PSLMatchingHelper::GetRegistryControlledDomain(signon_realm);
   PSLMatchingHelper::PSLDomainMatchMetric psl_domain_match_metric =
       PSLMatchingHelper::PSL_DOMAIN_MATCH_NONE;
   // PSL matching only applies to HTML forms.
   if (form.scheme == PasswordForm::SCHEME_HTML &&
       psl_helper_.ShouldPSLDomainMatchingApply(registered_domain)) {
     // We are extending the original SQL query with one that includes more
@@ skipping 74 matching lines @@
     const base::Time begin,
     const base::Time end,
     std::vector<autofill::PasswordForm*>* forms) const {
   DCHECK(forms);
   sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE,
       "SELECT origin_url, action_url, "
       "username_element, username_value, "
       "password_element, password_value, submit_element, "
       "signon_realm, ssl_valid, preferred, date_created, blacklisted_by_user, "
       "scheme, password_type, possible_usernames, times_used, form_data, "
-      "use_additional_auth, date_synced FROM logins "
+      "use_additional_auth, date_synced, display_name, avatar_url, "
+      "federation_url, is_zero_click FROM logins "
       "WHERE date_created >= ? AND date_created < ?"
       "ORDER BY origin_url"));
   s.BindInt64(0, begin.ToTimeT());
   s.BindInt64(1, end.is_null() ? std::numeric_limits<int64>::max()
                                : end.ToTimeT());
 
   while (s.Step()) {
     scoped_ptr<PasswordForm> new_form(new PasswordForm());
     EncryptionResult result = InitPasswordFormFromStatement(new_form.get(), s);
     if (result == ENCRYPTION_RESULT_SERVICE_FAILURE)
@@ skipping 10 matching lines @@
     const base::Time begin,
     const base::Time end,
     std::vector<autofill::PasswordForm*>* forms) const {
   DCHECK(forms);
   sql::Statement s(db_.GetCachedStatement(
       SQL_FROM_HERE,
       "SELECT origin_url, action_url, username_element, username_value, "
       "password_element, password_value, submit_element, signon_realm, "
       "ssl_valid, preferred, date_created, blacklisted_by_user, "
       "scheme, password_type, possible_usernames, times_used, form_data, "
-      "use_additional_auth, date_synced FROM logins "
+      "use_additional_auth, date_synced, display_name, avatar_url, "
+      "federation_url, is_zero_click FROM logins "
       "WHERE date_synced >= ? AND date_synced < ?"
       "ORDER BY origin_url"));
   s.BindInt64(0, begin.ToInternalValue());
   s.BindInt64(1,
               end.is_null() ? base::Time::Max().ToInternalValue()
                             : end.ToInternalValue());
 
   while (s.Step()) {
     scoped_ptr<PasswordForm> new_form(new PasswordForm());
     EncryptionResult result = InitPasswordFormFromStatement(new_form.get(), s);
@@ skipping 20 matching lines @@
 bool LoginDatabase::GetAllLoginsWithBlacklistSetting(
     bool blacklisted, std::vector<PasswordForm*>* forms) const {
   DCHECK(forms);
   // You *must* change LoginTableColumns if this query changes.
   sql::Statement s(db_.GetCachedStatement(SQL_FROM_HERE,
       "SELECT origin_url, action_url, "
       "username_element, username_value, "
       "password_element, password_value, submit_element, "
       "signon_realm, ssl_valid, preferred, date_created, blacklisted_by_user, "
       "scheme, password_type, possible_usernames, times_used, form_data, "
-      "use_additional_auth, date_synced FROM logins "
+      "use_additional_auth, date_synced, display_name, avatar_url, "
+      "federation_url, is_zero_click FROM logins "
       "WHERE blacklisted_by_user == ? ORDER BY origin_url"));
   s.BindInt(0, blacklisted ? 1 : 0);
 
   while (s.Step()) {
     scoped_ptr<PasswordForm> new_form(new PasswordForm());
     EncryptionResult result = InitPasswordFormFromStatement(new_form.get(), s);
     if (result == ENCRYPTION_RESULT_SERVICE_FAILURE)
       return false;
     if (result == ENCRYPTION_RESULT_ITEM_FAILURE)
       continue;
     DCHECK(result == ENCRYPTION_RESULT_SUCCESS);
     forms->push_back(new_form.release());
   }
   return s.Succeeded();
 }
 
 bool LoginDatabase::DeleteAndRecreateDatabaseFile() {
   DCHECK(db_.is_open());
   meta_table_.Reset();
   db_.Close();
   sql::Connection::Delete(db_path_);
   return Init(db_path_);
 }
 
 }  // namespace password_manager