content_analysis_delegate_browsertest.cc

// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/40285824): Remove this and convert code to safer constructs.
#pragma allow_unsafe_buffers
#endif

#include <algorithm>
#include <memory>
#include <set>

#include "base/containers/contains.h"
#include "base/files/file.h"
#include "base/files/file_util.h"
#include "base/path_service.h"
#include "base/strings/stringprintf.h"
#include "base/strings/utf_string_conversions.h"
#include "base/test/bind.h"
#include "base/test/scoped_feature_list.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/enterprise/connectors/analysis/content_analysis_dialog.h"
#include "chrome/browser/enterprise/connectors/analysis/content_analysis_features.h"
#include "chrome/browser/enterprise/connectors/common.h"
#include "chrome/browser/enterprise/connectors/connectors_service.h"
#include "chrome/browser/enterprise/connectors/reporting/realtime_reporting_client_factory.h"
#include "chrome/browser/enterprise/connectors/test/deep_scanning_browsertest_base.h"
#include "chrome/browser/enterprise/connectors/test/deep_scanning_test_utils.h"
#include "chrome/browser/enterprise/data_protection/data_protection_clipboard_utils.h"
#include "chrome/browser/enterprise/identifiers/profile_id_service_factory.h"
#include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h"
#include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_factory.h"
#include "chrome/browser/policy/dm_token_utils.h"
#include "chrome/browser/safe_browsing/cloud_content_scanning/cloud_binary_upload_service.h"
#include "chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_utils.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/common/chrome_paths.h"
#include "components/enterprise/browser/identifiers/profile_id_service.h"
#include "components/enterprise/buildflags/buildflags.h"
#include "components/policy/core/common/cloud/mock_cloud_policy_client.h"
#include "components/policy/core/common/cloud/realtime_reporting_job_configuration.h"
#include "components/prefs/scoped_user_pref_update.h"
#include "components/signin/public/identity_manager/identity_test_environment.h"
#include "content/public/test/browser_test.h"

#if BUILDFLAG(ENTERPRISE_LOCAL_CONTENT_ANALYSIS)
#include "chrome/browser/enterprise/connectors/test/fake_content_analysis_sdk_manager.h"  // nogncheck
#endif

SafeBrowsingPrivateEventRouter;
BinaryUploadService;
CloudBinaryUploadService;
_;
Mock;

namespace enterprise_connectors {

namespace {

constexpr char kUserName[] = …;

constexpr char kScanId1[] = …;
constexpr char kScanId2[] = …;
constexpr char kScanId3[] = …;

std::string text() { … }

std::string image() { … }

class FakeBinaryUploadService : public CloudBinaryUploadService { … };

FakeBinaryUploadService* FakeBinaryUploadServiceStorage() { … }

const std::set<std::string>* DocMimeTypes() { … }

const std::set<std::string>* ExeMimeTypes() { … }

const std::set<std::string>* ZipMimeTypes() { … }

const std::set<std::string>* TextMimeTypes() { … }

const std::set<std::string>* ImageMimeTypes() { … }

// A fake delegate with minimal overrides to obtain behavior that's as close to
// the real one as possible.
class MinimalFakeContentAnalysisDelegate : public ContentAnalysisDelegate { … };

constexpr char kBrowserDMToken[] = …;
constexpr char kProfileDMToken[] = …;

constexpr char kTestUrl[] = …;

}  // namespace

// Tests the behavior of the dialog delegate with minimal overriding of methods.
// Only responses obtained via the BinaryUploadService are faked.
class ContentAnalysisDelegateBrowserTestBase
    : public test::DeepScanningBrowserTestBase,
      public ContentAnalysisDialog::TestObserver { … };

class ContentAnalysisDelegateBrowserTest
    : public ContentAnalysisDelegateBrowserTestBase,
      public testing::WithParamInterface<bool> { … };

INSTANTIATE_TEST_SUITE_P(…);

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, Unauthorized) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, Files) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, ForFiles) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, Texts) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest,
                       Texts_IncognitoSource) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, AllowTextAndImage) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest,
                       BlockTextAndAllowImage) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest,
                       BlockTextAndAllowImage_IncognitoSource) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest,
                       AllowTextAndBlockImage) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest,
                       AllowTextAndBlockImage_IncognitoSource) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBrowserTest, Throttled) { … }

// This class tests each of the blocking settings used in Connector policies:
// - block_until_verdict
// - block_password_protected
// - block_large_files
class ContentAnalysisDelegateBlockingSettingBrowserTest
    : public ContentAnalysisDelegateBrowserTestBase,
      public testing::WithParamInterface<std::tuple<bool, bool, bool>> { … };

INSTANTIATE_TEST_SUITE_P(…);

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBlockingSettingBrowserTest,
                       BlockPasswordProtected) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBlockingSettingBrowserTest,
                       BlockLargeFiles) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBlockingSettingBrowserTest,
                       BlockLargePages) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBlockingSettingBrowserTest,
                       BlockUntilVerdict) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateBlockingSettingBrowserTest,
                       BlockTextUntilVerdict) { … }

// This class tests if ContentAnalysisDelegate handles the settings
// `default_action` from Connector policies correctly, specifically for cloud
// analysis.
class ContentAnalysisDelegateDefaultActionSettingBrowserTest
    : public ContentAnalysisDelegateBrowserTestBase,
      public testing::WithParamInterface<
          std::tuple<safe_browsing::BinaryUploadService::Result, bool>> { … };

INSTANTIATE_TEST_SUITE_P(…);

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateDefaultActionSettingBrowserTest,
                       DefaultAction) { … }

// This class tests that ContentAnalysisDelegate is handled correctly when the
// requests are already unauthorized. The test parameter represents if the scan
// is set to be blocking through policy.
class ContentAnalysisDelegateUnauthorizedBrowserTest
    : public ContentAnalysisDelegateBrowserTestBase,
      public testing::WithParamInterface<std::tuple<bool, bool>> { … };

INSTANTIATE_TEST_SUITE_P(…);

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateUnauthorizedBrowserTest, Paste) { … }

IN_PROC_BROWSER_TEST_P(ContentAnalysisDelegateUnauthorizedBrowserTest, Files) { … }

}  // namespace enterprise_connectors
chromium/chrome/browser/enterprise/connectors/analysis/content_analysis_delegate_browsertest.cc
