| // Copyright 2017 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "chrome/browser/media/protected_media_identifier_permission_context.h" |
| |
| #include "base/memory/raw_ptr.h" |
| #include "base/test/scoped_command_line.h" |
| #include "chrome/browser/profiles/profile_testing_helper.h" |
| #include "chrome/common/chrome_switches.h" |
| #include "components/policy/core/common/policy_pref_names.h" |
| #include "components/prefs/testing_pref_service.h" |
| #include "media/base/media_switches.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| #include "url/gurl.h" |
| |
| #if BUILDFLAG(IS_CHROMEOS) |
| #include "ash/constants/ash_switches.h" |
| #include "chromeos/dbus/constants/dbus_switches.h" |
| #endif |
| |
| class ProtectedMediaIdentifierPermissionContextTest : public testing::Test { |
| public: |
| ProtectedMediaIdentifierPermissionContextTest() |
| : requesting_origin_("https://example.com"), |
| requesting_sub_domain_origin_("https://subdomain.example.com") { |
| command_line_ = scoped_command_line_.GetProcessCommandLine(); |
| profile_testing_helper_.SetUp(); |
| } |
| |
| bool IsOriginAllowed(const GURL& origin) { |
| return ProtectedMediaIdentifierPermissionContext::IsOriginAllowed(origin); |
| } |
| |
| bool IsProtectedMediaIdentifierEnabled(Profile* profile) { |
| return ProtectedMediaIdentifierPermissionContext:: |
| IsProtectedMediaIdentifierEnabled(profile); |
| } |
| |
| GURL requesting_origin_; |
| GURL requesting_sub_domain_origin_; |
| |
| base::test::ScopedCommandLine scoped_command_line_; |
| raw_ptr<base::CommandLine> command_line_; |
| ProfileTestingHelper profile_testing_helper_; |
| }; |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| BypassWithFlagWithSingleDomain) { |
| // The request should need to ask for permission |
| ASSERT_FALSE(IsOriginAllowed(requesting_origin_)); |
| |
| // Add the switch value that the |
| // ProtectedMediaIdentifierPermissionContext reads from |
| command_line_->AppendSwitchASCII( |
| switches::kUnsafelyAllowProtectedMediaIdentifierForDomain, "example.com"); |
| |
| // The request should no longer need to ask for permission |
| ASSERT_TRUE(IsOriginAllowed(requesting_origin_)); |
| } |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| BypassWithFlagWithDomainList) { |
| // The request should need to ask for permission |
| ASSERT_FALSE(IsOriginAllowed(requesting_origin_)); |
| |
| // Add the switch value that the |
| // ProtectedMediaIdentifierPermissionContext reads from |
| command_line_->AppendSwitchASCII( |
| switches::kUnsafelyAllowProtectedMediaIdentifierForDomain, |
| "example.ca,example.com,example.edu"); |
| |
| // The request should no longer need to ask for permission |
| ASSERT_TRUE(IsOriginAllowed(requesting_origin_)); |
| } |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| BypassWithFlagAndSubdomain) { |
| // The request should need to ask for permission |
| ASSERT_FALSE(IsOriginAllowed(requesting_sub_domain_origin_)); |
| |
| // Add the switch value that the |
| // ProtectedMediaIdentifierPermissionContext reads from |
| command_line_->AppendSwitchASCII( |
| switches::kUnsafelyAllowProtectedMediaIdentifierForDomain, "example.com"); |
| |
| // The request should no longer need to ask for permission |
| ASSERT_TRUE(IsOriginAllowed(requesting_sub_domain_origin_)); |
| } |
| |
| #if BUILDFLAG(IS_WIN) || BUILDFLAG(IS_CHROMEOS) |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedMediaIdentifierOnDifferentProfiles) { |
| ASSERT_FALSE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.incognito_profile())); |
| |
| ASSERT_FALSE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.guest_profile())); |
| |
| ASSERT_TRUE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.regular_profile())); |
| } |
| #endif // BUILDFLAG(IS_WIN) || BUILDFLAG(IS_CHROMEOS) |
| |
| #if BUILDFLAG(IS_CHROMEOS) |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedMediaIdentifierDisabledOnDevMode) { |
| command_line_->AppendSwitch(chromeos::switches::kSystemDevMode); |
| |
| // The protected media identifier should not be enabled if the system is on |
| // dev mode. |
| ASSERT_FALSE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.regular_profile())); |
| } |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedMediaIdentifierEnabledOnDevModeWithAshSwitch) { |
| command_line_->AppendSwitch(chromeos::switches::kSystemDevMode); |
| command_line_->AppendSwitch(switches::kAllowRAInDevMode); |
| |
| // As long as `kAllowRAInDevMode` is appended, then even if system is on dev |
| // mode, the protected media identifier should be enabled. |
| ASSERT_TRUE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.regular_profile())); |
| } |
| #endif // BUILDFLAG(IS_CHROMEOS) |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedContentIdentifierAllowedByPolicyDefault) { |
| ASSERT_TRUE(IsProtectedMediaIdentifierEnabled( |
| profile_testing_helper_.regular_profile())); |
| } |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedContentIdentifierAllowedByPolicyExplicitlyAllowed) { |
| Profile* profile = profile_testing_helper_.regular_profile(); |
| profile->GetPrefs()->SetBoolean( |
| policy::policy_prefs::kProtectedContentIdentifiersAllowed, true); |
| |
| ASSERT_TRUE(IsProtectedMediaIdentifierEnabled(profile)); |
| } |
| |
| TEST_F(ProtectedMediaIdentifierPermissionContextTest, |
| ProtectedContentIdentifierBlockedByPolicy) { |
| Profile* profile = profile_testing_helper_.regular_profile(); |
| profile->GetPrefs()->SetBoolean( |
| policy::policy_prefs::kProtectedContentIdentifiersAllowed, false); |
| |
| ASSERT_FALSE(IsProtectedMediaIdentifierEnabled(profile)); |
| } |
