Google Git
Sign in
chromium / chromium / src / ba5ff58b6c232dff0bcd102caf3b1bb825a9d10c / . / chrome / browser / ash / policy / dlp / data_transfer_dlp_controller_unittest.cc
blob: 690ce07a1cfefcf58b39aac2c1a0c5e5dfe1275a [file] [log] [blame]
// Copyright 2020 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/ash/policy/dlp/data_transfer_dlp_controller.h"
#include <memory>
#include "base/stl_util.h"
#include "base/test/metrics/histogram_tester.h"
#include "base/test/mock_callback.h"
#include "chrome/browser/ash/policy/dlp/dlp_histogram_helper.h"
#include "chrome/browser/ash/policy/dlp/dlp_policy_event.pb.h"
#include "chrome/browser/ash/policy/dlp/dlp_reporting_manager.h"
#include "chrome/browser/ash/policy/dlp/dlp_reporting_manager_test_helper.h"
#include "chrome/browser/ash/policy/dlp/dlp_rules_manager.h"
#include "chrome/browser/ash/policy/dlp/mock_dlp_rules_manager.h"
#include "chrome/common/chrome_constants.h"
#include "chrome/test/base/testing_browser_process.h"
#include "chrome/test/base/testing_profile_manager.h"
#include "components/account_id/account_id.h"
#include "components/reporting/client/mock_report_queue.h"
#include "content/public/test/browser_task_environment.h"
#include "content/public/test/web_contents_tester.h"
#include "testing/gmock/include/gmock/gmock-matchers.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/abseil-cpp/absl/types/optional.h"
#include "ui/base/data_transfer_policy/data_transfer_endpoint.h"
#include "url/origin.h"
namespace policy {
namespace {
constexpr char kExample1Url[] = "https://www.example1.com";
constexpr char kExample2Url[] = "https://www.example2.com";
class MockDlpController : public DataTransferDlpController {
public:
explicit MockDlpController(const DlpRulesManager& dlp_rules_manager)
: DataTransferDlpController(dlp_rules_manager) {}
MOCK_METHOD2(NotifyBlockedPaste,
void(const ui::DataTransferEndpoint* const data_src,
const ui::DataTransferEndpoint* const data_dst));
MOCK_METHOD2(NotifyBlockedDrop,
void(const ui::DataTransferEndpoint* const data_src,
const ui::DataTransferEndpoint* const data_dst));
MOCK_METHOD2(WarnOnPaste,
void(const ui::DataTransferEndpoint* const data_src,
const ui::DataTransferEndpoint* const data_dst));
MOCK_METHOD4(WarnOnBlinkPaste,
void(const ui::DataTransferEndpoint* const data_src,
const ui::DataTransferEndpoint* const data_dst,
content::WebContents* web_contents,
base::OnceCallback<void(bool)> paste_cb));
MOCK_METHOD1(ShouldPasteOnWarn,
bool(const ui::DataTransferEndpoint* const data_dst));
MOCK_METHOD1(ShouldCancelOnWarn,
bool(const ui::DataTransferEndpoint* const data_dst));
};
// Creates a new MockDlpRulesManager for the given |context|.
std::unique_ptr<KeyedService> BuildDlpRulesManager(
content::BrowserContext* context) {
return std::make_unique<::testing::StrictMock<MockDlpRulesManager>>();
}
absl::optional<ui::DataTransferEndpoint> CreateEndpoint(
ui::EndpointType* type,
bool notify_if_restricted) {
if (type && *type == ui::EndpointType::kUrl) {
return ui::DataTransferEndpoint(
url::Origin::Create(GURL(kExample2Url)),
/*notify_if_restricted=*/notify_if_restricted);
} else if (type) {
return ui::DataTransferEndpoint(
*type,
/*notify_if_restricted=*/notify_if_restricted);
}
return absl::nullopt;
}
std::unique_ptr<content::WebContents> CreateTestWebContents(
content::BrowserContext* browser_context) {
auto site_instance = content::SiteInstance::Create(browser_context);
return content::WebContentsTester::CreateTestWebContents(
browser_context, std::move(site_instance));
}
DlpRulesManager::Component GetComponent(ui::EndpointType endpoint_type) {
switch (endpoint_type) {
case ui::EndpointType::kArc:
return DlpRulesManager::Component::kArc;
case ui::EndpointType::kCrostini:
return DlpRulesManager::Component::kCrostini;
case ui::EndpointType::kPluginVm:
return DlpRulesManager::Component::kPluginVm;
default:
return DlpRulesManager::Component::kUnknownComponent;
}
}
} // namespace
class DataTransferDlpControllerTest
: public ::testing::TestWithParam<
std::tuple<absl::optional<ui::EndpointType>, bool>> {
protected:
DataTransferDlpControllerTest()
: rules_manager_(), dlp_controller_(rules_manager_) {}
~DataTransferDlpControllerTest() override = default;
content::BrowserTaskEnvironment task_environment_;
::testing::StrictMock<MockDlpRulesManager> rules_manager_;
::testing::StrictMock<MockDlpController> dlp_controller_;
base::HistogramTester histogram_tester_;
};
TEST_F(DataTransferDlpControllerTest, NullSrc) {
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(nullptr, nullptr));
EXPECT_EQ(true, dlp_controller_.IsDragDropAllowed(nullptr, nullptr,
/*is_drop=*/false));
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false, 1);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kDragDropBlockedUMA, false, 1);
}
TEST_F(DataTransferDlpControllerTest, ClipboardHistoryDst) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(ui::EndpointType::kClipboardHistory);
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, &data_dst));
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false, 1);
}
TEST_F(DataTransferDlpControllerTest, PasteIfAllowed_Allow) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(url::Origin::Create(GURL(kExample2Url)));
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kAllow));
::testing::StrictMock<base::MockOnceCallback<void(bool)>> callback;
EXPECT_CALL(callback, Run(true));
std::unique_ptr<TestingProfile> testing_profile =
TestingProfile::Builder().Build();
auto web_contents = CreateTestWebContents(testing_profile.get());
dlp_controller_.PasteIfAllowed(&data_src, &data_dst, web_contents.get(),
callback.Get());
}
TEST_F(DataTransferDlpControllerTest, PasteIfAllowed_NullWebContents) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(url::Origin::Create(GURL(kExample2Url)));
::testing::StrictMock<base::MockOnceCallback<void(bool)>> callback;
EXPECT_CALL(callback, Run(false));
dlp_controller_.PasteIfAllowed(&data_src, &data_dst, nullptr, callback.Get());
}
TEST_F(DataTransferDlpControllerTest, PasteIfAllowed_WarnDst) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(url::Origin::Create(GURL(kExample2Url)));
std::unique_ptr<TestingProfile> testing_profile =
TestingProfile::Builder().Build();
auto web_contents = CreateTestWebContents(testing_profile.get());
::testing::StrictMock<base::MockOnceCallback<void(bool)>> callback;
// ShouldPasteOnWarn returns false.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldPasteOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_CALL(dlp_controller_, WarnOnBlinkPaste);
dlp_controller_.PasteIfAllowed(&data_src, &data_dst, web_contents.get(),
callback.Get());
}
TEST_F(DataTransferDlpControllerTest, PasteIfAllowed_ProceedDst) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(url::Origin::Create(GURL(kExample2Url)));
std::unique_ptr<TestingProfile> testing_profile =
TestingProfile::Builder().Build();
auto web_contents = CreateTestWebContents(testing_profile.get());
::testing::StrictMock<base::MockOnceCallback<void(bool)>> callback;
// ShouldPasteOnWarn returns true.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldPasteOnWarn)
.WillRepeatedly(testing::Return(true));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_CALL(callback, Run(true));
dlp_controller_.PasteIfAllowed(&data_src, &data_dst, web_contents.get(),
callback.Get());
}
TEST_F(DataTransferDlpControllerTest, PasteIfAllowed_CancelDst) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
ui::DataTransferEndpoint data_dst(url::Origin::Create(GURL(kExample2Url)));
std::unique_ptr<TestingProfile> testing_profile =
TestingProfile::Builder().Build();
auto web_contents = CreateTestWebContents(testing_profile.get());
::testing::StrictMock<base::MockOnceCallback<void(bool)>> callback;
// ShouldCancelOnWarn returns true.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldPasteOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(true));
EXPECT_CALL(callback, Run(false));
dlp_controller_.PasteIfAllowed(&data_src, &data_dst, web_contents.get(),
callback.Get());
}
// Create a version of the test class for parameterized testing.
using DlpControllerTest = DataTransferDlpControllerTest;
INSTANTIATE_TEST_SUITE_P(
DlpClipboard,
DlpControllerTest,
::testing::Combine(::testing::Values(absl::nullopt,
ui::EndpointType::kDefault,
ui::EndpointType::kUnknownVm,
ui::EndpointType::kBorealis,
ui::EndpointType::kUrl),
testing::Bool()));
TEST_P(DlpControllerTest, Allow) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
absl::optional<ui::DataTransferEndpoint> data_dst =
CreateEndpoint(base::OptionalOrNullptr(endpoint_type), do_notify);
auto* dst_ptr = base::OptionalOrNullptr(data_dst);
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kAllow));
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kAllow));
EXPECT_EQ(true, dlp_controller_.IsDragDropAllowed(&data_src, dst_ptr,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false, 1);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kDragDropBlockedUMA, false, 1);
}
TEST_P(DlpControllerTest, Block) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
absl::optional<ui::DataTransferEndpoint> data_dst =
CreateEndpoint(base::OptionalOrNullptr(endpoint_type), do_notify);
auto* dst_ptr = base::OptionalOrNullptr(data_dst);
DlpReportingManager reporting_manager;
std::vector<DlpPolicyEvent> events;
SetReportQueueForReportingManager(&reporting_manager, events);
EXPECT_CALL(rules_manager_, GetReportingManager)
.WillRepeatedly(::testing::Return(&reporting_manager));
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kBlock));
if (do_notify || !dst_ptr)
EXPECT_CALL(dlp_controller_, NotifyBlockedPaste);
EXPECT_EQ(false, dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 1u);
EXPECT_THAT(events[0], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", "", DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kBlock)));
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kBlock));
if (do_notify)
EXPECT_CALL(dlp_controller_, NotifyBlockedDrop);
EXPECT_EQ(false, dlp_controller_.IsDragDropAllowed(&data_src, dst_ptr,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 2u);
EXPECT_THAT(events[1], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", "", DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kBlock)));
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, true, 1);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kDragDropBlockedUMA, true, 1);
}
TEST_P(DlpControllerTest, Report) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
absl::optional<ui::DataTransferEndpoint> data_dst =
CreateEndpoint(base::OptionalOrNullptr(endpoint_type), do_notify);
auto* dst_ptr = base::OptionalOrNullptr(data_dst);
DlpReportingManager reporting_manager;
std::vector<DlpPolicyEvent> events;
SetReportQueueForReportingManager(&reporting_manager, events);
EXPECT_CALL(rules_manager_, GetReportingManager)
.WillRepeatedly(::testing::Return(&reporting_manager));
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kReport));
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 1u);
EXPECT_THAT(events[0], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", "", DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kReport)));
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kReport));
EXPECT_EQ(true, dlp_controller_.IsDragDropAllowed(&data_src, dst_ptr,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 2u);
EXPECT_THAT(events[1], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", "", DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kReport)));
}
TEST_P(DlpControllerTest, Warn) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
absl::optional<ui::DataTransferEndpoint> data_dst =
CreateEndpoint(base::OptionalOrNullptr(endpoint_type), do_notify);
auto* dst_ptr = base::OptionalOrNullptr(data_dst);
// ShouldPasteOnWarn returns false.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldPasteOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(false));
bool show_warning = dst_ptr ? (do_notify && !dst_ptr->IsUrlType()) : true;
if (show_warning)
EXPECT_CALL(dlp_controller_, WarnOnPaste);
EXPECT_EQ(!show_warning,
dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
// ShouldPasteOnWarn returns true.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldPasteOnWarn)
.WillRepeatedly(testing::Return(true));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(false));
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
histogram_tester_.ExpectBucketCount(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false,
show_warning ? 1 : 2);
histogram_tester_.ExpectBucketCount(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, true,
show_warning ? 1 : 0);
}
TEST_P(DlpControllerTest, Warn_ShouldCancelOnWarn) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
absl::optional<ui::DataTransferEndpoint> data_dst =
CreateEndpoint(base::OptionalOrNullptr(endpoint_type), do_notify);
auto* dst_ptr = base::OptionalOrNullptr(data_dst);
// ShouldCancelOnWarn returns true.
EXPECT_CALL(rules_manager_, IsRestrictedDestination)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
EXPECT_CALL(dlp_controller_, ShouldCancelOnWarn)
.WillRepeatedly(testing::Return(true));
bool expected_is_read = data_dst.has_value() ? !do_notify : false;
EXPECT_EQ(expected_is_read,
dlp_controller_.IsClipboardReadAllowed(&data_src, dst_ptr));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
}
// Create a version of the test class for parameterized testing.
using DlpControllerVMsTest = DataTransferDlpControllerTest;
INSTANTIATE_TEST_SUITE_P(
DlpClipboard,
DlpControllerVMsTest,
::testing::Combine(::testing::Values(ui::EndpointType::kArc,
ui::EndpointType::kCrostini,
ui::EndpointType::kPluginVm),
testing::Bool()));
TEST_P(DlpControllerVMsTest, Allow) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
ASSERT_TRUE(endpoint_type.has_value());
ui::DataTransferEndpoint data_dst(endpoint_type.value(), do_notify);
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kAllow));
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, &data_dst));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kAllow));
EXPECT_EQ(true, dlp_controller_.IsDragDropAllowed(&data_src, &data_dst,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false, 1);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kDragDropBlockedUMA, false, 1);
}
TEST_P(DlpControllerVMsTest, Block) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
ASSERT_TRUE(endpoint_type.has_value());
ui::DataTransferEndpoint data_dst(endpoint_type.value(), do_notify);
DlpReportingManager reporting_manager;
std::vector<DlpPolicyEvent> events;
SetReportQueueForReportingManager(&reporting_manager, events);
EXPECT_CALL(rules_manager_, GetReportingManager)
.WillRepeatedly(::testing::Return(&reporting_manager));
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kBlock));
if (do_notify)
EXPECT_CALL(dlp_controller_, NotifyBlockedPaste);
EXPECT_EQ(false,
dlp_controller_.IsClipboardReadAllowed(&data_src, &data_dst));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 1u);
EXPECT_THAT(events[0], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", GetComponent(endpoint_type.value()),
DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kBlock)));
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kBlock));
if (do_notify)
EXPECT_CALL(dlp_controller_, NotifyBlockedDrop);
EXPECT_EQ(false, dlp_controller_.IsDragDropAllowed(&data_src, &data_dst,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 2u);
EXPECT_THAT(events[1], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", GetComponent(endpoint_type.value()),
DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kBlock)));
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, true, 1);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kDragDropBlockedUMA, true, 1);
}
TEST_P(DlpControllerVMsTest, Report) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
ASSERT_TRUE(endpoint_type.has_value());
ui::DataTransferEndpoint data_dst(endpoint_type.value(), do_notify);
DlpReportingManager reporting_manager;
std::vector<DlpPolicyEvent> events;
SetReportQueueForReportingManager(&reporting_manager, events);
EXPECT_CALL(rules_manager_, GetReportingManager)
.WillRepeatedly(::testing::Return(&reporting_manager));
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kReport));
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, &data_dst));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 1u);
EXPECT_THAT(events[0], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", GetComponent(endpoint_type.value()),
DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kReport)));
// IsDragDropAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kReport));
EXPECT_EQ(true, dlp_controller_.IsDragDropAllowed(&data_src, &data_dst,
/*is_drop=*/do_notify));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
EXPECT_EQ(events.size(), 2u);
EXPECT_THAT(events[1], IsDlpPolicyEvent(CreateDlpPolicyEvent(
"", GetComponent(endpoint_type.value()),
DlpRulesManager::Restriction::kClipboard,
DlpRulesManager::Level::kReport)));
}
TEST_P(DlpControllerVMsTest, Warn) {
ui::DataTransferEndpoint data_src(url::Origin::Create(GURL(kExample1Url)));
absl::optional<ui::EndpointType> endpoint_type;
bool do_notify;
std::tie(endpoint_type, do_notify) = GetParam();
ASSERT_TRUE(endpoint_type.has_value());
ui::DataTransferEndpoint data_dst(endpoint_type.value(), do_notify);
// IsClipboardReadAllowed
EXPECT_CALL(rules_manager_, IsRestrictedComponent)
.WillOnce(testing::Return(DlpRulesManager::Level::kWarn));
if (do_notify)
EXPECT_CALL(dlp_controller_, WarnOnPaste);
EXPECT_EQ(true, dlp_controller_.IsClipboardReadAllowed(&data_src, &data_dst));
testing::Mock::VerifyAndClearExpectations(&dlp_controller_);
histogram_tester_.ExpectUniqueSample(
GetDlpHistogramPrefix() + dlp::kClipboardReadBlockedUMA, false, 1);
}
} // namespace policy