1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_UI_VIEWS_PERMISSIONS_PERMISSION_PROMPT_BASE_VIEW_H_
#define CHROME_BROWSER_UI_VIEWS_PERMISSIONS_PERMISSION_PROMPT_BASE_VIEW_H_
#include <memory>
#include "base/memory/weak_ptr.h"
#include "chrome/browser/picture_in_picture/picture_in_picture_occlusion_observer.h"
#include "chrome/browser/picture_in_picture/scoped_picture_in_picture_occlusion_observation.h"
#include "chrome/browser/ui/url_identity.h"
#include "components/permissions/permission_prompt.h"
#include "ui/views/bubble/bubble_dialog_delegate_view.h"
class Browser;
class BrowserWindowInterface;
// Base view that provide security-related functionality to permission prompts.
// This class will:
// * Compute an URL identity and provide it to subclasses
// * Elide the title as needed if it would be too long
// * Filter unintended button presses
// * Ensure no button is selected by default to prevent unintended button
// presses
class PermissionPromptBaseView : public views::BubbleDialogDelegateView,
public PictureInPictureOcclusionObserver {
METADATA_HEADER(PermissionPromptBaseView, views::BubbleDialogDelegateView)
public:
PermissionPromptBaseView(
Browser* browser,
base::WeakPtr<permissions::PermissionPrompt::Delegate> delegate);
~PermissionPromptBaseView() override;
// views::BubbleDialogDelegateView:
// Overridden to elide the prompt title if needed
void AddedToWidget() override;
// Overridden to provide input protection on dialog default buttons.
bool ShouldIgnoreButtonPressedEventHandling(
View* button,
const ui::Event& event) const override;
// PictureInPictureOcclusionObserver:
void OnOcclusionStateChanged(bool occluded) override;
protected:
// Performs clickjacking checks and executes the button callback if the click
// is valid. Subclasses need to make sure to set this as the callback for
// custom buttons in order for this to work. This function will call
// |RunButtonCallback| if the checks pass.
void FilterUnintenedEventsAndRunCallbacks(int button_view_id,
const ui::Event& event);
// Called if a button press event has passes the input protections checks.
// Needs to be implemented.
virtual void RunButtonCallback(int button_view_id) = 0;
const UrlIdentity& GetUrlIdentityObject() const { return url_identity_; }
static UrlIdentity GetUrlIdentity(
Browser* browser,
permissions::PermissionPrompt::Delegate& delegate);
static std::u16string GetAllowAlwaysText(
const std::vector<std::unique_ptr<permissions::PermissionRequest>>&
visible_requests);
static std::u16string GetAllowAlwaysText(
const std::vector<base::WeakPtr<permissions::PermissionRequest>>&
visible_requests);
static std::u16string GetBlockText(
const std::vector<std::unique_ptr<permissions::PermissionRequest>>&
visible_requests);
static std::u16string GetBlockText(
const std::vector<base::WeakPtr<permissions::PermissionRequest>>&
visible_requests);
// Starts observing our widget for occlusion by a picture-in-picture window.
// Subclasses must manually call this if they override `AddedToWidget()`
// without calling `PermissionPromptBaseView::AddedToWidget()`.
void StartTrackingPictureInPictureOcclusion();
void AnchorToPageInfoOrChip();
Browser* browser() const { return browser_; }
bool record_browser_always_active_value() const {
return record_browser_always_active_value_;
}
permissions::RequestTypeForUma request_type() const { return request_type_; }
std::vector<std::pair<size_t, size_t>> GetTitleBoldedRanges();
void SetTitleBoldedRanges(
std::vector<std::pair<size_t, size_t>> bolded_ranges);
private:
void DidBecomeInactive(BrowserWindowInterface* browser_window_interface);
base::CallbackListSubscription browser_subscription_;
const UrlIdentity url_identity_;
ScopedPictureInPictureOcclusionObservation occlusion_observation_{this};
bool occluded_by_picture_in_picture_ = false;
// True if this permission prompt is for a picture-in-picture window. This
// means it will be in an always-on-top window, and needs to be tracked by the
// PictureInPictureOcclusionTracker.
const bool is_for_picture_in_picture_window_;
// Boolean value to track if the browser was always active while the prompt
// was displayed.
bool record_browser_always_active_value_ = true;
const raw_ptr<Browser> browser_ = nullptr;
// $ORIGIN in the title should be bolded, the ranges of the $ORIGINs are
// gained while building the title string via `l10n_util::GetStringFUTF16()`.
std::vector<std::pair<size_t, size_t>> title_bolded_ranges_ = {};
permissions::RequestTypeForUma request_type_;
};
#endif // CHROME_BROWSER_UI_VIEWS_PERMISSIONS_PERMISSION_PROMPT_BASE_VIEW_H_
|
