Android: Site-level "fireproof" feature to preserve logins (#829)

* Fireproof websites UI (#796)

* Create new database table to persist sites where cookies should be preserved

* Removed divider from bookmarks list

* bookmarks title show in single line

* background favicon compatible with dark theme

* introduce fireproof site option menu

* Fireproof option menu reacts to database state.

* Fireproof website screen created

* Remove cookies preserving fireproof websites (#808)

* Implement logic to remove cookies preserving the ones related to fireproof website.

- Try to directly remove cookies from WebView database, preserving the ones with hosts related to a fireproof website
- If process fails, fallback to remove all the cookies to avoid any leak
- Send pixels in the following scenarios:
- database path not found
- database can't be opened
- delete query fails
- database corruption

* Fireproof websites empty state and Feature pixels (#810)

* Empty state for fireproof websites screen
* Feature pixels
- User clicks on "fireproof a website"
- User undo "fireproof website" action (confirmation snackbar after fireproffing a website)
- User removed a website from "fireproof websites"

Author: cmonfortep

app/schemas/com.duckduckgo.app.global.db.AppDatabase/21.json

@@ -50,6 +50,8 @@ import com.duckduckgo.app.cta.db.DismissedCtaDao
 import com.duckduckgo.app.cta.model.CtaId
 import com.duckduckgo.app.cta.model.DismissedCta
 import com.duckduckgo.app.cta.ui.*
+import com.duckduckgo.app.fire.fireproofwebsite.data.FireproofWebsiteDao
+import com.duckduckgo.app.fire.fireproofwebsite.data.FireproofWebsiteEntity
 import com.duckduckgo.app.global.db.AppDatabase
 import com.duckduckgo.app.global.install.AppInstallStore
 import com.duckduckgo.app.global.model.SiteFactory
@@ -188,6 +190,8 @@ class BrowserTabViewModelTest {
 
     private lateinit var testee: BrowserTabViewModel
 
+    private lateinit var fireproofWebsiteDao: FireproofWebsiteDao
+
     private val selectedTabLiveData = MutableLiveData<TabEntity>()
 
     @Before
@@ -197,6 +201,7 @@ class BrowserTabViewModelTest {
         db = Room.inMemoryDatabaseBuilder(getInstrumentation().targetContext, AppDatabase::class.java)
             .allowMainThreadQueries()
             .build()
+        fireproofWebsiteDao = db.fireproofWebsiteDao()
 
         mockAutoCompleteApi = AutoCompleteApi(mockAutoCompleteService, mockBookmarksDao)
 
@@ -243,7 +248,8 @@ class BrowserTabViewModelTest {
             ctaViewModel = ctaViewModel,
             searchCountDao = mockSearchCountDao,
             pixel = mockPixel,
-            dispatchers = coroutineRule.testDispatcherProvider
+            dispatchers = coroutineRule.testDispatcherProvider,
+            fireproofWebsiteDao = fireproofWebsiteDao
         )
 
         testee.loadData("abc", null, false)
@@ -1085,7 +1091,7 @@ class BrowserTabViewModelTest {
     }
 
     @Test
-    fun whenUserTogglesWhitelsitedSiteThenSiteRemovedFromWhitelistAndPixelSentAndPageRefreshed() = coroutineRule.runBlocking  {
+    fun whenUserTogglesWhitelsitedSiteThenSiteRemovedFromWhitelistAndPixelSentAndPageRefreshed() = coroutineRule.runBlocking {
         whenever(mockUserWhitelistDao.contains("www.example.com")).thenReturn(true)
         loadUrl("http://www.example.com/home.html")
         testee.onWhitelistSelected()
@@ -1259,6 +1265,7 @@ class BrowserTabViewModelTest {
         assertFalse(browserViewState().canGoForward)
         assertFalse(browserViewState().canReportSite)
         assertFalse(browserViewState().canChangeBrowsingMode)
+        assertFalse(browserViewState().canFireproofSite)
         assertFalse(findInPageViewState().canFindInPage)
     }
 
@@ -1610,6 +1617,100 @@ class BrowserTabViewModelTest {
         assertCommandIssued<Command.BrokenSiteFeedback>()
     }
 
+    @Test
+    fun whenHomeShowingByPressingBackThenFireproofWebsiteOptionMenuDisabled() {
+        setupNavigation(isBrowsing = true)
+        testee.onUserPressedBack()
+        assertFalse(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUserLoadsNotFireproofWebsiteThenFireproofWebsiteOptionMenuEnabled() {
+        loadUrl("http://www.example.com/path", isBrowserShowing = true)
+        assertTrue(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUserLoadsFireproofWebsiteThenFireproofWebsiteOptionMenuDisabled() {
+        givenFireproofWebsiteDomain("www.example.com")
+        loadUrl("http://www.example.com/path", isBrowserShowing = true)
+        assertFalse(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUserLoadsFireproofWebsiteSubDomainThenFireproofWebsiteOptionMenuEnabled() {
+        givenFireproofWebsiteDomain("example.com")
+        loadUrl("http://mobile.example.com/path", isBrowserShowing = true)
+        assertTrue(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUrlClearedThenFireproofWebsiteOptionMenuDisabled() {
+        loadUrl("http://www.example.com/path")
+        assertTrue(browserViewState().canFireproofSite)
+        loadUrl(null)
+        assertFalse(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUrlIsUpdatedWithNonFireproofWebsiteThenFireproofWebsiteOptionMenuEnabled() {
+        givenFireproofWebsiteDomain("www.example.com")
+        loadUrl("http://www.example.com/", isBrowserShowing = true)
+        updateUrl("http://www.example.com/", "http://twitter.com/explore", true)
+        assertTrue(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUrlIsUpdatedWithFireproofWebsiteThenFireproofWebsiteOptionMenuDisabled() {
+        givenFireproofWebsiteDomain("twitter.com")
+        loadUrl("http://example.com/", isBrowserShowing = true)
+        updateUrl("http://example.com/", "http://twitter.com/explore", true)
+        assertFalse(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUserClicksFireproofWebsiteOptionMenuThenShowConfirmationIsIssued() {
+        loadUrl("http://mobile.example.com/", isBrowserShowing = true)
+        testee.onFireproofWebsiteClicked()
+        assertCommandIssued<Command.ShowFireproofWebSiteConfirmation> {
+            assertEquals("mobile.example.com", this.fireproofWebsiteEntity.domain)
+        }
+    }
+
+    @Test
+    fun whenUserClicksFireproofWebsiteOptionMenuThenFireproofWebsiteOptionMenuDisabled() {
+        loadUrl("http://example.com/", isBrowserShowing = true)
+        testee.onFireproofWebsiteClicked()
+        assertFalse(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenFireproofWebsiteAddedThenPixelSent() {
+        loadUrl("http://example.com/", isBrowserShowing = true)
+        testee.onFireproofWebsiteClicked()
+        verify(mockPixel).fire(Pixel.PixelName.FIREPROOF_WEBSITE_ADDED)
+    }
+
+    @Test
+    fun whenUserClicksOnFireproofWebsiteSnackbarUndoActionThenFireproofWebsiteIsRemoved() {
+        loadUrl("http://example.com/", isBrowserShowing = true)
+        testee.onFireproofWebsiteClicked()
+        assertCommandIssued<Command.ShowFireproofWebSiteConfirmation> {
+            testee.onFireproofWebsiteSnackbarUndoClicked(this.fireproofWebsiteEntity)
+        }
+        assertTrue(browserViewState().canFireproofSite)
+    }
+
+    @Test
+    fun whenUserClicksOnFireproofWebsiteSnackbarUndoActionThenPixelSent() {
+        loadUrl("http://example.com/", isBrowserShowing = true)
+        testee.onFireproofWebsiteClicked()
+        assertCommandIssued<Command.ShowFireproofWebSiteConfirmation> {
+            testee.onFireproofWebsiteSnackbarUndoClicked(this.fireproofWebsiteEntity)
+        }
+        verify(mockPixel).fire(Pixel.PixelName.FIREPROOF_WEBSITE_UNDO)
+    }
+
     private inline fun <reified T : Command> assertCommandIssued(instanceAssertions: T.() -> Unit = {}) {
         verify(mockCommandObserver, atLeastOnce()).onChanged(commandCaptor.capture())
         val issuedCommand = commandCaptor.allValues.find { it is T }
@@ -1644,6 +1745,12 @@ class BrowserTabViewModelTest {
         testee.loadData("TAB_ID", "https://example.com", false)
     }
 
+    private fun givenFireproofWebsiteDomain(vararg fireproofWebsitesDomain: String) {
+        fireproofWebsitesDomain.forEach {
+            fireproofWebsiteDao.insert(FireproofWebsiteEntity(domain = it))
+        }
+    }
+
     private fun setBrowserShowing(isBrowsing: Boolean) {
         testee.browserViewState.value = browserViewState().copy(browserShowing = isBrowsing)
     }

app/src/androidTest/java/com/duckduckgo/app/browser/BrowserTabViewModelTest.kt

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2020 DuckDuckGo
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.duckduckgo.app.fire
+
+import androidx.room.Room
+import androidx.test.platform.app.InstrumentationRegistry
+import com.duckduckgo.app.fire.fireproofwebsite.data.FireproofWebsiteEntity
+import com.duckduckgo.app.global.db.AppDatabase
+import org.junit.Assert.assertEquals
+import org.junit.Assert.assertTrue
+import org.junit.Test
+
+class GetCookieHostsToPreserveTest {
+
+    private val context = InstrumentationRegistry.getInstrumentation().targetContext
+    private val db = Room.inMemoryDatabaseBuilder(context, AppDatabase::class.java).build()
+    private val fireproofWebsiteDao = db.fireproofWebsiteDao()
+    private val getHostsToPreserve = GetCookieHostsToPreserve(fireproofWebsiteDao)
+
+    @Test
+    fun whenSubDomainFireproofWebsiteThenExpectedListReturned() {
+        givenFireproofWebsitesStored(FireproofWebsiteEntity("mobile.twitter.com"))
+        val expectedList = listOf(
+            ".mobile.twitter.com",
+            "mobile.twitter.com",
+            ".twitter.com",
+            ".com"
+        )
+
+        val hostsToPreserve = getHostsToPreserve()
+
+        assertTrue(expectedList.all { hostsToPreserve.contains(it) })
+    }
+
+    @Test
+    fun whenFireproofWebsiteThenExpectedListReturned() {
+        givenFireproofWebsitesStored(FireproofWebsiteEntity("twitter.com"))
+        val expectedList = listOf("twitter.com", ".twitter.com", ".com")
+
+        val hostsToPreserve = getHostsToPreserve()
+
+        assertTrue(expectedList.all { hostsToPreserve.contains(it) })
+    }
+
+    @Test
+    fun whenMultipleFireproofWebsiteWithSameTopLevelThenExpectedListReturned() {
+        givenFireproofWebsitesStored(FireproofWebsiteEntity("twitter.com"))
+        givenFireproofWebsitesStored(FireproofWebsiteEntity("example.com"))
+        val expectedList = listOf(
+            ".example.com",
+            "example.com",
+            "twitter.com",
+            ".twitter.com",
+            ".com"
+        )
+
+        val hostsToPreserve = getHostsToPreserve()
+
+        assertEquals(expectedList.size, hostsToPreserve.size)
+        assertTrue(expectedList.all { hostsToPreserve.contains(it) })
+    }
+
+    private fun givenFireproofWebsitesStored(fireproofWebsiteEntity: FireproofWebsiteEntity) {
+        fireproofWebsiteDao.insert(fireproofWebsiteEntity)
+    }
+}

app/src/androidTest/java/com/duckduckgo/app/fire/GetCookieHostsToPreserveTest.kt

@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2020 DuckDuckGo
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.duckduckgo.app.fire
+
+import com.nhaarman.mockitokotlin2.mock
+import com.nhaarman.mockitokotlin2.verify
+import com.nhaarman.mockitokotlin2.verifyZeroInteractions
+import com.nhaarman.mockitokotlin2.whenever
+import kotlinx.coroutines.test.runBlockingTest
+import org.junit.Test
+
+class RemoveCookiesTest {
+
+    private val selectiveCookieRemover = mock<CookieRemover>()
+    private val cookieManagerRemover = mock<CookieRemover>()
+    private val removeCookies = RemoveCookies(cookieManagerRemover, selectiveCookieRemover)
+
+    @Test
+    fun whenSelectiveCookieRemoverSucceedsThenNoMoreInteractions() = runBlockingTest {
+        selectiveCookieRemover.succeeds()
+
+        removeCookies.removeCookies()
+
+        verifyZeroInteractions(cookieManagerRemover)
+    }
+
+    @Test
+    fun whenSelectiveCookieRemoverFailsThenFallbackToCookieManagerRemover() = runBlockingTest {
+        selectiveCookieRemover.fails()
+
+        removeCookies.removeCookies()
+
+        verify(cookieManagerRemover).removeCookies()
+    }
+
+    private suspend fun CookieRemover.succeeds() {
+        whenever(this.removeCookies()).thenReturn(true)
+    }
+
+    private suspend fun CookieRemover.fails() {
+        whenever(this.removeCookies()).thenReturn(false)
+    }
+}