Return safe if RC flag is disabled

duckduckgo · Dec 19, 2024 · 145fef2 · 145fef2
1 parent 95b3a46
commit 145fef2
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 5 deletions.
diff --git a/.../kotlin/com/duckduckgo/malicioussiteprotection/impl/domain/RealMaliciousSiteProtection.kt b/.../kotlin/com/duckduckgo/malicioussiteprotection/impl/domain/RealMaliciousSiteProtection.kt
@@ -22,26 +22,33 @@ import com.duckduckgo.common.utils.DispatcherProvider
 import com.duckduckgo.di.scopes.AppScope
 import com.duckduckgo.malicioussiteprotection.api.MaliciousSiteProtection
 import com.duckduckgo.malicioussiteprotection.api.MaliciousSiteProtection.IsMaliciousResult
+import com.duckduckgo.malicioussiteprotection.impl.MaliciousSiteProtectionRCFeature
 import com.duckduckgo.malicioussiteprotection.impl.data.MaliciousSiteRepository
 import com.squareup.anvil.annotations.ContributesBinding
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.launch
-import timber.log.Timber
 import java.security.MessageDigest
 import java.util.regex.Pattern
 import javax.inject.Inject
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.launch
+import timber.log.Timber
 
 @ContributesBinding(AppScope::class, MaliciousSiteProtection::class)
 class RealMaliciousSiteProtection @Inject constructor(
     private val dispatchers: DispatcherProvider,
     @AppCoroutineScope private val appCoroutineScope: CoroutineScope,
     private val maliciousSiteRepository: MaliciousSiteRepository,
     private val messageDigest: MessageDigest,
+    private val maliciousSiteProtectionRCFeature: MaliciousSiteProtectionRCFeature,
 ) : MaliciousSiteProtection {
 
     override suspend fun isMalicious(url: Uri, confirmationCallback: (isMalicious: Boolean) -> Unit): IsMaliciousResult {
         Timber.tag("MaliciousSiteProtection").d("isMalicious $url")
 
+        if (!maliciousSiteProtectionRCFeature.isFeatureEnabled()) {
+            Timber.d("\uD83D\uDFE2 Cris: should not block (feature disabled) $url")
+            return IsMaliciousResult.SAFE
+        }
+
         val hostname = url.host ?: return IsMaliciousResult.SAFE
         val hash = messageDigest
             .digest(hostname.toByteArray())

diff --git a/...lin/com/duckduckgo/malicioussiteprotection/impl/domain/RealMaliciousSiteProtectionTest.kt b/...lin/com/duckduckgo/malicioussiteprotection/impl/domain/RealMaliciousSiteProtectionTest.kt
@@ -19,9 +19,8 @@ package com.duckduckgo.malicioussiteprotection.impl.domain
 import android.net.Uri
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import com.duckduckgo.common.test.CoroutineTestRule
-import com.duckduckgo.feature.toggles.api.FakeFeatureToggleFactory
 import com.duckduckgo.malicioussiteprotection.api.MaliciousSiteProtection
-import com.duckduckgo.malicioussiteprotection.impl.MaliciousSiteProtectionFeature
+import com.duckduckgo.malicioussiteprotection.impl.MaliciousSiteProtectionRCFeature
 import com.duckduckgo.malicioussiteprotection.impl.data.Filter
 import com.duckduckgo.malicioussiteprotection.impl.data.MaliciousSiteRepository
 import com.duckduckgo.malicioussiteprotection.impl.data.Match
@@ -45,6 +44,7 @@ class RealMaliciousSiteProtectionTest {
     private lateinit var realMaliciousSiteProtection: RealMaliciousSiteProtection
     private val maliciousSiteRepository: MaliciousSiteRepository = mock()
     private val messageDigest: MessageDigest = MessageDigest.getInstance("SHA-256")
+    private val mockMaliciousSiteProtectionRCFeature: MaliciousSiteProtectionRCFeature = mock()
 
     @Before
     fun setup() {
@@ -53,7 +53,9 @@ class RealMaliciousSiteProtectionTest {
             coroutinesTestRule.testScope,
             maliciousSiteRepository,
             messageDigest,
+            mockMaliciousSiteProtectionRCFeature,
         )
+        whenever(mockMaliciousSiteProtectionRCFeature.isFeatureEnabled()).thenReturn(true)
     }
 
     @Test
@@ -86,6 +88,23 @@ class RealMaliciousSiteProtectionTest {
         assertEquals(MaliciousSiteProtection.IsMaliciousResult.MALICIOUS, result)
     }
 
+    @Test
+    fun isMalicious_returnsSafe_whenUrlIsMaliciousButRCFeatureDisabled() = runTest {
+        val url = Uri.parse("https://malicious.com")
+        val hostname = url.host!!
+        val hash = messageDigest.digest(hostname.toByteArray()).joinToString("") { "%02x".format(it) }
+        val hashPrefix = hash.substring(0, 8)
+        val filter = Filter(hash, ".*malicious.*")
+
+        whenever(maliciousSiteRepository.containsHashPrefix(hashPrefix)).thenReturn(true)
+        whenever(maliciousSiteRepository.getFilter(hash)).thenReturn(filter)
+        whenever(mockMaliciousSiteProtectionRCFeature.isFeatureEnabled()).thenReturn(false)
+
+        val result = realMaliciousSiteProtection.isMalicious(url) {}
+
+        assertEquals(MaliciousSiteProtection.IsMaliciousResult.SAFE, result)
+    }
+
     @Test
     fun isMalicious_returnsWaitForConfirmation_whenUrlDoesNotMatchFilter() = runTest {
         val url = Uri.parse("https://safe.com")