// Copyright 2025 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include <tuple>

#include "ash/constants/ash_features.h"
#include "ash/constants/ash_pref_names.h"
#include "ash/constants/geolocation_access_level.h"
#include "ash/shell.h"
#include "ash/system/privacy_hub/privacy_hub_controller.h"
#include "ash/webui/settings/public/constants/routes.mojom-forward.h"
#include "base/notreached.h"
#include "chrome/browser/ash/login/login_manager_test.h"
#include "chrome/browser/ash/login/test/device_state_mixin.h"
#include "chrome/browser/ash/login/test/login_manager_mixin.h"
#include "chrome/browser/ash/privacy_hub/privacy_hub_util.h"
#include "chrome/browser/ash/system_web_apps/system_web_app_manager.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "chrome/browser/ui/ash/login/user_adding_screen.h"
#include "chrome/browser/ui/chrome_pages.h"
#include "chrome/browser/ui/webui/ash/settings/pages/privacy/privacy_hub_handler.h"
#include "chromeos/ash/components/browser_context_helper/annotated_account_id.h"
#include "chromeos/ash/components/browser_context_helper/browser_context_helper.h"
#include "chromeos/ash/components/geolocation/system_location_provider.h"
#include "components/account_id/account_id.h"
#include "components/prefs/pref_service.h"
#include "content/public/test/browser_test.h"
#include "content/public/test/browser_test_utils.h"
#include "testing/gmock/include/gmock/gmock.h"

namespace ash {

namespace {

bool IsLocationEnabledForBrowser(GeolocationAccessLevel access_level) {
  switch (access_level) {
    case GeolocationAccessLevel::kAllowed:
      return true;
    case GeolocationAccessLevel::kOnlyAllowedForSystem:
    case GeolocationAccessLevel::kDisallowed:
      return false;
    default:
      NOTREACHED() << "Invalid access level";
  }
}

}  // namespace

class PrivacyHubGeolocationBrowsertestBase : public LoginManagerTest {
 public:
  PrivacyHubGeolocationBrowsertestBase() {
    scoped_feature_list_.InitWithFeatures({ash::features::kCrosPrivacyHub}, {});
  }

  ~PrivacyHubGeolocationBrowsertestBase() override = default;

  // Set the `kUserGeolocationAccessLevel` pref for the active user.
  void SetGeolocationAccessLevelPref(GeolocationAccessLevel access_level) {
    g_browser_process->profile_manager()
        ->GetActiveUserProfile()
        ->GetPrefs()
        ->SetInteger(prefs::kUserGeolocationAccessLevel,
                     static_cast<int>(access_level));
  }

 protected:
  LoginManagerMixin login_manager_{&mixin_host_};
  DeviceStateMixin device_state_{
      &mixin_host_, DeviceStateMixin::State::OOBE_COMPLETED_CONSUMER_OWNED};
  base::test::ScopedFeatureList scoped_feature_list_;
};

class PrivacyHubGeolocationBrowsertestMultiUserSession
    : public PrivacyHubGeolocationBrowsertestBase,
      public testing::WithParamInterface<
          std::tuple<GeolocationAccessLevel, GeolocationAccessLevel>> {
 public:
  PrivacyHubGeolocationBrowsertestMultiUserSession() {
    login_manager_.AppendRegularUsers(3);
    regular_primary_user_ = login_manager_.users()[0].account_id;
    regular_secondary_user_1_ = login_manager_.users()[1].account_id;
    regular_secondary_user_2_ = login_manager_.users()[2].account_id;
  }
  ~PrivacyHubGeolocationBrowsertestMultiUserSession() = default;

 protected:
  AccountId regular_primary_user_;
  AccountId regular_secondary_user_1_;
  AccountId regular_secondary_user_2_;
};

IN_PROC_BROWSER_TEST_P(PrivacyHubGeolocationBrowsertestMultiUserSession,
                       SecondUserCanNotChangeGeolocationSetting) {
  SystemLocationProvider* provider = SystemLocationProvider::GetInstance();
  CHECK(provider);

  // Log in primary user.
  LoginUser(regular_primary_user_);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            GeolocationAccessLevel::kAllowed);

  const GeolocationAccessLevel primary_user_geolocation_choice =
      std::get<0>(GetParam());
  SetGeolocationAccessLevelPref(primary_user_geolocation_choice);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);

  // Add secondary user and log in.
  ash::UserAddingScreen::Get()->Start();
  AddUser(regular_secondary_user_1_);
  const GeolocationAccessLevel secondary_user_geolocation_choice =
      std::get<1>(GetParam());

  // Check that primary user's choice for Geolocation setting is
  // overriding secondary user's choice.
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));

  // Modify the underlying preference for the secondary user. Check that the
  // effective geolocation setting is unaffected; still following the primary
  // user's choice.
  SetGeolocationAccessLevelPref(secondary_user_geolocation_choice);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));
}

IN_PROC_BROWSER_TEST_P(PrivacyHubGeolocationBrowsertestMultiUserSession,
                       SecondaryUsersCanNotChangeGeolocationSetting) {
  SystemLocationProvider* provider = SystemLocationProvider::GetInstance();
  CHECK(provider);

  // Log in primary user.
  LoginUser(regular_primary_user_);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            GeolocationAccessLevel::kAllowed);

  const GeolocationAccessLevel primary_user_geolocation_choice =
      std::get<0>(GetParam());
  SetGeolocationAccessLevelPref(primary_user_geolocation_choice);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);

  // Add secondary user and log in.
  ash::UserAddingScreen::Get()->Start();
  AddUser(regular_secondary_user_1_);
  const GeolocationAccessLevel secondary_user_geolocation_choice =
      std::get<1>(GetParam());
  // Check that primary user's choice for Geolocation setting is
  // overriding secondary user's choice.
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));

  // Modify the underlying preference for the secondary user. Check that the
  // effective geolocation setting is unaffected; still following the primary
  // user's choice.
  SetGeolocationAccessLevelPref(secondary_user_geolocation_choice);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));

  // Add another secondary user and conduct the same testing.
  ash::UserAddingScreen::Get()->Start();
  AddUser(regular_secondary_user_2_);

  // Check initial location access level follows the primary user choice.
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));

  // Change the underlying preference for this user too. Check that the
  // effective geolocation setting is unaffected.
  SetGeolocationAccessLevelPref(secondary_user_geolocation_choice);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            primary_user_geolocation_choice);
  ASSERT_EQ(privacy_hub_util::ContentBlocked(
                privacy_hub_util::ContentType::GEOLOCATION),
            !IsLocationEnabledForBrowser(primary_user_geolocation_choice));
}

class MockPrivacyHubHandler : public settings::PrivacyHubHandler {
 public:
  MOCK_METHOD(void,
              SystemGeolocationAccessLevelChanged,
              (GeolocationAccessLevel),
              (override));
};

IN_PROC_BROWSER_TEST_P(PrivacyHubGeolocationBrowsertestMultiUserSession,
                       CheckCorrectSystemUICallbackIsCalled) {
  SystemLocationProvider* provider = SystemLocationProvider::GetInstance();
  CHECK(provider);

  // Log in primary user.
  LoginUser(regular_primary_user_);
  ASSERT_EQ(provider->GetGeolocationAccessLevel(),
            GeolocationAccessLevel::kAllowed);

  // Simulate opening the chrome://os-settings, by artificially setting the mock
  // frontend. Check that this will automatically notify the UI of the initial
  // geolocation value.
  ::testing::StrictMock<MockPrivacyHubHandler> primary_user_frontend;
  EXPECT_CALL(primary_user_frontend, SystemGeolocationAccessLevelChanged(
                                         GeolocationAccessLevel::kAllowed));
  Shell::Get()->privacy_hub_controller()->geolocation_controller()->SetFrontend(
      &primary_user_frontend);

  // Modify the primary user location preference and check that the UI is
  // notified.
  const GeolocationAccessLevel primary_user_geolocation_choice =
      std::get<0>(GetParam());
  EXPECT_CALL(primary_user_frontend, SystemGeolocationAccessLevelChanged(
                                         primary_user_geolocation_choice));
  SetGeolocationAccessLevelPref(primary_user_geolocation_choice);

  // Add secondary user and log in.
  ash::UserAddingScreen::Get()->Start();
  AddUser(regular_secondary_user_1_);

  // Simulate opening the chrome://os-settings, by artificially setting the mock
  // frontend. Check that this will automatically notify the UI of the initial
  // geolocation value, but the value should be of the primary user pref.
  ::testing::StrictMock<MockPrivacyHubHandler> secondary_user_frontend;
  EXPECT_CALL(secondary_user_frontend, SystemGeolocationAccessLevelChanged(
                                           primary_user_geolocation_choice));
  Shell::Get()->privacy_hub_controller()->geolocation_controller()->SetFrontend(
      &secondary_user_frontend);

  // Modify the underlying location preference for the secondary user and check
  // that it won't trigger the UI callback.
  const GeolocationAccessLevel secondary_user_geolocation_choice =
      std::get<1>(GetParam());
  EXPECT_CALL(secondary_user_frontend,
              SystemGeolocationAccessLevelChanged(testing::_))
      .Times(0);
  SetGeolocationAccessLevelPref(secondary_user_geolocation_choice);

  // Switch back to primary user and check its UI will re-fetch system
  // geolocation.
  EXPECT_CALL(primary_user_frontend, SystemGeolocationAccessLevelChanged(
                                         primary_user_geolocation_choice));
  user_manager::UserManager::Get()->SwitchActiveUser(regular_primary_user_);
}

// std::get<0>(GetParam()) - Location preference of the primary user.
// std::get<1>(GetParam()) - Location preference of the secondary user[s].
// Values of these pairs are meant to be different to test that secondary
// users' preference won't affect the effective geolocation state.
INSTANTIATE_TEST_SUITE_P(
    All,
    PrivacyHubGeolocationBrowsertestMultiUserSession,
    testing::Values(
        std::make_tuple(GeolocationAccessLevel::kDisallowed,
                        GeolocationAccessLevel::kAllowed),
        std::make_tuple(GeolocationAccessLevel::kAllowed,
                        GeolocationAccessLevel::kDisallowed),
        std::make_tuple(GeolocationAccessLevel::kOnlyAllowedForSystem,
                        GeolocationAccessLevel::kDisallowed)));

class PrivacyHubGeolocationBrowsertestCheckSystemSettingsLink
    : public PrivacyHubGeolocationBrowsertestBase {
 public:
  PrivacyHubGeolocationBrowsertestCheckSystemSettingsLink() {
    login_manager_.AppendRegularUsers(2);
    primary_user_ = login_manager_.users()[0].account_id;
    secondary_user_ = login_manager_.users()[1].account_id;
  }
  ~PrivacyHubGeolocationBrowsertestCheckSystemSettingsLink() override = default;

 protected:
  AccountId primary_user_;
  AccountId secondary_user_;
};

IN_PROC_BROWSER_TEST_F(PrivacyHubGeolocationBrowsertestCheckSystemSettingsLink,
                       AlwaysOpenActiveUserSettingsPage) {
  // Sign in with the first/primary user.
  LoginUser(primary_user_);

  ash::SystemWebAppManager::Get(
      Profile::FromBrowserContext(
          ash::BrowserContextHelper::Get()->GetBrowserContextByAccountId(
              primary_user_)))
      ->InstallSystemAppsForTesting();
  {
    content::CreateAndLoadWebContentsObserver app_loaded_observer;
    // Directly call the underlying method to simulate the link click.
    privacy_hub_util::OpenSystemSettings(
        privacy_hub_util::ContentType::GEOLOCATION);
    auto* web_contents = app_loaded_observer.Wait();
    ASSERT_TRUE(web_contents);
    EXPECT_EQ(
        web_contents->GetURL(),
        chrome::GetOSSettingsUrl(
            chromeos::settings::mojom::kPrivacyHubGeolocationSubpagePath));
    EXPECT_EQ(primary_user_,
              *ash::AnnotatedAccountId::Get(web_contents->GetBrowserContext()));
  }

  // Add another/secondary user to the session and log in.
  ash::UserAddingScreen::Get()->Start();
  AddUser(secondary_user_);
  EXPECT_EQ(secondary_user_,
            user_manager::UserManager::Get()->GetActiveUser()->GetAccountId());
  ash::SystemWebAppManager::Get(
      Profile::FromBrowserContext(
          ash::BrowserContextHelper::Get()->GetBrowserContextByAccountId(
              secondary_user_)))
      ->InstallSystemAppsForTesting();

  {
    content::CreateAndLoadWebContentsObserver app_loaded_observer;
    // Directly call the underlying method to simulate the link click.
    privacy_hub_util::OpenSystemSettings(
        privacy_hub_util::ContentType::GEOLOCATION);
    auto* web_contents = app_loaded_observer.Wait();
    ASSERT_TRUE(web_contents);
    EXPECT_EQ(
        web_contents->GetURL(),
        chrome::GetOSSettingsUrl(
            chromeos::settings::mojom::kPrivacyHubGeolocationSubpagePath));
    EXPECT_EQ(secondary_user_,
              *ash::AnnotatedAccountId::Get(web_contents->GetBrowserContext()));
  }
}

}  // namespace ash