New permission authorization and new permission center (#2700)

<!--
Note: This template is a reminder of our Engineering Expectations and
Definition of Done. Remove sections that don't apply to your changes.

⚠️ If you're an external contributor, please file an issue before
working on a PR. Discussing your changes beforehand will help ensure
they align with our roadmap and that your time is well spent.
-->

Task/Issue URL:
https://app.asana.com/1/137249556945/project/1148564399326804/task/1212226055102691?focus=true

### Description
This PR adds a new permission authorization flow and basic functionality
of new permission center, which unblocks the notifications API work.

Unit tests, UI tests and support of popups will be added in a follow up
PR.

Author: tomasstrba

SharedPackages/BrowserServicesKit/Sources/BrowserServicesKit/PrivacyConfig/Features/PrivacyFeature.swift

@@ -143,6 +143,7 @@ public enum MacOSBrowserConfigSubfeature: String, PrivacySubfeature {
     /// Tab closing event recreation feature flag (failsafe for removing private API)
     /// https://app.asana.com/1/137249556945/project/1211834678943996/task/1212206087745586?focus=true
     case tabClosingEventRecreation
+
 }
 
 public enum iOSBrowserConfigSubfeature: String, PrivacySubfeature {

macOS/DuckDuckGo-macOS.xcodeproj/project.pbxproj

@@ -704,16 +704,16 @@ final class AppDelegate: NSObject, NSApplicationDelegate {
         if AppVersion.runType.requiresEnvironment {
             fireproofDomains = FireproofDomains(store: FireproofDomainsStore(database: database.db, tableName: "FireproofDomains"), tld: tld)
             faviconManager = FaviconManager(cacheType: .standard(database.db), bookmarkManager: bookmarkManager, fireproofDomains: fireproofDomains)
-            permissionManager = PermissionManager(store: LocalPermissionStore(database: database.db))
+            permissionManager = PermissionManager(store: LocalPermissionStore(database: database.db), featureFlagger: featureFlagger)
         } else {
             fireproofDomains = FireproofDomains(store: FireproofDomainsStore(context: nil), tld: tld)
             faviconManager = FaviconManager(cacheType: .inMemory, bookmarkManager: bookmarkManager, fireproofDomains: fireproofDomains)
-            permissionManager = PermissionManager(store: LocalPermissionStore(database: nil))
+            permissionManager = PermissionManager(store: LocalPermissionStore(database: nil), featureFlagger: featureFlagger)
         }
 #else
         fireproofDomains = FireproofDomains(store: FireproofDomainsStore(database: database.db, tableName: "FireproofDomains"), tld: tld)
         faviconManager = FaviconManager(cacheType: .standard(database.db), bookmarkManager: bookmarkManager, fireproofDomains: fireproofDomains)
-        permissionManager = PermissionManager(store: LocalPermissionStore(database: database.db))
+        permissionManager = PermissionManager(store: LocalPermissionStore(database: database.db), featureFlagger: featureFlagger)
 #endif
 
         webCacheManager = WebCacheManager(fireproofDomains: fireproofDomains)

macOS/DuckDuckGo/Application/AppDelegate.swift

@@ -52,6 +52,18 @@ extension NSColor {
         .blackWhite10
     }
 
+    /// Background color for permission warning rows (system permission disabled)
+    /// Light mode: #FFF0C2, Dark mode: #C18010 at 16% opacity
+    static var permissionWarningBackground: NSColor {
+        NSColor(name: nil) { appearance in
+            if appearance.bestMatch(from: [.darkAqua, .aqua]) == .darkAqua {
+                return NSColor(red: 0xC1 / 255.0, green: 0x80 / 255.0, blue: 0x10 / 255.0, alpha: 0.16)
+            } else {
+                return NSColor(red: 0xFF / 255.0, green: 0xF0 / 255.0, blue: 0xC2 / 255.0, alpha: 1.0)
+            }
+        }
+    }
+
     // MARK: - Helpers
 
     var ciColor: CIColor {

macOS/DuckDuckGo/Common/Extensions/NSColorExtension.swift

@@ -977,11 +977,33 @@ struct UserText {
     static let permissionPopupLearnMoreLink = NSLocalizedString("permission.popup.learn-more.link", value: "Learn more about location services", comment: "Text of link that leads to web page with more informations about location services.")
     static let permissionPopupAllowButton = NSLocalizedString("permission.popup.allow.button", value: "Allow", comment: "Button that the user can use to authorise a web site to for, for example access location or camera and microphone etc.")
 
+    static let permissionPopupDenyButton = NSLocalizedString("permission.popup.deny.button", value: "Deny", comment: "Button that denies permission for this request only")
+    static let permissionPopupAlwaysDenyButton = NSLocalizedString("permission.popup.always.deny.button", value: "Never Allow", comment: "Button that denies permission and remembers the decision for future requests")
+    static let permissionPopupAlwaysAllowButton = NSLocalizedString("permission.popup.always.allow.button", value: "Always Allow", comment: "Button that grants permission and remembers the decision for future requests")
+
     static let privacyDashboardPermissionAsk = NSLocalizedString("dashboard.permission.ask", value: "Ask every time", comment: "Privacy Dashboard: Website should always Ask for permission for input media device access")
     static let privacyDashboardPermissionAlwaysAllow = NSLocalizedString("dashboard.permission.allow", value: "Always allow", comment: "Privacy Dashboard: Website can always access input media device")
     static let privacyDashboardPermissionAlwaysDeny = NSLocalizedString("dashboard.permission.deny", value: "Always deny", comment: "Privacy Dashboard: Website can never access input media device")
     static let permissionPopoverDenyButton = NSLocalizedString("permission.popover.deny", value: "Deny", comment: "Permission Popover: Deny Website input media device access")
 
+    // Two-step permission authorization (geolocation)
+    static let permissionSystemLocationEnable = NSLocalizedString("permission.system.location.enable", value: "Enable System Location", comment: "Button to enable system location services")
+    static let permissionSystemLocationWaiting = NSLocalizedString("permission.system.location.waiting", value: "Waiting for system permission…", comment: "Text shown while waiting for user to respond to system location permission dialog")
+    static let permissionSystemLocationEnabled = NSLocalizedString("permission.system.location.enabled", value: "System location enabled!", comment: "Text shown after system location permission has been granted")
+    static let permissionSystemLocationDisabled = NSLocalizedString("permission.system.location.disabled", value: "System location disabled. Turn it on in ", comment: "Text shown when system location was previously denied. Followed by a link to System Settings")
+    static let permissionSystemSettingsLocation = NSLocalizedString("permission.system.settings.location", value: "System Settings → Privacy", comment: "Link text to open System Settings Privacy section for location")
+    static let permissionRestartApp = NSLocalizedString("permission.restart.app", value: "Restart the DuckDuckGo application", comment: "Text shown when app restart is required for permission changes to take effect")
+    static let permissionGeolocationPromptFormat = NSLocalizedString("permission.geolocation.prompt.format", value: "Allow %@ to use your current location?", comment: "Prompt asking if domain %@ can use location")
+    static let permissionPopupNeverAllowButton = NSLocalizedString("permission.popup.never.allow.button", value: "Never Allow", comment: "Button that denies permission and remembers the decision for future requests")
+
+    // Permission Center
+    static let permissionCenterTitle = NSLocalizedString("permission.center.title", value: "Permissions for \"%@\"", comment: "Title for permission center popover, %@ is the domain name")
+    static let permissionCenterAlwaysAsk = NSLocalizedString("permission.center.always.ask", value: "Always Ask", comment: "Permission center dropdown option to always ask for permission")
+    static let permissionCenterAlwaysAllow = NSLocalizedString("permission.center.always.allow", value: "Always Allow", comment: "Permission center dropdown option to always allow permission")
+    static let permissionCenterNeverAllow = NSLocalizedString("permission.center.never.allow", value: "Never Allow", comment: "Permission center dropdown option to never allow permission")
+    static let permissionCenterExternalSchemeDescription = NSLocalizedString("permission.center.external.scheme.description", value: "%@ to open \"%@\" links", comment: "Description for external scheme permission, first %@ is domain, second %@ is scheme name")
+    static let permissionCenterExternalApps = NSLocalizedString("permission.center.external.apps", value: "External Apps", comment: "Permission center header for external app permissions")
+
     static let privacyDashboardPopupsAlwaysAsk = NSLocalizedString("dashboard.popups.ask", value: "Notify", comment: "Make pop-up windows always request permission for the current domain")
 
     static let settings = NSLocalizedString("settings", value: "Settings", comment: "Menu item for opening settings")

macOS/DuckDuckGo/Common/Localizables/UserText.swift

@@ -60390,6 +60390,78 @@
         }
       }
     },
+    "permission.center.always.allow" : {
+      "comment" : "Permission center dropdown option to always allow permission",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Always Allow"
+          }
+        }
+      }
+    },
+    "permission.center.always.ask" : {
+      "comment" : "Permission center dropdown option to always ask for permission",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Always Ask"
+          }
+        }
+      }
+    },
+    "permission.center.external.apps" : {
+      "comment" : "Permission center header for external app permissions",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "External Apps"
+          }
+        }
+      }
+    },
+    "permission.center.external.scheme.description" : {
+      "comment" : "Description for external scheme permission, first %@ is domain, second %@ is scheme name",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "%1$@ to open \"%2$@\" links"
+          }
+        }
+      }
+    },
+    "permission.center.never.allow" : {
+      "comment" : "Permission center dropdown option to never allow permission",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Never Allow"
+          }
+        }
+      }
+    },
+    "permission.center.title" : {
+      "comment" : "Title for permission center popover, %@ is the domain name",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Permissions for \"%@\""
+          }
+        }
+      }
+    },
     "permission.disabled.app" : {
       "comment" : "The app (DuckDuckGo: %@ 2) has no access permission to (%@ 1) media device",
       "extractionState" : "extracted_with_value",
@@ -60630,6 +60702,18 @@
         }
       }
     },
+    "permission.geolocation.prompt.format" : {
+      "comment" : "Prompt asking if domain %@ can use location",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Allow %@ to use your current location?"
+          }
+        }
+      }
+    },
     "permission.microphone" : {
       "comment" : "Microphone input media device name",
       "extractionState" : "extracted_with_value",
@@ -60990,6 +61074,30 @@
         }
       }
     },
+    "permission.popup.always.allow.button" : {
+      "comment" : "Button that grants permission and remembers the decision for future requests",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Always Allow"
+          }
+        }
+      }
+    },
+    "permission.popup.always.deny.button" : {
+      "comment" : "Button that denies permission and remembers the decision for future requests",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Never Allow"
+          }
+        }
+      }
+    },
     "permission.popup.blocked.popover" : {
       "comment" : "Text of popover warning the user that a pop-up has been blocked",
       "extractionState" : "extracted_with_value",
@@ -61050,6 +61158,18 @@
         }
       }
     },
+    "permission.popup.deny.button" : {
+      "comment" : "Button that denies permission for this request only",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Deny"
+          }
+        }
+      }
+    },
     "permission.popup.learn-more.link" : {
       "comment" : "Text of link that leads to web page with more informations about location services.",
       "extractionState" : "extracted_with_value",
@@ -61110,6 +61230,18 @@
         }
       }
     },
+    "permission.popup.never.allow.button" : {
+      "comment" : "Button that denies permission and remembers the decision for future requests",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Never Allow"
+          }
+        }
+      }
+    },
     "permission.popup.open.format" : {
       "comment" : "Menu action to open the blocked pop-up at the specified URL",
       "extractionState" : "extracted_with_value",
@@ -61571,6 +61703,78 @@
         }
       }
     },
+    "permission.restart.app" : {
+      "comment" : "Text shown when app restart is required for permission changes to take effect",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Restart the DuckDuckGo application"
+          }
+        }
+      }
+    },
+    "permission.system.location.disabled" : {
+      "comment" : "Text shown when system location was previously denied. Followed by a link to System Settings",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "System location disabled. Turn it on in "
+          }
+        }
+      }
+    },
+    "permission.system.location.enable" : {
+      "comment" : "Button to enable system location services",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Enable System Location"
+          }
+        }
+      }
+    },
+    "permission.system.location.enabled" : {
+      "comment" : "Text shown after system location permission has been granted",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "System location enabled!"
+          }
+        }
+      }
+    },
+    "permission.system.location.waiting" : {
+      "comment" : "Text shown while waiting for user to respond to system location permission dialog",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "Waiting for system permission…"
+          }
+        }
+      }
+    },
+    "permission.system.settings.location" : {
+      "comment" : "Link text to open System Settings Privacy section for location",
+      "extractionState" : "extracted_with_value",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "new",
+            "value" : "System Settings → Privacy"
+          }
+        }
+      }
+    },
     "permission.unmute" : {
       "comment" : "Resume input media device %@ access for %@ website",
       "extractionState" : "extracted_with_value",

macOS/DuckDuckGo/Localization/Localizable.xcstrings

@@ -61,7 +61,7 @@ final class AddressBarButtonsViewController: NSViewController {
     private var permissionAuthorizationPopover: PermissionAuthorizationPopover?
     private func permissionAuthorizationPopoverCreatingIfNeeded() -> PermissionAuthorizationPopover {
         return permissionAuthorizationPopover ?? {
-            let popover = PermissionAuthorizationPopover()
+            let popover = PermissionAuthorizationPopover(featureFlagger: featureFlagger)
             NotificationCenter.default.addObserver(self, selector: #selector(popoverDidClose), name: NSPopover.didCloseNotification, object: popover)
             NotificationCenter.default.addObserver(self, selector: #selector(popoverWillShow), name: NSPopover.willShowNotification, object: popover)
             self.permissionAuthorizationPopover = popover
@@ -70,6 +70,8 @@ final class AddressBarButtonsViewController: NSViewController {
         }()
     }
 
+    private var permissionCenterPopover: PermissionCenterPopover?
+
     private var popupBlockedPopover: PopupBlockedPopover?
     private func popupBlockedPopoverCreatingIfNeeded() -> PopupBlockedPopover {
         return popupBlockedPopover ?? {
@@ -1610,7 +1612,36 @@ final class AddressBarButtonsViewController: NSViewController {
     }
 
     @IBAction func permissionCenterButtonAction(_ sender: Any) {
+        guard featureFlagger.isFeatureOn(.newPermissionView) else { return }
+        guard let tabViewModel else { return }
+
+        // Close existing popover if shown
+        if let existingPopover = permissionCenterPopover, existingPopover.isShown {
+            existingPopover.close()
+            permissionCenterPopover = nil
+            return
+        }
 
+        let url = tabViewModel.tab.content.urlForWebView ?? .empty
+        let domain = (url.isFileURL ? .localhost : (url.host ?? "")).droppingWwwPrefix()
+
+        let viewModel = PermissionCenterViewModel(
+            domain: domain,
+            usedPermissions: tabViewModel.usedPermissions,
+            permissionManager: permissionManager,
+            removePermission: { [weak tabViewModel] permissionType in
+                tabViewModel?.tab.permissions.remove(permissionType)
+            },
+            dismissPopover: { [weak self] in
+                self?.permissionCenterPopover?.close()
+                self?.permissionCenterPopover = nil
+            }
+        )
+
+        let popover = PermissionCenterPopover(viewModel: viewModel)
+        permissionCenterPopover = popover
+
+        popover.show(relativeTo: permissionCenterButton.bounds, of: permissionCenterButton, preferredEdge: .maxY)
     }
 
     @IBAction func cameraButtonAction(_ sender: NSButton) {
@@ -2296,9 +2327,7 @@ extension TabViewModel {
         let hasRequestedPermission = usedPermissions.values.contains(where: { $0.isRequested
         })
         let shouldShowWhileFocused = (tab.content == .newtab) && hasRequestedPermission
-        let isAnyPermissionPresent = usedPermissions.values.contains(where: {
-            !$0.isReloading
-        })
+        let isAnyPermissionPresent = !usedPermissions.values.isEmpty
 
         return (shouldShowWhileFocused || (!isTextFieldEditorFirstResponder && isAnyPermissionPresent))
         && !isAnyTrackerAnimationPlaying