Add SelectivePermissionInterventionIssue support to frontend

Bug: 435214052
Change-Id: I021882fe859922ce1f9b68472fa82020b4d1fecb
Reviewed-on: https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/7616323
Reviewed-by: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Josh Karlin <jkarlin@chromium.org>

Author: Josh Karlin

config/gni/devtools_grd_files.gni

@@ -582,6 +582,7 @@ grd_files_bundled_sources = [
   "front_end/models/issues_manager/descriptions/selectElementAccessibilityInteractiveContentLegendChild.md",
   "front_end/models/issues_manager/descriptions/selectElementAccessibilityInteractiveContentOptionChild.md",
   "front_end/models/issues_manager/descriptions/selectElementAccessibilityNonPhrasingContentOptionChild.md",
+  "front_end/models/issues_manager/descriptions/selectivePermissionsIntervention.md",
   "front_end/models/issues_manager/descriptions/sharedArrayBuffer.md",
   "front_end/models/issues_manager/descriptions/sharedDictionaryUseErrorCrossOriginNoCorsRequest.md",
   "front_end/models/issues_manager/descriptions/sharedDictionaryUseErrorDictionaryLoadFailure.md",
@@ -1186,6 +1187,7 @@ grd_files_unbundled_sources = [
   "front_end/models/issues_manager/QuirksModeIssue.js",
   "front_end/models/issues_manager/RelatedIssue.js",
   "front_end/models/issues_manager/SRIMessageSignatureIssue.js",
+  "front_end/models/issues_manager/SelectivePermissionsInterventionIssue.js",
   "front_end/models/issues_manager/SharedArrayBufferIssue.js",
   "front_end/models/issues_manager/SharedDictionaryIssue.js",
   "front_end/models/issues_manager/SourceFrameIssuesManager.js",
@@ -1676,6 +1678,7 @@ grd_files_unbundled_sources = [
   "front_end/panels/issues/AffectedPartitioningBlobURLView.js",
   "front_end/panels/issues/AffectedPermissionElementsView.js",
   "front_end/panels/issues/AffectedResourcesView.js",
+  "front_end/panels/issues/AffectedSelectivePermissionsInterventionView.js",
   "front_end/panels/issues/AffectedSharedArrayBufferIssueDetailsView.js",
   "front_end/panels/issues/AffectedSourcesView.js",
   "front_end/panels/issues/AffectedTrackingSitesView.js",

front_end/models/bindings/BUILD.gn

@@ -65,6 +65,7 @@ devtools_entrypoint("bundle") {
     "../../panels/coverage/*",
     "../../panels/elements/*",
     "../../panels/emulation/*",
+    "../../panels/issues/*",
     "../../panels/linear_memory_inspector/*",
     "../../panels/network/*",
     "../../panels/profiler/*",

front_end/models/issues_manager/BUILD.gn

@@ -39,6 +39,7 @@ devtools_module("issues_manager") {
     "QuirksModeIssue.ts",
     "RelatedIssue.ts",
     "SRIMessageSignatureIssue.ts",
+    "SelectivePermissionsInterventionIssue.ts",
     "SharedArrayBufferIssue.ts",
     "SharedDictionaryIssue.ts",
     "SourceFrameIssuesManager.ts",
@@ -216,6 +217,7 @@ devtools_issue_description_files = [
   "selectElementAccessibilityInteractiveContentLegendChild.md",
   "selectElementAccessibilityInteractiveContentOptionChild.md",
   "selectElementAccessibilityNonPhrasingContentOptionChild.md",
+  "selectivePermissionsIntervention.md",
   "summaryElementAccessibilityInteractiveContentSummaryDescendant.md",
   "sharedArrayBuffer.md",
   "stylesheetLateImport.md",
@@ -321,6 +323,7 @@ ts_library("unittests") {
   sources = [
     "CheckFormsIssuesTrigger.test.ts",
     "IssuesManager.test.ts",
+    "SelectivePermissionsInterventionIssue.test.ts",
   ]
 
   deps = [

front_end/models/issues_manager/Issue.ts

@@ -52,6 +52,7 @@ export const enum IssueCategory {
   ATTRIBUTION_REPORTING = 'AttributionReporting',
   QUIRKS_MODE = 'QuirksMode',
   PERMISSION_ELEMENT = 'PermissionElement',
+  SELECTIVE_PERMISSIONS_INTERVENTION = 'SelectivePermissionsIntervention',
   OTHER = 'Other',
 }
 

front_end/models/issues_manager/IssueAggregator.ts

@@ -22,6 +22,7 @@ import {MixedContentIssue} from './MixedContentIssue.js';
 import {PartitioningBlobURLIssue} from './PartitioningBlobURLIssue.js';
 import {PermissionElementIssue} from './PermissionElementIssue.js';
 import {QuirksModeIssue} from './QuirksModeIssue.js';
+import {SelectivePermissionsInterventionIssue} from './SelectivePermissionsInterventionIssue.js';
 import {SharedArrayBufferIssue} from './SharedArrayBufferIssue.js';
 
 export interface IssuesProvider extends Common.EventTarget.EventTarget<IssuesManagerEventsTypes> {
@@ -67,6 +68,7 @@ export class AggregatedIssue extends Issue {
   #mixedContentIssues = new Set<MixedContentIssue>();
   #partitioningBlobURLIssues = new Set<PartitioningBlobURLIssue>();
   #permissionElementIssues = new Set<PermissionElementIssue>();
+  #selectivePermissionsInterventionIssues = new Set<SelectivePermissionsInterventionIssue>();
   #sharedArrayBufferIssues = new Set<SharedArrayBufferIssue>();
   #quirksModeIssues = new Set<QuirksModeIssue>();
   #attributionReportingIssues = new Set<AttributionReportingIssue>();
@@ -144,6 +146,10 @@ export class AggregatedIssue extends Issue {
     return this.#affectedRequests.values();
   }
 
+  getSelectivePermissionsInterventionIssues(): Iterable<SelectivePermissionsInterventionIssue> {
+    return this.#selectivePermissionsInterventionIssues;
+  }
+
   getSharedArrayBufferIssues(): Iterable<SharedArrayBufferIssue> {
     return this.#sharedArrayBufferIssues;
   }
@@ -282,6 +288,9 @@ export class AggregatedIssue extends Issue {
     if (issue instanceof PermissionElementIssue) {
       this.#permissionElementIssues.add(issue);
     }
+    if (issue instanceof SelectivePermissionsInterventionIssue) {
+      this.#selectivePermissionsInterventionIssues.add(issue);
+    }
   }
 
   getKind(): IssueKind {

front_end/models/issues_manager/IssuesManager.ts

@@ -27,6 +27,7 @@ import {PartitioningBlobURLIssue} from './PartitioningBlobURLIssue.js';
 import {PermissionElementIssue} from './PermissionElementIssue.js';
 import {PropertyRuleIssue} from './PropertyRuleIssue.js';
 import {QuirksModeIssue} from './QuirksModeIssue.js';
+import {SelectivePermissionsInterventionIssue} from './SelectivePermissionsInterventionIssue.js';
 import {SharedArrayBufferIssue} from './SharedArrayBufferIssue.js';
 import {SharedDictionaryIssue} from './SharedDictionaryIssue.js';
 import {SourceFrameIssuesManager} from './SourceFrameIssuesManager.js';
@@ -148,6 +149,10 @@ const issueCodeHandlers = new Map<
     Protocol.Audits.InspectorIssueCode.PermissionElementIssue,
     PermissionElementIssue.fromInspectorIssue,
   ],
+  [
+    Protocol.Audits.InspectorIssueCode.SelectivePermissionsInterventionIssue,
+    SelectivePermissionsInterventionIssue.fromInspectorIssue,
+  ],
 ]);
 
 /**

front_end/models/issues_manager/SelectivePermissionsInterventionIssue.test.ts

@@ -0,0 +1,130 @@
+// Copyright 2026 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+import type * as SDK from '../../core/sdk/sdk.js';
+import * as Protocol from '../../generated/protocol.js';
+import {describeWithEnvironment} from '../../testing/EnvironmentHelpers.js';
+import {setupLocaleHooks} from '../../testing/LocaleHelpers.js';
+import {MockIssuesModel} from '../../testing/MockIssuesModel.js';
+
+import * as IssuesManager from './issues_manager.js';
+
+describeWithEnvironment('SelectivePermissionsInterventionIssue', () => {
+  setupLocaleHooks();
+
+  const mockModel = new MockIssuesModel([]) as unknown as SDK.IssuesModel.IssuesModel;
+  const mockTarget = {
+    id: () => 'fake-id',
+    isDisposed: () => false,
+    model: () => null,
+  };
+  mockModel.target = () => mockTarget as unknown as SDK.Target.Target;
+
+  function createProtocolIssueWithDetails(
+      selectivePermissionsInterventionIssueDetails: Protocol.Audits.SelectivePermissionsInterventionIssueDetails):
+      Protocol.Audits.InspectorIssue {
+    return {
+      code: Protocol.Audits.InspectorIssueCode.SelectivePermissionsInterventionIssue,
+      details: {selectivePermissionsInterventionIssueDetails},
+    };
+  }
+
+  const issueDetails = {
+    apiName: 'geolocation',
+    stackTrace: {
+      callFrames: [
+        {
+          functionName: 'foo',
+          scriptId: '1' as Protocol.Runtime.ScriptId,
+          url: 'https://example.com/foo.js',
+          lineNumber: 10,
+          columnNumber: 5,
+        },
+      ],
+    },
+    adAncestry: {
+      adAncestryChain: [
+        {
+          scriptId: '2' as Protocol.Runtime.ScriptId,
+          debuggerId: '123' as Protocol.Runtime.UniqueDebuggerId,
+          name: 'https://ads.com/ad.js',
+        },
+      ],
+      rootScriptFilterlistRule: '||ads.com^',
+    },
+  };
+
+  it('correctly creates an issue with valid details', () => {
+    const issue = createProtocolIssueWithDetails(issueDetails);
+
+    const interventionIssues =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue);
+    assert.lengthOf(interventionIssues, 1);
+    const interventionIssue = interventionIssues[0];
+
+    assert.strictEqual(
+        interventionIssue.getCategory(), IssuesManager.Issue.IssueCategory.SELECTIVE_PERMISSIONS_INTERVENTION);
+    assert.strictEqual(interventionIssue.getKind(), IssuesManager.Issue.IssueKind.PAGE_ERROR);
+    const description = interventionIssue.getDescription();
+    assert.strictEqual(description?.file, 'selectivePermissionsIntervention.md');
+    assert.lengthOf(description?.links || [], 1);
+    assert.strictEqual(description?.links[0].link, 'https://crbug.com/435223477');
+    assert.deepEqual(Array.from([interventionIssue.details()]), [issueDetails]);
+  });
+
+  it('generates a stable primary key', () => {
+    const issue = createProtocolIssueWithDetails(issueDetails);
+    const interventionIssue1 =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue)[0];
+    const interventionIssue2 =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue)[0];
+
+    assert.strictEqual(interventionIssue1.primaryKey(), interventionIssue2.primaryKey());
+  });
+
+  it('generates different primary keys for different details', () => {
+    const issue1 = createProtocolIssueWithDetails(issueDetails);
+    const issue2 = createProtocolIssueWithDetails({...issueDetails, apiName: 'microphone'});
+    const interventionIssue1 =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue1)[0];
+    const interventionIssue2 =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue2)[0];
+
+    assert.notStrictEqual(interventionIssue1.primaryKey(), interventionIssue2.primaryKey());
+  });
+
+  it('handles missing optional fields', () => {
+    const issueDetailsMinimal = {
+      apiName: 'geolocation',
+      adAncestry: {
+        adAncestryChain: [],
+      },
+    } as Protocol.Audits.SelectivePermissionsInterventionIssueDetails;
+    const issue = createProtocolIssueWithDetails(issueDetailsMinimal);
+
+    const interventionIssues =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue);
+    assert.lengthOf(interventionIssues, 1);
+    const interventionIssue = interventionIssues[0];
+
+    assert.deepEqual(Array.from([interventionIssue.details()]), [issueDetailsMinimal]);
+  });
+
+  it('returns an empty array when details are missing', () => {
+    const issue = {
+      code: Protocol.Audits.InspectorIssueCode.SelectivePermissionsInterventionIssue,
+      details: {},
+    };
+    const interventionIssues =
+        IssuesManager.SelectivePermissionsInterventionIssue.SelectivePermissionsInterventionIssue.fromInspectorIssue(
+            mockModel, issue);
+    assert.lengthOf(interventionIssues, 0);
+  });
+});

front_end/models/issues_manager/SelectivePermissionsInterventionIssue.ts

@@ -0,0 +1,65 @@
+// Copyright 2026 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+import * as i18n from '../../core/i18n/i18n.js';
+import type * as SDK from '../../core/sdk/sdk.js';
+import * as Protocol from '../../generated/protocol.js';
+
+import {Issue, IssueCategory, IssueKind} from './Issue.js';
+import type {MarkdownIssueDescription} from './MarkdownIssueDescription.js';
+
+const UIStrings = {
+  /**
+   * @description Title for a learn more link in Selective Permissions Intervention issue description
+   */
+  selectivePermissionsIntervention: 'Selective Permissions Intervention',
+} as const;
+const str_ = i18n.i18n.registerUIStrings('models/issues_manager/SelectivePermissionsInterventionIssue.ts', UIStrings);
+const i18nString = i18n.i18n.getLocalizedString.bind(undefined, str_);
+
+export class SelectivePermissionsInterventionIssue extends
+    Issue<Protocol.Audits.SelectivePermissionsInterventionIssueDetails> {
+  constructor(
+      issueDetails: Protocol.Audits.SelectivePermissionsInterventionIssueDetails,
+      issuesModel: SDK.IssuesModel.IssuesModel|null) {
+    super(Protocol.Audits.InspectorIssueCode.SelectivePermissionsInterventionIssue, issueDetails, issuesModel);
+  }
+
+  primaryKey(): string {
+    return `${Protocol.Audits.InspectorIssueCode.SelectivePermissionsInterventionIssue}-${
+        JSON.stringify(this.details())}`;
+  }
+
+  getDescription(): MarkdownIssueDescription {
+    return {
+      file: 'selectivePermissionsIntervention.md',
+      links: [
+        {
+          link: 'https://crbug.com/435223477',
+          linkTitle: i18nString(UIStrings.selectivePermissionsIntervention),
+        },
+      ],
+    };
+  }
+
+  getCategory(): IssueCategory {
+    return IssueCategory.SELECTIVE_PERMISSIONS_INTERVENTION;
+  }
+
+  getKind(): IssueKind {
+    return IssueKind.PAGE_ERROR;
+  }
+
+  static fromInspectorIssue(
+      issuesModel: SDK.IssuesModel.IssuesModel|null,
+      inspectorIssue: Protocol.Audits.InspectorIssue): SelectivePermissionsInterventionIssue[] {
+    const selectivePermissionsInterventionIssueDetails =
+        inspectorIssue.details.selectivePermissionsInterventionIssueDetails;
+    if (!selectivePermissionsInterventionIssueDetails) {
+      console.warn('Selective Permissions Intervention issue without details received.');
+      return [];
+    }
+    return [new SelectivePermissionsInterventionIssue(selectivePermissionsInterventionIssueDetails, issuesModel)];
+  }
+}

front_end/models/issues_manager/descriptions/selectivePermissionsIntervention.md

@@ -0,0 +1,7 @@
+# Selective Permissions Intervention
+
+The Selective Permissions Intervention blocks calls to privacy-sensitive APIs when they are called from ad scripts in order to align the permission grant with the user's intent. The particular API that was blocked, the call-stack that triggered the intervention, and why the script that called the API is considered ad-related is shown below.
+
+Note that Chrome considers any script with a URL that matches a rule in the [filterlist](ChromeFilterlistRepository) as ad script, and the matching rule is shown in the Ad Ancestry section. In addition, any script loaded while an ad script is in the JavaScript stack will also be considered an ad script by Chrome and is also shown in Ad Ancestry.
+
+If you believe this intervention  was in error (e.g., this call would occur even when loading the page with an ad blocker enabled), then please [file a bug](SelectivePermissionsInterventionIssue).

front_end/models/issues_manager/issues_manager.ts

@@ -27,6 +27,7 @@ import * as PermissionElementIssue from './PermissionElementIssue.js';
 import * as PropertyRuleIssue from './PropertyRuleIssue.js';
 import * as QuirksModeIssue from './QuirksModeIssue.js';
 import * as RelatedIssue from './RelatedIssue.js';
+import * as SelectivePermissionsInterventionIssue from './SelectivePermissionsInterventionIssue.js';
 import * as SharedArrayBufferIssue from './SharedArrayBufferIssue.js';
 import * as SharedDictionaryIssue from './SharedDictionaryIssue.js';
 import * as SourceFrameIssuesManager from './SourceFrameIssuesManager.js';
@@ -60,6 +61,7 @@ export {
   PropertyRuleIssue,
   QuirksModeIssue,
   RelatedIssue,
+  SelectivePermissionsInterventionIssue,
   SharedArrayBufferIssue,
   SharedDictionaryIssue,
   SourceFrameIssuesManager,