Add DRM enabled status to broken site feedback reports

[jonathanKingston]

Task/Issue URL: https://app.asana.com/1/137249556945/task/1213808712892824?focus=true

Description

Adds a drmEnabled parameter to broken site reports (epbf pixel), reporting the effective DRM availability for the reported site.

Changes:

• Added isDrmEnabledForSite(url) to SitePermissionsRepository — returns true if the domain is allowed to ask for DRM permission or has been granted it
• BrokenSiteSubmitter injects SitePermissionsRepository and includes drmEnabled (true/false) in the report payload
• Updated pixel definitions (broken_site_report.json) to document the new parameter
• Added unit tests for DRM enabled/disabled cases
• Updated reference tests and added a new "DRM disabled" reference test case

Steps to test this PR

• Run BrokenSiteSubmitterTest — verify the 2 new DRM tests pass (whenDrmIsEnabledForReportedSiteThenIncludeDrmEnabledParam, whenDrmIsDisabledForReportedSiteThenIncludeDrmEnabledParam)
• Run BrokenSitesReferenceTest and BrokenSitesMultipleReportReferenceTest — verify reference tests pass with drmEnabled field
• Run site-permissions-impl:testDebugUnitTest — verify isDrmEnabledForSite doesn't break existing tests
• Install internal debug build, navigate to a site, submit a broken site report, and verify drmEnabled=true appears in the epbf pixel in logcat
• (Optional) Toggle DRM off in site permissions settings, verify drmEnabled=false in a subsequent report

---

Note

Medium Risk
Adds new DRM-permission evaluation logic and wires it into broken-site report submission, which could impact report sending/parameters if the new repository call or config checks behave unexpectedly. Changes are limited to analytics payloads and site-permissions lookup paths with accompanying unit/reference test updates.

Overview
Broken site feedback reporting now sends a new drmEnabled parameter on both epbf and protection-toggled-off-breakage-report, and pixel definitions were updated accordingly.

To support this, BrokenSiteSubmitter injects SitePermissionsRepository and includes the computed DRM status in the pixel payload, backed by a new SitePermissionsRepository.isDrmEnabledForSite helper that resolves effective DRM availability from session overrides, config blocking, and stored permissions. Tests and reference fixtures were updated/extended to validate both DRM-enabled and DRM-disabled cases.

^{Written by Cursor Bugbot for commit 1408217. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix prepared a fix for the issue found in the latest run.

• ✅ Fixed: Session DRM state invisible due to non-singleton repository
  • Extracted the in-memory drmSessions map into a new singleton DrmSessionStore (@SingleInstanceIn(AppScope::class)) so all SitePermissionsRepositoryImpl instances share the same session DRM state, making session-level DRM decisions visible to BrokenSiteSubmitter.

Or push these changes by commenting:

@cursor push 3a0a4465dc

Preview (3a0a4465dc)

diff --git a/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/DrmSessionStore.kt b/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/DrmSessionStore.kt
new file mode 100644
--- /dev/null
+++ b/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/DrmSessionStore.kt
@@ -1,0 +1,40 @@
+/*
+ * Copyright (c) 2025 DuckDuckGo
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.duckduckgo.site.permissions.impl
+
+import com.duckduckgo.di.scopes.AppScope
+import com.squareup.anvil.annotations.ContributesBinding
+import dagger.SingleInstanceIn
+import javax.inject.Inject
+
+interface DrmSessionStore {
+    fun get(domain: String): Boolean?
+    fun save(domain: String, allowed: Boolean)
+}
+
+@SingleInstanceIn(AppScope::class)
+@ContributesBinding(AppScope::class)
+class RealDrmSessionStore @Inject constructor() : DrmSessionStore {
+
+    private val drmSessions = mutableMapOf<String, Boolean>()
+
+    override fun get(domain: String): Boolean? = drmSessions[domain]
+
+    override fun save(domain: String, allowed: Boolean) {
+        drmSessions[domain] = allowed
+    }
+}

diff --git a/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepository.kt b/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepository.kt
--- a/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepository.kt
+++ b/site-permissions/site-permissions-impl/src/main/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepository.kt
@@ -69,6 +69,7 @@
     @AppCoroutineScope private val appCoroutineScope: CoroutineScope,
     private val dispatcherProvider: DispatcherProvider,
     private val drmBlock: DrmBlock,
+    private val drmSessionStore: DrmSessionStore,
 ) : SitePermissionsRepository {
 
     override var askCameraEnabled: Boolean
@@ -94,12 +95,10 @@
             sitePermissionsPreferences.askLocationEnabled = value
         }
 
-    private val drmSessions = mutableMapOf<String, Boolean>()
-
     override suspend fun isDrmEnabledForSite(url: String): Boolean {
         val domain = url.extractDomain() ?: url
 
-        drmSessions[domain]?.let { return it }
+        drmSessionStore.get(domain)?.let { return it }
         if (isDrmBlockedForUrlByConfig(url)) return false
 
         return isDomainAllowedToAsk(url, PermissionRequest.RESOURCE_PROTECTED_MEDIA_ID) ||
@@ -202,11 +201,11 @@
     }
 
     override fun getDrmForSession(domain: String): Boolean? {
-        return drmSessions[domain]
+        return drmSessionStore.get(domain)
     }
 
     override fun saveDrmForSession(domain: String, allowed: Boolean) {
-        drmSessions[domain] = allowed
+        drmSessionStore.save(domain, allowed)
     }
 
     override fun isDrmBlockedForUrlByConfig(url: String): Boolean {

diff --git a/site-permissions/site-permissions-impl/src/test/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepositoryTest.kt b/site-permissions/site-permissions-impl/src/test/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepositoryTest.kt
--- a/site-permissions/site-permissions-impl/src/test/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepositoryTest.kt
+++ b/site-permissions/site-permissions-impl/src/test/java/com/duckduckgo/site/permissions/impl/SitePermissionsRepositoryTest.kt
@@ -52,6 +52,8 @@
     private val mockSitePermissionsPreferences: SitePermissionsPreferences = mock()
     private val mockDrmBlock: DrmBlock = mock()
 
+    private val drmSessionStore: DrmSessionStore = RealDrmSessionStore()
+
     private val repository = SitePermissionsRepositoryImpl(
         mockSitePermissionsDao,
         mockSitePermissionsAllowedDao,
@@ -59,6 +61,7 @@
         coroutineRule.testScope,
         coroutineRule.testDispatcherProvider,
         mockDrmBlock,
+        drmSessionStore,
     )
 
     private val url = "https://domain.com/whatever"

_{You can send follow-ups to this agent here.}

[anikiki]

LGTM 👍

[jonathanKingston]

Marking as Draft as we discuss the origin discussion