chrome/browser/extensions/api/socket/socket_api.cc - Issue 10692160: Support socket endpoint permissions for AppsV2 Socket API.

Unified Diff: chrome/browser/extensions/api/socket/socket_api.cc

Issue 10692160: Support socket endpoint permissions for AppsV2 Socket API. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: Support socket endpoint permissions Created 8 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« chrome/browser/extensions/api/permissions/permissions_api.cc ('K') | « chrome/browser/extensions/api/socket/socket_api.h ('k') | chrome/browser/extensions/api/socket/tcp_socket.h » ('j') | chrome/browser/extensions/extension_prefs.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/extensions/api/socket/socket_api.cc

diff --git a/chrome/browser/extensions/api/socket/socket_api.cc b/chrome/browser/extensions/api/socket/socket_api.cc

index b9bd48f47afc791144d1b1cf651c4283b5eec70b..07a146a5fa24a951ce0fda24343e0981e57cad06 100644

--- a/chrome/browser/extensions/api/socket/socket_api.cc

+++ b/chrome/browser/extensions/api/socket/socket_api.cc

@@ -5,6 +5,7 @@

#include "chrome/browser/extensions/api/socket/socket_api.h"

#include "base/bind.h"

+#include "chrome/common/extensions/permissions/socket_permission.h"

#include "chrome/browser/browser_process.h"

#include "chrome/browser/extensions/api/dns/host_resolver_wrapper.h"

#include "chrome/browser/extensions/api/socket/socket.h"

@@ -32,6 +33,7 @@ const char kUDPOption[] = "udp";

const char kSocketNotFoundError[] = "Socket not found";

const char kSocketTypeInvalidError[] = "Socket type is not supported";

const char kDnsLookupFailedError[] = "DNS resolution failed";

+const char kNoPermission[] = "Caller does not have permission";

miket_OOO 2012/08/06 21:04:06 Can you pick a constant name that's consistent wit

Peng 2012/08/07 21:31:55 Done. I replaced it with kPermissionError. If you

SocketAsyncApiFunction::SocketAsyncApiFunction()

: manager_(NULL) {

@@ -163,6 +165,36 @@ bool SocketConnectFunction::Prepare() {

}

void SocketConnectFunction::AsyncWorkStart() {

+ socket_ = manager_->Get(socket_id_);

+ if (!socket_) {

+ error_ = kSocketNotFoundError;

+ SetResult(Value::CreateIntegerValue(-1));

+ AsyncWorkCompleted();

+ return;

+ }

+ SocketPermissionData::OperationType type;

+ switch (socket_->socket_type()) {

+ case Socket::TYPE_TCP:

+ type = SocketPermissionData::TCP_CONNECT;

+ break;

+ case Socket::TYPE_UDP:

+ type = SocketPermissionData::UDP_SEND_TO;

+ break;

+ default:

+ type = SocketPermissionData::NONE;

+ break;

+ }

+ SocketPermission::CheckParam param(type, hostname_, port_);

+ if (!GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,

+ &param)) {

+ error_ = kNoPermission;

+ SetResult(Value::CreateIntegerValue(-1));

+ AsyncWorkCompleted();

+ return;

+ }

StartDnsLookup(hostname_);

}

@@ -176,15 +208,8 @@ void SocketConnectFunction::AfterDnsLookup(int lookup_result) {

}

void SocketConnectFunction::StartConnect() {

- Socket* socket = manager_->Get(socket_id_);

- if (!socket) {

- error_ = kSocketNotFoundError;

- OnConnect(-1);

- return;

- }

- socket->Connect(resolved_address_, port_,

- base::Bind(&SocketConnectFunction::OnConnect, this));

+ socket_->Connect(resolved_address_, port_,

+ base::Bind(&SocketConnectFunction::OnConnect, this));

}

void SocketConnectFunction::OnConnect(int result) {

@@ -216,10 +241,17 @@ bool SocketBindFunction::Prepare() {

void SocketBindFunction::Work() {

int result = -1;

Socket* socket = manager_->Get(socket_id_);

- if (socket)

- result = socket->Bind(address_, port_);

- else

+ SocketPermission::CheckParam param(

+ SocketPermissionData::UDP_BIND, address_, port_);

+ if (socket) {

+ if (GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,

+ &param))

+ result = socket->Bind(address_, port_);

+ else

+ error_ = kNoPermission;

+ } else {

error_ = kSocketNotFoundError;

+ }

SetResult(Value::CreateIntegerValue(result));

}

@@ -373,7 +405,26 @@ bool SocketSendToFunction::Prepare() {

}

void SocketSendToFunction::AsyncWorkStart() {

- StartDnsLookup(hostname_);

+ do {

+ socket_ = manager_->Get(socket_id_);

+ if (!socket_) {

+ error_ = kSocketNotFoundError;

+ break;

+ }

+ SocketPermission::CheckParam param(SocketPermissionData::UDP_SEND_TO,

+ hostname_, port_);

+ if (!GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,

+ &param)) {

+ error_ = kNoPermission;

+ break;

+ }

+ StartDnsLookup(hostname_);

+ return;

+ } while (false);

+ SetResult(Value::CreateIntegerValue(-1));

+ AsyncWorkCompleted();

}

void SocketSendToFunction::AfterDnsLookup(int lookup_result) {

@@ -386,15 +437,8 @@ void SocketSendToFunction::AfterDnsLookup(int lookup_result) {

}

void SocketSendToFunction::StartSendTo() {

- Socket* socket = manager_->Get(socket_id_);

- if (!socket) {

- error_ = kSocketNotFoundError;

- OnCompleted(-1);

- return;

- }

- socket->SendTo(io_buffer_, io_buffer_size_, resolved_address_, port_,

- base::Bind(&SocketSendToFunction::OnCompleted, this));

+ socket_->SendTo(io_buffer_, io_buffer_size_, resolved_address_, port_,

+ base::Bind(&SocketSendToFunction::OnCompleted, this));

}

void SocketSendToFunction::OnCompleted(int bytes_written) {