Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5635)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/socket/socket_api.cc

Issue 10692160: Support socket endpoint permissions for AppsV2 Socket API. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: Fix review issues and add some unit tests Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/extensions/api/socket/socket_api.h ('k') | chrome/browser/extensions/api/socket/tcp_socket.h » ('j') | chrome/common/extensions/permissions/api_permission_set_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/socket/socket_api.cc
diff --git a/chrome/browser/extensions/api/socket/socket_api.cc b/chrome/browser/extensions/api/socket/socket_api.cc
index b9bd48f47afc791144d1b1cf651c4283b5eec70b..92104b79c341476a351c5829efe2ffaee6774d55 100644
--- a/chrome/browser/extensions/api/socket/socket_api.cc
+++ b/chrome/browser/extensions/api/socket/socket_api.cc
@@ -5,6 +5,7 @@
#include "chrome/browser/extensions/api/socket/socket_api.h"
#include "base/bind.h"
+#include "chrome/common/extensions/permissions/socket_permission.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/extensions/api/dns/host_resolver_wrapper.h"
#include "chrome/browser/extensions/api/socket/socket.h"
@@ -32,6 +33,7 @@ const char kUDPOption[] = "udp";
const char kSocketNotFoundError[] = "Socket not found";
const char kSocketTypeInvalidError[] = "Socket type is not supported";
const char kDnsLookupFailedError[] = "DNS resolution failed";
+const char kPermissionError[] = "Caller does not have permission";
SocketAsyncApiFunction::SocketAsyncApiFunction()
: manager_(NULL) {
@@ -163,6 +165,36 @@ bool SocketConnectFunction::Prepare() {
}
void SocketConnectFunction::AsyncWorkStart() {
+ socket_ = manager_->Get(socket_id_);
+ if (!socket_) {
+ error_ = kSocketNotFoundError;
+ SetResult(Value::CreateIntegerValue(-1));
+ AsyncWorkCompleted();
+ return;
+ }
+
+ SocketPermissionData::OperationType type;
+ switch (socket_->socket_type()) {
+ case Socket::TYPE_TCP:
+ type = SocketPermissionData::TCP_CONNECT;
+ break;
+ case Socket::TYPE_UDP:
+ type = SocketPermissionData::UDP_SEND_TO;
+ break;
+ default:
+ type = SocketPermissionData::NONE;
+ break;
+ }
+
+ SocketPermission::CheckParam param(type, hostname_, port_);
+ if (!GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,
+ &param)) {
+ error_ = kPermissionError;
+ SetResult(Value::CreateIntegerValue(-1));
+ AsyncWorkCompleted();
+ return;
+ }
+
StartDnsLookup(hostname_);
}
@@ -176,15 +208,8 @@ void SocketConnectFunction::AfterDnsLookup(int lookup_result) {
}
void SocketConnectFunction::StartConnect() {
- Socket* socket = manager_->Get(socket_id_);
- if (!socket) {
- error_ = kSocketNotFoundError;
- OnConnect(-1);
- return;
- }
-
- socket->Connect(resolved_address_, port_,
- base::Bind(&SocketConnectFunction::OnConnect, this));
+ socket_->Connect(resolved_address_, port_,
+ base::Bind(&SocketConnectFunction::OnConnect, this));
}
void SocketConnectFunction::OnConnect(int result) {
@@ -216,10 +241,17 @@ bool SocketBindFunction::Prepare() {
void SocketBindFunction::Work() {
int result = -1;
Socket* socket = manager_->Get(socket_id_);
- if (socket)
- result = socket->Bind(address_, port_);
- else
+ SocketPermission::CheckParam param(
+ SocketPermissionData::UDP_BIND, address_, port_);
+ if (socket) {
+ if (GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,
+ &param))
+ result = socket->Bind(address_, port_);
+ else
+ error_ = kPermissionError;
+ } else {
error_ = kSocketNotFoundError;
+ }
SetResult(Value::CreateIntegerValue(result));
}
@@ -373,7 +405,26 @@ bool SocketSendToFunction::Prepare() {
}
void SocketSendToFunction::AsyncWorkStart() {
- StartDnsLookup(hostname_);
+ do {
+ socket_ = manager_->Get(socket_id_);
+ if (!socket_) {
+ error_ = kSocketNotFoundError;
+ break;
+ }
+
+ SocketPermission::CheckParam param(SocketPermissionData::UDP_SEND_TO,
+ hostname_, port_);
+ if (!GetExtension()->CheckAPIPermissionWithDetail(APIPermission::kSocket,
+ &param)) {
+ error_ = kPermissionError;
+ break;
+ }
+
+ StartDnsLookup(hostname_);
+ return;
+ } while (false);
+ SetResult(Value::CreateIntegerValue(-1));
+ AsyncWorkCompleted();
}
void SocketSendToFunction::AfterDnsLookup(int lookup_result) {
@@ -386,15 +437,8 @@ void SocketSendToFunction::AfterDnsLookup(int lookup_result) {
}
void SocketSendToFunction::StartSendTo() {
- Socket* socket = manager_->Get(socket_id_);
- if (!socket) {
- error_ = kSocketNotFoundError;
- OnCompleted(-1);
- return;
- }
-
- socket->SendTo(io_buffer_, io_buffer_size_, resolved_address_, port_,
- base::Bind(&SocketSendToFunction::OnCompleted, this));
+ socket_->SendTo(io_buffer_, io_buffer_size_, resolved_address_, port_,
+ base::Bind(&SocketSendToFunction::OnCompleted, this));
}
void SocketSendToFunction::OnCompleted(int bytes_written) {
« no previous file with comments | « chrome/browser/extensions/api/socket/socket_api.h ('k') | chrome/browser/extensions/api/socket/tcp_socket.h » ('j') | chrome/common/extensions/permissions/api_permission_set_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698