Change ChildProcessSecurityPolicy to store a list of allowed flags for...

chrome/browser/child_process_security_policy.h

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 #define CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 
 #pragma once
 
 #include <map>
@@ skipping 51 matching lines @@
   void Remove(int renderer_id);
 
   // Whenever the browser processes commands the renderer to request a URL, it
   // should call this method to grant the renderer process the capability to
   // request the URL.
   void GrantRequestURL(int renderer_id, const GURL& url);
 
   // Whenever the user picks a file from a <input type="file"> element, the
   // browser should call this function to grant the renderer the capability to
   // upload the file to the web.
-  void GrantUploadFile(int renderer_id, const FilePath& file);
+  void GrantReadFile(int renderer_id, const FilePath& file);
+
+  // Grants certain permissions to a file. |permissions| must be a bit-set of
+  // base::PlatformFileFlags.
+  void GrantPermissionsForFile(int renderer_id,
+                               const FilePath& file,
+                               int permissions);
 
   // Grants the renderer process the capability to access URLs of the provided
   // scheme.
   void GrantScheme(int renderer_id, const std::string& scheme);
 
   // Whenever the browser processes commands the renderer to run web inspector,
   // it should call this method to grant the renderer process the capability to
   // run the inspector.
   void GrantInspectElement(int renderer_id);
 
@@ skipping 10 matching lines @@
   void RevokeReadRawCookies(int renderer_id);
 
   // Before servicing a renderer's request for a URL, the browser should call
   // this method to determine whether the renderer has the capability to
   // request the URL.
   bool CanRequestURL(int renderer_id, const GURL& url);
 
   // Before servicing a renderer's request to upload a file to the web, the
   // browser should call this method to determine whether the renderer has the
   // capability to upload the requested file.
-  bool CanUploadFile(int renderer_id, const FilePath& file);
+  bool CanReadFile(int renderer_id, const FilePath& file);
+
+  // Determins if certain permissions were granted for a file. |permissions|

[darin (slow to review), 2010/09/28 06:18:27]

nit: Determins -> Determines

+  // must be a bit-set of base::PlatformFileFlags.
+  bool HasPermissionsForFile(int renderer_id,
+                             const FilePath& file,
+                             int permissions);
 
   // Returns true if the specified renderer_id has been granted DOMUIBindings.
   // The browser should check this property before assuming the renderer is
   // allowed to use DOMUIBindings.
   bool HasDOMUIBindings(int renderer_id);
 
   // Returns true if the specified renderer_id has been granted DOMUIBindings.
   // The browser should check this property before assuming the renderer is
   // allowed to use extension bindings.
   bool HasExtensionBindings(int renderer_id);
@@ skipping 31 matching lines @@
   // This map holds a SecurityState for each renderer process.  The key for the
   // map is the ID of the RenderProcessHost.  The SecurityState objects are
   // owned by this object and are protected by |lock_|.  References to them must
   // not escape this class.
   SecurityStateMap security_state_;
 
   DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicy);
 };
 
 #endif  // CHROME_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_