| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "webkit/fileapi/sandboxed_file_system_operation.h" |
| 6 |
| 7 #include "net/url_request/url_request_context.h" |
| 8 #include "webkit/fileapi/file_system_callback_dispatcher.h" |
| 9 #include "webkit/fileapi/file_system_path_manager.h" |
| 10 #include "webkit/fileapi/file_system_quota_manager.h" |
| 11 #include "webkit/fileapi/sandboxed_file_system_context.h" |
| 12 |
| 13 namespace fileapi { |
| 14 |
| 15 SandboxedFileSystemOperation::SandboxedFileSystemOperation( |
| 16 FileSystemCallbackDispatcher* dispatcher, |
| 17 scoped_refptr<base::MessageLoopProxy> proxy, |
| 18 SandboxedFileSystemContext* file_system_context) |
| 19 : FileSystemOperation(dispatcher, proxy), |
| 20 file_system_context_(file_system_context), |
| 21 callback_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) { |
| 22 DCHECK(file_system_context_); |
| 23 } |
| 24 |
| 25 void SandboxedFileSystemOperation::OpenFileSystem( |
| 26 const GURL& origin_url, fileapi::FileSystemType type, bool create) { |
| 27 #ifndef NDEBUG |
| 28 DCHECK(kOperationNone == pending_operation_); |
| 29 pending_operation_ = static_cast<FileSystemOperation::OperationType>( |
| 30 kOperationOpenFileSystem); |
| 31 #endif |
| 32 |
| 33 file_system_context_->path_manager()->GetFileSystemRootPath( |
| 34 origin_url, type, create, |
| 35 callback_factory_.NewCallback( |
| 36 &SandboxedFileSystemOperation::DidGetRootPath)); |
| 37 } |
| 38 |
| 39 void SandboxedFileSystemOperation::CreateFile( |
| 40 const FilePath& path, bool exclusive) { |
| 41 if (!VerifyFileSystemPathForWrite(path, true /* create */, 0)) |
| 42 return; |
| 43 FileSystemOperation::CreateFile(path, exclusive); |
| 44 } |
| 45 |
| 46 void SandboxedFileSystemOperation::CreateDirectory( |
| 47 const FilePath& path, bool exclusive, bool recursive) { |
| 48 if (!VerifyFileSystemPathForWrite(path, true /* create */, 0)) |
| 49 return; |
| 50 FileSystemOperation::CreateDirectory(path, exclusive, recursive); |
| 51 } |
| 52 |
| 53 void SandboxedFileSystemOperation::Copy( |
| 54 const FilePath& src_path, const FilePath& dest_path) { |
| 55 if (!VerifyFileSystemPathForRead(src_path) || |
| 56 !VerifyFileSystemPathForWrite(dest_path, true /* create */, |
| 57 FileSystemQuotaManager::kUnknownSize)) |
| 58 return; |
| 59 FileSystemOperation::Copy(src_path, dest_path); |
| 60 } |
| 61 |
| 62 void SandboxedFileSystemOperation::Move( |
| 63 const FilePath& src_path, const FilePath& dest_path) { |
| 64 if (!VerifyFileSystemPathForRead(src_path) || |
| 65 !VerifyFileSystemPathForWrite(dest_path, true /* create */, |
| 66 FileSystemQuotaManager::kUnknownSize)) |
| 67 return; |
| 68 FileSystemOperation::Move(src_path, dest_path); |
| 69 } |
| 70 |
| 71 void SandboxedFileSystemOperation::DirectoryExists(const FilePath& path) { |
| 72 if (!VerifyFileSystemPathForRead(path)) |
| 73 return; |
| 74 FileSystemOperation::DirectoryExists(path); |
| 75 } |
| 76 |
| 77 void SandboxedFileSystemOperation::FileExists(const FilePath& path) { |
| 78 if (!VerifyFileSystemPathForRead(path)) |
| 79 return; |
| 80 FileSystemOperation::FileExists(path); |
| 81 } |
| 82 |
| 83 void SandboxedFileSystemOperation::GetMetadata(const FilePath& path) { |
| 84 if (!VerifyFileSystemPathForRead(path)) |
| 85 return; |
| 86 FileSystemOperation::GetMetadata(path); |
| 87 } |
| 88 |
| 89 void SandboxedFileSystemOperation::ReadDirectory(const FilePath& path) { |
| 90 if (!VerifyFileSystemPathForRead(path)) |
| 91 return; |
| 92 FileSystemOperation::ReadDirectory(path); |
| 93 } |
| 94 |
| 95 void SandboxedFileSystemOperation::Remove( |
| 96 const FilePath& path, bool recursive) { |
| 97 if (!VerifyFileSystemPathForWrite(path, false /* create */, 0)) |
| 98 return; |
| 99 FileSystemOperation::Remove(path, recursive); |
| 100 } |
| 101 |
| 102 void SandboxedFileSystemOperation::Write( |
| 103 scoped_refptr<URLRequestContext> url_request_context, |
| 104 const FilePath& path, const GURL& blob_url, int64 offset) { |
| 105 if (!VerifyFileSystemPathForWrite(path, true /* create */, |
| 106 FileSystemQuotaManager::kUnknownSize)) |
| 107 return; |
| 108 FileSystemOperation::Write(url_request_context, path, blob_url, offset); |
| 109 } |
| 110 |
| 111 void SandboxedFileSystemOperation::Truncate( |
| 112 const FilePath& path, int64 length) { |
| 113 if (!VerifyFileSystemPathForWrite(path, false /* create */, 0)) |
| 114 return; |
| 115 FileSystemOperation::Truncate(path, length); |
| 116 } |
| 117 |
| 118 void SandboxedFileSystemOperation::TouchFile(const FilePath& path, |
| 119 const base::Time& last_access_time, |
| 120 const base::Time& last_modified_time) { |
| 121 if (!VerifyFileSystemPathForWrite(path, true /* create */, 0)) |
| 122 return; |
| 123 FileSystemOperation::TouchFile(path, last_access_time, last_modified_time); |
| 124 } |
| 125 |
| 126 void SandboxedFileSystemOperation::DidGetRootPath( |
| 127 bool success, const FilePath& path, const std::string& name) { |
| 128 DCHECK(success || path.empty()); |
| 129 dispatcher()->DidOpenFileSystem(name, path); |
| 130 } |
| 131 |
| 132 bool SandboxedFileSystemOperation::VerifyFileSystemPathForRead( |
| 133 const FilePath& path) { |
| 134 // We may want do more checks, but for now it just checks if the given |
| 135 // |path| is under the valid FileSystem root path for this host context. |
| 136 if (!file_system_context_->path_manager()->CrackFileSystemPath( |
| 137 path, NULL, NULL, NULL)) { |
| 138 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); |
| 139 return false; |
| 140 } |
| 141 return true; |
| 142 } |
| 143 |
| 144 bool SandboxedFileSystemOperation::VerifyFileSystemPathForWrite( |
| 145 const FilePath& path, bool create, int64 growth) { |
| 146 GURL origin_url; |
| 147 FilePath virtual_path; |
| 148 if (!file_system_context_->path_manager()->CrackFileSystemPath( |
| 149 path, &origin_url, NULL, &virtual_path)) { |
| 150 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); |
| 151 return false; |
| 152 } |
| 153 // Any write access is disallowed on the root path. |
| 154 if (virtual_path.value().length() == 0 || |
| 155 virtual_path.DirName().value() == virtual_path.value()) { |
| 156 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); |
| 157 return false; |
| 158 } |
| 159 if (create && file_system_context_->path_manager()->IsRestrictedFileName( |
| 160 path.BaseName())) { |
| 161 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); |
| 162 return false; |
| 163 } |
| 164 // TODO(kinuko): For operations with kUnknownSize we'll eventually |
| 165 // need to resolve what amount of size it's going to write. |
| 166 if (!file_system_context_->quota_manager()->CheckOriginQuota( |
| 167 origin_url, growth)) { |
| 168 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_NO_SPACE); |
| 169 return false; |
| 170 } |
| 171 return true; |
| 172 } |
| 173 |
| 174 bool SandboxedFileSystemOperation::CheckIfFilePathIsSafe( |
| 175 const FilePath& path) { |
| 176 if (file_system_context_->path_manager()->IsRestrictedFileName( |
| 177 path.BaseName())) { |
| 178 dispatcher()->DidFail(base::PLATFORM_FILE_ERROR_SECURITY); |
| 179 return false; |
| 180 } |
| 181 return true; |
| 182 } |
| 183 |
| 184 } // namespace fileapi |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 4054003:
FileSystem code cleanup 2nd cut - introduce SandboxedFileSystemOperation (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src