Cleanup: Removing FileSystemPathManager

webkit/fileapi/sandbox_mount_point_provider.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "webkit/fileapi/sandbox_mount_point_provider.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/memory/scoped_callback_factory.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop.h"
 #include "base/message_loop_proxy.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "base/metrics/histogram.h"
 #include "googleurl/src/gurl.h"
 #include "net/base/net_util.h"
 #include "webkit/fileapi/file_system_operation_context.h"
-#include "webkit/fileapi/file_system_path_manager.h"
+#include "webkit/fileapi/file_system_options.h"
 #include "webkit/fileapi/file_system_types.h"
 #include "webkit/fileapi/file_system_usage_cache.h"
 #include "webkit/fileapi/file_system_util.h"
 #include "webkit/fileapi/obfuscated_file_util.h"
 #include "webkit/fileapi/quota_file_util.h"
 #include "webkit/glue/webkit_glue.h"
 #include "webkit/quota/quota_manager.h"
 
 using quota::QuotaManagerProxy;
 
 namespace {
 
-static const FilePath::CharType kOldFileSystemUniqueNamePrefix[] =
+const char kChromeScheme[] = "chrome";
+const char kExtensionScheme[] = "chrome-extension";
+
+const FilePath::CharType kOldFileSystemUniqueNamePrefix[] =
     FILE_PATH_LITERAL("chrome-");
-static const int kOldFileSystemUniqueLength = 16;
-static const unsigned kOldFileSystemUniqueDirectoryNameLength =
+const int kOldFileSystemUniqueLength = 16;
+const unsigned kOldFileSystemUniqueDirectoryNameLength =
     kOldFileSystemUniqueLength + arraysize(kOldFileSystemUniqueNamePrefix) - 1;

[tzik, 2011/12/21 02:52:33]

size_t?

[kinuko, 2011/12/21 13:00:50]

Done.

 
 const char kOpenFileSystem[] = "FileSystem.OpenFileSystem";
 enum FileSystemError {
   kOK = 0,
   kIncognito,
   kInvalidScheme,
   kCreateDirectoryError,
   kFileSystemErrorMax,
 };
 
 // Restricted names.
 // http://dev.w3.org/2009/dap/file-system/file-dir-sys.html#naming-restrictions
-static const char* const kRestrictedNames[] = {
+const char* const kRestrictedNames[] = {
   ".", "..",
 };
 
 // Restricted chars.
-static const FilePath::CharType kRestrictedChars[] = {
+const FilePath::CharType kRestrictedChars[] = {
   '/', '\\',

[tzik, 2011/12/21 02:52:33]

FILE_PATH_LITERAL?

[kinuko, 2011/12/21 13:00:50]

Done.

 };
 
-inline std::string FilePathStringToASCII(
-    const FilePath::StringType& path_string) {
-#if defined(OS_WIN)
-  return WideToASCII(path_string);
-#elif defined(OS_POSIX)
-  return path_string;
-#endif
-}
-
 FilePath::StringType OldCreateUniqueDirectoryName(const GURL& origin_url) {
   // This can be anything but need to be unpredictable.
   static const FilePath::CharType letters[] = FILE_PATH_LITERAL(
     "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
   FilePath::StringType unique(kOldFileSystemUniqueNamePrefix);
   for (int i = 0; i < kOldFileSystemUniqueLength; ++i)
     unique += letters[base::RandInt(0, arraysize(letters) - 2)];
   return unique;
 }
 
@@ skipping 50 matching lines @@
   explicit OldSandboxOriginEnumerator(const FilePath& base_path)
       : enumerator_(base_path, false /* recursive */,
                     file_util::FileEnumerator::DIRECTORIES) {}
   virtual ~OldSandboxOriginEnumerator() {}
 
   virtual GURL Next() OVERRIDE {
     current_ = enumerator_.Next();
     if (current_.empty())
       return GURL();
     return fileapi::GetOriginURLFromIdentifier(
-        FilePathStringToASCII(current_.BaseName().value()));
+        current_.BaseName().MaybeAsASCII());
   }
 
   virtual bool HasFileSystemType(fileapi::FileSystemType type) const OVERRIDE {
     if (current_.empty())
       return false;
-    std::string directory =
-        fileapi::FileSystemPathManager::GetFileSystemTypeString(type);
+    std::string directory = GetFileSystemTypeString(type);
     DCHECK(!directory.empty());
     return file_util::DirectoryExists(current_.AppendASCII(directory));
   }
 
  private:
   file_util::FileEnumerator enumerator_;
   FilePath current_;
 };
 
 FilePath OldGetBaseDirectoryForOrigin(
     const FilePath& old_base_path,
     const GURL& origin_url) {
   std::string id = fileapi::GetOriginIdentifierFromURL(origin_url);
   if (!id.empty())
     return old_base_path.AppendASCII(id);
   return FilePath();
 }
 
 FilePath OldGetBaseDirectoryForOriginAndType(
     const FilePath& old_base_path,
     const GURL& origin_url, fileapi::FileSystemType type) {
-  std::string type_string =
-      fileapi::FileSystemPathManager::GetFileSystemTypeString(type);
+  std::string type_string = GetFileSystemTypeString(type);
   if (type_string.empty()) {
     NOTREACHED();
     return FilePath();
   }
   FilePath base_path = OldGetBaseDirectoryForOrigin(
       old_base_path, origin_url);
   if (base_path.empty()) {
     NOTREACHED();
     return FilePath();
   }
@@ skipping 92 matching lines @@
 const FilePath::CharType SandboxMountPointProvider::kOldFileSystemDirectory[] =
     FILE_PATH_LITERAL("FileSystem");
 
 const FilePath::CharType SandboxMountPointProvider::kNewFileSystemDirectory[] =
     FILE_PATH_LITERAL("File System");
 
 const FilePath::CharType
     SandboxMountPointProvider::kRenamedOldFileSystemDirectory[] =
         FILE_PATH_LITERAL("FS.old");
 
-SandboxMountPointProvider::SandboxMountPointProvider(
-    FileSystemPathManager* path_manager,
-    scoped_refptr<base::MessageLoopProxy> file_message_loop,
-    const FilePath& profile_path)
-    : FileSystemQuotaUtil(file_message_loop),
-      path_manager_(path_manager),
-      file_message_loop_(file_message_loop),
-      profile_path_(profile_path),
-      sandbox_file_util_(
-          new ObfuscatedFileUtil(
-              profile_path.Append(kNewFileSystemDirectory),
-              QuotaFileUtil::CreateDefault())) {
-}
-
-SandboxMountPointProvider::~SandboxMountPointProvider() {
-  if (!file_message_loop_->BelongsToCurrentThread())
-    file_message_loop_->ReleaseSoon(FROM_HERE, sandbox_file_util_.release());
-}
-
-bool SandboxMountPointProvider::IsAccessAllowed(const GURL& origin_url,
-                                                FileSystemType type,
-                                                const FilePath& unused) {
-  if (type != kFileSystemTypeTemporary && type != kFileSystemTypePersistent)
-    return false;
-  // We essentially depend on quota to do our access controls.
-  return path_manager_->IsAllowedScheme(origin_url);
-}
-
 class SandboxMountPointProvider::GetFileSystemRootPathTask
     : public base::RefCountedThreadSafe<
         SandboxMountPointProvider::GetFileSystemRootPathTask> {
  public:
   GetFileSystemRootPathTask(
       scoped_refptr<base::MessageLoopProxy> file_message_loop,
       const GURL& origin_url,
       FileSystemType type,
       ObfuscatedFileUtil* file_util,
       const FilePath& old_base_path,
-      const FileSystemPathManager::GetRootPathCallback& callback)
+      const FileSystemMountPointProvider::GetRootPathCallback& callback)
       : file_message_loop_(file_message_loop),
         origin_message_loop_proxy_(
             base::MessageLoopProxy::current()),
         origin_url_(origin_url),
         type_(type),
         file_util_(file_util),
         old_base_path_(old_base_path),
         callback_(callback) {
   }
 
@@ skipping 28 matching lines @@
                                 kFileSystemErrorMax);
     }
     origin_message_loop_proxy_->PostTask(
         FROM_HERE,
         base::Bind(&GetFileSystemRootPathTask::DispatchCallback, this,
                    root_path));
   }
 
   void DispatchCallback(const FilePath& root_path) {
     std::string origin_identifier = GetOriginIdentifierFromURL(origin_url_);
-    std::string type_string =
-        FileSystemPathManager::GetFileSystemTypeString(type_);
+    std::string type_string = GetFileSystemTypeString(type_);
     DCHECK(!type_string.empty());
     std::string name = origin_identifier + ":" + type_string;
 
     if (!root_path.empty())
       UMA_HISTOGRAM_ENUMERATION(kOpenFileSystem, kOK, kFileSystemErrorMax);
 
     callback_.Run(!root_path.empty(), root_path, name);
     callback_.Reset();
   }
 
   scoped_refptr<base::MessageLoopProxy> file_message_loop_;
   scoped_refptr<base::MessageLoopProxy> origin_message_loop_proxy_;
   GURL origin_url_;
   FileSystemType type_;
   scoped_refptr<ObfuscatedFileUtil> file_util_;
   FilePath old_base_path_;
-  FileSystemPathManager::GetRootPathCallback callback_;
+  FileSystemMountPointProvider::GetRootPathCallback callback_;
 };
 
-FilePath SandboxMountPointProvider::old_base_path() const {
-  return profile_path_.Append(kOldFileSystemDirectory);
+SandboxMountPointProvider::SandboxMountPointProvider(
+    scoped_refptr<base::MessageLoopProxy> file_message_loop,
+    const FilePath& profile_path,
+    FileSystemOptions* file_system_options)
+    : FileSystemQuotaUtil(file_message_loop),
+      file_message_loop_(file_message_loop),
+      profile_path_(profile_path),
+      file_system_options_(file_system_options),
+      sandbox_file_util_(
+          new ObfuscatedFileUtil(
+              profile_path.Append(kNewFileSystemDirectory),
+              QuotaFileUtil::CreateDefault())) {
+  DCHECK(file_system_options);
 }
 
-FilePath SandboxMountPointProvider::new_base_path() const {
-  return profile_path_.Append(kNewFileSystemDirectory);
+SandboxMountPointProvider::~SandboxMountPointProvider() {
+  if (!file_message_loop_->BelongsToCurrentThread())
+    file_message_loop_->ReleaseSoon(FROM_HERE, sandbox_file_util_.release());
 }
 
-FilePath SandboxMountPointProvider::renamed_old_base_path() const {
-  return profile_path_.Append(kRenamedOldFileSystemDirectory);
-}
-
-bool SandboxMountPointProvider::IsRestrictedFileName(const FilePath& filename)
-    const {
-  if (filename.value().empty())
+bool SandboxMountPointProvider::IsAccessAllowed(const GURL& origin_url,
+                                                FileSystemType type,
+                                                const FilePath& unused) {
+  if (type != kFileSystemTypeTemporary && type != kFileSystemTypePersistent)
     return false;
-
-  std::string filename_lower = StringToLowerASCII(
-      FilePathStringToASCII(filename.value()));
-
-  for (size_t i = 0; i < arraysize(kRestrictedNames); ++i) {
-    // Exact match.
-    if (filename_lower == kRestrictedNames[i])
-      return true;
-  }
-
-  for (size_t i = 0; i < arraysize(kRestrictedChars); ++i) {
-    if (filename.value().find(kRestrictedChars[i]) !=
-        FilePath::StringType::npos)
-      return true;
-  }
-
-  return false;
-}
-
-std::vector<FilePath> SandboxMountPointProvider::GetRootDirectories() const {
-  NOTREACHED();
-  // TODO(ericu): Implement this method and check for access permissions as
-  // fileBrowserPrivate extension API does. We currently have another mechanism,
-  // but we should switch over.  This may also need to call MigrateIfNeeded().
-  return  std::vector<FilePath>();
-}
-
-SandboxMountPointProvider::OriginEnumerator*
-SandboxMountPointProvider::CreateOriginEnumerator() const {
-  MigrateIfNeeded(sandbox_file_util_, old_base_path());
-  return new ObfuscatedOriginEnumerator(sandbox_file_util_.get());
+  // We essentially depend on quota to do our access controls, so here
+  // we only check if the requested scheme is allowed or not.
+  return IsAllowedScheme(origin_url);
 }
 
 void SandboxMountPointProvider::ValidateFileSystemRootAndGetURL(
     const GURL& origin_url, fileapi::FileSystemType type, bool create,
-    const FileSystemPathManager::GetRootPathCallback& callback) {
+    const FileSystemMountPointProvider::GetRootPathCallback& callback) {
   FilePath origin_base_path;
 
-  if (path_manager_->is_incognito()) {
+  if (file_system_options_->is_incognito()) {
     // TODO(kinuko): return an isolated temporary directory.
     callback.Run(false, FilePath(), std::string());
     UMA_HISTOGRAM_ENUMERATION(kOpenFileSystem,
                               kIncognito,
                               kFileSystemErrorMax);
     return;
   }
 
-  if (!path_manager_->IsAllowedScheme(origin_url)) {
+  if (!IsAllowedScheme(origin_url)) {
     callback.Run(false, FilePath(), std::string());
     UMA_HISTOGRAM_ENUMERATION(kOpenFileSystem,
                               kInvalidScheme,
                               kFileSystemErrorMax);
     return;
   }
 
   scoped_refptr<GetFileSystemRootPathTask> task(
       new GetFileSystemRootPathTask(
           file_message_loop_, origin_url, type, sandbox_file_util_.get(),
           old_base_path(), callback));
   task->Start(create);
 };
 
 FilePath
 SandboxMountPointProvider::ValidateFileSystemRootAndGetPathOnFileThread(
     const GURL& origin_url, FileSystemType type, const FilePath& unused,
     bool create) {
-  if (path_manager_->is_incognito())
+  if (file_system_options_->is_incognito())
     // TODO(kinuko): return an isolated temporary directory.
     return FilePath();
 
-  if (!path_manager_->IsAllowedScheme(origin_url))
+  if (!IsAllowedScheme(origin_url))
     return FilePath();
 
   MigrateIfNeeded(sandbox_file_util_, old_base_path());
 
   return sandbox_file_util_->GetDirectoryForOriginAndType(
       origin_url, type, create);
 }
 
+bool SandboxMountPointProvider::IsRestrictedFileName(const FilePath& filename)
+    const {
+  if (filename.value().empty())
+    return false;
+
+  std::string filename_lower = StringToLowerASCII(filename.MaybeAsASCII());

[tzik, 2011/12/21 02:52:33]

MaybeAsASCII will return empty string if filename contains non-ASCII character.
This behaves differ to FilePathStringToASCII in previous implementation.
Does it cause any trouble?
That is, if filename contains both non-ASCII char and restricted char, it will
path the test accidentally.

[kinuko, 2011/12/21 13:00:50]

Good catch.  Changed the code to use FilePath::CharType.

+
+  for (size_t i = 0; i < arraysize(kRestrictedNames); ++i) {
+    // Exact match.
+    if (filename_lower == kRestrictedNames[i])
+      return true;
+  }
+
+  for (size_t i = 0; i < arraysize(kRestrictedChars); ++i) {
+    if (filename.value().find(kRestrictedChars[i]) !=
+        FilePath::StringType::npos)
+      return true;
+  }
+
+  return false;
+}
+
+std::vector<FilePath> SandboxMountPointProvider::GetRootDirectories() const {
+  NOTREACHED();
+  // TODO(ericu): Implement this method and check for access permissions as
+  // fileBrowserPrivate extension API does. We currently have another mechanism,
+  // but we should switch over.  This may also need to call MigrateIfNeeded().
+  return  std::vector<FilePath>();
+}
+
+FileSystemFileUtil* SandboxMountPointProvider::GetFileUtil() {
+  return sandbox_file_util_.get();
+}
+
+FilePath SandboxMountPointProvider::old_base_path() const {
+  return profile_path_.Append(kOldFileSystemDirectory);
+}
+
+FilePath SandboxMountPointProvider::new_base_path() const {
+  return profile_path_.Append(kNewFileSystemDirectory);
+}
+
+FilePath SandboxMountPointProvider::renamed_old_base_path() const {
+  return profile_path_.Append(kRenamedOldFileSystemDirectory);
+}
+
+SandboxMountPointProvider::OriginEnumerator*
+SandboxMountPointProvider::CreateOriginEnumerator() const {
+  MigrateIfNeeded(sandbox_file_util_, old_base_path());
+  return new ObfuscatedOriginEnumerator(sandbox_file_util_.get());
+}
+
 FilePath SandboxMountPointProvider::GetBaseDirectoryForOriginAndType(
     const GURL& origin_url, fileapi::FileSystemType type, bool create) const {
 
   MigrateIfNeeded(sandbox_file_util_, old_base_path());
 
   return sandbox_file_util_->GetDirectoryForOriginAndType(
       origin_url, type, create);
 }
 
 bool SandboxMountPointProvider::DeleteOriginDataOnFileThread(
@@ skipping 138 matching lines @@
 
 void SandboxMountPointProvider::InvalidateUsageCache(
     const GURL& origin_url, fileapi::FileSystemType type) {
   DCHECK(type == fileapi::kFileSystemTypeTemporary ||
          type == fileapi::kFileSystemTypePersistent);
   FilePath usage_file_path = GetUsageCachePathForOriginAndType(
       origin_url, type);
   FileSystemUsageCache::IncrementDirty(usage_file_path);
 }
 
-FileSystemFileUtil* SandboxMountPointProvider::GetFileUtil() {
-  return sandbox_file_util_.get();
-}
-
 FilePath SandboxMountPointProvider::GetUsageCachePathForOriginAndType(
     const GURL& origin_url, fileapi::FileSystemType type) const {
   FilePath base_path =
       GetBaseDirectoryForOriginAndType(origin_url, type, false);
   if (base_path.empty())
     return FilePath();
   return base_path.AppendASCII(FileSystemUsageCache::kUsageFileName);
 }
 
 FilePath SandboxMountPointProvider::OldCreateFileSystemRootPath(
@@ skipping 14 matching lines @@
     return FilePath();
 
   // Creates the root directory.
   root = origin_base_path.Append(OldCreateUniqueDirectoryName(origin_url));
   if (!file_util::CreateDirectory(root))
     return FilePath();
 
   return root;
 }
 
+bool SandboxMountPointProvider::IsAllowedScheme(const GURL& url) const {
+  // Basically we only accept http or https. We allow file:// URLs
+  // only if --allow-file-access-from-files flag is given.
+  return url.SchemeIs("http") || url.SchemeIs("https") ||
+         url.SchemeIs(kExtensionScheme) || url.SchemeIs(kChromeScheme) ||
+         (url.SchemeIsFile() &&
+          file_system_options_->allow_file_access_from_files());
+}
+
 }  // namespace fileapi