| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/gdata/gdata_util.h" | 5 #include "chrome/browser/chromeos/gdata/gdata_util.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 | 177 |
| 178 // -1 to include 'gdata'. | 178 // -1 to include 'gdata'. |
| 179 FilePath extracted; | 179 FilePath extracted; |
| 180 for (size_t i = arraysize(kGDataMountPointPathComponents) - 1; | 180 for (size_t i = arraysize(kGDataMountPointPathComponents) - 1; |
| 181 i < components.size(); ++i) { | 181 i < components.size(); ++i) { |
| 182 extracted = extracted.Append(components[i]); | 182 extracted = extracted.Append(components[i]); |
| 183 } | 183 } |
| 184 return extracted; | 184 return extracted; |
| 185 } | 185 } |
| 186 | 186 |
| 187 void InsertGDataCachePathsPermissions( |
| 188 Profile* profile, |
| 189 const FilePath& gdata_path, |
| 190 std::vector<std::pair<FilePath, int> >* cache_paths ) { |
| 191 DCHECK(cache_paths); |
| 187 | 192 |
| 188 void SetPermissionsForGDataCacheFiles(Profile* profile, | |
| 189 int pid, | |
| 190 const FilePath& path) { | |
| 191 GDataFileSystem* file_system = GetGDataFileSystem(profile); | 193 GDataFileSystem* file_system = GetGDataFileSystem(profile); |
| 192 if (!file_system) | 194 if (!file_system) |
| 193 return; | 195 return; |
| 194 | 196 |
| 195 GDataFileProperties file_properties; | 197 GDataFileProperties file_properties; |
| 196 file_system->GetFileInfoFromPath(path, &file_properties); | 198 file_system->GetFileInfoFromPath(gdata_path, &file_properties); |
| 197 | 199 |
| 198 std::string resource_id = file_properties.resource_id; | 200 std::string resource_id = file_properties.resource_id; |
| 199 std::string file_md5 = file_properties.file_md5; | 201 std::string file_md5 = file_properties.file_md5; |
| 200 | 202 |
| 201 // We check permissions for raw cache file paths only for read-only | 203 // We check permissions for raw cache file paths only for read-only |
| 202 // operations (when fileEntry.file() is called), so read only permissions | 204 // operations (when fileEntry.file() is called), so read only permissions |
| 203 // should be sufficient for all cache paths. For the rest of supported | 205 // should be sufficient for all cache paths. For the rest of supported |
| 204 // operations the file access check is done for gdata/ paths. | 206 // operations the file access check is done for gdata/ paths. |
| 205 std::vector<std::pair<FilePath, int> > cache_paths; | 207 cache_paths->push_back(std::make_pair( |
| 206 cache_paths.push_back(std::make_pair( | |
| 207 file_system->GetCacheFilePath(resource_id, file_md5, | 208 file_system->GetCacheFilePath(resource_id, file_md5, |
| 208 GDataRootDirectory::CACHE_TYPE_PERSISTENT, | 209 GDataRootDirectory::CACHE_TYPE_PERSISTENT, |
| 209 GDataFileSystem::CACHED_FILE_FROM_SERVER), | 210 GDataFileSystem::CACHED_FILE_FROM_SERVER), |
| 210 kReadOnlyFilePermissions)); | 211 kReadOnlyFilePermissions)); |
| 211 // TODO(tbarzic): When we start supporting openFile operation, we may have to | 212 // TODO(tbarzic): When we start supporting openFile operation, we may have to |
| 212 // change permission for localy modified files to match handler's permissions. | 213 // change permission for localy modified files to match handler's permissions. |
| 213 cache_paths.push_back(std::make_pair( | 214 cache_paths->push_back(std::make_pair( |
| 214 file_system->GetCacheFilePath(resource_id, file_md5, | 215 file_system->GetCacheFilePath(resource_id, file_md5, |
| 215 GDataRootDirectory::CACHE_TYPE_PERSISTENT, | 216 GDataRootDirectory::CACHE_TYPE_PERSISTENT, |
| 216 GDataFileSystem::CACHED_FILE_LOCALLY_MODIFIED), | 217 GDataFileSystem::CACHED_FILE_LOCALLY_MODIFIED), |
| 217 kReadOnlyFilePermissions)); | 218 kReadOnlyFilePermissions)); |
| 218 cache_paths.push_back(std::make_pair( | 219 cache_paths->push_back(std::make_pair( |
| 219 file_system->GetCacheFilePath(resource_id, file_md5, | 220 file_system->GetCacheFilePath(resource_id, file_md5, |
| 220 GDataRootDirectory::CACHE_TYPE_TMP, | 221 GDataRootDirectory::CACHE_TYPE_TMP, |
| 221 GDataFileSystem::CACHED_FILE_FROM_SERVER), | 222 GDataFileSystem::CACHED_FILE_FROM_SERVER), |
| 222 kReadOnlyFilePermissions)); | 223 kReadOnlyFilePermissions)); |
| 223 | 224 |
| 225 } |
| 226 |
| 227 void SetPermissionsForGDataCacheFiles(Profile* profile, |
| 228 int pid, |
| 229 const FilePath& path) { |
| 230 std::vector<std::pair<FilePath, int> > cache_paths; |
| 231 InsertGDataCachePathsPermissions(profile, path, &cache_paths); |
| 224 for (size_t i = 0; i < cache_paths.size(); i++) { | 232 for (size_t i = 0; i < cache_paths.size(); i++) { |
| 225 content::ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 233 content::ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( |
| 226 pid, cache_paths[i].first, cache_paths[i].second); | 234 pid, cache_paths[i].first, cache_paths[i].second); |
| 227 } | 235 } |
| 228 } | 236 } |
| 229 | 237 |
| 230 bool IsGDataAvailable(Profile* profile) { | 238 bool IsGDataAvailable(Profile* profile) { |
| 231 // We allow GData only in canary and dev channels. http://crosbug.com/28806 | 239 // We allow GData only in canary and dev channels. http://crosbug.com/28806 |
| 232 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel(); | 240 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel(); |
| 233 if (channel == chrome::VersionInfo::CHANNEL_DEV || | 241 if (channel == chrome::VersionInfo::CHANNEL_DEV || |
| 234 channel == chrome::VersionInfo::CHANNEL_BETA || | 242 channel == chrome::VersionInfo::CHANNEL_BETA || |
| 235 channel == chrome::VersionInfo::CHANNEL_STABLE) | 243 channel == chrome::VersionInfo::CHANNEL_STABLE) |
| 236 return false; | 244 return false; |
| 237 | 245 |
| 238 // Do not allow GData for incognito windows / guest mode. | 246 // Do not allow GData for incognito windows / guest mode. |
| 239 if (profile->IsOffTheRecord()) | 247 if (profile->IsOffTheRecord()) |
| 240 return false; | 248 return false; |
| 241 | 249 |
| 242 // Disable gdata if preference is set. This can happen with commandline flag | 250 // Disable gdata if preference is set. This can happen with commandline flag |
| 243 // --disable-gdata or enterprise policy, or probably with user settings too | 251 // --disable-gdata or enterprise policy, or probably with user settings too |
| 244 // in the future. | 252 // in the future. |
| 245 if (profile->GetPrefs()->GetBoolean(prefs::kDisableGData)) | 253 if (profile->GetPrefs()->GetBoolean(prefs::kDisableGData)) |
| 246 return false; | 254 return false; |
| 247 | 255 |
| 248 return true; | 256 return true; |
| 249 } | 257 } |
| 250 | 258 |
| 251 } // namespace util | 259 } // namespace util |
| 252 } // namespace gdata | 260 } // namespace gdata |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10067021:
Postpone setting up file handler's file permissions if handler is running lazy background page. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src