Chromium Code Reviews Chromium Code Reviews
Issue 12193007:
Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webkit/fileapi/sandbox_mount_point_provider.h" | 5 #include "webkit/fileapi/sandbox_mount_point_provider.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| 11 #include "base/files/scoped_temp_dir.h" | 11 #include "base/files/scoped_temp_dir.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/message_loop.h" | 13 #include "base/message_loop.h" |
| 14 #include "base/message_loop_proxy.h" | 14 #include "base/message_loop_proxy.h" |
| 15 #include "googleurl/src/gurl.h" | 15 #include "googleurl/src/gurl.h" |
| 16 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
| 17 #include "webkit/fileapi/file_system_mount_point_provider.h" | 17 #include "webkit/fileapi/file_system_mount_point_provider.h" |
| 18 #include "webkit/fileapi/file_system_url.h" | |
| 18 #include "webkit/fileapi/file_system_util.h" | 19 #include "webkit/fileapi/file_system_util.h" |
| 19 #include "webkit/fileapi/mock_file_system_options.h" | 20 #include "webkit/fileapi/mock_file_system_options.h" |
| 20 | 21 |
| 21 namespace fileapi { | 22 namespace fileapi { |
| 22 | 23 |
| 24 namespace { | |
| 25 | |
| 26 FileSystemURL CreateFileSystemURL(const char* path) { | |
| 27 const GURL kOrigin("http://foo/"); | |
| 28 return FileSystemURL::CreateForTest( | |
| 29 kOrigin, kFileSystemTypeTemporary, FilePath::FromUTF8Unsafe(path)); | |
| 30 } | |
| 31 | |
| 32 } // namespace | |
| 33 | |
| 23 class SandboxMountPointProviderOriginEnumeratorTest : public testing::Test { | 34 class SandboxMountPointProviderOriginEnumeratorTest : public testing::Test { |
| 24 public: | 35 public: |
| 25 void SetUp() { | 36 void SetUp() { |
| 26 ASSERT_TRUE(data_dir_.CreateUniqueTempDir()); | 37 ASSERT_TRUE(data_dir_.CreateUniqueTempDir()); |
| 27 sandbox_provider_.reset( | 38 sandbox_provider_.reset( |
| 28 new SandboxMountPointProvider( | 39 new SandboxMountPointProvider( |
| 29 NULL, | 40 NULL, |
| 30 base::MessageLoopProxy::current(), | 41 base::MessageLoopProxy::current(), |
| 31 data_dir_.path(), | 42 data_dir_.path(), |
| 32 CreateAllowFileAccessOptions())); | 43 CreateAllowFileAccessOptions())); |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 97 if (enumerator->HasFileSystemType(kFileSystemTypePersistent)) { | 108 if (enumerator->HasFileSystemType(kFileSystemTypePersistent)) { |
| 98 ASSERT_TRUE(persistent_set.find(current) != persistent_set.end()); | 109 ASSERT_TRUE(persistent_set.find(current) != persistent_set.end()); |
| 99 ++persistent_actual_size; | 110 ++persistent_actual_size; |
| 100 } | 111 } |
| 101 } | 112 } |
| 102 | 113 |
| 103 EXPECT_EQ(temporary_size, temporary_actual_size); | 114 EXPECT_EQ(temporary_size, temporary_actual_size); |
| 104 EXPECT_EQ(persistent_size, persistent_actual_size); | 115 EXPECT_EQ(persistent_size, persistent_actual_size); |
| 105 } | 116 } |
| 106 | 117 |
| 118 TEST(SandboxMountPointProviderTest, AccessPermissions) { | |
| 119 MessageLoop message_loop_; | |
| 120 SandboxMountPointProvider provider( | |
| 121 NULL, base::MessageLoopProxy::current(), FilePath(), | |
| 122 CreateAllowFileAccessOptions()); | |
| 123 | |
| 124 // Any access should be allowed in sandbox directory. | |
| 125 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 126 provider.GetPermissionPolicy(CreateFileSystemURL("foo"), | |
| 127 kReadFilePermissions)); | |
| 128 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 129 provider.GetPermissionPolicy(CreateFileSystemURL("foo"), | |
| 130 kWriteFilePermissions)); | |
| 131 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 132 provider.GetPermissionPolicy(CreateFileSystemURL("foo"), | |
| 133 kCreateFilePermissions)); | |
| 134 | |
| 135 // Access to a path with parent references ('..') should be disallowed. | |
| 136 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY, | |
| 137 provider.GetPermissionPolicy(CreateFileSystemURL("a/../b"), | |
| 138 kReadFilePermissions)); | |
| 139 | |
| 140 // Access from non-allowed scheme should be disallowed. | |
| 141 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY, | |
| 142 provider.GetPermissionPolicy( | |
| 143 FileSystemURL::CreateForTest( | |
| 144 GURL("unknown://bar"), kFileSystemTypeTemporary, | |
| 145 FilePath::FromUTF8Unsafe("foo")), | |
| 146 kReadFilePermissions)); | |
| 147 | |
| 148 // Access for non-sandbox type should be disallowed. | |
| 149 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY, | |
| 150 provider.GetPermissionPolicy( | |
| 151 FileSystemURL::CreateForTest( | |
| 152 GURL("http://foo/"), kFileSystemTypeTest, | |
| 153 FilePath::FromUTF8Unsafe("foo")), | |
| 154 kReadFilePermissions)); | |
| 155 | |
| 156 // Create access with ristricted name should be disallowed. | |
|
ericu
2013/02/11 22:29:17
typo: restricted
| |
| 157 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY, | |
| 158 provider.GetPermissionPolicy(CreateFileSystemURL(".."), | |
| 159 kCreateFilePermissions)); | |
| 160 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY, | |
| 161 provider.GetPermissionPolicy(CreateFileSystemURL("."), | |
| 162 kCreateFilePermissions)); | |
| 163 | |
| 164 // Similar but safe cases. | |
| 165 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 166 provider.GetPermissionPolicy(CreateFileSystemURL(" ."), | |
| 167 kCreateFilePermissions)); | |
| 168 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 169 provider.GetPermissionPolicy(CreateFileSystemURL(". "), | |
| 170 kCreateFilePermissions)); | |
| 171 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 172 provider.GetPermissionPolicy(CreateFileSystemURL(" .."), | |
| 173 kCreateFilePermissions)); | |
| 174 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 175 provider.GetPermissionPolicy(CreateFileSystemURL(".. "), | |
| 176 kCreateFilePermissions)); | |
| 177 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 178 provider.GetPermissionPolicy(CreateFileSystemURL("b."), | |
| 179 kCreateFilePermissions)); | |
| 180 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW, | |
| 181 provider.GetPermissionPolicy(CreateFileSystemURL(".b"), | |
| 182 kCreateFilePermissions)); | |
| 183 } | |
| 184 | |
| 107 } // namespace fileapi | 185 } // namespace fileapi |
| OLD | NEW |
