webkit/chromeos/fileapi/cros_mount_point_provider.cc - Issue 12193007: Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy

Side by Side Diff: webkit/chromeos/fileapi/cros_mount_point_provider.cc

Issue 12193007: Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: test fix Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/browser/chromeos/extensions/file_handler_util.cc ('K') | « webkit/chromeos/fileapi/cros_mount_point_provider.h ('k') | webkit/chromeos/fileapi/cros_mount_point_provider_unittest.cc » ('j') | webkit/fileapi/isolated_mount_point_provider.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "webkit/chromeos/fileapi/cros_mount_point_provider.h"	5 #include "webkit/chromeos/fileapi/cros_mount_point_provider.h"

6	6

7 #include "base/chromeos/chromeos_version.h"	7 #include "base/chromeos/chromeos_version.h"

8 #include "base/logging.h"	8 #include "base/logging.h"

9 #include "base/memory/scoped_ptr.h"	9 #include "base/memory/scoped_ptr.h"

10 #include "base/message_loop.h"	10 #include "base/message_loop.h"

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
82 base::FilePath root_path;	82 base::FilePath root_path;

83 std::string mount_name = url.filesystem_id();	83 std::string mount_name = url.filesystem_id();

84 if (!mount_points_->GetRegisteredPath(mount_name, &root_path) &&	84 if (!mount_points_->GetRegisteredPath(mount_name, &root_path) &&

85 !system_mount_points_->GetRegisteredPath(mount_name, &root_path)) {	85 !system_mount_points_->GetRegisteredPath(mount_name, &root_path)) {

86 return base::FilePath();	86 return base::FilePath();

87 }	87 }

88	88

89 return root_path.DirName();	89 return root_path.DirName();

90 }	90 }

91	91

92 bool CrosMountPointProvider::IsAccessAllowed(

93 const fileapi::FileSystemURL& url) {

94 if (!url.is_valid())

95 return false;

96

97 // Permit access to mount points from internal WebUI.

98 const GURL& origin_url = url.origin();

99 if (origin_url.SchemeIs(kChromeUIScheme))

100 return true;

101

102 // No extra check is needed for isolated file systems.

103 if (url.mount_type() == fileapi::kFileSystemTypeIsolated)

104 return true;

105

106 if (!CanHandleURL(url))

107 return false;

108

109 std::string extension_id = origin_url.host();

110 // Check first to make sure this extension has fileBrowserHander permissions.

111 if (!special_storage_policy_->IsFileHandler(extension_id))

112 return false;

113

114 return file_access_permissions_->HasAccessPermission(extension_id,

115 url.virtual_path());

116 }

117

118 // TODO(zelidrag): Share this code with SandboxMountPointProvider impl.

119 bool CrosMountPointProvider::IsRestrictedFileName(

120 const base::FilePath& path) const {

121 return false;

122 }

123

124 fileapi::FileSystemQuotaUtil* CrosMountPointProvider::GetQuotaUtil() {	92 fileapi::FileSystemQuotaUtil* CrosMountPointProvider::GetQuotaUtil() {

125 // No quota support.	93 // No quota support.

126 return NULL;	94 return NULL;

127 }	95 }

128	96

129 void CrosMountPointProvider::DeleteFileSystem(	97 void CrosMountPointProvider::DeleteFileSystem(

130 const GURL& origin_url,	98 const GURL& origin_url,

131 fileapi::FileSystemType type,	99 fileapi::FileSystemType type,

132 fileapi::FileSystemContext* context,	100 fileapi::FileSystemContext* context,

133 const DeleteFileSystemCallback& callback) {	101 const DeleteFileSystemCallback& callback) {

(...skipping 67 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
201	169

202 fileapi::AsyncFileUtil* CrosMountPointProvider::GetAsyncFileUtil(	170 fileapi::AsyncFileUtil* CrosMountPointProvider::GetAsyncFileUtil(

203 fileapi::FileSystemType type) {	171 fileapi::FileSystemType type) {

204 DCHECK(type == fileapi::kFileSystemTypeNativeLocal \|\|	172 DCHECK(type == fileapi::kFileSystemTypeNativeLocal \|\|

205 type == fileapi::kFileSystemTypeRestrictedNativeLocal);	173 type == fileapi::kFileSystemTypeRestrictedNativeLocal);

206 return local_file_util_.get();	174 return local_file_util_.get();

207 }	175 }

208	176

209 fileapi::FilePermissionPolicy CrosMountPointProvider::GetPermissionPolicy(	177 fileapi::FilePermissionPolicy CrosMountPointProvider::GetPermissionPolicy(

210 const fileapi::FileSystemURL& url, int permissions) const {	178 const fileapi::FileSystemURL& url, int permissions) const {

	179 if (url.type() == fileapi::kFileSystemTypeRestrictedNativeLocal &&

	180 (permissions &~ fileapi::kReadFilePermissions)) {
	tbarzic 2013/02/05 19:37:28 personally, I would find " & ~x" more natural than personally, I would find " & ~x" more natural than " &~ x" given that ~ is actually an unary operator on x and & operator takes ~x as an argument. ericu 2013/02/05 21:51:57 +1. However, wouldn't != here be appropriate inst Show quoted text On 2013/02/05 19:37:28, tbarzic wrote: > personally, I would find " & ~x" more natural than " &~ x" given that ~ is > actually an unary operator on x and & operator takes ~x as an argument. +1. However, wouldn't != here be appropriate instead of "& ~"? Should permissions ever be 0? tbarzic 2013/02/05 22:21:25 != wouldn't work if \|permissions\| has (strict) sub Show quoted text On 2013/02/05 21:51:57, ericu wrote: > On 2013/02/05 19:37:28, tbarzic wrote: > > personally, I would find " & ~x" more natural than " &~ x" given that ~ is > > actually an unary operator on x and & operator takes ~x as an argument. > > > +1. However, wouldn't != here be appropriate instead of "& ~"? Should > permissions ever be 0? != wouldn't work if \|permissions\| has (strict) subset of permissions allowed by fileapi::kReadFilePermissions. ericu 2013/02/05 22:31:41 Ah, my bad. I was thinking it was a single bit, n Show quoted text On 2013/02/05 22:21:25, tbarzic wrote: > On 2013/02/05 21:51:57, ericu wrote: > > On 2013/02/05 19:37:28, tbarzic wrote: > > > personally, I would find " & ~x" more natural than " &~ x" given that ~ is > > > actually an unary operator on x and & operator takes ~x as an argument. > > > > > > +1. However, wouldn't != here be appropriate instead of "& ~"? Should > > permissions ever be 0? > > != wouldn't work if \|permissions\| has (strict) subset of permissions allowed by > fileapi::kReadFilePermissions. Ah, my bad. I was thinking it was a single bit, not a mask. That's fine, then [except that I agree about the formatting change].
	181 // Restricted file system is read-only.

	182 return fileapi::FILE_PERMISSION_ALWAYS_DENY;

	183 }

	184

	185 // Permit access to mount points from internal WebUI.

	186 const GURL& origin_url = url.origin();

	187 if (origin_url.SchemeIs(kChromeUIScheme))

	188 return fileapi::FILE_PERMISSION_ALWAYS_ALLOW;

	189

211 if (url.mount_type() == fileapi::kFileSystemTypeIsolated) {	190 if (url.mount_type() == fileapi::kFileSystemTypeIsolated) {

212 // Permissions in isolated filesystems should be examined with	191 // Permissions in isolated filesystems should be examined with

213 // FileSystem permission.	192 // FileSystem permission.

214 return fileapi::FILE_PERMISSION_USE_FILESYSTEM_PERMISSION;	193 return fileapi::FILE_PERMISSION_USE_FILESYSTEM_PERMISSION;

215 }	194 }

	195

	196 if (!CanHandleURL(url))

	197 return fileapi::FILE_PERMISSION_ALWAYS_DENY;

	198

	199 std::string extension_id = origin_url.host();

	200 // Check first to make sure this extension has fileBrowserHander permissions.

	201 if (!special_storage_policy_->IsFileHandler(extension_id))

	202 return fileapi::FILE_PERMISSION_ALWAYS_DENY;

	203

	204 if (!file_access_permissions_->HasAccessPermission(

	205 extension_id, url.virtual_path())) {

	206 return fileapi::FILE_PERMISSION_ALWAYS_DENY;

	207 }

	208

	209 // Also apply system's file permission by default.

216 return fileapi::FILE_PERMISSION_USE_FILE_PERMISSION;	210 return fileapi::FILE_PERMISSION_USE_FILE_PERMISSION;

217 }	211 }

218	212

219 fileapi::FileSystemOperation* CrosMountPointProvider::CreateFileSystemOperation(	213 fileapi::FileSystemOperation* CrosMountPointProvider::CreateFileSystemOperation(

220 const fileapi::FileSystemURL& url,	214 const fileapi::FileSystemURL& url,

221 fileapi::FileSystemContext* context,	215 fileapi::FileSystemContext* context,

222 base::PlatformFileError* error_code) const {	216 base::PlatformFileError* error_code) const {

223 DCHECK(url.is_valid());	217 DCHECK(url.is_valid());

224	218

225 if (url.type() == fileapi::kFileSystemTypeDrive) {	219 if (url.type() == fileapi::kFileSystemTypeDrive) {

(...skipping 56 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
282 fileapi::RemoteFileSystemProxyInterface* CrosMountPointProvider::GetRemoteProxy(	276 fileapi::RemoteFileSystemProxyInterface* CrosMountPointProvider::GetRemoteProxy(

283 const std::string& mount_name) const {	277 const std::string& mount_name) const {

284 fileapi::RemoteFileSystemProxyInterface* proxy =	278 fileapi::RemoteFileSystemProxyInterface* proxy =

285 mount_points_->GetRemoteFileSystemProxy(mount_name);	279 mount_points_->GetRemoteFileSystemProxy(mount_name);

286 if (proxy)	280 if (proxy)

287 return proxy;	281 return proxy;

288 return system_mount_points_->GetRemoteFileSystemProxy(mount_name);	282 return system_mount_points_->GetRemoteFileSystemProxy(mount_name);

289 }	283 }

290	284

291 } // namespace chromeos	285 } // namespace chromeos

OLD	NEW