Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy

webkit/fileapi/sandbox_mount_point_provider.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "webkit/fileapi/sandbox_mount_point_provider.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
@@ skipping 207 matching lines @@
   if (file_system_options_.is_incognito())
     // TODO(kinuko): return an isolated temporary directory.
     return base::FilePath();
 
   if (!IsAllowedScheme(url.origin()))
     return base::FilePath();
 
   return GetBaseDirectoryForOriginAndType(url.origin(), url.type(), create);
 }
 
-bool SandboxMountPointProvider::IsAccessAllowed(const FileSystemURL& url) {
-  if (!CanHandleType(url.type()))
-    return false;
-  // We essentially depend on quota to do our access controls, so here
-  // we only check if the requested scheme is allowed or not.
-  return IsAllowedScheme(url.origin());
-}
-
-bool SandboxMountPointProvider::IsRestrictedFileName(const base::FilePath& filename)
-    const {
-  if (filename.value().empty())
-    return false;
-
-  for (size_t i = 0; i < arraysize(kRestrictedNames); ++i) {
-    // Exact match.
-    if (filename.value() == kRestrictedNames[i])
-      return true;
-  }
-
-  for (size_t i = 0; i < arraysize(kRestrictedChars); ++i) {
-    if (filename.value().find(kRestrictedChars[i]) !=
-        base::FilePath::StringType::npos)
-      return true;
-  }
-
-  return false;
-}
-
 FileSystemFileUtil* SandboxMountPointProvider::GetFileUtil(
     FileSystemType type) {
   DCHECK(sandbox_file_util_.get());
   return sandbox_file_util_->sync_file_util();
 }
 
 AsyncFileUtil* SandboxMountPointProvider::GetAsyncFileUtil(
     FileSystemType type) {
   return sandbox_file_util_.get();
 }
 
 FilePermissionPolicy SandboxMountPointProvider::GetPermissionPolicy(
     const FileSystemURL& url, int permissions) const {
+  if (!CanHandleType(url.type()) || !IsAllowedScheme(url.origin()))
+    return FILE_PERMISSION_ALWAYS_DENY;
+
+  if (url.path().ReferencesParent())
+    return FILE_PERMISSION_ALWAYS_DENY;
+
+  // Any write access is disallowed on the root path.
+  if ((url.path().value().length() == 0 ||
+       url.path().DirName().value() == url.path().value()) &&
+      (permissions &~ kReadFilePermissions))

[ericu, 2013/02/05 21:51:57]

Ditto.

+    return FILE_PERMISSION_ALWAYS_DENY;
+
+  if ((permissions & kCreateFilePermissions) == kCreateFilePermissions) {
+    // See if the name is allowed to create.
+    FilePath filename = VirtualPath::BaseName(url.path());
+    for (size_t i = 0; i < arraysize(kRestrictedNames); ++i) {
+      if (filename.value() == kRestrictedNames[i])
+        return FILE_PERMISSION_ALWAYS_DENY;
+    }
+    for (size_t i = 0; i < arraysize(kRestrictedChars); ++i) {
+      if (filename.value().find(kRestrictedChars[i]) !=
+          FilePath::StringType::npos)
+        return FILE_PERMISSION_ALWAYS_DENY;
+    }
+  }
+
   // Access to the sandbox directory (and only to the directory) should be
   // always allowed.
-  CHECK(CanHandleType(url.type()));
-  CHECK(!url.path().ReferencesParent());
   return FILE_PERMISSION_ALWAYS_ALLOW;
 }
 
 FileSystemOperation* SandboxMountPointProvider::CreateFileSystemOperation(
     const FileSystemURL& url,
     FileSystemContext* context,
     base::PlatformFileError* error_code) const {
   scoped_ptr<FileSystemOperationContext> operation_context(
       new FileSystemOperationContext(context));
 
@@ skipping 300 matching lines @@
   }
   return false;
 }
 
 ObfuscatedFileUtil* SandboxMountPointProvider::sandbox_sync_file_util() {
   DCHECK(sandbox_file_util_.get());
   return static_cast<ObfuscatedFileUtil*>(sandbox_file_util_->sync_file_util());
 }
 
 }  // namespace fileapi