webkit/fileapi/sandbox_mount_point_provider_unittest.cc - Issue 12193007: Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy

Side by Side Diff: webkit/fileapi/sandbox_mount_point_provider_unittest.cc

Issue 12193007: Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: test fix Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "webkit/fileapi/sandbox_mount_point_provider.h"	5 #include "webkit/fileapi/sandbox_mount_point_provider.h"

6	6

7 #include <set>	7 #include <set>

8	8

9 #include "base/basictypes.h"	9 #include "base/basictypes.h"

10 #include "base/file_util.h"	10 #include "base/file_util.h"

11 #include "base/files/scoped_temp_dir.h"	11 #include "base/files/scoped_temp_dir.h"

12 #include "base/memory/scoped_ptr.h"	12 #include "base/memory/scoped_ptr.h"

13 #include "base/message_loop.h"	13 #include "base/message_loop.h"

14 #include "base/message_loop_proxy.h"	14 #include "base/message_loop_proxy.h"

15 #include "googleurl/src/gurl.h"	15 #include "googleurl/src/gurl.h"

16 #include "testing/gtest/include/gtest/gtest.h"	16 #include "testing/gtest/include/gtest/gtest.h"

17 #include "webkit/fileapi/file_system_mount_point_provider.h"	17 #include "webkit/fileapi/file_system_mount_point_provider.h"

	18 #include "webkit/fileapi/file_system_url.h"

18 #include "webkit/fileapi/file_system_util.h"	19 #include "webkit/fileapi/file_system_util.h"

19 #include "webkit/fileapi/mock_file_system_options.h"	20 #include "webkit/fileapi/mock_file_system_options.h"

20	21

21 namespace fileapi {	22 namespace fileapi {

22	23

	24 namespace {

	25

	26 FileSystemURL CreateFileSystemURL(const char* path) {

	27 const GURL kOrigin("http://foo/");

	28 return FileSystemURL::CreateForTest(

	29 kOrigin, kFileSystemTypeTemporary, FilePath::FromUTF8Unsafe(path));

	30 }

	31

	32 } // namespace

	33

23 class SandboxMountPointProviderOriginEnumeratorTest : public testing::Test {	34 class SandboxMountPointProviderOriginEnumeratorTest : public testing::Test {

24 public:	35 public:

25 void SetUp() {	36 void SetUp() {

26 ASSERT_TRUE(data_dir_.CreateUniqueTempDir());	37 ASSERT_TRUE(data_dir_.CreateUniqueTempDir());

27 sandbox_provider_.reset(	38 sandbox_provider_.reset(

28 new SandboxMountPointProvider(	39 new SandboxMountPointProvider(

29 NULL,	40 NULL,

30 base::MessageLoopProxy::current(),	41 base::MessageLoopProxy::current(),

31 data_dir_.path(),	42 data_dir_.path(),

32 CreateAllowFileAccessOptions()));	43 CreateAllowFileAccessOptions()));

(...skipping 64 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
97 if (enumerator->HasFileSystemType(kFileSystemTypePersistent)) {	108 if (enumerator->HasFileSystemType(kFileSystemTypePersistent)) {

98 ASSERT_TRUE(persistent_set.find(current) != persistent_set.end());	109 ASSERT_TRUE(persistent_set.find(current) != persistent_set.end());

99 ++persistent_actual_size;	110 ++persistent_actual_size;

100 }	111 }

101 }	112 }

102	113

103 EXPECT_EQ(temporary_size, temporary_actual_size);	114 EXPECT_EQ(temporary_size, temporary_actual_size);

104 EXPECT_EQ(persistent_size, persistent_actual_size);	115 EXPECT_EQ(persistent_size, persistent_actual_size);

105 }	116 }

106	117

	118 TEST(SandboxMountPointProviderTest, AccessPermissions) {

	119 MessageLoop message_loop_;

	120 SandboxMountPointProvider provider(

	121 NULL, base::MessageLoopProxy::current(), FilePath(),

	122 CreateAllowFileAccessOptions());

	123

	124 // Any access should be allowed in sandbox directory.

	125 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	126 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),

	127 kReadFilePermissions));

	128 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	129 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),

	130 kWriteFilePermissions));

	131 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	132 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),

	133 kCreateFilePermissions));

	134

	135 // Access to a path with parent references ('..') should be disallowed.

	136 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,

	137 provider.GetPermissionPolicy(CreateFileSystemURL("a/../b"),

	138 kReadFilePermissions));

	139

	140 // Access from non-allowed scheme should be disallowed.

	141 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,

	142 provider.GetPermissionPolicy(

	143 FileSystemURL::CreateForTest(

	144 GURL("unknown://bar"), kFileSystemTypeTemporary,

	145 FilePath::FromUTF8Unsafe("foo")),

	146 kReadFilePermissions));

	147

	148 // Access for non-sandbox type should be disallowed.

	149 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,

	150 provider.GetPermissionPolicy(

	151 FileSystemURL::CreateForTest(

	152 GURL("http://foo/"), kFileSystemTypeTest,

	153 FilePath::FromUTF8Unsafe("foo")),

	154 kReadFilePermissions));

	155

	156 // Create access with ristricted name should be disallowed.

	157 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,

	158 provider.GetPermissionPolicy(CreateFileSystemURL(".."),

	159 kCreateFilePermissions));

	160 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,

	161 provider.GetPermissionPolicy(CreateFileSystemURL("."),

	162 kCreateFilePermissions));

	163

	164 // Similar but safe cases.

	165 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	166 provider.GetPermissionPolicy(CreateFileSystemURL(" ."),

	167 kCreateFilePermissions));

	168 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	169 provider.GetPermissionPolicy(CreateFileSystemURL(". "),

	170 kCreateFilePermissions));

	171 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	172 provider.GetPermissionPolicy(CreateFileSystemURL(" .."),

	173 kCreateFilePermissions));

	174 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	175 provider.GetPermissionPolicy(CreateFileSystemURL(".. "),

	176 kCreateFilePermissions));

	177 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	178 provider.GetPermissionPolicy(CreateFileSystemURL("b."),

	179 kCreateFilePermissions));

	180 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,

	181 provider.GetPermissionPolicy(CreateFileSystemURL(".b"),

	182 kCreateFilePermissions));
	ericu 2013/02/05 21:51:57 I'd like to keep around FileSystemMountPointProvid I'd like to keep around FileSystemMountPointProviderTest.IsRestrictedName, which tries to create a bunch of files illegal on Windows, and also tests that we properly restrict "/" in filenames and "\\" everywhere. Those have caught multiple platform-specific bugs. kinuko 2013/02/06 09:24:50 They were important when we used to restrict them, Show quoted text On 2013/02/05 21:51:57, ericu wrote: > I'd like to keep around FileSystemMountPointProviderTest.IsRestrictedName, which > tries to create a bunch of files illegal on Windows, and also tests that we > properly restrict "/" in filenames and "\\" everywhere. Those have caught > multiple platform-specific bugs. They were important when we used to restrict them, but I think we're ready to deprecate them. The code we have today only performs simple string-matching that has nothing to do with platform-specific illegal filenames, and as for '/' and '\\' they're normalize in FileSystemURL constructor so the test result wouldn't be as we expect. Instead we have layout tests for all of those cases which run in content_browsertests (thanks to your change) so that we still can quickly spot problems. ericu 2013/02/11 22:29:17 The massive flakiness on some of our layout tests, Show quoted text On 2013/02/06 09:24:50, kinuko wrote: > On 2013/02/05 21:51:57, ericu wrote: > > I'd like to keep around FileSystemMountPointProviderTest.IsRestrictedName, > which > > tries to create a bunch of files illegal on Windows, and also tests that we > > properly restrict "/" in filenames and "\\" everywhere. Those have caught > > multiple platform-specific bugs. > > They were important when we used to restrict them, but I think we're ready to > deprecate them. The code we have today only performs simple string-matching > that has nothing to do with platform-specific illegal filenames, and as for '/' > and '\\' they're normalize in FileSystemURL constructor so the test result > wouldn't be as we expect. Instead we have layout tests for all of those cases > which run in content_browsertests (thanks to your change) so that we still can > quickly spot problems. The massive flakiness on some of our layout tests, which I fixed just a couple of months ago, was due to us accidentally calling a FilePath method on a filesystem path. It only showed up when the path started with e.g. "c:", on Windows. That test passed, but then killed the next few tests due to leftover files that were hard to clean up. These kinds of tests are really useful for those kinds of bugs. We probably don't need all of them, but at least keep the looks-like-a-drive-letter test and a handful of others. kinuko 2013/02/12 08:19:52 Ok, I added a test for that. Show quoted text On 2013/02/11 22:29:17, ericu wrote: > On 2013/02/06 09:24:50, kinuko wrote: > > On 2013/02/05 21:51:57, ericu wrote: > > > I'd like to keep around FileSystemMountPointProviderTest.IsRestrictedName, > > which > > > tries to create a bunch of files illegal on Windows, and also tests that we > > > properly restrict "/" in filenames and "\\" everywhere. Those have caught > > > multiple platform-specific bugs. > > > > They were important when we used to restrict them, but I think we're ready to > > deprecate them. The code we have today only performs simple string-matching > > that has nothing to do with platform-specific illegal filenames, and as for > '/' > > and '\\' they're normalize in FileSystemURL constructor so the test result > > wouldn't be as we expect. Instead we have layout tests for all of those cases > > which run in content_browsertests (thanks to your change) so that we still can > > quickly spot problems. > > The massive flakiness on some of our layout tests, which I fixed just a couple > of months ago, was due to us accidentally calling a FilePath method on a > filesystem path. It only showed up when the path started with e.g. "c:", on > Windows. That test passed, but then killed the next few tests due to leftover > files that were hard to clean up. These kinds of tests are really useful for > those kinds of bugs. > > We probably don't need all of them, but at least keep the > looks-like-a-drive-letter test and a handful of others. Ok, I added a test for that.
	183 }

	184

107 } // namespace fileapi	185 } // namespace fileapi

OLD	NEW

« webkit/fileapi/sandbox_mount_point_provider.cc ('K') | « webkit/fileapi/sandbox_mount_point_provider.cc ('k') | webkit/fileapi/test_mount_point_provider.h » ('j') | no next file with comments »