| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webkit/chromeos/fileapi/cros_mount_point_provider.h" | 5 #include "webkit/chromeos/fileapi/cros_mount_point_provider.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 | 8 |
| 9 #include "base/file_path.h" | 9 #include "base/file_path.h" |
| 10 #include "googleurl/src/url_util.h" | 10 #include "googleurl/src/url_util.h" |
| 11 #include "testing/gtest/include/gtest/gtest.h" | 11 #include "testing/gtest/include/gtest/gtest.h" |
| 12 #include "webkit/fileapi/external_mount_points.h" | 12 #include "webkit/fileapi/external_mount_points.h" |
| 13 #include "webkit/fileapi/file_permission_policy.h" |
| 13 #include "webkit/fileapi/file_system_url.h" | 14 #include "webkit/fileapi/file_system_url.h" |
| 14 #include "webkit/fileapi/isolated_context.h" | 15 #include "webkit/fileapi/isolated_context.h" |
| 15 #include "webkit/quota/mock_special_storage_policy.h" | 16 #include "webkit/quota/mock_special_storage_policy.h" |
| 16 | 17 |
| 17 #define FPL(x) FILE_PATH_LITERAL(x) | 18 #define FPL(x) FILE_PATH_LITERAL(x) |
| 18 | 19 |
| 19 using fileapi::ExternalMountPoints; | 20 using fileapi::ExternalMountPoints; |
| 20 using fileapi::FileSystemURL; | 21 using fileapi::FileSystemURL; |
| 21 | 22 |
| 22 namespace { | 23 namespace { |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 82 std::vector<base::FilePath> root_dirs = provider.GetRootDirectories(); | 83 std::vector<base::FilePath> root_dirs = provider.GetRootDirectories(); |
| 83 std::set<base::FilePath> root_dirs_set(root_dirs.begin(), root_dirs.end()); | 84 std::set<base::FilePath> root_dirs_set(root_dirs.begin(), root_dirs.end()); |
| 84 EXPECT_EQ(4u, root_dirs.size()); | 85 EXPECT_EQ(4u, root_dirs.size()); |
| 85 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/a/b/c")))); | 86 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/a/b/c")))); |
| 86 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/b/c/d")))); | 87 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/b/c/d")))); |
| 87 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/g/c/d")))); | 88 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/g/c/d")))); |
| 88 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/g/d/e")))); | 89 EXPECT_TRUE(root_dirs_set.count(base::FilePath(FPL("/g/d/e")))); |
| 89 } | 90 } |
| 90 | 91 |
| 91 TEST(CrosMountPointProviderTest, AccessPermissions) { | 92 TEST(CrosMountPointProviderTest, AccessPermissions) { |
| 93 const int kPermission = fileapi::kReadFilePermissions; |
| 94 |
| 92 url_util::AddStandardScheme("chrome-extension"); | 95 url_util::AddStandardScheme("chrome-extension"); |
| 93 | 96 |
| 94 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = | 97 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = |
| 95 new quota::MockSpecialStoragePolicy(); | 98 new quota::MockSpecialStoragePolicy(); |
| 96 scoped_refptr<fileapi::ExternalMountPoints> mount_points( | 99 scoped_refptr<fileapi::ExternalMountPoints> mount_points( |
| 97 fileapi::ExternalMountPoints::CreateRefCounted()); | 100 fileapi::ExternalMountPoints::CreateRefCounted()); |
| 98 scoped_refptr<fileapi::ExternalMountPoints> system_mount_points( | 101 scoped_refptr<fileapi::ExternalMountPoints> system_mount_points( |
| 99 fileapi::ExternalMountPoints::CreateRefCounted()); | 102 fileapi::ExternalMountPoints::CreateRefCounted()); |
| 100 chromeos::CrosMountPointProvider provider( | 103 chromeos::CrosMountPointProvider provider( |
| 101 storage_policy, | 104 storage_policy, |
| (...skipping 12 matching lines...) Expand all Loading... |
| 114 ASSERT_TRUE(mount_points->RegisterFileSystem( | 117 ASSERT_TRUE(mount_points->RegisterFileSystem( |
| 115 "removable", | 118 "removable", |
| 116 fileapi::kFileSystemTypeNativeLocal, | 119 fileapi::kFileSystemTypeNativeLocal, |
| 117 base::FilePath(FPL("/media/removable")))); | 120 base::FilePath(FPL("/media/removable")))); |
| 118 ASSERT_TRUE(mount_points->RegisterFileSystem( | 121 ASSERT_TRUE(mount_points->RegisterFileSystem( |
| 119 "oem", | 122 "oem", |
| 120 fileapi::kFileSystemTypeRestrictedNativeLocal, | 123 fileapi::kFileSystemTypeRestrictedNativeLocal, |
| 121 base::FilePath(FPL("/usr/share/oem")))); | 124 base::FilePath(FPL("/usr/share/oem")))); |
| 122 | 125 |
| 123 // Provider specific mount point access. | 126 // Provider specific mount point access. |
| 124 EXPECT_FALSE(provider.IsAccessAllowed( | 127 EXPECT_EQ( |
| 125 CreateFileSystemURL(extension, "removable/foo", mount_points.get()))); | 128 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 129 provider.GetPermissionPolicy( |
| 130 CreateFileSystemURL(extension, "removable/foo", mount_points.get()), |
| 131 kPermission)); |
| 126 | 132 |
| 127 provider.GrantFileAccessToExtension(extension, | 133 provider.GrantFileAccessToExtension(extension, |
| 128 base::FilePath(FPL("removable/foo"))); | 134 FilePath(FPL("removable/foo"))); |
| 129 EXPECT_TRUE(provider.IsAccessAllowed( | 135 EXPECT_EQ( |
| 130 CreateFileSystemURL(extension, "removable/foo", mount_points.get()))); | 136 fileapi::FILE_PERMISSION_USE_FILE_PERMISSION, |
| 131 EXPECT_FALSE(provider.IsAccessAllowed( | 137 provider.GetPermissionPolicy( |
| 132 CreateFileSystemURL(extension, "removable/foo1", mount_points.get()))); | 138 CreateFileSystemURL(extension, "removable/foo", mount_points.get()), |
| 139 kPermission)); |
| 140 EXPECT_EQ( |
| 141 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 142 provider.GetPermissionPolicy( |
| 143 CreateFileSystemURL(extension, "removable/foo1", mount_points.get()), |
| 144 kPermission)); |
| 133 | 145 |
| 134 // System mount point access. | 146 // System mount point access. |
| 135 EXPECT_FALSE(provider.IsAccessAllowed( | 147 EXPECT_EQ( |
| 136 CreateFileSystemURL(extension, "system/foo", system_mount_points.get()))); | 148 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 149 provider.GetPermissionPolicy( |
| 150 CreateFileSystemURL(extension, "system/foo", |
| 151 system_mount_points.get()), |
| 152 kPermission)); |
| 137 | 153 |
| 138 provider.GrantFileAccessToExtension(extension, base::FilePath(FPL("system/foo"
))); | 154 provider.GrantFileAccessToExtension(extension, FilePath(FPL("system/foo"))); |
| 139 EXPECT_TRUE(provider.IsAccessAllowed( | 155 EXPECT_EQ( |
| 140 CreateFileSystemURL(extension, "system/foo", system_mount_points.get()))); | 156 fileapi::FILE_PERMISSION_USE_FILE_PERMISSION, |
| 141 EXPECT_FALSE(provider.IsAccessAllowed(CreateFileSystemURL( | 157 provider.GetPermissionPolicy( |
| 142 extension, "system/foo1", system_mount_points.get()))); | 158 CreateFileSystemURL(extension, "system/foo", |
| 159 system_mount_points.get()), |
| 160 kPermission)); |
| 161 EXPECT_EQ( |
| 162 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 163 provider.GetPermissionPolicy( |
| 164 CreateFileSystemURL(extension, "system/foo1", |
| 165 system_mount_points.get()), |
| 166 kPermission)); |
| 143 | 167 |
| 144 // oem is restricted file system. | 168 // oem is restricted file system. |
| 145 provider.GrantFileAccessToExtension(extension, base::FilePath(FPL("oem/foo")))
; | 169 provider.GrantFileAccessToExtension(extension, base::FilePath(FPL("oem/foo")))
; |
| 146 // The extension should not be able to access the file even if | 170 // The extension should not be able to access the file even if |
| 147 // GrantFileAccessToExtension was called. | 171 // GrantFileAccessToExtension was called. |
| 148 EXPECT_FALSE(provider.IsAccessAllowed( | 172 EXPECT_EQ( |
| 149 CreateFileSystemURL(extension, "oem/foo", mount_points.get()))); | 173 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 174 provider.GetPermissionPolicy( |
| 175 CreateFileSystemURL(extension, "oem/foo", mount_points.get()), |
| 176 kPermission)); |
| 150 | 177 |
| 151 provider.GrantFullAccessToExtension(extension); | 178 provider.GrantFullAccessToExtension(extension); |
| 152 // The extension should be able to access restricted file system after it was | 179 // The extension should be able to access restricted file system after it was |
| 153 // granted full access. | 180 // granted full access. |
| 154 EXPECT_TRUE(provider.IsAccessAllowed( | 181 EXPECT_EQ( |
| 155 CreateFileSystemURL(extension, "oem/foo", mount_points.get()))); | 182 fileapi::FILE_PERMISSION_USE_FILE_PERMISSION, |
| 156 // The extension which was granted full access should be able to access any | 183 provider.GetPermissionPolicy( |
| 157 // path on curent file systems. | 184 CreateFileSystemURL(extension, "oem/foo", mount_points.get()), |
| 158 EXPECT_TRUE(provider.IsAccessAllowed( | 185 kPermission)); |
| 159 CreateFileSystemURL(extension, "removable/foo1", mount_points.get()))); | 186 // The extension which was granted full access should be able to access any |
| 160 EXPECT_TRUE(provider.IsAccessAllowed(CreateFileSystemURL( | 187 // path on current file systems. |
| 161 extension, "system/foo1", system_mount_points.get()))); | 188 EXPECT_EQ( |
| 189 fileapi::FILE_PERMISSION_USE_FILE_PERMISSION, |
| 190 provider.GetPermissionPolicy( |
| 191 CreateFileSystemURL(extension, "removable/foo1", mount_points.get()), |
| 192 kPermission)); |
| 193 EXPECT_EQ( |
| 194 fileapi::FILE_PERMISSION_USE_FILE_PERMISSION, |
| 195 provider.GetPermissionPolicy( |
| 196 CreateFileSystemURL(extension, "system/foo1", |
| 197 system_mount_points.get()), |
| 198 kPermission)); |
| 162 | 199 |
| 163 // The extension cannot access new mount points. | 200 // The extension cannot access new mount points. |
| 164 // TODO(tbarzic): This should probably be changed. | 201 // TODO(tbarzic): This should probably be changed. |
| 165 ASSERT_TRUE(mount_points->RegisterFileSystem( | 202 ASSERT_TRUE(mount_points->RegisterFileSystem( |
| 166 "test", | 203 "test", |
| 167 fileapi::kFileSystemTypeNativeLocal, | 204 fileapi::kFileSystemTypeNativeLocal, |
| 168 base::FilePath(FPL("/foo/test")))); | 205 FilePath(FPL("/foo/test")))); |
| 169 EXPECT_FALSE(provider.IsAccessAllowed( | 206 EXPECT_EQ( |
| 170 CreateFileSystemURL(extension, "test_/foo", mount_points.get()))); | 207 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 208 provider.GetPermissionPolicy( |
| 209 CreateFileSystemURL(extension, "test_/foo", mount_points.get()), |
| 210 kPermission)); |
| 171 | 211 |
| 172 provider.RevokeAccessForExtension(extension); | 212 provider.RevokeAccessForExtension(extension); |
| 173 EXPECT_FALSE(provider.IsAccessAllowed( | 213 EXPECT_EQ( |
| 174 CreateFileSystemURL(extension, "removable/foo", mount_points.get()))); | 214 fileapi::FILE_PERMISSION_ALWAYS_DENY, |
| 215 provider.GetPermissionPolicy( |
| 216 CreateFileSystemURL(extension, "removable/foo", mount_points.get()), |
| 217 kPermission)); |
| 175 | 218 |
| 176 fileapi::FileSystemURL internal_url = FileSystemURL::CreateForTest( | 219 fileapi::FileSystemURL internal_url = FileSystemURL::CreateForTest( |
| 177 GURL("chrome://foo"), | 220 GURL("chrome://foo"), |
| 178 fileapi::kFileSystemTypeExternal, | 221 fileapi::kFileSystemTypeExternal, |
| 179 base::FilePath(FPL("removable/"))); | 222 base::FilePath(FPL("removable/"))); |
| 180 // Internal WebUI should have full access. | 223 // Internal WebUI should have full access. |
| 181 EXPECT_TRUE(provider.IsAccessAllowed(internal_url)); | 224 EXPECT_EQ( |
| 225 fileapi::FILE_PERMISSION_ALWAYS_ALLOW, |
| 226 provider.GetPermissionPolicy(internal_url, kPermission)); |
| 182 } | 227 } |
| 183 | 228 |
| 184 TEST(CrosMountPointProvider, GetVirtualPathConflictWithSystemPoints) { | 229 TEST(CrosMountPointProvider, GetVirtualPathConflictWithSystemPoints) { |
| 185 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = | 230 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = |
| 186 new quota::MockSpecialStoragePolicy(); | 231 new quota::MockSpecialStoragePolicy(); |
| 187 scoped_refptr<fileapi::ExternalMountPoints> mount_points( | 232 scoped_refptr<fileapi::ExternalMountPoints> mount_points( |
| 188 fileapi::ExternalMountPoints::CreateRefCounted()); | 233 fileapi::ExternalMountPoints::CreateRefCounted()); |
| 189 scoped_refptr<fileapi::ExternalMountPoints> system_mount_points( | 234 scoped_refptr<fileapi::ExternalMountPoints> system_mount_points( |
| 190 fileapi::ExternalMountPoints::CreateRefCounted()); | 235 fileapi::ExternalMountPoints::CreateRefCounted()); |
| 191 chromeos::CrosMountPointProvider provider(storage_policy, | 236 chromeos::CrosMountPointProvider provider(storage_policy, |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 242 if (!kTestCases[i].success) | 287 if (!kTestCases[i].success) |
| 243 continue; | 288 continue; |
| 244 | 289 |
| 245 base::FilePath expected_virtual_path(kTestCases[i].virtual_path); | 290 base::FilePath expected_virtual_path(kTestCases[i].virtual_path); |
| 246 EXPECT_EQ(expected_virtual_path, virtual_path) | 291 EXPECT_EQ(expected_virtual_path, virtual_path) |
| 247 << "Resolving " << kTestCases[i].local_path; | 292 << "Resolving " << kTestCases[i].local_path; |
| 248 } | 293 } |
| 249 } | 294 } |
| 250 | 295 |
| 251 } // namespace | 296 } // namespace |
| 252 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12193007:
Deprecate MountPointProvider::IsAccessAllowed in favor of GetPermissionPolicy (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src