Chromium Code Reviews Chromium Code Reviews
Issue 1244233002:
Allow trusted brokers to restrict connections for spawned applications to whitelisted applications … (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef MOJO_SHELL_APPLICATION_INSTANCE_H_ | 5 #ifndef MOJO_SHELL_APPLICATION_INSTANCE_H_ |
| 6 #define MOJO_SHELL_APPLICATION_INSTANCE_H_ | 6 #define MOJO_SHELL_APPLICATION_INSTANCE_H_ |
| 7 | 7 |
| 8 #include <set> | |
| 9 | |
| 8 #include "base/callback.h" | 10 #include "base/callback.h" |
| 9 #include "mojo/application/public/interfaces/application.mojom.h" | 11 #include "mojo/application/public/interfaces/application.mojom.h" |
| 10 #include "mojo/application/public/interfaces/shell.mojom.h" | 12 #include "mojo/application/public/interfaces/shell.mojom.h" |
| 11 #include "mojo/public/cpp/bindings/binding.h" | 13 #include "mojo/public/cpp/bindings/binding.h" |
| 12 #include "mojo/shell/identity.h" | 14 #include "mojo/shell/identity.h" |
| 13 #include "url/gurl.h" | 15 #include "url/gurl.h" |
| 14 | 16 |
| 15 namespace mojo { | 17 namespace mojo { |
| 16 namespace shell { | 18 namespace shell { |
| 17 | 19 |
| 18 class ApplicationManager; | 20 class ApplicationManager; |
| 19 | 21 |
| 22 // A |TypeConverter| that will create an |std::set<E>| containing a copy of | |
| 23 // the contents of an |Array<T>|, using |TypeConverter<E, T>| to copy each | |
| 24 // element. If the input array is null, the output set will be empty. | |
| 25 template <typename E, typename T> | |
| 26 struct TypeConverter <std::set<E>, Array<T>> { | |
|
yzshen1
2015/07/22 22:26:47
Please consider share this code with application_i
| |
| 27 static std::set<E> Convert(const Array<T>& input) { | |
| 28 std::set<E> result; | |
| 29 if (!input.is_null()) { | |
| 30 for (size_t i = 0; i < input.size(); ++i) | |
| 31 result.insert(TypeConverter<E, T>::Convert(input[i])); | |
| 32 } | |
| 33 return result; | |
| 34 } | |
| 35 }; | |
| 36 | |
| 37 template <typename T, typename E> | |
| 38 struct TypeConverter <Array<T>, std::set<E>> { | |
| 39 static Array<T> Convert(const std::set<E>& input) { | |
| 40 Array<T> result(0u); | |
| 41 for (auto i : input) | |
| 42 result.push_back(TypeConverter<T, E>::Convert(i)); | |
| 43 return result.Pass(); | |
| 44 } | |
| 45 }; | |
| 46 | |
| 20 // Encapsulates a connection to an instance of an application, tracked by the | 47 // Encapsulates a connection to an instance of an application, tracked by the |
| 21 // shell's ApplicationManager. | 48 // shell's ApplicationManager. |
| 22 // TODO(beng): Currently this provides a default implementation of the Shell | |
| 23 // interface. This should be moved into a separate class RootShell | |
| 24 // which is instantiated when no other Shell implementation is | |
| 25 // provided via ConnectToApplication(). | |
| 26 class ApplicationInstance : public Shell { | 49 class ApplicationInstance : public Shell { |
| 27 public: | 50 public: |
| 51 using AllowedInterfaces = std::set <std::string> ; | |
|
jam
2015/07/22 19:47:40
nit: here and below extra spaces before and after
| |
| 52 using CapabilityFilter = std::map <std::string, AllowedInterfaces> ; | |
| 53 | |
| 28 ApplicationInstance(ApplicationPtr application, | 54 ApplicationInstance(ApplicationPtr application, |
| 29 ApplicationManager* manager, | 55 ApplicationManager* manager, |
| 30 const Identity& resolved_identity, | 56 const Identity& resolved_identity, |
| 57 const CapabilityFilter& filter, | |
| 31 const base::Closure& on_application_end); | 58 const base::Closure& on_application_end); |
| 32 | 59 |
| 33 ~ApplicationInstance() override; | 60 ~ApplicationInstance() override; |
| 34 | 61 |
| 35 void InitializeApplication(); | 62 void InitializeApplication(); |
| 36 | 63 |
| 37 void ConnectToClient(const GURL& requested_url, | 64 void ConnectToClient(ApplicationInstance* originator, |
| 65 const GURL& requested_url, | |
| 38 const GURL& requestor_url, | 66 const GURL& requestor_url, |
| 39 InterfaceRequest<ServiceProvider> services, | 67 InterfaceRequest<ServiceProvider> services, |
| 40 ServiceProviderPtr exposed_services); | 68 ServiceProviderPtr exposed_services, |
| 69 CapabilityFilterPtr filter); | |
| 70 | |
| 71 // Returns the set of interfaces this application instance is allowed to see | |
| 72 // from an instance with |identity|. | |
| 73 AllowedInterfaces GetAllowedInterfaces(const Identity& identity) const; | |
| 41 | 74 |
| 42 Application* application() { return application_.get(); } | 75 Application* application() { return application_.get(); } |
| 43 const Identity& identity() const { return identity_; } | 76 const Identity& identity() const { return identity_; } |
| 44 base::Closure on_application_end() const { return on_application_end_; } | 77 base::Closure on_application_end() const { return on_application_end_; } |
| 45 | 78 |
| 46 private: | 79 private: |
| 47 // Shell implementation: | 80 // Shell implementation: |
| 48 void ConnectToApplication(mojo::URLRequestPtr app_request, | 81 void ConnectToApplication(URLRequestPtr app_request, |
| 49 InterfaceRequest<ServiceProvider> services, | 82 InterfaceRequest<ServiceProvider> services, |
| 50 ServiceProviderPtr exposed_services) override; | 83 ServiceProviderPtr exposed_services, |
| 84 CapabilityFilterPtr filter) override; | |
| 51 void QuitApplication() override; | 85 void QuitApplication() override; |
| 52 | 86 |
| 87 void CallAcceptConnection(ApplicationInstance* originator, | |
| 88 const GURL& url, | |
| 89 InterfaceRequest<ServiceProvider> services, | |
| 90 ServiceProviderPtr exposed_services, | |
| 91 const GURL& requested_url); | |
| 92 | |
| 53 void OnConnectionError(); | 93 void OnConnectionError(); |
| 54 | 94 |
| 55 void OnQuitRequestedResult(bool can_quit); | 95 void OnQuitRequestedResult(bool can_quit); |
| 56 | 96 |
| 57 struct QueuedClientRequest { | 97 struct QueuedClientRequest { |
| 58 QueuedClientRequest(); | 98 QueuedClientRequest(); |
| 59 ~QueuedClientRequest(); | 99 ~QueuedClientRequest(); |
| 100 ApplicationInstance* originator; | |
| 60 GURL requested_url; | 101 GURL requested_url; |
| 61 GURL requestor_url; | 102 GURL requestor_url; |
| 62 InterfaceRequest<ServiceProvider> services; | 103 InterfaceRequest<ServiceProvider> services; |
| 63 ServiceProviderPtr exposed_services; | 104 ServiceProviderPtr exposed_services; |
| 105 CapabilityFilterPtr filter; | |
| 64 }; | 106 }; |
| 65 | 107 |
| 66 ApplicationManager* const manager_; | 108 ApplicationManager* const manager_; |
| 67 const Identity identity_; | 109 const Identity identity_; |
| 110 CapabilityFilter filter_; | |
| 68 base::Closure on_application_end_; | 111 base::Closure on_application_end_; |
| 69 ApplicationPtr application_; | 112 ApplicationPtr application_; |
| 70 Binding<Shell> binding_; | 113 Binding<Shell> binding_; |
| 71 bool queue_requests_; | 114 bool queue_requests_; |
| 72 std::vector<QueuedClientRequest*> queued_client_requests_; | 115 std::vector<QueuedClientRequest*> queued_client_requests_; |
| 73 | 116 |
| 74 DISALLOW_COPY_AND_ASSIGN(ApplicationInstance); | 117 DISALLOW_COPY_AND_ASSIGN(ApplicationInstance); |
| 75 }; | 118 }; |
| 76 | 119 |
| 77 } // namespace shell | 120 } // namespace shell |
| 78 } // namespace mojo | 121 } // namespace mojo |
| 79 | 122 |
| 80 #endif // MOJO_SHELL_APPLICATION_INSTANCE_H_ | 123 #endif // MOJO_SHELL_APPLICATION_INSTANCE_H_ |
| OLD | NEW |
