| Index: mojo/shell/application_instance.h
|
| diff --git a/mojo/shell/application_instance.h b/mojo/shell/application_instance.h
|
| index 5340298dc05f355640b4989f622c3b070e02028c..40d103798232b242d08118eec711cd7d5c72f3d8 100644
|
| --- a/mojo/shell/application_instance.h
|
| +++ b/mojo/shell/application_instance.h
|
| @@ -5,6 +5,8 @@
|
| #ifndef MOJO_SHELL_APPLICATION_INSTANCE_H_
|
| #define MOJO_SHELL_APPLICATION_INSTANCE_H_
|
|
|
| +#include <set>
|
| +
|
| #include "base/callback.h"
|
| #include "mojo/application/public/interfaces/application.mojom.h"
|
| #include "mojo/application/public/interfaces/shell.mojom.h"
|
| @@ -13,31 +15,65 @@
|
| #include "url/gurl.h"
|
|
|
| namespace mojo {
|
| +
|
| +// TODO(beng): upstream this into mojo repo, array.h so it can be shared with
|
| +// application_impl.cc.
|
| +// A |TypeConverter| that will create an |std::set<E>| containing a copy of
|
| +// the contents of an |Array<T>|, using |TypeConverter<E, T>| to copy each
|
| +// element. If the input array is null, the output set will be empty.
|
| +template <typename E, typename T>
|
| +struct TypeConverter <std::set<E>, Array<T>> {
|
| + static std::set<E> Convert(const Array<T>& input) {
|
| + std::set<E> result;
|
| + if (!input.is_null()) {
|
| + for (size_t i = 0; i < input.size(); ++i)
|
| + result.insert(TypeConverter<E, T>::Convert(input[i]));
|
| + }
|
| + return result;
|
| + }
|
| +};
|
| +
|
| +template <typename T, typename E>
|
| +struct TypeConverter <Array<T>, std::set<E>> {
|
| + static Array<T> Convert(const std::set<E>& input) {
|
| + Array<T> result(0u);
|
| + for (auto i : input)
|
| + result.push_back(TypeConverter<T, E>::Convert(i));
|
| + return result.Pass();
|
| + }
|
| +};
|
| +
|
| namespace shell {
|
|
|
| class ApplicationManager;
|
|
|
| // Encapsulates a connection to an instance of an application, tracked by the
|
| // shell's ApplicationManager.
|
| -// TODO(beng): Currently this provides a default implementation of the Shell
|
| -// interface. This should be moved into a separate class RootShell
|
| -// which is instantiated when no other Shell implementation is
|
| -// provided via ConnectToApplication().
|
| class ApplicationInstance : public Shell {
|
| public:
|
| + using AllowedInterfaces = std::set<std::string>;
|
| + using CapabilityFilter = std::map<std::string, AllowedInterfaces>;
|
| +
|
| ApplicationInstance(ApplicationPtr application,
|
| ApplicationManager* manager,
|
| const Identity& resolved_identity,
|
| + const CapabilityFilter& filter,
|
| const base::Closure& on_application_end);
|
|
|
| ~ApplicationInstance() override;
|
|
|
| void InitializeApplication();
|
|
|
| - void ConnectToClient(const GURL& requested_url,
|
| + void ConnectToClient(ApplicationInstance* originator,
|
| + const GURL& requested_url,
|
| const GURL& requestor_url,
|
| InterfaceRequest<ServiceProvider> services,
|
| - ServiceProviderPtr exposed_services);
|
| + ServiceProviderPtr exposed_services,
|
| + CapabilityFilterPtr filter);
|
| +
|
| + // Returns the set of interfaces this application instance is allowed to see
|
| + // from an instance with |identity|.
|
| + AllowedInterfaces GetAllowedInterfaces(const Identity& identity) const;
|
|
|
| Application* application() { return application_.get(); }
|
| const Identity& identity() const { return identity_; }
|
| @@ -45,11 +81,18 @@ class ApplicationInstance : public Shell {
|
|
|
| private:
|
| // Shell implementation:
|
| - void ConnectToApplication(mojo::URLRequestPtr app_request,
|
| + void ConnectToApplication(URLRequestPtr app_request,
|
| InterfaceRequest<ServiceProvider> services,
|
| - ServiceProviderPtr exposed_services) override;
|
| + ServiceProviderPtr exposed_services,
|
| + CapabilityFilterPtr filter) override;
|
| void QuitApplication() override;
|
|
|
| + void CallAcceptConnection(ApplicationInstance* originator,
|
| + const GURL& url,
|
| + InterfaceRequest<ServiceProvider> services,
|
| + ServiceProviderPtr exposed_services,
|
| + const GURL& requested_url);
|
| +
|
| void OnConnectionError();
|
|
|
| void OnQuitRequestedResult(bool can_quit);
|
| @@ -57,14 +100,18 @@ class ApplicationInstance : public Shell {
|
| struct QueuedClientRequest {
|
| QueuedClientRequest();
|
| ~QueuedClientRequest();
|
| + ApplicationInstance* originator;
|
| GURL requested_url;
|
| GURL requestor_url;
|
| InterfaceRequest<ServiceProvider> services;
|
| ServiceProviderPtr exposed_services;
|
| + CapabilityFilterPtr filter;
|
| };
|
|
|
| ApplicationManager* const manager_;
|
| const Identity identity_;
|
| + const CapabilityFilter filter_;
|
| + const bool allow_any_application_;
|
| base::Closure on_application_end_;
|
| ApplicationPtr application_;
|
| Binding<Shell> binding_;
|
|
|
Chromium Code Reviews
Issue 1244233002:
Allow trusted brokers to restrict connections for spawned applications to whitelisted applications … (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master