Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/permissions/permission_context_base.h" | 5 #include "chrome/browser/permissions/permission_context_base.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 9 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 10 #include "chrome/browser/permissions/permission_bubble_request_impl.h" | 10 #include "chrome/browser/permissions/permission_bubble_request_impl.h" |
| 11 #include "chrome/browser/permissions/permission_context_uma_util.h" | 11 #include "chrome/browser/permissions/permission_context_uma_util.h" |
| 12 #include "chrome/browser/permissions/permission_queue_controller.h" | 12 #include "chrome/browser/permissions/permission_queue_controller.h" |
| 13 #include "chrome/browser/permissions/permission_request_id.h" | 13 #include "chrome/browser/permissions/permission_request_id.h" |
| 14 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
| 15 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" | 15 #include "chrome/browser/ui/website_settings/permission_bubble_manager.h" |
| 16 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 17 #include "components/content_settings/core/browser/host_content_settings_map.h" | 17 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 18 #include "components/content_settings/core/browser/website_settings_registry.h" | 18 #include "components/content_settings/core/browser/website_settings_registry.h" |
| 19 #include "components/variations/variations_associated_data.h" | |
| 19 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 20 #include "content/public/browser/web_contents.h" | 21 #include "content/public/browser/web_contents.h" |
| 21 #include "content/public/common/origin_util.h" | 22 #include "content/public/common/origin_util.h" |
| 22 | 23 |
| 24 // static | |
| 25 const char PermissionContextBase::kApiKillSwitchFieldStudy[] = "ApiKillSwitch"; | |
|
mlamouri (slow - plz ping)
2015/10/20 13:35:45
I would prefer if the name of the switch was more
kcarattini
2015/10/21 03:39:37
I switched to "Permission" from "Api" since that's
| |
| 26 // static | |
| 27 const char PermissionContextBase::kApiKillSwitchFieldParamBlockedValue[] = | |
| 28 "blocked"; | |
|
mlamouri (slow - plz ping)
2015/10/20 13:35:45
I think we should just try to match the string "en
kcarattini
2015/10/21 03:39:37
I actually moved from "enabled" to "blocked" becau
| |
| 29 | |
| 23 PermissionContextBase::PermissionContextBase( | 30 PermissionContextBase::PermissionContextBase( |
| 24 Profile* profile, | 31 Profile* profile, |
| 25 const ContentSettingsType permission_type) | 32 const ContentSettingsType permission_type) |
| 26 : profile_(profile), | 33 : profile_(profile), |
| 27 permission_type_(permission_type), | 34 permission_type_(permission_type), |
| 28 weak_factory_(this) { | 35 weak_factory_(this) { |
| 29 permission_queue_controller_.reset( | 36 permission_queue_controller_.reset( |
| 30 new PermissionQueueController(profile_, permission_type_)); | 37 new PermissionQueueController(profile_, permission_type_)); |
| 31 } | 38 } |
| 32 | 39 |
| 33 PermissionContextBase::~PermissionContextBase() { | 40 PermissionContextBase::~PermissionContextBase() { |
| 34 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 41 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 35 } | 42 } |
| 36 | 43 |
| 37 void PermissionContextBase::RequestPermission( | 44 void PermissionContextBase::RequestPermission( |
| 38 content::WebContents* web_contents, | 45 content::WebContents* web_contents, |
| 39 const PermissionRequestID& id, | 46 const PermissionRequestID& id, |
| 40 const GURL& requesting_frame, | 47 const GURL& requesting_frame, |
| 41 bool user_gesture, | 48 bool user_gesture, |
| 42 const BrowserPermissionCallback& callback) { | 49 const BrowserPermissionCallback& callback) { |
| 43 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 50 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
| 44 | 51 |
| 52 // First check if this API has been disabled through Finch. | |
| 53 if (IsApiKillSwitchOn()) { | |
|
mlamouri (slow - plz ping)
2015/10/20 13:35:45
In order to make sure this is always called, I thi
Bernhard Bauer
2015/10/20 14:27:17
I don't think that works, as this method is overri
mlamouri (slow - plz ping)
2015/10/20 14:32:28
The logic in GeolocationPermissionContext::Request
kcarattini
2015/10/21 03:39:37
GeolocationPermissionContext calls the base class
kcarattini
2015/10/21 03:39:37
I'm happy to do that in a followup cl, and then I
| |
| 54 // The kill switch is enabled for this API; Block all requests. | |
| 55 NotifyPermissionSet(id, requesting_frame.GetOrigin(), | |
| 56 web_contents->GetLastCommittedURL().GetOrigin(), callback, | |
| 57 false /* persist */, CONTENT_SETTING_BLOCK); | |
| 58 return; | |
| 59 } | |
| 60 | |
| 45 DecidePermission(web_contents, | 61 DecidePermission(web_contents, |
| 46 id, | 62 id, |
| 47 requesting_frame.GetOrigin(), | 63 requesting_frame.GetOrigin(), |
| 48 web_contents->GetLastCommittedURL().GetOrigin(), | 64 web_contents->GetLastCommittedURL().GetOrigin(), |
| 49 user_gesture, | 65 user_gesture, |
| 50 callback); | 66 callback); |
| 51 } | 67 } |
| 52 | 68 |
| 53 ContentSetting PermissionContextBase::GetPermissionStatus( | 69 ContentSetting PermissionContextBase::GetPermissionStatus( |
| 54 const GURL& requesting_origin, | 70 const GURL& requesting_origin, |
| 55 const GURL& embedding_origin) const { | 71 const GURL& embedding_origin) const { |
| 72 | |
| 73 // If the API has been disabled through Finch, block all requests. | |
| 74 if (IsApiKillSwitchOn()) | |
| 75 return CONTENT_SETTING_BLOCK; | |
| 76 | |
| 56 if (IsRestrictedToSecureOrigins() && | 77 if (IsRestrictedToSecureOrigins() && |
| 57 !content::IsOriginSecure(requesting_origin)) { | 78 !content::IsOriginSecure(requesting_origin)) { |
| 58 return CONTENT_SETTING_BLOCK; | 79 return CONTENT_SETTING_BLOCK; |
| 59 } | 80 } |
| 60 | 81 |
| 61 return HostContentSettingsMapFactory::GetForProfile(profile_) | 82 return HostContentSettingsMapFactory::GetForProfile(profile_) |
| 62 ->GetContentSetting(requesting_origin, | 83 ->GetContentSetting(requesting_origin, |
| 63 embedding_origin, | 84 embedding_origin, |
| 64 permission_type_, | 85 permission_type_, |
| 65 std::string()); | 86 std::string()); |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 121 !content::IsOriginSecure(requesting_origin)) { | 142 !content::IsOriginSecure(requesting_origin)) { |
| 122 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 143 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 123 false /* persist */, CONTENT_SETTING_BLOCK); | 144 false /* persist */, CONTENT_SETTING_BLOCK); |
| 124 return; | 145 return; |
| 125 } | 146 } |
| 126 | 147 |
| 127 ContentSetting content_setting = | 148 ContentSetting content_setting = |
| 128 HostContentSettingsMapFactory::GetForProfile(profile_) | 149 HostContentSettingsMapFactory::GetForProfile(profile_) |
| 129 ->GetContentSettingAndMaybeUpdateLastUsage( | 150 ->GetContentSettingAndMaybeUpdateLastUsage( |
| 130 requesting_origin, embedding_origin, permission_type_, | 151 requesting_origin, embedding_origin, permission_type_, |
| 131 std::string()); | 152 std::string()); |
|
mlamouri (slow - plz ping)
2015/10/20 13:35:45
I think you can refactor the two blocks above by c
kcarattini
2015/10/21 03:39:37
Happy to do all the refactoring in a followup cl.
| |
| 132 | 153 |
| 133 if (content_setting == CONTENT_SETTING_ALLOW || | 154 if (content_setting == CONTENT_SETTING_ALLOW || |
| 134 content_setting == CONTENT_SETTING_BLOCK) { | 155 content_setting == CONTENT_SETTING_BLOCK) { |
| 135 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, | 156 NotifyPermissionSet(id, requesting_origin, embedding_origin, callback, |
| 136 false /* persist */, content_setting); | 157 false /* persist */, content_setting); |
| 137 return; | 158 return; |
| 138 } | 159 } |
| 139 | 160 |
| 140 PermissionContextUmaUtil::PermissionRequested( | 161 PermissionContextUmaUtil::PermissionRequested( |
| 141 permission_type_, requesting_origin, embedding_origin, profile_); | 162 permission_type_, requesting_origin, embedding_origin, profile_); |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 249 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); | 270 DCHECK_EQ(requesting_origin, requesting_origin.GetOrigin()); |
| 250 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); | 271 DCHECK_EQ(embedding_origin, embedding_origin.GetOrigin()); |
| 251 DCHECK(content_setting == CONTENT_SETTING_ALLOW || | 272 DCHECK(content_setting == CONTENT_SETTING_ALLOW || |
| 252 content_setting == CONTENT_SETTING_BLOCK); | 273 content_setting == CONTENT_SETTING_BLOCK); |
| 253 | 274 |
| 254 HostContentSettingsMapFactory::GetForProfile(profile_)->SetContentSetting( | 275 HostContentSettingsMapFactory::GetForProfile(profile_)->SetContentSetting( |
| 255 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), | 276 ContentSettingsPattern::FromURLNoWildcard(requesting_origin), |
| 256 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), | 277 ContentSettingsPattern::FromURLNoWildcard(embedding_origin), |
| 257 permission_type_, std::string(), content_setting); | 278 permission_type_, std::string(), content_setting); |
| 258 } | 279 } |
| 280 | |
| 281 bool PermissionContextBase::IsApiKillSwitchOn() const { | |
|
mlamouri (slow - plz ping)
2015/10/20 13:35:45
nit: maybe rename: ShouldAutoDeny()?
kcarattini
2015/10/21 03:39:37
Changed from Api to Permission.
| |
| 282 const std::string param = | |
| 283 variations::GetVariationParamValue(kApiKillSwitchFieldStudy, | |
| 284 PermissionContextUmaUtil::GetPermissionString(permission_type_)); | |
| 285 | |
| 286 return param == kApiKillSwitchFieldParamBlockedValue; | |
| 287 } | |
| OLD | NEW |