Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(108)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webkit/fileapi/sandbox_mount_point_provider_unittest.cc

Issue 15442002: Move FileAPI sandboxed filesystem related code from webkit/fileapi to webkit/browser/fileapi (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebased Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « webkit/fileapi/sandbox_mount_point_provider.cc ('k') | webkit/fileapi/sandbox_origin_database.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "webkit/fileapi/sandbox_mount_point_provider.h"
6
7 #include <set>
8
9 #include "base/basictypes.h"
10 #include "base/file_util.h"
11 #include "base/files/scoped_temp_dir.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/message_loop.h"
14 #include "base/message_loop_proxy.h"
15 #include "googleurl/src/gurl.h"
16 #include "testing/gtest/include/gtest/gtest.h"
17 #include "webkit/browser/fileapi/file_system_mount_point_provider.h"
18 #include "webkit/fileapi/file_system_url.h"
19 #include "webkit/fileapi/file_system_util.h"
20 #include "webkit/fileapi/mock_file_system_options.h"
21
22 namespace fileapi {
23
24 namespace {
25
26 FileSystemURL CreateFileSystemURL(const char* path) {
27 const GURL kOrigin("http://foo/");
28 return FileSystemURL::CreateForTest(
29 kOrigin, kFileSystemTypeTemporary, base::FilePath::FromUTF8Unsafe(path));
30 }
31
32 } // namespace
33
34 class SandboxMountPointProviderOriginEnumeratorTest : public testing::Test {
35 public:
36 virtual void SetUp() {
37 ASSERT_TRUE(data_dir_.CreateUniqueTempDir());
38 sandbox_provider_.reset(
39 new SandboxMountPointProvider(
40 NULL,
41 base::MessageLoopProxy::current(),
42 data_dir_.path(),
43 CreateAllowFileAccessOptions(),
44 NULL));
45 }
46
47 SandboxMountPointProvider::OriginEnumerator* CreateEnumerator() const {
48 return sandbox_provider_->CreateOriginEnumerator();
49 }
50
51 protected:
52 void CreateOriginTypeDirectory(const GURL& origin,
53 fileapi::FileSystemType type) {
54 base::FilePath target = sandbox_provider_->
55 GetBaseDirectoryForOriginAndType(origin, type, true);
56 ASSERT_TRUE(!target.empty());
57 ASSERT_TRUE(file_util::DirectoryExists(target));
58 }
59
60 base::ScopedTempDir data_dir_;
61 base::MessageLoop message_loop_;
62 scoped_ptr<SandboxMountPointProvider> sandbox_provider_;
63 };
64
65 TEST_F(SandboxMountPointProviderOriginEnumeratorTest, Empty) {
66 scoped_ptr<SandboxMountPointProvider::OriginEnumerator> enumerator(
67 CreateEnumerator());
68 ASSERT_TRUE(enumerator->Next().is_empty());
69 }
70
71 TEST_F(SandboxMountPointProviderOriginEnumeratorTest, EnumerateOrigins) {
72 const char* temporary_origins[] = {
73 "http://www.bar.com/",
74 "http://www.foo.com/",
75 "http://www.foo.com:1/",
76 "http://www.example.com:8080/",
77 "http://www.google.com:80/",
78 };
79 const char* persistent_origins[] = {
80 "http://www.bar.com/",
81 "http://www.foo.com:8080/",
82 "http://www.foo.com:80/",
83 };
84 size_t temporary_size = ARRAYSIZE_UNSAFE(temporary_origins);
85 size_t persistent_size = ARRAYSIZE_UNSAFE(persistent_origins);
86 std::set<GURL> temporary_set, persistent_set;
87 for (size_t i = 0; i < temporary_size; ++i) {
88 CreateOriginTypeDirectory(GURL(temporary_origins[i]),
89 fileapi::kFileSystemTypeTemporary);
90 temporary_set.insert(GURL(temporary_origins[i]));
91 }
92 for (size_t i = 0; i < persistent_size; ++i) {
93 CreateOriginTypeDirectory(GURL(persistent_origins[i]),
94 kFileSystemTypePersistent);
95 persistent_set.insert(GURL(persistent_origins[i]));
96 }
97
98 scoped_ptr<SandboxMountPointProvider::OriginEnumerator> enumerator(
99 CreateEnumerator());
100 size_t temporary_actual_size = 0;
101 size_t persistent_actual_size = 0;
102 GURL current;
103 while (!(current = enumerator->Next()).is_empty()) {
104 SCOPED_TRACE(testing::Message() << "EnumerateOrigin " << current.spec());
105 if (enumerator->HasFileSystemType(kFileSystemTypeTemporary)) {
106 ASSERT_TRUE(temporary_set.find(current) != temporary_set.end());
107 ++temporary_actual_size;
108 }
109 if (enumerator->HasFileSystemType(kFileSystemTypePersistent)) {
110 ASSERT_TRUE(persistent_set.find(current) != persistent_set.end());
111 ++persistent_actual_size;
112 }
113 }
114
115 EXPECT_EQ(temporary_size, temporary_actual_size);
116 EXPECT_EQ(persistent_size, persistent_actual_size);
117 }
118
119 TEST(SandboxMountPointProviderTest, AccessPermissions) {
120 base::MessageLoop message_loop_;
121 SandboxMountPointProvider provider(
122 NULL, base::MessageLoopProxy::current(), base::FilePath(),
123 CreateAllowFileAccessOptions(), NULL);
124
125 // Any access should be allowed in sandbox directory.
126 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
127 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),
128 kReadFilePermissions));
129 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
130 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),
131 kWriteFilePermissions));
132 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
133 provider.GetPermissionPolicy(CreateFileSystemURL("foo"),
134 kCreateFilePermissions));
135
136 // Access to a path with parent references ('..') should be disallowed.
137 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
138 provider.GetPermissionPolicy(CreateFileSystemURL("a/../b"),
139 kReadFilePermissions));
140
141 // Access from non-allowed scheme should be disallowed.
142 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
143 provider.GetPermissionPolicy(
144 FileSystemURL::CreateForTest(
145 GURL("unknown://bar"), kFileSystemTypeTemporary,
146 base::FilePath::FromUTF8Unsafe("foo")),
147 kReadFilePermissions));
148
149 // Access for non-sandbox type should be disallowed.
150 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
151 provider.GetPermissionPolicy(
152 FileSystemURL::CreateForTest(
153 GURL("http://foo/"), kFileSystemTypeTest,
154 base::FilePath::FromUTF8Unsafe("foo")),
155 kReadFilePermissions));
156
157 // Write access to the root folder should be restricted.
158 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
159 provider.GetPermissionPolicy(CreateFileSystemURL(""),
160 kWriteFilePermissions));
161 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
162 provider.GetPermissionPolicy(CreateFileSystemURL("/"),
163 kWriteFilePermissions));
164 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
165 provider.GetPermissionPolicy(CreateFileSystemURL("/"),
166 kCreateFilePermissions));
167
168 // Create access with restricted name should be disallowed.
169 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
170 provider.GetPermissionPolicy(CreateFileSystemURL(".."),
171 kCreateFilePermissions));
172 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
173 provider.GetPermissionPolicy(CreateFileSystemURL("."),
174 kCreateFilePermissions));
175
176 // Similar but safe cases.
177 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
178 provider.GetPermissionPolicy(CreateFileSystemURL(" ."),
179 kCreateFilePermissions));
180 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
181 provider.GetPermissionPolicy(CreateFileSystemURL(". "),
182 kCreateFilePermissions));
183 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
184 provider.GetPermissionPolicy(CreateFileSystemURL(" .."),
185 kCreateFilePermissions));
186 EXPECT_EQ(FILE_PERMISSION_ALWAYS_DENY,
187 provider.GetPermissionPolicy(CreateFileSystemURL(".. "),
188 kCreateFilePermissions));
189 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
190 provider.GetPermissionPolicy(CreateFileSystemURL("b."),
191 kCreateFilePermissions));
192 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
193 provider.GetPermissionPolicy(CreateFileSystemURL(".b"),
194 kCreateFilePermissions));
195
196 // A path that looks like a drive letter.
197 EXPECT_EQ(FILE_PERMISSION_ALWAYS_ALLOW,
198 provider.GetPermissionPolicy(CreateFileSystemURL("c:"),
199 kCreateFilePermissions));
200 }
201
202 } // namespace fileapi
OLDNEW
« no previous file with comments | « webkit/fileapi/sandbox_mount_point_provider.cc ('k') | webkit/fileapi/sandbox_origin_database.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698