OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/media/media_stream_devices_controller.h" | 5 #include "chrome/browser/media/media_stream_devices_controller.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
9 #include "base/values.h" | 9 #include "base/values.h" |
10 #include "chrome/browser/content_settings/content_settings_provider.h" | 10 #include "chrome/browser/content_settings/content_settings_provider.h" |
11 #include "chrome/browser/content_settings/host_content_settings_map.h" | 11 #include "chrome/browser/content_settings/host_content_settings_map.h" |
12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | 12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" |
13 #include "chrome/browser/media/media_capture_devices_dispatcher.h" | 13 #include "chrome/browser/media/media_capture_devices_dispatcher.h" |
14 #include "chrome/browser/media/media_stream_capture_indicator.h" | 14 #include "chrome/browser/media/media_stream_capture_indicator.h" |
15 #include "chrome/browser/prefs/scoped_user_pref_update.h" | 15 #include "chrome/browser/prefs/scoped_user_pref_update.h" |
16 #include "chrome/browser/profiles/profile.h" | 16 #include "chrome/browser/profiles/profile.h" |
17 #include "chrome/browser/ui/browser.h" | 17 #include "chrome/browser/ui/browser.h" |
18 #include "chrome/common/chrome_switches.h" | 18 #include "chrome/common/chrome_switches.h" |
19 #include "chrome/common/content_settings.h" | 19 #include "chrome/common/content_settings.h" |
| 20 #include "chrome/common/content_settings_pattern.h" |
20 #include "chrome/common/pref_names.h" | 21 #include "chrome/common/pref_names.h" |
21 #include "components/user_prefs/pref_registry_syncable.h" | 22 #include "components/user_prefs/pref_registry_syncable.h" |
22 #include "content/public/browser/browser_thread.h" | 23 #include "content/public/browser/browser_thread.h" |
23 #include "content/public/common/media_stream_request.h" | 24 #include "content/public/common/media_stream_request.h" |
24 | 25 |
| 26 #if defined(OS_CHROMEOS) |
| 27 #include "chrome/browser/chromeos/login/user_manager.h" |
| 28 #endif |
| 29 |
25 using content::BrowserThread; | 30 using content::BrowserThread; |
26 | 31 |
27 namespace { | 32 namespace { |
28 | 33 |
29 bool HasAnyAvailableDevice() { | 34 bool HasAnyAvailableDevice() { |
30 const content::MediaStreamDevices& audio_devices = | 35 const content::MediaStreamDevices& audio_devices = |
31 MediaCaptureDevicesDispatcher::GetInstance()->GetAudioCaptureDevices(); | 36 MediaCaptureDevicesDispatcher::GetInstance()->GetAudioCaptureDevices(); |
32 const content::MediaStreamDevices& video_devices = | 37 const content::MediaStreamDevices& video_devices = |
33 MediaCaptureDevicesDispatcher::GetInstance()->GetVideoCaptureDevices(); | 38 MediaCaptureDevicesDispatcher::GetInstance()->GetVideoCaptureDevices(); |
34 | 39 |
35 return !audio_devices.empty() || !video_devices.empty(); | 40 return !audio_devices.empty() || !video_devices.empty(); |
36 }; | 41 } |
| 42 |
| 43 bool IsInKioskMode() { |
| 44 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kKioskMode)) |
| 45 return true; |
| 46 |
| 47 #if defined(OS_CHROMEOS) |
| 48 const chromeos::UserManager* user_manager = chromeos::UserManager::Get(); |
| 49 return user_manager && user_manager->IsLoggedInAsKioskApp(); |
| 50 #else |
| 51 return false; |
| 52 #endif |
| 53 } |
37 | 54 |
38 } // namespace | 55 } // namespace |
39 | 56 |
40 MediaStreamDevicesController::MediaStreamDevicesController( | 57 MediaStreamDevicesController::MediaStreamDevicesController( |
41 content::WebContents* web_contents, | 58 content::WebContents* web_contents, |
42 const content::MediaStreamRequest& request, | 59 const content::MediaStreamRequest& request, |
43 const content::MediaResponseCallback& callback) | 60 const content::MediaResponseCallback& callback) |
44 : web_contents_(web_contents), | 61 : web_contents_(web_contents), |
45 request_(request), | 62 request_(request), |
46 callback_(callback), | 63 callback_(callback), |
47 microphone_requested_( | 64 microphone_requested_( |
48 request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE), | 65 request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE), |
49 webcam_requested_( | 66 webcam_requested_( |
50 request.video_type == content::MEDIA_DEVICE_VIDEO_CAPTURE) { | 67 request.video_type == content::MEDIA_DEVICE_VIDEO_CAPTURE) { |
51 profile_ = Profile::FromBrowserContext(web_contents->GetBrowserContext()); | 68 profile_ = Profile::FromBrowserContext(web_contents->GetBrowserContext()); |
52 content_settings_ = TabSpecificContentSettings::FromWebContents(web_contents); | 69 content_settings_ = TabSpecificContentSettings::FromWebContents(web_contents); |
53 | 70 |
54 // Don't call GetDevicePolicy from the initializer list since the | 71 // Don't call GetDevicePolicy from the initializer list since the |
55 // implementation depends on member variables. | 72 // implementation depends on member variables. |
56 if (microphone_requested_ && | 73 if (microphone_requested_ && |
57 GetDevicePolicy(prefs::kAudioCaptureAllowed) == ALWAYS_DENY) { | 74 GetDevicePolicy(prefs::kAudioCaptureAllowed, |
| 75 prefs::kAudioCaptureAllowedUrls) == ALWAYS_DENY) { |
58 microphone_requested_ = false; | 76 microphone_requested_ = false; |
59 } | 77 } |
60 | 78 |
61 if (webcam_requested_ && | 79 if (webcam_requested_ && |
62 GetDevicePolicy(prefs::kVideoCaptureAllowed) == ALWAYS_DENY) { | 80 GetDevicePolicy(prefs::kVideoCaptureAllowed, |
| 81 prefs::kVideoCaptureAllowedUrls) == ALWAYS_DENY) { |
63 webcam_requested_ = false; | 82 webcam_requested_ = false; |
64 } | 83 } |
65 } | 84 } |
66 | 85 |
67 MediaStreamDevicesController::~MediaStreamDevicesController() {} | 86 MediaStreamDevicesController::~MediaStreamDevicesController() {} |
68 | 87 |
69 // static | 88 // static |
70 void MediaStreamDevicesController::RegisterUserPrefs( | 89 void MediaStreamDevicesController::RegisterUserPrefs( |
71 user_prefs::PrefRegistrySyncable* prefs) { | 90 user_prefs::PrefRegistrySyncable* prefs) { |
72 prefs->RegisterBooleanPref(prefs::kVideoCaptureAllowed, | 91 prefs->RegisterBooleanPref(prefs::kVideoCaptureAllowed, |
73 true, | 92 true, |
74 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | 93 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
75 prefs->RegisterBooleanPref(prefs::kAudioCaptureAllowed, | 94 prefs->RegisterBooleanPref(prefs::kAudioCaptureAllowed, |
76 true, | 95 true, |
77 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | 96 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 97 prefs->RegisterListPref(prefs::kVideoCaptureAllowedUrls, |
| 98 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 99 prefs->RegisterListPref(prefs::kAudioCaptureAllowedUrls, |
| 100 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
78 } | 101 } |
79 | 102 |
80 | 103 |
81 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { | 104 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { |
82 // If this is a no UI check for policies only go straight to accept - policy | 105 // If this is a no UI check for policies only go straight to accept - policy |
83 // check will be done automatically on the way. | 106 // check will be done automatically on the way. |
84 if (request_.request_type == content::MEDIA_OPEN_DEVICE) { | 107 if (request_.request_type == content::MEDIA_OPEN_DEVICE) { |
85 Accept(false); | 108 Accept(false); |
86 return true; | 109 return true; |
87 } | 110 } |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
185 } | 208 } |
186 | 209 |
187 if (update_content_setting) | 210 if (update_content_setting) |
188 SetPermission(false); | 211 SetPermission(false); |
189 | 212 |
190 callback_.Run(content::MediaStreamDevices(), | 213 callback_.Run(content::MediaStreamDevices(), |
191 scoped_ptr<content::MediaStreamUI>()); | 214 scoped_ptr<content::MediaStreamUI>()); |
192 } | 215 } |
193 | 216 |
194 MediaStreamDevicesController::DevicePolicy | 217 MediaStreamDevicesController::DevicePolicy |
195 MediaStreamDevicesController::GetDevicePolicy(const char* policy_name) const { | 218 MediaStreamDevicesController::GetDevicePolicy( |
| 219 const char* policy_name, |
| 220 const char* whitelist_policy_name) const { |
196 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 221 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
197 | 222 |
| 223 // If the security origin policy matches a value in the whitelist, allow it. |
| 224 // Otherwise, check the |policy_name| master switch for the default behavior. |
| 225 |
198 PrefService* prefs = profile_->GetPrefs(); | 226 PrefService* prefs = profile_->GetPrefs(); |
199 if (!prefs->IsManagedPreference(policy_name)) | |
200 return POLICY_NOT_SET; | |
201 | 227 |
202 return prefs->GetBoolean(policy_name) ? ALWAYS_ALLOW : ALWAYS_DENY; | 228 // TODO(tommi): Remove the kiosk mode check when the whitelist below |
| 229 // is visible in the media exceptions UI. |
| 230 // See discussion here: https://codereview.chromium.org/15738004/ |
| 231 if (IsInKioskMode()) { |
| 232 const base::ListValue* list = prefs->GetList(whitelist_policy_name); |
| 233 std::string value; |
| 234 for (size_t i = 0; i < list->GetSize(); ++i) { |
| 235 if (list->GetString(i, &value)) { |
| 236 ContentSettingsPattern pattern = |
| 237 ContentSettingsPattern::FromString(value); |
| 238 if (pattern == ContentSettingsPattern::Wildcard()) { |
| 239 DLOG(WARNING) << "Ignoring wildcard URL pattern: " << value; |
| 240 continue; |
| 241 } |
| 242 DLOG_IF(ERROR, !pattern.IsValid()) << "Invalid URL pattern: " << value; |
| 243 if (pattern.IsValid() && pattern.Matches(request_.security_origin)) |
| 244 return ALWAYS_ALLOW; |
| 245 } |
| 246 } |
| 247 } |
| 248 |
| 249 // If a match was not found, check if audio capture is otherwise disallowed |
| 250 // or if the user should be prompted. Setting the policy value to "true" |
| 251 // is equal to not setting it at all, so from hereon out, we will return |
| 252 // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access). |
| 253 if (!prefs->GetBoolean(policy_name)) |
| 254 return ALWAYS_DENY; |
| 255 |
| 256 return POLICY_NOT_SET; |
203 } | 257 } |
204 | 258 |
205 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { | 259 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { |
206 // The request from internal objects like chrome://URLs is always allowed. | 260 // The request from internal objects like chrome://URLs is always allowed. |
207 if (ShouldAlwaysAllowOrigin()) | 261 if (ShouldAlwaysAllowOrigin()) |
208 return true; | 262 return true; |
209 | 263 |
210 struct { | 264 struct { |
211 bool has_capability; | 265 bool has_capability; |
212 const char* policy_name; | 266 const char* policy_name; |
| 267 const char* list_policy_name; |
213 ContentSettingsType settings_type; | 268 ContentSettingsType settings_type; |
214 } device_checks[] = { | 269 } device_checks[] = { |
215 { microphone_requested_, prefs::kAudioCaptureAllowed, | 270 { microphone_requested_, prefs::kAudioCaptureAllowed, |
216 CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC }, | 271 prefs::kAudioCaptureAllowedUrls, CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC }, |
217 { webcam_requested_, prefs::kVideoCaptureAllowed, | 272 { webcam_requested_, prefs::kVideoCaptureAllowed, |
| 273 prefs::kVideoCaptureAllowedUrls, |
218 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA }, | 274 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA }, |
219 }; | 275 }; |
220 | 276 |
221 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(device_checks); ++i) { | 277 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(device_checks); ++i) { |
222 if (!device_checks[i].has_capability) | 278 if (!device_checks[i].has_capability) |
223 continue; | 279 continue; |
224 | 280 |
225 DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name); | 281 DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name, |
| 282 device_checks[i].list_policy_name); |
226 if (policy == ALWAYS_DENY || | 283 if (policy == ALWAYS_DENY || |
227 (policy == POLICY_NOT_SET && | 284 (policy == POLICY_NOT_SET && |
228 profile_->GetHostContentSettingsMap()->GetContentSetting( | 285 profile_->GetHostContentSettingsMap()->GetContentSetting( |
229 request_.security_origin, request_.security_origin, | 286 request_.security_origin, request_.security_origin, |
230 device_checks[i].settings_type, NO_RESOURCE_IDENTIFIER) != | 287 device_checks[i].settings_type, NO_RESOURCE_IDENTIFIER) != |
231 CONTENT_SETTING_ALLOW)) { | 288 CONTENT_SETTING_ALLOW)) { |
232 return false; | 289 return false; |
233 } | 290 } |
234 // If we get here, then either policy is set to ALWAYS_ALLOW or the content | 291 // If we get here, then either policy is set to ALWAYS_ALLOW or the content |
235 // settings allow the request by default. | 292 // settings allow the request by default. |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
309 } | 366 } |
310 if (webcam_requested_) { | 367 if (webcam_requested_) { |
311 profile_->GetHostContentSettingsMap()->SetContentSetting( | 368 profile_->GetHostContentSettingsMap()->SetContentSetting( |
312 primary_pattern, | 369 primary_pattern, |
313 ContentSettingsPattern::Wildcard(), | 370 ContentSettingsPattern::Wildcard(), |
314 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA, | 371 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA, |
315 std::string(), | 372 std::string(), |
316 content_setting); | 373 content_setting); |
317 } | 374 } |
318 } | 375 } |
OLD | NEW |