OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/media/media_stream_devices_controller.h" | 5 #include "chrome/browser/media/media_stream_devices_controller.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
9 #include "base/values.h" | 9 #include "base/values.h" |
10 #include "chrome/browser/content_settings/content_settings_provider.h" | 10 #include "chrome/browser/content_settings/content_settings_provider.h" |
11 #include "chrome/browser/content_settings/host_content_settings_map.h" | 11 #include "chrome/browser/content_settings/host_content_settings_map.h" |
12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | 12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" |
13 #include "chrome/browser/media/media_capture_devices_dispatcher.h" | 13 #include "chrome/browser/media/media_capture_devices_dispatcher.h" |
14 #include "chrome/browser/media/media_stream_capture_indicator.h" | 14 #include "chrome/browser/media/media_stream_capture_indicator.h" |
15 #include "chrome/browser/prefs/scoped_user_pref_update.h" | 15 #include "chrome/browser/prefs/scoped_user_pref_update.h" |
16 #include "chrome/browser/profiles/profile.h" | 16 #include "chrome/browser/profiles/profile.h" |
17 #include "chrome/browser/ui/browser.h" | 17 #include "chrome/browser/ui/browser.h" |
18 #include "chrome/common/chrome_switches.h" | 18 #include "chrome/common/chrome_switches.h" |
19 #include "chrome/common/content_settings.h" | 19 #include "chrome/common/content_settings.h" |
20 #include "chrome/common/content_settings_pattern.h" | |
20 #include "chrome/common/pref_names.h" | 21 #include "chrome/common/pref_names.h" |
21 #include "components/user_prefs/pref_registry_syncable.h" | 22 #include "components/user_prefs/pref_registry_syncable.h" |
22 #include "content/public/browser/browser_thread.h" | 23 #include "content/public/browser/browser_thread.h" |
23 #include "content/public/common/media_stream_request.h" | 24 #include "content/public/common/media_stream_request.h" |
24 | 25 |
26 #if defined(OS_CHROMEOS) | |
27 #include "chrome/browser/chromeos/login/user_manager.h" | |
28 #endif | |
29 | |
25 using content::BrowserThread; | 30 using content::BrowserThread; |
26 | 31 |
27 namespace { | 32 namespace { |
28 | 33 |
29 bool HasAnyAvailableDevice() { | 34 bool HasAnyAvailableDevice() { |
30 const content::MediaStreamDevices& audio_devices = | 35 const content::MediaStreamDevices& audio_devices = |
31 MediaCaptureDevicesDispatcher::GetInstance()->GetAudioCaptureDevices(); | 36 MediaCaptureDevicesDispatcher::GetInstance()->GetAudioCaptureDevices(); |
32 const content::MediaStreamDevices& video_devices = | 37 const content::MediaStreamDevices& video_devices = |
33 MediaCaptureDevicesDispatcher::GetInstance()->GetVideoCaptureDevices(); | 38 MediaCaptureDevicesDispatcher::GetInstance()->GetVideoCaptureDevices(); |
34 | 39 |
35 return !audio_devices.empty() || !video_devices.empty(); | 40 return !audio_devices.empty() || !video_devices.empty(); |
36 }; | 41 } |
42 | |
43 bool IsInKioskMode() { | |
44 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kKioskMode)) | |
45 return true; | |
46 | |
47 #if defined(OS_CHROMEOS) | |
48 const chromeos::UserManager* user_manager = chromeos::UserManager::Get(); | |
49 if (user_manager && user_manager->IsLoggedInAsKioskApp()) | |
50 return true; | |
markusheintz_
2013/05/28 08:06:31
Nit. Absolutely optional to fix:
#if defined(OS_C
tommi (sloooow) - chröme
2013/05/28 10:19:43
Done.
| |
51 #endif | |
52 | |
53 return false; | |
54 } | |
37 | 55 |
38 } // namespace | 56 } // namespace |
39 | 57 |
40 MediaStreamDevicesController::MediaStreamDevicesController( | 58 MediaStreamDevicesController::MediaStreamDevicesController( |
41 content::WebContents* web_contents, | 59 content::WebContents* web_contents, |
42 const content::MediaStreamRequest& request, | 60 const content::MediaStreamRequest& request, |
43 const content::MediaResponseCallback& callback) | 61 const content::MediaResponseCallback& callback) |
44 : web_contents_(web_contents), | 62 : web_contents_(web_contents), |
45 request_(request), | 63 request_(request), |
46 callback_(callback), | 64 callback_(callback), |
47 microphone_requested_( | 65 microphone_requested_( |
48 request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE), | 66 request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE), |
49 webcam_requested_( | 67 webcam_requested_( |
50 request.video_type == content::MEDIA_DEVICE_VIDEO_CAPTURE) { | 68 request.video_type == content::MEDIA_DEVICE_VIDEO_CAPTURE) { |
51 profile_ = Profile::FromBrowserContext(web_contents->GetBrowserContext()); | 69 profile_ = Profile::FromBrowserContext(web_contents->GetBrowserContext()); |
52 content_settings_ = TabSpecificContentSettings::FromWebContents(web_contents); | 70 content_settings_ = TabSpecificContentSettings::FromWebContents(web_contents); |
53 | 71 |
54 // Don't call GetDevicePolicy from the initializer list since the | 72 // Don't call GetDevicePolicy from the initializer list since the |
55 // implementation depends on member variables. | 73 // implementation depends on member variables. |
56 if (microphone_requested_ && | 74 if (microphone_requested_ && |
57 GetDevicePolicy(prefs::kAudioCaptureAllowed) == ALWAYS_DENY) { | 75 GetDevicePolicy(prefs::kAudioCaptureAllowed, |
76 prefs::kAudioCaptureAllowedUrls) == ALWAYS_DENY) { | |
58 microphone_requested_ = false; | 77 microphone_requested_ = false; |
59 } | 78 } |
60 | 79 |
61 if (webcam_requested_ && | 80 if (webcam_requested_ && |
62 GetDevicePolicy(prefs::kVideoCaptureAllowed) == ALWAYS_DENY) { | 81 GetDevicePolicy(prefs::kVideoCaptureAllowed, |
82 prefs::kVideoCaptureAllowedUrls) == ALWAYS_DENY) { | |
63 webcam_requested_ = false; | 83 webcam_requested_ = false; |
64 } | 84 } |
65 } | 85 } |
66 | 86 |
67 MediaStreamDevicesController::~MediaStreamDevicesController() {} | 87 MediaStreamDevicesController::~MediaStreamDevicesController() {} |
68 | 88 |
69 // static | 89 // static |
70 void MediaStreamDevicesController::RegisterUserPrefs( | 90 void MediaStreamDevicesController::RegisterUserPrefs( |
71 user_prefs::PrefRegistrySyncable* prefs) { | 91 user_prefs::PrefRegistrySyncable* prefs) { |
72 prefs->RegisterBooleanPref(prefs::kVideoCaptureAllowed, | 92 prefs->RegisterBooleanPref(prefs::kVideoCaptureAllowed, |
73 true, | 93 true, |
74 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | 94 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
75 prefs->RegisterBooleanPref(prefs::kAudioCaptureAllowed, | 95 prefs->RegisterBooleanPref(prefs::kAudioCaptureAllowed, |
76 true, | 96 true, |
77 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | 97 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); |
98 prefs->RegisterListPref(prefs::kVideoCaptureAllowedUrls, | |
99 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | |
100 prefs->RegisterListPref(prefs::kAudioCaptureAllowedUrls, | |
101 user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF); | |
78 } | 102 } |
79 | 103 |
80 | 104 |
81 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { | 105 bool MediaStreamDevicesController::DismissInfoBarAndTakeActionOnSettings() { |
82 // If this is a no UI check for policies only go straight to accept - policy | 106 // If this is a no UI check for policies only go straight to accept - policy |
83 // check will be done automatically on the way. | 107 // check will be done automatically on the way. |
84 if (request_.request_type == content::MEDIA_OPEN_DEVICE) { | 108 if (request_.request_type == content::MEDIA_OPEN_DEVICE) { |
85 Accept(false); | 109 Accept(false); |
86 return true; | 110 return true; |
87 } | 111 } |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
185 } | 209 } |
186 | 210 |
187 if (update_content_setting) | 211 if (update_content_setting) |
188 SetPermission(false); | 212 SetPermission(false); |
189 | 213 |
190 callback_.Run(content::MediaStreamDevices(), | 214 callback_.Run(content::MediaStreamDevices(), |
191 scoped_ptr<content::MediaStreamUI>()); | 215 scoped_ptr<content::MediaStreamUI>()); |
192 } | 216 } |
193 | 217 |
194 MediaStreamDevicesController::DevicePolicy | 218 MediaStreamDevicesController::DevicePolicy |
195 MediaStreamDevicesController::GetDevicePolicy(const char* policy_name) const { | 219 MediaStreamDevicesController::GetDevicePolicy( |
220 const char* policy_name, | |
221 const char* whitelist_policy_name) const { | |
196 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 222 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
197 | 223 |
224 // TODO(tommi): Remove the kiosk mode check when the whitelist below | |
225 // is visible in the media exceptions UI. | |
226 // See discussion here: https://codereview.chromium.org/15738004/ | |
227 bool kiosk_mode = IsInKioskMode(); | |
markusheintz_
2013/05/28 08:06:31
Nit. Optional to fix:
Inline this bool. And move
tommi (sloooow) - chröme
2013/05/28 10:19:43
Done.
| |
228 | |
229 // If the security origin policy matches a value in the whitelist, allow it. | |
230 // Otherwise, check the |policy_name| master switch for the default behavior. | |
231 | |
198 PrefService* prefs = profile_->GetPrefs(); | 232 PrefService* prefs = profile_->GetPrefs(); |
199 if (!prefs->IsManagedPreference(policy_name)) | 233 if (kiosk_mode && prefs->IsManagedPreference(whitelist_policy_name)) { |
Joao da Silva
2013/05/28 07:54:23
IIUC the whitelist only works in kiosk mode, and t
Mattias Nissler (ping if slow)
2013/05/28 08:11:39
nit: You probably want to drop the IsManagedPrefer
markusheintz_
2013/05/28 08:11:51
What's the recommended way of doing this in policy
markusheintz_
2013/05/28 08:15:27
@Mattias: why can't this test stay for now? Once w
Mattias Nissler (ping if slow)
2013/05/28 08:21:03
So how would that hurt? We don't have UI for setti
tommi (sloooow) - chröme
2013/05/28 10:19:43
I added this note to the description in policy_tem
| |
200 return POLICY_NOT_SET; | 234 const base::ListValue* list = prefs->GetList(whitelist_policy_name); |
235 std::string value; | |
236 for (size_t i = 0; i < list->GetSize(); ++i) { | |
237 if (list->GetString(i, &value)) { | |
238 ContentSettingsPattern pattern = | |
239 ContentSettingsPattern::FromString(value); | |
240 if (pattern == ContentSettingsPattern::Wildcard()) { | |
241 DLOG(WARNING) << "Ignoring wildcard URL pattern: " << value; | |
242 continue; | |
243 } | |
244 DLOG_IF(ERROR, !pattern.IsValid()) << "Invalid URL pattern: " << value; | |
245 if (pattern.IsValid() && pattern.Matches(request_.security_origin)) | |
246 return ALWAYS_ALLOW; | |
247 } | |
248 } | |
249 } | |
201 | 250 |
202 return prefs->GetBoolean(policy_name) ? ALWAYS_ALLOW : ALWAYS_DENY; | 251 // If a match was not found, check if audio capture is otherwise disallowed |
252 // or if the user should be prompted. Setting the policy value to "true" | |
253 // is equal to not setting it at all, so from hereon out, we will return | |
254 // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access). | |
255 if (prefs->IsManagedPreference(policy_name) && | |
Mattias Nissler (ping if slow)
2013/05/28 08:11:39
same here.
tommi (sloooow) - chröme
2013/05/28 10:19:43
Done.
| |
256 !prefs->GetBoolean(policy_name)) { | |
257 return ALWAYS_DENY; | |
258 } | |
259 | |
260 return POLICY_NOT_SET; | |
203 } | 261 } |
204 | 262 |
205 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { | 263 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const { |
206 // The request from internal objects like chrome://URLs is always allowed. | 264 // The request from internal objects like chrome://URLs is always allowed. |
207 if (ShouldAlwaysAllowOrigin()) | 265 if (ShouldAlwaysAllowOrigin()) |
208 return true; | 266 return true; |
209 | 267 |
210 struct { | 268 struct { |
211 bool has_capability; | 269 bool has_capability; |
212 const char* policy_name; | 270 const char* policy_name; |
271 const char* list_policy_name; | |
213 ContentSettingsType settings_type; | 272 ContentSettingsType settings_type; |
214 } device_checks[] = { | 273 } device_checks[] = { |
215 { microphone_requested_, prefs::kAudioCaptureAllowed, | 274 { microphone_requested_, prefs::kAudioCaptureAllowed, |
216 CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC }, | 275 prefs::kAudioCaptureAllowedUrls, CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC }, |
217 { webcam_requested_, prefs::kVideoCaptureAllowed, | 276 { webcam_requested_, prefs::kVideoCaptureAllowed, |
277 prefs::kVideoCaptureAllowedUrls, | |
218 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA }, | 278 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA }, |
219 }; | 279 }; |
220 | 280 |
221 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(device_checks); ++i) { | 281 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(device_checks); ++i) { |
222 if (!device_checks[i].has_capability) | 282 if (!device_checks[i].has_capability) |
223 continue; | 283 continue; |
224 | 284 |
225 DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name); | 285 DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name, |
286 device_checks[i].list_policy_name); | |
226 if (policy == ALWAYS_DENY || | 287 if (policy == ALWAYS_DENY || |
227 (policy == POLICY_NOT_SET && | 288 (policy == POLICY_NOT_SET && |
228 profile_->GetHostContentSettingsMap()->GetContentSetting( | 289 profile_->GetHostContentSettingsMap()->GetContentSetting( |
229 request_.security_origin, request_.security_origin, | 290 request_.security_origin, request_.security_origin, |
230 device_checks[i].settings_type, NO_RESOURCE_IDENTIFIER) != | 291 device_checks[i].settings_type, NO_RESOURCE_IDENTIFIER) != |
231 CONTENT_SETTING_ALLOW)) { | 292 CONTENT_SETTING_ALLOW)) { |
232 return false; | 293 return false; |
233 } | 294 } |
234 // If we get here, then either policy is set to ALWAYS_ALLOW or the content | 295 // If we get here, then either policy is set to ALWAYS_ALLOW or the content |
235 // settings allow the request by default. | 296 // settings allow the request by default. |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
309 } | 370 } |
310 if (webcam_requested_) { | 371 if (webcam_requested_) { |
311 profile_->GetHostContentSettingsMap()->SetContentSetting( | 372 profile_->GetHostContentSettingsMap()->SetContentSetting( |
312 primary_pattern, | 373 primary_pattern, |
313 ContentSettingsPattern::Wildcard(), | 374 ContentSettingsPattern::Wildcard(), |
314 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA, | 375 CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA, |
315 std::string(), | 376 std::string(), |
316 content_setting); | 377 content_setting); |
317 } | 378 } |
318 } | 379 } |
OLD | NEW |