Add a policy list for access to capture devices

chrome/browser/media/media_stream_devices_controller.cc

Index: chrome/browser/media/media_stream_devices_controller.cc
diff --git a/chrome/browser/media/media_stream_devices_controller.cc b/chrome/browser/media/media_stream_devices_controller.cc
index 7b8634830200f17e3583d1f004eeae2065a5a7fe..c5a13e0b2736dc5730ad4fc6aca3ad4b2384cc4d 100644
--- a/chrome/browser/media/media_stream_devices_controller.cc
+++ b/chrome/browser/media/media_stream_devices_controller.cc
@@ -17,6 +17,7 @@
 #include "chrome/browser/ui/browser.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/content_settings.h"
+#include "chrome/common/content_settings_pattern.h"
 #include "chrome/common/pref_names.h"
 #include "components/user_prefs/pref_registry_syncable.h"
 #include "content/public/browser/browser_thread.h"
@@ -54,12 +55,14 @@ MediaStreamDevicesController::MediaStreamDevicesController(
   // Don't call GetDevicePolicy from the initializer list since the
   // implementation depends on member variables.
   if (microphone_requested_ &&
-      GetDevicePolicy(prefs::kAudioCaptureAllowed) == ALWAYS_DENY) {
+      GetDevicePolicy(prefs::kAudioCaptureAllowed,
+                      prefs::kAudioCaptureAllowedUrls) == ALWAYS_DENY) {
     microphone_requested_ = false;
   }
 
   if (webcam_requested_ &&
-      GetDevicePolicy(prefs::kVideoCaptureAllowed) == ALWAYS_DENY) {
+      GetDevicePolicy(prefs::kVideoCaptureAllowed,
+                      prefs::kVideoCaptureAllowedUrls) == ALWAYS_DENY) {
     webcam_requested_ = false;
   }
 }
@@ -75,6 +78,10 @@ void MediaStreamDevicesController::RegisterUserPrefs(
   prefs->RegisterBooleanPref(prefs::kAudioCaptureAllowed,
                              true,
                              user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
+  prefs->RegisterListPref(prefs::kVideoCaptureAllowedUrls,
+                          user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
+  prefs->RegisterListPref(prefs::kAudioCaptureAllowedUrls,
+                          user_prefs::PrefRegistrySyncable::UNSYNCABLE_PREF);
 }
 
 
@@ -192,14 +199,39 @@ void MediaStreamDevicesController::Deny(bool update_content_setting) {
 }
 
 MediaStreamDevicesController::DevicePolicy
-MediaStreamDevicesController::GetDevicePolicy(const char* policy_name) const {
+MediaStreamDevicesController::GetDevicePolicy(
+    const char* policy_name,
+    const char* whitelist_policy_name) const {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
 
+  // If the security origin policy matches a value in the whitelist, allow it.
+  // Otherwise, check the |policy_name| master switch for the default behavior.
+
   PrefService* prefs = profile_->GetPrefs();
-  if (!prefs->IsManagedPreference(policy_name))
+  if (prefs->IsManagedPreference(whitelist_policy_name)) {

[markusheintz_, 2013/05/24 10:55:35]

Is there a particular reason why you don't integrate with the
HostContentSettingsMap?

This is diverging more and more, and I thing we should really start integrating
this with the content settings system instead of build yet another thingy.

[tommi (sloooow) - chröme, 2013/05/24 13:08:31]

Yes - ignorance! 8)
I looked at it and agree that we (i.e. I) should move this code there.  I added
a TODO in the header for myself to clean this up.

[markusheintz_, 2013/05/24 13:18:18]

:)  Please file a bug for integrating the policies with the PolicyProvider of
the HostContentSettingsMap. THX

+    const base::ListValue* list = prefs->GetList(whitelist_policy_name);
+    std::string value;
+    for (size_t i = 0; i < list->GetSize(); ++i) {
+      if (list->GetString(i, &value)) {
+        ContentSettingsPattern pattern =
+            ContentSettingsPattern::FromString(value);

[markusheintz_, 2013/05/24 13:18:18]

If an admin could use the Wildcard pattern "*" in the whitelist policy to allow
media access for all websites. Chrome would not displaying the infobar in this
case.

I guess you could fix this by ignoring Wildcard patterns: e.g.
if (pattern == ContentSettingsPattern::Wildcard)
  continue;

+        DLOG_IF(ERROR, !pattern.IsValid()) << "Invalid URL pattern: " << value;
+        if (pattern.IsValid() && pattern.Matches(request_.security_origin))
+          return ALWAYS_ALLOW;
+      }
+    }
+  }
+
+  // If a match was not found, check if audio capture is otherwise disallowed
+  // or if the user should be prompted.  Setting the policy value to "true"
+  // is equal to not setting it at all, so from hereon out, we will return
+  // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access).
+  if (!prefs->IsManagedPreference(policy_name) ||
+      prefs->GetBoolean(policy_name)) {

[markusheintz_, 2013/05/24 13:01:54]

Will this not re-introduce the same issue as before?

If an admin configures the policy for the default settings and set's it to true,
then the user will never see an info bar right?

[tommi (sloooow) - chröme, 2013/05/24 13:08:31]

In this case the function returns POLICY_NOT_SET, so the user will see the info
bar.  Setting the policy to true is now equal to not setting it at all (same
behavior as it was prior to the change back in February).

Maybe you're misreading the || as && (and missed the !)?

[markusheintz_, 2013/05/24 13:18:18]

True. Sorry I missed that.

     return POLICY_NOT_SET;
+  }
 
-  return prefs->GetBoolean(policy_name) ? ALWAYS_ALLOW : ALWAYS_DENY;
+  return ALWAYS_DENY;

[Joao da Silva, 2013/05/24 12:48:01]

Suggestion: I think the logic here would be clearer as

if (prefs->IsManagedPref(policy_name) && !prefs->GetBoolean(policy_name))
  return ALWAYS_DENY;
return POLICY_NOT_SET;

[tommi (sloooow) - chröme, 2013/05/24 13:08:31]

Done.

 }
 
 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const {
@@ -210,11 +242,13 @@ bool MediaStreamDevicesController::IsRequestAllowedByDefault() const {
   struct {
     bool has_capability;
     const char* policy_name;
+    const char* list_policy_name;
     ContentSettingsType settings_type;
   } device_checks[] = {
     { microphone_requested_, prefs::kAudioCaptureAllowed,
-      CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC },
+      prefs::kAudioCaptureAllowedUrls, CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC },
     { webcam_requested_, prefs::kVideoCaptureAllowed,
+      prefs::kVideoCaptureAllowedUrls,
       CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA },
   };
 
@@ -222,7 +256,8 @@ bool MediaStreamDevicesController::IsRequestAllowedByDefault() const {
     if (!device_checks[i].has_capability)
       continue;
 
-    DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name);
+    DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name,
+                                          device_checks[i].list_policy_name);
     if (policy == ALWAYS_DENY ||
         (policy == POLICY_NOT_SET &&
          profile_->GetHostContentSettingsMap()->GetContentSetting(