bluetooth: Move writeValue to mojo

content/browser/bluetooth/bluetooth_dispatcher_host.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // ID Not In Map Note:
 // A service, characteristic, or descriptor ID not in the corresponding
 // BluetoothDispatcherHost map [service_to_device_, characteristic_to_service_,
 // descriptor_to_characteristic_] implies a hostile renderer because a renderer
 // obtains the corresponding ID from this class and it will be added to the map
 // at that time.
 
 #include "content/browser/bluetooth/bluetooth_dispatcher_host.h"
 
 #include <stddef.h>
 
 #include <utility>
 
 #include "base/bind.h"
 #include "base/single_thread_task_runner.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/thread_task_runner_handle.h"
 #include "content/browser/bad_message.h"
 #include "content/browser/bluetooth/bluetooth_blacklist.h"
-#include "content/browser/bluetooth/bluetooth_metrics.h"
 #include "content/browser/bluetooth/first_device_bluetooth_chooser.h"
 #include "content/browser/frame_host/render_frame_host_impl.h"
-#include "content/common/bluetooth/bluetooth_messages.h"
 #include "content/public/browser/content_browser_client.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_delegate.h"
 #include "device/bluetooth/bluetooth_adapter.h"
 #include "device/bluetooth/bluetooth_adapter_factory.h"
 #include "device/bluetooth/bluetooth_device.h"
 #include "device/bluetooth/bluetooth_discovery_session.h"
 #include "device/bluetooth/bluetooth_gatt_characteristic.h"
 #include "device/bluetooth/bluetooth_gatt_service.h"
 
@@ skipping 124 matching lines @@
       RecordConnectGATTOutcome(UMAConnectGATTOutcome::WRITE_NOT_PERMITTED);
       return WebBluetoothError::CONNECT_WRITE_NOT_PERMITTED;
     case device::BluetoothDevice::NUM_CONNECT_ERROR_CODES:
       NOTREACHED();
       return WebBluetoothError::UNTRANSLATED_CONNECT_ERROR_CODE;
   }
   NOTREACHED();
   return WebBluetoothError::UNTRANSLATED_CONNECT_ERROR_CODE;
 }
 
-blink::WebBluetoothError TranslateGATTError(
+WebBluetoothError TranslateGATTError(
     BluetoothGattService::GattErrorCode error_code,
     UMAGATTOperation operation) {
   switch (error_code) {
     case BluetoothGattService::GATT_ERROR_UNKNOWN:
       RecordGATTOperationOutcome(operation, UMAGATTOperationOutcome::UNKNOWN);
       return blink::WebBluetoothError::GATT_UNKNOWN_ERROR;
     case BluetoothGattService::GATT_ERROR_FAILED:
       RecordGATTOperationOutcome(operation, UMAGATTOperationOutcome::FAILED);
       return blink::WebBluetoothError::GATT_UNKNOWN_FAILURE;
     case BluetoothGattService::GATT_ERROR_IN_PROGRESS:
@@ skipping 120 matching lines @@
   bool handled = true;
   IPC_BEGIN_MESSAGE_MAP(BluetoothDispatcherHost, message)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_RequestDevice, OnRequestDevice)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_GATTServerConnect, OnGATTServerConnect)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_GATTServerDisconnect,
                       OnGATTServerDisconnect)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_GetPrimaryService, OnGetPrimaryService)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_GetCharacteristic, OnGetCharacteristic)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_GetCharacteristics, OnGetCharacteristics)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_ReadValue, OnReadValue)
-  IPC_MESSAGE_HANDLER(BluetoothHostMsg_WriteValue, OnWriteValue)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_StartNotifications, OnStartNotifications)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_StopNotifications, OnStopNotifications)
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_RegisterCharacteristic,
                       OnRegisterCharacteristicObject);
   IPC_MESSAGE_HANDLER(BluetoothHostMsg_UnregisterCharacteristic,
                       OnUnregisterCharacteristicObject);
   IPC_MESSAGE_UNHANDLED(handled = false)
   IPC_END_MESSAGE_MAP()
   return handled;
 }
@@ skipping 78 matching lines @@
   const int thread_id;
   const int request_id;
   const int frame_routing_id;
   const url::Origin origin;
   const std::vector<BluetoothScanFilter> filters;
   const std::vector<BluetoothUUID> optional_services;
   scoped_ptr<BluetoothChooser> chooser;
   scoped_ptr<device::BluetoothDiscoverySession> discovery_session;
 };
 
-struct BluetoothDispatcherHost::CacheQueryResult {
-  CacheQueryResult()
-      : device(nullptr),
-        service(nullptr),
-        characteristic(nullptr),
-        outcome(CacheQueryOutcome::SUCCESS) {}
-  CacheQueryResult(CacheQueryOutcome outcome)
-      : device(nullptr),
-        service(nullptr),
-        characteristic(nullptr),
-        outcome(outcome) {}
-  ~CacheQueryResult() {}
-  WebBluetoothError GetWebError() const {
-    switch (outcome) {
-      case CacheQueryOutcome::SUCCESS:
-      case CacheQueryOutcome::BAD_RENDERER:
-        NOTREACHED();
-        return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
-      case CacheQueryOutcome::NO_DEVICE:
-        return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
-      case CacheQueryOutcome::NO_SERVICE:
-        return WebBluetoothError::SERVICE_NO_LONGER_EXISTS;
-      case CacheQueryOutcome::NO_CHARACTERISTIC:
-        return WebBluetoothError::CHARACTERISTIC_NO_LONGER_EXISTS;
-    }
-    NOTREACHED();
-    return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
+BluetoothDispatcherHost::CacheQueryResult::CacheQueryResult() {}
+
+BluetoothDispatcherHost::CacheQueryResult::CacheQueryResult(
+    CacheQueryOutcome outcome)
+    : outcome(outcome) {}
+
+BluetoothDispatcherHost::CacheQueryResult::~CacheQueryResult() {}
+
+WebBluetoothError BluetoothDispatcherHost::CacheQueryResult::GetWebError()
+    const {
+  switch (outcome) {
+    case CacheQueryOutcome::SUCCESS:
+    case CacheQueryOutcome::BAD_RENDERER:
+      NOTREACHED();
+      return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
+    case CacheQueryOutcome::NO_DEVICE:
+      return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
+    case CacheQueryOutcome::NO_SERVICE:
+      return WebBluetoothError::SERVICE_NO_LONGER_EXISTS;
+    case CacheQueryOutcome::NO_CHARACTERISTIC:
+      return WebBluetoothError::CHARACTERISTIC_NO_LONGER_EXISTS;
   }
-
-  device::BluetoothDevice* device;
-  device::BluetoothGattService* service;
-  device::BluetoothGattCharacteristic* characteristic;
-  CacheQueryOutcome outcome;
-};
+  NOTREACHED();
+  return WebBluetoothError::DEVICE_NO_LONGER_IN_RANGE;
+}
 
 struct BluetoothDispatcherHost::PrimaryServicesRequest {
   enum CallingFunction { GET_PRIMARY_SERVICE, GET_PRIMARY_SERVICES };
 
   PrimaryServicesRequest(int thread_id,
                          int request_id,
                          const std::string& service_uuid,
                          PrimaryServicesRequest::CallingFunction func)
       : thread_id(thread_id),
         request_id(request_id),
@@ skipping 524 matching lines @@
     return;
   }
 
   query_result.characteristic->ReadRemoteCharacteristic(
       base::Bind(&BluetoothDispatcherHost::OnCharacteristicValueRead,
                  weak_ptr_on_ui_thread_, thread_id, request_id),
       base::Bind(&BluetoothDispatcherHost::OnCharacteristicReadValueError,
                  weak_ptr_on_ui_thread_, thread_id, request_id));
 }
 
-void BluetoothDispatcherHost::OnWriteValue(
-    int thread_id,
-    int request_id,
-    int frame_routing_id,
-    const std::string& characteristic_instance_id,
-    const std::vector<uint8_t>& value) {
-  DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  RecordWebBluetoothFunctionCall(
-      UMAWebBluetoothFunction::CHARACTERISTIC_WRITE_VALUE);
-
-  // Length check per step 3 of writeValue algorithm:
-  // https://webbluetoothchrome.github.io/web-bluetooth/#dom-bluetoothgattcharacteristic-writevalue
-  // We perform the length check on the renderer side. So if we
-  // get a value with length > 512, we can assume it's a hostile
-  // renderer and kill it.
-  if (value.size() > 512) {
-    bad_message::ReceivedBadMessage(
-        this, bad_message::BDH_INVALID_WRITE_VALUE_LENGTH);
-    return;
-  }
-
-  const CacheQueryResult query_result = QueryCacheForCharacteristic(
-      GetOrigin(frame_routing_id), characteristic_instance_id);
-
-  if (query_result.outcome == CacheQueryOutcome::BAD_RENDERER) {
-    return;
-  }
-
-  if (query_result.outcome != CacheQueryOutcome::SUCCESS) {
-    RecordCharacteristicWriteValueOutcome(query_result.outcome);
-    Send(new BluetoothMsg_WriteCharacteristicValueError(
-        thread_id, request_id, query_result.GetWebError()));
-    return;
-  }
-
-  if (BluetoothBlacklist::Get().IsExcludedFromWrites(
-          query_result.characteristic->GetUUID())) {
-    RecordCharacteristicWriteValueOutcome(UMAGATTOperationOutcome::BLACKLISTED);
-    Send(new BluetoothMsg_WriteCharacteristicValueError(
-        thread_id, request_id, WebBluetoothError::BLACKLISTED_WRITE));
-    return;
-  }
-
-  query_result.characteristic->WriteRemoteCharacteristic(
-      value, base::Bind(&BluetoothDispatcherHost::OnWriteValueSuccess,
-                        weak_ptr_on_ui_thread_, thread_id, request_id),
-      base::Bind(&BluetoothDispatcherHost::OnWriteValueFailed,
-                 weak_ptr_on_ui_thread_, thread_id, request_id));
-}
-
 void BluetoothDispatcherHost::OnStartNotifications(
     int thread_id,
     int request_id,
     int frame_routing_id,
     const std::string& characteristic_instance_id) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   RecordWebBluetoothFunctionCall(
       UMAWebBluetoothFunction::CHARACTERISTIC_START_NOTIFICATIONS);
 
   // BluetoothDispatcher will never send a request for a characteristic
@@ skipping 467 matching lines @@
     int thread_id,
     int request_id,
     device::BluetoothGattService::GattErrorCode error_code) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   // TranslateGATTError calls RecordGATTOperationOutcome.
   Send(new BluetoothMsg_ReadCharacteristicValueError(
       thread_id, request_id,
       TranslateGATTError(error_code, UMAGATTOperation::CHARACTERISTIC_READ)));
 }
 
-void BluetoothDispatcherHost::OnWriteValueSuccess(int thread_id,
-                                                  int request_id) {
-  DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  RecordCharacteristicWriteValueOutcome(UMAGATTOperationOutcome::SUCCESS);
-  Send(new BluetoothMsg_WriteCharacteristicValueSuccess(thread_id, request_id));
-}
-
-void BluetoothDispatcherHost::OnWriteValueFailed(
-    int thread_id,
-    int request_id,
-    device::BluetoothGattService::GattErrorCode error_code) {
-  DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  // TranslateGATTError calls RecordGATTOperationOutcome.
-  Send(new BluetoothMsg_WriteCharacteristicValueError(
-      thread_id, request_id,
-      TranslateGATTError(error_code, UMAGATTOperation::CHARACTERISTIC_WRITE)));
-}
-
 void BluetoothDispatcherHost::OnStartNotifySessionSuccess(
     int thread_id,
     int request_id,
     scoped_ptr<device::BluetoothGattNotifySession> notify_session) {
   RecordStartNotificationsOutcome(UMAGATTOperationOutcome::SUCCESS);
 
   // Copy Characteristic Instance ID before passing scoped pointer because
   // compilers may evaluate arguments in any order.
   const std::string characteristic_instance_id =
       notify_session->GetCharacteristicIdentifier();
@@ skipping 128 matching lines @@
 
 bool BluetoothDispatcherHost::CanFrameAccessCharacteristicInstance(
     int frame_routing_id,
     const std::string& characteristic_instance_id) {
   return QueryCacheForCharacteristic(GetOrigin(frame_routing_id),
                                      characteristic_instance_id)
              .outcome != CacheQueryOutcome::BAD_RENDERER;
 }
 
 }  // namespace content