Update the child process security policy to use explicit permission grants.

content/browser/child_process_security_policy_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <set>
 #include <string>
 
 #include "base/basictypes.h"
 #include "base/files/file_path.h"
 #include "base/platform_file.h"
@@ skipping 60 matching lines @@
   virtual void TearDown() {
     test_browser_client_.ClearSchemes();
     SetBrowserClientForTesting(old_browser_client_);
   }
 
  protected:
   void RegisterTestScheme(const std::string& scheme) {
     test_browser_client_.AddScheme(scheme);
   }
 
+  void GrantPermissionsForFile(ChildProcessSecurityPolicyImpl* p,
+                               int child_id,
+                               const base::FilePath& file,
+                               int permissions) {
+    p->GrantPermissionsForFile(child_id, file, permissions);
+  }
+
  private:
   ChildProcessSecurityPolicyTestBrowserClient test_browser_client_;
   ContentBrowserClient* old_browser_client_;
 };
 
 TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) {
   ChildProcessSecurityPolicyImpl* p =
       ChildProcessSecurityPolicyImpl::GetInstance();
 
   EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme));
@@ skipping 258 matching lines @@
   base::FilePath relative_file = base::FilePath(FILE_PATH_LITERAL("home/joe"));
 
   ChildProcessSecurityPolicyImpl* p =
       ChildProcessSecurityPolicyImpl::GetInstance();
 
   // Grant permissions for a file.
   p->Add(kRendererID);
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
 
-  p->GrantPermissionsForFile(kRendererID, granted_file,
+  GrantPermissionsForFile(p, kRendererID, granted_file,
                              base::PLATFORM_FILE_OPEN |
                              base::PLATFORM_FILE_OPEN_TRUNCATED |
                              base::PLATFORM_FILE_READ |
                              base::PLATFORM_FILE_WRITE);
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                        base::PLATFORM_FILE_OPEN |
                                        base::PLATFORM_FILE_OPEN_TRUNCATED |
                                        base::PLATFORM_FILE_READ |
                                        base::PLATFORM_FILE_WRITE));
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
@@ skipping 31 matching lines @@
   // CPSP doesn't allow this case for the sake of simplicity.
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, self_traversal,
                                         base::PLATFORM_FILE_OPEN |
                                         base::PLATFORM_FILE_READ));
   p->Remove(kRendererID);
 
   // Grant permissions for the directory the file is in.
   p->Add(kRendererID);
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
-  p->GrantPermissionsForFile(kRendererID, parent_file,
+  GrantPermissionsForFile(p, kRendererID, parent_file,
                              base::PLATFORM_FILE_OPEN |
                              base::PLATFORM_FILE_READ);
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_READ |
                                         base::PLATFORM_FILE_WRITE));
   p->Remove(kRendererID);
 
   // Grant permissions for the directory the file is in (with trailing '/').
   p->Add(kRendererID);
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
-  p->GrantPermissionsForFile(kRendererID, parent_slash_file,
+  GrantPermissionsForFile(p, kRendererID, parent_slash_file,
                              base::PLATFORM_FILE_OPEN |
                              base::PLATFORM_FILE_READ);
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_READ |
                                         base::PLATFORM_FILE_WRITE));
 
   // Grant permissions for the file (should overwrite the permissions granted
   // for the directory).
-  p->GrantPermissionsForFile(kRendererID, granted_file,
+  GrantPermissionsForFile(p, kRendererID, granted_file,
                              base::PLATFORM_FILE_TEMPORARY);
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN));
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                        base::PLATFORM_FILE_TEMPORARY));
 
   // Revoke all permissions for the file (it should inherit its permissions
   // from the directory again).
   p->RevokeAllPermissionsForFile(kRendererID, granted_file);
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                        base::PLATFORM_FILE_OPEN |
                                        base::PLATFORM_FILE_READ));
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                         base::PLATFORM_FILE_TEMPORARY));
   p->Remove(kRendererID);
 
   // Grant file permissions for the file to main thread renderer process,
   // make sure its worker thread renderer process inherits those.
   p->Add(kRendererID);
-  p->GrantPermissionsForFile(kRendererID, granted_file,
+  GrantPermissionsForFile(p, kRendererID, granted_file,
                              base::PLATFORM_FILE_OPEN |
                              base::PLATFORM_FILE_READ);
   EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
                                        base::PLATFORM_FILE_OPEN |
                                        base::PLATFORM_FILE_READ));
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
                                        base::PLATFORM_FILE_WRITE));
   p->AddWorker(kWorkerRendererID, kRendererID);
   EXPECT_TRUE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
                                        base::PLATFORM_FILE_OPEN |
                                        base::PLATFORM_FILE_READ));
   EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
                                         base::PLATFORM_FILE_WRITE));
   p->Remove(kRendererID);
   EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
                                         base::PLATFORM_FILE_OPEN |
                                         base::PLATFORM_FILE_READ));
   p->Remove(kWorkerRendererID);
 
   p->Add(kRendererID);
-  p->GrantPermissionsForFile(kRendererID, relative_file,
+  GrantPermissionsForFile(p, kRendererID, relative_file,
                              base::PLATFORM_FILE_OPEN);
   EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, relative_file,
                                         base::PLATFORM_FILE_OPEN));
   p->Remove(kRendererID);
 }
 
 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) {
   ChildProcessSecurityPolicyImpl* p =
       ChildProcessSecurityPolicyImpl::GetInstance();
 
@@ skipping 33 matching lines @@
   // queried on the IO thread.  The ChildProcessSecurityPolicy needs to be
   // prepared to answer policy questions about renderers who no longer exist.
 
   // In this case, we default to secure behavior.
   EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
   EXPECT_FALSE(p->CanReadFile(kRendererID, file));
   EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
 }
 
 }  // namespace content