| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/pepper/pepper_file_ref_host.h" | 5 #include "content/browser/renderer_host/pepper/pepper_file_ref_host.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "content/browser/renderer_host/pepper/pepper_external_file_ref_backend.
h" | 9 #include "content/browser/renderer_host/pepper/pepper_external_file_ref_backend.
h" |
| 10 #include "content/browser/renderer_host/pepper/pepper_file_system_browser_host.h
" | 10 #include "content/browser/renderer_host/pepper/pepper_file_system_browser_host.h
" |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 return backend_->GetFileSystemURLSpec(); | 120 return backend_->GetFileSystemURLSpec(); |
| 121 return std::string(); | 121 return std::string(); |
| 122 } | 122 } |
| 123 | 123 |
| 124 base::FilePath PepperFileRefHost::GetExternalPath() const { | 124 base::FilePath PepperFileRefHost::GetExternalPath() const { |
| 125 if (backend_) | 125 if (backend_) |
| 126 return backend_->GetExternalPath(); | 126 return backend_->GetExternalPath(); |
| 127 return base::FilePath(); | 127 return base::FilePath(); |
| 128 } | 128 } |
| 129 | 129 |
| 130 int32_t PepperFileRefHost::HasPermissions(int permissions) const { | 130 int32_t PepperFileRefHost::CanRead() const { |
| 131 if (backend_) | 131 if (backend_) |
| 132 return backend_->HasPermissions(permissions); | 132 return backend_->CanRead(); |
| 133 return PP_ERROR_FAILED; | 133 return PP_ERROR_FAILED; |
| 134 } | 134 } |
| 135 | 135 |
| 136 int32_t PepperFileRefHost::CanWrite() const { |
| 137 if (backend_) |
| 138 return backend_->CanWrite(); |
| 139 return PP_ERROR_FAILED; |
| 140 } |
| 141 |
| 142 int32_t PepperFileRefHost::CanCreate() const { |
| 143 if (backend_) |
| 144 return backend_->CanCreate(); |
| 145 return PP_ERROR_FAILED; |
| 146 } |
| 147 |
| 148 int32_t PepperFileRefHost::CanReadWrite() const { |
| 149 if (backend_) |
| 150 return backend_->CanReadWrite(); |
| 151 return PP_ERROR_FAILED; |
| 152 } |
| 153 |
| 136 int32_t PepperFileRefHost::OnResourceMessageReceived( | 154 int32_t PepperFileRefHost::OnResourceMessageReceived( |
| 137 const IPC::Message& msg, | 155 const IPC::Message& msg, |
| 138 ppapi::host::HostMessageContext* context) { | 156 ppapi::host::HostMessageContext* context) { |
| 139 if (!backend_) | 157 if (!backend_) |
| 140 return PP_ERROR_FAILED; | 158 return PP_ERROR_FAILED; |
| 141 | 159 |
| 142 IPC_BEGIN_MESSAGE_MAP(PepperFileRefHost, msg) | 160 IPC_BEGIN_MESSAGE_MAP(PepperFileRefHost, msg) |
| 143 PPAPI_DISPATCH_HOST_RESOURCE_CALL(PpapiHostMsg_FileRef_MakeDirectory, | 161 PPAPI_DISPATCH_HOST_RESOURCE_CALL(PpapiHostMsg_FileRef_MakeDirectory, |
| 144 OnMakeDirectory); | 162 OnMakeDirectory); |
| 145 PPAPI_DISPATCH_HOST_RESOURCE_CALL(PpapiHostMsg_FileRef_Touch, | 163 PPAPI_DISPATCH_HOST_RESOURCE_CALL(PpapiHostMsg_FileRef_Touch, |
| (...skipping 10 matching lines...) Expand all Loading... |
| 156 PPAPI_DISPATCH_HOST_RESOURCE_CALL_0(PpapiHostMsg_FileRef_GetAbsolutePath, | 174 PPAPI_DISPATCH_HOST_RESOURCE_CALL_0(PpapiHostMsg_FileRef_GetAbsolutePath, |
| 157 OnGetAbsolutePath); | 175 OnGetAbsolutePath); |
| 158 | 176 |
| 159 IPC_END_MESSAGE_MAP() | 177 IPC_END_MESSAGE_MAP() |
| 160 return PP_ERROR_FAILED; | 178 return PP_ERROR_FAILED; |
| 161 } | 179 } |
| 162 | 180 |
| 163 int32_t PepperFileRefHost::OnMakeDirectory( | 181 int32_t PepperFileRefHost::OnMakeDirectory( |
| 164 ppapi::host::HostMessageContext* context, | 182 ppapi::host::HostMessageContext* context, |
| 165 bool make_ancestors) { | 183 bool make_ancestors) { |
| 166 int32_t rv = HasPermissions(fileapi::kCreateFilePermissions); | 184 int32_t rv = CanCreate(); |
| 167 if (rv != PP_OK) | 185 if (rv != PP_OK) |
| 168 return rv; | 186 return rv; |
| 169 return backend_->MakeDirectory(context->MakeReplyMessageContext(), | 187 return backend_->MakeDirectory(context->MakeReplyMessageContext(), |
| 170 make_ancestors); | 188 make_ancestors); |
| 171 } | 189 } |
| 172 | 190 |
| 173 int32_t PepperFileRefHost::OnTouch(ppapi::host::HostMessageContext* context, | 191 int32_t PepperFileRefHost::OnTouch(ppapi::host::HostMessageContext* context, |
| 174 PP_Time last_access_time, | 192 PP_Time last_access_time, |
| 175 PP_Time last_modified_time) { | 193 PP_Time last_modified_time) { |
| 176 // TODO(teravest): Change this to be kWriteFilePermissions here and in | 194 // TODO(teravest): Change this to be kWriteFilePermissions here and in |
| 177 // fileapi_message_filter. | 195 // fileapi_message_filter. |
| 178 int32_t rv = HasPermissions(fileapi::kCreateFilePermissions); | 196 int32_t rv = CanCreate(); |
| 179 if (rv != PP_OK) | 197 if (rv != PP_OK) |
| 180 return rv; | 198 return rv; |
| 181 return backend_->Touch(context->MakeReplyMessageContext(), | 199 return backend_->Touch(context->MakeReplyMessageContext(), |
| 182 last_access_time, | 200 last_access_time, |
| 183 last_modified_time); | 201 last_modified_time); |
| 184 } | 202 } |
| 185 | 203 |
| 186 int32_t PepperFileRefHost::OnDelete(ppapi::host::HostMessageContext* context) { | 204 int32_t PepperFileRefHost::OnDelete(ppapi::host::HostMessageContext* context) { |
| 187 int32_t rv = HasPermissions(fileapi::kWriteFilePermissions); | 205 int32_t rv = CanWrite(); |
| 188 if (rv != PP_OK) | 206 if (rv != PP_OK) |
| 189 return rv; | 207 return rv; |
| 190 return backend_->Delete(context->MakeReplyMessageContext()); | 208 return backend_->Delete(context->MakeReplyMessageContext()); |
| 191 } | 209 } |
| 192 | 210 |
| 193 int32_t PepperFileRefHost::OnRename(ppapi::host::HostMessageContext* context, | 211 int32_t PepperFileRefHost::OnRename(ppapi::host::HostMessageContext* context, |
| 194 PP_Resource new_file_ref) { | 212 PP_Resource new_file_ref) { |
| 195 int32_t rv = HasPermissions( | 213 int32_t rv = CanReadWrite(); |
| 196 fileapi::kReadFilePermissions | fileapi::kWriteFilePermissions); | |
| 197 if (rv != PP_OK) | 214 if (rv != PP_OK) |
| 198 return rv; | 215 return rv; |
| 199 | 216 |
| 200 ResourceHost* resource_host = | 217 ResourceHost* resource_host = |
| 201 host_->GetPpapiHost()->GetResourceHost(new_file_ref); | 218 host_->GetPpapiHost()->GetResourceHost(new_file_ref); |
| 202 if (!resource_host) | 219 if (!resource_host) |
| 203 return PP_ERROR_BADRESOURCE; | 220 return PP_ERROR_BADRESOURCE; |
| 204 | 221 |
| 205 PepperFileRefHost* file_ref_host = resource_host->AsPepperFileRefHost(); | 222 PepperFileRefHost* file_ref_host = resource_host->AsPepperFileRefHost(); |
| 206 if (!file_ref_host) | 223 if (!file_ref_host) |
| 207 return PP_ERROR_BADRESOURCE; | 224 return PP_ERROR_BADRESOURCE; |
| 208 | 225 |
| 209 rv = file_ref_host->HasPermissions(fileapi::kCreateFilePermissions); | 226 rv = file_ref_host->CanCreate(); |
| 210 if (rv != PP_OK) | 227 if (rv != PP_OK) |
| 211 return rv; | 228 return rv; |
| 212 | 229 |
| 213 return backend_->Rename(context->MakeReplyMessageContext(), | 230 return backend_->Rename(context->MakeReplyMessageContext(), |
| 214 file_ref_host); | 231 file_ref_host); |
| 215 } | 232 } |
| 216 | 233 |
| 217 int32_t PepperFileRefHost::OnQuery(ppapi::host::HostMessageContext* context) { | 234 int32_t PepperFileRefHost::OnQuery(ppapi::host::HostMessageContext* context) { |
| 218 int32_t rv = HasPermissions(fileapi::kReadFilePermissions); | 235 int32_t rv = CanRead(); |
| 219 if (rv != PP_OK) | 236 if (rv != PP_OK) |
| 220 return rv; | 237 return rv; |
| 221 return backend_->Query(context->MakeReplyMessageContext()); | 238 return backend_->Query(context->MakeReplyMessageContext()); |
| 222 } | 239 } |
| 223 | 240 |
| 224 int32_t PepperFileRefHost::OnReadDirectoryEntries( | 241 int32_t PepperFileRefHost::OnReadDirectoryEntries( |
| 225 ppapi::host::HostMessageContext* context) { | 242 ppapi::host::HostMessageContext* context) { |
| 226 int32_t rv = HasPermissions(fileapi::kReadFilePermissions); | 243 int32_t rv = CanRead(); |
| 227 if (rv != PP_OK) | 244 if (rv != PP_OK) |
| 228 return rv; | 245 return rv; |
| 229 return backend_->ReadDirectoryEntries(context->MakeReplyMessageContext()); | 246 return backend_->ReadDirectoryEntries(context->MakeReplyMessageContext()); |
| 230 } | 247 } |
| 231 | 248 |
| 232 int32_t PepperFileRefHost::OnGetAbsolutePath( | 249 int32_t PepperFileRefHost::OnGetAbsolutePath( |
| 233 ppapi::host::HostMessageContext* context) { | 250 ppapi::host::HostMessageContext* context) { |
| 234 if (!host_->GetPpapiHost()->permissions().HasPermission( | 251 if (!host_->GetPpapiHost()->permissions().HasPermission( |
| 235 ppapi::PERMISSION_PRIVATE)) | 252 ppapi::PERMISSION_PRIVATE)) |
| 236 return PP_ERROR_NOACCESS; | 253 return PP_ERROR_NOACCESS; |
| 237 return backend_->GetAbsolutePath(context->MakeReplyMessageContext()); | 254 return backend_->GetAbsolutePath(context->MakeReplyMessageContext()); |
| 238 } | 255 } |
| 239 | 256 |
| 240 } // namespace content | 257 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 19770009:
PepperFileRefHost: Port to use explicit permission grants in ChildProcessSecurityPolicy. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@0044-write-support-remove-child-process-security-policy-bitmask-usage