PepperFileRefHost: Port to use explicit permission grants in ChildProcessSecurityPolicy.

content/browser/fileapi/browser_file_system_helper.cc

Index: content/browser/fileapi/browser_file_system_helper.cc
diff --git a/content/browser/fileapi/browser_file_system_helper.cc b/content/browser/fileapi/browser_file_system_helper.cc
index e8e81ce12362aa51871e5bc12a3da4d6705d8200..12aa96a7e270b1011a8d752365bcd3e333272122 100644
--- a/content/browser/fileapi/browser_file_system_helper.cc
+++ b/content/browser/fileapi/browser_file_system_helper.cc
@@ -92,34 +92,34 @@ scoped_refptr<fileapi::FileSystemContext> CreateFileSystemContext(
   return file_system_context;
 }
 
+bool FileSystemURLIsValid(
+    fileapi::FileSystemContext* context,
+    const fileapi::FileSystemURL& url) {
+  if (!url.is_valid())
+    return false;
+
+  return context->GetFileSystemBackend(url.type()) != NULL;
+}
+
 bool CheckFileSystemPermissionsForProcess(
     fileapi::FileSystemContext* context, int process_id,
     const fileapi::FileSystemURL& url, int permissions,
     base::PlatformFileError* error) {
   DCHECK(error);
-  *error = base::PLATFORM_FILE_OK;
 
-  if (!url.is_valid()) {
+  if (!FileSystemURLIsValid(context, url)) {
     *error = base::PLATFORM_FILE_ERROR_INVALID_URL;
     return false;
   }
 
-  fileapi::FileSystemBackend* mount_point_provider =
-      context->GetFileSystemBackend(url.type());
-  if (!mount_point_provider) {
-    *error = base::PLATFORM_FILE_ERROR_INVALID_URL;
+  if (!ChildProcessSecurityPolicyImpl::GetInstance()->
+          HasPermissionsForFileSystemFile(process_id, url, permissions)) {
+    *error = base::PLATFORM_FILE_ERROR_SECURITY;
     return false;
   }
 
-  base::FilePath file_path;
-  ChildProcessSecurityPolicyImpl* policy =
-      ChildProcessSecurityPolicyImpl::GetInstance();
-
-  if (policy->HasPermissionsForFileSystemFile(process_id, url, permissions))
-    return true;
-
-  *error = base::PLATFORM_FILE_ERROR_SECURITY;
-  return false;
+  *error = base::PLATFORM_FILE_OK;
+  return true;
 }
 
 void SyncGetPlatformPath(fileapi::FileSystemContext* context,
@@ -131,27 +131,22 @@ void SyncGetPlatformPath(fileapi::FileSystemContext* context,
   DCHECK(platform_path);
   *platform_path = base::FilePath();
   fileapi::FileSystemURL url(context->CrackURL(path));
-  if (!url.is_valid())
+  if (!FileSystemURLIsValid(context, url))
     return;
 
   // Make sure if this file is ok to be read (in the current architecture
   // which means roughly same as the renderer is allowed to get the platform
   // path to the file).
-  base::PlatformFileError error;
-  if (!CheckFileSystemPermissionsForProcess(
-      context, process_id, url, fileapi::kReadFilePermissions, &error))
+  ChildProcessSecurityPolicyImpl* policy =
+      ChildProcessSecurityPolicyImpl::GetInstance();
+  if (!policy->CanReadFileSystemFile(process_id, url))
     return;
 
   context->operation_runner()->SyncGetPlatformPath(url, platform_path);
 
   // The path is to be attached to URLLoader so we grant read permission
-  // for the file. (We first need to check if it can already be read not to
-  // overwrite existing permissions)
-  if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanReadFile(
-          process_id, *platform_path)) {
-    ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
-        process_id, *platform_path);
-  }
+  // for the file.
+  policy->GrantReadFile(process_id, *platform_path);

[kinuko, 2013/07/24 09:25:23]

Has situation changed so that we don't need to check it's readable first?

[tommycli, 2013/07/24 14:38:00]

Yes. It used to simply replace the granted permission. Now it does a bitwise OR
and adds the permission.

 }
 
 }  // namespace content