Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(745)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc

Issue 19770009: PepperFileRefHost: Port to use explicit permission grants in ChildProcessSecurityPolicy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@0044-write-support-remove-child-process-security-policy-bitmask-usage
Patch Set: address kinuko comment. Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/renderer_host/pepper/pepper_external_file_ref_backend.h ('k') | content/browser/renderer_host/pepper/pepper_file_ref_host.h » ('j') | content/browser/renderer_host/pepper/pepper_internal_file_ref_backend.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc
diff --git a/content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc b/content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc
index 6b12a32ddf424940aa38c64b651548a887236d0d..27ba37dfcca0ddbda4168912d1448b634d1d7dac 100644
--- a/content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc
+++ b/content/browser/renderer_host/pepper/pepper_external_file_ref_backend.cc
@@ -105,10 +105,35 @@ base::FilePath PepperExternalFileRefBackend::GetExternalPath() const {
return path_;
}
-int32_t PepperExternalFileRefBackend::HasPermissions(
- int permissions) const {
- if (!ChildProcessSecurityPolicyImpl::GetInstance()->HasPermissionsForFile(
- render_process_id_, path_, permissions)) {
+int32_t PepperExternalFileRefBackend::CanRead() const {
+ if (!ChildProcessSecurityPolicyImpl::GetInstance()->
+ CanReadFile(render_process_id_, path_)) {
+ return PP_ERROR_NOACCESS;
+ }
+ return PP_OK;
+}
+
+int32_t PepperExternalFileRefBackend::CanWrite() const {
+ if (!ChildProcessSecurityPolicyImpl::GetInstance()->
+ CanWriteFile(render_process_id_, path_)) {
+ return PP_ERROR_NOACCESS;
+ }
+ return PP_OK;
+}
+
+int32_t PepperExternalFileRefBackend::CanCreate() const {
+ if (!ChildProcessSecurityPolicyImpl::GetInstance()->
+ CanCreateFile(render_process_id_, path_)) {
+ return PP_ERROR_NOACCESS;
+ }
+ return PP_OK;
+}
+
+int32_t PepperExternalFileRefBackend::CanReadWrite() const {
+ ChildProcessSecurityPolicyImpl* policy =
+ ChildProcessSecurityPolicyImpl::GetInstance();
+ if (!policy->CanReadFile(render_process_id_, path_) ||
teravest 2013/07/24 17:51:21 Shouldn't this be &&? It seems to me that the call
tommycli 2013/07/24 18:05:30 If either read or write is not allowed, it should
+ !policy->CanWriteFile(render_process_id_, path_)) {
return PP_ERROR_NOACCESS;
}
return PP_OK;
« no previous file with comments | « content/browser/renderer_host/pepper/pepper_external_file_ref_backend.h ('k') | content/browser/renderer_host/pepper/pepper_file_ref_host.h » ('j') | content/browser/renderer_host/pepper/pepper_internal_file_ref_backend.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698