| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 5 #ifndef CONTENT_BROWSER_SHARED_CHILD_PROCESS_SECURITY_POLICY_HELPER_H_ |
| 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 6 #define CONTENT_BROWSER_SHARED_CHILD_PROCESS_SECURITY_POLICY_HELPER_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| 11 #include <vector> | 11 #include <vector> |
| 12 | 12 |
| 13 #include "base/compiler_specific.h" | 13 #include "base/compiler_specific.h" |
| 14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
| 15 #include "base/macros.h" | 15 #include "base/macros.h" |
| 16 #include "base/memory/singleton.h" | 16 #include "base/memory/singleton.h" |
| 17 #include "base/synchronization/lock.h" | 17 #include "base/synchronization/lock.h" |
| 18 #include "content/public/browser/child_process_security_policy.h" | 18 #include "content/public/browser/child_process_security_policy.h" |
| 19 #include "content/public/common/resource_type.h" | 19 #include "content/public/common/resource_type.h" |
| 20 #include "storage/common/fileapi/file_system_types.h" | 20 #include "storage/common/fileapi/file_system_types.h" |
| 21 | 21 |
| 22 class GURL; | 22 class GURL; |
| 23 | 23 |
| 24 namespace base { | 24 namespace base { |
| 25 class FilePath; | 25 class FilePath; |
| 26 } | 26 } |
| 27 | 27 |
| 28 namespace storage { | 28 namespace storage { |
| 29 class FileSystemURL; | 29 class FileSystemURL; |
| 30 } | 30 } |
| 31 | 31 |
| 32 namespace content { | 32 namespace content { |
| 33 | 33 |
| 34 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl | 34 class CONTENT_EXPORT ChildProcessSecurityPolicyHelper |
| 35 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { | 35 : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) { |
| 36 public: | 36 public: |
| 37 // Object can only be created through GetInstance() so the constructor is | 37 // Object can only be created through GetInstance() so the constructor is |
| 38 // private. | 38 // private. |
| 39 ~ChildProcessSecurityPolicyImpl() override; | 39 ~ChildProcessSecurityPolicyHelper() override; |
| 40 | 40 |
| 41 static ChildProcessSecurityPolicyImpl* GetInstance(); | 41 static ChildProcessSecurityPolicyHelper* GetInstance(); |
| 42 | 42 |
| 43 // ChildProcessSecurityPolicy implementation. | 43 // ChildProcessSecurityPolicy implementation. |
| 44 void RegisterWebSafeScheme(const std::string& scheme) override; | 44 void RegisterWebSafeScheme(const std::string& scheme) override; |
| 45 bool IsWebSafeScheme(const std::string& scheme) override; | 45 bool IsWebSafeScheme(const std::string& scheme) override; |
| 46 void GrantReadFile(int child_id, const base::FilePath& file) override; | 46 void GrantReadFile(int child_id, const base::FilePath& file) override; |
| 47 void GrantCreateReadWriteFile(int child_id, | 47 void GrantCreateReadWriteFile(int child_id, |
| 48 const base::FilePath& file) override; | 48 const base::FilePath& file) override; |
| 49 void GrantCopyInto(int child_id, const base::FilePath& dir) override; | 49 void GrantCopyInto(int child_id, const base::FilePath& dir) override; |
| 50 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; | 50 void GrantDeleteFrom(int child_id, const base::FilePath& dir) override; |
| 51 void GrantReadFileSystem(int child_id, | 51 void GrantReadFileSystem(int child_id, |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 171 NoLeak); | 171 NoLeak); |
| 172 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest, FilePermissions); | 172 FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest, FilePermissions); |
| 173 | 173 |
| 174 class SecurityState; | 174 class SecurityState; |
| 175 | 175 |
| 176 typedef std::set<std::string> SchemeSet; | 176 typedef std::set<std::string> SchemeSet; |
| 177 typedef std::map<int, SecurityState*> SecurityStateMap; | 177 typedef std::map<int, SecurityState*> SecurityStateMap; |
| 178 typedef std::map<int, int> WorkerToMainProcessMap; | 178 typedef std::map<int, int> WorkerToMainProcessMap; |
| 179 typedef std::map<storage::FileSystemType, int> FileSystemPermissionPolicyMap; | 179 typedef std::map<storage::FileSystemType, int> FileSystemPermissionPolicyMap; |
| 180 | 180 |
| 181 // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance(). | 181 // Obtain an instance of ChildProcessSecurityPolicyHelper via GetInstance(). |
| 182 ChildProcessSecurityPolicyImpl(); | 182 ChildProcessSecurityPolicyHelper(); |
| 183 friend struct base::DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>; | 183 friend struct base::DefaultSingletonTraits<ChildProcessSecurityPolicyHelper>; |
| 184 | 184 |
| 185 // Adds child process during registration. | 185 // Adds child process during registration. |
| 186 void AddChild(int child_id); | 186 void AddChild(int child_id); |
| 187 | 187 |
| 188 // Determines if certain permissions were granted for a file to given child | 188 // Determines if certain permissions were granted for a file to given child |
| 189 // process. |permissions| is an internally defined bit-set. | 189 // process. |permissions| is an internally defined bit-set. |
| 190 bool ChildProcessHasPermissionsForFile(int child_id, | 190 bool ChildProcessHasPermissionsForFile(int child_id, |
| 191 const base::FilePath& file, | 191 const base::FilePath& file, |
| 192 int permissions); | 192 int permissions); |
| 193 | 193 |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 244 // owned by this object and are protected by |lock_|. References to them must | 244 // owned by this object and are protected by |lock_|. References to them must |
| 245 // not escape this class. | 245 // not escape this class. |
| 246 SecurityStateMap security_state_; | 246 SecurityStateMap security_state_; |
| 247 | 247 |
| 248 // This maps keeps the record of which js worker thread child process | 248 // This maps keeps the record of which js worker thread child process |
| 249 // corresponds to which main js thread child process. | 249 // corresponds to which main js thread child process. |
| 250 WorkerToMainProcessMap worker_map_; | 250 WorkerToMainProcessMap worker_map_; |
| 251 | 251 |
| 252 FileSystemPermissionPolicyMap file_system_policy_map_; | 252 FileSystemPermissionPolicyMap file_system_policy_map_; |
| 253 | 253 |
| 254 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); | 254 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyHelper); |
| 255 }; | 255 }; |
| 256 | 256 |
| 257 } // namespace content | 257 } // namespace content |
| 258 | 258 |
| 259 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ | 259 #endif // CONTENT_BROWSER_SHARED_CHILD_PROCESS_SECURITY_POLICY_HELPER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2108053005:
Pull ChildProcessSecurityPolicyImpl out to shared subfolder (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master