Move implementation of ChildProcessSecurityPolicyImpl to c/b/shared, and wrap in c/b

content/browser/child_process_security_policy_impl.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
 
 #include <map>
 #include <set>
 #include <string>
@@ skipping 153 matching lines @@
   // Returns true if sending system exclusive messages is allowed.
   bool CanSendMidiSysExMessage(int child_id);
 
  private:
   friend class ChildProcessSecurityPolicyInProcessBrowserTest;
   friend class ChildProcessSecurityPolicyTest;
   FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest,
                            NoLeak);
   FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyTest, FilePermissions);
 
-  class SecurityState;
-
-  typedef std::set<std::string> SchemeSet;
-  typedef std::map<int, SecurityState*> SecurityStateMap;
-  typedef std::map<int, int> WorkerToMainProcessMap;
-  typedef std::map<storage::FileSystemType, int> FileSystemPermissionPolicyMap;
-
   // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance().
   ChildProcessSecurityPolicyImpl();
   friend struct base::DefaultSingletonTraits<ChildProcessSecurityPolicyImpl>;
 
-  // Adds child process during registration.
-  void AddChild(int child_id);
-
-  // Determines if certain permissions were granted for a file to given child
-  // process. |permissions| is an internally defined bit-set.
-  bool ChildProcessHasPermissionsForFile(int child_id,
-                                         const base::FilePath& file,
-                                         int permissions);
-
-  // Grant a particular permission set for a file. |permissions| is an
-  // internally defined bit-set.
-  void GrantPermissionsForFile(int child_id,
-                               const base::FilePath& file,
-                               int permissions);
-
-  // Grants access permission to the given isolated file system
-  // identified by |filesystem_id|.  See comments for
-  // ChildProcessSecurityPolicy::GrantReadFileSystem() for more details.
-  void GrantPermissionsForFileSystem(
-      int child_id,
-      const std::string& filesystem_id,
-      int permission);
-
-  // Determines if certain permissions were granted for a file. |permissions|
-  // is an internally defined bit-set. If |child_id| is a worker process,
-  // this returns true if either the worker process or its parent renderer
-  // has permissions for the file.
-  bool HasPermissionsForFile(int child_id,
-                             const base::FilePath& file,
-                             int permissions);
-
-  // Determines if certain permissions were granted for a file in FileSystem
-  // API. |permissions| is an internally defined bit-set.
-  bool HasPermissionsForFileSystemFile(int child_id,
-                                       const storage::FileSystemURL& url,
-                                       int permissions);
-
-  // Determines if certain permissions were granted for a file system.
-  // |permissions| is an internally defined bit-set.
-  bool HasPermissionsForFileSystem(
-      int child_id,
-      const std::string& filesystem_id,
-      int permission);
-
-  // You must acquire this lock before reading or writing any members of this
-  // class.  You must not block while holding this lock.
-  base::Lock lock_;
-
-  // These schemes are white-listed for all child processes.  This set is
-  // protected by |lock_|.
-  SchemeSet web_safe_schemes_;
-
-  // These schemes do not actually represent retrievable URLs.  For example,
-  // the the URLs in the "about" scheme are aliases to other URLs.  This set is
-  // protected by |lock_|.
-  SchemeSet pseudo_schemes_;
-
-  // This map holds a SecurityState for each child process.  The key for the
-  // map is the ID of the ChildProcessHost.  The SecurityState objects are
-  // owned by this object and are protected by |lock_|.  References to them must
-  // not escape this class.
-  SecurityStateMap security_state_;
-
-  // This maps keeps the record of which js worker thread child process
-  // corresponds to which main js thread child process.
-  WorkerToMainProcessMap worker_map_;
-
-  FileSystemPermissionPolicyMap file_system_policy_map_;
-
   DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
 };
 
 }  // namespace content
 
 #endif  // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_