Factor out core logic from OnCanAccessFile() and add tests for it

chrome/browser/net/chrome_network_delegate_unittest.cc

Index: chrome/browser/net/chrome_network_delegate_unittest.cc
diff --git a/chrome/browser/net/chrome_network_delegate_unittest.cc b/chrome/browser/net/chrome_network_delegate_unittest.cc
index 59cbf696e346fe2d424ab7213a7b19c6bdf304a5..ab9c7c51449b71b4321672cbc987560e3462e7f0 100644
--- a/chrome/browser/net/chrome_network_delegate_unittest.cc
+++ b/chrome/browser/net/chrome_network_delegate_unittest.cc
@@ -123,6 +123,14 @@ class FakeDataUseAggregator : public data_usage::DataUseAggregator {
   int64_t off_the_record_rx_bytes_;
 };
 
+// Helper function to make the IsAccessAllowed test concise.
+bool IsAccessAllowed(const std::string& path,
+                     const std::string& profile_path) {
+  return ChromeNetworkDelegate::IsAccessAllowed(
+      base::FilePath::FromUTF8Unsafe(path),
+      base::FilePath::FromUTF8Unsafe(profile_path));
+}
+
 }  // namespace
 
 class ChromeNetworkDelegateTest : public testing::Test {
@@ -528,3 +536,58 @@ TEST_F(ChromeNetworkDelegatePrivacyModeTest,
   EXPECT_FALSE(network_delegate_->CanEnablePrivacyMode(kAllowedSite,
                                                        kBlockedFirstPartySite));
 }
+
+TEST(ChromeNetworkDelegateStaticTest, IsAccessAllowed) {
+#if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
+  // Platforms other than Chrome OS and Android have access to any files.
+  EXPECT_TRUE(IsAccessAllowed("/", ""));
+  EXPECT_TRUE(IsAccessAllowed("/foo.txt", ""));
+  return;

[eroman, 2017/01/27 01:21:49]

Is this return needed? (it looks like there won't be any other code executed in
this case anyway).

[satorux1, 2017/01/27 06:23:35]

good point. removed!

+#endif
+
+#if defined(OS_CHROMEOS) || defined(OS_ANDROID)
+  // Chrome OS and Android don't have access to random files.
+  EXPECT_FALSE(IsAccessAllowed("/", ""));
+  EXPECT_FALSE(IsAccessAllowed("/foo.txt", ""));
+#endif
+
+#if defined(OS_CHROMEOS)
+  // Chrome OS allows the following directories.
+  EXPECT_TRUE(IsAccessAllowed("/home/chronos/user/Downloads", ""));
+  EXPECT_TRUE(IsAccessAllowed("/home/chronos/user/log", ""));
+  EXPECT_TRUE(IsAccessAllowed("/home/chronos/user/WebRTC Logs", ""));
+  EXPECT_TRUE(IsAccessAllowed("/media", ""));
+  EXPECT_TRUE(IsAccessAllowed("/opt/oem", ""));
+  EXPECT_TRUE(IsAccessAllowed("/usr/share/chromeos-assets", ""));
+  EXPECT_TRUE(IsAccessAllowed("/tmp", ""));
+  EXPECT_TRUE(IsAccessAllowed("/var/log", ""));
+  // Files under the directories are allowed.
+  EXPECT_TRUE(IsAccessAllowed("/tmp/foo.txt", ""));
+  // Make sure similar paths are not allowed.
+  EXPECT_FALSE(IsAccessAllowed("/home/chronos/user/log.txt", ""));
+  EXPECT_FALSE(IsAccessAllowed("/home/chronos/user", ""));
+  EXPECT_FALSE(IsAccessAllowed("/home/chronos", ""));
+
+  // If profile path is given, the following additional paths are allowed.
+  EXPECT_TRUE(IsAccessAllowed("/profile/Downloads", "/profile"));
+  EXPECT_TRUE(IsAccessAllowed("/profile/WebRTC Logs", "/profile"));
+
+#elif defined(OS_ANDROID)
+  // Android allows the following directories.
+  EXPECT_TRUE(IsAccessAllowed("/sdcard", ""));
+  EXPECT_TRUE(IsAccessAllowed("/mnt/sdcard", ""));
+  // Files under the directories are allowed.
+  EXPECT_TRUE(IsAccessAllowed("/sdcard/foo.txt", ""));
+  // Make sure similar paths are not allowed.
+  EXPECT_FALSE(IsAccessAllowed("/mnt/sdcard.txt", ""));
+  EXPECT_FALSE(IsAccessAllowed("/mnt", ""));
+
+  // Files in external storage are allowed.
+  base::FilePath external_storage_path;
+  PathService::Get(base::DIR_ANDROID_EXTERNAL_STORAGE, &external_storage_path);
+  EXPECT_TRUE(IsAccessAllowed(
+      external_storage_path.AppendASCII("foo.txt").AsUTF8Unsafe(), ""));
+  // The external storage root itself is not allowed.
+  EXPECT_FALSE(IsAccessAllowed(external_storage_path.AsUTF8Unsafe(), ""));
+#endif
+}