Move media permission checking logic for ChromeOS login pages

chrome/browser/media/webrtc/media_permission.cc

Index: chrome/browser/media/webrtc/media_permission.cc
diff --git a/chrome/browser/media/webrtc/media_permission.cc b/chrome/browser/media/webrtc/media_permission.cc
index d05a130cda4b7b1020fb349a574fb19726384ce4..0ebb0d22f9d1cb997b9b282c844cd3e35b2338c3 100644
--- a/chrome/browser/media/webrtc/media_permission.cc
+++ b/chrome/browser/media/webrtc/media_permission.cc
@@ -12,10 +12,17 @@
 #include "chrome/common/pref_names.h"
 #include "content/public/browser/permission_manager.h"
 #include "content/public/browser/permission_type.h"
+#include "content/public/browser/web_contents.h"
 #include "content/public/common/url_constants.h"
 #include "extensions/common/constants.h"
 #include "third_party/WebKit/public/platform/modules/permissions/permission_status.mojom.h"
 
+#if defined(OS_CHROMEOS)
+#include "chrome/browser/chromeos/login/ui/webui_login_view.h"
+#include "chrome/browser/chromeos/settings/cros_settings.h"
+#include "chromeos/settings/cros_settings_names.h"
+#endif
+
 namespace {
 
 content::PermissionType ContentSettingsTypeToPermission(
@@ -33,11 +40,17 @@ content::PermissionType ContentSettingsTypeToPermission(
 MediaPermission::MediaPermission(ContentSettingsType content_type,
                                  const GURL& requesting_origin,
                                  const GURL& embedding_origin,
-                                 Profile* profile)
+                                 Profile* profile,
+                                 content::WebContents* web_contents)
     : content_type_(content_type),
       requesting_origin_(requesting_origin),
       embedding_origin_(embedding_origin),
-      profile_(profile) {}
+      profile_(profile),
+      web_contents_(web_contents) {
+  // Currently |web_contents_| is only used on ChromeOS but it's not worth
+  // #ifdef'ing out all its usage, so just mark it used here.
+  (void)web_contents_;

[achuithb, 2017/02/16 09:05:38]

This seems pretty sketchy. Are there any other places in the codebase where we
do this?

[raymes, 2017/02/16 10:36:14]

+jyasskin (C++ expert): Jeffrey does this seem like a reasonable approach to
you? The alternative would be to ifdef out the member in all the places. At some
point it's likely that the web_contents will get used on other platforms too.

[Sergey Ulanov, 2017/02/16 19:26:17]

ALLOW_UNUSED_LOCAL()?

[Jeffrey Yasskin, 2017/02/17 17:34:32]

That seems misleading for a non-local variable, but it does compile to the same
thing.

I'm not necessarily the best person to judge this: (void)variable is definitely
in my vocabulary, but the important question is whether it's in most
non-experts' vocabulary.

#ifdef'ing will save some memory, of course, but I doubt there are enough
MediaPermission objects for that to matter.

[raymes, 2017/02/21 01:29:55]

I'd like to stick with this for now as I think it's the most sensible way
forward. I think I've made it clear what is happening by the comment. 

[achuithb, 2017/02/21 13:54:37]

Acknowledged.

+}
 
 ContentSetting MediaPermission::GetPermissionStatus(
     content::MediaStreamRequestResult* denial_reason) const {
@@ -58,6 +71,49 @@ ContentSetting MediaPermission::GetPermissionStatus(
     return CONTENT_SETTING_BLOCK;
   }
 
+#if defined(OS_CHROMEOS)
+  // Special permissions if the request is coming from a ChromeOS login page.
+  if (chromeos::WebUILoginView::IsWebUILoginView(
+          web_contents_->GetDelegate())) {
+    if (content_type_ == CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC) {
+      *denial_reason = content::MEDIA_DEVICE_PERMISSION_DENIED;
+      return CONTENT_SETTING_BLOCK;
+    }
+
+    const chromeos::CrosSettings* const settings =
+        chromeos::CrosSettings::Get();
+    if (!settings) {
+      *denial_reason = content::MEDIA_DEVICE_PERMISSION_DENIED;
+      return CONTENT_SETTING_BLOCK;
+    }
+
+    const base::Value* const raw_list_value =
+        settings->GetPref(chromeos::kLoginVideoCaptureAllowedUrls);
+    if (!raw_list_value) {
+      *denial_reason = content::MEDIA_DEVICE_PERMISSION_DENIED;
+      return CONTENT_SETTING_BLOCK;
+    }
+
+    const base::ListValue* list_value;
+    CHECK(raw_list_value->GetAsList(&list_value));

[Sergey Ulanov, 2017/02/16 19:26:17]

It's best to avoid side-effects in CHECK() statements. If someone decides to
change this to DCHECK then release builds would stop working.
The following would be better:
 if (!raw_list_value->GetAsList(&list_value))) {
   LOG(FATAL) << "Boo";
 }

[raymes, 2017/02/21 01:29:55]

Agreed - I just copied this code over from the other file. Done.

+    for (const auto& base_value : *list_value) {
+      std::string value;
+      if (base_value->GetAsString(&value)) {
+        ContentSettingsPattern pattern =

[achuithb, 2017/02/16 09:05:38]

nit const

[raymes, 2017/02/21 01:29:55]

Done.

+            ContentSettingsPattern::FromString(value);
+        if (pattern == ContentSettingsPattern::Wildcard()) {
+          LOG(WARNING) << "Ignoring wildcard URL pattern: " << value;
+          continue;
+        }
+        if (pattern.IsValid() && pattern.Matches(requesting_origin_))
+          return CONTENT_SETTING_ALLOW;
+      }
+    }
+    *denial_reason = content::MEDIA_DEVICE_PERMISSION_DENIED;
+    return CONTENT_SETTING_BLOCK;

[achuithb, 2017/02/16 09:05:38]

Wonder if there's a way to avoid the 4x repetition of these two lines.

[raymes, 2017/02/21 01:29:55]

I don't think there's a simple way right now but it may be simpler after some
subsequent refactorings.

+  }
+#endif

[Sergey Ulanov, 2017/02/16 19:26:17]

 // defined(OS_CHROMEOS)

[raymes, 2017/02/21 01:29:55]

Done.

+
   // Check policy and content settings.
   blink::mojom::PermissionStatus status =
       permission_manager->GetPermissionStatus(