| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <memory> |
| 6 #include <string> |
| 7 #include <vector> |
| 8 |
| 9 #include "base/files/file_path.h" |
| 10 #include "base/test/null_task_runner.h" |
| 11 #include "content/browser/child_process_security_policy_impl.h" |
| 12 #include "content/browser/fileapi/browser_file_system_helper.h" |
| 13 #include "content/public/common/drop_data.h" |
| 14 #include "net/base/filename_util.h" |
| 15 #include "storage/browser/fileapi/external_mount_points.h" |
| 16 #include "storage/browser/fileapi/file_system_options.h" |
| 17 #include "storage/browser/fileapi/file_system_url.h" |
| 18 #include "storage/browser/fileapi/isolated_context.h" |
| 19 #include "storage/common/fileapi/file_system_types.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" |
| 21 #include "url/gurl.h" |
| 22 #include "url/origin.h" |
| 23 |
| 24 namespace content { |
| 25 namespace { |
| 26 |
| 27 const int kRendererID = 42; |
| 28 |
| 29 } // namespace |
| 30 |
| 31 TEST(BrowserFileSystemHelperTest, |
| 32 PrepareDropDataForChildProcess_FileSystemFiles) { |
| 33 ChildProcessSecurityPolicyImpl* p = |
| 34 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 35 p->Add(kRendererID); |
| 36 |
| 37 // Prepare |original_file| FileSystemURL that comes from a |sensitive_origin|. |
| 38 // This attempts to simulate for unit testing the drive URL from |
| 39 // https://crbug.com/705295#c23. |
| 40 const GURL kSensitiveOrigin("chrome://hhaomjibdihmijegdhdafkllkbggdgoj/"); |
| 41 const char kMountName[] = "drive-testuser%40gmail.com-hash"; |
| 42 const base::FilePath kTestPath(FILE_PATH_LITERAL("root/dir/testfile.jpg")); |
| 43 scoped_refptr<storage::ExternalMountPoints> external_mount_points = |
| 44 storage::ExternalMountPoints::CreateRefCounted(); |
| 45 external_mount_points->RegisterFileSystem( |
| 46 kMountName, storage::FileSystemType::kFileSystemTypeTest, |
| 47 storage::FileSystemMountOption(), |
| 48 base::FilePath(FILE_PATH_LITERAL("/test")).AppendASCII(kMountName)); |
| 49 storage::FileSystemURL original_file = |
| 50 external_mount_points->CreateExternalFileSystemURL(kSensitiveOrigin, |
| 51 kMountName, kTestPath); |
| 52 EXPECT_TRUE(original_file.is_valid()); |
| 53 EXPECT_EQ(kSensitiveOrigin, original_file.origin()); |
| 54 |
| 55 // Prepare fake FileSystemContext to use in the test. |
| 56 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner( |
| 57 new base::NullTaskRunner); |
| 58 scoped_refptr<base::SequencedTaskRunner> file_task_runner( |
| 59 new base::NullTaskRunner); |
| 60 storage::FileSystemOptions file_system_options( |
| 61 storage::FileSystemOptions::PROFILE_MODE_NORMAL, |
| 62 std::vector<std::string>(), nullptr); |
| 63 scoped_refptr<storage::FileSystemContext> test_file_system_context( |
| 64 new storage::FileSystemContext( |
| 65 io_task_runner.get(), file_task_runner.get(), |
| 66 external_mount_points.get(), |
| 67 nullptr, // special_storage_policy |
| 68 nullptr, // quota_manager_proxy, |
| 69 std::vector<std::unique_ptr<storage::FileSystemBackend>>(), |
| 70 std::vector<storage::URLRequestAutoMountHandler>(), |
| 71 base::FilePath(), // partition_path |
| 72 file_system_options)); |
| 73 |
| 74 // Prepare content::DropData containing |file_system_url|. |
| 75 DropData::FileSystemFileInfo filesystem_file_info; |
| 76 filesystem_file_info.url = original_file.ToGURL(); |
| 77 filesystem_file_info.size = 123; |
| 78 filesystem_file_info.filesystem_id = original_file.filesystem_id(); |
| 79 DropData drop_data; |
| 80 drop_data.file_system_files.push_back(filesystem_file_info); |
| 81 |
| 82 // Verify that initially no access is be granted to the |kSensitiveOrigin|. |
| 83 EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin)); |
| 84 |
| 85 // Verify that initially no access is granted to the |original_file|. |
| 86 EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file)); |
| 87 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file)); |
| 88 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file)); |
| 89 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file)); |
| 90 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file)); |
| 91 |
| 92 // Invoke the API under test to grant access to |drop_data|. |
| 93 PrepareDropDataForChildProcess(&drop_data, p, kRendererID, |
| 94 test_file_system_context.get()); |
| 95 |
| 96 // Verify that |drop_data| is mostly unchanged. |
| 97 EXPECT_EQ(0u, drop_data.filenames.size()); |
| 98 EXPECT_EQ(1u, drop_data.file_system_files.size()); |
| 99 EXPECT_EQ(123, drop_data.file_system_files[0].size); |
| 100 // It is okay if |drop_data.file_system_files[0].url| and |
| 101 // |drop_data.file_system_files[0].filesystem_id| change (to aid in enforcing |
| 102 // proper access patterns that are verified below). |
| 103 |
| 104 // Verify that the URL didn't change *too* much. |
| 105 storage::FileSystemURL dropped_file = |
| 106 test_file_system_context->CrackURL(drop_data.file_system_files[0].url); |
| 107 EXPECT_TRUE(dropped_file.is_valid()); |
| 108 EXPECT_EQ(original_file.origin(), dropped_file.origin()); |
| 109 EXPECT_EQ(original_file.path().BaseName(), dropped_file.path().BaseName()); |
| 110 |
| 111 // Verify that there is still no access to |kSensitiveOrigin|. |
| 112 EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin)); |
| 113 |
| 114 // Verify that there is still no access to |original_file|. |
| 115 EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file)); |
| 116 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file)); |
| 117 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file)); |
| 118 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file)); |
| 119 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file)); |
| 120 |
| 121 // Verify that read access (and no other access) is granted for |
| 122 // |dropped_file|. |
| 123 EXPECT_TRUE(p->CanReadFileSystemFile(kRendererID, dropped_file)); |
| 124 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, dropped_file)); |
| 125 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, dropped_file)); |
| 126 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, dropped_file)); |
| 127 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, dropped_file)); |
| 128 |
| 129 p->Remove(kRendererID); |
| 130 } |
| 131 |
| 132 TEST(BrowserFileSystemHelperTest, PrepareDropDataForChildProcess_LocalFiles) { |
| 133 ChildProcessSecurityPolicyImpl* p = |
| 134 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 135 p->Add(kRendererID); |
| 136 |
| 137 // Prepare content::DropData containing some local files. |
| 138 const base::FilePath kDraggedFile( |
| 139 FILE_PATH_LITERAL("/test/dragged_file.txt")); |
| 140 const base::FilePath kOtherFile(FILE_PATH_LITERAL("/test/other_file.txt")); |
| 141 DropData drop_data; |
| 142 drop_data.filenames.push_back(ui::FileInfo(kDraggedFile, base::FilePath())); |
| 143 |
| 144 // Verify that initially no access is granted to both |kDraggedFile| and |
| 145 // |kOtherFile|. |
| 146 EXPECT_FALSE(p->CanReadFile(kRendererID, kDraggedFile)); |
| 147 EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile)); |
| 148 EXPECT_FALSE( |
| 149 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile))); |
| 150 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile)); |
| 151 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile)); |
| 152 EXPECT_FALSE( |
| 153 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile))); |
| 154 |
| 155 // Invoke the API under test to grant access to |drop_data|. |
| 156 PrepareDropDataForChildProcess(&drop_data, p, kRendererID, nullptr); |
| 157 |
| 158 // Verify that |drop_data| is unchanged. |
| 159 EXPECT_EQ(0u, drop_data.file_system_files.size()); |
| 160 EXPECT_EQ(1u, drop_data.filenames.size()); |
| 161 EXPECT_EQ(kDraggedFile, drop_data.filenames[0].path); |
| 162 |
| 163 // Verify that read access (and no other access) is granted for |
| 164 // |kDraggedFile|. |
| 165 EXPECT_TRUE(p->CanReadFile(kRendererID, kDraggedFile)); |
| 166 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile)); |
| 167 EXPECT_TRUE( |
| 168 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile))); |
| 169 |
| 170 // Verify that there is still no access for |kOtherFile|. |
| 171 EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile)); |
| 172 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile)); |
| 173 EXPECT_FALSE( |
| 174 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile))); |
| 175 |
| 176 p->Remove(kRendererID); |
| 177 } |
| 178 |
| 179 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2830743004:
Extracting and unittesting PrepareDropDataForChildProcess function. (Closed)
