Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(669)

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 2830743004: Extracting and unittesting PrepareDropDataForChildProcess function. (Closed)
Patch Set: Fixing build on Windows + adding a bit more test verifications. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <set> 5 #include <set>
6 #include <string> 6 #include <string>
7 7
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/test/null_task_runner.h"
9 #include "content/browser/child_process_security_policy_impl.h" 10 #include "content/browser/child_process_security_policy_impl.h"
11 #include "content/public/common/drop_data.h"
10 #include "content/public/common/url_constants.h" 12 #include "content/public/common/url_constants.h"
11 #include "content/test/test_content_browser_client.h" 13 #include "content/test/test_content_browser_client.h"
14 #include "net/base/filename_util.h"
15 #include "storage/browser/fileapi/external_mount_points.h"
12 #include "storage/browser/fileapi/file_permission_policy.h" 16 #include "storage/browser/fileapi/file_permission_policy.h"
17 #include "storage/browser/fileapi/file_system_options.h"
13 #include "storage/browser/fileapi/file_system_url.h" 18 #include "storage/browser/fileapi/file_system_url.h"
14 #include "storage/browser/fileapi/isolated_context.h" 19 #include "storage/browser/fileapi/isolated_context.h"
15 #include "storage/common/fileapi/file_system_types.h" 20 #include "storage/common/fileapi/file_system_types.h"
16 #include "testing/gtest/include/gtest/gtest.h" 21 #include "testing/gtest/include/gtest/gtest.h"
17 #include "url/gurl.h" 22 #include "url/gurl.h"
18 #include "url/origin.h" 23 #include "url/origin.h"
19 24
20 namespace content { 25 namespace content {
21 namespace { 26 namespace {
22 27
(...skipping 863 matching lines...) Expand 10 before | Expand all | Expand 10 after
886 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); 891 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1));
887 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); 892 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2));
888 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); 893 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar));
889 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); 894 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1));
890 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); 895 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2));
891 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); 896 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar));
892 897
893 p->Remove(kRendererID); 898 p->Remove(kRendererID);
894 } 899 }
895 900
901 TEST_F(ChildProcessSecurityPolicyTest, DropDataGrantsTest_FileSystemFiles) {
902 ChildProcessSecurityPolicyImpl* p =
903 ChildProcessSecurityPolicyImpl::GetInstance();
904 p->Add(kRendererID);
905
906 // Prepare |original_file| FileSystemURL that comes from a |sensitive_origin|.
907 // This attempts to simulate for unit testing the drive URL from
908 // https://crbug.com/705295#c23.
909 const GURL kSensitiveOrigin("chrome://hhaomjibdihmijegdhdafkllkbggdgoj/");
910 const char kMountName[] = "drive-testuser%40gmail.com-hash";
911 const base::FilePath kTestPath(FILE_PATH_LITERAL("root/dir/testfile.jpg"));
912 scoped_refptr<storage::ExternalMountPoints> external_mount_points =
913 storage::ExternalMountPoints::CreateRefCounted();
914 external_mount_points->RegisterFileSystem(
915 kMountName, storage::FileSystemType::kFileSystemTypeTest,
916 storage::FileSystemMountOption(),
917 base::FilePath(FILE_PATH_LITERAL("/test")).AppendASCII(kMountName));
918 storage::FileSystemURL original_file =
919 external_mount_points->CreateExternalFileSystemURL(kSensitiveOrigin,
920 kMountName, kTestPath);
921 EXPECT_TRUE(original_file.is_valid());
922 EXPECT_EQ(kSensitiveOrigin, original_file.origin());
923
924 // Prepare fake FileSystemContext to use in the test.
925 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner(
926 new base::NullTaskRunner);
927 scoped_refptr<base::SequencedTaskRunner> file_task_runner(
928 new base::NullTaskRunner);
929 storage::FileSystemOptions file_system_options(
930 storage::FileSystemOptions::PROFILE_MODE_NORMAL,
931 std::vector<std::string>(), nullptr);
932 scoped_refptr<storage::FileSystemContext> test_file_system_context(
933 new storage::FileSystemContext(
934 io_task_runner.get(), file_task_runner.get(),
935 external_mount_points.get(),
936 nullptr, // special_storage_policy
937 nullptr, // quota_manager_proxy,
938 std::vector<std::unique_ptr<storage::FileSystemBackend>>(),
939 std::vector<storage::URLRequestAutoMountHandler>(),
940 base::FilePath(), // partition_path
941 file_system_options));
942
943 // Prepare content::DropData containing |file_system_url|.
944 DropData::FileSystemFileInfo filesystem_file_info;
945 filesystem_file_info.url = original_file.ToGURL();
946 filesystem_file_info.size = 123;
947 filesystem_file_info.filesystem_id = original_file.filesystem_id();
948 DropData drop_data;
949 drop_data.file_system_files.push_back(filesystem_file_info);
950
951 // Verify that initially no access is be granted to the |kSensitiveOrigin|.
952 EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
953
954 // Verify that initially no access is granted to the |original_file|.
955 EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
956 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
957 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
958 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
959 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
960
961 // Invoke the API under test to grant access to |drop_data|.
962 p->GrantFileAccessFromDropData(kRendererID, test_file_system_context.get(),
963 &drop_data);
964
965 // Verify that |drop_data| is mostly unchanged.
966 EXPECT_EQ(0u, drop_data.filenames.size());
967 EXPECT_EQ(1u, drop_data.file_system_files.size());
968 EXPECT_EQ(123, drop_data.file_system_files[0].size);
969 // It is okay if |drop_data.file_system_files[0].url| and
970 // |drop_data.file_system_files[0].filesystem_id| change (to aid in enforcing
971 // proper access patterns that are verified below).
972
973 // Verify that the URL didn't change *too* much.
974 storage::FileSystemURL dropped_file =
975 test_file_system_context->CrackURL(drop_data.file_system_files[0].url);
976 EXPECT_TRUE(dropped_file.is_valid());
977 EXPECT_EQ(original_file.origin(), dropped_file.origin());
978 EXPECT_EQ(original_file.path().BaseName(), dropped_file.path().BaseName());
979
980 // Verify that there is still no access to |kSensitiveOrigin|.
981 EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
982
983 // Verify that there is still no access to |original_file|.
984 EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
985 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
986 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
987 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
988 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
989
990 // Verify that read access (and no other access) is granted for
991 // |dropped_file|.
992 EXPECT_TRUE(p->CanReadFileSystemFile(kRendererID, dropped_file));
993 EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, dropped_file));
994 EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, dropped_file));
995 EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, dropped_file));
996 EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, dropped_file));
997
998 p->Remove(kRendererID);
999 }
1000
1001 TEST_F(ChildProcessSecurityPolicyTest, DropDataGrantsTest_LocalFiles) {
1002 ChildProcessSecurityPolicyImpl* p =
1003 ChildProcessSecurityPolicyImpl::GetInstance();
1004 p->Add(kRendererID);
1005
1006 // Prepare content::DropData containing some local files.
1007 const base::FilePath kDraggedFile(
1008 FILE_PATH_LITERAL("/test/dragged_file.txt"));
1009 const base::FilePath kOtherFile(FILE_PATH_LITERAL("/test/other_file.txt"));
1010 DropData drop_data;
1011 drop_data.filenames.push_back(ui::FileInfo(kDraggedFile, base::FilePath()));
1012
1013 // Verify that initially no access is granted to both |kDraggedFile| and
1014 // |kOtherFile|.
1015 EXPECT_FALSE(p->CanReadFile(kRendererID, kDraggedFile));
1016 EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
1017 EXPECT_FALSE(
1018 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
1019 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
1020 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
1021 EXPECT_FALSE(
1022 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
1023
1024 // Invoke the API under test to grant access to |drop_data|.
1025 p->GrantFileAccessFromDropData(kRendererID, nullptr, &drop_data);
1026
1027 // Verify that |drop_data| is unchanged.
1028 EXPECT_EQ(0u, drop_data.file_system_files.size());
1029 EXPECT_EQ(1u, drop_data.filenames.size());
1030 EXPECT_EQ(kDraggedFile, drop_data.filenames[0].path);
1031
1032 // Verify that read access (and no other access) is granted for
1033 // |kDraggedFile|.
1034 EXPECT_TRUE(p->CanReadFile(kRendererID, kDraggedFile));
1035 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
1036 EXPECT_TRUE(
1037 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
1038
1039 // Verify that there is still no access for |kOtherFile|.
1040 EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
1041 EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
1042 EXPECT_FALSE(
1043 p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
1044
1045 p->Remove(kRendererID);
1046 }
1047
896 } // namespace content 1048 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698