| Index: content/browser/fileapi/browser_file_system_helper_unittest.cc
|
| diff --git a/content/browser/fileapi/browser_file_system_helper_unittest.cc b/content/browser/fileapi/browser_file_system_helper_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..6ee2e756bf591ebf7e2b8ece39a2cbfcc9f0be7d
|
| --- /dev/null
|
| +++ b/content/browser/fileapi/browser_file_system_helper_unittest.cc
|
| @@ -0,0 +1,179 @@
|
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include <memory>
|
| +#include <string>
|
| +#include <vector>
|
| +
|
| +#include "base/files/file_path.h"
|
| +#include "base/test/null_task_runner.h"
|
| +#include "content/browser/child_process_security_policy_impl.h"
|
| +#include "content/browser/fileapi/browser_file_system_helper.h"
|
| +#include "content/public/common/drop_data.h"
|
| +#include "net/base/filename_util.h"
|
| +#include "storage/browser/fileapi/external_mount_points.h"
|
| +#include "storage/browser/fileapi/file_system_options.h"
|
| +#include "storage/browser/fileapi/file_system_url.h"
|
| +#include "storage/browser/fileapi/isolated_context.h"
|
| +#include "storage/common/fileapi/file_system_types.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +#include "url/gurl.h"
|
| +#include "url/origin.h"
|
| +
|
| +namespace content {
|
| +namespace {
|
| +
|
| +const int kRendererID = 42;
|
| +
|
| +} // namespace
|
| +
|
| +TEST(BrowserFileSystemHelperTest,
|
| + PrepareDropDataForChildProcess_FileSystemFiles) {
|
| + ChildProcessSecurityPolicyImpl* p =
|
| + ChildProcessSecurityPolicyImpl::GetInstance();
|
| + p->Add(kRendererID);
|
| +
|
| + // Prepare |original_file| FileSystemURL that comes from a |sensitive_origin|.
|
| + // This attempts to simulate for unit testing the drive URL from
|
| + // https://crbug.com/705295#c23.
|
| + const GURL kSensitiveOrigin("chrome://hhaomjibdihmijegdhdafkllkbggdgoj/");
|
| + const char kMountName[] = "drive-testuser%40gmail.com-hash";
|
| + const base::FilePath kTestPath(FILE_PATH_LITERAL("root/dir/testfile.jpg"));
|
| + scoped_refptr<storage::ExternalMountPoints> external_mount_points =
|
| + storage::ExternalMountPoints::CreateRefCounted();
|
| + external_mount_points->RegisterFileSystem(
|
| + kMountName, storage::FileSystemType::kFileSystemTypeTest,
|
| + storage::FileSystemMountOption(),
|
| + base::FilePath(FILE_PATH_LITERAL("/test")).AppendASCII(kMountName));
|
| + storage::FileSystemURL original_file =
|
| + external_mount_points->CreateExternalFileSystemURL(kSensitiveOrigin,
|
| + kMountName, kTestPath);
|
| + EXPECT_TRUE(original_file.is_valid());
|
| + EXPECT_EQ(kSensitiveOrigin, original_file.origin());
|
| +
|
| + // Prepare fake FileSystemContext to use in the test.
|
| + scoped_refptr<base::SingleThreadTaskRunner> io_task_runner(
|
| + new base::NullTaskRunner);
|
| + scoped_refptr<base::SequencedTaskRunner> file_task_runner(
|
| + new base::NullTaskRunner);
|
| + storage::FileSystemOptions file_system_options(
|
| + storage::FileSystemOptions::PROFILE_MODE_NORMAL,
|
| + std::vector<std::string>(), nullptr);
|
| + scoped_refptr<storage::FileSystemContext> test_file_system_context(
|
| + new storage::FileSystemContext(
|
| + io_task_runner.get(), file_task_runner.get(),
|
| + external_mount_points.get(),
|
| + nullptr, // special_storage_policy
|
| + nullptr, // quota_manager_proxy,
|
| + std::vector<std::unique_ptr<storage::FileSystemBackend>>(),
|
| + std::vector<storage::URLRequestAutoMountHandler>(),
|
| + base::FilePath(), // partition_path
|
| + file_system_options));
|
| +
|
| + // Prepare content::DropData containing |file_system_url|.
|
| + DropData::FileSystemFileInfo filesystem_file_info;
|
| + filesystem_file_info.url = original_file.ToGURL();
|
| + filesystem_file_info.size = 123;
|
| + filesystem_file_info.filesystem_id = original_file.filesystem_id();
|
| + DropData drop_data;
|
| + drop_data.file_system_files.push_back(filesystem_file_info);
|
| +
|
| + // Verify that initially no access is be granted to the |kSensitiveOrigin|.
|
| + EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
|
| +
|
| + // Verify that initially no access is granted to the |original_file|.
|
| + EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
|
| +
|
| + // Invoke the API under test to grant access to |drop_data|.
|
| + PrepareDropDataForChildProcess(&drop_data, p, kRendererID,
|
| + test_file_system_context.get());
|
| +
|
| + // Verify that |drop_data| is mostly unchanged.
|
| + EXPECT_EQ(0u, drop_data.filenames.size());
|
| + EXPECT_EQ(1u, drop_data.file_system_files.size());
|
| + EXPECT_EQ(123, drop_data.file_system_files[0].size);
|
| + // It is okay if |drop_data.file_system_files[0].url| and
|
| + // |drop_data.file_system_files[0].filesystem_id| change (to aid in enforcing
|
| + // proper access patterns that are verified below).
|
| +
|
| + // Verify that the URL didn't change *too* much.
|
| + storage::FileSystemURL dropped_file =
|
| + test_file_system_context->CrackURL(drop_data.file_system_files[0].url);
|
| + EXPECT_TRUE(dropped_file.is_valid());
|
| + EXPECT_EQ(original_file.origin(), dropped_file.origin());
|
| + EXPECT_EQ(original_file.path().BaseName(), dropped_file.path().BaseName());
|
| +
|
| + // Verify that there is still no access to |kSensitiveOrigin|.
|
| + EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
|
| +
|
| + // Verify that there is still no access to |original_file|.
|
| + EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
|
| + EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
|
| +
|
| + // Verify that read access (and no other access) is granted for
|
| + // |dropped_file|.
|
| + EXPECT_TRUE(p->CanReadFileSystemFile(kRendererID, dropped_file));
|
| + EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, dropped_file));
|
| + EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, dropped_file));
|
| + EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, dropped_file));
|
| + EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, dropped_file));
|
| +
|
| + p->Remove(kRendererID);
|
| +}
|
| +
|
| +TEST(BrowserFileSystemHelperTest, PrepareDropDataForChildProcess_LocalFiles) {
|
| + ChildProcessSecurityPolicyImpl* p =
|
| + ChildProcessSecurityPolicyImpl::GetInstance();
|
| + p->Add(kRendererID);
|
| +
|
| + // Prepare content::DropData containing some local files.
|
| + const base::FilePath kDraggedFile(
|
| + FILE_PATH_LITERAL("/test/dragged_file.txt"));
|
| + const base::FilePath kOtherFile(FILE_PATH_LITERAL("/test/other_file.txt"));
|
| + DropData drop_data;
|
| + drop_data.filenames.push_back(ui::FileInfo(kDraggedFile, base::FilePath()));
|
| +
|
| + // Verify that initially no access is granted to both |kDraggedFile| and
|
| + // |kOtherFile|.
|
| + EXPECT_FALSE(p->CanReadFile(kRendererID, kDraggedFile));
|
| + EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
|
| + EXPECT_FALSE(
|
| + p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
|
| + EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
|
| + EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
|
| + EXPECT_FALSE(
|
| + p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
|
| +
|
| + // Invoke the API under test to grant access to |drop_data|.
|
| + PrepareDropDataForChildProcess(&drop_data, p, kRendererID, nullptr);
|
| +
|
| + // Verify that |drop_data| is unchanged.
|
| + EXPECT_EQ(0u, drop_data.file_system_files.size());
|
| + EXPECT_EQ(1u, drop_data.filenames.size());
|
| + EXPECT_EQ(kDraggedFile, drop_data.filenames[0].path);
|
| +
|
| + // Verify that read access (and no other access) is granted for
|
| + // |kDraggedFile|.
|
| + EXPECT_TRUE(p->CanReadFile(kRendererID, kDraggedFile));
|
| + EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
|
| + EXPECT_TRUE(
|
| + p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
|
| +
|
| + // Verify that there is still no access for |kOtherFile|.
|
| + EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
|
| + EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
|
| + EXPECT_FALSE(
|
| + p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
|
| +
|
| + p->Remove(kRendererID);
|
| +}
|
| +
|
| +} // namespace content
|
|
|
Chromium Code Reviews
Issue 2830743004:
Extracting and unittesting PrepareDropDataForChildProcess function. (Closed)
