Extracting and unittesting PrepareDropDataForChildProcess function.

content/browser/child_process_security_policy_impl.h

Index: content/browser/child_process_security_policy_impl.h
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h
index 82f0e9be22c660dd30f0c11eb4c58e775405cf78..e8edcfe6f00d115d3b328ac2f107ca7d8a74164b 100644
--- a/content/browser/child_process_security_policy_impl.h
+++ b/content/browser/child_process_security_policy_impl.h
@@ -27,11 +27,14 @@ class FilePath;
 }
 
 namespace storage {
+class FileSystemContext;
 class FileSystemURL;
 }
 
 namespace content {
 
+struct DropData;
+
 class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
     : NON_EXPORTED_BASE(public ChildProcessSecurityPolicy) {
  public:
@@ -170,6 +173,18 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
   // Returns true if sending system exclusive messages is allowed.
   bool CanSendMidiSysExMessage(int child_id);
 
+  // Grants |child_id| access to the data in |drop_data| (mutating |drop_data|
+  // if needed - e.g. putting in isolated filesystem entries if needed).
+  //
+  // At a high-level, this method:
+  // 1. Grants permissions to URL (if any)
+  // 2. Grants permissions to filenames (via IsolatedContest)
+  // 3. Grants permissions to file system files (via IsolatedContest).
+  void GrantFileAccessFromDropData(
+      int child_id,
+      const storage::FileSystemContext* file_system_context,
+      DropData* drop_data);
+
  private:
   friend class ChildProcessSecurityPolicyInProcessBrowserTest;
   friend class ChildProcessSecurityPolicyTest;