mojo/services/public/cpp/view_manager/lib/view_tree_node.cc - Issue 296133012: Some security checks around destruction/setting bounds.

Side by Side Diff: mojo/services/public/cpp/view_manager/lib/view_tree_node.cc

Issue 296133012: Some security checks around destruction/setting bounds. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « mojo/services/public/cpp/view_manager/lib/view_manager_synchronizer.cc ('k') | mojo/services/public/cpp/view_manager/tests/view_manager_unittest.cc » ('j') | mojo/services/view_manager/node.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "mojo/services/public/cpp/view_manager/view_tree_node.h"	5 #include "mojo/services/public/cpp/view_manager/view_tree_node.h"

6	6

7 #include "mojo/services/public/cpp/view_manager/lib/view_manager_private.h"	7 #include "mojo/services/public/cpp/view_manager/lib/view_manager_private.h"

8 #include "mojo/services/public/cpp/view_manager/lib/view_manager_synchronizer.h"	8 #include "mojo/services/public/cpp/view_manager/lib/view_manager_synchronizer.h"

9 #include "mojo/services/public/cpp/view_manager/lib/view_private.h"	9 #include "mojo/services/public/cpp/view_manager/lib/view_private.h"

10 #include "mojo/services/public/cpp/view_manager/lib/view_tree_node_private.h"	10 #include "mojo/services/public/cpp/view_manager/lib/view_tree_node_private.h"

(...skipping 162 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
173 *ViewTreeNodePrivate(node_).observers(),	173 *ViewTreeNodePrivate(node_).observers(),

174 OnNodeDestroy(node_, ViewTreeNodeObserver::DISPOSITION_CHANGED));	174 OnNodeDestroy(node_, ViewTreeNodeObserver::DISPOSITION_CHANGED));

175 }	175 }

176	176

177 private:	177 private:

178 ViewTreeNode* node_;	178 ViewTreeNode* node_;

179	179

180 DISALLOW_COPY_AND_ASSIGN(ScopedDestructionNotifier);	180 DISALLOW_COPY_AND_ASSIGN(ScopedDestructionNotifier);

181 };	181 };

182	182

	183 // Some operations are only permitted in the connection that created the node.

	184 bool CanMutateNode(ViewManager* manager, ViewTreeNode* node) {
	sky 2014/05/23 13:16:29 Maybe this should be named OwnedNode since some mu Maybe this should be named OwnedNode since some mutations are still allowed for nodes from other connections.
	185 return !manager \|\|

	186 ViewManagerPrivate(manager).synchronizer()->OwnsNode(node->id());

	187 }

	188

183 } // namespace	189 } // namespace

184	190

185 ////////////////////////////////////////////////////////////////////////////////	191 ////////////////////////////////////////////////////////////////////////////////

186 // ViewTreeNode, public:	192 // ViewTreeNode, public:

187	193

188 // static	194 // static

189 ViewTreeNode* ViewTreeNode::Create(ViewManager* view_manager) {	195 ViewTreeNode* ViewTreeNode::Create(ViewManager* view_manager) {

190 ViewTreeNode* node = new ViewTreeNode(view_manager);	196 ViewTreeNode* node = new ViewTreeNode(view_manager);

191 ViewManagerPrivate(view_manager).AddNode(node->id(), node);	197 ViewManagerPrivate(view_manager).AddNode(node->id(), node);

192 return node;	198 return node;

193 }	199 }

194	200

195 void ViewTreeNode::Destroy() {	201 void ViewTreeNode::Destroy() {

196 // TODO(beng): only proceed if \|manager_\| OwnsNode(this).	202 if (!CanMutateNode(manager_, this))

	203 return;

	204

197 if (manager_)	205 if (manager_)

198 ViewManagerPrivate(manager_).synchronizer()->DestroyViewTreeNode(id_);	206 ViewManagerPrivate(manager_).synchronizer()->DestroyViewTreeNode(id_);

199 while (!children_.empty())	207 while (!children_.empty())

200 children_.front()->Destroy();	208 children_.front()->Destroy();

201 LocalDestroy();	209 LocalDestroy();

202 }	210 }

203	211

204 void ViewTreeNode::SetBounds(const gfx::Rect& bounds) {	212 void ViewTreeNode::SetBounds(const gfx::Rect& bounds) {

205 // TODO(beng): only proceed if \|manager_\| OwnsNode(this).	213 if (!CanMutateNode(manager_, this))

	214 return;

	215

206 if (manager_)	216 if (manager_)

207 ViewManagerPrivate(manager_).synchronizer()->SetBounds(id_, bounds);	217 ViewManagerPrivate(manager_).synchronizer()->SetBounds(id_, bounds);

208 LocalSetBounds(bounds_, bounds);	218 LocalSetBounds(bounds_, bounds);

209 }	219 }

210	220

211 void ViewTreeNode::AddObserver(ViewTreeNodeObserver* observer) {	221 void ViewTreeNode::AddObserver(ViewTreeNodeObserver* observer) {

212 observers_.AddObserver(observer);	222 observers_.AddObserver(observer);

213 }	223 }

214	224

215 void ViewTreeNode::RemoveObserver(ViewTreeNodeObserver* observer) {	225 void ViewTreeNode::RemoveObserver(ViewTreeNodeObserver* observer) {

216 observers_.RemoveObserver(observer);	226 observers_.RemoveObserver(observer);

217 }	227 }

218	228

219 void ViewTreeNode::AddChild(ViewTreeNode* child) {	229 void ViewTreeNode::AddChild(ViewTreeNode* child) {

	230 // TODO(beng): not necessarily valid to all connections, but possibly to the

	231 // embeddee in an embedder-embeddee relationship.

220 if (manager_)	232 if (manager_)

221 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);	233 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);

222 LocalAddChild(child);	234 LocalAddChild(child);

223 if (manager_)	235 if (manager_)

224 ViewManagerPrivate(manager_).synchronizer()->AddChild(child->id(), id_);	236 ViewManagerPrivate(manager_).synchronizer()->AddChild(child->id(), id_);

225 }	237 }

226	238

227 void ViewTreeNode::RemoveChild(ViewTreeNode* child) {	239 void ViewTreeNode::RemoveChild(ViewTreeNode* child) {

	240 // TODO(beng): not necessarily valid to all connections, but possibly to the

	241 // embeddee in an embedder-embeddee relationship.

228 if (manager_)	242 if (manager_)

229 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);	243 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);

230 LocalRemoveChild(child);	244 LocalRemoveChild(child);

231 if (manager_)	245 if (manager_)

232 ViewManagerPrivate(manager_).synchronizer()->RemoveChild(child->id(), id_);	246 ViewManagerPrivate(manager_).synchronizer()->RemoveChild(child->id(), id_);

233 }	247 }

234	248

235 bool ViewTreeNode::Contains(ViewTreeNode* child) const {	249 bool ViewTreeNode::Contains(ViewTreeNode* child) const {

236 if (manager_)	250 if (manager_)

237 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);	251 CHECK_EQ(ViewTreeNodePrivate(child).view_manager(), manager_);

(...skipping 11 matching lines...) Expand all Loading...
249 Children::const_iterator it = children_.begin();	263 Children::const_iterator it = children_.begin();

250 for (; it != children_.end(); ++it) {	264 for (; it != children_.end(); ++it) {

251 ViewTreeNode* node = (*it)->GetChildById(id);	265 ViewTreeNode* node = (*it)->GetChildById(id);

252 if (node)	266 if (node)

253 return node;	267 return node;

254 }	268 }

255 return NULL;	269 return NULL;

256 }	270 }

257	271

258 void ViewTreeNode::SetActiveView(View* view) {	272 void ViewTreeNode::SetActiveView(View* view) {

	273 // TODO(beng): not necessarily valid to all connections, but possibly to the

	274 // embeddee in an embedder-embeddee relationship.

259 if (manager_)	275 if (manager_)

260 CHECK_EQ(ViewPrivate(view).view_manager(), manager_);	276 CHECK_EQ(ViewPrivate(view).view_manager(), manager_);

261 LocalSetActiveView(view);	277 LocalSetActiveView(view);

262 if (manager_) {	278 if (manager_) {

263 ViewManagerPrivate(manager_).synchronizer()->SetActiveView(	279 ViewManagerPrivate(manager_).synchronizer()->SetActiveView(

264 id_, active_view_->id());	280 id_, active_view_->id());

265 }	281 }

266 }	282 }

267	283

268 ////////////////////////////////////////////////////////////////////////////////	284 ////////////////////////////////////////////////////////////////////////////////

(...skipping 52 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
321 void ViewTreeNode::LocalSetBounds(const gfx::Rect& old_bounds,	337 void ViewTreeNode::LocalSetBounds(const gfx::Rect& old_bounds,

322 const gfx::Rect& new_bounds) {	338 const gfx::Rect& new_bounds) {

323 DCHECK(old_bounds == bounds_);	339 DCHECK(old_bounds == bounds_);

324 ScopedSetBoundsNotifier notifier(this, old_bounds, new_bounds);	340 ScopedSetBoundsNotifier notifier(this, old_bounds, new_bounds);

325 bounds_ = new_bounds;	341 bounds_ = new_bounds;

326 }	342 }

327	343

328 } // namespace view_manager	344 } // namespace view_manager

329 } // namespace mojo	345 } // namespace mojo

330	346

OLD	NEW