Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(124)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.h

Issue 31663002: ChildProcessSecurityPolicy: Add DeleteFromFileSystem permission. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/extensions/api/file_handlers/app_file_handler_util.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 5 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 6 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
7 7
8 8
9 #include <map> 9 #include <map>
10 #include <set> 10 #include <set>
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
50 const std::string& filesystem_id) OVERRIDE; 50 const std::string& filesystem_id) OVERRIDE;
51 virtual void GrantWriteFileSystem( 51 virtual void GrantWriteFileSystem(
52 int child_id, 52 int child_id,
53 const std::string& filesystem_id) OVERRIDE; 53 const std::string& filesystem_id) OVERRIDE;
54 virtual void GrantCreateFileForFileSystem( 54 virtual void GrantCreateFileForFileSystem(
55 int child_id, 55 int child_id,
56 const std::string& filesystem_id) OVERRIDE; 56 const std::string& filesystem_id) OVERRIDE;
57 virtual void GrantCopyIntoFileSystem( 57 virtual void GrantCopyIntoFileSystem(
58 int child_id, 58 int child_id,
59 const std::string& filesystem_id) OVERRIDE; 59 const std::string& filesystem_id) OVERRIDE;
60 virtual void GrantDeleteFromFileSystem(
61 int child_id,
62 const std::string& filesystem_id) OVERRIDE;
60 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE; 63 virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE;
61 virtual bool CanReadFile(int child_id, const base::FilePath& file) OVERRIDE; 64 virtual bool CanReadFile(int child_id, const base::FilePath& file) OVERRIDE;
62 virtual bool CanCreateReadWriteFile(int child_id, 65 virtual bool CanCreateReadWriteFile(int child_id,
63 const base::FilePath& file) OVERRIDE; 66 const base::FilePath& file) OVERRIDE;
64 virtual bool CanReadFileSystem(int child_id, 67 virtual bool CanReadFileSystem(int child_id,
65 const std::string& filesystem_id) OVERRIDE; 68 const std::string& filesystem_id) OVERRIDE;
66 virtual bool CanReadWriteFileSystem( 69 virtual bool CanReadWriteFileSystem(
67 int child_id, 70 int child_id,
68 const std::string& filesystem_id) OVERRIDE; 71 const std::string& filesystem_id) OVERRIDE;
69 virtual bool CanCopyIntoFileSystem(int child_id, 72 virtual bool CanCopyIntoFileSystem(int child_id,
70 const std::string& filesystem_id) OVERRIDE; 73 const std::string& filesystem_id) OVERRIDE;
74 virtual bool CanDeleteFromFileSystem(
75 int child_id,
76 const std::string& filesystem_id) OVERRIDE;
71 77
72 // Pseudo schemes are treated differently than other schemes because they 78 // Pseudo schemes are treated differently than other schemes because they
73 // cannot be requested like normal URLs. There is no mechanism for revoking 79 // cannot be requested like normal URLs. There is no mechanism for revoking
74 // pseudo schemes. 80 // pseudo schemes.
75 void RegisterPseudoScheme(const std::string& scheme); 81 void RegisterPseudoScheme(const std::string& scheme);
76 82
77 // Returns true iff |scheme| has been registered as pseudo scheme. 83 // Returns true iff |scheme| has been registered as pseudo scheme.
78 bool IsPseudoScheme(const std::string& scheme); 84 bool IsPseudoScheme(const std::string& scheme);
79 85
80 // Upon creation, child processes should register themselves by calling this 86 // Upon creation, child processes should register themselves by calling this
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
130 ResourceType::Type resource_type); 136 ResourceType::Type resource_type);
131 137
132 // Explicit permissions checks for FileSystemURL specified files. 138 // Explicit permissions checks for FileSystemURL specified files.
133 bool CanReadFileSystemFile(int child_id, const fileapi::FileSystemURL& url); 139 bool CanReadFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
134 bool CanWriteFileSystemFile(int child_id, const fileapi::FileSystemURL& url); 140 bool CanWriteFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
135 bool CanCreateFileSystemFile(int child_id, const fileapi::FileSystemURL& url); 141 bool CanCreateFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
136 bool CanCreateReadWriteFileSystemFile(int child_id, 142 bool CanCreateReadWriteFileSystemFile(int child_id,
137 const fileapi::FileSystemURL& url); 143 const fileapi::FileSystemURL& url);
138 bool CanCopyIntoFileSystemFile(int child_id, 144 bool CanCopyIntoFileSystemFile(int child_id,
139 const fileapi::FileSystemURL& url); 145 const fileapi::FileSystemURL& url);
146 bool CanDeleteFileSystemFile(int child_id,
147 const fileapi::FileSystemURL& url);
140 148
141 // Returns true if the specified child_id has been granted WebUIBindings. 149 // Returns true if the specified child_id has been granted WebUIBindings.
142 // The browser should check this property before assuming the child process is 150 // The browser should check this property before assuming the child process is
143 // allowed to use WebUIBindings. 151 // allowed to use WebUIBindings.
144 bool HasWebUIBindings(int child_id); 152 bool HasWebUIBindings(int child_id);
145 153
146 // Returns true if the specified child_id has been granted ReadRawCookies. 154 // Returns true if the specified child_id has been granted ReadRawCookies.
147 bool CanReadRawCookies(int child_id); 155 bool CanReadRawCookies(int child_id);
148 156
149 // Returns true if the process is permitted to read and modify the cookies for 157 // Returns true if the process is permitted to read and modify the cookies for
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
262 WorkerToMainProcessMap worker_map_; 270 WorkerToMainProcessMap worker_map_;
263 271
264 FileSystemPermissionPolicyMap file_system_policy_map_; 272 FileSystemPermissionPolicyMap file_system_policy_map_;
265 273
266 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); 274 DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
267 }; 275 };
268 276
269 } // namespace content 277 } // namespace content
270 278
271 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_ 279 #endif // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
OLDNEW
« no previous file with comments | « chrome/browser/extensions/api/file_handlers/app_file_handler_util.cc ('k') | content/browser/child_process_security_policy_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698