Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(729)

Side by Side Diff: chrome/browser/drive/fake_drive_service.cc

Issue 445793003: Add permission check to FakeDriveService (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/drive/fake_drive_service.h" 5 #include "chrome/browser/drive/fake_drive_service.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/file_util.h" 9 #include "base/file_util.h"
10 #include "base/json/json_string_value_serializer.h" 10 #include "base/json/json_string_value_serializer.h"
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
43 using google_apis::FileResource; 43 using google_apis::FileResource;
44 using google_apis::FileResourceCallback; 44 using google_apis::FileResourceCallback;
45 using google_apis::GDATA_FILE_ERROR; 45 using google_apis::GDATA_FILE_ERROR;
46 using google_apis::GDATA_NO_CONNECTION; 46 using google_apis::GDATA_NO_CONNECTION;
47 using google_apis::GDATA_OTHER_ERROR; 47 using google_apis::GDATA_OTHER_ERROR;
48 using google_apis::GDataErrorCode; 48 using google_apis::GDataErrorCode;
49 using google_apis::GetContentCallback; 49 using google_apis::GetContentCallback;
50 using google_apis::GetShareUrlCallback; 50 using google_apis::GetShareUrlCallback;
51 using google_apis::HTTP_BAD_REQUEST; 51 using google_apis::HTTP_BAD_REQUEST;
52 using google_apis::HTTP_CREATED; 52 using google_apis::HTTP_CREATED;
53 using google_apis::HTTP_FORBIDDEN;
53 using google_apis::HTTP_NOT_FOUND; 54 using google_apis::HTTP_NOT_FOUND;
54 using google_apis::HTTP_NO_CONTENT; 55 using google_apis::HTTP_NO_CONTENT;
55 using google_apis::HTTP_PRECONDITION; 56 using google_apis::HTTP_PRECONDITION;
56 using google_apis::HTTP_RESUME_INCOMPLETE; 57 using google_apis::HTTP_RESUME_INCOMPLETE;
57 using google_apis::HTTP_SUCCESS; 58 using google_apis::HTTP_SUCCESS;
58 using google_apis::InitiateUploadCallback; 59 using google_apis::InitiateUploadCallback;
59 using google_apis::ParentReference; 60 using google_apis::ParentReference;
60 using google_apis::ProgressCallback; 61 using google_apis::ProgressCallback;
61 using google_apis::UploadRangeResponse; 62 using google_apis::UploadRangeResponse;
62 using google_apis::drive::UploadRangeCallback; 63 using google_apis::drive::UploadRangeCallback;
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
124 file_list->set_next_link(change_list->next_link()); 125 file_list->set_next_link(change_list->next_link());
125 for (size_t i = 0; i < change_list->items().size(); ++i) { 126 for (size_t i = 0; i < change_list->items().size(); ++i) {
126 const ChangeResource& entry = *change_list->items()[i]; 127 const ChangeResource& entry = *change_list->items()[i];
127 if (entry.file()) 128 if (entry.file())
128 file_list->mutable_items()->push_back(new FileResource(*entry.file())); 129 file_list->mutable_items()->push_back(new FileResource(*entry.file()));
129 } 130 }
130 } 131 }
131 callback.Run(error, file_list.Pass()); 132 callback.Run(error, file_list.Pass());
132 } 133 }
133 134
135 bool UserHasWriteAccess(google_apis::drive::PermissionRole user_permission) {
136 switch (user_permission) {
137 case google_apis::drive::PERMISSION_ROLE_OWNER:
138 case google_apis::drive::PERMISSION_ROLE_WRITER:
139 return true;
140 case google_apis::drive::PERMISSION_ROLE_READER:
141 case google_apis::drive::PERMISSION_ROLE_COMMENTER:
142 break;
143 }
144 return false;
145 }
146
134 } // namespace 147 } // namespace
135 148
136 struct FakeDriveService::EntryInfo { 149 struct FakeDriveService::EntryInfo {
150 EntryInfo() : user_permission(google_apis::drive::PERMISSION_ROLE_OWNER) {}
151
137 google_apis::ChangeResource change_resource; 152 google_apis::ChangeResource change_resource;
138 GURL share_url; 153 GURL share_url;
139 std::string content_data; 154 std::string content_data;
155
156 // Behaves in the same way as "userPermission" described in
157 // https://developers.google.com/drive/v2/reference/files
158 google_apis::drive::PermissionRole user_permission;
140 }; 159 };
141 160
142 struct FakeDriveService::UploadSession { 161 struct FakeDriveService::UploadSession {
143 std::string content_type; 162 std::string content_type;
144 int64 content_length; 163 int64 content_length;
145 std::string parent_resource_id; 164 std::string parent_resource_id;
146 std::string resource_id; 165 std::string resource_id;
147 std::string etag; 166 std::string etag;
148 std::string title; 167 std::string title;
149 168
(...skipping 452 matching lines...) Expand 10 before | Expand all | Expand 10 after
602 FROM_HERE, base::Bind(callback, HTTP_NOT_FOUND)); 621 FROM_HERE, base::Bind(callback, HTTP_NOT_FOUND));
603 return CancelCallback(); 622 return CancelCallback();
604 } 623 }
605 624
606 if (!etag.empty() && etag != file->etag()) { 625 if (!etag.empty() && etag != file->etag()) {
607 base::MessageLoop::current()->PostTask( 626 base::MessageLoop::current()->PostTask(
608 FROM_HERE, base::Bind(callback, HTTP_PRECONDITION)); 627 FROM_HERE, base::Bind(callback, HTTP_PRECONDITION));
609 return CancelCallback(); 628 return CancelCallback();
610 } 629 }
611 630
631 if (entry->user_permission != google_apis::drive::PERMISSION_ROLE_OWNER) {
632 base::MessageLoop::current()->PostTask(
633 FROM_HERE, base::Bind(callback, HTTP_FORBIDDEN));
634 return CancelCallback();
635 }
636
612 change->set_deleted(true); 637 change->set_deleted(true);
613 AddNewChangestamp(change); 638 AddNewChangestamp(change);
614 change->set_file(scoped_ptr<FileResource>()); 639 change->set_file(scoped_ptr<FileResource>());
615 base::MessageLoop::current()->PostTask( 640 base::MessageLoop::current()->PostTask(
616 FROM_HERE, base::Bind(callback, HTTP_NO_CONTENT)); 641 FROM_HERE, base::Bind(callback, HTTP_NO_CONTENT));
617 return CancelCallback(); 642 return CancelCallback();
618 } 643 }
619 644
620 base::MessageLoop::current()->PostTask( 645 base::MessageLoop::current()->PostTask(
621 FROM_HERE, base::Bind(callback, HTTP_NOT_FOUND)); 646 FROM_HERE, base::Bind(callback, HTTP_NOT_FOUND));
(...skipping 12 matching lines...) Expand all
634 return CancelCallback(); 659 return CancelCallback();
635 } 660 }
636 661
637 EntryInfo* entry = FindEntryByResourceId(resource_id); 662 EntryInfo* entry = FindEntryByResourceId(resource_id);
638 if (entry) { 663 if (entry) {
639 ChangeResource* change = &entry->change_resource; 664 ChangeResource* change = &entry->change_resource;
640 FileResource* file = change->mutable_file(); 665 FileResource* file = change->mutable_file();
641 GDataErrorCode error = google_apis::GDATA_OTHER_ERROR; 666 GDataErrorCode error = google_apis::GDATA_OTHER_ERROR;
642 if (change->is_deleted() || file->labels().is_trashed()) { 667 if (change->is_deleted() || file->labels().is_trashed()) {
643 error = HTTP_NOT_FOUND; 668 error = HTTP_NOT_FOUND;
669 } else if (entry->user_permission !=
670 google_apis::drive::PERMISSION_ROLE_OWNER) {
671 error = HTTP_FORBIDDEN;
644 } else { 672 } else {
645 file->mutable_labels()->set_trashed(true); 673 file->mutable_labels()->set_trashed(true);
646 AddNewChangestamp(change); 674 AddNewChangestamp(change);
647 error = HTTP_SUCCESS; 675 error = HTTP_SUCCESS;
648 } 676 }
649 base::MessageLoop::current()->PostTask( 677 base::MessageLoop::current()->PostTask(
650 FROM_HERE, base::Bind(callback, error)); 678 FROM_HERE, base::Bind(callback, error));
651 return CancelCallback(); 679 return CancelCallback();
652 } 680 }
653 681
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after
807 835
808 if (offline_) { 836 if (offline_) {
809 base::MessageLoop::current()->PostTask( 837 base::MessageLoop::current()->PostTask(
810 FROM_HERE, base::Bind(callback, GDATA_NO_CONNECTION, 838 FROM_HERE, base::Bind(callback, GDATA_NO_CONNECTION,
811 base::Passed(scoped_ptr<FileResource>()))); 839 base::Passed(scoped_ptr<FileResource>())));
812 return CancelCallback(); 840 return CancelCallback();
813 } 841 }
814 842
815 EntryInfo* entry = FindEntryByResourceId(resource_id); 843 EntryInfo* entry = FindEntryByResourceId(resource_id);
816 if (entry) { 844 if (entry) {
845 if (!UserHasWriteAccess(entry->user_permission)) {
846 base::MessageLoop::current()->PostTask(
847 FROM_HERE,
848 base::Bind(callback, HTTP_FORBIDDEN,
849 base::Passed(scoped_ptr<FileResource>())));
850 return CancelCallback();
851 }
852
817 ChangeResource* change = &entry->change_resource; 853 ChangeResource* change = &entry->change_resource;
818 FileResource* file = change->mutable_file(); 854 FileResource* file = change->mutable_file();
819 855
820 if (!new_title.empty()) 856 if (!new_title.empty())
821 file->set_title(new_title); 857 file->set_title(new_title);
822 858
823 // Set parent if necessary. 859 // Set parent if necessary.
824 if (!parent_resource_id.empty()) { 860 if (!parent_resource_id.empty()) {
825 ParentReference parent; 861 ParentReference parent;
826 parent.set_file_id(parent_resource_id); 862 parent.set_file_id(parent_resource_id);
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after
993 } 1029 }
994 1030
995 EntryInfo* entry = FindEntryByResourceId(resource_id); 1031 EntryInfo* entry = FindEntryByResourceId(resource_id);
996 if (!entry) { 1032 if (!entry) {
997 base::MessageLoop::current()->PostTask( 1033 base::MessageLoop::current()->PostTask(
998 FROM_HERE, 1034 FROM_HERE,
999 base::Bind(callback, HTTP_NOT_FOUND, GURL())); 1035 base::Bind(callback, HTTP_NOT_FOUND, GURL()));
1000 return CancelCallback(); 1036 return CancelCallback();
1001 } 1037 }
1002 1038
1039 if (!UserHasWriteAccess(entry->user_permission)) {
1040 base::MessageLoop::current()->PostTask(
1041 FROM_HERE,
1042 base::Bind(callback, HTTP_FORBIDDEN, GURL()));
1043 return CancelCallback();
1044 }
1045
1003 FileResource* file = entry->change_resource.mutable_file(); 1046 FileResource* file = entry->change_resource.mutable_file();
1004 if (!options.etag.empty() && options.etag != file->etag()) { 1047 if (!options.etag.empty() && options.etag != file->etag()) {
1005 base::MessageLoop::current()->PostTask( 1048 base::MessageLoop::current()->PostTask(
1006 FROM_HERE, 1049 FROM_HERE,
1007 base::Bind(callback, HTTP_PRECONDITION, GURL())); 1050 base::Bind(callback, HTTP_PRECONDITION, GURL()));
1008 return CancelCallback(); 1051 return CancelCallback();
1009 } 1052 }
1010 // TODO(hashimoto): Update |file|'s metadata with |options|. 1053 // TODO(hashimoto): Update |file|'s metadata with |options|.
1011 1054
1012 GURL session_url = GetNewUploadSessionUrl(); 1055 GURL session_url = GetNewUploadSessionUrl();
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
1309 ChangeResource* change = &entry->change_resource; 1352 ChangeResource* change = &entry->change_resource;
1310 FileResource* file = change->mutable_file(); 1353 FileResource* file = change->mutable_file();
1311 file->set_modified_date(last_modified_time); 1354 file->set_modified_date(last_modified_time);
1312 1355
1313 base::MessageLoop::current()->PostTask( 1356 base::MessageLoop::current()->PostTask(
1314 FROM_HERE, 1357 FROM_HERE,
1315 base::Bind(callback, HTTP_SUCCESS, 1358 base::Bind(callback, HTTP_SUCCESS,
1316 base::Passed(make_scoped_ptr(new FileResource(*file))))); 1359 base::Passed(make_scoped_ptr(new FileResource(*file)))));
1317 } 1360 }
1318 1361
1362 google_apis::GDataErrorCode FakeDriveService::SetUserPermission(
1363 const std::string& resource_id,
1364 google_apis::drive::PermissionRole user_permission) {
1365 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
1366
1367 EntryInfo* entry = FindEntryByResourceId(resource_id);
1368 if (!entry)
1369 return HTTP_NOT_FOUND;
1370
1371 entry->user_permission = user_permission;
1372 return HTTP_SUCCESS;
1373 }
1374
1319 FakeDriveService::EntryInfo* FakeDriveService::FindEntryByResourceId( 1375 FakeDriveService::EntryInfo* FakeDriveService::FindEntryByResourceId(
1320 const std::string& resource_id) { 1376 const std::string& resource_id) {
1321 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 1377 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
1322 1378
1323 EntryInfoMap::iterator it = entries_.find(resource_id); 1379 EntryInfoMap::iterator it = entries_.find(resource_id);
1324 // Deleted entries don't have FileResource. 1380 // Deleted entries don't have FileResource.
1325 return it != entries_.end() && it->second->change_resource.file() ? 1381 return it != entries_.end() && it->second->change_resource.file() ?
1326 it->second : NULL; 1382 it->second : NULL;
1327 } 1383 }
1328 1384
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after
1557 google_apis::drive::PermissionRole role, 1613 google_apis::drive::PermissionRole role,
1558 const google_apis::EntryActionCallback& callback) { 1614 const google_apis::EntryActionCallback& callback) {
1559 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 1615 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
1560 DCHECK(!callback.is_null()); 1616 DCHECK(!callback.is_null());
1561 1617
1562 NOTREACHED(); 1618 NOTREACHED();
1563 return CancelCallback(); 1619 return CancelCallback();
1564 } 1620 }
1565 1621
1566 } // namespace drive 1622 } // namespace drive
OLDNEW
« no previous file with comments | « chrome/browser/drive/fake_drive_service.h ('k') | chrome/browser/drive/fake_drive_service_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698