Check all settings when checking mic and camera access

chrome/browser/media/media_stream_devices_controller.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/media/media_stream_devices_controller.h"
 
-#include "base/command_line.h"
 #include "base/metrics/histogram.h"
-#include "base/prefs/pref_service.h"
 #include "base/prefs/scoped_user_pref_update.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/values.h"
 #include "chrome/browser/content_settings/content_settings_provider.h"
 #include "chrome/browser/content_settings/host_content_settings_map.h"
 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
 #include "chrome/browser/media/media_capture_devices_dispatcher.h"
 #include "chrome/browser/media/media_stream_capture_indicator.h"
+#include "chrome/browser/media/media_stream_device_permissions.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/content_settings.h"
 #include "chrome/common/content_settings_pattern.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/grit/generated_resources.h"
 #include "components/pref_registry/pref_registry_syncable.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_widget_host_view.h"
 #include "content/public/common/media_stream_request.h"
 #include "extensions/common/constants.h"
 #include "grit/theme_resources.h"
 #include "ui/base/l10n/l10n_util.h"
 
-#if defined(OS_CHROMEOS)
-#include "components/user_manager/user_manager.h"
-#endif
-
 using content::BrowserThread;
 
 namespace {
 
 bool HasAvailableDevicesForRequest(const content::MediaStreamRequest& request) {
   const content::MediaStreamDevices* audio_devices =
       request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE ?
           &MediaCaptureDevicesDispatcher::GetInstance()
               ->GetAudioCaptureDevices() :
           NULL;
@@ skipping 27 matching lines @@
   }
 
   if (!request.requested_video_device_id.empty() &&
       !video_devices->FindById(request.requested_video_device_id)) {
     return false;
   }
 
   return true;
 }
 
-bool IsInKioskMode() {
-  if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kKioskMode))
-    return true;
-
-#if defined(OS_CHROMEOS)
-  const user_manager::UserManager* user_manager =
-      user_manager::UserManager::Get();
-  return user_manager && user_manager->IsLoggedInAsKioskApp();
-#else
-  return false;
-#endif
-}
-
 enum DevicePermissionActions {
   kAllowHttps = 0,
   kAllowHttp,
   kDeny,
   kCancel,
   kPermissionActionsMax  // Must always be last!
 };
 
 }  // namespace
 
@@ skipping 20 matching lines @@
   // For MEDIA_OPEN_DEVICE requests (Pepper) we always request both webcam
   // and microphone to avoid popping two infobars.
   // We start with setting the requested media type to allowed or blocked
   // depending on the policy. If not blocked by policy it may be blocked later
   // in the two remaining filtering steps (by user setting or by user when
   // clicking the infobar).
   // TODO(grunell): It's not the nicest solution to let the MEDIA_OPEN_DEVICE
   // case take a ride on the MEDIA_DEVICE_*_CAPTURE permission. Should be fixed.
   if (request.audio_type == content::MEDIA_DEVICE_AUDIO_CAPTURE ||
       request.request_type == content::MEDIA_OPEN_DEVICE) {
-    if (GetDevicePolicy(prefs::kAudioCaptureAllowed,
+    if (GetDevicePolicy(profile_,
+                        request_.security_origin,
+                        prefs::kAudioCaptureAllowed,
                         prefs::kAudioCaptureAllowedUrls) == ALWAYS_DENY) {
       request_permissions_.insert(std::make_pair(
           content::MEDIA_DEVICE_AUDIO_CAPTURE,
           MediaStreamTypeSettings(MEDIA_BLOCKED_BY_POLICY,
                                   request.requested_audio_device_id)));
     } else {
       request_permissions_.insert(std::make_pair(
           content::MEDIA_DEVICE_AUDIO_CAPTURE,
           MediaStreamTypeSettings(MEDIA_ALLOWED,
                                   request.requested_audio_device_id)));
     }
   }
   if (request.video_type == content::MEDIA_DEVICE_VIDEO_CAPTURE ||
       request.request_type == content::MEDIA_OPEN_DEVICE) {
-    if (GetDevicePolicy(prefs::kVideoCaptureAllowed,
+    if (GetDevicePolicy(profile_,
+                        request_.security_origin,
+                        prefs::kVideoCaptureAllowed,
                         prefs::kVideoCaptureAllowedUrls) == ALWAYS_DENY) {
       request_permissions_.insert(std::make_pair(
           content::MEDIA_DEVICE_VIDEO_CAPTURE,
           MediaStreamTypeSettings(MEDIA_BLOCKED_BY_POLICY,
                                   request.requested_video_device_id)));
     } else {
       request_permissions_.insert(std::make_pair(
           content::MEDIA_DEVICE_VIDEO_CAPTURE,
           MediaStreamTypeSettings(MEDIA_ALLOWED,
                                   request.requested_video_device_id)));
@@ skipping 286 matching lines @@
 void MediaStreamDevicesController::Cancelled() {
   UMA_HISTOGRAM_ENUMERATION("Media.DevicePermissionActions",
                             kCancel, kPermissionActionsMax);
   Deny(false, content::MEDIA_DEVICE_PERMISSION_DISMISSED);
 }
 
 void MediaStreamDevicesController::RequestFinished() {
   delete this;
 }
 
-MediaStreamDevicesController::DevicePolicy
-MediaStreamDevicesController::GetDevicePolicy(
-    const char* policy_name,
-    const char* whitelist_policy_name) const {
-  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-
-  // If the security origin policy matches a value in the whitelist, allow it.
-  // Otherwise, check the |policy_name| master switch for the default behavior.
-
-  PrefService* prefs = profile_->GetPrefs();
-
-  // TODO(tommi): Remove the kiosk mode check when the whitelist below
-  // is visible in the media exceptions UI.
-  // See discussion here: https://codereview.chromium.org/15738004/
-  if (IsInKioskMode()) {
-    const base::ListValue* list = prefs->GetList(whitelist_policy_name);
-    std::string value;
-    for (size_t i = 0; i < list->GetSize(); ++i) {
-      if (list->GetString(i, &value)) {
-        ContentSettingsPattern pattern =
-            ContentSettingsPattern::FromString(value);
-        if (pattern == ContentSettingsPattern::Wildcard()) {
-          DLOG(WARNING) << "Ignoring wildcard URL pattern: " << value;
-          continue;
-        }
-        DLOG_IF(ERROR, !pattern.IsValid()) << "Invalid URL pattern: " << value;
-        if (pattern.IsValid() && pattern.Matches(request_.security_origin))
-          return ALWAYS_ALLOW;
-      }
-    }
-  }
-
-  // If a match was not found, check if audio capture is otherwise disallowed
-  // or if the user should be prompted.  Setting the policy value to "true"
-  // is equal to not setting it at all, so from hereon out, we will return
-  // either POLICY_NOT_SET (prompt) or ALWAYS_DENY (no prompt, no access).
-  if (!prefs->GetBoolean(policy_name))
-    return ALWAYS_DENY;
-
-  return POLICY_NOT_SET;
-}
-
 bool MediaStreamDevicesController::IsRequestAllowedByDefault() const {
   // The request from internal objects like chrome://URLs is always allowed.
-  if (ShouldAlwaysAllowOrigin())
+  if (CheckAllowAllMediaStreamContentForOrigin(profile_,
+                                               request_.security_origin)) {
     return true;
+  }
 
   struct {
     bool has_capability;
     const char* policy_name;
     const char* list_policy_name;
     ContentSettingsType settings_type;
   } device_checks[] = {
     { IsDeviceAudioCaptureRequestedAndAllowed(), prefs::kAudioCaptureAllowed,
       prefs::kAudioCaptureAllowedUrls, CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC },
     { IsDeviceVideoCaptureRequestedAndAllowed(), prefs::kVideoCaptureAllowed,
       prefs::kVideoCaptureAllowedUrls,
       CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA },
   };
 
   for (size_t i = 0; i < ARRAYSIZE_UNSAFE(device_checks); ++i) {
     if (!device_checks[i].has_capability)
       continue;
 
-    DevicePolicy policy = GetDevicePolicy(device_checks[i].policy_name,
-                                          device_checks[i].list_policy_name);
+    MediaStreamDevicePolicy policy =
+        GetDevicePolicy(profile_,
+                        request_.security_origin,
+                        device_checks[i].policy_name,
+                        device_checks[i].list_policy_name);
 
     if (policy == ALWAYS_DENY)
       return false;
 
     if (policy == POLICY_NOT_SET) {
       // Only load content settings from secure origins unless it is a
       // content::MEDIA_OPEN_DEVICE (Pepper) request.
       if (!IsSchemeSecure() &&
           request_.request_type != content::MEDIA_OPEN_DEVICE) {
         return false;
@@ skipping 53 matching lines @@
       profile_->GetHostContentSettingsMap()->GetDefaultContentSetting(
           CONTENT_SETTINGS_TYPE_MEDIASTREAM, NULL);
   return (current_setting == CONTENT_SETTING_BLOCK);
 }
 
 bool MediaStreamDevicesController::IsSchemeSecure() const {
   return request_.security_origin.SchemeIsSecure() ||
       request_.security_origin.SchemeIs(extensions::kExtensionScheme);
 }
 
-bool MediaStreamDevicesController::ShouldAlwaysAllowOrigin() const {
-  // TODO(markusheintz): Replace CONTENT_SETTINGS_TYPE_MEDIA_STREAM with the
-  // appropriate new CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC and
-  // CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA.
-  return profile_->GetHostContentSettingsMap()->ShouldAllowAllContent(
-      request_.security_origin, request_.security_origin,
-      CONTENT_SETTINGS_TYPE_MEDIASTREAM);
-}
-
 void MediaStreamDevicesController::SetPermission(bool allowed) const {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   ContentSettingsPattern primary_pattern =
       ContentSettingsPattern::FromURLNoWildcard(request_.security_origin);
   // Check the pattern is valid or not. When the request is from a file access,
   // no exception will be made.
   if (!primary_pattern.IsValid())
     return;
 
   ContentSetting content_setting = allowed ?
@@ skipping 60 matching lines @@
 }
 
 bool MediaStreamDevicesController::IsCaptureDeviceRequestAllowed() const {
 #if defined(OS_ANDROID)
   // Don't approve device requests if the tab was hidden.
   // TODO(qinmin): Add a test for this. http://crbug.com/396869.
   return web_contents_->GetRenderWidgetHostView()->IsShowing();
 #endif
   return true;
 }