diff options
| author | kinuko@chromium.org <kinuko@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-01 11:52:31 +0000 |
|---|---|---|
| committer | kinuko@chromium.org <kinuko@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-01 11:52:31 +0000 |
| commit | ce5cbed872693ef89bb6e33fa4dd513b1dd7054b (patch) | |
| tree | aae7f224608f012d54cdb7141c4d8bfd8ad0b3e6 /content/browser/child_process_security_policy_impl.h | |
| parent | 5e5ba0428effebbcce06382c792f5c9d2afc1ab8 (diff) | |
| download | chromium_src-ce5cbed872693ef89bb6e33fa4dd513b1dd7054b.zip chromium_src-ce5cbed872693ef89bb6e33fa4dd513b1dd7054b.tar.gz chromium_src-ce5cbed872693ef89bb6e33fa4dd513b1dd7054b.tar.bz2 | |
Implement ChildProcessSecurityPolicy::HasPermissionsForFileSystemFile()
In content/ layer:
- Add CPSP::HasPermissionsForFileSystemFile() for central
FileSystem permission check.
- Replace all permission check code for FileSystem files with the
newly added CPSP method
In webkit/browser/fileapi layer:
- Each MountPointProvider's GetPermissionPolicy() is replaced with a
central static FileSystemContext::GetPermissionPolicy() method.
Now the permission policy is statically defined for each type and
used by CPSP. Some FS-specific security checks are moved into
each FS's private implementation.
- For SandboxMountPointProvider: moved some API-specific validity
check code into a private IsAcessValid() method.
- For CrosMountPointProvider: IsAccessAllowed() method is still called
every time when a new FileSystemOperation is created, but doesn't
participate the CPSP's permission check.
BUG=174550
TEST=ChildProcessSecurityPolicyTest::FileSystemFilePermissions
R=aedla@chromium.org, darin@chromium.org, tbarzic@chromium.org, tsepez@chromium.org
Review URL: https://codereview.chromium.org/12310099
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209418 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/browser/child_process_security_policy_impl.h')
| -rw-r--r-- | content/browser/child_process_security_policy_impl.h | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h index cfddada..9d58e3223 100644 --- a/content/browser/child_process_security_policy_impl.h +++ b/content/browser/child_process_security_policy_impl.h @@ -15,6 +15,7 @@ #include "base/memory/singleton.h" #include "base/synchronization/lock.h" #include "content/public/browser/child_process_security_policy.h" +#include "webkit/common/fileapi/file_system_types.h" #include "webkit/glue/resource_type.h" class GURL; @@ -23,6 +24,10 @@ namespace base { class FilePath; } +namespace fileapi { +class FileSystemURL; +} + namespace content { class CONTENT_EXPORT ChildProcessSecurityPolicyImpl @@ -124,11 +129,17 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl bool CanReadDirectory(int child_id, const base::FilePath& directory); // Determines if certain permissions were granted for a file. |permissions| - // must be a bit-set of base::PlatformFileFlags. + // must be a bitwise-or'd value of base::PlatformFileFlags. bool HasPermissionsForFile(int child_id, const base::FilePath& file, int permissions); + // Determines if certain permissions were granted for a file in FileSystem + // API. |permissions| must be a bitwise-or'd value of base::PlatformFileFlags. + bool HasPermissionsForFileSystemFile(int child_id, + const fileapi::FileSystemURL& url, + int permissions); + // Returns true if the specified child_id has been granted WebUIBindings. // The browser should check this property before assuming the child process is // allowed to use WebUIBindings. @@ -165,12 +176,19 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl int permission); // Determines if certain permissions were granted for a file fystem. - // |permissions| must be a bit-set of base::PlatformFileFlags. + // |permissions| must be a bitwise-or'd value of base::PlatformFileFlags. bool HasPermissionsForFileSystem( int child_id, const std::string& filesystem_id, int permission); + // Register FileSystem type and permission policy which should be used + // for the type. The |policy| must be a bitwise-or'd value of + // fileapi::FilePermissionPolicy. + void RegisterFileSystemPermissionPolicy( + fileapi::FileSystemType type, + int policy); + private: friend class ChildProcessSecurityPolicyInProcessBrowserTest; FRIEND_TEST_ALL_PREFIXES(ChildProcessSecurityPolicyInProcessBrowserTest, @@ -181,6 +199,7 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl typedef std::set<std::string> SchemeSet; typedef std::map<int, SecurityState*> SecurityStateMap; typedef std::map<int, int> WorkerToMainProcessMap; + typedef std::map<fileapi::FileSystemType, int> FileSystemPermissionPolicyMap; // Obtain an instance of ChildProcessSecurityPolicyImpl via GetInstance(). ChildProcessSecurityPolicyImpl(); @@ -190,7 +209,8 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl void AddChild(int child_id); // Determines if certain permissions were granted for a file to given child - // process. |permissions| must be a bit-set of base::PlatformFileFlags. + // process. |permissions| must be a bitwise-or'd value of + // base::PlatformFileFlags. bool ChildProcessHasPermissionsForFile(int child_id, const base::FilePath& file, int permissions); @@ -218,6 +238,8 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl // corresponds to which main js thread child process. WorkerToMainProcessMap worker_map_; + FileSystemPermissionPolicyMap file_system_policy_map_; + DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl); }; |