// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome/browser/chromeos/plugin_selection_policy.h"

#include <algorithm>
#include <iostream>
#include <map>
#include <sstream>
#include <string>
#include <vector>

#include "base/auto_reset.h"
#include "base/file_path.h"
#include "base/file_util.h"
#include "base/logging.h"
#include "base/string_util.h"
#include "content/browser/browser_thread.h"
#include "googleurl/src/gurl.h"

#if !defined(OS_CHROMEOS)
#error This file is meant to be compiled on ChromeOS only.
#endif

using std::vector;
using std::string;
using std::pair;
using std::map;

namespace chromeos {

static const char kPluginSelectionPolicyFile[] =
    "/usr/share/chromeos-assets/flash/plugin_policy";

PluginSelectionPolicy::PluginSelectionPolicy()
    : init_from_file_finished_(false) {
}

PluginSelectionPolicy::~PluginSelectionPolicy() {}

void PluginSelectionPolicy::StartInit() {
  // Initialize the policy on the FILE thread, since it reads from a
  // policy file.
  BrowserThread::PostTask(
      BrowserThread::FILE, FROM_HERE,
      NewRunnableMethod(this, &chromeos::PluginSelectionPolicy::Init));
}

bool PluginSelectionPolicy::Init() {
  return InitFromFile(FilePath(kPluginSelectionPolicyFile));
}

bool PluginSelectionPolicy::InitFromFile(const FilePath& policy_file) {
  // This must always be called from the FILE thread.
  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));

  string data;
  // This should be a really small file, so we're OK with just
  // slurping it.
  if (!file_util::ReadFileToString(policy_file, &data)) {
    LOG(ERROR) << "Unable to read plugin policy file \""
               << policy_file.value() << "\".";
    init_from_file_finished_ = true;
    return false;
  }

  std::istringstream input_stream(data);
  string line;
  map<string, Policy> policies;
  Policy policy;
  string last_plugin;

  while (std::getline(input_stream, line)) {
    // Strip comments.
    string::size_type pos = line.find("#");
    if (pos != string::npos) {
      line = line.substr(0, pos);
    }
    TrimWhitespaceASCII(line, TRIM_ALL, &line);
    if (line.find("allow") == 0) {
      // Has to be preceeded by a "plugin" statement.
      if (last_plugin.empty()) {
        LOG(ERROR) << "Plugin policy file error: 'allow' out of context.";
        init_from_file_finished_ = true;
        return false;
      }
      line = line.substr(5);
      TrimWhitespaceASCII(line, TRIM_ALL, &line);
      line = StringToLowerASCII(line);
      policy.push_back(make_pair(true, line));
    }
    if (line.find("deny") == 0) {
      // Has to be preceeded by a "plugin" statement.
      if (last_plugin.empty()) {
        LOG(ERROR) << "Plugin policy file error: 'deny' out of context.";
        init_from_file_finished_ = true;
        return false;
      }
      line = line.substr(4);
      TrimWhitespaceASCII(line, TRIM_ALL, &line);
      line = StringToLowerASCII(line);
      policy.push_back(make_pair(false, line));
    }
    if (line.find("plugin") == 0) {
      line = line.substr(6);
      TrimWhitespaceASCII(line, TRIM_ALL, &line);
      if (!policy.empty() && !last_plugin.empty())
        policies.insert(make_pair(last_plugin, policy));
      last_plugin = line;
      policy.clear();
    }
  }

  if (!last_plugin.empty())
    policies.insert(make_pair(last_plugin, policy));

  policies_.swap(policies);
  init_from_file_finished_ = true;
  return true;
}

int PluginSelectionPolicy::FindFirstAllowed(
    const GURL& url,
    const std::vector<webkit::npapi::WebPluginInfo>& info) {
  for (std::vector<webkit::npapi::WebPluginInfo>::size_type i = 0;
       i < info.size(); ++i) {
    if (IsAllowed(url, info[i].path))
      return i;
  }
  return -1;
}

bool PluginSelectionPolicy::IsAllowed(const GURL& url,
                                      const FilePath& path) {
  // This must always be called from the FILE thread, to be sure
  // initialization doesn't happen at the same time.
  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));

  // Make sure that we notice if this starts being called before
  // initialization is complete.  Right now it is guaranteed only by
  // the startup order and the fact that InitFromFile runs on the FILE
  // thread too.
  DCHECK(init_from_file_finished_)
      << "Tried to check policy before policy is initialized.";

  string name = path.BaseName().value();

  PolicyMap::iterator policy_iter = policies_.find(name);
  if (policy_iter != policies_.end()) {
    Policy& policy(policy_iter->second);

    // We deny by default. (equivalent to "deny" at the top of the section)
    bool allow = false;

    for (Policy::iterator iter = policy.begin(); iter != policy.end(); ++iter) {
      bool policy_allow = iter->first;
      string& policy_domain = iter->second;
      if (policy_domain.empty() || url.DomainIs(policy_domain.c_str(),
                                                policy_domain.size())) {
        allow = policy_allow;
      }
    }
    return allow;
  }

  // If it's not in the policy file, then we assume it's OK to allow
  // it.
  return true;
}

}  // namespace chromeos