OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/gdata/gdata_util.h" | 5 #include "chrome/browser/chromeos/gdata/gdata_util.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
177 | 177 |
178 // -1 to include 'gdata'. | 178 // -1 to include 'gdata'. |
179 FilePath extracted; | 179 FilePath extracted; |
180 for (size_t i = arraysize(kGDataMountPointPathComponents) - 1; | 180 for (size_t i = arraysize(kGDataMountPointPathComponents) - 1; |
181 i < components.size(); ++i) { | 181 i < components.size(); ++i) { |
182 extracted = extracted.Append(components[i]); | 182 extracted = extracted.Append(components[i]); |
183 } | 183 } |
184 return extracted; | 184 return extracted; |
185 } | 185 } |
186 | 186 |
| 187 void InsertGDataCachePathsPermissions( |
| 188 Profile* profile, |
| 189 const FilePath& gdata_path, |
| 190 std::vector<std::pair<FilePath, int> >* cache_paths ) { |
| 191 DCHECK(cache_paths); |
187 | 192 |
188 void SetPermissionsForGDataCacheFiles(Profile* profile, | |
189 int pid, | |
190 const FilePath& path) { | |
191 GDataFileSystem* file_system = GetGDataFileSystem(profile); | 193 GDataFileSystem* file_system = GetGDataFileSystem(profile); |
192 if (!file_system) | 194 if (!file_system) |
193 return; | 195 return; |
194 | 196 |
195 GDataFileProperties file_properties; | 197 GDataFileProperties file_properties; |
196 file_system->GetFileInfoFromPath(path, &file_properties); | 198 file_system->GetFileInfoFromPath(gdata_path, &file_properties); |
197 | 199 |
198 std::string resource_id = file_properties.resource_id; | 200 std::string resource_id = file_properties.resource_id; |
199 std::string file_md5 = file_properties.file_md5; | 201 std::string file_md5 = file_properties.file_md5; |
200 | 202 |
201 // We check permissions for raw cache file paths only for read-only | 203 // We check permissions for raw cache file paths only for read-only |
202 // operations (when fileEntry.file() is called), so read only permissions | 204 // operations (when fileEntry.file() is called), so read only permissions |
203 // should be sufficient for all cache paths. For the rest of supported | 205 // should be sufficient for all cache paths. For the rest of supported |
204 // operations the file access check is done for gdata/ paths. | 206 // operations the file access check is done for gdata/ paths. |
205 std::vector<std::pair<FilePath, int> > cache_paths; | 207 cache_paths->push_back(std::make_pair( |
206 cache_paths.push_back(std::make_pair( | |
207 file_system->GetCacheFilePath(resource_id, file_md5, | 208 file_system->GetCacheFilePath(resource_id, file_md5, |
208 GDataRootDirectory::CACHE_TYPE_PERSISTENT, | 209 GDataRootDirectory::CACHE_TYPE_PERSISTENT, |
209 GDataFileSystem::CACHED_FILE_FROM_SERVER), | 210 GDataFileSystem::CACHED_FILE_FROM_SERVER), |
210 kReadOnlyFilePermissions)); | 211 kReadOnlyFilePermissions)); |
211 // TODO(tbarzic): When we start supporting openFile operation, we may have to | 212 // TODO(tbarzic): When we start supporting openFile operation, we may have to |
212 // change permission for localy modified files to match handler's permissions. | 213 // change permission for localy modified files to match handler's permissions. |
213 cache_paths.push_back(std::make_pair( | 214 cache_paths->push_back(std::make_pair( |
214 file_system->GetCacheFilePath(resource_id, file_md5, | 215 file_system->GetCacheFilePath(resource_id, file_md5, |
215 GDataRootDirectory::CACHE_TYPE_PERSISTENT, | 216 GDataRootDirectory::CACHE_TYPE_PERSISTENT, |
216 GDataFileSystem::CACHED_FILE_LOCALLY_MODIFIED), | 217 GDataFileSystem::CACHED_FILE_LOCALLY_MODIFIED), |
217 kReadOnlyFilePermissions)); | 218 kReadOnlyFilePermissions)); |
218 cache_paths.push_back(std::make_pair( | 219 cache_paths->push_back(std::make_pair( |
219 file_system->GetCacheFilePath(resource_id, file_md5, | 220 file_system->GetCacheFilePath(resource_id, file_md5, |
220 GDataRootDirectory::CACHE_TYPE_TMP, | 221 GDataRootDirectory::CACHE_TYPE_TMP, |
221 GDataFileSystem::CACHED_FILE_FROM_SERVER), | 222 GDataFileSystem::CACHED_FILE_FROM_SERVER), |
222 kReadOnlyFilePermissions)); | 223 kReadOnlyFilePermissions)); |
223 | 224 |
| 225 } |
| 226 |
| 227 void SetPermissionsForGDataCacheFiles(Profile* profile, |
| 228 int pid, |
| 229 const FilePath& path) { |
| 230 std::vector<std::pair<FilePath, int> > cache_paths; |
| 231 InsertGDataCachePathsPermissions(profile, path, &cache_paths); |
224 for (size_t i = 0; i < cache_paths.size(); i++) { | 232 for (size_t i = 0; i < cache_paths.size(); i++) { |
225 content::ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 233 content::ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( |
226 pid, cache_paths[i].first, cache_paths[i].second); | 234 pid, cache_paths[i].first, cache_paths[i].second); |
227 } | 235 } |
228 } | 236 } |
229 | 237 |
230 bool IsGDataAvailable(Profile* profile) { | 238 bool IsGDataAvailable(Profile* profile) { |
231 // We allow GData only in canary and dev channels. http://crosbug.com/28806 | 239 // We allow GData only in canary and dev channels. http://crosbug.com/28806 |
232 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel(); | 240 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel(); |
233 if (channel == chrome::VersionInfo::CHANNEL_DEV || | 241 if (channel == chrome::VersionInfo::CHANNEL_DEV || |
234 channel == chrome::VersionInfo::CHANNEL_BETA || | 242 channel == chrome::VersionInfo::CHANNEL_BETA || |
235 channel == chrome::VersionInfo::CHANNEL_STABLE) | 243 channel == chrome::VersionInfo::CHANNEL_STABLE) |
236 return false; | 244 return false; |
237 | 245 |
238 // Do not allow GData for incognito windows / guest mode. | 246 // Do not allow GData for incognito windows / guest mode. |
239 if (profile->IsOffTheRecord()) | 247 if (profile->IsOffTheRecord()) |
240 return false; | 248 return false; |
241 | 249 |
242 // Disable gdata if preference is set. This can happen with commandline flag | 250 // Disable gdata if preference is set. This can happen with commandline flag |
243 // --disable-gdata or enterprise policy, or probably with user settings too | 251 // --disable-gdata or enterprise policy, or probably with user settings too |
244 // in the future. | 252 // in the future. |
245 if (profile->GetPrefs()->GetBoolean(prefs::kDisableGData)) | 253 if (profile->GetPrefs()->GetBoolean(prefs::kDisableGData)) |
246 return false; | 254 return false; |
247 | 255 |
248 return true; | 256 return true; |
249 } | 257 } |
250 | 258 |
251 } // namespace util | 259 } // namespace util |
252 } // namespace gdata | 260 } // namespace gdata |
OLD | NEW |