Remove storage context accessors from ResourceContext.

content/browser/worker_host/worker_process_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/worker_host/worker_process_host.h"
 
 #include <set>
 #include <string>
 #include <vector>
 
@@ skipping 76 matching lines @@
 }  // namespace
 
 // Notifies RenderViewHost that one or more worker objects crashed.
 void WorkerCrashCallback(int render_process_unique_id, int render_view_id) {
   RenderViewHostImpl* host =
       RenderViewHostImpl::FromID(render_process_unique_id, render_view_id);
   if (host)
     host->GetDelegate()->WorkerCrashed();
 }
 
-WorkerProcessHost::WorkerProcessHost(ResourceContext* resource_context)
-    : resource_context_(resource_context) {
+WorkerProcessHost::WorkerProcessHost(
+    ResourceContext* resource_context,
+    const WorkerStoragePartition& partition)
+    : resource_context_(resource_context),
+      partition_(partition) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
-  DCHECK(resource_context);
+  DCHECK(resource_context_);
   process_.reset(
       new BrowserChildProcessHostImpl(content::PROCESS_TYPE_WORKER, this));
 }
 
 WorkerProcessHost::~WorkerProcessHost() {
   // If we crashed, tell the RenderViewHosts.
   for (Instances::iterator i = instances_.begin(); i != instances_.end(); ++i) {
     const WorkerDocumentSet::DocumentInfoSet& parents =
         i->worker_document_set()->documents();
     for (WorkerDocumentSet::DocumentInfoSet::const_iterator parent_iter =
@@ skipping 82 matching lines @@
 
   process_->Launch(
 #if defined(OS_WIN)
       FilePath(),
 #elif defined(OS_POSIX)
       use_zygote,
       base::EnvironmentVector(),
 #endif
       cmd_line);
 
-  fileapi::FileSystemContext* file_system_context =
-      GetFileSystemContextForResourceContext(resource_context_);
   ChildProcessSecurityPolicyImpl::GetInstance()->AddWorker(
       process_->GetData().id, render_process_id);
   if (!CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kDisableFileSystem)) {
     // Grant most file permissions to this worker.
     // PLATFORM_FILE_TEMPORARY, PLATFORM_FILE_HIDDEN and
     // PLATFORM_FILE_DELETE_ON_CLOSE are not granted, because no existing API
     // requests them.
     // This is for the filesystem sandbox.
     ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile(
         process_->GetData().id,
-        file_system_context->sandbox_provider()->new_base_path(),
+        partition_.filesystem_context()->sandbox_provider()->new_base_path(),
         base::PLATFORM_FILE_OPEN |
         base::PLATFORM_FILE_CREATE |
         base::PLATFORM_FILE_OPEN_ALWAYS |
         base::PLATFORM_FILE_CREATE_ALWAYS |
         base::PLATFORM_FILE_OPEN_TRUNCATED |
         base::PLATFORM_FILE_READ |
         base::PLATFORM_FILE_WRITE |
         base::PLATFORM_FILE_EXCLUSIVE_READ |
         base::PLATFORM_FILE_EXCLUSIVE_WRITE |
         base::PLATFORM_FILE_ASYNC |
         base::PLATFORM_FILE_WRITE_ATTRIBUTES |
         base::PLATFORM_FILE_ENUMERATE);
     // This is so that we can read and move stuff out of the old filesystem
     // sandbox.
     ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile(
         process_->GetData().id,
-        file_system_context->sandbox_provider()->old_base_path(),
+        partition_.filesystem_context()->sandbox_provider()->old_base_path(),
         base::PLATFORM_FILE_READ | base::PLATFORM_FILE_WRITE |
             base::PLATFORM_FILE_WRITE_ATTRIBUTES |
             base::PLATFORM_FILE_ENUMERATE);
     // This is so that we can rename the old sandbox out of the way so that
     // we know we've taken care of it.
     ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile(
         process_->GetData().id,
-        file_system_context->sandbox_provider()->renamed_old_base_path(),
+        partition_.filesystem_context()->sandbox_provider()->
+            renamed_old_base_path(),
         base::PLATFORM_FILE_CREATE | base::PLATFORM_FILE_CREATE_ALWAYS |
             base::PLATFORM_FILE_WRITE);
   }
 
   CreateMessageFilters(render_process_id);
 
   return true;
 }
 
 void WorkerProcessHost::CreateMessageFilters(int render_process_id) {
   net::URLRequestContext* request_context =
       resource_context_->GetRequestContext();
 
   ResourceMessageFilter* resource_message_filter = new ResourceMessageFilter(
       process_->GetData().id, content::PROCESS_TYPE_WORKER, resource_context_,
       new URLRequestContextSelector(request_context));
   process_->GetHost()->AddFilter(resource_message_filter);
 
   worker_message_filter_ = new WorkerMessageFilter(
-      render_process_id, resource_context_,
+      render_process_id, resource_context_, partition_,
       base::Bind(&WorkerServiceImpl::next_worker_route_id,
                  base::Unretained(WorkerServiceImpl::GetInstance())));
   process_->GetHost()->AddFilter(worker_message_filter_);
   process_->GetHost()->AddFilter(new AppCacheDispatcherHost(
       static_cast<ChromeAppCacheService*>(
           ResourceContext::GetAppCacheService(resource_context_)),
       process_->GetData().id));
   process_->GetHost()->AddFilter(new FileAPIMessageFilter(
       process_->GetData().id,
       request_context,
-      GetFileSystemContextForResourceContext(resource_context_),
+      partition_.filesystem_context(),
       content::GetChromeBlobStorageContextForResourceContext(
           resource_context_)));
   process_->GetHost()->AddFilter(new FileUtilitiesMessageFilter(
       process_->GetData().id));
   process_->GetHost()->AddFilter(new MimeRegistryMessageFilter());
-  process_->GetHost()->AddFilter(new DatabaseMessageFilter(
-      content::GetDatabaseTrackerForResourceContext(resource_context_)));
+  process_->GetHost()->AddFilter(
+      new DatabaseMessageFilter(partition_.database_tracker()));
 
   SocketStreamDispatcherHost* socket_stream_dispatcher_host =
       new SocketStreamDispatcherHost(render_process_id,
           new URLRequestContextSelector(request_context), resource_context_);
   process_->GetHost()->AddFilter(socket_stream_dispatcher_host);
   process_->GetHost()->AddFilter(
       new content::WorkerDevToolsMessageFilter(process_->GetData().id));
   process_->GetHost()->AddFilter(new IndexedDBDispatcherHost(
-      process_->GetData().id,
-      content::GetIndexedDBContextForResourceContext(resource_context_)));
+      process_->GetData().id, partition_.indexed_db_context()));
 }
 
 void WorkerProcessHost::CreateWorker(const WorkerInstance& instance) {
   ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
       process_->GetData().id, instance.url());
 
   instances_.push_back(instance);
 
   WorkerProcessMsg_CreateWorker_Params params;
   params.url = instance.url();
@@ skipping 271 matching lines @@
   }
   return result;
 }
 
 WorkerProcessHost::WorkerInstance::WorkerInstance(
     const GURL& url,
     const string16& name,
     int worker_route_id,
     int parent_process_id,
     int64 main_resource_appcache_id,
-    content::ResourceContext* resource_context)
+    content::ResourceContext* resource_context,
+    const WorkerStoragePartition& partition)
     : url_(url),
       closed_(false),
       name_(name),
       worker_route_id_(worker_route_id),
       parent_process_id_(parent_process_id),
       main_resource_appcache_id_(main_resource_appcache_id),
       worker_document_set_(new WorkerDocumentSet()),
-      resource_context_(resource_context) {
+      resource_context_(resource_context),
+      partition_(partition) {
   DCHECK(resource_context_);
 }
 
 WorkerProcessHost::WorkerInstance::WorkerInstance(
     const GURL& url,
     bool shared,
     const string16& name,
-    content::ResourceContext* resource_context)
+    content::ResourceContext* resource_context,
+    const WorkerStoragePartition& partition)
     : url_(url),
       closed_(false),
       name_(name),
       worker_route_id_(MSG_ROUTING_NONE),
       parent_process_id_(0),
       main_resource_appcache_id_(0),
       worker_document_set_(new WorkerDocumentSet()),
-      resource_context_(resource_context) {
+      resource_context_(resource_context),
+      partition_(partition) {
   DCHECK(resource_context_);
 }
 
 WorkerProcessHost::WorkerInstance::~WorkerInstance() {
 }
 
 // Compares an instance based on the algorithm in the WebWorkers spec - an
 // instance matches if the origins of the URLs match, and:
 // a) the names are non-empty and equal
 // -or-
 // b) the names are both empty, and the urls are equal
 bool WorkerProcessHost::WorkerInstance::Matches(
     const GURL& match_url,
     const string16& match_name,
+    const WorkerStoragePartition& partition,
     content::ResourceContext* resource_context) const {
   // Only match open shared workers.
   if (closed_)
     return false;
 
   // ResourceContext equivalence is being used as a proxy to ensure we only
   // matched shared workers within the same BrowserContext.
   if (resource_context_ != resource_context)
     return false;
 
+  // We must be in the same storage partition otherwise sharing will violate
+  // isolation.
+  if (!partition_.Equals(partition))
+    return false;
+
   if (url_.GetOrigin() != match_url.GetOrigin())
     return false;
 
   if (name_.empty() && match_name.empty())
     return url_ == match_url;
 
   return name_ == match_name;
 }
 
 void WorkerProcessHost::WorkerInstance::AddFilter(WorkerMessageFilter* filter,
@@ skipping 50 matching lines @@
     }
   }
   return false;
 }
 
 WorkerProcessHost::WorkerInstance::FilterInfo
 WorkerProcessHost::WorkerInstance::GetFilter() const {
   DCHECK(NumFilters() == 1);
   return *filters_.begin();
 }