ChildProcessSecurityPolicy: Deprecate bitmask-based permissions checks for files.

content/public/browser/child_process_security_policy.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 #define CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_
 
 #include <string>
 
 #include "base/basictypes.h"
@@ skipping 22 matching lines @@
   static CONTENT_EXPORT ChildProcessSecurityPolicy* GetInstance();
 
   // Web-safe schemes can be requested by any child process.  Once a web-safe
   // scheme has been registered, any child process can request URLs with
   // that scheme.  There is no mechanism for revoking web-safe schemes.
   virtual void RegisterWebSafeScheme(const std::string& scheme) = 0;
 
   // Returns true iff |scheme| has been registered as a web-safe scheme.
   virtual bool IsWebSafeScheme(const std::string& scheme) = 0;
 
-  // Before servicing a child process's request to upload a file to the web, the

[vandebo (ex-Chrome), 2013/07/18 15:16:59]

Seems like the explicit guidance in these comments should be preserved.

[tommycli, 2013/07/18 15:56:47]

Done.

-  // browser should call this method to determine whether the process has the
-  // capability to upload the requested file.
-  virtual bool CanReadFile(int child_id, const base::FilePath& file) = 0;
-
-  // Whenever the user picks a file from a <input type="file"> element, the
-  // browser should call this function to grant the child process the capability
-  // to upload the file to the web. Grants FILE_PERMISSION_READ_ONLY.
+  // This permission grants only read access to a file.
   virtual void GrantReadFile(int child_id, const base::FilePath& file) = 0;
 
   // This permission grants creation, read, and full write access to a file,
   // including attributes.
   virtual void GrantCreateReadWriteFile(int child_id,
                                         const base::FilePath& file) = 0;
 
   // This permission grants creation and write access to a file.
   virtual void GrantCreateWriteFile(int child_id,
                                     const base::FilePath& file) = 0;
 
+  // These methods verify whether or not the child process has been granted
+  // permissions perform these functions on |file|.
+  virtual bool CanReadFile(int child_id, const base::FilePath& file) = 0;
+  virtual bool CanWriteFile(int child_id, const base::FilePath& file) = 0;
+  virtual bool CanCreateFile(int child_id, const base::FilePath& file) = 0;
+  virtual bool CanCreateReadWriteFile(int child_id,
+                                      const base::FilePath& file) = 0;
+
   // Grants read access permission to the given isolated file system
   // identified by |filesystem_id|. An isolated file system can be
   // created for a set of native files/directories (like dropped files)
   // using fileapi::IsolatedContext. A child process needs to be granted
   // permission to the file system to access the files in it using
   // file system URL.
   //
   // Note: to grant read access to the content of files you also need
   // to give permission directly to the file paths using GrantReadFile.
   // TODO(kinuko): We should unify this file-level and file-system-level
@@ skipping 38 matching lines @@
 
   // Returns true iff read and write access has been granted to the filesystem
   // with |filesystem_id|.
   virtual bool CanReadWriteFileSystem(int child_id,
                                       const std::string& filesystem_id) = 0;
 };
 
 };  // namespace content
 
 #endif  // CONTENT_PUBLIC_BROWSER_CHILD_PROCESS_SECURITY_POLICY_H_