ChildProcessSecurityPolicy: Deprecate bitmask-based permissions checks for files.

content/browser/child_process_security_policy_impl.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
 #define CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_
 
 
 #include <map>
 #include <set>
@@ skipping 24 matching lines @@
  public:
   // Object can only be created through GetInstance() so the constructor is
   // private.
   virtual ~ChildProcessSecurityPolicyImpl();
 
   static ChildProcessSecurityPolicyImpl* GetInstance();
 
   // ChildProcessSecurityPolicy implementation.
   virtual void RegisterWebSafeScheme(const std::string& scheme) OVERRIDE;
   virtual bool IsWebSafeScheme(const std::string& scheme) OVERRIDE;
-  virtual void GrantReadFile(int child_id, const base::FilePath& file) OVERRIDE;
-  virtual void GrantCreateReadWriteFile(int child_id,
-                                  const base::FilePath& file) OVERRIDE;
-  virtual void GrantCreateWriteFile(int child_id,
-                                    const base::FilePath& file) OVERRIDE;
   virtual void GrantReadFileSystem(
       int child_id,
       const std::string& filesystem_id) OVERRIDE;
   virtual void GrantWriteFileSystem(
       int child_id,
       const std::string& filesystem_id) OVERRIDE;
   virtual void GrantCreateFileForFileSystem(
       int child_id,
       const std::string& filesystem_id) OVERRIDE;
   virtual void GrantScheme(int child_id, const std::string& scheme) OVERRIDE;
   virtual bool CanReadFile(int child_id, const base::FilePath& file) OVERRIDE;

[vandebo (ex-Chrome), 2013/07/17 21:54:27]

File stuff is probably more generally interesting than file system first, so
leave it first.

[tommycli, 2013/07/17 22:31:11]

Done.

+  virtual bool CanWriteFile(int child_id, const base::FilePath& file) OVERRIDE;
+  virtual bool CanCreateFile(int child_id, const base::FilePath& file) OVERRIDE;
+  virtual bool CanCreateReadWriteFile(int child_id,
+                                      const base::FilePath& file) OVERRIDE;
+  virtual void GrantReadFile(int child_id, const base::FilePath& file) OVERRIDE;
+  virtual void GrantWriteFile(int child_id,
+                              const base::FilePath& file) OVERRIDE;
+  virtual void GrantCreateFile(int child_id,
+                               const base::FilePath& file) OVERRIDE;
+  virtual void GrantCreateReadWriteFile(int child_id,
+                                        const base::FilePath& file) OVERRIDE;
+  virtual void GrantCreateWriteFile(int child_id,
+                                    const base::FilePath& file) OVERRIDE;
   virtual bool CanReadFileSystem(int child_id,
                                  const std::string& filesystem_id) OVERRIDE;
   virtual bool CanReadWriteFileSystem(
       int child_id,
       const std::string& filesystem_id) OVERRIDE;
 
   // Pseudo schemes are treated differently than other schemes because they
   // cannot be requested like normal URLs.  There is no mechanism for revoking
   // pseudo schemes.
   void RegisterPseudoScheme(const std::string& scheme);
@@ skipping 51 matching lines @@
   // the given origin in main frames or subframes.
   // Only might return false if --site-per-process flag is used.
   bool CanLoadPage(int child_id,
                    const GURL& url,
                    ResourceType::Type resource_type);
 
   // Before servicing a child process's request to enumerate a directory
   // the browser should call this method to check for the capability.
   bool CanReadDirectory(int child_id, const base::FilePath& directory);
 
+  // Deprecated: Use CanReadFile, etc. methods instead.

[vandebo (ex-Chrome), 2013/07/17 21:54:27]

I presume these will go away by the time you're done?

[tommycli, 2013/07/17 22:31:11]

Yes these will go away... after a long time.

   // Determines if certain permissions were granted for a file. |permissions|
   // must be a bitwise-or'd value of base::PlatformFileFlags.
   bool HasPermissionsForFile(int child_id,
                              const base::FilePath& file,
                              int permissions);
 
+  // Deprecated: Use CanReadFileSystemFile, etc. methods instead.
   // Determines if certain permissions were granted for a file in FileSystem
   // API. |permissions| must be a bitwise-or'd value of base::PlatformFileFlags.
   bool HasPermissionsForFileSystemFile(int child_id,
                                        const fileapi::FileSystemURL& url,
                                        int permissions);
 
+  // Explicit permissions checks for FileSystemURL specified files.
+  bool CanReadFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
+  bool CanWriteFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
+  bool CanCreateFileSystemFile(int child_id, const fileapi::FileSystemURL& url);
+  bool CanCreateReadWriteFileSystemFile(int child_id,
+                                        const fileapi::FileSystemURL& url);
+
   // Returns true if the specified child_id has been granted WebUIBindings.
   // The browser should check this property before assuming the child process is
   // allowed to use WebUIBindings.
   bool HasWebUIBindings(int child_id);
 
   // Returns true if the specified child_id has been granted ReadRawCookies.
   bool CanReadRawCookies(int child_id);
 
   // Returns true if the process is permitted to read and modify the cookies for
   // the given origin.  Does not affect cookies attached to or set by network
@@ skipping 93 matching lines @@
   WorkerToMainProcessMap worker_map_;
 
   FileSystemPermissionPolicyMap file_system_policy_map_;
 
   DISALLOW_COPY_AND_ASSIGN(ChildProcessSecurityPolicyImpl);
 };
 
 }  // namespace content
 
 #endif  // CONTENT_BROWSER_CHILD_PROCESS_SECURITY_POLICY_IMPL_H_