| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/extensions/file_browser_private_api.h" | 5 #include "chrome/browser/chromeos/extensions/file_browser_private_api.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 1000 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1011 this, | 1011 this, |
| 1012 mount_type_str)); | 1012 mount_type_str)); |
| 1013 break; | 1013 break; |
| 1014 } | 1014 } |
| 1015 } | 1015 } |
| 1016 #endif // defined(OS_CHROMEOS) | 1016 #endif // defined(OS_CHROMEOS) |
| 1017 | 1017 |
| 1018 return true; | 1018 return true; |
| 1019 } | 1019 } |
| 1020 | 1020 |
| 1021 void AddMountFunction::GrantFilePermissionsToHost(const FilePath& path, |
| 1022 int permissions) { |
| 1023 ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( |
| 1024 render_view_host()->GetProcess()->GetID(), path, permissions); |
| 1025 } |
| 1021 | 1026 |
| 1022 void AddMountFunction::AddGDataMountPoint() { | 1027 void AddMountFunction::AddGDataMountPoint() { |
| 1023 fileapi::ExternalFileSystemMountPointProvider* provider = | 1028 fileapi::ExternalFileSystemMountPointProvider* provider = |
| 1024 BrowserContext::GetFileSystemContext(profile_)->external_provider(); | 1029 BrowserContext::GetFileSystemContext(profile_)->external_provider(); |
| 1025 const FilePath mount_point = gdata::util::GetGDataMountPointPath(); | 1030 const FilePath mount_point = gdata::util::GetGDataMountPointPath(); |
| 1026 if (!provider || provider->HasMountPoint(mount_point)) | 1031 if (!provider || provider->HasMountPoint(mount_point)) |
| 1027 return; | 1032 return; |
| 1028 | 1033 |
| 1029 // Grant R/W permissions to gdata 'folder'. File API layer still | 1034 // Grant R/W permissions to gdata 'folder'. File API layer still |
| 1030 // expects this to be satisfied. | 1035 // expects this to be satisfied. |
| 1031 ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile( | 1036 GrantFilePermissionsToHost(mount_point, |
| 1032 render_view_host()->GetProcess()->GetID(), mount_point, | 1037 file_handler_util::GetReadWritePermissions()); |
| 1033 file_handler_util::GetReadWritePermissions()); | |
| 1034 | 1038 |
| 1039 // Grant R/W permission for tmp and pinned cache folder. |
| 1035 gdata::GDataSystemService* system_service = | 1040 gdata::GDataSystemService* system_service = |
| 1036 gdata::GDataSystemServiceFactory::GetForProfile(profile_); | 1041 gdata::GDataSystemServiceFactory::GetForProfile(profile_); |
| 1037 DCHECK(system_service); | 1042 DCHECK(system_service); |
| 1043 gdata::GDataFileSystem* gdata_file_system = system_service->file_system(); |
| 1044 |
| 1045 // We check permissions for raw cache file paths only for read-only |
| 1046 // operations (when fileEntry.file() is called), so read only permissions |
| 1047 // should be sufficient for all cache paths. For the rest of supported |
| 1048 // operations the file access check is done for gdata/ paths. |
| 1049 GrantFilePermissionsToHost(gdata_file_system->GetGDataCacheTmpDirectory(), |
| 1050 file_handler_util::GetReadOnlyPermissions()); |
| 1051 GrantFilePermissionsToHost( |
| 1052 gdata_file_system->GetGDataCachePersistentDirectory(), |
| 1053 file_handler_util::GetReadOnlyPermissions()); |
| 1054 |
| 1038 provider->AddRemoteMountPoint( | 1055 provider->AddRemoteMountPoint( |
| 1039 mount_point, | 1056 mount_point, |
| 1040 new gdata::GDataFileSystemProxy(system_service->file_system())); | 1057 new gdata::GDataFileSystemProxy(gdata_file_system)); |
| 1058 |
| 1059 FilePath mount_point_virtual; |
| 1060 if (provider->GetVirtualPath(mount_point, &mount_point_virtual)) |
| 1061 provider->GrantFileAccessToExtension(extension_id(), mount_point_virtual); |
| 1041 } | 1062 } |
| 1042 | 1063 |
| 1043 void AddMountFunction::RaiseGDataMountEvent(gdata::GDataErrorCode error) { | 1064 void AddMountFunction::RaiseGDataMountEvent(gdata::GDataErrorCode error) { |
| 1044 chromeos::MountError error_code = error == gdata::HTTP_SUCCESS ? | 1065 chromeos::MountError error_code = error == gdata::HTTP_SUCCESS ? |
| 1045 chromeos::MOUNT_ERROR_NONE : chromeos::MOUNT_ERROR_NOT_AUTHENTICATED; | 1066 chromeos::MOUNT_ERROR_NONE : chromeos::MOUNT_ERROR_NOT_AUTHENTICATED; |
| 1046 DiskMountManager::MountPointInfo mount_info( | 1067 DiskMountManager::MountPointInfo mount_info( |
| 1047 gdata::util::GetGDataMountPointPathAsString(), | 1068 gdata::util::GetGDataMountPointPathAsString(), |
| 1048 gdata::util::GetGDataMountPointPathAsString(), | 1069 gdata::util::GetGDataMountPointPathAsString(), |
| 1049 chromeos::MOUNT_TYPE_GDATA, | 1070 chromeos::MOUNT_TYPE_GDATA, |
| 1050 chromeos::disks::MOUNT_CONDITION_NONE); | 1071 chromeos::disks::MOUNT_CONDITION_NONE); |
| (...skipping 802 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1853 source_url_.GetOrigin(), | 1874 source_url_.GetOrigin(), |
| 1854 &file_url)) { | 1875 &file_url)) { |
| 1855 result->SetString("fileUrl", file_url.spec()); | 1876 result->SetString("fileUrl", file_url.spec()); |
| 1856 } | 1877 } |
| 1857 | 1878 |
| 1858 responses->Append(result.release()); | 1879 responses->Append(result.release()); |
| 1859 } | 1880 } |
| 1860 result_.reset(responses.release()); | 1881 result_.reset(responses.release()); |
| 1861 SendResponse(true); | 1882 SendResponse(true); |
| 1862 } | 1883 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9808023:
Grant file access permissions for cached file paths to file browsers/handlers. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src