• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "content/browser/fileapi/browser_file_system_helper.h"
6 
7 #include <string>
8 #include <vector>
9 
10 #include "base/command_line.h"
11 #include "base/files/file_path.h"
12 #include "base/sequenced_task_runner.h"
13 #include "base/threading/sequenced_worker_pool.h"
14 #include "content/browser/child_process_security_policy_impl.h"
15 #include "content/public/browser/browser_context.h"
16 #include "content/public/browser/browser_thread.h"
17 #include "content/public/browser/content_browser_client.h"
18 #include "content/public/common/content_client.h"
19 #include "content/public/common/content_switches.h"
20 #include "content/public/common/url_constants.h"
21 #include "webkit/browser/fileapi/external_mount_points.h"
22 #include "webkit/browser/fileapi/file_permission_policy.h"
23 #include "webkit/browser/fileapi/file_system_backend.h"
24 #include "webkit/browser/fileapi/file_system_operation_runner.h"
25 #include "webkit/browser/fileapi/file_system_options.h"
26 #include "webkit/browser/quota/quota_manager.h"
27 
28 namespace content {
29 
30 namespace {
31 
32 using fileapi::FileSystemOptions;
33 
CreateBrowserFileSystemOptions(bool is_incognito)34 FileSystemOptions CreateBrowserFileSystemOptions(bool is_incognito) {
35   FileSystemOptions::ProfileMode profile_mode =
36       is_incognito ? FileSystemOptions::PROFILE_MODE_INCOGNITO
37                    : FileSystemOptions::PROFILE_MODE_NORMAL;
38   std::vector<std::string> additional_allowed_schemes;
39   GetContentClient()->browser()->GetAdditionalAllowedSchemesForFileSystem(
40       &additional_allowed_schemes);
41   if (CommandLine::ForCurrentProcess()->HasSwitch(
42           switches::kAllowFileAccessFromFiles)) {
43     additional_allowed_schemes.push_back(chrome::kFileScheme);
44   }
45   return FileSystemOptions(profile_mode, additional_allowed_schemes);
46 }
47 
48 }  // namespace
49 
CreateFileSystemContext(BrowserContext * browser_context,const base::FilePath & profile_path,bool is_incognito,quota::QuotaManagerProxy * quota_manager_proxy)50 scoped_refptr<fileapi::FileSystemContext> CreateFileSystemContext(
51     BrowserContext* browser_context,
52     const base::FilePath& profile_path,
53     bool is_incognito,
54     quota::QuotaManagerProxy* quota_manager_proxy) {
55 
56   base::SequencedWorkerPool* pool = content::BrowserThread::GetBlockingPool();
57   scoped_refptr<base::SequencedTaskRunner> file_task_runner =
58       pool->GetSequencedTaskRunnerWithShutdownBehavior(
59           pool->GetNamedSequenceToken("FileAPI"),
60           base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
61 
62   // Setting up additional filesystem backends.
63   ScopedVector<fileapi::FileSystemBackend> additional_backends;
64   GetContentClient()->browser()->GetAdditionalFileSystemBackends(
65       browser_context,
66       profile_path,
67       &additional_backends);
68 
69   scoped_refptr<fileapi::FileSystemContext> file_system_context =
70       new fileapi::FileSystemContext(
71           BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO).get(),
72           file_task_runner.get(),
73           BrowserContext::GetMountPoints(browser_context),
74           browser_context->GetSpecialStoragePolicy(),
75           quota_manager_proxy,
76           additional_backends.Pass(),
77           profile_path,
78           CreateBrowserFileSystemOptions(is_incognito));
79 
80   std::vector<fileapi::FileSystemType> types;
81   file_system_context->GetFileSystemTypes(&types);
82   for (size_t i = 0; i < types.size(); ++i) {
83     ChildProcessSecurityPolicyImpl::GetInstance()->
84         RegisterFileSystemPermissionPolicy(
85             types[i],
86             fileapi::FileSystemContext::GetPermissionPolicy(types[i]));
87   }
88 
89   return file_system_context;
90 }
91 
FileSystemURLIsValid(fileapi::FileSystemContext * context,const fileapi::FileSystemURL & url)92 bool FileSystemURLIsValid(
93     fileapi::FileSystemContext* context,
94     const fileapi::FileSystemURL& url) {
95   if (!url.is_valid())
96     return false;
97 
98   return context->GetFileSystemBackend(url.type()) != NULL;
99 }
100 
SyncGetPlatformPath(fileapi::FileSystemContext * context,int process_id,const GURL & path,base::FilePath * platform_path)101 void SyncGetPlatformPath(fileapi::FileSystemContext* context,
102                          int process_id,
103                          const GURL& path,
104                          base::FilePath* platform_path) {
105   DCHECK(context->default_file_task_runner()->
106          RunsTasksOnCurrentThread());
107   DCHECK(platform_path);
108   *platform_path = base::FilePath();
109   fileapi::FileSystemURL url(context->CrackURL(path));
110   if (!FileSystemURLIsValid(context, url))
111     return;
112 
113   // Make sure if this file is ok to be read (in the current architecture
114   // which means roughly same as the renderer is allowed to get the platform
115   // path to the file).
116   ChildProcessSecurityPolicyImpl* policy =
117       ChildProcessSecurityPolicyImpl::GetInstance();
118   if (!policy->CanReadFileSystemFile(process_id, url))
119     return;
120 
121   context->operation_runner()->SyncGetPlatformPath(url, platform_path);
122 
123   // The path is to be attached to URLLoader so we grant read permission
124   // for the file. (We need to check first because a parent directory may
125   // already have the permissions and we don't need to grant it to the file.)
126   if (!policy->CanReadFile(process_id, *platform_path))
127     policy->GrantReadFile(process_id, *platform_path);
128 }
129 
130 }  // namespace content
131