Battery Status API: add UMA logging for Linux.
[chromium-blink-merge.git] / content / browser / renderer_host / pepper / pepper_security_helper.cc
blob3bb92bf8b482bad43ac4ab95b0caa15ca8c5ed87
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/browser/renderer_host/pepper/pepper_security_helper.h"
7 #include "base/logging.h"
8 #include "content/browser/child_process_security_policy_impl.h"
9 #include "ppapi/c/ppb_file_io.h"
11 namespace content {
13 namespace {
15 template <typename CanRead,
16 typename CanWrite,
17 typename CanCreate,
18 typename CanCreateReadWrite,
19 typename FileID>
20 bool CanOpenFileWithPepperFlags(CanRead can_read,
21 CanWrite can_write,
22 CanCreate can_create,
23 CanCreateReadWrite can_create_read_write,
24 int pp_open_flags,
25 int child_id,
26 const FileID& file) {
27 ChildProcessSecurityPolicyImpl* policy =
28 ChildProcessSecurityPolicyImpl::GetInstance();
30 bool pp_read = !!(pp_open_flags & PP_FILEOPENFLAG_READ);
31 bool pp_write = !!(pp_open_flags & PP_FILEOPENFLAG_WRITE);
32 bool pp_create = !!(pp_open_flags & PP_FILEOPENFLAG_CREATE);
33 bool pp_truncate = !!(pp_open_flags & PP_FILEOPENFLAG_TRUNCATE);
34 bool pp_exclusive = !!(pp_open_flags & PP_FILEOPENFLAG_EXCLUSIVE);
35 bool pp_append = !!(pp_open_flags & PP_FILEOPENFLAG_APPEND);
37 if (pp_read && !(policy->*can_read)(child_id, file))
38 return false;
40 if (pp_write && !(policy->*can_write)(child_id, file))
41 return false;
43 // TODO(tommycli): Maybe tighten up required permission. crbug.com/284792
44 if (pp_append && !(policy->*can_create_read_write)(child_id, file))
45 return false;
47 if (pp_truncate && !pp_write)
48 return false;
50 if (pp_create) {
51 if (pp_exclusive) {
52 return (policy->*can_create)(child_id, file);
53 } else {
54 // Asks for too much, but this is the only grant that allows overwrite.
55 return (policy->*can_create_read_write)(child_id, file);
57 } else if (pp_truncate) {
58 return (policy->*can_create_read_write)(child_id, file);
61 return true;
65 bool CanOpenWithPepperFlags(int pp_open_flags,
66 int child_id,
67 const base::FilePath& file) {
68 return CanOpenFileWithPepperFlags(
69 &ChildProcessSecurityPolicyImpl::CanReadFile,
70 &ChildProcessSecurityPolicyImpl::CanCreateReadWriteFile,
71 &ChildProcessSecurityPolicyImpl::CanCreateReadWriteFile,
72 &ChildProcessSecurityPolicyImpl::CanCreateReadWriteFile,
73 pp_open_flags,
74 child_id,
75 file);
78 bool CanOpenFileSystemURLWithPepperFlags(int pp_open_flags,
79 int child_id,
80 const storage::FileSystemURL& url) {
81 return CanOpenFileWithPepperFlags(
82 &ChildProcessSecurityPolicyImpl::CanReadFileSystemFile,
83 &ChildProcessSecurityPolicyImpl::CanWriteFileSystemFile,
84 &ChildProcessSecurityPolicyImpl::CanCreateFileSystemFile,
85 &ChildProcessSecurityPolicyImpl::CanCreateReadWriteFileSystemFile,
86 pp_open_flags,
87 child_id,
88 url);
91 } // namespace content