Home | History | Annotate | Download | only in fileapi 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "content/browser/fileapi/browser_file_system_helper.h"
      6 
      7 #include <string>
      8 #include <vector>
      9 
     10 #include "base/command_line.h"
     11 #include "base/files/file_path.h"
     12 #include "base/sequenced_task_runner.h"
     13 #include "base/threading/sequenced_worker_pool.h"
     14 #include "content/browser/child_process_security_policy_impl.h"
     15 #include "content/public/browser/browser_context.h"
     16 #include "content/public/browser/browser_thread.h"
     17 #include "content/public/browser/content_browser_client.h"
     18 #include "content/public/common/content_client.h"
     19 #include "content/public/common/content_switches.h"
     20 #include "content/public/common/url_constants.h"
     21 #include "webkit/browser/fileapi/external_mount_points.h"
     22 #include "webkit/browser/fileapi/file_permission_policy.h"
     23 #include "webkit/browser/fileapi/file_system_backend.h"
     24 #include "webkit/browser/fileapi/file_system_operation_runner.h"
     25 #include "webkit/browser/fileapi/file_system_options.h"
     26 #include "webkit/browser/quota/quota_manager.h"
     27 
     28 namespace content {
     29 
     30 namespace {
     31 
     32 using fileapi::FileSystemOptions;
     33 
     34 FileSystemOptions CreateBrowserFileSystemOptions(bool is_incognito) {
     35   FileSystemOptions::ProfileMode profile_mode =
     36       is_incognito ? FileSystemOptions::PROFILE_MODE_INCOGNITO
     37                    : FileSystemOptions::PROFILE_MODE_NORMAL;
     38   std::vector<std::string> additional_allowed_schemes;
     39   GetContentClient()->browser()->GetAdditionalAllowedSchemesForFileSystem(
     40       &additional_allowed_schemes);
     41   if (CommandLine::ForCurrentProcess()->HasSwitch(
     42           switches::kAllowFileAccessFromFiles)) {
     43     additional_allowed_schemes.push_back(chrome::kFileScheme);
     44   }
     45   return FileSystemOptions(profile_mode, additional_allowed_schemes);
     46 }
     47 
     48 }  // namespace
     49 
     50 scoped_refptr<fileapi::FileSystemContext> CreateFileSystemContext(
     51     BrowserContext* browser_context,
     52     const base::FilePath& profile_path,
     53     bool is_incognito,
     54     quota::QuotaManagerProxy* quota_manager_proxy) {
     55 
     56   base::SequencedWorkerPool* pool = content::BrowserThread::GetBlockingPool();
     57   scoped_refptr<base::SequencedTaskRunner> file_task_runner =
     58       pool->GetSequencedTaskRunnerWithShutdownBehavior(
     59           pool->GetNamedSequenceToken("FileAPI"),
     60           base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
     61 
     62   // Setting up additional filesystem backends.
     63   ScopedVector<fileapi::FileSystemBackend> additional_backends;
     64   GetContentClient()->browser()->GetAdditionalFileSystemBackends(
     65       browser_context,
     66       profile_path,
     67       &additional_backends);
     68 
     69   scoped_refptr<fileapi::FileSystemContext> file_system_context =
     70       new fileapi::FileSystemContext(
     71           BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO).get(),
     72           file_task_runner.get(),
     73           BrowserContext::GetMountPoints(browser_context),
     74           browser_context->GetSpecialStoragePolicy(),
     75           quota_manager_proxy,
     76           additional_backends.Pass(),
     77           profile_path,
     78           CreateBrowserFileSystemOptions(is_incognito));
     79 
     80   std::vector<fileapi::FileSystemType> types;
     81   file_system_context->GetFileSystemTypes(&types);
     82   for (size_t i = 0; i < types.size(); ++i) {
     83     ChildProcessSecurityPolicyImpl::GetInstance()->
     84         RegisterFileSystemPermissionPolicy(
     85             types[i],
     86             fileapi::FileSystemContext::GetPermissionPolicy(types[i]));
     87   }
     88 
     89   return file_system_context;
     90 }
     91 
     92 bool FileSystemURLIsValid(
     93     fileapi::FileSystemContext* context,
     94     const fileapi::FileSystemURL& url) {
     95   if (!url.is_valid())
     96     return false;
     97 
     98   return context->GetFileSystemBackend(url.type()) != NULL;
     99 }
    100 
    101 void SyncGetPlatformPath(fileapi::FileSystemContext* context,
    102                          int process_id,
    103                          const GURL& path,
    104                          base::FilePath* platform_path) {
    105   DCHECK(context->default_file_task_runner()->
    106          RunsTasksOnCurrentThread());
    107   DCHECK(platform_path);
    108   *platform_path = base::FilePath();
    109   fileapi::FileSystemURL url(context->CrackURL(path));
    110   if (!FileSystemURLIsValid(context, url))
    111     return;
    112 
    113   // Make sure if this file is ok to be read (in the current architecture
    114   // which means roughly same as the renderer is allowed to get the platform
    115   // path to the file).
    116   ChildProcessSecurityPolicyImpl* policy =
    117       ChildProcessSecurityPolicyImpl::GetInstance();
    118   if (!policy->CanReadFileSystemFile(process_id, url))
    119     return;
    120 
    121   context->operation_runner()->SyncGetPlatformPath(url, platform_path);
    122 
    123   // The path is to be attached to URLLoader so we grant read permission
    124   // for the file. (We need to check first because a parent directory may
    125   // already have the permissions and we don't need to grant it to the file.)
    126   if (!policy->CanReadFile(process_id, *platform_path))
    127     policy->GrantReadFile(process_id, *platform_path);
    128 }
    129 
    130 }  // namespace content
    131