Google Git
Sign in
chromium / chromium / src.git / c00db861aebca3b14ab27a41c7425bedcbd81ae4 / . / content / browser / fileapi / browser_file_system_helper_unittest.cc
blob: 1b0cff4dbf940610412d0f0dbb52ea7be7d0fa31 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <memory>
#include <string>
#include <vector>
#include "base/files/file_path.h"
#include "base/files/scoped_temp_dir.h"
#include "base/single_thread_task_runner.h"
#include "base/test/null_task_runner.h"
#include "content/browser/child_process_security_policy_impl.h"
#include "content/browser/fileapi/browser_file_system_helper.h"
#include "content/public/common/drop_data.h"
#include "net/base/filename_util.h"
#include "storage/browser/fileapi/external_mount_points.h"
#include "storage/browser/fileapi/file_system_options.h"
#include "storage/browser/fileapi/file_system_url.h"
#include "storage/browser/fileapi/isolated_context.h"
#include "storage/common/fileapi/file_system_types.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
#include "url/origin.h"
namespace content {
namespace browser_file_system_helper_unittest {
const int kRendererID = 42;
TEST(BrowserFileSystemHelperTest,
PrepareDropDataForChildProcess_FileSystemFiles) {
base::ScopedTempDir temp_dir;
ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
ChildProcessSecurityPolicyImpl* p =
ChildProcessSecurityPolicyImpl::GetInstance();
p->Add(kRendererID);
// Prepare |original_file| FileSystemURL that comes from a |sensitive_origin|.
// This attempts to simulate for unit testing the drive URL from
// https://crbug.com/705295#c23.
const GURL kSensitiveOrigin("chrome://hhaomjibdihmijegdhdafkllkbggdgoj/");
const char kMountName[] = "drive-testuser%40gmail.com-hash";
const base::FilePath kTestPath(FILE_PATH_LITERAL("root/dir/testfile.jpg"));
base::FilePath mount_path = temp_dir.GetPath().AppendASCII(kMountName);
scoped_refptr<storage::ExternalMountPoints> external_mount_points =
storage::ExternalMountPoints::CreateRefCounted();
EXPECT_TRUE(external_mount_points->RegisterFileSystem(
kMountName, storage::FileSystemType::kFileSystemTypeTest,
storage::FileSystemMountOption(), mount_path));
storage::FileSystemURL original_file =
external_mount_points->CreateExternalFileSystemURL(kSensitiveOrigin,
kMountName, kTestPath);
EXPECT_TRUE(original_file.is_valid());
EXPECT_EQ(kSensitiveOrigin, original_file.origin());
// Prepare fake FileSystemContext to use in the test.
scoped_refptr<base::SingleThreadTaskRunner> io_task_runner(
new base::NullTaskRunner);
scoped_refptr<base::SequencedTaskRunner> file_task_runner(
new base::NullTaskRunner);
storage::FileSystemOptions file_system_options(
storage::FileSystemOptions::PROFILE_MODE_NORMAL,
false /* force_in_memory */, std::vector<std::string>());
scoped_refptr<storage::FileSystemContext> test_file_system_context(
new storage::FileSystemContext(
io_task_runner.get(), file_task_runner.get(),
external_mount_points.get(),
nullptr, // special_storage_policy
nullptr, // quota_manager_proxy,
std::vector<std::unique_ptr<storage::FileSystemBackend>>(),
std::vector<storage::URLRequestAutoMountHandler>(),
base::FilePath(), // partition_path
file_system_options));
// Prepare content::DropData containing |file_system_url|.
DropData::FileSystemFileInfo filesystem_file_info;
filesystem_file_info.url = original_file.ToGURL();
filesystem_file_info.size = 123;
filesystem_file_info.filesystem_id = original_file.filesystem_id();
DropData drop_data;
drop_data.file_system_files.push_back(filesystem_file_info);
// Verify that initially no access is be granted to the |kSensitiveOrigin|.
EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
// Verify that initially no access is granted to the |original_file|.
EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
// Invoke the API under test to grant access to |drop_data|.
PrepareDropDataForChildProcess(&drop_data, p, kRendererID,
test_file_system_context.get());
// Verify that |drop_data| is mostly unchanged.
EXPECT_EQ(0u, drop_data.filenames.size());
EXPECT_EQ(1u, drop_data.file_system_files.size());
EXPECT_EQ(123, drop_data.file_system_files[0].size);
// It is okay if |drop_data.file_system_files[0].url| and
// |drop_data.file_system_files[0].filesystem_id| change (to aid in enforcing
// proper access patterns that are verified below).
// Verify that the URL didn't change *too* much.
storage::FileSystemURL dropped_file =
test_file_system_context->CrackURL(drop_data.file_system_files[0].url);
EXPECT_TRUE(dropped_file.is_valid());
EXPECT_EQ(original_file.origin(), dropped_file.origin());
EXPECT_EQ(original_file.path().BaseName(), dropped_file.path().BaseName());
// Verify that there is still no access to |kSensitiveOrigin|.
EXPECT_FALSE(p->CanCommitURL(kRendererID, kSensitiveOrigin));
// Verify that there is still no access to |original_file|.
EXPECT_FALSE(p->CanReadFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, original_file));
EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, original_file));
// Verify that read access (and no other access) is granted for
// |dropped_file|.
EXPECT_TRUE(p->CanReadFileSystemFile(kRendererID, dropped_file));
EXPECT_FALSE(p->CanWriteFileSystemFile(kRendererID, dropped_file));
EXPECT_FALSE(p->CanCreateFileSystemFile(kRendererID, dropped_file));
EXPECT_FALSE(p->CanCopyIntoFileSystemFile(kRendererID, dropped_file));
EXPECT_FALSE(p->CanDeleteFileSystemFile(kRendererID, dropped_file));
p->Remove(kRendererID);
}
TEST(BrowserFileSystemHelperTest, PrepareDropDataForChildProcess_LocalFiles) {
base::ScopedTempDir temp_dir;
ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
ChildProcessSecurityPolicyImpl* p =
ChildProcessSecurityPolicyImpl::GetInstance();
p->Add(kRendererID);
// Prepare content::DropData containing some local files.
const base::FilePath kDraggedFile =
temp_dir.GetPath().AppendASCII("dragged_file.txt");
const base::FilePath kOtherFile =
temp_dir.GetPath().AppendASCII("other_file.txt");
DropData drop_data;
drop_data.filenames.push_back(ui::FileInfo(kDraggedFile, base::FilePath()));
// Verify that initially no access is granted to both |kDraggedFile| and
// |kOtherFile|.
EXPECT_FALSE(p->CanReadFile(kRendererID, kDraggedFile));
EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
EXPECT_FALSE(
p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
EXPECT_FALSE(
p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
// Invoke the API under test to grant access to |drop_data|.
PrepareDropDataForChildProcess(&drop_data, p, kRendererID, nullptr);
// Verify that |drop_data| is unchanged.
EXPECT_EQ(0u, drop_data.file_system_files.size());
EXPECT_EQ(1u, drop_data.filenames.size());
EXPECT_EQ(kDraggedFile, drop_data.filenames[0].path);
// Verify that read access (and no other access) is granted for
// |kDraggedFile|.
EXPECT_TRUE(p->CanReadFile(kRendererID, kDraggedFile));
EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kDraggedFile));
EXPECT_TRUE(
p->CanCommitURL(kRendererID, net::FilePathToFileURL(kDraggedFile)));
// Verify that there is still no access for |kOtherFile|.
EXPECT_FALSE(p->CanReadFile(kRendererID, kOtherFile));
EXPECT_FALSE(p->CanCreateReadWriteFile(kRendererID, kOtherFile));
EXPECT_FALSE(
p->CanCommitURL(kRendererID, net::FilePathToFileURL(kOtherFile)));
p->Remove(kRendererID);
}
} // namespace browser_file_system_helper_unittest
} // namespace content