services/network/public/cpp/cors/origin_access_list.h - chromium/src - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_
 #define SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_

 #include <map>
 #include <string>
 #include <vector>

 #include "base/component_export.h"
 #include "base/macros.h"
 #include "services/network/public/cpp/cors/origin_access_entry.h"
 #include "services/network/public/mojom/cors_origin_pattern.mojom-shared.h"
 #include "url/origin.h"

 namespace network {

 namespace mojom {
 class CorsOriginPattern;
 class CorsOriginAccessPatterns;
 }  // namespace mojom

 namespace cors {

 // A class to manage origin access allow / block lists. If these lists conflict,
 // blacklisting is respected. These lists are managed per source-origin basis.
 class COMPONENT_EXPORT(NETWORK_CPP) OriginAccessList {
  public:
   using CorsOriginPatternPtr = mojo::InlinedStructPtr<mojom::CorsOriginPattern>;

   OriginAccessList();
   ~OriginAccessList();

   // Clears the old allow list for |source_origin|, and set |patterns| to the
   // allow list. When two or more patterns in a list match, the entry with the
   // higher |priority| takes precedence.
   void SetAllowListForOrigin(const url::Origin& source_origin,
                              const std::vector<CorsOriginPatternPtr>& patterns);

   // Adds an access pattern by |protocol|, |domain|, |mode|, and |priority|,
   // to the allow list for |source_origin|.
   void AddAllowListEntryForOrigin(
       const url::Origin& source_origin,
       const std::string& protocol,
       const std::string& domain,
       const mojom::CorsOriginAccessMatchMode mode,
       const mojom::CorsOriginAccessMatchPriority priority);

   // Clears the old allow list for |source_origin|.
   void ClearAllowListForOrigin(const url::Origin& source_origin);

   // Clears the old allow list.
   void ClearAllowList();

   // Clears the old block list for |source_origin| and set |patterns| to the
   // block list. When two or more patterns in a list match, the entry with the
   // higher |priority| takes precedence.
   void SetBlockListForOrigin(const url::Origin& source_origin,
                              const std::vector<CorsOriginPatternPtr>& patterns);

   // Adds an access pattern by |protocol|, |domain|, |mode|, and |priority|,
   // to the block list for |source_origin|.
   void AddBlockListEntryForOrigin(
       const url::Origin& source_origin,
       const std::string& protocol,
       const std::string& domain,
       const mojom::CorsOriginAccessMatchMode mode,
       const mojom::CorsOriginAccessMatchPriority priority);

   // Clears the old block list for |source_origin|.
   void ClearBlockListForOrigin(const url::Origin& source_origin);

   // Clears the old block list.
   void ClearBlockList();

   // Returns true if |destination| is in the allow list, and not in the block
   // list of the |source_origin|.
   bool IsAllowed(const url::Origin& source_origin,
                  const GURL& destination) const;

   // Creates mojom::CorsPriginAccessPatterns instance vector that represents
   // |this| OriginAccessList instance.
   std::vector<mojo::StructPtr<mojom::CorsOriginAccessPatterns>>
   CreateCorsOriginAccessPatternsList() const;

  private:
   using Patterns = std::vector<OriginAccessEntry>;
   using PatternMap = std::map<std::string, Patterns>;

   static void SetForOrigin(const url::Origin& source_origin,
                            const std::vector<CorsOriginPatternPtr>& patterns,
                            PatternMap* map);
   static void AddForOrigin(const url::Origin& source_origin,
                            const CorsOriginPatternPtr& pattern,
                            PatternMap* map);
   static mojom::CorsOriginAccessMatchPriority GetHighestPriorityOfRuleForOrigin(
       const std::string& source,
       const url::Origin& destination_origin,
       const PatternMap& map);

   // TODO(toyoshim): Redesign to have an unified map to be consistent with
   // mojom::CorsOriginAccessPatterns. See https://crbug.com/908756.
   PatternMap allow_list_;
   PatternMap block_list_;

   DISALLOW_COPY_AND_ASSIGN(OriginAccessList);
 };

 }  // namespace cors

 }  // namespace network

 #endif  // SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_
	#define SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_

	#include <map>
	#include <string>
	#include <vector>

	#include "base/component_export.h"
	#include "base/macros.h"
	#include "services/network/public/cpp/cors/origin_access_entry.h"
	#include "services/network/public/mojom/cors_origin_pattern.mojom-shared.h"
	#include "url/origin.h"

	namespace network {

	namespace mojom {
	class CorsOriginPattern;
	class CorsOriginAccessPatterns;
	} // namespace mojom

	namespace cors {

	// A class to manage origin access allow / block lists. If these lists conflict,
	// blacklisting is respected. These lists are managed per source-origin basis.
	class COMPONENT_EXPORT(NETWORK_CPP) OriginAccessList {
	public:
	using CorsOriginPatternPtr = mojo::InlinedStructPtr<mojom::CorsOriginPattern>;

	OriginAccessList();
	~OriginAccessList();

	// Clears the old allow list for \|source_origin\|, and set \|patterns\| to the
	// allow list. When two or more patterns in a list match, the entry with the
	// higher \|priority\| takes precedence.
	void SetAllowListForOrigin(const url::Origin& source_origin,
	const std::vector<CorsOriginPatternPtr>& patterns);

	// Adds an access pattern by \|protocol\|, \|domain\|, \|mode\|, and \|priority\|,
	// to the allow list for \|source_origin\|.
	void AddAllowListEntryForOrigin(
	const url::Origin& source_origin,
	const std::string& protocol,
	const std::string& domain,
	const mojom::CorsOriginAccessMatchMode mode,
	const mojom::CorsOriginAccessMatchPriority priority);

	// Clears the old allow list for \|source_origin\|.
	void ClearAllowListForOrigin(const url::Origin& source_origin);

	// Clears the old allow list.
	void ClearAllowList();

	// Clears the old block list for \|source_origin\| and set \|patterns\| to the
	// block list. When two or more patterns in a list match, the entry with the
	// higher \|priority\| takes precedence.
	void SetBlockListForOrigin(const url::Origin& source_origin,
	const std::vector<CorsOriginPatternPtr>& patterns);

	// Adds an access pattern by \|protocol\|, \|domain\|, \|mode\|, and \|priority\|,
	// to the block list for \|source_origin\|.
	void AddBlockListEntryForOrigin(
	const url::Origin& source_origin,
	const std::string& protocol,
	const std::string& domain,
	const mojom::CorsOriginAccessMatchMode mode,
	const mojom::CorsOriginAccessMatchPriority priority);

	// Clears the old block list for \|source_origin\|.
	void ClearBlockListForOrigin(const url::Origin& source_origin);

	// Clears the old block list.
	void ClearBlockList();

	// Returns true if \|destination\| is in the allow list, and not in the block
	// list of the \|source_origin\|.
	bool IsAllowed(const url::Origin& source_origin,
	const GURL& destination) const;

	// Creates mojom::CorsPriginAccessPatterns instance vector that represents
	// \|this\| OriginAccessList instance.
	std::vector<mojo::StructPtr<mojom::CorsOriginAccessPatterns>>
	CreateCorsOriginAccessPatternsList() const;

	private:
	using Patterns = std::vector<OriginAccessEntry>;
	using PatternMap = std::map<std::string, Patterns>;

	static void SetForOrigin(const url::Origin& source_origin,
	const std::vector<CorsOriginPatternPtr>& patterns,
	PatternMap* map);
	static void AddForOrigin(const url::Origin& source_origin,
	const CorsOriginPatternPtr& pattern,
	PatternMap* map);
	static mojom::CorsOriginAccessMatchPriority GetHighestPriorityOfRuleForOrigin(
	const std::string& source,
	const url::Origin& destination_origin,
	const PatternMap& map);

	// TODO(toyoshim): Redesign to have an unified map to be consistent with
	// mojom::CorsOriginAccessPatterns. See https://crbug.com/908756.
	PatternMap allow_list_;
	PatternMap block_list_;

	DISALLOW_COPY_AND_ASSIGN(OriginAccessList);
	};

	} // namespace cors

	} // namespace network

	#endif // SERVICES_NETWORK_PUBLIC_CPP_CORS_ORIGIN_ACCESS_LIST_H_