storage/browser/file_system/file_system_context.h - chromium/src - Git at Google

 // Copyright 2012 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_
 #define STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_

 #include <stdint.h>

 #include <map>
 #include <memory>
 #include <string>
 #include <vector>

 #include "base/component_export.h"
 #include "base/containers/flat_set.h"
 #include "base/files/file.h"
 #include "base/functional/callback.h"
 #include "base/functional/callback_helpers.h"
 #include "base/memory/raw_ptr.h"
 #include "base/memory/ref_counted_delete_on_sequence.h"
 #include "base/memory/scoped_refptr.h"
 #include "base/memory/weak_ptr.h"
 #include "base/task/sequenced_task_runner_helpers.h"
 #include "base/threading/sequence_bound.h"
 #include "base/types/pass_key.h"
 #include "build/build_config.h"
 #include "components/file_access/scoped_file_access_delegate.h"
 #include "components/services/storage/public/cpp/quota_error_or.h"
 #include "components/services/storage/public/mojom/quota_client.mojom.h"
 #include "mojo/public/cpp/bindings/receiver.h"
 #include "storage/browser/file_system/file_system_request_info.h"
 #include "storage/browser/file_system/file_system_url.h"
 #include "storage/browser/file_system/open_file_system_mode.h"
 #include "storage/browser/file_system/task_runner_bound_observer_list.h"
 #include "storage/common/file_system/file_system_types.h"
 #include "third_party/blink/public/mojom/quota/quota_types.mojom-shared.h"
 #include "url/gurl.h"
 #include "url/origin.h"

 namespace base {
 class FilePath;
 class SequencedTaskRunner;
 class SingleThreadTaskRunner;
 }  // namespace base

 namespace blink {
 class StorageKey;
 }  // namespace blink

 namespace leveldb {
 class Env;
 }  // namespace leveldb

 namespace storage {

 class AsyncFileUtil;
 class CopyOrMoveFileValidatorFactory;
 class ExternalMountPoints;
 class FileStreamReader;
 class FileStreamWriter;
 class FileSystemBackend;
 class FileSystemOperation;
 class FileSystemOperationRunner;
 class FileSystemOptions;
 class FileSystemQuotaClient;
 class FileSystemQuotaUtil;
 class FileSystemURL;
 class IsolatedFileSystemBackend;
 class MountPoints;
 class QuotaClientCallbackWrapper;
 class QuotaManagerProxy;
 class QuotaReservation;
 class SandboxFileSystemBackend;
 class SandboxFileSystemBackendDelegate;
 class SpecialStoragePolicy;
 class WatcherManager;

 enum class OperationType;

 struct BucketInfo;
 struct FileSystemInfo;

 // An auto mount handler will attempt to mount the file system requested in
 // `request_info`. If the URL is for this auto mount handler, it returns true
 // and calls `callback` when the attempt is complete. If the auto mounter
 // does not recognize the URL, it returns false and does not call `callback`.
 // Called on the IO thread.
 using URLRequestAutoMountHandler = base::RepeatingCallback<bool(
     const FileSystemRequestInfo& request_info,
     const FileSystemURL& filesystem_url,
     base::OnceCallback<void(base::File::Error result)> callback)>;

 // This class keeps and provides a file system context for FileSystem API.
 // An instance of this class is created and owned by profile.
 class COMPONENT_EXPORT(STORAGE_BROWSER) FileSystemContext
     : public base::RefCountedDeleteOnSequence<FileSystemContext> {
  public:
   REQUIRE_ADOPTION_FOR_REFCOUNTED_TYPE();

   FileSystemContext() = delete;
   FileSystemContext(const FileSystemContext&) = delete;
   FileSystemContext& operator=(const FileSystemContext&) = delete;

   // Returns file permission policy we should apply for the given `type`.
   // The return value must be bitwise-or'd of FilePermissionPolicy.
   //
   // Note: if a part of a filesystem is returned via 'Isolated' mount point,
   // its per-filesystem permission overrides the underlying filesystem's
   // permission policy.
   static int GetPermissionPolicy(FileSystemType type);

   // file_task_runner is used as default TaskRunner.
   // Unless a FileSystemBackend is overridden in CreateFileSystemOperation,
   // it is used for all file operations and file related meta operations.
   // The code assumes that file_task_runner->RunsTasksInCurrentSequence()
   // returns false if the current task is not running on the sequence that
   // allows blocking file operations (like SequencedWorkerPool implementation
   // does).
   //
   // `external_mount_points` contains non-system external mount points available
   // in the context. If not nullptr, it will be used during URL cracking.
   // `external_mount_points` may be nullptr only on platforms different from
   // ChromeOS (i.e. platforms that don't use external_mount_point_provider).
   //
   // `additional_backends` are added to the internal backend map
   // to serve filesystem requests for non-regular types.
   // If none is given, this context only handles HTML5 Sandbox FileSystem
   // and Drag-and-drop Isolated FileSystem requests.
   //
   // `auto_mount_handlers` are used to resolve calls to
   // AttemptAutoMountForURLRequest. Only external filesystems are auto mounted
   // when a filesystem: URL request is made.
   static scoped_refptr<FileSystemContext> Create(
       scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
       scoped_refptr<base::SequencedTaskRunner> file_task_runner,
       scoped_refptr<ExternalMountPoints> external_mount_points,
       scoped_refptr<SpecialStoragePolicy> special_storage_policy,
       scoped_refptr<QuotaManagerProxy> quota_manager_proxy,
       std::vector<std::unique_ptr<FileSystemBackend>> additional_backends,
       const std::vector<URLRequestAutoMountHandler>& auto_mount_handlers,
       const base::FilePath& partition_path,
       const FileSystemOptions& options);

   // Exposed for base::MakeRefCounted(). Instances should be obtained from the
   // factory method Create().
   FileSystemContext(
       scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
       scoped_refptr<base::SequencedTaskRunner> file_task_runner,
       scoped_refptr<ExternalMountPoints> external_mount_points,
       scoped_refptr<SpecialStoragePolicy> special_storage_policy,
       scoped_refptr<QuotaManagerProxy> quota_manager_proxy,
       std::vector<std::unique_ptr<FileSystemBackend>> additional_backends,
       const std::vector<URLRequestAutoMountHandler>& auto_mount_handlers,
       const base::FilePath& partition_path,
       const FileSystemOptions& options,
       base::PassKey<FileSystemContext>);

   // Creates a new QuotaReservation for the given `storage_key` and `type`.
   // Returns nullptr if `type` does not support quota or reservation fails.
   // This should be run on `default_file_task_runner_` and the returned value
   // should be destroyed on the runner.
   scoped_refptr<QuotaReservation> CreateQuotaReservationOnFileTaskRunner(
       const blink::StorageKey& storage_key,
       FileSystemType type);

   const scoped_refptr<QuotaManagerProxy>& quota_manager_proxy() const {
     return quota_manager_proxy_;
   }

   // Discards inflight operations in the operation runner.
   void Shutdown();

   // Returns a quota util for a given filesystem type.  This may
   // return nullptr if the type does not support the usage tracking or
   // it is not a quota-managed storage.
   FileSystemQuotaUtil* GetQuotaUtil(FileSystemType type) const;

   // Returns the appropriate AsyncFileUtil instance for the given `type`.
   AsyncFileUtil* GetAsyncFileUtil(FileSystemType type) const;

   // Returns the appropriate CopyOrMoveFileValidatorFactory for the given
   // `type`.  If `error_code` is File::FILE_OK and the result is nullptr,
   // then no validator is required.
   CopyOrMoveFileValidatorFactory* GetCopyOrMoveFileValidatorFactory(
       FileSystemType type,
       base::File::Error* error_code) const;

   // Returns the file system backend instance for the given `type`.
   // This may return nullptr if it is given an invalid or unsupported filesystem
   // type.
   FileSystemBackend* GetFileSystemBackend(FileSystemType type) const;

   // Returns the watcher manager for the given `type`.
   // This may return nullptr if the type does not support watching.
   WatcherManager* GetWatcherManager(FileSystemType type) const;

   // Returns true for sandboxed filesystems. Currently this does
   // the same as GetQuotaUtil(type) != nullptr. (In an assumption that
   // all sandboxed filesystems must cooperate with QuotaManager so that
   // they can get deleted)
   bool IsSandboxFileSystem(FileSystemType type) const;

   // Returns observers for the given filesystem type.
   const UpdateObserverList* GetUpdateObservers(FileSystemType type) const;
   const ChangeObserverList* GetChangeObservers(FileSystemType type) const;
   const AccessObserverList* GetAccessObservers(FileSystemType type) const;

   // Returns all registered filesystem types.
   std::vector<FileSystemType> GetFileSystemTypes() const;

   // Used for OpenFileSystem.
   using OpenFileSystemCallback =
       base::OnceCallback<void(const FileSystemURL& root_url,
                               const std::string& name,
                               base::File::Error result)>;

   // Used for ResolveURL.
   enum ResolvedEntryType {
     RESOLVED_ENTRY_FILE,
     RESOLVED_ENTRY_DIRECTORY,
     RESOLVED_ENTRY_NOT_FOUND,
   };
   using ResolveURLCallback =
       base::OnceCallback<void(base::File::Error result,
                               const FileSystemInfo& info,
                               const base::FilePath& file_path,
                               ResolvedEntryType type)>;

   // Used for DeleteFileSystem.
   using StatusCallback = base::OnceCallback<void(base::File::Error result)>;

   // Opens the filesystem for the given `storage_key` and `type`, and dispatches
   // `callback` on completion.
   // If `create` is true this may actually set up a filesystem instance
   // (e.g. by creating the root directory or initializing the database
   // entry etc).
   // Provide a non-null BucketLocator to override the default storage bucket
   // for the root URL (which will be propagated to child URLs).
   void OpenFileSystem(const blink::StorageKey& storage_key,
                       const std::optional<storage::BucketLocator>& bucket,
                       FileSystemType type,
                       OpenFileSystemMode mode,
                       OpenFileSystemCallback callback);

   // Opens the filesystem for the given `url` as read-only, if the filesystem
   // backend referred by the URL allows opening by resolveURL. Otherwise it
   // fails with FILE_ERROR_SECURITY. The entry pointed by the URL can be
   // absent; in that case RESOLVED_ENTRY_NOT_FOUND type is returned to the
   // callback for indicating the absence. Can be called from any thread with
   // a message loop. `callback` is invoked on the caller thread.
   void ResolveURL(const FileSystemURL& url, ResolveURLCallback callback);

   // Attempts to mount the filesystem needed to satisfy `request_info` made from
   // `request_info.storage_domain_`. If an appropriate file system is not found,
   // callback will return an error.
   void AttemptAutoMountForURLRequest(const FileSystemRequestInfo& request_info,
                                      StatusCallback callback);

   // Deletes the filesystem for the given `storage_key` and `type`. This should
   // be called on the IO thread.
   void DeleteFileSystem(const blink::StorageKey& storage_key,
                         FileSystemType type,
                         StatusCallback callback);

   // Creates new FileStreamReader instance to read a file pointed by the given
   // filesystem URL `url` starting from `offset`. `expected_modification_time`
   // specifies the expected last modification if the value is non-null, the
   // reader will check the underlying file's actual modification time to see if
   // the file has been modified, and if it does any succeeding read operations
   // should fail with ERR_UPLOAD_FILE_CHANGED error.
   // This method internally cracks the `url`, get an appropriate
   // FileSystemBackend for the URL and call the backend's CreateFileReader.
   // The resolved FileSystemBackend could perform further specialization
   // depending on the filesystem type pointed by the `url`.
   // At most `max_bytes_to_read` can be fetched from the file stream reader.
   std::unique_ptr<FileStreamReader> CreateFileStreamReader(
       const FileSystemURL& url,
       int64_t offset,
       int64_t max_bytes_to_read,
       const base::Time& expected_modification_time,
       file_access::ScopedFileAccessDelegate::RequestFilesAccessIOCallback
           file_access = base::NullCallback());

   // Creates new FileStreamWriter instance to write into a file pointed by
   // `url` from `offset`.
   std::unique_ptr<FileStreamWriter> CreateFileStreamWriter(
       const FileSystemURL& url,
       int64_t offset);

   // Creates a new FileSystemOperationRunner. Callers have to make sure that
   // this FileSystemContext outlives the returned FileSystemOperationRunner.
   // This must be called on the IO thread.
   std::unique_ptr<FileSystemOperationRunner> CreateFileSystemOperationRunner();

   // Similar to above, but this method can be called on any thread.
   base::SequenceBound<FileSystemOperationRunner>
   CreateSequenceBoundFileSystemOperationRunner();

   base::SequencedTaskRunner* default_file_task_runner() {
     return default_file_task_runner_.get();
   }

   FileSystemOperationRunner* operation_runner() {
     return operation_runner_.get();
   }

   const base::FilePath& partition_path() const { return partition_path_; }

   // Same as `CrackFileSystemURL`, but cracks FileSystemURL created from `url`
   // and `storage_key`.
   FileSystemURL CrackURL(const GURL& url,
                          const blink::StorageKey& storage_key) const;

   // Same as `CrackFileSystemURL`, but cracks FileSystemURL created from `url`
   // and a blink::StorageKey it derives from `url`. Note: never use this
   // function to crack URLs received from web contents. For all web-exposed
   // URLs, use the CrackURL function above and pass in the StorageKey of the
   // frame or worker that provided the URL.
   FileSystemURL CrackURLInFirstPartyContext(const GURL& url) const;

   // Same as `CrackFileSystemURL`, but cracks FileSystemURL created from method
   // arguments.
   FileSystemURL CreateCrackedFileSystemURL(const blink::StorageKey& storage_key,
                                            FileSystemType type,
                                            const base::FilePath& path) const;

   SandboxFileSystemBackendDelegate* sandbox_delegate() {
     return sandbox_delegate_.get();
   }

   // Returns true if the requested url is ok to be served.
   // (E.g. this returns false if the context is created for incognito mode)
   bool CanServeURLRequest(const FileSystemURL& url) const;

   bool is_incognito() { return is_incognito_; }

   void ResolveURLOnOpenFileSystemForTesting(
       const blink::StorageKey& storage_key,
       const std::optional<storage::BucketLocator>& bucket,
       FileSystemType type,
       OpenFileSystemMode mode,
       OpenFileSystemCallback callback) {
     ResolveURLOnOpenFileSystem(storage_key, bucket, type, mode,
                                std::move(callback));
   }

  private:
   // For CreateFileSystemOperation.
   friend class FileSystemOperationRunner;

   // For sandbox_backend().
   friend class SandboxFileSystemTestHelper;

   // Deleters.
   friend class base::DeleteHelper<FileSystemContext>;
   friend class base::RefCountedDeleteOnSequence<FileSystemContext>;
   ~FileSystemContext();

   // Must be called after creating the FileSystemContext.
   void Initialize();

   // Creates a new FileSystemOperation instance by getting an appropriate
   // FileSystemBackend for `url` and calling the backend's corresponding
   // CreateFileSystemOperation method.
   // The resolved FileSystemBackend could perform further specialization
   // depending on the filesystem type pointed by the `url`.
   //
   // Called by FileSystemOperationRunner.
   std::unique_ptr<FileSystemOperation> CreateFileSystemOperation(
       OperationType type,
       const FileSystemURL& url,
       base::File::Error* error_code);

   // For non-cracked isolated and external mount points, returns a FileSystemURL
   // created by cracking `url`. The url is cracked using MountPoints registered
   // as `url_crackers_`. If the url cannot be cracked, returns invalid
   // FileSystemURL.
   //
   // If the original url does not point to an isolated or external filesystem,
   // returns the original url, without attempting to crack it.
   FileSystemURL CrackFileSystemURL(const FileSystemURL& url) const;

   // For initial backend_map construction. This must be called only from
   // the constructor.
   void RegisterBackend(FileSystemBackend* backend);

   void DidOpenFileSystemForResolveURL(const FileSystemURL& url,
                                       ResolveURLCallback callback,
                                       const GURL& filesystem_root,
                                       const std::string& filesystem_name,
                                       base::File::Error error);
   void OnGetBucketForDeleteFileSystem(FileSystemType type,
                                       StatusCallback callback,
                                       QuotaErrorOr<BucketInfo> result);
   // OnGetOrCreateBucket is the callback for calling
   // QuotaManagerProxy::GetOrCreateDefault.
   void OnGetOrCreateBucket(const blink::StorageKey& storage_key,
                            FileSystemType type,
                            OpenFileSystemMode mode,
                            OpenFileSystemCallback callback,
                            QuotaErrorOr<BucketInfo> result);
   // ResolveURLOnOpenFileSystem is called, either by OnGetOrCreateBucket
   // on successful bucket creation, or (tests onlyh) by OpenFileSystem
   // directly in the absence of a quota manager.
   // `bucket` will be populated if the non-default storage bucket was used.
   void ResolveURLOnOpenFileSystem(
       const blink::StorageKey& storage_key,
       const std::optional<storage::BucketLocator>& bucket,
       FileSystemType type,
       OpenFileSystemMode mode,
       OpenFileSystemCallback callback);
   void DidResolveURLOnOpenFileSystem(const FileSystemURL& filesystem_root_url,
                                      OpenFileSystemCallback callback,
                                      const GURL& filesystem_root,
                                      const std::string& filesystem_name,
                                      base::File::Error error);

   // Returns a FileSystemBackend, used only by test code.
   SandboxFileSystemBackend* sandbox_backend() const {
     return sandbox_backend_.get();
   }

   // Override the default leveldb Env with `env_override_` if set.
   std::unique_ptr<leveldb::Env> env_override_;

   const scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_;
   const scoped_refptr<base::SequencedTaskRunner> default_file_task_runner_;

   const scoped_refptr<QuotaManagerProxy> quota_manager_proxy_;
   std::unique_ptr<FileSystemQuotaClient> quota_client_;
   std::unique_ptr<storage::QuotaClientCallbackWrapper> quota_client_wrapper_;

   const std::unique_ptr<SandboxFileSystemBackendDelegate> sandbox_delegate_;

   // Regular file system backends.
   const std::unique_ptr<SandboxFileSystemBackend> sandbox_backend_;
   std::unique_ptr<IsolatedFileSystemBackend> isolated_backend_;

   // Additional file system backends.
   const std::vector<std::unique_ptr<FileSystemBackend>> additional_backends_;

   std::vector<URLRequestAutoMountHandler> auto_mount_handlers_;

   // Registered file system backends.
   // The map must be constructed in the constructor since it can be accessed
   // on multiple threads.
   // This map itself doesn't retain each backend's ownership; ownerships
   // of the backends are held by additional_backends_ or other scoped_ptr
   // backend fields.
   std::map<FileSystemType, raw_ptr<FileSystemBackend, CtnExperimental>>
       backend_map_;

   // External mount points visible in the file system context (excluding system
   // external mount points).
   const scoped_refptr<ExternalMountPoints> external_mount_points_;

   // MountPoints used to crack FileSystemURLs. The MountPoints are ordered
   // in order they should try to crack a FileSystemURL.
   std::vector<raw_ptr<MountPoints, VectorExperimental>> url_crackers_;

   // The base path of the storage partition for this context.
   const base::FilePath partition_path_;

   const bool is_incognito_;

   const std::unique_ptr<FileSystemOperationRunner> operation_runner_;

   std::unique_ptr<mojo::Receiver<mojom::QuotaClient>> quota_client_receiver_;

   base::WeakPtrFactory<FileSystemContext> weak_factory_{this};
 };

 }  // namespace storage

 #endif  // STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_
	// Copyright 2012 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_
	#define STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_

	#include <stdint.h>

	#include <map>
	#include <memory>
	#include <string>
	#include <vector>

	#include "base/component_export.h"
	#include "base/containers/flat_set.h"
	#include "base/files/file.h"
	#include "base/functional/callback.h"
	#include "base/functional/callback_helpers.h"
	#include "base/memory/raw_ptr.h"
	#include "base/memory/ref_counted_delete_on_sequence.h"
	#include "base/memory/scoped_refptr.h"
	#include "base/memory/weak_ptr.h"
	#include "base/task/sequenced_task_runner_helpers.h"
	#include "base/threading/sequence_bound.h"
	#include "base/types/pass_key.h"
	#include "build/build_config.h"
	#include "components/file_access/scoped_file_access_delegate.h"
	#include "components/services/storage/public/cpp/quota_error_or.h"
	#include "components/services/storage/public/mojom/quota_client.mojom.h"
	#include "mojo/public/cpp/bindings/receiver.h"
	#include "storage/browser/file_system/file_system_request_info.h"
	#include "storage/browser/file_system/file_system_url.h"
	#include "storage/browser/file_system/open_file_system_mode.h"
	#include "storage/browser/file_system/task_runner_bound_observer_list.h"
	#include "storage/common/file_system/file_system_types.h"
	#include "third_party/blink/public/mojom/quota/quota_types.mojom-shared.h"
	#include "url/gurl.h"
	#include "url/origin.h"

	namespace base {
	class FilePath;
	class SequencedTaskRunner;
	class SingleThreadTaskRunner;
	} // namespace base

	namespace blink {
	class StorageKey;
	} // namespace blink

	namespace leveldb {
	class Env;
	} // namespace leveldb

	namespace storage {

	class AsyncFileUtil;
	class CopyOrMoveFileValidatorFactory;
	class ExternalMountPoints;
	class FileStreamReader;
	class FileStreamWriter;
	class FileSystemBackend;
	class FileSystemOperation;
	class FileSystemOperationRunner;
	class FileSystemOptions;
	class FileSystemQuotaClient;
	class FileSystemQuotaUtil;
	class FileSystemURL;
	class IsolatedFileSystemBackend;
	class MountPoints;
	class QuotaClientCallbackWrapper;
	class QuotaManagerProxy;
	class QuotaReservation;
	class SandboxFileSystemBackend;
	class SandboxFileSystemBackendDelegate;
	class SpecialStoragePolicy;
	class WatcherManager;

	enum class OperationType;

	struct BucketInfo;
	struct FileSystemInfo;

	// An auto mount handler will attempt to mount the file system requested in
	// `request_info`. If the URL is for this auto mount handler, it returns true
	// and calls `callback` when the attempt is complete. If the auto mounter
	// does not recognize the URL, it returns false and does not call `callback`.
	// Called on the IO thread.
	using URLRequestAutoMountHandler = base::RepeatingCallback<bool(
	const FileSystemRequestInfo& request_info,
	const FileSystemURL& filesystem_url,
	base::OnceCallback<void(base::File::Error result)> callback)>;

	// This class keeps and provides a file system context for FileSystem API.
	// An instance of this class is created and owned by profile.
	class COMPONENT_EXPORT(STORAGE_BROWSER) FileSystemContext
	: public base::RefCountedDeleteOnSequence<FileSystemContext> {
	public:
	REQUIRE_ADOPTION_FOR_REFCOUNTED_TYPE();

	FileSystemContext() = delete;
	FileSystemContext(const FileSystemContext&) = delete;
	FileSystemContext& operator=(const FileSystemContext&) = delete;

	// Returns file permission policy we should apply for the given `type`.
	// The return value must be bitwise-or'd of FilePermissionPolicy.
	//
	// Note: if a part of a filesystem is returned via 'Isolated' mount point,
	// its per-filesystem permission overrides the underlying filesystem's
	// permission policy.
	static int GetPermissionPolicy(FileSystemType type);

	// file_task_runner is used as default TaskRunner.
	// Unless a FileSystemBackend is overridden in CreateFileSystemOperation,
	// it is used for all file operations and file related meta operations.
	// The code assumes that file_task_runner->RunsTasksInCurrentSequence()
	// returns false if the current task is not running on the sequence that
	// allows blocking file operations (like SequencedWorkerPool implementation
	// does).
	//
	// `external_mount_points` contains non-system external mount points available
	// in the context. If not nullptr, it will be used during URL cracking.
	// `external_mount_points` may be nullptr only on platforms different from
	// ChromeOS (i.e. platforms that don't use external_mount_point_provider).
	//
	// `additional_backends` are added to the internal backend map
	// to serve filesystem requests for non-regular types.
	// If none is given, this context only handles HTML5 Sandbox FileSystem
	// and Drag-and-drop Isolated FileSystem requests.
	//
	// `auto_mount_handlers` are used to resolve calls to
	// AttemptAutoMountForURLRequest. Only external filesystems are auto mounted
	// when a filesystem: URL request is made.
	static scoped_refptr<FileSystemContext> Create(
	scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
	scoped_refptr<base::SequencedTaskRunner> file_task_runner,
	scoped_refptr<ExternalMountPoints> external_mount_points,
	scoped_refptr<SpecialStoragePolicy> special_storage_policy,
	scoped_refptr<QuotaManagerProxy> quota_manager_proxy,
	std::vector<std::unique_ptr<FileSystemBackend>> additional_backends,
	const std::vector<URLRequestAutoMountHandler>& auto_mount_handlers,
	const base::FilePath& partition_path,
	const FileSystemOptions& options);

	// Exposed for base::MakeRefCounted(). Instances should be obtained from the
	// factory method Create().
	FileSystemContext(
	scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
	scoped_refptr<base::SequencedTaskRunner> file_task_runner,
	scoped_refptr<ExternalMountPoints> external_mount_points,
	scoped_refptr<SpecialStoragePolicy> special_storage_policy,
	scoped_refptr<QuotaManagerProxy> quota_manager_proxy,
	std::vector<std::unique_ptr<FileSystemBackend>> additional_backends,
	const std::vector<URLRequestAutoMountHandler>& auto_mount_handlers,
	const base::FilePath& partition_path,
	const FileSystemOptions& options,
	base::PassKey<FileSystemContext>);

	// Creates a new QuotaReservation for the given `storage_key` and `type`.
	// Returns nullptr if `type` does not support quota or reservation fails.
	// This should be run on `default_file_task_runner_` and the returned value
	// should be destroyed on the runner.
	scoped_refptr<QuotaReservation> CreateQuotaReservationOnFileTaskRunner(
	const blink::StorageKey& storage_key,
	FileSystemType type);

	const scoped_refptr<QuotaManagerProxy>& quota_manager_proxy() const {
	return quota_manager_proxy_;
	}

	// Discards inflight operations in the operation runner.
	void Shutdown();

	// Returns a quota util for a given filesystem type. This may
	// return nullptr if the type does not support the usage tracking or
	// it is not a quota-managed storage.
	FileSystemQuotaUtil* GetQuotaUtil(FileSystemType type) const;

	// Returns the appropriate AsyncFileUtil instance for the given `type`.
	AsyncFileUtil* GetAsyncFileUtil(FileSystemType type) const;

	// Returns the appropriate CopyOrMoveFileValidatorFactory for the given
	// `type`. If `error_code` is File::FILE_OK and the result is nullptr,
	// then no validator is required.
	CopyOrMoveFileValidatorFactory* GetCopyOrMoveFileValidatorFactory(
	FileSystemType type,
	base::File::Error* error_code) const;

	// Returns the file system backend instance for the given `type`.
	// This may return nullptr if it is given an invalid or unsupported filesystem
	// type.
	FileSystemBackend* GetFileSystemBackend(FileSystemType type) const;

	// Returns the watcher manager for the given `type`.
	// This may return nullptr if the type does not support watching.
	WatcherManager* GetWatcherManager(FileSystemType type) const;

	// Returns true for sandboxed filesystems. Currently this does
	// the same as GetQuotaUtil(type) != nullptr. (In an assumption that
	// all sandboxed filesystems must cooperate with QuotaManager so that
	// they can get deleted)
	bool IsSandboxFileSystem(FileSystemType type) const;

	// Returns observers for the given filesystem type.
	const UpdateObserverList* GetUpdateObservers(FileSystemType type) const;
	const ChangeObserverList* GetChangeObservers(FileSystemType type) const;
	const AccessObserverList* GetAccessObservers(FileSystemType type) const;

	// Returns all registered filesystem types.
	std::vector<FileSystemType> GetFileSystemTypes() const;

	// Used for OpenFileSystem.
	using OpenFileSystemCallback =
	base::OnceCallback<void(const FileSystemURL& root_url,
	const std::string& name,
	base::File::Error result)>;

	// Used for ResolveURL.
	enum ResolvedEntryType {
	RESOLVED_ENTRY_FILE,
	RESOLVED_ENTRY_DIRECTORY,
	RESOLVED_ENTRY_NOT_FOUND,
	};
	using ResolveURLCallback =
	base::OnceCallback<void(base::File::Error result,
	const FileSystemInfo& info,
	const base::FilePath& file_path,
	ResolvedEntryType type)>;

	// Used for DeleteFileSystem.
	using StatusCallback = base::OnceCallback<void(base::File::Error result)>;

	// Opens the filesystem for the given `storage_key` and `type`, and dispatches
	// `callback` on completion.
	// If `create` is true this may actually set up a filesystem instance
	// (e.g. by creating the root directory or initializing the database
	// entry etc).
	// Provide a non-null BucketLocator to override the default storage bucket
	// for the root URL (which will be propagated to child URLs).
	void OpenFileSystem(const blink::StorageKey& storage_key,
	const std::optional<storage::BucketLocator>& bucket,
	FileSystemType type,
	OpenFileSystemMode mode,
	OpenFileSystemCallback callback);

	// Opens the filesystem for the given `url` as read-only, if the filesystem
	// backend referred by the URL allows opening by resolveURL. Otherwise it
	// fails with FILE_ERROR_SECURITY. The entry pointed by the URL can be
	// absent; in that case RESOLVED_ENTRY_NOT_FOUND type is returned to the
	// callback for indicating the absence. Can be called from any thread with
	// a message loop. `callback` is invoked on the caller thread.
	void ResolveURL(const FileSystemURL& url, ResolveURLCallback callback);

	// Attempts to mount the filesystem needed to satisfy `request_info` made from
	// `request_info.storage_domain_`. If an appropriate file system is not found,
	// callback will return an error.
	void AttemptAutoMountForURLRequest(const FileSystemRequestInfo& request_info,
	StatusCallback callback);

	// Deletes the filesystem for the given `storage_key` and `type`. This should
	// be called on the IO thread.
	void DeleteFileSystem(const blink::StorageKey& storage_key,
	FileSystemType type,
	StatusCallback callback);

	// Creates new FileStreamReader instance to read a file pointed by the given
	// filesystem URL `url` starting from `offset`. `expected_modification_time`
	// specifies the expected last modification if the value is non-null, the
	// reader will check the underlying file's actual modification time to see if
	// the file has been modified, and if it does any succeeding read operations
	// should fail with ERR_UPLOAD_FILE_CHANGED error.
	// This method internally cracks the `url`, get an appropriate
	// FileSystemBackend for the URL and call the backend's CreateFileReader.
	// The resolved FileSystemBackend could perform further specialization
	// depending on the filesystem type pointed by the `url`.
	// At most `max_bytes_to_read` can be fetched from the file stream reader.
	std::unique_ptr<FileStreamReader> CreateFileStreamReader(
	const FileSystemURL& url,
	int64_t offset,
	int64_t max_bytes_to_read,
	const base::Time& expected_modification_time,
	file_access::ScopedFileAccessDelegate::RequestFilesAccessIOCallback
	file_access = base::NullCallback());

	// Creates new FileStreamWriter instance to write into a file pointed by
	// `url` from `offset`.
	std::unique_ptr<FileStreamWriter> CreateFileStreamWriter(
	const FileSystemURL& url,
	int64_t offset);

	// Creates a new FileSystemOperationRunner. Callers have to make sure that
	// this FileSystemContext outlives the returned FileSystemOperationRunner.
	// This must be called on the IO thread.
	std::unique_ptr<FileSystemOperationRunner> CreateFileSystemOperationRunner();

	// Similar to above, but this method can be called on any thread.
	base::SequenceBound<FileSystemOperationRunner>
	CreateSequenceBoundFileSystemOperationRunner();

	base::SequencedTaskRunner* default_file_task_runner() {
	return default_file_task_runner_.get();
	}

	FileSystemOperationRunner* operation_runner() {
	return operation_runner_.get();
	}

	const base::FilePath& partition_path() const { return partition_path_; }

	// Same as `CrackFileSystemURL`, but cracks FileSystemURL created from `url`
	// and `storage_key`.
	FileSystemURL CrackURL(const GURL& url,
	const blink::StorageKey& storage_key) const;

	// Same as `CrackFileSystemURL`, but cracks FileSystemURL created from `url`
	// and a blink::StorageKey it derives from `url`. Note: never use this
	// function to crack URLs received from web contents. For all web-exposed
	// URLs, use the CrackURL function above and pass in the StorageKey of the
	// frame or worker that provided the URL.
	FileSystemURL CrackURLInFirstPartyContext(const GURL& url) const;

	// Same as `CrackFileSystemURL`, but cracks FileSystemURL created from method
	// arguments.
	FileSystemURL CreateCrackedFileSystemURL(const blink::StorageKey& storage_key,
	FileSystemType type,
	const base::FilePath& path) const;

	SandboxFileSystemBackendDelegate* sandbox_delegate() {
	return sandbox_delegate_.get();
	}

	// Returns true if the requested url is ok to be served.
	// (E.g. this returns false if the context is created for incognito mode)
	bool CanServeURLRequest(const FileSystemURL& url) const;

	bool is_incognito() { return is_incognito_; }

	void ResolveURLOnOpenFileSystemForTesting(
	const blink::StorageKey& storage_key,
	const std::optional<storage::BucketLocator>& bucket,
	FileSystemType type,
	OpenFileSystemMode mode,
	OpenFileSystemCallback callback) {
	ResolveURLOnOpenFileSystem(storage_key, bucket, type, mode,
	std::move(callback));
	}

	private:
	// For CreateFileSystemOperation.
	friend class FileSystemOperationRunner;

	// For sandbox_backend().
	friend class SandboxFileSystemTestHelper;

	// Deleters.
	friend class base::DeleteHelper<FileSystemContext>;
	friend class base::RefCountedDeleteOnSequence<FileSystemContext>;
	~FileSystemContext();

	// Must be called after creating the FileSystemContext.
	void Initialize();

	// Creates a new FileSystemOperation instance by getting an appropriate
	// FileSystemBackend for `url` and calling the backend's corresponding
	// CreateFileSystemOperation method.
	// The resolved FileSystemBackend could perform further specialization
	// depending on the filesystem type pointed by the `url`.
	//
	// Called by FileSystemOperationRunner.
	std::unique_ptr<FileSystemOperation> CreateFileSystemOperation(
	OperationType type,
	const FileSystemURL& url,
	base::File::Error* error_code);

	// For non-cracked isolated and external mount points, returns a FileSystemURL
	// created by cracking `url`. The url is cracked using MountPoints registered
	// as `url_crackers_`. If the url cannot be cracked, returns invalid
	// FileSystemURL.
	//
	// If the original url does not point to an isolated or external filesystem,
	// returns the original url, without attempting to crack it.
	FileSystemURL CrackFileSystemURL(const FileSystemURL& url) const;

	// For initial backend_map construction. This must be called only from
	// the constructor.
	void RegisterBackend(FileSystemBackend* backend);

	void DidOpenFileSystemForResolveURL(const FileSystemURL& url,
	ResolveURLCallback callback,
	const GURL& filesystem_root,
	const std::string& filesystem_name,
	base::File::Error error);
	void OnGetBucketForDeleteFileSystem(FileSystemType type,
	StatusCallback callback,
	QuotaErrorOr<BucketInfo> result);
	// OnGetOrCreateBucket is the callback for calling
	// QuotaManagerProxy::GetOrCreateDefault.
	void OnGetOrCreateBucket(const blink::StorageKey& storage_key,
	FileSystemType type,
	OpenFileSystemMode mode,
	OpenFileSystemCallback callback,
	QuotaErrorOr<BucketInfo> result);
	// ResolveURLOnOpenFileSystem is called, either by OnGetOrCreateBucket
	// on successful bucket creation, or (tests onlyh) by OpenFileSystem
	// directly in the absence of a quota manager.
	// `bucket` will be populated if the non-default storage bucket was used.
	void ResolveURLOnOpenFileSystem(
	const blink::StorageKey& storage_key,
	const std::optional<storage::BucketLocator>& bucket,
	FileSystemType type,
	OpenFileSystemMode mode,
	OpenFileSystemCallback callback);
	void DidResolveURLOnOpenFileSystem(const FileSystemURL& filesystem_root_url,
	OpenFileSystemCallback callback,
	const GURL& filesystem_root,
	const std::string& filesystem_name,
	base::File::Error error);

	// Returns a FileSystemBackend, used only by test code.
	SandboxFileSystemBackend* sandbox_backend() const {
	return sandbox_backend_.get();
	}

	// Override the default leveldb Env with `env_override_` if set.
	std::unique_ptr<leveldb::Env> env_override_;

	const scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_;
	const scoped_refptr<base::SequencedTaskRunner> default_file_task_runner_;

	const scoped_refptr<QuotaManagerProxy> quota_manager_proxy_;
	std::unique_ptr<FileSystemQuotaClient> quota_client_;
	std::unique_ptr<storage::QuotaClientCallbackWrapper> quota_client_wrapper_;

	const std::unique_ptr<SandboxFileSystemBackendDelegate> sandbox_delegate_;

	// Regular file system backends.
	const std::unique_ptr<SandboxFileSystemBackend> sandbox_backend_;
	std::unique_ptr<IsolatedFileSystemBackend> isolated_backend_;

	// Additional file system backends.
	const std::vector<std::unique_ptr<FileSystemBackend>> additional_backends_;

	std::vector<URLRequestAutoMountHandler> auto_mount_handlers_;

	// Registered file system backends.
	// The map must be constructed in the constructor since it can be accessed
	// on multiple threads.
	// This map itself doesn't retain each backend's ownership; ownerships
	// of the backends are held by additional_backends_ or other scoped_ptr
	// backend fields.
	std::map<FileSystemType, raw_ptr<FileSystemBackend, CtnExperimental>>
	backend_map_;

	// External mount points visible in the file system context (excluding system
	// external mount points).
	const scoped_refptr<ExternalMountPoints> external_mount_points_;

	// MountPoints used to crack FileSystemURLs. The MountPoints are ordered
	// in order they should try to crack a FileSystemURL.
	std::vector<raw_ptr<MountPoints, VectorExperimental>> url_crackers_;

	// The base path of the storage partition for this context.
	const base::FilePath partition_path_;

	const bool is_incognito_;

	const std::unique_ptr<FileSystemOperationRunner> operation_runner_;

	std::unique_ptr<mojo::Receiver<mojom::QuotaClient>> quota_client_receiver_;

	base::WeakPtrFactory<FileSystemContext> weak_factory_{this};
	};

	} // namespace storage

	#endif // STORAGE_BROWSER_FILE_SYSTEM_FILE_SYSTEM_CONTEXT_H_