mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
electron/shell/browser/electron_permission_manager.cc
electron-roller[bot] 61374019c0
chore: bump chromium to 103.0.5046.0 (main) (#33906) 
* chore: bump chromium in DEPS to 103.0.5020.0

* chore: bump chromium in DEPS to 103.0.5022.0

* chore: bump chromium in DEPS to 103.0.5024.0

* chore: update patches

* 3587410: [Printing] Remove JobEventDetails

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3587410

* chore: bump chromium in DEPS to 103.0.5026.0

* chore: update patches

* 3577218: WebUI: Delete webui_resources.grd and related GN targets.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3577218

* chore: bump chromium in DEPS to 103.0.5028.0

* chore: update patches

* 3579297: Convert UpdatePrintSettings() to use non-deprecated base::Value APIs.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3579297

* 3560622: serial: Add SerialPort.forget() method

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3560622

* 3581708: Restore original display when moving from tab-fullscreen to browser-fullscreen.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3581708

* chore: fix authorization flags lint error

* 3583363: Remove net wrappers around base/strings/escape.h

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3583363

* fixup! 3560622: serial: Add SerialPort.forget() method

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3560622

* 3587589: Reland "Propagate the MIME type from DownloadTargetDeterminer to DownloadItem"

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3587589

* 3584006: Remove IsRenderViewLive from content public

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3584006

* 3596174: [api] Remove APIs for resurrecting finalizers

Ref: https://chromium-review.googlesource.com/c/v8/v8/+/3596174

* 3368244: Hook SnapshotForContentAnalysis renderer API to scan system prints

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3368244

* chore: bump chromium in DEPS to 103.0.5030.0

* chore: update patches

* chore: bump chromium in DEPS to 103.0.5032.0

* chore: bump chromium in DEPS to 103.0.5034.0

* chore: bump chromium in DEPS to 103.0.5036.0

* chore: update patches

* 3586363: Introduce PrintRenderFrame.PrintWithParams() for batch printing to PDF

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3586363

* 3593199: Remove content::PermissionType references and replace them with blink::PermissionType

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3593199

* 3368244: Hook SnapshotForContentAnalysis renderer API to scan system prints

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3368244

* chore: lint

* chore: bump chromium in DEPS to 103.0.5038.0

* chore: update patches

* fixup! 3560622: serial: Add SerialPort.forget() method

* 3606495: mac screen capture: add metric

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3606495

* chore: bump chromium in DEPS to 103.0.5040.0

* chore: update patches

* 3590840: Add IPs to DnsOverHttpsServerConfig

https://chromium-review.googlesource.com/c/chromium/src/+/3590840

* stub functions for ElectronSerialDelegate and SerialChooserController to fix link

* 3566412: [base] Remove base/android dependency on post_task.h and officially remove post_task.h!

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3566412

* 3347944: [content] No longer hand-off whole MainFunctionParams to BrowserMainParts

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3347944

* fixup! 3566412: [base] Remove base/android dependency on post_task.h and off…
e3ea3e1
…icially remove post_task.h!

* chore: update process_singleton patches for content::GetIOThreadTaskRunner({})

Ref: 2015655: [BrowserThread] Migrate co/pub/br and co/br/scheduler to the new API | https://chromium-review.googlesource.com/c/chromium/src/+/2015655

* chore: migrate base::DeleteSoon to content::GetUIThreadTaskRunner({})->DeleteSoon

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3566412

* chore: remove duplicate functions for RevokePortPermissionWebInitiated & GetPortInfo

* chore: migrate Linux/Windows methods off of post_task.h

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3566412

* 64908: Stop building legacy SwiftShader GL in Chromium

https://swiftshader-review.googlesource.com/c/SwiftShader/+/64908

* 3573245: Added Themed versions of RoundedRectBackground and RoundedRectBorder.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3573245

* chore: bump chromium in DEPS to 103.0.5042.0

* chore: update patches

* 3571804: [api] Advance API deprecation for V8 version v10.2

https://chromium-review.googlesource.com/c/v8/v8/+/3571804

* fixup! 3571804: [api] Advance API deprecation for V8 version v10.2

* build: fix run-clang-format extension matching

* lint

* fix windows build

* how is clang-format still not working for me

* chore: update patches

* 3623985: Replace ad-hoc SetPublicFirstPartySets calls with method in ContentBrowserClient.

https://chromium-review.googlesource.com/c/chromium/src/+/3623985

* no need to implement WillProvidePublicFirstPartySets; the default is false

* 3601036: [QT] Introduce ui/views/linux_ui/linux_ui_factory.*

https://chromium-review.googlesource.com/c/chromium/src/+/3601036

* 3583363: Remove net wrappers around base/strings/escape.h

https://chromium-review.googlesource.com/c/chromium/src/+/3583363

* lint

* chore: bump chromium in DEPS to 103.0.5044.0

* fix conflicts

* chore: update patches

* upgrade nan

* pin version of nan in tests

* replace my hacky deprecated override fix with the fix from upstream

* revert runtime dcheck in v8

* pin nan version at root too

* refactor: tell gyp to use c++17 when building with our node

* Revert "refactor: tell gyp to use c++17 when building with our node"

This reverts commit 41a03a5799a8f40f31555d73d20ea865acfcd192.

* Undo the reversion of 41a03a5799a8f40f31555d73d20ea865acfcd192.

This reverts commit 54440abc598153bd7e259be4a908f0ecc0b33348.

* disable sequential/test-cpu-prof-kill for now

* also sequential/test-diagnostic-dir-cpu-prof

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Co-authored-by: VerteDinde <vertedinde@electronjs.org>
Co-authored-by: Jeremy Rose <japthorp@slack-corp.com>
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
2022-05-17 12:48:40 -04:00

420 lines
16 KiB
C++
Raw Blame History

// Copyright (c) 2016 GitHub, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#include "shell/browser/electron_permission_manager.h"
#include <memory>
#include <utility>
#include <vector>
#include "base/values.h"
#include "content/browser/permissions/permission_util.h" // nogncheck
#include "content/public/browser/child_process_security_policy.h"
#include "content/public/browser/global_routing_id.h"
#include "content/public/browser/permission_controller.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/render_view_host.h"
#include "content/public/browser/web_contents.h"
#include "gin/data_object_builder.h"
#include "shell/browser/api/electron_api_web_contents.h"
#include "shell/browser/electron_browser_client.h"
#include "shell/browser/electron_browser_main_parts.h"
#include "shell/browser/hid/hid_chooser_context.h"
#include "shell/browser/serial/serial_chooser_context.h"
#include "shell/browser/web_contents_permission_helper.h"
#include "shell/browser/web_contents_preferences.h"
#include "shell/common/gin_converters/content_converter.h"
#include "shell/common/gin_converters/frame_converter.h"
#include "shell/common/gin_converters/value_converter.h"
#include "shell/common/gin_helper/event_emitter_caller.h"
#include "third_party/blink/public/common/permissions/permission_utils.h"
namespace electron {
namespace {
bool WebContentsDestroyed(content::RenderFrameHost* rfh) {
content::WebContents* web_contents =
content::WebContents::FromRenderFrameHost(rfh);
if (!web_contents)
return true;
return web_contents->IsBeingDestroyed();
}
void PermissionRequestResponseCallbackWrapper(
ElectronPermissionManager::StatusCallback callback,
const std::vector<blink::mojom::PermissionStatus>& vector) {
std::move(callback).Run(vector[0]);
}
} // namespace
class ElectronPermissionManager::PendingRequest {
public:
PendingRequest(content::RenderFrameHost* render_frame_host,
const std::vector<blink::PermissionType>& permissions,
StatusesCallback callback)
: render_process_id_(render_frame_host->GetProcess()->GetID()),
render_frame_id_(render_frame_host->GetGlobalId()),
callback_(std::move(callback)),
permissions_(permissions),
results_(permissions.size(), blink::mojom::PermissionStatus::DENIED),
remaining_results_(permissions.size()) {}
void SetPermissionStatus(int permission_id,
blink::mojom::PermissionStatus status) {
DCHECK(!IsComplete());
if (status == blink::mojom::PermissionStatus::GRANTED) {
const auto permission = permissions_[permission_id];
if (permission == blink::PermissionType::MIDI_SYSEX) {
content::ChildProcessSecurityPolicy::GetInstance()
->GrantSendMidiSysExMessage(render_process_id_);
} else if (permission == blink::PermissionType::GEOLOCATION) {
ElectronBrowserMainParts::Get()
->GetGeolocationControl()
->UserDidOptIntoLocationServices();
}
}
results_[permission_id] = status;
--remaining_results_;
}
content::RenderFrameHost* GetRenderFrameHost() {
return content::RenderFrameHost::FromID(render_frame_id_);
}
bool IsComplete() const { return remaining_results_ == 0; }
void RunCallback() {
if (!callback_.is_null()) {
std::move(callback_).Run(results_);
}
}
private:
int render_process_id_;
content::GlobalRenderFrameHostId render_frame_id_;
StatusesCallback callback_;
std::vector<blink::PermissionType> permissions_;
std::vector<blink::mojom::PermissionStatus> results_;
size_t remaining_results_;
};
ElectronPermissionManager::ElectronPermissionManager() = default;
ElectronPermissionManager::~ElectronPermissionManager() = default;
void ElectronPermissionManager::SetPermissionRequestHandler(
const RequestHandler& handler) {
if (handler.is_null() && !pending_requests_.IsEmpty()) {
for (PendingRequestsMap::iterator iter(&pending_requests_); !iter.IsAtEnd();
iter.Advance()) {
auto* request = iter.GetCurrentValue();
if (!WebContentsDestroyed(request->GetRenderFrameHost()))
request->RunCallback();
}
pending_requests_.Clear();
}
request_handler_ = handler;
}
void ElectronPermissionManager::SetPermissionCheckHandler(
const CheckHandler& handler) {
check_handler_ = handler;
}
void ElectronPermissionManager::SetDevicePermissionHandler(
const DeviceCheckHandler& handler) {
device_permission_handler_ = handler;
}
void ElectronPermissionManager::RequestPermission(
blink::PermissionType permission,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
bool user_gesture,
StatusCallback response_callback) {
RequestPermissionWithDetails(permission, render_frame_host, requesting_origin,
user_gesture, nullptr,
std::move(response_callback));
}
void ElectronPermissionManager::RequestPermissionWithDetails(
blink::PermissionType permission,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
bool user_gesture,
const base::DictionaryValue* details,
StatusCallback response_callback) {
RequestPermissionsWithDetails(
std::vector<blink::PermissionType>(1, permission), render_frame_host,
requesting_origin, user_gesture, details,
base::BindOnce(PermissionRequestResponseCallbackWrapper,
std::move(response_callback)));
}
void ElectronPermissionManager::RequestPermissions(
const std::vector<blink::PermissionType>& permissions,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
bool user_gesture,
StatusesCallback response_callback) {
RequestPermissionsWithDetails(permissions, render_frame_host,
requesting_origin, user_gesture, nullptr,
std::move(response_callback));
}
void ElectronPermissionManager::RequestPermissionsWithDetails(
const std::vector<blink::PermissionType>& permissions,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
bool user_gesture,
const base::DictionaryValue* details,
StatusesCallback response_callback) {
if (permissions.empty()) {
std::move(response_callback).Run({});
return;
}
if (request_handler_.is_null()) {
std::vector<blink::mojom::PermissionStatus> statuses;
for (auto permission : permissions) {
if (permission == blink::PermissionType::MIDI_SYSEX) {
content::ChildProcessSecurityPolicy::GetInstance()
->GrantSendMidiSysExMessage(
render_frame_host->GetProcess()->GetID());
} else if (permission == blink::PermissionType::GEOLOCATION) {
ElectronBrowserMainParts::Get()
->GetGeolocationControl()
->UserDidOptIntoLocationServices();
}
statuses.push_back(blink::mojom::PermissionStatus::GRANTED);
}
std::move(response_callback).Run(statuses);
return;
}
auto* web_contents =
content::WebContents::FromRenderFrameHost(render_frame_host);
int request_id = pending_requests_.Add(std::make_unique<PendingRequest>(
render_frame_host, permissions, std::move(response_callback)));
for (size_t i = 0; i < permissions.size(); ++i) {
auto permission = permissions[i];
const auto callback =
base::BindRepeating(&ElectronPermissionManager::OnPermissionResponse,
base::Unretained(this), request_id, i);
auto mutable_details =
details == nullptr ? base::DictionaryValue() : details->Clone();
mutable_details.SetStringKey(
"requestingUrl", render_frame_host->GetLastCommittedURL().spec());
mutable_details.SetBoolKey("isMainFrame",
render_frame_host->GetParent() == nullptr);
request_handler_.Run(web_contents, permission, callback, mutable_details);
}
}
void ElectronPermissionManager::OnPermissionResponse(
int request_id,
int permission_id,
blink::mojom::PermissionStatus status) {
auto* pending_request = pending_requests_.Lookup(request_id);
if (!pending_request)
return;
pending_request->SetPermissionStatus(permission_id, status);
if (pending_request->IsComplete()) {
pending_request->RunCallback();
pending_requests_.Remove(request_id);
}
}
void ElectronPermissionManager::ResetPermission(
blink::PermissionType permission,
const GURL& requesting_origin,
const GURL& embedding_origin) {}
blink::mojom::PermissionStatus ElectronPermissionManager::GetPermissionStatus(
blink::PermissionType permission,
const GURL& requesting_origin,
const GURL& embedding_origin) {
base::DictionaryValue details;
details.SetString("embeddingOrigin", embedding_origin.spec());
bool granted = CheckPermissionWithDetails(permission, nullptr,
requesting_origin, &details);
return granted ? blink::mojom::PermissionStatus::GRANTED
: blink::mojom::PermissionStatus::DENIED;
}
ElectronPermissionManager::SubscriptionId
ElectronPermissionManager::SubscribePermissionStatusChange(
blink::PermissionType permission,
content::RenderProcessHost* render_process_host,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
base::RepeatingCallback<void(blink::mojom::PermissionStatus)> callback) {
return SubscriptionId(-1);
}
void ElectronPermissionManager::UnsubscribePermissionStatusChange(
SubscriptionId id) {}
bool ElectronPermissionManager::CheckPermissionWithDetails(
blink::PermissionType permission,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin,
const base::DictionaryValue* details) const {
if (check_handler_.is_null()) {
return true;
}
auto* web_contents =
render_frame_host
? content::WebContents::FromRenderFrameHost(render_frame_host)
: nullptr;
auto mutable_details =
details == nullptr ? base::DictionaryValue() : details->Clone();
if (render_frame_host) {
mutable_details.SetStringKey(
"requestingUrl", render_frame_host->GetLastCommittedURL().spec());
}
mutable_details.SetBoolKey(
"isMainFrame",
render_frame_host && render_frame_host->GetParent() == nullptr);
switch (permission) {
case blink::PermissionType::AUDIO_CAPTURE:
mutable_details.SetStringKey("mediaType", "audio");
break;
case blink::PermissionType::VIDEO_CAPTURE:
mutable_details.SetStringKey("mediaType", "video");
break;
default:
break;
}
return check_handler_.Run(web_contents, permission, requesting_origin,
mutable_details);
}
bool ElectronPermissionManager::CheckDevicePermission(
blink::PermissionType permission,
const url::Origin& origin,
const base::Value* device,
content::RenderFrameHost* render_frame_host) const {
auto* web_contents =
content::WebContents::FromRenderFrameHost(render_frame_host);
api::WebContents* api_web_contents = api::WebContents::From(web_contents);
if (device_permission_handler_.is_null()) {
if (api_web_contents) {
std::vector<base::Value> granted_devices =
api_web_contents->GetGrantedDevices(origin, permission,
render_frame_host);
for (const auto& granted_device : granted_devices) {
if (permission ==
static_cast<blink::PermissionType>(
WebContentsPermissionHelper::PermissionType::HID)) {
if (device->FindIntKey(kHidVendorIdKey) !=
granted_device.FindIntKey(kHidVendorIdKey) ||
device->FindIntKey(kHidProductIdKey) !=
granted_device.FindIntKey(kHidProductIdKey)) {
continue;
}
const auto* serial_number =
granted_device.FindStringKey(kHidSerialNumberKey);
const auto* device_serial_number =
device->FindStringKey(kHidSerialNumberKey);
if (serial_number && device_serial_number &&
*device_serial_number == *serial_number)
return true;
} else if (permission ==
static_cast<blink::PermissionType>(
WebContentsPermissionHelper::PermissionType::SERIAL)) {
#if BUILDFLAG(IS_WIN)
if (device->FindStringKey(kDeviceInstanceIdKey) ==
granted_device.FindStringKey(kDeviceInstanceIdKey))
return true;
#else
if (device->FindIntKey(kVendorIdKey) !=
granted_device.FindIntKey(kVendorIdKey) ||
device->FindIntKey(kProductIdKey) !=
granted_device.FindIntKey(kProductIdKey) ||
*device->FindStringKey(kSerialNumberKey) !=
*granted_device.FindStringKey(kSerialNumberKey)) {
continue;
}
#if BUILDFLAG(IS_MAC)
if (*device->FindStringKey(kUsbDriverKey) !=
*granted_device.FindStringKey(kUsbDriverKey)) {
continue;
}
#endif // BUILDFLAG(IS_MAC)
return true;
#endif // BUILDFLAG(IS_WIN)
}
}
}
return false;
} else {
v8::Isolate* isolate = JavascriptEnvironment::GetIsolate();
v8::HandleScope scope(isolate);
v8::Local<v8::Object> details = gin::DataObjectBuilder(isolate)
.Set("deviceType", permission)
.Set("origin", origin.Serialize())
.Set("device", device->Clone())
.Set("frame", render_frame_host)
.Build();
return device_permission_handler_.Run(details);
}
}
void ElectronPermissionManager::GrantDevicePermission(
blink::PermissionType permission,
const url::Origin& origin,
const base::Value* device,
content::RenderFrameHost* render_frame_host) const {
if (device_permission_handler_.is_null()) {
auto* web_contents =
content::WebContents::FromRenderFrameHost(render_frame_host);
api::WebContents* api_web_contents = api::WebContents::From(web_contents);
if (api_web_contents)
api_web_contents->GrantDevicePermission(origin, device, permission,
render_frame_host);
}
}
blink::mojom::PermissionStatus
ElectronPermissionManager::GetPermissionStatusForFrame(
blink::PermissionType permission,
content::RenderFrameHost* render_frame_host,
const GURL& requesting_origin) {
base::DictionaryValue details;
bool granted = CheckPermissionWithDetails(permission, render_frame_host,
requesting_origin, &details);
return granted ? blink::mojom::PermissionStatus::GRANTED
: blink::mojom::PermissionStatus::DENIED;
}
blink::mojom::PermissionStatus
ElectronPermissionManager::GetPermissionStatusForCurrentDocument(
blink::PermissionType permission,
content::RenderFrameHost* render_frame_host) {
return GetPermissionStatus(
permission, render_frame_host->GetLastCommittedOrigin().GetURL(),
content::PermissionUtil::GetLastCommittedOriginAsURL(render_frame_host));
}
blink::mojom::PermissionStatus
ElectronPermissionManager::GetPermissionStatusForWorker(
blink::PermissionType permission,
content::RenderProcessHost* render_process_host,
const GURL& worker_origin) {
return GetPermissionStatus(permission, worker_origin, worker_origin);
}
} // namespace electron
Reference in a new issue View git blame Copy permalink