chromecast: implement permission checking for CastExtensionHostDelegate

The permission checking will be done using the extension's
permissions specified in its manifest data, similar to what
is being done in ShellExtensionHostDelegate.

Also moved media_capture_util code to extensions/browser for better
code sharing and add an API for checking media access permission
for a given extension.

Bug: b/78193883
Test: Build
Change-Id: I7bd9d9a771b5a6d8ca719b5480e42f4624a1bb69
Reviewed-on: https://chromium-review.googlesource.com/1022316
Commit-Queue: Peter Qiu <zqiu@chromium.org>
Reviewed-by: Luke Halliwell <halliwell@chromium.org>
Reviewed-by: Fady Samuel <fsamuel@chromium.org>
Reviewed-by: Ken Rockot <rockot@chromium.org>
Cr-Commit-Position: refs/heads/master@{#552940}

chromecast/browser/extensions/cast_extension_host_delegate.cc

@@ -7,6 +7,7 @@
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "chromecast/browser/extensions/cast_extension_web_contents_observer.h"
+#include "extensions/browser/media_capture_util.h"
 #include "extensions/browser/serial_extension_host_queue.h"
 
 namespace extensions {
@@ -41,14 +42,18 @@ void CastExtensionHostDelegate::ProcessMediaAccessRequest(
     content::WebContents* web_contents,
     const content::MediaStreamRequest& request,
     const content::MediaResponseCallback& callback,
-    const Extension* extension) {}
+    const Extension* extension) {
+  // Allow access to the microphone and/or camera.
+  media_capture_util::GrantMediaStreamRequest(
+      web_contents, request, callback, extension);
+}
 
 bool CastExtensionHostDelegate::CheckMediaAccessPermission(
     content::RenderFrameHost* render_frame_host,
     const GURL& security_origin,
     content::MediaStreamType type,
     const Extension* extension) {
-  return true;
+  return media_capture_util::CheckMediaAccessPermission(type, extension);
 }
 
 static base::LazyInstance<SerialExtensionHostQueue>::DestructorAtExit g_queue =

extensions/browser/BUILD.gn

@@ -278,6 +278,8 @@ jumbo_source_set("browser_sources") {
     "load_monitoring_extension_host_queue.h",
     "management_policy.cc",
     "management_policy.h",
+    "media_capture_util.cc",
+    "media_capture_util.h",
     "mojo/interface_registration.cc",
     "mojo/interface_registration.h",
     "mojo/keep_alive_impl.cc",

extensions/shell/browser/media_capture_util.cc → extensions/browser/media_capture_util.cc

@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "extensions/shell/browser/media_capture_util.h"
+#include "extensions/browser/media_capture_util.h"
 
 #include <algorithm>
 #include <string>
@@ -96,5 +96,17 @@ void VerifyMediaAccessPermission(content::MediaStreamType type,
   }
 }
 
+bool CheckMediaAccessPermission(content::MediaStreamType type,
+                                const Extension* extension) {
+  const PermissionsData* permissions_data = extension->permissions_data();
+  if (type == content::MEDIA_DEVICE_AUDIO_CAPTURE) {
+    return permissions_data->HasAPIPermission(APIPermission::kAudioCapture);
+  } else {
+    DCHECK(type == content::MEDIA_DEVICE_VIDEO_CAPTURE);
+    return permissions_data->HasAPIPermission(APIPermission::kVideoCapture);
+  }
+  return false;
+}
+
 }  // namespace media_capture_util
 }  // namespace extensions

extensions/shell/browser/media_capture_util.h → extensions/browser/media_capture_util.h

@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef EXTENSIONS_SHELL_BROWSER_MEDIA_CAPTURE_UTIL_H_
-#define EXTENSIONS_SHELL_BROWSER_MEDIA_CAPTURE_UTIL_H_
+#ifndef EXTENSIONS_BROWSER_MEDIA_CAPTURE_UTIL_H_
+#define EXTENSIONS_BROWSER_MEDIA_CAPTURE_UTIL_H_
 
 #include "base/macros.h"
 #include "content/public/common/media_stream_request.h"
@@ -32,7 +32,11 @@ void GrantMediaStreamRequest(content::WebContents* web_contents,
 void VerifyMediaAccessPermission(content::MediaStreamType type,
                                  const Extension* extension);
 
+// Check if the extension has permission for |type|.
+bool CheckMediaAccessPermission(content::MediaStreamType type,
+                                const Extension* extension);
+
 }  // namespace media_capture_util
 }  // namespace extensions
 
-#endif  // EXTENSIONS_SHELL_BROWSER_MEDIA_CAPTURE_UTIL_H_
+#endif  // EXTENSIONS_BROWSER_MEDIA_CAPTURE_UTIL_H_

extensions/shell/BUILD.gn

@@ -104,8 +104,6 @@ source_set("app_shell_lib") {
     "browser/delegates/shell_kiosk_delegate.h",
     "browser/desktop_controller.cc",
     "browser/desktop_controller.h",
-    "browser/media_capture_util.cc",
-    "browser/media_capture_util.h",
     "browser/shell_app_delegate.cc",
     "browser/shell_app_delegate.h",
     "browser/shell_app_view_guest_delegate.cc",

extensions/shell/browser/shell_app_delegate.cc

@@ -5,8 +5,8 @@
 #include "extensions/shell/browser/shell_app_delegate.h"
 
 #include "content/public/browser/web_contents.h"
+#include "extensions/browser/media_capture_util.h"
 #include "extensions/common/constants.h"
-#include "extensions/shell/browser/media_capture_util.h"
 #include "extensions/shell/browser/shell_extension_web_contents_observer.h"
 
 namespace extensions {

extensions/shell/browser/shell_extension_host_delegate.cc

@@ -6,8 +6,8 @@
 
 #include "base/lazy_instance.h"
 #include "base/logging.h"
+#include "extensions/browser/media_capture_util.h"
 #include "extensions/browser/serial_extension_host_queue.h"
-#include "extensions/shell/browser/media_capture_util.h"
 #include "extensions/shell/browser/shell_extension_web_contents_observer.h"
 
 namespace extensions {