[sensors][permission] Add new permission types in permission module.

This is the first part of adding permission guard for sensors based on Generic Sensor Framework. There was consensus to add granular permissions for sensors here https://github.com/w3c/sensors/issues/22 This CL adds permission name for the different sensors in the permission module. Spec discussion : https://github.com/w3c/permissions/pull/142 BUG=606766 Review-Url: https://codereview.chromium.org/2791623004 Cr-Commit-Position: refs/heads/master@{#491303}

[sensors][permission] Add new permission types in permission module.
This is the first part of adding permission guard for sensors based on Generic Sensor Framework. There was consensus to add granular permissions for sensors here https://github.com/w3c/sensors/issues/22 This CL adds permission name for the different sensors in the permission module. Spec discussion : https://github.com/w3c/permissions/pull/142 BUG=606766 Review-Url: https://codereview.chromium.org/2791623004 Cr-Commit-Position: refs/heads/master@{#491303}
7b072ad1 · rijubrata.bhaumik · Commit Bot · 1216ceaf · 7b072ad1 · 7b072ad1
Commit 7b072ad1 authored Aug 02, 2017 by rijubrata.bhaumik Committed by Commit Bot Aug 02, 2017
15 changed files
--- a/android_webview/browser/aw_permission_manager.cc
+++ b/android_webview/browser/aw_permission_manager.cc
@@ -324,6 +324,7 @@ int AwPermissionManager::RequestPermissions(
      case PermissionType::PUSH_MESSAGING:
      case PermissionType::DURABLE_STORAGE:
      case PermissionType::BACKGROUND_SYNC:
+      case PermissionType::SENSORS:
      case PermissionType::FLASH:
        NOTIMPLEMENTED() << "RequestPermissions is not implemented for "
                         << static_cast<int>(permissions[i]);
@@ -462,6 +463,7 @@ void AwPermissionManager::CancelPermissionRequest(int request_id) {
      case PermissionType::AUDIO_CAPTURE:
      case PermissionType::VIDEO_CAPTURE:
      case PermissionType::BACKGROUND_SYNC:
+      case PermissionType::SENSORS:
      case PermissionType::FLASH:
        NOTIMPLEMENTED() << "CancelPermission not implemented for "
                         << static_cast<int>(permission);

--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -443,6 +443,8 @@ split_static_library("browser") {
    "gcm/instance_id/instance_id_profile_service.h",
    "gcm/instance_id/instance_id_profile_service_factory.cc",
    "gcm/instance_id/instance_id_profile_service_factory.h",
+    "generic_sensor/sensor_permission_context.cc",
+    "generic_sensor/sensor_permission_context.h",
    "geolocation/chrome_access_token_store.cc",
    "geolocation/chrome_access_token_store.h",
    "geolocation/geolocation_permission_context.cc",

--- a/chrome/browser/generic_sensor/OWNERS
+++ b/chrome/browser/generic_sensor/OWNERS
+file://services/device/generic_sensor/OWNERS
+
+per-file *permission_context*=set noparent
+per-file *permission_context*=file://chrome/browser/permissions/PERMISSIONS_OWNERS
+
+# COMPONENT: Blink>Sensor
+# TEAM: device-dev@chromium.org
--- a/chrome/browser/generic_sensor/sensor_permission_context.cc
+++ b/chrome/browser/generic_sensor/sensor_permission_context.cc
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/generic_sensor/sensor_permission_context.h"
+
+SensorPermissionContext::SensorPermissionContext(Profile* profile)
+    : PermissionContextBase(profile,
+                            CONTENT_SETTINGS_TYPE_SENSORS,
+                            blink::WebFeaturePolicyFeature::kNotFound) {}
+
+SensorPermissionContext::~SensorPermissionContext() {}
+
+ContentSetting SensorPermissionContext::GetPermissionStatusInternal(
+    content::RenderFrameHost* render_frame_host,
+    const GURL& requesting_origin,
+    const GURL& embedding_origin) const {
+  if (requesting_origin != embedding_origin)
+    return CONTENT_SETTING_BLOCK;
+
+  return CONTENT_SETTING_ALLOW;
+}
+
+bool SensorPermissionContext::IsRestrictedToSecureOrigins() const {
+  return true;
+}
--- a/chrome/browser/generic_sensor/sensor_permission_context.h
+++ b/chrome/browser/generic_sensor/sensor_permission_context.h
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_GENERIC_SENSOR_SENSOR_PERMISSION_CONTEXT_H_
+#define CHROME_BROWSER_GENERIC_SENSOR_SENSOR_PERMISSION_CONTEXT_H_
+
+#include "base/macros.h"
+#include "chrome/browser/permissions/permission_context_base.h"
+
+class SensorPermissionContext : public PermissionContextBase {
+ public:
+  explicit SensorPermissionContext(Profile* profile);
+
+  ~SensorPermissionContext() override;
+
+ private:
+  // PermissionContextBase:
+  ContentSetting GetPermissionStatusInternal(
+      content::RenderFrameHost* render_frame_host,
+      const GURL& requesting_origin,
+      const GURL& embedding_origin) const override;
+  bool IsRestrictedToSecureOrigins() const override;
+
+  DISALLOW_COPY_AND_ASSIGN(SensorPermissionContext);
+};
+
+#endif  // CHROME_BROWSER_GENERIC_SENSOR_SENSOR_PERMISSION_CONTEXT_H_
--- a/chrome/browser/permissions/permission_manager.cc
+++ b/chrome/browser/permissions/permission_manager.cc
@@ -12,6 +12,7 @@
 #include "build/build_config.h"
 #include "chrome/browser/background_sync/background_sync_permission_context.h"
 #include "chrome/browser/content_settings/host_content_settings_map_factory.h"
+#include "chrome/browser/generic_sensor/sensor_permission_context.h"
 #include "chrome/browser/media/midi_permission_context.h"
 #include "chrome/browser/media/midi_sysex_permission_context.h"
 #include "chrome/browser/media/webrtc/media_stream_device_permission_context.h"
@@ -104,6 +105,8 @@ ContentSettingsType PermissionTypeToContentSetting(PermissionType permission) {
      return CONTENT_SETTINGS_TYPE_BACKGROUND_SYNC;
    case PermissionType::FLASH:
      return CONTENT_SETTINGS_TYPE_PLUGINS;
+    case PermissionType::SENSORS:
+      return CONTENT_SETTINGS_TYPE_SENSORS;
    case PermissionType::NUM:
      // This will hit the NOTREACHED below.
      break;
@@ -284,6 +287,8 @@ PermissionManager::PermissionManager(Profile* profile)
  permission_contexts_[CONTENT_SETTINGS_TYPE_PLUGINS] =
      base::MakeUnique<FlashPermissionContext>(profile);
 #endif
+  permission_contexts_[CONTENT_SETTINGS_TYPE_SENSORS] =
+      base::MakeUnique<SensorPermissionContext>(profile);
 }

 PermissionManager::~PermissionManager() {

--- a/chrome/browser/permissions/permission_util.cc
+++ b/chrome/browser/permissions/permission_util.cc
@@ -43,6 +43,8 @@ std::string PermissionUtil::GetPermissionString(
      return "BackgroundSync";
    case CONTENT_SETTINGS_TYPE_PLUGINS:
      return "Flash";
+    case CONTENT_SETTINGS_TYPE_SENSORS:
+      return "Sensors";
    default:
      break;
  }
@@ -73,6 +75,8 @@ std::string PermissionUtil::ConvertContentSettingsTypeToSafeBrowsingName(
      return "BACKGROUND_SYNC";
    case CONTENT_SETTINGS_TYPE_PLUGINS:
      return "FLASH";
+    case CONTENT_SETTINGS_TYPE_SENSORS:
+      return "SENSORS";
    default:
      break;
  }
@@ -135,6 +139,8 @@ bool PermissionUtil::GetPermissionType(ContentSettingsType type,
  } else if (type == CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER) {
    *out = PermissionType::PROTECTED_MEDIA_IDENTIFIER;
 #endif
+  } else if (type == CONTENT_SETTINGS_TYPE_SENSORS) {
+    *out = PermissionType::SENSORS;
  } else {
    return false;
  }
@@ -162,6 +168,7 @@ bool PermissionUtil::IsPermission(ContentSettingsType type) {
 #if defined(OS_ANDROID) || defined(OS_CHROMEOS)
    case CONTENT_SETTINGS_TYPE_PROTECTED_MEDIA_IDENTIFIER:
 #endif
+    case CONTENT_SETTINGS_TYPE_SENSORS:
      return true;
    default:
      return false;

--- a/components/content_settings/core/common/content_settings.cc
+++ b/components/content_settings/core/common/content_settings.cc
@@ -28,7 +28,7 @@ struct HistogramValue {
 // content settings type name instead.
 //
 // The array size must be explicit for the static_asserts below.
-constexpr size_t kNumHistogramValues = 31;
+constexpr size_t kNumHistogramValues = 32;
 constexpr HistogramValue kHistogramValue[kNumHistogramValues] = {
    {CONTENT_SETTINGS_TYPE_COOKIES, 0},
    {CONTENT_SETTINGS_TYPE_IMAGES, 1},
@@ -61,6 +61,7 @@ constexpr HistogramValue kHistogramValue[kNumHistogramValues] = {
    {CONTENT_SETTINGS_TYPE_MEDIA_ENGAGEMENT, 35},
    {CONTENT_SETTINGS_TYPE_SOUND, 36},
    {CONTENT_SETTINGS_TYPE_CLIENT_HINTS, 37},
+    {CONTENT_SETTINGS_TYPE_SENSORS, 38},
 };

 }  // namespace

--- a/components/content_settings/core/common/content_settings_types.h
+++ b/components/content_settings/core/common/content_settings_types.h
@@ -85,6 +85,13 @@ enum ContentSettingsType {
  // the HTTP request headers for every resource requested from that origin.
  CONTENT_SETTINGS_TYPE_CLIENT_HINTS,

+  // Generic Sensor API covering ambient-light-sensor, accelerometer, gyroscope
+  // and magnetometer are all mapped to a single content_settings_type.
+  // Setting for the Generic Sensor API covering ambient-light-sensor,
+  // accelerometer, gyroscope and magnetometer. These are all mapped to a single
+  // ContentSettingsType.
+  CONTENT_SETTINGS_TYPE_SENSORS,
+
  CONTENT_SETTINGS_NUM_TYPES,
 };


--- a/content/browser/permissions/permission_service_impl.cc
+++ b/content/browser/permissions/permission_service_impl.cc
@@ -54,6 +54,8 @@ PermissionType PermissionDescriptorToPermissionType(
      return PermissionType::VIDEO_CAPTURE;
    case PermissionName::BACKGROUND_SYNC:
      return PermissionType::BACKGROUND_SYNC;
+    case PermissionName::SENSORS:
+      return PermissionType::SENSORS;
  }

  NOTREACHED();
@@ -79,6 +81,7 @@ blink::WebFeaturePolicyFeature PermissionTypeToFeaturePolicyFeature(
    case PermissionType::DURABLE_STORAGE:
    case PermissionType::BACKGROUND_SYNC:
    case PermissionType::FLASH:
+    case PermissionType::SENSORS:
    case PermissionType::NUM:
      // These aren't exposed by feature policy.
      return blink::WebFeaturePolicyFeature::kNotFound;

--- a/content/public/browser/permission_type.h
+++ b/content/public/browser/permission_type.h
@@ -24,6 +24,7 @@ enum class PermissionType {
  VIDEO_CAPTURE = 9,
  BACKGROUND_SYNC = 10,
  FLASH = 11,
+  SENSORS = 12,

  // Always keep this at the end.
  NUM,

--- a/third_party/WebKit/LayoutTests/http/tests/permissions/resources/test-query.js
+++ b/third_party/WebKit/LayoutTests/http/tests/permissions/resources/test-query.js
@@ -24,6 +24,42 @@ async_test(function(test) {
    });
 }, 'Test PermissionDescription WebIDL rules in ' + get_current_scope() + ' scope.');

+async_test(function(test) {
+    navigator.permissions.query({name:'ambient-light-sensor'}).then(function(result) {
+        assert_true(result instanceof PermissionStatus);
+        test.done();
+    }).catch(function() {
+        assert_unreached('querying ambient-light-sensor permission should not fail.')
+    });
+}, 'Test ambient-light-sensor permission in ' + get_current_scope() + ' scope.');
+
+async_test(function(test) {
+    navigator.permissions.query({name:'accelerometer'}).then(function(result) {
+        assert_true(result instanceof PermissionStatus);
+        test.done();
+    }).catch(function() {
+        assert_unreached('querying accelerometer permission should not fail.')
+    });
+}, 'Test accelerometer permission in ' + get_current_scope() + ' scope.');
+
+async_test(function(test) {
+    navigator.permissions.query({name:'gyroscope'}).then(function(result) {
+        assert_true(result instanceof PermissionStatus);
+        test.done();
+    }).catch(function() {
+        assert_unreached('querying gyroscope permission should not fail.')
+    });
+}, 'Test gyroscope permission in ' + get_current_scope() + ' scope.');
+
+async_test(function(test) {
+    navigator.permissions.query({name:'magnetometer'}).then(function(result) {
+        assert_true(result instanceof PermissionStatus);
+        test.done();
+    }).catch(function() {
+        assert_unreached('querying magnetometer permission should not fail.')
+    });
+}, 'Test magnetometer permission in ' + get_current_scope() + ' scope.');
+
 async_test(function(test) {
    navigator.permissions.query({name:'geolocation'}).then(function(result) {
        assert_true(result instanceof PermissionStatus);

--- a/third_party/WebKit/Source/modules/permissions/PermissionDescriptor.idl
+++ b/third_party/WebKit/Source/modules/permissions/PermissionDescriptor.idl
@@ -7,7 +7,11 @@ enum PermissionName {
    "midi",
    "notifications",
    "push",
-    "background-sync"
+    "background-sync",
+    "ambient-light-sensor",
+    "accelerometer",
+    "gyroscope",
+    "magnetometer",
 };

 // The PermissionDescriptor dictionary is a base to describe permissions. Some

--- a/third_party/WebKit/Source/modules/permissions/Permissions.cpp
+++ b/third_party/WebKit/Source/modules/permissions/Permissions.cpp
@@ -21,6 +21,7 @@
 #include "modules/permissions/PermissionDescriptor.h"
 #include "modules/permissions/PermissionStatus.h"
 #include "modules/permissions/PermissionUtils.h"
+#include "platform/RuntimeEnabledFeatures.h"
 #include "platform/wtf/Functional.h"
 #include "platform/wtf/NotFound.h"
 #include "platform/wtf/PtrUtil.h"
@@ -91,6 +92,16 @@ PermissionDescriptorPtr ParsePermission(ScriptState* script_state,
  }
  if (name == "background-sync")
    return CreatePermissionDescriptor(PermissionName::BACKGROUND_SYNC);
+  // TODO(riju): Remove runtime flag check when Generic Sensor feature is
+  // stable.
+  if (name == "ambient-light-sensor" || name == "accelerometer" ||
+      name == "gyroscope" || name == "magnetometer") {
+    if (!RuntimeEnabledFeatures::SensorEnabled()) {
+      exception_state.ThrowTypeError("GenericSensor flag is not enabled.");
+      return nullptr;
+    }
+    return CreatePermissionDescriptor(PermissionName::SENSORS);
+  }

  return nullptr;
 }

--- a/third_party/WebKit/public/platform/modules/permissions/permission.mojom
+++ b/third_party/WebKit/public/platform/modules/permissions/permission.mojom
@@ -17,6 +17,7 @@ enum PermissionName {
  AUDIO_CAPTURE,
  VIDEO_CAPTURE,
  BACKGROUND_SYNC,
+  SENSORS,
 };

 struct MidiPermissionDescriptor {