Commit d08776b9 authored by Dmitry Torokhov's avatar Dmitry Torokhov Committed by Commit Bot

Send not granted VM permissions in GetPermissions response

Instead of sending only permissions that have been granted, send also
the ones that have not been granted, but can potentially be granted.
Only suppress permissions completely disabled via either a Chrome
feature flag, or enterprise policy.

Bug: 1071872
Change-Id: I00a9a11b00c908753e9d21d26b646ff204a5f958
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2304990Reviewed-by: default avatarKyle Horimoto <khorimoto@chromium.org>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Cr-Commit-Position: refs/heads/master@{#789811}
parent 832f62bc
...@@ -225,7 +225,8 @@ void VmPermissionServiceProvider::SetPermissions( ...@@ -225,7 +225,8 @@ void VmPermissionServiceProvider::SetPermissions(
return; return;
} }
std::set<VmInfo::PermissionType> new_permissions(iter->second->permissions_); base::flat_map<VmInfo::PermissionType, bool> new_permissions(
iter->second->permissions_);
for (const auto& p : request.permissions()) { for (const auto& p : request.permissions()) {
VmInfo::PermissionType kind; VmInfo::PermissionType kind;
if (p.kind() == vm_permission_service::Permission::CAMERA) { if (p.kind() == vm_permission_service::Permission::CAMERA) {
...@@ -241,11 +242,7 @@ void VmPermissionServiceProvider::SetPermissions( ...@@ -241,11 +242,7 @@ void VmPermissionServiceProvider::SetPermissions(
return; return;
} }
if (p.allowed()) { new_permissions[kind] = p.allowed();
new_permissions.insert(kind);
} else {
new_permissions.erase(kind);
}
} }
// Commit final version of permissions. // Commit final version of permissions.
...@@ -293,8 +290,7 @@ void VmPermissionServiceProvider::GetPermissions( ...@@ -293,8 +290,7 @@ void VmPermissionServiceProvider::GetPermissions(
vm_permission_service::GetPermissionsResponse payload; vm_permission_service::GetPermissionsResponse payload;
for (auto permission : iter->second->permissions_) { for (auto permission : iter->second->permissions_) {
auto* p = payload.add_permissions(); auto* p = payload.add_permissions();
p->set_allowed(true); switch (permission.first) {
switch (permission) {
case VmInfo::PermissionCamera: case VmInfo::PermissionCamera:
p->set_kind(vm_permission_service::Permission::CAMERA); p->set_kind(vm_permission_service::Permission::CAMERA);
break; break;
...@@ -302,6 +298,7 @@ void VmPermissionServiceProvider::GetPermissions( ...@@ -302,6 +298,7 @@ void VmPermissionServiceProvider::GetPermissions(
p->set_kind(vm_permission_service::Permission::MICROPHONE); p->set_kind(vm_permission_service::Permission::MICROPHONE);
break; break;
} }
p->set_allowed(permission.second);
} }
dbus::MessageWriter writer(response.get()); dbus::MessageWriter writer(response.get());
...@@ -332,16 +329,16 @@ void VmPermissionServiceProvider::UpdatePluginVmPermissions(VmInfo* vm) { ...@@ -332,16 +329,16 @@ void VmPermissionServiceProvider::UpdatePluginVmPermissions(VmInfo* vm) {
plugin_vm::PluginVmManagerFactory::GetForProfile(profile); plugin_vm::PluginVmManagerFactory::GetForProfile(profile);
if (base::FeatureList::IsEnabled( if (base::FeatureList::IsEnabled(
chromeos::features::kPluginVmShowCameraPermissions) && chromeos::features::kPluginVmShowCameraPermissions) &&
prefs->GetBoolean(prefs::kVideoCaptureAllowed) && prefs->GetBoolean(prefs::kVideoCaptureAllowed)) {
PluginVmManager->GetPermission(plugin_vm::PermissionType::kCamera)) { vm->permissions_[VmInfo::PermissionCamera] =
vm->permissions_.insert(VmInfo::PermissionCamera); PluginVmManager->GetPermission(plugin_vm::PermissionType::kCamera);
} }
if (base::FeatureList::IsEnabled( if (base::FeatureList::IsEnabled(
chromeos::features::kPluginVmShowMicrophonePermissions) && chromeos::features::kPluginVmShowMicrophonePermissions) &&
prefs->GetBoolean(prefs::kAudioCaptureAllowed) && prefs->GetBoolean(prefs::kAudioCaptureAllowed)) {
PluginVmManager->GetPermission(plugin_vm::PermissionType::kMicrophone)) { vm->permissions_[VmInfo::PermissionMicrophone] =
vm->permissions_.insert(VmInfo::PermissionMicrophone); PluginVmManager->GetPermission(plugin_vm::PermissionType::kMicrophone);
} }
} }
......
...@@ -6,11 +6,11 @@ ...@@ -6,11 +6,11 @@
#define CHROME_BROWSER_CHROMEOS_DBUS_VM_VM_PERMISSION_SERVICE_PROVIDER_H_ #define CHROME_BROWSER_CHROMEOS_DBUS_VM_VM_PERMISSION_SERVICE_PROVIDER_H_
#include <memory> #include <memory>
#include <set>
#include <string> #include <string>
#include <unordered_map> #include <unordered_map>
#include <utility> #include <utility>
#include "base/containers/flat_map.h"
#include "base/macros.h" #include "base/macros.h"
#include "base/memory/weak_ptr.h" #include "base/memory/weak_ptr.h"
#include "base/unguessable_token.h" #include "base/unguessable_token.h"
...@@ -111,7 +111,7 @@ class VmPermissionServiceProvider ...@@ -111,7 +111,7 @@ class VmPermissionServiceProvider
const std::string name_; const std::string name_;
const VmType type_; const VmType type_;
std::set<PermissionType> permissions_; base::flat_map<PermissionType, bool> permissions_;
VmInfo(std::string owner_id, std::string name, VmType type); VmInfo(std::string owner_id, std::string name, VmType type);
~VmInfo(); ~VmInfo();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment