diff options
-rw-r--r-- | src/core/file_system_access/file_system_access_permission_context_qt.cpp | 62 | ||||
-rw-r--r-- | src/core/file_system_access/file_system_access_permission_context_qt.h | 3 |
2 files changed, 61 insertions, 4 deletions
diff --git a/src/core/file_system_access/file_system_access_permission_context_qt.cpp b/src/core/file_system_access/file_system_access_permission_context_qt.cpp index a8406c8ae..bc88f7898 100644 --- a/src/core/file_system_access/file_system_access_permission_context_qt.cpp +++ b/src/core/file_system_access/file_system_access_permission_context_qt.cpp @@ -204,8 +204,6 @@ FileSystemAccessPermissionContextQt::GetReadPermissionGrant(const url::Origin &o HandleType handle_type, UserAction user_action) { - Q_UNUSED(user_action); - auto &origin_state = m_origins[origin]; auto *&existing_grant = origin_state.read_grants[path]; scoped_refptr<FileSystemAccessPermissionGrantQt> new_grant; @@ -224,6 +222,27 @@ FileSystemAccessPermissionContextQt::GetReadPermissionGrant(const url::Origin &o existing_grant = new_grant.get(); } + // If a parent directory is already readable this new grant should also be readable. + if (new_grant && AncestorHasActivePermission(origin, path, GrantType::kRead)) { + existing_grant->SetStatus(blink::mojom::PermissionStatus::GRANTED); + return existing_grant; + } + + switch (user_action) { + case UserAction::kOpen: + case UserAction::kSave: + // Open and Save dialog only grant read access for individual files. + if (handle_type == HandleType::kDirectory) + break; + Q_FALLTHROUGH(); + case UserAction::kDragAndDrop: + // Drag&drop grants read access for all handles. + existing_grant->SetStatus(blink::mojom::PermissionStatus::GRANTED); + break; + case UserAction::kLoadFromStorage: + break; + } + return existing_grant; } @@ -233,8 +252,6 @@ FileSystemAccessPermissionContextQt::GetWritePermissionGrant(const url::Origin & HandleType handle_type, UserAction user_action) { - Q_UNUSED(user_action); - auto &origin_state = m_origins[origin]; auto *&existing_grant = origin_state.write_grants[path]; scoped_refptr<FileSystemAccessPermissionGrantQt> new_grant; @@ -253,6 +270,23 @@ FileSystemAccessPermissionContextQt::GetWritePermissionGrant(const url::Origin & existing_grant = new_grant.get(); } + // If a parent directory is already writable this new grant should also be writable. + if (new_grant && AncestorHasActivePermission(origin, path, GrantType::kWrite)) { + existing_grant->SetStatus(blink::mojom::PermissionStatus::GRANTED); + return existing_grant; + } + + switch (user_action) { + case UserAction::kSave: + // Only automatically grant write access for save dialogs. + existing_grant->SetStatus(blink::mojom::PermissionStatus::GRANTED); + break; + case UserAction::kOpen: + case UserAction::kDragAndDrop: + case UserAction::kLoadFromStorage: + break; + } + return existing_grant; } @@ -394,6 +428,26 @@ void FileSystemAccessPermissionContextQt::DidConfirmSensitiveDirectoryAccess( std::move(callback).Run(SensitiveEntryResult::kAllowed); } +bool FileSystemAccessPermissionContextQt::AncestorHasActivePermission( + const url::Origin &origin, const base::FilePath &path, GrantType grant_type) const +{ + auto it = m_origins.find(origin); + if (it == m_origins.end()) + return false; + + const auto &relevant_grants = grant_type == GrantType::kWrite ? it->second.write_grants : it->second.read_grants; + if (relevant_grants.empty()) + return false; + + // Permissions are inherited from the closest ancestor. + for (base::FilePath parent = path.DirName(); parent != parent.DirName(); parent = parent.DirName()) { + auto i = relevant_grants.find(parent); + if (i != relevant_grants.end() && i->second && i->second->GetStatus() == blink::mojom::PermissionStatus::GRANTED) + return true; + } + return false; +} + std::u16string FileSystemAccessPermissionContextQt::GetPickerTitle(const blink::mojom::FilePickerOptionsPtr &) { return {}; diff --git a/src/core/file_system_access/file_system_access_permission_context_qt.h b/src/core/file_system_access/file_system_access_permission_context_qt.h index 713239525..29fefee24 100644 --- a/src/core/file_system_access/file_system_access_permission_context_qt.h +++ b/src/core/file_system_access/file_system_access_permission_context_qt.h @@ -63,6 +63,9 @@ private: const url::Origin &origin, const base::FilePath &path, HandleType handle_type, UserAction user_action, content::GlobalRenderFrameHostId frame_id, base::OnceCallback<void(SensitiveEntryResult)> callback, bool should_block); + bool AncestorHasActivePermission(const url::Origin &origin, + const base::FilePath &path, + GrantType grant_type) const; content::BrowserContext *m_profile; |