1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/common/chrome_paths_internal.h" 6 7#include <windows.h> 8#include <knownfolders.h> 9#include <shellapi.h> 10#include <shlobj.h> 11#include <shobjidl.h> 12 13#include "base/files/file_path.h" 14#include "base/path_service.h" 15#include "base/win/metro.h" 16#include "base/win/scoped_co_mem.h" 17#include "chrome/common/chrome_constants.h" 18#include "chrome/common/chrome_switches.h" 19#include "chrome/installer/util/browser_distribution.h" 20#include "components/nacl/common/nacl_switches.h" 21 22namespace chrome { 23 24namespace { 25 26// Generic function to call SHGetFolderPath(). 27bool GetUserDirectory(int csidl_folder, base::FilePath* result) { 28 // We need to go compute the value. It would be nice to support paths 29 // with names longer than MAX_PATH, but the system functions don't seem 30 // to be designed for it either, with the exception of GetTempPath 31 // (but other things will surely break if the temp path is too long, 32 // so we don't bother handling it. 33 wchar_t path_buf[MAX_PATH]; 34 path_buf[0] = 0; 35 if (FAILED(SHGetFolderPath(NULL, csidl_folder, NULL, 36 SHGFP_TYPE_CURRENT, path_buf))) { 37 return false; 38 } 39 *result = base::FilePath(path_buf); 40 return true; 41} 42 43} // namespace 44 45bool GetDefaultUserDataDirectory(base::FilePath* result) { 46 if (!PathService::Get(base::DIR_LOCAL_APP_DATA, result)) 47 return false; 48 BrowserDistribution* dist = BrowserDistribution::GetDistribution(); 49 *result = result->Append(dist->GetInstallSubDir()); 50 *result = result->Append(chrome::kUserDataDirname); 51 return true; 52} 53 54bool GetChromeFrameUserDataDirectory(base::FilePath* result) { 55 if (!PathService::Get(base::DIR_LOCAL_APP_DATA, result)) 56 return false; 57 BrowserDistribution* dist = BrowserDistribution::GetSpecificDistribution( 58 BrowserDistribution::CHROME_FRAME); 59 *result = result->Append(dist->GetInstallSubDir()); 60 *result = result->Append(chrome::kUserDataDirname); 61 return true; 62} 63 64void GetUserCacheDirectory(const base::FilePath& profile_dir, 65 base::FilePath* result) { 66 // This function does more complicated things on Mac/Linux. 67 *result = profile_dir; 68} 69 70bool GetUserDocumentsDirectory(base::FilePath* result) { 71 return GetUserDirectory(CSIDL_MYDOCUMENTS, result); 72} 73 74// Return a default path for downloads that is safe. 75// We just use 'Downloads' under DIR_USER_DOCUMENTS. Localizing 76// 'downloads' is not a good idea because Chrome's UI language 77// can be changed. 78bool GetUserDownloadsDirectorySafe(base::FilePath* result) { 79 if (!GetUserDocumentsDirectory(result)) 80 return false; 81 82 *result = result->Append(L"Downloads"); 83 return true; 84} 85 86// On Vista and higher, use the downloads known folder. Since it can be 87// relocated to point to a "dangerous" folder, callers should validate that the 88// returned path is not dangerous before using it. 89bool GetUserDownloadsDirectory(base::FilePath* result) { 90 typedef HRESULT (WINAPI *GetKnownFolderPath)( 91 REFKNOWNFOLDERID, DWORD, HANDLE, PWSTR*); 92 GetKnownFolderPath f = reinterpret_cast<GetKnownFolderPath>( 93 GetProcAddress(GetModuleHandle(L"shell32.dll"), "SHGetKnownFolderPath")); 94 base::win::ScopedCoMem<wchar_t> path_buf; 95 if (f && SUCCEEDED(f(FOLDERID_Downloads, 0, NULL, &path_buf))) { 96 *result = base::FilePath(std::wstring(path_buf)); 97 return true; 98 } 99 return GetUserDownloadsDirectorySafe(result); 100} 101 102bool GetUserMusicDirectory(base::FilePath* result) { 103 return GetUserDirectory(CSIDL_MYMUSIC, result); 104} 105 106bool GetUserPicturesDirectory(base::FilePath* result) { 107 return GetUserDirectory(CSIDL_MYPICTURES, result); 108} 109 110bool GetUserVideosDirectory(base::FilePath* result) { 111 return GetUserDirectory(CSIDL_MYVIDEO, result); 112} 113 114bool ProcessNeedsProfileDir(const std::string& process_type) { 115 // On windows we don't want subprocesses other than the browser process and 116 // service processes to be able to use the profile directory because if it 117 // lies on a network share the sandbox will prevent us from accessing it. 118 // TODO(pastarmovj): For now plugin broker processes are whitelisted too 119 // because they do use the profile dir in some way and are not sandboxed. 120 return process_type.empty() || 121 process_type == switches::kServiceProcess || 122 process_type == switches::kNaClBrokerProcess || 123 process_type == switches::kNaClLoaderProcess || 124 process_type == switches::kPpapiBrokerProcess; 125} 126 127} // namespace chrome 128