1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/common/chrome_paths_internal.h"
6
7#include <windows.h>
8#include <knownfolders.h>
9#include <shellapi.h>
10#include <shlobj.h>
11#include <shobjidl.h>
12
13#include "base/files/file_path.h"
14#include "base/path_service.h"
15#include "base/win/metro.h"
16#include "base/win/scoped_co_mem.h"
17#include "chrome/common/chrome_constants.h"
18#include "chrome/common/chrome_switches.h"
19#include "chrome/installer/util/browser_distribution.h"
20#include "components/nacl/common/nacl_switches.h"
21
22namespace chrome {
23
24namespace {
25
26// Generic function to call SHGetFolderPath().
27bool GetUserDirectory(int csidl_folder, base::FilePath* result) {
28  // We need to go compute the value. It would be nice to support paths
29  // with names longer than MAX_PATH, but the system functions don't seem
30  // to be designed for it either, with the exception of GetTempPath
31  // (but other things will surely break if the temp path is too long,
32  // so we don't bother handling it.
33  wchar_t path_buf[MAX_PATH];
34  path_buf[0] = 0;
35  if (FAILED(SHGetFolderPath(NULL, csidl_folder, NULL,
36                             SHGFP_TYPE_CURRENT, path_buf))) {
37    return false;
38  }
39  *result = base::FilePath(path_buf);
40  return true;
41}
42
43}  // namespace
44
45bool GetDefaultUserDataDirectory(base::FilePath* result) {
46  if (!PathService::Get(base::DIR_LOCAL_APP_DATA, result))
47    return false;
48  BrowserDistribution* dist = BrowserDistribution::GetDistribution();
49  *result = result->Append(dist->GetInstallSubDir());
50  *result = result->Append(chrome::kUserDataDirname);
51  return true;
52}
53
54bool GetChromeFrameUserDataDirectory(base::FilePath* result) {
55  if (!PathService::Get(base::DIR_LOCAL_APP_DATA, result))
56    return false;
57  BrowserDistribution* dist = BrowserDistribution::GetSpecificDistribution(
58      BrowserDistribution::CHROME_FRAME);
59  *result = result->Append(dist->GetInstallSubDir());
60  *result = result->Append(chrome::kUserDataDirname);
61  return true;
62}
63
64void GetUserCacheDirectory(const base::FilePath& profile_dir,
65                           base::FilePath* result) {
66  // This function does more complicated things on Mac/Linux.
67  *result = profile_dir;
68}
69
70bool GetUserDocumentsDirectory(base::FilePath* result) {
71  return GetUserDirectory(CSIDL_MYDOCUMENTS, result);
72}
73
74// Return a default path for downloads that is safe.
75// We just use 'Downloads' under DIR_USER_DOCUMENTS. Localizing
76// 'downloads' is not a good idea because Chrome's UI language
77// can be changed.
78bool GetUserDownloadsDirectorySafe(base::FilePath* result) {
79  if (!GetUserDocumentsDirectory(result))
80    return false;
81
82  *result = result->Append(L"Downloads");
83  return true;
84}
85
86// On Vista and higher, use the downloads known folder. Since it can be
87// relocated to point to a "dangerous" folder, callers should validate that the
88// returned path is not dangerous before using it.
89bool GetUserDownloadsDirectory(base::FilePath* result) {
90  typedef HRESULT (WINAPI *GetKnownFolderPath)(
91      REFKNOWNFOLDERID, DWORD, HANDLE, PWSTR*);
92  GetKnownFolderPath f = reinterpret_cast<GetKnownFolderPath>(
93      GetProcAddress(GetModuleHandle(L"shell32.dll"), "SHGetKnownFolderPath"));
94  base::win::ScopedCoMem<wchar_t> path_buf;
95  if (f && SUCCEEDED(f(FOLDERID_Downloads, 0, NULL, &path_buf))) {
96    *result = base::FilePath(std::wstring(path_buf));
97    return true;
98  }
99  return GetUserDownloadsDirectorySafe(result);
100}
101
102bool GetUserMusicDirectory(base::FilePath* result) {
103  return GetUserDirectory(CSIDL_MYMUSIC, result);
104}
105
106bool GetUserPicturesDirectory(base::FilePath* result) {
107  return GetUserDirectory(CSIDL_MYPICTURES, result);
108}
109
110bool GetUserVideosDirectory(base::FilePath* result) {
111  return GetUserDirectory(CSIDL_MYVIDEO, result);
112}
113
114bool ProcessNeedsProfileDir(const std::string& process_type) {
115  // On windows we don't want subprocesses other than the browser process and
116  // service processes to be able to use the profile directory because if it
117  // lies on a network share the sandbox will prevent us from accessing it.
118  // TODO(pastarmovj): For now plugin broker processes are whitelisted too
119  // because they do use the profile dir in some way and are not sandboxed.
120  return process_type.empty() ||
121         process_type == switches::kServiceProcess ||
122         process_type == switches::kNaClBrokerProcess ||
123         process_type == switches::kNaClLoaderProcess ||
124         process_type == switches::kPpapiBrokerProcess;
125}
126
127}  // namespace chrome
128