Create ChromeSecurityDelegate
Move code in components/exo/security_delegate.cc to c/b/ash/exo where it
can have dependencies on more code. Existing functions from
ChromeDataExchangeDelegate will move into ChromeSecurityDelegate in
order to support drag-drop of files with Bruschetta VM.
Bug: b/323465931
Change-Id: I04818782081fae3fa309ad045b8ee2620edd815e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5290174
Reviewed-by: Mitsuru Oshima <oshima@chromium.org>
Commit-Queue: Joel Hockey <joelhockey@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1262258}
diff --git a/chrome/browser/ash/BUILD.gn b/chrome/browser/ash/BUILD.gn
index 731f4222..b40bf942 100644
--- a/chrome/browser/ash/BUILD.gn
+++ b/chrome/browser/ash/BUILD.gn
@@ -1082,6 +1082,8 @@
"events/event_rewriter_delegate_impl.h",
"exo/chrome_data_exchange_delegate.cc",
"exo/chrome_data_exchange_delegate.h",
+ "exo/chrome_security_delegate.cc",
+ "exo/chrome_security_delegate.h",
"extensions/default_app_order.cc",
"extensions/default_app_order.h",
"extensions/device_local_account_management_policy_provider.cc",
@@ -5462,6 +5464,7 @@
"eol_notification_unittest.cc",
"events/event_rewriter_unittest.cc",
"exo/chrome_data_exchange_delegate_unittest.cc",
+ "exo/chrome_security_delegate_unittest.cc",
"extensions/default_app_order_unittest.cc",
"extensions/device_local_account_management_policy_provider_unittest.cc",
"extensions/extensions_permissions_tracker_unittest.cc",
diff --git a/chrome/browser/ash/exo/chrome_security_delegate.cc b/chrome/browser/ash/exo/chrome_security_delegate.cc
new file mode 100644
index 0000000..6231ad9e
--- /dev/null
+++ b/chrome/browser/ash/exo/chrome_security_delegate.cc
@@ -0,0 +1,44 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ash/exo/chrome_security_delegate.h"
+
+#include "ash/public/cpp/app_types_util.h"
+#include "components/exo/shell_surface_util.h"
+
+namespace ash {
+
+ChromeSecurityDelegate::ChromeSecurityDelegate() = default;
+
+ChromeSecurityDelegate::~ChromeSecurityDelegate() = default;
+
+bool ChromeSecurityDelegate::CanSelfActivate(aura::Window* window) const {
+ // TODO(b/233691818): The default should be "false", and clients should
+ // override that if they need to self-activate.
+ //
+ // Unfortunately, several clients don't have their own SecurityDelegate yet,
+ // so we will continue to use the old exo::Permissions stuff until they do.
+ return exo::HasPermissionToActivate(window);
+}
+
+bool ChromeSecurityDelegate::CanLockPointer(aura::Window* window) const {
+ // TODO(b/200896773): Move this out from exo's default security delegate
+ // define in client's security delegates.
+ return ash::IsArcWindow(window) || ash::IsLacrosWindow(window);
+}
+
+ChromeSecurityDelegate::SetBoundsPolicy ChromeSecurityDelegate::CanSetBounds(
+ aura::Window* window) const {
+ // TODO(b/200896773): Move into LacrosSecurityDelegate when it exists.
+ if (ash::IsLacrosWindow(window)) {
+ return SetBoundsPolicy::DCHECK_IF_DECORATED;
+ } else if (ash::IsArcWindow(window)) {
+ // TODO(b/285252684): Move into ArcSecurityDelegate when it exists.
+ return SetBoundsPolicy::ADJUST_IF_DECORATED;
+ } else {
+ return SetBoundsPolicy::IGNORE;
+ }
+}
+
+} // namespace ash
diff --git a/chrome/browser/ash/exo/chrome_security_delegate.h b/chrome/browser/ash/exo/chrome_security_delegate.h
new file mode 100644
index 0000000..b2d35a9
--- /dev/null
+++ b/chrome/browser/ash/exo/chrome_security_delegate.h
@@ -0,0 +1,27 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_ASH_EXO_CHROME_SECURITY_DELEGATE_H_
+#define CHROME_BROWSER_ASH_EXO_CHROME_SECURITY_DELEGATE_H_
+
+#include "components/exo/security_delegate.h"
+
+namespace ash {
+
+class ChromeSecurityDelegate : public exo::SecurityDelegate {
+ public:
+ ChromeSecurityDelegate();
+ ChromeSecurityDelegate(const ChromeSecurityDelegate&) = delete;
+ ChromeSecurityDelegate& operator=(const ChromeSecurityDelegate&) = delete;
+ ~ChromeSecurityDelegate() override;
+
+ // exo::SecurityDelegate;
+ bool CanSelfActivate(aura::Window* window) const override;
+ bool CanLockPointer(aura::Window* window) const override;
+ SetBoundsPolicy CanSetBounds(aura::Window* window) const override;
+};
+
+} // namespace ash
+
+#endif // CHROME_BROWSER_ASH_EXO_CHROME_SECURITY_DELEGATE_H_
diff --git a/chrome/browser/ash/exo/chrome_security_delegate_unittest.cc b/chrome/browser/ash/exo/chrome_security_delegate_unittest.cc
new file mode 100644
index 0000000..c8c209e
--- /dev/null
+++ b/chrome/browser/ash/exo/chrome_security_delegate_unittest.cc
@@ -0,0 +1,47 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ash/exo/chrome_security_delegate.h"
+
+#include "ash/constants/app_types.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "ui/aura/client/aura_constants.h"
+#include "ui/aura/client/window_types.h"
+#include "ui/aura/test/test_window_delegate.h"
+#include "ui/aura/test/test_windows.h"
+#include "ui/aura/window.h"
+#include "ui/compositor/layer_type.h"
+#include "ui/gfx/geometry/rect.h"
+
+namespace ash {
+
+using ChromeSecurityDelegateTest = testing::Test;
+
+TEST_F(ChromeSecurityDelegateTest, CanLockPointer) {
+ auto security_delegate = std::make_unique<ChromeSecurityDelegate>();
+ aura::Window container_window(nullptr, aura::client::WINDOW_TYPE_NORMAL);
+ container_window.Init(ui::LAYER_NOT_DRAWN);
+ aura::test::TestWindowDelegate delegate;
+
+ // CanLockPointer should be allowed for arc and lacros, but not others.
+ aura::Window* arc_toplevel = aura::test::CreateTestWindowWithDelegate(
+ &delegate, 0, gfx::Rect(), &container_window);
+ arc_toplevel->SetProperty(aura::client::kAppType,
+ static_cast<int>(AppType::ARC_APP));
+ EXPECT_TRUE(security_delegate->CanLockPointer(arc_toplevel));
+
+ aura::Window* lacros_toplevel = aura::test::CreateTestWindowWithDelegate(
+ &delegate, 0, gfx::Rect(), &container_window);
+ lacros_toplevel->SetProperty(aura::client::kAppType,
+ static_cast<int>(AppType::LACROS));
+ EXPECT_TRUE(security_delegate->CanLockPointer(lacros_toplevel));
+
+ aura::Window* crostini_toplevel = aura::test::CreateTestWindowWithDelegate(
+ &delegate, 0, gfx::Rect(), &container_window);
+ crostini_toplevel->SetProperty(aura::client::kAppType,
+ static_cast<int>(AppType::CROSTINI_APP));
+ EXPECT_FALSE(security_delegate->CanLockPointer(crostini_toplevel));
+}
+
+} // namespace ash
diff --git a/chrome/browser/ash/guest_os/guest_os_security_delegate.h b/chrome/browser/ash/guest_os/guest_os_security_delegate.h
index cd48792..6408064 100644
--- a/chrome/browser/ash/guest_os/guest_os_security_delegate.h
+++ b/chrome/browser/ash/guest_os/guest_os_security_delegate.h
@@ -10,6 +10,7 @@
#include "base/files/scoped_file.h"
#include "base/functional/callback_forward.h"
#include "base/memory/weak_ptr.h"
+#include "chrome/browser/ash/exo/chrome_security_delegate.h"
#include "components/exo/security_delegate.h"
namespace exo {
@@ -19,7 +20,7 @@
namespace guest_os {
// This is a safer wrapper
-class GuestOsSecurityDelegate : public exo::SecurityDelegate {
+class GuestOsSecurityDelegate : public ash::ChromeSecurityDelegate {
public:
GuestOsSecurityDelegate();
diff --git a/chrome/browser/ash/guest_os/public/guest_os_wayland_server_unittest.cc b/chrome/browser/ash/guest_os/public/guest_os_wayland_server_unittest.cc
index d0bfc959..e45f2a1 100644
--- a/chrome/browser/ash/guest_os/public/guest_os_wayland_server_unittest.cc
+++ b/chrome/browser/ash/guest_os/public/guest_os_wayland_server_unittest.cc
@@ -53,8 +53,8 @@
} // namespace
TEST_F(GuestOsWaylandServerTest, BadSocketCausesFailure) {
- auto wsc = std::make_unique<exo::WaylandServerController>(nullptr, nullptr,
- nullptr, nullptr);
+ auto wsc = std::make_unique<exo::WaylandServerController>(
+ nullptr, nullptr, nullptr, nullptr, nullptr);
GuestOsWaylandServer gows(&profile_);
base::test::TestFuture<std::optional<std::string>> result_future;
@@ -63,8 +63,8 @@
}
TEST_F(GuestOsWaylandServerTest, NullDelegateCausesFailure) {
- auto wsc = std::make_unique<exo::WaylandServerController>(nullptr, nullptr,
- nullptr, nullptr);
+ auto wsc = std::make_unique<exo::WaylandServerController>(
+ nullptr, nullptr, nullptr, nullptr, nullptr);
GuestOsWaylandServer gows(&profile_);
exo::wayland::test::WaylandServerTestBase::ScopedTempSocket socket;
@@ -84,8 +84,8 @@
}
TEST_F(GuestOsWaylandServerTest, DelegateLifetimeManagedCorrectly) {
- auto wsc = std::make_unique<exo::WaylandServerController>(nullptr, nullptr,
- nullptr, nullptr);
+ auto wsc = std::make_unique<exo::WaylandServerController>(
+ nullptr, nullptr, nullptr, nullptr, nullptr);
GuestOsWaylandServer gows(&profile_);
exo::wayland::test::WaylandServerTestBase::ScopedTempSocket socket;
@@ -114,8 +114,8 @@
TEST_F(GuestOsWaylandServerTest, EvictServersOnConciergeCrash) {
ash::ConciergeClient::InitializeFake();
auto* concierge_client = ash::FakeConciergeClient::Get();
- auto wsc = std::make_unique<exo::WaylandServerController>(nullptr, nullptr,
- nullptr, nullptr);
+ auto wsc = std::make_unique<exo::WaylandServerController>(
+ nullptr, nullptr, nullptr, nullptr, nullptr);
GuestOsWaylandServer gows(&profile_);
exo::wayland::test::WaylandServerTestBase::ScopedTempSocket socket;
diff --git a/chrome/browser/exo_parts.cc b/chrome/browser/exo_parts.cc
index c4f721e..dafec1a 100644
--- a/chrome/browser/exo_parts.cc
+++ b/chrome/browser/exo_parts.cc
@@ -16,6 +16,7 @@
#include "base/command_line.h"
#include "base/memory/ptr_util.h"
#include "chrome/browser/ash/exo/chrome_data_exchange_delegate.h"
+#include "chrome/browser/ash/exo/chrome_security_delegate.h"
#include "components/exo/server/wayland_server_controller.h"
// static
@@ -38,6 +39,7 @@
: arc_overlay_manager_(std::make_unique<ash::ArcOverlayManager>()) {
wayland_server_ = exo::WaylandServerController::CreateIfNecessary(
std::make_unique<ash::ChromeDataExchangeDelegate>(),
+ std::make_unique<ash::ChromeSecurityDelegate>(),
std::make_unique<ash::ArcNotificationSurfaceManagerImpl>(),
std::make_unique<ash::ArcInputMethodSurfaceManager>(),
std::make_unique<ash::ArcToastSurfaceManager>());
diff --git a/components/exo/BUILD.gn b/components/exo/BUILD.gn
index d9e78d5..7725270 100644
--- a/components/exo/BUILD.gn
+++ b/components/exo/BUILD.gn
@@ -88,7 +88,6 @@
"seat.cc",
"seat.h",
"seat_observer.h",
- "security_delegate.cc",
"security_delegate.h",
"shared_memory.cc",
"shared_memory.h",
diff --git a/components/exo/pointer_unittest.cc b/components/exo/pointer_unittest.cc
index 13b0f6b5..51b4d1e 100644
--- a/components/exo/pointer_unittest.cc
+++ b/components/exo/pointer_unittest.cc
@@ -27,7 +27,6 @@
#include "components/exo/pointer_stylus_delegate.h"
#include "components/exo/relative_pointer_delegate.h"
#include "components/exo/seat.h"
-#include "components/exo/security_delegate.h"
#include "components/exo/shell_surface.h"
#include "components/exo/sub_surface.h"
#include "components/exo/surface.h"
@@ -1824,51 +1823,6 @@
pointer_.reset();
}
-TEST_P(PointerConstraintTest, DefaultSecurityDeletegate) {
- auto default_security_delegate =
- SecurityDelegate::GetDefaultSecurityDelegate();
- auto shell_surface = test::ShellSurfaceBuilder({10, 10})
- .SetSecurityDelegate(default_security_delegate.get())
- .BuildShellSurface();
-
- auto* surface = shell_surface->surface_for_testing();
-
- focus_client_->FocusWindow(surface->window());
-
- MockPointerConstraintDelegate constraint_delegate;
-
- EXPECT_CALL(constraint_delegate, GetConstrainedSurface())
- .WillRepeatedly(testing::Return(surface));
-
- EXPECT_CALL(constraint_delegate, OnDefunct()).Times(1);
- EXPECT_FALSE(pointer_->ConstrainPointer(&constraint_delegate));
- ::testing::Mock::VerifyAndClearExpectations(&constraint_delegate);
-
- shell_surface->GetWidget()->GetNativeWindow()->SetProperty(
- aura::client::kAppType, static_cast<int>(ash::AppType::LACROS));
-
- EXPECT_CALL(constraint_delegate, GetConstrainedSurface())
- .WillRepeatedly(testing::Return(surface));
- EXPECT_CALL(constraint_delegate, OnDefunct()).Times(0);
- EXPECT_TRUE(pointer_->ConstrainPointer(&constraint_delegate));
-
- ::testing::Mock::VerifyAndClearExpectations(&constraint_delegate);
-
- EXPECT_CALL(constraint_delegate, GetConstrainedSurface())
- .WillRepeatedly(testing::Return(surface));
- shell_surface->GetWidget()->GetNativeWindow()->SetProperty(
- aura::client::kAppType, static_cast<int>(ash::AppType::ARC_APP));
- EXPECT_CALL(constraint_delegate, OnDefunct()).Times(0);
- EXPECT_TRUE(pointer_->ConstrainPointer(&constraint_delegate));
-
- ::testing::Mock::VerifyAndClearExpectations(&constraint_delegate);
-
- pointer_->OnPointerConstraintDelegateDestroying(&constraint_delegate);
- EXPECT_CALL(delegate_, OnPointerDestroying(pointer_.get()));
-
- pointer_.reset();
-}
-
TEST_P(PointerConstraintTest, NoPointerMotionEventWhenUnconstrainingPointer) {
testing::MockFunction<void(std::string check_point_name)> check;
{
diff --git a/components/exo/security_delegate.cc b/components/exo/security_delegate.cc
deleted file mode 100644
index 9cecc67..0000000
--- a/components/exo/security_delegate.cc
+++ /dev/null
@@ -1,69 +0,0 @@
-// Copyright 2021 The Chromium Authors
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "components/exo/security_delegate.h"
-
-#include <memory>
-#include <string>
-
-#include "ash/public/cpp/app_types_util.h"
-#include "components/exo/shell_surface_util.h"
-
-namespace exo {
-
-namespace {
-
-class DefaultSecurityDelegate : public SecurityDelegate {
- public:
- ~DefaultSecurityDelegate() override = default;
-
- // SecurityDelegate:
- bool CanLockPointer(aura::Window* toplevel) const override {
- // TODO(b/200896773): Move this out from exo's default security delegate
- // define in client's security delegates.
- return ash::IsArcWindow(toplevel) || ash::IsLacrosWindow(toplevel);
- }
-
- SetBoundsPolicy CanSetBounds(aura::Window* toplevel) const override {
- // TODO(b/200896773): Move into LacrosSecurityDelegate when it exists.
- if (ash::IsLacrosWindow(toplevel)) {
- return SetBoundsPolicy::DCHECK_IF_DECORATED;
- } else if (ash::IsArcWindow(toplevel)) {
- // TODO(b/285252684): Move into ArcSecurityDelegate when it exists.
- return SetBoundsPolicy::ADJUST_IF_DECORATED;
- } else {
- return SetBoundsPolicy::IGNORE;
- }
- }
-};
-
-} // namespace
-
-SecurityDelegate::~SecurityDelegate() = default;
-
-// static
-std::unique_ptr<SecurityDelegate>
-SecurityDelegate::GetDefaultSecurityDelegate() {
- return std::make_unique<DefaultSecurityDelegate>();
-}
-
-bool SecurityDelegate::CanSelfActivate(aura::Window* window) const {
- // TODO(b/233691818): The default should be "false", and clients should
- // override that if they need to self-activate.
- //
- // Unfortunately, several clients don't have their own SecurityDelegate yet,
- // so we will continue to use the old exo::Permissions stuff until they do.
- return HasPermissionToActivate(window);
-}
-
-bool SecurityDelegate::CanLockPointer(aura::Window* window) const {
- return false;
-}
-
-SecurityDelegate::SetBoundsPolicy SecurityDelegate::CanSetBounds(
- aura::Window* window) const {
- return SecurityDelegate::SetBoundsPolicy::IGNORE;
-}
-
-} // namespace exo
diff --git a/components/exo/security_delegate.h b/components/exo/security_delegate.h
index dd6cb0f6..1b118bb 100644
--- a/components/exo/security_delegate.h
+++ b/components/exo/security_delegate.h
@@ -40,22 +40,19 @@
ADJUST_IF_DECORATED,
};
- // Get a SecurityDelegate instance with all of the defaults.
- static std::unique_ptr<SecurityDelegate> GetDefaultSecurityDelegate();
-
- virtual ~SecurityDelegate();
+ virtual ~SecurityDelegate() {}
// "Self-activation" is a security sensitive windowing operation that is a
// common paradigm in X11. The need to self-activate is controlled
// per-subsystem, i.e. a product like ARC++ knows that its windows should be
// able to self activate, whereas Crostini knows they usually shouldn't.
- virtual bool CanSelfActivate(aura::Window* window) const;
+ virtual bool CanSelfActivate(aura::Window* window) const = 0;
// Called when a client made pointer lock request, defined in
// pointer-constraints-unstable-v1.xml extension protocol. True if the client
// can lock the location of the pointer and disable movement, or return false
// to reject the pointer lock request.
- virtual bool CanLockPointer(aura::Window* window) const;
+ virtual bool CanLockPointer(aura::Window* window) const = 0;
// Whether clients may set their own windows' bounds is a security-relevant
// policy decision.
@@ -63,7 +60,7 @@
// If server-side decoration is used, clients normally should not set their
// own window bounds, as they may not be able to compute them correctly
// (accounting for the size of the window decorations).
- virtual SetBoundsPolicy CanSetBounds(aura::Window* window) const;
+ virtual SetBoundsPolicy CanSetBounds(aura::Window* window) const = 0;
};
} // namespace exo
diff --git a/components/exo/server/wayland_server_controller.cc b/components/exo/server/wayland_server_controller.cc
index 145f5669..ed4914e 100644
--- a/components/exo/server/wayland_server_controller.cc
+++ b/components/exo/server/wayland_server_controller.cc
@@ -32,11 +32,12 @@
std::unique_ptr<WaylandServerController>
WaylandServerController::CreateIfNecessary(
std::unique_ptr<DataExchangeDelegate> data_exchange_delegate,
+ std::unique_ptr<SecurityDelegate> security_delegate,
std::unique_ptr<NotificationSurfaceManager> notification_surface_manager,
std::unique_ptr<InputMethodSurfaceManager> input_method_surface_manager,
std::unique_ptr<ToastSurfaceManager> toast_surface_manager) {
return std::make_unique<WaylandServerController>(
- std::move(data_exchange_delegate),
+ std::move(data_exchange_delegate), std::move(security_delegate),
std::move(notification_surface_manager),
std::move(input_method_surface_manager),
std::move(toast_surface_manager));
@@ -74,6 +75,7 @@
WaylandServerController::WaylandServerController(
std::unique_ptr<DataExchangeDelegate> data_exchange_delegate,
+ std::unique_ptr<SecurityDelegate> security_delegate,
std::unique_ptr<NotificationSurfaceManager> notification_surface_manager,
std::unique_ptr<InputMethodSurfaceManager> input_method_surface_manager,
std::unique_ptr<ToastSurfaceManager> toast_surface_manager)
@@ -85,8 +87,8 @@
std::move(data_exchange_delegate))) {
DCHECK(!g_instance);
g_instance = this;
- default_server_ = wayland::Server::Create(
- display_.get(), SecurityDelegate::GetDefaultSecurityDelegate());
+ default_server_ =
+ wayland::Server::Create(display_.get(), std::move(security_delegate));
default_server_->StartWithDefaultPath(base::BindOnce([](bool success) {
DCHECK(success) << "Failed to start the default wayland server.";
}));
diff --git a/components/exo/server/wayland_server_controller.h b/components/exo/server/wayland_server_controller.h
index 8e5854c..3534d06 100644
--- a/components/exo/server/wayland_server_controller.h
+++ b/components/exo/server/wayland_server_controller.h
@@ -32,12 +32,14 @@
class WaylandServerController {
public:
static std::unique_ptr<WaylandServerController> CreateForArcIfNecessary(
- std::unique_ptr<DataExchangeDelegate> data_exchange_delegate);
+ std::unique_ptr<DataExchangeDelegate> data_exchange_delegate,
+ std::unique_ptr<SecurityDelegate> security_delegate);
// Creates WaylandServerController. Returns null if controller should not be
// created.
static std::unique_ptr<WaylandServerController> CreateIfNecessary(
std::unique_ptr<DataExchangeDelegate> data_exchange_delegate,
+ std::unique_ptr<SecurityDelegate> security_delegate,
std::unique_ptr<NotificationSurfaceManager> notification_surface_manager,
std::unique_ptr<InputMethodSurfaceManager> input_method_surface_manager,
std::unique_ptr<ToastSurfaceManager> toast_surface_manager);
@@ -60,6 +62,7 @@
WaylandServerController(
std::unique_ptr<DataExchangeDelegate> data_exchange_delegate,
+ std::unique_ptr<SecurityDelegate> security_delegate,
std::unique_ptr<NotificationSurfaceManager> notification_surface_manager,
std::unique_ptr<InputMethodSurfaceManager> input_method_surface_manager,
std::unique_ptr<ToastSurfaceManager> toast_surface_manager);
diff --git a/components/exo/server/wayland_server_controller_unittest.cc b/components/exo/server/wayland_server_controller_unittest.cc
index 59579c0..8d9a131 100644
--- a/components/exo/server/wayland_server_controller_unittest.cc
+++ b/components/exo/server/wayland_server_controller_unittest.cc
@@ -46,7 +46,7 @@
} // namespace
TEST_F(WaylandServerControllerTest, RequestServerByFd) {
- WaylandServerController wsc(nullptr, nullptr, nullptr, nullptr);
+ WaylandServerController wsc(nullptr, nullptr, nullptr, nullptr, nullptr);
ASSERT_EQ(WaylandServerController::Get(), &wsc);
wayland::test::WaylandServerTestBase::ScopedTempSocket sock;
@@ -76,7 +76,7 @@
}
TEST_F(WaylandServerControllerTest, RequestServerBadSocket) {
- WaylandServerController wsc(nullptr, nullptr, nullptr, nullptr);
+ WaylandServerController wsc(nullptr, nullptr, nullptr, nullptr, nullptr);
ASSERT_EQ(WaylandServerController::Get(), &wsc);
base::RunLoop loop;
diff --git a/components/exo/shell_surface_unittest.cc b/components/exo/shell_surface_unittest.cc
index dd67420..082cdf5b 100644
--- a/components/exo/shell_surface_unittest.cc
+++ b/components/exo/shell_surface_unittest.cc
@@ -34,7 +34,6 @@
#include "components/exo/buffer.h"
#include "components/exo/client_controlled_shell_surface.h"
#include "components/exo/permission.h"
-#include "components/exo/security_delegate.h"
#include "components/exo/shell_surface_util.h"
#include "components/exo/sub_surface.h"
#include "components/exo/surface.h"
@@ -1032,13 +1031,11 @@
TEST_F(ShellSurfaceTest, WidgetActivationLegacy) {
constexpr gfx::Size kBufferSize(64, 64);
- std::unique_ptr<SecurityDelegate> default_security_delegate =
- SecurityDelegate::GetDefaultSecurityDelegate();
+ auto security_delegate = std::make_unique<test::TestSecurityDelegate>();
- auto shell_surface1 =
- test::ShellSurfaceBuilder(kBufferSize)
- .SetSecurityDelegate(default_security_delegate.get())
- .BuildShellSurface();
+ auto shell_surface1 = test::ShellSurfaceBuilder(kBufferSize)
+ .SetSecurityDelegate(security_delegate.get())
+ .BuildShellSurface();
auto* surface1 = shell_surface1->root_surface();
// The window is active.
@@ -1046,10 +1043,9 @@
EXPECT_TRUE(widget1->IsActive());
// Create a second window.
- auto shell_surface2 =
- test::ShellSurfaceBuilder(kBufferSize)
- .SetSecurityDelegate(default_security_delegate.get())
- .BuildShellSurface();
+ auto shell_surface2 = test::ShellSurfaceBuilder(kBufferSize)
+ .SetSecurityDelegate(security_delegate.get())
+ .BuildShellSurface();
auto* surface2 = shell_surface2->root_surface();
// Now the second window is active.
diff --git a/components/exo/test/test_security_delegate.cc b/components/exo/test/test_security_delegate.cc
index 701c45b..c113561 100644
--- a/components/exo/test/test_security_delegate.cc
+++ b/components/exo/test/test_security_delegate.cc
@@ -6,12 +6,21 @@
#include "chromeos/ui/base/window_properties.h"
#include "components/exo/security_delegate.h"
+#include "components/exo/shell_surface_util.h"
#include "ui/aura/window.h"
namespace exo::test {
-bool TestSecurityDelegate::CanLockPointer(aura::Window* toplevel) const {
- return toplevel->GetProperty(chromeos::kUseOverviewToExitPointerLock);
+TestSecurityDelegate::TestSecurityDelegate() = default;
+
+TestSecurityDelegate::~TestSecurityDelegate() = default;
+
+bool TestSecurityDelegate::CanSelfActivate(aura::Window* window) const {
+ return HasPermissionToActivate(window);
+}
+
+bool TestSecurityDelegate::CanLockPointer(aura::Window* window) const {
+ return window->GetProperty(chromeos::kUseOverviewToExitPointerLock);
}
exo::SecurityDelegate::SetBoundsPolicy TestSecurityDelegate::CanSetBounds(
diff --git a/components/exo/test/test_security_delegate.h b/components/exo/test/test_security_delegate.h
index 09c68cd..54ae8c2 100644
--- a/components/exo/test/test_security_delegate.h
+++ b/components/exo/test/test_security_delegate.h
@@ -15,6 +15,13 @@
class TestSecurityDelegate : public SecurityDelegate {
public:
+ TestSecurityDelegate();
+ TestSecurityDelegate(const TestSecurityDelegate&) = delete;
+ TestSecurityDelegate& operator=(const TestSecurityDelegate&) = delete;
+ ~TestSecurityDelegate() override;
+
+ // SecurityDelegate:
+ bool CanSelfActivate(aura::Window* window) const override;
bool CanLockPointer(aura::Window* toplevel) const override;
SetBoundsPolicy CanSetBounds(aura::Window* window) const override;
diff --git a/components/exo/wayland/BUILD.gn b/components/exo/wayland/BUILD.gn
index 3561960..fbe3ef3e 100644
--- a/components/exo/wayland/BUILD.gn
+++ b/components/exo/wayland/BUILD.gn
@@ -681,6 +681,7 @@
"//cc:test_support",
"//chromeos/ash/components:test_support",
"//components/exo",
+ "//components/exo:test_support",
"//components/exo/wayland",
"//components/viz/test:test_support",
"//mojo/core/embedder",
diff --git a/components/exo/wayland/clients/test/wayland_client_test_helper.cc b/components/exo/wayland/clients/test/wayland_client_test_helper.cc
index e6f0b889..368c62cf 100644
--- a/components/exo/wayland/clients/test/wayland_client_test_helper.cc
+++ b/components/exo/wayland/clients/test/wayland_client_test_helper.cc
@@ -21,6 +21,7 @@
#include "components/exo/display.h"
#include "components/exo/input_method_surface_manager.h"
#include "components/exo/notification_surface_manager.h"
+#include "components/exo/test/test_security_delegate.h"
#include "components/exo/toast_surface_manager.h"
#include "components/exo/wayland/server.h"
#include "components/exo/wm_helper.h"
@@ -90,7 +91,9 @@
wm_helper_ = std::make_unique<WMHelper>();
display_ = std::make_unique<Display>(nullptr, nullptr, nullptr, nullptr);
- wayland_server_ = exo::wayland::Server::Create(display_.get());
+
+ wayland_server_ = exo::wayland::Server::Create(
+ display_.get(), std::make_unique<test::TestSecurityDelegate>());
DCHECK(wayland_server_);
wayland_server_->StartWithDefaultPath(base::BindOnce(
[](base::WaitableEvent* event, bool success) {
diff --git a/components/exo/wayland/fuzzer/harness_unittest.cc b/components/exo/wayland/fuzzer/harness_unittest.cc
index 1efc2bd..19664790 100644
--- a/components/exo/wayland/fuzzer/harness_unittest.cc
+++ b/components/exo/wayland/fuzzer/harness_unittest.cc
@@ -9,6 +9,7 @@
#include "base/time/time.h"
#include "components/exo/display.h"
#include "components/exo/test/exo_test_base.h"
+#include "components/exo/test/test_security_delegate.h"
#include "components/exo/wayland/fuzzer/actions.pb.h"
#include "components/exo/wayland/server.h"
@@ -32,7 +33,8 @@
1 /* overwrite */);
TestBase::SetUp();
display_ = std::make_unique<exo::Display>();
- server_ = wayland::Server::Create(display_.get());
+ server_ = wayland::Server::Create(
+ display_.get(), std::make_unique<test::TestSecurityDelegate>());
server_->StartWithDefaultPath(base::DoNothing());
}
diff --git a/components/exo/wayland/server.cc b/components/exo/wayland/server.cc
index 41d65dc..23baf45 100644
--- a/components/exo/wayland/server.cc
+++ b/components/exo/wayland/server.cc
@@ -414,11 +414,6 @@
}
// static
-std::unique_ptr<Server> Server::Create(Display* display) {
- return Create(display, SecurityDelegate::GetDefaultSecurityDelegate());
-}
-
-// static
std::unique_ptr<Server> Server::Create(
Display* display,
std::unique_ptr<SecurityDelegate> security_delegate) {
diff --git a/components/exo/wayland/server.h b/components/exo/wayland/server.h
index 76a05e8..e81d0fa 100644
--- a/components/exo/wayland/server.h
+++ b/components/exo/wayland/server.h
@@ -54,10 +54,6 @@
~Server() override;
- // Creates a Wayland display server that clients can connect to using the
- // default socket name.
- static std::unique_ptr<Server> Create(Display* display);
-
// As above, but with the given |security_delegate|.
static std::unique_ptr<Server> Create(
Display* display,
diff --git a/components/exo/wayland/server_unittest.cc b/components/exo/wayland/server_unittest.cc
index d48cf2f..8669915 100644
--- a/components/exo/wayland/server_unittest.cc
+++ b/components/exo/wayland/server_unittest.cc
@@ -20,7 +20,7 @@
#include "base/test/bind.h"
#include "base/threading/thread.h"
#include "components/exo/display.h"
-#include "components/exo/security_delegate.h"
+#include "components/exo/test/test_security_delegate.h"
#include "components/exo/wayland/server_util.h"
#include "components/exo/wayland/test/wayland_server_test.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -63,8 +63,8 @@
}
TEST_F(ServerTest, SecurityDelegateAssociation) {
- std::unique_ptr<SecurityDelegate> security_delegate =
- SecurityDelegate::GetDefaultSecurityDelegate();
+ auto security_delegate =
+ std::make_unique<::exo::test::TestSecurityDelegate>();
SecurityDelegate* security_delegate_ptr = security_delegate.get();
auto server = CreateServer(std::move(security_delegate));