File: system_media_capture_permissions_mac.mm

package info (click to toggle)
chromium 140.0.7339.127-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 6,192,880 kB
  • sloc: cpp: 35,093,808; ansic: 7,161,670; javascript: 4,199,694; python: 1,441,797; asm: 949,904; xml: 747,503; pascal: 187,748; perl: 88,691; sh: 88,248; objc: 79,953; sql: 52,714; cs: 44,599; fortran: 24,137; makefile: 22,114; tcl: 15,277; php: 13,980; yacc: 9,000; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (181 lines) | stat: -rw-r--r-- 6,369 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
 
// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome/browser/permissions/system/system_media_capture_permissions_mac.h"

#import <AVFoundation/AVFoundation.h>
#import <Cocoa/Cocoa.h>

#include "base/apple/foundation_util.h"
#include "base/apple/scoped_cftyperef.h"
#include "base/check.h"
#include "base/command_line.h"
#include "base/functional/callback.h"
#include "base/functional/callback_helpers.h"
#include "base/no_destructor.h"
#import "base/task/sequenced_task_runner.h"
#include "base/task/sequenced_task_runner.h"
#include "chrome/browser/permissions/system/media_authorization_wrapper_mac.h"
#include "media/base/media_switches.h"
#include "ui/base/cocoa/permissions_utils.h"

namespace system_permission_settings {

namespace {

std::optional<bool> g_is_screen_capture_allowed_for_testing = std::nullopt;

bool UsingFakeMediaDevices() {
  return base::CommandLine::ForCurrentProcess()->HasSwitch(
      switches::kUseFakeDeviceForMediaStream);
}

// Pointer to OS call wrapper that tests can set.
MediaAuthorizationWrapper* g_media_authorization_wrapper_for_tests = nullptr;

// Implementation of OS call wrapper that does the actual OS calls.
class MediaAuthorizationWrapperImpl final : public MediaAuthorizationWrapper {
 public:
  MediaAuthorizationWrapperImpl() = default;

  MediaAuthorizationWrapperImpl(const MediaAuthorizationWrapperImpl&) = delete;
  MediaAuthorizationWrapperImpl& operator=(
      const MediaAuthorizationWrapperImpl&) = delete;

  ~MediaAuthorizationWrapperImpl() override = default;

  AVAuthorizationStatus AuthorizationStatusForMediaType(
      AVMediaType media_type) override {
    return [AVCaptureDevice authorizationStatusForMediaType:media_type];
  }

  void RequestAccessForMediaType(AVMediaType media_type,
                                 base::OnceClosure callback) override {
    __block base::OnceClosure block_callback = std::move(callback);
    __block scoped_refptr<base::SequencedTaskRunner> requesting_thread =
        base::SequencedTaskRunner::GetCurrentDefault();
    [AVCaptureDevice requestAccessForMediaType:media_type
                             completionHandler:^(BOOL granted) {
                               requesting_thread->PostTask(
                                   FROM_HERE, std::move(block_callback));
                             }];
  }
};

MediaAuthorizationWrapper& GetMediaAuthorizationWrapper() {
  if (g_media_authorization_wrapper_for_tests) {
    return *g_media_authorization_wrapper_for_tests;
  }

  static base::NoDestructor<MediaAuthorizationWrapperImpl>
      media_authorization_wrapper;
  return *media_authorization_wrapper;
}

AVAuthorizationStatus MediaAuthorizationStatus(AVMediaType media_type) {
  return GetMediaAuthorizationWrapper().AuthorizationStatusForMediaType(
      media_type);
}

SystemPermission CheckSystemMediaCapturePermission(AVMediaType media_type) {
  if (UsingFakeMediaDevices()) {
    return SystemPermission::kAllowed;
  }

  AVAuthorizationStatus auth_status = MediaAuthorizationStatus(media_type);
  switch (auth_status) {
    case AVAuthorizationStatusNotDetermined:
      return SystemPermission::kNotDetermined;
    case AVAuthorizationStatusRestricted:
      return SystemPermission::kRestricted;
    case AVAuthorizationStatusDenied:
      return SystemPermission::kDenied;
    case AVAuthorizationStatusAuthorized:
      return SystemPermission::kAllowed;
    default:
      NOTREACHED();
  }
}

void RequestSystemMediaCapturePermission(AVMediaType media_type,
                                         base::OnceClosure callback) {
  if (UsingFakeMediaDevices()) {
    base::SequencedTaskRunner::GetCurrentDefault()->PostTask(
        FROM_HERE, std::move(callback));
    return;
  }

  GetMediaAuthorizationWrapper().RequestAccessForMediaType(media_type,
                                                           std::move(callback));
}

bool IsScreenCaptureAllowed() {
  if (g_is_screen_capture_allowed_for_testing) {
    return g_is_screen_capture_allowed_for_testing.value();
  }

  return ui::IsScreenCaptureAllowed();
}

}  // namespace

SystemPermission CheckSystemAudioCapturePermission() {
  return CheckSystemMediaCapturePermission(AVMediaTypeAudio);
}

SystemPermission CheckSystemVideoCapturePermission() {
  return CheckSystemMediaCapturePermission(AVMediaTypeVideo);
}

SystemPermission CheckSystemScreenCapturePermission() {
  return IsScreenCaptureAllowed() ? SystemPermission::kAllowed
                                  : SystemPermission::kDenied;
}

SystemPermission CheckSystemClipboardPermission() {
  // Check macOS system privacy settings for programmatic clipboard access using
  // the accessBehavior property available in macOS 15.4+. These settings only
  // affect programmatic access - direct user actions like ⌘V always work.

  if (@available(macOS 15.4, *)) {
    NSPasteboardAccessBehavior access_behavior =
        [NSPasteboard generalPasteboard].accessBehavior;

    switch (access_behavior) {
      case NSPasteboardAccessBehaviorAlwaysAllow:
        return SystemPermission::kAllowed;
      case NSPasteboardAccessBehaviorAlwaysDeny:
        return SystemPermission::kDenied;
      case NSPasteboardAccessBehaviorAsk:
        return SystemPermission::kNotDetermined;
      case NSPasteboardAccessBehaviorDefault:
        // Default behavior for the General pasteboard is to ask upon
        // programmatic access
        return SystemPermission::kNotDetermined;
    }
  } else {
    // The behavior of older macOS versions is effectively kAllowed.
    return SystemPermission::kAllowed;
  }
}

void RequestSystemAudioCapturePermission(base::OnceClosure callback) {
  RequestSystemMediaCapturePermission(AVMediaTypeAudio, std::move(callback));
}

void RequestSystemVideoCapturePermission(base::OnceClosure callback) {
  RequestSystemMediaCapturePermission(AVMediaTypeVideo, std::move(callback));
}

void SetMediaAuthorizationWrapperForTesting(
    MediaAuthorizationWrapper* wrapper) {
  CHECK(!g_media_authorization_wrapper_for_tests);
  g_media_authorization_wrapper_for_tests = wrapper;
}

void SetIsScreenCaptureAllowedForTesting(bool is_screen_capture_allowed) {
  g_is_screen_capture_allowed_for_testing = is_screen_capture_allowed;
}

}  // namespace system_permission_settings