/*
 * Copyright 2009, The Android Open Source Project
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *  * Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *  * Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef GeolocationPermissions_h
#define GeolocationPermissions_h

#include <PlatformString.h>
#include <Timer.h>
#include <wtf/HashMap.h>
#include <wtf/HashSet.h>
#include <wtf/RefCounted.h>
#include <wtf/Vector.h>
#include <wtf/text/StringHash.h>

namespace WebCore {
    class Frame;
    class Geolocation;
    class SQLiteDatabase;
}

namespace android {

    class WebViewCore;

    // The GeolocationPermissions class manages Geolocation permissions for the
    // browser. Permissions are managed on a per-origin basis, as required by
    // the Geolocation spec - http://dev.w3.org/geo/api/spec-source.html. An
    // origin specifies the scheme, host and port of particular frame.  An
    // origin is represented here as a string, using the output of
    // WebCore::SecurityOrigin::toString.
    //
    // Each instance handles permissions for a given main frame. The class
    // enforces the following policy.
    // - Non-remembered permissions last for the dureation of the main frame.
    // - Remembered permissions last indefinitely.
    // - All permissions are shared between child frames of a main frame.
    // - Only remembered permissions are shared between main frames.
    // - Remembered permissions are made available for use in the browser
    //   settings menu.
    class GeolocationPermissions : public RefCounted<GeolocationPermissions> {
      public:
        // Creates the GeolocationPermissions object to manage permissions for
        // the WebView.
        GeolocationPermissions(WebViewCore* webViewCore);
        virtual ~GeolocationPermissions();

        // Queries the permission state for the specified frame. If the
        // permission state has not yet been set, prompts the user. Once the
        // permission state has been determined, asynchronously calls back to
        // the Geolocation objects in all frames in this WebView that are from
        // the same origin as the requesting frame.
        void queryPermissionState(WebCore::Frame* frame);
        void cancelPermissionStateQuery(WebCore::Frame*);

        // Provides this object with a permission state set by the user. The
        // permission is specified by 'allow' and applied to 'origin'. If
        // 'remember' is set, the permission state is remembered permanently.
        // The new permission state is recorded and will trigger callbacks to
        // geolocation objects as described above. If any other permission
        // requests are queued, the next is started.
        void providePermissionState(WTF::String origin, bool allow, bool remember);

        // Clears the temporary permission state and any pending requests. Used
        // when the main frame is refreshed or navigated to a new URL.
        void resetTemporaryPermissionStates();

        // Static methods for use from Java. These are used to interact with the
        // browser settings menu and to update the permanent permissions when
        // system settings are changed.
        // Gets the list of all origins for which permanent permissions are
        // recorded.
        typedef HashSet<WTF::String> OriginSet;
        static OriginSet getOrigins();
        // Gets whether the specified origin is allowed.
        static bool getAllowed(WTF::String origin);
        // Clears the permission state for the specified origin.
        static void clear(WTF::String origin);
        // Sets the permission state for the specified origin to allowed.
        static void allow(WTF::String origin);
        // Clears the permission state for all origins.
        static void clearAll();
        // Sets whether the GeolocationPermissions object should always deny
        // permission requests, irrespective of previously recorded permission
        // states.
        static void setAlwaysDeny(bool deny);

        static void setDatabasePath(WTF::String path);
        static bool openDatabase(WebCore::SQLiteDatabase*);

        // Saves the permanent permissions to the DB if required.
        static void maybeStorePermanentPermissions();

      private:
        // Records the permission state for the specified origin and whether
        // this should be remembered.
        void recordPermissionState(WTF::String origin, bool allow, bool remember);

        // Used to make an asynchronous callback to the Geolocation objects.
        void makeAsynchronousCallbackToGeolocation(WTF::String origin, bool allow);
        void timerFired(WebCore::Timer<GeolocationPermissions>* timer);

        // Calls back to the Geolocation objects in all frames from the
        // specified origin. There may be no such objects, as the frames using
        // Geolocation from the specified origin may no longer use Geolocation,
        // or may have been navigated to a different origin..
        void maybeCallbackFrames(WTF::String origin, bool allow);

        // Cancels pending permission requests for the specified origin in
        // other main frames (ie browser tabs). This is used when the user
        // specifies permission to be remembered.
        static void cancelPendingRequestsInOtherTabs(WTF::String origin);
        void cancelPendingRequests(WTF::String origin);

        static void maybeLoadPermanentPermissions();

        const WTF::String& nextOriginInQueue();

        WebViewCore* m_webViewCore;
        // A vector of the origins queued to make a permission request.
        // The first in the vector is the origin currently making the request.
        typedef Vector<WTF::String> OriginVector;
        OriginVector m_queuedOrigins;
        // A map from a queued origin to the set of frames that have requested
        // permission for that origin.
        typedef HashSet<WebCore::Frame*> FrameSet;
        typedef HashMap<WTF::String, FrameSet> OriginToFramesMap;
        OriginToFramesMap m_queuedOriginsToFramesMap;

        typedef WTF::HashMap<WTF::String, bool> PermissionsMap;
        PermissionsMap m_temporaryPermissions;
        static PermissionsMap s_permanentPermissions;

        typedef WTF::Vector<GeolocationPermissions*> GeolocationPermissionsVector;
        static GeolocationPermissionsVector s_instances;

        WebCore::Timer<GeolocationPermissions> m_timer;

        struct CallbackData {
            WTF::String origin;
            bool allow;
        };
        CallbackData m_callbackData;

        static bool s_alwaysDeny;

        static bool s_permanentPermissionsLoaded;
        static bool s_permanentPermissionsModified;
        static WTF::String s_databasePath;
    };

}  // namespace android

#endif