1 <policy-set id="Tizen-Policy" combine="first-matching-target">
2 <policy id="Tizen-Policy-Plaform-API" description="Plaform API" combine="permit-overrides">
3 <!-- Plaform API. This is finger-print of -->
6 <subject-match attr="distributor-key-root-fingerprint" func="equal">
7 sha-1 B0:5F:40:43:71:1F:11:BC:9A:6A:62:FA:DA:92:54:79:92:16:11:DF
11 <subject-match attr="distributor-key-root-fingerprint" func="equal">
12 sha-1 2A:74:E8:CF:9E:0F:C3:D9:80:48:8B:E7:86:F7:83:49:91:11:E1:E0
15 <!-- Plaform API. This is finger-print of tizen-platform-class-developer-root.pem-->
17 <subject-match attr="distributor-key-root-fingerprint" func="equal">
18 sha-1 92:05:15:EE:A4:7A:EC:36:ED:41:9D:F8:F6:46:00:F4:A4:FB:16:74
21 <!-- Plaform API. This is finger-print of tizen-platform-class-root-authority.pem-->
23 <subject-match attr="distributor-key-root-fingerprint" func="equal">
24 sha-1 76:9F:5B:68:84:D0:21:92:5D:0C:1E:94:40:EC:D5:4E:21:2F:5A:43
29 <rule effect="permit">
30 <condition combine="or">
31 <resource-match attr="device-cap" func="equal" match="tizen" />
35 <rule effect="permit">
36 <condition combine="or">
37 <resource-match attr="device-cap" func="equal" match="alarm" />
41 <!-- access to application -->
42 <rule effect="permit">
43 <condition combine="or">
44 <resource-match attr="device-cap" func="equal" match="application.launch" />
45 <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
46 <resource-match attr="device-cap" func="equal" match="application.info" />
47 <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
51 <!-- access to vehicle -->
52 <rule effect="permit">
53 <condition combine="or">
54 <resource-match attr="device-cap" func="equal" match="vehicle" />
58 <!-- access to speech -->
59 <rule effect="permit">
60 <condition combine="or">
61 <resource-match attr="device-cap" func="equal" match="speech" />
65 <!-- access to bookmark -->
66 <rule effect="permit">
67 <condition combine="or">
68 <resource-match attr="device-cap" func="equal" match="bookmark.read" />
69 <resource-match attr="device-cap" func="equal" match="bookmark.write" />
73 <!-- access to package -->
74 <rule effect="permit">
75 <condition combine="or">
76 <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
77 <resource-match attr="device-cap" func="equal" match="package.info" />
81 <!-- access to bluetooth -->
82 <rule effect="permit">
83 <condition combine="or">
84 <resource-match attr="device-cap" func="equal" match="bluetoothmanager" />
85 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
86 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
87 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
88 <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
92 <!-- access to calendar -->
93 <rule effect="permit">
94 <condition combine="or">
95 <resource-match attr="device-cap" func="equal" match="calendar.read" />
96 <resource-match attr="device-cap" func="equal" match="calendar.write" />
100 <!-- access to call history -->
101 <rule effect="permit">
102 <condition combine="or">
103 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
104 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
108 <!-- access to contact -->
109 <rule effect="permit">
110 <condition combine="or">
111 <resource-match attr="device-cap" func="equal" match="contact.read" />
112 <resource-match attr="device-cap" func="equal" match="contact.write" />
116 <!-- access to content -->
117 <rule effect="permit">
118 <condition combine="or">
119 <resource-match attr="device-cap" func="equal" match="content.read" />
120 <resource-match attr="device-cap" func="equal" match="content.write" />
124 <rule effect="permit">
125 <condition combine="or">
126 <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
130 <!-- access to download feature -->
131 <rule effect="permit">
132 <condition combine="or">
133 <resource-match attr="device-cap" func="equal" match="download" />
137 <rule effect="permit">
138 <condition combine="or">
139 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
140 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
144 <rule effect="permit">
145 <condition combine="or">
146 <resource-match attr="device-cap" func="equal" match="messaging.read" />
147 <resource-match attr="device-cap" func="equal" match="messaging.write" />
149 <resource-match attr="device-cap" func="equal" match="messaging.send" />
153 <rule effect="permit">
154 <condition combine="or">
155 <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
159 <!-- access to NFC -->
160 <rule effect="permit">
161 <condition combine="or">
162 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
163 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
164 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
165 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
166 <resource-match attr="device-cap" func="equal" match="nfc.common" />
170 <rule effect="permit">
171 <condition combine="or">
172 <resource-match attr="device-cap" func="equal" match="notification" />
176 <!-- access to power feature -->
177 <rule effect="permit">
178 <condition combine="or">
179 <resource-match attr="device-cap" func="equal" match="power" />
183 <!-- access to datasync -->
184 <rule effect="permit">
185 <condition combine="or">
186 <resource-match attr="device-cap" func="equal" match="datasync" />
190 <!-- access to push feature -->
191 <rule effect="permit">
192 <condition combine="or">
193 <resource-match attr="device-cap" func="equal" match="push" />
197 <!-- access to system setting -->
198 <rule effect="permit">
199 <condition combine="or">
200 <resource-match attr="device-cap" func="equal" match="setting" />
204 <!-- access to systeminfo -->
205 <rule effect="permit">
206 <condition combine="or">
207 <resource-match attr="device-cap" func="equal" match="system.info" />
208 <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
212 <rule effect="permit">
213 <condition combine="or">
214 <resource-match attr="device-cap" func="equal" match="secureelement" />
215 <resource-match attr="device-cap" func="equal" match="se" />
219 <rule effect="permit">
220 <condition combine="or">
221 <resource-match attr="device-cap" func="equal" match="websetting" />
225 <rule effect="permit">
226 <condition combine="or">
227 <resource-match attr="device-cap" func="equal" match="testautomation" />
231 <!-- Belows will be removed -->
232 <!-- access to timeutil -->
233 <rule effect="permit">
234 <condition combine="or">
235 <resource-match attr="device-cap" func="equal" match="time" />
239 <rule effect="permit">
240 <condition combine="or">
241 <resource-match attr="device-cap" func="equal" match="log" />
245 <rule effect="permit">
246 <condition combine="or">
247 <resource-match attr="device-cap" func="equal" match="account.read" />
248 <resource-match attr="device-cap" func="equal" match="account.write" />
252 <rule effect="permit">
253 <condition combine="or">
254 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
258 <!-- access to external network -->
259 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
260 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
261 <rule effect="permit">
262 <condition combine="or">
263 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
264 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
268 <!-- access to external network on roaming status -->
270 <rule effect="permit">
271 <condition combine="and">
272 <condition combine="or">
273 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
274 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
276 <environment-match attr="roaming" match="true" />
281 <rule effect="deny" />
284 <policy id="Tizen-Policy-Partner-API" description="Partner API" combine="permit-overrides">
285 <!-- Partner API. This is finger-print of tizen-distributor-root-ca-partner.pem -->
288 <subject-match attr="distributor-key-root-fingerprint" func="equal">
289 sha-1 67:37:DE:B7:B9:9D:D2:DB:A5:2C:42:DE:CB:2F:2C:3E:33:97:E1:85
292 <!-- Partner API. This is finger-print of tizen-distributor-root-ca-partner.pem -->
294 <subject-match attr="distributor-key-root-fingerprint" func="equal">
295 sha-1 94:A1:ED:C3:2F:CB:FD:6A:EE:3E:7E:1A:53:F1:55:34:36:01:E9:3F
298 <!-- Partner API. This is finger-print of tizen-partner-class-developer-root.pem -->
300 <subject-match attr="distributor-key-root-fingerprint" func="equal">
301 sha-1 DE:F9:4F:17:12:3A:CD:0D:42:7B:A2:C8:95:42:67:2B:50:8F:B6:FF
306 <rule effect="permit">
307 <condition combine="or">
308 <resource-match attr="device-cap" func="equal" match="tizen" />
312 <rule effect="permit">
313 <condition combine="or">
314 <resource-match attr="device-cap" func="equal" match="alarm" />
318 <rule effect="permit">
319 <condition combine="or">
320 <resource-match attr="device-cap" func="equal" match="vehicle" />
324 <rule effect="permit">
325 <condition combine="or">
326 <resource-match attr="device-cap" func="equal" match="speech" />
330 <!-- access to application -->
331 <rule effect="permit">
332 <condition combine="or">
333 <resource-match attr="device-cap" func="equal" match="application.launch" />
334 <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
335 <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
336 <resource-match attr="device-cap" func="equal" match="application.info" />
340 <!-- access to package -->
341 <rule effect="permit">
342 <condition combine="or">
343 <resource-match attr="device-cap" func="equal" match="package.info" />
347 <!-- access to bluetooth -->
348 <rule effect="permit">
349 <condition combine="or">
350 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
351 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
352 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
353 <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
357 <!-- access to calendar -->
358 <rule effect="permit">
359 <condition combine="or">
360 <resource-match attr="device-cap" func="equal" match="calendar.read" />
361 <resource-match attr="device-cap" func="equal" match="calendar.write" />
365 <!-- access to call history -->
366 <rule effect="permit">
367 <condition combine="or">
368 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
369 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
373 <!-- access to contact -->
374 <rule effect="permit">
375 <condition combine="or">
376 <resource-match attr="device-cap" func="equal" match="contact.read" />
377 <resource-match attr="device-cap" func="equal" match="contact.write" />
381 <!-- access to content -->
382 <rule effect="permit">
383 <condition combine="or">
384 <resource-match attr="device-cap" func="equal" match="content.read" />
385 <resource-match attr="device-cap" func="equal" match="content.write" />
389 <rule effect="permit">
390 <condition combine="or">
391 <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
395 <!-- access to download feature -->
396 <rule effect="permit">
397 <condition combine="or">
398 <resource-match attr="device-cap" func="equal" match="download" />
402 <rule effect="permit">
403 <condition combine="or">
404 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
405 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
409 <rule effect="permit">
410 <condition combine="or">
411 <resource-match attr="device-cap" func="equal" match="messaging.read" />
412 <resource-match attr="device-cap" func="equal" match="messaging.write" />
414 <resource-match attr="device-cap" func="equal" match="messaging.send" />
418 <rule effect="permit">
419 <condition combine="or">
420 <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
424 <!-- access to NFC -->
425 <rule effect="permit">
426 <condition combine="or">
427 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
428 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
429 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
430 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
431 <resource-match attr="device-cap" func="equal" match="nfc.common" />
435 <rule effect="permit">
436 <condition combine="or">
437 <resource-match attr="device-cap" func="equal" match="notification" />
441 <!-- access to power feature -->
442 <rule effect="permit">
443 <condition combine="or">
444 <resource-match attr="device-cap" func="equal" match="power" />
448 <!-- access to datasync -->
449 <rule effect="permit">
450 <condition combine="or">
451 <resource-match attr="device-cap" func="equal" match="datasync" />
455 <!-- access to push feature -->
456 <rule effect="permit">
457 <condition combine="or">
458 <resource-match attr="device-cap" func="equal" match="push" />
462 <!-- access to system setting -->
463 <rule effect="permit">
464 <condition combine="or">
465 <resource-match attr="device-cap" func="equal" match="setting" />
469 <!-- access to systeminfo -->
470 <rule effect="permit">
471 <condition combine="or">
472 <resource-match attr="device-cap" func="equal" match="system.info" />
473 <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
477 <rule effect="permit">
478 <condition combine="or">
479 <resource-match attr="device-cap" func="equal" match="secureelement" />
480 <resource-match attr="device-cap" func="equal" match="se" />
484 <rule effect="permit">
485 <condition combine="or">
486 <resource-match attr="device-cap" func="equal" match="websetting" />
490 <!-- Belows will be removed -->
491 <!-- access to timeutil -->
492 <rule effect="permit">
493 <condition combine="or">
494 <resource-match attr="device-cap" func="equal" match="time" />
498 <rule effect="permit">
499 <condition combine="or">
500 <resource-match attr="device-cap" func="equal" match="log" />
504 <rule effect="permit">
505 <condition combine="or">
506 <resource-match attr="device-cap" func="equal" match="account.read" />
507 <resource-match attr="device-cap" func="equal" match="account.write" />
511 <rule effect="permit">
512 <condition combine="or">
513 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
517 <!-- access to external network -->
518 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
519 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
520 <rule effect="permit">
521 <condition combine="or">
522 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
523 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
527 <!-- access to external network on roaming status -->
529 <rule effect="permit">
530 <condition combine="and">
531 <condition combine="or">
532 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
533 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
535 <environment-match attr="roaming" match="true" />
540 <rule effect="deny" />
543 <policy id="Tizen-Policy-Public-API" description="Public API" combine="permit-overrides">
545 <!-- Plaform API. This is finger-print of tizen-distributor-root-ca-public.pem-->
547 <subject-match attr="distributor-key-root-fingerprint" func="equal">
548 sha-1 04:C5:A6:1D:75:BB:F5:5C:0F:A2:66:F6:09:4D:9B:2B:5F:3B:44:AE
551 <!-- Plaform API. This is finger-print of tizen-public-class-root-authority.pem-->
553 <subject-match attr="distributor-key-root-fingerprint" func="equal">
554 sha-1 A1:3F:15:2E:93:EB:80:36:F5:E0:BD:DA:8E:A5:4B:38:8A:6A:EB:E6
558 <subject-match attr="distributor-key-root-fingerprint" func="equal">
559 sha-1 5A:C1:18:AC:6E:C7:EA:27:59:7D:5F:5A:1D:19:85:3D:A2:95:D5:18
564 <rule effect="permit">
565 <condition combine="or">
566 <resource-match attr="device-cap" func="equal" match="tizen" />
570 <rule effect="permit">
571 <condition combine="or">
572 <resource-match attr="device-cap" func="equal" match="alarm" />
576 <rule effect="permit">
577 <condition combine="or">
578 <resource-match attr="device-cap" func="equal" match="vehicle" />
582 <rule effect="permit">
583 <condition combine="or">
584 <resource-match attr="device-cap" func="equal" match="speech" />
588 <!-- access to application -->
589 <rule effect="permit">
590 <condition combine="or">
591 <resource-match attr="device-cap" func="equal" match="application.launch" />
592 <resource-match attr="device-cap" func="equal" match="application.info" />
596 <!-- access to package -->
597 <rule effect="permit">
598 <condition combine="or">
599 <resource-match attr="device-cap" func="equal" match="package.info" />
603 <!-- access to bluetooth -->
604 <rule effect="permit">
605 <condition combine="or">
606 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
607 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
608 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
609 <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
613 <!-- access to calendar -->
614 <rule effect="permit">
615 <condition combine="or">
616 <resource-match attr="device-cap" func="equal" match="calendar.read" />
617 <resource-match attr="device-cap" func="equal" match="calendar.write" />
621 <!-- access to call history -->
622 <rule effect="permit">
623 <condition combine="or">
624 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
625 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
629 <!-- access to contact -->
630 <rule effect="permit">
631 <condition combine="or">
632 <resource-match attr="device-cap" func="equal" match="contact.read" />
633 <resource-match attr="device-cap" func="equal" match="contact.write" />
637 <!-- access to content -->
638 <rule effect="permit">
639 <condition combine="or">
640 <resource-match attr="device-cap" func="equal" match="content.read" />
641 <resource-match attr="device-cap" func="equal" match="content.write" />
645 <!-- access to download feature -->
646 <rule effect="permit">
647 <condition combine="or">
648 <resource-match attr="device-cap" func="equal" match="download" />
652 <rule effect="permit">
653 <condition combine="or">
654 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
655 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
659 <rule effect="permit">
660 <condition combine="or">
661 <resource-match attr="device-cap" func="equal" match="messaging.read" />
662 <resource-match attr="device-cap" func="equal" match="messaging.write" />
664 <resource-match attr="device-cap" func="equal" match="messaging.send" />
668 <!-- access to NFC -->
669 <rule effect="permit">
670 <condition combine="or">
671 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
672 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
673 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
674 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
675 <resource-match attr="device-cap" func="equal" match="nfc.common" />
679 <rule effect="permit">
680 <condition combine="or">
681 <resource-match attr="device-cap" func="equal" match="notification" />
685 <!-- access to power feature -->
686 <rule effect="permit">
687 <condition combine="or">
688 <resource-match attr="device-cap" func="equal" match="power" />
692 <!-- access to datasync -->
693 <rule effect="permit">
694 <condition combine="or">
695 <resource-match attr="device-cap" func="equal" match="datasync" />
699 <!-- access to push feature -->
700 <rule effect="permit">
701 <condition combine="or">
702 <resource-match attr="device-cap" func="equal" match="push" />
706 <!-- access to system setting -->
707 <rule effect="permit">
708 <condition combine="or">
709 <resource-match attr="device-cap" func="equal" match="setting" />
713 <!-- access to systeminfo -->
714 <rule effect="permit">
715 <condition combine="or">
716 <resource-match attr="device-cap" func="equal" match="system.info" />
720 <rule effect="permit">
721 <condition combine="or">
722 <resource-match attr="device-cap" func="equal" match="secureelement" />
723 <resource-match attr="device-cap" func="equal" match="se" />
727 <rule effect="permit">
728 <condition combine="or">
729 <resource-match attr="device-cap" func="equal" match="websetting" />
733 <!-- Belows will be removed -->
734 <!-- access to timeutil -->
735 <rule effect="permit">
736 <condition combine="or">
737 <resource-match attr="device-cap" func="equal" match="time" />
741 <rule effect="permit">
742 <condition combine="or">
743 <resource-match attr="device-cap" func="equal" match="log" />
747 <rule effect="permit">
748 <condition combine="or">
749 <resource-match attr="device-cap" func="equal" match="account.read" />
750 <resource-match attr="device-cap" func="equal" match="account.write" />
754 <rule effect="permit">
755 <condition combine="or">
756 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
760 <!-- access to external network -->
761 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
762 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
763 <rule effect="permit">
764 <condition combine="or">
765 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
766 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
770 <!-- access to external network on roaming status -->
772 <rule effect="permit">
773 <condition combine="and">
774 <condition combine="or">
775 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
776 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
778 <environment-match attr="roaming" match="true" />
783 <rule effect="deny" />
786 <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
787 <!-- Specific Untrusted Policy for Tizen -->
789 <rule effect="permit">
790 <condition combine="or">
791 <resource-match attr="device-cap" func="equal" match="tizen" />
795 <rule effect="permit">
796 <condition combine="or">
797 <resource-match attr="device-cap" func="equal" match="alarm" />
801 <rule effect="permit">
802 <condition combine="or">
803 <resource-match attr="device-cap" func="equal" match="vehicle" />
807 <rule effect="permit">
808 <condition combine="or">
809 <resource-match attr="device-cap" func="equal" match="speech" />
813 <!-- access to application -->
814 <rule effect="permit">
815 <condition combine="or">
816 <resource-match attr="device-cap" func="equal" match="application.launch" />
817 <resource-match attr="device-cap" func="equal" match="application.info" />
821 <!-- access to package -->
822 <rule effect="permit">
823 <condition combine="or">
824 <!-- packagemanager.install (platform) -->
825 <!--<resource-match attr="device-cap" func="equal" match="packagemanager.install" />-->
826 <resource-match attr="device-cap" func="equal" match="package.info" />
830 <!-- access to bluetooth -->
831 <rule effect="permit">
832 <condition combine="or">
833 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
834 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
835 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
836 <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
840 <!-- access to calendar -->
841 <rule effect="permit">
842 <condition combine="or">
843 <resource-match attr="device-cap" func="equal" match="calendar.read" />
844 <resource-match attr="device-cap" func="equal" match="calendar.write" />
848 <!-- access to call history -->
849 <rule effect="permit">
850 <condition combine="or">
851 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
852 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
856 <!-- access to contact -->
857 <rule effect="permit">
858 <condition combine="or">
859 <resource-match attr="device-cap" func="equal" match="contact.read" />
860 <resource-match attr="device-cap" func="equal" match="contact.write" />
864 <!-- access to content -->
865 <rule effect="permit">
866 <condition combine="or">
867 <resource-match attr="device-cap" func="equal" match="content.read" />
868 <resource-match attr="device-cap" func="equal" match="content.write" />
872 <!-- access to download feature -->
873 <rule effect="permit">
874 <condition combine="or">
875 <resource-match attr="device-cap" func="equal" match="download" />
879 <rule effect="permit">
880 <condition combine="or">
881 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
882 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
886 <rule effect="permit">
887 <condition combine="or">
888 <resource-match attr="device-cap" func="equal" match="messaging.read" />
889 <resource-match attr="device-cap" func="equal" match="messaging.write" />
891 <resource-match attr="device-cap" func="equal" match="messaging.send" />
895 <!-- access to NFC -->
896 <rule effect="permit">
897 <condition combine="or">
898 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
899 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
900 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
901 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
902 <resource-match attr="device-cap" func="equal" match="nfc.common" />
906 <rule effect="permit">
907 <condition combine="or">
908 <resource-match attr="device-cap" func="equal" match="notification" />
912 <!-- access to power feature -->
913 <rule effect="permit">
914 <condition combine="or">
915 <resource-match attr="device-cap" func="equal" match="power" />
919 <!-- access to datasync -->
920 <rule effect="permit">
921 <condition combine="or">
922 <resource-match attr="device-cap" func="equal" match="datasync" />
926 <!-- access to push feature -->
927 <rule effect="permit">
928 <condition combine="or">
929 <resource-match attr="device-cap" func="equal" match="push" />
933 <!-- access to system setting -->
934 <rule effect="permit">
935 <condition combine="or">
936 <resource-match attr="device-cap" func="equal" match="setting" />
940 <!-- access to systeminfo -->
941 <rule effect="permit">
942 <condition combine="or">
943 <resource-match attr="device-cap" func="equal" match="system.info" />
947 <rule effect="permit">
948 <condition combine="or">
949 <resource-match attr="device-cap" func="equal" match="websetting" />
953 <!-- Belows will be removed -->
954 <!-- access to timeutil -->
955 <rule effect="permit">
956 <condition combine="or">
957 <resource-match attr="device-cap" func="equal" match="time" />
961 <rule effect="permit">
962 <condition combine="or">
963 <resource-match attr="device-cap" func="equal" match="log" />
967 <rule effect="permit">
968 <condition combine="or">
969 <resource-match attr="device-cap" func="equal" match="account.read" />
970 <resource-match attr="device-cap" func="equal" match="account.write" />
974 <rule effect="permit">
975 <condition combine="or">
976 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
980 <!-- access to external network -->
981 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
982 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
983 <rule effect="permit">
984 <condition combine="or">
985 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
986 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
990 <!-- access to external network on roaming status -->
992 <rule effect="permit">
993 <condition combine="and">
994 <condition combine="or">
995 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
996 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
998 <environment-match attr="roaming" match="true" />
1003 <rule effect="deny" />