2 * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
19 #include <cynara-client.h>
20 #include <cynara-session.h>
24 #include "rmi/manager.h"
25 #include "rmi/app-proxy.h"
26 #include "rmi/package-proxy.h"
28 using namespace std::placeholders;
32 const std::string KRATE_MANAGER_ADDRESS = "/tmp/.krate.sock";
34 std::unique_ptr<Krate::Manager> manager;
35 std::unique_ptr<Krate::AppProxy> appProxy;
36 std::unique_ptr<Krate::PackageProxy> packageProxy;
42 service.reset(new rmi::Service(KRATE_MANAGER_ADDRESS));
44 service->setPrivilegeChecker(std::bind(&Server::checkPeerPrivilege, this, _1, _2));
46 service->registerParametricMethod(this, "", (runtime::FileDescriptor)(Server::registerNotificationSubscriber)(std::string));
47 service->registerParametricMethod(this, "", (int)(Server::unregisterNotificationSubscriber)(std::string, int));
49 manager.reset(new Krate::Manager(*this));
50 appProxy.reset(new Krate::AppProxy(*this));
51 packageProxy.reset(new Krate::PackageProxy(*this));
60 // Prepare execution environment
64 void Server::terminate()
69 const std::string Server::getPeerPackageId() const
73 if (aul_app_get_pkgid_bypid_for_uid(getPeerPid(), pkgid, sizeof(pkgid), getPeerUid()) != AUL_R_OK) {
80 runtime::FileDescriptor Server::registerNotificationSubscriber(const std::string& name)
82 return runtime::FileDescriptor(service->subscribeNotification(name), true);
85 int Server::unregisterNotificationSubscriber(const std::string& name, int id)
87 return service->unsubscribeNotification(name, id);
90 bool Server::checkPeerPrivilege(const rmi::Credentials& cred, const std::string& privilege)
94 if (privilege.empty()) {
98 if (::cynara_initialize(&p_cynara, NULL) != CYNARA_API_SUCCESS) {
99 ERROR("Failure in cynara API");
103 if (::cynara_check(p_cynara, cred.security.c_str(), "",
104 std::to_string(cred.uid).c_str(),
105 privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
106 ::cynara_finish(p_cynara);
107 ERROR("Access denied: " + cred.security + " : " + privilege);
111 ::cynara_finish(p_cynara);