2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the License);
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an AS IS BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <dbus-util.h>
20 #include <service-adaptor.h>
21 #include <service-adaptor-log.h>
23 /* Tizen 3.0 Privilege check with Cynara [--*/
24 #include <cynara-client.h>
25 #include <cynara-session.h>
26 #include <cynara-creds-gdbus.h>
27 static cynara *_cynara;
28 /* --] Tizen 3.0 Privilege check with Cynara */
32 * @param data Data to be fried
34 void free_string(gpointer data)
36 g_free((gchar *) data);
40 * Adds string into variant builder
41 * @param builder Builder
42 * @param data String to be added
44 void safe_g_variant_builder_add_string(GVariantBuilder *builder, const char *data)
47 g_variant_builder_add(builder, "s", "");
49 g_variant_builder_add(builder, "s", data);
53 void safe_g_variant_builder_add_array_string(GVariantBuilder *builder, const char *data)
56 g_variant_builder_add(builder, "(s)", "");
58 g_variant_builder_add(builder, "(s)", data);
62 char *ipc_g_variant_dup_string(GVariant *string)
64 char *ret = g_variant_dup_string(string, NULL);
66 if (0 == strcmp(ret, "")) {
78 cynara_configuration *p_conf;
79 size_t cache_size = 100;
81 if (CYNARA_API_SUCCESS != cynara_configuration_create(&p_conf)) {
82 service_adaptor_error("cynara_configuration_create() failed");
83 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
85 if (CYNARA_API_SUCCESS != cynara_configuration_set_cache_size(p_conf, cache_size)) {
86 service_adaptor_error("cynara_configuration_set_cache_size() failed");
87 cynara_configuration_destroy(p_conf);
88 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
91 ret = cynara_initialize(&_cynara, NULL);
93 if (CYNARA_API_SUCCESS != ret) {
94 service_adaptor_error("cynara_initialize() Fail(%d)", ret);
95 cynara_configuration_destroy(p_conf);
96 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
98 return SERVICE_ADAPTOR_INTERNAL_ERROR_NONE;
101 void sa_cynara_deinit()
104 cynara_finish(_cynara);
110 int sa_cynara_check(GDBusMethodInvocation *invocation, const char *privilege)
116 char *session = NULL;
117 const char *sender = NULL;
118 GDBusConnection *conn = NULL;
120 conn = g_dbus_method_invocation_get_connection(invocation);
122 service_adaptor_error("g_dbus_method_invocation_get_connection() return NULL");
123 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
126 sender = g_dbus_method_invocation_get_sender(invocation);
127 if (NULL == sender) {
128 service_adaptor_error("g_dbus_method_invocation_get_sender() return NULL");
129 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
132 ret = cynara_creds_gdbus_get_client(conn, sender, CLIENT_METHOD_SMACK, &client);
133 if (CYNARA_API_SUCCESS != ret) {
134 service_adaptor_error("cynara_creds_dbus_get_client() Fail(%d)", ret);
135 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
138 ret = cynara_creds_gdbus_get_user(conn, sender, USER_METHOD_UID, &user);
139 if (CYNARA_API_SUCCESS != ret) {
140 service_adaptor_error("cynara_creds_dbus_get_user() Fail(%d)", ret);
142 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
145 ret = cynara_creds_gdbus_get_pid(conn, sender, &pid);
146 if (CYNARA_API_SUCCESS != ret) {
147 service_adaptor_error("cynara_creds_gdbus_get_pid() Fail(%d)", ret);
150 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
153 session = cynara_session_from_pid(pid);
154 if (NULL == session) {
155 service_adaptor_error("cynara_session_from_pid() return NULL");
158 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
161 service_adaptor_debug("privilege: %s, user: %s, client: %s", privilege, user, client);
162 ret = cynara_check(_cynara, client, session, user, privilege);
163 if (CYNARA_API_ACCESS_DENIED == ret) {
164 service_adaptor_error("Denied (%s)", privilege);
168 return SERVICE_ADAPTOR_INTERNAL_ERROR_NOT_AUTHORIZED;
169 } else if (CYNARA_API_ACCESS_ALLOWED != ret) {
170 service_adaptor_error("cynara_check(%s) Fail(%d)", privilege, ret);
174 return SERVICE_ADAPTOR_INTERNAL_ERROR_ADAPTOR_INTERNAL;
181 return SERVICE_ADAPTOR_INTERNAL_ERROR_NONE;