2 * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the License);
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an AS IS BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
22 #include <cynara-error.h>
23 #include <cynara-creds-gdbus.h>
25 #include "ac-internal.h"
31 #define LOG_TAG "RPC_PORT"
36 AccessController::~AccessController() {}
38 void AccessController::AddPrivilege(const std::string& privilege) {
39 privileges_.push_back(privilege);
42 int AccessController::CheckPrivilege(GDBusConnection *connection, const char* sender_appid) {
45 if (c.FetchCredsFromDBus(connection, sender_appid) != 0 )
48 for (auto& privilege : privileges_) {
49 if (c.Check(privilege) != 0) {
57 int AccessController::SetCache(const std::string& sender) {
61 AccessController::Cynara::Cynara() {
66 if (cynara_initialize(&cynara_, NULL) != CYNARA_API_SUCCESS) {
67 LOGE("cynara_initialize() is failed");
71 AccessController::Cynara::~Cynara() {
77 cynara_finish(cynara_);
80 int AccessController::Cynara::FetchCredsFromDBus(GDBusConnection *connection, const char *sender_appid) {
93 ret = cynara_creds_gdbus_get_user(connection, sender_appid, USER_METHOD_DEFAULT, &user_);
94 if (ret != CYNARA_API_SUCCESS) {
95 LOGE("cynara_creds_gdbus_get_user() is failed : %d", ret);
99 ret = cynara_creds_gdbus_get_client(connection, sender_appid, CLIENT_METHOD_DEFAULT, &client_);
100 if (ret != CYNARA_API_SUCCESS) {
101 LOGE("cynara_creds_gdbus_get_client() is failed : %d", ret);
105 LOGD("cred client : %s, cred user : %s", client_, user_);
109 int AccessController::Cynara::Check(const std::string& privilege) {
110 LOGD("check %s", privilege.c_str());
111 if (cynara_check(cynara_, client_, "", user_, privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
112 LOGE("cynara_check() is failed : %s", privilege.c_str());
119 } // namespace internal
120 } // namespace rpc_port