Use RAII idiom

[platform/core/appfw/rpc-port.git] / src / ac-internal.h

/*
 * Copyright (c) 2017 Samsung Electronics Co., Ltd.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef AC_INTERNAL_H_
#define AC_INTERNAL_H_

#include <glib.h>
#include <gio/gio.h>
#include <glib-unix.h>
#include <cynara-client.h>

#include <string>
#include <vector>
#include <map>
#include <memory>

namespace rpc_port {
namespace internal {

class AccessController {
 public:
  explicit AccessController(bool trusted = false) : trusted_(trusted) {}

  void AddPrivilege(std::string privilege);
  void SetTrusted(const bool trusted);
  int Check(GDBusConnection *connection, const char *sender,
            const char* sender_appid);

 private:
  class Cynara {
   public:
     Cynara();

     int FetchCredsFromDBus(GDBusConnection *connection, const char *sender);
     int Check(const std::string& privilege) const;

   private:
     std::unique_ptr<cynara, decltype(cynara_finish)*> cynara_;
     std::unique_ptr<char, decltype(std::free)*> client_;
     std::unique_ptr<char, decltype(std::free)*> user_;
  };

  int SetCache(const std::string& sender);
  int CheckTrusted(const char *sender_appid);
  int CheckPrivilege(const Cynara& c);

 private:
  std::vector<std::string> privileges_;
  std::map<std::string, bool> cache_;
  bool trusted_;
  std::string appid_;
};

}  // namespace internal
}  // namespace rpc_port

#endif  // AC_INTERNAL_H_