Prepare wrt to handle csp policy rules.

[platform/framework/web/wrt.git] / src / api_new / runnable_widget_object.cpp

/*
 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
 *
 *    Licensed under the Apache License, Version 2.0 (the "License");
 *    you may not use this file except in compliance with the License.
 *    You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing, software
 *    distributed under the License is distributed on an "AS IS" BASIS,
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *    See the License for the specific language governing permissions and
 *    limitations under the License.
 */
/**
 * @file    core_module.cpp
 * @author  Przemyslaw Ciezkowski (p.ciezkowski@samsung.com)
 * @version 1.0
 * @brief   File contains defitinions of RunnableWidgetObject implementation.
 */

#include <runnable_widget_object.h>
#include <privilege-control.h>
#include <dpl/exception.h>
#include <dpl/wrt-dao-ro/global_config.h>
#include <dpl/utils/wrt_global_settings.h>
#include <appcore-common.h>
#include <profiling_util.h>
#include <signal.h>
#include "webkit/bundles/plugin_module_support.h"
#include <dpl/wrt-dao-ro/widget_dao_read_only.h>
#include <runnable_widget_object_state.h>
#include <wrt_ocsp_api.h>
#include <popup-runner/PopupInvoker.h>
#include "ewk_context_manager.h"

#include "webkit_csp_support_mock.h"

namespace { //Anonymous
const std::string ACCESS_DENIED = _("IDS_BR_POP_ACCESS_DENIED");
const std::string ALREADY_RUNNING = _("IDS_BR_POP_ALREADY_RUNNING");
const std::string INVALID_LOCALE = _("IDS_IM_POP_INVALID_WIDGET_LOCALE");
const std::string STILL_AUTHORIZING = _("IDS_IM_POP_AUTHORIZING_ING_ATNT");
const unsigned int UID_ROOT = 0;
} // namespace anonymous

namespace WRT {
RunnableWidgetObject::RunnableWidgetObject(WidgetModelPtr &model) :
        m_widgetModel(model),
        m_view(ViewModule::createView())
{
    //set initial state of runnable object
    m_guardstate = std::shared_ptr<State::RunnableWidgetObjectState>(
            new State::InitialState(*this));
    // If current uid is 'root', change privilege to apps
    if (UID_ROOT == getuid()) {
        // Set privilege by tizen id
        // this code prevent that widget launch with "root" permission,
        // when developers launch by command in the shell
        set_privilege(DPL::ToUTF8String(m_widgetModel->TizenId).c_str());
    }
}

bool RunnableWidgetObject::CheckBeforeLaunch()
{
    State::StateChange change = m_guardstate->allowCheckBeforeLaunch();
    Assert(m_widgetModel);

#ifdef WRT_SMACK_ENABLED
    // TODO - this should be in the very first line of the process's main()
    // for security reasons; but for now it is easier to place here because
    // here the pkg name is already known; we don't struggle to move it
    // near the start of main() because we don't know yet if this will
    // stay in this process at all: it may be moved to AUL altogether
    set_process_config(DPL::ToUTF8String(widgetModel->TizenId).c_str());
#endif

    // Inform view controller about new widget model displaying
    ADD_PROFILING_POINT("OCSPCheck", "start");

    wrt_ocsp_widget_verification_status_t response;
    if (m_widgetModel->Type.Get().appType == WrtDB::APP_TYPE_WAC20) {
        wrt_ocsp_initialize();
        wrt_ocsp_verify_widget(WrtDB::WidgetDAOReadOnly::getHandle(
                                   m_widgetModel->TizenId), &response);
        wrt_ocsp_shutdown();
    } else {
        response = WRT_OCSP_WIDGET_VERIFICATION_STATUS_GOOD;
    }
    ADD_PROFILING_POINT("OCSPCheck", "stop");

    LogDebug("WRT OCSP response " << static_cast<int>(response));
    if (response == WRT_OCSP_WIDGET_VERIFICATION_STATUS_GOOD) {
        change.commit();
        return true;
    } else {
        if (!GlobalSettings::PopupsTestModeEnabled()) {
            Wrt::Popup::PopupInvoker().showInfo(
                _("IDS_IM_POP_WIDGET_REVOKED_TITLE"),
                _("IDS_IM_POP_WIDGET_REVOKED_ERROR"),
                _("IDS_IM_BUTTON_OK"));
        }
        return false;
    }
}

bool RunnableWidgetObject::PrepareView(const std::string &startUrl,
        Evas_Object *window, Ewk_Context* ewkContext)
{
    State::StateChange change = m_guardstate->allowPrepareView();
    if (!window) {
        return false;
    }

    std::string appId = DPL::ToUTF8String(m_widgetModel->TizenId);
    Try {
        if(!m_ewkContextManager) {
            m_ewkContextManager =
                EwkContextManager::create(appId, ewkContext, m_view);
        } else {
            if (ewkContext &&
                    ewkContext != m_ewkContextManager->getEwkContext())
            {
                m_ewkContextManager =
                    EwkContextManager::create(appId, ewkContext, m_view);
            }
        }
    } Catch (DPL::Exception) {
        LogError("Internal Error during create or initialize Ewk Context");
        return false;
    }

#ifdef CSP_ENABLED
    LogInfo("Setting CSP default policy");
    // setting CSP policy rules
    WKStringRef defaultPolicy = WKStringCreateWithUTF8CString("default-src ‘self’;");
    CSP_Rules rule;     // = new CSP_Rules;
    rule.default_src = OVERWRITE;
    rule.other_src = OVERWRITE;
    rule.sandbox = OVERWRITE;
    //trusted apps allow unsafe directives
    rule.allow_unsafe = true;

    if (0 != apply_csp(ewkContext, defaultPolicy, &rule, NULL))
        LogWarning("Failed to apply default csp policy");

    DPL::OptionalString policy = m_widgetModel->CspPolicy.Get();

    if (!(policy.IsNull()))
    {
        WrtDB::WidgetDAOReadOnly dao(m_widgetModel->TizenId);
        bool trusted = dao.isTrusted();

        LogDebug("CSP policy present in manifest: " << *policy);
        LogDebug("Widget trusted: " << trusted);

        //config file policy
        CSP_Rules manifest_rule;
        manifest_rule.default_src = trusted ? OVERWRITE : IGNORE;
        manifest_rule.other_src = SUM;
        manifest_rule.sandbox = SUM;
        //trusted apps allow unsafe directives
        manifest_rule.allow_unsafe = trusted;

        //merging algorithm for http/meta policy
        CSP_Rules http_rule;
        http_rule.default_src = INTERSECTION;
        http_rule.other_src = INTERSECTION;
        http_rule.sandbox = INTERSECTION;
        //trusted apps allow unsafe directives
        http_rule.allow_unsafe = trusted;

        LogDebug("Setting manifest and http/meta policy");
        if (0 != apply_csp(
            ewkContext,
            WKStringCreateWithUTF8CString(DPL::ToUTF8String(*policy).c_str()),
            &manifest_rule,
            &http_rule))
        {
            LogWarning("Failed to set manifest csp policy");
        }
    } else {
        LogDebug("Config CSP policy is not present");
    }
    LogInfo("CSP set.");
#endif
    ADD_PROFILING_POINT("view_logic_init", "start");
    Ewk_Context* context = m_ewkContextManager->getEwkContext();

    // plugin init
    PluginModuleSupport::init(context, DPL::ToUTF8String(m_widgetModel->TizenId));

    // view init
    if(!m_view->createWebView(context, window)) {
        return false;
    }
    m_view->prepareView(m_widgetModel.get(), startUrl);
    ADD_PROFILING_POINT("view_logic_init", "stop");

    change.commit();
    return true;
}

void RunnableWidgetObject::Show()
{
    State::StateChange change = m_guardstate->allowShow();

    m_view->showWidget();

    change.commit();
}

void RunnableWidgetObject::Hide()
{
    State::StateChange change = m_guardstate->allowHide();

    m_view->hideWidget();

    change.commit();
}

void RunnableWidgetObject::Suspend()
{
    LogDebug("Suspending widget");
    State::StateChange change = m_guardstate->allowSuspend();
    m_view->suspendWidget();

    change.commit();
}

void RunnableWidgetObject::Resume()
{
    LogDebug("Resuming widget");
    State::StateChange change = m_guardstate->allowResume();
    m_view->resumeWidget();

    change.commit();
}

void RunnableWidgetObject::Reset()
{
    LogDebug("Reseting widget");
    State::StateChange change = m_guardstate->allowReset();
    m_view->resetWidget();

    change.commit();
}

void RunnableWidgetObject::ReloadStartPage()
{
    m_view->reloadStartPage();
}

Evas_Object* RunnableWidgetObject::GetCurrentWebview()
{
    State::StateChange change = m_guardstate->allowGetCurrentWebview();

    Evas_Object* cww = m_view->getCurrentWebview();

    change.commit();
    return cww;
}

void RunnableWidgetObject::SetUserDelegates(const UserDelegatesPtr& cbs)
{
    State::StateChange change = m_guardstate->allowSetUserDelegates();
    m_view->setUserCallbacks(cbs);
    change.commit();
}

void RunnableWidgetObject::Backward()
{
    State::StateChange change = m_guardstate->allowBackward();
    m_view->backward();

    change.commit();
}

void RunnableWidgetObject::FireJavascriptEvent(int event, void* data)
{
    State::StateChange change = m_guardstate->allowFireJavascriptEvent();
    m_view->fireJavascriptEvent(event, data);

    change.commit();
}

void RunnableWidgetObject::setNewState(
    std::shared_ptr<State::RunnableWidgetObjectState> sptr)
{
    LogInfo("RunnableWidgetObject changes state to: " << sptr->toString());
    m_guardstate = sptr;
}

RunnableWidgetObject::~RunnableWidgetObject()
{
    LogDebug("");
    PluginModuleSupport::shutdown(m_ewkContextManager->getEwkContext());
}
} /* namespace WRT */