2 * security-manager, database access
4 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Rafal Krypa <r.krypa@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
23 * @file privilege_db.h
24 * @author Krzysztof Sasiak <k.sasiak@samsung.com>
25 * @author Rafal Krypa <r.krypa@samsung.com>
26 * @author Zofia Abramowska <z.abramowska@samsung.com>
28 * @brief This file contains declaration of the API to privilges database.
37 #include <dpl/db/sql_connection.h>
38 #include <tzplatform_config.h>
40 #ifndef PRIVILEGE_DB_H_
41 #define PRIVILEGE_DB_H_
43 namespace SecurityManager {
45 const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
60 EGetPrivilegeMappings,
61 EInsertPrivilegeToMap,
62 EGetPrivilegesMappings,
63 EDeletePrivilegesToMap
68 * PrivilegeDb database class
74 * @exception DB::SqlConnection::Exception::IOError on problems with database access
77 PrivilegeDb(const std::string &path = std::string(PRIVILEGE_DB_PATH));
79 SecurityManager::DB::SqlConnection *mSqlConnection;
80 const std::map<StmtType, const char * const > Queries = {
81 { StmtType::EGetPkgPrivileges, "SELECT DISTINCT privilege_name FROM app_privilege_view WHERE pkg_name=? AND uid=? ORDER BY privilege_name"},
82 { StmtType::EGetAppPrivileges, "SELECT DISTINCT privilege_name FROM app_privilege_view WHERE app_name=? AND uid=? ORDER BY privilege_name"},
83 { StmtType::EAddApplication, "INSERT INTO app_pkg_view (app_name, pkg_name, uid) VALUES (?, ?, ?)" },
84 { StmtType::ERemoveApplication, "DELETE FROM app_pkg_view WHERE app_name=? AND uid=?" },
85 { StmtType::EAddAppPrivileges, "INSERT INTO app_privilege_view (app_name, uid, privilege_name) VALUES (?, ?, ?)" },
86 { StmtType::ERemoveAppPrivileges, "DELETE FROM app_privilege_view WHERE app_name=? AND uid=?" },
87 { StmtType::EPkgIdExists, "SELECT * FROM pkg WHERE name=?" },
88 { StmtType::EGetPkgId, " SELECT pkg_name FROM app_pkg_view WHERE app_name = ?" },
89 { StmtType::EGetPrivilegeGroups, " SELECT group_name FROM privilege_group_view WHERE privilege_name = ?" },
90 { StmtType::EGetUserApps, "SELECT name FROM app WHERE uid=?" },
91 { StmtType::EGetDefaultMappings, "SELECT DISTINCT privilege_mapping_name FROM privilege_mapping_view"
92 " WHERE version_from_name=? AND version_to_name=? AND privilege_name IS NULL"},
93 { StmtType::EGetAppsInPkg, " SELECT app_name FROM app_pkg_view WHERE pkg_name = ?" },
94 { StmtType::EGetPrivilegeMappings, " SELECT DISTINCT privilege_mapping_name FROM privilege_mapping_view"
95 " WHERE version_from_name=? AND version_to_name=? AND (privilege_name=? OR privilege_name IS NULL)"},
96 { StmtType::EInsertPrivilegeToMap, " INSERT INTO privilege_to_map(privilege_name) VALUES (?);"},
97 { StmtType::EGetPrivilegesMappings, "SELECT DISTINCT privilege_mapping_name FROM privilege_mapping_view"
98 " WHERE version_from_name=? AND version_to_name=?"
99 " AND privilege_name IN (SELECT privilege_name FROM privilege_to_map)"},
100 { StmtType::EDeletePrivilegesToMap, "DELETE FROM privilege_to_map"},
104 * Container for initialized DataCommands, prepared for binding.
106 std::vector<DB::SqlConnection::DataCommandAutoPtr> m_commands;
109 * Fills empty m_commands map with sql commands prepared for binding.
111 * Because the "sqlite3_prepare_v2" function takes many cpu cycles, the PrivilegeDb
112 * is optimized to call it only once for one query type.
113 * Designed to be used in the singleton contructor.
115 void initDataCommands();
118 * Return prepared query for given query type.
119 * The query will be reset before returning.
121 * @param queryType query identifier
122 * @return reference to prepared, reset query
124 DB::SqlConnection::DataCommandAutoPtr & getStatement(StmtType queryType);
127 * Check if pkgId is already registered in database
129 * @param pkgId - package identifier
130 * @exception DB::SqlConnection::Exception::InternalError on internal error
131 * @return true if pkgId exists in the database
134 bool PkgIdExists(const std::string &pkgId);
140 DECLARE_EXCEPTION_TYPE(SecurityManager::Exception, Base)
141 DECLARE_EXCEPTION_TYPE(Base, IOError)
142 DECLARE_EXCEPTION_TYPE(Base, InternalError)
147 static PrivilegeDb &getInstance();
151 * @exception DB::SqlConnection::Exception::InternalError on internal error
154 void BeginTransaction(void);
158 * @exception DB::SqlConnection::Exception::InternalError on internal error
161 void CommitTransaction(void);
164 * Rollback transaction
165 * @exception DB::SqlConnection::Exception::InternalError on internal error
168 void RollbackTransaction(void);
171 * Return package id associated with a given application id
173 * @param appId - application identifier
174 * @param[out] pkgId - return application's pkgId
175 * @return true is application exists, false otherwise
176 * @exception DB::SqlConnection::Exception::InternalError on internal error
178 bool GetAppPkgId(const std::string &appId, std::string &pkgId);
181 * Retrieve list of privileges assigned to a pkgId
183 * @param pkgId - package identifier
184 * @param uid - user identifier for whom privileges will be retrieved
185 * @param[out] currentPrivileges - list of current privileges assigned to pkgId
186 * @exception DB::SqlConnection::Exception::InternalError on internal error
188 void GetPkgPrivileges(const std::string &pkgId, uid_t uid,
189 std::vector<std::string> ¤tPrivilege);
192 * Retrieve list of privileges assigned to an appId
194 * @param appId - application identifier
195 * @param uid - user identifier for whom privileges will be retrieved
196 * @param[out] currentPrivileges - list of current privileges assigned to appId
197 * @exception DB::SqlConnection::Exception::InternalError on internal error
199 void GetAppPrivileges(const std::string &appId, uid_t uid,
200 std::vector<std::string> ¤tPrivileges);
203 * Add an application into the database
205 * @param appId - application identifier
206 * @param pkgId - package identifier
207 * @param uid - user identifier for whom application is going to be installed
208 * @exception DB::SqlConnection::Exception::InternalError on internal error
210 void AddApplication(const std::string &appId, const std::string &pkgId,
214 * Remove an application from the database
216 * @param appId - application identifier
217 * @param uid - user identifier whose application is going to be uninstalled
218 * @param[out] pkgIdIsNoMore - return info if pkgId is in the database
219 * @exception DB::SqlConnection::Exception::InternalError on internal error
221 void RemoveApplication(const std::string &appId, uid_t uid, bool &pkgIdIsNoMore);
224 * Remove privileges assigned to application
226 * @param appId - application identifier
227 * @param uid - user identifier for whom privileges will be removed
228 * @exception DB::SqlConnection::Exception::InternalError on internal error
230 void RemoveAppPrivileges(const std::string &appId, uid_t uid);
233 * Update privileges assigned to application
234 * To assure data integrity this method must be called inside db transaction.
236 * @param appId - application identifier
237 * @param uid - user identifier for whom privileges will be updated
238 * @param privileges - list of privileges to assign
239 * @exception DB::SqlConnection::Exception::InternalError on internal error
241 void UpdateAppPrivileges(const std::string &appId, uid_t uid,
242 const std::vector<std::string> &privileges);
245 * Retrieve list of group ids assigned to a privilege
247 * @param privilege - privilege identifier
248 * @param[out] grp_names - list of group names assigned to the privilege
249 * @exception DB::SqlConnection::Exception::InternalError on internal error
251 void GetPrivilegeGroups(const std::string &privilege,
252 std::vector<std::string> &grp_names);
255 * Retrieve list of apps assigned to user
257 * @param uid - user identifier
258 * @param[out] apps - list of apps assigned to user,
259 * this parameter do not need to be empty, but
260 * it is being overwritten during function call.
261 * @exception DB::SqlConnection::Exception::InternalError on internal error
263 void GetUserApps(uid_t uid, std::vector<std::string> &apps);
265 * Retrieve a list of all application ids for a package id
267 * @param pkgId - package id
268 * @param[out] appIds - list of application ids for the package id
269 * @exception DB::SqlConnection::Exception::InternalError on internal error
271 void GetAppIdsForPkgId (const std::string &pkgId,
272 std::vector<std::string> &appIds);
275 * Retrieve default mappings from one version to another
277 * @param version_from - version of privilege availability
278 * @param version_to - version of mappings availability
279 * @param[out] mappings - vector of privilege mappings
280 * @exception DB::SqlConnection::Exception::InternalError on internal error
282 void GetDefaultMapping(const std::string &version_from,
283 const std::string &version_to,
284 std::vector<std::string> &mappings);
286 * Retrieve privilege mappings from one version to another
288 * @param version_from - version of privilege availability
289 * @param version_to - version of mappings availability
290 * @param privilege - name of privilege to be mapped
291 * @param[out] mappings - vector of privilege mappings
292 * @exception DB::SqlConnection::Exception::InternalError on internal error
294 void GetPrivilegeMappings(const std::string &version_from,
295 const std::string &version_to,
296 const std::string &privilege,
297 std::vector<std::string> &mappings);
299 * Retrieve mappings of privilege set from one version to another
301 * @param version_from - version of privilege availability
302 * @param version_to - version of mappings availability
303 * @param privileges - vector of names of privileges to be mapped
304 * @param[out] mappings - vector of privileges mappings
305 * @exception DB::SqlConnection::Exception::InternalError on internal error
307 void GetPrivilegesMappings(const std::string &version_from,
308 const std::string &version_to,
309 const std::vector<std::string> &privileges,
310 std::vector<std::string> &mappings);
313 } //namespace SecurityManager
315 #endif // PRIVILEGE_DB_H_