1 // Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
2 // Use of this source code is governed by an apache-2.0 license that can be
3 // found in the LICENSE file.
5 #include "common/step/step_privilege_compatibility.h"
7 #include <pkgmgrinfo_basic.h>
8 #include <security-manager.h>
15 #include "common/utils/glist_range.h"
19 const char kPlatformVersion[] = "3.0";
20 const char kPrivForPublic[] =
21 "http://tizen.org/privilege/internal/default/public";
22 const char kPrivForPartner[] =
23 "http://tizen.org/privilege/internal/default/partner";
24 const char kPrivForPlatform[] =
25 "http://tizen.org/privilege/internal/default/platform";
27 bool TranslatePrivilegesForCompatibility(manifest_x* m) {
28 if (!m->api_version) {
29 LOG(WARNING) << "Skipping privileges mapping because api-version "
30 << "is not specified by package";
33 if (strcmp(m->api_version, kPlatformVersion) == 0)
36 // No privileges to map
41 // prepare input structure
42 std::unique_ptr<const char*[]> input_privileges(
43 new const char*[g_list_length(m->privileges)]);
44 size_t input_size = 0;
45 for (const char* priv : GListRange<char*>(m->privileges)) {
46 input_privileges[input_size++] = priv;
50 size_t output_size = 0;
51 char** output_privileges = nullptr;
52 if (security_manager_get_privileges_mapping(m->api_version, kPlatformVersion,
53 input_privileges.get(), input_size, &output_privileges, &output_size)
54 != SECURITY_MANAGER_SUCCESS) {
55 LOG(ERROR) << "security_manager_get_privileges_mapping failed";
59 // set pkgmgr new list
60 g_list_free_full(m->privileges, free);
61 m->privileges = nullptr;
62 for (size_t i = 0; i < output_size; ++i) {
63 m->privileges = g_list_append(m->privileges, strdup(output_privileges[i]));
66 security_manager_privilege_mapping_free(output_privileges, output_size);
72 namespace common_installer {
75 Step::Status StepPrivilegeCompatibility::precheck() {
76 if (!context_->manifest_data.get()) {
77 LOG(ERROR) << "Manifest data is not set";
83 Step::Status StepPrivilegeCompatibility::process() {
84 // Add default privileges for each certificates level.
86 switch (context_->privilege_level.get()) {
87 case common_installer::PrivilegeLevel::PUBLIC:
88 context_->manifest_data.get()->privileges =
89 g_list_append(context_->manifest_data.get()->privileges,
90 strdup(kPrivForPublic));
92 case common_installer::PrivilegeLevel::PARTNER:
93 context_->manifest_data.get()->privileges =
94 g_list_append(context_->manifest_data.get()->privileges,
95 strdup(kPrivForPartner));
97 case common_installer::PrivilegeLevel::PLATFORM:
98 context_->manifest_data.get()->privileges =
99 g_list_append(context_->manifest_data.get()->privileges,
100 strdup(kPrivForPlatform));
103 // No default privileges for untrusted application.
107 LOG(ERROR) << "Error during adding default privileges for certificates.";
108 return Status::ERROR;
111 return TranslatePrivilegesForCompatibility(context_->manifest_data.get()) ?
112 Status::OK : Status::ERROR;
115 } // namespace security
116 } // namespace common_installer