2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @file task_ace_check.cpp
18 * @author Pawel Sikorski (p.sikorski@samsung.com)
20 * @brief Implementation file for installer task ace check
25 #include <widget_install/task_ace_check.h>
26 #include <dpl/assert.h>
27 #include <dpl/log/log.h>
28 #include <ace-dao-rw/AceDAO.h>
29 #include <dpl/foreach.h>
31 #include <widget_install/widget_install_context.h>
32 #include <widget_install/widget_install_errors.h>
33 #include <widget_install/job_widget_install.h>
34 #include <security_controller.h>
36 #include <ace/PolicyResult.h>
37 #include <ace/Request.h>
38 #include <dpl/wrt-dao-rw/widget_dao.h>
41 namespace WidgetInstall {
43 TaskAceCheck::TaskAceCheck(InstallerContext& context) :
44 DPL::TaskDecl<TaskAceCheck>(this),
47 AddStep(&TaskAceCheck::StepPrepareForAce);
48 AddStep(&TaskAceCheck::StepAceCheck);
49 AddStep(&TaskAceCheck::StepProcessAceResponse);
50 AddStep(&TaskAceCheck::StepCheckAceResponse);
53 void TaskAceCheck::StepPrepareForAce()
55 Assert(!!m_context.widgetHandle);
56 m_context.featureLogic =
57 FeatureLogicPtr(new FeatureLogic(*m_context.widgetHandle));
58 m_context.job->UpdateProgress(
59 InstallerContext::INSTALL_ACE_PREPARE,
60 "Widget Access Control Check Prepared");
63 void TaskAceCheck::StepAceCheck()
66 LogInfo("StepAceCheck!");
67 // This widget does not use any device cap
68 if (m_context.featureLogic->isDone()) {
72 LogInfo("StepAceCheck!");
73 DPL::String deviceCap = m_context.featureLogic->getDevice();
75 LogInfo("StepAceCheck!");
77 Assert(!!m_context.widgetHandle);
78 Request *request = new Request(*m_context.widgetHandle,
79 WidgetExecutionPhase_WidgetInstall);
80 request->addDeviceCapability(DPL::ToUTF8String(deviceCap));
82 CONTROLLER_POST_EVENT(
84 SecurityControllerEvents::AuthorizeWidgetInstallEvent(
86 makeICDelegate(&TaskAceCheck::ProcessAceResponse)));
88 // PorcessAceResponse will Resume me.
89 m_context.job->Pause();
92 void TaskAceCheck::StepProcessAceResponse()
94 LogInfo("StepProcessAceResponse");
95 m_context.featureLogic->next();
97 // No device caps left to process
98 if (m_context.featureLogic->isDone()) {
99 LogInfo("All responses has been received from ACE.");
101 // Saving static dev cap permissions
102 FOREACH (cap, m_context.staticPermittedDevCaps) {
103 LogInfo("staticPermittedDevCaps : " << cap->first
104 << " smack: " << cap->second);
107 AceDB::AceDAO::setRequestedDevCaps(
108 *(m_context.widgetHandle),
109 m_context.staticPermittedDevCaps);
114 LogInfo("Next device cap.");
115 // Process next device cap
116 SwitchToStep(&TaskAceCheck::StepAceCheck);
119 void TaskAceCheck::StepCheckAceResponse()
121 LogInfo("Checking ACE response");
122 if (m_context.featureLogic->isRejected()) {
123 LogDebug("Installation failure. Some devCap was not accepted by ACE.");
124 ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
125 "Some deviceCap was not accepted by ACE.");
127 LogInfo("Updating \"feature reject status\" in database!");
128 auto it = m_context.featureLogic->resultBegin();
129 auto end = m_context.featureLogic->resultEnd();
130 for(;it != end; ++it){
131 LogInfo(" |- Feature: " << it->name << " has reject status: " << it->rejected);
133 WrtDB::WidgetDAO dao(*(m_context.widgetHandle));
134 dao.updateFeatureRejectStatus(*it);
137 LogInfo("Installation continues...");
139 m_context.job->UpdateProgress(
140 InstallerContext::INSTALL_ACE_CHECK,
141 "Widget Access Control Check Finished");
144 void TaskAceCheck::ProcessAceResponse(PolicyResult policyResult)
146 LogInfo("Received ACE response.");
148 DPL::String deviceCap = m_context.featureLogic->getDevice();
150 LogInfo("DevCap is : " << deviceCap);
151 LogInfo("PolicyResult is : " <<
152 PolicyResult::serialize(policyResult));
153 m_context.staticPermittedDevCaps.insert(std::make_pair(deviceCap,
154 policyResult == PolicyEffect::PERMIT));
156 m_context.featureLogic->setAceResponse(policyResult != PolicyEffect::DENY);
157 m_context.job->Resume();
160 } //namespace WidgetInstall