4 * Copyright (c) 2014 Samsung Electronics Co., Ltd.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
20 #include <cynara-client.h>
21 #include <cynara-creds-socket.h>
22 #include <cynara-session.h>
23 #include <permission_checker.h>
24 #include <sensor_logs.h>
25 #include <sensor_loader.h>
26 #include <sensor_base.h>
28 static cynara *cynara_env = NULL;
30 static bool check_privilege_by_sockfd(int sock_fd, const char *priv)
32 retvm_if(cynara_env == NULL, false, "Cynara not initialized");
40 retvm_if(cynara_creds_socket_get_pid(sock_fd, &pid) != CYNARA_API_SUCCESS, false, "Getting PID failed");
42 if (cynara_creds_socket_get_client(sock_fd, CLIENT_METHOD_DEFAULT, &client) != CYNARA_API_SUCCESS ||
43 cynara_creds_socket_get_user(sock_fd, USER_METHOD_DEFAULT, &user) != CYNARA_API_SUCCESS ||
44 (session = cynara_session_from_pid(pid)) == NULL) {
45 ERR("Getting client info failed");
52 ret = cynara_check(cynara_env, client, session, user, priv);
58 return (ret == CYNARA_API_ACCESS_ALLOWED);
61 permission_checker::permission_checker()
67 permission_checker::~permission_checker()
72 permission_checker& permission_checker::get_instance()
74 static permission_checker inst;
78 void permission_checker::init()
80 m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_STANDARD, false, ""));
81 m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_BIO, true, "http://tizen.org/privilege/healthinfo"));
83 std::vector<sensor_base *> sensors;
84 sensors = sensor_loader::get_instance().get_sensors(ALL_SENSOR);
86 for (unsigned int i = 0; i < sensors.size(); ++i)
87 m_permission_set |= sensors[i]->get_permission();
89 INFO("Permission Set = %d", m_permission_set);
91 if (cynara_initialize(&cynara_env, NULL) != CYNARA_API_SUCCESS) {
93 ERR("Cynara initialization failed");
97 void permission_checker::deinit()
100 cynara_finish(cynara_env);
105 int permission_checker::get_permission(int sock_fd)
107 int permission = SENSOR_PERMISSION_NONE;
109 for (unsigned int i = 0; i < m_permission_infos.size(); ++i) {
110 if (!m_permission_infos[i]->need_to_check) {
111 permission |= m_permission_infos[i]->permission;
112 } else if (m_permission_set & m_permission_infos[i]->permission) {
113 if (check_privilege_by_sockfd(sock_fd, m_permission_infos[i]->privilege.c_str())) {
114 permission |= m_permission_infos[i]->permission;