namespace rpc_port {
namespace internal {
-AccessController::~AccessController() {}
-
-void AccessController::AddPrivilege(const std::string& privilege) {
- privileges_.push_back(privilege);
+void AccessController::AddPrivilege(std::string privilege) {
+ privileges_.push_back(std::move(privilege));
}
void AccessController::SetTrusted(const bool trusted) {
trusted_ = trusted;
}
-int AccessController::CheckPrivilege(Cynara& c) {
+int AccessController::CheckPrivilege(const Cynara& c) {
for (auto& privilege : privileges_) {
if (c.Check(privilege) != 0) {
return -1;
LOGD("CheckCertificate : %s :: %s", appid_.c_str(), sender_appid);
pkgmgrinfo_cert_compare_result_type_e res;
- int ret = pkgmgrinfo_pkginfo_compare_usr_app_cert_info(appid_.c_str(), sender_appid, getuid(), &res);
+ int ret = pkgmgrinfo_pkginfo_compare_usr_app_cert_info(appid_.c_str(),
+ sender_appid, getuid(), &res);
if (ret < 0) {
LOGE("CheckCertificate() Failed");
return -1;
}
if (res != PMINFO_CERT_COMPARE_MATCH) {
- LOGE("CheckCertificate() Failed : MESSAGE_PORT_ERROR_CERTIFICATE_NOT_MATCH");
+ LOGE("CheckCertificate() Failed : " \
+ "MESSAGE_PORT_ERROR_CERTIFICATE_NOT_MATCH");
return -1;
}
return -1;
}
-AccessController::Cynara::Cynara() {
- cynara_ = nullptr;
- client_ = nullptr;
- user_ = nullptr;
+AccessController::Cynara::Cynara()
+ : cynara_(nullptr, cynara_finish), client_(nullptr, std::free),
+ user_(nullptr, std::free) {
+ cynara* cynara_inst = nullptr;
- if (cynara_initialize(&cynara_, NULL) != CYNARA_API_SUCCESS) {
+ if (cynara_initialize(&cynara_inst, NULL) != CYNARA_API_SUCCESS) {
LOGE("cynara_initialize() is failed");
+ } else {
+ cynara_.reset(cynara_inst);
}
}
-AccessController::Cynara::~Cynara() {
- if (client_)
- free(client_);
- if (user_)
- free(user_);
- if (cynara_)
- cynara_finish(cynara_);
-}
-
-int AccessController::Cynara::FetchCredsFromDBus(GDBusConnection* connection, const char* sender) {
- int ret;
-
- if (client_) {
- free(client_);
- client_ = nullptr;
- }
-
- if (user_) {
- free(user_);
- user_ = nullptr;
- }
-
- ret = cynara_creds_gdbus_get_user(connection, sender, USER_METHOD_DEFAULT, &user_);
+int AccessController::Cynara::FetchCredsFromDBus(GDBusConnection* connection,
+ const char* sender) {
+ char* user = nullptr;
+ int ret = cynara_creds_gdbus_get_user(connection, sender, USER_METHOD_DEFAULT,
+ &user);
if (ret != CYNARA_API_SUCCESS) {
LOGE("cynara_creds_gdbus_get_user() is failed : %d", ret);
return -1;
}
+ user_.reset(user);
- ret = cynara_creds_gdbus_get_client(connection, sender, CLIENT_METHOD_DEFAULT, &client_);
+ char* client = nullptr;
+ ret = cynara_creds_gdbus_get_client(connection, sender, CLIENT_METHOD_DEFAULT,
+ &client);
if (ret != CYNARA_API_SUCCESS) {
LOGE("cynara_creds_gdbus_get_client() is failed : %d", ret);
return -1;
}
+ client_.reset(client);
- LOGD("cred client : %s, cred user : %s", client_, user_);
+ LOGD("cred client : %s, cred user : %s", client_.get(), user_.get());
return 0;
}
-int AccessController::Cynara::Check(const std::string& privilege) {
+int AccessController::Cynara::Check(const std::string& privilege) const {
LOGD("check privilege %s", privilege.c_str());
- if (cynara_check(cynara_, client_, "", user_, privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
- LOGD("cynara_check() is not allowed : %s", privilege.c_str());
+ if (cynara_check(cynara_.get(), client_.get(), "", user_.get(),
+ privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
+ LOGE("cynara_check() is not allowed : %s", privilege.c_str());
return -1;
}