Add default policy for user when creating it.

[platform/core/security/security-manager.git] / src / common / include / cynara.h

diff --git a/src/common/include/cynara.h b/src/common/include/cynara.h
index 254ab6c..b74a4ec 100644 (file)
--- a/src/common/include/cynara.h
+++ b/src/common/include/cynara.h
@@ -29,9 +29,24 @@
 #include <dpl/exception.h>
 #include <string>
 #include <vector>
+#include <map>
+
+#include "security-manager.h"
 
 namespace SecurityManager {
 
+enum class Bucket
+{
+    PRIVACY_MANAGER,
+    MAIN,
+    USER_TYPE_ADMIN,
+    USER_TYPE_NORMAL,
+    USER_TYPE_GUEST,
+    USER_TYPE_SYSTEM,
+    ADMIN,
+    MANIFESTS
+};
+
 class CynaraException
 {
 public:
@@ -71,6 +86,10 @@ struct CynaraAdminPolicy : cynara_admin_policy
 class CynaraAdmin
 {
 public:
+
+    typedef std::map<Bucket, const std::string > BucketsMap;
+    static BucketsMap Buckets;
+
     virtual ~CynaraAdmin();
 
     static CynaraAdmin &getInstance();
@@ -101,10 +120,21 @@ public:
      * TODO: drop oldPrivileges argument and get them directly from Cynara.
      * Appropriate Cynara interface is needed first.
      */
-    static void UpdatePackagePolicy(const std::string &label, const std::string &user,
+    void UpdateAppPolicy(const std::string &label, const std::string &user,
         const std::vector<std::string> &oldPrivileges,
         const std::vector<std::string> &newPrivileges);
 
+    /**
+     * Depending on user type, create link between MAIN bucket and appropriate
+     * USER_TYPE_* bucket for newly added user uid to apply permissions for that
+     * user type.
+     * @throws CynaraException::InvalidParam.
+     *
+     * @param uid new user uid
+     * @param userType type as enumerated in security-manager.h
+     */
+    void UserInit(uid_t uid, security_manager_user_type userType);
+
 private:
     CynaraAdmin();
     struct cynara_admin *m_CynaraAdmin;