Using gdbus for IPC instead of com-core package

[platform/core/api/notification.git] / src / notification_permission.c
diff --git a/src/notification_permission.c b/src/notification_permission.c

index 5a0709d..ef472c6 100755 (executable)
--- a/src/notification_permission.c
+++ b/src/notification_permission.c
@@ -30,34 +30,66 @@
  #include <notification_debug.h>
  #include <notification_ipc.h>
  #include <notification_private.h>
+#include <notification_permission.h>
+#include <cynara-client.h>
  
  #define NOTIFICATION_DB_ACCESS_READ 0
  #define NOTIFICATION_DB_ACCESS_WRITE 1
+#define SMACK_LABEL_LEN 255
  
-#if 0
-int notification_permission_check_by_pid(const char *noti_pkgname, int pid, int access)
+int notification_check_permission()
  {
+       cynara *p_cynara;
+
+       int fd = 0;
         int ret = 0;
-       char pkgname[512 + 1] = { 0, };
-       bool preload = false;
-       package_manager_compare_result_type_e compare_result;
-
-       /* get pkgname by pid */
-       const char *pkgname = aul_app_get_pkgname_bypid(pid);
-       ret = aul_app_get_pkgname_bypid(pid, pkgname, sizeof(pkgname));
-       if (ret == AUL_R_OK) {
-               if (strcmp(pkgname, noti_pkgname) == 0)
-                       return NOTIFICATION_ERROR_NONE;
-
-               package_manager_is_preload_package_by_app_id(pkgname, &preload);
-               if (preload == true)
-                       return NOTIFICATION_ERROR_NONE;
-
-               package_manager_compare_package_cert_info(noti_pkgname, &compare_result);
-               if (compare_result == PACKAGE_MANAGER_COMPARE_MATCH)
-                       return NOTIFICATION_ERROR_NONE;
+       char subject_label[SMACK_LABEL_LEN + 1] = "";
+       char uid[10] = {0,};
+       char *client_session = "";
+
+       static bool checked_privilege = FALSE;
+
+       if (checked_privilege)
+               return NOTIFICATION_ERROR_NONE;
+
+       ret = cynara_initialize(&p_cynara, NULL);
+       if (ret != CYNARA_API_SUCCESS) {
+               LOGE("cannot init cynara [%d] failed!", ret);
+               ret = NOTIFICATION_ERROR_IO_ERROR;
+               goto out;
+       }
+
+       fd = open("/proc/self/attr/current", O_RDONLY);
+       if (fd < 0) {
+               LOGE("open [%d] failed!", errno);
+               ret = NOTIFICATION_ERROR_IO_ERROR;
+               goto out;
         }
  
-       return NOTIFICATION_ERROR_PERMISSION_DENIED;
+       ret = read(fd, subject_label, SMACK_LABEL_LEN);
+       if (ret < 0) {
+               LOGE("read [%d] failed!", errno);
+               close(fd);
+               ret = NOTIFICATION_ERROR_IO_ERROR;
+               goto out;
+       }
+       close(fd);
+
+       snprintf(uid, 10, "%d", getuid());
+       ret = cynara_check(p_cynara, subject_label, client_session, uid,
+                       "http://tizen.org/privilege/notification");
+       if (ret != CYNARA_API_ACCESS_ALLOWED) {
+               LOGE("cynara access check [%d] failed!", ret);
+               ret = NOTIFICATION_ERROR_PERMISSION_DENIED;
+               goto out;
+       }
+       ret = NOTIFICATION_ERROR_NONE;
+       checked_privilege = TRUE;
+out:
+
+       if (p_cynara)
+               cynara_finish(p_cynara);
+
+       return ret;
  }
-#endif
+