projects / platform / framework / native / appfw.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge "Revert "Fix prevent defect for locales"" into devel_3.0_main
[platform/framework/native/appfw.git] / src / security / FSecAccessController.cpp
diff --git a/src/security/FSecAccessController.cpp b/src/security/FSecAccessController.cpp
index bd13693..19c15f1 100644 (file)
--- a/src/security/FSecAccessController.cpp
+++ b/src/security/FSecAccessController.cpp
@@ -1,5 +1,4 @@
 //
-// Open Service Platform
 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
 //
 // Licensed under the Apache License, Version 2.0 (the License);
@@ -133,7 +132,7 @@ AccessController::CheckPrivilege(int privilege)
 
        ClearLastResult();
 
-       SysTryReturnResult(NID_SEC, privilege < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
+       SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
 
        if (!isConstructed)
        {
@@ -173,6 +172,9 @@ AccessController::CheckPrivilege(int privilege)
                goto CATCH;
        }
 
+       r = _AccessController::CheckPrivacy(privilegeInfo.GetAppId(), static_cast< _Privilege >(privilege));
+       SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
+
        return r;
 
 CATCH:
@@ -227,6 +229,9 @@ AccessController::CheckPrivilege(const String& privilege)
                goto CATCH;
        }
 
+       r = _AccessController::CheckPrivacy(privilegeInfo.GetAppId(), privilege);
+       SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
+
        return r;
 
 CATCH:
@@ -248,13 +253,14 @@ AccessController::CheckPrivilege(const PackageId& packageId, const String& privi
        _PackageInfoImpl infoImpl;
        String appType;
        String webAppType(L"wgt");
+       String cAppType(L"rpm");
 
        r = _AccessController::CheckUserPrivilege(_PRV_PRIVILEGEMANAGER_READ);
        SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_PRIVILEGE_DENIED, "The application does not have the privilege to call this method.");
 
        packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
 
-       r = infoImpl.Construct(subAppId);
+       r = infoImpl.Construct(packageId);
        SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
 
        appType = infoImpl.GetAppType();
@@ -262,6 +268,13 @@ AccessController::CheckPrivilege(const PackageId& packageId, const String& privi
        {
                return E_SUCCESS;
        }
+       else if (appType.Equals(cAppType, true))
+       {
+               r = _AccessController::CheckPrivacy(packageId, privilege);
+               SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
+
+               return r;
+       }
 
        if (__pPrivilegeManager == null)
        {
@@ -294,6 +307,9 @@ AccessController::CheckPrivilege(const PackageId& packageId, const String& privi
                goto CATCH;
        }
 
+       r = _AccessController::CheckPrivacy(packageId, privilege);
+       SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
+
        return r;
 
 CATCH:
Domain: App Framework / Uncategorized;