//
-// Open Service Platform
// Copyright (c) 2012 Samsung Electronics Co., Ltd.
//
// Licensed under the Apache License, Version 2.0 (the License);
#include <FBaseSysLog.h>
#include <FBaseString.h>
#include <FBaseColArrayList.h>
+#include <FBaseColArrayListT.h>
#include <FBase_StringConverter.h>
#include <FIoFile.h>
#include <FIo_IpcClient.h>
#include "FSec_PrivilegeManagerMessage.h"
#include "FSec_PrivilegeInfo.h"
-
using namespace Tizen::App;
using namespace Tizen::App::Package;
using namespace Tizen::Base;
using namespace Tizen::Base::Collection;
using namespace Tizen::Io;
-static _IpcClient ipcClient;
static bool isConstructed = false;
+static std::unique_ptr<_IpcClient> pIpcClient(null);
+static pthread_once_t onceBlock = PTHREAD_ONCE_INIT;
+static pthread_once_t ipcOnceBlock = PTHREAD_ONCE_INIT;
namespace Tizen { namespace Security
{
result
_AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege)
{
- result r = E_SUCCESS;
-
bool ret = false;
- std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null);
- String subAppId;
- _PackageInfoImpl infoImpl;
- String appType;
- String webAppType(L"wgt");
- SysTryReturnResult(NID_SEC, privilege < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
+ SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
+ String subAppId;
packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
- r = infoImpl.Construct(subAppId);
+ _PackageInfoImpl infoImpl;
+ result r = infoImpl.Construct(subAppId);
SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
- appType = infoImpl.GetAppType();
+ String webAppType(L"wgt");
+ String appType = infoImpl.GetAppType();
if (appType.Equals(webAppType, true))
{
return E_SUCCESS;
}
SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
- pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
+ std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
r = GetLastResult();
if (r == E_SUCCESS)
result
_AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege1, _Privilege privilege2)
{
- result r = E_SUCCESS;
-
bool ret = false;
- std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null);
- String subAppId;
- _PackageInfoImpl infoImpl;
- String appType;
- String webAppType(L"wgt");
- SysTryReturnResult(NID_SEC, privilege1 < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
- SysTryReturnResult(NID_SEC, privilege2 < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
+ SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
+ SysTryReturnResult(NID_SEC, (privilege2 >= 0) && (privilege2 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
+ String subAppId;
packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
- r = infoImpl.Construct(subAppId);
+ _PackageInfoImpl infoImpl;
+ result r = infoImpl.Construct(subAppId);
SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
- appType = infoImpl.GetAppType();
+ String webAppType(L"wgt");
+ String appType = infoImpl.GetAppType();
if (appType.Equals(webAppType, true))
{
return E_SUCCESS;
}
SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
- pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
+ std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
r = GetLastResult();
if (r == E_SUCCESS)
result
_AccessController::CheckPrivilege(const PackageId& packageId, const String& privilege)
{
- result r = E_SUCCESS;
-
bool ret = false;
- std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null);
- String subAppId;
- _PackageInfoImpl infoImpl;
- String appType;
- String webAppType(L"wgt");
+ String subAppId;
packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
- r = infoImpl.Construct(subAppId);
+ _PackageInfoImpl infoImpl;
+ result r = infoImpl.Construct(subAppId);
SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
- appType = infoImpl.GetAppType();
+ String webAppType(L"wgt");
+ String appType = infoImpl.GetAppType();
if (appType.Equals(webAppType, true))
{
return E_SUCCESS;
}
SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
- pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
+ std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
r = GetLastResult();
if (r == E_SUCCESS)
}
void
+_AccessController::InitIpcClient(void)
+{
+ std::unique_ptr<_IpcClient> pLocalIpcClient(new (std::nothrow) _IpcClient);
+ SysTryReturnVoidResult(NID_SEC, pLocalIpcClient != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
+
+ result r = pLocalIpcClient->Construct(L"osp.security.ipcserver.privilegemanager", null);
+ SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC.");
+
+ pIpcClient = std::move(pLocalIpcClient);
+ return;
+}
+
+void
_AccessController::Initialize(void)
{
result r = E_SUCCESS;
- result ipcResult = E_SUCCESS;
- std::unique_ptr<IPC::Message> pCipherPrivilegeMessage(null);
- std::unique_ptr<IPC::Message> pCipherVisibilityMessage(null);
-
- r = ipcClient.Construct(L"osp.security.ipcserver.privilegemanager", null);
- SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC.");
+ if (pIpcClient == null)
+ {
+ pthread_once(&ipcOnceBlock, InitIpcClient);
+ r = GetLastResult();
+ if (IsFailed(r))
+ {
+ ipcOnceBlock = PTHREAD_ONCE_INIT;
+ SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r));
+ return;
+ }
+ }
pEncryptedPrivileges.reset(new (std::nothrow) String());
SysTryReturnVoidResult(NID_SEC, pEncryptedPrivileges != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
pChecksum.reset(new (std::nothrow) String());
SysTryReturnVoidResult(NID_SEC, pChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
- pPrivilegeList.reset(new ArrayList());
- SysTryReturnVoidResult(NID_SEC, pPrivilegeList != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
+ std::unique_ptr< ArrayListT< String > > pPrivilegeListT(new ArrayListT< String >());
+ SysTryReturnVoidResult(NID_SEC, pPrivilegeListT != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
- pPrivilegeList->Construct();
+ pPrivilegeListT->Construct();
- pCipherPrivilegeMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeList.get(), &r));
+ std::unique_ptr<IPC::Message> pCipherPrivilegeMessage(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeListT.get(), &r));
SysTryReturnVoidResult(NID_SEC, pCipherPrivilegeMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
- ipcResult = ipcClient.SendRequest(pCipherPrivilegeMessage.get());
+ result ipcResult = pIpcClient->SendRequest(pCipherPrivilegeMessage.get());
SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message.");
SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information");
+ pPrivilegeList.reset(new ArrayList(SingleObjectDeleter));
+ SysTryReturnVoidResult(NID_SEC, pPrivilegeList != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
+ pPrivilegeList->Construct();
+
+ std::unique_ptr<IEnumeratorT< String > > pEnum(pPrivilegeListT->GetEnumeratorN());
+ while (pEnum->MoveNext() == E_SUCCESS)
+ {
+ String tempString;
+ pEnum->GetCurrent(tempString);
+ pPrivilegeList->Add(new String(tempString));
+ }
+ pPrivilegeListT->RemoveAll();
+
pEncryptedVisibility.reset(new (std::nothrow) String());
SysTryReturnVoidResult(NID_SEC, pEncryptedVisibility != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
pVisibilityChecksum.reset(new (std::nothrow) String());
SysTryReturnVoidResult(NID_SEC, pVisibilityChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
- pCipherVisibilityMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r));
+ std::unique_ptr<IPC::Message> pCipherVisibilityMessage(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r));
SysTryReturnVoidResult(NID_SEC, pCipherVisibilityMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
- ipcResult = ipcClient.SendRequest(pCipherVisibilityMessage.get());
+ ipcResult = pIpcClient->SendRequest(pCipherVisibilityMessage.get());
SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message.");
SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information");
isConstructed = true;
-
return;
}
_AccessController::CheckUserPrivilege(_Privilege privilege)
{
result r = E_SUCCESS;
- static pthread_once_t onceBlock = PTHREAD_ONCE_INIT;
-
bool ret = false;
-
_PrivilegeInfo privilegeInfo;
-
ClearLastResult();
- SysTryReturnResult(NID_SEC, privilege < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
- //SysAssertf(privilegeLevelListTable[privilege][_PRV_API_VER_2_0] == _PRV_LEVEL_USER, "System-level privilege is passed to CheckUserPrivilege.");
+ SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
int appType = _AppInfo::GetAppType();
PackageId packageId = _AppInfo::GetPackageId();
_AccessController::CheckUserPrivilege(_Privilege privilege1, _Privilege privilege2)
{
result r = E_SUCCESS;
- static pthread_once_t onceBlock = PTHREAD_ONCE_INIT;
-
bool ret = false;
-
_PrivilegeInfo privilegeInfo;
-
ClearLastResult();
- SysTryReturnResult(NID_SEC, privilege1 < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
- SysTryReturnResult(NID_SEC, privilege2 < _MAX_PRIVILEGE_ENUM, E_INVALID_ARG, "The privilege enumerator is invalid");
- //SysAssertf(privilegeLevelListTable[privilege][_PRV_API_VER_2_0] == _PRV_LEVEL_USER, "System-level privilege is passed to CheckUserPrivilege.");
+ SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
+ SysTryReturnResult(NID_SEC, (privilege2 >= 0) && (privilege2 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
int appType = _AppInfo::GetAppType();
PackageId packageId = _AppInfo::GetPackageId();
_AccessController::CheckPrivilege(const String& privilege)
{
result r = E_SUCCESS;
- static pthread_once_t onceBlock = PTHREAD_ONCE_INIT;
-
bool ret = false;
-
_PrivilegeInfo privilegeInfo;
-
ClearLastResult();
int appType = _AppInfo::GetAppType();
_AccessController::CheckPrivacy(const PackageId & packageId, _Privilege privilege)
{
result r = E_SUCCESS;
- int ret = PRIV_MGR_ERROR_SUCCESS;
- if (privacyListTable[privilege][_PRV_API_VER_2_0] != true)
+ if (privacyListTable[privilege] != true)
{
return r;
}
pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilegeId));
SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
- ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
+ int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
if (ret != PRIV_MGR_ERROR_SUCCESS)
{
r = E_USER_NOT_CONSENTED;
- SysLog(NID_SEC, "Result : FALSE [Privacy]");
+ SysLog(NID_SEC, "Result: FALSE [Privacy]");
}
return r;
_AccessController::CheckPrivacy(const PackageId & packageId, const String& privilege)
{
result r = E_SUCCESS;
- int ret = PRIV_MGR_ERROR_SUCCESS;
std::unique_ptr<char[]> pPackageId(null);
pPackageId.reset(_StringConverter::CopyToCharArrayN(packageId));
pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilege));
SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
- ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
+ int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
if (ret != PRIV_MGR_ERROR_SUCCESS)
{
r = E_USER_NOT_CONSENTED;
- SysLog(NID_SEC, "Result : FALSE [Privacy]");
+ SysLog(NID_SEC, "Result: FALSE [Privacy]");
}
return r;