review.tizen.org Git - platform/framework/web/wrtjs.git/commit

author	DongHyun Song <dh81.song@samsung.com>
	Wed, 9 Sep 2020 09:31:38 +0000 (18:31 +0900)
committer	DongHyun Song <dh81.song@samsung.com>
	Thu, 24 Sep 2020 04:27:02 +0000 (13:27 +0900)
commit	8b45240fb1eaea93bedf12079beff1a24eeaad59
tree	d58891e8dceccef741be448a746f4e15807eec60	tree \| snapshot
parent	16f3cd7c3d28717bab067c03dcb4f50b52dbea6c	commit \| diff

[Service] APIRouter - xwalk.util.checkPrivilegeAccess

xwalk.util.checkPrivilegeAccess() is an internal API of webapis
for checking the app has proper privilege.
If the app hasn't required privilege, it will throw exception.

For example, When 'tizen.filesystem.listStorages' is handled
  xwalk.utils.checkPrivilegeAccess(
      xwalk.utils.privilege.FILESYSTEM_READ);
it checks if the app has 'filesystem.read' privilege, then,
this overrided checkPrivilegeAccess() can inspect its privileges
defined in config.xml. (not wrt-service's privileges)

This is different from AccessControlManager's webapis drops.

In webapis, there are two ways of privilege checking.
  1) by xwalk.util.checkPrivilegeAccess()
  2) by cynara inspection directly

AccessControlManager purpose should be considered way #2.
webapis's cynara DB checking, it always inspects on wrt-service's.
Then, AccessControlManager should be able to disable webapis which
the app doesn't have required privileges.

Change-Id: I84ce85a580a483c209d354ca2f1b7c3d17c08fb3
Signed-off-by: DongHyun Song <dh81.song@samsung.com>

wrt_app/common/service_manager.ts		diff \| blob \| history
wrt_app/common/service_runner.ts		diff \| blob \| history
wrt_app/common/wrt_xwalk_extension.ts		diff \| blob \| history
wrt_app/service/device_api_router.ts		diff \| blob \| history