- in tizen 2.3, there is another security module, security_server.
- clean up permission_checker for converting it easily
Change-Id: I4489849fbb4e8178058e1b1d403dde99c402b0bd
Signed-off-by: kibak.yoon <kibak.yoon@samsung.com>
#include <cynara-creds-socket.h>
#include <cynara-session.h>
#include <permission_checker.h>
#include <cynara-creds-socket.h>
#include <cynara-session.h>
#include <permission_checker.h>
+#include <sensor_common.h>
#include <sensor_log.h>
#include <sensor_loader.h>
#include <sensor_base.h>
#include <sensor_log.h>
#include <sensor_loader.h>
#include <sensor_base.h>
#define CACHE_SIZE 16
static cynara *cynara_env = NULL;
#define CACHE_SIZE 16
static cynara *cynara_env = NULL;
-static bool check_privilege_by_sockfd(int sock_fd, const char *priv)
+static bool check_privilege_by_sockfd(int sock_fd, const char *priv, const char *access)
{
retvm_if(cynara_env == NULL, false, "Cynara not initialized");
{
retvm_if(cynara_env == NULL, false, "Cynara not initialized");
return (ret == CYNARA_API_ACCESS_ALLOWED);
}
return (ret == CYNARA_API_ACCESS_ALLOWED);
}
-permission_checker::permission_checker(void)
+permission_checker::permission_checker()
: m_permission_set(0)
{
init();
: m_permission_set(0)
{
init();
-permission_checker::~permission_checker(void)
+permission_checker::~permission_checker()
}
permission_checker& permission_checker::get_instance(void)
}
permission_checker& permission_checker::get_instance(void)
void permission_checker::init(void)
{
void permission_checker::init(void)
{
- AUTOLOCK(m_mutex);
-
- m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_STANDARD, false, ""));
- m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_BIO, true, "http://tizen.org/privilege/healthinfo"));
+ m_permission_infos.push_back(std::make_shared<permission_info>(SENSOR_PERMISSION_BIO, "http://tizen.org/privilege/healthinfo", ""));
std::vector<sensor_base *> sensors;
sensors = sensor_loader::get_instance().get_sensors(ALL_SENSOR);
std::vector<sensor_base *> sensors;
sensors = sensor_loader::get_instance().get_sensors(ALL_SENSOR);
m_permission_set |= sensors[i]->get_permission();
_I("Permission Set = %d", m_permission_set);
m_permission_set |= sensors[i]->get_permission();
_I("Permission Set = %d", m_permission_set);
}
void permission_checker::init_cynara(void)
{
}
void permission_checker::init_cynara(void)
{
cynara_configuration *conf;
int err = cynara_configuration_create(&conf);
cynara_configuration *conf;
int err = cynara_configuration_create(&conf);
_I("Cynara initialized");
}
_I("Cynara initialized");
}
-void permission_checker::deinit(void)
+void permission_checker::deinit_cynara(void)
- int permission = SENSOR_PERMISSION_NONE;
+ int permission = SENSOR_PERMISSION_STANDARD;
for (unsigned int i = 0; i < m_permission_infos.size(); ++i) {
for (unsigned int i = 0; i < m_permission_infos.size(); ++i) {
- if (!m_permission_infos[i]->need_to_check) {
+ if (!(m_permission_set & m_permission_infos[i]->permission))
+ continue;
+
+ if (check_privilege_by_sockfd(sock_fd, m_permission_infos[i]->privilege.c_str(), m_permission_infos[i]->access.c_str()))
permission |= m_permission_infos[i]->permission;
permission |= m_permission_infos[i]->permission;
- } else if (m_permission_set & m_permission_infos[i]->permission) {
- if (check_privilege_by_sockfd(sock_fd, m_permission_infos[i]->privilege.c_str())) {
- permission |= m_permission_infos[i]->permission;
- }
- }
private:
class permission_info {
public:
private:
class permission_info {
public:
- permission_info(int _permission, bool _need_to_check, std::string _priv)
+ permission_info(int _permission, std::string _priv, std::string _access)
: permission(_permission)
: permission(_permission)
- , need_to_check(_need_to_check)
};
typedef std::vector<std::shared_ptr<permission_info>> permission_info_vector;
permission_checker();
};
typedef std::vector<std::shared_ptr<permission_info>> permission_info_vector;
permission_checker();
permission_checker(permission_checker const&) {};
permission_checker& operator=(permission_checker const&);
permission_checker(permission_checker const&) {};
permission_checker& operator=(permission_checker const&);
+ ~permission_checker();
+
private:
permission_info_vector m_permission_infos;
int m_permission_set;
cmutex m_mutex;
private:
permission_info_vector m_permission_infos;
int m_permission_set;
cmutex m_mutex;
+ void deinit_cynara(void);
};
#endif /* _PERMISSION_CHECKER_H_ */
};
#endif /* _PERMISSION_CHECKER_H_ */