--- /dev/null
+#
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+CMAKE_MINIMUM_REQUIRED(VERSION 2.8)
+
+PROJECT(dpm-zone)
+
+IF(NOT DEFINED VERSION)
+ SET(VERSION "0.0.1")
+ENDIF(NOT DEFINED VERSION)
+
+INCLUDE(FindPkgConfig)
+
+IF(NOT CMAKE_BUILD_TYPE)
+ SET(CMAKE_BUILD_TYPE "DEBUG")
+ENDIF(NOT CMAKE_BUILD_TYPE)
+
+SET(DPM_API ${PROJECT_SOURCE_DIR}/api)
+SET(DPM_PLUGIN ${PROJECT_SOURCE_DIR}/plugin)
+
+IF("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 4.7)
+ SET(CXX_STD "c++0x")
+else()
+ SET(CXX_STD "c++11")
+endif()
+
+SET(COMPILE_BASE_FLAGS "-g -fPIC -Werror -Wall -Wl,--as-needed -Wl,--no-whole-archive")
+SET(CMAKE_C_FLAGS_PROFILING "${COMPILE_BASE_FLAGS} -O0 -pg")
+SET(CMAKE_CXX_FLAGS_PROFILING "${COMPILE_BASE_FLAGS} -O0 -pg -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_DEBUG "${COMPILE_BASE_FLAGS} -O0 -ggdb")
+SET(CMAKE_CXX_FLAGS_DEBUG "${COMPILE_BASE_FLAGS} -O0 -ggdb -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_RELEASE "${COMPILE_BASE_FLAGS} -O2 -DNDEBUG")
+SET(CMAKE_CXX_FLAGS_RELEASE "${COMPILE_BASE_FLAGS} -O2 -DNDEBUG -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_CCOV "${COMPILE_BASE_FLAGS} -O0 --coverage")
+SET(CMAKE_CXX_FLAGS_CCOV "${COMPILE_BASE_FLAGS} -O0 --coverage -std=${CXX_STD} -fno-rtti")
+
+IF(NOT DEFINED LIB_INSTALL_DIR)
+ SET(LIB_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}")
+ENDIF(NOT DEFINED LIB_INSTALL_DIR)
+
+IF(NOT DEFINED INCLUDE_INSTALL_DIR)
+ SET(INCLUDE_INSTALL_DIR "${CMAKE_INSTALL_INCLUDEDIR}")
+ENDIF(NOT DEFINED INCLUDE_INSTALL_DIR)
+
+IF(NOT DEFINED CONF_INSTALL_DIR)
+ SET(CONF_INSTALL_DIR "${SYSCONF_INSTALL_DIR}/dpm")
+ENDIF(NOT DEFINED CONF_INSTALL_DIR)
+
+IF(NOT DEFINED DATA_INSTALL_DIR)
+ SET(DATA_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/share/dpm")
+ENDIF(NOT DEFINED DATA_INSTALL_DIR)
+
+IF(NOT DEFINED DB_INSTALL_DIR)
+ SET(DB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/dbspace")
+ENDIF(NOT DEFINED DB_INSTALL_DIR)
+
+IF(NOT DEFINED RUN_INSTALL_DIR)
+ SET(RUN_INSTALL_DIR "/var/run")
+ENDIF(NOT DEFINED RUN_INSTALL_DIR)
+
+IF(NOT DEFINED PAMD_INSTALL_DIR)
+ SET(PAMD_INSTALL_DIR "${SYSCONF_INSTALL_DIR}/pam.d")
+ENDIF(NOT DEFINED PAMD_INSTALL_DIR)
+
+IF(NOT DEFINED SYSTEMD_UNIT_INSTALL_DIR)
+ SET(SYSTEMD_UNIT_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system")
+ENDIF(NOT DEFINED SYSTEMD_UNIT_INSTALL_DIR)
+
+ADD_DEFINITIONS(-DUG_WAYLAND)
+
+ADD_SUBDIRECTORY(${DPM_PLUGIN})
+ADD_SUBDIRECTORY(${DPM_API})
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+SET(TARGET ${PROJECT_NAME})
+SET(PC_FILE "${TARGET}.pc")
+
+SET(LIB_VERSION "${VERSION}")
+SET(LIB_SOVERSION "0")
+
+SET(API_SOURCES "zone.cpp")
+SET(API_HEADERS "zone.h")
+
+SET(DEPENDENCY klay
+ dpm-pil
+ capi-base-common
+ capi-system-info
+)
+
+PKG_CHECK_MODULES(API_DEPS REQUIRED ${DEPENDENCY})
+
+SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack")
+
+ADD_LIBRARY(${TARGET} SHARED ${API_SOURCES})
+
+SET_TARGET_PROPERTIES(${TARGET} PROPERTIES COMPILE_FLAGS "-fvisibility=default")
+SET_TARGET_PROPERTIES(${TARGET} PROPERTIES SOVERSION ${LIB_SOVERSION})
+SET_TARGET_PROPERTIES(${TARGET} PROPERTIES VERSION ${LIB_VERSION})
+
+INCLUDE_DIRECTORIES(SYSTEM ${API_DEPS_INCLUDE_DIRS})
+TARGET_LINK_LIBRARIES(${TARGET} ${API_DEPS_LIBRARIES} pthread)
+
+CONFIGURE_FILE(${PC_FILE}.in ${CMAKE_BINARY_DIR}/${PC_FILE} @ONLY)
+
+INSTALL(FILES ${CMAKE_BINARY_DIR}/${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig)
+INSTALL(TARGETS ${TARGET} DESTINATION ${LIB_INSTALL_DIR} COMPONENT RuntimeLibraries)
+#INSTALL(FILES ${API_HEADERS} DESTINATION ${INCLUDE_INSTALL_DIR}/dpm)
--- /dev/null
+# Package Information for pkg-config
+
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=@CMAKE_INSTALL_PREFIX@
+libdir=@LIB_INSTALL_DIR@
+includedir=@INCLUDE_INSTALL_DIR@
+
+Name: Zone policy module
+Description: Zone policy module for device policy manager
+Version: @VERSION@
+Libs: -L${libdir} -ldpm-zone
+Cflags: -I${includedir}/dpm
+
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <tizen.h>
+#include <tizen_type.h>
+
+#include <dpm/pil/policy-client.h>
+
+#include "zone.h"
+
+EXPORT_API int dpm_zone_create(device_policy_manager_h handle, const char* name, const char* pkgname)
+{
+ RET_ON_FAILURE(handle, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(name, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(pkgname, DPM_ERROR_INVALID_PARAMETER);
+
+ DevicePolicyClient &client = GetDevicePolicyClient(handle);
+
+ try {
+ Status<int> status { -1 };
+ status = client.methodCall<int>("Zone::create", name, pkgname);
+ return status.get();
+ } catch (...) {
+ return -1;
+ }
+}
+
+EXPORT_API int dpm_zone_destroy(device_policy_manager_h handle, const char* name)
+{
+ RET_ON_FAILURE(handle, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(name, DPM_ERROR_INVALID_PARAMETER);
+
+ DevicePolicyClient &client = GetDevicePolicyClient(handle);
+
+ try {
+ Status<int> status { -1 };
+ status = client.methodCall<int>("Zone::remove", name);
+ return status.get();
+ } catch (...) {
+ return -1;
+ }
+}
+
+EXPORT_API int dpm_zone_get_state(device_policy_manager_h handle, const char* name, dpm_zone_state_e *state)
+{
+ RET_ON_FAILURE(handle, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(name, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(state, DPM_ERROR_INVALID_PARAMETER);
+
+ DevicePolicyClient &client = GetDevicePolicyClient(handle);
+
+ try {
+ Status<int> status { 0 };
+ status = client.methodCall<int>("KratePolicy::getState", name);
+ if (status.get() == 0) {
+ return DPM_ERROR_NO_DATA;
+ }
+
+ *state = (dpm_zone_state_e)status.get();
+ } catch (...) {
+ return -1;
+ }
+
+ return DPM_ERROR_NONE;
+}
+
+EXPORT_API int dpm_zone_foreach_name(device_policy_manager_h handle, dpm_zone_state_e state,
+ dpm_zone_foreach_name_cb callback, void* user_data)
+{
+ RET_ON_FAILURE(handle, DPM_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(callback, DPM_ERROR_INVALID_PARAMETER);
+
+ DevicePolicyClient &client = GetDevicePolicyClient(handle);
+
+ try {
+ Status<std::vector<std::string>> status { std::vector<std::string>() };
+ status = client.methodCall<std::vector<std::string>>("Zone::enumerate", (int)state);
+
+ for (const std::string& name : status.get()) {
+ if (!callback(name.c_str(), user_data))
+ break;
+ }
+ } catch (...) {
+ return -1;
+ }
+
+ return DPM_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_DPM_ZONE_POLICY_H__
+#define __CAPI_DPM_ZONE_POLICY_H__
+
+typedef void * device_policy_manager_h;
+
+/**
+ * @file zone.h
+ * @brief This file provides APIs to control zones
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @addtogroup CAPI_DPM_ZONE_POLICY_MODULE
+ * @{
+ */
+
+/**
+ * @partner
+ * @brief Creates a new zone.
+ * @details An administrator can use this API to create a container. Once the container
+ * is created, the admin package given to the parameter will be installed inside
+ * the container. Then ownership of the container gets transferred to the admin
+ * package from the client which triggered the container creation process.
+ * @since_tizen 3.0
+ * @privlevel partner
+ * @privilege %http://tizen.org/privilege/dpm.zone
+ * @param[in] handle Device policy manager handle
+ * @param[in] name The zone name to be created
+ * @param[in] pkgname Admin package container ownership will be transferred
+ * @return #DPM_ERROR_NONE on success, otherwise a negative value
+ * @retval #DPM_ERROR_NONE Successful
+ * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #DPM_ERROR_TIMED_OUT Time out
+ * @retval #DPM_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The handle must be created by dpm_manager_create().
+ * @see dpm_manager_create()
+ * @see dpm_zone_destroy()
+ * @see dpm_zone_create_iterator()
+ */
+int dpm_zone_create(device_policy_manager_h handle, const char* name, const char* pkgname);
+
+/**
+ * @partner
+ * @brief Removes existing zone.
+ * @details Administrator can use this API to remove zone. All file system objects
+ * created for the zone will be also erased.
+ * @since_tizen 3.0
+ * @privlevel partner
+ * @privilege %http://tizen.org/privilege/dpm.zone
+ * @param[in] handle Device policy manager handle
+ * @param[in] name The zone name to be removed
+ * @return #DPM_ERROR_NONE on success, otherwise a negative value
+ * @retval #DPM_ERROR_NONE Successful
+ * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #DPM_ERROR_TIMED_OUT Time out
+ * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API or the caller is not the owner
+ * of the zone
+ * @pre The handle must be created by dpm_manager_create().
+ * @pre The zone corresponding to the given name must be
+ * created before use of this API.
+ * @see dpm_manager_create()
+ * @see dpm_zone_create()
+ * @see dpm_zone_create_iterator()
+ */
+int dpm_zone_destroy(device_policy_manager_h handle, const char* name);
+
+/**
+ * @brief Enumeration for zone state
+ * @since_tizen 3.0
+ */
+typedef enum {
+ DPM_ZONE_STATE_LOCKED = 0x01, /**< Zone has been defined, but it can not start. */
+ DPM_ZONE_STATE_RUNNING = 0x02, /**< Zone has been started. */
+ DPM_ZONE_STATE_ALL = 0xff /**< This presents all of the state */
+} dpm_zone_state_e;
+
+/**
+ * @brief Gets the zone state.
+ * @details This API can be used to get the state of the zone. The zone can
+ * have one of the three states(running, locked).
+ * @since_tizen 3.0
+ * @param[in] handle Device policy manager handle
+ * @param[in] name The zone name
+ * @param[out] state The zone state
+ * @return #DPM_ERROR_NONE on success, otherwise a negative value
+ * @retval #DPM_ERROR_NONE Successful
+ * @retval #DPM_ERROR_NO_DATA No such zone to get state
+ * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #DPM_ERROR_TIMED_OUT Time out
+ * @pre The handle must be created by dpm_manager_create().
+ * @see dpm_manager_create()
+ * @see dpm_zone_create()
+ * @see dpm_zone_destroy()
+ */
+int dpm_zone_get_state(device_policy_manager_h handle, const char* name, dpm_zone_state_e *state);
+
+/**
+ * @brief Called to get all the name of created zones.
+ * @since_tizen 3.0
+ * @param[in] name The zone name
+ * @param[in] user_data The user data passed from dpm_zone_foreach_name
+ * @return true to continue with the next iteration of the loop, otherwise false to break out out the loop
+ * @see dpm_zone_foreach_name()
+ */
+typedef bool(*dpm_zone_foreach_name_cb)(const char* name, void *user_data);
+
+/**
+ * @brief Retrieves all the name of created zones
+ * @details This API calls dpm_zone_foreach_cb() once for each zone name
+ * with traversing the created zones list.
+ * @since_tizen 3.0
+ * @param[in] handle Device policy manager handle
+ * @param[in] state a combination of the zone state to look
+ * @param[in] callback The iteration callback function
+ * @param[in] user_data The user data passed to the callback function
+ * @return #DPM_ERROR_NONE on success, otherwise a negative value
+ * @retval #DPM_ERROR_NONE Successful
+ * @retval #DPM_ERROR_TIMED_OUT Time out
+ * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
+ * @pre The handle must be created by dpm_manager_create().
+ * @see dpm_manager_create()
+ * @see dpm_zone_create()
+ * @see dpm_zone_destroy()
+ */
+int dpm_zone_foreach_name(device_policy_manager_h handle,
+ dpm_zone_state_e state,
+ dpm_zone_foreach_name_cb callback, void* user_data);
+
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_DPM_ZONE_POLICY__ */
--- /dev/null
+<manifest>
+ <request>
+ <domain name="_" />
+ </request>
+</manifest>
--- /dev/null
+Name: dpm-zone
+Version: 1.0.1
+Release: 0
+License: Apache-2.0
+Source0: %{name}-%{version}.tar.gz
+Summary: Tizen Device Policy Manager Zone Policy Module
+Group: Security/Other
+BuildRequires: gcc
+BuildRequires: cmake
+BuildRequires: gettext-tools
+BuildRequires: pkgconfig(klay)
+BuildRequires: pkgconfig(dpm-pil)
+BuildRequires: pkgconfig(krate)
+BuildRequires: pkgconfig(capi-system-info)
+BuildRequires: pkgconfig(capi-base-common)
+
+%description
+The dpm-zone package provides zone policy module for device policy manager
+
+%files
+%manifest dpm-zone.manifest
+%defattr(644,root,root,755)
+%attr(755,root,root) /opt/data/dpm/plugins/zone
+%attr(755,root,root) %{_libdir}/libdpm-zone.so.%{version}
+%{_libdir}/libdpm-zone.so.0
+
+%prep
+%setup -q
+
+%build
+%{!?build_type:%define build_type "RELEASE"}
+
+%if %{build_type} == "DEBUG" || %{build_type} == "PROFILING" || %{build_type} == "CCOV"
+ CFLAGS="$CFLAGS -Wp,-U_FORTIFY_SOURCE"
+ CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE"
+%endif
+
+%cmake . -DVERSION=%{version} \
+ -DCMAKE_BUILD_TYPE=%{build_type} \
+ -DSCRIPT_INSTALL_DIR=%{_scriptdir} \
+ -DSYSTEMD_UNIT_INSTALL_DIR=%{_unitdir} \
+ -DDATA_INSTALL_DIR=%{TZ_SYS_DATA}/dpm \
+ -DDB_INSTALL_DIR=%{TZ_SYS_DB} \
+ -DRUN_INSTALL_DIR=%{TZ_SYS_RUN} \
+ -DAPP_INSTALL_PREFIX="%{TZ_SYS_RO_APP}" \
+ -DAPP_SHARE_PACKAGES_DIR="%{TZ_SYS_RO_PACKAGES}" \
+
+make %{?jobs:-j%jobs}
+
+%install
+%make_install
+
+%clean
+rm -rf %{buildroot}
+
+%post
+
+%preun
+
+%postun
+
+## Devel Package ##############################################################
+%package -n libdpm-zone-devel
+Summary: Libraries and header files for device policy client development
+Group: Development/Libraries
+Requires: device-policy-manager = %{version}-%{release}
+
+%description -n libdpm-zone-devel
+The libdpm-zone-devel package includes the libraries and header files necessary for
+developing the DPM client program.
+
+%files -n libdpm-zone-devel
+%manifest dpm-zone.manifest
+%defattr(644,root,root,755)
+%{_libdir}/libdpm-zone.so
+%{_libdir}/pkgconfig/dpm-zone.pc
+#%{_includedir}/dpm
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+SET(TARGET "dpm-plugin-zone")
+
+SET(PLUGIN_SOURCES "zone.cpp")
+
+SET(DEPENDENCY klay
+ dpm-pil
+ krate
+)
+
+PKG_CHECK_MODULES(PLUGIN_DEPS REQUIRED ${DEPENDENCY})
+
+SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack")
+
+ADD_LIBRARY(${TARGET} SHARED ${PLUGIN_SOURCES})
+SET_TARGET_PROPERTIES(${TARGET} PROPERTIES COMPILE_FLAGS "-fvisibility=default")
+INCLUDE_DIRECTORIES(SYSTEM ${PLUGIN_DEPS_INCLUDE_DIRS})
+TARGET_LINK_LIBRARIES(${TARGET} ${PLUGIN_DEPS_LIBRARIES})
+
+INSTALL(FILES libdpm-plugin-zone.so RENAME zone DESTINATION /opt/data/dpm/plugins)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/inotify.h>
+
+#include <regex>
+#include <algorithm>
+#include <string>
+
+#include <tzplatform_config.h>
+#include <klay/auth/user.h>
+#include <krate/krate.h>
+
+#include <dpm/pil/policy-context.h>
+#include <dpm/pil/policy-model.h>
+#include <dpm/pil/policy-storage.h>
+#include <dpm/pil/app-bundle.h>
+#include <dpm/pil/launchpad.h>
+
+#define NAME_PATTERN "^[A-Za-z_][A-Za-z0-9_.-]*"
+
+namespace {
+
+std::regex krateNamePattern(NAME_PATTERN);
+
+bool foreachKrateCallback(const char* name, void* user_data)
+{
+ auto pList = (std::vector<std::string>*)user_data;
+ pList->push_back(name);
+ return true;
+}
+
+bool isAllowedName(const std::string& name)
+{
+ if (!std::regex_match(name, krateNamePattern)) {
+ return false;
+ }
+
+ bool exists;
+ try {
+ runtime::User user(name);
+ exists = true;
+ } catch (runtime::Exception& e) {
+ exists = false;
+ }
+
+ return !exists;
+}
+
+} // namespace
+
+
+class Zone : public AbstractPolicyProvider {
+public:
+ int create(const std::string& name, const std::string& setupWizAppid);
+ int remove(const std::string& name);
+ int getState(const std::string& name);
+ std::vector<std::string> enumerate(int state);
+};
+
+int Zone::create(const std::string& name, const std::string& setupWizAppid)
+{
+ if (!isAllowedName(name)) {
+ return -1;
+ }
+
+ try {
+ Bundle bundle;
+ bundle.add("id", "krate-create");
+ bundle.add("user-data", name);
+
+ Launchpad launchpad(rmi::Service::getPeerUid());
+ launchpad.launch("org.tizen.dpm-syspopup", bundle);
+ } catch (runtime::Exception& e) {
+ ERROR(e.what());
+ return -1;
+ }
+
+ return 0;
+}
+
+int Zone::remove(const std::string& name)
+{
+ if (getState(name) == 0) {
+ return -1;
+ }
+
+ try {
+ Bundle bundle;
+ bundle.add("id", "krate-remove");
+ bundle.add("user-data", name);
+
+ Launchpad launchpad(rmi::Service::getPeerUid());
+ launchpad.launch("org.tizen.dpm-syspopup", bundle);
+ } catch (runtime::Exception& e) {
+ ERROR(e.what());
+ return -1;
+ }
+
+ return 0;
+}
+
+int Zone::getState(const std::string& name)
+{
+ krate_state_e state = (krate_state_e)0;
+ krate_manager_h krate_manager;
+
+ krate_manager_create(&krate_manager);
+ krate_manager_get_krate_state(krate_manager, name.c_str(), &state);
+ krate_manager_destroy(krate_manager);
+
+ return (int)state;
+}
+
+std::vector<std::string> Zone::enumerate(int state)
+{
+ std::vector<std::string> list;
+ krate_manager_h krate_manager;
+
+ krate_manager_create(&krate_manager);
+ krate_manager_foreach_name(krate_manager, (krate_state_e)state, foreachKrateCallback, &list);
+ krate_manager_destroy(krate_manager);
+
+ return list;
+}
+
+extern "C" {
+
+#define PRIVILEGE "http://tizen.org/privilege/dpm.zone"
+
+AbstractPolicyProvider *PolicyFactory(PolicyControlContext& context)
+{
+ Zone *policy = new Zone();
+
+ context.expose(policy, PRIVILEGE, (int)(Zone::create)(std::string, std::string));
+ context.expose(policy, PRIVILEGE, (int)(Zone::remove)(std::string));
+ context.expose(policy, "", (int)(Zone::getState)(std::string));
+ context.expose(policy, "", (std::vector<std::string>)(Zone::enumerate)(int));
+
+ return policy;
+}
+
+} // extern "C"
projects / platform / core / security / dpm-zone.git / commitdiff