Revert "[Account] Privilege checks moved to JS."

This reverts commit 56d62cfd264357832fb8349c2a7be159efc4715e.
This also applies changes from commit 5916ee92167ffd8b27d8f9aefc3cd0032e004670

[Verification] Code compiles. TCT pass rate 100%

Change-Id: I7568481f878f85f3e1c6f43de1f7db6c78bb0f90
Signed-off-by: Tomasz Marciniak <t.marciniak@samsung.com>

diff --git a/src/account/account_api.js b/src/account/account_api.js
index 6c1c84c..31c0b08 100755 (executable)
--- a/src/account/account_api.js
+++ b/src/account/account_api.js
@@ -77,8 +77,6 @@ function Account() {
 
 
 Account.prototype.setExtendedData = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_WRITE);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'key', type: types_.STRING },
         { name: 'value', type: types_.STRING }
@@ -99,8 +97,6 @@ Account.prototype.setExtendedData = function() {
 
 
 Account.prototype.getExtendedData = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     if (T_.isFunction(arguments[0]) || arguments.length > 1) {
         var args = validator_.validateArgs(arguments, [
             {
@@ -115,23 +111,25 @@ Account.prototype.getExtendedData = function() {
             }
         ]);
 
-        // TODO handling exceptions
-
-        native_.call('Account_getExtendedData', { accountId: this.id },
+        var result = native_.call('Account_getExtendedData', { accountId: this.id },
             function(result) {
-                if (native_.isFailure(result)) {
-                    if(!T_.isNullOrUndefined(args.errorCallback)) {
-                        args.errorCallback(native_.getErrorObject(result));
-                    }
-                } else {
-                    var data = native_.getResultObject(result);
-                    for (var i = 0; i < data.length; ++i) {
-                        Object.freeze(data[i]);
-                    }
-                    args.successCallback(native_.getResultObject(result));
+              if (native_.isFailure(result)) {
+                if(!T_.isNullOrUndefined(args.errorCallback)) {
+                  args.errorCallback(native_.getErrorObject(result));
+                }
+              } else {
+                var data = native_.getResultObject(result);
+                for (var i = 0; i < data.length; ++i) {
+                  Object.freeze(data[i]);
                 }
+                args.successCallback(native_.getResultObject(result));
+              }
             }
         );
+
+        if (native_.isFailure(result)) {
+          throw native_.getErrorObject(result);
+        }
     } else {
         var args = validator_.validateArgs(arguments, [
             { name: 'key', type: types_.STRING }
@@ -163,8 +161,6 @@ function AccountManager() {}
 
 
 AccountManager.prototype.add = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_WRITE);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'account', type: types_.PLATFORM_OBJECT, values: Account }
     ]);
@@ -186,8 +182,6 @@ AccountManager.prototype.add = function() {
 
 
 AccountManager.prototype.remove = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_WRITE);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'accountId', type: types_.UNSIGNED_LONG}
     ]);
@@ -201,8 +195,6 @@ AccountManager.prototype.remove = function() {
 
 
 AccountManager.prototype.update = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_WRITE);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'account', type: types_.PLATFORM_OBJECT, values: Account }
     ]);
@@ -222,8 +214,6 @@ AccountManager.prototype.update = function() {
 
 
 AccountManager.prototype.getAccount = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'accountId', type: types_.UNSIGNED_LONG }
     ]);
@@ -248,17 +238,13 @@ AccountManager.prototype.getAccount = function() {
 
 
 AccountManager.prototype.getAccounts = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'successCallback', type: types_.FUNCTION, optional: false, nullable: false },
         { name: 'errorCallback', type: types_.FUNCTION, optional: true, nullable: true },
         { name: 'applicationId', type: types_.STRING, optional: true, nullable: true }
     ]);
 
-    // TODO handling exceptions
-
-    native_.call('AccountManager_getAccounts',
+   var result = native_.call('AccountManager_getAccounts',
         {
             applicationId: args.applicationId
         },
@@ -277,12 +263,14 @@ AccountManager.prototype.getAccounts = function() {
             }
         }
     );
+
+   if (native_.isFailure(result)) {
+     throw native_.getErrorObject(result);
+   }
 }
 
 
 AccountManager.prototype.getProvider = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'applicationId', type: types_.STRING }
     ]);
@@ -307,17 +295,13 @@ AccountManager.prototype.getProvider = function() {
 
 
 AccountManager.prototype.getProviders = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'successCallback', type: types_.FUNCTION, optional: false, nullable: false },
         { name: 'errorCallback', type: types_.FUNCTION, optional: true, nullable: true },
         { name: 'capability', type: types_.STRING, optional: true, nullable: true }
     ]);
 
-    // TODO handling exceptions
-
-    native_.call( 'AccountManager_getProviders',
+    var result = native_.call( 'AccountManager_getProviders',
         {
             capability: args.capability
         },
@@ -336,6 +320,10 @@ AccountManager.prototype.getProviders = function() {
             }
         }
     );
+
+    if (native_.isFailure(result)) {
+      throw native_.getErrorObject(result);
+    }
 }
 
 
@@ -418,23 +406,21 @@ var _accountListeners = new AccountListeners();
 
 
 AccountManager.prototype.addAccountListener = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'callback', type: types_.LISTENER, values: ['onadded', 'onremoved', 'onupdated'] }
     ]);
 
+    //checking privilege is done in C++ layer through _accountListeners.addListener()
     return _accountListeners.addListener(args.callback);
 }
 
 
 AccountManager.prototype.removeAccountListener = function() {
-    xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.ACCOUNT_READ);
-
     var args = validator_.validateArgs(arguments, [
         { name: 'accountListenerId', type: types_.UNSIGNED_LONG }
     ]);
 
+    //checking privilege is done in C++ layer through _accountListeners.removeListener()
     _accountListeners.removeListener(args.accountListenerId);
 }
 

diff --git a/src/account/account_instance.cc b/src/account/account_instance.cc
index f62894d..a16d846 100644 (file)
--- a/src/account/account_instance.cc
+++ b/src/account/account_instance.cc
@@ -24,6 +24,7 @@
 #include "common/logger.h"
 #include "common/task-queue.h"
 #include "common/platform_exception.h"
+#include "common/tools.h"
 
 namespace extension {
 namespace account {
@@ -33,6 +34,14 @@ using common::TypeMismatchException;
 using common::UnknownException;
 using common::SecurityException;
 
+namespace {
+// The privileges that required in Account API
+const std::string kPrivilegeAccountRead =
+    "http://tizen.org/privilege/account.read";
+const std::string kPrivilegeAccountWrite =
+    "http://tizen.org/privilege/account.write";
+} // namespace
+
 #define CHECK_EXIST(args, name, out) \
     if (!args.contains(name)) {\
       LogAndReportError(TypeMismatchException(name" is required argument"), out);\
@@ -85,6 +94,8 @@ void AccountInstance::AccountSetExtendedData(const picojson::value& args,
                                              picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountWrite, &out);
+
   CHECK_EXIST(args, "key", out)
   CHECK_EXIST(args, "value", out)
   CHECK_EXIST(args, "accountId", out)
@@ -100,6 +111,8 @@ void AccountInstance::AccountGetExtendedData(const picojson::value& args,
                                              picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   CHECK_EXIST(args, "accountId", out)
   CHECK_EXIST(args, "callbackId", out)
 
@@ -129,6 +142,8 @@ void AccountInstance::AccountGetExtendedDataSync(const picojson::value& args,
                                                  picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   CHECK_EXIST(args, "key", out)
   CHECK_EXIST(args, "accountId", out)
 
@@ -140,18 +155,21 @@ void AccountInstance::AccountGetExtendedDataSync(const picojson::value& args,
 
 void AccountInstance::AccountManagerAdd(const picojson::value& args, picojson::object& out) {
   LoggerD("Enter");
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountWrite, &out);
   manager_->AddAccount(args, out);
 }
 
 void AccountInstance::AccountManagerRemove(const picojson::value& args,
                                            picojson::object& out) {
   LoggerD("Enter");
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountWrite, &out);
   manager_->RemoveAccount(args, out);
 }
 
 void AccountInstance::AccountManagerUpdate(const picojson::value& args,
                                            picojson::object& out) {
   LoggerD("Enter");
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountWrite, &out);
   manager_->UpdateAccount(args, out);
 }
 
@@ -159,6 +177,8 @@ void AccountInstance::AccountManagerGetAccount(const picojson::value& args,
                                                picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   CHECK_EXIST(args, "accountId", out)
 
   int account_id = static_cast<int>(args.get("accountId").get<double>());
@@ -170,6 +190,8 @@ void AccountInstance::AccountManagerGetAccounts(const picojson::value& args,
                                                 picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   CHECK_EXIST(args, "callbackId", out)
   int callback_id = static_cast<int>(args.get("callbackId").get<double>());
 
@@ -199,6 +221,8 @@ void AccountInstance::AccountManagerGetProvider(const picojson::value& args,
                                                 picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   std::string application_id = args.get("applicationId").get<std::string>();
   LoggerD("application_id [%s]", application_id.c_str());
 
@@ -209,6 +233,8 @@ void AccountInstance::AccountManagerGetProviders(const picojson::value& args,
                                                  picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   CHECK_EXIST(args, "callbackId", out)
   int callback_id = static_cast<int>(args.get("callbackId").get<double>());
 
@@ -281,6 +307,7 @@ static bool AccountEventCb(const char *event_type, int account_id,
 void AccountInstance::AccountManagerAddAccountListener(
     const picojson::value& args, picojson::object& out) {
   LoggerD("Enter");
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
 
   if (!subscribe_) {
     LoggerD("Creating subscription");
@@ -309,6 +336,8 @@ void AccountInstance::AccountManagerRemoveAccountListener(
     const picojson::value& args, picojson::object& out) {
   LoggerD("Enter");
 
+  CHECK_PRIVILEGE_ACCESS(kPrivilegeAccountRead, &out);
+
   if (subscribe_) {
     LoggerD("Removing subscription");