Fix installing privileges of hybrid package

Change-Id: I0b76b92943523a030f6df7e106b36338423737fc
Signed-off-by: Sangyoon Jang <jeremy.jang@samsung.com>

diff --git a/src/common/step/security/step_privacy_privilege.cc b/src/common/step/security/step_privacy_privilege.cc
index 99b09d8..fd6460f 100644 (file)
--- a/src/common/step/security/step_privacy_privilege.cc
+++ b/src/common/step/security/step_privacy_privilege.cc
@@ -6,12 +6,30 @@
 
 #include <boost/scope_exit.hpp>
 
+#include <map>
 #include <vector>
 
 #include "common/privileges.h"
+#include "common/utils/glist_range.h"
 
 namespace ci = common_installer;
 
+namespace {
+
+std::string GetAPIVersion(manifest_x* m, bool is_web) {
+  std::string api_version;
+  for (auto& app : GListRange<application_x*>(m->application)) {
+    if ((is_web && strcmp(app->type, "webapp") != 0) ||
+        (!is_web && strcmp(app->type, "webapp") == 0))
+      continue;
+    api_version = app->api_version;
+    break;
+  }
+  return api_version;
+}
+
+}  // namespace
+
 namespace common_installer {
 namespace security {
 
@@ -30,17 +48,18 @@ GList* StepPrivacyPrivilege::GetPrivilege(
 
 bool StepPrivacyPrivilege::SetPrivacyPrivilege(
     const uid_t uid, const char* pkgid,
-    const char* api_version, GList* privileges) {
-  std::vector<privilege_manager_package_type_e> pType = {
-    {PRVMGR_PACKAGE_TYPE_CORE},
-    {PRVMGR_PACKAGE_TYPE_WRT}
+    manifest_x* manifest, GList* privileges) {
+
+  std::map<privilege_manager_package_type_e, std::string> pType = {
+    {PRVMGR_PACKAGE_TYPE_CORE, GetAPIVersion(manifest, false)},
+    {PRVMGR_PACKAGE_TYPE_WRT, GetAPIVersion(manifest, true)}
   };
 
   for (auto& type : pType) {
-    GList *privilege = GetPrivilege(privileges, type);
+    GList *privilege = GetPrivilege(privileges, type.first);
     if (privilege) {
       int ret = privilege_package_info_set_privacy_privilege(uid, pkgid,
-          type, api_version, privilege);
+          type.first, type.second.c_str(), privilege);
       if (ret != PRVMGR_ERR_NONE) {
         LOG(ERROR) << "Failed to set privacy_privilege";
         g_list_free_full(privilege, free);
@@ -84,7 +103,7 @@ Step::Status StepPrivacyPrivilege::process() {
     manifest_x* manifest = context_->manifest_data.get();
     if (!SetPrivacyPrivilege(context_->uid.get(),
                              context_->pkgid.get().c_str(),
-                             manifest->api_version,
+                             manifest,
                              manifest->privileges)) {
       LOG(ERROR) << "Failed undo privacy privilege";
       return Step::Status::SECURITY_ERROR;
@@ -109,7 +128,7 @@ Step::Status StepPrivacyPrivilege::undo() {
     manifest_x* old_manifest = context_->old_manifest_data.get();
     if (!SetPrivacyPrivilege(context_->uid.get(),
                              context_->pkgid.get().c_str(),
-                             old_manifest->api_version,
+                             old_manifest,
                              old_manifest->privileges)) {
       LOG(ERROR) << "Failed undo privacy privilege";
       return Step::Status::SECURITY_ERROR;

diff --git a/src/common/step/security/step_privacy_privilege.h b/src/common/step/security/step_privacy_privilege.h
index 4d2fa31..3dac398 100644 (file)
--- a/src/common/step/security/step_privacy_privilege.h
+++ b/src/common/step/security/step_privacy_privilege.h
@@ -28,7 +28,7 @@ class StepPrivacyPrivilege : public common_installer::Step {
 
  private:
   bool SetPrivacyPrivilege(const uid_t uid, const char* package,
-                           const char* api_version, GList* privileges);
+                           manifest_x* manifest, GList* privileges);
   GList* GetPrivilege(GList* privileges,
                       privilege_manager_package_type_e type);
   ActionType type_;

diff --git a/src/common/step/security/step_privilege_compatibility.cc b/src/common/step/security/step_privilege_compatibility.cc
index a1f12ab..f891f2b 100644 (file)
--- a/src/common/step/security/step_privilege_compatibility.cc
+++ b/src/common/step/security/step_privilege_compatibility.cc
@@ -54,6 +54,18 @@ bool MapPrivileges(GList* priv, GList** out, bool is_web,
   return true;
 }
 
+std::string GetAPIVersion(manifest_x* m, bool is_web) {
+  std::string api_version;
+  for (auto& app : GListRange<application_x*>(m->application)) {
+    if ((is_web && strcmp(app->type, "webapp") != 0) ||
+        (!is_web && strcmp(app->type, "webapp") == 0))
+      continue;
+    api_version = app->api_version;
+    break;
+  }
+  return api_version;
+}
+
 bool TranslatePrivilegesForCompatibility(manifest_x* m) {
   if (!m->api_version) {
     LOG(WARNING) << "Skipping privileges mapping because api-version "
@@ -83,10 +95,10 @@ bool TranslatePrivilegesForCompatibility(manifest_x* m) {
     g_list_free_full(converted_web_privileges, &ci::FreePrivilegeX);
   };
   if (!MapPrivileges(native_privileges, &mapped_native_privileges, false,
-                     m->api_version))
+                     GetAPIVersion(m, false).c_str()))
     return false;
   if (!MapPrivileges(web_privileges, &mapped_web_privileges, true,
-                     m->api_version))
+                     GetAPIVersion(m, true).c_str()))
     return false;
 
   converted_native_privileges =