Removed Cynara based privilege checking

Change-Id: I8c4eb96d22d3c91b9e8c9a6073379d708be83bd8
Signed-off-by: Manasij Sur Roy <manasij.r@samsung.com>

diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec
index 2100dafa4bb4540971cde4ff2cede38e01d673bc..1b5bb742565aa68431334fbb9bac15fb21d50c19 100644 (file)
--- a/packaging/fido-client.spec
+++ b/packaging/fido-client.spec
@@ -26,9 +26,6 @@ BuildRequires:  pkgconfig(gio-unix-2.0)
 
 %if "%{?tizen_version}" == "3.0"
 BuildRequires:  pkgconfig(libtzplatform-config)
-BuildRequires:  pkgconfig(cynara-client)
-BuildRequires:  pkgconfig(cynara-session)
-BuildRequires:  pkgconfig(cynara-creds-gdbus)
 %endif
 
 BuildRequires:  pkgconfig(pkgmgr-info)

diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt
index 4f784394730b8689f082a0ab839f993d7320afad..7dd8eda4e3a6f533e7197777b601fbce18edd4bf 100755 (executable)
--- a/server/CMakeLists.txt
+++ b/server/CMakeLists.txt
@@ -17,9 +17,6 @@ pkg_check_modules(SERVER_pkgs REQUIRED
                capi-appfw-package-manager
                openssl
                bundle
-               cynara-client
-               cynara-session
-               cynara-creds-gdbus
                libtzplatform-config
 )
 else()

diff --git a/server/fido_privilege_checker.c b/server/fido_privilege_checker.c
index d6e88d2294940204cd9cd3a30434c5bcaacb78e5..352effff6a81253d3a47a44950f7f360f8eeab6b 100644 (file)
--- a/server/fido_privilege_checker.c
+++ b/server/fido_privilege_checker.c
@@ -18,181 +18,8 @@
 #include "fido_privilege_checker.h"
 #include "fido_logs.h"
 
-#ifdef WITH_JSON_BUILDER
-#include <cynara-client.h>
-#include <cynara-session.h>
-#include <cynara-creds-gdbus.h>
-static cynara *__cynara = NULL;
-#endif
-
-#define _DISABLE_PRIV_CHECK
-
-#ifdef WITH_JSON_BUILDER
-
-static guint
-_get_client_pid(GDBusMethodInvocation* invoc)
-{
-       const char *name = NULL;
-       name = g_dbus_method_invocation_get_sender(invoc);
-       if (name == NULL) {
-               _ERR("g_dbus_method_invocation_get_sender failed");
-               return -1;
-       }
-       _INFO("sender=[%s]", name);
-
-
-       guint pid = -1;
-       GError *error = NULL;
-       GVariant *_ret;
-
-       _INFO("calling GetConnectionUnixProcessID");
-
-       GDBusConnection* conn = g_dbus_method_invocation_get_connection(invoc);
-       _ret = g_dbus_connection_call_sync(conn,
-                       "org.freedesktop.DBus",
-                       "/org/freedesktop/DBus",
-                       "org.freedesktop.DBus",
-                       "GetConnectionUnixProcessID",
-                       g_variant_new("(s)", name),
-                       NULL,
-                       G_DBUS_CALL_FLAGS_NONE,
-                       -1,
-                       NULL,
-                       &error);
-
-       if (_ret != NULL) {
-               g_variant_get(_ret, "(u)", &pid);
-               g_variant_unref(_ret);
-       }
-
-       _INFO("process Id = [%u]", pid);
-       return pid;
-}
-
-static int
-__check_privilege_by_cynara(const char *client, const char *session, const char *user, const char *privilege)
-{
-#ifdef WITH_JSON_BUILDER
-       int ret;
-       char err_buf[128] = {0,};
-
-       ret = cynara_check(__cynara, client, session, user, privilege);
-       switch (ret) {
-       case CYNARA_API_ACCESS_ALLOWED:
-               _DBG("cynara_check success");
-               return FIDO_ERROR_NONE;
-
-       case CYNARA_API_ACCESS_DENIED:
-               _ERR("cynara_check permission deined, privilege=%s, error = CYNARA_API_ACCESS_DENIED", privilege);
-               return FIDO_ERROR_PERMISSION_DENIED;
-
-       default:
-               cynara_strerror(ret, err_buf, sizeof(err_buf));
-               _ERR("cynara_check error : %s, privilege=%s, ret = %d", err_buf, privilege, ret);
-               return FIDO_ERROR_PERMISSION_DENIED;
-       }
-
-       return FIDO_ERROR_NONE;
-#endif
-
-       return FIDO_ERROR_NONE;
-}
-
-static int
-__get_information_for_cynara_check(GDBusMethodInvocation *invocation, char **client, char **user, char **session)
-{
-#ifdef WITH_JSON_BUILDER
-       GDBusConnection *gdbus_conn = NULL;
-       char* sender = NULL;
-       int ret = -1;
-
-       gdbus_conn = g_dbus_method_invocation_get_connection(invocation);
-       if (gdbus_conn == NULL) {
-               _ERR("g_dbus_method_invocation_get_connection failed");
-               return -1;
-       }
-
-       sender = (char*) g_dbus_method_invocation_get_sender(invocation);
-       if (sender == NULL) {
-               _ERR("g_dbus_method_invocation_get_sender failed");
-               return -1;
-       }
-
-       ret = cynara_creds_gdbus_get_user(gdbus_conn, sender, USER_METHOD_DEFAULT, user);
-       if (ret != CYNARA_API_SUCCESS) {
-               _ERR("cynara_creds_gdbus_get_user failed, ret = %d", ret);
-               return -1;
-       }
-
-       ret = cynara_creds_gdbus_get_client(gdbus_conn, sender, CLIENT_METHOD_DEFAULT, client);
-       if (ret != CYNARA_API_SUCCESS) {
-               _ERR("cynara_creds_gdbus_get_client failed, ret = %d", ret);
-               return -1;
-       }
-
-       guint pid = _get_client_pid(invocation);
-       _INFO("client Id = [%u]", pid);
-
-       *session = cynara_session_from_pid(pid);
-       if (*session == NULL) {
-               _ERR("cynara_session_from_pid failed");
-               return -1;
-       }
-       return FIDO_ERROR_NONE;
-       #endif
-
-       return FIDO_ERROR_NONE;
-}
-#endif
-
 bool
 is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege)
 {
-#ifdef WITH_JSON_BUILDER
-
-       int ret = -1;
-
-       if (__cynara == NULL) {
-               ret = cynara_initialize(&__cynara, NULL);
-               if (ret != CYNARA_API_SUCCESS) {
-                       _ERR("CYNARA Initialization fail");
-                       return false;
-               }
-       }
-
-       char *client = NULL;
-       char *session = NULL;
-       char *user = NULL;
-
-       ret = __get_information_for_cynara_check(invocation, &client, &user, &session);
-       if (ret != FIDO_ERROR_NONE) {
-               _ERR("__get_information_for_cynara_check failed");
-               g_free(client);
-               g_free(user);
-               SAFE_DELETE(session);
-
-               return false;
-       }
-
-       ret = __check_privilege_by_cynara(client, session, user, privilege);
-
-       /*TODO enable after smack is defined*/
-#ifndef _DISABLE_PRIV_CHECK
-       if (ret != FIDO_ERROR_NONE) {
-               _ERR("__check_privilege_by_cynara failed, ret = %d", ret);
-               g_free(client);
-               g_free(user);
-               SAFE_DELETE(session);
-
-               return false;
-       }
-#endif
-       g_free(client);
-       g_free(user);
-       SAFE_DELETE(session);
-
-       return true;
-       #endif
-
        return true;
 }