*
* @exception PrivilegeDb::Exception::InternalError on internal error
* @exception PrivilegeDb::Exception::ConstraintError on constraint violation
+ * @return true if data were found in the database
*/
- void GetAppAndLicenseForAppDefinedPrivilege(uid_t uid, const std::string &privilege,
- std::string &appName, std::string &license);
+ bool GetAppAndLicenseForAppDefinedPrivilege(uid_t uid,
+ const std::string &privilege,
+ std::string &appName,
+ std::string &license);
/**
* Retrieve license of client application
*
* @exception PrivilegeDb::Exception::InternalError on internal error
* @exception PrivilegeDb::Exception::ConstraintError on constraint violation
+ * @return true if data were found in the database
*/
- void GetLicenseForClientPrivilege(const std::string &appName, uid_t uid, const std::string &privilege,
+ bool GetLicenseForClientPrivilege(const std::string &appName,
+ uid_t uid,
+ const std::string &privilege,
std::string &license);
/**
});
}
-void PrivilegeDb::GetAppAndLicenseForAppDefinedPrivilege(uid_t uid, const std::string &privilege,
- std::string &appName, std::string &license)
+bool PrivilegeDb::GetAppAndLicenseForAppDefinedPrivilege(
+ uid_t uid,
+ const std::string &privilege,
+ std::string &appName,
+ std::string &license)
{
- try_catch<void>([&] {
+ return try_catch<bool>([&] {
appName.clear();
license.clear();
if (command->Step()) {
appName = command->GetColumnString(0);
license = command->GetColumnString(1);
+ LogDebug("Privilege: " << privilege << " defined by " << appName);
+ return true;
}
- if (!appName.empty())
- LogDebug("Privilege: " << privilege << " defined by " << appName);
- else
- LogDebug("Privilege: " << privilege << " not exist");
+ LogDebug("Privilege: " << privilege << " not exist");
+ return false;
});
}
-void PrivilegeDb::GetLicenseForClientPrivilege(const std::string &appName, uid_t uid,
- const std::string &privilege, std::string &license)
+bool PrivilegeDb::GetLicenseForClientPrivilege(
+ const std::string &appName,
+ uid_t uid,
+ const std::string &privilege,
+ std::string &license)
{
- try_catch<void>([&] {
+ return try_catch<bool>([&] {
license.clear();
auto command = getStatement(StmtType::EGetLicenseForClientPrivilege);
command->BindInteger(2, uid);
command->BindString(3, privilege);
- if (command->Step())
+ if (command->Step()) {
license = command->GetColumnString(0);
+ LogDebug("License found for app: " << appName << " privilege: " <<
+ privilege << " uid: " << uid << " License: " << license);
+ return true;
+ }
- if (license.empty())
- LogDebug("License not found for app: " << appName << " privilege: " << privilege << " uid: " << uid);
- else
- LogDebug("License found for app: " << appName << " privilege: " << privilege << " uid: " << uid << " License: " << license);
+ LogDebug("License not found for app: " << appName << " privilege: " <<
+ privilege << " uid: " << uid);
+ return false;
});
}
{
std::string appNameString, pkgNameString, licenseString;
try {
- m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(uid, privilege, appNameString, licenseString);
-
- // check if privilege is provided by globally installed application
- if (appNameString.empty())
- m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(getGlobalUserId(), privilege, appNameString, licenseString);
+ // Get appName and License
+ if (!m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(uid, privilege, appNameString, licenseString) &&
+ !m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(getGlobalUserId(), privilege, appNameString, licenseString))
+ {
+ LogDebug("Privilege " << privilege << " not found in database");
+ return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT;
+ }
+ // Convert appName to pkgName
m_privilegeDb.GetAppPkgName(appNameString, pkgNameString);
+
if (appNameString.empty() || pkgNameString.empty()) {
- LogWarning("Privilege " << privilege << " not found in database");
+ LogWarning("Could not translate appName to pkgName. appName: " << appName);
return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT;
- } else {
- LogDebug("Privilege: " << privilege << " provided by app: " << appNameString << ", pkg: " << pkgNameString);
}
+
+ LogDebug("Privilege: " << privilege << " provided by app: " << appNameString << " pkg: " << pkgNameString);
} catch (const PrivilegeDb::Exception::Base &e) {
LogError("Error while getting appName or pkgName from database: " << e.DumpToString());
return SECURITY_MANAGER_ERROR_SERVER_ERROR;
{
std::string appNameString, licenseString;
try {
- m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(uid, privilege, appNameString, licenseString);
-
- // check if privilege is provided by globally installed application
- if (appNameString.empty())
- m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(getGlobalUserId(), privilege, appNameString, licenseString);
+ if (!m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(uid, privilege, appNameString, licenseString) &&
+ !m_privilegeDb.GetAppAndLicenseForAppDefinedPrivilege(getGlobalUserId(), privilege, appNameString, licenseString))
+ {
+ LogDebug("Privilege " << privilege << " is not found in database");
+ return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT;
+ }
- if (licenseString.empty())
+ if (licenseString.empty()) {
+ LogWarning("Empty license was found in database for privlege: " << privilege);
return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT;
+ }
} catch (const PrivilegeDb::Exception::Base &e) {
LogError("Error while getting license from database: " << e.DumpToString());
return SECURITY_MANAGER_ERROR_SERVER_ERROR;
try {
uid_t requestUid = m_privilegeDb.IsUserAppInstalled(appName, uid) ? uid : getGlobalUserId();
- m_privilegeDb.GetLicenseForClientPrivilege(appName, requestUid, privilege, licenseString);
-
- if (licenseString.empty())
+ if (!m_privilegeDb.GetLicenseForClientPrivilege(appName, requestUid, privilege, licenseString)) {
return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT;
+ }
} catch (const PrivilegeDb::Exception::Base &e) {
LogError("Error while getting license for app: " << e.DumpToString());
return SECURITY_MANAGER_ERROR_SERVER_ERROR;
const AppDefinedPrivilegesVector &expected);
void checkClientLicense(const std::string &app, uid_t uid,
const std::vector<std::string> &privileges,
- const std::vector<std::string> &expected);
+ const std::vector<std::pair<bool,std::string>> &expected);
};
void AppDefinedPrivilegeFixture::checkAppDefinedPrivileges(const std::string &app, uid_t uid,
void AppDefinedPrivilegeFixture::checkClientLicense(const std::string &app, uid_t uid,
const std::vector<std::string> &privileges,
- const std::vector<std::string> &expected)
+ const std::vector<std::pair<bool,std::string>> &expected)
{
BOOST_REQUIRE_MESSAGE(privileges.size() == expected.size(), "Vector sizes differ");
for (unsigned int i = 0; i < privileges.size(); ++i) {
std::string license;
- testPrivDb->GetLicenseForClientPrivilege(app, uid, privileges[i], license);
- BOOST_REQUIRE(license == expected[i]);
+ BOOST_REQUIRE(expected[i].first == testPrivDb->GetLicenseForClientPrivilege(app, uid, privileges[i], license));
+ BOOST_REQUIRE(license == expected[i].second);
}
}
"/opt/data/client_appB/res/second_app_client_license"));
// non-existing application
- checkClientLicense(app(1), uid(1), {privilegesA[0].first}, {""});
+ checkClientLicense(app(1), uid(1), {privilegesA[0].first}, {{false,""}});
// add application
addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid);
// privileges/licenses not used
- checkClientLicense(app(1), uid(1), {privilegesA[0].first}, {""});
+ checkClientLicense(app(1), uid(1), {privilegesA[0].first}, {{false,""}});
// add privilege/license to non-existing application
BOOST_REQUIRE_THROW(testPrivDb->AddClientPrivilege(app(2), uid(1), privilegesA[0].first, privilegesA[0].second),
// check existing privilege license
checkClientLicense(app(1), uid(1), {privilegesA[0].first, privilegesA[1].first},
- {privilegesA[0].second, privilegesA[1].second});
+ {{true, privilegesA[0].second}, {true, privilegesA[1].second}});
// add second application
addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), Hybrid);
// privileges/licenses not used
- checkClientLicense(app(2), uid(2), {privilegesA[0].first}, {""});
+ checkClientLicense(app(2), uid(2), {privilegesA[0].first}, {{false,""}});
// second application use first privilege/license
BOOST_REQUIRE_NO_THROW(testPrivDb->AddClientPrivilege(app(2), uid(2), privilegesB[0].first, privilegesB[0].second));
// check existing privilege/license
checkClientLicense(app(2), uid(2), {privilegesB[0].first, privilegesB[1].first},
- {privilegesB[0].second, privilegesB[1].second});
+ {{true, privilegesB[0].second}, {true, privilegesB[1].second}});
// remove first application privileges/licenses
BOOST_REQUIRE_NO_THROW(testPrivDb->RemoveClientPrivileges(app(1), uid(1)));
checkClientLicense(app(1), uid(1), {privilegesA[0].first, privilegesA[1].first},
- {"", ""});
+ {{false, ""},{false, ""}});
// install second application for different user and add privileges
addAppSuccess(app(2), pkg(2), uid(3), tizenVer(1), author(2), Hybrid);
BOOST_REQUIRE_NO_THROW(testPrivDb->AddClientPrivilege(app(2), uid(3), privilegesB[0].first, privilegesB[0].second));
BOOST_REQUIRE_NO_THROW(testPrivDb->AddClientPrivilege(app(2), uid(3), privilegesB[1].first, privilegesB[1].second));
checkClientLicense(app(2), uid(3), {privilegesB[0].first, privilegesB[1].first},
- {privilegesB[0].second, privilegesB[1].second});
+ {{true,privilegesB[0].second},{true, privilegesB[1].second}});
// uninstall second application and check privileges/licenses
removeAppSuccess(app(2), uid(2));
checkClientLicense(app(2), uid(2), {privilegesB[0].first, privilegesB[1].first},
- {"", ""});
+ {{false,""},{false, ""}});
removeAppSuccess(app(2), uid(3));
checkClientLicense(app(2), uid(3), {privilegesB[0].first, privilegesB[1].first},
- {"", ""});
+ {{false,""},{false, ""}});
}
BOOST_AUTO_TEST_SUITE_END()
projects / platform / core / security / security-manager.git / commitdiff