.svc_ctx = NULL, /*!< \WARN: This is only used for MAIN THREAD */
};
-#define ENABLE_BS_ACCESS_CONTROL 0
+#define ENABLE_BS_ACCESS_CONTROL 1
struct context {
struct tcb *tcb;
}
}
+static void _handler_access_control_error(struct tcb *tcb, struct packet *packet)
+{
+ int ret_p = 0;
+ struct packet *packet_reply = NULL;
+
+ packet_reply = packet_create_reply(packet, "i", BADGE_ERROR_PERMISSION_DENIED);
+ if (packet_reply) {
+ if ((ret_p = service_common_unicast_packet(tcb, packet_reply)) < 0) {
+ ErrPrint("Failed to send a reply packet:%d", ret_p);
+ }
+ packet_destroy(packet_reply);
+ } else {
+ ErrPrint("Failed to create a reply packet");
+ }
+}
+
static int _is_valid_permission(int fd, struct badge_service *service)
{
int ret;
#if ENABLE_BS_ACCESS_CONTROL
if (_is_valid_permission(tcb_fd(tcb), &(service_req_table[i])) == 1) {
service_req_table[i].handler(tcb, packet, data);
+ } else {
+ _handler_access_control_error(tcb, packet);
}
#else
_is_valid_permission(tcb_fd(tcb), &(service_req_table[i]));
#ifndef NOTIFICATION_DEL_PACKET_UNIT
#define NOTIFICATION_DEL_PACKET_UNIT 10
#endif
-#define ENABLE_NS_ACCESS_CONTROL 0
+#define ENABLE_NS_ACCESS_CONTROL 1
static struct info {
Eina_List *context_list;
void (*handler)(struct tcb *tcb, struct packet *packet, void *data);
const char *rule;
const char *access;
+ void (*handler_access_error)(struct tcb *tcb, struct packet *packet);
};
/*!
}
}
+static void _handler_access_control_error_common(struct tcb *tcb, struct packet *packet)
+{
+ int ret_p = 0;
+ struct packet *packet_reply = NULL;
+
+ packet_reply = packet_create_reply(packet, "ii", NOTIFICATION_ERROR_PERMISSION_DENIED, 0);
+ if (packet_reply) {
+ if ((ret_p = service_common_unicast_packet(tcb, packet_reply)) < 0) {
+ ErrPrint("Failed to send a reply packet:%d", ret_p);
+ }
+ packet_destroy(packet_reply);
+ } else {
+ ErrPrint("Failed to create a reply packet");
+ }
+}
+
+static void _handler_access_control_error_refresh(struct tcb *tcb, struct packet *packet)
+{
+ int ret_p = 0;
+ struct packet *packet_reply = NULL;
+
+ packet_reply = packet_create_reply(packet, "i", NOTIFICATION_ERROR_PERMISSION_DENIED);
+ if (packet_reply) {
+ if ((ret_p = service_common_unicast_packet(tcb, packet_reply)) < 0) {
+ ErrPrint("Failed to send a reply packet:%d", ret_p);
+ }
+ packet_destroy(packet_reply);
+ } else {
+ ErrPrint("Failed to create a reply packet");
+ }
+}
+
static int _is_valid_permission(int fd, struct noti_service *service)
{
int ret;
.handler = _handler_insert,
.rule = "data-provider-master::notification.client",
.access = "w",
+ .handler_access_error = _handler_access_control_error_common,
},
{
.cmd = "update_noti",
.handler = _handler_update,
.rule = "data-provider-master::notification.client",
.access = "w",
+ .handler_access_error = _handler_access_control_error_common,
},
{
.cmd = "refresh_noti",
.handler = _handler_refresh,
.rule = "data-provider-master::notification.client",
.access = "w",
+ .handler_access_error = _handler_access_control_error_refresh,
},
{
.cmd = "del_noti_single",
.handler = _handler_delete_single,
.rule = "data-provider-master::notification.client",
.access = "w",
+ .handler_access_error = _handler_access_control_error_common,
},
{
.cmd = "del_noti_multiple",
.handler = _handler_delete_multiple,
.rule = "data-provider-master::notification.client",
.access = "w",
+ .handler_access_error = _handler_access_control_error_common,
},
{
.cmd = "service_register",
.handler = _handler_service_register,
.rule = NULL,
.access = NULL,
+ .handler_access_error = NULL,
},
{
.cmd = NULL,
.handler = NULL,
.rule = NULL,
.access = NULL,
+ .handler_access_error = NULL,
},
};
#if ENABLE_NS_ACCESS_CONTROL
if (_is_valid_permission(tcb_fd(tcb), &(service_req_table[i])) == 1) {
service_req_table[i].handler(tcb, packet, data);
+ } else {
+ if (service_req_table[i].handler_access_error != NULL) {
+ service_req_table[i].handler_access_error(tcb, packet);
+ }
}
#else
_is_valid_permission(tcb_fd(tcb), &(service_req_table[i]));