notification
capi-system-system-settings
cynara-creds-gdbus
+ cynara-client
+ cynara-session
clips
context-common
device-context-provider
%endif
BuildRequires: pkgconfig(cynara-creds-gdbus)
+BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-session)
BuildRequires: pkgconfig(clips)
BuildRequires: pkgconfig(context-common)
*/
#include <cynara-creds-gdbus.h>
+#include <cynara-session.h>
#include <app_manager.h>
#include <types_internal.h>
#include "peer_creds.h"
-ctx::credentials::credentials(char *_app_id, char *_client) :
+ctx::credentials::credentials(char *_app_id, char *_client, char *_session, char *_user) :
app_id(_app_id),
- client(_client)
+ client(_client),
+ session(_session),
+ user(_user)
{
}
{
g_free(app_id);
g_free(client);
+ g_free(session);
+ g_free(user);
}
bool ctx::peer_creds::get(GDBusConnection *connection, const char *unique_name, ctx::credentials **creds)
pid_t pid = 0;
char *app_id = NULL;
gchar *client = NULL;
+ char *session = NULL;
+ gchar *user = NULL;
int err;
err = cynara_creds_gdbus_get_pid(connection, unique_name, &pid);
IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, false, _E, "Peer credentialing failed");
+ app_manager_get_app_id(pid, &app_id);
+ _D("AppId: %s", app_id);
+
err = cynara_creds_gdbus_get_client(connection, unique_name, CLIENT_METHOD_DEFAULT, &client);
IF_FAIL_CATCH_TAG(err == CYNARA_API_SUCCESS, _E, "Peer credentialing failed");
- /* TODO: session & user */
+ session = cynara_session_from_pid(pid);
+ IF_FAIL_CATCH_TAG(session, _E, "Peer credentialing failed");
- app_manager_get_app_id(pid, &app_id);
- _D("AppId: %s", app_id);
+ err = cynara_creds_gdbus_get_user(connection, unique_name, USER_METHOD_DEFAULT, &user);
+ IF_FAIL_CATCH_TAG(err == CYNARA_API_SUCCESS, _E, "Peer credentialing failed");
- *creds = new(std::nothrow) credentials(app_id, client);
+ *creds = new(std::nothrow) credentials(app_id, client, session, user);
IF_FAIL_CATCH_TAG(*creds, _E, "Memory allocation failed");
return true;
CATCH:
g_free(app_id);
g_free(client);
+ g_free(session);
+ g_free(user);
return false;
}
class credentials {
public:
char *app_id;
- char *client; /* smack label */
- credentials(char *_app_id, char *_client);
+ char *client; /* default: smack label */
+ char *session;
+ char *user; /* default: UID */
+ credentials(char *_app_id, char *_client, char *_session, char *_user);
~credentials();
};
*/
#include <string>
+#include <cynara-client.h>
#include <types_internal.h>
#include "peer_creds.h"
#include "privilege.h"
+class permission_checker {
+private:
+ cynara *__cynara;
+
+ permission_checker()
+ {
+ if (cynara_initialize(&__cynara, NULL) != CYNARA_API_SUCCESS) {
+ _E("Cynara initialization failed");
+ __cynara = NULL;
+ return;
+ }
+ _I("Cynara initialized");
+ }
+
+ ~permission_checker()
+ {
+ if (__cynara)
+ cynara_finish(__cynara);
+
+ _I("Cynara deinitialized");
+ }
+
+public:
+ static permission_checker& get_instance()
+ {
+ static permission_checker instance;
+ return instance;
+ }
+
+ bool has_permission(const ctx::credentials *creds, const char *privilege)
+ {
+ IF_FAIL_RETURN_TAG(__cynara, false, _E, "Cynara not initialized");
+ int ret = cynara_check(__cynara, creds->client, creds->session, creds->user, privilege);
+ return (ret == CYNARA_API_ACCESS_ALLOWED);
+ }
+};
+
bool ctx::privilege_manager::is_allowed(const ctx::credentials *creds, const char *privilege)
{
- /* TODO: need to be implemented using Cynara */
-#if 0
- IF_FAIL_RETURN(privilege, true);
+ IF_FAIL_RETURN(creds && privilege, true);
- std::string priv = "privilege::tizen::";
+ std::string priv = "http://tizen.org/privilege/";
priv += privilege;
- int ret = smack_have_access(client, priv.c_str(), "rw");
- _SD("Client: %s, Priv: %s, Enabled: %d", client, privilege, ret);
-
- return (ret == 1);
-#endif
- return true;
+ return permission_checker::get_instance().has_permission(creds, priv.c_str());
}