Refactoring - remove ISpecification from the solution.
This commit depend on:
- https://review.tizen.org/gerrit/#/c/53072/
- https://review.tizen.org/gerrit/#/c/50502/
changes should be submitted together.
Fix code review from:
- https://review.tizen.org/gerrit/#/c/50502/
Fix issue from:
- https://review.tizen.org/gerrit/#/c/53835/
Change-Id: I8ca81da641e724822c96b6606343a619673b63a2
step/step_backup_manifest.cc
step/step_unzip.cc
step/step_create_icons.cc
+ step/step_check_background_category.cc
step/step_check_old_certificate.cc
step/step_check_signature.cc
step/step_configure.cc
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include "common/step/step_check_background_category.h"
+
+#include <algorithm>
+
+#include "common/installer_context.h"
+#include "common/utils/glist_range.h"
+
+namespace {
+namespace ci = common_installer;
+
+const utils::VersionNumber ver24("2.4");
+} // namespace
+
+namespace common_installer {
+namespace security {
+
+StepCheckBackgroundCategory::StepCheckBackgroundCategory(
+ ci::InstallerContext* context) : Step(context),
+ known_background_categories_ {
+ "media", "download", "background-network",
+ "location", "sensor", "iot-communication" },
+ not_unknown_background_categories_ {
+ "media", "download", "background-network", "location",
+ "sensor", "iot-communication", "system" } {
+}
+
+GList* StepCheckBackgroundCategory::CopyValuesToBackgroundCategory(
+ const BackgroundCatSet& values, GList* backgroundCategories) const {
+ for (const auto& background_category : values) {
+ backgroundCategories = g_list_append(
+ backgroundCategories, strdup(background_category.c_str()));
+ }
+
+ return backgroundCategories;
+}
+
+bool StepCheckBackgroundCategory::IsTrustedCert(
+ ci::PrivilegeLevel privilege) const {
+ return privilege == ci::PrivilegeLevel::PARTNER ||
+ privilege == ci::PrivilegeLevel::PLATFORM;
+}
+
+bool StepCheckBackgroundCategory::ShouldSendFail(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ return (privilege == ci::PrivilegeLevel::PUBLIC &&
+ background_categories.find("system") != background_categories.end()) ||
+ (privilege == ci::PrivilegeLevel::UNTRUSTED &&
+ !background_categories.empty());
+}
+
+bool StepCheckBackgroundCategory::ShouldSendAll(
+ const utils::VersionNumber& version,
+ bool background_support,
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ return version < ver24 && background_support &&
+ ((privilege == ci::PrivilegeLevel::PUBLIC &&
+ background_categories.find("system") ==
+ background_categories.end()) || IsTrustedCert(privilege));
+}
+
+bool StepCheckBackgroundCategory::ShouldSendSystem(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ return IsTrustedCert(privilege) &&
+ background_categories.find("system") != background_categories.end();
+}
+
+bool StepCheckBackgroundCategory::ShouldSendKnown(
+ const utils::VersionNumber& version,
+ bool background_support,
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ BackgroundCatSet intersect;
+ std::set_intersection(known_background_categories_.begin(),
+ known_background_categories_.end(),
+ background_categories.begin(), background_categories.end(),
+ std::inserter(intersect, intersect.begin()));
+
+ return !(ShouldSendFail(privilege, background_categories) ||
+ ShouldSendAll(
+ version, background_support, privilege, background_categories)) &&
+ !background_categories.empty() && !intersect.empty();
+}
+
+bool StepCheckBackgroundCategory::ShouldSendUnknown(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ BackgroundCatSet diff;
+ std::set_difference(background_categories.begin(),
+ background_categories.end(),
+ not_unknown_background_categories_.begin(),
+ not_unknown_background_categories_.end(),
+ std::inserter(diff, diff.begin()));
+
+ return !(ShouldSendFail(privilege, background_categories) ||
+ background_categories.empty() || diff.empty());
+}
+
+void StepCheckBackgroundCategory::GetBackgroundCategories(
+ const application_x& app,
+ BackgroundCatSet* background_categories) const {
+ for (const char* background_category : GListRange<char*>(
+ app.background_category)) {
+ background_categories->insert(background_category);
+ }
+}
+
+ci::Step::Status StepCheckBackgroundCategory::DoSendFail(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const {
+ if (ShouldSendFail(privilege, background_categories)) {
+ LOG(ERROR) << "Installation fail caused by background-category";
+ return Status::ERROR;
+ }
+
+ return Status::OK;
+}
+
+void StepCheckBackgroundCategory::DoSendAll(
+ const utils::VersionNumber& version,
+ bool background_support,
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const {
+ if (ShouldSendAll(version, background_support, privilege,
+ background_categories)) {
+ app->background_category = CopyValuesToBackgroundCategory(
+ known_background_categories_, app->background_category);
+ }
+}
+
+void StepCheckBackgroundCategory::DoSendSystem(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const {
+ if (ShouldSendSystem(privilege, background_categories)) {
+ app->background_category = g_list_append(
+ app->background_category, strdup("system"));
+ }
+}
+
+void StepCheckBackgroundCategory::DoSendKnown(
+ const utils::VersionNumber& version,
+ bool background_support,
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const {
+ if (ShouldSendKnown(version, background_support, privilege,
+ background_categories)) {
+ BackgroundCatSet to_insert;
+
+ // Get all known parsed values this is to handle case when more than one
+ // background-category element is declared and values are mixed
+ std::set_intersection(
+ known_background_categories_.begin(),
+ known_background_categories_.end(),
+ background_categories.begin(), background_categories.end(),
+ std::inserter(to_insert, to_insert.begin()));
+
+ app->background_category = CopyValuesToBackgroundCategory(
+ to_insert, app->background_category);
+ }
+}
+
+void StepCheckBackgroundCategory::DoSendUnknown(
+ ci::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const {
+ if (ShouldSendUnknown(privilege, background_categories)) {
+ BackgroundCatSet to_insert;
+
+ // Get all unknown parsed values this is to handle case when more than one
+ // background-category element is declared and values are mixed
+ std::set_difference(
+ background_categories.begin(), background_categories.end(),
+ not_unknown_background_categories_.begin(),
+ not_unknown_background_categories_.end(),
+ std::inserter(to_insert, to_insert.end()));
+
+ app->background_category = CopyValuesToBackgroundCategory(
+ to_insert, app->background_category);
+ }
+}
+
+void StepCheckBackgroundCategory::RemoveContextBackgroundCategories(
+ application_x* app) const {
+ g_list_free_full(app->background_category, g_free);
+ app->background_category = nullptr;
+}
+
+ci::Step::Status StepCheckBackgroundCategory::process() {
+ std::string str_ver(context_->manifest_data.get()->api_version);
+ ci::PrivilegeLevel privilege_level = context_->privilege_level.get();
+ bool background_supt = GetBackgroundSupport();
+ utils::VersionNumber version(str_ver);
+
+ for (application_x* app :
+ GListRange<application_x*>(context_->manifest_data.get()->application)) {
+ BackgroundCatSet background_cat;
+
+ GetBackgroundCategories(*app, &background_cat);
+ RemoveContextBackgroundCategories(app);
+
+ if (DoSendFail(privilege_level, background_cat) == ci::Step::Status::ERROR)
+ return ci::Step::Status::ERROR;
+ DoSendAll(version, background_supt, privilege_level, background_cat, app);
+ DoSendSystem(privilege_level, background_cat, app);
+ DoSendKnown(version, background_supt, privilege_level, background_cat, app);
+ DoSendUnknown(privilege_level, background_cat, app);
+ }
+
+ return Status::OK;
+}
+
+} // namespace security
+} // namespace common_installer
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef COMMON_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
+#define COMMON_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
+
+#include <manifest_parser/utils/version_number.h>
+
+#include <glib.h>
+#include <set>
+#include <string>
+
+#include "common/step/step.h"
+#include "common/utils/logging.h"
+
+namespace common_installer {
+namespace security {
+
+typedef std::set<std::string> BackgroundCatSet;
+
+/**
+ * \brief This step check background category value and modify it depending on
+ * required version, cert level, background support, and value itself
+ */
+class StepCheckBackgroundCategory : public common_installer::Step {
+ public:
+ using Step::Step;
+
+ explicit StepCheckBackgroundCategory(
+ common_installer::InstallerContext* context);
+
+ /**
+ * \brief Check background category values
+ *
+ * \return Status::ERROR when "system" detected,
+ * Status::OK otherwise
+ */
+ Status process() override;
+
+ Status clean() override { return Status::OK; }
+ Status undo() override { return Status::OK; }
+ Status precheck() override { return Status::OK; }
+
+ protected:
+ virtual bool GetBackgroundSupport() = 0;
+
+ private:
+ GList* CopyValuesToBackgroundCategory(
+ const BackgroundCatSet& values, GList* backgroundCategories) const;
+ bool IsTrustedCert(common_installer::PrivilegeLevel privilege) const;
+ bool ShouldSendFail(common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+ bool ShouldSendAll(const utils::VersionNumber& version,
+ bool background_support,
+ common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+ bool ShouldSendSystem(common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+ bool ShouldSendKnown(const utils::VersionNumber& version,
+ bool background_support,
+ common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+ bool ShouldSendUnknown(common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+
+ common_installer::Step::Status DoSendFail(
+ common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories) const;
+ void DoSendAll(const utils::VersionNumber& version,
+ bool background_support,
+ common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const;
+ void DoSendSystem(common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const;
+ void DoSendKnown(const utils::VersionNumber& version,
+ bool background_support,
+ common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const;
+ void DoSendUnknown(common_installer::PrivilegeLevel privilege,
+ const BackgroundCatSet& background_categories,
+ application_x* app) const;
+
+ void GetBackgroundCategories(
+ const application_x& app,
+ BackgroundCatSet* background_categories) const;
+ void RemoveContextBackgroundCategories(application_x* app) const;
+
+ const BackgroundCatSet known_background_categories_;
+ const BackgroundCatSet not_unknown_background_categories_;
+
+ SCOPE_LOG_TAG(CheckBackgroundCategory)
+};
+
+} // namespace security
+} // namespace common_installer
+
+#endif // COMMON_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
+++ /dev/null
-// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-// Use of this source code is governed by a apache 2.0 license that can be
-// found in the LICENSE file.
-
-#ifndef COMMON_UTILS_SPECIFICATION_H_
-#define COMMON_UTILS_SPECIFICATION_H_
-
-#include <memory>
-
-namespace common_installer {
-
-template<typename T>
-class ISpecification;
-
-template<typename T>
-using ISpecPtr = std::shared_ptr<ISpecification<T>>;
-
-/**
- * \brief Interface that support chain and nested logical operations
- */
-template<typename T>
-class ISpecification {
- public:
- virtual ~ISpecification() {}
-
- /**
- * \brief Declaration of method that check if condition is meet
- * for candidate in order to utilize it's result in
- * logical operations AND, OR, and NOT
- *
- * \param candidate against with test will be performed
- *
- * \return true if condition is satisfied by candidate, false
- * otherwise
- */
- virtual bool IsSatisfiedBy(const T &candidate) = 0;
-
- /**
- * \brief Declaration of AND operation, condition has following form
- * this AND other
- *
- * \param other Specification object to allow nested conditions
- *
- * \return Specification object to allow method chaining. Is expected to
- * return AndSpecification implementation.
- */
- virtual ISpecPtr<T> And(ISpecPtr<T> other) = 0;
-
- /**
- * \brief Declaration of OR operation, condition has following form
- * this OR other
- *
- * \param other Specification object to allow nested conditions
- *
- * \return Specification object to allow method chaining. Is expected
- * to return OrSpecification implementation.
- */
- virtual ISpecPtr<T> Or(ISpecPtr<T> other) = 0;
-
- /**
- * \brief Declaration of Not operation, condition has following form
- * !this
- *
- * \return Specification object to allow method chaining. Is expected
- * to return NotSpecification implementation.
- */
- virtual ISpecPtr<T> Not() = 0;
-};
-
-/**
- * \brief Abstract class that implement basic logical operations
- * AND, OR, and NOT of ISpecification interface. It is expected to
- * derive from this class when new specification is needed. Deriving
- * class have to implement IsSatifiedBy method.
- */
-template<typename T>
-class CompositeSpecification : public ISpecification<T>,
- public std::enable_shared_from_this<CompositeSpecification<T> > {
- public:
- virtual ~CompositeSpecification() {}
-
- virtual bool IsSatisfiedBy(const T &candidate) = 0;
-
- /**
- * \brief Implementation of AND operation
- */
- ISpecPtr<T> And(ISpecPtr<T> other) override;
-
- /**
- * \brief Implementation of OR operation
- */
- ISpecPtr<T> Or(ISpecPtr<T> other) override;
-
- /**
- * \brief Implementation of NOT operation
- */
- ISpecPtr<T> Not() override;
-};
-
-/**
- * \brief Implementation of AND operation
- */
-template<typename T>
-class AndSpecification : public CompositeSpecification<T> {
- public:
- explicit AndSpecification(ISpecPtr<T> one, ISpecPtr<T> other);
- virtual ~AndSpecification() {}
-
- bool IsSatisfiedBy(const T &candidate) override;
-
- private:
- ISpecPtr<T> one_;
- ISpecPtr<T> other_;
-};
-
-/**
- * \brief Implementation of OR operation
- */
-template<typename T>
-class OrSpecification : public CompositeSpecification<T> {
- public:
- explicit OrSpecification(ISpecPtr<T> one, ISpecPtr<T> other);
- virtual ~OrSpecification() {}
-
- bool IsSatisfiedBy(const T &candidate) override;
-
- private:
- ISpecPtr<T> one_;
- ISpecPtr<T> other_;
-};
-
-/**
- * \brief Implementation of NOT operation
- */
-template<typename T>
-class NotSpecification : public CompositeSpecification<T> {
- public:
- explicit NotSpecification(ISpecPtr<T> one);
- virtual ~NotSpecification() {}
-
- bool IsSatisfiedBy(const T &candidate) override;
-
- private:
- ISpecPtr<T> wrap_;
-};
-
-template<typename T>
-ISpecPtr<T> CompositeSpecification<T>::And(ISpecPtr<T> other) {
- return std::make_shared<AndSpecification<T>>(this->shared_from_this(), other);
-}
-
-template<typename T>
-ISpecPtr<T> CompositeSpecification<T>::Or(ISpecPtr<T> other) {
- return std::make_shared<OrSpecification<T>>(this->shared_from_this(), other);
-}
-
-template<typename T>
-ISpecPtr<T> CompositeSpecification<T>::Not() {
- return std::make_shared<NotSpecification<T>>(this->shared_from_this());
-}
-
-template<typename T> AndSpecification<T>::AndSpecification(
- ISpecPtr<T> one, ISpecPtr<T> other) : one_(one), other_(other) { }
-
-template<typename T> bool AndSpecification<T>::IsSatisfiedBy(
- const T &candidate) {
- return one_->IsSatisfiedBy(candidate) && other_->IsSatisfiedBy(candidate);
-}
-
-template<typename T> OrSpecification<T>::OrSpecification(
- ISpecPtr<T> one, ISpecPtr<T> other) : one_(one), other_(other) { }
-
-template<typename T> bool OrSpecification<T>::IsSatisfiedBy(
- const T &candidate) {
- return one_->IsSatisfiedBy(candidate) || other_->IsSatisfiedBy(candidate);
-}
-
-template<typename T> NotSpecification<T>::NotSpecification(
- ISpecPtr<T> one) : wrap_(one) { }
-
-template<typename T> bool NotSpecification<T>::IsSatisfiedBy(
- const T &candidate) {
- return !wrap_->IsSatisfiedBy(candidate);
-}
-
-} // namespace common_installer
-
-#endif // COMMON_UTILS_SPECIFICATION_H_
SET(SRCS
+ step/step_check_tpk_background_category.cc
step/step_create_symbolic_link.cc
step/step_parse.cc
step/step_parse_recovery.cc
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include "common/installer_context.h"
+#include "step_check_tpk_background_category.h"
+
+namespace {
+namespace ci_sec = common_installer::security;
+} // namespace
+
+namespace tpk {
+namespace security {
+
+StepCheckTpkBackgroundCategory::StepCheckTpkBackgroundCategory(
+ common_installer::InstallerContext* context) :
+ ci_sec::StepCheckBackgroundCategory(context) {}
+
+bool StepCheckTpkBackgroundCategory::GetBackgroundSupport() {
+ return true;
+}
+
+} // namespace security
+} // namespace tpk
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef TPK_STEP_STEP_CHECK_TPK_BACKGROUND_CATEGORY_H_
+#define TPK_STEP_STEP_CHECK_TPK_BACKGROUND_CATEGORY_H_
+
+#include <manifest_parser/utils/version_number.h>
+
+#include "common/step/step_check_background_category.h"
+
+namespace tpk {
+namespace security {
+
+/**
+ * \brief This step check background category value and modify it depending on
+ * required version, cert level, background support, and value itself
+ */
+class StepCheckTpkBackgroundCategory :
+ public common_installer::security::StepCheckBackgroundCategory {
+ public:
+ explicit StepCheckTpkBackgroundCategory(
+ common_installer::InstallerContext* context);
+
+ protected:
+ bool GetBackgroundSupport() override;
+};
+
+} // namespace security
+} // namespace tpk
+
+#endif // TPK_STEP_STEP_CHECK_TPK_BACKGROUND_CATEGORY_H_
return false;
if (!FillMetadata(service_app, application.meta_data))
return false;
+ if (!FillBackgroundCategoryInfo(service_app,
+ application.background_category))
+ return false;
}
return true;
}
return false;
if (!FillMetadata(ui_app, application.meta_data))
return false;
+ if (!FillBackgroundCategoryInfo(ui_app, application.background_category))
+ return false;
}
return true;
}
return true;
}
+template <typename T>
+bool StepParse::FillBackgroundCategoryInfo(application_x* app,
+ const T& background_category_data_list) {
+ for (const auto& background_category : background_category_data_list) {
+ app->background_category = g_list_append(
+ app->background_category, strdup(background_category.value().c_str()));
+ }
+
+ return true;
+}
+
bool StepParse::FillManifestX(manifest_x* manifest) {
if (!FillPackageInfo(manifest))
return false;
const tpk::parse::ApplicationImagesInfo& label_list);
bool FillAccounts();
bool FillShortcuts();
+ template <typename T>
+ bool FillBackgroundCategoryInfo(application_x* app,
+ const T& background_category_data_list);
bool FillManifestX(manifest_x* manifest);
std::unique_ptr<tpk::parse::TPKConfigParser> parser_;
#include "common/step/step_update_security.h"
#include "common/step/step_update_tep.h"
#include "common/utils/logging.h"
+#include "tpk/step/step_check_tpk_background_category.h"
#include "tpk/step/step_create_symbolic_link.h"
#include "tpk/step/step_parse.h"
#include "tpk/step/step_parse_recovery.h"
AddStep<tpk::parse::StepParse>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
+ AddStep<tpk::security::StepCheckTpkBackgroundCategory>();
AddStep<ci::security::StepRollbackInstallationSecurity>();
AddStep<ci::filesystem::StepCopy>();
AddStep<ci::filesystem::StepCopyTep>();
AddStep<tpk::parse::StepParse>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
+ AddStep<tpk::security::StepCheckTpkBackgroundCategory>();
AddStep<ci::security::StepCheckOldCertificate>();
AddStep<ci::backup::StepOldManifest>();
AddStep<ci::pkgmgr::StepKillApps>();
AddStep<ci::filesystem::StepDeltaPatch>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
+ AddStep<tpk::security::StepCheckTpkBackgroundCategory>();
AddStep<ci::security::StepCheckOldCertificate>();
AddStep<ci::backup::StepOldManifest>();
AddStep<ci::pkgmgr::StepKillApps>();
AddStep<tpk::parse::StepParse>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
+ AddStep<tpk::security::StepCheckTpkBackgroundCategory>();
AddStep<ci::security::StepRollbackInstallationSecurity>();
AddStep<ci::security::StepRegisterSecurity>();
AddStep<ci::pkgmgr::StepRegisterApplication>();
AddStep<tpk::parse::StepParse>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
+ AddStep<tpk::security::StepCheckTpkBackgroundCategory>();
AddStep<ci::security::StepCheckOldCertificate>();
AddStep<ci::pkgmgr::StepKillApps>();
AddStep<ci::security::StepRollbackInstallationSecurity>();
SET(SRCS
rds_parser.cc
step/step_check_settings_level.cc
- step/step_check_background_category.cc
+ step/step_check_wgt_background_category.cc
step/step_create_symbolic_link.cc
step/step_encrypt_resources.cc
step/step_parse.cc
+++ /dev/null
-// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-// Use of this source code is governed by a apache 2.0 license that can be
-// found in the LICENSE file.
-
-#include "wgt/step/step_check_background_category.h"
-
-#include <manifest_handlers/setting_handler.h>
-
-#include <algorithm>
-#include <memory>
-#include <string>
-#include <vector>
-
-#include "common/installer_context.h"
-#include "common/utils/glist_range.h"
-#include "common/utils/string_util.h"
-#include "wgt/wgt_backend_data.h"
-
-namespace {
-
-namespace wgt_sec = wgt::security;
-using CompositeSpec =
- common_installer::CompositeSpecification<wgt_sec::BackgroundCatSpecTest>;
-
-/**
- * \brief Implementation of Specification that check version requirement
- */
-class VersionAtLeastSpec : public CompositeSpec {
- public:
- explicit VersionAtLeastSpec(const utils::VersionNumber version)
- : version_(version) {}
-
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- return version_ <= candidate.version;
- }
-
- private:
- const utils::VersionNumber version_;
-};
-
-/**
- * \brief Implementation of Specification that check certificate level
- * requirement
- */
-class CertSpec : public CompositeSpec {
- public:
- explicit CertSpec(common_installer::PrivilegeLevel privilege) :
- privilege_(privilege) {}
-
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- return candidate.cert == privilege_;
- }
-
- private:
- const common_installer::PrivilegeLevel privilege_;
-};
-
-/**
- * \brief Implementation of Specification that check background support
- * requirement
- */
-class BackgroundSuptSpec : public CompositeSpec {
- public:
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- return candidate.background_supt;
- }
-};
-
-/**
- * \brief Implementation of Specification that check if any known values
- * were parsed in background-category elements
- */
-class KnownValueSpec : public CompositeSpec {
- public:
- explicit KnownValueSpec(const wgt_sec::BackgroundCatSet &values) :
- valid_values_(values) {
- }
-
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- wgt_sec::BackgroundCatSet intersect;
- std::set_intersection(valid_values_.begin(), valid_values_.end(),
- candidate.values.begin(), candidate.values.end(),
- std::inserter(intersect, intersect.begin()));
- return !intersect.empty();
- }
-
- private:
- wgt_sec::BackgroundCatSet valid_values_;
-};
-
-/**
- * \brief Implementation of Specification that check if any unknown values
- * were parsed in background-category elements
- */
-class UnknownValueSpec : public CompositeSpec {
- public:
- explicit UnknownValueSpec(const wgt_sec::BackgroundCatSet &values) :
- invalid_values_(values) {
- }
-
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- wgt_sec::BackgroundCatSet diff;
- std::set_difference(candidate.values.begin(), candidate.values.end(),
- invalid_values_.begin(), invalid_values_.end(),
- std::inserter(diff, diff.begin()));
- return !diff.empty();
- }
-
- private:
- wgt_sec::BackgroundCatSet invalid_values_;
-};
-
-/**
- * \brief Implementation of Specification that check if any of parsed values in
- * background-category elements meet requirement of having "system" value
- */
-class SystemValueSpec : public CompositeSpec {
- public:
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- return candidate.values.find("system") != candidate.values.end();
- }
-};
-
-/**
- * \brief Implementation of Specification that check if no values were parsed
- * in background-category elements
- */
-class EmptyValueSpec : public CompositeSpec {
- public:
- bool IsSatisfiedBy(const wgt_sec::BackgroundCatSpecTest &candidate) override {
- return candidate.values.empty();
- }
-};
-
-} // namespace
-
-namespace wgt {
-namespace security {
-
-StepCheckBackgroundCategory::StepCheckBackgroundCategory(
- common_installer::InstallerContext *context) : Step(context),
- known_background_categories_ {
- "media", "download", "background-network",
- "location", "sensor", "iot-communication" },
- not_unknown_background_categories_ {
- "media", "download", "background-network", "location",
- "sensor", "iot-communication", "system" } {
- utils::VersionNumber v24("2.4");
- auto ver24 = std::make_shared<VersionAtLeastSpec>(std::move(v24));
- auto certUntrusted =
- std::make_shared<CertSpec>(common_installer::PrivilegeLevel::UNTRUSTED);
- auto certPublic =
- std::make_shared<CertSpec>(common_installer::PrivilegeLevel::PUBLIC);
- auto certParter =
- std::make_shared<CertSpec>(common_installer::PrivilegeLevel::PARTNER);
- auto certPlatform =
- std::make_shared<CertSpec>(common_installer::PrivilegeLevel::PLATFORM);
- auto background_supt = std::make_shared<BackgroundSuptSpec>();
- auto known = std::make_shared<KnownValueSpec>(known_background_categories_);
- auto unknown =
- std::make_shared<UnknownValueSpec>(not_unknown_background_categories_);
- auto system = std::make_shared<SystemValueSpec>();
- auto empty = std::make_shared<EmptyValueSpec>();
-
- common_installer::ISpecPtr<BackgroundCatSpecTest> certTrusted =
- certParter->Or(certPlatform);
- sentAllSpec_ = ver24->Not()->And(
- background_supt->And(certPublic->And(system->Not())->Or(certTrusted)));
- failSpec_ = certPublic->And(system)->Or(certUntrusted);
- systemSpec_ = certTrusted->And(system);
- knownSpec_ = failSpec_->Not()->And(
- sentAllSpec_->Not())->And(empty->Not())->And(known);
- unknownSpec_ = failSpec_->Not()->And(empty->Not())->And(unknown);
-}
-
-GList *StepCheckBackgroundCategory::CopyValuesToBackgroundCategory(
- BackgroundCatSet values, GList *backgroundCategories) {
- for (auto& background_category : values) {
- backgroundCategories = g_list_append(
- backgroundCategories, strdup(background_category.c_str()));
- }
-
- return backgroundCategories;
-}
-
-common_installer::Step::Status StepCheckBackgroundCategory::process() {
- std::string str_ver(context_->manifest_data.get()->api_version);
- common_installer::PrivilegeLevel privilege_level =
- context_->privilege_level.get();
- const wgt::parse::SettingInfo& settings = static_cast<WgtBackendData*>(
- context_->backend_data.get())->settings.get();
- bool bkgnd_supt = settings.background_support_enabled();
- utils::VersionNumber version(str_ver);
-
- for (application_x* app :
- GListRange<application_x*>(context_->manifest_data.get()->application)) {
- BackgroundCatSet bkgnd_cat;
-
- for (const char* background_category : GListRange<char*>(
- app->background_category)) {
- bkgnd_cat.insert(strdup(background_category));
- }
-
- g_list_free_full(app->background_category, g_free);
- app->background_category = nullptr;
-
- BackgroundCatSpecTest test =
- { version, privilege_level, bkgnd_supt, std::move(bkgnd_cat) };
-
- if (failSpec_->IsSatisfiedBy(test)) {
- LOG(DEBUG) << "Installation fail caused by background-category";
- return Status::ERROR;
- }
-
- if (sentAllSpec_->IsSatisfiedBy(test)) {
- app->background_category = CopyValuesToBackgroundCategory(
- known_background_categories_, app->background_category);
- }
-
- if (systemSpec_->IsSatisfiedBy(test)) {
- app->background_category = g_list_append(
- app->background_category, strdup("system"));
- }
-
- if (knownSpec_->IsSatisfiedBy(test)) {
- BackgroundCatSet to_insert;
-
- // Get all known parsed values this is to handle case when more than one
- // background-category element is declared and values are mixed
- std::set_intersection(
- known_background_categories_.begin(),
- known_background_categories_.end(),
- test.values.begin(), test.values.end(),
- std::inserter(to_insert, to_insert.begin()));
-
- app->background_category = CopyValuesToBackgroundCategory(
- to_insert, app->background_category);
- }
-
- if (unknownSpec_->IsSatisfiedBy(test)) {
- BackgroundCatSet to_insert;
-
- // Get all unknown parsed values this is to handle case when more than one
- // background-category element is declared and values are mixed
- std::set_difference(
- test.values.begin(), test.values.end(),
- not_unknown_background_categories_.begin(),
- not_unknown_background_categories_.end(),
- std::inserter(to_insert, to_insert.end()));
-
- app->background_category = CopyValuesToBackgroundCategory(
- to_insert, app->background_category);
- }
- }
-
- return Status::OK;
-}
-
-} // namespace security
-} // namespace wgt
+++ /dev/null
-// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-// Use of this source code is governed by a apache 2.0 license that can be
-// found in the LICENSE file.
-
-#ifndef WGT_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
-#define WGT_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
-
-#include <manifest_parser/utils/version_number.h>
-#include <glib.h>
-#include <set>
-#include <string>
-
-#include "common/step/step.h"
-#include "common/utils/logging.h"
-#include "common/utils/specification.h"
-
-namespace wgt {
-namespace security {
-
-typedef std::set<std::string> BackgroundCatSet;
-
-struct BackgroundCatSpecTest {
- utils::VersionNumber version;
- common_installer::PrivilegeLevel cert;
- bool background_supt;
- BackgroundCatSet values;
-};
-
-/**
- * \brief This step check background category value and modify it depending on
- * required version, cert level, background support, and value itself
- */
-class StepCheckBackgroundCategory : public common_installer::Step {
- public:
- using Step::Step;
-
- explicit StepCheckBackgroundCategory(
- common_installer::InstallerContext *context);
-
- /**
- * \brief Check background category values
- *
- * \return Status::ERROR when "system" detected,
- * Status::OK otherwise
- */
- Status process() override;
-
- /**
- * \brief Empty method
- *
- * \return Status::OK
- */
- Status clean() override { return Status::OK; }
-
- /**
- * \brief Empty method
- *
- * \return Status::OK
- */
- Status undo() override { return Status::OK; }
-
- /**
- * \brief Empty method
- *
- * \return Status::OK
- */
- Status precheck() override { return Status::OK; }
-
- SCOPE_LOG_TAG(CheckBackgroundCategory)
-
- private:
- GList *CopyValuesToBackgroundCategory(
- BackgroundCatSet values, GList *backgroundCategories);
-
- common_installer::ISpecPtr<BackgroundCatSpecTest> sentAllSpec_;
- common_installer::ISpecPtr<BackgroundCatSpecTest> failSpec_;
- common_installer::ISpecPtr<BackgroundCatSpecTest> systemSpec_;
- common_installer::ISpecPtr<BackgroundCatSpecTest> knownSpec_;
- common_installer::ISpecPtr<BackgroundCatSpecTest> unknownSpec_;
-
- const BackgroundCatSet known_background_categories_;
- const BackgroundCatSet not_unknown_background_categories_;
-};
-
-} // namespace security
-} // namespace wgt
-
-#endif // WGT_STEP_STEP_CHECK_BACKGROUND_CATEGORY_H_
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include <manifest_handlers/setting_handler.h>
+
+#include "common/installer_context.h"
+#include "step_check_wgt_background_category.h"
+#include "wgt/wgt_backend_data.h"
+
+namespace {
+namespace ci_sec = common_installer::security;
+} // namespace
+
+namespace wgt {
+namespace security {
+
+StepCheckWgtBackgroundCategory::StepCheckWgtBackgroundCategory(
+ common_installer::InstallerContext* context) :
+ ci_sec::StepCheckBackgroundCategory(context) {}
+
+bool StepCheckWgtBackgroundCategory::GetBackgroundSupport() {
+ const wgt::parse::SettingInfo& settings = static_cast<WgtBackendData*>(
+ context_->backend_data.get())->settings.get();
+ return settings.background_support_enabled();
+}
+
+} // namespace security
+} // namespace wgt
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by a apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef WGT_STEP_STEP_CHECK_WGT_BACKGROUND_CATEGORY_H_
+#define WGT_STEP_STEP_CHECK_WGT_BACKGROUND_CATEGORY_H_
+
+#include <manifest_parser/utils/version_number.h>
+
+#include "common/step/step_check_background_category.h"
+
+namespace wgt {
+namespace security {
+
+/**
+ * \brief This step check background category value and modify it depending on
+ * required version, cert level, background support, and value itself
+ */
+class StepCheckWgtBackgroundCategory :
+ public common_installer::security::StepCheckBackgroundCategory {
+ public:
+ explicit StepCheckWgtBackgroundCategory(
+ common_installer::InstallerContext* context);
+
+ protected:
+ bool GetBackgroundSupport() override;
+};
+
+} // namespace security
+} // namespace wgt
+
+#endif // WGT_STEP_STEP_CHECK_WGT_BACKGROUND_CATEGORY_H_
#include "common/step/step_check_old_certificate.h"
#include "wgt/step/step_add_default_privileges.h"
-#include "wgt/step/step_check_background_category.h"
#include "wgt/step/step_check_settings_level.h"
+#include "wgt/step/step_check_wgt_background_category.h"
#include "wgt/step/step_create_symbolic_link.h"
#include "wgt/step/step_encrypt_resources.h"
#include "wgt/step/step_parse.h"
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
-// TODO(p.sikorski): AddStep<wgt::security::StepCheckBackgroundCategory>();
+ AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<wgt::encrypt::StepEncryptResources>();
AddStep<wgt::filesystem::StepWgtResourceDirectory>();
AddStep<ci::security::StepRollbackInstallationSecurity>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
-// TODO(p.sikorski): AddStep<wgt::security::StepCheckBackgroundCategory>();
+ AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<ci::security::StepCheckOldCertificate>();
AddStep<wgt::filesystem::StepWgtResourceDirectory>();
AddStep<ci::backup::StepOldManifest>();
AddStep<ci::security::StepCheckSignature>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
- AddStep<wgt::security::StepCheckBackgroundCategory>();
+ AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<ci::security::StepCheckOldCertificate>();
AddStep<wgt::filesystem::StepWgtResourceDirectory>();
AddStep<ci::backup::StepOldManifest>();
projects / platform / core / appfw / app-installers.git / commitdiff