projects / platform / core / security / askuser.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e41ccbd)
Trigger toast messages in cynara PrivacyPlugin, once per session 59/122859/1
authorRafal Krypa <r.krypa@samsung.com>
Mon, 3 Apr 2017 19:00:34 +0000 (21:00 +0200)
committerRafal Krypa <r.krypa@samsung.com>
Mon, 3 Apr 2017 19:00:34 +0000 (21:00 +0200)
Toast messages will be generated from server side cynara plugin. The answer
is then cached on client as long as the session parameter of cynara check
is unchanged. When client performs a check with changes session argument,
the cached value will be discarded, client will send check request to cynara
service again, triggering another pop-up.

Change-Id: I28d2eb43bdbf54362c9088dfb1405016a4bd271a
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
src/plugin/CMakeLists.txt patch | blob | history
src/plugin/client/PrivacyPlugin.cpp patch | blob | history
src/plugin/service/PrivacyPlugin.cpp patch | blob | history

diff --git a/src/plugin/CMakeLists.txt b/src/plugin/CMakeLists.txt
index 24880c2bba83ce3e20928db50387bb672bda8070..b02000a616cf4bda89570e4d64117efd771c52a9 100644 (file)
--- a/src/plugin/CMakeLists.txt
+++ b/src/plugin/CMakeLists.txt
@@ -61,10 +61,12 @@ INSTALL(TARGETS ${TARGET_PLUGIN_CLIENT}
 PKG_CHECK_MODULES(PDP_DEP
     REQUIRED
     cynara-plugin
+    security-manager
     )
 
 INCLUDE_DIRECTORIES(
     ${ASKUSER_PATH}/common/config
+    ${ASKUSER_PATH}/common/protocol
     SYSTEM
     ${PDP_DEP_INCLUDE_DIRS}
     )
@@ -82,7 +84,7 @@ LINK_DIRECTORIES(${PDP_DEP_LIBRARY_DIRS})
 ADD_LIBRARY(${TARGET_PRIVACYDENIED_PLUGIN_SERVICE} SHARED ${PDP_SERVICE_SOURCES})
 ADD_LIBRARY(${TARGET_PRIVACYDENIED_PLUGIN_CLIENT} SHARED ${PDP_CLIENT_SOURCES})
 
-TARGET_LINK_LIBRARIES(${TARGET_PRIVACYDENIED_PLUGIN_SERVICE} ${PDP_DEP_LIBRARIES})
+TARGET_LINK_LIBRARIES(${TARGET_PRIVACYDENIED_PLUGIN_SERVICE} ${PDP_DEP_LIBRARIES} ${TARGET_ASKUSER_NOTIFICATION_LIB})
 TARGET_LINK_LIBRARIES(${TARGET_PRIVACYDENIED_PLUGIN_CLIENT} ${PDP_DEP_LIBRARIES})
 
 INSTALL(TARGETS ${TARGET_PRIVACYDENIED_PLUGIN_SERVICE}
diff --git a/src/plugin/client/PrivacyPlugin.cpp b/src/plugin/client/PrivacyPlugin.cpp
index 4ed893b4207203f47e7ded59608cdb24da73fb86..f1722e7aeff93001bae46d85ca51da8c2cb8ebce 100644 (file)
--- a/src/plugin/client/PrivacyPlugin.cpp
+++ b/src/plugin/client/PrivacyPlugin.cpp
@@ -44,19 +44,18 @@ public:
         return true;
     }
 
-    bool isUsable(const ClientSession &session UNUSED,
-                  const ClientSession &prevSession UNUSED,
+    bool isUsable(const ClientSession &session,
+                  const ClientSession &prevSession,
                   bool &updateSession,
-                  PolicyResult & result UNUSED)
+                  PolicyResult &result UNUSED)
     {
         updateSession = false;
-        return true;
+        return (session.compare(prevSession) == 0);
     }
 
     void invalidate() {}
 
     int toResult(const ClientSession &session UNUSED, PolicyResult &result UNUSED) {
-        // This is the place where notify service should be notified
         return CYNARA_API_ACCESS_DENIED;
     }
 };
diff --git a/src/plugin/service/PrivacyPlugin.cpp b/src/plugin/service/PrivacyPlugin.cpp
index 307111de911c7191aba031f5f0670f436b878d19..247881442e28abc97515234386c606e97612c05f 100644 (file)
--- a/src/plugin/service/PrivacyPlugin.cpp
+++ b/src/plugin/service/PrivacyPlugin.cpp
@@ -19,12 +19,15 @@
  * @brief       Implementation of cynara service side PrivacyDenied plugin.
  */
 
+#include <memory>
 #include <string>
 #include <vector>
 #include <cynara-plugin.h>
 
+#include <app-runtime.h>
 #include <attributes/attributes.h>
 #include <PrivacyConfig.h>
+#include <askuser-notification/ask-user-client.h>
 
 using namespace Cynara;
 
@@ -43,15 +46,15 @@ public:
         return serviceDescriptions;
     }
 
-    PluginStatus check(const std::string &client UNUSED,
-                       const std::string &user UNUSED,
-                       const std::string &privilege UNUSED,
+    PluginStatus check(const std::string &client,
+                       const std::string &user,
+                       const std::string &privilege,
                        PolicyResult &result UNUSED,
                        AgentType &requiredAgent UNUSED,
                        PluginData &pluginData UNUSED) noexcept
     {
-        // Don't touch result. It's already set up by cynara
-        return PluginStatus::SUCCESS;
+        toast(client, user, privilege);
+        return PluginStatus::ANSWER_READY;
     }
 
     PluginStatus update(const std::string &client UNUSED,
@@ -65,6 +68,18 @@ public:
     }
 
     void invalidate() {}
+
+private:
+    void toast(const std::string &client, const std::string &user, const std::string &privilege) {
+        char *pkgName = nullptr, *appName = nullptr;
+        int ret = security_manager_identify_app_from_cynara_client(client.c_str(), &pkgName, &appName);
+        if (ret != SECURITY_MANAGER_SUCCESS || pkgName == nullptr)
+            return;
+
+        std::unique_ptr<char, decltype(free)*> pkgNamePtr(pkgName, free);
+        std::unique_ptr<char, decltype(free)*> appNamePtr(appName, free);
+        AskUser::Protocol::toast_deny(pkgName, (appName ? appName : ""), std::stoi(user), privilege);
+    }
 };
 
 } // namespace PrivacyDeniedPlugin
Domain: Security / Application Privilege;