add checking permission in account_delete_from_db_by_package_name.

Change-Id: I201aca32ab5518bbab037c962eaf260018924191
Signed-off-by: jiseob.jang <jiseob.jang@samsung.com>

diff --git a/packaging/accounts-service.service b/packaging/accounts-service.service
index 26ee5e8..fd63fe4 100644 (file)
--- a/packaging/accounts-service.service
+++ b/packaging/accounts-service.service
@@ -2,8 +2,8 @@
 Description=Accounts service
 
 [Service]
-#User=system
-#Group=system
+User=system
+Group=system
 Type=simple
 ExecStart=/usr/bin/account-svcd
 Restart=always

diff --git a/server/src/account-server-db.c b/server/src/account-server-db.c
index 42678c7..dccc8b9 100644 (file)
--- a/server/src/account-server-db.c
+++ b/server/src/account-server-db.c
@@ -1832,13 +1832,11 @@ int _account_insert_to_db(account_s* account, int pid, int *account_id)
                return ret_transaction;
        }
 
-       _INFO("");
        *account_id = _account_get_next_sequence(ACCOUNT_TABLE);
        data->id = *account_id;
 
        char* appid = NULL;
        appid = _account_get_current_appid(pid);
-       _INFO("");
 
        if(!appid)
        {
@@ -3746,28 +3744,23 @@ int _account_delete_from_db_by_package_name(int pid, const char *package_name, g
                error_code = _account_check_appid_group_with_package_name(current_appid, package_name_temp);
 
                _ACCOUNT_FREE(current_appid);
-               _ACCOUNT_FREE(package_name_temp);               
+               _ACCOUNT_FREE(package_name_temp);
 
                if(error_code != ACCOUNT_ERROR_NONE){
                        ACCOUNT_ERROR("No permission to delete\n");
                        return ACCOUNT_ERROR_PERMISSION_DENIED;
-               }       
+               }
        }
 
        // It only needs list of ids, does not need to query sensitive info. So sending 0
        GList* account_list_temp = _account_query_account_by_package_name(getpid(), package_name, &ret);
-       if (account_list_temp == NULL)
-       {
-               _ERR("_account_query_account_by_package_name returned NULL");
-               return ACCOUNT_ERROR_DB_FAILED;
-       }
-
        if( _account_db_err_code() == SQLITE_PERM ){
                ACCOUNT_ERROR( "Access failed(%s)", _account_db_err_msg());
                return ACCOUNT_ERROR_PERMISSION_DENIED;
        }
 
        if(ret != ACCOUNT_ERROR_NONE){
+               _ERR("_account_query_account_by_package_name failed ret=[%d]", ret);
                return ret;
        }
 

diff --git a/server/src/account-server.c b/server/src/account-server.c
index c9793de..e1ff9e8 100644 (file)
--- a/server/src/account-server.c
+++ b/server/src/account-server.c
@@ -655,28 +655,30 @@ gboolean account_manager_account_delete_from_db_by_package_name(AccountManager *
                                                                                                                         const gchar *package_name, gboolean permission)
 {
        _INFO("account_manager_account_delete_from_db_by_package_name start");
+       int return_code = ACCOUNT_ERROR_NONE;
 
        guint pid = _get_client_pid(invocation);
        _INFO("client Id = [%u]", pid);
 
-       int return_code = _check_priviliege_account_read(invocation);
-       if (return_code != ACCOUNT_ERROR_NONE)
-       {
-               _ERR("_check_priviliege_account_read failed, ret = %d", return_code);
-               goto RETURN;
-       }
-       return_code = _check_priviliege_account_write(invocation);
-       if (return_code != ACCOUNT_ERROR_NONE)
-       {
-               _ERR("_check_priviliege_account_write failed, ret = %d", return_code);
-               goto RETURN;
+       if( permission ) {
+               return_code = _check_priviliege_account_read(invocation);
+               if (return_code != ACCOUNT_ERROR_NONE)
+               {
+                       _ERR("_check_priviliege_account_read failed, ret = %d", return_code);
+                       goto RETURN;
+               }
+               return_code = _check_priviliege_account_write(invocation);
+               if (return_code != ACCOUNT_ERROR_NONE)
+               {
+                       _ERR("_check_priviliege_account_write failed, ret = %d", return_code);
+                       goto RETURN;
+               }
        }
 
        return_code = _account_db_open(1, pid);
        if (return_code != ACCOUNT_ERROR_NONE)
        {
                _ERR("_account_db_open() error, ret = %d", return_code);
-
                goto RETURN;
        }