[Privilege] enable privilege check code.

author jk.pu <jk.pu@samsung.com>

Thu, 3 Sep 2015 05:23:05 +0000 (14:23 +0900)

committer JeongKyun Pu <jk.pu@samsung.com>

Thu, 3 Sep 2015 05:29:02 +0000 (14:29 +0900)
author jk.pu <jk.pu@samsung.com>
Thu, 3 Sep 2015 05:23:05 +0000 (14:23 +0900)
committer JeongKyun Pu <jk.pu@samsung.com>
Thu, 3 Sep 2015 05:29:02 +0000 (14:29 +0900)
diff --git a/src/common/tools.cc b/src/common/tools.cc

index ba539928f697689acd65f628442b52c6b4e91610..309c5818b69bec330694b21154a3daefe3ea6b76 100644 (file)
--- a/src/common/tools.cc
+++ b/src/common/tools.cc
@@ -165,9 +165,9 @@ class AccessControlImpl {
      LoggerD("Privilege access checked using Cynara.");
  
      char* smack_label = nullptr;
-    int ret = smack_new_label_from_self(&smack_label);
+    int len= smack_new_label_from_self(&smack_label);
  
-    if (0 == ret && nullptr != smack_label) {
+    if (0 < len && nullptr != smack_label) {
        auto uid = getuid();
  
        SLoggerD("uid: [%u]", uid);
@@ -182,7 +182,7 @@ class AccessControlImpl {
        return;
      }
  
-    ret = cynara_initialize(&cynara_, nullptr);
+    int ret = cynara_initialize(&cynara_, nullptr);
      if (CYNARA_API_SUCCESS != ret) {
        LoggerE("Failed to initialize Cynara");
        cynara_ = nullptr;
@@ -201,9 +201,6 @@ class AccessControlImpl {
  
    bool CheckAccess(const std::vector<std::string>& privileges) {
  
-    // TODO(r.galka) Cyanara check disabled temporarily
-    return true;
-
      if (cynara_) {
        for (const auto& privilege : privileges) {
          if (CYNARA_API_ACCESS_ALLOWED != cynara_simple_check(cynara_,  // p_cynara
diff --git a/src/utils/utils_api.js b/src/utils/utils_api.js

old mode 100755 (executable)

new mode 100644 (file)

index 4737496..981f2c4
--- a/src/utils/utils_api.js
+++ b/src/utils/utils_api.js
@@ -71,35 +71,40 @@ var _dateConverter = new DateConverter();
  
  /** @constructor */
  function Utils() {
+   
+  /**
+   * Cynara(since tizen 3.0) only support native privilege. 
+   * simply web privilege convert native privilege for checking access. 
+   */
    var privilege = {
      ACCOUNT_READ: 'http://tizen.org/privilege/account.read',
      ACCOUNT_WRITE: 'http://tizen.org/privilege/account.write',
-    ALARM: 'http://tizen.org/privilege/alarm',
-    APPLICATION_INFO: 'http://tizen.org/privilege/application.info',
-    APPLICATION_LAUNCH: 'http://tizen.org/privilege/application.launch',
-    APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/appmanager.certificate',
+    ALARM: 'http://tizen.org/privilege/alarm.get',
+    APPLICATION_INFO: 'http://tizen.org/privilege/packagemanager.info',
+    APPLICATION_LAUNCH: 'http://tizen.org/privilege/appmanager.launch',
+    APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/notexist',
      APPMANAGER_KILL: 'http://tizen.org/privilege/appmanager.kill',
      BLUETOOTH_ADMIN: 'http://tizen.org/privilege/bluetooth.admin',
-    BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth.gap',
-    BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth.health',
-    BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth.spp',
-    BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetoothmanager',
+    BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetooth.admin',
      BLUETOOTH: 'http://tizen.org/privilege/bluetooth',
-    BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.read',
-    BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.write',
+    BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.admin',
+    BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.admin',
      CALENDAR_READ: 'http://tizen.org/privilege/calendar.read',
      CALENDAR_WRITE: 'http://tizen.org/privilege/calendar.write',
      CALLHISTORY_READ: 'http://tizen.org/privilege/callhistory.read',
      CALLHISTORY_WRITE: 'http://tizen.org/privilege/callhistory.write',
      CONTACT_READ: 'http://tizen.org/privilege/contact.read',
      CONTACT_WRITE: 'http://tizen.org/privilege/contact.write',
-    CONTENT_READ: 'http://tizen.org/privilege/content.read',
+    CONTENT_READ: 'http://tizen.org/privilege/content.write',
      CONTENT_WRITE: 'http://tizen.org/privilege/content.write',
-    DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datacontrol.consumer',
-    DATASYNC: 'http://tizen.org/privilege/datasync',
+    DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datasharing',
+    DATASYNC: 'http://tizen.org/privilege/notexist',
      DOWNLOAD: 'http://tizen.org/privilege/download',
-    FILESYSTEM_READ: 'http://tizen.org/privilege/filesystem.read',
-    FILESYSTEM_WRITE: 'http://tizen.org/privilege/filesystem.write',
+    FILESYSTEM_READ: 'http://tizen.org/privilege/systemsettings.admin',
+    FILESYSTEM_WRITE: 'http://tizen.org/privilege/systemsettings.admin',
      HEALTHINFO: 'http://tizen.org/privilege/healthinfo',
      INTERNET: 'http://tizen.org/privilege/internet',
      KEYMANAGER: 'http://tizen.org/privilege/keymanager',
@@ -107,26 +112,27 @@ function Utils() {
      LOCATION: 'http://tizen.org/privilege/location',
      MEDIACONTROLLER_SERVER: 'http://tizen.org/privilege/mediacontroller.server',
      MEDIACONTROLLER_CLIENT: 'http://tizen.org/privilege/mediacontroller.client',
-    MESSAGING_READ: 'http://tizen.org/privilege/messaging.read',
-    MESSAGING_WRITE: 'http://tizen.org/privilege/messaging.write',
-    NETWORKBEARERSELECTION: 'http://tizen.org/privilege/networkbearerselection',
+    MESSAGING_READ: 'http://tizen.org/privilege/message.read',
+    MESSAGING_WRITE: 'http://tizen.org/privilege/message.write',
+    NETWORKBEARERSELECTION: 'http://tizen.org/privilege/network.set',
      NFC_ADMIN: 'http://tizen.org/privilege/nfc.admin',
      NFC_CARDEMULATION: 'http://tizen.org/privilege/nfc.cardemulation',
-    NFC_COMMON: 'http://tizen.org/privilege/nfc.common',
-    NFC_P2P: 'http://tizen.org/privilege/nfc.p2p',
-    NFC_TAG: 'http://tizen.org/privilege/nfc.tag',
+    NFC_COMMON: 'http://tizen.org/privilege/nfc',
+    NFC_P2P: 'http://tizen.org/privilege/nfc',
+    NFC_TAG: 'http://tizen.org/privilege/nfc',
      NOTIFICATION: 'http://tizen.org/privilege/notification',
-    PACKAGE_INFO: 'http://tizen.org/privilege/package.info',
-    PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.install',
-    POWER: 'http://tizen.org/privilege/power',
+    PACKAGE_INFO: 'http://tizen.org/privilege/packagemanager.info',
+    PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.admin',
+    POWER: 'http://tizen.org/privilege/display',
      PUSH: 'http://tizen.org/privilege/push',
      SECUREELEMENT: 'http://tizen.org/privilege/secureelement',
-    SETTING: 'http://tizen.org/privilege/setting',
-    SYSTEM: 'http://tizen.org/privilege/system',
+    SETTING: 'http://tizen.org/privilege/systemsettings.admin',
+    SYSTEM: 'http://tizen.org/privilege/telephony',
      SYSTEMMANAGER: 'http://tizen.org/privilege/systemmanager',
      TELEPHONY: 'http://tizen.org/privilege/telephony',
      VOLUME_SET: 'http://tizen.org/privilege/volume.set'
    };
+
    Object.freeze(privilege);
  
    Object.defineProperty(this, 'privilege', {
author	jk.pu <jk.pu@samsung.com>
	Thu, 3 Sep 2015 05:23:05 +0000 (14:23 +0900)
committer	JeongKyun Pu <jk.pu@samsung.com>
	Thu, 3 Sep 2015 05:29:02 +0000 (14:29 +0900)
src/common/tools.cc		patch \| blob \| history
src/utils/utils_api.js	[changed mode: 0755->0644]	patch \| blob \| history