.Change("<IMPL_SERVICE_BASE_DISPATCH>",
GenInterfaceImplServiceBaseDispatch())
.Change("<IMPL_SERVICE_BASE_DISPATCH_FUNCS>",
- GenInterfaceImplServiceBaseDispatchFuncs(iface)));
+ GenInterfaceImplServiceBaseDispatchFuncs(iface))
+ .Change("<IMPL_SERVICE_BASE_SET_PRIVILEGE_MAP>",
+ GenInterfaceImplServiceBaseSetPrivilegeMap(iface)));
}
std::string CppStubBodyGenerator::GenInterfaceCallbacks(
return RemoveLine(code);
}
+std::string CppStubBodyGenerator::GenInterfaceImplServiceBaseSetPrivilegeMap(
+ const Interface& iface) {
+ std::string code;
+ for (auto& decl : iface.GetDeclarations()) {
+ std::string privileges;
+ for (auto& attr : decl->GetAttributes()) {
+ if (attr->GetKey() != "privilege")
+ continue;
+
+ privileges += "\"" + attr->GetValue() + "\"," + NLine(1);
+ }
+
+ if (privileges.empty())
+ continue;
+
+ code += ReplaceAll(CB_INTERFACE_SERVICE_BASE_SET_PRIVILEGE_MAP)
+ .Change("<PRIVILEGES>", privileges)
+ .Change("<METHOD>", decl->GetID());
+ }
+
+ return RemoveLine(code);
+}
+
} // namespace version2
} // namespace tidl
R"__cpp_cb(
#include "<FILENAME>"
-#include <stdlib.h>
+#include <app_manager.h>
#include <assert.h>
#include <dlog.h>
+#include <package_manager.h>
+#include <stdlib.h>
)__cpp_cb";
/**
* <IMPL_SERVICE_BASE_THREAD_MEMBER_INIT> The implementation of the initialization of thread member variable of the service base.
* <IMPL_SERVICE_BASE_DISPATCH> The implementation of the dispatch method of the service base.
* <IMPL_SERVICE_BASE_DISPATCH_FUNCS> The implementation of the dispatch functions of the service base.
+ * <IMPL_SERVICE_BASE_SET_PRIVILEGE_MAP> The implementation of setting privilege map of the service base.
*/
constexpr const char CB_INTERFACE_BASE[] =
R"__cpp_cb(
<CALLBACKS>
<CLS_NAME>::ServiceBase::ServiceBase(std::string sender, std::string instance) : sender_(std::move(sender)), instance_(std::move(instance)) {
+ LoadPrivileges();
+ SetPrivilegeMap();
<IMPL_SERVICE_BASE_THREAD_MEMBER_INIT>
dispatch_funcs_ = {
<IMPL_SERVICE_BASE_DISPATCH_FUNC_INIT>
func(port, callback_port, seq_num, unit_map_);
}
+bool <CLS_NAME>::ServiceBase::PrivilegeInfoCb(const char* privilege_name, void *user_data) {
+ auto* service_base = static_cast<<CLS_NAME>::ServiceBase*>(user_data);
+ _D("appid: %s, privilege: %s", service_base->GetSender().c_str(), privilege_name);
+ service_base->privileges_.insert(privilege_name);
+ return true;
+}
+
+void <CLS_NAME>::ServiceBase::LoadPrivileges() {
+ app_info_h app_info = nullptr;
+ int ret = app_info_create(GetSender().c_str(), &app_info);
+ if (ret != APP_MANAGER_ERROR_NONE) {
+ if (ret == APP_MANAGER_ERROR_NO_SUCH_APP)
+ _W("%s is not an application", GetSender().c_str());
+
+ return;
+ }
+
+ char* package = nullptr;
+ ret = app_info_get_package(app_info, &package);
+ app_info_destroy(app_info);
+ if (ret != APP_MANAGER_ERROR_NONE) {
+ _E("Failed to get package. error(%d)", ret);
+ return;
+ }
+
+ package_info_h package_info = nullptr;
+ ret = package_info_create(package, &package_info);
+ free(package);
+ if (ret != PACKAGE_MANAGER_ERROR_NONE) {
+ _E("Failed to create package info. error(%d)", ret);
+ return;
+ }
+
+ package_info_foreach_privilege_info(package_info, PrivilegeInfoCb, this);
+ package_info_destroy(package_info);
+}
+
+void <CLS_NAME>::ServiceBase::SetPrivilegeMap() {
+ <IMPL_SERVICE_BASE_SET_PRIVILEGE_MAP>
+}
+
+bool <CLS_NAME>::ServiceBase::CheckPrivileges(int method_id) {
+ auto found = privilege_map_.find(method_id);
+ if (found == privilege_map_.end())
+ return true;
+
+ for (const auto& privilege : found->second) {
+ if (privileges_.find(privilege) == privileges_.end()) {
+ _E("%s does not exist", privilege.c_str());
+ return false;
+ }
+ }
+
+ return true;
+}
+
<IMPL_SERVICE_BASE_DISPATCH_FUNCS>
<CLS_NAME>::<CLS_NAME>() {
constexpr const char CB_INTERFACE_SERVICE_BASE_DISPATCH_FUNC_ASYNC[] =
R"__cpp_cb(
void <IFACE_NAME>::ServiceBase::Dispatch<NAME>(rpc_port_h port, rpc_port_h callback_port, int seq_num, const UnitMap& unit_map) {
+ if (!CheckPrivileges(static_cast<int>(MethodId::<NAME>))) {
+ _E("Permission denied");
+ return;
+ }
+
<DESERIALIZE>
<NAME>(<PARAMS>);
}
constexpr const char CB_INTERFACE_SERVICE_BASE_DISPATCH_FUNC[] =
R"__cpp_cb(
void <IFACE_NAME>::ServiceBase::Dispatch<NAME>(rpc_port_h port, rpc_port_h callback_port, int seq_num, const UnitMap& unit_map) {
- <DESERIALIZE>
UnitMap map_;
- try {
- auto ret_ = <NAME>(<PARAMS>);
- map_.Write("[RESULT]", ret_);
- <SERIALIZE>
- } catch (const RemoteException& e) {
- _E("Exception occurs. cause(%d), message(%s)", e.GetCause(), e.GetMessage().c_str());
- map_.Write("[REMOTE_EXCEPTION]", e);
+ if (!CheckPrivileges(static_cast<int>(MethodId::<NAME>))) {
+ _E("Permission denied");
+ RemoteException remote_except(RPC_PORT_ERROR_PERMISSION_DENIED, "Permission denied");
+ map_.Write("[REMOTE_EXCEPTION]", remote_except);
+ } else {
+ <DESERIALIZE>
+ try {
+ auto ret_ = <NAME>(<PARAMS>);
+ map_.Write("[RESULT]", ret_);
+ <SERIALIZE>
+ } catch (const RemoteException& e) {
+ _E("Exception occurs. cause(%d), message(%s)", e.GetCause(), e.GetMessage().c_str());
+ map_.Write("[REMOTE_EXCEPTION]", e);
+ }
}
map_.Write("[METHOD]", static_cast<int>(MethodId::__Result));
unit_map.Read("<NAME>", <NAME>);
)__cpp_cb";
+/**
+ * <PRIVILEGES> The privileges of the method.
+ * <METHOD> The method name.
+ */
+constexpr const char CB_INTERFACE_SERVICE_BASE_SET_PRIVILEGE_MAP[] =
+R"__cpp_cb(
+{
+ std::vector<std::string> privileges = {
+ <PRIVILEGES>
+ };
+ privilege_map_[static_cast<int>(MethodId::<METHOD>)] = std::move(privileges);
+}
+)__cpp_cb";
+
} // namespace version2
} // namespace tidl
projects / platform / core / appfw / tidl.git / commitdiff