Implement tizen privilege for w3c API

[Issue#] N/A
[Problem] N/A
[Cause] N/A
[Solution] Implement tizen privilege for W3C API.
If web application contains "http://tizen.org/privilege/geolocation"
with tizen:privilege tag, web application uses geolocation without
security warning popup. In this case, only local origin is allowed to use.

This commit create and register security origin data which is always allowed
local origin for privilege feature.

[SCMRequest] must be imported with wrt-commons
https://tizendev.org/gerrit/#/c/30851/

Change-Id: I3baf6f065f3e1dfe20efa853ca7454e601736050

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 75d2d4b..75cc5b2 100644 (file)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -119,6 +119,7 @@ PKG_CHECK_MODULES(INSTALLER_STATIC_DEP
     dpl-wrt-dao-ro
     dpl-wrt-dao-rw
     wrt-commons-custom-handler-dao-rw
+    wrt-commons-security-origin-dao
     dpl-encryption
     wrt-plugins-types
     pkgmgr-installer

diff --git a/src/jobs/widget_install/task_database.cpp b/src/jobs/widget_install/task_database.cpp
index cc931a0..072a9f9 100644 (file)
--- a/src/jobs/widget_install/task_database.cpp
+++ b/src/jobs/widget_install/task_database.cpp
@@ -35,6 +35,7 @@
 #include <dpl/utils/wrt_utility.h>
 #include <dpl/log/log.h>
 #include <dpl/assert.h>
+#include <wrt-commons/security-origin-dao/security_origin_dao.h>
 #include <string>
 #include <sstream>
 #include <ace_api_install.h>
@@ -57,6 +58,7 @@ TaskDatabase::TaskDatabase(InstallerContext& context) :
     AddStep(&TaskDatabase::StepRegisterExternalFiles);
     AddStep(&TaskDatabase::StepWrtDBInsert);
     AddStep(&TaskDatabase::StepAceDBInsert);
+    AddStep(&TaskDatabase::StepSecurityOriginDBInsert);
     AddStep(&TaskDatabase::StepRemoveExternalFiles);
     AddStep(&TaskDatabase::StepCreateVconf);
     AddStep(&TaskDatabase::StepLiveboxDBInsert);
@@ -143,6 +145,23 @@ void TaskDatabase::StepAceDBInsert()
                  "Update failure. ace_register_widget failed");
     }
     LogDebug("Ace data inserted");
+}
+
+void TaskDatabase::StepSecurityOriginDBInsert()
+{
+    LogDebug("Create Security origin database");
+    // automatically create security origin database
+    using namespace SecurityOriginDB;
+    SecurityOriginDAO dao(m_context.locations->getPkgId());
+
+    // Checking privilege list for setting security origin exception data
+    FOREACH(it, m_context.widgetConfig.configInfo.privilegeList) {
+        std::map<std::string, Feature>::const_iterator result =
+            g_W3CPrivilegeTextMap.find(DPL::ToUTF8String(it->name));
+        if (result != g_W3CPrivilegeTextMap.end()) {
+            dao.setPrivilegeSecurityOriginData(result->second);
+        }
+    }
 
     m_context.job->UpdateProgress(
         InstallerContext::INSTALL_NEW_DB_INSERT,

diff --git a/src/jobs/widget_install/task_database.h b/src/jobs/widget_install/task_database.h
index 608dbfe..3e0beba 100644 (file)
--- a/src/jobs/widget_install/task_database.h
+++ b/src/jobs/widget_install/task_database.h
@@ -47,6 +47,7 @@ class TaskDatabase :
     void StepRegisterExternalFiles();
     void StepWrtDBInsert();
     void StepAceDBInsert();
+    void StepSecurityOriginDBInsert();
     void StepRemoveExternalFiles();
     void StepCreateVconf();
     void StepLiveboxDBInsert();