*/
#include <cynara-creds-gdbus.h>
+#include <app_manager.h>
#include <types_internal.h>
#include "peer_creds.h"
-bool ctx::peer_creds::get(GDBusConnection *connection, const char *unique_name, std::string &smack_label, pid_t &pid)
+ctx::credentials::credentials(char *_app_id, char *_client) :
+ app_id(_app_id),
+ client(_client)
{
- gchar *client = NULL;
- int err = cynara_creds_gdbus_get_client(connection, unique_name, CLIENT_METHOD_SMACK, &client);
- IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, false, _E, "cynara_creds_gdbus_get_client() failed");
+}
- smack_label = client;
+ctx::credentials::~credentials()
+{
+ g_free(app_id);
g_free(client);
+}
+
+bool ctx::peer_creds::get(GDBusConnection *connection, const char *unique_name, ctx::credentials **creds)
+{
+ pid_t pid = 0;
+ char *app_id = NULL;
+ gchar *client = NULL;
+ int err;
err = cynara_creds_gdbus_get_pid(connection, unique_name, &pid);
- IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, false, _E, "cynara_creds_gdbus_get_pid() failed");
+ IF_FAIL_RETURN_TAG(err == CYNARA_API_SUCCESS, false, _E, "Peer credentialing failed");
+
+ err = cynara_creds_gdbus_get_client(connection, unique_name, CLIENT_METHOD_DEFAULT, &client);
+ IF_FAIL_CATCH_TAG(err == CYNARA_API_SUCCESS, _E, "Peer credentialing failed");
+
+ /* TODO: session & user */
+
+ app_manager_get_app_id(pid, &app_id);
+ _D("AppId: %s", app_id);
+
+ *creds = new(std::nothrow) credentials(app_id, client);
+ IF_FAIL_CATCH_TAG(*creds, _E, "Memory allocation failed");
return true;
+
+CATCH:
+ g_free(app_id);
+ g_free(client);
+ return false;
}
#include <string>
namespace ctx {
+
+ class credentials {
+ public:
+ char *app_id;
+ char *client; /* smack label */
+ credentials(char *_app_id, char *_client);
+ ~credentials();
+ };
+
namespace peer_creds {
- bool get(GDBusConnection *connection, const char *unique_name, std::string &smack_label, pid_t &pid);
+ bool get(GDBusConnection *connection, const char *unique_name, credentials **creds);
}
} /* namespace ctx */
#include <string>
#include <types_internal.h>
+#include "peer_creds.h"
#include "privilege.h"
-bool ctx::privilege_manager::is_allowed(const char *client, const char *privilege)
+bool ctx::privilege_manager::is_allowed(const ctx::credentials *creds, const char *privilege)
{
/* TODO: need to be implemented using Cynara */
#if 0
#define PRIV_ALARM_SET "alarm.set"
namespace ctx {
+
+ /* Forward declaration */
+ class credentials;
+
namespace privilege_manager {
- bool is_allowed(const char *client, const char *privilege);
+
+ bool is_allowed(const credentials *creds, const char *privilege);
+
} /* namespace ctx::privilege_manager */
} /* namespace ctx */
#include <types_internal.h>
#include <dbus_server.h>
#include "dbus_server_impl.h"
+#include "access_control/peer_creds.h"
#include "client_request.h"
-ctx::client_request::client_request(int type,
- const char *client, int req_id, const char *subj, const char *desc,
- const char *sender, char *app_id, GDBusMethodInvocation *inv)
- : request_info(type, client, req_id, subj, desc)
- , __app_id(app_id)
- , __sender(sender)
+ctx::client_request::client_request(int type, int req_id, const char *subj, const char *desc,
+ ctx::credentials *creds, const char *sender, GDBusMethodInvocation *inv)
+ : request_info(type, req_id, subj, desc)
+ , __credentials(creds)
+ , __dbus_sender(sender)
, __invocation(inv)
{
}
if (__invocation)
g_dbus_method_invocation_return_value(__invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
- g_free(__app_id);
+ delete __credentials;
+}
+
+const ctx::credentials* ctx::client_request::get_credentials()
+{
+ return __credentials;
}
const char* ctx::client_request::get_app_id()
{
- return __app_id;
+ if (__credentials)
+ return __credentials->app_id;
+
+ return NULL;
+}
+
+const char* ctx::client_request::get_client()
+{
+ if (__credentials)
+ return __credentials->client;
+
+ return NULL;
}
bool ctx::client_request::reply(int error)
char *data_str = data.dup_cstr();
IF_FAIL_RETURN_TAG(data_str, false, _E, "Memory allocation failed");
- dbus_server::publish(__sender.c_str(), _req_id, _subject.c_str(), error, data_str);
+ dbus_server::publish(__dbus_sender.c_str(), _req_id, _subject.c_str(), error, data_str);
g_free(data_str);
return true;
class client_request : public request_info {
public:
- client_request(int type,
- const char *client, int req_id, const char *subj, const char *desc,
- const char *sender, char *app_id, GDBusMethodInvocation *inv);
+ client_request(int type, int req_id, const char *subj, const char *desc,
+ credentials *creds, const char *sender, GDBusMethodInvocation *inv);
~client_request();
- const char *get_app_id();
+ const credentials* get_credentials();
+ const char* get_app_id();
+ const char* get_client();
bool reply(int error);
bool reply(int error, ctx::json &request_result);
bool reply(int error, ctx::json &request_result, ctx::json &data_read);
bool publish(int error, ctx::json &data);
private:
- char *__app_id;
- std::string __sender;
+ credentials *__credentials;
+ std::string __dbus_sender;
GDBusMethodInvocation *__invocation;
};
delete request;
}
-bool ctx::context_manager_impl::is_allowed(const char *client, const char *subject)
+bool ctx::context_manager_impl::is_allowed(const ctx::credentials *creds, const char *subject)
{
+ IF_FAIL_RETURN(creds, true); /* In case internal requests */
provider_map_t::iterator it = provider_map.find(subject);
IF_FAIL_RETURN(it != provider_map.end(), false);
- IF_FAIL_RETURN(ctx::privilege_manager::is_allowed(client, it->second.privilege), false);
+ IF_FAIL_RETURN(ctx::privilege_manager::is_allowed(creds, it->second.privilege), false);
return true;
}
return NULL;
}
- if (!STR_EQ(TRIGGER_CLIENT_NAME, request->get_client()) &&
- !ctx::privilege_manager::is_allowed(request->get_client(), it->second.privilege)) {
+ if (!ctx::privilege_manager::is_allowed(request->get_credentials(), it->second.privilege)) {
_W("Permission denied");
request->reply(ERR_PERMISSION_DENIED);
delete request;
#include <context_mgr_iface.h>
#include "request.h"
-#define TRIGGER_CLIENT_NAME "TRIGGER"
-
namespace ctx {
+ /* Forward declaration */
+ class credentials;
+
class context_manager_impl : public context_manager_iface {
public:
typedef std::list<request_info*> request_list_t;
void assign_request(ctx::request_info *request);
bool is_supported(const char *subject);
- bool is_allowed(const char *client, const char *subject);
+ bool is_allowed(const credentials *creds, const char *subject);
bool pop_trigger_item(std::string &subject, int &operation, ctx::json &attributes, ctx::json &options);
/* From the interface class */
bool ctx::context_monitor::is_allowed(const char *client, const char *subject)
{
if (STR_EQ(subject, TIMER_EVENT_SUBJECT))
- return privilege_manager::is_allowed(client, PRIV_ALARM_SET);
+ return true;
+ //TODO: re-implement above in the proper 3.0 style
+ // return privilege_manager::is_allowed(client, PRIV_ALARM_SET);
if (STR_EQ(subject, TIMER_CONDITION_SUBJECT))
return true;
#include "fact_request.h"
#include "fact_reader.h"
-#define CLIENT_NAME TRIGGER_CLIENT_NAME
#define COND_END_TIME(T) (g_get_monotonic_time() + (T) * G_TIME_SPAN_SECOND)
#define SUBSCRIBE_TIMEOUT 3
#define READ_TIMEOUT 10
bool ctx::fact_reader::is_allowed(const char *client, const char *subject)
{
- return _context_mgr->is_allowed(client, subject);
+ //TODO: re-implement this in the proper 3.0 style
+ //return _context_mgr->is_allowed(client, subject);
+ return true;
}
bool ctx::fact_reader::get_fact_definition(std::string &subject, int &operation, ctx::json &attributes, ctx::json &options)
rid = generate_req_id();
- fact_request *req = new(std::nothrow) fact_request(REQ_SUBSCRIBE, CLIENT_NAME,
+ fact_request *req = new(std::nothrow) fact_request(REQ_SUBSCRIBE,
rid, subject, option ? option->str().c_str() : NULL, wait_response ? this : NULL);
IF_FAIL_RETURN_TAG(req, -1, _E, "Memory allocation failed");
void ctx::fact_reader::unsubscribe(const char *subject, int subscription_id)
{
- fact_request *req = new(std::nothrow) fact_request(REQ_UNSUBSCRIBE, CLIENT_NAME, subscription_id, subject, NULL, NULL);
+ fact_request *req = new(std::nothrow) fact_request(REQ_UNSUBSCRIBE, subscription_id, subject, NULL, NULL);
IF_FAIL_VOID_TAG(req, _E, "Memory allocation failed");
g_idle_add(send_request, req);
int rid = generate_req_id();
- fact_request *req = new(std::nothrow) fact_request(REQ_READ_SYNC, CLIENT_NAME,
+ fact_request *req = new(std::nothrow) fact_request(REQ_READ_SYNC,
rid, subject, option ? option->str().c_str() : NULL, this);
IF_FAIL_RETURN_TAG(req, false, _E, "Memory allocation failed");
#include <types_internal.h>
#include "fact_request.h"
-ctx::fact_request::fact_request(int type, const char* client, int req_id, const char* subj, const char* desc, fact_reader* reader)
- : request_info(type, client, req_id, subj, desc)
+ctx::fact_request::fact_request(int type, int req_id, const char* subj, const char* desc, fact_reader* reader)
+ : request_info(type, req_id, subj, desc)
, _reader(reader)
, replied(false)
{
reply(ERR_OPERATION_FAILED);
}
+const char* ctx::fact_request::get_client()
+{
+ return "TRIGGER";
+}
+
bool ctx::fact_request::reply(int error)
{
IF_FAIL_RETURN(!replied && _reader, true);
namespace ctx {
class fact_request : public request_info {
- public:
- fact_request(int type, const char* client, int req_id, const char* subj, const char* desc, fact_reader* reader);
- ~fact_request();
-
- bool reply(int error);
- bool reply(int error, ctx::json& request_result);
- bool reply(int error, ctx::json& request_result, ctx::json& data_read);
- bool publish(int error, ctx::json& data);
-
- private:
- fact_reader *_reader;
- bool replied;
+ public:
+ fact_request(int type, int req_id, const char* subj, const char* desc, fact_reader* reader);
+ ~fact_request();
+
+ const char* get_client();
+ bool reply(int error);
+ bool reply(int error, ctx::json& request_result);
+ bool reply(int error, ctx::json& request_result, ctx::json& data_read);
+ bool publish(int error, ctx::json& data);
+
+ private:
+ fact_reader *_reader;
+ bool replied;
};
} /* namespace ctx */
_I("[%s] ReqId: %d, Subject: %s", req_type_to_str(req_type), req_id, subject);
_SI("Input: %s", input);
- std::string smack_label;
- pid_t pid;
+ ctx::credentials *creds = NULL;
- if (!ctx::peer_creds::get(dbus_connection, sender, smack_label, pid)) {
- _E("Peer credential failed");
+ if (!ctx::peer_creds::get(dbus_connection, sender, &creds)) {
+ _E("Peer credentialing failed");
g_dbus_method_invocation_return_value(invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
return;
}
- char *app_id = NULL;
- app_manager_get_app_id(pid, &app_id);
- _D("AppId: %s", app_id);
-
- ctx::client_request *request = new(std::nothrow) ctx::client_request(req_type, smack_label.c_str(), req_id, subject, input, sender, app_id, invocation);
+ ctx::client_request *request = new(std::nothrow) ctx::client_request(req_type, req_id, subject, input, creds, sender, invocation);
if (!request) {
_E("Memory allocation failed");
g_dbus_method_invocation_return_value(invocation, g_variant_new("(iss)", ERR_OPERATION_FAILED, EMPTY_JSON_OBJECT, EMPTY_JSON_OBJECT));
+ delete creds;
return;
}
#include <types_internal.h>
#include "request.h"
-ctx::request_info::request_info(int type, const char* client, int req_id, const char* subj, const char* desc)
+ctx::request_info::request_info(int type, int req_id, const char* subj, const char* desc)
: _type(type)
, _req_id(req_id)
- , _client(client)
, _subject(subj)
, _description(desc)
{
return _req_id;
}
+const ctx::credentials* ctx::request_info::get_credentials()
+{
+ return NULL;
+}
+
+const char* ctx::request_info::get_app_id()
+{
+ return NULL;
+}
+
const char* ctx::request_info::get_client()
{
- return _client.c_str();
+ return NULL;
}
const char* ctx::request_info::get_subject()
{
return _description;
}
-
-const char* ctx::request_info::get_app_id()
-{
- return NULL;
-}
namespace ctx {
+ /* Forward declaration */
+ class credentials;
+
class request_info {
public:
- request_info(int type, const char *client, int req_id, const char *subj, const char *desc);
+ request_info(int type, int req_id, const char *subj, const char *desc);
virtual ~request_info();
int get_type();
int get_id();
- const char *get_client();
- const char *get_subject();
+ const char* get_subject();
ctx::json& get_description();
- virtual const char *get_app_id();
+ virtual const credentials* get_credentials();
+ virtual const char* get_app_id();
+ /* TODO: remove this get_client() */
+ virtual const char* get_client();
virtual bool reply(int error) = 0;
virtual bool reply(int error, ctx::json &request_result) = 0;
virtual bool reply(int error, ctx::json &request_result, ctx::json &data_read) = 0;
protected:
int _type;
int _req_id;
- std::string _client;
std::string _subject;
ctx::json _description;
};
projects / platform / core / context / context-service.git / commitdiff