[Content] Synchronously checking access to file

author Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>

Thu, 18 Jan 2018 12:36:11 +0000 (13:36 +0100)

committer Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>

Tue, 24 Apr 2018 08:59:10 +0000 (08:59 +0000)
author Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>
Thu, 18 Jan 2018 12:36:11 +0000 (13:36 +0100)
committer Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>
Tue, 24 Apr 2018 08:59:10 +0000 (08:59 +0000)
diff --git a/src/content/content_instance.cc b/src/content/content_instance.cc

index 6f3673ee522c9c85ccaa464f79818d811e642f30..736b869867d3f162f9f2183220a15cda9faf1ce1 100644 (file)
--- a/src/content/content_instance.cc
+++ b/src/content/content_instance.cc
@@ -510,6 +510,11 @@ void ContentInstance::ContentManagerScanfile(const picojson::value& args, picojs
    CHECK_EXIST(args, "callbackId", out)
    CHECK_EXIST(args, "contentURI", out)
  
+  const std::string& contentURI = args.get("contentURI").get<std::string>();
+  const std::string& real_path = common::FilesystemProvider::Create().GetRealPath(contentURI);
+
+  CHECK_STORAGE_ACCESS(real_path, &out);
+
    double callbackId = args.get("callbackId").get<double>();
    auto cbData = std::shared_ptr<ReplyCallbackData>(new ReplyCallbackData);
    cbData->callbackId = callbackId;
@@ -532,6 +537,11 @@ void ContentInstance::ContentManagerScanDirectory(const picojson::value& args,
    CHECK_EXIST(args, "contentDirURI", out)
    CHECK_EXIST(args, "recursive", out)
  
+  const std::string& contentURI = args.get("contentDirURI").get<std::string>();
+  const std::string& real_path = common::FilesystemProvider::Create().GetRealPath(contentURI);
+
+  CHECK_STORAGE_ACCESS(real_path, &out);
+
    ReplyCallbackData* cbData = new ReplyCallbackData;
    cbData->callbackId = args.get("callbackId").get<double>();
    cbData->instance = this;
@@ -878,6 +888,11 @@ void ContentInstance::ContentManagerAudioGetLyrics(const picojson::value& args,
                                                     picojson::object& out) {
    ScopeLogger();
  
+  const std::string& contentURI = args.get("contentURI").get<std::string>();
+  const std::string& real_path = common::FilesystemProvider::Create().GetRealPath(contentURI);
+
+  CHECK_STORAGE_ACCESS(real_path, &out);
+
    picojson::object lyrics;
    if (ContentManager::getInstance()->isConnected()) {
      int ret = ContentManager::getInstance()->getLyrics(args, lyrics);
@@ -946,6 +961,10 @@ void ContentInstance::PlaylistSetThumbnailUri(const picojson::value& args, picoj
    CHECK_EXIST(args, "uri", out)
    int id = static_cast<int>(args.get("id").get<double>());
    std::string uri = args.get("uri").get<std::string>();
+  const std::string& real_path = common::FilesystemProvider::Create().GetRealPath(uri);
+
+  CHECK_STORAGE_ACCESS(real_path, &out);
+
    ret = ContentManager::getInstance()->setThumbnailUri(id, uri);
    if (ret != MEDIA_CONTENT_ERROR_NONE) {
      LogAndReportError(ContentManager::getInstance()->convertError(ret), &out);
diff --git a/src/content/js/datatypes.js b/src/content/js/datatypes.js

index adb826d9f0129ae4a0373879dc27c1e79a18f391..f632dedc4bae3cdfa72038e033422b680d6b5c80 100755 (executable)
--- a/src/content/js/datatypes.js
+++ b/src/content/js/datatypes.js
@@ -479,6 +479,10 @@ function AudioContent(data) {
  
      if (native_.isFailure(result)) {
        utils_.log('Getting lyrics failed for ' + data.contentURI);
+      var error_object = native_.getErrorObject(result);
+      if (WebAPIException.SECURITY_ERR == error_object.code) {
+        throw error_object;
+      }
        return;
      }
author	Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>
	Thu, 18 Jan 2018 12:36:11 +0000 (13:36 +0100)
committer	Pawel Kaczmarczyk <p.kaczmarczy@samsung.com>
	Tue, 24 Apr 2018 08:59:10 +0000 (08:59 +0000)
src/content/content_instance.cc		patch \| blob \| history
src/content/js/datatypes.js		patch \| blob \| history