include
)
-SET(requires "dlog bundle glib-2.0 appsvc pkgmgr-info capi-base-common")
+SET(requires "dlog bundle glib-2.0 appsvc pkgmgr-info capi-base-common cynara-client")
INCLUDE(FindPkgConfig)
pkg_check_modules(pkgs REQUIRED ${requires})
extern "C" {
#endif
+typedef enum {
+ PRIVILEGE_PROVIDER,
+ PRIVILEGE_CONSUMER
+} privilege_type;
+
int convert_to_tizen_error(datacontrol_error_e error);
int data_control_error(data_control_error_e error,
const char *function, const char *description);
+int datacontrol_check_privilege(privilege_type check_type);
#ifdef __cplusplus
}
BuildRequires: pkgconfig(pkgmgr-info)
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(capi-base-common)
-
+BuildRequires: pkgconfig(cynara-client)
# runtime requires
Requires(post): /sbin/ldconfig
Requires(post): coreutils
#include <string.h>
#include <glib.h>
#include <unistd.h>
-
#include <sys/types.h>
#include <fcntl.h>
+#include <cynara-client.h>
+#include <stdio.h>
+
#include "data_control_internal.h"
+#define SMACK_LABEL_LEN 255
+
#ifdef LOG_TAG
#undef LOG_TAG
#endif
#define _LOGE(fmt, arg...) LOGE(fmt,##arg)
#define _LOGD(fmt, arg...) LOGD(fmt, ##arg)
+
+int datacontrol_check_privilege(privilege_type check_type) {
+
+ cynara *p_cynara;
+
+ int fd = 0;
+ int ret = 0;
+ char subject_label[SMACK_LABEL_LEN + 1] = "";
+ char uid[10] = {0,};
+ char *client_session = "";
+
+ ret = cynara_initialize(&p_cynara, NULL);
+ if (ret != CYNARA_API_SUCCESS) {
+ LOGE("cannot init cynara [%d] failed!", ret);
+ ret = DATA_CONTROL_ERROR_IO_ERROR;
+ goto out;
+ }
+
+ fd = open("/proc/self/attr/current", O_RDONLY);
+ if (fd < 0) {
+ LOGE("open [%d] failed!", errno);
+ ret = DATA_CONTROL_ERROR_IO_ERROR;
+ goto out;
+ }
+
+ ret = read(fd, subject_label, SMACK_LABEL_LEN);
+ if (ret < 0) {
+ LOGE("read [%d] failed!", errno);
+ close(fd);
+ ret = DATA_CONTROL_ERROR_IO_ERROR;
+ goto out;
+ }
+ close(fd);
+
+ snprintf(uid, 10, "%d", getuid());
+ ret = cynara_check(p_cynara, subject_label, client_session, uid,
+ "http://tizen.org/privilege/datasharing");
+ if (ret != CYNARA_API_ACCESS_ALLOWED) {
+ LOGE("cynara access check [%d] failed!", ret);
+ ret = DATA_CONTROL_ERROR_PERMISSION_DENIED;
+ goto out;
+ }
+
+ if (check_type == PRIVILEGE_CONSUMER) {
+ ret = cynara_check(p_cynara, subject_label, client_session, uid,
+ "http://tizen.org/privilege/appmanager.launch");
+ if (ret != CYNARA_API_ACCESS_ALLOWED) {
+ LOGE("cynara access check [%d] failed!", ret);
+ ret = DATA_CONTROL_ERROR_PERMISSION_DENIED;
+ goto out;
+ }
+ }
+
+ ret = DATA_CONTROL_ERROR_NONE;
+out:
+
+ if (p_cynara)
+ cynara_finish(p_cynara);
+
+ return ret;
+}
+
static const char *data_control_error_to_string(data_control_error_e error)
{
switch (error) {
EXPORT_API int
data_control_map_get(data_control_h provider, const char *key, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return convert_to_tizen_error(datacontrol_map_get((datacontrol_h)provider, key, request_id));
}
EXPORT_API int
data_control_map_get_with_page(data_control_h provider, const char *key, int *request_id, int page_number, int count_per_page)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return convert_to_tizen_error(datacontrol_map_get_with_page((datacontrol_h)provider, key, request_id, page_number, count_per_page));
}
EXPORT_API int
data_control_map_set(data_control_h provider, const char *key, const char *old_value, const char *new_value, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return convert_to_tizen_error(datacontrol_map_set((datacontrol_h)provider, key, old_value, new_value, request_id));
}
EXPORT_API int
data_control_map_add(data_control_h provider, const char *key, const char *value, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return convert_to_tizen_error(datacontrol_map_add((datacontrol_h)provider, key, value, request_id));
}
EXPORT_API int
data_control_map_remove(data_control_h provider, const char *key, const char *value, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return convert_to_tizen_error(datacontrol_map_remove((datacontrol_h)provider, key, value, request_id));
}
EXPORT_API int
data_control_provider_sql_register_cb(data_control_provider_sql_cb *callback, void *user_data)
{
+
+ int retval = datacontrol_check_privilege(PRIVILEGE_PROVIDER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
if (!callback)
return DATA_CONTROL_ERROR_INVALID_PARAMETER;
EXPORT_API int
data_control_provider_map_register_cb(data_control_provider_map_cb *callback, void *user_data)
{
+
+ int retval = datacontrol_check_privilege(PRIVILEGE_PROVIDER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
if (!callback)
return DATA_CONTROL_ERROR_INVALID_PARAMETER;
EXPORT_API int
data_control_sql_insert(data_control_h provider, const bundle* insert_data, int *request_id)
{
+
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return datacontrol_sql_insert((datacontrol_h)provider, insert_data, request_id);
}
EXPORT_API int
data_control_sql_delete(data_control_h provider, const char *where, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return datacontrol_sql_delete((datacontrol_h)provider, where, request_id);
}
EXPORT_API int
data_control_sql_select(data_control_h provider, char **column_list, int column_count, const char *where, const char *order, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return datacontrol_sql_select((datacontrol_h)provider, column_list, column_count, where, order, request_id);
}
EXPORT_API int
data_control_sql_select_with_page(data_control_h provider, char **column_list, int column_count, const char *where, const char *order, int page_number, int count_per_page, int *request_id)
{
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return datacontrol_sql_select_with_page((datacontrol_h)provider, column_list, column_count, where, order, page_number, count_per_page, request_id);
}
EXPORT_API int
data_control_sql_update(data_control_h provider, const bundle* update_data, const char *where, int *request_id)
{
+
+ int retval = datacontrol_check_privilege(PRIVILEGE_CONSUMER);
+ if (retval != DATA_CONTROL_ERROR_NONE)
+ return retval;
+
return datacontrol_sql_update((datacontrol_h)provider, update_data, where, request_id);
}