[Service] Move dropThreadPrivilege() before app starting

If applying app smack label before of webapis related works, there
are fails of loading webapis due to smack deny.

Of course, at first time, before loading webapis, app label should
be applied on the node worker thread. But kind of modules are
checking the privileges with 'pid', not 'tid'
So, webapis loading are not loaded all successfully.

This patch makes to defer privilege drop after webapis related works.
(access_control_manager, device_api_router)

Change-Id: I89849e4271cddde2e22a6bca77f77b503ee30cd8
Signed-off-by: DongHyun Song <dh81.song@samsung.com>

diff --git a/wrt_app/common/service_runner.ts b/wrt_app/common/service_runner.ts
index 13baa02..f372d96 100644 (file)
--- a/wrt_app/common/service_runner.ts
+++ b/wrt_app/common/service_runner.ts
@@ -75,7 +75,13 @@ export function start(id: string, filename: string) {
   // uv loop is sleeping for a few second with tizen webapis's aync callback
   fakeTimer = setInterval(() => {}, 100);
   printAppControlData(id);
+
   try {
+    let ids = id.split(':');
+    let serviceId = ids[0];
+    let packageId = serviceId.split('.')[0];
+    wrt.security?.dropThreadPrivilege(packageId, serviceId);
+
     app = require(filename);
     if (app.onStart !== undefined) {
       app.onStart();

diff --git a/wrt_app/service/access_control_manager.ts b/wrt_app/service/access_control_manager.ts
index b3d804c..49b063e 100644 (file)
--- a/wrt_app/service/access_control_manager.ts
+++ b/wrt_app/service/access_control_manager.ts
@@ -12,7 +12,6 @@ function checkSystemInfoApiPrivilege(func: any, permissions: string[]) {
 }
 
 export function initialize(packageId: string, appId: string, permissions: string[]) {
-  wrt.security?.dropThreadPrivilege(packageId, appId);
   let tizen = global.tizen;
   if (!permissions.includes("http://tizen.org/privilege/alarm")) {
     tizen.alarm.add =