[Service] Move dropThreadPrivilege() before app starting

If applying app smack label before of webapis related works, there
are fails of loading webapis due to smack deny.

Of course, at first time, before loading webapis, app label should
be applied on the node worker thread. But kind of modules are
checking the privileges with 'pid', not 'tid'
So, webapis loading are not loaded all successfully.

This patch makes to defer privilege drop after webapis related works.
(access_control_manager, device_api_router)

Change-Id: I89849e4271cddde2e22a6bca77f77b503ee30cd8
Signed-off-by: DongHyun Song <dh81.song@samsung.com>

diff --git a/wrt_app/common/service_runner.ts b/wrt_app/common/service_runner.ts
index 13baa0274d8235303ef100ea8bc82e794bb2c39d..f372d96ba54edbe090e7843ad5e75d7f9771fbfe 100644 (file)
--- a/wrt_app/common/service_runner.ts
+++ b/wrt_app/common/service_runner.ts
@@ -75,7 +75,13 @@ export function start(id: string, filename: string) {
   // uv loop is sleeping for a few second with tizen webapis's aync callback
   fakeTimer = setInterval(() => {}, 100);
   printAppControlData(id);
+
   try {
+    let ids = id.split(':');
+    let serviceId = ids[0];
+    let packageId = serviceId.split('.')[0];
+    wrt.security?.dropThreadPrivilege(packageId, serviceId);
+
     app = require(filename);
     if (app.onStart !== undefined) {
       app.onStart();

diff --git a/wrt_app/service/access_control_manager.ts b/wrt_app/service/access_control_manager.ts
index b3d804c6c9184aa2ae18a753d839f28f615459ad..49b063e28d411f78d8237c1824184708c9da2b50 100644 (file)
--- a/wrt_app/service/access_control_manager.ts
+++ b/wrt_app/service/access_control_manager.ts
@@ -12,7 +12,6 @@ function checkSystemInfoApiPrivilege(func: any, permissions: string[]) {
 }
 
 export function initialize(packageId: string, appId: string, permissions: string[]) {
-  wrt.security?.dropThreadPrivilege(packageId, appId);
   let tizen = global.tizen;
   if (!permissions.includes("http://tizen.org/privilege/alarm")) {
     tizen.alarm.add =