[Filesystem] Added storege privilage checks

author Arkadiusz Pietraszek <a.pietraszek@partner.samsung.com>

Fri, 27 Apr 2018 09:23:56 +0000 (11:23 +0200)

committer Lukasz Bardeli <l.bardeli@samsung.com>

Tue, 15 May 2018 11:41:07 +0000 (13:41 +0200)
author Arkadiusz Pietraszek <a.pietraszek@partner.samsung.com>
Fri, 27 Apr 2018 09:23:56 +0000 (11:23 +0200)
committer Lukasz Bardeli <l.bardeli@samsung.com>
Tue, 15 May 2018 11:41:07 +0000 (13:41 +0200)
diff --git a/src/filesystem/filesystem_instance.cc b/src/filesystem/filesystem_instance.cc

index 5c0f3416fb4f0daf737b8b60bed44ebad825eaad..bd11dcdf34a422e8cc38b66fc9c69d6c862dda8d 100644 (file)
--- a/src/filesystem/filesystem_instance.cc
+++ b/src/filesystem/filesystem_instance.cc
@@ -1286,6 +1286,8 @@ void FilesystemInstance::FileSystemManagerOpenFile(const picojson::value& args,
    }
  
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    const std::string open_mode = GetFopenMode(args);
    FILE* file = nullptr;
    try {
@@ -1311,6 +1313,7 @@ void FilesystemInstance::FileSystemManagerCreateDirectory(const picojson::value&
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
    bool make_parents = args.get("makeParents").get<bool>();
+  CHECK_STORAGE_ACCESS(path, &out);
  
    this->worker.add_job([this, callback_id, path, make_parents] {
      picojson::value response = picojson::value(picojson::object());
@@ -1337,6 +1340,7 @@ void FilesystemInstance::FileSystemManagerDeleteFile(const picojson::value& args
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
  
+  CHECK_STORAGE_ACCESS(path, &out);
    this->worker.add_job([this, callback_id, path] {
      picojson::value response = picojson::value(picojson::object());
      picojson::object& obj = response.get<picojson::object>();
@@ -1361,6 +1365,8 @@ void FilesystemInstance::FileSystemManagerDeleteDirectory(const picojson::value&
  
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    bool recursive = args.get("recursive").get<bool>();
  
    this->worker.add_job([this, callback_id, path, recursive] {
@@ -1399,7 +1405,9 @@ void FilesystemInstance::FileSystemManagerCopyFile(const picojson::value& args,
  
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
+  CHECK_STORAGE_ACCESS(path, &out);
    const std::string& destination_path = args.get("destinationPath").get<std::string>();
+  CHECK_STORAGE_ACCESS(destination_path, &out);
    bool overwrite = args.get("overwrite").get<bool>();
  
    this->worker.add_job([this, callback_id, path, destination_path, overwrite] {
@@ -1444,7 +1452,9 @@ void FilesystemInstance::FileSystemManagerCopyDirectory(const picojson::value& a
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemRead, &out);
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemWrite, &out);
    const std::string& path = args.get("path").get<std::string>();
+  CHECK_STORAGE_ACCESS(path, &out);
    const std::string& destination_path = args.get("destinationPath").get<std::string>();
+  CHECK_STORAGE_ACCESS(destination_path, &out);
    double callback_id = args.get("callbackId").get<double>();
    bool overwrite = args.get("overwrite").get<bool>();
  
@@ -1490,7 +1500,9 @@ void FilesystemInstance::FileSystemManagerMoveFile(const picojson::value& args,
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemWrite, &out);
  
    const std::string& path = args.get("path").get<std::string>();
+  CHECK_STORAGE_ACCESS(path, &out);
    const std::string& destination_path = args.get("destinationPath").get<std::string>();
+  CHECK_STORAGE_ACCESS(destination_path, &out);
    double callback_id = args.get("callbackId").get<double>();
    bool overwrite = args.get("overwrite").get<bool>();
  
@@ -1539,7 +1551,9 @@ void FilesystemInstance::FileSystemManagerMoveDirectory(const picojson::value& a
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemWrite, &out);
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
+  CHECK_STORAGE_ACCESS(path, &out);
    const std::string& destination_path = args.get("destinationPath").get<std::string>();
+  CHECK_STORAGE_ACCESS(destination_path, &out);
    bool overwrite = args.get("overwrite").get<bool>();
  
    this->worker.add_job([this, callback_id, path, destination_path, overwrite] {
@@ -1581,6 +1595,8 @@ void FilesystemInstance::FileSystemManagerRename(const picojson::value& args,
    ScopeLogger();
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemWrite, &out);
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    double callback_id = args.get("callbackId").get<double>();
    const std::string& new_name = args.get("newName").get<std::string>();
  
@@ -1637,6 +1653,7 @@ void FilesystemInstance::FileSystemManagerListDirectory(const picojson::value& a
    double callback_id = args.get("callbackId").get<double>();
    const std::string& path = args.get("path").get<std::string>();
    const picojson::object& filter = args.get("filter").get<picojson::object>();
+  CHECK_STORAGE_ACCESS(path, &out);
  
    this->worker.add_job([this, callback_id, path, filter] {
      ScopeLogger();
@@ -1725,6 +1742,8 @@ void FilesystemInstance::FileSystemManagerIsFile(const picojson::value& args,
    ScopeLogger();
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemRead, &out);
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    picojson::value is_file{};
    try {
      struct stat buf {};
@@ -1745,6 +1764,8 @@ void FilesystemInstance::FileSystemManagerIsDirectory(const picojson::value& arg
    ScopeLogger();
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemRead, &out);
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    picojson::value is_directory{};
    try {
      struct stat buf {};
@@ -1765,6 +1786,8 @@ void FilesystemInstance::FileSystemManagerPathExists(const picojson::value& args
    ScopeLogger();
    CHECK_PRIVILEGE_ACCESS(kPrivilegeFilesystemRead, &out);
    const std::string& path = args.get("path").get<std::string>();
+
+  CHECK_STORAGE_ACCESS(path, &out);
    picojson::value does_file_exist = picojson::value{true};
    try {
      struct stat buf {};
author	Arkadiusz Pietraszek <a.pietraszek@partner.samsung.com>
	Fri, 27 Apr 2018 09:23:56 +0000 (11:23 +0200)
committer	Lukasz Bardeli <l.bardeli@samsung.com>
	Tue, 15 May 2018 11:41:07 +0000 (13:41 +0200)