alarm-service
icu-i18n
contacts-service2
- security-server
capi-appfw-package-manager
libtzplatform-config
- )
+)
FOREACH(flag ${pkgs_CFLAGS})
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
<manifest>
- <define>
- <domain name="calendar-service"/>
- <provide>
- <label name="calendar-service::initdb" />
- <label name="calendar-service::db" />
- <label name="calendar-service::svc" />
- </provide>
- <request>
- <smack request="calendar-service::initdb" type="rwxatl"/>
- <smack request="calendar-service::db" type="rwxatl"/>
- <smack request="calendar-service::svc" type="rwxatl"/>
- <smack request="sys-assert::core" type="rwxat"/>
- <smack request="contacts-service::svc" type="rw"/>
- <smack request="pkgmgr" type="r"/>
- <smack request="pkgmgr::db" type="rw"/>
- <smack request="libaccounts-svc" type="r"/>
- <smack request="libaccounts-svc::db" type="rl"/>
- <smack request="libaccounts-svc::check_read" type="r"/>
- <smack request="alarm-server::alarm" type="rw"/>
- <smack request="security-server::api-cookie-check" type="w"/>
- </request>
- </define>
- <assign>
- <filesystem path="/usr/lib/*" label="_" exec_label="none"/>
- <filesystem path="/opt/usr/dbspace/.calendar-svc.db" label="calendar-service::db" />
- <filesystem path="/opt/usr/dbspace/.calendar-svc.db-journal" label="calendar-service::db" />
- <filesystem path="/opt/usr/data/calendar-svc/.CALENDAR_SVC_CALENDAR_CHANGED" label="calendar-service::svc" />
- <filesystem path="/opt/usr/data/calendar-svc/.CALENDAR_SVC_EVENT_CHANGED" label="calendar-service::svc" />
- <filesystem path="/opt/usr/data/calendar-svc/.CALENDAR_SVC_TODO_CHANGED" label="calendar-service::svc" />
- </assign>
- <request>
- <domain name="calendar-service" />
- </request>
+ <request>
+ <domain name="_"/>
+ </request>
</manifest>
#include <stdlib.h> //calloc
#include <pims-ipc.h>
#include <glib-object.h> //g_type_init
-#include <security-server.h>
#include <errno.h>
#include "calendar_service.h"
void __cal_client_ipc_lock(void);
void __cal_client_ipc_unlock(void);
-static int __cal_client_ipc_get_cookie_for_access_control(pims_ipc_data_h *indata)
-{
- int ret = CALENDAR_ERROR_NONE;
- size_t cookie_size =0;
- pims_ipc_data_h data;
-
- cookie_size = security_server_get_cookie_size();
- retvm_if(cookie_size<=0,CALENDAR_ERROR_NOT_PERMITTED,"get cookie_size fail");
-
- char cookie[256] = {0,};
- char *e_cookie = NULL;
- ret = security_server_request_cookie(cookie, cookie_size);
- retvm_if(ret<0,CALENDAR_ERROR_NOT_PERMITTED,"get cookie fail");
-
- data = pims_ipc_data_create(0);
- retvm_if(data==NULL,CALENDAR_ERROR_OUT_OF_MEMORY,"ipc data created fail!");
-
- ret = _cal_ipc_marshal_int(cookie_size, data);
-
- if (ret != CALENDAR_ERROR_NONE)
- {
- ERR("ipc marshal fail");
- pims_ipc_data_destroy(data);
- return ret;
- }
- e_cookie = g_base64_encode((const guchar *)cookie, cookie_size);
- if (e_cookie == NULL)
- {
- ERR("base64 encode fail");
- pims_ipc_data_destroy(data);
- ret = CALENDAR_ERROR_OUT_OF_MEMORY;
- return ret;
- }
-
- ret = _cal_ipc_marshal_char(e_cookie, data);
- CAL_FREE(e_cookie);
- if (ret != CALENDAR_ERROR_NONE)
- {
- ERR("ipc marshal fail");
- pims_ipc_data_destroy(data);
- return ret;
- }
-
- *indata = data;
-
- return CALENDAR_ERROR_NONE;
-}
-
API int calendar_connect(void)
{
int ret = CALENDAR_ERROR_NONE;
- pims_ipc_data_h indata = NULL;
pims_ipc_data_h outdata = NULL;
pims_ipc_h ipc_handle = NULL;
_cal_mutex_lock(CAL_MUTEX_CONNECTION);
// ipc create
- if (calendar_ipc == NULL)
- {
+ if (calendar_ipc == NULL) {
ipc_handle = pims_ipc_create(CAL_IPC_SOCKET_PATH);
- if (ipc_handle == NULL)
- {
- if (errno == EACCES)
- {
+ if (ipc_handle == NULL) {
+ if (errno == EACCES) {
ERR("pims_ipc_create() Failed : Permission denied");
ret = CALENDAR_ERROR_PERMISSION_DENIED;
- }
- else
- {
+ } else {
ERR("pims_ipc_create() Failed(%d)", CALENDAR_ERROR_IPC);
ret = CALENDAR_ERROR_IPC;
}
goto ERROR_RETURN;
}
- }
- else
- {
+ } else {
calendar_connection_count++;
CAL_DBG("calendar already connected = %d",calendar_connection_count);
ret = CALENDAR_ERROR_NONE;
return ret;
}
- ret = __cal_client_ipc_get_cookie_for_access_control(&indata);
- if( ret != CALENDAR_ERROR_NONE)
- {
- goto ERROR_RETURN;
- }
-
// ipc call
- if (pims_ipc_call(ipc_handle, CAL_IPC_MODULE, CAL_IPC_SERVER_CONNECT, indata, &outdata) != 0)
- {
+ if (pims_ipc_call(ipc_handle, CAL_IPC_MODULE, CAL_IPC_SERVER_CONNECT, NULL, &outdata) != 0) {
ERR("pims_ipc_call failed");
- pims_ipc_data_destroy(indata);
ret = CALENDAR_ERROR_IPC;
goto ERROR_RETURN;
}
- pims_ipc_data_destroy(indata);
- indata = NULL;
-
- if (outdata)
- {
+ if (outdata) {
// check outdata
unsigned int size = 0;
ret = *(int*) pims_ipc_data_get(outdata,&size);
-
pims_ipc_data_destroy(outdata);
-
- if (ret != CALENDAR_ERROR_NONE)
- {
+ if (ret != CALENDAR_ERROR_NONE) {
ERR("calendar_connect return (%d)",ret);
goto ERROR_RETURN;
}
- }
- else
- {
+ } else {
ERR("ipc outdata is NULL");
ret = CALENDAR_ERROR_IPC;
goto ERROR_RETURN;
API int calendar_connect_on_thread(void)
{
int ret = CALENDAR_ERROR_NONE;
- pims_ipc_data_h indata = NULL;
pims_ipc_data_h outdata = NULL;
CAL_FN_CALL;
// ipc create
- if (calendar_ipc_thread == NULL)
- {
+ if (calendar_ipc_thread == NULL) {
calendar_ipc_thread = pims_ipc_create(CAL_IPC_SOCKET_PATH);
- if (calendar_ipc_thread == NULL)
- {
+ if (calendar_ipc_thread == NULL) {
if (errno == EACCES) {
ERR("pims_ipc_create() Failed(%d)", CALENDAR_ERROR_PERMISSION_DENIED);
ret = CALENDAR_ERROR_PERMISSION_DENIED;
goto ERROR_RETURN;
- }
- else {
+ } else {
ERR("pims_ipc_create() Failed(%d)", CALENDAR_ERROR_OUT_OF_MEMORY);
ret = CALENDAR_ERROR_OUT_OF_MEMORY;
goto ERROR_RETURN;
}
}
- }
- else
- {
+ } else {
CAL_DBG("calendar already connected");
ret = CALENDAR_ERROR_NONE;
goto ERROR_RETURN;
}
- ret = __cal_client_ipc_get_cookie_for_access_control(&indata);
- if( ret != CALENDAR_ERROR_NONE)
- {
- goto ERROR_RETURN;
- }
-
// ipc call
- if (pims_ipc_call(calendar_ipc_thread, CAL_IPC_MODULE, CAL_IPC_SERVER_CONNECT, indata, &outdata) != 0)
- {
+ if (pims_ipc_call(calendar_ipc_thread, CAL_IPC_MODULE, CAL_IPC_SERVER_CONNECT, NULL, &outdata) != 0) {
ERR("pims_ipc_call failed");
- pims_ipc_data_destroy(indata);
ret = CALENDAR_ERROR_IPC;
goto ERROR_RETURN;
}
- pims_ipc_data_destroy(indata);
- indata = NULL;
-
- if (outdata)
- {
+ if (outdata) {
// check outdata
unsigned int size = 0;
ret = *(int*) pims_ipc_data_get(outdata,&size);
+++ /dev/null
-/*
- * Calendar Service
- *
- * Copyright (c) 2012 - 2013 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef __TIZEN_SOCIAL_CALENDAR2_H__
-#define __TIZEN_SOCIAL_CALENDAR2_H__
-
-#include <calendar.h>
-
-#endif /* __TIZEN_SOCIAL_CALENDAR2_H__ */
#include <pthread.h>
#include <signal.h>
-#include <security-server.h>
-#include <sys/smack.h>
-
#include <string.h>
+#include <sys/smack.h>
#include <pims-ipc-svc.h>
#include "calendar_db.h"
-
#include "cal_internal.h"
#include "cal_typedef.h"
#include "cal_view.h"
typedef struct {
unsigned int thread_id;
+ pims_ipc_h ipc;
char *smack_label;
- cal_permission_e permission;
int *write_list;
-}calendar_permission_info_s;
+} calendar_permission_info_s;
static GList *__thread_list = NULL;
static int have_smack = -1;
static calendar_permission_info_s* __cal_access_control_find_permission_info(unsigned int thread_id);
-static void __cal_access_control_set_permission_info(unsigned int thread_id, const char *cookie);
static void __cal_access_control_disconnected_cb(pims_ipc_h ipc, void *user_data);
static calendar_permission_info_s* __cal_access_control_find_permission_info(unsigned int thread_id)
return have_smack;
}
-static void __cal_access_control_set_permission_info(unsigned int thread_id, const char *cookie)
+static void __cal_access_control_set_permission_info(calendar_permission_info_s *info)
{
- calendar_permission_info_s *info = NULL;
- const char *smack_label;
bool smack_enabled = false;
if (__cal_have_smack() == 1)
else
INFO("SAMCK disabled");
- info = __cal_access_control_find_permission_info(thread_id);
- if(info == NULL) {
- ERR("dont' have access info of this thread(%d)", thread_id);
- return ;
- }
- smack_label = info->smack_label;
-
- if ((smack_label && 0 == strcmp(smack_label, "calendar-service")) || !smack_enabled) {
- info->permission |= CAL_PERMISSION_READ;
- info->permission |= CAL_PERMISSION_WRITE;
- }
- else if (cookie) {
- if (SECURITY_SERVER_API_SUCCESS == security_server_check_privilege_by_cookie(cookie, "calendar-service::svc", "r"))
- info->permission |= CAL_PERMISSION_READ;
- if (SECURITY_SERVER_API_SUCCESS == security_server_check_privilege_by_cookie(cookie, "calendar-service::svc", "w"))
- info->permission |= CAL_PERMISSION_WRITE;
- }
- SEC_INFO("Thread(0x%x), info(%p), smack :%s, permission:%d", thread_id, info, smack_label, info->permission);
-
- CAL_FREE(info->write_list);
+ free(info->write_list);
+ info->write_list = NULL;
- char query[CAL_DB_SQL_MAX_LEN] = {0,};
+ char query[CAL_DB_SQL_MAX_LEN] = {0};
int count = 0;
int ret = 0;
sqlite3_stmt *stmt;
ERR("DB get Failed");
return;
}
-
- if (info->permission & CAL_PERMISSION_WRITE) {
- info->write_list = calloc(count+1, sizeof(int));
- info->write_list[0] = -1;
- }
+ info->write_list = calloc(count, sizeof(int));
+ retm_if(NULL == info->write_list, "calloc() Fail");
+ info->write_list[0] = -1;
snprintf(query, sizeof(query),
"SELECT id, mode, owner_label FROM %s WHERE deleted = 0 ", CAL_TABLE_CALENDAR);
stmt = _cal_db_util_query_prepare(query);
if (NULL == stmt) {
- ERR("DB Failed");
+ ERR("_cal_db_util_query_prepare() Fail");
return;
}
while (CAL_DB_ROW == _cal_db_util_stmt_step(stmt)) {
- int id = 0;
- int mode = 0;
- char *temp = NULL;
-
- id = sqlite3_column_int(stmt, 0);
- mode = sqlite3_column_int(stmt, 1);
- temp = (char *)sqlite3_column_text(stmt, 2);
-
- if ( temp && ( (smack_label && 0 == strcmp(temp, smack_label)) ||
- ( smack_label && 0 == strcmp(smack_label, "calendar-service") ) ) ) {// owner and calendar-service
- if (info->permission & CAL_PERMISSION_WRITE)
- info->write_list[write_index++] = id;
- }
- else {
- switch(mode) {
- case CALENDAR_BOOK_MODE_NONE:
- if (info->permission & CAL_PERMISSION_WRITE)
- info->write_list[write_index++] = id;
- break;
- case CALENDAR_BOOK_MODE_RECORD_READONLY:
- default:
- break;
- }
- }
- } // while
-
- if (info->permission & CAL_PERMISSION_WRITE)
- info->write_list[write_index] = -1;
-
+ int id = sqlite3_column_int(stmt, 0);
+ int mode = sqlite3_column_int(stmt, 1);
+ char temp = (char *)sqlite3_column_text(stmt, 2);
+
+ if (!smack_enabled) // smack disabled
+ info->write_list[write_index++] = id;
+ else if (NULL == info->ipc) // calendar-service daemon
+ info->write_list[write_index++] = id;
+ else if (info->smack_label && temp && 0 == strcmp(temp, info->smack_label)) // owner
+ info->write_list[write_index++] = id;
+ else if (CALENDAR_BOOK_MODE_NONE == mode)
+ info->write_list[write_index++] = id;
+ }
+ info->write_list[write_index] = -1;
sqlite3_finalize(stmt);
}
-void _cal_access_control_set_client_info(const char* smack_label, const char* cookie)
+void _cal_access_control_set_client_info(pims_ipc_h ipc, const char *smack_label)
{
- unsigned int thread_id = (unsigned int)pthread_self();
+ unsigned int thread_id = 0;
calendar_permission_info_s *info = NULL;
_cal_mutex_lock(CAL_MUTEX_ACCESS_CONTROL);
+
+ thread_id = (unsigned int)pthread_self();
info = __cal_access_control_find_permission_info(thread_id);
if (NULL == info) {
info = calloc(1, sizeof(calendar_permission_info_s));
+ if (NULL == info) {
+ ERR("calloc() Fail");
+ _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
+ return;
+ }
__thread_list = g_list_append(__thread_list, info);
}
info->thread_id = thread_id;
- CAL_FREE(info->smack_label);
+ info->ipc = ipc;
+
+ free(info->smack_label);
info->smack_label = SAFE_STRDUP(smack_label);
- __cal_access_control_set_permission_info(thread_id, cookie);
+ __cal_access_control_set_permission_info(info);
- // for close DB or free access_control when client is disconnected
- pims_ipc_svc_set_client_disconnected_cb(__cal_access_control_disconnected_cb,NULL);
+ if (info->ipc)
+ pims_ipc_svc_set_client_disconnected_cb(__cal_access_control_disconnected_cb,NULL);
_cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
}
_cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
}
-bool _cal_access_control_have_permission(cal_permission_e permission)
+bool _cal_access_control_have_permission(pims_ipc_h ipc, cal_permission_e permission)
{
- calendar_permission_info_s *find = NULL;
+ have_smack = __cal_have_smack();
+ if (have_smack != 1) // smack disabled
+ return true;
- _cal_mutex_lock(CAL_MUTEX_ACCESS_CONTROL);
- find = __cal_access_control_find_permission_info(pthread_self());
- if (!find) {
- _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
- return false;
- }
+ if (NULL == ipc) // calendar-service daemon
+ return true;
- if (CAL_PERMISSION_NONE == permission) {
- _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
+ if ((CAL_PERMISSION_READ& permission) && !pims_ipc_svc_check_privilege(ipc, CAL_PRIVILEGE_READ))
return false;
- }
- if ((find->permission & permission) == permission) {
- _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
- return true;
- }
-
- _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
- ERR("Does not have permission %d, this module has permission %d",
- permission, find->permission);
+ if ((CAL_PERMISSION_WRITE & permission) && !pims_ipc_svc_check_privilege(ipc, CAL_PRIVILEGE_WRITE))
+ return false;
- return false;
+ return true;
}
char* _cal_access_control_get_label(void)
{
unsigned int thread_id = (unsigned int)pthread_self();
calendar_permission_info_s *info = NULL;
- char *tmp = NULL;
_cal_mutex_lock(CAL_MUTEX_ACCESS_CONTROL);
info = __cal_access_control_find_permission_info(thread_id);
- if (info == NULL) {
- _cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
- return NULL;
+ char *smack_label = NULL;
+ if (info && info->smack_label) {
+ smack_label = strdup(info->smack_label);
}
- tmp = SAFE_STRDUP(info->smack_label);
_cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
-
- return tmp;
+ return smack_label;
}
-
void _cal_access_control_reset(void)
{
_cal_mutex_lock(CAL_MUTEX_ACCESS_CONTROL);
calendar_permission_info_s *info = NULL;
info = cursor->data;
if (info)
- __cal_access_control_set_permission_info(info->thread_id, NULL);
+ __cal_access_control_set_permission_info(info);
}
_cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
}
static void __cal_access_control_disconnected_cb(pims_ipc_h ipc, void *user_data)
{
ENTER();
- calendar_permission_info_s *find = NULL;
+ calendar_permission_info_s *info = NULL;
_cal_mutex_lock(CAL_MUTEX_ACCESS_CONTROL);
- find = __cal_access_control_find_permission_info(pthread_self());
- if (find) {
- CAL_FREE(find->smack_label);
- CAL_FREE(find->write_list);
- __thread_list = g_list_remove(__thread_list, find);
- free(find);
+ info = (calendar_permission_info_s *)user_data;
+ if (info) {
+ INFO("Thread(0x%x), info(%p)", info->thread_id, info);
+ free(info->smack_label);
+ free(info->write_list);
+ __thread_list = g_list_remove(__thread_list, info);
+ free(info);
}
_cal_mutex_unlock(CAL_MUTEX_ACCESS_CONTROL);
+
// if client did not call disconnect function such as disconnect
// DB will be closed in _cal_db_internal_disconnect()
_cal_calendar_internal_disconnect();
#ifndef __CALENDAR_SVC_ACCESS_CONTROL_H__
#define __CALENDAR_SVC_ACCESS_CONTROL_H__
+#include <pims-ipc.h>
#include "cal_typedef.h"
-void _cal_access_control_set_client_info(const char* smack_label, const char* cookie);
-void _cal_access_control_unset_client_info(void);
-bool _cal_access_control_have_permission(cal_permission_e permission);
+#define CAL_PRIVILEGE_READ "http://tizen.org/privilege/calendar.read"
+#define CAL_PRIVILEGE_WRITE "http://tizen.org/privilege/calendar.write"
+void _cal_access_control_set_client_info(pims_ipc_h ipc, const char* smack_label);
+void _cal_access_control_unset_client_info(void);
char* _cal_access_control_get_label(void);
-
void _cal_access_control_reset(void); // reset read_list, write_list..
bool _cal_access_control_have_write_permission(int calendarbook_id);
-
int _cal_is_owner(int calendarbook_id);
#endif // __CALENDAR_SVC_ACCESS_CONTROL_H__
int ret = 0;
int is_deleted = 0;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == current_calendar_db_version || NULL == view_uri || NULL == record_list,
CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
int transaction_ver = 0;
int ret;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == current_version, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
ret = _cal_db_util_query_get_first_int_result(query, NULL, &transaction_ver);
{
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == record, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
cal_db_plugin_cb_s* plugin_cb = __cal_db_get_plugin(((cal_record_s *)record)->type);
API int calendar_db_get_record( const char* view_uri, int id, calendar_record_h* out_record )
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
return _cal_db_get_record(view_uri, id, out_record);
}
cal_record_s *temp=NULL ;
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == record, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
temp = (cal_record_s*)(record);
int ret = CALENDAR_ERROR_NONE;
cal_record_type_e type = CAL_RECORD_TYPE_INVALID;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == view_uri, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
type = _cal_view_get_type(view_uri);
cal_record_type_e type = CAL_RECORD_TYPE_INVALID;
calendar_list_h list = NULL;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == view_uri, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
type = _cal_view_get_type(view_uri);
cal_query_s *que = NULL;
calendar_list_h list = NULL;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == query, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
que = (cal_query_s *)query;
cal_db_util_error_e dbret = CAL_DB_OK;
int len = 0;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(calendar_book_id < 0, CALENDAR_ERROR_INVALID_PARAMETER, "calendar_id(%d) is Invalid", calendar_book_id);
ret = _cal_db_util_begin_trans();
int ret = CALENDAR_ERROR_NONE;
cal_record_type_e type = CAL_RECORD_TYPE_INVALID;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == view_uri, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
type = _cal_view_get_type(view_uri);
cal_record_type_e type = CAL_RECORD_TYPE_INVALID;
cal_query_s *que = NULL;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == query, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
que = (cal_query_s *)query;
int *_ids = NULL;
int _count = 0;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == list, CALENDAR_ERROR_NOT_PERMITTED, "Not permitted");
ret = _cal_db_util_begin_trans();
API int calendar_db_insert_records_async(calendar_list_h list, calendar_db_insert_result_cb callback, void *user_data)
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == list, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
#ifdef CAL_NATIVE
int count = 0;
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == list, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
ret = _cal_db_util_begin_trans();
API int calendar_db_update_records_async( calendar_list_h list, calendar_db_result_cb callback, void *user_data)
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
#ifdef CAL_NATIVE
if (callback != NULL)
API int calendar_db_delete_records(const char* view_uri, int record_id_array[], int count)
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == view_uri, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == record_id_array, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(count <= 0, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
API int calendar_db_delete_records_async(const char* view_uri, int ids[], int count, calendar_db_result_cb callback, void *user_data)
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == view_uri, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == ids, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(count <= 0, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
int i = 0;
int *ids = NULL;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == vcalendar_stream, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == record_id_array, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == count, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
API int calendar_db_insert_vcalendars_async(const char* vcalendar_stream, calendar_db_insert_result_cb callback, void *user_data)
{
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == vcalendar_stream, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == callback, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
int list_count = 0;
int i = 0;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == vcalendar_stream, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == record_id_array, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(count <= 0, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
API int calendar_db_replace_vcalendars_async(const char* vcalendar_stream, int *record_id_array, int count, calendar_db_result_cb callback, void *user_data)
{
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == vcalendar_stream, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == callback, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == record_id_array, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
cal_record_s *temp=NULL ;
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == record, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(record_id < 0, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
int i;
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == list, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == ids, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(count <= 0, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
{
int ret = CALENDAR_ERROR_NONE;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_WRITE),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : write ");
retvm_if(NULL == record_list, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == callback, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
retvm_if(NULL == record_id_array, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
API int calendar_db_get_last_change_version(int* last_version)
{
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == last_version, CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
*last_version = _cal_db_util_get_transaction_ver();
return CALENDAR_ERROR_NONE;
int ret = 0;
int is_deleted = 0;
- retvm_if(!_cal_access_control_have_permission(CAL_PERMISSION_READ),
- CALENDAR_ERROR_PERMISSION_DENIED, "Permission denied : read ");
retvm_if(NULL == view_uri || NULL == record_list || original_event_id <= 0,
CALENDAR_ERROR_INVALID_PARAMETER, "Invalid parameter");
BuildRequires: pkgconfig(capi-base-common)
BuildRequires: pkgconfig(contacts-service2)
BuildRequires: pkgconfig(pims-ipc)
-BuildRequires: pkgconfig(security-server)
BuildRequires: pkgconfig(capi-appfw-package-manager)
BuildRequires: pkgconfig(accounts-svc)
BuildRequires: pkgconfig(capi-appfw-application)
BuildRequires: pkgconfig(libtzplatform-config)
+BuildRequires: pkgconfig(libsmack)
%description
DB library for calendar
accounts-svc
capi-appfw-application
libtzplatform-config
- )
+ libsmack
+)
FOREACH(flag ${calserver_pkgs_CFLAGS})
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
}
// access_control
- _cal_access_control_set_client_info("calendar-service", NULL);
+ _cal_access_control_set_client_info(NULL, NULL);
ret = account_subscribe_create(&cal_account_h);
if (ACCOUNT_ERROR_NONE == ret) {
ret = calendar_connect();
if (CALENDAR_ERROR_NONE != ret)
break;
- _cal_access_control_set_client_info("calendar-service", NULL);
+ _cal_access_control_set_client_info(NULL, NULL);
while(1) {
if (__cal_server_contacts_sync() == false) {
#include <stdlib.h>
#include <malloc.h> // malloc_trim
-#include <security-server.h>
+#include <pims-ipc-svc.h>
#include "calendar_service.h"
#include "calendar_db.h"
void _cal_server_ipc_connect(pims_ipc_h ipc, pims_ipc_data_h indata, pims_ipc_data_h *outdata, void *userdata)
{
int ret = CALENDAR_ERROR_NONE;
- char *smack_label = NULL;
- char *cookie = NULL;
-
- if (indata)
- {
- int cookie_size = 0;
- char *buf = NULL;
- gsize buf_len;
- // Access control : get cookie from indata
- ret = _cal_ipc_unmarshal_int(indata, &cookie_size);
- if (ret != CALENDAR_ERROR_NONE)
- {
- ERR("_cal_ipc_unmarshal_int fail");
- goto ERROR_RETURN;
- }
-
- if (cookie_size <= 0)
- {
- ERR("cookie size is %d", cookie_size);
- ret = CALENDAR_ERROR_IPC;
- goto ERROR_RETURN;
- }
-
- ret = _cal_ipc_unmarshal_char(indata, &buf);
- if (ret != CALENDAR_ERROR_NONE)
- {
- ERR("_cal_ipc_unmarshal_char fail");
- goto ERROR_RETURN;
- }
- cookie = (char*)g_base64_decode((const gchar*)buf, &buf_len);
- CAL_FREE(buf);
- smack_label = security_server_get_smacklabel_cookie(cookie);
- if (NULL == smack_label)
- {
- ERR("security_server_get_smacklabel_cookie fail");
- ret = CALENDAR_ERROR_SYSTEM;
- CAL_FREE(cookie);
- goto ERROR_RETURN;
- }
- }
- else
- {
- ERR("There is no indata fail");
- ret = CALENDAR_ERROR_SYSTEM;
- goto ERROR_RETURN;
- }
ret = calendar_connect();
if (ret == CALENDAR_ERROR_NONE) {
- _cal_access_control_set_client_info(smack_label, cookie);
+ char *smack_label = NULL;
+ if (0 != pims_ipc_svc_get_smack_label(ipc, &smack_label))
+ ERR("pims_ipc_svc_get_smack_label() Fail");
+ _cal_access_control_set_client_info(ipc, smack_label);
}
-ERROR_RETURN:
if (outdata) {
*outdata = pims_ipc_data_create(0);
if (!*outdata) {
ERR("pims_ipc_data_create fail");
- goto DATA_FREE;
+ return;
}
if (pims_ipc_data_put(*outdata,(void*)&ret,sizeof(int)) != 0) {
pims_ipc_data_destroy(*outdata);
*outdata = NULL;
ERR("pims_ipc_data_put fail");
- goto DATA_FREE;
+ return;
}
- }
- else {
+ } else {
ERR("outdata is NULL");
}
-
-DATA_FREE:
- CAL_FREE(cookie);
- CAL_FREE(smack_label);
- return;
}
void _cal_server_ipc_disconnect(pims_ipc_h ipc, pims_ipc_data_h indata, pims_ipc_data_h *outdata, void *userdata)
goto ERROR_RETURN;
}
- result = _cal_access_control_have_permission(permission);
+ result = _cal_access_control_have_permission(ipc, permission);
ERROR_RETURN:
*outdata = pims_ipc_data_create(0);
calendar_record_h record = NULL;
int id = 0;
- if (indata)
- {
+ if (indata) {
ret = _cal_ipc_unmarshal_record(indata,&record);
- if (ret != CALENDAR_ERROR_NONE)
- {
+ if (ret != CALENDAR_ERROR_NONE) {
ERR("_cal_ipc_unmarshal_record fail");
record = NULL;
goto ERROR_RETURN;
}
- }
- else
- {
+ } else {
ret = CALENDAR_ERROR_INVALID_PARAMETER;
ERR("_cal_server_ipc_db_insert_record fail");
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_insert_record(record, &id);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_record(view_uri,id,&record);
ERROR_RETURN:
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_update_record(record);
ERROR_RETURN:
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_delete_record(view_uri,id);
ERROR_RETURN:
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_all_records(view_uri,offset,limit,&list);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_records_with_query(query,offset,limit,&list);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_clean_after_sync(calendar_book_id, calendar_db_version);
ERROR_RETURN:
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_count(view_uri,&count);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_count_with_query(query,&count);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_insert_records(list, &ids, &id_count);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_update_records(list);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_delete_records(uri,ids,count);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_changes_by_version(view_uri,calendar_book_id,calendar_db_version,&record_list,¤t_calendar_db_version);
if (outdata)
int ret = CALENDAR_ERROR_NONE;
int calendar_db_version = 0;
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ return;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_current_version(&calendar_db_version);
+ERROR_RETURN:
if (outdata)
{
*outdata = pims_ipc_data_create(0);
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_insert_vcalendars(stream, &ids, &count);
if (ret != CALENDAR_ERROR_NONE)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_replace_vcalendars(stream, ids, count);
if (ret != CALENDAR_ERROR_NONE)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_replace_record(record, id);
ERROR_RETURN:
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_WRITE)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_replace_records(list, ids, count);
if (outdata)
goto ERROR_RETURN;
}
+ if (false == _cal_access_control_have_permission(ipc, CAL_PRIVILEGE_READ)) {
+ ret = CALENDAR_ERROR_PERMISSION_DENIED;
+ goto ERROR_RETURN;
+ }
+
ret = calendar_db_get_changes_exception_by_version(view_uri,original_event_id,calendar_db_version,&record_list);
if (outdata)