%endif # tizen_profile_tv
+BuildRequires: pkgconfig(security-privilege-manager)
BuildRequires: ninja
BuildRequires: pkgconfig(appcore-common)
BuildRequires: pkgconfig(dlog)
namespace {
const int kDateSize = 22; //"yyy mm dd hh mm ss dd" e.g 115 11 28 11 25 50 -1
-const std::string kPrivilegeAlarm = "http://tizen.org/privilege/alarm.get";
+const std::string kPrivilegeAlarm = "http://tizen.org/privilege/alarm";
const std::string kAlarmRelative = "AlarmRelative";
const std::string kAlarmAbsolute = "AlarmAbsolute";
namespace {
// The privileges that are required in Application API
-const std::string kPrivilegeAppManagerCertificate = "http://tizen.org/privilege/notexist";
+const std::string kPrivilegeAppManagerCertificate = "http://tizen.org/privilege/appmanager.certificate";
const std::string kPrivilegeAppManagerKill = "http://tizen.org/privilege/appmanager.kill";
-const std::string kPrivilegeApplicationInfo = "http://tizen.org/privilege/packagemanager.info";
-const std::string kPrivilegeApplicationLaunch = "http://tizen.org/privilege/appmanager.launch";
+const std::string kPrivilegeApplicationInfo = "http://tizen.org/privilege/application.info";
+const std::string kPrivilegeApplicationLaunch = "http://tizen.org/privilege/application.launch";
} // namespace
using namespace common;
using common::tools::ReportError;
namespace {
-const std::string kPrivilegeFilesystemRead = "http://tizen.org/privilege/systemsettings.admin";
-const std::string kPrivilegeFilesystemWrite = "http://tizen.org/privilege/systemsettings.admin";
+const std::string kPrivilegeFilesystemRead = "http://tizen.org/privilege/filesystem.read";
+const std::string kPrivilegeFilesystemWrite = "http://tizen.org/privilege/filesystem.write";
const std::string kArchiveFileEntryOptDest = "destination";
const std::string kArchiveFileEntryOptStrip = "stripSourceDirectory";
const char kParentId[] = "parentId";
const char kUrl[] = "url";
- const std::string kPrivilegeBookmarkRead = "http://tizen.org/privilege/bookmark.admin";
- const std::string kPrivilegeBookmarkWrite = "http://tizen.org/privilege/bookmark.admin";
+ const std::string kPrivilegeBookmarkRead = "http://tizen.org/privilege/bookmark.read";
+ const std::string kPrivilegeBookmarkWrite = "http://tizen.org/privilege/bookmark.write";
} // namespace
BookmarkInstance::BookmarkInstance() {
'capi-appfw-app-manager',
'capi-appfw-package-manager',
'storage',
+ 'security-privilege-manager',
]
},
'conditions': [
#include "common/tools.h"
+#include <privilegemgr/privilege_manager.h>
+#include <app_manager.h>
+#include <pkgmgr-info.h>
+
#ifdef PRIVILEGE_USE_DB
#include <sqlite3.h>
#include "common/current_application.h"
} // namespace
+
PlatformResult CheckAccess(const std::string& privilege) {
return CheckAccess(std::vector<std::string>{privilege});
}
PlatformResult CheckAccess(const std::vector<std::string>& privileges) {
LoggerD("Enter");
- if (AccessControl::GetInstance().CheckAccess(privileges)) {
- return PlatformResult(ErrorCode::NO_ERROR);
- } else {
- for (const auto& privilege : privileges) {
- LoggerD("Access to privilege: %s has been denied.", privilege.c_str());
+
+ std::string api_version;
+ PlatformResult res = common::tools::GetPkgApiVersion(&api_version);
+ if (res.IsError()) {
+ return res;
+ }
+ LoggerD("Application api version: %s", api_version.c_str());
+
+ for (auto input_priv : privileges) {
+ LoggerD("Input privilege: %s", input_priv.c_str());
+ GList *input_glist = nullptr;
+ GList *mapped_glist = nullptr;
+
+ SCOPE_EXIT {
+ g_list_free(input_glist);
+ g_list_free(mapped_glist);
+ };
+
+ input_glist = g_list_append(input_glist, (void*)input_priv.c_str());
+ int ret = privilege_manager_get_mapped_privilege_list(api_version.c_str(),
+ PRVMGR_PACKAGE_TYPE_WRT,
+ input_glist,
+ &mapped_glist);
+ if (ret != PRVMGR_ERR_NONE) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get mapped privilege list");
+ }
+
+ LoggerD("Mapped privileges:");
+ std::vector<std::string> mapped_vector;
+ auto push_elem = [](gpointer data, gpointer user_data) -> void {
+ if (data && user_data) {
+ std::vector<std::string>* mapped_vector =
+ static_cast<std::vector<std::string>*>(user_data);
+ char* char_data = static_cast<char*>(data);
+ mapped_vector->push_back(char_data);
+ LoggerD("mapped to: %s", char_data);
+ }
+ };
+ g_list_foreach (mapped_glist, push_elem, &mapped_vector);
+
+ if (!AccessControl::GetInstance().CheckAccess(mapped_vector)){
+ for (const auto& mapped_priv : mapped_vector) {
+ LoggerD("Access to privilege: %s has been denied.", mapped_priv.c_str());
+ }
+ return PlatformResult(ErrorCode::SECURITY_ERR, "Permission denied");
+ }
+ }
+ return PlatformResult(ErrorCode::NO_ERROR);
+}
+
+PlatformResult GetPkgApiVersion(std::string* api_version) {
+ LoggerD("Entered");
+
+ char* app_id = nullptr;
+ char* pkgid = nullptr;
+ char* api_ver = nullptr;
+ app_info_h app_handle = nullptr;
+ pkgmgrinfo_pkginfo_h pkginfo_handle = nullptr;
+
+ SCOPE_EXIT {
+ if (app_id) {
+ free(app_id);
}
- return PlatformResult(ErrorCode::SECURITY_ERR, "Permission denied");
+ if (pkgid) {
+ free(pkgid);
+ }
+ if (app_handle) {
+ app_info_destroy(app_handle);
+ }
+ if (pkginfo_handle) {
+ pkgmgrinfo_pkginfo_destroy_pkginfo(pkginfo_handle);
+ }
+ };
+
+ pid_t pid = getpid();
+ int ret = app_manager_get_app_id(pid, &app_id);
+ if (ret != APP_MANAGER_ERROR_NONE) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get app id");
}
+
+ ret = app_info_create(app_id, &app_handle);
+ if (ret != APP_MANAGER_ERROR_NONE) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get app info");
+ }
+
+ ret = app_info_get_package(app_handle, &pkgid);
+ if ((ret != APP_MANAGER_ERROR_NONE) || (pkgid == nullptr)) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get pkg id");
+ }
+
+ ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(pkgid, getuid(), &pkginfo_handle);
+ if (ret != PMINFO_R_OK) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get pkginfo_h");
+ }
+
+ ret = pkgmgrinfo_pkginfo_get_api_version(pkginfo_handle, &api_ver);
+ if (ret != PMINFO_R_OK) {
+ return LogAndCreateResult(ErrorCode::UNKNOWN_ERR, "Fail to get api version");
+ }
+
+ *api_version = api_ver;
+ return PlatformResult(ErrorCode::NO_ERROR);
}
std::string GetErrorString(int error_code) {
common::PlatformResult CheckAccess(const std::string& privilege);
common::PlatformResult CheckAccess(const std::vector<std::string>& privileges);
+common::PlatformResult GetPkgApiVersion(std::string* api_version);
#define CHECK_PRIVILEGE_ACCESS(privilege, out) \
do { \
namespace {
// The privileges that required in Datacontrol API
-const std::string kPrivilegeDatacontrol = "http://tizen.org/privilege/datasharing";
+const std::string kPrivilegeDatacontrol = "http://tizen.org/privilege/datacontrol.consumer";
} // namespace
namespace {
// The privileges that required in Filesystem API
-const std::string kPrivilegeFilesystemRead = "http://tizen.org/privilege/systemsettings.admin";
-const std::string kPrivilegeFilesystemWrite = "http://tizen.org/privilege/systemsettings.admin";
+const std::string kPrivilegeFilesystemRead = "http://tizen.org/privilege/filesystem.read";
+const std::string kPrivilegeFilesystemWrite = "http://tizen.org/privilege/filesystem.write";
}
using namespace common;
}
};
-const std::string kPrivilegeMessagingRead = "http://tizen.org/privilege/message.read";
-const std::string kPrivilegeMessagingWrite = "http://tizen.org/privilege/message.write";
+const std::string kPrivilegeMessagingRead = "http://tizen.org/privilege/messaging.read";
+const std::string kPrivilegeMessagingWrite = "http://tizen.org/privilege/messaging.write";
const long kDumbCallbackId= -1;
}
namespace {
// The privileges that required in NetworkBearerSelection API
-const std::string kPrivilegeNetworkBearerSelection = "http://tizen.org/privilege/network.set";
+const std::string kPrivilegeNetworkBearerSelection = "http://tizen.org/privilege/networkbearerselection";
const std::string kPrivilegeInternet = "http://tizen.org/privilege/internet";
const std::vector<std::string> kNbsPrivileges{kPrivilegeNetworkBearerSelection, kPrivilegeInternet};
const std::string kPrivilegeNfcAdmin = "http://tizen.org/privilege/nfc.admin";
const std::string kPrivilegeNfcCardEmulation = "http://tizen.org/privilege/nfc.cardemulation";
-const std::string kPrivilegeNfcCommon = "http://tizen.org/privilege/nfc";
-const std::string kPrivilegeNfcP2P = "http://tizen.org/privilege/nfc";
-const std::string kPrivilegeNfcTag = "http://tizen.org/privilege/nfc";
+const std::string kPrivilegeNfcCommon = "http://tizen.org/privilege/nfc.common";
+const std::string kPrivilegeNfcP2P = "http://tizen.org/privilege/nfc.p2p";
+const std::string kPrivilegeNfcTag = "http://tizen.org/privilege/nfc.tag";
} // namespace
namespace {
// The privileges that required in Package API
-const std::string kPrivilegePackageInstall = "http://tizen.org/privilege/packagemanager.admin";
+const std::string kPrivilegePackageInstall = "http://tizen.org/privilege/packagemanager.install";
const std::string kPrivilegePackageInfo = "http://tizen.org/privilege/packagemanager.info";
} // namespace
namespace {
// The privileges that required in Power API
-const std::string kPrivilegePower = "http://tizen.org/privilege/display";
+const std::string kPrivilegePower = "http://tizen.org/privilege/power";
const std::map<std::string, PowerResource> kPowerResourceMap = {
{"SCREEN", POWER_RESOURCE_SCREEN},
const std::string SETTING_INCOMING_CALL = "INCOMING_CALL";
const std::string SETTING_NOTIFICATION_EMAIL = "NOTIFICATION_EMAIL";
-const std::string kPrivilegeSetting = "http://tizen.org/privilege/systemsettings.admin";
+const std::string kPrivilegeSetting = "http://tizen.org/privilege/setting";
}
using namespace common;
ACCOUNT_READ: 'http://tizen.org/privilege/account.read',
ACCOUNT_WRITE: 'http://tizen.org/privilege/account.write',
ALARM: 'http://tizen.org/privilege/alarm.get',
- APPLICATION_INFO: 'http://tizen.org/privilege/packagemanager.info',
- APPLICATION_LAUNCH: 'http://tizen.org/privilege/appmanager.launch',
- APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/notexist',
+ APPLICATION_INFO: 'http://tizen.org/privilege/application.info',
+ APPLICATION_LAUNCH: 'http://tizen.org/privilege/application.launch',
+ APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/appmanager.certificate',
APPMANAGER_KILL: 'http://tizen.org/privilege/appmanager.kill',
- BLUETOOTH_ADMIN: 'http://tizen.org/privilege/bluetooth',
- BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth',
- BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth',
- BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth',
- BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetooth.admin',
+ BLUETOOTH_ADMIN: 'http://tizen.org/privilege/bluetooth.admin',
+ BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth.gap',
+ BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth.health',
+ BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth.spp',
+ BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetoothmanager',
BLUETOOTH: 'http://tizen.org/privilege/bluetooth',
- BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.admin',
- BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.admin',
+ BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.read',
+ BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.write',
CALENDAR_READ: 'http://tizen.org/privilege/calendar.read',
CALENDAR_WRITE: 'http://tizen.org/privilege/calendar.write',
CALLHISTORY_READ: 'http://tizen.org/privilege/callhistory.read',
CONTENT_READ: 'http://tizen.org/privilege/content.write',
CONTENT_WRITE: 'http://tizen.org/privilege/content.write',
D2D_DATASHARING: 'http://tizen.org/privilege/d2d.datasharing',
- DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datasharing',
- DATASYNC: 'http://tizen.org/privilege/notexist',
+ DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datacontrol.consumer',
+ DATASYNC: 'http://tizen.org/privilege/datasync',
DOWNLOAD: 'http://tizen.org/privilege/download',
- FILESYSTEM_READ: 'http://tizen.org/privilege/systemsettings.admin',
- FILESYSTEM_WRITE: 'http://tizen.org/privilege/systemsettings.admin',
+ FILESYSTEM_READ: 'http://tizen.org/privilege/filesystem.read',
+ FILESYSTEM_WRITE: 'http://tizen.org/privilege/filesystem.write',
HEALTHINFO: 'http://tizen.org/privilege/healthinfo',
INTERNET: 'http://tizen.org/privilege/internet',
LED: 'http://tizen.org/privilege/led',
LOCATION: 'http://tizen.org/privilege/location',
MEDIACONTROLLER_SERVER: 'http://tizen.org/privilege/mediacontroller.server',
MEDIACONTROLLER_CLIENT: 'http://tizen.org/privilege/mediacontroller.client',
- MESSAGING_READ: 'http://tizen.org/privilege/message.read',
- MESSAGING_WRITE: 'http://tizen.org/privilege/message.write',
- NETWORKBEARERSELECTION: 'http://tizen.org/privilege/network.set',
+ MESSAGING_READ: 'http://tizen.org/privilege/messaging.read',
+ MESSAGING_WRITE: 'http://tizen.org/privilege/messaging.write',
+ NETWORKBEARERSELECTION: 'http://tizen.org/privilege/networkbearerselection',
NFC_ADMIN: 'http://tizen.org/privilege/nfc.admin',
NFC_CARDEMULATION: 'http://tizen.org/privilege/nfc.cardemulation',
- NFC_COMMON: 'http://tizen.org/privilege/nfc',
- NFC_P2P: 'http://tizen.org/privilege/nfc',
- NFC_TAG: 'http://tizen.org/privilege/nfc',
+ NFC_COMMON: 'http://tizen.org/privilege/nfc.common',
+ NFC_P2P: 'http://tizen.org/privilege/nfc.p2p',
+ NFC_TAG: 'http://tizen.org/privilege/nfc.tag',
NOTIFICATION: 'http://tizen.org/privilege/notification',
PACKAGE_INFO: 'http://tizen.org/privilege/packagemanager.info',
- PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.admin',
- POWER: 'http://tizen.org/privilege/display',
+ PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.install',
+ POWER: 'http://tizen.org/privilege/power',
PUSH: 'http://tizen.org/privilege/push',
SECUREELEMENT: 'http://tizen.org/privilege/secureelement',
- SETTING: 'http://tizen.org/privilege/systemsettings.admin',
- SYSTEM: 'http://tizen.org/privilege/telephony',
- SYSTEMMANAGER: 'http://tizen.org/privilege/telephony',
+ SETTING_ADMIN: 'http://tizen.org/privilege/systemsettings.admin',
+ SETTING: 'http://tizen.org/privilege/setting',
+ SYSTEM: 'http://tizen.org/privilege/system',
+ SYSTEMMANAGER: 'http://tizen.org/privilege/systemmanager',
TELEPHONY: 'http://tizen.org/privilege/telephony',
- VOLUME_SET: 'http://tizen.org/privilege/volume.set'
+ VOLUME_SET: 'http://tizen.org/privilege/volume.set',
+ WEBSETTING: 'http://tizen.org/privilege/websetting'
};
Object.freeze(privilege);
#include <sys/types.h>
#include <utility>
#include <unistd.h>
-#include <app_manager.h>
-#include <pkgmgr-info.h>
#include "common/logger.h"
#include "common/scope_exit.h"
void UtilsInstance::GetPkgApiVersion(const picojson::value& args, picojson::object& out) {
LoggerD("Entered");
- char* app_id = nullptr;
- char* pkgid = nullptr;
- app_info_h app_handle = nullptr;
- pkgmgrinfo_pkginfo_h pkginfo_handle = nullptr;
- char *api_version = nullptr;
-
- SCOPE_EXIT {
- if (app_id) {
- free(app_id);
- }
- if (pkgid) {
- free(pkgid);
- }
- if (app_handle) {
- app_info_destroy(app_handle);
- }
- if (pkginfo_handle) {
- pkgmgrinfo_pkginfo_destroy_pkginfo(pkginfo_handle);
- }
- };
-
- pid_t pid = getpid();
- int ret = app_manager_get_app_id(pid, &app_id);
- if (ret != APP_MANAGER_ERROR_NONE) {
- LoggerE("Failed to get app id");
- ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to get app id"), &out);
- return;
- }
-
- ret = app_info_create(app_id, &app_handle);
- if (ret != APP_MANAGER_ERROR_NONE) {
- LoggerE("Fail to get app info");
- ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Fail to get app info"), &out);
- return;
+ std::string api_version;
+ PlatformResult ret = common::tools::GetPkgApiVersion(&api_version);
+ if (ret.IsError()) {
+ ReportError(ret, &out);
}
-
- ret = app_info_get_package(app_handle, &pkgid);
- if ((ret != APP_MANAGER_ERROR_NONE) || (pkgid == nullptr)) {
- LoggerE("Fail to get pkg id");
- ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Fail to get pkg id"), &out);
- return;
- }
-
- ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(pkgid, getuid(), &pkginfo_handle);
- if (ret != PMINFO_R_OK) {
- LoggerE("Fail to get pkginfo_h");
- ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Fail to get pkginfo_h"), &out);
- return;
- }
-
- ret = pkgmgrinfo_pkginfo_get_api_version(pkginfo_handle, &api_version);
- if (ret != PMINFO_R_OK) {
- LoggerE("Fail to get api version");
- ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Fail to get api version"), &out);
- return;
- }
-
ReportSuccess(picojson::value(api_version), out);
}
projects / platform / core / api / webapi-plugins.git / commitdiff