Change cynara client check to admin check for allowed privs

author Zofia Abramowska <z.abramowska@samsung.com>

Mon, 30 Mar 2020 14:22:36 +0000 (16:22 +0200)

committer Zofia Abramowska <z.abramowska@samsung.com>

Fri, 17 Apr 2020 10:27:26 +0000 (12:27 +0200)
author Zofia Abramowska <z.abramowska@samsung.com>
Mon, 30 Mar 2020 14:22:36 +0000 (16:22 +0200)
committer Zofia Abramowska <z.abramowska@samsung.com>
Fri, 17 Apr 2020 10:27:26 +0000 (12:27 +0200)
diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp

index 6f40dd1bfedabdde5c54f447b3699607a83686ad..8be980fec14df071fb53e3251d183eb4407188e8 100644 (file)
--- a/src/common/service_impl.cpp
+++ b/src/common/service_impl.cpp
@@ -1414,7 +1414,11 @@ int ServiceImpl::getAppAllowedPrivileges(const std::string &appProcessLabel,
  
          vectorRemoveDuplicates(privileges);
          for (auto &privilege : privileges) {
-            if (m_cynara.check(appProcessLabel, privilege, uidStr, "")) {
+            int result = CYNARA_ADMIN_DENY;
+            std::string resultExtra;
+            m_cynaraAdmin.check(appProcessLabel, uidStr, privilege, CynaraAdmin::Buckets[Bucket::PRIVACY_MANAGER], result, resultExtra, true);
+            if (result == CYNARA_ADMIN_ALLOW) {
+                LogDebug("Application " << appProcessLabel << " has " << privilege << " allowed");
                  allowedPrivileges.push_back(privilege);
              }
          }
author	Zofia Abramowska <z.abramowska@samsung.com>
	Mon, 30 Mar 2020 14:22:36 +0000 (16:22 +0200)
committer	Zofia Abramowska <z.abramowska@samsung.com>
	Fri, 17 Apr 2020 10:27:26 +0000 (12:27 +0200)