Add privilege check

Change-Id: I33c507db68c756abae86c7b0869fac805774b704

diff --git a/CMakeLists.txt b/CMakeLists.txt
index be11558f61ca9867c1a83b2f3d3bae64a5342791..8ced952cfe0885d6188a9fa4fd819edca57cc380 100755 (executable)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,7 +9,7 @@ SET(PREFIX ${CMAKE_INSTALL_PREFIX})
 SET(INC_DIR include)
 INCLUDE_DIRECTORIES(${INC_DIR})
 
-SET(dependents "dlog gio-2.0 gio-unix-2.0 glib-2.0 capi-base-common dbus-1 vconf libssl capi-system-info")
+SET(dependents "dlog gio-2.0 gio-unix-2.0 glib-2.0 capi-base-common dbus-1 vconf libssl capi-system-info cynara-client")
 
 SET(CMAKE_BUILD_TYPE "Release")
 

diff --git a/include/softap_private.h b/include/softap_private.h
index 16a05028f918c3f8ec8fc3257261f55389e38eab..933fef84c9dafd3f469b2adf512777008e8091b8 100644 (file)
--- a/include/softap_private.h
+++ b/include/softap_private.h
@@ -253,6 +253,7 @@ typedef struct {
        time_t tm;                                              /**< connection time */
 } __softap_client_h;
 
+int _softap_check_permission(void);
 void _softap_add_handle(softap_h handle);
 void _softap_remove_handle(softap_h handle);
 bool _softap_check_handle(softap_h handle);

diff --git a/packaging/capi-network-softap.spec b/packaging/capi-network-softap.spec
index 08a5956c250c5cb83ffcee3830c71349e8140013..e31c8cbeb25d4254f906c101920ddfaafc81093a 100644 (file)
--- a/packaging/capi-network-softap.spec
+++ b/packaging/capi-network-softap.spec
@@ -1,6 +1,6 @@
 Name:          capi-network-softap
 Summary:       Softap Framework
-Version:       0.0.22
+Version:       0.0.23
 Release:       1
 Group:         System/Network
 License:       Apache-2.0
@@ -13,6 +13,7 @@ BuildRequires:        pkgconfig(gio-2.0)
 BuildRequires: pkgconfig(vconf)
 BuildRequires: pkgconfig(libssl)
 BuildRequires: pkgconfig(capi-system-info)
+BuildRequires: pkgconfig(cynara-client)
 BuildRequires: cmake
 Requires(post):                /sbin/ldconfig
 Requires(postun):      /sbin/ldconfig

diff --git a/src/softap.c b/src/softap.c
index a067fc365b77577bfb4edf4713a1e528c730c4f7..0ba581ce8fc75416e7caad06f02774266ac51d5e 100755 (executable)
--- a/src/softap.c
+++ b/src/softap.c
@@ -791,6 +791,9 @@ API int softap_create(softap_h *softap)
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -893,6 +896,9 @@ API int softap_destroy(softap_h softap)
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1007,6 +1013,9 @@ API int softap_is_enabled(softap_h softap, bool *enable)
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL");
        _retvm_if(enable == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1030,6 +1039,9 @@ API int softap_get_mac_address(softap_h softap, char **mac_address)
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(mac_address == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1079,6 +1091,9 @@ API int softap_get_network_interface_name(softap_h softap, char **interface_name
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(interface_name == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1103,6 +1118,9 @@ API int softap_set_ip_address(softap_h softap, softap_address_family_e address_f
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(ip_address == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1132,6 +1150,9 @@ API int softap_get_ip_address(softap_h softap, softap_address_family_e address_f
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(ip_address == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1172,6 +1193,9 @@ API int softap_get_gateway_address(softap_h softap, softap_address_family_e addr
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(gateway_address == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1194,6 +1218,9 @@ API int softap_get_subnet_mask(softap_h softap, softap_address_family_e address_
 {
        DBG("+");
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(subnet_mask == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1235,12 +1262,22 @@ API int softap_foreach_connected_clients(softap_h softap, softap_connected_clien
        GVariant *value = NULL;
        gchar *key = NULL;
        int interface = 0;
+       int ret = 0;
 
        result = g_dbus_proxy_call_sync(sa->client_bus_proxy, "get_station_info",
                        NULL, G_DBUS_CALL_FLAGS_NONE,
                        -1, sa->cancellable, &error);
-       if (error)
+
+       if (error) {
                ERR("g_dbus_proxy_call_sync is failed and error is %s\n", error->message);
+               if (error->code == G_DBUS_ERROR_ACCESS_DENIED)
+                       ret = SOFTAP_ERROR_PERMISSION_DENIED;
+               else
+                       ret = SOFTAP_ERROR_OPERATION_FAILED;
+
+               g_error_free(error);
+               return ret;
+       }
        g_variant_get(result, "(a(a{sv}))", &outer_iter);
 
        while (g_variant_iter_loop(outer_iter, "(@a{sv})", &station)) {
@@ -1309,6 +1346,9 @@ API int softap_foreach_connected_clients(softap_h softap, softap_connected_clien
 API int softap_set_enabled_cb(softap_h softap, softap_enabled_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1325,6 +1365,9 @@ API int softap_set_enabled_cb(softap_h softap, softap_enabled_cb callback, void
 API int softap_unset_enabled_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1339,6 +1382,9 @@ API int softap_unset_enabled_cb(softap_h softap)
 API int softap_set_disabled_cb(softap_h softap, softap_disabled_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1355,6 +1401,9 @@ API int softap_set_disabled_cb(softap_h softap, softap_disabled_cb callback, voi
 API int softap_unset_disabled_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1369,6 +1418,9 @@ API int softap_unset_disabled_cb(softap_h softap)
 API int softap_set_client_connection_state_changed_cb(softap_h softap, softap_client_connection_state_changed_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1385,6 +1437,9 @@ API int softap_set_client_connection_state_changed_cb(softap_h softap, softap_cl
 API int softap_unset_client_connection_state_changed_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1400,6 +1455,9 @@ API int softap_unset_client_connection_state_changed_cb(softap_h softap)
 API int softap_set_security_type_changed_cb(softap_h softap, softap_security_type_changed_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1416,6 +1474,9 @@ API int softap_set_security_type_changed_cb(softap_h softap, softap_security_typ
 API int softap_unset_security_type_changed_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1430,6 +1491,9 @@ API int softap_unset_security_type_changed_cb(softap_h softap)
 API int softap_set_ssid_visibility_changed_cb(softap_h softap, softap_ssid_visibility_changed_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1446,6 +1510,9 @@ API int softap_set_ssid_visibility_changed_cb(softap_h softap, softap_ssid_visib
 API int softap_unset_ssid_visibility_changed_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1460,6 +1527,9 @@ API int softap_unset_ssid_visibility_changed_cb(softap_h softap)
 API int softap_set_passphrase_changed_cb(softap_h softap, softap_passphrase_changed_cb callback, void *user_data)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(callback == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1476,6 +1546,9 @@ API int softap_set_passphrase_changed_cb(softap_h softap, softap_passphrase_chan
 API int softap_unset_passphrase_changed_cb(softap_h softap)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1490,6 +1563,9 @@ API int softap_unset_passphrase_changed_cb(softap_h softap)
 API int softap_set_security_type(softap_h softap, softap_security_type_e type)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1523,6 +1599,9 @@ API int softap_set_security_type(softap_h softap, softap_security_type_e type)
 API int softap_get_security_type(softap_h softap, softap_security_type_e *type)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                                "parameter(softap) is NULL\n");
        _retvm_if(type == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1534,6 +1613,9 @@ API int softap_get_security_type(softap_h softap, softap_security_type_e *type)
 API int softap_set_ssid(softap_h softap, const char *ssid)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(ssid == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1565,6 +1647,9 @@ API int softap_set_ssid(softap_h softap, const char *ssid)
 API int softap_get_ssid(softap_h softap, char **ssid)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(ssid == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1608,6 +1693,9 @@ API int softap_get_ssid(softap_h softap, char **ssid)
 API int softap_set_ssid_visibility(softap_h softap, bool visible)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1629,6 +1717,9 @@ API int softap_set_ssid_visibility(softap_h softap, bool visible)
 API int softap_get_ssid_visibility(softap_h softap, bool *visible)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(visible == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1640,6 +1731,9 @@ API int softap_get_ssid_visibility(softap_h softap, bool *visible)
 API int softap_set_passphrase(softap_h softap, const char *passphrase)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(passphrase == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1665,6 +1759,9 @@ API int softap_set_passphrase(softap_h softap, const char *passphrase)
 API int softap_get_passphrase(softap_h softap, char **passphrase)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(passphrase == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1773,6 +1870,9 @@ API int softap_set_wps_pin(softap_h softap, const char *wps_pin)
 API int softap_get_vendor_element(softap_h softap, char **vendor_element)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(vendor_element == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1798,6 +1898,9 @@ API int softap_get_vendor_element(softap_h softap, char **vendor_element)
 API int softap_set_vendor_element(softap_h softap, const char *vendor_element)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(vendor_element == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1820,6 +1923,9 @@ API int softap_set_vendor_element(softap_h softap, const char *vendor_element)
 API int softap_set_channel(softap_h softap, int channel)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1833,6 +1939,9 @@ API int softap_set_channel(softap_h softap, int channel)
 API int softap_get_channel(softap_h softap, int *channel)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                                "parameter(softap) is NULL\n");
        _retvm_if(channel == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
@@ -1844,6 +1953,9 @@ API int softap_get_channel(softap_h softap, int *channel)
 API int softap_set_mode(softap_h softap, softap_wireless_mode_e mode)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
 
@@ -1856,6 +1968,9 @@ API int softap_set_mode(softap_h softap, softap_wireless_mode_e mode)
 API int softap_get_mode(softap_h softap, softap_wireless_mode_e *mode)
 {
        CHECK_FEATURE_SUPPORTED(SOFTAP_FEATURE);
+       _retvm_if(_softap_check_permission() != SOFTAP_ERROR_NONE,
+                       SOFTAP_ERROR_PERMISSION_DENIED,
+                       "permission denied!");
        _retvm_if(softap == NULL, SOFTAP_ERROR_INVALID_PARAMETER,
                        "parameter(softap) is NULL\n");
        _retvm_if(mode == NULL, SOFTAP_ERROR_INVALID_PARAMETER,

diff --git a/src/softap_private.c b/src/softap_private.c
index 4c93f3f3fd9609eee18df794c46dbd47016cb549..ee06d09534d9fccd6f9adc40b1d1d7d33b1ed806 100755 (executable)
--- a/src/softap_private.c
+++ b/src/softap_private.c
@@ -15,15 +15,24 @@
 */
 
 #include <glib.h>
+#include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <system_info.h>
+#include <cynara-client.h>
+
 #include "softap_private.h"
 
+#define SOFTAP_PRIVILEGE "http://tizen.org/privilege/softap"
+#define SMACK_LABEL_LEN 255
+
 static __thread bool is_feature_checked = 0;
 static __thread bool feature_supported = 0;
 static __thread GSList *softap_handle_list = NULL;
 
+static __thread bool is_privilege_checked = 0;
+static __thread bool access_allowed = 0;
+
 int _softap_check_feature_supported(const char *key)
 {
        if (!is_feature_checked) {
@@ -46,6 +55,48 @@ int _softap_check_feature_supported(const char *key)
        return SOFTAP_ERROR_NONE;
 }
 
+int _softap_check_permission(void)
+{
+       FILE *fd;
+       int ret;
+       char smack_label[SMACK_LABEL_LEN + 1] = {0, };
+       char uid[10] = {0, };
+       char *client_session = "";
+       cynara *p_cynara;
+
+       if (is_privilege_checked)
+               return access_allowed ? SOFTAP_ERROR_NONE : SOFTAP_ERROR_PERMISSION_DENIED;
+
+       if (CYNARA_API_SUCCESS != cynara_initialize(&p_cynara, NULL))
+               return SOFTAP_ERROR_PERMISSION_DENIED;
+
+       bzero(smack_label, SMACK_LABEL_LEN + 1);
+
+       fd = fopen("/proc/self/attr/current", "r");
+       if (fd == NULL)
+               return SOFTAP_ERROR_PERMISSION_DENIED;
+
+       ret = fread(smack_label, SMACK_LABEL_LEN, 1, fd);
+       if (ferror(fd)) {
+               ERR("Failed to read /proc/self/attr/current\n");
+               fclose(fd);
+               return SOFTAP_ERROR_PERMISSION_DENIED;
+       }
+       fclose(fd);
+
+       snprintf(uid, sizeof(uid), "%d", getuid());
+
+       ret = cynara_check(p_cynara, smack_label, client_session, uid, SOFTAP_PRIVILEGE);
+       cynara_finish(p_cynara);
+
+       is_privilege_checked = true;
+       access_allowed = (ret == CYNARA_API_ACCESS_ALLOWED) ? true : false;
+
+       DBG("check permission[%s/%d]", SOFTAP_PRIVILEGE, access_allowed);
+
+       return access_allowed ? SOFTAP_ERROR_NONE : SOFTAP_ERROR_PERMISSION_DENIED;
+}
+
 void _softap_add_handle(softap_h handle)
 {
        softap_handle_list = g_slist_append(softap_handle_list, handle);