<alias name="PRINT_TWO">2</alias>
<alias name="PRINT_THREE">3</alias>
<alias name="PRINT_FOUR">4</alias>
+ <privilege>http://tizen.org/privilege/systemsettings.admin</privilege>
<desc>It prints integer value</desc>
<domain>System</domain>
</rule>
<rule name="test.printBool" type="bool" since="6.0" plugin="test">
<alias name="on">1</alias>
<alias name="off">0</alias>
+ <privilege>http://tizen.org/privilege/systemsettings.admin</privilege>
<desc>It prints boolean value</desc>
<domain>System</domain>
</rule>
<rule name="test.sleep" type="int" since="6.0" plugin="test">
+ <privilege>http://tizen.org/privilege/systemsettings.admin</privilege>
<desc>Sleep</desc>
<domain>System</domain>
</rule>
BuildRequires: pkgconfig(vconf)
BuildRequires: pkgconfig(capi-network-wifi-manager)
BuildRequires: pkgconfig(gmock)
+BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-creds-gdbus)
+BuildRequires: pkgconfig(cynara-session)
%description
The modes(Mode Supervisor) manages configurations which is described at a mode.
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" name="conflict" type="xs:string" />
+ <xs:element minOccurs="0" name="privilege" type="xs:string"/>
<xs:element name="desc" type="xs:string" />
<xs:element name="domain" type="o:domainT" />
</xs:sequence>
plugin = pi;
}
+void Action::setPrivilege(const std::string &val)
+{
+ privilege = val;
+}
+
+std::string Action::getPrivilege()
+{
+ return privilege;
+}
+
void Action::valueChangedCallback(void *userData)
{
Action *action = (Action*)userData;
void setType(ActionType val);
ActionType getType();
void setPlugin(Plugin *pi);
+ void setPrivilege(const std::string &val);
+ std::string getPrivilege();
virtual int setValue(const std::string &val) = 0;
virtual std::string getStringOfValue() = 0;
virtual int apply() = 0;
PluginAction *piAction;
private:
std::string id;
+ std::string privilege;
bool stopOnErr;
ActionRestrict restriction;
};
{
return plugin;
}
+
+void ActionRule::setPrivilege(const std::string &priv)
+{
+ privilege = priv;
+}
std::string getName();
std::string getPlugin();
void setPlugin(const std::string &pi);
+ void setPrivilege(const std::string &priv);
virtual Action* makeAction() = 0;
virtual int addAlias(const std::string &alias, const std::string &value) = 0;
protected:
std::string ruleName;
+ std::string privilege;
private:
std::string plugin;
// TODO:: handle conflict List, since, description, version
SET_SOURCE_FILES_PROPERTIES(${CMAKE_SOURCE_DIR}/common/dbus.c
PROPERTIES GENERATED TRUE)
-SET(PKG_MODULES gio-2.0 dlog gio-unix-2.0 libxml-2.0)
+SET(PKG_MODULES gio-2.0 dlog gio-unix-2.0 libxml-2.0 cynara-client cynara-creds-gdbus cynara-session)
pkg_check_modules(daemon_pkgs REQUIRED ${PKG_MODULES})
FOREACH(flag ${daemon_pkgs_CFLAGS_OTHER})
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "ClientPrivilege.h"
+
+#include <string>
+#include <cynara-client.h>
+#include <cynara-session.h>
+#include <cynara-creds-gdbus.h>
+#include "common/dbus.h"
+#include "mdss.h"
+
+MODES_NAMESPACE_USE;
+
+ClientPrivilege::ClientPrivilege(GDBusMethodInvocation *invocation)
+ : handle(NULL), conf(NULL), client(NULL), user(NULL), clientSession(NULL)
+{
+ int pid;
+ GDBusConnection *conn = g_dbus_method_invocation_get_connection(invocation);
+ // Do not free this string, it is owned by connection
+ const char *senderUniqueName = g_dbus_method_invocation_get_sender(invocation);
+
+
+ int ret = cynara_creds_gdbus_get_user(conn, senderUniqueName, USER_METHOD_DEFAULT, &user);
+ if (ret != CYNARA_API_SUCCESS)
+ ERR("cynara_creds_gdbus_get_user() Fail(%d)", ret);
+
+ ret = cynara_creds_gdbus_get_client(conn, senderUniqueName, CLIENT_METHOD_DEFAULT, &client);
+ if (ret != CYNARA_API_SUCCESS)
+ ERR("cynara_creds_gdbus_get_client() Fail(%d)", ret);
+
+ ret = cynara_creds_gdbus_get_pid(conn, senderUniqueName, &pid);
+ if (ret != CYNARA_API_SUCCESS)
+ ERR("cynara_creds_gdbus_get_pid() Fail(%d)", ret);
+
+ clientSession = cynara_session_from_pid(pid);
+ if (NULL == clientSession)
+ ERR("cynara_session_from_pid() Fail()");
+
+ ret = cynara_configuration_create(&conf);
+ if (ret != CYNARA_API_SUCCESS)
+ ERR("cynara_configuration_create() Fail(%d)", ret);
+
+ ret = cynara_configuration_set_cache_size(conf, 100);
+ if (ret != CYNARA_API_SUCCESS) {
+ ERR("cynara_configuration_set_cache_size() Fail(%d)", ret);
+ cynara_configuration_destroy(conf);
+ }
+
+ ret = cynara_initialize(&handle, conf);
+ if (ret != CYNARA_API_SUCCESS) {
+ ERR("cynara_initialize() Fail(%d)", ret);
+ cynara_configuration_destroy(conf);
+ }
+}
+
+ClientPrivilege::~ClientPrivilege()
+{
+ cynara_configuration_destroy(conf);
+ cynara_finish(handle);
+ free(client);
+ free(user);
+ free(clientSession);
+}
+
+int ClientPrivilege::check(Mode &mode)
+{
+ std::list<std::shared_ptr<Action>>::iterator it;
+ auto actionList = mode.getActionList();
+ for (it = actionList.begin(); it != actionList.end(); it++) {
+ std::string priv = (*it)->getPrivilege();
+ //No Privilege = Allow All
+ if (priv.empty())
+ continue;
+ int ret = cynara_check(handle, client, clientSession, user, priv.c_str());
+ if (CYNARA_API_ACCESS_ALLOWED != ret) {
+ ERR("Action(%s) priv.check(%s) Fail(%d)", (*it)->getRuleName().c_str(), (*it)->getPrivilege().c_str(), ret);
+ if (ret == CYNARA_API_ACCESS_DENIED)
+ return MODES_ERROR_PERMISSION_DENIED;
+ else
+ return MODES_ERROR_SYSTEM;
+ }
+ }
+ DBG("Success!");
+ return MODES_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#pragma once
+
+#include <string>
+#include <cynara-client.h>
+#include "Mode.h"
+#include "mdss.h"
+#include "common/dbus.h"
+
+MODES_NAMESPACE_BEGIN
+
+class ClientPrivilege {
+public:
+ ClientPrivilege(GDBusMethodInvocation *invocation);
+ ~ClientPrivilege();
+ int check(Mode &mode);
+private:
+ cynara *handle;
+ cynara_configuration *conf;
+ char *client;
+ char *user;
+ char *clientSession;
+};
+
+MODES_NAMESPACE_END
DBG("[%d] modeName : %s, modePath : %s", modeMap.size(), modeName.c_str(), path.c_str());
}
-int ModeManager::applyMode(const string &modeName)
+int ModeManager::applyMode(const string &modeName, ClientPrivilege &priv)
{
auto found = modeMap.find(modeName);
if (modeMap.end() == found) {
return MODES_ERROR_CONFLICT;
}
+ int ret = priv.check(mode);
+ if (MODES_ERROR_NONE != ret) {
+ ERR("priv.check() Fail(%d)", ret);
+ return ret;
+ }
+
if (Mode::MODE_ONESHOT == mode.getModeType()) {
- int ret = mode.applyOneShot();
+ ret = mode.applyOneShot();
if (MODES_ERROR_NONE != ret) {
ERR("mode(%s) apply() Fail", mode.getName().c_str());
mode.undo();
return ret;
}
} else {
- int ret = mode.apply();
+ ret = mode.apply();
if (MODES_ERROR_NONE != ret) {
ERR("mode(%s) apply() Fail", mode.getName().c_str());
mode.undo();
#include "PluginManager.h"
#include "RuleManager.h"
#include "ModeCareTaker.h"
+#include "ClientPrivilege.h"
#ifndef MODES_MODE_DEFAULT_DIR
#define MODES_MODE_DEFAULT_DIR "/usr/share/modes/mode"
void setOptions(const std::set<std::string> &modeDirs, const std::string &xsdFile, const std::string &undoInfoDir);
void init();
void addModeDirectory(const std::string &dirPath);
- int applyMode(const std::string &modeName);
+ int applyMode(const std::string &modeName, ClientPrivilege &priv);
int registerMode(const Mode &mode);
int undoMode(const std::string &modeName);
std::list<std::tuple<std::string, int>> getModes();
#include "mdss.h"
#include "ModesEx.h"
#include "common/dbus_def.h"
+#include "ClientPrivilege.h"
MODES_NAMESPACE_USE;
DBG("mode name = %s", modeName);
- int ret = modeMgr->applyMode(modeName);
+ ClientPrivilege privInfo(invocation);
+ int ret = modeMgr->applyMode(modeName, privInfo);
mds_dbus_complete_apply_mode(object, invocation, ret);
if (MODES_ERROR_NONE == ret)
(xmlChar*)"plugin",
(xmlChar*)"alias",
(xmlChar*)"conflict",
+ (xmlChar*)"privilege",
};
void RuleManager::makeRuleMap()
xmlFree(value);
xmlFree(alias);
+ } else if (MDS_EQUAL == xmlStrcmp(cur->name, RULE_TAGS[TagElemPrivilege])) {
+ char *value = (char*)xmlNodeGetContent(cur);
+ if (NULL == value) {
+ ERR("%s : No value", RULE_TAGS[TagElemPrivilege]);
+ return;
+ }
+ actionRule->setPrivilege(value);
} else if (MDS_EQUAL == xmlStrcmp(cur->name, RULE_TAGS[TagElemConflict])) {
// TODO: enhanced feature
DBG("TBD(%s)", cur->name);
TagAttPlugin,
TagElemAlias,
TagElemConflict,
+ TagElemPrivilege,
TagMax
};
{
TAction<T> *action = new TAction<T>(ruleName);
action->setValueAliases(valueAliasList);
+ action->setPrivilege(privilege);
return action;
}
SET_SOURCE_FILES_PROPERTIES(${CMAKE_SOURCE_DIR}/common/dbus.c
PROPERTIES GENERATED TRUE)
-pkg_check_modules(gtest_pkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 libxml-2.0 gmock)
+pkg_check_modules(gtest_pkgs REQUIRED dlog glib-2.0 gio-2.0 gio-unix-2.0 libxml-2.0 gmock cynara-client cynara-creds-gdbus cynara-session)
INCLUDE_DIRECTORIES(${gtest_pkgs_INCLUDE_DIRS})
LINK_DIRECTORIES(${gtest_pkgs_LIBRARY_DIRS})
SET(SUPERVISOR_DIR "${CMAKE_SOURCE_DIR}/supervisor/" )
FILE(GLOB SRC "modes_test_main.cpp")
-
#=======================================================================================#
SET(GTEST_NOTI "modes-gtest-noti")
SET(GTEST_NOTI_SRCS modes_test_noti.cpp)
${SUPERVISOR_DIR}/Action.cpp
${SUPERVISOR_DIR}/ActionRule.cpp
${SUPERVISOR_DIR}/RuleManager.cpp
+ ${SUPERVISOR_DIR}/ClientPrivilege.cpp
${SUPERVISOR_DIR}/Mode.cpp
${SUPERVISOR_DIR}/ModesEx.cpp
${SUPERVISOR_DIR}/PluginManager.cpp
modes_test_modemgr.cpp
)
ADD_EXECUTABLE(${GTEST_MODEMGR} ${SRC} ${GTEST_MODEMGR_SRCS})
+ADD_DEPENDENCIES(${GTEST_MODEMGR} GENERATED_DBUS_CODE)
TARGET_LINK_LIBRARIES(${GTEST_MODEMGR} ${gtest_pkgs_LIBRARIES} dl)
INSTALL(TARGETS ${GTEST_MODEMGR} DESTINATION ${TEST_INSTALL_DIR})
FILE(GLOB GTEST_PARSER_SRCS
${SUPERVISOR_DIR}/XMLParser.cpp
${SUPERVISOR_DIR}/PluginManager.cpp
+ ${SUPERVISOR_DIR}/ClientPrivilege.cpp
${SUPERVISOR_DIR}/Action.cpp
${SUPERVISOR_DIR}/ActionRule.cpp
${SUPERVISOR_DIR}/RuleManager.cpp
modes_test_parser.cpp
)
ADD_EXECUTABLE(${GTEST_PARSER} ${SRC} ${GTEST_PARSER_SRCS})
+ADD_DEPENDENCIES(${GTEST_PARSER} GENERATED_DBUS_CODE)
TARGET_LINK_LIBRARIES(${GTEST_PARSER} ${gtest_pkgs_LIBRARIES} dl)
INSTALL(TARGETS ${GTEST_PARSER} DESTINATION ${TEST_INSTALL_DIR})
#=======================================================================================#
${SUPERVISOR_DIR}/Action.cpp
${SUPERVISOR_DIR}/ModesEx.cpp
${SUPERVISOR_DIR}/PluginManager.cpp
+ ${SUPERVISOR_DIR}/ClientPrivilege.cpp
${SUPERVISOR_DIR}/RuleManager.cpp
${SUPERVISOR_DIR}/ActionRule.cpp
${SUPERVISOR_DIR}/ValueChecker.cpp
"modes_test_generator.cpp"
)
ADD_EXECUTABLE(${GTEST_GENERATOR} ${SRC} ${GTEST_GENERATOR_SRCS})
+ADD_DEPENDENCIES(${GTEST_GENERATOR} GENERATED_DBUS_CODE)
TARGET_LINK_LIBRARIES(${GTEST_GENERATOR} ${gtest_pkgs_LIBRARIES} dl)
INSTALL(TARGETS ${GTEST_GENERATOR} DESTINATION ${TEST_INSTALL_DIR})
${SUPERVISOR_DIR}/ModeXMLParser.cpp
${SUPERVISOR_DIR}/XMLParser.cpp
${SUPERVISOR_DIR}/ModesEx.cpp
+ ${SUPERVISOR_DIR}/ClientPrivilege.cpp
${SUPERVISOR_DIR}/ModesXMLTag.cpp
${SUPERVISOR_DIR}/PluginManager.cpp
${SUPERVISOR_DIR}/RuleManager.cpp
modes_test_conflict.cpp
)
ADD_EXECUTABLE(${GTEST_CONFLICT} ${SRC} ${GTEST_CONFLICT_SRCS})
+ADD_DEPENDENCIES(${GTEST_CONFLICT} GENERATED_DBUS_CODE)
TARGET_LINK_LIBRARIES(${GTEST_CONFLICT} ${gtest_pkgs_LIBRARIES} dl)
INSTALL(TARGETS ${GTEST_CONFLICT} DESTINATION ${TEST_INSTALL_DIR})
#=======================================================================================#
${SUPERVISOR_DIR}/ActionRule.cpp
${SUPERVISOR_DIR}/ModesEx.cpp
${SUPERVISOR_DIR}/Mode.cpp
+ ${SUPERVISOR_DIR}/ClientPrivilege.cpp
${SUPERVISOR_DIR}/Action.cpp
${SUPERVISOR_DIR}/ValueChecker.cpp
modes_test_rulemgr.cpp
)
ADD_EXECUTABLE(${GTEST_RULEMGR} ${SRC} ${GTEST_RULE_SRCS})
+ADD_DEPENDENCIES(${GTEST_RULEMGR} GENERATED_DBUS_CODE)
TARGET_LINK_LIBRARIES(${GTEST_RULEMGR} ${gtest_pkgs_LIBRARIES})
INSTALL(TARGETS ${GTEST_RULEMGR} DESTINATION ${TEST_INSTALL_DIR})
projects / platform / core / system / modes.git / commitdiff