[Service] Refactor access control of file system

This moves the control of file system to access control manager.

Together with:
https://review.tizen.org/gerrit/248284

Change-Id: I576fc1e43b26c9655ebe24efa40d5348886c365b
Signed-off-by: Youngsoo Choi <kenshin.choi@samsung.com>

diff --git a/wrt_app/service/access_control_manager.ts b/wrt_app/service/access_control_manager.ts
index 87afb7a37db6524a8d86a3fda0af07d32b181145..54afc105c0abb79f6ba50f148ed57c7abd78c644 100644 (file)
--- a/wrt_app/service/access_control_manager.ts
+++ b/wrt_app/service/access_control_manager.ts
@@ -1,3 +1,4 @@
+const Module = require('module');
 
 function checkSystemInfoApiPrivilege(func: any, permissions: string[]) {
   let override_func  = func;
@@ -126,3 +127,19 @@ export function initialize(permissions: string[]) {
     checkSystemInfoApiPrivilege(tizen.systeminfo.addPropertyValueArrayChangeListener, permissions);
 
 }
+
+export function refineResolveFilename(permissions: string[]) {
+  const originalResolveFilename = Module._resolveFilename;
+  Module._resolveFilename = function(...args: any[]) {
+    let path = '';
+    if (args[0] === 'fs') {
+      path = originalResolveFilename('fs_tizen', args[1], args[2]);
+    } else {
+      path = originalResolveFilename(...args);
+    }
+    if (path.startsWith('/') && !global.webapis.isValidPath(path))
+      throw new Error(`Invalid access to ${path}`);
+    return path;
+  }
+  Object.defineProperty(Module, '_resolveFilename', { writable: false });
+}

diff --git a/wrt_app/service/device_api_router.ts b/wrt_app/service/device_api_router.ts
index 22801121b2bc8ea7d814ec1487906989f90f64f1..f4269238bb2678b6c65021a7f8ff56ed1a730111 100644 (file)
--- a/wrt_app/service/device_api_router.ts
+++ b/wrt_app/service/device_api_router.ts
@@ -1,5 +1,4 @@
 import { wrt } from '../browser/wrt';
-const Module = require('module');
 
 export class DeviceAPIRouter {
   currentApplication: any;
@@ -51,9 +50,9 @@ export class DeviceAPIRouter {
     ];
 
     this.initWebapis();
+    this.permissions = wrt.getPrivileges(this.id);
     this.refineResolveFilename();
     if (isGlobal) {
-      this.permissions = wrt.getPrivileges(this.id);
       this.refineApplicationApis();
       this.refinePackageApis();
       this.refineFilesystemApis()
@@ -103,22 +102,6 @@ export class DeviceAPIRouter {
     this.initProductWebapis();
   }
 
-  refineResolveFilename() {
-    const originalResolveFilename = Module._resolveFilename;
-    Module._resolveFilename = function(...args: any[]) {
-      let path = '';
-      if (args[0] === 'fs') {
-        path = originalResolveFilename('fs_tizen', args[1], args[2]);
-      } else {
-        path = originalResolveFilename(...args);
-      }
-      if (path.startsWith('/') && !global.webapis.isValidPath(path))
-        throw new Error(`Invalid access to ${path}`);
-      return path;
-    }
-    Object.defineProperty(Module, '_resolveFilename', { writable: false });
-  }
-
   initEdgeWebapis() {
     if (wrt['edge'] && !global.webapis.edge) {
       let edge = wrt.edge as NativeWRTjs.EdgeExtension;
@@ -219,6 +202,11 @@ export class DeviceAPIRouter {
     AccessControlManager.initialize(this.permissions);
   }
 
+  refineResolveFilename() {
+    const AccessControlManager = require('./access_control_manager');
+    AccessControlManager.refineResolveFilename(this.permissions);
+  }
+
   getServiceId() {
     return global.webapis.getServiceId();
   }