Add permission check for open handle

To check permission for read-only operation

Change-Id: I8189c3c669d9321cb69336fc2a783bc16fbed0e1
Signed-off-by: Sangkoo Kim <sangkoo.kim@samsung.com>

diff --git a/framework/transaction-manager/MsgTransManager.cpp b/framework/transaction-manager/MsgTransManager.cpp
index e49e9d8..689e3cc 100755 (executable)
--- a/framework/transaction-manager/MsgTransManager.cpp
+++ b/framework/transaction-manager/MsgTransManager.cpp
@@ -380,7 +380,6 @@ void MsgTransactionManager::handleRequest(int fd)
                THROW(MsgException::OUT_OF_RANGE, "request CMD is not defined");
 
        /* check privilege */
-/*     if (checkPrivilege(pCmd->cmdType, pCmd->cmdCookie) == false) { */
        if (checkPrivilege(fd, pCmd->cmdType) == false) {
                MSG_DEBUG("No Privilege rule. Not allowed.");
 #ifdef MSG_CHECK_PRIVILEGE
@@ -395,6 +394,7 @@ void MsgTransactionManager::handleRequest(int fd)
 
        /* determine the handler based on pCmd->cmdType */
        int (*pfHandler)(const MSG_CMD_S*, char**) = NULL;
+       MSG_CMD_S* pCmdDup = NULL;
 
        switch (pCmd->cmdType) {
        case MSG_CMD_PLG_SENT_STATUS_CNF:
@@ -405,8 +405,8 @@ void MsgTransactionManager::handleRequest(int fd)
        case MSG_CMD_PLG_INCOMING_LBS_IND:
        case MSG_CMD_PLG_INIT_SIM_BY_SAT:
        case MSG_CMD_PLG_INCOMING_PUSH_IND:
-       case MSG_CMD_PLG_INCOMING_CB_IND: {
-               MSG_CMD_S* pCmdDup = (MSG_CMD_S*)calloc(1, len); /* pCmdDup should be freed afterward */
+       case MSG_CMD_PLG_INCOMING_CB_IND:
+               pCmdDup = (MSG_CMD_S*)calloc(1, len); /* pCmdDup should be freed afterward */
                if (pCmdDup != NULL) {
                        memcpy(pCmdDup, pCmd, len);
                        memcpy(pCmdDup->cmdCookie, &fd, sizeof(int)); /* Now, cmdCookie keeps fd for return */
@@ -417,7 +417,12 @@ void MsgTransactionManager::handleRequest(int fd)
                        mxQ.unlock();
                }
                break;
-       }
+       case MSG_CMD_CHECK_PERMISSION:
+               MSG_DEBUG("Client has privilege. Allowed.");
+               MsgMakeErrorEvent(pCmd->cmdType, MSG_SUCCESS, &eventSize, &pEventData);
+               MSG_DEBUG("Replying to fd [%d], size [%d]", fd, eventSize);
+               servSock.write(fd, pEventData, eventSize);
+               break;
        default:
                pfHandler = handlerMap[pCmd->cmdType];
                if (!pfHandler) {
@@ -435,8 +440,8 @@ void MsgTransactionManager::handleRequest(int fd)
                }
 
                MSG_DEBUG("Replying to fd [%d], size [%d]", fd, eventSize);
-
                servSock.write(fd, pEventData, eventSize);
+               break;
        }
 
        MSG_END();
@@ -651,15 +656,14 @@ bool MsgTransactionManager::checkPrivilege(int fd, MSG_CMD_TYPE_T CmdType)
        case MSG_CMD_GET_PUSH_MSG_OPT:
        case MSG_CMD_GET_VOICE_MSG_OPT:
        case MSG_CMD_GET_GENERAL_MSG_OPT:
-       case MSG_CMD_GET_MSG_SIZE_OPT: {
+       case MSG_CMD_GET_MSG_SIZE_OPT:
                ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
                                "http://tizen.org/privilege/message.read");
                if (ret != CYNARA_API_ACCESS_ALLOWED) {
                        MSG_INFO("privilege [read] not allowd : [%d]", ret);
                        bAllowed = false;
                }
-       }
-       break;
+               break;
        case MSG_CMD_SUBMIT_REQ:
        case MSG_CMD_SET_CB_OPT:
        case MSG_CMD_ADD_PUSH_EVENT:
@@ -694,15 +698,28 @@ bool MsgTransactionManager::checkPrivilege(int fd, MSG_CMD_TYPE_T CmdType)
        case MSG_CMD_SET_PUSH_MSG_OPT:
        case MSG_CMD_SET_VOICE_MSG_OPT:
        case MSG_CMD_SET_GENERAL_MSG_OPT:
-       case MSG_CMD_SET_MSG_SIZE_OPT: {
+       case MSG_CMD_SET_MSG_SIZE_OPT:
                ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
                                "http://tizen.org/privilege/message.write");
                if (ret != CYNARA_API_ACCESS_ALLOWED) {
                        MSG_INFO("privilege [write] not allowd : [%d]", ret);
                        bAllowed = false;
                }
-       }
-       break;
+               break;
+       case MSG_CMD_CHECK_PERMISSION:
+               ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
+                               "http://tizen.org/privilege/message.read");
+               if (ret != CYNARA_API_ACCESS_ALLOWED) {
+                       ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
+                                       "http://tizen.org/privilege/message.write");
+                       if (ret != CYNARA_API_ACCESS_ALLOWED) {
+                               MSG_INFO("privilege [write] not allowd : [%d]", ret);
+                               bAllowed = false;
+                       }
+               }
+               break;
+       default :
+               break;
        }
 
 _END_OF_FUNC:

diff --git a/include/common/MsgCmdTypes.h b/include/common/MsgCmdTypes.h
index 2bb06c2..4b8f469 100755 (executable)
--- a/include/common/MsgCmdTypes.h
+++ b/include/common/MsgCmdTypes.h
@@ -167,6 +167,8 @@ enum _MSG_CMD_TYPE_E
 #ifdef FEATURE_SMS_CDMA
        MSG_CMD_PLG_CHECK_UNIQUENESS,
 #endif
+
+       MSG_CMD_CHECK_PERMISSION,
 /* end of MSG_CMD; new CMD should be defined before MSG_CMD_NUM */
        MSG_CMD_NUM
 };
@@ -278,6 +280,7 @@ enum _MSG_EVENT_TYPE_E
 #ifdef FEATURE_SMS_CDMA
        MSG_EVENT_PLG_CHECK_UNIQUENESS,
 #endif
+       MSG_EVENT_CHECK_PERMISSION,
 
 /* Enums that does not match _MSG_CMD_TYPE_E */
        MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND,

diff --git a/include/mapi/msg_storage.h b/include/mapi/msg_storage.h
index 1b4d1b9..f7d2471 100755 (executable)
--- a/include/mapi/msg_storage.h
+++ b/include/mapi/msg_storage.h
@@ -1163,7 +1163,7 @@ int msg_db_select_with_query(msg_handle_t handle, const char *query, char ***db_
  * @since_tizen 3.0
  *
  * @param[in] handle     The Message handle
- * @param[in] db_res     The result of SQL SELECT query
+ * @param[in] db_res     The DB result pointer to release
  *
  * @return  @c 0 on success,
  *        otherwise a negative error value

diff --git a/include/proxy/MsgHandle.h b/include/proxy/MsgHandle.h
index 571e772..bf6d0c2 100755 (executable)
--- a/include/proxy/MsgHandle.h
+++ b/include/proxy/MsgHandle.h
@@ -160,7 +160,8 @@ class MsgHandle
                void convertMsgStruct(const MSG_MESSAGE_HIDDEN_S *pSource, MSG_MESSAGE_INFO_S *pDest);
                void convertSendOptStruct(const MSG_SENDINGOPT_S* pSrc, MSG_SENDINGOPT_INFO_S* pDest, MSG_MESSAGE_TYPE_S msgType);
                int getSettingCmdSize(MSG_OPTION_TYPE_T optionType);
-               bool CheckEventData(char *pEventData);
+               bool checkEventData(char *pEventData);
+               msg_error_t checkPermission(void);
 
                char mConnectionId[20];
                short mCounter;

diff --git a/include/utils/MsgException.h b/include/utils/MsgException.h
index d598c59..3d18c59 100755 (executable)
--- a/include/utils/MsgException.h
+++ b/include/utils/MsgException.h
@@ -46,7 +46,7 @@ class MsgException : public runtime_error /* public exception */
 {
 public:
        MsgException(int errCode, const string& msg = "")
-           : runtime_error(errorStrings[errCode] + " : " +  msg), eCode(errCode) {
+               : runtime_error(errorStrings[errCode] + " : " +  msg), eCode(errCode) {
        }
 
        enum
@@ -77,7 +77,7 @@ public:
        int errorCode() { return eCode; }
 
 private:
-       static string errorStrings[NUM_ERRORS];
+       static string errorStrings[NUM_ERRORS];
        int eCode;
 };
 

diff --git a/proxy/MsgHandleControl.cpp b/proxy/MsgHandleControl.cpp
index 84631bc..2eac5dd 100755 (executable)
--- a/proxy/MsgHandleControl.cpp
+++ b/proxy/MsgHandleControl.cpp
@@ -60,6 +60,11 @@ void MsgHandle::openHandle()
 
        /* Open Socket IPC */
        connectSocket();
+
+       /* Check cynara permission */
+       if (checkPermission() == MSG_ERR_PERMISSION_DENIED) {
+               THROW(MsgException::SECURITY_ERROR, "Client doesn't have permission");
+       }
 }
 
 
@@ -125,7 +130,7 @@ void MsgHandle::write(const char *pCmdData, int cmdSize, char **ppEvent)
                        break;
                }
 
-               if (!CheckEventData(tmpEvent)) {
+               if (!checkEventData(tmpEvent)) {
                        delete [] tmpEvent;
                        tmpEvent = NULL;
                } else {
@@ -593,7 +598,7 @@ int MsgHandle::getSettingCmdSize(MSG_OPTION_TYPE_T optionType)
 }
 
 
-bool MsgHandle::CheckEventData(char *pEventData)
+bool MsgHandle::checkEventData(char *pEventData)
 {
        MSG_EVENT_S* pEvent = (MSG_EVENT_S*)pEventData;
 
@@ -616,3 +621,34 @@ bool MsgHandle::CheckEventData(char *pEventData)
 
        return true;
 }
+
+msg_error_t MsgHandle::checkPermission(void)
+{
+       /* Allocate Memory to Command Data */
+       int cmdSize = sizeof(MSG_CMD_S);
+
+       char cmdBuf[cmdSize];
+       bzero(cmdBuf, cmdSize);
+       MSG_CMD_S* pCmd = (MSG_CMD_S*)cmdBuf;
+
+       /* Set Command Parameters */
+       pCmd->cmdType = MSG_CMD_CHECK_PERMISSION;
+
+       /* Send Command to Messaging FW */
+       char* pEventData = NULL;
+       unique_ptr<char*, void(*)(char**)> eventBuf(&pEventData, unique_ptr_deleter);
+
+       write((char*)pCmd, cmdSize, &pEventData);
+
+       /* Get Return Data */
+       MSG_EVENT_S* pEvent = (MSG_EVENT_S*)pEventData;
+
+       if (pEvent == NULL)
+               THROW(MsgException::INVALID_RESULT, "Event is NULL");
+
+       if (pEvent->eventType != MSG_EVENT_CHECK_PERMISSION) {
+               THROW(MsgException::INVALID_RESULT, "Event Data Error");
+       }
+
+       return pEvent->result;
+}

diff --git a/utils/MsgDebug.cpp b/utils/MsgDebug.cpp
index 1000bce..dacc4e4 100755 (executable)
--- a/utils/MsgDebug.cpp
+++ b/utils/MsgDebug.cpp
@@ -216,6 +216,8 @@ const char * MsgDbgCmdStr(MSG_CMD_TYPE_T cmdType)
        case MSG_CMD_PLG_CHECK_UNIQUENESS:
                return "MSG_CMD_PLG_CHECK_UNIQUENESS";
 #endif
+       case MSG_CMD_CHECK_PERMISSION:
+               return "MSG_CMD_CHECK_PERMISSION";
 
        default:
                return "Unknown Command Type!!!";
@@ -419,6 +421,8 @@ const char * MsgDbgEvtStr(MSG_EVENT_TYPE_T evtType)
        case MSG_EVENT_PLG_CHECK_UNIQUENESS:
                return "MSG_EVENT_PLG_CHECK_UNIQUENESS";
 #endif
+       case MSG_EVENT_CHECK_PERMISSION:
+               return "MSG_EVENT_CHECK_PERMISSION";
 
        case MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND:
                return "MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND";