- internal privileges mapped by privacy related core privileges are also privacy related.
- remove redundant internal privileges listed in internal_only.list to store them properly.
Change-Id: I561c4b998a90e4d527c5ef38c6c28802bddf33f5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
sqlite3 $DB_NAME "insert into privilege_mapping values ( $PROFILE_ID, '$PROFILE', '$PRIVILEGE_NAME','$FROM_API_VERSION', '$TO_API_VERSION', '$MAPPED_PRIVILEGE_NAME')"
if [[ $MAPPED_PRIVILEGE_NAME == *"/internal/"* ]]; then
- sqlite3 .core_privilege_info.db "insert or ignore into valid_privilege_info values ('$MAPPED_PRIVILEGE_NAME', 0, 1)"
+ MAPPED_IS_PRIVACY=`sqlite3 .core_privilege_info.db "select is_privacy from privilege_info where privilege_name='$PRIVILEGE_NAME'"`
+ if [ "$MAPPED_IS_PRIVACY" = "" ]; then
+ sqlite3 .core_privilege_info.db "insert or ignore into valid_privilege_info values ('$MAPPED_PRIVILEGE_NAME', 0, 1)"
+ else
+ sqlite3 .core_privilege_info.db "insert or ignore into valid_privilege_info values ('$MAPPED_PRIVILEGE_NAME', $MAPPED_IS_PRIVACY, 1)"
+ fi
else
sqlite3 .core_privilege_info.db "insert or ignore into valid_privilege_info values ('$MAPPED_PRIVILEGE_NAME', 0, 0)"
fi
http://tizen.org/privilege/internal/appdebugging
http://tizen.org/privilege/internal/buxton
-http://tizen.org/privilege/internal/buxton/account.read
-http://tizen.org/privilege/internal/buxton/camcorder
-http://tizen.org/privilege/internal/buxton/contact.read
-http://tizen.org/privilege/internal/buxton/location
-http://tizen.org/privilege/internal/buxton/message.read
-http://tizen.org/privilege/internal/buxton/network.get
-http://tizen.org/privilege/internal/buxton/nfc
-http://tizen.org/privilege/internal/buxton/nfc.cardemulation
-http://tizen.org/privilege/internal/buxton/readonly
-http://tizen.org/privilege/internal/buxton/telephony
http://tizen.org/privilege/internal/dbus
http://tizen.org/privilege/internal/default/partner
http://tizen.org/privilege/internal/default/platform
http://tizen.org/privilege/internal/default/public
http://tizen.org/privilege/internal/inputdevice.block
http://tizen.org/privilege/internal/usermanagement
+http://tizen.org/privilege/internal/privacymanagement
http://tizen.org/privilege/notexist
db_path = PRIVILEGE_INFO_CORE_DB_PATH;
break;
case 'm':
- if (package_type == PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE)
- db_path = PRIVILEGE_MAPPING_CORE_DB_PATH;
- else
+ if (package_type == PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_WRT)
db_path = PRIVILEGE_MAPPING_WRT_DB_PATH;
+ else
+ db_path = PRIVILEGE_MAPPING_CORE_DB_PATH;
break;
case 'u':
db_mode = SQLITE_OPEN_READWRITE;
ret = __make_privilege_list_str(privilege_list, &privilege_list_str);
TryReturn(ret == 0 && privilege_list_str != NULL, sqlite3_close(db), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY] making privilege_list_str for where in query is failed.");
- char *sql = sqlite3_mprintf("select distinct mapped_privilege_name from privilege_mapping where privilege_name in(%s)and(profile_id=%d or profile_id=%d)and from_api_version<=%Q and to_api_version>%Q", privilege_list_str, PRIVILEGE_DB_MANAGER_PROFILE_TYPE_COMMON, g_privilege_db_manager_profile_type, api_version, api_version);
+ char *sql = NULL;
+ if (api_version == NULL)
+ sql = sqlite3_mprintf("select distinct mapped_privilege_name from privilege_mapping where privilege_name in(%s)and(profile_id=%d or profile_id=%d)", privilege_list_str, PRIVILEGE_DB_MANAGER_PROFILE_TYPE_COMMON, g_privilege_db_manager_profile_type);
+ else
+ sql = sqlite3_mprintf("select distinct mapped_privilege_name from privilege_mapping where privilege_name in(%s)and(profile_id=%d or profile_id=%d)and from_api_version<=%Q and to_api_version>%Q", privilege_list_str, PRIVILEGE_DB_MANAGER_PROFILE_TYPE_COMMON, g_privilege_db_manager_profile_type, api_version, api_version);
sqlite3_free(privilege_list_str);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
}
} while (ret == SQLITE_ROW);
- *privilege_list = temp_privilege_list;
-
__finalize_db(db, stmt, sql);
+ GList* temp_mapped_privilege_list = NULL;
+ ret = privilege_db_manager_get_mapped_privilege_list(NULL, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE, temp_privilege_list, &temp_mapped_privilege_list);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE && temp_mapped_privilege_list != NULL, g_list_free(temp_privilege_list), ret, "[DB_FAIL] privilege_db_manager_get_mapped_privilege_list failed");
+
+ *privilege_list = temp_mapped_privilege_list;
+ g_list_free(temp_privilege_list);
+
return PRIVILEGE_DB_MANAGER_ERR_NONE;
}
}
__print_line();
+ printf("privilege : http://tizen.org/privilege/internal/buxton/account.read\n");
+ ret = privilege_info_is_privacy("http://tizen.org/privilege/internal/buxton/account.read");
+ if (ret == 1) {
+ success_cnt++;
+ printf("SUCCESS: http://tizen.org/privilege/internal/buxton/account.read is PRIVACY\n");
+ } else {
+ fail_cnt++;
+ printf("Test FAILED. ret = %d\n", ret);
+ }
+ __print_line();
+
printf("privilege : http://tizen.org/privilege/internettttt\n");
ret = privilege_info_is_privacy("http://tizen.org/privilege/internettttt");
if (ret == 0) {
privacy_display = NULL;
printf("NULL param\n");
- ret = privilege_info_get_privacy_display(NULL, &privacy_display);
- if(ret == PRVMGR_ERR_INVALID_PARAMETER && privacy_display == NULL) {
- success_cnt++;
- printf("SUCCESS\n");
- } else {
- fail_cnt++;
- printf("FAIL: ret = %d, privacy_display = %s\n", ret, privacy_display);
- }
-
- free(privacy_display);
+ ret = privilege_info_get_privacy_display(NULL, &privacy_display);
+ if(ret == PRVMGR_ERR_INVALID_PARAMETER && privacy_display == NULL) {
+ success_cnt++;
+ printf("SUCCESS\n");
+ } else {
+ fail_cnt++;
+ printf("FAIL: ret = %d, privacy_display = %s\n", ret, privacy_display);
+ }
+
+ free(privacy_display);
}
static void __test_privilege_info_get_privacy_list()
{
GList* privilege_list = NULL;
GList* l;
- printf("privacy : ACCOUNT\n");
- int ret = privilege_info_get_privilege_list_by_privacy("ACCOUNT", &privilege_list);
+ printf("privacy : http://tizen.org/privacy/account\n");
+ int ret = privilege_info_get_privilege_list_by_privacy("http://tizen.org/privacy/account", &privilege_list);
+ if (ret == 0) {
+ success_cnt++;
+ for (l = privilege_list; l != NULL; l = l->next) {
+ char *privilege_name = (char*)l->data;
+ printf("%s\n", privilege_name);
+ }
+ } else {
+ fail_cnt++;
+ printf("Test FAILED\n");
+ }
+
+ if (privilege_list != NULL)
+ gfree(privilege_list);
+
+ __print_line();
+
+ printf("privacy : http://tizen.org/privacy/location\n");
+ ret = privilege_info_get_privilege_list_by_privacy("http://tizen.org/privacy/location", &privilege_list);
if (ret == 0) {
success_cnt++;
for (l = privilege_list; l != NULL; l = l->next) {
__print_line();
- printf("privacy : USERHISTORY\n");
- ret = privilege_info_get_privilege_list_by_privacy("USERHISTORY", &privilege_list);
+ printf("privacy : http://tizen.org/privacy/userhistory\n");
+ ret = privilege_info_get_privilege_list_by_privacy("http://tizen.org/privacy/userhistory", &privilege_list);
if (ret == 0) {
success_cnt++;
for (l = privilege_list; l != NULL; l = l->next) {
projects / platform / core / security / privilege-checker.git / commitdiff