privilege VARCHAR NOT NULL,
type INTEGER NOT NULL CHECK (type >= 0 AND type <= 1),
license VARCHAR,
+UNIQUE (uid, privilege, app_id),
FOREIGN KEY (app_id, uid) REFERENCES user_app (app_id, uid) ON UPDATE CASCADE ON DELETE CASCADE
);
BEGIN
SELECT RAISE(ABORT, 'App defined privilege already defined by different package')
WHERE EXISTS (SELECT 1 FROM app_defined_privilege_view
- WHERE privilege=NEW.privilege AND pkg_name!=NEW.pkg_name AND uid=NEW.uid);
+ WHERE privilege=NEW.privilege
+ AND pkg_name!=(SELECT pkg_name FROM user_app_pkg_view WHERE app_name=NEW.app_name)
+ AND uid=NEW.uid);
INSERT INTO app_defined_privilege (app_id, uid, privilege, type, license)
VALUES ((SELECT app_id FROM app WHERE name=NEW.app_name), NEW.uid, NEW.privilege, NEW.type, NEW.license);
privilege VARCHAR NOT NULL,
type INTEGER NOT NULL CHECK (type >= 0 AND type <= 1),
license VARCHAR,
+UNIQUE (uid, privilege, app_id),
FOREIGN KEY (app_id, uid) REFERENCES user_app (app_id, uid) ON UPDATE CASCADE ON DELETE CASCADE
);
DROP TABLE app_defined_privilege;
ALTER TABLE app_defined_privilege_new RENAME TO app_defined_privilege;
-DROP TRIGGER IF EXISTS app_defined_privilege_view_insert_trigger;
-CREATE TRIGGER app_defined_privilege_view_insert_trigger
-INSTEAD OF INSERT ON app_defined_privilege_view
-BEGIN
- SELECT RAISE(ABORT, 'App defined privilege already defined by different package')
- WHERE EXISTS (SELECT 1 FROM app_defined_privilege_view
- WHERE privilege=NEW.privilege AND pkg_name!=NEW.pkg_name AND uid=NEW.uid);
-
- INSERT INTO app_defined_privilege (app_id, uid, privilege, type, license)
- VALUES ((SELECT app_id FROM app WHERE name=NEW.app_name), NEW.uid, NEW.privilege, NEW.type, NEW.license);
-END;
-
PRAGMA foreign_key_check;
COMMIT TRANSACTION;
addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), Hybrid);
// privilege already defined by first application
- BOOST_REQUIRE_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[0]),
+ BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[0]));
+
+ // add third application in the same package as 1st
+ addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), Hybrid);
+
+ // privilege already defined by another application in the same package and uid
+ BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(3), uid(1), privileges[0]));
+
+ // add fourth application in a different package than 1st but same uid
+ addAppSuccess(app(4), pkg(2), uid(1), tizenVer(1), "", Hybrid);
+
+ // privilege already defined by an app from another package, same uid
+ BOOST_REQUIRE_THROW(testPrivDb->AddAppDefinedPrivilege(app(4), uid(1), privileges[0]),
PrivilegeDb::Exception::ConstraintError);
+ // uninstall fourth application
+ removeAppSuccess(app(4), uid(1));
+
// remove first application privileges
BOOST_REQUIRE_NO_THROW(testPrivDb->RemoveAppDefinedPrivileges(app(1), uid(1)));
checkAppDefinedPrivileges(app(1), uid(1), {});
removeAppSuccess(app(1), uid(1));
checkAppDefinedPrivileges(app(1), uid(1), {});
+ // uninstall third application
+ removeAppSuccess(app(3), uid(1));
+
// second application defines privileges
- BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivileges(app(2), uid(2), privileges));
+ BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[1]));
checkAppDefinedPrivileges(app(2), uid(2), privileges);
// install second application for different user and add privileges
projects / platform / core / security / security-manager.git / commitdiff