int app_context_set_event_cb(app_manager_app_context_event_cb callback, void *user_data)
{
+ int ret;
+
if (callback == NULL)
return app_manager_error(APP_MANAGER_ERROR_INVALID_PARAMETER, __FUNCTION__, NULL);
+ ret = app_manager_check_privilege(PRIVILEGE_PKGMGR_INFO);
+ if (ret != APP_MANAGER_ERROR_NONE) {
+ if (ret == APP_MANAGER_ERROR_PERMISSION_DENIED)
+ return app_manager_error(APP_MANAGER_ERROR_PERMISSION_DENIED, __FUNCTION__, NULL);
+ else
+ return app_manager_error(APP_MANAGER_ERROR_IO_ERROR, __FUNCTION__, NULL);
+ }
+
app_context_lock_event_cb_context();
if (event_cb_context == NULL) {
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <fcntl.h>
#include <aul.h>
#include <dlog.h>
+#include <cynara-client.h>
#include "app_manager.h"
#include "app_manager_internal.h"
#define LOG_TAG "CAPI_APPFW_APP_MANAGER"
+#define SMACK_LABEL_LEN 255
static const char* app_manager_error_to_string(app_manager_error_e error)
{
return "Invalid package";
case APP_MANAGER_ERROR_NOT_SUPPORTED:
return "Not supported";
+ case APP_MANAGER_ERROR_PERMISSION_DENIED:
+ return "Permission denied";
default:
return "Unknown";
}
return error;
}
+int app_manager_check_privilege(char *privilege)
+{
+ cynara *p_cynara;
+ int fd;
+ int ret;
+
+ char client[SMACK_LABEL_LEN + 1] = "";
+ char uid[10] = {0,};
+ char *client_session = "";
+
+ if (privilege == NULL) {
+ LOGE("invalid parameter");
+ return APP_MANAGER_ERROR_INVALID_PARAMETER;
+ }
+
+ ret = cynara_initialize(&p_cynara, NULL);
+ if (ret != CYNARA_API_SUCCESS) {
+ LOGE("cynara_initialize [%d] failed!", ret);
+ return APP_MANAGER_ERROR_IO_ERROR;
+ }
+
+ fd = open("/proc/self/attr/current", O_RDONLY);
+ if (fd < 0) {
+ LOGE("open [%d] failed!", errno);
+ ret = APP_MANAGER_ERROR_IO_ERROR;
+ goto out;
+ }
+
+ ret = read(fd, client, SMACK_LABEL_LEN);
+ if (ret < 0) {
+ LOGE("read [%d] failed!", errno);
+ close(fd);
+ ret = APP_MANAGER_ERROR_IO_ERROR;
+ goto out;
+ }
+
+ close(fd);
+
+ snprintf(uid, 10, "%d", getuid());
+
+ ret = cynara_check(p_cynara, client, client_session, uid, privilege);
+ if (ret != CYNARA_API_ACCESS_ALLOWED) {
+ LOGE("cynara access check [%d] failed!", ret);
+
+ if (ret == CYNARA_API_ACCESS_DENIED)
+ ret = APP_MANAGER_ERROR_PERMISSION_DENIED;
+ else
+ ret = APP_MANAGER_ERROR_IO_ERROR;
+
+ goto out;
+ }
+
+ ret = APP_MANAGER_ERROR_NONE;
+
+out:
+ if (p_cynara)
+ cynara_finish(p_cynara);
+
+ return ret;
+}
+
API int app_manager_set_app_context_event_cb(app_manager_app_context_event_cb callback, void *user_data)
{
int retval = app_context_set_event_cb(callback, user_data);