Replace deprecated security-manager api

Use security_manager_path_req_* instead of
security_manager_app_inst_req_add_path.

Change-Id: Ia3e0970026cf5f33a89cfeb377a3e4484d852bb6
Signed-off-by: Sangyoon Jang <s89.jang@samsung.com>

diff --git a/src/common/security_registration.cc b/src/common/security_registration.cc
index a2b1f08..a90bc5e 100644 (file)
--- a/src/common/security_registration.cc
+++ b/src/common/security_registration.cc
@@ -135,34 +135,6 @@ bool PrepareRequest(const std::string& app_id, const std::string& pkg_id,
     }
   }
 
-  if (!path.empty()) {
-    for (auto& policy : kSecurityPolicies) {
-      bf::path subpath = path / policy.first;
-      if (bf::exists(subpath)) {
-        if (bf::is_symlink(symlink_status(subpath))) {
-          LOG(DEBUG) << "Path " << subpath << " is a symlink."
-                     << "Path will not be registered";
-          continue;
-        }
-        if (policy.second == SECURITY_MANAGER_PATH_TRUSTED_RW &&
-            author_id.empty()) {
-          LOG(WARNING) << "the path " << policy.first
-              << " exists, but author_id is empty";
-          continue;
-        }
-        error = security_manager_app_inst_req_add_path(req, subpath.c_str(),
-                                                       policy.second);
-        if (error != SECURITY_MANAGER_SUCCESS) {
-          std::string errnum = boost::str(boost::format("%d") % error);
-          *error_message =
-                    security_manager_strerror(static_cast<lib_retcode>(error));
-          *error_message += ":<" + errnum + ">";
-          return false;
-        }
-      }
-    }
-  }
-
   for (auto& priv : privileges) {
     security_manager_app_inst_req_add_privilege(req, priv.c_str());
   }

diff --git a/src/common/step/security/step_recover_security.cc b/src/common/step/security/step_recover_security.cc
index 3908594..b0c4e93 100644 (file)
--- a/src/common/step/security/step_recover_security.cc
+++ b/src/common/step/security/step_recover_security.cc
@@ -58,6 +58,15 @@ Step::Status StepRecoverSecurity::RecoveryUpdate() {
     }
     return Status::RECOVERY_ERROR;
   }
+  if (!RegisterSecurityContextForPath(
+      context_->pkgid.get(), context_->pkg_path.get(), context_->uid.get(),
+      &error_message)) {
+    if (!error_message.empty()) {
+      LOG(ERROR) << "error_message: " << error_message;
+      on_error(Status::SECURITY_ERROR, error_message);
+    }
+    return Status::RECOVERY_ERROR;
+  }
   return Status::OK;
 }
 }  // namespace security

diff --git a/src/common/step/security/step_register_security.cc b/src/common/step/security/step_register_security.cc
index a155ef8..9ec62c6 100644 (file)
--- a/src/common/step/security/step_register_security.cc
+++ b/src/common/step/security/step_register_security.cc
@@ -49,6 +49,15 @@ Step::Status StepRegisterSecurity::process() {
     }
     return Status::SECURITY_ERROR;
   }
+  if (!RegisterSecurityContextForPath(
+      context_->pkgid.get(), context_->pkg_path.get(), context_->uid.get(),
+      &error_message)) {
+    if (!error_message.empty()) {
+      LOG(ERROR) << "error_message: " << error_message;
+      on_error(Status::SECURITY_ERROR, error_message);
+    }
+    return Status::SECURITY_ERROR;
+  }
   LOG(DEBUG) << "Security context installed";
   return Status::OK;
 }

diff --git a/src/common/step/security/step_rollback_deinstallation_security.cc b/src/common/step/security/step_rollback_deinstallation_security.cc
index 251a4e3..dcf2553 100644 (file)
--- a/src/common/step/security/step_rollback_deinstallation_security.cc
+++ b/src/common/step/security/step_rollback_deinstallation_security.cc
@@ -38,10 +38,18 @@ Step::Status StepRollbackDeinstallationSecurity::undo() {
     }
     return Status::SECURITY_ERROR;
   }
+  if (!RegisterSecurityContextForPath(
+      context_->pkgid.get(), context_->pkg_path.get(), context_->uid.get(),
+      &error_message)) {
+    if (!error_message.empty()) {
+      LOG(ERROR) << "error_message: " << error_message;
+      on_error(Status::SECURITY_ERROR, error_message);
+    }
+    return Status::SECURITY_ERROR;
+  }
   LOG(DEBUG) << "Security context installed";
   return Status::OK;
 }
 
 }  // namespace security
 }  // namespace common_installer
-

diff --git a/src/common/step/security/step_update_security.cc b/src/common/step/security/step_update_security.cc
index dfcd499..07e27ad 100644 (file)
--- a/src/common/step/security/step_update_security.cc
+++ b/src/common/step/security/step_update_security.cc
@@ -23,6 +23,15 @@ Step::Status StepUpdateSecurity::process() {
     }
     return Status::SECURITY_ERROR;
   }
+  if (!RegisterSecurityContextForPath(
+      context_->pkgid.get(), context_->pkg_path.get(), context_->uid.get(),
+      &error_message)) {
+    if (!error_message.empty()) {
+      LOG(ERROR) << "error_message: " << error_message;
+      on_error(Status::SECURITY_ERROR, error_message);
+    }
+    return Status::SECURITY_ERROR;
+  }
   LOG(DEBUG) << "Security context updated";
   return Status::OK;
 }
@@ -38,6 +47,15 @@ Step::Status StepUpdateSecurity::undo() {
     }
     return Status::SECURITY_ERROR;
   }
+  if (!RegisterSecurityContextForPath(
+      context_->pkgid.get(), context_->pkg_path.get(), context_->uid.get(),
+      &error_message)) {
+    if (!error_message.empty()) {
+      LOG(ERROR) << "error_message: " << error_message;
+      on_error(Status::SECURITY_ERROR, error_message);
+    }
+    return Status::SECURITY_ERROR;
+  }
   LOG(DEBUG) << "Security context reverted";
   return Status::OK;
 }