From: Tomasz Marciniak Date: Thu, 2 Jul 2015 11:16:50 +0000 (+0200) Subject: [KeyManager] Check if data name and package id exists. X-Git-Tag: submit/tizen/20150702.103311^2~1^2~33 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=12912504244fa22dea235397beb3375ca62f208c;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [KeyManager] Check if data name and package id exists. [Feature] Before allowing access data name and package id has to be checked if they are correct. [Verification] Code compiles. Related tests pass. Change-Id: Iffd26ebec36ae26bff713652e6d8394334f3e31c Signed-off-by: Tomasz Marciniak --- diff --git a/src/keymanager/keymanager.gyp b/src/keymanager/keymanager.gyp index 99ae7ffc..15641354 100644 --- a/src/keymanager/keymanager.gyp +++ b/src/keymanager/keymanager.gyp @@ -21,6 +21,7 @@ 'variables': { 'packages': [ 'key-manager', + 'pkgmgr-info', ] }, }], diff --git a/src/keymanager/keymanager_api.js b/src/keymanager/keymanager_api.js index e4690e49..860e85e5 100755 --- a/src/keymanager/keymanager_api.js +++ b/src/keymanager/keymanager_api.js @@ -552,6 +552,12 @@ KeyManager.prototype.allowAccessControl = function() { nullable: true } ]); + + var ret = native.callSync('KeyManager_isDataNameFound', {dataName : args.dataName}); + if (native.isFailure(ret)) { + throw native.getErrorObject(ret); + } + native.call('KeyManager_allowAccessControl', { dataName: args.dataName, id: args.id, @@ -588,6 +594,12 @@ KeyManager.prototype.denyAccessControl = function() { nullable: true } ]); + + var ret = native.callSync('KeyManager_isDataNameFound', {dataName : args.dataName}); + if (native.isFailure(ret)) { + throw native.getErrorObject(ret); + } + native.call('KeyManager_denyAccessControl', { dataName: args.dataName, id: args.id diff --git a/src/keymanager/keymanager_instance.cc b/src/keymanager/keymanager_instance.cc index 87a6c160..e9a1af08 100755 --- a/src/keymanager/keymanager_instance.cc +++ b/src/keymanager/keymanager_instance.cc @@ -18,6 +18,7 @@ #include #include +#include #include "common/logger.h" #include "common/optional.h" @@ -199,7 +200,6 @@ void GetGenericAliasList(AliasListFunction func, picojson::object* out) { common::tools::ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to get alias list"), out); } } - } // namespace KeyManagerInstance::KeyManagerInstance() { @@ -241,6 +241,8 @@ KeyManagerInstance::KeyManagerInstance() { std::bind(&KeyManagerInstance::AllowAccessControl, this, _1, _2)); RegisterSyncHandler("KeyManager_denyAccessControl", std::bind(&KeyManagerInstance::DenyAccessControl, this, _1, _2)); + RegisterSyncHandler("KeyManager_isDataNameFound", + std::bind(&KeyManagerInstance::IsDataNameFound, this, _1, _2)); } KeyManagerInstance::~KeyManagerInstance() { @@ -1014,7 +1016,19 @@ void KeyManagerInstance::AllowAccessControl(const picojson::value& args, } auto allow = [data_name, id, granted](const std::shared_ptr& response) -> void { - int ret = ckmc_allow_access(data_name.c_str(), id.c_str(), granted); + //as ckmc_allow_access does not check if package id exists + //it has to be done before allowing access + pkgmgrinfo_pkginfo_h handle = nullptr; + int ret = pkgmgrinfo_pkginfo_get_pkginfo(id.c_str(), &handle); + if (PMINFO_R_OK != ret) { + LoggerE("Package id not found."); + common::tools::ReportError(PlatformResult( + ErrorCode::NOT_FOUND_ERR, "Package id not found."), &response->get()); + return; + } + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + + ret = ckmc_allow_access(data_name.c_str(), id.c_str(), granted); if (CKMC_ERROR_NONE != ret) { PlatformResult result = PlatformResult(ErrorCode::NO_ERROR); if (CKMC_ERROR_DB_ALIAS_UNKNOWN == ret) { @@ -1075,5 +1089,47 @@ void KeyManagerInstance::DenyAccessControl(const picojson::value& args, std::shared_ptr(new picojson::value(picojson::object()))); } +void KeyManagerInstance::IsDataNameFound(const picojson::value& args, + picojson::object& out){ + LoggerD("Entered"); + + const std::string& data_name = args.get("dataName").get(); + bool data_found = false; + ckmc_alias_list_s* alias_list = nullptr; + + int ret = ckmc_get_data_alias_list(&alias_list); + if (CKMC_ERROR_NONE != ret) { + LoggerE("Failed to get data list [%d]", ret); + PlatformResult result = PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to get data list."); + if (CKMC_ERROR_DB_ALIAS_UNKNOWN == ret) { + result = PlatformResult(ErrorCode::NOT_FOUND_ERR, "Data name not found."); + } + + common::tools::ReportError(result, &out); + return; + } + + ckmc_alias_list_s* head = alias_list; + while (head) { + if (!strcmp(head->alias, data_name.c_str())) { + data_found = true; + break; + } + head = head->next; + } + + if (alias_list) { + ckmc_alias_list_all_free(alias_list); + } + + LoggerD("Data name found: %d", data_found); + if (data_found) { + common::tools::ReportSuccess(out); + } else { + common::tools::ReportError( + PlatformResult(ErrorCode::NOT_FOUND_ERR, "Data name not found."), &out); + } +} + } // namespace keymanager } // namespace extension diff --git a/src/keymanager/keymanager_instance.h b/src/keymanager/keymanager_instance.h index dfc1a235..17d2f7b4 100755 --- a/src/keymanager/keymanager_instance.h +++ b/src/keymanager/keymanager_instance.h @@ -47,6 +47,8 @@ class KeyManagerInstance : public common::ParsedInstance { void LoadFromPKCS12File(const picojson::value& args, picojson::object& out); void AllowAccessControl(const picojson::value& args, picojson::object& out); void DenyAccessControl(const picojson::value& args, picojson::object& out); + + void IsDataNameFound(const picojson::value& args, picojson::object& out); }; } // namespace keymanager