From: Zofia Abramowska <z.abramowska@samsung.com>
Date: Wed, 15 Jul 2015 16:03:41 +0000 (+0200)
Subject: Implement service side of privileges mapping
X-Git-Tag: submit/tizen/20150812.114250~3
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=45f54a2a9ee474abb83060aa2fa16bfbc92e5cd4;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git

Implement service side of privileges mapping

Change-Id: I9e737fc0fd15a3eb248612f84b202d0a397bd35f
---

diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
index 2994af51..5fdd83d0 100644
--- a/src/common/CMakeLists.txt
+++ b/src/common/CMakeLists.txt
@@ -41,6 +41,7 @@ SET(COMMON_SOURCES
     ${DPL_PATH}/core/src/string.cpp
     ${DPL_PATH}/db/src/naive_synchronization_object.cpp
     ${DPL_PATH}/db/src/sql_connection.cpp
+    ${COMMON_PATH}/config.cpp
     ${COMMON_PATH}/connection.cpp
     ${COMMON_PATH}/cynara.cpp
     ${COMMON_PATH}/file-lock.cpp
diff --git a/src/common/config.cpp b/src/common/config.cpp
new file mode 100644
index 00000000..445662b4
--- /dev/null
+++ b/src/common/config.cpp
@@ -0,0 +1,40 @@
+/*
+ *  Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Contact: Rafal Krypa <r.krypa@samsung.com>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+/*
+ * @file        config.cpp
+ * @author      Zofia Abramowska <z.abramowska@samsung.com>
+ * @version     1.0
+ * @brief       Setting values of Configuration options
+ */
+
+#include <config.h>
+
+namespace SecurityManager {
+
+namespace Config {
+
+const std::string PRIVILEGE_VERSION =
+#ifdef PRIVILEGE_VERSION
+        PRIVILEGE_VERSION
+#else
+        "3.0"
+#endif
+;
+};
+
+} /* namespace SecurityManager */
diff --git a/src/common/include/config.h b/src/common/include/config.h
new file mode 100644
index 00000000..742b0923
--- /dev/null
+++ b/src/common/include/config.h
@@ -0,0 +1,40 @@
+/*
+ *  Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Contact: Rafal Krypa <r.krypa@samsung.com>
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+/*
+ * @file        config.h
+ * @author      Zofia Abramowska <z.abramowska@samsung.com>
+ * @version     1.0
+ * @brief       Definition of Configuration options
+ */
+
+#ifndef SECURITY_MANAGER_CONFIG_
+#define SECURITY_MANAGER_CONFIG_
+
+#include <string>
+
+namespace SecurityManager {
+
+namespace Config {
+
+extern const std::string PRIVILEGE_VERSION;
+
+};
+
+} /* namespace SecurityManager */
+
+#endif /* SECURITY_MANAGER_CONFIG_ */
diff --git a/src/common/include/service_impl.h b/src/common/include/service_impl.h
index a973c353..83742333 100644
--- a/src/common/include/service_impl.h
+++ b/src/common/include/service_impl.h
@@ -169,6 +169,19 @@ int getPolicy(const policy_entry &filter, uid_t uid, pid_t pid, const std::strin
  */
 int policyGetDesc(std::vector<std::string> &descriptions);
 
+/**
+ * Process getting privileges mappings from one version to another.
+ *
+ * @param[in] version_from version to be mapped from
+ * @param[in] version_to version to be mapped to
+ * @param[in] privileges vector of privileges to be mapped
+ * @param[out] mappings mappings of given privileges
+ */
+int getPrivilegesMappings(const std::string &version_from,
+                          const std::string &version_to,
+                          const std::vector<std::string> &privileges,
+                          std::vector<std::string> &mappings);
+
 } /* namespace ServiceImpl */
 } /* namespace SecurityManager */
 
diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
index 873578df..503fd62d 100644
--- a/src/common/service_impl.cpp
+++ b/src/common/service_impl.cpp
@@ -35,6 +35,7 @@
 #include <dpl/log/log.h>
 #include <tzplatform_config.h>
 
+#include <config.h>
 #include "protocols.h"
 #include "privilege_db.h"
 #include "cynara.h"
@@ -984,5 +985,51 @@ int policyGetDesc(std::vector<std::string> &levels)
     return ret;
 }
 
+int getPrivilegesMappings(const std::string &version_from,
+                          const std::string &version_to,
+                          const std::vector<std::string> &privileges,
+                          std::vector<std::string> &mappings)
+{
+    int errorRet;
+    try {
+        std::string finalVersionTo;
+        if (version_to.empty()) {
+            finalVersionTo = Config::PRIVILEGE_VERSION;
+        } else {
+            finalVersionTo = version_to;
+        }
+
+        PrivilegeDb::getInstance().BeginTransaction();
+        if (privileges.size() == 0) {
+            PrivilegeDb::getInstance().GetDefaultMapping(version_from, finalVersionTo, mappings);
+        } else if ( privileges.size() == 1) {
+            PrivilegeDb::getInstance().GetPrivilegeMappings(version_from, finalVersionTo,
+                                                            privileges.front(), mappings);
+        } else {
+            PrivilegeDb::getInstance().GetPrivilegesMappings(version_from, finalVersionTo,
+                                                             privileges, mappings);
+        }
+        PrivilegeDb::getInstance().CommitTransaction();
+        return SECURITY_MANAGER_API_SUCCESS;
+    } catch (const PrivilegeDb::Exception::IOError &e) {
+        LogError("Cannot access application database: " << e.DumpToString());
+        errorRet = SECURITY_MANAGER_API_ERROR_SERVER_ERROR;
+    } catch (const PrivilegeDb::Exception::InternalError &e) {
+        LogError("Error while getting privilege mapping from database: " << e.DumpToString());
+        errorRet = SECURITY_MANAGER_API_ERROR_SERVER_ERROR;
+    } catch (const std::bad_alloc &e) {
+        LogError("Memory allocation failed: " << e.what());
+        errorRet = SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY;
+    } catch (const std::exception &e) {
+        LogError("Some exception thrown : " << e.what());
+        errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN;
+    } catch (...) {
+        LogError("Unknown exception thrown");
+        errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN;
+    }
+    PrivilegeDb::getInstance().RollbackTransaction();
+    return errorRet;
+}
+
 } /* namespace ServiceImpl */
 } /* namespace SecurityManager */
diff --git a/src/server/service/service.cpp b/src/server/service/service.cpp
index 7c39bf8c..45cdcf3d 100644
--- a/src/server/service/service.cpp
+++ b/src/server/service/service.cpp
@@ -346,8 +346,9 @@ void Service::processPrivilegesMappings(MessageBuffer &recv, MessageBuffer &send
     Deserialization::Deserialize(recv, version_to);
     Deserialization::Deserialize(recv, privileges);
 
-    int ret = SECURITY_MANAGER_API_SUCCESS;
     std::vector<std::string> mappings;
+    int ret = ServiceImpl::getPrivilegesMappings(version_from, version_to, privileges, mappings);
+
     Serialization::Serialize(send, ret);
     Serialization::Serialize(send, mappings);
 }