From: Pawel Andruszkiewicz Date: Thu, 30 Apr 2015 13:56:22 +0000 (+0200) Subject: [NFC] Privilege checks moved to JS. X-Git-Tag: submit/tizen_mobile/20150603.064609~1^2~84 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=63fdf2ed9c01e6649ca14013ff70dc18e1e43d4c;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [NFC] Privilege checks moved to JS. Privileges need to be checked before validation of arguments. Change-Id: If41026035363a1f9d1a8e2d467ca4cd03bdbdcc6 Signed-off-by: Pawel Andruszkiewicz --- diff --git a/src/nfc/nfc_api.js b/src/nfc/nfc_api.js index cb8ae02..bb8a937 100644 --- a/src/nfc/nfc_api.js +++ b/src/nfc/nfc_api.js @@ -145,6 +145,8 @@ function NFCManager() { } NFCManager.prototype.getDefaultAdapter = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_COMMON); + // First check NFC suppor on C++ level var result = native_.callSync( 'NFCManager_getDefaultAdapter', @@ -160,6 +162,7 @@ NFCManager.prototype.getDefaultAdapter = function() { }; NFCManager.prototype.setExclusiveMode = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_COMMON); var args = validator_.validateArgs(arguments, [ {name: 'exclusiveMode', type: types_.BOOLEAN} @@ -197,6 +200,8 @@ function NFCAdapter() { } function cardEmulationModeGetter() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var result = native_.callSync('NFCAdapter_cardEmulationModeGetter'); if (native_.isFailure(result)) { @@ -207,6 +212,7 @@ function NFCAdapter() { } function cardEmulationModeSetter(cem) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); var args = validator_.validateArgs(arguments, [ {name: 'emulationMode', type: types_.STRING} @@ -224,6 +230,7 @@ function NFCAdapter() { } function activeSecureElementGetter() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); var result = native_.callSync('NFCAdapter_activeSecureElementGetter'); @@ -235,6 +242,7 @@ function NFCAdapter() { } function activeSecureElementSetter(ase) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); var args = validator_.validateArgs(arguments, [ {name: 'secureElement', type: types_.STRING} @@ -268,6 +276,8 @@ function NFCAdapter() { } NFCAdapter.prototype.setPowered = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_ADMIN); + var args = validator_.validateArgs(arguments, [ { name: 'powered', @@ -299,6 +309,7 @@ NFCAdapter.prototype.setPowered = function() { }; NFCAdapter.prototype.setTagListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_TAG); var args = validator_.validateArgs(arguments, [ { @@ -353,6 +364,8 @@ NFCAdapter.prototype.setTagListener = function() { }; NFCAdapter.prototype.setPeerListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_P2P); + var args = validator_.validateArgs(arguments, [ { name: 'listener', @@ -381,6 +394,7 @@ NFCAdapter.prototype.setPeerListener = function() { }; NFCAdapter.prototype.unsetTagListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_TAG); native_.removeListener(TAG_LISTENER); @@ -393,6 +407,8 @@ NFCAdapter.prototype.unsetTagListener = function() { }; NFCAdapter.prototype.unsetPeerListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_P2P); + native_.removeListener(PEER_LISTENER); var result = native_.callSync('NFCAdapter_unsetPeerListener'); @@ -404,6 +420,8 @@ NFCAdapter.prototype.unsetPeerListener = function() { }; NFCAdapter.prototype.addCardEmulationModeChangeListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'callback', @@ -425,6 +443,8 @@ NFCAdapter.prototype.addCardEmulationModeChangeListener = function() { }; NFCAdapter.prototype.removeCardEmulationModeChangeListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'listenerId', @@ -440,6 +460,8 @@ NFCAdapter.prototype.removeCardEmulationModeChangeListener = function() { }; NFCAdapter.prototype.addTransactionEventListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'type', @@ -478,6 +500,8 @@ NFCAdapter.prototype.addTransactionEventListener = function() { }; NFCAdapter.prototype.removeTransactionEventListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'watchId', @@ -505,6 +529,8 @@ NFCAdapter.prototype.removeTransactionEventListener = function() { }; NFCAdapter.prototype.addActiveSecureElementChangeListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'callback', @@ -526,6 +552,8 @@ NFCAdapter.prototype.addActiveSecureElementChangeListener = function() { }; NFCAdapter.prototype.removeActiveSecureElementChangeListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); + var args = validator_.validateArgs(arguments, [ { name: 'listenerId', @@ -541,6 +569,8 @@ NFCAdapter.prototype.removeActiveSecureElementChangeListener = function() { }; NFCAdapter.prototype.getCachedMessage = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_COMMON); + var result = native_.callSync('NFCAdapter_getCachedMessage'); if (native_.isFailure(result)) { @@ -555,6 +585,7 @@ NFCAdapter.prototype.getCachedMessage = function() { }; NFCAdapter.prototype.setExclusiveModeForTransaction = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_CARDEMULATION); var args = validator_.validateArgs(arguments, [ { @@ -847,6 +878,7 @@ function NFCTag(tagid) { // Function defined here (not outside Tag "constructor" // because access to internal _my_id variable is needed) NFCTag.prototype.readNDEF = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_TAG); var args = validator_.validateArgs(arguments, [ { @@ -876,6 +908,8 @@ function NFCTag(tagid) { }; NFCTag.prototype.writeNDEF = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_TAG); + var args = validator_.validateArgs(arguments, [ { name: 'message', @@ -917,6 +951,8 @@ function NFCTag(tagid) { }; NFCTag.prototype.transceive = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_TAG); + var args = validator_.validateArgs(arguments, [ { name: 'data', @@ -997,6 +1033,8 @@ function NFCPeer(peerid) { } NFCPeer.prototype.sendNDEF = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_P2P); + var args = validator_.validateArgs(arguments, [ { name: 'message', @@ -1040,6 +1078,8 @@ function NFCPeer(peerid) { } NFCPeer.prototype.setReceiveNDEFListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_P2P); + var args = validator_.validateArgs(arguments, [ { name: 'listener', @@ -1065,6 +1105,8 @@ NFCPeer.prototype.setReceiveNDEFListener = function() { }; NFCPeer.prototype.unsetReceiveNDEFListener = function() { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.NFC_P2P); + native_.removeListener(RECEIVE_NDEF_LISTENER); var result = native_.callSync('NFCPeer_unsetReceiveNDEFListener', {'id' : this._my_id}); diff --git a/src/nfc/nfc_instance.cc b/src/nfc/nfc_instance.cc index e76bc2d..3231a9f 100644 --- a/src/nfc/nfc_instance.cc +++ b/src/nfc/nfc_instance.cc @@ -22,16 +22,6 @@ namespace nfc { using namespace common; using namespace extension::nfc; -namespace { - -const std::string kPrivilegeNfcAdmin = "http://tizen.org/privilege/nfc.admin"; -const std::string kPrivilegeNfcCardEmulation = "http://tizen.org/privilege/nfc.cardemulation"; -const std::string kPrivilegeNfcCommon = "http://tizen.org/privilege/nfc.common"; -const std::string kPrivilegeNfcP2P = "http://tizen.org/privilege/nfc.p2p"; -const std::string kPrivilegeNfcTag = "http://tizen.org/privilege/nfc.tag"; - -} // namespace - void NFCInstance::RespondAsync(const char* msg) { PostMessage(msg); } @@ -130,8 +120,6 @@ void NFCInstance::GetDefaultAdapter( // Here there's only check for NFC support LoggerD("Entered"); - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCommon, &out); - if(!nfc_manager_is_supported()) { LoggerE("NFC manager is not supported"); // According to API reference only Security and Unknown @@ -146,8 +134,6 @@ void NFCInstance::GetDefaultAdapter( void NFCInstance::SetExclusiveMode( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCommon, &out); - CHECK_EXIST(args, "exclusiveMode", out); bool exmode = args.get("exclusiveMode").get(); @@ -164,8 +150,6 @@ void NFCInstance::SetExclusiveMode( //TODO(g.rynkowski): Rewrite to asynchronous approach void NFCInstance::SetPowered( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcAdmin, &out); - PlatformResult result = NFCAdapter::GetInstance()->SetPowered(args); if (result.IsSuccess()) { ReportSuccess(out); @@ -182,8 +166,6 @@ void NFCInstance::GetPowered( void NFCInstance::CardEmulationModeSetter( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - CHECK_EXIST(args, "emulationMode", out); std::string mode = args.get("emulationMode").get(); PlatformResult result = NFCAdapter::GetInstance()->SetCardEmulationMode(mode); @@ -196,8 +178,6 @@ void NFCInstance::CardEmulationModeSetter( void NFCInstance::CardEmulationModeGetter( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - std::string mode = ""; PlatformResult result = NFCAdapter::GetInstance()->GetCardEmulationMode(&mode); if (result.IsSuccess()) { @@ -209,8 +189,6 @@ void NFCInstance::CardEmulationModeGetter( void NFCInstance::ActiveSecureElementSetter( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - CHECK_EXIST(args, "secureElement", out); std::string ase = args.get("secureElement").get(); PlatformResult result = NFCAdapter::GetInstance()->SetActiveSecureElement(ase); @@ -223,8 +201,6 @@ void NFCInstance::ActiveSecureElementSetter( void NFCInstance::ActiveSecureElementGetter( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - std::string ase = ""; PlatformResult result = NFCAdapter::GetInstance()->GetActiveSecureElement(&ase); if (result.IsSuccess()) { @@ -236,8 +212,6 @@ void NFCInstance::ActiveSecureElementGetter( void NFCInstance::SetTagListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcTag, &out); - PlatformResult result = NFCAdapter::GetInstance()->SetTagListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -265,8 +239,6 @@ void NFCInstance::PeerIsConnectedGetter( void NFCInstance::SetPeerListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcP2P, &out); - PlatformResult result = NFCAdapter::GetInstance()->SetPeerListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -277,16 +249,12 @@ void NFCInstance::SetPeerListener( void NFCInstance::UnsetTagListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcTag, &out); - NFCAdapter::GetInstance()->UnsetTagListener(); ReportSuccess(out); } void NFCInstance::UnsetPeerListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcP2P, &out); - PlatformResult result = NFCAdapter::GetInstance()->UnsetPeerListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -297,8 +265,6 @@ void NFCInstance::UnsetPeerListener( void NFCInstance::AddCardEmulationModeChangeListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->AddCardEmulationModeChangeListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -309,8 +275,6 @@ void NFCInstance::AddCardEmulationModeChangeListener( void NFCInstance::RemoveCardEmulationModeChangeListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->RemoveCardEmulationModeChangeListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -321,8 +285,6 @@ void NFCInstance::RemoveCardEmulationModeChangeListener( void NFCInstance::AddTransactionEventListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->AddTransactionEventListener(args); if (result.IsSuccess()) { ReportSuccess(out); @@ -333,8 +295,6 @@ void NFCInstance::AddTransactionEventListener( void NFCInstance::RemoveTransactionEventListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->RemoveTransactionEventListener(args); if (result.IsSuccess()) { ReportSuccess(out); @@ -345,8 +305,6 @@ void NFCInstance::RemoveTransactionEventListener( void NFCInstance::AddActiveSecureElementChangeListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->AddActiveSecureElementChangeListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -357,8 +315,6 @@ void NFCInstance::AddActiveSecureElementChangeListener( void NFCInstance::RemoveActiveSecureElementChangeListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - PlatformResult result = NFCAdapter::GetInstance()->RemoveActiveSecureElementChangeListener(); if (result.IsSuccess()) { ReportSuccess(out); @@ -369,8 +325,6 @@ void NFCInstance::RemoveActiveSecureElementChangeListener( void NFCInstance::GetCachedMessage( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCommon, &out); - picojson::value result = picojson::value(picojson::object()); picojson::object& result_obj = result.get(); @@ -384,8 +338,6 @@ void NFCInstance::GetCachedMessage( void NFCInstance::SetExclusiveModeForTransaction( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcCardEmulation, &out); - CHECK_EXIST(args, "transactionMode", out); bool transaction_mode = args.get("transactionMode").get(); @@ -401,8 +353,6 @@ void NFCInstance::SetExclusiveModeForTransaction( //TODO(g.rynkowski): Rewrite to asynchronous approach void NFCInstance::ReadNDEF( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcTag, &out); - CHECK_EXIST(args, "id", out); int tag_id = static_cast(args.get("id").get()); @@ -419,8 +369,6 @@ void NFCInstance::ReadNDEF( //TODO(g.rynkowski): Rewrite to asynchronous approach void NFCInstance::WriteNDEF( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcTag, &out); - CHECK_EXIST(args, "id", out); int tag_id = static_cast(args.get("id").get()); @@ -439,8 +387,6 @@ void NFCInstance::Transceive( const picojson::value& args, picojson::object& out) { LoggerD("Entered"); - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcTag, &out); - CHECK_EXIST(args, "id", out); int tag_id = static_cast(args.get("id").get()); LoggerD("Tag id: %d", tag_id); @@ -455,8 +401,6 @@ void NFCInstance::Transceive( void NFCInstance::SetReceiveNDEFListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcP2P, &out); - CHECK_EXIST(args, "id", out); int peer_id = (int)args.get("id").get(); @@ -470,8 +414,6 @@ void NFCInstance::SetReceiveNDEFListener( void NFCInstance::UnsetReceiveNDEFListener( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcP2P, &out); - CHECK_EXIST(args, "id", out); int peer_id = (int)args.get("id").get(); @@ -486,8 +428,6 @@ void NFCInstance::UnsetReceiveNDEFListener( //TODO(g.rynkowski): Rewrite to asynchronous approach void NFCInstance::SendNDEF( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeNfcP2P, &out); - CHECK_EXIST(args, "id", out); int peer_id = static_cast(args.get("id").get());