From: Pawel Andruszkiewicz Date: Thu, 30 Apr 2015 12:52:30 +0000 (+0200) Subject: [DataControl] Privilege checks moved to JS. X-Git-Tag: submit/tizen_tv/20150603.064601~1^2~89 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=69b5210ff5bbc6a303e27729e08a14c45d96f0db;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git [DataControl] Privilege checks moved to JS. Privileges need to be checked before validation of arguments. Change-Id: I2539852ecddeb45d3c203de4a1dfbd1beb9d721a Signed-off-by: Pawel Andruszkiewicz --- diff --git a/src/datacontrol/datacontrol_api.js b/src/datacontrol/datacontrol_api.js index 0294d427..a55e8ce3 100644 --- a/src/datacontrol/datacontrol_api.js +++ b/src/datacontrol/datacontrol_api.js @@ -73,6 +73,8 @@ function DataControlManager() { DataControlManager.prototype.getDataControlConsumer = function(providerId, dataId, type) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'providerId', 'type': types_.STRING}, {'name': 'dataId', 'type': types_.STRING}, @@ -107,6 +109,8 @@ SQLDataControlConsumer.prototype = new DataControlConsumerObject(); SQLDataControlConsumer.prototype.constructor = SQLDataControlConsumer; SQLDataControlConsumer.prototype.insert = function(reqId, insertionData) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'insertionData', 'type': types_.DICTIONARY}, @@ -142,6 +146,8 @@ SQLDataControlConsumer.prototype.insert = function(reqId, insertionData) { }; SQLDataControlConsumer.prototype.update = function(reqId, updateData, where) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'updateData', 'type': types_.DICTIONARY}, @@ -180,6 +186,8 @@ SQLDataControlConsumer.prototype.update = function(reqId, updateData, where) { }; SQLDataControlConsumer.prototype.remove = function(reqId, where) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'where', 'type': types_.STRING}, @@ -216,6 +224,8 @@ SQLDataControlConsumer.prototype.remove = function(reqId, where) { }; SQLDataControlConsumer.prototype.select = function(reqId, columns, where, successCallback) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'columns', 'type': types_.ARRAY}, @@ -269,6 +279,8 @@ MappedDataControlConsumer.prototype = new DataControlConsumerObject(); MappedDataControlConsumer.prototype.constructor = MappedDataControlConsumer; MappedDataControlConsumer.prototype.addValue = function(reqId, key, value) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'key', 'type': types_.STRING}, @@ -307,6 +319,8 @@ MappedDataControlConsumer.prototype.addValue = function(reqId, key, value) { }; MappedDataControlConsumer.prototype.removeValue = function(reqId, key, value, successCallback) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'key', 'type': types_.STRING}, @@ -343,6 +357,8 @@ MappedDataControlConsumer.prototype.removeValue = function(reqId, key, value, su }; MappedDataControlConsumer.prototype.getValue = function(reqId, key, successCallback) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'key', 'type': types_.STRING}, @@ -377,6 +393,8 @@ MappedDataControlConsumer.prototype.getValue = function(reqId, key, successCallb MappedDataControlConsumer.prototype.updateValue = function( reqId, key, oldValue, newValue, successCallback) { + xwalk.utils.checkPrivilegeAccess(xwalk.utils.privilege.DATACONTROL_CONSUMER); + var args = validator_.validateArgs(arguments, [ {'name': 'reqId', 'type': types_.LONG}, {'name': 'key', 'type': types_.STRING}, diff --git a/src/datacontrol/datacontrol_instance.cc b/src/datacontrol/datacontrol_instance.cc index 723a5f87..859063bd 100644 --- a/src/datacontrol/datacontrol_instance.cc +++ b/src/datacontrol/datacontrol_instance.cc @@ -22,12 +22,6 @@ namespace extension { namespace datacontrol { -namespace { -// The privileges that required in Datacontrol API -const std::string kPrivilegeDatacontrol = "http://tizen.org/privilege/datacontrol.consumer"; - -} // namespace - using common::InvalidValuesException; using common::TypeMismatchException; using common::IOException; @@ -484,8 +478,6 @@ int DatacontrolInstance::RunSQLDataControlJob(const std::string& providerId, void DatacontrolInstance::DataControlManagerGetdatacontrolconsumer( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); - CHECK_EXIST(args, "providerId", out) CHECK_EXIST(args, "dataId", out) @@ -494,7 +486,6 @@ void DatacontrolInstance::DataControlManagerGetdatacontrolconsumer( } void DatacontrolInstance::SQLDataControlConsumerInsert( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "providerId", out) @@ -566,7 +557,6 @@ void DatacontrolInstance::SQLDataControlConsumerInsert( } void DatacontrolInstance::SQLDataControlConsumerUpdate( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "where", out) @@ -642,7 +632,6 @@ void DatacontrolInstance::SQLDataControlConsumerUpdate( void DatacontrolInstance::SQLDataControlConsumerRemove( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "where", out) @@ -675,7 +664,6 @@ void DatacontrolInstance::SQLDataControlConsumerRemove( void DatacontrolInstance::SQLDataControlConsumerSelect( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "columns", out) @@ -736,7 +724,6 @@ void DatacontrolInstance::SQLDataControlConsumerSelect( void DatacontrolInstance::MappedDataControlConsumerAddvalue( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "key", out) @@ -772,7 +759,6 @@ void DatacontrolInstance::MappedDataControlConsumerAddvalue( } void DatacontrolInstance::MappedDataControlConsumerRemovevalue( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "key", out) @@ -808,7 +794,6 @@ void DatacontrolInstance::MappedDataControlConsumerRemovevalue( } void DatacontrolInstance::MappedDataControlConsumerGetvalue( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "key", out) @@ -841,7 +826,6 @@ void DatacontrolInstance::MappedDataControlConsumerGetvalue( } void DatacontrolInstance::MappedDataControlConsumerUpdatevalue( const picojson::value& args, picojson::object& out) { - CHECK_PRIVILEGE_ACCESS(kPrivilegeDatacontrol, &out); CHECK_EXIST(args, "callbackId", out) CHECK_EXIST(args, "reqId", out) CHECK_EXIST(args, "key", out)