From: jk.pu <jk.pu@samsung.com>
Date: Thu, 3 Sep 2015 05:23:05 +0000 (+0900)
Subject: [Privilege] enable privilege check code.
X-Git-Tag: submit/tizen/20150904.015301^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7ab0c6f1c65b53253abefe40389c965bdadb2114;p=platform%2Fcore%2Fapi%2Fwebapi-plugins.git

[Privilege] enable privilege check code.
            cynara_check() is now avaiable and security team's web -> native privilege mapping is done.

Change-Id: Ib71fe89fb92be30e1a070ec9e45daf0035913a9b
Signed-off-by: jk.pu <jk.pu@samsung.com>
---

diff --git a/src/common/tools.cc b/src/common/tools.cc
index ba539928..309c5818 100644
--- a/src/common/tools.cc
+++ b/src/common/tools.cc
@@ -165,9 +165,9 @@ class AccessControlImpl {
     LoggerD("Privilege access checked using Cynara.");
 
     char* smack_label = nullptr;
-    int ret = smack_new_label_from_self(&smack_label);
+    int len= smack_new_label_from_self(&smack_label);
 
-    if (0 == ret && nullptr != smack_label) {
+    if (0 < len && nullptr != smack_label) {
       auto uid = getuid();
 
       SLoggerD("uid: [%u]", uid);
@@ -182,7 +182,7 @@ class AccessControlImpl {
       return;
     }
 
-    ret = cynara_initialize(&cynara_, nullptr);
+    int ret = cynara_initialize(&cynara_, nullptr);
     if (CYNARA_API_SUCCESS != ret) {
       LoggerE("Failed to initialize Cynara");
       cynara_ = nullptr;
@@ -201,9 +201,6 @@ class AccessControlImpl {
 
   bool CheckAccess(const std::vector<std::string>& privileges) {
 
-    // TODO(r.galka) Cyanara check disabled temporarily
-    return true;
-
     if (cynara_) {
       for (const auto& privilege : privileges) {
         if (CYNARA_API_ACCESS_ALLOWED != cynara_simple_check(cynara_,  // p_cynara
diff --git a/src/utils/utils_api.js b/src/utils/utils_api.js
old mode 100755
new mode 100644
index 47374961..981f2c4a
--- a/src/utils/utils_api.js
+++ b/src/utils/utils_api.js
@@ -71,35 +71,40 @@ var _dateConverter = new DateConverter();
 
 /** @constructor */
 function Utils() {
+   
+  /**
+   * Cynara(since tizen 3.0) only support native privilege. 
+   * simply web privilege convert native privilege for checking access. 
+   */
   var privilege = {
     ACCOUNT_READ: 'http://tizen.org/privilege/account.read',
     ACCOUNT_WRITE: 'http://tizen.org/privilege/account.write',
-    ALARM: 'http://tizen.org/privilege/alarm',
-    APPLICATION_INFO: 'http://tizen.org/privilege/application.info',
-    APPLICATION_LAUNCH: 'http://tizen.org/privilege/application.launch',
-    APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/appmanager.certificate',
+    ALARM: 'http://tizen.org/privilege/alarm.get',
+    APPLICATION_INFO: 'http://tizen.org/privilege/packagemanager.info',
+    APPLICATION_LAUNCH: 'http://tizen.org/privilege/appmanager.launch',
+    APPMANAGER_CERTIFICATE: 'http://tizen.org/privilege/notexist',
     APPMANAGER_KILL: 'http://tizen.org/privilege/appmanager.kill',
     BLUETOOTH_ADMIN: 'http://tizen.org/privilege/bluetooth.admin',
-    BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth.gap',
-    BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth.health',
-    BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth.spp',
-    BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetoothmanager',
+    BLUETOOTH_GAP: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTH_HEALTH: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTH_SPP: 'http://tizen.org/privilege/bluetooth.admin',
+    BLUETOOTHMANAGER: 'http://tizen.org/privilege/bluetooth.admin',
     BLUETOOTH: 'http://tizen.org/privilege/bluetooth',
-    BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.read',
-    BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.write',
+    BOOKMARK_READ: 'http://tizen.org/privilege/bookmark.admin',
+    BOOKMARK_WRITE: 'http://tizen.org/privilege/bookmark.admin',
     CALENDAR_READ: 'http://tizen.org/privilege/calendar.read',
     CALENDAR_WRITE: 'http://tizen.org/privilege/calendar.write',
     CALLHISTORY_READ: 'http://tizen.org/privilege/callhistory.read',
     CALLHISTORY_WRITE: 'http://tizen.org/privilege/callhistory.write',
     CONTACT_READ: 'http://tizen.org/privilege/contact.read',
     CONTACT_WRITE: 'http://tizen.org/privilege/contact.write',
-    CONTENT_READ: 'http://tizen.org/privilege/content.read',
+    CONTENT_READ: 'http://tizen.org/privilege/content.write',
     CONTENT_WRITE: 'http://tizen.org/privilege/content.write',
-    DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datacontrol.consumer',
-    DATASYNC: 'http://tizen.org/privilege/datasync',
+    DATACONTROL_CONSUMER: 'http://tizen.org/privilege/datasharing',
+    DATASYNC: 'http://tizen.org/privilege/notexist',
     DOWNLOAD: 'http://tizen.org/privilege/download',
-    FILESYSTEM_READ: 'http://tizen.org/privilege/filesystem.read',
-    FILESYSTEM_WRITE: 'http://tizen.org/privilege/filesystem.write',
+    FILESYSTEM_READ: 'http://tizen.org/privilege/systemsettings.admin',
+    FILESYSTEM_WRITE: 'http://tizen.org/privilege/systemsettings.admin',
     HEALTHINFO: 'http://tizen.org/privilege/healthinfo',
     INTERNET: 'http://tizen.org/privilege/internet',
     KEYMANAGER: 'http://tizen.org/privilege/keymanager',
@@ -107,26 +112,27 @@ function Utils() {
     LOCATION: 'http://tizen.org/privilege/location',
     MEDIACONTROLLER_SERVER: 'http://tizen.org/privilege/mediacontroller.server',
     MEDIACONTROLLER_CLIENT: 'http://tizen.org/privilege/mediacontroller.client',
-    MESSAGING_READ: 'http://tizen.org/privilege/messaging.read',
-    MESSAGING_WRITE: 'http://tizen.org/privilege/messaging.write',
-    NETWORKBEARERSELECTION: 'http://tizen.org/privilege/networkbearerselection',
+    MESSAGING_READ: 'http://tizen.org/privilege/message.read',
+    MESSAGING_WRITE: 'http://tizen.org/privilege/message.write',
+    NETWORKBEARERSELECTION: 'http://tizen.org/privilege/network.set',
     NFC_ADMIN: 'http://tizen.org/privilege/nfc.admin',
     NFC_CARDEMULATION: 'http://tizen.org/privilege/nfc.cardemulation',
-    NFC_COMMON: 'http://tizen.org/privilege/nfc.common',
-    NFC_P2P: 'http://tizen.org/privilege/nfc.p2p',
-    NFC_TAG: 'http://tizen.org/privilege/nfc.tag',
+    NFC_COMMON: 'http://tizen.org/privilege/nfc',
+    NFC_P2P: 'http://tizen.org/privilege/nfc',
+    NFC_TAG: 'http://tizen.org/privilege/nfc',
     NOTIFICATION: 'http://tizen.org/privilege/notification',
-    PACKAGE_INFO: 'http://tizen.org/privilege/package.info',
-    PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.install',
-    POWER: 'http://tizen.org/privilege/power',
+    PACKAGE_INFO: 'http://tizen.org/privilege/packagemanager.info',
+    PACKAGEMANAGER_INSTALL: 'http://tizen.org/privilege/packagemanager.admin',
+    POWER: 'http://tizen.org/privilege/display',
     PUSH: 'http://tizen.org/privilege/push',
     SECUREELEMENT: 'http://tizen.org/privilege/secureelement',
-    SETTING: 'http://tizen.org/privilege/setting',
-    SYSTEM: 'http://tizen.org/privilege/system',
+    SETTING: 'http://tizen.org/privilege/systemsettings.admin',
+    SYSTEM: 'http://tizen.org/privilege/telephony',
     SYSTEMMANAGER: 'http://tizen.org/privilege/systemmanager',
     TELEPHONY: 'http://tizen.org/privilege/telephony',
     VOLUME_SET: 'http://tizen.org/privilege/volume.set'
   };
+
   Object.freeze(privilege);
 
   Object.defineProperty(this, 'privilege', {