From: Bartlomiej Grzelewski Date: Fri, 2 Aug 2013 09:16:55 +0000 (+0200) Subject: Fix bug in app-permissions module. X-Git-Tag: submit/tizen/20140307.131547~95 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d1ae047d45d5eada311dbabc3ec9c83f16b157cb;p=platform%2Fcore%2Fsecurity%2Fsecurity-server.git Fix bug in app-permissions module. [Issue#] N/A [Bug/Cause] Function security_server_app_disable_permissions did not propagate success code. [Solution] Add return in security_server_app_disable_permissions. [Verification] Build, run tests. Change-Id: I389e6a65ae4f3d2e1496bf14a048274ef6263def --- diff --git a/src/server2/client/client-app-permissions.cpp b/src/server2/client/client-app-permissions.cpp index 13fbb50..764ee09 100644 --- a/src/server2/client/client-app-permissions.cpp +++ b/src/server2/client/client-app-permissions.cpp @@ -43,11 +43,7 @@ int security_server_app_enable_permissions(const char *app_id, app_type_t app_ty { using namespace SecurityServer; SocketBuffer send, recv; - Serialization serialization; - Deserialization deserialization; std::vector permissions_list; - int i; - int ret; LogDebug("security_server_app_enable_permissions() called"); @@ -66,31 +62,28 @@ int security_server_app_enable_permissions(const char *app_id, app_type_t app_ty LogDebug("app_id: " << app_id); //put all strings in STL vector - for (i = 0; perm_list[i] != NULL; i++) { + for (int i = 0; perm_list[i] != NULL; i++) { LogDebug("perm_list[" << i << "]: " << perm_list[i]); permissions_list.push_back(std::string(perm_list[i])); } //put data into buffer - serialization.Serialize(send, (int)AppPermissionsAction::ENABLE); //works as a MSG_ID - serialization.Serialize(send, persistent); - serialization.Serialize(send, (int)app_type); - serialization.Serialize(send, std::string(app_id)); - serialization.Serialize(send, permissions_list); + Serialization::Serialize(send, (int)AppPermissionsAction::ENABLE); //works as a MSG_ID + Serialization::Serialize(send, persistent); + Serialization::Serialize(send, (int)app_type); + Serialization::Serialize(send, std::string(app_id)); + Serialization::Serialize(send, permissions_list); //send buffer to server - ret = sendToServer(SERVICE_SOCKET_APP_PERMISSIONS, send.Pop(), recv); - if (ret != SECURITY_SERVER_API_SUCCESS) { - LogDebug("Unable to send"); - return ret; + int result = sendToServer(SERVICE_SOCKET_APP_PERMISSIONS, send.Pop(), recv); + if (result != SECURITY_SERVER_API_SUCCESS) { + LogDebug("Error in sendToServer. Error code: " << result); + return result; } //receive response from server - deserialization.Deserialize(recv, ret); - if (ret != SECURITY_SERVER_API_SUCCESS) { - LogDebug("Received error from server"); - return ret; - } + Deserialization::Deserialize(recv, result); + return result; } catch (SocketBuffer::Exception::Base &e) { LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString()); @@ -109,11 +102,7 @@ int security_server_app_disable_permissions(const char *app_id, app_type_t app_t { using namespace SecurityServer; SocketBuffer send, recv; - Serialization serialization; - Deserialization deserialization; std::vector permissions_list; - int i; - int ret; LogDebug("security_server_app_disable_permissions() called"); @@ -131,30 +120,27 @@ int security_server_app_disable_permissions(const char *app_id, app_type_t app_t LogDebug("app_id: " << app_id); //put all strings in STL vector - for (i = 0; perm_list[i] != NULL; i++) { + for (int i = 0; perm_list[i] != NULL; i++) { LogDebug("perm_list[" << i << "]: " << perm_list[i]); permissions_list.push_back(std::string(perm_list[i])); } //put data into buffer - serialization.Serialize(send, (int)AppPermissionsAction::DISABLE); //works as a MSG_ID - serialization.Serialize(send, (int)app_type); - serialization.Serialize(send, std::string(app_id)); - serialization.Serialize(send, permissions_list); + Serialization::Serialize(send, (int)AppPermissionsAction::DISABLE); //works as a MSG_ID + Serialization::Serialize(send, (int)app_type); + Serialization::Serialize(send, std::string(app_id)); + Serialization::Serialize(send, permissions_list); //send buffer to server - ret = sendToServer(SERVICE_SOCKET_APP_PERMISSIONS, send.Pop(), recv); - if (ret != SECURITY_SERVER_API_SUCCESS) { - LogDebug("Unable to send"); - return ret; + int result = sendToServer(SERVICE_SOCKET_APP_PERMISSIONS, send.Pop(), recv); + if (result != SECURITY_SERVER_API_SUCCESS) { + LogDebug("Error in sendToServer. Error code: " << result); + return result; } //receive response from server - deserialization.Deserialize(recv, ret); - if (ret != SECURITY_SERVER_API_SUCCESS) { - LogDebug("Received error from server"); - return ret; - } + Deserialization::Deserialize(recv, result); + return result; } catch (SocketBuffer::Exception::Base &e) { LogDebug("SecurityServer::SocketBuffer::Exception " << e.DumpToString()); diff --git a/src/server2/service/app-permissions.cpp b/src/server2/service/app-permissions.cpp index e536b54..d34ac5b 100644 --- a/src/server2/service/app-permissions.cpp +++ b/src/server2/service/app-permissions.cpp @@ -32,6 +32,25 @@ #include #include +namespace { + +int privilegeToSecurityServerError(int error) { + switch (error) { + case PC_OPERATION_SUCCESS: return SECURITY_SERVER_API_SUCCESS; + case PC_ERR_FILE_OPERATION: return SECURITY_SERVER_API_ERROR_UNKNOWN; + case PC_ERR_MEM_OPERATION: return SECURITY_SERVER_API_ERROR_OUT_OF_MEMORY; + case PC_ERR_NOT_PERMITTED: return SECURITY_SERVER_API_ERROR_ACCESS_DENIED; + case PC_ERR_INVALID_PARAM: return SECURITY_SERVER_API_ERROR_INPUT_PARAM; + case PC_ERR_INVALID_OPERATION: + case PC_ERR_DB_OPERATION: + default: + ; + } + return SECURITY_SERVER_API_ERROR_UNKNOWN; +} + +} // namespace anonymous + namespace SecurityServer { GenericSocketService::ServiceDescriptionVector AppPermissionsService::GetServiceDescription() { @@ -82,13 +101,11 @@ bool AppPermissionsService::readOne(const ConnectionID &conn, SocketBuffer &buff { LogDebug("Iteration begin"); SocketBuffer send, recv; - Serialization serialization; - Deserialization deserialization; std::vector permissions_list; std::string app_id; int persistent; - int i; - int ret = SECURITY_SERVER_API_ERROR_SERVER_ERROR; + size_t iter; + int result = SECURITY_SERVER_API_ERROR_SERVER_ERROR; app_type_t app_type; AppPermissionsAction appPermAction; @@ -101,16 +118,17 @@ bool AppPermissionsService::readOne(const ConnectionID &conn, SocketBuffer &buff //receive data from buffer and check MSG_ID Try { - deserialization.Deserialize(buffer, i); //receive MSG_ID - appPermAction = (AppPermissionsAction)i; + int temp; + Deserialization::Deserialize(buffer, temp); //receive MSG_ID + appPermAction = (AppPermissionsAction)temp; if (appPermAction == AppPermissionsAction::ENABLE) //persistent is only in APP_ENABLE frame - deserialization.Deserialize(buffer, persistent); + Deserialization::Deserialize(buffer, persistent); - deserialization.Deserialize(buffer, i); - app_type = (app_type_t)i; - deserialization.Deserialize(buffer, app_id); - deserialization.Deserialize(buffer, permissions_list); + Deserialization::Deserialize(buffer, temp); + app_type = (app_type_t)temp; + Deserialization::Deserialize(buffer, app_id); + Deserialization::Deserialize(buffer, permissions_list); } Catch (SocketBuffer::Exception::Base) { LogDebug("Broken protocol. Closing socket."); m_serviceManager->Close(conn); @@ -132,26 +150,26 @@ bool AppPermissionsService::readOne(const ConnectionID &conn, SocketBuffer &buff LogDebug("app_id: " << app_id); //left one free pointer for the NULL at the end - for (i = 0; i < (int)permissions_list.size(); i++) { - LogDebug("perm_list[" << i << "]: " << permissions_list[i]); - perm_list[i] = (permissions_list[i]).c_str(); + for (iter = 0; iter < permissions_list.size(); ++iter) { + LogDebug("perm_list[" << iter << "]: " << permissions_list[iter]); + perm_list[iter] = (permissions_list[iter]).c_str(); } //put the NULL at the end - perm_list[i] = NULL; + perm_list[iter] = NULL; //use received data if (appPermAction == AppPermissionsAction::ENABLE) { LogDebug("Calling app_enable_permiossions()"); - ret = perm_app_enable_permissions(app_id.c_str(), app_type, perm_list.get(), persistent); - LogDebug("app_enable_permissions() returned: " << ret); + result = perm_app_enable_permissions(app_id.c_str(), app_type, perm_list.get(), persistent); + LogDebug("app_enable_permissions() returned: " << result); } else { LogDebug("Calling app_disable_permiossions()"); - ret = perm_app_disable_permissions(app_id.c_str(), app_type, perm_list.get()); - LogDebug("app_disable_permissions() returned: " << ret); + result = perm_app_disable_permissions(app_id.c_str(), app_type, perm_list.get()); + LogDebug("app_disable_permissions() returned: " << result); } //send response - serialization.Serialize(send, ret); + Serialization::Serialize(send, privilegeToSecurityServerError(result)); m_serviceManager->Write(conn, send.Pop()); return true; } diff --git a/systemd/security-server.service b/systemd/security-server.service index 7480b30..1b8ba8f 100644 --- a/systemd/security-server.service +++ b/systemd/security-server.service @@ -10,6 +10,7 @@ Sockets=security-server-get-gid.socket Sockets=security-server-privilege-by-pid.socket Sockets=security-server-exec-path.socket Sockets=security-server-get-object-name.socket +Sockets=security-server-app-permissions.socket [Install] WantedBy=multi-user.target