From: Jusung Son <jusung07.son@samsung.com>
Date: Mon, 2 Dec 2019 06:35:26 +0000 (+0900)
Subject: Add validated sender info
X-Git-Tag: submit/tizen/20200107.100143~2^2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=dbfe200e1159466c6f92d70ac5173c63677ceeea;p=platform%2Fcore%2Fapi%2Fnotification.git

Add validated sender info

Change-Id: I6de4c26779408bd5ecce8e94cf078f200f057beb
Signed-off-by: Jusung Son <jusung07.son@samsung.com>
---

diff --git a/notification-ex/dbus_event_listener.cc b/notification-ex/dbus_event_listener.cc
index 2686bca1..fe832828 100644
--- a/notification-ex/dbus_event_listener.cc
+++ b/notification-ex/dbus_event_listener.cc
@@ -34,6 +34,11 @@
 
 #define LOG_TAG "NOTIFICATION_EX"
 #define MAX_PACKAGE_STR_SIZE 512
+#define NORMAL_UID_BASE 5000
+
+#define DBUS_NAME "org.freedesktop.DBus"
+#define DBUS_OBJECT_PATH "/org/freedesktop/DBus"
+#define DBUS_INTERFACE_NAME "org.freedesktop.DBus"
 
 using namespace std;
 using namespace tizen_base;
@@ -56,6 +61,84 @@ DBusEventListener::Impl::Impl(DBusEventListener* parent, string path)
   LOGI("Dbus_event_listener impl created");
 }
 
+uid_t DBusEventListener::Impl::GetSenderUid(GDBusConnection* connection,
+                const char* sender_name) {
+  GDBusMessage* msg = nullptr;
+  GDBusMessage* reply = nullptr;
+  GError* err = nullptr;
+  GVariant* body;
+  uid_t uid = 0;
+
+  msg = g_dbus_message_new_method_call(DBUS_NAME, DBUS_OBJECT_PATH,
+      DBUS_INTERFACE_NAME, "GetConnectionUnixUser");
+  if (!msg) {
+    LOGE("Failed to alloc new method call");
+    goto out;
+  }
+
+  g_dbus_message_set_body(msg, g_variant_new("(s)", sender_name));
+  reply = g_dbus_connection_send_message_with_reply_sync(connection, msg,
+      G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, nullptr, nullptr, &err);
+
+  if (!reply) {
+    if (err != nullptr) {
+      LOGE("Failed to get uid [%s]", err->message);
+      g_error_free(err);
+    }
+    goto out;
+  }
+
+  body = g_dbus_message_get_body(reply);
+  g_variant_get(body, "(u)", &uid);
+
+out:
+  if (msg)
+    g_object_unref(msg);
+  if (reply)
+    g_object_unref(reply);
+
+  return uid;
+}
+
+pid_t DBusEventListener::Impl::GetSenderPid(GDBusConnection* connection,
+               const char* sender_name) {
+  GDBusMessage* msg = nullptr;
+  GDBusMessage* reply = nullptr;
+  GError* err = nullptr;
+  GVariant* body;
+  pid_t pid = 0;
+
+  msg = g_dbus_message_new_method_call(DBUS_NAME, DBUS_OBJECT_PATH,
+      DBUS_INTERFACE_NAME, "GetConnectionUnixProcessID");
+  if (!msg) {
+    LOGE("Failed to alloc new method call");
+    goto out;
+  }
+
+  g_dbus_message_set_body(msg, g_variant_new("(s)", sender_name));
+  reply = g_dbus_connection_send_message_with_reply_sync(connection, msg,
+      G_DBUS_SEND_MESSAGE_FLAGS_NONE, -1, nullptr, nullptr, &err);
+
+  if (!reply) {
+    if (err != nullptr) {
+      LOGE("Failed to get uid [%s]", err->message);
+      g_error_free(err);
+    }
+    goto out;
+  }
+
+  body = g_dbus_message_get_body(reply);
+  g_variant_get(body, "(u)", &pid);
+
+out:
+  if (msg)
+    g_object_unref(msg);
+  if (reply)
+    g_object_unref(reply);
+
+  return pid;
+}
+
 void DBusEventListener::Impl::SignalCb(GDBusConnection* connection,
                       const gchar* sender_name,
                       const gchar* object_path,
@@ -90,6 +173,17 @@ void DBusEventListener::Impl::SignalCb(GDBusConnection* connection,
 
   Bundle b(event_info_raw);
   EventInfo info(b);
+
+  if (info.GetEventType() == EventInfo::Post
+           || info.GetEventType() == EventInfo::Update) {
+    uid_t uid = GetSenderUid(connection, sender_name);
+    if (uid >= NORMAL_UID_BASE) {
+      pid_t pid = GetSenderPid(connection, sender_name);
+      info.SetValidatedOwner(util::GetAppId(pid));
+      info.SetValidatedUid(uid);
+    }
+  }
+
   dl->parent_->NotifyObserver(info, ret_list);
 }
 
diff --git a/notification-ex/dbus_event_listener_implementation.h b/notification-ex/dbus_event_listener_implementation.h
index be2f58b9..9ff7885c 100644
--- a/notification-ex/dbus_event_listener_implementation.h
+++ b/notification-ex/dbus_event_listener_implementation.h
@@ -50,6 +50,11 @@ class DBusEventListener::Impl {
                       const gchar* signal_name,
                       GVariant* parameters,
                       void* user_data);
+  static pid_t GetSenderPid(GDBusConnection* connection,
+                     const char* sender_name);
+  static uid_t GetSenderUid(GDBusConnection* connection,
+                     const char* sender_name);
+
   bool SubscribeSignal();
   void UnSubscribeSignal();
   IEventObserver* observer_ = nullptr;
diff --git a/notification-ex/event_info.cc b/notification-ex/event_info.cc
index a354fab3..547abeb4 100644
--- a/notification-ex/event_info.cc
+++ b/notification-ex/event_info.cc
@@ -54,6 +54,7 @@ EventInfo::Impl::Impl(EventInfo* parent, int type, std::string owner,
   uid_ = getuid();
   request_id_ = util::GetRequestId();
   error_ = ERROR_NONE;
+  validated_uid_ = 0;
   LOGI("EventInfo impl created");
 }
 
@@ -126,6 +127,14 @@ string EventInfo::GetOwner() const {
   return impl_->owner_;
 }
 
+void EventInfo::SetValidatedOwner(std::string owner) {
+  impl_->validated_owner_ = owner;
+}
+
+string EventInfo::GetValidatedOwner() const {
+  return impl_->validated_owner_;
+}
+
 string EventInfo::GetChannel() const {
   return impl_->channel_;
 }
@@ -142,6 +151,14 @@ void EventInfo::SetUid(uid_t uid) {
   impl_->uid_ = uid;
 }
 
+uid_t EventInfo::GetValidatedUid() const {
+  return impl_->validated_uid_;
+}
+
+void EventInfo::SetValidatedUid(uid_t uid) {
+  impl_->validated_uid_ = uid;
+}
+
 int EventInfo::GetRequestId() const {
   return impl_->request_id_;
 }
diff --git a/notification-ex/event_info_implementation.h b/notification-ex/event_info_implementation.h
index 41ef31fd..40f4752b 100644
--- a/notification-ex/event_info_implementation.h
+++ b/notification-ex/event_info_implementation.h
@@ -41,9 +41,11 @@ class EventInfo::Impl {
  private:
   int type_;
   std::string owner_;
+  std::string validated_owner_;
   std::string channel_;
   std::string item_id_;
   uid_t uid_;
+  uid_t validated_uid_;
   int request_id_;
   NotificationError error_;
   EventInfo* parent_;
diff --git a/notification-ex/event_info_internal.h b/notification-ex/event_info_internal.h
index b2b175dc..8b4202d4 100644
--- a/notification-ex/event_info_internal.h
+++ b/notification-ex/event_info_internal.h
@@ -44,6 +44,10 @@ class EventInfo : public IEventInfoInternal {
   int GetEventType() const override;
   void SetEventType(int type) override;
   std::string GetOwner() const override;
+  uid_t GetValidatedUid() const override;
+  void SetValidatedUid(uid_t uid) override;
+  void SetValidatedOwner(std::string owner) override;
+  std::string GetValidatedOwner() const override;
   std::string GetChannel() const override;
   std::string GetItemId() const override;
   int GetRequestId() const override;
diff --git a/notification-ex/ex_util.cc b/notification-ex/ex_util.cc
index 2429e285..d2813def 100644
--- a/notification-ex/ex_util.cc
+++ b/notification-ex/ex_util.cc
@@ -23,6 +23,7 @@
 
 #include <string>
 #include <memory>
+#include <map>
 
 #include "notification-ex/ex_util.h"
 
@@ -32,6 +33,7 @@
 
 #define LOG_TAG "NOTIFICATION_EX"
 #define MAX_PACKAGE_STR_SIZE 512
+#define MAX_CACHE_SIZE 100
 
 using namespace std;
 namespace notification {
@@ -44,15 +46,23 @@ int GetRequestId() {
 }
 
 string GetAppId() {
-  static string appid = "";
+ return GetAppId(getpid());
+}
+
+string GetAppId(pid_t pid) {
+  static map<pid_t, string> appid_cache;
+
+  string appid;
   char appid_buf[MAX_PACKAGE_STR_SIZE] = {0, };
 
-  if (!appid.empty()) {
-    LOGI("appid(%s)", appid.c_str());
-    return appid;
+  if (appid_cache.find(pid) != appid_cache.end()) {
+    LOGI("appid(%s)", appid_cache[pid].c_str());
+    return appid_cache[pid];
   }
 
-  int pid = getpid();
+  if (appid_cache.size() > MAX_CACHE_SIZE)
+    appid_cache.clear();
+
   int ret = aul_app_get_appid_bypid(pid, appid_buf, sizeof(appid_buf));
   if (ret == AUL_R_OK) {
     appid = string(appid_buf);
@@ -94,6 +104,7 @@ string GetAppId() {
   }
 
   LOGI("appid(%s)", appid.c_str());
+  appid_cache[pid] = appid;
   return appid;
 }
 
diff --git a/notification-ex/ex_util.h b/notification-ex/ex_util.h
index 59447dc0..c4fa4665 100644
--- a/notification-ex/ex_util.h
+++ b/notification-ex/ex_util.h
@@ -24,6 +24,7 @@
 namespace notification {
 namespace util {
   std::string GetAppId();
+  std::string GetAppId(pid_t pid);
   int GetRequestId();
   std::string GetPkgId();
   std::string GetDomainName();
diff --git a/notification-ex/ievent_info_internal.h b/notification-ex/ievent_info_internal.h
index d5ef3a63..c3599745 100644
--- a/notification-ex/ievent_info_internal.h
+++ b/notification-ex/ievent_info_internal.h
@@ -27,6 +27,10 @@ class IEventInfoInternal : public IEventInfo {
   virtual ~IEventInfoInternal() = default;
   virtual uid_t GetUid() const = 0;
   virtual void SetUid(uid_t uid) = 0;
+  virtual uid_t GetValidatedUid() const = 0;
+  virtual void SetValidatedUid(uid_t uid) = 0;
+  virtual void SetValidatedOwner(std::string owner) = 0;
+  virtual std::string GetValidatedOwner() const = 0;
   virtual NotificationError GetError() const = 0;
   virtual void SetError(NotificationError error) = 0;
   virtual void SetEventType(int type) = 0;