From: kibak.yoon <kibak.yoon@samsung.com>
Date: Wed, 25 May 2016 14:20:03 +0000 (+0900)
Subject: sensord: clean up permission_checker for syncing with tizen_2.3
X-Git-Tag: accepted/tizen/common/20160627.191141~1^2~16
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=df00850a3de2f89fbfd61d12ab61295d8e2ff0d1;p=platform%2Fcore%2Fsystem%2Fsensord.git

sensord: clean up permission_checker for syncing with tizen_2.3

- in tizen 2.3, there is another security module, security_server.
- clean up permission_checker for converting it easily

Change-Id: I4489849fbb4e8178058e1b1d403dde99c402b0bd
Signed-off-by: kibak.yoon <kibak.yoon@samsung.com>
---

diff --git a/src/server/permission_checker.cpp b/src/server/permission_checker.cpp
index 72fef47..3da9ac6 100644
--- a/src/server/permission_checker.cpp
+++ b/src/server/permission_checker.cpp
@@ -21,15 +21,17 @@
 #include <cynara-creds-socket.h>
 #include <cynara-session.h>
 #include <permission_checker.h>
+#include <sensor_common.h>
 #include <sensor_log.h>
 #include <sensor_loader.h>
 #include <sensor_base.h>
+#include <vector>
 
 #define CACHE_SIZE 16
 
 static cynara *cynara_env = NULL;
 
-static bool check_privilege_by_sockfd(int sock_fd, const char *priv)
+static bool check_privilege_by_sockfd(int sock_fd, const char *priv, const char *access)
 {
 	retvm_if(cynara_env == NULL, false, "Cynara not initialized");
 
@@ -60,15 +62,16 @@ static bool check_privilege_by_sockfd(int sock_fd, const char *priv)
 	return (ret == CYNARA_API_ACCESS_ALLOWED);
 }
 
-permission_checker::permission_checker(void)
+permission_checker::permission_checker()
 : m_permission_set(0)
 {
 	init();
+	init_cynara();
 }
 
-permission_checker::~permission_checker(void)
+permission_checker::~permission_checker()
 {
-	deinit();
+	deinit_cynara();
 }
 
 permission_checker& permission_checker::get_instance(void)
@@ -79,10 +82,7 @@ permission_checker& permission_checker::get_instance(void)
 
 void permission_checker::init(void)
 {
-	AUTOLOCK(m_mutex);
-
-	m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_STANDARD, false, ""));
-	m_permission_infos.push_back(std::make_shared<permission_info> (SENSOR_PERMISSION_BIO, true, "http://tizen.org/privilege/healthinfo"));
+	m_permission_infos.push_back(std::make_shared<permission_info>(SENSOR_PERMISSION_BIO, "http://tizen.org/privilege/healthinfo", ""));
 
 	std::vector<sensor_base *> sensors;
 	sensors = sensor_loader::get_instance().get_sensors(ALL_SENSOR);
@@ -91,12 +91,12 @@ void permission_checker::init(void)
 		m_permission_set |= sensors[i]->get_permission();
 
 	_I("Permission Set = %d", m_permission_set);
-
-	init_cynara();
 }
 
 void permission_checker::init_cynara(void)
 {
+	AUTOLOCK(m_mutex);
+
 	cynara_configuration *conf;
 
 	int err = cynara_configuration_create(&conf);
@@ -121,7 +121,7 @@ void permission_checker::init_cynara(void)
 	_I("Cynara initialized");
 }
 
-void permission_checker::deinit(void)
+void permission_checker::deinit_cynara(void)
 {
 	AUTOLOCK(m_mutex);
 
@@ -135,16 +135,14 @@ int permission_checker::get_permission(int sock_fd)
 {
 	AUTOLOCK(m_mutex);
 
-	int permission = SENSOR_PERMISSION_NONE;
+	int permission = SENSOR_PERMISSION_STANDARD;
 
 	for (unsigned int i = 0; i < m_permission_infos.size(); ++i) {
-		if (!m_permission_infos[i]->need_to_check) {
+		if (!(m_permission_set & m_permission_infos[i]->permission))
+			continue;
+
+		if (check_privilege_by_sockfd(sock_fd, m_permission_infos[i]->privilege.c_str(), m_permission_infos[i]->access.c_str()))
 			permission |= m_permission_infos[i]->permission;
-		} else if (m_permission_set & m_permission_infos[i]->permission) {
-			if (check_privilege_by_sockfd(sock_fd, m_permission_infos[i]->privilege.c_str())) {
-				permission |= m_permission_infos[i]->permission;
-			}
-		}
 	}
 
 	return permission;
diff --git a/src/server/permission_checker.h b/src/server/permission_checker.h
index d47524d..d42ba09 100644
--- a/src/server/permission_checker.h
+++ b/src/server/permission_checker.h
@@ -34,33 +34,35 @@ public:
 private:
 	class permission_info {
 		public:
-		permission_info(int _permission, bool _need_to_check, std::string _priv)
+		permission_info(int _permission, std::string _priv, std::string _access)
 		: permission(_permission)
-		, need_to_check(_need_to_check)
 		, privilege(_priv)
+		, access(_access)
 		{
 		}
 		int permission;
-		bool need_to_check;
 		std::string privilege;
+		std::string access;
 	};
 
 	typedef std::vector<std::shared_ptr<permission_info>> permission_info_vector;
 
 	permission_checker();
-	~permission_checker();
 	permission_checker(permission_checker const&) {};
 	permission_checker& operator=(permission_checker const&);
 
+	~permission_checker();
+
 	void init(void);
-	void deinit(void);
 
 private:
 	permission_info_vector m_permission_infos;
 	int m_permission_set;
 	cmutex m_mutex;
 
+private:
 	void init_cynara(void);
+	void deinit_cynara(void);
 };
 
 #endif /* _PERMISSION_CHECKER_H_ */