From 22166d42563a83b33cbae44efee2c4d48a2013e9 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Fri, 2 Sep 2016 18:35:53 +0200 Subject: [PATCH] Add is hybrid flag to application install request "IsHybrid" is introduced to distinguish between different types of packages. Hybrid package assumes, that applications inside it can have different privileges, so they should be labeled separately. Any other package will have all applications labeled the same and label will be generated from package name. This commit does not yet interpret this flag, apart from db, From now on db will accept only applications from the same package, which have the same setting of isHybrid flag. Change-Id: Ic94d2147fa9684279d8b8a41ad6ee99b555cd766 --- db/db.sql | 16 ++++++++++++---- db/updates/update-db-to-v8.sql | 7 +++++++ src/client/client-security-manager.cpp | 14 +++++++++++++- src/common/include/privilege_db.h | 7 +++++-- src/common/include/protocols.h | 1 + src/common/privilege_db.cpp | 6 ++++-- src/common/service_impl.cpp | 3 ++- src/include/app-manager.h | 13 +++++++++++++ src/server/service/service.cpp | 1 + 9 files changed, 58 insertions(+), 10 deletions(-) create mode 100644 db/updates/update-db-to-v8.sql diff --git a/db/db.sql b/db/db.sql index c85fc35..f720f84 100644 --- a/db/db.sql +++ b/db/db.sql @@ -4,13 +4,14 @@ PRAGMA auto_vacuum = NONE; BEGIN EXCLUSIVE TRANSACTION; -PRAGMA user_version = 7; +PRAGMA user_version = 8; CREATE TABLE IF NOT EXISTS pkg ( pkg_id INTEGER PRIMARY KEY, name VARCHAR NOT NULL, author_id INTEGER, shared_ro INTEGER NOT NULL DEFAULT 0, +is_hybrid INTEGER NOT NULL DEFAULT 0, UNIQUE (name) FOREIGN KEY (author_id) REFERENCES author (author_id) ); @@ -71,7 +72,8 @@ SELECT app.version as version, pkg.author_id, pkg.name as pkg_name, - author.name as author_name + author.name as author_name, + pkg.is_hybrid FROM user_app LEFT JOIN app USING (app_id) LEFT JOIN pkg USING (pkg_id) @@ -98,10 +100,16 @@ BEGIN AND NEW.author_name IS NOT NULL AND author_name!=NEW.author_name); + SELECT RAISE(ABORT, 'Hybrid flag set differently for existing package') + WHERE EXISTS (SELECT 1 FROM user_app_pkg_view + WHERE is_hybrid!=NEW.is_hybrid + AND pkg_name=NEW.pkg_name); + INSERT OR IGNORE INTO author(name) VALUES (NEW.author_name); - INSERT OR IGNORE INTO pkg(name, author_id) VALUES ( + INSERT OR IGNORE INTO pkg(name, author_id, is_hybrid) VALUES ( NEW.pkg_name, - (SELECT author_id FROM author WHERE name=NEW.author_name)); + (SELECT author_id FROM author WHERE name=NEW.author_name), + NEW.is_hybrid); -- If pkg have already existed with empty author do update it UPDATE pkg SET author_id=(SELECT author_id FROM author WHERE name=NEW.author_name) diff --git a/db/updates/update-db-to-v8.sql b/db/updates/update-db-to-v8.sql new file mode 100644 index 0000000..08f2378 --- /dev/null +++ b/db/updates/update-db-to-v8.sql @@ -0,0 +1,7 @@ +BEGIN EXCLUSIVE TRANSACTION; + +PRAGMA user_version = 8; + +ALTER TABLE pkg ADD is_hybrid INTEGER NOT NULL DEFAULT 0; + +COMMIT TRANSACTION; diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index e5cc93f..6cf0c35 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -208,6 +208,17 @@ int security_manager_app_inst_req_set_install_type(app_inst_req *p_req, const en } SECURITY_MANAGER_API +int security_manager_app_inst_req_set_hybrid(app_inst_req *p_req) +{ + if (!p_req) + return SECURITY_MANAGER_ERROR_INPUT_PARAM; + + p_req->isHybrid = true; + + return SECURITY_MANAGER_SUCCESS; +} + +SECURITY_MANAGER_API int security_manager_app_install(const app_inst_req *p_req) { using namespace SecurityManager; @@ -237,7 +248,8 @@ int security_manager_app_install(const app_inst_req *p_req) p_req->uid, p_req->tizenVersion, p_req->authorName, - p_req->installationType); + p_req->installationType, + p_req->isHybrid); //send buffer to server retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h index 1068699..8e7f801 100644 --- a/src/common/include/privilege_db.h +++ b/src/common/include/privilege_db.h @@ -104,7 +104,8 @@ private: SecurityManager::DB::SqlConnection *mSqlConnection; const std::map Queries = { - { StmtType::EAddApplication, "INSERT INTO user_app_pkg_view (app_name, pkg_name, uid, version, author_name) VALUES (?, ?, ?, ?, ?)" }, + { StmtType::EAddApplication, "INSERT INTO user_app_pkg_view (app_name, pkg_name, uid, version, author_name, is_hybrid)" + " VALUES (?, ?, ?, ?, ?, ?)" }, { StmtType::ERemoveApplication, "DELETE FROM user_app_pkg_view WHERE app_name=? AND uid=?" }, { StmtType::EPkgNameExists, "SELECT count(*) FROM pkg WHERE name=?" }, { StmtType::EAppNameExists, "SELECT count(*) FROM app WHERE name=?" }, @@ -252,6 +253,7 @@ public: * @param uid - user identifier for whom application is going to be installed * @param targetTizenVer - target tizen version for application * @param author - author identifier + * @param isHybrid - hybrid flag setting * @exception DB::SqlConnection::Exception::InternalError on internal error * @exception DB::SqlConnection::Exception::ConstraintError on constraint violation */ @@ -260,7 +262,8 @@ public: const std::string &pkgName, uid_t uid, const std::string &targetTizenVer, - const std::string &authorId); + const std::string &authorId, + bool isHybrid); /** * Remove an application from the database diff --git a/src/common/include/protocols.h b/src/common/include/protocols.h index 9493cf9..a8eb4af 100644 --- a/src/common/include/protocols.h +++ b/src/common/include/protocols.h @@ -43,6 +43,7 @@ struct app_inst_req { std::string tizenVersion; std::string authorName; int installationType = SM_APP_INSTALL_NONE; + bool isHybrid = false; }; struct user_req { diff --git a/src/common/privilege_db.cpp b/src/common/privilege_db.cpp index 895da45..7576345 100644 --- a/src/common/privilege_db.cpp +++ b/src/common/privilege_db.cpp @@ -195,7 +195,8 @@ void PrivilegeDb::AddApplication( const std::string &pkgName, uid_t uid, const std::string &targetTizenVer, - const std::string &authorName) + const std::string &authorName, + bool isHybrid) { try_catch([&] { auto command = getStatement(StmtType::EAddApplication); @@ -204,10 +205,11 @@ void PrivilegeDb::AddApplication( command->BindInteger(3, static_cast(uid)); command->BindString(4, targetTizenVer); authorName.empty() ? command->BindNull(5) : command->BindString(5, authorName); + command->BindInteger(6, isHybrid ? 1 : 0); if (command->Step()) { LogDebug("Unexpected SQLITE_ROW answer to query: " << - Queries.at(StmtType::EAddApplication)); + Queries.at(StmtType::EAddApplication)); }; LogDebug("Added appName: " << appName << ", pkgName: " << pkgName); diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index fad26cc..188cde5 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -524,7 +524,8 @@ int ServiceImpl::appInstall(const Credentials &creds, app_inst_req &&req) PrivilegeDb::getInstance().BeginTransaction(); - PrivilegeDb::getInstance().AddApplication(req.appName, req.pkgName, req.uid, req.tizenVersion, req.authorName); + PrivilegeDb::getInstance().AddApplication(req.appName, req.pkgName, req.uid, + req.tizenVersion, req.authorName, req.isHybrid); /* Get all application ids in the package to generate rules withing the package */ PrivilegeDb::getInstance().GetPkgApps(req.pkgName, pkgContents); PrivilegeDb::getInstance().GetPkgAuthorId(req.pkgName, authorId); diff --git a/src/include/app-manager.h b/src/include/app-manager.h index d05d451..04b8688 100644 --- a/src/include/app-manager.h +++ b/src/include/app-manager.h @@ -132,6 +132,19 @@ int security_manager_app_inst_req_set_author_id(app_inst_req *p_req, const char int security_manager_app_inst_req_set_install_type(app_inst_req *p_req, const enum app_install_type type); /** + * This function is used to flag package as hybrid. This must be done consequently for every + * application installed in package - if first application installed sets this flag, others also + * must set it, otherwise installation will fail, the same applies to non-hybrid packages - + * if first application doesn't set this flag, then no other application for this package can set + * it, otherwise its installation will fail. + * + * \param[in] p_req Pointer handling app_inst_req structure + * \return API return code or error code + * + */ +int security_manager_app_inst_req_set_hybrid(app_inst_req *p_req); + +/** * This function is used to install application based on * using filled up app_inst_req data structure * diff --git a/src/server/service/service.cpp b/src/server/service/service.cpp index 394bf42..5e57f7a 100644 --- a/src/server/service/service.cpp +++ b/src/server/service/service.cpp @@ -187,6 +187,7 @@ void Service::processAppInstall(MessageBuffer &buffer, MessageBuffer &send, cons Deserialization::Deserialize(buffer, req.tizenVersion); Deserialization::Deserialize(buffer, req.authorName); Deserialization::Deserialize(buffer, req.installationType); + Deserialization::Deserialize(buffer, req.isHybrid); Serialization::Serialize(send, serviceImpl.appInstall(creds, std::move(req))); } -- 2.7.4