From 3d158ceb3071b33dbb5884d0b191222e40b11911 Mon Sep 17 00:00:00 2001 From: "hb.min" Date: Thu, 4 Jul 2013 11:10:53 +0900 Subject: [PATCH] Add level checking method of custom privilege Change-Id: I78b1e3db933e1fd11584e283eae1feec5a568e2c Signed-off-by: hb.min --- inc/InstallerDefs.h | 2 +- src/XmlHandler/PrivilegeHandler.cpp | 66 +++++++++++++++++++++++++++++-------- src/XmlHandler/PrivilegeHandler.h | 3 +- 3 files changed, 56 insertions(+), 15 deletions(-) diff --git a/inc/InstallerDefs.h b/inc/InstallerDefs.h index 0ed70d3..b40f2d0 100755 --- a/inc/InstallerDefs.h +++ b/inc/InstallerDefs.h @@ -23,7 +23,7 @@ #include "InstallerUtil.h" -#define OSP_INSTALLER_VERSION "version=[20130703.3]" +#define OSP_INSTALLER_VERSION "version=[20130704.1]" #define DIR_BIN L"/bin" #define DIR_INFO L"/info" diff --git a/src/XmlHandler/PrivilegeHandler.cpp b/src/XmlHandler/PrivilegeHandler.cpp index e09fd13..c4109d3 100755 --- a/src/XmlHandler/PrivilegeHandler.cpp +++ b/src/XmlHandler/PrivilegeHandler.cpp @@ -45,20 +45,39 @@ using namespace Tizen::Text; using namespace Tizen::Io; +int +PrivilegeHandler::GetPrivilegeLevel(const String& privilegeLevel) +{ + if(privilegeLevel.Equals(String(L"platform"), true)) + { + return _API_VISIBILITY_PLATFORM; + } + else if(privilegeLevel.Equals(String(L"partner"), true)) + { + return _API_VISIBILITY_PARTNER; + } + + return _API_VISIBILITY_PUBLIC; +} + + result -PrivilegeHandler::PickExternalPrivilege(const IList& fullPrivilegeList, IList& normalPrivilegeList, IList& externalPrivilegeList) +PrivilegeHandler::PickExternalPrivilege(const IList& fullPrivilegeList, int visibilityLevel, IList& normalPrivilegeList, IList& externalPrivilegeList) { result r = E_SUCCESS; String externalPrivilege; - ArrayList privilegeList; + String externalPrivilegeLevel; + HashMap privilegeList; Database privilegeDb; DbEnumerator* pDbEnum; - r = privilegeDb.Construct(EXTERNAL_PRIVILEGE_DB_NAME, "r"); + r = privilegeList.Construct(32, 0.75); TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r)); + r = privilegeDb.Construct(EXTERNAL_PRIVILEGE_DB_NAME, "r"); + TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r)); - pDbEnum = privilegeDb.QueryN(L"SELECT PRIVILEGE_ID FROM PrivilegeInfo"); + pDbEnum = privilegeDb.QueryN(L"SELECT * FROM PrivilegeInfo"); TryReturnResultTag(OSP_INSTALLER, pDbEnum != null, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error."); AppLog("------------------------------------------"); @@ -70,27 +89,43 @@ PrivilegeHandler::PickExternalPrivilege(const IList& fullPrivilegeList, IList& n r = pDbEnum->GetStringAt(0, externalPrivilege); TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error."); + r = pDbEnum->GetStringAt(1, externalPrivilegeLevel); + TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error."); + AppLog("%ls", externalPrivilege.GetPointer()); - privilegeList.Add(new String(externalPrivilege)); + privilegeList.Add(new String(externalPrivilege), (new Integer(GetPrivilegeLevel(externalPrivilegeLevel)))); } delete pDbEnum; - IEnumerator* pEnum = fullPrivilegeList.GetEnumeratorN(); + std::unique_ptr pEnum(null); + pEnum.reset(fullPrivilegeList.GetEnumeratorN()); + TryReturnResultTag(OSP_INSTALLER, pEnum != null, E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + while(pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast(pEnum->GetCurrent()); + String* pTempString = static_cast(pEnum->GetCurrent()); - if (privilegeList.Contains(*tempString)) + if (privilegeList.ContainsKey(*pTempString)) { - externalPrivilegeList.Add(new String(*tempString)); + Integer* pPrivilegeLevel = static_cast(privilegeList.GetValue(*pTempString)); + TryReturnResultTag(OSP_INSTALLER, pPrivilegeLevel != null, E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + // To be removed + if (visibilityLevel != _API_VISIBILITY_NONE) + { + int privilegeLevel = pPrivilegeLevel->ToInt(); + TryReturnResultTag(OSP_INSTALLER, privilegeLevel <= visibilityLevel, E_ILLEGAL_ACCESS, E_ILLEGAL_ACCESS, + "[E_ILLEGAL_ACCESS] The application does not have the privilege level to register [%ls]", pTempString->GetPointer()); + } + + externalPrivilegeList.Add(new String(*pTempString)); } else { - normalPrivilegeList.Add(new String(*tempString)); + normalPrivilegeList.Add(new String(*pTempString)); } } - delete pEnum; privilegeList.RemoveAll(true); return r; } @@ -113,7 +148,7 @@ PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privi goto CATCH; } - r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList); + r = PickExternalPrivilege(privilegeList, _API_VISIBILITY_NONE, normalPrivilegeList, stringPrivilegeList); if (r == E_SUCCESS) { pBitwisePrivilege = PackPrivilegeN(normalPrivilegeList); @@ -163,12 +198,17 @@ PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privi goto CATCH; } - r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList); + r = PickExternalPrivilege(privilegeList, visibilityLevel, normalPrivilegeList, stringPrivilegeList); if (r == E_SUCCESS) { r = PackPrivilegeN(normalPrivilegeList, visibilityLevel, &pBitwisePrivilege); TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r)); } + else if (r == E_ILLEGAL_ACCESS) + { + AppLogExceptionTag(OSP_INSTALLER, "[E_ILLEGAL_ACCESS] Unauthorized privileges are detected."); + return r; + } else { AppLog("Working with normal PrivilegeDb."); diff --git a/src/XmlHandler/PrivilegeHandler.h b/src/XmlHandler/PrivilegeHandler.h index 98868be..e7f022f 100644 --- a/src/XmlHandler/PrivilegeHandler.h +++ b/src/XmlHandler/PrivilegeHandler.h @@ -57,7 +57,8 @@ private: static result PackPrivilegeN(const Tizen::Base::Collection::IList& privilegeList, int visibilityLevel, byte** ppBitwisePrivilege); static result GetEncryptedBitwise(byte* __bitwisePrivilege, Tizen::Base::String& encryptedPrivileges); static result GetChecksum(Tizen::App::AppId appId, byte* __bitwisePrivilege, Tizen::Base::String& checksum); - static result PickExternalPrivilege(const Tizen::Base::Collection::IList& fullPrivilegeList, Tizen::Base::Collection::IList& normalPrivilegeList, Tizen::Base::Collection::IList& externalPrivilegeList); + static result PickExternalPrivilege(const Tizen::Base::Collection::IList& fullPrivilegeList, int visibilityLevel, Tizen::Base::Collection::IList& normalPrivilegeList, Tizen::Base::Collection::IList& externalPrivilegeList); + static int GetPrivilegeLevel(const Tizen::Base::String& privilegeLevel); }; // PrivilegeHandler -- 2.7.4