From 413b7272b2613b74d419b534bfea68b7fc30cd77 Mon Sep 17 00:00:00 2001
From: sunghyun kim <scholb.kim@samsung.com>
Date: Wed, 8 Jan 2025 17:12:12 +0900
Subject: [PATCH] Change to use cynara api instead of checking privilege
 directly

Change the structure from directly checking privilege by opening a file to checking it using the cynara API

Change-Id: Iff924f7f7aad3a0556437cce69673220f9f38a1e
---
 build/tizen/CMakeLists.txt                    |  2 ++
 packaging/widget-viewer-dali.spec             |  1 +
 .../widget_view_manager_impl.cpp              | 27 +++++++------------
 3 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/build/tizen/CMakeLists.txt b/build/tizen/CMakeLists.txt
index 673ca2d..3956c8d 100644
--- a/build/tizen/CMakeLists.txt
+++ b/build/tizen/CMakeLists.txt
@@ -33,6 +33,7 @@ pkg_check_modules(viewer_dali REQUIRED
 	dali2-adaptor
 	dali2-toolkit
 	cynara-client
+        cynara-creds-self
         ecore-wl2
 	ecore-input
 	tizen-remote-surface-client
@@ -47,6 +48,7 @@ pkg_check_modules(viewer_dali REQUIRED
         dali2-adaptor
         dali2-toolkit
         cynara-client
+        cynara-creds-self
         ecore-wayland
         ecore-input
         tizen-remote-surface-client
diff --git a/packaging/widget-viewer-dali.spec b/packaging/widget-viewer-dali.spec
index 2bfa31f..bba8e2a 100644
--- a/packaging/widget-viewer-dali.spec
+++ b/packaging/widget-viewer-dali.spec
@@ -20,6 +20,7 @@ BuildRequires: pkgconfig(dali2-core)
 BuildRequires: pkgconfig(dali2-adaptor)
 BuildRequires: pkgconfig(dali2-toolkit)
 BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-creds-self)
 BuildRequires: pkgconfig(wayland-tbm-client)
 BuildRequires: pkgconfig(screen_connector_watcher)
 BuildRequires: pkgconfig(watch-holder-base)
diff --git a/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp b/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp
index 13c0ef3..c6aabc5 100644
--- a/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp
+++ b/widget_viewer_dali/internal/widget_view_manager/widget_view_manager_impl.cpp
@@ -27,6 +27,7 @@
 #include <dali/integration-api/debug.h>
 #include <system_info.h>
 #include <cynara-client.h>
+#include <cynara-creds-self.h>
 #include <stdio.h>
 #include <fcntl.h>
 #include <unistd.h>
@@ -84,11 +85,9 @@ static bool CheckPrivilege( const char* privilege )
 {
   cynara* cynara;
   int ret = 0;
-  char subjectLabel[ SMACK_LABEL_LENGTH + 1 ] = "";
-  char labelPath[ SMACK_LABEL_LENGTH + 1 ] = "/proc/self/attr/current";
   char uid[10] = { 0, };
   const char* clientSession = "";
-  FILE *fp = NULL;
+  char* cynara_client = nullptr;
 
   ret = cynara_initialize( &cynara, NULL );
   if( ret != CYNARA_API_SUCCESS )
@@ -96,30 +95,24 @@ static bool CheckPrivilege( const char* privilege )
     return false;
   }
 
-  fp = fopen( labelPath , "r" );
-  if(fp != NULL)
+  ret = cynara_creds_self_get_client( CLIENT_METHOD_DEFAULT, &cynara_client);
+  if ( ret != CYNARA_API_SUCCESS)
   {
-    ret = fread( subjectLabel, 1, sizeof(subjectLabel), fp);
-    if ( ret <= 0 )
-    {
-      fclose(fp);
-      cynara_finish( cynara );
-      return false;
-    }
-    fclose(fp);
+    DALI_LOG_ERROR("cynara_creds_self_get_client is failed : %d \n", ret);
+    return false;
   }
-  subjectLabel[ret] = '\0';
-
-  snprintf( uid, 10, "%d", getuid() );
 
-  ret = cynara_check( cynara, subjectLabel, clientSession, uid, privilege );
+  ret = cynara_check( cynara, cynara_client, clientSession, uid, privilege );
   if( ret != CYNARA_API_ACCESS_ALLOWED )
   {
     cynara_finish( cynara );
+    free(cynara_client);
+    DALI_LOG_ERROR("cynara_check is failed : :%d \n", ret);
     return false;
   }
 
   cynara_finish( cynara );
+  free(cynara_client);
 
   return true;
 }
-- 
2.34.1