From 9bc1614b789168b5b17a0d977ce0f08d809acf0d Mon Sep 17 00:00:00 2001 From: Tomasz Swierczek Date: Fri, 18 Jan 2013 09:09:05 +0100 Subject: [PATCH] Cherry-pick release: security-server_0.0.62 * Separated security-server and wrt-security-daemon * This repository holds security-server now Conflicts: CMakeLists.txt packaging/security-server.spec socket_connection/connection/SocketStream.cpp tests/CMakeLists.txt tests/security_server_tests/CMakeLists.txt Change-Id: I1185bb69f8517da9f5fa5299335e8cc856ba402f --- CMakeLists.txt | 88 +- ace/CMakeLists.txt | 140 ---- ace/DESCRIPTION | 2 - ace/configuration/TizenPolicy.xml | 547 ------------- ace/configuration/UnrestrictedPolicy.xml | 5 - ace/configuration/WAC2.0Policy.xml | 169 ---- ace/configuration/bondixml.xsd | 184 ----- ace/dao/AceDAO.cpp | 461 ----------- ace/dao/AceDAOConversions.cpp | 54 -- ace/dao/AceDAOReadOnly.cpp | 570 ------------- ace/dao/AceDAOUtilities.cpp | 193 ----- ace/dao/AceDatabase.cpp | 25 - ace/dao/BaseAttribute.cpp | 82 -- ace/dao/CMakeLists.txt | 82 -- ace/dao/PromptModel.cpp | 178 ----- ace/engine/Attribute.cpp | 886 --------------------- ace/engine/CombinerImpl.cpp | 333 -------- ace/engine/Condition.cpp | 236 ------ ace/engine/ConfigurationManager.cpp | 144 ---- ace/engine/Policy.cpp | 80 -- ace/engine/PolicyEnforcementPoint.cpp | 139 ---- ace/engine/PolicyEvaluator.cpp | 544 ------------- ace/engine/PolicyInformationPoint.cpp | 278 ------- ace/engine/Rule.cpp | 74 -- ace/engine/SettingsLogic.cpp | 172 ---- ace/engine/Subject.cpp | 65 -- ace/engine/TreeNode.cpp | 71 -- ace/engine/parser.cpp | 744 ----------------- ace/include/ace-dao-ro/AceDAOConversions.h | 39 - ace/include/ace-dao-ro/AceDAOReadOnly.h | 132 --- ace/include/ace-dao-ro/AceDAOUtilities.h | 55 -- ace/include/ace-dao-ro/AceDatabase.h | 56 -- ace/include/ace-dao-ro/AppTypes.h | 37 - ace/include/ace-dao-ro/BaseAttribute.h | 150 ---- ace/include/ace-dao-ro/BasePermission.h | 53 -- ace/include/ace-dao-ro/IRequest.h | 38 - ace/include/ace-dao-ro/PreferenceTypes.h | 48 -- ace/include/ace-dao-ro/PromptModel.h | 92 --- ace/include/ace-dao-ro/TimedVerdict.h | 42 - ace/include/ace-dao-ro/ValidityTypes.h | 40 - ace/include/ace-dao-ro/VerdictTypes.h | 45 -- ace/include/ace-dao-ro/common_dao_types.h | 93 --- ace/include/ace-dao-rw/AceDAO.h | 117 --- ace/include/ace/AbstractPolicyEnforcementPoint.h | 31 - ace/include/ace/AbstractPolicyInformationPoint.h | 21 - ace/include/ace/AbstractTreeElement.h | 44 - ace/include/ace/AsyncVerdictResultListener.h | 33 - ace/include/ace/Attribute.h | 212 ----- ace/include/ace/Combiner.h | 58 -- ace/include/ace/CombinerImpl.h | 76 -- ace/include/ace/Condition.h | 133 ---- ace/include/ace/ConfigurationManager.h | 116 --- ace/include/ace/Constants.h | 59 -- ace/include/ace/Effect.h | 112 --- ace/include/ace/PermissionTriple.h | 48 -- ace/include/ace/Policy.h | 87 -- ace/include/ace/PolicyEffect.h | 47 -- ace/include/ace/PolicyEnforcementPoint.h | 96 --- ace/include/ace/PolicyEvaluator.h | 153 ---- ace/include/ace/PolicyEvaluatorFactory.h | 45 -- ace/include/ace/PolicyInformationPoint.h | 101 --- ace/include/ace/PolicyResult.h | 259 ------ ace/include/ace/PolicySet.h | 48 -- ace/include/ace/Preference.h | 38 - ace/include/ace/PromptDecision.h | 41 - ace/include/ace/Request.h | 104 --- ace/include/ace/Rule.h | 73 -- ace/include/ace/SettingsLogic.h | 88 -- ace/include/ace/Subject.h | 72 -- ace/include/ace/TestTimer.h | 41 - ace/include/ace/TreeNode.h | 130 --- ace/include/ace/UserDecision.h | 37 - ace/include/ace/Verdict.h | 39 - ace/include/ace/WRT_INTERFACE.h | 144 ---- ace/include/ace/WidgetUsageModel.h | 97 --- ace/include/ace/acf_consts.h | 41 - ace/include/ace/parser.h | 108 --- ace/orm/ace_db | 92 --- ace/orm/ace_db_definitions | 6 - ace/orm/ace_db_sql_generator.h | 27 - ace/orm/gen_db_md5.sh | 19 - ace/orm/orm_generator_ace.h | 24 - ace/orm/version_db | 5 - ace_client/CMakeLists.txt | 1 - ace_client/include/ace-client/ace_client.h | 69 -- ace_client/include/ace-client/ace_client_helper.h | 139 ---- ace_client/include/ace-client/ace_client_types.h | 116 --- ace_client/include/ace_api_client.h | 118 --- ace_client/include/ace_popup_handler.h | 39 - ace_client/src/CMakeLists.txt | 71 -- ace_client/src/ace_api_client.cpp | 122 --- ace_client/src/ace_client.cpp | 665 ---------------- ace_client/src/example/CMakeLists.txt | 26 - ace_client/src/example/ace-thin-client-example.cpp | 33 - ace_common/CMakeLists.txt | 4 - ace_common/include/ace_api_common.h | 125 --- ace_install/CMakeLists.txt | 1 - ace_install/include/ace_api_install.h | 183 ----- ace_install/src/CMakeLists.txt | 62 -- ace_install/src/ace_api_install.cpp | 345 -------- ace_popup_validation/CMakeLists.txt | 1 - .../include/ace_api_popup_validation.h | 76 -- ace_popup_validation/src/CMakeLists.txt | 62 -- .../src/ace_api_popup_validation.cpp | 135 ---- ace_settings/CMakeLists.txt | 1 - ace_settings/include/ace_api_settings.h | 121 --- ace_settings/src/CMakeLists.txt | 56 -- ace_settings/src/ace_api_settings.cpp | 203 ----- build/CMakeLists.txt | 9 +- build/ace/CMakeLists.txt | 31 - build/ace/security-dao-ro.pc.in | 11 - build/ace/security-dao-rw.pc.in | 11 - build/ace/security.pc.in | 11 - build/ace_client/CMakeLists.txt | 26 - build/ace_client/security-client.pc.in | 11 - build/ace_install/CMakeLists.txt | 26 - build/ace_install/security-install.pc.in | 11 - build/ace_popup_validation/CMakeLists.txt | 26 - .../security-popup-validation.pc.in | 11 - build/ace_settings/CMakeLists.txt | 26 - build/ace_settings/security-settings.pc.in | 11 - build/communication_client/CMakeLists.txt | 26 - .../security-communication-client.pc.in | 11 - build/wrt-security/CMakeLists.txt | 19 - build/wrt-security/security-core.pc.in | 11 - build/wrt_ocsp/CMakeLists.txt | 26 - build/wrt_ocsp/security-wrt-ocsp.pc.in | 11 - .../include/SecurityCommunicationClient.h | 108 --- .../src/SecurityCommunicationClient.cpp | 89 --- etc/CMakeLists.txt | 25 - etc/certificates/CMakeLists.txt | 33 - etc/certificates/orange.production.pem | 13 - etc/certificates/tizen-developer-root-ca.pem | 17 - .../tizen-distributor-root-ca-partner.pem | 17 - .../tizen-distributor-root-ca-public.pem | 17 - etc/certificates/tizen.root.preproduction.cert.pem | 60 -- etc/certificates/wac.publisherid.pem | 24 - etc/certificates/wac.root.preproduction.pem | 22 - etc/certificates/wac.root.production.pem | 22 - etc/fingerprint_list.xml | 29 - etc/fingerprint_list.xsd | 21 - etc/schema.xsd | 415 ---------- etc/wrt_security_change_policy.sh | 26 - etc/wrt_security_create_clean_db.sh | 31 - packaging/security-server.spec | 80 +- socket_connection/client/SecuritySocketClient.cpp | 75 -- socket_connection/client/SecuritySocketClient.h | 142 ---- socket_connection/connection/SocketConnection.cpp | 30 - socket_connection/connection/SocketConnection.h | 116 --- socket_connection/connection/SocketStream.cpp | 166 ---- socket_connection/connection/SocketStream.h | 69 -- src/CMakeLists.txt | 280 +++---- src/main.cpp | 10 - src/security-srv/CMakeLists.txt | 85 ++ src/security-srv/CMakeLists.txt--original | 78 -- src/security-srv/security-serverd | 1 + src/security-srv/server/security-server-main.c | 3 +- wrt_ocsp/CMakeLists.txt | 1 - wrt_ocsp/include/wrt_ocsp_api.h | 74 -- wrt_ocsp/src/CMakeLists.txt | 60 -- wrt_ocsp/src/wrt_ocsp_api.cpp | 80 -- 161 files changed, 230 insertions(+), 15776 deletions(-) delete mode 100644 ace/CMakeLists.txt delete mode 100644 ace/DESCRIPTION delete mode 100644 ace/configuration/TizenPolicy.xml delete mode 100644 ace/configuration/UnrestrictedPolicy.xml delete mode 100644 ace/configuration/WAC2.0Policy.xml delete mode 100644 ace/configuration/bondixml.xsd delete mode 100644 ace/dao/AceDAO.cpp delete mode 100644 ace/dao/AceDAOConversions.cpp delete mode 100644 ace/dao/AceDAOReadOnly.cpp delete mode 100644 ace/dao/AceDAOUtilities.cpp delete mode 100644 ace/dao/AceDatabase.cpp delete mode 100644 ace/dao/BaseAttribute.cpp delete mode 100644 ace/dao/CMakeLists.txt delete mode 100644 ace/dao/PromptModel.cpp delete mode 100644 ace/engine/Attribute.cpp delete mode 100644 ace/engine/CombinerImpl.cpp delete mode 100644 ace/engine/Condition.cpp delete mode 100644 ace/engine/ConfigurationManager.cpp delete mode 100644 ace/engine/Policy.cpp delete mode 100644 ace/engine/PolicyEnforcementPoint.cpp delete mode 100644 ace/engine/PolicyEvaluator.cpp delete mode 100644 ace/engine/PolicyInformationPoint.cpp delete mode 100644 ace/engine/Rule.cpp delete mode 100644 ace/engine/SettingsLogic.cpp delete mode 100644 ace/engine/Subject.cpp delete mode 100644 ace/engine/TreeNode.cpp delete mode 100644 ace/engine/parser.cpp delete mode 100644 ace/include/ace-dao-ro/AceDAOConversions.h delete mode 100644 ace/include/ace-dao-ro/AceDAOReadOnly.h delete mode 100644 ace/include/ace-dao-ro/AceDAOUtilities.h delete mode 100644 ace/include/ace-dao-ro/AceDatabase.h delete mode 100644 ace/include/ace-dao-ro/AppTypes.h delete mode 100644 ace/include/ace-dao-ro/BaseAttribute.h delete mode 100644 ace/include/ace-dao-ro/BasePermission.h delete mode 100644 ace/include/ace-dao-ro/IRequest.h delete mode 100644 ace/include/ace-dao-ro/PreferenceTypes.h delete mode 100644 ace/include/ace-dao-ro/PromptModel.h delete mode 100644 ace/include/ace-dao-ro/TimedVerdict.h delete mode 100644 ace/include/ace-dao-ro/ValidityTypes.h delete mode 100644 ace/include/ace-dao-ro/VerdictTypes.h delete mode 100644 ace/include/ace-dao-ro/common_dao_types.h delete mode 100644 ace/include/ace-dao-rw/AceDAO.h delete mode 100644 ace/include/ace/AbstractPolicyEnforcementPoint.h delete mode 100644 ace/include/ace/AbstractPolicyInformationPoint.h delete mode 100644 ace/include/ace/AbstractTreeElement.h delete mode 100644 ace/include/ace/AsyncVerdictResultListener.h delete mode 100644 ace/include/ace/Attribute.h delete mode 100644 ace/include/ace/Combiner.h delete mode 100644 ace/include/ace/CombinerImpl.h delete mode 100644 ace/include/ace/Condition.h delete mode 100644 ace/include/ace/ConfigurationManager.h delete mode 100644 ace/include/ace/Constants.h delete mode 100644 ace/include/ace/Effect.h delete mode 100644 ace/include/ace/PermissionTriple.h delete mode 100644 ace/include/ace/Policy.h delete mode 100644 ace/include/ace/PolicyEffect.h delete mode 100644 ace/include/ace/PolicyEnforcementPoint.h delete mode 100644 ace/include/ace/PolicyEvaluator.h delete mode 100644 ace/include/ace/PolicyEvaluatorFactory.h delete mode 100644 ace/include/ace/PolicyInformationPoint.h delete mode 100644 ace/include/ace/PolicyResult.h delete mode 100644 ace/include/ace/PolicySet.h delete mode 100644 ace/include/ace/Preference.h delete mode 100644 ace/include/ace/PromptDecision.h delete mode 100644 ace/include/ace/Request.h delete mode 100644 ace/include/ace/Rule.h delete mode 100644 ace/include/ace/SettingsLogic.h delete mode 100644 ace/include/ace/Subject.h delete mode 100644 ace/include/ace/TestTimer.h delete mode 100644 ace/include/ace/TreeNode.h delete mode 100644 ace/include/ace/UserDecision.h delete mode 100644 ace/include/ace/Verdict.h delete mode 100644 ace/include/ace/WRT_INTERFACE.h delete mode 100644 ace/include/ace/WidgetUsageModel.h delete mode 100644 ace/include/ace/acf_consts.h delete mode 100644 ace/include/ace/parser.h delete mode 100644 ace/orm/ace_db delete mode 100644 ace/orm/ace_db_definitions delete mode 100644 ace/orm/ace_db_sql_generator.h delete mode 100755 ace/orm/gen_db_md5.sh delete mode 100644 ace/orm/orm_generator_ace.h delete mode 100644 ace/orm/version_db delete mode 100644 ace_client/CMakeLists.txt delete mode 100644 ace_client/include/ace-client/ace_client.h delete mode 100644 ace_client/include/ace-client/ace_client_helper.h delete mode 100644 ace_client/include/ace-client/ace_client_types.h delete mode 100644 ace_client/include/ace_api_client.h delete mode 100644 ace_client/include/ace_popup_handler.h delete mode 100644 ace_client/src/CMakeLists.txt delete mode 100644 ace_client/src/ace_api_client.cpp delete mode 100644 ace_client/src/ace_client.cpp delete mode 100644 ace_client/src/example/CMakeLists.txt delete mode 100644 ace_client/src/example/ace-thin-client-example.cpp delete mode 100644 ace_common/CMakeLists.txt delete mode 100644 ace_common/include/ace_api_common.h delete mode 100644 ace_install/CMakeLists.txt delete mode 100644 ace_install/include/ace_api_install.h delete mode 100644 ace_install/src/CMakeLists.txt delete mode 100644 ace_install/src/ace_api_install.cpp delete mode 100644 ace_popup_validation/CMakeLists.txt delete mode 100644 ace_popup_validation/include/ace_api_popup_validation.h delete mode 100644 ace_popup_validation/src/CMakeLists.txt delete mode 100644 ace_popup_validation/src/ace_api_popup_validation.cpp delete mode 100644 ace_settings/CMakeLists.txt delete mode 100644 ace_settings/include/ace_api_settings.h delete mode 100644 ace_settings/src/CMakeLists.txt delete mode 100644 ace_settings/src/ace_api_settings.cpp delete mode 100644 build/ace/CMakeLists.txt delete mode 100644 build/ace/security-dao-ro.pc.in delete mode 100644 build/ace/security-dao-rw.pc.in delete mode 100644 build/ace/security.pc.in delete mode 100644 build/ace_client/CMakeLists.txt delete mode 100644 build/ace_client/security-client.pc.in delete mode 100644 build/ace_install/CMakeLists.txt delete mode 100644 build/ace_install/security-install.pc.in delete mode 100644 build/ace_popup_validation/CMakeLists.txt delete mode 100644 build/ace_popup_validation/security-popup-validation.pc.in delete mode 100644 build/ace_settings/CMakeLists.txt delete mode 100644 build/ace_settings/security-settings.pc.in delete mode 100644 build/communication_client/CMakeLists.txt delete mode 100644 build/communication_client/security-communication-client.pc.in delete mode 100644 build/wrt-security/CMakeLists.txt delete mode 100644 build/wrt-security/security-core.pc.in delete mode 100644 build/wrt_ocsp/CMakeLists.txt delete mode 100644 build/wrt_ocsp/security-wrt-ocsp.pc.in delete mode 100644 communication_client/include/SecurityCommunicationClient.h delete mode 100644 communication_client/src/SecurityCommunicationClient.cpp delete mode 100644 etc/CMakeLists.txt delete mode 100644 etc/certificates/CMakeLists.txt delete mode 100644 etc/certificates/orange.production.pem delete mode 100644 etc/certificates/tizen-developer-root-ca.pem delete mode 100644 etc/certificates/tizen-distributor-root-ca-partner.pem delete mode 100644 etc/certificates/tizen-distributor-root-ca-public.pem delete mode 100644 etc/certificates/tizen.root.preproduction.cert.pem delete mode 100644 etc/certificates/wac.publisherid.pem delete mode 100644 etc/certificates/wac.root.preproduction.pem delete mode 100644 etc/certificates/wac.root.production.pem delete mode 100644 etc/fingerprint_list.xml delete mode 100644 etc/fingerprint_list.xsd delete mode 100644 etc/schema.xsd delete mode 100644 etc/wrt_security_change_policy.sh delete mode 100644 etc/wrt_security_create_clean_db.sh delete mode 100644 socket_connection/client/SecuritySocketClient.cpp delete mode 100644 socket_connection/client/SecuritySocketClient.h delete mode 100644 socket_connection/connection/SocketConnection.cpp delete mode 100644 socket_connection/connection/SocketConnection.h delete mode 100644 socket_connection/connection/SocketStream.cpp delete mode 100644 socket_connection/connection/SocketStream.h create mode 100644 src/security-srv/CMakeLists.txt delete mode 100644 src/security-srv/CMakeLists.txt--original delete mode 100644 wrt_ocsp/CMakeLists.txt delete mode 100644 wrt_ocsp/include/wrt_ocsp_api.h delete mode 100644 wrt_ocsp/src/CMakeLists.txt delete mode 100644 wrt_ocsp/src/wrt_ocsp_api.cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 402ac47..ca0a4ba 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -43,13 +43,13 @@ SET(CMAKE_CXX_FLAGS_CCOV "-O2 -std=c++0x -g --coverage") #SET(SMACK_ENABLE ON) -OPTION(DPL_LOG "DPL logs status" ON) -IF(DPL_LOG) - MESSAGE(STATUS "Logging enabled for DPL") - ADD_DEFINITIONS("-DDPL_LOGS_ENABLED") -ELSE(DPL_LOG) - MESSAGE(STATUS "Logging disabled for DPL") -ENDIF(DPL_LOG) +#OPTION(DPL_LOG "DPL logs status" ON) +#IF(DPL_LOG) +# MESSAGE(STATUS "Logging enabled for DPL") +# ADD_DEFINITIONS("-DDPL_LOGS_ENABLED") +#ELSE(DPL_LOG) +# MESSAGE(STATUS "Logging disabled for DPL") +#ENDIF(DPL_LOG) # If supported for the target machine, emit position-independent code,suitable # for dynamic linking and avoiding any limit on the size of the global offset @@ -65,78 +65,18 @@ ADD_DEFINITIONS("-fPIC") #ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings -ADD_DEFINITIONS("-Wno-variadic-macros") # Inhibit variadic macros warnings (needed for ORM) -ADD_DEFINITIONS("-Wno-deprecated") # No warnings about deprecated features -ADD_DEFINITIONS("-std=c++0x") # No warnings about deprecated features +#ADD_DEFINITIONS("-Wno-variadic-macros") # Inhibit variadic macros warnings (needed for ORM) +#ADD_DEFINITIONS("-Wno-deprecated") # No warnings about deprecated features +#ADD_DEFINITIONS("-std=c++0x") # No warnings about deprecated features -ADD_DEFINITIONS("-DSOCKET_CONNECTION") #defines sockets as used IPC +#ADD_DEFINITIONS("-DSOCKET_CONNECTION") #defines sockets as used IPC #ADD_DEFINITIONS("-DDBUS_CONNECTION") #defines DBus as used IPC STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}") ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"") -IF(SMACK_ENABLE) - ADD_DEFINITIONS("-DWRT_SMACK_ENABLED") -ENDIF(SMACK_ENABLE) - -############################# Targets names ################################### - -SET(TARGET_DAEMON "security-server") -SET(TARGET_ACE_DAO_RO_LIB "ace-dao-ro") -SET(TARGET_ACE_DAO_RW_LIB "ace-dao-rw") -SET(TARGET_ACE_LIB "ace") -SET(TARGET_ACE_CLIENT_LIB "ace-client") -SET(TARGET_ACE_SETTINGS_LIB "ace-settings") -SET(TARGET_ACE_INSTALL_LIB "ace-install") -SET(TARGET_ACE_POPUP_VALIDATION_LIB "ace-popup-validation") -SET(TARGET_COMMUNICATION_CLIENT_LIB "communication-client") -SET(TARGET_WRT_OCSP_LIB "wrt-ocsp") -SET(TARGET_SEC_SRV_LIB "sec-srv") -SET(security-server-client "security-server-client") - -############################# Communicatin Client ############################# - -SET(COMMUNICATION_CLIENT_DIR - ${PROJECT_SOURCE_DIR}/communication_client - ) - -SET(COMMUNICATION_CLIENT_SRC_DIR - ${COMMUNICATION_CLIENT_DIR}/src - ) - -SET(COMMUNICATION_CLIENT_INCLUDE_DIR - ${COMMUNICATION_CLIENT_DIR}/include - ) - -SET(COMMUNICATION_CLIENT_SOURCES - ${COMMUNICATION_CLIENT_SRC_DIR}/SecurityCommunicationClient.cpp - ${PROJECT_SOURCE_DIR}/socket_connection/client/SecuritySocketClient.cpp - ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketConnection.cpp - ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketStream.cpp - ) - -SET(COMMUNICATION_CLIENT_INCLUDES - ${COMMUNICATION_CLIENT_DEPS_INCLUDE_DIRS} - ${COMMUNICATION_CLIENT_INCLUDE_DIR} - ${PROJECT_SOURCE_DIR}/src/daemon/sockets - ${PROJECT_SOURCE_DIR}/src/daemon/dbus - ${PROJECT_SOURCE_DIR}/src/daemon/socket - ${PROJECT_SOURCE_DIR}/src/daemon/socket/api - ${PROJECT_SOURCE_DIR}/socket_connection/client - ${PROJECT_SOURCE_DIR}/socket_connection/connection - ) - -############################# subdirectories ################################## - -ADD_SUBDIRECTORY(ace) -ADD_SUBDIRECTORY(ace_client) -ADD_SUBDIRECTORY(ace_common) -ADD_SUBDIRECTORY(ace_install) -ADD_SUBDIRECTORY(ace_settings) -ADD_SUBDIRECTORY(ace_popup_validation) -ADD_SUBDIRECTORY(communication_client) -ADD_SUBDIRECTORY(wrt_ocsp) +SET(TARGET_SECURITY_SERVER "security-server") +SET(TARGET_SECURITY_CLIENT "security-server-client") + ADD_SUBDIRECTORY(src) ADD_SUBDIRECTORY(build) -ADD_SUBDIRECTORY(etc) - diff --git a/ace/CMakeLists.txt b/ace/CMakeLists.txt deleted file mode 100644 index 4fbfcdf..0000000 --- a/ace/CMakeLists.txt +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -###################################################################### - -#DB vcore -PKG_CHECK_MODULES(ACE_DB_DEP - dpl-efl - REQUIRED) - -#DB ace -ADD_CUSTOM_COMMAND( - OUTPUT ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h - COMMAND ${CMAKE_SOURCE_DIR}/ace/orm/gen_db_md5.sh - ARGS ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h - ${CMAKE_SOURCE_DIR}/ace/orm/ace_db - DEPENDS ${CMAKE_SOURCE_DIR}/ace/orm/ace_db - ${CMAKE_SOURCE_DIR}/ace/orm/gen_db_md5.sh - COMMENT "Generating ACE database checksum" - ) - -STRING(REPLACE ";" ":" DEPENDENCIES "${ACE_DB_DEP_INCLUDE_DIRS}") - -ADD_CUSTOM_COMMAND( OUTPUT .ace.db - COMMAND rm -f ${CMAKE_CURRENT_BINARY_DIR}/.ace.db - COMMAND CPATH=${DEPENDENCIES} gcc -Wall -include ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h -I${PROJECT_SOURCE_DIR}/ace/orm -E ${PROJECT_SOURCE_DIR}/ace/orm/ace_db_sql_generator.h | grep --invert-match "^#" > ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql - COMMAND sqlite3 ${CMAKE_CURRENT_BINARY_DIR}/.ace.db ".read ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql" || rm -f ${CMAKE_CURRENT_BINARY_DIR}/.ace.db - DEPENDS ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h ${PROJECT_SOURCE_DIR}/ace/orm/ace_db_sql_generator.h ${PROJECT_SOURCE_DIR}/ace/orm/ace_db - ) - -ADD_CUSTOM_COMMAND( OUTPUT .ace.db-journal - COMMAND touch - ARGS ${CMAKE_CURRENT_BINARY_DIR}/.ace.db-journal - ) - -ADD_CUSTOM_TARGET(Sqlite3DbACE ALL DEPENDS .ace.db .ace.db-journal) - -INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/ace_db.sql - DESTINATION share/wrt-engine/ - ) - -########################################################### - -INCLUDE(FindPkgConfig) - -SET(ACE_TEST_PATH "/usr/apps/org.tizen.policy") - -INSTALL(FILES - ${CMAKE_CURRENT_SOURCE_DIR}/configuration/bondixml.xsd - ${CMAKE_CURRENT_SOURCE_DIR}/configuration/UnrestrictedPolicy.xml - ${CMAKE_CURRENT_SOURCE_DIR}/configuration/WAC2.0Policy.xml - ${CMAKE_CURRENT_SOURCE_DIR}/configuration/TizenPolicy.xml - DESTINATION /usr/etc/ace - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE) - -SET(ACE_LIB_DEPS_BASIC - dpl-efl - dpl-db-efl - dpl-event-efl - ecore - appcore-efl - openssl - sqlite3 - dlog - vconf - db-util - libpcrecpp - icu-uc - libxml-2.0 - ) - -IF(SMACK_ENABLED) - LIST(APPEND ACE_LIB_DEPS_BASIC libprivilege-control) -ENDIF(SMACK_ENABLED) - -PKG_CHECK_MODULES(ACE_LIB_DEPS ${ACE_LIB_DEPS_BASIC} REQUIRED) - -SET(WRT_ACE_DIR ${PROJECT_SOURCE_DIR}/ace) - -SET(ACE_SOURCES - ${WRT_ACE_DIR}/engine/PolicyEvaluator.cpp - ${WRT_ACE_DIR}/engine/PolicyInformationPoint.cpp - ${WRT_ACE_DIR}/engine/CombinerImpl.cpp - ${WRT_ACE_DIR}/engine/parser.cpp - ${WRT_ACE_DIR}/engine/PolicyEnforcementPoint.cpp - ${WRT_ACE_DIR}/engine/SettingsLogic.cpp - ${WRT_ACE_DIR}/engine/Attribute.cpp - ${WRT_ACE_DIR}/engine/Condition.cpp - ${WRT_ACE_DIR}/engine/Policy.cpp - ${WRT_ACE_DIR}/engine/Rule.cpp - ${WRT_ACE_DIR}/engine/Subject.cpp - ${WRT_ACE_DIR}/engine/TreeNode.cpp - ${WRT_ACE_DIR}/engine/ConfigurationManager.cpp -) - -INCLUDE_DIRECTORIES(${ACE_LIB_DEPS_INCLUDE_DIRS}) -INCLUDE_DIRECTORIES(${WRT_ACE_DIR}/include) - -SET(WITH_ACE_SETTINGS_SERVER_SOURCES - ${WITH_ACE_SETTINGS_SERVER_NONE_SOURCES} - ) - -ADD_LIBRARY(${TARGET_ACE_LIB} SHARED - ${ACE_SOURCES} - ${WITH_ACE_SETTINGS_SERVER_SOURCES} -) - -SET_TARGET_PROPERTIES(${TARGET_ACE_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_ACE_LIB} - ${TARGET_ACE_DAO_RW_LIB} - ${ACE_LIB_DEPS_LIBRARIES} -) - -INSTALL(TARGETS ${TARGET_ACE_LIB} - DESTINATION lib) - -INSTALL(FILES - include/ace/WRT_INTERFACE.h - DESTINATION - include/ace - ) - -add_subdirectory(dao) diff --git a/ace/DESCRIPTION b/ace/DESCRIPTION deleted file mode 100644 index aac5ef6..0000000 --- a/ace/DESCRIPTION +++ /dev/null @@ -1,2 +0,0 @@ -!!!options!!! stop -ACE - Access Control Engine - security module for Device APIs diff --git a/ace/configuration/TizenPolicy.xml b/ace/configuration/TizenPolicy.xml deleted file mode 100644 index 1f21ab3..0000000 --- a/ace/configuration/TizenPolicy.xml +++ /dev/null @@ -1,547 +0,0 @@ - - - - - - - sha-1 67:37:DE:B7:B9:9D:D2:DB:A5:2C:42:DE:CB:2F:2C:3E:33:97:E1:85 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - sha-1 AD:A1:44:89:6A:35:6D:17:01:E9:6F:46:C6:00:7B:78:BE:2E:D9:4E - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/ace/configuration/UnrestrictedPolicy.xml b/ace/configuration/UnrestrictedPolicy.xml deleted file mode 100644 index 558f2dc..0000000 --- a/ace/configuration/UnrestrictedPolicy.xml +++ /dev/null @@ -1,5 +0,0 @@ - - - - - diff --git a/ace/configuration/WAC2.0Policy.xml b/ace/configuration/WAC2.0Policy.xml deleted file mode 100644 index 1a6e0ed..0000000 --- a/ace/configuration/WAC2.0Policy.xml +++ /dev/null @@ -1,169 +0,0 @@ - - - - - - - sha-1 4A:9D:7A:4B:3B:29:D4:69:0A:70:B3:80:EC:A9:44:6B:03:7C:9A:38 - - - - - - sha-1 A6:00:BC:53:AC:37:5B:6A:03:C3:7A:8A:E0:1B:87:8B:82:94:9B:C2 - - - - - - sha-1 A0:59:D3:37:E8:C8:2E:7F:38:84:7D:21:A9:9E:19:A9:8E:EC:EB:E1 - - - - - - sha-1 8D:1F:CB:31:68:11:DA:22:59:26:58:13:6C:C6:72:C9:F0:DE:84:2A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - wgt-private - wgt-private-tmp - wgt-package - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/ace/configuration/bondixml.xsd b/ace/configuration/bondixml.xsd deleted file mode 100644 index d16a14d..0000000 --- a/ace/configuration/bondixml.xsd +++ /dev/null @@ -1,184 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/ace/dao/AceDAO.cpp b/ace/dao/AceDAO.cpp deleted file mode 100644 index 4d4ce06..0000000 --- a/ace/dao/AceDAO.cpp +++ /dev/null @@ -1,461 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDAO.cpp - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @version 0.1 - * @brief - */ - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -using namespace DPL::DB::ORM; -using namespace DPL::DB::ORM::ace; -using namespace AceDB::AceDaoUtilities; -using namespace AceDB::AceDaoConversions; - -namespace { -char const * const EMPTY_SESSION = ""; -} // namespace - -namespace AceDB{ - -void AceDAO::setPromptDecision( - WidgetHandle widgetHandle, - int ruleId, - const DPL::OptionalString &session, - PromptDecision decision) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - - ACE_DB_DELETE(del, AcePromptDecision, &AceDaoUtilities::m_databaseInterface); - del->Where( - And( - Equals(widgetHandle), - Equals(ruleId))); - del->Execute(); - - AcePromptDecision::Row row; - row.Set_rule_id(ruleId); - row.Set_decision(promptDecisionToInt(decision)); - row.Set_app_id(widgetHandle); - row.Set_session(session); - ACE_DB_INSERT(insert, AcePromptDecision, &AceDaoUtilities::m_databaseInterface); - insert->Values(row); - insert->Execute(); - - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to setUserSetting"); - } -} - -void AceDAO::removePolicyResult( - const BaseAttributeSet &attributes) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - - auto attrHash = convertToHash(attributes); - - ACE_DB_DELETE(del, - AcePolicyResult, - &AceDaoUtilities::m_databaseInterface); - del->Where(Equals(attrHash)); - del->Execute(); - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to removeVerdict"); - } -} - -void AceDAO::clearAllSettings(void) -{ - clearWidgetDevCapSettings(); - clearDevCapSettings(); -} - -void AceDAO::setDevCapSetting(const std::string &resource, - PreferenceTypes preference) -{ - Try { - ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface); - AceDevCap::Row row; - row.Set_general_setting(preferenceToInt(preference)); - update->Values(row); - update->Where( - Equals(DPL::FromUTF8String(resource))); - update->Execute(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to SetResourceSetting"); - } -} - -void AceDAO::removeDevCapSetting(const std::string &resource) -{ - Try { - ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface); - AceDevCap::Row row; - row.Set_general_setting(preferenceToInt(PreferenceTypes::PREFERENCE_DEFAULT)); - update->Values(row); - update->Where( - Equals(DPL::FromUTF8String(resource))); - update->Execute(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to removeResourceSetting"); - } -} - - -void AceDAO::setWidgetDevCapSetting(const std::string &resource, - WidgetHandle handler, - PreferenceTypes preference) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - // TODO JOIN - AceDevCap::Row rrow; - if (!getResourceByUri(resource, rrow)) { - ThrowMsg(Exception::DatabaseError, "Resource not found"); - } - - ACE_DB_INSERT(insert, - AceWidgetDevCapSetting, - &AceDaoUtilities::m_databaseInterface); - - AceWidgetDevCapSetting::Row row; - row.Set_app_id(handler); - int rid = rrow.Get_resource_id(); - row.Set_resource_id(rid); - row.Set_access_value(preferenceToInt(preference)); - insert->Values(row); - insert->Execute(); - - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to setUserSetting"); - } -} - -void AceDAO::removeWidgetDevCapSetting(const std::string &resource, - WidgetHandle handler) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - AceDevCap::Row rrow; - if (!getResourceByUri(resource, rrow)) { - ThrowMsg(Exception::DatabaseError, "resource not found"); - } - - ACE_DB_DELETE(del, - AceWidgetDevCapSetting, - &AceDaoUtilities::m_databaseInterface); - - Equals e1(handler); - Equals e2(rrow.Get_resource_id()); - del->Where(And(e1, e2)); - del->Execute(); - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings"); - } -} - - -void AceDAO::setPolicyResult(const BaseAttributeSet &attributes, - const ExtendedPolicyResult &exResult) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - - // TODO: this call is connected with logic. - // It should be moved to PolicyEvaluator - addAttributes(attributes); - - auto attrHash = convertToHash(attributes); - - ACE_DB_DELETE(del, AcePolicyResult, &AceDaoUtilities::m_databaseInterface) - del->Where(Equals(attrHash)); - del->Execute(); - - ACE_DB_INSERT(insert, AcePolicyResult, &AceDaoUtilities::m_databaseInterface); - AcePolicyResult::Row row; - row.Set_decision(PolicyResult::serialize(exResult.policyResult)); - row.Set_hash(attrHash); - row.Set_rule_id(exResult.ruleId); - insert->Values(row); - insert->Execute(); - - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to addVerdict"); - } -} - -void AceDAO::resetDatabase(void) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - ACE_DB_DELETE(del1, AcePolicyResult, &AceDaoUtilities::m_databaseInterface); - del1->Execute(); - ACE_DB_DELETE(del2, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface); - del2->Execute(); - ACE_DB_DELETE(del3, AceDevCap, &AceDaoUtilities::m_databaseInterface); - del3->Execute(); - ACE_DB_DELETE(del4, AceSubject, &AceDaoUtilities::m_databaseInterface); - del4->Execute(); - ACE_DB_DELETE(del5, AceAttribute, &AceDaoUtilities::m_databaseInterface); - del5->Execute(); - ACE_DB_DELETE(del6, AcePromptDecision, &AceDaoUtilities::m_databaseInterface); - del6->Execute(); - - transaction.Commit(); - - // TODO there is no such query yet in ORM. - // GlobalConnection::DataCommandAutoPtr command = - // GlobalConnectionSingleton::Instance().PrepareDataCommand( - // "VACUUM"); - // command->Step(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to resetDatabase"); - } -} - -void AceDAO::clearPolicyCache(void) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - ACE_DB_DELETE(del1, AcePolicyResult, &AceDaoUtilities::m_databaseInterface); - del1->Execute(); - ACE_DB_DELETE(del2, AceAttribute, &AceDaoUtilities::m_databaseInterface); - del2->Execute(); - ACE_DB_DELETE(del3, AcePromptDecision, &AceDaoUtilities::m_databaseInterface); - del3->Execute(); - - transaction.Commit(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to clearPolicyCache"); - } -} - -void AceDAO::clearDevCapSettings() -{ - Try { - ACE_DB_UPDATE(update, AceDevCap, &AceDaoUtilities::m_databaseInterface); - AceDevCap::Row row; - row.Set_general_setting(-1); - update->Values(row); - update->Execute(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to clearResourceSettings"); - } -} - -void AceDAO::clearWidgetDevCapSettings() -{ - Try { - ACE_DB_DELETE(del, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface); - del->Execute(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to clearUserSettings"); - } -} - -int AceDAO::addResource(const std::string &request) -{ - LogDebug("addResource: " << request); - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - AceDevCap::Row rrow; - if (getResourceByUri(request, rrow)) { - transaction.Commit(); - return rrow.Get_resource_id(); - } - - ACE_DB_INSERT(insert, AceDevCap, &AceDaoUtilities::m_databaseInterface); - AceDevCap::Row row; - row.Set_id_uri(DPL::FromUTF8String(request)); - row.Set_general_setting(-1); - insert->Values(row); - int id = insert->Execute(); - transaction.Commit(); - return id; - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in addResource"); - } -} - -void AceDAO::addAttributes(const BaseAttributeSet &attributes) -{ - Try { - BaseAttributeSet::const_iterator iter; - - for (iter = attributes.begin(); iter != attributes.end(); ++iter) { - ACE_DB_SELECT(select, AceAttribute, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(DPL::FromUTF8String( - *(*iter)->getName()))); - std::list rows = select->GetRowList(); - if (!rows.empty()) { - continue; - } - - ACE_DB_INSERT(insert, AceAttribute, &AceDaoUtilities::m_databaseInterface); - AceAttribute::Row row; - row.Set_name(DPL::FromUTF8String(*(*iter)->getName())); - row.Set_type(attributeTypeToInt((*iter)->getType())); - insert->Values(row); - insert->Execute(); - } - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in addAttributes"); - } -} - -void AceDAO::setRequestedDevCaps( - WidgetHandle widgetHandle, - const RequestedDevCapsMap &permissions) -{ - Try { - FOREACH(it, permissions) { - ACE_DB_INSERT(insert, AceRequestedDevCaps, - &AceDaoUtilities::m_databaseInterface); - AceRequestedDevCaps::Row row; - row.Set_app_id(widgetHandle); - row.Set_dev_cap(it->first); - row.Set_grant_smack(it->second ? 1 : 0); - insert->Values(row); - insert->Execute(); - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in setStaticDevCapPermissions"); - } -} - -void AceDAO::setAcceptedFeature( - WidgetHandle widgetHandle, - const FeatureNameVector &vector) -{ - Try { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - FOREACH(it, vector) { - ACE_DB_INSERT(insert, AceAcceptedFeature, - &AceDaoUtilities::m_databaseInterface); - AceAcceptedFeature::Row row; - row.Set_app_id(widgetHandle); - row.Set_feature(*it); - insert->Values(row); - insert->Execute(); - } - transaction.Commit(); - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in setAcceptedFeature"); - } -} - -void AceDAO::removeAcceptedFeature( - WidgetHandle widgetHandle) -{ - Try - { - ACE_DB_DELETE(del, AceAcceptedFeature, - &AceDaoUtilities::m_databaseInterface); - del->Where(Equals(widgetHandle)); - del->Execute(); - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in removeAcceptedFeature"); - } -} - -void AceDAO::registerWidgetInfo(WidgetHandle handle, - const WidgetRegisterInfo& info, - const WidgetCertificateDataList& dataList) -{ - Try - { - ScopedTransaction transaction(&AceDaoUtilities::m_databaseInterface); - - ACE_DB_INSERT(insert, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - WidgetInfo::Row wi; - wi.Set_app_id(handle); - wi.Set_widget_type(static_cast(info.type)); - wi.Set_widget_id(info.widget_id); - wi.Set_widget_version(info.version); - wi.Set_author_name(info.authorName); - wi.Set_share_href(info.shareHref); - insert->Values(wi); - insert->Execute(); - - WidgetCertificateDataList::const_iterator it; - for (it = dataList.begin(); it != dataList.end(); ++it) - { - WidgetCertificateFingerprint::Row wcf; - wcf.Set_app_id(handle); - wcf.Set_owner(it->owner); - wcf.Set_chainid(it->chainId); - wcf.Set_type(it->type); - wcf.Set_md5_fingerprint(DPL::FromUTF8String(it->strMD5Fingerprint)); - wcf.Set_sha1_fingerprint(DPL::FromUTF8String(it->strSHA1Fingerprint)); - wcf.Set_common_name(it->strCommonName); - ACE_DB_INSERT(insert, WidgetCertificateFingerprint, &AceDaoUtilities::m_databaseInterface); - insert->Values(wcf); - insert->Execute(); - } - transaction.Commit(); - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in registerWidgetInfo"); - } -} - -void AceDAO::unregisterWidgetInfo(WidgetHandle handle) -{ - if(AceDAO::isWidgetInstalled(handle)) { - Try - { - ACE_DB_DELETE(del, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - del->Where(Equals(handle)); - del->Execute(); - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in unregisterWidgetInfo"); - } - } -} - -} diff --git a/ace/dao/AceDAOConversions.cpp b/ace/dao/AceDAOConversions.cpp deleted file mode 100644 index 61e5a86..0000000 --- a/ace/dao/AceDAOConversions.cpp +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDaoConversions.h - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#include -#include - -#include - -namespace AceDB { - -DPL::String AceDaoConversions::convertToHash(const BaseAttributeSet &attributes) -{ - unsigned char attrHash[MD5_DIGEST_LENGTH]; - std::string attrString; - FOREACH(it, attributes) { - // [CR] implementation of it->toString() is not secure, 24.03.2010 - attrString.append((*it)->toString()); - } - - MD5((unsigned char *) attrString.c_str(), attrString.length(), attrHash); - - char attrHashCoded[MD5_DIGEST_LENGTH*2 + 1]; - for (int i = 0; i < MD5_DIGEST_LENGTH; ++i) { - sprintf(&attrHashCoded[i << 1], - "%02X", - static_cast(attrHash[i])); - } - return DPL::FromASCIIString(attrHashCoded); -} - - -} diff --git a/ace/dao/AceDAOReadOnly.cpp b/ace/dao/AceDAOReadOnly.cpp deleted file mode 100644 index 48e2c2b..0000000 --- a/ace/dao/AceDAOReadOnly.cpp +++ /dev/null @@ -1,570 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDAOReadOnlyReadOnly.cpp - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#include -#include - -#include -#include -#include -#include -#include - -using namespace DPL::DB::ORM; -using namespace DPL::DB::ORM::ace; -using namespace AceDB::AceDaoUtilities; -using namespace AceDB::AceDaoConversions; - -namespace AceDB { - -static const int DB_ALLOW_ALWAYS = 0; -static const int DB_ALLOW_FOR_SESSION = 1; -static const int DB_ALLOW_THIS_TIME = 2; -static const int DB_DENY_ALWAYS = 3; -static const int DB_DENY_FOR_SESSION = 4; -static const int DB_DENY_THIS_TIME = 5; - -static const int DB_APP_UNKNOWN = 0; -static const int DB_APP_WAC20 = 1; -static const int DB_APP_TIZEN = 2; - -int AceDAOReadOnly::promptDecisionToInt(PromptDecision decision) -{ - if (PromptDecision::ALLOW_ALWAYS == decision) { - return DB_ALLOW_ALWAYS; - } else if (PromptDecision::DENY_ALWAYS == decision) { - return DB_DENY_ALWAYS; - } else if (PromptDecision::ALLOW_THIS_TIME == decision) { - return DB_ALLOW_THIS_TIME; - } else if (PromptDecision::DENY_THIS_TIME == decision) { - return DB_DENY_THIS_TIME; - } else if (PromptDecision::ALLOW_FOR_SESSION == decision) { - return DB_ALLOW_FOR_SESSION; - } - // DENY_FOR_SESSION - return DB_DENY_FOR_SESSION; -} - -PromptDecision AceDAOReadOnly::intToPromptDecision(int dec) { - if (dec == DB_ALLOW_ALWAYS) { - return PromptDecision::ALLOW_ALWAYS; - } else if (dec == DB_DENY_ALWAYS) { - return PromptDecision::DENY_ALWAYS; - } else if (dec == DB_ALLOW_THIS_TIME) { - return PromptDecision::ALLOW_THIS_TIME; - } else if (dec == DB_DENY_THIS_TIME) { - return PromptDecision::DENY_THIS_TIME; - } else if (dec == DB_ALLOW_FOR_SESSION) { - return PromptDecision::ALLOW_FOR_SESSION; - } - // DB_DENY_FOR_SESSION - return PromptDecision::DENY_FOR_SESSION; -} - -int AceDAOReadOnly::appTypeToInt(AppTypes app_type) -{ - switch (app_type) { - case AppTypes::Unknown: - return DB_APP_UNKNOWN; - case AppTypes::WAC20: - return DB_APP_WAC20; - case AppTypes::Tizen: - return DB_APP_TIZEN; - default: - return DB_APP_UNKNOWN; - } - -} - -AppTypes AceDAOReadOnly::intToAppType(int app_type) -{ - switch (app_type) { - case DB_APP_UNKNOWN: - return AppTypes::Unknown; - case DB_APP_WAC20: - return AppTypes::WAC20; - case DB_APP_TIZEN: - return AppTypes::Tizen; - default: - return AppTypes::Unknown; - } -} - -void AceDAOReadOnly::attachToThreadRO() -{ - AceDaoUtilities::m_databaseInterface.AttachToThread( - DPL::DB::SqlConnection::Flag::RO); -} - -void AceDAOReadOnly::attachToThreadRW() -{ - AceDaoUtilities::m_databaseInterface.AttachToThread( - DPL::DB::SqlConnection::Flag::RW); -} - -void AceDAOReadOnly::detachFromThread() -{ - AceDaoUtilities::m_databaseInterface.DetachFromThread(); -} - -OptionalCachedPromptDecision AceDAOReadOnly::getPromptDecision( - WidgetHandle widgetHandle, - int ruleId) -{ - Try { - // get matching subject verdict - ACE_DB_SELECT(select, AcePromptDecision, &AceDaoUtilities::m_databaseInterface); - - select->Where( - And( - Equals(ruleId), - Equals(widgetHandle))); - - std::list rows = select->GetRowList(); - if (rows.empty()) { - return OptionalCachedPromptDecision(); - } - - AcePromptDecision::Row row = rows.front(); - CachedPromptDecision decision; - decision.decision = intToPromptDecision(row.Get_decision()); - decision.session = row.Get_session(); - - return OptionalCachedPromptDecision(decision); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getPromptDecision"); - } -} - -void AceDAOReadOnly::getAttributes(BaseAttributeSet *attributes) -{ - if (NULL == attributes) { - LogError("NULL pointer"); - return; - } - attributes->clear(); - std::string aname; - int type; - Try { - ACE_DB_SELECT(select, AceAttribute, &AceDaoUtilities::m_databaseInterface); - typedef std::list RowList; - RowList list = select->GetRowList(); - - FOREACH(i, list) { - BaseAttributePtr attribute(new BaseAttribute()); - DPL::String name = i->Get_name(); - aname = DPL::ToUTF8String(name); - type = i->Get_type(); - - attribute->setName(&aname); - attribute->setType(intToAttributeType(type)); - attributes->insert(attribute); - } - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getAttributes"); - } -} - -OptionalExtendedPolicyResult AceDAOReadOnly::getPolicyResult( - const BaseAttributeSet &attributes) -{ - - auto attrHash = convertToHash(attributes); - return getPolicyResult(attrHash); -} - -OptionalExtendedPolicyResult AceDAOReadOnly::getPolicyResult( - const DPL::String &attrHash) -{ - Try { - // get matching subject verdict - ACE_DB_SELECT(select, AcePolicyResult, &AceDaoUtilities::m_databaseInterface); - Equals e1(attrHash); - select->Where(e1); - - std::list rows = select->GetRowList(); - if (rows.empty()) { - return OptionalExtendedPolicyResult(); - } - - AcePolicyResult::Row row = rows.front(); - int decision = row.Get_decision(); - ExtendedPolicyResult res; - res.policyResult = PolicyResult::deserialize(decision); - res.ruleId = row.Get_rule_id(); - return OptionalExtendedPolicyResult(res); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getVerdict"); - } -} - -PreferenceTypes AceDAOReadOnly::getDevCapSetting(const std::string &resource) -{ - Try { - AceDevCap::Row row; - if (!getResourceByUri(resource, row)) { - return PreferenceTypes::PREFERENCE_DEFAULT; - } - return intToPreference(row.Get_general_setting()); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getResourceSetting"); - } -} - -void AceDAOReadOnly::getDevCapSettings(PreferenceTypesMap *globalSettingsMap) -{ - if (NULL == globalSettingsMap) { - LogError("Null pointer"); - return; - } - globalSettingsMap->clear(); - Try { - ACE_DB_SELECT(select, AceDevCap, &AceDaoUtilities::m_databaseInterface); - typedef std::list RowList; - RowList list = select->GetRowList(); - - FOREACH(i, list) { - PreferenceTypes p = intToPreference(i->Get_general_setting()); - globalSettingsMap->insert(make_pair(DPL::ToUTF8String( - i->Get_id_uri()), p)); - } - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getResourceSettings"); - } -} - -void AceDAOReadOnly::getWidgetDevCapSettings(BasePermissionList *outputList) -{ - if (NULL == outputList) { - LogError("NULL pointer"); - return; - } - outputList->clear(); - Try { - std::string resourceName; - PreferenceTypes allowAccess; - - ACE_DB_SELECT(select, - AceWidgetDevCapSetting, - &AceDaoUtilities::m_databaseInterface); - - typedef std::list RowList; - RowList list = select->GetRowList(); - - // TODO JOIN - FOREACH(i, list) { - int app_id = i->Get_app_id(); - int res_id = i->Get_resource_id(); - - ACE_DB_SELECT(resourceSelect, AceDevCap, &AceDaoUtilities::m_databaseInterface); - resourceSelect->Where(Equals(res_id)); - AceDevCap::Row rrow = resourceSelect->GetSingleRow(); - - resourceName = DPL::ToUTF8String(rrow.Get_id_uri()); - - if (!resourceName.empty()) { - allowAccess = intToPreference(i->Get_access_value()); - outputList->push_back( - BasePermission(app_id, - resourceName, - allowAccess)); - } - } - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to findUserSettings"); - } -} - -PreferenceTypes AceDAOReadOnly::getWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler) -{ - Try { - AceDevCap::Row rrow; - if (!getResourceByUri(resource, rrow)) { - return PreferenceTypes::PREFERENCE_DEFAULT; - } - int resourceId = rrow.Get_resource_id(); - - // get matching user setting - ACE_DB_SELECT(select, AceWidgetDevCapSetting, &AceDaoUtilities::m_databaseInterface); - - select->Where(And(Equals(resourceId), - Equals(handler))); - - std::list values = - select->GetValueList(); - if (values.empty()) { - return PreferenceTypes::PREFERENCE_DEFAULT; - } - return intToPreference(values.front()); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in getUserSetting"); - } -} - -void AceDAOReadOnly::getRequestedDevCaps( - WidgetHandle widgetHandle, - RequestedDevCapsMap *permissions) -{ - if (NULL == permissions) { - LogError("NULL pointer"); - return; - } - permissions->clear(); - Try { - ACE_DB_SELECT(select, AceRequestedDevCaps, - &AceDaoUtilities::m_databaseInterface); - select->Where( - Equals(widgetHandle)); - std::list list = select->GetRowList(); - - FOREACH(i, list) { - permissions->insert(std::make_pair(i->Get_dev_cap(), - i->Get_grant_smack() == 1)); - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getRequestedDevCaps"); - } -} - -void AceDAOReadOnly::getAcceptedFeature( - WidgetHandle widgetHandle, - FeatureNameVector *fvector) -{ - if (NULL == fvector) { - LogError("NULL pointer"); - return; - } - - fvector->clear(); - Try { - ACE_DB_SELECT(select, AceAcceptedFeature, - &AceDaoUtilities::m_databaseInterface); - select->Where( - Equals(widgetHandle)); - std::list list = select->GetRowList(); - - FOREACH(i, list) { - fvector->push_back(i->Get_feature()); - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getRequestedDevCaps"); - } -} - -AppTypes AceDAOReadOnly::getWidgetType(WidgetHandle handle) -{ - Try { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(handle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - DPL::OptionalInt res; - if (!rows.empty()) { - res = rows.front().Get_widget_type(); - AppTypes retType = (res.IsNull() ? AppTypes::Unknown : static_cast(*res)); - return retType; - } else { - LogDebug("Can not find widget type"); - return AppTypes::Unknown; - } - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getWidgetType"); - } -} - -std::string AceDAOReadOnly::getVersion(WidgetHandle widgetHandle) -{ - Try - { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(widgetHandle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - DPL::OptionalString res; - if(!rows.empty()) { - res = rows.front().Get_widget_version(); - return (res.IsNull() ? "" : DPL::ToUTF8String(*res)); - } else { - LogDebug("Widget not installed"); - return ""; - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getVersion"); - } -} - -std::string AceDAOReadOnly::getAuthorName(WidgetHandle widgetHandle) -{ - Try - { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(widgetHandle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - DPL::OptionalString res; - if(!rows.empty()) { - res = rows.front().Get_author_name(); - return (res.IsNull() ? "" : DPL::ToUTF8String(*res)); - } else { - LogDebug("Widget not installed"); - return ""; - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getAuthorName"); - } -} - -std::string AceDAOReadOnly::getGUID(WidgetHandle widgetHandle) -{ - Try - { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(widgetHandle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - DPL::OptionalString res; - if(!rows.empty()) { - res = rows.front().Get_widget_id(); - return (res.IsNull() ? "" : DPL::ToUTF8String(*res)); - } else { - LogDebug("Widget not installed"); - return ""; - } - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getGUID"); - } -} - -WidgetCertificateCNList AceDAOReadOnly::getKeyCommonNameList( - WidgetHandle widgetHandle, - WidgetCertificateData::Owner owner, - WidgetCertificateData::Type type) -{ - Try { - ACE_DB_SELECT(select, WidgetCertificateFingerprint, &AceDaoUtilities::m_databaseInterface); - select->Where(And(And( - Equals(widgetHandle), - Equals(owner)), - Equals(type))); - WidgetCertificateFingerprint::Select::RowList rows = select->GetRowList(); - - WidgetCertificateCNList out; - FOREACH(it, rows) - { - DPL::Optional cn = it->Get_common_name(); - out.push_back(cn.IsNull() ? "" : DPL::ToUTF8String(*cn)); - } - return out; - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getKeyCommonNameList"); - } -} - -FingerPrintList AceDAOReadOnly::getKeyFingerprints( - WidgetHandle widgetHandle, - WidgetCertificateData::Owner owner, - WidgetCertificateData::Type type) -{ - Try - { - ACE_DB_SELECT(select, WidgetCertificateFingerprint, &AceDaoUtilities::m_databaseInterface); - select->Where(And(And( - Equals(widgetHandle), - Equals(owner)), - Equals(type))); - WidgetCertificateFingerprint::Select::RowList rows = select->GetRowList(); - - FingerPrintList keys; - FOREACH(it, rows) - { - DPL::Optional sha1 = it->Get_sha1_fingerprint(); - if (!sha1.IsNull()) - keys.push_back(DPL::ToUTF8String(*sha1)); - DPL::Optional md5 = it->Get_md5_fingerprint(); - if (!md5.IsNull()) - keys.push_back(DPL::ToUTF8String(*md5)); - } - return keys; - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getKeyFingerprints"); - } -} - -std::string AceDAOReadOnly::getShareHref(WidgetHandle widgetHandle) -{ - Try - { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(widgetHandle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - - if(rows.empty()) - ThrowMsg(Exception::DatabaseError, "Cannot find widget. Handle: " << widgetHandle); - - DPL::Optional value = rows.front().Get_share_href(); - std::string ret = ""; - if(!value.IsNull()) - ret = DPL::ToUTF8String(*value); - return ret; - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to getShareHref"); - } -} - -WidgetHandleList AceDAOReadOnly::getHandleList() -{ - LogDebug("Getting DbWidgetHandle List"); - Try - { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - return select->GetValueList(); - } - Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed to list of widget handles"); - } -} - -bool AceDAOReadOnly::isWidgetInstalled(WidgetHandle handle) -{ - Try { - ACE_DB_SELECT(select, WidgetInfo, &AceDaoUtilities::m_databaseInterface); - select->Where(Equals(handle)); - WidgetInfo::Select::RowList rows = select->GetRowList(); - return !rows.empty() ? true : false; - } Catch(DPL::DB::SqlConnection::Exception::Base) { - ReThrowMsg(Exception::DatabaseError, "Failed in isWidgetInstalled"); - } -} - -} diff --git a/ace/dao/AceDAOUtilities.cpp b/ace/dao/AceDAOUtilities.cpp deleted file mode 100644 index 4d5292e..0000000 --- a/ace/dao/AceDAOUtilities.cpp +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDaoReadOnly.h - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#include -#include -#include - -#include -#include -#include - -namespace AceDB { - -namespace { -const char* ACE_DB_DATABASE = "/opt/dbspace/.ace.db"; -DPL::DB::SqlConnection::Flag::Type ACE_DB_FLAGS = - DPL::DB::SqlConnection::Flag::UseLucene; -} - -DPL::DB::ThreadDatabaseSupport AceDaoUtilities::m_databaseInterface( - ACE_DB_DATABASE, ACE_DB_FLAGS); - -BaseAttribute::Type AceDaoUtilities::intToAttributeType(int val) -{ - switch (val) { - case 0: - return BaseAttribute::Type::Subject; - case 1: - return BaseAttribute::Type::Environment; - case 2: - return BaseAttribute::Type::Resource; - case 3: - return BaseAttribute::Type::FunctionParam; - case 4: - return BaseAttribute::Type::WidgetParam; - - default: - Assert(0 && "Unknown Attribute type value"); - return BaseAttribute::Type::Subject; //remove compilation warrning - } -} - -int AceDaoUtilities::attributeTypeToInt(BaseAttribute::Type type) -{ - // we cannot cast enum -> int because this cast will be removed from next c++ standard - switch (type) { - case BaseAttribute::Type::Subject: - return 0; - case BaseAttribute::Type::Environment: - return 1; - case BaseAttribute::Type::Resource: - return 2; - case BaseAttribute::Type::FunctionParam: - return 3; - case BaseAttribute::Type::WidgetParam: - return 4; - - default: - Assert(0 && "Unknown Attribute type!"); - return 0; //remove compilation warrning - } -} - -int AceDaoUtilities::preferenceToInt(PreferenceTypes p) -{ - switch (p) { - case PreferenceTypes::PREFERENCE_PERMIT: - return 1; - case PreferenceTypes::PREFERENCE_DENY: - return 0; - case PreferenceTypes::PREFERENCE_BLANKET_PROMPT: - return 2; - case PreferenceTypes::PREFERENCE_SESSION_PROMPT: - return 3; - case PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT: - return 4; - - default: - return -1; - } -} - -PreferenceTypes AceDaoUtilities::intToPreference(int p) -{ - switch (p) { - case 1: - return PreferenceTypes::PREFERENCE_PERMIT; - case 0: - return PreferenceTypes::PREFERENCE_DENY; - case 2: - return PreferenceTypes::PREFERENCE_BLANKET_PROMPT; - case 3: - return PreferenceTypes::PREFERENCE_SESSION_PROMPT; - case 4: - return PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT; - - default: - return PreferenceTypes::PREFERENCE_DEFAULT; - } -} - -VerdictTypes AceDaoUtilities::intToVerdict(int v) -{ - switch (v) { - case -1: - return VerdictTypes::VERDICT_UNKNOWN; - case 0: - return VerdictTypes::VERDICT_DENY; - case 1: - return VerdictTypes::VERDICT_PERMIT; - case 2: - return VerdictTypes::VERDICT_INAPPLICABLE; - - default: - Assert(0 && "Cannot convert int to verdict"); - return VerdictTypes::VERDICT_UNKNOWN; // remove compile warrning - } -} - -int AceDaoUtilities::verdictToInt(VerdictTypes v) -{ - switch (v) { - case VerdictTypes::VERDICT_UNKNOWN: - return -1; - case VerdictTypes::VERDICT_DENY: - return 0; - case VerdictTypes::VERDICT_PERMIT: - return 1; - case VerdictTypes::VERDICT_INAPPLICABLE: - return 2; - - default: - Assert(0 && "Unknown Verdict value"); - return -1; // remove compile warrning - } -} - -bool AceDaoUtilities::getSubjectByUri(const std::string &uri, - DPL::DB::ORM::ace::AceSubject::Row &row) -{ - using namespace DPL::DB::ORM; - using namespace DPL::DB::ORM::ace; - ACE_DB_SELECT(select, AceSubject, &m_databaseInterface); - select->Where(Equals(DPL::FromUTF8String(uri))); - std::list rows = select->GetRowList(); - if (rows.empty()) { - return false; - } - - row = rows.front(); - return true; -} - -bool AceDaoUtilities::getResourceByUri(const std::string &uri, - DPL::DB::ORM::ace::AceDevCap::Row &row) -{ - using namespace DPL::DB::ORM; - using namespace DPL::DB::ORM::ace; - ACE_DB_SELECT(select, AceDevCap, &m_databaseInterface); - select->Where(Equals(DPL::FromUTF8String(uri))); - std::list rows = select->GetRowList(); - if (rows.empty()) { - return false; - } - - row = rows.front(); - return true; -} - - -} diff --git a/ace/dao/AceDatabase.cpp b/ace/dao/AceDatabase.cpp deleted file mode 100644 index 6c91951..0000000 --- a/ace/dao/AceDatabase.cpp +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file AceDatabase.cpp - * @author Lukasz Marek (l.marek@samsung.com) - * @version 1.0 - * @brief This file contains the declaration of ace database - */ - -#include - -DPL::Mutex g_aceDbQueriesMutex; diff --git a/ace/dao/BaseAttribute.cpp b/ace/dao/BaseAttribute.cpp deleted file mode 100644 index e15785c..0000000 --- a/ace/dao/BaseAttribute.cpp +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file BaseAttribute.cpp - * @author Lukasz Marek (l.marek@samsung.com) - * @version 0.1 - * @brief - */ - -#include -#include - -#include - -namespace AceDB { - -const char* BaseAttribute::typeToString(Type type) -{ - const char * ret = NULL; - switch (type) { - case Type::Resource: - ret = "resource"; - break; - case Type::Subject: - ret = "subject"; - break; - case Type::Environment: - ret = "environment"; - break; - default: - ret = "unknown type"; - break; - } - - return ret; -} - -std::string BaseAttribute::toString() const -{ - std::string ret; - const char * SEPARATOR = ";"; - - ret.append(m_name); - ret.append(SEPARATOR); - ret.append(typeToString(m_typeId)); - ret.append(SEPARATOR); - if (m_undetermindState) { - ret.append("true"); - } else { - ret.append("false"); - } - ret.append(SEPARATOR); - for (std::list::const_iterator it = value.begin(); - it != value.end(); - ++it) { - std::stringstream num; - num << it->size(); - ret.append(num.str()); - ret.append(SEPARATOR); - ret.append(*it); - ret.append(SEPARATOR); - } - - return ret; -} - -} diff --git a/ace/dao/CMakeLists.txt b/ace/dao/CMakeLists.txt deleted file mode 100644 index 013608f..0000000 --- a/ace/dao/CMakeLists.txt +++ /dev/null @@ -1,82 +0,0 @@ - -SET(ACE_DAO_DEPS_LIST - dpl-efl - dpl-db-efl - ecore - appcore-efl - openssl - vconf - db-util - libpcrecpp - icu-uc - libxml-2.0 - ) - -PKG_CHECK_MODULES(ACE_DAO_DEPS ${ACE_DAO_DEPS_LIST} REQUIRED) - -set(ACE_SRC_DIR ${PROJECT_SOURCE_DIR}/ace/dao) - -set(ACE_DAO_RO_SOURCES - ${ACE_SRC_DIR}/AceDAOReadOnly.cpp - ${ACE_SRC_DIR}/AceDAOUtilities.cpp - ${ACE_SRC_DIR}/AceDAOConversions.cpp - ${ACE_SRC_DIR}/BaseAttribute.cpp - ${ACE_SRC_DIR}/AceDatabase.cpp - ${ACE_SRC_DIR}/PromptModel.cpp -) - -set(ACE_DAO_RW_SOURCES - ${ACE_SRC_DIR}/AceDAO.cpp -) - -INCLUDE_DIRECTORIES(${ACE_SRC_DIR}) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/include) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/orm) -INCLUDE_DIRECTORIES(${ACE_DAO_DEPS_INCLUDE_DIRS}) - -ADD_LIBRARY(${TARGET_ACE_DAO_RO_LIB} SHARED - ${ACE_DAO_RO_SOURCES} -) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RO_LIB} PROPERTIES - COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h") - -target_link_libraries(${TARGET_ACE_DAO_RO_LIB} - ${TARGET_DPL_EFL} - ${TARGET_DPL_DB_EFL} - ${ACE_DAO_DEPS_LIBRARY} - ${ACE_DAO_DEPS_LDFLAGS} -) - -ADD_LIBRARY(${TARGET_ACE_DAO_RW_LIB} SHARED - ${ACE_DAO_RW_SOURCES} -) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -SET_TARGET_PROPERTIES(${TARGET_ACE_DAO_RW_LIB} PROPERTIES - COMPILE_FLAGS "-include ${CMAKE_BINARY_DIR}/ace/database_checksum_ace.h") - -target_link_libraries(${TARGET_ACE_DAO_RW_LIB} - ${ACE_DAO_DEPS_LIST_LIBRARIES} - ${TARGET_ACE_DAO_RO_LIB} -) - -INSTALL(TARGETS ${TARGET_ACE_DAO_RO_LIB} - DESTINATION lib) - -INSTALL(TARGETS ${TARGET_ACE_DAO_RW_LIB} - DESTINATION lib) - diff --git a/ace/dao/PromptModel.cpp b/ace/dao/PromptModel.cpp deleted file mode 100644 index ece84c6..0000000 --- a/ace/dao/PromptModel.cpp +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* @file PromptModel.cpp - * @author Justyna Mejzner (j.kwiatkowsk@samsung.com) - * @author Jaroslaw Osmanski (j.osmanski@samsung.com) - * @version 1.0 - * - */ - -#include - -#include -#include -#include - -namespace { - -const char INFO[] = "Widget requires access to:"; -const char DENY[] = "Deny"; -const char ALLOW[] = "Permit"; - -const char BLANKET_CHECKBOX_LABEL[] = "Keep setting as permanent"; -const char SESSION_CHECKBOX_LABEL[] = "Remember for one run"; - -Prompt::ButtonLabels aceQuestionLabel = {DENY, ALLOW}; - -static Prompt::PromptLabels* getModel( - Prompt::PromptModel::PromptType promptType, - const std::string& resourceId) -{ - std::string strLabel; - strLabel = INFO; - strLabel += "
"; - strLabel += resourceId; - - return new Prompt::PromptLabels(promptType, aceQuestionLabel, strLabel); -} - -Prompt::Validity fromPromptTypeToValidity(int aPromptType, bool checkClicked) -{ - using namespace Prompt; - PromptModel::PromptType promptTypeEnum = - static_cast(aPromptType); - switch (promptTypeEnum) { - case PromptModel::PROMPT_ONESHOT: - return Validity::ONCE; - case PromptModel::PROMPT_SESSION: - if (checkClicked) - { - return Validity::SESSION; - } - else - { - return Validity::ONCE; - } - case PromptModel::PROMPT_BLANKET: - if (checkClicked) - { - return Validity::ALWAYS; - } - else - { - return Validity::ONCE; - } - default: - Assert(0); - return Validity::ONCE; - } -} -} // namespace anonymous - -namespace Prompt { - - -PromptLabels::PromptLabels(int promptType, - const Prompt::ButtonLabels& questionLabel, - const std::string& mainLabel) : - m_promptType(promptType), - m_buttonLabels(questionLabel), - m_mainLabel(mainLabel) -{ - -} - -int PromptLabels::getPromptType() const -{ - return m_promptType; -} -const ButtonLabels& PromptLabels::getButtonLabels() const -{ - return m_buttonLabels; -} -const std::string& PromptLabels::getMainLabel() const -{ - return m_mainLabel; -} - -DPL::OptionalString PromptLabels::getCheckLabel() const -{ - if (PromptModel::PROMPT_BLANKET == m_promptType) - { - return DPL::OptionalString( - DPL::FromUTF8String(BLANKET_CHECKBOX_LABEL)); - } - else if (PromptModel::PROMPT_SESSION == m_promptType) - { - return DPL::OptionalString( - DPL::FromUTF8String(SESSION_CHECKBOX_LABEL)); - } - - return DPL::OptionalString::Null; -} - -bool PromptLabels::isAllowed(const size_t buttonClicked) const -{ - Assert(buttonClicked < aceQuestionLabel.size() && - "Button Clicked number is not in range of questionLabel"); - - return aceQuestionLabel[buttonClicked] == ALLOW; -} - -PromptAnswer::PromptAnswer(bool isAccessAllowed, Validity validity) : - m_isAccessAllowed(isAccessAllowed), - m_validity(validity) -{ - -} - -PromptAnswer::PromptAnswer( - int aPromptType, unsigned int buttonAns, bool checkAns) -{ - Assert(buttonAns < aceQuestionLabel.size() && - "Button Clicked number is not in range of questionLabel"); - - m_isAccessAllowed = aceQuestionLabel[buttonAns] == ALLOW; - m_validity = fromPromptTypeToValidity(aPromptType, checkAns); -} - -bool PromptAnswer::isAccessAllowed() const -{ - return m_isAccessAllowed; -} - -Validity PromptAnswer::getValidity() const -{ - return m_validity; -} - -PromptLabels* PromptModel::getOneShotModel(const std::string& resourceId) -{ - return getModel(PROMPT_ONESHOT, resourceId); -} - -PromptLabels* PromptModel::getSessionModel(const std::string& resourceId) -{ - return getModel(PROMPT_SESSION, resourceId); -} - -PromptLabels* PromptModel::getBlanketModel(const std::string& resourceId) -{ - return getModel(PROMPT_BLANKET, resourceId); -} - - -} // Prompt diff --git a/ace/engine/Attribute.cpp b/ace/engine/Attribute.cpp deleted file mode 100644 index 56cfc44..0000000 --- a/ace/engine/Attribute.cpp +++ /dev/null @@ -1,886 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include -#include -#include - -const bool Attribute::alpha[256] = { - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, - 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0 -}; -const bool Attribute::digit[256] = { - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0 -}; - -const bool Attribute::mark[256] = { - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0 -}; - -bool Attribute::searchAndCut(const char *str) -{ - //TODO - size_t pos = m_name.rfind(str); - if (pos == std::string::npos) { - return false; - } - if ((strlen(str) + pos) == m_name.size()) { - m_name.erase(pos, std::string::npos); - return true; - } - return false; -} - -Attribute::Attribute(const std::string *name, - const Match matchFunc, - const Type type_) : - matchFunction(matchFunc) -{ - m_name = *name; - m_typeId = type_; - m_undetermindState = false; - if (matchFunction != Match::Equal - && matchFunction != Match::Glob - && matchFunction != Match::Regexp) - { - //LogDebug("MID: " << matchFunction); - Assert(0 && "Match function problem"); - } - - if (searchAndCut(".scheme")) { - modifierFunction = Modifier::Scheme; - } else if (searchAndCut(".authority")) { - modifierFunction = Modifier::Authority; - } else if (searchAndCut(".scheme-authority")) { - modifierFunction = Modifier::SchemeAuthority; - } else if (searchAndCut(".host")) { - modifierFunction = Modifier::Host; - } else if (searchAndCut(".path")) { - modifierFunction = Modifier::Path; - } else { - modifierFunction = Modifier::Non; - } -} - -static Attribute::MatchResult equal_comparator(const std::string *first, - const std::string *second) -{ - if((*first) == (*second)) { - return Attribute::MatchResult::MRTrue; - } - return Attribute::MatchResult::MRFalse; -} - -static Attribute::MatchResult glob_comparator(const std::string *first, - const std::string *second) -{ - // order is important - if (!fnmatch(first->c_str(), second->c_str(), 0)) { - return Attribute::MatchResult::MRTrue; - } - return Attribute::MatchResult::MRFalse; -} - -static Attribute::MatchResult regexp_comparator(const std::string *first, - const std::string *second) -{ - // order is important - pcrecpp::RE re(first->c_str()); - if (re.FullMatch(second->c_str())) { - return Attribute::MatchResult::MRTrue; - } - return Attribute::MatchResult::MRFalse; -} - -Attribute::MatchResult Attribute::lists_comparator( - const std::list *first, - const std::list *second, - Attribute::MatchResult (*comparator)(const std::string *, - const std::string *)) const -{ - //NOTE: BONDI defines all availabe matching function as: if some string from first input bag - //matches some input string from second input bag, so it's required to find only one matching string - MatchResult result = MatchResult::MRFalse; - - for (std::list::const_iterator second_iter = second->begin(); - (second_iter != second->end()) && (result != MatchResult::MRTrue); - ++second_iter) - { - std::string *modified_value = applyModifierFunction(&(*second_iter)); - //Value was not an URI, it will be removed from the string bag (ignored) - if (modified_value == NULL) { - continue; - } - - for (std::list::const_iterator first_iter = first->begin(); - first_iter != first->end(); - ++first_iter) { - //Compare attributes - if ((*comparator)(&(*first_iter), modified_value) == MatchResult::MRTrue) { - result = MatchResult::MRTrue; - break; //Only one match is enough - } - } - if (modified_value) { - delete modified_value; - modified_value = NULL; - } - } - - if (result == MatchResult::MRTrue) { - LogDebug("Returning TRUE"); - } else if (result == MatchResult::MRFalse) { - LogDebug("Returning FALSE"); - } else if (result == MatchResult::MRUndetermined) { - LogDebug("Returning UNDETERMINED"); - } - return result; -} - -std::string * Attribute::applyModifierFunction(const std::string * val) const -{ - std::string * result = NULL; - switch (modifierFunction) { - case Modifier::Scheme: - result = uriScheme(val); - break; - case Modifier::Authority: - result = uriAuthority(val); - break; - case Modifier::SchemeAuthority: - result = uriSchemeAuthority(val); - break; - case Modifier::Host: - result = uriHost(val); - break; - case Modifier::Path: - result = uriPath(val); - break; - default: - result = new std::string(*val); - } - - return result; -} - -/** - * this - attribute obtained from xmlPolicy tree - * attribute - attribute obtained from PIP - */ -Attribute::MatchResult Attribute::matchAttributes( - const BaseAttribute *attribute) const -{ - std::string tempNam = *(attribute->getName()); - std::string tempVal; - std::string myVal; - - if (!(attribute->getValue()->empty())) { - tempVal = attribute->getValue()->front(); - } - - if (!(this->value.empty())) { - myVal = this->value.front(); - } - - LogDebug("Comparing attribute: " << this->m_name << "(" << - myVal << ") with: " << tempNam << - "(" << tempVal << ")"); - - Assert( - (this->m_name == *(attribute->getName())) && - "Two completely different attributes are being compared!"); - Assert( - (this->m_typeId == attribute->getType()) && - "Two completely different attributes are being compared!"); - - if (attribute->isUndetermind()) { - LogDebug("Attribute match undetermined"); - return MatchResult::MRUndetermined; - } - - //Regardles the algorithm used, if we have empty - //bag the result is always false - if (this->isValueEmpty() || attribute->isValueEmpty()) { - if (this->isValueEmpty()) { - LogDebug("empty bag in condition comparing"); - } - if (attribute->isValueEmpty()) { - LogDebug("empty bag in attribute comparing"); - } - return MatchResult::MRFalse; - } - - if (this->matchFunction == Match::Equal) { - return lists_comparator(&(this->value), - attribute->getValue(), - equal_comparator); - } else if (this->matchFunction == Match::Glob) { - return lists_comparator(&(this->value), - attribute->getValue(), - glob_comparator); - } else if (this->matchFunction == Match::Regexp) { - return lists_comparator(&(this->value), - attribute->getValue(), - regexp_comparator); - } //[CR] Change to Assert - Assert(false && " ** Critical :: no match function selected!"); - return MatchResult::MRFalse; // to remove compilator warning -} - -void Attribute::addValue(const std::string *val) -{ - this->getValue()->push_back(*val); -} - -std::ostream & operator<<(std::ostream & out, - const Attribute & attr) -{ - out << "attr: m_name: " << *(attr.getName()) - << " type: " << Attribute::typeToString(attr.getType()) - << " value: "; - if (attr.m_undetermindState) { - out << "Undetermined"; - } else if (attr.getValue()->empty()) { - out << "Empty string bag"; - } else { - FOREACH (it, *attr.getValue()) { - out << *it; - } - } - return out; -} - -bool -Attribute::parse(const std::string *input, - std::string *val) const -{ - static const char *pattern = - "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"; - pcrecpp::RE re(pattern); - re.FullMatch(input->c_str(), &val[0], &val[1], - &val[2], &val[3], &val[4], - &val[5], &val[6], &val[7], &val[8]); - -#ifdef ALL_LOGS - for (int i = 0; i < 9; i++) { - LogDebug("val " << i << " :" << val[i]); - } -#endif - - if (find_error(val)) { - LogDebug("Input is not an URI " << *input); - for (int i = 0; i < 9; ++i) { - val[i].clear(); - } - return false; - } - - return true; -} - -Attribute::~Attribute() -{ -} - -std::string * Attribute::uriScheme(const std::string *input) const -{ - std::string part[9]; - if (!parse(input, part)) { - return NULL; - } - return new string(part[1]); -} - -std::string * -Attribute::uriAuthority(const std::string *input) const -{ - std::string part[9]; - if (!parse(input, part)) { - return NULL; - } - return new string(part[3]); -} - -std::string * -Attribute::uriSchemeAuthority(const std::string *input) const -{ - std::string part[9]; - if (!parse(input, part)) { - return NULL; - } - - if (part[0].size() == 0 || part[2].size() == 0) { - return new std::string(); - } - return new string(part[0] + part[2]); -} - -std::string * -Attribute::uriHost(const std::string *input) const -{ - std::string part[9]; - if (!parse(input, part)) { - return NULL; - } - return getHost(&(part[3])); -} - -std::string * -Attribute::uriPath(const std::string *input) const -{ - //TODO right now uriPath leaves leading '/' in uri, this slash is removed from the string - //it's not clear if leading '/' is a part of path component or only the separator - std::string part[9]; - if (!parse(input, part)) { - return NULL; - } - - std::string * temp = NULL; - - if (part[4].at(0) == '/') { - temp = new string(part[4].substr(1, part[4].length() - 1)); - } else { - temp = new string(part[4]); - } - - return temp; -} - -bool Attribute::find_error(const std::string *tab) const -{ - //We are checking tab[1] which contains scheme without ':' at the end - if (!checkScheme(&(tab[1]))) { - LogDebug("Check scheme failed, URI is invalid"); - return true; //error found - } - if (!checkAuthority(&(tab[3]))) { - LogDebug("Check authority failed, URI is invalid"); - return true; //error found - } - - if (!checkPath(&(tab[4]))) { - LogDebug("Check path failed, URI is invalid"); - return true; //error found - } - - return false; -} - -bool Attribute::checkScheme(const std::string *part) const -{ - Assert(part != NULL && "Checking NULLable string. This should never happen"); - - bool result = true; - - //TODO change part->at to data=part->c_str() - //TODO can scheme be empty? In absolute URI no, in relative URI yes - if (part->empty()) { - //Empty string is a correct schema - result = true; - } else if (alpha[(int) (part->at(0))] == 0) { - result = false; // First scheme character must be alpha - } else { - // rest must be alpha or digit or '+' or '-' or '.' - for (unsigned int i = 1; i < part->size(); ++i) { - int c = static_cast(part->at(i)); - if (!isSchemeAllowedCharacter(c)) { - result = false; - break; - } - } - } - return result; -} - -bool Attribute::checkAuthority(const std::string *part) const -{ - Assert(part != NULL && "Checking NULLable string. This should never happen"); - - //Server is a subset of reg_m_names so here we only check if authority matches reg_m_name - //Additional check if authority is a valid 'server' component is done in getHost - if (part->empty()) { - return true; //empty authority is valid uri - } - bool result = true; - - const char * data = part->c_str(); - for (size_t i = 0; i < part->length(); ++i) { - int c = (int) data[i]; - if (isUnreserved(c)) { - continue; - } - if (c == '$') { - continue; - } - if (c == ',') { - continue; - } - if (c == ';') { - continue; - } - if (c == ':') { - continue; - } - if (c == '@') { - continue; - } - if (c == '&') { - continue; - } - if (c == '=') { - continue; - } - if (c == '+') { - continue; - } - if (c == '%') { - if (isEscaped(data + i)) { - i += 2; //rewind the two escaped characters - continue; - } - } - result = false; - break; - } - - return result; -} - -std::string * Attribute::getHost(const std::string *part) const -{ - if (part->empty()) { - return new std::string(""); - } - - //Check userinfo - size_t userInfoPos = part->find("@"); - if (userInfoPos != std::string::npos) { - std::string data = part->substr(0, userInfoPos); - if (!isUserInfoAllowedString(&data)) { - return new string(""); //the authority is not composed of 'server' part - } - } - - std::string host; - //If we use host modifier then authority is composed of 'server' part so - //the port must contain only digits - size_t portPos = part->find(":"); - if (portPos != std::string::npos) { - for (unsigned int i = portPos + 1; i < part->size(); ++i) { - if (!digit[(int) part->at(i)]) { - return new string(""); //the authority is not composed of 'server' part - } - } - host = part->substr(userInfoPos + 1, portPos - (userInfoPos + 1)); - } else { - host = part->substr(userInfoPos + 1, part->length() - (userInfoPos + 1)); - } - - if (!isHostAllowedString(&host)) { - //Even if the string is not allowed for host this can still be a valid uri - return new string(""); - } - - return new std::string(host); -} - -bool Attribute::checkPath(const std::string *part) const -{ - bool result = true; - - const char * data = part->c_str(); - - for (unsigned int i = 0; i < part->size(); ++i) { - int c = data[i]; - if (c == '/') { - //If we found slash then the next character must be a part of segment - //It cannot be '/' so we have to check it immediately - i++; - c = data[i]; - if (!isSegmentAllowedCharacter(c)) { - result = false; - break; - } - } else if (c == ';') { - //Start param part of segment - i++; //Param can be empty so we don't have to check what's right after semicolon - continue; - } else if (c == '%') { - //We have to handle escaped characters differently than other segment allowed characters - //because we need an array - if (isEscaped(data + i)) { - i += 2; - } else { - result = false; - break; - } - } else { - if (!isSegmentAllowedCharacter(c)) { - result = false; - break; - } - } - } - - return result; -} - -bool Attribute::isSchemeAllowedCharacter(int c) const -{ - bool result = false; - if (isAlphanum(c)) { - result = true; - } else if (c == '+') { - result = true; - } else if (c == '-') { - result = true; - } else if (c == '.') { - result = true; - } - - return result; -} - -bool Attribute::isSegmentAllowedCharacter(int c) const -{ - bool result = true; - - // LogDebug("Checking is segment allowed for char "<<(char)c); - - if (isUnreserved(c)) { //do nothing, result = true - } else if (c == ':') { //do nothing, result = true - } else if (c == '@') { //do nothing, result = true - } else if (c == '&') { //do nothing, result = true - } else if (c == '=') { //do nothing, result = true - } else if (c == '+') { //do nothing, result = true - } else if (c == '$') { //do nothing, result = true - } else if (c == ',') { //do nothing, result = true - } else { - result = false; - } - - return result; -} - -bool Attribute::isUserInfoAllowedString(const std::string * str) const -{ - bool result = false; - - const char * data = str->c_str(); - - for (unsigned int i = 0; i < str->length(); ++i) { - int c = data[i]; - if (isUnreserved(c)) { - result = true; - } else if (c == '%') { - //isEsacped method checks if we don't cross array bounds, so we can - //safely give data[i] here - result = isEscaped((data + i)); - if (result == false) { - break; - } - i += 2; //rewind the next two characters sEsacped method checks if we don't cross array bounds, so we can safely rewind - } else if (c == ',') { - result = true; - } else if (c == '$') { - result = true; - } else if (c == '+') { - result = true; - } else if (c == '=') { - result = true; - } else if (c == '&') { - result = true; - } else if (c == '@') { - result = true; - } else if (c == ':') { - result = true; - } - } - return result; -} - -bool Attribute::isUnreserved(int c) const -{ - return isAlphanum(c) || mark[c]; -} - -bool Attribute::isAlphanum(int c) const -{ - return alpha[c] || digit[c]; -} - -bool Attribute::isHex(int c) const -{ - bool result = false; - - if (digit[c]) { - result = true; - } else if (c == 'A') { - result = true; - } else if (c == 'B') { - result = true; - } else if (c == 'C') { - result = true; - } else if (c == 'D') { - result = true; - } else if (c == 'E') { - result = true; - } else if (c == 'F') { - result = true; - } else if (c == 'a') { - result = true; - } else if (c == 'b') { - result = true; - } else if (c == 'c') { - result = true; - } else if (c == 'd') { - result = true; - } else if (c == 'e') { - result = true; - } else if (c == 'f') { - result = true; - } - - return result; -} - -bool Attribute::isEscaped(const char esc[3]) const -{ - if (esc == NULL) { - return false; - } - - if ((esc[0] == 0) || (esc[1] == 0) || (esc[2] == 0)) { - //We get an array that seems to be out of bounds. - //To be on the safe side return here - LogDebug("HEX NULLS"); - return false; - } - - if (esc[0] != '%') { - LogDebug( - "Error: first character of escaped value must be a precent but is " - << - esc[0]); - return false; - } - -#ifdef ALL_LOGS - for (int i = 0; i < 3; i++) { - LogDebug("HEX " << esc[i]); - } -#endif - return isHex((int) esc[1]) && isHex((int) esc[2]); -} - -bool Attribute::isHostAllowedString(const std::string * str) const -{ - bool result = true; - - if (digit[(int) str->at(0)]) { - //IPv4 address - result = isIPv4AllowedString(str); - } else { - //Hostname - result = isHostNameAllowedString(str); - } - - return result; -} - -bool Attribute::isIPv4AllowedString(const std::string * str) const -{ - LogDebug("Is hostIPv4 allowed String for " << *str); - - const char * data = str->c_str(); - bool result = true; - int digitCounter = 0; - int dotCounter = 0; - - for (unsigned int i = 0; i < str->length(); ++i) { - if (data[i] == '.') { - dotCounter++; - digitCounter = 0; - } else if (digit[(int) data[i]]) { - digitCounter++; - if ((digitCounter > 3) || !digitCounter) { - result = false; - break; - } - } else { - result = false; - break; - } - } - if (dotCounter != 3) { - result = false; - } - return result; -} - -bool Attribute::isHostNameAllowedString(const std::string * str) const -{ - LogDebug("Is hostname allowed String for " << *str); - - int lastPosition = 0; //the position of last dot + 1 - const char * data = str->c_str(); - bool finalDot = false; - size_t end = str->length(); - bool result = false; - - for (size_t i = 0; i < end; ++i) { - if (data[i] == '.') { - if (i == str->length() - 1) { //ending dot - //There can be a leading '.' int the hostm_name - finalDot = true; - break; - } else { - //we found domain label - if (!isDomainLabelAllowedString(data + lastPosition, i - - lastPosition)) { - result = false; - goto end; - } - lastPosition = i + 1; //Set position to position of last dot + 1 - } - } - } - - if (finalDot) { - //we have to rewind one position to check the rightmost string - //but only in case we find final dot - end--; - } - //Compare only the rightmost string aaa.bbbb.rightmostString. - result = isTopLabelAllowedString(data + lastPosition, end - lastPosition); - -end: - - if (result) { - LogInfo("Hostname is allowed"); - } else { - LogInfo("Hostname is NOT allowed"); - } - - return result; -} - -bool Attribute::isDomainLabelAllowedString(const char * data, - int length) const -{ - LogDebug( - "Is domain allowed String for " << data << " taking first " << - length << - " chars"); - - if (!isAlphanum((int) data[0]) || !isAlphanum((int) data[length - 1])) { - return false; - } - - for (int i = 0; i < length; i++) { - if ((!isAlphanum(data[i])) && !(data[i] == '-')) { - return false; - } - } - return true; -} - -bool Attribute::isTopLabelAllowedString(const char * data, - int length) const -{ - if ((!alpha[(int) data[0]]) || (!isAlphanum((int) data[length - 1]))) { - return false; - } - - for (int i = 1; i < length - 1; i++) { - if ((!isAlphanum(data[i])) && !(data[i] == '-')) { - return false; - } - } - return true; -} - -void printAttributes(const AttributeSet& attrs) -{ - if (attrs.empty()) { - LogWarning("Empty attribute set"); - } else { - LogDebug("PRINT ATTRIBUTES:"); - for (AttributeSet::const_iterator it = attrs.begin(); - it != attrs.end(); - ++it) - { - LogDebug("name: " << *(*it)->getName()); - } - } -} - -void printAttributes(const std::list & attrs) -{ - if (attrs.empty()) { - LogWarning("Empty attribute set"); - } else { - LogDebug("PRINT ATTRIBUTES:"); - for (std::list::const_iterator it = attrs.begin(); - it != attrs.end(); - ++it - ) { - LogDebug(*it); - } - } -} - -//KW const char * matchResultToString(Attribute::MatchResult result){ -//KW -//KW const char * ret = NULL; -//KW -//KW switch(result){ -//KW -//KW case Attribute::MRTrue: -//KW ret = "true"; -//KW break; -//KW case Attribute::MRFalse: -//KW ret = "false"; -//KW break; -//KW case Attribute::MRUndetermined: -//KW ret = "undetermined"; -//KW break; -//KW default: -//KW ret = "Wrong match result"; -//KW } -//KW -//KW return ret; -//KW -//KW } diff --git a/ace/engine/CombinerImpl.cpp b/ace/engine/CombinerImpl.cpp deleted file mode 100644 index bbd179c..0000000 --- a/ace/engine/CombinerImpl.cpp +++ /dev/null @@ -1,333 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : CombinerImpl.cpp -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#include -#include -#include - -#include -#include -#include - -namespace { - -bool denyOverridesPredecessor( - const ExtendedEffect &first, - const ExtendedEffect &second) -{ - if (first.getEffect() == second.getEffect()) - return first.getRuleId() < second.getRuleId(); - return first.getEffect() < second.getEffect(); -} - -bool permitOverridePredecessor( - const ExtendedEffect &first, - const ExtendedEffect &second) -{ - if (first.getEffect() == second.getEffect()) - return first.getRuleId() < second.getRuleId(); - return first.getEffect() > second.getEffect(); -} - -} //anonymous namespace - -ExtendedEffect CombinerImpl::denyOverrides(const ExtendedEffectList &effects) -{ - if (isError(effects)) { - return Error; - } - - ExtendedEffect result(Inapplicable); - - FOREACH(it, effects) { - if (denyOverridesPredecessor(*it, result)) { - result = *it; - } - } - return result; -} - -ExtendedEffect CombinerImpl::permitOverrides(const ExtendedEffectList &effects) -{ - if (isError(effects)) { - return Error; - } - - // This magic number must be bigger that the bigest ruleId number from policy file. - ExtendedEffect result(Deny, 999999); - - //Flag used to indicate that any of Deny,prompt-*,permit options appear - //Consequently if flag is true then result should be return, otherwise inapplicable should be returned - bool flag = false; - bool flagUndetermined = false; - - FOREACH(it,effects) { - ExtendedEffect effect = *it; - - if (effect.getEffect() == Permit) { - return effect; - } // no need for further check if "permit" found - if (effect.getEffect() == Undetermined) { - flagUndetermined = true; - } //check for undetermined - - //Set the flag and the result even if effect is equal to result - //It is done to mark if any "Deny" effect occured - if (permitOverridePredecessor(effect, result) - && effect.getEffect() != Inapplicable - && effect.getEffect() != Undetermined) - { - result = effect; - flag = true; - } - } - - if (flagUndetermined) { - return ExtendedEffect(Undetermined); - } - - if (!flag) { - return ExtendedEffect(Inapplicable); - } - return result; -} - -ExtendedEffect CombinerImpl::firstApplicable( - const ExtendedEffectList & effects) -{ - if (isError(effects)) { - return Error; - } - - FOREACH(it,effects) { - if (it->getEffect() != Inapplicable) { - return *it; - } - } - return Inapplicable; -} - -ExtendedEffect CombinerImpl::firstMatchingTarget( - const ExtendedEffectList &effects) -{ - if (isError(effects)) { - return Error; - } - // effect list constains result of policies which target has been matched. - // - // If target does not match policy result is NotMatchingTarget - // NotMatchingTarget values are not stored on the effects list - // (you can check it in combinePolicies function). - // - // So we are intrested in first value on the list. - return effects.empty() ? Inapplicable : effects.front(); -} - -bool CombinerImpl::isError(const ExtendedEffectList &effects) -{ - FOREACH(it, effects) - { - if (Error == it->getEffect()) { - return true; - } - } - return false; -} - -ExtendedEffect CombinerImpl::combineRules(const TreeNode * policy) -{ - const Policy * policyObj = dynamic_cast(policy->getElement()); - if (!policyObj) { - LogError("dynamic_cast failed. PolicyObj is null."); - return Error; - } - - Policy::CombineAlgorithm algorithm = policyObj->getCombineAlgorithm(); - - Assert( - algorithm != Policy::FirstTargetMatching && - "Policy cannot have algorithm first target matching"); - - bool isUndetermined = false; - - if (!checkIfTargetMatches(policyObj->getSubjects(), isUndetermined)) { - if (isUndetermined) { - //TODO Target is undetermined what should we do now ?? - //Right now simply return NotMatchingTarget - } - //Target doesn't match - return NotMatchingTarget; - } - //Get all rules - const ChildrenSet & children = policy->getChildrenSet(); - ChildrenConstIterator it = children.begin(); - ExtendedEffectList effects; - - while (it != children.end()) { - const Rule * rule = dynamic_cast((*it)->getElement()); - - if (!rule) { - LogError("Error in dynamic_cast. rule is null"); - return ExtendedEffect(Error); - } - - ExtendedEffect effect = rule->evaluateRule(this->getAttributeSet()); - effects.push_back(effect); - if (algorithm == Policy::FirstApplicable && effect.getEffect() != Inapplicable) { - //For first applicable algorithm we may stop after evaluating first policy - //which has effect other than inapplicable - break; - } - ++it; - } //end policy children iteration - - //Use combining algorithm - ExtendedEffect ef = combine(policyObj->getCombineAlgorithm(), effects); - return ef; -} - -//WARNING this method makes an assumption that Policy target is a policy child -ExtendedEffect CombinerImpl::combinePolicies(const TreeNode * policy) -{ - const Policy * policySet = dynamic_cast(policy->getElement()); - - if (!policySet) { - LogError("dynamic_cast failed. Policy set is null."); - return Error; - } - - bool isUndetermined = false; - Policy::CombineAlgorithm algorithm = policySet->getCombineAlgorithm(); - - if (!checkIfTargetMatches(policySet->getSubjects(), isUndetermined)) { - /* I can't explain this... - if (isUndetermined) { - if (algorithm == Policy::FirstTargetMatching) { - return Undetermined; - } - } - */ - //Target doesn't match - return NotMatchingTarget; - } - - const ChildrenSet & children = policy->getChildrenSet(); - - ExtendedEffectList effects; - - FOREACH(it, children) { - ExtendedEffect effect; - - if ((*it)->getTypeID() == TreeNode::PolicySet) { - effect = combinePolicies(*it); - if (effect.getEffect() != NotMatchingTarget) { - effects.push_back(effect); - } - } else if ((*it)->getTypeID() == TreeNode::Policy) { - effect = combineRules(*it); - if (effect.getEffect() != NotMatchingTarget) { - effects.push_back(effect); - } - } else { - // [CR] fix it - LogError("effect value is not initialized!"); - return ExtendedEffect(Error); - } - - if (algorithm == Policy::FirstTargetMatching - && effect.getEffect() != NotMatchingTarget) - { - //In First matching target algorithm we may return when first result is found - break; - } - } - - //Use combining algorithm - return combine(policySet->getCombineAlgorithm(), effects); -} - -ExtendedEffect CombinerImpl::combine( - Policy::CombineAlgorithm algorithm, - ExtendedEffectList &effects) -{ - LogDebug("Effects to be combined with algorithm: " << ::toString(algorithm)); - showEffectList(effects); - - switch (algorithm) { - case Policy::DenyOverride: - return denyOverrides(effects); - break; - case Policy::PermitOverride: - return permitOverrides(effects); - break; - case Policy::FirstApplicable: - return firstApplicable(effects); - break; - case Policy::FirstTargetMatching: - return firstMatchingTarget(effects); - break; - default: - Assert(false && "Wrong combining algorithm used"); - return Error; - } -} - -/** - * - * @param attrSet set of Subject attributes in policy that identifies target - * @return true if target is determined and matches, false and isUndertmined is set to true if the target is undetermined - * false and isUndetermined set to false if target is determined but doesn't match - */ -bool CombinerImpl::checkIfTargetMatches( - const std::list * subjectsList, - bool &isUndetermined) -{ - if (subjectsList->empty()) { - return true; - } - - std::list::const_iterator it = subjectsList->begin(); - bool match = false; - //According to BONDI 1.0 at least one target must match - while (it != subjectsList->end()) { - match = (*it)->matchSubject(this->getAttributeSet(), isUndetermined); - if (match) { //at least one match - break; - } - ++it; - } - - #ifdef _DEBUG - if (match == Attribute::MRTrue) { - LogDebug("Target matches "); - } else if (match == Attribute::MRUndetermined) { - LogDebug("Target match undetermined "); - } else { - LogDebug("Target doesn't match"); - } - #endif - return match; -} - diff --git a/ace/engine/Condition.cpp b/ace/engine/Condition.cpp deleted file mode 100644 index e6121a4..0000000 --- a/ace/engine/Condition.cpp +++ /dev/null @@ -1,236 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// File: Condition.cpp -// Author: notroot -// -// Created on June 3, 2009, 9:00 AM -// - -#include -#include -#include -#include - -/** - * Check if attribute in condition matches the values obtained from PIP - * attrSet - attributes from PIP - */ - -Attribute::MatchResult Condition::evaluateCondition( - const AttributeSet * attrSet) const -{ - //Condition may include either matches of attributes or other conditions - //in this method all attributes are matched at first and if possible the - //condition is evaluated. If evaluation is not possible based solely on - //attributes then we start recursion into child conditions. - - Attribute::MatchResult match; - bool undeterminedMatchFound = false; - bool isFinalMatch = false; - - LogDebug("Attributes to be matched"); - printAttributes(*attrSet); - LogDebug("Condition attributes values"); - printAttributes(attributes); - - if (this->isEmpty()) { - LogDebug("Condition is empty, returning true"); - //Condition is empty, it means it evaluates to TRUE - return Attribute::MatchResult::MRTrue; - } - - match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound); - if (isFinalMatch) { - LogDebug("Evaluate attributes returning verdict" ) ; //<< match); - return match; - } - - match = evaluateChildConditions(attrSet, - isFinalMatch, - undeterminedMatchFound); - if (isFinalMatch) { - LogDebug("Evaluate child conditions returning verdict" ); // << match); - return match; - } - - if (undeterminedMatchFound) { - //If any child condition/attribute-match was undetermined and - //so far we couldn't make a decision then we must return undetermined - LogDebug("Evaluate condition returning MRUndetermined"); - return Attribute::MatchResult::MRUndetermined; - } - - if (this->isAndCondition()) { - match = Attribute::MatchResult::MRTrue; - } else if (this->isOrCondition()) { - match = Attribute::MatchResult::MRFalse; - } else { - Assert(false && "Condition has to be either AND or OR"); - } - return match; -} - -// KW Attribute::MatchResult Condition::performORalgorithm(const std::set* attrSet) const{ -// KW -// KW Attribute::MatchResult match; -// KW bool undeterminedMatchFound = false; -// KW bool isFinalMatch = false; -// KW -// KW LogDebug("Performing OR algorithm"); -// KW -// KW match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound); -// KW if(isFinalMatch){ -// KW LogDebug("OR algorithm evaluate attributes returning verdict" << match); -// KW return match; -// KW } -// KW -// KW match = evaluateChildConditions(attrSet, isFinalMatch, undeterminedMatchFound); -// KW if(isFinalMatch){ -// KW return match; -// KW } -// KW -// KW if(undeterminedMatchFound){ -// KW //If any child condition/attribute-match was undetermined and -// KW //so far we couldn't make a decision then we must return undetermined -// KW LogDebug("OR algorithm returning MRUndetermined"); -// KW return Attribute::MRUndetermined; -// KW } -// KW -// KW LogDebug("OR algorithm returning MRFalse"); -// KW return Attribute::MRFalse; -// KW } - -// KW Attribute::MatchResult Condition::performANDalgorithm(const std::set* attrSet) const{ -// KW -// KW -// KW Attribute::MatchResult match; -// KW bool undeterminedMatchFound = false; -// KW bool isFinalMatch = false; -// KW -// KW LogDebug("Performing AND algorithm"); -// KW match = evaluateAttributes(attrSet, isFinalMatch, undeterminedMatchFound); -// KW if(isFinalMatch){ -// KW LogDebug("AND algorithm evaluate attributes returning verdict" << match); -// KW return match; -// KW } -// KW match = evaluateChildConditions(attrSet, isFinalMatch, undeterminedMatchFound); -// KW if(isFinalMatch){ -// KW LogDebug("AND algorithm evaluate child returning verdict " << match); -// KW return match; -// KW } -// KW if(undeterminedMatchFound){ -// KW //If any child condition/attribute-match was undetermined and -// KW //so far we couldn't make a decision then we must return undetermined -// KW LogDebug("AND algorithm returning Undetermined"); -// KW return Attribute::MRUndetermined; -// KW } -// KW -// KW LogDebug("AND algorithm returning MRTrue"); -// KW return Attribute::MRTrue; -// KW -// KW } - -Attribute::MatchResult Condition::evaluateAttributes( - const AttributeSet * attrSet, - bool& isFinalMatch, - bool & undeterminedMatchFound) const -{ - Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined; - - std::list::const_iterator condIt = this->attributes.begin(); - while (condIt != this->attributes.end()) { - //Find the value of needed attribute, based on attribute name - AttributeSet::const_iterator attr = - std::find_if(attrSet->begin(), - attrSet->end(), - AceDB::BaseAttribute::UnaryPredicate(&(*condIt))); - if (attr == attrSet->end()) { - LogError("Couldn't find required attribute. This should not happen"); - Assert( - false && - "Couldn't find attribute required in condition. This should not happen" - "This means that some attributes has not been obtained from PIP"); - //Return undetermined here because it seems one of the attributes is unknown/undetermined - isFinalMatch = true; - match = Attribute::MatchResult::MRUndetermined; - break; - } - - match = condIt->matchAttributes(&(*(*attr))); - if ((match == Attribute::MatchResult::MRFalse) && isAndCondition()) { - //FALSE match found in AND condition - isFinalMatch = true; - break; - } else if ((match == Attribute::MatchResult::MRTrue) && isOrCondition()) { - //TRUE match found in OR condition - isFinalMatch = true; - break; - } else if (match == Attribute::MatchResult::MRUndetermined) { - //Just mark that there was undetermined value found - undeterminedMatchFound = true; - } - ++condIt; - } - - return match; -} - -Attribute::MatchResult Condition::evaluateChildConditions( - const AttributeSet * attrSet, - bool& isFinalMatch, - bool & undefinedMatchFound) const -{ - Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined; - - std::list::const_iterator it = conditions.begin(); - while (it != conditions.end()) { - match = it->evaluateCondition(attrSet); - - if ((match == Attribute::MatchResult::MRFalse) && isAndCondition()) { - //FALSE match found in AND condition - LogDebug("Child conditions results MRFalse)"); - isFinalMatch = true; - break; - } else if ((match == Attribute::MatchResult::MRTrue) && isOrCondition()) { - //TRUE match found in OR condition - LogDebug("Child conditions result MRTrue"); - isFinalMatch = true; - break; - } else if (match == Attribute::MatchResult::MRUndetermined) { - undefinedMatchFound = true; - } - ++it; - } - - return match; -} - -void Condition::getAttributes(AttributeSet * attrSet) -{ - //Get attributes from current condition - FOREACH (it, attributes) - { - AceDB::BaseAttributePtr attr(new Attribute(it->getName(), it->getMatchFunction(), it->getType())); - attrSet->insert(attr); - } - //Get attributes from any child conditions - FOREACH (it, conditions) - { - it->getAttributes(attrSet); - } -} - diff --git a/ace/engine/ConfigurationManager.cpp b/ace/engine/ConfigurationManager.cpp deleted file mode 100644 index f1edffb..0000000 --- a/ace/engine/ConfigurationManager.cpp +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include -#include -#include -#include -#include -#include - -using namespace std; - -namespace { -const string currentXMLSchema("bondixml.xsd"); -} - -ConfigurationManager * ConfigurationManager::instance = NULL; - - -string ConfigurationManager::getCurrentPolicyFile(void) const -{ - LogError("ConfigurationManager::getCurrentPolicyFile is DEPRECATED"); - return ""; -} - -string ConfigurationManager::getFullPathToCurrentPolicyFile(void) const -{ - LogError("ConfigurationManager::getFullPathToCurrentPolicyFile" - "is DEPRECATED"); - return ""; -} - -string ConfigurationManager::getFullPathToCurrentPolicyXMLSchema(void) const -{ - LogError("ConfigurationManager::getFullPathToCurrentPolicyXMLSchema" - "is DEPRECATED"); - return ""; -} - -int ConfigurationManager::addPolicyFile(const string &) -{ - LogError("ConfigurationManager::addPolicyFile is DEPRECATED"); - return CM_GENERAL_ERROR; -} - -int ConfigurationManager::removePolicyFile(const string&) -{ - LogError("ConfigurationManager::removePolicyFile is DEPRECATED"); - return CM_GENERAL_ERROR; -} - -int ConfigurationManager::changeCurrentPolicyFile(const string&) -{ - LogError("ConfigurationManager::changeCurrentPolicyFile is DEPRECATED"); - return CM_GENERAL_ERROR; -} - -string ConfigurationManager::extractFilename(const string&) const -{ - LogError("ConfigurationManager::extractFilename is DEPRECATED"); - return ""; -} - - -int ConfigurationManager::parse(const string&) -{ - LogError("ConfigurationManager::parse is DEPRECATED"); - return CM_GENERAL_ERROR; -} - -bool ConfigurationManager::copyFile(FILE*, FILE*, int) const -{ - LogError("ConfigurationManager::copyFile is DEPRECATED"); - return false; -} - -bool ConfigurationManager::checkIfFileExistst(const string&) const -{ - LogError("ConfigurationManager::checkIfFileExistst is DEPRECATED"); - return false; -} - -const list & ConfigurationManager::getPolicyFiles() const -{ - LogError("ConfigurationManager::getPolicyFiles is DEPRECATED"); - static list aList; - return aList; -} - -const string & ConfigurationManager::getConfigFile() const -{ - LogError("ConfigurationManager::getConfigFile is DEPRECATED"); - static string returnString(""); - return returnString; -} - -string ConfigurationManager::getFullPathToPolicyFile(PolicyType policy) const -{ - string storagePath = getStoragePath(); - string fileName; - - switch (policy) { - case PolicyType::WAC2_0: { - fileName = ACE_WAC_POLICY_FILE_NAME; - break; } - case PolicyType::Tizen: { - fileName = ACE_TIZEN_POLICY_FILE_NAME; - break; } - default: { - LogError("Invalid policy file requested"); - return ""; } - } - - return storagePath + fileName; -} - -string ConfigurationManager::getFullPathToPolicyXMLSchema() const -{ - string storagePath = getStoragePath(); - if (*(storagePath.rbegin()) == '/') - { - return storagePath + currentXMLSchema; - } - return storagePath + "/" + currentXMLSchema; -} - -string ConfigurationManager::getStoragePath(void) const -{ - return ACE_MAIN_STORAGE; -} diff --git a/ace/engine/Policy.cpp b/ace/engine/Policy.cpp deleted file mode 100644 index 7443090..0000000 --- a/ace/engine/Policy.cpp +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Policy.cpp -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#include - -Policy::~Policy() -{ - for (std::list::iterator it = subjects->begin(); - it != subjects->end(); - ++it) { - delete *it; - } - delete subjects; -} - -void Policy::printData() -{ - std::string subject; - if (subjects != NULL && subjects->size()) { - subject = (subjects->front())->getSubjectId(); - } - std::string algorithm = printCombineAlgorithm(this->combineAlgorithm); - - std::cout << "subject: " << subject << " algorithm: " << algorithm << - std::endl; -} - -std::string Policy::printCombineAlgorithm(CombineAlgorithm algorithm) -{ - switch (algorithm) { - case DenyOverride: - return "DenyOverride"; - case PermitOverride: - return "PermitOverride"; - case FirstApplicable: - return "FirstApplicable"; - case FirstTargetMatching: - return "FirstTargetMatching"; - default: - return "ERROR: Wrong Algorithm"; - } -} - -const char * toString(Policy::CombineAlgorithm algorithm) -{ - switch (algorithm) { - case Policy::DenyOverride: - return "DenyOverride"; - case Policy::PermitOverride: - return "PermitOverride"; - case Policy::FirstApplicable: - return "FirstApplicable"; - case Policy::FirstTargetMatching: - return "FirstTargetMatching"; - default: - return "ERROR: Wrong Algorithm"; - } -} diff --git a/ace/engine/PolicyEnforcementPoint.cpp b/ace/engine/PolicyEnforcementPoint.cpp deleted file mode 100644 index 1db8488..0000000 --- a/ace/engine/PolicyEnforcementPoint.cpp +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file security_logic.cpp - * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com) - * @author Ming Jin(ming79.jin@samsung.com) - * @version 1.0 - * @brief Implementation file for security logic - */ -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include - -PolicyEnforcementPoint::PolicyEnforcementPoint() : - m_wrt(0), - m_res(0), - m_sys(0), - m_pdp(0), - m_pip(0) -{} - -void PolicyEnforcementPoint::terminate() -{ - LogInfo("PolicyEnforcementPoint is being deinitialized."); - - delete m_sys; - delete m_res; - delete m_wrt; - delete m_pdp; - delete m_pip; - m_sys = 0; - m_res = 0; - m_wrt = 0; - m_pdp = 0; - m_pip = 0; -} - -PolicyEnforcementPoint::~PolicyEnforcementPoint() -{ - Assert((m_sys == 0) && "You must run " - "PolicyEnforcementPoint::Deinitialize before exit program!"); -} - -void PolicyEnforcementPoint::initialize( - IWebRuntime *wrt, - IResourceInformation *resource, - IOperationSystem *operation) -{ - if (m_wrt) { - ThrowMsg(PEPException::AlreadyInitialized, - "Policy Enforcement Point is already initialzed"); - } - - m_wrt = wrt; - m_res = resource; - m_sys = operation; - - if (this->m_pip != NULL) { - this->m_pip->update(m_wrt, m_res, m_sys); - return; - } - - this->m_pip = new PolicyInformationPoint(wrt, m_res, m_sys); - this->m_pdp = new PolicyEvaluator(m_pip); - - if (!this->m_pdp->initPDP()) { - Assert(0); - } -} - -ExtendedPolicyResult PolicyEnforcementPoint::check(Request &request) -{ - return m_pdp->getPolicyForRequest(request); -} - -void PolicyEnforcementPoint::updatePolicy(const std::string &policy) -{ - LogDebug("ACE updatePolicy: " << policy); - int errorCode = 0; - - if (m_pdp == NULL) { - LogError("Evaluator not set. Ignoring message."); - Assert(false && "UpdateClient error on receiving event"); - } else { - LogDebug("Emitting update signal."); - errorCode = m_pdp->updatePolicy(policy.c_str()); - } - - LogDebug("Sending reponse: " << errorCode); -} - -void PolicyEnforcementPoint::updatePolicy() -{ - LogDebug("ACE updatePolicy"); - if (m_pdp == NULL) { - LogError("Evaluator not set. Ignoring message."); - } else { - m_pdp->updatePolicy(); - } -} - -OptionalExtendedPolicyResult PolicyEnforcementPoint::checkFromCache(Request &request) -{ - return m_pdp->getPolicyForRequestFromCache(request); -} - -OptionalExtendedPolicyResult PolicyEnforcementPoint::check(Request &request, - bool fromCacheOnly) -{ - return m_pdp->getPolicyForRequest(request, fromCacheOnly); -} diff --git a/ace/engine/PolicyEvaluator.cpp b/ace/engine/PolicyEvaluator.cpp deleted file mode 100644 index 73d2f6e..0000000 --- a/ace/engine/PolicyEvaluator.cpp +++ /dev/null @@ -1,544 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : PolicyEvaluator.cpp -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -using namespace AceDB; - -PolicyEvaluator::~PolicyEvaluator() -{ - delete m_combiner; -} - -PolicyEvaluator::PolicyEvaluator(PolicyInformationPoint * pip) : - m_uniform_policy(NULL), - m_wac_policy(NULL), - m_tizen_policy(NULL), - m_policy_to_use(PolicyType::WAC2_0), - m_combiner(new CombinerImpl()), - m_verdictListener(NULL), - m_pip(pip) -{} - -bool PolicyEvaluator::initPDP() -{ - updatePolicy(); - // TODO change return value someday to void? - return true; -} - -bool PolicyEvaluator::fillAttributeWithPolicy() -{ - if (m_attributeSet.empty()) { - if (!extractAttributes(m_uniform_policy)) { - LogInfo("Warning attribute set cannot be extracted. " - "Returning Deny"); - return false; - } - // Adding widget type attribute to distinguish WAC/Tizen widgets - /** - * This special attribute of WidgetParam type is handled - * in PolicyInformationPoint, it is based on WidgetType - * fron WRT database. - * - * It is needed to distinguish cached policy results and cached prompt - * responses for different policies (WAC/Tizen/any possible - * other in the future). - */ - AceDB::BaseAttributePtr attribute(new AceDB::BaseAttribute()); - attribute->setName(POLICY_WIDGET_TYPE_ATTRIBUTE_NAME); - attribute->setType(AceDB::BaseAttribute::Type::WidgetParam); - m_attributeSet.insert(attribute); - AceDAO::addAttributes(m_attributeSet); - } else { - LogDebug("Required attribute set already loaded"); - } - return true; -} - -PolicyResult PolicyEvaluator::effectToPolicyResult(Effect effect) -{ - if (Effect::Deny == effect) { - return PolicyEffect::DENY; - } - if (Effect::Undetermined == effect) { - return PolicyResult::Value::UNDETERMINED; - } - if (Effect::PromptOneShot == effect) { - return PolicyEffect::PROMPT_ONESHOT; - } - if (Effect::PromptSession == effect) { - return PolicyEffect::PROMPT_SESSION; - } - if (Effect::PromptBlanket == effect) { - return PolicyEffect::PROMPT_BLANKET; - } - if (Effect::Permit == effect) { - return PolicyEffect::PERMIT; - } - if (Effect::Inapplicable == effect) { - return PolicyDecision::Value::NOT_APPLICABLE; - } - return PolicyEffect::DENY; -} - -OptionalExtendedPolicyResult PolicyEvaluator::getPolicyForRequestInternal( - bool fromCacheOnly) -{ - //ADD_PROFILING_POINT("Search cached verdict in database", "start"); - - OptionalExtendedPolicyResult result = AceDAO::getPolicyResult(m_attributeSet); - - //ADD_PROFILING_POINT("Search cached verdict in database", "stop"); - - if (fromCacheOnly || !result.IsNull()) { - return result; - } - - //ADD_PROFILING_POINT("EvaluatePolicy", "start"); - - ExtendedEffect policyEffect = evaluatePolicies(getCurrentPolicyTree()); - - //ADD_PROFILING_POINT("EvaluatePolicy", "stop"); - - LogDebug("Policy effect is: " << toString(policyEffect.getEffect())); - - ExtendedPolicyResult exResult( - effectToPolicyResult(policyEffect.getEffect()), - policyEffect.getRuleId()); - - AceDAO::setPolicyResult(this->m_attributeSet, exResult); - return OptionalExtendedPolicyResult(exResult); -} - -// +----------------+---------+---------+------+--------+ -// |\User setting | PERMIT | PROMPT* | DENY | DEF | -// | \ | | | | | -// |Policy result\ | | | | | -// |----------------+---------+---------+------+--------+ -// |PERMIT | PERMIT | PROMPT* | DENY | PERMIT | -// |----------------+---------+---------+------+--------+ -// |PROMPT* | PROMPT* | PR MIN | DENY | PROMPT*| -// |----------------+---------+---------+------+--------+ -// |DENY | DENY | DENY | DENY | DENY | -// |----------------+---------+---------+------+--------+ -// |UNDETERMIND | UNDET | UNDET | DENY | UNDET | -// |----------------+---------+---------+------+--------+ -// |NOT_AP | PEMIT | PROMPT* | DENY | NOT_AP | -// +----------------+---------+---------+------+--------+ - -static PolicyResult getMostRestrict( - PreferenceTypes globalPreference, - const PolicyResult &policyResult) -{ - if (globalPreference == PreferenceTypes::PREFERENCE_PERMIT - && policyResult == PolicyEffect::PERMIT) { - return PolicyEffect::PERMIT; - } - - if (globalPreference == PreferenceTypes::PREFERENCE_DENY - || policyResult == PolicyEffect::DENY) { - return PolicyEffect::DENY; - } - - if (policyResult == PolicyResult::UNDETERMINED) { - return PolicyResult::UNDETERMINED; - } - - if (globalPreference == PreferenceTypes::PREFERENCE_DEFAULT) { - return policyResult; - } - - if (globalPreference == PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT - || policyResult == PolicyEffect::PROMPT_ONESHOT) { - return PolicyEffect::PROMPT_ONESHOT; - } - - if (globalPreference == PreferenceTypes::PREFERENCE_SESSION_PROMPT - || policyResult == PolicyEffect::PROMPT_SESSION) { - return PolicyEffect::PROMPT_SESSION; - } - - if (globalPreference == PreferenceTypes::PREFERENCE_BLANKET_PROMPT - || policyResult == PolicyEffect::PROMPT_BLANKET) { - return PolicyEffect::PROMPT_BLANKET; - } - - return PolicyEffect::PERMIT; -} - -OptionalExtendedPolicyResult PolicyEvaluator::getPolicyForRequestFromCache( - const Request &request) -{ - return getPolicyForRequest(request, true); -} - -ExtendedPolicyResult PolicyEvaluator::getPolicyForRequest(const Request &request) -{ - auto result = this->getPolicyForRequest(request, false); - Assert(!result.IsNull() - && "Policy always has to be evaluated to valid state"); - return *result; -} - -OptionalExtendedPolicyResult PolicyEvaluator::getPolicyForRequest( - const Request &request, - bool fromCacheOnly) -{ - //ADD_PROFILING_POINT("getPolicyForRequest", "start"); - m_attributeSet.clear(); - - switch (request.getAppType()) { - case Request::APP_TYPE_TIZEN: - m_policy_to_use = PolicyType::Tizen; - LogDebug("==== Using Tizen policy ===="); - break; - case Request::APP_TYPE_WAC20: - m_policy_to_use = PolicyType::WAC2_0; - LogDebug("==== Using WAC policy ===="); - break; - default: - LogError("Unsupported(unknown) widget type. Access denied."); - return OptionalExtendedPolicyResult( - ExtendedPolicyResult(PolicyEffect::DENY)); - } - - try { - // Check which attributes should be used - // memory alocated, free in destructor - //ADD_PROFILING_POINT("getAttributes", "start"); - AceDB::AceDAO::getAttributes(&m_attributeSet); - //ADD_PROFILING_POINT("getAttributes", "stop"); - - // If attributes can't be resolved then check the policy - if (!fillAttributeWithPolicy()) { - //ADD_PROFILING_POINT("getPolicyForRequest", "stop"); - return OptionalExtendedPolicyResult( - ExtendedPolicyResult(PolicyEffect::DENY)); - } - - //ADD_PROFILING_POINT("getAttributesValues", "start"); - m_pip->getAttributesValues(&request, &m_attributeSet); - //ADD_PROFILING_POINT("getAttributesValues", "stop"); - LogDebug("==== Attributes set by PIP ===="); - printAttributes(m_attributeSet); - LogDebug("==== End of attributes set by PIP ===="); - - OptionalExtendedPolicyResult policyResult = getPolicyForRequestInternal( - fromCacheOnly); - - if (policyResult.IsNull()) { - if (!fromCacheOnly) { - LogError("Policy evaluated to NULL value"); - Assert(false && "Policy evaluated to NULL value"); - } - return OptionalExtendedPolicyResult::Null; - } - LogDebug("==== getPolicyForRequestInternal result (PolicyResult): " - << policyResult->policyResult << "====="); - - PreferenceTypes globalPreference = - SettingsLogic::findGlobalUserSettings(request); - - auto ret = getMostRestrict(globalPreference, policyResult->policyResult); - //ADD_PROFILING_POINT("getPolicyForRequest", "stop"); - return OptionalExtendedPolicyResult( - ExtendedPolicyResult(ret, policyResult->ruleId)); - - } catch (AceDB::AceDAO::Exception::DatabaseError &e) { - LogError("Database error"); - DPL::Exception::DisplayKnownException(e); - //ADD_PROFILING_POINT("getPolicyForRequest", "stop"); - return OptionalExtendedPolicyResult( - ExtendedPolicyResult(PolicyEffect::DENY)); - } -} - -bool PolicyEvaluator::extractAttributes(TreeNode* policyTree) -{ - if (NULL == policyTree) { - return false; - } - - //We check if root target matches. In general the root's target should - //be empty. Otherwise it would have to have all the subjects available - //specified but just to be on the safe side (and for tests) this checking - const Policy * policy = - dynamic_cast(policyTree->getElement()); - Assert(policy != NULL - && "Policy element has been null while attribute extracting"); - - extractTargetAttributes(policy); - extractAttributesFromSubtree(policyTree); //Enter recursion - - return true; -} - -void PolicyEvaluator::extractTargetAttributes(const Policy *policy) -{ - std::list::const_iterator it = - policy->getSubjects()->begin(); - for (; it != policy->getSubjects()->end(); ++it) { - const std::list & attrList = (*it)->getTargetAttributes(); - FOREACH(it2, attrList) - { - BaseAttributePtr attr( - new Attribute((*it2).getName(), (*it2).getMatchFunction(), - (*it2).getType())); - m_attributeSet.insert(attr); - } - } -} - -TreeNode * PolicyEvaluator::getCurrentPolicyTree() -{ - TreeNode * currentPolicy = NULL; - switch (m_policy_to_use) { - case PolicyType::Tizen: { - currentPolicy = m_tizen_policy; - break;} - case PolicyType::WAC2_0: { - currentPolicy = m_wac_policy; - break;} - default: { - LogError("Invalid policy type to use");} - } - return currentPolicy; -} - -/** - * - * @param *root - the root of the original (full) subtree of politics - * @param *newRoot - the pointer to the root of the copy (reduced) subtree of politics - */ -void PolicyEvaluator::extractAttributesFromSubtree(const TreeNode *root) -{ - const ChildrenSet & children = root->getChildrenSet(); - - for (std::list::const_iterator it = children.begin(); - it != children.end(); ++it) { - TreeNode * node = *it; - if (node->getTypeID() != TreeNode::Policy - && node->getTypeID() != TreeNode::PolicySet) { - //It is not a policy so we may be sure that we have already - //checked that SubjectId matches - //Add new node to new tree and extract attributes - - extractAttributesFromRules(node); - } else { //TreeNode is a Policy or PolicySet - const Policy * policy = - dynamic_cast(node->getElement()); - //We will be needing also the attributes from target - if (policy) { - extractTargetAttributes(policy); - } else { - LogError(" extractAttributesFromSubtree policy=NULL"); - } - //Enter recursion - extractAttributesFromSubtree(node); - } - } -} - -bool PolicyEvaluator::extractAttributesFromRules(const TreeNode *root) -{ - Assert(root->getTypeID() == TreeNode::Rule - && "Tree structure, extracting attributes from node that is not a rule"); - Rule * rule = dynamic_cast(root->getElement());Assert - (rule != NULL); - //Get attributes from rule - rule->getAttributes(&m_attributeSet); - - //[CR] consider returned value, because its added only to eliminate errors - return true; -} - -ExtendedEffect PolicyEvaluator::evaluatePolicies(const TreeNode * root) -{ - if (root == NULL) { - LogInfo("Error: policy tree doesn't exist. " - "Probably xml file is missing"); - return Deny; - } - - if (m_attributeSet.empty()) { - LogInfo("Warning: evaluatePolicies: attribute set was empty"); - } - m_combiner->setAttributeSet(&m_attributeSet); - return m_combiner->combinePolicies(root); -} - - -int PolicyEvaluator::updatePolicy(const char* newPolicy) -{ - LogError("PolicyEvaluator::updatePolicy is DEPRECATED"); - ConfigurationManager* configMgr = ConfigurationManager::getInstance(); - if (NULL == configMgr) { - LogError("ACE fatal error: failed to create configuration manager"); - return POLICY_PARSING_ERROR; - } - int result = POLICY_PARSING_SUCCESS; - if (newPolicy == NULL) { - LogError("Policy Update: incorrect policy name"); - return POLICY_FILE_ERROR; - } - LogDebug("Starting update policy: " << newPolicy); - - Parser parser; - TreeNode *backup = m_uniform_policy; - - m_uniform_policy = parser.parse(newPolicy, - configMgr->getFullPathToPolicyXMLSchema()); - - if (NULL == m_uniform_policy) { - m_uniform_policy = backup; - LogError("Policy Update: corrupted policy file"); - result = POLICY_PARSING_ERROR; - } else { - m_currentPolicyFile = newPolicy; - m_wac_policy = m_uniform_policy; //we must be able to use WAC widgets - m_tizen_policy = m_uniform_policy;//we must be able to use Tizen widgets - m_attributeSet.clear(); - backup->releaseResources(); - LogInfo("Policy Update: successful."); - try { - AceDAO::resetDatabase(); // TODO: this is strange, but this - // method is deprecated so not changing - // it (will disappear with entire method) - } catch (AceDAO::Exception::DatabaseError &e) { - } - } - return result; -} - -TreeNode * PolicyEvaluator::getDefaultSafePolicyTree(void) -{ - Policy * policy = new Policy; - Rule * rule = new Rule; - TreeNode * mainTree = NULL, - * childTree = NULL; - - policy->setCombineAlgorithm(Policy::CombineAlgorithm::DenyOverride); - rule->setEffect(Deny); - - mainTree = new TreeNode(m_uniform_policy, TreeNode::Policy, policy); - childTree = new TreeNode(mainTree, TreeNode::Rule, rule); - mainTree->addChild(childTree); - - LogError("Loading default safe policy tree"); - return mainTree; -} - -void PolicyEvaluator::updatePolicy() -{ - ConfigurationManager *configMgr = ConfigurationManager::getInstance(); - Assert(NULL != configMgr && "ACE fatal error: failed to " - "create configuration manager"); - AceDAO::clearPolicyCache(); - if (NULL != m_uniform_policy) { - m_uniform_policy->releaseResources(); - } - Parser parserWac, parserTizen; - m_wac_policy = parserWac.parse( - configMgr->getFullPathToPolicyFile(PolicyType::WAC2_0), - configMgr->getFullPathToPolicyXMLSchema()); - if (NULL == m_wac_policy) { - LogError("ACE fatal error: cannot parse XML file (WAC policy)"); - m_wac_policy = getDefaultSafePolicyTree(); - } - m_tizen_policy = parserTizen.parse( - configMgr->getFullPathToPolicyFile(PolicyType::Tizen), - configMgr->getFullPathToPolicyXMLSchema()); - if (NULL == m_tizen_policy) { - LogError("ACE fatal error: cannot parse XML file (Tizen policy)"); - m_tizen_policy = getDefaultSafePolicyTree(); - } - // Policy set is usefull for releasing all policies in case of - // policy change - Policy * policySet = new PolicySet(); - policySet->setCombineAlgorithm(Policy::CombineAlgorithm::DenyOverride); - m_uniform_policy = new TreeNode(NULL, TreeNode::PolicySet, policySet); - m_uniform_policy->addChild(m_wac_policy); - m_uniform_policy->addChild(m_tizen_policy); - - // Creating attribute set for the first time after loading policy - // to speed up queries - m_attributeSet.clear(); - fillAttributeWithPolicy(); -} - -std::string PolicyEvaluator::getCurrentPolicy() -{ - LogError("PolicyEvaluator::getCurrentPolicy is DEPRECATED"); - return m_currentPolicyFile; -} - -const char * toString(Validity validity) -{ - switch (validity) { - case Validity::ONCE: - return "Once"; - break; - case Validity::SESSION: - return "Session"; - case Validity::ALWAYS: - return "Always"; - default: - return "WRONG VALIDITY"; - } -} - -const char * toString(Verdict verdict) -{ - switch (verdict) { - case Verdict::VERDICT_PERMIT: - return "Permit"; - case Verdict::VERDICT_DENY: - return "Deny"; - case Verdict::VERDICT_INAPPLICABLE: - return "Inapplicable"; - case Verdict::VERDICT_UNKNOWN: - return "Unknown"; - case Verdict::VERDICT_UNDETERMINED: - return "Undetermined"; - case Verdict::VERDICT_ERROR: - return "Error"; - case Verdict::VERDICT_ASYNC: - return "Async"; - default: - return "Wrong verdict value"; - } -} diff --git a/ace/engine/PolicyInformationPoint.cpp b/ace/engine/PolicyInformationPoint.cpp deleted file mode 100644 index b273809..0000000 --- a/ace/engine/PolicyInformationPoint.cpp +++ /dev/null @@ -1,278 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// -// @ Project : Access Control Engine -// @ File Name : PolicyInformationPoint.cpp -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// -#include -#include -#include - -#include -#include - -#include -#include -#include - -#include -#include -#include - -using namespace AceDB; - -PolicyInformationPoint::PolicyInformationPoint(IWebRuntime *wrt, - IResourceInformation *resource, - IOperationSystem *system) : wrtInterface(wrt), - resourceInformation(resource), - operationSystem(system) -{ - AceDB::AceDAOReadOnly::attachToThreadRO(); -} - -PolicyInformationPoint::~PolicyInformationPoint() -{ - AceDB::AceDAOReadOnly::detachFromThread(); -} - -/* gather attributes values from adequate interfaces */ -PipResponse PolicyInformationPoint::getAttributesValues(const Request* request, - AttributeSet* attributes) -{ - int subjectReturn = 0; - int resourceReturn = 0; - int operationReturn = 0; - int functionReturn = 0; - /* create query lists */ - createQueries(attributes); - - /* check if subject attributes query has any elements*/ - if (!subjectAttributesQuery.empty()) { - /* get Subject Attributes */ - subjectReturn = wrtInterface->getAttributesValues( - *request, - &subjectAttributesQuery); - } - - AttributeSet::const_iterator iter2; - FOREACH(iter, subjectAttributesQuery) - { - if (iter->second == NULL) { - Attribute attr(*(iter->first)); - attr.setType(Attribute::Type::Subject); - iter2 = std::find_if(attributes->begin(), - attributes->end(), - BaseAttribute::UnaryPredicate(&attr)); - Assert(iter2 != attributes->end() && "This should not happen, " - "the attribute MUST be in attribute set"); - (*iter2)->setUndetermind(true); - } - } - - /* check if resource attributes query has any elements*/ - if (!resourceAttributesQuery.empty()) { - /* get Resource Attributes */ - resourceReturn = resourceInformation->getAttributesValues( - *request, - &resourceAttributesQuery); - /* error analyzys*/ - resourceReturn <<= ERROR_SHIFT_RESOURCE; - } - - FOREACH(iter, resourceAttributesQuery) - { - if (iter->second == NULL) { - LogInfo("Found undetermined attribute"); - Attribute attr(*(iter->first)); - attr.setType(Attribute::Type::Resource); - iter2 = std::find_if(attributes->begin(), - attributes->end(), - BaseAttribute::UnaryPredicate(&attr)); - Assert(iter2 != attributes->end() && "This should not happen, " - "the attribute MUST be in attribute set"); - (*iter2)->setUndetermind(true); - } - } - - /* check if resource attributes query has any elements*/ - if (!environmentAttributesQuery.empty()) { - /* get enviroment attributes */ - operationReturn = operationSystem->getAttributesValues( - *request, - &environmentAttributesQuery); - /* error analyzys*/ - operationReturn <<= ERROR_SHIFT_OS; - } - - FOREACH(iter, environmentAttributesQuery) - { - if (iter->second == NULL) { - //it doesnt change uniqueness of a set element so we can const_cast - Attribute attr(*(iter->first)); - attr.setType(Attribute::Type::Environment); - iter2 = find_if(attributes->begin(), - attributes->end(), - BaseAttribute::UnaryPredicate(&attr)); - Assert(iter2 != attributes->end() && "This should not happen, " - "the attribute MUST be in attribute set"); - (*iter2)->setUndetermind(true); - } - } - - /* check if functionParam attributes query has any elements*/ - if (!functionParamAttributesQuery.empty() && request->getFunctionParam()) { - /* get params attributes */ - functionReturn = request->getFunctionParam()->getAttributesValues( - *request, - &functionParamAttributesQuery); - /* error analyzys*/ - functionReturn <<= ERROR_SHIFT_FP; - } - - FOREACH(iter, functionParamAttributesQuery) - { - if (iter->second == NULL) { - //it doesnt change uniqueness of a set element so we can const_cast - Attribute attr(*(iter->first)); - attr.setType(Attribute::Type::FunctionParam); - iter2 = find_if(attributes->begin(), - attributes->end(), - BaseAttribute::UnaryPredicate(&attr)); - Assert(iter2 != attributes->end() && "This should not happen, " - "the attribute MUST be in attribute set"); - (*iter2)->setUndetermind(true); - } - } - - // Here we must add to attributes proper marking of policy type - // (Tizen or WAC widget) - /** - * This part of code seems odd here, but we don't want to keep it in - * attribute fascade, as it is maintained by ACE clients and we are not - * sure if this kind of distinction between different policies will be ok - * as final solution. - * - * This is somehow private part of ACE, so it may be moved into - * separate ACEAttributeFascade kind of a class in (already planned) - * refactoring, when moving to new, C-only API for ACE. - */ - if (widgetParamAttributesQuery.empty()) { - LogError("No attrbutes of WidgetParam type present - " - "should be widget type at least"); - } else { - LogDebug("WidgetParam type atributes present, searching for widget type"); - FOREACH(iter, widgetParamAttributesQuery) { - const std::string *name = iter->first; - if (POLICY_WIDGET_TYPE_ATTRIBUTE_NAME == *name) { - LogDebug("Widget type attribute found"); - - // Extracting widget type - std::list attrValue; - Try { - AceDB::AppTypes appType = - AceDB::AceDAOReadOnly::getWidgetType( - request->getWidgetHandle()); - switch (appType) { - case AceDB::AppTypes::Tizen : { - attrValue.push_back(POLICY_NAME_TIZEN); - LogDebug("==== Using Tizen policy in PIP ===="); - break;} - case AceDB::AppTypes::WAC20 : { - attrValue.push_back(POLICY_NAME_WAC2_0); - LogDebug("==== Using WAC policy in PIP ===="); - break;} - default: { - LogError("Invalid widget type"); - } - } - } Catch (AceDB::AceDAOReadOnly::Exception::DatabaseError) - { - LogError("Couldn't find widget for handle " - << request->getWidgetHandle()); - } - - // Setting real attribute value - Attribute attr(*(iter->first)); - attr.setType(Attribute::Type::WidgetParam); - iter2 = find_if(attributes->begin(), - attributes->end(), - BaseAttribute::UnaryPredicate(&attr)); - Assert(iter2 != attributes->end() && "This should not happen, " - "the attribute MUST be in attribute set"); - (*iter2)->setUndetermind(false); - (*iter2)->setValue(attrValue); - } - } - } - - /** clear query lists*/ - resourceAttributesQuery.clear(); - environmentAttributesQuery.clear(); - subjectAttributesQuery.clear(); - functionParamAttributesQuery.clear(); - widgetParamAttributesQuery.clear(); - - return subjectReturn | resourceReturn | operationReturn | functionReturn; -} - -/** create query lists */ -void PolicyInformationPoint::createQueries(AttributeSet* attributes) -{ - AttributeSet::const_iterator it; - - enum Attribute::Type type; - - /**iterate all attributes and split them into adequate query */ - FOREACH (it, *attributes) { - type = (*it)->getType(); - - switch (type) { - case Attribute::Type::Subject: - subjectAttributesQuery.push_back(ATTRIBUTE((*it)->getName(), - (*it)->getValue())); - break; - - case Attribute::Type::Environment: - environmentAttributesQuery.push_back(ATTRIBUTE((*it)->getName(), - (*it)->getValue())); - break; - - case Attribute::Type::Resource: - resourceAttributesQuery.push_back(ATTRIBUTE((*it)->getName(), - (*it)->getValue())); - break; - - case Attribute::Type::FunctionParam: - functionParamAttributesQuery.push_back(ATTRIBUTE((*it)->getName(), - (*it)->getValue())); - break; - - case Attribute::Type::WidgetParam: - widgetParamAttributesQuery.push_back(ATTRIBUTE((*it)->getName(), - (*it)->getValue())); - break; - default: - break; - } - } -} - diff --git a/ace/engine/Rule.cpp b/ace/engine/Rule.cpp deleted file mode 100644 index c1703bb..0000000 --- a/ace/engine/Rule.cpp +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Rule.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#include -#include - -#include - -void Rule::printData() -{ - std::cout << "Rule: effect: " << printEffect(this->effect) << - " condition: " << this->condition; -} - -std::string Rule::printEffect(const ExtendedEffect &effect) const -{ - switch (effect.getEffect()) { - case Deny: - return "Deny"; - case PromptBlanket: - return "PromptBlanket"; - case PromptOneShot: - return "PromptOneShot"; - case PromptSession: - return "PromptSession"; - case Permit: - return "Permit"; - case Inapplicable: - return "Inapplicable"; - case Error: - return "Error"; - default: - return "ERROR"; - } -} - -ExtendedEffect Rule::evaluateRule(const AttributeSet * attrSet) const -{ - Attribute::MatchResult result = condition.evaluateCondition(attrSet); - - if (result == Attribute::MatchResult::MRUndetermined) { - // LogInfo("Rule is undetermined"); - return ExtendedEffect(Undetermined); - } else if (result == Attribute::MatchResult::MRTrue) { - // LogInfo("Rule effect "< - -#include -#include - -#include - -using namespace AceDB; - -Preference SettingsLogic::findGlobalUserSettings( - const std::string &resource, - WidgetHandle handler) -{ - Preference p = AceDAO::getWidgetDevCapSetting(resource, handler); - if (PreferenceTypes::PREFERENCE_DEFAULT == p) { - return AceDAO::getDevCapSetting(resource); - } else { - return p; - } -} - -Preference SettingsLogic::findGlobalUserSettings( - const Request &request) -{ - Request::DeviceCapabilitySet devset = request.getDeviceCapabilitySet(); - Assert(!devset.empty() && "No device cap set in request"); - return findGlobalUserSettings( - *(devset.begin()), - request.getWidgetHandle()); -} - -Preference SettingsLogic::getDevCapSetting(const std::string &resource) -{ - return AceDAO::getDevCapSetting(resource); -} - -void SettingsLogic::getDevCapSettings(PreferenceMap *globalSettingsMap) -{ - AceDAO::getDevCapSettings(globalSettingsMap); // NULL check inside -} - - -void SettingsLogic::setDevCapSetting(const std::string &resource, - Preference preference) -{ - if (resource.empty()) { - LogInfo("WARNING: setting resource settings for empty resource name"); - } - - AceDAO::addResource(resource); - - if (preference == PreferenceTypes::PREFERENCE_DEFAULT) { - return; - } - - Assert((PreferenceTypes::PREFERENCE_PERMIT == preference || - PreferenceTypes::PREFERENCE_DENY == preference || - PreferenceTypes::PREFERENCE_BLANKET_PROMPT == preference || - PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT == preference || - PreferenceTypes::PREFERENCE_SESSION_PROMPT == preference)); - - AceDAO::setDevCapSetting(resource,preference); -} - -void SettingsLogic::setAllDevCapSettings( - const std::list < std::pair < const std::string*, - Preference > > &resourcesList) -{ - std::list < std::pair < const std::string*, - Preference > >::const_iterator iter; - for (iter = resourcesList.begin(); iter != resourcesList.end(); ++iter) { - SettingsLogic::setDevCapSetting(*(iter->first), iter->second); - } -} - -void SettingsLogic::removeDevCapSetting(const std::string &resource) -{ - AceDAO::removeDevCapSetting(resource); -} - -void SettingsLogic::updateDevCapSetting(const std::string &resource, - Preference p) -{ - if (PreferenceTypes::PREFERENCE_DEFAULT == p) { - SettingsLogic::removeDevCapSetting(resource); - } else { - SettingsLogic::setDevCapSetting(resource, p); - } -} - -Preference SettingsLogic::getWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler) -{ - return AceDAO::getWidgetDevCapSetting(resource, handler); -} - -void SettingsLogic::getWidgetDevCapSettings(PermissionList *outputList) -{ - AceDAO::getWidgetDevCapSettings(outputList); // NULL check inside -} - - -void SettingsLogic::setWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler, - Preference preference) -{ - if (resource.empty()) { - LogError("Empty resource"); - return; - } - - LogDebug("userSetting, resource: " << resource << - " app_id: " << handler); - - AceDAO::addResource(resource); - SettingsLogic::removeWidgetDevCapSetting(resource, handler); - - if (PreferenceTypes::PREFERENCE_DEFAULT == preference) { - return; - } - - Assert((PreferenceTypes::PREFERENCE_PERMIT == preference || - PreferenceTypes::PREFERENCE_DENY == preference || - PreferenceTypes::PREFERENCE_BLANKET_PROMPT == preference || - PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT == preference || - PreferenceTypes::PREFERENCE_SESSION_PROMPT == preference)); - - AceDAO::setWidgetDevCapSetting(resource, handler, preference); -} - - -void SettingsLogic::setWidgetDevCapSettings(const PermissionList &permissionsList) -{ - FOREACH(i, permissionsList) { - SettingsLogic::setWidgetDevCapSetting(i->devCap, - i->appId, - i->access); - } -} - - -void SettingsLogic::removeWidgetDevCapSetting(const std::string &resource, - WidgetHandle handler) -{ - AceDAO::removeWidgetDevCapSetting(resource, handler); -} diff --git a/ace/engine/Subject.cpp b/ace/engine/Subject.cpp deleted file mode 100644 index 57724be..0000000 --- a/ace/engine/Subject.cpp +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include - -#include - -bool Subject::matchSubject(const AttributeSet *attrSet, - bool &isUndetermined) const -{ - bool result = true; - Attribute::MatchResult match = Attribute::MatchResult::MRUndetermined; - - FOREACH(it, targetAttributes) - { - AttributeSet::const_iterator attr = - std::find_if(attrSet->begin(), - attrSet->end(), - AceDB::BaseAttribute::UnaryPredicate(&(*it))); - if (attr == attrSet->end()) { - LogError("Cannot find attribute value for " << *(it->getName())); - Assert(false && - "Attribute for subject hasn't been found." - "It shoud not happen. This attribute should be undetermined," - "not missing"); - result = false; //According to BONDI 1.0 for signle subject all attributes must match - isUndetermined = true; - break; - } - - match = it->matchAttributes(&(*(*attr))); - - if (match == Attribute::MatchResult::MRUndetermined) { - result = false; - isUndetermined = true; - /// LogError("Subject doesn match and UNDETERMINED"); - break; //According to BONDI 1.0 for signle subject all attributes must match - } else if (match == Attribute::MatchResult::MRFalse) { - result = false; - // LogError("Subject doesn match and DETERMINED"); - break; //According to BONDI 1.0 for signle subject all attributes must match - } - } - - return result; -} - -const std::list& Subject::getTargetAttributes() const -{ - return targetAttributes; -} - diff --git a/ace/engine/TreeNode.cpp b/ace/engine/TreeNode.cpp deleted file mode 100644 index 039ada6..0000000 --- a/ace/engine/TreeNode.cpp +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include - -//Tree node destructor is a tricky part, only the original tree should remove the elements -//release resources should be called when we want to destroy the whole tree -TreeNode::~TreeNode() -{ -} - -//TODO release resources is releaseTheSubtree and delete the element -void TreeNode::releaseResources() -{ - Assert(this != 0); - delete element; - std::list::iterator it = this->children.begin(); - while (it != children.end()) { - (*it)->releaseResources(); - ++it; - } - delete this; -} - -int TreeNode::level = 0; - -std::ostream & operator<<(std::ostream & out, - const TreeNode * node) -{ - std::string tmp; - - switch (node->getTypeID()) { - case TreeNode::Policy: - tmp = "Policy"; - break; - case TreeNode::PolicySet: - tmp = "PolicySet"; - break; - case TreeNode::Rule: - tmp = "Rule"; - break; - default: - break; - } - - out << "" << tmp << "-> children count: " << node->children.size() << - ": " << std::endl; - AbstractTreeElement * el = node->getElement(); - if (el != NULL) { - el->printData(); - } else { - std::cout << "Empty element!" << std::endl; - } - - return out; -} - diff --git a/ace/engine/parser.cpp b/ace/engine/parser.cpp deleted file mode 100644 index fa9ae36..0000000 --- a/ace/engine/parser.cpp +++ /dev/null @@ -1,744 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include -#include -#include -#include -#include - -#include -#include - -namespace { - -class ParserWarningLogger -{ - public: - void operator()(const std::string& logMsg) - { - LogWarning(logMsg); - } -}; - -class ParserErrorLogger -{ - public: - void operator()(const std::string& logMsg) - { - LogError(logMsg); - } -}; - -template -void xmlLogFunction(void* /*ctx*/, const char *msg, ...) -{ - const int BUFFER_SIZE = 1024; - char buffer[BUFFER_SIZE]; - buffer[BUFFER_SIZE - 1] = '\0'; - Logger l; - - va_list va; - va_start(va, msg); - vsnprintf(buffer, BUFFER_SIZE - 1, msg, va); - va_end(va); - - std::string logmsg(buffer); - l(logmsg); -} - -} - -const char *Parser::TOKEN_PARAM = "param:"; - -Parser::Parser() : - ruleId(0), - reader(NULL), - root(NULL), - currentRoot(NULL), - currentSubject(NULL), - currentCondition(NULL), - currentAttribute(NULL), - currentText(NULL), - processingSignature(false), - canonicalizeOnce(false) -{ - processingSignature = true; - canonicalizeOnce = true; -} - -Parser::~Parser() -{ - /* parse function destroys reader */ - // free(this->xmlFilename); -} - -TreeNode* Parser::parse(const std::string& filename, const std::string& schema) -{ - if(root != NULL) { - root->releaseResources(); - root = NULL; - } - - LogDebug("Parser: opening file " << filename); - - xmlDocPtr xmlDocument = xmlParseFile(filename.c_str()); - if (!xmlDocument) { - LogError("Couldn't parse file " << filename); - return root; - } - - std::unique_ptr > - doc(xmlDocument, xmlFreeDoc); - - xmlSchemaParserCtxtPtr xmlSchemaParserContext = - xmlSchemaNewParserCtxt(schema.c_str()); - - if (!xmlSchemaParserContext) { - LogError("Couldn't load xml schema: " << schema); - return root; - } - - std::unique_ptr < - xmlSchemaParserCtxt, - std::function > - schemaContext( - xmlSchemaParserContext, - xmlSchemaFreeParserCtxt); - - LogDebug("Setting callbacks"); - - xmlSchemaSetParserErrors( - schemaContext.get(), - static_cast - (&xmlLogFunction), - static_cast - (&xmlLogFunction), - NULL); - - xmlSchemaPtr xmlSchema = xmlSchemaParse(schemaContext.get()); - - if (!xmlSchema) { - LogError("Couldn't parse xml schema: " << xmlSchema); - return root; - } - - xmlSchemaValidCtxtPtr xmlValidContext = xmlSchemaNewValidCtxt(xmlSchema); - - if (!xmlValidContext) { - LogError("Couldn't create validation context!"); - return root; - } - - std::unique_ptr < - xmlSchemaValidCtxt, - std::function > - schemaValidContext( - xmlValidContext, - xmlSchemaFreeValidCtxt); - - xmlSchemaSetValidErrors( - schemaValidContext.get(), - static_cast - (&xmlLogFunction), - static_cast - (&xmlLogFunction), - NULL); - - xmlSchemaSetValidOptions( - schemaValidContext.get(), - XML_SCHEMA_VAL_VC_I_CREATE); - - bool result = - (xmlSchemaValidateDoc( - schemaValidContext.get(), - xmlDocument) == 0 ? true : false); - - if (!result) { - LogError("Couldn't validate policy file: " << filename << - " against xml schema: " << schema); - - return root; - } - - LogInfo("Policy file: " << filename << " validated!"); - - xmlTextReaderPtr xmlReader = xmlReaderWalker(xmlDocument); - - //[CR] consider using ASSERT/DASSERT - if (NULL == xmlReader) { - LogError("Error, xml reader cannot be created. Probably xml file is missing (opening file " << filename << ")"); - return root; - } - - std::unique_ptr > - reader(xmlReader, xmlFreeTextReader); - - int ret; - ret = xmlTextReaderRead(reader.get()); - while (ret == 1) { - std::unique_ptr > - name(xmlTextReaderName(reader.get()), xmlFree); - - if (!strcmp("policy-set", (const char *)name.get())) { - processingSignature = false; - } else if (!strcmp("SignedInfo", - (const char *)name.get()) && canonicalizeOnce) { - #if 0 //TODO I think we don't need canonicalization in ACE only in PM, - //we have to verify it tough - extractNodeToFile(reader, "output.xml"); - //TODO we should be able to handle more than one canonicalization algorithm - canonicalize("output.xml", "canon.xml", Canonicalization::C14N); - canonicalizeOnce = false; - #endif - } - //Do not process signature of xml file - if(!processingSignature) { - processNode(reader.get()); - } - ret = xmlTextReaderRead(reader.get()); - } - - if (ret != 0) { - LogError("Error while parsing XML file"); - if (root) { - root->releaseResources(); - root = NULL; - } - } - - return root; -} - -void Parser::processNode(xmlTextReaderPtr reader) -{ - //TODO this is interesting, xmlTextReaderNodeType returns int but I am pretty sure - //those integers coresponds to xmlReaderTypes - xmlReaderTypes type = - static_cast(xmlTextReaderNodeType(reader)); - - switch (type) { - //Start element - case XML_READER_TYPE_ELEMENT: - startNodeHandler(reader); - break; - //End element - case XML_READER_TYPE_END_ELEMENT: - endNodeHandler(reader); - break; - //Text element - case XML_READER_TYPE_TEXT: - textNodeHandler(reader); - break; - default: - //Do not handle other xml tags - break; - } -} - -void Parser::startNodeHandler(xmlTextReaderPtr reader) -{ - xmlChar *name = xmlTextReaderName(reader); - - switch (*name) { - case 'p': //policy and policy-set - if (*(name + 6) == 0) { - handlePolicy(reader, TreeNode::Policy); - } else { - handlePolicy(reader, TreeNode::PolicySet); - } - break; - case 'r': //rule and resource-match - if (*(name + 1) == 'u') { - handleRule(reader); - } else if (*(name + 9) == 'm') { - handleMatch(reader, Attribute::Type::Resource); - } else { - handleAttr(reader); - } - break; - case 's': //subject and subject-match - if (*(name + 7) == 0) { - handleSubject(); - } else if (*(name + 8) == 'm') { //subject match - handleSubjectMatch(reader); - } else { //subject attr - handleAttr(reader); - } - break; - case 'c': //condition - handleCondition(reader); - break; - case 'e': //environment-match - if (*(name + 12) == 'm') { - handleMatch(reader, Attribute::Type::Environment); - } else { //env-attr - handleAttr(reader); - } - break; - } - xmlFree(name); -} - -void Parser::endNodeHandler(xmlTextReaderPtr reader) -{ - xmlChar *name = xmlTextReaderName(reader); - - switch (*name) { - case 'p': //policy and policy-set - //Restore old root - currentRoot = currentRoot->getParent(); - break; - case 'r': //Rule and resource match - if (*(name + 1) == 'u') { //Rule - currentRoot = currentRoot->getParent(); - } else { //Resource-match - consumeCurrentText(); //consume text if any available - consumeCurrentAttribute(); //consume attribute - } - break; - case 's': //subject and subject-match - if (*(name + 7) == 0) { //handle subject - consumeCurrentSubject(); - } else if (*(name + 8) == 'm') { //handle subject match - consumeCurrentText(); - consumeSubjectMatch(); - } - //Subject-match end doesn't require handling - break; - case 'c': //condition - consumeCurrentCondition(); - break; - case 'e': //environment-match - consumeCurrentText(); //consume text if any available - consumeCurrentAttribute(); //consume attribute - break; - } - xmlFree(name); -} - -void Parser::textNodeHandler(xmlTextReaderPtr reader) -{ - delete currentText; - xmlChar * text = xmlTextReaderValue(reader); - Assert(text != NULL && "Parser couldn't parse PCDATA"); - - currentText = new std::string(reinterpret_cast(text)); - trim(currentText); - xmlFree(text); -} - -void Parser::handlePolicy(xmlTextReaderPtr reader, - TreeNode::TypeID type) -{ - Policy::CombineAlgorithm algorithm; - - //Get first attribute - xmlChar * combAlg = xmlTextReaderGetAttribute(reader, BAD_CAST("combine")); - - Assert(combAlg != NULL && "Parser error while getting attributes"); - algorithm = convertToCombineAlgorithm(combAlg); - - //Create TreeNode element - Policy * policy = NULL; - if (type == TreeNode::Policy) { - policy = new Policy(); - } else { - policy = new PolicySet(); - } - policy->setCombineAlgorithm(algorithm); - TreeNode * node = new TreeNode(currentRoot, type, policy); - //Add new tree node to current's root children set - if (currentRoot != NULL) { - currentRoot->addChild(node); - } - - //Switch the current root to the new node - if (!xmlTextReaderIsEmptyElement(reader)) { - //Current root switching is necessary only if tag is not empty - currentRoot = node; - } - if (root == NULL) { - root = currentRoot; - } - - if (NULL == currentRoot) { - node->releaseResources(); - } - - xmlFree(combAlg); -} - -void Parser::handleRule(xmlTextReaderPtr reader) -{ - ExtendedEffect effect(Inapplicable); - - //[CR] create macros for attribute names - xmlChar * eff = xmlTextReaderGetAttribute(reader, BAD_CAST("effect")); //get the rule attribute - - Assert(eff != NULL && "Parser error while getting attributes"); - effect = convertToEffect(eff); - - Rule * rule = NULL; - rule = new Rule(); - rule->setEffect(effect); - - TreeNode * node = new TreeNode(currentRoot, TreeNode::Rule, rule); - //Add new tree node to current's root children set - if (currentRoot != NULL) { // - currentRoot->addChild(node); - } - - if (!xmlTextReaderIsEmptyElement(reader)) { - currentRoot = node; - } - - if (NULL == currentRoot) { - node->releaseResources(); - } - - xmlFree(eff); -} - -void Parser::handleSubject() -{ - currentSubject = new Subject(); - //TODO what about empty subject tag -} - -void Parser::handleCondition(xmlTextReaderPtr reader) -{ - Condition::CombineType combineType = Condition::AND; - - xmlChar * combine = xmlTextReaderGetAttribute(reader, BAD_CAST("combine")); //get the rule attribute - - Assert(combine != NULL && "Parser error while getting attributes"); - - combineType = *combine == 'a' ? Condition::AND : Condition::OR; - - Condition * condition = new Condition(); - condition->setCombineType(combineType); - condition->setParent(currentCondition); - - currentCondition = condition; - //TODO what about empty condition tag? -} - -//Subject match is handled differently than resource or environment match -//Because it cannot have any children tags and can only include PCDATA -void Parser::handleSubjectMatch(xmlTextReaderPtr reader) -{ - //processing Subject - int attributes = xmlTextReaderAttributeCount(reader); - - xmlChar * func = NULL; - xmlChar * value = NULL; - xmlChar * attrName = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute - - if (attributes == 2) { - //match attribute ommited, text value will be used - func = xmlTextReaderGetAttribute(reader, BAD_CAST("func")); - } else if (attributes == 3) { - value = xmlTextReaderGetAttribute(reader, BAD_CAST("match")); - func = xmlTextReaderGetAttribute(reader, BAD_CAST("func")); - } else { - Assert(false && "Wrong XML file format"); - } - - // creating temporiary object is not good idea - // but we have no choice untill Attribute have constructor taking std::string* - std::string temp(reinterpret_cast(attrName)); - Attribute * attr = new Attribute(&temp, convertToMatchFunction( - func), Attribute::Type::Subject); - if (value != NULL) { //add value of the attribute if possible - //[CR] consider create Attribute::addValue(char *) function - std::string temp(reinterpret_cast(value)); - attr->addValue(&temp); - } - currentAttribute = attr; - - if (xmlTextReaderIsEmptyElement(reader)) { - Assert(value != NULL && "XML file format is wrong"); - //Attribute value is required to obtain the match value easier - consumeSubjectMatch(value); - } - - if (attributes == 2 || attributes == 3) { - xmlFree(func); - } - xmlFree(value); - xmlFree(attrName); -} - -void Parser::handleMatch(xmlTextReaderPtr reader, - Attribute::Type type) -{ - int attributes = xmlTextReaderAttributeCount(reader); - - xmlChar * func = NULL; - xmlChar * value = NULL; - xmlChar * attrName = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute - - if (attributes == 2) { - //match attribute ommited, text value will be used - func = xmlTextReaderGetAttribute(reader, BAD_CAST("func")); - //the content may be resource-attr or PCDATA - } else if (attributes == 3) { - value = xmlTextReaderGetAttribute(reader, BAD_CAST("match")); - func = xmlTextReaderGetAttribute(reader, BAD_CAST("func")); - } else { - Assert(false && "Wrong XML file format"); - } - - // FunctionParam type is sybtype of Resource. - // FunctionParam is used to storage attriburess of call functions. - if (0 == - xmlStrncmp(attrName, BAD_CAST(TOKEN_PARAM), - xmlStrlen(BAD_CAST(TOKEN_PARAM))) && type == - Attribute::Type::Resource) { - type = Attribute::Type::FunctionParam; - } - - std::string temp(reinterpret_cast(attrName)); - Attribute * attr = new Attribute(&temp, convertToMatchFunction(func), type); - currentAttribute = attr; - - if (xmlTextReaderIsEmptyElement(reader)) { - Assert(value != NULL && "XML is currupted"); - std::string tempVal(reinterpret_cast(value)); - currentAttribute->addValue(&tempVal); - consumeCurrentAttribute(); - } - - if (attributes == 2 || attributes == 3) { - xmlFree(func); - } - xmlFree(value); - xmlFree(attrName); -} - -Policy::CombineAlgorithm Parser::convertToCombineAlgorithm(xmlChar* algorithm) -{ - switch (*algorithm) { - case 'f': - if (*(algorithm + 6) == 'a') { //first applicable - return Policy::FirstApplicable; - } - return Policy::FirstTargetMatching; - case 'd': - return Policy::DenyOverride; - case 'p': - return Policy::PermitOverride; - default: - Assert(false && "Wrong combine algorithm name"); - return Policy::DenyOverride; - } -} - -ExtendedEffect Parser::convertToEffect(xmlChar *effect) -{ - switch (*effect) { - case 'd': //deny - return Deny; - break; - case 'p': - //permit, prompt-blanket, prompt-session, prompt-oneshot - if (*(effect + 1) == 'e') { - return ExtendedEffect(Permit, ruleId++); - } - switch (*(effect + 7)) { - case 'b': - return ExtendedEffect(PromptBlanket, ruleId++); - case 's': - return ExtendedEffect(PromptSession, ruleId++); - case 'o': - return ExtendedEffect(PromptOneShot, ruleId++); - default: - Assert(false && "Effect is Error"); - return ExtendedEffect(); - } - break; - default: - Assert(false && "Effect is Error"); - return ExtendedEffect(); - } - //return ExtendedEffect(Inapplicable); //unreachable statement -} - -Attribute::Match Parser::convertToMatchFunction(xmlChar * func) -{ - if (func == NULL) { - LogError("[ERROR] match function value is NULL"); - return Attribute::Match::Error; - } - - if (*func == 'g') { - return Attribute::Match::Glob; - } else if (*func == 'e') { - return Attribute::Match::Equal; - } else if (*func == 'r') { - return Attribute::Match::Regexp; - } else { - LogError("[ERROR] match function value is NULL"); - return Attribute::Match::Error; - } -} - -void Parser::handleAttr(xmlTextReaderPtr reader) -{ - xmlChar * attrValue = xmlTextReaderGetAttribute(reader, BAD_CAST("attr")); //get the first attribute - Assert(attrValue != NULL && "Error while obtaining attribute"); - - std::string temp(reinterpret_cast(attrValue)); - currentAttribute->addValue(&temp); - - xmlFree(attrValue); -} - -void Parser::consumeCurrentText() -{ - Assert(currentText != NULL); - currentAttribute->addValue(currentText); - delete currentText; - - currentText = NULL; -} - -void Parser::consumeCurrentAttribute() -{ - Assert(currentAttribute != NULL); - - currentCondition->addAttribute(*currentAttribute); - delete currentAttribute; - - currentAttribute = NULL; -} - -void Parser::consumeCurrentSubject() -{ - Policy * policy = dynamic_cast(currentRoot->getElement()); - Assert(policy != NULL); - policy->addSubject(currentSubject); - //TODO maybe keep subjects not subject pointers in Policies and consume subjects here - currentSubject = NULL; -} - -void Parser::consumeCurrentCondition() -{ - Condition * temp = NULL; - if (currentCondition != NULL) { - if (currentCondition->getParent() != NULL) { //Condition is a child of another condition - currentCondition->getParent()->addCondition(*currentCondition); - } else { //Condition parent is a Rule - Rule * rule = dynamic_cast(currentRoot->getElement()); - Assert(rule != NULL); - rule->setCondition(*currentCondition); - } - temp = currentCondition->getParent(); - delete currentCondition; - } - currentCondition = temp; //switch current condition ( it may be switched to NULL if condition's parent was rule -} - -void Parser::consumeSubjectMatch(xmlChar * value) -{ - Assert( - currentAttribute != NULL && - "consuming subject match without attribute set"); - - if (currentSubject != NULL) { - currentSubject->addNewAttribute(*currentAttribute); - //[CR] matching/modyfing functions transform uri.host to uri ( etc. ) so strncmp is not needed, string equality will do - if (!strncmp(currentAttribute->getName()->c_str(), "uri", - 3) || - !strncmp(currentAttribute->getName()->c_str(), "id", 2)) { - if (value != NULL) { - currentSubject->setSubjectId(reinterpret_cast( - value)); - } else if (currentAttribute->getValue()->size()) { - currentSubject->setSubjectId( - currentAttribute->getValue()->front()); - } else { - Assert(false); - } - } - } else if (currentCondition != NULL) { - currentCondition->addAttribute(*currentAttribute); - } - - delete currentAttribute; - currentAttribute = NULL; -} - -void Parser::trim(std::string * str) -{ - std::string::size_type pos = str->find_last_not_of(whitespaces); - if (pos != std::string::npos) { - str->erase(pos + 1); - pos = str->find_first_not_of(whitespaces); - if (pos != std::string::npos) { - str->erase(0, pos); - } - } else { - str->erase(str->begin(), str->end()); - LogInfo("Warning, empty string as attribute value"); - } -} - -// KW void Parser::canonicalize(const char * input, const char * output, CanonicalizationAlgorithm canonicalizationAlgorithm){ -// KW -// KW xmlDocPtr doc = xmlParseFile(input); -// KW //xmlDocDump(stdout, doc); -// KW -// KW if(doc == NULL) -// KW { -// KW LogError("Canonicalization error, cannot parser xml file"); -// KW } -// KW -// KW -// KW int mode = -1; -// KW if(canonicalizationAlgorithm == C14N) -// KW { -// KW mode = 0; -// KW } -// KW else if(canonicalizationAlgorithm == C14NEXCLUSIVE) -// KW { -// KW mode = 1; -// KW } -// KW -// KW -// KW xmlC14NDocSave(doc, NULL, mode, NULL, 0, output, 0); -// KW -// KW xmlFreeDoc(doc); -// KW -// KW } - -// KW int Parser::extractNodeToFile(xmlTextReaderPtr reader, const char * filename){ -// KW -// KW xmlNodePtr node = xmlTextReaderExpand(reader); -// KW xmlBufferPtr buff = xmlBufferCreate(); -// KW xmlNodeDump(buff, node->doc, node, 0, 0); -// KW FILE * file = fopen(filename, "w"); -// KW if(file == NULL){ -// KW LogError("Error while trying to open file "< -#include - -namespace AceDB { -namespace AceDaoConversions { - -DPL::String convertToHash(const BaseAttributeSet &attributes); - -} -} - -#endif diff --git a/ace/include/ace-dao-ro/AceDAOReadOnly.h b/ace/include/ace-dao-ro/AceDAOReadOnly.h deleted file mode 100644 index cda83c8..0000000 --- a/ace/include/ace-dao-ro/AceDAOReadOnly.h +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDAOReadOnly.h - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACE_DAO_READ_ONLY_H_ -#define ACE_DAO_READ_ONLY_H_ - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -namespace AceDB { - -typedef std::map RequestedDevCapsMap; -typedef DPL::String FeatureName; -typedef std::vector FeatureNameVector; - -class AceDAOReadOnly -{ - public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, DatabaseError) - }; - - AceDAOReadOnly() {} - - static void attachToThreadRO(void); - static void attachToThreadRW(void); - static void detachFromThread(void); - - // policy effect/decision - static OptionalExtendedPolicyResult getPolicyResult( - const BaseAttributeSet &attributes); - - static OptionalExtendedPolicyResult getPolicyResult( - const DPL::String &attrHash); - - static OptionalCachedPromptDecision getPromptDecision( - WidgetHandle widgetHandle, - int ruleId); - - // resource settings - static PreferenceTypes getDevCapSetting(const std::string &resource); - static void getDevCapSettings(PreferenceTypesMap *preferences); - - // user settings - static void getWidgetDevCapSettings(BasePermissionList *permissions); - static PreferenceTypes getWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler); - - static void getAttributes(BaseAttributeSet *attributes); - - // Getter for device capabilities that are requested in widgets config. - // - // Additional boolean flag means whether widget will always get - // (at launch) the SMACK permissions needed to use the device cap). - // - // 'permissions' is the map of device cap names and smack status for - // given widget handle. - static void getRequestedDevCaps( - WidgetHandle widgetHandle, - RequestedDevCapsMap *permissions); - - static void getAcceptedFeature( - WidgetHandle widgetHandle, - FeatureNameVector *featureVector); - - static WidgetHandleList getHandleList(); - - static AppTypes getWidgetType(WidgetHandle handle); - static std::string getVersion(WidgetHandle widgetHandle); - static std::string getAuthorName(WidgetHandle widgetHandle); - static std::string getGUID(WidgetHandle widgetHandle); - - static WidgetCertificateCNList getKeyCommonNameList( - WidgetHandle widgetHandle, - WidgetCertificateData::Owner owner, - WidgetCertificateData::Type type); - static FingerPrintList getKeyFingerprints( - WidgetHandle widgetHandle, - WidgetCertificateData::Owner owner, - WidgetCertificateData::Type type); - - static std::string getShareHref(WidgetHandle widgetHandle); - static bool isWidgetInstalled(WidgetHandle handle); - - protected: - static int promptDecisionToInt(PromptDecision decision); - static PromptDecision intToPromptDecision(int decision); - static int appTypeToInt(AppTypes app_type); - static AppTypes intToAppType(int app_type); -}; - -} - -#endif diff --git a/ace/include/ace-dao-ro/AceDAOUtilities.h b/ace/include/ace-dao-ro/AceDAOUtilities.h deleted file mode 100644 index cae59a4..0000000 --- a/ace/include/ace-dao-ro/AceDAOUtilities.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDAOUtil.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef WRT_ACE_DAO_UTILITIES_H_ -#define WRT_ACE_DAO_UTILITIES_H_ - -#include -#include -#include -#include -#include - -namespace AceDB { - -namespace AceDaoUtilities { - -BaseAttribute::Type intToAttributeType(int val); -int attributeTypeToInt(BaseAttribute::Type type); -int preferenceToInt(PreferenceTypes p); -PreferenceTypes intToPreference(int p); -VerdictTypes intToVerdict(int v); -int verdictToInt(VerdictTypes v); -bool getSubjectByUri(const std::string &uri, - DPL::DB::ORM::ace::AceSubject::Row &row); -bool getResourceByUri(const std::string &uri, - DPL::DB::ORM::ace::AceDevCap::Row &row); - -extern DPL::DB::ThreadDatabaseSupport m_databaseInterface; - -} - -} - -#endif diff --git a/ace/include/ace-dao-ro/AceDatabase.h b/ace/include/ace-dao-ro/AceDatabase.h deleted file mode 100644 index d5b2838..0000000 --- a/ace/include/ace-dao-ro/AceDatabase.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file AceDatabase.h - * @author Lukasz Marek (l.marek@samsung.com) - * @version 1.0 - * @brief This file contains the declaration of ace database - */ - -#ifndef WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H -#define WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H - -#include -#include - -extern DPL::Mutex g_aceDbQueriesMutex; - -#define ACE_DB_INTERNAL(tlsCommand, InternalType, interface) \ - static DPL::ThreadLocalVariable *tlsCommand ## Ptr = NULL; \ - { \ - DPL::Mutex::ScopedLock lock(&g_aceDbQueriesMutex); \ - if (!tlsCommand ## Ptr) { \ - static DPL::ThreadLocalVariable tmp; \ - tlsCommand ## Ptr = &tmp; \ - } \ - } \ - DPL::ThreadLocalVariable &tlsCommand = *tlsCommand ## Ptr; \ - if (tlsCommand.IsNull()) { tlsCommand = InternalType(interface); } - -#define ACE_DB_SELECT(name, type, interface) \ - ACE_DB_INTERNAL(name, type::Select, interface) - -#define ACE_DB_INSERT(name, type, interface) \ - ACE_DB_INTERNAL(name, type::Insert, interface) - -#define ACE_DB_UPDATE(name, type, interface) \ - ACE_DB_INTERNAL(name, type::Update, interface) - -#define ACE_DB_DELETE(name, type, interface) \ - ACE_DB_INTERNAL(name, type::Delete, interface) - - -#endif // WRT_ENGINE_SRC_ACCESS_CONTROL_ACE_DATABASE_H diff --git a/ace/include/ace-dao-ro/AppTypes.h b/ace/include/ace-dao-ro/AppTypes.h deleted file mode 100644 index b8b56fa..0000000 --- a/ace/include/ace-dao-ro/AppTypes.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AppTypes.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - */ - -#ifndef ACCESS_CONTROL_DAO_APPTYPES_H_ -#define ACCESS_CONTROL_DAO_APPTYPES_H_ - -namespace AceDB{ - -enum class AppTypes -{ - Unknown, - WAC20, - Tizen -}; - -} - -#endif // ACCESS_CONTROL_DAO_APPTYPES_H_ diff --git a/ace/include/ace-dao-ro/BaseAttribute.h b/ace/include/ace-dao-ro/BaseAttribute.h deleted file mode 100644 index 6fb9a83..0000000 --- a/ace/include/ace-dao-ro/BaseAttribute.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file IAttribute.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_BASEATTRIBUTE_H_ -#define ACCESS_CONTROL_DAO_BASEATTRIBUTE_H_ - -#include -#include -#include -#include -#include - -namespace AceDB { - -class BaseAttribute; -typedef DPL::SharedPtr BaseAttributePtr; - -class BaseAttribute -{ - - public: - /** - * Types of attributes - */ - enum class Type { Subject, Environment, Resource, FunctionParam, - WidgetParam, Undefined }; - - struct UnaryPredicate - { - public: - UnaryPredicate(const AceDB::BaseAttribute *comp = NULL) : - m_priv(comp) - { - } - - bool operator()(const AceDB::BaseAttributePtr &comp) - { - Assert(m_priv != NULL); - if (m_priv->getName()->compare(*comp->getName()) != 0) { - return false; - } - return m_priv->getType() == comp->getType(); - } - - bool operator()(const AceDB::BaseAttributePtr &comp1, - const AceDB::BaseAttributePtr &comp2) - { - if (comp1->getType() != comp2->getType()) { - return comp1->getType() < comp2->getType(); - } - return comp1->getName()->compare(*comp2->getName()) < 0; - } - - private: - const AceDB::BaseAttribute *m_priv; - }; - - public: - BaseAttribute() : - m_typeId(Type::Undefined), - m_undetermindState(false) - {} - - virtual void setName(const std::string& name) - { - m_name = name; - } - virtual void setName(const std::string* name) - { - m_name = *name; - } - - virtual void setType(const Type& type) - { - m_typeId = type; - } - virtual Type getType() const - { - return m_typeId; - } - - virtual const std::string* getName() const - { - return &m_name; - } - - //TODO think - virtual void setUndetermind(bool tmp) - { - m_undetermindState = tmp; - } - virtual bool isUndetermind() const - { - return m_undetermindState; - } - virtual std::list * getValue() const - { - return const_cast* >(&value); - } - virtual bool isValueEmpty() const - { - return value.empty(); - } - - virtual void setValue(const std::list& arg) - { - value = arg; - } - - virtual ~BaseAttribute() - { - } - - static const char * typeToString(Type type); - - virtual std::string toString() const; - - protected: - std::string m_name; - Type m_typeId; - bool m_undetermindState; - std::list value; //string bag list -}; - -typedef std::set BaseAttributeSet; - -} - -#endif diff --git a/ace/include/ace-dao-ro/BasePermission.h b/ace/include/ace-dao-ro/BasePermission.h deleted file mode 100644 index 103cc58..0000000 --- a/ace/include/ace-dao-ro/BasePermission.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file IPermission.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_BASEPERMISSION_H_ -#define ACCESS_CONTROL_DAO_BASEPERMISSION_H_ - -#include -#include - -namespace AceDB{ - -struct BasePermission -{ - BasePermission(WidgetHandle handler, - const std::string& devCap, - PreferenceTypes accessAllowed) : - appId(handler), - devCap(devCap), - access(accessAllowed) - { - } - - WidgetHandle appId; - std::string devCap; - PreferenceTypes access; -}; - -typedef std::list BasePermissionList; - -} - -#endif diff --git a/ace/include/ace-dao-ro/IRequest.h b/ace/include/ace-dao-ro/IRequest.h deleted file mode 100644 index 2975b8b..0000000 --- a/ace/include/ace-dao-ro/IRequest.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file IRequest.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_IREQUEST_H_ -#define ACCESS_CONTROL_DAO_IREQUEST_H_ - -namespace AceDB{ - -class IRequest -{ -public: - virtual ~IRequest(){} -}; - -} - -#endif diff --git a/ace/include/ace-dao-ro/PreferenceTypes.h b/ace/include/ace-dao-ro/PreferenceTypes.h deleted file mode 100644 index 0f96dc5..0000000 --- a/ace/include/ace-dao-ro/PreferenceTypes.h +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file PreferenceTypes.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_PREFERENCETYPES_H_ -#define ACCESS_CONTROL_DAO_PREFERENCETYPES_H_ - -#include -#include - -namespace AceDB{ - -enum class PreferenceTypes -{ - PREFERENCE_PERMIT, - PREFERENCE_DENY, - PREFERENCE_DEFAULT, - PREFERENCE_BLANKET_PROMPT, - PREFERENCE_SESSION_PROMPT, - PREFERENCE_ONE_SHOT_PROMPT -}; - - -typedef std::map PreferenceTypesMap; - -} - -#endif diff --git a/ace/include/ace-dao-ro/PromptModel.h b/ace/include/ace-dao-ro/PromptModel.h deleted file mode 100644 index 8819eae..0000000 --- a/ace/include/ace-dao-ro/PromptModel.h +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* @file PromptModel.h - * @author Justyna Mejzner (j.kwiatkowsk@samsung.com) - * @author Jaroslaw Osmanski (j.osmanski@samsung.com) - * @version 1.0 - * - */ - -#ifndef WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_ -#define WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_ - -#include -#include -#include - -#include - -namespace Prompt { -typedef std::vector ButtonLabels; - -class PromptLabels -{ -public: - PromptLabels(int promptType, - const Prompt::ButtonLabels& questionLabel, - const std::string& mainLabel); - DPL::OptionalString getCheckLabel() const; - bool isAllowed(const size_t buttonNumber) const; - int getPromptType() const; - const ButtonLabels& getButtonLabels() const; - const std::string& getMainLabel() const; - -private: - int m_promptType; - ButtonLabels m_buttonLabels; - std::string m_mainLabel; -}; - -typedef std::unique_ptr PromptLabelsPtr; - -enum Validity -{ - ONCE, - SESSION, - ALWAYS -}; - -class PromptAnswer -{ -public: - PromptAnswer(bool isAccessAllowed, Validity validity); - PromptAnswer(int aPromptType, unsigned int buttonAns, bool checkAns); - bool isAccessAllowed() const; - Validity getValidity() const; - -private: - bool m_isAccessAllowed; - Validity m_validity; -}; - -class PromptModel -{ - public: - static PromptLabels* getOneShotModel(const std::string& resourceId); - static PromptLabels* getSessionModel(const std::string& resourceId); - static PromptLabels* getBlanketModel(const std::string& resourceId); - - enum PromptType - { - PROMPT_ONESHOT, - PROMPT_SESSION, - PROMPT_BLANKET - }; -}; - -} // Prompt - -#endif /* WRT_SRC_ACCESSCONTROL_ENGINE_PROMPT_MODEL_H_ */ diff --git a/ace/include/ace-dao-ro/TimedVerdict.h b/ace/include/ace-dao-ro/TimedVerdict.h deleted file mode 100644 index 8f9be66..0000000 --- a/ace/include/ace-dao-ro/TimedVerdict.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file TimedVerdict.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_TIMEDVERDICT_H_ -#define ACCESS_CONTROL_DAO_TIMEDVERDICT_H_ - -#include - -namespace AceDB{ - -struct TimedVerdict -{ - VerdictTypes decision; - /*Below values are optional,its filled only when verdict depend on session*/ - std::string session; - int subjectVerdictId; -}; - -} - -#endif diff --git a/ace/include/ace-dao-ro/ValidityTypes.h b/ace/include/ace-dao-ro/ValidityTypes.h deleted file mode 100644 index 1283cf1..0000000 --- a/ace/include/ace-dao-ro/ValidityTypes.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file ValidityTypes.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_VALIDITYTYPES_H_ -#define ACCESS_CONTROL_DAO_VALIDITYTYPES_H_ - -namespace AceDB{ - -enum class ValidityTypes -{ - ONCE, - SESSION, - ALWAYS, - UNWRITEABLE -}; - -} - -#endif diff --git a/ace/include/ace-dao-ro/VerdictTypes.h b/ace/include/ace-dao-ro/VerdictTypes.h deleted file mode 100644 index 8a312b5..0000000 --- a/ace/include/ace-dao-ro/VerdictTypes.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file VerdictTypes.h - * @author Grzegorz Krawczyk (g.krawczyk@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACCESS_CONTROL_DAO_VERDICTTYPES_H_ -#define ACCESS_CONTROL_DAO_VERDICTTYPES_H_ - -namespace AceDB{ - -enum class VerdictTypes -{ - VERDICT_PERMIT, - VERDICT_DENY, - //Verdict is innapplicable if policy evaluate to INAPPLICABLE, - //in this case WRT should decide what to do - VERDICT_INAPPLICABLE, - VERDICT_UNDETERMINED, - VERDICT_UNKNOWN, //Verdict is unknown if Verdicts manager cannot find it - VERDICT_ASYNC, - VERDICT_ERROR -}; - -} - -#endif diff --git a/ace/include/ace-dao-ro/common_dao_types.h b/ace/include/ace-dao-ro/common_dao_types.h deleted file mode 100644 index 94b4c5e..0000000 --- a/ace/include/ace-dao-ro/common_dao_types.h +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * @file common_dao_types.h - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.1 - * @brief This file contains the declaration of common data types for ace database. - */ -#ifndef ACE_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_ -#define ACE_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_ - -#include -#include -#include -#include "AppTypes.h" - -typedef int WidgetHandle; -typedef std::list WidgetHandleList; - -namespace AceDB { - -enum { - INVALID_PLUGIN_HANDLE = -1 -}; -typedef int DbPluginHandle; - -enum CertificateSource { - SIGNATURE_DISTRIBUTOR = 0, - SIGNATURE_AUTHOR = 1 -}; - -struct WidgetRegisterInfo { - AppTypes type; - DPL::OptionalString widget_id; - DPL::OptionalString authorName; - DPL::OptionalString version; - DPL::OptionalString shareHref; -}; - -typedef std::list WidgetCertificateCNList; - -struct WidgetCertificateData { - enum Owner { AUTHOR, DISTRIBUTOR, UNKNOWN }; - enum Type { ROOT, ENDENTITY }; - - Owner owner; - Type type; - - int chainId; - std::string strMD5Fingerprint; - std::string strSHA1Fingerprint; - DPL::String strCommonName; - - bool operator== (const WidgetCertificateData& certData) const { - return certData.chainId == chainId && - certData.owner == owner && - certData.strCommonName == strCommonName && - certData.strMD5Fingerprint == strMD5Fingerprint && - certData.strSHA1Fingerprint == strSHA1Fingerprint; - } -}; -typedef std::list WidgetCertificateDataList; - -typedef std::list FingerPrintList; - -typedef std::list CertificateChainList; -class IWacSecurity { - public: - virtual ~IWacSecurity() {} - virtual const WidgetCertificateDataList& getCertificateList() const = 0; - virtual bool isRecognized() const = 0; - virtual bool isDistributorSigned() const = 0; - virtual bool isWacSigned() const = 0; - virtual void getCertificateChainList(CertificateChainList& list) const = 0; -}; - -} //namespace AceDB - -#endif /* ACE_SRC_CONFIGURATION_COMMON_DAO_TYPES_H_ */ diff --git a/ace/include/ace-dao-rw/AceDAO.h b/ace/include/ace-dao-rw/AceDAO.h deleted file mode 100644 index 5a01cfe..0000000 --- a/ace/include/ace-dao-rw/AceDAO.h +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file AceDAO.h - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef ACEDAO_H_ -#define ACEDAO_H_ - -#include -#include -#include - -#include -#include -#include -#include -#include - -namespace AceDB { -/* - * - */ -class AceDAO : public AceDAOReadOnly -{ - public: - - AceDAO() {} - - // Policy Decisions - static void setPolicyResult( - const BaseAttributeSet &attributes, - const ExtendedPolicyResult &policyResult); - - static void removePolicyResult( - const BaseAttributeSet &attributes); - - // PromptDecision - static void setPromptDecision( - WidgetHandle widgetHandle, - int ruleId, - const DPL::OptionalString &session, - PromptDecision decision); - - static void clearPromptDecisions(void); - - // reseting database - static void clearWidgetDevCapSettings(void); - static void clearDevCapSettings(void); - static void clearAllSettings(void); - static void resetDatabase(void); - // clears all databse information relevant to policy cache - static void clearPolicyCache(void); - - // resource settings - static void setDevCapSetting(const std::string &resource, - PreferenceTypes preference); - static void removeDevCapSetting(const std::string &resource); - - // user settings - static void setWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler, - PreferenceTypes); - static void removeWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler); - - // resource and subject management - static int addResource(const std::string &request); - - // utilities - static void addAttributes(const BaseAttributeSet &attributes); - - // Setter for device capabilities that are requested in widgets config. - // - // Additional boolean flag means whether widget will always get - // (at launch) the SMACK permissions needed to use the device cap). - // - // 'permissions' is the map of device cap names and smack status for - // given widget handle. - static void setRequestedDevCaps( - WidgetHandle widgetHandle, - const RequestedDevCapsMap &permissions); - - static void setAcceptedFeature( - WidgetHandle widgetHandle, - const FeatureNameVector &vector); - - static void removeAcceptedFeature(WidgetHandle widgetHandle); - - static void registerWidgetInfo(WidgetHandle handle, - const WidgetRegisterInfo& info, - const WidgetCertificateDataList& dataList); - static void unregisterWidgetInfo(WidgetHandle handle); - -}; -} -#endif /* ACEDAO_H_ */ diff --git a/ace/include/ace/AbstractPolicyEnforcementPoint.h b/ace/include/ace/AbstractPolicyEnforcementPoint.h deleted file mode 100644 index ede3792..0000000 --- a/ace/include/ace/AbstractPolicyEnforcementPoint.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H -#define WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H - -#include -#include -#include - -class AbstractPolicyEnforcementPoint -{ - public: - typedef DPL::Event::ICDelegate ResponseReceiver; - virtual ExtendedPolicyResult check(Request &request) = 0; -}; - -#endif /* WRT_SRC_ACCESS_CONTROL_LOGIC_ABSTRACT_POLICY_ENFORCEMENT_POINTS_H */ diff --git a/ace/include/ace/AbstractPolicyInformationPoint.h b/ace/include/ace/AbstractPolicyInformationPoint.h deleted file mode 100644 index e8d95ed..0000000 --- a/ace/include/ace/AbstractPolicyInformationPoint.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -class AbstractPolicyInformationPoint -{ - public: - virtual ~AbstractPolicyInformationPoint() {} -}; diff --git a/ace/include/ace/AbstractTreeElement.h b/ace/include/ace/AbstractTreeElement.h deleted file mode 100644 index ffe2e89..0000000 --- a/ace/include/ace/AbstractTreeElement.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : AbstractTreeElement.h -// @ Date : 2009-05-25 -// @ Author : Samsung -// -// -#if !defined(_ABSTRACTTREEELEMENT_H) -#define _ABSTRACTTREEELEMENT_H - -#include -#include "Effect.h" -#include - -class AbstractTreeElement -{ - public: - - virtual ~AbstractTreeElement() - { - } - - virtual void printData() = 0; - protected: -}; - -#endif //_ABSTRACTTREEELEMENT_H diff --git a/ace/include/ace/AsyncVerdictResultListener.h b/ace/include/ace/AsyncVerdictResultListener.h deleted file mode 100644 index 47ef573..0000000 --- a/ace/include/ace/AsyncVerdictResultListener.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _ASYNCVERDICT_H -#define _ASYNCVERDICT_H - -#include -#include -#include - -class AsyncVerdictResultListener -{ - public: - virtual void onVerdict(const Verdict &verdict, - const Request *request) = 0; - virtual ~AsyncVerdictResultListener() - { - } -}; - -#endif diff --git a/ace/include/ace/Attribute.h b/ace/include/ace/Attribute.h deleted file mode 100644 index e1a62b4..0000000 --- a/ace/include/ace/Attribute.h +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Attribute.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_ATTRIBUTE_H) -#define _ATTRIBUTE_H - -#include -#include -#include -#include - -#include - -class Attribute : public AceDB::BaseAttribute -{ - public: - /** - * Types of match functions - */ - enum class Match { Equal, Glob, Regexp, Error }; - /** - * Types of attribute value modifiers - */ - enum class Modifier { Non, Scheme, Authority, SchemeAuthority, Host, Path }; - /** - * Possible match results - */ - enum class MatchResult { MRUndetermined = -1, MRFalse = 0, MRTrue = 1}; - - public: - - /** - * New attribute constructor - * @param name name of the new attribute - * @param matchFunction match function used in the attribute - * @param type attribute type - */ - Attribute(const std::string *name, - const Match matchFunction, - const Type type); - - - /** - * Constructor used to create default attribute ( used for unit tests ) - * @param nm name of the default attribute - */ - Attribute(const std::string& nm) : - matchFunction(Match::Error), - modifierFunction(Modifier::Non) - { - m_name = nm; - m_typeId = Type::Subject; - m_undetermindState = false; - } - - /** - * Destructor - */ - virtual ~Attribute(); - - std::list * getValue() const - { - return AceDB::BaseAttribute::getValue(); - } - Match getMatchFunction() const - { - return matchFunction; - } - - /* --- Setters --- */ - void addValue (const std::string *value); - - MatchResult matchAttributes(const BaseAttribute *) const; - - /** - * Operator used in for attribute set,used to distinguished only attribute names - * It cannot take attribute type into consideration - */ - bool operator< (const Attribute & obj) const - { - int result = this->m_name.compare(*obj.getName()); - if (result == 0) { //If names are equal check attribute types - if (this->m_typeId < obj.getType()) { - result = -1; - } else if (this->m_typeId > obj.getType()) { - result = 1; - } - } - //If result is negative that means that 'this' was '<' than obj - return result < 0; - } - - /** Checks if object type is equal to argument */ - bool instanceOf(Type type_) - { - return type_ == m_typeId; - } - - friend std::ostream & operator<<(std::ostream & out, - const Attribute & attr); - - protected: - - bool searchAndCut(const char *); - - /* - * URI definition from rfc2396 - * - * ://? - * Each of the components may be absent, apart from the scheme. - * Host is a part of authority as in definition below: - * - * authority = server | reg_name - * server = [ [ userinfo "@" ] hostport ] - * @: - * - * Extract from rfc2396 - * The authority component is preceded by a double slash "//" and is - * terminated by the next slash "/", question-mark "?", or by the end of - * the URI. Within the authority component, the characters ";", ":", - * "@", "?", and "/" are reserved. - * - * Modifiers should return pointer to empty string if given part of string was empty. - * Modifiers should return NULL if the string to be modified was not an URI. - */ - std::string * uriScheme(const std::string *) const; - std::string * uriAuthority(const std::string *) const; - std::string * uriSchemeAuthority(const std::string *) const; - std::string * uriHost(const std::string *) const; - std::string * uriPath(const std::string *) const; - std::string * applyModifierFunction(const std::string * val) const; - - bool parse(const std::string *input, - std::string *part) const; - bool find_error(const std::string *part) const; - - bool checkScheme(const std::string *scheme) const; - bool checkAuthority(const std::string *scheme) const; - std::string * getHost(const std::string *scheme) const; - bool checkPath(const std::string *scheme) const; - - bool isSchemeAllowedCharacter(int c) const; - bool isSegmentAllowedCharacter(int c) const; - bool isUserInfoAllowedString(const std::string *str) const; - bool isHostAllowedString(const std::string *str) const; - bool isHostNameAllowedString(const std::string * str) const; - bool isIPv4AllowedString(const std::string * str) const; - bool isDomainLabelAllowedString(const char * data, - int lenght) const; - bool isTopLabelAllowedString(const char* data, - int lenght) const; - - bool isUnreserved(int c) const; - bool isAlphanum(int c) const; - bool isEscaped(const char esc[3]) const; - bool isHex(int c) const; - - MatchResult lists_comparator( - const std::list *first, - const std::list *second, - MatchResult (*comparator)(const std::string *, - const std::string *)) const; - - /** - * Map used to check if character is a 'mark' - */ - static const bool mark[256]; - /** - * Map used to check if character is a 'digit' - * - */ - static const bool digit[256]; - /** - * Map used to check if character is an 'alphanumeric' value - * - */ - static const bool alpha[256]; - - protected: - Match matchFunction; - Modifier modifierFunction; -}; - -typedef AceDB::BaseAttributeSet AttributeSet; - -//TODO remove later or ifdef debug methods -void printAttributes(const AttributeSet& attrs); -void printAttributes(const std::list & attrs); - -#endif //_ATTRIBUTE_H diff --git a/ace/include/ace/Combiner.h b/ace/include/ace/Combiner.h deleted file mode 100644 index 784dcea..0000000 --- a/ace/include/ace/Combiner.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Combiner.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_COMBINER_H) -#define _COMBINER_H - -#include - -#include -#include - -class Combiner -{ - protected: - - const AttributeSet * attrSet; - - public: - - virtual ExtendedEffect combineRules(const TreeNode * rule) = 0; - virtual ExtendedEffect combinePolicies(const TreeNode * policy) = 0; - - const AttributeSet * getAttributeSet() const - { - return this->attrSet; - } - void setAttributeSet(const AttributeSet * attrSet) - { - this->attrSet = attrSet; - } - virtual ~Combiner() - { - } //attrSet is deleted elsewhere -}; - -#endif //_COMBINER_H diff --git a/ace/include/ace/CombinerImpl.h b/ace/include/ace/CombinerImpl.h deleted file mode 100644 index d7c2e21..0000000 --- a/ace/include/ace/CombinerImpl.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : CombinerImpl.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _COMBINER_IMPL_H -#define _COMBINER_IMPL_H - -#include -#include - -#include "Combiner.h" -#include "Effect.h" -#include "Policy.h" -#include "Subject.h" - -class CombinerImpl : public Combiner -{ - public: - - virtual ExtendedEffect combineRules(const TreeNode * rule); - virtual ExtendedEffect combinePolicies(const TreeNode * policy); - - virtual ~CombinerImpl() - { - } - - protected: - - bool checkIfTargetMatches(const std::list * subjectsSet, - bool &isUndetermined); - - ExtendedEffect combine(Policy::CombineAlgorithm algorithm, - ExtendedEffectList &effects); - - ExtendedEffect denyOverrides(const ExtendedEffectList &effects); - ExtendedEffect permitOverrides(const ExtendedEffectList &effects); - ExtendedEffect firstApplicable(const ExtendedEffectList &effects); - ExtendedEffect firstMatchingTarget(const ExtendedEffectList &effects); - - std::list * convertEffectsToInts(const std::list * effects); - Effect convertIntToEffect(int intEffect); - - void showEffectList(ExtendedEffectList & effects) - { - ExtendedEffectList::iterator it = effects.begin(); - for (; it != effects.end(); ++it) { - LogDebug(toString(*it)); - } - } - - private: - bool isError(const ExtendedEffectList &effects); -}; - -#endif //_COMBINERIMPL_H diff --git a/ace/include/ace/Condition.h b/ace/include/ace/Condition.h deleted file mode 100644 index 918c1fe..0000000 --- a/ace/include/ace/Condition.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// File: Condition.h -// Author: notroot -// -// Created on June 3, 2009, 9:00 AM -// -#ifndef _CONDITION_H -#define _CONDITION_H - -#include -#include -#include -#include - -#include "Attribute.h" -#include "Effect.h" -#include "TreeNode.h" - -class Condition -{ - public: - enum CombineType - { - AND, OR - }; - - void addCondition(const Condition & condition) - { - this->conditions.push_back(condition); - } - - void addAttribute(const Attribute & attribute) - { - this->attributes.push_back(attribute); - } - - void setCombineType(CombineType type) - { - this->combineType = type; - } - - Condition() : combineType(AND), - parent(NULL) - { - } - - Condition(CombineType type) : combineType(type), - parent(NULL) - { - } - - virtual ~Condition() - { - } - - Condition * getParent() - { - return this->parent; - } - - void setParent(Condition * condition) - { - this->parent = condition; - } - - Attribute::MatchResult evaluateCondition( - const AttributeSet * attrSet) const; - - friend std::ostream & operator<<(std::ostream & out, - Condition & condition) - { - FOREACH (it, condition.attributes) - { - out << *it; - } - return out; - } - //[CR] change function name - void getAttributes(AttributeSet * attrSet); - - private: - Attribute::MatchResult evaluateChildConditions( - const AttributeSet * attrSet, - bool &isFinalMatch, - bool & undefinedMatchFound) const; - - Attribute::MatchResult evaluateAttributes( - const AttributeSet * attrSet, - bool& isFinalMatch, - bool & undefinedMatchFound) const; - - // KW Attribute::MatchResult performANDalgorithm(const std::set * attributes) const; - - // KW Attribute::MatchResult performORalgorithm(const std::set * attributes) const; - - bool isEmpty() const - { - return attributes.empty() && conditions.empty(); - } - - bool isAndCondition() const - { - return combineType == AND; - } - - bool isOrCondition() const - { - return combineType == OR; - } - - std::list conditions; - CombineType combineType; - std::list attributes; - Condition *parent; -}; - -#endif /* _CONDITION_H */ - diff --git a/ace/include/ace/ConfigurationManager.h b/ace/include/ace/ConfigurationManager.h deleted file mode 100644 index e15d343..0000000 --- a/ace/include/ace/ConfigurationManager.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _CONFIGURATIONMANAGER_H_ -#define _CONFIGURATIONMANAGER_H_ - -#include -#include -#include -#include "Constants.h" -#include -#include - -enum class PolicyType { - WAC2_0, - Tizen -}; - -#define POLICY_NAME_WAC2_0 "WAC2.0" -#define POLICY_NAME_TIZEN "Tizen" -#define POLICY_WIDGET_TYPE_ATTRIBUTE_NAME "WrtSecurity.WidgetPolicyType" - -#pragma message "ATTR_ACTIVE_POLICY BAD_CAST, PARSER_ERROR, PARSER_SUCCESS\ - macros are DEPRECATED" -#define ATTR_ACTIVE_POLICY BAD_CAST("active") // !! DEPRECATED !! -#define PARSER_ERROR 1 // !! DEPRECATED !! -#define PARSER_SUCCESS 0 // !! DEPRECATED !! - -class ConfigurationManager -{ - public: - // !! DEPRECATED !! - enum ConfigurationManagerResult - { - CM_OPERATION_SUCCESS = 0, - CM_GENERAL_ERROR = -1, - CM_FILE_EXISTS = -2, - CM_REMOVE_ERROR = -3, - CM_REMOVE_CURRENT = -4, - CM_REMOVE_NOT_EXISTING = -5 - }; - - // !! DEPRECATED !! - std::string getCurrentPolicyFile(void) const; - std::string getFullPathToCurrentPolicyFile(void) const; - std::string getFullPathToCurrentPolicyXMLSchema(void) const; - int addPolicyFile(const std::string & filePath); - int removePolicyFile(const std::string& fileName); - int changeCurrentPolicyFile(const std::string& filePath); - std::string extractFilename(const std::string& path) const; - - /** - * ACE policy file path getter - * @return Full path to policy file - */ - std::string getFullPathToPolicyFile(PolicyType policy) const; - - /** - * ACE policy dtd file path getter - * @return Full path to ACE current policy file - */ - std::string getFullPathToPolicyXMLSchema(void) const; - - /** - * ACE policy storage path getter - * @return Full path to ACE policy file storage - */ - std::string getStoragePath(void) const; - - /** - * Method to obtain instance of configuration manager - * @return retuns pointer to configuration manager or NULL in case of error - */ - static ConfigurationManager * getInstance() - { - if (!instance) { - instance = new ConfigurationManager(); - } - return instance; - } - - protected: - - // !! DEPRECATED !! - int parse(const std::string&); - bool copyFile(FILE*, FILE*, int lenght = 1024) const; - bool checkIfFileExistst(const std::string&) const; - const std::list & getPolicyFiles() const; - const std::string & getConfigFile() const; - - ConfigurationManager() - { - } - virtual ~ConfigurationManager() - { - } - -private: - - static ConfigurationManager * instance; -}; - -#endif - diff --git a/ace/include/ace/Constants.h b/ace/include/ace/Constants.h deleted file mode 100644 index ec9d9f0..0000000 --- a/ace/include/ace/Constants.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file Constants.h - * @author Piotr Fatyga (p.fatyga@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef _CONSTANTS_H -#define _CONSTANTS_H - -#define ACE_MAIN_STORAGE "/usr/etc/ace" -#define ACE_WAC_POLICY_FILE_NAME "/WAC2.0Policy.xml" -#define ACE_TIZEN_POLICY_FILE_NAME "/TizenPolicy.xml" -#define ACE_DTD_LOCATION ACE_MAIN_STORAGE "/bondixml.dtd" - -// !! DEPRECATED !! -#pragma message "ACE_CONFIGURATION_PATH, ACE_CONFIGURATION_DTD \ - macros are DEPRECATED" -#define ACE_CONFIGURATION_PATH ACE_MAIN_STORAGE "/config.xml" -#define ACE_CONFIGURATION_DTD ACE_MAIN_STORAGE "/config.dtd" - -/////////////////FOR GUI////////////////////// - -#define MYSTERIOUS_BITMAP "/usr/apps/org.tizen.policy/d.png" -#define MYSTERIOUS_BITMAP2 "/usr/apps/org.tizen.policy/file.png" - -///////////////////FOR TESTS////////////////////////// - -#define COMBINER_TEST "/usr/etc/ace/CMTest/com_general-test.xml" -#define CONFIGURATION_MGR_TEST_PATH "/usr/etc/ace/CMTest/" -#define CONFIGURATION_MGR_TEST_CONFIG ACE_MAIN_STORAGE "/CMTest/pms_config.xml" -#define CONFIGURATION_MGR_TEST_POLICY_STORAGE ACE_MAIN_STORAGE "/CMTest/active" -#define CONFIGURATION_MGR_TEST_POLICY_STORAGE_MOVED ACE_MAIN_STORAGE \ - "/CMTest/activeMoved" -#define CONFIGURATION_MGR_TEST_POLICY CONFIGURATION_MGR_TEST_POLICY_STORAGE \ - "/pms_general-test.xml" -#define POLICIES_TO_SIGN_DIR ACE_MAIN_STORAGE "/SignerTests/" - -#define OUTPUT_DIR ACE_MAIN_STORAGE "/SignerTests/signedPolicies/" -#define PRIVATE_KEY_DIR ACE_MAIN_STORAGE "/SignerTests/PrvKey/" -#define X509_DATA_BASE_DIR ACE_MAIN_STORAGE "/SignerTests/X509Data/" - -#endif /* _CONSTANTS_H */ - diff --git a/ace/include/ace/Effect.h b/ace/include/ace/Effect.h deleted file mode 100644 index c771c15..0000000 --- a/ace/include/ace/Effect.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Effect.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _EFFECT_H_ -#define _EFFECT_H_ - -#include - -typedef int RuleId; - -enum Effect -{ - Deny =0, - Undetermined=1, // jk mb added this enum, so the ones below are inceremented!!!!!!! - PromptOneShot =2, - PromptSession =3, - PromptBlanket =4, - Permit =5, - Inapplicable =6, - NotMatchingTarget=7, - Error=8, -}; - -struct ExtendedEffect { -public: - ExtendedEffect(Effect effect = Error, RuleId ruleId = -1) - : m_effect(effect) - , m_ruleId(ruleId) - {} - - ExtendedEffect(const ExtendedEffect &second) - : m_effect(second.m_effect) - , m_ruleId(second.m_ruleId) - {} - - ExtendedEffect& operator=(const ExtendedEffect &second) { - m_effect = second.m_effect; - m_ruleId = second.m_ruleId; - return *this; - } - - Effect getEffect() const { return m_effect; } - - RuleId getRuleId() const { return m_ruleId; } - -private: - Effect m_effect; - RuleId m_ruleId; -}; - -typedef std::list ExtendedEffectList; - -inline const char *toString(const ExtendedEffect &effect) -{ - const char * temp = ""; - - switch (effect.getEffect()) { - case Deny: - temp = "Deny"; - break; - case Undetermined: - temp = "Undetermined"; - break; - case PromptOneShot: - temp = "PromptOneShot"; - break; - case PromptSession: - temp = "PromptSession"; - break; - case PromptBlanket: - temp = "PromptBlanket"; - break; - case Permit: - temp = "Permit"; - break; - case Inapplicable: - temp = "Inapplicable"; - break; - case NotMatchingTarget: - temp = "NotMatchingTarget"; - break; - case Error: - temp = "Error"; - break; - default:; - } - return temp; -} - -#endif //_EFFECT_H_ diff --git a/ace/include/ace/PermissionTriple.h b/ace/include/ace/PermissionTriple.h deleted file mode 100644 index fcb7e47..0000000 --- a/ace/include/ace/PermissionTriple.h +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : PermissionTriple.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_PERMISSION_TRIPLE_H) -#define _PERMISSION_TRIPLE_H - -#include -#include -#include -#include - -typedef AceDB::BasePermission PermissionTriple; -typedef AceDB::BasePermissionList PermissionList; - -struct GeneralSetting -{ - GeneralSetting(const std::string& resourceName, - AceDB::PreferenceTypes accessAllowed) : generalSettingName(resourceName), - access(accessAllowed) - { - } - std::string generalSettingName; - AceDB::PreferenceTypes access; -}; - -#endif //_PERMISSION_TRIPLE_H diff --git a/ace/include/ace/Policy.h b/ace/include/ace/Policy.h deleted file mode 100644 index 2c43bd5..0000000 --- a/ace/include/ace/Policy.h +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Policy.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_POLICY_H) -#define _POLICY_H - -#include - -#include -#include -#include -#include -#include -#include - -class Policy : public AbstractTreeElement, - DPL::Noncopyable -{ - public: - enum CombineAlgorithm { DenyOverride, PermitOverride, FirstApplicable, - FirstTargetMatching }; - - Policy() - { - combineAlgorithm = DenyOverride; - subjects = new std::list(); - } - - CombineAlgorithm getCombineAlgorithm() const - { - return this->combineAlgorithm; - } - - void setCombineAlgorithm(CombineAlgorithm algorithm) - { - this->combineAlgorithm = algorithm; - } - - const std::list * getSubjects() const - { - return this->subjects; - } - - void addSubject(const Subject * subject) - { - if (this->subjects == NULL) { - return; - } - this->subjects->push_back(subject); - } - - virtual ~Policy(); - - void printData(); - - std::string printCombineAlgorithm(CombineAlgorithm algorithm); - - private: - std::list *subjects; - CombineAlgorithm combineAlgorithm; -}; - -const char * toString(Policy::CombineAlgorithm algorithm); - -#endif //_POLICY_H diff --git a/ace/include/ace/PolicyEffect.h b/ace/include/ace/PolicyEffect.h deleted file mode 100644 index 43c79d7..0000000 --- a/ace/include/ace/PolicyEffect.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file PolicyEffect.h - * @author B.Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief This file contains the declaration of PolicyEffect type. - */ -#ifndef _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_ -#define _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_ - -enum class PolicyEffect { - DENY = 0, - PERMIT, - PROMPT_ONESHOT, - PROMPT_SESSION, - PROMPT_BLANKET -}; - -inline static std::ostream & operator<<(std::ostream& stream, - PolicyEffect effect) -{ - switch (effect) { - case PolicyEffect::DENY: stream << "DENY"; break; - case PolicyEffect::PERMIT: stream << "PERMIT"; break; - case PolicyEffect::PROMPT_ONESHOT: stream << "PROMPT_ONESHOT"; break; - case PolicyEffect::PROMPT_SESSION: stream << "PROMPT_SESSION"; break; - case PolicyEffect::PROMPT_BLANKET: stream << "PROMPT_BLANKET"; break; - default: Assert(false && "Invalid PolicyEffect constant"); - } - return stream; -} - -#endif // _SRC_ACCESS_CONTROL_COMMON_POLICY_EFFECT_H_ diff --git a/ace/include/ace/PolicyEnforcementPoint.h b/ace/include/ace/PolicyEnforcementPoint.h deleted file mode 100644 index 902587a..0000000 --- a/ace/include/ace/PolicyEnforcementPoint.h +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * This class simply redirects the access requests to access control engine. - * The aim is to hide access control engine specific details from WRT modules. - * It also implements WRT_INTERFACE.h interfaces, so that ACE could access - * WRT specific and other information during the decision making. - * - * @file security_logic.h - * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com) - * @author Ming Jin(ming79.jin@samsung.com) - * @brief Implementation file for security logic - */ -#ifndef POLICY_ENFORCEMENT_POINT_H -#define POLICY_ENFORCEMENT_POINT_H - -#include -#include -#include - -//#include -//#include -//#include - -//#include -#include -#include - -#include -#include - -// Forwards -class IWebRuntime; -class IResourceInformation; -class IOperationSystem; -class PolicyEvaluator; -class PolicyInformationPoint; -class Request; - -class PolicyEnforcementPoint : public AbstractPolicyEnforcementPoint -{ - public: - OptionalExtendedPolicyResult checkFromCache(Request &request); - ExtendedPolicyResult check(Request &request); - OptionalExtendedPolicyResult check(Request &request, - bool fromCacheOnly); - - virtual ~PolicyEnforcementPoint(); - - class PEPException - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, AlreadyInitialized) - }; - - /** - * This function take ownership of objects pass in call. - * Object will be deleted after call Deinitialize function. - */ - void initialize(IWebRuntime *wrt, - IResourceInformation *resource, - IOperationSystem *operation); - void terminate(); - - void updatePolicy(const std::string &policy); - void updatePolicy(); - - PolicyEvaluator *getPdp() const { return this->m_pdp; } - PolicyInformationPoint *getPip() const { return this->m_pip; } - - protected: - PolicyEnforcementPoint(); - friend class SecurityLogic; - private: // private data - IWebRuntime *m_wrt; - IResourceInformation *m_res; - IOperationSystem *m_sys; - PolicyEvaluator *m_pdp; - PolicyInformationPoint *m_pip; -}; - -#endif // POLICY_ENFORCEMENT_POINT_H diff --git a/ace/include/ace/PolicyEvaluator.h b/ace/include/ace/PolicyEvaluator.h deleted file mode 100644 index e9c9285..0000000 --- a/ace/include/ace/PolicyEvaluator.h +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : PolicyEvaluator.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _POLICY_EVALUATOR_H -#define _POLICY_EVALUATOR_H - -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -class PolicyEvaluator : DPL::Noncopyable -{ - protected: - - /** - * Internal method used to initiate policy evaluation. Called after attribute set has been fetched - * by PIP. - * @param root root of the policies tree to be evaluated - */ - virtual ExtendedEffect evaluatePolicies(const TreeNode * root); - - // !! DEPRECATED !! - enum updateErrors - { - POLICY_PARSING_SUCCESS = 0, - POLICY_FILE_ERROR = 1, - PARSER_CREATION_ERROR, - POLICY_PARSING_ERROR - }; - private: - AttributeSet m_attributeSet; - - TreeNode *m_uniform_policy, *m_wac_policy, *m_tizen_policy; - std::string m_currentPolicyFile; - PolicyType m_policy_to_use; - - Combiner * m_combiner; - AsyncVerdictResultListener * m_verdictListener; - PolicyInformationPoint * m_pip; - - /** - * @return current policy Tree acc. to m_policy_to_use - */ - TreeNode * getCurrentPolicyTree(); - - /** - * Method used to extract attributes from subtree defined by PolicySet - * @param root original TreeStructure root node - * @param newRoot copy of TreeStructure containing only policies that matches current request - * - */ - void extractAttributesFromSubtree(const TreeNode *root); - - /** - * Method used to extract attributes from Tree Structure - * @return pointer to set of attributes needed to evaluate current request - * @return if extraction has been successful - * TODO return reducte tree structure - * TODO change comments - */ - bool extractAttributesFromRules(const TreeNode *); - - /** - * Extracts attributes from target of a given policy that are required to be fetched by PIP - */ - void extractTargetAttributes(const Policy *policy); - bool extractAttributes(TreeNode*); - - OptionalExtendedPolicyResult getPolicyForRequestInternal(bool fromCacheOnly); - PolicyResult effectToPolicyResult(Effect effect); - - /** - * Return safe policy tree in case of error with loading policy from file - */ - TreeNode * getDefaultSafePolicyTree(void); - - public: - PolicyEvaluator(PolicyInformationPoint * pip); - - bool extractAttributesTest() - { - m_attributeSet.clear(); - if (!extractAttributes(m_uniform_policy)) { - LogInfo("Warnign attribute set cannot be extracted. Returning Deny"); - return true; - } - - return extractAttributes(m_uniform_policy); - } - - AttributeSet * getAttributeSet() - { - return &m_attributeSet; - } - - virtual bool initPDP(); - virtual ~PolicyEvaluator(); - virtual ExtendedPolicyResult getPolicyForRequest(const Request &request); - virtual OptionalExtendedPolicyResult getPolicyForRequestFromCache( - const Request &request); - virtual OptionalExtendedPolicyResult getPolicyForRequest(const Request &request, - bool fromCacheOnly); - bool fillAttributeWithPolicy(); - - virtual int updatePolicy(const char *); - // This function updates policy from well known locations - virtual void updatePolicy(); - - std::string getCurrentPolicy(); -}; - -#endif //_POLICYEVALUATOR_H diff --git a/ace/include/ace/PolicyEvaluatorFactory.h b/ace/include/ace/PolicyEvaluatorFactory.h deleted file mode 100644 index 73e36a1..0000000 --- a/ace/include/ace/PolicyEvaluatorFactory.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file AbstractObjectFactory.h - * @author Piotr Fatyga (p.fatyga@samsung.com) - * @version 0.1 - * @brief - */ - -#ifndef _ABSTRACTOBJECTFACTORY_H -#define _ABSTRACTOBJECTFACTORY_H - -#include - -class AbstractPolicyEvaluatorFactory -{ - public: - virtual PolicyEvaluator * createPolicyEvaluator(PolicyInformationPoint *pip) - const = 0; -}; - -class PolicyEvaluatorFactory : public AbstractPolicyEvaluatorFactory -{ - public: - PolicyEvaluator * createPolicyEvaluator(PolicyInformationPoint *pip) const - { - return new PolicyEvaluator(pip); - } -}; - -#endif /* _ABSTRACTOBJECTFACTORY_H */ - diff --git a/ace/include/ace/PolicyInformationPoint.h b/ace/include/ace/PolicyInformationPoint.h deleted file mode 100644 index ccb9763..0000000 --- a/ace/include/ace/PolicyInformationPoint.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : PolicyInformationPoint.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _POLICY_INFORMATION_POINT_H -#define _POLICY_INFORMATION_POINT_H - -#include - -#include -#include -#include -#include -#include - -typedef int PipResponse; - -class PolicyInformationPoint : public DPL::Noncopyable -{ - private: - - /** queries for interfaces*/ - std::list resourceAttributesQuery; - std::list environmentAttributesQuery; - std::list subjectAttributesQuery; - std::list functionParamAttributesQuery; - std::list widgetParamAttributesQuery; - - /** create queries */ - void createQueries(AttributeSet* attributes); - - IWebRuntime* wrtInterface; - IResourceInformation* resourceInformation; - IOperationSystem* operationSystem; - - public: - static const int ERROR_SHIFT_RESOURCE = 3; - static const int ERROR_SHIFT_OS = 6; - static const int ERROR_SHIFT_FP = 9; - - /** Mask used to identify PIP error */ - enum ResponseTypeMask - { - SUCCESS = 0, - /* WebRuntime Error */ - WRT_UNKNOWN_SUBJECT = 1 << 0, - WRT_UNKNOWN_ATTRIBUTE = 1 << 1, - WRT_INTERNAL_ERROR = 1 << 2, - /* Resource Information Storage Error */ - RIS_UNKNOWN_RESOURCE = 1 << 3, - RIS_UNKNOWN_ATTRIBUTE = 1 << 4, - RIS_INTERNAL_ERROR = 1 << 5, - /*Operating system */ - OS_UNKNOWN_ATTRIBUTE = 1 << 6, - OS_INTERNAL_ERROR = 1 << 7 - }; - - //TODO add checking values of attributes - /** gather attributes values from adequate interfaces */ - virtual PipResponse getAttributesValues(const Request* request, - AttributeSet* attributes); - virtual ~PolicyInformationPoint(); - PolicyInformationPoint(IWebRuntime *wrt, - IResourceInformation *resource, - IOperationSystem *system); - virtual void update(IWebRuntime *wrt, - IResourceInformation *resource, - IOperationSystem *system) - { - wrtInterface = wrt; - resourceInformation = resource; - operationSystem = system; - } - IWebRuntime * getWebRuntime() - { - return wrtInterface; - } -}; - -#endif //_POLICY_INFORMATION_POINT_H diff --git a/ace/include/ace/PolicyResult.h b/ace/include/ace/PolicyResult.h deleted file mode 100644 index f59fe80..0000000 --- a/ace/include/ace/PolicyResult.h +++ /dev/null @@ -1,259 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_ -#define _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_ - -#include -#include -#include - -#include - -typedef DPL::Optional OptionalPolicyEffect; - -class PolicyDecision -{ -public: - enum Value { NOT_APPLICABLE = -1 }; - - PolicyDecision(PolicyEffect effect) - : m_isPolicyEffect(true) - , m_effect(effect) - {} - - PolicyDecision(const PolicyDecision &decision) - : m_isPolicyEffect(decision.m_isPolicyEffect) - , m_effect(decision.m_effect) - {} - - PolicyDecision(Value) - : m_isPolicyEffect(false) - {} - - bool operator==(const PolicyDecision &decision) const { - return (m_isPolicyEffect - && decision.m_isPolicyEffect - && m_effect == decision.m_effect) - || (!m_isPolicyEffect && !decision.m_isPolicyEffect); - } - - bool operator==(Value) const { - return !m_isPolicyEffect; - } - - bool operator!=(const PolicyDecision &decision) const { - return !(*this == decision); - } - - bool operator!=(Value value) const { - return !(*this == value); - } - - OptionalPolicyEffect getEffect() const - { - if (!m_isPolicyEffect) { - return OptionalPolicyEffect(); - } - return OptionalPolicyEffect(m_effect); - } - - std::ostream & toStream(std::ostream& stream) { - if (m_isPolicyEffect) - stream << m_effect; - else - stream << "NOT-APPLICABLE"; - return stream; - } - -private: - bool m_isPolicyEffect; - PolicyEffect m_effect; -}; - -inline static bool operator==(PolicyEffect e, const PolicyDecision &d) { - return d.operator==(e); -} - -inline static bool operator!=(PolicyEffect e, const PolicyDecision &d) { - return !(e == d); -} - -inline static std::ostream & operator<<(std::ostream& stream, - PolicyDecision decision) -{ - return decision.toStream(stream); -} - -class PolicyResult { -public: - enum Value { UNDETERMINED = -2 }; - - // This constructor is required by dpl controller and by dpl optional - PolicyResult() - : m_isDecision(false) - , m_decision(PolicyDecision::Value::NOT_APPLICABLE) // don't care - {} - - PolicyResult(PolicyEffect effect) - : m_isDecision(true) - , m_decision(effect) - {} - - PolicyResult(const PolicyDecision &decision) - : m_isDecision(true) - , m_decision(decision) - {} - - PolicyResult(const PolicyResult &result) - : m_isDecision(result.m_isDecision) - , m_decision(result.m_decision) - {} - - PolicyResult(PolicyDecision::Value value) - : m_isDecision(true) - , m_decision(value) - {} - - PolicyResult(Value) - : m_isDecision(false) - , m_decision(PolicyDecision::Value::NOT_APPLICABLE) // don't care - {} - - bool operator==(const PolicyResult &result) const { - return (m_isDecision - && result.m_isDecision - && m_decision == result.m_decision) - || (!m_isDecision && !result.m_isDecision); - } - - bool operator==(Value) const { - return !m_isDecision; - } - - bool operator!=(const PolicyResult &result) const { - return !(*this == result); - } - - bool operator!=(Value value) const { - return !(*this == value); - } - - OptionalPolicyEffect getEffect() const - { - if (!m_isDecision) { - return OptionalPolicyEffect(); - } - return m_decision.getEffect(); - } - - static int serialize(const PolicyResult &policyResult) - { - if (!policyResult.m_isDecision) { - return BD_UNDETERMINED; - } else if (policyResult.m_decision == - PolicyDecision::Value::NOT_APPLICABLE) - { - return BD_NOT_APPLICABLE; - } else if (policyResult.m_decision == PolicyEffect::PROMPT_BLANKET) { - return BD_PROMPT_BLANKET; - } else if (policyResult.m_decision == PolicyEffect::PROMPT_SESSION) { - return BD_PROMPT_SESSION; - } else if (policyResult.m_decision == PolicyEffect::PROMPT_ONESHOT) { - return BD_PROMPT_ONESHOT; - } else if (policyResult.m_decision == PolicyEffect::PERMIT) { - return BD_PERMIT; - } else if (policyResult.m_decision == PolicyEffect::DENY) { - return BD_DENY; - } - Assert(false && "Unknown value of policyResult."); - } - - static PolicyResult deserialize(int dec){ - switch (dec) { - case BD_DENY: - return PolicyEffect::DENY; - case BD_PERMIT: - return PolicyEffect::PERMIT; - case BD_PROMPT_ONESHOT: - return PolicyEffect::PROMPT_ONESHOT; - case BD_PROMPT_SESSION: - return PolicyEffect::PROMPT_SESSION; - case BD_PROMPT_BLANKET: - return PolicyEffect::PROMPT_BLANKET; - case BD_NOT_APPLICABLE: - return PolicyDecision::Value::NOT_APPLICABLE; - case BD_UNDETERMINED: - return Value::UNDETERMINED; - } - Assert(false && "Broken database"); - } - - std::ostream & toStream(std::ostream& stream) { - if (m_isDecision) - stream << m_decision; - else - stream << "UNDETERMINED"; - return stream; - } - -private: - static const int BD_UNDETERMINED = 6; - static const int BD_NOT_APPLICABLE = 5; - static const int BD_PROMPT_BLANKET = 4; - static const int BD_PROMPT_SESSION = 3; - static const int BD_PROMPT_ONESHOT = 2; - static const int BD_PERMIT = 1; - static const int BD_DENY = 0; - - bool m_isDecision; - PolicyDecision m_decision; -}; - -inline static bool operator==(const PolicyDecision &d, const PolicyResult &r) { - return r == d; -} - -inline static bool operator!=(const PolicyDecision &d, const PolicyResult &r) { - return !(d == r); -} - -inline static bool operator==(const PolicyEffect &e, const PolicyResult &r) { - return e == r; -} - -inline static bool operator!=(const PolicyEffect &e, const PolicyResult &r) { - return !(e == r); -} - -inline static std::ostream & operator<<(std::ostream& stream, - PolicyResult result) -{ - return result.toStream(stream); -} - -struct ExtendedPolicyResult { - ExtendedPolicyResult(const PolicyResult pr = PolicyEffect::DENY, int rule = -1) - : policyResult(pr) - , ruleId(rule) - {} - PolicyResult policyResult; - int ruleId; -}; - -typedef DPL::Optional OptionalExtendedPolicyResult; - -#endif // _SRC_ACCESS_CONTROL_COMMON_POLICY_RESULT_H_ diff --git a/ace/include/ace/PolicySet.h b/ace/include/ace/PolicySet.h deleted file mode 100644 index de12394..0000000 --- a/ace/include/ace/PolicySet.h +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : PolicySet.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_POLICYSET_H) -#define _POLICYSET_H - -#include "Policy.h" -#include - -class PolicySet : public Policy -{ - public: - - //TODO Clean this class - //PolicySet(CombineAlgorithm algorithm, std::list * targetAttr,const std::string & subjectId) - // : Policy(algorithm,targetAttr,subjectId) - // {} - PolicySet() - { - } - ~PolicySet() - { - } -}; - -#endif //_POLICYSET_H diff --git a/ace/include/ace/Preference.h b/ace/include/ace/Preference.h deleted file mode 100644 index c37fce8..0000000 --- a/ace/include/ace/Preference.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Preference.h -// @ Date : 2009-05-2 -// @ Author : Samsung -// -// - -#ifndef _Preference_H_ -#define _Preference_H_ - -#include -#include - -#include - -typedef AceDB::PreferenceTypes Preference; -typedef AceDB::PreferenceTypesMap PreferenceMap; - -#endif //_Preference_H - diff --git a/ace/include/ace/PromptDecision.h b/ace/include/ace/PromptDecision.h deleted file mode 100644 index bfe425b..0000000 --- a/ace/include/ace/PromptDecision.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_ -#define _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_ - -#include -#include - -enum class PromptDecision { - ALLOW_ALWAYS, - DENY_ALWAYS, - ALLOW_THIS_TIME, - DENY_THIS_TIME, - ALLOW_FOR_SESSION, - DENY_FOR_SESSION -}; - -typedef DPL::Optional OptionalPromptDecision; - -struct CachedPromptDecision { - PromptDecision decision; - DPL::OptionalString session; -}; - -typedef DPL::Optional OptionalCachedPromptDecision; - -#endif // _SRC_ACCESS_CONTROL_COMMON_PROMPT_DECISION_H_ diff --git a/ace/include/ace/Request.h b/ace/include/ace/Request.h deleted file mode 100644 index 5e5fa9a..0000000 --- a/ace/include/ace/Request.h +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Request.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _REQUEST_H_ -#define _REQUEST_H_ - -#include -#include -#include - -#include -#include - -class Request : public AceDB::IRequest -{ - public: - typedef std::string DeviceCapability; - typedef std::set DeviceCapabilitySet; - - enum ApplicationType { - APP_TYPE_TIZEN, - APP_TYPE_WAC20, - APP_TYPE_UNKNOWN - }; - - Request(WidgetHandle widgetHandle, - WidgetExecutionPhase phase, - IFunctionParam *functionParam = 0) - : m_widgetHandle(widgetHandle) - , m_phase(phase) - , m_functionParam(functionParam) - , m_appType(APP_TYPE_UNKNOWN) - {} - - WidgetHandle getWidgetHandle() const - { - return m_widgetHandle; - } - - WidgetExecutionPhase getExecutionPhase() const - { - return m_phase; - } - - IFunctionParam *getFunctionParam() const - { - return m_functionParam; - } - - void addDeviceCapability(const std::string& device) - { - m_devcapSet.insert(device); - } - - DeviceCapabilitySet getDeviceCapabilitySet() const - { - return m_devcapSet; - } - - void setAppType(ApplicationType appType) - { - m_appType = appType; - } - - ApplicationType getAppType() const - { - return m_appType; - } - - private: - WidgetHandle m_widgetHandle; - WidgetExecutionPhase m_phase; - //! \brief list of function param (only for intercept) - IFunctionParam *m_functionParam; - //! \brief Set of defice capabilities - DeviceCapabilitySet m_devcapSet; - ApplicationType m_appType; -}; - -typedef std::vector Requests; - -#endif //_REQUEST_H_ diff --git a/ace/include/ace/Rule.h b/ace/include/ace/Rule.h deleted file mode 100644 index dc64389..0000000 --- a/ace/include/ace/Rule.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Rule.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#if !defined(_RULE_H) -#define _RULE_H - -#include "Attribute.h" -#include "Effect.h" -#include "Condition.h" -#include - -class Rule : public AbstractTreeElement -{ - public: - - ExtendedEffect evaluateRule(const AttributeSet * attrSet) const; - - Rule() - : effect(Inapplicable) - { - //TODO we should set it to deny or smth, not inapplicable - } - - void setEffect(ExtendedEffect effect) - { - //We should not allow to set "Inapplicable" effect. - //Rules cannot have effect that is inapplicable, evaluation of the rules may however - //render the effect inapplicable. - Assert(effect.getEffect() != Inapplicable); - this->effect = effect; - } - void setCondition(Condition condition) - { - this->condition = condition; - } - void getAttributes(AttributeSet * attrSet) - { - condition.getAttributes(attrSet); - } - - //DEBUG methods - std::string printEffect(const ExtendedEffect &effect) const; - void printData(); - - private: - - ExtendedEffect effect; - Condition condition; -}; - -#endif //_RULE_H diff --git a/ace/include/ace/SettingsLogic.h b/ace/include/ace/SettingsLogic.h deleted file mode 100644 index e0d1fdb..0000000 --- a/ace/include/ace/SettingsLogic.h +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * - * - * @file SettingsLogic.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 0.1 - * @brief Header file for class getting/setting user/global ACE settings - */ - -#ifndef WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_ -#define WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -class SettingsLogic -{ - public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, DatabaseError) - }; - - // global settings - static AceDB::PreferenceTypes findGlobalUserSettings( - const std::string &resource, - WidgetHandle handler); - - static AceDB::PreferenceTypes findGlobalUserSettings( - const Request &request); - - // resource settings - static AceDB::PreferenceTypes getDevCapSetting( - const std::string &request); - static void getDevCapSettings(AceDB::PreferenceTypesMap *preferences); - static void setDevCapSetting(const std::string &resource, - AceDB::PreferenceTypes preference); - static void setAllDevCapSettings( - const std::list > &resourcesList); - static void removeDevCapSetting(const std::string &resource); - static void updateDevCapSetting(const std::string &resource, - AceDB::PreferenceTypes p); - - // user settings - static AceDB::PreferenceTypes getWidgetDevCapSetting( - const std::string &resource, - WidgetHandle handler); - static void getWidgetDevCapSettings(PermissionList *permissions); - static void setWidgetDevCapSetting(const std::string &resource, - WidgetHandle handler, - AceDB::PreferenceTypes preference); - static void setWidgetDevCapSettings(const PermissionList &tripleList); - static void removeWidgetDevCapSetting(const std::string &resource, - WidgetHandle handler); - - private: - SettingsLogic() - { - } - -}; - -#endif /* WRT_SRC_ACCESS_CONTROL_LOGIC_SETTINGS_LOGIC_H_ */ diff --git a/ace/include/ace/Subject.h b/ace/include/ace/Subject.h deleted file mode 100644 index 5176c99..0000000 --- a/ace/include/ace/Subject.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// File: Subject.h -// Author: notroot -// -// Created on June 2, 2009, 8:47 AM -// - -#ifndef _SUBJECT_H -#define _SUBJECT_H - -#include -#include -#include -#include -#include - -#include "Attribute.h" - -class Subject : DPL::Noncopyable -{ - std::string subjectId; - std::list targetAttributes; - - public: - Subject() - {} - - const std::list& getTargetAttributes() const; - - void setSubjectId(const std::string & subjectId) - { - this->subjectId = subjectId; - } - - //TODO maybe we should remove that becuase this causes a memory leak right now!! [CR] maybe thats true, maybe whe can remove this fun - // KW void setTargetAttributes(std::list * targetAttributes){ this->targetAttributes = targetAttributes; } - - const std::string & getSubjectId() const - { - return this->subjectId; - } - - void addNewAttribute(Attribute & attr) - { - this->targetAttributes.push_back(attr); - } - - //TODO in 1.0 change to true/false/undetermined - bool matchSubject(const AttributeSet *attrSet, - bool &isUndetermined) const; - - ~Subject() - {} -}; - -#endif /* _SUBJECT_H */ - diff --git a/ace/include/ace/TestTimer.h b/ace/include/ace/TestTimer.h deleted file mode 100644 index 1f07e61..0000000 --- a/ace/include/ace/TestTimer.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _TEST_TIMER_H -#define _TEST_TIMER_H - -#include - -class TestTimer -{ - time_t startt, endt; - - public: - void start() - { - time(&startt); - } - void stop() - { - time(&endt); - } - double getTime() - { - return difftime(endt, startt); - } -}; - -#endif //_TEST_TIMER_H - diff --git a/ace/include/ace/TreeNode.h b/ace/include/ace/TreeNode.h deleted file mode 100644 index 473c26f..0000000 --- a/ace/include/ace/TreeNode.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : TreeNode.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _TREE_NODE_H -#define _TREE_NODE_H - -#include -#include - -#include - -class TreeNode; - -typedef std::list ChildrenSet; -typedef std::list::iterator ChildrenIterator; -typedef std::list::const_iterator ChildrenConstIterator; - -class TreeNode -{ - public: - //TODO nazwac pozadnie TYPY - moze jakas konwencja ... ??!! - enum TypeID { Policy =0, PolicySet=1, Rule=2}; - - const ChildrenSet & getChildrenSet() const - { - return children; - } - - TreeNode * getParent() const - { - return this->parent; - } - - void setParent(TreeNode *parent) - { - this->parent = parent; - } - - TypeID getTypeID() const - { - return this->typeID; - } - - void addChild(TreeNode *child) - { - child->setParent(this); - children.push_back(child); - } - - /** - * Clone the node - */ - // KW TreeNode * clone() { return new TreeNode(NULL,this->getTypeID(),this->getElement()); } - - TreeNode(TreeNode * parent, - TypeID type, - AbstractTreeElement * element) : - parent(parent), - typeID(type), - element(element) - { - } - - AbstractTreeElement * getElement() const - { - return element; - } - - private: - virtual ~TreeNode(); - - public: - /* - * It is common that we create a copy of tree structure created out of xml file. However we don't want to - * copy abstract elements ( Policies and Rules ) because we need them only for reading. We want to modify the - * tree structure though. Therefore we copy TreeNode. When the copy of the original tree is being destroyed method - * releaseTheSubtree should be called on "root". It automatically traverse the tree and call TreeNode destructors for - * each TreeNode in the tree. It doesn't remove the abstract elements in the tree ( there is always at most one abstract - * element instance, when tree is copied it is a shallow copy. - * When we want to completely get rid of the the tree and abstract elements we have to call releaseResources on tree root. - * We may want to do this for instance when we want to serialize the tree to disc. releaseResource method traverses the tree - * and releses the resources, as well as the TreeNode so NO releaseTheSubtree is required any more - */ - void releaseResources(); - - /** - * Used to delete the copies of tree structure. The original tree structure should be removed with releaseResources method. - * ReleaseTheSubtree method doesn't delete the abstract elements, only TreeNodes. It traverses the whole tree, so it should be - * called on behalf of root of the tree - */ - // KW void releaseTheSubtree(); - - friend std::ostream & operator<<(std::ostream & out, - const TreeNode * node); - // KW void printSubtree(); - - private: - // KW TreeNode(const TreeNode& pattern){ (void)pattern; } - - std::list children; - TreeNode * parent; - //TODO standarize ID case - TypeID typeID; - AbstractTreeElement * element; - static int level; -}; - -#endif //_TREE_NODE_H diff --git a/ace/include/ace/UserDecision.h b/ace/include/ace/UserDecision.h deleted file mode 100644 index 67bdbcf..0000000 --- a/ace/include/ace/UserDecision.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : UserDecision.h -// @ Date : 2009-05-22 -// @ Author : Samsung -// -// - -#ifndef _USERDECISION_H -#define _USERDECISION_H - -#include -#include - -typedef AceDB::ValidityTypes Validity; - -const char * toString(Validity validity); - -#endif //_USERDECISION_H - diff --git a/ace/include/ace/Verdict.h b/ace/include/ace/Verdict.h deleted file mode 100644 index 83d2d79..0000000 --- a/ace/include/ace/Verdict.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : Verdict.h -// @ Date : 2009-05-2 -// @ Author : Samsung -// -// - -#ifndef _VERDICT_H -#define _VERDICT_H - -#include -#include -#include - -typedef AceDB::VerdictTypes Verdict; -//typedef AceDB::TimedVerdict TimedVerdict; - -const char * toString(Verdict verditct); - -#endif //_VERDICT_H - diff --git a/ace/include/ace/WRT_INTERFACE.h b/ace/include/ace/WRT_INTERFACE.h deleted file mode 100644 index ac8ab93..0000000 --- a/ace/include/ace/WRT_INTERFACE.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef _WRT_INERFACE_4_ACE_EXAMPLE_H_ -#define _WRT_INERFACE_4_ACE_EXAMPLE_H_ - -#include -#include -#include - -typedef int WidgetHandle; - -class Request; - -enum WidgetExecutionPhase -{ - WidgetExecutionPhase_Unknown = 0, - WidgetExecutionPhase_WidgetInstall = 1 << 0, - WidgetExecutionPhase_WidgetInstantiate = 1 << 1, - WidgetExecutionPhase_WebkitBind = 1 << 2, - WidgetExecutionPhase_Invoke = 1 << 3 -}; - -struct RequestContext -{ - const WidgetHandle Handle; - WidgetExecutionPhase Phase; - - RequestContext(WidgetHandle handle, - WidgetExecutionPhase phase) : - Handle(handle), - Phase(phase) - { - } -}; - -// Pair of pointer to attribute name and pointer to list of value for -// this attribute name -typedef std::pair< const std::string* const, std::list* > -ATTRIBUTE; - -/* - * Each function should return 0 as success and positive value as error - * - * Possible return value: - * 0 - succes - * 1 - subjectId/resourceId name unknown - * 2 - unknown attribute name - * 4 - interface error - **/ - -/************** Web Runtime ********************/ - -class IWebRuntime -{ - public: - - /** - * gather and set attributes values for specified subjectId - * and attribute name - * @param subjectId is a name of subject (widget or internet site URI ) - * @param attributes is a list of pairs( - * first: pointer to attribute name - * second: list of values for attribute (std::string) - - * its a list of string (BONDI requirement), but usually there will - * be only one string - * */ - virtual int getAttributesValues(const Request &request, - std::list *attributes) = 0; - - /*return current sessionId */ - virtual std::string getSessionId(const Request &request) = 0; - - virtual ~IWebRuntime() - { - } -}; - -/************** Resource Information ********************/ -class IResourceInformation -{ - public: - /** - * gather and set attributes values for specified resourceId - * and attribute name - * @param resourceId is a name of subject (widget or internet site URI ) - * @param attributes is a list of pairs( - * first: pointer to attribute name - * second: list of values for attribute (std::string) - - * its a list of string (BONDI requirement), but usually there will - * be only one string - * */ - virtual int getAttributesValues(const Request &request, - std::list *attributes) = 0; - - virtual ~IResourceInformation() - { - } -}; - -/************** Operation System ********************/ -class IOperationSystem -{ - public: - - /** - * gather and set attributes values for specified attribute name - * @param attributes is a list of pairs( - * first: pointer to attribute name - * second: list of values for attribute (std::string) - - * its a list of string (BONDI requirement), but usually - * there will be only one string - * */ - virtual int getAttributesValues(const Request &request, - std::list *attributes) = 0; - - virtual ~IOperationSystem() - { - } -}; - -class IFunctionParam -{ - public: - virtual int getAttributesValues(const Request &request, - std::list *attributes) = 0; - virtual ~IFunctionParam() - { - } -}; - -#endif //_WRT_INERFACE_4_ACE_EXAMPLE_H_ diff --git a/ace/include/ace/WidgetUsageModel.h b/ace/include/ace/WidgetUsageModel.h deleted file mode 100644 index 09d15f8..0000000 --- a/ace/include/ace/WidgetUsageModel.h +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// @ Project : Access Control Engine -// @ File Name : UserDecision.h -// @ Date : 2009-05-22 -// @ Author : Samsung -// -// - -#ifndef _WIDGET_USAGE_H -#define _WIDGET_USAGE_H - -#include - -#include "Request.h" -#include "AsyncVerdictResultListener.h" - -enum UsageValidity -{ - USAGE_UNKNOWN, - USAGE_ONCE, - USAGE_SESSION, - USAGE_ALWAYS -}; - -enum UsageVerdict -{ - USAGE_VERDICT_PERMIT, - USAGE_VERDICT_DENY, - USAGE_VERDICT_INAPPLICABLE, - USAGE_VERDICT_UNDETERMINED, - USAGE_VERDICT_UNKNOWN, - USAGE_VERDICT_ERROR -}; -//Forward declaration -class PolicyEvaluator; - -class PolicyEvaluatorData -{ - private: - Request m_request; - UsageValidity m_validity; - UsageVerdict m_verdict; - AsyncVerdictResultListener *m_listener; - public: - - PolicyEvaluatorData(const Request& request, - AsyncVerdictResultListener *listener) : - m_request(request), - m_validity(USAGE_UNKNOWN), - m_verdict(USAGE_VERDICT_ERROR), - m_listener(listener) - { - } - - // KW UsageValidity getValidity() const { - // KW return m_validity; - // KW } - // KW - // KW UsageVerdict getVerdict() const { - // KW return m_verdict; - // KW } - // KW - // KW void setValidity(UsageValidity validity) { - // KW this->m_validity = validity; - // KW } - // KW - // KW void setVerdict(UsageVerdict verdict) { - // KW this->m_verdict = verdict; - // KW } - - const Request& getRequest() const - { - return m_request; - } - - AsyncVerdictResultListener* getListener() const - { - return m_listener; - } -}; - -#endif //_USERDECISION_H diff --git a/ace/include/ace/acf_consts.h b/ace/include/ace/acf_consts.h deleted file mode 100644 index 93ecfae..0000000 --- a/ace/include/ace/acf_consts.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * This file contain consts for Signing Template and Policy Manager - * This values will be used to specified and identified algorithms in xml policy documents. - * Its consistent with BONDI 1.0 released requirements - * - * NOTE: This values should be verified when ACF will be updated to the latest version of BONDI requirements - * This values comes from widget digital signature 1.0 - required version of this doc is very important - * - **/ - -#ifndef ACF_CONSTS_TYPES_H -#define ACF_CONSTS_TYPES_H - -//Digest Algorithms -extern const char* DIGEST_ALG_SHA256; - -//Canonicalization Algorithms -extern const char* CANONICAL_ALG_C14N; - -//Signature Algorithms -extern const char* SIGNATURE_ALG_RSA_with_SHA256; -extern const char* SIGNATURE_ALG_DSA_with_SHA1; -extern const char* SIGNATURE_ALG_ECDSA_with_SHA256; - -#endif - diff --git a/ace/include/ace/parser.h b/ace/include/ace/parser.h deleted file mode 100644 index 26f15e2..0000000 --- a/ace/include/ace/parser.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// -// -// -// @ Project : Access Control Engine -// @ File Name : parser.h -// @ Date : 2009-05-06 -// @ Author : Samsung -// -// - -#ifndef _PARSER_H_ -#define _PARSER_H_ - -//#include "/usr/include/libxml2/libxml/parser.h" -#include -#include -#include -#include -#include - -#include "Policy.h" -#include "PolicySet.h" -#include "Request.h" -#include "Rule.h" -#include "Attribute.h" -#include "TreeNode.h" -#include "Subject.h" -#include "Condition.h" -#include "Effect.h" - -#define whitespaces " \n\t\r" - -enum CanonicalizationAlgorithm -{ - C14N, - C14NEXCLUSIVE -}; - -class Parser -{ - private: - RuleId ruleId; - xmlTextReaderPtr reader; - - TreeNode * root; - TreeNode * currentRoot; - Subject * currentSubject; - Condition * currentCondition; - Attribute * currentAttribute; - std::string * currentText; - - bool processingSignature; - bool canonicalizeOnce; - - void processNode(xmlTextReaderPtr reader); - - //Node Handlers - void endNodeHandler(xmlTextReaderPtr reader); - void textNodeHandler(xmlTextReaderPtr reader); - void startNodeHandler(xmlTextReaderPtr reader); - - //Node names handlers - void handleAttr(xmlTextReaderPtr reader); - void handleRule(xmlTextReaderPtr reader); - void handleSubject(); - void handleCondition(xmlTextReaderPtr reader); - void handleSubjectMatch(xmlTextReaderPtr reader); - void handleMatch(xmlTextReaderPtr reader, - Attribute::Type); - void handlePolicy(xmlTextReaderPtr reader, - TreeNode::TypeID type); - - //helpers - Policy::CombineAlgorithm convertToCombineAlgorithm(xmlChar*); - ExtendedEffect convertToEffect(xmlChar *effect); - Attribute::Match convertToMatchFunction(xmlChar * func); - void consumeCurrentText(); - void consumeCurrentAttribute(); - void consumeSubjectMatch(xmlChar * value = NULL); - void consumeCurrentSubject(); - void consumeCurrentCondition(); - void trim(std::string *); - // KW void canonicalize(const char *, const char *, CanonicalizationAlgorithm canonicalizationAlgorithm); - // KW int extractNodeToFile(xmlTextReaderPtr reader, const char * filename); - - static const char *TOKEN_PARAM; - public: - Parser(); - ~Parser(); - TreeNode * parse(const std::string& filename, const std::string& schema); -}; - -#endif //_PARSER_H diff --git a/ace/orm/ace_db b/ace/orm/ace_db deleted file mode 100644 index 7f90ed4..0000000 --- a/ace/orm/ace_db +++ /dev/null @@ -1,92 +0,0 @@ -SQL( - PRAGMA foreign_keys = ON; - BEGIN TRANSACTION; -) - -CREATE_TABLE(AcePolicyResult) - COLUMN_NOT_NULL(decision, INTEGER, check(decision between 0 and 6)) - COLUMN_NOT_NULL(hash, TEXT,) - COLUMN_NOT_NULL(rule_id, INTEGER) - TABLE_CONSTRAINTS( - PRIMARY KEY(hash) - ) -CREATE_TABLE_END() - -CREATE_TABLE(AcePromptDecision) - COLUMN_NOT_NULL(app_id, INTEGER,) - COLUMN_NOT_NULL(decision, INTEGER, check(decision between 0 and 5)) - COLUMN(session, TEXT,) - COLUMN_NOT_NULL(rule_id, INTEGER,) - TABLE_CONSTRAINTS( - PRIMARY KEY(app_id,rule_id) - ) -CREATE_TABLE_END() - -CREATE_TABLE(AceAttribute) - COLUMN_NOT_NULL(attr_id, INTEGER, primary key autoincrement) - COLUMN_NOT_NULL(name, TEXT,) - COLUMN_NOT_NULL(type, INTEGER, check(type between 0 and 4)) - - TABLE_CONSTRAINTS(unique(name,type)) -CREATE_TABLE_END() - -CREATE_TABLE(AceSubject) - COLUMN_NOT_NULL(subject_id, INTEGER, primary key autoincrement) - COLUMN_NOT_NULL(id_uri, TEXT, unique) -CREATE_TABLE_END() - -CREATE_TABLE(AceDevCap) - COLUMN_NOT_NULL(resource_id, INTEGER, primary key autoincrement) - COLUMN_NOT_NULL(id_uri, TEXT, unique) - COLUMN_NOT_NULL(general_setting,INTEGER, check(general_setting between -1 and 4)) -CREATE_TABLE_END() - -CREATE_TABLE(AceWidgetDevCapSetting) - COLUMN_NOT_NULL(app_id, INTEGER, not null) - COLUMN_NOT_NULL(resource_id, INTEGER, references AceDevCap(resource_id)) - COLUMN_NOT_NULL(access_value, INTEGER, check(access_value between -1 and 4)) - - TABLE_CONSTRAINTS(unique(app_id,resource_id)) -CREATE_TABLE_END() - -CREATE_TABLE(AceRequestedDevCaps) - COLUMN_NOT_NULL(app_id, INTEGER, not null) - COLUMN_NOT_NULL(grant_smack, INTEGER, not null) - COLUMN_NOT_NULL(dev_cap, TEXT,) - - TABLE_CONSTRAINTS(unique(app_id,dev_cap)) -CREATE_TABLE_END() - -CREATE_TABLE(AceAcceptedFeature) - COLUMN_NOT_NULL(app_id, INTEGER, not null) - COLUMN_NOT_NULL(feature, TEXT, not null) - - TABLE_CONSTRAINTS(unique(app_id,feature)) -CREATE_TABLE_END() - -CREATE_TABLE(WidgetInfo) - COLUMN_NOT_NULL(app_id, INTEGER, PRIMARY KEY) - COLUMN(widget_type, INT, DEFAULT 1) - COLUMN(widget_id, VARCHAR(256), DEFAULT '') - COLUMN(widget_version, VARCHAR(256), DEFAULT '') - COLUMN(author_name, VARCHAR(256), DEFAULT '') - COLUMN(share_href, VARCHAR(256), DEFAULT '') -CREATE_TABLE_END() - -CREATE_TABLE(WidgetCertificateFingerprint) - COLUMN_NOT_NULL(app_id, INT,) - COLUMN_NOT_NULL(owner, INT,) - COLUMN_NOT_NULL(chainid, INT,) - COLUMN_NOT_NULL(type, INT,) - COLUMN(md5_fingerprint, VARCHAR(64),) - COLUMN(sha1_fingerprint, VARCHAR(64),) - COLUMN(common_name, VARCHAR(64),) - TABLE_CONSTRAINTS( - PRIMARY KEY (app_id, chainid, owner, type) - FOREIGN KEY (app_id) REFERENCES WidgetInfo (app_id) ON DELETE CASCADE - ) -CREATE_TABLE_END() - -SQL( - COMMIT; -) diff --git a/ace/orm/ace_db_definitions b/ace/orm/ace_db_definitions deleted file mode 100644 index 46836e9..0000000 --- a/ace/orm/ace_db_definitions +++ /dev/null @@ -1,6 +0,0 @@ -DATABASE_START(ace) - -#include "ace_db" -#include "version_db" - -DATABASE_END() diff --git a/ace/orm/ace_db_sql_generator.h b/ace/orm/ace_db_sql_generator.h deleted file mode 100644 index 5af05ac..0000000 --- a/ace/orm/ace_db_sql_generator.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file wrt_db_sql_generator.h - * @author Bartosz Janiak (b.janiak@samsung.com) - * @version 1.0 - * @brief Macro definitions for generating the SQL input file from database definition. - */ - -//Do not include this file directly! It is used only for SQL code generation. - -#include - -#include "ace_db_definitions" diff --git a/ace/orm/gen_db_md5.sh b/ace/orm/gen_db_md5.sh deleted file mode 100755 index 38587b7..0000000 --- a/ace/orm/gen_db_md5.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -CHECKSUM=`cat ${2} ${3} 2>/dev/null | md5sum 2>/dev/null | cut -d\ -f1 2>/dev/null` -echo "#define DB_CHECKSUM DB_VERSION_${CHECKSUM}" > ${1} -echo "#define DB_CHECKSUM_STR \"DB_VERSION_${CHECKSUM}\"" >> ${1} - diff --git a/ace/orm/orm_generator_ace.h b/ace/orm/orm_generator_ace.h deleted file mode 100644 index 640dd35..0000000 --- a/ace/orm/orm_generator_ace.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ORM_GENERATOR_ACE_H -#define ORM_GENERATOR_ACE_H - -#define ORM_GENERATOR_DATABASE_NAME ace_db_definitions -#include -#undef ORM_GENERATOR_DATABASE_NAME - -#endif diff --git a/ace/orm/version_db b/ace/orm/version_db deleted file mode 100644 index 7e20d8d..0000000 --- a/ace/orm/version_db +++ /dev/null @@ -1,5 +0,0 @@ -SQL( - BEGIN TRANSACTION; - CREATE TABLE DB_CHECKSUM (version INT); - COMMIT; -) diff --git a/ace_client/CMakeLists.txt b/ace_client/CMakeLists.txt deleted file mode 100644 index 4b7537b..0000000 --- a/ace_client/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -ADD_SUBDIRECTORY(src) diff --git a/ace_client/include/ace-client/ace_client.h b/ace_client/include/ace-client/ace_client.h deleted file mode 100644 index 4b4081b..0000000 --- a/ace_client/include/ace-client/ace_client.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_client.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains definitions of AceThinClient API - */ -#ifndef WRT_ACE_CLIENT_H -#define WRT_ACE_CLIENT_H - -#include -#include -#include -#include - -class WebRuntimeImpl; -class ResourceInformationImpl; -class OperationSystemImpl; - -namespace AceClient { - -class AceThinClientImpl; - -class AceThinClient : private DPL::Noncopyable { - public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, AceThinClientException) - }; - - bool checkFunctionCall(const AceRequest& ace_request) const; - AcePreference getWidgetResourcePreference( - const AceResource& resource, - const AceWidgetHandle& handle) const; - AceResourcesPreferences* getGlobalResourcesPreferences() const; - bool isInitialized() const; - - private: - AceThinClient(); - virtual ~AceThinClient(); - - AceThinClientImpl* m_impl; - friend class DPL::Singleton; - WebRuntimeImpl* m_wrt; - ResourceInformationImpl* m_res; - OperationSystemImpl* m_sys; -}; - -typedef DPL::Singleton AceThinClientSingleton; - -} // namespace AceClient - -#endif // WRT_ACE_CLIENT_H diff --git a/ace_client/include/ace-client/ace_client_helper.h b/ace_client/include/ace-client/ace_client_helper.h deleted file mode 100644 index 14c5964..0000000 --- a/ace_client/include/ace-client/ace_client_helper.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_client_helper.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains definitions of AceClient helper types and - * functions. - */ -#ifndef WRT_ACE_CLIENT_HELPER_H -#define WRT_ACE_CLIENT_HELPER_H - -#include -#include -#include - -#include -#include - -#include "ace_client_types.h" - -namespace AceClient { - -AcePreference toAcePreference(AceDB::PreferenceTypes preference) -{ - switch (preference) { - case AceDB::PreferenceTypes::PREFERENCE_PERMIT: { - return PREFERENCE_PERMIT; } - case AceDB::PreferenceTypes::PREFERENCE_DENY: { - return PREFERENCE_DENY; } - case AceDB::PreferenceTypes::PREFERENCE_DEFAULT: { - return PREFERENCE_DEFAULT; } - case AceDB::PreferenceTypes::PREFERENCE_BLANKET_PROMPT: { - return PREFERENCE_BLANKET_PROMPT; } - case AceDB::PreferenceTypes::PREFERENCE_SESSION_PROMPT: { - return PREFERENCE_SESSION_PROMPT; } - case AceDB::PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT: { - return PREFERENCE_ONE_SHOT_PROMPT; } - } - return PREFERENCE_DEFAULT; -} - -typedef std::vector AceParamKeys; -typedef std::vector AceParamValues; - -class AceFunctionParam -{ - public: - virtual ~AceFunctionParam() - { - } - - void addAttribute(const std::string& key, - const std::string& value) - { - m_paramMap.insert(std::make_pair(key, value)); - } - - AceParamKeys getKeys() const - { - AceParamKeys out; - FOREACH (it, m_paramMap) { - out.push_back(it->first); - } - return out; - } - - AceParamValues getValues() const - { - AceParamValues out; - FOREACH (it, m_paramMap) { - out.push_back(it->second); - } - return out; - } - - static std::string aceFunctionParamToken; - - private: - typedef std::multimap ParamMap; - ParamMap m_paramMap; -}; - -typedef std::vector AceFunctionParams; - -class AceBasicRequest : public AceDB::IRequest { - public: - AceBasicRequest(const AceSubject& subject, - const AceResource& resource) : - m_subject(subject), - m_resource(resource) - { - } - - AceBasicRequest(const AceSubject& subject, - const AceResource& resource, - const AceFunctionParam& param) : - m_subject(subject), - m_resource(resource), - m_param(param) - { - } - virtual const std::string& getSubjectId() const - { - return m_subject; - } - virtual const std::string& getResourceId() const - { - return m_resource; - } - virtual const AceFunctionParam& getFunctionParam() const - { - return m_param; - } - - private: - AceSubject m_subject; - AceResource m_resource; - AceFunctionParam m_param; -}; - -typedef std::vector AceBasicRequests; - -} // namespace AceClient - -#endif // WRT_ACE_CLIENT_HELPER_H diff --git a/ace_client/include/ace-client/ace_client_types.h b/ace_client/include/ace-client/ace_client_types.h deleted file mode 100644 index f27a4ba..0000000 --- a/ace_client/include/ace-client/ace_client_types.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_client_types.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains definitions of AceClient types - */ -#ifndef WRT_ACE_CLIENT_TYPES_H -#define WRT_ACE_CLIENT_TYPES_H - -#include -#include -#include - -namespace AceClient { - -typedef int AceWidgetHandle; -typedef void* AceJobWidgetInstallId; - -typedef std::string AceResource; -typedef std::string AceSubject; -typedef std::string AceSessionId; - -enum AcePreference -{ - PREFERENCE_PERMIT, - PREFERENCE_DENY, - PREFERENCE_DEFAULT, - PREFERENCE_BLANKET_PROMPT, - PREFERENCE_SESSION_PROMPT, - PREFERENCE_ONE_SHOT_PROMPT -}; - -typedef std::map AceResourcesPreferences; -typedef std::pair AceResurcePreference; - -struct AceParam -{ - const char *name; - const char *value; - - AceParam(): - name(NULL), value(NULL) - {} - - AceParam(const char *name, const char *value): - name(name), value(value) - {} -}; - -struct AceParamList -{ - size_t count; - AceParam* param; - AceParamList(): - count(0), - param(NULL) - {} -}; - -struct AceDeviceCap -{ - size_t devcapsCount; - const char** devCapNames; - size_t paramsCount; - AceParamList* params; - AceDeviceCap(): - devcapsCount(0), - devCapNames(NULL), - paramsCount(0), - params(NULL) - {} -}; - -struct AceApiFeatures -{ - size_t count; - const char** apiFeature; - AceApiFeatures(): - count(0), - apiFeature(NULL) - {} -}; - -struct AceRequest -{ - AceSessionId sessionId; - AceWidgetHandle widgetHandle; - AceApiFeatures apiFeatures; - const char* functionName; - AceDeviceCap deviceCapabilities; - AceRequest(): - widgetHandle(0), - apiFeatures(), - functionName(NULL), - deviceCapabilities() - {} -}; - -} // namespace AceClient - -#endif // WRT_ACE_CLIENT_TYPES_H diff --git a/ace_client/include/ace_api_client.h b/ace_client/include/ace_api_client.h deleted file mode 100644 index 817a988..0000000 --- a/ace_client/include/ace_api_client.h +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_api_client.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This is C api for Access Control Engine (ACE), client mode - * (RO part). - */ - -#ifndef ACE_API_CLIENT_H -#define ACE_API_CLIENT_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * API defined in this header should be used only from one thread. If used - * otherwise, unexpected behaviour may occur, including segmentation faults and - * escalation of global warming. Be warned. - */ - -// --------------- Initialization and deinitialization ------------------------- - -/* - * Function type that must be implemented externally and passed to ACE - * on initialization. This function must show to the user a popup with - * information on access request to single device capability. Will be used by - * implementation of ace_check_access API, when policy requires to display - * popup. - * - * Function must be synchronous and must behave accordingly: - * - * Function may return value other than ACE_OK, but it will be treated as - * denial of access. - * - * If returned value is ACE_OK, then 'validation_result' must hold information - * on whether the access was granted or not. - * - * Executed function must display a popup with readable information presented to - * user, covering 'resource_name' that is to be accessed for 'handle' widget - * which is requesting the access. - * - * In its implementation, after the user answered to displayed question, - * UI handler must call popup answer validation API (ace_validate_answer) - * from separate, ace-popup-validation library, with passed 'param_list', - * 'session_id', 'handle' and given answer as arguments. Validation result - * returned by ace_validate_answer needs to be returned in 'validation_result' - * parameter of UI handler. - * - * 'popup_type' describes what kind of options should be given to user - i.e. - * ONESHOT prompt only gives possibility to answer Permit/Deny and returned - * validity for this prompt must be ONCE. PER_SESSION prompt allows to return - * validity ONCE or PER_SESSION. BLANKET prompt allows to return any validity, - * as defined in ace_validity_t. - * - * This call must be made from properly SMACK labelled, safe process - otherwise - * the validation will not occur in security daemon and caller will not be - * granted access to requested device capability. - */ -typedef ace_return_t (*ace_popup_handler_func_t)( - ace_popup_t popup_type, - const ace_resource_t resource_name, - const ace_session_id_t session_id, - const ace_param_list_t* param_list, - ace_widget_handle_t handle, - ace_bool_t* validation_result); - -/* - * Initializes ACE for check access API (client mode). Must be called only once. - * Keep in mind that initializing ACE in client mode disallows usage of API - * defined in ace_api.h and ace_api_settings.h (RW part). - * - * 'handler' must not be NULL, see definition of ace_popup_handler_func_t for - * more information. - * - * Returns error or ACE_OK. - */ -ace_return_t ace_client_initialize(ace_popup_handler_func_t handler); - -/* - * Deinitializes ACE client for check access API. Can be called only once. - */ -ace_return_t ace_client_shutdown(void); - -// --------------- Check Access API -------------------------------------------- - -/* - * Does ACE check with set of device capabilities and function parameters. - * Checks cache first, if it is non-existent, does full ACE check. - * - * Returns error or ACE_OK and information if access was allowed or not - * (value ACE_TRUE or ACE_FALSE is in 'access' argument, only if returned value - * is ACE_OK - otherwise, 'access' value is undefined) - */ -ace_return_t ace_check_access(const ace_request_t* request, ace_bool_t* access); - -#ifdef __cplusplus -} -#endif - -#endif // ACE_API_CLIENT_H diff --git a/ace_client/include/ace_popup_handler.h b/ace_client/include/ace_popup_handler.h deleted file mode 100644 index e63630d..0000000 --- a/ace_client/include/ace_popup_handler.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_popup_handler.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief Private header for access to UI handling function. - * (RO part). - */ - -#ifndef ACE_POPUP_HANDLER_H -#define ACE_POPUP_HANDLER_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -extern ace_popup_handler_func_t popup_func; - -#ifdef __cplusplus -} -#endif - -#endif // ACE_POPUP_HANDLER_H diff --git a/ace_client/src/CMakeLists.txt b/ace_client/src/CMakeLists.txt deleted file mode 100644 index 72a7f56..0000000 --- a/ace_client/src/CMakeLists.txt +++ /dev/null @@ -1,71 +0,0 @@ -include(FindPkgConfig) - -PKG_CHECK_MODULES(ACE_CLIENT_DEPS - dpl-efl - dpl-event-efl - dpl-dbus-efl - REQUIRED - ) - -SET(ACE_CLIENT_DIR - ${PROJECT_SOURCE_DIR}/ace_client - ) - -SET(ACE_CLIENT_SRC_DIR - ${ACE_CLIENT_DIR}/src - ) - -SET(ACE_CLIENT_INCLUDE_DIR - ${ACE_CLIENT_DIR}/include - ) - -SET(ACE_CLIENT_SOURCES - ${COMMUNICATION_CLIENT_SOURCES} - ${ACE_CLIENT_SRC_DIR}/ace_client.cpp - ${ACE_CLIENT_SRC_DIR}/ace_api_client.cpp - ${PROJECT_SOURCE_DIR}/src/services/ace/logic/attribute_facade.cpp - ${PROJECT_SOURCE_DIR}/src/services/ace/logic/simple_roaming_agent.cpp - ) - -SET(ACE_CLIENT_INCLUDES - ${COMMUNICATION_CLIENT_INCLUDES} - ${ACE_CLIENT_DEPS_INCLUDE_DIRS} - ${ACE_CLIENT_INCLUDE_DIR} - ${PROJECT_SOURCE_DIR}/ace_common/include - ${PROJECT_SOURCE_DIR}/src/services/ace - ${PROJECT_SOURCE_DIR}/src/services/ace/ - ${PROJECT_SOURCE_DIR}/src/services/ace/logic - ${PROJECT_SOURCE_DIR}/src/services/popup - ${PROJECT_SOURCE_DIR}/popup_process - ${PROJECT_SOURCE_DIR}/ace/include - ) - -ADD_DEFINITIONS(${ACE_CLIENT_DEPS_CFLAGS}) -ADD_DEFINITIONS(${ACE_CLIENT_CFLAGS_OTHER}) - -INCLUDE_DIRECTORIES(${ACE_CLIENT_INCLUDES}) - -ADD_LIBRARY(${TARGET_ACE_CLIENT_LIB} SHARED ${ACE_CLIENT_SOURCES}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_CLIENT_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_CLIENT_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_ACE_CLIENT_LIB} - ${ACE_CLIENT_DEPS_LIBRARIES} - ${TARGET_ACE_DAO_RO_LIB} - ${TARGET_ACE_LIB} - ) - -INSTALL(TARGETS ${TARGET_ACE_CLIENT_LIB} - DESTINATION lib) - -INSTALL(FILES -# ${ACE_CLIENT_INCLUDE_DIR}/ace-client/ace_client.h -# ${ACE_CLIENT_INCLUDE_DIR}/ace-client/ace_client_types.h - ${ACE_CLIENT_INCLUDE_DIR}/ace_api_client.h - DESTINATION include/ace-client - ) diff --git a/ace_client/src/ace_api_client.cpp b/ace_client/src/ace_api_client.cpp deleted file mode 100644 index 16d9f36..0000000 --- a/ace_client/src/ace_api_client.cpp +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_api_client.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains implementation of ACE client API - */ - -#include -#include -#include "ace_api_client.h" -#include "ace-client/ace_client.h" - -#include -#include -#include -#include "popup_response_server_api.h" -#include "security_daemon_dbus_config.h" -//#include "PromptModel.h" - -ace_return_t ace_client_initialize(ace_popup_handler_func_t handler) -{ - if (!AceClient::AceThinClientSingleton::Instance().isInitialized()) { - return ACE_INTERNAL_ERROR; - } - popup_func = handler; - // Changed order of checks to make API run with old popup implementation - // instead of always needing the popup handler to be implemented. - if (NULL == handler) { - LogError("NULL argument(s) passed"); - return ACE_INVALID_ARGUMENTS; - } - return ACE_OK; -} - -ace_return_t ace_client_shutdown(void) -{ - popup_func = NULL; - return ACE_OK; -} - -ace_return_t ace_check_access(const ace_request_t* request, ace_bool_t* access) -{ - if (NULL == request || NULL == access) { - LogError("NULL argument(s) passed"); - return ACE_INVALID_ARGUMENTS; - } - - AceClient::AceRequest aceRequest; - aceRequest.sessionId = request->session_id; - aceRequest.widgetHandle = request->widget_handle; - - aceRequest.apiFeatures.count = request->feature_list.count; - aceRequest.apiFeatures.apiFeature = - const_cast(request->feature_list.items); - aceRequest.functionName = NULL; // TODO will be removed - aceRequest.deviceCapabilities.devcapsCount = request->dev_cap_list.count; - aceRequest.deviceCapabilities.paramsCount = request->dev_cap_list.count; - - char** devCapNames = new char*[request->dev_cap_list.count]; - AceClient::AceParamList* paramList = - new AceClient::AceParamList[request->dev_cap_list.count]; - - unsigned int i; - for (i = 0; i < request->dev_cap_list.count; ++i) { - devCapNames[i] = request->dev_cap_list.items[i].name; - paramList[i].count = request->dev_cap_list.items[i].param_list.count; - - paramList[i].param = new AceClient::AceParam[ - request->dev_cap_list.items[i].param_list.count]; - - unsigned int j; - for (j = 0; j < request->dev_cap_list.items[i].param_list.count; ++j) { - paramList[i].param[j].name = - request->dev_cap_list.items[i].param_list.items[j].name; - paramList[i].param[j].value = - request->dev_cap_list.items[i].param_list.items[j].value; - - } - } - - aceRequest.deviceCapabilities.devCapNames = - const_cast(devCapNames); - aceRequest.deviceCapabilities.params = paramList; - - bool ret = false; - - Try { - ret = AceClient::AceThinClientSingleton:: - Instance().checkFunctionCall(aceRequest); - *access = ret ? ACE_TRUE : ACE_FALSE; - } Catch (AceClient::AceThinClient::Exception::AceThinClientException) { - LogError("Ace client exception"); - delete [] devCapNames; - for (i = 0; i < request->dev_cap_list.count; ++i) { - delete [] paramList[i].param; - } - delete [] paramList; - return ACE_INTERNAL_ERROR; - } - - delete [] devCapNames; - for (i = 0; i < request->dev_cap_list.count; ++i) { - delete [] paramList[i].param; - } - delete [] paramList; - return ACE_OK; -} diff --git a/ace_client/src/ace_client.cpp b/ace_client/src/ace_client.cpp deleted file mode 100644 index 3c4d086..0000000 --- a/ace_client/src/ace_client.cpp +++ /dev/null @@ -1,665 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_client.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains implementation of AceThinClient class - */ - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include - -#include "ace_server_api.h" -#include "popup_response_server_api.h" -#include "ace-client/ace_client.h" -#include "ace-client/ace_client_helper.h" -#include -#include - -// ACE tests need to use mock implementations -#ifdef ACE_CLIENT_TESTS - -#include "AceDAOReadOnly_mock.h" -#include "communication_client_mock.h" -#include "PolicyInformationPoint_mock.h" - -#else - -#include -#include "SecurityCommunicationClient.h" -#include - -#endif // ACE_CLIENT_TESTS - -IMPLEMENT_SAFE_SINGLETON(AceClient::AceThinClient) - -ace_popup_handler_func_t popup_func = NULL; - -namespace AceClient { - -namespace { -// These devcaps actually are not requested in config file, so should be treaded -// as if were requested (access tags/WARP will block request if desired) -const std::string DEVCAP_EXTERNAL_NETWORK_ACCESS = "externalNetworkAccess"; -const std::string DEVCAP_XML_HTTP_REQUEST = "XMLHttpRequest"; -} // anonymous - - -std::string AceFunctionParam::aceFunctionParamToken = "param:function"; - -// popup cache result - -enum class AceCachedPromptResult { - PERMIT, - DENY, - ASK_POPUP -}; - -// AceThinClient implementation singleton -class AceThinClientImpl { - public: - bool checkFunctionCall(const AceRequest& ace_request); - AcePreference getWidgetResourcePreference( - const AceResource& resource, - const AceWidgetHandle& handle) const; - AceResourcesPreferences* getGlobalResourcesPreferences() const; - bool isInitialized() const; - - AceThinClientImpl(); - ~AceThinClientImpl(); - - protected: - bool containsNetworkDevCap(const AceRequest &ace_request); - bool checkFeatureList(const AceRequest& ace_request); - private: - WebRuntimeImpl* m_wrt; - ResourceInformationImpl* m_res; - OperationSystemImpl* m_sys; - WrtSecurity::Communication::Client *m_communicationClient, *m_popupValidationClient; - - AceSubject getSubjectForHandle(AceWidgetHandle handle) const; - AceCachedPromptResult getCachedPromptResult( - WidgetHandle widgetHandle, - int ruleId, - const AceSessionId& sessionId) const; - bool askUser(PolicyEffect popupType, - const AceRequest& ace_request, - const AceBasicRequest& request); - // Prompt validation - bool validatePopupResponse( - const AceRequest& ace_request, - const AceBasicRequest& request, - bool answer = true, - Prompt::Validity validity = Prompt::Validity::ALWAYS); - mutable PolicyInformationPoint m_pip; - DPL::Optional> m_grantedDevCaps; - std::set m_acceptedFeatures; -}; - -AceThinClientImpl::AceThinClientImpl() - : m_communicationClient(NULL), - m_popupValidationClient(NULL), - m_wrt(new WebRuntimeImpl()), - m_res(new ResourceInformationImpl()), - m_sys(new OperationSystemImpl()), - m_pip(m_wrt, m_res, m_sys) -{ - AceDB::AceDAOReadOnly::attachToThreadRO(); - Try { - m_communicationClient = new WrtSecurity::Communication::Client(WrtSecurity::AceServerApi::INTERFACE_NAME()); - m_popupValidationClient = new WrtSecurity::Communication::Client(WrtSecurity::PopupServerApi::INTERFACE_NAME()); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - if(m_communicationClient) delete m_communicationClient; - if(m_popupValidationClient) delete m_popupValidationClient; - delete m_wrt; - delete m_res; - delete m_sys; - ReThrowMsg(AceThinClient::Exception::AceThinClientException, - "Failed to call security daemon"); - } -} - -AceThinClientImpl::~AceThinClientImpl() -{ - Assert(NULL != m_communicationClient); - Assert(NULL != m_popupValidationClient); - delete m_communicationClient; - delete m_popupValidationClient; - delete m_wrt; - delete m_res; - delete m_sys; - m_communicationClient = NULL; - m_popupValidationClient = NULL; - AceDB::AceDAOReadOnly::detachFromThread(); - -} - -bool AceThinClientImpl::isInitialized() const -{ - return NULL != m_communicationClient && NULL != m_popupValidationClient; -} - -bool AceThinClientImpl::containsNetworkDevCap(const AceRequest &ace_request) -{ - AceDeviceCap deviceCap = ace_request.deviceCapabilities; - for (size_t j=0; j(); - m_acceptedFeatures.clear(); - - AceDB::FeatureNameVector fvector; - AceDB::AceDAOReadOnly::getAcceptedFeature(ace_request.widgetHandle, &fvector); - for(size_t i=0; ipolicyResult.getEffect(); - if (effect.IsNull()) { - // PolicyDecision is UNDETERMINED or NOT_APPLICABLE - result = false; - break; - } else if (*effect == PolicyEffect::DENY) { - // Access denied - result = false; - break; - } else if (*effect == PolicyEffect::PERMIT) { - // Access granted - if (m_grantedDevCaps->find( - DPL::FromASCIIString(request.getResourceId())) - != m_grantedDevCaps->end()) - { - continue; - } else - askServer = true; - } else { - // Check for cached popup response - LogInfo("Checking cached popup response"); - AceCachedPromptResult promptCached = - getCachedPromptResult(ace_request.widgetHandle, - exPolicyResult->ruleId, - ace_request.sessionId); - if (promptCached == AceCachedPromptResult::PERMIT) { - // Granted by previous popup - LogDebug("Cache found OK"); - if (m_grantedDevCaps->find( - DPL::FromASCIIString(request.getResourceId())) - != m_grantedDevCaps->end()) - { - LogDebug("SMACK given previously"); - continue; - } else { - if (*effect != PolicyEffect::PROMPT_BLANKET) { - // This should not happen. - LogDebug("This should not happen."); - result = false; - break; - } - if (!validatePopupResponse(ace_request, - request)) { - LogDebug("Daemon has not validated response."); - result = false; - break; - } else { - // Access granted, move on to next request - LogDebug("SMACK granted, all OK"); - m_grantedDevCaps->insert( - DPL::FromASCIIString( - request.getResourceId())); - continue; - } - } - } - if (promptCached == AceCachedPromptResult::DENY) { - // Access denied by earlier popup - result = false; - break; - } - if (promptCached == AceCachedPromptResult::ASK_POPUP) { - askPopup = true; - popupType = *effect; - } - } - } - } - - if (askServer) { - // IPC to security daemon - // here we must check if we have a SMACK permission for - // the device cap requested - LogInfo("Asking security daemon"); - int serializedPolicyResult = 0; - Try { - m_communicationClient->call(WrtSecurity::AceServerApi::CHECK_ACCESS_METHOD(), - ace_request.widgetHandle, - request.getSubjectId(), - request.getResourceId(), - request.getFunctionParam().getKeys(), - request.getFunctionParam().getValues(), - ace_request.sessionId, - &serializedPolicyResult); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - ReThrowMsg(AceThinClient::Exception::AceThinClientException, - "Failed to call security daemon"); - } - PolicyResult policyResult = PolicyResult:: - deserialize(serializedPolicyResult); - OptionalPolicyEffect effect = policyResult.getEffect(); - if (effect.IsNull()) { - // PolicyDecision is UNDETERMINED or NOT_APPLICABLE - result = false; - break; - } - if (*effect == PolicyEffect::DENY) { - // Access denied - result = false; - break; - } - if (*effect == PolicyEffect::PERMIT) { - // Access granted, move on to next request - m_grantedDevCaps->insert( - DPL::FromASCIIString(request.getResourceId())); - - continue; - } - // Policy says: ask user - setup popup kind - popupType = *effect; - askPopup = true; - } - - if (askPopup) { - result = askUser(popupType, ace_request, request); - } - } - LogInfo("Result: " << (result ? "GRANTED" : "DENIED")); - return result; -} - -bool AceThinClientImpl::askUser(PolicyEffect popupType, - const AceRequest& ace_request, - const AceBasicRequest& request) -{ - LogInfo("Asking popup"); - Assert(NULL != popup_func); - - const AceFunctionParam& fParam = request.getFunctionParam(); - AceParamKeys keys = fParam.getKeys(); - AceParamValues values = fParam.getValues(); - - ace_popup_t ace_popup_type; - ace_resource_t resource = const_cast( - request.getResourceId().c_str()); - ace_session_id_t session = const_cast( - ace_request.sessionId.c_str());; - ace_param_list_t parameters; - ace_widget_handle_t handle = ace_request.widgetHandle; - - parameters.count = keys.size(); - parameters.items = new ace_param_t[parameters.count]; - unsigned int i; - for (i = 0; i < parameters.count; ++i) { - parameters.items[i].name = - const_cast(keys[i].c_str()); - parameters.items[i].value = - const_cast(values[i].c_str()); - } - - switch (popupType) { - case PolicyEffect::PROMPT_ONESHOT: { - ace_popup_type = ACE_ONESHOT; - break; } - case PolicyEffect::PROMPT_SESSION: { - ace_popup_type = ACE_SESSION; - break; } - case PolicyEffect::PROMPT_BLANKET: { - ace_popup_type = ACE_BLANKET; - break; } - default: { - LogError("Unknown popup type passed!"); - LogError("Maybe effect isn't a popup?"); - LogError("Effect number is: " << static_cast(popupType)); - Assert(0); } - } - - ace_bool_t answer = ACE_FALSE; - ace_return_t ret = popup_func(ace_popup_type, - resource, - session, - ¶meters, - handle, - &answer); - - delete [] parameters.items; - - if (ACE_OK != ret) { - LogError("Error in popup handler"); - return false; - } - - if (ACE_TRUE == answer) { - m_grantedDevCaps->insert( - DPL::FromASCIIString(request.getResourceId())); - return true; - } - - return false; -} - -bool AceThinClientImpl::validatePopupResponse( - const AceRequest& ace_request, - const AceBasicRequest& request, - bool answer, - Prompt::Validity validity - ) -{ - bool response = false; - Try{ - m_popupValidationClient->call( - WrtSecurity::PopupServerApi::VALIDATION_METHOD(), - answer, - static_cast(validity), - ace_request.widgetHandle, - request.getSubjectId(), - request.getResourceId(), - request.getFunctionParam().getKeys(), - request.getFunctionParam().getValues(), - ace_request.sessionId, - &response); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - ReThrowMsg(AceThinClient::Exception::AceThinClientException, - "Failed to call security daemon"); - } - return response; -} - -AcePreference AceThinClientImpl::getWidgetResourcePreference ( - const AceResource& resource, - const AceWidgetHandle& handle) const -{ - return toAcePreference( - AceDB::AceDAOReadOnly::getWidgetDevCapSetting(resource, handle)); -} - -AceResourcesPreferences* AceThinClientImpl::getGlobalResourcesPreferences() -const -{ - AceDB::PreferenceTypesMap globalSettingsMap; - AceResourcesPreferences* acePreferences = new AceResourcesPreferences(); - AceDB::AceDAOReadOnly::getDevCapSettings(&globalSettingsMap); - FOREACH(it, globalSettingsMap) { - acePreferences->insert( - AceResurcePreference((*it).first, - toAcePreference((*it).second))); - } - return acePreferences; -} - -AceSubject AceThinClientImpl::getSubjectForHandle(AceWidgetHandle handle) const -{ - try - { - return AceDB::AceDAOReadOnly::getGUID(handle); - } - catch (AceDB::AceDAOReadOnly::Exception::DatabaseError& /*ex*/) - { - LogError("Couldn't find GIUD for handle " << handle); - return ""; - } -} - -AceCachedPromptResult AceThinClientImpl::getCachedPromptResult( - WidgetHandle widgetHandle, - int ruleId, - const AceSessionId& sessionId) const -{ - OptionalCachedPromptDecision promptDecision = - AceDB::AceDAOReadOnly::getPromptDecision( - widgetHandle, - ruleId); - if (promptDecision.IsNull()) { - LogDebug("No cache"); - return AceCachedPromptResult::ASK_POPUP; - } else { - // These should not be stored in DB! - Assert(PromptDecision::ALLOW_THIS_TIME - != (*promptDecision).decision); - Assert(PromptDecision::DENY_THIS_TIME - != (*promptDecision).decision); - if ((*promptDecision).decision == - PromptDecision::ALLOW_ALWAYS) { - // Access granted via earlier popup - LogDebug("ALLOW_ALWAYS"); - return AceCachedPromptResult::PERMIT; - } - if ((*promptDecision).decision == - PromptDecision::DENY_ALWAYS) { - LogDebug("DENY_ALWAYS"); - // Access denied via earlier popup - return AceCachedPromptResult::DENY; - } - // Only thing left is per session prompts - if ((*promptDecision).session.IsNull()) { - LogDebug("NO SESSION"); - return AceCachedPromptResult::ASK_POPUP; - } - AceSessionId cachedSessionId = DPL::ToUTF8String(*((*promptDecision).session)); - if ((*promptDecision).decision == - PromptDecision::ALLOW_FOR_SESSION) { - if (cachedSessionId == sessionId) { - // Access granted for this session. - LogDebug("SESSION OK, PERMIT"); - return AceCachedPromptResult::PERMIT; - } else { - LogDebug("SESSION NOT OK, ASKING"); - return AceCachedPromptResult::ASK_POPUP; - } - } - if ((*promptDecision).decision == - PromptDecision::DENY_FOR_SESSION) { - if (cachedSessionId == sessionId) { - // Access denied for this session. - LogDebug("SESSION OK, DENY"); - return AceCachedPromptResult::DENY; - } else { - LogDebug("SESSION NOT OK, ASKING"); - return AceCachedPromptResult::ASK_POPUP; - } - } - } - LogDebug("NO RESULT, ASKING"); - return AceCachedPromptResult::ASK_POPUP; -} - -// AceThinClient - -bool AceThinClient::checkFunctionCall( - const AceRequest& ace_request) const -{ - return m_impl->checkFunctionCall(ace_request); -} - -AcePreference AceThinClient::getWidgetResourcePreference( - const AceResource& resource, - const AceWidgetHandle& handle) const -{ - return m_impl->getWidgetResourcePreference( - resource, handle); -} - -AceResourcesPreferences* AceThinClient::getGlobalResourcesPreferences() -const -{ - return m_impl->getGlobalResourcesPreferences(); -} - -AceThinClient::AceThinClient() -{ - m_impl = new AceThinClientImpl(); -} - -AceThinClient::~AceThinClient() -{ - Assert(NULL != m_impl); - delete m_impl; -} - -bool AceThinClient::isInitialized() const -{ - return NULL != m_impl && m_impl->isInitialized(); -} - - -} // namespace AceClient diff --git a/ace_client/src/example/CMakeLists.txt b/ace_client/src/example/CMakeLists.txt deleted file mode 100644 index b3e9259..0000000 --- a/ace_client/src/example/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -cmake_minimum_required(VERSION 2.6) -project(ace-thin-client-example) - -include(FindPkgConfig) - -pkg_check_modules(DEPS - dpl-efl - REQUIRED) - -pkg_search_module(wrt-ace-client REQUIRED wrt-ace-client) - -set(TARGET_NAME "ace-thin-client-example") - -set(SRCS - ace-thin-client-example.cpp) - -include_directories(${DEPS_INCLUDE_DIRS}) -include_directories(${wrt-ace-client_INCLUDE_DIRS}) - -add_definitions("-DDPL_LOGS_ENABLED") - -add_executable(${TARGET_NAME} ${SRCS}) - -target_link_libraries(${TARGET_NAME} - ${DEPS_LDFLAGS} - ${wrt-ace-client_LDFLAGS}) diff --git a/ace_client/src/example/ace-thin-client-example.cpp b/ace_client/src/example/ace-thin-client-example.cpp deleted file mode 100644 index aa4c4a8..0000000 --- a/ace_client/src/example/ace-thin-client-example.cpp +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace-thin-client-example.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief Example usage of ACE thin client. - */ - -#include - -int main(int argc, char **argv) -{ - AceClient::AceThinClient& client = - AceClient::AceThinClientSingleton::Instance(); - client.initialize(); // this fires echo method - see logs - client.deinitialize(); - return 0; -} - diff --git a/ace_common/CMakeLists.txt b/ace_common/CMakeLists.txt deleted file mode 100644 index 7e7926a..0000000 --- a/ace_common/CMakeLists.txt +++ /dev/null @@ -1,4 +0,0 @@ -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/ace_common/include/ace_api_common.h - DESTINATION include/ace-common - ) diff --git a/ace_common/include/ace_api_common.h b/ace_common/include/ace_api_common.h deleted file mode 100644 index 30fee60..0000000 --- a/ace_common/include/ace_api_common.h +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_api_common.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This is header for basic ACE data types and error codes - */ - -#ifndef ACE_API_COMMON_H -#define ACE_API_COMMON_H - -#ifdef __cplusplus -extern "C" { -#endif - -// --------------- Boolean type and errors ------------------------------------- - -/* - * Order and values of enum constants are part of API - */ -typedef enum -{ - ACE_FALSE, - ACE_TRUE -} ace_bool_t; - -typedef enum -{ - ACE_OK, // Operation succeeded - ACE_INVALID_ARGUMENTS, // Invalid input parameters - ACE_INTERNAL_ERROR, // ACE internal error - ACE_ACE_UNKNOWN_ERROR // Unexpected operation -} ace_return_t; - -// --------------- Basic types ------------------------------------------------- - -typedef size_t ace_size_t; -typedef char* ace_string_t; // NULL-terminated string -typedef int ace_widget_handle_t; -typedef char* ace_resource_t; -typedef char* ace_subject_t; -typedef char* ace_session_id_t; -typedef void* ace_private_data_t; - -// --------------- Access requests --------------------------------------------- - -typedef struct -{ - ace_size_t count; - ace_string_t* items; -} ace_feature_list_t; - -typedef struct -{ - ace_string_t name; - ace_string_t value; -} ace_param_t; - -typedef struct -{ - ace_size_t count; - ace_param_t* items; -} ace_param_list_t; - -typedef struct -{ - ace_string_t name; - ace_param_list_t param_list; -} ace_dev_cap_t; - -typedef struct -{ - ace_size_t count; - ace_dev_cap_t* items; -} ace_dev_cap_list_t; - -typedef struct -{ - ace_session_id_t session_id; // DEPRECATED will be removed - ace_widget_handle_t widget_handle; // DEPRECATED will be removed - ace_feature_list_t feature_list; - ace_dev_cap_list_t dev_cap_list; -} ace_request_t; - -// --------------- Popup data types -------------------------------------------- - -/* - * Popup types that can be requested to be displayed by ACE - */ -typedef enum -{ - ACE_ONESHOT, - ACE_SESSION, - ACE_BLANKET -} ace_popup_t; - -/* - * Validity of answer that can be returned by ACE popup - */ -typedef enum -{ - ACE_ONCE, - ACE_PER_SESSION, - ACE_ALWAYS -} ace_validity_t; - -#ifdef __cplusplus -} -#endif - -#endif // ACE_API_COMMON_H diff --git a/ace_install/CMakeLists.txt b/ace_install/CMakeLists.txt deleted file mode 100644 index 4b7537b..0000000 --- a/ace_install/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -ADD_SUBDIRECTORY(src) diff --git a/ace_install/include/ace_api_install.h b/ace_install/include/ace_api_install.h deleted file mode 100644 index 598b96d..0000000 --- a/ace_install/include/ace_api_install.h +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_api_setup.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This is C api for Access Control Engine (ACE), installer mode - * (RW part). - * - */ - -#ifndef ACE_API_H -#define ACE_API_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * API defined in this header should be used only from one thread. If used - * otherwise, unexpected behaviour may occur, including segmentation faults and - * escalation of global warming. Be warned. - */ - -// --------------- Initialization and policy update ---------------------------- - -/* - * Initializes ACE - connects (RW) to the database. Must be called only once. - * Returns ACE_OK or error - */ -ace_return_t ace_install_initialize(void); - -/* - * Deinitializes ACE - deinitialize internal structures, detach DB, etc. - * Must be called only once. - * Returns ACE_OK or error - */ -ace_return_t ace_install_shutdown(void); - -/* - * Updates policy - parses XML files from known locations (reason for no arguments), - * also clears policy and prompt caches. - * Returns ACE_OK or error - */ -ace_return_t ace_update_policy(void); - -// --------------- Requested device capabilities API for installer ------------- - -typedef struct -{ - ace_string_t device_capability; - ace_bool_t smack_granted; -} ace_requested_dev_cap_t; - -typedef struct -{ - ace_size_t count; - ace_requested_dev_cap_t* items; -} ace_requested_dev_cap_list_t; - -/* - * Deletes data allocated by ace_get_requested_dev_caps - a helper function - */ -ace_return_t ace_free_requested_dev_caps(ace_requested_dev_cap_list_t* caps); - -/* - * Returns ACE_OK or error; 'caps' will hold device capabilities information. - * To free allcated resources in 'caps', use ace_free_requested_dev_caps - */ -ace_return_t ace_get_requested_dev_caps(ace_widget_handle_t handle, - ace_requested_dev_cap_list_t* caps); - -/* - * Returns error or ACE_OK - */ -ace_return_t ace_set_requested_dev_caps(ace_widget_handle_t handle, - const ace_requested_dev_cap_list_t* caps); - -// ---------------- Accepted Api featuresk API for installer ---------------- - - -ace_return_t ace_set_accepted_feature(ace_widget_handle_t handle, - const ace_feature_list_t* flist); - -ace_return_t ace_rem_accepted_feature(ace_widget_handle_t handle); - -// --------------- Widget data setup for installation -------------------------- - -typedef enum -{ - WAC20 = 0, - Tizen -} ace_widget_type_t; - -struct widget_info { - ace_widget_type_t type; - ace_string_t id; - ace_string_t version; - ace_string_t author; - ace_string_t shareHerf; -}; - -typedef enum -{ - AUTHOR, - DISTRIBUTOR, - UNKNOWN -} ace_cert_owner_t; - -typedef enum -{ - ROOT, - ENDENTITY -} ace_cert_type_t; - -typedef struct certificate_data { - ace_cert_owner_t owner; - ace_cert_type_t type; - int chain_id; - ace_string_t md5_fp; - ace_string_t sha1_fp; - ace_string_t common_name; -} ace_certificate_data; - -/* - * Register widget info into database. - * @param cert_data NULL terminated list of widget certificates - */ - -ace_return_t ace_register_widget(ace_widget_handle_t handle, - struct widget_info* info, - ace_certificate_data* cert_data[]); - -ace_return_t ace_unregister_widget(ace_widget_handle_t handle); - -ace_return_t ace_is_widget_installed(ace_widget_handle_t handle, bool *installed); - -/* - * Gets widget type in 'type'. Use in installer to determine which policy will be used - * by ACE for this widget. - * Returns error or ACE_OK - */ -ace_return_t ace_get_widget_type(ace_widget_handle_t handle, - ace_widget_type_t* type); - -// --------------- Installation time policy check ------------------------------ - -typedef enum -{ - ACE_PERMIT, - ACE_DENY, - ACE_PROMPT, - ACE_UNDEFINED -} ace_policy_result_t; - -/* - * Gets current policy evaluation for given device capability and given widget. - * Returns error or ACE_OK - */ -ace_return_t ace_get_policy_result(const ace_resource_t, - ace_widget_handle_t handle, - ace_policy_result_t* result); - -#ifdef __cplusplus -} -#endif - -#endif // ACE_API_H diff --git a/ace_install/src/CMakeLists.txt b/ace_install/src/CMakeLists.txt deleted file mode 100644 index d0757e1..0000000 --- a/ace_install/src/CMakeLists.txt +++ /dev/null @@ -1,62 +0,0 @@ -include(FindPkgConfig) - -PKG_CHECK_MODULES(ACE_INSTALL_DEPS - dpl-efl - dpl-dbus-efl - REQUIRED - ) - -SET(ACE_INSTALL_DIR - ${PROJECT_SOURCE_DIR}/ace_install - ) - -SET(ACE_INSTALL_SRC_DIR - ${ACE_INSTALL_DIR}/src - ) - -SET(ACE_INSTALL_INCLUDE_DIR - ${ACE_INSTALL_DIR}/include - ) - -SET(ACE_INSTALL_SOURCES - ${COMMUNICATION_CLIENT_SOURCES} - ${ACE_INSTALL_SRC_DIR}/ace_api_install.cpp - ) - -SET(ACE_INSTALL_INCLUDES - ${COMMUNICATION_CLIENT_INCLUDES} - ${ACE_INSTALL_DEPS_INCLUDE_DIRS} - ${ACE_INSTALL_INCLUDE_DIR} - ${PROJECT_SOURCE_DIR}/ace_common/include - ${PROJECT_SOURCE_DIR}/ace/include - ${PROJECT_SOURCE_DIR}/src/services/ace - ${PROJECT_SOURCE_DIR}/src/services/ace/dbus/api - ${PROJECT_SOURCE_DIR}/src/daemon/dbus - ) - -ADD_DEFINITIONS(${ACE_INSTALL_DEPS_CFLAGS}) -ADD_DEFINITIONS(${ACE_INSTALL_CFLAGS_OTHER}) - -INCLUDE_DIRECTORIES(${ACE_INSTALL_INCLUDES}) - -ADD_LIBRARY(${TARGET_ACE_INSTALL_LIB} SHARED ${ACE_INSTALL_SOURCES}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_INSTALL_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_INSTALL_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_ACE_INSTALL_LIB} - ${ACE_INSTALL_DEPS_LIBRARIES} - ${TARGET_ACE_DAO_RW_LIB} - ) - -INSTALL(TARGETS ${TARGET_ACE_INSTALL_LIB} - DESTINATION lib) - -INSTALL(FILES - ${ACE_INSTALL_INCLUDE_DIR}/ace_api_install.h - DESTINATION include/ace-install - ) diff --git a/ace_install/src/ace_api_install.cpp b/ace_install/src/ace_api_install.cpp deleted file mode 100644 index eca3305..0000000 --- a/ace_install/src/ace_api_install.cpp +++ /dev/null @@ -1,345 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_api_install.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains implementation ACE installator API - */ - -#include -#include -#include -#include -#include -#include -#include "SecurityCommunicationClient.h" -#include -#include "ace_server_api.h" - -#include "ace_api_install.h" - -static WrtSecurity::Communication::Client *communicationClient = NULL; - -// helper functions - -static AceDB::AppTypes to_db_app_type(ace_widget_type_t widget_type) -{ - switch (widget_type) { - case WAC20: - return AceDB::AppTypes::WAC20; - case Tizen: - return AceDB::AppTypes::Tizen; - default: - return AceDB::AppTypes::Unknown; - } -} - -static ace_widget_type_t to_ace_widget_type(AceDB::AppTypes app_type) -{ - switch (app_type) { - case AceDB::AppTypes::WAC20: - return WAC20; - case AceDB::AppTypes::Tizen: - return Tizen; - default: - LogError("Invalid app type for widget"); - return WAC20; - } -} - -ace_return_t ace_install_initialize(void) -{ - if (NULL != communicationClient) { - LogError("ace_api_install already initialized"); - return ACE_INTERNAL_ERROR; - } - AceDB::AceDAO::attachToThreadRW(); - Try { - communicationClient = new WrtSecurity::Communication::Client( - WrtSecurity::AceServerApi::INTERFACE_NAME()); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Can't connect to daemon"); - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_install_shutdown(void) -{ - if (NULL == communicationClient) { - LogError("ace_api_install not initialized"); - return ACE_INTERNAL_ERROR; - } - delete communicationClient; - communicationClient = NULL; - AceDB::AceDAO::detachFromThread(); - return ACE_OK; -} - -ace_return_t ace_update_policy(void) -{ - Try { - communicationClient->call(WrtSecurity::AceServerApi::UPDATE_POLICY_METHOD()); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Problem with connection to daemon"); - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_free_requested_dev_caps(ace_requested_dev_cap_list_t* caps) -{ - if (NULL == caps || NULL == caps->items) { - LogError("Invalid arguments"); - return ACE_INVALID_ARGUMENTS; - } - unsigned int i; - for (i = 0; i < caps->count; ++i) { - delete [] caps->items[i].device_capability; - } - delete [] caps->items; - return ACE_OK; -} - -ace_return_t ace_get_requested_dev_caps(ace_widget_handle_t handle, - ace_requested_dev_cap_list_t* caps) -{ - if (NULL == caps) { - LogError("Invalid arguments"); - return ACE_INVALID_ARGUMENTS; - } - AceDB::RequestedDevCapsMap permissions; - Try { - AceDB::AceDAO::getRequestedDevCaps( - handle, &permissions); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - caps->items = new ace_requested_dev_cap_t[permissions.size()]; - caps->count = permissions.size(); - unsigned int i = 0; - FOREACH (it, permissions) { - std::string devCapRequested = DPL::ToUTF8String(it->first); - caps->items[i].device_capability = - new char[strlen(devCapRequested.c_str())+1]; - strcpy(caps->items[i].device_capability, devCapRequested.c_str()); - caps->items[i].smack_granted = it->second ? ACE_TRUE : ACE_FALSE; - ++i; - } - return ACE_OK; -} - -ace_return_t ace_set_requested_dev_caps( - ace_widget_handle_t handle, - const ace_requested_dev_cap_list_t* caps) -{ - if (NULL == caps) { - LogError("Invalid arguments"); - return ACE_INVALID_ARGUMENTS; - } - AceDB::RequestedDevCapsMap db_permissions; - unsigned int i; - for (i = 0; i < caps->count; ++i) { - std::string devCap = std::string(caps->items[i].device_capability); - db_permissions.insert(std::make_pair(DPL::FromUTF8String(devCap), - caps->items[i].smack_granted == ACE_TRUE)); - } - Try { - AceDB::AceDAO::setRequestedDevCaps( - handle, db_permissions); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_set_accepted_feature( - ace_widget_handle_t handle, - const ace_feature_list_t *feature) -{ - if (NULL == feature) { - LogError("Invalid argument"); - return ACE_INVALID_ARGUMENTS; - } - AceDB::FeatureNameVector fvector; - ace_size_t i; - for (i = 0; i < feature->count; ++i) { - fvector.push_back( - DPL::FromUTF8String(feature->items[i])); - } - Try { - AceDB::AceDAO::setAcceptedFeature(handle, fvector); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_rem_accepted_feature( - ace_widget_handle_t handle) -{ - Try { - AceDB::AceDAO::removeAcceptedFeature(handle); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_register_widget(ace_widget_handle_t handle, - struct widget_info *info, - ace_certificate_data* cert_data[]) -{ - LogDebug("enter"); - - if (NULL == info || AceDB::AceDAOReadOnly::isWidgetInstalled(handle)) - return ACE_INVALID_ARGUMENTS; - - AceDB::WidgetRegisterInfo wri; - wri.type = to_db_app_type(info->type); - - if (info->id) - wri.widget_id = DPL::FromUTF8String(info->id); - if (info->version) - wri.version = DPL::FromUTF8String(info->version); - if (info->author) - wri.authorName = DPL::FromUTF8String(info->author); - if (info->shareHerf) - wri.shareHref = DPL::FromUTF8String(info->shareHerf); - - AceDB::WidgetCertificateDataList dataList; - if (NULL != cert_data) { - AceDB::WidgetCertificateData wcd; - ace_certificate_data* cd; - int i = 0; - while (cert_data[i] != NULL) - { - cd = cert_data[i++]; //increment - switch(cd->type) { - case ROOT: - wcd.type = AceDB::WidgetCertificateData::Type::ROOT; - break; - case ENDENTITY: - wcd.type = AceDB::WidgetCertificateData::Type::ENDENTITY; - break; - } - switch(cd->owner) { - case AUTHOR: - wcd.owner = AceDB::WidgetCertificateData::Owner::AUTHOR; - break; - case DISTRIBUTOR: - wcd.owner = AceDB::WidgetCertificateData::Owner::DISTRIBUTOR; - break; - case UNKNOWN: default: - wcd.owner = AceDB::WidgetCertificateData::Owner::UNKNOWN; - break; - } - wcd.chainId = cd->chain_id; - if (cd->md5_fp) - wcd.strMD5Fingerprint = cd->md5_fp; - if (cd->sha1_fp) - wcd.strSHA1Fingerprint = cd->sha1_fp; - if (cd->common_name) - wcd.strCommonName = DPL::FromUTF8String(cd->common_name); - dataList.push_back(wcd); - } - LogDebug("All data set. Inserting into database."); - } - - Try { - AceDB::AceDAO::registerWidgetInfo((WidgetHandle)(handle), wri, dataList); - LogDebug("AceDB entry done"); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_unregister_widget(ace_widget_handle_t handle) -{ - Try { - AceDB::AceDAO::unregisterWidgetInfo((WidgetHandle)(handle)); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_is_widget_installed(ace_widget_handle_t handle, bool *installed) -{ - Try { - *installed = AceDB::AceDAO::isWidgetInstalled((WidgetHandle)(handle)); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_get_widget_type(ace_widget_handle_t handle, - ace_widget_type_t* type) -{ - if (NULL == type) { - LogError("Invalid arguments"); - return ACE_INVALID_ARGUMENTS; - } - Try { - AceDB::AppTypes db_type = AceDB::AceDAO::getWidgetType(handle); - *type = to_ace_widget_type(db_type); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_get_policy_result(const ace_resource_t resource, - ace_widget_handle_t handle, - ace_policy_result_t* result) -{ - if (NULL == result) { - LogError("Invalid arguments"); - return ACE_INVALID_ARGUMENTS; - } - int serializedPolicyResult = 0; - Try { - std::string resource_str(resource); - communicationClient->call(WrtSecurity::AceServerApi::CHECK_ACCESS_INSTALL_METHOD(), - handle, - resource_str, - &serializedPolicyResult); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Can't connect to daemon"); - return ACE_INTERNAL_ERROR; - } - PolicyResult policyResult = PolicyResult:: - deserialize(serializedPolicyResult); - OptionalPolicyEffect effect = policyResult.getEffect(); - if (effect.IsNull()) { - *result = ACE_UNDEFINED; - } else if (*effect == PolicyEffect::DENY) { - *result = ACE_DENY; - } else if (*effect == PolicyEffect::PERMIT) { - *result = ACE_PERMIT; - } else if (*effect == PolicyEffect::PROMPT_ONESHOT || - *effect == PolicyEffect::PROMPT_BLANKET || - *effect == PolicyEffect::PROMPT_SESSION){ - *result = ACE_PROMPT; - } else { - *result = ACE_UNDEFINED; - } - - return ACE_OK; -} diff --git a/ace_popup_validation/CMakeLists.txt b/ace_popup_validation/CMakeLists.txt deleted file mode 100644 index 4b7537b..0000000 --- a/ace_popup_validation/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -ADD_SUBDIRECTORY(src) diff --git a/ace_popup_validation/include/ace_api_popup_validation.h b/ace_popup_validation/include/ace_api_popup_validation.h deleted file mode 100644 index f06dfcf..0000000 --- a/ace_popup_validation/include/ace_api_popup_validation.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_popup_validation_api.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This is C api for Access Control Engine (ACE), popup - * validation library. - * - */ - -#ifndef ACE_API_H -#define ACE_API_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -// --------------- Initialization and deinitialization ------------------------- - -/* - * Initializes the library. - * - * Returns error or ACE_OK. - */ -ace_return_t ace_popup_validation_initialize(void); - -/* - * Deinitializes the library. - * - * Returns error or ACE_OK. - */ -ace_return_t ace_popup_validation_shutdown(void); - -// --------------- Popup answer validation API --------------------------------- - -/* - * Validation of popup answer. This API must be called by implementation of - * UI handler. The call must be made from safe process, specially labelled by - * SMACK. If returned value is ACE_OK, 'validation_result' holds validation - * result that needs to be passed by UI handler as validation result. Otherwise - * value of 'validation_result' is undefined. - * - * See header ace_api_client.h for more details on where this function needs to - * be called and what arguments need to be passed here. - * - * Returns error or ACE_OK. - */ -ace_return_t ace_validate_answer(ace_bool_t answer, - ace_validity_t validity, - const ace_resource_t resource_name, - const ace_session_id_t session_id, - const ace_param_list_t* param_list, - ace_widget_handle_t handle, - ace_bool_t* validation_result); - -#ifdef __cplusplus -} -#endif - -#endif // ACE_API_H diff --git a/ace_popup_validation/src/CMakeLists.txt b/ace_popup_validation/src/CMakeLists.txt deleted file mode 100644 index 69fe495..0000000 --- a/ace_popup_validation/src/CMakeLists.txt +++ /dev/null @@ -1,62 +0,0 @@ -include(FindPkgConfig) - -PKG_CHECK_MODULES(ACE_POPUP_VALIDATION_DEPS - dpl-efl - dpl-dbus-efl - REQUIRED - ) - -SET(ACE_POPUP_VALIDATION_DIR - ${PROJECT_SOURCE_DIR}/ace_popup_validation - ) - -SET(ACE_POPUP_VALIDATION_SRC_DIR - ${ACE_POPUP_VALIDATION_DIR}/src - ) - -SET(ACE_POPUP_VALIDATION_INCLUDE_DIR - ${ACE_POPUP_VALIDATION_DIR}/include - ) - -SET(ACE_POPUP_VALIDATION_SOURCES - ${COMMUNICATION_CLIENT_SOURCES} - ${ACE_POPUP_VALIDATION_SRC_DIR}/ace_api_popup_validation.cpp - ) - -SET(ACE_POPUP_VALIDATION_INCLUDES - ${COMMUNICATION_CLIENT_INCLUDES} - ${ACE_POPUP_VALIDATION_DEPS_INCLUDE_DIRS} - ${ACE_POPUP_VALIDATION_INCLUDE_DIR} - ${PROJECT_SOURCE_DIR}/ace_common/include - ${PROJECT_SOURCE_DIR}/ace/include - ${PROJECT_SOURCE_DIR}/src/services/ace/dbus/api - ${PROJECT_SOURCE_DIR}/src/services/ace - ${PROJECT_SOURCE_DIR}/src/services/popup/ - ${PROJECT_SOURCE_DIR}/src/daemon/dbus - ) - -ADD_DEFINITIONS(${ACE_POPUP_VALIDATION_DEPS_CFLAGS}) -ADD_DEFINITIONS(${ACE_POPUP_VALIDATION_CFLAGS_OTHER}) - -INCLUDE_DIRECTORIES(${ACE_POPUP_VALIDATION_INCLUDES}) - -ADD_LIBRARY(${TARGET_ACE_POPUP_VALIDATION_LIB} SHARED ${ACE_POPUP_VALIDATION_SOURCES}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_POPUP_VALIDATION_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_POPUP_VALIDATION_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_ACE_POPUP_VALIDATION_LIB} - ${ACE_POPUP_VALIDATION_DEPS_LIBRARIES} ${ACE_POPUP_VALIDATION_DEPS_LDFLAGS} - ) - -INSTALL(TARGETS ${TARGET_ACE_POPUP_VALIDATION_LIB} - DESTINATION lib) - -INSTALL(FILES - ${ACE_POPUP_VALIDATION_INCLUDE_DIR}/ace_api_popup_validation.h - DESTINATION include/ace-popup-validation - ) diff --git a/ace_popup_validation/src/ace_api_popup_validation.cpp b/ace_popup_validation/src/ace_api_popup_validation.cpp deleted file mode 100644 index 8277c2f..0000000 --- a/ace_popup_validation/src/ace_api_popup_validation.cpp +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_api_popup_validation.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains implementation of ACE popup validation API. - */ - -#include -#include -#include -#include "SecurityCommunicationClient.h" -#include "popup_response_server_api.h" -#include "security_daemon_dbus_config.h" -#include "ace_api_popup_validation.h" - -namespace { -static WrtSecurity::Communication::Client *communicationClient = NULL; -static const int VALIDITY_ONCE_VALUE = 0; -static const int VALIDITY_SESSION_VALUE = 1; -static const int VALIDITY_ALWAYS_VALUE = 1; -} // anonymous - -ace_return_t ace_popup_validation_initialize(void) -{ - if (NULL != communicationClient) { - LogError("ace_api_popup_validation already initialized"); - return ACE_INTERNAL_ERROR; - } - Try { - communicationClient = new WrtSecurity::Communication::Client( - WrtSecurity::PopupServerApi::INTERFACE_NAME()); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Can't connect to daemon"); - return ACE_INTERNAL_ERROR; - } - - return ACE_OK; -} - -ace_return_t ace_popup_validation_shutdown(void) -{ - if (NULL == communicationClient) { - LogError("ace_api_popup_validation not initialized"); - return ACE_INTERNAL_ERROR; - } - delete communicationClient; - communicationClient = NULL; - - return ACE_OK; -} - -ace_return_t ace_validate_answer(ace_bool_t answer, - ace_validity_t validity, - const ace_resource_t resource_name, - const ace_session_id_t session_id, - const ace_param_list_t* param_list, - ace_widget_handle_t handle, - ace_bool_t* validation_result) -{ - if (NULL == resource_name || - NULL == session_id || - NULL == param_list || - NULL == validation_result) - { - LogError("NULL argument(s) passed"); - return ACE_INVALID_ARGUMENTS; - } - - bool dbusAnswer = answer == ACE_TRUE; - int dbusValidity = 0; - - switch (validity) { - case ACE_ONCE: { - dbusValidity = VALIDITY_ONCE_VALUE; - //static_cast(Prompt::Validity::ONCE); - break; } - case ACE_SESSION: { - dbusValidity = VALIDITY_SESSION_VALUE; - //static_cast(Prompt::Validity::SESSION); - break; } - case ACE_ALWAYS: { - dbusValidity = VALIDITY_ALWAYS_VALUE; - //static_cast(Prompt::Validity::ALWAYS); - break; } - default: { - LogError("Invalid validity passed"); - return ACE_INVALID_ARGUMENTS; } - } - - std::string subjectId; - std::string resourceId(resource_name); - std::string sessionId(session_id); - std::vector keys, values; - unsigned int i; - for (i = 0; i < param_list->count; ++i) { - keys.push_back(std::string(param_list->items[i].name)); - values.push_back(std::string(param_list->items[i].value)); - } - - bool response = false; - Try{ - communicationClient->call(WrtSecurity::PopupServerApi::VALIDATION_METHOD(), - dbusAnswer, - dbusValidity, - handle, - subjectId, - resourceId, - keys, - values, - sessionId, - &response); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Can't call daemon"); - return ACE_INTERNAL_ERROR; - } - - *validation_result = response ? ACE_TRUE : ACE_FALSE; - - return ACE_OK; -} diff --git a/ace_settings/CMakeLists.txt b/ace_settings/CMakeLists.txt deleted file mode 100644 index 4b7537b..0000000 --- a/ace_settings/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -ADD_SUBDIRECTORY(src) diff --git a/ace_settings/include/ace_api_settings.h b/ace_settings/include/ace_api_settings.h deleted file mode 100644 index a3c72ab..0000000 --- a/ace_settings/include/ace_api_settings.h +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file ace_api_settings.h - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This is header for ACE settings API (RW part). - */ - -#ifndef ACE_API_SETTINGS_H -#define ACE_API_SETTINGS_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * API defined in this header should be used only from one thread. If used - * otherwise, unexpected behaviour may occur, including segmentation faults and - * escalation of global warming. Be warned. - */ - -// --------------- Initialization ---------------------------------------------- - -/* - * Initializes ACE - connects (RW) to the database. Must be called only once. - * Returns ACE_OK or error - */ -ace_return_t ace_settings_initialize(void); - -/* - * Deinitializes ACE - deinitialize internal structures, detach DB, etc. - * Must be called only once. - * Returns ACE_OK or error - */ -ace_return_t ace_settings_shutdown(void); - -// --------------- Resource settings API --------------------------------------- - -/* - * Order and values of enum constants are part of API - */ -typedef enum -{ - ACE_PREFERENCE_PERMIT, - ACE_PREFERENCE_DENY, - ACE_PREFERENCE_DEFAULT, // means: not set - ACE_PREFERENCE_BLANKET_PROMPT, - ACE_PREFERENCE_SESSION_PROMPT, - ACE_PREFERENCE_ONE_SHOT_PROMPT -} ace_preference_t; - -/* - * Returns error or ACE_OK - * If return value is ACE_OK, 'prerefence' value is the queried one, otherwise - * 'preference' value is undefined - */ -ace_return_t ace_get_widget_resource_preference(ace_widget_handle_t handle, - const ace_resource_t resource, - ace_preference_t* preference); - -/* - * Returns error or ACE_OK - * If return value is ACE_OK, 'prerefence' value is the queried one, otherwise - * 'preference' value is undefined - */ -ace_return_t ace_get_global_resource_preference(const ace_resource_t resource, - ace_preference_t* preference); - -/* - * To reset setting, pass ACE_PREFERENCE_DEFAULT - * Returns error or ACE_OK - */ -ace_return_t ace_set_widget_resource_preference(ace_widget_handle_t handle, - const ace_resource_t resource, - ace_preference_t preference); - -/* - * To reset setting, pass ACE_PREFERENCE_DEFAULT - * Returns error or ACE_OK - */ -ace_return_t ace_set_global_resource_preference(const ace_resource_t resource, - ace_preference_t preference); - -/* - * Resets per widget resource settings to ACE_PREFERENCE_DEFAULT - */ -ace_return_t ace_reset_widget_resource_settings(void); - -/* - * Resets global resource settings to ACE_PREFERENCE_DEFAULT - */ -ace_return_t ace_reset_global_resource_settings(void); - -/* - * After execution, is_privacy_api is ACE_TRUE if resource_name is the name - * of Privacy API - */ -ace_return_t ace_is_private_api(const ace_resource_t resource_name, - ace_bool_t* is_private_api); - -#ifdef __cplusplus -} -#endif - -#endif // ACE_API_SETTINGS_H diff --git a/ace_settings/src/CMakeLists.txt b/ace_settings/src/CMakeLists.txt deleted file mode 100644 index 8cd835e..0000000 --- a/ace_settings/src/CMakeLists.txt +++ /dev/null @@ -1,56 +0,0 @@ -include(FindPkgConfig) - -PKG_CHECK_MODULES(ACE_SETTINGS_DEPS - dpl-efl - REQUIRED - ) - -SET(ACE_SETTINGS_DIR - ${PROJECT_SOURCE_DIR}/ace_settings - ) - -SET(ACE_SETTINGS_SRC_DIR - ${ACE_SETTINGS_DIR}/src - ) - -SET(ACE_SETTINGS_INCLUDE_DIR - ${ACE_SETTINGS_DIR}/include - ) - -SET(ACE_SETTINGS_SOURCES - ${ACE_SETTINGS_SRC_DIR}/ace_api_settings.cpp - ) - -SET(ACE_SETTINGS_INCLUDES - ${ACE_SETTINGS_DEPS_INCLUDE_DIRS} - ${ACE_SETTINGS_INCLUDE_DIR} - ${PROJECT_SOURCE_DIR}/ace_common/include - ${PROJECT_SOURCE_DIR}/ace/include - ) - -ADD_DEFINITIONS(${ACE_SETTINGS_DEPS_CFLAGS}) -ADD_DEFINITIONS(${ACE_SETTINGS_CFLAGS_OTHER}) - -INCLUDE_DIRECTORIES(${ACE_SETTINGS_INCLUDES}) - -ADD_LIBRARY(${TARGET_ACE_SETTINGS_LIB} SHARED ${ACE_SETTINGS_SOURCES}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_SETTINGS_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_ACE_SETTINGS_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_ACE_SETTINGS_LIB} - ${ACE_SETTINGS_DEPS_LIBRARIES} - ${TARGET_ACE_DAO_RW_LIB} - ) - -INSTALL(TARGETS ${TARGET_ACE_SETTINGS_LIB} - DESTINATION lib) - -INSTALL(FILES - ${ACE_SETTINGS_INCLUDE_DIR}/ace_api_settings.h - DESTINATION include/ace-settings - ) diff --git a/ace_settings/src/ace_api_settings.cpp b/ace_settings/src/ace_api_settings.cpp deleted file mode 100644 index a1a811d..0000000 --- a/ace_settings/src/ace_api_settings.cpp +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file ace_api_settings.cpp - * @author Tomasz Swierczek (t.swierczek@samsung.com) - * @version 1.0 - * @brief This file contains implementation ACE settings API - */ - -#include -#include -#include - -#include "ace_api_settings.h" - -// helper functions -static ace_preference_t to_ace_preference(const AceDB::PreferenceTypes& db_preference) -{ - switch (db_preference) { - case AceDB::PreferenceTypes::PREFERENCE_BLANKET_PROMPT: { - return ACE_PREFERENCE_BLANKET_PROMPT; } - case AceDB::PreferenceTypes::PREFERENCE_DEFAULT: { - return ACE_PREFERENCE_DEFAULT;} - case AceDB::PreferenceTypes::PREFERENCE_DENY: { - return ACE_PREFERENCE_DENY;} - case AceDB::PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT: { - return ACE_PREFERENCE_ONE_SHOT_PROMPT;} - case AceDB::PreferenceTypes::PREFERENCE_PERMIT: { - return ACE_PREFERENCE_PERMIT;} - case AceDB::PreferenceTypes::PREFERENCE_SESSION_PROMPT: { - return ACE_PREFERENCE_SESSION_PROMPT;} - default: { - return ACE_PREFERENCE_DEFAULT;} - } -} - - -static AceDB::PreferenceTypes to_ace_db_preference(const ace_preference_t& preference) -{ - switch (preference) { - case ACE_PREFERENCE_BLANKET_PROMPT: { - return AceDB::PreferenceTypes::PREFERENCE_BLANKET_PROMPT; } - case ACE_PREFERENCE_DEFAULT: { - return AceDB::PreferenceTypes::PREFERENCE_DEFAULT;} - case ACE_PREFERENCE_DENY: { - return AceDB::PreferenceTypes::PREFERENCE_DENY;} - case ACE_PREFERENCE_ONE_SHOT_PROMPT: { - return AceDB::PreferenceTypes::PREFERENCE_ONE_SHOT_PROMPT;} - case ACE_PREFERENCE_PERMIT: { - return AceDB::PreferenceTypes::PREFERENCE_PERMIT;} - case ACE_PREFERENCE_SESSION_PROMPT: { - return AceDB::PreferenceTypes::PREFERENCE_SESSION_PROMPT;} - default: { - return AceDB::PreferenceTypes::PREFERENCE_DEFAULT;} - } -} - -ace_return_t ace_settings_initialize(void) -{ - AceDB::AceDAO::attachToThreadRW(); - return ACE_OK; -} - -ace_return_t ace_settings_shutdown(void) -{ - AceDB::AceDAO::detachFromThread(); - return ACE_OK; -} - -ace_return_t ace_get_widget_resource_preference(ace_widget_handle_t handle, - const ace_resource_t resource, - ace_preference_t* preference) -{ - if (NULL == resource || NULL == preference) { - LogError("NULL argument(s) passed"); - return ACE_INVALID_ARGUMENTS; - } - Try { - std::string resource_str(resource); - AceDB::PreferenceTypes db_preference = - AceDB::AceDAO::getWidgetDevCapSetting(resource_str, handle); - *preference = to_ace_preference(db_preference); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_get_global_resource_preference(const ace_resource_t resource, - ace_preference_t* preference) -{ - if (NULL == resource || NULL == preference) { - LogError("NULL argument(s) passed"); - return ACE_INVALID_ARGUMENTS; - } - Try { - AceDB::PreferenceTypes db_preference = - AceDB::AceDAO::getDevCapSetting(resource); - *preference = to_ace_preference(db_preference); - } Catch(AceDB::AceDAOReadOnly::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_set_widget_resource_preference(ace_widget_handle_t handle, - const ace_resource_t resource, - ace_preference_t preference) -{ - if (NULL == resource) { - LogError("NULL argument passed"); - return ACE_INVALID_ARGUMENTS; - } - Try { - AceDB::AceDAO::addResource(resource); - AceDB::PreferenceTypes db_preference = to_ace_db_preference(preference); - AceDB::AceDAO::removeWidgetDevCapSetting(resource, handle); - AceDB::AceDAO::setWidgetDevCapSetting(resource, handle, db_preference); - } Catch(AceDB::AceDAO::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_set_global_resource_preference(const ace_resource_t resource, - ace_preference_t preference) -{ - if (NULL == resource) { - LogError("NULL argument passed"); - return ACE_INVALID_ARGUMENTS; - } - Try { - AceDB::AceDAO::addResource(resource); - AceDB::PreferenceTypes db_preference = to_ace_db_preference(preference); - AceDB::AceDAO::setDevCapSetting(resource, db_preference); - } Catch(AceDB::AceDAO::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_reset_widget_resource_settings() -{ - Try { - AceDB::AceDAO::clearWidgetDevCapSettings(); - } Catch(AceDB::AceDAO::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_reset_global_resource_settings(void) -{ - Try { - AceDB::AceDAO::clearDevCapSettings(); - } Catch(AceDB::AceDAO::Exception::DatabaseError) { - return ACE_INTERNAL_ERROR; - } - return ACE_OK; -} - -ace_return_t ace_is_private_api(const ace_resource_t resource_name, ace_bool_t* is_private_api) -{ - static const char * const private_api[] = { - "bluetooth.admin", - "bluetooth.gap", - "bluetooth.spp", - "calendar.read", - "calendar.write", - "callhistory.read", - "callhistory.write", - "contact.read", - "contact.write", - "nfc.admin", - "nfc.common", - "nfc.cardemulation", - "nfc.p2p", - "nfc.tag", - NULL - }; - - *is_private_api = ACE_TRUE; - for (int i=0; private_api[i]; ++i) - if (!strcmp(resource_name, private_api[i])) - return ACE_OK; - - *is_private_api = ACE_FALSE; - return ACE_OK; -} - diff --git a/build/CMakeLists.txt b/build/CMakeLists.txt index c51d065..ae6fa44 100644 --- a/build/CMakeLists.txt +++ b/build/CMakeLists.txt @@ -15,12 +15,5 @@ # @file CMakeLists.txt # @author Tomasz Swierczek (t.swierczek@samsung.com) # -ADD_SUBDIRECTORY(ace) -ADD_SUBDIRECTORY(ace_client) -ADD_SUBDIRECTORY(ace_settings) -ADD_SUBDIRECTORY(ace_install) -ADD_SUBDIRECTORY(ace_popup_validation) -ADD_SUBDIRECTORY(communication_client) -ADD_SUBDIRECTORY(wrt-security) + ADD_SUBDIRECTORY(security-server) -ADD_SUBDIRECTORY(wrt_ocsp) diff --git a/build/ace/CMakeLists.txt b/build/ace/CMakeLists.txt deleted file mode 100644 index b42ab2e..0000000 --- a/build/ace/CMakeLists.txt +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-dao-ro.pc.in security-dao-ro.pc @ONLY) -CONFIGURE_FILE(security-dao-rw.pc.in security-dao-rw.pc @ONLY) -CONFIGURE_FILE(security.pc.in security.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/ace/security-dao-ro.pc - ${CMAKE_BINARY_DIR}/build/ace/security-dao-rw.pc - ${CMAKE_BINARY_DIR}/build/ace/security.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/ace/security-dao-ro.pc.in b/build/ace/security-dao-ro.pc.in deleted file mode 100644 index 820a4b3..0000000 --- a/build/ace/security-dao-ro.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace-dao-ro -Description: ace-dao-ro -Version: @VERSION@ -Requires: dpl-efl openssl -Libs: -lace-dao-ro -L${libdir} -Cflags: -I${includedir} diff --git a/build/ace/security-dao-rw.pc.in b/build/ace/security-dao-rw.pc.in deleted file mode 100644 index 4268970..0000000 --- a/build/ace/security-dao-rw.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: aco-dao-rw -Description: ace-dao-rw -Version: @VERSION@ -Requires: security-dao-ro -Libs: -lace-dao-rw -L${libdir} -Cflags: -I${includedir} diff --git a/build/ace/security.pc.in b/build/ace/security.pc.in deleted file mode 100644 index 9f5bd4a..0000000 --- a/build/ace/security.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace -Description: ace -Version: @VERSION@ -Requires: dpl-efl openssl -Libs: -lace -L${libdir} -Cflags: -I${includedir} diff --git a/build/ace_client/CMakeLists.txt b/build/ace_client/CMakeLists.txt deleted file mode 100644 index b7bdaa0..0000000 --- a/build/ace_client/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-client.pc.in security-client.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/ace_client/security-client.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/ace_client/security-client.pc.in b/build/ace_client/security-client.pc.in deleted file mode 100644 index ea166b3..0000000 --- a/build/ace_client/security-client.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace-client -Description: ACE thin client library -Version: @VERSION@ -Requires: dpl-wrt-dao-ro dpl-efl dpl-event-efl dpl-dbus-efl security-dao-ro -Libs: -lace-client -L${libdir} -Cflags: -I${includedir}/ace-client -I${includedir}/ace-common diff --git a/build/ace_install/CMakeLists.txt b/build/ace_install/CMakeLists.txt deleted file mode 100644 index 8c0a70b..0000000 --- a/build/ace_install/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-install.pc.in security-install.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/ace_install/security-install.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/ace_install/security-install.pc.in b/build/ace_install/security-install.pc.in deleted file mode 100644 index 9ddcefa..0000000 --- a/build/ace_install/security-install.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace-install -Description: ACE insall library to be used by installer -Version: @VERSION@ -Requires: dpl-efl dpl-dbus-efl security-dao-rw -Libs: -lace-install -L${libdir} -Cflags: -I${includedir}/ace-install -I${includedir}/ace-common diff --git a/build/ace_popup_validation/CMakeLists.txt b/build/ace_popup_validation/CMakeLists.txt deleted file mode 100644 index b79c6f5..0000000 --- a/build/ace_popup_validation/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-popup-validation.pc.in security-popup-validation.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/ace_popup_validation/security-popup-validation.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/ace_popup_validation/security-popup-validation.pc.in b/build/ace_popup_validation/security-popup-validation.pc.in deleted file mode 100644 index 385b47b..0000000 --- a/build/ace_popup_validation/security-popup-validation.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace-popup-validation -Description: ACE popup validation library -Version: @VERSION@ -Requires: dpl-efl dpl-dbus-efl -Libs: -lace-popup-validation -L${libdir} -Cflags: -I${includedir}/ace-popup-validation -I${includedir}/ace-common diff --git a/build/ace_settings/CMakeLists.txt b/build/ace_settings/CMakeLists.txt deleted file mode 100644 index b768f2f..0000000 --- a/build/ace_settings/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-settings.pc.in security-settings.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/ace_settings/security-settings.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/ace_settings/security-settings.pc.in b/build/ace_settings/security-settings.pc.in deleted file mode 100644 index 1abc082..0000000 --- a/build/ace_settings/security-settings.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: ace-settings -Description: ACE settings library -Version: @VERSION@ -Requires: -Libs: -lace-settings -lace-dao-rw -L${libdir} -Cflags: -I${includedir}/ace-settings -I${includedir}/ace-common diff --git a/build/communication_client/CMakeLists.txt b/build/communication_client/CMakeLists.txt deleted file mode 100644 index 4f11913..0000000 --- a/build/communication_client/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Zofia Abramowska (z.abramowska@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-communication-client.pc.in security-communication-client.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/communication_client/security-communication-client.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/communication_client/security-communication-client.pc.in b/build/communication_client/security-communication-client.pc.in deleted file mode 100644 index 1b01b5f..0000000 --- a/build/communication_client/security-communication-client.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: communication-client -Description: Security communication client library -Version: @VERSION@ -Requires: dpl-efl dpl-dbus-efl -Libs: -lcommunication-client -L${libdir} -Cflags: -I${includedir}/communication-client diff --git a/build/wrt-security/CMakeLists.txt b/build/wrt-security/CMakeLists.txt deleted file mode 100644 index 9995265..0000000 --- a/build/wrt-security/CMakeLists.txt +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Tomasz Swierczek (t.swierczek@samsung.com) -# -CONFIGURE_FILE(security-core.pc.in security-core.pc @ONLY) -INSTALL(FILES ${CMAKE_BINARY_DIR}/build/wrt-security/security-core.pc DESTINATION lib/pkgconfig) diff --git a/build/wrt-security/security-core.pc.in b/build/wrt-security/security-core.pc.in deleted file mode 100644 index 7f63cc5..0000000 --- a/build/wrt-security/security-core.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include/wrt-security - -Name: wrt-security -Description: wrt-security -Version: @VERSION@ -Requires: dpl-efl dpl-wrt-dao-rw dpl-dbus-efl -Libs: -L${libdir} -ldpl-dbus-efl -Cflags: -I${includedir} diff --git a/build/wrt_ocsp/CMakeLists.txt b/build/wrt_ocsp/CMakeLists.txt deleted file mode 100644 index 7b1bf5f..0000000 --- a/build/wrt_ocsp/CMakeLists.txt +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Zofia Abramowska (z.abramowska@samsung.com) -# @brief -# - -CONFIGURE_FILE(security-wrt-ocsp.pc.in security-wrt-ocsp.pc @ONLY) -INSTALL(FILES - ${CMAKE_BINARY_DIR}/build/wrt_ocsp/security-wrt-ocsp.pc - DESTINATION - lib/pkgconfig - ) - diff --git a/build/wrt_ocsp/security-wrt-ocsp.pc.in b/build/wrt_ocsp/security-wrt-ocsp.pc.in deleted file mode 100644 index 2fb4258..0000000 --- a/build/wrt_ocsp/security-wrt-ocsp.pc.in +++ /dev/null @@ -1,11 +0,0 @@ -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=${prefix} -libdir=${prefix}/lib -includedir=${prefix}/include - -Name: wrt-ocsp -Description: WRT OCSP library to be used by wrt-client -Version: @VERSION@ -Requires: dpl-efl dpl-dbus-efl -Libs: -lwrt-ocsp -L${libdir} -Cflags: -I${includedir}/wrt-ocsp diff --git a/communication_client/include/SecurityCommunicationClient.h b/communication_client/include/SecurityCommunicationClient.h deleted file mode 100644 index 8244c60..0000000 --- a/communication_client/include/SecurityCommunicationClient.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file SecurityCommunicationClient.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief This is header of class used by IPC client with implemented templates - * - */ - -/* - * This class hides implementation of specific communication types - * and enables switching between them by #defined macros. - * - * supported types : DBUS_CONNECTION - * - * IMPORTANT : Exactly ONE type MUST be defined. - * - */ - -#ifndef SECURITYCOMMUNICATIONCLIENT_H_ -#define SECURITYCOMMUNICATIONCLIENT_H_ - -#include -#include -#include -#include "SecuritySocketClient.h" -#include -#include - - -namespace WrtSecurity { -namespace Communication { -class Client -{ -public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, SecurityCommunicationClientException) - }; - - explicit Client(const std::string &intefaceName); - - - - template - void call(const char* methodName, const Args& ... args) - { - - connect(); - Try{ - #ifdef DBUS_CONNECTION - m_dbusClient->call(methodName, args...); - } Catch (DPL::DBus::Client::Exception::DBusClientException){ - #endif //DBUS_CONNECTION - #ifdef SOCKET_CONNECTION - m_socketClient->call(methodName, args...); - } Catch (SecuritySocketClient::Exception::SecuritySocketClientException){ - #endif //SOCKET_CONNECTION - LogError("Error getting response"); - disconnect(); - ReThrowMsg(Exception::SecurityCommunicationClientException, - "Error getting response"); - } - LogInfo("Call served"); - disconnect(); - } - - template - void call(std::string methodName, const Args&... args) - { - call(methodName.c_str(), args...); - } - - -private: - - void connect(); - void disconnect(); - - std::string m_interfaceName; - #ifdef DBUS_CONNECTION - std::unique_ptr m_dbusClient; - #endif - - #ifdef SOCKET_CONNECTION - std::unique_ptr m_socketClient; - #endif -}; -} // namespace Communication -} // namespace WrtSecurity - -#endif /* SECURITYCOMMUNICATIONCLIENT_H_ */ diff --git a/communication_client/src/SecurityCommunicationClient.cpp b/communication_client/src/SecurityCommunicationClient.cpp deleted file mode 100644 index 13b137e..0000000 --- a/communication_client/src/SecurityCommunicationClient.cpp +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file SecurityCommunicationClient.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief This is implementation of class used IPC client - */ - - -#include "SecurityCommunicationClient.h" - -#ifdef DBUS_CONNECTION -#include "security_daemon_dbus_config.h" -#endif - -namespace WrtSecurity{ -namespace Communication{ - - Client::Client(const std::string& interfaceName){ - #if DBUS_CONNECTION - LogInfo("DBus create"); - Try { - m_dbusClient.reset(new DPL::DBus::Client(WrtSecurity::SecurityDaemonConfig::OBJECT_PATH(), - WrtSecurity::SecurityDaemonConfig::SERVICE_NAME(), - interfaceName)); - } Catch (DPL::DBus::Client::Exception::DBusClientException) { - LogError("Error getting connection"); - ReThrowMsg(Exception::SecurityCommunicationClientException, - "Error getting connection"); - } - if(NULL == m_dbusClient.get()){ - LogError("Couldn't get client"); - ThrowMsg(Exception::SecurityCommunicationClientException, - "Error getting client"); - } - #endif //DBUS_CONNECTION - - #ifdef SOCKET_CONNECTION - m_socketClient.reset(new SecuritySocketClient(interfaceName)); - if(NULL == m_socketClient.get()){ - LogError("Couldn't get client"); - ThrowMsg(Exception::SecurityCommunicationClientException, - "Error getting client"); - } - #endif //SOCKET_CONNECTION - LogInfo("Created communication client"); - } - - void Client::connect(){ - #ifdef SOCKET_CONNECTION - Try { - m_socketClient->connect(); - } Catch(SecuritySocketClient::Exception::SecuritySocketClientException){ - LogError("Couldn't connect"); - ReThrowMsg(Exception::SecurityCommunicationClientException, - "Error connecting"); - } - - #endif //SOCKET_CONNECTION - LogInfo("Connected"); - } - - void Client::disconnect(){ - - #ifdef SOCKET_CONNECTION - m_socketClient->disconnect(); - #endif //SOCKET_CONNECTION - LogInfo("Disconnected"); - } - - -} // namespace Communication - -} // namespace WrtSecurity - diff --git a/etc/CMakeLists.txt b/etc/CMakeLists.txt deleted file mode 100644 index 93fc6b3..0000000 --- a/etc/CMakeLists.txt +++ /dev/null @@ -1,25 +0,0 @@ - -SET(ETC_DIR ${PROJECT_SOURCE_DIR}/etc) - - INSTALL(FILES - ${ETC_DIR}/wrt_security_create_clean_db.sh - ${ETC_DIR}/wrt_security_change_policy.sh - DESTINATION /usr/bin - ) - -INSTALL(FILES - ${ETC_DIR}/schema.xsd - DESTINATION share/wrt-engine - ) - -INSTALL(FILES - ${ETC_DIR}/fingerprint_list.xsd - DESTINATION share/wrt-engine/ - ) - -INSTALL(FILES - ${ETC_DIR}/fingerprint_list.xml - DESTINATION share/wrt-engine/ - ) - -ADD_SUBDIRECTORY(certificates) diff --git a/etc/certificates/CMakeLists.txt b/etc/certificates/CMakeLists.txt deleted file mode 100644 index 27774cd..0000000 --- a/etc/certificates/CMakeLists.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) -# @author Yunchan Cho (yunchan.cho@samsung.com) -# @version 1.0 -# @brief -# - -SET(CERT_DIR ${PROJECT_SOURCE_DIR}/etc/certificates) - -INSTALL(FILES - ${CERT_DIR}/wac.root.preproduction.pem - ${CERT_DIR}/wac.root.production.pem - ${CERT_DIR}/wac.publisherid.pem - ${CERT_DIR}/tizen.root.preproduction.cert.pem - ${CERT_DIR}/tizen-developer-root-ca.pem - ${CERT_DIR}/tizen-distributor-root-ca-partner.pem - ${CERT_DIR}/tizen-distributor-root-ca-public.pem - DESTINATION /opt/share/cert-svc/certs/code-signing/wac/ - ) diff --git a/etc/certificates/orange.production.pem b/etc/certificates/orange.production.pem deleted file mode 100644 index 888967d..0000000 --- a/etc/certificates/orange.production.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICVTCCAb6gAwIBAgIETdzAMDANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJHQjERMA8GA1UE -CBMITm9ybWFuZHkxDTALBgNVBAcTBENBRU4xDzANBgNVBAoTBk9yYW5nZTETMBEGA1UECxMKT3Jh -bmdlTGFiczEYMBYGA1UEAxMPT3JhbmdlTGFicyBDQUVOMB4XDTExMDUyNTA4MzkxMloXDTM2MDUx -ODA4MzkxMlowbzELMAkGA1UEBhMCR0IxETAPBgNVBAgTCE5vcm1hbmR5MQ0wCwYDVQQHEwRDQUVO -MQ8wDQYDVQQKEwZPcmFuZ2UxEzARBgNVBAsTCk9yYW5nZUxhYnMxGDAWBgNVBAMTD09yYW5nZUxh -YnMgQ0FFTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAj9130ZtpXp/679/2pmFldFgjz5tN -CjLT6CEWC9yketyKgyV1c0DBMcy4PNLdOb0VxhfcNXNYoBylCp6mPj3mWRM5VSet03XA8k6/L0T4 -dYicYGaIojowhzBBfaIXnBDvMQD5kanC5CDd6HtFzQbBkN73NIdGrR/aFqNtC/wopFECAwEAATAN -BgkqhkiG9w0BAQUFAAOBgQCIjZYXTdsMCpIYENX6UyD/EM+SZBkVvoB2R8ghRZbKHOcr58ZyGvdH -i/Y0hp5zNN7bUQurEMWtIxF+s3oaYH0x9xwXCd5UEV9Y+dmD1/qlK7lfSlC7mwynHs3bhMEGOJF2 -TlDzZyVYBIT3LQjfq6G18bGHkwU3uTsxZMSgtz5LgQ== ------END CERTIFICATE----- diff --git a/etc/certificates/tizen-developer-root-ca.pem b/etc/certificates/tizen-developer-root-ca.pem deleted file mode 100644 index 76c003c..0000000 --- a/etc/certificates/tizen-developer-root-ca.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICnzCCAggCCQCn+GGT4zh+BjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC -S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6 -ZW4gVGVzdCBDQTElMCMGA1UECwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBD -QTElMCMGA1UEAwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBDQTAeFw0xMjEw -MjYwOTUwMTNaFw0yMjEwMjQwOTUwMTNaMIGTMQswCQYDVQQGEwJLUjEOMAwGA1UE -CAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENB -MSUwIwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQD -DBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDWT6ZH5JyGadTUK1QmNwU8j+py4WtuElJE+4/wPFP8/KBmvvmI -rGVjhUbKXToKIo8N6C/0SLxGEWuRAIoZHhg5JVbw1Ay7smgJJHizDUAqMTmV6LI9 -yTFbBV+OlO2Dir4LVdQ/XDBiqqslr7pqXgsg1V2g7x+tOI/f3dn2kWoVZQIDAQAB -MA0GCSqGSIb3DQEBBQUAA4GBADGJYMtzUBDK+KKLZQ6zYmrKb+OWLlmEr/t/c2af -KjTKUtommcz8VeTPqrDBOwxlVPdxlbhisCYzzvwnWeZk1aeptxxU3kdW9N3/wocN -5nBzgqkkHJnj/ptqjrH2v/m0Z3hBuI4/akHIIfCBF8mUHwqcxYsRdcCIrkgp2Aiv -bSaM ------END CERTIFICATE----- diff --git a/etc/certificates/tizen-distributor-root-ca-partner.pem b/etc/certificates/tizen-distributor-root-ca-partner.pem deleted file mode 100644 index 2be6916..0000000 --- a/etc/certificates/tizen-distributor-root-ca-partner.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICozCCAgwCCQD9IBoOxzq2hjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC -S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6 -ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEq -MCgGA1UEAwwhVGl6ZW4gUGFydG5lciBEaXN0cmlidXRvciBSb290IENBMB4XDTEy -MTAyNjA4MTIzMVoXDTIyMTAyNDA4MTIzMVowgZUxCzAJBgNVBAYTAktSMQ4wDAYD -VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg -Q0ExIjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKjAoBgNVBAMM -IVRpemVuIFBhcnRuZXIgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B -AQEFAAOBjQAwgYkCgYEAnIBA2qQEaMzGalP0kzvwUxdCC6ybSC/fb+M9iGvt8QXp -ic2yARQB+bIhfbEu1XHwE1jCAGxKd6uT91b4FWr04YwnBPoRX4rBGIYlqo/dg+pS -rGyFjy7vfr0BOdWp2+WPlTe7SOS6bVauncrSoHxX0spiLaU5LU686BKr7YaABV0C -AwEAATANBgkqhkiG9w0BAQUFAAOBgQAX0Tcfmxcs1TUPBdr1U1dx/W/6Y4PcAF7n -DnMrR0ZNRPgeSCiVLax1bkHxcvW74WchdKIb24ZtAsFwyrsmUCRV842YHdfddjo6 -xgUu7B8n7hQeV3EADh6ft/lE8nalzAl9tALTxAmLtYvEYA7thvDoKi1k7bN48izL -gS9G4WEAUg== ------END CERTIFICATE----- diff --git a/etc/certificates/tizen-distributor-root-ca-public.pem b/etc/certificates/tizen-distributor-root-ca-public.pem deleted file mode 100644 index 9b16176..0000000 --- a/etc/certificates/tizen-distributor-root-ca-public.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICozCCAgwCCQD9XW6kNg4bbjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC -S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6 -ZW4gVGVzdCBDQTEjMCEGA1UECwwaVFRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0Ex -KTAnBgNVBAMMIFRpemVuIFB1YmxpYyBEaXN0cmlidXRvciBSb290IENBMB4XDTEy -MTAyNjA4MDAyN1oXDTIyMTAyNDA4MDAyN1owgZUxCzAJBgNVBAYTAktSMQ4wDAYD -VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg -Q0ExIzAhBgNVBAsMGlRUaXplbiBEaXN0cmlidXRvciBUZXN0IENBMSkwJwYDVQQD -DCBUaXplbiBQdWJsaWMgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B -AQEFAAOBjQAwgYkCgYEA8o0kPY1U9El1BbBUF1k4jCq6mH8a6MmDJdjgsz+hILAY -sPWimRTXUcW8GAUWhZWgm1Fbb49xWcasA8b4bIJabC/6hLb8uWiozzpRXyQJbe7k -//RocskRqDmFOky8ANFsCCww72/Xbq8BFK1sxlGdmOWQiGwDWBDlS2Lw1XOMqb0C -AwEAATANBgkqhkiG9w0BAQUFAAOBgQBUotZqTNFr+SNyqeZqhOToRsg3ojN1VJUa -07qdlVo5I1UObSE+UTJPJ0NtSj7OyTY7fF3E4xzUv/w8aUoabQP1erEmztY/AVD+ -phHaPytkZ/Dx+zDZ1u5e9bKm5zfY4dQs/A53zDQta5a/NkZOEF97Dj3+bzAh2bP7 -KOszlocFYw== ------END CERTIFICATE----- diff --git a/etc/certificates/tizen.root.preproduction.cert.pem b/etc/certificates/tizen.root.preproduction.cert.pem deleted file mode 100644 index bbf523b..0000000 --- a/etc/certificates/tizen.root.preproduction.cert.pem +++ /dev/null @@ -1,60 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b3:cb:d1:5b:de:6e:66:95 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=KR, ST=Suwon, O=Samsung Electronics, OU=SLP, CN=SLP WebApp Temporary CA/emailAddress=yunchan.cho@samsung.com - Validity - Not Before: Dec 8 10:27:32 2011 GMT - Not After : Nov 30 10:27:32 2021 GMT - Subject: C=KR, ST=Suwon, O=Samsung Electronics, OU=SLP, CN=SLP WebApp Temporary CA/emailAddress=yunchan.cho@samsung.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:cb:46:b8:94:81:b1:83:d7:29:05:2a:33:01:9e: - 66:15:f8:be:bb:95:17:dd:7a:c4:c2:f5:d9:e4:aa: - fd:c8:8d:a9:48:65:fc:3d:dc:47:d7:2a:2f:5e:c7: - 1f:22:ed:e0:98:e6:43:6d:74:82:ca:7d:22:9c:60: - 44:18:cd:ca:d6:6b:16:ca:ed:63:c9:7a:f1:00:df: - e4:6b:33:47:2f:78:75:61:d7:c9:29:3e:a9:ee:76: - dd:2e:fe:9d:e7:3c:0d:02:f4:e9:2d:46:74:49:52: - ef:a0:d6:9d:4d:08:65:ea:6b:35:72:a5:08:d8:46: - 46:03:99:7c:66:8c:60:c4:91 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 47:A8:8F:CD:1F:22:BA:69:85:13:55:21:2D:C2:19:2D:5F:FF:DC:03 - X509v3 Authority Key Identifier: - keyid:47:A8:8F:CD:1F:22:BA:69:85:13:55:21:2D:C2:19:2D:5F:FF:DC:03 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - c2:c4:62:f2:ec:6f:2b:05:9c:09:cc:ae:e9:77:a9:1d:66:6b: - 03:7b:01:3a:e6:29:bb:2a:b8:15:d8:a1:7d:9b:05:b4:8c:cb: - ae:c7:eb:68:c0:e3:29:c7:e7:5a:ca:1a:0c:3a:ab:91:80:4f: - 9b:36:d4:45:b4:7b:2c:ef:f3:fd:cb:84:84:85:42:3d:ec:18: - 3f:5f:9e:b1:1f:8d:0a:57:89:51:e4:eb:7e:da:e9:79:82:61: - 38:ad:ca:94:43:71:00:73:13:b9:e9:ef:bc:68:c5:ff:5e:0a: - f6:b9:2a:3d:1d:21:77:22:d0:4e:e7:ad:da:31:0b:51:fa:44: - cd:fa ------BEGIN CERTIFICATE----- -MIIC9jCCAl+gAwIBAgIJALPL0VvebmaVMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYD -VQQGEwJLUjEOMAwGA1UECAwFU3V3b24xHDAaBgNVBAoME1NhbXN1bmcgRWxlY3Ry -b25pY3MxDDAKBgNVBAsMA1NMUDEgMB4GA1UEAwwXU0xQIFdlYkFwcCBUZW1wb3Jh -cnkgQ0ExJjAkBgkqhkiG9w0BCQEWF3l1bmNoYW4uY2hvQHNhbXN1bmcuY29tMB4X -DTExMTIwODEwMjczMloXDTIxMTEzMDEwMjczMlowgZMxCzAJBgNVBAYTAktSMQ4w -DAYDVQQIDAVTdXdvbjEcMBoGA1UECgwTU2Ftc3VuZyBFbGVjdHJvbmljczEMMAoG -A1UECwwDU0xQMSAwHgYDVQQDDBdTTFAgV2ViQXBwIFRlbXBvcmFyeSBDQTEmMCQG -CSqGSIb3DQEJARYXeXVuY2hhbi5jaG9Ac2Ftc3VuZy5jb20wgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAMtGuJSBsYPXKQUqMwGeZhX4vruVF916xML12eSq/ciN -qUhl/D3cR9cqL17HHyLt4JjmQ210gsp9IpxgRBjNytZrFsrtY8l68QDf5GszRy94 -dWHXySk+qe523S7+nec8DQL06S1GdElS76DWnU0IZeprNXKlCNhGRgOZfGaMYMSR -AgMBAAGjUDBOMB0GA1UdDgQWBBRHqI/NHyK6aYUTVSEtwhktX//cAzAfBgNVHSME -GDAWgBRHqI/NHyK6aYUTVSEtwhktX//cAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 -DQEBBQUAA4GBAMLEYvLsbysFnAnMrul3qR1mawN7ATrmKbsquBXYoX2bBbSMy67H -62jA4ynH51rKGgw6q5GAT5s21EW0eyzv8/3LhISFQj3sGD9fnrEfjQpXiVHk637a -6XmCYTitypRDcQBzE7np77xoxf9eCva5Kj0dIXci0E7nrdoxC1H6RM36 ------END CERTIFICATE----- diff --git a/etc/certificates/wac.publisherid.pem b/etc/certificates/wac.publisherid.pem deleted file mode 100644 index 758fe66..0000000 --- a/etc/certificates/wac.publisherid.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID9DCCAtygAwIBAgIOZscBAQACO65mNg72468wDQYJKoZIhvcNAQEFBQAwgZQx -CzAJBgNVBAYTAkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMTEwLwYD -VQQLEyhQcmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMTQw -MgYDVQQDEytQcmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENB -IElJMB4XDTA2MDYwODE0MTYwMVoXDTI1MTIzMTIyNTk1OVowgZQxCzAJBgNVBAYT -AkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMTEwLwYDVQQLEyhQcmUt -UHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMTQwMgYDVQQDEytQ -cmUtUHJvZHVjdGlvbiBUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBIElJMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ewnr8E24AqXnf1Lu7w/g79Hht+W -lvWQg7cPC7685oj0htT0SmDy94uQaC3qRzBJktLKCyuniABykhdTr04rGWgzqD8n -EzcFCt5k0gF39l3ND/JL+S2YJK/f/xc884hjcLsHUU7cAd6mDlVkOszFK86DNbu0 -noz0y1y462RIOvPCjkYl/GJ5zL62bdDbgFqrWMPZ54JFG0Rj1v575ygfOd2LwOXe -xjzqfYI4JOx9frKWakPTehW+0UY5UdF0cMvHuLJie9H0vOobR4vtkenbS283b6j7 -0WCoU/BeAr4qskvMs9WwkwDquO4XnzYQDsEVgjBu4H2W0ihNUYJbRo8wtQIDAQAB -o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU -DTX6+fYyziPR1HZxViaGOj66QOYwDQYJKoZIhvcNAQEFBQADggEBALZ0pfjOfePn -D/6QDCt+cjQ5+U4eKcOlJMXrpEAlnC6oAnN1hqbOQaj44aIAbNap36E/Hl9s0Uga -c4nz73o5uPvdDmbWzNnMz6ey5NU0XXNzHxQWFdb0+Z7Cho5txoZjjynYXmyQc3RJ -rrPI+6Uej6sEv15ZGirjABza6pNJ+2NLojLyUb+8et3OCLS+wJ4qrX/5uwgL50Lt -0M2iPdZv+gjZwNmNWYIflYrSXa3ujclH+EAkkk/G1JxPzhVI3cII3y2DUZQAPCcX -XQDXIX2zJo7bYaUYJhlEeiGX17cdXMXDT1tbXKKg2mRIga1K4lknn9U/vzkjMJXL -GA38dUZRZ2Y= ------END CERTIFICATE----- diff --git a/etc/certificates/wac.root.preproduction.pem b/etc/certificates/wac.root.preproduction.pem deleted file mode 100644 index 7c46a6a..0000000 --- a/etc/certificates/wac.root.preproduction.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIOMwoBAQAuBBKsIqIni7QwDQYJKoZIhvcNAQELBQAwYDEL -MAkGA1UEBhMCR0IxJTAjBgNVBAoMHFdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBM -dGQxKjAoBgNVBAMMIVdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQgVEVTVDAe -Fw0xMTAzMDMxNTA3MTlaFw0zNjAzMDMxNTA3MTlaMGAxCzAJBgNVBAYTAkdCMSUw -IwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkMSowKAYDVQQDDCFX -QUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkIFRFU1QwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQC1PB3UrpAQgLSVqHRPhHqdDJsjKQe/CT9oS4lA+mI/ -vkhAvam/EvcNrNHcLVvSph+Mj0d2Y2J9wkcNW7fS3qZJXtpMNU36r7XdBk9kiYhc -PwJbckCo9Pp8YFxkuR6xV6Cc4o54mO2mumxDQ1hbwCsc5CT7yQz0FVVhCE01X6JJ -D61DvqmAzCUpehmEXthNV/s/o8fL+I2mD75p8vNDyIZHSJX59czO3PriT3tH2h+0 -tQx7NEWG70fQEU2CzcH9UngPYU7xXqNOhT9GmI/yL3HTeYGNH3i5VHrBjxeTF11t -IWSUDWQX1W0Y7TbN06XcGcuqPgjZ9xMcV7S4OiCBJz5nAgMBAAGjQjBAMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQp5dzy2tJEArpT -qcQWNXG6J7y5WTANBgkqhkiG9w0BAQsFAAOCAQEAoXuyi8AjMx2yKVpss7xpVi5v -aUjcHU3AlptjNCFrXI6Bw+KJGNo8ydYlEASRd5dL/pJ6/V+UuUt9EngjUSdYOZGB -OgCeB2sJI8EZSay2LLhOCmkAxltC94Y/KRzkKqsYvNc6yvF85d+d4gbokf4APjmR -1TSlZLZsVhwfR0k0mer2rHQGE5Ljezdk7ZGeEMLdn6WFScwjo980EI0OqEoJU3on -+1TTBYudZ4o3qMgHiFwJafUJ6i3zuYbi9x86zMqeI4dJTbsTKLM0QV8vIdzI9fkV -t1tO/uBBAsNFUv8PAYwP4AFyGvyJbR4uxwxuQZKrltgjSTkPGYR14JtrGk7Y9g== ------END CERTIFICATE----- - diff --git a/etc/certificates/wac.root.production.pem b/etc/certificates/wac.root.production.pem deleted file mode 100644 index efccefd..0000000 --- a/etc/certificates/wac.root.production.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDgTCCAmmgAwIBAgIPAKTxAAEALtiV8/+rhB6+MA0GCSqGSIb3DQEBCwUAMFsx -CzAJBgNVBAYTAkdCMSUwIwYDVQQKDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMg -THRkMSUwIwYDVQQDDBxXQUMgQXBwbGljYXRpb24gU2VydmljZXMgTHRkMB4XDTEx -MDMxNDE0MDEwNFoXDTM2MDMxNDE0MDEwNFowWzELMAkGA1UEBhMCR0IxJTAjBgNV -BAoMHFdBQyBBcHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQxJTAjBgNVBAMMHFdBQyBB -cHBsaWNhdGlvbiBTZXJ2aWNlcyBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDCf6RHUPVBUY4YXYMdrmt5yO95eRCOG6vJtI9w0UM2w/2fihD5SMYa -3cCVam4j6F8FSspMIx+4CTCwdDSUixBGENwGEhD4qxqqV3KTObmxmYbELa97S1IP -qwoFelzUX6e+qHmYHi+eu/hONeiZaPBLtUtCd6ppCd5ACrD/kf/Ug/tfUtngozjG -sJ1UB10Ezi3fKs3OkkZMuecJvjWmDpRAyvIeeV8xfzeyn+DMpvhnI9RrSY0j4huE -ud6Lzzg0jV8+m54v0j7hv9klyNcGiZ+bmHr0LIyAtT+uktcms/4p3V9j01SI9Tmw -HcHKDXnM6kuThWpr6DR9KFSZ8zD2Nx5nAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBT5bKdU2+CGE17R+o/rMCZHHMn+ -WzANBgkqhkiG9w0BAQsFAAOCAQEAXmO+J5suIGuzbfYBoTdr8gahFfWEbhm1y6mJ -eZAc+Mf5L+In20p+Oj5uy6LsTmJsE9VE/+gi1eALKl9EhgYhET2ZlAzRFCN5dTWv -NTAFxJfGMkn2U5iW+luJ+lejyYBqEEFRpzwhXZbVDZQLim4CU75H75KzFkUgTulG -5M6U/Plt6S1rKgMkeYiR27W4C2NZMFXYqctt0m+eKEa3ueZE9pYUxqVcvQKSI017 -Nbc1kSkcuSKFV2Bk2T5dh5jQvywykdWLubAe6XiiC5CIT31kcSX6AlVhgNxWRRKP -QFO7lWqxnQMR2Or38ve7oSg1oL5Sx80fcbp3ovaYSKt5jnVWfg== ------END CERTIFICATE----- - diff --git a/etc/fingerprint_list.xml b/etc/fingerprint_list.xml deleted file mode 100644 index 640c75a..0000000 --- a/etc/fingerprint_list.xml +++ /dev/null @@ -1,29 +0,0 @@ - - - AF:90:29:D2:B2:E1:6F:D6:7E:7E:EC:8E:BE:74:FA:4C:00:9C:49:FE - A6:00:BC:53:AC:37:5B:6A:03:C3:7A:8A:E0:1B:87:8B:82:94:9B:C2 - C2:C4:B5:72:9A:CF:D9:72:C5:DE:C1:E1:30:FF:74:7F:7A:AF:27:12 - 2B:A0:20:7D:40:90:1D:00:04:89:60:00:3B:DE:34:89:21:BE:D4:4F - - - AF:90:29:D2:B2:E1:6F:D6:7E:7E:EC:8E:BE:74:FA:4C:00:9C:49:FE - C2:C4:B5:72:9A:CF:D9:72:C5:DE:C1:E1:30:FF:74:7F:7A:AF:27:12 - A0:59:D3:37:E8:C8:2E:7F:38:84:7D:21:A9:9E:19:A9:8E:EC:EB:E1 - 8D:1F:CB:31:68:11:DA:22:59:26:58:13:6C:C6:72:C9:F0:DE:84:2A - 84:A8:85:67:1C:D9:A9:C9:8C:7C:C3:BC:7F:EB:A6:7D:44:94:D9:8F - - - 4A:9D:7A:4B:3B:29:D4:69:0A:70:B3:80:EC:A9:44:6B:03:7C:9A:38 - - - - - 67:37:DE:B7:B9:9D:D2:DB:A5:2C:42:DE:CB:2F:2C:3E:33:97:E1:85 - 04:C5:A6:1D:75:BB:F5:5C:0F:A2:66:F6:09:4D:9B:2B:5F:3B:44:AE - AD:A1:44:89:6A:35:6D:17:01:E9:6F:46:C6:00:7B:78:BE:2E:D9:4E - FE:11:C7:FB:38:2E:90:3A:F4:41:80:EE:28:40:61:C2:56:7D:0B:BD - - - FE:11:C7:FB:38:2E:90:3A:F4:41:80:EE:28:40:61:C2:56:7D:0B:BD - - diff --git a/etc/fingerprint_list.xsd b/etc/fingerprint_list.xsd deleted file mode 100644 index b0fab23..0000000 --- a/etc/fingerprint_list.xsd +++ /dev/null @@ -1,21 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - diff --git a/etc/schema.xsd b/etc/schema.xsd deleted file mode 100644 index 8028f3e..0000000 --- a/etc/schema.xsd +++ /dev/null @@ -1,415 +0,0 @@ - - - - - - ]> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/etc/wrt_security_change_policy.sh b/etc/wrt_security_change_policy.sh deleted file mode 100644 index dce9880..0000000 --- a/etc/wrt_security_change_policy.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -#Uncomment this when IPC is set to DBus -#dbus-send --system --print-reply --dest=org.tizen.SecurityDaemon /org/tizen/SecurityDaemon org.tizen.AceCheckAccessInterface.update_policy - -#Uncomment this when IPC is set to sockets -echo "delete from AcePolicyResult where 1==1;" | sqlite3 /opt/dbspace/.ace.db -echo "delete from AceAttribute where 1==1;" | sqlite3 /opt/dbspace/.ace.db -echo "delete from AcePromptDecision where 1==1;" | sqlite3 /opt/dbspace/.ace.db -pkill -9 security-ser -sleep 3 - diff --git a/etc/wrt_security_create_clean_db.sh b/etc/wrt_security_create_clean_db.sh deleted file mode 100644 index ead4467..0000000 --- a/etc/wrt_security_create_clean_db.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -for name in ace -do - rm -f /opt/dbspace/.$name.db - rm -f /opt/dbspace/.$name.db-journal - SQL="PRAGMA journal_mode = PERSIST;" - sqlite3 /opt/dbspace/.$name.db "$SQL" - SQL=".read /usr/share/wrt-engine/"$name"_db.sql" - sqlite3 /opt/dbspace/.$name.db "$SQL" - touch /opt/dbspace/.$name.db-journal - chown 0:6026 /opt/dbspace/.$name.db - chown 0:6026 /opt/dbspace/.$name.db-journal - chmod 660 /opt/dbspace/.$name.db - chmod 660 /opt/dbspace/.$name.db-journal -done - - diff --git a/packaging/security-server.spec b/packaging/security-server.spec index 2399cdd..eca27ee 100644 --- a/packaging/security-server.spec +++ b/packaging/security-server.spec @@ -1,7 +1,7 @@ #sbs-git:slp/pkgs/s/security-server security-server 0.0.37 Name: security-server Summary: Security server and utilities -Version: 0.0.61 +Version: 0.0.62 Release: 1 Group: TO_BE/FILLED_IN License: Apache License, Version 2.0 @@ -41,6 +41,22 @@ Requires(postun): /sbin/ldconfig %description -n libsecurity-server-client Security server package (client) +#%package -n wrt-security +#Summary: wrt-security-daemon and client libraries. +#Group: Development/Libraries +#Requires(post): /sbin/ldconfig +#Requires(postun): /sbin/ldconfig +# +#%description -n wrt-security +#Wrt-security-daemon and client libraries. +# +#%package -n wrt-security-devel +#Summary: Header files for client libraries. +#Group: Development/Libraries +#Requires: wrt-security = %{version}-%{release} +# +#%description -n wrt-security-devel +#Developer files for client libraries. %package -n libsecurity-server-client-devel Summary: Security server (client-devel) @@ -108,34 +124,6 @@ mkdir -p /etc/rc.d/rc5.d ln -s /etc/rc.d/init.d/security-serverd /etc/rc.d/rc3.d/S10security-server ln -s /etc/rc.d/init.d/security-serverd /etc/rc.d/rc5.d/S10security-server -if [ -z ${2} ]; then - echo "This is new install of wrt-security" - echo "Calling /usr/bin/wrt_security_create_clean_db.sh" - /usr/bin/wrt_security_create_clean_db.sh -else - # Find out old and new version of databases - ACE_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.ace.db ".tables" | grep "DB_VERSION_"` - ACE_NEW_DB_VERSION=`cat /usr/share/wrt-engine/ace_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_` - echo "OLD ace database version ${ACE_OLD_DB_VERSION}" - echo "NEW ace database version ${ACE_NEW_DB_VERSION}" - - if [ ${ACE_OLD_DB_VERSION} -a ${ACE_NEW_DB_VERSION} ] - then - if [ ${ACE_NEW_DB_VERSION} = ${ACE_OLD_DB_VERSION} ] - then - echo "Equal database detected so db installation ignored" - else - echo "Calling /usr/bin/wrt_security_create_clean_db.sh" - /usr/bin/wrt_security_create_clean_db.sh - fi - else - echo "Calling /usr/bin/wrt_security_create_clean_db.sh" - /usr/bin/wrt_security_create_clean_db.sh - fi -fi - -echo "[WRT] wrt-security postinst done ..." - %postun systemctl daemon-reload rm -f /etc/rc.d/rc3.d/S10security-server @@ -145,7 +133,6 @@ rm -f /etc/rc.d/rc5.d/S10security-server %postun -n libsecurity-server-client -p /sbin/ldconfig - %files -n security-server %manifest %{_datadir}/security-server.manifest %defattr(-,root,root,-) @@ -156,30 +143,10 @@ rm -f /etc/rc.d/rc5.d/S10security-server #/etc/rc.d/rc3.d/S10security-server #/etc/rc.d/rc5.d/S10security-server %attr(755,root,root) /usr/bin/security-server -#/usr/bin/sec-svr-util -%{_libdir}/libace*.so -%{_libdir}/libace*.so.* -%{_libdir}/libwrt-ocsp.so -%{_libdir}/libwrt-ocsp.so.* -/usr/share/wrt-engine/* -%attr(755,root,root) %{_bindir}/wrt_security_create_clean_db.sh -%attr(755,root,root) %{_bindir}/wrt_security_change_policy.sh -%attr(664,root,root) %{_datadir}/dbus-1/services/* -%attr(664,root,root) /usr/etc/ace/bondixml* -%attr(664,root,root) /usr/etc/ace/UnrestrictedPolicy.xml -%attr(664,root,root) /usr/etc/ace/WAC2.0Policy.xml -%attr(664,root,root) /usr/etc/ace/TizenPolicy.xml +%attr(755,root,root) /etc/rc.d/init.d/security-serverd +/usr/share/security-server/mw-list %{_datadir}/license/%{name} -#%files -n security-server-certs -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.publisherid.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/tizen.root.preproduction.cert.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.root.production.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.root.preproduction.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/tizen-developer-root-ca.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/tizen-distributor-root-ca-partner.pem -%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/tizen-distributor-root-ca-public.pem - %files -n libsecurity-server-client %manifest %{_datadir}/libsecurity-server-client.manifest %defattr(-,root,root,-) @@ -190,13 +157,4 @@ rm -f /etc/rc.d/rc5.d/S10security-server %defattr(-,root,root,-) /usr/lib/libsecurity-server-client.so /usr/include/security-server/security-server.h -/usr/lib/pkgconfig/security-server.pc -%{_includedir}/wrt-security/* -%{_includedir}/ace/* -%{_includedir}/ace-client/* -%{_includedir}/ace-settings/* -%{_includedir}/ace-install/* -%{_includedir}/ace-common/* -%{_includedir}/ace-popup-validation/* -%{_includedir}/wrt-ocsp/* %{_libdir}/pkgconfig/*.pc diff --git a/socket_connection/client/SecuritySocketClient.cpp b/socket_connection/client/SecuritySocketClient.cpp deleted file mode 100644 index 4c33102..0000000 --- a/socket_connection/client/SecuritySocketClient.cpp +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file SecuritySocketClient.cpp - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief Implemtation of socket client class. - */ - -#include -#include -#include -#include -#include -#include - -#include "SecuritySocketClient.h" -#include "security_daemon_socket_config.h" - -void SecuritySocketClient::throwWithErrnoMessage(const std::string& specificInfo){ - LogError(specificInfo << " : " << strerror(errno)); - ThrowMsg(Exception::SecuritySocketClientException, specificInfo << " : " << strerror(errno)); -} - -SecuritySocketClient::SecuritySocketClient(const std::string& interfaceName) { - m_interfaceName = interfaceName; - m_serverAddress = WrtSecurity::SecurityDaemonSocketConfig::SERVER_ADDRESS(); - LogInfo("Client created"); -} - -void SecuritySocketClient::connect(){ - struct sockaddr_un remote; - if(-1 == (m_socketFd = socket(AF_UNIX, SOCK_STREAM,0))){ - throwWithErrnoMessage("socket()"); - } - - //socket needs to be nonblocking, because read can block after select - int flags; - if (-1 == (flags = fcntl(m_socketFd, F_GETFL, 0))) - flags = 0; - if(-1 == (fcntl(m_socketFd, F_SETFL, flags | O_NONBLOCK))){ - throwWithErrnoMessage("fcntl"); - } - - bzero(&remote, sizeof(remote)); - remote.sun_family = AF_UNIX; - strcpy(remote.sun_path, m_serverAddress.c_str()); - if(-1 == ::connect(m_socketFd, (struct sockaddr *)&remote, SUN_LEN(&remote))){ - throwWithErrnoMessage("connect()"); - } - - m_socketConnector.reset(new SocketConnection(m_socketFd)); - - LogInfo("Client connected"); -} - -void SecuritySocketClient::disconnect(){ - //Socket should be already closed by server side, - //even though we should close it in case of any errors - close(m_socketFd); - LogInfo("Client disconnected"); -} diff --git a/socket_connection/client/SecuritySocketClient.h b/socket_connection/client/SecuritySocketClient.h deleted file mode 100644 index 7d4bc95..0000000 --- a/socket_connection/client/SecuritySocketClient.h +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file SecuritySocketClient.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief Header of socket client class. - */ - -#ifndef SECURITYSOCKETCLIENT_H_ -#define SECURITYSOCKETCLIENT_H_ - -#include -#include -#include -#include "SocketConnection.h" - -/* IMPORTANT: - * Methods connect(), call() and disconnected() should be called one by one. - * Between connect() and disconnect() you can use call() only once. - * It is because of timeout on call, e.g. to avoid waiting for corrupted data. - */ - -/* USAGE: - * Class should be used according to this scheme: - * SecuritySocketClient client("Interface Name"); - * (...) - * client.connect(); - * client.call("Method name", in_arg1, in_arg2, ..., in_argN, - * out_arg1, out_arg2, ..., out_argM); - * client.disconnect(); - * (...) - * - * input parameters of the call are passed with reference, - * output ones are passed as pointers - parameters MUST be passed this way. - * - * Currently client supports serialization and deserialization of simple types - * (int, char, float, unsigned), strings (std::string and char*) and - * some STL containers (std::vector, std::list, std::map, std::pair). - * Structures and classes are not (yet) supported. - */ - -class SecuritySocketClient { -public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, SecuritySocketClientException) - }; - - SecuritySocketClient(const std::string &interfaceName); - void connect(); - void disconnect(); - - void call(std::string methodName){ - make_call(m_interfaceName); - make_call(methodName); - } - - template - void call(std::string methodName, const Args&... args){ - make_call(m_interfaceName); - make_call(methodName); - make_call(args...); - } - -private: - template - void make_call(const T& invalue, const Args&... args){ - make_call(invalue); - make_call(args...); - } - - template - void make_call(const T& invalue){ - Try { - m_socketConnector->write(invalue); - } - Catch (SocketConnection::Exception::SocketConnectionException){ - LogError("Socket connection write error"); - ReThrowMsg(Exception::SecuritySocketClientException,"Socket connection write error"); - } - } - - template - void make_call(const T* invalue, const Args&... args){ - make_call(invalue); - make_call(args...); - } - - template - void make_call(const T* invalue){ - Try { - m_socketConnector->write(invalue); - } - Catch (SocketConnection::Exception::SocketConnectionException){ - LogError("Socket connection write error"); - ReThrowMsg(Exception::SecuritySocketClientException,"Socket connection write error"); - } - } - - template - void make_call(T * outvalue, const Args&... args){ - make_call(outvalue); - make_call(args...); - } - - template - void make_call(T* outvalue){ - Try { - m_socketConnector->read(outvalue); - } - Catch (SocketConnection::Exception::SocketConnectionException){ - LogError("Socket connection read error"); - ReThrowMsg(Exception::SecuritySocketClientException,"Socket connection read error"); - } - } - - -private: - void throwWithErrnoMessage(const std::string& specificInfo); - std::string m_serverAddress; - std::string m_interfaceName; - std::unique_ptr m_socketConnector; - int m_socketFd; -}; - -#endif /* SECURITYSOCKETCLIENT_H_ */ diff --git a/socket_connection/connection/SocketConnection.cpp b/socket_connection/connection/SocketConnection.cpp deleted file mode 100644 index f504bae..0000000 --- a/socket_connection/connection/SocketConnection.cpp +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file SocketConnection.cpp - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - */ - -#include "SocketConnection.h" - -// -// Note: -// -// The file here is left blank to enable precompilation -// of templates in corresponding header file. -// Do not remove this file. -// diff --git a/socket_connection/connection/SocketConnection.h b/socket_connection/connection/SocketConnection.h deleted file mode 100644 index a11b588..0000000 --- a/socket_connection/connection/SocketConnection.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file SocketConnection.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief This file is a header of Socket Connection class with implemented templates - */ - -#ifndef SOCKETCONNECTION_H_ -#define SOCKETCONNECTION_H_ - -#include -#include -#include -#include "SocketStream.h" - -/* - * This class implements interface for generic read and write from given socket. - * It does not maintain socket descriptor, so any connecting and disconnecting should be - * done above calls to this class. - */ - -/* - * Throws SocketConnectionException when read/write will not succeed or if any bad allocation - * exception occurs during read. - */ - -class SocketConnection { - -public: - - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, SocketConnectionException) - }; - - explicit SocketConnection(int socket_fd) : m_socketStream(socket_fd){ - LogInfo("Created"); - } - - template - void read(T* out, const Args&... args ){ - read(out); - read(args...); - } - - template - void read(T* out){ - Try { - DPL::Deserialization::Deserialize(m_socketStream, *out); - } - - Catch (std::bad_alloc){ - LogError("Bad allocation error"); - ThrowMsg(Exception::SocketConnectionException, "Bad allocation error"); - } - - Catch (SocketStream::Exception::SocketStreamException) { - LogError("Socket stream error"); - ReThrowMsg(Exception::SocketConnectionException, "Socket stream error"); - } - } - - template - void write(const T& in, const Args&... args){ - write(in); - write(args...); - } - - template - void write(const T& in){ - Try { - DPL::Serialization::Serialize(m_socketStream, in); - } Catch (SocketStream::Exception::SocketStreamException) { - LogError("Socket stream error"); - ReThrowMsg(Exception::SocketConnectionException, "Socket stream error"); - } - } - - template - void write(const T* in, const Args&... args){ - write(in); - write(args...); - } - - template - void write(const T* in){ - Try { - DPL::Serialization::Serialize(m_socketStream, in); - } Catch (SocketStream::Exception::SocketStreamException) { - LogError("Socket stream error"); - ReThrowMsg(Exception::SocketConnectionException, "Socket stream error"); - } - } - -private: - SocketStream m_socketStream; -}; - -#endif /* SOCKETCONNECTION_H_ */ diff --git a/socket_connection/connection/SocketStream.cpp b/socket_connection/connection/SocketStream.cpp deleted file mode 100644 index cc5d1a5..0000000 --- a/socket_connection/connection/SocketStream.cpp +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file SocketStream.cpp - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief Implementation of socket stream class - */ - - -#include -#include -#include -#include -#include -#include "SocketStream.h" - -#define READ_TIEMOUT_SEC 1 -#define READ_TIMEUOT_NSEC 0 -#define WRITE_TIMEOUT_SEC 0 -#define WRITE_TIMEOUT_NSEC 100000000 -#define MAX_BUFFER 10240 - -void SocketStream::throwWithErrnoMessage(std::string function_name){ - LogError(function_name << " : " << strerror(errno)); - ThrowMsg(Exception::SocketStreamException, function_name << " : " << strerror(errno)); -} - -void SocketStream::Read(size_t num, void * bytes){ - - if(NULL == bytes){ - LogError("Null pointer to buffer"); - ThrowMsg(Exception::SocketStreamException, "Null pointer to buffer"); - } - - m_bytesRead += num; - - if(m_bytesRead > MAX_BUFFER){ - LogError("Too big buffer requested!"); - ThrowMsg(Exception::SocketStreamException, "Too big buffer requested!"); - } - - char part_buffer[MAX_BUFFER]; - std::string whole_buffer; - - fd_set rset, allset; - int max_fd; - ssize_t bytes_read = 0, bytes_to_read = (ssize_t) num; - - timespec timeout; - - max_fd = m_socketFd; - ++max_fd; - - FD_ZERO(&allset); - FD_SET(m_socketFd, &allset); - - int returned_value; - - while(bytes_to_read != 0){ - timeout.tv_sec = READ_TIEMOUT_SEC; - timeout.tv_nsec = READ_TIMEUOT_NSEC; - rset = allset; - - if(-1 == (returned_value = pselect(max_fd, &rset, NULL, NULL, &timeout, NULL))){ - if(errno == EINTR) continue; - throwWithErrnoMessage("pselect()"); - } - if(0 == returned_value){ - //This means pselect got timedout - //This is not a proper behavior in reading data from UDS - //And could mean we got corrupted connection - LogError("Couldn't read whole data"); - ThrowMsg(Exception::SocketStreamException, "Couldn't read whole data"); - } - if(FD_ISSET(m_socketFd, &rset)){ - bytes_read = read(m_socketFd, part_buffer, num); - if(bytes_read <= 0){ - if(errno == ECONNRESET || errno == ENOTCONN || errno == ETIMEDOUT){ - LogInfo("Connection closed : " << strerror(errno)); - ThrowMsg(Exception::SocketStreamException, - "Connection closed : " << strerror(errno) << ". Couldn't read whole data"); - }else if (errno != EAGAIN && errno != EWOULDBLOCK){ - throwWithErrnoMessage("read()"); - } - } - - whole_buffer.append(part_buffer, bytes_read); - bytes_to_read-=bytes_read; - bytes_read = 0; - continue; - } - - } - memcpy(bytes, whole_buffer.c_str(), num); -} - -void SocketStream::Write(size_t num, const void * bytes){ - - if(NULL == bytes){ - LogError("Null pointer to buffer"); - ThrowMsg(Exception::SocketStreamException, "Null pointer to buffer"); - } - - m_bytesWrote += num; - - if(m_bytesWrote > MAX_BUFFER){ - LogError("Too big buffer requested!"); - ThrowMsg(Exception::SocketStreamException, "Too big buffer requested!"); - } - - fd_set wset, allset; - int max_fd; - - timespec timeout; - - max_fd = m_socketFd; - ++max_fd; - - FD_ZERO(&allset); - FD_SET(m_socketFd, &allset); - - int returned_value; - - int write_res, bytes_to_write = num; - unsigned int current_offset = 0; - - while(current_offset != num){ - timeout.tv_sec = WRITE_TIMEOUT_SEC; - timeout.tv_nsec = WRITE_TIMEOUT_NSEC; - wset = allset; - - if(-1 == (returned_value = pselect(max_fd, NULL, &wset, NULL, &timeout, NULL))){ - if(errno == EINTR) continue; - throwWithErrnoMessage("pselect()"); - } - - if(FD_ISSET(m_socketFd, &wset)){ - if(-1 == (write_res = write(m_socketFd, reinterpret_cast(bytes) + current_offset, bytes_to_write))){ - if(errno == ECONNRESET || errno == EPIPE){ - LogInfo("Connection closed : " << strerror(errno)); - ThrowMsg(Exception::SocketStreamException, - "Connection closed : " << strerror(errno) << ". Couldn't write whole data"); - - }else if(errno != EAGAIN && errno != EWOULDBLOCK){ - throwWithErrnoMessage("write()"); - } - } - current_offset += write_res; - bytes_to_write -= write_res; - } - } -} diff --git a/socket_connection/connection/SocketStream.h b/socket_connection/connection/SocketStream.h deleted file mode 100644 index dc1db61..0000000 --- a/socket_connection/connection/SocketStream.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file SocketStream.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief Header of socket stream class. - */ - -#ifndef SOCKETSTREAM_H_ -#define SOCKETSTREAM_H_ - -#include -#include -#include -#include -#include - -/* - * This class implements binary read/write from socket used for DPL serialization and deserialization - * It can read or write buffers of max *total* size 10kB. - * I does not maintain socket descriptor. - */ - -/* - * Throws SocketStreamException when buffer is null or its size exceeds max size or when - * there is an error during read or write. - */ - - - -class SocketStream : public DPL::IStream { -public: - class Exception - { - public: - DECLARE_EXCEPTION_TYPE(DPL::Exception, Base) - DECLARE_EXCEPTION_TYPE(Base, SocketStreamException) - }; - - explicit SocketStream(int socket_fd) : m_socketFd(socket_fd), - m_bytesRead(0), - m_bytesWrote(0) - { - LogInfo("Created"); - } - void Read(size_t num, void * bytes); - void Write(size_t num, const void * bytes); -private: - void throwWithErrnoMessage(std::string specificInfo); - int m_socketFd; - int m_bytesRead; - int m_bytesWrote; -}; - -#endif /* SOCKETSTREAM_H_ */ diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 17d1d28..f67f221 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -17,174 +17,112 @@ # @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) # -SET(DAEMON_BASIC_DEP - dpl-efl - dpl-dbus-efl - dpl-utils-efl - libsoup-2.4 - dlog - openssl - libsmack - ) - -IF(SMACK_ENABLE) - LIST(APPEND DAEMON_BASIC_DEP libprivilege-control) -ENDIF(SMACK_ENABLE) - -PKG_CHECK_MODULES(DAEMON_DEP - ${DAEMON_BASIC_DEP} - REQUIRED) - -SET(DAEMON_SOURCES_PATH ${PROJECT_SOURCE_DIR}/src) - -SET(DAEMON_SOURCES - #socket connection - ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketConnection.cpp - ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketStream.cpp - #caller - ${DAEMON_SOURCES_PATH}/services/caller/security_caller.cpp - #daemon - ${DAEMON_SOURCES_PATH}/daemon/dbus/security_dbus_service.cpp - ${DAEMON_SOURCES_PATH}/daemon/sockets/security_socket_service.cpp - ${DAEMON_SOURCES_PATH}/daemon/security_daemon.cpp - ${DAEMON_SOURCES_PATH}/main.cpp - #ocsp - ${DAEMON_SOURCES_PATH}/services/ocsp/dbus/ocsp_server_dbus_interface.cpp - ${DAEMON_SOURCES_PATH}/services/ocsp/socket/ocsp_service_callbacks.cpp - ${DAEMON_SOURCES_PATH}/services/ocsp/ocsp_service.cpp - #ace - ${DAEMON_SOURCES_PATH}/services/ace/dbus/ace_server_dbus_interface.cpp - ${DAEMON_SOURCES_PATH}/services/ace/socket/ace_service_callbacks.cpp - ${DAEMON_SOURCES_PATH}/services/ace/ace_service.cpp - ${DAEMON_SOURCES_PATH}/services/ace/logic/security_controller.cpp - ${DAEMON_SOURCES_PATH}/services/ace/logic/attribute_facade.cpp - ${DAEMON_SOURCES_PATH}/services/ace/logic/security_logic.cpp - ${DAEMON_SOURCES_PATH}/services/ace/logic/simple_roaming_agent.cpp - #popup - ${DAEMON_SOURCES_PATH}/services/popup/dbus/popup_response_dbus_interface.cpp - ${DAEMON_SOURCES_PATH}/services/popup/socket/popup_service_callbacks.cpp - ) - -SET_SOURCE_FILES_PROPERTIES(${DAEMON_SOURCES} PROPERTIES COMPILE_FLAGS "-std=c++0x") - -SET(LEGACY_DAEMON_SOURCES - #security-server - ${DAEMON_SOURCES_PATH}/security-srv/communication/security-server-comm.c - ${DAEMON_SOURCES_PATH}/security-srv/server/security-server-cookie.c - ${DAEMON_SOURCES_PATH}/security-srv/server/security-server-main.c - ${DAEMON_SOURCES_PATH}/security-srv/server/security-server-password.c - ${DAEMON_SOURCES_PATH}/security-srv/util/security-server-util-common.c) - -SET_SOURCE_FILES_PROPERTIES(${LEGACY_DAEMON_SOURCES} - PROPERTIES COMPILE_FLAGS "-DSECURITY_SERVER_DEBUG_DLOG") - -SET(DAEMON_SOURCES - ${DAEMON_SOURCES} - #security-server - ${LEGACY_DAEMON_SOURCES}) - -SET_SOURCE_FILES_PROPERTIES( - ${DAEMON_SOURCES_PATH}/security-srv/communication/security-server-comm.c - PROPERTIES COMPILE_FLAGS "-D_GNU_SOURCE") - - -############################# Lets start compilation process ################## -#ace library -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/include) -#socket connection library -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/socket_connection/connection) -#daemon -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/dbus) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/sockets/api) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/sockets) -#caller -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/caller) -#ace -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/dbus) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/socket) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/socket/api) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/logic) -#ocsp -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/dbus) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/socket) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/socket/api) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/logic) -#popup -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/dbus) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/socket) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/socket/api) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/logic) -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/include) -INCLUDE_DIRECTORIES(${DAEMON_DEP_INCLUDE_DIRS}) -#security-server -INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/security-srv/include) - - - -ADD_EXECUTABLE(${TARGET_DAEMON} - ${DAEMON_SOURCES}) - -TARGET_LINK_LIBRARIES(${TARGET_DAEMON} - ${DAEMON_DEP_LIBRARIES} - ${TARGET_ACE_LIB} - ${TARGET_ACE_DAO_RW_LIB}) - - - -################################################################################################### -## for libsecurity-server-client.so (library) -pkg_check_modules(pkgs REQUIRED dlog openssl libsmack) - -SET(VERSION_MAJOR 1) -SET(VERSION ${VERSION_MAJOR}.0.1) - -SET(libsecurity-server-client_SOURCES - ${DAEMON_SOURCES_PATH}/security-srv/client/security-server-client.c - ${DAEMON_SOURCES_PATH}/security-srv/communication/security-server-comm.c) -SET(libsecurity-server-client_LDFLAGS " -module -avoid-version") -SET(libsecurity-server-client_CFLAGS " ${CFLAGS} -fPIC -I${sec_svr_include_dir} ${debug_type} -D_GNU_SOURCE ") -#SET(libsecurity-server-client_LIBADD "") - -ADD_LIBRARY(security-server-client SHARED ${libsecurity-server-client_SOURCES}) -TARGET_LINK_LIBRARIES(security-server-client ${pkgs_LDFLAGS}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES SOVERSION ${VERSION_MAJOR}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES VERSION ${VERSION}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES COMPILE_FLAGS "${libsecurity-server-client_CFLAGS}") -################################################################################################### - -INSTALL(TARGETS ${TARGET_DAEMON} - DESTINATION bin) - -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/src/daemon/dbus/org.tizen.SecurityDaemon.service - DESTINATION /usr/share/dbus-1/services - ) - -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/src/services/ace/ace_server_api.h - ${PROJECT_SOURCE_DIR}/src/services/ocsp/ocsp_server_api.h - ${PROJECT_SOURCE_DIR}/src/services/popup/popup_response_server_api.h - ${PROJECT_SOURCE_DIR}/src/services/popup/popup_ace_data_types.h - ${PROJECT_SOURCE_DIR}/src/daemon/dbus/security_daemon_dbus_config.h - DESTINATION /usr/include/wrt-security - ) - -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/src/security-srv/include/security-server.h - DESTINATION /usr/include/security-server - ) - -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/src/security-srv/mw-list - DESTINATION /usr/share/security-server/) - -INSTALL(FILES - ${PROJECT_SOURCE_DIR}/src/security-srv/security-serverd - DESTINATION /etc/rc.d/init.d) - -INSTALL(TARGETS security-server-client DESTINATION lib) +#SET(DAEMON_BASIC_DEP +# dpl-efl +# dpl-dbus-efl +# dpl-utils-efl +# libsoup-2.4 +# openssl +# libsmack +# ) +# +#IF(SMACK_ENABLE) +# LIST(APPEND DAEMON_BASIC_DEP libprivilege-control) +#ENDIF(SMACK_ENABLE) +# +#PKG_CHECK_MODULES(DAEMON_DEP +# ${DAEMON_BASIC_DEP} +# REQUIRED) +# +#SET(DAEMON_SOURCES_PATH ${PROJECT_SOURCE_DIR}/src) +# +#SET(DAEMON_SOURCES +# #socket connection +# ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketConnection.cpp +# ${PROJECT_SOURCE_DIR}/socket_connection/connection/SocketStream.cpp +# #caller +# ${DAEMON_SOURCES_PATH}/services/caller/security_caller.cpp +# #daemon +# ${DAEMON_SOURCES_PATH}/daemon/dbus/security_dbus_service.cpp +# ${DAEMON_SOURCES_PATH}/daemon/sockets/security_socket_service.cpp +# ${DAEMON_SOURCES_PATH}/daemon/security_daemon.cpp +# ${DAEMON_SOURCES_PATH}/main.cpp +# #ocsp +# ${DAEMON_SOURCES_PATH}/services/ocsp/dbus/ocsp_server_dbus_interface.cpp +# ${DAEMON_SOURCES_PATH}/services/ocsp/socket/ocsp_service_callbacks.cpp +# ${DAEMON_SOURCES_PATH}/services/ocsp/ocsp_service.cpp +# #ace +# ${DAEMON_SOURCES_PATH}/services/ace/dbus/ace_server_dbus_interface.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/socket/ace_service_callbacks.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/ace_service.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/logic/security_controller.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/logic/attribute_facade.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/logic/security_logic.cpp +# ${DAEMON_SOURCES_PATH}/services/ace/logic/simple_roaming_agent.cpp +# #popup +# ${DAEMON_SOURCES_PATH}/services/popup/dbus/popup_response_dbus_interface.cpp +# ${DAEMON_SOURCES_PATH}/services/popup/socket/popup_service_callbacks.cpp +# ) +# +#SET_SOURCE_FILES_PROPERTIES(${DAEMON_SOURCES} PROPERTIES COMPILE_FLAGS "-std=c++0x") +# +############################## Lets start compilation process ################## +##ace library +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/include) +##socket connection library +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/socket_connection/connection) +##daemon +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/dbus) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/sockets/api) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/daemon/sockets) +##caller +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/caller) +##ace +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/dbus) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/socket) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/socket/api) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ace/logic) +##ocsp +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/dbus) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/socket) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/socket/api) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/ocsp/logic) +##popup +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/dbus) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/socket) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/socket/api) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/services/popup/logic) +#INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/ace/include) +#INCLUDE_DIRECTORIES(${DAEMON_DEP_INCLUDE_DIRS}) +# +#ADD_EXECUTABLE(${TARGET_DAEMON} +# ${DAEMON_SOURCES}) +# +#TARGET_LINK_LIBRARIES(${TARGET_DAEMON} +# ${DAEMON_DEP_LIBRARIES} +# ${TARGET_ACE_LIB} +# ${TARGET_ACE_DAO_RW_LIB}) +# +#INSTALL(TARGETS ${TARGET_DAEMON} +# DESTINATION bin) +# +#INSTALL(FILES +# ${PROJECT_SOURCE_DIR}/src/daemon/dbus/org.tizen.SecurityDaemon.service +# DESTINATION /usr/share/dbus-1/services +# ) +# +#INSTALL(FILES +# ${PROJECT_SOURCE_DIR}/src/services/ace/ace_server_api.h +# ${PROJECT_SOURCE_DIR}/src/services/ocsp/ocsp_server_api.h +# ${PROJECT_SOURCE_DIR}/src/services/popup/popup_response_server_api.h +# ${PROJECT_SOURCE_DIR}/src/services/popup/popup_ace_data_types.h +# ${PROJECT_SOURCE_DIR}/src/daemon/dbus/security_daemon_dbus_config.h +# DESTINATION /usr/include/wrt-security +# ) +# +ADD_SUBDIRECTORY(security-srv) diff --git a/src/main.cpp b/src/main.cpp index 4b16270..93c9fa7 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -30,18 +30,8 @@ static const std::string DAEMON_INSTANCE_UUID = "5ebf3f24-dad6-4a27-88b4-df7970efe7a9"; -extern "C" void *security_server_main_thread(void *data); - int main(int argc, char* argv[]) { - - pthread_t main_thread; - - if (0 != pthread_create(&main_thread, NULL, security_server_main_thread, NULL)) { - LogError("Cannot create security server thread"); - return -1; - } - DPL::SingleInstance instance; try { if (!instance.TryLock(DAEMON_INSTANCE_UUID)) { diff --git a/src/security-srv/CMakeLists.txt b/src/security-srv/CMakeLists.txt new file mode 100644 index 0000000..fe5bfc0 --- /dev/null +++ b/src/security-srv/CMakeLists.txt @@ -0,0 +1,85 @@ +PKG_CHECK_MODULES(SECURITY_SERVER_DEP + dlog + openssl + libsmack + REQUIRED + ) + +SET(SECURITY_SERVER_PATH ${PROJECT_SOURCE_DIR}/src/security-srv) + +SET(SECURITY_SERVER_SOURCES + ${SECURITY_SERVER_PATH}/communication/security-server-comm.c + ${SECURITY_SERVER_PATH}/server/security-server-cookie.c + ${SECURITY_SERVER_PATH}/server/security-server-main.c + ${SECURITY_SERVER_PATH}/server/security-server-password.c + ${SECURITY_SERVER_PATH}/util/security-server-util-common.c + ) + +SET_SOURCE_FILES_PROPERTIES( + ${SECURITY_SERVER_SOURCES} + PROPERTIES + COMPILE_FLAGS "-D_GNU_SOURCE -DSECURITY_SERVER_DEBUG_DLOG") + +INCLUDE_DIRECTORIES( + ${SECURITY_SERVER_PATH}/include + ${SECURITY_SERVER_DEP_INCLUDE_DIRS} + ) + +ADD_EXECUTABLE(${TARGET_SECURITY_SERVER} ${SECURITY_SERVER_SOURCES}) + +TARGET_LINK_LIBRARIES(${TARGET_SECURITY_SERVER} + ${SECURITY_SERVER_DEP_LIBRARIES} + ) + +################################################################################ + +SET(SECURITY_CLIENT_VERSION_MAJOR 1) +SET(SECURITY_CLIENT_VERSION ${SECURITY_CLIENT_VERSION_MAJOR}.0.1) + +SET(SECURITY_CLIENT_SOURCES + ${SECURITY_SERVER_PATH}/client/security-server-client.c + ${SECURITY_SERVER_PATH}/communication/security-server-comm.c + ) + +ADD_LIBRARY(${TARGET_SECURITY_CLIENT} SHARED ${SECURITY_CLIENT_SOURCES}) + +SET_TARGET_PROPERTIES( + ${TARGET_SECURITY_CLIENT} + PROPERTIES + LINK_FLAGS "-module -avoid-version" + COMPILE_FLAGS "-D_GNU_SOURCE -DSECURITY_SERVER_DEBUG_DLOG -fPIC" + SOVERSION ${SECURITY_CLIENT_VERSION_MAJOR} + VERSION ${SECURITY_CLIENT_VERSION} + ) + +TARGET_LINK_LIBRARIES(${TARGET_SECURITY_CLIENT} + ${SECURITY_SERVER_DEP_LIBRARIES} + ) + +################################################################################ + +INSTALL(TARGETS ${TARGET_SECURITY_CLIENT} DESTINATION lib) + +INSTALL(TARGETS ${TARGET_SECURITY_SERVER} DESTINATION bin) + +INSTALL(FILES + ${SECURITY_SERVER_PATH}/include/security-server.h + DESTINATION /usr/include/security-server + ) + +INSTALL(FILES + ${SECURITY_SERVER_PATH}/mw-list + DESTINATION /usr/share/security-server + ) + +INSTALL(FILES + ${SECURITY_SERVER_PATH}/security-serverd + DESTINATION /etc/rc.d/init.d + ) + +################################################################################ + +#CONFIGURE_FILE(security-server.pc.in security-server.pc @ONLY) +#INSTALL + +################################################################################ diff --git a/src/security-srv/CMakeLists.txt--original b/src/security-srv/CMakeLists.txt--original deleted file mode 100644 index 4b8d9e0..0000000 --- a/src/security-srv/CMakeLists.txt--original +++ /dev/null @@ -1,78 +0,0 @@ -SET(PREFIX ${CMAKE_INSTALL_PREFIX}) -SET(EXEC_PREFIX "\${prefix}") -SET(LIBDIR "\${prefix}/lib") -SET(INCLUDEDIR "\${prefix}/include") -SET(VERSION_MAJOR 1) -SET(VERSION ${VERSION_MAJOR}.0.1) - -#Verbose -#SET(CMAKE_VERBOSE_MAKEFILE ON) - -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) - -INCLUDE(FindPkgConfig) -pkg_check_modules(pkgs REQUIRED dlog openssl libsmack) - -FOREACH(flag ${pkgs_CFLAGS}) - SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") -ENDFOREACH(flag) - -SET(sec_svr_dir "./") -SET(sec_svr_include_dir "./include") -SET(sec_svr_src_dir "./src") -SET(sec_svr_test_dir "./testcases") - -## Additional flag -#SET(debug_type "-DSECURITY_SERVER_DEBUG_TO_CONSOLE") -SET(debug_type "-DSECURITY_SERVER_DEBUG_DLOG") -#SET(debug_type "") - -SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fvisibility=hidden") -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}") - -################################################################################################### -## for libsecurity-server-client.so (library) -SET(libsecurity-server-client_SOURCES ${sec_svr_src_dir}/client/security-server-client.c ${sec_svr_src_dir}/communication/security-server-comm.c) -SET(libsecurity-server-client_LDFLAGS " -module -avoid-version") -SET(libsecurity-server-client_CFLAGS " ${CFLAGS} -fPIC -I${sec_svr_include_dir} ${debug_type} -D_GNU_SOURCE ") -#SET(libsecurity-server-client_LIBADD "") - -ADD_LIBRARY(security-server-client SHARED ${libsecurity-server-client_SOURCES}) -TARGET_LINK_LIBRARIES(security-server-client ${pkgs_LDFLAGS}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES SOVERSION ${VERSION_MAJOR}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES VERSION ${VERSION}) -SET_TARGET_PROPERTIES(security-server-client PROPERTIES COMPILE_FLAGS "${libsecurity-server-client_CFLAGS}") -################################################################################################### - -################################################################################################### -## for security-server (binary) -SET(security-server_SOURCES ${sec_svr_src_dir}/server/security-server-main.c ${sec_svr_src_dir}/communication/security-server-comm.c ${sec_svr_src_dir}/server/security-server-cookie.c ${sec_svr_src_dir}/server/security-server-password.c ${sec_svr_src_dir}/util/security-server-util-common.c ) -SET(security-server_CFLAGS " -I/usr/include -I. -I${sec_svr_include_dir} ${debug_type} -D_GNU_SOURCE ") -SET(security-server_LDFLAGS ${pkgs_LDFLAGS} -lpthread) - -ADD_EXECUTABLE(security-server ${security-server_SOURCES}) -TARGET_LINK_LIBRARIES(security-server ${pkgs_LDFLAGS}) -SET_TARGET_PROPERTIES(security-server PROPERTIES COMPILE_FLAGS "${security-server_CFLAGS}") -#################################################################################################### - -##FOR TEST METHOD ONLY. MUST BE DELETED ON RELEASE ############################################################ -## for security-server util (binary) -SET(sec-svr-util_SOURCES ${sec_svr_src_dir}/util/security-server-util.c ${sec_svr_src_dir}/communication/security-server-comm.c ${sec_svr_src_dir}/util/security-server-util-common.c ${sec_svr_src_dir}/server/security-server-cookie.c) -SET(sec-svr-util_CFLAGS " -I/usr/include -I. -I${sec_svr_include_dir} ${debug_type} -D_GNU_SOURCE ") -SET(sec-svr-util_LDFLAGS ${pkgs_LDFLAGS}) - -ADD_EXECUTABLE(sec-svr-util ${sec-svr-util_SOURCES}) -TARGET_LINK_LIBRARIES(sec-svr-util ${pkgs_LDFLAGS}) -SET_TARGET_PROPERTIES(sec-svr-util PROPERTIES COMPILE_FLAGS "${sec-svr-util_CFLAGS}") -#################################################################################################### - -CONFIGURE_FILE(security-server.pc.in security-server.pc @ONLY) - -INSTALL(TARGETS security-server-client DESTINATION lib) - -INSTALL(PROGRAMS ${CMAKE_BINARY_DIR}/security-server DESTINATION bin) -INSTALL(PROGRAMS ${CMAKE_BINARY_DIR}/sec-svr-util DESTINATION bin) -INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/security-server.pc DESTINATION lib/pkgconfig) -INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/include/security-server.h DESTINATION include/security-server) -INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/mw-list DESTINATION share/security-server) -INSTALL(PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/security-serverd DESTINATION /etc/rc.d/init.d) diff --git a/src/security-srv/security-serverd b/src/security-srv/security-serverd index 48fbefc..36344cc 100644 --- a/src/security-srv/security-serverd +++ b/src/security-srv/security-serverd @@ -2,3 +2,4 @@ # start secure-storage server /usr/bin/security-server & +set_pmon -p security-server diff --git a/src/security-srv/server/security-server-main.c b/src/security-srv/server/security-server-main.c index 1cd5cfb..ecb9a1b 100644 --- a/src/security-srv/server/security-server-main.c +++ b/src/security-srv/server/security-server-main.c @@ -1174,7 +1174,6 @@ error: pthread_exit(NULL); } -/* int main(int argc, char* argv[]) { int res; @@ -1193,4 +1192,4 @@ int main(int argc, char* argv[]) pthread_exit(NULL); return 0; } -*/ + diff --git a/wrt_ocsp/CMakeLists.txt b/wrt_ocsp/CMakeLists.txt deleted file mode 100644 index e03d379..0000000 --- a/wrt_ocsp/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -ADD_SUBDIRECTORY(src) \ No newline at end of file diff --git a/wrt_ocsp/include/wrt_ocsp_api.h b/wrt_ocsp/include/wrt_ocsp_api.h deleted file mode 100644 index 856d97b..0000000 --- a/wrt_ocsp/include/wrt_ocsp_api.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file wrt_oscp_api.h - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief This is C api for WRT OCSP - */ -#ifndef WRT_OCSP_API_H -#define WRT_OCSP_API_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef enum{ - WRT_OCSP_OK, - WRT_OCSP_INVALID_ARGUMENTS, - WRT_OCSP_INTERNAL_ERROR -}wrt_ocsp_return_t; - -typedef int wrt_ocsp_widget_handle_t; -typedef enum { - //The certificate has not been revoked. - WRT_OCSP_WIDGET_VERIFICATION_STATUS_GOOD, - - //The certificate has been revoked. - WRT_OCSP_WIDGET_VERIFICATION_STATUS_REVOKED - - -}wrt_ocsp_widget_verification_status_t; - -//-------------Initialization and shutdown------------------- -/* - * Establishes connection to security server. Must be called only once. - * Returns WRT_OCSP_OK or error - */ -wrt_ocsp_return_t wrt_ocsp_initialize(void); - -/* - * Deinitializes internal structures. Must be called only once. - * Returns WRT_OCSP_OK or error - */ - -wrt_ocsp_return_t wrt_ocsp_shutdown(void); - -//-------------Widget verification------------------------------ -/* - * Requests verification for widget identified with 'handle'. - * 'status holds server response. - * Returns WRT_OCSP_OK or error - */ - -wrt_ocsp_return_t wrt_ocsp_verify_widget(wrt_ocsp_widget_handle_t handle, - wrt_ocsp_widget_verification_status_t* status); - - -#ifdef __cplusplus -} -#endif -#endif //WRT_OCSP_API_H diff --git a/wrt_ocsp/src/CMakeLists.txt b/wrt_ocsp/src/CMakeLists.txt deleted file mode 100644 index 01c746a..0000000 --- a/wrt_ocsp/src/CMakeLists.txt +++ /dev/null @@ -1,60 +0,0 @@ -include(FindPkgConfig) - -PKG_CHECK_MODULES(WRT_OCSP_DEPS - dpl-efl - dpl-dbus-efl - REQUIRED - ) - -SET(WRT_OCSP_DIR - ${PROJECT_SOURCE_DIR}/wrt_ocsp - ) - -SET(WRT_OCSP_SRC_DIR - ${WRT_OCSP_DIR}/src - ) - -SET(WRT_OCSP_INCLUDE_DIR - ${WRT_OCSP_DIR}/include - ) - -SET(WRT_OCSP_SOURCES - ${COMMUNICATION_CLIENT_SOURCES} - ${WRT_OCSP_SRC_DIR}/wrt_ocsp_api.cpp - ) - -SET(WRT_OCSP_INCLUDES - ${WRT_OCSP_DEPS_INCLUDE_DIRS} - ${WRT_OCSP_INCLUDE_DIR} - ${COMMUNICATION_CLIENT_INCLUDES} - ${PROJECT_SOURCE_DIR}/src/services/ocsp - ${PROJECT_SOURCE_DIR}/src/services/ocsp/dbus/api - ${PROJECT_SOURCE_DIR}/src/daemon/dbus - ) - -ADD_DEFINITIONS(${WRT_OCSP_DEPS_CFLAGS}) -ADD_DEFINITIONS(${WRT__CFLAGS_OTHER}) - -INCLUDE_DIRECTORIES(${WRT_OCSP_INCLUDES}) - -ADD_LIBRARY(${TARGET_WRT_OCSP_LIB} SHARED ${WRT_OCSP_SOURCES}) - -SET_TARGET_PROPERTIES(${TARGET_WRT_OCSP_LIB} PROPERTIES - SOVERSION ${API_VERSION} - VERSION ${VERSION}) - -SET_TARGET_PROPERTIES(${TARGET_WRT_OCSP_LIB} PROPERTIES - COMPILE_FLAGS -fPIC) - -TARGET_LINK_LIBRARIES(${TARGET_WRT_OCSP_LIB} - ${WRT_OCSP_DEPS_LIBRARIES} - ${WRT_OCSP_DEPS_LDFLAGS} - ) - -INSTALL(TARGETS ${TARGET_WRT_OCSP_LIB} - DESTINATION lib) - -INSTALL(FILES - ${WRT_OCSP_INCLUDE_DIR}/wrt_ocsp_api.h - DESTINATION include/wrt-ocsp - ) diff --git a/wrt_ocsp/src/wrt_ocsp_api.cpp b/wrt_ocsp/src/wrt_ocsp_api.cpp deleted file mode 100644 index 5ab9f85..0000000 --- a/wrt_ocsp/src/wrt_ocsp_api.cpp +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file wrt_ocsp_api.cpp - * @author Zofia Abramowska (z.abramowska@samsung.com) - * @version 1.0 - * @brief This file contains implementation of WRT OCSP api - */ - -#include -#include -#include "ocsp_server_api.h" -#include "SecurityCommunicationClient.h" - -#include "wrt_ocsp_api.h" - -static WrtSecurity::Communication::Client *communicationClient = NULL; - -wrt_ocsp_return_t wrt_ocsp_initialize(void){ - if (NULL != communicationClient) { - LogError("wrt_ocsp_api already initialized"); - return WRT_OCSP_INTERNAL_ERROR; - } - - Try { - communicationClient = new WrtSecurity::Communication::Client(WrtSecurity::OcspServerApi::INTERFACE_NAME()); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Can't connect to daemon"); - return WRT_OCSP_INTERNAL_ERROR; - } - LogInfo("Initialized"); - return WRT_OCSP_OK; -} - -wrt_ocsp_return_t wrt_ocsp_shutdown(void){ - if (NULL == communicationClient) { - LogError("wrt_ocsp_api not initialized"); - return WRT_OCSP_INTERNAL_ERROR; - } - delete communicationClient; - communicationClient = NULL; - LogInfo("Shutdown"); - return WRT_OCSP_OK; -} - -wrt_ocsp_return_t wrt_ocsp_verify_widget(wrt_ocsp_widget_handle_t handle, - wrt_ocsp_widget_verification_status_t* status){ - - LogInfo("Verifying"); - if (NULL == status) { - LogError("Invalid arguments"); - return WRT_OCSP_INVALID_ARGUMENTS; - } - int intResponse; - - Try { - communicationClient->call(WrtSecurity::OcspServerApi::CHECK_ACCESS_METHOD(), - handle, - &intResponse); - } Catch (WrtSecurity::Communication::Client::Exception::SecurityCommunicationClientException) { - LogError("Problem with connection to daemon"); - return WRT_OCSP_INTERNAL_ERROR; - } - (*status) = static_cast(intResponse); - LogInfo("Widget verified with response " << intResponse); - return WRT_OCSP_OK; -} -- 2.7.4