From e98b3570bdcf1b2b7772fb8450bbf66f3ddf029f Mon Sep 17 00:00:00 2001 From: Jihoon Chung Date: Sat, 17 Aug 2013 15:01:15 +0900 Subject: [PATCH] Fixed an issue related to multiple database connection - As every web application has its own security dao, support of multiple DB connections will not be needed. [Issue#] N/A [Problem] Setting menu shows wrong information with the following steps. 1. Launch Setting -> Manage applications 2. Select Web application -> Allow list 3. Back to Manage applications -> select another Web application 4. checking Allow list menu then, the menu showed the firstly chosen web application information. [Cause] Security origin dao is not released even though corresponding dao object is released. This causes returning old data when a new dao object is created. N.B) Security origin dao uses static value to avoid conflict with re-created connection object. [Solution] Remove static dao value, and clen up old dao code. - We originally needed "static value" to support thread locking mechanism. But, current web applications don't have separate threads, hence no longer needed. - Moreover, sqlite already supports such a conflict through transaction manager. [SCMRequest] N/A Change-Id: Ide83f7c8fa63a387e48f0396c3a8febc79409101 --- modules/security_origin_dao/CMakeLists.txt | 4 +- .../dao/security_origin_dao.cpp | 264 ++++++++++-------- .../dao/security_origin_database.cpp | 19 -- .../security-origin-dao/security_origin_dao.h | 21 +- .../security_origin_database.h | 50 ---- 5 files changed, 159 insertions(+), 199 deletions(-) delete mode 100644 modules/security_origin_dao/dao/security_origin_database.cpp mode change 100755 => 100644 modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_dao.h delete mode 100644 modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_database.h diff --git a/modules/security_origin_dao/CMakeLists.txt b/modules/security_origin_dao/CMakeLists.txt index 4e74cc3..f307a2b 100644 --- a/modules/security_origin_dao/CMakeLists.txt +++ b/modules/security_origin_dao/CMakeLists.txt @@ -34,7 +34,6 @@ SET(SECURITY_ORIGIN_DAO_INCLUDE_DIRS SET(SECURITY_ORIGIN_DAO_SOURCES dao/security_origin_dao_types.cpp - dao/security_origin_database.cpp dao/security_origin_dao.cpp ) @@ -43,14 +42,13 @@ INCLUDE_DIRECTORIES(${SECURITY_ORIGIN_DAO_INCLUDE_DIRS}) ADD_LIBRARY(${TARGET_SECURITY_ORIGIN_DAO_LIB} SHARED ${SECURITY_ORIGIN_DAO_SOURCES}) SET_TARGET_PROPERTIES(${TARGET_SECURITY_ORIGIN_DAO_LIB} PROPERTIES SOVERSION ${API_VERSION} VERSION ${VERSION}) -TARGET_LINK_LIBRARIES(${TARGET_SECURITY_ORIGIN_DAO_LIB} ${TARGET_DPL_EFL} ${TARGET_DPL_DB_EFL} ${TARGET_WRT_DAP_RO_LIB} ${SECURITY_ORIGIN_DAO_DEPS_LIBRARIES}) +TARGET_LINK_LIBRARIES(${TARGET_SECURITY_ORIGIN_DAO_LIB} ${TARGET_DPL_EFL} ${TARGET_DPL_DB_EFL} ${TARGET_WRT_DAO_RO_LIB} ${SECURITY_ORIGIN_DAO_DEPS_LIBRARIES}) ADD_DEPENDENCIES(${TARGET_SECURITY_ORIGIN_DAO_LIB} ${TARGET_SECURITY_ORIGIN_DAO_DB}) INSTALL(TARGETS ${TARGET_SECURITY_ORIGIN_DAO_LIB} DESTINATION lib) INSTALL(FILES include/wrt-commons/security-origin-dao/security_origin_dao_types.h - include/wrt-commons/security-origin-dao/security_origin_database.h include/wrt-commons/security-origin-dao/security_origin_dao.h DESTINATION include/dpl-efl/wrt-commons/security-origin-dao ) diff --git a/modules/security_origin_dao/dao/security_origin_dao.cpp b/modules/security_origin_dao/dao/security_origin_dao.cpp index 1e2e1f2..7551189 100644 --- a/modules/security_origin_dao/dao/security_origin_dao.cpp +++ b/modules/security_origin_dao/dao/security_origin_dao.cpp @@ -20,7 +20,6 @@ * @brief This file contains the definition of security origin dao class. */ -#include #include #include #include @@ -48,6 +47,23 @@ using namespace WrtDB; message); \ } +// database connection +#define SECURITY_ORIGIN_DB_INTERNAL(tlsCommand, InternalType, interface) \ + InternalType tlsCommand(interface); +#define SECURITY_ORIGIN_DB_SELECT(name, type, interface) \ + SECURITY_ORIGIN_DB_INTERNAL(name, type::Select, interface) +#define SECURITY_ORIGIN_DB_INSERT(name, type, interface) \ + SECURITY_ORIGIN_DB_INTERNAL(name, type::Insert, interface) +#define SECURITY_ORIGIN_DB_UPDATE(name, type, interface) \ + SECURITY_ORIGIN_DB_INTERNAL(name, type::Update, interface) +#define SECURITY_ORIGIN_DB_DELETE(name, type, interface) \ + SECURITY_ORIGIN_DB_INTERNAL(name, type::Delete, interface) + +typedef DPL::DB::ORM::security_origin::SecurityOriginInfo::Row + SecurityOriginInfoRow; +typedef DPL::DB::ORM::security_origin::SecurityOriginInfo::Select::RowList + SecurityOriginInfoRowList; + namespace { DPL::DB::SqlConnection::Flag::Option SECURITY_ORIGIN_DB_OPTION = DPL::DB::SqlConnection::Flag::RW; @@ -101,40 +117,40 @@ void checkDatabase(std::string databasePath) SECURITY_ORIGIN_DB_TYPE, SECURITY_ORIGIN_DB_OPTION); con.ExecCommand(ssBuffer.str().c_str()); - } - if(chown(databasePath.c_str(), - WEB_APPLICATION_UID, - WEB_APPLICATION_GUID) != 0) - { - ThrowMsg(SecurityOriginDAO::Exception::DatabaseError, - "Fail to change uid/guid"); - } - std::string databaseJournal = - databasePath + SECURITY_DATABASE_JOURNAL_FILENAME; - if(chown(databaseJournal.c_str(), - WEB_APPLICATION_UID, - WEB_APPLICATION_GUID) != 0) - { - ThrowMsg(SecurityOriginDAO::Exception::DatabaseError, - "Fail to change uid/guid"); + if(chown(databasePath.c_str(), + WEB_APPLICATION_UID, + WEB_APPLICATION_GUID) != 0) + { + ThrowMsg(SecurityOriginDAO::Exception::DatabaseError, + "Fail to change uid/guid"); + } + std::string databaseJournal = + databasePath + SECURITY_DATABASE_JOURNAL_FILENAME; + if(chown(databaseJournal.c_str(), + WEB_APPLICATION_UID, + WEB_APPLICATION_GUID) != 0) + { + ThrowMsg(SecurityOriginDAO::Exception::DatabaseError, + "Fail to change uid/guid"); + } } } SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to get database Path") } -} +} // namespace SecurityOriginDB SecurityOriginDAO::SecurityOriginDAO(const WrtDB::TizenPkgId &pkgName) : - m_securityOriginDBPath(createDatabasePath(pkgName)), - m_securityOriginDBInterface(m_securityOriginDBPath, SECURITY_ORIGIN_DB_TYPE) + m_dbPath(createDatabasePath(pkgName)), + m_dbInterface(m_dbPath, SECURITY_ORIGIN_DB_TYPE) { - checkDatabase(m_securityOriginDBPath); - m_securityOriginDBInterface.AttachToThread(SECURITY_ORIGIN_DB_OPTION); + checkDatabase(m_dbPath); + m_dbInterface.AttachToThread(SECURITY_ORIGIN_DB_OPTION); } SecurityOriginDAO::~SecurityOriginDAO() { - m_securityOriginDBInterface.DetachFromThread(); + m_dbInterface.DetachFromThread(); } SecurityOriginDataList SecurityOriginDAO::getSecurityOriginDataList(void) @@ -142,11 +158,9 @@ SecurityOriginDataList SecurityOriginDAO::getSecurityOriginDataList(void) SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN { SecurityOriginDataList list; - SECURITY_ORIGIN_DB_SELECT(select, - SecurityOriginInfo, - &m_securityOriginDBInterface); + SECURITY_ORIGIN_DB_SELECT(select, SecurityOriginInfo, &m_dbInterface); typedef std::list RowList; - RowList rowList = select->GetRowList(); + RowList rowList = select.GetRowList(); FOREACH(it, rowList) { Origin origin(it->Get_scheme(), it->Get_host(), it->Get_port()); @@ -160,97 +174,63 @@ SecurityOriginDataList SecurityOriginDAO::getSecurityOriginDataList(void) SQL_CONNECTION_EXCEPTION_HANDLER_END("Failed to get data list") } -Result SecurityOriginDAO::getResult( - const SecurityOriginData &securityOriginData) +Result SecurityOriginDAO::getResult(const SecurityOriginData &data) { SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN { - SECURITY_ORIGIN_DB_SELECT(select, - SecurityOriginInfo, - &m_securityOriginDBInterface); - select->Where( - And(And(And(Equals(securityOriginData. - feature), - Equals(securityOriginData. - origin.scheme)), - Equals(securityOriginData.origin. - host)), - Equals(securityOriginData.origin.port))); - SecurityOriginInfo::Select::RowList rows = select->GetRowList(); - + SECURITY_ORIGIN_DB_SELECT(select, SecurityOriginInfo, &m_dbInterface); + Equals eFeature(data.feature); + Equals eScheme(data.origin.scheme); + Equals eHost(data.origin.host); + Equals ePort(data.origin.port); + select.Where(And(And(And(eFeature, eScheme), eHost), ePort)); + SecurityOriginInfoRowList rows = select.GetRowList(); if (rows.empty()) { return RESULT_UNKNOWN; } - SecurityOriginInfo::Row row = rows.front(); + SecurityOriginInfoRow row = rows.front(); return static_cast(row.Get_result()); } - SQL_CONNECTION_EXCEPTION_HANDLER_END( - "Failed to get result for security origin") + SQL_CONNECTION_EXCEPTION_HANDLER_END("getResult error") } -bool SecurityOriginDAO::isReadOnly(const SecurityOriginData &securityOriginData) +bool SecurityOriginDAO::isReadOnly(const SecurityOriginData &data) { SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN { - SECURITY_ORIGIN_DB_SELECT(select, SecurityOriginInfo, &m_securityOriginDBInterface); - select->Where( - And(And(And(Equals(securityOriginData.feature), - Equals(securityOriginData.origin.scheme)), - Equals(securityOriginData.origin.host)), - Equals(securityOriginData.origin.port))); - SecurityOriginInfo::Select::RowList rows = select->GetRowList(); - + SECURITY_ORIGIN_DB_SELECT(select, SecurityOriginInfo, &m_dbInterface); + Equals eFeature(data.feature); + Equals eScheme(data.origin.scheme); + Equals eHost(data.origin.host); + Equals ePort(data.origin.port); + select.Where(And(And(And(eFeature, eScheme), eHost), ePort)); + SecurityOriginInfoRowList rows = select.GetRowList(); if (rows.empty()) { return RESULT_UNKNOWN; } - SecurityOriginInfo::Row row = rows.front(); + SecurityOriginInfoRow row = rows.front(); return row.Get_readonly() ? true : false; } - SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to get readonly property") + SQL_CONNECTION_EXCEPTION_HANDLER_END("isReadOnly error") } -void SecurityOriginDAO::setSecurityOriginData(const SecurityOriginData &securityOriginData, +void SecurityOriginDAO::setSecurityOriginData(const SecurityOriginData &data, const Result result, const bool readOnly) { - SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN - { - ScopedTransaction transaction(&m_securityOriginDBInterface); - SecurityOriginInfo::Row row; - row.Set_feature(securityOriginData.feature); - row.Set_scheme(securityOriginData.origin.scheme); - row.Set_host(securityOriginData.origin.host); - row.Set_port(securityOriginData.origin.port); - row.Set_result(result); - row.Set_readonly(readOnly ? 1 : 0); - - if (true == hasResult(securityOriginData)) { - SECURITY_ORIGIN_DB_UPDATE(update, - SecurityOriginInfo, - &m_securityOriginDBInterface); - update->Where(And(And(And(Equals(securityOriginData.feature), - Equals(securityOriginData.origin.scheme)), - Equals(securityOriginData.origin.host)), - Equals(securityOriginData.origin.port))); - update->Values(row); - update->Execute(); - } else { - SECURITY_ORIGIN_DB_INSERT( - insert, - SecurityOriginInfo, - &m_securityOriginDBInterface); - insert->Values(row); - insert->Execute(); - } - transaction.Commit(); + if (true == hasResult(data)) { + updateData(data, result, readOnly); + } else { + insertData(data, result, readOnly); } - SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to set security origin data") } -void SecurityOriginDAO::setPrivilegeSecurityOriginData(const Feature feature, - bool isOnlyAllowedLocalOrigin) +void SecurityOriginDAO::setPrivilegeSecurityOriginData( + const Feature feature, + bool isOnlyAllowedLocalOrigin) { - Origin origin(DPL::FromUTF8String("file"), //TODO: this breaks app:// scheme code -> no case for app scheme + //TODO: this breaks app:// scheme code -> no case for app scheme + Origin origin(DPL::FromUTF8String("file"), DPL::FromUTF8String(""), 0); if (!isOnlyAllowedLocalOrigin) { @@ -261,53 +241,97 @@ void SecurityOriginDAO::setPrivilegeSecurityOriginData(const Feature feature, } void SecurityOriginDAO::removeSecurityOriginData( - const SecurityOriginData &securityOriginData) + const SecurityOriginData &data) { + if (false == hasResult(data)) { + // There is no data + return; + } + SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN { - ScopedTransaction transaction(&m_securityOriginDBInterface); - - if (true == hasResult(securityOriginData)) { - SECURITY_ORIGIN_DB_DELETE(del, - SecurityOriginInfo, - &m_securityOriginDBInterface) - del->Where( - And(And(And(Equals( - securityOriginData.feature), - Equals( - securityOriginData.origin.scheme)), - Equals(securityOriginData. - origin.host)), - Equals(securityOriginData.origin. - port))); - del->Execute(); - transaction.Commit(); - } + ScopedTransaction transaction(&m_dbInterface); + SECURITY_ORIGIN_DB_DELETE(del, SecurityOriginInfo, &m_dbInterface) + Equals eFeature(data.feature); + Equals eScheme(data.origin.scheme); + Equals eHost(data.origin.host); + Equals ePort(data.origin.port); + del.Where(And(And(And(eFeature, eScheme), eHost), ePort)); + del.Execute(); + transaction.Commit(); } - SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to set security origin data") + SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to remove security origin data") } void SecurityOriginDAO::removeSecurityOriginData(const Result result) { SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN { - ScopedTransaction transaction(&m_securityOriginDBInterface); - SECURITY_ORIGIN_DB_DELETE(del, - SecurityOriginInfo, - &m_securityOriginDBInterface) - del->Where(Equals(result)); - del->Execute(); + ScopedTransaction transaction(&m_dbInterface); + SECURITY_ORIGIN_DB_DELETE(del, SecurityOriginInfo, &m_dbInterface) + del.Where(Equals(result)); + del.Execute(); transaction.Commit(); } SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to remove data by result") } -bool SecurityOriginDAO::hasResult(const SecurityOriginData &securityOriginData) +bool SecurityOriginDAO::hasResult(const SecurityOriginData &data) +{ + Result ret = getResult(data); + return (ret != RESULT_UNKNOWN); +} + +void SecurityOriginDAO::insertData(const SecurityOriginData &data, + const Result result, + const bool readOnly) { - Result res = getResult(securityOriginData); - return (res != RESULT_UNKNOWN); + SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN + { + SecurityOriginInfoRow row; + row.Set_feature(data.feature); + row.Set_scheme(data.origin.scheme); + row.Set_host(data.origin.host); + row.Set_port(data.origin.port); + row.Set_result(result); + row.Set_readonly(readOnly ? 1 : 0); + + ScopedTransaction transaction(&m_dbInterface); + SECURITY_ORIGIN_DB_INSERT(insert, SecurityOriginInfo, &m_dbInterface); + insert.Values(row); + insert.Execute(); + transaction.Commit(); + } + SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to insert") } +void SecurityOriginDAO::updateData(const SecurityOriginData &data, + const Result result, + const bool readOnly) +{ + SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN + { + SecurityOriginInfoRow row; + row.Set_feature(data.feature); + row.Set_scheme(data.origin.scheme); + row.Set_host(data.origin.host); + row.Set_port(data.origin.port); + row.Set_result(result); + row.Set_readonly(readOnly ? 1 : 0); + + ScopedTransaction transaction(&m_dbInterface); + SECURITY_ORIGIN_DB_UPDATE(update, SecurityOriginInfo, &m_dbInterface); + Equals eFeature(data.feature); + Equals eScheme(data.origin.scheme); + Equals eHost(data.origin.host); + Equals ePort(data.origin.port); + update.Where(And(And(And(eFeature, eScheme), eHost), ePort)); + update.Values(row); + update.Execute(); + transaction.Commit(); + } + SQL_CONNECTION_EXCEPTION_HANDLER_END("Fail to update") +} #undef SQL_CONNECTION_EXCEPTION_HANDLER_BEGIN #undef SQL_CONNECTION_EXCEPTION_HANDLER_END } // namespace SecurityOriginDB diff --git a/modules/security_origin_dao/dao/security_origin_database.cpp b/modules/security_origin_dao/dao/security_origin_database.cpp deleted file mode 100644 index 0564a18..0000000 --- a/modules/security_origin_dao/dao/security_origin_database.cpp +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -DPL::Mutex g_securityOriginDBQueriesMutex; diff --git a/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_dao.h b/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_dao.h old mode 100755 new mode 100644 index e8c8604..d922764 --- a/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_dao.h +++ b/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_dao.h @@ -42,20 +42,27 @@ class SecurityOriginDAO explicit SecurityOriginDAO(const WrtDB::TizenPkgId &pkgName); virtual ~SecurityOriginDAO(); SecurityOriginDataList getSecurityOriginDataList(); - Result getResult(const SecurityOriginData &securityOriginData); - bool isReadOnly(const SecurityOriginData &securityOriginData); - void setSecurityOriginData(const SecurityOriginData &securityOriginData, + Result getResult(const SecurityOriginData &data); + bool isReadOnly(const SecurityOriginData &data); + void setSecurityOriginData(const SecurityOriginData &data, const Result result, const bool readOnly = false); void setPrivilegeSecurityOriginData(const WrtDB::Feature feature, bool isOnlyAllowedLocalOrigin = true); - void removeSecurityOriginData(const SecurityOriginData &securityOriginData); + void removeSecurityOriginData(const SecurityOriginData &data); void removeSecurityOriginData(const Result result); private: - std::string m_securityOriginDBPath; - DPL::DB::ThreadDatabaseSupport m_securityOriginDBInterface; - bool hasResult(const SecurityOriginData &securityOriginData); + std::string m_dbPath; + DPL::DB::ThreadDatabaseSupport m_dbInterface; + + bool hasResult(const SecurityOriginData &data); + void insertData(const SecurityOriginData &data, + const Result result, + const bool readOnly); + void updateData(const SecurityOriginData &data, + const Result result, + const bool readOnly); }; typedef std::shared_ptr SecurityOriginDAOPtr; diff --git a/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_database.h b/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_database.h deleted file mode 100644 index d401620..0000000 --- a/modules/security_origin_dao/include/wrt-commons/security-origin-dao/security_origin_database.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef _SECURITY_ORIGIN_DATABASE_H_ -#define _SECURITY_ORIGIN_DATABASE_H_ - -#include -#include - -extern DPL::Mutex g_securityOriginDBQueriesMutex; - -#define SECURITY_ORIGIN_DB_INTERNAL(tlsCommand, InternalType, interface) \ - static DPL::ThreadLocalVariable *tlsCommand##Ptr = NULL; \ - { \ - DPL::Mutex::ScopedLock lock(&g_securityOriginDBQueriesMutex); \ - if (!tlsCommand##Ptr) { \ - static DPL::ThreadLocalVariable tmp; \ - tlsCommand##Ptr = &tmp; \ - } \ - } \ - DPL::ThreadLocalVariable &tlsCommand = *tlsCommand##Ptr; \ - if (tlsCommand.IsNull()) { tlsCommand = InternalType(interface); } - -#define SECURITY_ORIGIN_DB_SELECT(name, type, interface) \ - SECURITY_ORIGIN_DB_INTERNAL(name, type::Select, interface) - -#define SECURITY_ORIGIN_DB_INSERT(name, type, interface) \ - SECURITY_ORIGIN_DB_INTERNAL(name, type::Insert, interface) - -#define SECURITY_ORIGIN_DB_UPDATE(name, type, interface) \ - SECURITY_ORIGIN_DB_INTERNAL(name, type::Update, interface) - -#define SECURITY_ORIGIN_DB_DELETE(name, type, interface) \ - SECURITY_ORIGIN_DB_INTERNAL(name, type::Delete, interface) - -#endif // _SECURITY_ORIGIN_DATABASE_H_ - -- 2.34.1