From f576bfea93240152921047444a9a9a271536e4ca Mon Sep 17 00:00:00 2001 From: "Sabera Djelti (sdi2)" Date: Fri, 26 Dec 2014 18:10:56 +0100 Subject: [PATCH] handle appsvc and app_info databases according to user Bug-Tizen=TC-2222 Change-Id: I83947d202a5799472f1c871a5f9347706cf1530b Signed-off-by: Sabera Djelti (sdi2) --- include/appsvc.h | 10 ++-- include/appsvc_db.h | 10 ++-- src/appsvc.c | 34 ++++++------- src/appsvc_db.c | 144 +++++++++++++++++++++++++++++++++++++++++++--------- test/appsvc_test.c | 4 +- 5 files changed, 148 insertions(+), 54 deletions(-) diff --git a/include/appsvc.h b/include/appsvc.h index 5b9f50d..f31f249 100755 --- a/include/appsvc.h +++ b/include/appsvc.h @@ -485,7 +485,7 @@ int appsvc_set_category(bundle *b, const char *category); * @endcode * */ -int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, void *data); +int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, void *data, uid_t uid); /** * @par Description: @@ -532,7 +532,7 @@ static int iter_fn(const char* pkg_name, void *data) * @endcode * */ -int appsvc_get_list(bundle *b, appsvc_info_iter_fn iter_fn, void *data); +int appsvc_get_list(bundle *b, appsvc_info_iter_fn iter_fn, void *data, uid_t uid); /** * @par Description: @@ -858,7 +858,7 @@ int appsvc_send_result(bundle *b, appsvc_result_val result); * */ int appsvc_set_defapp(const char *op, const char *mime_type, const char *uri, - const char *defapp); + const char *defapp, uid_t uid); /** * @par Description: @@ -885,7 +885,7 @@ int appsvc_set_defapp(const char *op, const char *mime_type, const char *uri, * @endcode * */ -int appsvc_unset_defapp(const char *defapp); +int appsvc_unset_defapp(const char *defapp, uid_t uid); /** * @par Description: @@ -917,7 +917,7 @@ int appsvc_unset_defapp(const char *defapp); * None * */ -int appsvc_is_defapp(const char *appid); +int appsvc_is_defapp(const char *appid, uid_t uid); /** diff --git a/include/appsvc_db.h b/include/appsvc_db.h index b9ef5c8..b471fa2 100755 --- a/include/appsvc_db.h +++ b/include/appsvc_db.h @@ -33,11 +33,11 @@ extern "C" { #endif -int _svc_db_add_app(const char *op, const char *mime_type, const char *uri, const char *pkg_name); -int _svc_db_delete_with_pkgname(const char *pkg_name); -char* _svc_db_get_app(const char *op, const char *mime_type, const char *uri); -int _svc_db_is_defapp(const char *pkg_name); -int _svc_db_get_list_with_collation(char *op, char *uri, char *mime, GSList **pkg_list); +int _svc_db_add_app(const char *op, const char *mime_type, const char *uri, const char *pkg_name, uid_t uid); +int _svc_db_delete_with_pkgname(const char *pkg_name, uid_t uid); +char* _svc_db_get_app(const char *op, const char *mime_type, const char *uri, uid_t uid); +int _svc_db_is_defapp(const char *pkg_name, uid_t uid); +int _svc_db_get_list_with_collation(char *op, char *uri, char *mime, GSList **pkg_list, uid_t uid); diff --git a/src/appsvc.c b/src/appsvc.c index 1ebee7c..ff70bfc 100644 --- a/src/appsvc.c +++ b/src/appsvc.c @@ -527,20 +527,20 @@ static int __get_list_with_condition_mime_extened(char *op, char *uri, char *mim } static int __get_list_with_condition_mime_extened_with_collation(char *op, char *uri, char *mime, - char *m_type, char *s_type, GSList **pkg_list) + char *m_type, char *s_type, GSList **pkg_list, uid_t uid) { char *tmp; tmp = malloc(MAX_MIME_STR_SIZE); - _svc_db_get_list_with_collation(op, uri, mime, pkg_list); + _svc_db_get_list_with_collation(op, uri, mime, pkg_list, uid); if ((strncmp(mime, "NULL", 4) != 0) && (strncmp(s_type, "%", 1) != 0)) { snprintf(tmp, MAX_MIME_STR_SIZE-1, "%s/*", m_type); - _svc_db_get_list_with_collation(op, uri, tmp, pkg_list); + _svc_db_get_list_with_collation(op, uri, tmp, pkg_list, uid); } if ((strncmp(mime, "NULL", 4) != 0) && (strncmp(m_type, "%", 1) != 0)) { snprintf(tmp, MAX_MIME_STR_SIZE-1, "*/*"); - _svc_db_get_list_with_collation(op, uri, tmp, pkg_list); + _svc_db_get_list_with_collation(op, uri, tmp, pkg_list, uid); } free(tmp); @@ -664,7 +664,7 @@ static int __get_list_with_submode(char *win_id, GSList **pkg_list) return 0; } -SLPAPI int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, void *data) +SLPAPI int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, void *data, uid_t uid) { appsvc_resolve_info_t info; char *pkgname; @@ -698,10 +698,10 @@ SLPAPI int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, _D("op - %s / mime - %s / shceme - %s\n", info.op, info.origin_mime, info.scheme); /*uri*/ - pkgname = _svc_db_get_app(info.op, info.origin_mime, info.uri); + pkgname = _svc_db_get_app(info.op, info.origin_mime, info.uri, uid); if(pkgname==NULL){ __get_list_with_condition_mime_extened_with_collation(info.op, info.uri, - info.mime, info.m_type, info.s_type, &pkg_list); + info.mime, info.m_type, info.s_type, &pkg_list, uid); pkg_count = g_slist_length(pkg_list); if(pkg_count > 0) { @@ -751,7 +751,7 @@ SLPAPI int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, /*scheme & host*/ if(info.uri_r_info) { - pkgname = _svc_db_get_app(info.op, info.origin_mime, info.uri_r_info); + pkgname = _svc_db_get_app(info.op, info.origin_mime, info.uri_r_info, uid); if(pkgname==NULL){ __get_list_with_condition_mime_extened(info.op, info.uri_r_info, @@ -799,7 +799,7 @@ SLPAPI int appsvc_run_service(bundle *b, int request_code, appsvc_res_fn cbfunc, } /*scheme*/ - pkgname = _svc_db_get_app(info.op, info.origin_mime, info.scheme); + pkgname = _svc_db_get_app(info.op, info.origin_mime, info.scheme, uid); if(pkgname==NULL){ __get_list_with_condition_mime_extened(info.op, info.scheme, @@ -846,7 +846,7 @@ end: return ret; } -SLPAPI int appsvc_get_list(bundle *b, appsvc_info_iter_fn iter_fn, void *data) +SLPAPI int appsvc_get_list(bundle *b, appsvc_info_iter_fn iter_fn, void *data, uid_t uid) { appsvc_resolve_info_t info; char *pkgname = NULL; @@ -875,7 +875,7 @@ SLPAPI int appsvc_get_list(bundle *b, appsvc_info_iter_fn iter_fn, void *data) _D("operation - %s / shceme - %s / mime - %s\n", info.op, info.scheme, info.mime); __get_list_with_condition_mime_extened_with_collation(info.op, info.uri, - info.mime, info.m_type, info.s_type, &pkg_list); + info.mime, info.m_type, info.s_type, &pkg_list, uid); if(info.uri_r_info) { __get_list_with_condition_mime_extened(info.op, info.uri_r_info, @@ -1005,14 +1005,14 @@ SLPAPI int appsvc_send_result(bundle *b, appsvc_result_val result) } SLPAPI int appsvc_set_defapp(const char *op, const char *mime_type, const char *uri, - const char *defapp) + const char *defapp, uid_t uid) { int ret; if(op == NULL || defapp == NULL) return APPSVC_RET_EINVAL; - ret = _svc_db_add_app(op, mime_type, uri, defapp); + ret = _svc_db_add_app(op, mime_type, uri, defapp, uid); if(ret < 0) return APPSVC_RET_ERROR; @@ -1020,14 +1020,14 @@ SLPAPI int appsvc_set_defapp(const char *op, const char *mime_type, const char * return APPSVC_RET_OK; } -SLPAPI int appsvc_unset_defapp(const char *defapp) +SLPAPI int appsvc_unset_defapp(const char *defapp, uid_t uid) { int ret; if(defapp == NULL) return APPSVC_RET_EINVAL; - ret = _svc_db_delete_with_pkgname(defapp); + ret = _svc_db_delete_with_pkgname(defapp, uid); if(ret < 0) return APPSVC_RET_ERROR; @@ -1035,9 +1035,9 @@ SLPAPI int appsvc_unset_defapp(const char *defapp) return APPSVC_RET_OK; } -SLPAPI int appsvc_is_defapp(const char *pkg_name) +SLPAPI int appsvc_is_defapp(const char *pkg_name, uid_t uid) { - return _svc_db_is_defapp(pkg_name); + return _svc_db_is_defapp(pkg_name, uid); } SLPAPI int appsvc_data_is_array(bundle *b, const char *key) diff --git a/src/appsvc_db.c b/src/appsvc_db.c index 5c66cca..bf4af4d 100755 --- a/src/appsvc_db.c +++ b/src/appsvc_db.c @@ -23,6 +23,8 @@ #include #include #include +#include +#include #include #include @@ -35,34 +37,121 @@ #define QUERY_MAX_LEN 8192 #define URI_MAX_LEN 4096 #define BUF_MAX_LEN 1024 +#define BUFSIZE 4096 +#define ROOT_UID 0 #define APPSVC_COLLATION "appsvc_collation" +#define QUERY_CREATE_TABLE_APPSVC "create table if not exists appsvc " \ + "(operation text, " \ + "mime_type text, " \ + "uri text, " \ + "pkg_name text, " \ + "PRIMARY KEY(pkg_name)) " + static sqlite3 *svc_db = NULL; static sqlite3 *app_info_db = NULL; - -static char* getUserSvcDB(void) +static int _mkdir(const char *dir, mode_t mode) { - if(getuid()) - return tzplatform_mkpath(TZ_USER_HOME, ".applications/dbspace/.appsvc.db"); - else - return SVC_DB_PATH; + char tmp[PATH_MAX]; + char *p = NULL; + size_t len; + int ret; + + snprintf(tmp, sizeof(tmp), "%s", dir); + len = strlen(tmp); + if(tmp[len - 1] == '/') + tmp[len - 1] = 0; + for(p = tmp + 1; *p; p++) { + if(*p == '/') { + *p = 0; + ret = mkdir(tmp, mode); + if (ret && errno != EEXIST) + return ret; + *p = '/'; + } + } + return mkdir(tmp, mode); } +static void _mkdir_for_user(const char* dir, uid_t uid, gid_t gid) { + int ret = 0; + + ret = _mkdir(dir, S_IRWXU | S_IRGRP | S_IXGRP | S_IXOTH); + if (ret == -1 && errno != EEXIST) { + _E("FAIL : to create directory %s %d", dir, errno); + } else if (getuid() == ROOT_UID) { + ret = chown(dir, uid, gid); + if (ret == -1) + _E("FAIL : chown %s %d.%d, because %s", dir, uid, gid, strerror(errno)); + } +} -static char* getUserAppDB(void) +static char* getUserSvcDB(uid_t uid) { - if(getuid()) - return tzplatform_mkpath(TZ_USER_HOME, ".applications/dbspace/.app_info.db"); - else - return APP_INFO_DB_PATH; + const char *appsvc_db = NULL; + const char *db_path = NULL; + uid_t uid_caller = getuid(); + gid_t gid = ROOT_UID; + + if (uid == ROOT_UID) { + _E("FAIL : Root is not allowed user! please fix it replacing with DEFAULT_USER"); + return NULL; + } + + if (uid != tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) { + tzplatform_set_user(uid); + appsvc_db = tzplatform_mkpath(TZ_USER_DB, ".appsvc.db"); + db_path = tzplatform_getenv(TZ_USER_DB); + gid = tzplatform_getgid(TZ_SYS_USER_GROUP); + tzplatform_reset_user(); + } else { + appsvc_db = tzplatform_mkpath(TZ_SYS_DB, ".appsvc.db"); + db_path = tzplatform_getenv(TZ_SYS_DB); + } + + // just allow certain users to create missing directory. + if (uid_caller == ROOT_UID || uid_caller == uid) + _mkdir_for_user (db_path, uid, gid); + + return appsvc_db; } + +static char* getUserAppDB(uid_t uid) +{ + const char *app_info_db = NULL; + const char *db_path = NULL; + uid_t uid_caller = getuid(); + gid_t gid = ROOT_UID; + + if (uid == ROOT_UID) { + _E("FAIL : Root is not allowed user! please fix it replacing with DEFAULT_USER"); + return NULL; + } + + if (uid != tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) { + tzplatform_set_user(uid); + app_info_db = tzplatform_mkpath(TZ_USER_DB, ".app_info.db"); + db_path = tzplatform_getenv(TZ_USER_DB); + gid = tzplatform_getgid(TZ_SYS_USER_GROUP); + tzplatform_reset_user(); + } else { + app_info_db = tzplatform_mkpath(TZ_SYS_DB, ".app_info.db"); + db_path = tzplatform_getenv(TZ_SYS_DB); + } + + // just allow certain users to create the missing directory. + if (uid_caller == ROOT_UID || uid_caller == uid) + _mkdir_for_user (db_path, uid, gid); + + return app_info_db; +} /** * db initialize */ -static int __init(void) +static int __init(uid_t uid) { int rc; @@ -71,7 +160,7 @@ static int __init(void) return 0; } - rc = sqlite3_open(getUserSvcDB(), &svc_db); + rc = sqlite3_open(getUserSvcDB(uid), &svc_db); if(rc) { _E("Can't open database: %s", sqlite3_errmsg(svc_db)); goto err; @@ -83,6 +172,11 @@ static int __init(void) _D("Fail to change journal mode\n"); goto err; } + rc = sqlite3_exec(svc_db, QUERY_CREATE_TABLE_APPSVC, NULL, NULL, NULL); + if(SQLITE_OK!=rc){ + _D("Fail to create tables\n"); + goto err; + } return 0; err: @@ -157,7 +251,7 @@ static int __collate_appsvc(void *ucol, int str1_len, const void *str1, int str2 return -1; } -static int __init_app_info_db(void) +static int __init_app_info_db(uid_t uid) { int rc; @@ -166,7 +260,7 @@ static int __init_app_info_db(void) return 0; } - rc = sqlite3_open(getUserAppDB(), &app_info_db); + rc = sqlite3_open(getUserAppDB(uid), &app_info_db); if(rc) { _E("Can't open database: %s", sqlite3_errmsg(app_info_db)); goto err; @@ -199,14 +293,14 @@ static int __fini(void) } -int _svc_db_add_app(const char *op, const char *mime_type, const char *uri, const char *pkg_name) +int _svc_db_add_app(const char *op, const char *mime_type, const char *uri, const char *pkg_name, uid_t uid) { char m[BUF_MAX_LEN]; char u[URI_MAX_LEN]; char query[QUERY_MAX_LEN]; char* error_message = NULL; - if(__init()<0) + if(__init(uid)<0) return -1; if(op == NULL ) @@ -235,7 +329,7 @@ int _svc_db_add_app(const char *op, const char *mime_type, const char *uri, cons return 0; } -int _svc_db_delete_with_pkgname(const char *pkg_name) +int _svc_db_delete_with_pkgname(const char *pkg_name, uid_t uid) { char query[QUERY_MAX_LEN]; char* error_message = NULL; @@ -245,7 +339,7 @@ int _svc_db_delete_with_pkgname(const char *pkg_name) return -1; } - if(__init()<0) + if(__init(uid)<0) return -1; snprintf(query, QUERY_MAX_LEN, "delete from appsvc where pkg_name = '%s';", pkg_name); @@ -261,7 +355,7 @@ int _svc_db_delete_with_pkgname(const char *pkg_name) return 0; } -int _svc_db_is_defapp(const char *pkg_name) +int _svc_db_is_defapp(const char *pkg_name, uid_t uid) { char query[QUERY_MAX_LEN]; sqlite3_stmt *stmt; @@ -273,7 +367,7 @@ int _svc_db_is_defapp(const char *pkg_name) return 0; } - if(__init()<0) + if(__init(uid)<0) return 0; snprintf(query, QUERY_MAX_LEN, @@ -297,7 +391,7 @@ int _svc_db_is_defapp(const char *pkg_name) return 1; } -char* _svc_db_get_app(const char *op, const char *mime_type, const char *uri) +char* _svc_db_get_app(const char *op, const char *mime_type, const char *uri, uid_t uid) { char m[BUF_MAX_LEN]; char u[URI_MAX_LEN]; @@ -323,7 +417,7 @@ char* _svc_db_get_app(const char *op, const char *mime_type, const char *uri) // if(doubt_sql_injection(mime_type)) // return NULL; - if(__init() < 0) + if(__init(uid) < 0) return NULL; @@ -365,7 +459,7 @@ db_fini : return ret_val; } -int _svc_db_get_list_with_collation(char *op, char *uri, char *mime, GSList **pkg_list) +int _svc_db_get_list_with_collation(char *op, char *uri, char *mime, GSList **pkg_list, uid_t uid) { char query[QUERY_MAX_LEN]; sqlite3_stmt* stmt; @@ -375,7 +469,7 @@ int _svc_db_get_list_with_collation(char *op, char *uri, char *mime, GSList **pk char *pkgname = NULL; int found; - if(__init_app_info_db()<0) + if(__init_app_info_db(uid)<0) return 0; snprintf(query, QUERY_MAX_LEN, "select package from app_info where x_slp_svc='%s|%s|%s' collate appsvc_collation", op,uri,mime); diff --git a/test/appsvc_test.c b/test/appsvc_test.c index d900b2b..d3c4965 100755 --- a/test/appsvc_test.c +++ b/test/appsvc_test.c @@ -131,7 +131,7 @@ int run_svc() __set_bundle_from_args(kb); - ret = appsvc_run_service(kb,0,NULL, NULL); + ret = appsvc_run_service(kb,0,NULL, NULL, getuid()); if(ret >= 0){ printf("open service success\n"); @@ -218,7 +218,7 @@ int run_svc_res() __set_bundle_from_args(kb); - ret = appsvc_run_service(kb, 0, cb_func, (void*)num); + ret = appsvc_run_service(kb, 0, cb_func, (void*)num, getuid()); if(ret >= 0){ printf("open service success\n"); -- 2.7.4