From 45ebf7f11db1235b5fda5f2b55e4122065dd1d70 Mon Sep 17 00:00:00 2001 From: Piotr Ganicz Date: Tue, 31 May 2016 13:01:11 +0200 Subject: [PATCH] Privilages refactor This patch moves the privileges.h header from wgt-backend to app-installer repository. It collects the privileges definitions to one place. The following patchsets should be submitted together: - https://review.tizen.org/gerrit/72341 - https://review.tizen.org/gerrit/72342 Change-Id: I0cec9b08340193e0ed28c00c3bb7083fecc16ddd --- src/common/CMakeLists.txt | 1 + src/common/privileges.cc | 21 +++++++++++++++++++++ src/common/privileges.h | 19 +++++++++++++++++++ .../step_create_per_user_storage_directories.cc | 5 ++--- .../step/security/step_privilege_compatibility.cc | 16 +++++----------- 5 files changed, 48 insertions(+), 14 deletions(-) create mode 100644 src/common/privileges.cc create mode 100644 src/common/privileges.h diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index b433bd3..45ca2d7 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -1,5 +1,6 @@ # Target - sources SET(SRCS + privileges.cc app_installer.cc backup_paths.cc certificate_validation.cc diff --git a/src/common/privileges.cc b/src/common/privileges.cc new file mode 100644 index 0000000..87d2db7 --- /dev/null +++ b/src/common/privileges.cc @@ -0,0 +1,21 @@ +// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +// Use of this source code is governed by a apache 2.0 license that can be +// found in the LICENSE file. + +#include "common/privileges.h" + +namespace common { +namespace privileges { +const char kImePrivilegeName[] = "http://tizen.org/privilege/ime"; +const char kPrivForWebApp[] = + "http://tizen.org/privilege/internal/webappdefault"; +const char kPrivForPublic[] = + "http://tizen.org/privilege/internal/default/public"; +const char kPrivForPartner[] = + "http://tizen.org/privilege/internal/default/partner"; +const char kPrivForPlatform[] = + "http://tizen.org/privilege/internal/default/platform"; +const char kPrivForExternalAppData[] = + "http://tizen.org/privilege/externalstorage.appdata"; +} // namespace privileges +} // namespace common diff --git a/src/common/privileges.h b/src/common/privileges.h new file mode 100644 index 0000000..1149a68 --- /dev/null +++ b/src/common/privileges.h @@ -0,0 +1,19 @@ +// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +// Use of this source code is governed by a apache 2.0 license that can be +// found in the LICENSE file. + +#ifndef COMMON_PRIVILEGES_H_ +#define COMMON_PRIVILEGES_H_ + +namespace common { +namespace privileges { +extern const char kImePrivilegeName[]; +extern const char kPrivForWebApp[]; +extern const char kPrivForPublic[]; +extern const char kPrivForPartner[]; +extern const char kPrivForPlatform[]; +extern const char kPrivForExternalAppData[]; +} // namespace privileges +} // namespace common + +#endif // COMMON_PRIVILEGES_H_ diff --git a/src/common/step/filesystem/step_create_per_user_storage_directories.cc b/src/common/step/filesystem/step_create_per_user_storage_directories.cc index 39b630b..4963cbd 100644 --- a/src/common/step/filesystem/step_create_per_user_storage_directories.cc +++ b/src/common/step/filesystem/step_create_per_user_storage_directories.cc @@ -6,6 +6,7 @@ #include #include "common/step/filesystem/step_create_per_user_storage_directories.h" +#include "common/privileges.h" #include "common/shared_dirs.h" #include "common/utils/glist_range.h" @@ -36,10 +37,8 @@ common_installer::Step::Status StepCreatePerUserStorageDirectories::process() { bool StepCreatePerUserStorageDirectories::CreateExternalStorageDir() { auto manifest = context_->manifest_data.get(); bool has_external_storage_priv = false; - const char* privilege = - "http://tizen.org/privilege/externalstorage.appdata"; for (const char* priv : GListRange(manifest->privileges)) { - if (strcmp(priv, privilege) == 0) { + if (strcmp(priv, common::privileges::kPrivForExternalAppData) == 0) { has_external_storage_priv = true; LOG(DEBUG) << "External storage privilege has been found."; break; diff --git a/src/common/step/security/step_privilege_compatibility.cc b/src/common/step/security/step_privilege_compatibility.cc index 0a192a0..6f2867b 100644 --- a/src/common/step/security/step_privilege_compatibility.cc +++ b/src/common/step/security/step_privilege_compatibility.cc @@ -12,17 +12,11 @@ #include #include +#include "common/privileges.h" #include "common/utils/glist_range.h" namespace { -const char kPrivForPublic[] = - "http://tizen.org/privilege/internal/default/public"; -const char kPrivForPartner[] = - "http://tizen.org/privilege/internal/default/partner"; -const char kPrivForPlatform[] = - "http://tizen.org/privilege/internal/default/platform"; - bool TranslatePrivilegesForCompatibility(manifest_x* m) { if (!m->api_version) { LOG(WARNING) << "Skipping privileges mapping because api-version " @@ -78,24 +72,24 @@ Step::Status StepPrivilegeCompatibility::process() { case common_installer::PrivilegeLevel::PUBLIC: context_->manifest_data.get()->privileges = g_list_append(context_->manifest_data.get()->privileges, - strdup(kPrivForPublic)); + strdup(common::privileges::kPrivForPublic)); break; case common_installer::PrivilegeLevel::PARTNER: context_->manifest_data.get()->privileges = g_list_append(context_->manifest_data.get()->privileges, - strdup(kPrivForPartner)); + strdup(common::privileges::kPrivForPartner)); break; case common_installer::PrivilegeLevel::PLATFORM: context_->manifest_data.get()->privileges = g_list_append(context_->manifest_data.get()->privileges, - strdup(kPrivForPlatform)); + strdup(common::privileges::kPrivForPlatform)); break; default: // TODO(jongmyeong.ko): temporarily, public privileges for untrusted // application. context_->manifest_data.get()->privileges = g_list_append(context_->manifest_data.get()->privileges, - strdup(kPrivForPublic)); + strdup(common::privileges::kPrivForPublic)); break; } if (!ret) { -- 2.7.4