From f9d8de56ef5bdb61fe5e45aebba5ad8d6f71ff0a Mon Sep 17 00:00:00 2001
From: Sangkoo Kim <sangkoo.kim@samsung.com>
Date: Fri, 22 Apr 2016 13:48:11 +0900
Subject: [PATCH] Add permission check for open handle To check permission for
 read-only operation

Change-Id: I8189c3c669d9321cb69336fc2a783bc16fbed0e1
Signed-off-by: Sangkoo Kim <sangkoo.kim@samsung.com>
---
 framework/transaction-manager/MsgTransManager.cpp | 39 +++++++++++++++-------
 include/common/MsgCmdTypes.h                      |  3 ++
 include/mapi/msg_storage.h                        |  2 +-
 include/proxy/MsgHandle.h                         |  3 +-
 include/utils/MsgException.h                      |  4 +--
 proxy/MsgHandleControl.cpp                        | 40 +++++++++++++++++++++--
 utils/MsgDebug.cpp                                |  4 +++
 7 files changed, 78 insertions(+), 17 deletions(-)

diff --git a/framework/transaction-manager/MsgTransManager.cpp b/framework/transaction-manager/MsgTransManager.cpp
index e49e9d8..689e3cc 100755
--- a/framework/transaction-manager/MsgTransManager.cpp
+++ b/framework/transaction-manager/MsgTransManager.cpp
@@ -380,7 +380,6 @@ void MsgTransactionManager::handleRequest(int fd)
 		THROW(MsgException::OUT_OF_RANGE, "request CMD is not defined");
 
 	/* check privilege */
-/*	if (checkPrivilege(pCmd->cmdType, pCmd->cmdCookie) == false) { */
 	if (checkPrivilege(fd, pCmd->cmdType) == false) {
 		MSG_DEBUG("No Privilege rule. Not allowed.");
 #ifdef MSG_CHECK_PRIVILEGE
@@ -395,6 +394,7 @@ void MsgTransactionManager::handleRequest(int fd)
 
 	/* determine the handler based on pCmd->cmdType */
 	int (*pfHandler)(const MSG_CMD_S*, char**) = NULL;
+	MSG_CMD_S* pCmdDup = NULL;
 
 	switch (pCmd->cmdType) {
 	case MSG_CMD_PLG_SENT_STATUS_CNF:
@@ -405,8 +405,8 @@ void MsgTransactionManager::handleRequest(int fd)
 	case MSG_CMD_PLG_INCOMING_LBS_IND:
 	case MSG_CMD_PLG_INIT_SIM_BY_SAT:
 	case MSG_CMD_PLG_INCOMING_PUSH_IND:
-	case MSG_CMD_PLG_INCOMING_CB_IND: {
-		MSG_CMD_S* pCmdDup = (MSG_CMD_S*)calloc(1, len); /* pCmdDup should be freed afterward */
+	case MSG_CMD_PLG_INCOMING_CB_IND:
+		pCmdDup = (MSG_CMD_S*)calloc(1, len); /* pCmdDup should be freed afterward */
 		if (pCmdDup != NULL) {
 			memcpy(pCmdDup, pCmd, len);
 			memcpy(pCmdDup->cmdCookie, &fd, sizeof(int)); /* Now, cmdCookie keeps fd for return */
@@ -417,7 +417,12 @@ void MsgTransactionManager::handleRequest(int fd)
 			mxQ.unlock();
 		}
 		break;
-	}
+	case MSG_CMD_CHECK_PERMISSION:
+		MSG_DEBUG("Client has privilege. Allowed.");
+		MsgMakeErrorEvent(pCmd->cmdType, MSG_SUCCESS, &eventSize, &pEventData);
+		MSG_DEBUG("Replying to fd [%d], size [%d]", fd, eventSize);
+		servSock.write(fd, pEventData, eventSize);
+		break;
 	default:
 		pfHandler = handlerMap[pCmd->cmdType];
 		if (!pfHandler) {
@@ -435,8 +440,8 @@ void MsgTransactionManager::handleRequest(int fd)
 		}
 
 		MSG_DEBUG("Replying to fd [%d], size [%d]", fd, eventSize);
-
 		servSock.write(fd, pEventData, eventSize);
+		break;
 	}
 
 	MSG_END();
@@ -651,15 +656,14 @@ bool MsgTransactionManager::checkPrivilege(int fd, MSG_CMD_TYPE_T CmdType)
 	case MSG_CMD_GET_PUSH_MSG_OPT:
 	case MSG_CMD_GET_VOICE_MSG_OPT:
 	case MSG_CMD_GET_GENERAL_MSG_OPT:
-	case MSG_CMD_GET_MSG_SIZE_OPT: {
+	case MSG_CMD_GET_MSG_SIZE_OPT:
 		ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
 				"http://tizen.org/privilege/message.read");
 		if (ret != CYNARA_API_ACCESS_ALLOWED) {
 			MSG_INFO("privilege [read] not allowd : [%d]", ret);
 			bAllowed = false;
 		}
-	}
-	break;
+		break;
 	case MSG_CMD_SUBMIT_REQ:
 	case MSG_CMD_SET_CB_OPT:
 	case MSG_CMD_ADD_PUSH_EVENT:
@@ -694,15 +698,28 @@ bool MsgTransactionManager::checkPrivilege(int fd, MSG_CMD_TYPE_T CmdType)
 	case MSG_CMD_SET_PUSH_MSG_OPT:
 	case MSG_CMD_SET_VOICE_MSG_OPT:
 	case MSG_CMD_SET_GENERAL_MSG_OPT:
-	case MSG_CMD_SET_MSG_SIZE_OPT: {
+	case MSG_CMD_SET_MSG_SIZE_OPT:
 		ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
 				"http://tizen.org/privilege/message.write");
 		if (ret != CYNARA_API_ACCESS_ALLOWED) {
 			MSG_INFO("privilege [write] not allowd : [%d]", ret);
 			bAllowed = false;
 		}
-	}
-	break;
+		break;
+	case MSG_CMD_CHECK_PERMISSION:
+		ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
+				"http://tizen.org/privilege/message.read");
+		if (ret != CYNARA_API_ACCESS_ALLOWED) {
+			ret = cynara_check(p_cynara, peer_client, peer_session, peer_user,
+					"http://tizen.org/privilege/message.write");
+			if (ret != CYNARA_API_ACCESS_ALLOWED) {
+				MSG_INFO("privilege [write] not allowd : [%d]", ret);
+				bAllowed = false;
+			}
+		}
+		break;
+	default :
+		break;
 	}
 
 _END_OF_FUNC:
diff --git a/include/common/MsgCmdTypes.h b/include/common/MsgCmdTypes.h
index 2bb06c2..4b8f469 100755
--- a/include/common/MsgCmdTypes.h
+++ b/include/common/MsgCmdTypes.h
@@ -167,6 +167,8 @@ enum _MSG_CMD_TYPE_E
 #ifdef FEATURE_SMS_CDMA
 	MSG_CMD_PLG_CHECK_UNIQUENESS,
 #endif
+
+	MSG_CMD_CHECK_PERMISSION,
 /* end of MSG_CMD; new CMD should be defined before MSG_CMD_NUM */
 	MSG_CMD_NUM
 };
@@ -278,6 +280,7 @@ enum _MSG_EVENT_TYPE_E
 #ifdef FEATURE_SMS_CDMA
 	MSG_EVENT_PLG_CHECK_UNIQUENESS,
 #endif
+	MSG_EVENT_CHECK_PERMISSION,
 
 /* Enums that does not match _MSG_CMD_TYPE_E */
 	MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND,
diff --git a/include/mapi/msg_storage.h b/include/mapi/msg_storage.h
index 1b4d1b9..f7d2471 100755
--- a/include/mapi/msg_storage.h
+++ b/include/mapi/msg_storage.h
@@ -1163,7 +1163,7 @@ int msg_db_select_with_query(msg_handle_t handle, const char *query, char ***db_
  * @since_tizen 3.0
  *
  * @param[in] handle     The Message handle
- * @param[in] db_res     The result of SQL SELECT query
+ * @param[in] db_res     The DB result pointer to release
  *
  * @return  @c 0 on success,
  *        otherwise a negative error value
diff --git a/include/proxy/MsgHandle.h b/include/proxy/MsgHandle.h
index 571e772..bf6d0c2 100755
--- a/include/proxy/MsgHandle.h
+++ b/include/proxy/MsgHandle.h
@@ -160,7 +160,8 @@ class MsgHandle
 		void convertMsgStruct(const MSG_MESSAGE_HIDDEN_S *pSource, MSG_MESSAGE_INFO_S *pDest);
 		void convertSendOptStruct(const MSG_SENDINGOPT_S* pSrc, MSG_SENDINGOPT_INFO_S* pDest, MSG_MESSAGE_TYPE_S msgType);
 		int getSettingCmdSize(MSG_OPTION_TYPE_T optionType);
-		bool CheckEventData(char *pEventData);
+		bool checkEventData(char *pEventData);
+		msg_error_t checkPermission(void);
 
 		char mConnectionId[20];
 		short mCounter;
diff --git a/include/utils/MsgException.h b/include/utils/MsgException.h
index d598c59..3d18c59 100755
--- a/include/utils/MsgException.h
+++ b/include/utils/MsgException.h
@@ -46,7 +46,7 @@ class MsgException : public runtime_error /* public exception */
 {
 public:
 	MsgException(int errCode, const string& msg = "")
-	    : runtime_error(errorStrings[errCode] + " : " +  msg), eCode(errCode) {
+		: runtime_error(errorStrings[errCode] + " : " +  msg), eCode(errCode) {
 	}
 
 	enum
@@ -77,7 +77,7 @@ public:
 	int errorCode() { return eCode; }
 
 private:
-    	static string errorStrings[NUM_ERRORS];
+	static string errorStrings[NUM_ERRORS];
 	int eCode;
 };
 
diff --git a/proxy/MsgHandleControl.cpp b/proxy/MsgHandleControl.cpp
index 84631bc..2eac5dd 100755
--- a/proxy/MsgHandleControl.cpp
+++ b/proxy/MsgHandleControl.cpp
@@ -60,6 +60,11 @@ void MsgHandle::openHandle()
 
 	/* Open Socket IPC */
 	connectSocket();
+
+	/* Check cynara permission */
+	if (checkPermission() == MSG_ERR_PERMISSION_DENIED) {
+		THROW(MsgException::SECURITY_ERROR, "Client doesn't have permission");
+	}
 }
 
 
@@ -125,7 +130,7 @@ void MsgHandle::write(const char *pCmdData, int cmdSize, char **ppEvent)
 			break;
 		}
 
-		if (!CheckEventData(tmpEvent)) {
+		if (!checkEventData(tmpEvent)) {
 			delete [] tmpEvent;
 			tmpEvent = NULL;
 		} else {
@@ -593,7 +598,7 @@ int MsgHandle::getSettingCmdSize(MSG_OPTION_TYPE_T optionType)
 }
 
 
-bool MsgHandle::CheckEventData(char *pEventData)
+bool MsgHandle::checkEventData(char *pEventData)
 {
 	MSG_EVENT_S* pEvent = (MSG_EVENT_S*)pEventData;
 
@@ -616,3 +621,34 @@ bool MsgHandle::CheckEventData(char *pEventData)
 
 	return true;
 }
+
+msg_error_t MsgHandle::checkPermission(void)
+{
+	/* Allocate Memory to Command Data */
+	int cmdSize = sizeof(MSG_CMD_S);
+
+	char cmdBuf[cmdSize];
+	bzero(cmdBuf, cmdSize);
+	MSG_CMD_S* pCmd = (MSG_CMD_S*)cmdBuf;
+
+	/* Set Command Parameters */
+	pCmd->cmdType = MSG_CMD_CHECK_PERMISSION;
+
+	/* Send Command to Messaging FW */
+	char* pEventData = NULL;
+	unique_ptr<char*, void(*)(char**)> eventBuf(&pEventData, unique_ptr_deleter);
+
+	write((char*)pCmd, cmdSize, &pEventData);
+
+	/* Get Return Data */
+	MSG_EVENT_S* pEvent = (MSG_EVENT_S*)pEventData;
+
+	if (pEvent == NULL)
+		THROW(MsgException::INVALID_RESULT, "Event is NULL");
+
+	if (pEvent->eventType != MSG_EVENT_CHECK_PERMISSION) {
+		THROW(MsgException::INVALID_RESULT, "Event Data Error");
+	}
+
+	return pEvent->result;
+}
diff --git a/utils/MsgDebug.cpp b/utils/MsgDebug.cpp
index 1000bce..dacc4e4 100755
--- a/utils/MsgDebug.cpp
+++ b/utils/MsgDebug.cpp
@@ -216,6 +216,8 @@ const char * MsgDbgCmdStr(MSG_CMD_TYPE_T cmdType)
 	case MSG_CMD_PLG_CHECK_UNIQUENESS:
 		return "MSG_CMD_PLG_CHECK_UNIQUENESS";
 #endif
+	case MSG_CMD_CHECK_PERMISSION:
+		return "MSG_CMD_CHECK_PERMISSION";
 
 	default:
 		return "Unknown Command Type!!!";
@@ -419,6 +421,8 @@ const char * MsgDbgEvtStr(MSG_EVENT_TYPE_T evtType)
 	case MSG_EVENT_PLG_CHECK_UNIQUENESS:
 		return "MSG_EVENT_PLG_CHECK_UNIQUENESS";
 #endif
+	case MSG_EVENT_CHECK_PERMISSION:
+		return "MSG_EVENT_CHECK_PERMISSION";
 
 	case MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND:
 		return "MSG_EVENT_PLG_REPORT_MSG_INCOMING_IND";
-- 
2.7.4