2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @file task_ace_check.cpp
18 * @author Pawel Sikorski (p.sikorski@samsung.com)
20 * @brief Implementation file for installer task ace check
27 #include <widget_install/task_ace_check.h>
28 #include <dpl/assert.h>
29 #include <dpl/log/log.h>
30 #include <dpl/foreach.h>
32 #include <widget_install/widget_install_context.h>
33 #include <widget_install/widget_install_errors.h>
34 #include <widget_install/job_widget_install.h>
36 #include <dpl/wrt-dao-rw/widget_dao.h>
37 #include <ace_api_install.h>
40 namespace WidgetInstall {
41 TaskAceCheck::TaskAceCheck(InstallerContext& context) :
42 DPL::TaskDecl<TaskAceCheck>(this),
45 AddStep(&TaskAceCheck::StepPrepareForAce);
46 AddStep(&TaskAceCheck::StepAceCheck);
47 AddStep(&TaskAceCheck::StepProcessAceResponse);
48 AddStep(&TaskAceCheck::StepCheckAceResponse);
51 void TaskAceCheck::StepPrepareForAce()
53 m_context.featureLogic =
54 FeatureLogicPtr(new FeatureLogic(m_context.widgetConfig.tzAppid));
55 m_context.job->UpdateProgress(
56 InstallerContext::INSTALL_ACE_PREPARE,
57 "Widget Access Control Check Prepared");
60 void TaskAceCheck::StepAceCheck()
62 WrtDB::WidgetDAO dao(m_context.widgetConfig.tzAppid);
63 LogInfo("StepAceCheck!");
64 // This widget does not use any device cap
65 if (m_context.featureLogic->isDone()) {
69 LogInfo("StepAceCheck!");
70 DPL::String deviceCap = m_context.featureLogic->getDevice();
72 LogInfo("StepAceCheck!");
73 LogInfo("DevCap is : " << deviceCap);
75 std::string devCapStr = DPL::ToUTF8String(deviceCap);
76 ace_policy_result_t policyResult = ACE_DENY;
78 //TODO: remove dao.getHandle()
79 if (m_context.job->getInstallerStruct().m_installMode
80 == InstallMode::INSTALL_MODE_PRELOAD)
82 LogDebug("This widget is prealoaded. So ace check will be skiped");
83 policyResult = ACE_PERMIT;
85 ace_return_t ret = ace_get_policy_result(
86 const_cast<const ace_resource_t>(devCapStr.c_str()),
90 ThrowMsg(Exceptions::AceCheckFailed, "Instalation failure. "
95 LogInfo("PolicyResult is : " << static_cast<int>(policyResult));
96 m_context.staticPermittedDevCaps.insert(std::make_pair(deviceCap,
100 m_context.featureLogic->setAceResponse(policyResult != ACE_DENY);
103 void TaskAceCheck::StepProcessAceResponse()
105 WrtDB::WidgetDAO dao(m_context.widgetConfig.tzAppid);
106 if (m_context.widgetConfig.packagingType ==
107 WrtDB::PKG_TYPE_HOSTED_WEB_APP)
112 LogInfo("StepProcessAceResponse");
113 m_context.featureLogic->next();
115 // No device caps left to process
116 if (m_context.featureLogic->isDone()) {
117 LogInfo("All responses has been received from ACE.");
118 // Data to convert to C API
119 std::vector<std::string> devCaps;
120 std::vector<bool> devCapsSmack;
121 // Saving static dev cap permissions
122 FOREACH(cap, m_context.staticPermittedDevCaps) {
123 LogInfo("staticPermittedDevCaps : " << cap->first
124 << " smack: " << cap->second);
125 std::string devCapStr = DPL::ToUTF8String(cap->first);
126 devCaps.push_back(devCapStr);
127 devCapsSmack.push_back(cap->second);
129 ace_requested_dev_cap_list_t list;
130 list.count = devCaps.size();
131 list.items = new ace_requested_dev_cap_t[list.count];
133 for (unsigned int i = 0; i < devCaps.size(); ++i) {
134 list.items[i].device_capability =
135 const_cast<const ace_resource_t>(devCaps[i].c_str());
136 list.items[i].smack_granted =
137 devCapsSmack[i] ? ACE_TRUE : ACE_FALSE;
139 //TODO: remove dao.getHandle()
140 ace_return_t ret = ace_set_requested_dev_caps(dao.getHandle(),
143 ThrowMsg(Exceptions::AceCheckFailed, "Instalation failure. "
148 std::set<std::string> acceptedFeature;
149 auto it = m_context.featureLogic->resultBegin();
150 for (; it != m_context.featureLogic->resultEnd(); ++it) {
151 if (!(it->rejected)) {
152 acceptedFeature.insert(DPL::ToUTF8String(it->name));
155 ace_feature_list_t featureList;
156 featureList.count = acceptedFeature.size();
157 featureList.items = new ace_string_t[featureList.count];
160 for (std::set<std::string>::const_iterator iter = acceptedFeature.begin();
161 iter != acceptedFeature.end(); ++iter)
163 LogDebug("Accepted feature item: " << iter->c_str());
164 featureList.items[i] = const_cast<char *>(iter->c_str());
168 //TODO: remove dao.getHandle()
169 ret = ace_set_accepted_feature(dao.getHandle(), &featureList);
171 delete[] featureList.items;
174 LogError("Error in ace_set_feature");
175 ThrowMsg(Exceptions::AceCheckFailed, "Instalation failure. "
176 "ace_set_feature failure.");
181 LogInfo("Next device cap.");
182 // Process next device cap
183 SwitchToStep(&TaskAceCheck::StepAceCheck);
186 void TaskAceCheck::StepCheckAceResponse()
188 LogInfo("Checking ACE response");
189 if (m_context.featureLogic->isRejected()) {
190 LogError("Installation failure. Some devCap was not accepted by ACE.");
192 Exceptions::PrivilegeLevelViolation,
193 "Instalation failure. "
194 "Some deviceCap was not accepted by ACE.");
196 LogInfo("Updating \"feature reject status\" in database!");
197 auto it = m_context.featureLogic->resultBegin();
198 auto end = m_context.featureLogic->resultEnd();
199 for (; it != end; ++it) {
201 " |- Feature: " << it->name << " has reject status: " <<
204 WrtDB::WidgetDAO dao(m_context.widgetConfig.tzAppid);
205 dao.updateFeatureRejectStatus(*it);
208 LogInfo("Installation continues...");
210 m_context.job->UpdateProgress(
211 InstallerContext::INSTALL_ACE_CHECK,
212 "Widget Access Control Check Finished");
214 } //namespace WidgetInstall