From c71dd3eadc22a229d688279fbb8c8cae252abe8f Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Wed, 2 Apr 2014 18:50:07 +0200 Subject: [PATCH] Remove remaining parts of "additional rules" feature. Fix improper revert of commit "Adding additional rules" (c7914a7f28). Parts of that were removed in commit "Adapt to tizenorg" (479d21a75f), but not all. Change-Id: Ie093158c887aad56790334072f5bc47cda0c0aab --- db/220.libprivilege-updater.patch.sh | 1 - db/rules-db.sql | 99 ++---------------------------------- db/rules-db.xml | 21 -------- packaging/libprivilege-control.spec | 1 - 4 files changed, 3 insertions(+), 119 deletions(-) diff --git a/db/220.libprivilege-updater.patch.sh b/db/220.libprivilege-updater.patch.sh index aab0a95..d4ac691 100644 --- a/db/220.libprivilege-updater.patch.sh +++ b/db/220.libprivilege-updater.patch.sh @@ -3,4 +3,3 @@ /usr/share/privilege-control/db/updater.sh /usr/bin/api_feature_loader --verbose --dir=/usr/share/privilege-control/ -/usr/bin/api_feature_loader --verbose --rules=/usr/share/privilege-control/ADDITIONAL_RULES.smack diff --git a/db/rules-db.sql b/db/rules-db.sql index d4c5250..a188d04 100644 --- a/db/rules-db.sql +++ b/db/rules-db.sql @@ -114,17 +114,6 @@ CREATE TABLE IF NOT EXISTS permission_app_path_type_rule ( CREATE INDEX IF NOT EXISTS permission_app_path_type_rule_app_path_type_id_index ON permission_app_path_type_rule(app_path_type_id); -CREATE TABLE IF NOT EXISTS label_app_path_type_rule ( - label_id INTEGER NOT NULL, - app_path_type_id INTEGER NOT NULL, - access INTEGER NOT NULL DEFAULT 0, - is_reverse INTEGER NOT NULL DEFAULT 0, - - PRIMARY KEY (label_id, app_path_type_id, is_reverse), - - FOREIGN KEY(label_id) REFERENCES label(label_id), - FOREIGN KEY(app_path_type_id) REFERENCES app_path_type(app_path_type_id) -); CREATE TABLE IF NOT EXISTS label ( label_id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, @@ -354,58 +343,6 @@ BEGIN END; --- LABEL TO APP PATH TYPE RULE VIEW -------------------------------------------- -DROP VIEW IF EXISTS label_app_path_type_rule_view; -CREATE VIEW label_app_path_type_rule_view AS -SELECT - label_app_path_type_rule.label_id AS label_id, - label.name AS label_name, - app_path_type.name AS app_path_type_name, - label_app_path_type_rule.access AS access, - label_app_path_type_rule.is_reverse AS is_reverse -FROM label_app_path_type_rule -LEFT JOIN label USING(label_id) -LEFT JOIN app_path_type USING(app_path_type_id); - - -DROP TRIGGER IF EXISTS label_app_path_type_rule_view_insert_trigger; -CREATE TRIGGER label_app_path_type_rule_view_insert_trigger -INSTEAD OF INSERT -ON label_app_path_type_rule_view -BEGIN - INSERT OR IGNORE INTO label(name) VALUES (NEW.label_name); - - INSERT INTO label_app_path_type_rule(label_id, - app_path_type_id, - access, - is_reverse) - SELECT label.label_id, - app_path_type.app_path_type_id, - str_to_access(NEW.access), - NEW.is_reverse - FROM label, app_path_type - WHERE label.name = NEW.label_name AND - app_path_type.name = NEW.app_path_type_name; -END; - - -DROP TRIGGER IF EXISTS label_app_path_type_rule_view_delete_trigger; -CREATE TRIGGER label_app_path_type_rule_view_delete_trigger -INSTEAD OF DELETE -ON label_app_path_type_rule_view -BEGIN - -- Delete the rules with this label - DELETE FROM label_app_path_type_rule - WHERE label_app_path_type_rule.label_id - IN (SELECT label.label_id - FROM label - WHERE label.name = OLD.label_name); - - -- Delete the label if it's not referenced - DELETE FROM label_view - WHERE label_view.name = OLD.label_name; -END; - -- PERMISSION TO PERMISSION RULE VIEW ------------------------------------------ DROP VIEW IF EXISTS permission_permission_rule_view; CREATE VIEW permission_permission_rule_view AS @@ -471,13 +408,11 @@ DROP TRIGGER IF EXISTS label_view_delete_trigger; CREATE TRIGGER label_view_delete_trigger INSTEAD OF DELETE ON label_view WHEN OLD.label_id NOT IN (SELECT app.label_id - FROM app) AND + FROM app) AND OLD.label_id NOT IN (SELECT permission_label_rule.label_id - FROM permission_label_rule) AND + FROM permission_label_rule) AND OLD.label_id NOT IN (SELECT app_path.label_id - FROM app_path) AND - OLD.label_id NOT IN (SELECT label_app_path_type_rule.label_id - FROM label_app_path_type_rule) + FROM app_path) BEGIN DELETE FROM label WHERE label.name = OLD.name; END; @@ -827,31 +762,6 @@ INNER JOIN label USING(label_id) WHERE is_reverse = 1 AND app.name != label.name; --- LABEL TO PATH TYPE RULE VIEW ------------------------------------------- --- ltl = label to label -DROP VIEW IF EXISTS ltl_label_app_path_type_rule_view; -CREATE VIEW ltl_label_app_path_type_rule_view AS -SELECT label.name AS subject, - path_label.name AS object, - l.access AS access, - 0 AS is_volatile -FROM label_app_path_type_rule AS l -INNER JOIN label USING(label_id) -INNER JOIN app_path USING(app_path_type_id) -INNER JOIN label AS path_label ON app_path.label_id = path_label.label_id -WHERE is_reverse = 0 AND path_label.name != label.name -UNION ALL -SELECT path_label.name AS subject, - label.name AS object, - l.access AS access, - 0 AS is_volatile -FROM label_app_path_type_rule AS l -INNER JOIN label USING(label_id) -INNER JOIN app_path USING(app_path_type_id) -INNER JOIN label AS path_label ON app_path.label_id = path_label.label_id -WHERE is_reverse = 1 AND path_label.name != label.name; - - -- PERMISSION TO APPLICATION'S OWN PATHS --------------------------------------- -- ltl = label to label DROP VIEW IF EXISTS ltl_app_path_view; @@ -893,9 +803,6 @@ FROM (SELECT subject, object, access, is_volatile SELECT subject, object, access, is_volatile FROM ltl_permission_app_path_type_rule_view UNION ALL - SELECT subject, object, access, is_volatile - FROM ltl_label_app_path_type_rule_view - UNION ALL SELECT subject, object, access, 0 FROM ltl_app_path_view UNION ALL diff --git a/db/rules-db.xml b/db/rules-db.xml index 35e16b0..6bf2181 100644 --- a/db/rules-db.xml +++ b/db/rules-db.xml @@ -100,7 +100,6 @@ INTEGER - MEDIUMTEXT @@ -224,24 +223,4 @@ is_reverse - - -INTEGER - - - -INTEGER - - -INTEGER -0 - -TINYINT -NULL - -label_id -app_path_type_id -is_reverse - -
diff --git a/packaging/libprivilege-control.spec b/packaging/libprivilege-control.spec index 71aaaaa..b751db6 100644 --- a/packaging/libprivilege-control.spec +++ b/packaging/libprivilege-control.spec @@ -64,7 +64,6 @@ mkdir -p %{buildroot}/opt/dbspace %postun -p /sbin/ldconfig api_feature_loader --verbose --dir=/usr/share/privilege-control/ -api_feature_loader --verbose --rules=/usr/share/privilege-control/ADDITIONAL_RULES.smack %check ./db/updater.sh --check-files %{buildroot} -- 2.7.4