2 * security-manager, database access
4 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Rafal Krypa <r.krypa@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
23 * @file privilege_db.h
24 * @author Krzysztof Sasiak <k.sasiak@samsung.com>
25 * @author Rafal Krypa <r.krypa@samsung.com>
27 * @brief This file contains declaration of the API to privilges database.
36 #include <dpl/db/sql_connection.h>
37 #include <tzplatform_config.h>
39 #ifndef PRIVILEGE_DB_H_
40 #define PRIVILEGE_DB_H_
42 namespace SecurityManager {
44 const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
46 enum class QueryType {
62 * PrivilegeDb database class
68 * @exception DB::SqlConnection::Exception::IOError on problems with database access
71 PrivilegeDb(const std::string &path = std::string(PRIVILEGE_DB_PATH));
73 SecurityManager::DB::SqlConnection *mSqlConnection;
74 const std::map<QueryType, const char * const > Queries = {
75 { QueryType::EGetPkgPrivileges, "SELECT DISTINCT privilege_name FROM app_privilege_view WHERE pkg_name=? AND uid=? ORDER BY privilege_name"},
76 { QueryType::EGetAppPrivileges, "SELECT DISTINCT privilege_name FROM app_privilege_view WHERE app_name=? AND uid=? ORDER BY privilege_name"},
77 { QueryType::EAddApplication, "INSERT INTO app_pkg_view (app_name, pkg_name, uid) VALUES (?, ?, ?)" },
78 { QueryType::ERemoveApplication, "DELETE FROM app_pkg_view WHERE app_name=? AND uid=?" },
79 { QueryType::EAddAppPrivileges, "INSERT INTO app_privilege_view (app_name, uid, privilege_name) VALUES (?, ?, ?)" },
80 { QueryType::ERemoveAppPrivileges, "DELETE FROM app_privilege_view WHERE app_name=? AND uid=?" },
81 { QueryType::EPkgIdExists, "SELECT * FROM pkg WHERE name=?" },
82 { QueryType::EGetPkgId, " SELECT pkg_name FROM app_pkg_view WHERE app_name = ?" },
83 { QueryType::EGetPrivilegeGroups, " SELECT group_name FROM privilege_group_view WHERE privilege_name = ?" },
84 { QueryType::EGetUserApps, "SELECT name FROM app WHERE uid=?" },
85 { QueryType::EGetAppsInPkg, " SELECT app_name FROM app_pkg_view WHERE pkg_name = ?" },
89 * Container for initialized DataCommands, prepared for binding.
91 std::vector<DB::SqlConnection::DataCommandAutoPtr> m_commands;
94 * Fills empty m_commands map with sql commands prepared for binding.
96 * Because the "sqlite3_prepare_v2" function takes many cpu cycles, the PrivilegeDb
97 * is optimized to call it only once for one query type.
98 * Designed to be used in the singleton contructor.
100 void initDataCommands();
103 * Return prepared query for given query type.
104 * The query will be reset before returning.
106 * @param queryType query identifier
107 * @return reference to prepared, reset query
109 DB::SqlConnection::DataCommandAutoPtr & getQuery(QueryType queryType);
112 * Check if pkgId is already registered in database
114 * @param pkgId - package identifier
115 * @exception DB::SqlConnection::Exception::InternalError on internal error
116 * @return true if pkgId exists in the database
119 bool PkgIdExists(const std::string &pkgId);
125 DECLARE_EXCEPTION_TYPE(SecurityManager::Exception, Base)
126 DECLARE_EXCEPTION_TYPE(Base, IOError)
127 DECLARE_EXCEPTION_TYPE(Base, InternalError)
132 static PrivilegeDb &getInstance();
136 * @exception DB::SqlConnection::Exception::InternalError on internal error
139 void BeginTransaction(void);
143 * @exception DB::SqlConnection::Exception::InternalError on internal error
146 void CommitTransaction(void);
149 * Rollback transaction
150 * @exception DB::SqlConnection::Exception::InternalError on internal error
153 void RollbackTransaction(void);
156 * Return package id associated with a given application id
158 * @param appId - application identifier
159 * @param[out] pkgId - return application's pkgId
160 * @return true is application exists, false otherwise
161 * @exception DB::SqlConnection::Exception::InternalError on internal error
163 bool GetAppPkgId(const std::string &appId, std::string &pkgId);
166 * Retrieve list of privileges assigned to a pkgId
168 * @param pkgId - package identifier
169 * @param uid - user identifier for whom privileges will be retrieved
170 * @param[out] currentPrivileges - list of current privileges assigned to pkgId
171 * @exception DB::SqlConnection::Exception::InternalError on internal error
173 void GetPkgPrivileges(const std::string &pkgId, uid_t uid,
174 std::vector<std::string> ¤tPrivilege);
177 * Retrieve list of privileges assigned to an appId
179 * @param appId - application identifier
180 * @param uid - user identifier for whom privileges will be retrieved
181 * @param[out] currentPrivileges - list of current privileges assigned to appId
182 * @exception DB::SqlConnection::Exception::InternalError on internal error
184 void GetAppPrivileges(const std::string &appId, uid_t uid,
185 std::vector<std::string> ¤tPrivileges);
188 * Add an application into the database
190 * @param appId - application identifier
191 * @param pkgId - package identifier
192 * @param uid - user identifier for whom application is going to be installed
193 * @exception DB::SqlConnection::Exception::InternalError on internal error
195 void AddApplication(const std::string &appId, const std::string &pkgId,
199 * Remove an application from the database
201 * @param appId - application identifier
202 * @param uid - user identifier whose application is going to be uninstalled
203 * @param[out] pkgIdIsNoMore - return info if pkgId is in the database
204 * @exception DB::SqlConnection::Exception::InternalError on internal error
206 void RemoveApplication(const std::string &appId, uid_t uid, bool &pkgIdIsNoMore);
209 * Remove privileges assigned to application
211 * @param appId - application identifier
212 * @param uid - user identifier for whom privileges will be removed
213 * @exception DB::SqlConnection::Exception::InternalError on internal error
215 void RemoveAppPrivileges(const std::string &appId, uid_t uid);
218 * Update privileges assigned to application
219 * To assure data integrity this method must be called inside db transaction.
221 * @param appId - application identifier
222 * @param uid - user identifier for whom privileges will be updated
223 * @param privileges - list of privileges to assign
224 * @exception DB::SqlConnection::Exception::InternalError on internal error
226 void UpdateAppPrivileges(const std::string &appId, uid_t uid,
227 const std::vector<std::string> &privileges);
230 * Retrieve list of group ids assigned to a privilege
232 * @param privilege - privilege identifier
233 * @param[out] grp_names - list of group names assigned to the privilege
234 * @exception DB::SqlConnection::Exception::InternalError on internal error
236 void GetPrivilegeGroups(const std::string &privilege,
237 std::vector<std::string> &grp_names);
240 * Retrieve list of apps assigned to user
242 * @param uid - user identifier
243 * @param[out] apps - list of apps assigned to user,
244 * this parameter do not need to be empty, but
245 * it is being overwritten during function call.
246 * @exception DB::SqlConnection::Exception::InternalError on internal error
248 void GetUserApps(uid_t uid, std::vector<std::string> &apps);
250 * Retrieve a list of all application ids for a package id
252 * @param pkgId - package id
253 * @param[out] appIds - list of application ids for the package id
254 * @exception DB::SqlConnection::Exception::InternalError on internal error
256 void GetAppIdsForPkgId (const std::string &pkgId,
257 std::vector<std::string> &appIds);
260 } //namespace SecurityManager
262 #endif // PRIVILEGE_DB_H_