2 * security-manager, database access
4 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Rafal Krypa <r.krypa@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
23 * @file privilege_db.cpp
24 * @author Krzysztof Sasiak <k.sasiak@samsung.com>
25 * @author Rafal Krypa <r.krypa@samsung.com>
27 * @brief This file contains declaration of the API to privileges database.
35 #include <dpl/log/log.h>
36 #include "privilege_db.h"
38 namespace SecurityManager {
40 /* Common code for handling SqlConnection exceptions */
42 T try_catch(const std::function<T()> &func)
46 } catch (DB::SqlConnection::Exception::SyntaxError &e) {
47 LogError("Syntax error in command: " << e.DumpToString());
48 ThrowMsg(PrivilegeDb::Exception::InternalError,
49 "Syntax error in command: " << e.DumpToString());
50 } catch (DB::SqlConnection::Exception::InternalError &e) {
51 LogError("Mysterious internal error in SqlConnection class" << e.DumpToString());
52 ThrowMsg(PrivilegeDb::Exception::InternalError,
53 "Mysterious internal error in SqlConnection class: " << e.DumpToString());
57 PrivilegeDb::PrivilegeDb(const std::string &path)
60 mSqlConnection = new DB::SqlConnection(path,
61 DB::SqlConnection::Flag::None,
62 DB::SqlConnection::Flag::RW);
64 } catch (DB::SqlConnection::Exception::Base &e) {
65 LogError("Database initialization error: " << e.DumpToString());
66 ThrowMsg(PrivilegeDb::Exception::IOError,
67 "Database initialization error:" << e.DumpToString());
72 void PrivilegeDb::initDataCommands()
74 for (auto &it : Queries) {
75 m_commands.push_back(mSqlConnection->PrepareDataCommand(it.second));
79 DB::SqlConnection::DataCommandAutoPtr & PrivilegeDb::getQuery(QueryType queryType)
81 auto &command = m_commands.at(static_cast<size_t>(queryType));
86 PrivilegeDb::~PrivilegeDb()
88 delete mSqlConnection;
91 PrivilegeDb &PrivilegeDb::getInstance()
93 static PrivilegeDb privilegeDb;
97 void PrivilegeDb::BeginTransaction(void)
100 mSqlConnection->BeginTransaction();
104 void PrivilegeDb::CommitTransaction(void)
106 try_catch<void>([&] {
107 mSqlConnection->CommitTransaction();
111 void PrivilegeDb::RollbackTransaction(void)
113 try_catch<void>([&] {
114 mSqlConnection->RollbackTransaction();
118 bool PrivilegeDb::PkgIdExists(const std::string &pkgId)
120 return try_catch<bool>([&] {
121 auto &command = getQuery(QueryType::EPkgIdExists);
122 command->BindString(1, pkgId.c_str());
123 return command->Step();
127 bool PrivilegeDb::GetAppPkgId(const std::string &appId, std::string &pkgId)
129 return try_catch<bool>([&] {
130 auto &command = getQuery(QueryType::EGetPkgId);
131 command->BindString(1, appId.c_str());
133 if (!command->Step()) {
134 // No application with such appId
138 // application package found in the database, get it
139 pkgId = command->GetColumnString(0);
145 void PrivilegeDb::AddApplication(const std::string &appId,
146 const std::string &pkgId, uid_t uid, bool &pkgIdIsNew)
148 pkgIdIsNew = !(this->PkgIdExists(pkgId));
150 try_catch<void>([&] {
151 auto &command = getQuery(QueryType::EAddApplication);
152 command->BindString(1, appId.c_str());
153 command->BindString(2, pkgId.c_str());
154 command->BindInteger(3, static_cast<unsigned int>(uid));
156 if (command->Step()) {
157 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
158 Queries.at(QueryType::EAddApplication));
161 LogDebug("Added appId: " << appId << ", pkgId: " << pkgId);
165 void PrivilegeDb::RemoveApplication(const std::string &appId, uid_t uid,
168 try_catch<void>([&] {
170 if (!GetAppPkgId(appId, pkgId)) {
171 pkgIdIsNoMore = false;
175 auto &command = getQuery(QueryType::ERemoveApplication);
176 command->BindString(1, appId.c_str());
177 command->BindInteger(2, static_cast<unsigned int>(uid));
179 if (command->Step()) {
180 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
181 Queries.at(QueryType::ERemoveApplication));
184 LogDebug("Removed appId: " << appId);
186 pkgIdIsNoMore = !(this->PkgIdExists(pkgId));
190 void PrivilegeDb::GetPkgPrivileges(const std::string &pkgId, uid_t uid,
191 std::vector<std::string> ¤tPrivileges)
193 try_catch<void>([&] {
194 auto &command = getQuery(QueryType::EGetPkgPrivileges);
195 command->BindString(1, pkgId.c_str());
196 command->BindInteger(2, static_cast<unsigned int>(uid));
198 while (command->Step()) {
199 std::string privilege = command->GetColumnString(0);
200 LogDebug("Got privilege: " << privilege);
201 currentPrivileges.push_back(privilege);
206 void PrivilegeDb::RemoveAppPrivileges(const std::string &appId, uid_t uid)
208 try_catch<void>([&] {
209 auto &command = getQuery(QueryType::ERemoveAppPrivileges);
210 command->BindString(1, appId.c_str());
211 command->BindInteger(2, static_cast<unsigned int>(uid));
212 if (command->Step()) {
213 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
214 Queries.at(QueryType::ERemoveAppPrivileges));
217 LogDebug("Removed all privileges for appId: " << appId);
221 void PrivilegeDb::UpdateAppPrivileges(const std::string &appId, uid_t uid,
222 const std::vector<std::string> &privileges)
224 try_catch<void>([&] {
225 auto &command = getQuery(QueryType::EAddAppPrivileges);
226 command->BindString(1, appId.c_str());
227 command->BindInteger(2, static_cast<unsigned int>(uid));
229 RemoveAppPrivileges(appId, uid);
231 for (const auto &privilege : privileges) {
232 command->BindString(3, privilege.c_str());
235 LogDebug("Added privilege: " << privilege << " to appId: " << appId);
240 void PrivilegeDb::GetPrivilegeGroups(const std::string &privilege,
241 std::vector<std::string> &groups)
243 try_catch<void>([&] {
244 auto &command = getQuery(QueryType::EGetPrivilegeGroups);
245 command->BindString(1, privilege.c_str());
247 while (command->Step()) {
248 std::string groupName = command->GetColumnString(0);
249 LogDebug("Privilege " << privilege << " gives access to group: " << groupName);
250 groups.push_back(groupName);
255 void PrivilegeDb::GetUserApps(uid_t uid, std::vector<std::string> &apps)
257 try_catch<void>([&] {
258 auto &command = getQuery(QueryType::EGetUserApps);
259 command->BindInteger(1, static_cast<unsigned int>(uid));
261 while (command->Step()) {
262 std::string app = command->GetColumnString(0);
263 LogDebug("User " << uid << " has app " << app << " installed");
270 } //namespace SecurityManager