2 * security-manager, database access
4 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Rafal Krypa <r.krypa@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
23 * @file privilege_db.cpp
24 * @author Krzysztof Sasiak <k.sasiak@samsung.com>
25 * @author Rafal Krypa <r.krypa@samsung.com>
27 * @brief This file contains declaration of the API to privileges database.
35 #include <dpl/log/log.h>
36 #include "privilege_db.h"
38 namespace SecurityManager {
40 /* Common code for handling SqlConnection exceptions */
42 T try_catch(const std::function<T()> &func)
46 } catch (DB::SqlConnection::Exception::SyntaxError &e) {
47 LogError("Syntax error in command: " << e.DumpToString());
48 ThrowMsg(PrivilegeDb::Exception::InternalError,
49 "Syntax error in command: " << e.DumpToString());
50 } catch (DB::SqlConnection::Exception::InternalError &e) {
51 LogError("Mysterious internal error in SqlConnection class" << e.DumpToString());
52 ThrowMsg(PrivilegeDb::Exception::InternalError,
53 "Mysterious internal error in SqlConnection class: " << e.DumpToString());
57 PrivilegeDb::PrivilegeDb(const std::string &path)
60 mSqlConnection = new DB::SqlConnection(path,
61 DB::SqlConnection::Flag::None,
62 DB::SqlConnection::Flag::RW);
63 } catch (DB::SqlConnection::Exception::Base &e) {
64 LogError("Database initialization error: " << e.DumpToString());
65 ThrowMsg(PrivilegeDb::Exception::IOError,
66 "Database initialization error:" << e.DumpToString());
71 PrivilegeDb::~PrivilegeDb()
73 delete mSqlConnection;
76 void PrivilegeDb::BeginTransaction(void)
79 mSqlConnection->BeginTransaction();
83 void PrivilegeDb::CommitTransaction(void)
86 mSqlConnection->CommitTransaction();
90 void PrivilegeDb::RollbackTransaction(void)
93 mSqlConnection->RollbackTransaction();
97 bool PrivilegeDb::PkgIdExists(const std::string &pkgId)
99 return try_catch<bool>([&] {
100 DB::SqlConnection::DataCommandAutoPtr command =
101 mSqlConnection->PrepareDataCommand(
102 Queries.at(QueryType::EPkgIdExists));
103 command->BindString(1, pkgId.c_str());
104 if (command->Step()) {
105 // pkgId found in the database
110 // pkgId not found in the database
115 bool PrivilegeDb::GetAppPkgId(const std::string &appId, std::string &pkgId)
117 return try_catch<bool>([&] {
118 DB::SqlConnection::DataCommandAutoPtr command =
119 mSqlConnection->PrepareDataCommand(Queries.at(QueryType::EGetPkgId));
120 command->BindString(1, appId.c_str());
122 if (!command->Step()) {
123 // No application with such appId
127 // application package found in the database, get it
128 pkgId = command->GetColumnString(0);
134 void PrivilegeDb::AddApplication(const std::string &appId,
135 const std::string &pkgId, uid_t uid, bool &pkgIdIsNew)
137 pkgIdIsNew = !(this->PkgIdExists(pkgId));
139 try_catch<void>([&] {
140 DB::SqlConnection::DataCommandAutoPtr command =
141 mSqlConnection->PrepareDataCommand(
142 Queries.at(QueryType::EAddApplication));
144 command->BindString(1, appId.c_str());
145 command->BindString(2, pkgId.c_str());
146 command->BindInteger(3, static_cast<unsigned int>(uid));
148 if (command->Step()) {
149 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
150 Queries.at(QueryType::EAddApplication));
154 LogDebug("Added appId: " << appId << ", pkgId: " << pkgId);
158 void PrivilegeDb::RemoveApplication(const std::string &appId, uid_t uid,
161 try_catch<void>([&] {
163 if (!GetAppPkgId(appId, pkgId)) {
164 pkgIdIsNoMore = false;
168 DB::SqlConnection::DataCommandAutoPtr command =
169 mSqlConnection->PrepareDataCommand(
170 Queries.at(QueryType::ERemoveApplication));
172 command->BindString(1, appId.c_str());
173 command->BindInteger(2, static_cast<unsigned int>(uid));
175 if (command->Step()) {
176 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
177 Queries.at(QueryType::ERemoveApplication));
181 LogDebug("Removed appId: " << appId);
183 pkgIdIsNoMore = !(this->PkgIdExists(pkgId));
187 void PrivilegeDb::GetPkgPrivileges(const std::string &pkgId, uid_t uid,
188 std::vector<std::string> ¤tPrivileges)
190 try_catch<void>([&] {
191 DB::SqlConnection::DataCommandAutoPtr command =
192 mSqlConnection->PrepareDataCommand(
193 Queries.at(QueryType::EGetPkgPrivileges));
194 command->BindString(1, pkgId.c_str());
195 command->BindInteger(2, static_cast<unsigned int>(uid));
197 while (command->Step()) {
198 std::string privilege = command->GetColumnString(0);
199 LogDebug("Got privilege: " << privilege);
200 currentPrivileges.push_back(privilege);
205 void PrivilegeDb::RemoveAppPrivileges(const std::string &appId, uid_t uid)
207 try_catch<void>([&] {
208 DB::SqlConnection::DataCommandAutoPtr command =
209 mSqlConnection->PrepareDataCommand(Queries.at(QueryType::ERemoveAppPrivileges));
211 command->BindString(1, appId.c_str());
212 command->BindInteger(2, static_cast<unsigned int>(uid));
213 if (command->Step()) {
214 LogDebug("Unexpected SQLITE_ROW answer to query: " <<
215 Queries.at(QueryType::ERemoveAppPrivileges));
218 LogDebug("Removed all privileges for appId: " << appId);
222 void PrivilegeDb::UpdateAppPrivileges(const std::string &appId, uid_t uid,
223 const std::vector<std::string> &privileges)
225 try_catch<void>([&] {
226 DB::SqlConnection::DataCommandAutoPtr command =
227 mSqlConnection->PrepareDataCommand(Queries.at(QueryType::EAddAppPrivileges));
228 command->BindString(1, appId.c_str());
229 command->BindInteger(2, static_cast<unsigned int>(uid));
231 RemoveAppPrivileges(appId, uid);
233 for (const auto &privilege : privileges) {
234 command->BindString(3, privilege.c_str());
237 LogDebug("Added privilege: " << privilege << " to appId: " << appId);
242 void PrivilegeDb::GetPrivilegeGroups(const std::string &privilege,
243 std::vector<std::string> &groups)
245 try_catch<void>([&] {
246 DB::SqlConnection::DataCommandAutoPtr command =
247 mSqlConnection->PrepareDataCommand(
248 Queries.at(QueryType::EGetPrivilegeGroups));
249 command->BindString(1, privilege.c_str());
251 while (command->Step()) {
252 std::string groupName = command->GetColumnString(0);
253 LogDebug("Privilege " << privilege << " gives access to group: " << groupName);
254 groups.push_back(groupName);
260 } //namespace SecurityManager