2 * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Rafal Krypa <r.krypa@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Michal Witanowski <m.witanowski@samsung.com>
21 * @author Rafal Krypa <r.krypa@samsung.com>
22 * @brief Implementation of security-manager service
25 #ifndef _SECURITY_MANAGER_SERVICE_
26 #define _SECURITY_MANAGER_SERVICE_
28 #include "base-service.h"
29 #include "service_impl.h"
31 namespace SecurityManager {
33 class ServiceException
36 DECLARE_EXCEPTION_TYPE(SecurityManager::Exception, Base)
37 DECLARE_EXCEPTION_TYPE(Base, InvalidAction)
41 public SecurityManager::BaseService
44 Service(const bool isSlave);
45 ServiceDescriptionVector GetServiceDescription();
49 ServiceImpl serviceImpl;
52 * Handle request from a client
54 * @param conn Socket connection information
55 * @param buffer Raw received data buffer
56 * @param interfaceID identifier used to distinguish source socket
57 * @return true on success
59 bool processOne(const ConnectionID &conn, MessageBuffer &buffer, InterfaceID interfaceID);
62 * Process application installation
64 * @param buffer Raw received data buffer
65 * @param send Raw data buffer to be sent
66 * @param uid User's identifier for whom application will be installed
68 void processAppInstall(MessageBuffer &buffer, MessageBuffer &send, uid_t uid);
71 * Process application uninstallation
73 * @param buffer Raw received data buffer
74 * @param send Raw data buffer to be sent
75 * @param uid User's identifier for whom application will be uninstalled
77 void processAppUninstall(MessageBuffer &buffer, MessageBuffer &send, uid_t uid);
80 * Process getting package id from app id
82 * @param buffer Raw received data buffer
83 * @param send Raw data buffer to be sent
85 void processGetPkgId(MessageBuffer &buffer, MessageBuffer &send);
88 * Process getting permitted group ids for app id
90 * @param buffer Raw received data buffer
91 * @param send Raw data buffer to be sent
92 * @param uid User's identifier for whom application will be launched
93 * @param pid Process id in which application will be launched
95 void processGetAppGroups(MessageBuffer &buffer, MessageBuffer &send, uid_t uid, pid_t pid);
97 void processUserAdd(MessageBuffer &buffer, MessageBuffer &send, uid_t uid);
99 void processUserDelete(MessageBuffer &buffer, MessageBuffer &send, uid_t uid);
102 * Process policy update request
104 * @param buffer Raw received data buffer
105 * @param send Raw data buffer to be sent
106 * @param uid Identifier of the user who sent the request
107 * @param pid PID of the process which sent the request
108 * @param smackLabel smack label of requesting app
110 void processPolicyUpdate(MessageBuffer &buffer, MessageBuffer &send, uid_t uid, pid_t pid, const std::string &smackLabel);
113 * List all privileges for specific user, placed in Cynara's PRIVACY_MANAGER
114 * or ADMIN's bucket - choice based on forAdmin parameter
116 * @param buffer Raw received data buffer
117 * @param send Raw data buffer to be sent
118 * @param uid Identifier of the user who sent the request
119 * @param pid PID of the process which sent the request
120 * @param smackLabel smack label of requesting app
121 * @param forAdmin determines internal type of request
123 void processGetConfiguredPolicy(MessageBuffer &buffer, MessageBuffer &send, uid_t uid, pid_t pid, const std::string &smackLabel, bool forAdmin);
126 * Get whole policy for specific user. Whole policy is a list of all apps,
127 * and their permissions (based on what they've stated in their manifests).
128 * If uid is unprivileged, then only privileges for the caller uid will be
129 * listed. If uid is privileged, then apps for all the users will be listed.
131 * @param buffer Raw received data buffer
132 * @param send Raw data buffer to be sent
133 * @param uid Identifier of the user who sent the request
134 * @param pid PID of the process which sent the request
135 * @param smackLabel smack label of requesting app
137 void processGetPolicy(MessageBuffer &buffer, MessageBuffer &send, uid_t uid, pid_t pid, const std::string &smackLabel);
140 * Process getting policies descriptions as strings from Cynara
142 * @param recv Raw received data buffer
143 * @param send Raw data buffer to be sent
145 void processPolicyGetDesc(MessageBuffer &send);
148 * Process getting privileges mapping. This retrieves and sends to clinet vector of privileges
149 * which are mapped to given privileges between two given privilege versions.
151 * @oaran send Raw data buffer to be sent
153 void processPrivilegesMappings(MessageBuffer &recv, MessageBuffer &send);
156 * Process getting groups bound with privileges
158 * @param send Raw data buffer to be sent
160 void processGroupsGet(MessageBuffer &send);
163 } // namespace SecurityManager
165 #endif // _SECURITY_MANAGER_SERVICE_