From c63a126323dbb421eff4f8ca0739a5053184a3c4 Mon Sep 17 00:00:00 2001 From: "taeyoon0.lee" Date: Mon, 22 Jan 2018 17:55:13 +0900 Subject: [PATCH] [4.0] Addd to check privilege for capture Change-Id: I666d80e1350f2f8c0cdb80861d8317837d4ff99f --- adaptors/tizen/capture-impl-tizen.cpp | 72 +++++++++++++++++++++++++++++++---- adaptors/tizen/capture-impl.h | 13 ++++--- adaptors/wearable/capture/capture.h | 6 +++ build/tizen/adaptor/Makefile.am | 6 ++- build/tizen/adaptor/configure.ac | 1 + packaging/dali-adaptor.spec | 1 + 6 files changed, 84 insertions(+), 15 deletions(-) diff --git a/adaptors/tizen/capture-impl-tizen.cpp b/adaptors/tizen/capture-impl-tizen.cpp index 8384bee..98d6077 100755 --- a/adaptors/tizen/capture-impl-tizen.cpp +++ b/adaptors/tizen/capture-impl-tizen.cpp @@ -25,6 +25,10 @@ #include #include #include +#include +#include +#include +#include // INTERNAL INCLUDES #include @@ -32,6 +36,10 @@ namespace { unsigned int TIME_OUT_DURATION = 1000; +const int SMACK_LABEL_LENGTH = 255; + +const char* const CYNARA_CHECK_FILE = "/proc/self/attr/current"; +const char* const SCREEN_SHOT_PRIVILEGE = "http://tizen.org/privilege/screenshot"; } namespace Dali @@ -68,8 +76,11 @@ CapturePtr Capture::New() { CapturePtr pWorker = new Capture(); - // Second-phase construction - pWorker->Initialize(); + if( pWorker->CheckPrivilege( SCREEN_SHOT_PRIVILEGE ) == false ) + { + DALI_LOG_ERROR( "Capture privilege error: permission denied\n" ); + return NULL; + } return pWorker; } @@ -78,8 +89,11 @@ CapturePtr Capture::New( Dali::CameraActor cameraActor ) { CapturePtr pWorker = new Capture( cameraActor ); - // Second-phase construction - pWorker->Initialize(); + if( pWorker->CheckPrivilege( SCREEN_SHOT_PRIVILEGE ) == false ) + { + DALI_LOG_ERROR( "Capture privilege error: permission denied\n" ); + return NULL; + } return pWorker; } @@ -104,10 +118,6 @@ Dali::Capture::CaptureFinishedSignalType& Capture::FinishedSignal() return mFinishedSignal; } -void Capture::Initialize() -{ -} - void Capture::CreateSurface( const Vector2& size ) { DALI_ASSERT_ALWAYS(!mTbmSurface && "mTbmSurface is already created."); @@ -368,6 +378,52 @@ bool Capture::Save() return mNativeImageSourcePtr->EncodeToFile( mPath ); } +bool Capture::CheckPrivilege( const char* privilege ) const +{ + cynara* cynara; + int fd = 0; + int ret = 0; + char subjectLabel[SMACK_LABEL_LENGTH + 1] = ""; + char uid[10] = { 0, }; + const char* clientSession = ""; + + ret = cynara_initialize( &cynara, NULL ); + if( ret != CYNARA_API_SUCCESS ) + { + return false; + } + + fd = open( CYNARA_CHECK_FILE, O_RDONLY ); + if( fd < 0 ) + { + cynara_finish( cynara ); + return false; + } + + ret = read( fd, subjectLabel, SMACK_LABEL_LENGTH ); + if( ret < 0 ) + { + close( fd ); + cynara_finish( cynara ); + return false; + } + + close( fd ); + + snprintf( uid, 10, "%d", getuid() ); + + ret = cynara_check( cynara, subjectLabel, clientSession, uid, privilege ); + if( ret != CYNARA_API_ACCESS_ALLOWED ) + { + cynara_finish( cynara ); + return false; + } + + cynara_finish( cynara ); + + return true; +} + } // End of namespace Adaptor } // End of namespace Internal diff --git a/adaptors/tizen/capture-impl.h b/adaptors/tizen/capture-impl.h index 040cfaf..d172fdd 100755 --- a/adaptors/tizen/capture-impl.h +++ b/adaptors/tizen/capture-impl.h @@ -79,11 +79,6 @@ public: protected: /** - * @brief Second-phase constructor. Must be called immediately after creating a new Capture; - */ - void Initialize(); - - /** * @brief A reference counted object may only be deleted by calling Unreference() */ virtual ~Capture(); @@ -204,6 +199,14 @@ private: */ bool Save(); + /** + * @brief Checks privilege for Capture + * + * @param[in] privilege The capture privilege + * @return True if input is capture privilege, false otherwise + */ + bool CheckPrivilege( const char* privilege ) const; + private: // Undefined diff --git a/adaptors/wearable/capture/capture.h b/adaptors/wearable/capture/capture.h index 635a1e0..58ee9d8 100644 --- a/adaptors/wearable/capture/capture.h +++ b/adaptors/wearable/capture/capture.h @@ -106,22 +106,28 @@ public: Capture(); /** + * @PRIVLEVEL_PLATFORM * @brief Create an initialized Capture. * * @SINCE_1_3_4 + * @PRIVILEGE_CAPTURE * * @return A handle to a newly allocated Dali resource. * @note Projection mode of default cameraActor is Dali::Camera::PERSPECTIVE_PROJECTION + * @note If permission denied by privilege occurs, a uninitialized handle is returned */ static Capture New(); /** + * @PRIVLEVEL_PLATFORM * @brief Create an initialized Capture. * * @SINCE_1_3_4 + * @PRIVILEGE_CAPTURE * * @param[in] cameraActor An initialized CameraActor. * @return A handle to a newly allocated Dali resource. + * @note If permission denied by privilege occurs, a uninitialized handle is returned */ static Capture New( Dali::CameraActor cameraActor ); diff --git a/build/tizen/adaptor/Makefile.am b/build/tizen/adaptor/Makefile.am index 2564c88..97f955c 100644 --- a/build/tizen/adaptor/Makefile.am +++ b/build/tizen/adaptor/Makefile.am @@ -499,11 +499,13 @@ LIBDALI_ADAPTOR_LA_CXXFLAGS += \ $(HAPTIC_CFLAGS) \ $(EFL_ASSIST_CFLAGS) \ $(SCREENCONNECTORPROVIDER_CFLAGS) \ - $(APPCORE_WATCH_CFLAGS) + $(APPCORE_WATCH_CFLAGS) \ + $(CYNARA_CLIENT_CFLAGS) LIBDALI_ADAPTOR_LA_LIBADD += \ $(SCREENCONNECTORPROVIDER_LIBS) \ - $(APPCORE_WATCH_LIBS) + $(APPCORE_WATCH_LIBS) \ + $(CYNARA_CLIENT_LIBS) endif if TV_PROFILE diff --git a/build/tizen/adaptor/configure.ac b/build/tizen/adaptor/configure.ac index 14c137a..5346d0f 100644 --- a/build/tizen/adaptor/configure.ac +++ b/build/tizen/adaptor/configure.ac @@ -235,6 +235,7 @@ PKG_CHECK_MODULES(SCREENCONNECTORPROVIDER, screen_connector_provider) PKG_CHECK_MODULES(APPFW_WATCH, capi-appfw-watch-application, [watch_available=yes], [watch_available=no] ) PKG_CHECK_MODULES(APPCORE_WATCH, appcore-watch) +PKG_CHECK_MODULES(CYNARA_CLIENT, cynara-client) if test "x$watch_available" = "xyes"; then DALI_ADAPTOR_CFLAGS="$DALI_ADAPTOR_CFLAGS -DAPPCORE_WATCH_AVAILABLE" fi diff --git a/packaging/dali-adaptor.spec b/packaging/dali-adaptor.spec index 963ae78..c5025b0 100755 --- a/packaging/dali-adaptor.spec +++ b/packaging/dali-adaptor.spec @@ -53,6 +53,7 @@ BuildRequires: pkgconfig(libtzplatform-config) BuildRequires: pkgconfig(capi-appfw-watch-application) BuildRequires: pkgconfig(appcore-watch) BuildRequires: pkgconfig(screen_connector_provider) +BuildRequires: pkgconfig(cynara-client) %endif BuildRequires: pkgconfig(gles20) -- 2.7.4