projects / platform / core / uifw / stt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e0004d1)
Add checking privilege 71/70971/1 accepted/tizen/common/20160523.144251 accepted/tizen/ivi/20160524.004931 accepted/tizen/mobile/20160524.004910 accepted/tizen/tv/20160524.004902 accepted/tizen/wearable/20160524.004851 submit/tizen/20160523.121423
authorWonnam Jang <wn.jang@samsung.com>
Mon, 23 May 2016 11:57:40 +0000 (20:57 +0900)
committerWonnam Jang <wn.jang@samsung.com>
Mon, 23 May 2016 11:57:40 +0000 (20:57 +0900)
Change-Id: Icf848226001647e7fcb060f797114cbbf6c51a3f
Signed-off-by: Wonnam Jang <wn.jang@samsung.com>
CMakeLists.txt patch | blob | history
client/stt.c patch | blob | history
common/stt_defs.h patch | blob | history
packaging/stt.spec patch | blob | history

diff --git a/CMakeLists.txt b/CMakeLists.txt
index bf9f6b4..5bf936a 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -36,13 +36,13 @@ INCLUDE_DIRECTORIES("${CMAKE_SOURCE_DIR}/include")
 INCLUDE(FindPkgConfig)
 IF("${_TV_PRODUCT}" STREQUAL "TRUE")
 pkg_check_modules(pkgs REQUIRED 
-       aul capi-media-audio-io capi-media-wav-player capi-network-bluetooth capi-system-info dbus-1 dlog ecore glib-2.0
-       libtzplatform-config libxml-2.0 vconf vconf-internal-keys
+       aul capi-media-audio-io capi-media-wav-player capi-network-bluetooth capi-system-info cynara-client cynara-session
+       dbus-1 dlog ecore glib-2.0 libtzplatform-config libxml-2.0 vconf vconf-internal-keys
 )
 ELSE()
 pkg_check_modules(pkgs REQUIRED 
-       aul capi-media-audio-io capi-media-wav-player capi-system-info dbus-1 dlog ecore glib-2.0
-       libtzplatform-config libxml-2.0 vconf vconf-internal-keys
+       aul capi-media-audio-io capi-media-wav-player capi-system-info cynara-client cynara-session
+       dbus-1 dlog ecore glib-2.0 libtzplatform-config libxml-2.0 vconf vconf-internal-keys
 )
 ENDIF()
 
diff --git a/client/stt.c b/client/stt.c
index 9c7523d..f3af501 100644 (file)
--- a/client/stt.c
+++ b/client/stt.c
@@ -12,6 +12,9 @@
 */
 
 #include <aul.h>
+#include <cynara-client.h>
+#include <cynara-error.h>
+#include <cynara-session.h>
 #include <dirent.h>
 #include <Ecore.h>
 #include <fcntl.h>
@@ -37,6 +40,9 @@ static float g_volume_db = 0;
 
 static int g_feature_enabled = -1;
 
+static int g_privilege_allowed = -1;
+static cynara *p_cynara = NULL;
+
 static bool g_err_callback_status = false;
 
 const char* stt_tag()
@@ -74,6 +80,77 @@ static int __stt_get_feature_enabled()
        return 0;
 }
 
+static int __check_privilege_initialize()
+{
+       int ret = cynara_initialize(&p_cynara, NULL);
+       if (CYNARA_API_SUCCESS != ret)
+               SLOG(LOG_ERROR, TAG_STTC, "[ERROR] fail to initialize");
+       
+       return ret == CYNARA_API_SUCCESS;
+}
+
+static int __check_privilege(const char* uid, const char * privilege)
+{
+       FILE *fp = NULL;
+       char smack_label[1024] = "/proc/self/attr/current";
+
+       if (!p_cynara) {
+           return false;
+       }
+
+       fp = fopen(smack_label, "r");
+       if (fp != NULL) {
+           if (fread(smack_label, 1, sizeof(smack_label), fp) <= 0)
+               SLOG(LOG_ERROR, TAG_STTC, "[ERROR] fail to fread");
+
+           fclose(fp);
+       }
+
+       pid_t pid = getpid();
+       char *session = cynara_session_from_pid(pid);
+       int ret = cynara_check(p_cynara, smack_label, session, uid, privilege);
+       SLOG(LOG_DEBUG, TAG_STTC, "[Client]cynara_check returned %d(%s)", ret, (CYNARA_API_ACCESS_ALLOWED == ret) ? "Allowed" : "Denied");
+       if (session)
+           free(session);
+
+       if (ret != CYNARA_API_ACCESS_ALLOWED)
+           return false;
+       return true;
+}
+
+static void __check_privilege_deinitialize()
+{
+       if (p_cynara)
+               cynara_finish(p_cynara);
+       p_cynara = NULL;
+}
+
+static int __stt_check_privilege()
+{
+       char uid[16];
+
+       if (0 == g_privilege_allowed) {
+               SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Permission is denied");
+               return STT_ERROR_PERMISSION_DENIED;
+       } else if (-1 == g_privilege_allowed) {
+               if (false == __check_privilege_initialize()){
+                       SLOG(LOG_ERROR, TAG_STTC, "[ERROR] privilege initialize is failed");
+                       return STT_ERROR_PERMISSION_DENIED;
+               }
+               snprintf(uid, 16, "%d", getuid());
+               if (false == __check_privilege(uid, STT_PRIVILEGE)) {
+                       SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Permission is denied");
+                       g_privilege_allowed = 0;
+                       __check_privilege_deinitialize();
+                       return STT_ERROR_PERMISSION_DENIED;
+               }
+               __check_privilege_deinitialize();
+       }
+
+       g_privilege_allowed = 1;
+       return STT_ERROR_NONE;  
+}
+
 static const char* __stt_get_error_code(stt_error_e err)
 {
        switch (err) {
@@ -176,6 +253,9 @@ int stt_create(stt_h* stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Create STT");
 
@@ -232,6 +312,9 @@ int stt_destroy(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Destroy STT");
 
@@ -321,6 +404,9 @@ int stt_foreach_supported_engines(stt_h stt, stt_supported_engine_cb callback, v
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Foreach Supported engine");
 
@@ -414,6 +500,9 @@ int stt_set_engine(stt_h stt, const char* engine_id)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Set current engine");
 
@@ -453,6 +542,9 @@ int stt_set_credential(stt_h stt, const char* credential)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Set credential");
 
@@ -588,6 +680,9 @@ int stt_prepare(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Prepare STT");
 
@@ -618,6 +713,9 @@ int stt_unprepare(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Unprepare STT");
 
@@ -705,6 +803,9 @@ int stt_foreach_supported_languages(stt_h stt, stt_supported_language_cb callbac
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Foreach Supported Language");
 
@@ -766,6 +867,9 @@ int stt_get_default_language(stt_h stt, char** language)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== Get Default Language");
 
@@ -800,6 +904,9 @@ int stt_get_state(stt_h stt, stt_state_e* state)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == state) {
                SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Input parameter is NULL");
@@ -830,6 +937,9 @@ int stt_get_error_message(stt_h stt, char** err_msg)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == err_msg) {
                SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Input parameter is NULL");
@@ -865,6 +975,9 @@ int stt_is_recognition_type_supported(stt_h stt, const char* type, bool* support
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == type || NULL == support) {
                SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Input parameter is NULL");
@@ -914,6 +1027,9 @@ int stt_set_silence_detection(stt_h stt, stt_option_silence_detection_e type)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt) {
                SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Input parameter is NULL");
@@ -951,6 +1067,9 @@ int stt_set_start_sound(stt_h stt, const char* filename)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT SET START SOUND");
 
@@ -1007,6 +1126,9 @@ int stt_unset_start_sound(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT UNSET START SOUND");
 
@@ -1059,6 +1181,9 @@ int stt_set_stop_sound(stt_h stt, const char* filename)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT SET STOP SOUND");
 
@@ -1116,6 +1241,9 @@ int stt_unset_stop_sound(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT UNSET STOP SOUND");
 
@@ -1168,6 +1296,9 @@ int stt_start(stt_h stt, const char* language, const char* type)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT START");
 
@@ -1284,6 +1415,9 @@ int stt_stop(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT STOP");
 
@@ -1372,6 +1506,9 @@ int stt_cancel(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT CANCEL");
 
@@ -1475,6 +1612,9 @@ int stt_get_recording_volume(stt_h stt, float* volume)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == volume) {
                SLOG(LOG_ERROR, TAG_STTC, "[ERROR] Input parameter is NULL");
@@ -1527,6 +1667,9 @@ int stt_foreach_detailed_result(stt_h stt, stt_result_time_cb callback, void* us
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        SLOG(LOG_DEBUG, TAG_STTC, "===== STT FOREACH DETAILED RESULT");
 
@@ -1800,6 +1943,9 @@ int stt_set_recognition_result_cb(stt_h stt, stt_recognition_result_cb callback,
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (stt == NULL || callback == NULL)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1828,6 +1974,9 @@ int stt_unset_recognition_result_cb(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1856,6 +2005,9 @@ int stt_set_state_changed_cb(stt_h stt, stt_state_changed_cb callback, void* use
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == callback)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1884,6 +2036,9 @@ int stt_unset_state_changed_cb(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1912,6 +2067,9 @@ int stt_set_error_cb(stt_h stt, stt_error_cb callback, void* user_data)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == callback)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1940,6 +2098,9 @@ int stt_unset_error_cb(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1968,6 +2129,9 @@ int stt_set_default_language_changed_cb(stt_h stt, stt_default_language_changed_
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == callback)
                return STT_ERROR_INVALID_PARAMETER;
@@ -1996,6 +2160,9 @@ int stt_unset_default_language_changed_cb(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt)
                return STT_ERROR_INVALID_PARAMETER;
@@ -2024,6 +2191,9 @@ int stt_set_engine_changed_cb(stt_h stt, stt_engine_changed_cb callback, void* u
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt || NULL == callback)
                return STT_ERROR_INVALID_PARAMETER;
@@ -2052,6 +2222,9 @@ int stt_unset_engine_changed_cb(stt_h stt)
        if (0 != __stt_get_feature_enabled()) {
                return STT_ERROR_NOT_SUPPORTED;
        }
+       if (0 != __stt_check_privilege()) {
+               return STT_ERROR_PERMISSION_DENIED;
+       }
 
        if (NULL == stt)
                return STT_ERROR_INVALID_PARAMETER;
diff --git a/common/stt_defs.h b/common/stt_defs.h
index 9e331b0..4f7fc95 100644 (file)
--- a/common/stt_defs.h
+++ b/common/stt_defs.h
@@ -84,6 +84,8 @@ extern "C" {
 #define STT_FEATURE_PATH               "tizen.org/feature/speech.recognition"
 #define STT_MIC_FEATURE_PATH           "tizen.org/feature/microphone"
 
+#define STT_PRIVILEGE                  "http://tizen.org/privilege/recorder"
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/packaging/stt.spec b/packaging/stt.spec
index c58cab4..0350391 100644 (file)
--- a/packaging/stt.spec
+++ b/packaging/stt.spec
@@ -14,6 +14,8 @@ BuildRequires:  pkgconfig(capi-base-common)
 BuildRequires:  pkgconfig(capi-media-audio-io)
 BuildRequires:  pkgconfig(capi-media-wav-player)
 BuildRequires:  pkgconfig(capi-system-info)
+BuildRequires:  pkgconfig(cynara-client)
+BuildRequires:  pkgconfig(cynara-session)
 BuildRequires:  pkgconfig(dbus-1)
 BuildRequires:  pkgconfig(dlog)
 BuildRequires:  pkgconfig(ecore)
Domain: UI Framework / Voice;