{
AccessGranted,
AccessDenied,
+ PrivacyDenied,
InternalError
};
ArgumentsVerifier argsVerify;
argsVerify(aceFunction, args ...);
- if (!(WrtAccessSingleton::Instance().checkAccessControl(aceFunction))) {
- return AceSecurityStatus::AccessDenied;
+ WrtAccess::CheckAccessReturnType ret =
+ WrtAccessSingleton::Instance().checkAccessControl(aceFunction);
+
+ if (ret == WrtAccess::CHECK_ACCESS_PRIVILEGE_DENIED) {
+ return AceSecurityStatus::AccessDenied;
+ }
+ else if (ret == WrtAccess::CHECK_ACCESS_PRIVACY_DENIED) {
+ return AceSecurityStatus::PrivacyDenied;
+ }
+ else if (ret == WrtAccess::CHECK_ACCESS_INTERNAL_ERROR) {
+ return AceSecurityStatus::InternalError;
}
return AceSecurityStatus::AccessGranted;
return m_widgetId;
}
-bool WrtAccess::checkAccessControl(const AceFunction& aceFunction) const
+WrtAccess::CheckAccessReturnType WrtAccess::checkAccessControl(const AceFunction& aceFunction) const
{
Assert(
m_pluginOwners && "WrtAccessSingleton needs to be initialized with"
}
}
- ace_bool_t aceCheckResult = ACE_FALSE;
+ ace_check_result_t aceCheckResult = ACE_PRIVILEGE_DENIED;
DPL::Log::LogSystemSingleton::Instance().SetTag("SECURITY_DAEMON");
- ace_return_t ret = ace_check_access(&aceRequest, &aceCheckResult);
+ ace_return_t ret = ace_check_access_ex(&aceRequest, &aceCheckResult);
DPL::Log::LogSystemSingleton::Instance().SetTag("WRT_PLUGINS");
for (i = 0; i < deviceCount; ++i) {
delete[] aceRequest.dev_cap_list.items[i].param_list.items;
if (ACE_OK != ret) {
_E("Error in ace check: %d", static_cast<int>(ret));
- return false;
+ return CHECK_ACCESS_INTERNAL_ERROR;
}
- return ACE_TRUE == aceCheckResult;
+
+ if (aceCheckResult == ACE_ACCESS_GRANTED) {
+ return CHECK_ACCESS_GRANTED;
+ }
+ else if (aceCheckResult == ACE_PRIVILEGE_DENIED) {
+ return CHECK_ACCESS_PRIVILEGE_DENIED;
+ }
+ else if (aceCheckResult == ACE_PRIVACY_DENIED) {
+ return CHECK_ACCESS_PRIVACY_DENIED;
+ }
+
+ return CHECK_ACCESS_INTERNAL_ERROR;
}
}
} // WrtDeviceApisCommon
namespace Commons {
class WrtAccess
{
+ enum CheckAccessReturnType
+ {
+ CHECK_ACCESS_GRANTED,
+ CHECK_ACCESS_PRIVILEGE_DENIED,
+ CHECK_ACCESS_PRIVACY_DENIED,
+ CHECK_ACCESS_INTERNAL_ERROR
+ };
+
public:
void initialize(int widgetId);
void deinitialize(int widgetId);
int getWidgetId() const;
- bool checkAccessControl(const AceFunction &aceFunction) const;
+ CheckAccessReturnType checkAccessControl(const AceFunction &aceFunction) const;
private:
{
AccessGranted,
AccessDenied,
+ PrivacyDenied,
InternalError
};
ArgumentsVerifier argsVerify;
argsVerify(aceFunction, args ...);
- Try {
- if (!(WrtAccessSingleton::Instance().checkAccessControl(aceFunction)))
- {
- LogDebug("Function is not allowed to run");
- return AceSecurityStatus::AccessDenied;
- }
+ WrtAccess::CheckAccessReturnType ret =
+ WrtAccessSingleton::Instance().checkAccessControl(aceFunction);
+
+ if (ret == WrtAccess::CHECK_ACCESS_PRIVILEGE_DENIED) {
+ LogError("Function is not allowed to run - AccessDenied");
+ return AceSecurityStatus::AccessDenied;
+ }
+ else if (ret == WrtAccess::CHECK_ACCESS_PRIVACY_DENIED) {
+ LogError("Function is not allowed to run - PrivacyDenied");
+ return AceSecurityStatus::PrivacyDenied;
}
- Catch(WrtDeviceApis::Commons::OutOfRangeException) {
- LogError("WrtAccess doesn't exist.");
+ else if (ret == WrtAccess::CHECK_ACCESS_INTERNAL_ERROR) {
+ LogError("InternalError");
return AceSecurityStatus::InternalError;
}