signon  8.42
signonidentityadaptor.cpp
Go to the documentation of this file.
1 /*
2  * This file is part of signon
3  *
4  * Copyright (C) 2009-2010 Nokia Corporation.
5  * Copyright (C) 2011 Intel Corporation.
6  *
7  * Contact: Aurel Popirtac <ext-aurel.popirtac@nokia.com>
8  * Contact: Alberto Mardegan <alberto.mardegan@canonical.com>
9  * Contact: Jussi Laako <jussi.laako@linux.intel.com>
10  *
11  * This library is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU Lesser General Public License
13  * version 2.1 as published by the Free Software Foundation.
14  *
15  * This library is distributed in the hope that it will be useful, but
16  * WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18  * Lesser General Public License for more details.
19  *
20  * You should have received a copy of the GNU Lesser General Public
21  * License along with this library; if not, write to the Free Software
22  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
23  * 02110-1301 USA
24  */
25 
26 #include "signonidentityadaptor.h"
27 
28 #include "signonidentity.h"
30 
31 namespace SignonDaemonNS {
32 
33 SignonIdentityAdaptor::SignonIdentityAdaptor(SignonIdentity *parent):
34  QDBusAbstractAdaptor(parent),
35  m_parent(parent)
36 {
37  setAutoRelaySignals(true);
38 }
39 
40 SignonIdentityAdaptor::~SignonIdentityAdaptor()
41 {
42 }
43 
44 void SignonIdentityAdaptor::securityErrorReply(const char *failedMethodName)
45 {
46  QString errMsg;
47  QTextStream(&errMsg) << SIGNOND_PERMISSION_DENIED_ERR_STR
48  << "Method:"
49  << failedMethodName;
50 
51  errorReply(SIGNOND_PERMISSION_DENIED_ERR_NAME, errMsg);
52  TRACE() << "Method FAILED Access Control check:" << failedMethodName;
53 }
54 
55 void SignonIdentityAdaptor::errorReply(const QString &name,
56  const QString &message)
57 {
58  QDBusMessage msg = parentDBusContext().message();
59  msg.setDelayedReply(true);
60  QDBusMessage errReply = msg.createErrorReply(name, message);
61  SIGNOND_BUS.send(errReply);
62 }
63 
65 {
66  /* Access Control */
67  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
68  parentDBusContext().message(),
69  m_parent->id())) {
70  securityErrorReply(__func__);
71  return 0;
72  }
73 
74  return m_parent->requestCredentialsUpdate(msg);
75 }
76 
78 {
79  /* Access Control */
80  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
81  parentDBusContext().message(), m_parent->id())) {
82  securityErrorReply(__func__);
83  return QVariantMap();
84  }
85 
86  return m_parent->getInfo();
87 }
88 
89 void SignonIdentityAdaptor::addReference(const QString &reference)
90 {
91  /* Access Control */
92  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
93  parentDBusContext().message(),
94  m_parent->id())) {
95  securityErrorReply(__func__);
96  return;
97  }
98 
99  if (!m_parent->addReference(reference)) {
100  /* TODO: add a lastError() method to SignonIdentity */
101  errorReply(SIGNOND_OPERATION_FAILED_ERR_NAME,
102  SIGNOND_OPERATION_FAILED_ERR_STR);
103  }
104 }
105 
106 void SignonIdentityAdaptor::removeReference(const QString &reference)
107 {
108  /* Access Control */
109  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
110  parentDBusContext().message(),
111  m_parent->id())) {
112  securityErrorReply(__func__);
113  return;
114  }
115 
116  if (!m_parent->removeReference(reference)) {
117  /* TODO: add a lastError() method to SignonIdentity */
118  errorReply(SIGNOND_OPERATION_FAILED_ERR_NAME,
119  SIGNOND_OPERATION_FAILED_ERR_STR);
120  }
121 }
122 
123 
124 bool SignonIdentityAdaptor::verifyUser(const QVariantMap &params)
125 {
126  /* Access Control */
127  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
128  parentDBusContext().message(),
129  m_parent->id())) {
130  securityErrorReply(__func__);
131  return false;
132  }
133 
134  return m_parent->verifyUser(params);
135 }
136 
137 bool SignonIdentityAdaptor::verifySecret(const QString &secret)
138 {
139  /* Access Control */
140  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
141  parentDBusContext().message(),
142  m_parent->id())) {
143  securityErrorReply(__func__);
144  return false;
145  }
146 
147  return m_parent->verifySecret(secret);
148 }
149 
151 {
152  /* Access Control */
155  parentDBusContext().message(), m_parent->id());
156 
158  //Identity has an owner
161  parentDBusContext().message())) {
162 
163  securityErrorReply(__func__);
164  return;
165  }
166  }
167 
168  m_parent->remove();
169 }
170 
172 {
173  /* Access Control */
174  if (!AccessControlManagerHelper::instance()->isPeerAllowedToUseIdentity(
175  parentDBusContext().message(), m_parent->id())) {
176  securityErrorReply(__func__);
177  return false;
178  }
179 
180  return m_parent->signOut();
181 }
182 
183 quint32 SignonIdentityAdaptor::store(const QVariantMap &info)
184 {
185  quint32 id = info.value(QLatin1String("Id"), SIGNOND_NEW_IDENTITY).toInt();
186  /* Access Control */
187  if (id != SIGNOND_NEW_IDENTITY) {
190  parentDBusContext().message(), m_parent->id());
191 
193  //Identity has an owner
196  parentDBusContext().message())) {
197 
198  securityErrorReply(__func__);
199  return 0;
200  }
201  }
202  }
203  return m_parent->store(info);
204 }
205 
206 } //namespace SignonDaemonNS