From e20e306d32428f3778a464edbd8949870119a305 Mon Sep 17 00:00:00 2001
From: Sung-jae Park <nicesj.park@samsung.com>
Date: Tue, 14 Apr 2015 18:33:56 +0900
Subject: Validate caller of widget_service_get_base_file_path()

get_base_file_path will returns base directory of given widget_id.
if the widget_id is not plugin widget, returns NULL with error

[model] Redwood,Kiran,B3(Wearable)
[binary_type] AP
[customer] Docomo/Orange/ATT/Open
[issue#] N/A
[problem]
[cause]
[solution]
[team] HomeTF
[request]
[horizontal_expansion]

Change-Id: I4a0e438fe99fae23615498bfd5d67a500315576e
---
 src/widget_service.c | 55 +++++++++++++++++++++++++---------------------------
 1 file changed, 26 insertions(+), 29 deletions(-)

(limited to 'src')

diff --git a/src/widget_service.c b/src/widget_service.c
index 9acc862..5eacdbc 100644
--- a/src/widget_service.c
+++ b/src/widget_service.c
@@ -33,13 +33,13 @@
 #include <pkgmgr-info.h>
 #include <vconf.h>
 #include <vconf-keys.h>
-#include <ail.h>
 #include <unicode/uloc.h>
 
 #include "widget_errno.h"
 #include "dlist.h"
 #include "util.h"
 #include "debug.h"
+#include "widget_conf.h"
 #include "widget_service.h"
 #include "widget_service_internal.h"
 #include "widget_cmd_list.h"
@@ -2515,29 +2515,6 @@ EAPI char *widget_service_get_provider_name(const char *widgetid)
 EAPI int widget_service_is_enabled(const char *widgetid)
 {
 	return 1;
-	/*
-	   ail_appinfo_h ai;
-	   char *pkgname;
-	   bool enabled;
-	   int ret;
-
-	   pkgname = widget_service_package_id(widgetid);
-	   if (!pkgname)
-	   return 0;
-
-	   ret = ail_get_appinfo(pkgname, &ai);
-	   if (ret != AIL_ERROR_OK) {
-	   free(pkgname);
-	   return 0;
-	   }
-
-	   if (ail_appinfo_get_bool(ai, AIL_PROP_X_SLP_ENABLED_BOOL, &enabled) != AIL_ERROR_OK)
-	   enabled = false;
-
-	   ail_destroy_appinfo(ai);
-	   free(pkgname);
-	   return enabled == true;
-	 */
 }
 
 EAPI int widget_service_is_primary(const char *widgetid)
@@ -3330,7 +3307,6 @@ EAPI int widget_service_release_lock(widget_lock_info_t info)
 EAPI char *widget_service_get_base_file_path(const char *widget_id)
 {
 	pkgmgrinfo_pkginfo_h handle;
-	char *appid;
 	char *ret;
 	int status;
 
@@ -3339,15 +3315,36 @@ EAPI char *widget_service_get_base_file_path(const char *widget_id)
 		return NULL;
 	}
 
-	appid = widget_service_get_package_id(widget_id);
-	if (!appid) {
+	/**
+	 * Validate caller
+	 */
+	ret = widget_service_get_abi(widget_id);
+	if (!ret) {
+		set_last_result(WIDGET_ERROR_INVALID_PARAMETER);
+		ErrPrint("Failed to get ABI: %s\n", widget_id);
+		return NULL;
+	}
+
+	status = !strcasecmp(ret, WIDGET_CONF_DEFAULT_ABI);
+	free(ret);
+	if (status != 1) {
+		set_last_result(WIDGET_ERROR_INVALID_PARAMETER);
+		ErrPrint("Inhouse widget only be able to use this\n");
+		return NULL;
+	}
+
+	/**
+	 * Get the package Id
+	 */
+	ret = widget_service_get_package_id(widget_id);
+	if (!ret) {
 		ErrPrint("Failed to get the appid using widget_id: %s\n", widget_id);
 		set_last_result(WIDGET_ERROR_NOT_EXIST);
 		return NULL;
 	}
 
-	status = pkgmgrinfo_pkginfo_get_pkginfo(appid, &handle);
-	free(appid);
+	status = pkgmgrinfo_pkginfo_get_pkginfo(ret, &handle);
+	free(ret);
 	if (status != PMINFO_R_OK) {
 		ErrPrint("Unable to get mainapp: %s\n", widget_id);
 		set_last_result(WIDGET_ERROR_FAULT);
-- 
cgit v1.2.3