add dpm policy control for email-service

Change-Id: I4f6d90b93615de9ead2f191a18c7dcc12b75b983 Signed-off-by: intae, jeon <intae.jeon@samsung.com>
author: intae, jeon <intae.jeon@samsung.com> 2016-07-21 10:55:54 +0900
committer: intae, jeon <intae.jeon@samsung.com> 2016-08-09 10:44:21 +0900
commit: ee17c0a34ed525f52a669e78859d46cde29c19a3 (patch)
tree: a89b408943fe096dd6953e9e40be179f38028239
parent: e0e3e5d478dc0d3a95567d9a2f953d9965d87364 (diff)
download: email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.tar.gz
email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.tar.bz2
email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.zip
12 files changed, 232 insertions, 2 deletions
diff --git a/email-common-use/include/email-errors.h b/email-common-use/include/email-errors.h
index 12ca356..764ef54 100755
--- a/email-common-use/include/email-errors.h
+++ b/email-common-use/include/email-errors.h
@@ -188,6 +188,7 @@
 #define EMAIL_ERROR_MDM_SERVICE_FAILURE                 -7100    /**<  The MDM service did not work */
 #define EMAIL_ERROR_MDM_RESTRICTED_MODE                 -7101    /**<  The MDM service is in restricted mode */
 #define EMAIL_ERROR_NOTI                                -7110    /**<  The Notification API returned the error */
+#define EMAIL_ERROR_DPM_RESTRICTED_MODE			-7201	 /**<  The DPM service is in restricted mode */
 
 /* Etc */
 #define EMAIL_ERROR_ALREADY_INITIALIZED                 -7321    /**<  The thread is already intialized */
diff --git a/email-common-use/include/email-internal-types.h b/email-common-use/include/email-internal-types.h
index 3dcac70..57350ca 100755
--- a/email-common-use/include/email-internal-types.h
+++ b/email-common-use/include/email-internal-types.h
@@ -92,6 +92,7 @@ extern "C"
 
 /* #define __FEATURE_IMAP_QUOTA__ */
 
+/* #define TIZEN_FEATURE_EMAIL_DPM */
 /* ----------------------------------------------------------------------------- */
 /*  Macro */
 #ifndef NULL
diff --git a/email-core/CMakeLists.txt b/email-core/CMakeLists.txt
index 4d1a036..6436b50 100755
--- a/email-core/CMakeLists.txt
+++ b/email-core/CMakeLists.txt
@@ -219,6 +219,7 @@ SET(CORE-SRCS
 	${CMAKE_SOURCE_DIR}/email-core/email-core-alarm.c
 	${CMAKE_SOURCE_DIR}/email-core/email-core-auto-download.c
 	${CMAKE_SOURCE_DIR}/email-core/email-core-key-manager.c
+	${CMAKE_SOURCE_DIR}/email-core/email-core-dpm.c
 )
 
 INCLUDE_DIRECTORIES(
@@ -235,7 +236,7 @@ INCLUDE(FindPkgConfig)
 SET(PKG_MODULES glib-2.0 dlog dbus-1 gthread-2.0 key-manager tpkp-curl
 			uw-imap-toolkit vconf vconf-internal-keys contacts-service2 
 			openssl accounts-svc alarm-service notification libcurl libxml-2.0 
-			cert-svc-vcore badge capi-appfw-application icu-i18n gmime-2.6 storage)
+			cert-svc-vcore badge capi-appfw-application icu-i18n gmime-2.6 storage dpm)
 
 pkg_check_modules(core_pkgs REQUIRED ${PKG_MODULES})
 
diff --git a/email-core/email-core-dpm.c b/email-core/email-core-dpm.c
new file mode 100644
index 0000000..f81b408
--- /dev/null
+++ b/email-core/email-core-dpm.c
@@ -0,0 +1,85 @@
+#include "email-core-mail.h"
+#include "email-internal-types.h"
+#include "email-types.h"
+#include "email-debug-log.h"
+#include "email-core-dpm.h"
+
+static int g_dpm_policy_status = 0;
+
+
+#include <dpm/restriction.h>
+
+
+void on_restriction(const char* policy, const char* value, void* user_data)
+{
+	int is_allowed = strcmp(value, "allowed") == 0 ? 1 : 0;
+	/* true = 1;
+	   false = 0; */
+
+	EM_DEBUG_LOG("dpm_cb_status : %d",  is_allowed);
+	g_dpm_policy_status = is_allowed;
+}
+
+static int callback_id;
+static device_policy_manager_h dpm;
+
+void emcore_dpm_instance_create()
+{
+
+
+	#ifdef TIZEN_FEATURE_EMAIL_DPM
+
+	EM_DEBUG_LOG("dpm_instance_create");
+	dpm = dpm_manager_create();
+	int allowed;
+	void *user_data = NULL;
+	int ret = dpm_restriction_get_popimap_email_state(dpm, &allowed);
+	if (ret != DPM_ERROR_NONE) {
+		EM_DEBUG_LOG("dpm_error : %d", ret);
+		//TODO add error routin
+	}
+
+		EM_DEBUG_LOG("dpm_policy  : %d", allowed);
+	if (allowed == false) {
+
+		/* OPERATION IS RESTRICTED */
+		g_dpm_policy_status = false;
+
+	} else if (allowed == true){
+
+		/* OPERATION IS ALLOWED */
+		g_dpm_policy_status = true;
+
+	} else {
+		EM_DEBUG_LOG("dpm wrong status : %d", allowed);
+
+		//TODO add error routin
+	}
+
+	// Callback will be called when policy is changed
+	dpm_add_policy_changed_cb(dpm , "popimap-email", on_restriction, user_data, &callback_id);
+
+	#else
+
+	EM_DEBUG_LOG("dpm_off");
+
+	#endif /* TIZEN_FEATURE_EMAIL_DPM */
+
+}
+int emcore_get_dpm_status(){
+
+	EM_DEBUG_LOG("get_dpm_status()");
+	#ifdef TIZEN_FEATURE_EMAIL_DPM
+		return g_dpm_policy_status;
+	#else
+		return true;
+	#endif /* TIZEN_FEATURE_EMAIL_DPM */
+
+}
+
+void dpm_interface_destroy()
+{
+	dpm_remove_policy_changed_cb(dpm, callback_id);
+	dpm_manager_destroy(dpm);
+}
+
diff --git a/email-core/email-core-utils.c b/email-core/email-core-utils.c
index 35567f2..db9fea5 100755
--- a/email-core/email-core-utils.c
+++ b/email-core/email-core-utils.c
@@ -4128,6 +4128,7 @@ FINISH_OFF:
 	return error;
 }
 
+
 /* peak schedule */
 static int emcore_get_next_peak_start_time(emstorage_account_tbl_t *input_account_ref, time_t input_current_time, time_t *output_time)
 {
diff --git a/email-core/include/email-core-dpm.h b/email-core/include/email-core-dpm.h
new file mode 100644
index 0000000..35bd369
--- /dev/null
+++ b/email-core/include/email-core-dpm.h
@@ -0,0 +1,18 @@
+#include "email-types.h"
+#include "email-internal-types.h"
+#include "email-storage.h"
+#include "email-core-global.h"
+#include "email-core-mail.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif /* __cplusplus */
+
+INTERNAL_FUNC void emcore_dpm_instance_create(void);
+INTERNAL_FUNC int  emcore_get_dpm_status(void);
+
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
diff --git a/email-core/include/email-core-utils.h b/email-core/include/email-core-utils.h
index 1715df1..33c8663 100755
--- a/email-core/include/email-core-utils.h
+++ b/email-core/include/email-core-utils.h
@@ -51,7 +51,6 @@ typedef int (*email_get_unread_email_count_cb)(int unread, int *err_code);
 
 /* parse the Full mailbox Path and get the Alias Name of the Mailbox */
 char* emcore_get_alias_of_mailbox(const char *mailbox_path);
-
 /* Parse the Mailbox Path and get the Account Email address */
 INTERNAL_FUNC int   emcore_get_temp_file_name(char **filename, int *err_code);
 INTERNAL_FUNC int   emcore_get_temp_mime_file_name(char **filename, int *err_code);
diff --git a/email-daemon/email-daemon-auto-poll.c b/email-daemon/email-daemon-auto-poll.c
index dd6e593..c6cd7a5 100755
--- a/email-daemon/email-daemon-auto-poll.c
+++ b/email-daemon/email-daemon-auto-poll.c
@@ -41,6 +41,7 @@
 #include "email-storage.h"
 #include "email-network.h"
 #include "email-utilities.h"
+#include "email-core-dpm.h"
 
 
 static int _emdaemon_get_polling_account_and_timeinterval(email_alarm_data_t *alarm_data, int *account_id, int *timer_interval);
@@ -129,6 +130,14 @@ INTERNAL_FUNC int emdaemon_alarm_polling_cb(email_alarm_data_t *alarm_data, void
 		return false;
 	}
 
+		if (emcore_get_dpm_status() == false) {
+			EM_DEBUG_EXCEPTION("dpm policy not allowed");
+			err = EMAIL_ERROR_DPM_RESTRICTED_MODE;
+			goto FINISH_OFF;
+		}
+
+
+
 	ref_account = emcore_get_account_reference(alarm_data->multi_user_name, account_id, false);
 	if (ref_account == NULL) {
 		EM_DEBUG_EXCEPTION("emcore_get_account_reference failed");
diff --git a/email-daemon/email-daemon-event.c b/email-daemon/email-daemon-event.c
index a828524..9fb2911 100755
--- a/email-daemon/email-daemon-event.c
+++ b/email-daemon/email-daemon-event.c
@@ -45,6 +45,7 @@
 #include "email-core-mailbox-sync.h"
 #include "email-core-smtp.h"
 #include "email-core-utils.h"
+#include "email-core-dpm.h"
 #include "email-core-signal.h"
 #include "email-debug-log.h"
 
@@ -60,6 +61,7 @@ extern GQueue *g_event_que;
 extern int g_event_loop;
 extern int recv_thread_run;
 
+
 #ifdef __FEATURE_WIFI_AUTO_DOWNLOAD__
 extern pthread_cond_t  _auto_downalod_available_signal;
 #endif
@@ -649,6 +651,21 @@ static int event_handler_EMAIL_EVENT_SYNC_HEADER(char *multi_user_name, int inpu
 		goto FINISH_OFF;
 	}
 
+	if (emcore_get_dpm_status() == false) {
+
+		EM_DEBUG_EXCEPTION("dpm policy not allowed");
+		err = EMAIL_ERROR_DPM_RESTRICTED_MODE;
+		if (!emcore_notify_network_event(NOTI_DOWNLOAD_FAIL, input_account_id, input_mailbox_id_str, handle_to_be_published, err))
+			EM_DEBUG_EXCEPTION(" emcore_notify_network_event [ NOTI_DOWNLOAD_FAIL] Failed >>>> ");
+
+		goto FINISH_OFF;
+
+	}
+
+
+
+
+
 	if (sync_type != EMAIL_SYNC_ALL_MAILBOX) {	/* Sync only particular mailbox */
 		EM_DEBUG_LOG_SEC("sync start: account_id [%d] alias [%s]", input_account_id, mailbox_tbl_target->alias);
 		if ((err = emcore_update_sync_status_of_account(multi_user_name,
diff --git a/email-daemon/email-daemon-init.c b/email-daemon/email-daemon-init.c
index ae4dfda..427f0b1 100755
--- a/email-daemon/email-daemon-init.c
+++ b/email-daemon/email-daemon-init.c
@@ -55,6 +55,7 @@
 #include "email-core-mailbox.h"
 #include "email-core-smtp.h"
 #include "email-core-global.h"
+#include "email-core-dpm.h"
 #include "email-core-imap-idle.h"
 #include "email-storage.h"
 #include "email-core-task-manager.h"
@@ -175,6 +176,15 @@ static void callback_for_SYNC_ALL_STATUS_from_account_svc(keynode_t *input_node,
 	email_account_t         *account_list = NULL;
 	emstorage_mailbox_tbl_t *mailbox_tbl_data = NULL;
 
+	if (emcore_get_dpm_status() == false) {
+		EM_DEBUG_EXCEPTION("dpm policy not allowed");
+		err =  EMAIL_ERROR_DPM_RESTRICTED_MODE;
+		goto FINISH_OFF;
+
+	}
+
+
+
 	if (!emdaemon_get_account_list(NULL, &account_list, &account_count, &err))  {
 		EM_DEBUG_EXCEPTION("emdaemon_get_account_list failed [%d]", err);
 		goto FINISH_OFF;
diff --git a/email-daemon/main.c b/email-daemon/main.c
index b504066..e71b10c 100755
--- a/email-daemon/main.c
+++ b/email-daemon/main.c
@@ -50,6 +50,7 @@
 #include "email-core-global.h"
 #include "email-core-mailbox.h"
 #include "email-core-utils.h"
+#include "email-core-dpm.h"
 #include "email-core-smime.h"
 #include "email-core-pgp.h"
 #include "email-core-cert.h"
@@ -62,6 +63,10 @@
 #include "email-core-container.h"
 #include "email-core-cynara.h"
 
+
+
+
+
 void stb_create_account(HIPC_API a_hAPI)
 {
 	EM_DEBUG_FUNC_BEGIN();
@@ -1522,6 +1527,19 @@ void stb_add_mail(HIPC_API a_hAPI)
 		goto FINISH_OFF;
 	}
 
+
+	if (emcore_get_dpm_status() == false) {
+
+		if (account_server_type != EMAIL_SERVER_TYPE_ACTIVE_SYNC) {
+			err = EMAIL_ERROR_DPM_RESTRICTED_MODE;
+			goto FINISH_OFF;
+	       	}
+
+	  	EM_DEBUG_LOG("EMAIL_SERVER_TYPE_ACTIVE_SYNC is exceptional from dpm policy");
+
+	}
+
+
     /* Get the absolute path */
     if (EM_SAFE_STRLEN(multi_user_name) > 0) {
 		err = emcore_get_container_path(multi_user_name, &prefix_path);
@@ -3182,6 +3200,12 @@ void stb_validate_account_ex(HIPC_API a_hAPI)
     int nAPPID = emipc_get_app_id(a_hAPI);
     char *multi_user_name = NULL;
 
+	 if (emcore_get_dpm_status() == false) {
+
+		err = EMAIL_ERROR_DPM_RESTRICTED_MODE;
+		goto FINISH_OFF;
+	 }
+
     if ((err = emcore_get_user_name(nAPPID, &multi_user_name)) != EMAIL_ERROR_NONE) {
         EM_DEBUG_EXCEPTION("emcore_get_user_name failed : [%d]", err);
         multi_user_name = NULL;
@@ -3632,6 +3656,37 @@ FINISH_OFF:
 	EM_DEBUG_FUNC_END("err [%d]", err);
 }
 
+
+int stb_check_dpm_policy(HIPC_API a_hAPI)
+{
+	EM_DEBUG_FUNC_BEGIN();
+
+	int err = EMAIL_ERROR_NONE;
+
+	EM_DEBUG_LOG("g_dpm_policy_status : %d", emcore_get_dpm_status());
+	if (emcore_get_dpm_status()  == true) {
+		EM_DEBUG_LOG("true");
+		return err;
+	} else if (emcore_get_dpm_status() == false) {
+
+		EM_DEBUG_LOG("false");
+		err = EMAIL_ERROR_DPM_RESTRICTED_MODE;
+	}
+	if (!emipc_add_parameter(a_hAPI, ePARAMETER_OUT, &err, sizeof(int)))
+		EM_DEBUG_EXCEPTION("emipc_add_parameter failed");
+
+	if (!emipc_execute_stub_api(a_hAPI))
+		EM_DEBUG_EXCEPTION("emipc_execute_stub_api failed");
+
+	EM_DEBUG_FUNC_END("err [%d]", err);
+	return err;
+
+}
+
+
+
+
+
 void stb_save_default_account_id(HIPC_API a_hAPI)
 {
 	EM_DEBUG_FUNC_BEGIN();
@@ -3739,6 +3794,33 @@ void stb_API_mapper(HIPC_API a_hAPI)
 	unsigned int nAPIID = emipc_get_api_id(a_hAPI);
 	unsigned int client_fd = emipc_get_response_id(a_hAPI);
 
+
+
+
+	switch(nAPIID) {
+
+		/* Sending the mail */
+		case _EMAIL_API_SEND_MAIL:
+		case _EMAIL_API_ADD_ATTACHMENT:
+		case _EMAIL_API_SEND_RETRY:
+		/* Download the mail */
+		case _EMAIL_API_SYNC_HEADER:
+		case _EMAIL_API_DOWNLOAD_BODY:
+		case _EMAIL_API_DOWNLOAD_ATTACHMENT:
+		case _EMAIL_API_ADD_ACCOUNT_WITH_VALIDATION:
+		case _EMAIL_API_ADD_ACCOUNT:
+			EM_DEBUG_LOG("check_dpm_policy");
+			err = stb_check_dpm_policy(a_hAPI);
+			if (err == EMAIL_ERROR_DPM_RESTRICTED_MODE) {
+				EM_DEBUG_LOG("stb_check_dpm_policy result in EMAIL_ERROR_DPM_RESTRICTED_MODE");
+				return;
+			} else
+				break;
+
+	}
+
+
+
 	err = emcore_check_privilege(client_fd);
 	if (err != EMAIL_ERROR_NONE) {
 		EM_DEBUG_EXCEPTION("emcore_check_privilege failed : [%d]", err);
@@ -4239,6 +4321,11 @@ INTERNAL_FUNC int main(int argc, char *argv[])
 	g_type_init();
 #endif
 
+
+
+	emcore_dpm_instance_create();
+
+
     /* Init container for daemon */
     emcore_create_container();
 
diff --git a/packaging/email-service.spec b/packaging/email-service.spec
index 37fdd36..1ace2e4 100755
--- a/packaging/email-service.spec
+++ b/packaging/email-service.spec
@@ -32,6 +32,7 @@ BuildRequires:  pkgconfig(gmime-2.6)
 BuildRequires:  pkgconfig(glib-2.0)
 BuildRequires:  pkgconfig(gthread-2.0)
 BuildRequires:  pkgconfig(aul)
+BuildRequires:  pkgconfig(dpm)
 BuildRequires:  pkgconfig(vconf-internal-keys)
 BuildRequires:  pkgconfig(vconf)
 BuildRequires:  pkgconfig(dlog)
author	intae, jeon <intae.jeon@samsung.com>	2016-07-21 10:55:54 +0900
committer	intae, jeon <intae.jeon@samsung.com>	2016-08-09 10:44:21 +0900
commit	ee17c0a34ed525f52a669e78859d46cde29c19a3 (patch)
tree	a89b408943fe096dd6953e9e40be179f38028239
parent	e0e3e5d478dc0d3a95567d9a2f953d9965d87364 (diff)
download	email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.tar.gz email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.tar.bz2 email-service-ee17c0a34ed525f52a669e78859d46cde29c19a3.zip