Resources | developer.brewmp.com Resources | developer.brewmp.com

Developer

resources

Example - using IPrivSet to verify caller privileges

In this example, the c_service example that is provided in the Brew MP SDK was modified to verify that the calling application has the privilege required to read data.

c_service

  • A new .bid file, AEEPRIVID_SIMPLEIOECHOREAD.BID, was created to define the privilege, as follows:
    #ifndef AEEPRIVID_SIMPLEIOECHOREAD_BID
    #define AEEPRIVID_SIMPLEIOECHOREAD_BID
    
    #define AEEPRIVID_SIMPLEIOECHOREAD    	0x01094994
    
    #endif //AEEPRIVID_SIMPLEIOECHOREAD_BID
  • The SimpleIOEcho.h file was modified to add the PrivSet to the function prototype of the SimpleIOEcho_New() function:
    int SimpleIOEcho_New(IEnv *piEnv, AEECLSID cls, IPrivSet *pps,
                void **ppif);
  • In SimpleIOEcho.c, the following changes were made:
    1. AEEPRIVID_SIMPLEIOECHOREAD.BID was added to the included files.
    2. Added piPrivSet as one of SimpleIOEcho's data members:
      typedef struct {
          ...
         IPrivSet		*piPrivSet;
      } SimpleIOEcho;
    3. The SimpleIOEcho_New() function was updated to include the new parameter and save the value in me->piPrivSet:
      int SimpleIOEcho_New(IEnv *piEnv, AEECLSID clsid, IPrivSet *pps,
                  void** ppOut)
      {
         SimpleIOEcho *me;
         int nErr;
       
         nErr = IENV_ERRMALLOCREC(piEnv, SimpleIOEcho, &me);
         if (AEE_SUCCESS != nErr) {
            return nErr;
         }
       
         nErr = SimpleIOEcho_CtorZ(me, piEnv);
       
         if (AEE_SUCCESS != nErr) {
            SimpleIOEcho_Dtor(me);
            ENV_FREEIF(piEnv, me);
            return nErr;
         } else {
            *ppOut = me;
         }
       
         me->piPrivSet = pps;
         IPrivSet_AddRef(me->piPrivSet);
         return AEE_SUCCESS;
      }
    4. The SimpleIOEcho_Read() function was modified to call IPrivSet_CheckPrivilege() to check for the read privilege before reading the data, as follows:
         if(AEE_SUCCESS != (nErr = IPrivSet_CheckPrivilege(me->piPrivSet,
            AEEPRIVID_SIMPLEIOECHOREAD))){
            std_strlprintf(msg, sizeof(msg), "nErr:%d", nErr);
            ISignalBus_Clear(me->pisbReadable);
            return nErr;
         }
    5. The SimpleIOEcho_Dtor() function was modified to release the reference added in SimpleIOEcho_New():
         static void SimpleIOEcho_Dtor(SimpleIOEcho *me)
         {
            ... 
            IQI_RELEASEIF(me->piPrivSet);
         }

c_serviceapp

The CIF for c_serviceapp was modified so the application has read privilege, as follows:

  • Included the .bid file that defines the new privilege in SimpleIOEchoTest.cif
  • Added the read privilege in the privs field of the Applet primitive, as follows:
    Applet {
       appletid       =  AEECLSID_SIMPLEIOECHOTEST,
       resbaseid      =  20, -- Applet base resource id
       applethostid   =  0,
       type           =  0,
       privs          = {AEEPRIVID_SIMPLEIOECHOREAD}
    }