Resources | Resources |



Example - using IPrivSet to verify caller privileges

In this example, the c_service example that is provided in the Brew MP SDK was modified to verify that the calling application has the privilege required to read data.


  • A new .bid file, AEEPRIVID_SIMPLEIOECHOREAD.BID, was created to define the privilege, as follows:
    #define AEEPRIVID_SIMPLEIOECHOREAD    	0x01094994
  • The SimpleIOEcho.h file was modified to add the PrivSet to the function prototype of the SimpleIOEcho_New() function:
    int SimpleIOEcho_New(IEnv *piEnv, AEECLSID cls, IPrivSet *pps,
                void **ppif);
  • In SimpleIOEcho.c, the following changes were made:
    1. AEEPRIVID_SIMPLEIOECHOREAD.BID was added to the included files.
    2. Added piPrivSet as one of SimpleIOEcho's data members:
      typedef struct {
         IPrivSet		*piPrivSet;
      } SimpleIOEcho;
    3. The SimpleIOEcho_New() function was updated to include the new parameter and save the value in me->piPrivSet:
      int SimpleIOEcho_New(IEnv *piEnv, AEECLSID clsid, IPrivSet *pps,
                  void** ppOut)
         SimpleIOEcho *me;
         int nErr;
         nErr = IENV_ERRMALLOCREC(piEnv, SimpleIOEcho, &me);
         if (AEE_SUCCESS != nErr) {
            return nErr;
         nErr = SimpleIOEcho_CtorZ(me, piEnv);
         if (AEE_SUCCESS != nErr) {
            ENV_FREEIF(piEnv, me);
            return nErr;
         } else {
            *ppOut = me;
         me->piPrivSet = pps;
         return AEE_SUCCESS;
    4. The SimpleIOEcho_Read() function was modified to call IPrivSet_CheckPrivilege() to check for the read privilege before reading the data, as follows:
         if(AEE_SUCCESS != (nErr = IPrivSet_CheckPrivilege(me->piPrivSet,
            std_strlprintf(msg, sizeof(msg), "nErr:%d", nErr);
            return nErr;
    5. The SimpleIOEcho_Dtor() function was modified to release the reference added in SimpleIOEcho_New():
         static void SimpleIOEcho_Dtor(SimpleIOEcho *me)


The CIF for c_serviceapp was modified so the application has read privilege, as follows:

  • Included the .bid file that defines the new privilege in SimpleIOEchoTest.cif
  • Added the read privilege in the privs field of the Applet primitive, as follows:
    Applet {
       appletid       =  AEECLSID_SIMPLEIOECHOTEST,
       resbaseid      =  20, -- Applet base resource id
       applethostid   =  0,
       type           =  0,
       privs          = {AEEPRIVID_SIMPLEIOECHOREAD}