jsonrpc: disallow calling methods not available on certain transport layers

diff --git a/xbmc/interfaces/json-rpc/JSONRPC.cpp b/xbmc/interfaces/json-rpc/JSONRPC.cpp
index 71ae484..13c4afa 100644 (file)
--- a/xbmc/interfaces/json-rpc/JSONRPC.cpp
+++ b/xbmc/interfaces/json-rpc/JSONRPC.cpp
@@ -206,7 +206,7 @@ bool CJSONRPC::HandleMethodCall(const CVariant& request, CVariant& response, ITr
     JSONRPC::MethodCall method;
     CVariant params;
 
-    if ((errorCode = CJSONServiceDescription::CheckCall(methodName, request["params"], client, isNotification, method, params)) == OK)
+    if ((errorCode = CJSONServiceDescription::CheckCall(methodName, request["params"], transport, client, isNotification, method, params)) == OK)
       errorCode = method(methodName, transport, client, params, result);
     else
       result = params;

diff --git a/xbmc/interfaces/json-rpc/JSONServiceDescription.cpp b/xbmc/interfaces/json-rpc/JSONServiceDescription.cpp
index 850ae54..d771a43 100644 (file)
--- a/xbmc/interfaces/json-rpc/JSONServiceDescription.cpp
+++ b/xbmc/interfaces/json-rpc/JSONServiceDescription.cpp
@@ -536,49 +536,52 @@ JSON_STATUS CJSONServiceDescription::Print(CVariant &result, ITransportLayer *tr
   return OK;
 }
 
-JSON_STATUS CJSONServiceDescription::CheckCall(const char* const method, const CVariant &requestParameters, IClient *client, bool notification, MethodCall &methodCall, CVariant &outputParameters)
+JSON_STATUS CJSONServiceDescription::CheckCall(const char* const method, const CVariant &requestParameters, ITransportLayer *transport, IClient *client, bool notification, MethodCall &methodCall, CVariant &outputParameters)
 {
   CJsonRpcMethodMap::JsonRpcMethodIterator iter = m_actionMap.find(method);
   if (iter != m_actionMap.end())
   {
-    if (client != NULL && (client->GetPermissionFlags() & iter->second.permission) == iter->second.permission && (!notification || (iter->second.permission & OPERATION_PERMISSION_NOTIFICATION) == iter->second.permission))
+    if (transport != NULL && (transport->GetCapabilities() & iter->second.transportneed) == iter->second.transportneed)
     {
-      methodCall = iter->second.method;
+      if (client != NULL && (client->GetPermissionFlags() & iter->second.permission) == iter->second.permission && (!notification || (iter->second.permission & OPERATION_PERMISSION_NOTIFICATION) == iter->second.permission))
+      {
+        methodCall = iter->second.method;
 
-      // Count the number of actually handled (present)
-      // parameters
-      unsigned int handled = 0;
-      CVariant errorData = CVariant(CVariant::VariantTypeObject);
-      errorData["method"] = iter->second.name;
+        // Count the number of actually handled (present)
+        // parameters
+        unsigned int handled = 0;
+        CVariant errorData = CVariant(CVariant::VariantTypeObject);
+        errorData["method"] = iter->second.name;
 
-      // Loop through all the parameters to check
-      for (unsigned int i = 0; i < iter->second.parameters.size(); i++)
-      {
-        // Evaluate the current parameter
-        JSON_STATUS status = checkParameter(requestParameters, iter->second.parameters.at(i), i, outputParameters, handled, errorData);
-        if (status != OK)
+        // Loop through all the parameters to check
+        for (unsigned int i = 0; i < iter->second.parameters.size(); i++)
+        {
+          // Evaluate the current parameter
+          JSON_STATUS status = checkParameter(requestParameters, iter->second.parameters.at(i), i, outputParameters, handled, errorData);
+          if (status != OK)
+          {
+            // Return the error data object in the outputParameters reference
+            outputParameters = errorData;
+            return status;
+          }
+        }
+
+        // Check if there were unnecessary parameters
+        if (handled < requestParameters.size())
         {
-          // Return the error data object in the outputParameters reference
+          errorData["message"] = "Too many parameters";
           outputParameters = errorData;
-          return status;
+          return InvalidParams;
         }
-      }
 
-      // Check if there were unnecessary parameters
-      if (handled < requestParameters.size())
-      {
-        errorData["message"] = "Too many parameters";
-        outputParameters = errorData;
-        return InvalidParams;
+        return OK;
       }
-
-      return OK;
+      else
+        return BadPermission;
     }
-    else
-      return BadPermission;
   }
-  else
-    return MethodNotFound;
+
+  return MethodNotFound;
 }
 
 void CJSONServiceDescription::printType(const JSONSchemaTypeDefinition &type, bool isParameter, bool isGlobal, bool printDefault, bool printDescriptions, CVariant &output)

diff --git a/xbmc/interfaces/json-rpc/JSONServiceDescription.h b/xbmc/interfaces/json-rpc/JSONServiceDescription.h
index 27b51d2..38cbbb6 100644 (file)
--- a/xbmc/interfaces/json-rpc/JSONServiceDescription.h
+++ b/xbmc/interfaces/json-rpc/JSONServiceDescription.h
@@ -352,7 +352,7 @@ namespace JSONRPC
      actual C/C++ implementation of the method to the "methodCall" parameter and checks the
      given parameters from the request against the json schema description for the given method.
      */
-    static JSON_STATUS CheckCall(const char* const method, const CVariant &requestParameters, IClient *client, bool notification, MethodCall &methodCall, CVariant &outputParameters);
+    static JSON_STATUS CheckCall(const char* const method, const CVariant &requestParameters, ITransportLayer *transport, IClient *client, bool notification, MethodCall &methodCall, CVariant &outputParameters);
 
   private:
     static bool prepareDescription(std::string &description, CVariant &descriptionObject, std::string &name);