diff options
author | Andriy Byzhynar <abyzhynar@luxoft.com> | 2019-07-11 18:14:33 +0300 |
---|---|---|
committer | Andriy Byzhynar (GitHub) <AByzhynar@luxoft.com> | 2019-08-20 21:17:13 +0300 |
commit | 3341ad77b7ba65b0f61c03b9ba659f74bee6177e (patch) | |
tree | 70db4a1f8ec4f79f092ae97ba1425c1bf57632ca | |
parent | a0d9827e1ac5a16f2905cb93066cc52fcb20490e (diff) | |
download | sdl_core-3341ad77b7ba65b0f61c03b9ba659f74bee6177e.tar.gz |
Implement Policies changes and dependencies
Implemented policies for wodgets
Fixed depenedencies
Updated unit tests
Fixed existing Uts, which have relation
to CheckPermissions & CheckPolicyPermissions
functions.
14 files changed, 225 insertions, 22 deletions
diff --git a/src/components/application_manager/include/application_manager/application_manager_impl.h b/src/components/application_manager/include/application_manager/application_manager_impl.h index 711e9b424f..8b4d19653d 100644 --- a/src/components/application_manager/include/application_manager/application_manager_impl.h +++ b/src/components/application_manager/include/application_manager/application_manager_impl.h @@ -491,7 +491,7 @@ class ApplicationManagerImpl * @brief Checks, if given RPC is allowed at current HMI level for specific * application in policy table * @param app Application - * @param hmi_level Current HMI level of application + * @param window_id id of application's window * @param function_id FunctionID of RPC * @param params_permissions Permissions for RPC parameters (e.g. * SubscribeVehicleData) defined in policy table @@ -499,6 +499,7 @@ class ApplicationManagerImpl */ mobile_apis::Result::eType CheckPolicyPermissions( const ApplicationSharedPtr app, + const WindowID window_id, const std::string& function_id, const RPCParams& rpc_params, CommandParametersPermissions* params_permissions = NULL) OVERRIDE; diff --git a/src/components/application_manager/include/application_manager/policies/policy_handler.h b/src/components/application_manager/include/application_manager/policies/policy_handler.h index 3422a2a2d2..ccbd466cdd 100644 --- a/src/components/application_manager/include/application_manager/policies/policy_handler.h +++ b/src/components/application_manager/include/application_manager/policies/policy_handler.h @@ -108,6 +108,7 @@ class PolicyHandler : public PolicyHandlerInterface, std::string* priority) const OVERRIDE; virtual void CheckPermissions( const application_manager::ApplicationSharedPtr app, + const application_manager::WindowID window_id, const PTString& rpc, const RPCParams& rpc_params, CheckPermissionResult& result) OVERRIDE; diff --git a/src/components/application_manager/rpc_plugins/sdl_rpc_plugin/src/commands/hmi/on_driver_distraction_notification.cc b/src/components/application_manager/rpc_plugins/sdl_rpc_plugin/src/commands/hmi/on_driver_distraction_notification.cc index 4229369acc..a29b9721e9 100644 --- a/src/components/application_manager/rpc_plugins/sdl_rpc_plugin/src/commands/hmi/on_driver_distraction_notification.cc +++ b/src/components/application_manager/rpc_plugins/sdl_rpc_plugin/src/commands/hmi/on_driver_distraction_notification.cc @@ -65,7 +65,11 @@ struct OnDriverDistractionProcessor { const RPCParams params; policy::CheckPermissionResult result; application_manager_.GetPolicyHandler().CheckPermissions( - application, stringified_function_id_, params, result); + application, + mobile_apis::PredefinedWindows::DEFAULT_WINDOW, + stringified_function_id_, + params, + result); auto& msg_params = message[strings::msg_params]; const bool is_lock_screen_dismissal_exists = msg_params.keyExists( mobile_notification::lock_screen_dismissal_enabled); diff --git a/src/components/application_manager/src/application_manager_impl.cc b/src/components/application_manager/src/application_manager_impl.cc index 6451de2a33..cae65959bd 100644 --- a/src/components/application_manager/src/application_manager_impl.cc +++ b/src/components/application_manager/src/application_manager_impl.cc @@ -3051,6 +3051,7 @@ void ApplicationManagerImpl::OnAppUnauthorized(const uint32_t& app_id) { mobile_apis::Result::eType ApplicationManagerImpl::CheckPolicyPermissions( const ApplicationSharedPtr app, + const WindowID window_id, const std::string& function_id, const RPCParams& rpc_params, CommandParametersPermissions* params_permissions) { @@ -3063,7 +3064,8 @@ mobile_apis::Result::eType ApplicationManagerImpl::CheckPolicyPermissions( DCHECK(app); policy::CheckPermissionResult result; - GetPolicyHandler().CheckPermissions(app, function_id, rpc_params, result); + GetPolicyHandler().CheckPermissions( + app, window_id, function_id, rpc_params, result); if (NULL != params_permissions) { params_permissions->allowed_params = result.list_of_allowed_params; @@ -3332,7 +3334,7 @@ void ApplicationManagerImpl::ProcessPostponedMessages(const uint32_t app_id) { (*message)[strings::params][strings::function_id].asUInt())); const RPCParams params; const mobile_apis::Result::eType check_result = - CheckPolicyPermissions(app, function_id, params); + CheckPolicyPermissions(app, window_id, function_id, params); if (mobile_api::Result::SUCCESS == check_result) { rpc_service_->ManageMobileCommand(message, commands::Command::SOURCE_SDL); } else { @@ -3950,7 +3952,10 @@ void ApplicationManagerImpl::SendDriverDistractionState( const std::string function_id = MessageHelper::StringifiedFunctionID( mobile_api::FunctionID::OnDriverDistractionID); const mobile_apis::Result::eType check_result = - CheckPolicyPermissions(application, function_id, params); + CheckPolicyPermissions(application, + mobile_apis::PredefinedWindows::DEFAULT_WINDOW, + function_id, + params); if (mobile_api::Result::SUCCESS == check_result) { rpc_service_->ManageMobileCommand(create_notification(), commands::Command::SOURCE_SDL); diff --git a/src/components/application_manager/src/commands/command_request_impl.cc b/src/components/application_manager/src/commands/command_request_impl.cc index f67fde22a0..06e0220158 100644 --- a/src/components/application_manager/src/commands/command_request_impl.cc +++ b/src/components/application_manager/src/commands/command_request_impl.cc @@ -725,12 +725,17 @@ bool CommandRequestImpl::CheckAllowedParameters() { } mobile_apis::Result::eType check_result = - application_manager_.CheckPolicyPermissions( - app, - MessageHelper::StringifiedFunctionID( - static_cast<mobile_api::FunctionID::eType>(function_id())), - params, - ¶meters_permissions_); + mobile_apis::Result::eType::INVALID_ID; + const auto current_window_id = window_id(); + if (app->WindowIdExists(current_window_id)) { + check_result = application_manager_.CheckPolicyPermissions( + app, + current_window_id, + MessageHelper::StringifiedFunctionID( + static_cast<mobile_api::FunctionID::eType>(function_id())), + params, + ¶meters_permissions_); + } // Check, if RPC is allowed by policy if (mobile_apis::Result::SUCCESS != check_result) { diff --git a/src/components/application_manager/src/rpc_passing_handler.cc b/src/components/application_manager/src/rpc_passing_handler.cc index feb3bccc1f..92d6e74698 100644 --- a/src/components/application_manager/src/rpc_passing_handler.cc +++ b/src/components/application_manager/src/rpc_passing_handler.cc @@ -110,7 +110,7 @@ bool RPCPassingHandler::ExtractRPCParams( CommandParametersPermissions parameters_permissions; mobile_apis::Result::eType check_result = app_manager_.CheckPolicyPermissions( - app, function_id_str, params, ¶meters_permissions); + app, window_id, function_id_str, params, ¶meters_permissions); // Check if RPC is allowed by policy (since we are allowing unknown params, // check should pass if only undefined parameters exist) diff --git a/src/components/application_manager/src/rpc_service_impl.cc b/src/components/application_manager/src/rpc_service_impl.cc index 34e6e0679d..a20ee8bc38 100644 --- a/src/components/application_manager/src/rpc_service_impl.cc +++ b/src/components/application_manager/src/rpc_service_impl.cc @@ -484,7 +484,8 @@ void RPCServiceImpl::SendMessageToMobile( const std::string string_functionID = MessageHelper::StringifiedFunctionID(function_id); const mobile_apis::Result::eType check_result = - app_manager_.CheckPolicyPermissions(app, string_functionID, params); + app_manager_.CheckPolicyPermissions( + app, window_id, string_functionID, params); if (mobile_apis::Result::SUCCESS != check_result) { LOG4CXX_WARN(logger_, "Function \"" << string_functionID << "\" (#" << function_id diff --git a/src/components/application_manager/test/commands/command_request_impl_test.cc b/src/components/application_manager/test/commands/command_request_impl_test.cc index cf26c19249..27e21efd8d 100644 --- a/src/components/application_manager/test/commands/command_request_impl_test.cc +++ b/src/components/application_manager/test/commands/command_request_impl_test.cc @@ -154,6 +154,13 @@ class CommandRequestImplTest typedef CommandRequestImplTest::UnwrappedCommandRequestImpl UCommandRequestImpl; typedef std::shared_ptr<UCommandRequestImpl> CommandPtr; +TEST_F(CommandRequestImplTest, WindowID_ExpectDefaultWindowID) { + auto msg = CreateMessage(); + const auto command = CreateCommand<UCommandRequestImpl>(msg); + EXPECT_EQ(mobile_apis::PredefinedWindows::DEFAULT_WINDOW, + command->window_id()); +} + TEST_F(CommandRequestImplTest, OnTimeOut_StateCompleted_UNSUCCESS) { CommandPtr command = CreateCommand<UCommandRequestImpl>(); @@ -366,6 +373,12 @@ TEST_F(CommandRequestImplTest, TEST_F(CommandRequestImplTest, CheckAllowedParameters_NoMsgParamsMap_SUCCESS) { MockAppPtr mock_app = CreateMockApp(); ON_CALL(app_mngr_, application(_)).WillByDefault(Return(mock_app)); + ON_CALL(*mock_app, GetWindowIds()) + .WillByDefault(Return( + am::WindowIds(1, mobile_apis::PredefinedWindows::DEFAULT_WINDOW))); + ON_CALL(*mock_app, + WindowIdExists(mobile_apis::PredefinedWindows::DEFAULT_WINDOW)) + .WillByDefault(Return(true)); MessageSharedPtr message = CreateMessage(); (*message)[strings::msg_params] = @@ -373,7 +386,7 @@ TEST_F(CommandRequestImplTest, CheckAllowedParameters_NoMsgParamsMap_SUCCESS) { CommandPtr command = CreateCommand<UCommandRequestImpl>(message); - EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _)) + EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _, _)) .WillOnce(Return(kMobResultSuccess)); EXPECT_TRUE(command->CheckPermissions()); @@ -383,6 +396,12 @@ TEST_F(CommandRequestImplTest, CheckAllowedParameters_WrongPolicyPermissions_UNSUCCESS) { MockAppPtr mock_app = CreateMockApp(); ON_CALL(app_mngr_, application(_)).WillByDefault(Return(mock_app)); + ON_CALL(*mock_app, GetWindowIds()) + .WillByDefault(Return( + am::WindowIds(1, mobile_apis::PredefinedWindows::DEFAULT_WINDOW))); + ON_CALL(*mock_app, + WindowIdExists(mobile_apis::PredefinedWindows::DEFAULT_WINDOW)) + .WillByDefault(Return(true)); MessageSharedPtr message = CreateMessage(); (*message)[strings::msg_params] = @@ -394,7 +413,7 @@ TEST_F(CommandRequestImplTest, .Times(1) .WillRepeatedly(Return(kConnectionKey)); - EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _)) + EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _, _)) .WillOnce(Return(mobile_apis::Result::INVALID_ENUM)); EXPECT_CALL(mock_message_helper_, CreateBlockedByPoliciesResponse(_, _, _, _)) @@ -405,7 +424,7 @@ TEST_F(CommandRequestImplTest, } ACTION_P(GetArg3, output) { - *output = arg2; + *output = arg3; } TEST_F(CommandRequestImplTest, CheckAllowedParameters_MsgParamsMap_SUCCESS) { @@ -417,9 +436,14 @@ TEST_F(CommandRequestImplTest, CheckAllowedParameters_MsgParamsMap_SUCCESS) { MockAppPtr app = CreateMockApp(); ON_CALL(app_mngr_, application(_)).WillByDefault(Return(app)); + ON_CALL(*app, GetWindowIds()) + .WillByDefault(Return( + am::WindowIds(1, mobile_apis::PredefinedWindows::DEFAULT_WINDOW))); + ON_CALL(*app, WindowIdExists(mobile_apis::PredefinedWindows::DEFAULT_WINDOW)) + .WillByDefault(Return(true)); RPCParams params; - EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _)) + EXPECT_CALL(app_mngr_, CheckPolicyPermissions(_, _, _, _, _)) .WillOnce(DoAll(GetArg3(¶ms), Return(kMobResultSuccess))); EXPECT_TRUE(command->CheckPermissions()); diff --git a/src/components/application_manager/test/policy_handler_test.cc b/src/components/application_manager/test/policy_handler_test.cc index 7a1a2e8fee..6af4c4f018 100644 --- a/src/components/application_manager/test/policy_handler_test.cc +++ b/src/components/application_manager/test/policy_handler_test.cc @@ -653,7 +653,8 @@ TEST_F(PolicyHandlerTest, CheckPermissions) { EXPECT_CALL(mock_message_helper_, GetDeviceMacAddressForHandle(device, _)) .WillOnce(Return(kDeviceId)); // Act - policy_handler_.CheckPermissions(mock_app_, kRpc_, kRpc_params, result); + policy_handler_.CheckPermissions( + mock_app_, kDefaultWindowId, kRpc_, kRpc_params, result); } TEST_F(PolicyHandlerTest, GetNotificationsNumber) { diff --git a/src/components/include/application_manager/application_manager.h b/src/components/include/application_manager/application_manager.h index cfabd3c6d6..1e17974da4 100644 --- a/src/components/include/application_manager/application_manager.h +++ b/src/components/include/application_manager/application_manager.h @@ -600,8 +600,8 @@ class ApplicationManager { /** * @brief Checks, if given RPC is allowed at current HMI level for specific * application in policy table - * @param policy_app_id Application id - * @param hmi_level Current HMI level of application + * @param app Application + * @param window_id id of application's window * @param function_id FunctionID of RPC * @param params_permissions Permissions for RPC parameters (e.g. * SubscribeVehicleData) defined in policy table @@ -609,6 +609,7 @@ class ApplicationManager { */ virtual mobile_apis::Result::eType CheckPolicyPermissions( const ApplicationSharedPtr app, + const WindowID window_id, const std::string& function_id, const RPCParams& rpc_params, CommandParametersPermissions* params_permissions = NULL) = 0; diff --git a/src/components/include/application_manager/policies/policy_handler_interface.h b/src/components/include/application_manager/policies/policy_handler_interface.h index 3387ed2fc6..75655f7f08 100644 --- a/src/components/include/application_manager/policies/policy_handler_interface.h +++ b/src/components/include/application_manager/policies/policy_handler_interface.h @@ -91,6 +91,7 @@ class PolicyHandlerInterface { std::string* priority) const = 0; virtual void CheckPermissions( const application_manager::ApplicationSharedPtr app, + const application_manager::WindowID window_id, const PTString& rpc, const RPCParams& rpc_params, CheckPermissionResult& result) = 0; diff --git a/src/components/include/test/application_manager/mock_application_manager.h b/src/components/include/test/application_manager/mock_application_manager.h index 461f67632c..60ee73c996 100644 --- a/src/components/include/test/application_manager/mock_application_manager.h +++ b/src/components/include/test/application_manager/mock_application_manager.h @@ -248,9 +248,10 @@ class MockApplicationManager : public application_manager::ApplicationManager { MOCK_CONST_METHOD2(HMILevelAllowsStreaming, bool(uint32_t app_id, protocol_handler::ServiceType service_type)); - MOCK_METHOD4(CheckPolicyPermissions, + MOCK_METHOD5(CheckPolicyPermissions, mobile_apis::Result::eType( const application_manager::ApplicationSharedPtr app, + const application_manager::WindowID window_id, const std::string& function_id, const application_manager::RPCParams& rpc_params, application_manager::CommandParametersPermissions* diff --git a/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h b/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h index 36a9ab4c4c..a2ec715dbf 100644 --- a/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h +++ b/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h @@ -79,8 +79,9 @@ class MockPolicyHandlerInterface : public policy::PolicyHandlerInterface { MOCK_CONST_METHOD2(GetPriority, bool(const std::string& policy_app_id, std::string* priority)); - MOCK_METHOD4(CheckPermissions, + MOCK_METHOD5(CheckPermissions, void(const application_manager::ApplicationSharedPtr app, + const application_manager::WindowID window_id, const policy::PTString& rpc, const application_manager::RPCParams& rpc_params, policy::CheckPermissionResult& result)); diff --git a/src/components/policy/policy_regular/test/policy_manager_impl_test.cc b/src/components/policy/policy_regular/test/policy_manager_impl_test.cc index 3b07506981..64ccc7ca56 100644 --- a/src/components/policy/policy_regular/test/policy_manager_impl_test.cc +++ b/src/components/policy/policy_regular/test/policy_manager_impl_test.cc @@ -247,6 +247,53 @@ class PolicyManagerImplTest2 : public ::testing::Test { ASSERT_TRUE(manager->InitPT(file_name, &policy_settings_)); } + Json::Value AddWidgetSupportToPt(const std::string& section_name, + const uint32_t group_number) { + std::ifstream ifile("sdl_preloaded_pt.json"); + Json::Reader reader; + Json::Value root(Json::objectValue); + if (ifile.is_open() && reader.parse(ifile, root, true)) { + auto& groups = + root["policy_table"]["app_policies"][section_name]["groups"]; + if (groups.empty()) { + groups = Json::Value(Json::arrayValue); + } + groups[group_number] = Json::Value("WidgetSupport"); + } + ifile.close(); + return root; + } + + std::string AddWidgetSupportToPt(Json::Value* root, + const std::string& section_name, + const uint32_t group_number) { + if (root) { + auto& groups = + (*root)["policy_table"]["app_policies"][section_name]["groups"]; + if (groups.empty()) { + groups = Json::Value(Json::arrayValue); + } + groups[group_number] = Json::Value("WidgetSupport"); + return root->toStyledString(); + } + return std::string(); + } + + std::string AddWidgetSupportToFunctionalGroups(Json::Value* root, + const std::string& rpc_name, + const std::string& hmi_level) { + if (root) { + Json::Value val(Json::objectValue); + Json::Value val2(Json::arrayValue); + val2[0] = hmi_level; + val[rpc_name]["hmi_levels"] = val2; + (*root)["policy_table"]["functional_groupings"]["WidgetSupport"]["rpcs"] = + val; + return root->toStyledString(); + } + return std::string(); + } + void AddRTtoPT(const std::string& update_file_name, const std::string& section_name, const uint32_t rt_number, @@ -588,6 +635,116 @@ TEST_F(PolicyManagerImplTest2, ASSERT_TRUE(output.list_of_allowed_params.empty()); } +TEST_F( + PolicyManagerImplTest2, + CheckPermissions_PersistsWidgetAppPermissionsAfter_PTU_ExpectRPCAllowed) { + // Arrange + CreateLocalPT("sdl_preloaded_pt.json"); + (manager->GetCache())->AddDevice(dev_id1, "Bluetooth"); + (manager->GetCache()) + ->SetDeviceData(dev_id1, + "hardware IPX", + "v.8.0.1", + "Android", + "4.4.2", + "Life", + 2, + "Bluetooth"); + EXPECT_CALL(listener, OnCurrentDeviceIdUpdateRequired(app_id1)) + .WillRepeatedly(Return(dev_id1)); + manager->SetUserConsentForDevice(dev_id1, true); + // Add app from consented device. App will be assigned with default policies + manager->AddApplication(app_id1, HmiTypes(policy_table::AHT_DEFAULT)); + // Act + const char* const rpc_name = "CreateWindow"; + const char* const hmi_level = "NONE"; + const uint32_t group_number = 0; + Json::Value root = AddWidgetSupportToPt("default", group_number); + std::string json = + AddWidgetSupportToFunctionalGroups(&root, rpc_name, hmi_level); + + ::policy::BinaryMessage msg(json.begin(), json.end()); + ASSERT_TRUE(manager->LoadPT("file_pt_update.json", msg)); + + ::policy::RPCParams input_params; + ::policy::CheckPermissionResult output; + + manager->CheckPermissions( + dev_id1, app_id1, hmi_level, rpc_name, input_params, output); + + // Check RPC is allowed + EXPECT_EQ(::policy::kRpcAllowed, output.hmi_level_permitted); + ASSERT_TRUE(output.list_of_allowed_params.empty()); + // Act + json = AddWidgetSupportToPt(&root, app_id1, group_number); + msg = BinaryMessage(json.begin(), json.end()); + ASSERT_TRUE(manager->LoadPT("file_pt_update.json", msg)); + + output.hmi_level_permitted = ::policy::kRpcDisallowed; + manager->CheckPermissions( + dev_id1, app_id1, hmi_level, rpc_name, input_params, output); + // Check RPC is allowed + EXPECT_EQ(::policy::kRpcAllowed, output.hmi_level_permitted); + ASSERT_TRUE(output.list_of_allowed_params.empty()); +} + +TEST_F( + PolicyManagerImplTest2, + CheckPermissions_AbsenceOfWidgetPermissionsAfter_PTU_ExpectRPCDisallowed) { + // Arrange + CreateLocalPT("sdl_preloaded_pt.json"); + (manager->GetCache())->AddDevice(dev_id1, "Bluetooth"); + (manager->GetCache()) + ->SetDeviceData(dev_id1, + "hardware IPX", + "v.8.0.1", + "Android", + "4.4.2", + "Life", + 2, + "Bluetooth"); + EXPECT_CALL(listener, OnCurrentDeviceIdUpdateRequired(app_id1)) + .WillRepeatedly(Return(dev_id1)); + manager->SetUserConsentForDevice(dev_id1, true); + // Add app from consented device. App will be assigned with default policies + manager->AddApplication(app_id1, HmiTypes(policy_table::AHT_DEFAULT)); + // Act + const char* const rpc_name = "DeleteWindow"; + const char* const hmi_level = "NONE"; + const uint32_t group_number = 0; + Json::Value root = AddWidgetSupportToPt("default", group_number); + std::string json = + AddWidgetSupportToFunctionalGroups(&root, rpc_name, hmi_level); + + ::policy::BinaryMessage msg(json.begin(), json.end()); + ASSERT_TRUE(manager->LoadPT("file_pt_update.json", msg)); + + ::policy::RPCParams input_params; + ::policy::CheckPermissionResult output; + + manager->CheckPermissions( + dev_id1, app_id1, hmi_level, rpc_name, input_params, output); + + // Check RPC is allowed + EXPECT_EQ(::policy::kRpcAllowed, output.hmi_level_permitted); + ASSERT_TRUE(output.list_of_allowed_params.empty()); + output.hmi_level_permitted = ::policy::kRpcDisallowed; + // Act + root["policy_table"]["app_policies"][app_id1]["groups"] = + Json::Value(Json::arrayValue); + root["policy_table"]["app_policies"][app_id1]["groups"][group_number] = + Json::Value("Base-4"); + json = root.toStyledString(); + msg = BinaryMessage(json.begin(), json.end()); + ASSERT_TRUE(manager->LoadPT("file_pt_update.json", msg)); + + manager->CheckPermissions( + dev_id1, app_id1, hmi_level, rpc_name, input_params, output); + // Check RPC is disallowed + EXPECT_EQ(::policy::kRpcDisallowed, output.hmi_level_permitted); + ASSERT_TRUE(output.list_of_allowed_params.empty()); +} + TEST_F(PolicyManagerImplTest2, CheckPermissions_SetAppIDwithPolicies_ExpectRPCAllowed) { // Arrange |