diff options
author | bsolonenko <bsolonenko@luxoft.com> | 2019-03-26 14:06:34 +0200 |
---|---|---|
committer | Maksym Ked (GitHub) <mked@luxoft.com> | 2019-06-19 12:06:36 +0300 |
commit | 18cf0dd6ad7e4674a580ebb3bbdafb6e8dbc5fab (patch) | |
tree | 58670def43fb16630b9855e47018ce803a99b716 | |
parent | 7a7c31b1ac64d6acd1796f5024472905b32ecf73 (diff) | |
download | sdl_core-18cf0dd6ad7e4674a580ebb3bbdafb6e8dbc5fab.tar.gz |
Added encryption required flag to policy table.
Also added RPC Encryption Manager Interface for comfortable access to
policy table.
26 files changed, 687 insertions, 41 deletions
diff --git a/src/components/application_manager/include/application_manager/policies/policy_handler.h b/src/components/application_manager/include/application_manager/policies/policy_handler.h index abffd3eebb..aeb6ca6963 100644 --- a/src/components/application_manager/include/application_manager/policies/policy_handler.h +++ b/src/components/application_manager/include/application_manager/policies/policy_handler.h @@ -77,6 +77,8 @@ class PolicyHandler : public PolicyHandlerInterface, PolicyHandler(const policy::PolicySettings& get_settings, application_manager::ApplicationManager& application_manager); virtual ~PolicyHandler(); + PolicyEncryptionFlagGetterInterfaceSPtr PolicyEncryptionFlagGetter() + const OVERRIDE; bool LoadPolicyLibrary() OVERRIDE; bool PolicyEnabled() const OVERRIDE; bool InitPolicyTable() OVERRIDE; diff --git a/src/components/application_manager/src/policies/policy_handler.cc b/src/components/application_manager/src/policies/policy_handler.cc index d94a364c8c..eaf47e16a1 100644 --- a/src/components/application_manager/src/policies/policy_handler.cc +++ b/src/components/application_manager/src/policies/policy_handler.cc @@ -334,6 +334,11 @@ PolicyHandler::PolicyHandler(const PolicySettings& settings, PolicyHandler::~PolicyHandler() {} +PolicyEncryptionFlagGetterInterfaceSPtr +PolicyHandler::PolicyEncryptionFlagGetter() const { + return policy_manager_; +} + bool PolicyHandler::PolicyEnabled() const { return get_settings().enable_policy(); } @@ -1414,6 +1419,7 @@ void PolicyHandler::OnPermissionsUpdated(const std::string& policy_app_id, LOG4CXX_AUTO_TRACE(logger_); ApplicationSharedPtr app = application_manager_.application_by_policy_id(policy_app_id); + if (app.use_count() == 0) { LOG4CXX_WARN( logger_, @@ -1421,8 +1427,11 @@ void PolicyHandler::OnPermissionsUpdated(const std::string& policy_app_id, return; } + const auto require_encryption = + policy_manager_->GetAppEncryptionRequired(policy_app_id); + MessageHelper::SendOnPermissionsChangeNotification( - app->app_id(), permissions, application_manager_); + app->app_id(), permissions, require_encryption, application_manager_); LOG4CXX_DEBUG(logger_, "Notification sent for application_id:" diff --git a/src/components/include/application_manager/policies/policy_encryption_flag_getter.h b/src/components/include/application_manager/policies/policy_encryption_flag_getter.h new file mode 100644 index 0000000000..fb80eca7dc --- /dev/null +++ b/src/components/include/application_manager/policies/policy_encryption_flag_getter.h @@ -0,0 +1,101 @@ +/* + * Copyright (c) 2019, Ford Motor Company + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following + * disclaimer in the documentation and/or other materials provided with the + * distribution. + * + * Neither the name of the Ford Motor Company nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef SRC_COMPONENTS_INCLUDE_APPLICATION_MANAGER_POLICIES_POLICY_ENCRYPTION_FLAG_GETTER +#define SRC_COMPONENTS_INCLUDE_APPLICATION_MANAGER_POLICIES_POLICY_ENCRYPTION_FLAG_GETTER + +#include <string> +#include "policy/policy_table/types.h" + +using rpc::policy_table_interface_base::Strings; + +namespace policy { +/* +* @brief PolicyEncryptionFlagGetterInterface interface +*/ +class PolicyEncryptionFlagGetterInterface { + public: + /*! + * @brief virtual destructor PolicyEncryptionFlagGetterInterface + */ + virtual ~PolicyEncryptionFlagGetterInterface() {} + + /* + * @brief retreives flag whether given application needs encryption + * @param policy_app_id policy app id + * @return true if the app need encryption + */ + virtual bool AppNeedEncryption(const std::string& policy_app_id) const = 0; + + /* + * @brief Retrieves encryption required flag on the application level + * @param policy_app_id policy app id + * @return true if the app need encryption + */ + virtual const rpc::Optional<rpc::Boolean> GetAppEncryptionRequired( + const std::string& policy_app_id) const = 0; + + /* + * @brief retreives function group for app + * @param policy_app_id policy app id + * @return groups that exist for app + */ + virtual const std::vector<std::string> GetFunctionGroupsForApp( + const std::string& policy_app_id) const = 0; + + /* + * @brief retreives flag indicating whether function group needs encryption + * @param policy_group group + * @return true if the group need encryption + */ + virtual bool FunctionGroupNeedEncryption( + const std::string& policy_group) const = 0; + + /* + * @brief retreives rpcs for given function group + * @param policy_group group + * @return RPCs that exists in group + */ + virtual const std::vector<std::string> GetRPCsForFunctionGroup( + const std::string& group) const = 0; + + /* + * @brief retreives policy function name + * @param function_id function id + * @return policy function name + */ + virtual const std::string GetPolicyFunctionName( + const uint32_t function_id) const = 0; +}; + +} // policy +#endif // SRC_COMPONENTS_INCLUDE_APPLICATION_MANAGER_POLICIES_POLICY_ENCRYPTION_FLAG_GETTER diff --git a/src/components/include/application_manager/policies/policy_handler_interface.h b/src/components/include/application_manager/policies/policy_handler_interface.h index 708c4ddd32..486c91b921 100644 --- a/src/components/include/application_manager/policies/policy_handler_interface.h +++ b/src/components/include/application_manager/policies/policy_handler_interface.h @@ -49,16 +49,21 @@ #include "smart_objects/smart_object.h" #include "utils/callable.h" #include "utils/custom_string.h" +#include "application_manager/policies/policy_encryption_flag_getter.h" using namespace ::rpc::policy_table_interface_base; namespace policy { typedef std::shared_ptr<utils::Callable> StatusNotifier; +typedef std::shared_ptr<PolicyEncryptionFlagGetterInterface> + PolicyEncryptionFlagGetterInterfaceSPtr; class PolicyHandlerInterface { public: virtual ~PolicyHandlerInterface() {} virtual bool LoadPolicyLibrary() = 0; + virtual PolicyEncryptionFlagGetterInterfaceSPtr PolicyEncryptionFlagGetter() + const = 0; virtual bool PolicyEnabled() const = 0; virtual bool InitPolicyTable() = 0; virtual bool ResetPolicyTable() = 0; @@ -194,13 +199,13 @@ class PolicyHandlerInterface { const DeviceInfo& device_info) = 0; /** - *@brief Processes data from OnAppPermissionConsent notification with - *permissions changes and ExternalConsent status changes done by user - *@param connection_key Connection key of application, 0 if no key has been - *provided - *@param permissions Groups permissions changes - *@param external_consent_status Customer connectivity settings status changes - */ +*@brief Processes data from OnAppPermissionConsent notification with +*permissions changes and ExternalConsent status changes done by user +*@param connection_key Connection key of application, 0 if no key has been +*provided +*@param permissions Groups permissions changes +*@param external_consent_status Customer connectivity settings status changes +*/ #ifdef EXTERNAL_PROPRIETARY_MODE virtual void OnAppPermissionConsent( const uint32_t connection_key, @@ -519,7 +524,7 @@ class PolicyHandlerInterface { * @brief Check if an app can send unknown rpc requests to an app service * provider * @param policy_app_id Unique application id - */ + */ virtual bool UnknownRPCPassthroughAllowed( const std::string& policy_app_id) const = 0; @@ -626,14 +631,14 @@ class PolicyHandlerInterface { * @brief Processes data received via OnAppPermissionChanged notification * from. Being started asyncronously from AppPermissionDelegate class. * Sets updated permissions and ExternalConsent for registered applications - *and +*and * applications which already have appropriate group assigned which related to * devices already known by policy * @param connection_key Connection key of application, 0 if no key has been * provided within notification * @param external_consent_status Customer connectivity settings changes to - *process - *@param permissions Permissions changes to process +*process +*@param permissions Permissions changes to process */ #ifdef EXTERNAL_PROPRIETARY_MODE virtual void OnAppPermissionConsentInternal( diff --git a/src/components/include/policy/policy_external/policy/policy_manager.h b/src/components/include/policy/policy_external/policy/policy_manager.h index 331b579365..b11593322a 100644 --- a/src/components/include/policy/policy_external/policy/policy_manager.h +++ b/src/components/include/policy/policy_external/policy/policy_manager.h @@ -37,18 +37,24 @@ #include "utils/callable.h" +#include "application_manager/policies/policy_encryption_flag_getter.h" #include "policy/access_remote.h" #include "policy/cache_manager_interface.h" #include "policy/policy_listener.h" #include "policy/policy_table/types.h" #include "policy/policy_types.h" +#include "policy/policy_table/types.h" +#include "policy/policy_listener.h" #include "policy/usage_statistics/statistics_manager.h" +#include "policy/cache_manager_interface.h" +#include "policy/access_remote.h" namespace policy { class PolicySettings; typedef std::shared_ptr<utils::Callable> StatusNotifier; -class PolicyManager : public usage_statistics::StatisticsManager { +class PolicyManager : public usage_statistics::StatisticsManager, + public PolicyEncryptionFlagGetterInterface { public: /** * @brief The NotificationMode enum defines whether application will be diff --git a/src/components/include/policy/policy_regular/policy/policy_manager.h b/src/components/include/policy/policy_regular/policy/policy_manager.h index f82657ef26..c0e4656f8f 100644 --- a/src/components/include/policy/policy_regular/policy/policy_manager.h +++ b/src/components/include/policy/policy_regular/policy/policy_manager.h @@ -41,6 +41,8 @@ #include "policy/policy_listener.h" #include "policy/policy_table/types.h" #include "policy/policy_types.h" +#include "policy/policy_table/types.h" +#include "policy/policy_listener.h" #include "policy/usage_statistics/statistics_manager.h" #include "utils/callable.h" @@ -48,7 +50,8 @@ namespace policy { class PolicySettings; typedef std::shared_ptr<utils::Callable> StatusNotifier; -class PolicyManager : public usage_statistics::StatisticsManager { +class PolicyManager : public usage_statistics::StatisticsManager, + public PolicyEncryptionFlagGetterInterface { public: virtual ~PolicyManager() {} diff --git a/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h b/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h index 7ebf73ae54..a979ce39e2 100644 --- a/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h +++ b/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h @@ -54,6 +54,22 @@ namespace policy_manager_test { class MockPolicyManager : public PolicyManager { public: + MOCK_CONST_METHOD1(AppNeedEncryption, bool(const std::string& policy_app_id)); + MOCK_CONST_METHOD1( + GetFunctionGroupsForApp, + const std::vector<std::string>(const std::string& policy_app_id)); + MOCK_CONST_METHOD2(FunctionNeedEncryption, + bool(const std::string& policy_group, + const std::string& policy_function_id)); + MOCK_CONST_METHOD1(FunctionGroupNeedEncryption, + bool(const std::string& policy_group)); + MOCK_CONST_METHOD1( + GetAppEncryptionRequired, + const rpc::Optional<rpc::Boolean>(const std::string& policy_app_id)); + MOCK_CONST_METHOD1(GetRPCsForFunctionGroup, + const std::vector<std::string>(const std::string& group)); + MOCK_CONST_METHOD1(GetPolicyFunctionName, + const std::string(const uint32_t function_id)); MOCK_METHOD1(set_listener, void(PolicyListener* listener)); MOCK_METHOD2(InitPT, bool(const std::string& file_name, diff --git a/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h b/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h index 73bf2d387b..f935114cda 100644 --- a/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h +++ b/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h @@ -55,6 +55,22 @@ using namespace policy; class MockPolicyManager : public PolicyManager { public: + MOCK_CONST_METHOD1(AppNeedEncryption, bool(const std::string& policy_app_id)); + MOCK_CONST_METHOD1( + GetFunctionGroupsForApp, + const std::vector<std::string>(const std::string& policy_app_id)); + MOCK_CONST_METHOD2(FunctionNeedEncryption, + bool(const std::string& policy_group, + const std::string& policy_function_id)); + MOCK_CONST_METHOD1(FunctionGroupNeedEncryption, + bool(const std::string& policy_group)); + MOCK_CONST_METHOD1( + GetAppEncryptionRequired, + const rpc::Optional<rpc::Boolean>(const std::string& policy_app_id)); + MOCK_CONST_METHOD1(GetRPCsForFunctionGroup, + const std::vector<std::string>(const std::string& group)); + MOCK_CONST_METHOD1(GetPolicyFunctionName, + const std::string(const uint32_t function_id)); MOCK_METHOD1(set_listener, void(PolicyListener* listener)); MOCK_METHOD2(InitPT, bool(const std::string& file_name, diff --git a/src/components/policy/policy_external/include/policy/cache_manager.h b/src/components/policy/policy_external/include/policy/cache_manager.h index 15eb51565d..abe2457913 100644 --- a/src/components/policy/policy_external/include/policy/cache_manager.h +++ b/src/components/policy/policy_external/include/policy/cache_manager.h @@ -892,6 +892,16 @@ class CacheManager : public CacheManagerInterface { const std::string& policy_app_id, policy::Permissions& permission); + EncryptionRequired GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const OVERRIDE; + + EncryptionRequired GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const OVERRIDE; + + void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_policies) const OVERRIDE; + private: std::shared_ptr<policy_table::Table> pt_; std::shared_ptr<policy_table::Table> snapshot_; diff --git a/src/components/policy/policy_external/include/policy/cache_manager_interface.h b/src/components/policy/policy_external/include/policy/cache_manager_interface.h index 980ad42dcd..028bba34e3 100644 --- a/src/components/policy/policy_external/include/policy/cache_manager_interface.h +++ b/src/components/policy/policy_external/include/policy/cache_manager_interface.h @@ -935,6 +935,37 @@ class CacheManagerInterface { virtual void OnDeviceSwitching(const std::string& device_id_from, const std::string& device_id_to) = 0; + /** + * @brief GetAppEncryptionRequiredFlag retrieves encryption required flag + * for + * given application + * @param application policy application name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const = 0; + + /** + * @brief GetFunctionalGroupingEncryptionRequiredFlag retrieves encryption + * required flag + * for + * given functional grouping + * @param functional_group policy functional group name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> + GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const = 0; + + /** + * @brief retreives application params + * @param application_name policy applicatoin name + * @param application_params application params + */ + virtual void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_params) const = 0; + #ifdef BUILD_TESTS /** * @brief GetPT allows to obtain std::shared_ptr to PT. diff --git a/src/components/policy/policy_external/include/policy/policy_manager_impl.h b/src/components/policy/policy_external/include/policy/policy_manager_impl.h index 2f8f6cf070..323a728732 100644 --- a/src/components/policy/policy_external/include/policy/policy_manager_impl.h +++ b/src/components/policy/policy_external/include/policy/policy_manager_impl.h @@ -54,7 +54,45 @@ class PolicyManagerImpl : public PolicyManager { public: PolicyManagerImpl(); explicit PolicyManagerImpl(bool in_memory); + /* + * \param policy_app_id policy app id + * \return true if the app need encryption + */ + bool AppNeedEncryption(const std::string& policy_app_id) const OVERRIDE; + + /* + * \param policy_app_id policy app id + * \return Optional app need encryption + */ + const rpc::Optional<rpc::Boolean> GetAppEncryptionRequired( + const std::string& policy_app_id) const OVERRIDE; + /* + * \param policy_app_id policy app id + * \return groups that exist for app + */ + const std::vector<std::string> GetFunctionGroupsForApp( + const std::string& policy_app_id) const OVERRIDE; + + /* + * \param policy_group group + * \return true if the group need encryption + */ + bool FunctionGroupNeedEncryption( + const std::string& policy_group) const OVERRIDE; + + /* + * \param policy_group group\ + * \return RPCs that exists in group + */ + const std::vector<std::string> GetRPCsForFunctionGroup( + const std::string& group) const OVERRIDE; + /* + * \param function_id function id + * \return policy function name + */ + const std::string GetPolicyFunctionName( + const uint32_t function_id) const OVERRIDE; /** * @brief set_listener set new policy listener instance * @param listener new policy listener diff --git a/src/components/policy/policy_external/include/policy/policy_table/types.h b/src/components/policy/policy_external/include/policy/policy_table/types.h index 994fd86579..a4b12d99b4 100644 --- a/src/components/policy/policy_external/include/policy/policy_table/types.h +++ b/src/components/policy/policy_external/include/policy/policy_table/types.h @@ -237,6 +237,7 @@ struct ApplicationParams : PolicyBase { // App Service Params Optional<AppServiceParameters> app_service_parameters; Optional<Boolean> allow_unknown_rpc_passthrough; + Optional<Boolean> encryption_required; public: ApplicationParams(); @@ -285,6 +286,7 @@ struct RpcParameters : CompositeType { public: HmiLevels hmi_levels; Optional<Parameters> parameters; + Optional<Boolean> encryption_required; public: RpcParameters(); @@ -331,6 +333,7 @@ struct Rpcs : CompositeType { disallowed_by_external_consent_entities_on; Optional<DisallowedByExternalConsentEntities> disallowed_by_external_consent_entities_off; + Optional<Boolean> encryption_required; public: Rpcs(); diff --git a/src/components/policy/policy_external/src/cache_manager.cc b/src/components/policy/policy_external/src/cache_manager.cc index bd38f7bf8f..f44602ea69 100644 --- a/src/components/policy/policy_external/src/cache_manager.cc +++ b/src/components/policy/policy_external/src/cache_manager.cc @@ -3044,4 +3044,39 @@ void CacheManager::BackgroundBackuper::DoBackup() { backup_notifier_.NotifyOne(); } +EncryptionRequired CacheManager::GetAppEncryptionRequiredFlag( + const std::string& application) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + return pt_->policy_table.app_policies_section.apps[application] + .encryption_required; +} + +EncryptionRequired CacheManager::GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + const auto& functional_groupings = pt_->policy_table.functional_groupings; + + const auto& grouping_itr = functional_groupings.find(functional_group); + if (grouping_itr == functional_groupings.end()) { + LOG4CXX_WARN(logger_, "Group " << functional_group << " not found"); + return rpc::Optional<rpc::Boolean>(rpc::Boolean(false)); + } + + return (*grouping_itr).second.encryption_required; +} + +void CacheManager::GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_params) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + application_params = + pt_->policy_table.app_policies_section.apps[application_name]; +} + } // namespace policy diff --git a/src/components/policy/policy_external/src/policy_manager_impl.cc b/src/components/policy/policy_external/src/policy_manager_impl.cc index 15900f0187..0c4de750d4 100644 --- a/src/components/policy/policy_external/src/policy_manager_impl.cc +++ b/src/components/policy/policy_external/src/policy_manager_impl.cc @@ -2262,4 +2262,80 @@ void PolicyManagerImpl::set_access_remote( access_remote_ = access_remote; } +bool PolicyManagerImpl::AppNeedEncryption( + const std::string& policy_app_id) const { + const auto encryption_required = + cache_->GetAppEncryptionRequiredFlag(policy_app_id); + + return encryption_required.is_initialized() ? *encryption_required : true; +} + +const rpc::Optional<rpc::Boolean> PolicyManagerImpl::GetAppEncryptionRequired( + const std::string& policy_app_id) const { + return cache_->GetAppEncryptionRequiredFlag(policy_app_id); +} + +const std::vector<std::string> PolicyManagerImpl::GetFunctionGroupsForApp( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + using namespace rpc::policy_table_interface_base; + DCHECK(kDeviceId != policy_app_id); + + std::vector<std::string> function_groups; + + ApplicationParams app_params; + cache_->GetApplicationParams(policy_app_id, app_params); + + const auto& policy_function_group = app_params.groups; + + for (const auto& group : policy_function_group) { + function_groups.push_back(group); + } + + return function_groups; +} + +bool PolicyManagerImpl::FunctionGroupNeedEncryption( + const std::string& policy_group) const { + LOG4CXX_AUTO_TRACE(logger_); + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& grouping_itr = functional_groupings.find(policy_group); + + if (grouping_itr == functional_groupings.end()) { + LOG4CXX_WARN(logger_, "Group " << policy_group << " not found"); + return false; + } + + const auto& grouping = (*grouping_itr).second; + + return grouping.encryption_required.is_initialized() + ? *grouping.encryption_required + : false; +} + +const std::string PolicyManagerImpl::GetPolicyFunctionName( + const uint32_t function_id) const { + LOG4CXX_AUTO_TRACE(logger_); + return policy_table::EnumToJsonString( + static_cast<policy_table::FunctionID>(function_id)); +} + +const std::vector<std::string> PolicyManagerImpl::GetRPCsForFunctionGroup( + const std::string& group) const { + std::vector<std::string> rpcs_for_group; + + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& rpcs = functional_groupings[group].rpcs; + + for (const auto& rpc : rpcs) { + rpcs_for_group.push_back(rpc.first); + } + + return rpcs_for_group; +} + } // namespace policy diff --git a/src/components/policy/policy_external/src/policy_table/types.cc b/src/components/policy/policy_external/src/policy_table/types.cc index ca3f8a1648..78da733b90 100644 --- a/src/components/policy/policy_external/src/policy_table/types.cc +++ b/src/components/policy/policy_external/src/policy_table/types.cc @@ -45,7 +45,6 @@ PolicyBase::PolicyBase(const Json::Value* value__) , default_hmi(impl::ValueMember(value__, "default_hmi")) , keep_context(impl::ValueMember(value__, "keep_context")) , steal_focus(impl::ValueMember(value__, "steal_focus")) {} - Json::Value PolicyBase::ToJsonValue() const { Json::Value result__(Json::objectValue); impl::WriteJsonField("groups", groups, &result__); @@ -355,7 +354,8 @@ ApplicationParams::ApplicationParams(const Json::Value* value__) , icon_url(impl::ValueMember(value__, "icon_url")) , app_service_parameters(impl::ValueMember(value__, "app_services")) , allow_unknown_rpc_passthrough( - impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) {} + impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value ApplicationParams::ToJsonValue() const { Json::Value result__(PolicyBase::ToJsonValue()); @@ -379,6 +379,7 @@ Json::Value ApplicationParams::ToJsonValue() const { impl::WriteJsonField("allow_unknown_rpc_passthrough", allow_unknown_rpc_passthrough, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); return result__; } @@ -430,6 +431,9 @@ bool ApplicationParams::is_valid() const { if (!allow_unknown_rpc_passthrough.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -489,6 +493,9 @@ bool ApplicationParams::struct_empty() const { if (allow_unknown_rpc_passthrough.is_initialized()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return true; } @@ -567,6 +574,10 @@ void ApplicationParams::ReportErrors(rpc::ValidationReport* report__) const { allow_unknown_rpc_passthrough.ReportErrors( &report__->ReportSubobject("allow_unknown_rpc_passthrough")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { @@ -598,12 +609,14 @@ RpcParameters::~RpcParameters() {} RpcParameters::RpcParameters(const Json::Value* value__) : CompositeType(InitHelper(value__, &Json::Value::isObject)) , hmi_levels(impl::ValueMember(value__, "hmi_levels")) - , parameters(impl::ValueMember(value__, "parameters")) {} + , parameters(impl::ValueMember(value__, "parameters")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value RpcParameters::ToJsonValue() const { Json::Value result__(Json::objectValue); impl::WriteJsonField("hmi_levels", hmi_levels, &result__); impl::WriteJsonField("parameters", parameters, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); return result__; } @@ -614,6 +627,9 @@ bool RpcParameters::is_valid() const { if (!parameters.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -628,6 +644,9 @@ bool RpcParameters::struct_empty() const { if (parameters.is_initialized()) { return false; } + if (encryption_required.is_initialized()) { + return false; + } return true; } @@ -641,6 +660,10 @@ void RpcParameters::ReportErrors(rpc::ValidationReport* report__) const { if (!parameters.is_valid()) { parameters.ReportErrors(&report__->ReportSubobject("parameters")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void RpcParameters::SetPolicyTableType(PolicyTableType pt_type) { @@ -663,7 +686,8 @@ Rpcs::Rpcs(const Json::Value* value__) , disallowed_by_external_consent_entities_on(impl::ValueMember( value__, "disallowed_by_external_consent_entities_on")) , disallowed_by_external_consent_entities_off(impl::ValueMember( - value__, "disallowed_by_external_consent_entities_off")) {} + value__, "disallowed_by_external_consent_entities_off")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value Rpcs::ToJsonValue() const { Json::Value result__(Json::objectValue); @@ -675,6 +699,7 @@ Json::Value Rpcs::ToJsonValue() const { impl::WriteJsonField("disallowed_by_external_consent_entities_off", disallowed_by_external_consent_entities_off, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); return result__; } @@ -691,6 +716,9 @@ bool Rpcs::is_valid() const { if (!disallowed_by_external_consent_entities_off.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -711,6 +739,9 @@ bool Rpcs::struct_empty() const { if (disallowed_by_external_consent_entities_off.is_initialized()) { return false; } + if (encryption_required.is_initialized()) { + return false; + } return true; } @@ -735,6 +766,10 @@ void Rpcs::ReportErrors(rpc::ValidationReport* report__) const { &report__->ReportSubobject( "disallowed_by_external_consent_entities_off")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void Rpcs::SetPolicyTableType(PolicyTableType pt_type) { diff --git a/src/components/policy/policy_external/src/sql_pt_queries.cc b/src/components/policy/policy_external/src/sql_pt_queries.cc index f4cac214a5..121c77632f 100644 --- a/src/components/policy/policy_external/src/sql_pt_queries.cc +++ b/src/components/policy/policy_external/src/sql_pt_queries.cc @@ -81,7 +81,8 @@ const std::string kCreateSchema = "CREATE TABLE IF NOT EXISTS `functional_group`( " " `id` INTEGER PRIMARY KEY NOT NULL, " " `user_consent_prompt` TEXT, " - " `name` VARCHAR(100) NOT NULL " + " `name` VARCHAR(100) NOT NULL, " + " `encryption_required` BOOLEAN " "); " "CREATE TABLE IF NOT EXISTS `external_consent_entities`( " " `group_id` INTEGER NOT NULL, " @@ -159,6 +160,7 @@ const std::string kCreateSchema = " `icon_url` VARCHAR(65535), " " `allow_unknown_rpc_passthrough` BOOLEAN, " " `remote_control_denied` BOOLEAN NOT NULL DEFAULT 0, " + " `encryption_required` BOOLEAN, " " CONSTRAINT `fk_application_hmi_level1` " " FOREIGN KEY(`default_hmi`) " " REFERENCES `hmi_level`(`value`), " @@ -657,8 +659,9 @@ const std::string kSelectLockScreenIcon = "SELECT `url` FROM `endpoint` WHERE `service` = ? AND `application_id` = ?"; const std::string kInsertFunctionalGroup = - "INSERT INTO `functional_group` (`id`, `name`, `user_consent_prompt`) " - " VALUES (?, ?, ?)"; + "INSERT INTO `functional_group` (`id`, `name`, `user_consent_prompt`, " + "`encryption_required`) " + " VALUES (?, ?, ?, ?)"; const std::string kInsertRpc = "INSERT INTO `rpc` (`name`, `hmi_level_value`, `functional_group_id`) " @@ -678,9 +681,9 @@ const std::string kInsertApplication = "INSERT OR IGNORE INTO `application` (`id`, `priority_value`, " "`is_revoked`, `memory_kb`, `heart_beat_timeout_ms`, `certificate`, " "`hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token`, " - "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`) " + "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`, `encryption_required`) " "VALUES " - "(?,?,?,?,?,?,?,?,?,?,?,?,?)"; + "(?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; const std::string kInsertAppGroup = "INSERT INTO `app_group` (`application_id`, `functional_group_id`)" @@ -802,7 +805,7 @@ const std::string kSelectAppLevels = "SELECT `application_id` FROM `app_level`"; const std::string kSelectDeviceData = "SELECT * FROM `device`"; const std::string kSelectFunctionalGroups = - "SELECT `id`,`name`, `user_consent_prompt` " + "SELECT `id`,`name`, `user_consent_prompt`, `encryption_required` " "FROM `functional_group`"; const std::string kSelectAllRpcs = @@ -820,7 +823,7 @@ const std::string kSelectAppPolicies = "SELECT `id`, `priority_value`, `memory_kb`, " " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url`, " - " `allow_unknown_rpc_passthrough` " + " `allow_unknown_rpc_passthrough`, `encryption_required` " "FROM " " `application`"; diff --git a/src/components/policy/policy_external/src/sql_pt_representation.cc b/src/components/policy/policy_external/src/sql_pt_representation.cc index 1bb0cf0fa1..b6d63bb7bf 100644 --- a/src/components/policy/policy_external/src/sql_pt_representation.cc +++ b/src/components/policy/policy_external/src/sql_pt_representation.cc @@ -645,6 +645,10 @@ bool SQLPTRepresentation::GatherFunctionalGroupings( *rpcs_tbl.user_consent_prompt = func_group.GetString(2); } + if (!func_group.IsNull(3)) { + *rpcs_tbl.encryption_required = func_group.GetBoolean(3); + } + const int group_id = func_group.GetInteger(0); rpcs.Bind(0, group_id); @@ -782,6 +786,10 @@ bool SQLPTRepresentation::GatherApplicationPoliciesSection( const auto& gather_app_id = ((*policies).apps[app_id].is_string()) ? (*policies).apps[app_id].get_string() : app_id; + + if (!query.IsNull(12)) { + *params.encryption_required = query.GetBoolean(12); + } // Data should be gathered from db by "default" key if application has // default policies @@ -900,7 +908,9 @@ bool SQLPTRepresentation::SaveFunctionalGroupings( groups_it->second.user_consent_prompt.is_initialized() ? query.Bind(2, *(groups_it->second.user_consent_prompt)) : query.Bind(2); - + it->second.encryption_required.is_initialized() + ? query.Bind(3, *(it->second.encryption_required)) + : query.Bind(3); if (!query.Exec() || !query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into functional groups"); return false; @@ -1097,6 +1107,10 @@ bool SQLPTRepresentation::SaveSpecificAppPolicy( ? app_query.Bind(12, *app.second.allow_unknown_rpc_passthrough) : app_query.Bind(12); + app.second.encryption_required.is_initialized() + ? app_query.Bind(13, *app.second.encryption_required) + : app_query.Bind(13); + if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); return false; diff --git a/src/components/policy/policy_regular/include/policy/cache_manager.h b/src/components/policy/policy_regular/include/policy/cache_manager.h index 30732f685c..730bcd0818 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager.h @@ -845,6 +845,16 @@ class CacheManager : public CacheManagerInterface { void OnDeviceSwitching(const std::string& device_id_from, const std::string& device_id_to) OVERRIDE; + EncryptionRequired GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const OVERRIDE; + + EncryptionRequired GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const OVERRIDE; + + void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_policies) const OVERRIDE; + private: std::string currentDateTime(); struct AppHMITypeToString { diff --git a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h index da15a4ecab..dce7883fa8 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h @@ -796,6 +796,36 @@ class CacheManagerInterface { */ virtual void OnDeviceSwitching(const std::string& device_id_from, const std::string& device_id_to) = 0; + + /** + * @brief GetAppEncryptionRequiredFlag retrieves encryption required flag for + * given application + * @param application policy application name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const = 0; + + /** + * @brief GetFunctionalGroupingEncryptionRequiredFlag retrieves encryption + * required flag + * for + * given functional grouping + * @param functional_group policy functional group name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> + GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const = 0; + + /** + * @brief retreives application params + * @param application_name policy applicatoin name + * @param application_params application params + */ + virtual void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_params) const = 0; }; typedef std::shared_ptr<CacheManagerInterface> CacheManagerInterfaceSPtr; diff --git a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h index 1860f7e591..8c7cbbe811 100644 --- a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h +++ b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h @@ -37,6 +37,7 @@ #include <list> #include <string> +#include "application_manager/policies/policy_encryption_flag_getter.h" #include "policy/access_remote.h" #include "policy/access_remote_impl.h" #include "policy/cache_manager_interface.h" @@ -57,6 +58,42 @@ struct CheckAppPolicy; class PolicyManagerImpl : public PolicyManager { public: PolicyManagerImpl(); + /* + * \param policy_app_id policy app id + * \return true if the app need encryption + */ + bool AppNeedEncryption(const std::string& policy_app_id) const OVERRIDE; + + /* + * \param policy_app_id policy app id + * \return Optional app need encryption + */ + const rpc::Optional<rpc::Boolean> GetAppEncryptionRequired( + const std::string& policy_app_id) const OVERRIDE; + /* + * \param policy_app_id policy app id + * \return groups that exist for app + */ + const std::vector<std::string> GetFunctionGroupsForApp( + const std::string& policy_app_id) const OVERRIDE; + /* + * \param policy_group group + * \return true if the group need encryption + */ + bool FunctionGroupNeedEncryption( + const std::string& policy_group) const OVERRIDE; + /* + * \param policy_group group + * \return RPCs that exists in group + */ + const std::vector<std::string> GetRPCsForFunctionGroup( + const std::string& group) const OVERRIDE; + /* + * \param function_id function id + * \return policy function name + */ + const std::string GetPolicyFunctionName( + const uint32_t function_id) const OVERRIDE; /** * @brief set_listener set new policy listener instance diff --git a/src/components/policy/policy_regular/include/policy/policy_table/types.h b/src/components/policy/policy_regular/include/policy/policy_table/types.h index e41069a86c..66a015903b 100644 --- a/src/components/policy/policy_regular/include/policy/policy_table/types.h +++ b/src/components/policy/policy_regular/include/policy/policy_table/types.h @@ -203,6 +203,7 @@ struct ApplicationParams : PolicyBase { // App Service Params Optional<AppServiceParameters> app_service_parameters; Optional<Boolean> allow_unknown_rpc_passthrough; + Optional<Boolean> encryption_required; public: ApplicationParams(); @@ -247,6 +248,7 @@ struct RpcParameters : CompositeType { public: HmiLevels hmi_levels; Optional<Parameters> parameters; + Optional<Boolean> encryption_required; public: RpcParameters(); @@ -268,6 +270,7 @@ struct Rpcs : CompositeType { public: Optional<String<1, 255> > user_consent_prompt; Nullable<Rpc> rpcs; + Optional<Boolean> encryption_required; public: Rpcs(); diff --git a/src/components/policy/policy_regular/src/cache_manager.cc b/src/components/policy/policy_regular/src/cache_manager.cc index 94ce52b6f1..9025ce71bf 100644 --- a/src/components/policy/policy_regular/src/cache_manager.cc +++ b/src/components/policy/policy_regular/src/cache_manager.cc @@ -2007,4 +2007,39 @@ void CacheManager::BackgroundBackuper::DoBackup() { backup_notifier_.NotifyOne(); } +EncryptionRequired CacheManager::GetAppEncryptionRequiredFlag( + const std::string& application) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + return pt_->policy_table.app_policies_section.apps[application] + .encryption_required; +} + +EncryptionRequired CacheManager::GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + const auto& functional_groupings = pt_->policy_table.functional_groupings; + + const auto& grouping_itr = functional_groupings.find(functional_group); + if (grouping_itr == functional_groupings.end()) { + LOG4CXX_WARN(logger_, "Group " << functional_group << " not found"); + return EncryptionRequired(rpc::Boolean(false)); + } + + return (*grouping_itr).second.encryption_required; +} + +void CacheManager::GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_params) const { + LOG4CXX_AUTO_TRACE(logger_); + sync_primitives::AutoLock auto_lock(cache_lock_); + + application_params = + pt_->policy_table.app_policies_section.apps[application_name]; +} + } // namespace policy diff --git a/src/components/policy/policy_regular/src/policy_manager_impl.cc b/src/components/policy/policy_regular/src/policy_manager_impl.cc index 0884fc53b6..4b0a3a9c37 100644 --- a/src/components/policy/policy_regular/src/policy_manager_impl.cc +++ b/src/components/policy/policy_regular/src/policy_manager_impl.cc @@ -1529,4 +1529,80 @@ void PolicyManagerImpl::set_access_remote( access_remote_ = access_remote; } +bool PolicyManagerImpl::AppNeedEncryption( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + const auto encryption_required = + cache_->GetAppEncryptionRequiredFlag(policy_app_id); + + return encryption_required.is_initialized() ? *encryption_required : true; +} + +const rpc::Optional<rpc::Boolean> PolicyManagerImpl::GetAppEncryptionRequired( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + return cache_->GetAppEncryptionRequiredFlag(policy_app_id); +} + +const std::vector<std::string> PolicyManagerImpl::GetFunctionGroupsForApp( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + using namespace rpc::policy_table_interface_base; + DCHECK(kDeviceId != policy_app_id); + + std::vector<std::string> function_groups; + + ApplicationParams app_policies; + cache_->GetApplicationParams(policy_app_id, app_policies); + + const auto& policy_function_group = app_policies.groups; + + for (const auto& group : policy_function_group) { + function_groups.push_back(group); + } + + return function_groups; +} + +bool PolicyManagerImpl::FunctionGroupNeedEncryption( + const std::string& policy_group) const { + LOG4CXX_AUTO_TRACE(logger_); + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& grouping_itr = functional_groupings.find(policy_group); + if (grouping_itr == functional_groupings.end()) { + LOG4CXX_WARN(logger_, "Group " << policy_group << " not found"); + return false; + } + + const auto& grouping = (*grouping_itr).second; + + return grouping.encryption_required.is_initialized() + ? *grouping.encryption_required + : false; +} + +const std::string PolicyManagerImpl::GetPolicyFunctionName( + const uint32_t function_id) const { + return policy_table::EnumToJsonString( + static_cast<policy_table::FunctionID>(function_id)); +} + +const std::vector<std::string> PolicyManagerImpl::GetRPCsForFunctionGroup( + const std::string& group) const { + std::vector<std::string> rpcs_for_group; + + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& rpcs = functional_groupings[group].rpcs; + + for (const auto& rpc : rpcs) { + rpcs_for_group.push_back(rpc.first); + } + + return rpcs_for_group; +} + } // namespace policy diff --git a/src/components/policy/policy_regular/src/policy_table/types.cc b/src/components/policy/policy_regular/src/policy_table/types.cc index bdf1329dee..feec9df4e3 100644 --- a/src/components/policy/policy_regular/src/policy_table/types.cc +++ b/src/components/policy/policy_regular/src/policy_table/types.cc @@ -31,7 +31,6 @@ PolicyBase::~PolicyBase() {} PolicyBase::PolicyBase(const Json::Value* value__) : CompositeType(InitHelper(value__, &Json::Value::isObject)) , priority(impl::ValueMember(value__, "priority")) {} - Json::Value PolicyBase::ToJsonValue() const { Json::Value result__(Json::objectValue); impl::WriteJsonField("priority", priority, &result__); @@ -280,7 +279,8 @@ ApplicationParams::ApplicationParams(const Json::Value* value__) , icon_url(impl::ValueMember(value__, "icon_url")) , app_service_parameters(impl::ValueMember(value__, "app_services")) , allow_unknown_rpc_passthrough( - impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) {} + impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value ApplicationParams::ToJsonValue() const { Json::Value result__(PolicyBase::ToJsonValue()); @@ -305,6 +305,8 @@ Json::Value ApplicationParams::ToJsonValue() const { impl::WriteJsonField("allow_unknown_rpc_passthrough", allow_unknown_rpc_passthrough, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); + return result__; } @@ -360,6 +362,9 @@ bool ApplicationParams::is_valid() const { if (!allow_unknown_rpc_passthrough.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -422,6 +427,9 @@ bool ApplicationParams::struct_empty() const { if (allow_unknown_rpc_passthrough.is_initialized()) { return false; } + if (encryption_required.is_initialized()) { + return false; + } return true; } @@ -487,6 +495,10 @@ void ApplicationParams::ReportErrors(rpc::ValidationReport* report__) const { allow_unknown_rpc_passthrough.ReportErrors( &report__->ReportSubobject("allow_unknown_rpc_passthrough")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { @@ -519,12 +531,14 @@ RpcParameters::~RpcParameters() {} RpcParameters::RpcParameters(const Json::Value* value__) : CompositeType(InitHelper(value__, &Json::Value::isObject)) , hmi_levels(impl::ValueMember(value__, "hmi_levels")) - , parameters(impl::ValueMember(value__, "parameters")) {} + , parameters(impl::ValueMember(value__, "parameters")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value RpcParameters::ToJsonValue() const { Json::Value result__(Json::objectValue); impl::WriteJsonField("hmi_levels", hmi_levels, &result__); impl::WriteJsonField("parameters", parameters, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); return result__; } @@ -535,6 +549,9 @@ bool RpcParameters::is_valid() const { if (!parameters.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -549,7 +566,9 @@ bool RpcParameters::struct_empty() const { if (parameters.is_initialized()) { return false; } - + if (encryption_required.is_initialized()) { + return false; + } return true; } @@ -563,6 +582,10 @@ void RpcParameters::ReportErrors(rpc::ValidationReport* report__) const { if (!parameters.is_valid()) { parameters.ReportErrors(&report__->ReportSubobject("parameters")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void RpcParameters::SetPolicyTableType(PolicyTableType pt_type) { @@ -581,12 +604,14 @@ Rpcs::~Rpcs() {} Rpcs::Rpcs(const Json::Value* value__) : CompositeType(InitHelper(value__, &Json::Value::isObject)) , user_consent_prompt(impl::ValueMember(value__, "user_consent_prompt")) - , rpcs(impl::ValueMember(value__, "rpcs")) {} + , rpcs(impl::ValueMember(value__, "rpcs")) + , encryption_required(impl::ValueMember(value__, "encryption_required")) {} Json::Value Rpcs::ToJsonValue() const { Json::Value result__(Json::objectValue); impl::WriteJsonField("user_consent_prompt", user_consent_prompt, &result__); impl::WriteJsonField("rpcs", rpcs, &result__); + impl::WriteJsonField("encryption_required", encryption_required, &result__); return result__; } @@ -597,6 +622,9 @@ bool Rpcs::is_valid() const { if (!rpcs.is_valid()) { return false; } + if (!encryption_required.is_valid()) { + return false; + } return Validate(); } @@ -611,7 +639,9 @@ bool Rpcs::struct_empty() const { if (rpcs.is_initialized()) { return false; } - + if (encryption_required.is_initialized()) { + return false; + } return true; } @@ -626,6 +656,10 @@ void Rpcs::ReportErrors(rpc::ValidationReport* report__) const { if (!rpcs.is_valid()) { rpcs.ReportErrors(&report__->ReportSubobject("rpcs")); } + if (!encryption_required.is_valid()) { + encryption_required.ReportErrors( + &report__->ReportSubobject("encryption_required")); + } } void Rpcs::SetPolicyTableType(PolicyTableType pt_type) { diff --git a/src/components/policy/policy_regular/src/sql_pt_queries.cc b/src/components/policy/policy_regular/src/sql_pt_queries.cc index a97b0ab153..380570716d 100644 --- a/src/components/policy/policy_regular/src/sql_pt_queries.cc +++ b/src/components/policy/policy_regular/src/sql_pt_queries.cc @@ -76,7 +76,8 @@ const std::string kCreateSchema = "CREATE TABLE IF NOT EXISTS `functional_group`( " " `id` INTEGER PRIMARY KEY NOT NULL, " " `user_consent_prompt` TEXT, " - " `name` VARCHAR(100) NOT NULL " + " `name` VARCHAR(100) NOT NULL, " + " `encryption_required` BOOLEAN " "); " "CREATE TABLE IF NOT EXISTS `priority`( " " `value` VARCHAR(45) PRIMARY KEY NOT NULL " @@ -145,6 +146,7 @@ const std::string kCreateSchema = " `icon_url` VARCHAR(65535), " " `allow_unknown_rpc_passthrough` BOOLEAN, " " `remote_control_denied` BOOLEAN NOT NULL DEFAULT 0, " + " `encryption_required` BOOLEAN, " " CONSTRAINT `fk_application_hmi_level1` " " FOREIGN KEY(`default_hmi`) " " REFERENCES `hmi_level`(`value`), " @@ -611,8 +613,9 @@ const std::string kSelectLockScreenIcon = "SELECT `url` FROM `endpoint` WHERE `service` = ? AND `application_id` = ?"; const std::string kInsertFunctionalGroup = - "INSERT INTO `functional_group` (`id`, `name`, `user_consent_prompt`) " - " VALUES (?, ?, ?)"; + "INSERT INTO `functional_group` (`id`, `name`, `user_consent_prompt`, " + "`encryption_required`) " + " VALUES (?, ?, ?, ?)"; const std::string kInsertRpc = "INSERT INTO `rpc` (`name`, `hmi_level_value`, `functional_group_id`) " @@ -627,9 +630,9 @@ const std::string kInsertApplication = "INSERT OR IGNORE INTO `application` (`id`, `priority_value`, " "`is_revoked`, `memory_kb`, `heart_beat_timeout_ms`, `certificate`, " "`hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token`, " - "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`) " + "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough` ,`encryption_required`) " "VALUES " - "(?,?,?,?,?,?,?,?,?,?,?,?,?)"; + "(?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; const std::string kInsertAppGroup = "INSERT INTO `app_group` (`application_id`, `functional_group_id`)" @@ -741,7 +744,7 @@ const std::string kSelectAppLevels = const std::string kSelectDeviceData = "SELECT * FROM `device`"; const std::string kSelectFunctionalGroups = - "SELECT `id`,`name`, `user_consent_prompt` " + "SELECT `id`,`name`, `user_consent_prompt`, `encryption_required` " "FROM `functional_group`"; const std::string kSelectAllRpcs = @@ -755,7 +758,7 @@ const std::string kSelectAppPolicies = "SELECT `id`, `priority_value`, `memory_kb`, " " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url`, " - " `allow_unknown_rpc_passthrough` " + " `allow_unknown_rpc_passthrough`, `encryption_required`" "FROM " " `application`"; diff --git a/src/components/policy/policy_regular/src/sql_pt_representation.cc b/src/components/policy/policy_regular/src/sql_pt_representation.cc index 20ba9ec651..8a7c425110 100644 --- a/src/components/policy/policy_regular/src/sql_pt_representation.cc +++ b/src/components/policy/policy_regular/src/sql_pt_representation.cc @@ -614,6 +614,10 @@ bool SQLPTRepresentation::GatherFunctionalGroupings( *rpcs_structure.user_consent_prompt = functional_group.GetString(2); } + if (!functional_group.IsNull(3)) { + *rpcs_structure.encryption_required = functional_group.GetBoolean(3); + } + const int group_id = functional_group.GetInteger(0); // Collecting RPCs with their HMI levels and parameters (if any) @@ -716,11 +720,13 @@ bool SQLPTRepresentation::GatherApplicationPoliciesSection( params.priority = priority; *params.memory_kb = query.GetInteger(2); + *params.heart_beat_timeout_ms = query.GetUInteger(3); if (!query.IsNull(4)) { *params.certificate = query.GetString(4); } + // Read cloud app properties policy_table::HybridAppPreference hap; bool valid = policy_table::EnumFromJsonString(query.GetString(5), &hap); @@ -736,6 +742,10 @@ bool SQLPTRepresentation::GatherApplicationPoliciesSection( *params.icon_url = query.GetString(10); *params.allow_unknown_rpc_passthrough = query.GetBoolean(11); + if (!query.IsNull(12)) { + *params.encryption_required = query.GetBoolean(12); + } + const auto& gather_app_id = ((*policies).apps[app_id].is_string()) ? (*policies).apps[app_id].get_string() : app_id; @@ -851,7 +861,9 @@ bool SQLPTRepresentation::SaveFunctionalGroupings( it->second.user_consent_prompt.is_initialized() ? query.Bind(2, *(it->second.user_consent_prompt)) : query.Bind(2); - + it->second.encryption_required.is_initialized() + ? query.Bind(3, *(it->second.encryption_required)) + : query.Bind(3); if (!query.Exec() || !query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into functional groups"); return false; @@ -1040,6 +1052,10 @@ bool SQLPTRepresentation::SaveSpecificAppPolicy( ? app_query.Bind(12, *app.second.allow_unknown_rpc_passthrough) : app_query.Bind(12); + app.second.encryption_required.is_initialized() + ? app_query.Bind(13, *app.second.encryption_required) + : app_query.Bind(13); + if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); return false; @@ -1101,7 +1117,6 @@ bool policy::SQLPTRepresentation::SaveDevicePolicy( app_query.Bind(3, 0); app_query.Bind(4, 0); app_query.Bind(5); - if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); return false; |