diff options
36 files changed, 354 insertions, 31 deletions
diff --git a/src/components/application_manager/include/application_manager/policies/policy_handler.h b/src/components/application_manager/include/application_manager/policies/policy_handler.h index abc98876a2..a33bb640ad 100644 --- a/src/components/application_manager/include/application_manager/policies/policy_handler.h +++ b/src/components/application_manager/include/application_manager/policies/policy_handler.h @@ -474,6 +474,14 @@ class PolicyHandler : public PolicyHandlerInterface, const std::string& requested_service_type, smart_objects::SmartArray* requested_handled_rpcs) const OVERRIDE; + /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const OVERRIDE; + virtual void OnUpdateHMIAppType( std::map<std::string, StringArray> app_hmi_types) OVERRIDE; diff --git a/src/components/application_manager/include/application_manager/rpc_passing_handler.h b/src/components/application_manager/include/application_manager/rpc_passing_handler.h index 675d567820..45fe4cad2f 100644 --- a/src/components/application_manager/include/application_manager/rpc_passing_handler.h +++ b/src/components/application_manager/include/application_manager/rpc_passing_handler.h @@ -77,6 +77,13 @@ class RPCPassingHandler { bool IsPassThroughMessage(uint32_t correlation_id, commands::Command::CommandSource source, int32_t message_type); + /** + * @brief Check if passthrough is allowed by policies for a given message + * @param rpc_message RPC message SmartObject + * @return true if the request is allowed to be passed through, false + * otherwise + */ + bool IsPassthroughAllowed(smart_objects::SmartObject rpc_message); /** * @brief Function to handle sending and receiving RPC Passing @@ -97,6 +104,9 @@ class RPCPassingHandler { void ForwardResponseToMobile(uint32_t correlation_id, smart_objects::SmartObject response_message); void PopulateRPCRequestQueue(smart_objects::SmartObject request_message); + bool ExtractRPCParams(const smart_objects::SmartObject& s_map, + const ApplicationSharedPtr app, + const std::string& function_id_str); AppServiceManager& app_service_manager_; ApplicationManager& app_manager_; diff --git a/src/components/application_manager/include/application_manager/rpc_service_impl.h b/src/components/application_manager/include/application_manager/rpc_service_impl.h index 516b8abb8b..98aad1a90e 100644 --- a/src/components/application_manager/include/application_manager/rpc_service_impl.h +++ b/src/components/application_manager/include/application_manager/rpc_service_impl.h @@ -135,6 +135,9 @@ class RPCServiceImpl : public RPCService, const bool allow_unknown_parameters = false); hmi_apis::HMI_API& hmi_so_factory(); mobile_apis::MOBILE_API& mobile_so_factory(); + void CheckSourceForUnsupportedRequest( + const commands::MessageSharedPtr message, + commands::Command::CommandSource source); ApplicationManager& app_manager_; request_controller::RequestController& request_ctrl_; diff --git a/src/components/application_manager/src/policies/policy_handler.cc b/src/components/application_manager/src/policies/policy_handler.cc index 6a164d196a..aeb5a8bd01 100644 --- a/src/components/application_manager/src/policies/policy_handler.cc +++ b/src/components/application_manager/src/policies/policy_handler.cc @@ -2055,6 +2055,13 @@ bool PolicyHandler::CheckAppServiceParameters( return true; } +bool PolicyHandler::UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + POLICY_LIB_CHECK(false); + return policy_manager_->UnknownRPCPassthroughAllowed(policy_app_id); +} + uint32_t PolicyHandler::HeartBeatTimeout(const std::string& app_id) const { POLICY_LIB_CHECK(0); return policy_manager_->HeartBeatTimeout(app_id); diff --git a/src/components/application_manager/src/rpc_handler_impl.cc b/src/components/application_manager/src/rpc_handler_impl.cc index 156abfbed8..28b3779dad 100644 --- a/src/components/application_manager/src/rpc_handler_impl.cc +++ b/src/components/application_manager/src/rpc_handler_impl.cc @@ -118,16 +118,17 @@ void RPCHandlerImpl::ProcessMessageFromMobile( (*so_from_mobile)[strings::params][strings::correlation_id].asUInt(); int32_t message_type = (*so_from_mobile)[strings::params][strings::message_type].asInt(); - if (app_manager_.GetAppServiceManager() - .GetRPCPassingHandler() - .RPCPassThrough(*so_from_mobile)) { + RPCPassingHandler& handler = + app_manager_.GetAppServiceManager().GetRPCPassingHandler(); + // Check permissions for requests, otherwise attempt passthrough + if ((application_manager::MessageType::kRequest != message_type || + handler.IsPassthroughAllowed(*so_from_mobile)) && + handler.RPCPassThrough(*so_from_mobile)) { // RPC was forwarded. Skip handling by Core return; - } else if (!app_manager_.GetAppServiceManager() - .GetRPCPassingHandler() - .IsPassThroughMessage(correlation_id, - commands::Command::SOURCE_MOBILE, - message_type)) { + } else if (!handler.IsPassThroughMessage(correlation_id, + commands::Command::SOURCE_MOBILE, + message_type)) { // Since PassThrough failed, refiltering the message if (!ConvertMessageToSO(*message, *so_from_mobile)) { LOG4CXX_ERROR(logger_, "Cannot create smart object from message"); diff --git a/src/components/application_manager/src/rpc_passing_handler.cc b/src/components/application_manager/src/rpc_passing_handler.cc index 04d66ed207..4780932fea 100644 --- a/src/components/application_manager/src/rpc_passing_handler.cc +++ b/src/components/application_manager/src/rpc_passing_handler.cc @@ -93,6 +93,74 @@ bool RPCPassingHandler::CanHandleFunctionID(int32_t function_id) { return false; } +bool RPCPassingHandler::ExtractRPCParams( + const smart_objects::SmartObject& s_map, + const ApplicationSharedPtr app, + const std::string& function_id_str) { + LOG4CXX_AUTO_TRACE(logger_); + RPCParams params; + + if (smart_objects::SmartType_Map == s_map.getType()) { + smart_objects::SmartMap::const_iterator iter = s_map.map_begin(); + smart_objects::SmartMap::const_iterator iter_end = s_map.map_end(); + + for (; iter != iter_end; ++iter) { + LOG4CXX_DEBUG(logger_, "Request's param: " << iter->first); + params.insert(iter->first); + } + } + + CommandParametersPermissions parameters_permissions; + + mobile_apis::Result::eType check_result = app_manager_.CheckPolicyPermissions( + app, function_id_str, params, ¶meters_permissions); + + // Check if RPC is allowed by policy (since we are allowing unknown params, + // check should pass if only undefined parameters exist) + if (mobile_apis::Result::DISALLOWED == check_result && + !parameters_permissions.undefined_params.empty() && + parameters_permissions.disallowed_params.empty() && + parameters_permissions.allowed_params.empty()) { + return true; + } else if (mobile_apis::Result::SUCCESS != check_result) { + return false; + } + + return true; +} + +bool RPCPassingHandler::IsPassthroughAllowed( + smart_objects::SmartObject rpc_message) { + LOG4CXX_AUTO_TRACE(logger_); + uint32_t connection_key = + rpc_message[strings::params][strings::connection_key].asUInt(); + ApplicationSharedPtr app = app_manager_.application(connection_key); + if (!app) { + return false; + } + + mobile_api::FunctionID::eType function_id = + static_cast<mobile_api::FunctionID::eType>( + rpc_message[strings::params][strings::function_id].asInt()); + std::string function_id_str = + MessageHelper::StringifiedFunctionID(function_id); + PolicyHandlerInterface& policy_handler = app_manager_.GetPolicyHandler(); + + if (function_id_str.empty()) { + // Unknown RPC, just do basic revoked and user consent checks + std::string device_mac; + app_manager_.connection_handler().get_session_observer().GetDataOnDeviceID( + app->device(), NULL, NULL, &device_mac, NULL); + return policy_handler.UnknownRPCPassthroughAllowed(app->policy_app_id()) && + !policy_handler.IsApplicationRevoked(app->policy_app_id()) && + policy::kDeviceAllowed == + app_manager_.GetUserConsentForDevice(device_mac); + } + + return ExtractRPCParams( + rpc_message[strings::msg_params], app, function_id_str); +} + bool RPCPassingHandler::RPCPassThrough(smart_objects::SmartObject rpc_message) { LOG4CXX_AUTO_TRACE(logger_); @@ -121,7 +189,7 @@ bool RPCPassingHandler::RPCPassThrough(smart_objects::SmartObject rpc_message) { LOG4CXX_DEBUG(logger_, "Correlation id DOES exist in map. Returning"); std::shared_ptr<smart_objects::SmartObject> response( MessageHelper::CreateNegativeResponse( - rpc_message[strings::params][strings::connection_key].asInt(), + rpc_message[strings::params][strings::connection_key].asUInt(), rpc_message[strings::params][strings::function_id].asInt(), correlation_id, mobile_apis::Result::INVALID_ID)); diff --git a/src/components/application_manager/src/rpc_service_impl.cc b/src/components/application_manager/src/rpc_service_impl.cc index 96882d472f..daa8cb2ac5 100644 --- a/src/components/application_manager/src/rpc_service_impl.cc +++ b/src/components/application_manager/src/rpc_service_impl.cc @@ -126,7 +126,8 @@ bool RPCServiceImpl::ManageMobileCommand( auto plugin = app_manager_.GetPluginManager().FindPluginToProcess(function_id, source); if (!plugin) { - LOG4CXX_WARN(logger_, "Filed to find plugin : " << plugin.error()); + LOG4CXX_WARN(logger_, "Failed to find plugin : " << plugin.error()); + CheckSourceForUnsupportedRequest(message, source); return false; } application_manager::CommandFactory& factory = (*plugin).GetCommandFactory(); @@ -714,6 +715,43 @@ mobile_apis::MOBILE_API& RPCServiceImpl::mobile_so_factory() { return mobile_so_factory_; } +void RPCServiceImpl::CheckSourceForUnsupportedRequest( + const commands::MessageSharedPtr message, + commands::Command::CommandSource source) { + int32_t message_type = + (*(message.get()))[strings::params][strings::message_type].asInt(); + uint32_t correlation_id = + (*message)[strings::params].keyExists(strings::correlation_id) + ? (*message)[strings::params][strings::correlation_id].asUInt() + : 0; + const uint32_t connection_key = static_cast<uint32_t>( + (*message)[strings::params][strings::connection_key].asUInt()); + mobile_apis::FunctionID::eType function_id = + static_cast<mobile_apis::FunctionID::eType>( + (*message)[strings::params][strings::function_id].asInt()); + if ((source == commands::Command::CommandSource::SOURCE_MOBILE && + kRequest == message_type) || + (source == commands::Command::CommandSource::SOURCE_SDL && + kResponse == message_type)) { + smart_objects::SmartObjectSPtr response = + MessageHelper::CreateNegativeResponse(connection_key, + static_cast<int32_t>(function_id), + correlation_id, + 0); + + // Since we are dealing with an unknown RPC, there is no schema attached + // to the message, so we have to convert the result to string directly + std::string result_code; + smart_objects::EnumConversionHelper<mobile_apis::Result::eType>:: + EnumToString(mobile_apis::Result::UNSUPPORTED_REQUEST, &result_code); + (*response)[strings::msg_params][strings::result_code] = result_code; + (*response)[strings::msg_params][strings::info] = + "Module does not recognize this function id"; + + SendMessageToMobile(response); + } +} + } // namespace rpc_service } // namespace application_manager diff --git a/src/components/include/application_manager/policies/policy_handler_interface.h b/src/components/include/application_manager/policies/policy_handler_interface.h index 7003e11473..c7caae1d28 100644 --- a/src/components/include/application_manager/policies/policy_handler_interface.h +++ b/src/components/include/application_manager/policies/policy_handler_interface.h @@ -515,6 +515,14 @@ class PolicyHandlerInterface { const std::string& requested_service_type, smart_objects::SmartArray* requested_handled_rpcs) const = 0; + /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const = 0; + #ifdef EXTERNAL_PROPRIETARY_MODE /** * @brief Gets meta information diff --git a/src/components/include/policy/policy_external/policy/policy_manager.h b/src/components/include/policy/policy_external/policy/policy_manager.h index 80365f10ab..a2eb2db0c9 100644 --- a/src/components/include/policy/policy_external/policy/policy_manager.h +++ b/src/components/include/policy/policy_external/policy/policy_manager.h @@ -626,6 +626,14 @@ class PolicyManager : public usage_statistics::StatisticsManager { policy_table::AppServiceParameters* app_service_parameters) const = 0; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const = 0; + + /** * @brief Gets meta information * @return meta information */ diff --git a/src/components/include/policy/policy_regular/policy/policy_manager.h b/src/components/include/policy/policy_regular/policy/policy_manager.h index bcb55ed681..18fb3e1c2b 100644 --- a/src/components/include/policy/policy_regular/policy/policy_manager.h +++ b/src/components/include/policy/policy_regular/policy/policy_manager.h @@ -607,6 +607,14 @@ class PolicyManager : public usage_statistics::StatisticsManager { policy_table::AppServiceParameters* app_service_parameters) const = 0; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const = 0; + + /** * @brief OnAppRegisteredOnMobile allows to handle event when application were * succesfully registered on mobile device. * It will send OnAppPermissionSend notification and will try to start PTU. * diff --git a/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h b/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h index b6d8ab4cfa..3521d84a84 100644 --- a/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h +++ b/src/components/include/test/application_manager/policies/mock_policy_handler_interface.h @@ -237,6 +237,8 @@ class MockPolicyHandlerInterface : public policy::PolicyHandlerInterface { const std::string& requested_service_name, const std::string& requested_service_type, smart_objects::SmartArray* requested_handled_rpcs)); + MOCK_CONST_METHOD1(UnknownRPCPassthroughAllowed, + bool(const std::string& policy_app_id)); #ifdef EXTERNAL_PROPRIETARY_MODE MOCK_CONST_METHOD0(GetMetaInfo, const policy::MetaInfo()); diff --git a/src/components/include/test/policy/policy_external/policy/mock_cache_manager.h b/src/components/include/test/policy/policy_external/policy/mock_cache_manager.h index ee8a111100..6f754ad2c9 100644 --- a/src/components/include/test/policy/policy_external/policy/mock_cache_manager.h +++ b/src/components/include/test/policy/policy_external/policy/mock_cache_manager.h @@ -108,6 +108,8 @@ class MockCacheManagerInterface : public ::policy::CacheManagerInterface { GetAppServiceParameters, void(const std::string& policy_app_id, policy_table::AppServiceParameters* app_service_parameters)); + MOCK_CONST_METHOD1(UnknownRPCPassthroughAllowed, + bool(const std::string& policy_app_id)); MOCK_CONST_METHOD1(GetDeviceConsent, DeviceConsent(const std::string& device_id)); MOCK_METHOD2(SetDeviceConsent, diff --git a/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h b/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h index 0ec4883448..8fc8a9c358 100644 --- a/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h +++ b/src/components/include/test/policy/policy_external/policy/mock_policy_manager.h @@ -217,6 +217,8 @@ class MockPolicyManager : public PolicyManager { GetAppServiceParameters, void(const std::string& policy_app_id, policy_table::AppServiceParameters* app_service_parameters)); + MOCK_CONST_METHOD1(UnknownRPCPassthroughAllowed, + bool(const std::string& policy_app_id)); MOCK_CONST_METHOD0(GetMetaInfo, const policy::MetaInfo()); MOCK_CONST_METHOD0(RetrieveCertificate, std::string()); MOCK_CONST_METHOD0(HasCertificate, bool()); diff --git a/src/components/include/test/policy/policy_regular/policy/mock_cache_manager.h b/src/components/include/test/policy/policy_regular/policy/mock_cache_manager.h index c92b310fcd..dacdaf202f 100644 --- a/src/components/include/test/policy/policy_regular/policy/mock_cache_manager.h +++ b/src/components/include/test/policy/policy_regular/policy/mock_cache_manager.h @@ -100,7 +100,8 @@ class MockCacheManagerInterface : public CacheManagerInterface { GetAppServiceParameters, void(const std::string& policy_app_id, policy_table::AppServiceParameters* app_service_parameters)); - + MOCK_CONST_METHOD1(UnknownRPCPassthroughAllowed, + bool(const std::string& policy_app_id)); MOCK_METHOD1( GetNotificationsNumber, policy_table::NumberOfNotificationsType(const std::string& priority)); diff --git a/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h b/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h index ab49a6caae..b6fdc2c2c9 100644 --- a/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h +++ b/src/components/include/test/policy/policy_regular/policy/mock_policy_manager.h @@ -213,6 +213,8 @@ class MockPolicyManager : public PolicyManager { GetAppServiceParameters, void(const std::string& policy_app_id, policy_table::AppServiceParameters* app_service_parameters)); + MOCK_CONST_METHOD1(UnknownRPCPassthroughAllowed, + bool(const std::string& policy_app_id)); MOCK_CONST_METHOD0(GetMetaInfo, const policy::MetaInfo()); MOCK_CONST_METHOD0(RetrieveCertificate, std::string()); MOCK_CONST_METHOD0(HasCertificate, bool()); diff --git a/src/components/policy/policy_external/include/policy/cache_manager.h b/src/components/policy/policy_external/include/policy/cache_manager.h index 8dd8c3a9b9..2c35b2a378 100644 --- a/src/components/policy/policy_external/include/policy/cache_manager.h +++ b/src/components/policy/policy_external/include/policy/cache_manager.h @@ -253,6 +253,14 @@ class CacheManager : public CacheManagerInterface { policy_table::AppServiceParameters* app_service_parameters) const; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const; + + /** * @brief Allows to update 'vin' field in module_meta table. * * @param new 'vin' value. diff --git a/src/components/policy/policy_external/include/policy/cache_manager_interface.h b/src/components/policy/policy_external/include/policy/cache_manager_interface.h index e5185ed1d3..6465c79c05 100644 --- a/src/components/policy/policy_external/include/policy/cache_manager_interface.h +++ b/src/components/policy/policy_external/include/policy/cache_manager_interface.h @@ -262,6 +262,14 @@ class CacheManagerInterface { policy_table::AppServiceParameters* app_service_parameters) const = 0; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const = 0; + + /** * @brief Allows to update 'vin' field in module_meta table. * * @param new 'vin' value. diff --git a/src/components/policy/policy_external/include/policy/policy_manager_impl.h b/src/components/policy/policy_external/include/policy/policy_manager_impl.h index 09da4d6c9f..8a2e5b93f5 100644 --- a/src/components/policy/policy_external/include/policy/policy_manager_impl.h +++ b/src/components/policy/policy_external/include/policy/policy_manager_impl.h @@ -673,6 +673,15 @@ class PolicyManagerImpl : public PolicyManager { app_service_parameters) const OVERRIDE; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + * @return bool true if allowed + */ + bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const OVERRIDE; + + /** * @brief OnAppRegisteredOnMobile allows to handle event when application were * succesfully registered on mobile device. * It will send OnAppPermissionSend notification and will try to start PTU. * diff --git a/src/components/policy/policy_external/include/policy/policy_table/types.h b/src/components/policy/policy_external/include/policy/policy_table/types.h index f354a3176f..994fd86579 100644 --- a/src/components/policy/policy_external/include/policy/policy_table/types.h +++ b/src/components/policy/policy_external/include/policy/policy_table/types.h @@ -236,6 +236,7 @@ struct ApplicationParams : PolicyBase { // App Service Params Optional<AppServiceParameters> app_service_parameters; + Optional<Boolean> allow_unknown_rpc_passthrough; public: ApplicationParams(); diff --git a/src/components/policy/policy_external/include/policy/policy_table_interface_ext.xml b/src/components/policy/policy_external/include/policy/policy_table_interface_ext.xml index d2ce9f1022..46c8f40a01 100644 --- a/src/components/policy/policy_external/include/policy/policy_table_interface_ext.xml +++ b/src/components/policy/policy_external/include/policy/policy_table_interface_ext.xml @@ -113,6 +113,7 @@ <param name="service_name" type="String" mandatory="false" /> <param name="service_type" type="String" mandatory="false" /> <param name="handled_rpcs" array="true" mandatory="false" /> + <param name="allow_unknown_rpc_passthrough" type="Boolean" mandatory="false" /> </struct> <typedef name="HmiLevels" type="HmiLevel" array="true" diff --git a/src/components/policy/policy_external/src/cache_manager.cc b/src/components/policy/policy_external/src/cache_manager.cc index bfc0825d65..4a738aa6ed 100644 --- a/src/components/policy/policy_external/src/cache_manager.cc +++ b/src/components/policy/policy_external/src/cache_manager.cc @@ -1541,6 +1541,21 @@ void CacheManager::GetAppServiceParameters( } } +bool CacheManager::UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const { + const policy_table::ApplicationPolicies& policies = + pt_->policy_table.app_policies_section.apps; + policy_table::ApplicationPolicies::const_iterator policy_iter = + policies.find(policy_app_id); + if (policies.end() != policy_iter) { + const auto app_policy = (*policy_iter).second; + if (app_policy.allow_unknown_rpc_passthrough.is_initialized()) { + return *(app_policy.allow_unknown_rpc_passthrough); + } + } + return false; +} + std::vector<UserFriendlyMessage> CacheManager::GetUserFriendlyMsg( const std::vector<std::string>& msg_codes, const std::string& language, diff --git a/src/components/policy/policy_external/src/policy_manager_impl.cc b/src/components/policy/policy_external/src/policy_manager_impl.cc index 4858611ba1..742435098e 100644 --- a/src/components/policy/policy_external/src/policy_manager_impl.cc +++ b/src/components/policy/policy_external/src/policy_manager_impl.cc @@ -799,6 +799,12 @@ void PolicyManagerImpl::GetAppServiceParameters( cache_->GetAppServiceParameters(policy_app_id, app_service_parameters); } +bool PolicyManagerImpl::UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + return cache_->UnknownRPCPassthroughAllowed(policy_app_id); +} + void PolicyManagerImpl::CheckPermissions(const PTString& app_id, const PTString& hmi_level, const PTString& rpc, diff --git a/src/components/policy/policy_external/src/policy_table/types.cc b/src/components/policy/policy_external/src/policy_table/types.cc index ca14b20987..f95b270fdf 100644 --- a/src/components/policy/policy_external/src/policy_table/types.cc +++ b/src/components/policy/policy_external/src/policy_table/types.cc @@ -353,7 +353,9 @@ ApplicationParams::ApplicationParams(const Json::Value* value__) , auth_token(impl::ValueMember(value__, "auth_token")) , cloud_transport_type(impl::ValueMember(value__, "cloud_transport_type")) , icon_url(impl::ValueMember(value__, "icon_url")) - , app_service_parameters(impl::ValueMember(value__, "app_services")) {} + , app_service_parameters(impl::ValueMember(value__, "app_services")) + , allow_unknown_rpc_passthrough( + impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) {} Json::Value ApplicationParams::ToJsonValue() const { Json::Value result__(PolicyBase::ToJsonValue()); @@ -374,6 +376,9 @@ Json::Value ApplicationParams::ToJsonValue() const { impl::WriteJsonField("cloud_transport_type", cloud_transport_type, &result__); impl::WriteJsonField("icon_url", auth_token, &result__); impl::WriteJsonField("app_services", app_service_parameters, &result__); + impl::WriteJsonField("allow_unknown_rpc_passthrough", + allow_unknown_rpc_passthrough, + &result__); return result__; } @@ -422,6 +427,9 @@ bool ApplicationParams::is_valid() const { if (!app_service_parameters.is_valid()) { return false; } + if (!allow_unknown_rpc_passthrough.is_valid()) { + return false; + } return Validate(); } @@ -478,6 +486,9 @@ bool ApplicationParams::struct_empty() const { if (app_service_parameters.is_initialized()) { return false; } + if (allow_unknown_rpc_passthrough.is_initialized()) { + return false; + } return true; } @@ -552,6 +563,10 @@ void ApplicationParams::ReportErrors(rpc::ValidationReport* report__) const { app_service_parameters.ReportErrors( &report__->ReportSubobject("app_services")); } + if (!allow_unknown_rpc_passthrough.is_valid()) { + allow_unknown_rpc_passthrough.ReportErrors( + &report__->ReportSubobject("allow_unknown_rpc_passthrough")); + } } void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { @@ -569,6 +584,7 @@ void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { hybrid_app_preference.SetPolicyTableType(pt_type); icon_url.SetPolicyTableType(pt_type); app_service_parameters.SetPolicyTableType(pt_type); + allow_unknown_rpc_passthrough.SetPolicyTableType(pt_type); } // RpcParameters methods diff --git a/src/components/policy/policy_external/src/sql_pt_ext_queries.cc b/src/components/policy/policy_external/src/sql_pt_ext_queries.cc index 58206e2c69..2c24bbc522 100644 --- a/src/components/policy/policy_external/src/sql_pt_ext_queries.cc +++ b/src/components/policy/policy_external/src/sql_pt_ext_queries.cc @@ -207,8 +207,9 @@ const std::string kInsertApplication = " `default_hmi`, `priority_value`, `is_revoked`, `memory_kb`, " " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " " `endpoint`, `enabled`, `auth_token`, " - " `cloud_transport_type`, `icon_url`) VALUES " - "(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; + " `cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`) " + "VALUES " + "(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; const std::string kCollectFriendlyMsg = "SELECT * FROM `message`"; @@ -236,8 +237,9 @@ const std::string kSelectPreconsentedGroupsId = const std::string kSelectAppPolicies = "SELECT `id`, `priority_value`, `default_hmi`, `keep_context`, " " `steal_focus`, `memory_kb`, `heart_beat_timeout_ms`, `certificate`, " - " `hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token` " - " `cloud_transport_type`, `icon_url` FROM `application`"; + " `hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token`, " + " `cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough` " + "FROM `application`"; const std::string kSelectFunctionalGroupNames = "SELECT `id`, `user_consent_prompt`, `name`" diff --git a/src/components/policy/policy_external/src/sql_pt_ext_representation.cc b/src/components/policy/policy_external/src/sql_pt_ext_representation.cc index 29970a4424..b19feddee6 100644 --- a/src/components/policy/policy_external/src/sql_pt_ext_representation.cc +++ b/src/components/policy/policy_external/src/sql_pt_ext_representation.cc @@ -793,6 +793,9 @@ bool SQLPTExtRepresentation::SaveSpecificAppPolicy( app.second.icon_url.is_initialized() ? app_query.Bind(14, *app.second.icon_url) : app_query.Bind(14); + app.second.allow_unknown_rpc_passthrough.is_initialized() + ? app_query.Bind(15, *app.second.allow_unknown_rpc_passthrough) + : app_query.Bind(15); if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); @@ -936,7 +939,7 @@ bool SQLPTExtRepresentation::GatherApplicationPoliciesSection( *params.auth_token = query.GetString(11); *params.cloud_transport_type = query.GetString(12); *params.icon_url = query.GetString(13); - + *params.allow_unknown_rpc_passthrough = query.GetBoolean(14); const auto& gather_app_id = ((*policies).apps[app_id].is_string()) ? (*policies).apps[app_id].get_string() : app_id; diff --git a/src/components/policy/policy_external/src/sql_pt_queries.cc b/src/components/policy/policy_external/src/sql_pt_queries.cc index dea0fb4166..f4cac214a5 100644 --- a/src/components/policy/policy_external/src/sql_pt_queries.cc +++ b/src/components/policy/policy_external/src/sql_pt_queries.cc @@ -157,6 +157,7 @@ const std::string kCreateSchema = " `auth_token` VARCHAR(65535), " " `cloud_transport_type` VARCHAR(255), " " `icon_url` VARCHAR(65535), " + " `allow_unknown_rpc_passthrough` BOOLEAN, " " `remote_control_denied` BOOLEAN NOT NULL DEFAULT 0, " " CONSTRAINT `fk_application_hmi_level1` " " FOREIGN KEY(`default_hmi`) " @@ -677,8 +678,9 @@ const std::string kInsertApplication = "INSERT OR IGNORE INTO `application` (`id`, `priority_value`, " "`is_revoked`, `memory_kb`, `heart_beat_timeout_ms`, `certificate`, " "`hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token`, " - "`cloud_transport_type`, `icon_url`) VALUES " - "(?,?,?,?,?,?,?,?,?,?,?,?)"; + "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`) " + "VALUES " + "(?,?,?,?,?,?,?,?,?,?,?,?,?)"; const std::string kInsertAppGroup = "INSERT INTO `app_group` (`application_id`, `functional_group_id`)" @@ -817,7 +819,8 @@ const std::string kSelectUserMsgsVersion = const std::string kSelectAppPolicies = "SELECT `id`, `priority_value`, `memory_kb`, " " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " - " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url` " + " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url`, " + " `allow_unknown_rpc_passthrough` " "FROM " " `application`"; @@ -941,14 +944,17 @@ const std::string kInsertApplicationFull = " `default_hmi`, `priority_value`, `is_revoked`, `is_default`, " " `is_predata`, `memory_kb`, `heart_beat_timeout_ms`, " " `certificate`, `hybrid_app_preference_value`, `endpoint`, `enabled`, " - " `auth_token`, `cloud_transport_type`, `icon_url`) " - " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; + " `auth_token`, `cloud_transport_type`, `icon_url`, " + "`allow_unknown_rpc_passthrough`) " + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; const std::string kSelectApplicationFull = "SELECT `keep_context`, `steal_focus`, `default_hmi`, `priority_value`, " " `is_revoked`, `is_default`, `is_predata`, `memory_kb`," " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " - " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url` " + " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, " + "`icon_url`, " + " `allow_unknown_rpc_passthrough` " "FROM `application` " "WHERE `id` = ?"; diff --git a/src/components/policy/policy_external/src/sql_pt_representation.cc b/src/components/policy/policy_external/src/sql_pt_representation.cc index b9ccf70b7a..dce86f6d52 100644 --- a/src/components/policy/policy_external/src/sql_pt_representation.cc +++ b/src/components/policy/policy_external/src/sql_pt_representation.cc @@ -778,7 +778,7 @@ bool SQLPTRepresentation::GatherApplicationPoliciesSection( *params.auth_token = query.GetString(8); *params.cloud_transport_type = query.GetString(9); *params.icon_url = query.GetString(10); - + *params.allow_unknown_rpc_passthrough = query.GetBoolean(11); const auto& gather_app_id = ((*policies).apps[app_id].is_string()) ? (*policies).apps[app_id].get_string() : app_id; @@ -1093,6 +1093,9 @@ bool SQLPTRepresentation::SaveSpecificAppPolicy( app.second.icon_url.is_initialized() ? app_query.Bind(11, *app.second.icon_url) : app_query.Bind(11); + app.second.allow_unknown_rpc_passthrough.is_initialized() + ? app_query.Bind(12, *app.second.allow_unknown_rpc_passthrough) + : app_query.Bind(12); if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); @@ -2343,6 +2346,8 @@ bool SQLPTRepresentation::CopyApplication(const std::string& source, : query.Bind(15, source_app.GetString(14)); source_app.IsNull(15) ? query.Bind(16) : query.Bind(16, source_app.GetString(15)); + source_app.IsNull(16) ? query.Bind(17) + : query.Bind(17, source_app.GetBoolean(16)); if (!query.Exec()) { LOG4CXX_WARN(logger_, "Failed inserting into application."); diff --git a/src/components/policy/policy_regular/include/policy/cache_manager.h b/src/components/policy/policy_regular/include/policy/cache_manager.h index 72a6aae4ad..840b706c8b 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager.h @@ -241,6 +241,14 @@ class CacheManager : public CacheManagerInterface { policy_table::AppServiceParameters* app_service_parameters) const; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const; + + /** * @brief Allows to update 'vin' field in module_meta table. * * @param new 'vin' value. diff --git a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h index 6f6c8f97ab..2c14fd8cba 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h @@ -247,6 +247,14 @@ class CacheManagerInterface { policy_table::AppServiceParameters* app_service_parameters) const = 0; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + */ + virtual bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const = 0; + + /** * @brief Allows to update 'vin' field in module_meta table. * * @param new 'vin' value. diff --git a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h index df2b44ba9a..911ce65a11 100644 --- a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h +++ b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h @@ -668,6 +668,15 @@ class PolicyManagerImpl : public PolicyManager { app_service_parameters) const OVERRIDE; /** + * @brief Check if an app can send unknown rpc requests to an app service + * provider + * @param policy_app_id Unique application id + * @return bool true if allowed + */ + bool UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const OVERRIDE; + + /** * @brief OnAppRegisteredOnMobile allows to handle event when application were * succesfully registered on mobile device. * It will send OnAppPermissionSend notification and will try to start PTU. * diff --git a/src/components/policy/policy_regular/include/policy/policy_table/types.h b/src/components/policy/policy_regular/include/policy/policy_table/types.h index 65a489ef27..e41069a86c 100644 --- a/src/components/policy/policy_regular/include/policy/policy_table/types.h +++ b/src/components/policy/policy_regular/include/policy/policy_table/types.h @@ -202,6 +202,7 @@ struct ApplicationParams : PolicyBase { // App Service Params Optional<AppServiceParameters> app_service_parameters; + Optional<Boolean> allow_unknown_rpc_passthrough; public: ApplicationParams(); diff --git a/src/components/policy/policy_regular/src/cache_manager.cc b/src/components/policy/policy_regular/src/cache_manager.cc index 42e2af5804..991c6a1363 100644 --- a/src/components/policy/policy_regular/src/cache_manager.cc +++ b/src/components/policy/policy_regular/src/cache_manager.cc @@ -836,6 +836,21 @@ void CacheManager::GetAppServiceParameters( } } +bool CacheManager::UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const { + const policy_table::ApplicationPolicies& policies = + pt_->policy_table.app_policies_section.apps; + policy_table::ApplicationPolicies::const_iterator policy_iter = + policies.find(policy_app_id); + if (policies.end() != policy_iter) { + const auto app_policy = (*policy_iter).second; + if (app_policy.allow_unknown_rpc_passthrough.is_initialized()) { + return *(app_policy.allow_unknown_rpc_passthrough); + } + } + return false; +} + std::vector<UserFriendlyMessage> CacheManager::GetUserFriendlyMsg( const std::vector<std::string>& msg_codes, const std::string& language) { LOG4CXX_AUTO_TRACE(logger_); diff --git a/src/components/policy/policy_regular/src/policy_manager_impl.cc b/src/components/policy/policy_regular/src/policy_manager_impl.cc index 62e40433aa..10e1c73e9a 100644 --- a/src/components/policy/policy_regular/src/policy_manager_impl.cc +++ b/src/components/policy/policy_regular/src/policy_manager_impl.cc @@ -618,6 +618,12 @@ void PolicyManagerImpl::GetAppServiceParameters( cache_->GetAppServiceParameters(policy_app_id, app_service_parameters); } +bool PolicyManagerImpl::UnknownRPCPassthroughAllowed( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + return cache_->UnknownRPCPassthroughAllowed(policy_app_id); +} + void PolicyManagerImpl::CheckPermissions(const PTString& device_id, const PTString& app_id, const PTString& hmi_level, diff --git a/src/components/policy/policy_regular/src/policy_table/types.cc b/src/components/policy/policy_regular/src/policy_table/types.cc index ac100984da..bdf1329dee 100644 --- a/src/components/policy/policy_regular/src/policy_table/types.cc +++ b/src/components/policy/policy_regular/src/policy_table/types.cc @@ -278,7 +278,9 @@ ApplicationParams::ApplicationParams(const Json::Value* value__) , auth_token(impl::ValueMember(value__, "auth_token")) , cloud_transport_type(impl::ValueMember(value__, "cloud_transport_type")) , icon_url(impl::ValueMember(value__, "icon_url")) - , app_service_parameters(impl::ValueMember(value__, "app_services")) {} + , app_service_parameters(impl::ValueMember(value__, "app_services")) + , allow_unknown_rpc_passthrough( + impl::ValueMember(value__, "allow_unknown_rpc_passthrough")) {} Json::Value ApplicationParams::ToJsonValue() const { Json::Value result__(PolicyBase::ToJsonValue()); @@ -300,6 +302,9 @@ Json::Value ApplicationParams::ToJsonValue() const { impl::WriteJsonField("cloud_transport_type", cloud_transport_type, &result__); impl::WriteJsonField("icon_url", auth_token, &result__); impl::WriteJsonField("app_services", app_service_parameters, &result__); + impl::WriteJsonField("allow_unknown_rpc_passthrough", + allow_unknown_rpc_passthrough, + &result__); return result__; } @@ -352,6 +357,9 @@ bool ApplicationParams::is_valid() const { if (!app_service_parameters.is_valid()) { return false; } + if (!allow_unknown_rpc_passthrough.is_valid()) { + return false; + } return Validate(); } @@ -411,6 +419,9 @@ bool ApplicationParams::struct_empty() const { if (app_service_parameters.is_initialized()) { return false; } + if (allow_unknown_rpc_passthrough.is_initialized()) { + return false; + } return true; } @@ -472,6 +483,10 @@ void ApplicationParams::ReportErrors(rpc::ValidationReport* report__) const { app_service_parameters.ReportErrors( &report__->ReportSubobject("app_services")); } + if (!allow_unknown_rpc_passthrough.is_valid()) { + allow_unknown_rpc_passthrough.ReportErrors( + &report__->ReportSubobject("allow_unknown_rpc_passthrough")); + } } void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { @@ -490,6 +505,7 @@ void ApplicationParams::SetPolicyTableType(PolicyTableType pt_type) { hybrid_app_preference.SetPolicyTableType(pt_type); icon_url.SetPolicyTableType(pt_type); app_service_parameters.SetPolicyTableType(pt_type); + allow_unknown_rpc_passthrough.SetPolicyTableType(pt_type); } // RpcParameters methods diff --git a/src/components/policy/policy_regular/src/sql_pt_queries.cc b/src/components/policy/policy_regular/src/sql_pt_queries.cc index 708a29c34a..a97b0ab153 100644 --- a/src/components/policy/policy_regular/src/sql_pt_queries.cc +++ b/src/components/policy/policy_regular/src/sql_pt_queries.cc @@ -143,6 +143,7 @@ const std::string kCreateSchema = " `auth_token` VARCHAR(65535), " " `cloud_transport_type` VARCHAR(255), " " `icon_url` VARCHAR(65535), " + " `allow_unknown_rpc_passthrough` BOOLEAN, " " `remote_control_denied` BOOLEAN NOT NULL DEFAULT 0, " " CONSTRAINT `fk_application_hmi_level1` " " FOREIGN KEY(`default_hmi`) " @@ -626,8 +627,9 @@ const std::string kInsertApplication = "INSERT OR IGNORE INTO `application` (`id`, `priority_value`, " "`is_revoked`, `memory_kb`, `heart_beat_timeout_ms`, `certificate`, " "`hybrid_app_preference_value`, `endpoint`, `enabled`, `auth_token`, " - "`cloud_transport_type`, `icon_url`) VALUES " - "(?,?,?,?,?,?,?,?,?,?,?,?)"; + "`cloud_transport_type`, `icon_url`, `allow_unknown_rpc_passthrough`) " + "VALUES " + "(?,?,?,?,?,?,?,?,?,?,?,?,?)"; const std::string kInsertAppGroup = "INSERT INTO `app_group` (`application_id`, `functional_group_id`)" @@ -752,7 +754,8 @@ const std::string kSelectUserMsgsVersion = const std::string kSelectAppPolicies = "SELECT `id`, `priority_value`, `memory_kb`, " " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " - " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url` " + " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url`, " + " `allow_unknown_rpc_passthrough` " "FROM " " `application`"; @@ -876,14 +879,17 @@ const std::string kInsertApplicationFull = " `default_hmi`, `priority_value`, `is_revoked`, `is_default`, " " `is_predata`, `memory_kb`, `heart_beat_timeout_ms`, " " `certificate`, `hybrid_app_preference_value`, `endpoint`, `enabled`, " - " `auth_token`, `cloud_transport_type`, `icon_url`) " - " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; + " `auth_token`, `cloud_transport_type`, `icon_url`, " + "`allow_unknown_rpc_passthrough`) " + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; const std::string kSelectApplicationFull = "SELECT `keep_context`, `steal_focus`, `default_hmi`, `priority_value`, " " `is_revoked`, `is_default`, `is_predata`, `memory_kb`," " `heart_beat_timeout_ms`, `certificate`, `hybrid_app_preference_value`, " - " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, `icon_url` " + " `endpoint`, `enabled`, `auth_token`, `cloud_transport_type`, " + "`icon_url`, " + " `allow_unknown_rpc_passthrough` " "FROM `application` " "WHERE `id` = " "?"; diff --git a/src/components/policy/policy_regular/src/sql_pt_representation.cc b/src/components/policy/policy_regular/src/sql_pt_representation.cc index 604e69f6fa..c6f78d6d70 100644 --- a/src/components/policy/policy_regular/src/sql_pt_representation.cc +++ b/src/components/policy/policy_regular/src/sql_pt_representation.cc @@ -734,6 +734,7 @@ bool SQLPTRepresentation::GatherApplicationPoliciesSection( *params.auth_token = query.GetString(8); *params.cloud_transport_type = query.GetString(9); *params.icon_url = query.GetString(10); + *params.allow_unknown_rpc_passthrough = query.GetBoolean(11); const auto& gather_app_id = ((*policies).apps[app_id].is_string()) ? (*policies).apps[app_id].get_string() @@ -1035,6 +1036,9 @@ bool SQLPTRepresentation::SaveSpecificAppPolicy( app.second.icon_url.is_initialized() ? app_query.Bind(11, *app.second.icon_url) : app_query.Bind(11); + app.second.allow_unknown_rpc_passthrough.is_initialized() + ? app_query.Bind(12, *app.second.allow_unknown_rpc_passthrough) + : app_query.Bind(12); if (!app_query.Exec() || !app_query.Reset()) { LOG4CXX_WARN(logger_, "Incorrect insert into application."); @@ -2296,6 +2300,8 @@ bool SQLPTRepresentation::CopyApplication(const std::string& source, : query.Bind(15, source_app.GetString(14)); source_app.IsNull(15) ? query.Bind(16) : query.Bind(16, source_app.GetString(15)); + source_app.IsNull(16) ? query.Bind(17) + : query.Bind(17, source_app.GetBoolean(16)); if (!query.Exec()) { LOG4CXX_WARN(logger_, "Failed inserting into application."); |