summaryrefslogtreecommitdiff
path: root/src/components/policy/policy_external/src/policy_helper.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/components/policy/policy_external/src/policy_helper.cc')
-rw-r--r--src/components/policy/policy_external/src/policy_helper.cc38
1 files changed, 30 insertions, 8 deletions
diff --git a/src/components/policy/policy_external/src/policy_helper.cc b/src/components/policy/policy_external/src/policy_helper.cc
index ed12cdde3a..2358c54bef 100644
--- a/src/components/policy/policy_external/src/policy_helper.cc
+++ b/src/components/policy/policy_external/src/policy_helper.cc
@@ -620,7 +620,16 @@ void FillNotificationData::UpdateParameters(
ParametersConstItr it_parameters = in_parameters.begin();
ParametersConstItr it_parameters_end = in_parameters.end();
- // Due to APPLINK-24201 SDL must consider cases when 'parameters' section is
+ // To determine consent for a particular RPC in a particular HMI level with
+ // particular parameters (if applicable), the system shall find all of the
+ // functional groups the RPC is included in. If user consent is needed as
+ // listed within the functional group in the policy table, the system shall
+ // use a logical AND: backend permissions AND User permissions. If the RPC is
+ // listed under more than one group, the system shall perform a logical OR
+ // amongst all of the possible allowed permissions scenarios for the RPC (and
+ // parameter/or HMI level) defined by each of the functional groups.
+
+ // Due to requirements SDL must consider cases when 'parameters' section is
// not present for RPC or present, but is empty.
// If 'parameters' section is like: 'parameters' : []
@@ -635,10 +644,8 @@ void FillNotificationData::UpdateParameters(
// If 'parameters' section is omitted
if (!in_parameters.is_initialized()) {
- if (!does_require_user_consent_) {
- out_parameter.any_parameter_allowed = true;
- }
- if (does_require_user_consent_ && kAllowedKey == current_key_) {
+ if (!does_require_user_consent_ ||
+ (does_require_user_consent_ && kAllowedKey == current_key_)) {
out_parameter.any_parameter_allowed = true;
}
}
@@ -647,6 +654,13 @@ void FillNotificationData::UpdateParameters(
out_parameter[current_key_].insert(
policy_table::EnumToJsonString(*it_parameters));
}
+
+ // We should reset ALL DISALLOWED flags if at least one parameter is allowed
+ // due to a logical OR permissions check
+ if (IsSomeParameterAllowed(out_parameter)) {
+ out_parameter.any_parameter_disallowed_by_policy = false;
+ out_parameter.any_parameter_disallowed_by_user = false;
+ }
}
void FillNotificationData::ExcludeSame(RpcPermissions& rpc) {
@@ -769,16 +783,24 @@ bool FillNotificationData::RpcParametersEmpty(RpcPermissions& rpc) {
no_user_disallowed_parameters;
}
-bool FillNotificationData::IsSectionEmpty(ParameterPermissions& permissions,
- const std::string& section) {
+bool FillNotificationData::IsSectionEmpty(
+ const ParameterPermissions& permissions, const std::string& section) const {
ParameterPermissions::const_iterator it_section = permissions.find(section);
ParameterPermissions::const_iterator end = permissions.end();
if (end != it_section) {
- return permissions[section].empty();
+ return it_section->second.empty();
}
return true;
}
+bool FillNotificationData::IsSomeParameterAllowed(
+ const ParameterPermissions& permissions) const {
+ const bool are_any_consented_parameters_allowed =
+ kAllowedKey == current_key_ && !IsSectionEmpty(permissions, current_key_);
+ return permissions.any_parameter_allowed ||
+ are_any_consented_parameters_allowed;
+}
+
ProcessFunctionalGroup::ProcessFunctionalGroup(
const policy_table::FunctionalGroupings& fg,
const std::vector<FunctionalGroupPermission>& group_permissions,