diff options
Diffstat (limited to 'src/components/policy/policy_external/src/policy_helper.cc')
-rw-r--r-- | src/components/policy/policy_external/src/policy_helper.cc | 38 |
1 files changed, 30 insertions, 8 deletions
diff --git a/src/components/policy/policy_external/src/policy_helper.cc b/src/components/policy/policy_external/src/policy_helper.cc index ed12cdde3a..2358c54bef 100644 --- a/src/components/policy/policy_external/src/policy_helper.cc +++ b/src/components/policy/policy_external/src/policy_helper.cc @@ -620,7 +620,16 @@ void FillNotificationData::UpdateParameters( ParametersConstItr it_parameters = in_parameters.begin(); ParametersConstItr it_parameters_end = in_parameters.end(); - // Due to APPLINK-24201 SDL must consider cases when 'parameters' section is + // To determine consent for a particular RPC in a particular HMI level with + // particular parameters (if applicable), the system shall find all of the + // functional groups the RPC is included in. If user consent is needed as + // listed within the functional group in the policy table, the system shall + // use a logical AND: backend permissions AND User permissions. If the RPC is + // listed under more than one group, the system shall perform a logical OR + // amongst all of the possible allowed permissions scenarios for the RPC (and + // parameter/or HMI level) defined by each of the functional groups. + + // Due to requirements SDL must consider cases when 'parameters' section is // not present for RPC or present, but is empty. // If 'parameters' section is like: 'parameters' : [] @@ -635,10 +644,8 @@ void FillNotificationData::UpdateParameters( // If 'parameters' section is omitted if (!in_parameters.is_initialized()) { - if (!does_require_user_consent_) { - out_parameter.any_parameter_allowed = true; - } - if (does_require_user_consent_ && kAllowedKey == current_key_) { + if (!does_require_user_consent_ || + (does_require_user_consent_ && kAllowedKey == current_key_)) { out_parameter.any_parameter_allowed = true; } } @@ -647,6 +654,13 @@ void FillNotificationData::UpdateParameters( out_parameter[current_key_].insert( policy_table::EnumToJsonString(*it_parameters)); } + + // We should reset ALL DISALLOWED flags if at least one parameter is allowed + // due to a logical OR permissions check + if (IsSomeParameterAllowed(out_parameter)) { + out_parameter.any_parameter_disallowed_by_policy = false; + out_parameter.any_parameter_disallowed_by_user = false; + } } void FillNotificationData::ExcludeSame(RpcPermissions& rpc) { @@ -769,16 +783,24 @@ bool FillNotificationData::RpcParametersEmpty(RpcPermissions& rpc) { no_user_disallowed_parameters; } -bool FillNotificationData::IsSectionEmpty(ParameterPermissions& permissions, - const std::string& section) { +bool FillNotificationData::IsSectionEmpty( + const ParameterPermissions& permissions, const std::string& section) const { ParameterPermissions::const_iterator it_section = permissions.find(section); ParameterPermissions::const_iterator end = permissions.end(); if (end != it_section) { - return permissions[section].empty(); + return it_section->second.empty(); } return true; } +bool FillNotificationData::IsSomeParameterAllowed( + const ParameterPermissions& permissions) const { + const bool are_any_consented_parameters_allowed = + kAllowedKey == current_key_ && !IsSectionEmpty(permissions, current_key_); + return permissions.any_parameter_allowed || + are_any_consented_parameters_allowed; +} + ProcessFunctionalGroup::ProcessFunctionalGroup( const policy_table::FunctionalGroupings& fg, const std::vector<FunctionalGroupPermission>& group_permissions, |