diff options
Diffstat (limited to 'src/components/policy/policy_external/src/policy_helper.cc')
-rw-r--r-- | src/components/policy/policy_external/src/policy_helper.cc | 66 |
1 files changed, 53 insertions, 13 deletions
diff --git a/src/components/policy/policy_external/src/policy_helper.cc b/src/components/policy/policy_external/src/policy_helper.cc index 8be0372c03..39b9399c24 100644 --- a/src/components/policy/policy_external/src/policy_helper.cc +++ b/src/components/policy/policy_external/src/policy_helper.cc @@ -322,9 +322,21 @@ bool CheckAppPolicy::operator()(const AppPoliciesValueType& app_policy) { PermissionsCheckResult result = CheckPermissionsChanges(app_policy); - if (!IsPredefinedApp(app_policy) && IsRequestTypeChanged(app_policy)) { - SetPendingPermissions(app_policy, RESULT_REQUEST_TYPE_CHANGED); - AddResult(app_id, RESULT_REQUEST_TYPE_CHANGED); + if (!IsPredefinedApp(app_policy)) { + const bool is_request_type_changed = IsRequestTypeChanged(app_policy); + const bool is_request_subtype_changed = IsRequestSubTypeChanged(app_policy); + if (is_request_type_changed) { + LOG4CXX_TRACE(logger_, + "Request types were changed for application: " << app_id); + SetPendingPermissions(app_policy, RESULT_REQUEST_TYPE_CHANGED); + AddResult(app_id, RESULT_REQUEST_TYPE_CHANGED); + } + if (is_request_subtype_changed) { + LOG4CXX_TRACE( + logger_, "Request subtypes were changed for application: " << app_id); + SetPendingPermissions(app_policy, RESULT_REQUEST_SUBTYPE_CHANGED); + AddResult(app_id, RESULT_REQUEST_SUBTYPE_CHANGED); + } } if (RESULT_NO_CHANGES == result) { @@ -389,17 +401,18 @@ void policy::CheckAppPolicy::SetPendingPermissions( break; case RESULT_REQUEST_TYPE_CHANGED: permissions_diff.requestTypeChanged = true; - { - // Getting RequestTypes from PTU (not from cache) - policy_table::RequestTypes::const_iterator it_request_type = - app_policy.second.RequestType->begin(); - for (; app_policy.second.RequestType->end() != it_request_type; - ++it_request_type) { - permissions_diff.requestType.push_back( - EnumToJsonString(*it_request_type)); - } - } + // Getting Request Types from PTU (not from cache) + for (const auto& request_type : *app_policy.second.RequestType) { + permissions_diff.requestType.push_back(EnumToJsonString(request_type)); + } + break; + case RESULT_REQUEST_SUBTYPE_CHANGED: + permissions_diff.requestSubTypeChanged = true; + // Getting Request SubTypes from PTU (not from cache) + for (const auto& request_subtype : *app_policy.second.RequestSubType) { + permissions_diff.requestSubType.push_back(request_subtype); + } break; default: return; @@ -484,6 +497,32 @@ bool CheckAppPolicy::IsRequestTypeChanged( return diff.size(); } +bool CheckAppPolicy::IsRequestSubTypeChanged( + const AppPoliciesValueType& app_policy) const { + policy::AppPoliciesConstItr it = + snapshot_->policy_table.app_policies_section.apps.find(app_policy.first); + + if (it == snapshot_->policy_table.app_policies_section.apps.end()) { + if (!app_policy.second.RequestSubType->empty()) { + return true; + } + return false; + } + + if (it->second.RequestSubType->size() != + app_policy.second.RequestSubType->size()) { + return true; + } + + policy_table::RequestSubTypes diff; + std::set_difference(it->second.RequestSubType->begin(), + it->second.RequestSubType->end(), + app_policy.second.RequestSubType->begin(), + app_policy.second.RequestSubType->end(), + std::back_inserter(diff)); + return diff.size(); +} + void FillActionsForAppPolicies::operator()( const policy::CheckAppPolicyResults::value_type& value) { const std::string app_id = value.first; @@ -510,6 +549,7 @@ void FillActionsForAppPolicies::operator()( case RESULT_CONSENT_NOT_REQIURED: case RESULT_PERMISSIONS_REVOKED: case RESULT_REQUEST_TYPE_CHANGED: + case RESULT_REQUEST_SUBTYPE_CHANGED: break; case RESULT_NO_CHANGES: default: |