diff options
Diffstat (limited to 'src/components/policy/policy_regular/include/policy')
6 files changed, 184 insertions, 16 deletions
diff --git a/src/components/policy/policy_regular/include/policy/cache_manager.h b/src/components/policy/policy_regular/include/policy/cache_manager.h index 1c28b596c0..1773347af7 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager.h @@ -396,6 +396,12 @@ class CacheManager : public CacheManagerInterface { bool GetFunctionalGroupings(policy_table::FunctionalGroupings& groups); /** + * @brief Get policy app names from PT + * @return container of strings representing policy application names + */ + const policy_table::Strings GetPolicyAppIDs() const OVERRIDE; + + /** * Checks if the application is represented in policy table * @param app_id application id * @return true if application is represented in policy table @@ -850,6 +856,16 @@ class CacheManager : public CacheManagerInterface { void OnDeviceSwitching(const std::string& device_id_from, const std::string& device_id_to) OVERRIDE; + EncryptionRequired GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const OVERRIDE; + + EncryptionRequired GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const OVERRIDE; + + void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_policies) const OVERRIDE; + private: std::string currentDateTime(); struct AppHMITypeToString { diff --git a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h index e8f2644bc5..374db728c7 100644 --- a/src/components/policy/policy_regular/include/policy/cache_manager_interface.h +++ b/src/components/policy/policy_regular/include/policy/cache_manager_interface.h @@ -419,6 +419,12 @@ class CacheManagerInterface { policy_table::FunctionalGroupings& groups) = 0; /** + * @brief Get policy app names from PT + * @return container of strings representing policy application names + */ + virtual const policy_table::Strings GetPolicyAppIDs() const = 0; + + /** * Checks if the application is represented in policy table * @param app_id application id * @return true if application is represented in policy table @@ -815,6 +821,36 @@ class CacheManagerInterface { */ virtual void OnDeviceSwitching(const std::string& device_id_from, const std::string& device_id_to) = 0; + + /** + * @brief GetAppEncryptionRequiredFlag retrieves encryption required flag for + * given application + * @param application policy application name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> GetAppEncryptionRequiredFlag( + const std::string& application_policy_name) const = 0; + + /** + * @brief GetFunctionalGroupingEncryptionRequiredFlag retrieves encryption + * required flag + * for + * given functional grouping + * @param functional_group policy functional group name + * @return optional object containing encryption required flag + */ + virtual rpc::Optional<rpc::Boolean> + GetFunctionalGroupingEncryptionRequiredFlag( + const std::string& functional_group) const = 0; + + /** + * @brief retreives application params + * @param application_name policy applicatoin name + * @param application_params application params + */ + virtual void GetApplicationParams( + const std::string& application_name, + policy_table::ApplicationParams& application_params) const = 0; }; typedef std::shared_ptr<CacheManagerInterface> CacheManagerInterfaceSPtr; diff --git a/src/components/policy/policy_regular/include/policy/policy_helper.h b/src/components/policy/policy_regular/include/policy/policy_helper.h index 4c697858f5..adedd8786f 100644 --- a/src/components/policy/policy_regular/include/policy/policy_helper.h +++ b/src/components/policy/policy_regular/include/policy/policy_helper.h @@ -1,4 +1,4 @@ -/* +/* Copyright (c) 2013, Ford Motor Company All rights reserved. @@ -83,22 +83,11 @@ bool operator!=(const policy_table::ApplicationParams& first, struct CheckAppPolicy { CheckAppPolicy(PolicyManagerImpl* pm, const std::shared_ptr<policy_table::Table> update, - const std::shared_ptr<policy_table::Table> snapshot); + const std::shared_ptr<policy_table::Table> snapshot, + CheckAppPolicyResults& out_results); bool operator()(const AppPoliciesValueType& app_policy); private: - enum PermissionsCheckResult { - RESULT_NO_CHANGES, - RESULT_APP_REVOKED, - RESULT_NICKNAME_MISMATCH, - RESULT_PERMISSIONS_REVOKED, - RESULT_CONSENT_NEEDED, - RESULT_CONSENT_NOT_REQIURED, - RESULT_PERMISSIONS_REVOKED_AND_CONSENT_NEEDED, - RESULT_REQUEST_TYPE_CHANGED, - RESULT_REQUEST_SUBTYPE_CHANGED - }; - void SetPendingPermissions(const AppPoliciesValueType& app_policy, PermissionsCheckResult result) const; PermissionsCheckResult CheckPermissionsChanges( @@ -119,6 +108,16 @@ struct CheckAppPolicy { const policy_table::Strings& groups) const; bool IsAppRevoked(const AppPoliciesValueType& app_policy) const; bool NicknamesMatch(const AppPoliciesValueType& app_policy) const; + + /** + * @brief Check of current policy against incoming updated policy is + * performed. + * This function adds result code of this check to container. + * @param app_id Application id + * @param result Result value + */ + void AddResult(const std::string& app_id, PermissionsCheckResult result); + /** * @brief Allows to check if appropriate group requires any consent. * @param group_name the group for which consent will be checked. @@ -129,10 +128,31 @@ struct CheckAppPolicy { bool IsRequestTypeChanged(const AppPoliciesValueType& app_policy) const; bool IsRequestSubTypeChanged(const AppPoliciesValueType& app_policy) const; + bool IsEncryptionRequiredFlagChanged( + const AppPoliciesValueType& app_policy) const; + private: PolicyManagerImpl* pm_; const std::shared_ptr<policy_table::Table> update_; const std::shared_ptr<policy_table::Table> snapshot_; + CheckAppPolicyResults& out_results_; +}; + +/** + * @brief Helper struct for filling actions to be done for processed application + * using CheckAppPolicyResults data as a source + */ +struct FillActionsForAppPolicies { + FillActionsForAppPolicies( + ApplicationsPoliciesActions& actions, + const policy_table::ApplicationPolicies& app_policies) + : actions_(actions), app_policies_(app_policies) {} + + void operator()(const policy::CheckAppPolicyResults::value_type& value); + + private: + ApplicationsPoliciesActions& actions_; + const policy_table::ApplicationPolicies& app_policies_; }; /* @@ -174,6 +194,9 @@ struct ProcessFunctionalGroup { private: GroupConsent GetGroupState(const std::string& group_name); + void FillEncryptionFlagForRpcs( + const policy_table::Rpc& rpcs, + const policy::EncryptionRequired encryption_required); const policy_table::FunctionalGroupings& fg_; const std::vector<FunctionalGroupPermission>& group_permissions_; Permissions& data_; diff --git a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h index 903f7820d2..d8ab079cf0 100644 --- a/src/components/policy/policy_regular/include/policy/policy_manager_impl.h +++ b/src/components/policy/policy_regular/include/policy/policy_manager_impl.h @@ -37,6 +37,7 @@ #include <list> #include <string> +#include "application_manager/policies/policy_encryption_flag_getter.h" #include "policy/access_remote.h" #include "policy/access_remote_impl.h" #include "policy/cache_manager_interface.h" @@ -57,6 +58,45 @@ struct CheckAppPolicy; class PolicyManagerImpl : public PolicyManager { public: PolicyManagerImpl(); + /* + * \param policy_app_id policy app id + * \return true if the app need encryption + */ + bool AppNeedEncryption(const std::string& policy_app_id) const OVERRIDE; + + /* + * \param policy_app_id policy app id + * \return Optional app need encryption + */ + const rpc::Optional<rpc::Boolean> GetAppEncryptionRequired( + const std::string& policy_app_id) const OVERRIDE; + /* + * \param policy_app_id policy app id + * \return groups that exist for app + */ + const std::vector<std::string> GetFunctionalGroupsForApp( + const std::string& policy_app_id) const OVERRIDE; + + const std::vector<std::string> GetApplicationPolicyIDs() const OVERRIDE; + + /* + * \param policy_group group + * \return true if the group need encryption + */ + bool FunctionGroupNeedEncryption( + const std::string& policy_group) const OVERRIDE; + /* + * \param policy_group group + * \return RPCs that exists in group + */ + const std::vector<std::string> GetRPCsForFunctionGroup( + const std::string& group) const OVERRIDE; + /* + * \param function_id function id + * \return policy function name + */ + const std::string GetPolicyFunctionName( + const uint32_t function_id) const OVERRIDE; /** * @brief set_listener set new policy listener instance @@ -92,6 +132,21 @@ class PolicyManagerImpl : public PolicyManager { bool LoadPT(const std::string& file, const BinaryMessage& pt_content) OVERRIDE; + typedef policy_table::ApplicationPolicies::value_type AppPoliciesValueType; + + /** + * @brief Notifies system by sending OnAppPermissionChanged notification + * @param app_policy Reference to application policy + */ + void NotifySystem(const AppPoliciesValueType& app_policy) const; + + /** + * @brief Sends OnPermissionChange notification to application if its + * currently registered + * @param app_policy Reference to application policy + */ + void SendPermissionsToApp(const AppPoliciesValueType& app_policy); + /** * @brief Resets Policy Table * @param file_name Path to preloaded PT file @@ -836,10 +891,19 @@ class PolicyManagerImpl : public PolicyManager { * @param snapshot Shared pointer to current copy of policy table * @return Collection per-application results */ - void CheckPermissionsChanges( + CheckAppPolicyResults CheckPermissionsChanges( const std::shared_ptr<policy_table::Table> update, const std::shared_ptr<policy_table::Table> snapshot); + void ProcessAppPolicyCheckResults( + const CheckAppPolicyResults& results, + const rpc::policy_table_interface_base::ApplicationPolicies& + app_policies); + + void ProcessActionsForAppPolicies( + const ApplicationsPoliciesActions& actions, + const policy_table::ApplicationPolicies& app_policies); + /** * @brief Compares current policies to the updated one. * Trigger actions in case if certain fields after update were changed. diff --git a/src/components/policy/policy_regular/include/policy/policy_table/types.h b/src/components/policy/policy_regular/include/policy/policy_table/types.h index c2a8f901ad..cb7b689317 100644 --- a/src/components/policy/policy_regular/include/policy/policy_table/types.h +++ b/src/components/policy/policy_regular/include/policy/policy_table/types.h @@ -203,6 +203,7 @@ struct ApplicationParams : PolicyBase { // App Service Params Optional<AppServiceParameters> app_service_parameters; Optional<Boolean> allow_unknown_rpc_passthrough; + Optional<Boolean> encryption_required; public: ApplicationParams(); @@ -268,6 +269,7 @@ struct Rpcs : CompositeType { public: Optional<String<1, 255> > user_consent_prompt; Nullable<Rpc> rpcs; + Optional<Boolean> encryption_required; public: Rpcs(); diff --git a/src/components/policy/policy_regular/include/policy/policy_types.h b/src/components/policy/policy_regular/include/policy/policy_types.h index 0be5919126..2794615cb4 100644 --- a/src/components/policy/policy_regular/include/policy/policy_types.h +++ b/src/components/policy/policy_regular/include/policy/policy_types.h @@ -41,6 +41,7 @@ #include <utility> #include <vector> +#include "policy/policy_table/types.h" #include "transport_manager/common.h" #include "utils/helpers.h" @@ -77,6 +78,8 @@ enum PolicyTableStatus { StatusUnknown }; +typedef rpc::Optional<rpc::Boolean> EncryptionRequired; + // Code generator uses String class name, so this typedef was renamed to PTSring typedef std::string PTString; typedef std::vector<uint8_t> BinaryMessage; @@ -102,6 +105,7 @@ struct ParameterPermissions struct RpcPermissions { HMIPermissions hmi_permissions; ParameterPermissions parameter_permissions; + EncryptionRequired require_encryption; }; typedef std::map<RpcName, RpcPermissions> Permissions; @@ -428,6 +432,28 @@ struct ExternalConsentStatusItemSorter { }; /** + * @brief The ApplicationPolicyActions struct contains actions which should be + * done for some application + */ +struct ApplicationPolicyActions { + ApplicationPolicyActions() + : is_notify_system(false) + , is_send_permissions_to_app(false) + , is_consent_needed(false) {} + + bool is_notify_system; + bool is_send_permissions_to_app; + bool is_consent_needed; +}; + +/** + * @brief ApplicationsPoliciesActions map of actions to be done for every + * application + */ +typedef std::map<std::string, ApplicationPolicyActions> + ApplicationsPoliciesActions; + +/** * @brief Customer connectivity settings status */ typedef std::set<ExternalConsentStatusItem, ExternalConsentStatusItemSorter> @@ -476,7 +502,8 @@ enum PermissionsCheckResult { RESULT_CONSENT_NOT_REQIURED, RESULT_PERMISSIONS_REVOKED_AND_CONSENT_NEEDED, RESULT_REQUEST_TYPE_CHANGED, - RESULT_REQUEST_SUBTYPE_CHANGED + RESULT_REQUEST_SUBTYPE_CHANGED, + RESULT_ENCRYPTION_REQUIRED_FLAG_CHANGED }; /** |