diff options
Diffstat (limited to 'src/components/policy/policy_regular/src/policy_manager_impl.cc')
-rw-r--r-- | src/components/policy/policy_regular/src/policy_manager_impl.cc | 181 |
1 files changed, 177 insertions, 4 deletions
diff --git a/src/components/policy/policy_regular/src/policy_manager_impl.cc b/src/components/policy/policy_regular/src/policy_manager_impl.cc index 5a7c822a9b..e3d2c1780c 100644 --- a/src/components/policy/policy_regular/src/policy_manager_impl.cc +++ b/src/components/policy/policy_regular/src/policy_manager_impl.cc @@ -348,7 +348,8 @@ bool PolicyManagerImpl::LoadPT(const std::string& file, // groups, which had been present before are absent in PTU and will be // removed after update. So in case of revoked groups system has to know // names and ids of revoked groups before they will be removed. - CheckPermissionsChanges(pt_update, policy_table_snapshot); + const auto results = + CheckPermissionsChanges(pt_update, policy_table_snapshot); // Replace current data with updated if (!cache_->ApplyUpdate(*pt_update)) { @@ -360,6 +361,9 @@ bool PolicyManagerImpl::LoadPT(const std::string& file, } CheckPermissionsChangesAfterUpdate(*pt_update, *policy_table_snapshot); + ProcessAppPolicyCheckResults( + results, pt_update->policy_table.app_policies_section.apps); + listener_->OnCertificateUpdated( *(pt_update->policy_table.module_config.certificate)); @@ -390,7 +394,82 @@ bool PolicyManagerImpl::LoadPT(const std::string& file, return true; } -void PolicyManagerImpl::CheckPermissionsChanges( +void PolicyManagerImpl::ProcessAppPolicyCheckResults( + const CheckAppPolicyResults& results, + const rpc::policy_table_interface_base::ApplicationPolicies& app_policies) { + LOG4CXX_AUTO_TRACE(logger_); + + ApplicationsPoliciesActions actions_for_apps_policies; + FillActionsForAppPolicies filler(actions_for_apps_policies, app_policies); + + std::for_each(results.begin(), results.end(), filler); + + ProcessActionsForAppPolicies(actions_for_apps_policies, app_policies); +} + +void PolicyManagerImpl::ProcessActionsForAppPolicies( + const ApplicationsPoliciesActions& actions, + const policy_table::ApplicationPolicies& app_policies) { + ApplicationsPoliciesActions::const_iterator it_actions = actions.begin(); + for (; it_actions != actions.end(); ++it_actions) { + auto app_policy = app_policies.find(it_actions->first); + if (app_policies.end() == app_policy) { + continue; + } + + if (it_actions->second.is_consent_needed) { + // Post-check after ExternalConsent consent changes + const std::string& policy_app_id = app_policy->first; + if (!IsConsentNeeded(last_device_id_, policy_app_id)) { + sync_primitives::AutoLock lock(app_permissions_diff_lock_); + + PendingPermissions::iterator app_id_diff = + app_permissions_diff_.find(policy_app_id); + + if (app_permissions_diff_.end() != app_id_diff) { + app_id_diff->second.appPermissionsConsentNeeded = false; + } + } + } + if (it_actions->second.is_notify_system) { + NotifySystem(*app_policy); + } + if (it_actions->second.is_send_permissions_to_app) { + SendPermissionsToApp(*app_policy); + } + } +} + +void PolicyManagerImpl::NotifySystem( + const PolicyManagerImpl::AppPoliciesValueType& app_policy) const { + listener()->OnPendingPermissionChange(last_device_id_, app_policy.first); +} + +void PolicyManagerImpl::SendPermissionsToApp( + const PolicyManagerImpl::AppPoliciesValueType& app_policy) { + const std::string app_id = app_policy.first; + + std::vector<FunctionalGroupPermission> group_permissons; + GetPermissionsForApp(last_device_id_, app_id, group_permissons); + + Permissions notification_data; + + // Need to get rid of this call + auto policy_table_snapshot = cache_->GenerateSnapshot(); + + PrepareNotificationData( + policy_table_snapshot->policy_table.functional_groupings, + app_policy.second.groups, + group_permissons, + notification_data); + + std::string default_hmi; + default_hmi = "NONE"; + listener()->OnPermissionsUpdated( + last_device_id_, app_id, notification_data, default_hmi); +} + +CheckAppPolicyResults PolicyManagerImpl::CheckPermissionsChanges( const std::shared_ptr<policy_table::Table> pt_update, const std::shared_ptr<policy_table::Table> snapshot) { LOG4CXX_AUTO_TRACE(logger_); @@ -399,9 +478,13 @@ void PolicyManagerImpl::CheckPermissionsChanges( // to actual values of default section UnwrapAppPolicies(pt_update->policy_table.app_policies_section.apps); + CheckAppPolicyResults out_results; + std::for_each(pt_update->policy_table.app_policies_section.apps.begin(), pt_update->policy_table.app_policies_section.apps.end(), - CheckAppPolicy(this, pt_update, snapshot)); + CheckAppPolicy(this, pt_update, snapshot, out_results)); + + return out_results; } void PolicyManagerImpl::CheckPermissionsChangesAfterUpdate( @@ -420,7 +503,7 @@ void PolicyManagerImpl::PrepareNotificationData( const policy_table::Strings& group_names, const std::vector<FunctionalGroupPermission>& group_permission, Permissions& notification_data) { - LOG4CXX_INFO(logger_, "Preparing data for notification."); + LOG4CXX_AUTO_TRACE(logger_); ProcessFunctionalGroup processor(groups, group_permission, notification_data); std::for_each(group_names.begin(), group_names.end(), processor); } @@ -1555,4 +1638,94 @@ void PolicyManagerImpl::set_access_remote( access_remote_ = access_remote; } +bool PolicyManagerImpl::AppNeedEncryption( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + const auto encryption_required = + cache_->GetAppEncryptionRequiredFlag(policy_app_id); + + return encryption_required.is_initialized() ? *encryption_required : true; +} + +const rpc::Optional<rpc::Boolean> PolicyManagerImpl::GetAppEncryptionRequired( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + return cache_->GetAppEncryptionRequiredFlag(policy_app_id); +} + +const std::vector<std::string> PolicyManagerImpl::GetFunctionalGroupsForApp( + const std::string& policy_app_id) const { + LOG4CXX_AUTO_TRACE(logger_); + using namespace rpc::policy_table_interface_base; + DCHECK(kDeviceId != policy_app_id); + + std::vector<std::string> function_groups; + + ApplicationParams app_policies; + cache_->GetApplicationParams(policy_app_id, app_policies); + + const auto& policy_function_group = app_policies.groups; + + for (const auto& group : policy_function_group) { + function_groups.push_back(group); + } + + return function_groups; +} + +const std::vector<std::string> PolicyManagerImpl::GetApplicationPolicyIDs() + const { + LOG4CXX_AUTO_TRACE(logger_); + std::vector<std::string> policy_app_ids; + + const auto apps = cache_->GetPolicyAppIDs(); + + for (const auto& app : apps) { + policy_app_ids.push_back(app); + } + + return policy_app_ids; +} + +bool PolicyManagerImpl::FunctionGroupNeedEncryption( + const std::string& policy_group) const { + LOG4CXX_AUTO_TRACE(logger_); + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& grouping_itr = functional_groupings.find(policy_group); + if (grouping_itr == functional_groupings.end()) { + LOG4CXX_WARN(logger_, "Group " << policy_group << " not found"); + return false; + } + + const auto& grouping = (*grouping_itr).second; + + return grouping.encryption_required.is_initialized() + ? *grouping.encryption_required + : false; +} + +const std::string PolicyManagerImpl::GetPolicyFunctionName( + const uint32_t function_id) const { + return policy_table::EnumToJsonString( + static_cast<policy_table::FunctionID>(function_id)); +} + +const std::vector<std::string> PolicyManagerImpl::GetRPCsForFunctionGroup( + const std::string& group) const { + std::vector<std::string> rpcs_for_group; + + FunctionalGroupings functional_groupings; + cache_->GetFunctionalGroupings(functional_groupings); + + const auto& rpcs = functional_groupings[group].rpcs; + + for (const auto& rpc : rpcs) { + rpcs_for_group.push_back(rpc.first); + } + + return rpcs_for_group; +} + } // namespace policy |