From edc2d459edc85cc63ee147c96b836230e4b9086f Mon Sep 17 00:00:00 2001 From: jacobkeeler Date: Mon, 27 Apr 2020 14:41:29 -0400 Subject: Add permission checking for all messages to and from mobile --- .../application_manager/commands/command_impl.h | 17 ++++ .../command_notification_from_mobile_impl.h | 1 + .../commands/command_request_impl.h | 12 +-- .../commands/command_request_to_mobile.h | 1 + .../commands/command_response_from_mobile.h | 1 + .../src/commands/command_impl.cc | 107 +++++++++++++++++++++ .../command_notification_from_mobile_impl.cc | 4 + .../src/commands/command_request_impl.cc | 100 +------------------ .../src/commands/command_request_to_mobile.cc | 4 + .../src/commands/command_response_from_mobile.cc | 4 + 10 files changed, 147 insertions(+), 104 deletions(-) diff --git a/src/components/application_manager/include/application_manager/commands/command_impl.h b/src/components/application_manager/include/application_manager/commands/command_impl.h index d57568dd6a..4af7f124fa 100644 --- a/src/components/application_manager/include/application_manager/commands/command_impl.h +++ b/src/components/application_manager/include/application_manager/commands/command_impl.h @@ -161,6 +161,20 @@ class CommandImpl : public Command { static const int32_t protocol_version_; protected: + /** + * @brief Checks message permissions and parameters according to policy table + * permissions + * @param source The source of the command (used to determine if a response + * should be sent on failure) + * @return true if the RPC is allowed, false otherwise + */ + bool CheckAllowedParameters(const Command::CommandSource source); + + /** + * @brief Remove from current message parameters disallowed by policy table + */ + void RemoveDisallowedParameters(); + /** * @brief Parses mobile message and replaces mobile app id with HMI app id * @param message Message to replace its ids @@ -183,6 +197,9 @@ class CommandImpl : public Command { HMICapabilities& hmi_capabilities_; policy::PolicyHandlerInterface& policy_handler_; + CommandParametersPermissions parameters_permissions_; + CommandParametersPermissions removed_parameters_permissions_; + #ifdef ENABLE_LOG static log4cxx::LoggerPtr logger_; #endif // ENABLE_LOG diff --git a/src/components/application_manager/include/application_manager/commands/command_notification_from_mobile_impl.h b/src/components/application_manager/include/application_manager/commands/command_notification_from_mobile_impl.h index e8485a3abc..4a1d6efbc5 100644 --- a/src/components/application_manager/include/application_manager/commands/command_notification_from_mobile_impl.h +++ b/src/components/application_manager/include/application_manager/commands/command_notification_from_mobile_impl.h @@ -50,6 +50,7 @@ class CommandNotificationFromMobileImpl : public CommandImpl { policy::PolicyHandlerInterface& policy_handler); virtual ~CommandNotificationFromMobileImpl(); virtual bool Init(); + bool CheckPermissions() OVERRIDE; virtual bool CleanUp(); virtual void Run(); void SendNotification(); diff --git a/src/components/application_manager/include/application_manager/commands/command_request_impl.h b/src/components/application_manager/include/application_manager/commands/command_request_impl.h index 293366f91a..08b1c9cf28 100644 --- a/src/components/application_manager/include/application_manager/commands/command_request_impl.h +++ b/src/components/application_manager/include/application_manager/commands/command_request_impl.h @@ -236,8 +236,11 @@ class CommandRequestImpl : public CommandImpl, /** * @brief Checks message permissions and parameters according to policy table * permissions + * @param source The source of the command (used to determine if a response + * should be sent on failure) + * @return true if the RPC is allowed, false otherwise */ - bool CheckAllowedParameters(); + bool CheckAllowedParameters(const Command::CommandSource source); /** * @brief Checks HMI capabilities for specified button support @@ -247,11 +250,6 @@ class CommandRequestImpl : public CommandImpl, */ bool CheckHMICapabilities(const mobile_apis::ButtonName::eType button) const; - /** - * @brief Remove from current message parameters disallowed by policy table - */ - void RemoveDisallowedParameters(); - /** * @brief Adds disallowed parameters back to response with appropriate * reasons @@ -375,8 +373,6 @@ class CommandRequestImpl : public CommandImpl, RequestState current_state_; sync_primitives::Lock state_lock_; - CommandParametersPermissions parameters_permissions_; - CommandParametersPermissions removed_parameters_permissions_; /** * @brief hash_update_mode_ Defines whether request must update hash value of diff --git a/src/components/application_manager/include/application_manager/commands/command_request_to_mobile.h b/src/components/application_manager/include/application_manager/commands/command_request_to_mobile.h index 430e549523..6b6dbde141 100644 --- a/src/components/application_manager/include/application_manager/commands/command_request_to_mobile.h +++ b/src/components/application_manager/include/application_manager/commands/command_request_to_mobile.h @@ -51,6 +51,7 @@ class CommandRequestToMobile : public CommandImpl { policy::PolicyHandlerInterface& policy_handler); ~CommandRequestToMobile(); bool Init() OVERRIDE; + bool CheckPermissions() OVERRIDE; bool CleanUp() OVERRIDE; void Run() OVERRIDE; void SendRequest(); diff --git a/src/components/application_manager/include/application_manager/commands/command_response_from_mobile.h b/src/components/application_manager/include/application_manager/commands/command_response_from_mobile.h index 1401888890..f428d8561b 100644 --- a/src/components/application_manager/include/application_manager/commands/command_response_from_mobile.h +++ b/src/components/application_manager/include/application_manager/commands/command_response_from_mobile.h @@ -51,6 +51,7 @@ class CommandResponseFromMobile : public CommandImpl { policy::PolicyHandlerInterface& policy_handler); ~CommandResponseFromMobile(); bool Init() OVERRIDE; + bool CheckPermissions() OVERRIDE; bool CleanUp() OVERRIDE; void Run() OVERRIDE; void SendResponse(); diff --git a/src/components/application_manager/src/commands/command_impl.cc b/src/components/application_manager/src/commands/command_impl.cc index a9fbff5ece..8fa9cbe919 100644 --- a/src/components/application_manager/src/commands/command_impl.cc +++ b/src/components/application_manager/src/commands/command_impl.cc @@ -31,8 +31,10 @@ */ #include "application_manager/commands/command_impl.h" + #include "application_manager/application_impl.h" #include "application_manager/application_manager.h" +#include "application_manager/message_helper.h" namespace application_manager { @@ -119,6 +121,111 @@ void CommandImpl::SetAllowedToTerminate(const bool allowed) { allowed_to_terminate_ = allowed; } +bool CommandImpl::CheckAllowedParameters(const Command::CommandSource source) { + LOG4CXX_AUTO_TRACE(logger_); + + const ApplicationSharedPtr app = + application_manager_.application(connection_key()); + if (!app) { + LOG4CXX_ERROR(logger_, + "There is no registered application with " + "connection key '" + << connection_key() << "'"); + return false; + } + + RPCParams params; + + const smart_objects::SmartObject& s_map = (*message_)[strings::msg_params]; + smart_objects::SmartMap::const_iterator iter = s_map.map_begin(); + smart_objects::SmartMap::const_iterator iter_end = s_map.map_end(); + + for (; iter != iter_end; ++iter) { + LOG4CXX_DEBUG(logger_, "Request's param: " << iter->first); + params.insert(iter->first); + } + + mobile_apis::Result::eType check_result = + mobile_apis::Result::eType::INVALID_ID; + const auto current_window_id = window_id(); + if (app->WindowIdExists(current_window_id)) { + check_result = application_manager_.CheckPolicyPermissions( + app, + current_window_id, + MessageHelper::StringifiedFunctionID( + static_cast(function_id())), + params, + ¶meters_permissions_); + } + + // Check, if RPC is allowed by policy + if (mobile_apis::Result::SUCCESS != check_result) { + mobile_apis::messageType::eType message_type = + static_cast( + (*message_)[strings::params][strings::message_type].asInt()); + if (message_type == mobile_apis::messageType::request && + source == Command::CommandSource::SOURCE_MOBILE) { + smart_objects::SmartObjectSPtr response = + MessageHelper::CreateBlockedByPoliciesResponse( + static_cast(function_id()), + check_result, + correlation_id(), + app->app_id()); + rpc_service_.SendMessageToMobile(response); + } + + return false; + } + + // If no parameters specified in policy table, no restriction will be + // applied for parameters + if (parameters_permissions_.allowed_params.empty() && + parameters_permissions_.disallowed_params.empty() && + parameters_permissions_.undefined_params.empty()) { + return true; + } + + RemoveDisallowedParameters(); + + return true; +} + +void CommandImpl::RemoveDisallowedParameters() { + LOG4CXX_AUTO_TRACE(logger_); + + smart_objects::SmartObject& params = (*message_)[strings::msg_params]; + + for (const auto& key : params.enumerate()) { + if (parameters_permissions_.disallowed_params.end() != + parameters_permissions_.disallowed_params.find(key)) { + // Remove from request all disallowed parameters + params.erase(key); + removed_parameters_permissions_.disallowed_params.insert(key); + LOG4CXX_INFO(logger_, + "Following parameter is disallowed by user: " << key); + } + + else if (removed_parameters_permissions_.undefined_params.end() != + removed_parameters_permissions_.undefined_params.find(key)) { + // Remove from request all undefined yet parameters + params.erase(key); + removed_parameters_permissions_.undefined_params.insert(key); + LOG4CXX_INFO(logger_, + "Following parameter is disallowed by policy: " << key); + } + + else if (parameters_permissions_.allowed_params.end() == + parameters_permissions_.allowed_params.find(key)) { + // Remove from request all parameters missed in allowed + params.erase(key); + removed_parameters_permissions_.undefined_params.insert(key); + LOG4CXX_INFO(logger_, + "Following parameter is not found among allowed parameters '" + << key << "' and will be treated as disallowed."); + } + } +} + bool CommandImpl::ReplaceMobileWithHMIAppId( ns_smart_device_link::ns_smart_objects::SmartObject& message) { LOG4CXX_AUTO_TRACE(logger_); diff --git a/src/components/application_manager/src/commands/command_notification_from_mobile_impl.cc b/src/components/application_manager/src/commands/command_notification_from_mobile_impl.cc index bd4fa58c8f..46c1c87699 100644 --- a/src/components/application_manager/src/commands/command_notification_from_mobile_impl.cc +++ b/src/components/application_manager/src/commands/command_notification_from_mobile_impl.cc @@ -57,6 +57,10 @@ bool CommandNotificationFromMobileImpl::Init() { return true; } +bool CommandNotificationFromMobileImpl::CheckPermissions() { + return CheckAllowedParameters(Command::CommandSource::SOURCE_MOBILE); +} + bool CommandNotificationFromMobileImpl::CleanUp() { return true; } diff --git a/src/components/application_manager/src/commands/command_request_impl.cc b/src/components/application_manager/src/commands/command_request_impl.cc index e9dcd6e4b0..f4a352fdc4 100644 --- a/src/components/application_manager/src/commands/command_request_impl.cc +++ b/src/components/application_manager/src/commands/command_request_impl.cc @@ -222,7 +222,7 @@ bool CommandRequestImpl::Init() { } bool CommandRequestImpl::CheckPermissions() { - return CheckAllowedParameters(); + return CheckAllowedParameters(Command::CommandSource::SOURCE_MOBILE); } bool CommandRequestImpl::CleanUp() { @@ -691,7 +691,8 @@ mobile_apis::Result::eType CommandRequestImpl::GetMobileResultCode( return mobile_result; } -bool CommandRequestImpl::CheckAllowedParameters() { +bool CommandRequestImpl::CheckAllowedParameters( + const Command::CommandSource source) { LOG4CXX_AUTO_TRACE(logger_); // RegisterAppInterface should always be allowed @@ -700,64 +701,7 @@ bool CommandRequestImpl::CheckAllowedParameters() { return true; } - const ApplicationSharedPtr app = - application_manager_.application(connection_key()); - if (!app) { - LOG4CXX_ERROR(logger_, - "There is no registered application with " - "connection key '" - << connection_key() << "'"); - return false; - } - - RPCParams params; - - const smart_objects::SmartObject& s_map = (*message_)[strings::msg_params]; - smart_objects::SmartMap::const_iterator iter = s_map.map_begin(); - smart_objects::SmartMap::const_iterator iter_end = s_map.map_end(); - - for (; iter != iter_end; ++iter) { - LOG4CXX_DEBUG(logger_, "Request's param: " << iter->first); - params.insert(iter->first); - } - - mobile_apis::Result::eType check_result = - mobile_apis::Result::eType::INVALID_ID; - const auto current_window_id = window_id(); - if (app->WindowIdExists(current_window_id)) { - check_result = application_manager_.CheckPolicyPermissions( - app, - current_window_id, - MessageHelper::StringifiedFunctionID( - static_cast(function_id())), - params, - ¶meters_permissions_); - } - - // Check, if RPC is allowed by policy - if (mobile_apis::Result::SUCCESS != check_result) { - smart_objects::SmartObjectSPtr response = - MessageHelper::CreateBlockedByPoliciesResponse( - static_cast(function_id()), - check_result, - correlation_id(), - app->app_id()); - - rpc_service_.SendMessageToMobile(response); - return false; - } - - // If no parameters specified in policy table, no restriction will be - // applied for parameters - if (parameters_permissions_.allowed_params.empty() && - parameters_permissions_.disallowed_params.empty() && - parameters_permissions_.undefined_params.empty()) { - return true; - } - - RemoveDisallowedParameters(); - - return true; + return CommandImpl::CheckAllowedParameters(source); } bool CommandRequestImpl::CheckHMICapabilities( @@ -794,42 +738,6 @@ bool CommandRequestImpl::CheckHMICapabilities( return false; } -void CommandRequestImpl::RemoveDisallowedParameters() { - LOG4CXX_AUTO_TRACE(logger_); - - smart_objects::SmartObject& params = (*message_)[strings::msg_params]; - - for (const auto& key : params.enumerate()) { - if (parameters_permissions_.disallowed_params.end() != - parameters_permissions_.disallowed_params.find(key)) { - // Remove from request all disallowed parameters - params.erase(key); - removed_parameters_permissions_.disallowed_params.insert(key); - LOG4CXX_INFO(logger_, - "Following parameter is disallowed by user: " << key); - } - - else if (removed_parameters_permissions_.undefined_params.end() != - removed_parameters_permissions_.undefined_params.find(key)) { - // Remove from request all undefined yet parameters - params.erase(key); - removed_parameters_permissions_.undefined_params.insert(key); - LOG4CXX_INFO(logger_, - "Following parameter is disallowed by policy: " << key); - } - - else if (parameters_permissions_.allowed_params.end() == - parameters_permissions_.allowed_params.find(key)) { - // Remove from request all parameters missed in allowed - params.erase(key); - removed_parameters_permissions_.undefined_params.insert(key); - LOG4CXX_INFO(logger_, - "Following parameter is not found among allowed parameters '" - << key << "' and will be treated as disallowed."); - } - } -} - void CommandRequestImpl::AddDissalowedParameterToInfoString( std::string& info, const std::string& param) const { // prepare disallowed params enumeration for response info string diff --git a/src/components/application_manager/src/commands/command_request_to_mobile.cc b/src/components/application_manager/src/commands/command_request_to_mobile.cc index e1ed06e887..add58c9973 100644 --- a/src/components/application_manager/src/commands/command_request_to_mobile.cc +++ b/src/components/application_manager/src/commands/command_request_to_mobile.cc @@ -55,6 +55,10 @@ bool CommandRequestToMobile::Init() { return true; } +bool CommandRequestToMobile::CheckPermissions() { + return CheckAllowedParameters(Command::CommandSource::SOURCE_SDL); +} + bool CommandRequestToMobile::CleanUp() { return true; } diff --git a/src/components/application_manager/src/commands/command_response_from_mobile.cc b/src/components/application_manager/src/commands/command_response_from_mobile.cc index dfed65b134..1e31ca8ff5 100644 --- a/src/components/application_manager/src/commands/command_response_from_mobile.cc +++ b/src/components/application_manager/src/commands/command_response_from_mobile.cc @@ -56,6 +56,10 @@ bool CommandResponseFromMobile::Init() { return true; } +bool CommandResponseFromMobile::CheckPermissions() { + return CheckAllowedParameters(Command::CommandSource::SOURCE_MOBILE); +} + bool CommandResponseFromMobile::CleanUp() { return true; } -- cgit v1.2.1