1 /* 2 * Copyright (c) 2023-2025 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef OHOS_DP_TRUST_PROFILE_MANAGER_H 17 #define OHOS_DP_TRUST_PROFILE_MANAGER_H 18 19 #include <map> 20 #include <string> 21 #include <memory> 22 #include <mutex> 23 #include <vector> 24 25 26 #include "access_control_profile.h" 27 #include "irdb_adapter.h" 28 #include "query_profile.h" 29 #include "single_instance.h" 30 #include "trust_device_profile.h" 31 #include "values_bucket.h" 32 33 namespace OHOS { 34 namespace DistributedDeviceProfile { 35 using namespace OHOS::NativeRdb; 36 37 class TrustProfileManager { 38 DECLARE_SINGLE_INSTANCE(TrustProfileManager); 39 40 public: 41 int32_t Init(); 42 int32_t UnInit(); 43 int32_t PutTrustDeviceProfile(const TrustDeviceProfile& profile); 44 int32_t PutAccessControlProfile(const AccessControlProfile& profile); 45 int32_t UpdateTrustDeviceProfile(const TrustDeviceProfile& profile); 46 int32_t UpdateAccessControlProfile(const AccessControlProfile& profile); 47 int32_t GetTrustDeviceProfile(const std::string& deviceId, TrustDeviceProfile& profile); 48 int32_t GetAllTrustDeviceProfile(std::vector<TrustDeviceProfile>& profile); 49 int32_t GetAllAccessControlProfile(std::vector<AccessControlProfile>& profiles); 50 int32_t GetAllAclIncludeLnnAcl(std::vector<AccessControlProfile>& profiles); 51 int32_t GetAccessControlProfile(const std::map<std::string, std::string>& params, 52 std::vector<AccessControlProfile>& profile); 53 int32_t DeleteTrustDeviceProfile(const std::string& deviceId); 54 int32_t DeleteAccessControlProfile(int64_t accessControlId); 55 56 private: 57 int32_t CreateTable(); 58 int32_t CreateUniqueIndex(); 59 bool CheckForWardByAcerAndAcee(const QueryProfile& queryProfile, const AccessControlProfile& aclProfile); 60 bool CheckReverseByAcerAndAcee(const QueryProfile& queryProfile, const AccessControlProfile& aclProfile); 61 bool CheckForWardByAcer(const QueryProfile& queryProfile, const AccessControlProfile& aclProfile); 62 bool CheckReverseByAcer(const QueryProfile& queryProfile, const AccessControlProfile& aclProfile); 63 int32_t GetAccessControlProfile(const QueryType& queryType, 64 const QueryProfile& queryProfile, std::vector<AccessControlProfile>& profile); 65 bool GenerateQueryProfile(const std::map<std::string, std::string>& params, 66 QueryType& queryType, QueryProfile& queryProfile); 67 int32_t GetAllAccessControlProfiles(std::vector<AccessControlProfile>& profiles); 68 int32_t GetAccessControlProfile(const std::string& bundleName, int32_t bindType, 69 int32_t status, std::vector<AccessControlProfile>& profile); 70 int32_t GetAccessControlProfile(const std::string& bundleName, 71 const std::string& trustDeviceId, int32_t status, std::vector<AccessControlProfile>& profile); 72 int32_t GetAccessControlProfile(int32_t userId, const std::string& bundleName, 73 int32_t bindType, int32_t status, std::vector<AccessControlProfile>& profile); 74 int32_t GetAccessControlProfile(int32_t userId, const std::string& bundleName, 75 const std::string& trustDeviceId, int32_t status, std::vector<AccessControlProfile>& profile); 76 int32_t GetAccessControlProfile(int32_t userId, const std::string& accountId, 77 std::vector<AccessControlProfile>& profile); 78 int32_t GetAccessControlProfile(int32_t userId, std::vector<AccessControlProfile>& profile); 79 void GetAclByAcerTokenId(const QueryProfile& queryProfile, 80 const std::vector<AccessControlProfile>& aclProfiles, std::vector<AccessControlProfile>& profile); 81 void GetAclByAcerAndAceeTokenId(const QueryProfile& queryProfile, 82 const std::vector<AccessControlProfile>& aclProfiles, std::vector<AccessControlProfile>& profile); 83 int32_t GetAccessControlProfileByTokenId(int64_t tokenId, const std::string& trustDeviceId, 84 int32_t status, std::vector<AccessControlProfile>& profile); 85 int32_t GetAclProfileByUserIdAndBundleName(std::shared_ptr<ResultSet> resultSet, 86 int32_t userId, const std::string& bundleName, std::vector<AccessControlProfile>& profile); 87 int32_t GetAclProfileByUserIdAndAccountId(std::shared_ptr<ResultSet> resultSet, int64_t accesserId, 88 int64_t accesseeId, int32_t userId, const std::string& accountId, std::vector<AccessControlProfile>& profile); 89 int32_t GetAclProfileByTokenId(std::shared_ptr<ResultSet> resultSet, const std::string& trustDeviceId, 90 int64_t tokenId, std::vector<AccessControlProfile>& profile); 91 int32_t GetAclProfileByBundleName(std::shared_ptr<ResultSet> resultSet, 92 const std::string& bundleName, std::vector<AccessControlProfile>& profile); 93 int32_t PutAccesserProfile(const AccessControlProfile& profile); 94 int32_t PutAccesseeProfile(const AccessControlProfile& profile); 95 int32_t SetAccessControlId(AccessControlProfile& profile); 96 int32_t SetAccesserId(AccessControlProfile& profile); 97 int32_t SetAccesseeId(AccessControlProfile& profile); 98 int32_t UpdateAccesserProfile(const AccessControlProfile& profile); 99 int32_t UpdateAccesseeProfile(const AccessControlProfile& profile); 100 int32_t UpdateTrustDeviceProfileNotify(const TrustDeviceProfile& oldProfile, 101 const TrustDeviceProfile& newProfile); 102 int32_t GetResultStatus(const std::string& trustDeviceId, int32_t& trustDeviceStatus); 103 int32_t GetAccessControlProfile(std::shared_ptr<ResultSet> resultSet, 104 int64_t accesserId, int64_t accesseeId, std::vector<AccessControlProfile>& profile); 105 int32_t GetAccessControlProfilesByDeviceId(std::shared_ptr<ResultSet> resultSet, int64_t accesserId, 106 int64_t accesseeId, const std::string& trustDeviceId, std::vector<AccessControlProfile>& profile); 107 int32_t DeleteAccessControlProfileCheck(AccessControlProfile& profile); 108 std::shared_ptr<ResultSet> GetResultSet(const std::string& sql, std::vector<ValueObject> condition); 109 int32_t SetAccessControlProfileId(AccessControlProfile& accessControlProfile); 110 int32_t GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet, int64_t accesserId, 111 int64_t accesseeId, int32_t userId, std::vector<AccessControlProfile>& profile); 112 int32_t GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet, 113 int64_t accesserId, int64_t accesseeId, int32_t userId, const std::string& bundleName, 114 std::vector<AccessControlProfile>& profile); 115 int32_t GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet, int64_t accesserId, 116 int64_t accesseeId, const std::string& bundleName, std::vector<AccessControlProfile>& profile); 117 int32_t GetAccessControlProfilesByTokenId(std::shared_ptr<ResultSet> resultSet, int64_t accesserId, 118 int64_t accesseeId, const std::string& trustDeviceId, int64_t tokenId, 119 std::vector<AccessControlProfile>& profile); 120 int32_t DeleteAccesserCheck(int64_t accesserId, Accesser& accesser); 121 int32_t DeleteAccesseeCheck(int64_t accesseeId, Accessee& accessee); 122 int32_t DeleteTrustDeviceCheck(const AccessControlProfile& profile); 123 int32_t UpdateAclCheck(const AccessControlProfile& profile, AccessControlProfile& oldProfile); 124 int32_t PutAclCheck(const AccessControlProfile& profile, bool peerDevInfoExists); 125 int32_t IsAclExists(const AccessControlProfile& profile); 126 int32_t CheckDeviceIdAndUserIdActive(const AccessControlProfile& profile, int32_t& resultCount); 127 int32_t CheckDeviceIdAndUserIdExists(const AccessControlProfile& profile, bool& isExists); 128 int32_t NotifyCheck(const AccessControlProfile& profile, const AccessControlProfile& oldProfile); 129 void RemoveLnnAcl(std::vector<AccessControlProfile>& profiles); 130 bool IsLnnAcl(const AccessControlProfile& aclProfile); 131 bool IsAceeCreIdExistToAceeTable(); 132 int32_t AddAceeCreIdColumnToAceeTable(); 133 134 private: 135 std::shared_ptr<IRdbAdapter> rdbStore_; 136 std::mutex aclMutex_; 137 std::mutex rdbMutex_; 138 }; 139 140 } // namespace DistributedDeviceProfile 141 } // namespace OHOS 142 143 #endif // OHOS_DP_TRUST_PROFILE_MANAGER_H 144