1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "deviceprofile_connector.h"
17 #include "dm_anonymous.h"
18 #include "dm_constants.h"
19
20 #include "dm_log.h"
21 #include "dm_softbus_adapter_crypto.h"
22 #include "multiple_user_connector.h"
23
24 #include "distributed_device_profile_client.h"
25 using namespace OHOS::DistributedDeviceProfile;
26
27 namespace OHOS {
28 namespace DistributedHardware {
29 IMPLEMENT_SINGLE_INSTANCE(DeviceProfileConnector);
GetAccessControlProfile()30 std::vector<AccessControlProfile> DeviceProfileConnector::GetAccessControlProfile()
31 {
32 LOGI("GetAccessControlProfile start.");
33 std::vector<AccessControlProfile> profiles;
34 std::map<std::string, std::string> queryParams;
35 int32_t userId = MultipleUserConnector::GetCurrentAccountUserID();
36 queryParams["userId"] = std::to_string(userId);
37 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
38 LOGE("DP GetAccessControlProfile failed.");
39 }
40 return profiles;
41 }
42
GetAppTrustDeviceList(const std::string & pkgName,const std::string & deviceId)43 std::map<std::string, DmAuthForm> DeviceProfileConnector::GetAppTrustDeviceList(const std::string &pkgName,
44 const std::string &deviceId)
45 {
46 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
47 LOGI("DeviceProfileConnector::GetAppTrustDeviceList, AccessControlProfile size is %d.", profiles.size());
48 std::map<std::string, DmAuthForm> deviceIdMap;
49 for (auto &item : profiles) {
50 std::string trustDeviceId = item.GetTrustDeviceId();
51 if (trustDeviceId == deviceId || item.GetStatus() != ACTIVE) {
52 continue;
53 }
54 DmDiscoveryInfo discoveryInfo = {pkgName, deviceId};
55 int32_t bindType = HandleDmAuthForm(item, discoveryInfo);
56 if (bindType == DmAuthForm::INVALID_TYPE) {
57 continue;
58 }
59 if (deviceIdMap.find(trustDeviceId) == deviceIdMap.end()) {
60 deviceIdMap[trustDeviceId] = static_cast<DmAuthForm>(bindType);
61 continue;
62 }
63 DmAuthForm authForm = deviceIdMap.at(trustDeviceId);
64 if (bindType == authForm) {
65 continue;
66 }
67 if (bindType == DmAuthForm::IDENTICAL_ACCOUNT) {
68 deviceIdMap[trustDeviceId] = DmAuthForm::IDENTICAL_ACCOUNT;
69 continue;
70 }
71 if (bindType == DmAuthForm::PEER_TO_PEER && authForm == DmAuthForm::ACROSS_ACCOUNT) {
72 deviceIdMap[trustDeviceId] = DmAuthForm::PEER_TO_PEER;
73 continue;
74 }
75 }
76 LOGI("GetAppTrustDeviceList size is %d.", deviceIdMap.size());
77 return deviceIdMap;
78 }
79
GetDeviceAclParam(DmDiscoveryInfo discoveryInfo,bool & isOnline,int32_t & authForm)80 int32_t DeviceProfileConnector::GetDeviceAclParam(DmDiscoveryInfo discoveryInfo, bool &isOnline, int32_t &authForm)
81 {
82 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
83 LOGI("DeviceProfileConnector::GetDeviceAclParam, AccessControlProfile size is %d.", profiles.size());
84 if (profiles.size() == 0) {
85 return DM_OK;
86 }
87 std::vector<int32_t> bindTypes;
88 for (auto &item : profiles) {
89 char deviceIdHash[DM_MAX_DEVICE_ID_LEN] = {0};
90 if (DmSoftbusAdapterCrypto::GetUdidHash(item.GetTrustDeviceId(), reinterpret_cast<uint8_t *>(deviceIdHash)) !=
91 DM_OK) {
92 LOGE("get deviceIdHash by deviceId: %s failed.", GetAnonyString(deviceIdHash).c_str());
93 return ERR_DM_FAILED;
94 }
95 if (static_cast<std::string>(deviceIdHash) != discoveryInfo.remoteDeviceIdHash || item.GetStatus() != ACTIVE) {
96 continue;
97 }
98 int32_t bindType = HandleDmAuthForm(item, discoveryInfo);
99 if (bindType == DmAuthForm::INVALID_TYPE) {
100 continue;
101 }
102 bindTypes.push_back(bindType);
103 }
104 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::IDENTICAL_ACCOUNT) > 0) {
105 isOnline = true;
106 authForm = DmAuthForm::IDENTICAL_ACCOUNT;
107 LOGI("GetDeviceAclParam, The found device is identical account device bind type.");
108 return DM_OK;
109 }
110 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::PEER_TO_PEER) > 0) {
111 isOnline = true;
112 authForm = DmAuthForm::PEER_TO_PEER;
113 LOGI("GetDeviceAclParam, The found device is peer-to-peer device bind-level.");
114 return DM_OK;
115 }
116 if (std::count(bindTypes.begin(), bindTypes.end(), DmAuthForm::ACROSS_ACCOUNT) > 0) {
117 isOnline = true;
118 authForm = DmAuthForm::ACROSS_ACCOUNT;
119 LOGI("GetDeviceAclParam, The found device is across-account device bind-level.");
120 return DM_OK;
121 }
122 authForm = DmAuthForm::INVALID_TYPE;
123 return DM_OK;
124 }
125
HandleDmAuthForm(AccessControlProfile profiles,DmDiscoveryInfo discoveryInfo)126 int32_t DeviceProfileConnector::HandleDmAuthForm(AccessControlProfile profiles, DmDiscoveryInfo discoveryInfo)
127 {
128 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
129 LOGI("The found device is identical account device bind type.");
130 return DmAuthForm::IDENTICAL_ACCOUNT;
131 }
132 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
133 if (profiles.GetBindLevel() == DEVICE) {
134 LOGI("The found device is peer-to-peer device bind-level.");
135 return DmAuthForm::PEER_TO_PEER;
136 }
137 if (profiles.GetBindLevel() == APP) {
138 if (discoveryInfo.pkgname == profiles.GetAccesser().GetAccesserBundleName() &&
139 discoveryInfo.localDeviceId == profiles.GetAccesser().GetAccesserDeviceId()) {
140 LOGI("The found device is peer-to-peer app bind-level.");
141 return DmAuthForm::PEER_TO_PEER;
142 }
143 if (discoveryInfo.pkgname == profiles.GetAccessee().GetAccesseeBundleName() &&
144 discoveryInfo.localDeviceId == profiles.GetAccessee().GetAccesseeDeviceId()) {
145 LOGI("The found device is peer-to-peer app bind-level.");
146 return DmAuthForm::PEER_TO_PEER;
147 }
148 }
149 }
150 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
151 if (profiles.GetBindLevel() == DEVICE) {
152 LOGI("The found device is across-account device bind-level.");
153 return DmAuthForm::ACROSS_ACCOUNT;
154 }
155 if (profiles.GetBindLevel() == APP) {
156 if (discoveryInfo.pkgname == profiles.GetAccesser().GetAccesserBundleName() &&
157 discoveryInfo.localDeviceId == profiles.GetAccesser().GetAccesserDeviceId()) {
158 LOGI("The found device is across-account app bind-level.");
159 return DmAuthForm::ACROSS_ACCOUNT;
160 }
161 if (discoveryInfo.pkgname == profiles.GetAccessee().GetAccesseeBundleName() &&
162 discoveryInfo.localDeviceId == profiles.GetAccessee().GetAccesseeDeviceId()) {
163 LOGI("The found device is across-account app bind-level.");
164 return DmAuthForm::ACROSS_ACCOUNT;
165 }
166 }
167 }
168 return DmAuthForm::INVALID_TYPE;
169 }
170
CheckBindType(std::string trustDeviceId,std::string requestDeviceId)171 uint32_t DeviceProfileConnector::CheckBindType(std::string trustDeviceId, std::string requestDeviceId)
172 {
173 LOGI("CheckBindType start.");
174 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
175 LOGI("AccessControlProfile size is %d.", profiles.size());
176 uint32_t highestPriority = INVALIED_TYPE;
177 for (auto &item : profiles) {
178 if (trustDeviceId != item.GetTrustDeviceId() || item.GetStatus() != ACTIVE) {
179 continue;
180 }
181 uint32_t priority = INVALIED_TYPE;
182 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
183 priority = IDENTICAL_ACCOUNT_TYPE;
184 } else if (item.GetBindLevel() == DEVICE) {
185 priority = DEVICE_PEER_TO_PEER_TYPE;
186 } else if (item.GetBindLevel() == APP && (item.GetAccesser().GetAccesserDeviceId() == requestDeviceId &&
187 item.GetAccessee().GetAccesseeDeviceId() == trustDeviceId)) {
188 priority = APP_PEER_TO_PEER_TYPE;
189 } else if (item.GetBindLevel() == APP && (item.GetAccessee().GetAccesseeDeviceId() == requestDeviceId &&
190 item.GetAccesser().GetAccesserDeviceId() == trustDeviceId)) {
191 priority = APP_PEER_TO_PEER_TYPE;
192 }
193 if (priority > highestPriority) {
194 highestPriority = priority;
195 }
196 }
197 return highestPriority;
198 }
199
GetBindTypeByPkgName(std::string pkgName,std::string requestDeviceId,std::string trustUdid)200 std::vector<int32_t> DeviceProfileConnector::GetBindTypeByPkgName(std::string pkgName, std::string requestDeviceId,
201 std::string trustUdid)
202 {
203 LOGI("GetBindTypeByPkgName start.");
204 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
205 LOGI("AccessControlProfile size is %d.", profiles.size());
206 std::vector<int32_t> bindTypeVec;
207 for (auto &item : profiles) {
208 if (trustUdid != item.GetTrustDeviceId() || item.GetStatus() != ACTIVE) {
209 continue;
210 }
211 GetParamBindTypeVec(item, pkgName, requestDeviceId, bindTypeVec);
212 }
213 return bindTypeVec;
214 }
215
GetParamBindTypeVec(AccessControlProfile profiles,std::string pkgName,std::string requestDeviceId,std::vector<int32_t> & bindTypeVec)216 void DeviceProfileConnector::GetParamBindTypeVec(AccessControlProfile profiles, std::string pkgName,
217 std::string requestDeviceId, std::vector<int32_t> &bindTypeVec)
218 {
219 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
220 bindTypeVec.push_back(IDENTICAL_ACCOUNT_TYPE);
221 }
222 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
223 if (profiles.GetBindLevel() == DEVICE) {
224 bindTypeVec.push_back(DEVICE_PEER_TO_PEER_TYPE);
225 }
226 if (profiles.GetBindLevel() == APP) {
227 if (profiles.GetAccesser().GetAccesserBundleName() == pkgName &&
228 profiles.GetAccesser().GetAccesserDeviceId() == requestDeviceId) {
229 bindTypeVec.push_back(APP_PEER_TO_PEER_TYPE);
230 }
231 if ((profiles.GetAccessee().GetAccesseeBundleName() == pkgName &&
232 profiles.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
233 bindTypeVec.push_back(APP_PEER_TO_PEER_TYPE);
234 }
235 }
236 }
237 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
238 if (profiles.GetBindLevel() == DEVICE) {
239 bindTypeVec.push_back(DEVICE_ACROSS_ACCOUNT_TYPE);
240 }
241 if (profiles.GetBindLevel() == APP) {
242 if (profiles.GetAccesser().GetAccesserBundleName() == pkgName &&
243 profiles.GetAccesser().GetAccesserDeviceId() == requestDeviceId) {
244 bindTypeVec.push_back(APP_ACROSS_ACCOUNT_TYPE);
245 }
246 if ((profiles.GetAccessee().GetAccesseeBundleName() == pkgName &&
247 profiles.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
248 bindTypeVec.push_back(APP_ACROSS_ACCOUNT_TYPE);
249 }
250 }
251 }
252 }
253
CompareBindType(std::vector<AccessControlProfile> profiles,std::string pkgName,std::vector<int32_t> & sinkBindType,std::string localDeviceId,std::string targetDeviceId)254 std::vector<int32_t> DeviceProfileConnector::CompareBindType(std::vector<AccessControlProfile> profiles,
255 std::string pkgName, std::vector<int32_t> &sinkBindType, std::string localDeviceId, std::string targetDeviceId)
256 {
257 std::vector<int32_t> bindTypeIndex;
258 for (uint32_t index = 0; index < profiles.size(); index++) {
259 if (profiles[index].GetTrustDeviceId() != targetDeviceId || profiles[index].GetStatus() != ACTIVE) {
260 continue;
261 }
262 DmDiscoveryInfo paramInfo = {
263 .pkgname = pkgName,
264 .localDeviceId = localDeviceId,
265 };
266 ProcessBindType(profiles[index], paramInfo, sinkBindType, bindTypeIndex, index);
267 }
268 return bindTypeIndex;
269 }
270
ProcessBindType(AccessControlProfile profiles,DmDiscoveryInfo paramInfo,std::vector<int32_t> & sinkBindType,std::vector<int32_t> & bindTypeIndex,uint32_t index)271 void DeviceProfileConnector::ProcessBindType(AccessControlProfile profiles, DmDiscoveryInfo paramInfo,
272 std::vector<int32_t> &sinkBindType, std::vector<int32_t> &bindTypeIndex, uint32_t index)
273 {
274 if (profiles.GetBindType() == DM_IDENTICAL_ACCOUNT) {
275 sinkBindType.push_back(IDENTICAL_ACCOUNT_TYPE);
276 bindTypeIndex.push_back(index);
277 }
278 if (profiles.GetBindType() == DM_POINT_TO_POINT) {
279 if (profiles.GetBindLevel() == DEVICE) {
280 sinkBindType.push_back(DEVICE_PEER_TO_PEER_TYPE);
281 bindTypeIndex.push_back(index);
282 }
283 if (profiles.GetBindLevel() == APP) {
284 if (profiles.GetAccesser().GetAccesserBundleName() == paramInfo.pkgname &&
285 profiles.GetAccesser().GetAccesserDeviceId() == paramInfo.localDeviceId) {
286 sinkBindType.push_back(APP_PEER_TO_PEER_TYPE);
287 bindTypeIndex.push_back(index);
288 }
289 if (profiles.GetAccessee().GetAccesseeBundleName() == paramInfo.pkgname &&
290 profiles.GetAccessee().GetAccesseeDeviceId() == paramInfo.localDeviceId) {
291 sinkBindType.push_back(APP_PEER_TO_PEER_TYPE);
292 bindTypeIndex.push_back(index);
293 }
294 }
295 }
296 if (profiles.GetBindType() == DM_ACROSS_ACCOUNT) {
297 if (profiles.GetBindLevel() == DEVICE) {
298 sinkBindType.push_back(DEVICE_ACROSS_ACCOUNT_TYPE);
299 bindTypeIndex.push_back(index);
300 }
301 if (profiles.GetBindLevel() == APP) {
302 if (profiles.GetAccesser().GetAccesserBundleName() == paramInfo.pkgname &&
303 profiles.GetAccesser().GetAccesserDeviceId() == paramInfo.localDeviceId) {
304 sinkBindType.push_back(APP_ACROSS_ACCOUNT_TYPE);
305 bindTypeIndex.push_back(index);
306 }
307 if (profiles.GetAccessee().GetAccesseeBundleName() == paramInfo.pkgname &&
308 profiles.GetAccessee().GetAccesseeDeviceId() == paramInfo.localDeviceId) {
309 sinkBindType.push_back(APP_ACROSS_ACCOUNT_TYPE);
310 bindTypeIndex.push_back(index);
311 }
312 }
313 }
314 }
315
SyncAclByBindType(std::string pkgName,std::vector<int32_t> bindTypeVec,std::string localDeviceId,std::string targetDeviceId)316 std::vector<int32_t> DeviceProfileConnector::SyncAclByBindType(std::string pkgName, std::vector<int32_t> bindTypeVec,
317 std::string localDeviceId, std::string targetDeviceId)
318 {
319 LOGI("SyncAclByBindType start.");
320 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
321 LOGI("AccessControlProfile size is %d.", profiles.size());
322 std::vector<int32_t> sinkBindType;
323 std::vector<int32_t> bindType;
324 std::vector<int32_t> bindTypeIndex =
325 CompareBindType(profiles, pkgName, sinkBindType, localDeviceId, targetDeviceId);
326 for (uint32_t sinkIndex = 0; sinkIndex < sinkBindType.size(); sinkIndex++) {
327 bool deleteAclFlag = true;
328 for (uint32_t srcIndex = 0; srcIndex < bindTypeVec.size(); srcIndex++) {
329 if (sinkBindType[sinkIndex] == bindTypeVec[srcIndex]) {
330 deleteAclFlag = false;
331 bindType.push_back(bindTypeVec[sinkIndex]);
332 }
333 }
334 if (deleteAclFlag) {
335 int32_t deleteIndex = profiles[bindTypeIndex[sinkIndex]].GetAccessControlId();
336 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(deleteIndex);
337 }
338 }
339 return bindType;
340 }
341
GetPkgNameFromAcl(std::string & localDeviceId,std::string & targetDeviceId)342 std::vector<std::string> DeviceProfileConnector::GetPkgNameFromAcl(std::string &localDeviceId,
343 std::string &targetDeviceId)
344 {
345 LOGI("GetPkgNameFromAcl start.");
346 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
347 LOGI("AccessControlProfile size is %d.", profiles.size());
348 std::vector<std::string> pkgNameVec;
349 for (auto &item : profiles) {
350 if (item.GetTrustDeviceId() != targetDeviceId || item.GetStatus() != ACTIVE) {
351 continue;
352 }
353 if ((item.GetAccesser().GetAccesserDeviceId() == localDeviceId &&
354 item.GetAccessee().GetAccesseeDeviceId() == targetDeviceId) ||
355 (item.GetAccesser().GetAccesserDeviceId() == targetDeviceId &&
356 item.GetAccessee().GetAccesseeDeviceId() == localDeviceId)) {
357 pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
358 }
359 }
360 return pkgNameVec;
361 }
362
GetOfflineParamFromAcl(std::string trustDeviceId,std::string requestDeviceId)363 DmOfflineParam DeviceProfileConnector::GetOfflineParamFromAcl(std::string trustDeviceId, std::string requestDeviceId)
364 {
365 LOGI("DeviceProfileConnector::GetOfflineParamFromAcl, trustDeviceId = %s and requestDeviceId = %s",
366 GetAnonyString(trustDeviceId).c_str(), GetAnonyString(requestDeviceId).c_str());
367 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
368 LOGI("AccessControlProfile size is %d.", profiles.size());
369 DmOfflineParam offlineParam;
370 offlineParam.leftAclNumber = 0;
371 offlineParam.bindType = INVALIED_TYPE;
372 for (auto &item : profiles) {
373 if (item.GetTrustDeviceId() != trustDeviceId || item.GetStatus() != ACTIVE) {
374 continue;
375 }
376 offlineParam.leftAclNumber++;
377 uint32_t priority = INVALIED_TYPE;
378 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
379 priority = IDENTICAL_ACCOUNT_TYPE;
380 } else if (item.GetBindLevel() == DEVICE && item.GetAuthenticationType() == ALLOW_AUTH_ALWAYS) {
381 priority = DEVICE_PEER_TO_PEER_TYPE;
382 } else if (item.GetBindLevel() == DEVICE && item.GetAuthenticationType() == ALLOW_AUTH_ONCE) {
383 priority = DEVICE_PEER_TO_PEER_TYPE;
384 offlineParam.pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
385 } else if ((item.GetAccesser().GetAccesserDeviceId() == requestDeviceId &&
386 item.GetAccessee().GetAccesseeDeviceId() == trustDeviceId) ||
387 (item.GetAccesser().GetAccesserDeviceId() == trustDeviceId &&
388 item.GetAccessee().GetAccesseeDeviceId() == requestDeviceId)) {
389 priority = APP_PEER_TO_PEER_TYPE;
390 offlineParam.pkgNameVec.push_back(item.GetAccesser().GetAccesserBundleName());
391 }
392 if (priority > offlineParam.bindType) {
393 offlineParam.bindType = priority;
394 }
395 }
396 return offlineParam;
397 }
398
PutAccessControlList(DmAclInfo aclInfo,DmAccesser dmAccesser,DmAccessee dmAccessee)399 int32_t DeviceProfileConnector::PutAccessControlList(DmAclInfo aclInfo, DmAccesser dmAccesser, DmAccessee dmAccessee)
400 {
401 LOGI("DeviceProfileConnector::PutAccessControlList start.");
402 Accesser accesser;
403 accesser.SetAccesserDeviceId(dmAccesser.requestDeviceId);
404 accesser.SetAccesserUserId(dmAccesser.requestUserId);
405 accesser.SetAccesserAccountId(dmAccesser.requestAccountId);
406 accesser.SetAccesserTokenId(dmAccesser.requestTokenId);
407 accesser.SetAccesserBundleName(dmAccesser.requestBundleName);
408 Accessee accessee;
409 accessee.SetAccesseeDeviceId(dmAccessee.trustDeviceId);
410 accessee.SetAccesseeUserId(dmAccessee.trustUserId);
411 accessee.SetAccesseeAccountId(dmAccessee.trustAccountId);
412 accessee.SetAccesseeTokenId(dmAccessee.trustTokenId);
413 accessee.SetAccesseeBundleName(dmAccessee.trustBundleName);
414 AccessControlProfile profile;
415 profile.SetBindType(aclInfo.bindType);
416 profile.SetBindLevel(aclInfo.bindLevel);
417 profile.SetStatus(ACTIVE);
418 profile.SetTrustDeviceId(aclInfo.trustDeviceId);
419 profile.SetDeviceIdType((int32_t)DeviceIdType::UDID);
420 profile.SetDeviceIdHash(aclInfo.deviceIdHash);
421 profile.SetAuthenticationType(aclInfo.authenticationType);
422 profile.SetAccessee(accessee);
423 profile.SetAccesser(accesser);
424 if (DistributedDeviceProfileClient::GetInstance().PutAccessControlProfile(profile) != DM_OK) {
425 LOGE("PutAccessControlProfile failed.");
426 return ERR_DM_FAILED;
427 }
428 return DM_OK;
429 }
430
DeleteAccessControlList(int32_t userId,std::string & accountId)431 int32_t DeviceProfileConnector::DeleteAccessControlList(int32_t userId, std::string &accountId)
432 {
433 LOGI("DeleteAccessControlList by userId and accountId.");
434 std::vector<AccessControlProfile> profiles;
435 std::map<std::string, std::string> queryParams;
436 queryParams["userId"] = std::to_string(userId);
437 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
438 LOGE("DP GetAccessControlProfile failed.");
439 }
440 LOGI("AccessControlProfile size is %d.", profiles.size());
441 for (auto &item : profiles) {
442 LOGI("AccessControlProfile bindType is : %d.", item.GetBindType());
443 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
444 }
445 return DM_OK;
446 }
447
DeleteAccessControlList(std::string pkgName,std::string localDeviceId,std::string remoteDeviceId)448 DmOfflineParam DeviceProfileConnector::DeleteAccessControlList(std::string pkgName, std::string localDeviceId,
449 std::string remoteDeviceId)
450 {
451 LOGI("DeleteAccessControlList by pkgName, localDeviceId, remoteDeviceId.");
452 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
453 LOGI("AccessControlProfile size is %d.", profiles.size());
454 DmOfflineParam offlineParam;
455 offlineParam.bindType = INVALIED_TYPE;
456 offlineParam.leftAclNumber = 0;
457 for (auto &item : profiles) {
458 if (item.GetTrustDeviceId() != remoteDeviceId || item.GetStatus() != ACTIVE) {
459 continue;
460 }
461 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT) {
462 LOGE("Identical account forbid unbind.");
463 offlineParam.bindType = INVALIED_TYPE;
464 return offlineParam;
465 }
466 if (item.GetTrustDeviceId() == remoteDeviceId) {
467 offlineParam.leftAclNumber++;
468 if (item.GetBindLevel() == DEVICE && item.GetBindType() != DM_IDENTICAL_ACCOUNT &&
469 item.GetAccesser().GetAccesserBundleName() == pkgName) {
470 LOGI("DeleteAccessControlList device unbind.");
471 offlineParam.bindType = DEVICE_PEER_TO_PEER_TYPE;
472 }
473 }
474 }
475 for (auto &item : profiles) {
476 if (item.GetTrustDeviceId() != remoteDeviceId || item.GetStatus() != ACTIVE) {
477 continue;
478 }
479 if ((item.GetAccesser().GetAccesserDeviceId() == localDeviceId &&
480 item.GetAccessee().GetAccesseeDeviceId() == remoteDeviceId) ||
481 (item.GetAccessee().GetAccesseeDeviceId() == localDeviceId &&
482 item.GetAccesser().GetAccesserDeviceId() == remoteDeviceId)) {
483 if (offlineParam.bindType == DEVICE_PEER_TO_PEER_TYPE) {
484 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
485 offlineParam.leftAclNumber--;
486 } else if (item.GetAccesser().GetAccesserBundleName() == pkgName &&
487 item.GetAccessee().GetAccesseeBundleName() == pkgName) {
488 offlineParam.bindType = APP_PEER_TO_PEER_TYPE;
489 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
490 offlineParam.leftAclNumber--;
491 break;
492 }
493 }
494 }
495 return offlineParam;
496 }
497
UpdateAccessControlList(int32_t userId,std::string & oldAccountId,std::string & newAccountId)498 int32_t DeviceProfileConnector::UpdateAccessControlList(int32_t userId, std::string &oldAccountId,
499 std::string &newAccountId)
500 {
501 LOGI("UpdateAccessControlList by userId and accountId.");
502 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
503 LOGI("AccessControlProfile size is %d.", profiles.size());
504 for (auto &item : profiles) {
505 if ((item.GetAccesser().GetAccesserUserId() == userId &&
506 item.GetAccesser().GetAccesserAccountId() == oldAccountId) ||
507 (item.GetAccessee().GetAccesseeUserId() == userId &&
508 item.GetAccessee().GetAccesseeAccountId() == oldAccountId)) {
509 item.SetStatus(INACTIVE);
510 DistributedDeviceProfileClient::GetInstance().UpdateAccessControlProfile(item);
511 }
512 if ((item.GetAccesser().GetAccesserUserId() == userId &&
513 item.GetAccesser().GetAccesserAccountId() == newAccountId) ||
514 (item.GetAccessee().GetAccesseeUserId() == userId &&
515 item.GetAccessee().GetAccesseeAccountId() == newAccountId)) {
516 item.SetStatus(ACTIVE);
517 DistributedDeviceProfileClient::GetInstance().UpdateAccessControlProfile(item);
518 }
519 }
520 return DM_OK;
521 }
522
CheckIdenticalAccount(int32_t userId,const std::string & accountId)523 bool DeviceProfileConnector::CheckIdenticalAccount(int32_t userId, const std::string &accountId)
524 {
525 LOGI("DeviceProfileConnector::CheckIdenticalAccount");
526 std::vector<AccessControlProfile> profiles;
527 std::map<std::string, std::string> queryParams;
528 queryParams["userId"] = std::to_string(userId);
529 queryParams["accountId"] = accountId;
530 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
531 LOGE("DP GetAccessControlProfile failed.");
532 }
533 for (auto &item : profiles) {
534 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT && item.GetStatus() == ACTIVE) {
535 return true;
536 }
537 }
538 return false;
539 }
DeleteP2PAccessControlList(int32_t userId,std::string & accountId)540 int32_t DeviceProfileConnector::DeleteP2PAccessControlList(int32_t userId, std::string &accountId)
541 {
542 LOGI("DeviceProfileConnector::DeleteP2PAccessControlList");
543 std::vector<AccessControlProfile> profiles;
544 std::map<std::string, std::string> queryParams;
545 queryParams["userId"] = std::to_string(userId);
546 queryParams["accountId"] = accountId;
547 if (DistributedDeviceProfileClient::GetInstance().GetAccessControlProfile(queryParams, profiles) != DM_OK) {
548 LOGE("DP GetAccessControlProfile failed.");
549 }
550 for (auto &item : profiles) {
551 if (item.GetBindType() == DM_IDENTICAL_ACCOUNT || item.GetStatus() != ACTIVE) {
552 continue;
553 }
554 if ((item.GetAccesser().GetAccesserUserId() == userId &&
555 item.GetAccesser().GetAccesserAccountId() == accountId) ||
556 (item.GetAccessee().GetAccesseeUserId() == userId &&
557 item.GetAccessee().GetAccesseeAccountId() == accountId)) {
558 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
559 }
560 }
561 return DM_OK;
562 }
563
CheckSrcDeviceIdInAcl(const std::string & pkgName,const std::string & deviceId)564 bool DeviceProfileConnector::CheckSrcDeviceIdInAcl(const std::string &pkgName, const std::string &deviceId)
565 {
566 LOGI("DeviceProfileConnector::CheckSrcDeviceIdInAcl");
567 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
568 LOGI("AccessControlProfile size is %d.", profiles.size());
569 for (auto &item : profiles) {
570 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE &&
571 item.GetBindLevel() == DEVICE && item.GetAccessee().GetAccesseeBundleName() == pkgName &&
572 item.GetAccessee().GetAccesseeUserId() == 0 && item.GetAccessee().GetAccesseeAccountId() == "") {
573 return true;
574 }
575 }
576 return false;
577 }
578
CheckSinkDeviceIdInAcl(const std::string & pkgName,const std::string & deviceId)579 bool DeviceProfileConnector::CheckSinkDeviceIdInAcl(const std::string &pkgName, const std::string &deviceId)
580 {
581 LOGI("DeviceProfileConnector::CheckSinkDeviceIdInAcl");
582 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
583 LOGI("AccessControlProfile size is %d.", profiles.size());
584 for (auto &item : profiles) {
585 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE &&
586 item.GetBindLevel() == DEVICE && item.GetAccesser().GetAccesserBundleName() == pkgName &&
587 item.GetAccesser().GetAccesserUserId() == 0 && item.GetAccesser().GetAccesserAccountId() == "") {
588 return true;
589 }
590 }
591 return false;
592 }
593
CheckDeviceIdInAcl(const std::string & pkgName,const std::string & deviceId)594 bool DeviceProfileConnector::CheckDeviceIdInAcl(const std::string &pkgName, const std::string &deviceId)
595 {
596 return (CheckSinkDeviceIdInAcl(pkgName, deviceId) || CheckSrcDeviceIdInAcl(pkgName, deviceId));
597 }
598
DeleteTimeOutAcl(const std::string & deviceId)599 uint32_t DeviceProfileConnector::DeleteTimeOutAcl(const std::string &deviceId)
600 {
601 LOGI("DeviceProfileConnector::DeleteTimeOutAcl");
602 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
603 LOGI("AccessControlProfile size is %d.", profiles.size());
604 uint32_t res = 0;
605 for (auto &item : profiles) {
606 if (item.GetTrustDeviceId() != deviceId || item.GetStatus() != ACTIVE) {
607 continue;
608 }
609 res++;
610 if (item.GetAuthenticationType() == ALLOW_AUTH_ONCE) {
611 res--;
612 DistributedDeviceProfileClient::GetInstance().DeleteAccessControlProfile(item.GetAccessControlId());
613 }
614 }
615 return res;
616 }
617
GetTrustNumber(const std::string & deviceId)618 int32_t DeviceProfileConnector::GetTrustNumber(const std::string &deviceId)
619 {
620 LOGI("DeviceProfileConnector::DeleteTimeOutAcl");
621 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
622 LOGI("AccessControlProfile size is %d.", profiles.size());
623 int32_t trustNumber = 0;
624 for (auto &item : profiles) {
625 if (item.GetTrustDeviceId() == deviceId && item.GetStatus() == ACTIVE) {
626 trustNumber++;
627 }
628 }
629 return trustNumber;
630 }
631
CheckPkgnameInAcl(std::string pkgName,std::string localDeviceId,std::string remoteDeviceId)632 bool DeviceProfileConnector::CheckPkgnameInAcl(std::string pkgName, std::string localDeviceId,
633 std::string remoteDeviceId)
634 {
635 LOGI("DeviceProfileConnector::CheckPkgnameInAcl");
636 std::vector<AccessControlProfile> profiles = GetAccessControlProfile();
637 LOGI("AccessControlProfile size is %d.", profiles.size());
638 for (auto &item : profiles) {
639 if (item.GetTrustDeviceId() != remoteDeviceId && item.GetStatus() != ACTIVE) {
640 continue;
641 }
642 if ((item.GetBindType() == DM_POINT_TO_POINT || item.GetBindType() == DM_ACROSS_ACCOUNT) &&
643 item.GetBindLevel() == DEVICE && (item.GetAccesser().GetAccesserBundleName() == pkgName ||
644 item.GetAccessee().GetAccesseeBundleName() == pkgName)) {
645 LOGI("The pkgname %s is peer-to-peer device unbind.", pkgName.c_str());
646 return true;
647 } else if ((item.GetBindType() == DM_POINT_TO_POINT || item.GetBindType() == DM_ACROSS_ACCOUNT) &&
648 item.GetBindLevel() == APP && item.GetAccesser().GetAccesserBundleName() == pkgName &&
649 item.GetAccesser().GetAccesserDeviceId() == localDeviceId) {
650 LOGI("The pkgname %s is peer-to-peer app unbind.", pkgName.c_str());
651 return true;
652 } else if ((item.GetBindType() == DM_POINT_TO_POINT || item.GetBindType() == DM_ACROSS_ACCOUNT) &&
653 item.GetBindLevel() == APP && item.GetAccessee().GetAccesseeBundleName() == pkgName &&
654 item.GetAccessee().GetAccesseeDeviceId() == localDeviceId) {
655 LOGI("The pkgname %s is peer-to-peer app unbind.", pkgName.c_str());
656 return true;
657 }
658 }
659 return false;
660 }
661
CreateDpConnectorInstance()662 IDeviceProfileConnector *CreateDpConnectorInstance()
663 {
664 return &DeviceProfileConnector::GetInstance();
665 }
666 } // namespace DistributedHardware
667 } // namespace OHOS
668