2 * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @file src/service/logic/Logic.cpp
18 * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
20 * @brief This file implements main class of logic layer in cynara service
32 #include <exceptions/BucketNotExistsException.h>
33 #include <exceptions/DatabaseException.h>
34 #include <exceptions/DefaultBucketDeletionException.h>
35 #include <exceptions/DefaultBucketSetNoneException.h>
36 #include <exceptions/InvalidBucketIdException.h>
37 #include <exceptions/PluginErrorException.h>
38 #include <exceptions/PluginNotFoundException.h>
39 #include <exceptions/UnexpectedErrorException.h>
40 #include <exceptions/UnknownPolicyTypeException.h>
41 #include <request/AdminCheckRequest.h>
42 #include <request/AgentActionRequest.h>
43 #include <request/AgentRegisterRequest.h>
44 #include <request/CancelRequest.h>
45 #include <request/CheckRequest.h>
46 #include <request/DescriptionListRequest.h>
47 #include <request/EraseRequest.h>
48 #include <request/InsertOrUpdateBucketRequest.h>
49 #include <request/ListRequest.h>
50 #include <request/RemoveBucketRequest.h>
51 #include <request/RequestContext.h>
52 #include <request/SetPoliciesRequest.h>
53 #include <request/SignalRequest.h>
54 #include <response/AdminCheckResponse.h>
55 #include <response/AgentRegisterResponse.h>
56 #include <response/CancelResponse.h>
57 #include <response/CheckResponse.h>
58 #include <response/CodeResponse.h>
59 #include <response/DescriptionListResponse.h>
60 #include <response/ListResponse.h>
61 #include <types/Policy.h>
63 #include <main/Cynara.h>
64 #include <agent/AgentManager.h>
65 #include <sockets/SocketManager.h>
66 #include <storage/Storage.h>
68 #include <cynara-plugin.h>
70 #include <cynara-agent.h>
82 void Logic::execute(RequestContextPtr context UNUSED, SignalRequestPtr request) {
83 LOGD("Processing signal: [%d]", request->signalNumber());
85 switch (request->signalNumber()) {
87 LOGI("SIGTERM received!");
88 m_socketManager->mainLoopStop();
93 void Logic::execute(RequestContextPtr context, AdminCheckRequestPtr request) {
95 bool bucketValid = true;
97 result = m_storage->checkPolicy(request->key(), request->startBucket(),
98 request->recursive());
99 } catch (const BucketNotExistsException &ex) {
103 context->returnResponse(context, std::make_shared<AdminCheckResponse>(result, bucketValid,
104 request->sequenceNumber()));
107 void Logic::execute(RequestContextPtr context, AgentActionRequestPtr request) {
108 AgentTalkerPtr talkerPtr = m_agentManager->getTalker(context->responseQueue(),
109 request->sequenceNumber());
111 LOGD("Received response from agent with invalid request id: [%" PRIu16 "]",
112 request->sequenceNumber());
116 CheckContextPtr checkContextPtr = m_checkRequestManager.getContext(talkerPtr);
117 if (!checkContextPtr) {
118 LOGE("No matching check context for agent talker.");
119 m_agentManager->removeTalker(talkerPtr);
123 if (!checkContextPtr->cancelled()) {
124 PluginData data(request->data().begin(), request->data().end());
125 if (request->type() == CYNARA_MSG_TYPE_CANCEL) {
126 // Nothing to do for now
127 } else if (request->type() == CYNARA_MSG_TYPE_ACTION) {
128 update(checkContextPtr->m_key, checkContextPtr->m_checkId, data,
129 checkContextPtr->m_requestContext, checkContextPtr->m_plugin);
131 LOGE("Invalid response type [%d] in response from agent <%s>",
132 static_cast<int>(request->type()), talkerPtr->agentType().c_str());
133 // TODO: disconnect agent
137 m_agentManager->removeTalker(talkerPtr);
138 m_checkRequestManager.removeRequest(checkContextPtr);
141 void Logic::execute(RequestContextPtr context, AgentRegisterRequestPtr request) {
142 auto result = m_agentManager->registerAgent(request->agentType(), context->responseQueue());
143 context->returnResponse(context, std::make_shared<AgentRegisterResponse>(
144 result, request->sequenceNumber()));
147 void Logic::execute(RequestContextPtr context, CancelRequestPtr request) {
148 CheckContextPtr checkContextPtr = m_checkRequestManager.getContext(context->responseQueue(),
149 request->sequenceNumber());
150 if (!checkContextPtr) {
151 LOGD("Cancel request id: [%" PRIu16 "] with no matching request in progress.",
152 request->sequenceNumber());
156 if (checkContextPtr->cancelled())
159 checkContextPtr->cancel();
160 checkContextPtr->m_agentTalker->cancel();
162 LOGD("Returning response for cancel request id: [%" PRIu16 "].", request->sequenceNumber());
163 context->returnResponse(context, std::make_shared<CancelResponse>(request->sequenceNumber()));
166 void Logic::execute(RequestContextPtr context, CheckRequestPtr request) {
167 PolicyResult result(PredefinedPolicyType::DENY);
168 if (check(context, request->key(), request->sequenceNumber(), result)) {
169 context->returnResponse(context, std::make_shared<CheckResponse>(result,
170 request->sequenceNumber()));
174 bool Logic::check(const RequestContextPtr &context, const PolicyKey &key,
175 ProtocolFrameSequenceNumber checkId, PolicyResult &result) {
177 if (m_checkRequestManager.getContext(context->responseQueue(), checkId)) {
178 LOGE("Check request for checkId: [%" PRIu16 "] is already processing", checkId);
182 result = m_storage->checkPolicy(key);
184 switch (result.policyType()) {
185 case PredefinedPolicyType::ALLOW :
186 LOGD("check of policy key <%s> returned ALLOW", key.toString().c_str());
188 case PredefinedPolicyType::DENY :
189 LOGD("check of policy key <%s> returned DENY", key.toString().c_str());
193 return pluginCheck(context, key, checkId, result);
196 bool Logic::pluginCheck(const RequestContextPtr &context, const PolicyKey &key,
197 ProtocolFrameSequenceNumber checkId, PolicyResult &result) {
199 LOGD("Trying to check policy: <%s> in plugin.", key.toString().c_str());
201 ExternalPluginPtr plugin = m_pluginManager->getPlugin(result.policyType());
203 LOGE("Plugin not found for policy: [0x%x]", result.policyType());
204 result = PolicyResult(PredefinedPolicyType::DENY);
208 ServicePluginInterfacePtr servicePlugin =
209 std::dynamic_pointer_cast<ServicePluginInterface>(plugin);
211 throw PluginNotFoundException(result);
214 AgentType requiredAgent;
215 PluginData pluginData;
217 auto ret = servicePlugin->check(key.client().toString(), key.user().toString(),
218 key.privilege().toString(), result, requiredAgent, pluginData);
221 case ServicePluginInterface::PluginStatus::ANSWER_READY:
223 case ServicePluginInterface::PluginStatus::ANSWER_NOTREADY: {
224 result = PolicyResult(PredefinedPolicyType::DENY);
225 AgentTalkerPtr agentTalker = m_agentManager->createTalker(requiredAgent);
227 LOGE("Required agent talker for: <%s> could not be created.",
228 requiredAgent.c_str());
232 if (!m_checkRequestManager.createContext(key, context, checkId, servicePlugin,
234 LOGE("Check context for checkId: [%" PRIu16 "] could not be created.",
236 m_agentManager->removeTalker(agentTalker);
239 agentTalker->send(pluginData);
243 throw PluginErrorException(key); // This 'throw' should be removed or handled properly.
247 bool Logic::update(const PolicyKey &key, ProtocolFrameSequenceNumber checkId,
248 const PluginData &agentData, const RequestContextPtr &context,
249 const ServicePluginInterfacePtr &plugin) {
251 LOGD("Check update: <%s>:[%" PRIu16 "]", key.toString().c_str(), checkId);
254 bool answerReady = false;
255 auto ret = plugin->update(key.client().toString(), key.user().toString(),
256 key.privilege().toString(), agentData, result);
258 case ServicePluginInterface::PluginStatus::SUCCESS:
261 case ServicePluginInterface::PluginStatus::ERROR:
262 result = PolicyResult(PredefinedPolicyType::DENY);
266 throw PluginErrorException(key);
269 if (answerReady && context->responseQueue()) {
270 context->returnResponse(context, std::make_shared<CheckResponse>(result, checkId));
277 void Logic::execute(RequestContextPtr context, DescriptionListRequestPtr request) {
278 auto descriptions = m_pluginManager->getPolicyDescriptions();
279 descriptions.insert(descriptions.begin(), predefinedPolicyDescr.begin(),
280 predefinedPolicyDescr.end());
281 context->returnResponse(context, std::make_shared<DescriptionListResponse>(descriptions,
282 request->sequenceNumber()));
285 void Logic::execute(RequestContextPtr context, EraseRequestPtr request) {
286 auto code = CodeResponse::Code::OK;
289 m_storage->erasePolicies(request->startBucket(), request->recursive(), request->filter());
291 } catch (const DatabaseException &ex) {
292 code = CodeResponse::Code::FAILED;
293 } catch (const BucketNotExistsException &ex) {
294 code = CodeResponse::Code::NO_BUCKET;
297 context->returnResponse(context, std::make_shared<CodeResponse>(code,
298 request->sequenceNumber()));
301 void Logic::execute(RequestContextPtr context, InsertOrUpdateBucketRequestPtr request) {
302 auto code = CodeResponse::Code::OK;
305 checkSinglePolicyType(request->result().policyType(), true, true);
306 m_storage->addOrUpdateBucket(request->bucketId(), request->result());
308 } catch (const DatabaseException &ex) {
309 code = CodeResponse::Code::FAILED;
310 } catch (const DefaultBucketSetNoneException &ex) {
311 code = CodeResponse::Code::NOT_ALLOWED;
312 } catch (const InvalidBucketIdException &ex) {
313 code = CodeResponse::Code::NOT_ALLOWED;
314 } catch (const UnknownPolicyTypeException &ex) {
315 code = CodeResponse::Code::NO_POLICY_TYPE;
318 context->returnResponse(context, std::make_shared<CodeResponse>(code,
319 request->sequenceNumber()));
322 void Logic::execute(RequestContextPtr context, ListRequestPtr request) {
323 bool bucketValid = true;
325 std::vector<Policy> policies;
327 policies = m_storage->listPolicies(request->bucket(), request->filter());
328 } catch (const BucketNotExistsException &ex) {
332 context->returnResponse(context, std::make_shared<ListResponse>(policies, bucketValid,
333 request->sequenceNumber()));
336 void Logic::execute(RequestContextPtr context, RemoveBucketRequestPtr request) {
337 auto code = CodeResponse::Code::OK;
339 m_storage->deleteBucket(request->bucketId());
341 } catch (const DatabaseException &ex) {
342 code = CodeResponse::Code::FAILED;
343 } catch (const BucketNotExistsException &ex) {
344 code = CodeResponse::Code::NO_BUCKET;
345 } catch (const DefaultBucketDeletionException &ex) {
346 code = CodeResponse::Code::NOT_ALLOWED;
348 context->returnResponse(context, std::make_shared<CodeResponse>(code,
349 request->sequenceNumber()));
352 void Logic::execute(RequestContextPtr context, SetPoliciesRequestPtr request) {
353 auto code = CodeResponse::Code::OK;
355 checkPoliciesTypes(request->policiesToBeInsertedOrUpdated(), true, false);
356 m_storage->insertPolicies(request->policiesToBeInsertedOrUpdated());
357 m_storage->deletePolicies(request->policiesToBeRemoved());
359 } catch (const DatabaseException &ex) {
360 code = CodeResponse::Code::FAILED;
361 } catch (const BucketNotExistsException &ex) {
362 code = CodeResponse::Code::NO_BUCKET;
363 } catch (const UnknownPolicyTypeException &ex) {
364 code = CodeResponse::Code::NO_POLICY_TYPE;
366 context->returnResponse(context, std::make_shared<CodeResponse>(code,
367 request->sequenceNumber()));
370 void Logic::checkPoliciesTypes(const std::map<PolicyBucketId, std::vector<Policy>> &policies,
371 bool allowBucket, bool allowNone) {
372 for (const auto &group : policies) {
373 for (const auto &policy : group.second) {
374 checkSinglePolicyType(policy.result().policyType(), allowBucket, allowNone);
379 void Logic::checkSinglePolicyType(const PolicyType &policyType, bool allowBucket, bool allowNone) {
380 if (allowBucket && policyType == PredefinedPolicyType::BUCKET)
382 if (allowNone && policyType == PredefinedPolicyType::NONE)
384 for (const auto &descr : predefinedPolicyDescr) {
385 if (descr.type == policyType)
388 m_pluginManager->checkPolicyType(policyType);
391 void Logic::contextClosed(RequestContextPtr context) {
392 LOGD("context closed");
394 LinkId linkId = context->responseQueue();
396 m_agentManager->cleanupAgent(linkId, [&](const AgentTalkerPtr &talker) -> void {
397 handleAgentTalkerDisconnection(talker); });
399 m_checkRequestManager.cancelRequests(linkId,
400 [&](const CheckContextPtr &checkContextPtr) -> void {
401 handleClientDisconnection(checkContextPtr); });
404 void Logic::onPoliciesChanged(void) {
406 m_socketManager->disconnectAllClients();
407 m_pluginManager->invalidateAll();
408 //todo remove all saved contexts (if there will be any saved contexts)
411 void Logic::handleAgentTalkerDisconnection(const AgentTalkerPtr &agentTalkerPtr) {
412 CheckContextPtr checkContextPtr = m_checkRequestManager.getContext(agentTalkerPtr);
413 if (checkContextPtr == nullptr) {
414 LOGE("No matching check context for agent talker.");
418 if (!checkContextPtr->cancelled() && checkContextPtr->m_requestContext->responseQueue()) {
419 PolicyResult result(PredefinedPolicyType::DENY);
420 checkContextPtr->m_requestContext->returnResponse(checkContextPtr->m_requestContext,
421 std::make_shared<CheckResponse>(result, checkContextPtr->m_checkId));
424 m_checkRequestManager.removeRequest(checkContextPtr);
427 void Logic::handleClientDisconnection(const CheckContextPtr &checkContextPtr) {
428 LOGD("Handle client disconnection");
430 if (!checkContextPtr->cancelled()) {
431 checkContextPtr->cancel();
432 checkContextPtr->m_agentTalker->cancel();
436 } // namespace Cynara