typedef device_policy_manager_h dpmh;
-DPM::DPM() : handle(nullptr)
+DPM::DPM(const char *sender_id) :
+ handle(nullptr),
+ sender(sender_id)
{
handle = (dpmh)dpm_manager_create();
+ printf("DPM::DPM()\n");
+ iot = NetworkManager::IoTivity::getInstance();
}
DPM::~DPM()
return "Unknown";
}
+void DPM::UpdatePolicy(const char *name, Policy::Action action, const char *param)
+{
+ try
+ {
+ string json;
+ PolicyUpdate p(sender, string(name), action, string(param), json);
+ SendJSON(json);
+ }
+ catch (PolicyException &e) {
+ printf("Exception: %s\n", e.what());
+ }
+}
+
+void DPM::SendJSON(string json)
+{
+ // TODO: sending json policy
+ printf("$$==============\n");
+ printf("JSON:\n");
+ printf("%s", json.c_str());
+ printf("================\n");
+}
+
+const char* policy[] = {
+ "Camera", // 0
+ "Microphone",
+ "Location",
+ "USB mass storage",
+ "Clipboard",
+ "Debugging", // 5
+ "WiFi",
+ "WiFi hotspot",
+ "Bluetooth tethering",
+ "USB tethering",
+ "Bluetooth mode change", // 10
+ "Bluetooth desktop conn",
+ "Bluetooth pairing",
+ "SMS or text messaging",
+ "POP or IMAP email",
+ "WEB browser", // 15
+
+ "package", // params: install reinstall uninstall move all
+
+ "privileges blacklist", // add_privilege_to_blacklist
+
+ "bluetooth MAC blacklist", // bluetooth_add_device_to_blacklist
+ "bluetooth MAC restriction", // bluetooth_set_device_restriction
+ "bluetooth UUID blacklist", // bluetooth_add_uuid_to_blacklist
+ "bluetooth UUID restriction", // bluetooth_set_device_restriction
+
+ "lockout screen", // lockout_screen();
+ "internal storage encryption", // set_internal_storage_encryption(bool encrypt);
+ "external storage encryption", // set_external_storage_encryption(bool encrypt);
+ "wipe external data", // wipe_external_data();
+ "wipe internal data", // wipe_internal_data();
+
+ "WiFi profile change", // wifi_set_profile_change_restriction(bool enable);
+ "WiFi network access", // wifi_set_network_access_restriction(bool enable);
+ "WiFi SSID blacklist", // wifi_add_ssid_to_blocklist(const char* ssid);
+
+};
+
+enum policy_name : int {
+ Camera = 0,
+ Microphone,
+ Location,
+ USB_mass_storage,
+ Clipboard,
+ Debugging, // 5
+ WiFi,
+ WiFi_hotspot,
+ Bluetooth_tethering,
+ USB_tethering,
+ Bluetooth_mode_change, // 10
+ Bluetooth_desktop_conn,
+ Bluetooth_pairing,
+ SMS_or_text_messaging,
+ POP_or_IMAP_email,
+ WEB_browser, // 15
+
+ package, // params: install reinstall uninstall move all
+
+ privileges_blacklist, // add_privilege_to_blacklist
+
+ bluetooth_MAC_blacklist, // bluetooth_add_device_to_blacklist
+ bluetooth_MAC_restriction, // bluetooth_set_device_restriction
+ bluetooth_UUID_blacklist, // bluetooth_add_uuid_to_blacklist
+ bluetooth_UUID_restriction, // bluetooth_set_device_restriction
+
+ lockout_screen_, // lockout_screen();
+ internal_storage_encryption_, // set_internal_storage_encryption(bool encrypt);
+ external_storage_encryption_, // set_external_storage_encryption(bool encrypt);
+ wipe_external_data_, // wipe_external_data();
+ wipe_internal_data_, // wipe_internal_data();
+
+ WiFi_profile_change_, // wifi_set_profile_change_restriction(bool enable);
+ WiFi_network_access_, // wifi_set_network_access_restriction(bool enable);
+ WiFi_SSID_blacklist_, // wifi_add_ssid_to_blocklist(const char* ssid);
+
+};
+
+
dpm_error DPM::get_state(int (*f)(void*, int*), bool &allow)
{
if (!handle) return DPM_NOT_INITIALIZED;
return convert_err(res);
}
-dpm_error DPM::set_state(int (*f)(void*, int), bool allow)
+dpm_error DPM::set_state(int (*f)(void*, int), bool allow, int policy_num)
{
if (!handle) return DPM_NOT_INITIALIZED;
+ if (policy_num < 0 || policy_num >= int(sizeof(policy)/sizeof(policy[0])))
+ return DPM_INVALID_PARAMETER;
+
int res = f(handle, allow ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[policy_num],
+ allow ? Policy::ALLOW : Policy::RESTRICT);
+
return convert_err(res);
}
dpm_error DPM::set_camera_state(bool allow)
{
- return set_state(dpm_restriction_set_camera_state, allow);
+ return set_state(dpm_restriction_set_camera_state, allow, Camera);
}
dpm_error DPM::get_camera_state(bool &allow)
dpm_error DPM::set_microphone_state(bool allow)
{
- return set_state(dpm_restriction_set_microphone_state, allow);
+ return set_state(dpm_restriction_set_microphone_state, allow, Microphone);
}
dpm_error DPM::get_microphone_state(bool &allow)
dpm_error DPM::set_location_state(bool allow)
{
- return set_state(dpm_restriction_set_location_state, allow);
+ return set_state(dpm_restriction_set_location_state, allow, Location);
}
dpm_error DPM::get_location_state(bool &allow)
dpm_error DPM::set_external_storage_state(bool allow)
{
- return set_state(dpm_restriction_set_external_storage_state, allow);
+ return set_state(dpm_restriction_set_external_storage_state, allow, external_storage_encryption_);
}
dpm_error DPM::get_external_storage_state(bool &allow)
dpm_error DPM::set_clipboard_state(bool allow)
{
- return set_state(dpm_restriction_set_clipboard_state, allow);
+ return set_state(dpm_restriction_set_clipboard_state, allow, Clipboard);
}
dpm_error DPM::get_clipboard_state(bool &allow)
dpm_error DPM::set_usb_debugging_state(bool allow)
{
- return set_state(dpm_restriction_set_usb_debugging_state, allow);
+ return set_state(dpm_restriction_set_usb_debugging_state, allow, Debugging);
}
dpm_error DPM::get_usb_debugging_state(bool &allow)
dpm_error DPM::set_wifi_state(bool allow)
{
- return set_state(dpm_restriction_set_wifi_state, allow);
+ return set_state(dpm_restriction_set_wifi_state, allow, WiFi);
}
dpm_error DPM::get_wifi_state(bool &allow)
dpm_error DPM::set_wifi_hotspot_state(bool allow)
{
- return set_state(dpm_restriction_set_wifi_hotspot_state, allow);
+ return set_state(dpm_restriction_set_wifi_hotspot_state, allow, WiFi_hotspot);
}
dpm_error DPM::get_wifi_hotspot_state(bool &allow)
dpm_error DPM::set_bluetooth_tethering_state(bool allow)
{
- return set_state(dpm_restriction_set_bluetooth_tethering_state, allow);
+ return set_state(dpm_restriction_set_bluetooth_tethering_state, allow, Bluetooth_tethering);
}
dpm_error DPM::get_bluetooth_tethering_state(bool &allow)
dpm_error DPM::set_usb_tethering_state(bool allow)
{
- return set_state(dpm_restriction_set_usb_tethering_state, allow);
+ return set_state(dpm_restriction_set_usb_tethering_state, allow, USB_tethering);
}
dpm_error DPM::get_usb_tethering_state(bool &allow)
dpm_error DPM::set_bluetooth_mode_change_state(bool allow)
{
- return set_state(dpm_restriction_set_bluetooth_mode_change_state, allow);
+ return set_state(dpm_restriction_set_bluetooth_mode_change_state, allow, Bluetooth_mode_change);
}
dpm_error DPM::get_bluetooth_mode_change_state(bool &allow)
dpm_error DPM::set_bluetooth_desktop_connectivity_state(bool allow)
{
- return set_state(dpm_restriction_set_bluetooth_desktop_connectivity_state, allow);
+ return set_state(dpm_restriction_set_bluetooth_desktop_connectivity_state, allow, Bluetooth_desktop_conn);
}
dpm_error DPM::get_bluetooth_desktop_connectivity_state(bool &allow)
dpm_error DPM::set_bluetooth_pairing_state(bool allow)
{
- return set_state(dpm_restriction_set_bluetooth_pairing_state, allow);
+ return set_state(dpm_restriction_set_bluetooth_pairing_state, allow, Bluetooth_pairing);
}
dpm_error DPM::get_bluetooth_pairing_state(bool &allow)
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_restriction_set_messaging_state((dpmh)handle, "sim_id", allow ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[SMS_or_text_messaging],
+ allow ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
dpm_error DPM::set_popimap_email_state(bool allow)
{
- return set_state(dpm_restriction_set_popimap_email_state, allow);
+ return set_state(dpm_restriction_set_popimap_email_state, allow, POP_or_IMAP_email);
}
dpm_error DPM::get_popimap_email_state(bool &allow)
dpm_error DPM::set_browser_state(bool allow)
{
- return set_state(dpm_restriction_set_browser_state, allow);
+ return set_state(dpm_restriction_set_browser_state, allow, WEB_browser);
}
dpm_error DPM::get_browser_state(bool &allow)
dpm_application_unset_mode_restriction((dpmh)handle, m) :
dpm_application_set_mode_restriction((dpmh)handle, m);
+ //if (res == DPM_ERROR_NONE)
+ {
+ const char *param = "none";
+ if (mode == PACKAGE_INSTALL) param = "install";
+ else if (mode == PACKAGE_UNINSTALL) param = "uninstall";
+ else if (mode == PACKAGE_REINSTALL) param = "reinstall";
+ else if (mode == PACKAGE_MOVE) param = "move";
+ else if (mode == PACKAGE_ALL) param = "all";
+
+ UpdatePolicy(policy[package], allow ? Policy::ALLOW : Policy::RESTRICT, param);
+ }
+
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_application_add_privilege_to_blacklist((dpmh)handle, 0, privilege);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[privileges_blacklist], Policy::ADD, privilege);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_application_remove_privilege_from_blacklist((dpmh)handle, 0, privilege);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[privileges_blacklist], Policy::REMOVE, privilege);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_add_device_to_blacklist((dpmh)handle, address);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_MAC_blacklist], Policy::ADD, address);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_remove_device_from_blacklist((dpmh)handle, address);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_MAC_blacklist], Policy::REMOVE, address);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_set_device_restriction((dpmh)handle, enable ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_MAC_restriction],
+ enable ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_add_uuid_to_blacklist((dpmh)handle, uuid);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_UUID_blacklist], Policy::ADD, uuid);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_remove_uuid_from_blacklist((dpmh)handle, uuid);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_UUID_blacklist], Policy::REMOVE, uuid);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_bluetooth_set_uuid_restriction((dpmh)handle, enable);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[bluetooth_UUID_restriction],
+ enable ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_security_lockout_screen((dpmh)handle);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[lockout_screen_], Policy::ALLOW);
return convert_err(res);
}
dpm_error DPM::set_internal_storage_encryption(bool encrypt)
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_security_set_internal_storage_encryption((dpmh)handle, encrypt ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[internal_storage_encryption_],
+ encrypt ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
dpm_error DPM::is_internal_storage_encrypted(bool &is_encrypted)
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_security_set_external_storage_encryption((dpmh)handle, encrypt ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[external_storage_encryption_],
+ encrypt ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
dpm_error DPM::is_external_storage_encrypted(bool &is_encrypted)
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_security_wipe_data((dpmh)handle, DPM_SECURITY_WIPE_EXTERNAL_STORAGE);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[wipe_external_data_], Policy::ALLOW);
return convert_err(res);
}
dpm_error DPM::wipe_internal_data()
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_security_wipe_data((dpmh)handle, DPM_SECURITY_WIPE_INTERNAL_STORAGE);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[wipe_internal_data_], Policy::ALLOW);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_wifi_set_profile_change_restriction((dpmh)handle, enable ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[WiFi_profile_change_],
+ enable ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_wifi_set_network_access_restriction((dpmh)handle, enable ? 1 : 0);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[WiFi_network_access_],
+ enable ? Policy::ALLOW : Policy::RESTRICT);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_wifi_add_ssid_to_blocklist((dpmh)handle, ssid);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[WiFi_SSID_blacklist_], Policy::ADD, ssid);
return convert_err(res);
}
{
if (!handle) return DPM_NOT_INITIALIZED;
int res = dpm_wifi_remove_ssid_from_blocklist((dpmh)handle, ssid);
+ //if (res == DPM_ERROR_NONE)
+ UpdatePolicy(policy[WiFi_SSID_blacklist_], Policy::REMOVE, ssid);
return convert_err(res);
}