void Node::setContent(const std::string& content)
{
- if (implementation->type == XML_ELEMENT_NODE) {
+ if (implementation->type != XML_ELEMENT_NODE) {
throw runtime::Exception("Can not set content for this node type");
}
- xmlNodeSetContent(implementation, (xmlChar*)content.c_str());
+ auto child = implementation->xmlChildrenNode;
+ xmlNodeSetContent(child, (xmlChar*)content.c_str());
}
std::string Node::getContent() const
{
- if (implementation->type == XML_ELEMENT_NODE) {
+ if (implementation->type != XML_ELEMENT_NODE) {
throw runtime::Exception("This node type does not have content");
}
-
- return implementation->content ? (char*)implementation->content : "";
+ xmlNode* child = implementation->xmlChildrenNode;
+ if (child == NULL || xmlIsBlankNode(child)) {
+ return "";
+ }
+ return child->content ? (char*)child->content : "";
}
void Node::setProp(const std::string& name, const std::string& val)
{
}
-int StoragePolicy::setExternalStorageState(int state)
-{
- try {
- return context->methodCall<int>("StoragePolicy::setExternalStorageState", state);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int StoragePolicy::getExternalStorageState()
-{
- try {
- return context->methodCall<int>("StoragePolicy::getExternalStorageState");
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
int StoragePolicy::wipeData(int type)
{
try {
%attr(700,root,root) %{_bindir}/factory-reset
%dir %{TZ_SYS_DATA}/dpm
%dir %{TZ_SYS_ETC}/dpm/policy
-%config %{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml
+%{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml
%attr(700,root,root) %dir %{TZ_SYS_ETC}/dpm/zone
%attr(600,root,root) %config %{TZ_SYS_ETC}/dpm/zone/owner.xml
%{_unitdir}/device-policy-manager.service
StoragePolicy(PolicyControlContext& ctxt);
~StoragePolicy();
- int setExternalStorageState(int state);
- int getExternalStorageState();
-
int wipeData(int id);
private:
#include "application.hxx"
+#include "policy-helper.h"
#include "packman.h"
#include "launchpad.h"
#include "audit/logger.h"
context.registerParametricMethod(this, (int)(ApplicationPolicy::addPackageToBlacklist)(std::string));
context.registerParametricMethod(this, (int)(ApplicationPolicy::removePackageFromBlacklist)(std::string));
context.registerParametricMethod(this, (int)(ApplicationPolicy::checkPackageIsBlacklisted)(std::string));
+
+ context.createNotification("package-installation-mode");
+ context.createNotification("package-uninstallation-mode");
}
ApplicationPolicy::~ApplicationPolicy()
int ApplicationPolicy::setApplicationInstallationMode(const bool mode)
{
+ SetPolicyAllowed(context, "package-installation-mode", mode);
+
return 0;
}
bool ApplicationPolicy::getApplicationInstallationMode()
{
- return true;
+ return IsPolicyAllowed(context, "package-installation-mode");
}
int ApplicationPolicy::setApplicationUninstallationMode(const bool mode)
{
+ SetPolicyAllowed(context, "package-uninstallation-mode", mode);
return 0;
}
bool ApplicationPolicy::getApplicationUninstallationMode()
{
- return true;
+ return IsPolicyAllowed(context, "package-uninstallation-mode");
}
std::vector<std::string> ApplicationPolicy::getInstalledPackageList()
*/
#include "bluetooth.hxx"
+
+#include "policy-helper.h"
#include "audit/logger.h"
namespace DevicePolicyManager {
ctxt.registerParametricMethod(this, (int)(BluetoothPolicy::removeUuidFromBlacklist)(std::string));
ctxt.registerParametricMethod(this, (int)(BluetoothPolicy::setUuidRestriction)(bool));
ctxt.registerNonparametricMethod(this, (bool)(BluetoothPolicy::isUuidRestricted));
+
+ ctxt.createNotification("bluetooth");
+ ctxt.createNotification("bluetooth-uuid-restriction");
+ ctxt.createNotification("bluetooth-device-restriction");
}
BluetoothPolicy::~BluetoothPolicy()
int BluetoothPolicy::setDeviceRestriction(const bool enable)
{
+ SetPolicyEnabled(context, "bluetooth-device-restriction", enable);
return 0;
}
bool BluetoothPolicy::isDeviceRestricted()
{
- return false;
+ return IsPolicyEnabled(context, "bluetooth-device-restriction");
}
int BluetoothPolicy::addUuidToBlacklist(const std::string& uuid)
int BluetoothPolicy::setUuidRestriction(const bool enable)
{
+ SetPolicyEnabled(context, "bluetooth-uuid-restriction", enable);
return 0;
}
bool BluetoothPolicy::isUuidRestricted()
{
- return false;
+ return IsPolicyEnabled(context, "bluetooth-uuid-restriction");
}
BluetoothPolicy bluetoothPolicy(Server::instance());
<?xml version="1.0" encoding="utf-8"?>
<manifest>
<policy-version>0.1.0</policy-version>
- <policy-group name="APPLICATION">
- <policy name="SET_APP_INSTALLATION_MODE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_APP_UNINSTALLATION_MODE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
+ <policy-group name="application">
+ <policy name="package-installation-mode">allowed</policy>
+ <policy name="package-uninstallation-mode">allowed</policy>
</policy-group>
-
- <policy-group name="ROAMING">
- <policy name="ALLOW_SYNC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_PUSH" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
+ <policy-group name="password">
+ <policy name="password-quality">0</policy>
+ <policy name="password-minimum-length">0</policy>
+ <policy name="password-maximum-failure-count">0</policy>
+ <policy name="password-expired">0</policy>
+ <policy name="password-minimum-complexity">0</policy>
+ <policy name="password-pattern"></policy>
+ <policy name="password-history">0</policy>
+ <policy name="password-recovery">0</policy>
+ <policy name="password-lock-delay">0</policy>
+ <policy name="password-inactivity-timeout">0</policy>
+ <policy name="password-change-timeout">0</policy>
+ <policy name="password-maximum-character-occurrences">0</policy>
+ <policy name="password-numeric-sequences-length">0</policy>
+ <policy name="password-forbidden-strings"></policy>
</policy-group>
-
- <policy-group name="PASSWORD">
- <policy name="SET_PASSWORD_QUALITY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MINIMUM_LENGTH" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MAXIMUM_FAILED_FOR_WIPE" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_EXPIRE" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MINIMUM_COMPLEX" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_PATTERN" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_HISTORY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_RECOVERY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_LOCK_DELAY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INACTIVITY_TIME_DEVICE_LOCK" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_CHANGE_TIMEOUT" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_MAXIMUM_CHARACTER_OCCURRENCES" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_MAXIMUM_NUMERIC_SEQUENCES_LENGTH" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_FORBIDDEN_STRINGS" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
+ <policy-group name="security">
+ <policy name="internal-storage-encryption">allowed</policy>
+ <policy name="external-storage-encryption">allowed</policy>
+ <policy name="internet-sharing">allowed</policy>
+ <policy name="require-device-encryption">allowed</policy>
+ <policy name="require-sdcard-encryption">allowed</policy>
</policy-group>
-
- <policy-group name="SECURITY">
- <policy name="INTERNAL_STORAGE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="EXTERNAL_STORAGE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="ALLOW_INTERNET_SHARING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_DESKTOP_SYNC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_REQUIRE_DEVICE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="SET_REQUIRE_STORAGE_CARD_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
+ <policy-group name="wifi">
+ <policy name="wifi-setting-changes">allowed</policy>
+ <policy name="wifi-ssid-restriction">disabled</policy>
</policy-group>
-
- <policy-group name="WIFI">
- <policy name="SET_ALLOW_WIFI" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_MINIMUM_REQUIRED_SECURITY" status="OFF" retry="DEFAULT" priority="DEFAULT">none</policy>
- <policy name="SET_TLS_CERTIFICATE_SECURITY_LEVEL" status="OFF" retry="DEFAULT" priority="DEFAULT">none</policy>
- <policy name="SET_PASSWORD_HIDDEN" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="SET_ALLOW_USER_POLICY_CHANGES" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_WIFI_AP_SETTING_USER_MODIFICATION" status="OFF" retry="DEFAULT" priority="DEFAULT">enabled</policy>
- <policy name="ACTIVATE_WIFI_SSID_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
+ <policy-group name="bluetooth">
+ <policy name="bluetooth-paring">allowed</policy>
+ <policy name="bluetooth-outgoing-call">allowed</policy>
+ <policy name="bluetooth-profile-a2dp">allowed</policy>
+ <policy name="bluetooth-profile-avrcp">allowed</policy>
+ <policy name="bluetooth-profile-bpp">allowed</policy>
+ <policy name="bluetooth-profile-dun">allowed</policy>
+ <policy name="bluetooth-profile-ftp">allowed</policy>
+ <policy name="bluetooth-profile-hfp">allowed</policy>
+ <policy name="bluetooth-profile-hsp">allowed</policy>
+ <policy name="bluetooth-profile-pbap">allowed</policy>
+ <policy name="bluetooth-profile-sap">allowed</policy>
+ <policy name="bluetooth-profile-spp">allowed</policy>
+ <policy name="bluetooth-desktop-connectivity">allowed</policy>
+ <policy name="bluetooth-descoverable">allowed</policy>
+ <policy name="bluetooth-limited-discoverable">allowed</policy>
+ <policy name="bluetooth-data-transfer">allowed</policy>
+ <policy name="bluetooth-uuid-restriction">disabled</policy>
+ <policy name="bluetooth-device-restriction">disabled</policy>
</policy-group>
-
- <policy-group name="BLUETOOTH">
- <policy name="SET_ALLOW_BLUETOOTH" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BLUETOOTH_OUTGOING_CALL" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_A2DP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_AVRCP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_BPP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DUN_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_FTP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_HFP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_HSP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_PBAP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_SAP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_SPP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DESKTOP_CONNECTIVITY_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DISCOVERABLE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_PARINIG_STATE" satus="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_LIMITED_DISCOVERABLE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DATA_TRANSFER" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ACTIVATE_BLUETOOTH_UUID_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ACTIVATE_BLUETOOTH_DEVICE_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
+ <policy-group name="restriction">
+ <policy name="wifi">allowed</policy>
+ <policy name="wifi-hotspot">allowed</policy>
+ <policy name="bluetooth">allowed</policy>
+ <policy name="camera">allowed</policy>
+ <policy name="microphone">allowed</policy>
+ <policy name="location">allowed</policy>
+ <policy name="external-storage">allowed</policy>
+ <policy name="text-messaging">allowed</policy>
+ <policy name="pop-imap-email">allowed</policy>
+ <policy name="browser">allowed</policy>
+ <policy name="settings-changes">allowed</policy>
+ <policy name="tethering">allowed</policy>
+ <policy name="bluetooth-tethering">allowed</policy>
+ <policy name="clipboard">allowed</policy>
+ <policy name="screen-capture">allowed</policy>
+ <policy name="usb-debugging">allowed</policy>
+ <policy name="usb-tethering">allowed</policy>
+ <policy name="wifi-tethering">allowed</policy>
</policy-group>
-
- <policy-group name="MISC">
- <policy name="SET_ALLOW_CAMERA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_MIC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_LOCATION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SD_CARD" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_TEXT_MESSAGING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_POP_IMAP_EMAIL" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BROWSER" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="DEVICE_INVENTORY">
- <policy name="ENABLE_CALL_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ENABLE_SMS_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ENABLE_WIFI_STATISTICS" status="OFF" retry="DEFAULT" priority="DEFAULT">enabled</policy>
- </policy-group>
-
- <policy-group name="PHONE_RESTRICTION">
- <policy name="ENABLE_LIMIT_NUMBER_OF_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENALBE_LIMIT_NUMBER_OF_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENABLE_LIMIT_USAGE_OF_DATA_CALL" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENABLE_EMERGENCY_CALL_ONLY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INCOMING_CALL_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INCOMING_SMS_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_LIMIT_OF_DATA_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_INCOMING_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_INCOMING_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_OUTGOING_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_OUTGOING_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_OUTGOING_CALL_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_OUTGOING_SMS_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- </policy-group>
-
- <policy-group name="RESTRICTION">
- <policy name="SET_ALLOW_LOCATION_METHOD_NETWORK" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_LOCATION_METHOD_GPS" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_FACTORY_RESET" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SETTINGS_CHANGES" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_NONMARKET_APPS" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BACKGROUND_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BACKUP" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BLUETOOTH_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_CELLULAR_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_CLIPBOARD_ENABLED" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_ENABLE_NFC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_HOME_KEY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_MOCK_LOCATION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SCREEN_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SDCARD" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_DEBUGGING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_KIES_AVAILABILITY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_MASS_STORAGE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_MEDIA_PLAYER_AVAILABILITY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_WIFI_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_VPN" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="BROWSER">
- <policy name="SET_AUTOFILL_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_COOKIES_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_FORCE_FRAUD_WARNING_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_JAVASCRIPT_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_POPUP_S_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="FIREWALL">
- <policy name="SET_IPTABLES_ALLOW_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_DENY_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_OPTION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_IPTABLES_PROXY_OPTION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_IPTABLES_PROXY_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_REROUTE_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
+ <policy-group name="browser">
+ <policy name="browser-autofill-setting">allowed</policy>
+ <policy name="browser-cookies-setting">allowed</policy>
+ <policy name="force-fraud-warning_setting">allowed</policy>
+ <policy name="javascript-setting">allowed</policy>
+ <policy name="popup-setting">allowed</policy>
</policy-group>
</manifest>
#include "password.hxx"
+#include "policy-helper.h"
#include "auth/user.h"
#include "audit/logger.h"
namespace {
PasswordPolicy::PasswordPolicyQuality qualityType;
-unsigned int minLength;
-unsigned int minComplexCharNumber;
-unsigned int maxAttempts;
-unsigned int validPeriod;
-unsigned int historySize;
-std::string passwordPattern;
-unsigned int maxInactivityTime;
-unsigned int passwdStatus;
-unsigned int maxCharOccurrences;
-unsigned int maxNumSeqLength;
-std::vector<std::string> forbiddenPasswds;
+std::string PasswordPattern;
+std::vector<std::string> ForbiddenStrings;
+
+void SetPasswordPolicy(PolicyControlContext& context, const std::string& name, int value)
+{
+ context.updatePolicy(name, std::to_string(value), "password", name);
+}
+
+int GetPasswordPolicy(PolicyControlContext& context, const std::string& name)
+{
+ return std::stoi(context.getPolicy(name));
+}
int transformValueFromIntToQualityType(const int quality, PasswordPolicy::PasswordPolicyQuality &changed_quality)
{
ctxt.registerNonparametricMethod(this, (int)(PasswordPolicy::getMaximumNumericSequenceLength));
ctxt.registerParametricMethod(this, (int)(PasswordPolicy::setForbiddenStrings)(std::vector<std::string>));
ctxt.registerNonparametricMethod(this, (std::vector<std::string>)(PasswordPolicy::getForbiddenStrings));
+
+ ctxt.createNotification("password");
}
PasswordPolicy::~PasswordPolicy()
auth_passwd_free_policy(p_policy);
+ SetPasswordPolicy(__context, "password-quality", quality);
+
return ret;
}
int PasswordPolicy::getPasswordPolicyQuality()
{
- return qualityType;
+ return GetPasswordPolicy(__context, "password-quality");
}
int PasswordPolicy::setPasswordPolicyMinimumLength(const int value)
{
- int ret = 0;
policy_h *p_policy;
if (auth_passwd_new_policy(&p_policy) != AUTH_PASSWD_API_SUCCESS) {
auth_passwd_free_policy(p_policy);
- minLength = value;
+ SetPasswordPolicy(__context, "password-minimum-length", value);
- return ret;
+ return 0;
}
int PasswordPolicy::getPasswordPolicyMinimumLength()
{
- return minLength;
+ return GetPasswordPolicy(__context, "password-minimum-length");
}
int PasswordPolicy::setMinPasswordPolicyComplexChars(const int value)
{
- int ret = 0;
policy_h *p_policy;
if (auth_passwd_new_policy(&p_policy) != AUTH_PASSWD_API_SUCCESS) {
auth_passwd_free_policy(p_policy);
- minComplexCharNumber = value;
+ SetPasswordPolicy(__context, "password-minimum-complexity", value);
- return ret;
+ return 0;
}
int PasswordPolicy::getMinPasswordPolicyComplexChars()
{
- return minComplexCharNumber;
+ return GetPasswordPolicy(__context, "password-minimum-complexity");
}
int PasswordPolicy::setMaximumFailedPasswordPolicyForWipe(const int value)
{
- int ret = 0;
policy_h *p_policy;
if (auth_passwd_new_policy(&p_policy) != AUTH_PASSWD_API_SUCCESS) {
auth_passwd_free_policy(p_policy);
- maxAttempts = value;
+ SetPasswordPolicy(__context, "password-maximum-failure-count", value);
- return ret;
+ return 0;
}
int PasswordPolicy::getMaximumFailedPasswordPolicyForWipe()
{
- return maxAttempts;
+ return GetPasswordPolicy(__context, "password-maximum-failure-count");
}
int PasswordPolicy::setPasswordPolicyExpires(const int value)
{
- int ret = 0;
policy_h *p_policy;
if (auth_passwd_new_policy(&p_policy) != AUTH_PASSWD_API_SUCCESS) {
auth_passwd_free_policy(p_policy);
- validPeriod = value;
+ SetPasswordPolicy(__context, "password-expired", value);
- return ret;
+ return 0;
}
int PasswordPolicy::getPasswordPolicyExpires()
{
- return validPeriod;
+ return GetPasswordPolicy(__context, "password-expired");
}
int PasswordPolicy::setPasswordPolicyHistory(const int value)
{
- int ret = 0;
policy_h *p_policy;
if (auth_passwd_new_policy(&p_policy) != AUTH_PASSWD_API_SUCCESS) {
auth_passwd_free_policy(p_policy);
- historySize = value;
+ SetPasswordPolicy(__context, "password-history", value);
- return ret;
+ return 0;
}
int PasswordPolicy::getPasswordPolicyHistory()
{
- return historySize;
+ return GetPasswordPolicy(__context, "password-history");
}
int PasswordPolicy::setPasswordPolicyPattern(const std::string& pattern)
auth_passwd_free_policy(p_policy);
- passwordPattern = pattern;
+ PasswordPattern = pattern;
return ret;
}
int PasswordPolicy::setMaxInactivityTimeDeviceLock(const int value)
{
- maxInactivityTime = value;
-
+ SetPasswordPolicy(__context, "password-inactivity-timeout", value);
return 0;
}
int PasswordPolicy::getMaxInactivityTimeDeviceLock()
{
- return maxInactivityTime;
+ return GetPasswordPolicy(__context, "password-inactivity-timeout");
}
int PasswordPolicy::setPasswordPolicyStatus(const int status)
{
- passwdStatus = status;
-
return 0;
}
auth_passwd_free_policy(p_policy);
- passwordPattern.clear();
+ PasswordPattern.clear();
return ret;
}
std::string PasswordPolicy::getPasswordPolicyPattern()
{
- return passwordPattern;
+ return PasswordPattern;
}
int PasswordPolicy::setMaximumCharacterOccurrences(const int value)
auth_passwd_free_policy(p_policy);
- maxCharOccurrences = value;
+ SetPasswordPolicy(__context, "password-maximum-character-occurrences", value);
return ret;
}
int PasswordPolicy::getMaximumCharacterOccurrences()
{
- return maxCharOccurrences;
+ return GetPasswordPolicy(__context, "password-maximum-character-occurrences");
}
int PasswordPolicy::setMaximumNumericSequenceLength(const int value)
auth_passwd_free_policy(p_policy);
- maxNumSeqLength = value;
+ SetPasswordPolicy(__context, "password-numeric-sequences-length", value);
return ret;
}
int PasswordPolicy::getMaximumNumericSequenceLength()
{
- return maxNumSeqLength;
+ return GetPasswordPolicy(__context, "password-numeric-sequences-length");
}
int PasswordPolicy::setForbiddenStrings(const std::vector<std::string>& forbiddenStrings)
auth_passwd_free_policy(p_policy);
- std::copy(forbiddenStrings.begin(), forbiddenStrings.end(), std::back_inserter(forbiddenPasswds));
+ std::copy(forbiddenStrings.begin(), forbiddenStrings.end(), std::back_inserter(ForbiddenStrings));
return ret;
}
std::vector<std::string> PasswordPolicy::getForbiddenStrings()
{
- return forbiddenPasswds;
+ return ForbiddenStrings;
}
PasswordPolicy passwordPolicy(Server::instance());
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __DPM_POLICY_STORAGE_ADAPTOR_H__
+#define __DPM_POLICY_STORAGE_ADAPTOR_H__
+
+#include <string>
+
+#include "policy-context.hxx"
+
+inline bool IsPolicyAllowed(PolicyControlContext& context, const std::string& name)
+{
+ return context.getPolicy(name) == "allowed" ? true : false;
+}
+
+inline bool IsPolicyEnabled(PolicyControlContext& context, const std::string& name)
+{
+ return context.getPolicy(name) == "enabled" ? true : false;
+}
+
+inline void SetPolicyAllowed(PolicyControlContext& context, const std::string& name, bool allow)
+{
+ context.updatePolicy(name, allow ? "allowed" : "disallowed");
+}
+
+inline void SetPolicyEnabled(PolicyControlContext& context, const std::string& name, bool enable)
+{
+ context.updatePolicy(name, enable ? "enabled" : "disabled");
+}
+
+#endif //! __DPM_POLICY_STORAGE_ADAPTOR_H__
data(nullptr)
{
std::string& source = location;
-
if (create) {
struct stat st;
if ((stat(location.c_str(), &st) == -1)) {
}
}
+
data = std::unique_ptr<xml::Document>(xml::Parser::parseFile(source));
}
PolicyStorage::~PolicyStorage()
{
}
+
+PolicyGroupList PolicyStorage::loadAllPolicies()
+{
+ return data->evaluate("/manifest/policy-group/policy");
+}
+
+PolicyData PolicyStorage::getPolicyData(const std::string& name)
+{
+ PolicyGroupList policyList = data->evaluate("/manifest/policy-group/policy[@name='" + name + "']");
+ if (policyList.empty()) {
+ throw runtime::Exception("Invalid parameter");
+ }
+
+ return std::move(policyList[0]);
+}
+
+void PolicyStorage::flush()
+{
+ data->write(location, "UTF-8", true);
+}
#include "xml/document.h"
#include "xml/node.h"
+typedef xml::Node::NodeList PolicyGroupList;
+typedef xml::Node PolicyData;
+
class PolicyStorage {
public:
PolicyStorage(const std::string& path, bool create = true);
-
~PolicyStorage();
PolicyStorage(const PolicyStorage&) = delete;
PolicyStorage& operator=(const PolicyStorage&) = delete;
Policy evaluate(const std::string& expression);
- Policy find(const std::string& name);
+ PolicyData getPolicyData(const std::string& name);
+
+ PolicyGroupList loadAllPolicies();
void flush();
* limitations under the License
*/
-#include "restriction.hxx"
-#include "audit/logger.h"
-
#include <vconf.h>
-namespace DevicePolicyManager
-{
+#include "restriction.hxx"
+#include "policy-helper.h"
+#include "audit/logger.h"
-unsigned int cameraState;
-unsigned int microphoneState;
+namespace DevicePolicyManager {
-RestrictionPolicy::RestrictionPolicy(PolicyControlContext& ctxt)
- : context(ctxt)
+RestrictionPolicy::RestrictionPolicy(PolicyControlContext& ctxt) :
+ context(ctxt)
{
context.registerParametricMethod(this, (int)(RestrictionPolicy::setCameraState)(int));
context.registerNonparametricMethod(this, (int)(RestrictionPolicy::getCameraState));
context.registerNonparametricMethod(this, (bool)(RestrictionPolicy::getWifiHotspotState));
context.createNotification("camera");
-
- cameraState = 1;
- microphoneState = 1;
+ context.createNotification("clipboard");
+ context.createNotification("external-storage");
+ context.createNotification("microphone");
+ context.createNotification("location");
+ context.createNotification("settings-changes");
+ context.createNotification("usb-debugging");
+ context.createNotification("wifi");
+ context.createNotification("wifi-hotspot");
}
RestrictionPolicy::~RestrictionPolicy()
int RestrictionPolicy::setCameraState(int enable)
{
- cameraState = enable;
- if(cameraState == 0)
- context.notify("camera","disallowed");
- else
- context.notify("camera","allowed");
- return 0;
+ SetPolicyAllowed(context, "camera", enable);
+ return 0;
}
int RestrictionPolicy::getCameraState()
{
- return cameraState;
+ return IsPolicyAllowed(context, "camera");
}
int RestrictionPolicy::setMicrophoneState(int enable)
{
- microphoneState = enable;
- return 0;
+ SetPolicyAllowed(context, "microphone", enable);
+ return 0;
}
int RestrictionPolicy::getMicrophoneState()
{
- return microphoneState;
+ return IsPolicyAllowed(context, "microphone");
}
int RestrictionPolicy::setClipboardState(int enable)
{
+ SetPolicyAllowed(context, "clipboard", enable);
return 0;
}
int RestrictionPolicy::getClipboardState()
{
- return true;
+ return IsPolicyAllowed(context, "clipboard");
}
int RestrictionPolicy::setSettingsChangesState(int enable)
{
+ SetPolicyAllowed(context, "settings-changes", enable);
return 0;
}
int RestrictionPolicy::getSettingsChangesState()
{
- return true;
+ return IsPolicyAllowed(context, "settings-changes");
}
int RestrictionPolicy::setUsbDebuggingState(int enable)
{
- INFO("Start Restriction::setUsbDebuggingRestriction");
-
- // if enable is true, restrication will be working (0).
- if (enable == true) {
- if (::vconf_set_int(VCONFKEY_SETAPPL_USB_DEBUG_MODE_BOOL, 0) != 0) {
- ERROR("Failed to set usb debugging mode status");
- return -1;
- }
- } else {
- if (::vconf_set_int(VCONFKEY_SETAPPL_USB_DEBUG_MODE_BOOL, 1) != 0) {
- ERROR("Failed to set usb debugging mode status");
- return -1;
- }
- }
-
+ SetPolicyAllowed(context, "usb-debugging", enable);
return 0;
}
int RestrictionPolicy::getUsbDebuggingState()
{
- int status;
- INFO("Start Restriction::isUsbDebuggingRestricted");
-
- // 0 is restrication true, 1 is restrication false
- if (::vconf_get_int(VCONFKEY_SETAPPL_USB_DEBUG_MODE_BOOL, &status) != 0) {
- ERROR("Failed to get usb debugging mode status");
- return -1;
- }
-
- // How to return for error??
- if (status == 1) {
- return false;
- }
- return true;
+ return IsPolicyAllowed(context, "usb-debugging");
}
int RestrictionPolicy::setExternalStorageState(int enable)
{
+ SetPolicyAllowed(context, "external-storage", enable);
return 0;
}
int RestrictionPolicy::getExternalStorageState()
{
- return 0;
+ return IsPolicyAllowed(context, "external-storage");
}
int RestrictionPolicy::setLocationState(int enable)
{
+ SetPolicyAllowed(context, "location", enable);
return 0;
}
int RestrictionPolicy::getLocationState()
{
- return 0;
+ return IsPolicyAllowed(context, "location");
}
int RestrictionPolicy::setWifiState(bool enable)
{
+ SetPolicyAllowed(context, "wifi", enable);
return 0;
}
bool RestrictionPolicy::getWifiState()
{
+ return IsPolicyAllowed(context, "wifi");
return 0;
}
int RestrictionPolicy::setWifiHotspotState(bool enable)
{
+ SetPolicyAllowed(context, "wifi-hotspot", enable);
return 0;
}
bool RestrictionPolicy::getWifiHotspotState()
{
- return 0;
+ return IsPolicyAllowed(context, "wifi-hotspot");
}
RestrictionPolicy restrictionPolicy(Server::instance());
Server::Server()
{
+ policyStorage.reset(new PolicyStorage("/opt/etc/dpm/policy/PolicyManifest.xml"));
+
service.reset(new rmi::Service(POLICY_MANAGER_ADDRESS));
service->registerParametricMethod(this, (FileDescriptor)(Server::registerNotificationSubscriber)(std::string));
return service->unsubscribeNotification(name, id);
}
+void Server::updatePolicy(const std::string& name, const std::string& value, const std::string& event, const std::string& info)
+{
+ PolicyData data = policyStorage->getPolicyData(name);
+ std::string old = data.getContent();
+ data.setContent(value);
+ if (old != value) {
+ service->notify(event, info);
+ policyStorage->flush();
+ }
+}
+
+void Server::updatePolicy(const std::string& name, const std::string& value)
+{
+ updatePolicy(name, value, name, value);
+}
+
+std::string Server::getPolicy(const std::string& name) const
+{
+ return policyStorage->getPolicyData(name).getContent();
+}
+
Server& Server::instance()
{
static Server _instance_;
#include <string>
#include <memory>
+#include "policy-storage.h"
+
#include "file-descriptor.h"
#include "rmi/service.h"
service->createNotification(name);
}
+ void updatePolicy(const std::string& name, const std::string& value);
+ void updatePolicy(const std::string& name, const std::string& value,
+ const std::string& event, const std::string& info);
+ std::string getPolicy(const std::string& name) const;
+
FileDescriptor registerNotificationSubscriber(const std::string& name);
int unregisterNotificationSubscriber(const std::string& name, int id);
Server();
~Server();
+ std::unique_ptr<PolicyStorage> policyStorage;
std::unique_ptr<rmi::Service> service;
};
#include "storage.hxx"
+#include "policy-helper.h"
+
#include "exception.h"
#include "process.h"
#include "filesystem.h"
StoragePolicy::StoragePolicy(PolicyControlContext& ctx) :
context(ctx)
{
- context.registerParametricMethod(this, (int)(StoragePolicy::setExternalStorageState)(int));
- context.registerNonparametricMethod(this, (int)(StoragePolicy::getExternalStorageState));
context.registerParametricMethod(this, (int)(StoragePolicy::wipeData)(int));
}
{
}
-int StoragePolicy::setExternalStorageState(int enable)
-{
- INFO("Start StoragePolicy::setUsbMassStorageState");
- return 0;
-}
-
-int StoragePolicy::getExternalStorageState()
-{
- INFO("Start StoragePolicy::getUsbMassStorageState");
- return true;
-}
-
int StoragePolicy::wipeData(int id)
{
int ret = 0;
#include <wifi.h>
#include "wifi.hxx"
+
+#include "policy-helper.h"
+
#include "app-bundle.h"
#include "syspopup.h"
#include "audit/logger.h"
context.registerNonparametricMethod(this, (bool)(WifiPolicy::isNetworkAccessRestricted));
context.registerParametricMethod(this, (int)(WifiPolicy::addSsidToBlocklist)(std::string));
context.registerParametricMethod(this, (int)(WifiPolicy::removeSsidFromBlocklist)(std::string));
+
+ context.createNotification("wifi-setting-changes");
+ context.createNotification("wifi-ssid-restriction");
}
WifiPolicy::~WifiPolicy()
int WifiPolicy::allowSettingsChange(bool enable)
{
- return -1;
+ SetPolicyAllowed(context, "wifi-setting-changes", enable);
+ return 0;
}
bool WifiPolicy::isSettingsChangeAllowed(void)
{
- return true;
+ return IsPolicyAllowed(context, "wifi-setting-changes");
}
int WifiPolicy::setNetworkAccessRestriction(bool enable)
{
- return -1;
+ SetPolicyEnabled(context, "wifi-ssid-restriction", enable);
+ return 0;
}
bool WifiPolicy::isNetworkAccessRestricted(void)
{
- return true;
+ return IsPolicyEnabled(context, "wifi-ssid-restriction");
}
int WifiPolicy::addSsidToBlocklist(const std::string& ssid)
projects / platform / core / security / device-policy-manager.git / commitdiff