const Cynara::PolicyType ALLOW_PER_SESSION = 12;
// This one will never reach client, but will be interpreted in service plugin
const Cynara::PolicyType ALLOW_PER_LIFE = 13;
+
+const Cynara::PolicyType DENY_ONCE = 14;
+const Cynara::PolicyType DENY_PER_SESSION = 15;
+// This one will never reach client, but will be interpreted in service plugin
+const Cynara::PolicyType DENY_PER_LIFE = 16;
} //namespace Client
} //namespace SupportedTypes
namespace AskUser {
const std::vector<PolicyType> clientTypes = {
SupportedTypes::Client::ALLOW_ONCE,
- SupportedTypes::Client::ALLOW_PER_SESSION
+ SupportedTypes::Client::ALLOW_PER_SESSION,
+
+ SupportedTypes::Client::DENY_ONCE,
+ SupportedTypes::Client::DENY_PER_SESSION
};
class ClientPlugin : public ClientPluginInterface {
}
bool isCacheable(const ClientSession &session UNUSED, const PolicyResult &result) {
- return (result.policyType() == SupportedTypes::Client::ALLOW_PER_SESSION);
+ return (result.policyType() == SupportedTypes::Client::ALLOW_PER_SESSION
+ || result.policyType() == SupportedTypes::Client::DENY_PER_SESSION);
}
bool isUsable(const ClientSession &session,
{
updateSession = false;
- if (result.policyType() == SupportedTypes::Client::ALLOW_PER_SESSION) {
+ switch (result.policyType()) {
+ case SupportedTypes::Client::ALLOW_PER_SESSION:
+ case SupportedTypes::Client::DENY_PER_SESSION:
if (session == prevSession) {
return true;
}
LOGD("Previous session <" << prevSession << "> does not match current session <"
<< session << ">");
return false;
+ default:
+ return false;
}
-
- return false;
}
void invalidate() {}
case SupportedTypes::Client::ALLOW_ONCE:
case SupportedTypes::Client::ALLOW_PER_SESSION:
return CYNARA_API_ACCESS_ALLOWED;
+ default:
+ return CYNARA_API_ACCESS_DENIED;
}
- return CYNARA_API_ACCESS_DENIED;
}
};
requiredAgent = AgentType(SupportedTypes::Agent::AgentType);
return PluginStatus::ANSWER_NOTREADY;
}
-
- result = PolicyResult(PredefinedPolicyType::ALLOW);
+ if (result.policyType() == SupportedTypes::Client::ALLOW_PER_LIFE)
+ result = PolicyResult(PredefinedPolicyType::ALLOW);
+ else
+ result = PolicyResult(PredefinedPolicyType::DENY);
return PluginStatus::ANSWER_READY;
} catch (const Translator::TranslateErrorException &e) {
LOGE("Error translating request to data : " << e.what());
try {
PolicyType resultType = Translator::Plugin::dataToAnswer(agentData);
result = PolicyResult(resultType);
+
if (resultType == SupportedTypes::Client::ALLOW_PER_LIFE) {
m_cache.update(Key(client, user, privilege), PolicyResult(resultType));
result = PolicyResult(PredefinedPolicyType::ALLOW);
+ } else if (resultType == SupportedTypes::Client::DENY_PER_LIFE) {
+ m_cache.update(Key(client, user, privilege), PolicyResult(resultType));
+ result = PolicyResult(PredefinedPolicyType::DENY);
}
return PluginStatus::SUCCESS;
projects / platform / core / security / askuser.git / commitdiff