From: Sangwan Kwon Date: Mon, 18 Nov 2019 06:55:04 +0000 (+0900) Subject: Add archive type to policy-value as buffer X-Git-Tag: submit/tizen/20200810.073515~158 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=0ff375ce211ead9b4d9459bb95a04f7cf09a4391;p=platform%2Fcore%2Fsecurity%2Fvist.git Add archive type to policy-value as buffer This is for supporting Generic Value Type. Signed-off-by: Sangwan Kwon --- diff --git a/src/osquery/CMakeLists.txt b/src/osquery/CMakeLists.txt index 90e7f9a..7cdc268 100644 --- a/src/osquery/CMakeLists.txt +++ b/src/osquery/CMakeLists.txt @@ -68,7 +68,8 @@ ADD_LIBRARY(${TARGET_OSQUERY_LIB} TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${${TARGET_OSQUERY_LIB}_DEPS}) IF(DEFINED GBS_BUILD) -TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${TARGET_VIST_POLICY_LIB}) +TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${TARGET_VIST_COMMON_LIB} + ${TARGET_VIST_POLICY_LIB}) ENDIF(DEFINED GBS_BUILD) SET_TARGET_PROPERTIES(${TARGET_OSQUERY_LIB} PROPERTIES OUTPUT_NAME ${TARGET_OSQUERY_LIB}) diff --git a/src/osquery/tables/tizen/policy.cpp b/src/osquery/tables/tizen/policy.cpp index e2473f9..e29a5ce 100644 --- a/src/osquery/tables/tizen/policy.cpp +++ b/src/osquery/tables/tizen/policy.cpp @@ -35,19 +35,22 @@ QueryData genPolicy(QueryContext& context) try { auto names = context.constraints["name"].getAll(EQUALS); for (const auto& name : names) { auto ret = vist::policy::API::Get(name); + int value = ret; Row r; r["name"] = TEXT(name); - r["value"] = TEXT(ret.value); + r["value"] = TEXT(value); results.emplace_back(std::move(r)); } } else { /// select *; auto policies = vist::policy::API::GetAll(); for (auto& policy : policies) { + int value = policy.second; + Row r; r["name"] = TEXT(policy.first); - r["value"] = TEXT(policy.second); + r["value"] = TEXT(value); results.emplace_back(std::move(r)); } diff --git a/src/vist/archive.hpp b/src/vist/archive.hpp index 3d72296..f1d525a 100644 --- a/src/vist/archive.hpp +++ b/src/vist/archive.hpp @@ -42,10 +42,8 @@ using IsFundamental = typename std::enable_if::value, int template using IsArchival = typename std::enable_if::value, int>::type; -class Archive { +class Archive final { public: - virtual ~Archive() = default; - template void pack(const Front& front, const Rest&... rest); inline void pack(void) {} diff --git a/src/vist/policy/policy-manager.cpp b/src/vist/policy/policy-manager.cpp index 6fbda6f..5c66701 100644 --- a/src/vist/policy/policy-manager.cpp +++ b/src/vist/policy/policy-manager.cpp @@ -86,7 +86,8 @@ int PolicyManager::loadPolicies() /// Check the policy is defined on policy-storage if (!storage.exists(pair.first)) { INFO(VIST) << "Define policy: " << pair.first; - storage.define(pair.first, pair.second->getInitial().value); + int value = pair.second->getInitial(); + storage.define(pair.first, value); changed = true; } } diff --git a/src/vist/policy/policy-storage.cpp b/src/vist/policy/policy-storage.cpp index 596d361..22fb7f3 100644 --- a/src/vist/policy/policy-storage.cpp +++ b/src/vist/policy/policy-storage.cpp @@ -199,8 +199,9 @@ void PolicyStorage::update(const std::string& admin, const std::string& policy, const PolicyValue& value) { + int policyValue = value; DEBUG(VIST) << "Policy-update is called by admin: " << admin - << ", about: " << policy << ", value: " << std::to_string(value); + << ", about: " << policy << ", value: " << policyValue; if (std::find(admins.begin(), admins.end(), admin) == admins.end()) THROW(ErrCode::LogicError) << "Not exist admin: " << admin; @@ -208,7 +209,6 @@ void PolicyStorage::update(const std::string& admin, if (definitions.find(policy) == definitions.end()) THROW(ErrCode::LogicError) << "Not exist policy: " << policy; - int policyValue = value; std::string query = polActivatedTable.update(&PolicyActivated::value) .where(expr(&PolicyActivated::admin) == admin && expr(&PolicyActivated::policy) == policy); @@ -235,22 +235,26 @@ PolicyValue PolicyStorage::strictest(const std::string& policy) std::shared_ptr strictestPtr = nullptr; auto range = activatedPolicies.equal_range(policy); for (auto iter = range.first; iter != range.second; iter++) { + int value = iter->second.value; DEBUG(VIST) << "Admin: " << iter->second.admin << ", " << "Policy: " << iter->second.policy << ", " - << "Value: " << std::to_string(iter->second.value); + << "Value: " << value; - int value = iter->second.value; - if (strictestPtr == nullptr) + if (strictestPtr == nullptr) { strictestPtr = std::make_shared(value); - else - strictestPtr->value = (strictestPtr->value > value) ? strictestPtr->value : value; + } else { + int strictestValue = *strictestPtr; + if (strictestValue < value) + strictestPtr.reset(new PolicyValue(value)); + } } if (strictestPtr == nullptr) THROW(ErrCode::RuntimeError) << "Not exist managed policy: " << policy; + int strictestValue = *strictestPtr; DEBUG(VIST) << "The strictest value of [" << policy - << "] is " << std::to_string(strictestPtr->value); + << "] is " << strictestValue; return std::move(*strictestPtr); } diff --git a/src/vist/policy/tests/core.cpp b/src/vist/policy/tests/core.cpp index 0a764d9..0c0a416 100644 --- a/src/vist/policy/tests/core.cpp +++ b/src/vist/policy/tests/core.cpp @@ -36,14 +36,14 @@ TEST_F(PolicyCoreTests, policy_set_get) { manager.set("bluetooth", PolicyValue(5), "testAdmin"); auto policy = manager.get("bluetooth"); - EXPECT_EQ(policy.value, 5); + EXPECT_EQ((int)policy, 5); manager.enroll("testAdmin1"); manager.set("bluetooth", PolicyValue(10), "testAdmin1"); /// Manager should return the strongest policy. policy = manager.get("bluetooth"); - EXPECT_EQ(policy.value, 10); + EXPECT_EQ((int)policy, 10); manager.disenroll("testAdmin"); manager.disenroll("testAdmin1"); diff --git a/src/vist/policy/tests/storage.cpp b/src/vist/policy/tests/storage.cpp index 0268055..58d9a1f 100644 --- a/src/vist/policy/tests/storage.cpp +++ b/src/vist/policy/tests/storage.cpp @@ -118,7 +118,7 @@ TEST_F(PolicyStorageTests, strictest) EXPECT_TRUE(isRaised); auto policy = storage->strictest("bluetooth"); - EXPECT_EQ(policy.value, 6); + EXPECT_EQ((int)policy, 6); storage->disenroll("testAdmin0"); storage->disenroll("testAdmin1"); diff --git a/src/vist/sdk/policy-model.hpp b/src/vist/sdk/policy-model.hpp index 2194953..4cfbb53 100644 --- a/src/vist/sdk/policy-model.hpp +++ b/src/vist/sdk/policy-model.hpp @@ -38,17 +38,14 @@ public: inline void set(const PolicyValue& value) { - auto rollback = current; - current = value; - ready = true; - try { this->onChanged(value); } catch (const std::exception& e) { - current = rollback; - ready = false; std::rethrow_exception(std::current_exception()); } + + this->current = value; + this->ready = true; } inline const PolicyValue& get() const @@ -62,7 +59,7 @@ public: virtual void onChanged(const PolicyValue& value) = 0; const std::string& getName() const noexcept { return name; } - const PolicyValue& getInitial() const noexcept { return initial; } + PolicyValue& getInitial() noexcept { return initial; } protected: std::string name; diff --git a/src/vist/sdk/policy-value.hpp b/src/vist/sdk/policy-value.hpp index e1b2464..75f895c 100644 --- a/src/vist/sdk/policy-value.hpp +++ b/src/vist/sdk/policy-value.hpp @@ -16,32 +16,66 @@ #pragma once +#include + +#include + namespace vist { namespace policy { // TODO: Support various value type struct PolicyValue final { - explicit PolicyValue(int value) noexcept : value(value) {} + enum class Type { + Integer, + String, + None + }; + + explicit PolicyValue(int value) : type(Type::Integer) + { + this->buffer << value; + } + + explicit PolicyValue(const std::string& value) : type(Type::String) + { + this->buffer << value; + } + explicit PolicyValue() noexcept = default; ~PolicyValue() = default; - PolicyValue(const PolicyValue&) noexcept = default; - PolicyValue& operator=(const PolicyValue&) noexcept = default; + PolicyValue(const PolicyValue&) = default; + PolicyValue& operator=(const PolicyValue&) = default; PolicyValue(PolicyValue&&) noexcept = default; PolicyValue& operator=(PolicyValue&&) noexcept = default; - PolicyValue& operator=(int val) { - value = val; - return *this; + inline Type getType() const noexcept + { + return this->type; + } + + operator int() const + { + auto clone = this->buffer; + int out; + clone >> out; + + return out; } - operator int() const { return value; } - bool operator==(const PolicyValue& rhs) const { return value == rhs.value; } - bool operator!=(const PolicyValue& rhs) const { return value != rhs.value; } - bool operator<(const PolicyValue& rhs) const { return value < rhs.value; } + operator std::string() const + { + auto clone = this->buffer; + std::string out; + clone >> out; + + return out; + } - int value = -1; +private: + Archive buffer; + Type type = Type::None; }; } // namespace policy diff --git a/src/vist/sdk/tests/sdk.cpp b/src/vist/sdk/tests/sdk.cpp index d6773b3..2c8942b 100644 --- a/src/vist/sdk/tests/sdk.cpp +++ b/src/vist/sdk/tests/sdk.cpp @@ -27,8 +27,6 @@ namespace { using namespace vist::policy; -class PolicySDKTests : public testing::Test {}; - class TestPolicyModel : public PolicyModel { public: TestPolicyModel() : PolicyModel("test_policy", PolicyValue(1)) {} @@ -49,7 +47,21 @@ public: } }; -TEST_F(PolicySDKTests, policy_model) +TEST(PolicySDKTests, policy_value_int) +{ + PolicyValue value(1); + EXPECT_EQ(PolicyValue::Type::Integer, value.getType()); + EXPECT_EQ((int)value, 1); +} + +TEST(PolicySDKTests, policy_value_string) +{ + PolicyValue value(std::string("text")); + EXPECT_EQ(PolicyValue::Type::String, value.getType()); + EXPECT_EQ((std::string)value, "text"); +} + +TEST(PolicySDKTests, policy_model) { TestPolicyModel policy; @@ -71,7 +83,7 @@ TEST_F(PolicySDKTests, policy_model) EXPECT_EQ(3, policy.get()); } -TEST_F(PolicySDKTests, policy_model_failed) +TEST(PolicySDKTests, policy_model_failed) { TestPolicyModelFailed policy; @@ -88,7 +100,7 @@ TEST_F(PolicySDKTests, policy_model_failed) EXPECT_TRUE(isRaised); } -TEST_F(PolicySDKTests, policy_provider) +TEST(PolicySDKTests, policy_provider) { PolicyProvider provider("testProvider"); provider.add(std::make_shared());