From: i.metelytsia Date: Fri, 19 May 2017 10:45:19 +0000 (+0300) Subject: nmdaemon updated. Policy receive logic implemented. X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=57441e06dc6eac04707bf75f279e084887c3f630;p=platform%2Fcore%2Fsecurity%2Fsuspicious-activity-monitor.git nmdaemon updated. Policy receive logic implemented. --- diff --git a/device_core/iotivity_lib/IoT/IOT_PolicyResource.cpp b/device_core/iotivity_lib/IoT/IOT_PolicyResource.cpp index ad811a5..2054626 100644 --- a/device_core/iotivity_lib/IoT/IOT_PolicyResource.cpp +++ b/device_core/iotivity_lib/IoT/IOT_PolicyResource.cpp @@ -12,8 +12,8 @@ using namespace OC; /*******************************************************/ /*******************************************************/ -IOT_PolicyResource::IOT_PolicyResource(const std::string& _uri, const std::vector& _types, const std::vector& _interfaces) : - IOT_Resource(_uri, _types, _interfaces), m_policy("") +IOT_PolicyResource::IOT_PolicyResource(const std::string& _uri, const std::vector& _types, const std::vector& _interfaces, PolicyResourcePostCallback _post_handler) : + IOT_Resource(_uri, _types, _interfaces), m_post_handler(_post_handler), m_policy("") { m_representation.setValue("policy", m_policy); } @@ -57,7 +57,8 @@ IOT_PolicyResource::IOT_PolicyResource(const std::string& _uri, const std::vecto else if(rt == "POST") { OCRepresentation rep = _request->getResourceRepresentation(); - printRepresentation(rep); + + m_post_handler(rep); setRepresentation(rep); if(sendRepresentation(_request) == OC_STACK_OK) diff --git a/device_core/iotivity_lib/IoT/IOT_PolicyResource.h b/device_core/iotivity_lib/IoT/IOT_PolicyResource.h index 400e68a..b822d98 100644 --- a/device_core/iotivity_lib/IoT/IOT_PolicyResource.h +++ b/device_core/iotivity_lib/IoT/IOT_PolicyResource.h @@ -15,38 +15,41 @@ using namespace OC; /*******************************************************/ /*******************************************************/ -class IOT_Policy final +class IOT_PolicyItem final { public: - IOT_Policy(const std::string& _name = "", const std::string& _state = "", const std::vector& _items = std::vector{}) : + IOT_PolicyItem(const std::string& _name = "", const std::string& _state = "", const std::vector& _items = std::vector{}) : m_name(_name), m_state(_state), m_items(_items) { } - IOT_Policy(const IOT_Policy& _obj) = default; + IOT_PolicyItem(const IOT_PolicyItem& _obj) = default; - ~IOT_Policy() = default; + ~IOT_PolicyItem() = default; - IOT_Policy& operator=(const IOT_Policy& _obj) = default; + IOT_PolicyItem& operator=(const IOT_PolicyItem& _obj) = default; - friend std::ostream& operator<<(std::ostream& _os, const IOT_Policy& _obj) + friend std::ostream& operator<<(std::ostream& _os, const IOT_PolicyItem& _obj) { - _os << makePolicy(_obj.m_name, _obj.m_state, _obj.m_items); + _os << makePolicyItem(_obj.m_name, _obj.m_state, _obj.m_items); return _os; } - static std::string makePolicy(const std::string& _name, const std::string& _state, const std::vector& _items = std::vector{}) + static std::string makePolicyItem(const std::string& _name = "", const std::string& _state = "", const std::vector& _items = std::vector{}) { std::ostringstream oss; - oss << "\n\t{\n\t\t\"name\": \"" << _name << "\","; - oss << "\n\t\t\"state\": \"" << _state << "\","; - oss << "\n\t\t\"items\":"; - oss << "\n\t\t["; + oss << "\t\t\t{\n"; + oss << "\t\t\t\t\"name\": \"" << _name << "\",\n"; + oss << "\t\t\t\t\"state\": \"" << _state << "\",\n"; + oss << "\t\t\t\t\"items\":\n"; + oss << "\t\t\t\t[\n"; for(auto it : _items) - oss << "\n\t\t\t" << it << ","; - oss << "\n\t\t]\n\t}"; + oss << "\t\t\t\t\t\"" << it << "\",\n"; + oss << "\t\t\t\t]\n"; + oss << "\t\t\t},\n"; return oss.str(); } +private: std::string m_name; std::string m_state; std::vector m_items; @@ -54,10 +57,89 @@ public: /*******************************************************/ /*******************************************************/ +class IOT_PolicyGroup final +{ +public: + IOT_PolicyGroup(const std::string& _name = "", const std::vector& _items = std::vector{}) : + m_name(_name), m_items(_items) + { + } + IOT_PolicyGroup(const IOT_PolicyGroup& _obj) = default; + + ~IOT_PolicyGroup() = default; + + IOT_PolicyGroup& operator=(const IOT_PolicyGroup& _obj) = default; + + friend std::ostream& operator<<(std::ostream& _os, const IOT_PolicyGroup& _obj) + { + _os << makePolicyGroup(_obj.m_name, _obj.m_items); + return _os; + } + + static std::string makePolicyGroup(const std::string& _name = "", const std::vector& _items = std::vector{}) + { + std::ostringstream oss; + oss << "\t{\n"; + oss << "\t\t\"group\": \"" << _name << "\",\n"; + oss << "\t\t\"policies\":\n"; + oss << "\t\t[\n"; + for(auto it : _items) + oss << it; + oss << "\t\t]\n"; + oss << "\t},\n"; + return oss.str(); + } + +private: + std::string m_name; + std::vector m_items; +}; + +/*******************************************************/ +/*******************************************************/ +class IOT_Policy final +{ +public: + IOT_Policy(const std::vector& _groups = std::vector{}) : + m_groups(_groups) + { + } + IOT_Policy(const IOT_Policy& _obj) = default; + + ~IOT_Policy() = default; + + IOT_Policy& operator=(const IOT_Policy& _obj) = default; + + friend std::ostream& operator<<(std::ostream& _os, const IOT_Policy& _obj) + { + _os << makePolicy(_obj.m_groups); + return _os; + } + + static std::string makePolicy(const std::vector& _groups = std::vector{}) + { + std::ostringstream oss; + oss << "[\n"; + for(auto it : _groups) + oss << it; + oss << "]\n"; + return oss.str(); + } + +private: + std::vector m_groups; +}; + +/*******************************************************/ +/*******************************************************/ +typedef std::function PolicyResourcePostCallback; + +/*******************************************************/ +/*******************************************************/ class IOT_PolicyResource : public IOT_Resource { public: - IOT_PolicyResource(const std::string& _uri, const std::vector& _types, const std::vector& _interfaces); + IOT_PolicyResource(const std::string& _uri, const std::vector& _types, const std::vector& _interfaces, PolicyResourcePostCallback _post_handler); IOT_PolicyResource(const IOT_PolicyResource& _obj) = default; virtual ~IOT_PolicyResource() = default; @@ -71,6 +153,7 @@ public: friend std::ostream& operator<<(std::ostream& _os, const IOT_PolicyResource& _obj); private: + PolicyResourcePostCallback m_post_handler; std::string m_policy; }; diff --git a/device_core/iotivity_lib/IoT/IOT_ReportResource.h b/device_core/iotivity_lib/IoT/IOT_ReportResource.h index 74d74d2..d35fd5f 100644 --- a/device_core/iotivity_lib/IoT/IOT_ReportResource.h +++ b/device_core/iotivity_lib/IoT/IOT_ReportResource.h @@ -48,7 +48,7 @@ public: static std::string makeReport(const std::string& _id, const std::string& _time, const std::string& _name, int _result, const std::string& _data) { std::ostringstream oss; - oss << "\n\t{\n\t\t\"id\": \"" << _id << "\","; + oss << "\n\t{\n\t\t\"did\": \"" << _id << "\","; oss << "\n\t\t\"date\": \"" << _time << "\","; oss << "\n\t\t\"name\": \"" << _name << "\","; oss << "\n\t\t\"result\": " << _result << ","; diff --git a/device_core/iotivity_lib/IoT/IOT_Resource.cpp b/device_core/iotivity_lib/IoT/IOT_Resource.cpp index 08bcab4..670cd8e 100644 --- a/device_core/iotivity_lib/IoT/IOT_Resource.cpp +++ b/device_core/iotivity_lib/IoT/IOT_Resource.cpp @@ -254,11 +254,22 @@ OCStackResult IOT_Resource::publishResource(ResourceHandles& _handles, const std /*******************************************************/ /*******************************************************/ -/*static*/ void IOT_Resource::printRepresentation(OCRepresentation _rep) +/*static*/ std::string IOT_Resource::representationToString(const OCRepresentation& _rep) +{ + std::ostringstream oss; + for(auto it = _rep.begin(); it != _rep.end(); ++it) + oss << it->getValueToString(); + return oss.str(); +} + +/*******************************************************/ +/*******************************************************/ +/*static*/ void IOT_Resource::printRepresentation(const OCRepresentation &_rep) { for(auto itr = _rep.begin(); itr != _rep.end(); ++itr) { std::cout << "\t" << itr->attrname() << ":\t" << itr->getValueToString() << std::endl; + if(itr->type() == AttributeType::Vector) { switch (itr->base_type()) diff --git a/device_core/iotivity_lib/IoT/IOT_Resource.h b/device_core/iotivity_lib/IoT/IOT_Resource.h index 013667c..5eb7a71 100644 --- a/device_core/iotivity_lib/IoT/IOT_Resource.h +++ b/device_core/iotivity_lib/IoT/IOT_Resource.h @@ -70,7 +70,9 @@ public: static OCStackResult post(const std::shared_ptr _resource, const std::string& _type, const std::string& _interface, const OCRepresentation& _representation, const QueryParamsMap& _query_params); - static void printRepresentation(OCRepresentation _rep); + static std::string representationToString(const OCRepresentation& _rep); + + static void printRepresentation(const OCRepresentation& _rep); protected: OCResourceHandle m_handle; diff --git a/device_core/nmdaemon/CMakeLists.txt b/device_core/nmdaemon/CMakeLists.txt index 8d0070c..b3c3a74 100644 --- a/device_core/nmdaemon/CMakeLists.txt +++ b/device_core/nmdaemon/CMakeLists.txt @@ -8,13 +8,15 @@ include_directories( ../iotivity_lib/IoT ../agent_lib/inc ../agent_lib/rmi/inc -) + dpm ) file(GLOB IOT_SOURCES ../iotivity_lib/IoT/*.cpp) +file(GLOB DPM_SOURCES dpm/*.cpp) file(GLOB NMDAEMON_SOURCES *.cpp) SET (SOURCES ${IOT_SOURCES} + ${DPM_SOURCES} ${NMDAEMON_SOURCES} ) @@ -26,6 +28,7 @@ target_link_libraries (${PROJECT_NAME} c_common oc octbstack oc_logger resource_directory connectivity_abstraction ESEnrolleeSDK ${AGENT_LIB_PROJECT_NAME} + jsoncpp ) if (NOT "${FLAVOR}" STREQUAL "UBUNTU") diff --git a/device_core/nmdaemon/dpm/iot_i_policy_group_enforce.h b/device_core/nmdaemon/dpm/iot_i_policy_group_enforce.h new file mode 100644 index 0000000..824239e --- /dev/null +++ b/device_core/nmdaemon/dpm/iot_i_policy_group_enforce.h @@ -0,0 +1,78 @@ +/** + @file iot_i_policy_group_enforce.h + @brief Interface for implementation of parsing and applying of each policy group + @author Aleksey Volkov (a.volkov@samsung.com) + @date Created May 10, 2017 + @par In Samsung Ukraine R&D Center (SRK) under a contract between + @par LLC "Samsung Electronics Ukraine Company" (Kyiv, Ukraine) + @par and "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + @par Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved. +**/ + + +#ifndef IPOLICY_GRP_ENF_H +#define IPOLICY_GRP_ENF_H + +#include +#include + + +namespace iot +{ +namespace core +{ + +/** + * @typedef PolicyGroupList + * @brief List type for parsed policy groups nodes + */ +//typedef xml::Node::NodeList PolicyGroupList; + +/** + * @interface IPolicyGroupApplier + * @brief interface for policy group applier instances. Each policy group should have own applier implementation. + * Used by PolicyApplier class + * @see PolicyApplier + */ +class IPolicyGroupEnforce +{ + +public: + virtual ~IPolicyGroupEnforce(){}; /**< Destructor */ + + /** + * @brief Init function. Used to init context of related module of policy group + * @param[in] PolicyContext instance + * @return bool. True in case of success, false otherwise + */ + virtual bool Init() = 0; + + + /** + * @brief De-Init function. Used to close context of related module of policy group + */ + virtual void Deinit() = 0; + + + /** + * @brief Parse and apply policies related to policy group. + * @param[in] List of parsed nodes of group policy + * @return bool. True in case of success, false otherwise + */ + virtual bool ParseGroup(Json::Value&) = 0; +}; + + +/** + * @typedef IPolicyGroupApplierPtr + * @brief Pointer type of IPolicyGroupApplier interface object instance + */ +typedef IPolicyGroupEnforce* IPolicyGroupEnforcePtr; + + +} //namespace core +} //namespace iot + + + +#endif //IPOLICY_GRP_APPL_H diff --git a/device_core/nmdaemon/dpm/iot_policy_enforce.cpp b/device_core/nmdaemon/dpm/iot_policy_enforce.cpp new file mode 100644 index 0000000..84d5c21 --- /dev/null +++ b/device_core/nmdaemon/dpm/iot_policy_enforce.cpp @@ -0,0 +1,114 @@ +/** + @file tdm_policy_applier.cpp + @brief Tdm policy applying implementation + @author Aleksey Volkov (a.volkov@samsung.com) + @date Created Jul 01, 2016 + @par In Samsung Ukraine R&D Center (SRK) under a contract between + @par LLC "Samsung Electronics Ukraine Company" (Kyiv, Ukraine) + @par and "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + @par Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved. +**/ + +#include "iot_policy_enforce.h" + +//#include "tpm_context.h" + +#include "log.h" +#include + + + +namespace iot +{ +namespace core +{ + +PolicyEnforce::PolicyEnforce() +: m_policyGroups() +/*, m_context()*/ +{ +} + +PolicyEnforce::Result +PolicyEnforce::ParsePolicy(const std::string& jsonString) +{ + if (jsonString.empty()) + { + return Result::ERROR_PARSING; //TODO + } + + Json::Value policyGroupList; + Json::Reader reader; + + bool parsingSuccessful = reader.parse( jsonString.c_str(), policyGroupList ); + + if ( !parsingSuccessful || policyGroupList.empty() ) + { + return Result::ERROR_PARSING; //TODO + } + + Result result = Result::SUCCESS; + + for (auto & node : policyGroupList) + { + std::string groupName = node.get("group", "").asString(); + + if (groupName.empty()) + { + LOG_ERR("No group node in class"); + return Result::ERROR_PARSING; + } + + PolicyGroupMap::iterator it = m_policyGroups.find(groupName); + + if (it == m_policyGroups.end()) + { + //FIXME Set error if error was occured + continue; //TODO + } + + IPolicyGroupEnforce& groupEnforce = *(it->second); + + if (!groupEnforce.Init(/*m_context*/)) + { + result = Result::ERROR_GROUP; + continue; //TODO + } + + Json::Value policiesList = node.get("policies", ""); + + if(policiesList.empty()) + { + LOG_ERR("No group node in class"); + return Result::ERROR_PARSING; + } + + if (!groupEnforce.ParseGroup(policiesList)) + { + LOG_ERR("Failed to apply policy group: %s", groupName.c_str()); + result = Result::ERROR_GROUP; + } + + groupEnforce.Deinit(); + } + + return result; +} + +PolicyEnforce& PolicyEnforce::GetInstance() +{ + static PolicyEnforce policyEnforce; + + return policyEnforce; +} + +void PolicyEnforce::RegisterGroup(IPolicyGroupEnforcePtr groupEnforce, const std::string& groupName) +{ + m_policyGroups[groupName] = groupEnforce; +} + +} //namespace core +} //namespace iot + + + diff --git a/device_core/nmdaemon/dpm/iot_policy_enforce.h b/device_core/nmdaemon/dpm/iot_policy_enforce.h new file mode 100644 index 0000000..3ca5e4b --- /dev/null +++ b/device_core/nmdaemon/dpm/iot_policy_enforce.h @@ -0,0 +1,86 @@ +/** + @file tdm_policy_applier.h + @brief Tdm policy applying API + @author Aleksey Volkov (a.volkov@samsung.com) + @date Created Jul 01, 2016 + @par In Samsung Ukraine R&D Center (SRK) under a contract between + @par LLC "Samsung Electronics Ukraine Company" (Kyiv, Ukraine) + @par and "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + @par Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved. +**/ + + +#ifndef POLICY_ENF_H +#define POLICY_ENF_H + +#include +#include + +//#include "tpm_context.h" +#include "iot_i_policy_group_enforce.h" + + +namespace iot +{ +namespace core +{ + +typedef std::map PolicyGroupMap; + +/** + * @class PolicyApplier + * @brief Parses Policy Config xml string and apply policy groups to related parsers + */ +class PolicyEnforce +{ +public: + + /** + * @enum class Result + * @brief Return enum type for PolicyApplier errors and policy group appliers + */ + enum class Result + { + SUCCESS = 0, /**< Success result */ + ERROR_PARSING, /**< json data parsing error */ + ERROR_DPM, /**< Error recived from DPM modules */ + ERROR_GROUP + }; + +public: + + /** + * @brief Singleton instance recieving method + * @return Link to PolicyApplier instance + */ + static PolicyEnforce& GetInstance(); + + /** + * @brief Register policy group applier object instance for defined policy group + * @param[in] Pointer applier object instance + * @param[in] Name of policy group + */ + void RegisterGroup(IPolicyGroupEnforcePtr, const std::string& groupName); + + /** + * @brief Parse XML string policy and apply policy group nodes to related policy group appliers instances + * @param[in] XML string with Policy configuration + */ + Result ParsePolicy(const std::string&); +private: + PolicyEnforce(); /**< Default constructor */ + PolicyEnforce(const PolicyEnforce&) = delete; /**< Copy constructor */ + PolicyEnforce& operator = (const PolicyEnforce&) = delete; /**< = operator copy constructor*/ + +private: + PolicyGroupMap m_policyGroups; /**< Map of policy group appliers instances */ +// PolicyContext m_context; /**< TPM and TSM context holder */ + +}; + +} //namespace core +} //namespace iot + + + +#endif //POLICY_ENF_H diff --git a/device_core/nmdaemon/dpm/iot_tvext_enforce.cpp b/device_core/nmdaemon/dpm/iot_tvext_enforce.cpp new file mode 100644 index 0000000..498d67f --- /dev/null +++ b/device_core/nmdaemon/dpm/iot_tvext_enforce.cpp @@ -0,0 +1,102 @@ +/** + @file tdm_tvext_applier.cpp + @brief Implementation for tvext policy group applier + @author Aleksey Volkov (a.volkov@samsung.com) + @date Created Jul 05, 2016 + @par In Samsung Ukraine R&D Center (SRK) under a contract between + @par LLC "Samsung Electronics Ukraine Company" (Kyiv, Ukraine) + @par and "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + @par Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved. +**/ + + +#include "iot_tvext_enforce.h" + +#include "log.h" + + +namespace iot +{ +namespace core +{ + +TvExtPolicyEnforce::TvExtPolicyEnforce(PolicyEnforce& enforce) + : /*m_policy(nullptr), m_context(nullptr),*/ m_enforce(enforce) +{ + LOG_DBG("Register tvext policy enforce class"); + m_enforce.RegisterGroup(static_cast(this), std::string("tv-extension")); +} + +TvExtPolicyEnforce::~TvExtPolicyEnforce() +{ +} + +bool TvExtPolicyEnforce::Init(/*PolicyContext& context*/) +{ + LOG_DBG("Init tvext policy applier"); + + return true; +} + +void TvExtPolicyEnforce::Deinit() +{ + LOG_DBG("De-Init tvext policy applier"); +} + +bool TvExtPolicyEnforce::ParseGroup(Json::Value& groupList) +{ + LOG_DBG("...Start tvext policies parsing and applying..."); + + for (auto & node : groupList) + { + std::string name = node.get("name", "").asString(); + int state = node.get("state", 0).asInt(); + + if (name.empty()) + { + continue; //TODO or return error + } + + if ("usb" == name) + { + LOG_DBG("Enforce policy [%s] to state %d", name.c_str(), state); + } + else if ("screen-capture" == name) + { + LOG_DBG("Enforce policy [%s] to state %d", name.c_str(), state); + } + else if ("bluetooth" == name) + { + LOG_DBG("Enforce policy [%s] to state %d", name.c_str(), state); + } + else if ("iptables" == name) + { + Json::Value items = node.get("items", ""); + if (items.empty()) + { + LOG_ERR("No items node for iptables policy"); + continue; // TODO or return error + } + for (auto & item : items) + { + LOG_DBG("Enforce policy [%s] wit item %s", name.c_str(), item.asString().c_str() ); + } + } + else + { + LOG_DBG("Unknown policy found: %s", name.c_str()); + } + + } + LOG_DBG("...Finish tvext policies parsing and applying..."); + + return true; +} + + + +TvExtPolicyEnforce tvextEnforce(PolicyEnforce::GetInstance()); + +} //namespace core +} //namespace iot + diff --git a/device_core/nmdaemon/dpm/iot_tvext_enforce.h b/device_core/nmdaemon/dpm/iot_tvext_enforce.h new file mode 100644 index 0000000..dd9eb86 --- /dev/null +++ b/device_core/nmdaemon/dpm/iot_tvext_enforce.h @@ -0,0 +1,75 @@ +/** + @file tdm_tvext_applier.h + @brief Interface for tvext policy group + @author Aleksey Volkov (a.volkov@samsung.com) + @date Created Jul 05, 2016 + @par In Samsung Ukraine R&D Center (SRK) under a contract between + @par LLC "Samsung Electronics Ukraine Company" (Kyiv, Ukraine) + @par and "Samsung Electronics Co", Ltd (Seoul, Republic of Korea) + @par Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved. +**/ + + +#ifndef TVEXT_APPL_H +#define TVEXT_APPL_H + +#include + +#include "iot_i_policy_group_enforce.h" +#include "iot_policy_enforce.h" + + + +namespace iot +{ +namespace core +{ + +/** + * @class TvExtPolicyApplier + * @brief Parse and apply policies to tv extension tpm module + */ +class TvExtPolicyEnforce: public IPolicyGroupEnforce +{ + +public: + TvExtPolicyEnforce(PolicyEnforce&); /**< Default constructor */ + virtual ~TvExtPolicyEnforce(); /**< Destructor */ + + /** + * @brief Init function. Used to init context of TV extensions policy group + * @param[in] PolicyContext instance + * @return bool. True in case of success, false otherwise + */ + bool Init(/*PolicyContext&*/) override; + + /** + * @brief De-Init function. Used to close tpm tvext context. + */ + void Deinit() override; + + /** + * @brief Parse and apply policy to tvext tpm module. + * @param[in] List of parsed nodes of group policy + * @return bool. True in case of success, false otherwise + */ + bool ParseGroup(Json::Value&) override; + +private: + TvExtPolicyEnforce() = delete; /**< Copy constructor */ + TvExtPolicyEnforce& operator = (const PolicyEnforce&) = delete; /**< = operator copy constructor */ + + +private: +// tpm_tvext_policy_h m_policy; /**< tvext tpm handle */ +// tpm_context_h m_context; /**< tpm context handle */ + PolicyEnforce& m_enforce; /**< link to PolicyApplier instance */ + +}; + +} //namespace core +} //namespace iot + + + +#endif //TVEXT_ENF_H diff --git a/device_core/nmdaemon/dpm/log.h b/device_core/nmdaemon/dpm/log.h new file mode 100644 index 0000000..d949d89 --- /dev/null +++ b/device_core/nmdaemon/dpm/log.h @@ -0,0 +1,13 @@ +#include + + + #ifndef LOG_ERR + #define LOG_ERR(format, args...) printf("ERR -- %s [%s:%d] " format "\n",__FILE__, __func__, __LINE__, ##args) + #endif + + #ifndef LOG_DBG + #define LOG_DBG(format, args...) printf("DBG -- %s [%s:%d] " format "\n",__FILE__, __func__, __LINE__, ##args) + #endif + + + diff --git a/device_core/nmdaemon/main_thread.cpp b/device_core/nmdaemon/main_thread.cpp index 1cfe64b..e7c6ec5 100644 --- a/device_core/nmdaemon/main_thread.cpp +++ b/device_core/nmdaemon/main_thread.cpp @@ -18,6 +18,9 @@ #include "IOT_AirconResource.h" #include "IOT_PowerResource.h" #include "IOT_ReportResource.h" +#include "IOT_PolicyResource.h" + +#include "iot_policy_enforce.h" using namespace NMD; @@ -120,6 +123,7 @@ main_thread::main_thread() : thread_base() std::string rt; std::string ri; +#if 0 IOT_AirconResource aircon("/sec/aircon/0", {"x.com.samsung.da.device"}, {DEFAULT_INTERFACE, BATCH_INTERFACE, LINK_INTERFACE}); uri = aircon.getUri(); rt = aircon.getTypes()[0]; ri = aircon.getInterfaces()[0]; if(aircon.registerResource(uri, rt, ri, OC_DISCOVERABLE) != OC_STACK_OK) @@ -132,13 +136,46 @@ main_thread::main_thread() : thread_base() if(power.registerResource(uri, rt, ri, OC_OBSERVABLE) != OC_STACK_OK) throw std::runtime_error("registerResource failed"); + IOT_PolicyResource policy("/policy/0", {"oic.r.policy"}, {DEFAULT_INTERFACE}); + uri = policy.getUri(); rt = policy.getTypes()[0]; ri = policy.getInterfaces()[0]; + if(policy.registerResource(uri, rt, ri, OC_OBSERVABLE) != OC_STACK_OK) + throw std::runtime_error("registerResource failed"); + aircon.addChildResource(&power); + aircon.addChildResource(&policy); ResourceHandles rhandles; if(aircon.publishResource(rhandles, enr->host(), CT_ADAPTER_TCP) != OC_STACK_OK) throw std::runtime_error("publishResource failed"); +#endif + + auto policy_post_handler = [&](const OCRepresentation& _rep) + { + std::string s = IOT_Resource::representationToString(_rep); + std::cout << s << std::endl; + iot::core::PolicyEnforce::GetInstance().ParsePolicy(s); + }; + + IOT_PolicyResource policy("/policy/0", {"oic.r.policy"}, {DEFAULT_INTERFACE, BATCH_INTERFACE, LINK_INTERFACE}, policy_post_handler); + uri = policy.getUri(); rt = policy.getTypes()[0]; ri = policy.getInterfaces()[0]; + if(policy.registerResource(uri, rt, ri, OC_DISCOVERABLE|OC_OBSERVABLE) != OC_STACK_OK) + throw std::runtime_error("registerResource failed"); + + ResourceHandles rhandles; + if(policy.publishResource(rhandles, enr->host(), CT_ADAPTER_TCP) != OC_STACK_OK) + throw std::runtime_error("publishResource failed"); + + std::string device_id = getDeviceID(); std::shared_ptr report_res = nullptr; + static const std::string report_name[] = {"name 1", "name 2", "name 3"}; + static const std::string report_data[] = {"data 1", "data 2", "data 3"}; + + std::shared_ptr policy_res = nullptr; + static const IOT_PolicyGroup policy_group[] = { {"tv-extension", {{"usb", "off", {}}, {"screen-capture", "on", {}}}}, + {"tv-extension", {{"bluetooth", "on", {}}, {"iptables", "off", {"127.0.0.0/24|UDP|10-1024","1.1.1.1|TCP|80,443","8.8.8.8"}}}} }; + + std::srand(time(NULL)); while(m_running) { @@ -146,15 +183,28 @@ main_thread::main_thread() : thread_base() if(!report_res) report_res = IOT_Resource::findResource(enr->host(), {OC_RSRVD_WELL_KNOWN_URI}, static_cast(CT_DEFAULT), 1, "core.security"); - if(report_res) { + int idx = std::rand() % 3; OCRepresentation rpr; - rpr.setValue("report", IOT_Report::makeReport("1", IOT_Report::currentDateTime(), "sim", 0, "report data")); + rpr.setValue("report", IOT_Report::makeReport(device_id, IOT_Report::currentDateTime(), report_name[idx], 0, report_data[idx])); QueryParamsMap qry; if(IOT_Resource::post(report_res, {"core.security"}, {DEFAULT_INTERFACE}, rpr, qry) != OC_STACK_OK) report_res = nullptr; } + + if(!policy_res) + policy_res = IOT_Resource::findResource(enr->host(), {OC_RSRVD_WELL_KNOWN_URI}, static_cast(CT_DEFAULT), 1, "core.policy"); + if(policy_res) + { + int idx = std::rand() % 2; + OCRepresentation rpr; + rpr.setValue("policy", IOT_Policy::makePolicy({policy_group[idx]})); + QueryParamsMap qry; + //QueryParamsMap qry{{"did", device_id}, {"agent", agent_id}}; + if(IOT_Resource::post(policy_res, {"core.policy"}, {DEFAULT_INTERFACE}, rpr, qry) != OC_STACK_OK) + policy_res = nullptr; + } } delete enr; diff --git a/device_core/packaging/ioswsec.spec b/device_core/packaging/ioswsec.spec index 50b00e7..120eb81 100644 --- a/device_core/packaging/ioswsec.spec +++ b/device_core/packaging/ioswsec.spec @@ -22,8 +22,7 @@ BuildRequires: pkgconfig(dpm) BuildRequires: pkgconfig(dlog) BuildRequires: pkgconfig(boost) BuildRequires: pkgconfig(systemd) - - +BuildRequires: pkgconfig(jsoncpp) %define _tests_dir /usr/apps/network-manager %define _manifestdir /usr/share/packages diff --git a/device_core/utest/test_IoT.cpp b/device_core/utest/test_IoT.cpp index cdafe69..72def15 100644 --- a/device_core/utest/test_IoT.cpp +++ b/device_core/utest/test_IoT.cpp @@ -29,6 +29,7 @@ #include "IOT_AirconResource.h" #include "IOT_PowerResource.h" #include "IOT_ReportResource.h" +#include "IOT_PolicyResource.h" using namespace std; using namespace OC; @@ -86,13 +87,30 @@ TEST(test_IoT, getDeviceIdCorrect) } /** - * Test check correct report format + * Test correct report format */ -TEST(test_IoT, testReportResource) +TEST(test_IoT, test_IOT_Report) { cout << IOT_Report::makeReport("1", IOT_Report::currentDateTime(), "sim", 0, "report data") << endl; } +/** + * Test correct policy format + */ +TEST(test_IoT, test_IOT_Policy) +{ + IOT_PolicyItem item1("usb", "off", {}); + IOT_PolicyItem item2("screen-capture", "on", {}); + IOT_PolicyItem item3("bluetooth", "on", {}); + IOT_PolicyItem item4("iptables", "off", {"127.0.0.0/24|UDP|10-1024","1.1.1.1|TCP|80,443","8.8.8.8"}); + IOT_PolicyGroup group1("tv-extension", {item1, item2, item3, item4}); + IOT_PolicyGroup group2("Policies Group Name 2", {}); + cout << IOT_Policy::makePolicy({group1,group2}); +} + + + + static FILE* client_open(const char *path, const char *mode) { static const char CRED_FILE[] = "./report_client_db.dat";