SECURITY_MANAGER_API
int security_manager_policy_update_send(policy_update_req *p_req)
{
- (void)p_req;
+ using namespace SecurityManager;
+ MessageBuffer send, recv;
+
+ if (p_req == nullptr || p_req->units.size() == 0)
+ return SECURITY_MANAGER_ERROR_INPUT_PARAM;
- return SECURITY_MANAGER_ERROR_UNKNOWN;
+ return try_catch([&] {
+
+ //put request into buffer
+ Serialization::Serialize(send, static_cast<int>(SecurityModuleCall::POLICY_UPDATE));
+ Serialization::Serialize(send, p_req->units);
+
+ //send it to server
+ int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv);
+ if (retval != SECURITY_MANAGER_API_SUCCESS) {
+ LogError("Error in sendToServer. Error code: " << retval);
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+
+ //receive response from server
+ Deserialization::Deserialize(recv, retval);
+ switch(retval) {
+ case SECURITY_MANAGER_API_SUCCESS:
+ return SECURITY_MANAGER_SUCCESS;
+ case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED:
+ return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED;
+ default:
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ });
+}
+
+static inline int security_manager_get_policy_internal(
+ SecurityManager::SecurityModuleCall call_type,
+ policy_entry *p_filter,
+ policy_entry **pp_privs_policy,
+ size_t *p_size)
+{
+ using namespace SecurityManager;
+ MessageBuffer send, recv;
+
+ if (pp_privs_policy == nullptr || p_size == nullptr)
+ return SECURITY_MANAGER_ERROR_INPUT_PARAM;
+
+ return try_catch([&] {
+ //put request into buffer
+ Serialization::Serialize(send, static_cast<int>(call_type));
+ Serialization::Serialize(send, *p_filter);
+ //send it to server
+ int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv);
+ if (retval != SECURITY_MANAGER_API_SUCCESS) {
+ LogError("Error in sendToServer. Error code: " << retval);
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ //receive response from server
+ Deserialization::Deserialize(recv, retval);
+ switch(retval) {
+ case SECURITY_MANAGER_API_SUCCESS: {
+ //extract and allocate buffers for privs policy entries
+ size_t entriesCnt = 0;
+ policy_entry **entries = nullptr;
+ Deserialization::Deserialize(recv, entriesCnt);
+ try {
+ entries = new policy_entry*[entriesCnt]();
+ for (size_t i = 0; i < entriesCnt; ++i)
+ Deserialization::Deserialize(recv, entries[i]);
+ } catch (...) {
+ LogError("Error while parsing server response");
+ for (size_t i = 0; i < entriesCnt; ++i)
+ delete(entries[i]);
+ delete entries;
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ *p_size = entriesCnt;
+ pp_privs_policy = entries;
+ return SECURITY_MANAGER_SUCCESS;
+ }
+ case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED:
+ return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED;
+
+ default:
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ });
}
SECURITY_MANAGER_API
policy_entry **pp_privs_policy,
size_t *p_size)
{
- (void)p_filter;
- (void)pp_privs_policy;
- (void)p_size;
- return SECURITY_MANAGER_ERROR_UNKNOWN;
+ return security_manager_get_policy_internal(SecurityModuleCall::GET_CONF_POLICY_ADMIN, p_filter, pp_privs_policy, p_size);
}
SECURITY_MANAGER_API
policy_entry **pp_privs_policy,
size_t *p_size)
{
- (void)p_filter;
- (void)pp_privs_policy;
- (void)p_size;
- return SECURITY_MANAGER_ERROR_UNKNOWN;
+ return security_manager_get_policy_internal(SecurityModuleCall::GET_CONF_POLICY_SELF, p_filter, pp_privs_policy, p_size);
}
-
+SECURITY_MANAGER_API
int security_manager_get_policy(
policy_entry *p_filter,
policy_entry **pp_privs_policy,
size_t *p_size)
{
- (void)p_filter;
- (void)pp_privs_policy;
- (void)p_size;
- return SECURITY_MANAGER_ERROR_UNKNOWN;
-}
+ return security_manager_get_policy_internal(SecurityModuleCall::GET_POLICY, p_filter, pp_privs_policy, p_size);
+};
SECURITY_MANAGER_API
int security_manager_policy_entry_new(policy_entry **p_entry)
#include <sys/types.h>
#include <vector>
#include <string>
+#include <dpl/serialization.h>
/**
* \name Return Codes
APP_GET_GROUPS,
USER_ADD,
USER_DELETE,
+ POLICY_UPDATE,
+ GET_POLICY,
+ GET_CONF_POLICY_ADMIN,
+ GET_CONF_POLICY_SELF,
};
} // namespace SecurityManager
-struct policy_entry {
+using namespace SecurityManager;
+
+struct policy_entry : ISerializable {
std::string user; // uid converted to string
std::string appId; // application identifier
- std::string privilege; // cynara privilege
+ std::string privilege; // Cynara privilege
std::string currentLevel; // current level of privielege, or level asked to be set in privacy manager bucket
std::string maxLevel; // holds read maximum policy status or status to be set in admin bucket
+
+ policy_entry() : user(""), appId(""), privilege(""), currentLevel(""), maxLevel("")
+ {}
+
+ policy_entry(IStream &stream) {
+ Deserialization::Deserialize(stream, user);
+ Deserialization::Deserialize(stream, appId);
+ Deserialization::Deserialize(stream, privilege);
+ Deserialization::Deserialize(stream, currentLevel);
+ Deserialization::Deserialize(stream, maxLevel);
+ }
+
+ virtual void Serialize(IStream &stream) const {
+ Serialization::Serialize(stream, user);
+ Serialization::Serialize(stream, appId);
+ Serialization::Serialize(stream, privilege);
+ Serialization::Serialize(stream, currentLevel);
+ Serialization::Serialize(stream, maxLevel);
+ }
+
};
typedef struct policy_entry policy_entry;