1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "trust_profile_manager.h"
17 #include "subscribe_profile_manager.h"
18 #include "distributed_device_profile_log.h"
19 #include "rdb_adapter.h"
20 #include "profile_utils.h"
21 #include "device_manager.h"
22 #include "distributed_device_profile_constants.h"
23 #include "distributed_device_profile_errors.h"
24 #include "accesser.h"
25 #include "accessee.h"
26
27 namespace OHOS {
28 namespace DistributedDeviceProfile {
29 IMPLEMENT_SINGLE_INSTANCE(TrustProfileManager);
30 namespace {
31 const std::string TAG = "TrustProfileManager";
32 }
33
Init()34 int32_t TrustProfileManager::Init()
35 {
36 {
37 std::lock_guard<std::mutex> lock(rdbMutex_);
38 rdbStore_ = std::make_shared<RdbAdapter>();
39 if (rdbStore_ == nullptr) {
40 HILOGE("Init::rdbStore_ is nullptr");
41 return DP_INIT_DB_FAILED;
42 }
43 int32_t ret = rdbStore_->Init();
44 if (ret != DP_SUCCESS) {
45 HILOGE("Init::rdbStore_ Init failed");
46 return DP_INIT_DB_FAILED;
47 }
48 }
49 this->CreateTable();
50 this->CreateUniqueIndex();
51 HILOGI("end!");
52 return DP_SUCCESS;
53 }
54
UnInit()55 int32_t TrustProfileManager::UnInit()
56 {
57 {
58 std::lock_guard<std::mutex> lock(rdbMutex_);
59 if (rdbStore_ == nullptr) {
60 HILOGE("UnInit::rdbStore_ is nullptr");
61 return DP_GET_RDBSTORE_FAIL;
62 }
63 int32_t ret = rdbStore_->UnInit();
64 if (ret != DP_SUCCESS) {
65 HILOGE("UnInit::rdbStore_ Uninit failed");
66 return DP_UNINIT_FAIL;
67 }
68 rdbStore_ = nullptr;
69 }
70 HILOGI("end!");
71 return DP_SUCCESS;
72 }
73
PutTrustDeviceProfile(const TrustDeviceProfile & profile)74 int32_t TrustProfileManager::PutTrustDeviceProfile(const TrustDeviceProfile& profile)
75 {
76 ValuesBucket values;
77 ProfileUtils::TrustDeviceProfileToEntries(profile, values);
78
79 int64_t rowId = ROWID_INIT;
80 int32_t ret = RET_INIT;
81 {
82 std::lock_guard<std::mutex> lock(rdbMutex_);
83 if (rdbStore_ == nullptr) {
84 HILOGE("PutTrustDeviceProfile::rdbStore_ is nullptr");
85 return DP_GET_RDBSTORE_FAIL;
86 }
87 ret = rdbStore_->Put(rowId, TRUST_DEVICE_TABLE, values);
88 if (ret != DP_SUCCESS) {
89 HILOGE("PutTrustDeviceProfile::trust_device_table insert failed");
90 return DP_PUT_TRUST_DEVICE_PROFILE_FAIL;
91 }
92 }
93 ret = SubscribeProfileManager::GetInstance().NotifyTrustDeviceProfileAdd(profile);
94 if (ret != DP_SUCCESS) {
95 HILOGE("PutTrustDeviceProfile::NotifyTrustDeviceProfileAdd failed");
96 return DP_NOTIFY_TRUST_DEVICE_FAIL;
97 }
98 HILOGI("end!");
99 return DP_SUCCESS;
100 }
101
PutAccessControlProfile(const AccessControlProfile & profile)102 int32_t TrustProfileManager::PutAccessControlProfile(const AccessControlProfile& profile)
103 {
104 AccessControlProfile accessControlProfile(profile);
105 int32_t ret = this->SetAccessControlProfileId(accessControlProfile);
106 if (ret != DP_SUCCESS) {
107 HILOGE("PutAccessControlProfile::SetAccessControlProfileId failed");
108 return ret;
109 }
110 ret = this->PutAccesserProfile(accessControlProfile);
111 if (ret != DP_SUCCESS) {
112 HILOGE("PutAccessControlProfile::PutAccesserProfile failed");
113 return ret;
114 }
115 ret = this->PutAccesseeProfile(accessControlProfile);
116 if (ret != DP_SUCCESS) {
117 HILOGE("PutAccessControlProfile::PutAccesseeProfile failed");
118 return ret;
119 }
120 if (IsAclExists(accessControlProfile) == DP_DATA_EXISTS) {
121 HILOGE("PutAccessControlProfile::acl is exists");
122 return DP_SUCCESS;
123 }
124 ValuesBucket values;
125 ProfileUtils::AccessControlProfileToEntries(accessControlProfile, values);
126 {
127 std::lock_guard<std::mutex> lock(rdbMutex_);
128 if (rdbStore_ == nullptr) {
129 HILOGE("PutAccessControlProfile::rdbStore_ is nullptr");
130 return DP_GET_RDBSTORE_FAIL;
131 }
132 int64_t rowId = ROWID_INIT;
133 if (rdbStore_->Put(rowId, ACCESS_CONTROL_TABLE, values) != DP_SUCCESS) {
134 HILOGE("PutAccessControlProfile::access_control_table insert failed");
135 return DP_PUT_ACL_PROFILE_FAIL;
136 }
137 }
138 HILOGI("PutAclProfile : %{public}s", accessControlProfile.dump().c_str());
139 ret = this->PutAclCheck(accessControlProfile);
140 if (ret != DP_SUCCESS) {
141 HILOGE("PutAccessControlProfile::PutAclCheck failed");
142 return ret;
143 }
144 if (DistributedHardware::DeviceManager::GetInstance().DpAclAdd(accessControlProfile.GetAccessControlId(),
145 accessControlProfile.GetTrustDeviceId(), accessControlProfile.GetBindType()) != DP_SUCCESS) {
146 HILOGE("PutAccessControlProfile::Notify accessControlProfile Add failed");
147 return DP_NOTIFY_ACCESS_CONTROL_FAIL;
148 }
149 HILOGI("end!");
150 return DP_SUCCESS;
151 }
152
UpdateTrustDeviceProfile(const TrustDeviceProfile & profile)153 int32_t TrustProfileManager::UpdateTrustDeviceProfile(const TrustDeviceProfile& profile)
154 {
155 std::string deviceId = profile.GetDeviceId();
156 std::shared_ptr<ResultSet> resultSet =
157 GetResultSet(SELECT_TRUST_DEVICE_TABLE_WHERE_DEVICEID,
158 std::vector<ValueObject>{ ValueObject(deviceId) });
159 if (resultSet == nullptr) {
160 HILOGE("UpdateTrustDeviceProfile::resultSet is nullptr");
161 return DP_GET_RESULTSET_FAIL;
162 }
163 int32_t rowCount = ROWCOUNT_INIT;
164 resultSet->GetRowCount(rowCount);
165 if (rowCount == 0) {
166 HILOGE("UpdateTrustDeviceProfile::deviceId not find");
167 resultSet->Close();
168 return DP_NOT_FIND_DATA;
169 }
170 int32_t ret = resultSet->GoToFirstRow();
171 if (ret != DP_SUCCESS) {
172 HILOGE("UpdateTrustDeviceProfile::deviceId not find");
173 resultSet->Close();
174 return DP_NOT_FIND_DATA;
175 }
176 TrustDeviceProfile oldProfile;
177 this->ConvertToTrustDeviceProfile(resultSet, oldProfile);
178 resultSet->Close();
179 ValuesBucket values;
180 ProfileUtils::TrustDeviceProfileToEntries(profile, values);
181 int32_t changeRowCnt = CHANGEROWCNT_INIT;
182 {
183 std::lock_guard<std::mutex> lock(rdbMutex_);
184 if (rdbStore_ == nullptr) {
185 HILOGE("UpdateTrustDeviceProfile::rdbStore_ is nullptr");
186 return DP_GET_RDBSTORE_FAIL;
187 }
188 ret = rdbStore_->Update(changeRowCnt, TRUST_DEVICE_TABLE, values, DEVICEID_EQUAL_CONDITION,
189 std::vector<ValueObject>{ ValueObject(profile.GetDeviceId()) });
190 if (ret != DP_SUCCESS) {
191 HILOGE("UpdateTrustDeviceProfile::Update trust_device_table failed");
192 return DP_UPDATE_TRUST_DEVICE_PROFILE_FAIL;
193 }
194 }
195 this->UpdateTrustDeviceProfileNotify(oldProfile, profile);
196 HILOGI("end!");
197 return DP_SUCCESS;
198 }
199
UpdateAccessControlProfile(const AccessControlProfile & profile)200 int32_t TrustProfileManager::UpdateAccessControlProfile(const AccessControlProfile& profile)
201 {
202 int32_t ret = this->UpdateAclCheck(profile);
203 if (ret != DP_SUCCESS) {
204 HILOGE("UpdateAccessControlProfile::UpdateAclCheck faild");
205 return ret;
206 }
207 this->UpdateAccesserProfile(profile.GetAccesserId(), profile);
208 this->UpdateAccesseeProfile(profile.GetAccesseeId(), profile);
209 ValuesBucket values;
210 ProfileUtils::AccessControlProfileToEntries(profile, values);
211 int32_t changeRowCnt = CHANGEROWCNT_INIT;
212 {
213 std::lock_guard<std::mutex> lock(rdbMutex_);
214 if (rdbStore_ == nullptr) {
215 HILOGE("UpdateAccessControlProfile::rdbStore_ is nullptr");
216 return DP_GET_RDBSTORE_FAIL;
217 }
218 ret = rdbStore_->Update(changeRowCnt, ACCESS_CONTROL_TABLE, values, ACCESSCONTROLID_EQUAL_CONDITION,
219 std::vector<ValueObject>{ ValueObject(profile.GetAccessControlId()) });
220 if (ret != DP_SUCCESS) {
221 HILOGE("UpdateAccessControlProfile::update access_control_table failed");
222 return DP_UPDATE_ACL_PROFILE_FAIL;
223 }
224 }
225 HILOGI("UpdateAclProfile : %{public}s", profile.dump().c_str());
226 int32_t status = STATUS_INIT;
227 ret = this->GetResultStatus(profile.GetTrustDeviceId(), status);
228 if (ret != DP_SUCCESS) {
229 HILOGE("UpdateAccessControlProfile::GetResultStatus failed");
230 return DP_GET_RESULTSET_FAIL;
231 }
232 TrustDeviceProfile trustProfile;
233 this->ConvertToTrustDeviceProfile(profile, trustProfile);
234 trustProfile.SetStatus(status);
235 ret = this->UpdateTrustDeviceProfile(trustProfile);
236 if (ret != DP_SUCCESS) {
237 HILOGE("UpdateAccessControlProfile::UpdateTrustDeviceProfile failed");
238 return DP_UPDATE_TRUST_DEVICE_PROFILE_FAIL;
239 }
240 HILOGI("end!");
241 return DP_SUCCESS;
242 }
243
GetTrustDeviceProfile(const std::string & deviceId,TrustDeviceProfile & profile)244 int32_t TrustProfileManager::GetTrustDeviceProfile(const std::string& deviceId, TrustDeviceProfile& profile)
245 {
246 std::shared_ptr<ResultSet> resultSet = GetResultSet(SELECT_TRUST_DEVICE_TABLE_WHERE_DEVICEID,
247 std::vector<ValueObject>{ ValueObject(deviceId) });
248 if (resultSet == nullptr) {
249 HILOGE("GetTrustDeviceProfile::resultSet is nullptr");
250 return DP_GET_RESULTSET_FAIL;
251 }
252 int32_t rowCount = ROWCOUNT_INIT;
253 resultSet->GetRowCount(rowCount);
254 if (rowCount == 0) {
255 HILOGE("GetTrustDeviceProfile::deviceId not find");
256 resultSet->Close();
257 return DP_NOT_FIND_DATA;
258 }
259 int32_t ret = resultSet->GoToFirstRow();
260 if (ret != DP_SUCCESS) {
261 HILOGE("GetTrustDeviceProfile::not find trust device data");
262 resultSet->Close();
263 return DP_NOT_FIND_DATA;
264 }
265 this->ConvertToTrustDeviceProfile(resultSet, profile);
266 resultSet->Close();
267 HILOGI("end!");
268 return DP_SUCCESS;
269 }
270
GetAllTrustDeviceProfile(std::vector<TrustDeviceProfile> & profile)271 int32_t TrustProfileManager::GetAllTrustDeviceProfile(std::vector<TrustDeviceProfile>& profile)
272 {
273 std::shared_ptr<ResultSet> resultSet =
274 GetResultSet(SELECT_TRUST_DEVICE_TABLE, std::vector<ValueObject> {});
275 if (resultSet == nullptr) {
276 HILOGE("GetAllTrustDeviceProfile::resultSet is nullptr");
277 return DP_GET_RESULTSET_FAIL;
278 }
279 int32_t rowCount = ROWCOUNT_INIT;
280 resultSet->GetRowCount(rowCount);
281 if (rowCount == 0) {
282 HILOGE("GetAllTrustDeviceProfile::trust_device_table no data");
283 resultSet->Close();
284 return DP_NOT_FIND_DATA;
285 }
286 while (resultSet->GoToNextRow() == DP_SUCCESS) {
287 TrustDeviceProfile trustProfile;
288 this->ConvertToTrustDeviceProfile(resultSet, trustProfile);
289 profile.push_back(trustProfile);
290 }
291 resultSet->Close();
292 if (profile.empty()) {
293 return DP_NOT_FIND_DATA;
294 }
295 HILOGI("end!");
296 return DP_SUCCESS;
297 }
298
GetAccessControlProfile(int32_t userId,const std::string & bundleName,int32_t bindType,int32_t status,std::vector<AccessControlProfile> & profile)299 int32_t TrustProfileManager::GetAccessControlProfile(int32_t userId, const std::string& bundleName,
300 int32_t bindType, int32_t status, std::vector<AccessControlProfile>& profile)
301 {
302 if (bundleName.size() > MAX_STRING_LEN) {
303 HILOGE("GetAccessControlProfile::bundleName is invalid");
304 return DP_INVALID_PARAMS;
305 }
306 HILOGI("Params, userId : %{public}s, bundleName : %{public}s, bindtype : %{public}d, status : %{public}d",
307 ProfileUtils::GetAnonyString(std::to_string(userId)).c_str(), bundleName.c_str(), bindType, status);
308 std::shared_ptr<ResultSet> resultSet =
309 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_BINDTYPE_AND_STATUS,
310 std::vector<ValueObject>{ ValueObject(bindType), ValueObject(status) });
311 if (resultSet == nullptr) {
312 HILOGE("GetAccessControlProfile::resultSet is nullptr");
313 return DP_GET_RESULTSET_FAIL;
314 }
315 int32_t rowCount = ROWCOUNT_INIT;
316 resultSet->GetRowCount(rowCount);
317 if (rowCount == 0) {
318 HILOGE("GetAccessControlProfile::bindType and status not find");
319 resultSet->Close();
320 return DP_NOT_FIND_DATA;
321 }
322 int32_t ret = this->GetAclProfileByUserIdAndBundleName(resultSet, userId, bundleName, profile);
323 resultSet->Close();
324 if (ret != DP_SUCCESS) {
325 HILOGE("GetAccessControlProfile::GetAclProfileByUserIdAndBundleName faild");
326 return DP_NOT_FIND_DATA;
327 }
328 if (profile.empty()) {
329 HILOGE("GetAccessControlProfile::by userId bundleName bindType status not find data");
330 return DP_NOT_FIND_DATA;
331 }
332 HILOGI("end!");
333 return DP_SUCCESS;
334 }
335
GetAccessControlProfile(int32_t userId,const std::string & bundleName,const std::string & trustDeviceId,int32_t status,std::vector<AccessControlProfile> & profile)336 int32_t TrustProfileManager::GetAccessControlProfile(int32_t userId, const std::string& bundleName,
337 const std::string& trustDeviceId, int32_t status, std::vector<AccessControlProfile>& profile)
338 {
339 if (bundleName.size() > MAX_STRING_LEN || trustDeviceId.size() > MAX_STRING_LEN) {
340 HILOGE("GetAccessControlProfile::bundleName or trustDeviceId is invalid");
341 return DP_INVALID_PARAMS;
342 }
343 HILOGI("Params, userId : %{public}s, bundleName : %{public}s, trustDeviceId : %{public}s,\
344 status : %{public}d", ProfileUtils::GetAnonyString(std::to_string(userId)).c_str(),
345 bundleName.c_str(), ProfileUtils::GetAnonyString(trustDeviceId).c_str(), status);
346 std::shared_ptr<ResultSet> resultSet =
347 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_TRUSTDEVICEID_AND_STATUS,
348 std::vector<ValueObject>{ ValueObject(trustDeviceId), ValueObject(status) });
349 if (resultSet == nullptr) {
350 HILOGE("GetAccessControlProfile::resultSet is nullptr");
351 return DP_GET_RESULTSET_FAIL;
352 }
353 int32_t rowCount = ROWCOUNT_INIT;
354 resultSet->GetRowCount(rowCount);
355 if (rowCount == 0) {
356 HILOGE("GetAccessControlProfile::trustDeviceId and status not find");
357 resultSet->Close();
358 return DP_NOT_FIND_DATA;
359 }
360 int32_t ret = this->GetAclProfileByUserIdAndBundleName(resultSet, userId, bundleName, profile);
361 resultSet->Close();
362 if (ret != DP_SUCCESS) {
363 HILOGE("GetAccessControlProfile::GetAclProfileByUserIdAndBundleName faild");
364 return ret;
365 }
366 if (profile.empty()) {
367 HILOGE("GetAccessControlProfile::by userId bundleName trustDeviceId status not find data");
368 return DP_NOT_FIND_DATA;
369 }
370 HILOGI("end!");
371 return DP_SUCCESS;
372 }
373
GetAccessControlProfileByTokenId(int64_t tokenId,const std::string & trustDeviceId,int32_t status,std::vector<AccessControlProfile> & profile)374 int32_t TrustProfileManager::GetAccessControlProfileByTokenId(int64_t tokenId,
375 const std::string& trustDeviceId, int32_t status, std::vector<AccessControlProfile>& profile)
376 {
377 if (trustDeviceId.size() > MAX_STRING_LEN) {
378 HILOGE("GetAccessControlProfileByTokenId::trustDeviceId is invalid");
379 return DP_INVALID_PARAMS;
380 }
381 HILOGI("Params, tokenId : %{public}" PRId64 ", trustDeviceId : %{public}s, status : %{public}d",
382 tokenId, ProfileUtils::GetAnonyString(trustDeviceId).c_str(), status);
383 std::shared_ptr<ResultSet> resultSet =
384 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_STATUS,
385 std::vector<ValueObject>{ ValueObject(status) });
386 if (resultSet == nullptr) {
387 HILOGE("GetAccessControlProfileByTokenId::resultSet is nullptr");
388 return DP_GET_RESULTSET_FAIL;
389 }
390 int32_t rowCount = ROWCOUNT_INIT;
391 resultSet->GetRowCount(rowCount);
392 if (rowCount == 0) {
393 HILOGE("GetAccessControlProfileByTokenId::trustDeviceId and status not find");
394 resultSet->Close();
395 return DP_NOT_FIND_DATA;
396 }
397 int32_t ret = this->GetAclProfileByTokenId(resultSet, trustDeviceId, tokenId, profile);
398 resultSet->Close();
399 if (ret != DP_SUCCESS) {
400 HILOGE("GetAccessControlProfileByTokenId::GetAclProfileByTokenId faild");
401 return ret;
402 }
403 if (profile.empty()) {
404 HILOGE("GetAccessControlProfileByTokenId::tokenId not find data");
405 return DP_NOT_FIND_DATA;
406 }
407 HILOGI("end!");
408 return DP_SUCCESS;
409 }
410
GetAccessControlProfile(int32_t userId,const std::string & accountId,std::vector<AccessControlProfile> & profile)411 int32_t TrustProfileManager::GetAccessControlProfile(int32_t userId,
412 const std::string& accountId, std::vector<AccessControlProfile>& profile)
413 {
414 if (accountId.size() > MAX_STRING_LEN) {
415 HILOGE("GetAccessControlProfile::accountId is invalid");
416 return DP_INVALID_PARAMS;
417 }
418 HILOGI("Params, userId : %{public}s, accountId : %{public}s",
419 ProfileUtils::GetAnonyString(std::to_string(userId)).c_str(),
420 ProfileUtils::GetAnonyString(accountId).c_str());
421 std::shared_ptr<ResultSet> resultSet =
422 GetResultSet(SELECT_ACCESS_CONTROL_TABLE, std::vector<ValueObject> {});
423 if (resultSet == nullptr) {
424 HILOGE("GetAccessControlProfile::resultSet is nullptr");
425 return DP_GET_RESULTSET_FAIL;
426 }
427 int32_t rowCount = ROWCOUNT_INIT;
428 resultSet->GetRowCount(rowCount);
429 if (rowCount == 0) {
430 HILOGE("GetAccessControlProfile::access_control_table no data");
431 resultSet->Close();
432 return DP_NOT_FIND_DATA;
433 }
434 while (resultSet->GoToNextRow() == DP_SUCCESS) {
435 int32_t columnIndex = COLUMNINDEX_INIT;
436 int64_t accesserId = ACCESSERID_INIT;
437 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
438 resultSet->GetLong(columnIndex, accesserId);
439 int64_t accesseeId = ACCESSEEID_INIT;
440 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
441 resultSet->GetLong(columnIndex, accesseeId);
442 int32_t ret = this->GetAclProfileByUserIdAndAccountId(
443 resultSet, accesserId, accesseeId, userId, accountId, profile);
444 if (ret != DP_SUCCESS) {
445 HILOGE("GetAccessControlProfile::GetAclProfileByUserIdAndAccountId faild");
446 return ret;
447 }
448 }
449 resultSet->Close();
450 if (profile.empty()) {
451 HILOGE("GetAccessControlProfile::by userId accountId not find data");
452 return DP_NOT_FIND_DATA;
453 }
454 HILOGI("end!");
455 return DP_SUCCESS;
456 }
457
GetAccessControlProfile(int32_t userId,std::vector<AccessControlProfile> & profile)458 int32_t TrustProfileManager::GetAccessControlProfile(int32_t userId, std::vector<AccessControlProfile> &profile)
459 {
460 HILOGI("Params, userId : %{public}s", ProfileUtils::GetAnonyString(std::to_string(userId)).c_str());
461 std::shared_ptr<ResultSet> resultSet =
462 GetResultSet(SELECT_ACCESS_CONTROL_TABLE, std::vector<ValueObject> {});
463 if (resultSet == nullptr) {
464 HILOGE("GetAccessControlProfile::resultSet is nullptr");
465 return DP_GET_RESULTSET_FAIL;
466 }
467 int32_t rowCount = ROWCOUNT_INIT;
468 resultSet->GetRowCount(rowCount);
469 if (rowCount == 0) {
470 HILOGE("GetAccessControlProfile::access_control_table no data");
471 resultSet->Close();
472 return DP_NOT_FIND_DATA;
473 }
474 while (resultSet->GoToNextRow() == DP_SUCCESS) {
475 int32_t columnIndex = COLUMNINDEX_INIT;
476 int64_t accesserId = ACCESSERID_INIT;
477 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
478 resultSet->GetLong(columnIndex, accesserId);
479 int64_t accesseeId = ACCESSEEID_INIT;
480 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
481 resultSet->GetLong(columnIndex, accesseeId);
482 int32_t ret = GetAccessControlProfiles(resultSet, accesserId, accesseeId, userId, profile);
483 if (ret != DP_SUCCESS) {
484 HILOGE("GetAccessControlProfile::GetAccessControlProfile faild");
485 resultSet->Close();
486 return ret;
487 }
488 }
489 resultSet->Close();
490 if (profile.empty()) {
491 HILOGE("GetAccessControlProfile::by userId accountId not find data");
492 return DP_NOT_FIND_DATA;
493 }
494 HILOGI("end!");
495 return DP_SUCCESS;
496 }
497
GetAllAccessControlProfile(std::vector<AccessControlProfile> & profile)498 int32_t TrustProfileManager::GetAllAccessControlProfile(std::vector<AccessControlProfile>& profile)
499 {
500 std::shared_ptr<ResultSet> resultSet =
501 GetResultSet(SELECT_ACCESS_CONTROL_TABLE, std::vector<ValueObject> {});
502 if (resultSet == nullptr) {
503 HILOGE("GetAllAccessControlProfile::resultSet is nullptr");
504 return DP_GET_RESULTSET_FAIL;
505 }
506 int32_t rowCount = ROWCOUNT_INIT;
507 resultSet->GetRowCount(rowCount);
508 if (rowCount == 0) {
509 HILOGE("GetAllAccessControlProfile::access_control_table no data");
510 resultSet->Close();
511 return DP_NOT_FIND_DATA;
512 }
513 while (resultSet->GoToNextRow() == DP_SUCCESS) {
514 int32_t columnIndex = COLUMNINDEX_INIT;
515 int64_t accesserId = ACCESSERID_INIT;
516 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
517 resultSet->GetLong(columnIndex, accesserId);
518 int64_t accesseeId = ACCESSEEID_INIT;
519 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
520 resultSet->GetLong(columnIndex, accesseeId);
521 int32_t ret = this->GetAccessControlProfile(resultSet, accesserId, accesseeId, profile);
522 if (ret != DP_SUCCESS) {
523 HILOGE("GetAllAccessControlProfile::GetAccessControlProfile faild");
524 resultSet->Close();
525 return ret;
526 }
527 }
528 resultSet->Close();
529 if (profile.empty()) {
530 return DP_NOT_FIND_DATA;
531 }
532 HILOGI("end!");
533 return DP_SUCCESS;
534 }
535
GetAccessControlProfile(const std::string & bundleName,int32_t bindType,int32_t status,std::vector<AccessControlProfile> & profile)536 int32_t TrustProfileManager::GetAccessControlProfile(const std::string& bundleName,
537 int32_t bindType, int32_t status, std::vector<AccessControlProfile>& profile)
538 {
539 if (bundleName.size() > MAX_STRING_LEN) {
540 HILOGE("GetAccessControlProfile::bundleName is invalid");
541 return DP_INVALID_PARAMS;
542 }
543 HILOGI("Params, bundleName : %{public}s, bindType : %{public}d, status : %{public}d",
544 bundleName.c_str(), bindType, status);
545 std::shared_ptr<ResultSet> resultSet =
546 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_BINDTYPE_AND_STATUS,
547 std::vector<ValueObject>{ ValueObject(bindType), ValueObject(status) });
548 if (resultSet == nullptr) {
549 HILOGE("GetAccessControlProfile::resultSet is nullptr");
550 return DP_GET_RESULTSET_FAIL;
551 }
552 int32_t rowCount = ROWCOUNT_INIT;
553 resultSet->GetRowCount(rowCount);
554 if (rowCount == 0) {
555 HILOGE("GetAccessControlProfile::bindType and status not find");
556 resultSet->Close();
557 return DP_NOT_FIND_DATA;
558 }
559 int32_t ret = this->GetAclProfileByBundleName(resultSet, bundleName, profile);
560 resultSet->Close();
561 if (ret != DP_SUCCESS) {
562 HILOGE("GetAccessControlProfile::GetAclProfileByBundleName faild");
563 return ret;
564 }
565 if (profile.empty()) {
566 HILOGE("GetAccessControlProfile::by bundleName bindType status not find data");
567 return DP_NOT_FIND_DATA;
568 }
569 HILOGI("end!");
570 return DP_SUCCESS;
571 }
572
GetAccessControlProfile(const std::string & bundleName,const std::string & trustDeviceId,int32_t status,std::vector<AccessControlProfile> & profile)573 int32_t TrustProfileManager::GetAccessControlProfile(const std::string& bundleName,
574 const std::string& trustDeviceId, int32_t status, std::vector<AccessControlProfile>& profile)
575 {
576 if (bundleName.size() > MAX_STRING_LEN || trustDeviceId.size() > MAX_STRING_LEN) {
577 HILOGE("GetAccessControlProfile::bundleName or trustDeviceId is invalid");
578 return DP_INVALID_PARAMS;
579 }
580 HILOGI("Params, bundleName : %{public}s, trustDeviceId : %{public}s, status : %{public}d",
581 bundleName.c_str(), ProfileUtils::GetAnonyString(trustDeviceId).c_str(), status);
582 std::shared_ptr<ResultSet> resultSet =
583 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_TRUSTDEVICEID_AND_STATUS,
584 std::vector<ValueObject>{ ValueObject(trustDeviceId), ValueObject(status) });
585 if (resultSet == nullptr) {
586 HILOGE("GetAccessControlProfile::resultSet is nullptr");
587 return DP_GET_RESULTSET_FAIL;
588 }
589 int32_t rowCount = ROWCOUNT_INIT;
590 resultSet->GetRowCount(rowCount);
591 if (rowCount == 0) {
592 HILOGE("GetAccessControlProfile::trustDeviceId and status not find");
593 resultSet->Close();
594 return DP_NOT_FIND_DATA;
595 }
596 int32_t ret = this->GetAclProfileByBundleName(resultSet, bundleName, profile);
597 resultSet->Close();
598 if (ret != DP_SUCCESS) {
599 HILOGE("GetAccessControlProfile::GetAclProfileByBundleName faild");
600 return ret;
601 }
602 if (profile.empty()) {
603 HILOGE("GetAccessControlProfile::by bundleName trustDeviceId status not find data");
604 return DP_NOT_FIND_DATA;
605 }
606 HILOGI("end!");
607 return DP_SUCCESS;
608 }
609
GetAccessControlProfile(const std::map<std::string,std::string> & params,std::vector<AccessControlProfile> & profile)610 int32_t TrustProfileManager::GetAccessControlProfile(const std::map<std::string, std::string>& params,
611 std::vector<AccessControlProfile>& profile)
612 {
613 if (params.find(TRUST_DEVICE_ID) != params.end() && params.find(STATUS) != params.end()) {
614 if (params.find(USERID) != params.end() && params.find(BUNDLENAME) != params.end()) {
615 int32_t ret = this->GetAccessControlProfile(std::atoi(params.at(USERID).c_str()),
616 params.at(BUNDLENAME), params.at(TRUST_DEVICE_ID),
617 std::atoi(params.at(STATUS).c_str()), profile);
618 return ret;
619 }
620 if (params.find(BUNDLENAME) != params.end()) {
621 int32_t ret = this->GetAccessControlProfile(params.at(BUNDLENAME),
622 params.at(TRUST_DEVICE_ID), std::atoi(params.at(STATUS).c_str()), profile);
623 return ret;
624 }
625 if (params.find(TOKENID) != params.end()) {
626 int32_t ret = this->GetAccessControlProfileByTokenId(std::atoi(params.at(TOKENID).c_str()),
627 params.at(TRUST_DEVICE_ID), std::atoi(params.at(STATUS).c_str()), profile);
628 return ret;
629 }
630 }
631 if (params.find(BIND_TYPE) != params.end() && params.find(STATUS) != params.end()) {
632 if (params.find(USERID) != params.end() && params.find(BUNDLENAME) != params.end()) {
633 int32_t ret = this->GetAccessControlProfile(std::atoi(params.at(USERID).c_str()),
634 params.at(BUNDLENAME), std::atoi(params.at(BIND_TYPE).c_str()),
635 std::atoi(params.at(STATUS).c_str()), profile);
636 return ret;
637 }
638 if (params.find(BUNDLENAME) != params.end()) {
639 int32_t ret = this->GetAccessControlProfile(params.at(BUNDLENAME),
640 std::atoi(params.at(BIND_TYPE).c_str()),
641 std::atoi(params.at(STATUS).c_str()), profile);
642 return ret;
643 }
644 }
645 if (params.find(USERID) != params.end()) {
646 if (params.find(ACCOUNTID) != params.end()) {
647 int32_t ret = this->GetAccessControlProfile(std::atoi(params.at(USERID).c_str()),
648 params.at(ACCOUNTID), profile);
649 return ret;
650 }
651 int32_t ret = this->GetAccessControlProfile(std::atoi(params.at(USERID).c_str()), profile);
652 return ret;
653 }
654 HILOGE("params is error");
655 return DP_INVALID_PARAMS;
656 }
657
DeleteTrustDeviceProfile(const std::string & deviceId)658 int32_t TrustProfileManager::DeleteTrustDeviceProfile(const std::string& deviceId)
659 {
660 std::shared_ptr<ResultSet> resultSet =
661 GetResultSet(SELECT_TRUST_DEVICE_TABLE_WHERE_DEVICEID,
662 std::vector<ValueObject>{ ValueObject(deviceId) });
663 if (resultSet == nullptr) {
664 HILOGE("DeleteTrustDeviceProfile::resultSet is nullptr");
665 return DP_GET_RESULTSET_FAIL;
666 }
667 int32_t rowCount = ROWCOUNT_INIT;
668 resultSet->GetRowCount(rowCount);
669 if (rowCount == 0) {
670 HILOGE("DeleteTrustDeviceProfile::no data");
671 resultSet->Close();
672 return DP_NOT_FIND_DATA;
673 }
674 int32_t ret = resultSet->GoToFirstRow();
675 if (ret != DP_SUCCESS) {
676 HILOGE("DeleteTrustDeviceProfile::deviceId not find");
677 resultSet->Close();
678 return DP_NOT_FIND_DATA;
679 }
680 TrustDeviceProfile profile;
681 this->ConvertToTrustDeviceProfile(resultSet, profile);
682 resultSet->Close();
683 {
684 std::lock_guard<std::mutex> lock(rdbMutex_);
685 if (rdbStore_ == nullptr) {
686 HILOGE("DeleteTrustDeviceProfile::rdbStore_ is nullptr");
687 return DP_GET_RDBSTORE_FAIL;
688 }
689 int32_t deleteRows = DELETEROWS_INIT;
690 ret = rdbStore_->Delete(deleteRows, TRUST_DEVICE_TABLE, DEVICEID_EQUAL_CONDITION,
691 std::vector<ValueObject>{ ValueObject(deviceId) });
692 if (ret != DP_SUCCESS) {
693 HILOGE("DeleteTrustDeviceProfile::delete trust_device_table data failed");
694 return DP_DELETE_TRUST_DEVICE_PROFILE_FAIL;
695 }
696 }
697 ret = SubscribeProfileManager::GetInstance().NotifyTrustDeviceProfileDelete(profile);
698 if (ret != DP_SUCCESS) {
699 HILOGE("DeleteTrustDeviceProfile::ProfileDelete failed");
700 return DP_NOTIFY_TRUST_DEVICE_FAIL;
701 }
702 HILOGI("end!");
703 return DP_SUCCESS;
704 }
705
DeleteAccessControlProfile(int64_t accessControlId)706 int32_t TrustProfileManager::DeleteAccessControlProfile(int64_t accessControlId)
707 {
708 std::shared_ptr<ResultSet> resultSet =
709 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_ACCESSCONTROLID,
710 std::vector<ValueObject>{ ValueObject(accessControlId) });
711 if (resultSet == nullptr) {
712 HILOGE("DeleteAccessControlProfile::resultSet is nullptr");
713 return DP_GET_RESULTSET_FAIL;
714 }
715 int32_t rowCount = ROWCOUNT_INIT;
716 resultSet->GetRowCount(rowCount);
717 if (rowCount == 0) {
718 HILOGE("DeleteAccessControlProfile::no data");
719 resultSet->Close();
720 return DP_NOT_FIND_DATA;
721 }
722 int32_t ret = this->DeleteAccessControlProfileCheck(resultSet);
723 resultSet->Close();
724 if (ret != DP_SUCCESS) {
725 HILOGE("DeleteAccessControlProfile::DeleteAccessControlProfileCheck failed");
726 return ret;
727 }
728 HILOGI("end!");
729 return DP_SUCCESS;
730 }
731
CreateTable()732 int32_t TrustProfileManager::CreateTable()
733 {
734 std::lock_guard<std::mutex> lock(rdbMutex_);
735 if (rdbStore_ == nullptr) {
736 HILOGE("CreateTable::rdbStore_ is nullptr");
737 return DP_GET_RDBSTORE_FAIL;
738 }
739 int32_t ret = rdbStore_->CreateTable(CREATE_TURST_DEVICE_TABLE_SQL);
740 if (ret != DP_SUCCESS) {
741 HILOGE("CreateTable::trust_device_table create failed");
742 return DP_CREATE_TABLE_FAIL;
743 }
744 ret = rdbStore_->CreateTable(CREATE_ACCESS_CONTROL_TABLE_SQL);
745 if (ret != DP_SUCCESS) {
746 HILOGE("CreateTable::access_control_table create failed");
747 return DP_CREATE_TABLE_FAIL;
748 }
749 ret = rdbStore_->CreateTable(CREATE_ACCESSER_TABLE_SQL);
750 if (ret != DP_SUCCESS) {
751 HILOGE("CreateTable::accesser_table create failed");
752 return DP_CREATE_TABLE_FAIL;
753 }
754 ret = rdbStore_->CreateTable(CREATE_ACCESSEE_TABLE_SQL);
755 if (ret != DP_SUCCESS) {
756 HILOGE("CreateTable::accessee_table create failed");
757 return DP_CREATE_TABLE_FAIL;
758 }
759 return DP_SUCCESS;
760 }
761
CreateUniqueIndex()762 int32_t TrustProfileManager::CreateUniqueIndex()
763 {
764 std::lock_guard<std::mutex> lock(rdbMutex_);
765 if (rdbStore_ == nullptr) {
766 HILOGE("CreateUniqueIndex::rdbStore_ is nullptr");
767 return DP_GET_RDBSTORE_FAIL;
768 }
769 int32_t ret = rdbStore_->CreateTable(CREATE_TURST_DEVICE_TABLE_UNIQUE_INDEX_SQL);
770 if (ret != DP_SUCCESS) {
771 HILOGE("CreateUniqueIndex::trust_device_table unique index create failed");
772 return DP_CREATE_UNIQUE_INDEX_FAIL;
773 }
774 ret = rdbStore_->CreateTable(CREATE_ACCESS_CONTROL_TABLE_UNIQUE_INDEX_SQL);
775 if (ret != DP_SUCCESS) {
776 HILOGE("CreateUniqueIndex::access_control_table unique index create failed");
777 return DP_CREATE_UNIQUE_INDEX_FAIL;
778 }
779 ret = rdbStore_->CreateTable(CREATE_ACCESSER_TABLE_UNIQUE_INDEX_SQL);
780 if (ret != DP_SUCCESS) {
781 HILOGE("CreateUniqueIndex::accesser_table unique index create failed");
782 return DP_CREATE_UNIQUE_INDEX_FAIL;
783 }
784 ret = rdbStore_->CreateTable(CREATE_ACCESSEE_TABLE_UNIQUE_INDEX_SQL);
785 if (ret != DP_SUCCESS) {
786 HILOGE("CreateUniqueIndex::accessee_table unique index create failed");
787 return DP_CREATE_UNIQUE_INDEX_FAIL;
788 }
789 return DP_SUCCESS;
790 }
791
ConvertToTrustDeviceProfile(const AccessControlProfile & accessControlProfile,TrustDeviceProfile & trustDeviceProfile)792 int32_t TrustProfileManager::ConvertToTrustDeviceProfile(
793 const AccessControlProfile& accessControlProfile, TrustDeviceProfile& trustDeviceProfile)
794 {
795 trustDeviceProfile.SetDeviceId(accessControlProfile.GetTrustDeviceId());
796 trustDeviceProfile.SetDeviceIdType(accessControlProfile.GetDeviceIdType());
797 trustDeviceProfile.SetDeviceIdHash(accessControlProfile.GetDeviceIdHash());
798 trustDeviceProfile.SetStatus(accessControlProfile.GetStatus());
799 trustDeviceProfile.SetBindType(accessControlProfile.GetBindType());
800 return DP_SUCCESS;
801 }
802
GetAclProfileByUserIdAndBundleName(std::shared_ptr<ResultSet> resultSet,int32_t userId,const std::string & bundleName,std::vector<AccessControlProfile> & profile)803 int32_t TrustProfileManager::GetAclProfileByUserIdAndBundleName(std::shared_ptr<ResultSet> resultSet,
804 int32_t userId, const std::string& bundleName, std::vector<AccessControlProfile>& profile)
805 {
806 if (resultSet == nullptr) {
807 HILOGE("resultSet is nullptr");
808 return DP_GET_RESULTSET_FAIL;
809 }
810 while (resultSet->GoToNextRow() == DP_SUCCESS) {
811 int32_t columnIndex = COLUMNINDEX_INIT;
812 int64_t accesserId = ACCESSERID_INIT;
813 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
814 resultSet->GetLong(columnIndex, accesserId);
815 int64_t accesseeId = ACCESSEEID_INIT;
816 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
817 resultSet->GetLong(columnIndex, accesseeId);
818 int32_t bindType = BINDTYPE_INIT;
819 resultSet->GetColumnIndex(BIND_TYPE, columnIndex);
820 resultSet->GetInt(columnIndex, bindType);
821 int32_t bindLevel = BINDLEVEL_INIT;
822 resultSet->GetColumnIndex(BIND_LEVEL, columnIndex);
823 resultSet->GetInt(columnIndex, bindLevel);
824 if (bindType == static_cast<int32_t>(BindType::SAME_ACCOUNT) ||
825 bindLevel == static_cast<int32_t>(BindLevel::DEVICE)) {
826 int32_t ret = this->GetAccessControlProfiles(resultSet, accesserId, accesseeId, userId, profile);
827 if (ret != DP_SUCCESS) {
828 HILOGE("GetAclProfileByUserIdAndBundleName::GetAccessControlProfiles failed");
829 return ret;
830 }
831 } else {
832 int32_t ret = this->GetAccessControlProfiles(resultSet, accesserId,
833 accesseeId, userId, bundleName, profile);
834 if (ret != DP_SUCCESS) {
835 HILOGE("GetAclProfileByUserIdAndBundleName::GetAccessControlProfiles failed");
836 return ret;
837 }
838 }
839 }
840 return DP_SUCCESS;
841 }
842
GetAclProfileByUserIdAndAccountId(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,int32_t userId,const std::string & accountId,std::vector<AccessControlProfile> & profile)843 int32_t TrustProfileManager::GetAclProfileByUserIdAndAccountId(std::shared_ptr<ResultSet> resultSet, int64_t accesserId,
844 int64_t accesseeId, int32_t userId, const std::string& accountId, std::vector<AccessControlProfile>& profile)
845 {
846 std::shared_ptr<ResultSet> accesserResultSet =
847 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_ACCESSERUSERID_ACCESSERACCOUNTID,
848 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(userId), ValueObject(accountId) });
849 if (accesserResultSet == nullptr) {
850 HILOGE("GetAclProfileByUserIdAndAccountId::accesserResultSet is nullptr");
851 return DP_GET_RESULTSET_FAIL;
852 }
853 int32_t rowCount = ROWCOUNT_INIT;
854 accesserResultSet->GetRowCount(rowCount);
855 if (rowCount != 0) {
856 std::shared_ptr<ResultSet> accesseeResultSet =
857 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
858 std::vector<ValueObject>{ ValueObject(accesseeId) });
859 if (accesseeResultSet == nullptr) {
860 HILOGE("GetAclProfileByUserIdAndAccountId::accesseeResultSet is nullptr");
861 return DP_GET_RESULTSET_FAIL;
862 }
863 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
864 accesserResultSet->Close();
865 accesseeResultSet->Close();
866 return DP_SUCCESS;
867 }
868 accesserResultSet->Close();
869
870 std::shared_ptr<ResultSet> accesseeResultSet =
871 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_ACCESSEEUSEEID_ACCESSEEACCOUNTID,
872 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(userId), ValueObject(accountId) });
873 if (accesseeResultSet == nullptr) {
874 HILOGE("GetAclProfileByUserIdAndAccountId::accesseeResultSet is nullptr");
875 return DP_GET_RESULTSET_FAIL;
876 }
877 accesseeResultSet->GetRowCount(rowCount);
878 if (rowCount != 0) {
879 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
880 std::vector<ValueObject>{ ValueObject(accesserId) });
881 if (accesserResultSet == nullptr) {
882 HILOGE("GetAclProfileByUserIdAndAccountId::accesserResultSet is nullptr");
883 return DP_GET_RESULTSET_FAIL;
884 }
885 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
886 accesserResultSet->Close();
887 }
888 accesseeResultSet->Close();
889 return DP_SUCCESS;
890 }
891
GetAclProfileByTokenId(std::shared_ptr<ResultSet> resultSet,const std::string & trustDeviceId,int64_t tokenId,std::vector<AccessControlProfile> & profile)892 int32_t TrustProfileManager::GetAclProfileByTokenId(std::shared_ptr<ResultSet> resultSet,
893 const std::string& trustDeviceId, int64_t tokenId, std::vector<AccessControlProfile>& profile)
894 {
895 if (resultSet == nullptr) {
896 HILOGE("resultSet is nullptr");
897 return DP_GET_RESULTSET_FAIL;
898 }
899 while (resultSet->GoToNextRow() == DP_SUCCESS) {
900 int32_t columnIndex = COLUMNINDEX_INIT;
901 int64_t accesserId = ACCESSERID_INIT;
902 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
903 resultSet->GetLong(columnIndex, accesserId);
904 int64_t accesseeId = ACCESSEEID_INIT;
905 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
906 resultSet->GetLong(columnIndex, accesseeId);
907 int32_t bindType = BINDTYPE_INIT;
908 resultSet->GetColumnIndex(BIND_TYPE, columnIndex);
909 resultSet->GetInt(columnIndex, bindType);
910 int32_t bindLevel = BINDLEVEL_INIT;
911 resultSet->GetColumnIndex(BIND_LEVEL, columnIndex);
912 resultSet->GetInt(columnIndex, bindLevel);
913 if (bindType == static_cast<int32_t> (BindType::SAME_ACCOUNT) ||
914 bindLevel == static_cast<int32_t> (BindLevel::DEVICE)) {
915 int32_t ret = this->GetAccessControlProfilesByDeviceId(
916 resultSet, accesserId, accesseeId, trustDeviceId, profile);
917 if (ret != DP_SUCCESS) {
918 HILOGE("GetAclProfileByTokenId::GetAccessControlProfile failed");
919 return ret;
920 }
921 } else {
922 int32_t ret = this->GetAccessControlProfilesByTokenId(resultSet, accesserId,
923 accesseeId, trustDeviceId, tokenId, profile);
924 if (ret != DP_SUCCESS) {
925 HILOGE("GetAclProfileByTokenId::GetAccessControlProfilesByTokenId failed");
926 return ret;
927 }
928 }
929 }
930 return DP_SUCCESS;
931 }
932
GetAclProfileByBundleName(std::shared_ptr<ResultSet> resultSet,const std::string & bundleName,std::vector<AccessControlProfile> & profile)933 int32_t TrustProfileManager::GetAclProfileByBundleName(std::shared_ptr<ResultSet> resultSet,
934 const std::string& bundleName, std::vector<AccessControlProfile>& profile)
935 {
936 if (resultSet == nullptr) {
937 HILOGE("resultSet is nullptr");
938 return DP_GET_RESULTSET_FAIL;
939 }
940 while (resultSet->GoToNextRow() == DP_SUCCESS) {
941 int32_t columnIndex = COLUMNINDEX_INIT;
942 int64_t accesserId = ACCESSERID_INIT;
943 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
944 resultSet->GetLong(columnIndex, accesserId);
945 int64_t accesseeId = ACCESSEEID_INIT;
946 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
947 resultSet->GetLong(columnIndex, accesseeId);
948 int32_t bindType = BINDTYPE_INIT;
949 resultSet->GetColumnIndex(BIND_TYPE, columnIndex);
950 resultSet->GetInt(columnIndex, bindType);
951 int32_t bindLevel = BINDLEVEL_INIT;
952 resultSet->GetColumnIndex(BIND_LEVEL, columnIndex);
953 resultSet->GetInt(columnIndex, bindLevel);
954 if (bindType == static_cast<int32_t> (BindType::SAME_ACCOUNT) ||
955 bindLevel == static_cast<int32_t> (BindLevel::DEVICE)) {
956 int32_t ret = this->GetAccessControlProfile(resultSet, accesserId, accesseeId, profile);
957 if (ret != DP_SUCCESS) {
958 HILOGE("GetAclProfileByBundleName::GetAccessControlProfile failed");
959 return ret;
960 }
961 } else {
962 int32_t ret = this->GetAccessControlProfiles(resultSet, accesserId, accesseeId, bundleName, profile);
963 if (ret != DP_SUCCESS) {
964 HILOGE("GetAclProfileByBundleName::GetAccessControlProfiles failed");
965 return ret;
966 }
967 }
968 }
969 return DP_SUCCESS;
970 }
971
ConvertToAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,std::shared_ptr<ResultSet> accesserResultSet,std::shared_ptr<ResultSet> accesseeResultSet,std::vector<AccessControlProfile> & profile)972 int32_t TrustProfileManager::ConvertToAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,
973 std::shared_ptr<ResultSet> accesserResultSet, std::shared_ptr<ResultSet> accesseeResultSet,
974 std::vector<AccessControlProfile>& profile)
975 {
976 if (accesserResultSet == nullptr) {
977 HILOGE("ConvertToAccessControlProfiles::accesserResultSet is nullptr");
978 return DP_GET_RESULTSET_FAIL;
979 }
980 if (accesseeResultSet == nullptr) {
981 HILOGE("ConvertToAccessControlProfiles::accesseeResultSet is nullptr");
982 return DP_GET_RESULTSET_FAIL;
983 }
984 Accesser accesser;
985 accesserResultSet->GoToNextRow();
986 this->ConvertToAccesser(accesserResultSet, accesser);
987 Accessee accessee;
988 accesseeResultSet->GoToNextRow();
989 this->ConvertToAccessee(accesseeResultSet, accessee);
990 if (resultSet == nullptr) {
991 HILOGE("ConvertToAccessControlProfiles::resultSet is nullptr");
992 return DP_GET_RESULTSET_FAIL;
993 }
994 AccessControlProfile accessControlProfile;
995 this->ConvertToAccessControlProfile(resultSet, accessControlProfile);
996
997 accessControlProfile.SetAccesser(accesser);
998 accessControlProfile.SetAccessee(accessee);
999 profile.push_back(accessControlProfile);
1000 return DP_SUCCESS;
1001 }
1002
PutAccesserProfile(const AccessControlProfile & profile)1003 int32_t TrustProfileManager::PutAccesserProfile(const AccessControlProfile& profile)
1004 {
1005 Accesser accesser = profile.GetAccesser();
1006 std::shared_ptr<ResultSet> resultSet =
1007 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ALL, std::vector<ValueObject>{
1008 ValueObject(accesser.GetAccesserDeviceId()), ValueObject(accesser.GetAccesserUserId()),
1009 ValueObject(accesser.GetAccesserAccountId()), ValueObject(accesser.GetAccesserTokenId()),
1010 ValueObject(accesser.GetAccesserBundleName()), ValueObject(accesser.GetAccesserHapSignature()),
1011 ValueObject(static_cast<int32_t>(accesser.GetAccesserBindLevel()))});
1012 if (resultSet == nullptr) {
1013 HILOGE("PutAccesserProfile::resultSet is nullptr");
1014 return DP_GET_RESULTSET_FAIL;
1015 }
1016 int32_t rowCount = ROWCOUNT_INIT;
1017 resultSet->GetRowCount(rowCount);
1018 if (rowCount != 0) {
1019 HILOGI("accesser is exists");
1020 resultSet->Close();
1021 return DP_SUCCESS;
1022 }
1023 resultSet->Close();
1024 ValuesBucket values;
1025 ProfileUtils::AccesserToEntries(profile, values);
1026 int64_t rowId = ROWID_INIT;
1027 {
1028 std::lock_guard<std::mutex> lock(rdbMutex_);
1029 if (rdbStore_ == nullptr) {
1030 HILOGE("PutAccesserProfile::rdbStore_ is nullptr");
1031 return DP_GET_RDBSTORE_FAIL;
1032 }
1033 int32_t ret = rdbStore_->Put(rowId, ACCESSER_TABLE, values);
1034 if (ret != DP_SUCCESS) {
1035 HILOGE("PutAccesserProfile::accesser_table insert failed");
1036 return DP_PUT_ACCESSER_PROFILE_FAIL;
1037 }
1038 }
1039 HILOGI("PutAccesser : %{public}s", profile.GetAccesser().dump().c_str());
1040 return DP_SUCCESS;
1041 }
1042
PutAccesseeProfile(const AccessControlProfile & profile)1043 int32_t TrustProfileManager::PutAccesseeProfile(const AccessControlProfile& profile)
1044 {
1045 Accessee accessee = profile.GetAccessee();
1046 std::shared_ptr<ResultSet> resultSet =
1047 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ALL, std::vector<ValueObject>{
1048 ValueObject(accessee.GetAccesseeDeviceId()), ValueObject(accessee.GetAccesseeUserId()),
1049 ValueObject(accessee.GetAccesseeAccountId()), ValueObject(accessee.GetAccesseeTokenId()),
1050 ValueObject(accessee.GetAccesseeBundleName()), ValueObject(accessee.GetAccesseeHapSignature()),
1051 ValueObject(static_cast<int32_t>(accessee.GetAccesseeBindLevel()))});
1052 if (resultSet == nullptr) {
1053 HILOGE("PutAccesseeProfile::resultSet is nullptr");
1054 return DP_GET_RESULTSET_FAIL;
1055 }
1056 int32_t rowCount = ROWCOUNT_INIT;
1057 resultSet->GetRowCount(rowCount);
1058 if (rowCount != 0) {
1059 HILOGI("accessee is exists");
1060 resultSet->Close();
1061 return DP_SUCCESS;
1062 }
1063 resultSet->Close();
1064 ValuesBucket values;
1065 ProfileUtils::AccesseeToEntries(profile, values);
1066 int64_t rowId = ROWID_INIT;
1067 {
1068 std::lock_guard<std::mutex> lock(rdbMutex_);
1069 if (rdbStore_ == nullptr) {
1070 HILOGE("PutAccesseeProfile::rdbStore_ is nullptr");
1071 return DP_GET_RDBSTORE_FAIL;
1072 }
1073 int32_t ret = rdbStore_->Put(rowId, ACCESSEE_TABLE, values);
1074 if (ret != DP_SUCCESS) {
1075 HILOGE("PutAccesseeProfile::accessee_table insert failed");
1076 return DP_PUT_ACCESSEE_PROFILE_FAIL;
1077 }
1078 }
1079 HILOGI("PutAccessee : %{public}s", profile.GetAccessee().dump().c_str());
1080 return DP_SUCCESS;
1081 }
1082
SetAccessControlId(AccessControlProfile & profile)1083 int32_t TrustProfileManager::SetAccessControlId(AccessControlProfile& profile)
1084 {
1085 std::shared_ptr<ResultSet> resultSet =
1086 GetResultSet(SELECT_ACCESS_CONTROL_TABLE, std::vector<ValueObject> {});
1087 if (resultSet == nullptr) {
1088 HILOGE("SetAccessControlId::resultSet is nullptr");
1089 return DP_GET_RESULTSET_FAIL;
1090 }
1091 int32_t rowCount = ROWCOUNT_INIT;
1092 resultSet->GetRowCount(rowCount);
1093 if (rowCount == 0) {
1094 profile.SetAccessControlId(1);
1095 resultSet->Close();
1096 return DP_SUCCESS;
1097 }
1098 int64_t accessControlId = ACCESSCONTROLID_INIT;
1099 int32_t columnIndex = COLUMNINDEX_INIT;
1100 resultSet->GoToLastRow();
1101 resultSet->GetColumnIndex(ACCESS_CONTROL_ID, columnIndex);
1102 resultSet->GetLong(columnIndex, accessControlId);
1103 resultSet->Close();
1104 profile.SetAccessControlId(accessControlId+1);
1105 return DP_SUCCESS;
1106 }
1107
SetAccesserId(AccessControlProfile & profile)1108 int32_t TrustProfileManager::SetAccesserId(AccessControlProfile& profile)
1109 {
1110 Accesser accesser = profile.GetAccesser();
1111 std::shared_ptr<ResultSet> resultSet =
1112 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ALL, std::vector<ValueObject>{
1113 ValueObject(accesser.GetAccesserDeviceId()), ValueObject(accesser.GetAccesserUserId()),
1114 ValueObject(accesser.GetAccesserAccountId()), ValueObject(accesser.GetAccesserTokenId()),
1115 ValueObject(accesser.GetAccesserBundleName()), ValueObject(accesser.GetAccesserHapSignature()),
1116 ValueObject(static_cast<int32_t>(accesser.GetAccesserBindLevel()))});
1117 if (resultSet == nullptr) {
1118 HILOGE("SetAccesserId::resultSet is nullptr");
1119 return DP_GET_RESULTSET_FAIL;
1120 }
1121 int32_t rowCount = ROWCOUNT_INIT;
1122 int64_t accesserId = ACCESSERID_INIT;
1123 int32_t columnIndex = COLUMNINDEX_INIT;
1124 resultSet->GetRowCount(rowCount);
1125 if (rowCount != 0) {
1126 resultSet->GoToFirstRow();
1127 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
1128 resultSet->GetLong(columnIndex, accesserId);
1129 profile.SetAccesserId(accesserId);
1130 resultSet->Close();
1131 return DP_SUCCESS;
1132 }
1133 resultSet->Close();
1134 resultSet = GetResultSet(SELECT_ACCESSER_TABLE, std::vector<ValueObject> {});
1135 if (resultSet == nullptr) {
1136 HILOGE("SetAccesserId::resultSet is nullptr");
1137 return DP_GET_RESULTSET_FAIL;
1138 }
1139 resultSet->GetRowCount(rowCount);
1140 if (rowCount == 0) {
1141 profile.GetAccesser().SetAccesserId(1);
1142 profile.SetAccesserId(1);
1143 resultSet->Close();
1144 return DP_SUCCESS;
1145 }
1146 resultSet->GoToLastRow();
1147 resultSet->GetColumnIndex(ACCESSER_ID, columnIndex);
1148 resultSet->GetLong(columnIndex, accesserId);
1149 resultSet->Close();
1150 accesserId = accesserId + 1;
1151 profile.SetAccesserId(accesserId);
1152 return DP_SUCCESS;
1153 }
1154
SetAccesseeId(AccessControlProfile & profile)1155 int32_t TrustProfileManager::SetAccesseeId(AccessControlProfile& profile)
1156 {
1157 Accessee accessee = profile.GetAccessee();
1158 std::shared_ptr<ResultSet> resultSet =
1159 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ALL, std::vector<ValueObject>{
1160 ValueObject(accessee.GetAccesseeDeviceId()), ValueObject(accessee.GetAccesseeUserId()),
1161 ValueObject(accessee.GetAccesseeAccountId()), ValueObject(accessee.GetAccesseeTokenId()),
1162 ValueObject(accessee.GetAccesseeBundleName()), ValueObject(accessee.GetAccesseeHapSignature()),
1163 ValueObject(static_cast<int32_t>(accessee.GetAccesseeBindLevel()))});
1164 if (resultSet == nullptr) {
1165 HILOGE("SetAccesseeId::resultSet is nullptr");
1166 return DP_GET_RESULTSET_FAIL;
1167 }
1168 int32_t rowCount = ROWCOUNT_INIT;
1169 int64_t accesseeId = ACCESSEEID_INIT;
1170 int32_t columnIndex = COLUMNINDEX_INIT;
1171 resultSet->GetRowCount(rowCount);
1172 if (rowCount != 0) {
1173 resultSet->GoToFirstRow();
1174 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
1175 resultSet->GetLong(columnIndex, accesseeId);
1176 profile.SetAccesseeId(accesseeId);
1177 resultSet->Close();
1178 return DP_SUCCESS;
1179 }
1180 resultSet->Close();
1181 resultSet = GetResultSet(SELECT_ACCESSEE_TABLE, std::vector<ValueObject> {});
1182 if (resultSet == nullptr) {
1183 HILOGE("SetAccesseeId::resultSet is nullptr");
1184 return DP_GET_RESULTSET_FAIL;
1185 }
1186 resultSet->GetRowCount(rowCount);
1187 if (rowCount == 0) {
1188 profile.GetAccessee().SetAccesseeId(1);
1189 profile.SetAccesseeId(1);
1190 resultSet->Close();
1191 return DP_SUCCESS;
1192 }
1193 resultSet->GoToLastRow();
1194 resultSet->GetColumnIndex(ACCESSEE_ID, columnIndex);
1195 resultSet->GetLong(columnIndex, accesseeId);
1196 resultSet->Close();
1197 accesseeId = accesseeId + 1;
1198 profile.SetAccesseeId(accesseeId);
1199 return DP_SUCCESS;
1200 }
1201
UpdateAccesserProfile(int64_t accesserId,const AccessControlProfile & profile)1202 int32_t TrustProfileManager::UpdateAccesserProfile(int64_t accesserId, const AccessControlProfile& profile)
1203 {
1204 ValuesBucket values;
1205 ProfileUtils::AccesserToEntries(profile, values);
1206 int32_t changeRowCnt = CHANGEROWCNT_INIT;
1207 {
1208 std::lock_guard<std::mutex> lock(rdbMutex_);
1209 if (rdbStore_ == nullptr) {
1210 HILOGE("UpdateAccesserProfile::rdbStore_ is nullptr");
1211 return DP_GET_RDBSTORE_FAIL;
1212 }
1213 int32_t ret = rdbStore_->Update(changeRowCnt, ACCESSER_TABLE, values, ACCESSERID_EQUAL_CONDITION,
1214 std::vector<ValueObject> {ValueObject(accesserId)});
1215 if (ret != DP_SUCCESS) {
1216 HILOGE("UpdateAccesserProfile::accesser_table update failed");
1217 return DP_UPDATE_ACCESSER_PROFILE_FAIL;
1218 }
1219 }
1220 HILOGI("UpdateAccesser : %{public}s", profile.GetAccesser().dump().c_str());
1221 return DP_SUCCESS;
1222 }
1223
UpdateAccesseeProfile(int64_t accesseeId,const AccessControlProfile & profile)1224 int32_t TrustProfileManager::UpdateAccesseeProfile(int64_t accesseeId, const AccessControlProfile& profile)
1225 {
1226 ValuesBucket values;
1227 ProfileUtils::AccesseeToEntries(profile, values);
1228 int32_t changeRowCnt = CHANGEROWCNT_INIT;
1229 {
1230 std::lock_guard<std::mutex> lock(rdbMutex_);
1231 if (rdbStore_ == nullptr) {
1232 HILOGE("UpdateAccesseeProfile::rdbStore_ is nullptr");
1233 return DP_GET_RDBSTORE_FAIL;
1234 }
1235 int32_t ret = rdbStore_->Update(changeRowCnt, ACCESSEE_TABLE, values, ACCESSEEID_EQUAL_CONDITION,
1236 std::vector<ValueObject>{ ValueObject(accesseeId) });
1237 if (ret != DP_SUCCESS) {
1238 HILOGE("UpdateAccesseeProfile::accessee_table update failed");
1239 return DP_UPDATE_ACCESSEE_PROFILE_FAIL;
1240 }
1241 }
1242 HILOGI("UpdateAccessee : %{public}s", profile.GetAccessee().dump().c_str());
1243 return DP_SUCCESS;
1244 }
1245
UpdateTrustDeviceProfileNotify(const TrustDeviceProfile & oldProfile,const TrustDeviceProfile & newProfile)1246 int32_t TrustProfileManager::UpdateTrustDeviceProfileNotify(const TrustDeviceProfile& oldProfile,
1247 const TrustDeviceProfile &newProfile)
1248 {
1249 if (oldProfile.GetStatus() == 1 && newProfile.GetStatus() == 0) {
1250 int32_t ret = SubscribeProfileManager::GetInstance().NotifyTrustDeviceProfileDelete(newProfile);
1251 if (ret != DP_SUCCESS) {
1252 HILOGE("UpdateTrustDeviceProfileNotify::NotifyTrustDeviceProfileDelete failed");
1253 return DP_NOTIFY_TRUST_DEVICE_FAIL;
1254 }
1255 }
1256 if (oldProfile.GetStatus() == 0 && newProfile.GetStatus() == 1) {
1257 int32_t ret = SubscribeProfileManager::GetInstance().NotifyTrustDeviceProfileAdd(newProfile);
1258 if (ret != DP_SUCCESS) {
1259 HILOGE("UpdateTrustDeviceProfileNotify::NotifyTrustDeviceProfileAdd failed");
1260 return DP_NOTIFY_TRUST_DEVICE_FAIL;
1261 }
1262 }
1263 if (oldProfile.GetDeviceId() != newProfile.GetDeviceId() ||
1264 oldProfile.GetDeviceIdHash() != newProfile.GetDeviceIdHash() ||
1265 oldProfile.GetDeviceIdType() != newProfile.GetDeviceIdType()) {
1266 int32_t ret = SubscribeProfileManager::GetInstance().NotifyTrustDeviceProfileUpdate(oldProfile, newProfile);
1267 if (ret != DP_SUCCESS) {
1268 HILOGE("UpdateTrustDeviceProfileNotify::NotifyTrustDeviceProfileUpdate failed");
1269 return DP_NOTIFY_TRUST_DEVICE_FAIL;
1270 }
1271 }
1272 return DP_SUCCESS;
1273 }
1274
GetResultStatus(const std::string & trustDeviceId,int32_t & trustDeviceStatus)1275 int32_t TrustProfileManager::GetResultStatus(const std::string& trustDeviceId, int32_t& trustDeviceStatus)
1276 {
1277 std::shared_ptr<ResultSet> resultSet =
1278 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_TRUSTDEVICEID,
1279 std::vector<ValueObject>{ ValueObject(trustDeviceId) });
1280 if (resultSet == nullptr) {
1281 HILOGE("GetResultStatus::resultSet is nullptr");
1282 return DP_GET_RESULTSET_FAIL;
1283 }
1284 int32_t rowCount = ROWCOUNT_INIT;
1285 resultSet->GetRowCount(rowCount);
1286 if (rowCount == 0) {
1287 HILOGE("GetResultStatus::trustDeviceId not find");
1288 resultSet->Close();
1289 return DP_NOT_FIND_DATA;
1290 }
1291 int32_t columnIndex = COLUMNINDEX_INIT;
1292 trustDeviceStatus = 0;
1293 while (resultSet->GoToNextRow() == DP_SUCCESS) {
1294 int32_t status = STATUS_INIT;
1295 resultSet->GetColumnIndex(STATUS, columnIndex);
1296 resultSet->GetInt(columnIndex, status);
1297 if (status == 1) {
1298 trustDeviceStatus = 1;
1299 break;
1300 }
1301 }
1302 resultSet->Close();
1303 return DP_SUCCESS;
1304 }
1305
GetAccessControlProfile(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,std::vector<AccessControlProfile> & profile)1306 int32_t TrustProfileManager::GetAccessControlProfile(std::shared_ptr<ResultSet> resultSet,
1307 int64_t accesserId, int64_t accesseeId, std::vector<AccessControlProfile>& profile)
1308 {
1309 std::shared_ptr<ResultSet> accesserResultSet =
1310 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1311 std::vector<ValueObject>{ ValueObject(accesserId) });
1312 if (accesserResultSet == nullptr) {
1313 HILOGE("GetAccessControlProfile::accesserResultSet is nullptr");
1314 return DP_GET_RESULTSET_FAIL;
1315 }
1316 int32_t rowCount = ROWCOUNT_INIT;
1317 accesserResultSet->GetRowCount(rowCount);
1318 if (rowCount == 0) {
1319 HILOGE("GetAccessControlProfile::not find data");
1320 accesserResultSet->Close();
1321 return DP_NOT_FIND_DATA;
1322 }
1323 std::shared_ptr<ResultSet> accesseeResultSet =
1324 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1325 std::vector<ValueObject>{ ValueObject(accesseeId) });
1326 if (accesseeResultSet == nullptr) {
1327 HILOGE("GetAccessControlProfile::accesseeResultSet is nullptr");
1328 return DP_GET_RESULTSET_FAIL;
1329 }
1330 accesseeResultSet->GetRowCount(rowCount);
1331 if (rowCount == 0) {
1332 HILOGE("GetAccessControlProfile::not find data");
1333 accesserResultSet->Close();
1334 accesseeResultSet->Close();
1335 return DP_NOT_FIND_DATA;
1336 }
1337 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1338 accesserResultSet->Close();
1339 accesseeResultSet->Close();
1340 return DP_SUCCESS;
1341 }
1342
GetAccessControlProfilesByDeviceId(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,const std::string & trustDeviceId,std::vector<AccessControlProfile> & profile)1343 int32_t TrustProfileManager::GetAccessControlProfilesByDeviceId(
1344 std::shared_ptr<ResultSet> resultSet, int64_t accesserId, int64_t accesseeId,
1345 const std::string& trustDeviceId, std::vector<AccessControlProfile>& profile)
1346 {
1347 std::shared_ptr<ResultSet> accesserResultSet =
1348 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_ACCESSERDEVICEID,
1349 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(trustDeviceId) });
1350 if (accesserResultSet == nullptr) {
1351 HILOGE("GetAccessControlProfilesByDeviceId::accesserResultSet is nullptr");
1352 return DP_GET_RESULTSET_FAIL;
1353 }
1354 int32_t rowCount = ROWCOUNT_INIT;
1355 accesserResultSet->GetRowCount(rowCount);
1356 if (rowCount != 0) {
1357 std::shared_ptr<ResultSet> accesseeResultSet =
1358 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1359 std::vector<ValueObject>{ ValueObject(accesseeId) });
1360 if (accesseeResultSet == nullptr) {
1361 HILOGE("GetAccessControlProfilesByDeviceId::accesseeResultSet is nullptr");
1362 return DP_GET_RESULTSET_FAIL;
1363 }
1364 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1365 accesserResultSet->Close();
1366 accesseeResultSet->Close();
1367 return DP_SUCCESS;
1368 }
1369 accesserResultSet->Close();
1370
1371 std::shared_ptr<ResultSet> accesseeResultSet =
1372 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_ACCESSEEDEVICEID,
1373 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(trustDeviceId) });
1374 if (accesseeResultSet == nullptr) {
1375 HILOGE("GetAccessControlProfilesByDeviceId::accesseeResultSet is nullptr");
1376 return DP_GET_RESULTSET_FAIL;
1377 }
1378 accesseeResultSet->GetRowCount(rowCount);
1379 if (rowCount != 0) {
1380 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1381 std::vector<ValueObject>{ ValueObject(accesserId) });
1382 if (accesserResultSet == nullptr) {
1383 HILOGE("GetAccessControlProfilesByDeviceId::accesserResultSet is nullptr");
1384 return DP_GET_RESULTSET_FAIL;
1385 }
1386 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1387 accesserResultSet->Close();
1388 }
1389 accesseeResultSet->Close();
1390 return DP_SUCCESS;
1391 }
1392
DeleteAccessControlProfileCheck(std::shared_ptr<ResultSet> resultSet)1393 int32_t TrustProfileManager::DeleteAccessControlProfileCheck(std::shared_ptr<ResultSet> resultSet)
1394 {
1395 int32_t ret = resultSet->GoToNextRow();
1396 if (ret != DP_SUCCESS) {
1397 HILOGE("DeleteAccessControlProfileCheck::get AccessControlProfileResult failed");
1398 return DP_NOT_FIND_DATA;
1399 }
1400 AccessControlProfile profile;
1401 this->ConvertToAccessControlProfile(resultSet, profile);
1402 resultSet->Close();
1403
1404 ret = this->DeleteAccesseeCheck(profile.GetAccesseeId());
1405 if (ret != DP_SUCCESS) {
1406 HILOGE("DeleteAccessControlProfileCheck::DeleteAccesseeCheck failed");
1407 return ret;
1408 }
1409 ret = this->DeleteAccesserCheck(profile.GetAccesserId());
1410 if (ret != DP_SUCCESS) {
1411 HILOGE("DeleteAccessControlProfileCheck::DeleteAccesserCheck failed");
1412 return ret;
1413 }
1414 {
1415 std::lock_guard<std::mutex> lock(rdbMutex_);
1416 if (rdbStore_ == nullptr) {
1417 HILOGE("DeleteAccessControlProfileCheck::rdbStore_ is nullptr");
1418 return DP_GET_RDBSTORE_FAIL;
1419 }
1420 int32_t deleteRows = DELETEROWS_INIT;
1421 ret = rdbStore_->Delete(deleteRows, ACCESS_CONTROL_TABLE, ACCESSCONTROLID_EQUAL_CONDITION,
1422 std::vector<ValueObject>{ ValueObject(profile.GetAccessControlId()) });
1423 if (ret != DP_SUCCESS) {
1424 HILOGE("DeleteAccessControlProfileCheck::delete access_control_table failed");
1425 return DP_DELETE_ACCESS_CONTROL_PROFILE_FAIL;
1426 }
1427 }
1428 HILOGI("DeleteAclProfile : %{public}s", profile.dump().c_str());
1429 ret = this->DeleteTrustDeviceCheck(profile);
1430 if (ret != DP_SUCCESS) {
1431 HILOGE("DeleteAccessControlProfileCheck::DeleteTrustDeviceCheck failed");
1432 return ret;
1433 }
1434 return DP_SUCCESS;
1435 }
1436
ConvertToTrustDeviceProfile(std::shared_ptr<ResultSet> trustResultSet,TrustDeviceProfile & trustDeviceProfile)1437 int32_t TrustProfileManager::ConvertToTrustDeviceProfile(
1438 std::shared_ptr<ResultSet> trustResultSet, TrustDeviceProfile& trustDeviceProfile)
1439 {
1440 if (trustResultSet == nullptr) {
1441 HILOGE("ConvertToTrustDeviceProfile::trustResultSet is nullptr");
1442 return DP_GET_RESULTSET_FAIL;
1443 }
1444 RowEntity rowEntity;
1445 if (trustResultSet->GetRow(rowEntity) != DP_SUCCESS) {
1446 HILOGE("ConvertToTrustDeviceProfile::get trustResultSet failed");
1447 return DP_GET_RESULTSET_FAIL;
1448 }
1449 std::string deviceId = rowEntity.Get(DEVICE_ID);
1450 int32_t deviceIdType = rowEntity.Get(DEVICE_ID_TYPE);
1451 std::string deviceIdHash = rowEntity.Get(DEVICE_ID_HASH);
1452 int32_t status = rowEntity.Get(STATUS);
1453
1454 trustDeviceProfile.SetDeviceId(deviceId);
1455 trustDeviceProfile.SetDeviceIdType(deviceIdType);
1456 trustDeviceProfile.SetDeviceIdHash(deviceIdHash);
1457 trustDeviceProfile.SetStatus(status);
1458 return DP_SUCCESS;
1459 }
1460
ConvertToAccesser(std::shared_ptr<ResultSet> accesserResultSet,Accesser & accesser)1461 int32_t TrustProfileManager::ConvertToAccesser(std::shared_ptr<ResultSet> accesserResultSet,
1462 Accesser& accesser)
1463 {
1464 if (accesserResultSet == nullptr) {
1465 HILOGE("ConvertToAccesser::accesserResultSet is nullptr");
1466 return DP_GET_RESULTSET_FAIL;
1467 }
1468 RowEntity rowEntity;
1469 if (accesserResultSet->GetRow(rowEntity) != DP_SUCCESS) {
1470 HILOGE("ConvertToAccesser::get accesserResultSet failed");
1471 return DP_GET_RESULTSET_FAIL;
1472 }
1473 int64_t accesserId = rowEntity.Get(ACCESSER_ID);
1474 std::string accesserDeviceId = rowEntity.Get(ACCESSER_DEVICE_ID);
1475 int32_t accesserUserId = rowEntity.Get(ACCESSER_USER_ID);
1476 std::string accesserAccountId = rowEntity.Get(ACCESSER_ACCOUNT_ID);
1477 int64_t accesserTokenId = rowEntity.Get(ACCESSER_TOKEN_ID);
1478 std::string accesserBundleName = rowEntity.Get(ACCESSER_BUNDLE_NAME);
1479 std::string accesserHapSignature = rowEntity.Get(ACCESSER_HAP_SIGNATURE);
1480 int32_t accesserBindLevel = rowEntity.Get(ACCESSER_BIND_LEVEL);
1481
1482 accesser.SetAccesserId(accesserId);
1483 accesser.SetAccesserDeviceId(accesserDeviceId);
1484 accesser.SetAccesserUserId(accesserUserId);
1485 accesser.SetAccesserAccountId(accesserAccountId);
1486 accesser.SetAccesserTokenId(accesserTokenId);
1487 accesser.SetAccesserBundleName(accesserBundleName);
1488 accesser.SetAccesserHapSignature(accesserHapSignature);
1489 accesser.SetAccesserBindLevel(accesserBindLevel);
1490 return DP_SUCCESS;
1491 }
1492
ConvertToAccessee(std::shared_ptr<ResultSet> accesseeResultSet,Accessee & accessee)1493 int32_t TrustProfileManager::ConvertToAccessee(std::shared_ptr<ResultSet> accesseeResultSet,
1494 Accessee& accessee)
1495 {
1496 if (accesseeResultSet == nullptr) {
1497 HILOGE("ConvertToAccessee::accesseeResultSet is nullptr");
1498 return DP_GET_RESULTSET_FAIL;
1499 }
1500 RowEntity rowEntity;
1501 if (accesseeResultSet->GetRow(rowEntity) != DP_SUCCESS) {
1502 HILOGE("ConvertToAccessee::get accesseeResultSet failed");
1503 return DP_GET_RESULTSET_FAIL;
1504 }
1505 int64_t accesseeId = rowEntity.Get(ACCESSEE_ID);
1506 std::string accesseeDeviceId = rowEntity.Get(ACCESSEE_DEVICE_ID);
1507 int32_t accesseeUserId = rowEntity.Get(ACCESSEE_USER_ID);
1508 std::string accesseeAccountId = rowEntity.Get(ACCESSEE_ACCOUNT_ID);
1509 int64_t accesseeTokenId = rowEntity.Get(ACCESSEE_TOKEN_ID);
1510 std::string accesseeBundleName = rowEntity.Get(ACCESSEE_BUNDLE_NAME);
1511 std::string accesseeHapSignature = rowEntity.Get(ACCESSEE_HAP_SIGNATURE);
1512 int32_t accesseeBindLevel = rowEntity.Get(ACCESSEE_BIND_LEVEL);
1513
1514 accessee.SetAccesseeId(accesseeId);
1515 accessee.SetAccesseeDeviceId(accesseeDeviceId);
1516 accessee.SetAccesseeUserId(accesseeUserId);
1517 accessee.SetAccesseeAccountId(accesseeAccountId);
1518 accessee.SetAccesseeTokenId(accesseeTokenId);
1519 accessee.SetAccesseeBundleName(accesseeBundleName);
1520 accessee.SetAccesseeHapSignature(accesseeHapSignature);
1521 accessee.SetAccesseeBindLevel(accesseeBindLevel);
1522 return DP_SUCCESS;
1523 }
1524
ConvertToAccessControlProfile(std::shared_ptr<ResultSet> accessControlResultSet,AccessControlProfile & accessControlProfile)1525 int32_t TrustProfileManager::ConvertToAccessControlProfile(
1526 std::shared_ptr<ResultSet> accessControlResultSet, AccessControlProfile& accessControlProfile)
1527 {
1528 if (accessControlResultSet == nullptr) {
1529 HILOGE("ConvertToAccessControlProfile::accessControlResultSet is nullptr");
1530 return DP_GET_RESULTSET_FAIL;
1531 }
1532 RowEntity rowEntity;
1533 if (accessControlResultSet->GetRow(rowEntity) != DP_SUCCESS) {
1534 HILOGE("ConvertToAccessControlProfile::get accessControlResultSet failed");
1535 return DP_GET_RESULTSET_FAIL;
1536 }
1537 int64_t accessControlId = rowEntity.Get(ACCESS_CONTROL_ID);
1538 int64_t accesserId = rowEntity.Get(ACCESSER_ID);
1539 int64_t accesseeId = rowEntity.Get(ACCESSEE_ID);
1540 std::string trustDeviceId = rowEntity.Get(TRUST_DEVICE_ID);
1541 std::string sessionKey = rowEntity.Get(SESSION_KEY);
1542 int32_t bindType = rowEntity.Get(BIND_TYPE);
1543 int32_t authenticationType = rowEntity.Get(AUTHENTICATION_TYPE);
1544 int32_t deviceIdType = rowEntity.Get(DEVICE_ID_TYPE);
1545 std::string deviceIdHash = rowEntity.Get(DEVICE_ID_HASH);
1546 int32_t status = rowEntity.Get(STATUS);
1547 int32_t validPeriod = rowEntity.Get(VALID_PERIOD);
1548 int32_t lastAuthTime = rowEntity.Get(LAST_AUTH_TIME);
1549 int32_t bindLevel = rowEntity.Get(BIND_LEVEL);
1550
1551 accessControlProfile.SetAccessControlId(accessControlId);
1552 accessControlProfile.SetAccesserId(accesserId);
1553 accessControlProfile.SetAccesseeId(accesseeId);
1554 accessControlProfile.SetTrustDeviceId(trustDeviceId);
1555 accessControlProfile.SetSessionKey(sessionKey);
1556 accessControlProfile.SetBindType(bindType);
1557 accessControlProfile.SetAuthenticationType(authenticationType);
1558 accessControlProfile.SetDeviceIdType(deviceIdType);
1559 accessControlProfile.SetDeviceIdHash(deviceIdHash);
1560 accessControlProfile.SetStatus(status);
1561 accessControlProfile.SetValidPeriod(validPeriod);
1562 accessControlProfile.SetLastAuthTime(lastAuthTime);
1563 accessControlProfile.SetBindLevel(bindLevel);
1564 return DP_SUCCESS;
1565 }
1566
GetResultSet(const std::string & sql,std::vector<ValueObject> condition)1567 std::shared_ptr<ResultSet> TrustProfileManager::GetResultSet(
1568 const std::string& sql, std::vector<ValueObject> condition)
1569 {
1570 if (sql.empty() || sql.length() > MAX_STRING_LEN) {
1571 HILOGE("sql is invalid");
1572 return nullptr;
1573 }
1574 if (condition.size() > MAX_PARAM_SIZE) {
1575 HILOGE("condition is invalid");
1576 return nullptr;
1577 }
1578 std::lock_guard<std::mutex> lock(rdbMutex_);
1579 if (rdbStore_ == nullptr) {
1580 HILOGE("GetResultSet::rdbStore_ is nullptr");
1581 return nullptr;
1582 }
1583 return rdbStore_->Get(sql, condition);
1584 }
1585
SetAccessControlProfileId(AccessControlProfile & accessControlProfile)1586 int32_t TrustProfileManager::SetAccessControlProfileId(AccessControlProfile& accessControlProfile)
1587 {
1588 int32_t ret = this->SetAccessControlId(accessControlProfile);
1589 if (ret != DP_SUCCESS) {
1590 HILOGE("SetAccessControlProfileId::SetAccessControlId failed");
1591 return ret;
1592 }
1593 ret = this->SetAccesserId(accessControlProfile);
1594 if (ret != DP_SUCCESS) {
1595 HILOGE("SetAccessControlProfileId::SetAccesserId failed");
1596 return ret;
1597 }
1598 ret = this->SetAccesseeId(accessControlProfile);
1599 if (ret != DP_SUCCESS) {
1600 HILOGE("SetAccessControlProfileId::SetAccesseeId failed");
1601 return ret;
1602 }
1603 Accesser accesser(accessControlProfile.GetAccesser());
1604 accesser.SetAccesserId(accessControlProfile.GetAccesserId());
1605 accessControlProfile.SetAccesser(accesser);
1606
1607 Accessee accessee(accessControlProfile.GetAccessee());
1608 accessee.SetAccesseeId(accessControlProfile.GetAccesseeId());
1609 accessControlProfile.SetAccessee(accessee);
1610 return DP_SUCCESS;
1611 }
1612
GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,int32_t userId,const std::string & bundleName,std::vector<AccessControlProfile> & profile)1613 int32_t TrustProfileManager::GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,
1614 int64_t accesserId, int64_t accesseeId, int32_t userId, const std::string& bundleName,
1615 std::vector<AccessControlProfile>& profile)
1616 {
1617 std::shared_ptr<ResultSet> accesserResultSet =
1618 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_ACCESSERUSERID_ACCESSERBUNDLENAME,
1619 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(userId), ValueObject(bundleName) });
1620 if (accesserResultSet == nullptr) {
1621 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1622 return DP_GET_RESULTSET_FAIL;
1623 }
1624 int32_t rowCount = ROWCOUNT_INIT;
1625 accesserResultSet->GetRowCount(rowCount);
1626 if (rowCount != 0) {
1627 std::shared_ptr<ResultSet> accesseeResultSet =
1628 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1629 std::vector<ValueObject>{ ValueObject(accesseeId) });
1630 if (accesseeResultSet == nullptr) {
1631 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1632 return DP_GET_RESULTSET_FAIL;
1633 }
1634 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1635 accesserResultSet->Close();
1636 accesseeResultSet->Close();
1637 return DP_SUCCESS;
1638 }
1639 accesserResultSet->Close();
1640
1641 std::shared_ptr<ResultSet> accesseeResultSet =
1642 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_ACCESSEEUSEEID_ACCESSEEBUNDLENAME,
1643 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(userId), ValueObject(bundleName) });
1644 if (accesseeResultSet == nullptr) {
1645 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1646 return DP_GET_RESULTSET_FAIL;
1647 }
1648 accesseeResultSet->GetRowCount(rowCount);
1649 if (rowCount != 0) {
1650 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1651 std::vector<ValueObject>{ ValueObject(accesserId) });
1652 if (accesserResultSet == nullptr) {
1653 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1654 return DP_GET_RESULTSET_FAIL;
1655 }
1656 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1657 accesserResultSet->Close();
1658 }
1659 accesseeResultSet->Close();
1660 return DP_SUCCESS;
1661 }
1662
GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,int32_t userId,std::vector<AccessControlProfile> & profile)1663 int32_t TrustProfileManager::GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet, int64_t accesserId,
1664 int64_t accesseeId, int32_t userId, std::vector<AccessControlProfile>& profile)
1665 {
1666 std::shared_ptr<ResultSet> accesserResultSet =
1667 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_ACCESSERUSERID,
1668 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(userId) });
1669 if (accesserResultSet == nullptr) {
1670 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1671 return DP_GET_RESULTSET_FAIL;
1672 }
1673 int32_t rowCount = ROWCOUNT_INIT;
1674 accesserResultSet->GetRowCount(rowCount);
1675 if (rowCount != 0) {
1676 std::shared_ptr<ResultSet> accesseeResultSet =
1677 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1678 std::vector<ValueObject>{ ValueObject(accesseeId) });
1679 if (accesseeResultSet == nullptr) {
1680 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1681 return DP_GET_RESULTSET_FAIL;
1682 }
1683 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1684 accesserResultSet->Close();
1685 accesseeResultSet->Close();
1686 return DP_SUCCESS;
1687 }
1688 accesserResultSet->Close();
1689
1690 std::shared_ptr<ResultSet> accesseeResultSet =
1691 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_ACCESSEEUSERID,
1692 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(userId) });
1693 if (accesseeResultSet == nullptr) {
1694 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1695 return DP_GET_RESULTSET_FAIL;
1696 }
1697 accesseeResultSet->GetRowCount(rowCount);
1698 if (rowCount != 0) {
1699 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1700 std::vector<ValueObject>{ ValueObject(accesserId) });
1701 if (accesserResultSet == nullptr) {
1702 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1703 return DP_GET_RESULTSET_FAIL;
1704 }
1705 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1706 accesserResultSet->Close();
1707 }
1708 accesseeResultSet->Close();
1709 return DP_SUCCESS;
1710 }
1711
GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,const std::string & bundleName,std::vector<AccessControlProfile> & profile)1712 int32_t TrustProfileManager::GetAccessControlProfiles(std::shared_ptr<ResultSet> resultSet, int64_t accesserId,
1713 int64_t accesseeId, const std::string& bundleName, std::vector<AccessControlProfile>& profile)
1714 {
1715 std::shared_ptr<ResultSet> accesserResultSet =
1716 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_ACCESSERBUNDLENAME,
1717 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(bundleName) });
1718 if (accesserResultSet == nullptr) {
1719 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1720 return DP_GET_RESULTSET_FAIL;
1721 }
1722 int32_t rowCount = ROWCOUNT_INIT;
1723 accesserResultSet->GetRowCount(rowCount);
1724 if (rowCount != 0) {
1725 std::shared_ptr<ResultSet> accesseeResultSet =
1726 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1727 std::vector<ValueObject>{ ValueObject(accesseeId) });
1728 if (accesseeResultSet == nullptr) {
1729 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1730 return DP_GET_RESULTSET_FAIL;
1731 }
1732 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1733 accesserResultSet->Close();
1734 accesseeResultSet->Close();
1735 return DP_SUCCESS;
1736 }
1737 accesserResultSet->Close();
1738
1739 std::shared_ptr<ResultSet> accesseeResultSet =
1740 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_ACCESSEEBUNDLENAME,
1741 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(bundleName) });
1742 if (accesseeResultSet == nullptr) {
1743 HILOGE("GetAccessControlProfiles::accesseeResultSet is nullptr");
1744 return DP_GET_RESULTSET_FAIL;
1745 }
1746 accesseeResultSet->GetRowCount(rowCount);
1747 if (rowCount != 0) {
1748 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1749 std::vector<ValueObject>{ ValueObject(accesserId) });
1750 if (accesserResultSet == nullptr) {
1751 HILOGE("GetAccessControlProfiles::accesserResultSet is nullptr");
1752 return DP_GET_RESULTSET_FAIL;
1753 }
1754 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1755 accesserResultSet->Close();
1756 }
1757 accesseeResultSet->Close();
1758 return DP_SUCCESS;
1759 }
1760
GetAccessControlProfilesByTokenId(std::shared_ptr<ResultSet> resultSet,int64_t accesserId,int64_t accesseeId,const std::string & trustDeviceId,int64_t tokenId,std::vector<AccessControlProfile> & profile)1761 int32_t TrustProfileManager::GetAccessControlProfilesByTokenId(std::shared_ptr<ResultSet> resultSet,
1762 int64_t accesserId, int64_t accesseeId, const std::string& trustDeviceId,
1763 int64_t tokenId, std::vector<AccessControlProfile> &profile)
1764 {
1765 std::shared_ptr<ResultSet> accesserResultSet =
1766 GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID_AND_DEVICEID_AND_ACCESSERTOKENID,
1767 std::vector<ValueObject>{ ValueObject(accesserId), ValueObject(trustDeviceId), ValueObject(tokenId) });
1768 if (accesserResultSet == nullptr) {
1769 HILOGE("GetAccessControlProfilesByTokenId::accesserResultSet is nullptr");
1770 return DP_GET_RESULTSET_FAIL;
1771 }
1772 int32_t rowCount = ROWCOUNT_INIT;
1773 accesserResultSet->GetRowCount(rowCount);
1774 if (rowCount != 0) {
1775 std::shared_ptr<ResultSet> accesseeResultSet =
1776 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID,
1777 std::vector<ValueObject>{ ValueObject(accesseeId) });
1778 if (accesseeResultSet == nullptr) {
1779 HILOGE("GetAccessControlProfilesByTokenId::accesseeResultSet is nullptr");
1780 return DP_GET_RESULTSET_FAIL;
1781 }
1782 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1783 accesserResultSet->Close();
1784 accesseeResultSet->Close();
1785 return DP_SUCCESS;
1786 }
1787 accesserResultSet->Close();
1788
1789 std::shared_ptr<ResultSet> accesseeResultSet =
1790 GetResultSet(SELECT_ACCESSEE_TABLE_WHERE_ACCESSEEID_AND_DEVICEID_AND_ACCESSEETOKENID,
1791 std::vector<ValueObject>{ ValueObject(accesseeId), ValueObject(trustDeviceId), ValueObject(tokenId) });
1792 if (accesseeResultSet == nullptr) {
1793 HILOGE("GetAccessControlProfilesByTokenId::accesseeResultSet is nullptr");
1794 return DP_GET_RESULTSET_FAIL;
1795 }
1796 accesseeResultSet->GetRowCount(rowCount);
1797 if (rowCount != 0) {
1798 accesserResultSet = GetResultSet(SELECT_ACCESSER_TABLE_WHERE_ACCESSERID,
1799 std::vector<ValueObject>{ ValueObject(accesserId) });
1800 if (accesserResultSet == nullptr) {
1801 HILOGE("GetAccessControlProfilesByTokenId::accesserResultSet is nullptr");
1802 return DP_GET_RESULTSET_FAIL;
1803 }
1804 this->ConvertToAccessControlProfiles(resultSet, accesserResultSet, accesseeResultSet, profile);
1805 accesserResultSet->Close();
1806 }
1807 accesseeResultSet->Close();
1808 return DP_SUCCESS;
1809 }
1810
DeleteAccesserCheck(int64_t accesserId)1811 int32_t TrustProfileManager::DeleteAccesserCheck(int64_t accesserId)
1812 {
1813 std::shared_ptr<ResultSet> resultSet =
1814 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_ACCESSERID,
1815 std::vector<ValueObject>{ ValueObject(accesserId) });
1816 if (resultSet == nullptr) {
1817 HILOGE("DeleteAccesserCheck::resultSet is nullptr");
1818 return DP_GET_RESULTSET_FAIL;
1819 }
1820 int32_t rowCount = ROWCOUNT_INIT;
1821 resultSet->GetRowCount(rowCount);
1822 resultSet->Close();
1823 if (rowCount == DELETE_ACCESSER_CONDITION) {
1824 std::lock_guard<std::mutex> lock(rdbMutex_);
1825 if (rdbStore_ == nullptr) {
1826 HILOGE("DeleteAccesserCheck::rdbStore_ is nullptr");
1827 return DP_GET_RDBSTORE_FAIL;
1828 }
1829 int32_t deleteRows = DELETEROWS_INIT;
1830 int32_t ret = rdbStore_->Delete(deleteRows, ACCESSER_TABLE, ACCESSERID_EQUAL_CONDITION,
1831 std::vector<ValueObject>{ ValueObject(accesserId) });
1832 if (ret != DP_SUCCESS) {
1833 HILOGE("DeleteAccesserCheck::delete accesser_table accesserId failed");
1834 return DP_DELETE_ACCESSER_PROFILE_FAIL;
1835 }
1836 }
1837 HILOGI("DeleteAclProfile.AccesserId : %{public}" PRId64, accesserId);
1838 return DP_SUCCESS;
1839 }
1840
UpdateAclCheck(const AccessControlProfile & profile)1841 int32_t TrustProfileManager::UpdateAclCheck(const AccessControlProfile& profile)
1842 {
1843 std::shared_ptr<ResultSet> resultSet =
1844 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_ACCESSCONTROLID,
1845 std::vector<ValueObject>{ ValueObject(profile.GetAccessControlId()) });
1846 if (resultSet == nullptr) {
1847 HILOGE("UpdateAclCheck::resultSet is nullptr");
1848 return DP_GET_RESULTSET_FAIL;
1849 }
1850 int32_t rowCount = ROWCOUNT_INIT;
1851 resultSet->GetRowCount(rowCount);
1852 if (rowCount == 0) {
1853 HILOGE("UpdateAclCheck::accessControlId not find");
1854 resultSet->Close();
1855 return DP_NOT_FIND_DATA;
1856 }
1857 resultSet->GoToNextRow();
1858 AccessControlProfile oldProfile;
1859 this->ConvertToAccessControlProfile(resultSet, oldProfile);
1860 resultSet->Close();
1861 if (oldProfile.GetAccesseeId() != profile.GetAccessee().GetAccesseeId() ||
1862 oldProfile.GetAccesserId() != profile.GetAccesser().GetAccesserId() ||
1863 oldProfile.GetAccesserId() != profile.GetAccesserId() ||
1864 oldProfile.GetAccesseeId() != profile.GetAccesseeId()) {
1865 HILOGE("UpdateAclCheck:Can't Update not allowed attribute");
1866 return DP_UPDATE_ACL_NOT_ALLOW;
1867 }
1868 return DP_SUCCESS;
1869 }
1870
PutAclCheck(const AccessControlProfile & profile)1871 int32_t TrustProfileManager::PutAclCheck(const AccessControlProfile& profile)
1872 {
1873 TrustDeviceProfile trustProfile;
1874 this->ConvertToTrustDeviceProfile(profile, trustProfile);
1875 std::string trustDeviceId = profile.GetTrustDeviceId();
1876 std::shared_ptr<ResultSet> resultSet =
1877 GetResultSet(SELECT_TRUST_DEVICE_TABLE_WHERE_DEVICEID,
1878 std::vector<ValueObject>{ ValueObject(trustDeviceId) });
1879 if (resultSet == nullptr) {
1880 HILOGE("PutAclCheck::resultSet is nullptr");
1881 return DP_GET_RESULTSET_FAIL;
1882 }
1883 int32_t rowCount = ROWCOUNT_INIT;
1884 resultSet->GetRowCount(rowCount);
1885 resultSet->Close();
1886 if (rowCount == 0) {
1887 this->PutTrustDeviceProfile(trustProfile);
1888 return DP_SUCCESS;
1889 }
1890 int32_t status = STATUS_INIT;
1891 if (this->GetResultStatus(trustDeviceId, status) != DP_SUCCESS) {
1892 HILOGE("PutAclCheck::GetResultStatus failed");
1893 return DP_GET_RESULTSET_FAIL;
1894 }
1895 trustProfile.SetStatus(status);
1896 if (this->UpdateTrustDeviceProfile(trustProfile) != DP_SUCCESS) {
1897 HILOGE("PutAclCheck::UpdateTrustDeviceProfile failed");
1898 return DP_UPDATE_TRUST_DEVICE_PROFILE_FAIL;
1899 }
1900 return DP_SUCCESS;
1901 }
1902
IsAclExists(const AccessControlProfile & profile)1903 int32_t TrustProfileManager::IsAclExists(const AccessControlProfile &profile)
1904 {
1905 std::shared_ptr<ResultSet> resultSet =
1906 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_ALL, std::vector<ValueObject>{
1907 ValueObject(profile.GetAccesserId()), ValueObject(profile.GetAccesseeId()),
1908 ValueObject(profile.GetTrustDeviceId()), ValueObject(profile.GetSessionKey()),
1909 ValueObject(static_cast<int32_t>(profile.GetBindType())),
1910 ValueObject(static_cast<int32_t>(profile.GetAuthenticationType())),
1911 ValueObject(static_cast<int32_t>(profile.GetDeviceIdType())),
1912 ValueObject(profile.GetDeviceIdHash()), ValueObject(profile.GetStatus()),
1913 ValueObject(profile.GetValidPeriod()), ValueObject(profile.GetLastAuthTime()),
1914 ValueObject(static_cast<int32_t>(profile.GetBindLevel()))});
1915 if (resultSet == nullptr) {
1916 HILOGE("PutAccesserProfile::resultSet is nullptr");
1917 return DP_GET_RESULTSET_FAIL;
1918 }
1919 int32_t rowCount = ROWCOUNT_INIT;
1920 resultSet->GetRowCount(rowCount);
1921 resultSet->Close();
1922 if (rowCount != 0) {
1923 HILOGI("accessControlProfile is exists");
1924 return DP_DATA_EXISTS;
1925 }
1926 return DP_SUCCESS;
1927 }
1928
DeleteAccesseeCheck(int64_t accesseeId)1929 int32_t TrustProfileManager::DeleteAccesseeCheck(int64_t accesseeId)
1930 {
1931 std::shared_ptr<ResultSet> resultSet =
1932 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_ACCESSEEID,
1933 std::vector<ValueObject>{ ValueObject(accesseeId) });
1934 if (resultSet == nullptr) {
1935 HILOGE("DeleteAccesseeCheck::resultSet is nullptr");
1936 return DP_GET_RESULTSET_FAIL;
1937 }
1938 int32_t rowCount = ROWCOUNT_INIT;
1939 resultSet->GetRowCount(rowCount);
1940 resultSet->Close();
1941 if (rowCount == DELETE_ACCESSEE_CONDITION) {
1942 std::lock_guard<std::mutex> lock(rdbMutex_);
1943 if (rdbStore_ == nullptr) {
1944 HILOGE("DeleteAccesseeCheck::rdbStore_ is nullptr");
1945 return DP_GET_RDBSTORE_FAIL;
1946 }
1947 int32_t deleteRows = DELETEROWS_INIT;
1948 int32_t ret = rdbStore_->Delete(deleteRows, ACCESSEE_TABLE, ACCESSEEID_EQUAL_CONDITION,
1949 std::vector<ValueObject> {ValueObject(accesseeId)});
1950 if (ret != DP_SUCCESS) {
1951 HILOGE("DeleteAccesseeCheck::delete accessee_table accesseeId failed");
1952 return DP_DELETE_ACCESSEE_PROFILE_FAIL;
1953 }
1954 }
1955 HILOGI("DeleteAclProfile.AccesseeId : %{public}" PRId64, accesseeId);
1956 return DP_SUCCESS;
1957 }
1958
DeleteTrustDeviceCheck(const AccessControlProfile & profile)1959 int32_t TrustProfileManager::DeleteTrustDeviceCheck(const AccessControlProfile& profile)
1960 {
1961 std::shared_ptr<ResultSet> resultSet =
1962 GetResultSet(SELECT_ACCESS_CONTROL_TABLE_WHERE_TRUSTDEVICEID,
1963 std::vector<ValueObject>{ ValueObject(profile.GetTrustDeviceId()) });
1964 if (resultSet == nullptr) {
1965 HILOGE("DeleteTrustDeviceCheck::resultSet is nullptr");
1966 return DP_GET_RESULTSET_FAIL;
1967 }
1968 int32_t rowCount = ROWCOUNT_INIT;
1969 resultSet->GetRowCount(rowCount);
1970 resultSet->Close();
1971 int32_t ret = RET_INIT;
1972 if (rowCount == DELETE_TRUST_CONDITION) {
1973 ret = this->DeleteTrustDeviceProfile(profile.GetTrustDeviceId());
1974 if (ret != DP_SUCCESS) {
1975 HILOGE("DeleteTrustDeviceCheck::DeleteTrustDeviceProfile failed");
1976 return DP_DELETE_TRUST_DEVICE_PROFILE_FAIL;
1977 }
1978 } else {
1979 int32_t status = STATUS_INIT;
1980 this->GetResultStatus(profile.GetTrustDeviceId(), status);
1981 TrustDeviceProfile trustDeviceProfile;
1982 trustDeviceProfile.SetDeviceId(profile.GetTrustDeviceId());
1983 trustDeviceProfile.SetDeviceIdType(profile.GetDeviceIdType());
1984 trustDeviceProfile.SetDeviceIdHash(profile.GetDeviceIdHash());
1985 trustDeviceProfile.SetStatus(status);
1986 ret = this->UpdateTrustDeviceProfile(trustDeviceProfile);
1987 if (ret != DP_SUCCESS) {
1988 HILOGE("DeleteTrustDeviceCheck::UpdateTrustDeviceProfile failed");
1989 return DP_UPDATE_TRUST_DEVICE_PROFILE_FAIL;
1990 }
1991 }
1992 return DP_SUCCESS;
1993 }
1994 } // namespace DistributedDeviceProfile
1995 } // namespace OHOS
1996