1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NET_FIREWALL_SERVICE_H
17 #define NET_FIREWALL_SERVICE_H
18 
19 #include <string>
20 
21 #include "os_account_manager.h"
22 #include "netfirewall_common.h"
23 #include "netfirewall_stub.h"
24 #include "singleton.h"
25 #include "system_ability.h"
26 #include "common_event_manager.h"
27 #include "common_event_subscriber.h"
28 #include "common_event_support.h"
29 
30 #include "netfirewall_policy_manager.h"
31 #include "netfirewall_rule_manager.h"
32 #include "netfirewall_rule_native_helper.h"
33 #include "ffrt.h"
34 
35 namespace OHOS {
36 namespace NetManagerStandard {
37 using namespace OHOS::EventFwk;
38 class NetFirewallService : public SystemAbility,
39     public NetFirewallStub,
40     public std::enable_shared_from_this<NetFirewallService> {
41     DECLARE_DELAYED_SINGLETON(NetFirewallService);
42     DECLARE_SYSTEM_ABILITY(NetFirewallService)
43     enum class ServiceRunningState {
44         STATE_NOT_START,
45         STATE_RUNNING
46     };
47 
48 public:
49     void SubscribeCommonEvent();
50 
51     // Broadcast Listener
52     class ReceiveMessage : public OHOS::EventFwk::CommonEventSubscriber {
53     public:
ReceiveMessage(const EventFwk::CommonEventSubscribeInfo & subscriberInfo,std::shared_ptr<NetFirewallService> netfirewallService)54         explicit ReceiveMessage(const EventFwk::CommonEventSubscribeInfo &subscriberInfo,
55             std::shared_ptr<NetFirewallService> netfirewallService)
56             : EventFwk::CommonEventSubscriber(subscriberInfo), netfirewallService_(netfirewallService) {};
57 
58         virtual void OnReceiveEvent(const EventFwk::CommonEventData &eventData) override;
59 
60     private:
61         std::shared_ptr<NetFirewallService> netfirewallService_ = nullptr;
62     };
63 
64     /* *
65      * Turn on or off the firewall
66      *
67      * @param userId User id
68      * @param status The firewall status to be set
69      * @return Returns 0 success. Otherwise fail
70      */
71     int32_t SetNetFirewallPolicy(const int32_t userId, const sptr<NetFirewallPolicy> &status) override;
72 
73     /**
74      * Query firewall status
75      *
76      * @param userId User id
77      * @param status Return to firewall status
78      * @return Returns 0 success. Otherwise fail
79      */
80     int32_t GetNetFirewallPolicy(const int32_t userId, sptr<NetFirewallPolicy> &status) override;
81 
82     /**
83      * Add firewall rules
84      *
85      * @param rule Firewall rules
86      * @param ruleId Rule id genarated by database
87      * @return Returns 0 success. Otherwise fail
88      */
89     int32_t AddNetFirewallRule(const sptr<NetFirewallRule> &rule, int32_t &ruleId) override;
90 
91     /**
92      * Modify firewall rules
93      *
94      * @param rule Firewall rules
95      * @return Returns 0 success. Otherwise fail
96      */
97     int32_t UpdateNetFirewallRule(const sptr<NetFirewallRule> &rule) override;
98 
99     /**
100      * Delete firewall rules
101      *
102      * @param userId User ID
103      * @param ruleId Rule ID
104      * @return Returns 0 success. Otherwise fail
105      */
106     int32_t DeleteNetFirewallRule(const int32_t userId, const int32_t ruleId) override;
107 
108     /**
109      * Get all firewall rules
110      *
111      * @param userId User ID
112      * @param requestParam Paging in parameter information
113      * @param info Paging data information
114      * @return Returns 0 success. Otherwise fail
115      */
116     int32_t GetNetFirewallRules(const int32_t userId, const sptr<RequestParam> &requestParam,
117         sptr<FirewallRulePage> &info) override;
118     /**
119      * Get information about the specified rule ID
120      *
121      * @param ruleId Rule ID
122      * @param rule Return to firewall rules
123      * @return Returns 0 success. Otherwise fail
124      */
125     int32_t GetNetFirewallRule(const int32_t userId, const int32_t ruleId, sptr<NetFirewallRule> &rule) override;
126 
127     /**
128      * Get all interception records
129      *
130      * @param userId User ID
131      * @param requestParam Paging in parameter information
132      * @param info Paging data information
133      * @return Returns 0 success. Otherwise fail
134      */
135     int32_t GetInterceptRecords(const int32_t userId, const sptr<RequestParam> &requestParam,
136         sptr<InterceptRecordPage> &info) override;
137 
138     /**
139      * dump function
140      *
141      * @param fd File handle
142      * @param args Input data
143      * @return Returns 0 success. Otherwise fail
144      */
145     int32_t Dump(int32_t fd, const std::vector<std::u16string> &args) override;
146 
147 protected:
148     void OnStart() override;
149 
150     void OnStop() override;
151 
152     void OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override;
153 
154     void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override;
155 
156 private:
157     void GetDumpMessage(std::string &message);
158 
159     int32_t OnInit();
160 
161     int32_t GetCurrentAccountId();
162 
163     void SetCurrentUserId(int32_t userId);
164 
165     void InitQueryUserId(int32_t times);
166 
167     bool InitUsersOnBoot();
168 
169     void InitServiceHandler();
170 
171     void InitQueryNetFirewallRules();
172 
173     std::string GetServiceState();
174 
175     std::string GetLastRulePushTime();
176 
177     std::string GetLastRulePushResult();
178 
179     int32_t GetAllUserFirewallState(std::map<int32_t, bool> &firewallStateMap);
180 
181     int32_t AddDefaultNetFirewallRule(int32_t userId);
182 
183     int32_t CheckUserExist(const int32_t userId);
184 
185     void RegisterSubscribeCommonEvent();
186 
187 private:
188     static std::shared_ptr<ffrt::queue> ffrtServiceHandler_;
189     std::atomic<uint64_t> currentSetRuleSecond_ = 0;
190     std::atomic<int64_t> lastRulePushResult_ = -1;
191     std::atomic<uint64_t> serviceSpendTime_ = 0;
192     std::atomic<int32_t> currentUserId_ = 0;
193     std::atomic<ServiceRunningState> state_;
194     bool isServicePublished_ = false;
195     bool hasSaRemoved_ = false;
196     std::shared_ptr<ReceiveMessage> subscriber_ = nullptr;
197 };
198 } // namespace NetManagerStandard
199 } // namespace OHOS
200 #endif /* NET_FIREWALL_SERVICE_H */
201