1b1b8bc3fSopenharmony_ci/*
2b1b8bc3fSopenharmony_ci * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3b1b8bc3fSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
4b1b8bc3fSopenharmony_ci * you may not use this file except in compliance with the License.
5b1b8bc3fSopenharmony_ci * You may obtain a copy of the License at
6b1b8bc3fSopenharmony_ci *
7b1b8bc3fSopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
8b1b8bc3fSopenharmony_ci *
9b1b8bc3fSopenharmony_ci * Unless required by applicable law or agreed to in writing, software
10b1b8bc3fSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
11b1b8bc3fSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12b1b8bc3fSopenharmony_ci * See the License for the specific language governing permissions and
13b1b8bc3fSopenharmony_ci * limitations under the License.
14b1b8bc3fSopenharmony_ci */
15b1b8bc3fSopenharmony_ci
16b1b8bc3fSopenharmony_ci#ifndef NET_POLICY_FILE_H
17b1b8bc3fSopenharmony_ci#define NET_POLICY_FILE_H
18b1b8bc3fSopenharmony_ci
19b1b8bc3fSopenharmony_ci#include <climits>
20b1b8bc3fSopenharmony_ci#include <fcntl.h>
21b1b8bc3fSopenharmony_ci#include <fstream>
22b1b8bc3fSopenharmony_ci#include <iostream>
23b1b8bc3fSopenharmony_ci#include <memory>
24b1b8bc3fSopenharmony_ci#include <mutex>
25b1b8bc3fSopenharmony_ci#include <sstream>
26b1b8bc3fSopenharmony_ci#include <sys/sendfile.h>
27b1b8bc3fSopenharmony_ci#include <sys/stat.h>
28b1b8bc3fSopenharmony_ci#include <sys/types.h>
29b1b8bc3fSopenharmony_ci#include <unistd.h>
30b1b8bc3fSopenharmony_ci#include <vector>
31b1b8bc3fSopenharmony_ci
32b1b8bc3fSopenharmony_ci#include "cJSON.h"
33b1b8bc3fSopenharmony_ci#include "singleton.h"
34b1b8bc3fSopenharmony_ci
35b1b8bc3fSopenharmony_ci#include "netmanager_base_common_utils.h"
36b1b8bc3fSopenharmony_ci#include "net_policy_constants.h"
37b1b8bc3fSopenharmony_ci#include "net_policy_file_event_handler.h"
38b1b8bc3fSopenharmony_ci#include "net_policy_inner_define.h"
39b1b8bc3fSopenharmony_ci#include "net_quota_policy.h"
40b1b8bc3fSopenharmony_ci
41b1b8bc3fSopenharmony_cinamespace OHOS {
42b1b8bc3fSopenharmony_cinamespace NetManagerStandard {
43b1b8bc3fSopenharmony_cienum NetUidPolicyOpType {
44b1b8bc3fSopenharmony_ci    NET_POLICY_UID_OP_TYPE_DO_NOTHING = 0,
45b1b8bc3fSopenharmony_ci    NET_POLICY_UID_OP_TYPE_ADD = 1,
46b1b8bc3fSopenharmony_ci    NET_POLICY_UID_OP_TYPE_DELETE = 2,
47b1b8bc3fSopenharmony_ci    NET_POLICY_UID_OP_TYPE_UPDATE = 3,
48b1b8bc3fSopenharmony_ci};
49b1b8bc3fSopenharmony_ci
50b1b8bc3fSopenharmony_ciclass NetPolicyFile : public std::enable_shared_from_this<NetPolicyFile> {
51b1b8bc3fSopenharmony_ci    DECLARE_DELAYED_SINGLETON(NetPolicyFile);
52b1b8bc3fSopenharmony_ci
53b1b8bc3fSopenharmony_cipublic:
54b1b8bc3fSopenharmony_ci    /**
55b1b8bc3fSopenharmony_ci     * Init by reading policy from file.
56b1b8bc3fSopenharmony_ci     * @return true Return true means init policy successful.
57b1b8bc3fSopenharmony_ci     * @return false Return false means init policy failed.
58b1b8bc3fSopenharmony_ci     */
59b1b8bc3fSopenharmony_ci    bool InitPolicy();
60b1b8bc3fSopenharmony_ci
61b1b8bc3fSopenharmony_ci    /**
62b1b8bc3fSopenharmony_ci     * Reset policy to default.
63b1b8bc3fSopenharmony_ci     */
64b1b8bc3fSopenharmony_ci    int32_t ResetPolicies();
65b1b8bc3fSopenharmony_ci
66b1b8bc3fSopenharmony_ci    /**
67b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp to get policy from file.
68b1b8bc3fSopenharmony_ci     *
69b1b8bc3fSopenharmony_ci     * @return const std::vector<UidPolicy>&
70b1b8bc3fSopenharmony_ci     */
71b1b8bc3fSopenharmony_ci    const std::vector<UidPolicy> &ReadUidPolicies();
72b1b8bc3fSopenharmony_ci
73b1b8bc3fSopenharmony_ci    /**
74b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp to write policy to file.
75b1b8bc3fSopenharmony_ci     *
76b1b8bc3fSopenharmony_ci     * @param uid The specified UID of app.
77b1b8bc3fSopenharmony_ci     * @param policy The network policy for application.
78b1b8bc3fSopenharmony_ci     *      For details, see {@link NetUidPolicy}.
79b1b8bc3fSopenharmony_ci     */
80b1b8bc3fSopenharmony_ci    void WritePolicyByUid(uint32_t uid, uint32_t policy);
81b1b8bc3fSopenharmony_ci
82b1b8bc3fSopenharmony_ci    /**
83b1b8bc3fSopenharmony_ci     * Used by net_policy_traffic.cpp to get quota policy from file.
84b1b8bc3fSopenharmony_ci     *
85b1b8bc3fSopenharmony_ci     * @param quotaPolicies The list of network quota policy, {@link NetQuotaPolicy}.
86b1b8bc3fSopenharmony_ci     */
87b1b8bc3fSopenharmony_ci    void ReadQuotaPolicies(std::vector<NetQuotaPolicy> &quotaPolicies);
88b1b8bc3fSopenharmony_ci
89b1b8bc3fSopenharmony_ci    /**
90b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp to write quota policy to file.
91b1b8bc3fSopenharmony_ci     *
92b1b8bc3fSopenharmony_ci     * @param quotaPolicies  The list of network quota policy, {@link NetQuotaPolicy}.
93b1b8bc3fSopenharmony_ci     * @return true Return true means successful.
94b1b8bc3fSopenharmony_ci     * @return false Return false means failed.
95b1b8bc3fSopenharmony_ci     */
96b1b8bc3fSopenharmony_ci    bool WriteQuotaPolicies(const std::vector<NetQuotaPolicy> &quotaPolicies);
97b1b8bc3fSopenharmony_ci
98b1b8bc3fSopenharmony_ci    /**
99b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp to get background policy from file.
100b1b8bc3fSopenharmony_ci     *
101b1b8bc3fSopenharmony_ci     * @return true Return true means allow access net on background.
102b1b8bc3fSopenharmony_ci     * @return false Return false means reject access net on background.
103b1b8bc3fSopenharmony_ci     */
104b1b8bc3fSopenharmony_ci    bool ReadBackgroundPolicy();
105b1b8bc3fSopenharmony_ci
106b1b8bc3fSopenharmony_ci    /**
107b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp to write background policy to file.
108b1b8bc3fSopenharmony_ci     *
109b1b8bc3fSopenharmony_ci     * @param allowBackground Allow or Reject access net on background.
110b1b8bc3fSopenharmony_ci     */
111b1b8bc3fSopenharmony_ci    void WriteBackgroundPolicy(bool allowBackground);
112b1b8bc3fSopenharmony_ci
113b1b8bc3fSopenharmony_ci    /**
114b1b8bc3fSopenharmony_ci     * Used by net_policy_firewall.cpp to get firewall policy from file.
115b1b8bc3fSopenharmony_ci     *
116b1b8bc3fSopenharmony_ci     * @param chainType The firewall's type.Include "Powersave" or "DeviceIdle".
117b1b8bc3fSopenharmony_ci     * @param allowedList Firewall's allowed list.
118b1b8bc3fSopenharmony_ci     * @param deniedList Firewall's denied list.
119b1b8bc3fSopenharmony_ci     */
120b1b8bc3fSopenharmony_ci    int32_t ReadFirewallRules(uint32_t chainType, std::set<uint32_t> &allowedList, std::set<uint32_t> &deniedList);
121b1b8bc3fSopenharmony_ci
122b1b8bc3fSopenharmony_ci    /**
123b1b8bc3fSopenharmony_ci     * Used by net_policy_firewall.cpp to write firewall policy from file.
124b1b8bc3fSopenharmony_ci     *
125b1b8bc3fSopenharmony_ci     * @param chainType The firewall's type.Include "Powersave" or "DeviceIdle".
126b1b8bc3fSopenharmony_ci     * @param allowedList Firewall's allowed list.
127b1b8bc3fSopenharmony_ci     * @param deniedList Firewall's denied list.
128b1b8bc3fSopenharmony_ci     */
129b1b8bc3fSopenharmony_ci    void WriteFirewallRules(uint32_t chainType, const std::set<uint32_t> &allowedList,
130b1b8bc3fSopenharmony_ci                            const std::set<uint32_t> &deniedList);
131b1b8bc3fSopenharmony_ci
132b1b8bc3fSopenharmony_ci    /**
133b1b8bc3fSopenharmony_ci     * Used by net_policy_rule.cpp, when an app is removed from system,
134b1b8bc3fSopenharmony_ci     * this uid will be also remove from file.
135b1b8bc3fSopenharmony_ci     *
136b1b8bc3fSopenharmony_ci     * @param uid The specified UID of app that removed.
137b1b8bc3fSopenharmony_ci     */
138b1b8bc3fSopenharmony_ci    void RemoveInexistentUid(uint32_t uid);
139b1b8bc3fSopenharmony_ci
140b1b8bc3fSopenharmony_ciprivate:
141b1b8bc3fSopenharmony_ci    bool Json2Obj(const std::string &content, NetPolicy &netPolicy);
142b1b8bc3fSopenharmony_ci    bool Obj2Json(const NetPolicy &netPolicy, std::string &content);
143b1b8bc3fSopenharmony_ci
144b1b8bc3fSopenharmony_ci    bool ReadFile(const std::string &filePath);
145b1b8bc3fSopenharmony_ci    bool ReadFile();
146b1b8bc3fSopenharmony_ci    bool WriteFile();
147b1b8bc3fSopenharmony_ci
148b1b8bc3fSopenharmony_ci    void AddUidPolicy(cJSON *root);
149b1b8bc3fSopenharmony_ci    void AddBackgroundPolicy(cJSON *root);
150b1b8bc3fSopenharmony_ci    void AddQuotaPolicy(cJSON *root);
151b1b8bc3fSopenharmony_ci    void AddFirewallRule(cJSON *root);
152b1b8bc3fSopenharmony_ci
153b1b8bc3fSopenharmony_ci    void ParseUidPolicy(const cJSON* const root, NetPolicy &netPolicy);
154b1b8bc3fSopenharmony_ci    void ParseBackgroundPolicy(const cJSON* const root, NetPolicy &netPolicy);
155b1b8bc3fSopenharmony_ci    void ParseQuotaPolicy(const cJSON* const root, NetPolicy &netPolicy);
156b1b8bc3fSopenharmony_ci    void ParseFirewallRule(const cJSON* const root, NetPolicy &netPolicy);
157b1b8bc3fSopenharmony_ci
158b1b8bc3fSopenharmony_ci    bool UpdateQuotaPolicyExist(const NetQuotaPolicy &quotaPolicy);
159b1b8bc3fSopenharmony_ci    uint32_t ArbitrationWritePolicyToFile(uint32_t uid, uint32_t policy);
160b1b8bc3fSopenharmony_ci    void WritePolicyByUid(uint32_t netUidPolicyOpType, uint32_t uid, uint32_t policy);
161b1b8bc3fSopenharmony_ci
162b1b8bc3fSopenharmony_ci    inline void ToQuotaPolicy(const NetPolicyQuota& netPolicyQuota, NetQuotaPolicy &quotaPolicy)
163b1b8bc3fSopenharmony_ci    {
164b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.lastLimitRemind = CommonUtils::StrToLong(netPolicyQuota.lastLimitSnooze, REMIND_NEVER);
165b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.limitBytes = CommonUtils::StrToLong(netPolicyQuota.limitBytes, DATA_USAGE_UNKNOWN);
166b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.metered = CommonUtils::StrToBool(netPolicyQuota.metered, false);
167b1b8bc3fSopenharmony_ci        quotaPolicy.networkmatchrule.netType = CommonUtils::StrToInt(netPolicyQuota.netType, BEARER_DEFAULT);
168b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.periodDuration = netPolicyQuota.periodDuration;
169b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.periodStartTime = CommonUtils::StrToLong(netPolicyQuota.periodStartTime);
170b1b8bc3fSopenharmony_ci        quotaPolicy.networkmatchrule.simId = netPolicyQuota.simId;
171b1b8bc3fSopenharmony_ci        quotaPolicy.quotapolicy.warningBytes = CommonUtils::StrToLong(netPolicyQuota.warningBytes, DATA_USAGE_UNKNOWN);
172b1b8bc3fSopenharmony_ci        quotaPolicy.networkmatchrule.ident = netPolicyQuota.ident;
173b1b8bc3fSopenharmony_ci    }
174b1b8bc3fSopenharmony_ci
175b1b8bc3fSopenharmony_ci    std::shared_ptr<NetPolicyFileEventHandler> GetHandler();
176b1b8bc3fSopenharmony_ci
177b1b8bc3fSopenharmony_cipublic:
178b1b8bc3fSopenharmony_ci    NetPolicy netPolicy_;
179b1b8bc3fSopenharmony_ci};
180b1b8bc3fSopenharmony_ci} // namespace NetManagerStandard
181b1b8bc3fSopenharmony_ci} // namespace OHOS
182b1b8bc3fSopenharmony_ci#endif // NET_POLICY_FILE_H
183