153c3577eSopenharmony_ci/*
253c3577eSopenharmony_ci * Copyright (c) 2022 Huawei Device Co., Ltd.
353c3577eSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
453c3577eSopenharmony_ci * you may not use this file except in compliance with the License.
553c3577eSopenharmony_ci * You may obtain a copy of the License at
653c3577eSopenharmony_ci *
753c3577eSopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
853c3577eSopenharmony_ci *
953c3577eSopenharmony_ci * Unless required by applicable law or agreed to in writing, software
1053c3577eSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
1153c3577eSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1253c3577eSopenharmony_ci * See the License for the specific language governing permissions and
1353c3577eSopenharmony_ci * limitations under the License.
1453c3577eSopenharmony_ci */
1553c3577eSopenharmony_ci
1653c3577eSopenharmony_ci#define LOG_TAG "AuthHandler"
1753c3577eSopenharmony_ci#include "auth_delegate.h"
1853c3577eSopenharmony_ci
1953c3577eSopenharmony_ci#include "checker/checker_manager.h"
2053c3577eSopenharmony_ci#include "device_auth.h"
2153c3577eSopenharmony_ci#include "device_auth_defines.h"
2253c3577eSopenharmony_ci#include "device_manager_adapter.h"
2353c3577eSopenharmony_ci#include "log_print.h"
2453c3577eSopenharmony_ci#include "user_delegate.h"
2553c3577eSopenharmony_ci#include "utils/anonymous.h"
2653c3577eSopenharmony_ci#include "metadata/store_meta_data.h"
2753c3577eSopenharmony_ci#include "metadata/meta_data_manager.h"
2853c3577eSopenharmony_cinamespace OHOS::DistributedData {
2953c3577eSopenharmony_ciusing DmAdapter = OHOS::DistributedData::DeviceManagerAdapter;
3053c3577eSopenharmony_ciclass AuthHandlerStub : public AuthHandler {
3153c3577eSopenharmony_cipublic:
3253c3577eSopenharmony_ci    // override for mock auth in current version, need remove in the future
3353c3577eSopenharmony_ci    bool CheckAccess(
3453c3577eSopenharmony_ci        int localUserId, int peerUserId, const std::string &peerDeviceId,
3553c3577eSopenharmony_ci        int32_t authType, bool isSend = true) override;
3653c3577eSopenharmony_ciprivate:
3753c3577eSopenharmony_ci    bool IsUserActive(const std::vector<UserStatus> &users, int32_t userId);
3853c3577eSopenharmony_ci    bool CheckUsers(int localUserId, int peerUserId, const std::string &peerDeviceId);
3953c3577eSopenharmony_ci    static constexpr pid_t UID_CAPACITY = 10000;
4053c3577eSopenharmony_ci    static constexpr int SYSTEM_USER = 0;
4153c3577eSopenharmony_ci};
4253c3577eSopenharmony_ci
4353c3577eSopenharmony_cibool AuthHandlerStub::CheckUsers(int localUserId, int peerUserId, const std::string &peerDeviceId)
4453c3577eSopenharmony_ci{
4553c3577eSopenharmony_ci    if (localUserId == SYSTEM_USER) {
4653c3577eSopenharmony_ci        return peerUserId == SYSTEM_USER;
4753c3577eSopenharmony_ci    }
4853c3577eSopenharmony_ci
4953c3577eSopenharmony_ci    auto localUsers = UserDelegate::GetInstance().GetLocalUserStatus();
5053c3577eSopenharmony_ci    auto peerUsers = UserDelegate::GetInstance().GetRemoteUserStatus(peerDeviceId);
5153c3577eSopenharmony_ci    return peerUserId != SYSTEM_USER && IsUserActive(localUsers, localUserId) && IsUserActive(peerUsers, peerUserId);
5253c3577eSopenharmony_ci}
5353c3577eSopenharmony_ci
5453c3577eSopenharmony_cibool AuthHandlerStub::CheckAccess(
5553c3577eSopenharmony_ci    int localUserId, int peerUserId, const std::string &peerDeviceId, int32_t authType, bool isSend)
5653c3577eSopenharmony_ci{
5753c3577eSopenharmony_ci    if (authType == static_cast<int32_t>(DistributedKv::AuthType::IDENTICAL_ACCOUNT) &&
5853c3577eSopenharmony_ci        !DmAdapter::GetInstance().IsSameAccount(peerDeviceId)) {
5953c3577eSopenharmony_ci        ZLOGE("CheckAccess failed.");
6053c3577eSopenharmony_ci        return false;
6153c3577eSopenharmony_ci    }
6253c3577eSopenharmony_ci    return CheckUsers(localUserId, peerUserId, peerDeviceId);
6353c3577eSopenharmony_ci}
6453c3577eSopenharmony_ci
6553c3577eSopenharmony_cibool AuthHandlerStub::IsUserActive(const std::vector<UserStatus> &users, int32_t userId)
6653c3577eSopenharmony_ci{
6753c3577eSopenharmony_ci    for (const auto &user : users) {
6853c3577eSopenharmony_ci        if (user.id == userId && user.isActive) {
6953c3577eSopenharmony_ci            return true;
7053c3577eSopenharmony_ci        }
7153c3577eSopenharmony_ci    }
7253c3577eSopenharmony_ci    return false;
7353c3577eSopenharmony_ci}
7453c3577eSopenharmony_ci
7553c3577eSopenharmony_ciAuthHandler *AuthDelegate::GetInstance()
7653c3577eSopenharmony_ci{
7753c3577eSopenharmony_ci    // change auth way in the future
7853c3577eSopenharmony_ci    static AuthHandlerStub instance;
7953c3577eSopenharmony_ci    return &instance;
8053c3577eSopenharmony_ci}
8153c3577eSopenharmony_ci} // namespace OHOS::DistributedData