Privacy.h - Android社区 - https://www.androidos.net.cn/

/*
 * Copyright (C) 2017 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
#pragma once

#ifndef PRIVACY_H
#define PRIVACY_H

#include <android/os/IncidentReportArgs.h>

#include <stdint.h>

namespace android {
namespace os {
namespace incidentd {

using namespace android::os;

/*
 * In order to NOT auto-generate large chuck of code by proto compiler in incidentd,
 * privacy options's data structure are explicitly redefined here and
 * the values are populated by incident_section_gen tool.
 *
 * Each proto field will have a Privacy when it is different from its parent, otherwise
 * it uses its parent's tag. A message type will have an array of Privacy.
 */
struct Privacy {
    // The field number
    uint32_t field_id;

    // The field type, see external/protobuf/src/google/protobuf/descriptor.h
    uint8_t type;

    // If children is null, it is a primitive field,
    // otherwise it is a message field which could have overridden privacy tags here.
    // This array is NULL-terminated.
    Privacy** children;

    // DESTINATION Enum in frameworks/base/core/proto/android/privacy.proto.
    uint8_t policy;

    // A list of regexp rules for stripping string fields in proto.
    const char** patterns;

    string toString() const;
};

// Encode field id used by ProtoOutputStream.
uint64_t encode_field_id(const Privacy* p);

// Look up the child with given fieldId, if not found, return NULL.
const Privacy* lookup(const Privacy* p, uint32_t fieldId);

/**
 * PrivacySpec defines the request has what level of privacy authorization.
 * For example, a device without user consent should only be able to upload AUTOMATIC fields.
 * PRIVACY_POLICY_UNSET are treated as PRIVACY_POLICY_EXPLICIT.
 */
class PrivacySpec {
public:
    explicit PrivacySpec(uint8_t argPolicy);

    bool operator<(const PrivacySpec& other) const;

    // check permission of a policy, if returns true, don't strip the data.
    bool CheckPremission(const Privacy* privacy,
                         const uint8_t defaultPrivacyPolicy = PRIVACY_POLICY_UNSET) const;

    // if returns true, no data need to be stripped.
    bool RequireAll() const;

    uint8_t getPolicy() const;

private:
    // unimplemented constructors
    explicit PrivacySpec();

    uint8_t mPolicy;
};

/**
 * If a privacy policy is other than the defined values, update it to a real one.
 */
uint8_t cleanup_privacy_policy(uint8_t policy);

}  // namespace incidentd
}  // namespace os
}  // namespace android

#endif  // PRIVACY_H