blob: 763edb03e4853fa99a6786afd3a68ebb629c568a [file] [log] [blame]
/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#pragma once
#ifndef PRIVACY_H
#define PRIVACY_H
#include <android/os/IncidentReportArgs.h>
#include <stdint.h>
namespace android {
namespace os {
namespace incidentd {
using namespace android::os;
/*
* In order to NOT auto-generate large chuck of code by proto compiler in incidentd,
* privacy options's data structure are explicitly redefined here and
* the values are populated by incident_section_gen tool.
*
* Each proto field will have a Privacy when it is different from its parent, otherwise
* it uses its parent's tag. A message type will have an array of Privacy.
*/
struct Privacy {
// The field number
uint32_t field_id;
// The field type, see external/protobuf/src/google/protobuf/descriptor.h
uint8_t type;
// If children is null, it is a primitive field,
// otherwise it is a message field which could have overridden privacy tags here.
// This array is NULL-terminated.
Privacy** children;
// DESTINATION Enum in frameworks/base/core/proto/android/privacy.proto.
uint8_t policy;
// A list of regexp rules for stripping string fields in proto.
const char** patterns;
string toString() const;
};
// Encode field id used by ProtoOutputStream.
uint64_t encode_field_id(const Privacy* p);
// Look up the child with given fieldId, if not found, return NULL.
const Privacy* lookup(const Privacy* p, uint32_t fieldId);
/**
* PrivacySpec defines the request has what level of privacy authorization.
* For example, a device without user consent should only be able to upload AUTOMATIC fields.
* PRIVACY_POLICY_UNSET are treated as PRIVACY_POLICY_EXPLICIT.
*/
class PrivacySpec {
public:
explicit PrivacySpec(uint8_t argPolicy);
bool operator<(const PrivacySpec& other) const;
// check permission of a policy, if returns true, don't strip the data.
bool CheckPremission(const Privacy* privacy,
const uint8_t defaultPrivacyPolicy = PRIVACY_POLICY_UNSET) const;
// if returns true, no data need to be stripped.
bool RequireAll() const;
uint8_t getPolicy() const;
private:
// unimplemented constructors
explicit PrivacySpec();
uint8_t mPolicy;
};
/**
* If a privacy policy is other than the defined values, update it to a real one.
*/
uint8_t cleanup_privacy_policy(uint8_t policy);
} // namespace incidentd
} // namespace os
} // namespace android
#endif // PRIVACY_H