Add support for visability mode

2025-09-29 11:16:30 +03:00 · 2022-12-26 11:04:51 +02:00
parent 9ec8858a15
commit 27d1d00379
26 changed files with 1014 additions and 103 deletions
--- a/components/security_apps/orchestration/include/declarative_policy_utils.h
+++ b/components/security_apps/orchestration/include/declarative_policy_utils.h
@@ -0,0 +1,83 @@
+#ifndef __DECLARATIVE_POLICY_UTILS_H__
+#define __DECLARATIVE_POLICY_UTILS_H__
+
+#include <chrono>
+#include <functional>
+#include <tuple>
+#include <vector>
+#include "cereal/archives/json.hpp"
+
+#include "singleton.h"
+#include "i_update_communication.h"
+#include "fog_authenticator.h"
+#include "i_local_policy_mgmt_gen.h"
+#include "i_orchestration_tools.h"
+#include "i_agent_details.h"
+#include "i_orchestration_status.h"
+#include "i_messaging.h"
+#include "i_mainloop.h"
+#include "i_encryptor.h"
+#include "i_details_resolver.h"
+#include "i_rest_api.h"
+#include "i_time_get.h"
+#include "i_shell_cmd.h"
+#include "i_encryptor.h"
+#include "maybe_res.h"
+#include "event.h"
+
+class ApplyPolicyEvent : public Event<ApplyPolicyEvent>
+{
+public:
+    ApplyPolicyEvent() {}
+};
+
+class DeclarativePolicyUtils
+        :
+    public Singleton::Consume<I_ShellCmd>,
+    Singleton::Consume<I_LocalPolicyMgmtGen>,
+    Singleton::Consume<I_AgentDetails>,
+    Singleton::Consume<I_OrchestrationTools>,
+    Singleton::Consume<I_RestApi>,
+    public Listener<ApplyPolicyEvent>
+{
+public:
+    class ApplyPolicyRest : public ServerRest
+    {
+    public:
+        // LCOV_EXCL_START Reason: no test exist
+        void
+        doCall() override
+        {
+            ApplyPolicyEvent().notify();
+        }
+        // LCOV_EXCL_STOP
+    };
+
+    void init();
+    Maybe<std::string> getLocalPolicyChecksum();
+    std::string getPolicyChecksum();
+    void updateCurrentPolicy(const std::string &policy_checksum);
+    void sendUpdatesToFog(
+        const std::string &access_token,
+        const std::string &tenant_id,
+        const std::string &profile_id,
+        const std::string &fog_address
+    );
+    std::string getUpdate(CheckUpdateRequest &request);
+    bool shouldApplyPolicy();
+    void turnOffApplyPolicyFlag();
+
+    std::string getCurrVersion() { return curr_version; }
+    std::string getCurrPolicy() { return curr_policy; }
+
+    void upon(const ApplyPolicyEvent &event) override;
+
+private:
+    std::string getCleanChecksum(const std::string &unclean_checksum);
+
+    std::string curr_version;
+    std::string curr_policy;
+    bool should_apply_policy;
+};
+
+#endif // __DECLARATIVE_POLICY_UTILS_H__
--- a/components/security_apps/orchestration/include/fog_communication.h
+++ b/components/security_apps/orchestration/include/fog_communication.h
@@ -33,13 +33,18 @@
 #include "i_time_get.h"
 #include "i_encryptor.h"
 #include "maybe_res.h"
+#include "declarative_policy_utils.h"

 class FogCommunication : public FogAuthenticator
 {
 public:
+    void init() override;
    Maybe<void> getUpdate(CheckUpdateRequest &request) override;
    Maybe<std::string> downloadAttributeFile(const GetResourceFile &resourse_file) override;
    Maybe<void> sendPolicyVersion(const std::string &policy_version) const override;
+
+private:
+    DeclarativePolicyUtils declarative_policy_utils;
 };

 #endif // __FOG_COMMUNICATION_H__
--- a/components/security_apps/orchestration/include/hybrid_communication.h
+++ b/components/security_apps/orchestration/include/hybrid_communication.h
@@ -35,6 +35,7 @@
 #include "i_time_get.h"
 #include "i_encryptor.h"
 #include "maybe_res.h"
+#include "declarative_policy_utils.h"

 class HybridCommunication
        :
@@ -42,17 +43,15 @@ class HybridCommunication
    Singleton::Consume<I_LocalPolicyMgmtGen>
 {
 public:
-    virtual void init() override;
+    void init() override;
    Maybe<void> getUpdate(CheckUpdateRequest &request) override;
    Maybe<std::string> downloadAttributeFile(const GetResourceFile &resourse_file) override;
    Maybe<void> sendPolicyVersion(const std::string &policy_version) const override;
-    std::string getChecksum(const std::string &policy_version);

 private:
    Maybe<std::string> getNewVersion();

-    std::string curr_version;
-    std::string curr_policy;
+    DeclarativePolicyUtils declarative_policy_utils;
 };

 #endif // __HYBRID_COMMUNICATION_H__
--- a/components/security_apps/orchestration/include/update_policy_notification.h
+++ b/components/security_apps/orchestration/include/update_policy_notification.h
@@ -0,0 +1,30 @@
+// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef __UPDATE_POLICY_NOTIFICATION__H__
+#define __UPDATE_POLICY_NOTIFICATION__H__
+
+#include <string>
+#include <ostream>
+#include "rest.h"
+
+class UpdatePolicyCrdObject : public ClientRest
+{
+public:
+    UpdatePolicyCrdObject(const std::string &_policy_version) : policy_version(_policy_version) {}
+
+private:
+    C2S_LABEL_PARAM(std::string, policy_version, "policyVersion");
+};
+
+#endif //__UPDATE_POLICY_NOTIFICATION__H__