openharmony/security_asset
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_asset synced 2024-11-27 10:00:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add napi appoint user id

Browse Source 
Signed-off-by: 尹耀德 <yinyaode1@huawei.com>
Change-Id: I13e0dcb3f521d0233adaa7b3a78fb9363ea81d59
This commit is contained in:
尹耀德 2024-04-07 11:24:17 +08:00
parent 162bf38bf3
commit fa496d9f57
18 changed files with 212 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
frameworks/definition/src/lib.rs
View File

@ -112,6 +112,9 @@ impl_tag_trait! {
/// A tag whose value is a 32-bit unsigned integer indicating the strategy for resolving Asset conflicts.
ConflictResolution = DataType::Number as isize | 0x44,
/// A tag whose value is a 32-bit unsigned integer indicating the appoint user id.
AppointUserId = DataType::Number as isize | 0x45,
}
}
@ -151,6 +154,9 @@ impl_enum_trait! {
/// The error code indicates that the caller doesn't have the permission.
PermissionDenied = 201,
/// The error code indicates that the caller is not system user.
NotSystemUser = 202,
/// The error code indicates that the argument is invalid.
InvalidArgument = 401,

4
frameworks/js/napi/inc/asset_napi_common.h
View File

@ -63,10 +63,10 @@ napi_value CreateJsMapArray(napi_env env, const AssetResultSet &resultSet);
napi_status ParseParam(napi_env env, napi_callback_info info, std::vector<AssetAttr> &attrs);
napi_status ParseParam(napi_env env, napi_callback_info info, size_t expectArgNum, std::vector<AssetAttr> &attrs,
std::vector<AssetAttr> &updateAttrs);
std::vector<AssetAttr> &updateAttrs, bool isUpdate, bool isApplintUserId);
napi_value NapiEntry(napi_env env, napi_callback_info info, const char *funcName, napi_async_execute_callback execute,
size_t expectArgNum = 1);
size_t expectArgNum = 1, bool isUpdate = false, bool isAppointUserId = false);
} // Asset
} // Security

62
frameworks/js/napi/src/asset_napi.cpp
View File

@ -176,7 +176,7 @@ napi_value NapiAddAsUser(napi_env env, napi_callback_info info)
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetAdd(&context->attrs[0], context->attrs.size());
};
return NapiEntry(env, info, __func__, execute);
return NapiEntry(env, info, __func__, execute, 2, false, true);
}
napi_value NapiRemove(napi_env env, napi_callback_info info)
@ -204,6 +204,16 @@ napi_value NapiRemoveSync(napi_env env, napi_callback_info info)
return nullptr;
}
napi_value NapiRemoveAsUser(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
[](napi_env env, void *data) {
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetRemove(&context->attrs[0], context->attrs.size());
};
return NapiEntry(env, info, __func__, execute, 2, false, true);
}
napi_value NapiUpdate(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
@ -212,7 +222,7 @@ napi_value NapiUpdate(napi_env env, napi_callback_info info)
context->result = AssetUpdate(&context->attrs[0], context->attrs.size(),
&context->updateAttrs[0], context->updateAttrs.size());
};
return NapiEntry(env, info, __func__, execute, UPDATE_ARGS_NUM);
return NapiEntry(env, info, __func__, execute, UPDATE_ARGS_NUM, true);
}
napi_value NapiUpdateSync(napi_env env, napi_callback_info info)
@ -220,7 +230,7 @@ napi_value NapiUpdateSync(napi_env env, napi_callback_info info)
std::vector<AssetAttr> attrs;
std::vector<AssetAttr> updateAttrs;
do {
if (ParseParam(env, info, UPDATE_ARGS_NUM, attrs, updateAttrs) != napi_ok) {
if (ParseParam(env, info, UPDATE_ARGS_NUM, attrs, updateAttrs, true, false) != napi_ok) {
break;
}
int32_t result = AssetUpdate(&attrs[0], attrs.size(), &updateAttrs[0], updateAttrs.size());
@ -231,6 +241,17 @@ napi_value NapiUpdateSync(napi_env env, napi_callback_info info)
return nullptr;
}
napi_value NapiUpdateAsUser(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
[](napi_env env, void *data) {
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetUpdate(&context->attrs[0], context->attrs.size(),
&context->updateAttrs[0], context->updateAttrs.size());
};
return NapiEntry(env, info, __func__, execute, UPDATE_ARGS_NUM + 1, true, true);
}
napi_value NapiPreQuery(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
@ -260,6 +281,16 @@ napi_value NapiPreQuerySync(napi_env env, napi_callback_info info)
return result;
}
napi_value NapiPreQueryAsUser(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
[](napi_env env, void *data) {
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetPreQuery(&context->attrs[0], context->attrs.size(), &context->challenge);
};
return NapiEntry(env, info, __func__, execute, 2, false, true);
}
napi_value NapiQuery(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
@ -289,6 +320,16 @@ napi_value NapiQuerySync(napi_env env, napi_callback_info info)
return result;
}
napi_value NapiQueryAsUser(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
[](napi_env env, void *data) {
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetQuery(&context->attrs[0], context->attrs.size(), &context->resultSet);
};
return NapiEntry(env, info, __func__, execute, 2, false, true);
}
napi_value NapiPostQuery(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
@ -314,6 +355,16 @@ napi_value NapiPostQuerySync(napi_env env, napi_callback_info info)
return nullptr;
}
napi_value NapiPostQueryAsUser(napi_env env, napi_callback_info info)
{
napi_async_execute_callback execute =
[](napi_env env, void *data) {
AsyncContext *context = static_cast<AsyncContext *>(data);
context->result = AssetPostQuery(&context->attrs[0], context->attrs.size());
};
return NapiEntry(env, info, __func__, execute, 2, false, true);
}
napi_value Register(napi_env env, napi_value exports)
{
napi_property_descriptor desc[] = {
@ -323,14 +374,19 @@ napi_value Register(napi_env env, napi_value exports)
DECLARE_NAPI_FUNCTION("addAsUser", NapiAddAsUser),
DECLARE_NAPI_FUNCTION("remove", NapiRemove),
DECLARE_NAPI_FUNCTION("removeSync", NapiRemoveSync),
DECLARE_NAPI_FUNCTION("removeAsUser", NapiRemoveAsUser),
DECLARE_NAPI_FUNCTION("update", NapiUpdate),
DECLARE_NAPI_FUNCTION("updateSync", NapiUpdateSync),
DECLARE_NAPI_FUNCTION("updateAsUser", NapiUpdateAsUser),
DECLARE_NAPI_FUNCTION("preQuery", NapiPreQuery),
DECLARE_NAPI_FUNCTION("preQuerySync", NapiPreQuerySync),
DECLARE_NAPI_FUNCTION("preQueryAsUser", NapiPreQueryAsUser),
DECLARE_NAPI_FUNCTION("query", NapiQuery),
DECLARE_NAPI_FUNCTION("querySync", NapiQuerySync),
DECLARE_NAPI_FUNCTION("queryAsUser", NapiQueryAsUser),
DECLARE_NAPI_FUNCTION("postQuery", NapiPostQuery),
DECLARE_NAPI_FUNCTION("postQuerySync", NapiPostQuerySync),
DECLARE_NAPI_FUNCTION("postQueryAsUser", NapiPostQueryAsUser),
// register enumerate
DECLARE_NAPI_PROPERTY("Tag", DeclareTag(env)),

25
frameworks/js/napi/src/asset_napi_common.cpp
View File

@ -341,11 +341,11 @@ napi_value CreateJsUint8Array(napi_env env, const AssetBlob &blob)
napi_status ParseParam(napi_env env, napi_callback_info info, std::vector<AssetAttr> &attrs)
{
std::vector<AssetAttr> updateAttrs;
return ParseParam(env, info, NORMAL_ARGS_NUM, attrs, updateAttrs);
return ParseParam(env, info, NORMAL_ARGS_NUM, attrs, updateAttrs, true, false);
}
napi_status ParseParam(napi_env env, napi_callback_info info, size_t expectArgNum, std::vector<AssetAttr> &attrs,
std::vector<AssetAttr> &updateAttrs)
std::vector<AssetAttr> &updateAttrs, bool isUpdate = false, bool isAppointUserId = false)
{
napi_value argv[MAX_ARGS_NUM] = { 0 };
size_t argc = expectArgNum;
@ -353,13 +353,28 @@ napi_status ParseParam(napi_env env, napi_callback_info info, size_t expectArgNu
NAPI_THROW_RETURN_ERR(env, argc < expectArgNum, ASSET_SYSTEM_INVALID_ARGUMENT,
"The number of arguments is insufficient.");
size_t index = 0;
napi_value appointUserId = nullptr;
// get appointUserId
if (isAppointUserId) {
NAPI_CALL_RETURN_ERR(env, napi_get_element(env, argv[index++], 0, &appointUserId));
}
napi_status ret = ParseMapParam(env, argv[index++], attrs);
if (ret != napi_ok) {
LOGE("Parse first map parameter failed.");
return ret;
}
if (expectArgNum == UPDATE_ARGS_NUM) {
// add appointUserId into map
if (isAppointUserId) {
AssetAttr param = { 0 };
param.tag = ASSET_SYSTEM_TAG_USER_ID;
NAPI_CALL_RETURN_ERR(env, napi_get_value_uint32(env, appointUserId, &param.value.u32));
attrs.push_back(param);
}
if (isUpdate) {
ret = ParseMapParam(env, argv[index++], updateAttrs);
if (ret != napi_ok) {
LOGE("Parse second map parameter failed.");
@ -370,13 +385,13 @@ napi_status ParseParam(napi_env env, napi_callback_info info, size_t expectArgNu
}
napi_value NapiEntry(napi_env env, napi_callback_info info, const char *funcName, napi_async_execute_callback execute,
size_t expectArgNum)
size_t expectArgNum, bool isUpdate, bool isAppointUserId)
{
AsyncContext *context = CreateAsyncContext();
NAPI_THROW(env, context == nullptr, ASSET_SYSTEM_OUT_OF_MEMORY, "Unable to allocate memory for AsyncContext.");
do {
if (ParseParam(env, info, expectArgNum, context->attrs, context->updateAttrs) != napi_ok) {
if (ParseParam(env, info, expectArgNum, context->attrs, context->updateAttrs, isUpdate, isAppointUserId) != napi_ok) {
break;
}

9
interfaces/inner_api/c/inc/asset_system_type.h
View File

@ -157,6 +157,10 @@ typedef enum {
* Policy used to resolve the conflict occurred when an asset is added. The value is of the uint32 type.
*/
ASSET_SYSTEM_TAG_CONFLICT_RESOLUTION = ASSET_SYSTEM_TYPE_NUMBER | 0x44,
/**
* Tag used to store appoint user id. The value is of the uint32 type.
*/
ASSET_SYSTEM_TAG_USER_ID = ASSET_SYSTEM_TYPE_NUMBER | 0x45,
} AssetTag;
/**
@ -171,7 +175,10 @@ typedef enum {
/**
* The caller does not have the required permission.
*/
ASSET_SYSTEM_PERMISSION_DENIED = 201,
ASSET_SYSTEM_PERMISSION_DENIED = 201,/**
* The caller not system application.
*/
ASSET_SYSTEM_NOT_SYSTEM_APPLICATION = 202,
/**
* The parameter is invalid.
*/

37
services/constants/src/calling_info.rs
View File

@ -19,7 +19,7 @@ use ipc_rust::get_calling_uid;
use asset_definition::{log_throw_error, ErrCode, Result};
use crate::{transfer_error_code, SUCCESS};
use crate::{transfer_error_code, ROOT_USER_UPPERBOUND, SUCCESS};
use super::OwnerType;
@ -28,6 +28,7 @@ use super::OwnerType;
#[derive(PartialEq, Eq)]
pub struct CallingInfo {
user_id: i32,
appoint_user_id: Option<i32>,
owner_type: OwnerType,
owner_info: Vec<u8>,
}
@ -65,7 +66,7 @@ impl CallingInfo {
/// Build identity of the specified owner.
pub fn new(user_id: i32, owner_type: OwnerType, owner_info: Vec<u8>) -> Self {
Self { user_id, owner_type, owner_info }
Self { user_id, appoint_user_id: None, owner_type, owner_info }
}
/// Build a instance of CallingInfo.
@ -79,7 +80,7 @@ impl CallingInfo {
match err {
SUCCESS => {
owner_info.truncate(len as usize);
Ok(CallingInfo { user_id, owner_type, owner_info })
Ok(CallingInfo { user_id, appoint_user_id: None, owner_type, owner_info })
},
_ => Err(transfer_error_code(ErrCode::try_from(err as u32)?)),
}
@ -99,4 +100,34 @@ impl CallingInfo {
pub fn user_id(&self) -> i32 {
self.user_id
}
/// Set appoint user id of calling.
pub fn set_appoint_user_id(&mut self, appoint_user_id: i32) -> Result<()> {
if self.user_id < 0 || self.user_id > ROOT_USER_UPPERBOUND {
return log_throw_error!(ErrCode::NotSystemUser, "[FATAL]The caller is not system user.");
}
if appoint_user_id <= ROOT_USER_UPPERBOUND {
return log_throw_error!(ErrCode::InvalidArgument, "[FATAL]The appoint user id must over 100.");
}
self.appoint_user_id = Some(appoint_user_id);
Ok(())
}
/// have appoint user id
pub fn has_appoint_user_id(&self) -> bool {
match self.appoint_user_id {
Some(_value) => true,
None => false,
}
}
/// get stored user id. if appoint user id is None user userId else use appoint userId
pub fn stored_user_id(&self) -> i32 {
match self.appoint_user_id {
Some(value) => value,
None => self.user_id(),
}
}
}

2
services/constants/src/lib.rs
View File

@ -20,6 +20,8 @@ mod calling_info;
pub use calling_info::CallingInfo;
/// success code.
pub const SUCCESS: i32 = 0;
/// root user upper bound
pub const ROOT_USER_UPPERBOUND: i32 = 99;
impl_enum_trait! {
/// The type of the calling.

4
services/core_service/src/lib.rs
View File

@ -92,10 +92,10 @@ struct AssetService;
macro_rules! execute {
($func:path, $($args:expr), *) => {{
let func_name = hisysevent::function!();
let calling_info = CallingInfo::build()?;
let mut calling_info = CallingInfo::build()?;
let start = Instant::now();
let _trace = TraceScope::trace(func_name);
upload_system_event($func($($args), *, &calling_info), &calling_info, start, func_name)
upload_system_event($func($($args), *, &mut calling_info), &calling_info, start, func_name)
}};
}

2
services/core_service/src/operations/common.rs
View File

@ -68,6 +68,8 @@ pub(crate) const NORMAL_LABEL_ATTRS: [Tag; 4] =
pub(crate) const ACCESS_CONTROL_ATTRS: [Tag; 6] =
[Tag::Alias, Tag::Accessibility, Tag::AuthType, Tag::IsPersistent, Tag::SyncType, Tag::RequirePasswordSet];
pub(crate) const APPOINT_USER_ID: [Tag; 1] = [ Tag::AppointUserId ];
pub(crate) fn get_cloumn_name(tag: Tag) -> Option<&'static str> {
for (table_tag, table_column) in TAG_COLUMN_TABLE {
if table_tag == tag {

1
services/core_service/src/operations/common/argument_check.rs
View File

@ -149,6 +149,7 @@ fn check_data_value(tag: &Tag, value: &Value) -> Result<()> {
Tag::ReturnLimit => check_number_range(tag, value, MIN_NUMBER_VALUE, MAX_RETURN_LIMIT),
Tag::ReturnOffset => Ok(()),
Tag::ReturnOrderedBy => check_tag_range(tag, value, &[CRITICAL_LABEL_ATTRS, NORMAL_LABEL_ATTRS].concat()),
Tag::AppointUserId => Ok(()),
}
}

14
services/core_service/src/operations/operation_add.rs
View File

@ -111,7 +111,7 @@ const OPTIONAL_ATTRS: [Tag; 3] = [Tag::Secret, Tag::ConflictResolution, Tag::IsP
const SYSTEM_USER_ID_MAX: i32 = 99;
fn check_accessibity_validity(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
if calling_info.user_id() > SYSTEM_USER_ID_MAX {
if calling_info.stored_user_id() > SYSTEM_USER_ID_MAX {
return Ok(());
}
let accessibility =
@ -143,17 +143,23 @@ fn check_arguments(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<
valid_tags.extend_from_slice(&common::NORMAL_LABEL_ATTRS);
valid_tags.extend_from_slice(&common::ACCESS_CONTROL_ATTRS);
valid_tags.extend_from_slice(&OPTIONAL_ATTRS);
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_tag_validity(attributes, &valid_tags)?;
common::check_value_validity(attributes)?;
check_accessibity_validity(attributes, calling_info)?;
check_permission(attributes)
}
pub(crate) fn add(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
pub(crate) fn add(attributes: &AssetMap, calling_info: &mut CallingInfo) -> Result<()> {
if let Some(Value::Number(num)) = attributes.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(attributes, calling_info)?;
// Create database directory if not exists.
asset_file_operator::create_user_db_dir(calling_info.user_id())?;
asset_file_operator::create_user_db_dir(calling_info.stored_user_id())?;
// Fill all attributes to DbMap.
let mut db_data = common::into_db_map(attributes);
@ -162,7 +168,7 @@ pub(crate) fn add(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<(
add_default_attrs(&mut db_data);
let query = get_query_condition(calling_info, attributes)?;
let mut db = Database::build(calling_info.user_id())?;
let mut db = Database::build(calling_info.stored_user_id())?;
if db.is_data_exists(&query)? {
resolve_conflict(calling_info, &mut db, attributes, &query, &mut db_data)
} else {

17
services/core_service/src/operations/operation_post_query.rs
View File

@ -17,19 +17,26 @@
use asset_constants::CallingInfo;
use asset_crypto_manager::crypto_manager::CryptoManager;
use asset_definition::{AssetMap, Extension, Result, Tag};
use asset_definition::{AssetMap, Extension, Result, Tag, Value};
use crate::operations::common;
const REQUIRED_ATTRS: [Tag; 1] = [Tag::AuthChallenge];
fn check_arguments(query: &AssetMap) -> Result<()> {
common::check_required_tags(query, &REQUIRED_ATTRS)?;
fn check_arguments(query: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
let mut valid_tags = REQUIRED_ATTRS.to_vec();
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_required_tags(query, &valid_tags)?;
common::check_value_validity(query)
}
pub(crate) fn post_query(handle: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
check_arguments(handle)?;
pub(crate) fn post_query(handle: &AssetMap, calling_info: &mut CallingInfo) -> Result<()> {
if let Some(Value::Number(num)) = handle.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(handle, calling_info)?;
let challenge = handle.get_bytes_attr(&Tag::AuthChallenge)?;
let crypto_manager = CryptoManager::get_instance();

17
services/core_service/src/operations/operation_pre_query.rs
View File

@ -28,11 +28,15 @@ use crate::operations::common;
const OPTIONAL_ATTRS: [Tag; 1] = [Tag::AuthValidityPeriod];
const DEFAULT_AUTH_VALIDITY_IN_SECS: u32 = 60;
fn check_arguments(attributes: &AssetMap) -> Result<()> {
fn check_arguments(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
let mut valid_tags = common::CRITICAL_LABEL_ATTRS.to_vec();
valid_tags.extend_from_slice(&common::NORMAL_LABEL_ATTRS);
valid_tags.extend_from_slice(&common::ACCESS_CONTROL_ATTRS);
valid_tags.extend_from_slice(&OPTIONAL_ATTRS);
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_tag_validity(attributes, &valid_tags)?;
common::check_value_validity(attributes)?;
@ -45,7 +49,7 @@ fn check_arguments(attributes: &AssetMap) -> Result<()> {
}
fn query_key_attrs(calling_info: &CallingInfo, db_data: &DbMap) -> Result<(Accessibility, bool)> {
let results = Database::build(calling_info.user_id())?.query_datas(
let results = Database::build(calling_info.stored_user_id())?.query_datas(
&vec![column::ACCESSIBILITY, column::REQUIRE_PASSWORD_SET],
db_data,
None,
@ -64,11 +68,14 @@ fn query_key_attrs(calling_info: &CallingInfo, db_data: &DbMap) -> Result<(Acces
}
}
pub(crate) fn pre_query(query: &AssetMap, calling_info: &CallingInfo) -> Result<Vec<u8>> {
check_arguments(query)?;
pub(crate) fn pre_query(query: &AssetMap, calling_info: &mut CallingInfo) -> Result<Vec<u8>> {
if let Some(Value::Number(num)) = query.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(query, calling_info)?;
// Check database directory exist.
if !asset_file_operator::is_user_db_dir_exist(calling_info.user_id()) {
if !asset_file_operator::is_user_db_dir_exist(calling_info.stored_user_id()) {
return log_throw_error!(ErrCode::NotFound, "[FATAL][SA]No data that meets the query conditions is found.");
}

18
services/core_service/src/operations/operation_query.rs
View File

@ -86,7 +86,7 @@ fn exec_crypto(calling_info: &CallingInfo, query: &AssetMap, db_data: &mut DbMap
}
fn query_all(calling_info: &CallingInfo, db_data: &mut DbMap, query: &AssetMap) -> Result<Vec<AssetMap>> {
let mut db = Database::build(calling_info.user_id())?;
let mut db = Database::build(calling_info.stored_user_id())?;
let mut results = db.query_datas(&vec![], db_data, None)?;
match results.len() {
0 => throw_error!(ErrCode::NotFound, "[FATAL]The data to be queried does not exist."),
@ -141,7 +141,7 @@ fn get_query_options(attrs: &AssetMap) -> QueryOptions {
pub(crate) fn query_attrs(calling_info: &CallingInfo, db_data: &DbMap, attrs: &AssetMap) -> Result<Vec<AssetMap>> {
let mut results =
Database::build(calling_info.user_id())?.query_datas(&vec![], db_data, Some(&get_query_options(attrs)))?;
Database::build(calling_info.stored_user_id())?.query_datas(&vec![], db_data, Some(&get_query_options(attrs)))?;
if results.is_empty() {
return throw_error!(ErrCode::NotFound, "[FATAL]The data to be queried does not exist.");
}
@ -157,20 +157,26 @@ const OPTIONAL_ATTRS: [Tag; 6] =
[Tag::ReturnLimit, Tag::ReturnOffset, Tag::ReturnOrderedBy, Tag::ReturnType, Tag::AuthToken, Tag::AuthChallenge];
const AUTH_QUERY_ATTRS: [Tag; 2] = [Tag::AuthChallenge, Tag::AuthToken];
fn check_arguments(attributes: &AssetMap) -> Result<()> {
fn check_arguments(attributes: &AssetMap, calling_info: &mut CallingInfo) -> Result<()> {
let mut valid_tags = common::CRITICAL_LABEL_ATTRS.to_vec();
valid_tags.extend_from_slice(&common::NORMAL_LABEL_ATTRS);
valid_tags.extend_from_slice(&common::ACCESS_CONTROL_ATTRS);
valid_tags.extend_from_slice(&OPTIONAL_ATTRS);
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_tag_validity(attributes, &valid_tags)?;
common::check_value_validity(attributes)
}
pub(crate) fn query(query: &AssetMap, calling_info: &CallingInfo) -> Result<Vec<AssetMap>> {
check_arguments(query)?;
pub(crate) fn query(query: &AssetMap, calling_info: &mut CallingInfo) -> Result<Vec<AssetMap>> {
if let Some(Value::Number(num)) = query.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(query, calling_info)?;
// Check database directory exist.
if !asset_file_operator::is_user_db_dir_exist(calling_info.user_id()) {
if !asset_file_operator::is_user_db_dir_exist(calling_info.stored_user_id()) {
return throw_error!(ErrCode::NotFound, "[FATAL]The data to be queried does not exist.");
}

18
services/core_service/src/operations/operation_remove.rs
View File

@ -17,30 +17,36 @@
use asset_constants::CallingInfo;
use asset_db_operator::database::Database;
use asset_definition::{log_throw_error, AssetMap, ErrCode, Result};
use asset_definition::{log_throw_error, AssetMap, ErrCode, Result, Tag, Value};
use crate::operations::common;
fn check_arguments(attributes: &AssetMap) -> Result<()> {
fn check_arguments(attributes: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
let mut valid_tags = common::CRITICAL_LABEL_ATTRS.to_vec();
valid_tags.extend_from_slice(&common::NORMAL_LABEL_ATTRS);
valid_tags.extend_from_slice(&common::ACCESS_CONTROL_ATTRS);
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_tag_validity(attributes, &valid_tags)?;
common::check_value_validity(attributes)
}
pub(crate) fn remove(query: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
check_arguments(query)?;
pub(crate) fn remove(query: &AssetMap, calling_info: &mut CallingInfo) -> Result<()> {
if let Some(Value::Number(num)) = query.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(query, calling_info)?;
// Check database directory exist.
if !asset_file_operator::is_user_db_dir_exist(calling_info.user_id()) {
if !asset_file_operator::is_user_db_dir_exist(calling_info.stored_user_id()) {
return log_throw_error!(ErrCode::NotFound, "[FATAL]The data to be deleted does not exist.");
}
let mut db_data = common::into_db_map(query);
common::add_owner_info(calling_info, &mut db_data);
let remove_num = Database::build(calling_info.user_id())?.delete_datas(&db_data)?;
let remove_num = Database::build(calling_info.stored_user_id())?.delete_datas(&db_data)?;
match remove_num {
0 => {
log_throw_error!(ErrCode::NotFound, "[FATAL]The data to be deleted does not exist.")

14
services/core_service/src/operations/operation_update.rs
View File

@ -42,12 +42,15 @@ fn add_system_attrs(db_data: &mut DbMap) -> Result<()> {
const QUERY_REQUIRED_ATTRS: [Tag; 1] = [Tag::Alias];
const UPDATE_OPTIONAL_ATTRS: [Tag; 1] = [Tag::Secret];
fn check_arguments(query: &AssetMap, attrs_to_update: &AssetMap) -> Result<()> {
fn check_arguments(query: &AssetMap, attrs_to_update: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
// Check attributes used to query.
common::check_required_tags(query, &QUERY_REQUIRED_ATTRS)?;
let mut valid_tags = common::CRITICAL_LABEL_ATTRS.to_vec();
valid_tags.extend_from_slice(&common::NORMAL_LABEL_ATTRS);
valid_tags.extend_from_slice(&common::ACCESS_CONTROL_ATTRS);
if calling_info.has_appoint_user_id() {
valid_tags.extend_from_slice(&common::APPOINT_USER_ID);
}
common::check_tag_validity(query, &valid_tags)?;
common::check_value_validity(query)?;
@ -66,8 +69,11 @@ fn upgrade_to_latest_version(origin_db_data: &mut DbMap, update_db_data: &mut Db
update_db_data.insert_attr(column::VERSION, DB_DATA_VERSION);
}
pub(crate) fn update(query: &AssetMap, update: &AssetMap, calling_info: &CallingInfo) -> Result<()> {
check_arguments(query, update)?;
pub(crate) fn update(query: &AssetMap, update: &AssetMap, calling_info: &mut CallingInfo) -> Result<()> {
if let Some(Value::Number(num)) = query.get(&Tag::AppointUserId) {
calling_info.set_appoint_user_id(*num as i32)?;
}
check_arguments(query, update, calling_info)?;
let mut query_db_data = common::into_db_map(query);
common::add_owner_info(calling_info, &mut query_db_data);
@ -75,7 +81,7 @@ pub(crate) fn update(query: &AssetMap, update: &AssetMap, calling_info: &Calling
let mut update_db_data = common::into_db_map(update);
add_system_attrs(&mut update_db_data)?;
let mut db = Database::build(calling_info.user_id())?;
let mut db = Database::build(calling_info.stored_user_id())?;
if update.contains_key(&Tag::Secret) {
let mut results = db.query_datas(&vec![], &query_db_data, None)?;
if results.len() != 1 {

10
services/core_service/src/sys_event.rs
View File

@ -68,12 +68,14 @@ pub(crate) fn upload_statistic_system_event(calling_info: &CallingInfo, start_ti
.set_param(build_number_param!(SysEvent::USER_ID, calling_info.user_id()))
.set_param(build_str_param!(SysEvent::CALLER, owner_info.clone()))
.set_param(build_number_param!(SysEvent::RUN_TIME, duration.as_millis() as u32))
.set_param(build_str_param!(SysEvent::EXTRA, ""))
.set_param(build_str_param!(SysEvent::EXTRA,
format!("user id is:[{}] appoint user id is:[{}]", calling_info.user_id(), calling_info.stored_user_id())))
.write();
logi!(
"[INFO]Calling fun:[{}], user_id:[{}], caller:[{}], start_time:[{:?}], run_time:[{}]",
"[INFO]Calling fun:[{}], user_id:[{}], appoint_user_id:[{}] caller:[{}], start_time:[{:?}], run_time:[{}]",
func_name,
calling_info.user_id(),
calling_info.stored_user_id(),
owner_info,
start_time,
duration.as_millis()
@ -95,9 +97,11 @@ pub(crate) fn upload_fault_system_event(
.set_param(build_str_param!(SysEvent::EXTRA, e.msg.clone()))
.write();
loge!(
"[ERROR]Calling fun:[{}], user_id:[{}], caller:[{}], start_time:[{:?}], error_code:[{}], error_msg:[{}]",
"[ERROR]Calling fun:[{}], user_id:[{}], appoint_user_id:[{}],
caller:[{}], start_time:[{:?}], error_code:[{}], error_msg:[{}]",
func_name,
calling_info.user_id(),
calling_info.stored_user_id(),
owner_info,
start_time,
e.code,

2
services/crypto_manager/src/secret_key.rs
View File

@ -59,7 +59,7 @@ fn calculate_key_alias(
require_password_set: bool,
) -> Vec<u8> {
let mut alias: Vec<u8> = Vec::with_capacity(MAX_ALIAS_SIZE);
alias.extend_from_slice(&calling_info.user_id().to_le_bytes());
alias.extend_from_slice(&calling_info.stored_user_id().to_le_bytes());
alias.push(b'_');
alias.extend_from_slice(&calling_info.owner_type().to_le_bytes());
alias.push(b'_');