Merge branch 'APPLINK-9639' into develop

src/components/policy/src/policy/include/policy/cache_manager.h

@@ -472,6 +472,17 @@ class CacheManager {
                           FunctionalGroupIDs& allowed_groups,
                           FunctionalGroupIDs& disallowed_groups);
 
+  /**
+   * @brief GetUnconsentedGroups allows to obtain list of allowed and disallowed
+   * groups for specific application on certain device.
+   * @param device_id certain device
+   * @param policy_app_id application id.
+   * @param unconsented_groups list of unconsented groups.
+   */
+  void GetUnconsentedGroups(const std::string& device_id,
+                            const std::string& policy_app_id,
+                            FunctionalGroupIDs& unconsented_groups);
+
   void RemoveAppConsentForGroup(const std::string& app_id,
                                 const std::string& group_name);
 

src/components/policy/src/policy/include/policy/policy_types.h

@@ -276,6 +276,7 @@ enum GroupType {
     kTypeDefault = 0,      // groups assigned to 'default' permissions section
     kTypeAllowed,          // groups allowed by user for specific application
     kTypeDisallowed,       // groups disallowed by user for specific application
+    kTypeUnconsented,      // groups disallowed by default but consent may be changed by user
     kTypePreconsented,     // groups allowed for specific application without
                            // user consent by default (could be changed by user)
     kTypeGeneral,          // groups assigned to specific application

src/components/policy/src/policy/src/cache_manager.cc

@@ -225,6 +225,47 @@ void CacheManager::GetConsentedGroups(const std::string &device_id,
   LOG4CXX_TRACE_EXIT(logger_);
 }
 
+void CacheManager::GetUnconsentedGroups(const std::string& device_id,
+                                        const std::string& policy_app_id,
+                                        FunctionalGroupIDs& unconsented_groups) {
+  LOG4CXX_TRACE_ENTER(logger_);
+#ifdef EXTENDED_POLICY
+  if (AppExists(policy_app_id)) {
+    policy_table::Strings::iterator iter_groups =
+        pt_->policy_table.app_policies[policy_app_id].groups.begin();
+    policy_table::Strings::iterator iter_groups_end =
+        pt_->policy_table.app_policies[policy_app_id].groups.end();
+
+    for (;iter_groups != iter_groups_end; ++iter_groups) {
+      policy_table::FunctionalGroupings::const_iterator func_groups =
+          pt_->policy_table.functional_groupings.find(*iter_groups);
+      // Try to find app-specific group in common groups list;
+      if (pt_->policy_table.functional_groupings.end() != func_groups) {
+        // Check if groups has user consents field.
+        if (func_groups->second.user_consent_prompt.is_initialized()) {
+          // Try to find certain group among already consented groups.
+          policy_table::DeviceData::const_iterator device_iter =
+              pt_->policy_table.device_data->find(device_id);
+          if (pt_->policy_table.device_data->end() != device_iter) {
+            policy_table::UserConsentRecords::const_iterator ucr_iter =
+              device_iter->second.user_consent_records->find(policy_app_id);
+            if (device_iter->second.user_consent_records->end() != ucr_iter) {
+              if ((*ucr_iter).second.consent_groups->end() ==
+                   (*ucr_iter).second.consent_groups->find(*iter_groups)) {
+                  unconsented_groups.push_back(GenerateHash(*iter_groups));
+              }
+            } else {
+              unconsented_groups.push_back(GenerateHash(*iter_groups));
+            }
+          }
+        }
+      }
+    }
+  }
+#endif // EXTENDED_POLICY
+  LOG4CXX_TRACE_EXIT(logger_);
+}
+
 void CacheManager::RemoveAppConsentForGroup(const std::string& app_id,
                                             const std::string& group_name) {
 #ifdef EXTENDED_POLICY
@@ -319,6 +360,8 @@ bool CacheManager::GetPermissionsForApp(const std::string &device_id,
   GetConsentedGroups(device_id, app_id,
                      group_types[kTypeAllowed], group_types[kTypeDisallowed]);
 
+  GetUnconsentedGroups(device_id, app_id, group_types[kTypeUnconsented]);
+
   GetAllAppGroups(kDeviceId, group_types[kTypeDevice]);
 #endif // EXTENDED_POLICY
   LOG4CXX_TRACE_EXIT(logger_);

src/components/policy/src/policy/src/policy_manager_impl.cc

@@ -851,6 +851,9 @@ void PolicyManagerImpl::GetPermissionsForApp(
     // Groups that allowed by default but can be changed by the user
     FunctionalGroupIDs preconsented_groups = group_types[kTypePreconsented];
 
+    // Groups which has user consent promt but there is no any consnets now.
+    FunctionalGroupIDs unconsented_groups = group_types[kTypeUnconsented];
+
     // Pull common groups from allowed and preconsented parts.
     FunctionalGroupIDs allowed_preconsented = Merge(allowed_groups,
                                               preconsented_groups);
@@ -864,21 +867,20 @@ void PolicyManagerImpl::GetPermissionsForApp(
     // all disallowed groups from allowed table.
     FunctionalGroupIDs common_allowed = ExcludeSame(all_allowed,
                                                     common_disallowed);
+    FunctionalGroupIDs consent_disallowed = ExcludeSame(unconsented_groups,
+                                                        preconsented_groups);
 
-    // Remove all disallowed groups from application specific groups.
-    FunctionalGroupIDs no_disallowed = ExcludeSame(all_groups,
-                                                   common_disallowed);
-
-    // Undefined groups are groups that have no allowed or disallowed type.
-    FunctionalGroupIDs undefined_consent = ExcludeSame(no_disallowed,
-                                                       common_allowed);
+    // Disallowed groups are contain all directly disallowed,
+    // plus unconsented minus preconsented.
+    FunctionalGroupIDs all_disallowed = Merge(common_disallowed,
+                                              consent_disallowed);
 
     // Fill result
-    FillFunctionalGroupPermissions(undefined_consent, group_names,
+    FillFunctionalGroupPermissions(unconsented_groups, group_names,
                                    kGroupUndefined, permissions);
     FillFunctionalGroupPermissions(common_allowed, group_names,
                                    kGroupAllowed, permissions);
-    FillFunctionalGroupPermissions(common_disallowed, group_names,
+    FillFunctionalGroupPermissions(all_disallowed, group_names,
                                    kGroupDisallowed, permissions);
 #else
     // In case of GENIVI all groups are allowed