policy_engine.h

Go to the documentation of this file.

/*
 *
 * Copyright (c) Microsoft Corporation.
 * All rights reserved.
 *
 * This code is licensed under the MIT License.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files(the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions :
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 */
#ifndef API_MIP_UPE_POLICY_ENGINE_H_
#define API_MIP_UPE_POLICY_ENGINE_H_
 
#include <memory>
#include <string>
#include <vector>
 
#include "mip/common_types.h"
#include "mip/error.h"
#include "mip/mip_namespace.h"
#include "mip/upe/action.h"
#include "mip/upe/content_label.h"
#include "mip/upe/execution_state.h"
#include "mip/upe/label.h"
#include "mip/upe/policy_handler.h"
#include "mip/upe/sensitivity_types_rule_package.h"
 
MIP_NAMESPACE_BEGIN
 
class PolicyEngine {
public:
  class Settings {
  public:
    Settings(
        const std::string& engineId,
        const std::shared_ptr<AuthDelegate>& authDelegate,
        const std::string& clientData,
        const std::string& locale = "",
        bool loadSensitivityTypes = false)
        : mEngineId(engineId),
          mAuthDelegate(authDelegate),
          mClientData(clientData),
          mLocale(locale),
          mIsLoadSensitivityTypesEnabled(loadSensitivityTypes) {
      if (mLocale.compare("") == 0) {
        mLocale = "en-US";
      }
    }
 
    Settings(
        const Identity& identity,
        const std::shared_ptr<AuthDelegate>& authDelegate,
        const std::string& clientData,
        const std::string& locale = "",
        bool loadSensitivityTypes = false)
        : mIdentity(identity),
          mAuthDelegate(authDelegate),
          mClientData(clientData),
          mLocale(locale),
          mIsLoadSensitivityTypesEnabled(loadSensitivityTypes) {
      if (mLocale.compare("") == 0) {
        mLocale = "en-US";
      }
    }
 
    const std::string& GetEngineId() const { return mEngineId; }
 
    void SetEngineId(const std::string& id) { mEngineId = id; }
 
    const Identity& GetIdentity() const { return mIdentity; }
 
    void SetIdentity(const Identity& identity) { mIdentity = identity; }
 
    const std::string& GetClientData() const { return mClientData; }
 
    void SetClientData(const std::string& clientData) { mClientData = clientData; }
 
    const std::string& GetLocale() const { return mLocale; }
 
    void SetCustomSettings(const std::vector<std::pair<std::string, std::string>>& customSettings) {
      mCustomSettings = customSettings;
    }
 
    const std::vector<std::pair<std::string, std::string>>& GetCustomSettings() const {
      return mCustomSettings;
    }
 
    void SetSessionId(const std::string& sessionId) {
      mSessionId = sessionId;
    }
 
    const std::string& GetSessionId() const {
      return mSessionId;
    }
 
    bool IsLoadSensitivityTypesEnabled() const {
      return mIsLoadSensitivityTypesEnabled;
    }
 
    void SetCloud(Cloud cloud) {
      mCloud = cloud;
    }
 
    Cloud GetCloud() const {
      return mCloud;
    }
 
    void SetDataBoundary(DataBoundary dataBoundary) {
      mDataBoundary = dataBoundary;
    }
 
    DataBoundary GetDataBoundary() const {
      return mDataBoundary;
    }
 
    void SetCloudEndpointBaseUrl(const std::string& cloudEndpointBaseUrl) {
      mCloudEndpointBaseUrl = cloudEndpointBaseUrl;
    }
 
    const std::string& GetCloudEndpointBaseUrl() const {
      return mCloudEndpointBaseUrl;
    }
 
    void SetDelegatedUserEmail(const std::string& delegatedUserEmail) { mDelegatedUserEmail = delegatedUserEmail; }
 
    const std::string& GetDelegatedUserEmail() const { return mDelegatedUserEmail; }
 
#if !defined(SWIG) && !defined(SWIG_DIRECTORS)
    [[deprecated("SetLabelFilter is deprecated, use ConfigureFunctionality")]]
#endif
    void SetLabelFilter(const std::vector<LabelFilterType>& deprecatedLabelFilters) {
      mDeprecatedLabelFilters = deprecatedLabelFilters;
    }
    const std::vector<LabelFilterType>& GetLabelFilter() const { return mDeprecatedLabelFilters; }
 
    void ConfigureFunctionality(FunctionalityFilterType functionalityFilterType, bool enabled) {
      if(functionalityFilterType == FunctionalityFilterType::None) {
        throw BadInputError(
            "FunctionalityFilterType::None is not supported");
      }
 
      mConfiguredFunctionality[functionalityFilterType] = enabled;
    }
 
    const std::map<FunctionalityFilterType, bool>& GetConfiguredFunctionality() const { return mConfiguredFunctionality; }
 
    void SetVariableTextMarkingType(VariableTextMarkingType variableTextMarkingType) {
      mVariableTextMarkingType = variableTextMarkingType;
    }
 
    VariableTextMarkingType GetVariableTextMarkingType() const {
      return mVariableTextMarkingType;
    }
 
    void SetAuthDelegate(const std::shared_ptr<AuthDelegate>& authDelegate) { 
      mAuthDelegate = authDelegate; 
    }
 
    std::shared_ptr<AuthDelegate> GetAuthDelegate() const { return mAuthDelegate; }
 
#if !defined(SWIG) && !defined(SWIG_DIRECTORS)
    const std::shared_ptr<void>& GetLoggerContext() const { return mLoggerContext; }
#endif
    void SetLoggerContext(const std::shared_ptr<void>& loggerContext) {
      mLoggerContext = loggerContext;
    }
 
    ~Settings() {}
  private:
    std::string mEngineId;
    Identity mIdentity;
    Cloud mCloud = Cloud::Unknown;
    DataBoundary mDataBoundary = DataBoundary::Default;
    std::shared_ptr<AuthDelegate> mAuthDelegate;
    std::string mClientData;
    std::vector<std::pair<std::string, std::string>> mCustomSettings;
    std::vector<LabelFilterType> mDeprecatedLabelFilters;      // Labels that the client does not want to view
    std::map<FunctionalityFilterType, bool> mConfiguredFunctionality;  // Functionality that has been turned on or off
    std::string mLocale;
    std::string mSessionId;
    bool mIsLoadSensitivityTypesEnabled;
    std::string mCloudEndpointBaseUrl;
    std::string mDelegatedUserEmail;
    VariableTextMarkingType mVariableTextMarkingType = VariableTextMarkingType::Default;
    std::map<Classifier, bool> mClassifierSupport;  // Overwritten classifiers that the application elects to support or not
    std::shared_ptr<void> mLoggerContext;
  };
 
  virtual const Settings& GetSettings() const = 0;
 
  virtual const std::vector<std::shared_ptr<Label>> ListSensitivityLabels(
      const std::vector<std::string>& contentFormats = std::vector<std::string>()) = 0;
 
  virtual const std::vector<std::shared_ptr<SensitivityTypesRulePackage>>& ListSensitivityTypes() const = 0;
 
  virtual const std::string& GetMoreInfoUrl() const = 0;
 
  virtual bool IsLabelingRequired(const std::string& contentFormat = std::string()) const = 0; 
 
  virtual bool IsDowngradeJustificationRequired() const = 0; 
 
  virtual const std::shared_ptr<Label> GetDefaultSensitivityLabel(const std::string& contentFormat = std::string()) const = 0;
 
  virtual std::shared_ptr<Label> GetLabelById(const std::string& id) const = 0;
 
  virtual std::shared_ptr<PolicyHandler> CreatePolicyHandler(bool isAuditDiscoveryEnabled, bool isGetSensitivityLabelAuditDiscoveryEnabled = true) = 0;
 
  virtual void SendApplicationAuditEvent(
      const std::string& level,
      const std::string& eventType,
      const std::string& eventData) = 0;
 
  virtual const std::string& GetTenantId() const = 0;
 
  virtual const std::string& GetPolicyDataXml() const = 0;
 
  virtual const std::string& GetSensitivityTypesDataXml() const = 0;
 
  virtual const std::vector<std::pair<std::string, std::string>>& GetCustomSettings() const = 0;
 
  virtual const std::string& GetPolicyFileId() const = 0;
 
  virtual const std::string& GetSensitivityFileId() const = 0;
 
  virtual bool HasClassificationRules(const std::vector<std::string>& contentFormats = std::vector<std::string>()) const = 0;
 
  virtual std::chrono::time_point<std::chrono::system_clock> GetLastPolicyFetchTime() const = 0;
 
  virtual uint32_t GetWxpMetadataVersion() const = 0;
 
  virtual bool HasWorkloadConsent(Workload workload) const = 0;
 
  virtual ~PolicyEngine() { }
 
protected:
  PolicyEngine() {}
};
 
MIP_NAMESPACE_END
 
#endif  // API_MIP_UPE_POLICY_ENGINE_H_