白名单替换权限代理授权Uri

Signed-off-by: xlw <xialiangwei1@huawei.com>
Change-Id: Ic59f1ccc17d4710433221d29c1b20465a10b1090

interfaces/inner_api/uri_permission/include/uri_permission_manager_client.h

@@ -88,6 +88,8 @@ public:
      */
     bool VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId);
 
+    bool IsAuthorizationUriAllowed(uint32_t fromTokenId);
+
     void OnLoadSystemAbilitySuccess(const sptr<IRemoteObject> &remoteObject);
     void OnLoadSystemAbilityFail();
 private:

interfaces/inner_api/uri_permission/include/uri_permission_manager_interface.h

@@ -91,6 +91,8 @@ public:
      */
     virtual bool VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId) = 0;
 
+    virtual bool IsAuthorizationUriAllowed(uint32_t fromTokenId) = 0;
+
     enum UriPermMgrCmd {
         // ipc id for GrantUriPermission
         ON_GRANT_URI_PERMISSION = 0,
@@ -111,6 +113,9 @@ public:
 
         // ipc id for BatchGrantUriPermission
         ON_BATCH_GRANT_URI_PERMISSION,
+
+        //ipc id for IsAuthorizationUriAllowed
+        ON_IS_Authorization_URI_ALLOWED
     };
 };
 }  // namespace AAFwk

interfaces/inner_api/uri_permission/include/uri_permission_manager_proxy.h

@@ -38,6 +38,7 @@ public:
     virtual int RevokeUriPermissionManually(const Uri &uri, const std::string bundleName) override;
     virtual bool CheckPersistableUriPermissionProxy(const Uri& uri, uint32_t flag, uint32_t tokenId) override;
     virtual bool VerifyUriPermission(const Uri &uri, uint32_t flag, uint32_t tokenId) override;
+    virtual bool IsAuthorizationUriAllowed(uint32_t fromTokenId) override;
 
 private:
     static inline BrokerDelegator<UriPermissionManagerProxy> delegator_;

interfaces/inner_api/uri_permission/include/uri_permission_manager_stub.h

@@ -42,6 +42,7 @@ private:
     int HandleRevokeUriPermissionManually(MessageParcel &data, MessageParcel &reply);
     int HandleCheckPerSiSTableUriPermissionProxy(MessageParcel &data, MessageParcel &reply);
     int HandleVerifyUriPermission(MessageParcel &data, MessageParcel &reply);
+    int HandleIsAuthorizationUriAllowed(MessageParcel &data, MessageParcel &reply);
 };
 }  // namespace AAFwk
 }  // namespace OHOS

interfaces/inner_api/uri_permission/src/uri_permission_manager_client.cpp

@@ -107,6 +107,15 @@ bool UriPermissionManagerClient::VerifyUriPermission(const Uri& uri, uint32_t fl
     return false;
 }
 
+bool UriPermissionManagerClient::IsAuthorizationUriAllowed(uint32_t fromTokenId)
+{
+    auto uriPermMgr = ConnectUriPermService();
+    if (uriPermMgr) {
+        return uriPermMgr->IsAuthorizationUriAllowed(fromTokenId);
+    }
+    return false;
+}
+
 sptr<IUriPermissionManager> UriPermissionManagerClient::ConnectUriPermService()
 {
     HILOG_DEBUG("UriPermissionManagerClient::ConnectUriPermService is called.");

interfaces/inner_api/uri_permission/src/uri_permission_manager_proxy.cpp

@@ -228,6 +228,28 @@ bool UriPermissionManagerProxy::VerifyUriPermission(const Uri& uri, uint32_t fla
     return reply.ReadBool();
 }
 
+bool UriPermissionManagerProxy::IsAuthorizationUriAllowed(uint32_t fromTokenId)
+{
+    HILOG_DEBUG("UriPermissionManagerProxy::IsAuthorizationUriAllowed is called.");
+    MessageParcel data;
+    if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
+        HILOG_ERROR("Write interface token failed.");
+        return false;
+    }
+    if (!data.WriteInt32(fromTokenId)) {
+        HILOG_ERROR("Write fromTokenId failed.");
+        return false;
+    }
+    MessageParcel reply;
+    MessageOption option;
+    int error = SendTransactCmd(UriPermMgrCmd::ON_IS_Authorization_URI_ALLOWED, data, reply, option);
+    if (error != ERR_OK) {
+        HILOG_ERROR("SendRequest fail, error: %{public}d", error);
+        return false;
+    }
+    return reply.ReadBool();
+}
+
 int32_t UriPermissionManagerProxy::SendTransactCmd(uint32_t code, MessageParcel &data,
     MessageParcel &reply, MessageOption &option)
 {

interfaces/inner_api/uri_permission/src/uri_permission_manager_stub.cpp

@@ -52,6 +52,9 @@ int UriPermissionManagerStub::OnRemoteRequest(
         case UriPermMgrCmd::ON_VERIFY_URI_PERMISSION : {
             return HandleVerifyUriPermission(data, reply);
         }
+        case UriPermMgrCmd::ON_IS_Authorization_URI_ALLOWED : {
+            return HandleIsAuthorizationUriAllowed(data, reply);
+        }
         default:
             return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
     }
@@ -152,5 +155,13 @@ int UriPermissionManagerStub::HandleVerifyUriPermission(MessageParcel &data, Mes
     reply.WriteBool(result);
     return ERR_OK;
 }
+
+int UriPermissionManagerStub::HandleIsAuthorizationUriAllowed(MessageParcel &data, MessageParcel &reply)
+{
+    auto fromTokenId = data.ReadInt32();
+    bool result = IsAuthorizationUriAllowed(fromTokenId);
+    reply.WriteBool(result);
+    return ERR_OK;
+}
 }  // namespace AAFwk
 }  // namespace OHOS

services/abilitymgr/BUILD.gn

@@ -238,9 +238,16 @@ ohos_prebuilt_etc("uiextension_picker_config.json") {
   part_name = "ability_runtime"
 }
 
+ohos_prebuilt_etc("proxy_authorization_uri.json") {
+  source = "resource/proxy_authorization_uri.json"
+  subsystem_name = "ability"
+  part_name = "ability_runtime"
+}
+
 group("ams_service_config") {
   deps = [
     ":ams_service_config.json",
+    ":proxy_authorization_uri.json",
     ":uiextension_picker_config.json",
   ]
 }

services/abilitymgr/resource/proxy_authorization_uri.json

@@ -0,0 +1,32 @@
+{
+    "proxyAuthorizationUri":
+    [
+        {
+            "bundleName": "ohos.global.systemres"
+        },
+        {
+            "bundleName": "com.ohos.camera"
+        },
+        {
+            "bundleName": "com.ohos.photos"
+        },
+        {
+            "bundleName": "com.ohos.medialibrary.medialibrarydata"
+        },
+        {
+            "bundleName": "com.ohos.filepicker"
+        },
+        {
+            "bundleName": "foundation"
+        },
+        {
+            "bundleName": "wallpaper_service"
+        },
+        {
+            "bundleName": "distributeddata"
+        },
+        {
+            "bundleName": "pasteboard_service"
+        }
+    ]
+}

services/abilitymgr/src/ability_record.cpp

@@ -2816,10 +2816,9 @@ void AbilityRecord::GrantUriPermission(Want &want, std::string targetBundleName,
     } else {
         fromTokenId = IPCSkeleton::GetCallingTokenID();
     }
-
     auto permission =
-        PermissionVerification::GetInstance()->VerifyCallingPermission(PERMISSION_PROXY_AUTHORIZATION_URI) ||
-        PermissionVerification::GetInstance()->VerifyPermissionByTokenId(tokenId, PERMISSION_PROXY_AUTHORIZATION_URI);
+        AAFwk::UriPermissionManagerClient::GetInstance().IsAuthorizationUriAllowed(IPCSkeleton::GetCallingTokenID()) ||
+        AAFwk::UriPermissionManagerClient::GetInstance().IsAuthorizationUriAllowed(tokenId);
     auto userId = GetCurrentAccountId();
     auto callerTokenId = static_cast<uint32_t>(want.GetIntParam(Want::PARAM_RESV_CALLER_TOKEN, -1));
     std::unordered_map<uint32_t, std::vector<Uri>> uriVecMap; // flag, vector

services/uripermmgr/BUILD.gn

@@ -31,6 +31,7 @@ libupms_sources = [
   "src/rdb/ability_rdb_open_callback.cpp",
   "src/rdb/rdb_data_manager.cpp",
   "src/rdb/uri_permission_rdb.cpp",
+  "src/proxy_authorization_uri_config.cpp",
   "src/uri_permission_manager_service.cpp",
   "src/uri_permission_manager_stub_impl.cpp",
 ]

services/uripermmgr/include/proxy_authorization_uri_config.h

@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OHOS_ABILITY_RUNTIME_PROXY_AUTHORIZATION_URI_CONFIG_H
+#define OHOS_ABILITY_RUNTIME_PROXY_AUTHORIZATION_URI_CONFIG_H
+
+#include <nlohmann/json.hpp>
+#include <set>
+#include <string>
+
+#include "singleton.h"
+
+namespace OHOS {
+namespace AAFwk {
+class ProxyAuthorizationUriConfig : public DelayedSingleton<ProxyAuthorizationUriConfig> {
+public:
+    explicit ProxyAuthorizationUriConfig() = default;
+    virtual ~ProxyAuthorizationUriConfig() = default;
+    void LoadConfiguration();
+    bool IsAuthorizationUriAllowed(uint32_t fromTokenId);
+private:
+    void LoadBundleNameAllowedList(const nlohmann::json &object);
+    bool ReadFileInfoJson(const std::string &filePath, nlohmann::json &jsonBuf);
+
+    std::set<std::string> bundleNameAllowedList_;
+};
+} // OHOS
+} // AAFwk
+
+#endif // OHOS_ABILITY_RUNTIME_PROXY_AUTHORIZATION_URI_CONFIG_H

services/uripermmgr/include/uri_permission_manager_stub_impl.h

@@ -56,6 +56,7 @@ public:
 
     bool CheckPersistableUriPermissionProxy(const Uri &uri, uint32_t flag, uint32_t tokenId) override;
     bool VerifyUriPermission(const Uri &uri, uint32_t flag, uint32_t tokenId) override;
+    bool IsAuthorizationUriAllowed(uint32_t fromTokenId) override;
     
     uint32_t GetTokenIdByBundleName(const std::string bundleName, int32_t appIndex);
 

services/uripermmgr/src/proxy_authorization_uri_config.cpp

@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "proxy_authorization_uri_config.h"
+#include <fstream>
+#include <sstream>
+#include <unistd.h>
+
+#include "accesstoken_kit.h"
+#include "parameters.h"
+#include "hilog_wrapper.h"
+
+namespace OHOS {
+namespace AAFwk {
+namespace {
+const std::string CONFIG_PATH = "/system/etc/proxy_authorization_uri.json";
+const std::string SCB_CONFIG_PATH_PREFIX = "/system/variant/";
+const std::string SCB_CONFIG_PATH = "/base/etc/proxy_authorization_uri.json";
+
+const std::string PROXY_AUTHORIZATION_URI_NAME = "proxyAuthorizationUri";
+const std::string BUNDLE_NAME = "bundleName";
+}
+
+void ProxyAuthorizationUriConfig::LoadConfiguration()
+{
+    HILOG_DEBUG("call");
+    nlohmann::json scbJsonBuf;
+    std::string scbConfigPath = SCB_CONFIG_PATH_PREFIX + OHOS::system::GetDeviceType() + SCB_CONFIG_PATH;
+    if (ReadFileInfoJson(scbConfigPath, scbJsonBuf)) {
+        LoadBundleNameAllowedList(scbJsonBuf);
+        return;
+    }
+    nlohmann::json jsonBuf;
+    if (ReadFileInfoJson(CONFIG_PATH, jsonBuf)) {
+        LoadBundleNameAllowedList(jsonBuf);
+    }
+}
+
+bool ProxyAuthorizationUriConfig::IsAuthorizationUriAllowed(uint32_t fromTokenId)
+{
+    Security::AccessToken::NativeTokenInfo nativeInfo;
+    auto result = Security::AccessToken::AccessTokenKit::GetNativeTokenInfo(fromTokenId, nativeInfo);
+    if (result == Security::AccessToken::AccessTokenKitRet::RET_SUCCESS &&
+        bundleNameAllowedList_.find(nativeInfo.processName) != bundleNameAllowedList_.end()) {
+        return true;
+    }
+
+    Security::AccessToken::HapTokenInfo hapInfo;
+    result = Security::AccessToken::AccessTokenKit::GetHapTokenInfo(fromTokenId, hapInfo);
+    if (result == Security::AccessToken::AccessTokenKitRet::RET_SUCCESS &&
+        bundleNameAllowedList_.find(hapInfo.bundleName) != bundleNameAllowedList_.end()) {
+        return true;
+    } 
+    return false;
+}
+
+void ProxyAuthorizationUriConfig::LoadBundleNameAllowedList(const nlohmann::json &object)
+{
+    if (!object.contains(PROXY_AUTHORIZATION_URI_NAME)) {
+        HILOG_ERROR("Proxy authorization uri config not existed.");
+        return;
+    }
+
+    for (auto &item : object.at(PROXY_AUTHORIZATION_URI_NAME).items()) {
+        const nlohmann::json& jsonObject = item.value();
+        if (!jsonObject.contains(BUNDLE_NAME) || !jsonObject.at(BUNDLE_NAME).is_string()) {
+            continue;
+        }
+        std::string bundleName = jsonObject.at(BUNDLE_NAME).get<std::string>();
+        bundleNameAllowedList_.insert(bundleName);
+    }
+}
+
+bool ProxyAuthorizationUriConfig::ReadFileInfoJson(const std::string &filePath, nlohmann::json &jsonBuf)
+{
+    if (access(filePath.c_str(), F_OK) != 0) {
+        HILOG_DEBUG("%{public}s, not existed", filePath.c_str());
+        return false;
+    }
+
+    std::fstream in;
+    char errBuf[256];
+    errBuf[0] = '\0';
+    in.open(filePath, std::ios_base::in);
+    if (!in.is_open()) {
+        strerror_r(errno, errBuf, sizeof(errBuf));
+        HILOG_ERROR("the file cannot be open due to  %{public}s", errBuf);
+        return false;
+    }
+
+    in.seekg(0, std::ios::end);
+    int64_t size = in.tellg();
+    if (size <= 0) {
+        HILOG_ERROR("the file is an empty file");
+        in.close();
+        return false;
+    }
+
+    in.seekg(0, std::ios::beg);
+    jsonBuf = nlohmann::json::parse(in, nullptr, false);
+    in.close();
+    if (jsonBuf.is_discarded()) {
+        HILOG_ERROR("bad profile file");
+        return false;
+    }
+
+    return true;
+}
+}
+}

services/uripermmgr/src/uri_permission_manager_stub_impl.cpp

@@ -29,6 +29,7 @@
 #include "parameter.h"
 #include "permission_constants.h"
 #include "permission_verification.h"
+#include "proxy_authorization_uri_config.h"
 #include "system_ability_definition.h"
 #include "tokenid_kit.h"
 #include "want.h"
@@ -49,6 +50,7 @@ void UriPermissionManagerStubImpl::Init()
         HILOG_INFO("Init uri permission database manager.");
         uriPermissionRdb_ = std::make_shared<UriPermissionRdb>();
     }
+    DelayedSingleton<ProxyAuthorizationUriConfig>::GetInstance()->LoadConfiguration();
 }
 
 bool UriPermissionManagerStubImpl::CheckPersistableUriPermissionProxy(const Uri& uri, uint32_t flag, uint32_t tokenId)
@@ -101,6 +103,11 @@ bool UriPermissionManagerStubImpl::VerifyUriPermission(const Uri &uri, uint32_t
     return false;
 }
 
+bool UriPermissionManagerStubImpl::IsAuthorizationUriAllowed(uint32_t fromTokenId)
+{
+    return DelayedSingleton<ProxyAuthorizationUriConfig>::GetInstance()->IsAuthorizationUriAllowed(fromTokenId);
+}
+
 int UriPermissionManagerStubImpl::GrantUriPermission(const Uri &uri, unsigned int flag,
     const std::string targetBundleName, int32_t appIndex)
 {
@@ -186,8 +193,7 @@ int UriPermissionManagerStubImpl::GetUriPermissionFlag(const Uri &uri, unsigned
     auto callerTokenId = IPCSkeleton::GetCallingTokenID();
     Uri uri_inner = uri;
     auto&& authority = uri_inner.GetAuthority();
-    auto permission = PermissionVerification::GetInstance()->VerifyCallingPermission(
-        AAFwk::PermissionConstants::PERMISSION_PROXY_AUTHORIZATION_URI);
+    auto permission = IsAuthorizationUriAllowed(callerTokenId);
     if ((flag & Want::FLAG_AUTH_WRITE_URI_PERMISSION) != 0) {
         newFlag |= Want::FLAG_AUTH_WRITE_URI_PERMISSION;
     } else {
@@ -536,8 +542,7 @@ int UriPermissionManagerStubImpl::RevokeUriPermissionManually(const Uri &uri, co
     auto uriTokenId = GetTokenIdByBundleName(authority, 0);
     auto tokenId = GetTokenIdByBundleName(bundleName, 0);
     auto callerTokenId = IPCSkeleton::GetCallingTokenID();
-    auto permission = PermissionVerification::GetInstance()->VerifyCallingPermission(
-        AAFwk::PermissionConstants::PERMISSION_PROXY_AUTHORIZATION_URI);
+    auto permission = IsAuthorizationUriAllowed(callerTokenId);
     bool authorityFlag = authority == "media" || authority == "docs";
 
     if (!authorityFlag && (uriTokenId != callerTokenId) && (tokenId != callerTokenId)) {