openharmony/ability_ability_runtime
1
0
Fork 0
mirror of https://gitee.com/openharmony/ability_ability_runtime synced 2024-12-21 16:45:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add user

Browse Source 
Signed-off-by: unknown <sijunjie@huawei.com>
This commit is contained in:
unknown 2022-08-02 21:52:18 +08:00
parent 7cc4291d33
commit 65fb7d3bbc
2 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
services/abilitymgr/include/dlp_utils.h
View File

@ -16,12 +16,12 @@
#ifndef OHOS_ABILITY_RUNTIME_DLP_UTILS_H
#define OHOS_ABILITY_RUNTIME_DLP_UTILS_H
#ifdef WITH_DLP
#include "ability_record.h"
#ifdef WITH_DLP
#include "dlp_permission_kit.h"
#include "permission_verification.h"
#endif // WITH_DLP
#include "iremote_object.h"
#include "permission_verification.h"
#include "want.h"
namespace OHOS {
@ -65,6 +65,18 @@ static bool DlpAccessOtherAppsCheck(const sptr<IRemoteObject> &callerToken, cons
#endif // WITH_DLP
return true;
}
static bool OtherAppsAccessDlpCheck(const sptr<IRemoteObject> &callerToken, const Want &want)
{
if (callerToken != nullptr) {
auto abilityRecord = Token::GetAbilityRecordByToken(callerToken);
if (abilityRecord != nullptr && abilityRecord->GetAppIndex() != 0) {
return true;
}
}
return PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want));
}
} // namespace DlpUtils
} // namespace AAFwk
} // namespace OHOS

12
services/abilitymgr/src/ability_manager_service.cpp
View File

@ -335,7 +335,7 @@ int AbilityManagerService::StartAbilityInner(const Want &want, const sptr<IRemot
{
HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed.", __func__);
@ -501,7 +501,7 @@ int AbilityManagerService::StartAbility(const Want &want, const AbilityStartSett
AAFWK::EventReport::SendAbilityEvent(AAFWK::START_ABILITY,
HiSysEventType::BEHAVIOR, eventInfo);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed", __func__);
@ -659,7 +659,7 @@ int AbilityManagerService::StartAbility(const Want &want, const StartOptions &st
AAFWK::EventReport::SendAbilityEvent(AAFWK::START_ABILITY,
HiSysEventType::BEHAVIOR, eventInfo);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed", __func__);
@ -890,7 +890,7 @@ int AbilityManagerService::StartExtensionAbility(const Want &want, const sptr<IR
eventInfo.extensionType = (int32_t)extensionType;
AAFWK::EventReport::SendExtensionEvent(AAFWK::START_SERVICE,
HiSysEventType::BEHAVIOR, eventInfo);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed.", __func__);
@ -991,7 +991,7 @@ int AbilityManagerService::StopExtensionAbility(const Want &want, const sptr<IRe
eventInfo.extensionType = (int32_t)extensionType;
AAFWK::EventReport::SendExtensionEvent(AAFWK::STOP_SERVICE,
HiSysEventType::BEHAVIOR, eventInfo);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed.", __func__);
@ -1408,7 +1408,7 @@ int AbilityManagerService::ConnectAbility(
AAFWK::EventReport::SendExtensionEvent(AAFWK::CONNECT_SERVICE, HiSysEventType::BEHAVIOR,
eventInfo);
if (!PermissionVerification::GetInstance()->VerifyDlpPermission(const_cast<Want &>(want)) ||
if (!DlpUtils::OtherAppsAccessDlpCheck(callerToken, want) ||
VerifyAccountPermission(userId) == CHECK_PERMISSION_FAILED ||
!DlpUtils::DlpAccessOtherAppsCheck(callerToken, want)) {
HILOG_ERROR("%{public}s: Permission verification failed", __func__);