!812 PC allow continue config file check

Merge pull request !812 from 仝月姣/master

bundle.json

@@ -38,8 +38,10 @@
           "ability_runtime",
           "access_token",
           "bundle_framework",
-          "common_event_service",
+          "cJSON",
           "c_utils",
+          "common_event_service",
+          "config_policy",
           "device_auth",
           "device_info_manager",
           "device_security_level",
@@ -49,6 +51,7 @@
           "dsoftbus",
           "efficiency_manager",
           "eventhandler",
+          "ffrt",
           "form_fwk",
           "hisysevent",
           "hitrace",
@@ -62,8 +65,7 @@
           "napi",
           "os_account",
           "safwk",
-          "samgr",
-          "ffrt"
+          "samgr"
         ],
         "third_party": [
           "cJSON"
@@ -79,6 +81,7 @@
             "//foundation/ability/dmsfwk/interfaces/kits/napi:napi_packages"
           ],
           "service_group": [
+            "//foundation/ability/dmsfwk/common:distributed_sched_utils",
             "//foundation/ability/dmsfwk/etc/init:etc",
             "//foundation/ability/dmsfwk/etc/profile:distributedsched_trust",
             "//foundation/ability/dmsfwk/sa_profile:dms_sa_profile",

common/BUILD.gn

@@ -0,0 +1,45 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/ohos.gni")
+import("//build/ohos_var.gni")
+import("../dmsfwk.gni")
+
+ohos_shared_library("distributed_sched_utils") {
+  sanitize = {
+    cfi = true
+    cfi_cross_dso = true
+    debug = false
+  }
+
+  include_dirs = [
+    "${dms_path}/common/include",
+    "${dms_path}/services/dtbschedmgr/include",
+  ]
+
+  sources = [ "src/distributed_sched_utils.cpp" ]
+
+  deps = []
+
+  external_deps = [
+    "cJSON:cjson",
+    "c_utils:utils",
+    "config_policy:configpolicy_util",
+    "hilog:libhilog",
+  ]
+
+  install_images = [ system_base_dir ]
+  relative_install_dir = "platformsdk"
+  part_name = "dmsfwk"
+  subsystem_name = "ability"
+}

common/include/distributed_sched_utils.h

@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OHOS_DMS_UTILS_H
+#define OHOS_DMS_UTILS_H
+
+#include <string>
+
+namespace OHOS {
+namespace DistributedSchedule {
+bool IsValidPath(const std::string &inFilePath, std::string &realFilePath);
+bool UpdateAllowAppList(const std::string &cfgJsonStr);
+int32_t LoadContinueConfig();
+bool CheckBundleContinueConfig(const std::string &bundleName);
+} // namespace DistributedSchedule
+} // namespace OHOS
+#endif // OHOS_DISTRIBUTED_SCHED_SERVICE_H

common/src/distributed_sched_utils.cpp

@@ -0,0 +1,174 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "distributed_sched_utils.h"
+
+#include <algorithm>
+#include <cstdlib>
+#include <filesystem>
+#include <fstream>
+#include <iostream>
+#include <vector>
+#include "cJSON.h"
+
+#include "config_policy_utils.h"
+
+#include "dtbschedmgr_log.h"
+
+namespace OHOS {
+namespace DistributedSchedule {
+const std::string TAG = "DistributedSchedUtils";
+const std::string CONTINUE_CONFIG_RELATIVE_PATH = "etc/distributedhardware/dms/continue_config.json";
+const std::string ALLOW_APP_LIST_KEY = "allow_applist";
+constexpr int32_t MAX_CONFIG_PATH_LEN = 1024;
+
+static std::atomic<bool> g_isMissContinueCfg = false;
+static std::string g_continueCfgFullPath = "";
+static std::vector<std::string> g_allowAppList;
+std::mutex g_allowAppListMtx;
+
+bool IsValidPath(const std::string &inFilePath, std::string &realFilePath)
+{
+    char path[PATH_MAX + 1] = { 0 };
+    if (inFilePath.empty() || inFilePath.length() > PATH_MAX || inFilePath.length() + 1 > MAX_CONFIG_PATH_LEN ||
+        realpath(inFilePath.c_str(), path) == nullptr) {
+        HILOGE("Get continue config file real path fail, inFilePath %{public}s.", inFilePath.c_str());
+        return false;
+    }
+
+    realFilePath = std::string(path);
+    if (!std::filesystem::exists(realFilePath)) {
+        HILOGE("The real file path %{public}s does not exist in the file system.", realFilePath.c_str());
+        realFilePath = "";
+        return false;
+    }
+    HILOGI("The real file path %{public}s exist in the file system.", realFilePath.c_str());
+    return true;
+}
+
+bool UpdateAllowAppList(const std::string &cfgJsonStr)
+{
+    cJSON *inJson = nullptr;
+    cJSON *allowList = nullptr;
+    bool isSuccess = false;
+    do {
+        inJson = cJSON_Parse(cfgJsonStr.c_str());
+        if (inJson == nullptr) {
+            HILOGE("parse continue config json file stream to json fail.");
+            break;
+        }
+
+        allowList = cJSON_GetObjectItem(inJson, ALLOW_APP_LIST_KEY.c_str());
+        if (allowList == nullptr || !cJSON_IsArray(allowList)) {
+            HILOGE("allow app list array is not in continue config json file.");
+            break;
+        }
+
+        std::lock_guard<std::mutex> lock(g_allowAppListMtx);
+        for (int32_t i = 0; i < cJSON_GetArraySize(allowList); i++) {
+            cJSON *iAllowAppJson = cJSON_GetArrayItem(allowList, i);
+            if (!cJSON_IsString(iAllowAppJson)) {
+                HILOGE("allow app list [%{public}d] is not string.", i);
+                continue;
+            }
+
+            std::string iAllowAppStr = std::string(cJSON_GetStringValue(iAllowAppJson));
+            HILOGI("allow app list show [%{public}d] : [%{public}s].", i, iAllowAppStr.c_str());
+            g_allowAppList.push_back(iAllowAppStr);
+        }
+        isSuccess = true;
+    } while (false);
+
+    if (inJson != nullptr) {
+        cJSON_Delete(inJson);
+        inJson = nullptr;
+    }
+    return isSuccess;
+}
+
+int32_t LoadContinueConfig()
+{
+    HILOGI("Load continue config, isMissContinueCfg %{public}d, ContinueCfgFullPath %{public}s.",
+        g_isMissContinueCfg.load(), g_continueCfgFullPath.c_str());
+    std::string tempPath = g_continueCfgFullPath;
+    if (!g_isMissContinueCfg.load() &&
+        (g_continueCfgFullPath.empty() || !IsValidPath(tempPath, g_continueCfgFullPath))) {
+        char cfgPathBuf[MAX_CONFIG_PATH_LEN] = { 0 };
+        char *filePath  = GetOneCfgFile(CONTINUE_CONFIG_RELATIVE_PATH.c_str(), cfgPathBuf, MAX_CONFIG_PATH_LEN);
+        if (filePath == nullptr || filePath != cfgPathBuf) {
+            HILOGI("Not find continue config file, relative path %{public}s.", CONTINUE_CONFIG_RELATIVE_PATH.c_str());
+            g_isMissContinueCfg.store(true);
+            g_continueCfgFullPath = "";
+            return ERR_OK;
+        }
+        g_isMissContinueCfg.store(false);
+        g_continueCfgFullPath = std::string(filePath);
+        HILOGI("Get Continue config file full path success, cfgFullPath %{public}s.", g_continueCfgFullPath.c_str());
+    }
+
+    if (g_isMissContinueCfg.load()) {
+        HILOGI("Current device does not carry continue config file.");
+        return ERR_OK;
+    }
+
+    tempPath = g_continueCfgFullPath;
+    if (!IsValidPath(tempPath, g_continueCfgFullPath)) {
+        HILOGE("Continue config full path is invalid, cfgFullPath %{public}s.", g_continueCfgFullPath.c_str());
+        return DMS_PERMISSION_DENIED;
+    }
+    std::ifstream in;
+    in.open(g_continueCfgFullPath.c_str(), std::ios::binary | std::ios::in);
+    if (!in.is_open()) {
+        HILOGE("Open continue config json file fail, cfgFullPath %{public}s.", g_continueCfgFullPath.c_str());
+        return DMS_PERMISSION_DENIED;
+    }
+
+    std::string CfgFileContent;
+    in.seekg(0, std::ios::end);
+    CfgFileContent.resize(in.tellg());
+    in.seekg(0, std::ios::beg);
+    in.rdbuf()->sgetn(&CfgFileContent[0], CfgFileContent.size());
+    in.close();
+
+    if (!UpdateAllowAppList(CfgFileContent)) {
+        HILOGE("Update allow app list fail, cfgFullPath %{public}s.", g_continueCfgFullPath.c_str());
+        return DMS_PERMISSION_DENIED;
+    }
+    HILOGI("Load continue config success, isMissContinueCfg %{public}d, cfgFullPath %{public}s.",
+        g_isMissContinueCfg.load(), g_continueCfgFullPath.c_str());
+    return ERR_OK;
+}
+
+bool CheckBundleContinueConfig(const std::string &bundleName)
+{
+    if (g_isMissContinueCfg.load()) {
+        HILOGI("Current device does not carry continue config file.");
+        return true;
+    }
+
+    std::lock_guard<std::mutex> lock(g_allowAppListMtx);
+    auto it = std::find(g_allowAppList.begin(), g_allowAppList.end(), bundleName);
+    if (it == g_allowAppList.end()) {
+        HILOGE("Current app is not allow to continue in config file, bundleName %{public}s, cfgPath %{public}s.",
+            bundleName.c_str(), g_continueCfgFullPath.c_str());
+        return false;
+    }
+
+    HILOGI("Current app is allow to continue in config file, bundleName %{public}s, cfgPath %{public}s.",
+        bundleName.c_str(), g_continueCfgFullPath.c_str());
+    return true;
+}
+} // namespace DistributedSchedule
+} // namespace OHOS

dmsfwk.gni

@@ -13,9 +13,12 @@
 
 declare_args() {
   ams_path = "//foundation/ability/ability_runtime"
+  cjson_path = "//third_party/cJSON"
+  communication_path = "//foundation/communication"
+
   dms_path = "//foundation/ability/dmsfwk"
   module_output_path = "dmsfwk/dmsfwk"
-  communication_path = "//foundation/communication"
+
   dmsfwk_standard_form_share = true
   dmsfwk_mission_manager = false
   efficiency_manager_service_enable = false

services/dtbschedmgr/BUILD.gn

@@ -25,8 +25,10 @@ config("distributed_sched_config") {
   visibility += [ "./test/*" ]
   include_dirs = [
     "include",
+    "${cjson_path}",
     "${communication_path}/dsoftbus/dsoftbus_enhance/interfaces/kits/broadcast",
     "${communication_path}/dsoftbus/interfaces/kits/common",
+    "${dms_path}/common/include",
     "${dms_path}/interfaces/kits/napi/include",
     "${dms_path}/interfaces/innerkits/common/include",
     "include/continue",
@@ -35,7 +37,6 @@ config("distributed_sched_config") {
     "include/continue/state/sink_state",
     "include/distributedWant",
     "include/softbus_adapter/transport",
-    "//third_party/cJSON",
   ]
   defines = []
   if (dmsfwk_mission_manager) {
@@ -136,7 +137,7 @@ ohos_shared_library("distributedschedsvr") {
     "//foundation/ability/dmsfwk/services/dtbschedmgr/test/resource:coverage_flags",
   ]
 
-  deps = [ "//third_party/cJSON:cjson" ]
+  deps = [ "${dms_path}/common:distributed_sched_utils" ]
 
   external_deps = [
     "ability_base:base",
@@ -148,6 +149,7 @@ ohos_shared_library("distributedschedsvr") {
     "access_token:libaccesstoken_sdk",
     "bundle_framework:appexecfwk_base",
     "bundle_framework:appexecfwk_core",
+    "cJSON:cjson",
     "c_utils:utils",
     "device_auth:deviceauth_sdk",
     "device_info_manager:distributed_device_profile_common",

services/dtbschedmgr/src/distributed_sched_service.cpp

@@ -18,53 +18,55 @@
 #include <cinttypes>
 #include <unistd.h>
 
-#include "ability_connection_wrapper_stub.h"
 #include "ability_manager_client.h"
 #include "ability_manager_errors.h"
-#include "adapter/dnetwork_adapter.h"
 #include "bool_wrapper.h"
-#include "bundle/bundle_manager_internal.h"
-#ifdef SUPPORT_COMMON_EVENT_SERVICE
-#include "common_event_listener.h"
-#endif
-#include "connect_death_recipient.h"
 #include "datetime_ex.h"
+#include "element_name.h"
+#include "file_ex.h"
+#include "ipc_skeleton.h"
+#include "iservice_registry.h"
+#include "os_account_manager.h"
+#include "parameters.h"
+#include "string_ex.h"
+#include "system_ability_definition.h"
+#ifdef SUPPORT_DISTRIBUTEDCOMPONENT_TO_MEMMGR
+#include "mem_mgr_client.h"
+#endif
+#ifdef EFFICIENCY_MANAGER_ENABLE
+#include "report_event_type.h"
+#include "suspend_manager_client.h"
+#endif
+
+#include "ability_connection_wrapper_stub.h"
+#include "adapter/dnetwork_adapter.h"
+#include "bundle/bundle_manager_internal.h"
+#include "connect_death_recipient.h"
 #include "dfx/dms_continue_time_dumper.h"
 #include "distributed_radar.h"
 #include "distributed_sched_adapter.h"
 #include "distributed_sched_dumper.h"
 #include "distributed_sched_permission.h"
+#include "distributed_sched_utils.h"
 #include "dms_callback_task.h"
 #include "dms_free_install_callback.h"
 #include "dms_token_callback.h"
 #include "dms_version_manager.h"
 #include "dtbschedmgr_device_info_storage.h"
 #include "dtbschedmgr_log.h"
-#include "element_name.h"
-#include "file_ex.h"
+#include "parcel_helper.h"
+#ifdef SUPPORT_COMMON_EVENT_SERVICE
+#include "common_event_listener.h"
+#endif
 #ifdef SUPPORT_DISTRIBUTED_FORM_SHARE
 #include "form_mgr_death_recipient.h"
 #endif
-#include "ipc_skeleton.h"
-#include "iservice_registry.h"
-#ifdef SUPPORT_DISTRIBUTEDCOMPONENT_TO_MEMMGR
-#include "mem_mgr_client.h"
-#endif
 #ifdef SUPPORT_DISTRIBUTED_MISSION_MANAGER
 #include "mission/distributed_mission_info.h"
 #include "mission/dms_continue_send_manager.h"
 #include "mission/dms_continue_recv_manager.h"
 #include "mission/distributed_sched_mission_manager.h"
 #endif
-#include "os_account_manager.h"
-#include "parameters.h"
-#include "parcel_helper.h"
-#ifdef EFFICIENCY_MANAGER_ENABLE
-#include "report_event_type.h"
-#include "suspend_manager_client.h"
-#endif
-#include "string_ex.h"
-#include "system_ability_definition.h"
 
 namespace OHOS {
 namespace DistributedSchedule {
@@ -201,6 +203,11 @@ void DistributedSchedService::DeviceOfflineNotify(const std::string& networkId)
 bool DistributedSchedService::Init()
 {
     HILOGD("ready to init.");
+    int32_t ret = LoadContinueConfig();
+    if (ret != ERR_OK) {
+        HILOGE("Load continue config fail, ret %{public}d.", ret);
+    }
+
     DmsContinueTime::GetInstance().Init();
     DnetworkAdapter::GetInstance()->Init();
     if (!DtbschedmgrDeviceInfoStorage::GetInstance().Init()) {
@@ -449,6 +456,11 @@ int32_t DistributedSchedService::ContinueLocalMission(const std::string& dstDevi
         return INVALID_PARAMETERS_ERR;
     }
     std::string bundleName = missionInfo.want.GetBundle();
+    if (!CheckBundleContinueConfig(bundleName)) {
+        HILOGI("App does not allow continue in config file, bundle name %{public}s, missionId: %{public}d",
+            bundleName.c_str(), missionId);
+        return REMOTE_DEVICE_BIND_ABILITY_ERR;
+    }
     missionInfo.want.SetParams(wantParams);
     DistributedBundleInfo remoteBundleInfo;
     result = BundleManagerInternal::CheckRemoteBundleInfoForContinuation(dstDeviceId,

services/dtbschedmgr/src/mission/dms_continue_send_manager.cpp

@@ -15,16 +15,18 @@
 
 #include "mission/dms_continue_send_manager.h"
 
+#include <sys/prctl.h>
+
 #include "adapter/dnetwork_adapter.h"
 #include "adapter/mmi_adapter.h"
 #include "datetime_ex.h"
 #include "distributed_radar.h"
 #include "distributed_sched_adapter.h"
+#include "distributed_sched_utils.h"
 #include "dtbschedmgr_device_info_storage.h"
 #include "dtbschedmgr_log.h"
 #include "parcel_helper.h"
 #include "softbus_adapter/softbus_adapter.h"
-#include <sys/prctl.h>
 
 namespace OHOS {
 namespace DistributedSchedule {
@@ -264,6 +266,11 @@ int32_t DMSContinueSendMgr::DealFocusedBusiness(const int32_t missionId)
         return REMOTE_DEVICE_BIND_ABILITY_ERR;
     }
     std::string bundleName = info.want.GetBundle();
+    if (!CheckBundleContinueConfig(bundleName)) {
+        HILOGI("App does not allow continue in config file, bundle name %{public}s, missionId: %{public}d",
+            bundleName.c_str(), missionId);
+        return REMOTE_DEVICE_BIND_ABILITY_ERR;
+    }
     focusedMission_[bundleName] = missionId;
 
     if (info.continueState != AAFwk::ContinueState::CONTINUESTATE_ACTIVE) {
@@ -281,8 +288,7 @@ int32_t DMSContinueSendMgr::DealFocusedBusiness(const int32_t missionId)
         return ret;
     }
     HILOGI("Get focused accessTokenId success, accessTokenId: %{public}u", accessTokenId);
-    uint8_t type = DMS_FOCUSED_TYPE;
-    ret = SendSoftbusEvent(accessTokenId, type);
+    ret = SendSoftbusEvent(accessTokenId, DMS_FOCUSED_TYPE);
     DmsRadar::GetInstance().NormalFocusedSendEventRes("SendSoftbusEvent", ret);
     if (ret != ERR_OK) {
         HILOGE("SendSoftbusEvent focused failed, ret: %{public}d", ret);
@@ -450,6 +456,12 @@ int32_t DMSContinueSendMgr::DealSetMissionContinueStateBusiness(const int32_t mi
         return ret;
     }
     HILOGI("get bundleName success, missionId: %{public}d, bundleName: %{public}s", missionId, bundleName.c_str());
+    if (!CheckBundleContinueConfig(bundleName)) {
+        HILOGI("App does not allow continue in config file, bundle name %{public}s, missionId: %{public}d",
+            bundleName.c_str(), missionId);
+        return REMOTE_DEVICE_BIND_ABILITY_ERR;
+    }
+
     uint32_t accessTokenId;
     ret = BundleManagerInternal::GetBundleIdFromBms(bundleName, accessTokenId);
     if (state == AAFwk::ContinueState::CONTINUESTATE_INACTIVE) {
@@ -577,6 +589,7 @@ void DMSContinueSendMgr::ScreenOffHandler::SetScreenOffInfo(int32_t missionId, s
     unfoInfo_.bundleName = bundleName;
     unfoInfo_.accessToken = accessTokenId;
 }
+
 int32_t DMSContinueSendMgr::GetAccessTokenIdSendEvent(std::string bundleName,
     UnfocusedReason reason, uint32_t& accessTokenId)
 {
@@ -594,8 +607,7 @@ int32_t DMSContinueSendMgr::GetAccessTokenIdSendEvent(std::string bundleName,
     }
 
     if (screenOffHandler_->IsDeviceScreenOn()) {
-        uint8_t type = DMS_UNFOCUSED_TYPE;
-        ret = SendSoftbusEvent(accessTokenId, type);
+        ret = SendSoftbusEvent(accessTokenId, DMS_UNFOCUSED_TYPE);
         bool res = (reason != UnfocusedReason::TIMEOUT)
             ? DmsRadar::GetInstance().NormalUnfocusedSendEventRes("SendSoftbusEvent", ret)
                 : DmsRadar::GetInstance().MultimodeUnfocusedSendEventRes("SendSoftbusEvent", ret);
@@ -613,14 +625,13 @@ int32_t DMSContinueSendMgr::GetAccessTokenIdSendEvent(std::string bundleName,
 
 int32_t DMSContinueSendMgr::SetStateSendEvent(const uint32_t accessTokenId, const AAFwk::ContinueState &state)
 {
-    uint8_t type = DMS_FOCUSED_TYPE;
     if (state == AAFwk::ContinueState::CONTINUESTATE_INACTIVE) {
-        type = DMS_UNFOCUSED_TYPE;
         RemoveMMIListener();
     } else {
         AddMMIListener();
     }
 
+    uint8_t type = state == AAFwk::ContinueState::CONTINUESTATE_INACTIVE ? DMS_UNFOCUSED_TYPE : DMS_FOCUSED_TYPE;
     int32_t ret = SendSoftbusEvent(accessTokenId, type);
     bool res = (state == AAFwk::ContinueState::CONTINUESTATE_INACTIVE)
         ? DmsRadar::GetInstance().ChangeStateUnfocusedSendEventRes("SendSoftbusEvent", ret)

services/dtbschedmgr/test/BUILD.gn

@@ -98,6 +98,7 @@ if (dmsfwk_mmi_listener) {
 }
 
 dsched_public_deps = [
+  "${dms_path}/common:distributed_sched_utils",
   "//third_party/googletest:gmock_main",
   "//third_party/googletest:gtest_main",
 ]