Description: dlpsandbox gathering

Match-id-9831ae08ae4f3302d752ef374d04222ce53ca930

@ohos.dlpPermission.d.ts

@@ -80,6 +80,26 @@ declare namespace dlpPermission {
    */
   function isInSandbox(callback: AsyncCallback<boolean>): void;
 
+  /**
+   * Get current system sandbox policy.
+   *
+   * @returns { Promise<boolean> }
+   * @syscap SystemCapability.Security.DlpPermissionService
+   * @since 9
+   * @return whether or not.
+   */
+  function getDlpGatheringPolicy(): Promise<boolean>;
+
+  /**
+   * Get current system sandbox policy.
+   *
+   * @param { AsyncCallback<boolean> } callback
+   * @syscap SystemCapability.Security.DlpPermissionService
+   * @since 9
+   * @return whether or not.
+   */
+  function getDlpGatheringPolicy(callback: AsyncCallback<boolean>): void;
+
   /**
    * Get support DLP file type.
    *

entry/src/main/ets/DataAbility/DataAbility.ts

@@ -12,6 +12,9 @@ const INDEX_ZERO = 0;
 export default class DataAbility extends ServiceExtensionAbility {
   sandbox2linkFile: {[key: string]: [number, dlpPermission.DlpFile, string, number]} = {};
   fileOpenHistory: {[key:string]: [string, number, string, number]} = {};
+  //uri:bundleName:string, sandboxId:number, linkName:string, linkFd:number
+  authPerm2Sandbox: {[key:string]: [string, number]} = {};
+  //perm : bundlename, sandboxid
 
   isSubscriber = false;
   subscribeCallback(data): void {
@@ -24,23 +27,35 @@ export default class DataAbility extends ServiceExtensionAbility {
          delete globalThis.fileOpenHistory[item];
       }
     }
+
+    for (let item in globalThis.authPerm2Sandbox) {
+      let app = globalThis.authPerm2Sandbox[item][0] + globalThis.authPerm2Sandbox[item][1];
+      if (key == app) {
+        delete globalThis.authPerm2Sandbox[item];
+      }
+    }
+
     try {
       if (key in globalThis.sandbox2linkFile) {
-        let linkFile = globalThis.sandbox2linkFile[key];
-        fileio.closeSync(linkFile[INDEX_ZERO]);
-        let dlpFile = linkFile[INDEX_ONE];
-        try {
-          dlpFile.deleteDlpLinkFile(linkFile[INDEX_TWO]);
-        } catch (err) {
-          console.error(TAG + 'deleteDlpLinkFile error: ' + err.message + ', code: ' + err.code);
-        }
-        try {
-          dlpFile.closeDlpFile();
-        } catch (err) {
-          console.error(TAG + 'closeDlpFile error: ' + err.message + ', code: ' + err.code);
+        let fileArray = globalThis.sandbox2linkFile[key];
+        for (let i in fileArray) {
+          let linkFile = fileArray[i];
+          fileio.closeSync(linkFile[INDEX_ZERO]);
+          let dlpFile = linkFile[INDEX_ONE];
+          try {
+            dlpFile.deleteDlpLinkFile(linkFile[INDEX_TWO]);
+          } catch (err) {
+            console.error(TAG + 'deleteDlpLinkFile error: ' + err.message + ', code: ' + err.code);
+          }
+          try {
+            dlpFile.closeDlpFile();
+          } catch (err) {
+            console.error(TAG + 'closeDlpFile error: ' + err.message + ', code: ' + err.code);
+          }
         }
+
         delete globalThis.sandbox2linkFile[key];
-        console.error(TAG + 'release resource successfully');
+
         if (Object.keys(globalThis.sandbox2linkFile).length === 0) {
           console.info(TAG + 'sandbox2linkFile empty');
           globalThis.dataContext.terminateSelf();

entry/src/main/ets/ViewAbility/ViewAbility.ts

@@ -23,6 +23,7 @@ export default class ViewAbility extends ServiceExtensionAbility {
   fileName: string = '';
   uri: string = '';
   isCreated: boolean = false;
+  isGathering: boolean = true;
   alreadyOpen: boolean = false;
   userId: number = -1;
   async onCreate(want) {
@@ -33,6 +34,9 @@ export default class ViewAbility extends ServiceExtensionAbility {
     if (!globalThis.fileOpenHistory) {
       globalThis.fileOpenHistory = {};
     }
+    if (!globalThis.authPerm2Sandbox) {
+      globalThis.authPerm2Sandbox = {};
+    }
   }
 
   async startDataAbility() {
@@ -79,11 +83,16 @@ export default class ViewAbility extends ServiceExtensionAbility {
         await this.sendDlpFileOpenFault(105, this.sandboxBundleName, this.sandboxIndex, null); // 105: DLP_START_SANDBOX_ERROR
       } else {
         await this.sendDlpFileOpenEvent(203, this.sandboxBundleName, this.sandboxIndex); // 203: DLP_START_SANDBOX_SUCCESS
-        globalThis.sandbox2linkFile[this.sandboxBundleName + this.sandboxIndex] =
-        [this.linkFd, this.dlpFile, this.linkFileName, this.dlpFd];
+        if (globalThis.sandbox2linkFile[this.sandboxBundleName + this.sandboxIndex] == undefined) {
+          globalThis.sandbox2linkFile[this.sandboxBundleName + this.sandboxIndex] =  new Array;
+        }
+
         if (!this.alreadyOpen) {
+          globalThis.sandbox2linkFile[this.sandboxBundleName + this.sandboxIndex].push([this.linkFd,
+          this.dlpFile, this.linkFileName, this.dlpFd])
           globalThis.fileOpenHistory[this.uri] =
-            [this.sandboxBundleName, this.sandboxIndex, this.linkFileName, this.linkFd];
+          [this.sandboxBundleName, this.sandboxIndex, this.linkFileName, this.linkFd]
+          globalThis.authPerm2Sandbox[this.authPerm] = [this.sandboxBundleName, this.sandboxIndex]
         }
 
         await this.startDataAbility();
@@ -192,7 +201,12 @@ export default class ViewAbility extends ServiceExtensionAbility {
       return;
     }
     hiTraceMeter.startTrace('DlpInstallSandboxJs', startId);
+    let sortByAuthPerm: boolean = false;
+    this.alreadyOpen = false;
+
     try {
+      this.isGathering = await dlpPermission.getDlpGatheringPolicy();
+
       if (globalThis.fileOpenHistory[this.uri] !== undefined) {
         console.info(TAG + 'file：' + this.fileName + ' already open');
         this.sandboxIndex = globalThis.fileOpenHistory[this.uri][1];
@@ -200,7 +214,13 @@ export default class ViewAbility extends ServiceExtensionAbility {
         this.linkFd = globalThis.fileOpenHistory[this.uri][3];
         this.alreadyOpen = true;
       }
-      if (!this.alreadyOpen) {
+
+      if (globalThis.authPerm2Sandbox[this.authPerm] !== undefined && this.isGathering) {
+        this.sandboxIndex = globalThis.authPerm2Sandbox[this.authPerm][1];
+        sortByAuthPerm = true;
+      }
+
+      if (!this.alreadyOpen && !sortByAuthPerm) {
         this.sandboxIndex = await dlpPermission.installDlpSandbox(this.sandboxBundleName,
         this.authPerm, this.userId);
       }

entry/src/main/ets/pages/index.ets

@@ -70,15 +70,16 @@ struct DlpDialog {
       console.info(TAG + "in sandbox")
       try {
         for (var key in globalThis.sandbox2linkFile) {
-          if (globalThis.sandbox2linkFile[key][2] == linkFileName) {
-            var linkFile = globalThis.sandbox2linkFile[key]
-            for (var i = 0; i < linkFile[1].dlpProperty.authUsers.length; ++i) {
-              var authUser = linkFile[1].dlpProperty.authUsers[i]
+          for (var j in globalThis.sandbox2linkFile[key]) {
+            if (globalThis.sandbox2linkFile[key][j][2] == linkFileName) {
+              var linkFile = globalThis.sandbox2linkFile[key][j];
+              for (var i = 0; i < linkFile[1].dlpProperty.authUsers.length; ++i) {
+                var authUser = linkFile[1].dlpProperty.authUsers[i];
               if (authUser.authAccount == globalThis.accountInfo.distributedInfo.name) {
-                this.authPerm = authUser.authPerm
+                this.authPerm = authUser.authPerm;
                 if (authUser.authPerm == dlpPermission.AuthPermType.READ_ONLY) {
-                  console.info(TAG+" dlpPermission.AuthPermType.READ_ONLY")
-                  this.isReadPermission = true
+                  console.info(TAG+" dlpPermission.AuthPermType.READ_ONLY");
+                  this.isReadPermission = true;
                 }
               }
             }
@@ -88,6 +89,7 @@ struct DlpDialog {
             this.needProtect = true
             this.isShow = true
             return
+            }
           }
         }
         console.error(TAG + "requestIsFromSandBox can not find dilFile by linkFileName " + linkFileName)