mirror of
https://gitee.com/openharmony/security_permission
synced 2024-11-26 22:30:24 +00:00
commit
64109f9e1c
@ -32,7 +32,7 @@ App permission management provides permission management for the application fra
|
||||
## Directory Structure<a name="section161941989596"></a>
|
||||
|
||||
```
|
||||
/base/security/permission
|
||||
/base/security/permission_lite
|
||||
├── frameworks # Frameworks
|
||||
│ └── permission_standard # Permission management framework for the standard system
|
||||
├── interfaces # APIs
|
||||
@ -291,7 +291,7 @@ This section uses the bundle manager as an example to describe the app permissio
|
||||
|
||||
This section uses the bundle manager as an example to describe how to configure access policies for APIs provided by the IPC authentication component. In this example, the service registered by BMS with Samgr is **bundlems**, and the feature registered for open APIs is **BmsFeature**.
|
||||
|
||||
1. <a name="li15901515152517"></a>Configure access policies in the **base/security/permission/services/permission\_lite/ipc\_auth/include/policy\_preset.h** file. Access policies are classified into the following three types:
|
||||
1. <a name="li15901515152517"></a>Configure access policies in the **base/security/permission\_lite/services/ipc\_auth/include/policy\_preset.h** file. Access policies are classified into the following three types:
|
||||
|
||||
1. **RANGE**: Processes with a specified range of UIDs can access BMS APIs. **uidMin** and **uidMax** must be specified.
|
||||
|
||||
|
@ -31,7 +31,7 @@ OpenHarmony中应用和系统服务均运行在独立的沙箱中,进程空间
|
||||
## 目录<a name="section161941989596"></a>
|
||||
|
||||
```
|
||||
/base/security/permission
|
||||
/base/security/permission_lite
|
||||
├── frameworks # 基础设施层
|
||||
│ └── permission_standard # 标准系统权限管理基础设施层
|
||||
├── interfaces # 接口层
|
||||
@ -289,7 +289,7 @@ OpenHarmony中应用和系统服务均运行在独立的沙箱中,进程空间
|
||||
|
||||
使用说明:以BMS服务通过IPC通信方式对外开放接口为例,讲解如何通过IPC通信鉴权组件配置对应接口的访问策略。这里BMS在Samgr中注册的service为bundlems,为开放的接口注册的Feature为BmsFeature。
|
||||
|
||||
1. 在源码路径下的头文件base/security/permission/services/permission\_lite/ipc\_auth/include/policy\_preset.h中配置相应的访问策略,访问策略主要有三种类型:
|
||||
1. 在源码路径下的头文件base/security/permission\_lite/services/ipc\_auth/include/policy\_preset.h中配置相应的访问策略,访问策略主要有三种类型:
|
||||
|
||||
(1)type为RANGE类型:允许某个特定范围UID的进程访问,需要指定uidMin和uidMax;
|
||||
|
||||
|
14
bundle.json
14
bundle.json
@ -5,7 +5,7 @@
|
||||
"license": "Apache License 2.0",
|
||||
"publishAs": "code-segment",
|
||||
"segment": {
|
||||
"destPath": "base/security/permission/services/permission_lite"
|
||||
"destPath": "base/security/permission_lite/services"
|
||||
},
|
||||
"dirs": {},
|
||||
"scripts": {},
|
||||
@ -30,30 +30,30 @@
|
||||
},
|
||||
"build": {
|
||||
"sub_component": [
|
||||
"//base/security/permission/services/permission_lite:permission_lite"
|
||||
"//base/security/permission_lite/services:permission_lite"
|
||||
],
|
||||
"inner_kits": [
|
||||
{
|
||||
"name": "//base/security/permission/services/permission_lite/pms_client:pms_client",
|
||||
"name": "//base/security/permission_lite/services/pms_client:pms_client",
|
||||
"header": {
|
||||
"header_files": [
|
||||
"pms_interface_inner.h"
|
||||
],
|
||||
"header_base": "//base/security/interfaces/innerkits/permission_lite"
|
||||
"header_base": "//base/security/permission_lite/interfaces/innerkits"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "//base/security/permission/services/permission_lite/ipc_auth:ipc_auth_target",
|
||||
"name": "//base/security/permission_lite/services/ipc_auth:ipc_auth_target",
|
||||
"header": {
|
||||
"header_files": [
|
||||
"ipc_auth_interface.h"
|
||||
],
|
||||
"header_base": "//base/security/interfaces/innerkits/permission_lite"
|
||||
"header_base": "//base/security/permission_lite/interfaces/innerkits"
|
||||
}
|
||||
}
|
||||
],
|
||||
"test": [
|
||||
"//base/security/permission/services/permission_lite/unittest:unittest"
|
||||
"//base/security/permission_lite/services/unittest:unittest"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
@ -16,7 +16,7 @@ import("//build/lite/ndk/ndk.gni")
|
||||
ndk_lib("permission_notes") {
|
||||
lib_extension = ".so"
|
||||
deps = [
|
||||
"//base/security/permission/services/permission_lite/pms_client:pms_client",
|
||||
"//base/security/permission_lite/services/pms_client:pms_client",
|
||||
]
|
||||
head_files = [ "//base/security/permission/interfaces/kits/permission_lite" ]
|
||||
head_files = [ "//base/security/permission_lite/interfaces/kits" ]
|
||||
}
|
@ -15,18 +15,18 @@ import("//build/lite/config/component/lite_component.gni")
|
||||
|
||||
lite_component("permission_lite") {
|
||||
deps = [
|
||||
"//base/security/permission/services/permission_lite/pms_base:pms_base",
|
||||
"//base/security/permission_lite/services/pms_base:pms_base",
|
||||
]
|
||||
|
||||
features = [
|
||||
"//base/security/permission/services/permission_lite/ipc_auth:ipc_auth_target",
|
||||
"//base/security/permission/services/permission_lite/pms:pms_target",
|
||||
"//base/security/permission/services/permission_lite/pms_client:pms_client",
|
||||
"//base/security/permission_lite/services/ipc_auth:ipc_auth_target",
|
||||
"//base/security/permission_lite/services/pms:pms_target",
|
||||
"//base/security/permission_lite/services/pms_client:pms_client",
|
||||
]
|
||||
|
||||
if (ohos_build_type == "debug") {
|
||||
features += [
|
||||
"//base/security/permission/services/permission_lite/unittest:unittest",
|
||||
"//base/security/permission_lite/services/unittest:unittest",
|
||||
]
|
||||
}
|
||||
}
|
@ -16,14 +16,14 @@ import("//build/lite/config/component/lite_component.gni")
|
||||
lite_library("ipc_auth_target") {
|
||||
target_type = "shared_library"
|
||||
sources = [
|
||||
"//base/security/permission/services/permission_lite/ipc_auth/src/ipc_auth_impl.c",
|
||||
"//base/security/permission/services/permission_lite/ipc_auth/src/ipc_auth_lite.c",
|
||||
"//base/security/permission_lite/services/ipc_auth/src/ipc_auth_impl.c",
|
||||
"//base/security/permission_lite/services/ipc_auth/src/ipc_auth_lite.c",
|
||||
]
|
||||
include_dirs = [
|
||||
"//base/security/permission/interfaces/innerkits/permission_lite",
|
||||
"//base/security/permission/services/permission_lite/ipc_auth/include",
|
||||
"//base/security/permission_lite/interfaces/innerkits",
|
||||
"//base/security/permission_lite/services/ipc_auth/include",
|
||||
"${ohos_product_adapter_dir}/security/permission_lite/ipc_auth/include",
|
||||
"//base/security/permission/services/permission_lite/pms_base/include",
|
||||
"//base/security/permission_lite/services/pms_base/include",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/registry",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/samgr",
|
||||
"//utils/native/lite/include",
|
||||
@ -32,7 +32,7 @@ lite_library("ipc_auth_target") {
|
||||
|
||||
deps = [
|
||||
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
|
||||
"//base/security/permission/services/permission_lite/pms_base:pms_base",
|
||||
"//base/security/permission_lite/services/pms_base:pms_base",
|
||||
"//foundation/distributedschedule/samgr_lite/samgr:samgr",
|
||||
"//third_party/bounds_checking_function:libsec_shared",
|
||||
]
|
@ -12,16 +12,16 @@
|
||||
# limitations under the License.
|
||||
|
||||
shared_library("ace_kit_permission") {
|
||||
sources = [ "//base/security/permission/services/permission_lite/js_api/src/perm_module.cpp" ]
|
||||
sources = [ "//base/security/permission_lite/services/js_api/src/perm_module.cpp" ]
|
||||
|
||||
include_dirs = [
|
||||
"include",
|
||||
"//base/security/permission/interfaces/kits/permission_lite",
|
||||
"//base/security/permission_lite/interfaces/kits",
|
||||
"//foundation/arkui/interfaces/inner_api/builtin/jsi",
|
||||
"//foundation/arkui/interfaces/inner_api/builtin/base",
|
||||
]
|
||||
deps = [
|
||||
"//base/hiviewdfx/hilog_lite/frameworks/featured:hilog_shared",
|
||||
"//base/security/permission/services/permission_lite/pms_client:pms_client",
|
||||
"//base/security/permission_lite/services/pms_client:pms_client",
|
||||
]
|
||||
}
|
@ -16,18 +16,18 @@ import("//build/lite/config/component/lite_component.gni")
|
||||
lite_library("pms_target") {
|
||||
target_type = "shared_library"
|
||||
sources = [
|
||||
"//base/security/permission/services/permission_lite/pms/src/perm_operate.c",
|
||||
"//base/security/permission/services/permission_lite/pms/src/pms_impl.c",
|
||||
"//base/security/permission/services/permission_lite/pms/src/pms_inner.c",
|
||||
"//base/security/permission/services/permission_lite/pms/src/pms_server.c",
|
||||
"//base/security/permission/services/permission_lite/pms/src/pms_server_internal.c",
|
||||
"//base/security/permission_lite/services/pms/src/perm_operate.c",
|
||||
"//base/security/permission_lite/services/pms/src/pms_impl.c",
|
||||
"//base/security/permission_lite/services/pms/src/pms_inner.c",
|
||||
"//base/security/permission_lite/services/pms/src/pms_server.c",
|
||||
"//base/security/permission_lite/services/pms/src/pms_server_internal.c",
|
||||
]
|
||||
|
||||
include_dirs = [
|
||||
"//base/security/permission/interfaces/kits/permission_lite",
|
||||
"//base/security/permission/services/permission_lite/pms/include",
|
||||
"//base/security/permission/services/permission_lite/pms/include/hals",
|
||||
"//base/security/permission/services/permission_lite/pms_base/include",
|
||||
"//base/security/permission_lite/interfaces/kits",
|
||||
"//base/security/permission_lite/services/pms/include",
|
||||
"//base/security/permission_lite/services/pms/include/hals",
|
||||
"//base/security/permission_lite/services/pms_base/include",
|
||||
"//foundation/distributedschedule/samgr_lite/samgr/adapter/",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/registry",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/samgr",
|
||||
@ -40,7 +40,7 @@ lite_library("pms_target") {
|
||||
|
||||
deps = [
|
||||
"${ohos_product_adapter_dir}/security/permission_lite:hal_pms",
|
||||
"//base/security/permission/services/permission_lite/pms_base:pms_base",
|
||||
"//base/security/permission_lite/services/pms_base:pms_base",
|
||||
"//build/lite/config/component/cJSON:cjson_shared",
|
||||
"//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single",
|
||||
"//foundation/distributedschedule/samgr_lite/samgr:samgr",
|
@ -15,9 +15,9 @@ import("//build/lite/config/component/lite_component.gni")
|
||||
|
||||
lite_library("pms_base") {
|
||||
target_type = "shared_library"
|
||||
sources = [ "//base/security/permission/services/permission_lite/pms_base/src/permission_service.c" ]
|
||||
sources = [ "//base/security/permission_lite/services/pms_base/src/permission_service.c" ]
|
||||
include_dirs = [
|
||||
"//base/security/permission/services/permission_lite/pms_base/include",
|
||||
"//base/security/permission_lite/services/pms_base/include",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/registry",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/samgr",
|
||||
"//utils/native/lite/include",
|
@ -15,13 +15,13 @@ import("//build/lite/config/component/lite_component.gni")
|
||||
|
||||
lite_library("pms_client") {
|
||||
target_type = "shared_library"
|
||||
sources = [ "//base/security/permission/services/permission_lite/pms_client/perm_client.c" ]
|
||||
sources = [ "//base/security/permission_lite/services/pms_client/perm_client.c" ]
|
||||
|
||||
include_dirs = [
|
||||
"//base/security/permission/interfaces/innerkits/permission_lite",
|
||||
"//base/security/permission/interfaces/kits/permission_lite",
|
||||
"//base/security/permission/services/permission_lite/pms/include",
|
||||
"//base/security/permission/services/permission_lite/pms_base/include",
|
||||
"//base/security/permission_lite/interfaces/innerkits",
|
||||
"//base/security/permission_lite/interfaces/kits",
|
||||
"//base/security/permission_lite/services/pms/include",
|
||||
"//base/security/permission_lite/services/pms_base/include",
|
||||
"//utils/native/lite/include",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/registry",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/samgr",
|
@ -25,19 +25,19 @@ unittest("security_test") {
|
||||
"//utils/native/lite/include",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/samgr/",
|
||||
"//foundation/distributedschedule/samgr_lite/interfaces/kits/communication/broadcast/",
|
||||
"//base/security/permission/interfaces/innerkits/permission_lite",
|
||||
"//base/security/permission/interfaces/kits/permission_lite",
|
||||
"//base/security/permission/services/permission_lite/pms_base/include",
|
||||
"//base/security/permission/services/permission_lite/pms/include",
|
||||
"//base/security/permission/services/permission_lite/ipc_auth/include",
|
||||
"//base/security/permission_lite/interfaces/innerkits",
|
||||
"//base/security/permission_lite/interfaces/kits",
|
||||
"//base/security/permission_lite/services/pms_base/include",
|
||||
"//base/security/permission_lite/services/pms/include",
|
||||
"//base/security/permission_lite/services/ipc_auth/include",
|
||||
"//third_party/bounds_checking_function/include",
|
||||
]
|
||||
|
||||
deps = [
|
||||
"//base/security/permission/services/permission_lite/ipc_auth:ipc_auth_target",
|
||||
"//base/security/permission/services/permission_lite/pms:pms_target",
|
||||
"//base/security/permission/services/permission_lite/pms_base:pms_base",
|
||||
"//base/security/permission/services/permission_lite/pms_client:pms_client",
|
||||
"//base/security/permission_lite/services/ipc_auth:ipc_auth_target",
|
||||
"//base/security/permission_lite/services/pms:pms_target",
|
||||
"//base/security/permission_lite/services/pms_base:pms_base",
|
||||
"//base/security/permission_lite/services/pms_client:pms_client",
|
||||
"//build/lite/config/component/cJSON:cjson_shared",
|
||||
"//foundation/distributedschedule/samgr_lite/communication/broadcast",
|
||||
"//foundation/distributedschedule/samgr_lite/samgr:samgr",
|
Loading…
Reference in New Issue
Block a user