mirror of
https://gitee.com/openharmony/security_permission
synced 2024-10-07 10:13:22 +00:00
删除权限代码的功能实现,由于其他子系统还有引用,inner接口暂时保留
Signed-off-by: xbingle <xiaobin3@huawei.com>
This commit is contained in:
parent
2c776643dd
commit
b999493082
13
BUILD.gn
13
BUILD.gn
@ -16,19 +16,6 @@ group("permission_build_module_standard") {
|
||||
if (is_standard_system) {
|
||||
deps = [
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk:libpermissionsdk_standard",
|
||||
"//base/security/permission/services/permission_standard/permissionmanagerservice:permission_manager_service_standard",
|
||||
"//base/security/permission/services/permission_standard/permissionmanagerservice/main/sa_profile:permission_sa_profile_standard",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
group("permission_build_module_standard_test") {
|
||||
testonly = true
|
||||
deps = []
|
||||
if (is_standard_system) {
|
||||
deps += [
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/test:unittest",
|
||||
"//base/security/permission/services/permission_standard/permissionmanagerservice/test:unittest",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
@ -1,43 +0,0 @@
|
||||
# Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/ohos.gni")
|
||||
|
||||
################################################################
|
||||
# C++, Main source file here.
|
||||
################################################################
|
||||
config("permission_standard_communication_adapter_cxx_public_config") {
|
||||
visibility = [ ":*" ]
|
||||
include_dirs = [ "main/cpp/include" ]
|
||||
}
|
||||
|
||||
ohos_shared_library("permission_standard_communication_adapter_cxx") {
|
||||
subsystem_name = "security"
|
||||
part_name = "permission_standard"
|
||||
|
||||
public_configs =
|
||||
[ ":permission_standard_communication_adapter_cxx_public_config" ]
|
||||
|
||||
include_dirs = [
|
||||
"main/cpp/include",
|
||||
"main/cpp/src",
|
||||
"//utils/native/base/include",
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
|
||||
]
|
||||
|
||||
sources = [ "main/cpp/src/permission_def_parcel.cpp" ]
|
||||
|
||||
deps = [ "//utils/native/base:utils" ]
|
||||
|
||||
external_deps = [ "ipc:ipc_core" ]
|
||||
}
|
@ -1,85 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef I_PERMISSION_MANAGER_H
|
||||
#define I_PERMISSION_MANAGER_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "permission_def_parcel.h"
|
||||
|
||||
#include "iremote_broker.h"
|
||||
#include "errors.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class IPermissionManager : public IRemoteBroker {
|
||||
public:
|
||||
static const int SA_ID_PERMISSION_MANAGER_SERVICE = 3501;
|
||||
|
||||
DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.permission.IPermissionManager");
|
||||
|
||||
virtual int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0;
|
||||
|
||||
virtual bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0;
|
||||
|
||||
virtual int GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) = 0;
|
||||
|
||||
virtual int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) = 0;
|
||||
|
||||
virtual int RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) = 0;
|
||||
|
||||
virtual int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) = 0;
|
||||
|
||||
virtual int AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId) = 0;
|
||||
|
||||
virtual int AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList) = 0;
|
||||
|
||||
virtual int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) = 0;
|
||||
|
||||
virtual int RemoveSystemGrantedReqPermissions(const std::string& bundleName) = 0;
|
||||
|
||||
virtual int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) = 0;
|
||||
|
||||
virtual int RemoveDefPermissions(const std::string& bundleName) = 0;
|
||||
|
||||
virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0;
|
||||
|
||||
enum class InterfaceCode {
|
||||
VERIFY_PERMISSION = 0xff01,
|
||||
CAN_REQUEST_PERMISSION = 0xff02,
|
||||
GRANT_USER_GRANTED_PERMISSION = 0xff03,
|
||||
GRANT_SYSTEM_GRANTED_PERMISSION = 0xff04,
|
||||
REVOKE_USER_GRANTED_PERMISSION = 0xff05,
|
||||
REVOKE_SYSTEM_GRANTED_PERMISSION = 0xff06,
|
||||
ADD_USER_GRANTED_REQ_PERMISSIONS = 0xff07,
|
||||
ADD_SYSTEM_GRANTED_REQ_PERMISSIONS = 0xff08,
|
||||
REMOVE_USER_GRANTED_REQ_PERMISSIONS = 0xff09,
|
||||
REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS = 0xff10,
|
||||
ADD_DEF_PERMISSIONS = 0xff11,
|
||||
REMOVE_DEF_PERMISSIONS = 0xff12,
|
||||
GET_DEF_PERMISSION = 0xff13,
|
||||
};
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // I_PERMISSION_MANAGER_H
|
@ -1,40 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_DEF_PARCEL_H
|
||||
#define PERMISSION_DEF_PARCEL_H
|
||||
|
||||
#include "permission_def.h"
|
||||
|
||||
#include "parcel.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
struct PermissionDefParcel final : public Parcelable {
|
||||
PermissionDefParcel() = default;
|
||||
|
||||
~PermissionDefParcel() override = default;
|
||||
|
||||
bool Marshalling(Parcel& out) const override;
|
||||
|
||||
static PermissionDefParcel* Unmarshalling(Parcel& in);
|
||||
|
||||
PermissionDef permissionDef;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_DEF_PARCEL_H
|
@ -1,62 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_def_parcel.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
#define RETURN_IF_FALSE(expr) \
|
||||
if (!(expr)) { \
|
||||
return false; \
|
||||
}
|
||||
|
||||
#define RELEASE_IF_FALSE(expr, obj) \
|
||||
if (!(expr)) { \
|
||||
delete (obj); \
|
||||
(obj) = nullptr; \
|
||||
return (obj); \
|
||||
}
|
||||
|
||||
bool PermissionDefParcel::Marshalling(Parcel& out) const
|
||||
{
|
||||
RETURN_IF_FALSE(out.WriteString(this->permissionDef.permissionName));
|
||||
RETURN_IF_FALSE(out.WriteString(this->permissionDef.bundleName));
|
||||
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.grantMode));
|
||||
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableScope));
|
||||
RETURN_IF_FALSE(out.WriteString(this->permissionDef.label));
|
||||
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.labelId));
|
||||
RETURN_IF_FALSE(out.WriteString(this->permissionDef.description));
|
||||
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId));
|
||||
return true;
|
||||
}
|
||||
|
||||
PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in)
|
||||
{
|
||||
auto* permissionDefParcel = new (std::nothrow) PermissionDefParcel();
|
||||
RELEASE_IF_FALSE(permissionDefParcel != nullptr, permissionDefParcel);
|
||||
permissionDefParcel->permissionDef.permissionName = in.ReadString();
|
||||
permissionDefParcel->permissionDef.bundleName = in.ReadString();
|
||||
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.grantMode), permissionDefParcel);
|
||||
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.availableScope), permissionDefParcel);
|
||||
permissionDefParcel->permissionDef.label = in.ReadString();
|
||||
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.labelId), permissionDefParcel);
|
||||
permissionDefParcel->permissionDef.description = in.ReadString();
|
||||
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.descriptionId), permissionDefParcel);
|
||||
return permissionDefParcel;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,38 +0,0 @@
|
||||
# Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/ohos.gni")
|
||||
|
||||
################################################################
|
||||
# C++, Main source file here.
|
||||
################################################################
|
||||
config("permission_standard_infrastructure_cxx_public_config") {
|
||||
visibility = [ ":*" ]
|
||||
include_dirs = [ "main/cpp/include" ]
|
||||
}
|
||||
|
||||
ohos_shared_library("permission_standard_infrastructure_cxx") {
|
||||
subsystem_name = "security"
|
||||
part_name = "permission_standard"
|
||||
|
||||
public_configs = [ ":permission_standard_infrastructure_cxx_public_config" ]
|
||||
|
||||
include_dirs = []
|
||||
|
||||
sources = [ "main/cpp/src/data_validator.cpp" ]
|
||||
|
||||
deps = [ "//utils/native/base:utils" ]
|
||||
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
|
||||
|
||||
cflags_cc = [ "-DHILOG_ENABLE" ]
|
||||
}
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <string>
|
||||
|
||||
#ifndef DATA_VALIDATOR_H
|
||||
#define DATA_VALIDATOR_H
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class DataValidator final {
|
||||
public:
|
||||
static bool IsBundleNameValid(const std::string& bundleName);
|
||||
|
||||
static bool IsPermissionNameValid(const std::string& permissionName);
|
||||
|
||||
static bool IsUserIdValid(const int userId);
|
||||
|
||||
private:
|
||||
const static int MAX_LENGTH = 256;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // DATA_VALIDATOR_H
|
@ -1,63 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_LOG_H
|
||||
#define PERMISSION_LOG_H
|
||||
|
||||
#ifdef HILOG_ENABLE
|
||||
|
||||
#include "hilog/log.h"
|
||||
|
||||
#ifndef __cplusplus
|
||||
|
||||
#define PERMISSION_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__)
|
||||
|
||||
#else
|
||||
|
||||
#define PERMISSION_LOG_DEBUG(label, fmt, ...) OHOS::HiviewDFX::HiLog::Debug(label, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_INFO(label, fmt, ...) OHOS::HiviewDFX::HiLog::Info(label, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_WARN(label, fmt, ...) OHOS::HiviewDFX::HiLog::Warn(label, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_ERROR(label, fmt, ...) OHOS::HiviewDFX::HiLog::Error(label, fmt, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_FATAL(label, fmt, ...) OHOS::HiviewDFX::HiLog::Fatal(label, fmt, ##__VA_ARGS__)
|
||||
|
||||
#endif // __cplusplus
|
||||
|
||||
/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */
|
||||
#undef LOG_TAG
|
||||
#undef LOG_DOMAIN
|
||||
|
||||
static constexpr unsigned int SECURITY_DOMAIN_PERMISSION = 0xD002F01;
|
||||
|
||||
#else
|
||||
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
|
||||
/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */
|
||||
#undef LOG_TAG
|
||||
|
||||
#define PERMISSION_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
|
||||
#define PERMISSION_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
|
||||
|
||||
#endif // HILOG_ENABLE
|
||||
|
||||
#endif // PERMISSION_LOG_H
|
@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef TEST_CONST_H
|
||||
#define TEST_CONST_H
|
||||
|
||||
#include <string>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
static const std::string TEST_BUNDLE_NAME = "ohos";
|
||||
static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
|
||||
static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
|
||||
static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA";
|
||||
static const std::string TEST_LABEL = "test label";
|
||||
static const std::string TEST_DESCRIPTION = "test description";
|
||||
|
||||
static const int TEST_LABEL_ID = 9527;
|
||||
static const int TEST_DESCRIPTION_ID = 9528;
|
||||
static const int TEST_INVALID_USER_ID = -1;
|
||||
static const int TEST_USER_ID = 0;
|
||||
static const int TEST_SUB_USER_ID = 10;
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // TEST_CONST_H
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "data_validator.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
bool DataValidator::IsBundleNameValid(const std::string& bundleName)
|
||||
{
|
||||
return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH);
|
||||
}
|
||||
|
||||
bool DataValidator::IsPermissionNameValid(const std::string& permissionName)
|
||||
{
|
||||
return !permissionName.empty() && (permissionName.length() <= MAX_LENGTH);
|
||||
}
|
||||
|
||||
bool DataValidator::IsUserIdValid(const int userId)
|
||||
{
|
||||
return userId >= 0;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -38,20 +38,12 @@ ohos_shared_library("libpermissionsdk_standard") {
|
||||
|
||||
sources = [
|
||||
"main/cpp/src/permission/permission_kit.cpp",
|
||||
"main/cpp/src/permission/permission_manager_client.cpp",
|
||||
"main/cpp/src/permission/permission_manager_proxy.cpp",
|
||||
]
|
||||
|
||||
deps = [
|
||||
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
|
||||
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
|
||||
"//utils/native/base:utils",
|
||||
]
|
||||
|
||||
external_deps = [
|
||||
"hiviewdfx_hilog_native:libhilog",
|
||||
"ipc:ipc_core",
|
||||
"samgr_standard:samgr_proxy",
|
||||
]
|
||||
|
||||
cflags_cc = [ "-DHILOG_ENABLE" ]
|
||||
|
@ -1,227 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_manager_client.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
#include "iservice_registry.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerClient"};
|
||||
} // namespace
|
||||
|
||||
PermissionManagerClient& PermissionManagerClient::GetInstance()
|
||||
{
|
||||
static PermissionManagerClient instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
PermissionManagerClient::PermissionManagerClient()
|
||||
{}
|
||||
|
||||
PermissionManagerClient::~PermissionManagerClient()
|
||||
{}
|
||||
|
||||
int PermissionManagerClient::VerifyPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
return proxy->VerifyPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
bool PermissionManagerClient::CanRequestPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return false;
|
||||
}
|
||||
return proxy->CanRequestPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->GrantUserGrantedPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::GrantSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->GrantSystemGrantedPermission(bundleName, permissionName);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->RevokeUserGrantedPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::RevokeSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->RevokeSystemGrantedPermission(bundleName, permissionName);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->AddUserGrantedReqPermissions(bundleName, permList, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->AddSystemGrantedReqPermissions(bundleName, permList);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->RemoveUserGrantedReqPermissions(bundleName, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::RemoveSystemGrantedReqPermissions(const std::string& bundleName) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->RemoveSystemGrantedReqPermissions(bundleName);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::AddDefPermissions(const std::vector<PermissionDef>& permDefList) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
std::vector<PermissionDefParcel> parcelList;
|
||||
for (auto permDef : permDefList) {
|
||||
PermissionDefParcel parcel;
|
||||
parcel.permissionDef = permDef;
|
||||
parcelList.emplace_back(parcel);
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) parcelList.size());
|
||||
return proxy->AddDefPermissions(parcelList);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::RemoveDefPermissions(const std::string& bundleName) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return proxy->RemoveDefPermissions(bundleName);
|
||||
}
|
||||
|
||||
int PermissionManagerClient::GetDefPermission(
|
||||
const std::string& permissionName, PermissionDef& permissionDefResult) const
|
||||
{
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
|
||||
auto proxy = GetProxy();
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
PermissionDefParcel permissionDefParcel;
|
||||
int result = proxy->GetDefPermission(permissionName, permissionDefParcel);
|
||||
permissionDefResult = permissionDefParcel.permissionDef;
|
||||
return result;
|
||||
}
|
||||
|
||||
sptr<IPermissionManager> PermissionManagerClient::GetProxy() const
|
||||
{
|
||||
auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
|
||||
if (sam == nullptr) {
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__);
|
||||
return nullptr;
|
||||
}
|
||||
auto permissionSa = sam->GetSystemAbility(IPermissionManager::SA_ID_PERMISSION_MANAGER_SERVICE);
|
||||
if (permissionSa == nullptr) {
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__,
|
||||
IPermissionManager::SA_ID_PERMISSION_MANAGER_SERVICE);
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
auto proxy = iface_cast<IPermissionManager>(permissionSa);
|
||||
if (proxy == nullptr) {
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__);
|
||||
return nullptr;
|
||||
}
|
||||
return proxy;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,72 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_MANAGER_CLIENT_H
|
||||
#define PERMISSION_MANAGER_CLIENT_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "i_permission_manager.h"
|
||||
#include "permission/permission_def.h"
|
||||
|
||||
#include "nocopyable.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionManagerClient final {
|
||||
public:
|
||||
static PermissionManagerClient& GetInstance();
|
||||
|
||||
virtual ~PermissionManagerClient();
|
||||
|
||||
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
int GrantUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) const;
|
||||
|
||||
int RevokeUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) const;
|
||||
|
||||
int AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId) const;
|
||||
|
||||
int AddSystemGrantedReqPermissions(const std::string& bundleName, const std::vector<std::string>& permList) const;
|
||||
|
||||
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) const;
|
||||
|
||||
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) const;
|
||||
|
||||
int AddDefPermissions(const std::vector<PermissionDef>& permDefList) const;
|
||||
|
||||
int RemoveDefPermissions(const std::string& bundleName) const;
|
||||
|
||||
int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) const;
|
||||
|
||||
private:
|
||||
PermissionManagerClient();
|
||||
|
||||
DISALLOW_COPY_AND_MOVE(PermissionManagerClient);
|
||||
|
||||
sptr<IPermissionManager> GetProxy() const;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_MANAGER_CLIENT_H
|
@ -1,482 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_manager_proxy.h"
|
||||
|
||||
#include "permission/permission.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
#include "parcel.h"
|
||||
#include "string_ex.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerProxy"};
|
||||
}
|
||||
|
||||
PermissionManagerProxy::PermissionManagerProxy(const sptr<IRemoteObject>& impl) : IRemoteProxy<IPermissionManager>(impl)
|
||||
{}
|
||||
|
||||
PermissionManagerProxy::~PermissionManagerProxy()
|
||||
{}
|
||||
|
||||
int PermissionManagerProxy::VerifyPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::VERIFY_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
bool PermissionManagerProxy::CanRequestPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return false;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return false;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return false;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return false;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::CAN_REQUEST_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return false;
|
||||
}
|
||||
|
||||
bool result = reply.ReadBool();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_USER_GRANTED_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::GrantSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_SYSTEM_GRANTED_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_USER_GRANTED_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::RevokeSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult =
|
||||
remote->SendRequest(static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_SYSTEM_GRANTED_PERMISSION),
|
||||
data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteStringVector(permList)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permList", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult =
|
||||
remote->SendRequest(static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_USER_GRANTED_REQ_PERMISSIONS),
|
||||
data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteStringVector(permList)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permList", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_SYSTEM_GRANTED_REQ_PERMISSIONS), data, reply,
|
||||
option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
if (!data.WriteInt32(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_USER_GRANTED_REQ_PERMISSIONS), data, reply,
|
||||
option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS), data, reply,
|
||||
option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteInt32(permDefList.size())) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permDefList's size", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
for (auto permissionDef : permDefList) {
|
||||
if (!data.WriteParcelable(&permissionDef)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_DEF_PERMISSIONS), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::RemoveDefPermissions(const std::string& bundleName)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_DEF_PERMISSIONS), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
|
||||
int PermissionManagerProxy::GetDefPermission(
|
||||
const std::string& permissionName, PermissionDefParcel& permissionDefResult)
|
||||
{
|
||||
MessageParcel data;
|
||||
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
|
||||
if (!data.WriteString(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
|
||||
MessageParcel reply;
|
||||
MessageOption option;
|
||||
sptr<IRemoteObject> remote = Remote();
|
||||
if (remote == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
int32_t requestResult = remote->SendRequest(
|
||||
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GET_DEF_PERMISSION), data, reply, option);
|
||||
if (requestResult != NO_ERROR) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
|
||||
return RET_FAILED;
|
||||
}
|
||||
sptr<PermissionDefParcel> resultSptr = reply.ReadParcelable<PermissionDefParcel>();
|
||||
if (resultSptr == nullptr) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
permissionDefResult = *resultSptr;
|
||||
int32_t result = reply.ReadInt32();
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
|
||||
return result;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,67 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_MANAGER_PROXY_H
|
||||
#define PERMISSION_MANAGER_PROXY_H
|
||||
|
||||
#include "i_permission_manager.h"
|
||||
|
||||
#include "iremote_proxy.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionManagerProxy : public IRemoteProxy<IPermissionManager> {
|
||||
public:
|
||||
explicit PermissionManagerProxy(const sptr<IRemoteObject>& impl);
|
||||
virtual ~PermissionManagerProxy() override;
|
||||
|
||||
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
|
||||
|
||||
int RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
|
||||
|
||||
int AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId) override;
|
||||
|
||||
int AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList) override;
|
||||
|
||||
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) override;
|
||||
|
||||
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) override;
|
||||
|
||||
int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) override;
|
||||
|
||||
int RemoveDefPermissions(const std::string& bundleName) override;
|
||||
|
||||
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
|
||||
|
||||
private:
|
||||
static inline BrokerDelegator<PermissionManagerProxy> delegator_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_MANAGER_PROXY_H
|
@ -1,40 +0,0 @@
|
||||
# Copyright (C) 2021 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/test.gni")
|
||||
|
||||
ohos_unittest("libpermissionsdk_standard_test") {
|
||||
subsystem_name = "security"
|
||||
part_name = "permission_standard"
|
||||
module_out_path = part_name + "/" + part_name
|
||||
|
||||
include_dirs = [
|
||||
"//utils/native/base/include",
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission/",
|
||||
]
|
||||
|
||||
sources = [ "unittest/cpp/src/permission_kit_test.cpp" ]
|
||||
|
||||
cflags_cc = [ "-DHILOG_ENABLE" ]
|
||||
|
||||
deps = [
|
||||
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk:libpermissionsdk_standard",
|
||||
"//utils/native/base:utils",
|
||||
]
|
||||
}
|
||||
|
||||
group("unittest") {
|
||||
testonly = true
|
||||
deps = [ ":libpermissionsdk_standard_test" ]
|
||||
}
|
@ -1,133 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_kit_test.h"
|
||||
|
||||
#include "test_const.h"
|
||||
#include "permission_kit.h"
|
||||
|
||||
using namespace testing::ext;
|
||||
using namespace OHOS::Security::Permission;
|
||||
|
||||
void PermissionKitTest::SetUpTestCase()
|
||||
{}
|
||||
|
||||
void PermissionKitTest::TearDownTestCase()
|
||||
{}
|
||||
|
||||
void PermissionKitTest::SetUp()
|
||||
{}
|
||||
|
||||
void PermissionKitTest::TearDown()
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: AddDefPermissions001
|
||||
* @tc.desc: Get permission definition info successfully after AddDefPermissions function has been invoked
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, AddDefPermissions001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: RemoveDefPermissions001
|
||||
* @tc.desc: Cannot get permission definition info after RemoveDefPermissions has been invoked
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, RemoveDefPermissions001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermission001
|
||||
* @tc.desc: Verify user granted permission
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermission001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermission002
|
||||
* @tc.desc: Verify system granted permission
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermission002, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermission003
|
||||
* @tc.desc: Verify permission that has not been defined.
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermission003, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermissionErrorUserGrant001
|
||||
* @tc.desc: Verify permission error that user granted but request system granted.
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermissionErrorUserGrant001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermissionErrorUserGrant002
|
||||
* @tc.desc: Verify permission error that user granted but grant system granted.
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermissionErrorUserGrant002, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermissionErrorSystemGrant001
|
||||
* @tc.desc: Verify permission error that system granted but request user granted.
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermissionErrorSystemGrant001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: VerifyPermissionErrorSystemGrant002
|
||||
* @tc.desc: Verify permission error that system granted but grant user granted.
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, VerifyPermissionErrorSystemGrant002, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: CanRequestPermission001
|
||||
* @tc.desc: For user granted permission and permission is granted, can request permission
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, CanRequestPermission001, TestSize.Level0)
|
||||
{}
|
||||
|
||||
/**
|
||||
* @tc.name: CanRequestPermission001
|
||||
* @tc.desc: For non user granted permission, can not request permission
|
||||
* @tc.type: FUNC
|
||||
* @tc.require:
|
||||
*/
|
||||
HWTEST_F(PermissionKitTest, CanRequestPermission002, TestSize.Level0)
|
||||
{}
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_KIT_TEST_H
|
||||
#define PERMISSION_KIT_TEST_H
|
||||
|
||||
#include <gtest/gtest.h>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionKitTest : public testing::Test {
|
||||
public:
|
||||
static void SetUpTestCase();
|
||||
|
||||
static void TearDownTestCase();
|
||||
|
||||
void SetUp();
|
||||
|
||||
void TearDown();
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_KIT_TEST_H
|
@ -22,9 +22,6 @@
|
||||
"module_list": [
|
||||
"//base/security/permission:permission_build_module_standard"
|
||||
],
|
||||
"test_list": [
|
||||
"//base/security/permission:permission_build_module_standard_test"
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,58 +0,0 @@
|
||||
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/ohos.gni")
|
||||
|
||||
ohos_shared_library("permission_manager_service_standard") {
|
||||
subsystem_name = "security"
|
||||
part_name = "permission_standard"
|
||||
|
||||
include_dirs = [
|
||||
"include",
|
||||
"//utils/system/safwk/native/include",
|
||||
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure",
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
|
||||
]
|
||||
|
||||
sources = [
|
||||
"main/cpp/src/data_storage.cpp",
|
||||
"main/cpp/src/data_translator.cpp",
|
||||
"main/cpp/src/generic_values.cpp",
|
||||
"main/cpp/src/permission_definition_cache.cpp",
|
||||
"main/cpp/src/permission_definition_manager.cpp",
|
||||
"main/cpp/src/permission_manager_service.cpp",
|
||||
"main/cpp/src/permission_manager_stub.cpp",
|
||||
"main/cpp/src/permission_state_cache.cpp",
|
||||
"main/cpp/src/permission_state_manager.cpp",
|
||||
"main/cpp/src/sqlite_helper.cpp",
|
||||
"main/cpp/src/sqlite_storage.cpp",
|
||||
"main/cpp/src/statement.cpp",
|
||||
"main/cpp/src/variant_value.cpp",
|
||||
]
|
||||
|
||||
cflags_cc = [ "-DHILOG_ENABLE" ]
|
||||
|
||||
deps = [
|
||||
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
|
||||
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
|
||||
"//third_party/sqlite:sqlite",
|
||||
"//utils/native/base:utils",
|
||||
]
|
||||
|
||||
external_deps = [
|
||||
"hiviewdfx_hilog_native:libhilog",
|
||||
"ipc:ipc_core",
|
||||
"safwk:system_ability_fwk",
|
||||
"samgr_standard:samgr_proxy",
|
||||
]
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "data_storage.h"
|
||||
|
||||
#include "sqlite_storage.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
DataStorage& DataStorage::GetRealDataStorage()
|
||||
{
|
||||
return SqliteStorage::GetInstance();
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,49 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef DATA_STORAGE_H
|
||||
#define DATA_STORAGE_H
|
||||
|
||||
#include <vector>
|
||||
#include <map>
|
||||
|
||||
#include "generic_values.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class DataStorage {
|
||||
public:
|
||||
enum DataType { PERMISSION_DEF, PERMISSIONS_STAT_USER_GRANTED, PERMISSIONS_STAT_SYSTEM_GRANTED };
|
||||
|
||||
static DataStorage& GetRealDataStorage();
|
||||
|
||||
virtual ~DataStorage() = default;
|
||||
|
||||
virtual int Add(const DataType type, const std::vector<GenericValues>& values) = 0;
|
||||
|
||||
virtual int Remove(const DataType type, const GenericValues& conditions) = 0;
|
||||
|
||||
virtual int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) = 0;
|
||||
|
||||
virtual int Find(const DataType type, std::vector<GenericValues>& results) = 0;
|
||||
|
||||
virtual int RefreshAll(const DataType type, const std::vector<GenericValues>& values) = 0;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // DATA_STORAGE_H
|
@ -1,82 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "data_translator.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "field_const.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef)
|
||||
{
|
||||
outPermissionDef.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME);
|
||||
outPermissionDef.bundleName = inGenericValues.GetString(FIELD_BUNDLE_NAME);
|
||||
outPermissionDef.grantMode = inGenericValues.GetInt(FIELD_GRANT_MODE);
|
||||
outPermissionDef.availableScope = inGenericValues.GetInt(FIELD_AVAILABLE_SCOPE);
|
||||
outPermissionDef.label = inGenericValues.GetString(FIELD_LABEL);
|
||||
outPermissionDef.labelId = inGenericValues.GetInt(FIELD_LABEL_ID);
|
||||
outPermissionDef.description = inGenericValues.GetString(FIELD_DESCRIPTION);
|
||||
outPermissionDef.descriptionId = inGenericValues.GetInt(FIELD_DESCRIPTION_ID);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues)
|
||||
{
|
||||
outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionDef.permissionName);
|
||||
outGenericValues.Put(FIELD_BUNDLE_NAME, inPermissionDef.bundleName);
|
||||
outGenericValues.Put(FIELD_GRANT_MODE, inPermissionDef.grantMode);
|
||||
outGenericValues.Put(FIELD_AVAILABLE_SCOPE, inPermissionDef.availableScope);
|
||||
outGenericValues.Put(FIELD_LABEL, inPermissionDef.label);
|
||||
outGenericValues.Put(FIELD_LABEL_ID, inPermissionDef.labelId);
|
||||
outGenericValues.Put(FIELD_DESCRIPTION, inPermissionDef.description);
|
||||
outGenericValues.Put(FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int DataTranslator::TranslationIntoPermissionReq(const GenericValues& inGenericValues, PermissionReq& outPermissionReq)
|
||||
{
|
||||
outPermissionReq.reqPermissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME);
|
||||
outPermissionReq.isGranted = inGenericValues.GetInt(FIELD_GRANTED) != 0;
|
||||
outPermissionReq.flags = inGenericValues.GetInt(FIELD_FLAGS);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int DataTranslator::TranslationIntoGenericValues(const PermissionReq& inPermissionReq, GenericValues& outGenericValues)
|
||||
{
|
||||
outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionReq.reqPermissionName);
|
||||
outGenericValues.Put(FIELD_GRANTED, inPermissionReq.isGranted ? 1 : 0);
|
||||
outGenericValues.Put(FIELD_FLAGS, inPermissionReq.flags);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
std::string DataTranslator::ToString(const PermissionDef& inPermissionDef)
|
||||
{
|
||||
std::string infos;
|
||||
infos.append(R"({"permissionName": ")" + inPermissionDef.permissionName + R"(")");
|
||||
infos.append(R"(, "bundleName": ")" + inPermissionDef.bundleName + R"(")");
|
||||
infos.append(R"(, "grantMode": )" + std::to_string(inPermissionDef.grantMode));
|
||||
infos.append(R"(, "availableScope": )" + std::to_string(inPermissionDef.availableScope));
|
||||
infos.append(R"(, "label": ")" + inPermissionDef.label + R"(")");
|
||||
infos.append(R"(, "labelId": )" + std::to_string(inPermissionDef.labelId));
|
||||
infos.append(R"(, "description": ")" + inPermissionDef.description + R"(")");
|
||||
infos.append(R"(, "descriptionId": )" + std::to_string(inPermissionDef.descriptionId));
|
||||
infos.append("}");
|
||||
return infos;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef DATA_TRANSLATOR_H
|
||||
#define DATA_TRANSLATOR_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "permission_def.h"
|
||||
#include "permission_req.h"
|
||||
#include "generic_values.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class DataTranslator final {
|
||||
public:
|
||||
static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef);
|
||||
static int TranslationIntoPermissionReq(const GenericValues& inGenericValues, PermissionReq& outPermissionReq);
|
||||
static int TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues);
|
||||
static int TranslationIntoGenericValues(const PermissionReq& inPermissionReq, GenericValues& outGenericValues);
|
||||
static std::string ToString(const PermissionDef& inPermissionDef);
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // DATA_TRANSLATOR_H
|
@ -1,38 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef FIELD_CONST_H
|
||||
#define FIELD_CONST_H
|
||||
|
||||
#include <string>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
const std::string FIELD_PERMISSION_NAME = "permission_name";
|
||||
const std::string FIELD_BUNDLE_NAME = "bundle_name";
|
||||
const std::string FIELD_GRANT_MODE = "grant_mode";
|
||||
const std::string FIELD_AVAILABLE_SCOPE = "available_scope";
|
||||
const std::string FIELD_LABEL = "label";
|
||||
const std::string FIELD_LABEL_ID = "label_id";
|
||||
const std::string FIELD_DESCRIPTION = "description";
|
||||
const std::string FIELD_DESCRIPTION_ID = "description_id";
|
||||
const std::string FIELD_USER_ID = "user_id";
|
||||
const std::string FIELD_GRANTED = "granted";
|
||||
const std::string FIELD_FLAGS = "flags";
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // FIELD_CONST_H
|
@ -1,73 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "generic_values.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
void GenericValues::Put(const std::string& key, int value)
|
||||
{
|
||||
map_.insert(std::make_pair(key, VariantValue(value)));
|
||||
}
|
||||
|
||||
void GenericValues::Put(const std::string& key, const std::string& value)
|
||||
{
|
||||
map_.insert(std::make_pair(key, VariantValue(value)));
|
||||
}
|
||||
|
||||
void GenericValues::Put(const std::string& key, const VariantValue& value)
|
||||
{
|
||||
map_.insert(std::make_pair(key, value));
|
||||
}
|
||||
|
||||
VariantValue GenericValues::Get(const std::string& key) const
|
||||
{
|
||||
auto iter = map_.find(key);
|
||||
if (iter == map_.end()) {
|
||||
return VariantValue();
|
||||
}
|
||||
return iter->second;
|
||||
}
|
||||
|
||||
int GenericValues::GetInt(const std::string& key) const
|
||||
{
|
||||
auto it = map_.find(key);
|
||||
if (it == map_.end()) {
|
||||
return VariantValue::DEFAULT_VALUE;
|
||||
}
|
||||
return it->second.GetInt();
|
||||
}
|
||||
|
||||
std::string GenericValues::GetString(const std::string& key) const
|
||||
{
|
||||
auto it = map_.find(key);
|
||||
if (it == map_.end()) {
|
||||
return std::string();
|
||||
}
|
||||
return it->second.GetString();
|
||||
}
|
||||
|
||||
std::vector<std::string> GenericValues::GetAllKeys() const
|
||||
{
|
||||
std::vector<std::string> keys;
|
||||
for (auto it = map_.begin(); it != map_.end(); ++it) {
|
||||
keys.emplace_back(it->first);
|
||||
}
|
||||
return keys;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,53 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef GENERIC_VALUES_H
|
||||
#define GENERIC_VALUES_H
|
||||
|
||||
#include <map>
|
||||
#include <vector>
|
||||
#include <string>
|
||||
|
||||
#include "variant_value.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class GenericValues final {
|
||||
public:
|
||||
GenericValues() = default;
|
||||
virtual ~GenericValues() = default;
|
||||
|
||||
void Put(const std::string& key, int value);
|
||||
|
||||
void Put(const std::string& key, const std::string& value);
|
||||
|
||||
void Put(const std::string& key, const VariantValue& value);
|
||||
|
||||
std::vector<std::string> GetAllKeys() const;
|
||||
|
||||
VariantValue Get(const std::string& key) const;
|
||||
|
||||
int GetInt(const std::string& key) const;
|
||||
|
||||
std::string GetString(const std::string& key) const;
|
||||
|
||||
private:
|
||||
std::map<std::string, VariantValue> map_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // GENERIC_VALUES_H
|
@ -1,133 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_definition_cache.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "data_translator.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
|
||||
LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionDefinitionCache"
|
||||
};
|
||||
}
|
||||
|
||||
PermissionDefinitionCache& PermissionDefinitionCache::GetInstance()
|
||||
{
|
||||
static PermissionDefinitionCache instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
PermissionDefinitionCache::PermissionDefinitionCache()
|
||||
{}
|
||||
|
||||
PermissionDefinitionCache::~PermissionDefinitionCache()
|
||||
{}
|
||||
|
||||
bool PermissionDefinitionCache::Insert(const PermissionDef& info)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
auto it = permissionDefinitionMap_.find(info.permissionName);
|
||||
if (it != permissionDefinitionMap_.end()) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: info for permission: %{public}s has been insert, please check!",
|
||||
__func__, info.permissionName.c_str());
|
||||
return false;
|
||||
}
|
||||
permissionDefinitionMap_[info.permissionName] = info;
|
||||
return true;
|
||||
}
|
||||
|
||||
void PermissionDefinitionCache::DeleteByBundleName(const std::string& bundleName)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
auto it = permissionDefinitionMap_.begin();
|
||||
while (it != permissionDefinitionMap_.end()) {
|
||||
if (bundleName == it->second.bundleName) {
|
||||
permissionDefinitionMap_.erase(it++);
|
||||
} else {
|
||||
++it;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int PermissionDefinitionCache::FindByPermissionName(const std::string& permissionName, PermissionDef& info)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
auto it = permissionDefinitionMap_.find(permissionName);
|
||||
if (it == permissionDefinitionMap_.end()) {
|
||||
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: can not find definition info for permission: %{public}s", __func__,
|
||||
permissionName.c_str());
|
||||
return RET_FAILED;
|
||||
}
|
||||
info = it->second;
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
bool PermissionDefinitionCache::IsSystemGrantedPermission(const std::string& permissionName)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
return IsGrantedModeEqualInner(permissionName, SYSTEM_GRANT);
|
||||
}
|
||||
|
||||
bool PermissionDefinitionCache::IsUserGrantedPermission(const std::string& permissionName)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
return IsGrantedModeEqualInner(permissionName, USER_GRANT);
|
||||
}
|
||||
|
||||
std::string PermissionDefinitionCache::ToString()
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
std::string infos = R"({"Cache": "Default", "DefPermissions": [)";
|
||||
for (const auto& request : permissionDefinitionMap_) {
|
||||
PermissionDef permissionDef = request.second;
|
||||
infos.append(DataTranslator::ToString(request.second));
|
||||
infos.append(", ");
|
||||
}
|
||||
infos = infos + "]}";
|
||||
return infos;
|
||||
}
|
||||
|
||||
bool PermissionDefinitionCache::IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const
|
||||
{
|
||||
auto it = permissionDefinitionMap_.find(permissionName);
|
||||
if (it == permissionDefinitionMap_.end()) {
|
||||
return false;
|
||||
}
|
||||
return it->second.grantMode == grantMode;
|
||||
}
|
||||
|
||||
bool PermissionDefinitionCache::HasDefinition(const std::string& permissionName)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
return permissionDefinitionMap_.count(permissionName) == 1;
|
||||
}
|
||||
|
||||
void PermissionDefinitionCache::QueryCurrentCache(std::vector<GenericValues>& valueList)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
for (auto it = permissionDefinitionMap_.begin(); it != permissionDefinitionMap_.end(); ++it) {
|
||||
GenericValues genericValues;
|
||||
DataTranslator::TranslationIntoGenericValues(it->second, genericValues);
|
||||
valueList.emplace_back(genericValues);
|
||||
}
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,71 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_DEFINITION_CACHE_H
|
||||
#define PERMISSION_DEFINITION_CACHE_H
|
||||
|
||||
#include <map>
|
||||
#include <vector>
|
||||
|
||||
#include "permission_def.h"
|
||||
#include "generic_values.h"
|
||||
|
||||
#include "rwlock.h"
|
||||
#include "nocopyable.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionDefinitionCache final {
|
||||
public:
|
||||
static PermissionDefinitionCache& GetInstance();
|
||||
|
||||
virtual ~PermissionDefinitionCache();
|
||||
|
||||
bool Insert(const PermissionDef& info);
|
||||
|
||||
void DeleteByBundleName(const std::string& bundleName);
|
||||
|
||||
int FindByPermissionName(const std::string& permissionName, PermissionDef& info);
|
||||
|
||||
bool IsSystemGrantedPermission(const std::string& permissionName);
|
||||
|
||||
bool IsUserGrantedPermission(const std::string& permissionName);
|
||||
|
||||
bool HasDefinition(const std::string& permissionName);
|
||||
|
||||
void QueryCurrentCache(std::vector<GenericValues>& valueList);
|
||||
|
||||
std::string ToString();
|
||||
|
||||
private:
|
||||
PermissionDefinitionCache();
|
||||
|
||||
bool IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const;
|
||||
|
||||
DISALLOW_COPY_AND_MOVE(PermissionDefinitionCache);
|
||||
|
||||
/**
|
||||
* key: the permission name.
|
||||
* value: the object of PermissionDef.
|
||||
*/
|
||||
std::map<std::string, PermissionDef> permissionDefinitionMap_;
|
||||
|
||||
OHOS::Utils::RWLock cacheLock_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_DEFINITION_CACHE_H
|
@ -1,152 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_definition_manager.h"
|
||||
|
||||
#include "permission_definition_cache.h"
|
||||
#include "data_storage.h"
|
||||
#include "data_translator.h"
|
||||
#include "permission_log.h"
|
||||
#include "permission.h"
|
||||
#include "data_validator.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
|
||||
LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionDefinitionManager"
|
||||
};
|
||||
}
|
||||
|
||||
PermissionDefinitionManager& PermissionDefinitionManager::GetInstance()
|
||||
{
|
||||
static PermissionDefinitionManager instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
PermissionDefinitionManager::PermissionDefinitionManager() : hasInited_(false)
|
||||
{}
|
||||
|
||||
PermissionDefinitionManager::~PermissionDefinitionManager()
|
||||
{
|
||||
if (!hasInited_) {
|
||||
return;
|
||||
}
|
||||
this->permissionDefDataAccessWorker_.Stop();
|
||||
this->hasInited_ = false;
|
||||
}
|
||||
|
||||
void PermissionDefinitionManager::Init()
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lk(this->rwLock_);
|
||||
if (hasInited_) {
|
||||
return;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "init begin!");
|
||||
std::vector<GenericValues> results;
|
||||
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSION_DEF, results);
|
||||
for (auto value : results) {
|
||||
PermissionDef permissionDef;
|
||||
DataTranslator::TranslationIntoPermissionDef(value, permissionDef);
|
||||
PermissionDefinitionCache::GetInstance().Insert(permissionDef);
|
||||
}
|
||||
this->permissionDefDataAccessWorker_.Start(1);
|
||||
hasInited_ = true;
|
||||
PERMISSION_LOG_INFO(LABEL, "Init success");
|
||||
}
|
||||
|
||||
void PermissionDefinitionManager::AddDefPermissions(const std::vector<PermissionDefParcel>& permList)
|
||||
{
|
||||
if (permList.empty()) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
for (const auto& permissionDefParcel : permList) {
|
||||
if (!IsPermissionDefValid(permissionDefParcel.permissionDef)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid permission definition info: %{public}s", __func__,
|
||||
DataTranslator::ToString(permissionDefParcel.permissionDef).c_str());
|
||||
continue;
|
||||
}
|
||||
PermissionDefinitionCache::GetInstance().Insert(permissionDefParcel.permissionDef);
|
||||
}
|
||||
RefreshPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionDefinitionManager::RemoveDefPermissions(const std::string& bundleName)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionDefinitionCache::GetInstance().DeleteByBundleName(bundleName);
|
||||
RefreshPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
int PermissionDefinitionManager::GetDefPermission(
|
||||
const std::string& permissionName, PermissionDefParcel& permissionDefParcel) const
|
||||
{
|
||||
if (!DataValidator::IsPermissionNameValid(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return RET_FAILED;
|
||||
}
|
||||
return PermissionDefinitionCache::GetInstance().FindByPermissionName(
|
||||
permissionName, permissionDefParcel.permissionDef);
|
||||
}
|
||||
|
||||
bool PermissionDefinitionManager::IsGrantModeValid(const int grantMode) const
|
||||
{
|
||||
return grantMode == GrantMode::SYSTEM_GRANT || grantMode == GrantMode::USER_GRANT;
|
||||
}
|
||||
|
||||
bool PermissionDefinitionManager::IsAvailableScopeValid(const int availableScope) const
|
||||
{
|
||||
return availableScope == AvailableScope::AVAILABLE_SCOPE_ALL ||
|
||||
availableScope == AvailableScope::AVAILABLE_SCOPE_RESTRICTED ||
|
||||
availableScope == AvailableScope::AVAILABLE_SCOPE_SIGNATURE;
|
||||
}
|
||||
|
||||
bool PermissionDefinitionManager::IsPermissionDefValid(const PermissionDef& permissionDef) const
|
||||
{
|
||||
if (!DataValidator::IsPermissionNameValid(permissionDef.permissionName)) {
|
||||
return false;
|
||||
}
|
||||
if (!DataValidator::IsBundleNameValid(permissionDef.bundleName)) {
|
||||
return false;
|
||||
}
|
||||
if (!IsGrantModeValid(permissionDef.grantMode)) {
|
||||
return false;
|
||||
}
|
||||
return IsAvailableScopeValid(permissionDef.availableScope);
|
||||
}
|
||||
|
||||
void PermissionDefinitionManager::RefreshPersistentDataIfNeeded()
|
||||
{
|
||||
if (permissionDefDataAccessWorker_.GetCurTaskNum() > 1) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
|
||||
return;
|
||||
}
|
||||
permissionDefDataAccessWorker_.AddTask([]() {
|
||||
std::vector<GenericValues> valueList;
|
||||
PermissionDefinitionCache::GetInstance().QueryCurrentCache(valueList);
|
||||
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSION_DEF, valueList);
|
||||
|
||||
// Sleep for one second to avoid frequent refresh of the database.
|
||||
std::this_thread::sleep_for(std::chrono::seconds(1));
|
||||
});
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,67 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_DEFINITION_MANAGER_H
|
||||
#define PERMISSION_DEFINITION_MANAGER_H
|
||||
|
||||
#include <vector>
|
||||
|
||||
#include "permission_def_parcel.h"
|
||||
#include "field_const.h"
|
||||
#include "nocopyable.h"
|
||||
#include "thread_pool.h"
|
||||
#include "rwlock.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionDefinitionManager final {
|
||||
public:
|
||||
static PermissionDefinitionManager& GetInstance();
|
||||
|
||||
void Init();
|
||||
|
||||
virtual ~PermissionDefinitionManager();
|
||||
|
||||
void AddDefPermissions(const std::vector<PermissionDefParcel>& permList);
|
||||
|
||||
void RemoveDefPermissions(const std::string& bundleName);
|
||||
|
||||
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefParcel) const;
|
||||
|
||||
private:
|
||||
PermissionDefinitionManager();
|
||||
|
||||
DISALLOW_COPY_AND_MOVE(PermissionDefinitionManager);
|
||||
|
||||
bool IsGrantModeValid(const int grantMode) const;
|
||||
|
||||
bool IsAvailableScopeValid(const int availableScope) const;
|
||||
|
||||
bool IsPermissionDefValid(const PermissionDef& permissionDef) const;
|
||||
|
||||
void RefreshPersistentDataIfNeeded();
|
||||
|
||||
OHOS::ThreadPool permissionDefDataAccessWorker_;
|
||||
|
||||
bool hasInited_;
|
||||
|
||||
OHOS::Utils::RWLock rwLock_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // PERMISSION_DEFINITION_MANAGER_H
|
@ -1,189 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_manager_service.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "permission_definition_manager.h"
|
||||
#include "permission_state_manager.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerService"};
|
||||
}
|
||||
|
||||
const bool REGISTER_RESULT =
|
||||
SystemAbility::MakeAndRegisterAbility(DelayedSingleton<PermissionManagerService>::GetInstance().get());
|
||||
|
||||
PermissionManagerService::PermissionManagerService()
|
||||
: SystemAbility(SA_ID_PERMISSION_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService()");
|
||||
}
|
||||
|
||||
PermissionManagerService::~PermissionManagerService()
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "~PermissionManagerService()");
|
||||
}
|
||||
|
||||
void PermissionManagerService::OnStart()
|
||||
{
|
||||
if (state_ == ServiceRunningState::STATE_RUNNING) {
|
||||
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService has already started!");
|
||||
return;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService is starting");
|
||||
if (!Initialize()) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Failed to initialize");
|
||||
return;
|
||||
}
|
||||
state_ = ServiceRunningState::STATE_RUNNING;
|
||||
bool ret = Publish(DelayedSingleton<PermissionManagerService>::GetInstance().get());
|
||||
if (!ret) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Failed to publish service!");
|
||||
return;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "Congratulations, PermissionManagerService start successfully!");
|
||||
}
|
||||
|
||||
void PermissionManagerService::OnStop()
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "stop service");
|
||||
state_ = ServiceRunningState::STATE_NOT_START;
|
||||
}
|
||||
|
||||
int PermissionManagerService::VerifyPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL,
|
||||
"%{public}s called, packageName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
|
||||
bundleName.c_str(), permissionName.c_str(), userId);
|
||||
return PermissionStateManager::GetInstance().VerifyPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
bool PermissionManagerService::CanRequestPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL,
|
||||
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
|
||||
bundleName.c_str(), permissionName.c_str(), userId);
|
||||
return PermissionStateManager::GetInstance().CanRequestPermission(bundleName, permissionName, userId);
|
||||
}
|
||||
|
||||
int PermissionManagerService::GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL,
|
||||
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
|
||||
bundleName.c_str(), permissionName.c_str(), userId);
|
||||
PermissionStateManager::GetInstance().GrantUserGrantedPermission(bundleName, permissionName, userId);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::GrantSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permissionName: %{public}s", __func__,
|
||||
bundleName.c_str(), permissionName.c_str());
|
||||
PermissionStateManager::GetInstance().GrantSystemGrantedPermission(bundleName, permissionName);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL,
|
||||
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
|
||||
bundleName.c_str(), permissionName.c_str(), userId);
|
||||
PermissionStateManager::GetInstance().RevokeUserGrantedPermission(bundleName, permissionName, userId);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::RevokeSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permissionName: %{public}s", __func__,
|
||||
bundleName.c_str(), permissionName.c_str());
|
||||
PermissionStateManager::GetInstance().RevokeSystemGrantedPermission(bundleName, permissionName);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL,
|
||||
"%{public}s called, bundleName: %{public}s, permList size: %{public}d, userId: %{public}d", __func__,
|
||||
bundleName.c_str(), (int) permList.size(), userId);
|
||||
PermissionStateManager::GetInstance().AddUserGrantedReqPermissions(bundleName, permList, userId);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permList size: %{public}d", __func__,
|
||||
bundleName.c_str(), (int) permList.size());
|
||||
PermissionStateManager::GetInstance().AddSystemGrantedReqPermissions(bundleName, permList);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
|
||||
{
|
||||
PERMISSION_LOG_INFO(
|
||||
LABEL, "%{public}s called, bundleName: %{public}s, userId: %{public}d", __func__, bundleName.c_str(), userId);
|
||||
PermissionStateManager::GetInstance().RemoveUserGrantedReqPermissions(bundleName, userId);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, bundleName.c_str());
|
||||
PermissionStateManager::GetInstance().RemoveSystemGrantedReqPermissions(bundleName);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permDefList.size());
|
||||
PermissionDefinitionManager::GetInstance().AddDefPermissions(permDefList);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::RemoveDefPermissions(const std::string& bundleName)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, bundleName.c_str());
|
||||
PermissionDefinitionManager::GetInstance().RemoveDefPermissions(bundleName);
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionManagerService::GetDefPermission(
|
||||
const std::string& permissionName, PermissionDefParcel& permissionDefResult)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, permissionName.c_str());
|
||||
return PermissionDefinitionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult);
|
||||
}
|
||||
|
||||
bool PermissionManagerService::Initialize() const
|
||||
{
|
||||
PermissionDefinitionManager::GetInstance().Init();
|
||||
PermissionStateManager::GetInstance().Init();
|
||||
return true;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,76 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_MANAGER_SERVICE_H
|
||||
#define PERMISSION_MANAGER_SERVICE_H
|
||||
|
||||
#include "permission_manager_stub.h"
|
||||
|
||||
#include "singleton.h"
|
||||
#include "iremote_object.h"
|
||||
#include "system_ability.h"
|
||||
#include "nocopyable.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING };
|
||||
class PermissionManagerService final : public SystemAbility, public PermissionManagerStub {
|
||||
DECLARE_DELAYED_SINGLETON(PermissionManagerService);
|
||||
DECLEAR_SYSTEM_ABILITY(PermissionManagerService);
|
||||
|
||||
public:
|
||||
void OnStart() override;
|
||||
void OnStop() override;
|
||||
|
||||
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
|
||||
|
||||
int RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) override;
|
||||
|
||||
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
|
||||
|
||||
int AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId) override;
|
||||
|
||||
int AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList) override;
|
||||
|
||||
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) override;
|
||||
|
||||
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) override;
|
||||
|
||||
int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) override;
|
||||
|
||||
int RemoveDefPermissions(const std::string& bundleName) override;
|
||||
|
||||
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
|
||||
|
||||
private:
|
||||
bool Initialize() const;
|
||||
|
||||
ServiceRunningState state_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_MANAGER_SERVICE_H
|
@ -1,266 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_manager_stub.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
#include "ipc_skeleton.h"
|
||||
#include "string_ex.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerStub"};
|
||||
}
|
||||
|
||||
int32_t PermissionManagerStub::OnRemoteRequest(
|
||||
uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, code: %{public}d", __func__, code);
|
||||
std::u16string descriptor = data.ReadInterfaceToken();
|
||||
if (descriptor != IPermissionManager::GetDescriptor()) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
|
||||
return RET_FAILED;
|
||||
}
|
||||
switch (code) {
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::VERIFY_PERMISSION):
|
||||
VerifyPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::CAN_REQUEST_PERMISSION):
|
||||
CanRequestPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_USER_GRANTED_PERMISSION):
|
||||
GrantUserGrantedPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_SYSTEM_GRANTED_PERMISSION):
|
||||
GrantSystemGrantedPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_USER_GRANTED_PERMISSION):
|
||||
RevokeUserGrantedPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_SYSTEM_GRANTED_PERMISSION):
|
||||
RevokeSystemGrantedPermissionInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_USER_GRANTED_REQ_PERMISSIONS):
|
||||
AddUserGrantedReqPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_SYSTEM_GRANTED_REQ_PERMISSIONS):
|
||||
AddSystemGrantedReqPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_USER_GRANTED_REQ_PERMISSIONS):
|
||||
RemoveUserGrantedReqPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS):
|
||||
RemoveSystemGrantedReqPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_DEF_PERMISSIONS):
|
||||
AddDefPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_DEF_PERMISSIONS):
|
||||
RemoveDefPermissionsInner(data, reply);
|
||||
break;
|
||||
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GET_DEF_PERMISSION):
|
||||
GetDefPermissionInner(data, reply);
|
||||
break;
|
||||
default:
|
||||
return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
|
||||
}
|
||||
return NO_ERROR;
|
||||
}
|
||||
|
||||
void PermissionManagerStub::VerifyPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->VerifyPermission(bundleName, permissionName, userId);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::CanRequestPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->CanRequestPermission(bundleName, permissionName, userId);
|
||||
reply.WriteBool(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::GrantUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->GrantUserGrantedPermission(bundleName, permissionName, userId);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::GrantSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int result = this->GrantSystemGrantedPermission(bundleName, permissionName);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::RevokeUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->RevokeUserGrantedPermission(bundleName, permissionName, userId);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::RevokeSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::string permissionName = data.ReadString();
|
||||
int result = this->RevokeSystemGrantedPermission(bundleName, permissionName);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::AddUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::vector<std::string> permList;
|
||||
data.ReadStringVector(&permList);
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->AddUserGrantedReqPermissions(bundleName, permList, userId);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::AddSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
std::vector<std::string> permList;
|
||||
data.ReadStringVector(&permList);
|
||||
int result = this->AddSystemGrantedReqPermissions(bundleName, permList);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::RemoveUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
int userId = data.ReadInt32();
|
||||
int result = this->RemoveUserGrantedReqPermissions(bundleName, userId);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::RemoveSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
int result = this->RemoveSystemGrantedReqPermissions(bundleName);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::AddDefPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
int size = 0;
|
||||
data.ReadInt32(size);
|
||||
std::vector<PermissionDefParcel> permList;
|
||||
for (int i = 0; i < size; i++) {
|
||||
sptr<PermissionDefParcel> permissionDef = data.ReadParcelable<PermissionDefParcel>();
|
||||
if (permissionDef != nullptr) {
|
||||
permList.emplace_back(*permissionDef);
|
||||
}
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size());
|
||||
int result = this->AddDefPermissions(permList);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::RemoveDefPermissionsInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
reply.WriteInt32(RET_FAILED);
|
||||
return;
|
||||
}
|
||||
std::string bundleName = data.ReadString();
|
||||
int result = this->RemoveDefPermissions(bundleName);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
void PermissionManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply)
|
||||
{
|
||||
if (!IsAuthorizedCalling()) {
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
|
||||
return;
|
||||
}
|
||||
std::string permissionName = data.ReadString();
|
||||
PermissionDefParcel permissionDefParcel;
|
||||
int result = this->GetDefPermission(permissionName, permissionDefParcel);
|
||||
reply.WriteParcelable(&permissionDefParcel);
|
||||
reply.WriteInt32(result);
|
||||
}
|
||||
|
||||
bool PermissionManagerStub::IsAuthorizedCalling() const
|
||||
{
|
||||
int callingUid = IPCSkeleton::GetCallingUid();
|
||||
PERMISSION_LOG_INFO(LABEL, "Calling uid: %{public}d", callingUid);
|
||||
return callingUid == SYSTEM_UID || callingUid == ROOT_UID;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,56 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_MANAGER_STUB_H
|
||||
#define PERMISSION_MANAGER_STUB_H
|
||||
|
||||
#include "i_permission_manager.h"
|
||||
|
||||
#include "iremote_stub.h"
|
||||
#include "nocopyable.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionManagerStub : public IRemoteStub<IPermissionManager> {
|
||||
public:
|
||||
PermissionManagerStub() = default;
|
||||
virtual ~PermissionManagerStub() = default;
|
||||
|
||||
int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override;
|
||||
|
||||
private:
|
||||
void VerifyPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void CanRequestPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void GrantUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void GrantSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void RevokeUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void RevokeSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
void AddUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void AddSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void RemoveUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void RemoveSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void AddDefPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void RemoveDefPermissionsInner(MessageParcel& data, MessageParcel& reply);
|
||||
void GetDefPermissionInner(MessageParcel& data, MessageParcel& reply);
|
||||
bool IsAuthorizedCalling() const;
|
||||
|
||||
static const int SYSTEM_UID = 1000;
|
||||
static const int ROOT_UID = 0;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_MANAGER_STUB_H
|
@ -1,33 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_STANDARD__PERMISSION_REQ_H
|
||||
#define PERMISSION_STANDARD__PERMISSION_REQ_H
|
||||
|
||||
#include <string>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
struct PermissionReq {
|
||||
std::string reqPermissionName;
|
||||
bool isGranted;
|
||||
int flags;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // PERMISSION_STANDARD__PERMISSION_REQ_H
|
@ -1,378 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_state_cache.h"
|
||||
|
||||
#include <iostream>
|
||||
|
||||
#include "permission.h"
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionStateCache"};
|
||||
}
|
||||
int PermissionStateCache::AddReqPermission(
|
||||
const int userId, const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
BundleInfo& bundleInfo = Root::GetRoot().GetOrCreateUserInfo(userId).GetOrCreateBundleInfo(bundleName);
|
||||
return bundleInfo.AddReqPermission(permissionName);
|
||||
}
|
||||
|
||||
int PermissionStateCache::AddReqPermission(
|
||||
const int userId, const std::string& bundleName, const std::vector<std::string>& permList)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
BundleInfo& bundleInfo = Root::GetRoot().GetOrCreateUserInfo(userId).GetOrCreateBundleInfo(bundleName);
|
||||
for (const auto& permissionName : permList) {
|
||||
bundleInfo.AddReqPermission(permissionName);
|
||||
}
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int PermissionStateCache::ReplaceReqPermission(
|
||||
int userId, const std::string& bundleName, const PermissionReq& permissionReq)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).ReplaceReqPermission(bundleName, permissionReq);
|
||||
}
|
||||
|
||||
int PermissionStateCache::RemoveReqPermission(const int userId, const std::string& bundleName)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
if (!Root::GetRoot().HasUserInfo(userId)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).RemoveReqPermission(bundleName);
|
||||
}
|
||||
|
||||
int PermissionStateCache::UpdatePermissionState(
|
||||
int userId, const std::string& bundleName, const std::string& permissionName, bool isGranted)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
if (!Root::GetRoot().HasUserInfo(userId)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).UpdatePermissionState(bundleName, permissionName, isGranted);
|
||||
}
|
||||
|
||||
int PermissionStateCache::UpdatePermissionFlags(
|
||||
int userId, const std::string& bundleName, const std::string& permissionName, int flags)
|
||||
{
|
||||
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
if (!Root::GetRoot().HasUserInfo(userId)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).UpdatePermissionFlags(bundleName, permissionName, flags);
|
||||
}
|
||||
|
||||
bool PermissionStateCache::IsGranted(const int userId, const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
if (!Root::GetRoot().HasUserInfo(userId)) {
|
||||
return false;
|
||||
}
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).IsGranted(bundleName, permissionName);
|
||||
}
|
||||
|
||||
int PermissionStateCache::GetPermissionFlags(
|
||||
const int userId, const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
if (!Root::GetRoot().HasUserInfo(userId)) {
|
||||
return DEFAULT_PERMISSION_FLAGS;
|
||||
}
|
||||
return Root::GetRoot().GetOrCreateUserInfo(userId).GetPermissionFlags(bundleName, permissionName);
|
||||
}
|
||||
|
||||
std::string PermissionStateCache::ToString()
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
return Root::GetRoot().ToString();
|
||||
}
|
||||
|
||||
void PermissionStateCache::QueryCurrentCache(bool isSystemGranted, std::vector<GenericValues>& valueList)
|
||||
{
|
||||
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
|
||||
|
||||
if (isSystemGranted) {
|
||||
if (!Root::GetRoot().HasUserInfo(SYSTEM_GRANTED_USER_ID)) {
|
||||
return;
|
||||
}
|
||||
UserInfo userInfo = Root::GetRoot().GetOrCreateUserInfo(SYSTEM_GRANTED_USER_ID);
|
||||
QueryForUser(userInfo, valueList);
|
||||
return;
|
||||
}
|
||||
|
||||
std::vector<UserInfo> userInfoList;
|
||||
Root::GetRoot().GetUserGrantedUserInfo(userInfoList);
|
||||
for (auto userInfo : userInfoList) {
|
||||
QueryForUser(userInfo, valueList);
|
||||
}
|
||||
}
|
||||
|
||||
void PermissionStateCache::QueryForUser(const UserInfo& userInfo, std::vector<GenericValues>& valueList) const
|
||||
{
|
||||
std::vector<BundleInfo> bundleInfoList;
|
||||
userInfo.GetAllBundleInfo(bundleInfoList);
|
||||
for (auto bundleInfo : bundleInfoList) {
|
||||
QueryForBundle(userInfo.userId_, bundleInfo, valueList);
|
||||
}
|
||||
}
|
||||
|
||||
void PermissionStateCache::QueryForBundle(
|
||||
const int userId, const BundleInfo& bundleInfo, std::vector<GenericValues>& valueList) const
|
||||
{
|
||||
std::vector<PermissionReq> permissionReqList;
|
||||
bundleInfo.GetAllPermissionReq(permissionReqList);
|
||||
for (auto permissionReq : permissionReqList) {
|
||||
GenericValues genericValues;
|
||||
genericValues.Put(FIELD_BUNDLE_NAME, bundleInfo.bundleName_);
|
||||
DataTranslator::TranslationIntoGenericValues(permissionReq, genericValues);
|
||||
if (userId == SYSTEM_GRANTED_USER_ID) {
|
||||
valueList.emplace_back(genericValues);
|
||||
} else {
|
||||
genericValues.Put(FIELD_USER_ID, userId);
|
||||
valueList.emplace_back(genericValues);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
PermissionStateCache& PermissionStateCache::GetInstance()
|
||||
{
|
||||
static PermissionStateCache instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
Root& Root::GetRoot()
|
||||
{
|
||||
static Root root;
|
||||
return root;
|
||||
}
|
||||
|
||||
bool Root::HasUserInfo(int userId) const
|
||||
{
|
||||
return userInfos_.count(userId) == 1;
|
||||
}
|
||||
|
||||
UserInfo& Root::GetOrCreateUserInfo(const int userId)
|
||||
{
|
||||
if (!HasUserInfo(userId)) {
|
||||
UserInfo userInfo(userId);
|
||||
userInfos_[userId] = userInfo;
|
||||
PERMISSION_LOG_DEBUG(
|
||||
LABEL, "%{public}s: userInfos_[userId]: %{public}s", __func__, userInfos_[userId].ToString().c_str());
|
||||
}
|
||||
return userInfos_[userId];
|
||||
}
|
||||
|
||||
void Root::GetUserGrantedUserInfo(std::vector<UserInfo>& bundleInfoList) const
|
||||
{
|
||||
for (auto it = userInfos_.begin(); it != userInfos_.end(); ++it) {
|
||||
if (it->first != PermissionStateCache::SYSTEM_GRANTED_USER_ID) {
|
||||
bundleInfoList.emplace_back(it->second);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
std::string Root::ToString() const
|
||||
{
|
||||
std::string infos = R"({"Root": "Default", "UserInfos": [)";
|
||||
for (auto userInfo : userInfos_) {
|
||||
infos.append(userInfo.second.ToString() + ", ");
|
||||
}
|
||||
infos = infos + "]}";
|
||||
return infos;
|
||||
}
|
||||
|
||||
UserInfo::UserInfo(int userId)
|
||||
{
|
||||
userId_ = userId;
|
||||
}
|
||||
|
||||
bool UserInfo::HasBundleInfo(const std::string& bundleName) const
|
||||
{
|
||||
return bundleInfos_.count(bundleName) == 1;
|
||||
}
|
||||
|
||||
BundleInfo& UserInfo::GetOrCreateBundleInfo(const std::string& bundleName)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
BundleInfo bundleInfo(bundleName);
|
||||
bundleInfos_[bundleName] = bundleInfo;
|
||||
}
|
||||
return bundleInfos_[bundleName];
|
||||
}
|
||||
|
||||
void UserInfo::GetAllBundleInfo(std::vector<BundleInfo>& bundleInfoList) const
|
||||
{
|
||||
for (auto it = bundleInfos_.begin(); it != bundleInfos_.end(); ++it) {
|
||||
bundleInfoList.emplace_back(it->second);
|
||||
}
|
||||
}
|
||||
|
||||
std::string UserInfo::ToString() const
|
||||
{
|
||||
std::string infos = R"({"userId": )" + std::to_string(userId_) + R"(, "BundleInfos": [)";
|
||||
for (auto bundleInfo : bundleInfos_) {
|
||||
infos.append(bundleInfo.second.ToString() + ", ");
|
||||
}
|
||||
infos.append("]}");
|
||||
return infos;
|
||||
}
|
||||
|
||||
int UserInfo::ReplaceReqPermission(const std::string& bundleName, const PermissionReq& permissionReq)
|
||||
{
|
||||
return GetOrCreateBundleInfo(bundleName).ReplaceReqPermission(permissionReq);
|
||||
}
|
||||
|
||||
int UserInfo::RemoveReqPermission(const std::string& bundleName)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
bundleInfos_[bundleName].RemoveReqPermissions();
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int UserInfo::UpdatePermissionState(const std::string& bundleName, const std::string& permissionName, bool isGranted)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
return bundleInfos_[bundleName].UpdateGrantedState(permissionName, isGranted);
|
||||
}
|
||||
|
||||
int UserInfo::UpdatePermissionFlags(const std::string& bundleName, const std::string& permissionName, int flags)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
return bundleInfos_[bundleName].UpdatePermissionFlags(permissionName, flags);
|
||||
}
|
||||
|
||||
bool UserInfo::IsGranted(const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
return false;
|
||||
}
|
||||
return bundleInfos_[bundleName].IsGranted(permissionName);
|
||||
}
|
||||
|
||||
int UserInfo::GetPermissionFlags(const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
if (!HasBundleInfo(bundleName)) {
|
||||
return DEFAULT_PERMISSION_FLAGS;
|
||||
}
|
||||
return bundleInfos_[bundleName].GetPermissionFlags(permissionName);
|
||||
}
|
||||
|
||||
BundleInfo::BundleInfo(std::string bundleName)
|
||||
{
|
||||
bundleName_ = std::move(bundleName);
|
||||
}
|
||||
|
||||
int BundleInfo::AddReqPermission(const std::string& permissionName)
|
||||
{
|
||||
if (HasReqPermission(permissionName)) {
|
||||
PERMISSION_LOG_DEBUG(
|
||||
LABEL, "%{public}s failed, reqPermission is exist, name: %{public}s", __func__, permissionName.c_str());
|
||||
return RET_FAILED;
|
||||
}
|
||||
PermissionReq permissionReq = {permissionName, false, DEFAULT_PERMISSION_FLAGS};
|
||||
permissionRequests_[permissionName] = permissionReq;
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int BundleInfo::ReplaceReqPermission(const PermissionReq& permissionReq)
|
||||
{
|
||||
permissionRequests_[permissionReq.reqPermissionName] = permissionReq;
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
PermissionReq& BundleInfo::GetReqPermission(const std::string& permissionName)
|
||||
{
|
||||
return permissionRequests_[permissionName];
|
||||
}
|
||||
|
||||
bool BundleInfo::HasReqPermission(const std::string& permissionName) const
|
||||
{
|
||||
return permissionRequests_.count(permissionName) == 1;
|
||||
}
|
||||
|
||||
void BundleInfo::RemoveReqPermissions()
|
||||
{
|
||||
permissionRequests_.clear();
|
||||
}
|
||||
|
||||
int BundleInfo::UpdateGrantedState(const std::string& permissionName, bool isGranted)
|
||||
{
|
||||
if (!HasReqPermission(permissionName)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
GetReqPermission(permissionName).isGranted = isGranted;
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
int BundleInfo::UpdatePermissionFlags(const std::string& permissionName, int flags)
|
||||
{
|
||||
if (!HasReqPermission(permissionName)) {
|
||||
return RET_FAILED;
|
||||
}
|
||||
GetReqPermission(permissionName).flags = flags;
|
||||
return RET_SUCCESS;
|
||||
}
|
||||
|
||||
bool BundleInfo::IsGranted(const std::string& permissionName)
|
||||
{
|
||||
if (!HasReqPermission(permissionName)) {
|
||||
return false;
|
||||
}
|
||||
return GetReqPermission(permissionName).isGranted;
|
||||
}
|
||||
|
||||
int BundleInfo::GetPermissionFlags(const std::string& permissionName)
|
||||
{
|
||||
if (!HasReqPermission(permissionName)) {
|
||||
return DEFAULT_PERMISSION_FLAGS;
|
||||
}
|
||||
return GetReqPermission(permissionName).flags;
|
||||
}
|
||||
|
||||
void BundleInfo::GetAllPermissionReq(std::vector<PermissionReq>& permissionReqList) const
|
||||
{
|
||||
for (auto it = permissionRequests_.begin(); it != permissionRequests_.end(); ++it) {
|
||||
permissionReqList.emplace_back(it->second);
|
||||
}
|
||||
}
|
||||
|
||||
std::string BundleInfo::ToString() const
|
||||
{
|
||||
std::string infos = R"({"bundleName": ")" + bundleName_ + R"(", "ReqPermissions": [)";
|
||||
for (const auto& request : permissionRequests_) {
|
||||
PermissionReq permissionReq = request.second;
|
||||
infos.append(R"({"permissionName": ")" + permissionReq.reqPermissionName + R"(")");
|
||||
infos.append(R"(, "isGranted": )" + std::to_string(permissionReq.isGranted));
|
||||
infos.append(R"(, "flags": )" + std::to_string(permissionReq.flags));
|
||||
infos.append("}, ");
|
||||
}
|
||||
infos = infos + "]}";
|
||||
return infos;
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,121 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H
|
||||
#define PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H
|
||||
|
||||
#include <string>
|
||||
#include <map>
|
||||
#include <vector>
|
||||
|
||||
#include "permission_req.h"
|
||||
#include "generic_values.h"
|
||||
#include "data_translator.h"
|
||||
#include "field_const.h"
|
||||
|
||||
#include "rwlock.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
static const int DEFAULT_PERMISSION_FLAGS = 0;
|
||||
class BundleInfo final {
|
||||
public:
|
||||
std::string bundleName_;
|
||||
BundleInfo() = default;
|
||||
virtual ~BundleInfo() = default;
|
||||
explicit BundleInfo(std::string bundleName);
|
||||
int AddReqPermission(const std::string& permissionName);
|
||||
int ReplaceReqPermission(const PermissionReq& permissionReq);
|
||||
PermissionReq& GetReqPermission(const std::string& permissionName);
|
||||
void RemoveReqPermissions();
|
||||
bool HasReqPermission(const std::string& permissionName) const;
|
||||
int UpdateGrantedState(const std::string& permissionName, bool isGranted);
|
||||
int UpdatePermissionFlags(const std::string& permissionName, int flags);
|
||||
bool IsGranted(const std::string& permissionName);
|
||||
int GetPermissionFlags(const std::string& permissionName);
|
||||
void GetAllPermissionReq(std::vector<PermissionReq>& permissionReqList) const;
|
||||
std::string ToString() const;
|
||||
|
||||
private:
|
||||
std::map<std::string, PermissionReq> permissionRequests_;
|
||||
};
|
||||
|
||||
class UserInfo final {
|
||||
public:
|
||||
int userId_;
|
||||
UserInfo() : userId_(0)
|
||||
{}
|
||||
virtual ~UserInfo() = default;
|
||||
explicit UserInfo(int userId);
|
||||
bool HasBundleInfo(const std::string& bundleName) const;
|
||||
BundleInfo& GetOrCreateBundleInfo(const std::string& bundleName);
|
||||
int ReplaceReqPermission(const std::string& bundleName, const PermissionReq& permissionReq);
|
||||
int RemoveReqPermission(const std::string& bundleName);
|
||||
int UpdatePermissionState(const std::string& bundleName, const std::string& permissionName, bool isGranted);
|
||||
int UpdatePermissionFlags(const std::string& bundleName, const std::string& permissionName, int flags);
|
||||
bool IsGranted(const std::string& bundleName, const std::string& permissionName);
|
||||
int GetPermissionFlags(const std::string& bundleName, const std::string& permissionName);
|
||||
void GetAllBundleInfo(std::vector<BundleInfo>& bundleInfoList) const;
|
||||
std::string ToString() const;
|
||||
|
||||
private:
|
||||
std::map<std::string, BundleInfo> bundleInfos_;
|
||||
};
|
||||
|
||||
class Root final {
|
||||
public:
|
||||
static Root& GetRoot();
|
||||
bool HasUserInfo(int userId) const;
|
||||
UserInfo& GetOrCreateUserInfo(int userId);
|
||||
void GetUserGrantedUserInfo(std::vector<UserInfo>& userInfoList) const;
|
||||
std::string ToString() const;
|
||||
|
||||
private:
|
||||
std::map<int, UserInfo> userInfos_;
|
||||
};
|
||||
|
||||
class PermissionStateCache final {
|
||||
public:
|
||||
static const int SYSTEM_GRANTED_USER_ID = -1;
|
||||
static PermissionStateCache& GetInstance();
|
||||
virtual ~PermissionStateCache() = default;
|
||||
std::string ToString();
|
||||
int AddReqPermission(int userId, const std::string& bundleName, const std::string& permissionName);
|
||||
int AddReqPermission(int userId, const std::string& bundleName, const std::vector<std::string>& permList);
|
||||
int ReplaceReqPermission(int userId, const std::string& bundleName, const PermissionReq& permissionReq);
|
||||
int RemoveReqPermission(int userId, const std::string& bundleName);
|
||||
int UpdatePermissionState(
|
||||
int userId, const std::string& bundleName, const std::string& permissionName, bool isGranted);
|
||||
int UpdatePermissionFlags(int userId, const std::string& bundleName, const std::string& permissionName, int flags);
|
||||
bool IsGranted(int userId, const std::string& bundleName, const std::string& permissionName);
|
||||
int GetPermissionFlags(int userId, const std::string& bundleName, const std::string& permissionName);
|
||||
void QueryCurrentCache(bool isSystemGranted, std::vector<GenericValues>& valueList);
|
||||
|
||||
private:
|
||||
PermissionStateCache() = default;
|
||||
|
||||
DISALLOW_COPY_AND_MOVE(PermissionStateCache);
|
||||
|
||||
void QueryForUser(const UserInfo& userInfo, std::vector<GenericValues>& valueList) const;
|
||||
|
||||
void QueryForBundle(const int userId, const BundleInfo& bundleInfo, std::vector<GenericValues>& valueList) const;
|
||||
|
||||
OHOS::Utils::RWLock cacheLock_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H
|
@ -1,265 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_state_manager.h"
|
||||
|
||||
#include "permission.h"
|
||||
#include "data_storage.h"
|
||||
#include "permission_log.h"
|
||||
#include "permission_definition_cache.h"
|
||||
#include "permission_state_cache.h"
|
||||
#include "data_translator.h"
|
||||
#include "data_validator.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionStateManager"};
|
||||
}
|
||||
PermissionStateManager& PermissionStateManager::GetInstance()
|
||||
{
|
||||
static PermissionStateManager instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
PermissionStateManager::PermissionStateManager() : hasInited_(false)
|
||||
{}
|
||||
|
||||
PermissionStateManager::~PermissionStateManager()
|
||||
{
|
||||
if (!hasInited_) {
|
||||
return;
|
||||
}
|
||||
this->systemGrantedDataAccessWorker_.Stop();
|
||||
this->userGrantedDataAccessWorker_.Stop();
|
||||
this->hasInited_ = false;
|
||||
}
|
||||
|
||||
void PermissionStateManager::Init()
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lk(this->rwLock_);
|
||||
if (hasInited_) {
|
||||
return;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "init begin!");
|
||||
std::vector<GenericValues> results;
|
||||
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSIONS_STAT_SYSTEM_GRANTED, results);
|
||||
for (auto value : results) {
|
||||
std::string bundleName = value.GetString(FIELD_BUNDLE_NAME);
|
||||
PERMISSION_LOG_INFO(LABEL, "Cache recover system grant %{public}s", bundleName.c_str());
|
||||
PermissionReq permissionReq;
|
||||
DataTranslator::TranslationIntoPermissionReq(value, permissionReq);
|
||||
PermissionStateCache::GetInstance().ReplaceReqPermission(
|
||||
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionReq);
|
||||
}
|
||||
|
||||
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSIONS_STAT_USER_GRANTED, results);
|
||||
for (auto value : results) {
|
||||
std::string bundleName = value.GetString(FIELD_BUNDLE_NAME);
|
||||
int userId = value.GetInt(FIELD_USER_ID);
|
||||
PERMISSION_LOG_INFO(LABEL, "Cache recover user grant %{public}d, %{public}s", userId, bundleName.c_str());
|
||||
PermissionReq permissionReq;
|
||||
DataTranslator::TranslationIntoPermissionReq(value, permissionReq);
|
||||
PermissionStateCache::GetInstance().ReplaceReqPermission(userId, bundleName, permissionReq);
|
||||
}
|
||||
this->systemGrantedDataAccessWorker_.Start(1);
|
||||
this->userGrantedDataAccessWorker_.Start(1);
|
||||
hasInited_ = true;
|
||||
PERMISSION_LOG_INFO(LABEL, "Init success");
|
||||
}
|
||||
|
||||
void PermissionStateManager::AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || permList.empty() || !DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
std::vector<GenericValues> values;
|
||||
for (const auto& permission : permList) {
|
||||
if (!PermissionDefinitionCache::GetInstance().IsUserGrantedPermission(permission)) {
|
||||
PERMISSION_LOG_ERROR(LABEL,
|
||||
"%{public}s: permission: %{public}s is not user-granted permission, check please!", __func__,
|
||||
permission.c_str());
|
||||
continue;
|
||||
}
|
||||
PermissionStateCache::GetInstance().AddReqPermission(userId, bundleName, permission);
|
||||
}
|
||||
RefreshUserGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().RemoveReqPermission(userId, bundleName);
|
||||
RefreshUserGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::GrantUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
|
||||
!DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().UpdatePermissionState(userId, bundleName, permissionName, true);
|
||||
RefreshUserGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::RevokeUserGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
|
||||
!DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().UpdatePermissionState(userId, bundleName, permissionName, false);
|
||||
RefreshUserGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::AddSystemGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || permList.empty()) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
std::vector<GenericValues> values;
|
||||
for (const auto& permission : permList) {
|
||||
if (!PermissionDefinitionCache::GetInstance().IsSystemGrantedPermission(permission)) {
|
||||
PERMISSION_LOG_ERROR(LABEL,
|
||||
"%{public}s: permission: %{public}s is not system-granted permission, check please!", __func__,
|
||||
permission.c_str());
|
||||
continue;
|
||||
}
|
||||
PermissionStateCache::GetInstance().AddReqPermission(
|
||||
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permission);
|
||||
}
|
||||
RefreshSystemGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().RemoveReqPermission(PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName);
|
||||
RefreshSystemGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::GrantSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().UpdatePermissionState(
|
||||
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName, true);
|
||||
RefreshSystemGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
void PermissionStateManager::RevokeSystemGrantedPermission(
|
||||
const std::string& bundleName, const std::string& permissionName)
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return;
|
||||
}
|
||||
PermissionStateCache::GetInstance().UpdatePermissionState(
|
||||
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName, false);
|
||||
RefreshSystemGrantedPersistentDataIfNeeded();
|
||||
}
|
||||
|
||||
int PermissionStateManager::VerifyPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
|
||||
!DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) {
|
||||
PERMISSION_LOG_ERROR(
|
||||
LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str());
|
||||
return PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
bool isGranted = false;
|
||||
if (PermissionDefinitionCache::GetInstance().IsSystemGrantedPermission(permissionName)) {
|
||||
isGranted = PermissionStateCache::GetInstance().IsGranted(
|
||||
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName);
|
||||
} else {
|
||||
isGranted = PermissionStateCache::GetInstance().IsGranted(userId, bundleName, permissionName);
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "VerifyPermission %{public}s, %{public}s, %{public}d isGranted: %{public}d",
|
||||
bundleName.c_str(), permissionName.c_str(), userId, isGranted);
|
||||
return isGranted ? PERMISSION_GRANTED : PERMISSION_NOT_GRANTED;
|
||||
}
|
||||
|
||||
bool PermissionStateManager::CanRequestPermission(
|
||||
const std::string& bundleName, const std::string& permissionName, int userId) const
|
||||
{
|
||||
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
|
||||
!DataValidator::IsUserIdValid(userId)) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
|
||||
return false;
|
||||
}
|
||||
return PermissionDefinitionCache::GetInstance().IsUserGrantedPermission(permissionName) &&
|
||||
!PermissionStateCache::GetInstance().IsGranted(userId, bundleName, permissionName);
|
||||
}
|
||||
|
||||
void PermissionStateManager::RefreshSystemGrantedPersistentDataIfNeeded()
|
||||
{
|
||||
if (systemGrantedDataAccessWorker_.GetCurTaskNum() > 1) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
|
||||
return;
|
||||
}
|
||||
systemGrantedDataAccessWorker_.AddTask([]() {
|
||||
std::vector<GenericValues> valueList;
|
||||
PermissionStateCache::GetInstance().QueryCurrentCache(true, valueList);
|
||||
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSIONS_STAT_SYSTEM_GRANTED, valueList);
|
||||
|
||||
// Sleep for one second to avoid frequent refresh of the database.
|
||||
std::this_thread::sleep_for(std::chrono::seconds(1));
|
||||
});
|
||||
}
|
||||
|
||||
void PermissionStateManager::RefreshUserGrantedPersistentDataIfNeeded()
|
||||
{
|
||||
if (userGrantedDataAccessWorker_.GetCurTaskNum() > 1) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
|
||||
return;
|
||||
}
|
||||
userGrantedDataAccessWorker_.AddTask([]() {
|
||||
std::vector<GenericValues> valueList;
|
||||
PermissionStateCache::GetInstance().QueryCurrentCache(false, valueList);
|
||||
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSIONS_STAT_USER_GRANTED, valueList);
|
||||
|
||||
// Sleep for one second to avoid frequent refresh of the database.
|
||||
std::this_thread::sleep_for(std::chrono::seconds(1));
|
||||
});
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,80 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_STATE_MANAGER_H
|
||||
#define PERMISSION_STATE_MANAGER_H
|
||||
|
||||
#include <vector>
|
||||
|
||||
#include "field_const.h"
|
||||
|
||||
#include "nocopyable.h"
|
||||
#include "thread_pool.h"
|
||||
#include "rwlock.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionStateManager final {
|
||||
public:
|
||||
static PermissionStateManager& GetInstance();
|
||||
|
||||
virtual ~PermissionStateManager();
|
||||
|
||||
void Init();
|
||||
|
||||
void AddUserGrantedReqPermissions(
|
||||
const std::string& bundleName, const std::vector<std::string>& permList, int userId);
|
||||
|
||||
void RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId);
|
||||
|
||||
void GrantUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId);
|
||||
|
||||
void RevokeUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId);
|
||||
|
||||
void AddSystemGrantedReqPermissions(const std::string& bundleName, const std::vector<std::string>& permList);
|
||||
|
||||
void RemoveSystemGrantedReqPermissions(const std::string& bundleName);
|
||||
|
||||
void GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName);
|
||||
|
||||
void RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName);
|
||||
|
||||
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
|
||||
|
||||
private:
|
||||
PermissionStateManager();
|
||||
|
||||
DISALLOW_COPY_AND_MOVE(PermissionStateManager);
|
||||
|
||||
void RefreshSystemGrantedPersistentDataIfNeeded();
|
||||
|
||||
void RefreshUserGrantedPersistentDataIfNeeded();
|
||||
|
||||
OHOS::ThreadPool systemGrantedDataAccessWorker_;
|
||||
|
||||
OHOS::ThreadPool userGrantedDataAccessWorker_;
|
||||
|
||||
bool hasInited_;
|
||||
|
||||
OHOS::Utils::RWLock rwLock_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // PERMISSION_STATE_MANAGER_H
|
@ -1,188 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "sqlite_helper.h"
|
||||
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "SqliteHelper"};
|
||||
}
|
||||
|
||||
SqliteHelper::SqliteHelper(const std::string& dbName, const std::string& dbPath, int version)
|
||||
: dbName_(dbName), dbPath_(dbPath), currentVersion_(version), db_(nullptr)
|
||||
{}
|
||||
|
||||
SqliteHelper::~SqliteHelper()
|
||||
{}
|
||||
|
||||
void SqliteHelper::Open()
|
||||
{
|
||||
if (db_ != nullptr) {
|
||||
return;
|
||||
}
|
||||
if (dbName_.empty() || dbPath_.empty() || currentVersion_ < 0) {
|
||||
return;
|
||||
}
|
||||
std::string fileName = dbPath_ + dbName_;
|
||||
int res = sqlite3_open(fileName.c_str(), &db_);
|
||||
if (res != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Failed to open db: %{public}s", sqlite3_errmsg(db_));
|
||||
return;
|
||||
}
|
||||
|
||||
int version = GetVersion();
|
||||
if (version == currentVersion_) {
|
||||
return;
|
||||
}
|
||||
|
||||
BeginTransaction();
|
||||
if (version == 0) {
|
||||
OnCreate();
|
||||
} else {
|
||||
if (version < currentVersion_) {
|
||||
OnUpdate();
|
||||
}
|
||||
}
|
||||
SetVersion();
|
||||
CommitTransaction();
|
||||
}
|
||||
|
||||
void SqliteHelper::Close()
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return;
|
||||
}
|
||||
int ret = sqlite3_close(db_);
|
||||
if (ret != SQLITE_OK) {
|
||||
PERMISSION_LOG_WARN(LABEL, "sqlite3_close error, ret=%{public}d", ret);
|
||||
return;
|
||||
}
|
||||
db_ = nullptr;
|
||||
}
|
||||
|
||||
int SqliteHelper::BeginTransaction() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return GENERAL_ERROR;
|
||||
}
|
||||
char* errorMessage = nullptr;
|
||||
int result = 0;
|
||||
int ret = sqlite3_exec(db_, "BEGIN;", nullptr, nullptr, &errorMessage);
|
||||
if (ret != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
|
||||
result = GENERAL_ERROR;
|
||||
}
|
||||
sqlite3_free(errorMessage);
|
||||
return result;
|
||||
}
|
||||
|
||||
int SqliteHelper::CommitTransaction() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return GENERAL_ERROR;
|
||||
}
|
||||
char* errorMessage = nullptr;
|
||||
int result = 0;
|
||||
int ret = sqlite3_exec(db_, "COMMIT;", nullptr, nullptr, &errorMessage);
|
||||
if (ret != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
|
||||
result = GENERAL_ERROR;
|
||||
}
|
||||
sqlite3_free(errorMessage);
|
||||
return result;
|
||||
}
|
||||
|
||||
int SqliteHelper::RollbackTransaction() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return GENERAL_ERROR;
|
||||
}
|
||||
int result = 0;
|
||||
char* errorMessage = nullptr;
|
||||
int ret = sqlite3_exec(db_, "ROLLBACK;", nullptr, nullptr, &errorMessage);
|
||||
if (ret != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
|
||||
result = GENERAL_ERROR;
|
||||
}
|
||||
sqlite3_free(errorMessage);
|
||||
return result;
|
||||
}
|
||||
|
||||
Statement SqliteHelper::Prepare(const std::string& sql) const
|
||||
{
|
||||
return Statement(db_, sql);
|
||||
}
|
||||
|
||||
int SqliteHelper::ExecuteSql(const std::string& sql) const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return GENERAL_ERROR;
|
||||
}
|
||||
char* errorMessage = nullptr;
|
||||
int result = 0;
|
||||
int res = sqlite3_exec(db_, sql.c_str(), nullptr, nullptr, &errorMessage);
|
||||
if (res != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
|
||||
result = GENERAL_ERROR;
|
||||
}
|
||||
sqlite3_free(errorMessage);
|
||||
return result;
|
||||
}
|
||||
|
||||
int SqliteHelper::GetVersion() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return GENERAL_ERROR;
|
||||
}
|
||||
auto statement = Prepare(PRAGMA_VERSION_COMMAND);
|
||||
int version = 0;
|
||||
while (statement.Step() == Statement::State::ROW) {
|
||||
version = statement.GetColumnInt(0);
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s: version: %{public}d", __func__, version);
|
||||
return version;
|
||||
}
|
||||
|
||||
void SqliteHelper::SetVersion() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return;
|
||||
}
|
||||
auto statement = Prepare(PRAGMA_VERSION_COMMAND + " = " + std::to_string(currentVersion_));
|
||||
statement.Step();
|
||||
}
|
||||
|
||||
std::string SqliteHelper::SpitError() const
|
||||
{
|
||||
if (db_ == nullptr) {
|
||||
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
|
||||
return "";
|
||||
}
|
||||
return sqlite3_errmsg(db_);
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,62 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef SQLITE_HELPER_H
|
||||
#define SQLITE_HELPER_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "statement.h"
|
||||
|
||||
#include "sqlite3sym.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class SqliteHelper {
|
||||
public:
|
||||
explicit SqliteHelper(const std::string& dbName, const std::string& dbPath, int version);
|
||||
virtual ~SqliteHelper();
|
||||
|
||||
void Open();
|
||||
void Close();
|
||||
|
||||
int BeginTransaction() const;
|
||||
int CommitTransaction() const;
|
||||
int RollbackTransaction() const;
|
||||
|
||||
Statement Prepare(const std::string& sql) const;
|
||||
int ExecuteSql(const std::string& sql) const;
|
||||
std::string SpitError() const;
|
||||
|
||||
virtual void OnCreate() = 0;
|
||||
virtual void OnUpdate() = 0;
|
||||
|
||||
private:
|
||||
inline static const std::string PRAGMA_VERSION_COMMAND = "PRAGMA user_version";
|
||||
static const int GENERAL_ERROR = -1;
|
||||
|
||||
const std::string dbName_;
|
||||
const std::string dbPath_;
|
||||
int currentVersion_;
|
||||
sqlite3* db_;
|
||||
|
||||
int GetVersion() const;
|
||||
void SetVersion() const;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // SQLITE_HELPER_H
|
@ -1,337 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "sqlite_storage.h"
|
||||
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "SqliteStorage"};
|
||||
}
|
||||
|
||||
SqliteStorage& SqliteStorage::GetInstance()
|
||||
{
|
||||
static SqliteStorage instance;
|
||||
return instance;
|
||||
}
|
||||
|
||||
SqliteStorage::~SqliteStorage()
|
||||
{
|
||||
Close();
|
||||
}
|
||||
|
||||
void SqliteStorage::OnCreate()
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called.", __func__);
|
||||
CreatePermissionDefinitionTable();
|
||||
CreateSystemGrantedPermissionStateTable();
|
||||
CreateUserGrantedPermissionStateTable();
|
||||
}
|
||||
|
||||
void SqliteStorage::OnUpdate()
|
||||
{
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s called.", __func__);
|
||||
}
|
||||
|
||||
SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATABASE_VERSION)
|
||||
{
|
||||
SqliteTable permissionDefTable;
|
||||
permissionDefTable.tableName_ = PERMISSION_DEF_TABLE;
|
||||
permissionDefTable.tableColumnNames_ = {
|
||||
FIELD_PERMISSION_NAME,
|
||||
FIELD_BUNDLE_NAME,
|
||||
FIELD_GRANT_MODE,
|
||||
FIELD_AVAILABLE_SCOPE,
|
||||
FIELD_LABEL,
|
||||
FIELD_LABEL_ID,
|
||||
FIELD_DESCRIPTION,
|
||||
FIELD_DESCRIPTION_ID
|
||||
};
|
||||
|
||||
SqliteTable sysGrantPermStatTable;
|
||||
sysGrantPermStatTable.tableName_ = SYS_GRANTED_PERMISSION_STATE_TABLE;
|
||||
sysGrantPermStatTable.tableColumnNames_ = {
|
||||
FIELD_BUNDLE_NAME,
|
||||
FIELD_PERMISSION_NAME,
|
||||
FIELD_GRANTED,
|
||||
FIELD_FLAGS
|
||||
};
|
||||
|
||||
SqliteTable userGrantPermStatTable;
|
||||
userGrantPermStatTable.tableName_ = USER_GRANTED_PERMISSION_STATE_TABLE;
|
||||
userGrantPermStatTable.tableColumnNames_ = {
|
||||
FIELD_BUNDLE_NAME,
|
||||
FIELD_PERMISSION_NAME,
|
||||
FIELD_USER_ID,
|
||||
FIELD_GRANTED,
|
||||
FIELD_FLAGS
|
||||
};
|
||||
|
||||
dataTypeToSqlTable_ = {
|
||||
{PERMISSION_DEF, permissionDefTable},
|
||||
{PERMISSIONS_STAT_SYSTEM_GRANTED, sysGrantPermStatTable},
|
||||
{PERMISSIONS_STAT_USER_GRANTED, userGrantPermStatTable}
|
||||
};
|
||||
|
||||
Open();
|
||||
}
|
||||
|
||||
int SqliteStorage::Add(const DataType type, const std::vector<GenericValues>& values)
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
|
||||
std::string prepareSql = CreateInsertPrepareSqlCmd(type);
|
||||
auto statement = Prepare(prepareSql);
|
||||
BeginTransaction();
|
||||
bool isExecuteSuccessfully = true;
|
||||
for (auto value : values) {
|
||||
std::vector<std::string> columnNames = value.GetAllKeys();
|
||||
for (auto columnName : columnNames) {
|
||||
statement.Bind(columnName, value.Get(columnName));
|
||||
}
|
||||
int ret = statement.Step();
|
||||
if (ret != Statement::State::DONE) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, SpitError().c_str());
|
||||
isExecuteSuccessfully = false;
|
||||
}
|
||||
statement.Reset();
|
||||
}
|
||||
if (!isExecuteSuccessfully) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__);
|
||||
RollbackTransaction();
|
||||
return FAILURE;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__);
|
||||
CommitTransaction();
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
int SqliteStorage::Remove(const DataType type, const GenericValues& conditions)
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
|
||||
std::vector<std::string> columnNames = conditions.GetAllKeys();
|
||||
std::string prepareSql = CreateDeletePrepareSqlCmd(type, columnNames);
|
||||
auto statement = Prepare(prepareSql);
|
||||
for (auto columnName : columnNames) {
|
||||
statement.Bind(columnName, conditions.Get(columnName));
|
||||
}
|
||||
int ret = statement.Step();
|
||||
return (ret == Statement::State::DONE) ? SUCCESS : FAILURE;
|
||||
}
|
||||
|
||||
int SqliteStorage::Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions)
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
|
||||
std::vector<std::string> modifyColumns = modifyValues.GetAllKeys();
|
||||
std::vector<std::string> conditionColumns = conditions.GetAllKeys();
|
||||
std::string prepareSql = CreateUpdatePrepareSqlCmd(type, modifyColumns, conditionColumns);
|
||||
auto statement = Prepare(prepareSql);
|
||||
for (auto columnName : modifyColumns) {
|
||||
statement.Bind(columnName, modifyValues.Get(columnName));
|
||||
}
|
||||
for (auto columnName : conditionColumns) {
|
||||
statement.Bind(columnName, conditions.Get(columnName));
|
||||
}
|
||||
int ret = statement.Step();
|
||||
return (ret == Statement::State::DONE) ? SUCCESS : FAILURE;
|
||||
}
|
||||
|
||||
int SqliteStorage::Find(const DataType type, std::vector<GenericValues>& results)
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
|
||||
std::string prepareSql = CreateSelectPrepareSqlCmd(type);
|
||||
auto statement = Prepare(prepareSql);
|
||||
while (statement.Step() == Statement::State::ROW) {
|
||||
int columnCount = statement.GetColumnCount();
|
||||
GenericValues value;
|
||||
for (int i = 0; i < columnCount; i++) {
|
||||
value.Put(statement.GetColumnName(i), statement.GetValue(i));
|
||||
}
|
||||
results.emplace_back(value);
|
||||
}
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
int SqliteStorage::RefreshAll(const DataType type, const std::vector<GenericValues>& values)
|
||||
{
|
||||
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
|
||||
std::string deleteSql = CreateDeletePrepareSqlCmd(type);
|
||||
std::string insertSql = CreateInsertPrepareSqlCmd(type);
|
||||
auto deleteStatement = Prepare(deleteSql);
|
||||
auto insertStatement = Prepare(insertSql);
|
||||
BeginTransaction();
|
||||
bool canCommit = deleteStatement.Step() == Statement::State::DONE;
|
||||
for (auto value : values) {
|
||||
std::vector<std::string> columnNames = value.GetAllKeys();
|
||||
for (auto columnName : columnNames) {
|
||||
insertStatement.Bind(columnName, value.Get(columnName));
|
||||
}
|
||||
int ret = insertStatement.Step();
|
||||
if (ret != Statement::State::DONE) {
|
||||
PERMISSION_LOG_ERROR(
|
||||
LABEL, "%{public}s: insert failed, errorMsg: %{public}s", __func__, SpitError().c_str());
|
||||
canCommit = false;
|
||||
}
|
||||
insertStatement.Reset();
|
||||
}
|
||||
if (!canCommit) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__);
|
||||
RollbackTransaction();
|
||||
return FAILURE;
|
||||
}
|
||||
PERMISSION_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__);
|
||||
CommitTransaction();
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
std::string SqliteStorage::CreateInsertPrepareSqlCmd(const DataType type) const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(type);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return std::string();
|
||||
}
|
||||
std::string sql = "insert into " + it->second.tableName_ + " values(";
|
||||
int i = 1;
|
||||
for (const auto& columnName : it->second.tableColumnNames_) {
|
||||
sql.append(":" + columnName);
|
||||
if (i < (int) it->second.tableColumnNames_.size()) {
|
||||
sql.append(",");
|
||||
}
|
||||
i += 1;
|
||||
}
|
||||
sql.append(")");
|
||||
return sql;
|
||||
}
|
||||
|
||||
std::string SqliteStorage::CreateDeletePrepareSqlCmd(
|
||||
const DataType type, const std::vector<std::string>& columnNames) const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(type);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return std::string();
|
||||
}
|
||||
std::string sql = "delete from " + it->second.tableName_ + " where 1 = 1";
|
||||
for (auto columnName : columnNames) {
|
||||
sql.append(" and ");
|
||||
sql.append(columnName + "=:" + columnName);
|
||||
}
|
||||
return sql;
|
||||
}
|
||||
|
||||
std::string SqliteStorage::CreateUpdatePrepareSqlCmd(const DataType type, const std::vector<std::string>& modifyColumns,
|
||||
const std::vector<std::string>& conditionColumns) const
|
||||
{
|
||||
if (modifyColumns.empty()) {
|
||||
return std::string();
|
||||
}
|
||||
|
||||
auto it = dataTypeToSqlTable_.find(type);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return std::string();
|
||||
}
|
||||
|
||||
std::string sql = "update " + it->second.tableName_ + " set ";
|
||||
int i = 1;
|
||||
for (const auto& columnName : modifyColumns) {
|
||||
sql.append(columnName + "=:" + columnName);
|
||||
if (i < (int) modifyColumns.size()) {
|
||||
sql.append(",");
|
||||
}
|
||||
i += 1;
|
||||
}
|
||||
|
||||
if (!conditionColumns.empty()) {
|
||||
sql.append(" where 1 = 1");
|
||||
for (const auto& columnName : conditionColumns) {
|
||||
sql.append(" and ");
|
||||
sql.append(columnName + "=:" + columnName);
|
||||
}
|
||||
}
|
||||
return sql;
|
||||
}
|
||||
|
||||
std::string SqliteStorage::CreateSelectPrepareSqlCmd(const DataType type) const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(type);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return std::string();
|
||||
}
|
||||
std::string sql = "select * from " + it->second.tableName_;
|
||||
return sql;
|
||||
}
|
||||
|
||||
int SqliteStorage::CreatePermissionDefinitionTable() const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(DataType::PERMISSION_DEF);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return FAILURE;
|
||||
}
|
||||
std::string sql = "create table if not exists ";
|
||||
sql.append(it->second.tableName_ + " (")
|
||||
.append(FIELD_PERMISSION_NAME + " text not null,")
|
||||
.append(FIELD_BUNDLE_NAME + " text not null,")
|
||||
.append(FIELD_GRANT_MODE + " integer not null,")
|
||||
.append(FIELD_AVAILABLE_SCOPE + " integer not null,")
|
||||
.append(FIELD_LABEL + " text not null,")
|
||||
.append(FIELD_LABEL_ID + " integer not null,")
|
||||
.append(FIELD_DESCRIPTION + " text not null,")
|
||||
.append(FIELD_DESCRIPTION_ID + " integer not null,")
|
||||
.append("primary key(" + FIELD_PERMISSION_NAME)
|
||||
.append("))");
|
||||
return ExecuteSql(sql);
|
||||
}
|
||||
|
||||
int SqliteStorage::CreateSystemGrantedPermissionStateTable() const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(DataType::PERMISSIONS_STAT_SYSTEM_GRANTED);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return FAILURE;
|
||||
}
|
||||
std::string sql = "create table if not exists ";
|
||||
sql.append(it->second.tableName_ + " (")
|
||||
.append(FIELD_BUNDLE_NAME + " text not null,")
|
||||
.append(FIELD_PERMISSION_NAME + " text not null,")
|
||||
.append(FIELD_GRANTED + " integer not null,")
|
||||
.append(FIELD_FLAGS + " integer not null,")
|
||||
.append("primary key(" + FIELD_BUNDLE_NAME)
|
||||
.append("," + FIELD_PERMISSION_NAME)
|
||||
.append("))");
|
||||
return ExecuteSql(sql);
|
||||
}
|
||||
|
||||
int SqliteStorage::CreateUserGrantedPermissionStateTable() const
|
||||
{
|
||||
auto it = dataTypeToSqlTable_.find(DataType::PERMISSIONS_STAT_USER_GRANTED);
|
||||
if (it == dataTypeToSqlTable_.end()) {
|
||||
return FAILURE;
|
||||
}
|
||||
std::string sql = "create table if not exists ";
|
||||
sql.append(it->second.tableName_ + " (")
|
||||
.append(FIELD_BUNDLE_NAME + " text not null,")
|
||||
.append(FIELD_PERMISSION_NAME + " text not null,")
|
||||
.append(FIELD_USER_ID + " integer not null,")
|
||||
.append(FIELD_GRANTED + " integer not null,")
|
||||
.append(FIELD_FLAGS + " integer not null,")
|
||||
.append("primary key(" + FIELD_BUNDLE_NAME)
|
||||
.append("," + FIELD_PERMISSION_NAME)
|
||||
.append("," + FIELD_USER_ID)
|
||||
.append("))");
|
||||
return ExecuteSql(sql);
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,86 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef SQLITE_STORAGE_H
|
||||
#define SQLITE_STORAGE_H
|
||||
|
||||
#include "data_storage.h"
|
||||
#include "sqlite_helper.h"
|
||||
#include "field_const.h"
|
||||
|
||||
#include "nocopyable.h"
|
||||
#include "rwlock.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class SqliteStorage : public DataStorage, public SqliteHelper {
|
||||
public:
|
||||
enum ExecuteResult { FAILURE = -1, SUCCESS };
|
||||
|
||||
struct SqliteTable {
|
||||
public:
|
||||
std::string tableName_;
|
||||
std::vector<std::string> tableColumnNames_;
|
||||
};
|
||||
|
||||
static SqliteStorage& GetInstance();
|
||||
|
||||
~SqliteStorage() override;
|
||||
|
||||
int Add(const DataType type, const std::vector<GenericValues>& values) override;
|
||||
|
||||
int Remove(const DataType type, const GenericValues& conditions) override;
|
||||
|
||||
int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) override;
|
||||
|
||||
int Find(const DataType type, std::vector<GenericValues>& results) override;
|
||||
|
||||
int RefreshAll(const DataType type, const std::vector<GenericValues>& values) override;
|
||||
|
||||
void OnCreate() override;
|
||||
void OnUpdate() override;
|
||||
|
||||
private:
|
||||
SqliteStorage();
|
||||
DISALLOW_COPY_AND_MOVE(SqliteStorage);
|
||||
|
||||
std::map<DataType, SqliteTable> dataTypeToSqlTable_;
|
||||
OHOS::Utils::RWLock rwLock_;
|
||||
|
||||
int CreatePermissionDefinitionTable() const;
|
||||
int CreateSystemGrantedPermissionStateTable() const;
|
||||
int CreateUserGrantedPermissionStateTable() const;
|
||||
|
||||
std::string CreateInsertPrepareSqlCmd(const DataType type) const;
|
||||
std::string CreateDeletePrepareSqlCmd(
|
||||
const DataType type, const std::vector<std::string>& columnNames = std::vector<std::string>()) const;
|
||||
std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector<std::string>& modifyColumns,
|
||||
const std::vector<std::string>& conditionColumns) const;
|
||||
std::string CreateSelectPrepareSqlCmd(const DataType type) const;
|
||||
|
||||
private:
|
||||
inline static const std::string PERMISSION_DEF_TABLE = "permission_definition_table";
|
||||
inline static const std::string SYS_GRANTED_PERMISSION_STATE_TABLE = "system_granted_permission_state_table";
|
||||
inline static const std::string USER_GRANTED_PERMISSION_STATE_TABLE = "user_granted_permission_state_table";
|
||||
inline static const std::string DATABASE_NAME = "permission.db";
|
||||
inline static const std::string DATABASE_PATH = "/data/system/";
|
||||
static const int DATABASE_VERSION = 1;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
|
||||
#endif // SQLITE_STORAGE_H
|
@ -1,125 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "statement.h"
|
||||
|
||||
#include "permission_log.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
namespace {
|
||||
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "Statement"};
|
||||
}
|
||||
|
||||
Statement::Statement(sqlite3* db, const std::string& sql) : db_(db), sql_(sql)
|
||||
{
|
||||
if (sqlite3_prepare_v2(db, sql.c_str(), sql.size(), &statement_, nullptr) != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Cannot prepare, errorMsg: %{public}s", sqlite3_errmsg(db_));
|
||||
}
|
||||
}
|
||||
|
||||
Statement::~Statement()
|
||||
{
|
||||
sqlite3_finalize(statement_);
|
||||
statement_ = nullptr;
|
||||
}
|
||||
|
||||
void Statement::Bind(const int index, const std::string& text)
|
||||
{
|
||||
if (sqlite3_bind_text(statement_, index, text.c_str(), text.size(), SQLITE_TRANSIENT) != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Cannot bind string, errorMsg: %{public}s", sqlite3_errmsg(db_));
|
||||
}
|
||||
}
|
||||
|
||||
void Statement::Bind(const int index, int value)
|
||||
{
|
||||
if (sqlite3_bind_int(statement_, index, value) != SQLITE_OK) {
|
||||
PERMISSION_LOG_ERROR(LABEL, "Cannot bind int, errorMsg: %{public}s", sqlite3_errmsg(db_));
|
||||
}
|
||||
}
|
||||
|
||||
int Statement::GetColumnInt(const int column) const
|
||||
{
|
||||
return sqlite3_column_int(statement_, column);
|
||||
}
|
||||
|
||||
std::string Statement::GetColumnString(const int column) const
|
||||
{
|
||||
return std::string(reinterpret_cast<const char*>(sqlite3_column_text(statement_, column)));
|
||||
}
|
||||
|
||||
std::string Statement::GetColumnName(const int column) const
|
||||
{
|
||||
return sqlite3_column_name(statement_, column);
|
||||
}
|
||||
|
||||
Statement::State Statement::Step()
|
||||
{
|
||||
int ret = sqlite3_step(statement_);
|
||||
switch (ret) {
|
||||
case SQLITE_ROW:
|
||||
return Statement::State::ROW;
|
||||
case SQLITE_DONE:
|
||||
return Statement::State::DONE;
|
||||
case SQLITE_BUSY:
|
||||
return Statement::State::BUSY;
|
||||
case SQLITE_MISUSE:
|
||||
return Statement::State::MISUSE;
|
||||
default:
|
||||
return Statement::State::UNKNOWN;
|
||||
}
|
||||
}
|
||||
|
||||
int Statement::GetParameterIndex(const std::string& name) const
|
||||
{
|
||||
return sqlite3_bind_parameter_index(statement_, name.c_str());
|
||||
}
|
||||
|
||||
void Statement::Bind(const std::string& tableColumnName, const VariantValue& value)
|
||||
{
|
||||
int index = GetParameterIndex(":" + tableColumnName);
|
||||
if (value.GetType() == ValueType::TYPE_STRING) {
|
||||
Bind(index, value.GetString());
|
||||
} else if (value.GetType() == ValueType::TYPE_INT) {
|
||||
Bind(index, value.GetInt());
|
||||
}
|
||||
}
|
||||
|
||||
int Statement::Reset()
|
||||
{
|
||||
return sqlite3_reset(statement_);
|
||||
}
|
||||
|
||||
int Statement::GetColumnCount() const
|
||||
{
|
||||
return sqlite3_column_count(statement_);
|
||||
}
|
||||
|
||||
VariantValue Statement::GetValue(const int column) const
|
||||
{
|
||||
int type = sqlite3_column_type(statement_, column);
|
||||
switch (type) {
|
||||
case SQLITE_INTEGER:
|
||||
return VariantValue(GetColumnInt(column));
|
||||
case SQLITE_TEXT:
|
||||
return VariantValue(GetColumnString(column));
|
||||
default:
|
||||
return VariantValue();
|
||||
}
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,57 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef STATEMENT_H
|
||||
#define STATEMENT_H
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "variant_value.h"
|
||||
|
||||
#include "sqlite3sym.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class Statement final {
|
||||
public:
|
||||
enum State { BUSY, ROW, DONE, MISUSE, UNKNOWN };
|
||||
|
||||
Statement(sqlite3* db, const std::string& sql);
|
||||
virtual ~Statement();
|
||||
|
||||
void Bind(const int index, const std::string& text);
|
||||
void Bind(const int index, int value);
|
||||
void Bind(const std::string& tableColumnName, const VariantValue& value);
|
||||
|
||||
State Step();
|
||||
int Reset();
|
||||
|
||||
std::string GetColumnString(const int column) const;
|
||||
int GetColumnInt(const int column) const;
|
||||
std::string GetColumnName(const int column) const;
|
||||
int GetParameterIndex(const std::string& name) const;
|
||||
int GetColumnCount() const;
|
||||
VariantValue GetValue(const int column) const;
|
||||
|
||||
private:
|
||||
sqlite3* db_;
|
||||
sqlite3_stmt* statement_;
|
||||
const std::string sql_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // STATEMENT_H
|
@ -1,61 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "variant_value.h"
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
VariantValue::VariantValue() : type_(ValueType::TYPE_NULL)
|
||||
{}
|
||||
|
||||
VariantValue::~VariantValue()
|
||||
{}
|
||||
|
||||
VariantValue::VariantValue(int value) : type_(ValueType::TYPE_INT)
|
||||
{
|
||||
value_ = value;
|
||||
}
|
||||
|
||||
VariantValue::VariantValue(const std::string& value) : type_(ValueType::TYPE_STRING)
|
||||
{
|
||||
value_ = value;
|
||||
}
|
||||
|
||||
ValueType VariantValue::GetType() const
|
||||
{
|
||||
return type_;
|
||||
}
|
||||
|
||||
int VariantValue::GetInt() const
|
||||
{
|
||||
if (type_ != ValueType::TYPE_INT) {
|
||||
return DEFAULT_VALUE;
|
||||
}
|
||||
|
||||
return std::get<int>(value_);
|
||||
}
|
||||
|
||||
std::string VariantValue::GetString() const
|
||||
{
|
||||
if (type_ != ValueType::TYPE_STRING) {
|
||||
return std::string();
|
||||
}
|
||||
|
||||
return std::get<std::string>(value_);
|
||||
}
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
@ -1,52 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef VARIANT_VALUE_H
|
||||
#define VARIANT_VALUE_H
|
||||
|
||||
#include <string>
|
||||
#include <variant>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
enum class ValueType {
|
||||
TYPE_NULL,
|
||||
TYPE_INT,
|
||||
TYPE_STRING,
|
||||
};
|
||||
|
||||
class VariantValue final {
|
||||
public:
|
||||
VariantValue();
|
||||
virtual ~VariantValue();
|
||||
|
||||
explicit VariantValue(int value);
|
||||
explicit VariantValue(const std::string& value);
|
||||
|
||||
ValueType GetType() const;
|
||||
int GetInt() const;
|
||||
std::string GetString() const;
|
||||
|
||||
static const int DEFAULT_VALUE = -1;
|
||||
|
||||
private:
|
||||
ValueType type_;
|
||||
std::variant<int, std::string> value_;
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // VARIANT_VALUE_H
|
@ -1,24 +0,0 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Copyright (C) 2021-2022 Huawei Device Co., Ltd.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<info>
|
||||
<process>foundation</process>
|
||||
<systemability>
|
||||
<name>3501</name>
|
||||
<libpath>libpermission_manager_service_standard.z.so</libpath>
|
||||
<run-on-create>false</run-on-create>
|
||||
<distributed>false</distributed>
|
||||
<dump-level>1</dump-level>
|
||||
</systemability>
|
||||
</info>
|
@ -1,20 +0,0 @@
|
||||
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/ohos/sa_profile/sa_profile.gni")
|
||||
|
||||
ohos_sa_profile("permission_sa_profile_standard") {
|
||||
part_name = "permission_standard"
|
||||
|
||||
sources = [ "3501.xml" ]
|
||||
}
|
@ -1,48 +0,0 @@
|
||||
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import("//build/test.gni")
|
||||
|
||||
ohos_unittest("libpermission_manager_service_standard_test") {
|
||||
subsystem_name = "security"
|
||||
part_name = "permission_standard"
|
||||
module_out_path = part_name + "/" + part_name
|
||||
|
||||
include_dirs = [
|
||||
"//utils/native/base/include",
|
||||
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
|
||||
"//base/security/permission/services/permission_standard/permissionmanagerservice/main/cpp/src/",
|
||||
]
|
||||
|
||||
sources = [
|
||||
"unittest/cpp/src/permission_definition_manager_test.cpp",
|
||||
"unittest/cpp/src/permission_state_manager_test.cpp",
|
||||
]
|
||||
|
||||
cflags_cc = [ "-DHILOG_ENABLE" ]
|
||||
|
||||
deps = [
|
||||
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
|
||||
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
|
||||
"//base/security/permission/services/permission_standard/permissionmanagerservice:permission_manager_service_standard",
|
||||
"//third_party/googletest:gtest_main",
|
||||
"//utils/native/base:utils",
|
||||
]
|
||||
|
||||
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
|
||||
}
|
||||
|
||||
group("unittest") {
|
||||
testonly = true
|
||||
deps = [ ":libpermission_manager_service_standard_test" ]
|
||||
}
|
@ -1,45 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_definition_manager_test.h"
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "permission_definition_manager.h"
|
||||
#include "permission.h"
|
||||
#include "test_const.h"
|
||||
|
||||
using namespace testing::ext;
|
||||
using namespace OHOS::Security::Permission;
|
||||
|
||||
void PermissionDefinitionManagerTest::SetUpTestCase()
|
||||
{}
|
||||
|
||||
void PermissionDefinitionManagerTest::TearDownTestCase()
|
||||
{}
|
||||
|
||||
void PermissionDefinitionManagerTest::SetUp()
|
||||
{}
|
||||
|
||||
void PermissionDefinitionManagerTest::TearDown()
|
||||
{
|
||||
PermissionDefinitionManager::GetInstance().RemoveDefPermissions(TEST_BUNDLE_NAME);
|
||||
}
|
||||
|
||||
HWTEST_F(PermissionDefinitionManagerTest, AddDefPermissions001, TestSize.Level1)
|
||||
{}
|
||||
|
||||
HWTEST_F(PermissionDefinitionManagerTest, RemoveDefPermissions001, TestSize.Level1)
|
||||
{}
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_DEFINITION_MANAGER_TEST_H
|
||||
#define PERMISSION_DEFINITION_MANAGER_TEST_H
|
||||
|
||||
#include <gtest/gtest.h>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionDefinitionManagerTest : public testing::Test {
|
||||
public:
|
||||
static void SetUpTestCase();
|
||||
|
||||
static void TearDownTestCase();
|
||||
|
||||
void SetUp();
|
||||
|
||||
void TearDown();
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_DEFINITION_MANAGER_TEST_H
|
@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "permission_state_manager_test.h"
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "permission_state_manager.h"
|
||||
#include "test_const.h"
|
||||
|
||||
using namespace testing::ext;
|
||||
using namespace OHOS::Security::Permission;
|
||||
|
||||
void PermissionStateManagerTest::SetUpTestCase()
|
||||
{}
|
||||
|
||||
void PermissionStateManagerTest::TearDownTestCase()
|
||||
{}
|
||||
|
||||
void PermissionStateManagerTest::SetUp()
|
||||
{}
|
||||
|
||||
void PermissionStateManagerTest::TearDown()
|
||||
{}
|
||||
|
||||
HWTEST_F(PermissionStateManagerTest, AddUserGrantedReqPermissions001, TestSize.Level1)
|
||||
{}
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef PERMISSION_STATE_MANAGER_TEST_H
|
||||
#define PERMISSION_STATE_MANAGER_TEST_H
|
||||
|
||||
#include <gtest/gtest.h>
|
||||
|
||||
namespace OHOS {
|
||||
namespace Security {
|
||||
namespace Permission {
|
||||
class PermissionStateManagerTest : public testing::Test {
|
||||
public:
|
||||
static void SetUpTestCase();
|
||||
|
||||
static void TearDownTestCase();
|
||||
|
||||
void SetUp();
|
||||
|
||||
void TearDown();
|
||||
};
|
||||
} // namespace Permission
|
||||
} // namespace Security
|
||||
} // namespace OHOS
|
||||
#endif // PERMISSION_STATE_MANAGER_TEST_H
|
Loading…
Reference in New Issue
Block a user