openharmony/security_permission
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_permission synced 2024-10-07 10:13:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

删除权限代码的功能实现,由于其他子系统还有引用,inner接口暂时保留

Browse Source 
Signed-off-by: xbingle <xiaobin3@huawei.com>
This commit is contained in:
xbingle 2022-03-25 16:54:13 +08:00
parent 2c776643dd
commit b999493082
55 changed files with 0 additions and 5052 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
BUILD.gn
View File

@ -16,19 +16,6 @@ group("permission_build_module_standard") {
if (is_standard_system) { if (is_standard_system) {
deps = [ deps = [
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk:libpermissionsdk_standard", "//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk:libpermissionsdk_standard",
"//base/security/permission/services/permission_standard/permissionmanagerservice:permission_manager_service_standard",
"//base/security/permission/services/permission_standard/permissionmanagerservice/main/sa_profile:permission_sa_profile_standard",
]
}
}
group("permission_build_module_standard_test") {
testonly = true
deps = []
if (is_standard_system) {
deps += [
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/test:unittest",
"//base/security/permission/services/permission_standard/permissionmanagerservice/test:unittest",
] ]
} }
} }

43
frameworks/permission_standard/permissioncommunicationadapter/BUILD.gn
View File

@ -1,43 +0,0 @@
# Copyright (c) 2021 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/ohos.gni")
################################################################
# C++, Main source file here.
################################################################
config("permission_standard_communication_adapter_cxx_public_config") {
visibility = [ ":*" ]
include_dirs = [ "main/cpp/include" ]
}
ohos_shared_library("permission_standard_communication_adapter_cxx") {
subsystem_name = "security"
part_name = "permission_standard"
public_configs =
[ ":permission_standard_communication_adapter_cxx_public_config" ]
include_dirs = [
"main/cpp/include",
"main/cpp/src",
"//utils/native/base/include",
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
]
sources = [ "main/cpp/src/permission_def_parcel.cpp" ]
deps = [ "//utils/native/base:utils" ]
external_deps = [ "ipc:ipc_core" ]
}

85
frameworks/permission_standard/permissioncommunicationadapter/main/cpp/include/i_permission_manager.h
View File

@ -1,85 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef I_PERMISSION_MANAGER_H
#define I_PERMISSION_MANAGER_H
#include <string>
#include "permission_def_parcel.h"
#include "iremote_broker.h"
#include "errors.h"
namespace OHOS {
namespace Security {
namespace Permission {
class IPermissionManager : public IRemoteBroker {
public:
static const int SA_ID_PERMISSION_MANAGER_SERVICE = 3501;
DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.permission.IPermissionManager");
virtual int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0;
virtual bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0;
virtual int GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) = 0;
virtual int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) = 0;
virtual int RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) = 0;
virtual int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) = 0;
virtual int AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId) = 0;
virtual int AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList) = 0;
virtual int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) = 0;
virtual int RemoveSystemGrantedReqPermissions(const std::string& bundleName) = 0;
virtual int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) = 0;
virtual int RemoveDefPermissions(const std::string& bundleName) = 0;
virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0;
enum class InterfaceCode {
VERIFY_PERMISSION = 0xff01,
CAN_REQUEST_PERMISSION = 0xff02,
GRANT_USER_GRANTED_PERMISSION = 0xff03,
GRANT_SYSTEM_GRANTED_PERMISSION = 0xff04,
REVOKE_USER_GRANTED_PERMISSION = 0xff05,
REVOKE_SYSTEM_GRANTED_PERMISSION = 0xff06,
ADD_USER_GRANTED_REQ_PERMISSIONS = 0xff07,
ADD_SYSTEM_GRANTED_REQ_PERMISSIONS = 0xff08,
REMOVE_USER_GRANTED_REQ_PERMISSIONS = 0xff09,
REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS = 0xff10,
ADD_DEF_PERMISSIONS = 0xff11,
REMOVE_DEF_PERMISSIONS = 0xff12,
GET_DEF_PERMISSION = 0xff13,
};
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // I_PERMISSION_MANAGER_H

40
frameworks/permission_standard/permissioncommunicationadapter/main/cpp/include/permission_def_parcel.h
View File

@ -1,40 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_DEF_PARCEL_H
#define PERMISSION_DEF_PARCEL_H
#include "permission_def.h"
#include "parcel.h"
namespace OHOS {
namespace Security {
namespace Permission {
struct PermissionDefParcel final : public Parcelable {
PermissionDefParcel() = default;
~PermissionDefParcel() override = default;
bool Marshalling(Parcel& out) const override;
static PermissionDefParcel* Unmarshalling(Parcel& in);
PermissionDef permissionDef;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_DEF_PARCEL_H

62
frameworks/permission_standard/permissioncommunicationadapter/main/cpp/src/permission_def_parcel.cpp
View File

@ -1,62 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_def_parcel.h"
namespace OHOS {
namespace Security {
namespace Permission {
#define RETURN_IF_FALSE(expr) \
if (!(expr)) { \
return false; \
}
#define RELEASE_IF_FALSE(expr, obj) \
if (!(expr)) { \
delete (obj); \
(obj) = nullptr; \
return (obj); \
}
bool PermissionDefParcel::Marshalling(Parcel& out) const
{
RETURN_IF_FALSE(out.WriteString(this->permissionDef.permissionName));
RETURN_IF_FALSE(out.WriteString(this->permissionDef.bundleName));
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.grantMode));
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableScope));
RETURN_IF_FALSE(out.WriteString(this->permissionDef.label));
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.labelId));
RETURN_IF_FALSE(out.WriteString(this->permissionDef.description));
RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId));
return true;
}
PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in)
{
auto* permissionDefParcel = new (std::nothrow) PermissionDefParcel();
RELEASE_IF_FALSE(permissionDefParcel != nullptr, permissionDefParcel);
permissionDefParcel->permissionDef.permissionName = in.ReadString();
permissionDefParcel->permissionDef.bundleName = in.ReadString();
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.grantMode), permissionDefParcel);
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.availableScope), permissionDefParcel);
permissionDefParcel->permissionDef.label = in.ReadString();
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.labelId), permissionDefParcel);
permissionDefParcel->permissionDef.description = in.ReadString();
RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.descriptionId), permissionDefParcel);
return permissionDefParcel;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

38
frameworks/permission_standard/permissioninfrastructure/BUILD.gn
View File

@ -1,38 +0,0 @@
# Copyright (c) 2021 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/ohos.gni")
################################################################
# C++, Main source file here.
################################################################
config("permission_standard_infrastructure_cxx_public_config") {
visibility = [ ":*" ]
include_dirs = [ "main/cpp/include" ]
}
ohos_shared_library("permission_standard_infrastructure_cxx") {
subsystem_name = "security"
part_name = "permission_standard"
public_configs = [ ":permission_standard_infrastructure_cxx_public_config" ]
include_dirs = []
sources = [ "main/cpp/src/data_validator.cpp" ]
deps = [ "//utils/native/base:utils" ]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
cflags_cc = [ "-DHILOG_ENABLE" ]
}

37
frameworks/permission_standard/permissioninfrastructure/main/cpp/include/data_validator.h
View File

@ -1,37 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string>
#ifndef DATA_VALIDATOR_H
#define DATA_VALIDATOR_H
namespace OHOS {
namespace Security {
namespace Permission {
class DataValidator final {
public:
static bool IsBundleNameValid(const std::string& bundleName);
static bool IsPermissionNameValid(const std::string& permissionName);
static bool IsUserIdValid(const int userId);
private:
const static int MAX_LENGTH = 256;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // DATA_VALIDATOR_H

63
frameworks/permission_standard/permissioninfrastructure/main/cpp/include/permission_log.h
View File

@ -1,63 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_LOG_H
#define PERMISSION_LOG_H
#ifdef HILOG_ENABLE
#include "hilog/log.h"
#ifndef __cplusplus
#define PERMISSION_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__)
#else
#define PERMISSION_LOG_DEBUG(label, fmt, ...) OHOS::HiviewDFX::HiLog::Debug(label, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_INFO(label, fmt, ...) OHOS::HiviewDFX::HiLog::Info(label, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_WARN(label, fmt, ...) OHOS::HiviewDFX::HiLog::Warn(label, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_ERROR(label, fmt, ...) OHOS::HiviewDFX::HiLog::Error(label, fmt, ##__VA_ARGS__)
#define PERMISSION_LOG_FATAL(label, fmt, ...) OHOS::HiviewDFX::HiLog::Fatal(label, fmt, ##__VA_ARGS__)
#endif // __cplusplus
/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */
#undef LOG_TAG
#undef LOG_DOMAIN
static constexpr unsigned int SECURITY_DOMAIN_PERMISSION = 0xD002F01;
#else
#include <stdarg.h>
#include <stdio.h>
/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */
#undef LOG_TAG
#define PERMISSION_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
#define PERMISSION_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
#define PERMISSION_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
#define PERMISSION_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
#define PERMISSION_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__)
#endif // HILOG_ENABLE
#endif // PERMISSION_LOG_H

39
frameworks/permission_standard/permissioninfrastructure/main/cpp/include/test_const.h
View File

@ -1,39 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef TEST_CONST_H
#define TEST_CONST_H
#include <string>
namespace OHOS {
namespace Security {
namespace Permission {
static const std::string TEST_BUNDLE_NAME = "ohos";
static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA";
static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA";
static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA";
static const std::string TEST_LABEL = "test label";
static const std::string TEST_DESCRIPTION = "test description";
static const int TEST_LABEL_ID = 9527;
static const int TEST_DESCRIPTION_ID = 9528;
static const int TEST_INVALID_USER_ID = -1;
static const int TEST_USER_ID = 0;
static const int TEST_SUB_USER_ID = 10;
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // TEST_CONST_H

37
frameworks/permission_standard/permissioninfrastructure/main/cpp/src/data_validator.cpp
View File

@ -1,37 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "data_validator.h"
namespace OHOS {
namespace Security {
namespace Permission {
bool DataValidator::IsBundleNameValid(const std::string& bundleName)
{
return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH);
}
bool DataValidator::IsPermissionNameValid(const std::string& permissionName)
{
return !permissionName.empty() && (permissionName.length() <= MAX_LENGTH);
}
bool DataValidator::IsUserIdValid(const int userId)
{
return userId >= 0;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

8
interfaces/innerkits/permission_standard/permissionsdk/BUILD.gn
View File

@ -38,20 +38,12 @@ ohos_shared_library("libpermissionsdk_standard") {
sources = [ sources = [
"main/cpp/src/permission/permission_kit.cpp", "main/cpp/src/permission/permission_kit.cpp",
"main/cpp/src/permission/permission_manager_client.cpp",
"main/cpp/src/permission/permission_manager_proxy.cpp",
] ]
deps = [ deps = [
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
"//utils/native/base:utils",
] ]
external_deps = [ external_deps = [
"hiviewdfx_hilog_native:libhilog",
"ipc:ipc_core",
"samgr_standard:samgr_proxy",
] ]
cflags_cc = [ "-DHILOG_ENABLE" ] cflags_cc = [ "-DHILOG_ENABLE" ]

227
interfaces/innerkits/permission_standard/permissionsdk/main/cpp/src/permission/permission_manager_client.cpp
View File

@ -1,227 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_manager_client.h"
#include "permission.h"
#include "permission_log.h"
#include "iservice_registry.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerClient"};
} // namespace
PermissionManagerClient& PermissionManagerClient::GetInstance()
{
static PermissionManagerClient instance;
return instance;
}
PermissionManagerClient::PermissionManagerClient()
{}
PermissionManagerClient::~PermissionManagerClient()
{}
int PermissionManagerClient::VerifyPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return PERMISSION_NOT_GRANTED;
}
return proxy->VerifyPermission(bundleName, permissionName, userId);
}
bool PermissionManagerClient::CanRequestPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return false;
}
return proxy->CanRequestPermission(bundleName, permissionName, userId);
}
int PermissionManagerClient::GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->GrantUserGrantedPermission(bundleName, permissionName, userId);
}
int PermissionManagerClient::GrantSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->GrantSystemGrantedPermission(bundleName, permissionName);
}
int PermissionManagerClient::RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->RevokeUserGrantedPermission(bundleName, permissionName, userId);
}
int PermissionManagerClient::RevokeSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->RevokeSystemGrantedPermission(bundleName, permissionName);
}
int PermissionManagerClient::AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->AddUserGrantedReqPermissions(bundleName, permList, userId);
}
int PermissionManagerClient::AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->AddSystemGrantedReqPermissions(bundleName, permList);
}
int PermissionManagerClient::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->RemoveUserGrantedReqPermissions(bundleName, userId);
}
int PermissionManagerClient::RemoveSystemGrantedReqPermissions(const std::string& bundleName) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->RemoveSystemGrantedReqPermissions(bundleName);
}
int PermissionManagerClient::AddDefPermissions(const std::vector<PermissionDef>& permDefList) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
std::vector<PermissionDefParcel> parcelList;
for (auto permDef : permDefList) {
PermissionDefParcel parcel;
parcel.permissionDef = permDef;
parcelList.emplace_back(parcel);
}
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) parcelList.size());
return proxy->AddDefPermissions(parcelList);
}
int PermissionManagerClient::RemoveDefPermissions(const std::string& bundleName) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
return proxy->RemoveDefPermissions(bundleName);
}
int PermissionManagerClient::GetDefPermission(
const std::string& permissionName, PermissionDef& permissionDefResult) const
{
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: called!", __func__);
auto proxy = GetProxy();
if (proxy == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__);
return RET_FAILED;
}
PermissionDefParcel permissionDefParcel;
int result = proxy->GetDefPermission(permissionName, permissionDefParcel);
permissionDefResult = permissionDefParcel.permissionDef;
return result;
}
sptr<IPermissionManager> PermissionManagerClient::GetProxy() const
{
auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
if (sam == nullptr) {
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__);
return nullptr;
}
auto permissionSa = sam->GetSystemAbility(IPermissionManager::SA_ID_PERMISSION_MANAGER_SERVICE);
if (permissionSa == nullptr) {
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__,
IPermissionManager::SA_ID_PERMISSION_MANAGER_SERVICE);
return nullptr;
}
auto proxy = iface_cast<IPermissionManager>(permissionSa);
if (proxy == nullptr) {
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__);
return nullptr;
}
return proxy;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

72
interfaces/innerkits/permission_standard/permissionsdk/main/cpp/src/permission/permission_manager_client.h
View File

@ -1,72 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_MANAGER_CLIENT_H
#define PERMISSION_MANAGER_CLIENT_H
#include <string>
#include "i_permission_manager.h"
#include "permission/permission_def.h"
#include "nocopyable.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionManagerClient final {
public:
static PermissionManagerClient& GetInstance();
virtual ~PermissionManagerClient();
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
int GrantUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) const;
int RevokeUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) const;
int AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId) const;
int AddSystemGrantedReqPermissions(const std::string& bundleName, const std::vector<std::string>& permList) const;
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) const;
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) const;
int AddDefPermissions(const std::vector<PermissionDef>& permDefList) const;
int RemoveDefPermissions(const std::string& bundleName) const;
int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) const;
private:
PermissionManagerClient();
DISALLOW_COPY_AND_MOVE(PermissionManagerClient);
sptr<IPermissionManager> GetProxy() const;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_MANAGER_CLIENT_H

482
interfaces/innerkits/permission_standard/permissionsdk/main/cpp/src/permission/permission_manager_proxy.cpp
View File

@ -1,482 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_manager_proxy.h"
#include "permission/permission.h"
#include "permission_log.h"
#include "parcel.h"
#include "string_ex.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerProxy"};
}
PermissionManagerProxy::PermissionManagerProxy(const sptr<IRemoteObject>& impl) : IRemoteProxy<IPermissionManager>(impl)
{}
PermissionManagerProxy::~PermissionManagerProxy()
{}
int PermissionManagerProxy::VerifyPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return PERMISSION_NOT_GRANTED;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return PERMISSION_NOT_GRANTED;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return PERMISSION_NOT_GRANTED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return PERMISSION_NOT_GRANTED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::VERIFY_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return PERMISSION_NOT_GRANTED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
bool PermissionManagerProxy::CanRequestPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return false;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return false;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return false;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return false;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::CAN_REQUEST_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return false;
}
bool result = reply.ReadBool();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return RET_FAILED;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_USER_GRANTED_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::GrantSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_SYSTEM_GRANTED_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return RET_FAILED;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_USER_GRANTED_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::RevokeSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult =
remote->SendRequest(static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_SYSTEM_GRANTED_PERMISSION),
data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteStringVector(permList)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permList", __func__);
return RET_FAILED;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult =
remote->SendRequest(static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_USER_GRANTED_REQ_PERMISSIONS),
data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteStringVector(permList)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permList", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_SYSTEM_GRANTED_REQ_PERMISSIONS), data, reply,
option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
if (!data.WriteInt32(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_USER_GRANTED_REQ_PERMISSIONS), data, reply,
option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS), data, reply,
option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteInt32(permDefList.size())) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permDefList's size", __func__);
return RET_FAILED;
}
for (auto permissionDef : permDefList) {
if (!data.WriteParcelable(&permissionDef)) {
return RET_FAILED;
}
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_DEF_PERMISSIONS), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::RemoveDefPermissions(const std::string& bundleName)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_DEF_PERMISSIONS), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
int PermissionManagerProxy::GetDefPermission(
const std::string& permissionName, PermissionDefParcel& permissionDefResult)
{
MessageParcel data;
data.WriteInterfaceToken(IPermissionManager::GetDescriptor());
if (!data.WriteString(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__);
return RET_FAILED;
}
MessageParcel reply;
MessageOption option;
sptr<IRemoteObject> remote = Remote();
if (remote == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__);
return RET_FAILED;
}
int32_t requestResult = remote->SendRequest(
static_cast<uint32_t>(IPermissionManager::InterfaceCode::GET_DEF_PERMISSION), data, reply, option);
if (requestResult != NO_ERROR) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult);
return RET_FAILED;
}
sptr<PermissionDefParcel> resultSptr = reply.ReadParcelable<PermissionDefParcel>();
if (resultSptr == nullptr) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__);
return RET_FAILED;
}
permissionDefResult = *resultSptr;
int32_t result = reply.ReadInt32();
PERMISSION_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result);
return result;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

67
interfaces/innerkits/permission_standard/permissionsdk/main/cpp/src/permission/permission_manager_proxy.h
View File

@ -1,67 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_MANAGER_PROXY_H
#define PERMISSION_MANAGER_PROXY_H
#include "i_permission_manager.h"
#include "iremote_proxy.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionManagerProxy : public IRemoteProxy<IPermissionManager> {
public:
explicit PermissionManagerProxy(const sptr<IRemoteObject>& impl);
virtual ~PermissionManagerProxy() override;
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
int GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) override;
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
int RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) override;
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
int AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId) override;
int AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList) override;
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) override;
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) override;
int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) override;
int RemoveDefPermissions(const std::string& bundleName) override;
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
private:
static inline BrokerDelegator<PermissionManagerProxy> delegator_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_MANAGER_PROXY_H

40
interfaces/innerkits/permission_standard/permissionsdk/test/BUILD.gn
View File

@ -1,40 +0,0 @@
# Copyright (C) 2021 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/test.gni")
ohos_unittest("libpermissionsdk_standard_test") {
subsystem_name = "security"
part_name = "permission_standard"
module_out_path = part_name + "/" + part_name
include_dirs = [
"//utils/native/base/include",
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission/",
]
sources = [ "unittest/cpp/src/permission_kit_test.cpp" ]
cflags_cc = [ "-DHILOG_ENABLE" ]
deps = [
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk:libpermissionsdk_standard",
"//utils/native/base:utils",
]
}
group("unittest") {
testonly = true
deps = [ ":libpermissionsdk_standard_test" ]
}

133
interfaces/innerkits/permission_standard/permissionsdk/test/unittest/cpp/src/permission_kit_test.cpp
View File

@ -1,133 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_kit_test.h"
#include "test_const.h"
#include "permission_kit.h"
using namespace testing::ext;
using namespace OHOS::Security::Permission;
void PermissionKitTest::SetUpTestCase()
{}
void PermissionKitTest::TearDownTestCase()
{}
void PermissionKitTest::SetUp()
{}
void PermissionKitTest::TearDown()
{}
/**
* @tc.name: AddDefPermissions001
* @tc.desc: Get permission definition info successfully after AddDefPermissions function has been invoked
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, AddDefPermissions001, TestSize.Level0)
{}
/**
* @tc.name: RemoveDefPermissions001
* @tc.desc: Cannot get permission definition info after RemoveDefPermissions has been invoked
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, RemoveDefPermissions001, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermission001
* @tc.desc: Verify user granted permission
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermission001, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermission002
* @tc.desc: Verify system granted permission
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermission002, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermission003
* @tc.desc: Verify permission that has not been defined.
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermission003, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermissionErrorUserGrant001
* @tc.desc: Verify permission error that user granted but request system granted.
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermissionErrorUserGrant001, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermissionErrorUserGrant002
* @tc.desc: Verify permission error that user granted but grant system granted.
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermissionErrorUserGrant002, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermissionErrorSystemGrant001
* @tc.desc: Verify permission error that system granted but request user granted.
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermissionErrorSystemGrant001, TestSize.Level0)
{}
/**
* @tc.name: VerifyPermissionErrorSystemGrant002
* @tc.desc: Verify permission error that system granted but grant user granted.
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, VerifyPermissionErrorSystemGrant002, TestSize.Level0)
{}
/**
* @tc.name: CanRequestPermission001
* @tc.desc: For user granted permission and permission is granted, can request permission
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, CanRequestPermission001, TestSize.Level0)
{}
/**
* @tc.name: CanRequestPermission001
* @tc.desc: For non user granted permission, can not request permission
* @tc.type: FUNC
* @tc.require:
*/
HWTEST_F(PermissionKitTest, CanRequestPermission002, TestSize.Level0)
{}

37
interfaces/innerkits/permission_standard/permissionsdk/test/unittest/cpp/src/permission_kit_test.h
View File

@ -1,37 +0,0 @@
/*
* Copyright (c) 2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_KIT_TEST_H
#define PERMISSION_KIT_TEST_H
#include <gtest/gtest.h>
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionKitTest : public testing::Test {
public:
static void SetUpTestCase();
static void TearDownTestCase();
void SetUp();
void TearDown();
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_KIT_TEST_H

3
ohos.build
View File

@ -22,9 +22,6 @@
"module_list": [ "module_list": [
"//base/security/permission:permission_build_module_standard" "//base/security/permission:permission_build_module_standard"
], ],
"test_list": [
"//base/security/permission:permission_build_module_standard_test"
]
} }
} }
} }

58
services/permission_standard/permissionmanagerservice/BUILD.gn
View File

@ -1,58 +0,0 @@
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/ohos.gni")
ohos_shared_library("permission_manager_service_standard") {
subsystem_name = "security"
part_name = "permission_standard"
include_dirs = [
"include",
"//utils/system/safwk/native/include",
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure",
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
]
sources = [
"main/cpp/src/data_storage.cpp",
"main/cpp/src/data_translator.cpp",
"main/cpp/src/generic_values.cpp",
"main/cpp/src/permission_definition_cache.cpp",
"main/cpp/src/permission_definition_manager.cpp",
"main/cpp/src/permission_manager_service.cpp",
"main/cpp/src/permission_manager_stub.cpp",
"main/cpp/src/permission_state_cache.cpp",
"main/cpp/src/permission_state_manager.cpp",
"main/cpp/src/sqlite_helper.cpp",
"main/cpp/src/sqlite_storage.cpp",
"main/cpp/src/statement.cpp",
"main/cpp/src/variant_value.cpp",
]
cflags_cc = [ "-DHILOG_ENABLE" ]
deps = [
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
"//third_party/sqlite:sqlite",
"//utils/native/base:utils",
]
external_deps = [
"hiviewdfx_hilog_native:libhilog",
"ipc:ipc_core",
"safwk:system_ability_fwk",
"samgr_standard:samgr_proxy",
]
}

29
services/permission_standard/permissionmanagerservice/main/cpp/src/data_storage.cpp
View File

@ -1,29 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "data_storage.h"
#include "sqlite_storage.h"
namespace OHOS {
namespace Security {
namespace Permission {
DataStorage& DataStorage::GetRealDataStorage()
{
return SqliteStorage::GetInstance();
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

49
services/permission_standard/permissionmanagerservice/main/cpp/src/data_storage.h
View File

@ -1,49 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef DATA_STORAGE_H
#define DATA_STORAGE_H
#include <vector>
#include <map>
#include "generic_values.h"
namespace OHOS {
namespace Security {
namespace Permission {
class DataStorage {
public:
enum DataType { PERMISSION_DEF, PERMISSIONS_STAT_USER_GRANTED, PERMISSIONS_STAT_SYSTEM_GRANTED };
static DataStorage& GetRealDataStorage();
virtual ~DataStorage() = default;
virtual int Add(const DataType type, const std::vector<GenericValues>& values) = 0;
virtual int Remove(const DataType type, const GenericValues& conditions) = 0;
virtual int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) = 0;
virtual int Find(const DataType type, std::vector<GenericValues>& results) = 0;
virtual int RefreshAll(const DataType type, const std::vector<GenericValues>& values) = 0;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // DATA_STORAGE_H

82
services/permission_standard/permissionmanagerservice/main/cpp/src/data_translator.cpp
View File

@ -1,82 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "data_translator.h"
#include "permission.h"
#include "field_const.h"
namespace OHOS {
namespace Security {
namespace Permission {
int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef)
{
outPermissionDef.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME);
outPermissionDef.bundleName = inGenericValues.GetString(FIELD_BUNDLE_NAME);
outPermissionDef.grantMode = inGenericValues.GetInt(FIELD_GRANT_MODE);
outPermissionDef.availableScope = inGenericValues.GetInt(FIELD_AVAILABLE_SCOPE);
outPermissionDef.label = inGenericValues.GetString(FIELD_LABEL);
outPermissionDef.labelId = inGenericValues.GetInt(FIELD_LABEL_ID);
outPermissionDef.description = inGenericValues.GetString(FIELD_DESCRIPTION);
outPermissionDef.descriptionId = inGenericValues.GetInt(FIELD_DESCRIPTION_ID);
return RET_SUCCESS;
}
int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues)
{
outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionDef.permissionName);
outGenericValues.Put(FIELD_BUNDLE_NAME, inPermissionDef.bundleName);
outGenericValues.Put(FIELD_GRANT_MODE, inPermissionDef.grantMode);
outGenericValues.Put(FIELD_AVAILABLE_SCOPE, inPermissionDef.availableScope);
outGenericValues.Put(FIELD_LABEL, inPermissionDef.label);
outGenericValues.Put(FIELD_LABEL_ID, inPermissionDef.labelId);
outGenericValues.Put(FIELD_DESCRIPTION, inPermissionDef.description);
outGenericValues.Put(FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId);
return RET_SUCCESS;
}
int DataTranslator::TranslationIntoPermissionReq(const GenericValues& inGenericValues, PermissionReq& outPermissionReq)
{
outPermissionReq.reqPermissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME);
outPermissionReq.isGranted = inGenericValues.GetInt(FIELD_GRANTED) != 0;
outPermissionReq.flags = inGenericValues.GetInt(FIELD_FLAGS);
return RET_SUCCESS;
}
int DataTranslator::TranslationIntoGenericValues(const PermissionReq& inPermissionReq, GenericValues& outGenericValues)
{
outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionReq.reqPermissionName);
outGenericValues.Put(FIELD_GRANTED, inPermissionReq.isGranted ? 1 : 0);
outGenericValues.Put(FIELD_FLAGS, inPermissionReq.flags);
return RET_SUCCESS;
}
std::string DataTranslator::ToString(const PermissionDef& inPermissionDef)
{
std::string infos;
infos.append(R"({"permissionName": ")" + inPermissionDef.permissionName + R"(")");
infos.append(R"(, "bundleName": ")" + inPermissionDef.bundleName + R"(")");
infos.append(R"(, "grantMode": )" + std::to_string(inPermissionDef.grantMode));
infos.append(R"(, "availableScope": )" + std::to_string(inPermissionDef.availableScope));
infos.append(R"(, "label": ")" + inPermissionDef.label + R"(")");
infos.append(R"(, "labelId": )" + std::to_string(inPermissionDef.labelId));
infos.append(R"(, "description": ")" + inPermissionDef.description + R"(")");
infos.append(R"(, "descriptionId": )" + std::to_string(inPermissionDef.descriptionId));
infos.append("}");
return infos;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

39
services/permission_standard/permissionmanagerservice/main/cpp/src/data_translator.h
View File

@ -1,39 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef DATA_TRANSLATOR_H
#define DATA_TRANSLATOR_H
#include <string>
#include "permission_def.h"
#include "permission_req.h"
#include "generic_values.h"
namespace OHOS {
namespace Security {
namespace Permission {
class DataTranslator final {
public:
static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef);
static int TranslationIntoPermissionReq(const GenericValues& inGenericValues, PermissionReq& outPermissionReq);
static int TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues);
static int TranslationIntoGenericValues(const PermissionReq& inPermissionReq, GenericValues& outGenericValues);
static std::string ToString(const PermissionDef& inPermissionDef);
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // DATA_TRANSLATOR_H

38
services/permission_standard/permissionmanagerservice/main/cpp/src/field_const.h
View File

@ -1,38 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef FIELD_CONST_H
#define FIELD_CONST_H
#include <string>
namespace OHOS {
namespace Security {
namespace Permission {
const std::string FIELD_PERMISSION_NAME = "permission_name";
const std::string FIELD_BUNDLE_NAME = "bundle_name";
const std::string FIELD_GRANT_MODE = "grant_mode";
const std::string FIELD_AVAILABLE_SCOPE = "available_scope";
const std::string FIELD_LABEL = "label";
const std::string FIELD_LABEL_ID = "label_id";
const std::string FIELD_DESCRIPTION = "description";
const std::string FIELD_DESCRIPTION_ID = "description_id";
const std::string FIELD_USER_ID = "user_id";
const std::string FIELD_GRANTED = "granted";
const std::string FIELD_FLAGS = "flags";
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // FIELD_CONST_H

73
services/permission_standard/permissionmanagerservice/main/cpp/src/generic_values.cpp
View File

@ -1,73 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "generic_values.h"
namespace OHOS {
namespace Security {
namespace Permission {
void GenericValues::Put(const std::string& key, int value)
{
map_.insert(std::make_pair(key, VariantValue(value)));
}
void GenericValues::Put(const std::string& key, const std::string& value)
{
map_.insert(std::make_pair(key, VariantValue(value)));
}
void GenericValues::Put(const std::string& key, const VariantValue& value)
{
map_.insert(std::make_pair(key, value));
}
VariantValue GenericValues::Get(const std::string& key) const
{
auto iter = map_.find(key);
if (iter == map_.end()) {
return VariantValue();
}
return iter->second;
}
int GenericValues::GetInt(const std::string& key) const
{
auto it = map_.find(key);
if (it == map_.end()) {
return VariantValue::DEFAULT_VALUE;
}
return it->second.GetInt();
}
std::string GenericValues::GetString(const std::string& key) const
{
auto it = map_.find(key);
if (it == map_.end()) {
return std::string();
}
return it->second.GetString();
}
std::vector<std::string> GenericValues::GetAllKeys() const
{
std::vector<std::string> keys;
for (auto it = map_.begin(); it != map_.end(); ++it) {
keys.emplace_back(it->first);
}
return keys;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

53
services/permission_standard/permissionmanagerservice/main/cpp/src/generic_values.h
View File

@ -1,53 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef GENERIC_VALUES_H
#define GENERIC_VALUES_H
#include <map>
#include <vector>
#include <string>
#include "variant_value.h"
namespace OHOS {
namespace Security {
namespace Permission {
class GenericValues final {
public:
GenericValues() = default;
virtual ~GenericValues() = default;
void Put(const std::string& key, int value);
void Put(const std::string& key, const std::string& value);
void Put(const std::string& key, const VariantValue& value);
std::vector<std::string> GetAllKeys() const;
VariantValue Get(const std::string& key) const;
int GetInt(const std::string& key) const;
std::string GetString(const std::string& key) const;
private:
std::map<std::string, VariantValue> map_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // GENERIC_VALUES_H

133
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_definition_cache.cpp
View File

@ -1,133 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_definition_cache.h"
#include "permission.h"
#include "data_translator.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionDefinitionCache"
};
}
PermissionDefinitionCache& PermissionDefinitionCache::GetInstance()
{
static PermissionDefinitionCache instance;
return instance;
}
PermissionDefinitionCache::PermissionDefinitionCache()
{}
PermissionDefinitionCache::~PermissionDefinitionCache()
{}
bool PermissionDefinitionCache::Insert(const PermissionDef& info)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
auto it = permissionDefinitionMap_.find(info.permissionName);
if (it != permissionDefinitionMap_.end()) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: info for permission: %{public}s has been insert, please check!",
__func__, info.permissionName.c_str());
return false;
}
permissionDefinitionMap_[info.permissionName] = info;
return true;
}
void PermissionDefinitionCache::DeleteByBundleName(const std::string& bundleName)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
auto it = permissionDefinitionMap_.begin();
while (it != permissionDefinitionMap_.end()) {
if (bundleName == it->second.bundleName) {
permissionDefinitionMap_.erase(it++);
} else {
++it;
}
}
}
int PermissionDefinitionCache::FindByPermissionName(const std::string& permissionName, PermissionDef& info)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
auto it = permissionDefinitionMap_.find(permissionName);
if (it == permissionDefinitionMap_.end()) {
PERMISSION_LOG_DEBUG(LABEL, "%{public}s: can not find definition info for permission: %{public}s", __func__,
permissionName.c_str());
return RET_FAILED;
}
info = it->second;
return RET_SUCCESS;
}
bool PermissionDefinitionCache::IsSystemGrantedPermission(const std::string& permissionName)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
return IsGrantedModeEqualInner(permissionName, SYSTEM_GRANT);
}
bool PermissionDefinitionCache::IsUserGrantedPermission(const std::string& permissionName)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
return IsGrantedModeEqualInner(permissionName, USER_GRANT);
}
std::string PermissionDefinitionCache::ToString()
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
std::string infos = R"({"Cache": "Default", "DefPermissions": [)";
for (const auto& request : permissionDefinitionMap_) {
PermissionDef permissionDef = request.second;
infos.append(DataTranslator::ToString(request.second));
infos.append(", ");
}
infos = infos + "]}";
return infos;
}
bool PermissionDefinitionCache::IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const
{
auto it = permissionDefinitionMap_.find(permissionName);
if (it == permissionDefinitionMap_.end()) {
return false;
}
return it->second.grantMode == grantMode;
}
bool PermissionDefinitionCache::HasDefinition(const std::string& permissionName)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
return permissionDefinitionMap_.count(permissionName) == 1;
}
void PermissionDefinitionCache::QueryCurrentCache(std::vector<GenericValues>& valueList)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
for (auto it = permissionDefinitionMap_.begin(); it != permissionDefinitionMap_.end(); ++it) {
GenericValues genericValues;
DataTranslator::TranslationIntoGenericValues(it->second, genericValues);
valueList.emplace_back(genericValues);
}
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

71
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_definition_cache.h
View File

@ -1,71 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_DEFINITION_CACHE_H
#define PERMISSION_DEFINITION_CACHE_H
#include <map>
#include <vector>
#include "permission_def.h"
#include "generic_values.h"
#include "rwlock.h"
#include "nocopyable.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionDefinitionCache final {
public:
static PermissionDefinitionCache& GetInstance();
virtual ~PermissionDefinitionCache();
bool Insert(const PermissionDef& info);
void DeleteByBundleName(const std::string& bundleName);
int FindByPermissionName(const std::string& permissionName, PermissionDef& info);
bool IsSystemGrantedPermission(const std::string& permissionName);
bool IsUserGrantedPermission(const std::string& permissionName);
bool HasDefinition(const std::string& permissionName);
void QueryCurrentCache(std::vector<GenericValues>& valueList);
std::string ToString();
private:
PermissionDefinitionCache();
bool IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const;
DISALLOW_COPY_AND_MOVE(PermissionDefinitionCache);
/**
* key: the permission name.
* value: the object of PermissionDef.
*/
std::map<std::string, PermissionDef> permissionDefinitionMap_;
OHOS::Utils::RWLock cacheLock_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_DEFINITION_CACHE_H

152
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_definition_manager.cpp
View File

@ -1,152 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_definition_manager.h"
#include "permission_definition_cache.h"
#include "data_storage.h"
#include "data_translator.h"
#include "permission_log.h"
#include "permission.h"
#include "data_validator.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionDefinitionManager"
};
}
PermissionDefinitionManager& PermissionDefinitionManager::GetInstance()
{
static PermissionDefinitionManager instance;
return instance;
}
PermissionDefinitionManager::PermissionDefinitionManager() : hasInited_(false)
{}
PermissionDefinitionManager::~PermissionDefinitionManager()
{
if (!hasInited_) {
return;
}
this->permissionDefDataAccessWorker_.Stop();
this->hasInited_ = false;
}
void PermissionDefinitionManager::Init()
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lk(this->rwLock_);
if (hasInited_) {
return;
}
PERMISSION_LOG_INFO(LABEL, "init begin!");
std::vector<GenericValues> results;
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSION_DEF, results);
for (auto value : results) {
PermissionDef permissionDef;
DataTranslator::TranslationIntoPermissionDef(value, permissionDef);
PermissionDefinitionCache::GetInstance().Insert(permissionDef);
}
this->permissionDefDataAccessWorker_.Start(1);
hasInited_ = true;
PERMISSION_LOG_INFO(LABEL, "Init success");
}
void PermissionDefinitionManager::AddDefPermissions(const std::vector<PermissionDefParcel>& permList)
{
if (permList.empty()) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
for (const auto& permissionDefParcel : permList) {
if (!IsPermissionDefValid(permissionDefParcel.permissionDef)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid permission definition info: %{public}s", __func__,
DataTranslator::ToString(permissionDefParcel.permissionDef).c_str());
continue;
}
PermissionDefinitionCache::GetInstance().Insert(permissionDefParcel.permissionDef);
}
RefreshPersistentDataIfNeeded();
}
void PermissionDefinitionManager::RemoveDefPermissions(const std::string& bundleName)
{
if (!DataValidator::IsBundleNameValid(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionDefinitionCache::GetInstance().DeleteByBundleName(bundleName);
RefreshPersistentDataIfNeeded();
}
int PermissionDefinitionManager::GetDefPermission(
const std::string& permissionName, PermissionDefParcel& permissionDefParcel) const
{
if (!DataValidator::IsPermissionNameValid(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return RET_FAILED;
}
return PermissionDefinitionCache::GetInstance().FindByPermissionName(
permissionName, permissionDefParcel.permissionDef);
}
bool PermissionDefinitionManager::IsGrantModeValid(const int grantMode) const
{
return grantMode == GrantMode::SYSTEM_GRANT || grantMode == GrantMode::USER_GRANT;
}
bool PermissionDefinitionManager::IsAvailableScopeValid(const int availableScope) const
{
return availableScope == AvailableScope::AVAILABLE_SCOPE_ALL ||
availableScope == AvailableScope::AVAILABLE_SCOPE_RESTRICTED ||
availableScope == AvailableScope::AVAILABLE_SCOPE_SIGNATURE;
}
bool PermissionDefinitionManager::IsPermissionDefValid(const PermissionDef& permissionDef) const
{
if (!DataValidator::IsPermissionNameValid(permissionDef.permissionName)) {
return false;
}
if (!DataValidator::IsBundleNameValid(permissionDef.bundleName)) {
return false;
}
if (!IsGrantModeValid(permissionDef.grantMode)) {
return false;
}
return IsAvailableScopeValid(permissionDef.availableScope);
}
void PermissionDefinitionManager::RefreshPersistentDataIfNeeded()
{
if (permissionDefDataAccessWorker_.GetCurTaskNum() > 1) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
return;
}
permissionDefDataAccessWorker_.AddTask([]() {
std::vector<GenericValues> valueList;
PermissionDefinitionCache::GetInstance().QueryCurrentCache(valueList);
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSION_DEF, valueList);
// Sleep for one second to avoid frequent refresh of the database.
std::this_thread::sleep_for(std::chrono::seconds(1));
});
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

67
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_definition_manager.h
View File

@ -1,67 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_DEFINITION_MANAGER_H
#define PERMISSION_DEFINITION_MANAGER_H
#include <vector>
#include "permission_def_parcel.h"
#include "field_const.h"
#include "nocopyable.h"
#include "thread_pool.h"
#include "rwlock.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionDefinitionManager final {
public:
static PermissionDefinitionManager& GetInstance();
void Init();
virtual ~PermissionDefinitionManager();
void AddDefPermissions(const std::vector<PermissionDefParcel>& permList);
void RemoveDefPermissions(const std::string& bundleName);
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefParcel) const;
private:
PermissionDefinitionManager();
DISALLOW_COPY_AND_MOVE(PermissionDefinitionManager);
bool IsGrantModeValid(const int grantMode) const;
bool IsAvailableScopeValid(const int availableScope) const;
bool IsPermissionDefValid(const PermissionDef& permissionDef) const;
void RefreshPersistentDataIfNeeded();
OHOS::ThreadPool permissionDefDataAccessWorker_;
bool hasInited_;
OHOS::Utils::RWLock rwLock_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_DEFINITION_MANAGER_H

189
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_manager_service.cpp
View File

@ -1,189 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_manager_service.h"
#include "permission.h"
#include "permission_definition_manager.h"
#include "permission_state_manager.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerService"};
}
const bool REGISTER_RESULT =
SystemAbility::MakeAndRegisterAbility(DelayedSingleton<PermissionManagerService>::GetInstance().get());
PermissionManagerService::PermissionManagerService()
: SystemAbility(SA_ID_PERMISSION_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START)
{
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService()");
}
PermissionManagerService::~PermissionManagerService()
{
PERMISSION_LOG_INFO(LABEL, "~PermissionManagerService()");
}
void PermissionManagerService::OnStart()
{
if (state_ == ServiceRunningState::STATE_RUNNING) {
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService has already started!");
return;
}
PERMISSION_LOG_INFO(LABEL, "PermissionManagerService is starting");
if (!Initialize()) {
PERMISSION_LOG_ERROR(LABEL, "Failed to initialize");
return;
}
state_ = ServiceRunningState::STATE_RUNNING;
bool ret = Publish(DelayedSingleton<PermissionManagerService>::GetInstance().get());
if (!ret) {
PERMISSION_LOG_ERROR(LABEL, "Failed to publish service!");
return;
}
PERMISSION_LOG_INFO(LABEL, "Congratulations, PermissionManagerService start successfully!");
}
void PermissionManagerService::OnStop()
{
PERMISSION_LOG_INFO(LABEL, "stop service");
state_ = ServiceRunningState::STATE_NOT_START;
}
int PermissionManagerService::VerifyPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
PERMISSION_LOG_INFO(LABEL,
"%{public}s called, packageName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
bundleName.c_str(), permissionName.c_str(), userId);
return PermissionStateManager::GetInstance().VerifyPermission(bundleName, permissionName, userId);
}
bool PermissionManagerService::CanRequestPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
PERMISSION_LOG_INFO(LABEL,
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
bundleName.c_str(), permissionName.c_str(), userId);
return PermissionStateManager::GetInstance().CanRequestPermission(bundleName, permissionName, userId);
}
int PermissionManagerService::GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
PERMISSION_LOG_INFO(LABEL,
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
bundleName.c_str(), permissionName.c_str(), userId);
PermissionStateManager::GetInstance().GrantUserGrantedPermission(bundleName, permissionName, userId);
return RET_SUCCESS;
}
int PermissionManagerService::GrantSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permissionName: %{public}s", __func__,
bundleName.c_str(), permissionName.c_str());
PermissionStateManager::GetInstance().GrantSystemGrantedPermission(bundleName, permissionName);
return RET_SUCCESS;
}
int PermissionManagerService::RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
PERMISSION_LOG_INFO(LABEL,
"%{public}s called, bundleName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__,
bundleName.c_str(), permissionName.c_str(), userId);
PermissionStateManager::GetInstance().RevokeUserGrantedPermission(bundleName, permissionName, userId);
return RET_SUCCESS;
}
int PermissionManagerService::RevokeSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permissionName: %{public}s", __func__,
bundleName.c_str(), permissionName.c_str());
PermissionStateManager::GetInstance().RevokeSystemGrantedPermission(bundleName, permissionName);
return RET_SUCCESS;
}
int PermissionManagerService::AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
{
PERMISSION_LOG_INFO(LABEL,
"%{public}s called, bundleName: %{public}s, permList size: %{public}d, userId: %{public}d", __func__,
bundleName.c_str(), (int) permList.size(), userId);
PermissionStateManager::GetInstance().AddUserGrantedReqPermissions(bundleName, permList, userId);
return RET_SUCCESS;
}
int PermissionManagerService::AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s, permList size: %{public}d", __func__,
bundleName.c_str(), (int) permList.size());
PermissionStateManager::GetInstance().AddSystemGrantedReqPermissions(bundleName, permList);
return RET_SUCCESS;
}
int PermissionManagerService::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
{
PERMISSION_LOG_INFO(
LABEL, "%{public}s called, bundleName: %{public}s, userId: %{public}d", __func__, bundleName.c_str(), userId);
PermissionStateManager::GetInstance().RemoveUserGrantedReqPermissions(bundleName, userId);
return RET_SUCCESS;
}
int PermissionManagerService::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, bundleName.c_str());
PermissionStateManager::GetInstance().RemoveSystemGrantedReqPermissions(bundleName);
return RET_SUCCESS;
}
int PermissionManagerService::AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permDefList.size());
PermissionDefinitionManager::GetInstance().AddDefPermissions(permDefList);
return RET_SUCCESS;
}
int PermissionManagerService::RemoveDefPermissions(const std::string& bundleName)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, bundleName.c_str());
PermissionDefinitionManager::GetInstance().RemoveDefPermissions(bundleName);
return RET_SUCCESS;
}
int PermissionManagerService::GetDefPermission(
const std::string& permissionName, PermissionDefParcel& permissionDefResult)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, bundleName: %{public}s", __func__, permissionName.c_str());
return PermissionDefinitionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult);
}
bool PermissionManagerService::Initialize() const
{
PermissionDefinitionManager::GetInstance().Init();
PermissionStateManager::GetInstance().Init();
return true;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

76
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_manager_service.h
View File

@ -1,76 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_MANAGER_SERVICE_H
#define PERMISSION_MANAGER_SERVICE_H
#include "permission_manager_stub.h"
#include "singleton.h"
#include "iremote_object.h"
#include "system_ability.h"
#include "nocopyable.h"
namespace OHOS {
namespace Security {
namespace Permission {
enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING };
class PermissionManagerService final : public SystemAbility, public PermissionManagerStub {
DECLARE_DELAYED_SINGLETON(PermissionManagerService);
DECLEAR_SYSTEM_ABILITY(PermissionManagerService);
public:
void OnStart() override;
void OnStop() override;
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) override;
int GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) override;
int GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
int RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId) override;
int RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName) override;
int AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId) override;
int AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList) override;
int RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId) override;
int RemoveSystemGrantedReqPermissions(const std::string& bundleName) override;
int AddDefPermissions(const std::vector<PermissionDefParcel>& permDefList) override;
int RemoveDefPermissions(const std::string& bundleName) override;
int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override;
private:
bool Initialize() const;
ServiceRunningState state_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_MANAGER_SERVICE_H

266
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_manager_stub.cpp
View File

@ -1,266 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_manager_stub.h"
#include "permission.h"
#include "permission_log.h"
#include "ipc_skeleton.h"
#include "string_ex.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionManagerStub"};
}
int32_t PermissionManagerStub::OnRemoteRequest(
uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called, code: %{public}d", __func__, code);
std::u16string descriptor = data.ReadInterfaceToken();
if (descriptor != IPermissionManager::GetDescriptor()) {
PERMISSION_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
return RET_FAILED;
}
switch (code) {
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::VERIFY_PERMISSION):
VerifyPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::CAN_REQUEST_PERMISSION):
CanRequestPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_USER_GRANTED_PERMISSION):
GrantUserGrantedPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GRANT_SYSTEM_GRANTED_PERMISSION):
GrantSystemGrantedPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_USER_GRANTED_PERMISSION):
RevokeUserGrantedPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REVOKE_SYSTEM_GRANTED_PERMISSION):
RevokeSystemGrantedPermissionInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_USER_GRANTED_REQ_PERMISSIONS):
AddUserGrantedReqPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_SYSTEM_GRANTED_REQ_PERMISSIONS):
AddSystemGrantedReqPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_USER_GRANTED_REQ_PERMISSIONS):
RemoveUserGrantedReqPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_SYSTEM_GRANTED_REQ_PERMISSIONS):
RemoveSystemGrantedReqPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::ADD_DEF_PERMISSIONS):
AddDefPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::REMOVE_DEF_PERMISSIONS):
RemoveDefPermissionsInner(data, reply);
break;
case static_cast<uint32_t>(IPermissionManager::InterfaceCode::GET_DEF_PERMISSION):
GetDefPermissionInner(data, reply);
break;
default:
return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
}
return NO_ERROR;
}
void PermissionManagerStub::VerifyPermissionInner(MessageParcel& data, MessageParcel& reply)
{
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int userId = data.ReadInt32();
int result = this->VerifyPermission(bundleName, permissionName, userId);
reply.WriteInt32(result);
}
void PermissionManagerStub::CanRequestPermissionInner(MessageParcel& data, MessageParcel& reply)
{
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int userId = data.ReadInt32();
int result = this->CanRequestPermission(bundleName, permissionName, userId);
reply.WriteBool(result);
}
void PermissionManagerStub::GrantUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int userId = data.ReadInt32();
int result = this->GrantUserGrantedPermission(bundleName, permissionName, userId);
reply.WriteInt32(result);
}
void PermissionManagerStub::GrantSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int result = this->GrantSystemGrantedPermission(bundleName, permissionName);
reply.WriteInt32(result);
}
void PermissionManagerStub::RevokeUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int userId = data.ReadInt32();
int result = this->RevokeUserGrantedPermission(bundleName, permissionName, userId);
reply.WriteInt32(result);
}
void PermissionManagerStub::RevokeSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::string permissionName = data.ReadString();
int result = this->RevokeSystemGrantedPermission(bundleName, permissionName);
reply.WriteInt32(result);
}
void PermissionManagerStub::AddUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::vector<std::string> permList;
data.ReadStringVector(&permList);
int userId = data.ReadInt32();
int result = this->AddUserGrantedReqPermissions(bundleName, permList, userId);
reply.WriteInt32(result);
}
void PermissionManagerStub::AddSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
std::vector<std::string> permList;
data.ReadStringVector(&permList);
int result = this->AddSystemGrantedReqPermissions(bundleName, permList);
reply.WriteInt32(result);
}
void PermissionManagerStub::RemoveUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
int userId = data.ReadInt32();
int result = this->RemoveUserGrantedReqPermissions(bundleName, userId);
reply.WriteInt32(result);
}
void PermissionManagerStub::RemoveSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
int result = this->RemoveSystemGrantedReqPermissions(bundleName);
reply.WriteInt32(result);
}
void PermissionManagerStub::AddDefPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
int size = 0;
data.ReadInt32(size);
std::vector<PermissionDefParcel> permList;
for (int i = 0; i < size; i++) {
sptr<PermissionDefParcel> permissionDef = data.ReadParcelable<PermissionDefParcel>();
if (permissionDef != nullptr) {
permList.emplace_back(*permissionDef);
}
}
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size());
int result = this->AddDefPermissions(permList);
reply.WriteInt32(result);
}
void PermissionManagerStub::RemoveDefPermissionsInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
reply.WriteInt32(RET_FAILED);
return;
}
std::string bundleName = data.ReadString();
int result = this->RemoveDefPermissions(bundleName);
reply.WriteInt32(result);
}
void PermissionManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply)
{
if (!IsAuthorizedCalling()) {
PERMISSION_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
return;
}
std::string permissionName = data.ReadString();
PermissionDefParcel permissionDefParcel;
int result = this->GetDefPermission(permissionName, permissionDefParcel);
reply.WriteParcelable(&permissionDefParcel);
reply.WriteInt32(result);
}
bool PermissionManagerStub::IsAuthorizedCalling() const
{
int callingUid = IPCSkeleton::GetCallingUid();
PERMISSION_LOG_INFO(LABEL, "Calling uid: %{public}d", callingUid);
return callingUid == SYSTEM_UID || callingUid == ROOT_UID;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

56
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_manager_stub.h
View File

@ -1,56 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_MANAGER_STUB_H
#define PERMISSION_MANAGER_STUB_H
#include "i_permission_manager.h"
#include "iremote_stub.h"
#include "nocopyable.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionManagerStub : public IRemoteStub<IPermissionManager> {
public:
PermissionManagerStub() = default;
virtual ~PermissionManagerStub() = default;
int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override;
private:
void VerifyPermissionInner(MessageParcel& data, MessageParcel& reply);
void CanRequestPermissionInner(MessageParcel& data, MessageParcel& reply);
void GrantUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
void GrantSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
void RevokeUserGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
void RevokeSystemGrantedPermissionInner(MessageParcel& data, MessageParcel& reply);
void AddUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
void AddSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
void RemoveUserGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
void RemoveSystemGrantedReqPermissionsInner(MessageParcel& data, MessageParcel& reply);
void AddDefPermissionsInner(MessageParcel& data, MessageParcel& reply);
void RemoveDefPermissionsInner(MessageParcel& data, MessageParcel& reply);
void GetDefPermissionInner(MessageParcel& data, MessageParcel& reply);
bool IsAuthorizedCalling() const;
static const int SYSTEM_UID = 1000;
static const int ROOT_UID = 0;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_MANAGER_STUB_H

33
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_req.h
View File

@ -1,33 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_STANDARD__PERMISSION_REQ_H
#define PERMISSION_STANDARD__PERMISSION_REQ_H
#include <string>
namespace OHOS {
namespace Security {
namespace Permission {
struct PermissionReq {
std::string reqPermissionName;
bool isGranted;
int flags;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_STANDARD__PERMISSION_REQ_H

378
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_state_cache.cpp
View File

@ -1,378 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_state_cache.h"
#include <iostream>
#include "permission.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionStateCache"};
}
int PermissionStateCache::AddReqPermission(
const int userId, const std::string& bundleName, const std::string& permissionName)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
BundleInfo& bundleInfo = Root::GetRoot().GetOrCreateUserInfo(userId).GetOrCreateBundleInfo(bundleName);
return bundleInfo.AddReqPermission(permissionName);
}
int PermissionStateCache::AddReqPermission(
const int userId, const std::string& bundleName, const std::vector<std::string>& permList)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
BundleInfo& bundleInfo = Root::GetRoot().GetOrCreateUserInfo(userId).GetOrCreateBundleInfo(bundleName);
for (const auto& permissionName : permList) {
bundleInfo.AddReqPermission(permissionName);
}
return RET_SUCCESS;
}
int PermissionStateCache::ReplaceReqPermission(
int userId, const std::string& bundleName, const PermissionReq& permissionReq)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
return Root::GetRoot().GetOrCreateUserInfo(userId).ReplaceReqPermission(bundleName, permissionReq);
}
int PermissionStateCache::RemoveReqPermission(const int userId, const std::string& bundleName)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
if (!Root::GetRoot().HasUserInfo(userId)) {
return RET_FAILED;
}
return Root::GetRoot().GetOrCreateUserInfo(userId).RemoveReqPermission(bundleName);
}
int PermissionStateCache::UpdatePermissionState(
int userId, const std::string& bundleName, const std::string& permissionName, bool isGranted)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
if (!Root::GetRoot().HasUserInfo(userId)) {
return RET_FAILED;
}
return Root::GetRoot().GetOrCreateUserInfo(userId).UpdatePermissionState(bundleName, permissionName, isGranted);
}
int PermissionStateCache::UpdatePermissionFlags(
int userId, const std::string& bundleName, const std::string& permissionName, int flags)
{
Utils::UniqueWriteGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
if (!Root::GetRoot().HasUserInfo(userId)) {
return RET_FAILED;
}
return Root::GetRoot().GetOrCreateUserInfo(userId).UpdatePermissionFlags(bundleName, permissionName, flags);
}
bool PermissionStateCache::IsGranted(const int userId, const std::string& bundleName, const std::string& permissionName)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
if (!Root::GetRoot().HasUserInfo(userId)) {
return false;
}
return Root::GetRoot().GetOrCreateUserInfo(userId).IsGranted(bundleName, permissionName);
}
int PermissionStateCache::GetPermissionFlags(
const int userId, const std::string& bundleName, const std::string& permissionName)
{
if (!Root::GetRoot().HasUserInfo(userId)) {
return DEFAULT_PERMISSION_FLAGS;
}
return Root::GetRoot().GetOrCreateUserInfo(userId).GetPermissionFlags(bundleName, permissionName);
}
std::string PermissionStateCache::ToString()
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
return Root::GetRoot().ToString();
}
void PermissionStateCache::QueryCurrentCache(bool isSystemGranted, std::vector<GenericValues>& valueList)
{
Utils::UniqueReadGuard<Utils::RWLock> cacheGuard(this->cacheLock_);
if (isSystemGranted) {
if (!Root::GetRoot().HasUserInfo(SYSTEM_GRANTED_USER_ID)) {
return;
}
UserInfo userInfo = Root::GetRoot().GetOrCreateUserInfo(SYSTEM_GRANTED_USER_ID);
QueryForUser(userInfo, valueList);
return;
}
std::vector<UserInfo> userInfoList;
Root::GetRoot().GetUserGrantedUserInfo(userInfoList);
for (auto userInfo : userInfoList) {
QueryForUser(userInfo, valueList);
}
}
void PermissionStateCache::QueryForUser(const UserInfo& userInfo, std::vector<GenericValues>& valueList) const
{
std::vector<BundleInfo> bundleInfoList;
userInfo.GetAllBundleInfo(bundleInfoList);
for (auto bundleInfo : bundleInfoList) {
QueryForBundle(userInfo.userId_, bundleInfo, valueList);
}
}
void PermissionStateCache::QueryForBundle(
const int userId, const BundleInfo& bundleInfo, std::vector<GenericValues>& valueList) const
{
std::vector<PermissionReq> permissionReqList;
bundleInfo.GetAllPermissionReq(permissionReqList);
for (auto permissionReq : permissionReqList) {
GenericValues genericValues;
genericValues.Put(FIELD_BUNDLE_NAME, bundleInfo.bundleName_);
DataTranslator::TranslationIntoGenericValues(permissionReq, genericValues);
if (userId == SYSTEM_GRANTED_USER_ID) {
valueList.emplace_back(genericValues);
} else {
genericValues.Put(FIELD_USER_ID, userId);
valueList.emplace_back(genericValues);
}
}
}
PermissionStateCache& PermissionStateCache::GetInstance()
{
static PermissionStateCache instance;
return instance;
}
Root& Root::GetRoot()
{
static Root root;
return root;
}
bool Root::HasUserInfo(int userId) const
{
return userInfos_.count(userId) == 1;
}
UserInfo& Root::GetOrCreateUserInfo(const int userId)
{
if (!HasUserInfo(userId)) {
UserInfo userInfo(userId);
userInfos_[userId] = userInfo;
PERMISSION_LOG_DEBUG(
LABEL, "%{public}s: userInfos_[userId]: %{public}s", __func__, userInfos_[userId].ToString().c_str());
}
return userInfos_[userId];
}
void Root::GetUserGrantedUserInfo(std::vector<UserInfo>& bundleInfoList) const
{
for (auto it = userInfos_.begin(); it != userInfos_.end(); ++it) {
if (it->first != PermissionStateCache::SYSTEM_GRANTED_USER_ID) {
bundleInfoList.emplace_back(it->second);
}
}
}
std::string Root::ToString() const
{
std::string infos = R"({"Root": "Default", "UserInfos": [)";
for (auto userInfo : userInfos_) {
infos.append(userInfo.second.ToString() + ", ");
}
infos = infos + "]}";
return infos;
}
UserInfo::UserInfo(int userId)
{
userId_ = userId;
}
bool UserInfo::HasBundleInfo(const std::string& bundleName) const
{
return bundleInfos_.count(bundleName) == 1;
}
BundleInfo& UserInfo::GetOrCreateBundleInfo(const std::string& bundleName)
{
if (!HasBundleInfo(bundleName)) {
BundleInfo bundleInfo(bundleName);
bundleInfos_[bundleName] = bundleInfo;
}
return bundleInfos_[bundleName];
}
void UserInfo::GetAllBundleInfo(std::vector<BundleInfo>& bundleInfoList) const
{
for (auto it = bundleInfos_.begin(); it != bundleInfos_.end(); ++it) {
bundleInfoList.emplace_back(it->second);
}
}
std::string UserInfo::ToString() const
{
std::string infos = R"({"userId": )" + std::to_string(userId_) + R"(, "BundleInfos": [)";
for (auto bundleInfo : bundleInfos_) {
infos.append(bundleInfo.second.ToString() + ", ");
}
infos.append("]}");
return infos;
}
int UserInfo::ReplaceReqPermission(const std::string& bundleName, const PermissionReq& permissionReq)
{
return GetOrCreateBundleInfo(bundleName).ReplaceReqPermission(permissionReq);
}
int UserInfo::RemoveReqPermission(const std::string& bundleName)
{
if (!HasBundleInfo(bundleName)) {
return RET_SUCCESS;
}
bundleInfos_[bundleName].RemoveReqPermissions();
return RET_SUCCESS;
}
int UserInfo::UpdatePermissionState(const std::string& bundleName, const std::string& permissionName, bool isGranted)
{
if (!HasBundleInfo(bundleName)) {
return RET_FAILED;
}
return bundleInfos_[bundleName].UpdateGrantedState(permissionName, isGranted);
}
int UserInfo::UpdatePermissionFlags(const std::string& bundleName, const std::string& permissionName, int flags)
{
if (!HasBundleInfo(bundleName)) {
return RET_FAILED;
}
return bundleInfos_[bundleName].UpdatePermissionFlags(permissionName, flags);
}
bool UserInfo::IsGranted(const std::string& bundleName, const std::string& permissionName)
{
if (!HasBundleInfo(bundleName)) {
return false;
}
return bundleInfos_[bundleName].IsGranted(permissionName);
}
int UserInfo::GetPermissionFlags(const std::string& bundleName, const std::string& permissionName)
{
if (!HasBundleInfo(bundleName)) {
return DEFAULT_PERMISSION_FLAGS;
}
return bundleInfos_[bundleName].GetPermissionFlags(permissionName);
}
BundleInfo::BundleInfo(std::string bundleName)
{
bundleName_ = std::move(bundleName);
}
int BundleInfo::AddReqPermission(const std::string& permissionName)
{
if (HasReqPermission(permissionName)) {
PERMISSION_LOG_DEBUG(
LABEL, "%{public}s failed, reqPermission is exist, name: %{public}s", __func__, permissionName.c_str());
return RET_FAILED;
}
PermissionReq permissionReq = {permissionName, false, DEFAULT_PERMISSION_FLAGS};
permissionRequests_[permissionName] = permissionReq;
return RET_SUCCESS;
}
int BundleInfo::ReplaceReqPermission(const PermissionReq& permissionReq)
{
permissionRequests_[permissionReq.reqPermissionName] = permissionReq;
return RET_SUCCESS;
}
PermissionReq& BundleInfo::GetReqPermission(const std::string& permissionName)
{
return permissionRequests_[permissionName];
}
bool BundleInfo::HasReqPermission(const std::string& permissionName) const
{
return permissionRequests_.count(permissionName) == 1;
}
void BundleInfo::RemoveReqPermissions()
{
permissionRequests_.clear();
}
int BundleInfo::UpdateGrantedState(const std::string& permissionName, bool isGranted)
{
if (!HasReqPermission(permissionName)) {
return RET_FAILED;
}
GetReqPermission(permissionName).isGranted = isGranted;
return RET_SUCCESS;
}
int BundleInfo::UpdatePermissionFlags(const std::string& permissionName, int flags)
{
if (!HasReqPermission(permissionName)) {
return RET_FAILED;
}
GetReqPermission(permissionName).flags = flags;
return RET_SUCCESS;
}
bool BundleInfo::IsGranted(const std::string& permissionName)
{
if (!HasReqPermission(permissionName)) {
return false;
}
return GetReqPermission(permissionName).isGranted;
}
int BundleInfo::GetPermissionFlags(const std::string& permissionName)
{
if (!HasReqPermission(permissionName)) {
return DEFAULT_PERMISSION_FLAGS;
}
return GetReqPermission(permissionName).flags;
}
void BundleInfo::GetAllPermissionReq(std::vector<PermissionReq>& permissionReqList) const
{
for (auto it = permissionRequests_.begin(); it != permissionRequests_.end(); ++it) {
permissionReqList.emplace_back(it->second);
}
}
std::string BundleInfo::ToString() const
{
std::string infos = R"({"bundleName": ")" + bundleName_ + R"(", "ReqPermissions": [)";
for (const auto& request : permissionRequests_) {
PermissionReq permissionReq = request.second;
infos.append(R"({"permissionName": ")" + permissionReq.reqPermissionName + R"(")");
infos.append(R"(, "isGranted": )" + std::to_string(permissionReq.isGranted));
infos.append(R"(, "flags": )" + std::to_string(permissionReq.flags));
infos.append("}, ");
}
infos = infos + "]}";
return infos;
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

121
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_state_cache.h
View File

@ -1,121 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H
#define PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H
#include <string>
#include <map>
#include <vector>
#include "permission_req.h"
#include "generic_values.h"
#include "data_translator.h"
#include "field_const.h"
#include "rwlock.h"
namespace OHOS {
namespace Security {
namespace Permission {
static const int DEFAULT_PERMISSION_FLAGS = 0;
class BundleInfo final {
public:
std::string bundleName_;
BundleInfo() = default;
virtual ~BundleInfo() = default;
explicit BundleInfo(std::string bundleName);
int AddReqPermission(const std::string& permissionName);
int ReplaceReqPermission(const PermissionReq& permissionReq);
PermissionReq& GetReqPermission(const std::string& permissionName);
void RemoveReqPermissions();
bool HasReqPermission(const std::string& permissionName) const;
int UpdateGrantedState(const std::string& permissionName, bool isGranted);
int UpdatePermissionFlags(const std::string& permissionName, int flags);
bool IsGranted(const std::string& permissionName);
int GetPermissionFlags(const std::string& permissionName);
void GetAllPermissionReq(std::vector<PermissionReq>& permissionReqList) const;
std::string ToString() const;
private:
std::map<std::string, PermissionReq> permissionRequests_;
};
class UserInfo final {
public:
int userId_;
UserInfo() : userId_(0)
{}
virtual ~UserInfo() = default;
explicit UserInfo(int userId);
bool HasBundleInfo(const std::string& bundleName) const;
BundleInfo& GetOrCreateBundleInfo(const std::string& bundleName);
int ReplaceReqPermission(const std::string& bundleName, const PermissionReq& permissionReq);
int RemoveReqPermission(const std::string& bundleName);
int UpdatePermissionState(const std::string& bundleName, const std::string& permissionName, bool isGranted);
int UpdatePermissionFlags(const std::string& bundleName, const std::string& permissionName, int flags);
bool IsGranted(const std::string& bundleName, const std::string& permissionName);
int GetPermissionFlags(const std::string& bundleName, const std::string& permissionName);
void GetAllBundleInfo(std::vector<BundleInfo>& bundleInfoList) const;
std::string ToString() const;
private:
std::map<std::string, BundleInfo> bundleInfos_;
};
class Root final {
public:
static Root& GetRoot();
bool HasUserInfo(int userId) const;
UserInfo& GetOrCreateUserInfo(int userId);
void GetUserGrantedUserInfo(std::vector<UserInfo>& userInfoList) const;
std::string ToString() const;
private:
std::map<int, UserInfo> userInfos_;
};
class PermissionStateCache final {
public:
static const int SYSTEM_GRANTED_USER_ID = -1;
static PermissionStateCache& GetInstance();
virtual ~PermissionStateCache() = default;
std::string ToString();
int AddReqPermission(int userId, const std::string& bundleName, const std::string& permissionName);
int AddReqPermission(int userId, const std::string& bundleName, const std::vector<std::string>& permList);
int ReplaceReqPermission(int userId, const std::string& bundleName, const PermissionReq& permissionReq);
int RemoveReqPermission(int userId, const std::string& bundleName);
int UpdatePermissionState(
int userId, const std::string& bundleName, const std::string& permissionName, bool isGranted);
int UpdatePermissionFlags(int userId, const std::string& bundleName, const std::string& permissionName, int flags);
bool IsGranted(int userId, const std::string& bundleName, const std::string& permissionName);
int GetPermissionFlags(int userId, const std::string& bundleName, const std::string& permissionName);
void QueryCurrentCache(bool isSystemGranted, std::vector<GenericValues>& valueList);
private:
PermissionStateCache() = default;
DISALLOW_COPY_AND_MOVE(PermissionStateCache);
void QueryForUser(const UserInfo& userInfo, std::vector<GenericValues>& valueList) const;
void QueryForBundle(const int userId, const BundleInfo& bundleInfo, std::vector<GenericValues>& valueList) const;
OHOS::Utils::RWLock cacheLock_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_STANDARD_PERMISSION_STATE_CACHE_H

265
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_state_manager.cpp
View File

@ -1,265 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_state_manager.h"
#include "permission.h"
#include "data_storage.h"
#include "permission_log.h"
#include "permission_definition_cache.h"
#include "permission_state_cache.h"
#include "data_translator.h"
#include "data_validator.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "PermissionStateManager"};
}
PermissionStateManager& PermissionStateManager::GetInstance()
{
static PermissionStateManager instance;
return instance;
}
PermissionStateManager::PermissionStateManager() : hasInited_(false)
{}
PermissionStateManager::~PermissionStateManager()
{
if (!hasInited_) {
return;
}
this->systemGrantedDataAccessWorker_.Stop();
this->userGrantedDataAccessWorker_.Stop();
this->hasInited_ = false;
}
void PermissionStateManager::Init()
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lk(this->rwLock_);
if (hasInited_) {
return;
}
PERMISSION_LOG_INFO(LABEL, "init begin!");
std::vector<GenericValues> results;
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSIONS_STAT_SYSTEM_GRANTED, results);
for (auto value : results) {
std::string bundleName = value.GetString(FIELD_BUNDLE_NAME);
PERMISSION_LOG_INFO(LABEL, "Cache recover system grant %{public}s", bundleName.c_str());
PermissionReq permissionReq;
DataTranslator::TranslationIntoPermissionReq(value, permissionReq);
PermissionStateCache::GetInstance().ReplaceReqPermission(
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionReq);
}
DataStorage::GetRealDataStorage().Find(DataStorage::PERMISSIONS_STAT_USER_GRANTED, results);
for (auto value : results) {
std::string bundleName = value.GetString(FIELD_BUNDLE_NAME);
int userId = value.GetInt(FIELD_USER_ID);
PERMISSION_LOG_INFO(LABEL, "Cache recover user grant %{public}d, %{public}s", userId, bundleName.c_str());
PermissionReq permissionReq;
DataTranslator::TranslationIntoPermissionReq(value, permissionReq);
PermissionStateCache::GetInstance().ReplaceReqPermission(userId, bundleName, permissionReq);
}
this->systemGrantedDataAccessWorker_.Start(1);
this->userGrantedDataAccessWorker_.Start(1);
hasInited_ = true;
PERMISSION_LOG_INFO(LABEL, "Init success");
}
void PermissionStateManager::AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId)
{
if (!DataValidator::IsBundleNameValid(bundleName) || permList.empty() || !DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
std::vector<GenericValues> values;
for (const auto& permission : permList) {
if (!PermissionDefinitionCache::GetInstance().IsUserGrantedPermission(permission)) {
PERMISSION_LOG_ERROR(LABEL,
"%{public}s: permission: %{public}s is not user-granted permission, check please!", __func__,
permission.c_str());
continue;
}
PermissionStateCache::GetInstance().AddReqPermission(userId, bundleName, permission);
}
RefreshUserGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId)
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().RemoveReqPermission(userId, bundleName);
RefreshUserGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::GrantUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
!DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().UpdatePermissionState(userId, bundleName, permissionName, true);
RefreshUserGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::RevokeUserGrantedPermission(
const std::string& bundleName, const std::string& permissionName, int userId)
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
!DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().UpdatePermissionState(userId, bundleName, permissionName, false);
RefreshUserGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::AddSystemGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList)
{
if (!DataValidator::IsBundleNameValid(bundleName) || permList.empty()) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
std::vector<GenericValues> values;
for (const auto& permission : permList) {
if (!PermissionDefinitionCache::GetInstance().IsSystemGrantedPermission(permission)) {
PERMISSION_LOG_ERROR(LABEL,
"%{public}s: permission: %{public}s is not system-granted permission, check please!", __func__,
permission.c_str());
continue;
}
PermissionStateCache::GetInstance().AddReqPermission(
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permission);
}
RefreshSystemGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::RemoveSystemGrantedReqPermissions(const std::string& bundleName)
{
if (!DataValidator::IsBundleNameValid(bundleName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().RemoveReqPermission(PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName);
RefreshSystemGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::GrantSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().UpdatePermissionState(
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName, true);
RefreshSystemGrantedPersistentDataIfNeeded();
}
void PermissionStateManager::RevokeSystemGrantedPermission(
const std::string& bundleName, const std::string& permissionName)
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return;
}
PermissionStateCache::GetInstance().UpdatePermissionState(
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName, false);
RefreshSystemGrantedPersistentDataIfNeeded();
}
int PermissionStateManager::VerifyPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
!DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return PERMISSION_NOT_GRANTED;
}
if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) {
PERMISSION_LOG_ERROR(
LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str());
return PERMISSION_NOT_GRANTED;
}
bool isGranted = false;
if (PermissionDefinitionCache::GetInstance().IsSystemGrantedPermission(permissionName)) {
isGranted = PermissionStateCache::GetInstance().IsGranted(
PermissionStateCache::SYSTEM_GRANTED_USER_ID, bundleName, permissionName);
} else {
isGranted = PermissionStateCache::GetInstance().IsGranted(userId, bundleName, permissionName);
}
PERMISSION_LOG_INFO(LABEL, "VerifyPermission %{public}s, %{public}s, %{public}d isGranted: %{public}d",
bundleName.c_str(), permissionName.c_str(), userId, isGranted);
return isGranted ? PERMISSION_GRANTED : PERMISSION_NOT_GRANTED;
}
bool PermissionStateManager::CanRequestPermission(
const std::string& bundleName, const std::string& permissionName, int userId) const
{
if (!DataValidator::IsBundleNameValid(bundleName) || !DataValidator::IsPermissionNameValid(permissionName) ||
!DataValidator::IsUserIdValid(userId)) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__);
return false;
}
return PermissionDefinitionCache::GetInstance().IsUserGrantedPermission(permissionName) &&
!PermissionStateCache::GetInstance().IsGranted(userId, bundleName, permissionName);
}
void PermissionStateManager::RefreshSystemGrantedPersistentDataIfNeeded()
{
if (systemGrantedDataAccessWorker_.GetCurTaskNum() > 1) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
return;
}
systemGrantedDataAccessWorker_.AddTask([]() {
std::vector<GenericValues> valueList;
PermissionStateCache::GetInstance().QueryCurrentCache(true, valueList);
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSIONS_STAT_SYSTEM_GRANTED, valueList);
// Sleep for one second to avoid frequent refresh of the database.
std::this_thread::sleep_for(std::chrono::seconds(1));
});
}
void PermissionStateManager::RefreshUserGrantedPersistentDataIfNeeded()
{
if (userGrantedDataAccessWorker_.GetCurTaskNum() > 1) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: has refresh task!", __func__);
return;
}
userGrantedDataAccessWorker_.AddTask([]() {
std::vector<GenericValues> valueList;
PermissionStateCache::GetInstance().QueryCurrentCache(false, valueList);
DataStorage::GetRealDataStorage().RefreshAll(DataStorage::PERMISSIONS_STAT_USER_GRANTED, valueList);
// Sleep for one second to avoid frequent refresh of the database.
std::this_thread::sleep_for(std::chrono::seconds(1));
});
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

80
services/permission_standard/permissionmanagerservice/main/cpp/src/permission_state_manager.h
View File

@ -1,80 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_STATE_MANAGER_H
#define PERMISSION_STATE_MANAGER_H
#include <vector>
#include "field_const.h"
#include "nocopyable.h"
#include "thread_pool.h"
#include "rwlock.h"
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionStateManager final {
public:
static PermissionStateManager& GetInstance();
virtual ~PermissionStateManager();
void Init();
void AddUserGrantedReqPermissions(
const std::string& bundleName, const std::vector<std::string>& permList, int userId);
void RemoveUserGrantedReqPermissions(const std::string& bundleName, int userId);
void GrantUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId);
void RevokeUserGrantedPermission(const std::string& bundleName, const std::string& permissionName, int userId);
void AddSystemGrantedReqPermissions(const std::string& bundleName, const std::vector<std::string>& permList);
void RemoveSystemGrantedReqPermissions(const std::string& bundleName);
void GrantSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName);
void RevokeSystemGrantedPermission(const std::string& bundleName, const std::string& permissionName);
int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
bool CanRequestPermission(const std::string& bundleName, const std::string& permissionName, int userId) const;
private:
PermissionStateManager();
DISALLOW_COPY_AND_MOVE(PermissionStateManager);
void RefreshSystemGrantedPersistentDataIfNeeded();
void RefreshUserGrantedPersistentDataIfNeeded();
OHOS::ThreadPool systemGrantedDataAccessWorker_;
OHOS::ThreadPool userGrantedDataAccessWorker_;
bool hasInited_;
OHOS::Utils::RWLock rwLock_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_STATE_MANAGER_H

188
services/permission_standard/permissionmanagerservice/main/cpp/src/sqlite_helper.cpp
View File

@ -1,188 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "sqlite_helper.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "SqliteHelper"};
}
SqliteHelper::SqliteHelper(const std::string& dbName, const std::string& dbPath, int version)
: dbName_(dbName), dbPath_(dbPath), currentVersion_(version), db_(nullptr)
{}
SqliteHelper::~SqliteHelper()
{}
void SqliteHelper::Open()
{
if (db_ != nullptr) {
return;
}
if (dbName_.empty() || dbPath_.empty() || currentVersion_ < 0) {
return;
}
std::string fileName = dbPath_ + dbName_;
int res = sqlite3_open(fileName.c_str(), &db_);
if (res != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "Failed to open db: %{public}s", sqlite3_errmsg(db_));
return;
}
int version = GetVersion();
if (version == currentVersion_) {
return;
}
BeginTransaction();
if (version == 0) {
OnCreate();
} else {
if (version < currentVersion_) {
OnUpdate();
}
}
SetVersion();
CommitTransaction();
}
void SqliteHelper::Close()
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return;
}
int ret = sqlite3_close(db_);
if (ret != SQLITE_OK) {
PERMISSION_LOG_WARN(LABEL, "sqlite3_close error, ret=%{public}d", ret);
return;
}
db_ = nullptr;
}
int SqliteHelper::BeginTransaction() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return GENERAL_ERROR;
}
char* errorMessage = nullptr;
int result = 0;
int ret = sqlite3_exec(db_, "BEGIN;", nullptr, nullptr, &errorMessage);
if (ret != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
result = GENERAL_ERROR;
}
sqlite3_free(errorMessage);
return result;
}
int SqliteHelper::CommitTransaction() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return GENERAL_ERROR;
}
char* errorMessage = nullptr;
int result = 0;
int ret = sqlite3_exec(db_, "COMMIT;", nullptr, nullptr, &errorMessage);
if (ret != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
result = GENERAL_ERROR;
}
sqlite3_free(errorMessage);
return result;
}
int SqliteHelper::RollbackTransaction() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return GENERAL_ERROR;
}
int result = 0;
char* errorMessage = nullptr;
int ret = sqlite3_exec(db_, "ROLLBACK;", nullptr, nullptr, &errorMessage);
if (ret != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
result = GENERAL_ERROR;
}
sqlite3_free(errorMessage);
return result;
}
Statement SqliteHelper::Prepare(const std::string& sql) const
{
return Statement(db_, sql);
}
int SqliteHelper::ExecuteSql(const std::string& sql) const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return GENERAL_ERROR;
}
char* errorMessage = nullptr;
int result = 0;
int res = sqlite3_exec(db_, sql.c_str(), nullptr, nullptr, &errorMessage);
if (res != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage);
result = GENERAL_ERROR;
}
sqlite3_free(errorMessage);
return result;
}
int SqliteHelper::GetVersion() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return GENERAL_ERROR;
}
auto statement = Prepare(PRAGMA_VERSION_COMMAND);
int version = 0;
while (statement.Step() == Statement::State::ROW) {
version = statement.GetColumnInt(0);
}
PERMISSION_LOG_INFO(LABEL, "%{public}s: version: %{public}d", __func__, version);
return version;
}
void SqliteHelper::SetVersion() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return;
}
auto statement = Prepare(PRAGMA_VERSION_COMMAND + " = " + std::to_string(currentVersion_));
statement.Step();
}
std::string SqliteHelper::SpitError() const
{
if (db_ == nullptr) {
PERMISSION_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__);
return "";
}
return sqlite3_errmsg(db_);
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

62
services/permission_standard/permissionmanagerservice/main/cpp/src/sqlite_helper.h
View File

@ -1,62 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SQLITE_HELPER_H
#define SQLITE_HELPER_H
#include <string>
#include "statement.h"
#include "sqlite3sym.h"
namespace OHOS {
namespace Security {
namespace Permission {
class SqliteHelper {
public:
explicit SqliteHelper(const std::string& dbName, const std::string& dbPath, int version);
virtual ~SqliteHelper();
void Open();
void Close();
int BeginTransaction() const;
int CommitTransaction() const;
int RollbackTransaction() const;
Statement Prepare(const std::string& sql) const;
int ExecuteSql(const std::string& sql) const;
std::string SpitError() const;
virtual void OnCreate() = 0;
virtual void OnUpdate() = 0;
private:
inline static const std::string PRAGMA_VERSION_COMMAND = "PRAGMA user_version";
static const int GENERAL_ERROR = -1;
const std::string dbName_;
const std::string dbPath_;
int currentVersion_;
sqlite3* db_;
int GetVersion() const;
void SetVersion() const;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // SQLITE_HELPER_H

337
services/permission_standard/permissionmanagerservice/main/cpp/src/sqlite_storage.cpp
View File

@ -1,337 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "sqlite_storage.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "SqliteStorage"};
}
SqliteStorage& SqliteStorage::GetInstance()
{
static SqliteStorage instance;
return instance;
}
SqliteStorage::~SqliteStorage()
{
Close();
}
void SqliteStorage::OnCreate()
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called.", __func__);
CreatePermissionDefinitionTable();
CreateSystemGrantedPermissionStateTable();
CreateUserGrantedPermissionStateTable();
}
void SqliteStorage::OnUpdate()
{
PERMISSION_LOG_INFO(LABEL, "%{public}s called.", __func__);
}
SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATABASE_VERSION)
{
SqliteTable permissionDefTable;
permissionDefTable.tableName_ = PERMISSION_DEF_TABLE;
permissionDefTable.tableColumnNames_ = {
FIELD_PERMISSION_NAME,
FIELD_BUNDLE_NAME,
FIELD_GRANT_MODE,
FIELD_AVAILABLE_SCOPE,
FIELD_LABEL,
FIELD_LABEL_ID,
FIELD_DESCRIPTION,
FIELD_DESCRIPTION_ID
};
SqliteTable sysGrantPermStatTable;
sysGrantPermStatTable.tableName_ = SYS_GRANTED_PERMISSION_STATE_TABLE;
sysGrantPermStatTable.tableColumnNames_ = {
FIELD_BUNDLE_NAME,
FIELD_PERMISSION_NAME,
FIELD_GRANTED,
FIELD_FLAGS
};
SqliteTable userGrantPermStatTable;
userGrantPermStatTable.tableName_ = USER_GRANTED_PERMISSION_STATE_TABLE;
userGrantPermStatTable.tableColumnNames_ = {
FIELD_BUNDLE_NAME,
FIELD_PERMISSION_NAME,
FIELD_USER_ID,
FIELD_GRANTED,
FIELD_FLAGS
};
dataTypeToSqlTable_ = {
{PERMISSION_DEF, permissionDefTable},
{PERMISSIONS_STAT_SYSTEM_GRANTED, sysGrantPermStatTable},
{PERMISSIONS_STAT_USER_GRANTED, userGrantPermStatTable}
};
Open();
}
int SqliteStorage::Add(const DataType type, const std::vector<GenericValues>& values)
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
std::string prepareSql = CreateInsertPrepareSqlCmd(type);
auto statement = Prepare(prepareSql);
BeginTransaction();
bool isExecuteSuccessfully = true;
for (auto value : values) {
std::vector<std::string> columnNames = value.GetAllKeys();
for (auto columnName : columnNames) {
statement.Bind(columnName, value.Get(columnName));
}
int ret = statement.Step();
if (ret != Statement::State::DONE) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, SpitError().c_str());
isExecuteSuccessfully = false;
}
statement.Reset();
}
if (!isExecuteSuccessfully) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__);
RollbackTransaction();
return FAILURE;
}
PERMISSION_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__);
CommitTransaction();
return SUCCESS;
}
int SqliteStorage::Remove(const DataType type, const GenericValues& conditions)
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
std::vector<std::string> columnNames = conditions.GetAllKeys();
std::string prepareSql = CreateDeletePrepareSqlCmd(type, columnNames);
auto statement = Prepare(prepareSql);
for (auto columnName : columnNames) {
statement.Bind(columnName, conditions.Get(columnName));
}
int ret = statement.Step();
return (ret == Statement::State::DONE) ? SUCCESS : FAILURE;
}
int SqliteStorage::Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions)
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
std::vector<std::string> modifyColumns = modifyValues.GetAllKeys();
std::vector<std::string> conditionColumns = conditions.GetAllKeys();
std::string prepareSql = CreateUpdatePrepareSqlCmd(type, modifyColumns, conditionColumns);
auto statement = Prepare(prepareSql);
for (auto columnName : modifyColumns) {
statement.Bind(columnName, modifyValues.Get(columnName));
}
for (auto columnName : conditionColumns) {
statement.Bind(columnName, conditions.Get(columnName));
}
int ret = statement.Step();
return (ret == Statement::State::DONE) ? SUCCESS : FAILURE;
}
int SqliteStorage::Find(const DataType type, std::vector<GenericValues>& results)
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
std::string prepareSql = CreateSelectPrepareSqlCmd(type);
auto statement = Prepare(prepareSql);
while (statement.Step() == Statement::State::ROW) {
int columnCount = statement.GetColumnCount();
GenericValues value;
for (int i = 0; i < columnCount; i++) {
value.Put(statement.GetColumnName(i), statement.GetValue(i));
}
results.emplace_back(value);
}
return SUCCESS;
}
int SqliteStorage::RefreshAll(const DataType type, const std::vector<GenericValues>& values)
{
OHOS::Utils::UniqueWriteGuard<OHOS::Utils::RWLock> lock(this->rwLock_);
std::string deleteSql = CreateDeletePrepareSqlCmd(type);
std::string insertSql = CreateInsertPrepareSqlCmd(type);
auto deleteStatement = Prepare(deleteSql);
auto insertStatement = Prepare(insertSql);
BeginTransaction();
bool canCommit = deleteStatement.Step() == Statement::State::DONE;
for (auto value : values) {
std::vector<std::string> columnNames = value.GetAllKeys();
for (auto columnName : columnNames) {
insertStatement.Bind(columnName, value.Get(columnName));
}
int ret = insertStatement.Step();
if (ret != Statement::State::DONE) {
PERMISSION_LOG_ERROR(
LABEL, "%{public}s: insert failed, errorMsg: %{public}s", __func__, SpitError().c_str());
canCommit = false;
}
insertStatement.Reset();
}
if (!canCommit) {
PERMISSION_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__);
RollbackTransaction();
return FAILURE;
}
PERMISSION_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__);
CommitTransaction();
return SUCCESS;
}
std::string SqliteStorage::CreateInsertPrepareSqlCmd(const DataType type) const
{
auto it = dataTypeToSqlTable_.find(type);
if (it == dataTypeToSqlTable_.end()) {
return std::string();
}
std::string sql = "insert into " + it->second.tableName_ + " values(";
int i = 1;
for (const auto& columnName : it->second.tableColumnNames_) {
sql.append(":" + columnName);
if (i < (int) it->second.tableColumnNames_.size()) {
sql.append(",");
}
i += 1;
}
sql.append(")");
return sql;
}
std::string SqliteStorage::CreateDeletePrepareSqlCmd(
const DataType type, const std::vector<std::string>& columnNames) const
{
auto it = dataTypeToSqlTable_.find(type);
if (it == dataTypeToSqlTable_.end()) {
return std::string();
}
std::string sql = "delete from " + it->second.tableName_ + " where 1 = 1";
for (auto columnName : columnNames) {
sql.append(" and ");
sql.append(columnName + "=:" + columnName);
}
return sql;
}
std::string SqliteStorage::CreateUpdatePrepareSqlCmd(const DataType type, const std::vector<std::string>& modifyColumns,
const std::vector<std::string>& conditionColumns) const
{
if (modifyColumns.empty()) {
return std::string();
}
auto it = dataTypeToSqlTable_.find(type);
if (it == dataTypeToSqlTable_.end()) {
return std::string();
}
std::string sql = "update " + it->second.tableName_ + " set ";
int i = 1;
for (const auto& columnName : modifyColumns) {
sql.append(columnName + "=:" + columnName);
if (i < (int) modifyColumns.size()) {
sql.append(",");
}
i += 1;
}
if (!conditionColumns.empty()) {
sql.append(" where 1 = 1");
for (const auto& columnName : conditionColumns) {
sql.append(" and ");
sql.append(columnName + "=:" + columnName);
}
}
return sql;
}
std::string SqliteStorage::CreateSelectPrepareSqlCmd(const DataType type) const
{
auto it = dataTypeToSqlTable_.find(type);
if (it == dataTypeToSqlTable_.end()) {
return std::string();
}
std::string sql = "select * from " + it->second.tableName_;
return sql;
}
int SqliteStorage::CreatePermissionDefinitionTable() const
{
auto it = dataTypeToSqlTable_.find(DataType::PERMISSION_DEF);
if (it == dataTypeToSqlTable_.end()) {
return FAILURE;
}
std::string sql = "create table if not exists ";
sql.append(it->second.tableName_ + " (")
.append(FIELD_PERMISSION_NAME + " text not null,")
.append(FIELD_BUNDLE_NAME + " text not null,")
.append(FIELD_GRANT_MODE + " integer not null,")
.append(FIELD_AVAILABLE_SCOPE + " integer not null,")
.append(FIELD_LABEL + " text not null,")
.append(FIELD_LABEL_ID + " integer not null,")
.append(FIELD_DESCRIPTION + " text not null,")
.append(FIELD_DESCRIPTION_ID + " integer not null,")
.append("primary key(" + FIELD_PERMISSION_NAME)
.append("))");
return ExecuteSql(sql);
}
int SqliteStorage::CreateSystemGrantedPermissionStateTable() const
{
auto it = dataTypeToSqlTable_.find(DataType::PERMISSIONS_STAT_SYSTEM_GRANTED);
if (it == dataTypeToSqlTable_.end()) {
return FAILURE;
}
std::string sql = "create table if not exists ";
sql.append(it->second.tableName_ + " (")
.append(FIELD_BUNDLE_NAME + " text not null,")
.append(FIELD_PERMISSION_NAME + " text not null,")
.append(FIELD_GRANTED + " integer not null,")
.append(FIELD_FLAGS + " integer not null,")
.append("primary key(" + FIELD_BUNDLE_NAME)
.append("," + FIELD_PERMISSION_NAME)
.append("))");
return ExecuteSql(sql);
}
int SqliteStorage::CreateUserGrantedPermissionStateTable() const
{
auto it = dataTypeToSqlTable_.find(DataType::PERMISSIONS_STAT_USER_GRANTED);
if (it == dataTypeToSqlTable_.end()) {
return FAILURE;
}
std::string sql = "create table if not exists ";
sql.append(it->second.tableName_ + " (")
.append(FIELD_BUNDLE_NAME + " text not null,")
.append(FIELD_PERMISSION_NAME + " text not null,")
.append(FIELD_USER_ID + " integer not null,")
.append(FIELD_GRANTED + " integer not null,")
.append(FIELD_FLAGS + " integer not null,")
.append("primary key(" + FIELD_BUNDLE_NAME)
.append("," + FIELD_PERMISSION_NAME)
.append("," + FIELD_USER_ID)
.append("))");
return ExecuteSql(sql);
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

86
services/permission_standard/permissionmanagerservice/main/cpp/src/sqlite_storage.h
View File

@ -1,86 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SQLITE_STORAGE_H
#define SQLITE_STORAGE_H
#include "data_storage.h"
#include "sqlite_helper.h"
#include "field_const.h"
#include "nocopyable.h"
#include "rwlock.h"
namespace OHOS {
namespace Security {
namespace Permission {
class SqliteStorage : public DataStorage, public SqliteHelper {
public:
enum ExecuteResult { FAILURE = -1, SUCCESS };
struct SqliteTable {
public:
std::string tableName_;
std::vector<std::string> tableColumnNames_;
};
static SqliteStorage& GetInstance();
~SqliteStorage() override;
int Add(const DataType type, const std::vector<GenericValues>& values) override;
int Remove(const DataType type, const GenericValues& conditions) override;
int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) override;
int Find(const DataType type, std::vector<GenericValues>& results) override;
int RefreshAll(const DataType type, const std::vector<GenericValues>& values) override;
void OnCreate() override;
void OnUpdate() override;
private:
SqliteStorage();
DISALLOW_COPY_AND_MOVE(SqliteStorage);
std::map<DataType, SqliteTable> dataTypeToSqlTable_;
OHOS::Utils::RWLock rwLock_;
int CreatePermissionDefinitionTable() const;
int CreateSystemGrantedPermissionStateTable() const;
int CreateUserGrantedPermissionStateTable() const;
std::string CreateInsertPrepareSqlCmd(const DataType type) const;
std::string CreateDeletePrepareSqlCmd(
const DataType type, const std::vector<std::string>& columnNames = std::vector<std::string>()) const;
std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector<std::string>& modifyColumns,
const std::vector<std::string>& conditionColumns) const;
std::string CreateSelectPrepareSqlCmd(const DataType type) const;
private:
inline static const std::string PERMISSION_DEF_TABLE = "permission_definition_table";
inline static const std::string SYS_GRANTED_PERMISSION_STATE_TABLE = "system_granted_permission_state_table";
inline static const std::string USER_GRANTED_PERMISSION_STATE_TABLE = "user_granted_permission_state_table";
inline static const std::string DATABASE_NAME = "permission.db";
inline static const std::string DATABASE_PATH = "/data/system/";
static const int DATABASE_VERSION = 1;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // SQLITE_STORAGE_H

125
services/permission_standard/permissionmanagerservice/main/cpp/src/statement.cpp
View File

@ -1,125 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "statement.h"
#include "permission_log.h"
namespace OHOS {
namespace Security {
namespace Permission {
namespace {
static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PERMISSION, "Statement"};
}
Statement::Statement(sqlite3* db, const std::string& sql) : db_(db), sql_(sql)
{
if (sqlite3_prepare_v2(db, sql.c_str(), sql.size(), &statement_, nullptr) != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "Cannot prepare, errorMsg: %{public}s", sqlite3_errmsg(db_));
}
}
Statement::~Statement()
{
sqlite3_finalize(statement_);
statement_ = nullptr;
}
void Statement::Bind(const int index, const std::string& text)
{
if (sqlite3_bind_text(statement_, index, text.c_str(), text.size(), SQLITE_TRANSIENT) != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "Cannot bind string, errorMsg: %{public}s", sqlite3_errmsg(db_));
}
}
void Statement::Bind(const int index, int value)
{
if (sqlite3_bind_int(statement_, index, value) != SQLITE_OK) {
PERMISSION_LOG_ERROR(LABEL, "Cannot bind int, errorMsg: %{public}s", sqlite3_errmsg(db_));
}
}
int Statement::GetColumnInt(const int column) const
{
return sqlite3_column_int(statement_, column);
}
std::string Statement::GetColumnString(const int column) const
{
return std::string(reinterpret_cast<const char*>(sqlite3_column_text(statement_, column)));
}
std::string Statement::GetColumnName(const int column) const
{
return sqlite3_column_name(statement_, column);
}
Statement::State Statement::Step()
{
int ret = sqlite3_step(statement_);
switch (ret) {
case SQLITE_ROW:
return Statement::State::ROW;
case SQLITE_DONE:
return Statement::State::DONE;
case SQLITE_BUSY:
return Statement::State::BUSY;
case SQLITE_MISUSE:
return Statement::State::MISUSE;
default:
return Statement::State::UNKNOWN;
}
}
int Statement::GetParameterIndex(const std::string& name) const
{
return sqlite3_bind_parameter_index(statement_, name.c_str());
}
void Statement::Bind(const std::string& tableColumnName, const VariantValue& value)
{
int index = GetParameterIndex(":" + tableColumnName);
if (value.GetType() == ValueType::TYPE_STRING) {
Bind(index, value.GetString());
} else if (value.GetType() == ValueType::TYPE_INT) {
Bind(index, value.GetInt());
}
}
int Statement::Reset()
{
return sqlite3_reset(statement_);
}
int Statement::GetColumnCount() const
{
return sqlite3_column_count(statement_);
}
VariantValue Statement::GetValue(const int column) const
{
int type = sqlite3_column_type(statement_, column);
switch (type) {
case SQLITE_INTEGER:
return VariantValue(GetColumnInt(column));
case SQLITE_TEXT:
return VariantValue(GetColumnString(column));
default:
return VariantValue();
}
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

57
services/permission_standard/permissionmanagerservice/main/cpp/src/statement.h
View File

@ -1,57 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef STATEMENT_H
#define STATEMENT_H
#include <string>
#include "variant_value.h"
#include "sqlite3sym.h"
namespace OHOS {
namespace Security {
namespace Permission {
class Statement final {
public:
enum State { BUSY, ROW, DONE, MISUSE, UNKNOWN };
Statement(sqlite3* db, const std::string& sql);
virtual ~Statement();
void Bind(const int index, const std::string& text);
void Bind(const int index, int value);
void Bind(const std::string& tableColumnName, const VariantValue& value);
State Step();
int Reset();
std::string GetColumnString(const int column) const;
int GetColumnInt(const int column) const;
std::string GetColumnName(const int column) const;
int GetParameterIndex(const std::string& name) const;
int GetColumnCount() const;
VariantValue GetValue(const int column) const;
private:
sqlite3* db_;
sqlite3_stmt* statement_;
const std::string sql_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // STATEMENT_H

61
services/permission_standard/permissionmanagerservice/main/cpp/src/variant_value.cpp
View File

@ -1,61 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "variant_value.h"
namespace OHOS {
namespace Security {
namespace Permission {
VariantValue::VariantValue() : type_(ValueType::TYPE_NULL)
{}
VariantValue::~VariantValue()
{}
VariantValue::VariantValue(int value) : type_(ValueType::TYPE_INT)
{
value_ = value;
}
VariantValue::VariantValue(const std::string& value) : type_(ValueType::TYPE_STRING)
{
value_ = value;
}
ValueType VariantValue::GetType() const
{
return type_;
}
int VariantValue::GetInt() const
{
if (type_ != ValueType::TYPE_INT) {
return DEFAULT_VALUE;
}
return std::get<int>(value_);
}
std::string VariantValue::GetString() const
{
if (type_ != ValueType::TYPE_STRING) {
return std::string();
}
return std::get<std::string>(value_);
}
} // namespace Permission
} // namespace Security
} // namespace OHOS

52
services/permission_standard/permissionmanagerservice/main/cpp/src/variant_value.h
View File

@ -1,52 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef VARIANT_VALUE_H
#define VARIANT_VALUE_H
#include <string>
#include <variant>
namespace OHOS {
namespace Security {
namespace Permission {
enum class ValueType {
TYPE_NULL,
TYPE_INT,
TYPE_STRING,
};
class VariantValue final {
public:
VariantValue();
virtual ~VariantValue();
explicit VariantValue(int value);
explicit VariantValue(const std::string& value);
ValueType GetType() const;
int GetInt() const;
std::string GetString() const;
static const int DEFAULT_VALUE = -1;
private:
ValueType type_;
std::variant<int, std::string> value_;
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // VARIANT_VALUE_H

24
services/permission_standard/permissionmanagerservice/main/sa_profile/3501.xml
View File

@ -1,24 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2021-2022 Huawei Device Co., Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<info>
<process>foundation</process>
<systemability>
<name>3501</name>
<libpath>libpermission_manager_service_standard.z.so</libpath>
<run-on-create>false</run-on-create>
<distributed>false</distributed>
<dump-level>1</dump-level>
</systemability>
</info>

20
services/permission_standard/permissionmanagerservice/main/sa_profile/BUILD.gn
View File

@ -1,20 +0,0 @@
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/ohos/sa_profile/sa_profile.gni")
ohos_sa_profile("permission_sa_profile_standard") {
part_name = "permission_standard"
sources = [ "3501.xml" ]
}

48
services/permission_standard/permissionmanagerservice/test/BUILD.gn
View File

@ -1,48 +0,0 @@
# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/test.gni")
ohos_unittest("libpermission_manager_service_standard_test") {
subsystem_name = "security"
part_name = "permission_standard"
module_out_path = part_name + "/" + part_name
include_dirs = [
"//utils/native/base/include",
"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission",
"//base/security/permission/services/permission_standard/permissionmanagerservice/main/cpp/src/",
]
sources = [
"unittest/cpp/src/permission_definition_manager_test.cpp",
"unittest/cpp/src/permission_state_manager_test.cpp",
]
cflags_cc = [ "-DHILOG_ENABLE" ]
deps = [
"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx",
"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx",
"//base/security/permission/services/permission_standard/permissionmanagerservice:permission_manager_service_standard",
"//third_party/googletest:gtest_main",
"//utils/native/base:utils",
]
external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
}
group("unittest") {
testonly = true
deps = [ ":libpermission_manager_service_standard_test" ]
}

45
services/permission_standard/permissionmanagerservice/test/unittest/cpp/src/permission_definition_manager_test.cpp
View File

@ -1,45 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_definition_manager_test.h"
#include <string>
#include "permission_definition_manager.h"
#include "permission.h"
#include "test_const.h"
using namespace testing::ext;
using namespace OHOS::Security::Permission;
void PermissionDefinitionManagerTest::SetUpTestCase()
{}
void PermissionDefinitionManagerTest::TearDownTestCase()
{}
void PermissionDefinitionManagerTest::SetUp()
{}
void PermissionDefinitionManagerTest::TearDown()
{
PermissionDefinitionManager::GetInstance().RemoveDefPermissions(TEST_BUNDLE_NAME);
}
HWTEST_F(PermissionDefinitionManagerTest, AddDefPermissions001, TestSize.Level1)
{}
HWTEST_F(PermissionDefinitionManagerTest, RemoveDefPermissions001, TestSize.Level1)
{}

37
services/permission_standard/permissionmanagerservice/test/unittest/cpp/src/permission_definition_manager_test.h
View File

@ -1,37 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_DEFINITION_MANAGER_TEST_H
#define PERMISSION_DEFINITION_MANAGER_TEST_H
#include <gtest/gtest.h>
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionDefinitionManagerTest : public testing::Test {
public:
static void SetUpTestCase();
static void TearDownTestCase();
void SetUp();
void TearDown();
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_DEFINITION_MANAGER_TEST_H

39
services/permission_standard/permissionmanagerservice/test/unittest/cpp/src/permission_state_manager_test.cpp
View File

@ -1,39 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "permission_state_manager_test.h"
#include <string>
#include "permission_state_manager.h"
#include "test_const.h"
using namespace testing::ext;
using namespace OHOS::Security::Permission;
void PermissionStateManagerTest::SetUpTestCase()
{}
void PermissionStateManagerTest::TearDownTestCase()
{}
void PermissionStateManagerTest::SetUp()
{}
void PermissionStateManagerTest::TearDown()
{}
HWTEST_F(PermissionStateManagerTest, AddUserGrantedReqPermissions001, TestSize.Level1)
{}

37
services/permission_standard/permissionmanagerservice/test/unittest/cpp/src/permission_state_manager_test.h
View File

@ -1,37 +0,0 @@
/*
* Copyright (c) 2021-2022 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef PERMISSION_STATE_MANAGER_TEST_H
#define PERMISSION_STATE_MANAGER_TEST_H
#include <gtest/gtest.h>
namespace OHOS {
namespace Security {
namespace Permission {
class PermissionStateManagerTest : public testing::Test {
public:
static void SetUpTestCase();
static void TearDownTestCase();
void SetUp();
void TearDown();
};
} // namespace Permission
} // namespace Security
} // namespace OHOS
#endif // PERMISSION_STATE_MANAGER_TEST_H