1 /* 2 * Copyright (c) 2021 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_PERMISSION_MGR_H 17 #define FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_PERMISSION_MGR_H 18 19 #include "inner_bundle_info.h" 20 #include "permission_def.h" 21 #include "permission/permission_kit.h" 22 23 namespace OHOS { 24 namespace AppExecFwk { 25 26 class BundlePermissionMgr { 27 public: 28 /** 29 * @brief Initialize the system defined permissions on first start up. 30 * @return Returns true if the permissions initialized successfully; returns false otherwise. 31 */ 32 static bool InitPermissions(); 33 /** 34 * @brief Handle the permissions in installation progress. 35 * @param innerBundleInfo Indicates the current installing inner bundle information. 36 * @return Returns true if the permissions install successfully; returns false otherwise. 37 */ 38 static bool InstallPermissions(const InnerBundleInfo &innerBundleInfo); 39 /** 40 * @brief Handle the permissions in updating progress. 41 * @param innerBundleInfo Indicates the current installing inner bundle information. 42 * @return Returns true if the permissions updating successfully; returns false otherwise. 43 */ 44 static bool UpdatePermissions(const InnerBundleInfo &innerBundleInfo); 45 /** 46 * @brief Handle the permissions in uninstall progress. 47 * @param innerBundleInfo Indicates the current installing inner bundle information. 48 * @return Returns true if the permissions uninstall successfully; returns false otherwise. 49 */ 50 static bool UninstallPermissions(const InnerBundleInfo &innerBundleInfo); 51 /** 52 * @brief Check the permission whether granted for calling process. 53 * @param permissionName Indicates the permission name. 54 * @return Returns true if the permissions has been granted; returns false otherwise. 55 */ 56 static bool CheckCallingPermission(const std::string &permissionName); 57 /** 58 * @brief Verify whether a specified bundle has been granted a specific permission. 59 * @param bundleName Indicates the name of the bundle to check. 60 * @param permission Indicates the permission to check. 61 * @param userId Indicates the userId of the bundle. 62 * @return Returns 0 if the bundle has the permission; returns -1 otherwise. 63 */ 64 static int VerifyPermission(const std::string &bundleName, const std::string &permissionName, const int userId); 65 /** 66 * @brief Obtains detailed information about a specified permission. 67 * @param permissionName Indicates the name of the permission. 68 * @param permissionDef Indicates the object containing detailed information about the given permission. 69 * @return Returns true if the PermissionDef object is successfully obtained; returns false otherwise. 70 */ 71 static bool GetPermissionDef(const std::string &permissionName, PermissionDef &permissionDef); 72 /** 73 * @brief Confirms with the permission management module to check whether a request prompt is required for granting 74 * a certain permission. 75 * @param bundleName Indicates the name of the bundle. 76 * @param permission Indicates the permission to quest. 77 * @param userId Indicates the userId of the bundle. 78 * @return Returns true if the current application does not have the permission and the user does not turn off 79 * further requests; returns false if the current application already has the permission, the permission is rejected 80 * by the system, or the permission is denied by the user and the user has turned off further requests. 81 */ 82 static bool CanRequestPermission( 83 const std::string &bundleName, const std::string &permissionName, const int userId); 84 /** 85 * @brief Requests a certain permission from user. 86 * @param bundleName Indicates the name of the bundle. 87 * @param permission Indicates the permission to request. 88 * @param userId Indicates the userId of the bundle. 89 * @return Returns true if the permission request successfully; returns false otherwise. 90 */ 91 static bool RequestPermissionFromUser( 92 const std::string &bundleName, const std::string &permissionName, const int userId); 93 94 private: 95 /** 96 * @brief Add the defPermissions to permission kit. 97 * @param innerBundleInfo Indicates the current installing inner bundle information. 98 * @return Returns 0 if the defPermissions add successfully; returns -1 otherwise. 99 */ 100 static int AddDefPermissions(const InnerBundleInfo &innerBundleInfo); 101 /** 102 * @brief Add and grant the reqPermissions to permission kit. 103 * @param innerBundleInfo Indicates the current installing inner bundle information. 104 * @return Returns 0 if the reqPermissions add and grant successfully; returns -1 otherwise. 105 */ 106 static int AddAndGrantedReqPermissions(const InnerBundleInfo &innerBundleInfo); 107 /** 108 * @brief Grant a reqPermission from permission kit. 109 * @param bundleName Indicates the name of the bundle. 110 * @param permissionName Indicates the permission. 111 * @return Returns 0 if the reqPermission grant successfully; returns -1 otherwise. 112 */ 113 static int GrantReqPermissions(const std::string &bundleName, const std::string &permissionName); 114 /** 115 * @brief Add user granted reqPermissions to permission kit. 116 * @param bundleName Indicates the name of the bundle to add. 117 * @param permList Indicates the list of reqPermission to add. 118 * @param userId Indicates the userId of the bundle. 119 * @return Returns 0 if the reqPermissions add successfully; returns -1 otherwise. 120 */ 121 static int AddUserGrantedReqPermissions( 122 const std::string &bundleName, const std::vector<std::string> &permList, const int userId); 123 /** 124 * @brief Add system granted reqPermissions to permission kit. 125 * @param bundleName Indicates the name of the bundle to add. 126 * @param permList Indicates the list of reqPermission to add. 127 * @return Returns 0 if the reqPermissions add successfully; returns -1 otherwise. 128 */ 129 static int AddSystemGrantedReqPermissions(const std::string &bundleName, const std::vector<std::string> &permList); 130 /** 131 * @brief Check whether a permission need to be granted. 132 * @param permissionDef Indicates the definition of a permission. 133 * @param innerBundleInfo Indicates the current installing inner bundle information. 134 * @return Returns true if the permission need to be granted; returns false otherwise. 135 */ 136 static bool CheckPermissionAuthorization( 137 const Security::Permission::PermissionDef &permissionDef, const InnerBundleInfo &innerBundleInfo); 138 /** 139 * @brief Remove the defPermissions from permission kit. 140 * @param innerBundleInfo Indicates the current uninstalling inner bundle information. 141 * @return Returns 0 if the defPermissions removed successfully; returns -1 otherwise. 142 */ 143 static int RemoveDefPermissions(const std::string &bundleName); 144 /** 145 * @brief Remove user granted reqPermissions from permission kit. 146 * @param bundleName Indicates the name of the bundle to remove. 147 * @param userId Indicates the userId of the bundle. 148 * @return Returns 0 if the reqPermissions removed successfully; returns -1 otherwise. 149 */ 150 static int RemoveUserGrantedReqPermissions(const std::string &bundleName, const int userId); 151 /** 152 * @brief Remove system granted reqPermissions from permission kit. 153 * @param bundleName Indicates the name of the bundle to remove. 154 * @return Returns 0 if the reqPermissions removed successfully; returns -1 otherwise. 155 */ 156 static int RemoveSystemGrantedReqPermissions(const std::string &bundleName); 157 }; 158 159 } // namespace AppExecFwk 160 } // namespace OHOS 161 #endif // FOUNDATION_APPEXECFWK_SERVICES_BUNDLEMGR_INCLUDE_BUNDLE_PERMISSION_MGR_H