• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "netmanager_base_permission.h"
17 
18 #include "ipc_skeleton.h"
19 #include "accesstoken_kit.h"
20 
21 #include "net_mgr_log_wrapper.h"
22 
23 namespace OHOS {
24 namespace NetManagerStandard {
25 /**
26  * @brief Permission check by callingTokenID.
27  * @param permissionName permission name.
28  * @return Returns true on success, false on failure.
29  */
CheckPermission(const std::string & permissionName)30 bool NetManagerPermission::CheckPermission(const std::string &permissionName)
31 {
32     if (permissionName.empty()) {
33         NETMGR_LOG_E("permission check failed,permission name is empty.");
34         return false;
35     }
36 
37     auto callerToken = IPCSkeleton::GetCallingTokenID();
38     auto tokenType = Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken);
39     int result = Security::AccessToken::PERMISSION_DENIED;
40 
41     if (tokenType == Security::AccessToken::ATokenTypeEnum::TOKEN_NATIVE) {
42         result = Security::AccessToken::AccessTokenKit::VerifyNativeToken(callerToken, permissionName);
43     } else if (tokenType == Security::AccessToken::ATokenTypeEnum::TOKEN_HAP) {
44         result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName);
45     } else {
46         NETMGR_LOG_E("permission check failed, callerToken:%{public}u, tokenType:%{public}d",
47             callerToken, tokenType);
48     }
49 
50     if (result != Security::AccessToken::PERMISSION_GRANTED) {
51         NETMGR_LOG_E("permission check failed, permission:%{public}s, callerToken:%{public}u, tokenType:%{public}d",
52             permissionName.c_str(), callerToken, tokenType);
53         return false;
54     }
55     return true;
56 }
57 } // namespace NetManagerStandard
58 } // namespace OHOS