• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef I_ACCESSTOKEN_MANAGER_H
17 #define I_ACCESSTOKEN_MANAGER_H
18 
19 #include <string>
20 
21 #include "access_token.h"
22 #include "errors.h"
23 #include "hap_info_parcel.h"
24 #include "hap_policy_parcel.h"
25 #include "hap_token_info_for_sync_parcel.h"
26 #include "hap_token_info_parcel.h"
27 #include "iremote_broker.h"
28 #include "native_token_info_parcel.h"
29 #include "permission_def_parcel.h"
30 #include "permission_list_state_parcel.h"
31 #include "permission_state_full_parcel.h"
32 
33 namespace OHOS {
34 namespace Security {
35 namespace AccessToken {
36 class IAccessTokenManager : public IRemoteBroker {
37 public:
38     static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503;
39 
40     DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager");
41 
42     virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0;
43     virtual int VerifyNativeToken(AccessTokenID tokenID, const std::string& permissionName) = 0;
44     virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0;
45     virtual int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDefParcel>& permList) = 0;
46     virtual int GetReqPermissions(
47         AccessTokenID tokenID, std::vector<PermissionStateFullParcel>& reqPermList, bool isSystemGrant) = 0;
48     virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) = 0;
49     virtual PermissionOper GetSelfPermissionsState(
50         std::vector<PermissionListStateParcel>& permListParcel) = 0;
51     virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0;
52     virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0;
53     virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0;
54     virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0;
55     virtual int DeleteToken(AccessTokenID tokenID) = 0;
56     virtual int GetTokenType(AccessTokenID tokenID) = 0;
57     virtual int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) = 0;
58     virtual AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) = 0;
59     virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0;
60     virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0;
61     virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0;
62     virtual int UpdateHapToken(
63         AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0;
64 
65 #ifdef TOKEN_SYNC_ENABLE
66     virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID,
67         HapTokenInfoForSyncParcel& hapSyncParcel) = 0;
68     virtual int GetAllNativeTokenInfo(std::vector<NativeTokenInfoParcel>& nativeTokenInfoRes)  = 0;
69     virtual int SetRemoteHapTokenInfo(const std::string& deviceID,
70         HapTokenInfoForSyncParcel& hapSyncParcel) = 0;
71     virtual int SetRemoteNativeTokenInfo(const std::string& deviceID,
72         std::vector<NativeTokenInfoParcel>& nativeTokenInfoParcel)  = 0;
73     virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0;
74     virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0;
75     virtual int DeleteRemoteDeviceTokens(const std::string& deviceID)  = 0;
76 #endif
77 
78     virtual void DumpTokenInfo(std::string& tokenInfo) = 0;
79 
80     enum class InterfaceCode {
81         VERIFY_ACCESSTOKEN = 0xff10,
82         GET_DEF_PERMISSION = 0xff11,
83         GET_DEF_PERMISSIONS = 0xff12,
84         GET_REQ_PERMISSIONS = 0xff13,
85         GET_PERMISSION_FLAG = 0xff14,
86         GRANT_PERMISSION = 0xff15,
87         REVOKE_PERMISSION = 0xff16,
88         CLEAR_USER_GRANT_PERMISSION = 0xff17,
89         ALLOC_TOKEN_HAP = 0xff18,
90         TOKEN_DELETE = 0xff19,
91         GET_TOKEN_TYPE = 0xff20,
92         CHECK_NATIVE_DCAP = 0xff21,
93         GET_HAP_TOKEN_ID = 0xff22,
94         ALLOC_LOCAL_TOKEN_ID = 0xff23,
95         GET_NATIVE_TOKENINFO = 0xff24,
96         GET_HAP_TOKENINFO = 0xff25,
97         UPDATE_HAP_TOKEN = 0xff26,
98 
99         GET_HAP_TOKEN_FROM_REMOTE = 0xff27,
100         GET_ALL_NATIVE_TOKEN_FROM_REMOTE = 0xff28,
101         SET_REMOTE_HAP_TOKEN_INFO = 0xff29,
102         SET_REMOTE_NATIVE_TOKEN_INFO = 0xff2a,
103         DELETE_REMOTE_TOKEN_INFO = 0xff2b,
104         DELETE_REMOTE_DEVICE_TOKEN = 0xff2c,
105         VERIFY_NATIVETOKEN = 0xff2d,
106         GET_NATIVE_REMOTE_TOKEN = 0xff2f,
107 
108         DUMP_TOKENINFO = 0xff30,
109         GET_PERMISSION_OPER_STATE = 0xff31,
110     };
111 };
112 } // namespace AccessToken
113 } // namespace Security
114 } // namespace OHOS
115 
116 #endif // I_ACCESSTOKEN_MANAGER_H
117