1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H 17 #define INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H 18 19 #include <string> 20 #include <vector> 21 22 #include "access_token.h" 23 #include "hap_token_info.h" 24 #include "native_token_info.h" 25 #include "permission_def.h" 26 #include "permission_list_state.h" 27 #include "permission_state_change_info.h" 28 #include "permission_state_full.h" 29 #include "perm_state_change_callback_customize.h" 30 31 namespace OHOS { 32 namespace Security { 33 namespace AccessToken { 34 class AccessTokenKit { 35 public: 36 static AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); 37 static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 38 static int UpdateHapToken( 39 AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); 40 static int DeleteToken(AccessTokenID tokenID); 41 /* Get token type by ATM service */ 42 static ATokenTypeEnum GetTokenType(AccessTokenID tokenID); 43 /* Get token type from flag in tokenId, which doesn't depend on ATM service */ 44 static ATokenTypeEnum GetTokenTypeFlag(AccessTokenID tokenID); 45 static int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); 46 static AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); 47 static int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); 48 static int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); 49 static int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); 50 static int VerifyAccessToken( 51 AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName); 52 static int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); 53 static int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); 54 static int GetReqPermissions( 55 AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); 56 static int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag); 57 static PermissionOper GetSelfPermissionsState(std::vector<PermissionListState>& permList); 58 static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 59 static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 60 static int ClearUserGrantedPermissionState(AccessTokenID tokenID); 61 static int32_t RegisterPermStateChangeCallback( 62 const std::shared_ptr<PermStateChangeCallbackCustomize>& callback); 63 static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& callback); 64 static int32_t GetVersion(void); 65 static int32_t GetHapDlpFlag(AccessTokenID tokenID); 66 static int32_t ReloadNativeTokenInfo(); 67 static AccessTokenID GetNativeTokenId(const std::string& processName); 68 69 #ifdef TOKEN_SYNC_ENABLE 70 static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 71 static int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSync>& nativeTokenInfosRes); 72 static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 73 static int SetRemoteNativeTokenInfo(const std::string& deviceID, 74 const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList); 75 static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 76 static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 77 static int DeleteRemoteDeviceTokens(const std::string& deviceID); 78 #endif 79 static void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo); 80 }; 81 } // namespace AccessToken 82 } // namespace Security 83 } // namespace OHOS 84 #endif 85