1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ACCESSTOKEN_MANAGER_SERVICE_H 17 #define ACCESSTOKEN_MANAGER_SERVICE_H 18 19 #include <string> 20 #include <vector> 21 #include <mutex> 22 23 #include "accesstoken_manager_stub.h" 24 #include "iremote_object.h" 25 #include "nocopyable.h" 26 #include "singleton.h" 27 #include "system_ability.h" 28 #include "hap_token_info.h" 29 #include "access_token.h" 30 31 namespace OHOS { 32 namespace Security { 33 namespace AccessToken { 34 enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; 35 class AccessTokenManagerService final : public SystemAbility, public AccessTokenManagerStub { 36 DECLARE_DELAYED_SINGLETON(AccessTokenManagerService); 37 DECLEAR_SYSTEM_ABILITY(AccessTokenManagerService); 38 39 public: 40 void OnStart() override; 41 void OnStop() override; 42 43 AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override; 44 int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; 45 int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; 46 int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDefParcel>& permList) override; 47 int GetReqPermissions( 48 AccessTokenID tokenID, std::vector<PermissionStateFullParcel>& reqPermList, bool isSystemGrant) override; 49 PermissionOper GetSelfPermissionsState( 50 std::vector<PermissionListStateParcel>& reqPermList) override; 51 int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag) override; 52 int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; 53 int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; 54 int ClearUserGrantedPermissionState(AccessTokenID tokenID) override; 55 int DeleteToken(AccessTokenID tokenID) override; 56 int GetTokenType(AccessTokenID tokenID) override; 57 int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) override; 58 AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) override; 59 AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; 60 int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& infoParcel) override; 61 int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& infoParcel) override; 62 int UpdateHapToken(AccessTokenID tokenID, 63 const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyParcel) override; 64 int32_t RegisterPermStateChangeCallback( 65 const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) override; 66 int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) override; 67 int32_t ReloadNativeTokenInfo() override; 68 AccessTokenID GetNativeTokenId(const std::string& processName) override; 69 70 #ifdef TOKEN_SYNC_ENABLE 71 int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; 72 int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfosRes) override; 73 int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; 74 int SetRemoteNativeTokenInfo(const std::string& deviceID, 75 std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfoForSyncParcel) override; 76 int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; 77 AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; 78 int DeleteRemoteDeviceTokens(const std::string& deviceID) override; 79 void CreateDeviceListener(); 80 void DestroyDeviceListener(); 81 #endif 82 83 void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) override; 84 int Dump(int fd, const std::vector<std::u16string>& args) override; 85 86 private: 87 bool Initialize(); 88 89 ServiceRunningState state_; 90 std::mutex mutex_; 91 bool isListened_ = false; 92 }; 93 } // namespace AccessToken 94 } // namespace Security 95 } // namespace OHOS 96 #endif // ACCESSTOKEN_MANAGER_SERVICE_H 97