1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "base_remote_command.h"
16
17 #include "accesstoken_log.h"
18 #include "data_validator.h"
19
20 namespace OHOS {
21 namespace Security {
22 namespace AccessToken {
23 namespace {
24 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "BaseRemoteCommand"};
25 }
26
FromRemoteProtocolJson(const nlohmann::json & jsonObject)27 void BaseRemoteCommand::FromRemoteProtocolJson(const nlohmann::json& jsonObject)
28 {
29 if (jsonObject.find("commandName") != jsonObject.end() && jsonObject.at("commandName").is_string()) {
30 remoteProtocol_.commandName = jsonObject.at("commandName").get<std::string>();
31 }
32 if (jsonObject.find("uniqueId") != jsonObject.end() && jsonObject.at("uniqueId").is_string()) {
33 remoteProtocol_.uniqueId = jsonObject.at("uniqueId").get<std::string>();
34 }
35 if (jsonObject.find("requestVersion") != jsonObject.end() && jsonObject.at("requestVersion").is_number()) {
36 remoteProtocol_.requestVersion = jsonObject.at("requestVersion").get<int32_t>();
37 }
38 if (jsonObject.find("srcDeviceId") != jsonObject.end() && jsonObject.at("srcDeviceId").is_string()) {
39 remoteProtocol_.srcDeviceId = jsonObject.at("srcDeviceId").get<std::string>();
40 }
41 if (jsonObject.find("srcDeviceLevel") != jsonObject.end() && jsonObject.at("srcDeviceLevel").is_string()) {
42 remoteProtocol_.srcDeviceLevel = jsonObject.at("srcDeviceLevel").get<std::string>();
43 }
44 if (jsonObject.find("dstDeviceId") != jsonObject.end() && jsonObject.at("dstDeviceId").is_string()) {
45 remoteProtocol_.dstDeviceId = jsonObject.at("dstDeviceId").get<std::string>();
46 }
47 if (jsonObject.find("dstDeviceLevel") != jsonObject.end() && jsonObject.at("dstDeviceLevel").is_string()) {
48 remoteProtocol_.dstDeviceLevel = jsonObject.at("dstDeviceLevel").get<std::string>();
49 }
50 if (jsonObject.find("statusCode") != jsonObject.end() && jsonObject.at("statusCode").is_number()) {
51 remoteProtocol_.statusCode = jsonObject.at("statusCode").get<int32_t>();
52 }
53 if (jsonObject.find("message") != jsonObject.end() && jsonObject.at("message").is_string()) {
54 remoteProtocol_.message = jsonObject.at("message").get<std::string>();
55 }
56 if (jsonObject.find("responseVersion") != jsonObject.end() && jsonObject.at("responseVersion").is_number()) {
57 remoteProtocol_.responseVersion = jsonObject.at("responseVersion").get<int32_t>();
58 }
59 if (jsonObject.find("responseDeviceId") != jsonObject.end() && jsonObject.at("responseDeviceId").is_string()) {
60 remoteProtocol_.responseDeviceId = jsonObject.at("responseDeviceId").get<std::string>();
61 }
62 }
63
ToRemoteProtocolJson()64 nlohmann::json BaseRemoteCommand::ToRemoteProtocolJson()
65 {
66 nlohmann::json j;
67 j["commandName"] = remoteProtocol_.commandName;
68 j["uniqueId"] = remoteProtocol_.uniqueId;
69 j["requestVersion"] = remoteProtocol_.requestVersion;
70 j["srcDeviceId"] = remoteProtocol_.srcDeviceId;
71 j["srcDeviceLevel"] = remoteProtocol_.srcDeviceLevel;
72 j["dstDeviceId"] = remoteProtocol_.dstDeviceId;
73 j["dstDeviceLevel"] = remoteProtocol_.dstDeviceLevel;
74 j["statusCode"] = remoteProtocol_.statusCode;
75 j["message"] = remoteProtocol_.message;
76 j["responseVersion"] = remoteProtocol_.responseVersion;
77 j["responseDeviceId"] = remoteProtocol_.responseDeviceId;
78 return j;
79 }
80
ToNativeTokenInfoJson(const NativeTokenInfoForSync & tokenInfo)81 nlohmann::json BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoForSync& tokenInfo)
82 {
83 nlohmann::json permStatesJson;
84 for (const auto& permState : tokenInfo.permStateList) {
85 nlohmann::json permStateJson;
86 ToPermStateJson(permStateJson, permState);
87 permStatesJson.emplace_back(permStateJson);
88 }
89
90 nlohmann::json DcapsJson = nlohmann::json(tokenInfo.baseInfo.dcap);
91 nlohmann::json NativeAclsJson = nlohmann::json(tokenInfo.baseInfo.nativeAcls);
92 nlohmann::json nativeTokenJson = nlohmann::json {
93 {"processName", tokenInfo.baseInfo.processName},
94 {"apl", tokenInfo.baseInfo.apl},
95 {"version", tokenInfo.baseInfo.ver},
96 {"tokenId", tokenInfo.baseInfo.tokenID},
97 {"tokenAttr", tokenInfo.baseInfo.tokenAttr},
98 {"dcaps", DcapsJson},
99 {"nativeAcls", NativeAclsJson},
100 {"permState", permStatesJson},
101 };
102 return nativeTokenJson;
103 }
104
ToPermStateJson(nlohmann::json & permStateJson,const PermissionStateFull & state)105 void BaseRemoteCommand::ToPermStateJson(nlohmann::json& permStateJson, const PermissionStateFull& state)
106 {
107 if (state.resDeviceID.size() != state.grantStatus.size() || state.resDeviceID.size() != state.grantFlags.size()) {
108 ACCESSTOKEN_LOG_DEBUG(LABEL, "state grant config size is invalid");
109 return;
110 }
111 nlohmann::json permConfigsJson;
112 uint32_t size = state.resDeviceID.size();
113 for (uint32_t i = 0; i < size; i++) {
114 nlohmann::json permConfigJson = nlohmann::json {
115 {"resDeviceID", state.resDeviceID[i]},
116 {"grantStatus", state.grantStatus[i]},
117 {"grantFlags", state.grantFlags[i]},
118 };
119 permConfigsJson.emplace_back(permConfigJson);
120 }
121
122 permStateJson["permissionName"] = state.permissionName;
123 permStateJson["isGeneral"] = state.isGeneral;
124 permStateJson["grantConfig"] = permConfigsJson;
125 }
126
ToHapTokenInfosJson(const HapTokenInfoForSync & tokenInfo)127 nlohmann::json BaseRemoteCommand::ToHapTokenInfosJson(const HapTokenInfoForSync& tokenInfo)
128 {
129 nlohmann::json permStatesJson;
130 for (const auto& permState : tokenInfo.permStateList) {
131 nlohmann::json permStateJson;
132 ToPermStateJson(permStateJson, permState);
133 permStatesJson.emplace_back(permStateJson);
134 }
135
136 nlohmann::json hapTokensJson = nlohmann::json {
137 {"version", tokenInfo.baseInfo.ver},
138 {"tokenID", tokenInfo.baseInfo.tokenID},
139 {"tokenAttr", tokenInfo.baseInfo.tokenAttr},
140 {"userID", tokenInfo.baseInfo.userID},
141 {"bundleName", tokenInfo.baseInfo.bundleName},
142 {"instIndex", tokenInfo.baseInfo.instIndex},
143 {"dlpType", tokenInfo.baseInfo.dlpType},
144 {"appID", tokenInfo.baseInfo.appID},
145 {"deviceID", tokenInfo.baseInfo.deviceID},
146 {"apl", tokenInfo.baseInfo.apl},
147 {"permState", permStatesJson}
148 };
149 return hapTokensJson;
150 }
151
FromHapTokenBasicInfoJson(const nlohmann::json & hapTokenJson,HapTokenInfo & hapTokenBasicInfo)152 void BaseRemoteCommand::FromHapTokenBasicInfoJson(const nlohmann::json& hapTokenJson,
153 HapTokenInfo& hapTokenBasicInfo)
154 {
155 if (hapTokenJson.find("version") != hapTokenJson.end() && hapTokenJson.at("version").is_number()) {
156 hapTokenJson.at("version").get_to(hapTokenBasicInfo.ver);
157 }
158 if (hapTokenJson.find("tokenID") != hapTokenJson.end() && hapTokenJson.at("tokenID").is_number()) {
159 hapTokenJson.at("tokenID").get_to(hapTokenBasicInfo.tokenID);
160 }
161 if (hapTokenJson.find("tokenAttr") != hapTokenJson.end() && hapTokenJson.at("tokenAttr").is_number()) {
162 hapTokenJson.at("tokenAttr").get_to(hapTokenBasicInfo.tokenAttr);
163 }
164 if (hapTokenJson.find("userID") != hapTokenJson.end() && hapTokenJson.at("userID").is_number()) {
165 hapTokenJson.at("userID").get_to(hapTokenBasicInfo.userID);
166 }
167 if (hapTokenJson.find("bundleName") != hapTokenJson.end() && hapTokenJson.at("bundleName").is_string()) {
168 hapTokenJson.at("bundleName").get_to(hapTokenBasicInfo.bundleName);
169 }
170 if (hapTokenJson.find("instIndex") != hapTokenJson.end() && hapTokenJson.at("instIndex").is_number()) {
171 hapTokenJson.at("instIndex").get_to(hapTokenBasicInfo.instIndex);
172 }
173 if (hapTokenJson.find("dlpType") != hapTokenJson.end() && hapTokenJson.at("dlpType").is_number()) {
174 hapTokenJson.at("dlpType").get_to(hapTokenBasicInfo.dlpType);
175 }
176 if (hapTokenJson.find("appID") != hapTokenJson.end() && hapTokenJson.at("appID").is_string()) {
177 hapTokenJson.at("appID").get_to(hapTokenBasicInfo.appID);
178 }
179 if (hapTokenJson.find("deviceID") != hapTokenJson.end() && hapTokenJson.at("deviceID").is_string()) {
180 hapTokenJson.at("deviceID").get_to(hapTokenBasicInfo.deviceID);
181 }
182 if (hapTokenJson.find("apl") != hapTokenJson.end() && hapTokenJson.at("apl").is_number()) {
183 int apl = hapTokenJson.at("apl").get<int>();
184 if (DataValidator::IsAplNumValid(apl)) {
185 hapTokenBasicInfo.apl = static_cast<ATokenAplEnum>(apl);
186 }
187 }
188 }
189
FromPermStateListJson(const nlohmann::json & hapTokenJson,std::vector<PermissionStateFull> & permStateList)190 void BaseRemoteCommand::FromPermStateListJson(const nlohmann::json& hapTokenJson,
191 std::vector<PermissionStateFull>& permStateList)
192 {
193 if (hapTokenJson.find("permState") != hapTokenJson.end()
194 && hapTokenJson.at("permState").is_array()
195 && !hapTokenJson.at("permState").empty()) {
196 nlohmann::json permissionsJson = hapTokenJson.at("permState").get<nlohmann::json>();
197 for (const auto& permissionJson : permissionsJson) {
198 PermissionStateFull permission;
199 if (permissionJson.find("permissionName") == permissionJson.end() ||
200 !permissionJson.at("permissionName").is_string() ||
201 permissionJson.find("isGeneral") == permissionJson.end() ||
202 !permissionJson.at("isGeneral").is_boolean() ||
203 permissionJson.find("grantConfig") == permissionJson.end() ||
204 !permissionJson.at("grantConfig").is_array() ||
205 permissionJson.at("grantConfig").empty()) {
206 continue;
207 }
208 permissionJson.at("permissionName").get_to(permission.permissionName);
209 permissionJson.at("isGeneral").get_to(permission.isGeneral);
210 nlohmann::json grantConfigsJson = permissionJson.at("grantConfig").get<nlohmann::json>();
211 for (const auto& grantConfigJson :grantConfigsJson) {
212 if (grantConfigJson.find("resDeviceID") == grantConfigJson.end() ||
213 !grantConfigJson.at("resDeviceID").is_string() ||
214 grantConfigJson.find("grantStatus") == grantConfigJson.end() ||
215 !grantConfigJson.at("grantStatus").is_number() ||
216 grantConfigJson.find("grantFlags") == grantConfigJson.end() ||
217 !grantConfigJson.at("grantFlags").is_number()) {
218 continue;
219 }
220 std::string deviceID;
221 grantConfigJson.at("resDeviceID").get_to(deviceID);
222 int grantStatus;
223 grantConfigJson.at("grantStatus").get_to(grantStatus);
224 int grantFlags;
225 grantConfigJson.at("grantFlags").get_to(grantFlags);
226 permission.resDeviceID.emplace_back(deviceID);
227 permission.grantStatus.emplace_back(grantStatus);
228 permission.grantFlags.emplace_back(grantFlags);
229 }
230 permStateList.emplace_back(permission);
231 }
232 }
233 }
234
FromHapTokenInfoJson(const nlohmann::json & hapTokenJson,HapTokenInfoForSync & hapTokenInfo)235 void BaseRemoteCommand::FromHapTokenInfoJson(const nlohmann::json& hapTokenJson,
236 HapTokenInfoForSync& hapTokenInfo)
237 {
238 FromHapTokenBasicInfoJson(hapTokenJson, hapTokenInfo.baseInfo);
239 if (hapTokenInfo.baseInfo.tokenID == 0) {
240 ACCESSTOKEN_LOG_ERROR(LABEL, "Hap token basic info is error.");
241 return;
242 }
243 FromPermStateListJson(hapTokenJson, hapTokenInfo.permStateList);
244 }
245
FromNativeTokenInfoJson(const nlohmann::json & nativeTokenJson,NativeTokenInfoForSync & nativeTokenInfo)246 void BaseRemoteCommand::FromNativeTokenInfoJson(const nlohmann::json& nativeTokenJson,
247 NativeTokenInfoForSync& nativeTokenInfo)
248 {
249 if (nativeTokenJson.find("processName") != nativeTokenJson.end() && nativeTokenJson.at("processName").is_string()) {
250 nativeTokenInfo.baseInfo.processName = nativeTokenJson.at("processName").get<std::string>();
251 }
252 if (nativeTokenJson.find("apl") != nativeTokenJson.end() && nativeTokenJson.at("apl").is_number()) {
253 int apl = nativeTokenJson.at("apl").get<int>();
254 if (DataValidator::IsAplNumValid(apl)) {
255 nativeTokenInfo.baseInfo.apl = static_cast<ATokenAplEnum>(apl);
256 }
257 }
258 if (nativeTokenJson.find("version") != nativeTokenJson.end() && nativeTokenJson.at("version").is_number()) {
259 nativeTokenInfo.baseInfo.ver = (unsigned)nativeTokenJson.at("version").get<int32_t>();
260 }
261 if (nativeTokenJson.find("tokenId") != nativeTokenJson.end() && nativeTokenJson.at("tokenId").is_number()) {
262 nativeTokenInfo.baseInfo.tokenID = (unsigned)nativeTokenJson.at("tokenId").get<int32_t>();
263 }
264 if (nativeTokenJson.find("tokenAttr") != nativeTokenJson.end() && nativeTokenJson.at("tokenAttr").is_number()) {
265 nativeTokenInfo.baseInfo.tokenAttr = (unsigned)nativeTokenJson.at("tokenAttr").get<int32_t>();
266 }
267 if (nativeTokenJson.find("dcaps") != nativeTokenJson.end() && nativeTokenJson.at("dcaps").is_array()
268 && !nativeTokenJson.at("dcaps").empty() && (nativeTokenJson.at("dcaps"))[0].is_string()) {
269 nativeTokenInfo.baseInfo.dcap = nativeTokenJson.at("dcaps").get<std::vector<std::string>>();
270 }
271 if (nativeTokenJson.find("nativeAcls") != nativeTokenJson.end() && nativeTokenJson.at("nativeAcls").is_array()
272 && !nativeTokenJson.at("nativeAcls").empty() && (nativeTokenJson.at("nativeAcls"))[0].is_string()) {
273 nativeTokenInfo.baseInfo.nativeAcls = nativeTokenJson.at("nativeAcls").get<std::vector<std::string>>();
274 }
275
276 FromPermStateListJson(nativeTokenJson, nativeTokenInfo.permStateList);
277 }
278 } // namespace AccessToken
279 } // namespace Security
280 } // namespace OHOS
281