1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef I_ACCESSTOKEN_MANAGER_H 17 #define I_ACCESSTOKEN_MANAGER_H 18 19 #include <string> 20 21 #include "access_token.h" 22 #include "errors.h" 23 #include "hap_info_parcel.h" 24 #include "hap_policy_parcel.h" 25 #include "hap_token_info_for_sync_parcel.h" 26 #include "hap_token_info_parcel.h" 27 #include "iremote_broker.h" 28 #include "i_permission_state_callback.h" 29 #include "native_token_info_for_sync_parcel.h" 30 #include "native_token_info_parcel.h" 31 #include "permission_def_parcel.h" 32 #include "permission_list_state_parcel.h" 33 #include "permission_state_full_parcel.h" 34 #include "permission_state_change_scope_parcel.h" 35 #include "system_ability_definition.h" 36 37 namespace OHOS { 38 namespace Security { 39 namespace AccessToken { 40 class IAccessTokenManager : public IRemoteBroker { 41 public: 42 static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = ACCESS_TOKEN_MANAGER_SERVICE_ID; 43 44 DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager"); 45 46 virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0; 47 virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; 48 virtual int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDefParcel>& permList) = 0; 49 virtual int GetReqPermissions( 50 AccessTokenID tokenID, std::vector<PermissionStateFullParcel>& reqPermList, bool isSystemGrant) = 0; 51 virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag) = 0; 52 virtual PermissionOper GetSelfPermissionsState( 53 std::vector<PermissionListStateParcel>& permListParcel) = 0; 54 virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0; 55 virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0; 56 virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0; 57 virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0; 58 virtual int DeleteToken(AccessTokenID tokenID) = 0; 59 virtual int GetTokenType(AccessTokenID tokenID) = 0; 60 virtual int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) = 0; 61 virtual AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) = 0; 62 virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0; 63 virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0; 64 virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0; 65 virtual int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, 66 const HapPolicyParcel& policyParcel) = 0; 67 virtual int32_t RegisterPermStateChangeCallback( 68 const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) = 0; 69 virtual int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0; 70 virtual int32_t ReloadNativeTokenInfo() = 0; 71 virtual AccessTokenID GetNativeTokenId(const std::string& processName) = 0; 72 73 #ifdef TOKEN_SYNC_ENABLE 74 virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, 75 HapTokenInfoForSyncParcel& hapSyncParcel) = 0; 76 virtual int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfoRes) = 0; 77 virtual int SetRemoteHapTokenInfo(const std::string& deviceID, 78 HapTokenInfoForSyncParcel& hapSyncParcel) = 0; 79 virtual int SetRemoteNativeTokenInfo(const std::string& deviceID, 80 std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfoForSyncParcel) = 0; 81 virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; 82 virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0; 83 virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; 84 #endif 85 86 virtual void DumpTokenInfo(AccessTokenID tokenID, std::string& tokenInfo) = 0; 87 88 enum class InterfaceCode { 89 VERIFY_ACCESSTOKEN = 0xff10, 90 GET_DEF_PERMISSION, 91 GET_DEF_PERMISSIONS, 92 GET_REQ_PERMISSIONS, 93 GET_PERMISSION_FLAG, 94 GRANT_PERMISSION, 95 REVOKE_PERMISSION, 96 CLEAR_USER_GRANT_PERMISSION, 97 ALLOC_TOKEN_HAP, 98 TOKEN_DELETE, 99 100 GET_TOKEN_TYPE = 0xff20, 101 CHECK_NATIVE_DCAP, 102 GET_HAP_TOKEN_ID, 103 ALLOC_LOCAL_TOKEN_ID, 104 GET_NATIVE_TOKENINFO, 105 GET_HAP_TOKENINFO, 106 UPDATE_HAP_TOKEN, 107 108 GET_HAP_TOKEN_FROM_REMOTE = 0xff30, 109 GET_ALL_NATIVE_TOKEN_FROM_REMOTE, 110 SET_REMOTE_HAP_TOKEN_INFO, 111 SET_REMOTE_NATIVE_TOKEN_INFO, 112 DELETE_REMOTE_TOKEN_INFO, 113 DELETE_REMOTE_DEVICE_TOKEN, 114 GET_NATIVE_REMOTE_TOKEN, 115 116 DUMP_TOKENINFO = 0xff50, 117 GET_PERMISSION_OPER_STATE, 118 REGISTER_PERM_STATE_CHANGE_CALLBACK, 119 UNREGISTER_PERM_STATE_CHANGE_CALLBACK, 120 RELOAD_NATIVE_TOKEN_INFO, 121 GET_NATIVE_TOKEN_ID, 122 }; 123 }; 124 } // namespace AccessToken 125 } // namespace Security 126 } // namespace OHOS 127 128 #endif // I_ACCESSTOKEN_MANAGER_H 129