1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "bundle_checker.h"
16
17 #include <cinttypes>
18
19 #include "ability_manager_client.h"
20 #include "accesstoken_kit.h"
21 #include "global.h"
22 #include "tokenid_kit.h"
23 #include "window_manager.h"
24
25 namespace OHOS {
26 namespace MiscServices {
27 using namespace Rosen;
28 using namespace Security::AccessToken;
IsFocused(int64_t callingPid,uint32_t callingTokenId,int64_t focusedPid)29 bool BundleChecker::IsFocused(int64_t callingPid, uint32_t callingTokenId, int64_t focusedPid)
30 {
31 int64_t realFocusedPid = focusedPid;
32 if (realFocusedPid == INVALID_PID) {
33 FocusChangeInfo info;
34 WindowManager::GetInstance().GetFocusWindowInfo(info);
35 realFocusedPid = info.pid_;
36 }
37 IMSA_HILOGD("focusedPid:%{public}" PRId64 ", pid:%{public}" PRId64 "", realFocusedPid, callingPid);
38 if (callingPid == realFocusedPid) {
39 IMSA_HILOGI("pid is same, focused app");
40 return true;
41 }
42 bool isFocused = false;
43 auto ret = AAFwk::AbilityManagerClient::GetInstance()->CheckUIExtensionIsFocused(callingTokenId, isFocused);
44 IMSA_HILOGI("tokenId:%{public}d check result:%{public}d, isFocused:%{public}d", callingTokenId, ret, isFocused);
45 return ret == ErrorCode::NO_ERROR && isFocused;
46 }
47
IsSystemApp(uint64_t fullTokenID)48 bool BundleChecker::IsSystemApp(uint64_t fullTokenID)
49 {
50 return TokenIdKit::IsSystemAppByFullTokenID(fullTokenID);
51 }
52
IsCurrentIme(uint32_t tokenID,const std::string & currentIme)53 bool BundleChecker::IsCurrentIme(uint32_t tokenID, const std::string ¤tIme)
54 {
55 std::string bundleName = GetBundleNameByToken(tokenID);
56 if (bundleName.empty()) {
57 return false;
58 }
59 if (bundleName != currentIme) {
60 IMSA_HILOGE(
61 "not current ime, caller: %{public}s, current ime: %{public}s", bundleName.c_str(), currentIme.c_str());
62 return false;
63 }
64 IMSA_HILOGD("checked ime successfully");
65 return true;
66 }
67
CheckPermission(uint32_t tokenID,const std::string & permission)68 bool BundleChecker::CheckPermission(uint32_t tokenID, const std::string &permission)
69 {
70 if (AccessTokenKit::VerifyAccessToken(tokenID, permission) != PERMISSION_GRANTED) {
71 IMSA_HILOGE("Permission [%{public}s] not granted", permission.c_str());
72 return false;
73 }
74 IMSA_HILOGD("verify AccessToken success");
75 return true;
76 }
77
GetBundleNameByToken(uint32_t tokenID)78 std::string BundleChecker::GetBundleNameByToken(uint32_t tokenID)
79 {
80 auto tokenType = AccessTokenKit::GetTokenTypeFlag(tokenID);
81 if (tokenType != TOKEN_HAP) {
82 IMSA_HILOGE("invalid token");
83 return "";
84 }
85 HapTokenInfo info;
86 int ret = AccessTokenKit::GetHapTokenInfo(tokenID, info);
87 if (ret != ErrorCode::NO_ERROR) {
88 IMSA_HILOGE("failed to get hap info, ret: %{public}d", ret);
89 return "";
90 }
91 return info.bundleName;
92 }
93 } // namespace MiscServices
94 } // namespace OHOS
95