1 /* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup Privacy 18 * @{ 19 * 20 * @brief Provides sensitive permissions access management. 21 * 22 * @since 8.0 23 * @version 8.0 24 */ 25 26 /** 27 * @file privacy_kit.h 28 * 29 * @brief Declares PrivacyKit interfaces. 30 * 31 * @since 8.0 32 * @version 8.0 33 */ 34 35 #ifndef INTERFACES_INNER_KITS_PRIVACY_KIT_H 36 #define INTERFACES_INNER_KITS_PRIVACY_KIT_H 37 38 #include <string> 39 40 #include "access_token.h" 41 #include "on_permission_used_record_callback.h" 42 #include "permission_used_request.h" 43 #include "permission_used_result.h" 44 #include "perm_active_status_customized_cbk.h" 45 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE 46 #include "sec_comp_enhance_data.h" 47 #endif 48 #include "state_customized_cbk.h" 49 50 namespace OHOS { 51 namespace Security { 52 namespace AccessToken { 53 /** 54 * @brief Declares PrivacyKit class 55 */ 56 class PrivacyKit { 57 public: 58 /** 59 * @brief Add input tokenID access input permission record. 60 * @param tokenID token id 61 * @param permissionName permission nanme 62 * @param successCount access success count 63 * @param failCount fail success count 64 * @return error code, see privacy_error.h 65 */ 66 static int32_t AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, 67 int32_t successCount, int32_t failCount, bool asyncMode = false); 68 /** 69 * @brief Input tokenID start using input permission. 70 * @param tokenID token id 71 * @param permissionName permission nanme 72 * @return error code, see privacy_error.h 73 */ 74 static int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); 75 /** 76 * @brief Input tokenID start using input permission and return by callback, 77 * only those services which has float window such as camera or 78 * microphone can use this interface. 79 * @param tokenID token id 80 * @param permissionName permission nanme 81 * @param callback StateCustomizedCbk nanme 82 * @return error code, see privacy_error.h 83 */ 84 static int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName, 85 const std::shared_ptr<StateCustomizedCbk>& callback); 86 /** 87 * @brief Input tokenID stop using input permission. 88 * @param tokenID token id 89 * @param permissionName permission nanme 90 * @return error code, see privacy_error.h 91 */ 92 static int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); 93 /** 94 * @brief Remove input tokenID sensitive permission used records. 95 * @param tokenID token id 96 * @param deviceID device id 97 * @return error code, see privacy_error.h 98 */ 99 static int32_t RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); 100 /** 101 * @brief Get sensitive permission used records. 102 * @param request PermissionUsedRequest quote 103 * @param result PermissionUsedResult quote, as query result 104 * @return error code, see privacy_error.h 105 */ 106 static int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); 107 /** 108 * @brief Get sensitive permission used records. 109 * @param request PermissionUsedRequest quote 110 * @param callback OnPermissionUsedRecordCallback smart pointer quote 111 * @return error code, see privacy_error.h 112 */ 113 static int32_t GetPermissionUsedRecords( 114 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback); 115 /** 116 * @brief Register sensitive permission active status change callback. 117 * @param callback PermActiveStatusCustomizedCbk smark pointer quote 118 * @return error code, see privacy_error.h 119 */ 120 static int32_t RegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback); 121 /** 122 * @brief Unregister sensitive permission active status change callback. 123 * @param callback PermActiveStatusCustomizedCbk smark pointer quote 124 * @return error code, see privacy_error.h 125 */ 126 static int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback); 127 /** 128 * @brief Judge whether the input tokenID can use the input permission or not. 129 * @param tokenID token id 130 * @param permissionName permission nanme 131 * @return true means allow to user the permission, false means not allow 132 */ 133 static bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName); 134 135 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE 136 /** 137 * @brief Register security component enhance data when security component service did not start 138 * @param enhance enhance data 139 * @return error code, see privacy_error.h 140 */ 141 static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance); 142 /** 143 * @brief deposit security component enhance data when security component service exit 144 * @param enhanceList enhance data 145 * @return error code, see privacy_error.h 146 */ 147 static int32_t DepositSecCompEnhance(const std::vector<SecCompEnhanceData>& enhanceList); 148 /** 149 * @brief recover security component enhance data to security component service 150 * @param enhanceList enhance data 151 * @return error code, see privacy_error.h 152 */ 153 static int32_t RecoverSecCompEnhance(std::vector<SecCompEnhanceData>& enhanceList); 154 #endif 155 }; 156 } // namespace AccessToken 157 } // namespace Security 158 } // namespace OHOS 159 #endif 160