1/* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16import { AsyncCallback, Callback } from './@ohos.base'; 17import { Permissions } from './permissions'; 18 19/** 20 * @namespace privacyManager 21 * @syscap SystemCapability.Security.AccessToken 22 * @since 9 23 */ 24declare namespace privacyManager { 25 /** 26 * Adds access record of sensitive permission. 27 * 28 * @permission ohos.permission.PERMISSION_USED_STATS 29 * @param { number } tokenID - Token ID of the application. 30 * @param { Permissions } permissionName - Name of the permission to be added. 31 * @param { number } successCount - Access count. 32 * @param { number } failCount - Reject count. 33 * @returns { Promise<void> } Promise that returns no value. 34 * @throws { BusinessError } 401 - The parameter check failed. 35 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 36 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 37 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 38 * or the count value is invalid. 39 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 40 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 41 * @throws { BusinessError } 12100007 - Service is abnormal. 42 * @throws { BusinessError } 12100008 - Out of memory. 43 * @syscap SystemCapability.Security.AccessToken 44 * @systemapi 45 * @since 9 46 */ 47 function addPermissionUsedRecord( 48 tokenID: number, 49 permissionName: Permissions, 50 successCount: number, 51 failCount: number 52 ): Promise<void>; 53 54 /** 55 * Adds access record of sensitive permission. 56 * 57 * @permission ohos.permission.PERMISSION_USED_STATS 58 * @param { number } tokenID - Token ID of the application. 59 * @param { Permissions } permissionName - Name of the permission to be added. 60 * @param { number } successCount - Access count. 61 * @param { number } failCount - Reject count. 62 * @param { AsyncCallback<void> } callback - Asynchronous callback interface. 63 * @throws { BusinessError } 401 - The parameter check failed. 64 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 65 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 66 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 67 * or the count value is invalid. 68 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 69 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 70 * @throws { BusinessError } 12100007 - Service is abnormal. 71 * @throws { BusinessError } 12100008 - Out of memory. 72 * @syscap SystemCapability.Security.AccessToken 73 * @systemapi 74 * @since 9 75 */ 76 function addPermissionUsedRecord( 77 tokenID: number, 78 permissionName: Permissions, 79 successCount: number, 80 failCount: number, 81 callback: AsyncCallback<void> 82 ): void; 83 84 /** 85 * Queries the access records of sensitive permission. 86 * 87 * @permission ohos.permission.PERMISSION_USED_STATS 88 * @param { PermissionUsedRequest } request - The request of permission used records. 89 * @returns { Promise<PermissionUsedResponse> } Return the response of permission used records. 90 * @throws { BusinessError } 401 - The parameter check failed. 91 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 92 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 93 * @throws { BusinessError } 12100001 - The parameter is invalid. the value of flag in request is invalid. 94 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 95 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 96 * @throws { BusinessError } 12100007 - Service is abnormal. 97 * @throws { BusinessError } 12100008 - Out of memory. 98 * @syscap SystemCapability.Security.AccessToken 99 * @systemapi 100 * @since 9 101 */ 102 function getPermissionUsedRecord(request: PermissionUsedRequest): Promise<PermissionUsedResponse>; 103 104 /** 105 * Queries the access records of sensitive permission. 106 * 107 * @permission ohos.permission.PERMISSION_USED_STATS 108 * @param { PermissionUsedRequest } request - The request of permission used records. 109 * @param { AsyncCallback<PermissionUsedResponse> } callback - Return the response of permission used records. 110 * @throws { BusinessError } 401 - The parameter check failed. 111 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 112 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 113 * @throws { BusinessError } 12100001 - The parameter is invalid. the value of flag in request is invalid. 114 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 115 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 116 * @throws { BusinessError } 12100007 - Service is abnormal. 117 * @throws { BusinessError } 12100008 - Out of memory. 118 * @syscap SystemCapability.Security.AccessToken 119 * @systemapi 120 * @since 9 121 */ 122 function getPermissionUsedRecord( 123 request: PermissionUsedRequest, 124 callback: AsyncCallback<PermissionUsedResponse> 125 ): void; 126 127 /** 128 * Start using sensitive permission. 129 * 130 * @permission ohos.permission.PERMISSION_USED_STATS 131 * @param { number } tokenID - Token ID of the application. 132 * @param { Permissions } permissionName - Name of the permission to be started. 133 * @returns { Promise<void> } Promise that returns no value. 134 * @throws { BusinessError } 401 - The parameter check failed. 135 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 136 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 137 * @throws { BusinessError } 12100001 - The tokenID is 0, permissionName is longer than 256 bytes, or the count value is invalid. 138 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 139 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 140 * @throws { BusinessError } 12100004 - The interface is called repeatedly with the same input. 141 * It means the application specified by the tokenID has been using the specified permission. 142 * @throws { BusinessError } 12100007 - Service is abnormal. 143 * @throws { BusinessError } 12100008 - Out of memory. 144 * @syscap SystemCapability.Security.AccessToken 145 * @systemapi 146 * @since 9 147 */ 148 function startUsingPermission(tokenID: number, permissionName: Permissions): Promise<void>; 149 150 /** 151 * Start using sensitive permission. 152 * 153 * @permission ohos.permission.PERMISSION_USED_STATS 154 * @param { number } tokenID - Token ID of the application. 155 * @param { Permissions } permissionName - Name of the permission to be started. 156 * @param { AsyncCallback<void> } callback - Asynchronous callback interface. 157 * @throws { BusinessError } 401 - The parameter check failed. 158 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 159 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 160 * @throws { BusinessError } 12100001 - The tokenID is 0, permissionName is longer than 256 bytes, or the count value is invalid. 161 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 162 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 163 * @throws { BusinessError } 12100004 - The interface is called repeatedly with the same input. 164 * It means the application specified by the tokenID has been using the specified permission. 165 * @throws { BusinessError } 12100007 - Service is abnormal. 166 * @throws { BusinessError } 12100008 - Out of memory. 167 * @syscap SystemCapability.Security.AccessToken 168 * @systemapi 169 * @since 9 170 */ 171 function startUsingPermission(tokenID: number, permissionName: Permissions, callback: AsyncCallback<void>): void; 172 173 /** 174 * Stop using sensitive permission. 175 * 176 * @permission ohos.permission.PERMISSION_USED_STATS 177 * @param { number } tokenID - Token ID of the application. 178 * @param { Permissions } permissionName - Name of the permission to be stopped. 179 * @returns { Promise<void> } Promise that returns no value. 180 * @throws { BusinessError } 401 - The parameter check failed. 181 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 182 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 183 * @throws { BusinessError } 12100001 - The tokenID is 0, permissionName is longer than 256 bytes, or the count value is invalid. 184 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 185 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 186 * @throws { BusinessError } 12100004 - The interface is not used with "startUsingPermission". 187 * @throws { BusinessError } 12100007 - Service is abnormal. 188 * @throws { BusinessError } 12100008 - Out of memory. 189 * @syscap SystemCapability.Security.AccessToken 190 * @systemapi 191 * @since 9 192 */ 193 function stopUsingPermission(tokenID: number, permissionName: Permissions): Promise<void>; 194 195 /** 196 * Stop using sensitive permission. 197 * 198 * @permission ohos.permission.PERMISSION_USED_STATS 199 * @param { number } tokenID - Token ID of the application. 200 * @param { Permissions } permissionName - Name of the permission to be stopped. 201 * @param { AsyncCallback<void> } callback - Asynchronous callback interface. 202 * @throws { BusinessError } 401 - The parameter check failed. 203 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 204 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 205 * @throws { BusinessError } 12100001 - The tokenID is 0, permissionName is longer than 256 bytes, or the count value is invalid. 206 * @throws { BusinessError } 12100002 - The specified tokenID does not exist or refer to an application process. 207 * @throws { BusinessError } 12100003 - The specified permission does not exist or is not an user_grant permission. 208 * @throws { BusinessError } 12100004 - The interface is not used with "startUsingPermission". 209 * @throws { BusinessError } 12100007 - Service is abnormal. 210 * @throws { BusinessError } 12100008 - Out of memory. 211 * @syscap SystemCapability.Security.AccessToken 212 * @systemapi 213 * @since 9 214 */ 215 function stopUsingPermission(tokenID: number, permissionName: Permissions, callback: AsyncCallback<void>): void; 216 217 /** 218 * Subscribes to the change of active state of the specified permission. 219 * 220 * @permission ohos.permission.PERMISSION_USED_STATS 221 * @param { 'activeStateChange' } type - Event type. 222 * @param { Array<Permissions> } permissionList - Indicates the permission list, which are specified. 223 * @param { Callback<ActiveChangeResponse> } callback Callback for listening permission change. 224 * @throws { BusinessError } 401 - The parameter check failed. 225 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 226 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 227 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 228 * @throws { BusinessError } 12100004 - The interface is called repeatedly with the same input. 229 * @throws { BusinessError } 12100005 - The registration time has exceeded the limitation. 230 * @throws { BusinessError } 12100007 - Service is abnormal. 231 * @throws { BusinessError } 12100008 - Out of memory. 232 * @syscap SystemCapability.Security.AccessToken 233 * @systemapi 234 * @since 9 235 */ 236 function on( 237 type: 'activeStateChange', 238 permissionList: Array<Permissions>, 239 callback: Callback<ActiveChangeResponse> 240 ): void; 241 242 /** 243 * Unsubscribes to the change of active state of the specified permission. 244 * 245 * @permission ohos.permission.PERMISSION_USED_STATS 246 * @param { 'activeStateChange' } type - Event type. 247 * @param { Array<Permissions> } permissionList - Indicates the permission list, which are specified. 248 * @param { Callback<ActiveChangeResponse> } callback - Callback for listening permission change. 249 * @throws { BusinessError } 401 - The parameter check failed. 250 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.PERMISSION_USED_STATS". 251 * @throws { BusinessError } 202 - Not system app. Interface caller is not a system app. 252 * @throws { BusinessError } 12100001 - The permissionNames in the list are all invalid, or the list size exceeds 1024 bytes. 253 * @throws { BusinessError } 12100004 - The interface is not used together with "on". 254 * @throws { BusinessError } 12100007 - Service is abnormal. 255 * @throws { BusinessError } 12100008 - Out of memory. 256 * @syscap SystemCapability.Security.AccessToken 257 * @systemapi 258 * @since 9 259 */ 260 function off( 261 type: 'activeStateChange', 262 permissionList: Array<Permissions>, 263 callback?: Callback<ActiveChangeResponse> 264 ): void; 265 266 /** 267 * Enum for permission for status. 268 * 269 * @enum { number } PermissionActiveStatus 270 * @syscap SystemCapability.Security.AccessToken 271 * @systemapi 272 * @since 9 273 */ 274 enum PermissionActiveStatus { 275 /** 276 * permission is not used yet. 277 * 278 * @syscap SystemCapability.Security.AccessToken 279 * @systemapi 280 * @since 9 281 */ 282 PERM_INACTIVE = 0, 283 284 /** 285 * permission is used in front_end. 286 * 287 * @syscap SystemCapability.Security.AccessToken 288 * @systemapi 289 * @since 9 290 */ 291 PERM_ACTIVE_IN_FOREGROUND = 1, 292 293 /** 294 * permission is used in back_end. 295 * 296 * @syscap SystemCapability.Security.AccessToken 297 * @systemapi 298 * @since 9 299 */ 300 PERM_ACTIVE_IN_BACKGROUND = 2 301 } 302 303 /** 304 * Indicates the response of permission active status. 305 * 306 * @interface ActiveChangeResponse 307 * @syscap SystemCapability.Security.AccessToken 308 * @systemapi 309 * @since 9 310 */ 311 interface ActiveChangeResponse { 312 /** 313 * AccessTokenID 314 * 315 * @type { number } 316 * @syscap SystemCapability.Security.AccessToken 317 * @systemapi 318 * @since 9 319 */ 320 tokenId: number; 321 322 /** 323 * The permission name 324 * 325 * @type { Permissions } 326 * @syscap SystemCapability.Security.AccessToken 327 * @systemapi 328 * @since 9 329 */ 330 permissionName: Permissions; 331 332 /** 333 * The device id 334 * 335 * @type { string } 336 * @syscap SystemCapability.Security.AccessToken 337 * @systemapi 338 * @since 9 339 */ 340 deviceId: string; 341 /** 342 * The active status name 343 * 344 * @type { PermissionActiveStatus } 345 * @syscap SystemCapability.Security.AccessToken 346 * @systemapi 347 * @since 9 348 */ 349 activeStatus: PermissionActiveStatus; 350 } 351 352 /** 353 * PermissionUsageFlag. 354 * 355 * @enum { number } PermissionUsageFlag 356 * @syscap SystemCapability.Security.AccessToken 357 * @systemapi 358 * @since 9 359 */ 360 enum PermissionUsageFlag { 361 /** 362 * permission used summary 363 * 364 * @syscap SystemCapability.Security.AccessToken 365 * @systemapi 366 * @since 9 367 */ 368 FLAG_PERMISSION_USAGE_SUMMARY = 0, 369 /** 370 * permission used detail 371 * 372 * @syscap SystemCapability.Security.AccessToken 373 * @systemapi 374 * @since 9 375 */ 376 FLAG_PERMISSION_USAGE_DETAIL = 1 377 } 378 379 /** 380 * Provides request of querying permission used records. 381 * 382 * @interface PermissionUsedRequest 383 * @syscap SystemCapability.Security.AccessToken 384 * @systemapi 385 * @since 9 386 */ 387 interface PermissionUsedRequest { 388 /** 389 * AccessTokenID 390 * 391 * @type { ?number } 392 * @syscap SystemCapability.Security.AccessToken 393 * @systemapi 394 * @since 9 395 */ 396 tokenId?: number; 397 398 /** 399 * Distribute flag 400 * 401 * @type { ?boolean } 402 * @default false 403 * @syscap SystemCapability.Security.AccessToken 404 * @systemapi 405 * @since 9 406 */ 407 isRemote?: boolean; 408 409 /** 410 * The device id 411 * 412 * @type { ?string } 413 * @syscap SystemCapability.Security.AccessToken 414 * @systemapi 415 * @since 9 416 */ 417 deviceId?: string; 418 419 /** 420 * The bundle name 421 * 422 * @type { ?string } 423 * @syscap SystemCapability.Security.AccessToken 424 * @systemapi 425 * @since 9 426 */ 427 bundleName?: string; 428 429 /** 430 * The list of permission name 431 * 432 * @type { ?Array<Permissions> } 433 * @syscap SystemCapability.Security.AccessToken 434 * @systemapi 435 * @since 9 436 */ 437 permissionNames?: Array<Permissions>; 438 439 /** 440 * The begin time, in milliseconds 441 * 442 * @type { ?number } 443 * @default 0 444 * @syscap SystemCapability.Security.AccessToken 445 * @systemapi 446 * @since 9 447 */ 448 beginTime?: number; 449 450 /** 451 * The end time, in milliseconds 452 * 453 * @type { ?number } 454 * @default 0 455 * @syscap SystemCapability.Security.AccessToken 456 * @systemapi 457 * @since 9 458 */ 459 endTime?: number; 460 461 /** 462 * The permission usage flag 463 * 464 * @type { PermissionUsageFlag } 465 * @syscap SystemCapability.Security.AccessToken 466 * @systemapi 467 * @since 9 468 */ 469 flag: PermissionUsageFlag; 470 } 471 472 /** 473 * Provides response of querying permission used records. 474 * 475 * @interface PermissionUsedResponse 476 * @syscap SystemCapability.Security.AccessToken 477 * @systemapi 478 * @since 9 479 */ 480 interface PermissionUsedResponse { 481 /** 482 * The begin time, in milliseconds 483 * 484 * @type { number } 485 * @syscap SystemCapability.Security.AccessToken 486 * @systemapi 487 * @since 9 488 */ 489 beginTime: number; 490 491 /** 492 * The end time, in milliseconds 493 * 494 * @type { number } 495 * @syscap SystemCapability.Security.AccessToken 496 * @systemapi 497 * @since 9 498 */ 499 endTime: number; 500 501 /** 502 * The list of permission used records of bundle 503 * 504 * @type { Array<BundleUsedRecord> } 505 * @syscap SystemCapability.Security.AccessToken 506 * @systemapi 507 * @since 9 508 */ 509 bundleRecords: Array<BundleUsedRecord>; 510 } 511 512 /** 513 * BundleUsedRecord. 514 * 515 * @interface BundleUsedRecord 516 * @syscap SystemCapability.Security.AccessToken 517 * @systemapi 518 * @since 9 519 */ 520 interface BundleUsedRecord { 521 /** 522 * AccessTokenID 523 * 524 * @type { number } 525 * @syscap SystemCapability.Security.AccessToken 526 * @systemapi 527 * @since 9 528 */ 529 tokenId: number; 530 531 /** 532 * Distribute flag 533 * 534 * @type { boolean } 535 * @syscap SystemCapability.Security.AccessToken 536 * @systemapi 537 * @since 9 538 */ 539 isRemote: boolean; 540 541 /** 542 * The device id 543 * 544 * @type { string } 545 * @syscap SystemCapability.Security.AccessToken 546 * @systemapi 547 * @since 9 548 */ 549 deviceId: string; 550 551 /** 552 * The bundle name 553 * 554 * @type { string } 555 * @syscap SystemCapability.Security.AccessToken 556 * @systemapi 557 * @since 9 558 */ 559 bundleName: string; 560 561 /** 562 * The list of permission used records 563 * 564 * @type { Array<PermissionUsedRecord> } 565 * @syscap SystemCapability.Security.AccessToken 566 * @systemapi 567 * @since 9 568 */ 569 permissionRecords: Array<PermissionUsedRecord>; 570 } 571 572 /** 573 * PermissionUsedRecord. 574 * 575 * @interface PermissionUsedRecord 576 * @syscap SystemCapability.Security.AccessToken 577 * @systemapi 578 * @since 9 579 */ 580 interface PermissionUsedRecord { 581 /** 582 * The permission name 583 * 584 * @type { Permissions } 585 * @syscap SystemCapability.Security.AccessToken 586 * @systemapi 587 * @since 9 588 */ 589 permissionName: Permissions; 590 591 /** 592 * The access counts 593 * 594 * @type { number } 595 * @syscap SystemCapability.Security.AccessToken 596 * @systemapi 597 * @since 9 598 */ 599 accessCount: number; 600 601 /** 602 * The reject counts 603 * 604 * @type { number } 605 * @syscap SystemCapability.Security.AccessToken 606 * @systemapi 607 * @since 9 608 */ 609 rejectCount: number; 610 611 /** 612 * The last access time, in milliseconds 613 * 614 * @type { number } 615 * @syscap SystemCapability.Security.AccessToken 616 * @systemapi 617 * @since 9 618 */ 619 lastAccessTime: number; 620 621 /** 622 * The last reject time, in milliseconds 623 * 624 * @type { number } 625 * @syscap SystemCapability.Security.AccessToken 626 * @systemapi 627 * @since 9 628 */ 629 lastRejectTime: number; 630 631 /** 632 * The last access duration, in milliseconds 633 * 634 * @type { number } 635 * @syscap SystemCapability.Security.AccessToken 636 * @systemapi 637 * @since 9 638 */ 639 lastAccessDuration: number; 640 641 /** 642 * The list of access records of details 643 * 644 * @type { Array<UsedRecordDetail> } 645 * @syscap SystemCapability.Security.AccessToken 646 * @systemapi 647 * @since 9 648 */ 649 accessRecords: Array<UsedRecordDetail>; 650 651 /** 652 * The list of reject records of details 653 * 654 * @type { Array<UsedRecordDetail> } 655 * @syscap SystemCapability.Security.AccessToken 656 * @systemapi 657 * @since 9 658 */ 659 rejectRecords: Array<UsedRecordDetail>; 660 } 661 662 /** 663 * UsedRecordDetail. 664 * 665 * @interface UsedRecordDetail 666 * @syscap SystemCapability.Security.AccessToken 667 * @systemapi 668 * @since 9 669 */ 670 interface UsedRecordDetail { 671 /** 672 * The status 673 * 674 * @type { number } 675 * @syscap SystemCapability.Security.AccessToken 676 * @systemapi 677 * @since 9 678 */ 679 status: number; 680 681 /** 682 * Timestamp, in milliseconds 683 * 684 * @type { number } 685 * @syscap SystemCapability.Security.AccessToken 686 * @systemapi 687 * @since 9 688 */ 689 timestamp: number; 690 691 /** 692 * Access duration, in milliseconds 693 * 694 * @type { number } 695 * @syscap SystemCapability.Security.AccessToken 696 * @systemapi 697 * @since 9 698 */ 699 accessDuration: number; 700 } 701} 702 703export default privacyManager; 704export { Permissions };