1 /* 2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef PERMISSION_MANAGER_H 17 #define PERMISSION_MANAGER_H 18 19 #include <mutex> 20 #include <vector> 21 #include <string> 22 23 #include "access_token.h" 24 #include "hap_token_info_inner.h" 25 #include "iremote_broker.h" 26 #include "permission_def.h" 27 #include "permission_grant_event.h" 28 #include "permission_list_state.h" 29 #include "permission_list_state_parcel.h" 30 #include "permission_state_change_info.h" 31 #include "permission_state_full.h" 32 33 #include "rwlock.h" 34 #include "nocopyable.h" 35 36 namespace OHOS { 37 namespace Security { 38 namespace AccessToken { 39 constexpr const char* VAGUE_LOCATION_PERMISSION_NAME = "ohos.permission.APPROXIMATELY_LOCATION"; 40 constexpr const char* ACCURATE_LOCATION_PERMISSION_NAME = "ohos.permission.LOCATION"; 41 const uint32_t ELEMENT_NOT_FOUND = -1; 42 const int32_t ACCURATE_LOCATION_API_VERSION = 9; 43 44 class PermissionManager { 45 public: 46 static PermissionManager& GetInstance(); 47 virtual ~PermissionManager(); 48 49 void AddDefPermissions(const std::vector<PermissionDef>& permList, AccessTokenID tokenId, 50 bool updateFlag); 51 void RemoveDefPermissions(AccessTokenID tokenID); 52 int VerifyNativeAccessToken(AccessTokenID tokenID, const std::string& permissionName); 53 int VerifyHapAccessToken(AccessTokenID tokenID, const std::string& permissionName); 54 virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); 55 int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); 56 int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); 57 int GetReqPermissions( 58 AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); 59 int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag); 60 int32_t GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 61 int32_t RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 62 void ClearUserGrantedPermissionState(AccessTokenID tokenID); 63 void GetSelfPermissionState( 64 std::vector<PermissionStateFull> permsList, PermissionListState &permState, int32_t apiVersion); 65 int32_t AddPermStateChangeCallback( 66 const PermStateChangeScope& scope, const sptr<IRemoteObject>& callback); 67 int32_t RemovePermStateChangeCallback(const sptr<IRemoteObject>& callback); 68 bool GetApiVersionByTokenId(AccessTokenID tokenID, int32_t& apiVersion); 69 bool GetLocationPermissionIndex(std::vector<PermissionListStateParcel>& reqPermList, uint32_t& vagueIndex, 70 uint32_t& accurateIndex); 71 bool LocationPermissionSpecialHandle(std::vector<PermissionListStateParcel>& reqPermList, int32_t apiVersion, 72 std::vector<PermissionStateFull> permsList, uint32_t vagueIndex, uint32_t accurateIndex); 73 void NotifyPermGrantStoreResult(bool result, uint64_t timestamp); 74 void ClearAllSecCompGrantedPerm(const std::vector<AccessTokenID>& tokenIdList); 75 void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered); 76 PermissionManager(); 77 78 protected: 79 static void RegisterImpl(PermissionManager* implInstance); 80 private: 81 void ScopeToString( 82 const std::vector<AccessTokenID>& tokenIDs, const std::vector<std::string>& permList); 83 int32_t ScopeFilter(const PermStateChangeScope& scopeSrc, PermStateChangeScope& scopeRes); 84 int32_t UpdateTokenPermissionState( 85 AccessTokenID tokenID, const std::string& permissionName, bool isGranted, int flag); 86 std::string TransferPermissionDefToString(const PermissionDef& inPermissionDef); 87 bool IsPermissionVaild(const std::string& permissionName); 88 bool GetPermissionStatusAndFlag(const std::string& permissionName, 89 const std::vector<PermissionStateFull>& permsList, int32_t& status, uint32_t& flag); 90 void AllLocationPermissionHandle(std::vector<PermissionListStateParcel>& reqPermList, 91 std::vector<PermissionStateFull> permsList, uint32_t vagueIndex, uint32_t accurateIndex); 92 93 PermissionGrantEvent grantEvent_; 94 static PermissionManager* implInstance_; 95 static std::recursive_mutex mutex_; 96 97 OHOS::Utils::RWLock permParamSetLock_; 98 uint64_t paramValue_ = 0; 99 100 DISALLOW_COPY_AND_MOVE(PermissionManager); 101 }; 102 } // namespace AccessToken 103 } // namespace Security 104 } // namespace OHOS 105 #endif // PERMISSION_MANAGER_H 106