1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "access_token_helper.h" 17 18 #include "ans_log_wrapper.h" 19 #include "ipc_skeleton.h" 20 #include "tokenid_kit.h" 21 22 using namespace OHOS::Security::AccessToken; 23 24 namespace OHOS { 25 namespace Notification { VerifyCallerPermission(const AccessTokenID & tokenCaller,const std::string & permission)26bool AccessTokenHelper::VerifyCallerPermission( 27 const AccessTokenID &tokenCaller, const std::string &permission) 28 { 29 int result = AccessTokenKit::VerifyAccessToken(tokenCaller, permission); 30 return (result == PERMISSION_GRANTED); 31 } 32 VerifyNativeToken(const AccessTokenID & callerToken)33bool AccessTokenHelper::VerifyNativeToken(const AccessTokenID &callerToken) 34 { 35 ATokenTypeEnum tokenType = AccessTokenKit::GetTokenTypeFlag(callerToken); 36 return (tokenType == ATokenTypeEnum::TOKEN_NATIVE); 37 } 38 IsSystemApp()39bool AccessTokenHelper::IsSystemApp() 40 { 41 AccessTokenID tokenId = IPCSkeleton::GetCallingTokenID(); 42 ATokenTypeEnum type = AccessTokenKit::GetTokenTypeFlag(tokenId); 43 if (type == ATokenTypeEnum::TOKEN_HAP) { 44 uint64_t fullTokenId = IPCSkeleton::GetCallingFullTokenID(); 45 if (Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(fullTokenId)) { 46 return true; 47 } 48 } 49 return false; 50 } 51 IsDlpHap(const AccessTokenID & callerToken)52bool AccessTokenHelper::IsDlpHap(const AccessTokenID &callerToken) 53 { 54 ATokenTypeEnum type = AccessTokenKit::GetTokenTypeFlag(callerToken); 55 if (type == ATokenTypeEnum::TOKEN_HAP) { 56 HapTokenInfo info; 57 AccessTokenKit::GetHapTokenInfo(callerToken, info); 58 if (info.dlpType == DlpType::DLP_READ || info.dlpType == DlpType::DLP_FULL_CONTROL) { 59 return true; 60 } 61 } 62 return false; 63 } 64 VerifyShellToken(const AccessTokenID & callerToken)65bool AccessTokenHelper::VerifyShellToken(const AccessTokenID &callerToken) 66 { 67 ATokenTypeEnum tokenType = AccessTokenKit::GetTokenTypeFlag(callerToken); 68 return (tokenType == ATokenTypeEnum::TOKEN_SHELL); 69 } 70 } // namespace Notification 71 } // namespace OHOS