1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ACCESSTOKEN_MANAGER_CLIENT_H 17 #define ACCESSTOKEN_MANAGER_CLIENT_H 18 19 #include <map> 20 #include <mutex> 21 #include <string> 22 #include <vector> 23 24 #include "access_token.h" 25 #include "accesstoken_death_recipient.h" 26 #include "hap_info_parcel.h" 27 #include "hap_policy_parcel.h" 28 #include "hap_token_info.h" 29 #include "i_accesstoken_manager.h" 30 #include "native_token_info.h" 31 #include "nocopyable.h" 32 #include "permission_def.h" 33 #include "permission_state_change_callback.h" 34 #include "permission_state_full.h" 35 #include "perm_state_change_callback_customize.h" 36 37 namespace OHOS { 38 namespace Security { 39 namespace AccessToken { 40 class AccessTokenManagerClient final { 41 public: 42 static AccessTokenManagerClient& GetInstance(); 43 44 virtual ~AccessTokenManagerClient(); 45 46 int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); 47 int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); 48 int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); 49 int GetReqPermissions( 50 AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); 51 int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag); 52 PermissionOper GetSelfPermissionsState(std::vector<PermissionListState>& permList); 53 int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 54 int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); 55 int ClearUserGrantedPermissionState(AccessTokenID tokenID); 56 AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); 57 int DeleteToken(AccessTokenID tokenID); 58 ATokenTypeEnum GetTokenType(AccessTokenID tokenID); 59 int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); 60 AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); 61 AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 62 int UpdateHapToken(AccessTokenIDEx& tokenIdEx, 63 bool isSystemApp, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); 64 int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); 65 int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); 66 #ifndef ATM_BUILD_VARIANT_USER_ENABLE 67 int32_t ReloadNativeTokenInfo(); 68 #endif 69 AccessTokenID GetNativeTokenId(const std::string& processName); 70 int32_t RegisterPermStateChangeCallback( 71 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb); 72 int32_t UnRegisterPermStateChangeCallback( 73 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb); 74 75 #ifdef TOKEN_SYNC_ENABLE 76 int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 77 int GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSync>& nativeTokenInfosRes); 78 int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 79 int SetRemoteNativeTokenInfo(const std::string& deviceID, 80 const std::vector<NativeTokenInfoForSync>& nativeTokenInfoList); 81 int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 82 AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 83 int DeleteRemoteDeviceTokens(const std::string& deviceID); 84 #endif 85 86 void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo); 87 void OnRemoteDiedHandle(); 88 89 private: 90 AccessTokenManagerClient(); 91 int32_t CreatePermStateChangeCallback( 92 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb, 93 sptr<PermissionStateChangeCallback>& callback); 94 95 DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient); 96 std::mutex proxyMutex_; 97 sptr<IAccessTokenManager> proxy_ = nullptr; 98 sptr<AccessTokenDeathRecipient> serviceDeathObserver_ = nullptr; 99 void InitProxy(); 100 sptr<IAccessTokenManager> GetProxy(); 101 std::mutex callbackMutex_; 102 std::map<std::shared_ptr<PermStateChangeCallbackCustomize>, sptr<PermissionStateChangeCallback>> callbackMap_; 103 }; 104 } // namespace AccessToken 105 } // namespace Security 106 } // namespace OHOS 107 #endif // ACCESSTOKEN_MANAGER_CLIENT_H 108