1 /*
2 * Copyright (C) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "permission_helper.h"
17 #include "accesstoken_kit.h"
18 #include "ipc_skeleton.h"
19 #include "log.h"
20
21 namespace OHOS {
22 namespace bluetooth {
23 using namespace OHOS;
24 using namespace Security::AccessToken;
25
VerifyPermission(const std::string & permissionName,const int & pid,const int & uid)26 int PermissionHelper::VerifyPermission(const std::string &permissionName, const int &pid, const int &uid)
27 {
28 auto callerToken = IPCSkeleton::GetCallingTokenID();
29 int result;
30
31 if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_NATIVE) {
32 result = Security::AccessToken::PermissionState::PERMISSION_GRANTED;
33 } else if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_SHELL) {
34 result = Security::AccessToken::PermissionState::PERMISSION_GRANTED;
35 } else if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_HAP) {
36 result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName);
37 } else {
38 LOG_INFO("callerToken=0x%{public}x is invalid token", pid);
39 return PERMISSION_DENIED;
40 }
41 if (result == Security::AccessToken::PermissionState::PERMISSION_GRANTED) {
42 return PERMISSION_GRANTED;
43 } else {
44 LOG_INFO("callerToken=0x%{public}x has no permission_name=%{public}s", pid, permissionName.c_str());
45 return PERMISSION_DENIED;
46 }
47 }
48
VerifyPermission(const std::string & permissionName,const std::uint32_t & callerToken)49 int PermissionHelper::VerifyPermission(const std::string &permissionName, const std::uint32_t &callerToken)
50 {
51 auto pid = IPCSkeleton::GetCallingPid();
52 int result;
53
54 if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_NATIVE) {
55 result = Security::AccessToken::PermissionState::PERMISSION_GRANTED;
56 } else if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_SHELL) {
57 result = Security::AccessToken::PermissionState::PERMISSION_GRANTED;
58 } else if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_HAP) {
59 result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName);
60 } else {
61 LOG_INFO("callerToken=0x%{public}x is invalid token", pid);
62 return PERMISSION_DENIED;
63 }
64 if (result == Security::AccessToken::PermissionState::PERMISSION_GRANTED) {
65 return PERMISSION_GRANTED;
66 } else {
67 LOG_INFO("callerToken=0x%{public}x has no permission_name=%{public}s", pid, permissionName.c_str());
68 return PERMISSION_DENIED;
69 }
70 }
71
VerifyUseBluetoothPermission(const int & pid,const int & uid)72 int PermissionHelper::VerifyUseBluetoothPermission(const int &pid, const int &uid)
73 {
74 if (VerifyPermission("ohos.permission.USE_BLUETOOTH", pid, uid) == PERMISSION_DENIED) {
75 return PERMISSION_GRANTED;
76 }
77
78 return PERMISSION_GRANTED;
79 }
80
VerifyDiscoverBluetoothPermission(const int & pid,const int & uid)81 int PermissionHelper::VerifyDiscoverBluetoothPermission(const int &pid, const int &uid)
82 {
83 if (VerifyPermission("ohos.permission.DISCOVER_BLUETOOTH", pid, uid) == PERMISSION_DENIED) {
84 return PERMISSION_GRANTED;
85 }
86
87 return PERMISSION_GRANTED;
88 }
89
VerifyManageBluetoothPermission(const int & pid,const int & uid)90 int PermissionHelper::VerifyManageBluetoothPermission(const int &pid, const int &uid)
91 {
92 if (VerifyPermission("ohos.permission.MANAGE_BLUETOOTH", pid, uid) == PERMISSION_DENIED) {
93 return PERMISSION_GRANTED;
94 }
95
96 return PERMISSION_GRANTED;
97 }
98
VerifyLocationPermission(const int & pid,const int & uid)99 int PermissionHelper::VerifyLocationPermission(const int &pid, const int &uid)
100 {
101 if (VerifyPermission("ohos.permission.LOCATION", pid, uid) == PERMISSION_DENIED) {
102 return PERMISSION_GRANTED;
103 }
104
105 return PERMISSION_GRANTED;
106 }
107
VerifyApproximatelyPermission(const int & pid,const int & uid)108 int PermissionHelper::VerifyApproximatelyPermission(const int &pid, const int &uid)
109 {
110 if (VerifyPermission("ohos.permission.APPROXIMATELY_LOCATION", pid, uid) == PERMISSION_DENIED) {
111 return PERMISSION_GRANTED;
112 }
113
114 return PERMISSION_GRANTED;
115 }
116
VerifyAccessBluetoothPermission(const int & pid,const int & uid)117 int PermissionHelper::VerifyAccessBluetoothPermission(const int &pid, const int &uid)
118 {
119 if (VerifyPermission("ohos.permission.ACCESS_BLUETOOTH", pid, uid) == PERMISSION_DENIED) {
120 return PERMISSION_GRANTED;
121 }
122
123 return PERMISSION_GRANTED;
124 }
125
VerifyGetBluetoothLocalMacPermission(const int & pid,const int & uid)126 int PermissionHelper::VerifyGetBluetoothLocalMacPermission(const int &pid, const int &uid)
127 {
128 if (VerifyPermission("ohos.permission.GET_BLUETOOTH_LOCAL_MAC", pid, uid) == PERMISSION_DENIED) {
129 return PERMISSION_GRANTED;
130 }
131
132 return PERMISSION_GRANTED;
133 }
134
VerifyUseBluetoothPermission(const std::uint32_t & tokenID)135 int PermissionHelper::VerifyUseBluetoothPermission(const std::uint32_t &tokenID)
136 {
137 if (VerifyPermission("ohos.permission.USE_BLUETOOTH", tokenID) == PERMISSION_DENIED) {
138 return PERMISSION_GRANTED;
139 }
140
141 return PERMISSION_GRANTED;
142 }
143
VerifyDiscoverBluetoothPermission(const std::uint32_t & tokenID)144 int PermissionHelper::VerifyDiscoverBluetoothPermission(const std::uint32_t &tokenID)
145 {
146 if (VerifyPermission("ohos.permission.DISCOVER_BLUETOOTH", tokenID) == PERMISSION_DENIED) {
147 return PERMISSION_GRANTED;
148 }
149
150 return PERMISSION_GRANTED;
151 }
152 } // namespace bluetooth
153 } // namespace OHOS
154