1/* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit AbilityKit 19 */ 20 21import { AsyncCallback, Callback } from './@ohos.base'; 22import { Permissions } from './permissions'; 23import type _Context from './application/Context'; 24import type _PermissionRequestResult from './security/PermissionRequestResult'; 25 26/** 27 * @namespace abilityAccessCtrl 28 * @syscap SystemCapability.Security.AccessToken 29 * @since 8 30 */ 31/** 32 * @namespace abilityAccessCtrl 33 * @syscap SystemCapability.Security.AccessToken 34 * @atomicservice 35 * @since 11 36 */ 37declare namespace abilityAccessCtrl { 38 /** 39 * Obtains the AtManager instance. 40 * 41 * @returns { AtManager } Returns the instance of the AtManager. 42 * @syscap SystemCapability.Security.AccessToken 43 * @since 8 44 */ 45 /** 46 * Obtains the AtManager instance. 47 * 48 * @returns { AtManager } returns the instance of the AtManager. 49 * @syscap SystemCapability.Security.AccessToken 50 * @crossplatform 51 * @since 10 52 */ 53 /** 54 * Obtains the AtManager instance. 55 * 56 * @returns { AtManager } returns the instance of the AtManager. 57 * @syscap SystemCapability.Security.AccessToken 58 * @crossplatform 59 * @atomicservice 60 * @since 11 61 */ 62 function createAtManager(): AtManager; 63 64 /** 65 * Provides methods for managing access_token. 66 * 67 * @interface AtManager 68 * @syscap SystemCapability.Security.AccessToken 69 * @since 8 70 */ 71 /** 72 * Provides methods for managing access_token. 73 * 74 * @interface AtManager 75 * @syscap SystemCapability.Security.AccessToken 76 * @atomicservice 77 * @since 11 78 */ 79 interface AtManager { 80 /** 81 * Checks whether a specified application has been granted the given permission. 82 * 83 * @param { number } tokenID - Token ID of the application. 84 * @param { Permissions } permissionName - Name of the permission to be verified. The Permissions type supports only valid permission names. 85 * @returns { Promise<GrantStatus> } Returns permission verify result. 86 * @syscap SystemCapability.Security.AccessToken 87 * @since 9 88 */ 89 verifyAccessToken(tokenID: number, permissionName: Permissions): Promise<GrantStatus>; 90 91 /** 92 * Checks whether a specified application has been granted the given permission. 93 * 94 * @param { number } tokenID - Token ID of the application. 95 * @param { string } permissionName - Name of the permission to be verified. 96 * @returns { Promise<GrantStatus> } Returns permission verify result. 97 * @syscap SystemCapability.Security.AccessToken 98 * @since 8 99 * @deprecated since 9 100 * @useinstead ohos.abilityAccessCtrl.AtManager#checkAccessToken 101 */ 102 verifyAccessToken(tokenID: number, permissionName: string): Promise<GrantStatus>; 103 104 /** 105 * Checks whether a specified application has been granted the given permission synchronously. 106 * 107 * @param { number } tokenID - Token ID of the application. 108 * @param { Permissions } permissionName - Name of the permission to be verified. 109 * @returns { GrantStatus } Returns permission verify result. 110 * @throws { BusinessError } 401 - The parameter check failed. 111 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 112 * @syscap SystemCapability.Security.AccessToken 113 * @since 9 114 */ 115 verifyAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus; 116 117 /** 118 * Checks whether a specified application has been granted the given permission. 119 * 120 * @param { number } tokenID - Token ID of the application. 121 * @param { Permissions } permissionName - Name of the permission to be verified. 122 * @returns { Promise<GrantStatus> } Returns permission verify result. 123 * @throws { BusinessError } 401 - The parameter check failed. 124 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 125 * @syscap SystemCapability.Security.AccessToken 126 * @since 9 127 */ 128 /** 129 * Checks whether a specified application has been granted the given permission. 130 * On the cross-platform, this function can be used to check the permission grant status for the current application only. 131 * 132 * @param { number } tokenID - Token ID of the application. 133 * @param { Permissions } permissionName - Name of the permission to be verified. 134 * @returns { Promise<GrantStatus> } Returns permission verify result. 135 * @throws { BusinessError } 401 - The parameter check failed. 136 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 137 * @syscap SystemCapability.Security.AccessToken 138 * @crossplatform 139 * @since 10 140 */ 141 /** 142 * Checks whether a specified application has been granted the given permission. 143 * On the cross-platform, this function can be used to check the permission grant status for the current application only. 144 * 145 * @param { number } tokenID - Token ID of the application. 146 * @param { Permissions } permissionName - Name of the permission to be verified. 147 * @returns { Promise<GrantStatus> } Returns permission verify result. 148 * @throws { BusinessError } 401 - The parameter check failed. 149 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 150 * @syscap SystemCapability.Security.AccessToken 151 * @crossplatform 152 * @atomicservice 153 * @since 11 154 */ 155 checkAccessToken(tokenID: number, permissionName: Permissions): Promise<GrantStatus>; 156 157 /** 158 * Checks whether a specified application has been granted the given permission. 159 * On the cross-platform, this function can be used to check the permission grant status for the current application only. 160 * 161 * @param { number } tokenID - Token ID of the application. 162 * @param { Permissions } permissionName - Name of the permission to be verified. 163 * @returns { GrantStatus } Returns permission verify result. 164 * @throws { BusinessError } 401 - The parameter check failed. 165 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 166 * @syscap SystemCapability.Security.AccessToken 167 * @crossplatform 168 * @since 10 169 */ 170 /** 171 * Checks whether a specified application has been granted the given permission. 172 * On the cross-platform, this function can be used to check the permission grant status for the current application only. 173 * 174 * @param { number } tokenID - Token ID of the application. 175 * @param { Permissions } permissionName - Name of the permission to be verified. 176 * @returns { GrantStatus } Returns permission verify result. 177 * @throws { BusinessError } 401 - The parameter check failed. 178 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 179 * @syscap SystemCapability.Security.AccessToken 180 * @crossplatform 181 * @atomicservice 182 * @since 11 183 */ 184 checkAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus; 185 186 /** 187 * Requests certain permissions from the user. 188 * 189 * @param { Context } context - The context that initiates the permission request. 190 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be requested. This parameter cannot be null or empty. 191 * @param { AsyncCallback<PermissionRequestResult> } requestCallback Callback for the result from requesting permissions. 192 * @throws { BusinessError } 401 - The parameter check failed. 193 * @throws { BusinessError } 12100001 - The parameter is invalid. The context is invalid when it does not belong to the application itself. 194 * @syscap SystemCapability.Security.AccessToken 195 * @stagemodelonly 196 * @since 9 197 */ 198 /** 199 * Requests certain permissions from the user. 200 * 201 * @param { Context } context - The context that initiates the permission request. 202 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be requested. This parameter cannot be null or empty. 203 * @param { AsyncCallback<PermissionRequestResult> } requestCallback Callback for the result from requesting permissions. 204 * @throws { BusinessError } 401 - The parameter check failed. 205 * @throws { BusinessError } 12100001 - The parameter is invalid. The context is invalid when it does not belong to the application itself. 206 * @syscap SystemCapability.Security.AccessToken 207 * @stagemodelonly 208 * @crossplatform 209 * @since 10 210 */ 211 requestPermissionsFromUser( 212 context: Context, 213 permissionList: Array<Permissions>, 214 requestCallback: AsyncCallback<PermissionRequestResult> 215 ): void; 216 217 /** 218 * Requests certain permissions from the user. 219 * 220 * @param { Context } context - The context that initiates the permission request. 221 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be requested. This parameter cannot be null or empty. 222 * @returns { Promise<PermissionRequestResult> } Returns result of requesting permissions. 223 * @throws { BusinessError } 401 - The parameter check failed. 224 * @throws { BusinessError } 12100001 - The parameter is invalid. The context is invalid when it does not belong to the application itself. 225 * @syscap SystemCapability.Security.AccessToken 226 * @stagemodelonly 227 * @since 9 228 */ 229 /** 230 * Requests certain permissions from the user. 231 * 232 * @param { Context } context - The context that initiates the permission request. 233 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be requested. This parameter cannot be null or empty. 234 * @returns { Promise<PermissionRequestResult> } Returns result of requesting permissions. 235 * @throws { BusinessError } 401 - The parameter check failed. 236 * @throws { BusinessError } 12100001 - The parameter is invalid. The context is invalid when it does not belong to the application itself. 237 * @syscap SystemCapability.Security.AccessToken 238 * @stagemodelonly 239 * @crossplatform 240 * @since 10 241 */ 242 /** 243 * Requests certain permissions from the user. 244 * 245 * @param { Context } context - The context that initiates the permission request. 246 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be requested. This parameter cannot be null or empty. 247 * @returns { Promise<PermissionRequestResult> } Returns result of requesting permissions. 248 * @throws { BusinessError } 401 - The parameter check failed. 249 * @throws { BusinessError } 12100001 - The parameter is invalid. The context is invalid when it does not belong to the application itself. 250 * @syscap SystemCapability.Security.AccessToken 251 * @stagemodelonly 252 * @crossplatform 253 * @atomicservice 254 * @since 11 255 */ 256 requestPermissionsFromUser(context: Context, permissionList: Array<Permissions>): Promise<PermissionRequestResult>; 257 258 /** 259 * Grants a specified user_grant permission to the given application. 260 * 261 * @permission ohos.permission.GRANT_SENSITIVE_PERMISSIONS 262 * @param { number } tokenID - Token ID of the application. 263 * @param { Permissions } permissionName - Name of the permission to be granted. 264 * @param { number } permissionFlags - Flags of permission state. 265 * @returns { Promise<void> } The promise returned by the function. 266 * @throws { BusinessError } 401 - The parameter check failed. 267 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.GRANT_SENSITIVE_PERMISSIONS". 268 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 269 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 270 * or the flags value is invalid. 271 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 272 * @throws { BusinessError } 12100003 - The specified permission does not exist. 273 * @throws { BusinessError } 12100006 - The application specified by the tokenID is not allowed to be granted with the specified permission. 274 * Either the application is a sandbox or the tokenID is from a remote device. 275 * @throws { BusinessError } 12100007 - Service is abnormal. 276 * @syscap SystemCapability.Security.AccessToken 277 * @systemapi 278 * @since 8 279 */ 280 grantUserGrantedPermission(tokenID: number, permissionName: Permissions, permissionFlags: number): Promise<void>; 281 282 /** 283 * Grants a specified user_grant permission to the given application. 284 * 285 * @permission ohos.permission.GRANT_SENSITIVE_PERMISSIONS 286 * @param { number } tokenID - Token ID of the application. 287 * @param { Permissions } permissionName - Name of the permission to be granted. 288 * @param { number } permissionFlags - Flags of permission state. 289 * @param { AsyncCallback<void> } callback - Asynchronous callback interface. 290 * @throws { BusinessError } 401 - The parameter check failed. 291 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.GRANT_SENSITIVE_PERMISSIONS". 292 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 293 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 294 * or the flags value is invalid. 295 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 296 * @throws { BusinessError } 12100003 - The specified permission does not exist. 297 * @throws { BusinessError } 12100006 - The application specified by the tokenID is not allowed to be granted with the specified permission. 298 * Either the application is a sandbox or the tokenID is from a remote device. 299 * @throws { BusinessError } 12100007 - Service is abnormal. 300 * @syscap SystemCapability.Security.AccessToken 301 * @systemapi 302 * @since 8 303 */ 304 grantUserGrantedPermission( 305 tokenID: number, 306 permissionName: Permissions, 307 permissionFlags: number, 308 callback: AsyncCallback<void> 309 ): void; 310 311 /** 312 * Revoke a specified user_grant permission to the given application. 313 * 314 * @permission ohos.permission.REVOKE_SENSITIVE_PERMISSIONS 315 * @param { number } tokenID - Token ID of the application. 316 * @param { Permissions } permissionName - Name of the permission to be revoked. 317 * @param { number } permissionFlags - Flags of permission state. 318 * @returns { Promise<void> } The promise returned by the function. 319 * @throws { BusinessError } 401 - The parameter check failed. 320 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS". 321 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 322 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 323 * or the flags value is invalid. 324 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 325 * @throws { BusinessError } 12100003 - The specified permission does not exist. 326 * @throws { BusinessError } 12100006 - The application specified by the tokenID is not allowed to be revoked with the specified permission. 327 * Either the application is a sandbox or the tokenID is from a remote device. 328 * @throws { BusinessError } 12100007 - Service is abnormal. 329 * @syscap SystemCapability.Security.AccessToken 330 * @systemapi 331 * @since 8 332 */ 333 revokeUserGrantedPermission(tokenID: number, permissionName: Permissions, permissionFlags: number): Promise<void>; 334 335 /** 336 * Revoke a specified user_grant permission to the given application. 337 * 338 * @permission ohos.permission.REVOKE_SENSITIVE_PERMISSIONS 339 * @param { number } tokenID - Token ID of the application. 340 * @param { Permissions } permissionName - Name of the permission to be revoked. 341 * @param { number } permissionFlags - Flags of permission state. 342 * @param { AsyncCallback<void> } callback - Asynchronous callback interface. 343 * @throws { BusinessError } 401 - The parameter check failed. 344 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS". 345 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 346 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, 347 * or the flags value is invalid. 348 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 349 * @throws { BusinessError } 12100003 - The specified permission does not exist. 350 * @throws { BusinessError } 12100006 - The application specified by the tokenID is not allowed to be revoked with the specified permission. 351 * Either the application is a sandbox or the tokenID is from a remote device. 352 * @throws { BusinessError } 12100007 - Service is abnormal. 353 * @syscap SystemCapability.Security.AccessToken 354 * @systemapi 355 * @since 8 356 */ 357 revokeUserGrantedPermission( 358 tokenID: number, 359 permissionName: Permissions, 360 permissionFlags: number, 361 callback: AsyncCallback<void> 362 ): void; 363 364 /** 365 * Queries specified permission flags of the given application. 366 * 367 * @permission ohos.permission.GET_SENSITIVE_PERMISSIONS or ohos.permission.GRANT_SENSITIVE_PERMISSIONS or ohos.permission.REVOKE_SENSITIVE_PERMISSIONS 368 * @param { number } tokenID - Token ID of the application. 369 * @param { Permissions } permissionName - Name of the permission to be get. 370 * @returns { Promise<number> } Return permission flags. 371 * @throws { BusinessError } 401 - The parameter check failed. 372 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission specified below. 373 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 374 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 375 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 376 * @throws { BusinessError } 12100003 - The specified permission does not exist. 377 * @throws { BusinessError } 12100006 - The operation is not allowed. Either the application is a sandbox or the tokenID is from a remote device. 378 * @throws { BusinessError } 12100007 - Service is abnormal. 379 * @syscap SystemCapability.Security.AccessToken 380 * @systemapi 381 * @since 8 382 */ 383 getPermissionFlags(tokenID: number, permissionName: Permissions): Promise<number>; 384 385 /** 386 * Queries permission management version. 387 * 388 * @returns { Promise<number> } Return permission version. 389 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 390 * @syscap SystemCapability.Security.AccessToken 391 * @systemapi 392 * @since 9 393 */ 394 getVersion(): Promise<number>; 395 396 /** 397 * Queries permissions status of the given application. 398 * 399 * @permission ohos.permission.GET_SENSITIVE_PERMISSIONS 400 * @param { number } tokenID - Token ID of the application. 401 * @param { Array<Permissions> } permissionList - Indicates the list of permissions to be queried. This parameter cannot be null or empty. 402 * @returns { Promise<Array<PermissionStatus>> } Return permission status. 403 * @throws { BusinessError } 401 - The parameter check failed. 404 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.GET_SENSITIVE_PERMISSIONS". 405 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 406 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the permissionList is empty. 407 * @throws { BusinessError } 12100002 - The specified tokenID does not exist. 408 * @throws { BusinessError } 12100007 - Service is abnormal. 409 * @syscap SystemCapability.Security.AccessToken 410 * @systemapi 411 * @since 12 412 */ 413 getPermissionsStatus(tokenID: number, permissionList: Array<Permissions>): Promise<Array<PermissionStatus>>; 414 415 /** 416 * Registers a permission state callback so that the application can be notified upon specified permission state of specified applications changes. 417 * 418 * @permission ohos.permission.GET_SENSITIVE_PERMISSIONS 419 * @param { 'permissionStateChange' } type - Event type. 420 * @param { Array<number> } tokenIDList - A list of permissions that specify the permissions to be listened on. The value in the list can be: 421 * <ul> 422 * <li>{@code empty} - Indicates that the application can be notified if the specified permission state of any applications changes. 423 * </li> 424 * <li>{@code non-empty} - Indicates that the application can only be notified if the specified 425 * permission state of the specified applications change. 426 * </li> 427 * </ul> 428 * @param { Array<Permissions> } permissionList - A list of permissions that specify the permissions to be listened on. The value in the list can be: 429 * <ul> 430 * <li>{@code empty} - Indicates that the application can be notified if any permission state of the specified applications changes. 431 * </li> 432 * <li>{@code non-empty} - Indicates that the application can only be notified if the specified 433 * permission state of the specified applications changes. 434 * </li> 435 * </ul> 436 * @param { Callback<PermissionStateChangeInfo> } callback - Callback for the result from registering permissions. 437 * @throws { BusinessError } 401 - The parameter check failed. 438 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.GET_SENSITIVE_PERMISSIONS". 439 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 440 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. 441 * @throws { BusinessError } 12100004 - The interface is called repeatedly with the same input. 442 * @throws { BusinessError } 12100005 - The registration time has exceeded the limitation. 443 * @throws { BusinessError } 12100007 - Service is abnormal. 444 * @throws { BusinessError } 12100008 - Out of memory. 445 * @syscap SystemCapability.Security.AccessToken 446 * @systemapi 447 * @since 9 448 */ 449 on( 450 type: 'permissionStateChange', 451 tokenIDList: Array<number>, 452 permissionList: Array<Permissions>, 453 callback: Callback<PermissionStateChangeInfo> 454 ): void; 455 456 /** 457 * Unregisters a permission state callback so that the specified applications cannot be notified upon specified permissions state changes anymore. 458 * 459 * @permission ohos.permission.GET_SENSITIVE_PERMISSIONS 460 * @param { 'permissionStateChange' } type - Event type. 461 * @param { Array<number> } tokenIDList - A list of permissions that specify the permissions to be listened on. 462 * It should correspond to the value registered by function of "on", whose type is "permissionStateChange". 463 * @param { Array<Permissions> } permissionList - A list of permissions that specify the permissions to be listened on. 464 * It should correspond to the value registered by function of "on", whose type is "permissionStateChange". 465 * @param { Callback<PermissionStateChangeInfo> } callback - Callback for the result from unregistering permissions. 466 * @throws { BusinessError } 401 - The parameter check failed. 467 * @throws { BusinessError } 201 - Permission denied. Interface caller does not have permission "ohos.permission.GET_SENSITIVE_PERMISSIONS". 468 * @throws { BusinessError } 202 - Not System App. Interface caller is not a system app. 469 * @throws { BusinessError } 12100001 - The parameter is invalid. The tokenIDs or permissionNames in the list are all invalid. 470 * @throws { BusinessError } 12100004 - The interface is not used together with "on". 471 * @throws { BusinessError } 12100007 - Service is abnormal. 472 * @throws { BusinessError } 12100008 - Out of memory. 473 * @syscap SystemCapability.Security.AccessToken 474 * @systemapi 475 * @since 9 476 */ 477 off( 478 type: 'permissionStateChange', 479 tokenIDList: Array<number>, 480 permissionList: Array<Permissions>, 481 callback?: Callback<PermissionStateChangeInfo> 482 ): void; 483 } 484 485 /** 486 * GrantStatus. 487 * 488 * @enum { number } 489 * @syscap SystemCapability.Security.AccessToken 490 * @since 8 491 */ 492 /** 493 * GrantStatus. 494 * 495 * @enum { number } 496 * @syscap SystemCapability.Security.AccessToken 497 * @crossplatform 498 * @since 10 499 */ 500 /** 501 * GrantStatus. 502 * 503 * @enum { number } 504 * @syscap SystemCapability.Security.AccessToken 505 * @crossplatform 506 * @atomicservice 507 * @since 11 508 */ 509 export enum GrantStatus { 510 /** 511 * access_token permission check fail 512 * 513 * @syscap SystemCapability.Security.AccessToken 514 * @since 8 515 */ 516 /** 517 * access_token permission check fail 518 * 519 * @syscap SystemCapability.Security.AccessToken 520 * @crossplatform 521 * @since 10 522 */ 523 /** 524 * access_token permission check fail 525 * 526 * @syscap SystemCapability.Security.AccessToken 527 * @crossplatform 528 * @atomicservice 529 * @since 11 530 */ 531 PERMISSION_DENIED = -1, 532 /** 533 * access_token permission check success 534 * 535 * @syscap SystemCapability.Security.AccessToken 536 * @since 8 537 */ 538 /** 539 * access_token permission check success 540 * 541 * @syscap SystemCapability.Security.AccessToken 542 * @crossplatform 543 * @since 10 544 */ 545 /** 546 * access_token permission check success 547 * 548 * @syscap SystemCapability.Security.AccessToken 549 * @crossplatform 550 * @atomicservice 551 * @since 11 552 */ 553 PERMISSION_GRANTED = 0 554 } 555 556 /** 557 * Enum for permission state change type. 558 * 559 * @enum { number } 560 * @syscap SystemCapability.Security.AccessToken 561 * @systemapi 562 * @since 9 563 */ 564 export enum PermissionStateChangeType { 565 /** 566 * A granted user_grant permission is revoked. 567 * 568 * @syscap SystemCapability.Security.AccessToken 569 * @systemapi 570 * @since 9 571 */ 572 PERMISSION_REVOKED_OPER = 0, 573 /** 574 * A user_grant permission is granted. 575 * 576 * @syscap SystemCapability.Security.AccessToken 577 * @systemapi 578 * @since 9 579 */ 580 PERMISSION_GRANTED_OPER = 1 581 } 582 583 /** 584 * Indicates the information of permission state change. 585 * 586 * @interface PermissionStateChangeInfo 587 * @syscap SystemCapability.Security.AccessToken 588 * @systemapi 589 * @since 9 590 * @name PermissionStateChangeInfo 591 */ 592 interface PermissionStateChangeInfo { 593 /** 594 * Indicates the permission state change type. 595 * 596 * @type { PermissionStateChangeType } 597 * @syscap SystemCapability.Security.AccessToken 598 * @systemapi 599 * @since 9 600 */ 601 change: PermissionStateChangeType; 602 603 /** 604 * Indicates the application whose permission state has been changed. 605 * 606 * @type { number } 607 * @syscap SystemCapability.Security.AccessToken 608 * @systemapi 609 * @since 9 610 */ 611 tokenID: number; 612 613 /** 614 * Indicates the permission whose state has been changed. 615 * 616 * @type { Permissions } 617 * @syscap SystemCapability.Security.AccessToken 618 * @systemapi 619 * @since 9 620 */ 621 permissionName: Permissions; 622 } 623 624 /** 625 * PermissionStatus. 626 * 627 * @enum { number } 628 * @syscap SystemCapability.Security.AccessToken 629 * @systemapi 630 * @since 12 631 */ 632 export enum PermissionStatus { 633 /** 634 * permission has been denied, only can change it in settings 635 * 636 * @syscap SystemCapability.Security.AccessToken 637 * @systemapi 638 * @since 12 639 */ 640 DENIED = -1, 641 /** 642 * permission has been granted 643 * 644 * @syscap SystemCapability.Security.AccessToken 645 * @systemapi 646 * @since 12 647 */ 648 GRANTED = 0, 649 /** 650 * permission is not determined 651 * 652 * @syscap SystemCapability.Security.AccessToken 653 * @systemapi 654 * @since 12 655 */ 656 NOT_DETERMINED = 1, 657 /** 658 * permission is invalid 659 * 660 * @syscap SystemCapability.Security.AccessToken 661 * @systemapi 662 * @since 12 663 */ 664 INVALID = 2, 665 /** 666 * permission has been restricted 667 * 668 * @syscap SystemCapability.Security.AccessToken 669 * @systemapi 670 * @since 12 671 */ 672 RESTRICTED = 3 673 } 674} 675 676export default abilityAccessCtrl; 677export { Permissions }; 678/** 679 * PermissionRequestResult interface. 680 * 681 * @syscap SystemCapability.Security.AccessToken 682 * @stagemodelonly 683 * @crossplatform 684 * @since 10 685 */ 686/** 687 * PermissionRequestResult interface. 688 * 689 * @syscap SystemCapability.Security.AccessToken 690 * @stagemodelonly 691 * @crossplatform 692 * @atomicservice 693 * @since 11 694 */ 695export type PermissionRequestResult = _PermissionRequestResult; 696/** 697 * Context interface. 698 * 699 * @syscap SystemCapability.Security.AccessToken 700 * @stagemodelonly 701 * @crossplatform 702 * @since 10 703 */ 704/** 705 * Context interface. 706 * 707 * @syscap SystemCapability.Security.AccessToken 708 * @stagemodelonly 709 * @crossplatform 710 * @atomicservice 711 * @since 11 712 */ 713export type Context = _Context; 714