1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "data_translator.h"
17
18 #include <memory>
19
20 #include "accesstoken_dfx_define.h"
21 #include "accesstoken_common_log.h"
22 #include "access_token_error.h"
23 #include "data_validator.h"
24 #include "permission_validator.h"
25 #include "token_field_const.h"
26
27 namespace OHOS {
28 namespace Security {
29 namespace AccessToken {
30
TranslationIntoGenericValues(const PermissionDef & inPermissionDef,GenericValues & outGenericValues)31 int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues)
32 {
33 outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionDef.permissionName);
34 outGenericValues.Put(TokenFiledConst::FIELD_BUNDLE_NAME, inPermissionDef.bundleName);
35 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_MODE, inPermissionDef.grantMode);
36 outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_LEVEL, inPermissionDef.availableLevel);
37 outGenericValues.Put(TokenFiledConst::FIELD_PROVISION_ENABLE, inPermissionDef.provisionEnable ? 1 : 0);
38 outGenericValues.Put(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE,
39 inPermissionDef.distributedSceneEnable ? 1 : 0);
40 outGenericValues.Put(TokenFiledConst::FIELD_LABEL, inPermissionDef.label);
41 outGenericValues.Put(TokenFiledConst::FIELD_LABEL_ID, inPermissionDef.labelId);
42 outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION, inPermissionDef.description);
43 outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId);
44 outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_TYPE, inPermissionDef.availableType);
45 outGenericValues.Put(TokenFiledConst::FIELD_KERNEL_EFFECT, inPermissionDef.isKernelEffect ? 1 : 0);
46 outGenericValues.Put(TokenFiledConst::FIELD_HAS_VALUE, inPermissionDef.hasValue ? 1 : 0);
47 return RET_SUCCESS;
48 }
49
TranslationIntoPermissionDef(const GenericValues & inGenericValues,PermissionDef & outPermissionDef)50 int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef)
51 {
52 outPermissionDef.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME);
53 outPermissionDef.bundleName = inGenericValues.GetString(TokenFiledConst::FIELD_BUNDLE_NAME);
54 outPermissionDef.grantMode = inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_MODE);
55 int aplNum = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_LEVEL);
56 if (!DataValidator::IsAplNumValid(aplNum)) {
57 LOGE(ATM_DOMAIN, ATM_TAG, "Apl is wrong.");
58 return ERR_PARAM_INVALID;
59 }
60 outPermissionDef.availableLevel = static_cast<ATokenAplEnum>(aplNum);
61 outPermissionDef.provisionEnable = (inGenericValues.GetInt(TokenFiledConst::FIELD_PROVISION_ENABLE) == 1);
62 outPermissionDef.distributedSceneEnable =
63 (inGenericValues.GetInt(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE) == 1);
64 outPermissionDef.label = inGenericValues.GetString(TokenFiledConst::FIELD_LABEL);
65 outPermissionDef.labelId = inGenericValues.GetInt(TokenFiledConst::FIELD_LABEL_ID);
66 outPermissionDef.description = inGenericValues.GetString(TokenFiledConst::FIELD_DESCRIPTION);
67 outPermissionDef.descriptionId = inGenericValues.GetInt(TokenFiledConst::FIELD_DESCRIPTION_ID);
68 int availableType = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_TYPE);
69 outPermissionDef.availableType = static_cast<ATokenAvailableTypeEnum>(availableType);
70 outPermissionDef.isKernelEffect = (inGenericValues.GetInt(TokenFiledConst::FIELD_KERNEL_EFFECT) == 1);
71 outPermissionDef.hasValue = (inGenericValues.GetInt(TokenFiledConst::FIELD_HAS_VALUE) == 1);
72 return RET_SUCCESS;
73 }
74
TranslationIntoGenericValues(const PermissionStatus & inPermissionState,GenericValues & outGenericValues)75 int DataTranslator::TranslationIntoGenericValues(const PermissionStatus& inPermissionState,
76 GenericValues& outGenericValues)
77 {
78 outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionState.permissionName);
79 outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "");
80 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus);
81 int32_t grantFlag = static_cast<int32_t>(inPermissionState.grantFlag);
82 outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlag);
83 return RET_SUCCESS;
84 }
85
TranslationIntoPermissionStatus(const GenericValues & inGenericValues,PermissionStatus & outPermissionState)86 int DataTranslator::TranslationIntoPermissionStatus(const GenericValues& inGenericValues,
87 PermissionStatus& outPermissionState)
88 {
89 outPermissionState.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME);
90 if (!DataValidator::IsPermissionNameValid(outPermissionState.permissionName)) {
91 LOGE(ATM_DOMAIN, ATM_TAG, "Permission name is wrong");
92 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
93 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
94 "ERROR_REASON", "permission name error");
95 return ERR_PARAM_INVALID;
96 }
97
98 int grantFlag = (PermissionFlag)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_FLAG);
99 if (!PermissionValidator::IsPermissionFlagValid(grantFlag)) {
100 LOGE(ATM_DOMAIN, ATM_TAG, "GrantFlag is wrong");
101 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
102 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
103 "ERROR_REASON", "permission grant flag error");
104 return ERR_PARAM_INVALID;
105 }
106 outPermissionState.grantFlag = static_cast<uint32_t>(grantFlag);
107
108 int grantStatus = (PermissionState)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_STATE);
109 if (!PermissionValidator::IsGrantStatusValid(grantStatus)) {
110 LOGE(ATM_DOMAIN, ATM_TAG, "GrantStatus is wrong");
111 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
112 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
113 "ERROR_REASON", "permission grant status error");
114 return ERR_PARAM_INVALID;
115 }
116 if (static_cast<uint32_t>(grantFlag) & PERMISSION_ALLOW_THIS_TIME) {
117 grantStatus = PERMISSION_DENIED;
118 }
119 outPermissionState.grantStatus = grantStatus;
120
121 return RET_SUCCESS;
122 }
123
TranslationIntoExtendedPermission(const GenericValues & inGenericValues,PermissionWithValue & perm)124 int32_t DataTranslator::TranslationIntoExtendedPermission(
125 const GenericValues& inGenericValues, PermissionWithValue& perm)
126 {
127 perm.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME);
128 if (!DataValidator::IsPermissionNameValid(perm.permissionName)) {
129 LOGE(ATM_DOMAIN, ATM_TAG, "Permission name is wrong");
130 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
131 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
132 "ERROR_REASON", "permission name error");
133 return ERR_PARAM_INVALID;
134 }
135 perm.value = inGenericValues.GetString(TokenFiledConst::FIELD_VALUE);
136 if (perm.value.empty()) {
137 LOGE(ATM_DOMAIN, ATM_TAG, "Extended Permission value is empty");
138 HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK",
139 HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR,
140 "ERROR_REASON", "extended value empty");
141 return ERR_PARAM_INVALID;
142 }
143
144 return RET_SUCCESS;
145 }
146 } // namespace AccessToken
147 } // namespace Security
148 } // namespace OHOS
149