• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef ACCESSTOKEN_MANAGER_CLIENT_H
17 #define ACCESSTOKEN_MANAGER_CLIENT_H
18 
19 #include <map>
20 #include <mutex>
21 #include <string>
22 #include <vector>
23 
24 #include "access_token.h"
25 #include "atm_tools_param_info.h"
26 #include "accesstoken_death_recipient.h"
27 #include "hap_base_info_parcel.h"
28 #include "hap_info_parcel.h"
29 #include "hap_policy_parcel.h"
30 #include "hap_token_info.h"
31 #include "i_accesstoken_manager.h"
32 #include "nocopyable.h"
33 #include "permission_def.h"
34 #include "permission_grant_info.h"
35 #include "accesstoken_callbacks.h"
36 #include "permission_state_full.h"
37 #include "perm_state_change_callback_customize.h"
38 #ifdef TOKEN_SYNC_ENABLE
39 #include "token_sync_kit_interface.h"
40 #endif // TOKEN_SYNC_ENABLE
41 
42 namespace OHOS {
43 namespace Security {
44 namespace AccessToken {
45 class AccessTokenManagerClient final {
46 public:
47     static AccessTokenManagerClient& GetInstance();
48 
49     virtual ~AccessTokenManagerClient();
50 
51     PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName);
52     int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName);
53     int VerifyAccessToken(AccessTokenID tokenID,
54         const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList);
55     int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult);
56     int GetReqPermissions(
57         AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant);
58     int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag);
59     int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID);
60     int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID);
61     int32_t RequestAppPermOnSetting(AccessTokenID tokenID);
62     PermissionOper GetSelfPermissionsState(std::vector<PermissionListState>& permList,
63         PermissionGrantInfo& info);
64     int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector<PermissionListState>& permList);
65     int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag);
66     int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag);
67     int GrantPermissionForSpecifiedTime(
68         AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime);
69     int ClearUserGrantedPermissionState(AccessTokenID tokenID);
70     AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicy& policy);
71     int32_t InitHapToken(const HapInfoParams& info, HapPolicy& policy,
72         AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result);
73     int DeleteToken(AccessTokenID tokenID);
74     ATokenTypeEnum GetTokenType(AccessTokenID tokenID);
75     AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex);
76     AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID);
77     int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info,
78         const HapPolicy& policy, HapInfoCheckResult& result);
79     int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenList);
80     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes);
81     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes);
82 #ifndef ATM_BUILD_VARIANT_USER_ENABLE
83     int32_t ReloadNativeTokenInfo();
84 #endif
85     int GetHapTokenInfoExtension(AccessTokenID tokenID, HapTokenInfoExt& info);
86     AccessTokenID GetNativeTokenId(const std::string& processName);
87     int32_t RegisterPermStateChangeCallback(
88         const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb, RegisterPermChangeType type);
89     int32_t UnRegisterPermStateChangeCallback(
90         const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb, RegisterPermChangeType type);
91 
92 #ifdef TOKEN_SYNC_ENABLE
93     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
94     int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync);
95     int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID);
96     AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID);
97     int DeleteRemoteDeviceTokens(const std::string& deviceID);
98     int32_t RegisterTokenSyncCallback(const std::shared_ptr<TokenSyncKitInterface>& syncCallback);
99     int32_t UnRegisterTokenSyncCallback();
100 #endif
101 
102     int32_t GetKernelPermissions(
103         AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList);
104     int32_t GetReqPermissionByName(
105         AccessTokenID tokenId, const std::string& permissionName, std::string& value);
106     void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo);
107     int32_t GetVersion(uint32_t& version);
108     void OnRemoteDiedHandle();
109     int32_t SetPermDialogCap(const HapBaseInfo& hapBaseInfo, bool enable);
110     void GetPermissionManagerInfo(PermissionGrantInfo& info);
111     int32_t InitUserPolicy(const std::vector<UserState>& userList, const std::vector<std::string>& permList);
112     int32_t UpdateUserPolicy(const std::vector<UserState>& userList);
113     int32_t ClearUserPolicy();
114 
115 private:
116     AccessTokenManagerClient();
117     int32_t CreatePermStateChangeCallback(
118         const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb,
119         sptr<PermissionStateChangeCallback>& callback);
120 
121     DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient);
122     std::mutex proxyMutex_;
123     sptr<IAccessTokenManager> proxy_ = nullptr;
124     sptr<AccessTokenDeathRecipient> serviceDeathObserver_ = nullptr;
125     void InitProxy();
126     sptr<IAccessTokenManager> GetProxy();
127     void ReleaseProxy();
128     std::mutex callbackMutex_;
129     std::map<std::shared_ptr<PermStateChangeCallbackCustomize>, sptr<PermissionStateChangeCallback>> callbackMap_;
130 
131 #ifdef TOKEN_SYNC_ENABLE
132     std::mutex tokenSyncCallbackMutex_;
133     std::shared_ptr<TokenSyncKitInterface> syncCallbackImpl_ = nullptr;
134     sptr<TokenSyncCallback> tokenSyncCallback_ = nullptr;
135 #endif // TOKEN_SYNC_ENABLE
136 };
137 } // namespace AccessToken
138 } // namespace Security
139 } // namespace OHOS
140 #endif // ACCESSTOKEN_MANAGER_CLIENT_H
141