1 /* 2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup AccessToken 18 * @{ 19 * 20 * @brief Provides permission management interfaces. 21 * 22 * Provides tokenID-based application permission verification mechanism. 23 * When an application accesses sensitive data or APIs, this module can check 24 * whether the application has the corresponding permission. Allows applications 25 * to query their access token information or APL levcels based on token IDs. 26 * 27 * @since 7.0 28 * @version 7.0 29 */ 30 31 /** 32 * @file hap_token_info.h 33 * 34 * @brief Declares hap token infos. 35 * 36 * @since 7.0 37 * @version 7.0 38 */ 39 40 #ifndef ACCESSTOKEN_HAP_TOKEN_INFO_H 41 #define ACCESSTOKEN_HAP_TOKEN_INFO_H 42 43 #include "access_token.h" 44 #include "permission_def.h" 45 #include "permission_state_full.h" 46 #include "permission_status.h" 47 #include <map> 48 #include <string> 49 #include <vector> 50 51 namespace OHOS { 52 namespace Security { 53 namespace AccessToken { 54 /** 55 * @brief Declares hap info params class 56 */ 57 class HapInfoParams final { 58 public: 59 int userID; 60 std::string bundleName; 61 /** instance index */ 62 int instIndex; 63 /** 64 * dlp type, for details about the valid values, 65 * see the definition of HapDlpType in the access_token.h file. 66 */ 67 int dlpType; 68 std::string appIDDesc; 69 /** which version of the SDK is used to develop the hap */ 70 int32_t apiVersion; 71 /** indicates whether the hap is a system app */ 72 bool isSystemApp; 73 /* app type */ 74 std::string appDistributionType; 75 bool isRestore = false; 76 AccessTokenID tokenID = INVALID_TOKENID; 77 }; 78 79 /** 80 * @brief Declares hap info params class 81 */ 82 class UpdateHapInfoParams final { 83 public: 84 std::string appIDDesc; 85 /** which version of the SDK is used to develop the hap */ 86 int32_t apiVersion; 87 /** indicates whether the hap is a system app */ 88 bool isSystemApp; 89 /* app type */ 90 std::string appDistributionType; 91 }; 92 93 /** 94 * @brief Declares hap token info class 95 */ 96 class HapTokenInfo final { 97 public: 98 char ver; 99 int userID; 100 std::string bundleName; 101 /** which version of the SDK is used to develop this hap */ 102 int32_t apiVersion; 103 /** instance index */ 104 int instIndex; 105 /** 106 * dlp type, for details about the valid values, 107 * see the definition of HapDlpType in the access_token.h file. 108 */ 109 int dlpType; 110 AccessTokenID tokenID; 111 /** token attribute */ 112 AccessTokenAttr tokenAttr; 113 }; 114 115 /** 116 * @brief Declares hap token info for distributed synchronize class 117 */ 118 class HapTokenInfoForSync final { 119 public: 120 /** hap token info */ 121 HapTokenInfo baseInfo; 122 /** permission state list */ 123 std::vector<PermissionStatus> permStateList; 124 }; 125 126 class HapTokenInfoExt final { 127 public: 128 /** hap token info */ 129 HapTokenInfo baseInfo; 130 /** hap app id */ 131 std::string appID; 132 }; 133 134 /** 135 * @brief Declares hap base token info class 136 */ 137 class HapBaseInfo final { 138 public: 139 int32_t userID; 140 std::string bundleName = ""; 141 /** instance index */ 142 int32_t instIndex = 0; 143 }; 144 145 /** 146 * @brief Pre-authorization token info class 147 */ 148 class PreAuthorizationInfo final { 149 public: 150 std::string permissionName; 151 /** Whether the pre-authorization is non-cancelable */ 152 bool userCancelable = false; 153 }; 154 155 /** 156 * @brief Declares hap policy params class 157 */ 158 class HapPolicyParams final { 159 public: 160 /** 161 * apl level, for details about the valid values, 162 * see the definition of ATokenAplEnum in the access_token.h file. 163 */ 164 ATokenAplEnum apl; 165 std::string domain; 166 std::vector<PermissionDef> permList; 167 std::vector<PermissionStateFull> permStateList; 168 std::vector<std::string> aclRequestedList; 169 std::vector<PreAuthorizationInfo> preAuthorizationInfo; 170 HapPolicyCheckIgnore checkIgnore = HapPolicyCheckIgnore::NONE; 171 std::map<std::string, std::string> aclExtendedMap; 172 }; 173 174 /** 175 * @brief Declares the result after failing to update or install hap 176 */ 177 class PermissionInfoCheckResult final { 178 public: 179 std::string permissionName; 180 PermissionRulesEnum rule; 181 }; 182 183 class HapInfoCheckResult final { 184 public: 185 /** 186 * permission detail after failing to install or update hap 187 */ 188 PermissionInfoCheckResult permCheckResult; 189 }; 190 191 /** 192 * @brief Declares hap policy params class 193 */ 194 class HapPolicy final { 195 public: 196 /** 197 * apl level, for details about the valid values, 198 * see the definition of ATokenAplEnum in the access_token.h file. 199 */ 200 ATokenAplEnum apl; 201 std::string domain; 202 std::vector<PermissionDef> permList; 203 std::vector<PermissionStatus> permStateList; 204 std::vector<std::string> aclRequestedList; 205 std::vector<PreAuthorizationInfo> preAuthorizationInfo; 206 HapPolicyCheckIgnore checkIgnore = HapPolicyCheckIgnore::NONE; 207 std::map<std::string, std::string> aclExtendedMap; 208 }; 209 210 /** 211 * @brief Declares permission with value 212 */ 213 class PermissionWithValue final { 214 public: 215 std::string permissionName; 216 std::string value; 217 }; 218 } // namespace AccessToken 219 } // namespace Security 220 } // namespace OHOS 221 #endif // ACCESSTOKEN_HAP_TOKEN_INFO_H 222