1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef PERMISSION_RECORD_MANAGER_H 17 #define PERMISSION_RECORD_MANAGER_H 18 19 #include <set> 20 #include <string> 21 #include <unordered_set> 22 #include <vector> 23 24 #ifdef EVENTHANDLER_ENABLE 25 #include "access_event_handler.h" 26 #endif 27 #include "access_token.h" 28 #include "active_change_response_info.h" 29 #include "add_perm_param_info.h" 30 #include "app_manager_death_callback.h" 31 #include "app_status_change_callback.h" 32 #include "hap_token_info.h" 33 #include "libraryloader.h" 34 #include "nocopyable.h" 35 #include "on_permission_used_record_callback.h" 36 #include "permission_record.h" 37 #include "permission_record_set.h" 38 #include "permission_used_request.h" 39 #include "permission_used_result.h" 40 #include "permission_used_type_info.h" 41 #include "privacy_param.h" 42 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 43 #include "privacy_window_manager_agent.h" 44 #endif 45 #include "rwlock.h" 46 #include "safe_map.h" 47 #include "thread_pool.h" 48 49 namespace OHOS { 50 namespace Security { 51 namespace AccessToken { 52 class PrivacyAppStateObserver : public ApplicationStateObserverStub { 53 public: 54 PrivacyAppStateObserver() = default; 55 ~PrivacyAppStateObserver() = default; 56 void OnProcessDied(const ProcessData &processData) override; 57 void OnAppStopped(const AppStateData &appStateData) override; 58 void OnAppStateChanged(const AppStateData &appStateData) override; 59 DISALLOW_COPY_AND_MOVE(PrivacyAppStateObserver); 60 }; 61 62 class PrivacyAppManagerDeathCallback : public AppManagerDeathCallback { 63 public: 64 PrivacyAppManagerDeathCallback() = default; 65 ~PrivacyAppManagerDeathCallback() = default; 66 67 void NotifyAppManagerDeath() override; 68 DISALLOW_COPY_AND_MOVE(PrivacyAppManagerDeathCallback); 69 }; 70 71 class PermissionRecordManager final { 72 public: 73 static PermissionRecordManager& GetInstance(); 74 virtual ~PermissionRecordManager(); 75 76 void Init(); 77 int32_t AddPermissionUsedRecord(const AddPermParamInfo& info); 78 void RemovePermissionUsedRecords(AccessTokenID tokenId); 79 bool IsUserIdValid(int32_t userID) const; 80 int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status); 81 int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status); 82 void RemoveHistoryPermissionUsedRecords(std::unordered_set<AccessTokenID> tokenIDList); 83 int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); 84 int32_t GetPermissionUsedRecordsAsync( 85 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback); 86 int32_t StartUsingPermission(const PermissionUsedTypeInfo &info, int32_t callerPid); 87 int32_t StartUsingPermission(const PermissionUsedTypeInfo &info, const sptr<IRemoteObject>& callback, 88 int32_t callerPid); 89 int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName, 90 int32_t callerPid); 91 bool HasCallerInStartList(int32_t callerPid); 92 int32_t RegisterPermActiveStatusCallback( 93 AccessTokenID regiterTokenId, const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback); 94 int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback); 95 96 void CallbackExecute(const ContinusPermissionRecord& record, const std::string& permissionName, 97 PermissionUsedType type = PermissionUsedType::NORMAL_TYPE); 98 int32_t PermissionListFilter(const std::vector<std::string>& listSrc, std::vector<std::string>& listRes); 99 bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, int32_t pid); 100 int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, 101 std::vector<PermissionUsedTypeInfo>& results); 102 int32_t SetMutePolicy(const PolicyType& policyType, const CallerType& callerType, bool isMute, 103 AccessTokenID tokenID); 104 int32_t SetEdmMutePolicy(const std::string permissionName, bool isMute); 105 int32_t SetPrivacyMutePolicy(const std::string permissionName, bool isMute); 106 int32_t SetTempMutePolicy(const std::string permissionName, bool isMute); 107 int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed); 108 109 void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); 110 void SetLockScreenStatus(int32_t lockScreenStatus); 111 int32_t GetLockScreenStatus(bool isIpc = false); 112 113 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 114 void NotifyCameraWindowChange(bool isPip, AccessTokenID tokenId, bool isShowing); 115 void OnWindowMgrRemoteDied(); 116 #endif 117 void OnAppMgrRemoteDiedHandle(); 118 void OnAudioMgrRemoteDiedHandle(); 119 void OnCameraMgrRemoteDiedHandle(); 120 void RemoveRecordFromStartListByPid(const AccessTokenID tokenId, int32_t pid); 121 void RemoveRecordFromStartListByToken(const AccessTokenID tokenId); 122 void RemoveRecordFromStartListByOp(int32_t opCode); 123 void RemoveRecordFromStartListByCallerPid(int32_t callerPid); 124 void ExecuteAllCameraExecuteCallback(); 125 void UpdatePermRecImmediately(); 126 void ExecuteDeletePermissionRecordTask(); 127 128 private: 129 PermissionRecordManager(); 130 DISALLOW_COPY_AND_MOVE(PermissionRecordManager); 131 132 bool IsAllowedUsingCamera(AccessTokenID tokenId, int32_t pid); 133 bool IsAllowedUsingMicrophone(AccessTokenID tokenId, int32_t pid); 134 135 bool CheckPermissionUsedRecordToggleStatus(int32_t userID); 136 bool UpdatePermUsedRecToggleStatusMap(int32_t userID, bool status); 137 void UpdatePermUsedRecToggleStatusMapFromDb(); 138 bool AddOrUpdateUsedStatusIfNeeded(int32_t userID, bool status); 139 void AddRecToCacheAndValueVec(const PermissionRecord& record, std::vector<GenericValues>& values); 140 int32_t MergeOrInsertRecord(const PermissionRecord& record); 141 bool UpdatePermissionUsedRecordToDb(const PermissionRecord& record); 142 int32_t AddRecord(const PermissionRecord& record); 143 int32_t GetPermissionRecord(const AddPermParamInfo& info, PermissionRecord& record); 144 bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); 145 int32_t GetCurDeleteTaskNum(); 146 void AddDeleteTaskNum(); 147 void ReduceDeleteTaskNum(); 148 int32_t DeletePermissionRecord(int32_t days); 149 150 void GetMergedRecordsFromCache(std::vector<PermissionRecord>& mergedRecords); 151 void InsteadMergedRecIfNecessary(GenericValues& mergedRecord, std::vector<PermissionRecord>& mergedRecords); 152 void MergeSamePermission(const PermissionUsageFlag& flag, const PermissionUsedRecord& inRecord, 153 PermissionUsedRecord& outRecord); 154 void FillPermissionUsedRecords(const PermissionUsedRecord& record, const PermissionUsageFlag& flag, 155 std::vector<PermissionUsedRecord>& permissionRecords); 156 bool FillBundleUsedRecord(const GenericValues& value, const PermissionUsageFlag& flag, 157 std::map<int32_t, BundleUsedRecord>& tokenIdToBundleMap, std::map<int32_t, int32_t>& tokenIdToCountMap, 158 PermissionUsedResult& result); 159 bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); 160 161 void ExecuteAndUpdateRecord(uint32_t tokenId, int32_t pid, ActiveChangeType status); 162 163 #ifndef APP_SECURITY_PRIVACY_SERVICE 164 void ExecuteAndUpdateRecordByPerm(const std::string& permissionName, bool switchStatus); 165 bool ShowGlobalDialog(const std::string& permissionName); 166 #endif 167 int32_t RemoveRecordFromStartList(AccessTokenID tokenId, int32_t pid, 168 const std::string& permissionName, int32_t callerPid); 169 int32_t AddRecordToStartList(const PermissionUsedTypeInfo& info, int32_t status, int32_t callerPid); 170 171 void PermListToString(const std::vector<std::string>& permList); 172 bool GetGlobalSwitchStatus(const std::string& permissionName); 173 void ModifyMuteStatus(const std::string& permissionName, int32_t index, bool isMute); 174 bool GetMuteStatus(const std::string& permissionName, int32_t index); 175 176 void ExecuteCameraCallbackAsync(AccessTokenID tokenId, int32_t pid); 177 178 void TransformEnumToBitValue(const PermissionUsedType type, uint32_t& value); 179 bool AddOrUpdateUsedTypeIfNeeded(const AccessTokenID tokenId, const int32_t opCode, 180 const PermissionUsedType type); 181 void AddDataValueToResults(const GenericValues value, std::vector<PermissionUsedTypeInfo>& results); 182 183 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 184 bool HasUsingCamera(); 185 void ClearWindowShowing(); 186 #endif 187 bool IsCameraWindowShow(AccessTokenID tokenId); 188 uint64_t GetUniqueId(uint32_t tokenId, int32_t pid) const; 189 bool RegisterWindowCallback(); 190 void InitializeMuteState(const std::string& permissionName); 191 int32_t GetAppStatus(AccessTokenID tokenId, int32_t pid = -1); 192 193 bool RegisterAppStatusListener(); 194 bool Register(); 195 bool RegisterApplicationStateObserver(); 196 void Unregister(); 197 bool GetMuteParameter(const char* key, bool& isMute); 198 199 void SetDefaultConfigValue(); 200 void GetConfigValue(); 201 bool ToRemoveRecord(const ContinusPermissionRecord& targetRecord, 202 const IsEqualFunc& isEqualFunc, bool needClearCamera = true); 203 204 private: 205 bool hasInited_ = false; 206 OHOS::Utils::RWLock rwLock_; 207 std::mutex startRecordListMutex_; 208 std::set<ContinusPermissionRecord> startRecordList_; 209 SafeMap<uint64_t, sptr<IRemoteObject>> cameraCallbackMap_; 210 211 // microphone 212 std::mutex micMuteMutex_; 213 std::mutex micLoadMutex_; 214 bool isMicEdmMute_ = false; 215 bool isMicMixMute_ = false; 216 bool isMicLoad_ = false; 217 218 // camera 219 std::mutex camMuteMutex_; 220 std::mutex camLoadMutex_; 221 bool isCamEdmMute_ = false; 222 bool isCamMixMute_ = false; 223 bool isCamLoad_ = false; 224 225 // appState 226 std::mutex appStateMutex_; 227 sptr<PrivacyAppStateObserver> appStateCallback_ = nullptr; 228 229 // app manager death 230 std::mutex appManagerDeathMutex_; 231 std::shared_ptr<PrivacyAppManagerDeathCallback> appManagerDeathCallback_ = nullptr; 232 233 // lockScreenState 234 std::mutex lockScreenStateMutex_; 235 int32_t lockScreenStatus_ = LockScreenStatusChangeType::PERM_ACTIVE_IN_UNLOCKED; 236 237 // foreground reminder 238 std::mutex foreReminderMutex_; 239 std::vector<uint32_t> foreTokenIdList_; 240 241 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 242 std::mutex windowMutex_; 243 bool isWmRegistered = false; 244 sptr<PrivacyWindowManagerAgent> floatWindowCallback_ = nullptr; 245 sptr<PrivacyWindowManagerAgent> pipWindowCallback_ = nullptr; 246 247 std::mutex windowStatusMutex_; 248 // camera float window 249 bool camFloatWindowShowing_ = false; 250 AccessTokenID floatWindowTokenId_ = 0; 251 252 // pip window 253 bool pipWindowShowing_ = false; 254 AccessTokenID pipWindowTokenId_ = 0; 255 #endif 256 257 // record config 258 int32_t recordSizeMaximum_ = 0; 259 int32_t recordAgingTime_ = 0; 260 #ifndef APP_SECURITY_PRIVACY_SERVICE 261 std::string globalDialogBundleName_; 262 std::string globalDialogAbilityName_; 263 std::mutex abilityManagerMutex_; 264 std::shared_ptr<LibraryLoader> abilityManagerLoader_; 265 #endif 266 std::atomic_int32_t deleteTaskNum_ = 0; 267 268 std::mutex permUsedRecMutex_; 269 std::vector<PermissionRecordCache> permUsedRecList_; 270 271 std::mutex permUsedRecToggleStatusMutex_; 272 std::map<int32_t, bool> permUsedRecToggleStatusMap_; 273 }; 274 } // namespace AccessToken 275 } // namespace Security 276 } // namespace OHOS 277 #endif // PERMISSION_RECORD_MANAGER_H