• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "bundle_manager_adapter.h"
17 #include "accesstoken_kit.h"
18 #include "account_adapt.h"
19 #include "dlp_permission_log.h"
20 #include "dlp_permission.h"
21 #include "iservice_registry.h"
22 #include "system_ability_definition.h"
23 
24 namespace OHOS {
25 namespace Security {
26 namespace DlpPermission {
27 using namespace Security::AccessToken;
28 namespace {
29 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_DLP_PERMISSION,
30     "BundleManagerAdapter" };
31 std::mutex g_instanceMutex;
32 }
GetInstance()33 BundleManagerAdapter& BundleManagerAdapter::GetInstance()
34 {
35     static BundleManagerAdapter* instance = nullptr;
36     if (instance == nullptr) {
37         std::lock_guard<std::mutex> lock(g_instanceMutex);
38         if (instance == nullptr) {
39             instance = new BundleManagerAdapter();
40         }
41     }
42     return *instance;
43 }
44 
BundleManagerAdapter()45 BundleManagerAdapter::BundleManagerAdapter() :proxy_(nullptr)
46 {}
47 
~BundleManagerAdapter()48 BundleManagerAdapter::~BundleManagerAdapter()
49 {}
50 
CheckHapPermission(const std::string & bundleName,const std::string & permission)51 bool BundleManagerAdapter::CheckHapPermission(const std::string & bundleName, const std::string & permission)
52 {
53     int32_t userId = -1;
54     if (!GetUserIdByForegroundAccount(&userId)) {
55         DLP_LOG_ERROR(LABEL, "GetUserIdByForegroundAccount error");
56         return false;
57     }
58     AccessTokenID tokenId = AccessToken::AccessTokenKit::GetHapTokenID(userId, bundleName, 0);
59     if (tokenId == 0) {
60         DLP_LOG_ERROR(LABEL, "Get normal tokenId error.");
61         return false;
62     }
63     int res = AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, permission);
64     if (res == AccessToken::PermissionState::PERMISSION_GRANTED) {
65         DLP_LOG_INFO(LABEL, "Check permission %{public}s pass", permission.c_str());
66         return true;
67     }
68     DLP_LOG_ERROR(LABEL, "Check permission %{public}s fail", permission.c_str());
69     return false;
70 }
71 
GetBundleInfo(const std::string & bundleName,int32_t flag,AppExecFwk::BundleInfo & bundleInfo,int32_t userId)72 bool BundleManagerAdapter::GetBundleInfo(const std::string &bundleName, int32_t flag,
73     AppExecFwk::BundleInfo &bundleInfo, int32_t userId)
74 {
75     std::lock_guard<std::mutex> lock(proxyMutex_);
76     int32_t result = Connect();
77     if (result != DLP_OK) {
78         DLP_LOG_ERROR(LABEL, "failed to connect bundle manager service.");
79         return false;
80     }
81     return proxy_->GetBundleInfo(bundleName, flag, bundleInfo, userId);
82 }
83 
GetApplicationInfo(const std::string & appName,const int32_t flag,const int32_t userId,AppExecFwk::ApplicationInfo & applicationInfo)84 bool BundleManagerAdapter::GetApplicationInfo(const std::string &appName, const int32_t flag, const  int32_t userId,
85     AppExecFwk::ApplicationInfo &applicationInfo)
86 {
87     std::lock_guard<std::mutex> lock(proxyMutex_);
88     int32_t result = Connect();
89     if (result != DLP_OK) {
90         DLP_LOG_ERROR(LABEL, "failed to connect bundle manager service.");
91         return false;
92     }
93     return proxy_->GetApplicationInfo(appName, flag, userId, applicationInfo);
94 }
95 
GetBundleInfoV9(const std::string & bundleName,AppExecFwk::BundleFlag flag,AppExecFwk::BundleInfo & bundleInfo,int32_t userId)96 int32_t BundleManagerAdapter::GetBundleInfoV9(const std::string &bundleName, AppExecFwk::BundleFlag flag,
97     AppExecFwk::BundleInfo &bundleInfo, int32_t userId)
98 {
99     std::lock_guard<std::mutex> lock(proxyMutex_);
100     int32_t result = Connect();
101     if (result != DLP_OK) {
102         DLP_LOG_ERROR(LABEL, "failed to connect bundle manager service.");
103         return false;
104     }
105     return proxy_->GetBundleInfoV9(bundleName, flag, bundleInfo, userId);
106 }
107 
Connect()108 int32_t BundleManagerAdapter::Connect()
109 {
110     if (proxy_ != nullptr) {
111         return DLP_OK;
112     }
113     sptr<ISystemAbilityManager> systemAbilityManager =
114         SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
115     if (systemAbilityManager == nullptr) {
116         DLP_LOG_ERROR(LABEL, "failed to get system ability manager");
117         return DLP_SERVICE_ERROR_IPC_REQUEST_FAIL;
118     }
119 
120     sptr<IRemoteObject> remoteObj = systemAbilityManager->CheckSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID);
121     if (remoteObj == nullptr) {
122         DLP_LOG_ERROR(LABEL, "Fail to connect bundle manager service.");
123         return DLP_SERVICE_ERROR_IPC_REQUEST_FAIL;
124     }
125 
126     proxy_ = iface_cast<AppExecFwk::IBundleMgr>(remoteObj);
127     if (proxy_ == nullptr) {
128         DLP_LOG_ERROR(LABEL, "failed to get bundle mgr service remote object");
129         return DLP_SERVICE_ERROR_IPC_REQUEST_FAIL;
130     }
131     return DLP_OK;
132 }
133 } // namespace DlpPermission
134 } // namespace Security
135 } // namespace OHOS