1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "uri_permission_manager_proxy.h"
17
18 #include "ability_manager_errors.h"
19 #include "hilog_tag_wrapper.h"
20 #include "parcel.h"
21
22 namespace OHOS {
23 namespace AAFwk {
24 namespace {
25 const int MAX_URI_COUNT = 500;
26 const uint32_t CYCLE_LIMIT = 1000;
27 }
28
UriPermissionManagerProxy(const sptr<IRemoteObject> & impl)29 UriPermissionManagerProxy::UriPermissionManagerProxy(const sptr<IRemoteObject> &impl)
30 : IRemoteProxy<IUriPermissionManager>(impl) {}
31
WriteBatchUris(MessageParcel & data,const std::vector<Uri> & uriVec)32 bool UriPermissionManagerProxy::WriteBatchUris(MessageParcel &data, const std::vector<Uri> &uriVec)
33 {
34 std::vector<std::string> uriStrVec;
35 for (auto &uri : uriVec) {
36 uriStrVec.emplace_back(uri.ToString());
37 }
38 if (!data.WriteUint32(uriStrVec.size())) {
39 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uri size failed");
40 return false;
41 }
42 if (!data.WriteStringVector(uriStrVec)) {
43 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uris failed");
44 return false;
45 }
46 return true;
47 }
48
GrantUriPermission(const Uri & uri,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId)49 int UriPermissionManagerProxy::GrantUriPermission(const Uri &uri, unsigned int flag,
50 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId)
51 {
52 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
53 MessageParcel data;
54 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
55 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
56 return INNER_ERR;
57 }
58 if (!data.WriteParcelable(&uri)) {
59 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uri failed");
60 return INNER_ERR;
61 }
62 if (!data.WriteUint32(flag)) {
63 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write flag failed");
64 return INNER_ERR;
65 }
66 if (!data.WriteString(targetBundleName)) {
67 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write targetBundleName failed");
68 return INNER_ERR;
69 }
70 if (!data.WriteInt32(appIndex)) {
71 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write appIndex failed");
72 return INNER_ERR;
73 }
74 if (!data.WriteUint32(initiatorTokenId)) {
75 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write initiatorTokenId failed");
76 return INNER_ERR;
77 }
78 MessageParcel reply;
79 MessageOption option;
80 int error = SendTransactCmd(UriPermMgrCmd::ON_GRANT_URI_PERMISSION, data, reply, option);
81 if (error != ERR_OK) {
82 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest failed, error:%{public}d", error);
83 return INNER_ERR;
84 }
85 return reply.ReadInt32();
86 }
87
GrantUriPermission(const std::vector<Uri> & uriVec,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId)88 int UriPermissionManagerProxy::GrantUriPermission(const std::vector<Uri> &uriVec, unsigned int flag,
89 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId)
90 {
91 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
92 if (uriVec.empty() || uriVec.size() > MAX_URI_COUNT) {
93 TAG_LOGE(AAFwkTag::URIPERMMGR, "uriVec empty or exceed maxSize %{public}d", MAX_URI_COUNT);
94 return ERR_URI_LIST_OUT_OF_RANGE;
95 }
96 MessageParcel data;
97 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
98 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
99 return INNER_ERR;
100 }
101 if (!WriteBatchUris(data, uriVec)) {
102 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write Batch uris failed");
103 return INNER_ERR;
104 }
105 if (!data.WriteUint32(flag)) {
106 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write flag failed");
107 return INNER_ERR;
108 }
109 if (!data.WriteString(targetBundleName)) {
110 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write targetBundleName failed");
111 return INNER_ERR;
112 }
113 if (!data.WriteInt32(appIndex)) {
114 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write appIndex failed");
115 return INNER_ERR;
116 }
117 if (!data.WriteUint32(initiatorTokenId)) {
118 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write initiatorTokenId failed");
119 return INNER_ERR;
120 }
121 MessageParcel reply;
122 MessageOption option;
123 int error = SendTransactCmd(UriPermMgrCmd::ON_BATCH_GRANT_URI_PERMISSION, data, reply, option);
124 if (error != ERR_OK) {
125 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest failed, error:%{public}d", error);
126 return INNER_ERR;
127 }
128 return reply.ReadInt32();
129 }
130
GrantUriPermissionPrivileged(const std::vector<Uri> & uriVec,uint32_t flag,const std::string & targetBundleName,int32_t appIndex,uint32_t initiatorTokenId,int32_t hideSensitiveType)131 int32_t UriPermissionManagerProxy::GrantUriPermissionPrivileged(const std::vector<Uri> &uriVec, uint32_t flag,
132 const std::string &targetBundleName, int32_t appIndex, uint32_t initiatorTokenId, int32_t hideSensitiveType)
133 {
134 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
135 if (uriVec.empty() || uriVec.size() > MAX_URI_COUNT) {
136 TAG_LOGE(AAFwkTag::URIPERMMGR, "uriVec empty or exceed maxSize %{public}d", MAX_URI_COUNT);
137 return ERR_URI_LIST_OUT_OF_RANGE;
138 }
139 MessageParcel data;
140 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
141 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
142 return INNER_ERR;
143 }
144 if (!WriteBatchUris(data, uriVec)) {
145 return INNER_ERR;
146 }
147 if (!data.WriteUint32(flag)) {
148 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write flag failed");
149 return INNER_ERR;
150 }
151 if (!data.WriteString(targetBundleName)) {
152 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write targetBundleName failed");
153 return INNER_ERR;
154 }
155 if (!data.WriteInt32(appIndex)) {
156 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write appIndex failed");
157 return INNER_ERR;
158 }
159 if (!data.WriteUint32(initiatorTokenId)) {
160 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write initiatorTokenId failed");
161 return INNER_ERR;
162 }
163 if (!data.WriteInt32(hideSensitiveType)) {
164 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write hideSensitiveType failed");
165 return INNER_ERR;
166 }
167 MessageParcel reply;
168 MessageOption option;
169 int error = SendTransactCmd(UriPermMgrCmd::ON_GRANT_URI_PERMISSION_PRIVILEGED, data, reply, option);
170 if (error != ERR_OK) {
171 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest failed, error:%{public}d", error);
172 return INNER_ERR;
173 }
174 return reply.ReadInt32();
175 }
176
RevokeAllUriPermissions(const uint32_t tokenId)177 int UriPermissionManagerProxy::RevokeAllUriPermissions(const uint32_t tokenId)
178 {
179 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
180 MessageParcel data;
181 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
182 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
183 return INNER_ERR;
184 }
185 if (!data.WriteUint32(tokenId)) {
186 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write AccessTokenID failed");
187 return INNER_ERR;
188 }
189 MessageParcel reply;
190 MessageOption option;
191 int error = SendTransactCmd(UriPermMgrCmd::ON_REVOKE_ALL_URI_PERMISSION, data, reply, option);
192 if (error != ERR_OK) {
193 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest fail, error:%{public}d", error);
194 return INNER_ERR;
195 }
196 return reply.ReadInt32();
197 }
198
RevokeUriPermissionManually(const Uri & uri,const std::string bundleName,int32_t appIndex)199 int UriPermissionManagerProxy::RevokeUriPermissionManually(const Uri &uri, const std::string bundleName,
200 int32_t appIndex)
201 {
202 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
203 MessageParcel data;
204 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
205 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
206 return INNER_ERR;
207 }
208 if (!data.WriteParcelable(&uri)) {
209 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uri failed");
210 return INNER_ERR;
211 }
212 if (!data.WriteString(bundleName)) {
213 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write bundleName failed");
214 return INNER_ERR;
215 }
216 if (!data.WriteInt32(appIndex)) {
217 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write appIndex failed");
218 return INNER_ERR;
219 }
220 MessageParcel reply;
221 MessageOption option;
222 int error = SendTransactCmd(UriPermMgrCmd::ON_REVOKE_URI_PERMISSION_MANUALLY, data, reply, option);
223 if (error != ERR_OK) {
224 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest fail, error:%{public}d", error);
225 return INNER_ERR;
226 }
227 return reply.ReadInt32();
228 }
229
VerifyUriPermission(const Uri & uri,uint32_t flag,uint32_t tokenId)230 bool UriPermissionManagerProxy::VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId)
231 {
232 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
233 MessageParcel data;
234 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
235 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
236 return false;
237 }
238 if (!data.WriteParcelable(&uri)) {
239 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uri failed");
240 return false;
241 }
242 if (!data.WriteUint32(flag)) {
243 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write flag failed");
244 return false;
245 }
246 if (!data.WriteUint32(tokenId)) {
247 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write tokenId failed");
248 return false;
249 }
250 MessageParcel reply;
251 MessageOption option;
252 int error = SendTransactCmd(UriPermMgrCmd::ON_VERIFY_URI_PERMISSION, data, reply, option);
253 if (error != ERR_OK) {
254 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest fail, error:%{public}d", error);
255 return false;
256 }
257 return reply.ReadBool();
258 }
259
CheckUriAuthorization(const std::vector<std::string> & uriVec,uint32_t flag,uint32_t tokenId)260 std::vector<bool> UriPermissionManagerProxy::CheckUriAuthorization(const std::vector<std::string> &uriVec,
261 uint32_t flag, uint32_t tokenId)
262 {
263 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
264 std::vector<bool> result(uriVec.size(), false);
265 if (uriVec.empty() || uriVec.size() > MAX_URI_COUNT) {
266 TAG_LOGE(AAFwkTag::URIPERMMGR, "uriVec empty or exceed maxSize %{public}d", MAX_URI_COUNT);
267 return result;
268 }
269 MessageParcel data;
270 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
271 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
272 return result;
273 }
274 if (!data.WriteUint32(uriVec.size())) {
275 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uris size failed");
276 return result;
277 }
278 if (!data.WriteStringVector(uriVec)) {
279 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write uris failed");
280 return result;
281 }
282 if (!data.WriteUint32(flag)) {
283 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write flag failed");
284 return result;
285 }
286 if (!data.WriteUint32(tokenId)) {
287 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write tokenId failed");
288 return result;
289 }
290 MessageParcel reply;
291 MessageOption option;
292 int error = SendTransactCmd(UriPermMgrCmd::ON_CHECK_URI_AUTHORIZATION, data, reply, option);
293 if (error != ERR_OK) {
294 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest error:%{public}d", error);
295 return result;
296 }
297 auto size = reply.ReadUint32();
298 if (size > CYCLE_LIMIT) {
299 TAG_LOGE(AAFwkTag::URIPERMMGR, "Reply size too large");
300 return result;
301 }
302 for (auto i = 0; i < static_cast<int32_t>(size); i++) {
303 result[i] = reply.ReadBool();
304 }
305 return result;
306 }
307
SendTransactCmd(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)308 int32_t UriPermissionManagerProxy::SendTransactCmd(uint32_t code, MessageParcel &data,
309 MessageParcel &reply, MessageOption &option)
310 {
311 sptr<IRemoteObject> remote = Remote();
312 if (remote == nullptr) {
313 TAG_LOGE(AAFwkTag::URIPERMMGR, "remoteObject null");
314 return ERR_NULL_OBJECT;
315 }
316
317 int32_t ret = remote->SendRequest(code, data, reply, option);
318 if (ret != NO_ERROR) {
319 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest failed. code:%{public}d, ret:%{public}d", code, ret);
320 return ret;
321 }
322 return NO_ERROR;
323 }
324
ClearPermissionTokenByMap(const uint32_t tokenId)325 int UriPermissionManagerProxy::ClearPermissionTokenByMap(const uint32_t tokenId)
326 {
327 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
328 MessageParcel data;
329 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
330 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
331 return INNER_ERR;
332 }
333 if (!data.WriteUint32(tokenId)) {
334 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write AccessTokenID failed");
335 return INNER_ERR;
336 }
337 MessageParcel reply;
338 MessageOption option;
339 int error = SendTransactCmd(UriPermMgrCmd::ON_CLEAR_PERMISSION_TOKEN_BY_MAP, data, reply, option);
340 if (error != ERR_OK) {
341 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest fail, error:%{public}d", error);
342 return INNER_ERR;
343 }
344 return reply.ReadInt32();
345 }
346
347 #ifdef ABILITY_RUNTIME_FEATURE_SANDBOXMANAGER
Active(const std::vector<PolicyInfo> & policy,std::vector<uint32_t> & result)348 int UriPermissionManagerProxy::Active(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result)
349 {
350 TAG_LOGD(AAFwkTag::URIPERMMGR, "call");
351 if (policy.empty() || policy.size() > MAX_URI_COUNT) {
352 TAG_LOGE(AAFwkTag::URIPERMMGR, "uriVec empty or exceed maxSize %{public}d", MAX_URI_COUNT);
353 return ERR_URI_LIST_OUT_OF_RANGE;
354 }
355 MessageParcel data;
356 if (!data.WriteInterfaceToken(IUriPermissionManager::GetDescriptor())) {
357 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write interfaceToken failed");
358 return INNER_ERR;
359 }
360 if (!data.WriteUint32(policy.size())) {
361 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write size of policy failed");
362 return INNER_ERR;
363 }
364 for (const auto &policyInfo : policy) {
365 if (!data.WriteString(policyInfo.path)) {
366 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write policy path failed");
367 return INNER_ERR;
368 }
369 if (!data.WriteUint64(policyInfo.mode)) {
370 TAG_LOGE(AAFwkTag::URIPERMMGR, "Write policy mode failed");
371 return INNER_ERR;
372 }
373 }
374 MessageParcel reply;
375 MessageOption option;
376 int error = SendTransactCmd(UriPermMgrCmd::ON_ACTIVE, data, reply, option);
377 if (error != ERR_OK) {
378 TAG_LOGE(AAFwkTag::URIPERMMGR, "SendRequest fail, error:%{public}d", error);
379 return INNER_ERR;
380 }
381 if (!reply.ReadUInt32Vector(&result)) {
382 TAG_LOGE(AAFwkTag::URIPERMMGR, "ReadUInt32Vector failed");
383 return INNER_ERR;
384 }
385 return reply.ReadInt32();
386 }
387 #endif // ABILITY_RUNTIME_FEATURE_SANDBOXMANAGER
388 } // namespace AAFwk
389 } // namespace OHOS
390