1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_CLIENT_H 17 #define OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_CLIENT_H 18 19 #include <functional> 20 21 #include "uri.h" 22 #include "uri_permission_manager_interface.h" 23 24 namespace OHOS { 25 namespace AAFwk { 26 using ClearProxyCallback = std::function<void()>; 27 class UriPermissionManagerClient { 28 public: 29 static UriPermissionManagerClient& GetInstance(); 30 ~UriPermissionManagerClient() = default; 31 32 /** 33 * @brief Authorize the uri permission of to targetBundleName. 34 * @param uri The file uri, not support content uri. 35 * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION. 36 * @param targetBundleName The user of uri. 37 */ 38 int GrantUriPermission(const Uri &uri, unsigned int flag, const std::string targetBundleName, int32_t appIndex = 0, 39 uint32_t initiatorTokenId = 0); 40 41 /** 42 * @brief Authorize the uri permission of to targetBundleName. 43 * @param uriVec The file uri list. 44 * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION. 45 * @param targetBundleName The user of uri. 46 */ 47 int GrantUriPermission(const std::vector<Uri> &uriVec, unsigned int flag, const std::string targetBundleName, 48 int32_t appIndex = 0, uint32_t initiatorTokenId = 0); 49 50 /** 51 * @brief Authorize the uri permission to targetBundleName. 52 * @param uriVec The file urilist. 53 * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION. 54 * @param targetBundleName The user of uri. 55 * @param appIndex The index of application in sandbox. 56 * @param initiatorTokenId The initial caller tokenId, only for foundation. 57 * @param hideSensitiveType The hide sensitive type, only for foundation. 58 * @return Returns ERR_OK if the authorization is successful, otherwise returns error code. 59 */ 60 int32_t GrantUriPermissionPrivileged(const std::vector<Uri> &uriVec, uint32_t flag, 61 const std::string &targetBundleName, int32_t appIndex = 0, uint32_t initiatorTokenId = 0, 62 int32_t hideSensitiveType = 0); 63 64 /** 65 * @brief Clear user's all uri authorization record with auto remove flag. 66 * 67 * @param tokenId A tokenId of an application. 68 */ 69 int RevokeAllUriPermissions(const uint32_t tokenId); 70 71 /** 72 * @brief Clear user's uri authorization record. 73 * 74 * @param uri The file uri. 75 * @param BundleName A BundleName of an application. 76 * @param appIndex The index of application in sandbox. 77 */ 78 int RevokeUriPermissionManually(const Uri &uri, const std::string bundleName, int32_t appIndex = 0); 79 80 /** 81 * @brief verify if tokenId have uri permission of flag, including temporary permission and persistable permission 82 * 83 * @param uri The file uri. 84 * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION. 85 * @param tokenId A tokenId of an application. 86 */ 87 bool VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId); 88 89 /** 90 * @brief verify if tokenId have uri permission of flag. 91 * @param uri The file uri, not support content uri. 92 * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION. 93 * @param tokenId A tokenId of an application. 94 */ 95 std::vector<bool> CheckUriAuthorization(const std::vector<std::string> &uriVec, uint32_t flag, uint32_t tokenId); 96 97 int32_t ClearPermissionTokenByMap(const uint32_t tokenId); 98 99 #ifdef ABILITY_RUNTIME_FEATURE_SANDBOXMANAGER 100 int32_t Active(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result); 101 #endif // ABILITY_RUNTIME_FEATURE_SANDBOXMANAGER 102 103 void OnLoadSystemAbilitySuccess(const sptr<IRemoteObject> &remoteObject); 104 void OnLoadSystemAbilityFail(); 105 private: 106 UriPermissionManagerClient() = default; 107 sptr<IUriPermissionManager> ConnectUriPermService(); 108 void ClearProxy(); 109 bool LoadUriPermService(); 110 void SetUriPermMgr(const sptr<IRemoteObject> &remoteObject); 111 sptr<IUriPermissionManager> GetUriPermMgr(); 112 DISALLOW_COPY_AND_MOVE(UriPermissionManagerClient); 113 114 class UpmsDeathRecipient : public IRemoteObject::DeathRecipient { 115 public: UpmsDeathRecipient(const ClearProxyCallback & proxy)116 explicit UpmsDeathRecipient(const ClearProxyCallback &proxy) : proxy_(proxy) {} 117 ~UpmsDeathRecipient() = default; 118 virtual void OnRemoteDied([[maybe_unused]] const wptr<IRemoteObject>& remote) override; 119 120 private: 121 ClearProxyCallback proxy_; 122 }; 123 124 private: 125 std::mutex mutex_; 126 std::mutex saLoadMutex_; 127 std::condition_variable loadSaVariable_; 128 bool saLoadFinished_ = false; 129 sptr<IUriPermissionManager> uriPermMgr_ = nullptr; 130 }; 131 } // namespace AAFwk 132 } // namespace OHOS 133 #endif // OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_CLIENT_H 134