• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef SERVICES_EDM_INCLUDE_EDM_PERMISSION_CHECKER_H
17 #define SERVICES_EDM_INCLUDE_EDM_PERMISSION_CHECKER_H
18 
19 #include <map>
20 #include <string>
21 #include <vector>
22 
23 #include "admin.h"
24 #include "admin_type.h"
25 #include "external_manager_factory.h"
26 #include "iexternal_manager_factory.h"
27 #include "iplugin.h"
28 #include "singleton.h"
29 
30 namespace OHOS {
31 namespace EDM {
32 class PermissionChecker : public std::enable_shared_from_this<PermissionChecker> {
33 public:
34     static std::shared_ptr<PermissionChecker> GetInstance();
35 
36     ErrCode CheckCallerPermission(std::shared_ptr<Admin> admin, const std::string &permission, bool isNeedSuperAdmin);
37 
38     ErrCode CheckCallingUid(const std::string &bundleName);
39 
40     ErrCode CheckSystemCalling(IPlugin::ApiType apiType, const std::string &permissionTag);
41 
42     ErrCode GetAllPermissionsByAdmin(const std::string &bundleInfoName, AdminType adminType, int32_t userId,
43         std::vector<std::string> &permissionList);
44 
45     ErrCode CheckHandlePolicyPermission(FuncOperateType operateType, const std::string &bundleName,
46         const std::string &policyName, const std::string &permissionName, int32_t userId);
47 
48     ErrCode CheckAndUpdatePermission(std::shared_ptr<Admin> admin, Security::AccessToken::AccessTokenID tokenId,
49         const std::string &permission, int32_t userId);
50 
51     bool CheckElementNullPermission(uint32_t code, const std::string &permissionName);
52 
53     bool CheckIsDebug();
54     bool CheckIsSystemAppOrNative();
55     bool CheckSpecialPolicyCallQuery(uint32_t code);
56     bool VerifyCallingPermission(Security::AccessToken::AccessTokenID tokenId, const std::string &permissionName);
57     virtual std::shared_ptr<IExternalManagerFactory> GetExternalManagerFactory();
58     virtual ~PermissionChecker() = default;
59 
60     IPlugin::PermissionType AdminTypeToPermissionType(AdminType adminType);
61     int32_t GetCurrentUserId();
62 
63 private:
64     PermissionChecker() = default;
65     static std::once_flag flag_;
66     static std::shared_ptr<PermissionChecker> instance_;
67     static std::vector<uint32_t> supportAdminNullPolicyCode_;
68     std::shared_ptr<IExternalManagerFactory> externalManagerFactory_ = std::make_shared<ExternalManagerFactory>();
69 };
70 } // namespace EDM
71 } // namespace OHOS
72 
73 #endif // SERVICES_EDM_INCLUDE_EDM_PERMISSION_CHECKER_H
74