1 /* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef I_ACCESSTOKEN_MANAGER_H 17 #define I_ACCESSTOKEN_MANAGER_H 18 19 #include <string> 20 #include <unordered_set> 21 22 #include "access_token.h" 23 #include "accesstoken_service_ipc_interface_code.h" 24 #include "atm_tools_param_info_parcel.h" 25 #include "errors.h" 26 #include "hap_base_info_parcel.h" 27 #include "hap_info_parcel.h" 28 #include "hap_policy_parcel.h" 29 #include "hap_token_info_for_sync_parcel.h" 30 #include "hap_token_info_parcel.h" 31 #include "iremote_broker.h" 32 #include "i_permission_state_callback.h" 33 #include "native_token_info_parcel.h" 34 #include "permission_def_parcel.h" 35 #include "permission_grant_info_parcel.h" 36 #include "permission_list_state_parcel.h" 37 #include "permission_status_parcel.h" 38 #include "permission_state_change_scope_parcel.h" 39 #include "system_ability_definition.h" 40 41 namespace OHOS { 42 namespace Security { 43 namespace AccessToken { 44 class IAccessTokenManager : public IRemoteBroker { 45 public: 46 static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = ACCESS_TOKEN_MANAGER_SERVICE_ID; 47 48 DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager"); 49 50 virtual PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName) = 0; 51 virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0; 52 virtual int VerifyAccessToken(AccessTokenID tokenID, 53 const std::vector<std::string>& permissionList, std::vector<int32_t>& permStateList) = 0; 54 virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; 55 virtual int GetReqPermissions( 56 AccessTokenID tokenID, std::vector<PermissionStatusParcel>& reqPermList, bool isSystemGrant) = 0; 57 virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) = 0; 58 virtual int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, 59 int32_t userID = 0) = 0; 60 virtual int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, 61 int32_t userID = 0) = 0; 62 virtual int32_t RequestAppPermOnSetting(AccessTokenID tokenID) = 0; 63 virtual PermissionOper GetSelfPermissionsState(std::vector<PermissionListStateParcel>& permListParcel, 64 PermissionGrantInfoParcel& infoParcel) = 0; 65 virtual int32_t GetPermissionsStatus( 66 AccessTokenID tokenID, std::vector<PermissionListStateParcel>& permListParcel) = 0; 67 virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0; 68 virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) = 0; 69 virtual int GrantPermissionForSpecifiedTime( 70 AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) = 0; 71 virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0; 72 virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0; 73 virtual int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, 74 AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) = 0; 75 virtual int DeleteToken(AccessTokenID tokenID) = 0; 76 virtual int GetTokenType(AccessTokenID tokenID) = 0; 77 virtual AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) = 0; 78 virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0; 79 virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0; 80 virtual int32_t GetTokenIDByUserID(int32_t userID, std::unordered_set<AccessTokenID>& tokenIdList) = 0; 81 virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0; 82 virtual int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, 83 const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) = 0; 84 virtual int32_t RegisterPermStateChangeCallback( 85 const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) = 0; 86 virtual int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0; 87 virtual int32_t RegisterSelfPermStateChangeCallback(const PermStateChangeScopeParcel& scope, 88 const sptr<IRemoteObject>& callback) = 0; 89 virtual int32_t UnRegisterSelfPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0; 90 #ifndef ATM_BUILD_VARIANT_USER_ENABLE 91 virtual int32_t ReloadNativeTokenInfo() = 0; 92 #endif 93 virtual int GetHapTokenInfoExtension(AccessTokenID tokenID, 94 HapTokenInfoParcel& hapTokenInfoRes, std::string& appID) = 0; 95 virtual AccessTokenID GetNativeTokenId(const std::string& processName) = 0; 96 97 #ifdef TOKEN_SYNC_ENABLE 98 virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, 99 HapTokenInfoForSyncParcel& hapSyncParcel) = 0; 100 virtual int SetRemoteHapTokenInfo(const std::string& deviceID, 101 HapTokenInfoForSyncParcel& hapSyncParcel) = 0; 102 virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; 103 virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0; 104 virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; 105 virtual int32_t RegisterTokenSyncCallback(const sptr<IRemoteObject>& callback) = 0; 106 virtual int32_t UnRegisterTokenSyncCallback() = 0; 107 #endif 108 virtual int32_t GetKernelPermissions( 109 AccessTokenID tokenId, std::vector<PermissionWithValue>& kernelPermList) = 0; 110 virtual int32_t GetReqPermissionByName( 111 AccessTokenID tokenId, const std::string& permissionName, std::string& value) = 0; 112 virtual int SetPermDialogCap(const HapBaseInfoParcel& hapBaseInfoParcel, bool enable) = 0; 113 virtual int32_t InitUserPolicy( 114 const std::vector<UserState>& userList, const std::vector<std::string>& permList) = 0; 115 virtual int32_t UpdateUserPolicy(const std::vector<UserState>& userList) = 0; 116 virtual int32_t ClearUserPolicy() = 0; 117 virtual void DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& tokenInfo) = 0; 118 virtual int32_t GetVersion(uint32_t& version) = 0; 119 virtual void GetPermissionManagerInfo(PermissionGrantInfoParcel& infoParcel) = 0; 120 }; 121 } // namespace AccessToken 122 } // namespace Security 123 } // namespace OHOS 124 125 #endif // I_ACCESSTOKEN_MANAGER_H 126