• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 /**
17  * @addtogroup Privacy
18  * @{
19  *
20  * @brief Provides sensitive permissions access management.
21  *
22  * @since 8.0
23  * @version 8.0
24  */
25 
26 /**
27  * @file privacy_kit.h
28  *
29  * @brief Declares PrivacyKit interfaces.
30  *
31  * @since 8.0
32  * @version 8.0
33  */
34 
35 #ifndef INTERFACES_INNER_KITS_PRIVACY_KIT_H
36 #define INTERFACES_INNER_KITS_PRIVACY_KIT_H
37 
38 #include <string>
39 
40 #include "access_token.h"
41 #include "add_perm_param_info.h"
42 #include "on_permission_used_record_callback.h"
43 #include "permission_used_request.h"
44 #include "permission_used_result.h"
45 #include "permission_used_type_info.h"
46 #include "perm_active_status_customized_cbk.h"
47 #include "privacy_param.h"
48 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
49 #include "sec_comp_enhance_data.h"
50 #endif
51 #include "state_customized_cbk.h"
52 
53 namespace OHOS {
54 namespace Security {
55 namespace AccessToken {
56 /**
57  * @brief Declares PrivacyKit class
58  */
59 class PrivacyKit {
60 public:
61     /**
62      * @brief Add input tokenID access input permission record.
63      * @param tokenID token id
64      * @param permissionName permission nanme
65      * @param successCount access success count
66      * @param failCount fail success count
67      * @return error code, see privacy_error.h
68      */
69     static int32_t AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName,
70         int32_t successCount, int32_t failCount, bool asyncMode = false);
71     /**
72      * @brief Add input tokenID access input permission record.
73      * @param info struct AddPermParamInfo, see add_perm_param_info.h
74      * @param asyncMode ipc wait type, true means sync waiting, false means async waiting
75      * @return error code, see privacy_error.h
76      */
77     static int32_t AddPermissionUsedRecord(const AddPermParamInfo& info, bool asyncMode = false);
78     /**
79      * @brief Set permission used record toggle status.
80      * @param userID the userID
81      * @param status permission used record toggle status, true means record, false means not record
82      * @return error code, see privacy_error.h
83      */
84     static int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status);
85     /**
86      * @brief Get permission used record toggle status.
87      * @param userID the userID
88      * @param status permission used record toggle status, true means record, false means not record
89      * @return error code, see privacy_error.h
90      */
91     static int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status);
92     /**
93      * @brief Input tokenID start using input permission.
94      * @param tokenID token id
95      * @param permissionName permission nanme
96      * @return error code, see privacy_error.h
97      */
98     static int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid = -1,
99         PermissionUsedType type = PermissionUsedType::NORMAL_TYPE);
100     /**
101      * @brief Input tokenID start using input permission and return by callback,
102      *        only those services which has float window such as camera or
103      *        microphone can use this interface.
104      * @param tokenID token id
105      * @param permissionName permission nanme
106      * @param callback StateCustomizedCbk nanme
107      * @return error code, see privacy_error.h
108      */
109     static int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName,
110         const std::shared_ptr<StateCustomizedCbk>& callback, int32_t pid = -1,
111         PermissionUsedType type = PermissionUsedType::NORMAL_TYPE);
112     /**
113      * @brief Input tokenID stop using input permission.
114      * @param tokenID token id
115      * @param permissionName permission nanme
116      * @return error code, see privacy_error.h
117      */
118     static int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid = -1);
119     /**
120      * @brief Remove input tokenID sensitive permission used records.
121      * @param tokenID token id
122      * @return error code, see privacy_error.h
123      */
124     static int32_t RemovePermissionUsedRecords(AccessTokenID tokenID);
125     /**
126      * @brief Get sensitive permission used records.
127      * @param request PermissionUsedRequest quote
128      * @param result PermissionUsedResult quote, as query result
129      * @return error code, see privacy_error.h
130      */
131     static int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result);
132     /**
133      * @brief Get sensitive permission used records.
134      * @param request PermissionUsedRequest quote
135      * @param callback OnPermissionUsedRecordCallback smart pointer quote
136      * @return error code, see privacy_error.h
137      */
138     static int32_t GetPermissionUsedRecords(
139         const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback);
140     /**
141      * @brief Register sensitive permission active status change callback.
142      * @param callback PermActiveStatusCustomizedCbk smark pointer quote
143      * @return error code, see privacy_error.h
144      */
145     static int32_t RegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback);
146     /**
147      * @brief Unregister sensitive permission active status change callback.
148      * @param callback PermActiveStatusCustomizedCbk smark pointer quote
149      * @return error code, see privacy_error.h
150      */
151     static int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback);
152     /**
153      * @brief Judge whether the input tokenID can use the input permission or not.
154      * @param tokenID token id
155      * @param permissionName permission nanme
156      * @return true means allow to user the permission, false means not allow
157      */
158     static bool IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName, int32_t pid = -1);
159 
160 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
161     /**
162      * @brief Register security component enhance data when security component service did not start
163      * @param enhance enhance data
164      * @return error code, see privacy_error.h
165      */
166     static int32_t RegisterSecCompEnhance(const SecCompEnhanceData& enhance);
167     /**
168      * @brief update security component enhance data
169      * @param pid process id
170      * @param seqNum sequence number
171      * @return error code, see privacy_error.h
172      */
173     static int32_t UpdateSecCompEnhance(int32_t pid, uint32_t seqNum);
174     /**
175      * @brief get security component enhance data
176      * @param pid process id
177      * @param enhance enhance data
178      * @return error code, see privacy_error.h
179      */
180     static int32_t GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance);
181     /**
182      * @brief get special security component enhance data
183      * @param bundleName bundle name
184      * @param enhanceList enhance data
185      * @return error code, see privacy_error.h
186      */
187     static int32_t GetSpecialSecCompEnhance(const std::string& bundleName,
188         std::vector<SecCompEnhanceData>& enhanceList);
189 #endif
190     /**
191      * @brief query permission used type.
192      * @param tokenId token id, if 0 return all tokenIds
193      * @param permissionName permission name, if null return all permissions
194      * @param results query result as PermissionUsedTypeInfo array
195      * @return error code, see privacy_error.h
196      */
197     static int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName,
198         std::vector<PermissionUsedTypeInfo>& results);
199 
200     /**
201      * @brief try set mute policy.
202      * @param policyType policy type, see privacy_param.h
203      * @param caller caller type, see privacy_param.h
204      * @param isMute mute or unmute
205      * @param tokenID when policyType is EDM, this param should be first caller token id,
206      *                when policyType is not EDM, this param will be ignore.
207      * @return error code, see privacy_error.h
208      */
209     static int32_t SetMutePolicy(uint32_t policyType, uint32_t callerType, bool isMute, AccessTokenID tokenID);
210 
211     /**
212      * @brief try set background visit policy.
213      * @param tokenId token id
214      * @param isAllowed allow or disallow
215      * @return error code, see privacy_error.h
216      */
217     static int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed);
218 };
219 } // namespace AccessToken
220 } // namespace Security
221 } // namespace OHOS
222 #endif
223