1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "utils/extension_permissions_util.h"
17
18 #include "hilog_tag_wrapper.h"
19 #include "permission_verification.h"
20
21 namespace OHOS {
22 namespace AAFwk {
23
CheckSAPermission(const AppExecFwk::ExtensionAbilityType & extensionType)24 bool ExtensionPermissionsUtil::CheckSAPermission(const AppExecFwk::ExtensionAbilityType &extensionType)
25 {
26 auto checkRet = false;
27 if (extensionType == AppExecFwk::ExtensionAbilityType::ASSET_ACCELERATION) {
28 return PermissionVerification::GetInstance()->VerifyCallingPermission(
29 "ohos.permission.CONNECT_ASSET_ACCELERATION_EXTENSION");
30 } else if (extensionType == AppExecFwk::ExtensionAbilityType::DISTRIBUTED) {
31 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
32 "ohos.permission.CONNECT_DISTRIBUTED_EXTENSION");
33 }
34 if (!PermissionVerification::GetInstance()->IsSACall()) {
35 return true;
36 }
37 TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckSAPermission, extensionType: %{public}d.", extensionType);
38 if (extensionType == AppExecFwk::ExtensionAbilityType::FORM) {
39 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
40 "ohos.permission.CONNECT_FORM_EXTENSION");
41 } else if (extensionType == AppExecFwk::ExtensionAbilityType::WORK_SCHEDULER) {
42 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
43 "ohos.permission.CONNECT_WORK_SCHEDULER_EXTENSION");
44 } else if (extensionType == AppExecFwk::ExtensionAbilityType::INPUTMETHOD) {
45 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
46 "ohos.permission.CONNECT_INPUT_METHOD_EXTENSION");
47 } else if (extensionType == AppExecFwk::ExtensionAbilityType::ACCESSIBILITY) {
48 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
49 "ohos.permission.CONNECT_ACCESSIBILITY_EXTENSION");
50 } else if (extensionType == AppExecFwk::ExtensionAbilityType::STATICSUBSCRIBER) {
51 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
52 "ohos.permission.CONNECT_STATIC_SUBSCRIBER_EXTENSION");
53 } else if (extensionType == AppExecFwk::ExtensionAbilityType::WALLPAPER) {
54 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
55 "ohos.permission.CONNECT_WALLPAPER_EXTENSION");
56 } else if (extensionType == AppExecFwk::ExtensionAbilityType::BACKUP) {
57 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
58 "ohos.permission.CONNECT_BACKUP_EXTENSION");
59 } else if (extensionType == AppExecFwk::ExtensionAbilityType::ENTERPRISE_ADMIN) {
60 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
61 "ohos.permission.CONNECT_ENTERPRISE_ADMIN_EXTENSION");
62 } else if (extensionType == AppExecFwk::ExtensionAbilityType::PRINT) {
63 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
64 "ohos.permission.CONNECT_PRINT_EXTENSION");
65 } else {
66 checkRet = CheckSAPermissionMore(extensionType);
67 }
68 if (!checkRet) {
69 TAG_LOGE(AAFwkTag::ABILITYMGR, "SA connect permission verification failed.");
70 return false;
71 }
72
73 return true;
74 }
75
CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType & extensionType)76 bool ExtensionPermissionsUtil::CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType &extensionType)
77 {
78 auto checkRet = false;
79 if (extensionType == AppExecFwk::ExtensionAbilityType::VPN) {
80 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
81 "ohos.permission.CONNECT_VPN_EXTENSION");
82 } else if (extensionType == AppExecFwk::ExtensionAbilityType::FILEACCESS_EXTENSION) {
83 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
84 "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION");
85 } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_NOTIFICATION) {
86 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
87 "ohos.permission.CONNECT_REMOTE_NOTIFICATION_EXTENSION");
88 } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_LOCATION) {
89 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
90 "ohos.permission.CONNECT_REMOTE_LOCATION_EXTENSION");
91 } else if (extensionType == AppExecFwk::ExtensionAbilityType::PUSH) {
92 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
93 "ohos.permission.CONNECT_PUSH_EXTENSION");
94 } else if (extensionType == AppExecFwk::ExtensionAbilityType::VOIP) {
95 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
96 "ohos.permission.CONNECT_VOIP_EXTENSION");
97 } else {
98 TAG_LOGI(AAFwkTag::ABILITYMGR, "No permission needed for type %{public}d.", extensionType);
99 return true;
100 }
101
102 return checkRet;
103 }
104
105 } // namespace AAFwk
106 } // namespace OHOS
107