1 /* 2 * Copyright (C) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 #ifndef MEDIALIBRARY_PERMISSION_UTILS_H 16 #define MEDIALIBRARY_PERMISSION_UTILS_H 17 18 #include <array> 19 #include <list> 20 #include <string> 21 #include <unordered_map> 22 #include <vector> 23 #include <thread> 24 #include <mutex> 25 26 #include "bundle_mgr_interface.h" 27 #include "userfile_manager_types.h" 28 #include "permission_used_type.h" 29 #include "privacy_kit.h" 30 #include "tokenid_kit.h" 31 32 namespace OHOS { 33 namespace Media { 34 #define COMPILE_HIDDEN __attribute__ ((visibility ("hidden"))) 35 const std::string PERMISSION_NAME_READ_MEDIA = "ohos.permission.READ_MEDIA"; 36 const std::string PERMISSION_NAME_WRITE_MEDIA = "ohos.permission.WRITE_MEDIA"; 37 const std::string PERMISSION_NAME_MEDIA_LOCATION = "ohos.permission.MEDIA_LOCATION"; 38 const std::string PERM_READ_IMAGEVIDEO = "ohos.permission.READ_IMAGEVIDEO"; 39 const std::string PERM_READ_AUDIO = "ohos.permission.READ_AUDIO"; 40 const std::string PERM_READ_DOCUMENT = "ohos.permission.READ_DOCUMENT"; 41 const std::string PERM_WRITE_IMAGEVIDEO = "ohos.permission.WRITE_IMAGEVIDEO"; 42 const std::string PERM_WRITE_AUDIO = "ohos.permission.WRITE_AUDIO"; 43 const std::string PERM_WRITE_DOCUMENT = "ohos.permission.WRITE_DOCUMENT"; 44 const std::string PERM_MANAGE_PRIVATE_PHOTOS = "ohos.permission.MANAGE_PRIVATE_PHOTOS"; 45 const std::string PERM_SHORT_TERM_WRITE_IMAGEVIDEO = "ohos.permission.SHORT_TERM_WRITE_IMAGEVIDEO"; 46 const std::string PERM_INTERACT_ACROSS_LOCAL_ACCOUNTS = "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS"; 47 const std::string E_POLICY = "E"; 48 constexpr int SHORT_TERM_PERMISSION_DURATION_300S = 300; 49 50 enum SaveType { 51 SHORT_IMAGE_PERM = 0, 52 }; 53 54 const std::vector<std::string> WRITE_PERMS_V10 = { 55 PERM_WRITE_IMAGEVIDEO, 56 PERM_WRITE_AUDIO, 57 PERM_WRITE_DOCUMENT 58 }; 59 60 struct BundleInfo { 61 std::string bundleName; 62 std::string packageName; 63 std::string appId; 64 uint32_t tokenId {0}; 65 std::string ownerAlbumId; 66 }; 67 68 class PermissionUtils { 69 public: 70 static bool CheckCallerPermission(const std::string &permission); 71 static bool CheckCallerPermission(const std::string &permission, const int &uid); 72 static bool CheckCallerPermission(const std::vector<std::string> &perms); 73 static bool CheckHasPermission(const std::vector<std::string> &perms); 74 static void GetClientBundle(const int uid, std::string &bundleName); 75 static void GetPackageName(const int uid, std::string &packageName); 76 static uint32_t GetTokenId(); 77 static bool IsSystemApp(); 78 static bool IsNativeSAApp(); 79 static bool IsRootShell(); 80 static bool IsHdcShell(); 81 static bool CheckIsSystemAppByUid(); 82 static std::string GetPackageNameByBundleName(const std::string &bundleName); 83 static std::string GetAppIdByBundleName(const std::string &bundleName); 84 static std::string GetAppIdByBundleName(const std::string &bundleName, int32_t uid); 85 static bool CheckPhotoCallerPermission(const std::vector<std::string> &perms); 86 static bool CheckPhotoCallerPermission(const std::string &permission); 87 static bool CheckPhotoCallerPermission(const std::string &permission, 88 const Security::AccessToken::AccessTokenID &tokenCaller); 89 static bool CheckPhotoCallerPermission(const std::vector<std::string> &perms, const int &uid, 90 Security::AccessToken::AccessTokenID &tokenCaller); 91 static void CollectPermissionInfo(const std::string &permission, const bool permGranted, 92 const Security::AccessToken::PermissionUsedType type); 93 static void CollectPermissionInfo(const std::string &permission, const bool permGranted, 94 const Security::AccessToken::PermissionUsedType type, const int &uid); 95 static void ClearBundleInfoInCache(); 96 static bool SetEPolicy(); 97 static int64_t GetMainTokenId(const std::string &appId, int64_t &tokenId); 98 99 private: 100 static sptr<AppExecFwk::IBundleMgr> GetSysBundleManager(); 101 COMPILE_HIDDEN static sptr<AppExecFwk::IBundleMgr> bundleMgr_; 102 COMPILE_HIDDEN static std::mutex bundleMgrMutex_; 103 static void GetBundleNameFromCache(int uid, std::string &bundleName); 104 static void GetPackageNameFromCache(int uid, const std::string &bundleName, std::string &packageName); 105 static void GetAppIdFromCache(int uid, const std::string &bundleName, std::string &appId); 106 static void UpdateLatestBundleInfo(int uid, const BundleInfo &bundleInfo); 107 static void UpdateBundleNameInCache(int uid, const std::string &bundleName); 108 static void UpdatePackageNameInCache(int uid, const std::string &packageName); 109 static void UpdateAppIdInCache(int uid, const std::string &appId); 110 static bool GetTokenCallerForUid(const int &uid, Security::AccessToken::AccessTokenID &tokenCaller); 111 static std::mutex uninstallMutex_; 112 static std::list<std::pair<int32_t, BundleInfo>> bundleInfoList_; // 用来快速获取使用频率最低的uid 113 static std::unordered_map<int32_t, std::list<std::pair<int32_t, BundleInfo>>::iterator> bundleInfoMap_; 114 }; 115 } // namespace Media 116 } // namespace OHOS 117 #endif // MEDIALIBRARY_PERMISSION_UTILS_H 118