1/* 2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit DataProtectionKit 19 */ 20 21import type { AsyncCallback, Callback } from './@ohos.base'; 22import type common from './@ohos.app.ability.common'; 23import type Want from './@ohos.app.ability.Want'; 24 25/** 26 * Provides the capability to access the data loss prevention (DLP) files. 27 * 28 * @namespace dlpPermission 29 * @syscap SystemCapability.Security.DataLossPrevention 30 * @since 10 31 */ 32declare namespace dlpPermission { 33 /** 34 * Enumerates the types of actions that can be performed on a DLP file. 35 * 36 * @enum { number } 37 * @syscap SystemCapability.Security.DataLossPrevention 38 * @since 10 39 */ 40 export enum ActionFlagType { 41 /** 42 * View a DLP file. 43 * 44 * @syscap SystemCapability.Security.DataLossPrevention 45 * @since 10 46 */ 47 ACTION_VIEW = 0x00000001, 48 49 /** 50 * Save a DLP file. 51 * 52 * @syscap SystemCapability.Security.DataLossPrevention 53 * @since 10 54 */ 55 ACTION_SAVE = 0x00000002, 56 57 /** 58 * Save a DLP file as another file. 59 * 60 * @syscap SystemCapability.Security.DataLossPrevention 61 * @since 10 62 */ 63 ACTION_SAVE_AS = 0x00000004, 64 65 /** 66 * Edit a DLP file. 67 * 68 * @syscap SystemCapability.Security.DataLossPrevention 69 * @since 10 70 */ 71 ACTION_EDIT = 0x00000008, 72 73 /** 74 * Take a screenshot of a DLP file. 75 * 76 * @syscap SystemCapability.Security.DataLossPrevention 77 * @since 10 78 */ 79 ACTION_SCREEN_CAPTURE = 0x00000010, 80 81 /** 82 * Share the screen, on which a DLP file is opened. 83 * 84 * @syscap SystemCapability.Security.DataLossPrevention 85 * @since 10 86 */ 87 ACTION_SCREEN_SHARE = 0x00000020, 88 89 /** 90 * Record the screen, on which a DLP file is opened. 91 * 92 * @syscap SystemCapability.Security.DataLossPrevention 93 * @since 10 94 */ 95 ACTION_SCREEN_RECORD = 0x00000040, 96 97 /** 98 * Copy in the editor, on which a DLP file is opened. 99 * 100 * @syscap SystemCapability.Security.DataLossPrevention 101 * @since 10 102 */ 103 ACTION_COPY = 0x00000080, 104 105 /** 106 * Print a DLP file. 107 * 108 * @syscap SystemCapability.Security.DataLossPrevention 109 * @since 10 110 */ 111 ACTION_PRINT = 0x00000100, 112 113 /** 114 * Export a DLP file. 115 * 116 * @syscap SystemCapability.Security.DataLossPrevention 117 * @since 10 118 */ 119 ACTION_EXPORT = 0x00000200, 120 121 /** 122 * Change the permissions for a DLP file. 123 * 124 * @syscap SystemCapability.Security.DataLossPrevention 125 * @since 10 126 */ 127 ACTION_PERMISSION_CHANGE = 0x00000400 128 } 129 130 /** 131 * Enumerates the access permissions for a DLP file. 132 * 133 * @enum { number } 134 * @syscap SystemCapability.Security.DataLossPrevention 135 * @since 10 136 */ 137 export enum DLPFileAccess { 138 /** 139 * No permission. 140 * 141 * @syscap SystemCapability.Security.DataLossPrevention 142 * @since 10 143 */ 144 NO_PERMISSION = 0, 145 146 /** 147 * Read-only. 148 * 149 * @syscap SystemCapability.Security.DataLossPrevention 150 * @since 10 151 */ 152 READ_ONLY = 1, 153 154 /** 155 * Edit. 156 * 157 * @syscap SystemCapability.Security.DataLossPrevention 158 * @since 10 159 */ 160 CONTENT_EDIT = 2, 161 162 /** 163 * Full control. 164 * 165 * @syscap SystemCapability.Security.DataLossPrevention 166 * @since 10 167 */ 168 FULL_CONTROL = 3 169 } 170 171 /** 172 * Represents the permission info of a DLP file. 173 * 174 * @interface DLPPermissionInfo 175 * @syscap SystemCapability.Security.DataLossPrevention 176 * @since 10 177 */ 178 export interface DLPPermissionInfo { 179 /** 180 * Access permission for the DLP file. 181 * 182 * @type { DLPFileAccess } 183 * @syscap SystemCapability.Security.DataLossPrevention 184 * @since 10 185 */ 186 dlpFileAccess: DLPFileAccess; 187 188 /** 189 * Actions allowed for the DLP file. The value is a combination of flags in {@link ActionFlagType}. 190 * 191 * @type { number } 192 * @syscap SystemCapability.Security.DataLossPrevention 193 * @since 10 194 */ 195 flags: number; 196 } 197 198 /** 199 * Represents the accessed DLP file info. 200 * 201 * @interface AccessedDLPFileInfo 202 * @syscap SystemCapability.Security.DataLossPrevention 203 * @since 10 204 */ 205 export interface AccessedDLPFileInfo { 206 /** 207 * URI of the DLP file. 208 * 209 * @type { string } 210 * @syscap SystemCapability.Security.DataLossPrevention 211 * @since 10 212 */ 213 uri: string; 214 215 /** 216 * Time when the DLP file was last opened. 217 * 218 * @type { number } 219 * @syscap SystemCapability.Security.DataLossPrevention 220 * @since 10 221 */ 222 lastOpenTime: number; 223 } 224 225 /** 226 * Represents the retention sandbox info. 227 * 228 * @interface RetentionSandboxInfo 229 * @syscap SystemCapability.Security.DataLossPrevention 230 * @since 10 231 */ 232 export interface RetentionSandboxInfo { 233 /** 234 * Application index of the DLP sandbox. 235 * 236 * @type { number } 237 * @syscap SystemCapability.Security.DataLossPrevention 238 * @since 10 239 */ 240 appIndex: number; 241 242 /** 243 * Bundle name of the application. 244 * 245 * @type { string } 246 * @syscap SystemCapability.Security.DataLossPrevention 247 * @since 10 248 */ 249 bundleName: string; 250 251 /** 252 * List of file URIs. 253 * 254 * @type { Array<string> } 255 * @syscap SystemCapability.Security.DataLossPrevention 256 * @since 10 257 */ 258 docUris: Array<string>; 259 } 260 261 /** 262 * Checks whether a file is a DLP file. This method uses a promise to return the result. 263 * 264 * @param { number } fd - Indicates the file descriptor of the file to check. 265 * @returns { Promise<boolean> } Returns {@code true} if {@link fd} is a DLP file; returns {@code false} otherwise. 266 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 267 * 2. Incorrect parameter types. 268 * @throws { BusinessError } 19100001 - Invalid parameter value. 269 * @throws { BusinessError } 19100011 - The system ability works abnormally. 270 * @syscap SystemCapability.Security.DataLossPrevention 271 * @since 10 272 */ 273 function isDLPFile(fd: number): Promise<boolean>; 274 275 /** 276 * Checks whether a file is a DLP file. This method uses an asynchronous callback to return the result. 277 * 278 * @param { number } fd - Indicates the file descriptor of the file to check. 279 * @param { AsyncCallback<boolean> } callback - Indicates the callback of isDLPFile. 280 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 281 * 2. Incorrect parameter types. 282 * @throws { BusinessError } 19100001 - Invalid parameter value. 283 * @throws { BusinessError } 19100011 - The system ability works abnormally. 284 * @syscap SystemCapability.Security.DataLossPrevention 285 * @since 10 286 */ 287 function isDLPFile(fd: number, callback: AsyncCallback<boolean>): void; 288 289 /** 290 * Obtains the permission info of this DLP file. This method uses a promise to return the result. 291 * 292 * @returns { Promise<DLPPermissionInfo> } Returns the {@link DLPPermissionInfo}. 293 * @throws { BusinessError } 19100001 - Invalid parameter value. 294 * @throws { BusinessError } 19100006 - No permission to call this API, 295 * which is available only for DLP sandbox applications. 296 * @throws { BusinessError } 19100011 - The system ability works abnormally. 297 * @syscap SystemCapability.Security.DataLossPrevention 298 * @since 10 299 */ 300 function getDLPPermissionInfo(): Promise<DLPPermissionInfo>; 301 302 /** 303 * Obtains the permission info of this DLP file. This method uses an asynchronous callback to return the result. 304 * 305 * @param { AsyncCallback<DLPPermissionInfo> } callback - Indicates the callback of getDLPPermissionInfo. 306 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 307 * @throws { BusinessError } 19100001 - Invalid parameter value. 308 * @throws { BusinessError } 19100006 - No permission to call this API, 309 * which is available only for DLP sandbox applications. 310 * @throws { BusinessError } 19100011 - The system ability works abnormally. 311 * @syscap SystemCapability.Security.DataLossPrevention 312 * @since 10 313 */ 314 function getDLPPermissionInfo(callback: AsyncCallback<DLPPermissionInfo>): void; 315 316 /** 317 * Obtains the original file name from a DLP file name. This method removes the DLP file name extension from the DLP file name. 318 * 319 * @param { string } fileName - Indicates the DLP file name. 320 * @returns { string } Returns the original file name obtained. 321 * @throws { BusinessError } 19100001 - Invalid parameter value. 322 * @throws { BusinessError } 19100011 - The system ability works abnormally. 323 * @syscap SystemCapability.Security.DataLossPrevention 324 * @since 10 325 */ 326 function getOriginalFileName(fileName: string): string; 327 328 /** 329 * Obtains the DLP file name extension. 330 * 331 * @returns { string } Returns the DLP file name extension obtained. 332 * @throws { BusinessError } 19100011 - The system ability works abnormally. 333 * @syscap SystemCapability.Security.DataLossPrevention 334 * @since 10 335 */ 336 function getDLPSuffix(): string; 337 338 /** 339 * Subscribes to the event reported when a DLP file is opened by current application. 340 * 341 * @param { 'openDLPFile' } type - Indicates the type of the event to subscribe to. 342 * The value of type must be openDLPFile. 343 * @param { Callback<AccessedDLPFileInfo> } listener - Indicates the callback invoked when a DLP file is opened by current application. 344 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 345 * 2. Incorrect parameter types. 3. Parameter verification failed. 346 * @throws { BusinessError } 19100001 - Invalid parameter value. 347 * @throws { BusinessError } 19100007 - No permission to call this API, 348 * which is available only for non-DLP sandbox applications. 349 * @throws { BusinessError } 19100011 - The system ability works abnormally. 350 * @syscap SystemCapability.Security.DataLossPrevention 351 * @since 10 352 */ 353 function on(type: 'openDLPFile', listener: Callback<AccessedDLPFileInfo>): void; 354 355 /** 356 * Unsubscribes from the event reported when a DLP file is opened by current application. 357 * 358 * @param { 'openDLPFile' } type - Indicates the type of the event to unsubscribe from. 359 * The value of type must be openDLPFile. 360 * @param { Callback<AccessedDLPFileInfo> } listener - Indicates the callback invoked when a DLP file is opened by current application. 361 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 362 * 2. Incorrect parameter types. 3. Parameter verification failed. 363 * @throws { BusinessError } 19100001 - Invalid parameter value. 364 * @throws { BusinessError } 19100007 - No permission to call this API, 365 * which is available only for non-DLP sandbox applications. 366 * @throws { BusinessError } 19100011 - The system ability works abnormally. 367 * @syscap SystemCapability.Security.DataLossPrevention 368 * @since 10 369 */ 370 function off(type: 'openDLPFile', listener?: Callback<AccessedDLPFileInfo>): void; 371 372 /** 373 * Checks whether current application is in the DLP sandbox. This method uses a promise to return the result. 374 * 375 * @returns { Promise<boolean> } Returns {@code true} if current application is in a DLP sandbox; returns {@code false} otherwise. 376 * @throws { BusinessError } 19100001 - Invalid parameter value. 377 * @throws { BusinessError } 19100011 - The system ability works abnormally. 378 * @syscap SystemCapability.Security.DataLossPrevention 379 * @since 10 380 */ 381 function isInSandbox(): Promise<boolean>; 382 383 /** 384 * Checks whether current application is in the DLP sandbox. This method uses an asynchronous callback to return the result. 385 * 386 * @param { AsyncCallback<boolean> } callback - Indicates the callback of isInSandbox. 387 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 388 * @throws { BusinessError } 19100001 - Invalid parameter value. 389 * @throws { BusinessError } 19100011 - The system ability works abnormally. 390 * @syscap SystemCapability.Security.DataLossPrevention 391 * @since 10 392 */ 393 function isInSandbox(callback: AsyncCallback<boolean>): void; 394 395 /** 396 * Obtains the file types supported by DLP. This method uses a promise to return the result. 397 * 398 * @returns { Promise<Array<string>> } Returns the list of file types supported. 399 * @throws { BusinessError } 19100001 - Invalid parameter value. 400 * @throws { BusinessError } 19100011 - The system ability works abnormally. 401 * @syscap SystemCapability.Security.DataLossPrevention 402 * @since 10 403 */ 404 function getDLPSupportedFileTypes(): Promise<Array<string>>; 405 406 /** 407 * Obtains the file types supported by DLP. This method uses an asynchronous callback to return the result. 408 * 409 * @param { AsyncCallback<Array<string>> } callback - Indicates the callback of getDLPSupportedFileTypes. 410 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 411 * @throws { BusinessError } 19100001 - Invalid parameter value. 412 * @throws { BusinessError } 19100011 - The system ability works abnormally. 413 * @syscap SystemCapability.Security.DataLossPrevention 414 * @since 10 415 */ 416 function getDLPSupportedFileTypes(callback: AsyncCallback<Array<string>>): void; 417 418 /** 419 * Sets the retention status for the files specified by URI list. This method uses a promise to return the result. 420 * 421 * @param { Array<string> } docUris - Indicates the URIs of the files, for which the retention status is to set. 422 * @returns { Promise<void> } The promise returned by the function. 423 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 424 * 2. Incorrect parameter types. 425 * @throws { BusinessError } 19100001 - Invalid parameter value. 426 * @throws { BusinessError } 19100006 - No permission to call this API, 427 * which is available only for DLP sandbox applications. 428 * @throws { BusinessError } 19100011 - The system ability works abnormally. 429 * @syscap SystemCapability.Security.DataLossPrevention 430 * @since 10 431 */ 432 function setRetentionState(docUris: Array<string>): Promise<void>; 433 434 /** 435 * Sets the retention status for the files specified by URI list. This method uses an asynchronous callback to return the result. 436 * 437 * @param { Array<string> } docUris - Indicates the URIs of the files, for which the retention status is to set. 438 * @param { AsyncCallback<void> } callback - Indicates the callback of setRetentionState. 439 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 440 * 2. Incorrect parameter types. 441 * @throws { BusinessError } 19100001 - Invalid parameter value. 442 * @throws { BusinessError } 19100006 - No permission to call this API, 443 * which is available only for DLP sandbox applications. 444 * @throws { BusinessError } 19100011 - The system ability works abnormally. 445 * @syscap SystemCapability.Security.DataLossPrevention 446 * @since 10 447 */ 448 function setRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void; 449 450 /** 451 * Cancels the retention status for the files specified by URI list. This method uses a promise to return the result. 452 * 453 * @param { Array<string> } docUris - Indicates the list of the file URIs. 454 * @returns { Promise<void> } The promise returned by the function. 455 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 456 * 2. Incorrect parameter types. 457 * @throws { BusinessError } 19100001 - Invalid parameter value. 458 * @throws { BusinessError } 19100011 - The system ability works abnormally. 459 * @syscap SystemCapability.Security.DataLossPrevention 460 * @since 10 461 */ 462 function cancelRetentionState(docUris: Array<string>): Promise<void>; 463 464 /** 465 * Cancels the retention status for the files specified by URI list. This method uses an asynchronous callback to return the result. 466 * 467 * @param { Array<string> } docUris - Indicates the list of the file URIs. 468 * @param { AsyncCallback<void> } callback - Indicates the callback of cancelRetentionState. 469 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 470 * 2. Incorrect parameter types. 471 * @throws { BusinessError } 19100001 - Invalid parameter value. 472 * @throws { BusinessError } 19100011 - The system ability works abnormally. 473 * @syscap SystemCapability.Security.DataLossPrevention 474 * @since 10 475 */ 476 function cancelRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void; 477 478 /** 479 * Obtains information about the retained DLP sandboxes of an application. This method uses a promise to return the result. 480 * 481 * @param { string } bundleName - Indicates the bundle name of the application. 482 * @returns { Promise<Array<RetentionSandboxInfo>> } Returns a list of {@link RetentionSandboxInfo}. 483 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 484 * @throws { BusinessError } 19100001 - Invalid parameter value. 485 * @throws { BusinessError } 19100007 - No permission to call this API, 486 * which is available only for non-DLP sandbox applications. 487 * @throws { BusinessError } 19100011 - The system ability works abnormally. 488 * @syscap SystemCapability.Security.DataLossPrevention 489 * @since 10 490 */ 491 function getRetentionSandboxList(bundleName?: string): Promise<Array<RetentionSandboxInfo>>; 492 493 /** 494 * Obtains information about the retained DLP sandboxes of an application. This method uses an asynchronous callback to return the result. 495 * 496 * @param { string } bundleName - Indicates the bundle name of the application. 497 * @param { AsyncCallback<Array<RetentionSandboxInfo>> } callback - Indicates the callback of getRetentionSandboxList. 498 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 499 * @throws { BusinessError } 19100001 - Invalid parameter value. 500 * @throws { BusinessError } 19100007 - No permission to call this API, 501 * which is available only for non-DLP sandbox applications. 502 * @throws { BusinessError } 19100011 - The system ability works abnormally. 503 * @syscap SystemCapability.Security.DataLossPrevention 504 * @since 10 505 */ 506 function getRetentionSandboxList(bundleName: string, callback: AsyncCallback<Array<RetentionSandboxInfo>>): void; 507 508 /** 509 * Obtains information about the retained DLP sandboxes of an application. This method uses an asynchronous callback to return the result. 510 * 511 * @param { AsyncCallback<Array<RetentionSandboxInfo>> } callback - Indicates the callback of getRetentionSandboxList. 512 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 513 * @throws { BusinessError } 19100001 - Invalid parameter value. 514 * @throws { BusinessError } 19100007 - No permission to call this API, 515 * which is available only for non-DLP sandbox applications. 516 * @throws { BusinessError } 19100011 - The system ability works abnormally. 517 * @syscap SystemCapability.Security.DataLossPrevention 518 * @since 10 519 */ 520 function getRetentionSandboxList(callback: AsyncCallback<Array<RetentionSandboxInfo>>): void; 521 522 /** 523 * Obtains the DLP file access records. This method uses a promise to return the result. 524 * 525 * @returns { Promise<Array<AccessedDLPFileInfo>> } Returns a list of {@link AccessedDLPFileInfo}. 526 * @throws { BusinessError } 19100001 - Invalid parameter value. 527 * @throws { BusinessError } 19100007 - No permission to call this API, 528 * which is available only for non-DLP sandbox applications. 529 * @throws { BusinessError } 19100011 - The system ability works abnormally. 530 * @syscap SystemCapability.Security.DataLossPrevention 531 * @since 10 532 */ 533 function getDLPFileAccessRecords(): Promise<Array<AccessedDLPFileInfo>>; 534 535 /** 536 * Obtains the DLP file access records. This method uses an asynchronous callback to return the result. 537 * 538 * @param { AsyncCallback<Array<AccessedDLPFileInfo>> } callback - Indicates the callback of getDLPFileAccessRecords. 539 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 540 * @throws { BusinessError } 19100001 - Invalid parameter value. 541 * @throws { BusinessError } 19100007 - No permission to call this API, 542 * which is available only for non-DLP sandbox applications. 543 * @throws { BusinessError } 19100011 - The system ability works abnormally. 544 * @syscap SystemCapability.Security.DataLossPrevention 545 * @since 10 546 */ 547 function getDLPFileAccessRecords(callback: AsyncCallback<Array<AccessedDLPFileInfo>>): void; 548 549 /** 550 * Represents the return value of the function startDLPManagerForResult. 551 * 552 * @interface DLPManagerResult 553 * @syscap SystemCapability.Security.DataLossPrevention 554 * @StageModelOnly 555 * @since 11 556 */ 557 export interface DLPManagerResult { 558 /** 559 * Indicates the result code returned after the DLP manager is destroyed. 560 * 561 * @type { number } 562 * @syscap SystemCapability.Security.DataLossPrevention 563 * @StageModelOnly 564 * @since 11 565 */ 566 resultCode: number; 567 568 /** 569 * Indicates the data returned after the DLP manager is destroyed. 570 * 571 * @type { Want } 572 * @syscap SystemCapability.Security.DataLossPrevention 573 * @StageModelOnly 574 * @since 11 575 */ 576 want: Want; 577 } 578 579 /** 580 * Starts the DLP manager. This method uses a promise to return the result. 581 * 582 * @param { common.UIAbilityContext } context - Indicates the UIAbility context of the caller. 583 * @param { Want } want - Indicates the request to the DLP manager. 584 * @returns { Promise<DLPManagerResult> } Returns the {@link DLPManagerResult}. 585 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 586 * 2. Incorrect parameter types. 587 * @throws { BusinessError } 19100001 - Invalid parameter value. 588 * @throws { BusinessError } 19100011 - The system ability works abnormally. 589 * @throws { BusinessError } 19100016 - uri missing in want. 590 * @throws { BusinessError } 19100017 - displayName missing in want. 591 * @syscap SystemCapability.Security.DataLossPrevention 592 * @StageModelOnly 593 * @since 11 594 */ 595 function startDLPManagerForResult(context: common.UIAbilityContext, want: Want): Promise<DLPManagerResult>; 596 597 /** 598 * Enumerates the gathering policy types for DLP files. 599 * 600 * @enum { number } 601 * @syscap SystemCapability.Security.DataLossPrevention 602 * @systemapi Hide this for inner system use. 603 * @since 10 604 */ 605 export enum GatheringPolicyType { 606 /** 607 * Gathering, which allows multiple DLP files to be opened in a sandbox. 608 * 609 * @syscap SystemCapability.Security.DataLossPrevention 610 * @systemapi Hide this for inner system use. 611 * @since 10 612 */ 613 GATHERING = 1, 614 615 /** 616 * Non-gathering, which allows only one DLP file to be opened in a sandbox. 617 * 618 * @syscap SystemCapability.Security.DataLossPrevention 619 * @systemapi Hide this for inner system use. 620 * @since 10 621 */ 622 NON_GATHERING = 2 623 } 624 625 /** 626 * Obtains the DLP sandbox gathering policy. This method uses a promise to return the result. 627 * 628 * @permission ohos.permission.ACCESS_DLP_FILE 629 * @returns { Promise<GatheringPolicyType> } Returns the {@link GatheringPolicyType}. 630 * @throws { BusinessError } 201 - Permission denied. 631 * @throws { BusinessError } 202 - Non-system applications use system APIs. 632 * @throws { BusinessError } 19100001 - Invalid parameter value. 633 * @throws { BusinessError } 19100011 - The system ability works abnormally. 634 * @syscap SystemCapability.Security.DataLossPrevention 635 * @systemapi Hide this for inner system use. 636 * @since 10 637 */ 638 function getDLPGatheringPolicy(): Promise<GatheringPolicyType>; 639 640 /** 641 * Obtains the DLP sandbox gathering policy. This method uses an asynchronous callback to return the result. 642 * 643 * @permission ohos.permission.ACCESS_DLP_FILE 644 * @param { AsyncCallback<GatheringPolicyType> } callback - Indicates the callback of getDLPGatheringPolicy. 645 * @throws { BusinessError } 201 - Permission denied. 646 * @throws { BusinessError } 202 - Non-system applications use system APIs. 647 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 648 * @throws { BusinessError } 19100001 - Invalid parameter value. 649 * @throws { BusinessError } 19100011 - The system ability works abnormally. 650 * @syscap SystemCapability.Security.DataLossPrevention 651 * @systemapi Hide this for inner system use. 652 * @since 10 653 */ 654 function getDLPGatheringPolicy(callback: AsyncCallback<GatheringPolicyType>): void; 655 656 /** 657 * Represents the installed DLP sandbox application info. 658 * 659 * @interface DLPSandboxInfo 660 * @syscap SystemCapability.Security.DataLossPrevention 661 * @systemapi Hide this for inner system use. 662 * @since 10 663 */ 664 export interface DLPSandboxInfo { 665 /** 666 * Index of the installed DLP sandbox application. 667 * 668 * @type { number } 669 * @syscap SystemCapability.Security.DataLossPrevention 670 * @systemapi Hide this for inner system use. 671 * @since 10 672 */ 673 appIndex: number; 674 675 /** 676 * Token ID of the installed DLP sandbox application. 677 * 678 * @type { number } 679 * @syscap SystemCapability.Security.DataLossPrevention 680 * @systemapi Hide this for inner system use. 681 * @since 10 682 */ 683 tokenID: number; 684 } 685 686 /** 687 * Installs a DLP sandbox application. This method uses a promise to return the result. 688 * 689 * @permission ohos.permission.ACCESS_DLP_FILE 690 * @param { string } bundleName - Indicates the bundle name of the application. 691 * @param { DLPFileAccess } access - Indicates the access permission for the DLP file. 692 * @param { number } userId - Indicates the user ID. 693 * @param { string } uri - Indicates the URI of the file. 694 * @returns { Promise<DLPSandboxInfo> } Returns the {@link DLPSandboxInfo}. 695 * @throws { BusinessError } 201 - Permission denied. 696 * @throws { BusinessError } 202 - Non-system applications use system APIs. 697 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 698 * 2. Incorrect parameter types. 699 * @throws { BusinessError } 19100001 - Invalid parameter value. 700 * @throws { BusinessError } 19100011 - The system ability works abnormally. 701 * @syscap SystemCapability.Security.DataLossPrevention 702 * @systemapi Hide this for inner system use. 703 * @since 10 704 */ 705 function installDLPSandbox( 706 bundleName: string, 707 access: DLPFileAccess, 708 userId: number, 709 uri: string 710 ): Promise<DLPSandboxInfo>; 711 712 /** 713 * Installs a DLP sandbox application. This method uses an asynchronous callback to return the result. 714 * 715 * @permission ohos.permission.ACCESS_DLP_FILE 716 * @param { string } bundleName - Indicates the bundle name of the application. 717 * @param { DLPFileAccess } access - Indicates the access permission for the DLP file. 718 * @param { number } userId - Indicates the user ID. 719 * @param { string } uri - Indicates the URI of the file. 720 * @param { AsyncCallback<DLPSandboxInfo> } callback - Indicates the callback of installDLPSandbox. 721 * @throws { BusinessError } 201 - Permission denied. 722 * @throws { BusinessError } 202 - Non-system applications use system APIs. 723 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 724 * 2. Incorrect parameter types. 725 * @throws { BusinessError } 19100001 - Invalid parameter value. 726 * @throws { BusinessError } 19100011 - The system ability works abnormally. 727 * @syscap SystemCapability.Security.DataLossPrevention 728 * @systemapi Hide this for inner system use. 729 * @since 10 730 */ 731 function installDLPSandbox( 732 bundleName: string, 733 access: DLPFileAccess, 734 userId: number, 735 uri: string, 736 callback: AsyncCallback<DLPSandboxInfo> 737 ): void; 738 739 /** 740 * Uninstalls a DLP sandbox application. This method uses a promise to return the result. 741 * 742 * @permission ohos.permission.ACCESS_DLP_FILE 743 * @param { string } bundleName - Indicates the bundle name of the application. 744 * @param { number } userId - Indicates the user ID. 745 * @param { number } appIndex - Indicates the index of DLP sandbox. 746 * @returns { Promise<void> } The promise returned by the function. 747 * @throws { BusinessError } 201 - Permission denied. 748 * @throws { BusinessError } 202 - Non-system applications use system APIs. 749 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 750 * 2. Incorrect parameter types. 751 * @throws { BusinessError } 19100001 - Invalid parameter value. 752 * @throws { BusinessError } 19100011 - The system ability works abnormally. 753 * @syscap SystemCapability.Security.DataLossPrevention 754 * @systemapi Hide this for inner system use. 755 * @since 10 756 */ 757 function uninstallDLPSandbox(bundleName: string, userId: number, appIndex: number): Promise<void>; 758 759 /** 760 * Uninstalls a DLP sandbox application. This method uses an asynchronous callback to return the result. 761 * 762 * @permission ohos.permission.ACCESS_DLP_FILE 763 * @param { string } bundleName - Indicates the bundle name of the application. 764 * @param { number } userId - Indicates the user ID. 765 * @param { number } appIndex - Indicates the index of DLP sandbox. 766 * @param { AsyncCallback<void> } callback - Indicates the callback of uninstallDLPSandbox. 767 * @throws { BusinessError } 201 - Permission denied. 768 * @throws { BusinessError } 202 - Non-system applications use system APIs. 769 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 770 * 2. Incorrect parameter types. 771 * @throws { BusinessError } 19100001 - Invalid parameter value. 772 * @throws { BusinessError } 19100011 - The system ability works abnormally. 773 * @syscap SystemCapability.Security.DataLossPrevention 774 * @systemapi Hide this for inner system use. 775 * @since 10 776 */ 777 function uninstallDLPSandbox( 778 bundleName: string, 779 userId: number, 780 appIndex: number, 781 callback: AsyncCallback<void> 782 ): void; 783 784 /** 785 * Represents the DLP sandbox state. 786 * 787 * @interface DLPSandboxState 788 * @syscap SystemCapability.Security.DataLossPrevention 789 * @systemapi Hide this for inner system use. 790 * @since 10 791 */ 792 export interface DLPSandboxState { 793 /** 794 * Bundle name of the application. 795 * 796 * @type { string } 797 * @syscap SystemCapability.Security.DataLossPrevention 798 * @systemapi Hide this for inner system use. 799 * @since 10 800 */ 801 bundleName: string; 802 803 /** 804 * Application index of the DLP sandbox. 805 * 806 * @type { number } 807 * @syscap SystemCapability.Security.DataLossPrevention 808 * @systemapi Hide this for inner system use. 809 * @since 10 810 */ 811 appIndex: number; 812 } 813 814 /** 815 * Subscribes to the event reported when a DLP sandbox application is uninstalled. 816 * 817 * @permission ohos.permission.ACCESS_DLP_FILE 818 * @param { 'uninstallDLPSandbox' } type - Indicates the type of event to subscribe to. 819 * The value of type must be uninstallDLPSandbox. 820 * @param { Callback<DLPSandboxState> } listener - Indicates the callback for the DLP sandbox application uninstall event. 821 * @throws { BusinessError } 201 - Permission denied. 822 * @throws { BusinessError } 202 - Non-system applications use system APIs. 823 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 824 * 2. Incorrect parameter types. 3. Parameter verification failed. 825 * @throws { BusinessError } 19100001 - Invalid parameter value. 826 * @throws { BusinessError } 19100011 - The system ability works abnormally. 827 * @syscap SystemCapability.Security.DataLossPrevention 828 * @systemapi Hide this for inner system use. 829 * @since 10 830 */ 831 function on(type: 'uninstallDLPSandbox', listener: Callback<DLPSandboxState>): void; 832 833 /** 834 * Unsubscribes from the event reported when a DLP sandbox application is uninstalled. 835 * 836 * @permission ohos.permission.ACCESS_DLP_FILE 837 * @param { 'uninstallDLPSandbox' } type - Indicates the type of event to unsubscribe from. 838 * The value of type must be uninstallDLPSandbox. 839 * @param { Callback<DLPSandboxState> } listener - Indicates the callback for the DLP sandbox application uninstall event. 840 * @throws { BusinessError } 201 - Permission denied. 841 * @throws { BusinessError } 202 - Non-system applications use system APIs. 842 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 843 * 2. Incorrect parameter types. 3. Parameter verification failed. 844 * @throws { BusinessError } 19100001 - Invalid parameter value. 845 * @throws { BusinessError } 19100011 - The system ability works abnormally. 846 * @syscap SystemCapability.Security.DataLossPrevention 847 * @systemapi Hide this for inner system use. 848 * @since 10 849 */ 850 function off(type: 'uninstallDLPSandbox', listener?: Callback<DLPSandboxState>): void; 851 852 /** 853 * Enumerates the account types for a DLP file. 854 * 855 * @enum { number } 856 * @syscap SystemCapability.Security.DataLossPrevention 857 * @systemapi Hide this for inner system use. 858 * @since 10 859 */ 860 export enum AccountType { 861 /** 862 * Cloud account. 863 * 864 * @syscap SystemCapability.Security.DataLossPrevention 865 * @systemapi Hide this for inner system use. 866 * @since 10 867 */ 868 CLOUD_ACCOUNT = 1, 869 870 /** 871 * Domain account. 872 * 873 * @syscap SystemCapability.Security.DataLossPrevention 874 * @systemapi Hide this for inner system use. 875 * @since 10 876 */ 877 DOMAIN_ACCOUNT = 2, 878 } 879 880 /** 881 * Represents the authorized user information. 882 * 883 * @interface AuthUser 884 * @syscap SystemCapability.Security.DataLossPrevention 885 * @systemapi Hide this for inner system use. 886 * @since 10 887 */ 888 export interface AuthUser { 889 /** 890 * Authorized account of the DLP file. 891 * 892 * @type { string } 893 * @syscap SystemCapability.Security.DataLossPrevention 894 * @systemapi Hide this for inner system use. 895 * @since 10 896 */ 897 authAccount: string; 898 899 /** 900 * Type of the authorized account. 901 * 902 * @type { AccountType } 903 * @syscap SystemCapability.Security.DataLossPrevention 904 * @systemapi Hide this for inner system use. 905 * @since 10 906 */ 907 authAccountType: AccountType; 908 909 /** 910 * Authorized permission for the DLP file. 911 * 912 * @type { DLPFileAccess } 913 * @syscap SystemCapability.Security.DataLossPrevention 914 * @systemapi Hide this for inner system use. 915 * @since 10 916 */ 917 dlpFileAccess: DLPFileAccess; 918 919 /** 920 * Authorization expiration time of the DLP file. 921 * 922 * @type { number } 923 * @syscap SystemCapability.Security.DataLossPrevention 924 * @systemapi Hide this for inner system use. 925 * @since 10 926 */ 927 permExpiryTime: number; 928 } 929 930 /** 931 * Represents the DLP file property. 932 * 933 * @interface DLPProperty 934 * @syscap SystemCapability.Security.DataLossPrevention 935 * @systemapi Hide this for inner system use. 936 * @since 10 937 */ 938 export interface DLPProperty { 939 /** 940 * Owner account of the DLP file. 941 * 942 * @type { string } 943 * @syscap SystemCapability.Security.DataLossPrevention 944 * @systemapi Hide this for inner system use. 945 * @since 10 946 */ 947 ownerAccount: string; 948 949 /** 950 * Owner account ID of the DLP file. 951 * 952 * @type { string } 953 * @syscap SystemCapability.Security.DataLossPrevention 954 * @systemapi Hide this for inner system use. 955 * @since 10 956 */ 957 ownerAccountID: string; 958 959 /** 960 * Type of the owner account of the DLP file. 961 * 962 * @type { AccountType } 963 * @syscap SystemCapability.Security.DataLossPrevention 964 * @systemapi Hide this for inner system use. 965 * @since 10 966 */ 967 ownerAccountType: AccountType; 968 969 /** 970 * Authorized users of the DLP file. 971 * 972 * @type { ?Array<AuthUser> } 973 * @syscap SystemCapability.Security.DataLossPrevention 974 * @systemapi Hide this for inner system use. 975 * @since 10 976 */ 977 authUserList?: Array<AuthUser>; 978 979 /** 980 * Contact account of the DLP file. 981 * 982 * @type { string } 983 * @syscap SystemCapability.Security.DataLossPrevention 984 * @systemapi Hide this for inner system use. 985 * @since 10 986 */ 987 contactAccount: string; 988 989 /** 990 * Whether the DLP file can be accessed offline. 991 * If the DLP file supports offline access, the credential server needs to be connected to the network only when the DLP file is opened for the first time. 992 * 993 * @type { boolean } 994 * @syscap SystemCapability.Security.DataLossPrevention 995 * @systemapi Hide this for inner system use. 996 * @since 10 997 */ 998 offlineAccess: boolean; 999 1000 /** 1001 * Everyone access list for the DLP file. 1002 * 1003 * @type { ?Array<DLPFileAccess> } 1004 * @syscap SystemCapability.Security.DataLossPrevention 1005 * @systemapi Hide this for inner system use. 1006 * @since 10 1007 */ 1008 everyoneAccessList?: Array<DLPFileAccess>; 1009 1010 /** 1011 * Timestamp of the time when the DLP file expires. 1012 * 1013 * @type { ?number } 1014 * @syscap SystemCapability.Security.DataLossPrevention 1015 * @systemapi Hide this for inner system use. 1016 * @since 11 1017 */ 1018 expireTime?: number; 1019 } 1020 1021 /** 1022 * Defines the DLP file object. 1023 * 1024 * @interface DLPFile 1025 * @syscap SystemCapability.Security.DataLossPrevention 1026 * @systemapi Hide this for inner system use. 1027 * @since 10 1028 */ 1029 export interface DLPFile { 1030 /** 1031 * DLP file property. 1032 * 1033 * @type { DLPProperty } 1034 * @syscap SystemCapability.Security.DataLossPrevention 1035 * @systemapi Hide this for inner system use. 1036 * @since 10 1037 */ 1038 dlpProperty: DLPProperty; 1039 1040 /** 1041 * Adds a link file for the DLP file. This method uses a promise to return the result. 1042 * The link file is implemented through the Filesystem in Userspace (FUSE). 1043 * 1044 * @permission ohos.permission.ACCESS_DLP_FILE 1045 * @param { string } linkFileName - Indicates the name of link file to add. 1046 * @returns { Promise<void> } The promise returned by the function. 1047 * @throws { BusinessError } 201 - Permission denied. 1048 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1049 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1050 * 2. Incorrect parameter types. 1051 * @throws { BusinessError } 19100001 - Invalid parameter value. 1052 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1053 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1054 * @syscap SystemCapability.Security.DataLossPrevention 1055 * @systemapi Hide this for inner system use. 1056 * @since 10 1057 */ 1058 addDLPLinkFile(linkFileName: string): Promise<void>; 1059 1060 /** 1061 * Adds a link file for the DLP file. This method uses an asynchronous callback to return the result. 1062 * The link file is implemented through the FUSE. 1063 * 1064 * @permission ohos.permission.ACCESS_DLP_FILE 1065 * @param { string } linkFileName - Indicates the name of link file to add. 1066 * @param { AsyncCallback<void> } callback - Indicates the callback of addDLPLinkFile. 1067 * @throws { BusinessError } 201 - Permission denied. 1068 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1069 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1070 * 2. Incorrect parameter types. 1071 * @throws { BusinessError } 19100001 - Invalid parameter value. 1072 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1073 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1074 * @syscap SystemCapability.Security.DataLossPrevention 1075 * @systemapi Hide this for inner system use. 1076 * @since 10 1077 */ 1078 addDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void; 1079 1080 /** 1081 * Stops the FUSE link between the DLP file and a link file. This method uses a promise to return the result. 1082 * 1083 * @permission ohos.permission.ACCESS_DLP_FILE 1084 * @returns { Promise<void> } The promise returned by the function. 1085 * @throws { BusinessError } 201 - Permission denied. 1086 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1087 * @throws { BusinessError } 19100001 - Invalid parameter value. 1088 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1089 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1090 * @syscap SystemCapability.Security.DataLossPrevention 1091 * @systemapi Hide this for inner system use. 1092 * @since 10 1093 */ 1094 stopFuseLink(): Promise<void>; 1095 1096 /** 1097 * Stops the FUSE link between the DLP file and a link file. This method uses an asynchronous callback to return the result. 1098 * 1099 * @permission ohos.permission.ACCESS_DLP_FILE 1100 * @param { AsyncCallback<void> } callback - Indicates the callback of stopFuseLink. 1101 * @throws { BusinessError } 201 - Permission denied. 1102 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1103 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 1104 * @throws { BusinessError } 19100001 - Invalid parameter value. 1105 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1106 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1107 * @syscap SystemCapability.Security.DataLossPrevention 1108 * @systemapi Hide this for inner system use. 1109 * @since 10 1110 */ 1111 stopFuseLink(callback: AsyncCallback<void>): void; 1112 1113 /** 1114 * Resumes the FUSE link between the DLP file and a link file. This method uses a promise to return the result. 1115 * 1116 * @permission ohos.permission.ACCESS_DLP_FILE 1117 * @returns { Promise<void> } The promise returned by the function. 1118 * @throws { BusinessError } 201 - Permission denied. 1119 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1120 * @throws { BusinessError } 19100001 - Invalid parameter value. 1121 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1122 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1123 * @syscap SystemCapability.Security.DataLossPrevention 1124 * @systemapi Hide this for inner system use. 1125 * @since 10 1126 */ 1127 resumeFuseLink(): Promise<void>; 1128 1129 /** 1130 * Resumes the FUSE link between the DLP file and a link file. This method uses an asynchronous callback to return the result. 1131 * 1132 * @permission ohos.permission.ACCESS_DLP_FILE 1133 * @param { AsyncCallback<void> } callback - Indicates the callback of resumeFuseLink. 1134 * @throws { BusinessError } 201 - Permission denied. 1135 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1136 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 1137 * @throws { BusinessError } 19100001 - Invalid parameter value. 1138 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1139 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1140 * @syscap SystemCapability.Security.DataLossPrevention 1141 * @systemapi Hide this for inner system use. 1142 * @since 10 1143 */ 1144 resumeFuseLink(callback: AsyncCallback<void>): void; 1145 1146 /** 1147 * Replaces the link file of the DLP file. This method uses a promise to return the result. 1148 * 1149 * @permission ohos.permission.ACCESS_DLP_FILE 1150 * @param { string } linkFileName - Indicates the name of link file. 1151 * @returns { Promise<void> } The promise returned by the function. 1152 * @throws { BusinessError } 201 - Permission denied. 1153 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1154 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1155 * 2. Incorrect parameter types. 1156 * @throws { BusinessError } 19100001 - Invalid parameter value. 1157 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1158 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1159 * @syscap SystemCapability.Security.DataLossPrevention 1160 * @systemapi Hide this for inner system use. 1161 * @since 10 1162 */ 1163 replaceDLPLinkFile(linkFileName: string): Promise<void>; 1164 1165 /** 1166 * Replaces the link file of the DLP file. This method uses an asynchronous callback to return the result. 1167 * 1168 * @permission ohos.permission.ACCESS_DLP_FILE 1169 * @param { string } linkFileName - Indicates the name of link file. 1170 * @param { AsyncCallback<void> } callback - Indicates the callback of replaceDLPLinkFile. 1171 * @throws { BusinessError } 201 - Permission denied. 1172 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1173 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1174 * 2. Incorrect parameter types. 1175 * @throws { BusinessError } 19100001 - Invalid parameter value. 1176 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1177 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1178 * @syscap SystemCapability.Security.DataLossPrevention 1179 * @systemapi Hide this for inner system use. 1180 * @since 10 1181 */ 1182 replaceDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void; 1183 1184 /** 1185 * Deletes a link file of the DLP file. This method uses a promise to return the result. 1186 * 1187 * @permission ohos.permission.ACCESS_DLP_FILE 1188 * @param { string } linkFileName - Indicates the name of link file to delete. 1189 * @returns { Promise<void> } The promise returned by the function. 1190 * @throws { BusinessError } 201 - Permission denied. 1191 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1192 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1193 * 2. Incorrect parameter types. 1194 * @throws { BusinessError } 19100001 - Invalid parameter value. 1195 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1196 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1197 * @syscap SystemCapability.Security.DataLossPrevention 1198 * @systemapi Hide this for inner system use. 1199 * @since 10 1200 */ 1201 deleteDLPLinkFile(linkFileName: string): Promise<void>; 1202 1203 /** 1204 * Deletes a link file of the DLP file. This method uses an asynchronous callback to return the result. 1205 * 1206 * @permission ohos.permission.ACCESS_DLP_FILE 1207 * @param { string } linkFileName - Indicates the name of link file to delete. 1208 * @param { AsyncCallback<void> } callback - Indicates the callback of deleteDLPLinkFile. 1209 * @throws { BusinessError } 201 - Permission denied. 1210 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1211 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1212 * 2. Incorrect parameter types. 1213 * @throws { BusinessError } 19100001 - Invalid parameter value. 1214 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1215 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1216 * @syscap SystemCapability.Security.DataLossPrevention 1217 * @systemapi Hide this for inner system use. 1218 * @since 10 1219 */ 1220 deleteDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void; 1221 1222 /** 1223 * Recovers the file in plaintext from the DLP file. This method uses a promise to return the result. 1224 * 1225 * @permission ohos.permission.ACCESS_DLP_FILE 1226 * @param { number } plaintextFd - Indicates the file descriptor of the file in plaintext. 1227 * @returns { Promise<void> } The promise returned by the function. 1228 * @throws { BusinessError } 201 - Permission denied. 1229 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1230 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1231 * 2. Incorrect parameter types. 1232 * @throws { BusinessError } 19100001 - Invalid parameter value. 1233 * @throws { BusinessError } 19100002 - Credential task error. 1234 * @throws { BusinessError } 19100003 - Credential task time out. 1235 * @throws { BusinessError } 19100004 - Credential service error. 1236 * @throws { BusinessError } 19100005 - Credential authentication server error. 1237 * @throws { BusinessError } 19100008 - The file is not a DLP file. 1238 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1239 * @throws { BusinessError } 19100010 - The DLP file is read only. 1240 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1241 * @syscap SystemCapability.Security.DataLossPrevention 1242 * @systemapi Hide this for inner system use. 1243 * @since 10 1244 */ 1245 recoverDLPFile(plaintextFd: number): Promise<void>; 1246 1247 /** 1248 * Recovers the file in plaintext from the DLP file. This method uses an asynchronous callback to return the result. 1249 * 1250 * @permission ohos.permission.ACCESS_DLP_FILE 1251 * @param { number } plaintextFd - Indicates the file descriptor of the file in plaintext. 1252 * @param { AsyncCallback<void> } callback - Indicates the callback of recoverDLPFile. 1253 * @throws { BusinessError } 201 - Permission denied. 1254 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1255 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1256 * 2. Incorrect parameter types. 1257 * @throws { BusinessError } 19100001 - Invalid parameter value. 1258 * @throws { BusinessError } 19100002 - Credential task error. 1259 * @throws { BusinessError } 19100003 - Credential task time out. 1260 * @throws { BusinessError } 19100004 - Credential service error. 1261 * @throws { BusinessError } 19100005 - Credential authentication server error. 1262 * @throws { BusinessError } 19100008 - The file is not a DLP file. 1263 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1264 * @throws { BusinessError } 19100010 - The DLP file is read only. 1265 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1266 * @syscap SystemCapability.Security.DataLossPrevention 1267 * @systemapi Hide this for inner system use. 1268 * @since 10 1269 */ 1270 recoverDLPFile(plaintextFd: number, callback: AsyncCallback<void>): void; 1271 1272 /** 1273 * Closes the DLP file when the object is no longer used. This method uses a promise to return the result. 1274 * 1275 * @permission ohos.permission.ACCESS_DLP_FILE 1276 * @returns { Promise<void> } The promise returned by the function. 1277 * @throws { BusinessError } 201 - Permission denied. 1278 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1279 * @throws { BusinessError } 19100001 - Invalid parameter value. 1280 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1281 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1282 * @syscap SystemCapability.Security.DataLossPrevention 1283 * @systemapi Hide this for inner system use. 1284 * @since 10 1285 */ 1286 closeDLPFile(): Promise<void>; 1287 1288 /** 1289 * Closes the DLP file when the object is no longer used. This method uses an asynchronous callback to return the result. 1290 * 1291 * @permission ohos.permission.ACCESS_DLP_FILE 1292 * @param { AsyncCallback<void> } callback - Indicates the callback of closeDLPFile. 1293 * @throws { BusinessError } 201 - Permission denied. 1294 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1295 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Incorrect parameter types. 1296 * @throws { BusinessError } 19100001 - Invalid parameter value. 1297 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1298 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1299 * @syscap SystemCapability.Security.DataLossPrevention 1300 * @systemapi Hide this for inner system use. 1301 * @since 10 1302 */ 1303 closeDLPFile(callback: AsyncCallback<void>): void; 1304 } 1305 1306 /** 1307 * Generates a DLP file. This method uses a promise to return the result. 1308 * 1309 * @permission ohos.permission.ACCESS_DLP_FILE 1310 * @param { number } plaintextFd - Indicates the file descriptor of the file in plaintext. 1311 * @param { number } ciphertextFd - Indicates the file descriptor of the DLP file. 1312 * @param { DLPProperty } property - Indicates the property of the DLP file. 1313 * @returns { Promise<DLPFile> } Returns the {@link DLPFile}. 1314 * @throws { BusinessError } 201 - Permission denied. 1315 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1316 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1317 * 2. Incorrect parameter types. 1318 * @throws { BusinessError } 19100001 - Invalid parameter value. 1319 * @throws { BusinessError } 19100002 - Credential task error. 1320 * @throws { BusinessError } 19100003 - Credential task time out. 1321 * @throws { BusinessError } 19100004 - Credential service error. 1322 * @throws { BusinessError } 19100005 - Credential authentication server error. 1323 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1324 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1325 * @syscap SystemCapability.Security.DataLossPrevention 1326 * @systemapi Hide this for inner system use. 1327 * @since 10 1328 */ 1329 function generateDLPFile(plaintextFd: number, ciphertextFd: number, property: DLPProperty): Promise<DLPFile>; 1330 1331 /** 1332 * Generates a DLP file. This method uses an asynchronous callback to return the result. 1333 * 1334 * @permission ohos.permission.ACCESS_DLP_FILE 1335 * @param { number } plaintextFd - Indicates the file descriptor of the file in plaintext. 1336 * @param { number } ciphertextFd - Indicates the file descriptor of the DLP file. 1337 * @param { DLPProperty } property - Indicates the property of the DLP file. 1338 * @param { AsyncCallback<DLPFile> } callback - Indicates the callback of generateDLPFile. 1339 * @throws { BusinessError } 201 - Permission denied. 1340 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1341 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1342 * 2. Incorrect parameter types. 1343 * @throws { BusinessError } 19100001 - Invalid parameter value. 1344 * @throws { BusinessError } 19100002 - Credential task error. 1345 * @throws { BusinessError } 19100003 - Credential task time out. 1346 * @throws { BusinessError } 19100004 - Credential service error. 1347 * @throws { BusinessError } 19100005 - Credential authentication server error. 1348 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1349 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1350 * @syscap SystemCapability.Security.DataLossPrevention 1351 * @systemapi Hide this for inner system use. 1352 * @since 10 1353 */ 1354 function generateDLPFile( 1355 plaintextFd: number, 1356 ciphertextFd: number, 1357 property: DLPProperty, 1358 callback: AsyncCallback<DLPFile> 1359 ): void; 1360 1361 /** 1362 * Opens a DLP file. This method uses a promise to return the result. 1363 * 1364 * @permission ohos.permission.ACCESS_DLP_FILE 1365 * @param { number } ciphertextFd - Indicates the file descriptor of the DLP file to open. 1366 * @param { string } appId - Indicates the app ID of the application which opens the DLP file. 1367 * @returns { Promise<DLPFile> } Returns the {@link DLPFile}. 1368 * @throws { BusinessError } 201 - Permission denied. 1369 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1370 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1371 * 2. Incorrect parameter types. 1372 * @throws { BusinessError } 19100001 - Invalid parameter value. 1373 * @throws { BusinessError } 19100002 - Credential task error. 1374 * @throws { BusinessError } 19100003 - Credential task time out. 1375 * @throws { BusinessError } 19100004 - Credential service error. 1376 * @throws { BusinessError } 19100005 - Credential authentication server error. 1377 * @throws { BusinessError } 19100008 - The file is not a DLP file. 1378 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1379 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1380 * @throws { BusinessError } 19100018 - Not authorized application. 1381 * @throws { BusinessError } 19100019 - The DLP file has expired. 1382 * @throws { BusinessError } 19100020 - No network connection. 1383 * @syscap SystemCapability.Security.DataLossPrevention 1384 * @systemapi Hide this for inner system use. 1385 * @since 11 1386 */ 1387 function openDLPFile(ciphertextFd: number, appId: string): Promise<DLPFile>; 1388 1389 /** 1390 * Opens a DLP file. This method uses an asynchronous callback to return the result. 1391 * 1392 * @permission ohos.permission.ACCESS_DLP_FILE 1393 * @param { number } ciphertextFd - Indicates the file descriptor of the DLP file to open. 1394 * @param { string } appId - Indicates the app ID of the application which opens the DLP file. 1395 * @param { AsyncCallback<DLPFile> } callback - Indicates the callback of openDLPFile. 1396 * @throws { BusinessError } 201 - Permission denied. 1397 * @throws { BusinessError } 202 - Non-system applications use system APIs. 1398 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1399 * 2. Incorrect parameter types. 1400 * @throws { BusinessError } 19100001 - Invalid parameter value. 1401 * @throws { BusinessError } 19100002 - Credential task error. 1402 * @throws { BusinessError } 19100003 - Credential task time out. 1403 * @throws { BusinessError } 19100004 - Credential service error. 1404 * @throws { BusinessError } 19100005 - Credential authentication server error. 1405 * @throws { BusinessError } 19100008 - The file is not a DLP file. 1406 * @throws { BusinessError } 19100009 - Failed to operate the DLP file. 1407 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1408 * @throws { BusinessError } 19100018 - Not authorized application. 1409 * @throws { BusinessError } 19100019 - The DLP file has expired. 1410 * @throws { BusinessError } 19100020 - No network connection. 1411 * @syscap SystemCapability.Security.DataLossPrevention 1412 * @systemapi Hide this for inner system use. 1413 * @since 11 1414 */ 1415 function openDLPFile(ciphertextFd: number, appId: string, callback: AsyncCallback<DLPFile>): void; 1416 1417 /** 1418 * Sets sandbox application configuration. This method uses a promise to return the result. 1419 * 1420 * @param { string } configInfo - Configuration of the sandbox application. 1421 * @returns { Promise<void> } Promise used to return the result. 1422 * @throws { BusinessError } 401 - Parameter error. Possible causes: 1. Mandatory parameters are left unspecified. 1423 * 2. Incorrect parameter types. 1424 * @throws { BusinessError } 19100001 - Invalid parameter value. 1425 * @throws { BusinessError } 19100007 - No permission to call this API, 1426 * which is available only for non-DLP sandbox applications. 1427 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1428 * @throws { BusinessError } 19100018 - Not authorized application. 1429 * @syscap SystemCapability.Security.DataLossPrevention 1430 * @since 11 1431 */ 1432 function setSandboxAppConfig(configInfo: string): Promise<void>; 1433 1434 /** 1435 * Cleans sandbox application configuration. This method uses a promise to return the result. 1436 * 1437 * @returns { Promise<void> } Promise used to return the result. 1438 * @throws { BusinessError } 19100001 - Invalid parameter value. 1439 * @throws { BusinessError } 19100007 - No permission to call this API, 1440 * which is available only for non-DLP sandbox applications. 1441 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1442 * @throws { BusinessError } 19100018 - Not authorized application. 1443 * @syscap SystemCapability.Security.DataLossPrevention 1444 * @since 11 1445 */ 1446 function cleanSandboxAppConfig(): Promise<void>; 1447 1448 /** 1449 * Obtains sandbox application configuration. This method uses a promise to return the result. 1450 * 1451 * @returns { Promise<string> } Promise used to return the result. 1452 * @throws { BusinessError } 19100001 - Invalid parameter value. 1453 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1454 * @throws { BusinessError } 19100018 - Not authorized application. 1455 * @syscap SystemCapability.Security.DataLossPrevention 1456 * @since 11 1457 */ 1458 function getSandboxAppConfig(): Promise<string>; 1459 1460 /** 1461 * Checks whether the current system provides the DLP feature. This method uses a promise to return the result. 1462 * 1463 * @returns { Promise<boolean> } Promise used to return the result. 1464 * @throws { BusinessError } 19100011 - The system ability works abnormally. 1465 * @syscap SystemCapability.Security.DataLossPrevention 1466 * @since 12 1467 */ 1468 function isDLPFeatureProvided(): Promise<boolean>; 1469 1470} 1471export default dlpPermission;