1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "file_permission.h"
16 #include "accesstoken_kit.h"
17 #include "log.h"
18 #include "parameter.h"
19 #include "uri.h"
20 #include <sys/stat.h>
21 #include <unistd.h>
22 #include <unordered_set>
23 #ifdef SANDBOX_MANAGER
24 #include "sandbox_manager_err_code.h"
25 #include "uri_permission_manager_client.h"
26 #endif
27 #include "bundle_constants.h"
28 #include "file_uri.h"
29 #include "hap_token_info.h"
30 #include "ipc_skeleton.h"
31 #include "n_error.h"
32 #include "sandbox_helper.h"
33 #include "tokenid_kit.h"
34
35 namespace OHOS {
36 namespace AppFileService {
37 const std::string MEDIA_AUTHORITY = "media";
38 const std::string NETWORK_PARA = "?networkid=";
39 const std::string PERSISTENCE_FORBIDDEN_MESSAGE = "URI forbid to be persisted!";
40 const std::string INVALID_MODE_MESSAGE = "Invalid operation mode!";
41 const std::string INVALID_PATH_MESSAGE = "Invalid path!";
42 const std::string PERMISSION_NOT_PERSISTED_MESSAGE = "The policy is no persistent capability!";
43 const std::string FILE_SCHEME_PREFIX = "file://";
44 const std::string FILE_MANAGER_AUTHORITY = "docs";
45 const std::string SANDBOX_STORAGE_PATH = "/storage/Users/currentUser/";
46 const std::string DOWNLOAD_PATH = "/storage/Users/currentUser/Download";
47 const std::string DESKTOP_PATH = "/storage/Users/currentUser/Desktop";
48 const std::string DOCUMENTS_PATH = "/storage/Users/currentUser/Documents";
49 const std::string CURRENTUSER = "currentUser";
50 const std::string READ_WRITE_DOWNLOAD_PERMISSION = "ohos.permission.READ_WRITE_DOWNLOAD_DIRECTORY";
51 const std::string READ_WRITE_DESKTOP_PERMISSION = "ohos.permission.READ_WRITE_DESKTOP_DIRECTORY";
52 const std::string READ_WRITE_DOCUMENTS_PERMISSION = "ohos.permission.READ_WRITE_DOCUMENTS_DIRECTORY";
53 const std::string FILE_ACCESS_MANAGER_PERMISSION = "ohos.permission.FILE_ACCESS_MANAGER";
54 const std::unordered_map<std::string, std::string> permissionPathMap = {
55 {READ_WRITE_DOWNLOAD_PERMISSION, DOWNLOAD_PATH},
56 {READ_WRITE_DESKTOP_PERMISSION, DESKTOP_PATH},
57 {READ_WRITE_DOCUMENTS_PERMISSION, DOCUMENTS_PATH}};
58 #ifdef SANDBOX_MANAGER
59 namespace {
60
CheckValidUri(const string & uriStr,const string & path,bool checkAccess)61 bool CheckValidUri(const string &uriStr, const string &path, bool checkAccess)
62 {
63 if (uriStr.find(FILE_SCHEME_PREFIX) != 0) {
64 LOGE("Incorrect URI format!");
65 return false;
66 }
67 if (uriStr.find(NETWORK_PARA) != string::npos) {
68 LOGE("the URI is not the current device URI");
69 return false;
70 }
71 // Only Media path can skip access check
72 Uri uri(uriStr);
73 std::string bundleName = uri.GetAuthority();
74 if (bundleName == MEDIA_AUTHORITY) {
75 LOGI("media path, skip access check");
76 return true;
77 }
78 // check if path can be accessed
79 if (checkAccess && (access(path.c_str(), F_OK) != 0)) {
80 LOGE("access path failed");
81 return false;
82 }
83 return true;
84 }
85
ErrorCodeConversion(int32_t sandboxManagerErrorCode,const deque<struct PolicyErrorResult> & errorResults,const vector<uint32_t> & resultCodes)86 int32_t ErrorCodeConversion(int32_t sandboxManagerErrorCode,
87 const deque<struct PolicyErrorResult> &errorResults,
88 const vector<uint32_t> &resultCodes)
89 {
90 if (sandboxManagerErrorCode == PERMISSION_DENIED) {
91 LOGE("The app does not have the authorization URI permission");
92 return FileManagement::LibN::E_PERMISSION;
93 }
94 if (sandboxManagerErrorCode == INVALID_PARAMTER) {
95 if (resultCodes.size() != 0) {
96 LOGE("The number of incoming URIs is too many");
97 return FileManagement::LibN::E_PARAMS;
98 } else {
99 LOGE("The incoming URI is invalid");
100 return EPERM;
101 }
102 }
103 if (!errorResults.empty()) {
104 LOGE("Some of the incoming URIs failed");
105 return EPERM;
106 }
107 if (resultCodes.size() == 0) {
108 LOGE("Sandboxmanager not processed");
109 return EPERM;
110 }
111 for (size_t i = 0; i < resultCodes.size(); i++) {
112 if (resultCodes[i] != 0) {
113 LOGE("Reason for URI authorization failure");
114 return EPERM;
115 }
116 }
117 if (sandboxManagerErrorCode == SANDBOX_MANAGER_OK) {
118 return 0;
119 }
120 return FileManagement::LibN::E_UNKNOWN_ERROR;
121 }
122
ErrorCodeConversion(int32_t sandboxManagerErrorCode)123 int32_t ErrorCodeConversion(int32_t sandboxManagerErrorCode)
124 {
125 if (sandboxManagerErrorCode == SANDBOX_MANAGER_OK) {
126 return 0;
127 }
128 if (sandboxManagerErrorCode == PERMISSION_DENIED) {
129 LOGE("The app does not have the authorization URI permission");
130 return FileManagement::LibN::E_PERMISSION;
131 }
132 return FileManagement::LibN::E_UNKNOWN_ERROR;
133 }
134 } // namespace
ParseErrorResults(const vector<uint32_t> & resultCodes,const vector<PolicyInfo> & pathPolicies,deque<struct PolicyErrorResult> & errorResults)135 void FilePermission::ParseErrorResults(const vector<uint32_t> &resultCodes,
136 const vector<PolicyInfo> &pathPolicies,
137 deque<struct PolicyErrorResult> &errorResults)
138 {
139 if (resultCodes.size() == 0 || resultCodes.size() != pathPolicies.size()) {
140 LOGE("resultCodes size is not equals pathPolicies size");
141 return;
142 }
143 for (size_t i = 0; i < resultCodes.size(); i++) {
144 PolicyErrorResult result;
145 Uri uri(pathPolicies[i].path);
146 switch (resultCodes[i]) {
147 case static_cast<PolicyErrorCode>(PolicyErrorCode::PERSISTENCE_FORBIDDEN):
148 result = {uri.ToString(), PolicyErrorCode::PERSISTENCE_FORBIDDEN, PERSISTENCE_FORBIDDEN_MESSAGE};
149 errorResults.emplace_back(result);
150 break;
151 case static_cast<PolicyErrorCode>(PolicyErrorCode::INVALID_MODE):
152 result = {uri.ToString(), PolicyErrorCode::INVALID_MODE, INVALID_MODE_MESSAGE};
153 errorResults.emplace_back(result);
154 break;
155 case static_cast<PolicyErrorCode>(PolicyErrorCode::INVALID_PATH):
156 result = {uri.ToString(), PolicyErrorCode::INVALID_PATH, INVALID_PATH_MESSAGE};
157 errorResults.emplace_back(result);
158 break;
159 case static_cast<PolicyErrorCode>(PolicyErrorCode::PERMISSION_NOT_PERSISTED):
160 result = {uri.ToString(), PolicyErrorCode::PERMISSION_NOT_PERSISTED, PERMISSION_NOT_PERSISTED_MESSAGE};
161 errorResults.emplace_back(result);
162 break;
163 default:
164 break;
165 }
166 }
167 }
168
ParseErrorResults(const vector<bool> & resultCodes,vector<bool> & errorResults)169 void FilePermission::ParseErrorResults(const vector<bool> &resultCodes, vector<bool> &errorResults)
170 {
171 auto resultCodeSize = resultCodes.size();
172 if (resultCodeSize == 0) {
173 return;
174 }
175 auto errorResultSize = errorResults.size();
176 for (size_t i = 0, j = 0; i < errorResultSize && j < resultCodeSize; i++) {
177 if (errorResults[i]) {
178 errorResults[i] = resultCodes[j++];
179 }
180 }
181 }
182
GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> & uriPolicies,deque<struct PolicyErrorResult> & errorResults,bool checkAccess)183 vector<PolicyInfo> FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> &uriPolicies,
184 deque<struct PolicyErrorResult> &errorResults, bool checkAccess)
185 {
186 vector<PolicyInfo> pathPolicies;
187 for (auto uriPolicy : uriPolicies) {
188 AppFileService::ModuleFileUri::FileUri fileuri(uriPolicy.uri);
189 string path = fileuri.GetRealPath();
190 if (!CheckValidUri(uriPolicy.uri, path, checkAccess)) {
191 LOGE("Not correct uri!");
192 PolicyErrorResult result = {uriPolicy.uri, PolicyErrorCode::INVALID_PATH, INVALID_PATH_MESSAGE};
193 errorResults.emplace_back(result);
194 } else {
195 PolicyInfo policyInfo = {path, uriPolicy.mode};
196 pathPolicies.emplace_back(policyInfo);
197 }
198 }
199 return pathPolicies;
200 }
201
GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> & uriPolicies,vector<bool> & errorResults)202 vector<PolicyInfo> FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> &uriPolicies,
203 vector<bool> &errorResults)
204 {
205 vector<PolicyInfo> pathPolicies;
206 for (const auto &uriPolicy : uriPolicies) {
207 AppFileService::ModuleFileUri::FileUri fileuri(uriPolicy.uri);
208 string path = fileuri.GetRealPath();
209 if (!CheckValidUri(uriPolicy.uri, path, false)) {
210 LOGE("Not correct uri!");
211 errorResults.emplace_back(false);
212 } else {
213 PolicyInfo policyInfo = {path, uriPolicy.mode};
214 pathPolicies.emplace_back(policyInfo);
215 errorResults.emplace_back(true);
216 }
217 }
218 return pathPolicies;
219 }
220
GetSandboxPolicyInfo(const vector<PathPolicyInfo> & pathPolicies)221 vector<PolicyInfo> FilePermission::GetSandboxPolicyInfo(const vector<PathPolicyInfo> &pathPolicies)
222 {
223 vector<PolicyInfo> policies;
224 for (const auto &policy: pathPolicies) {
225 PolicyInfo policyInfo = {policy.path, policy.mode};
226 policies.emplace_back(policyInfo);
227 }
228 return policies;
229 }
230
CheckPermission(uint32_t tokenCaller,const string & permission)231 static bool CheckPermission(uint32_t tokenCaller, const string &permission)
232 {
233 return Security::AccessToken::AccessTokenKit::VerifyAccessToken(tokenCaller, permission) ==
234 Security::AccessToken::PermissionState::PERMISSION_GRANTED;
235 }
236
IsFileManagerUri(const string & pathStr)237 static bool IsFileManagerUri(const string &pathStr)
238 {
239 return pathStr.find(DOWNLOAD_PATH) == 0 || pathStr.find(DESKTOP_PATH) == 0 || pathStr.find(DOCUMENTS_PATH) == 0;
240 }
241
CheckFileManagerUriPermission(uint32_t providerTokenId,const string & pathStr)242 static bool CheckFileManagerUriPermission(uint32_t providerTokenId, const string &pathStr)
243 {
244 return (IsFileManagerUri(pathStr) && CheckPermission(providerTokenId, FILE_ACCESS_MANAGER_PERMISSION)) ||
245 (pathStr.find(DOWNLOAD_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DOWNLOAD_PERMISSION)) ||
246 (pathStr.find(DESKTOP_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DESKTOP_PERMISSION)) ||
247 (pathStr.find(DOCUMENTS_PATH) == 0 && CheckPermission(providerTokenId, READ_WRITE_DOCUMENTS_PERMISSION));
248 }
249 #endif
CheckUriPersistentPermission(uint32_t tokenId,const vector<UriPolicyInfo> & uriPolicies,vector<bool> & errorResults)250 int32_t FilePermission::CheckUriPersistentPermission(uint32_t tokenId,
251 const vector<UriPolicyInfo> &uriPolicies,
252 vector<bool> &errorResults)
253 {
254 int errorCode = 0;
255 #ifdef SANDBOX_MANAGER
256 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
257 if (pathPolicies.size() == 0) {
258 return EPERM;
259 }
260
261 vector<bool> resultCodes;
262 LOGI("CheckUriPersistentPermission pathPolicies size: %{public}zu", pathPolicies.size());
263 int32_t sandboxManagerErrorCode = SandboxManagerKit::CheckPersistPolicy(tokenId, pathPolicies, resultCodes);
264 for (size_t i = resultCodes.size(); i < pathPolicies.size(); i++) {
265 resultCodes.emplace_back(false);
266 }
267 for (size_t i = 0; i < pathPolicies.size(); i++) {
268 if (!resultCodes[i]) {
269 resultCodes[i] = CheckFileManagerUriPermission(tokenId, pathPolicies[i].path);
270 }
271 }
272
273 errorCode = ErrorCodeConversion(sandboxManagerErrorCode);
274 ParseErrorResults(resultCodes, errorResults);
275 #endif
276 return errorCode;
277 }
278
CheckPathPermission(uint32_t tokenId,const vector<PathPolicyInfo> & pathPolicies,int32_t policyType,vector<bool> & errorResults)279 int32_t FilePermission::CheckPathPermission(uint32_t tokenId, const vector<PathPolicyInfo> &pathPolicies,
280 int32_t policyType, vector<bool> &errorResults)
281 {
282 LOGI("CheckPathPermission pathPolicies size:%{public}zu policyType:%{public}d", pathPolicies.size(), policyType);
283 int errorCode = 0;
284 #ifdef SANDBOX_MANAGER
285 if (tokenId == 0) {
286 LOGE("tokenId is invalid");
287 return FileManagement::LibN::E_PARAMS;
288 }
289 if (pathPolicies.size() == 0 || pathPolicies.size() > MAX_ARRAY_SIZE) {
290 LOGE("The number of policy is invalid");
291 return FileManagement::LibN::E_PARAMS;
292 }
293 if (policyType < 0 || policyType > PERSISTENT_TYPE) {
294 LOGE("The policyType is invalid type:%{public}d", policyType);
295 return FileManagement::LibN::E_PARAMS;
296 }
297
298 int32_t sandboxManagerErrorCode = 0;
299 vector<PolicyInfo> policies = GetSandboxPolicyInfo(pathPolicies);
300 if (policyType == TEMPORARY_TYPE) {
301 sandboxManagerErrorCode = SandboxManagerKit::CheckPolicy(tokenId, policies, errorResults);
302 } else if (policyType == PERSISTENT_TYPE) {
303 sandboxManagerErrorCode = SandboxManagerKit::CheckPersistPolicy(tokenId, policies, errorResults);
304 } else {
305 LOGE("invalid policy type %{public}d", policyType);
306 }
307 errorCode = ErrorCodeConversion(sandboxManagerErrorCode);
308 #endif
309 return errorCode;
310 }
311
PersistPermission(const vector<UriPolicyInfo> & uriPolicies,deque<struct PolicyErrorResult> & errorResults)312 int32_t FilePermission::PersistPermission(const vector<UriPolicyInfo> &uriPolicies,
313 deque<struct PolicyErrorResult> &errorResults)
314 {
315 int errorCode = 0;
316 #ifdef SANDBOX_MANAGER
317 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
318 LOGE("The number of result codes exceeds the maximum");
319 return FileManagement::LibN::E_PARAMS;
320 }
321 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
322 if (pathPolicies.size() == 0) {
323 return EPERM;
324 }
325 vector<uint32_t> resultCodes;
326 LOGI("PersistPermission pathPolicies size: %{public}zu", pathPolicies.size());
327 int32_t sandboxManagerErrorCode = SandboxManagerKit::PersistPolicy(pathPolicies, resultCodes);
328 errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes);
329 if (errorCode == EPERM) {
330 ParseErrorResults(resultCodes, pathPolicies, errorResults);
331 }
332 #endif
333 return errorCode;
334 }
335
GrantPermission(const vector<UriPolicyInfo> & uriPolicies,const std::string & bundleName,int32_t appCloneIndex,deque<struct PolicyErrorResult> & errorResults)336 int32_t FilePermission::GrantPermission(const vector<UriPolicyInfo> &uriPolicies, const std::string &bundleName,
337 int32_t appCloneIndex, deque<struct PolicyErrorResult> &errorResults)
338 {
339 int errorCode = 0;
340 #ifdef SANDBOX_MANAGER
341 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
342 LOGE("The number of result codes exceeds the maximum");
343 return EPERM;
344 }
345 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults, false);
346 if (pathPolicies.size() == 0) {
347 return EPERM;
348 }
349 vector<uint32_t> resultCodes;
350 LOGI("GrantDecPermission size:%{public}zu bundleName:%{public}s appCloneIndex:%{public}d",
351 pathPolicies.size(), bundleName.c_str(), appCloneIndex);
352
353 uint64_t policyFlag = 1; // support persistent
354 int32_t sandboxManagerErrorCode = SandboxManagerKit::SetPolicyByBundleName(bundleName,
355 appCloneIndex, pathPolicies, policyFlag, resultCodes);
356 errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes);
357 if (errorCode == EPERM) {
358 ParseErrorResults(resultCodes, pathPolicies, errorResults);
359 }
360 #else
361 LOGW("Sandbox manager bundle not exist, device not support.");
362 return FileManagement::LibN::E_DEVICENOTSUPPORT;
363 #endif
364 return errorCode;
365 }
366
RevokePermission(const vector<UriPolicyInfo> & uriPolicies,deque<struct PolicyErrorResult> & errorResults)367 int32_t FilePermission::RevokePermission(const vector<UriPolicyInfo> &uriPolicies,
368 deque<struct PolicyErrorResult> &errorResults)
369 {
370 int errorCode = 0;
371 #ifdef SANDBOX_MANAGER
372 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
373 LOGE("The number of result codes exceeds the maximum");
374 return FileManagement::LibN::E_PARAMS;
375 }
376 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
377 if (pathPolicies.size() == 0) {
378 return EPERM;
379 }
380 vector<uint32_t> resultCodes;
381 LOGI("RevokePermission pathPolicies size: %{public}zu", pathPolicies.size());
382 int32_t sandboxManagerErrorCode = SandboxManagerKit::UnPersistPolicy(pathPolicies, resultCodes);
383 errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes);
384 if (errorCode == EPERM) {
385 ParseErrorResults(resultCodes, pathPolicies, errorResults);
386 }
387 #endif
388 return errorCode;
389 }
390
ActivatePermission(const vector<UriPolicyInfo> & uriPolicies,deque<struct PolicyErrorResult> & errorResults)391 int32_t FilePermission::ActivatePermission(const vector<UriPolicyInfo> &uriPolicies,
392 deque<struct PolicyErrorResult> &errorResults)
393 {
394 int errorCode = 0;
395 #ifdef SANDBOX_MANAGER
396 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
397 LOGE("The number of result codes exceeds the maximum");
398 return FileManagement::LibN::E_PARAMS;
399 }
400 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
401 if (pathPolicies.size() == 0) {
402 return EPERM;
403 }
404 vector<uint32_t> resultCodes;
405 LOGI("ActivatePermission pathPolicies size: %{public}zu", pathPolicies.size());
406 auto &uriPermissionClient = AAFwk::UriPermissionManagerClient::GetInstance();
407 int32_t sandboxManagerErrorCode = uriPermissionClient.Active(pathPolicies, resultCodes);
408 errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes);
409 if (errorCode == EPERM) {
410 ParseErrorResults(resultCodes, pathPolicies, errorResults);
411 }
412 #endif
413 return errorCode;
414 }
415
DeactivatePermission(const vector<UriPolicyInfo> & uriPolicies,deque<struct PolicyErrorResult> & errorResults)416 int32_t FilePermission::DeactivatePermission(const vector<UriPolicyInfo> &uriPolicies,
417 deque<struct PolicyErrorResult> &errorResults)
418 {
419 int errorCode = 0;
420 #ifdef SANDBOX_MANAGER
421 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
422 LOGE("The number of result codes exceeds the maximum");
423 return FileManagement::LibN::E_PARAMS;
424 }
425 vector<PolicyInfo> pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults);
426 if (pathPolicies.size() == 0) {
427 return EPERM;
428 }
429 vector<uint32_t> resultCodes;
430 LOGI("DeactivatePermission pathPolicies size: %{public}zu", pathPolicies.size());
431 int32_t sandboxManagerErrorCode = SandboxManagerKit::StopAccessingPolicy(pathPolicies, resultCodes);
432 errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes);
433 if (errorCode == EPERM) {
434 ParseErrorResults(resultCodes, pathPolicies, errorResults);
435 }
436 #endif
437 return errorCode;
438 }
439
CheckPersistentPermission(const vector<UriPolicyInfo> & uriPolicies,vector<bool> & errorResults)440 int32_t FilePermission::CheckPersistentPermission(const vector<UriPolicyInfo> &uriPolicies, vector<bool> &errorResults)
441 {
442 int errorCode = 0;
443 #ifdef SANDBOX_MANAGER
444 if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) {
445 LOGE("The number of result codes exceeds the maximum");
446 return FileManagement::LibN::E_PARAMS;
447 }
448 auto tokenId = IPCSkeleton::GetCallingTokenID();
449 errorCode = CheckUriPersistentPermission(tokenId, uriPolicies, errorResults);
450 #endif
451 return errorCode;
452 }
453
GetPathByPermission(const std::string & userName,const std::string & permission)454 string FilePermission::GetPathByPermission(const std::string &userName, const std::string &permission)
455 {
456 if (permissionPathMap.find(permission) != permissionPathMap.end()) {
457 string path = permissionPathMap.at(permission);
458 if (!userName.empty()) {
459 path = path.replace(path.find(CURRENTUSER), CURRENTUSER.length(), userName);
460 }
461 return path;
462 }
463 return "";
464 }
465 } // namespace AppFileService
466 } // namespace OHOS