1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef PERMISSION_RECORD_MANAGER_H 17 #define PERMISSION_RECORD_MANAGER_H 18 19 #include <set> 20 #include <string> 21 #include <unordered_set> 22 #include <vector> 23 24 #ifdef EVENTHANDLER_ENABLE 25 #include "access_event_handler.h" 26 #endif 27 #include "access_token.h" 28 #include "active_change_response_info.h" 29 #include "add_perm_param_info.h" 30 #include "app_manager_death_callback.h" 31 #include "app_status_change_callback.h" 32 #include "hap_token_info.h" 33 #include "libraryloader.h" 34 #include "nocopyable.h" 35 #include "on_permission_used_record_callback.h" 36 #include "permission_record.h" 37 #include "permission_record_set.h" 38 #include "permission_used_request.h" 39 #include "permission_used_result.h" 40 #include "permission_used_type_info.h" 41 #include "privacy_param.h" 42 #include "rwlock.h" 43 #include "safe_map.h" 44 #include "thread_pool.h" 45 46 namespace OHOS { 47 namespace Security { 48 namespace AccessToken { 49 class PrivacyAppStateObserver : public ApplicationStateObserverStub { 50 public: 51 PrivacyAppStateObserver() = default; 52 ~PrivacyAppStateObserver() = default; 53 void OnProcessDied(const ProcessData &processData) override; 54 void OnAppStopped(const AppStateData &appStateData) override; 55 void OnAppStateChanged(const AppStateData &appStateData) override; 56 DISALLOW_COPY_AND_MOVE(PrivacyAppStateObserver); 57 }; 58 59 class PrivacyAppManagerDeathCallback : public AppManagerDeathCallback { 60 public: 61 PrivacyAppManagerDeathCallback() = default; 62 ~PrivacyAppManagerDeathCallback() = default; 63 64 void NotifyAppManagerDeath() override; 65 DISALLOW_COPY_AND_MOVE(PrivacyAppManagerDeathCallback); 66 }; 67 68 class PermissionRecordManager final { 69 public: 70 static PermissionRecordManager& GetInstance(); 71 virtual ~PermissionRecordManager(); 72 73 void Init(); 74 int32_t AddPermissionUsedRecord(const AddPermParamInfo& info); 75 void RemovePermissionUsedRecords(AccessTokenID tokenId); 76 bool IsUserIdValid(int32_t userID) const; 77 int32_t SetPermissionUsedRecordToggleStatus(int32_t userID, bool status); 78 int32_t GetPermissionUsedRecordToggleStatus(int32_t userID, bool& status); 79 void RemoveHistoryPermissionUsedRecords(std::unordered_set<AccessTokenID> tokenIDList); 80 int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); 81 int32_t GetPermissionUsedRecordsAsync( 82 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback); 83 int32_t StartUsingPermission(const PermissionUsedTypeInfo &info, int32_t callerPid); 84 int32_t StartUsingPermission(const PermissionUsedTypeInfo &info, const sptr<IRemoteObject>& callback, 85 int32_t callerPid); 86 int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName, 87 int32_t callerPid); 88 bool HasCallerInStartList(int32_t callerPid); 89 int32_t RegisterPermActiveStatusCallback( 90 AccessTokenID regiterTokenId, const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback); 91 int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback); 92 93 void CallbackExecute(const ContinusPermissionRecord& record, const std::string& permissionName, 94 PermissionUsedType type = PermissionUsedType::NORMAL_TYPE); 95 int32_t PermissionListFilter(const std::vector<std::string>& listSrc, std::vector<std::string>& listRes); 96 bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, int32_t pid); 97 int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, 98 std::vector<PermissionUsedTypeInfo>& results); 99 int32_t SetMutePolicy(const PolicyType& policyType, const CallerType& callerType, bool isMute, 100 AccessTokenID tokenID); 101 int32_t SetEdmMutePolicy(const std::string permissionName, bool isMute); 102 int32_t SetPrivacyMutePolicy(const std::string permissionName, bool isMute); 103 int32_t SetTempMutePolicy(const std::string permissionName, bool isMute); 104 int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed); 105 106 void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); 107 void SetLockScreenStatus(int32_t lockScreenStatus); 108 int32_t GetLockScreenStatus(bool isIpc = false); 109 110 void OnAppMgrRemoteDiedHandle(); 111 void OnAudioMgrRemoteDiedHandle(); 112 void OnCameraMgrRemoteDiedHandle(); 113 void RemoveRecordFromStartListByPid(const AccessTokenID tokenId, int32_t pid); 114 void RemoveRecordFromStartListByToken(const AccessTokenID tokenId); 115 void RemoveRecordFromStartListByOp(int32_t opCode); 116 void RemoveRecordFromStartListByCallerPid(int32_t callerPid); 117 void ExecuteAllCameraExecuteCallback(); 118 void UpdatePermRecImmediately(); 119 void ExecuteDeletePermissionRecordTask(); 120 121 private: 122 PermissionRecordManager(); 123 DISALLOW_COPY_AND_MOVE(PermissionRecordManager); 124 125 bool IsAllowedUsingCamera(AccessTokenID tokenId, int32_t pid); 126 bool IsAllowedUsingMicrophone(AccessTokenID tokenId, int32_t pid); 127 128 bool CheckPermissionUsedRecordToggleStatus(int32_t userID); 129 bool VerifyNativeRecordPermission(const std::string& permissionName, const AccessTokenID& tokenId); 130 bool UpdatePermUsedRecToggleStatusMap(int32_t userID, bool status); 131 void UpdatePermUsedRecToggleStatusMapFromDb(); 132 bool AddOrUpdateUsedStatusIfNeeded(int32_t userID, bool status); 133 void AddRecToCacheAndValueVec(const PermissionRecord& record, std::vector<GenericValues>& values); 134 int32_t MergeOrInsertRecord(const PermissionRecord& record); 135 bool UpdatePermissionUsedRecordToDb(const PermissionRecord& record); 136 int32_t AddRecord(const PermissionRecord& record); 137 int32_t GetPermissionRecord(const AddPermParamInfo& info, PermissionRecord& record); 138 bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); 139 int32_t GetCurDeleteTaskNum(); 140 void AddDeleteTaskNum(); 141 void ReduceDeleteTaskNum(); 142 int32_t DeletePermissionRecord(int32_t days); 143 144 void GetMergedRecordsFromCache(std::vector<PermissionRecord>& mergedRecords); 145 void InsteadMergedRecIfNecessary(GenericValues& mergedRecord, std::vector<PermissionRecord>& mergedRecords); 146 void MergeSamePermission(const PermissionUsageFlag& flag, const PermissionUsedRecord& inRecord, 147 PermissionUsedRecord& outRecord); 148 void FillPermissionUsedRecords(const PermissionUsedRecord& record, const PermissionUsageFlag& flag, 149 std::vector<PermissionUsedRecord>& permissionRecords); 150 bool FillBundleUsedRecord(const GenericValues& value, const PermissionUsageFlag& flag, 151 std::map<int32_t, BundleUsedRecord>& tokenIdToBundleMap, std::map<int32_t, int32_t>& tokenIdToCountMap, 152 PermissionUsedResult& result); 153 bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); 154 155 void ExecuteAndUpdateRecord(uint32_t tokenId, int32_t pid, ActiveChangeType status); 156 157 #ifndef APP_SECURITY_PRIVACY_SERVICE 158 void ExecuteAndUpdateRecordByPerm(const std::string& permissionName, bool switchStatus); 159 bool ShowGlobalDialog(const std::string& permissionName); 160 #endif 161 int32_t RemoveRecordFromStartList(AccessTokenID tokenId, int32_t pid, 162 const std::string& permissionName, int32_t callerPid); 163 int32_t AddRecordToStartList(const PermissionUsedTypeInfo& info, int32_t status, int32_t callerPid, 164 bool isCamera = false); 165 166 void PermListToString(const std::vector<std::string>& permList); 167 bool GetGlobalSwitchStatus(const std::string& permissionName); 168 void ModifyMuteStatus(const std::string& permissionName, int32_t index, bool isMute); 169 bool GetMuteStatus(const std::string& permissionName, int32_t index); 170 171 void ExecuteCameraCallbackAsync(AccessTokenID tokenId, int32_t callbackPid); 172 173 void TransformEnumToBitValue(const PermissionUsedType type, uint32_t& value); 174 bool AddOrUpdateUsedTypeIfNeeded(const AccessTokenID tokenId, const int32_t opCode, 175 const PermissionUsedType type); 176 void AddDataValueToResults(const GenericValues value, std::vector<PermissionUsedTypeInfo>& results); 177 178 bool IsCameraWindowShow(AccessTokenID tokenId); 179 uint64_t GetUniqueId(uint32_t tokenId, int32_t pid) const; 180 bool RegisterWindowCallback(); 181 void InitializeMuteState(const std::string& permissionName); 182 int32_t GetAppStatus(AccessTokenID tokenId, int32_t pid = -1); 183 184 bool RegisterAppStatusListener(); 185 bool Register(); 186 bool RegisterApplicationStateObserver(); 187 void Unregister(); 188 bool GetMuteParameter(const char* key, bool& isMute); 189 190 void SetDefaultConfigValue(); 191 void GetConfigValue(); 192 bool ToRemoveRecord(const ContinusPermissionRecord& targetRecord, 193 const IsEqualFunc& isEqualFunc, bool needClearCamera = true); 194 195 private: 196 bool hasInited_ = false; 197 OHOS::Utils::RWLock rwLock_; 198 std::mutex startRecordListMutex_; 199 std::set<ContinusPermissionRecord> startRecordList_; 200 SafeMap<uint64_t, sptr<IRemoteObject>> cameraCallbackMap_; 201 202 // microphone 203 std::mutex micMuteMutex_; 204 std::mutex micLoadMutex_; 205 bool isMicEdmMute_ = false; 206 bool isMicMixMute_ = false; 207 bool isMicLoad_ = false; 208 209 // camera 210 std::mutex camMuteMutex_; 211 std::mutex camLoadMutex_; 212 bool isCamEdmMute_ = false; 213 bool isCamMixMute_ = false; 214 bool isCamLoad_ = false; 215 216 // appState 217 std::mutex appStateMutex_; 218 sptr<PrivacyAppStateObserver> appStateCallback_ = nullptr; 219 220 // app manager death 221 std::mutex appManagerDeathMutex_; 222 std::shared_ptr<PrivacyAppManagerDeathCallback> appManagerDeathCallback_ = nullptr; 223 224 // lockScreenState 225 std::mutex lockScreenStateMutex_; 226 int32_t lockScreenStatus_ = LockScreenStatusChangeType::PERM_ACTIVE_IN_UNLOCKED; 227 228 // foreground reminder 229 std::mutex foreReminderMutex_; 230 std::vector<uint32_t> foreTokenIdList_; 231 232 // record config 233 int32_t recordSizeMaximum_ = 0; 234 int32_t recordAgingTime_ = 0; 235 #ifndef APP_SECURITY_PRIVACY_SERVICE 236 std::string globalDialogBundleName_; 237 std::string globalDialogAbilityName_; 238 std::mutex abilityManagerMutex_; 239 std::shared_ptr<LibraryLoader> abilityManagerLoader_; 240 #endif 241 std::atomic_int32_t deleteTaskNum_ = 0; 242 243 std::mutex permUsedRecMutex_; 244 std::vector<PermissionRecordCache> permUsedRecList_; 245 246 std::mutex permUsedRecToggleStatusMutex_; 247 std::map<int32_t, bool> permUsedRecToggleStatusMap_; 248 }; 249 } // namespace AccessToken 250 } // namespace Security 251 } // namespace OHOS 252 #endif // PERMISSION_RECORD_MANAGER_H