1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "extension_config.h"
17
18 #include <fstream>
19
20 #include "config_policy_utils.h"
21 #include "hilog_tag_wrapper.h"
22 #include "json_utils.h"
23
24 namespace OHOS {
25 namespace AAFwk {
26 namespace {
27 constexpr const char* EXTENSION_CONFIG_DEFAULT_PATH = "/system/etc/ams_extension_config.json";
28 constexpr const char* EXTENSION_CONFIG_FILE_PATH = "/etc/ams_extension_config.json";
29
30 constexpr const char* EXTENSION_CONFIG_NAME = "ams_extension_config";
31 constexpr const char* EXTENSION_TYPE_NAME = "extension_type_name";
32 constexpr const char* EXTENSION_AUTO_DISCONNECT_TIME = "auto_disconnect_time";
33
34 // old access flag, deprecated
35 constexpr const char* EXTENSION_THIRD_PARTY_APP_BLOCKED_FLAG_NAME = "third_party_app_blocked_flag";
36 constexpr const char* EXTENSION_SERVICE_BLOCKED_LIST_NAME = "service_blocked_list";
37 constexpr const char* EXTENSION_SERVICE_STARTUP_ENABLE_FLAG = "service_startup_enable_flag";
38
39 // new access flag
40 constexpr const char* ABILITY_ACCESS = "ability_access";
41 constexpr const char* THIRD_PARTY_APP_ACCESS_FLAG = "third_party_app_access_flag";
42 constexpr const char* SERVICE_ACCESS_FLAG = "service_access_flag";
43 constexpr const char* DEFAULT_ACCESS_FLAG = "default_access_flag";
44 constexpr const char* BLOCK_LIST = "blocklist";
45 constexpr const char* ALLOW_LIST = "allowlist";
46 constexpr const char* NETWORK_ACCESS_ENABLE_FLAG = "network_access_enable_flag";
47 constexpr const char* SA_ACCESS_ENABLE_FLAG = "sa_access_enable_flag";
48 constexpr const char* SCREEN_UNLOCK_INTERCEPT = "screen_unlock_intercept";
49 constexpr const char* SCREEN_UNLOCK_INTERCEPT_EXCLUDE_SYSTEM_APP = "screen_unlock_intercept_exclude_system_app";
50 }
51
GetExtensionConfigPath() const52 std::string ExtensionConfig::GetExtensionConfigPath() const
53 {
54 char buf[MAX_PATH_LEN] = { 0 };
55 char *configPath = GetOneCfgFile(EXTENSION_CONFIG_FILE_PATH, buf, MAX_PATH_LEN);
56 if (configPath == nullptr || configPath[0] == '\0' || strlen(configPath) > MAX_PATH_LEN) {
57 return EXTENSION_CONFIG_DEFAULT_PATH;
58 }
59 return configPath;
60 }
61
LoadExtensionConfiguration()62 void ExtensionConfig::LoadExtensionConfiguration()
63 {
64 TAG_LOGD(AAFwkTag::ABILITYMGR, "call");
65 nlohmann::json jsonBuf;
66 if (!ReadFileInfoJson(GetExtensionConfigPath().c_str(), jsonBuf)) {
67 TAG_LOGE(AAFwkTag::ABILITYMGR, "parse file failed");
68 return;
69 }
70
71 LoadExtensionConfig(jsonBuf);
72 }
73
GetExtensionAutoDisconnectTime(const std::string & extensionTypeName)74 int32_t ExtensionConfig::GetExtensionAutoDisconnectTime(const std::string &extensionTypeName)
75 {
76 std::lock_guard lock(configMapMutex_);
77 if (configMap_.find(extensionTypeName) != configMap_.end()) {
78 return configMap_[extensionTypeName].extensionAutoDisconnectTime;
79 }
80 return DEFAULT_EXTENSION_AUTO_DISCONNECT_TIME;
81 }
82
IsExtensionStartThirdPartyAppEnable(const std::string & extensionTypeName)83 bool ExtensionConfig::IsExtensionStartThirdPartyAppEnable(const std::string &extensionTypeName)
84 {
85 std::lock_guard lock(configMapMutex_);
86 if (configMap_.find(extensionTypeName) != configMap_.end()) {
87 return configMap_[extensionTypeName].thirdPartyAppEnableFlag;
88 }
89 return EXTENSION_THIRD_PARTY_APP_ENABLE_FLAG_DEFAULT;
90 }
91
IsExtensionStartServiceEnable(const std::string & extensionTypeName,const std::string & targetUri)92 bool ExtensionConfig::IsExtensionStartServiceEnable(const std::string &extensionTypeName, const std::string &targetUri)
93 {
94 AppExecFwk::ElementName targetElementName;
95 std::lock_guard lock(configMapMutex_);
96 if (configMap_.find(extensionTypeName) != configMap_.end() &&
97 !configMap_[extensionTypeName].serviceEnableFlag) {
98 return false;
99 }
100 if (!targetElementName.ParseURI(targetUri) ||
101 configMap_.find(extensionTypeName) == configMap_.end()) {
102 return EXTENSION_START_SERVICE_ENABLE_FLAG_DEFAULT;
103 }
104 for (const auto& iter : configMap_[extensionTypeName].serviceBlockedList) {
105 AppExecFwk::ElementName iterElementName;
106 if (iterElementName.ParseURI(iter) &&
107 iterElementName.GetBundleName() == targetElementName.GetBundleName() &&
108 iterElementName.GetAbilityName() == targetElementName.GetAbilityName()) {
109 return false;
110 }
111 }
112 return EXTENSION_START_SERVICE_ENABLE_FLAG_DEFAULT;
113 }
114
LoadExtensionConfig(const nlohmann::json & object)115 void ExtensionConfig::LoadExtensionConfig(const nlohmann::json &object)
116 {
117 if (!object.contains(EXTENSION_CONFIG_NAME) || !object.at(EXTENSION_CONFIG_NAME).is_array()) {
118 TAG_LOGE(AAFwkTag::ABILITYMGR, "extension config null");
119 return;
120 }
121
122 for (auto &item : object.at(EXTENSION_CONFIG_NAME).items()) {
123 const nlohmann::json& jsonObject = item.value();
124 if (!jsonObject.contains(EXTENSION_TYPE_NAME) || !jsonObject.at(EXTENSION_TYPE_NAME).is_string()) {
125 continue;
126 }
127 std::lock_guard lock(configMapMutex_);
128 std::string extensionTypeName = jsonObject.at(EXTENSION_TYPE_NAME).get<std::string>();
129 LoadExtensionAutoDisconnectTime(jsonObject, extensionTypeName);
130 bool hasAbilityAccess = LoadExtensionAbilityAccess(jsonObject, extensionTypeName);
131 if (!hasAbilityAccess) {
132 LoadExtensionThirdPartyAppBlockedList(jsonObject, extensionTypeName);
133 LoadExtensionServiceBlockedList(jsonObject, extensionTypeName);
134 }
135 LoadExtensionNetworkEnable(jsonObject, extensionTypeName);
136 LoadExtensionSAEnable(jsonObject, extensionTypeName);
137 LoadScreenUnlockIntercept(jsonObject, extensionTypeName);
138 }
139 }
140
LoadExtensionAutoDisconnectTime(const nlohmann::json & object,const std::string & extensionTypeName)141 void ExtensionConfig::LoadExtensionAutoDisconnectTime(const nlohmann::json &object,
142 const std::string &extensionTypeName)
143 {
144 if (!object.contains(EXTENSION_AUTO_DISCONNECT_TIME) ||
145 !object.at(EXTENSION_AUTO_DISCONNECT_TIME).is_number()) {
146 TAG_LOGE(AAFwkTag::ABILITYMGR, "auto disconnect time config null");
147 return;
148 }
149 int32_t extensionAutoDisconnectTime = object.at(EXTENSION_AUTO_DISCONNECT_TIME).get<int32_t>();
150 configMap_[extensionTypeName].extensionAutoDisconnectTime = extensionAutoDisconnectTime;
151 }
152
LoadExtensionThirdPartyAppBlockedList(const nlohmann::json & object,std::string extensionTypeName)153 void ExtensionConfig::LoadExtensionThirdPartyAppBlockedList(const nlohmann::json &object,
154 std::string extensionTypeName)
155 {
156 TAG_LOGD(AAFwkTag::ABILITYMGR, "call.");
157 if (!object.contains(EXTENSION_THIRD_PARTY_APP_BLOCKED_FLAG_NAME) ||
158 !object.at(EXTENSION_THIRD_PARTY_APP_BLOCKED_FLAG_NAME).is_boolean()) {
159 TAG_LOGE(AAFwkTag::ABILITYMGR, "third Party config null");
160 return;
161 }
162 bool flag = object.at(EXTENSION_THIRD_PARTY_APP_BLOCKED_FLAG_NAME).get<bool>();
163 configMap_[extensionTypeName].thirdPartyAppEnableFlag = flag;
164 TAG_LOGD(AAFwkTag::ABILITYMGR, "The %{public}s extension's third party app blocked flag is %{public}d",
165 extensionTypeName.c_str(), flag);
166 }
167
LoadExtensionServiceBlockedList(const nlohmann::json & object,std::string extensionTypeName)168 void ExtensionConfig::LoadExtensionServiceBlockedList(const nlohmann::json &object, std::string extensionTypeName)
169 {
170 TAG_LOGD(AAFwkTag::ABILITYMGR, "call.");
171 if (!object.contains(EXTENSION_SERVICE_STARTUP_ENABLE_FLAG) ||
172 !object.at(EXTENSION_SERVICE_STARTUP_ENABLE_FLAG).is_boolean()) {
173 TAG_LOGE(AAFwkTag::ABILITYMGR, "service enable config null");
174 return;
175 }
176 bool serviceEnableFlag = object.at(EXTENSION_SERVICE_STARTUP_ENABLE_FLAG).get<bool>();
177 if (!serviceEnableFlag) {
178 configMap_[extensionTypeName].serviceEnableFlag = serviceEnableFlag;
179 TAG_LOGD(AAFwkTag::ABILITYMGR, "%{public}s Service startup is blocked.", extensionTypeName.c_str());
180 return;
181 }
182 if (!object.contains(EXTENSION_SERVICE_BLOCKED_LIST_NAME) ||
183 !object.at(EXTENSION_SERVICE_BLOCKED_LIST_NAME).is_array()) {
184 TAG_LOGE(AAFwkTag::ABILITYMGR, "service config null");
185 return;
186 }
187 std::unordered_set<std::string> serviceBlockedList;
188 for (auto &item : object.at(EXTENSION_SERVICE_BLOCKED_LIST_NAME).items()) {
189 const nlohmann::json& jsonObject = item.value();
190 if (!jsonObject.is_string()) {
191 continue;
192 }
193 std::string serviceUri = jsonObject.get<std::string>();
194 if (CheckExtensionUriValid(serviceUri)) {
195 serviceBlockedList.emplace(serviceUri);
196 }
197 }
198 configMap_[extensionTypeName].serviceBlockedList = serviceBlockedList;
199 TAG_LOGD(AAFwkTag::ABILITYMGR, "The size of %{public}s extension's service blocked list is %{public}zu",
200 extensionTypeName.c_str(), serviceBlockedList.size());
201 }
202
LoadExtensionAbilityAccess(const nlohmann::json & object,const std::string & extensionTypeName)203 bool ExtensionConfig::LoadExtensionAbilityAccess(const nlohmann::json &object, const std::string &extensionTypeName)
204 {
205 TAG_LOGD(AAFwkTag::ABILITYMGR, "call.");
206 if (!object.contains(ABILITY_ACCESS) || !object.at(ABILITY_ACCESS).is_object()) {
207 TAG_LOGE(AAFwkTag::ABILITYMGR, "parse ability_access failed");
208 configMap_[extensionTypeName].hasAbilityAccess = false;
209 return false;
210 }
211
212 configMap_[extensionTypeName].hasAbilityAccess = true;
213 const nlohmann::json &accessJson = object.at(ABILITY_ACCESS);
214 auto &abilityAccess = configMap_[extensionTypeName].abilityAccess;
215 auto &jsonUtils = JsonUtils::GetInstance();
216 abilityAccess.thirdPartyAppAccessFlag = jsonUtils.JsonToOptionalBool(accessJson, THIRD_PARTY_APP_ACCESS_FLAG);
217 abilityAccess.serviceAccessFlag = jsonUtils.JsonToOptionalBool(accessJson, SERVICE_ACCESS_FLAG);
218 abilityAccess.defaultAccessFlag = jsonUtils.JsonToOptionalBool(accessJson, DEFAULT_ACCESS_FLAG);
219 LoadExtensionAllowOrBlockedList(accessJson, ALLOW_LIST, abilityAccess.allowList);
220 LoadExtensionAllowOrBlockedList(accessJson, BLOCK_LIST, abilityAccess.blockList);
221
222 TAG_LOGD(AAFwkTag::ABILITYMGR, "The %{public}s extension's ability flag, third:%{public}s, service:%{public}s, "
223 "default:%{public}s, allowList size:%{public}zu, blockList size:%{public}zu,", extensionTypeName.c_str(),
224 FormatAccessFlag(abilityAccess.thirdPartyAppAccessFlag).c_str(),
225 FormatAccessFlag(abilityAccess.serviceAccessFlag).c_str(),
226 FormatAccessFlag(abilityAccess.defaultAccessFlag).c_str(),
227 abilityAccess.allowList.size(), abilityAccess.blockList.size());
228 return true;
229 }
230
FormatAccessFlag(const std::optional<bool> & flag)231 std::string ExtensionConfig::FormatAccessFlag(const std::optional<bool> &flag)
232 {
233 if (!flag.has_value()) {
234 return "null";
235 }
236 return flag.value() ? "true" : "false";
237 }
238
LoadExtensionAllowOrBlockedList(const nlohmann::json & object,const std::string & key,std::unordered_set<std::string> & list)239 void ExtensionConfig::LoadExtensionAllowOrBlockedList(const nlohmann::json &object, const std::string &key,
240 std::unordered_set<std::string> &list)
241 {
242 TAG_LOGD(AAFwkTag::ABILITYMGR, "LoadExtensionAllowOrBlockedList.");
243 if (!object.contains(key) || !object.at(key).is_array()) {
244 TAG_LOGE(AAFwkTag::ABILITYMGR, "%{public}s config null", key.c_str());
245 return;
246 }
247 list.clear();
248 for (auto &item : object.at(key).items()) {
249 const nlohmann::json& jsonObject = item.value();
250 if (!jsonObject.is_string()) {
251 continue;
252 }
253 std::string serviceUri = jsonObject.get<std::string>();
254 if (CheckExtensionUriValid(serviceUri)) {
255 list.emplace(serviceUri);
256 }
257 }
258 }
259
LoadExtensionNetworkEnable(const nlohmann::json & object,const std::string & extensionTypeName)260 void ExtensionConfig::LoadExtensionNetworkEnable(const nlohmann::json &object,
261 const std::string &extensionTypeName)
262 {
263 TAG_LOGD(AAFwkTag::ABILITYMGR, "LoadExtensionNetworkEnable call");
264 if (!object.contains(NETWORK_ACCESS_ENABLE_FLAG) || !object.at(NETWORK_ACCESS_ENABLE_FLAG).is_boolean()) {
265 TAG_LOGW(AAFwkTag::ABILITYMGR, "network enable flag null");
266 return;
267 }
268 bool flag = object.at(NETWORK_ACCESS_ENABLE_FLAG).get<bool>();
269 configMap_[extensionTypeName].networkEnableFlag = flag;
270 TAG_LOGD(AAFwkTag::ABILITYMGR, "The %{public}s extension's network enable flag is %{public}d",
271 extensionTypeName.c_str(), flag);
272 }
273
LoadExtensionSAEnable(const nlohmann::json & object,const std::string & extensionTypeName)274 void ExtensionConfig::LoadExtensionSAEnable(const nlohmann::json &object,
275 const std::string &extensionTypeName)
276 {
277 TAG_LOGD(AAFwkTag::ABILITYMGR, "LoadExtensionSAEnable call");
278 if (!object.contains(SA_ACCESS_ENABLE_FLAG) || !object.at(SA_ACCESS_ENABLE_FLAG).is_boolean()) {
279 TAG_LOGW(AAFwkTag::ABILITYMGR, "sa enable flag null");
280 return;
281 }
282 bool flag = object.at(SA_ACCESS_ENABLE_FLAG).get<bool>();
283 configMap_[extensionTypeName].saEnableFlag = flag;
284 TAG_LOGD(AAFwkTag::ABILITYMGR, "The %{public}s extension's sa enable flag is %{public}d",
285 extensionTypeName.c_str(), flag);
286 }
287
LoadScreenUnlockIntercept(const nlohmann::json & object,const std::string & extensionTypeName)288 void ExtensionConfig::LoadScreenUnlockIntercept(const nlohmann::json &object,
289 const std::string &extensionTypeName)
290 {
291 TAG_LOGD(AAFwkTag::ABILITYMGR, "LoadScreenUnlockIntercept call");
292 if (!object.contains(SCREEN_UNLOCK_INTERCEPT) || !object.at(SCREEN_UNLOCK_INTERCEPT).is_boolean()) {
293 TAG_LOGD(AAFwkTag::ABILITYMGR, "screen_unlock_intercept null");
294 return;
295 }
296 bool flag = object.at(SCREEN_UNLOCK_INTERCEPT).get<bool>();
297 configMap_[extensionTypeName].screenUnlockIntercept = flag;
298 TAG_LOGD(AAFwkTag::ABILITYMGR, "The %{public}s extension's screen_unlock_intercept is %{public}d",
299 extensionTypeName.c_str(), flag);
300
301 if (!object.contains(SCREEN_UNLOCK_INTERCEPT_EXCLUDE_SYSTEM_APP) ||
302 !object.at(SCREEN_UNLOCK_INTERCEPT_EXCLUDE_SYSTEM_APP).is_boolean()) {
303 TAG_LOGD(AAFwkTag::ABILITYMGR, "screen_unlock_intercept_exclude_system_app null");
304 return;
305 }
306 flag = object.at(SCREEN_UNLOCK_INTERCEPT_EXCLUDE_SYSTEM_APP).get<bool>();
307 configMap_[extensionTypeName].screenUnlockInterceptExcludeSystemApp = flag;
308 TAG_LOGD(AAFwkTag::ABILITYMGR,
309 "The %{public}s extension's screen_unlock_intercept_exclude_system_app is %{public}d",
310 extensionTypeName.c_str(), flag);
311 }
312
HasAbilityAccess(const std::string & extensionTypeName)313 bool ExtensionConfig::HasAbilityAccess(const std::string &extensionTypeName)
314 {
315 std::lock_guard lock(configMapMutex_);
316 auto iter = configMap_.find(extensionTypeName);
317 if (iter == configMap_.end()) {
318 return false;
319 }
320 return iter->second.hasAbilityAccess;
321 }
322
HasThridPartyAppAccessFlag(const std::string & extensionTypeName)323 bool ExtensionConfig::HasThridPartyAppAccessFlag(const std::string &extensionTypeName)
324 {
325 auto accessFlag = GetSingleAccessFlag(extensionTypeName, [](const AbilityAccessItem &abilityAccess) {
326 return abilityAccess.thirdPartyAppAccessFlag;
327 });
328 return accessFlag.has_value();
329 }
330
HasServiceAccessFlag(const std::string & extensionTypeName)331 bool ExtensionConfig::HasServiceAccessFlag(const std::string &extensionTypeName)
332 {
333 auto accessFlag = GetSingleAccessFlag(extensionTypeName, [](const AbilityAccessItem &abilityAccess) {
334 return abilityAccess.serviceAccessFlag;
335 });
336 return accessFlag.has_value();
337 }
338
HasDefaultAccessFlag(const std::string & extensionTypeName)339 bool ExtensionConfig::HasDefaultAccessFlag(const std::string &extensionTypeName)
340 {
341 auto accessFlag = GetSingleAccessFlag(extensionTypeName, [](const AbilityAccessItem &abilityAccess) {
342 return abilityAccess.defaultAccessFlag;
343 });
344 return accessFlag.has_value();
345 }
346
GetSingleAccessFlag(const std::string & extensionTypeName,std::function<std::optional<bool> (const AbilityAccessItem &)> getAccessFlag)347 std::optional<bool> ExtensionConfig::GetSingleAccessFlag(const std::string &extensionTypeName,
348 std::function<std::optional<bool>(const AbilityAccessItem&)> getAccessFlag)
349 {
350 std::lock_guard lock(configMapMutex_);
351 auto iter = configMap_.find(extensionTypeName);
352 if (iter == configMap_.end()) {
353 return std::nullopt;
354 }
355 return getAccessFlag(iter->second.abilityAccess);
356 }
357
IsExtensionStartThirdPartyAppEnableNew(const std::string & extensionTypeName,const std::string & targetUri)358 bool ExtensionConfig::IsExtensionStartThirdPartyAppEnableNew(const std::string &extensionTypeName,
359 const std::string &targetUri)
360 {
361 return IsExtensionAbilityAccessEnable(extensionTypeName, targetUri, [](const AbilityAccessItem &abilityAccess) {
362 return abilityAccess.thirdPartyAppAccessFlag;
363 });
364 }
365
IsExtensionStartServiceEnableNew(const std::string & extensionTypeName,const std::string & targetUri)366 bool ExtensionConfig::IsExtensionStartServiceEnableNew(const std::string &extensionTypeName,
367 const std::string &targetUri)
368 {
369 return IsExtensionAbilityAccessEnable(extensionTypeName, targetUri, [](const AbilityAccessItem &abilityAccess) {
370 return abilityAccess.serviceAccessFlag;
371 });
372 }
373
IsExtensionStartDefaultEnable(const std::string & extensionTypeName,const std::string & targetUri)374 bool ExtensionConfig::IsExtensionStartDefaultEnable(const std::string &extensionTypeName, const std::string &targetUri)
375 {
376 return IsExtensionAbilityAccessEnable(extensionTypeName, targetUri, [](const AbilityAccessItem &abilityAccess) {
377 return abilityAccess.defaultAccessFlag;
378 });
379 }
380
IsExtensionAbilityAccessEnable(const std::string & extensionTypeName,const std::string & targetUri,std::function<std::optional<bool> (const AbilityAccessItem &)> getAccessFlag)381 bool ExtensionConfig::IsExtensionAbilityAccessEnable(const std::string &extensionTypeName, const std::string &targetUri,
382 std::function<std::optional<bool>(const AbilityAccessItem&)> getAccessFlag)
383 {
384 AbilityAccessItem abilityAccess;
385 {
386 std::lock_guard lock(configMapMutex_);
387 auto iter = configMap_.find(extensionTypeName);
388 if (iter == configMap_.end()) {
389 return true;
390 }
391 abilityAccess = iter->second.abilityAccess;
392 }
393 auto accessFlag = getAccessFlag(abilityAccess);
394 if (!accessFlag.has_value()) {
395 // flag not configured, allow access
396 return true;
397 }
398 AppExecFwk::ElementName targetElementName;
399 if (!targetElementName.ParseURI(targetUri)) {
400 return accessFlag.value();
401 }
402 if (accessFlag.value()) {
403 //flag true, deny access in block list
404 return !FindTargetUriInList(targetElementName, abilityAccess.blockList);
405 }
406 // flag false, allow access in allow list
407 return FindTargetUriInList(targetElementName, abilityAccess.allowList);
408 }
409
FindTargetUriInList(const AppExecFwk::ElementName & targetElementName,std::unordered_set<std::string> & list)410 bool ExtensionConfig::FindTargetUriInList(const AppExecFwk::ElementName &targetElementName,
411 std::unordered_set<std::string> &list)
412 {
413 return std::find_if(list.begin(), list.end(), [&](const auto &uri) {
414 AppExecFwk::ElementName iterElementName;
415 return iterElementName.ParseURI(uri) &&
416 iterElementName.GetBundleName() == targetElementName.GetBundleName() &&
417 iterElementName.GetAbilityName() == targetElementName.GetAbilityName();
418 }) != list.end();
419 }
420
IsExtensionNetworkEnable(const std::string & extensionTypeName)421 bool ExtensionConfig::IsExtensionNetworkEnable(const std::string &extensionTypeName)
422 {
423 std::lock_guard lock(configMapMutex_);
424 if (configMap_.find(extensionTypeName) != configMap_.end()) {
425 return configMap_[extensionTypeName].networkEnableFlag;
426 }
427 return EXTENSION_NETWORK_ENABLE_FLAG_DEFAULT;
428 }
429
IsExtensionSAEnable(const std::string & extensionTypeName)430 bool ExtensionConfig::IsExtensionSAEnable(const std::string &extensionTypeName)
431 {
432 std::lock_guard lock(configMapMutex_);
433 if (configMap_.find(extensionTypeName) != configMap_.end()) {
434 return configMap_[extensionTypeName].saEnableFlag;
435 }
436 return EXTENSION_SA_ENABLE_FLAG_DEFAULT;
437 }
438
IsScreenUnlockIntercept(const std::string & extensionTypeName,bool isSystemApp)439 bool ExtensionConfig::IsScreenUnlockIntercept(const std::string &extensionTypeName, bool isSystemApp)
440 {
441 std::lock_guard lock(configMapMutex_);
442 auto iter = configMap_.find(extensionTypeName);
443 if (iter == configMap_.end()) {
444 return false;
445 }
446 const auto &config = iter->second;
447 if (!config.screenUnlockIntercept) {
448 return false;
449 }
450 if (!isSystemApp) {
451 return true;
452 }
453 return !config.screenUnlockInterceptExcludeSystemApp;
454 }
455
ReadFileInfoJson(const std::string & filePath,nlohmann::json & jsonBuf)456 bool ExtensionConfig::ReadFileInfoJson(const std::string &filePath, nlohmann::json &jsonBuf)
457 {
458 if (access(filePath.c_str(), F_OK) != 0) {
459 TAG_LOGD(AAFwkTag::ABILITYMGR, "%{public}s, not existed", filePath.c_str());
460 return false;
461 }
462
463 std::fstream in;
464 char errBuf[256];
465 errBuf[0] = '\0';
466 in.open(filePath, std::ios_base::in);
467 if (!in.is_open()) {
468 strerror_r(errno, errBuf, sizeof(errBuf));
469 TAG_LOGE(AAFwkTag::ABILITYMGR, "failed due to %{public}s", errBuf);
470 return false;
471 }
472
473 in.seekg(0, std::ios::end);
474 int64_t size = in.tellg();
475 if (size <= 0) {
476 TAG_LOGE(AAFwkTag::ABILITYMGR, "empty file");
477 in.close();
478 return false;
479 }
480
481 in.seekg(0, std::ios::beg);
482 jsonBuf = nlohmann::json::parse(in, nullptr, false);
483 in.close();
484 if (jsonBuf.is_discarded()) {
485 TAG_LOGE(AAFwkTag::ABILITYMGR, "bad profile file");
486 return false;
487 }
488
489 return true;
490 }
491
CheckExtensionUriValid(const std::string & uri)492 bool ExtensionConfig::CheckExtensionUriValid(const std::string &uri)
493 {
494 const size_t memberNum = 4;
495 if (std::count(uri.begin(), uri.end(), '/') != memberNum - 1) {
496 TAG_LOGE(AAFwkTag::ABILITYMGR, "invalid uri: %{public}s", uri.c_str());
497 return false;
498 }
499 // correct uri: "/bundleName/moduleName/abilityName"
500 std::string::size_type pos1 = 0;
501 std::string::size_type pos2 = uri.find('/', pos1 + 1);
502 std::string::size_type pos3 = uri.find('/', pos2 + 1);
503 std::string::size_type pos4 = uri.find('/', pos3 + 1);
504 if ((pos3 == pos2 + 1) || (pos4 == pos3 + 1) || (pos4 == uri.size() - 1)) {
505 TAG_LOGE(AAFwkTag::ABILITYMGR, "invalid uri: %{public}s", uri.c_str());
506 return false;
507 }
508 return true;
509 }
510 }
511 }