• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "environment_core.h"
17 
18 #include <string>
19 #include <unistd.h>
20 
21 #include "accesstoken_kit.h"
22 #include "account_error_no.h"
23 #include "filemgmt_libhilog.h"
24 #include "ipc_skeleton.h"
25 #include "os_account_manager.h"
26 #include "parameter.h"
27 #include "tokenid_kit.h"
28 
29 namespace OHOS {
30 namespace FileManagement {
31 namespace ModuleEnvironment {
32 namespace {
33 const std::string STORAGE_DATA_PATH = "/data";
34 const std::string PC_STORAGE_PATH = "/storage/Users/";
35 const std::string EXTERNAL_STORAGE_PATH = "/storage/External";
36 const std::string USER_APP_DATA_PATH = "/appdata";
37 const std::string READ_WRITE_DOWNLOAD_PERMISSION = "ohos.permission.READ_WRITE_DOWNLOAD_DIRECTORY";
38 const std::string READ_WRITE_DESKTOP_PERMISSION = "ohos.permission.READ_WRITE_DESKTOP_DIRECTORY";
39 const std::string READ_WRITE_DOCUMENTS_PERMISSION = "ohos.permission.READ_WRITE_DOCUMENTS_DIRECTORY";
40 const std::string FILE_ACCESS_MANAGER_PERMISSION = "ohos.permission.FILE_ACCESS_MANAGER";
41 const std::string DOWNLOAD_PATH = "/Download";
42 const std::string DESKTOP_PATH = "/Desktop";
43 const std::string DOCUMENTS_PATH = "/Documents";
44 const std::string DEFAULT_USERNAME = "currentUser";
45 const char *FILE_MANAGER_FULL_MOUNT_ENABLE_PARAMETER = "const.filemanager.full_mount.enable";
IsSystemApp()46 static bool IsSystemApp()
47 {
48     uint64_t fullTokenId = OHOS::IPCSkeleton::GetCallingFullTokenID();
49     return Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(fullTokenId);
50 }
51 
CheckCallingPermission(const std::string & permission)52 static bool CheckCallingPermission(const std::string &permission)
53 {
54     Security::AccessToken::AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
55     int res = Security::AccessToken::AccessTokenKit::VerifyAccessToken(tokenCaller, permission);
56     if (res != Security::AccessToken::PermissionState::PERMISSION_GRANTED) {
57         HILOGE("ModuleUserDirectory::CheckCallingPermission have no fileAccess permission");
58         return false;
59     }
60     return true;
61 }
62 
GetUserName()63 static std::string GetUserName()
64 {
65     std::string userName;
66     ErrCode errCode = OHOS::AccountSA::OsAccountManager::GetOsAccountShortName(userName);
67     if (errCode != ERR_OK || userName.empty()) {
68         HILOGE("Get userName failed");
69     }
70     userName = DEFAULT_USERNAME;
71     return userName;
72 }
73 
GetPublicPath(const std::string & directoryName)74 static std::string GetPublicPath(const std::string &directoryName)
75 {
76     return PC_STORAGE_PATH + GetUserName() + directoryName;
77 }
78 
CheckFileManagerFullMountEnable()79 static bool CheckFileManagerFullMountEnable()
80 {
81     char value[] = "false";
82     int retSystem = GetParameter(FILE_MANAGER_FULL_MOUNT_ENABLE_PARAMETER, "false", value, sizeof(value));
83     if (retSystem > 0 && !std::strcmp(value, "true")) {
84         return true;
85     }
86     HILOGE("Not supporting all mounts");
87     return false;
88 }
89 
CheckInvalidAccess(const std::string & permission)90 static int CheckInvalidAccess(const std::string &permission)
91 {
92     if (!CheckFileManagerFullMountEnable()) {
93         HILOGE("Capability not supported");
94         return E_DEVICENOTSUPPORT;
95     }
96 
97     if (permission == FILE_ACCESS_MANAGER_PERMISSION) {
98         if (!IsSystemApp()) {
99             return E_PERMISSION_SYS;
100         }
101     }
102 
103     if (!CheckCallingPermission(permission)) {
104         HILOGE("No Permission");
105         return E_PERMISSION;
106     }
107     return ERRNO_NOERR;
108 }
109 }
110 
DoGetStorageDataDir()111 FsResult<std::string> DoGetStorageDataDir()
112 {
113     if (!IsSystemApp()) {
114         return FsResult<std::string>::Error(E_PERMISSION_SYS);
115     }
116     return FsResult<std::string>::Success(std::move(STORAGE_DATA_PATH));
117 }
118 
GetUserId()119 int GetUserId()
120 {
121     return 0;
122 }
123 
DoGetUserDataDir()124 FsResult<std::string> DoGetUserDataDir()
125 {
126     if (!IsSystemApp()) {
127         return FsResult<std::string>::Error(E_PERMISSION_SYS);
128     }
129 
130     auto userDataPath = std::make_shared<std::string>();
131     (*userDataPath).append("/storage/media/").append(std::to_string(GetUserId())).append("/local");
132     return FsResult<std::string>::Success(std::move(*userDataPath));
133 }
134 
DoGetUserDownloadDir()135 FsResult<std::string> DoGetUserDownloadDir()
136 {
137     if (!CheckFileManagerFullMountEnable()) {
138         HILOGE("Capability not supported");
139         return FsResult<std::string>::Error(E_DEVICENOTSUPPORT);
140     }
141 
142     static std::string downloadPath = GetPublicPath(DOWNLOAD_PATH);
143     if (downloadPath.empty()) {
144         HILOGE("Unknown error");
145         return FsResult<std::string>::Error(E_UNKNOWN_ERROR);
146     }
147     return FsResult<std::string>::Success(std::move(downloadPath));
148 }
149 
DoGetUserDesktopDir()150 FsResult<std::string> DoGetUserDesktopDir()
151 {
152     if (!CheckFileManagerFullMountEnable()) {
153         HILOGE("Capability not supported");
154         return FsResult<std::string>::Error(E_DEVICENOTSUPPORT);
155     }
156 
157     static std::string desktopPath = GetPublicPath(DESKTOP_PATH);
158     if (desktopPath.empty()) {
159         HILOGE("Unknown error");
160         return FsResult<std::string>::Error(E_UNKNOWN_ERROR);
161     }
162     return FsResult<std::string>::Success(std::move(desktopPath));
163 }
164 
DoGetUserDocumentDir()165 FsResult<std::string> DoGetUserDocumentDir()
166 {
167     if (!CheckFileManagerFullMountEnable()) {
168         HILOGE("Capability not supported");
169         return FsResult<std::string>::Error(E_DEVICENOTSUPPORT);
170     }
171 
172     static std::string documentsPath = GetPublicPath(DOCUMENTS_PATH);
173     if (documentsPath.empty()) {
174         HILOGE("Unknown error");
175         return FsResult<std::string>::Error(E_UNKNOWN_ERROR);
176     }
177     return FsResult<std::string>::Success(std::move(documentsPath));
178 }
179 
DoGetExternalStorageDir()180 FsResult<std::string> DoGetExternalStorageDir()
181 {
182     auto res = CheckInvalidAccess(FILE_ACCESS_MANAGER_PERMISSION);
183     if (res) {
184         return FsResult<std::string>::Error(res);
185     }
186     return FsResult<std::string>::Success(std::move(EXTERNAL_STORAGE_PATH));
187 }
188 
DoGetUserHomeDir()189 FsResult<std::string> DoGetUserHomeDir()
190 {
191     auto res = CheckInvalidAccess(FILE_ACCESS_MANAGER_PERMISSION);
192     if (res) {
193         return FsResult<std::string>::Error(res);
194     }
195 
196     static std::string userName = GetUserName();
197     if (userName.empty()) {
198         HILOGE("Unknown error");
199         return FsResult<std::string>::Error(E_UNKNOWN_ERROR);
200     }
201     std::string result = PC_STORAGE_PATH + userName;
202     return FsResult<std::string>::Success(std::move(result));
203 }
204 } // namespace ModuleEnvironment
205 } // namespace FileManagement
206 } // namespace OHOS