1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "utils/extension_permissions_util.h"
17
18 #include "hilog_tag_wrapper.h"
19 #include "permission_verification.h"
20
21 namespace OHOS {
22 namespace AAFwk {
23
CheckSAPermission(const AppExecFwk::ExtensionAbilityType & extensionType)24 bool ExtensionPermissionsUtil::CheckSAPermission(const AppExecFwk::ExtensionAbilityType &extensionType)
25 {
26 TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckSAPermission, extensionType: %{public}d.", extensionType);
27 auto checkRet = false;
28 if (extensionType == AppExecFwk::ExtensionAbilityType::ASSET_ACCELERATION) {
29 return PermissionVerification::GetInstance()->VerifyCallingPermission(
30 "ohos.permission.CONNECT_ASSET_ACCELERATION_EXTENSION");
31 } else if (extensionType == AppExecFwk::ExtensionAbilityType::DISTRIBUTED) {
32 return PermissionVerification::GetInstance()->VerifyCallingPermission(
33 "ohos.permission.CONNECT_DISTRIBUTED_EXTENSION");
34 } else if (extensionType == AppExecFwk::ExtensionAbilityType::SELECTION) {
35 return PermissionVerification::GetInstance()->VerifyCallingPermission(
36 "ohos.permission.CONNECT_SELECTION_EXTENSION");
37 }
38 if (PermissionVerification::GetInstance()->IsShellCall()) {
39 return true;
40 }
41 if (extensionType == AppExecFwk::ExtensionAbilityType::FORM) {
42 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
43 "ohos.permission.CONNECT_FORM_EXTENSION");
44 } else if (extensionType == AppExecFwk::ExtensionAbilityType::WORK_SCHEDULER) {
45 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
46 "ohos.permission.CONNECT_WORK_SCHEDULER_EXTENSION");
47 } else if (extensionType == AppExecFwk::ExtensionAbilityType::INPUTMETHOD) {
48 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
49 "ohos.permission.CONNECT_INPUT_METHOD_EXTENSION");
50 } else if (extensionType == AppExecFwk::ExtensionAbilityType::ACCESSIBILITY) {
51 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
52 "ohos.permission.CONNECT_ACCESSIBILITY_EXTENSION");
53 } else if (extensionType == AppExecFwk::ExtensionAbilityType::STATICSUBSCRIBER) {
54 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
55 "ohos.permission.CONNECT_STATIC_SUBSCRIBER_EXTENSION");
56 } else if (extensionType == AppExecFwk::ExtensionAbilityType::WALLPAPER) {
57 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
58 "ohos.permission.CONNECT_WALLPAPER_EXTENSION");
59 } else if (extensionType == AppExecFwk::ExtensionAbilityType::BACKUP) {
60 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
61 "ohos.permission.CONNECT_BACKUP_EXTENSION");
62 } else if (extensionType == AppExecFwk::ExtensionAbilityType::ENTERPRISE_ADMIN) {
63 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
64 "ohos.permission.CONNECT_ENTERPRISE_ADMIN_EXTENSION");
65 } else if (extensionType == AppExecFwk::ExtensionAbilityType::PRINT) {
66 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
67 "ohos.permission.CONNECT_PRINT_EXTENSION");
68 } else {
69 checkRet = CheckSAPermissionMore(extensionType);
70 }
71 if (!checkRet) {
72 TAG_LOGE(AAFwkTag::ABILITYMGR, "SA connect permission verification failed.");
73 return false;
74 }
75
76 return true;
77 }
78
CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType & extensionType)79 bool ExtensionPermissionsUtil::CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType &extensionType)
80 {
81 auto checkRet = false;
82 if (extensionType == AppExecFwk::ExtensionAbilityType::FILEACCESS_EXTENSION) {
83 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
84 "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION");
85 } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_NOTIFICATION) {
86 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
87 "ohos.permission.CONNECT_REMOTE_NOTIFICATION_EXTENSION");
88 } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_LOCATION) {
89 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
90 "ohos.permission.CONNECT_REMOTE_LOCATION_EXTENSION");
91 } else if (extensionType == AppExecFwk::ExtensionAbilityType::PUSH) {
92 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
93 "ohos.permission.CONNECT_PUSH_EXTENSION");
94 } else if (extensionType == AppExecFwk::ExtensionAbilityType::VOIP) {
95 checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
96 "ohos.permission.CONNECT_VOIP_EXTENSION");
97 } else {
98 TAG_LOGD(AAFwkTag::ABILITYMGR, "bypass for type:%{public}d", extensionType);
99 return true;
100 }
101
102 return checkRet;
103 }
104
105 } // namespace AAFwk
106 } // namespace OHOS
107