• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 /**
17  * @addtogroup AccessToken
18  * @{
19  *
20  * @brief Provides permission management interfaces.
21  *
22  * Provides tokenID-based application permission verification mechanism.
23  * When an application accesses sensitive data or APIs, this module can check
24  * whether the application has the corresponding permission. Allows applications
25  * to query their access token information or APL levcels based on token IDs.
26  *
27  * @since 7.0
28  * @version 7.0
29  */
30 
31 /**
32  * @file hap_token_info.h
33  *
34  * @brief Declares hap token infos.
35  *
36  * @since 7.0
37  * @version 7.0
38  */
39 
40 #ifndef ACCESSTOKEN_HAP_TOKEN_INFO_H
41 #define ACCESSTOKEN_HAP_TOKEN_INFO_H
42 
43 #include "access_token.h"
44 #include "permission_def.h"
45 #include "permission_state_full.h"
46 #include "permission_status.h"
47 #include <map>
48 #include <string>
49 #include <vector>
50 
51 namespace OHOS {
52 namespace Security {
53 namespace AccessToken {
54 /**
55  * @brief Declares hap info params class
56  */
57 class HapInfoParams final {
58 public:
59     int userID;
60     std::string bundleName;
61     /** instance index */
62     int instIndex;
63     /**
64      * dlp type, for details about the valid values,
65      * see the definition of HapDlpType in the access_token.h file.
66      */
67     int dlpType;
68     std::string appIDDesc;
69     /** which version of the SDK is used to develop the hap */
70     int32_t apiVersion;
71     /** indicates whether the hap is a system app */
72     bool isSystemApp;
73     /* app type */
74     std::string appDistributionType;
75     bool isRestore = false;
76     AccessTokenID tokenID = INVALID_TOKENID;
77     /** Whether hap is a atomic-service */
78     bool isAtomicService = false;
79 };
80 
81 /**
82  * @brief Declares hap info params class
83  */
84 class UpdateHapInfoParams final {
85 public:
86     std::string appIDDesc;
87     /** which version of the SDK is used to develop the hap */
88     int32_t apiVersion;
89     /** indicates whether the hap is a system app */
90     bool isSystemApp;
91     /* app type */
92     std::string appDistributionType;
93     /** Whether hap is a atomic-service */
94     bool isAtomicService = false;
95     /** ota refresh app */
96     bool dataRefresh = false;
97 };
98 
99 /**
100  * @brief Declares hap token info class
101  */
102 class HapTokenInfo final {
103 public:
104     char ver;
105     int userID = 0;
106     std::string bundleName;
107     /** which version of the SDK is used to develop this hap */
108     int32_t apiVersion;
109     /** instance index */
110     int instIndex = 0;
111     /**
112      * dlp type, for details about the valid values,
113      * see the definition of HapDlpType in the access_token.h file.
114      */
115     int dlpType;
116     AccessTokenID tokenID;
117     /** token attribute */
118     AccessTokenAttr tokenAttr;
119 };
120 
121 /**
122  * @brief Declares hap token info for distributed synchronize class
123  */
124 class HapTokenInfoForSync final {
125 public:
126     /** hap token info */
127     HapTokenInfo baseInfo;
128     /** permission state list */
129     std::vector<PermissionStatus> permStateList;
130 };
131 
132 class HapTokenInfoExt final {
133 public:
134     /** hap token info */
135     HapTokenInfo baseInfo;
136     /** hap app id */
137     std::string appID;
138 };
139 
140 /**
141  * @brief Declares hap base token info class
142  */
143 class HapBaseInfo final {
144 public:
145     int32_t userID;
146     std::string bundleName = "";
147     /** instance index */
148     int32_t instIndex = 0;
149 };
150 
151 /**
152  * @brief Pre-authorization token info class
153  */
154 class PreAuthorizationInfo final {
155 public:
156     std::string permissionName;
157     /** Whether the pre-authorization is non-cancelable */
158     bool userCancelable = false;
159 };
160 
161 /**
162  * @brief Declares hap policy params class
163  */
164 class HapPolicyParams final {
165 public:
166     /**
167      * apl level, for details about the valid values,
168      * see the definition of ATokenAplEnum in the access_token.h file.
169      */
170     ATokenAplEnum apl;
171     std::string domain;
172     std::vector<PermissionDef> permList;
173     std::vector<PermissionStateFull> permStateList;
174     std::vector<std::string> aclRequestedList;
175     std::vector<PreAuthorizationInfo> preAuthorizationInfo;
176     HapPolicyCheckIgnore checkIgnore = HapPolicyCheckIgnore::NONE;
177     std::map<std::string, std::string> aclExtendedMap;
178 };
179 
180 /**
181  * @brief Declares the result after failing to update or install hap
182  */
183 class PermissionInfoCheckResult final {
184 public:
185     std::string permissionName;
186     PermissionRulesEnum rule;
187 };
188 
189 class HapInfoCheckResult final {
190 public:
191     /**
192      * permission detail after failing to install or update hap
193      */
194     PermissionInfoCheckResult permCheckResult;
195 };
196 
197 /**
198  * @brief Declares hap policy params class
199  */
200 class HapPolicy final {
201 public:
202     /**
203      * apl level, for details about the valid values,
204      * see the definition of ATokenAplEnum in the access_token.h file.
205      */
206     ATokenAplEnum apl;
207     std::string domain;
208     std::vector<PermissionDef> permList;
209     std::vector<PermissionStatus> permStateList;
210     std::vector<std::string> aclRequestedList;
211     std::vector<PreAuthorizationInfo> preAuthorizationInfo;
212     HapPolicyCheckIgnore checkIgnore = HapPolicyCheckIgnore::NONE;
213     std::map<std::string, std::string> aclExtendedMap;
214 };
215 
216 /**
217  * @brief Declares hap Init info class
218  */
219 class HapInitInfo final {
220 public:
221     HapInfoParams installInfo;
222     UpdateHapInfoParams updateInfo;
223     HapPolicy policy;
224     std::string bundleName = "";
225     AccessTokenID tokenID = 0;
226     bool isUpdate = false;
227 };
228 
229 /**
230  * @brief Declares permission with value
231  */
232 class PermissionWithValue final {
233 public:
234     std::string permissionName;
235     std::string value;
236 };
237 } // namespace AccessToken
238 } // namespace Security
239 } // namespace OHOS
240 #endif // ACCESSTOKEN_HAP_TOKEN_INFO_H
241