1 /* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef DISTRIBUTED_SCHED_PERMISSION_H 17 #define DISTRIBUTED_SCHED_PERMISSION_H 18 19 #include <stdint.h> 20 #include <string> 21 22 #include "distributed_sched_interface.h" 23 #include "nlohmann/json.hpp" 24 #include "single_instance.h" 25 26 #include "app_mgr_interface.h" 27 #include "app_mgr_proxy.h" 28 #include "if_system_ability_manager.h" 29 #include "iservice_registry.h" 30 #include "system_ability.h" 31 #include "system_ability_definition.h" 32 33 namespace OHOS { 34 namespace DistributedSchedule { 35 namespace { 36 const std::string DMS_IS_CALLER_FOREGROUND = "dmsIsCallerForeGround"; 37 } 38 39 struct GroupInfo { 40 std::string groupName; 41 std::string groupId; 42 std::string groupOwner; 43 int32_t groupType; 44 int32_t groupVisibility; 45 GroupInfoGroupInfo46 GroupInfo() : groupName(""), groupId(""), groupOwner(""), groupType(0), groupVisibility(0) {} 47 }; 48 49 void from_json(const nlohmann::json& jsonObject, GroupInfo& groupInfo); 50 51 class DistributedSchedPermission { 52 DECLARE_SINGLE_INSTANCE(DistributedSchedPermission); 53 54 public: 55 using AccountInfo = IDistributedSched::AccountInfo; 56 57 int32_t CheckSendResultPermission(const AAFwk::Want& want, const CallerInfo& callerInfo, 58 const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility); 59 int32_t CheckStartPermission(const AAFwk::Want& want, const CallerInfo& callerInfo, 60 const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility, bool isSameBundle = true); 61 int32_t CheckCollabStartPermission(const AAFwk::Want& want, const CallerInfo& callerInfo, 62 const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility); 63 int32_t CheckGetCallerPermission(const AAFwk::Want& want, const CallerInfo& callerInfo, 64 const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility); 65 bool IsFoundationCall() const; 66 bool IsSceneBoardCall() const; 67 int32_t CheckPermission(uint32_t accessToken, const std::string& permissionName) const; 68 int32_t CheckPermissionAll(uint32_t accessToken, const std::string& permissionName) const; 69 int32_t GetAccountInfo(const std::string& remoteNetworkId, const CallerInfo& callerInfo, 70 AccountInfo& accountInfo); 71 bool GetTargetAbility(const AAFwk::Want& want, AppExecFwk::AbilityInfo& targetAbility, 72 bool needQueryExtension = false) const; 73 void MarkUriPermission(OHOS::AAFwk::Want& want, uint32_t accessToken); 74 void RemoveRemoteObjectFromWant(std::shared_ptr<AAFwk::Want> want) const; 75 bool IsHigherAclVersion(const CallerInfo& callerInfo); 76 bool CheckSrcBackgroundPermission(uint32_t accessTokenId); 77 bool IsAbilityForeground(uint32_t accessTokenId); 78 79 private: 80 bool GetOsAccountData(AccountInfo& dmsAccountInfo); 81 bool CheckSameAccount(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 82 const CallerInfo& callerInfo, bool isSrc); 83 bool CheckDstSameAccount(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 84 const CallerInfo& callerInfo, bool isSrc); 85 bool CheckLowVersionSameAccount(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 86 const CallerInfo& callerInfo, bool isSrc); 87 bool CheckAclList(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 88 const CallerInfo& callerInfo, bool isSrc, const std::string& targetBundleName = ""); 89 bool CheckNewAclList(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 90 const CallerInfo& callerInfo, bool isSrc, const std::string& targetBundleName = ""); 91 bool CheckLowVersionAclList(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo, 92 const CallerInfo& callerInfo, bool isSrc, const std::string& targetBundleName = ""); 93 bool GetRelatedGroups(const std::string& udid, const std::vector<std::string>& bundleNames, 94 AccountInfo& accountInfo); 95 bool ParseGroupInfos(const std::string& returnGroupStr, std::vector<GroupInfo>& groupInfos); 96 bool VerifyPermission(uint32_t accessToken, const std::string& permissionName) const; 97 bool CheckAccountAccessPermission(const CallerInfo& callerInfo, 98 const AccountInfo& accountInfo, const std::string& targetBundleName, bool isNewCollab = false); 99 bool CheckComponentAccessPermission(const AppExecFwk::AbilityInfo& targetAbility, 100 const CallerInfo& callerInfo, const AccountInfo& accountInfo, const AAFwk::Want& want) const; 101 bool CheckMigrateStartCtrlPer(const AppExecFwk::AbilityInfo& targetAbility, 102 const CallerInfo& callerInfo, const AAFwk::Want& want, bool isSameBundle = true); 103 bool CheckCollaborateStartCtrlPer(const AppExecFwk::AbilityInfo& targetAbility, 104 const CallerInfo& callerInfo, const AAFwk::Want& want) const; 105 bool CheckNewCollabStartControlPermission(const AppExecFwk::AbilityInfo& targetAbility, 106 const CallerInfo& callerInfo, const AAFwk::Want& want); 107 bool CheckStartControlPermission(const AppExecFwk::AbilityInfo& targetAbility, 108 const CallerInfo& callerInfo, const AAFwk::Want& want, bool isSameBundle = true); 109 bool CheckNewCollabBackgroundPermission(const CallerInfo& callerInfo, const AAFwk::Want& want); 110 bool CheckBackgroundPermission(const AppExecFwk::AbilityInfo& targetAbility, 111 const CallerInfo& callerInfo, const AAFwk::Want& want, bool needCheckApiVersion) const; 112 bool CheckMinApiVersion(const AppExecFwk::AbilityInfo& targetAbility, int32_t apiVersion) const; 113 bool CheckDeviceSecurityLevel(const std::string& srcDeviceId, const std::string& dstDeviceId) const; 114 int32_t GetDeviceSecurityLevel(const std::string& udid) const; 115 bool CheckTargetAbilityVisible(const AppExecFwk::AbilityInfo& targetAbility, const CallerInfo& callerInfo) const; 116 bool IsDistributedFile(const std::string& path) const; 117 sptr<AppExecFwk::IAppMgr> GetAppManager() const; 118 }; 119 } // namespace DistributedSchedule 120 } // namespace OHOS 121 #endif // DISTRIBUTED_SCHED_PERMISSION_H