1# \@ohos.dlpPermission (DLP) 2 3 4Data loss prevention (DLP) is a system solution provided by OpenHarmony to prevent data disclosure. The **dlpPermission** module provides APIs for cross-device file access management, encrypted storage, and access authorization. 5 6 7> **NOTE** 8> 9> The initial APIs of this module are supported since API version 10. Newly added APIs will be marked with a superscript to indicate their earliest API version. 10 11 12## Modules to Import 13 14``` 15import dlpPermission from '@ohos.dlpPermission'; 16``` 17 18 19 20## dlpPermission.isDLPFile 21 22isDLPFile(fd: number): Promise<boolean> 23 24Checks whether a file is a DLP file. This API uses a promise to return the result. 25 26**System capability**: SystemCapability.Security.DataLossPrevention 27 28**Parameters** 29| Name| Type| Mandatory| Description| 30| -------- | -------- | -------- | -------- | 31| fd | number | Yes| File descriptor (FD) of the file to check.| 32 33**Return value** 34| Type| Description| 35| -------- | -------- | 36| Promise<boolean> | Promise used to return the result. The value **true** means the file is a DLP file; the value **false** means the opposite.| 37 38**Error codes** 39 40For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 41 42| ID| Error Message| 43| -------- | -------- | 44| 401 | Parameter error. | 45| 19100001 | Invalid parameter value. | 46| 19100011 | System service exception. | 47 48**Example** 49``` 50import dlpPermission from '@ohos.dlpPermission'; 51import fs from '@ohos.file.fs'; 52import { BusinessError } from '@ohos.base'; 53 54async func(uri:string): Promise<void> { 55 let file = fs.openSync(uri); 56 try { 57 let res = await dlpPermission.isDLPFile(file.fd); // Check whether the file is a DLP file. 58 console.info('res', res); 59 } catch (err) { 60 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 61 } 62 fs.closeSync(file); 63} 64``` 65 66 67## dlpPermission.isDLPFile 68 69isDLPFile(fd: number, callback: AsyncCallback<boolean>): void 70 71Checks whether a file is a DLP file. This API uses an asynchronous callback to return the result. 72 73**System capability**: SystemCapability.Security.DataLossPrevention 74 75**Parameters** 76| Name| Type| Mandatory| Description| 77| -------- | -------- | -------- | -------- | 78| fd | number | Yes| FD of the file to check.| 79| callback | AsyncCallback<boolean> | Yes| Callback invoked to return the result.<br> The value **true** means the file is a DLP file; the value **false** means the opposite.| 80 81**Error codes** 82 83For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 84 85| ID| Error Message| 86| -------- | -------- | 87| 401 | Parameter error. | 88| 19100001 | Invalid parameter value. | 89| 19100011 | System service exception. | 90 91**Example** 92``` 93import dlpPermission from '@ohos.dlpPermission'; 94import fs from '@ohos.file.fs'; 95import { BusinessError } from '@ohos.base'; 96 97async func(uri:string): Promise<void> { 98 let file = fs.openSync(uri); 99 try { 100 dlpPermission.isDLPFile(file.fd, (err, res) => { 101 if (err != undefined) { 102 console.error('isDLPFile error,', err.code, err.message); 103 } else { 104 console.info('res', res); 105 } 106 fs.closeSync(file); 107 }); 108 } catch (err) { 109 console.error('isDLPFile error,', (err as BusinessError).code, (err as BusinessError).message); 110 fs.closeSync(file); 111 } 112} 113``` 114 115 116## dlpPermission.getDLPPermissionInfo 117 118getDLPPermissionInfo(): Promise<DLPPermissionInfo> 119 120Obtains the permission information of this DLP file. This API uses a promise to return the result. 121 122**System capability**: SystemCapability.Security.DataLossPrevention 123 124**Return value** 125 126| Type| Description| 127| -------- | -------- | 128| Promise<[DLPPermissionInfo](#dlppermissioninfo)> | Promise used to return the permission information about the DLP file. The operation is successful if no error is reported.| 129 130 131**Error codes** 132 133 134For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 135 136 137| ID| Error Message| 138| -------- | -------- | 139| 19100001 | Invalid parameter value. | 140| 19100006 | No permission to invoke this API, which is for DLP sandbox application. | 141| 19100011 | System service exception. | 142 143 144**Example** 145``` 146import dlpPermission from '@ohos.dlpPermission'; 147import { BusinessError } from '@ohos.base'; 148 149async func(): Promise<void> { 150 try { 151 let inSandbox = await dlpPermission.isInSandbox(); // Check whether the application is running in a sandbox. 152 if (inSandbox) { 153 let res: dlpPermission.DLPPermissionInfo = await dlpPermission.getDLPPermissionInfo(); // Obtain the permission information. 154 console.info('res', JSON.stringify(res)); 155 } 156 } catch (err) { 157 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 158 } 159} 160``` 161 162 163## dlpPermission.getDLPPermissionInfo 164 165getDLPPermissionInfo(callback: AsyncCallback<DLPPermissionInfo>): void; 166 167Obtains the permission information of this DLP file. This API uses an asynchronous callback to return the result. 168 169**System capability**: SystemCapability.Security.DataLossPrevention 170 171**Parameters** 172 173| Name| Type| Mandatory| Description| 174| -------- | -------- | -------- | -------- | 175| callback | AsyncCallback<[DLPPermissionInfo](#dlppermissioninfo)> | Yes| Callback invoked to return the permission information about the DLP file. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 176 177 178**Error codes** 179 180 181For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 182 183 184| ID| Error Message| 185| -------- | -------- | 186| 401 | Parameter error. | 187| 19100001 | Invalid parameter value. | 188| 19100006 | No permission to invoke this API, which is for DLP sandbox application. | 189| 19100011 | System service exception. | 190 191 192**Example** 193``` 194import dlpPermission from '@ohos.dlpPermission'; 195import fs from '@ohos.file.fs'; 196import { BusinessError } from '@ohos.base'; 197 198async func(): Promise<void> { 199 try { 200 let inSandbox = await dlpPermission.isInSandbox(); // Check whether the application is running in a sandbox. 201 if (inSandbox) { 202 dlpPermission.getDLPPermissionInfo((err, res) => { 203 if (err != undefined) { 204 console.error('getDLPPermissionInfo error,', err.code, err.message); 205 } else { 206 console.info('res', JSON.stringify(res)); 207 } 208 }); // Obtain the permission information. 209 } 210 } catch (err) { 211 console.error('getDLPPermissionInfo error,', (err as BusinessError).code, (err as BusinessError).message); 212 } 213} 214``` 215 216 217## dlpPermission.getOriginalFileName 218 219getOriginalFileName(fileName: string): string 220 221Obtains the original file name of a DLP file. This API returns the result synchronously. 222 223**System capability**: SystemCapability.Security.DataLossPrevention 224 225**Parameters** 226 227| Name| Type| Mandatory| Description| 228| -------- | -------- | -------- | -------- | 229| fileName | string | Yes| Name of the target file.| 230 231**Return value** 232 233| Type| Description| 234| -------- | -------- | 235| string | Original name of the DLP file obtained. For example, if the DLP file name is **test.txt.dlp**, the original file name returned is **test.txt**.| 236 237 238**Error codes** 239 240 241For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 242 243 244| ID| Error Message| 245| -------- | -------- | 246| 19100001 | Invalid parameter value. | 247| 19100011 | System service exception. | 248 249 250**Example** 251``` 252import dlpPermission from '@ohos.dlpPermission'; 253import { BusinessError } from '@ohos.base'; 254 255async func(): Promise<void> { 256 try { 257 let res = dlpPermission.getOriginalFileName('test.txt.dlp'); // Obtain the original file name. 258 console.info('res', res); 259 } catch (err) { 260 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 261 } 262} 263``` 264 265 266## dlpPermission.getDLPSuffix 267 268getDLPSuffix(): string 269 270Obtains the DLP file name extension. This API returns the result synchronously. 271 272**System capability**: SystemCapability.Security.DataLossPrevention 273 274**Return value** 275 276| Type| Description| 277| -------- | -------- | 278| string | DLP file name extension obtained. For example, if the original file is **text.txt** and the returned file name extension is .dlp, the DLP file name is **test.txt.dlp**.| 279 280 281**Error codes** 282 283 284For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 285 286 287| ID| Error Message| 288| -------- | -------- | 289| 19100011 | System service exception. | 290 291 292**Example** 293``` 294import dlpPermission from '@ohos.dlpPermission'; 295import { BusinessError } from '@ohos.base'; 296 297async func(): Promise<void> { 298 try { 299 let res = dlpPermission.getDLPSuffix(); // Obtain the DLP file name extension. 300 console.info('res', res); 301 } catch (err) { 302 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 303 } 304} 305``` 306 307 308## dlpPermission.on('openDLPFile') 309 310on(type: 'openDLPFile', listener: Callback<AccessedDLPFileInfo>): void 311 312Subscribes to a DLP file open event. The application will be notified when the DLP file is opened. 313 314**System capability**: SystemCapability.Security.DataLossPrevention 315 316**Parameters** 317| Name| Type| Mandatory| Description| 318| -------- | -------- | -------- | -------- | 319| type | 'openDLPFile' | Yes| Event type. The value is **'openDLPFile'**, which indicates a file open event.| 320| listener | Callback<AccessedDLPFileInfo> | Yes| Callback invoked when a DLP file is opened. A notification will be sent to the application.| 321 322**Error codes** 323 324For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 325 326| ID| Error Message| 327| -------- | -------- | 328| 401 | Parameter error. | 329| 19100001 | Invalid parameter value. | 330| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 331| 19100011 | System service exception. | 332 333**Example** 334``` 335import dlpPermission from '@ohos.dlpPermission'; 336import { BusinessError } from '@ohos.base'; 337 338event(info: dlpPermission.AccessedDLPFileInfo): void { 339 console.info('openDlpFile event', info.uri, info.lastOpenTime) 340} 341subscribe(): void { 342 try { 343 dlpPermission.on ('openDLPFile' , this.event); // Subscribe to a DLP file open event. 344 } catch (err) { 345 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 346 } 347} 348async func(): Promise<void> { 349 this.subscribe(); 350} 351``` 352 353 354## dlpPermission.off('openDLPFile') 355 356off(type: 'openDLPFile', listener?: Callback<AccessedDLPFileInfo>): void 357 358Unsubscribes from the DLP file open event. The application will not be notified when a DLP file is opened. 359 360**System capability**: SystemCapability.Security.DataLossPrevention 361 362**Parameters** 363| Name| Type| Mandatory| Description| 364| -------- | -------- | -------- | -------- | 365| type | 'openDLPFile' | Yes| Event type. The value is **'openDLPFile'**, which indicates a file open event.| 366| listener | Callback<AccessedDLPFileInfo> | No| Callback for the DLP file open event. The application will not be notified when a DLP file is opened. By default, this parameter is left blank, which unregisters all callbacks of the file open event.| 367 368**Error codes** 369 370For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 371 372| ID| Error Message| 373| -------- | -------- | 374| 401 | Parameter error. | 375| 19100001 | Invalid parameter value. | 376| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 377| 19100011 | System service exception. | 378 379**Example** 380``` 381import dlpPermission from '@ohos.dlpPermission'; 382import { BusinessError } from '@ohos.base'; 383 384event(info: dlpPermission.AccessedDLPFileInfo): void { 385 console.info('openDlpFile event', info.uri, info.lastOpenTime) 386} 387unSubscribe(): void { 388 try { 389 dlpPermission.off('openDLPFile', this.event); // Unsubscribe from the file open event. 390 } catch (err) { 391 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 392 } 393} 394subscribe(): void { 395 try { 396 dlpPermission.on ('openDLPFile' , this.event); // Subscribe to a DLP file open event. 397 } catch (err) { 398 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 399 } 400} 401async func(): Promise<void> { 402 this.subscribe(); 403 this.unSubscribe(); 404} 405``` 406 407 408## dlpPermission.isInSandbox 409 410isInSandbox(): Promise<boolean> 411 412Checks whether this application is running in a DLP sandbox environment. This API uses a promise to return the result. 413 414**System capability**: SystemCapability.Security.DataLossPrevention 415 416**Return value** 417 418| Type| Description| 419| -------- | -------- | 420| Promise<boolean> | Promise used to return the result.| 421 422 423**Error codes** 424 425 426For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 427 428 429| ID| Error Message| 430| -------- | -------- | 431| 19100001 | Invalid parameter value. | 432| 19100011 | System service exception. | 433 434 435**Example** 436``` 437import dlpPermission from '@ohos.dlpPermission'; 438import { BusinessError } from '@ohos.base'; 439 440async func(): Promise<void> { 441 try { 442 let inSandbox = await dlpPermission.isInSandbox(); // Check whether the application is running in a sandbox. 443 console.info('res', inSandbox); 444 } catch (err) { 445 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 446 } 447} 448``` 449 450 451## dlpPermission.isInSandbox 452 453isInSandbox(callback: AsyncCallback<boolean>): void 454 455Checks whether this application is running in a DLP sandbox environment. This API uses an asynchronous callback to return the result. 456 457**System capability**: SystemCapability.Security.DataLossPrevention 458 459**Parameters** 460 461| Name| Type| Mandatory| Description| 462| -------- | -------- | -------- | -------- | 463| callback | AsyncCallback<boolean> | Yes| Callback invoked to return the result. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 464 465 466**Error codes** 467 468 469For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 470 471 472| ID| Error Message| 473| -------- | -------- | 474| 401 | Parameter error. | 475| 19100001 | Invalid parameter value. | 476| 19100011 | System service exception. | 477 478 479**Example** 480``` 481import dlpPermission from '@ohos.dlpPermission'; 482import { BusinessError } from '@ohos.base'; 483 484async func(): Promise<void> { 485 try { 486 dlpPermission.isInSandbox((err, data) => { 487 if (err) { 488 console.error('isInSandbox error,', err.code, err.message); 489 } else { 490 console.info('isInSandbox, data'); 491 } 492 }); // Whether the application is running in the sandbox. 493 } catch (err) { 494 console.error('isInSandbox error,', (err as BusinessError).code, (err as BusinessError).message); 495 } 496} 497``` 498 499 500## dlpPermission.getDLPSupportedFileTypes 501 502getDLPSupportedFileTypes(): Promise<Array<string>> 503 504Obtains the file name extension types that support DLP. This API uses a promise to return the result. 505 506**System capability**: SystemCapability.Security.DataLossPrevention 507 508**Return value** 509 510| Type| Description| 511| -------- | -------- | 512| Promise<Array<string>> | Promise used to return the file name extension types obtained.| 513 514 515**Error codes** 516 517 518For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 519 520 521| ID| Error Message| 522| -------- | -------- | 523| 19100001 | Invalid parameter value. | 524| 19100011 | System service exception. | 525 526 527**Example** 528``` 529import dlpPermission from '@ohos.dlpPermission'; 530import { BusinessError } from '@ohos.base'; 531 532async func(): Promise<void> { 533 try { 534 let res = await dlpPermission.getDLPSupportedFileTypes(); // Obtain the file types that support DLP. 535 console.info('res', JSON.stringify(res)); 536 } catch (err) { 537 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 538 } 539} 540``` 541 542 543## dlpPermission.getDLPSupportedFileTypes 544 545getDLPSupportedFileTypes(callback: AsyncCallback<Array<string>>): void 546 547Obtains the file name extension types that support DLP. This API uses an asynchronous callback to return the result. 548 549**System capability**: SystemCapability.Security.DataLossPrevention 550 551**Parameters** 552 553| Name| Type| Mandatory| Description| 554| -------- | -------- | -------- | -------- | 555| callback | AsyncCallback<Array<string>> | Yes| Callback invoked to return the file name extension types obtained. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 556 557 558**Error codes** 559 560 561For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 562 563 564| ID| Error Message| 565| -------- | -------- | 566| 401 | Parameter error. | 567| 19100001 | Invalid parameter value. | 568| 19100011 | System service exception. | 569 570 571**Example** 572``` 573import dlpPermission from '@ohos.dlpPermission'; 574import { BusinessError } from '@ohos.base'; 575 576async func(): Promise<void> { 577 try { 578 dlpPermission.getDLPSupportedFileTypes((err, res) => { 579 if (err != undefined) { 580 console.error('getDLPSupportedFileTypes error,', err.code, err.message); 581 } else { 582 console.info('res', JSON.stringify(res)); 583 } 584 }); // Obtain the file types that support DLP. 585 } catch (err) { 586 console.error('getDLPSupportedFileTypes error,', (err as BusinessError).code, (err as BusinessError).message); 587 } 588} 589``` 590 591 592 593## dlpPermission.setRetentionState 594 595setRetentionState(docUris: Array<string>): Promise<void> 596 597Sets the retention state for sandbox applications. The sandbox application in the retention state will not be automatically uninstalled when the DLP file is closed. This API uses a promise to return the result. 598 599**System capability**: SystemCapability.Security.DataLossPrevention 600 601**Parameters** 602 603| Name| Type| Mandatory| Description| 604| -------- | -------- | -------- | -------- | 605| docUris | Array<string> | Yes| URIs of the files to be set with the retention state.| 606 607**Return value** 608 609| Type| Description| 610| -------- | -------- | 611| Promise<void> | Promise that returns no value.| 612 613 614**Error codes** 615 616 617For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 618 619 620| ID| Error Message| 621| -------- | -------- | 622| 401 | Parameter error. | 623| 19100001 | Invalid parameter value. | 624| 19100006 | No permission to invoke this API, which is for DLP sandbox application. | 625| 19100011 | System service exception. | 626 627 628**Example** 629``` 630import dlpPermission from '@ohos.dlpPermission'; 631import { BusinessError } from '@ohos.base'; 632 633async func(uri:string): Promise<void> { 634 try { 635 let inSandbox = await dlpPermission.isInSandbox(); // Check whether the application is running in a sandbox. 636 if (inSandbox) { 637 await dlpPermission.setRetentionState([uri]); // Set the sandbox retention state. 638 } 639 } catch (err) { 640 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 641 } 642} 643``` 644 645 646## dlpPermission.setRetentionState 647 648setRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void 649 650Sets the retention state for sandbox applications. The sandbox application in the retention state will not be automatically uninstalled when the DLP file is closed. This API uses an asynchronous callback to return the result. 651 652**System capability**: SystemCapability.Security.DataLossPrevention 653 654**Parameters** 655 656| Name| Type| Mandatory| Description| 657| -------- | -------- | -------- | -------- | 658| docUris | Array<string> | Yes| URIs of the files to be set with the retention state.| 659| callback | AsyncCallback<void> | Yes| Callback invoked to return the result. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 660 661 662**Error codes** 663 664 665For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 666 667 668| ID| Error Message| 669| -------- | -------- | 670| 401 | Parameter error. | 671| 19100001 | Invalid parameter value. | 672| 19100006 | No permission to invoke this API, which is for DLP sandbox application. | 673| 19100011 | System service exception. | 674 675 676**Example** 677``` 678import dlpPermission from '@ohos.dlpPermission'; 679import { BusinessError } from '@ohos.base'; 680 681async func(uri:string): Promise<void> { 682 try { 683 dlpPermission.setRetentionState([uri], (err, res) => { 684 if (err != undefined) { 685 console.error('setRetentionState error,', err.code, err.message); 686 } else { 687 console.info('setRetentionState success'); 688 } 689 }); // Set the sandbox retention state. 690 } catch (err) { 691 console.error('setRetentionState error,', (err as BusinessError).code, (err as BusinessError).message); 692 } 693} 694``` 695 696 697 698## dlpPermission.cancelRetentionState 699 700cancelRetentionState(docUris: Array<string>): Promise<void> 701 702Cancels the retention state for sandbox applications. This API uses a promise to return the result. 703 704**System capability**: SystemCapability.Security.DataLossPrevention 705**Parameters** 706 707| Name| Type| Mandatory| Description| 708| -------- | -------- | -------- | -------- | 709| docUris | Array<string> | Yes| URIs of the files whose retention state is to be canceled.| 710 711**Return value** 712 713| Type| Description| 714| -------- | -------- | 715| Promise<void> | Promise that returns no value.| 716 717 718**Error codes** 719 720 721For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 722 723 724| ID| Error Message| 725| -------- | -------- | 726| 401 | Parameter error. | 727| 19100001 | Invalid parameter value. | 728| 19100011 | System service exception. | 729 730 731**Example** 732``` 733import dlpPermission from '@ohos.dlpPermission'; 734import { BusinessError } from '@ohos.base'; 735 736async func(uri:string): Promise<void> { 737 try { 738 await dlpPermission.cancelRetentionState([uri]); // Cancel the sandbox retention state. 739 } catch (err) { 740 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 741 } 742} 743``` 744 745 746## dlpPermission.cancelRetentionState 747 748cancelRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void 749 750Cancels the retention state for sandbox applications. This API uses an asynchronous callback to return the result. 751 752**System capability**: SystemCapability.Security.DataLossPrevention 753 754**Parameters** 755 756| Name| Type| Mandatory| Description| 757| -------- | -------- | -------- | -------- | 758| docUris | Array<string> | Yes| URIs of the files whose retention state is to be canceled.| 759| callback | AsyncCallback<void> | Yes| Callback invoked to return the result. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 760 761 762**Error codes** 763 764 765For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 766 767 768| ID| Error Message| 769| -------- | -------- | 770| 401 | Parameter error. | 771| 19100001 | Invalid parameter value. | 772| 19100011 | System service exception. | 773 774 775**Example** 776``` 777import dlpPermission from '@ohos.dlpPermission'; 778import { BusinessError } from '@ohos.base'; 779 780async func(uri:string): Promise<void> { 781 try { 782 dlpPermission.cancelRetentionState([uri], (err, res) => { 783 if (err != undefined) { 784 console.error('cancelRetentionState error,', err.code, err.message); 785 } else { 786 console.info('cancelRetentionState success'); 787 } 788 }); // Cancel the sandbox retention state. 789 } catch (err) { 790 console.error('cancelRetentionState error,', (err as BusinessError).code, (err as BusinessError).message); 791 } 792} 793``` 794 795 796 797## dlpPermission.getRetentionSandboxList 798 799getRetentionSandboxList(bundleName?: string): Promise<Array<RetentionSandboxInfo>> 800 801Obtains the sandbox applications in the retention state of an application. This API uses a promise to return the result. 802 803**System capability**: SystemCapability.Security.DataLossPrevention 804 805**Parameters** 806 807| Name| Type| Mandatory| Description| 808| -------- | -------- | -------- | -------- | 809| bundleName | string | No| Bundle name of the application. By default, this parameter is left empty, which obtains the sandbox retention information about the current application.| 810 811**Return value** 812 813| Type| Description| 814| -------- | -------- | 815| Promise<RetentionSandboxInfo> | Promise used to return the sandbox retention information obtained.| 816 817 818**Error codes** 819 820 821For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 822 823 824| ID| Error Message| 825| -------- | -------- | 826| 401 | Parameter error. | 827| 19100001 | Invalid parameter value. | 828| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 829| 19100011 | System service exception. | 830 831 832**Example** 833``` 834import dlpPermission from '@ohos.dlpPermission'; 835import { BusinessError } from '@ohos.base'; 836 837async func(): Promise<void> { 838 try { 839 let res:Array<dlpPermission.RetentionSandboxInfo> = await dlpPermission.getRetentionSandboxList(); // Obtain the sandbox retention information. 840 console.info('res', JSON.stringify(res)) 841 } catch (err) { 842 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 843 } 844} 845``` 846 847 848## dlpPermission.getRetentionSandboxList 849 850getRetentionSandboxList(bundleName: string, callback: AsyncCallback<Array<RetentionSandboxInfo>>): void 851 852Obtains the sandbox applications in the retention state of an application. This API uses an asynchronous callback to return the result. 853 854**System capability**: SystemCapability.Security.DataLossPrevention 855 856**Parameters** 857 858| Name| Type| Mandatory| Description| 859| -------- | -------- | -------- | -------- | 860| bundleName | string | Yes| Bundle name of the application.| 861| callback | AsyncCallback<RetentionSandboxInfo> | Yes| Callback invoked to return the sandbox retention information obtained. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 862 863 864**Error codes** 865 866 867For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 868 869 870| ID| Error Message| 871| -------- | -------- | 872| 401 | Parameter error. | 873| 19100001 | Invalid parameter value. | 874| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 875| 19100011 | System service exception. | 876 877 878**Example** 879``` 880import dlpPermission from '@ohos.dlpPermission'; 881import { BusinessError } from '@ohos.base'; 882 883async func(bundleName:string): Promise<void> { 884 try { 885 dlpPermission.getRetentionSandboxList(bundleName, (err, res) => { 886 if (err != undefined) { 887 console.error('getRetentionSandboxList error,', err.code, err.message); 888 } else { 889 console.info('res', JSON.stringify(res)); 890 } 891 }); // Obtain the sandbox retention information. 892 } catch (err) { 893 console.error('getRetentionSandboxList error,', (err as BusinessError).code, (err as BusinessError).message); 894 } 895} 896``` 897 898 899## dlpPermission.getRetentionSandboxList 900 901getRetentionSandboxList(callback: AsyncCallback<Array<RetentionSandboxInfo>>): void 902 903Obtains the sandbox applications in the retention state of this application. This API uses an asynchronous callback to return the result. 904 905**System capability**: SystemCapability.Security.DataLossPrevention 906 907**Parameters** 908 909| Name| Type| Mandatory| Description| 910| -------- | -------- | -------- | -------- | 911| callback | AsyncCallback<RetentionSandboxInfo> | Yes| Callback invoked to return the sandbox retention information obtained. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 912 913 914**Error codes** 915 916 917For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 918 919 920| ID| Error Message| 921| -------- | -------- | 922| 401 | Parameter error. | 923| 19100001 | Invalid parameter value. | 924| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 925| 19100011 | System service exception. | 926 927 928**Example** 929``` 930import dlpPermission from '@ohos.dlpPermission'; 931import { BusinessError } from '@ohos.base'; 932 933async func(): Promise<void> { 934 try { 935 dlpPermission.getRetentionSandboxList((err, res) => { 936 if (err != undefined) { 937 console.error('getRetentionSandboxList error,', err.code, err.message); 938 } else { 939 console.info('res', JSON.stringify(res)); 940 } 941 }); // Obtain the sandbox retention information. 942 } catch (err) { 943 console.error('getRetentionSandboxList error,', (err as BusinessError).code, (err as BusinessError).message); 944 } 945} 946``` 947 948 949 950## dlpPermission.getDLPFileAccessRecords 951 952getDLPFileAccessRecords(): Promise<Array<AccessedDLPFileInfo>> 953 954Obtains the list of DLP files that are accessed recently. This API uses a promise to return the result. 955 956**System capability**: SystemCapability.Security.DataLossPrevention 957 958**Return value** 959 960| Type| Description| 961| -------- | -------- | 962| Promise<AccessedDLPFileInfo> | Promise used to return the list of recently accessed files obtained.| 963 964 965**Error codes** 966 967 968For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 969 970 971| ID| Error Message| 972| -------- | -------- | 973| 19100001 | Invalid parameter value. | 974| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 975| 19100011 | System service exception. | 976 977 978**Example** 979``` 980import dlpPermission from '@ohos.dlpPermission'; 981import { BusinessError } from '@ohos.base'; 982 983async func(): Promise<void> { 984 try { 985 let res:Array<dlpPermission.AccessedDLPFileInfo> = await dlpPermission.getDLPFileAccessRecords(); // Obtain the list of recently accessed DLP files. 986 console.info('res', JSON.stringify(res)) 987 } catch (err) { 988 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 989 } 990} 991``` 992 993 994 995## dlpPermission.getDLPFileAccessRecords 996 997getDLPFileAccessRecords(callback: AsyncCallback<Array<AccessedDLPFileInfo>>): void 998 999Obtains the list of DLP files that are accessed recently. This API uses an asynchronous callback to return the result. 1000 1001**System capability**: SystemCapability.Security.DataLossPrevention 1002 1003**Parameters** 1004 1005| Name| Type| Mandatory| Description| 1006| -------- | -------- | -------- | -------- | 1007| callback | AsyncCallback<AccessedDLPFileInfo> | Yes| Callback invoked to return the list of recently accessed DLP files. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 1008 1009 1010**Error codes** 1011 1012 1013For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1014 1015 1016| ID| Error Message| 1017| -------- | -------- | 1018| 401 | Parameter error. | 1019| 19100001 | Invalid parameter value. | 1020| 19100007 | No permission to invoke this API, which is not for DLP sandbox application. | 1021| 19100011 | System service exception. | 1022 1023 1024**Example** 1025``` 1026import dlpPermission from '@ohos.dlpPermission'; 1027import { BusinessError } from '@ohos.base'; 1028 1029async func(): Promise<void> { 1030 try { 1031 dlpPermission.getDLPFileAccessRecords((err, res) => { 1032 if (err != undefined) { 1033 console.error('getDLPFileAccessRecords error,', err.code, err.message); 1034 } else { 1035 console.info('res', JSON.stringify(res)); 1036 } 1037 }); // Obtain the list of recently accessed DLP files. 1038 } catch (err) { 1039 console.error('getDLPFileAccessRecords error,', (err as BusinessError).code, (err as BusinessError).message); 1040 } 1041} 1042``` 1043 1044 1045 1046## dlpPermission.getDLPGatheringPolicy 1047 1048getDLPGatheringPolicy(): Promise<GatheringPolicyType> 1049 1050Obtains the DLP sandbox gathering policy. This API uses a promise to return the result. 1051 1052**System API**: This is a system API. 1053 1054**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1055 1056**System capability**: SystemCapability.Security.DataLossPrevention 1057 1058**Return value** 1059 1060| Type| Description| 1061| -------- | -------- | 1062| Promise<GatheringPolicyType> | Promise used to return the DLP sandbox aggregation policy obtained.| 1063 1064 1065**Error codes** 1066 1067 1068For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1069 1070 1071| ID| Error Message| 1072| -------- | -------- | 1073| 201 | Permission denied. | 1074| 202 | Non-system applications use system APIs. | 1075| 19100001 | Invalid parameter value. | 1076| 19100011 | System service exception. | 1077 1078 1079**Example** 1080``` 1081import dlpPermission from '@ohos.dlpPermission'; 1082import { BusinessError } from '@ohos.base'; 1083 1084async func(): Promise<void> { 1085 try { 1086 let res: dlpPermission.GatheringPolicyType = await dlpPermission.getDLPGatheringPolicy(); // Obtain the sandbox gathering policy. 1087 console.info('res', JSON.stringify(res)); 1088 } catch (err) { 1089 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1090 } 1091} 1092``` 1093 1094 1095## dlpPermission.getDLPGatheringPolicy 1096 1097getDLPGatheringPolicy(callback: AsyncCallback<GatheringPolicyType>): void 1098 1099Obtains the DLP sandbox gathering policy. This API uses an asynchronous callback to return the result. 1100 1101**System API**: This is a system API. 1102 1103**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1104 1105**System capability**: SystemCapability.Security.DataLossPrevention 1106 1107**Parameters** 1108 1109| Name| Type| Mandatory| Description| 1110| -------- | -------- | -------- | -------- | 1111| callback | AsyncCallback<GatheringPolicyType> | Yes| Callback invoked to return the DLP sandbox gathering policy obtained. If the operation is successful, **err** is **undefined**. Otherwise, **err** is an error object.| 1112 1113 1114**Error codes** 1115 1116 1117For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1118 1119 1120| ID| Error Message| 1121| -------- | -------- | 1122| 201 | Permission denied. | 1123| 202 | Non-system applications use system APIs. | 1124| 401 | Parameter error. | 1125| 19100001 | Invalid parameter value. | 1126| 19100011 | System service exception. | 1127 1128 1129**Example** 1130``` 1131import dlpPermission from '@ohos.dlpPermission'; 1132import { BusinessError } from '@ohos.base'; 1133 1134async func(): Promise<void> { 1135 try { 1136 dlpPermission.getDLPGatheringPolicy((err, res) => { 1137 if (err != undefined) { 1138 console.error('getDLPGatheringPolicy error,', err.code, err.message); 1139 } else { 1140 console.info('res', JSON.stringify(res)); 1141 } 1142 }); // Obtain the sandbox gathering policy. 1143 } catch (err) { 1144 console.error('getDLPGatheringPolicy error,', (err as BusinessError).code, (err as BusinessError).message); 1145 } 1146} 1147``` 1148 1149 1150## dlpPermission.installDLPSandbox 1151 1152installDLPSandbox(bundleName: string, access: DLPFileAccess, userId: number, uri: string): Promise<DLPSandboxInfo> 1153 1154Installs a DLP sandbox application for an application. This API uses a promise to return the application sandbox installed. 1155 1156**System API**: This is a system API. 1157 1158**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1159 1160**System capability**: SystemCapability.Security.DataLossPrevention 1161 1162**Parameters** 1163| Name| Type| Mandatory| Description| 1164| -------- | -------- | -------- | -------- | 1165| bundleName | string | Yes| Bundle name of the application.| 1166| access | [DLPFileAccess](#dlpfileaccess) | Yes| Permission on the DLP file.| 1167| userId | number | Yes| Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is **100**.| 1168| uri | string | Yes| URI of the DLP file.| 1169 1170**Return value** 1171| Type| Description| 1172| -------- | -------- | 1173| Promise<[DLPSandboxInfo](#dlpsandboxinfo)> | Promise used to return the information about the sandbox application installed.| 1174 1175**Error codes** 1176 1177For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1178 1179| ID| Error Message| 1180| -------- | -------- | 1181| 201 | Permission denied. | 1182| 202 | Non-system applications use system APIs. | 1183| 401 | Parameter error. | 1184| 19100001 | Invalid parameter value. | 1185| 19100011 | System service exception. | 1186 1187**Example** 1188``` 1189import dlpPermission from '@ohos.dlpPermission'; 1190import { BusinessError } from '@ohos.base'; 1191 1192async func(uri:string): Promise<void> { 1193 try { 1194 let res: dlpPermission.DLPSandboxInfo = await dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri); // Install a DLP sandbox application. 1195 console.info('res', JSON.stringify(res)); 1196 } catch (err) { 1197 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1198 } 1199} 1200``` 1201 1202 1203## dlpPermission.installDLPSandbox 1204 1205installDLPSandbox(bundleName: string, access: DLPFileAccess, userId: number, uri:string, callback: AsyncCallback<DLPSandboxInfo>): void 1206 1207Installs a DLP sandbox application for an application. This API uses an asynchronous callback to return the index of the sandbox installed. 1208 1209**System API**: This is a system API. 1210 1211**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1212 1213**System capability**: SystemCapability.Security.DataLossPrevention 1214 1215**Parameters** 1216| Name| Type| Mandatory| Description| 1217| -------- | -------- | -------- | -------- | 1218| bundleName | string | Yes| Bundle name of the application.| 1219| access | [DLPFileAccess](#dlpfileaccess) | Yes| Permission on the DLP file.| 1220| userId | number | Yes| Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is **100**.| 1221| uri | string | Yes| URI of the DLP file.| 1222| callback | AsyncCallback<[DLPSandboxInfo](#dlpsandboxinfo)> | Yes| Callback invoked to return the information about the sandbox application installed.| 1223 1224**Error codes** 1225 1226For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1227 1228| ID| Error Message| 1229| -------- | -------- | 1230| 201 | Permission denied. | 1231| 202 | Non-system applications use system APIs. | 1232| 401 | Parameter error. | 1233| 19100001 | Invalid parameter value. | 1234| 19100011 | System service exception. | 1235 1236**Example** 1237``` 1238import dlpPermission from '@ohos.dlpPermission'; 1239import { BusinessError } from '@ohos.base'; 1240 1241async func(uri:string): Promise<void> { 1242 try { 1243 dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri, (err, res) => { 1244 if (err != undefined) { 1245 console.error('installDLPSandbox error,', err.code, err.message); 1246 } else { 1247 console.info('res', JSON.stringify(res)); 1248 } 1249 }); // Install a DLP sandbox application. 1250 } catch (err) { 1251 console.error('installDLPSandbox error,', (err as BusinessError).code, (err as BusinessError).message); 1252 } 1253} 1254``` 1255 1256 1257## dlpPermission.uninstallDLPSandbox 1258 1259uninstallDLPSandbox(bundleName: string, userId: number, appIndex: number): Promise<void> 1260 1261Uninstalls a DLP sandbox application for an application. This API uses a promise to return the result. 1262 1263**System API**: This is a system API. 1264 1265**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1266 1267**System capability**: SystemCapability.Security.DataLossPrevention 1268 1269**Parameters** 1270| Name| Type| Mandatory| Description| 1271| -------- | -------- | -------- | -------- | 1272| bundleName | string | Yes| Bundle name of the application.| 1273| userId | number | Yes| Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is **100**.| 1274| appIndex | number | Yes| DLP sandbox index.| 1275 1276**Return value** 1277| Type| Description| 1278| -------- | -------- | 1279| Promise<void> | Promise that returns no value.| 1280 1281**Error codes** 1282 1283For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1284 1285| ID| Error Message| 1286| -------- | -------- | 1287| 201 | Permission denied. | 1288| 202 | Non-system applications use system APIs. | 1289| 401 | Parameter error. | 1290| 19100001 | Invalid parameter value. | 1291| 19100011 | System service exception. | 1292 1293**Example** 1294``` 1295import dlpPermission from '@ohos.dlpPermission'; 1296import { BusinessError } from '@ohos.base'; 1297 1298async func(uri:string): Promise<void> { 1299 try { 1300 let res: dlpPermission.DLPSandboxInfo = await dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri); // Install a DLP sandbox application. 1301 console.info('res', JSON.stringify(res)); 1302 await dlpPermission.uninstallDLPSandbox('com.ohos.note', 100, res.appIndex); // UnInstall a DLP sandbox application. 1303 } catch (err) { 1304 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1305 } 1306} 1307``` 1308 1309 1310## dlpPermission.uninstallDLPSandbox 1311 1312uninstallDLPSandbox(bundleName: string, userId: number, appIndex: number, callback: AsyncCallback<void>): void 1313 1314Uninstalls a DLP sandbox application for an application. This API uses an asynchronous callback to return the result. 1315 1316**System API**: This is a system API. 1317 1318**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1319 1320**System capability**: SystemCapability.Security.DataLossPrevention 1321 1322**Parameters** 1323| Name| Type| Mandatory| Description| 1324| -------- | -------- | -------- | -------- | 1325| bundleName | string | Yes| Bundle name of the application.| 1326| userId | number | Yes| Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is **100**.| 1327| appIndex | number | Yes| DLP sandbox index, which is the value returned after **installDLPSandbox** is successfully called.| 1328| callback | AsyncCallback<void> | Yes| Callback invoked to return the uninstallation result.| 1329 1330**Error codes** 1331 1332For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1333 1334| ID| Error Message| 1335| -------- | -------- | 1336| 201 | Permission denied. | 1337| 202 | Non-system applications use system APIs. | 1338| 401 | Parameter error. | 1339| 19100001 | Invalid parameter value. | 1340| 19100011 | System service exception. | 1341 1342**Example** 1343``` 1344import dlpPermission from '@ohos.dlpPermission'; 1345import { BusinessError } from '@ohos.base'; 1346 1347async func(uri:string): Promise<void> { 1348 try { 1349 let res: dlpPermission.DLPSandboxInfo = await dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri); // Install a DLP sandbox application. 1350 console.info('res', JSON.stringify(res)); 1351 dlpPermission.uninstallDLPSandbox('com.ohos.note', 100, res.appIndex, (err, res) => { 1352 if (err != undefined) { 1353 console.error('uninstallDLPSandbox error,', err.code, err.message); 1354 } else { 1355 console.info('res', JSON.stringify(res)); 1356 } 1357 }); 1358 } catch (err) { 1359 console.error('uninstallDLPSandbox error,', (err as BusinessError).code, (err as BusinessError).message); 1360 } 1361} 1362``` 1363 1364 1365 1366## dlpPermission.on('uninstallDLPSandbox') 1367 1368on(type: 'uninstallDLPSandbox', listener: Callback<DLPSandboxState>): void 1369 1370Subscribes to a DLP sandbox uninstall event. 1371 1372**System API**: This is a system API. 1373 1374**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1375 1376**System capability**: SystemCapability.Security.DataLossPrevention 1377 1378**Parameters** 1379| Name| Type| Mandatory| Description| 1380| -------- | -------- | -------- | -------- | 1381| type | 'uninstallDLPSandbox' | Yes| Event type.| 1382| listener | Callback<DLPSandboxState> | Yes| Callback invoked when a sandbox application is uninstalled.| 1383 1384**Error codes** 1385 1386For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1387 1388| ID| Error Message| 1389| -------- | -------- | 1390| 201 | Permission denied. | 1391| 202 | Non-system applications use system APIs. | 1392| 401 | Parameter error. | 1393| 19100001 | Invalid parameter value. | 1394| 19100011 | System service exception. | 1395 1396**Example** 1397``` 1398import dlpPermission from '@ohos.dlpPermission'; 1399import { BusinessError } from '@ohos.base'; 1400 1401event(info: dlpPermission.DLPSandboxState): void { 1402 console.info('uninstallDLPSandbox event', info.appIndex, info.bundleName) 1403} 1404subscribe(): void { 1405 try { 1406 dlpPermission.on ('uninstallDLPSandbox' , this.event); // Subscribe to a DLP sandbox uninstall event. 1407 } catch (err) { 1408 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1409 } 1410} 1411async func(): Promise<void> { 1412 this.subscribe(); 1413} 1414``` 1415 1416 1417 1418## dlpPermission.off('uninstallDLPSandbox') 1419 1420off(type: 'uninstallDLPSandbox', listener?: Callback<DLPSandboxState>): void 1421 1422Unsubscribes from the DLP sandbox uninstall event. 1423 1424**System API**: This is a system API. 1425 1426**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1427 1428**System capability**: SystemCapability.Security.DataLossPrevention 1429 1430**Parameters** 1431| Name| Type| Mandatory| Description| 1432| -------- | -------- | -------- | -------- | 1433| type | 'uninstallDLPSandbox' | Yes| Event type.| 1434| listener | Callback<DLPSandboxState> | No| Callback for the sandbox uninstall event. By default, this parameter is left blank, which unregisters all callbacks of the sandbox uninstall event.| 1435 1436**Error codes** 1437 1438For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1439 1440| ID| Error Message| 1441| -------- | -------- | 1442| 201 | Permission denied. | 1443| 202 | Non-system applications use system APIs. | 1444| 401 | Parameter error. | 1445| 19100001 | Invalid parameter value. | 1446| 19100011 | System service exception. | 1447 1448**Example** 1449``` 1450import dlpPermission from '@ohos.dlpPermission'; 1451import { BusinessError } from '@ohos.base'; 1452 1453event(info: dlpPermission.DLPSandboxState): void { 1454 console.info('uninstallDLPSandbox event', info.appIndex, info.bundleName) 1455} 1456subscribe(): void { 1457 try { 1458 dlpPermission.on ('uninstallDLPSandbox' , this.event); // Subscribe to a DLP sandbox uninstall event. 1459 } catch (err) { 1460 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1461 } 1462} 1463unSubscribe(): void { 1464 try { 1465 dlpPermission.off('uninstallDLPSandbox', this.event); // Unsubscribe from the DLP sandbox uninstall event. 1466 } catch (err) { 1467 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1468 } 1469} 1470async func(): Promise<void> { 1471 this.subscribe(); 1472 this.unSubscribe(); 1473} 1474``` 1475 1476 1477## DLPFile 1478 1479Provides APIs for managing the **DLPFile** instance, which indicates a DLP file object. You can use **generateDLPFile** or **openDLPFile** to obtain a **DLPFile** instance. 1480 1481**System API**: This is a system API. 1482 1483**System capability**: SystemCapability.Security.DataLossPrevention 1484 1485**Attributes** 1486 1487| Name| Type| Read Only| Mandatory| Description| 1488| -------- | -------- | -------- | -------- | -------- | 1489| dlpProperty | [DLPProperty](#dlpproperty) | No| Yes| Authorized user information.| 1490 1491 1492### addDLPLinkFile 1493 1494addDLPLinkFile(linkFileName: string): Promise<void> 1495 1496Adds a link file to the Filesystem in Userspace (FUSE). The link file is a virtual file mapped to the ciphertext in the FUSE. The read and write operations on the link file will be synchronized to the DLP file. This API uses a promise to return the result. 1497 1498**System API**: This is a system API. 1499 1500**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1501 1502**System capability**: SystemCapability.Security.DataLossPrevention 1503 1504**Parameters** 1505| Name| Type| Mandatory| Description| 1506| -------- | -------- | -------- | -------- | 1507| linkFileName | string | Yes| Name of the link file to add.| 1508 1509**Return value** 1510| Type| Description| 1511| -------- | -------- | 1512| Promise<void> | Promise that returns no value.| 1513 1514**Error codes** 1515 1516For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1517 1518| ID| Error Message| 1519| -------- | -------- | 1520| 201 | Permission denied. | 1521| 202 | Non-system applications use system APIs. | 1522| 401 | Parameter error. | 1523| 19100001 | Invalid parameter value. | 1524| 19100009 | Failed to operate the DLP file. | 1525| 19100011 | System service exception. | 1526 1527**Example** 1528``` 1529import dlpPermission from '@ohos.dlpPermission'; 1530import fs from '@ohos.file.fs'; 1531import { BusinessError } from '@ohos.base'; 1532 1533async func(uri:string): Promise<void> { 1534 let file = fs.openSync(uri); 1535 try { 1536 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1537 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1538 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1539 } catch(err) { 1540 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1541 } 1542 fs.closeSync(file); 1543} 1544``` 1545 1546 1547### addDLPLinkFile 1548 1549addDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void 1550 1551Adds a link file to the FUSE. This API uses an asynchronous callback to return the result. 1552 1553**System API**: This is a system API. 1554 1555**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1556 1557**System capability**: SystemCapability.Security.DataLossPrevention 1558 1559**Parameters** 1560| Name| Type| Mandatory| Description| 1561| -------- | -------- | -------- | -------- | 1562| linkFileName | string | Yes| Name of the link file to add.| 1563| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 1564 1565**Error codes** 1566 1567For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1568 1569| ID| Error Message| 1570| -------- | -------- | 1571| 201 | Permission denied. | 1572| 202 | Non-system applications use system APIs. | 1573| 401 | Parameter error. | 1574| 19100001 | Invalid parameter value. | 1575| 19100009 | Failed to operate the DLP file. | 1576| 19100011 | System service exception. | 1577 1578**Example** 1579``` 1580import dlpPermission from '@ohos.dlpPermission'; 1581import fs from '@ohos.file.fs'; 1582import { BusinessError } from '@ohos.base'; 1583 1584async func(uri:string): Promise<void> { 1585 let file = fs.openSync(uri); 1586 try { 1587 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1588 dlpFile.addDLPLinkFile('test.txt.dlp.link', async (err, res) => { 1589 if (err != undefined) { 1590 console.error('addDLPLinkFile error,', err.code, err.message); 1591 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1592 } else { 1593 console.info('res', JSON.stringify(res)); 1594 } 1595 }); 1596 } catch (err) { 1597 console.error('addDLPLinkFile error,', (err as BusinessError).code, (err as BusinessError).message); 1598 } 1599} 1600``` 1601 1602 1603 1604### stopFuseLink 1605 1606stopFuseLink(): Promise<void>; 1607 1608Stops the read and write on the FUSE. This API uses a promise to return the result. 1609 1610**System API**: This is a system API. 1611 1612**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1613 1614**System capability**: SystemCapability.Security.DataLossPrevention 1615 1616**Return value** 1617| Type| Description| 1618| -------- | -------- | 1619| Promise<void> | Promise that returns no value.| 1620 1621**Error codes** 1622 1623For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1624 1625| ID| Error Message| 1626| -------- | -------- | 1627| 201 | Permission denied. | 1628| 202 | Non-system applications use system APIs. | 1629| 19100001 | Invalid parameter value. | 1630| 19100009 | Failed to operate the DLP file. | 1631| 19100011 | System service exception. | 1632 1633**Example** 1634``` 1635import dlpPermission from '@ohos.dlpPermission'; 1636import fs from '@ohos.file.fs'; 1637import { BusinessError } from '@ohos.base'; 1638 1639async func(uri:string): Promise<void> { 1640 let file = fs.openSync(uri); 1641 try { 1642 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1643 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1644 await dlpFile.stopFuseLink(); // Stop the read and write on the FUSE. 1645 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1646 } catch(err) { 1647 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1648 } 1649 fs.closeSync(file); 1650} 1651``` 1652 1653 1654### stopFuseLink 1655 1656stopFuseLink(callback: AsyncCallback<void>): void 1657 1658Stops the read and write on the FUSE. This API uses an asynchronous callback to return the result. 1659 1660**System API**: This is a system API. 1661 1662**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1663 1664**System capability**: SystemCapability.Security.DataLossPrevention 1665 1666**Parameters** 1667| Name| Type| Mandatory| Description| 1668| -------- | -------- | -------- | -------- | 1669| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 1670 1671**Error codes** 1672 1673For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1674 1675| ID| Error Message| 1676| -------- | -------- | 1677| 201 | Permission denied. | 1678| 202 | Non-system applications use system APIs. | 1679| 401 | Parameter error. | 1680| 19100001 | Invalid parameter value. | 1681| 19100009 | Failed to operate the DLP file. | 1682| 19100011 | System service exception. | 1683 1684**Example** 1685``` 1686import dlpPermission from '@ohos.dlpPermission'; 1687import fs from '@ohos.file.fs'; 1688import { BusinessError } from '@ohos.base'; 1689 1690async func(uri:string): Promise<void> { 1691 let file = fs.openSync(uri); 1692 try { 1693 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1694 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1695 dlpFile.stopFuseLink(async (err, res) => { 1696 if (err != undefined) { 1697 console.error('stopFuseLink error,', err.code, err.message); 1698 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1699 } else { 1700 console.info('res', JSON.stringify(res)); 1701 } 1702 }); 1703 } catch (err) { 1704 console.error('stopFuseLink error,', (err as BusinessError).code, (err as BusinessError).message); 1705 } 1706} 1707``` 1708 1709 1710 1711### resumeFuseLink 1712 1713resumeFuseLink(): Promise<void> 1714 1715Resumes the read and write on the FUSE. This API uses a promise to return the result. 1716 1717**System API**: This is a system API. 1718 1719**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1720 1721**System capability**: SystemCapability.Security.DataLossPrevention 1722 1723**Return value** 1724| Type| Description| 1725| -------- | -------- | 1726| Promise<void> | Promise that returns no value.| 1727 1728**Error codes** 1729 1730For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1731 1732| ID| Error Message| 1733| -------- | -------- | 1734| 201 | Permission denied. | 1735| 202 | Non-system applications use system APIs. | 1736| 19100001 | Invalid parameter value. | 1737| 19100009 | Failed to operate the DLP file. | 1738| 19100011 | System service exception. | 1739 1740**Example** 1741``` 1742import dlpPermission from '@ohos.dlpPermission'; 1743import fs from '@ohos.file.fs'; 1744import { BusinessError } from '@ohos.base'; 1745 1746async func(uri:string): Promise<void> { 1747 let file = fs.openSync(uri); 1748 try { 1749 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1750 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1751 await dlpFile.stopFuseLink(); // Stop the read and write on the FUSE. 1752 await dlpFile.resumeFuseLink(); // Resume the read and write on the FUSE. 1753 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1754 } catch(err) { 1755 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1756 } 1757 fs.closeSync(file); 1758} 1759``` 1760 1761 1762### resumeFuseLink 1763 1764resumeFuseLink(callback: AsyncCallback<void>): void 1765 1766Resumes the read and write on the FUSE. This API uses an asynchronous callback to return the result. 1767 1768**System API**: This is a system API. 1769 1770**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1771 1772**System capability**: SystemCapability.Security.DataLossPrevention 1773 1774**Parameters** 1775| Name| Type| Mandatory| Description| 1776| -------- | -------- | -------- | -------- | 1777| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 1778 1779**Error codes** 1780 1781For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1782 1783| ID| Error Message| 1784| -------- | -------- | 1785| 201 | Permission denied. | 1786| 202 | Non-system applications use system APIs. | 1787| 401 | Parameter error. | 1788| 19100001 | Invalid parameter value. | 1789| 19100009 | Failed to operate the DLP file. | 1790| 19100011 | System service exception. | 1791 1792**Example** 1793``` 1794import dlpPermission from '@ohos.dlpPermission'; 1795import fs from '@ohos.file.fs'; 1796import { BusinessError } from '@ohos.base'; 1797 1798async func(uri:string): Promise<void> { 1799 let file = fs.openSync(uri); 1800 try { 1801 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1802 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1803 await dlpFile.stopFuseLink(); // Stop the read and write on the FUSE. 1804 dlpFile.resumeFuseLink(async (err, res) => { 1805 if (err != undefined) { 1806 console.error('resumeFuseLink error,', err.code, err.message); 1807 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1808 } else { 1809 console.info('res', JSON.stringify(res)); 1810 } 1811 }); 1812 } catch (err) { 1813 console.error('resumeFuseLink error,', (err as BusinessError).code, (err as BusinessError).message); 1814 } 1815} 1816``` 1817 1818 1819 1820### replaceDLPLinkFile 1821 1822replaceDLPLinkFile(linkFileName: string): Promise<void> 1823 1824Replaces a link file. This API uses a promise to return the result. 1825 1826**System API**: This is a system API. 1827 1828**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1829 1830**System capability**: SystemCapability.Security.DataLossPrevention 1831 1832**Parameters** 1833| Name| Type| Mandatory| Description| 1834| -------- | -------- | -------- | -------- | 1835| linkFileName | string | Yes| Name of the link file to replace.| 1836 1837**Return value** 1838| Type| Description| 1839| -------- | -------- | 1840| Promise<void> | Promise that returns no value.| 1841 1842**Error codes** 1843 1844For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1845 1846| ID| Error Message| 1847| -------- | -------- | 1848| 201 | Permission denied. | 1849| 202 | Non-system applications use system APIs. | 1850| 401 | Parameter error. | 1851| 19100001 | Invalid parameter value. | 1852| 19100009 | Failed to operate the DLP file. | 1853| 19100011 | System service exception. | 1854 1855**Example** 1856``` 1857import dlpPermission from '@ohos.dlpPermission'; 1858import fs from '@ohos.file.fs'; 1859import { BusinessError } from '@ohos.base'; 1860 1861async func(uri:string): Promise<void> { 1862 let file = fs.openSync(uri); 1863 try { 1864 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1865 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1866 await dlpFile.stopFuseLink(); // Stop the read and write on the FUSE. 1867 await dlpFile.replaceDLPLinkFile('test_new.txt.dlp.link'); // Replace a link file. 1868 await dlpFile.resumeFuseLink(); // Resume the read and write on the FUSE. 1869 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1870 } catch(err) { 1871 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1872 } 1873 fs.closeSync(file); 1874} 1875``` 1876 1877 1878 1879### replaceDLPLinkFile 1880 1881replaceDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void 1882 1883Replaces a link file. This API uses an asynchronous callback to return the result. 1884 1885**System API**: This is a system API. 1886 1887**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1888 1889**System capability**: SystemCapability.Security.DataLossPrevention 1890 1891**Parameters** 1892| Name| Type| Mandatory| Description| 1893| -------- | -------- | -------- | -------- | 1894| linkFileName | string | Yes| Name of the link file to replace.| 1895| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 1896 1897**Error codes** 1898 1899For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1900 1901| ID| Error Message| 1902| -------- | -------- | 1903| 201 | Permission denied. | 1904| 202 | Non-system applications use system APIs. | 1905| 401 | Parameter error. | 1906| 19100001 | Invalid parameter value. | 1907| 19100009 | Failed to operate the DLP file. | 1908| 19100011 | System service exception. | 1909 1910**Example** 1911``` 1912import dlpPermission from '@ohos.dlpPermission'; 1913import fs from '@ohos.file.fs'; 1914import { BusinessError } from '@ohos.base'; 1915 1916async func(uri:string): Promise<void> { 1917 let file = fs.openSync(uri); 1918 try { 1919 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1920 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1921 await dlpFile.stopFuseLink(); // Stop the read and write on the FUSE. 1922 dlpFile.replaceDLPLinkFile('test_new.txt.dlp.link', async (err, res) => { // Replace a link file. 1923 if (err != undefined) { 1924 console.error('replaceDLPLinkFile error,', err.code, err.message); 1925 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1926 } else { 1927 console.info('res', JSON.stringify(res)); 1928 await dlpFile.resumeFuseLink(); // Resume the read and write on the FUSE. 1929 } 1930 }); 1931 } catch (err) { 1932 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 1933 } 1934} 1935``` 1936 1937 1938 1939### deleteDLPLinkFile 1940 1941deleteDLPLinkFile(linkFileName: string): Promise<void> 1942 1943Deletes a link file from the FUSE. This API uses a promise to return the result. 1944 1945**System API**: This is a system API. 1946 1947**Required permissions**: ohos.permission.ACCESS_DLP_FILE 1948 1949**System capability**: SystemCapability.Security.DataLossPrevention 1950 1951**Parameters** 1952| Name| Type| Mandatory| Description| 1953| -------- | -------- | -------- | -------- | 1954| linkFileName | string | Yes| Name of the link file to delete.| 1955 1956**Return value** 1957| Type| Description| 1958| -------- | -------- | 1959| Promise<void> | Promise that returns no value.| 1960 1961**Error codes** 1962 1963For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 1964 1965| ID| Error Message| 1966| -------- | -------- | 1967| 201 | Permission denied. | 1968| 202 | Non-system applications use system APIs. | 1969| 401 | Parameter error. | 1970| 19100001 | Invalid parameter value. | 1971| 19100009 | Failed to operate the DLP file. | 1972| 19100011 | System service exception. | 1973 1974**Example** 1975``` 1976import dlpPermission from '@ohos.dlpPermission'; 1977import fs from '@ohos.file.fs'; 1978import { BusinessError } from '@ohos.base'; 1979 1980async func(uri:string): Promise<void> { 1981 let file = fs.openSync(uri); 1982 try { 1983 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 1984 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 1985 await dlpFile.deleteDLPLinkFile('test.txt.dlp.link'); // Delete a link file. 1986 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 1987 } catch(err) { 1988 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 1989 } 1990 fs.closeSync(file); 1991} 1992``` 1993 1994 1995### deleteDLPLinkFile 1996 1997deleteDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void 1998 1999Deletes a link file. This API uses an asynchronous callback to return the result. 2000 2001**System API**: This is a system API. 2002 2003**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2004 2005**System capability**: SystemCapability.Security.DataLossPrevention 2006 2007**Parameters** 2008| Name| Type| Mandatory| Description| 2009| -------- | -------- | -------- | -------- | 2010| linkFileName | string | Yes| Name of the link file to delete.| 2011| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 2012 2013**Error codes** 2014 2015For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2016 2017| ID| Error Message| 2018| -------- | -------- | 2019| 201 | Permission denied. | 2020| 202 | Non-system applications use system APIs. | 2021| 401 | Parameter error. | 2022| 19100001 | Invalid parameter value. | 2023| 19100009 | Failed to operate the DLP file. | 2024| 19100011 | System service exception. | 2025 2026**Example** 2027``` 2028import dlpPermission from '@ohos.dlpPermission'; 2029import fs from '@ohos.file.fs'; 2030import { BusinessError } from '@ohos.base'; 2031 2032async func(uri:string): Promise<void> { 2033 let file = fs.openSync(uri); 2034 try { 2035 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2036 await dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file. 2037 dlpFile.deleteDLPLinkFile('test.txt.dlp.link', async (err, res) => { // Delete a link file. 2038 if (err != undefined) { 2039 console.error('replaceDLPLinkFile error,', err.code, err.message); 2040 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2041 } else { 2042 console.info('res', JSON.stringify(res)); 2043 } 2044 }); 2045 } catch (err) { 2046 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 2047 } 2048} 2049``` 2050 2051 2052 2053### recoverDLPFile 2054 2055recoverDLPFile(plaintextFd: number): Promise<void>; 2056 2057Recovers the plaintext of a DLP file. This API uses a promise to return the result. 2058 2059**System API**: This is a system API. 2060 2061**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2062 2063**System capability**: SystemCapability.Security.DataLossPrevention 2064 2065**Parameters** 2066| Name| Type| Mandatory| Description| 2067| -------- | -------- | -------- | -------- | 2068| plaintextFd | number | Yes| FD of the target plaintext file.| 2069 2070**Return value** 2071| Type| Description| 2072| -------- | -------- | 2073| Promise<void> | Promise that returns no value.| 2074 2075**Error codes** 2076 2077For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2078 2079| ID| Error Message| 2080| -------- | -------- | 2081| 201 | Permission denied. | 2082| 202 | Non-system applications use system APIs. | 2083| 401 | Parameter error. | 2084| 19100001 | Invalid parameter value. | 2085| 19100002 | Credential task error. | 2086| 19100003 | Credential task time out. | 2087| 19100004 | Credential service error. | 2088| 19100005 | Remote credential server error. | 2089| 19100008 | Not DLP file. | 2090| 19100009 | Failed to operate the DLP file. | 2091| 19100010 | DLP file is read-only. | 2092| 19100011 | System service exception. | 2093 2094**Example** 2095``` 2096import dlpPermission from '@ohos.dlpPermission'; 2097import fs from '@ohos.file.fs'; 2098import { BusinessError } from '@ohos.base'; 2099 2100async func(uri:string, destUri:string): Promise<void> { 2101 let file = fs.openSync(uri); 2102 let destFile = fs.openSync(destUri); 2103 try { 2104 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2105 await dlpFile.recoverDLPFile(destFile.fd); // Recover the plaintext of a DLP file. 2106 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2107 } catch(err) { 2108 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 2109 } 2110 fs.closeSync(file); 2111 fs.closeSync(destFile); 2112} 2113``` 2114 2115 2116### recoverDLPFile 2117 2118recoverDLPFile(plaintextFd: number, callback: AsyncCallback<void>): void 2119 2120Recovers the plaintext of a DLP file. This API uses an asynchronous callback to return the result. 2121 2122**System API**: This is a system API. 2123 2124**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2125 2126**System capability**: SystemCapability.Security.DataLossPrevention 2127 2128**Parameters** 2129| Name| Type| Mandatory| Description| 2130| -------- | -------- | -------- | -------- | 2131| plaintextFd | number | Yes| FD of the target plaintext file.| 2132| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 2133 2134**Error codes** 2135 2136For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2137 2138| ID| Error Message| 2139| -------- | -------- | 2140| 201 | Permission denied. | 2141| 202 | Non-system applications use system APIs. | 2142| 401 | Parameter error. | 2143| 19100001 | Invalid parameter value. | 2144| 19100002 | Credential task error. | 2145| 19100003 | Credential task time out. | 2146| 19100004 | Credential service error. | 2147| 19100005 | Remote credential server error. | 2148| 19100008 | Not DLP file. | 2149| 19100009 | Failed to operate the DLP file. | 2150| 19100010 | DLP file is read-only. | 2151| 19100011 | System service exception. | 2152 2153**Example** 2154``` 2155import dlpPermission from '@ohos.dlpPermission'; 2156import fs from '@ohos.file.fs'; 2157import { BusinessError } from '@ohos.base'; 2158 2159async func(uri:string, destUri:string): Promise<void> { 2160 let file = fs.openSync(uri); 2161 let destFile = fs.openSync(destUri); 2162 try { 2163 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2164 dlpFile.recoverDLPFile(destFile.fd, async (err, res) => { // Recover the plaintext of a DLP file. 2165 if (err != undefined) { 2166 console.error('recoverDLPFile error,', err.code, err.message); 2167 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2168 } else { 2169 console.info('res', JSON.stringify(res)); 2170 } 2171 }); 2172 } catch (err) { 2173 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 2174 } 2175} 2176``` 2177 2178 2179### closeDLPFile 2180 2181closeDLPFile(): Promise<void> 2182 2183Closes this **DLPFile** instance. This API uses a promise to return the result. 2184 2185**System API**: This is a system API. 2186 2187**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2188 2189**System capability**: SystemCapability.Security.DataLossPrevention 2190 2191> **NOTE** 2192> If a DLP file is no longer used, close the **dlpFile** instance to release the memory. 2193 2194**Return value** 2195| Type| Description| 2196| -------- | -------- | 2197| Promise<void> | Promise that returns no value.| 2198 2199**Error codes** 2200 2201For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2202 2203| ID| Error Message| 2204| -------- | -------- | 2205| 201 | Permission denied. | 2206| 202 | Non-system applications use system APIs. | 2207| 19100001 | Invalid parameter value. | 2208| 19100009 | Failed to operate the DLP file. | 2209| 19100011 | System service exception. | 2210 2211**Example** 2212``` 2213import dlpPermission from '@ohos.dlpPermission'; 2214import fs from '@ohos.file.fs'; 2215import { BusinessError } from '@ohos.base'; 2216 2217async func(uri:string): Promise<void> { 2218 let file = fs.openSync(uri); 2219 try { 2220 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2221 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2222 } catch(err) { 2223 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 2224 } 2225 fs.closeSync(file); 2226} 2227``` 2228 2229 2230### closeDLPFile 2231 2232closeDLPFile(callback: AsyncCallback<void>): void 2233 2234Closes this **DLPFile** instance. This API uses an asynchronous callback to return the result. 2235 2236**System API**: This is a system API. 2237 2238**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2239 2240**System capability**: SystemCapability.Security.DataLossPrevention 2241 2242> **NOTE** 2243> If a DLP file is no longer used, close the **dlpFile** instance to release the memory. 2244 2245**Parameters** 2246| Name| Type| Mandatory| Description| 2247| -------- | -------- | -------- | -------- | 2248| callback | AsyncCallback<void> | Yes| Callback invoked to return the result.| 2249 2250**Error codes** 2251 2252For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2253 2254| ID| Error Message| 2255| -------- | -------- | 2256| 201 | Permission denied. | 2257| 202 | Non-system applications use system APIs. | 2258| 19100001 | Invalid parameter value. | 2259| 19100009 | Failed to operate the DLP file. | 2260| 19100011 | System service exception. | 2261 2262**Example** 2263``` 2264import dlpPermission from '@ohos.dlpPermission'; 2265import fs from '@ohos.file.fs'; 2266import { BusinessError } from '@ohos.base'; 2267 2268async func(uri:string): Promise<void> { 2269 let file = fs.openSync(uri); 2270 try { 2271 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2272 dlpFile.closeDLPFile((err, res) => {// Close the DLP file. 2273 if (err != undefined) { 2274 console.error('closeDLPFile error,', err.code, err.message); 2275 } else { 2276 console.info('res', JSON.stringify(res)); 2277 } 2278 fs.closeSync(file); 2279 }); 2280 } catch (err) { 2281 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 2282 fs.closeSync(file); 2283 } 2284} 2285``` 2286 2287 2288## dlpPermission.generateDLPFile 2289 2290generateDLPFile(plaintextFd: number, ciphertextFd: number, property: DLPProperty): Promise<DLPFile> 2291 2292Generates a DLP file, which is an encrypted file that can be accessed only by authorized users. The users can have the full control permission or read-only permission on the DLP file. This API uses a promise to return the result. 2293 2294**System API**: This is a system API. 2295 2296**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2297 2298**System capability**: SystemCapability.Security.DataLossPrevention 2299 2300**Parameters** 2301| Name| Type| Mandatory| Description| 2302| -------- | -------- | -------- | -------- | 2303| plaintextFd | number | Yes| FD of the plaintext file to be encrypted.| 2304| ciphertextFd | number | Yes| FD of the encrypted file.| 2305| property | [DLPProperty](#dlpproperty) | Yes| Authorized user information, which includes the authorized user list, owner account, and contact account information.| 2306 2307**Return value** 2308| Type| Description| 2309| -------- | -------- | 2310| Promise<[DLPFile](#dlpfile)> | Promise used to return the result. If the operation is successful, a **DLPFile** instance is returned. Otherwise, **null** is returned.| 2311 2312**Error codes** 2313 2314For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2315 2316| ID| Error Message| 2317| -------- | -------- | 2318| 201 | Permission denied. | 2319| 202 | Non-system applications use system APIs. | 2320| 401 | Parameter error. | 2321| 19100001 | Invalid parameter value. | 2322| 19100002 | Credential task error. | 2323| 19100003 | Credential task time out. | 2324| 19100004 | Credential service error. | 2325| 19100005 | Remote credential server error. | 2326| 19100009 | Failed to operate the DLP file. | 2327| 19100011 | System service exception. | 2328 2329**Example** 2330``` 2331import dlpPermission from '@ohos.dlpPermission'; 2332import fs from '@ohos.file.fs'; 2333import { BusinessError } from '@ohos.base'; 2334 2335async func(uri:string, dlpUri:string): Promise<void> { 2336 let file = fs.openSync(uri); 2337 let dlp = fs.openSync(dlpUri); 2338 try { 2339 let dlpProperty: dlpPermission.DLPProperty = { 2340 ownerAccount: 'zhangsan', 2341 ownerAccountType: dlpPermission.AccountType.DOMAIN_ACCOUNT, 2342 authUserList: [], 2343 contactAccount: 'zhangsan', 2344 offlineAccess: true, 2345 ownerAccountID: 'xxxxxxx', 2346 everyoneAccessList: [] 2347 }; 2348 let dlpFile: dlpPermission.DLPFile = await dlpPermission.generateDLPFile(file.fd, dlp.fd, dlpProperty); // Generate a DLP file. 2349 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2350 } catch(err) { 2351 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 2352 } 2353 fs.closeSync(file); 2354 fs.closeSync(dlp); 2355} 2356``` 2357 2358 2359## dlpPermission.generateDLPFile 2360 2361generateDLPFile(plaintextFd: number, ciphertextFd: number, property: DLPProperty, callback: AsyncCallback<DLPFile>): void 2362 2363Generates a DLP file, which is an encrypted file that can be accessed only by authorized users. The users can have the full control permission or read-only permission on the DLP file. This API uses an asynchronous callback to return the result. 2364 2365**System API**: This is a system API. 2366 2367**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2368 2369**System capability**: SystemCapability.Security.DataLossPrevention 2370 2371**Parameters** 2372| Name| Type| Mandatory| Description| 2373| -------- | -------- | -------- | -------- | 2374| plaintextFd | number | Yes| FD of the plaintext file to be encrypted.| 2375| ciphertextFd | number | Yes| FD of the encrypted file.| 2376| property | [DLPProperty](#dlpproperty) | Yes| Authorized user information, which includes the authorized user list, owner account, and contact account information.| 2377| callback | AsyncCallback<[DLPFile](#dlpfile)> | Yes| Callback invoked to return the DLPFile instance created.| 2378 2379**Error codes** 2380 2381For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2382 2383| ID| Error Message| 2384| -------- | -------- | 2385| 201 | Permission denied. | 2386| 202 | Non-system applications use system APIs. | 2387| 401 | Parameter error. | 2388| 19100001 | Invalid parameter value. | 2389| 19100002 | Credential task error. | 2390| 19100003 | Credential task time out. | 2391| 19100004 | Credential service error. | 2392| 19100005 | Remote credential server error. | 2393| 19100009 | Failed to operate the DLP file. | 2394| 19100011 | System service exception. | 2395 2396**Example** 2397``` 2398import dlpPermission from '@ohos.dlpPermission'; 2399import fs from '@ohos.file.fs'; 2400import { BusinessError } from '@ohos.base'; 2401 2402async func(uri:string, dlpUri:string): Promise<void> { 2403 let file = fs.openSync(uri); 2404 let dlp = fs.openSync(dlpUri); 2405 try { 2406 let dlpProperty: dlpPermission.DLPProperty = { 2407 ownerAccount: 'zhangsan', 2408 ownerAccountType: dlpPermission.AccountType.DOMAIN_ACCOUNT, 2409 authUserList: [], 2410 contactAccount: 'zhangsan', 2411 offlineAccess: true, 2412 ownerAccountID: 'xxxxxxx', 2413 everyoneAccessList: [] 2414 }; 2415 dlpPermission.generateDLPFile(file.fd, dlp.fd, dlpProperty, (err, res) => { // Generate a DLP file. 2416 if (err != undefined) { 2417 console.error('generateDLPFile error,', err.code, err.message); 2418 } else { 2419 console.info('res', JSON.stringify(res)); 2420 } 2421 }); 2422 } catch (err) { 2423 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 2424 fs.closeSync(file); 2425 } 2426} 2427``` 2428 2429 2430## dlpPermission.openDLPFile 2431 2432openDLPFile(ciphertextFd: number): Promise<DLPFile> 2433 2434Opens a DLP file. This API uses a promise to return the result. 2435 2436**System API**: This is a system API. 2437 2438**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2439 2440**System capability**: SystemCapability.Security.DataLossPrevention 2441 2442**Parameters** 2443| Name| Type| Mandatory| Description| 2444| -------- | -------- | -------- | -------- | 2445| ciphertextFd | number | Yes| FD of the encrypted file.| 2446 2447**Return value** 2448| Type| Description| 2449| -------- | -------- | 2450| Promise<[DLPFile](#dlpfile)> | Promise used to return the result. If the operation is successful, a **DLPFile** instance is returned. Otherwise, **null** is returned.| 2451 2452**Error codes** 2453 2454For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2455 2456| ID| Error Message| 2457| -------- | -------- | 2458| 201 | Permission denied. | 2459| 202 | Non-system applications use system APIs. | 2460| 401 | Parameter error. | 2461| 19100001 | Invalid parameter value. | 2462| 19100002 | Credential task error. | 2463| 19100003 | Credential task time out. | 2464| 19100004 | Credential service error. | 2465| 19100005 | Remote credential server error. | 2466| 19100008 | Not DLP file. | 2467| 19100009 | Failed to operate the DLP file. | 2468| 19100011 | System service exception. | 2469 2470**Example** 2471``` 2472import dlpPermission from '@ohos.dlpPermission'; 2473import fs from '@ohos.file.fs'; 2474import { BusinessError } from '@ohos.base'; 2475 2476async func(uri:string): Promise<void> { 2477 let file = fs.openSync(uri); 2478 try { 2479 let dlpFile: dlpPermission.DLPFile = await dlpPermission.openDLPFile(file.fd); // Open a DLP file. 2480 await dlpFile.closeDLPFile(); // Close the DLPFile instance. 2481 } catch(err) { 2482 console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails. 2483 } 2484 fs.closeSync(file); 2485} 2486``` 2487 2488 2489## dlpPermission.openDLPFile 2490 2491openDLPFile(ciphertextFd: number, callback: AsyncCallback<DLPFile>): void 2492 2493Opens a DLP file. This API uses an asynchronous callback to return the result. 2494 2495**System API**: This is a system API. 2496 2497**Required permissions**: ohos.permission.ACCESS_DLP_FILE 2498 2499**System capability**: SystemCapability.Security.DataLossPrevention 2500 2501**Parameters** 2502| Name| Type| Mandatory| Description| 2503| -------- | -------- | -------- | -------- | 2504| ciphertextFd | number | Yes| FD of the encrypted file.| 2505| callback | AsyncCallback<[DLPFile](#dlpfile)> | Yes| Callback invoked to return the **DLPFile** instance opened.| 2506 2507**Error codes** 2508 2509For details about the error codes, see [DLP Service Error Codes](../errorcodes/errorcode-dlp.md). 2510 2511| ID| Error Message| 2512| -------- | -------- | 2513| 201 | Permission denied. | 2514| 202 | Non-system applications use system APIs. | 2515| 401 | Parameter error. | 2516| 19100001 | Invalid parameter value. | 2517| 19100002 | Credential task error. | 2518| 19100003 | Credential task time out. | 2519| 19100004 | Credential service error. | 2520| 19100005 | Remote credential server error. | 2521| 19100008 | Not DLP file. | 2522| 19100009 | Failed to operate the DLP file. | 2523| 19100011 | System service exception. | 2524 2525**Example** 2526``` 2527import dlpPermission from '@ohos.dlpPermission'; 2528import fs from '@ohos.file.fs'; 2529import { BusinessError } from '@ohos.base'; 2530 2531async func(uri:string): Promise<void> { 2532 let file = fs.openSync(uri); 2533 try { 2534 dlpPermission.openDLPFile(file.fd, (err, res) => {// Open a DLP file. 2535 if (err != undefined) { 2536 console.error('openDLPFile error,', err.code, err.message); 2537 } else { 2538 console.info('res', JSON.stringify(res)); 2539 } 2540 }); 2541 } catch (err) { 2542 console.error('error,', (err as BusinessError).code, (err as BusinessError).message); 2543 fs.closeSync(file); 2544 } 2545} 2546``` 2547 2548## ActionFlagType 2549 2550Enumerates the operations that can be performed on a DLP file. For example, the DLP sandbox application can dim its button based on this parameter. 2551 2552**System capability**: SystemCapability.Security.DataLossPrevention 2553 2554**Parameters** 2555 2556| Name| Value| Description| 2557| -------- | -------- | -------- | 2558| ACTION_VIEW | 0x00000001 | View the file.| 2559| ACTION_SAVE | 0x00000002 | Save the file.| 2560| ACTION_SAVE_AS | 0x00000004 | Save the file as another file.| 2561| ACTION_EDIT | 0x00000008 | Edit the file.| 2562| ACTION_SCREEN_CAPTURE | 0x00000010 | Capture screenshots of the file.| 2563| ACTION_SCREEN_SHARE | 0x00000020 | Share the screen of the file.| 2564| ACTION_SCREEN_RECORD | 0x00000040 | Record the screen on which the file is open.| 2565| ACTION_COPY | 0x00000080 | Copy the file.| 2566| ACTION_PRINT | 0x00000100 | Print the file.| 2567| ACTION_EXPORT | 0x00000200 | Export the file.| 2568| ACTION_PERMISSION_CHANGE | 0x00000400 | Modify the permissions on the file.| 2569 2570 2571## DLPFileAccess 2572 2573Enumerates the permissions on a DLP file. 2574 2575**System capability**: SystemCapability.Security.DataLossPrevention 2576 2577**Parameters** 2578 2579| Name| Value| Description| 2580| -------- | -------- | -------- | 2581| NO_PERMISSION | 0 | The user has no permission on the file.| 2582| READ_ONLY | 1 | The user has only the permission to read the file.| 2583| CONTENT_EDIT | 2 | The user has the permission to edit the file.| 2584| FULL_CONTROL | 3 | The user has full control on the file.| 2585 2586 2587## DLPPermissionInfo 2588 2589Represents the permission information about a DLP file. 2590 2591**System capability**: SystemCapability.Security.DataLossPrevention 2592 2593| Name| Type| Readable| Writable| Description| 2594| -------- | -------- | -------- | -------- | -------- | 2595| dlpFileAccess | [DLPFileAccess](#dlpfileaccess) | Yes| No| User permission on the DLP file, for example, read-only.| 2596| flags | number | Yes| No| Operations that can be performed on the DLP file. It is a combination of different [ActionFlagTypes](#actionflagtype).| 2597 2598 2599## AccessedDLPFileInfo 2600 2601Represents the information about a DLP file opened. 2602 2603**System capability**: SystemCapability.Security.DataLossPrevention 2604 2605| Name| Type| Readable| Writable| Description| 2606| -------- | -------- | -------- | -------- | -------- | 2607| uri | string | Yes| No| URI of the DLP file.| 2608| lastOpenTime | number | Yes| No| Time when the file was last opened.| 2609 2610 2611 2612## DLPSandboxInfo 2613 2614Represents the DLP sandbox information. 2615 2616**System API**: This is a system API. 2617 2618**System capability**: SystemCapability.Security.DataLossPrevention 2619 2620| Name| Type| Readable| Writable| Description| 2621| -------- | -------- | -------- | -------- | -------- | 2622| appIndex | number | Yes| No| Index of the DLP sandbox.| 2623| tokenID | number | Yes| No| Token ID of the DLP sandbox application.| 2624 2625 2626 2627## DLPSandboxState 2628 2629Represents the DLP sandbox identity information. 2630 2631**System API**: This is a system API. 2632 2633**System capability**: SystemCapability.Security.DataLossPrevention 2634 2635| Name| Type| Readable| Writable| Description| 2636| -------- | -------- | -------- | -------- | -------- | 2637| bundleName | string | Yes| No| Application bundle name.| 2638| appIndex | number | Yes| No| Index of the DLP sandbox application.| 2639 2640 2641## RetentionSandboxInfo 2642 2643Represents the sandbox retention information. 2644 2645**System capability**: SystemCapability.Security.DataLossPrevention 2646 2647| Name| Type| Readable| Writable| Description| 2648| -------- | -------- | -------- | -------- | -------- | 2649| appIndex | number | Yes| No| Index of the DLP sandbox application.| 2650| bundleName | string | Yes| No| Application bundle name.| 2651| docUris | Array<string> | Yes| No| URI list of the DLP files.| 2652 2653 2654## AccountType 2655 2656Enumerates the types of authorized accounts. 2657 2658**System API**: This is a system API. 2659 2660**System capability**: SystemCapability.Security.DataLossPrevention 2661 2662| Name| Value| Description| 2663| -------- | -------- | -------- | 2664| CLOUD_ACCOUNT | 1 | Cloud account.| 2665| DOMAIN_ACCOUNT | 2 | Domain account.| 2666 2667 2668## AuthUser 2669 2670Represents the user authorization information. 2671 2672**System API**: This is a system API. 2673 2674**System capability**: SystemCapability.Security.DataLossPrevention 2675 2676| Name| Type| Read Only| Mandatory| Description| 2677| -------- | -------- | -------- | -------- | -------- | 2678| authAccount | string | No| Yes| Account of the user who can access the DLP file.| 2679| authAccountType | [AccountType](#accounttype) | No| Yes| Type of the account.| 2680| dlpFileAccess | [DLPFileAccess](#dlpfileaccess) | No| Yes| Permission granted to the user.| 2681| permExpiryTime | number | No| Yes| Time when the authorization expires.| 2682 2683 2684## DLPProperty 2685 2686Represents the authorization information. 2687 2688**System API**: This is a system API. 2689 2690**System capability**: SystemCapability.Security.DataLossPrevention 2691 2692| Name| Type| Read Only| Mandatory| Description| 2693| -------- | -------- | -------- | -------- | -------- | 2694| ownerAccount | string | No| Yes| Account of the owner who can set the permission.| 2695| ownerAccountID | string | No| Yes| Account ID of the owner.| 2696| ownerAccountType | [AccountType](#accounttype) | No| Yes| Account type of the owner.| 2697| authUserList | Array<[AuthUser](#authuser)> | No| No| List of users who are authorized to access the DLP file. By default, this parameter is left blank.| 2698| contactAccount | string | No| Yes| Account of the contact.| 2699| offlineAccess | boolean | No| Yes| Whether the file can be accessed offline.| 2700| everyoneAccessList | Array<[DLPFileAccess](#dlpfileaccess)> | No| No| Permission granted to everyone. This parameter is left blank by default.| 2701 2702 2703 2704## GatheringPolicyType 2705 2706Enumerates the DLP sandbox gathering policy types. **GATHERING** allows the DLP files of the same permission type to be opened in a sandbox. For example, open different tab pages in a sandbox. **NON_GATHERING** allows different DLP files to be opened in different sandboxes. 2707 2708**System capability**: SystemCapability.Security.DataLossPrevention 2709 2710**System API**: This is a system API. 2711 2712**Parameters** 2713 2714| Name| Value| Description| 2715| -------- | -------- | -------- | 2716| GATHERING | 1 | Allows the DLP files of the same permission type to be opened in a sandbox. For example, the files of the same permission type can be opened in tab pages of a window.| 2717| NON_GATHERING | 2 | Allows the DLP files of different permission types to be opened in different sandboxes.| 2718