• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "get_self_permissions.h"
16 
17 #include <thread>
18 
19 #include "access_token.h"
20 #include "accesstoken_kit.h"
21 #include "media_log.h"
22 #include "medialibrary_errno.h"
23 #include "nativetoken_kit.h"
24 #include "token_setproc.h"
25 
26 namespace OHOS {
27 namespace Media {
28 using namespace Security::AccessToken;
29 
SetAccessTokenPermission(const std::string & processName,const std::vector<std::string> & permission,uint64_t & tokenId)30 void PermissionUtilsUnitTest::SetAccessTokenPermission(const std::string &processName,
31     const std::vector<std::string> &permission, uint64_t &tokenId)
32 {
33     auto perms = std::make_unique<const char *[]>(permission.size());
34     for (size_t i = 0; i < permission.size(); i++) {
35         perms[i] = permission[i].c_str();
36     }
37 
38     NativeTokenInfoParams infoInstance = {
39         .dcapsNum = 0,
40         .permsNum = permission.size(),
41         .aclsNum = 0,
42         .dcaps = nullptr,
43         .perms = perms.get(),
44         .acls = nullptr,
45         .processName = processName.c_str(),
46         .aplStr = "system_basic",
47     };
48     tokenId = GetAccessTokenId(&infoInstance);
49     if (tokenId == 0) {
50         MEDIA_ERR_LOG("Get Acess Token Id Failed");
51         return;
52     }
53     int ret = SetSelfTokenID(tokenId);
54     if (ret != 0) {
55         MEDIA_ERR_LOG("Set Acess Token Id Failed");
56         return;
57     }
58     ret = Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
59     if (ret < 0) {
60         MEDIA_ERR_LOG("Reload Native Token Info Failed");
61         return;
62     }
63 }
64 
SetHapPermission(const std::string & bundleName,const int32_t userId)65 int32_t PermissionUtilsUnitTest::SetHapPermission(const std::string &bundleName, const int32_t userId)
66 {
67     HapInfoParams info = {
68         .userID = userId,
69         .bundleName = bundleName,
70         .instIndex = 0,
71         .appIDDesc = bundleName,
72         .isSystemApp = true
73     };
74 
75     HapPolicyParams policy = {
76         .apl = APL_SYSTEM_BASIC,
77         .domain = "test.domain.medialibrary",
78         .permList = { },
79         .permStateList = {
80             {
81                 .permissionName = "ohos.permission.READ_IMAGEVIDEO",
82                 .isGeneral = true,
83                 .resDeviceID = { "local" },
84                 .grantStatus = { PermissionState::PERMISSION_GRANTED },
85                 .grantFlags = { 1 }
86             },
87             {
88                 .permissionName = "ohos.permission.WRITE_IMAGEVIDEO",
89                 .isGeneral = true,
90                 .resDeviceID = { "local" },
91                 .grantStatus = { PermissionState::PERMISSION_GRANTED },
92                 .grantFlags = { 1 }
93             }
94         }
95     };
96     AccessTokenIDEx tokenIdEx = { 0 };
97     tokenIdEx = AccessTokenKit::AllocHapToken(info, policy);
98     int ret = SetSelfTokenID(tokenIdEx.tokenIDEx);
99     if (ret != 0) {
100         MEDIA_ERR_LOG("Set hap token failed, err: %{public}d", ret);
101         return E_PERMISSION_DENIED;
102     }
103     return E_SUCCESS;
104 }
105 } // namespace Media
106 } // namespace OHOS
107 
108