1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16import ServiceExtensionAbility from '@ohos.app.ability.ServiceExtensionAbility'; 17import dlpPermission from '@ohos.dlpPermission'; 18import fileio from '@ohos.fileio'; 19import Want from '@ohos.app.ability.Want'; 20import hiTraceMeter from '@ohos.hiTraceMeter'; 21import hiSysEvent from '@ohos.hiSysEvent'; 22import wantConstant from '@ohos.app.ability.wantConstant'; 23import deviceInfo from '@ohos.deviceInfo'; 24import fs from '@ohos.file.fs'; 25import fileUri from '@ohos.file.fileuri'; 26import { 27 getOsAccountInfo, 28 getUserId, 29 checkAccountLogin, 30 getAuthPerm, 31 startAlertAbility, 32 getFileFd, 33 getFileUriByPath, 34 isValidPath 35} from '../common/utils'; 36import Constants from '../common/constant'; 37import GlobalContext from '../common/GlobalContext' 38import common from '@ohos.app.ability.common'; 39import { BusinessError } from '@ohos.base'; 40import osAccount from '@ohos.account.osAccount'; 41import uriPermissionManager from '@ohos.application.uriPermissionManager'; 42 43const TAG = '[DLPManager_View]'; 44const PHONE = 'phone'; 45const SUFFIX_INDEX = 2; 46 47let defaultDlpFile: dlpPermission.DLPFile = { 48 dlpProperty: { 49 ownerAccount: '', 50 ownerAccountType: (GlobalContext.load('domainAccount') as boolean) ? dlpPermission.AccountType.DOMAIN_ACCOUNT : dlpPermission.AccountType.CLOUD_ACCOUNT, 51 authUserList: [], 52 contactAccount: '', 53 offlineAccess: true, 54 ownerAccountID: '', 55 everyoneAccessList: [] 56 }, 57 recoverDLPFile: async () => {}, 58 closeDLPFile: async () => {}, 59 addDLPLinkFile: async () => {}, 60 stopFuseLink: async () => {}, 61 resumeFuseLink: async () => {}, 62 replaceDLPLinkFile: async () => {}, 63 deleteDLPLinkFile: async () => {} 64}; 65 66let opening: boolean = false; 67export default class ViewAbility extends ServiceExtensionAbility { 68 dlpFd: number = -1; 69 linkFileName: string = ''; 70 linkFilePath: string = ''; 71 appIndex: number = -1; 72 tokenId: number = -1; 73 dlpFile: dlpPermission.DLPFile = defaultDlpFile; 74 authPerm: dlpPermission.DLPFileAccess = dlpPermission.DLPFileAccess.READ_ONLY; 75 sandboxBundleName: string = ''; 76 sandboxAbilityName: string = ''; 77 sandboxModuleName: string = ''; 78 fileName: string = ''; 79 uri: string = ''; 80 stat?: fs.Stat; 81 accountInfo?: osAccount.OsAccountInfo; 82 uriInfo: fileUri.FileUri = new fileUri.FileUri(''); 83 linkUri: string = ''; 84 isCreated: boolean = false; 85 gatheringType: number = dlpPermission.GatheringPolicyType.NON_GATHERING; 86 alreadyOpen: boolean = false; 87 sortByAuthPerm: boolean = false; 88 userId: number = -1; 89 linkFileWriteable: boolean = false; 90 91 async onCreate(want: Want): Promise<void> { 92 GlobalContext.store('viewContext', this.context); 93 if (!GlobalContext.load('sandbox2linkFile')) { 94 GlobalContext.store('sandbox2linkFile', new Map<string, (number | string | dlpPermission.DLPFile)[][]>()); 95 } 96 if (!GlobalContext.load('fileOpenHistory')) { 97 GlobalContext.store('fileOpenHistory', new Map<string, (number | string)[]>()); 98 } 99 if (!GlobalContext.load('authPerm2Sandbox')) { 100 GlobalContext.store('authPerm2Sandbox', new Map<dlpPermission.DLPFileAccess, (number | string)[]>()); 101 } 102 GlobalContext.store('domainAccount', deviceInfo.deviceType === PHONE ? false : true); 103 if (!GlobalContext.load('token2File')) { 104 GlobalContext.store('token2File', new Map<number, (number | string | dlpPermission.DLPFile)[]>()); 105 } 106 if (!GlobalContext.load('linkSet')) { 107 GlobalContext.store('linkSet', new Set<string>()); 108 } 109 } 110 111 async startDataAbility(): Promise<void> { 112 let want: Want = { 113 bundleName: 'com.ohos.dlpmanager', 114 abilityName: 'DataAbility' 115 }; 116 await (GlobalContext.load('viewContext') as common.ServiceExtensionContext).startAbility(want); 117 } 118 119 startAbility(want: Want, startId: number): void { 120 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).startAbility(want, async (err) => { 121 hiTraceMeter.finishTrace('DlpStartSandboxJs', startId); 122 if (err && err.code !== 0) { 123 console.error(TAG, 'startSandboxApp failed', err.code, err.message); 124 try { 125 await this.dlpFile.deleteDLPLinkFile(this.linkFileName); 126 } catch (err) { 127 console.error(TAG, 'dlpFile deleteDLPLinkFile failed', (err as BusinessError).code, (err as BusinessError).message); 128 } 129 try { 130 await this.dlpFile.closeDLPFile(); 131 } catch (err) { 132 console.error(TAG, 'dlpFile closeDLPFile failed', (err as BusinessError).code, (err as BusinessError).message); 133 } 134 opening = false; 135 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_INSIDE_ERROR } as BusinessError); 136 await this.sendDlpFileOpenFault(Constants.DLP_START_SANDBOX_ERROR, this.sandboxBundleName, this.appIndex, undefined); // 105: DLP_START_SANDBOX_ERROR 137 } else { 138 await this.sendDlpFileOpenEvent(Constants.DLP_START_SANDBOX_SUCCESS, this.sandboxBundleName, this.appIndex); // 203: DLP_START_SANDBOX_SUCCESS 139 let sandbox2linkFile: Map<string, (number | string | dlpPermission.DLPFile)[][]> = GlobalContext.load('sandbox2linkFile') as Map<string, (number | string | dlpPermission.DLPFile)[][]>; 140 if (!sandbox2linkFile.has(this.sandboxBundleName + this.appIndex)) { 141 sandbox2linkFile.set(this.sandboxBundleName + this.appIndex, new Array); 142 } 143 if (!this.alreadyOpen) { 144 sandbox2linkFile.get(this.sandboxBundleName + this.appIndex)?.push([this.dlpFile, this.linkFileName, this.dlpFd, this.tokenId]); 145 (GlobalContext.load('fileOpenHistory') as Map<string, (number | string)[]>).set(this.uri, [this.sandboxBundleName, this.appIndex, this.linkFileName, this.linkUri]); 146 (GlobalContext.load('authPerm2Sandbox') as Map<dlpPermission.DLPFileAccess, (number | string)[]>).set(this.authPerm, [this.sandboxBundleName, this.appIndex]); 147 (GlobalContext.load('token2File') as Map<number, (number | string | dlpPermission.DLPFile |dlpPermission.DLPFileAccess | null)[]>).set(this.tokenId, [this.dlpFile, this.sandboxBundleName, this.appIndex, this.authPerm, this.uri, null, -1]); 148 (GlobalContext.load('linkSet') as Set<string>).add(this.linkUri); 149 } 150 await this.startDataAbility(); 151 opening = false; 152 console.debug(TAG, 'startDataAbility success'); 153 } 154 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 155 }); 156 } 157 158 startSandboxApp(startId: number): void { 159 startId = Number(startId); 160 hiTraceMeter.startTrace('DlpStartSandboxJs', startId); 161 let want: Want = { 162 bundleName: this.sandboxBundleName, 163 abilityName: this.sandboxAbilityName, 164 uri: this.linkUri, 165 flags: this.linkFileWriteable ? wantConstant.Flags.FLAG_AUTH_WRITE_URI_PERMISSION : wantConstant.Flags.FLAG_AUTH_READ_URI_PERMISSION, 166 parameters: { 167 'linkFileName': { 168 'name': this.linkFileName 169 }, 170 'fileAsset': { 171 'displayName': this.uriInfo.name, 172 'relativePath': this.uriInfo.path, 173 'dateModified': this.stat?.ctime 174 }, 175 'uri': this.linkUri, 176 'dlpUri': { 177 'name': this.uri 178 }, 179 'linkFileWriteable': { 180 'name': this.linkFileWriteable 181 }, 182 'ohos.dlp.params.index': this.appIndex, 183 'ohos.dlp.params.moduleName': this.sandboxModuleName, 184 'ohos.dlp.params.securityFlag': this.authPerm === 185 dlpPermission.DLPFileAccess.READ_ONLY ? true : false 186 } 187 }; 188 this.startAbility(want, startId); 189 } 190 191 async sendDlpFileOpenFault(code: number, sandboxName: string, appIndex: number, reason?: string): Promise<void> { 192 let event: hiSysEvent.SysEventInfo = { 193 domain: 'DLP', 194 name: 'DLP_FILE_OPEN', 195 eventType: hiSysEvent?.EventType?.FAULT, 196 params: { 197 'CODE': code, 198 'USER_ID': this.userId, 199 'SANDBOX_PKGNAME': sandboxName, 200 } as Record<string, number | string> 201 }; 202 if (appIndex !== -1) { 203 event.params['SANDBOX_INDEX'] = appIndex; 204 } 205 if (reason !== undefined) { 206 event.params['REASON'] = reason; 207 } 208 try { 209 await hiSysEvent.write(event); 210 } catch (err) { 211 console.error(TAG, 'sendDlpFileOpenEvent failed'); 212 } 213 } 214 215 async sendDlpFileOpenEvent(code: number, sandboxName: string, appIndex: number): Promise<void> { 216 let event: hiSysEvent.SysEventInfo = { 217 domain: 'DLP', 218 name: 'DLP_FILE_OPEN_EVENT', 219 eventType: hiSysEvent?.EventType?.BEHAVIOR, 220 params: { 221 'CODE': code, 222 'USER_ID': this.userId, 223 'SANDBOX_PKGNAME': sandboxName, 224 } as Record<string, number | string> 225 }; 226 if (appIndex !== -1) { 227 event.params['SANDBOX_INDEX'] = appIndex; 228 } 229 try { 230 await hiSysEvent.write(event); 231 } catch (err) { 232 console.error(TAG, 'sendDlpFileOpenEvent failed'); 233 } 234 } 235 236 237 async closeFile(): Promise<void> { 238 try { 239 await this.dlpFile.closeDLPFile(); 240 fileio.closeSync(this.dlpFd); 241 } catch (err) { 242 console.error(TAG, 'closeFile failed', (err as BusinessError).code, (err as BusinessError).message); 243 } 244 } 245 246 async getAccountAndOpenDLPFile(startId: number): Promise<void> { 247 hiTraceMeter.startTrace('DlpGetOsAccountJs', startId); 248 return new Promise(async (resolve, reject) => { 249 try { 250 this.accountInfo = await getOsAccountInfo(); 251 this.userId = await getUserId(); 252 } catch (err) { 253 console.error(TAG, 'getOsAccountInfo failed', (err as BusinessError).code, (err as BusinessError).message); 254 hiTraceMeter.finishTrace('DlpGetOsAccountJs', startId); 255 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 256 opening = false; 257 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_GET_ACCOUNT_ERROR } as BusinessError); 258 fileio.closeSync(this.dlpFd); 259 reject(err); return; 260 } 261 hiTraceMeter.finishTrace('DlpGetOsAccountJs', startId); 262 if (!checkAccountLogin(this.accountInfo)) { 263 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 264 opening = false; 265 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_NO_ACCOUNT_ERROR } as BusinessError); 266 fileio.closeSync(this.dlpFd); 267 reject(); 268 return; 269 } 270 resolve(); 271 }); 272 } 273 274 async getOpenDLPFile(startId: number): Promise<void> { 275 return new Promise(async (resolve, reject) => { 276 hiTraceMeter.startTrace('DlpOpenDlpFileJs', startId); 277 try { 278 console.info(TAG, 'openDLPFile', this.fileName, this.dlpFd); 279 this.dlpFile = await dlpPermission.openDLPFile(this.dlpFd); 280 } catch (err) { 281 console.error(TAG, 'openDLPFile', this.fileName, 'failed', (err as BusinessError).code, (err as BusinessError).message); 282 try { 283 hiTraceMeter.finishTrace('DlpOpenDlpFileJs', startId); 284 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 285 opening = false; 286 await this.sendDlpFileOpenFault(Constants.DLP_FILE_PARSE_ERROR, this.sandboxBundleName, -1, (err as BusinessError<string>).data); // 103:DLP_FILE_PARSE_ERROR 287 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, err); 288 } catch (e) { 289 console.error(TAG, 'openDLPFile2', this.fileName, 'failed', (e as BusinessError).code, (e as BusinessError).message, e); 290 } 291 fileio.closeSync(this.dlpFd); 292 reject(); 293 return; 294 } 295 hiTraceMeter.finishTrace('DlpOpenDlpFileJs', startId); 296 try { 297 await this.dlpGetAuthPerm(); 298 } catch (err) { 299 reject(); 300 return; 301 } 302 resolve(); 303 }) 304 } 305 306 async dlpGetAuthPerm(): Promise<void> { 307 return new Promise(async (resolve, reject) => { 308 if (GlobalContext.load('domainAccount') as boolean) { 309 this.authPerm = getAuthPerm(this.accountInfo?.domainInfo.accountName ?? '', this.dlpFile.dlpProperty); 310 } else { 311 this.authPerm = getAuthPerm(this.accountInfo?.distributedInfo.name ?? '', this.dlpFile.dlpProperty); 312 } 313 if (this.authPerm < dlpPermission.DLPFileAccess.READ_ONLY || 314 this.authPerm > dlpPermission.DLPFileAccess.FULL_CONTROL) { 315 opening = false; 316 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_INSIDE_ERROR } as BusinessError); 317 await this.closeFile(); 318 reject(); 319 return; 320 } 321 resolve(); 322 }); 323 } 324 325 async getPolicyAndInstallSandbox(startId: number): Promise<void> { 326 return new Promise(async (resolve, reject) => { 327 this.alreadyOpen = false; 328 try { 329 this.gatheringType = await dlpPermission.getDLPGatheringPolicy(); 330 let fileOpenHistory: Map<string, (number | string)[]> = GlobalContext.load('fileOpenHistory') as Map<string, (number | string)[]>; 331 if (fileOpenHistory.has(this.uri)) { 332 console.info(TAG, 'file', this.fileName, 'already open'); 333 let value: (number | string)[] = fileOpenHistory.get(this.uri) as (number | string)[]; 334 this.appIndex = value[Constants.FILE_OPEN_HISTORY_ONE] as number; 335 this.linkFileName = value[Constants.FILE_OPEN_HISTORY_TWO] as string; 336 this.linkUri = value[Constants.FILE_OPEN_HISTORY_THREE] as string; 337 fileio.closeSync(this.dlpFd); 338 this.alreadyOpen = true; 339 } else { 340 await this.getOpenDLPFile(startId); 341 } 342 343 let authPerm2Sandbox: Map<dlpPermission.DLPFileAccess, (number | string)[]> = GlobalContext.load('authPerm2Sandbox') as Map<dlpPermission.DLPFileAccess, (number | string)[]>; 344 if (authPerm2Sandbox.has(this.authPerm) && 345 this.gatheringType === dlpPermission.GatheringPolicyType.GATHERING) { 346 this.appIndex = authPerm2Sandbox.get(this.authPerm)?.[1] as number; 347 console.info(TAG, 'Dlp gathering is on, send', this.fileName, 'to sandbox:', this.sandboxBundleName, this.appIndex); 348 this.sortByAuthPerm = true; 349 } 350 if (!this.alreadyOpen && !this.sortByAuthPerm) { 351 hiTraceMeter.startTrace('DlpInstallSandboxJs', startId); 352 let appInfo = await dlpPermission.installDLPSandbox(this.sandboxBundleName, this.authPerm, this.userId, this.uri); 353 this.appIndex = appInfo.appIndex; 354 this.tokenId = appInfo.tokenID; 355 } 356 } catch (err) { 357 console.error(TAG, 'installDLPSandbox failed', (err as BusinessError).code, (err as BusinessError).message); 358 hiTraceMeter.finishTrace('DlpInstallSandboxJs', startId); 359 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 360 opening = false; 361 await this.sendDlpFileOpenFault(Constants.DLP_INSTALL_SANDBOX_ERROR, this.sandboxBundleName, -1, (err as BusinessError<string>).data); // 104:DLP_INSTALL_SANDBOX_ERROR 362 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_INSIDE_ERROR }as BusinessError); 363 await this.closeFile(); 364 reject(); return; 365 } 366 hiTraceMeter.finishTrace('DlpInstallSandboxJs', startId); 367 await this.sendDlpFileOpenEvent(Constants.DLP_INSTALL_SANDBOX_SUCCESS, this.sandboxBundleName, this.appIndex); // 202: DLP_INSTALL_SANDBOX_SUCCESS 368 if (!this.alreadyOpen) { 369 try { 370 await this.getAlreadyOpen(startId); 371 } catch { 372 reject(); return; 373 } 374 } 375 resolve(); 376 }); 377 } 378 379 async getAlreadyOpen(startId: number): Promise<void> { 380 return new Promise(async (resolve, reject) => { 381 let timestamp = new Date().getTime(); 382 let splitNames = this.fileName.split('.'); 383 console.debug(TAG, 'splitNames:', splitNames); 384 if (splitNames.length <= SUFFIX_INDEX) { 385 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 386 opening = false; 387 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_INSIDE_ERROR } as BusinessError); 388 await this.closeFile(); 389 reject(); return; 390 } 391 let secondarySuffix = splitNames[splitNames.length - SUFFIX_INDEX]; 392 this.linkFileName = String(this.sandboxBundleName).substring(0, Constants.BUNDLE_LEN) + '_' + this.appIndex + 393 '_' + timestamp + String(Math.random()).substring(Constants.RAND_START, Constants.RAND_END) + '.' + 394 secondarySuffix + '.dlp.link'; 395 hiTraceMeter.startTrace('DlpAddLinkFileJs', startId); 396 try { 397 await this.getAddDLPLinkFile(startId); 398 } catch { 399 reject(); return; 400 } 401 hiTraceMeter.finishTrace('DlpAddLinkFileJs', startId); 402 try { 403 this.linkFilePath = Constants.FUSE_PATH + this.linkFileName; 404 let stat: fileio.Stat = fileio.statSync(this.linkFilePath); 405 const WRITE_ACCESS: number = 0o0200; 406 if (stat.mode & WRITE_ACCESS) { 407 this.linkFileWriteable = true; 408 } else { 409 this.linkFileWriteable = false; 410 } 411 } catch (e) { 412 console.error(TAG, 'file error', e); 413 opening = false; 414 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 415 } 416 this.linkUri = getFileUriByPath(this.linkFilePath); 417 if (this.linkUri === '') { 418 console.error(TAG, 'get linkUri ByPath fail'); 419 opening = false; 420 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 421 } 422 resolve(); 423 }); 424 } 425 async getAddDLPLinkFile(startId: number): Promise<void> { 426 return new Promise(async (resolve, reject) => { 427 try { 428 await this.dlpFile.addDLPLinkFile(this.linkFileName); 429 } catch (error) { 430 console.error(TAG, 'addDLPLinkFile failed', (error as BusinessError).code, (error as BusinessError).message); 431 try { 432 await this.dlpFile.closeDLPFile(); 433 } catch (err) { 434 console.error(TAG, 'closeDLPFile failed', (err as BusinessError).code, (err as BusinessError).message); 435 } 436 opening = false; 437 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, error); 438 hiTraceMeter.finishTrace('DlpAddLinkFileJs', startId); 439 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 440 await this.closeFile(); 441 reject(); 442 return; 443 } 444 resolve(); 445 }); 446 } 447 async getUriInfo(startId: number): Promise<void> { 448 return new Promise(async (resolve, reject) => { 449 try { 450 this.uriInfo = new fileUri.FileUri(this.uri); 451 } catch (error) { 452 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 453 opening = false; 454 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_GET_FILE_ASSET_ERROR } as BusinessError); 455 await this.closeFile(); 456 console.error(TAG, 'open', this.uri, 'failed', (error as BusinessError).code, (error as BusinessError).message); 457 reject(); 458 return; 459 } 460 try { 461 this.stat = await fs.stat(this.uriInfo.path); 462 } catch (err) { 463 console.info(TAG, 'stat fail', (err as BusinessError).code, (err as BusinessError).message); 464 } 465 resolve(); 466 }); 467 } 468 469 async onRequest(want: Want, startId: number): Promise<void> { 470 console.debug(TAG, 'enter onRequest'); 471 if ((GlobalContext.load('fileOpenHistoryFromMain') as Map<string, (string | number)[]>)?.has(want.uri ?? '')) { 472 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_ENCRYPTION_REJECTED } as BusinessError); 473 return; 474 } 475 if (opening) { 476 console.debug(TAG, 'file is opening', this.uri); 477 return; 478 } else { 479 opening = true; 480 console.debug(TAG, 'file is opened', this.uri); 481 } 482 startId = Number(startId); 483 hiTraceMeter.startTrace('DlpOpenFileJs', startId); 484 let obj: Record<string, string> = (want.parameters?.fileName ?? { 'name': '' }) as Record<string, string>; 485 this.fileName = obj.name; 486 this.uri = want.uri as string; 487 if (!isValidPath(this.uri)) { 488 opening = false; 489 console.error(TAG, 'invalid uri in want.uri'); 490 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 491 } 492 this.dlpFd = getFileFd(this.uri); 493 console.debug(TAG, 'dlpFd:', this.dlpFd); 494 if (this.dlpFd === -1) { 495 opening = false; 496 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 497 } 498 this.sandboxBundleName = want.parameters?.['ohos.dlp.params.bundleName'] as string; 499 this.sandboxAbilityName = want.parameters?.['ohos.dlp.params.abilityName'] as string; 500 this.sandboxModuleName = want.parameters?.['ohos.dlp.params.moduleName'] as string; 501 if (this.fileName === undefined || this.dlpFd === undefined || this.uri === undefined || 502 this.sandboxBundleName === undefined || this.sandboxAbilityName === undefined || 503 this.sandboxModuleName === undefined) { 504 opening = false; 505 console.error(TAG, 'get parameters failed'); 506 (GlobalContext.load('viewContext') as common.ServiceExtensionContext).terminateSelf(); 507 } 508 //uri permission just for pc 509 if (!this.uri.endsWith('.dlp')) { 510 console.error(TAG, 'this.uri wrong'); 511 await startAlertAbility(GlobalContext.load('viewContext') as common.ServiceExtensionContext, { code: Constants.ERR_JS_APP_PARAM_ERROR } as BusinessError); 512 return; 513 } 514 if(GlobalContext.load('domainAccount') as boolean){ 515 let flag = wantConstant.Flags.FLAG_AUTH_WRITE_URI_PERMISSION | wantConstant.Flags.FLAG_AUTH_PERSISTABLE_URI_PERMISSION; 516 let targetBundleName = this.sandboxBundleName; 517 uriPermissionManager.grantUriPermission(this.uri, flag, targetBundleName , (result) => { 518 console.info(TAG, 'grandUriPermission result:', JSON.stringify(result)); 519 }); 520 } 521 try { 522 await this.getAccountAndOpenDLPFile(startId); 523 } catch { 524 return; 525 } 526 try { 527 await this.getPolicyAndInstallSandbox(startId); 528 } catch { 529 return; 530 } 531 try { 532 await this.getUriInfo(startId); 533 } catch { 534 return; 535 } 536 this.startSandboxApp(startId); 537 hiTraceMeter.finishTrace('DlpOpenFileJs', startId); 538 } 539} 540