• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "ext_permission_manager.h"
16 
17 #include "os_account_manager.h"
18 #include "hilog_wrapper.h"
19 #include "ipc_skeleton.h"
20 #include "iservice_registry.h"
21 #include "accesstoken_kit.h"
22 #include "system_ability_definition.h"
23 
24 namespace OHOS {
25 namespace ExternalDeviceManager {
26 using namespace std;
27 using namespace OHOS;
28 using namespace OHOS::AAFwk;
29 using namespace OHOS::AppExecFwk;
30 using namespace OHOS::ExternalDeviceManager;
31 using namespace OHOS::Security::AccessToken;
32 
33 const uint32_t MIN_TARGET_VERSION = 10;
34 
35 IMPLEMENT_SINGLE_INSTANCE(ExtPermissionManager);
36 
ExtPermissionManager()37 ExtPermissionManager::ExtPermissionManager()
38 {
39 };
40 
~ExtPermissionManager()41 ExtPermissionManager::~ExtPermissionManager()
42 {
43 };
44 
NeedCheckPermission()45 DDK_PERMISSION ExtPermissionManager::NeedCheckPermission()
46 {
47     auto iBundleMgr = GetBundleMgrProxy();
48     if (iBundleMgr == nullptr) {
49         EDM_LOGE(MODULE_DEV_MGR, "Can not get iBundleMgr");
50         return DDK_PERMISSION::ERROR;
51     }
52     int uid = IPCSkeleton::GetCallingUid();
53     std::string bundleName;
54     if (!iBundleMgr->GetBundleNameForUid(uid, bundleName)) {
55         EDM_LOGE(MODULE_DEV_MGR, "GetBundleNameForUid err");
56         return DDK_PERMISSION::ERROR;
57     }
58     EDM_LOGD(MODULE_DEV_MGR, "GetBundleNameForUid bundleName:%{public}s", bundleName.c_str());
59     int32_t userId = GetCurrentActiveUserId();
60     BundleInfo bundleInfo;
61     if (!iBundleMgr->GetBundleInfo(bundleName, BundleFlag::GET_BUNDLE_DEFAULT, bundleInfo, userId)) {
62         EDM_LOGE(MODULE_DEV_MGR, "GetBundleNameForUid err");
63         return DDK_PERMISSION::ERROR;
64     }
65     EDM_LOGD(MODULE_DEV_MGR, "GetBundleInfo bundleInfo targetVersion:%{public}d", bundleInfo.targetVersion);
66     if (bundleInfo.targetVersion > MIN_TARGET_VERSION) {
67         return DDK_PERMISSION::CHECK;
68     }
69     return DDK_PERMISSION::NOT_CHECK;
70 }
71 
HasPermission(std::string permissionName)72 bool ExtPermissionManager::HasPermission(std::string permissionName)
73 {
74     AccessTokenID callerToken = IPCSkeleton::GetCallingTokenID();
75     std::string rightTag = std::to_string(callerToken) + "#" + permissionName;
76     if (rightsMap_.find(rightTag) != rightsMap_.end()) {
77         EDM_LOGI(MODULE_DEV_MGR, "find right from rightsMap isPass: %{public}d", rightsMap_[rightTag]);
78         return rightsMap_[rightTag];
79     }
80     DDK_PERMISSION needCheck = NeedCheckPermission();
81     bool ret = false;
82     if (needCheck != DDK_PERMISSION::CHECK) {
83         ret = (needCheck != DDK_PERMISSION::ERROR);
84         rightsMap_[rightTag] = ret;
85         return ret;
86     }
87 
88     int result = AccessTokenKit::VerifyAccessToken(callerToken, permissionName);
89 
90     ret = (result == PERMISSION_GRANTED);
91     rightsMap_[rightTag] = ret;
92     return ret;
93 }
94 
GetBundleMgrProxy()95 sptr<OHOS::AppExecFwk::IBundleMgr> ExtPermissionManager::GetBundleMgrProxy()
96 {
97     if (bundleMgr_ != nullptr) {
98         return bundleMgr_;
99     }
100     std::lock_guard<std::mutex> lock(bundleMgrMutex_);
101     if (bundleMgr_ == nullptr) {
102         auto systemAbilityManager = OHOS::SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
103         if (systemAbilityManager == nullptr) {
104             EDM_LOGE(MODULE_PKG_MGR, "GetBundleMgr GetSystemAbilityManager is null");
105             return nullptr;
106         }
107         auto bundleMgrSa = systemAbilityManager->GetSystemAbility(OHOS::BUNDLE_MGR_SERVICE_SYS_ABILITY_ID);
108         if (bundleMgrSa == nullptr) {
109             EDM_LOGE(MODULE_PKG_MGR, "GetBundleMgr GetSystemAbility is null");
110             return nullptr;
111         }
112         auto bundleMgr = OHOS::iface_cast<IBundleMgr>(bundleMgrSa);
113         if (bundleMgr == nullptr) {
114             EDM_LOGE(MODULE_PKG_MGR, "GetBundleMgr iface_cast get null");
115         }
116         bundleMgr_ = bundleMgr;
117     }
118     return bundleMgr_;
119 }
120 
GetCurrentActiveUserId()121 int32_t ExtPermissionManager::GetCurrentActiveUserId()
122 {
123     std::vector<int32_t> activeIds;
124     int ret = AccountSA::OsAccountManager::QueryActiveOsAccountIds(activeIds);
125     if (ret != 0) {
126         EDM_LOGE(MODULE_PKG_MGR, "QueryActiveOsAccountIds failed ret:%{public}d", ret);
127         return Constants::INVALID_USERID;
128     }
129     if (activeIds.empty()) {
130         EDM_LOGE(MODULE_PKG_MGR, "QueryActiveOsAccountIds activeIds empty");
131         return Constants::ALL_USERID;
132     }
133     return activeIds[0];
134 }
135 } // namespace ExternalDeviceManager
136 } // namespace OHOS