1 /* 2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ACCESSTOKEN_TOKEN_INFO_MANAGER_H 17 #define ACCESSTOKEN_TOKEN_INFO_MANAGER_H 18 19 #include <atomic> 20 #include <map> 21 #include <memory> 22 #include <vector> 23 24 #include "access_token.h" 25 #include "atm_tools_param_info.h" 26 #include "hap_token_info.h" 27 #include "hap_token_info_inner.h" 28 #include "native_token_info_inner.h" 29 #ifndef RESOURCESCHEDULE_FFRT_ENABLE 30 #include "thread_pool.h" 31 #endif 32 33 namespace OHOS { 34 namespace Security { 35 namespace AccessToken { 36 static const int UDID_MAX_LENGTH = 128; // udid/uuid max length 37 38 class AccessTokenInfoManager final { 39 public: 40 static AccessTokenInfoManager& GetInstance(); 41 ~AccessTokenInfoManager(); 42 void Init(); 43 std::shared_ptr<HapTokenInfoInner> GetHapTokenInfoInner(AccessTokenID id); 44 int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& infoParcel); 45 std::shared_ptr<NativeTokenInfoInner> GetNativeTokenInfoInner(AccessTokenID id); 46 int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& infoParcel); 47 int AllocAccessTokenIDEx(const HapInfoParams& info, AccessTokenID tokenId, AccessTokenIDEx& tokenIdEx); 48 std::shared_ptr<PermissionPolicySet> GetNativePermissionPolicySet(AccessTokenID id); 49 std::shared_ptr<PermissionPolicySet> GetHapPermissionPolicySet(AccessTokenID id); 50 int RemoveHapTokenInfo(AccessTokenID id); 51 int RemoveNativeTokenInfo(AccessTokenID id); 52 int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); 53 int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); 54 AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); 55 AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 56 void ProcessNativeTokenInfos(const std::vector<std::shared_ptr<NativeTokenInfoInner>>& tokenInfos); 57 int UpdateHapToken(AccessTokenIDEx& tokenIdEx, 58 bool isSystemApp, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); 59 void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); 60 void RefreshTokenInfoIfNeeded(); 61 bool IsTokenIdExist(AccessTokenID id); 62 AccessTokenID GetNativeTokenId(const std::string& processName); 63 void GetRelatedSandBoxHapList(AccessTokenID tokenId, std::vector<AccessTokenID>& tokenIdList); 64 int32_t GetHapTokenDlpType(AccessTokenID id); 65 int32_t SetPermDialogCap(AccessTokenID tokenID, bool enable); 66 bool GetPermDialogCap(AccessTokenID tokenID); 67 68 #ifdef TOKEN_SYNC_ENABLE 69 /* tokensync needed */ 70 int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 71 int GetHapTokenInfoFromRemote(AccessTokenID tokenID, 72 HapTokenInfoForSync& hapSync); 73 void GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSync>& nativeTokenInfosRes); 74 int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync); 75 int SetRemoteNativeTokenInfo(const std::string& deviceID, 76 std::vector<NativeTokenInfoForSync>& nativeTokenInfoList); 77 bool IsRemoteHapTokenValid(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 78 int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 79 AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 80 int DeleteRemoteDeviceTokens(const std::string& deviceID); 81 std::string GetUdidByNodeId(const std::string &nodeId); 82 #endif 83 84 #ifdef RESOURCESCHEDULE_FFRT_ENABLE 85 int32_t GetCurTaskNum(); 86 void AddCurTaskNum(); 87 void ReduceCurTaskNum(); 88 #endif 89 90 private: 91 AccessTokenInfoManager(); 92 DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); 93 94 void InitHapTokenInfos(); 95 void InitNativeTokenInfos(); 96 int AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info); 97 int AddNativeTokenInfo(const std::shared_ptr<NativeTokenInfoInner>& info); 98 std::string GetHapUniqueStr(const std::shared_ptr<HapTokenInfoInner>& info) const; 99 std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; 100 bool TryUpdateExistNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 101 int AllocNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 102 void StoreAllTokenInfo(); 103 int AddHapTokenInfoToDb(AccessTokenID tokenID); 104 int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); 105 int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 106 int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 107 void PermissionStateNotify(const std::shared_ptr<HapTokenInfoInner>& info, AccessTokenID id); 108 void DumpHapTokenInfoByTokenId(const AccessTokenID tokenId, std::string& dumpInfo); 109 void DumpHapTokenInfoByBundleName(const std::string& bundleName, std::string& dumpInfo); 110 void DumpAllHapTokenInfo(std::string& dumpInfo); 111 void DumpNativeTokenInfoByProcessName(const std::string& processName, std::string& dumpInfo); 112 void DumpAllNativeTokenInfo(std::string& dumpInfo); 113 114 #ifdef RESOURCESCHEDULE_FFRT_ENABLE 115 std::atomic_int32_t curTaskNum_; 116 std::shared_ptr<ffrt::queue> ffrtTaskQueue_ = std::make_shared<ffrt::queue>("TokenStore"); 117 #else 118 OHOS::ThreadPool tokenDataWorker_; 119 #endif 120 bool hasInited_; 121 122 OHOS::Utils::RWLock hapTokenInfoLock_; 123 OHOS::Utils::RWLock nativeTokenInfoLock_; 124 OHOS::Utils::RWLock managerLock_; 125 126 std::map<int, std::shared_ptr<HapTokenInfoInner>> hapTokenInfoMap_; 127 std::map<std::string, AccessTokenID> hapTokenIdMap_; 128 std::map<int, std::shared_ptr<NativeTokenInfoInner>> nativeTokenInfoMap_; 129 std::map<std::string, AccessTokenID> nativeTokenIdMap_; 130 }; 131 } // namespace AccessToken 132 } // namespace Security 133 } // namespace OHOS 134 #endif // ACCESSTOKEN_TOKEN_INFO_MANAGER_H 135