1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "privacy_kit.h"
17
18 #include <string>
19 #include <vector>
20
21 #include "accesstoken_log.h"
22 #include "constant_common.h"
23 #include "data_validator.h"
24 #include "privacy_error.h"
25 #include "privacy_manager_client.h"
26
27 namespace OHOS {
28 namespace Security {
29 namespace AccessToken {
30 namespace {
31 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyKit"};
32 } // namespace
33
AddPermissionUsedRecord(AccessTokenID tokenID,const std::string & permissionName,int32_t successCount,int32_t failCount,bool asyncMode)34 int32_t PrivacyKit::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName,
35 int32_t successCount, int32_t failCount, bool asyncMode)
36 {
37 ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID=0x%{public}x, permissionName=%{public}s,",
38 tokenID, permissionName.c_str());
39 if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName) ||
40 (successCount < 0 || failCount < 0)) {
41 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
42 return PrivacyError::ERR_PARAM_INVALID;
43 }
44 return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(
45 tokenID, permissionName, successCount, failCount, asyncMode);
46 }
47
StartUsingPermission(AccessTokenID tokenID,const std::string & permissionName)48 int32_t PrivacyKit::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
49 {
50 ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID=0x%{public}x, permissionName=%{public}s",
51 tokenID, permissionName.c_str());
52 if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) {
53 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
54 return PrivacyError::ERR_PARAM_INVALID;
55 }
56 return PrivacyManagerClient::GetInstance().StartUsingPermission(tokenID, permissionName);
57 }
58
StartUsingPermission(AccessTokenID tokenID,const std::string & permissionName,const std::shared_ptr<StateCustomizedCbk> & callback)59 int32_t PrivacyKit::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName,
60 const std::shared_ptr<StateCustomizedCbk>& callback)
61 {
62 ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID=0x%{public}x, permissionName=%{public}s, callback",
63 tokenID, permissionName.c_str());
64 if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) {
65 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
66 return PrivacyError::ERR_PARAM_INVALID;
67 }
68 return PrivacyManagerClient::GetInstance().StartUsingPermission(tokenID, permissionName, callback);
69 }
70
StopUsingPermission(AccessTokenID tokenID,const std::string & permissionName)71 int32_t PrivacyKit::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
72 {
73 ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID=0x%{public}x, permissionName=%{public}s",
74 tokenID, permissionName.c_str());
75 if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) {
76 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
77 return PrivacyError::ERR_PARAM_INVALID;
78 }
79 return PrivacyManagerClient::GetInstance().StopUsingPermission(tokenID, permissionName);
80 }
81
RemovePermissionUsedRecords(AccessTokenID tokenID,const std::string & deviceID)82 int32_t PrivacyKit::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID)
83 {
84 ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID=0x%{public}x, deviceID=%{public}s",
85 tokenID, ConstantCommon::EncryptDevId(deviceID).c_str());
86 if (!DataValidator::IsTokenIDValid(tokenID) && !DataValidator::IsDeviceIdValid(deviceID)) {
87 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
88 return PrivacyError::ERR_PARAM_INVALID;
89 }
90 return PrivacyManagerClient::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID);
91 }
92
IsPermissionFlagValid(const PermissionUsedRequest & request)93 static bool IsPermissionFlagValid(const PermissionUsedRequest& request)
94 {
95 int64_t begin = request.beginTimeMillis;
96 int64_t end = request.endTimeMillis;
97 if ((begin < 0) || (end < 0) || (begin > end)) {
98 return false;
99 }
100 return DataValidator::IsPermissionUsedFlagValid(request.flag);
101 }
102
GetPermissionUsedRecords(const PermissionUsedRequest & request,PermissionUsedResult & result)103 int32_t PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result)
104 {
105 if (!IsPermissionFlagValid(request)) {
106 return PrivacyError::ERR_PARAM_INVALID;
107 }
108 return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result);
109 }
110
GetPermissionUsedRecords(const PermissionUsedRequest & request,const sptr<OnPermissionUsedRecordCallback> & callback)111 int32_t PrivacyKit::GetPermissionUsedRecords(
112 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback)
113 {
114 if (!IsPermissionFlagValid(request)) {
115 return PrivacyError::ERR_PARAM_INVALID;
116 }
117 return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback);
118 }
119
RegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk> & callback)120 int32_t PrivacyKit::RegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback)
121 {
122 return PrivacyManagerClient::GetInstance().RegisterPermActiveStatusCallback(callback);
123 }
124
UnRegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk> & callback)125 int32_t PrivacyKit::UnRegisterPermActiveStatusCallback(const std::shared_ptr<PermActiveStatusCustomizedCbk>& callback)
126 {
127 return PrivacyManagerClient::GetInstance().UnRegisterPermActiveStatusCallback(callback);
128 }
129
IsAllowedUsingPermission(AccessTokenID tokenID,const std::string & permissionName)130 bool PrivacyKit::IsAllowedUsingPermission(AccessTokenID tokenID, const std::string& permissionName)
131 {
132 if (!DataValidator::IsTokenIDValid(tokenID) && !DataValidator::IsPermissionNameValid(permissionName)) {
133 ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid");
134 return false;
135 }
136 return PrivacyManagerClient::GetInstance().IsAllowedUsingPermission(tokenID, permissionName);
137 }
138
139 #ifdef SECURITY_COMPONENT_ENHANCE_ENABLE
RegisterSecCompEnhance(const SecCompEnhanceData & enhance)140 int32_t PrivacyKit::RegisterSecCompEnhance(const SecCompEnhanceData& enhance)
141 {
142 return PrivacyManagerClient::GetInstance().RegisterSecCompEnhance(enhance);
143 }
144
GetSecCompEnhance(int32_t pid,SecCompEnhanceData & enhance)145 int32_t PrivacyKit::GetSecCompEnhance(int32_t pid, SecCompEnhanceData& enhance)
146 {
147 return PrivacyManagerClient::GetInstance().GetSecCompEnhance(pid, enhance);
148 }
149
GetSpecialSecCompEnhance(const std::string & bundleName,std::vector<SecCompEnhanceData> & enhanceList)150 int32_t PrivacyKit::GetSpecialSecCompEnhance(const std::string& bundleName,
151 std::vector<SecCompEnhanceData>& enhanceList)
152 {
153 return PrivacyManagerClient::GetInstance().
154 GetSpecialSecCompEnhance(bundleName, enhanceList);
155 }
156 #endif
157 } // namespace AccessToken
158 } // namespace Security
159 } // namespace OHOS
160