1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "uri_permission_manager_client.h"
17
18 #include "ability_manager_errors.h"
19 #include "hilog_wrapper.h"
20 #include "if_system_ability_manager.h"
21 #include "iservice_registry.h"
22 #include "system_ability_definition.h"
23 #include "uri_permission_load_callback.h"
24
25 namespace OHOS {
26 namespace AAFwk {
27 namespace {
28 const int LOAD_SA_TIMEOUT_MS = 4 * 1000;
29 const int MAX_URI_COUNT = 500;
30 } // namespace
GetInstance()31 UriPermissionManagerClient& UriPermissionManagerClient::GetInstance()
32 {
33 static UriPermissionManagerClient instance;
34 return instance;
35 }
36
GrantUriPermission(const Uri & uri,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId)37 int UriPermissionManagerClient::GrantUriPermission(const Uri &uri, unsigned int flag,
38 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId)
39 {
40 HILOG_DEBUG("targetBundleName :%{public}s", targetBundleName.c_str());
41 auto uriPermMgr = ConnectUriPermService();
42 if (uriPermMgr) {
43 return uriPermMgr->GrantUriPermission(uri, flag, targetBundleName, appIndex, initiatorTokenId);
44 }
45 return INNER_ERR;
46 }
47
GrantUriPermission(const std::vector<Uri> & uriVec,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId)48 int UriPermissionManagerClient::GrantUriPermission(const std::vector<Uri> &uriVec, unsigned int flag,
49 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId)
50 {
51 HILOG_DEBUG("targetBundleName: %{public}s, uriVec size: %{public}zu", targetBundleName.c_str(), uriVec.size());
52 if (uriVec.size() == 0 || uriVec.size() > MAX_URI_COUNT) {
53 HILOG_ERROR("The size of uriVec should be between 1 and %{public}i.", MAX_URI_COUNT);
54 return INNER_ERR;
55 }
56 auto uriPermMgr = ConnectUriPermService();
57 if (uriPermMgr) {
58 return uriPermMgr->GrantUriPermission(uriVec, flag, targetBundleName, appIndex, initiatorTokenId);
59 }
60 return INNER_ERR;
61 }
62
GrantUriPermissionFor2In1(const std::vector<Uri> & uriVec,unsigned int flag,const std::string & targetBundleName,int32_t appIndex,bool isSystemAppCall)63 int UriPermissionManagerClient::GrantUriPermissionFor2In1(const std::vector<Uri> &uriVec, unsigned int flag,
64 const std::string &targetBundleName, int32_t appIndex, bool isSystemAppCall)
65 {
66 HILOG_DEBUG("targetBundleName: %{public}s, uriVec size: %{public}zu", targetBundleName.c_str(), uriVec.size());
67 if (uriVec.size() == 0 || uriVec.size() > MAX_URI_COUNT) {
68 HILOG_ERROR("The size of uriVec should be between 1 and %{public}i.", MAX_URI_COUNT);
69 return INNER_ERR;
70 }
71 auto uriPermMgr = ConnectUriPermService();
72 if (uriPermMgr != nullptr) {
73 return uriPermMgr->GrantUriPermissionFor2In1(uriVec, flag, targetBundleName, appIndex, isSystemAppCall);
74 }
75 return INNER_ERR;
76 }
77
RevokeUriPermission(const Security::AccessToken::AccessTokenID tokenId)78 void UriPermissionManagerClient::RevokeUriPermission(const Security::AccessToken::AccessTokenID tokenId)
79 {
80 HILOG_DEBUG("UriPermissionManagerClient::RevokeUriPermission is called.");
81 auto uriPermMgr = ConnectUriPermService();
82 if (uriPermMgr) {
83 return uriPermMgr->RevokeUriPermission(tokenId);
84 }
85 }
86
RevokeAllUriPermissions(const Security::AccessToken::AccessTokenID tokenId)87 int UriPermissionManagerClient::RevokeAllUriPermissions(const Security::AccessToken::AccessTokenID tokenId)
88 {
89 HILOG_DEBUG("UriPermissionManagerClient::RevokeAllUriPermissions is called.");
90 auto uriPermMgr = ConnectUriPermService();
91 if (uriPermMgr) {
92 return uriPermMgr->RevokeAllUriPermissions(tokenId);
93 }
94 return INNER_ERR;
95 }
96
RevokeUriPermissionManually(const Uri & uri,const std::string bundleName)97 int UriPermissionManagerClient::RevokeUriPermissionManually(const Uri &uri, const std::string bundleName)
98 {
99 HILOG_DEBUG("UriPermissionManagerClient::RevokeUriPermissionManually is called.");
100 auto uriPermMgr = ConnectUriPermService();
101 if (uriPermMgr) {
102 return uriPermMgr->RevokeUriPermissionManually(uri, bundleName);
103 }
104 return INNER_ERR;
105 }
106
CheckPersistableUriPermissionProxy(const Uri & uri,uint32_t flag,uint32_t tokenId)107 bool UriPermissionManagerClient::CheckPersistableUriPermissionProxy(const Uri& uri, uint32_t flag, uint32_t tokenId)
108 {
109 auto uriPermMgr = ConnectUriPermService();
110 if (uriPermMgr) {
111 return uriPermMgr->CheckPersistableUriPermissionProxy(uri, flag, tokenId);
112 }
113 return false;
114 }
115
VerifyUriPermission(const Uri & uri,uint32_t flag,uint32_t tokenId)116 bool UriPermissionManagerClient::VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId)
117 {
118 auto uriPermMgr = ConnectUriPermService();
119 if (uriPermMgr) {
120 return uriPermMgr->VerifyUriPermission(uri, flag, tokenId);
121 }
122 return false;
123 }
124
IsAuthorizationUriAllowed(uint32_t fromTokenId)125 bool UriPermissionManagerClient::IsAuthorizationUriAllowed(uint32_t fromTokenId)
126 {
127 auto uriPermMgr = ConnectUriPermService();
128 if (uriPermMgr) {
129 return uriPermMgr->IsAuthorizationUriAllowed(fromTokenId);
130 }
131 return false;
132 }
133
ConnectUriPermService()134 sptr<IUriPermissionManager> UriPermissionManagerClient::ConnectUriPermService()
135 {
136 HILOG_DEBUG("UriPermissionManagerClient::ConnectUriPermService is called.");
137 auto uriPermMgr = GetUriPermMgr();
138 if (uriPermMgr == nullptr) {
139 if (!LoadUriPermService()) {
140 HILOG_ERROR("Load uri permission manager service failed.");
141 return nullptr;
142 }
143 uriPermMgr = GetUriPermMgr();
144 if (uriPermMgr == nullptr || uriPermMgr->AsObject() == nullptr) {
145 HILOG_ERROR("Failed to get uri permission manager.");
146 return nullptr;
147 }
148 const auto& onClearProxyCallback = [] {
149 UriPermissionManagerClient::GetInstance().ClearProxy();
150 };
151 sptr<UpmsDeathRecipient> recipient(new UpmsDeathRecipient(onClearProxyCallback));
152 uriPermMgr->AsObject()->AddDeathRecipient(recipient);
153 }
154 HILOG_DEBUG("End UriPermissionManagerClient::ConnectUriPermService.");
155 return uriPermMgr;
156 }
157
LoadUriPermService()158 bool UriPermissionManagerClient::LoadUriPermService()
159 {
160 HILOG_DEBUG("UriPermissionManagerClient::LoadUriPermService is called.");
161 auto systemAbilityMgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
162 if (systemAbilityMgr == nullptr) {
163 HILOG_ERROR("Failed to get SystemAbilityManager.");
164 return false;
165 }
166
167 sptr<UriPermissionLoadCallback> loadCallback = new (std::nothrow) UriPermissionLoadCallback();
168 if (loadCallback == nullptr) {
169 HILOG_ERROR("Create load callback failed.");
170 return false;
171 }
172
173 auto ret = systemAbilityMgr->LoadSystemAbility(URI_PERMISSION_MGR_SERVICE_ID, loadCallback);
174 if (ret != 0) {
175 HILOG_ERROR("Load system ability %{public}d failed with %{public}d.", URI_PERMISSION_MGR_SERVICE_ID, ret);
176 return false;
177 }
178
179 {
180 std::unique_lock<std::mutex> lock(saLoadMutex_);
181 auto waitStatus = loadSaVariable_.wait_for(lock, std::chrono::milliseconds(LOAD_SA_TIMEOUT_MS),
182 [this]() {
183 return saLoadFinished_;
184 });
185 if (!waitStatus) {
186 HILOG_ERROR("Wait for load sa timeout.");
187 return false;
188 }
189 }
190 return true;
191 }
192
GetUriPermMgr()193 sptr<IUriPermissionManager> UriPermissionManagerClient::GetUriPermMgr()
194 {
195 std::lock_guard<std::mutex> lock(mutex_);
196 return uriPermMgr_;
197 }
198
SetUriPermMgr(const sptr<IRemoteObject> & remoteObject)199 void UriPermissionManagerClient::SetUriPermMgr(const sptr<IRemoteObject> &remoteObject)
200 {
201 HILOG_DEBUG("UriPermissionManagerClient::SetUriPermMgr is called.");
202 std::lock_guard<std::mutex> lock(mutex_);
203 uriPermMgr_ = iface_cast<IUriPermissionManager>(remoteObject);
204 }
205
OnLoadSystemAbilitySuccess(const sptr<IRemoteObject> & remoteObject)206 void UriPermissionManagerClient::OnLoadSystemAbilitySuccess(const sptr<IRemoteObject> &remoteObject)
207 {
208 HILOG_DEBUG("UriPermissionManagerClient::OnLoadSystemAbilitySuccess is called.");
209 SetUriPermMgr(remoteObject);
210 std::unique_lock<std::mutex> lock(saLoadMutex_);
211 saLoadFinished_ = true;
212 loadSaVariable_.notify_one();
213 }
214
OnLoadSystemAbilityFail()215 void UriPermissionManagerClient::OnLoadSystemAbilityFail()
216 {
217 HILOG_DEBUG("UriPermissionManagerClient::OnLoadSystemAbilityFail is called.");
218 SetUriPermMgr(nullptr);
219 std::unique_lock<std::mutex> lock(saLoadMutex_);
220 saLoadFinished_ = true;
221 loadSaVariable_.notify_one();
222 }
223
ClearProxy()224 void UriPermissionManagerClient::ClearProxy()
225 {
226 HILOG_DEBUG("UriPermissionManagerClient::ClearProxy is called.");
227 {
228 std::lock_guard<std::mutex> lock(mutex_);
229 uriPermMgr_ = nullptr;
230 }
231 std::unique_lock<std::mutex> lock(saLoadMutex_);
232 saLoadFinished_ = false;
233 }
234
OnRemoteDied(const wptr<IRemoteObject> & remote)235 void UriPermissionManagerClient::UpmsDeathRecipient::OnRemoteDied([[maybe_unused]] const wptr<IRemoteObject>& remote)
236 {
237 HILOG_ERROR("upms stub died.");
238 proxy_();
239 }
240 } // namespace AAFwk
241 } // namespace OHOS
242