1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef PERMISSION_RECORD_MANAGER_H 17 #define PERMISSION_RECORD_MANAGER_H 18 19 #include <vector> 20 #include <set> 21 #include <string> 22 23 #ifdef EVENTHANDLER_ENABLE 24 #include "access_event_handler.h" 25 #endif 26 #include "access_token.h" 27 #include "active_change_response_info.h" 28 #include "add_perm_param_info.h" 29 #include "app_manager_death_callback.h" 30 #include "app_manager_death_recipient.h" 31 #include "app_status_change_callback.h" 32 #include "hap_token_info.h" 33 #include "libraryloader.h" 34 #include "nocopyable.h" 35 #include "on_permission_used_record_callback.h" 36 #include "permission_record.h" 37 #include "permission_used_request.h" 38 #include "permission_used_result.h" 39 #include "permission_used_type_info.h" 40 #include "privacy_param.h" 41 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 42 #include "privacy_window_manager_agent.h" 43 #endif 44 #include "rwlock.h" 45 #include "safe_map.h" 46 #include "thread_pool.h" 47 #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE 48 #include "nlohmann/json.hpp" 49 #include "permission_record_config.h" 50 #endif 51 52 namespace OHOS { 53 namespace Security { 54 namespace AccessToken { 55 class PrivacyAppStateObserver : public ApplicationStateObserverStub { 56 public: 57 PrivacyAppStateObserver() = default; 58 ~PrivacyAppStateObserver() = default; 59 void OnProcessDied(const ProcessData &processData) override; 60 void OnAppStopped(const AppStateData &appStateData) override; 61 void OnAppStateChanged(const AppStateData &appStateData) override; 62 DISALLOW_COPY_AND_MOVE(PrivacyAppStateObserver); 63 }; 64 65 class PrivacyAppManagerDeathCallback : public AppManagerDeathCallback { 66 public: 67 PrivacyAppManagerDeathCallback() = default; 68 ~PrivacyAppManagerDeathCallback() = default; 69 70 void NotifyAppManagerDeath() override; 71 DISALLOW_COPY_AND_MOVE(PrivacyAppManagerDeathCallback); 72 }; 73 74 class PermissionRecordManager final { 75 public: 76 static PermissionRecordManager& GetInstance(); 77 virtual ~PermissionRecordManager(); 78 79 void Init(); 80 int32_t AddPermissionUsedRecord(const AddPermParamInfo& info); 81 void RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID); 82 int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); 83 int32_t GetPermissionUsedRecordsAsync( 84 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback); 85 int32_t StartUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 86 int32_t StartUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName, 87 const sptr<IRemoteObject>& callback); 88 int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 89 int32_t RegisterPermActiveStatusCallback( 90 AccessTokenID regiterTokenId, const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback); 91 int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback); 92 93 void CallbackExecute(AccessTokenID tokenId, const std::string& permissionName, int32_t status); 94 int32_t PermissionListFilter(const std::vector<std::string>& listSrc, std::vector<std::string>& listRes); 95 bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName); 96 int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, 97 std::vector<PermissionUsedTypeInfo>& results); 98 int32_t SetMutePolicy(const PolicyType& policyType, const CallerType& callerType, bool isMute); 99 int32_t SetEdmMutePolicy(const std::string permissionName, bool isMute); 100 int32_t SetPrivacyMutePolicy(const std::string permissionName, bool isMute); 101 int32_t SetTempMutePolicy(const std::string permissionName, bool isMute); 102 int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed); 103 104 void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); 105 void SetLockScreenStatus(int32_t lockScreenStatus); 106 int32_t GetLockScreenStatus(); 107 bool IsScreenOn(); 108 109 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 110 void NotifyCameraWindowChange(bool isPip, AccessTokenID tokenId, bool isShowing); 111 void OnWindowMgrRemoteDied(); 112 #endif 113 void OnAppMgrRemoteDiedHandle(); 114 void OnAudioMgrRemoteDiedHandle(); 115 void OnCameraMgrRemoteDiedHandle(); 116 void RemoveRecordFromStartListByPid(const AccessTokenID tokenId, int32_t pid); 117 void RemoveRecordFromStartListByToken(const AccessTokenID tokenId); 118 void RemoveRecordFromStartListByOp(int32_t opCode); 119 void ExecuteAllCameraExecuteCallback(); 120 void UpdatePermRecImmediately(); 121 122 private: 123 PermissionRecordManager(); 124 DISALLOW_COPY_AND_MOVE(PermissionRecordManager); 125 126 bool IsAllowedUsingCamera(AccessTokenID tokenId); 127 bool IsAllowedUsingMicrophone(AccessTokenID tokenId); 128 129 void AddRecToCacheAndValueVec(const PermissionRecord& record, std::vector<GenericValues>& values); 130 int32_t MergeOrInsertRecord(const PermissionRecord& record); 131 bool UpdatePermissionUsedRecordToDb(const PermissionRecord& record); 132 int32_t AddRecord(const PermissionRecord& record); 133 int32_t GetPermissionRecord(const AddPermParamInfo& info, PermissionRecord& record); 134 bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); 135 void ExecuteDeletePermissionRecordTask(); 136 int32_t GetCurDeleteTaskNum(); 137 void AddDeleteTaskNum(); 138 void ReduceDeleteTaskNum(); 139 int32_t DeletePermissionRecord(int32_t days); 140 141 void GetMergedRecordsFromCache(std::vector<PermissionRecord>& mergedRecords); 142 void InsteadMergedRecIfNecessary(GenericValues& mergedRecord, std::vector<PermissionRecord>& mergedRecords); 143 void MergeSamePermission(const PermissionUsageFlag& flag, const PermissionUsedRecord& inRecord, 144 PermissionUsedRecord& outRecord); 145 void FillPermissionUsedRecords(const PermissionUsedRecord& record, const PermissionUsageFlag& flag, 146 std::vector<PermissionUsedRecord>& permissionRecords); 147 bool FillBundleUsedRecord(const GenericValues& value, const PermissionUsageFlag& flag, 148 std::map<int32_t, BundleUsedRecord>& tokenIdToBundleMap, std::map<int32_t, int32_t>& tokenIdToCountMap, 149 PermissionUsedResult& result); 150 bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); 151 152 void ExecuteAndUpdateRecord(uint32_t tokenId, int32_t pid, ActiveChangeType status); 153 154 void ExecuteAndUpdateRecordByPerm(const std::string& permissionName, bool switchStatus); 155 int32_t RemoveRecordFromStartList(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 156 int32_t AddRecordToStartList(uint32_t tokenId, int32_t pid, const std::string& permissionName, int32_t status); 157 158 std::string GetDeviceId(AccessTokenID tokenId); 159 void PermListToString(const std::vector<std::string>& permList); 160 bool GetGlobalSwitchStatus(const std::string& permissionName); 161 bool ShowGlobalDialog(const std::string& permissionName); 162 void ModifyMuteStatus(const std::string& permissionName, int32_t index, bool isMute); 163 bool GetMuteStatus(const std::string& permissionName, int32_t index); 164 165 void ExecuteCameraCallbackAsync(AccessTokenID tokenId, int32_t pid); 166 167 void TransformEnumToBitValue(const PermissionUsedType type, uint32_t& value); 168 bool AddOrUpdateUsedTypeIfNeeded(const AccessTokenID tokenId, const int32_t opCode, 169 const PermissionUsedType type); 170 void AddDataValueToResults(const GenericValues value, std::vector<PermissionUsedTypeInfo>& results); 171 172 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 173 bool HasUsingCamera(); 174 void ClearWindowShowing(); 175 #endif 176 bool IsCameraWindowShow(AccessTokenID tokenId); 177 uint64_t GetUniqueId(uint32_t tokenId, int32_t pid) const; 178 bool IsPidValid(int32_t pid) const; 179 bool RegisterWindowCallback(); 180 void InitializeMuteState(const std::string& permissionName); 181 int32_t GetAppStatus(AccessTokenID tokenId); 182 183 bool RegisterAppStatusListener(); 184 bool Register(); 185 bool RegisterApplicationStateObserver(); 186 void Unregister(); 187 bool GetMuteParameter(const char* key, bool& isMute); 188 189 void SetDefaultConfigValue(); 190 void GetConfigValue(); 191 192 private: 193 bool hasInited_ = false; 194 OHOS::Utils::RWLock rwLock_; 195 std::mutex startRecordListMutex_; 196 std::vector<ContinusPermissionRecord> startRecordList_; 197 SafeMap<uint64_t, sptr<IRemoteObject>> cameraCallbackMap_; 198 199 // microphone 200 std::mutex micMuteMutex_; 201 std::mutex micLoadMutex_; 202 bool isMicEdmMute_ = false; 203 bool isMicMixMute_ = false; 204 bool isMicLoad_ = false; 205 206 // camera 207 std::mutex camMuteMutex_; 208 std::mutex camLoadMutex_; 209 bool isCamEdmMute_ = false; 210 bool isCamMixMute_ = false; 211 bool isCamLoad_ = false; 212 213 // appState 214 std::mutex appStateMutex_; 215 sptr<PrivacyAppStateObserver> appStateCallback_ = nullptr; 216 217 // app manager death 218 std::mutex appManagerDeathMutex_; 219 std::shared_ptr<PrivacyAppManagerDeathCallback> appManagerDeathCallback_ = nullptr; 220 221 // lockScreenState 222 std::mutex lockScreenStateMutex_; 223 int32_t lockScreenStatus_ = LockScreenStatusChangeType::PERM_ACTIVE_IN_UNLOCKED; 224 225 // foreground reminder 226 std::mutex foreReminderMutex_; 227 std::vector<uint32_t> foreTokenIdList_; 228 229 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 230 std::mutex windowMutex_; 231 bool isWmRegistered = false; 232 sptr<PrivacyWindowManagerAgent> floatWindowCallback_ = nullptr; 233 sptr<PrivacyWindowManagerAgent> pipWindowCallback_ = nullptr; 234 235 std::mutex windowStatusMutex_; 236 // camera float window 237 bool camFloatWindowShowing_ = false; 238 AccessTokenID floatWindowTokenId_ = 0; 239 240 // pip window 241 bool pipWindowShowing_ = false; 242 AccessTokenID pipWindowTokenId_ = 0; 243 #endif 244 245 // record config 246 int32_t recordSizeMaximum_ = 0; 247 int32_t recordAgingTime_ = 0; 248 std::string globalDialogBundleName_; 249 std::string globalDialogAbilityName_; 250 251 #ifdef EVENTHANDLER_ENABLE 252 std::shared_ptr<AppExecFwk::EventRunner> deleteEventRunner_; 253 std::shared_ptr<AccessEventHandler> deleteEventHandler_; 254 #endif 255 std::atomic_int32_t deleteTaskNum_ = 0; 256 257 std::mutex permUsedRecMutex_; 258 std::vector<PermissionRecordCache> permUsedRecList_; 259 }; 260 } // namespace AccessToken 261 } // namespace Security 262 } // namespace OHOS 263 #endif // PERMISSION_RECORD_MANAGER_H