1 /* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ACCESSTOKEN_TOKEN_INFO_MANAGER_H 17 #define ACCESSTOKEN_TOKEN_INFO_MANAGER_H 18 19 #include <atomic> 20 #include <map> 21 #include <memory> 22 #include <vector> 23 24 #include "access_token.h" 25 #include "atm_tools_param_info.h" 26 #ifdef TOKEN_SYNC_ENABLE 27 #include "device_manager.h" 28 #endif 29 #include "hap_token_info.h" 30 #include "hap_token_info_inner.h" 31 #include "native_token_info_inner.h" 32 #include "thread_pool.h" 33 34 namespace OHOS { 35 namespace Security { 36 namespace AccessToken { 37 static const int UDID_MAX_LENGTH = 128; // udid/uuid max length 38 39 #ifdef TOKEN_SYNC_ENABLE 40 class AccessTokenDmInitCallback final : public DistributedHardware::DmInitCallback { OnRemoteDied()41 void OnRemoteDied() override 42 {} 43 }; 44 #endif 45 46 class AccessTokenInfoManager final { 47 public: 48 static AccessTokenInfoManager& GetInstance(); 49 ~AccessTokenInfoManager(); 50 void Init(); 51 std::shared_ptr<HapTokenInfoInner> GetHapTokenInfoInner(AccessTokenID id); 52 int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& infoParcel); 53 std::shared_ptr<NativeTokenInfoInner> GetNativeTokenInfoInner(AccessTokenID id); 54 int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& infoParcel); 55 int AllocAccessTokenIDEx(const HapInfoParams& info, AccessTokenID tokenId, AccessTokenIDEx& tokenIdEx); 56 std::shared_ptr<PermissionPolicySet> GetNativePermissionPolicySet(AccessTokenID id); 57 std::shared_ptr<PermissionPolicySet> GetHapPermissionPolicySet(AccessTokenID id); 58 int RemoveHapTokenInfo(AccessTokenID id); 59 int RemoveNativeTokenInfo(AccessTokenID id); 60 int32_t AddAllNativeTokenInfoToDb(void); 61 int32_t ModifyHapTokenInfoFromDb(AccessTokenID tokenID, const std::shared_ptr<HapTokenInfoInner>& hapInner); 62 int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); 63 int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); 64 AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); 65 AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 66 void ProcessNativeTokenInfos(const std::vector<std::shared_ptr<NativeTokenInfoInner>>& tokenInfos); 67 int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, 68 const std::vector<PermissionStateFull>& permStateList, ATokenAplEnum apl, 69 const std::vector<PermissionDef>& permList); 70 void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); 71 bool IsTokenIdExist(AccessTokenID id); 72 AccessTokenID GetNativeTokenId(const std::string& processName); 73 void GetRelatedSandBoxHapList(AccessTokenID tokenId, std::vector<AccessTokenID>& tokenIdList); 74 int32_t GetHapTokenDlpType(AccessTokenID id); 75 int32_t SetPermDialogCap(AccessTokenID tokenID, bool enable); 76 bool GetPermDialogCap(AccessTokenID tokenID); 77 int32_t ModifyHapPermStateFromDb( 78 AccessTokenID tokenID, const std::string& permission, const std::shared_ptr<HapTokenInfoInner>& hapInfo); 79 void DumpToken(); 80 int32_t GetCurDumpTaskNum(); 81 void AddDumpTaskNum(); 82 void ReduceDumpTaskNum(); 83 84 #ifdef TOKEN_SYNC_ENABLE 85 /* tokensync needed */ 86 int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 87 int GetHapTokenInfoFromRemote(AccessTokenID tokenID, 88 HapTokenInfoForSync& hapSync); 89 int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync); 90 bool IsRemoteHapTokenValid(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 91 int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 92 AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 93 int DeleteRemoteDeviceTokens(const std::string& deviceID); 94 #endif 95 96 bool UpdateStatesToDatabase(AccessTokenID tokenID, std::vector<PermissionStateFull>& stateChangeList); 97 bool UpdateCapStateToDatabase(AccessTokenID tokenID, bool enable); 98 99 private: 100 AccessTokenInfoManager(); 101 DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); 102 103 void InitHapTokenInfos(uint32_t& hapSize); 104 void InitNativeTokenInfos(uint32_t& nativeSize); 105 int AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info); 106 int AddNativeTokenInfo(const std::shared_ptr<NativeTokenInfoInner>& info); 107 std::string GetHapUniqueStr(const std::shared_ptr<HapTokenInfoInner>& info) const; 108 std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; 109 bool TryUpdateExistNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 110 int AllocNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 111 int AddHapTokenInfoToDb(AccessTokenID tokenID, const std::shared_ptr<HapTokenInfoInner>& hapInfo); 112 int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); 113 int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 114 int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 115 void PermissionStateNotify(const std::shared_ptr<HapTokenInfoInner>& info, AccessTokenID id); 116 void DumpHapTokenInfoByTokenId(const AccessTokenID tokenId, std::string& dumpInfo); 117 void DumpHapTokenInfoByBundleName(const std::string& bundleName, std::string& dumpInfo); 118 void DumpAllHapTokenInfo(std::string& dumpInfo); 119 void DumpNativeTokenInfoByProcessName(const std::string& processName, std::string& dumpInfo); 120 void DumpAllNativeTokenInfo(std::string& dumpInfo); 121 122 #ifdef RESOURCESCHEDULE_FFRT_ENABLE 123 std::atomic_int32_t curTaskNum_; 124 std::shared_ptr<ffrt::queue> ffrtTaskQueue_ = std::make_shared<ffrt::queue>("TokenStore"); 125 #else 126 OHOS::ThreadPool tokenDataWorker_; 127 #endif 128 bool RemoveNativeInfoFromDatabase(AccessTokenID tokenID); 129 130 bool hasInited_; 131 std::atomic_int32_t dumpTaskNum_; 132 133 OHOS::Utils::RWLock hapTokenInfoLock_; 134 OHOS::Utils::RWLock nativeTokenInfoLock_; 135 OHOS::Utils::RWLock managerLock_; 136 OHOS::Utils::RWLock modifyLock_; 137 138 std::map<int, std::shared_ptr<HapTokenInfoInner>> hapTokenInfoMap_; 139 std::map<std::string, AccessTokenID> hapTokenIdMap_; 140 std::map<int, std::shared_ptr<NativeTokenInfoInner>> nativeTokenInfoMap_; 141 std::map<std::string, AccessTokenID> nativeTokenIdMap_; 142 }; 143 } // namespace AccessToken 144 } // namespace Security 145 } // namespace OHOS 146 #endif // ACCESSTOKEN_TOKEN_INFO_MANAGER_H 147