• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "js_uri_perm_mgr.h"
17 
18 #include "ability_business_error.h"
19 #include "ability_manager_errors.h"
20 #include "ability_runtime_error_util.h"
21 #include "hilog_tag_wrapper.h"
22 #include "ipc_skeleton.h"
23 #include "js_error_utils.h"
24 #include "js_runtime_utils.h"
25 #include "napi_common_util.h"
26 #include "parameters.h"
27 #include "tokenid_kit.h"
28 #include "uri.h"
29 #include "uri_permission_manager_client.h"
30 
31 namespace OHOS {
32 namespace AbilityRuntime {
33 namespace {
34 constexpr int32_t ERR_OK = 0;
35 constexpr int32_t argCountFour = 4;
36 constexpr int32_t argCountThree = 3;
37 constexpr int32_t argCountTwo = 2;
38 }
39 class JsUriPermMgr {
40 public:
41     JsUriPermMgr() = default;
42     ~JsUriPermMgr() = default;
43 
Finalizer(napi_env env,void * data,void * hint)44     static void Finalizer(napi_env env, void* data, void* hint)
45     {
46         TAG_LOGI(AAFwkTag::URIPERMMGR, "JsUriPermMgr::Finalizer is called");
47         std::unique_ptr<JsUriPermMgr>(static_cast<JsUriPermMgr*>(data));
48     }
49 
GrantUriPermission(napi_env env,napi_callback_info info)50     static napi_value GrantUriPermission(napi_env env, napi_callback_info info)
51     {
52         GET_NAPI_INFO_AND_CALL(env, info, JsUriPermMgr, OnGrantUriPermission);
53     }
54 
RevokeUriPermission(napi_env env,napi_callback_info info)55     static napi_value RevokeUriPermission(napi_env env, napi_callback_info info)
56     {
57         GET_NAPI_INFO_AND_CALL(env, info, JsUriPermMgr, OnRevokeUriPermission);
58     }
59 
60 private:
OnGrantUriPermission(napi_env env,NapiCallbackInfo & info)61     napi_value OnGrantUriPermission(napi_env env, NapiCallbackInfo& info)
62     {
63         TAG_LOGD(AAFwkTag::URIPERMMGR, "Grant Uri Permission start");
64         if (info.argc != argCountThree && info.argc != argCountFour) {
65             TAG_LOGE(AAFwkTag::URIPERMMGR, "The number of parameter is invalid.");
66             ThrowTooFewParametersError(env);
67             return CreateJsUndefined(env);
68         }
69         std::string uriStr;
70         if (!OHOS::AppExecFwk::UnwrapStringFromJS2(env, info.argv[0], uriStr)) {
71             TAG_LOGE(AAFwkTag::URIPERMMGR, "The uriStr is invalid.");
72             ThrowInvalidParamError(env, "Parse param uri failed, uri must be string.");
73             return CreateJsUndefined(env);
74         }
75         int flag = 0;
76         if (!OHOS::AppExecFwk::UnwrapInt32FromJS2(env, info.argv[1], flag)) {
77             TAG_LOGE(AAFwkTag::URIPERMMGR, "The flag is invalid.");
78             ThrowInvalidParamError(env, "Parse param flag failed, flag must be number.");
79             return CreateJsUndefined(env);
80         }
81         std::string targetBundleName;
82         if (!OHOS::AppExecFwk::UnwrapStringFromJS2(env, info.argv[argCountTwo], targetBundleName)) {
83             TAG_LOGE(AAFwkTag::URIPERMMGR, "The targetBundleName is invalid.");
84             ThrowInvalidParamError(env, "Parse param targetBundleName failed, targetBundleName must be string.");
85             return CreateJsUndefined(env);
86         }
87         auto selfToken = IPCSkeleton::GetSelfTokenID();
88         if (!Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(selfToken)) {
89             TAG_LOGE(AAFwkTag::URIPERMMGR, "This application is not system-app, can not use system-api.");
90             ThrowError(env, AbilityErrorCode::ERROR_CODE_NOT_SYSTEM_APP);
91             return CreateJsUndefined(env);
92         }
93         NapiAsyncTask::CompleteCallback complete =
94         [uriStr, flag, targetBundleName](napi_env env, NapiAsyncTask& task, int32_t status) {
95             Uri uri(uriStr);
96             auto errCode =
97                 AAFwk::UriPermissionManagerClient::GetInstance().GrantUriPermission(uri, flag, targetBundleName, 0);
98             if (errCode == ERR_OK) {
99                 task.ResolveWithNoError(env, CreateJsUndefined(env));
100             } else if (errCode ==  AAFwk::CHECK_PERMISSION_FAILED) {
101                 task.Reject(env, CreateNoPermissionError(env, "ohos.permission.PROXY_AUTHORIZATION_URI"));
102             } else if (errCode == AAFwk::ERR_CODE_INVALID_URI_FLAG) {
103                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_INVALID_URI_FLAG,
104                 "Invalid URI flag."));
105             } else if (errCode == AAFwk::ERR_CODE_INVALID_URI_TYPE) {
106                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_INVALID_URI_TYPE,
107                 "Only support file URI."));
108             } else if (errCode == AAFwk::ERR_CODE_GRANT_URI_PERMISSION) {
109                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_GRANT_URI_PERMISSION,
110                 "Sandbox application can not grant URI permission."));
111             } else {
112                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_INTERNAL_ERROR,
113                 "Internal Error."));
114             }
115         };
116         napi_value lastParam = (info.argc == argCountFour) ? info.argv[argCountThree] : nullptr;
117         napi_value result = nullptr;
118         NapiAsyncTask::ScheduleHighQos("JsUriPermMgr::OnGrantUriPermission",
119             env, CreateAsyncTaskWithLastParam(env, lastParam, nullptr, std::move(complete), &result));
120         return result;
121     }
122 
OnRevokeUriPermission(napi_env env,NapiCallbackInfo & info)123     napi_value OnRevokeUriPermission(napi_env env, NapiCallbackInfo& info)
124     {
125         // only support 2 or 3 params (2 parameter and 1 optional callback)
126         if (info.argc != argCountThree && info.argc != argCountTwo) {
127             TAG_LOGE(AAFwkTag::URIPERMMGR, "Invalid arguments");
128             ThrowTooFewParametersError(env);
129             return CreateJsUndefined(env);
130         }
131         std::string uriStr;
132         if (!OHOS::AppExecFwk::UnwrapStringFromJS2(env, info.argv[0], uriStr)) {
133             TAG_LOGE(AAFwkTag::URIPERMMGR, "invalid of the uriStr.");
134             ThrowInvalidParamError(env, "Parse param uri failed, uri must be string.");
135             return CreateJsUndefined(env);
136         }
137         std::string bundleName;
138         if (!OHOS::AppExecFwk::UnwrapStringFromJS2(env, info.argv[1], bundleName)) {
139             TAG_LOGE(AAFwkTag::URIPERMMGR, "The bundleName is invalid.");
140             ThrowInvalidParamError(env, "Parse param bundleName failed, bundleName must be string.");
141             return CreateJsUndefined(env);
142         }
143         auto selfToken = IPCSkeleton::GetSelfTokenID();
144         if (!Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(selfToken)) {
145             TAG_LOGE(AAFwkTag::URIPERMMGR, "can not use system-api, this application is not system-app.");
146             ThrowError(env, AbilityErrorCode::ERROR_CODE_NOT_SYSTEM_APP);
147             return CreateJsUndefined(env);
148         }
149         NapiAsyncTask::CompleteCallback complete =
150         [uriStr, bundleName](napi_env env, NapiAsyncTask& task, int32_t status) {
151             Uri uri(uriStr);
152             auto errCode = AAFwk::UriPermissionManagerClient::GetInstance().RevokeUriPermissionManually(uri,
153                 bundleName, 0);
154             if (errCode == ERR_OK) {
155                 task.ResolveWithNoError(env, CreateJsUndefined(env));
156             } else if (errCode == AAFwk::CHECK_PERMISSION_FAILED) {
157                 task.Reject(env, CreateNoPermissionError(env,
158                     "Do not have permission ohos.permission.PROXY_AUTHORIZATION_URI"));
159             } else if (errCode == AAFwk::ERR_CODE_INVALID_URI_TYPE) {
160                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_INVALID_URI_TYPE,
161                 "Only support file URI."));
162             } else {
163                 task.Reject(env, CreateJsError(env, ERR_ABILITY_RUNTIME_EXTERNAL_INTERNAL_ERROR,
164                 "Internal Error."));
165             }
166         };
167         napi_value lastParam = (info.argc == argCountThree) ? info.argv[argCountTwo] : nullptr;
168         napi_value result = nullptr;
169         NapiAsyncTask::ScheduleHighQos("JsUriPermMgr::OnRevokeUriPermission",
170             env, CreateAsyncTaskWithLastParam(env, lastParam, nullptr, std::move(complete), &result));
171         return result;
172     }
173 };
174 
CreateJsUriPermMgr(napi_env env,napi_value exportObj)175 napi_value CreateJsUriPermMgr(napi_env env, napi_value exportObj)
176 {
177     TAG_LOGD(AAFwkTag::URIPERMMGR, "CreateJsUriPermMgr is called");
178     if (env == nullptr || exportObj == nullptr) {
179         TAG_LOGI(AAFwkTag::URIPERMMGR, "Invalid input parameters");
180         return nullptr;
181     }
182 
183     std::unique_ptr<JsUriPermMgr> jsUriPermMgr = std::make_unique<JsUriPermMgr>();
184     napi_wrap(env, exportObj, jsUriPermMgr.release(), JsUriPermMgr::Finalizer, nullptr, nullptr);
185 
186     const char *moduleName = "JsUriPermMgr";
187     BindNativeFunction(env, exportObj, "grantUriPermission", moduleName, JsUriPermMgr::GrantUriPermission);
188     BindNativeFunction(env, exportObj, "revokeUriPermission", moduleName, JsUriPermMgr::RevokeUriPermission);
189     return CreateJsUndefined(env);
190 }
191 }  // namespace AbilityRuntime
192 }  // namespace OHOS
193