• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_INTERFACE_H
17 #define OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_INTERFACE_H
18 #include <vector>
19 #include "base/security/access_token/interfaces/innerkits/accesstoken/include/access_token.h"
20 #include "iremote_broker.h"
21 #include "uri.h"
22 
23 namespace OHOS {
24 namespace AAFwk {
25 class IUriPermissionManager : public IRemoteBroker {
26 public:
27     DECLARE_INTERFACE_DESCRIPTOR(u"ohos.ability.UriPermissionManager");
28 
29     /**
30      * @brief Authorize the uri permission to targetBundleName.
31      *
32      * @param uri The file uri.
33      * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION.
34      * @param targetBundleName The user of uri.
35      * @return Returns true if the authorization is successful, otherwise returns false.
36      */
37     virtual int GrantUriPermission(const Uri &uri, unsigned int flag, const std::string targetBundleName,
38         int32_t appIndex = 0, uint32_t initiatorTokenId = 0, int32_t abilityId = -1) = 0;
39 
40     /**
41      * @brief Authorize the uri permission to targetBundleName.
42      *
43      * @param uriVec The file urilist.
44      * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION.
45      * @param targetBundleName The user of uri.
46      * @return Returns true if the authorization is successful, otherwise returns false.
47      */
48     virtual int GrantUriPermission(const std::vector<Uri> &uriVec, unsigned int flag,
49         const std::string targetBundleName, int32_t appIndex = 0, uint32_t initiatorTokenId = 0,
50         int32_t abilityId = -1) = 0;
51 
52     /**
53      * @brief Authorize the uri permission to targetBundleName.
54      *
55      * @param uriVec The file urilist.
56      * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION.
57      * @param targetBundleName The user of uri.
58      * @param appIndex The index of application in sandbox.
59      * @return Returns ERR_OK if the authorization is successful, otherwise returns error code.
60      */
61     virtual int32_t GrantUriPermissionPrivileged(const std::vector<Uri> &uriVec, uint32_t flag,
62         const std::string &targetBundleName, int32_t appIndex, uint32_t initiatorTokenId,
63         int32_t abilityId) = 0;
64 
65     /**
66      * @brief Clear user's uri authorization record with autoremove flag.
67      *
68      * @param tokenId A tokenId of an application.
69      * @param abilityId The abilityId of an ability record.
70      * @return Returns true if the remove is successful, otherwise returns false.
71      */
72     virtual void RevokeUriPermission(const uint32_t tokenId, int32_t abilityId = -1) = 0;
73 
74     /**
75      * @brief Clear user's all uri authorization record with autoremove flag.
76      *
77      * @param tokenId A tokenId of an application.
78      * @return Returns true if the remove is successful, otherwise returns false.
79      */
80     virtual int RevokeAllUriPermissions(const uint32_t tokenId) = 0;
81 
82     /**
83      * @brief Clear user's uri authorization record.
84      *
85      * @param uri The file uri.
86      * @param bundleName bundleName of an application.
87      * @param appIndex The index of application in sandbox.
88      * @return Returns true if the remove is successful, otherwise returns false.
89      */
90     virtual int RevokeUriPermissionManually(const Uri &uri, const std::string bundleName,
91         int32_t appIndex = 0) = 0;
92 
93     /**
94      * @brief verify if tokenId have uri permission of flag.
95      *
96      * @param uri The file uri.
97      * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION.
98      * @param tokenId A tokenId of an application.
99      */
100     virtual bool VerifyUriPermission(const Uri& uri, uint32_t flag, uint32_t tokenId) = 0;
101 
102     /**
103      * @brief verify if tokenId have uri permission of flag.
104      *
105      * @param uri The file uri.
106      * @param flag Want::FLAG_AUTH_READ_URI_PERMISSION or Want::FLAG_AUTH_WRITE_URI_PERMISSION.
107      * @param tokenId A tokenId of an application.
108      */
109     virtual std::vector<bool> CheckUriAuthorization(const std::vector<std::string> &uriVec,
110         uint32_t flag, uint32_t tokenId) = 0;
111 
112     enum UriPermMgrCmd {
113         // ipc id for GrantUriPermission
114         ON_GRANT_URI_PERMISSION = 0,
115 
116         // ipc id for RevokeUriPermission
117         ON_REVOKE_URI_PERMISSION,
118 
119         // ipc id for RevokeAllUriPermission
120         ON_REVOKE_ALL_URI_PERMISSION,
121 
122         ON_REVOKE_URI_PERMISSION_MANUALLY,
123 
124         // ipc id for VerifyUriPermission
125         ON_VERIFY_URI_PERMISSION,
126 
127         // ipc id for BatchGrantUriPermission
128         ON_BATCH_GRANT_URI_PERMISSION,
129 
130         //ipc id for GrantUriPermissionPrivileged
131         ON_GRANT_URI_PERMISSION_PRIVILEGED,
132 
133         //ipc id for GrantUriPermissionPrivileged
134         ON_CHECK_URI_AUTHORIZATION
135     };
136 };
137 }  // namespace AAFwk
138 }  // namespace OHOS
139 #endif  // OHOS_ABILITY_RUNTIME_URI_PERMISSION_MANAGER_INTERFACE_H
140