1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "uri_permission_manager_stub_impl.h"
17
18 #include <unordered_map>
19
20 #include "ability_manager_errors.h"
21 #include "accesstoken_kit.h"
22 #include "app_utils.h"
23 #include "hilog_tag_wrapper.h"
24 #include "if_system_ability_manager.h"
25 #include "in_process_call_wrapper.h"
26 #include "ipc_skeleton.h"
27 #include "iservice_registry.h"
28 #include "media_permission_manager.h"
29 #include "parameter.h"
30 #include "permission_constants.h"
31 #include "permission_verification.h"
32 #include "system_ability_definition.h"
33 #include "tokenid_kit.h"
34 #include "uri_permission_utils.h"
35 #include "want.h"
36
37 #define READ_MODE (1<<0)
38 #define WRITE_MODE (1<<1)
39 #define IS_POLICY_ALLOWED_TO_BE_PRESISTED (1<<0)
40
41 namespace OHOS {
42 namespace AAFwk {
43 namespace {
44 constexpr int32_t ERR_OK = 0;
45 constexpr uint32_t FLAG_READ_WRITE_URI = Want::FLAG_AUTH_READ_URI_PERMISSION | Want::FLAG_AUTH_WRITE_URI_PERMISSION;
46 constexpr uint32_t FLAG_WRITE_URI = Want::FLAG_AUTH_WRITE_URI_PERMISSION;
47 constexpr uint32_t FLAG_READ_URI = Want::FLAG_AUTH_READ_URI_PERMISSION;
48 constexpr const char* CLOUND_DOCS_URI_MARK = "?networkid=";
49 constexpr uint32_t INVALID_ABILITYID = -1;
50 }
51
VerifyUriPermission(const Uri & uri,uint32_t flag,uint32_t tokenId)52 bool UriPermissionManagerStubImpl::VerifyUriPermission(const Uri &uri, uint32_t flag, uint32_t tokenId)
53 {
54 // verify if tokenId have uri permission record
55 auto uriStr = uri.ToString();
56 TAG_LOGD(AAFwkTag::URIPERMMGR, "uri is %{private}s, flag is %{public}u, tokenId is %{public}u",
57 uriStr.c_str(), flag, tokenId);
58 if (!UPMSUtils::IsSAOrSystemAppCall()) {
59 TAG_LOGE(AAFwkTag::URIPERMMGR, "not SA or SystemApp");
60 return false;
61 }
62 if ((flag & FLAG_READ_WRITE_URI) == 0) {
63 TAG_LOGE(AAFwkTag::URIPERMMGR, "Flag is invalid.");
64 return false;
65 }
66 uint32_t newFlag = FLAG_READ_URI;
67 if ((flag & FLAG_WRITE_URI) != 0) {
68 newFlag = FLAG_WRITE_URI;
69 }
70 std::lock_guard<std::mutex> guard(mutex_);
71 auto search = uriMap_.find(uriStr);
72 if (search != uriMap_.end()) {
73 auto& list = search->second;
74 for (auto it = list.begin(); it != list.end(); it++) {
75 if ((it->targetTokenId == tokenId) && ((it->flag | FLAG_READ_URI) & newFlag) != 0) {
76 TAG_LOGD(AAFwkTag::URIPERMMGR, "have uri permission.");
77 return true;
78 }
79 }
80 }
81 return VerifySubDirUriPermission(uriStr, newFlag, tokenId);
82 }
83
VerifySubDirUriPermission(const std::string & uriStr,uint32_t newFlag,uint32_t tokenId)84 bool UriPermissionManagerStubImpl::VerifySubDirUriPermission(const std::string &uriStr,
85 uint32_t newFlag, uint32_t tokenId)
86 {
87 auto iPos = uriStr.find(CLOUND_DOCS_URI_MARK);
88 if (iPos == std::string::npos) {
89 TAG_LOGI(AAFwkTag::URIPERMMGR, "Local uri not support to verify sub directory uri permission.");
90 return false;
91 }
92
93 for (auto search = uriMap_.rbegin(); search != uriMap_.rend(); ++search) {
94 if (!IsDistributedSubDirUri(uriStr, search->first)) {
95 continue;
96 }
97 auto& list = search->second;
98 for (auto it = list.begin(); it != list.end(); it++) {
99 if ((it->targetTokenId == tokenId) && ((it->flag | FLAG_READ_URI) & newFlag) != 0) {
100 TAG_LOGD(AAFwkTag::URIPERMMGR, "have uri permission.");
101 return true;
102 }
103 }
104 break;
105 }
106 TAG_LOGI(AAFwkTag::URIPERMMGR, "Uri permission not exists.");
107 return false;
108 }
109
IsDistributedSubDirUri(const std::string & inputUri,const std::string & cachedUri)110 bool UriPermissionManagerStubImpl::IsDistributedSubDirUri(const std::string &inputUri, const std::string &cachedUri)
111 {
112 auto iPos = inputUri.find(CLOUND_DOCS_URI_MARK);
113 auto cPos = cachedUri.find(CLOUND_DOCS_URI_MARK);
114 if ((iPos == std::string::npos) || (cPos == std::string::npos)) {
115 TAG_LOGI(AAFwkTag::URIPERMMGR, "The uri is not distributed file uri.");
116 return false;
117 }
118 std::string iTempUri = inputUri.substr(0, iPos);
119 std::string cTempUri = cachedUri.substr(0, cPos);
120 return iTempUri.find(cTempUri + "/") == 0;
121 }
122
GrantUriPermission(const Uri & uri,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId,int32_t abilityId)123 int UriPermissionManagerStubImpl::GrantUriPermission(const Uri &uri, unsigned int flag,
124 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId, int32_t abilityId)
125 {
126 TAG_LOGI(AAFwkTag::URIPERMMGR, "Uri is %{private}s.", uri.ToString().c_str());
127 if (!UPMSUtils::IsSAOrSystemAppCall()) {
128 TAG_LOGE(AAFwkTag::URIPERMMGR, "not SA or SystemApp");
129 return CHECK_PERMISSION_FAILED;
130 }
131 std::vector<Uri> uriVec = { uri };
132 return GrantUriPermission(uriVec, flag, targetBundleName, appIndex, initiatorTokenId, abilityId);
133 }
134
GrantUriPermission(const std::vector<Uri> & uriVec,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId,int32_t abilityId)135 int UriPermissionManagerStubImpl::GrantUriPermission(const std::vector<Uri> &uriVec, unsigned int flag,
136 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId, int32_t abilityId)
137 {
138 TAG_LOGI(AAFwkTag::URIPERMMGR, "BundleName is %{public}s, appIndex is %{public}d, size of uriVec is %{public}zu.",
139 targetBundleName.c_str(), appIndex, uriVec.size());
140 if (!UPMSUtils::IsSAOrSystemAppCall()) {
141 TAG_LOGE(AAFwkTag::URIPERMMGR, "not SA or SystemApp");
142 return CHECK_PERMISSION_FAILED;
143 }
144 auto checkResult = CheckCalledBySandBox();
145 if (checkResult != ERR_OK) {
146 return checkResult;
147 }
148 if ((flag & FLAG_READ_WRITE_URI) == 0) {
149 TAG_LOGE(AAFwkTag::URIPERMMGR, "invalid flag, value: %{public}u.", flag);
150 return ERR_CODE_INVALID_URI_FLAG;
151 }
152 if (AppUtils::GetInstance().IsGrantPersistUriPermission()) {
153 bool isSystemAppCall = UPMSUtils::IsSystemAppCall(initiatorTokenId);
154 return GrantUriPermissionFor2In1Inner(
155 uriVec, flag, targetBundleName, appIndex, isSystemAppCall, initiatorTokenId, abilityId);
156 }
157 return GrantUriPermissionInner(uriVec, flag, targetBundleName, appIndex, initiatorTokenId, abilityId);
158 }
159
GrantUriPermissionPrivileged(const std::vector<Uri> & uriVec,uint32_t flag,const std::string & targetBundleName,int32_t appIndex,uint32_t initiatorTokenId,int32_t abilityId)160 int32_t UriPermissionManagerStubImpl::GrantUriPermissionPrivileged(const std::vector<Uri> &uriVec, uint32_t flag,
161 const std::string &targetBundleName, int32_t appIndex, uint32_t initiatorTokenId, int32_t abilityId)
162 {
163 TAG_LOGI(AAFwkTag::URIPERMMGR, "BundleName is %{public}s, appIndex is %{public}d, size of uriVec is %{public}zu.",
164 targetBundleName.c_str(), appIndex, uriVec.size());
165
166 uint32_t callerTokenId = IPCSkeleton::GetCallingTokenID();
167 auto permissionName = PermissionConstants::PERMISSION_GRANT_URI_PERMISSION_PRIVILEGED;
168 if (!PermissionVerification::GetInstance()->VerifyPermissionByTokenId(callerTokenId, permissionName)) {
169 TAG_LOGE(AAFwkTag::URIPERMMGR, "No permission to call");
170 return CHECK_PERMISSION_FAILED;
171 }
172
173 if ((flag & FLAG_READ_WRITE_URI) == 0) {
174 TAG_LOGE(AAFwkTag::URIPERMMGR, "invalid flag, value: %{public}u.", flag);
175 return ERR_CODE_INVALID_URI_FLAG;
176 }
177 flag &= FLAG_READ_WRITE_URI;
178 uint32_t targetTokenId = 0;
179 auto ret = UPMSUtils::GetTokenIdByBundleName(targetBundleName, appIndex, targetTokenId);
180 if (ret != ERR_OK) {
181 TAG_LOGE(AAFwkTag::URIPERMMGR, "Get tokenId failed, bundlename: %{public}s.", targetBundleName.c_str());
182 return ret;
183 }
184
185 if (AppUtils::GetInstance().IsGrantPersistUriPermission()) {
186 return GrantBatchUriPermissionFor2In1Privileged(uriVec, flag, callerTokenId, targetTokenId);
187 }
188 if (UPMSUtils::IsFoundationCall()) {
189 callerTokenId = initiatorTokenId;
190 } else {
191 abilityId = INVALID_ABILITYID;
192 }
193 return GrantBatchUriPermissionPrivileged(uriVec, flag, callerTokenId, targetTokenId, abilityId);
194 }
195
GrantUriPermissionInner(const std::vector<Uri> & uriVec,unsigned int flag,const std::string targetBundleName,int32_t appIndex,uint32_t initiatorTokenId,int32_t abilityId)196 int UriPermissionManagerStubImpl::GrantUriPermissionInner(const std::vector<Uri> &uriVec, unsigned int flag,
197 const std::string targetBundleName, int32_t appIndex, uint32_t initiatorTokenId, int32_t abilityId)
198 {
199 TAG_LOGD(AAFwkTag::URIPERMMGR, "called");
200 flag &= FLAG_READ_WRITE_URI;
201 uint32_t targetTokenId = 0;
202 auto ret = UPMSUtils::GetTokenIdByBundleName(targetBundleName, appIndex, targetTokenId);
203 if (ret != ERR_OK) {
204 TAG_LOGE(AAFwkTag::URIPERMMGR, "get tokenId of target bundle name failed.");
205 return ret;
206 }
207 // recordId will be set default id if the process name is not foundation.
208 int32_t recordId = -1;
209 uint32_t appTokenId = IPCSkeleton::GetCallingTokenID();
210 if (UPMSUtils::IsFoundationCall()) {
211 recordId = abilityId;
212 appTokenId = initiatorTokenId;
213 }
214 if (uriVec.size() == 1) {
215 return GrantSingleUriPermission(uriVec[0], flag, appTokenId, targetTokenId, recordId);
216 }
217 return GrantBatchUriPermission(uriVec, flag, appTokenId, targetTokenId, recordId);
218 }
219
checkPersistPermission(uint64_t tokenId,const std::vector<PolicyInfo> & policy,std::vector<bool> & result)220 int checkPersistPermission(uint64_t tokenId, const std::vector<PolicyInfo> &policy, std::vector<bool> &result)
221 {
222 for (size_t i = 0; i < policy.size(); i++) {
223 result.emplace_back(true);
224 }
225 TAG_LOGI(AAFwkTag::URIPERMMGR, "result size: %{public}zu", result.size());
226 return 0;
227 }
228
setPolicy(uint64_t tokenId,const std::vector<PolicyInfo> & policy,uint64_t policyFlag)229 int32_t setPolicy(uint64_t tokenId, const std::vector<PolicyInfo> &policy, uint64_t policyFlag)
230 {
231 TAG_LOGI(AAFwkTag::URIPERMMGR, "policy size: %{public}zu", policy.size());
232 return 0;
233 }
234
persistPermission(const std::vector<PolicyInfo> & policy,std::vector<uint32_t> & result)235 int persistPermission(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result)
236 {
237 for (size_t i = 0; i < policy.size(); i++) {
238 result.emplace_back(0);
239 }
240 TAG_LOGI(AAFwkTag::URIPERMMGR, "result size: %{public}zu", result.size());
241 return 0;
242 }
243
CheckCalledBySandBox()244 int32_t UriPermissionManagerStubImpl::CheckCalledBySandBox()
245 {
246 // reject sandbox to grant uri permission
247 ConnectManager(appMgr_, APP_MGR_SERVICE_ID);
248 if (appMgr_ == nullptr) {
249 TAG_LOGE(AAFwkTag::URIPERMMGR, "Get BundleManager failed!");
250 return INNER_ERR;
251 }
252 auto callerPid = IPCSkeleton::GetCallingPid();
253 bool isSandbox = false;
254 if (IN_PROCESS_CALL(appMgr_->JudgeSandboxByPid(callerPid, isSandbox)) != ERR_OK) {
255 TAG_LOGE(AAFwkTag::URIPERMMGR, "JudgeSandboxByPid failed.");
256 return INNER_ERR;
257 }
258 if (isSandbox) {
259 TAG_LOGE(AAFwkTag::URIPERMMGR, "Sandbox application can not grant URI permission.");
260 return ERR_CODE_GRANT_URI_PERMISSION;
261 }
262 return ERR_OK;
263 }
264
AddTempUriPermission(const std::string & uri,unsigned int flag,TokenId fromTokenId,TokenId targetTokenId,int32_t abilityId)265 int UriPermissionManagerStubImpl::AddTempUriPermission(const std::string &uri, unsigned int flag,
266 TokenId fromTokenId, TokenId targetTokenId, int32_t abilityId)
267 {
268 std::lock_guard<std::mutex> guard(mutex_);
269 auto search = uriMap_.find(uri);
270 bool autoRemove = (abilityId != DEFAULT_ABILITY_ID);
271 GrantInfo info = { flag, fromTokenId, targetTokenId, autoRemove, {} };
272 info.AddAbilityId(abilityId);
273 if (search == uriMap_.end()) {
274 TAG_LOGI(AAFwkTag::URIPERMMGR, "Insert an uri r/w permission.");
275 std::list<GrantInfo> infoList = { info };
276 uriMap_.emplace(uri, infoList);
277 return ERR_OK;
278 }
279 auto& infoList = search->second;
280 for (auto& item : infoList) {
281 if (item.fromTokenId == fromTokenId && item.targetTokenId == targetTokenId) {
282 TAG_LOGI(AAFwkTag::URIPERMMGR,
283 "Item: flag is %{public}u, autoRemove is %{public}u, ability size is %{public}zu.",
284 item.flag, item.autoRemove, item.abilityIds.size());
285 item.AddAbilityId(abilityId);
286 // r-w
287 if ((item.flag & FLAG_WRITE_URI) == 0 && (flag & FLAG_WRITE_URI) != 0) {
288 TAG_LOGI(AAFwkTag::URIPERMMGR, "Update uri r/w permission.");
289 item.autoRemove = autoRemove;
290 item.flag |= FLAG_WRITE_URI;
291 return ERR_OK;
292 }
293 // w-r
294 TAG_LOGD(AAFwkTag::URIPERMMGR, "Uri has been granted, not to grant again.");
295 if ((item.flag & FLAG_WRITE_URI) != 0 && (flag & FLAG_WRITE_URI) == 0) {
296 return ERR_OK;
297 }
298 // other
299 if (!autoRemove) {
300 item.autoRemove = autoRemove;
301 }
302 return ERR_OK;
303 }
304 }
305 TAG_LOGI(AAFwkTag::URIPERMMGR, "Insert a new uri permission record.");
306 infoList.emplace_back(info);
307 return ERR_OK;
308 }
309
GrantUriPermissionImpl(const Uri & uri,unsigned int flag,TokenId callerTokenId,TokenId targetTokenId,int32_t abilityId)310 int UriPermissionManagerStubImpl::GrantUriPermissionImpl(const Uri &uri, unsigned int flag,
311 TokenId callerTokenId, TokenId targetTokenId, int32_t abilityId)
312 {
313 TAG_LOGD(AAFwkTag::URIPERMMGR, "uri = %{private}s, flag = %{public}u, callerTokenId = %{public}u,"
314 "targetTokenId = %{public}u, abilityId = %{public}d", uri.ToString().c_str(), flag, callerTokenId,
315 targetTokenId, abilityId);
316 ConnectManager(storageManager_, STORAGE_MANAGER_MANAGER_ID);
317 if (storageManager_ == nullptr) {
318 TAG_LOGE(AAFwkTag::URIPERMMGR, "ConnectManager failed");
319 return INNER_ERR;
320 }
321 auto uriStr = uri.ToString();
322 std::vector<std::string> uriVec = { uriStr };
323 auto resVec = storageManager_->CreateShareFile(uriVec, targetTokenId, flag);
324 if (resVec.size() == 0) {
325 TAG_LOGE(AAFwkTag::URIPERMMGR, "storageManager resVec is empty.");
326 return INNER_ERR;
327 }
328 if (resVec[0] != 0 && resVec[0] != -EEXIST) {
329 TAG_LOGE(AAFwkTag::URIPERMMGR, "failed to CreateShareFile.");
330 return INNER_ERR;
331 }
332 AddTempUriPermission(uriStr, flag, callerTokenId, targetTokenId, abilityId);
333 UPMSUtils::SendSystemAppGrantUriPermissionEvent(callerTokenId, targetTokenId, uriVec, resVec);
334 return ERR_OK;
335 }
336
GrantSingleUriPermission(const Uri & uri,unsigned int flag,uint32_t callerTokenId,uint32_t targetTokenId,int32_t abilityId)337 int UriPermissionManagerStubImpl::GrantSingleUriPermission(const Uri &uri, unsigned int flag, uint32_t callerTokenId,
338 uint32_t targetTokenId, int32_t abilityId)
339 {
340 TAG_LOGI(AAFwkTag::URIPERMMGR,
341 "uri is %{private}s, callerTokenId is %{public}u, targetTokenId is %{public}u, abilityId is %{public}d",
342 uri.ToString().c_str(), callerTokenId, targetTokenId, abilityId);
343 if (!CheckUriTypeIsValid(uri)) {
344 TAG_LOGE(AAFwkTag::URIPERMMGR, "Check uri type failed, uri is %{private}s", uri.ToString().c_str());
345 return ERR_CODE_INVALID_URI_TYPE;
346 }
347 TokenIdPermission tokenIdPermission(callerTokenId);
348 std::vector<Uri> uriVec = { uri };
349 auto checkResult = CheckUriPermission(tokenIdPermission, uriVec, flag);
350 if (!checkResult[0]) {
351 TAG_LOGW(AAFwkTag::URIPERMMGR, "No permission, uri is %{private}s, callerTokenId is %{public}u",
352 uri.ToString().c_str(), callerTokenId);
353 UPMSUtils::SendShareUnPrivilegeUriEvent(callerTokenId, targetTokenId);
354 return CHECK_PERMISSION_FAILED;
355 }
356 return GrantUriPermissionImpl(uri, flag, callerTokenId, targetTokenId, abilityId);
357 }
358
GrantBatchUriPermissionImpl(const std::vector<std::string> & uriVec,unsigned int flag,TokenId callerTokenId,TokenId targetTokenId,int32_t abilityId)359 int UriPermissionManagerStubImpl::GrantBatchUriPermissionImpl(const std::vector<std::string> &uriVec,
360 unsigned int flag, TokenId callerTokenId, TokenId targetTokenId, int32_t abilityId)
361 {
362 TAG_LOGI(AAFwkTag::URIPERMMGR,"callerTokenId is %{public}u, targetTokenId is %{public}u, flag is %{public}u,"
363 "list size is %{public}zu", callerTokenId, targetTokenId, flag, uriVec.size());
364 ConnectManager(storageManager_, STORAGE_MANAGER_MANAGER_ID);
365 if (storageManager_ == nullptr) {
366 TAG_LOGE(AAFwkTag::URIPERMMGR, "ConnectManager failed.");
367 return INNER_ERR;
368 }
369 auto resVec = storageManager_->CreateShareFile(uriVec, targetTokenId, flag);
370 if (resVec.size() == 0) {
371 TAG_LOGE(AAFwkTag::URIPERMMGR, "Failed to createShareFile, storageManager resVec is empty.");
372 return INNER_ERR;
373 }
374 if (resVec.size() != uriVec.size()) {
375 TAG_LOGE(AAFwkTag::URIPERMMGR, "Failed to createShareFile, ret is %{public}u", resVec[0]);
376 return resVec[0];
377 }
378 int successCount = 0;
379 for (size_t i = 0; i < uriVec.size(); i++) {
380 auto ret = resVec[i];
381 if (ret != 0 && ret != -EEXIST) {
382 TAG_LOGE(AAFwkTag::URIPERMMGR, "failed to CreateShareFile.");
383 continue;
384 }
385 AddTempUriPermission(uriVec[i], flag, callerTokenId, targetTokenId, abilityId);
386 successCount++;
387 }
388 TAG_LOGI(AAFwkTag::URIPERMMGR, "total %{public}d uri permissions added.", successCount);
389 if (successCount == 0) {
390 return INNER_ERR;
391 }
392 UPMSUtils::SendSystemAppGrantUriPermissionEvent(callerTokenId, targetTokenId, uriVec, resVec);
393 return ERR_OK;
394 }
395
GrantBatchUriPermission(const std::vector<Uri> & uriVec,unsigned int flag,uint32_t callerTokenId,uint32_t targetTokenId,int32_t abilityId)396 int UriPermissionManagerStubImpl::GrantBatchUriPermission(const std::vector<Uri> &uriVec, unsigned int flag,
397 uint32_t callerTokenId, uint32_t targetTokenId, int32_t abilityId)
398 {
399 TAG_LOGI(AAFwkTag::URIPERMMGR,
400 "callerTokenId is %{public}u, targetTokenId is %{public}u, flag is %{public}u, abilityId is %{public}u.",
401 callerTokenId, targetTokenId, flag, abilityId);
402 TokenIdPermission tokenIdPermission(callerTokenId);
403 std::vector<std::string> uriStrVec = {};
404 auto checkResult = CheckUriPermission(tokenIdPermission, uriVec, flag);
405 int32_t noPermissionUriCount = 0;
406 for (size_t i = 0; i < checkResult.size(); i++) {
407 auto uriStr = uriVec[i].ToString();
408 if (!checkResult[i]) {
409 TAG_LOGW(AAFwkTag::URIPERMMGR, "No permission, uri:%{private}s", uriStr.c_str());
410 noPermissionUriCount++;
411 continue;
412 }
413 uriStrVec.emplace_back(uriStr);
414 }
415 if (noPermissionUriCount > 0) {
416 UPMSUtils::SendShareUnPrivilegeUriEvent(callerTokenId, targetTokenId);
417 }
418 if (uriStrVec.empty()) {
419 TAG_LOGE(AAFwkTag::URIPERMMGR, "all uri invalid or no permission");
420 return INNER_ERR;
421 }
422 return GrantBatchUriPermissionImpl(uriStrVec, flag, callerTokenId, targetTokenId, abilityId);
423 }
424
GrantBatchUriPermissionPrivileged(const std::vector<Uri> & uriVec,uint32_t flag,uint32_t callerTokenId,uint32_t targetTokenId,int32_t abilityId)425 int32_t UriPermissionManagerStubImpl::GrantBatchUriPermissionPrivileged(const std::vector<Uri> &uriVec, uint32_t flag,
426 uint32_t callerTokenId, uint32_t targetTokenId, int32_t abilityId)
427 {
428 TAG_LOGI(AAFwkTag::URIPERMMGR, "callerTokenId is %{public}u, targetTokenId is %{public}u, flag is %{public}u.",
429 callerTokenId, targetTokenId, flag);
430 std::vector<std::string> uriStrVec = {};
431 for (const auto &uri : uriVec) {
432 if (!CheckUriTypeIsValid(uri)) {
433 TAG_LOGW(AAFwkTag::URIPERMMGR, "Check uri type failed, uri is %{private}s.", uri.ToString().c_str());
434 continue;
435 }
436 uriStrVec.emplace_back(uri.ToString());
437 }
438 if (uriStrVec.empty()) {
439 TAG_LOGE(AAFwkTag::URIPERMMGR, "Valid uri list is empty.");
440 return ERR_CODE_INVALID_URI_TYPE;
441 }
442 return GrantBatchUriPermissionImpl(uriStrVec, flag, callerTokenId, targetTokenId, abilityId);
443 }
444
GrantBatchUriPermissionFor2In1Privileged(const std::vector<Uri> & uriVec,uint32_t flag,uint32_t callerTokenId,uint32_t targetTokenId,int32_t abilityId)445 int32_t UriPermissionManagerStubImpl::GrantBatchUriPermissionFor2In1Privileged(const std::vector<Uri> &uriVec,
446 uint32_t flag, uint32_t callerTokenId, uint32_t targetTokenId, int32_t abilityId)
447 {
448 TAG_LOGI(AAFwkTag::URIPERMMGR, "callerTokenId is %{public}u, targetTokenId is %{public}u, flag is %{public}u.",
449 callerTokenId, targetTokenId, flag);
450 std::vector<std::string> uriStrVec = {};
451 std::vector<PolicyInfo> docsVec = {};
452 for (const auto &uri : uriVec) {
453 auto uriInner = uri;
454 auto uriStr = uriInner.ToString();
455 if (!CheckUriTypeIsValid(uri)) {
456 TAG_LOGW(AAFwkTag::URIPERMMGR, "Check uri type failed, uri is %{private}s.", uriStr.c_str());
457 continue;
458 }
459 auto &&authority = uriInner.GetAuthority();
460 if (authority != "docs" || uriStr.find(CLOUND_DOCS_URI_MARK) != std::string::npos) {
461 uriStrVec.emplace_back(uriStr);
462 continue;
463 }
464 PolicyInfo policyInfo;
465 policyInfo.path = uriStr;
466 policyInfo.mode = (flag & Want::FLAG_AUTH_WRITE_URI_PERMISSION) == 0 ? READ_MODE : WRITE_MODE;
467 docsVec.emplace_back(policyInfo);
468 }
469
470 TAG_LOGI(AAFwkTag::URIPERMMGR, "docsUri size is %{public}zu, otherUri size is %{public}zu",
471 docsVec.size(), uriStrVec.size());
472
473 if (uriStrVec.empty() && docsVec.empty()) {
474 TAG_LOGE(AAFwkTag::URIPERMMGR, "Valid uri list is empty.");
475 return ERR_CODE_INVALID_URI_TYPE;
476 }
477
478 if (!uriStrVec.empty()) {
479 auto ret = GrantBatchUriPermissionImpl(uriStrVec, flag, callerTokenId, targetTokenId, abilityId);
480 if (docsVec.empty()) {
481 return ret;
482 }
483 }
484
485 bool isSystemAppCall = PermissionVerification::GetInstance()->IsSystemAppCall();
486 HandleUriPermission(targetTokenId, flag, docsVec, isSystemAppCall);
487 return ERR_OK;
488 }
489
RemoveUriRecord(std::vector<std::string> & uriList,const TokenId tokenId,int32_t abilityId)490 void UriPermissionManagerStubImpl::RemoveUriRecord(std::vector<std::string> &uriList, const TokenId tokenId,
491 int32_t abilityId)
492 {
493 std::lock_guard<std::mutex> guard(mutex_);
494 for (auto iter = uriMap_.begin(); iter != uriMap_.end();) {
495 auto& list = iter->second;
496 for (auto it = list.begin(); it != list.end(); it++) {
497 if (it->targetTokenId != tokenId || !it->RemoveAbilityId(abilityId) || !it->autoRemove) {
498 continue;
499 }
500 if (!it->IsEmptyAbilityId()) {
501 TAG_LOGD(AAFwkTag::URIPERMMGR, "Remove an abilityId.");
502 break;
503 }
504 TAG_LOGI(AAFwkTag::URIPERMMGR, "Erase an info form list.");
505 list.erase(it);
506 uriList.emplace_back(iter->first);
507 break;
508 }
509 if (list.empty()) {
510 uriMap_.erase(iter++);
511 continue;
512 }
513 ++iter;
514 }
515 }
516
RevokeUriPermission(const TokenId tokenId,int32_t abilityId)517 void UriPermissionManagerStubImpl::RevokeUriPermission(const TokenId tokenId, int32_t abilityId)
518 {
519 TAG_LOGI(AAFwkTag::URIPERMMGR,
520 "Start to remove uri permission, tokenId is %{public}u, abilityId is %{public}d", tokenId, abilityId);
521 if (!UPMSUtils::IsFoundationCall()) {
522 TAG_LOGE(AAFwkTag::URIPERMMGR, "No permission to revoke uri permission.");
523 return;
524 }
525 std::vector<std::string> uriList;
526 RemoveUriRecord(uriList, tokenId, abilityId);
527 if (!uriList.empty()) {
528 DeleteShareFile(tokenId, uriList);
529 }
530 }
531
RevokeAllUriPermissions(uint32_t tokenId)532 int UriPermissionManagerStubImpl::RevokeAllUriPermissions(uint32_t tokenId)
533 {
534 TAG_LOGI(AAFwkTag::URIPERMMGR, "Start to revoke all uri permission, tokenId is %{public}u.", tokenId);
535 if (!UPMSUtils::IsFoundationCall()) {
536 TAG_LOGE(AAFwkTag::URIPERMMGR, "No permission to revoke all uri permission.");
537 return CHECK_PERMISSION_FAILED;
538 }
539 std::string callerAuthority = "";
540 UPMSUtils::GetAlterableBundleNameByTokenId(tokenId, callerAuthority);
541 std::map<uint32_t, std::vector<std::string>> uriLists;
542 {
543 std::lock_guard<std::mutex> guard(mutex_);
544 for (auto iter = uriMap_.begin(); iter != uriMap_.end();) {
545 auto uriAuthority = Uri(iter->first).GetAuthority();
546 // uri belong to target tokenId.
547 if (callerAuthority == uriAuthority) {
548 for (const auto &record : iter->second) {
549 uriLists[record.targetTokenId].emplace_back(iter->first);
550 }
551 uriMap_.erase(iter++);
552 continue;
553 }
554 auto& list = iter->second;
555 for (auto it = list.begin(); it != list.end();) {
556 if (it->targetTokenId == tokenId || it->fromTokenId == tokenId) {
557 TAG_LOGI(AAFwkTag::URIPERMMGR, "Erase an uri permission record.");
558 uriLists[it->targetTokenId].emplace_back(iter->first);
559 list.erase(it++);
560 continue;
561 }
562 it++;
563 }
564 if (list.empty()) {
565 uriMap_.erase(iter++);
566 continue;
567 }
568 iter++;
569 }
570 }
571
572 for (auto iter = uriLists.begin(); iter != uriLists.end(); iter++) {
573 if (DeleteShareFile(iter->first, iter->second) != ERR_OK) {
574 return INNER_ERR;
575 }
576 }
577 return ERR_OK;
578 }
579
RevokeUriPermissionManually(const Uri & uri,const std::string bundleName,int32_t appIndex)580 int UriPermissionManagerStubImpl::RevokeUriPermissionManually(const Uri &uri, const std::string bundleName,
581 int32_t appIndex)
582 {
583 TAG_LOGI(AAFwkTag::URIPERMMGR,
584 "Revoke uri permission manually, uri is %{private}s, bundleName is %{public}s, appIndex is %{public}d",
585 uri.ToString().c_str(), bundleName.c_str(), appIndex);
586 if (!UPMSUtils::IsSAOrSystemAppCall()) {
587 TAG_LOGE(AAFwkTag::URIPERMMGR, "not SA or SystemApp");
588 return CHECK_PERMISSION_FAILED;
589 }
590 if (!CheckUriTypeIsValid(uri)) {
591 TAG_LOGE(AAFwkTag::URIPERMMGR, "Check uri type failed, uri is %{private}s.", uri.ToString().c_str());
592 return ERR_CODE_INVALID_URI_TYPE;
593 }
594 uint32_t targetTokenId = 0;
595 if (UPMSUtils::GetTokenIdByBundleName(bundleName, appIndex, targetTokenId) != ERR_OK) {
596 TAG_LOGE(AAFwkTag::URIPERMMGR, "get tokenId by bundle name failed.");
597 return INNER_ERR;
598 }
599
600 auto uriStr = uri.ToString();
601 auto uriInner = uri;
602 auto uriAuthority = uriInner.GetAuthority();
603 // uri belong to caller or caller is target.
604 auto callerTokenId = IPCSkeleton::GetCallingTokenID();
605 std::string callerAuthority = "";
606 UPMSUtils::GetAlterableBundleNameByTokenId(callerTokenId, callerAuthority);
607 bool isRevokeSelfUri = (callerTokenId == targetTokenId || callerAuthority == uriAuthority);
608 std::vector<std::string> uriList;
609 {
610 std::lock_guard<std::mutex> guard(mutex_);
611 auto search = uriMap_.find(uriStr);
612 if (search == uriMap_.end()) {
613 TAG_LOGI(AAFwkTag::URIPERMMGR, "URI does not exist on uri map.");
614 return ERR_OK;
615 }
616 auto& list = search->second;
617 for (auto it = list.begin(); it != list.end(); it++) {
618 if (it->targetTokenId == targetTokenId && (callerTokenId == it->fromTokenId || isRevokeSelfUri)) {
619 uriList.emplace_back(search->first);
620 TAG_LOGI(AAFwkTag::URIPERMMGR, "Revoke an uri permission record.");
621 list.erase(it);
622 break;
623 }
624 }
625 if (list.empty()) {
626 uriMap_.erase(search);
627 }
628 }
629 return DeleteShareFile(targetTokenId, uriList);
630 }
631
DeleteShareFile(uint32_t targetTokenId,const std::vector<std::string> & uriVec)632 int32_t UriPermissionManagerStubImpl::DeleteShareFile(uint32_t targetTokenId, const std::vector<std::string> &uriVec)
633 {
634 ConnectManager(storageManager_, STORAGE_MANAGER_MANAGER_ID);
635 if (storageManager_ == nullptr) {
636 TAG_LOGE(AAFwkTag::URIPERMMGR, "Connect StorageManager failed.");
637 return INNER_ERR;
638 }
639 auto ret = storageManager_->DeleteShareFile(targetTokenId, uriVec);
640 if (ret != ERR_OK) {
641 TAG_LOGE(AAFwkTag::URIPERMMGR, "DeleteShareFile failed, errorCode is %{public}d.", ret);
642 }
643 return ret;
644 }
645
CheckUriAuthorization(const std::vector<std::string> & uriStrVec,uint32_t flag,uint32_t tokenId)646 std::vector<bool> UriPermissionManagerStubImpl::CheckUriAuthorization(const std::vector<std::string> &uriStrVec,
647 uint32_t flag, uint32_t tokenId)
648 {
649 TAG_LOGI(AAFwkTag::URIPERMMGR, "tokenId:%{public}u, flag:%{public}u, size of uris:%{public}zu",
650 tokenId, flag, uriStrVec.size());
651 if (!UPMSUtils::IsSAOrSystemAppCall()) {
652 TAG_LOGE(AAFwkTag::URIPERMMGR, "not SA or SystemApp");
653 std::vector<bool> result(uriStrVec.size(), false);
654 return result;
655 }
656 if ((flag & FLAG_READ_WRITE_URI) == 0) {
657 TAG_LOGE(AAFwkTag::URIPERMMGR, "Flag is invalid.");
658 std::vector<bool> result(uriStrVec.size(), false);
659 return result;
660 }
661 std::vector<Uri> uriVec;
662 for (auto &uriStr: uriStrVec) {
663 uriVec.emplace_back(uriStr);
664 }
665 TokenIdPermission tokenIdPermission(tokenId);
666 return CheckUriPermission(tokenIdPermission, uriVec, flag);
667 }
668
669 template<typename T>
ConnectManager(sptr<T> & mgr,int32_t serviceId)670 void UriPermissionManagerStubImpl::ConnectManager(sptr<T> &mgr, int32_t serviceId)
671 {
672 TAG_LOGD(AAFwkTag::URIPERMMGR, "Call.");
673 std::lock_guard<std::mutex> lock(mgrMutex_);
674 if (mgr == nullptr) {
675 TAG_LOGE(AAFwkTag::URIPERMMGR, "mgr is nullptr.");
676 auto systemAbilityMgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
677 if (systemAbilityMgr == nullptr) {
678 TAG_LOGE(AAFwkTag::URIPERMMGR, "Failed to get SystemAbilityManager.");
679 return;
680 }
681
682 auto remoteObj = systemAbilityMgr->GetSystemAbility(serviceId);
683 if (remoteObj == nullptr) {
684 TAG_LOGE(AAFwkTag::URIPERMMGR, "Failed to get mgr.");
685 return;
686 }
687 TAG_LOGE(AAFwkTag::URIPERMMGR, "to cast.");
688 mgr = iface_cast<T>(remoteObj);
689 if (mgr == nullptr) {
690 TAG_LOGE(AAFwkTag::URIPERMMGR, "Failed to cast.");
691 return;
692 }
693 wptr<T> manager = mgr;
694 auto self = weak_from_this();
695 auto onClearProxyCallback = [manager, self](const auto& remote) {
696 auto mgrSptr = manager.promote();
697 auto impl = self.lock();
698 if (impl && mgrSptr && mgrSptr->AsObject() == remote.promote()) {
699 std::lock_guard<std::mutex> lock(impl->mgrMutex_);
700 mgrSptr.clear();
701 }
702 };
703 sptr<ProxyDeathRecipient> recipient(new ProxyDeathRecipient(std::move(onClearProxyCallback)));
704 if (!mgr->AsObject()->AddDeathRecipient(recipient)) {
705 TAG_LOGE(AAFwkTag::URIPERMMGR, "AddDeathRecipient failed.");
706 }
707 }
708 }
709
OnRemoteDied(const wptr<IRemoteObject> & remote)710 void UriPermissionManagerStubImpl::ProxyDeathRecipient::OnRemoteDied([[maybe_unused]]
711 const wptr<IRemoteObject>& remote)
712 {
713 if (proxy_) {
714 TAG_LOGD(AAFwkTag::URIPERMMGR, "mgr stub died.");
715 proxy_(remote);
716 }
717 }
718
GrantUriPermissionFor2In1Inner(const std::vector<Uri> & uriVec,unsigned int flag,const std::string & targetBundleName,int32_t appIndex,bool isSystemAppCall,uint32_t initiatorTokenId,int32_t abilityId)719 int UriPermissionManagerStubImpl::GrantUriPermissionFor2In1Inner(const std::vector<Uri> &uriVec, unsigned int flag,
720 const std::string &targetBundleName, int32_t appIndex, bool isSystemAppCall, uint32_t initiatorTokenId,
721 int32_t abilityId)
722 {
723 TAG_LOGI(AAFwkTag::URIPERMMGR, "UriVec size is %{public}zu, targetBundleName is %{public}s",
724 uriVec.size(), targetBundleName.c_str());
725 std::vector<PolicyInfo> docsVec;
726 std::vector<Uri> otherVec;
727 for (const auto &uri : uriVec) {
728 Uri uri_inner = uri;
729 auto &&scheme = uri_inner.GetScheme();
730 if (scheme != "file") {
731 TAG_LOGW(AAFwkTag::URIPERMMGR, "Only support file uri.");
732 continue;
733 }
734 auto &&authority = uri_inner.GetAuthority();
735 TAG_LOGD(AAFwkTag::URIPERMMGR, "The authority is %{public}s", authority.c_str());
736 PolicyInfo policyInfo;
737 policyInfo.path = uri_inner.ToString();
738 if ((flag & Want::FLAG_AUTH_WRITE_URI_PERMISSION) != 0) {
739 policyInfo.mode |= WRITE_MODE;
740 } else {
741 policyInfo.mode |= READ_MODE;
742 }
743 if (authority == "docs" && uri.ToString().find(CLOUND_DOCS_URI_MARK) == std::string::npos) {
744 docsVec.emplace_back(policyInfo);
745 } else {
746 otherVec.emplace_back(uri_inner);
747 }
748 }
749 if (!otherVec.empty()) {
750 auto ret = GrantUriPermissionInner(otherVec, flag, targetBundleName, appIndex, initiatorTokenId, abilityId);
751 if (docsVec.empty()) {
752 return ret;
753 }
754 }
755 uint32_t tokenId = 0;
756 auto ret = UPMSUtils::GetTokenIdByBundleName(targetBundleName, appIndex, tokenId);
757 if (ret != ERR_OK) {
758 return ret;
759 }
760 TAG_LOGD(AAFwkTag::URIPERMMGR, "The tokenId is %{public}u", tokenId);
761 HandleUriPermission(tokenId, flag, docsVec, isSystemAppCall);
762 return ERR_OK;
763 }
764
HandleUriPermission(uint64_t tokenId,unsigned int flag,std::vector<PolicyInfo> & docsVec,bool isSystemAppCall)765 void UriPermissionManagerStubImpl::HandleUriPermission(
766 uint64_t tokenId, unsigned int flag, std::vector<PolicyInfo> &docsVec, bool isSystemAppCall)
767 {
768 TAG_LOGD(AAFwkTag::URIPERMMGR, "HandleUriPermission called");
769 uint32_t policyFlag = 0;
770 if ((flag & Want::FLAG_AUTH_PERSISTABLE_URI_PERMISSION) != 0) {
771 policyFlag |= IS_POLICY_ALLOWED_TO_BE_PRESISTED;
772 }
773 // Handle docs type URI permission
774 if (!docsVec.empty()) {
775 std::vector<bool> result;
776 checkPersistPermission(tokenId, docsVec, result);
777 if (docsVec.size() != result.size()) {
778 TAG_LOGE(AAFwkTag::URIPERMMGR, "Check persist permission failed.");
779 return;
780 }
781 std::vector<PolicyInfo> policyVec;
782 auto docsItem = docsVec.begin();
783 for (auto resultItem = result.begin(); resultItem != result.end();) {
784 if (*resultItem == true) {
785 policyVec.emplace_back(*docsItem);
786 }
787 resultItem++;
788 docsItem++;
789 }
790 if (!policyVec.empty()) {
791 setPolicy(tokenId, policyVec, policyFlag);
792 // The current processing starts from API 11 and maintains 5 versions.
793 if (((policyFlag & IS_POLICY_ALLOWED_TO_BE_PRESISTED) != 0) && isSystemAppCall) {
794 std::vector<uint32_t> persistResult;
795 persistPermission(policyVec, persistResult);
796 }
797 }
798 }
799 }
800
CheckUriPermission(TokenIdPermission & tokenIdPermission,const std::vector<Uri> & uriVec,uint32_t flag)801 std::vector<bool> UriPermissionManagerStubImpl::CheckUriPermission(TokenIdPermission &tokenIdPermission,
802 const std::vector<Uri> &uriVec, uint32_t flag)
803 {
804 auto tokenId = tokenIdPermission.GetTokenId();
805 std::vector<bool> result(uriVec.size(), false);
806 std::vector<Uri> mediaUris;
807 std::vector<int32_t> mediaUriIndexs;
808 bool isFoundationCall = UPMSUtils::IsFoundationCall();
809 std::string callerAlterableBundleName;
810 UPMSUtils::GetAlterableBundleNameByTokenId(tokenId, callerAlterableBundleName);
811 for (size_t i = 0; i < uriVec.size(); i++) {
812 auto uri = uriVec[i];
813 auto &&scheme = uri.GetScheme();
814 if (scheme != "content" && scheme != "file") {
815 TAG_LOGW(AAFwkTag::URIPERMMGR, "invalid uri:%{private}s", uri.ToString().c_str());
816 result[i] = false;
817 continue;
818 }
819 if (scheme == "content") {
820 result[i] = isFoundationCall;
821 continue;
822 }
823 auto &&authority = uri.GetAuthority();
824 TAG_LOGD(AAFwkTag::URIPERMMGR, "UriAuth:%{public}s", authority.c_str());
825 if (authority == "docs" && tokenIdPermission.VerifyFileAccessManagerPermission()) {
826 result[i] = true;
827 continue;
828 }
829 if (authority == "media") {
830 mediaUris.emplace_back(uri);
831 mediaUriIndexs.emplace_back(i);
832 continue;
833 }
834 result[i] = (authority == callerAlterableBundleName);
835 }
836 if (!mediaUris.empty()) {
837 auto mediaUriResult = MediaPermissionManager::GetInstance().CheckUriPermission(mediaUris, tokenId, flag);
838 for (size_t i = 0; i < mediaUriResult.size(); i++) {
839 result[mediaUriIndexs[i]] = mediaUriResult[i];
840 }
841 }
842 CheckProxyUriPermission(tokenIdPermission, uriVec, flag, result);
843 return result;
844 }
845
CheckProxyUriPermission(TokenIdPermission & tokenIdPermission,const std::vector<Uri> & uriVec,uint32_t flag,std::vector<bool> & result)846 void UriPermissionManagerStubImpl::CheckProxyUriPermission(TokenIdPermission &tokenIdPermission,
847 const std::vector<Uri> &uriVec, uint32_t flag, std::vector<bool> &result)
848 {
849 TAG_LOGI(AAFwkTag::URIPERMMGR, "Call");
850 if (uriVec.size() != result.size()) {
851 TAG_LOGW(AAFwkTag::URIPERMMGR, "param size not equal");
852 return;
853 }
854 auto tokenId = tokenIdPermission.GetTokenId();
855 if (!tokenIdPermission.VerifyProxyAuthorizationUriPermission()) {
856 TAG_LOGW(AAFwkTag::URIPERMMGR, "no proxy permission");
857 return;
858 }
859 for (size_t i = 0; i < uriVec.size(); i++) {
860 if (!result[i]) {
861 result[i] = VerifyUriPermission(uriVec[i], flag, tokenId);
862 }
863 }
864 }
865
CheckUriTypeIsValid(Uri uri)866 bool UriPermissionManagerStubImpl::CheckUriTypeIsValid(Uri uri)
867 {
868 auto &&scheme = uri.GetScheme();
869 if (scheme != "file" && scheme != "content") {
870 TAG_LOGE(AAFwkTag::URIPERMMGR, "Type of uri is invalid, Scheme is %{public}s", scheme.c_str());
871 return false;
872 }
873 return true;
874 }
875 } // namespace AAFwk
876 } // namespace OHOS