diff --git a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_manager.cpp b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_manager.cpp index cbfdca07a431b4edd55fba26efc3e70081f1d8dc..ce6f6609dd90cdc197c870545aab8d5b249ad368 100644 --- a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_manager.cpp +++ b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_manager.cpp @@ -23,6 +23,9 @@ namespace UDMF { using CleanAfterGet = LifeCyclePolicy; std::unordered_map> LifeCycleManager::intentionPolicy_ = { { UD_INTENTION_MAP.at(UD_INTENTION_DRAG), std::make_shared() }, + { UD_INTENTION_MAP.at(UD_INTENTION_PICKER), std::make_shared() }, + { UD_INTENTION_MAP.at(UD_INTENTION_RIGHT_CLICK), std::make_shared() }, + { UD_INTENTION_MAP.at(UD_INTENTION_SYSTEM_SHARE), std::make_shared() }, { UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB), std::make_shared() } }; diff --git a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.cpp b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.cpp index 095a95f65ddb346549999b6579cc3b8f6a73c412..632398622048101cc6bedef5236cc91f5c3de0b5 100644 --- a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.cpp +++ b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.cpp @@ -59,6 +59,8 @@ Status LifeCyclePolicy::OnTimeout(const std::string &intention) return E_DB_ERROR; } std::vector timeoutKeys; + Duration interval = INTERVAL; + GetIntervalByIntention(intention, interval); auto status = GetTimeoutKeys(store, INTERVAL, timeoutKeys); if (status != E_OK) { ZLOGE("Timeout keys get failed"); @@ -97,5 +99,15 @@ Status LifeCyclePolicy::GetTimeoutKeys( } return E_OK; } + +Status LifeCyclePolicy::GetIntervalByIntention(const std::string intention, Duration &interval) +{ + if (intention == UD_INTENTION_MAP.at(UD_INTENTION_SYSTEM_SHARE)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_PICKER)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_RIGHT_CLICK)) { + interval = SYSTEM_SHARE_INTERVAL; + } + return E_OK; +} } // namespace UDMF } // namespace OHOS \ No newline at end of file diff --git a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.h b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.h index f7703e562be97760cb5218ca560c3afa4d2c8df4..6ab3e1dde288b4941b71a3a63abee2d83950f3db 100644 --- a/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.h +++ b/services/distributeddataservice/service/udmf/lifecycle/lifecycle_policy.h @@ -23,6 +23,7 @@ class LifeCyclePolicy { public: using Duration = std::chrono::steady_clock::duration; static constexpr Duration INTERVAL = std::chrono::milliseconds(60 * 60 * 1000); + static constexpr Duration SYSTEM_SHARE_INTERVAL = std::chrono::milliseconds(24 * 60 * 60 * 1000); virtual ~LifeCyclePolicy() = default; virtual Status OnGot(const UnifiedKey &key); virtual Status OnStart(const std::string &intention); @@ -31,6 +32,7 @@ public: const std::shared_ptr &store, Duration interval, std::vector &timeoutKeys); private: + virtual Status GetIntervalByIntention(const std::string intention, Duration &interval); static constexpr const char *DATA_PREFIX = "udmf://"; }; } // namespace UDMF diff --git a/services/distributeddataservice/service/udmf/store/store_cache.cpp b/services/distributeddataservice/service/udmf/store/store_cache.cpp index 9bd6ae679bae31ba76641bfffa2aaaf18f483726..c353af477635f20aa2f147857b4169081b427c66 100644 --- a/services/distributeddataservice/service/udmf/store/store_cache.cpp +++ b/services/distributeddataservice/service/udmf/store/store_cache.cpp @@ -45,8 +45,7 @@ std::shared_ptr StoreCache::GetStore(std::string intention) return true; } - if (intention == UD_INTENTION_MAP.at(UD_INTENTION_DRAG) - || intention == UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB)) { + if (IsVaildIntention(intention)) { storePtr = std::make_shared(intention); if (!storePtr->Init()) { ZLOGE("Init runtime store failed."); @@ -94,5 +93,17 @@ void StoreCache::CloseStores() ZLOGI("CloseStores, stores size:%{public}zu", stores_.Size()); stores_.Clear(); } + +bool StoreCache::IsVaildIntention(std::string intention) +{ + if (intention == UD_INTENTION_MAP.at(UD_INTENTION_DRAG)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_PICKER)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_RIGHT_CLICK)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_SYSTEM_SHARE)|| + intention == UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB)) { + return true; + } + return false; +} } // namespace UDMF } // namespace OHOS diff --git a/services/distributeddataservice/service/udmf/store/store_cache.h b/services/distributeddataservice/service/udmf/store/store_cache.h index dfc7933eb6611e72a929fe7bb344fca675597571..b63273260f516dd0b309aff16376184ab5a915ff 100644 --- a/services/distributeddataservice/service/udmf/store/store_cache.h +++ b/services/distributeddataservice/service/udmf/store/store_cache.h @@ -38,6 +38,7 @@ private: StoreCache &operator=(const StoreCache &obj) = delete; void GarbageCollect(); + static bool IsVaildIntention(std::string intention); ConcurrentMap> stores_; std::mutex taskMutex_; diff --git a/services/distributeddataservice/service/udmf/udmf_service_impl.cpp b/services/distributeddataservice/service/udmf/udmf_service_impl.cpp index 42ef97a5d3a3385b69f5e8793a8b8eb184fc1e71..2e83b17d48c6ed6d91ab04a962429730beacf950 100644 --- a/services/distributeddataservice/service/udmf/udmf_service_impl.cpp +++ b/services/distributeddataservice/service/udmf/udmf_service_impl.cpp @@ -37,6 +37,7 @@ #include "system_ability_definition.h" #include "uri_permission_manager.h" #include "udmf_radar_reporter.h" +#include "udmf_utils.h" #include "unified_data_helper.h" #include "utils/anonymous.h" @@ -362,6 +363,7 @@ int32_t UdmfServiceImpl::ProcessCrossDeviceData(uint32_t tokenId, UnifiedData &u int32_t UdmfServiceImpl::GetBatchData(const QueryOption &query, std::vector &unifiedDataSet) { ZLOGD("start"); + UnifiedKey key(query.key); std::vector dataSet; std::shared_ptr store; auto status = QueryDataCommon(query, dataSet, store); @@ -373,6 +375,27 @@ int32_t UdmfServiceImpl::GetBatchData(const QueryOption &query, std::vector runtime = data.GetRuntime(); + if (runtime == nullptr) { + return E_DB_ERROR; + } + if (!CheckerManager::GetInstance().IsValid(runtime->privileges, info) && !IsPermissionInCache(query)) { + RadarReporterAdapter::ReportFail(std::string(__FUNCTION__), + BizScene::GET_DATA, GetDataStage::VERIFY_PRIVILEGE, StageRes::FAILED, E_NO_PERMISSION); + return E_NO_PERMISSION; + } + if (!IsReadAndKeep(runtime->privileges, query)) { + if (LifeCycleManager::GetInstance().OnGot(key) != E_OK) { + ZLOGE("Remove data failed:%{public}s", key.intention.c_str()); + return E_DB_ERROR; + } + } + } + } for (auto &data : dataSet) { PreProcessUtils::SetRemoteData(data); unifiedDataSet.push_back(data); @@ -387,6 +410,10 @@ int32_t UdmfServiceImpl::UpdateData(const QueryOption &query, UnifiedData &unifi ZLOGE("data or key is invalid,key=%{public}s", query.key.c_str()); return E_INVALID_PARAMETERS; } + if (key.intention != UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB)) { + ZLOGE("intention:%{public}s no permission", key.intention.c_str()); + return E_INVALID_PARAMETERS; + } std::string bundleName; PreProcessUtils::GetHapBundleNameByToken(query.tokenId, bundleName); if (key.bundleName != bundleName && !HasDatahubPriviledge(bundleName)) { @@ -429,6 +456,11 @@ int32_t UdmfServiceImpl::UpdateData(const QueryOption &query, UnifiedData &unifi int32_t UdmfServiceImpl::DeleteData(const QueryOption &query, std::vector &unifiedDataSet) { ZLOGD("start"); + UnifiedKey key(query.key); + if (!UnifiedDataUtils::IsValidOptions(key, UD_INTENTION_MAP.at(query.intention)) && !IsValidQuery(query, key)) { + ZLOGE("invalid option, query.key: %{public}s, intention: %{public}d", query.key.c_str(), query.intention); + return E_INVALID_PARAMETERS; + } std::vector dataSet; std::shared_ptr store; auto status = QueryDataCommon(query, dataSet, store); @@ -500,16 +532,13 @@ int32_t UdmfServiceImpl::AddPrivilege(const QueryOption &query, Privilege &privi return E_ERROR; } - if (key.intention == UD_INTENTION_MAP.at(UD_INTENTION_DRAG)) { - if (find(DRAG_AUTHORIZED_PROCESSES, std::end(DRAG_AUTHORIZED_PROCESSES), processName) == - std::end(DRAG_AUTHORIZED_PROCESSES)) { - ZLOGE("Process:%{public}s lacks permission for intention:drag", processName.c_str()); - return E_NO_PERMISSION; - } - } else { - ZLOGE("Intention: %{public}s has no authorized processes", key.intention.c_str()); + if (E_OK != CheckOption(key, processName)) { + ZLOGE("Intention:%{public}s no permission", key.intention.c_str()); return E_NO_PERMISSION; } + if (UTILS::IsAccessToken()) { + return E_ERROR; + } auto store = StoreCache::GetInstance().GetStore(key.intention); if (store == nullptr) { @@ -718,7 +747,8 @@ int32_t UdmfServiceImpl::QueryDataCommon( auto find = UD_INTENTION_MAP.find(query.intention); std::string intention = find == UD_INTENTION_MAP.end() ? intention : find->second; UnifiedKey key(query.key); - if (!UnifiedDataUtils::IsValidOptions(key, intention, UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB))) { + if (!UnifiedDataUtils::IsValidOptions(key, intention, + UD_INTENTION_MAP.at(UD_INTENTION_DATA_HUB)) && !IsValidQuery(query, key)) { ZLOGE("Unified key: %{public}s and intention: %{public}s is invalid.", query.key.c_str(), intention.c_str()); return E_INVALID_PARAMETERS; } @@ -906,5 +936,39 @@ bool UdmfServiceImpl::IsNeedTransferDeviceType(const QueryOption &query) } return false; } + +bool UdmfServiceImpl::IsValidQuery(const QueryOption query, UnifiedKey key) +{ + if (!key.IsValid() || key.intention.empty()) { + return false; + } + auto find = UD_INTENTION_MAP.find(query.intention); + std::string intention = find == UD_INTENTION_MAP.end() ? intention : find->second; + if (!intention.empty()) { + if (key.intention != intention) { + return false; + } + } + if (UnifiedDataUtils::IsValidOptionIntention(key.intention)) { + return true; + } + return false; +} + +int32_t UdmfServiceImpl::CheckOption(UnifiedKey key, std::string processName) +{ + if (UnifiedDataUtils::IsValidOptionIntention(key.intention)) { + return E_OK; + } + if (key.intention == UD_INTENTION_MAP.at(UD_INTENTION_DRAG)) { + if (find(DRAG_AUTHORIZED_PROCESSES, std::end(DRAG_AUTHORIZED_PROCESSES), processName) == + std::end(DRAG_AUTHORIZED_PROCESSES)) { + ZLOGE("Process:%{public}s lacks permission for intention:drag", processName.c_str()); + return E_NO_PERMISSION; + } + return E_OK; + } + return E_NO_PERMISSION; +} } // namespace UDMF } // namespace OHOS \ No newline at end of file diff --git a/services/distributeddataservice/service/udmf/udmf_service_impl.h b/services/distributeddataservice/service/udmf/udmf_service_impl.h index da95d6eb4dc8abacaed2fefe39abd2c7395f8d70..1442826f60155df2985a19cddaf697d8ea86a659 100644 --- a/services/distributeddataservice/service/udmf/udmf_service_impl.h +++ b/services/distributeddataservice/service/udmf/udmf_service_impl.h @@ -61,7 +61,8 @@ private: void TransferToEntriesIfNeed(const QueryOption &query, UnifiedData &unifiedData); bool IsNeedTransferDeviceType(const QueryOption &query); bool CheckDragParams(UnifiedKey &key, const QueryOption &query); - + bool IsValidQuery(const QueryOption query, UnifiedKey key); + int32_t CheckOption(UnifiedKey key, std::string processName); class Factory { public: Factory();