From d7e7fa1907b580b5614e28e55984fb97e49dca57 Mon Sep 17 00:00:00 2001 From: wwx1134751 Date: Thu, 17 Feb 2022 17:37:06 +0800 Subject: [PATCH 1/3] test AT Signed-off-by: wwx1134751 --- interfaces/inner_kits/native_cpp/BUILD.gn | 1 + .../native_cpp/src/device_manager_impl.cpp | 104 +++++++++++------- services/devicemanagerservice/BUILD.gn | 1 + .../src/device_manager_service.cpp | 67 +++++++++++ 4 files changed, 131 insertions(+), 42 deletions(-) diff --git a/interfaces/inner_kits/native_cpp/BUILD.gn b/interfaces/inner_kits/native_cpp/BUILD.gn index 99011143a..643fb07d8 100644 --- a/interfaces/inner_kits/native_cpp/BUILD.gn +++ b/interfaces/inner_kits/native_cpp/BUILD.gn @@ -61,6 +61,7 @@ if (defined(ohos_lite)) { "ipc:ipc_core", "samgr_standard:samgr_proxy", "utils_base:utils", + "access_token:libaccesstoken_sdk", ] if (support_jsapi) { diff --git a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp index 811a6d7f4..d43299157 100644 --- a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp +++ b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp @@ -15,15 +15,10 @@ #include "device_manager_impl.h" -#ifdef SUPPORT_CALLING_ABILITY -#include "bundle_constants.h" -#include "bundle_info.h" -#include "bundle_mgr_client.h" -#include "bundle_mgr_interface.h" -#endif -#include "if_system_ability_manager.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" #include "device_manager_notify.h" #include "dm_constants.h" @@ -45,46 +40,71 @@ #include "ipc_verify_authenticate_req.h" #include "securec.h" -#ifdef SUPPORT_CALLING_ABILITY -using namespace OHOS::AppExecFwk; -using namespace OHOS::AppExecFwk::Constants; -#endif +using namespace OHOS::Security::AccessToken; namespace OHOS { namespace DistributedHardware { bool DeviceManagerImpl::isSystemAppCalling(void) { -#ifdef SUPPORT_CALLING_ABILITY - int32_t uid = IPCSkeleton::GetCallingUid(); - if (uid < 0) { - LOGI("app caller uid is: %d,", uid); + LOGI("Enter DeviceManagerImpl::isSystemAppCalling 111111"); + const std::string permissionName = "ohos.permission.CAMERA"; + + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + if (tokenFirstCaller == 0) { + LOGI("DeviceManagerImpl::tokenFirstCaller == 0"); return false; } - - sptr systemAbilityManager = - SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (systemAbilityManager == nullptr) { - LOGE("failed to get system ability mgr."); - return true; - } - sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); - if (remoteObject == nullptr) { - LOGE("failed to get bundle manager proxy."); - return true; - } - - LOGI("get bundle manager proxy success."); - sptr iBundleMgr = iface_cast(remoteObject); - if (iBundleMgr == nullptr) { - LOGI("iBundleMgr is nullptr, caller may be a process"); - return true; - } - - return iBundleMgr->CheckIsSystemAppByUid(uid); -#else - // Minimum system only native services will call - return true; -#endif + LOGI("DeviceManagerImpl::tokenFirstCaller ID == %d", tokenFirstCaller); + + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("DeviceManagerImpl::tokenCaller == 0"); + return false; + } + LOGI("DeviceManagerImpl::tokenCaller ID == %d", tokenCaller); + HapTokenInfo hapTokenInfoRes; + int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); + if(a1 != 0) + { + LOGI("DeviceManagerImpl::GetHapTokenInfo return false"); + return false; + } + LOGI("hapTokenInfoRes.apl = %d", hapTokenInfoRes.apl); + LOGI("hapTokenInfoRes.ver = %c", hapTokenInfoRes.ver); + LOGI("hapTokenInfoRes.userID = %d", hapTokenInfoRes.userID); + LOGI("hapTokenInfoRes.bundleName = %s", hapTokenInfoRes.bundleName.c_str()); + LOGI("hapTokenInfoRes.instIndex = %d", hapTokenInfoRes.instIndex); + LOGI("hapTokenInfoRes.appID = %s", hapTokenInfoRes.appID.c_str()); + LOGI("hapTokenInfoRes.deviceID = %s", hapTokenInfoRes.deviceID.c_str()); + LOGI("hapTokenInfoRes.tokenID = %d", hapTokenInfoRes.tokenID); + LOGI("hapTokenInfoRes.tokenAttr = %d", hapTokenInfoRes.tokenAttr); + + NativeTokenInfo nativeTokenInfoRes; + int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); + if(b1 != 0) + { + LOGI("DeviceManagerImpl::GetNativeTokenInfo return false"); + return false; + } + LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); + LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); + LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) + { + LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); + } + LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); + LOGI("nativeTokenInfoRes.tokenAttr = %d", nativeTokenInfoRes.tokenAttr); + + bool bVal = false; + int res = AccessTokenKit::VerifyAccessToken(tokenCaller, permissionName); + if (res == PermissionState::PERMISSION_GRANTED) { + bVal = true; + } else { + bVal = false; + } + LOGI("leave DeviceManagerImpl::isSystemAppCalling 111111"); + return bVal; } DeviceManagerImpl &DeviceManagerImpl::GetInstance() diff --git a/services/devicemanagerservice/BUILD.gn b/services/devicemanagerservice/BUILD.gn index cde4b3193..9cb7b2257 100644 --- a/services/devicemanagerservice/BUILD.gn +++ b/services/devicemanagerservice/BUILD.gn @@ -118,6 +118,7 @@ if (defined(ohos_lite)) { "startup_l2:syspara", "startup_l2:syspara_watchagent", "utils_base:utils", + "access_token:libaccesstoken_sdk", ] subsystem_name = "distributedhardware" diff --git a/services/devicemanagerservice/src/device_manager_service.cpp b/services/devicemanagerservice/src/device_manager_service.cpp index 8a02d7265..99369aa8e 100644 --- a/services/devicemanagerservice/src/device_manager_service.cpp +++ b/services/devicemanagerservice/src/device_manager_service.cpp @@ -25,7 +25,15 @@ #include "dm_log.h" #include "multiple_user_connector.h" +#include "ipc_skeleton.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" + + using namespace OHOS::EventFwk; +using namespace OHOS::Security::AccessToken; namespace OHOS { namespace DistributedHardware { @@ -44,6 +52,65 @@ DeviceManagerService::~DeviceManagerService() int32_t DeviceManagerService::Init() { + LOGI("Enter DeviceManagerService::isSystemAppCalling 111111"); + const std::string permissionName = "ohos.permission.CAMERA"; + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + if (tokenFirstCaller == 0) { + LOGI("DeviceManagerService::tokenFirstCaller ID == 0"); + return false; + } + LOGI("DeviceManagerService::tokenFirstCaller ID == %d", tokenFirstCaller); + + + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("DeviceManagerService::tokenCaller == 0"); + return false; + } + LOGI("DeviceManagerService::tokenCaller ID == %d", tokenCaller); + + HapTokenInfo hapTokenInfoRes; + int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); + if(a1 != 0) + { + LOGI("DeviceManagerService::GetHapTokenInfo return false"); + return false; + } + LOGI("hapTokenInfoRes.apl = %d", hapTokenInfoRes.apl); + LOGI("hapTokenInfoRes.ver = %c", hapTokenInfoRes.ver); + LOGI("hapTokenInfoRes.userID = %d", hapTokenInfoRes.userID); + LOGI("hapTokenInfoRes.bundleName = %s", hapTokenInfoRes.bundleName.c_str()); + LOGI("hapTokenInfoRes.instIndex = %d", hapTokenInfoRes.instIndex); + LOGI("hapTokenInfoRes.appID = %s", hapTokenInfoRes.appID.c_str()); + LOGI("hapTokenInfoRes.deviceID = %s", hapTokenInfoRes.deviceID.c_str()); + LOGI("hapTokenInfoRes.tokenID = %d", hapTokenInfoRes.tokenID); + LOGI("hapTokenInfoRes.tokenAttr = %d", hapTokenInfoRes.tokenAttr); + + NativeTokenInfo nativeTokenInfoRes; + int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); + if(b1 != 0) + { + LOGI("DeviceManagerService::GetNativeTokenInfo return false"); + return false; + } + LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); + LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); + LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) + { + LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); + } + LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); + LOGI("nativeTokenInfoRes.tokenAttr = %d", nativeTokenInfoRes.tokenAttr); + + bool bVal = false; + int res = AccessTokenKit::VerifyAccessToken(tokenCaller, permissionName); + if (res == PermissionState::PERMISSION_GRANTED) { + bVal = true; + } else { + bVal = false; + } + LOGI("leave DeviceManagerService::isSystemAppCalling 111111"); if (intFlag_) { LOGE("Init failed, singleton cannot be initialized multiple times"); return DM_INT_MULTIPLE; -- Gitee From 0436ae1f38e775e7b1c4e9fb0a6b034661516da8 Mon Sep 17 00:00:00 2001 From: wwx1134751 Date: Thu, 17 Feb 2022 17:37:06 +0800 Subject: [PATCH 2/3] test AT Signed-off-by: wwx1134751 --- interfaces/inner_kits/native_cpp/BUILD.gn | 1 + .../native_cpp/src/device_manager_impl.cpp | 104 +++++++++++------- services/devicemanagerservice/BUILD.gn | 1 + .../src/device_manager_service.cpp | 67 +++++++++++ 4 files changed, 131 insertions(+), 42 deletions(-) diff --git a/interfaces/inner_kits/native_cpp/BUILD.gn b/interfaces/inner_kits/native_cpp/BUILD.gn index 99011143a..643fb07d8 100644 --- a/interfaces/inner_kits/native_cpp/BUILD.gn +++ b/interfaces/inner_kits/native_cpp/BUILD.gn @@ -61,6 +61,7 @@ if (defined(ohos_lite)) { "ipc:ipc_core", "samgr_standard:samgr_proxy", "utils_base:utils", + "access_token:libaccesstoken_sdk", ] if (support_jsapi) { diff --git a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp index 811a6d7f4..d43299157 100644 --- a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp +++ b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp @@ -15,15 +15,10 @@ #include "device_manager_impl.h" -#ifdef SUPPORT_CALLING_ABILITY -#include "bundle_constants.h" -#include "bundle_info.h" -#include "bundle_mgr_client.h" -#include "bundle_mgr_interface.h" -#endif -#include "if_system_ability_manager.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" #include "device_manager_notify.h" #include "dm_constants.h" @@ -45,46 +40,71 @@ #include "ipc_verify_authenticate_req.h" #include "securec.h" -#ifdef SUPPORT_CALLING_ABILITY -using namespace OHOS::AppExecFwk; -using namespace OHOS::AppExecFwk::Constants; -#endif +using namespace OHOS::Security::AccessToken; namespace OHOS { namespace DistributedHardware { bool DeviceManagerImpl::isSystemAppCalling(void) { -#ifdef SUPPORT_CALLING_ABILITY - int32_t uid = IPCSkeleton::GetCallingUid(); - if (uid < 0) { - LOGI("app caller uid is: %d,", uid); + LOGI("Enter DeviceManagerImpl::isSystemAppCalling 111111"); + const std::string permissionName = "ohos.permission.CAMERA"; + + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + if (tokenFirstCaller == 0) { + LOGI("DeviceManagerImpl::tokenFirstCaller == 0"); return false; } - - sptr systemAbilityManager = - SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (systemAbilityManager == nullptr) { - LOGE("failed to get system ability mgr."); - return true; - } - sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); - if (remoteObject == nullptr) { - LOGE("failed to get bundle manager proxy."); - return true; - } - - LOGI("get bundle manager proxy success."); - sptr iBundleMgr = iface_cast(remoteObject); - if (iBundleMgr == nullptr) { - LOGI("iBundleMgr is nullptr, caller may be a process"); - return true; - } - - return iBundleMgr->CheckIsSystemAppByUid(uid); -#else - // Minimum system only native services will call - return true; -#endif + LOGI("DeviceManagerImpl::tokenFirstCaller ID == %d", tokenFirstCaller); + + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("DeviceManagerImpl::tokenCaller == 0"); + return false; + } + LOGI("DeviceManagerImpl::tokenCaller ID == %d", tokenCaller); + HapTokenInfo hapTokenInfoRes; + int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); + if(a1 != 0) + { + LOGI("DeviceManagerImpl::GetHapTokenInfo return false"); + return false; + } + LOGI("hapTokenInfoRes.apl = %d", hapTokenInfoRes.apl); + LOGI("hapTokenInfoRes.ver = %c", hapTokenInfoRes.ver); + LOGI("hapTokenInfoRes.userID = %d", hapTokenInfoRes.userID); + LOGI("hapTokenInfoRes.bundleName = %s", hapTokenInfoRes.bundleName.c_str()); + LOGI("hapTokenInfoRes.instIndex = %d", hapTokenInfoRes.instIndex); + LOGI("hapTokenInfoRes.appID = %s", hapTokenInfoRes.appID.c_str()); + LOGI("hapTokenInfoRes.deviceID = %s", hapTokenInfoRes.deviceID.c_str()); + LOGI("hapTokenInfoRes.tokenID = %d", hapTokenInfoRes.tokenID); + LOGI("hapTokenInfoRes.tokenAttr = %d", hapTokenInfoRes.tokenAttr); + + NativeTokenInfo nativeTokenInfoRes; + int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); + if(b1 != 0) + { + LOGI("DeviceManagerImpl::GetNativeTokenInfo return false"); + return false; + } + LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); + LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); + LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) + { + LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); + } + LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); + LOGI("nativeTokenInfoRes.tokenAttr = %d", nativeTokenInfoRes.tokenAttr); + + bool bVal = false; + int res = AccessTokenKit::VerifyAccessToken(tokenCaller, permissionName); + if (res == PermissionState::PERMISSION_GRANTED) { + bVal = true; + } else { + bVal = false; + } + LOGI("leave DeviceManagerImpl::isSystemAppCalling 111111"); + return bVal; } DeviceManagerImpl &DeviceManagerImpl::GetInstance() diff --git a/services/devicemanagerservice/BUILD.gn b/services/devicemanagerservice/BUILD.gn index cde4b3193..9cb7b2257 100644 --- a/services/devicemanagerservice/BUILD.gn +++ b/services/devicemanagerservice/BUILD.gn @@ -118,6 +118,7 @@ if (defined(ohos_lite)) { "startup_l2:syspara", "startup_l2:syspara_watchagent", "utils_base:utils", + "access_token:libaccesstoken_sdk", ] subsystem_name = "distributedhardware" diff --git a/services/devicemanagerservice/src/device_manager_service.cpp b/services/devicemanagerservice/src/device_manager_service.cpp index 8a02d7265..99369aa8e 100644 --- a/services/devicemanagerservice/src/device_manager_service.cpp +++ b/services/devicemanagerservice/src/device_manager_service.cpp @@ -25,7 +25,15 @@ #include "dm_log.h" #include "multiple_user_connector.h" +#include "ipc_skeleton.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" + + using namespace OHOS::EventFwk; +using namespace OHOS::Security::AccessToken; namespace OHOS { namespace DistributedHardware { @@ -44,6 +52,65 @@ DeviceManagerService::~DeviceManagerService() int32_t DeviceManagerService::Init() { + LOGI("Enter DeviceManagerService::isSystemAppCalling 111111"); + const std::string permissionName = "ohos.permission.CAMERA"; + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + if (tokenFirstCaller == 0) { + LOGI("DeviceManagerService::tokenFirstCaller ID == 0"); + return false; + } + LOGI("DeviceManagerService::tokenFirstCaller ID == %d", tokenFirstCaller); + + + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("DeviceManagerService::tokenCaller == 0"); + return false; + } + LOGI("DeviceManagerService::tokenCaller ID == %d", tokenCaller); + + HapTokenInfo hapTokenInfoRes; + int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); + if(a1 != 0) + { + LOGI("DeviceManagerService::GetHapTokenInfo return false"); + return false; + } + LOGI("hapTokenInfoRes.apl = %d", hapTokenInfoRes.apl); + LOGI("hapTokenInfoRes.ver = %c", hapTokenInfoRes.ver); + LOGI("hapTokenInfoRes.userID = %d", hapTokenInfoRes.userID); + LOGI("hapTokenInfoRes.bundleName = %s", hapTokenInfoRes.bundleName.c_str()); + LOGI("hapTokenInfoRes.instIndex = %d", hapTokenInfoRes.instIndex); + LOGI("hapTokenInfoRes.appID = %s", hapTokenInfoRes.appID.c_str()); + LOGI("hapTokenInfoRes.deviceID = %s", hapTokenInfoRes.deviceID.c_str()); + LOGI("hapTokenInfoRes.tokenID = %d", hapTokenInfoRes.tokenID); + LOGI("hapTokenInfoRes.tokenAttr = %d", hapTokenInfoRes.tokenAttr); + + NativeTokenInfo nativeTokenInfoRes; + int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); + if(b1 != 0) + { + LOGI("DeviceManagerService::GetNativeTokenInfo return false"); + return false; + } + LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); + LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); + LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) + { + LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); + } + LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); + LOGI("nativeTokenInfoRes.tokenAttr = %d", nativeTokenInfoRes.tokenAttr); + + bool bVal = false; + int res = AccessTokenKit::VerifyAccessToken(tokenCaller, permissionName); + if (res == PermissionState::PERMISSION_GRANTED) { + bVal = true; + } else { + bVal = false; + } + LOGI("leave DeviceManagerService::isSystemAppCalling 111111"); if (intFlag_) { LOGE("Init failed, singleton cannot be initialized multiple times"); return DM_INT_MULTIPLE; -- Gitee From f989b5b790eecbe2c0c2376c7792d1828e99e49e Mon Sep 17 00:00:00 2001 From: wuqi0105 Date: Thu, 17 Feb 2022 19:10:14 +0800 Subject: [PATCH 3/3] test AT2 Signed-off-by: wuqi0105 --- .../native_cpp/src/device_manager_impl.cpp | 19 ++++--------------- .../src/device_manager_service.cpp | 12 ++++-------- 2 files changed, 8 insertions(+), 23 deletions(-) diff --git a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp index d43299157..13cf8c227 100644 --- a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp +++ b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp @@ -49,7 +49,7 @@ bool DeviceManagerImpl::isSystemAppCalling(void) LOGI("Enter DeviceManagerImpl::isSystemAppCalling 111111"); const std::string permissionName = "ohos.permission.CAMERA"; - AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); if (tokenFirstCaller == 0) { LOGI("DeviceManagerImpl::tokenFirstCaller == 0"); return false; @@ -64,8 +64,7 @@ bool DeviceManagerImpl::isSystemAppCalling(void) LOGI("DeviceManagerImpl::tokenCaller ID == %d", tokenCaller); HapTokenInfo hapTokenInfoRes; int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); - if(a1 != 0) - { + if (a1 != 0) { LOGI("DeviceManagerImpl::GetHapTokenInfo return false"); return false; } @@ -81,29 +80,19 @@ bool DeviceManagerImpl::isSystemAppCalling(void) NativeTokenInfo nativeTokenInfoRes; int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); - if(b1 != 0) - { + if (b1 != 0) { LOGI("DeviceManagerImpl::GetNativeTokenInfo return false"); return false; } LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); - for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) - { + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) { LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); } LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); LOGI("nativeTokenInfoRes.tokenAttr = %d", nativeTokenInfoRes.tokenAttr); - bool bVal = false; - int res = AccessTokenKit::VerifyAccessToken(tokenCaller, permissionName); - if (res == PermissionState::PERMISSION_GRANTED) { - bVal = true; - } else { - bVal = false; - } - LOGI("leave DeviceManagerImpl::isSystemAppCalling 111111"); return bVal; } diff --git a/services/devicemanagerservice/src/device_manager_service.cpp b/services/devicemanagerservice/src/device_manager_service.cpp index 99369aa8e..ed99f0b9a 100644 --- a/services/devicemanagerservice/src/device_manager_service.cpp +++ b/services/devicemanagerservice/src/device_manager_service.cpp @@ -54,14 +54,13 @@ int32_t DeviceManagerService::Init() { LOGI("Enter DeviceManagerService::isSystemAppCalling 111111"); const std::string permissionName = "ohos.permission.CAMERA"; - AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); //获取首调者的AT + AccessTokenID tokenFirstCaller = IPCSkeleton::GetFirstTokenID(); if (tokenFirstCaller == 0) { LOGI("DeviceManagerService::tokenFirstCaller ID == 0"); return false; } LOGI("DeviceManagerService::tokenFirstCaller ID == %d", tokenFirstCaller); - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); if (tokenCaller == 0) { LOGI("DeviceManagerService::tokenCaller == 0"); @@ -71,8 +70,7 @@ int32_t DeviceManagerService::Init() HapTokenInfo hapTokenInfoRes; int a1 = AccessTokenKit::GetHapTokenInfo(tokenCaller, hapTokenInfoRes); - if(a1 != 0) - { + if (a1 != 0) { LOGI("DeviceManagerService::GetHapTokenInfo return false"); return false; } @@ -88,16 +86,14 @@ int32_t DeviceManagerService::Init() NativeTokenInfo nativeTokenInfoRes; int b1 = AccessTokenKit::GetNativeTokenInfo(tokenCaller, nativeTokenInfoRes); - if(b1 != 0) - { + if (b1 != 0) { LOGI("DeviceManagerService::GetNativeTokenInfo return false"); return false; } LOGI("nativeTokenInfoRes.apl = %d", nativeTokenInfoRes.apl); LOGI("nativeTokenInfoRes.ver = %c", nativeTokenInfoRes.ver); LOGI("nativeTokenInfoRes.processName = %s", nativeTokenInfoRes.processName.c_str()); - for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) - { + for (size_t i = 0; i < nativeTokenInfoRes.dcap.size(); i++) { LOGI("nativeTokenInfoRes.dcap[%d] = %s", i, nativeTokenInfoRes.dcap[i].c_str()); } LOGI("nativeTokenInfoRes.tokenID = %d", nativeTokenInfoRes.tokenID); -- Gitee