diff --git a/common/include/dm_constants.h b/common/include/dm_constants.h index 1206f3909740ac8325d19fdcb5f1a940afb2e817..184e2e1fcbf89573d81752169c3b772a7331a065 100644 --- a/common/include/dm_constants.h +++ b/common/include/dm_constants.h @@ -52,7 +52,7 @@ enum { DM_UNINIT_FAILED, DM_POINT_NULL, DM_INPUT_PARA_EMPTY, - DM_NOT_SYSTEM_APP, + DM_NO_PERMISSION, DM_INVALID_VALUE, DM_FLATTEN_OBJECT, DM_MALLOC_ERROR, diff --git a/interfaces/inner_kits/native_cpp/BUILD.gn b/interfaces/inner_kits/native_cpp/BUILD.gn index 99011143aa34c6f8bd509c458f50138fd8ed6ce1..a842f4b22d1860015ff9a3330a20bd4cdc946eae 100644 --- a/interfaces/inner_kits/native_cpp/BUILD.gn +++ b/interfaces/inner_kits/native_cpp/BUILD.gn @@ -63,15 +63,6 @@ if (defined(ohos_lite)) { "utils_base:utils", ] - if (support_jsapi) { - deps += [ "//foundation/aafwk/standard/interfaces/innerkits/want:want" ] - external_deps += [ - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - ] - defines += [ "SUPPORT_CALLING_ABILITY" ] - } - subsystem_name = "distributedhardware" part_name = "device_manager_base" diff --git a/interfaces/inner_kits/native_cpp/include/device_manager_impl.h b/interfaces/inner_kits/native_cpp/include/device_manager_impl.h index 46d8c3222c242a4e50e3d987e67de17c24e3c86d..1e38d7dbd2d428385033505db1e067daab71cf98 100644 --- a/interfaces/inner_kits/native_cpp/include/device_manager_impl.h +++ b/interfaces/inner_kits/native_cpp/include/device_manager_impl.h @@ -64,9 +64,6 @@ private: DeviceManagerImpl(DeviceManagerImpl &&) = delete; DeviceManagerImpl &operator=(DeviceManagerImpl &&) = delete; -private: - bool isSystemAppCalling(void); - private: std::shared_ptr ipcClientProxy_ = std::make_shared(std::make_shared()); diff --git a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp index 811a6d7f49c9bacdfd17d18f177127b3dcd7b8a6..452c1704a3fdfdb0b8c66cd3540d8c13f8df4bb7 100644 --- a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp +++ b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp @@ -14,17 +14,6 @@ */ #include "device_manager_impl.h" - -#ifdef SUPPORT_CALLING_ABILITY -#include "bundle_constants.h" -#include "bundle_info.h" -#include "bundle_mgr_client.h" -#include "bundle_mgr_interface.h" -#endif -#include "if_system_ability_manager.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" - #include "device_manager_notify.h" #include "dm_constants.h" #include "dm_log.h" @@ -45,48 +34,8 @@ #include "ipc_verify_authenticate_req.h" #include "securec.h" -#ifdef SUPPORT_CALLING_ABILITY -using namespace OHOS::AppExecFwk; -using namespace OHOS::AppExecFwk::Constants; -#endif - namespace OHOS { namespace DistributedHardware { -bool DeviceManagerImpl::isSystemAppCalling(void) -{ -#ifdef SUPPORT_CALLING_ABILITY - int32_t uid = IPCSkeleton::GetCallingUid(); - if (uid < 0) { - LOGI("app caller uid is: %d,", uid); - return false; - } - - sptr systemAbilityManager = - SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (systemAbilityManager == nullptr) { - LOGE("failed to get system ability mgr."); - return true; - } - sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); - if (remoteObject == nullptr) { - LOGE("failed to get bundle manager proxy."); - return true; - } - - LOGI("get bundle manager proxy success."); - sptr iBundleMgr = iface_cast(remoteObject); - if (iBundleMgr == nullptr) { - LOGI("iBundleMgr is nullptr, caller may be a process"); - return true; - } - - return iBundleMgr->CheckIsSystemAppByUid(uid); -#else - // Minimum system only native services will call - return true; -#endif -} - DeviceManagerImpl &DeviceManagerImpl::GetInstance() { static DeviceManagerImpl instance; @@ -96,11 +45,6 @@ DeviceManagerImpl &DeviceManagerImpl::GetInstance() int32_t DeviceManagerImpl::InitDeviceManager(const std::string &pkgName, std::shared_ptr dmInitCallback) { LOGI("DeviceManager::InitDeviceManager start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || dmInitCallback == nullptr) { LOGE("InitDeviceManager error: Invalid parameter"); return DM_INVALID_VALUE; @@ -120,11 +64,6 @@ int32_t DeviceManagerImpl::InitDeviceManager(const std::string &pkgName, std::sh int32_t DeviceManagerImpl::UnInitDeviceManager(const std::string &pkgName) { LOGI("DeviceManager::UnInitDeviceManager start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("UnInitDeviceManager error: Invalid parameter"); return DM_INVALID_VALUE; @@ -145,11 +84,6 @@ int32_t DeviceManagerImpl::GetTrustedDeviceList(const std::string &pkgName, cons std::vector &deviceList) { LOGI("DeviceManager::GetTrustedDeviceList start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("GetTrustedDeviceList error: Invalid para"); return DM_INVALID_VALUE; @@ -179,11 +113,6 @@ int32_t DeviceManagerImpl::GetTrustedDeviceList(const std::string &pkgName, cons int32_t DeviceManagerImpl::GetLocalDeviceInfo(const std::string &pkgName, DmDeviceInfo &info) { LOGI("DeviceManager::GetLocalDeviceInfo start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - std::shared_ptr req = std::make_shared(); std::shared_ptr rsp = std::make_shared(); req->SetPkgName(pkgName); @@ -208,11 +137,6 @@ int32_t DeviceManagerImpl::RegisterDevStateCallback(const std::string &pkgName, std::shared_ptr callback) { LOGI("DeviceManager::RegisterDevStateCallback start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || callback == nullptr) { LOGE("RegisterDevStateCallback error: Invalid para"); return DM_INVALID_VALUE; @@ -226,11 +150,6 @@ int32_t DeviceManagerImpl::RegisterDevStateCallback(const std::string &pkgName, int32_t DeviceManagerImpl::UnRegisterDevStateCallback(const std::string &pkgName) { LOGI("DeviceManager::UnRegisterDevStateCallback start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("UnRegisterDevStateCallback error: Invalid para"); return DM_INVALID_VALUE; @@ -245,11 +164,6 @@ int32_t DeviceManagerImpl::StartDeviceDiscovery(const std::string &pkgName, cons const std::string &extra, std::shared_ptr callback) { LOGI("DeviceManager::StartDeviceDiscovery start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || callback == nullptr) { LOGE("StartDeviceDiscovery error: Invalid para"); return DM_INVALID_VALUE; @@ -282,11 +196,6 @@ int32_t DeviceManagerImpl::StartDeviceDiscovery(const std::string &pkgName, cons int32_t DeviceManagerImpl::StopDeviceDiscovery(const std::string &pkgName, uint16_t subscribeId) { LOGI("DeviceManager::StopDeviceDiscovery start , pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("StopDeviceDiscovery error: Invalid para"); return DM_INVALID_VALUE; @@ -319,11 +228,6 @@ int32_t DeviceManagerImpl::AuthenticateDevice(const std::string &pkgName, int32_ std::shared_ptr callback) { LOGI("DeviceManager::AuthenticateDevice start , pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("AuthenticateDevice error: Invalid para"); return DM_INVALID_VALUE; @@ -356,10 +260,6 @@ int32_t DeviceManagerImpl::AuthenticateDevice(const std::string &pkgName, int32_ int32_t DeviceManagerImpl::UnAuthenticateDevice(const std::string &pkgName, const std::string &deviceId) { LOGI("DeviceManager::UnAuthenticateDevice start , pkgName: %s, deviceId: %s", pkgName.c_str(), deviceId.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } if (deviceId.empty()) { LOGE("UnAuthenticateDevice error: Invalid para"); @@ -417,10 +317,6 @@ int32_t DeviceManagerImpl::VerifyAuthentication(const std::string &pkgName, cons std::shared_ptr callback) { LOGI("DeviceManager::VerifyAuthentication start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } if (pkgName.empty()) { LOGE("VerifyAuthentication error: Invalid para"); return DM_INVALID_VALUE; diff --git a/services/devicemanagerservice/BUILD.gn b/services/devicemanagerservice/BUILD.gn index cde4b3193c839c7d977c0188478d1d6adbfb58ef..12ddf9c64f13a76f755efe6514722b1bbc81d046 100644 --- a/services/devicemanagerservice/BUILD.gn +++ b/services/devicemanagerservice/BUILD.gn @@ -49,6 +49,7 @@ if (defined(ohos_lite)) { "${common_path}/include", "${common_path}/include/ipc", "${common_path}/include/ipc/model", + "${utils_path}/include/permission/standard", "//base/security/deviceauth/interfaces/innerkits", "//third_party/json/include", "//base/account/os_account/interfaces/innerkits/osaccount/native/include", diff --git a/services/devicemanagerservice/src/device_manager_service.cpp b/services/devicemanagerservice/src/device_manager_service.cpp index 8a02d72652ff492a4d90a471db1de89b8175c9a4..fe343b58358b72a79b866cf9594e2e7fe0f01b20 100644 --- a/services/devicemanagerservice/src/device_manager_service.cpp +++ b/services/devicemanagerservice/src/device_manager_service.cpp @@ -24,6 +24,7 @@ #include "dm_device_info_manager.h" #include "dm_log.h" #include "multiple_user_connector.h" +#include "permission_manager.h" using namespace OHOS::EventFwk; @@ -48,6 +49,12 @@ int32_t DeviceManagerService::Init() LOGE("Init failed, singleton cannot be initialized multiple times"); return DM_INT_MULTIPLE; } + + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } + if (softbusConnector_ == nullptr) { softbusConnector_ = std::make_shared(); if (softbusConnector_ == nullptr) { @@ -122,6 +129,10 @@ int32_t DeviceManagerService::Init() int32_t DeviceManagerService::GetTrustedDeviceList(const std::string &pkgName, const std::string &extra, std::vector &deviceList) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("GetTrustedDeviceList failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -135,6 +146,10 @@ int32_t DeviceManagerService::GetTrustedDeviceList(const std::string &pkgName, c int32_t DeviceManagerService::GetLocalDeviceInfo(DmDeviceInfo &info) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("GetLocalDeviceInfo failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -177,6 +192,10 @@ int32_t DeviceManagerService::GetUuidByNetworkId(const std::string &pkgName, con int32_t DeviceManagerService::StartDeviceDiscovery(const std::string &pkgName, const DmSubscribeInfo &subscribeInfo, const std::string &extra) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("StartDeviceDiscovery failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -190,6 +209,10 @@ int32_t DeviceManagerService::StartDeviceDiscovery(const std::string &pkgName, c int32_t DeviceManagerService::StopDeviceDiscovery(const std::string &pkgName, uint16_t subscribeId) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("StopDeviceDiscovery failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -204,6 +227,10 @@ int32_t DeviceManagerService::StopDeviceDiscovery(const std::string &pkgName, ui int32_t DeviceManagerService::AuthenticateDevice(const std::string &pkgName, int32_t authType, const std::string &deviceId, const std::string &extra) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("AuthenticateDevice failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -221,6 +248,10 @@ int32_t DeviceManagerService::AuthenticateDevice(const std::string &pkgName, int int32_t DeviceManagerService::UnAuthenticateDevice(const std::string &pkgName, const std::string &deviceId) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("UnAuthenticateDevice failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -238,6 +269,10 @@ int32_t DeviceManagerService::UnAuthenticateDevice(const std::string &pkgName, c int32_t DeviceManagerService::VerifyAuthentication(const std::string &authParam) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("VerifyAuthentication failed, singleton not init or init fail"); return DM_NOT_INIT; diff --git a/utils/BUILD.gn b/utils/BUILD.gn index 7080341e1f3ff8f63d0eb2955960a14cd2b550b7..ed13a0b4e6a0fe00ffb46e4799050d51af3b7c9c 100644 --- a/utils/BUILD.gn +++ b/utils/BUILD.gn @@ -30,6 +30,7 @@ if (defined(ohos_lite)) { "${common_path}/include", "${common_path}/include/ipc", "${common_path}/include/ipc/model", + "include/permission/standard", ] } @@ -39,6 +40,7 @@ if (defined(ohos_lite)) { "src/dm_log.cpp", "src/dm_random.cpp", "src/ipc/standard/ipc_cmd_register.cpp", + "src/permission/standard/permission_manager.cpp", ] public_configs = [ ":devicemanagerutils_config" ] @@ -49,11 +51,19 @@ if (defined(ohos_lite)) { "LOG_DOMAIN=0xD004100", ] - deps = [ "//third_party/mbedtls:mbedtls_shared" ] + deps = [ + "//foundation/aafwk/standard/interfaces/innerkits/want:want", + "//third_party/mbedtls:mbedtls_shared", + ] external_deps = [ + "access_token:libaccesstoken_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", + "safwk:system_ability_fwk", + "samgr_standard:samgr_proxy", "utils_base:utils", ] diff --git a/utils/include/permission/lite/permission_manager.h b/utils/include/permission/lite/permission_manager.h new file mode 100644 index 0000000000000000000000000000000000000000..fa0b937568c1957510bee7b6c54c4cefe5d3a3a7 --- /dev/null +++ b/utils/include/permission/lite/permission_manager.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_DM_PERMISSION_MANAGER_H +#define OHOS_DM_PERMISSION_MANAGER_H + +#include "single_instance.h" + +namespace OHOS { +namespace DistributedHardware { +class PermissionManager { + DECLARE_SINGLE_INSTANCE(PermissionManager); + +public: + bool CheckPermission(void); +}; +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_DM_PERMISSION_MANAGER_H diff --git a/utils/include/permission/standard/permission_manager.h b/utils/include/permission/standard/permission_manager.h new file mode 100644 index 0000000000000000000000000000000000000000..fa0b937568c1957510bee7b6c54c4cefe5d3a3a7 --- /dev/null +++ b/utils/include/permission/standard/permission_manager.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_DM_PERMISSION_MANAGER_H +#define OHOS_DM_PERMISSION_MANAGER_H + +#include "single_instance.h" + +namespace OHOS { +namespace DistributedHardware { +class PermissionManager { + DECLARE_SINGLE_INSTANCE(PermissionManager); + +public: + bool CheckPermission(void); +}; +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_DM_PERMISSION_MANAGER_H diff --git a/utils/src/permission/lite/permission_manager.cpp b/utils/src/permission/lite/permission_manager.cpp new file mode 100644 index 0000000000000000000000000000000000000000..356a131314033f8c1ccfa74ed6840b44e509b525 --- /dev/null +++ b/utils/src/permission/lite/permission_manager.cpp @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_manager.h" + +namespace OHOS { +namespace DistributedHardware { +IMPLEMENT_SINGLE_INSTANCE(PermissionManager); + +bool PermissionManager::CheckPermission(void) +{ + return true; +} +} // namespace DistributedHardware +} // namespace OHOS diff --git a/utils/src/permission/standard/permission_manager.cpp b/utils/src/permission/standard/permission_manager.cpp new file mode 100644 index 0000000000000000000000000000000000000000..82a0ad7af8391dad1054f3a94890cd40350d1886 --- /dev/null +++ b/utils/src/permission/standard/permission_manager.cpp @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_manager.h" + +#include "bundle_constants.h" +#include "bundle_info.h" +#include "bundle_mgr_client.h" +#include "bundle_mgr_interface.h" +#include "if_system_ability_manager.h" +#include "iservice_registry.h" +#include "system_ability_definition.h" +#include "ipc_skeleton.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" +#include "dm_log.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::Constants; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +namespace DistributedHardware { +IMPLEMENT_SINGLE_INSTANCE(PermissionManager); + +bool PermissionManager::CheckPermission(void) +{ + LOGI("Enter PermissionManager::CheckPermission"); + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("PermissionManager::tokenCaller == 0"); + return false; + } + LOGI("PermissionManager::tokenCaller ID == %d", tokenCaller); + + ATokenTypeEnum tokenTypeFlag = AccessTokenKit::GetTokenTypeFlag(tokenCaller); + if (tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { + int32_t uid = IPCSkeleton::GetCallingUid(); + if (uid < 0) { + LOGI("app caller uid is: %d,", uid); + return false; + } + + sptr systemAbilityManager = + SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemAbilityManager == nullptr) { + LOGE("failed to get system ability mgr."); + return true; + } + sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); + if (remoteObject == nullptr) { + LOGE("failed to get bundle manager proxy."); + return true; + } + + LOGI("get bundle manager proxy success."); + sptr iBundleMgr = iface_cast(remoteObject); + if (iBundleMgr == nullptr) { + LOGI("iBundleMgr is nullptr, caller may be a process"); + return true; + } + LOGI("PermissionManager::tokenTypeFlag is hap process"); + return iBundleMgr->CheckIsSystemAppByUid(uid); + } else if (tokenTypeFlag == ATokenTypeEnum::TOKEN_NATIVE) { + LOGI("PermissionManager::tokenTypeFlag is native process"); + return true; + } else { + LOGI("PermissionManager::invalid tokenTypeFlag"); + return false; + } +} +} // namespace DistributedHardware +} // namespace OHOS