diff --git a/README_zh.md b/README_zh.md index ad0f988a254c8e4b9248baf98b82e19c11097cdb..5df737b4756f30bd49aa4a48ab5f54f00d7bb749 100644 --- a/README_zh.md +++ b/README_zh.md @@ -103,29 +103,19 @@ foundation/distributedhardware/devicemanager | release(): void; | 释放DeviceManager实例 | +- 系统能力接口: -- 开放能力接口: + 提供可信设备列表获取、可信设备状态监听、周边设备发现、设备认证等相关接口,该部分作为系统能力接口,仅供系统应用调用。 - 提供可信设备列表获取、可信设备状态监听等接口能力,所有应用均可进行接口调用。 + 开始设备发现、停止发现设备接口要配对使用,使用同一个subscribeId。 -| 原型 | 描述 | -| ------- | ---------- | +| 原型 | 描述 | +| ------------------------------------------------------------ | -------------------- | | getTrustedDeviceListSync(): Array; | 获取信任设备列表 | | on(type: 'deviceStateChange', callback: Callback<{ action: DeviceStateChangeAction, device: DeviceInfo }>): void; | 设备状态变更回调 | | off(type: 'deviceStateChange', callback?: Callback<{ action: DeviceStateChangeAction, device: DeviceInfo }>): void; | 取消设备状态变更回调 | | on(type: 'serviceDie', callback: () => void): void; | 服务错误回调 | | off(type: 'serviceDie', callback?: () => void): void; | 取消服务错误回调 | - - - -- 系统能力接口: - - 提供周边设备发现、设备认证等相关接口,该部分作为系统能力接口,仅供系统应用调用。 - - 开始设备发现、停止发现设备接口要配对使用,使用同一个subscribeId。 - -| 原型 | 描述 | -| ------------------------------------------------------------ | -------------------- | | startDeviceDiscovery(subscribeInfo: SubscribeInfo): void; | 开始设备发现 | | stopDeviceDiscovery(subscribeId: number): void; | 停止发现设备 | | authenticateDevice(deviceInfo: DeviceInfo, authparam: AuthParam, callback: AsyncCallback<{deviceId: string, pinTone ?: number}>): void; | 设备认证接口 | @@ -153,6 +143,9 @@ dmClass.off('deviceStateChange') // 查询可信设备列表 var array = dmClass.getTrustedDeviceListSync(); +// 获取本地设备信息 +var localDeviceInfo = dmClass.getLocalDeviceInfoSync(); + // 开始设备发现(发现周边不可信设备) var subscribeId = 0; dmClass.on('deviceFound', (data) => { @@ -187,16 +180,15 @@ var deviceInfo ={ deviceType: 0 }; let extraInfo = { - "targetPkgName": 'xxxxxxxx', // FA流转目标设备包名 + "appIcon": new Uint8Array(), // app图标,可选参数,可不填 + "appThumbnail": new Uint8Array(), // app缩略图,可选参数,可不填 "appName": "xxxxxxxx", // 对端设备应用名称 "appDescription": "xxxxxxxx", // app描述 "business": '0', - "displayOwner": 0 + "displayOwner": 0, } let authParam = { "authType": 1, - "appIcon": new Uint8Array(), // app图标,可选参数,可不填 - "appThumbnail": new Uint8Array(), // app缩略图,可选参数,可不填 "extraInfo": extraInfo } dmClass.authenticateDevice(this.deviceInfo, authParam, (err, data) => { @@ -209,6 +201,9 @@ dmClass.authenticateDevice(this.deviceInfo, authParam, (err, data) => { console.info(TAG + "authenticateDevice result:" + JSON.stringify(data)); token = data.pinToken; }); + +// 设备取消认证 +dmClass.unAuthenticateDevice(this.deviceInfo); ``` ## 系统弹框FA @@ -239,5 +234,4 @@ dmClass.authenticateDevice(this.deviceInfo, authParam, (err, data) => { [**interface_sdk-js**](https://gitee.com/openharmony/interface_sdk-js/) [**applications_hap**](https://gitee.com/openharmony/applications_hap) -**device_manager** - +**device_manager** \ No newline at end of file diff --git a/common/include/dm_constants.h b/common/include/dm_constants.h index 1206f3909740ac8325d19fdcb5f1a940afb2e817..184e2e1fcbf89573d81752169c3b772a7331a065 100644 --- a/common/include/dm_constants.h +++ b/common/include/dm_constants.h @@ -52,7 +52,7 @@ enum { DM_UNINIT_FAILED, DM_POINT_NULL, DM_INPUT_PARA_EMPTY, - DM_NOT_SYSTEM_APP, + DM_NO_PERMISSION, DM_INVALID_VALUE, DM_FLATTEN_OBJECT, DM_MALLOC_ERROR, diff --git a/ext/profile/include/device_profile_adapter.h b/ext/profile/include/device_profile_adapter.h index 3703a619a921ae9e90f787451a5e20fa93bcfef9..5425bc1de3282351f4ef2ae0ad2bd570306f10f6 100644 --- a/ext/profile/include/device_profile_adapter.h +++ b/ext/profile/include/device_profile_adapter.h @@ -24,7 +24,8 @@ namespace OHOS { namespace DistributedHardware { -class DeviceProfileAdapter : public IProfileAdapter, public IProfileConnectorCallback { +class DeviceProfileAdapter : public IProfileAdapter, public IProfileConnectorCallback, + public std::enable_shared_from_this { public: DeviceProfileAdapter(); ~DeviceProfileAdapter(); diff --git a/ext/profile/src/device_profile_adapter.cpp b/ext/profile/src/device_profile_adapter.cpp index 5d6165a01ba16b33944f5f71870e1a43e5119fe4..b036406eb1dd7b37359d33985787050d295f224d 100644 --- a/ext/profile/src/device_profile_adapter.cpp +++ b/ext/profile/src/device_profile_adapter.cpp @@ -36,13 +36,13 @@ int32_t DeviceProfileAdapter::RegisterProfileListener(const std::string &pkgName { LOGI("DeviceProfileAdapter::RegisterProfileListener"); deviceProfileAdapterCallback_ = callback; - profileConnector_->RegisterProfileCallback(pkgName, deviceId, std::shared_ptr(this)); + profileConnector_->RegisterProfileCallback(pkgName, deviceId, shared_from_this()); return DM_OK; } int32_t DeviceProfileAdapter::UnRegisterProfileListener(const std::string &pkgName) { - LOGI("DeviceProfileAdapter::RegisterProfileListener"); + LOGI("DeviceProfileAdapter::UnRegisterProfileListener"); deviceProfileAdapterCallback_ = nullptr; profileConnector_->UnRegisterProfileCallback(pkgName); return DM_OK; diff --git a/interfaces/inner_kits/native_cpp/BUILD.gn b/interfaces/inner_kits/native_cpp/BUILD.gn index 99011143aa34c6f8bd509c458f50138fd8ed6ce1..a842f4b22d1860015ff9a3330a20bd4cdc946eae 100644 --- a/interfaces/inner_kits/native_cpp/BUILD.gn +++ b/interfaces/inner_kits/native_cpp/BUILD.gn @@ -63,15 +63,6 @@ if (defined(ohos_lite)) { "utils_base:utils", ] - if (support_jsapi) { - deps += [ "//foundation/aafwk/standard/interfaces/innerkits/want:want" ] - external_deps += [ - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - ] - defines += [ "SUPPORT_CALLING_ABILITY" ] - } - subsystem_name = "distributedhardware" part_name = "device_manager_base" diff --git a/interfaces/inner_kits/native_cpp/include/device_manager_impl.h b/interfaces/inner_kits/native_cpp/include/device_manager_impl.h index 46d8c3222c242a4e50e3d987e67de17c24e3c86d..1e38d7dbd2d428385033505db1e067daab71cf98 100644 --- a/interfaces/inner_kits/native_cpp/include/device_manager_impl.h +++ b/interfaces/inner_kits/native_cpp/include/device_manager_impl.h @@ -64,9 +64,6 @@ private: DeviceManagerImpl(DeviceManagerImpl &&) = delete; DeviceManagerImpl &operator=(DeviceManagerImpl &&) = delete; -private: - bool isSystemAppCalling(void); - private: std::shared_ptr ipcClientProxy_ = std::make_shared(std::make_shared()); diff --git a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp index 811a6d7f49c9bacdfd17d18f177127b3dcd7b8a6..452c1704a3fdfdb0b8c66cd3540d8c13f8df4bb7 100644 --- a/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp +++ b/interfaces/inner_kits/native_cpp/src/device_manager_impl.cpp @@ -14,17 +14,6 @@ */ #include "device_manager_impl.h" - -#ifdef SUPPORT_CALLING_ABILITY -#include "bundle_constants.h" -#include "bundle_info.h" -#include "bundle_mgr_client.h" -#include "bundle_mgr_interface.h" -#endif -#include "if_system_ability_manager.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" - #include "device_manager_notify.h" #include "dm_constants.h" #include "dm_log.h" @@ -45,48 +34,8 @@ #include "ipc_verify_authenticate_req.h" #include "securec.h" -#ifdef SUPPORT_CALLING_ABILITY -using namespace OHOS::AppExecFwk; -using namespace OHOS::AppExecFwk::Constants; -#endif - namespace OHOS { namespace DistributedHardware { -bool DeviceManagerImpl::isSystemAppCalling(void) -{ -#ifdef SUPPORT_CALLING_ABILITY - int32_t uid = IPCSkeleton::GetCallingUid(); - if (uid < 0) { - LOGI("app caller uid is: %d,", uid); - return false; - } - - sptr systemAbilityManager = - SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (systemAbilityManager == nullptr) { - LOGE("failed to get system ability mgr."); - return true; - } - sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); - if (remoteObject == nullptr) { - LOGE("failed to get bundle manager proxy."); - return true; - } - - LOGI("get bundle manager proxy success."); - sptr iBundleMgr = iface_cast(remoteObject); - if (iBundleMgr == nullptr) { - LOGI("iBundleMgr is nullptr, caller may be a process"); - return true; - } - - return iBundleMgr->CheckIsSystemAppByUid(uid); -#else - // Minimum system only native services will call - return true; -#endif -} - DeviceManagerImpl &DeviceManagerImpl::GetInstance() { static DeviceManagerImpl instance; @@ -96,11 +45,6 @@ DeviceManagerImpl &DeviceManagerImpl::GetInstance() int32_t DeviceManagerImpl::InitDeviceManager(const std::string &pkgName, std::shared_ptr dmInitCallback) { LOGI("DeviceManager::InitDeviceManager start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || dmInitCallback == nullptr) { LOGE("InitDeviceManager error: Invalid parameter"); return DM_INVALID_VALUE; @@ -120,11 +64,6 @@ int32_t DeviceManagerImpl::InitDeviceManager(const std::string &pkgName, std::sh int32_t DeviceManagerImpl::UnInitDeviceManager(const std::string &pkgName) { LOGI("DeviceManager::UnInitDeviceManager start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("UnInitDeviceManager error: Invalid parameter"); return DM_INVALID_VALUE; @@ -145,11 +84,6 @@ int32_t DeviceManagerImpl::GetTrustedDeviceList(const std::string &pkgName, cons std::vector &deviceList) { LOGI("DeviceManager::GetTrustedDeviceList start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("GetTrustedDeviceList error: Invalid para"); return DM_INVALID_VALUE; @@ -179,11 +113,6 @@ int32_t DeviceManagerImpl::GetTrustedDeviceList(const std::string &pkgName, cons int32_t DeviceManagerImpl::GetLocalDeviceInfo(const std::string &pkgName, DmDeviceInfo &info) { LOGI("DeviceManager::GetLocalDeviceInfo start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - std::shared_ptr req = std::make_shared(); std::shared_ptr rsp = std::make_shared(); req->SetPkgName(pkgName); @@ -208,11 +137,6 @@ int32_t DeviceManagerImpl::RegisterDevStateCallback(const std::string &pkgName, std::shared_ptr callback) { LOGI("DeviceManager::RegisterDevStateCallback start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || callback == nullptr) { LOGE("RegisterDevStateCallback error: Invalid para"); return DM_INVALID_VALUE; @@ -226,11 +150,6 @@ int32_t DeviceManagerImpl::RegisterDevStateCallback(const std::string &pkgName, int32_t DeviceManagerImpl::UnRegisterDevStateCallback(const std::string &pkgName) { LOGI("DeviceManager::UnRegisterDevStateCallback start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("UnRegisterDevStateCallback error: Invalid para"); return DM_INVALID_VALUE; @@ -245,11 +164,6 @@ int32_t DeviceManagerImpl::StartDeviceDiscovery(const std::string &pkgName, cons const std::string &extra, std::shared_ptr callback) { LOGI("DeviceManager::StartDeviceDiscovery start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty() || callback == nullptr) { LOGE("StartDeviceDiscovery error: Invalid para"); return DM_INVALID_VALUE; @@ -282,11 +196,6 @@ int32_t DeviceManagerImpl::StartDeviceDiscovery(const std::string &pkgName, cons int32_t DeviceManagerImpl::StopDeviceDiscovery(const std::string &pkgName, uint16_t subscribeId) { LOGI("DeviceManager::StopDeviceDiscovery start , pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("StopDeviceDiscovery error: Invalid para"); return DM_INVALID_VALUE; @@ -319,11 +228,6 @@ int32_t DeviceManagerImpl::AuthenticateDevice(const std::string &pkgName, int32_ std::shared_ptr callback) { LOGI("DeviceManager::AuthenticateDevice start , pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } - if (pkgName.empty()) { LOGE("AuthenticateDevice error: Invalid para"); return DM_INVALID_VALUE; @@ -356,10 +260,6 @@ int32_t DeviceManagerImpl::AuthenticateDevice(const std::string &pkgName, int32_ int32_t DeviceManagerImpl::UnAuthenticateDevice(const std::string &pkgName, const std::string &deviceId) { LOGI("DeviceManager::UnAuthenticateDevice start , pkgName: %s, deviceId: %s", pkgName.c_str(), deviceId.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } if (deviceId.empty()) { LOGE("UnAuthenticateDevice error: Invalid para"); @@ -417,10 +317,6 @@ int32_t DeviceManagerImpl::VerifyAuthentication(const std::string &pkgName, cons std::shared_ptr callback) { LOGI("DeviceManager::VerifyAuthentication start, pkgName: %s", pkgName.c_str()); - if (!isSystemAppCalling()) { - LOGI("the caller is not a system app"); - return DM_NOT_SYSTEM_APP; - } if (pkgName.empty()) { LOGE("VerifyAuthentication error: Invalid para"); return DM_INVALID_VALUE; diff --git a/services/devicemanagerservice/BUILD.gn b/services/devicemanagerservice/BUILD.gn index cde4b3193c839c7d977c0188478d1d6adbfb58ef..12ddf9c64f13a76f755efe6514722b1bbc81d046 100644 --- a/services/devicemanagerservice/BUILD.gn +++ b/services/devicemanagerservice/BUILD.gn @@ -49,6 +49,7 @@ if (defined(ohos_lite)) { "${common_path}/include", "${common_path}/include/ipc", "${common_path}/include/ipc/model", + "${utils_path}/include/permission/standard", "//base/security/deviceauth/interfaces/innerkits", "//third_party/json/include", "//base/account/os_account/interfaces/innerkits/osaccount/native/include", diff --git a/services/devicemanagerservice/src/device_manager_service.cpp b/services/devicemanagerservice/src/device_manager_service.cpp index 88541338f4102005d69adf7b9ed465ce023482a4..a5f33b609193ee288ac7aebf569854318f89ea69 100644 --- a/services/devicemanagerservice/src/device_manager_service.cpp +++ b/services/devicemanagerservice/src/device_manager_service.cpp @@ -24,6 +24,7 @@ #include "dm_device_info_manager.h" #include "dm_log.h" #include "multiple_user_connector.h" +#include "permission_manager.h" using namespace OHOS::EventFwk; @@ -48,6 +49,12 @@ int32_t DeviceManagerService::Init() LOGE("Init failed, singleton cannot be initialized multiple times"); return DM_INT_MULTIPLE; } + + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } + if (softbusConnector_ == nullptr) { softbusConnector_ = std::make_shared(); if (softbusConnector_ == nullptr) { @@ -122,6 +129,10 @@ int32_t DeviceManagerService::Init() int32_t DeviceManagerService::GetTrustedDeviceList(const std::string &pkgName, const std::string &extra, std::vector &deviceList) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("GetTrustedDeviceList failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -135,6 +146,10 @@ int32_t DeviceManagerService::GetTrustedDeviceList(const std::string &pkgName, c int32_t DeviceManagerService::GetLocalDeviceInfo(DmDeviceInfo &info) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("GetLocalDeviceInfo failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -177,6 +192,10 @@ int32_t DeviceManagerService::GetUuidByNetworkId(const std::string &pkgName, con int32_t DeviceManagerService::StartDeviceDiscovery(const std::string &pkgName, const DmSubscribeInfo &subscribeInfo, const std::string &extra) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("StartDeviceDiscovery failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -190,6 +209,10 @@ int32_t DeviceManagerService::StartDeviceDiscovery(const std::string &pkgName, c int32_t DeviceManagerService::StopDeviceDiscovery(const std::string &pkgName, uint16_t subscribeId) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("StopDeviceDiscovery failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -204,6 +227,10 @@ int32_t DeviceManagerService::StopDeviceDiscovery(const std::string &pkgName, ui int32_t DeviceManagerService::AuthenticateDevice(const std::string &pkgName, int32_t authType, const std::string &deviceId, const std::string &extra) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("AuthenticateDevice failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -221,6 +248,10 @@ int32_t DeviceManagerService::AuthenticateDevice(const std::string &pkgName, int int32_t DeviceManagerService::UnAuthenticateDevice(const std::string &pkgName, const std::string &deviceId) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("UnAuthenticateDevice failed, singleton not init or init fail"); return DM_NOT_INIT; @@ -238,6 +269,10 @@ int32_t DeviceManagerService::UnAuthenticateDevice(const std::string &pkgName, c int32_t DeviceManagerService::VerifyAuthentication(const std::string &authParam) { + if (!PermissionManager::GetInstance().CheckPermission()) { + LOGI("The caller does not have permission to call"); + return DM_NO_PERMISSION; + } if (!intFlag_) { LOGE("VerifyAuthentication failed, singleton not init or init fail"); return DM_NOT_INIT; diff --git a/services/devicemanagerservice/src/devicestate/dm_device_state_manager.cpp b/services/devicemanagerservice/src/devicestate/dm_device_state_manager.cpp index 98ba3c7f2c79c23059f9c8e52b7d54beac0e7b91..3750ae545d5d71181002be382e0285f03f88b702 100644 --- a/services/devicemanagerservice/src/devicestate/dm_device_state_manager.cpp +++ b/services/devicemanagerservice/src/devicestate/dm_device_state_manager.cpp @@ -70,6 +70,7 @@ void DmDeviceStateManager::OnDeviceOnline(const std::string &pkgName, const DmDe remoteDeviceInfos_[uuid] = saveInfo; LOGI("RegisterProfileListener in, deviceId = %s, deviceUdid = %s, uuid = %s", info.deviceId, deviceUdid.c_str(), uuid.c_str()); + profileAdapter->RegisterProfileListener(pkgName, deviceUdid, shared_from_this()); LOGI("RegisterProfileListener out"); } } @@ -87,6 +88,7 @@ void DmDeviceStateManager::OnDeviceOffline(const std::string &pkgName, const DmD if (profileAdapter == nullptr) { LOGE("OnDeviceOffline profile adapter is null"); } else { + profileAdapter->UnRegisterProfileListener(pkgName); std::string uuid; SoftbusConnector::GetUuidByNetworkId(info.deviceId, uuid); auto iter = remoteDeviceInfos_.find(std::string(info.deviceId)); diff --git a/services/devicemanagerservice/src/ipc/standard/ipc_server_stub.cpp b/services/devicemanagerservice/src/ipc/standard/ipc_server_stub.cpp index dc2d74a920f0e4421eb41aade49240a86f2c1d4f..ff7e3a14886a0b544c8234831e4f51adef54a387 100644 --- a/services/devicemanagerservice/src/ipc/standard/ipc_server_stub.cpp +++ b/services/devicemanagerservice/src/ipc/standard/ipc_server_stub.cpp @@ -104,9 +104,9 @@ int32_t IpcServerStub::SendCmd(int32_t cmdCode, std::shared_ptr req, std int32_t ret = IpcCmdRegister::GetInstance().OnIpcCmd(cmdCode, data, reply); if (ret == DM_IPC_NOT_REGISTER_FUNC) { LOGW("unsupport code: %d", cmdCode); - return IpcCmdRegister::GetInstance().ReadResponse(cmdCode, reply, rsp); + return IPCObjectStub::OnRemoteRequest(cmdCode, data, reply, option); } - return ret; + return IpcCmdRegister::GetInstance().ReadResponse(cmdCode, reply, rsp); } ServiceRunningState IpcServerStub::QueryServiceState() const diff --git a/utils/BUILD.gn b/utils/BUILD.gn index 7080341e1f3ff8f63d0eb2955960a14cd2b550b7..ed13a0b4e6a0fe00ffb46e4799050d51af3b7c9c 100644 --- a/utils/BUILD.gn +++ b/utils/BUILD.gn @@ -30,6 +30,7 @@ if (defined(ohos_lite)) { "${common_path}/include", "${common_path}/include/ipc", "${common_path}/include/ipc/model", + "include/permission/standard", ] } @@ -39,6 +40,7 @@ if (defined(ohos_lite)) { "src/dm_log.cpp", "src/dm_random.cpp", "src/ipc/standard/ipc_cmd_register.cpp", + "src/permission/standard/permission_manager.cpp", ] public_configs = [ ":devicemanagerutils_config" ] @@ -49,11 +51,19 @@ if (defined(ohos_lite)) { "LOG_DOMAIN=0xD004100", ] - deps = [ "//third_party/mbedtls:mbedtls_shared" ] + deps = [ + "//foundation/aafwk/standard/interfaces/innerkits/want:want", + "//third_party/mbedtls:mbedtls_shared", + ] external_deps = [ + "access_token:libaccesstoken_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", + "safwk:system_ability_fwk", + "samgr_standard:samgr_proxy", "utils_base:utils", ] diff --git a/utils/include/permission/lite/permission_manager.h b/utils/include/permission/lite/permission_manager.h new file mode 100644 index 0000000000000000000000000000000000000000..fa0b937568c1957510bee7b6c54c4cefe5d3a3a7 --- /dev/null +++ b/utils/include/permission/lite/permission_manager.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_DM_PERMISSION_MANAGER_H +#define OHOS_DM_PERMISSION_MANAGER_H + +#include "single_instance.h" + +namespace OHOS { +namespace DistributedHardware { +class PermissionManager { + DECLARE_SINGLE_INSTANCE(PermissionManager); + +public: + bool CheckPermission(void); +}; +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_DM_PERMISSION_MANAGER_H diff --git a/utils/include/permission/standard/permission_manager.h b/utils/include/permission/standard/permission_manager.h new file mode 100644 index 0000000000000000000000000000000000000000..fa0b937568c1957510bee7b6c54c4cefe5d3a3a7 --- /dev/null +++ b/utils/include/permission/standard/permission_manager.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_DM_PERMISSION_MANAGER_H +#define OHOS_DM_PERMISSION_MANAGER_H + +#include "single_instance.h" + +namespace OHOS { +namespace DistributedHardware { +class PermissionManager { + DECLARE_SINGLE_INSTANCE(PermissionManager); + +public: + bool CheckPermission(void); +}; +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_DM_PERMISSION_MANAGER_H diff --git a/utils/src/permission/lite/permission_manager.cpp b/utils/src/permission/lite/permission_manager.cpp new file mode 100644 index 0000000000000000000000000000000000000000..356a131314033f8c1ccfa74ed6840b44e509b525 --- /dev/null +++ b/utils/src/permission/lite/permission_manager.cpp @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_manager.h" + +namespace OHOS { +namespace DistributedHardware { +IMPLEMENT_SINGLE_INSTANCE(PermissionManager); + +bool PermissionManager::CheckPermission(void) +{ + return true; +} +} // namespace DistributedHardware +} // namespace OHOS diff --git a/utils/src/permission/standard/permission_manager.cpp b/utils/src/permission/standard/permission_manager.cpp new file mode 100644 index 0000000000000000000000000000000000000000..82a0ad7af8391dad1054f3a94890cd40350d1886 --- /dev/null +++ b/utils/src/permission/standard/permission_manager.cpp @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_manager.h" + +#include "bundle_constants.h" +#include "bundle_info.h" +#include "bundle_mgr_client.h" +#include "bundle_mgr_interface.h" +#include "if_system_ability_manager.h" +#include "iservice_registry.h" +#include "system_ability_definition.h" +#include "ipc_skeleton.h" +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "accesstoken_kit.h" +#include "dm_log.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::Constants; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +namespace DistributedHardware { +IMPLEMENT_SINGLE_INSTANCE(PermissionManager); + +bool PermissionManager::CheckPermission(void) +{ + LOGI("Enter PermissionManager::CheckPermission"); + AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); + if (tokenCaller == 0) { + LOGI("PermissionManager::tokenCaller == 0"); + return false; + } + LOGI("PermissionManager::tokenCaller ID == %d", tokenCaller); + + ATokenTypeEnum tokenTypeFlag = AccessTokenKit::GetTokenTypeFlag(tokenCaller); + if (tokenTypeFlag == ATokenTypeEnum::TOKEN_HAP) { + int32_t uid = IPCSkeleton::GetCallingUid(); + if (uid < 0) { + LOGI("app caller uid is: %d,", uid); + return false; + } + + sptr systemAbilityManager = + SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemAbilityManager == nullptr) { + LOGE("failed to get system ability mgr."); + return true; + } + sptr remoteObject = systemAbilityManager->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); + if (remoteObject == nullptr) { + LOGE("failed to get bundle manager proxy."); + return true; + } + + LOGI("get bundle manager proxy success."); + sptr iBundleMgr = iface_cast(remoteObject); + if (iBundleMgr == nullptr) { + LOGI("iBundleMgr is nullptr, caller may be a process"); + return true; + } + LOGI("PermissionManager::tokenTypeFlag is hap process"); + return iBundleMgr->CheckIsSystemAppByUid(uid); + } else if (tokenTypeFlag == ATokenTypeEnum::TOKEN_NATIVE) { + LOGI("PermissionManager::tokenTypeFlag is native process"); + return true; + } else { + LOGI("PermissionManager::invalid tokenTypeFlag"); + return false; + } +} +} // namespace DistributedHardware +} // namespace OHOS