diff --git a/bundle.json b/bundle.json index 4d2f156934a69f8c535b99633854aff02964c740..72577798116f7f68f04779cbe2c781c4749d950a 100644 --- a/bundle.json +++ b/bundle.json @@ -55,7 +55,8 @@ "safwk", "drivers_interface_camera", "access_token", - "av_codec" + "av_codec", + "os_account" ] }, "build": { diff --git a/distributedcamera.gni b/distributedcamera.gni index 0b3ebc4830d4cd796e27448361b7cffaad40d740..a7a3a3cf54cfe7ba40ff01283ce318cffbbb5124 100644 --- a/distributedcamera.gni +++ b/distributedcamera.gni @@ -50,4 +50,11 @@ declare_args() { !defined(global_parts_info.security_device_security_level)) { device_security_level_camera = false } + + if (!defined(global_parts_info) || + defined(global_parts_info.account_os_account)) { + os_account_camera = true + } else { + os_account_camera = false + } } diff --git a/services/cameraservice/base/include/dcamera_capture_info_cmd.h b/services/cameraservice/base/include/dcamera_capture_info_cmd.h index 5e79e429c8503eccc641eb2090f592c10fd8372f..e8e25c01a220befb30fe808df34c0dc5300b76cf 100644 --- a/services/cameraservice/base/include/dcamera_capture_info_cmd.h +++ b/services/cameraservice/base/include/dcamera_capture_info_cmd.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -42,6 +42,9 @@ public: std::string command_; std::vector> value_; int32_t sceneMode_; + int32_t userId_; + uint64_t tokenId_; + std::string accountId_; public: int32_t Marshal(std::string& jsonStr); diff --git a/services/cameraservice/base/include/icamera_controller.h b/services/cameraservice/base/include/icamera_controller.h index 79b6eb9a1ebe7e1061c455629568161e82b8e956..7c0884bd48c14c37149e1ff09963e11176ecdbc3 100644 --- a/services/cameraservice/base/include/icamera_controller.h +++ b/services/cameraservice/base/include/icamera_controller.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -44,6 +44,7 @@ public: virtual int32_t PauseDistributedHardware(const std::string &networkId) = 0; virtual int32_t ResumeDistributedHardware(const std::string &networkId) = 0; virtual int32_t StopDistributedHardware(const std::string &networkId) = 0; + virtual void SetTokenId(uint64_t token) = 0; }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/cameraservice/base/src/dcamera_capture_info_cmd.cpp b/services/cameraservice/base/src/dcamera_capture_info_cmd.cpp index 97206641066d49f24163c65705df845ef484d3fd..13014ff857eba6fe6c344e1293580b2df19e53fd 100644 --- a/services/cameraservice/base/src/dcamera_capture_info_cmd.cpp +++ b/services/cameraservice/base/src/dcamera_capture_info_cmd.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,9 +24,8 @@ namespace DistributedHardware { int32_t DCameraCaptureInfoCmd::Marshal(std::string& jsonStr) { cJSON *rootValue = cJSON_CreateObject(); - if (rootValue == nullptr) { - return DCAMERA_BAD_VALUE; - } + CHECK_NULL_RETURN((rootValue == nullptr), DCAMERA_BAD_VALUE); + cJSON_AddStringToObject(rootValue, "Type", type_.c_str()); cJSON_AddStringToObject(rootValue, "dhId", dhId_.c_str()); cJSON_AddStringToObject(rootValue, "Command", command_.c_str()); @@ -36,10 +35,7 @@ int32_t DCameraCaptureInfoCmd::Marshal(std::string& jsonStr) cJSON_AddItemToObject(rootValue, "Value", captureInfos); for (auto iter = value_.begin(); iter != value_.end(); iter++) { std::shared_ptr capture = *iter; - if (capture == nullptr) { - cJSON_Delete(rootValue); - return DCAMERA_BAD_VALUE; - } + CHECK_NULL_FREE_RETURN(capture, DCAMERA_BAD_VALUE, rootValue); cJSON *captureInfo = cJSON_CreateObject(); CHECK_NULL_FREE_RETURN(captureInfo, DCAMERA_BAD_VALUE, rootValue); cJSON_AddItemToArray(captureInfos, captureInfo); @@ -63,6 +59,9 @@ int32_t DCameraCaptureInfoCmd::Marshal(std::string& jsonStr) } } cJSON_AddNumberToObject(rootValue, "mode", sceneMode_); + cJSON_AddNumberToObject(rootValue, "userId", userId_); + cJSON_AddNumberToObject(rootValue, "tokenId", tokenId_); + cJSON_AddStringToObject(rootValue, "accountId", accountId_.c_str()); char *data = cJSON_Print(rootValue); if (data == nullptr) { @@ -78,21 +77,16 @@ int32_t DCameraCaptureInfoCmd::Marshal(std::string& jsonStr) int32_t DCameraCaptureInfoCmd::Unmarshal(const std::string& jsonStr) { cJSON *rootValue = cJSON_Parse(jsonStr.c_str()); - if (rootValue == nullptr) { - return DCAMERA_BAD_VALUE; - } + CHECK_NULL_RETURN((rootValue == nullptr), DCAMERA_BAD_VALUE); + cJSON *type = cJSON_GetObjectItemCaseSensitive(rootValue, "Type"); - if (type == nullptr || !cJSON_IsString(type) || (type->valuestring == nullptr)) { - cJSON_Delete(rootValue); - return DCAMERA_BAD_VALUE; - } + CHECK_AND_FREE_RETURN_RET_LOG((type == nullptr || !cJSON_IsString(type) || (type->valuestring == nullptr)), + DCAMERA_BAD_VALUE, rootValue, "type parse fail."); type_ = type->valuestring; cJSON *dhId = cJSON_GetObjectItemCaseSensitive(rootValue, "dhId"); - if (dhId == nullptr || !cJSON_IsString(dhId) || (dhId->valuestring == nullptr)) { - cJSON_Delete(rootValue); - return DCAMERA_BAD_VALUE; - } + CHECK_AND_FREE_RETURN_RET_LOG((dhId == nullptr || !cJSON_IsString(dhId) || (dhId->valuestring == nullptr)), + DCAMERA_BAD_VALUE, rootValue, "dhId parse fail."); dhId_ = dhId->valuestring; cJSON *command = cJSON_GetObjectItemCaseSensitive(rootValue, "Command"); @@ -110,6 +104,24 @@ int32_t DCameraCaptureInfoCmd::Unmarshal(const std::string& jsonStr) } else { sceneMode_ = mode->valueint; } + cJSON *userId = cJSON_GetObjectItemCaseSensitive(rootValue, "userId"); + if (userId == nullptr || !cJSON_IsNumber(userId)) { + userId_ = -1; + } else { + userId_ = userId->valueint; + } + cJSON *tokenId = cJSON_GetObjectItemCaseSensitive(rootValue, "tokenId"); + if (tokenId == nullptr || !cJSON_IsNumber(tokenId)) { + tokenId_ = 0; + } else { + tokenId_ = tokenId->valueint; + } + cJSON *accountId = cJSON_GetObjectItemCaseSensitive(rootValue, "accountId"); + if (accountId == nullptr || !cJSON_IsString(accountId) || (accountId->valuestring == nullptr)) { + accountId_ = ""; + } else { + accountId_ = accountId->valuestring; + } cJSON_Delete(rootValue); return ret; } diff --git a/services/cameraservice/base/test/unittest/common/base/dcamera_capture_info_cmd_test.cpp b/services/cameraservice/base/test/unittest/common/base/dcamera_capture_info_cmd_test.cpp index 47027af2c1c0d6153028cc3bdd3cf05c1bd059b7..19d58ec902a98c17d7a3c049888e6f1e84c8c598 100755 --- a/services/cameraservice/base/test/unittest/common/base/dcamera_capture_info_cmd_test.cpp +++ b/services/cameraservice/base/test/unittest/common/base/dcamera_capture_info_cmd_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -330,6 +330,21 @@ static const std::string TEST_CAPTURE_INFO_CMD_JSON_CAPTURESETTINGS_BODY_VALUE_E ] })"; +static const std::string TEST_CAPTURE_INFO_CMD_JSON_CAPTURESETTINGS_CHECK = R"({ + "Type": "OPERATION", + "dhId": "camrea_0", + "Command": "CAPTURE", + "Value": [ + {"Width": 1920, "Height": 1080, "Format": 1, "DataSpace": 1, + "IsCapture":true, "EncodeType": 1, "StreamType": 1, + "CaptureSettings": [{"SettingType": 1, "SettingValue": 0}]} + ], + "mode": 1, + "userId": 100, + "tokenId": 0, + "accountId": "accountId" +})"; + void DCameraCaptureInfoCmdlTest::SetUpTestCase(void) { @@ -463,6 +478,9 @@ HWTEST_F(DCameraCaptureInfoCmdlTest, Unmarshal_003, TestSize.Level1) ret = cmd.Unmarshal(TEST_CAPTURE_INFO_CMD_JSON_VALUE_ARRAY); EXPECT_EQ(DCAMERA_BAD_VALUE, ret); + + ret = cmd.Unmarshal(TEST_CAPTURE_INFO_CMD_JSON_CAPTURESETTINGS_CHECK); + EXPECT_EQ(DCAMERA_BAD_VALUE, ret); } HWTEST_F(DCameraCaptureInfoCmdlTest, Unmarshal_004, TestSize.Level1) diff --git a/services/cameraservice/sinkservice/BUILD.gn b/services/cameraservice/sinkservice/BUILD.gn index fd93d2d8ee2e7c6efba2e5e36761c4963a6dd208..7aea5b3c1d91ce05b108c515be33f789015a12d1 100644 --- a/services/cameraservice/sinkservice/BUILD.gn +++ b/services/cameraservice/sinkservice/BUILD.gn @@ -106,9 +106,14 @@ ohos_shared_library("distributed_camera_sink") { defines += [ "DUMP_DCAMERA_FILE" ] } + if (os_account_camera) { + defines += [ "OS_ACCOUNT_ENABLE" ] + } + external_deps = [ "access_token:libaccesstoken_sdk", "access_token:libtokenid_sdk", + "access_token:libtokensetproc_shared", "cJSON:cjson", "c_utils:utils", "camera_framework:camera_framework", @@ -128,6 +133,13 @@ ohos_shared_library("distributed_camera_sink") { "samgr:samgr_proxy", ] + if (os_account_camera) { + external_deps += [ + "os_account:libaccountkits", + "os_account:os_account_innerkits", + ] + } + if (device_security_level_camera) { external_deps += [ "device_security_level:dslm_sdk" ] defines += [ "DEVICE_SECURITY_LEVEL_ENABLE" ] diff --git a/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_controller.h b/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_controller.h index 3660d51ef58d181b05b89c8962d72d5af3d1f385..441b12eaedb83711b6a9ea16a4148549f10de6ef 100644 --- a/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_controller.h +++ b/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_controller.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -53,6 +53,7 @@ public: int32_t PauseDistributedHardware(const std::string &networkId) override; int32_t ResumeDistributedHardware(const std::string &networkId) override; int32_t StopDistributedHardware(const std::string &networkId) override; + void SetTokenId(uint64_t token) override; void OnStateChanged(std::shared_ptr& event); void OnMetadataResult(std::vector>& settings); @@ -85,6 +86,7 @@ private: void ProcessPostAuthorization(const AppExecFwk::InnerEvent::Pointer &event); int32_t CreateCtrlSession(); int32_t CheckSensitive(); + bool CheckAclRight(); bool isInit_; int32_t sessionState_; @@ -105,6 +107,10 @@ private: bool isSameAccount_ = false; bool isCheckSecLevel_ = false; int32_t sceneMode_ = 0; + int32_t userId_ = -1; + uint64_t tokenId_ = 0; + uint64_t sinkTokenId_ = 0; + std::string accountId_ = ""; const std::string SESSION_FLAG = "control"; const std::string SRC_TYPE = "camera"; diff --git a/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_dev.h b/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_dev.h index 8d6c15fd6b02173dac9389f17f960f58069658a1..0c8d4c0d2f443f7dc51ae6a803d6e7f4aceef754 100644 --- a/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_dev.h +++ b/services/cameraservice/sinkservice/include/distributedcameramgr/dcamera_sink_dev.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -44,6 +44,7 @@ public: int32_t PauseDistributedHardware(const std::string &networkId); int32_t ResumeDistributedHardware(const std::string &networkId); int32_t StopDistributedHardware(const std::string &networkId); + void SetTokenId(uint64_t token); private: bool isInit_; @@ -51,6 +52,7 @@ private: std::shared_ptr controller_; std::shared_ptr accessControl_; sptr sinkCallback_; + uint64_t tokenId_ = 0; }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp b/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp index 1c6f2407cff304ac0001082c3a8be172d65648ca..8d456ca797b27201262a931208bb73ce25929179 100644 --- a/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp +++ b/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -30,6 +30,7 @@ #include "distributed_camera_allconnect_manager.h" #include "distributed_camera_errno.h" #include "distributed_hardware_log.h" +#include "token_setproc.h" namespace OHOS { namespace DistributedHardware { @@ -111,6 +112,7 @@ int32_t DistributedCameraSinkService::InitSink(const std::string& params, g_camDump.camNumber = static_cast(cameras.size()); for (auto& dhId : cameras) { std::shared_ptr sinkDevice = std::make_shared(dhId, sinkCallback); + sinkDevice->SetTokenId(GetFirstCallerTokenID()); ret = sinkDevice->Init(); CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK, ret, "sink device init failed, ret: %{public}d", ret); { diff --git a/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_controller.cpp b/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_controller.cpp index 089bbfcec5989e3a9eb65e3a5cb6a973ae9f8e06..09b9e7b8aba7d673c0a52d96781c589c3ec689a3 100644 --- a/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_controller.cpp +++ b/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_controller.cpp @@ -42,6 +42,10 @@ #include "idistributed_camera_source.h" #include "ipc_skeleton.h" #include "dcamera_low_latency.h" +#ifdef OS_ACCOUNT_ENABLE +#include "ohos_account_kits.h" +#include "os_account_manager.h" +#endif #include namespace OHOS { @@ -550,18 +554,18 @@ void DCameraSinkController::OnSessionState(int32_t state, std::string networkId) DHLOGI("channel is disconnected"); ffrt::submit([this]() { DHLOGI("DCameraSinkController::OnSessionState %{public}s new thread session state: %{public}d", - GetAnonyString(dhId_).c_str(), sessionState_); + GetAnonyString(dhId_).c_str(), sessionState_); prctl(PR_SET_NAME, CHANNEL_DISCONNECTED.c_str()); std::lock_guard autoLock(autoLock_); int32_t ret = CloseChannel(); if (ret != DCAMERA_OK) { DHLOGE("session state: %{public}d, %{public}s close channel failed, ret: %{public}d", - sessionState_, GetAnonyString(dhId_).c_str(), ret); + sessionState_, GetAnonyString(dhId_).c_str(), ret); } ret = StopCapture(); if (ret != DCAMERA_OK) { DHLOGE("session state: %{public}d, %{public}s stop capture failed, ret: %{public}d", - sessionState_, GetAnonyString(dhId_).c_str(), ret); + sessionState_, GetAnonyString(dhId_).c_str(), ret); } }); break; @@ -668,6 +672,13 @@ int32_t DCameraSinkController::HandleReceivedData(std::shared_ptr& d return ret; } sceneMode_ = captureInfoCmd.sceneMode_; + userId_ = captureInfoCmd.userId_; + tokenId_ = captureInfoCmd.tokenId_; + accountId_ = captureInfoCmd.accountId_; + if (!CheckAclRight()) { + DHLOGE("ACL check failed."); + return DCAMERA_BAD_VALUE; + } return StartCapture(captureInfoCmd.value_, sceneMode_); } else if ((!command.empty()) && (command.compare(DCAMERA_PROTOCOL_CMD_UPDATE_METADATA) == 0)) { DCameraMetadataSettingCmd metadataSettingCmd; @@ -684,6 +695,54 @@ int32_t DCameraSinkController::HandleReceivedData(std::shared_ptr& d return DCAMERA_BAD_VALUE; } +bool DCameraSinkController::CheckAclRight() +{ + if (userId_ == -1) { + DHLOGI("Acl check version compatibility processing."); + return true; + } + std::string sinkDevId; + int32_t ret = GetLocalDeviceNetworkId(sinkDevId); + CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK, false, "GetLocalDeviceNetworkId failed, ret: %{public}d", ret); + int32_t userId = -1; + std::string accountId = ""; +#ifdef OS_ACCOUNT_ENABLE + std::vector ids; + ret = AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids); + CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK || ids.empty(), false, + "Get userId from active os accountIds fail, ret: %{public}d", ret); + userId = ids[0]; + + AccountSA::OhosAccountInfo osAccountInfo; + ret = AccountSA::OhosAccountKits::GetInstance().GetOhosAccountInfo(osAccountInfo); + CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK, false, + "Get accountId from ohos account info fail, ret: %{public}d", ret); + accountId = osAccountInfo.uid_; +#endif + ret = DeviceManager::GetInstance().InitDeviceManager(DCAMERA_PKG_NAME, initCallback_); + if (ret != DCAMERA_OK) { + DHLOGE("InitDeviceManager failed ret = %{public}d", ret); + return false; + } + DmAccessCaller dmSrcCaller = { + .accountId = accountId_, + .pkgName = DCAMERA_PKG_NAME, + .networkId = srcDevId_, + .userId = userId_, + .tokenId = tokenId_, + }; + DmAccessCallee dmDstCallee = { + .networkId = sinkDevId, + .accountId = accountId, + .userId = userId, + .tokenId = sinkTokenId_, + .pkgName = DCAMERA_PKG_NAME, + }; + DHLOGI("CheckAclRight srcDevId: %{public}s, accountId: %{public}s, sinkDevId: %{public}s", + GetAnonyString(srcDevId_).c_str(), GetAnonyString(accountId).c_str(), GetAnonyString(sinkDevId).c_str()); + return DeviceManager::GetInstance().CheckSinkAccessControl(dmSrcCaller, dmDstCallee); +} + int32_t DCameraSinkController::PauseDistributedHardware(const std::string &networkId) { DHLOGI("Pause distributed hardware dhId: %{public}s", GetAnonyString(dhId_).c_str()); @@ -822,6 +881,11 @@ bool DCameraSinkController::CheckPermission() return uid == DCAMERA_UID; } +void DCameraSinkController::SetTokenId(uint64_t token) +{ + sinkTokenId_ = token; +} + void DeviceInitCallback::OnRemoteDied() { DHLOGI("DeviceInitCallback OnRemoteDied"); diff --git a/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_dev.cpp b/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_dev.cpp index b2581d87e5fbd8debdd96bf5824e9eedbfa09bea..9185dbb947f163f2a9b4e4bff2c2ec7363ee88fa 100644 --- a/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_dev.cpp +++ b/services/cameraservice/sinkservice/src/distributedcameramgr/dcamera_sink_dev.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -45,6 +45,7 @@ int32_t DCameraSinkDev::Init() DHLOGI("Init dhId: %{public}s", GetAnonyString(dhId_).c_str()); accessControl_ = std::make_shared(); controller_ = std::make_shared(accessControl_, sinkCallback_); + controller_->SetTokenId(tokenId_); DCameraIndex index("", dhId_); std::vector indexs; indexs.push_back(index); @@ -210,5 +211,10 @@ int32_t DCameraSinkDev::StopDistributedHardware(const std::string &networkId) return controller_->StopDistributedHardware(networkId); } + +void DCameraSinkDev::SetTokenId(uint64_t token) +{ + tokenId_ = token; +} } // namespace DistributedHardware } // namespace OHOS \ No newline at end of file diff --git a/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/dcamera_sink_controller_test.cpp b/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/dcamera_sink_controller_test.cpp index e4e6278808d30361fa9c05acdf220532958f753e..5459cee7b1903caf75ecec80b9cf6d9e22a09670 100644 --- a/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/dcamera_sink_controller_test.cpp +++ b/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/dcamera_sink_controller_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -798,5 +798,17 @@ HWTEST_F(DCameraSinkControllerTest, dcamera_sink_controller_test_035, TestSize.L EXPECT_EQ(result, DCAMERA_BAD_VALUE); } +/** + * @tc.name: dcamera_sink_controller_test_036 + * @tc.desc: Verify function. + * @tc.type: FUNC + * @tc.require: DTS + */ +HWTEST_F(DCameraSinkControllerTest, dcamera_sink_controller_test_036, TestSize.Level1) +{ + EXPECT_TRUE(controller_->CheckAclRight()); + controller_->userId_ = 100; + EXPECT_FALSE(controller_->CheckAclRight()); +} } // namespace DistributedHardware } // namespace OHOS \ No newline at end of file diff --git a/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/mock_dcamera_sink_controller.h b/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/mock_dcamera_sink_controller.h index dec6dbd0aa9fe7b36ea5e46b3127b74a1585a0e1..3d1d4cfd4005e2e4e3b497c7168712742b3fd405 100644 --- a/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/mock_dcamera_sink_controller.h +++ b/services/cameraservice/sinkservice/test/unittest/common/distributedcameramgr/mock_dcamera_sink_controller.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -93,6 +93,9 @@ public: { return DCAMERA_OK; } + void SetTokenId(uint64_t token) + { + } }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/cameraservice/sourceservice/BUILD.gn b/services/cameraservice/sourceservice/BUILD.gn index 4b6bc9309ea45436809d35b1fcdab4cf38b0d449..8c2b1d96ea9d58817b5b889f7b5ad4762e59fcde 100644 --- a/services/cameraservice/sourceservice/BUILD.gn +++ b/services/cameraservice/sourceservice/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2021-2024 Huawei Device Co., Ltd. +# Copyright (c) 2021-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -119,6 +119,10 @@ ohos_shared_library("distributed_camera_source") { defines += [ "DUMP_DCAMERA_FILE" ] } + if (os_account_camera) { + defines += [ "OS_ACCOUNT_ENABLE" ] + } + if (!distributed_camera_common) { cflags = [ "-DDCAMERA_MMAP_RESERVE" ] } @@ -126,10 +130,12 @@ ohos_shared_library("distributed_camera_source") { external_deps = [ "access_token:libaccesstoken_sdk", "access_token:libtokenid_sdk", + "access_token:libtokensetproc_shared", "av_codec:av_codec_client", "cJSON:cjson", "c_utils:utils", "camera_framework:camera_framework", + "device_manager:devicemanagersdk", "distributed_hardware_fwk:distributed_av_receiver", "distributed_hardware_fwk:distributedhardwareutils", "distributed_hardware_fwk:libdhfwk_sdk", @@ -151,6 +157,13 @@ ohos_shared_library("distributed_camera_source") { "samgr:samgr_proxy", ] + if (os_account_camera) { + external_deps += [ + "os_account:libaccountkits", + "os_account:os_account_innerkits", + ] + } + subsystem_name = "distributedhardware" part_name = "distributed_camera" diff --git a/services/cameraservice/sourceservice/include/distributedcameramgr/dcamera_source_dev.h b/services/cameraservice/sourceservice/include/distributedcameramgr/dcamera_source_dev.h index eadc30abf835be8b1bef90205527acf6c05ca95a..15484d2373f92a20e5ee450e819ecdd26d556b1f 100644 --- a/services/cameraservice/sourceservice/include/distributedcameramgr/dcamera_source_dev.h +++ b/services/cameraservice/sourceservice/include/distributedcameramgr/dcamera_source_dev.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -69,6 +69,7 @@ public: void SetHicollieFlag(bool flag); bool GetHicollieFlag(); int32_t GetFullCaps(); + void SetTokenId(uint64_t token); class DCameraSourceDevEventHandler : public AppExecFwk::EventHandler { public: @@ -120,6 +121,7 @@ private: std::atomic hicollieFlag_ = true; sptr hdiCallback_; int32_t sceneMode_ = 0; + uint64_t tokenId_ = 0; std::map memberFuncMap_; std::map eventResultMap_; diff --git a/services/cameraservice/sourceservice/include/distributedcameramgr/dcameracontrol/dcamera_source_controller.h b/services/cameraservice/sourceservice/include/distributedcameramgr/dcameracontrol/dcamera_source_controller.h index e5c4aca0e46433d30396fa2baf3d78e6b9d2ab73..7e7bb41756f15cf415ab923f8b0bb7fd7000512f 100644 --- a/services/cameraservice/sourceservice/include/distributedcameramgr/dcameracontrol/dcamera_source_controller.h +++ b/services/cameraservice/sourceservice/include/distributedcameramgr/dcameracontrol/dcamera_source_controller.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -24,6 +24,7 @@ #include "dcamera_source_state_machine.h" #include "icamera_channel.h" #include "iremote_object.h" +#include "device_manager.h" #include "v1_1/id_camera_provider.h" @@ -48,6 +49,7 @@ public: int32_t PauseDistributedHardware(const std::string &networkId) override; int32_t ResumeDistributedHardware(const std::string &networkId) override; int32_t StopDistributedHardware(const std::string &networkId) override; + void SetTokenId(uint64_t token) override; void OnSessionState(int32_t state, std::string networkId); void OnSessionError(int32_t eventType, int32_t eventReason, std::string detail); @@ -58,6 +60,8 @@ private: void PostChannelDisconnectedEvent(); int32_t PublishEnableLatencyMsg(const std::string& devId); void HandleReceivedData(std::shared_ptr &dataBuffer); + bool CheckAclRight(); + bool GetOsAccountInfo(); class DCameraHdiRecipient : public IRemoteObject::DeathRecipient { public: void OnRemoteDied(const wptr &remote) override; @@ -84,6 +88,14 @@ private: std::atomic isChannelConnected_ = false; std::mutex channelMtx_; std::condition_variable channelCond_; + std::string accountId_ = ""; + int32_t userId_ = -1; + std::string srcDevId_ = ""; + uint64_t tokenId_ = 0; +}; + +class DeviceInitCallback : public DmInitCallback { + void OnRemoteDied() override; }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp index db51843b9e35097c864d0187e32e2ae855b89d0b..3f9a0c3410e15f80a8b05dbaae34016a19d7ada4 100644 --- a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp +++ b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -37,6 +37,7 @@ #include "distributed_camera_errno.h" #include "distributed_hardware_log.h" #include "dcamera_handler.h" +#include "token_setproc.h" namespace OHOS { namespace DistributedHardware { @@ -250,6 +251,7 @@ int32_t DistributedCameraSourceService::RegisterDistributedHardware(const std::s "dcamera source RegisterDistributedHardware fail."); CamDevErase(camIndex); } + camDev->SetTokenId(GetFirstCallerTokenID()); DHLOGI("RegisterDistributedHardware end devId: %{public}s, dhId: %{public}s, sinkVersion: %{public}s", GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str(), params.sinkVersion.c_str()); return ret; diff --git a/services/cameraservice/sourceservice/src/distributedcameramgr/dcamera_source_dev.cpp b/services/cameraservice/sourceservice/src/distributedcameramgr/dcamera_source_dev.cpp index 3c92ae9d86d55b58afffd2a61a4c9bddc8f2b701..595e2e7ba66ba21fe8ba262f25e380cd9b85fded 100644 --- a/services/cameraservice/sourceservice/src/distributedcameramgr/dcamera_source_dev.cpp +++ b/services/cameraservice/sourceservice/src/distributedcameramgr/dcamera_source_dev.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -464,6 +464,7 @@ int32_t DCameraSourceDev::OpenCamera() DHLOGI("DCameraSourceDev Execute OpenCamera devId %{public}s dhId %{public}s", GetAnonyString(devId_).c_str(), GetAnonyString(dhId_).c_str()); ReportCameraOperaterEvent(OPEN_CAMERA_EVENT, GetAnonyString(devId_), dhId_, "execute open camera event."); + controller_->SetTokenId(tokenId_); std::shared_ptr openInfo = std::make_shared(); int32_t ret = GetLocalDeviceNetworkId(openInfo->sourceDevId_); DcameraRadar::GetInstance().ReportDcameraOpen("GetLocalDeviceNetworkId", CameraOpen::OPEN_CAMERA, @@ -874,5 +875,10 @@ bool DCameraSourceDev::GetHicollieFlag() { return hicollieFlag_.load(); } + +void DCameraSourceDev::SetTokenId(uint64_t token) +{ + tokenId_ = token; +} } // namespace DistributedHardware } // namespace OHOS diff --git a/services/cameraservice/sourceservice/src/distributedcameramgr/dcameracontrol/dcamera_source_controller.cpp b/services/cameraservice/sourceservice/src/distributedcameramgr/dcameracontrol/dcamera_source_controller.cpp index 03a477862d33c0b1bb43470641e1802bf40fbca3..08680d05b75d201a17b2a1796cac12b6291002b7 100644 --- a/services/cameraservice/sourceservice/src/distributedcameramgr/dcameracontrol/dcamera_source_controller.cpp +++ b/services/cameraservice/sourceservice/src/distributedcameramgr/dcameracontrol/dcamera_source_controller.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -38,6 +38,10 @@ #include "distributed_hardware_log.h" #include "idistributed_camera_sink.h" #include "dcamera_low_latency.h" +#ifdef OS_ACCOUNT_ENABLE +#include "ohos_account_kits.h" +#include "os_account_manager.h" +#endif namespace OHOS { namespace DistributedHardware { @@ -80,6 +84,9 @@ int32_t DCameraSourceController::StartCapture(std::vector& o std::string devId = indexs_.begin()->devId_; DHLOGI("DCameraSourceController OpenChannel Start, devId: %{public}s, dhId: %{public}s", GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str()); + srcDevId_ = openInfo->sourceDevId_; + if (!CheckAclRight()) { + DHLOGE("ACL check failed."); + return DCAMERA_BAD_OPERATE; + } if (!ManageSelectChannel::GetInstance().GetSrcConnect()) { sptr camSinkSrv = DCameraSourceServiceIpc::GetInstance().GetSinkRemoteCamSrv(devId); if (camSinkSrv == nullptr) { @@ -367,6 +379,53 @@ int32_t DCameraSourceController::OpenChannel(std::shared_ptr& o return PublishEnableLatencyMsg(devId); } +bool DCameraSourceController::CheckAclRight() +{ + if (!GetOsAccountInfo()) { + return false; + } + std::shared_ptr initCallback = std::make_shared(); + int32_t ret = DeviceManager::GetInstance().InitDeviceManager(DCAMERA_PKG_NAME, initCallback); + if (ret != DCAMERA_OK) { + DHLOGE("InitDeviceManager failed ret = %{public}d", ret); + return false; + } + DmAccessCaller dmSrcCaller = { + .accountId = accountId_, + .pkgName = DCAMERA_PKG_NAME, + .networkId = srcDevId_, + .userId = userId_, + .tokenId = tokenId_, + }; + DmAccessCallee dmDstCallee = { + .networkId = devId_, + }; + DHLOGI("CheckAclRight dmSrcCaller networkId: %{public}s, accountId: %{public}s, devId: %{public}s", + GetAnonyString(srcDevId_).c_str(), GetAnonyString(accountId_).c_str(), GetAnonyString(devId_).c_str()); + if (DeviceManager::GetInstance().CheckSrcAccessControl(dmSrcCaller, dmDstCallee)) { + return true; + } + return false; +} + +bool DCameraSourceController::GetOsAccountInfo() +{ +#ifdef OS_ACCOUNT_ENABLE + std::vector ids; + int32_t ret = AccountSA::OsAccountManager::QueryActiveOsAccountIds(ids); + CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK || ids.empty(), false, + "Get userId from active os accountIds fail, ret: %{public}d", ret); + userId_ = ids[0]; + + AccountSA::OhosAccountInfo osAccountInfo; + ret = AccountSA::OhosAccountKits::GetInstance().GetOhosAccountInfo(osAccountInfo); + CHECK_AND_RETURN_RET_LOG(ret != DCAMERA_OK, false, + "Get accountId from ohos account info fail, ret: %{public}d", ret); + accountId_ = osAccountInfo.uid_; +#endif + return true; +} + int32_t DCameraSourceController::CloseChannel() { if (indexs_.empty() || indexs_.size() > DCAMERA_MAX_NUM) { @@ -593,5 +652,15 @@ void DCameraSourceController::DCameraHdiRecipient::OnRemoteDied(const wptrInit(indexs_); EXPECT_EQ(ret, DCAMERA_INIT_ERR); DCameraIndex index1; @@ -536,7 +536,7 @@ HWTEST_F(DCameraSourceControllerTest, dcamera_source_controller_test_015_1, Test std::shared_ptr openInfo = std::make_shared(); int32_t ret = GetLocalDeviceNetworkId(openInfo->sourceDevId_); ret = controller_->OpenChannel(openInfo); - controller_->UnInit(); + ret = controller_->UnInit(); ManageSelectChannel::GetInstance().SetSrcConnect(saved); EXPECT_EQ(ret, DCAMERA_OK); } @@ -764,6 +764,7 @@ HWTEST_F(DCameraSourceControllerTest, dcamera_source_controller_test_023, TestSi } controller_->HandleReceivedData(dataBuffer); cJSON_Delete(metaJson1); + EXPECT_FALSE(controller_->CheckAclRight()); } } diff --git a/services/cameraservice/sourceservice/test/unittest/common/distributedcameramgr/mock_dcamera_source_controller.h b/services/cameraservice/sourceservice/test/unittest/common/distributedcameramgr/mock_dcamera_source_controller.h index a01f611cb4ba38fb7bbdf0670a60884b6b17616d..7e4620765a334afa493be3704ac03b4572892b29 100644 --- a/services/cameraservice/sourceservice/test/unittest/common/distributedcameramgr/mock_dcamera_source_controller.h +++ b/services/cameraservice/sourceservice/test/unittest/common/distributedcameramgr/mock_dcamera_source_controller.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2024 Huawei Device Co., Ltd. + * Copyright (c) 2021-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -85,6 +85,9 @@ public: { return DCAMERA_OK; } + void SetTokenId(uint64_t token) + { + } }; class MockDCameraSourceControllerRetErr : public MockDCameraSourceController { public: