diff --git a/interfaces/kits/js/file_share/grant_uri_permission.cpp b/interfaces/kits/js/file_share/grant_uri_permission.cpp index e1c3de4c7f57d63dec4cd1710661c3b3181da9a7..6f4d50ad6cd8913ae31a6cfa7eff51389e4b3590 100644 --- a/interfaces/kits/js/file_share/grant_uri_permission.cpp +++ b/interfaces/kits/js/file_share/grant_uri_permission.cpp @@ -155,7 +155,7 @@ namespace ModuleFileShare { int32_t fileId = stoi(idStr); int32_t filesType = GetMediaTypeAndApiFromUri(uri.GetPath(), isApi10); valuesBucket.Put(PERMISSION_FILE_ID, fileId); - valuesBucket.Put(PERMISSION_BUNDLE_NAME, uri.GetAuthority()); + valuesBucket.Put(PERMISSION_BUNDLE_NAME, uriPermInfo.bundleName); valuesBucket.Put(PERMISSION_MODE, uriPermInfo.mode); valuesBucket.Put(PERMISSION_TABLE_TYPE, filesType); return 0; @@ -181,21 +181,36 @@ namespace ModuleFileShare { { Uri uri(uriPermInfo.uri); string authority = uri.GetAuthority(); - string scheme = uri.GetScheme(); string path = uri.GetPath(); - - if (scheme == FILE_SCHEME) { - if (authority == MEDIA_AUTHORITY && path.find(".") == string::npos) { - return GrantInMediaLibrary(uriPermInfo, uri); - } else { - auto& uriPermissionClient = AAFwk::UriPermissionManagerClient::GetInstance(); - return uriPermissionClient.GrantUriPermission(uri, uriPermInfo.flag, + if (authority == MEDIA_AUTHORITY && path.find(".") == string::npos) { + return GrantInMediaLibrary(uriPermInfo, uri); + } else { + auto& uriPermissionClient = AAFwk::UriPermissionManagerClient::GetInstance(); + int ret = uriPermissionClient.GrantUriPermission(uri, uriPermInfo.flag, uriPermInfo.bundleName, 1); + if (ret != 0) { + LOGE("uriPermissionClient.GrantUriPermission failed!"); + return -EINVAL; } - } else { - LOGE("FileShare::GetJSArgs get uri parameter failed!"); - return -EINVAL; } + + return 0; + } + + static bool CheckValidPublicUri(const string &inputUri) + { + Uri uri(inputUri); + string scheme = uri.GetScheme(); + if (scheme != FILE_SCHEME) { + return false; + } + + string authority = uri.GetAuthority(); + if (authority != MEDIA_AUTHORITY && authority != FILE_MANAGER_AUTHORITY) { + return false; + } + + return true; } static bool GetJSArgs(napi_env env, const NFuncArg &funcArg, UriPermissionInfo &uriPermInfo) @@ -206,7 +221,15 @@ namespace ModuleFileShare { NError(EINVAL).ThrowErr(env); return false; } + uriPermInfo.uri = string(uri.get()); + if (!CheckValidPublicUri(uriPermInfo.uri)) { + LOGE("FileShare::GetJSArgs uri = %{private}s parameter format error!", uriPermInfo.uri.c_str()); + NError(EINVAL).ThrowErr(env); + return false; + } + + LOGD("FileShare::GetJSArgs uri = %{private}s", uriPermInfo.uri.c_str()); auto [succBundleName, bundleName, lenBundleName] = NVal(env, funcArg[NARG_POS::SECOND]).ToUTF8String(); if (!succBundleName) { diff --git a/interfaces/kits/js/file_share/grant_uri_permission.h b/interfaces/kits/js/file_share/grant_uri_permission.h index e722e292aa49d04fb6b342286ce5d23fd74f5824..30711a796422d1969257595ca4f6e31d5b400345 100644 --- a/interfaces/kits/js/file_share/grant_uri_permission.h +++ b/interfaces/kits/js/file_share/grant_uri_permission.h @@ -37,6 +37,7 @@ const string PERMISSION_MODE = "mode"; const string MEDIA_AUTHORITY = "media"; const string FILE_SCHEME = "file"; const string PERMISSION_TABLE_TYPE = "table_type"; +const string FILE_MANAGER_AUTHORITY = "docs"; const string MEDIA_FILE_URI_PHOTO_PREFEX = "file://media/Photo/"; const string MEDIA_FILE_URI_AUDIO_PREFEX = "file://media/Audio/"; const string MEDIA_FILE_URI_VIDEO_PREFEX = "file://media/video/";