From 5ffd3d9cdbd412cb0091b2472ac90b5de27c73db Mon Sep 17 00:00:00 2001 From: zhengzhuolan Date: Thu, 19 Jun 2025 18:24:10 +0800 Subject: [PATCH 1/2] Add code Signed-off-by: zhengzhuolan --- .../include/advanced_notification_service.h | 2 + .../ans/include/notification_preferences.h | 7 ++++ .../include/notification_preferences_info.h | 3 ++ .../advanced_notification_publish.cpp | 8 ++++ .../advanced_notification_publish_service.cpp | 24 +++++++++++ .../ans/src/advanced_notification_service.cpp | 6 +++ .../advanced_notification_slot_service.cpp | 8 ++++ services/ans/src/notification_preferences.cpp | 41 +++++++++++++++++++ .../ans/src/notification_preferences_info.cpp | 15 +++++++ services/ans/src/system_event_observer.cpp | 6 +++ 10 files changed, 120 insertions(+) diff --git a/services/ans/include/advanced_notification_service.h b/services/ans/include/advanced_notification_service.h index dcd725510..0bef2bee0 100644 --- a/services/ans/include/advanced_notification_service.h +++ b/services/ans/include/advanced_notification_service.h @@ -1332,6 +1332,8 @@ public: bool IsDisableNotification(const std::string &bundleName); + bool IsEnableNotificationByKioskAppTrustList(const std::string &bundleName); + bool IsNeedToControllerByDisableNotification(const sptr &request); void SetAndPublishSubscriberExistFlag(const std::string& deviceType, bool existFlag); diff --git a/services/ans/include/notification_preferences.h b/services/ans/include/notification_preferences.h index 29e10cdaf..2e5f02138 100644 --- a/services/ans/include/notification_preferences.h +++ b/services/ans/include/notification_preferences.h @@ -503,6 +503,12 @@ public: bool SetBundleRemoveFlag(const sptr &bundleOption, const NotificationConstant::SlotType &slotType, int32_t sourceType); + void SetKioskModeStatus(bool isKioskMode); + + bool IsKioskMode(); + + bool GetkioskAppTrustList(std::vector &kioskAppTrustList); + private: bool GetBundleInfo(NotificationPreferencesInfo &preferencesInfo, const sptr &bundleOption, NotificationPreferencesInfo::BundleInfo &info) const; @@ -533,6 +539,7 @@ private: std::shared_ptr preferncesDB_ = nullptr; bool isCachedMirrorNotificationEnabledStatus_ = false; std::vector mirrorNotificationEnabledStatus_ = {}; + bool isKioskMode_ = false; }; } // namespace Notification } // namespace OHOS diff --git a/services/ans/include/notification_preferences_info.h b/services/ans/include/notification_preferences_info.h index 87f75e428..ce9c93cc4 100644 --- a/services/ans/include/notification_preferences_info.h +++ b/services/ans/include/notification_preferences_info.h @@ -324,12 +324,15 @@ public: bool GetDisableNotificationInfo(NotificationDisable ¬ificationDisable); void AddDisableNotificationInfo(const std::string &value); ErrCode GetAllLiveViewEnabledBundles(const int32_t userId, std::vector &bundleOption); + void SetkioskAppTrustList(const std::vector &kioskAppTrustList); + bool GetkioskAppTrustList(std::vector &kioskAppTrustList) const; private: std::map isEnabledAllNotification_; std::map> doNotDisturbDate_; std::map> doNotDisturbProfiles_; std::map infos_; + std::vector kioskAppTrustList_; struct DisableNotificationInfo { int32_t disabled = -1; diff --git a/services/ans/src/advanced_notification_manager/advanced_notification_publish.cpp b/services/ans/src/advanced_notification_manager/advanced_notification_publish.cpp index aa04b8736..52e331fba 100644 --- a/services/ans/src/advanced_notification_manager/advanced_notification_publish.cpp +++ b/services/ans/src/advanced_notification_manager/advanced_notification_publish.cpp @@ -219,6 +219,7 @@ ErrCode AdvancedNotificationService::PublishNotificationForIndirectProxy(const s SetRequestBySlotType(record->request, bundleOption); const int32_t ipcUid = IPCSkeleton::GetCallingUid(); + bool isKioskMode = NotificationPreferences::GetInstance()->IsKioskMode(); ffrt::task_handle handler = notificationSvrQueue_->submit_h([&]() { if (IsDisableNotification(bundle)) { ANS_LOGE("bundle in Disable Notification list, bundleName=%{public}s", bundle.c_str()); @@ -227,6 +228,13 @@ ErrCode AdvancedNotificationService::PublishNotificationForIndirectProxy(const s .ErrorCode(result).Message("bundle in Disable Notification list, bundleName=" + bundle); return; } + if (isKioskMode && !IsEnableNotificationByKioskAppTrustList(bundle)) { + ANS_LOGE("bundle not in kiosk trust list, bundleName=%{public}s", bundle.c_str()); + result = ERR_ANS_REJECTED_WITH_DISABLE_NOTIFICATION; + message.BranchId(EventBranchId::BRANCH_1) + .ErrorCode(result).Message("bundle not in kiosk trust list, bundleName=" + bundle); + return; + } if (AssignValidNotificationSlot(record, bundleOption) != ERR_OK) { ANS_LOGE("Can not assign valid slot!"); } diff --git a/services/ans/src/advanced_notification_publish_service.cpp b/services/ans/src/advanced_notification_publish_service.cpp index 64636a809..c22112cb2 100644 --- a/services/ans/src/advanced_notification_publish_service.cpp +++ b/services/ans/src/advanced_notification_publish_service.cpp @@ -775,12 +775,22 @@ ErrCode AdvancedNotificationService::PublishNotificationBySa(const sptrGetUnifiedGroupInfo(request); #endif + bool isDisable = false; + if (request->IsAgentNotification() && !bundle.empty()) { + isDisable = true; + } + bool isKioskMode = NotificationPreferences::GetInstance()->IsKioskMode(); ffrt::task_handle handler = notificationSvrQueue_->submit_h([&]() { if (!bundle.empty() && IsDisableNotification(bundle)) { ANS_LOGE("bundle in Disable Notification list, bundleName=%{public}s", bundle.c_str()); result = ERR_ANS_REJECTED_WITH_DISABLE_NOTIFICATION; return; } + if (isKioskMode && isDisable && !IsEnableNotificationByKioskAppTrustList(bundle)) { + ANS_LOGE("bundle not in kiosk trust list, bundleName=%{public}s", bundle.c_str()); + result = ERR_ANS_REJECTED_WITH_DISABLE_NOTIFICATION; + return; + } if (!bundleOption->GetBundleName().empty() && !(request->GetSlotType() == NotificationConstant::SlotType::LIVE_VIEW && request->IsAgentNotification())) { ErrCode ret = AssignValidNotificationSlot(record, bundleOption); @@ -1066,6 +1076,20 @@ bool AdvancedNotificationService::IsDisableNotification(const std::string &bundl return false; } +bool AdvancedNotificationService::IsEnableNotificationByKioskAppTrustList(const std::string &bundleName) +{ + std::vector kioskAppTrustList; + if (NotificationPreferences::GetInstance()->GetkioskAppTrustList(kioskAppTrustList)) { + auto it = std::find(kioskAppTrustList.begin(), kioskAppTrustList.end(), bundleName); + if (it != kioskAppTrustList.end()) { + return true; + } + } else { + ANS_LOGD("no kiosk app trust list has been set up"); + } + return false; +} + bool AdvancedNotificationService::IsNeedToControllerByDisableNotification(const sptr &request) { if (request == nullptr) { diff --git a/services/ans/src/advanced_notification_service.cpp b/services/ans/src/advanced_notification_service.cpp index 77b40d6a5..5dbe6e08d 100644 --- a/services/ans/src/advanced_notification_service.cpp +++ b/services/ans/src/advanced_notification_service.cpp @@ -708,6 +708,7 @@ ErrCode AdvancedNotificationService::PublishPreparedNotification(const sptrGetOwnerBundleName(); + bool isKioskMode = NotificationPreferences::GetInstance()->IsKioskMode(); #ifdef ENABLE_ANS_AGGREGATION EXTENTION_WRAPPER->GetUnifiedGroupInfo(request); #endif @@ -719,6 +720,11 @@ ErrCode AdvancedNotificationService::PublishPreparedNotification(const sptrGetOwnerBundleName()).c_str()); + result = ERR_ANS_REJECTED_WITH_DISABLE_NOTIFICATION; + return; + } if (record->request->GetSlotType() == NotificationConstant::SlotType::LIVE_VIEW && !LivePublishProcess::GetInstance()->CheckLocalLiveViewSubscribed(record->request, isUpdateByOwner, uid)) { result = ERR_ANS_INVALID_PARAM; diff --git a/services/ans/src/advanced_notification_slot_service.cpp b/services/ans/src/advanced_notification_slot_service.cpp index 8c833accc..f92271f60 100644 --- a/services/ans/src/advanced_notification_slot_service.cpp +++ b/services/ans/src/advanced_notification_slot_service.cpp @@ -45,6 +45,7 @@ namespace { constexpr char KEY_NAME[] = "AGGREGATE_CONFIG"; constexpr char CTRL_LIST_KEY_NAME[] = "NOTIFICATION_CTL_LIST_PKG"; constexpr char CALL_UI_BUNDLE[] = "com.ohos.callui"; + constexpr char KIOSK_APP_TRUST_LIST[] = "kiosk_app_trust_list"; constexpr uint32_t NOTIFICATION_SETTING_FLAG_BASE = 0x11; } @@ -984,6 +985,13 @@ ErrCode AdvancedNotificationService::SetAdditionConfig(const std::string &key, c return ERR_ANS_PERMISSION_DENIED; } + if (key == KIOSK_APP_TRUST_LIST && !AccessTokenHelper::CheckPermission(OHOS_PERMISSION_MANAGE_EDM_POLICY)) { + ANS_LOGE("Permission denied."); + message.ErrorCode(ERR_ANS_PERMISSION_DENIED).Append(" Permission denied"); + NotificationAnalyticsUtil::ReportModifyEvent(message); + return ERR_ANS_PERMISSION_DENIED; + } + if (notificationSvrQueue_ == nullptr) { ANS_LOGE("Serial queue is invalid."); return ERR_ANS_INVALID_PARAM; diff --git a/services/ans/src/notification_preferences.cpp b/services/ans/src/notification_preferences.cpp index dcff9f9fd..aace74219 100644 --- a/services/ans/src/notification_preferences.cpp +++ b/services/ans/src/notification_preferences.cpp @@ -1478,6 +1478,37 @@ bool NotificationPreferences::GetDisableNotificationInfo(NotificationDisable &no return true; } +bool NotificationPreferences::GetkioskAppTrustList(std::vector &kioskAppTrustList) +{ + ANS_LOGD("%{public}s", __FUNCTION__); + if (preferencesInfo_.GetkioskAppTrustList(kioskAppTrustList)) { + ANS_LOGD("info get disable notification success"); + return true; + } + std::string value = ""; + int32_t userId = -1; + if (GetKvFromDb("kiosk_app_trust_list", value, userId) != ERR_OK) { + ANS_LOGD("Get kiosk app trust list failed."); + return false; + } + if (value.empty() || !nlohmann::json::accept(value)) { + ANS_LOGE("Invalid json string"); + return false; + } + nlohmann::json jsonObject = nlohmann::json::parse(value, nullptr, false); + if (jsonObject.is_null() || jsonObject.empty()) { + ANS_LOGE("Invalid JSON object"); + return false; + } + if (jsonObject.is_discarded() || !jsonObject.is_array()) { + ANS_LOGE("Parse kiosk app trust list failed due to data is discarded or not array"); + return false; + } + kioskAppTrustList = jsonObject.get>(); + preferencesInfo_.SetkioskAppTrustList(kioskAppTrustList); + return true; +} + ErrCode NotificationPreferences::SetSubscriberExistFlag(const std::string& deviceType, bool existFlag) { ANS_LOGD("%{public}s", __FUNCTION__); @@ -1576,6 +1607,16 @@ bool NotificationPreferences::SetBundleRemoveFlag(const sptrSetBundleRemoveFlag(bundleOption, slotType, sourceType); } +void NotificationPreferences::SetKioskModeStatus(bool isKioskMode) +{ + isKioskMode_ = isKioskMode; +} + +bool NotificationPreferences::IsKioskMode() +{ + return isKioskMode_; +} + #ifdef ENABLE_ANS_PRIVILEGED_MESSAGE_EXT_WRAPPER int32_t NotificationPreferences::GetKvFromDb( const std::string &key, std::string &value, const int32_t &userId, int32_t &retCode) diff --git a/services/ans/src/notification_preferences_info.cpp b/services/ans/src/notification_preferences_info.cpp index 92d810f4b..e3efa2603 100644 --- a/services/ans/src/notification_preferences_info.cpp +++ b/services/ans/src/notification_preferences_info.cpp @@ -443,6 +443,21 @@ bool NotificationPreferencesInfo::GetDisableNotificationInfo(NotificationDisable return true; } +void NotificationPreferencesInfo::SetkioskAppTrustList(const std::vector &kioskAppTrustList) +{ + kioskAppTrustList_ = kioskAppTrustList; +} + +bool NotificationPreferencesInfo::GetkioskAppTrustList(std::vector &kioskAppTrustList) const +{ + if (kioskAppTrustList_.empty()) { + ANS_LOGE("kioskAppTrustList is empty"); + return false; + } + kioskAppTrustList = kioskAppTrustList_; + return true; +} + void NotificationPreferencesInfo::AddDisableNotificationInfo(const std::string &value) { NotificationDisable notificationDisable; diff --git a/services/ans/src/system_event_observer.cpp b/services/ans/src/system_event_observer.cpp index db7602425..844d2d8ec 100644 --- a/services/ans/src/system_event_observer.cpp +++ b/services/ans/src/system_event_observer.cpp @@ -46,6 +46,8 @@ SystemEventObserver::SystemEventObserver(const ISystemEvent &callbacks) : callba matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_PACKAGE_CHANGED); matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_BOOT_COMPLETED); matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_RESTORE_START); + matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_KIOSK_MODE_ON); + matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_KIOSK_MODE_OFF); EventFwk::CommonEventSubscribeInfo commonEventSubscribeInfo(matchingSkills); commonEventSubscribeInfo.SetThreadMode(EventFwk::CommonEventSubscribeInfo::COMMON); @@ -152,6 +154,10 @@ void SystemEventObserver::OnReceiveEvent(const EventFwk::CommonEventData &data) } } else if (action == EventFwk::CommonEventSupport::COMMON_EVENT_RESTORE_START) { NotificationCloneManager::GetInstance().OnRestoreStart(want); + } else if (action == EventFwk::CommonEventSupport::COMMON_EVENT_KIOSK_MODE_ON) { + NotificationPreferences::GetInstance()->SetKioskModeStatus(true); + } else if (action == EventFwk::CommonEventSupport::COMMON_EVENT_KIOSK_MODE_OFF) { + NotificationPreferences::GetInstance()->SetKioskModeStatus(false); } else { OnReceiveEventInner(data); } -- Gitee From c9ccc9d894a871cebcd802280f192d6cca97c8f1 Mon Sep 17 00:00:00 2001 From: zhengzhuolan Date: Thu, 19 Jun 2025 21:43:45 +0800 Subject: [PATCH 2/2] fix Signed-off-by: zhengzhuolan --- .../ans/src/advanced_notification_service.cpp | 4 +- services/ans/src/notification_preferences.cpp | 56 ++++++++++--------- 2 files changed, 32 insertions(+), 28 deletions(-) diff --git a/services/ans/src/advanced_notification_service.cpp b/services/ans/src/advanced_notification_service.cpp index 5dbe6e08d..bdc13d398 100644 --- a/services/ans/src/advanced_notification_service.cpp +++ b/services/ans/src/advanced_notification_service.cpp @@ -708,13 +708,15 @@ ErrCode AdvancedNotificationService::PublishPreparedNotification(const sptrGetOwnerBundleName(); + ANS_LOGI("ttt PublishPreparedNotification ownerBundleName%{public}s", ownerBundleName.c_str()); + ANS_LOGI("ttt PublishPreparedNotification createBundleName%{public}s", request->GetCreatorBundleName().c_str()); bool isKioskMode = NotificationPreferences::GetInstance()->IsKioskMode(); #ifdef ENABLE_ANS_AGGREGATION EXTENTION_WRAPPER->GetUnifiedGroupInfo(request); #endif const int32_t uid = IPCSkeleton::GetCallingUid(); ffrt::task_handle handler = notificationSvrQueue_->submit_h(std::bind([&]() { - ANS_LOGD("ffrt enter!"); + ANS_LOGI("ffrt enter!"); if (isDisableNotification && IsDisableNotification(ownerBundleName)) { ANS_LOGE("bundle: %{public}s in disable notification list", (request->GetOwnerBundleName()).c_str()); result = ERR_ANS_REJECTED_WITH_DISABLE_NOTIFICATION; diff --git a/services/ans/src/notification_preferences.cpp b/services/ans/src/notification_preferences.cpp index aace74219..c8f4afa55 100644 --- a/services/ans/src/notification_preferences.cpp +++ b/services/ans/src/notification_preferences.cpp @@ -1480,32 +1480,34 @@ bool NotificationPreferences::GetDisableNotificationInfo(NotificationDisable &no bool NotificationPreferences::GetkioskAppTrustList(std::vector &kioskAppTrustList) { - ANS_LOGD("%{public}s", __FUNCTION__); - if (preferencesInfo_.GetkioskAppTrustList(kioskAppTrustList)) { - ANS_LOGD("info get disable notification success"); - return true; - } - std::string value = ""; - int32_t userId = -1; - if (GetKvFromDb("kiosk_app_trust_list", value, userId) != ERR_OK) { - ANS_LOGD("Get kiosk app trust list failed."); - return false; - } - if (value.empty() || !nlohmann::json::accept(value)) { - ANS_LOGE("Invalid json string"); - return false; - } - nlohmann::json jsonObject = nlohmann::json::parse(value, nullptr, false); - if (jsonObject.is_null() || jsonObject.empty()) { - ANS_LOGE("Invalid JSON object"); - return false; - } - if (jsonObject.is_discarded() || !jsonObject.is_array()) { - ANS_LOGE("Parse kiosk app trust list failed due to data is discarded or not array"); - return false; - } - kioskAppTrustList = jsonObject.get>(); - preferencesInfo_.SetkioskAppTrustList(kioskAppTrustList); + ANS_LOGI("ttt NotificationPreferences::GetkioskAppTrustList enter"); + kioskAppTrustList.push_back("com.example.myapplication"); + // ANS_LOGD("%{public}s", __FUNCTION__); + // if (preferencesInfo_.GetkioskAppTrustList(kioskAppTrustList)) { + // ANS_LOGD("info get disable notification success"); + // return true; + // } + // std::string value = ""; + // int32_t userId = -1; + // if (GetKvFromDb("kiosk_app_trust_list", value, userId) != ERR_OK) { + // ANS_LOGD("Get kiosk app trust list failed."); + // return false; + // } + // if (value.empty() || !nlohmann::json::accept(value)) { + // ANS_LOGE("Invalid json string"); + // return false; + // } + // nlohmann::json jsonObject = nlohmann::json::parse(value, nullptr, false); + // if (jsonObject.is_null() || jsonObject.empty()) { + // ANS_LOGE("Invalid JSON object"); + // return false; + // } + // if (jsonObject.is_discarded() || !jsonObject.is_array()) { + // ANS_LOGE("Parse kiosk app trust list failed due to data is discarded or not array"); + // return false; + // } + // kioskAppTrustList = jsonObject.get>(); + // preferencesInfo_.SetkioskAppTrustList(kioskAppTrustList); return true; } @@ -1614,7 +1616,7 @@ void NotificationPreferences::SetKioskModeStatus(bool isKioskMode) bool NotificationPreferences::IsKioskMode() { - return isKioskMode_; + return true; } #ifdef ENABLE_ANS_PRIVILEGED_MESSAGE_EXT_WRAPPER -- Gitee