From 57be04a6ae344bcbde5e7c01bc3e7b39aa299722 Mon Sep 17 00:00:00 2001 From: wanchengzhen Date: Thu, 10 Mar 2022 09:10:35 +0000 Subject: [PATCH] fixed 1740682 from https://gitee.com/fangJinliang1/notification_ans_standard/pulls/270 Completion of permission check function Signed-off-by: wanchengzhen --- .../core/common/include/ans_permission_def.h | 28 +++++++ frameworks/ans/test/moduletest/BUILD.gn | 3 +- .../moduletest/mock/mock_accesstoken_kit.cpp | 27 +++++++ services/ans/BUILD.gn | 3 +- services/ans/include/access_token_helper.h | 32 ++++++++ .../include/advanced_notification_service.h | 2 +- services/ans/src/access_token_helper.cpp | 27 +++++++ .../ans/src/advanced_notification_service.cpp | 79 ++++++++++--------- services/ans/test/unittest/BUILD.gn | 3 +- .../mock/mock_access_token_helper.cpp | 26 ++++++ services/test/moduletest/BUILD.gn | 3 +- .../mock/mock_access_token_helper.cpp | 26 ++++++ 12 files changed, 216 insertions(+), 43 deletions(-) create mode 100644 frameworks/ans/core/common/include/ans_permission_def.h create mode 100644 frameworks/ans/test/moduletest/mock/mock_accesstoken_kit.cpp create mode 100644 services/ans/include/access_token_helper.h create mode 100644 services/ans/src/access_token_helper.cpp create mode 100644 services/ans/test/unittest/mock/mock_access_token_helper.cpp create mode 100644 services/test/moduletest/mock/mock_access_token_helper.cpp diff --git a/frameworks/ans/core/common/include/ans_permission_def.h b/frameworks/ans/core/common/include/ans_permission_def.h new file mode 100644 index 000000000..6fdfdd9d3 --- /dev/null +++ b/frameworks/ans/core/common/include/ans_permission_def.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef BASE_NOTIFICATION_ANS_STANDARD_FRAMEWORKS_ANS_CORE_COMMON_INCLUDE_ANS_PERMISSION_DEF_H +#define BASE_NOTIFICATION_ANS_STANDARD_FRAMEWORKS_ANS_CORE_COMMON_INCLUDE_ANS_PERMISSION_DEF_H + +#include + +namespace OHOS { +namespace Notification { +// Permission +const std::string OHOS_PERMISSION_NOTIFICATION_CONTROLLER = "ohos.permission.NOTIFICATION_CONTROLLER"; +} // namespace Notification +} // namespace OHOS + +#endif // BASE_NOTIFICATION_ANS_STANDARD_FRAMEWORKS_ANS_CORE_COMMON_INCLUDE_ANS_PERMISSION_DEF_H diff --git a/frameworks/ans/test/moduletest/BUILD.gn b/frameworks/ans/test/moduletest/BUILD.gn index ff4682817..941b39a84 100644 --- a/frameworks/ans/test/moduletest/BUILD.gn +++ b/frameworks/ans/test/moduletest/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2021 Huawei Device Co., Ltd. +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -53,6 +53,7 @@ ohos_moduletest("ans_fw_module_test") { "ans_fw_module_test.cpp", "mock/blob.cpp", "mock/distributed_kv_data_manager.cpp", + "mock/mock_accesstoken_kit.cpp", "mock/mock_bundle_manager.cpp", "mock/mock_bundle_manager_helper.cpp", "mock/mock_bundle_mgr_proxy.cpp", diff --git a/frameworks/ans/test/moduletest/mock/mock_accesstoken_kit.cpp b/frameworks/ans/test/moduletest/mock/mock_accesstoken_kit.cpp new file mode 100644 index 000000000..7d8f042d3 --- /dev/null +++ b/frameworks/ans/test/moduletest/mock/mock_accesstoken_kit.cpp @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_kit.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) +{ + return PERMISSION_GRANTED; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/ans/BUILD.gn b/services/ans/BUILD.gn index 9193489a9..34a8673a5 100644 --- a/services/ans/BUILD.gn +++ b/services/ans/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2021 Huawei Device Co., Ltd. +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -30,6 +30,7 @@ ohos_shared_library("libans") { include_dirs = [ "include" ] sources = [ + "src/access_token_helper.cpp", "src/advanced_notification_service.cpp", "src/advanced_notification_service_ability.cpp", "src/bundle_manager_helper.cpp", diff --git a/services/ans/include/access_token_helper.h b/services/ans/include/access_token_helper.h new file mode 100644 index 000000000..cfaf82c9d --- /dev/null +++ b/services/ans/include/access_token_helper.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef BASE_NOTIFICATION_ANS_STANDARD_SERVICES_ANS_INCLUDE_ACCESS_TOKEN_HELPER_H +#define BASE_NOTIFICATION_ANS_STANDARD_SERVICES_ANS_INCLUDE_ACCESS_TOKEN_HELPER_H + +#include + +#include "accesstoken_kit.h" + +namespace OHOS { +namespace Notification { +class AccessTokenHelper { +public: + static bool VerifyCallerPermission( + const Security::AccessToken::AccessTokenID &tokenCaller, const std::string &permission); +}; +} // namespace Notification +} // namespace OHOS +#endif // BASE_NOTIFICATION_ANS_STANDARD_SERVICES_ANS_INCLUDE_ACCESS_TOKEN_HELPER_H \ No newline at end of file diff --git a/services/ans/include/advanced_notification_service.h b/services/ans/include/advanced_notification_service.h index 2c3266af0..73aa6acaf 100644 --- a/services/ans/include/advanced_notification_service.h +++ b/services/ans/include/advanced_notification_service.h @@ -185,7 +185,7 @@ private: void UpdateRecentNotification(sptr ¬ification, bool isDelete, int reason); void AdjustDateForDndTypeOnce(int64_t &beginDate, int64_t &endDate); - bool CheckPermission(const std::string &bundleName); + bool CheckPermission(); ErrCode PrepereContinuousTaskNotificationRequest(const sptr &request, const int &uid); bool GetActiveUserId(int& userId); void TriggerRemoveWantAgent(const sptr &request); diff --git a/services/ans/src/access_token_helper.cpp b/services/ans/src/access_token_helper.cpp new file mode 100644 index 000000000..840837628 --- /dev/null +++ b/services/ans/src/access_token_helper.cpp @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "access_token_helper.h" + +namespace OHOS { +namespace Notification { +bool AccessTokenHelper::VerifyCallerPermission( + const Security::AccessToken::AccessTokenID &tokenCaller, const std::string &permission) +{ + int result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(tokenCaller, permission); + return (result == Security::AccessToken::PERMISSION_GRANTED); +} +} // namespace Notification +} // namespace OHOS \ No newline at end of file diff --git a/services/ans/src/advanced_notification_service.cpp b/services/ans/src/advanced_notification_service.cpp index 38ff35137..2c2c20db4 100644 --- a/services/ans/src/advanced_notification_service.cpp +++ b/services/ans/src/advanced_notification_service.cpp @@ -21,10 +21,12 @@ #include "ability_context.h" #include "ability_info.h" +#include "access_token_helper.h" #include "accesstoken_kit.h" #include "ans_const_define.h" #include "ans_inner_errors.h" #include "ans_log_wrapper.h" +#include "ans_permission_def.h" #include "bundle_manager_helper.h" #include "ipc_skeleton.h" #include "notification_constant.h" @@ -585,7 +587,7 @@ ErrCode AdvancedNotificationService::AddSlots(const std::vector