From a03eb48f4c6eb3df85d9f3a6991a6268cdfe8dcd Mon Sep 17 00:00:00 2001
From: l00520400 <linshuqing2@huawei.com>
Date: Thu, 10 Mar 2022 18:14:25 +0800
Subject: [PATCH] fixed b47e412 from
 https://gitee.com/qian-li1126/security_access_token/pulls/124 auth

Signed-off-by: l00520400 <linshuqing2@huawei.com>
Change-Id: I57b0efe84249e47a3ffb68256800cd418a19eae0
Signed-off-by: l00520400 <linshuqing2@huawei.com>
---
 .../main/cpp/src/service/accesstoken_manager_stub.cpp       | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
index fe3f37809..bf92f5464 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
@@ -230,7 +230,8 @@ void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParc
 
 void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if ((!IsAuthorizedCalling()) && (this->GetTokenType(tokenCaller) != TOKEN_NATIVE)) {
         ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -272,7 +273,8 @@ void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessagePa
 
 void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if ((!IsAuthorizedCalling()) && (this->GetTokenType(tokenCaller) != TOKEN_NATIVE)) {
         ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
-- 
Gitee