diff --git a/BUILD.gn b/BUILD.gn index 1d07fc45455e0697b75899158b1556cad9198de7..50f09f6760631a3dd054893c60e4511180df4cc3 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -11,8 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -#import("//base/security/permission/permission.gni") +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") + group("accesstoken_build_module") { if (is_standard_system) { deps = [ @@ -28,7 +29,7 @@ group("accesstoken_build_module") { } group("tokensync_build_module") { - if (is_standard_system) { + if (is_standard_system && token_sync_enable == true) { deps = [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//base/security/access_token/services/tokensyncmanager:token_sync_manager_service", @@ -45,8 +46,12 @@ group("accesstoken_build_module_test") { "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", - "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", + ] + } + if (token_sync_enable == true) { + deps += [ + "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/tokensyncmanager/test/unittest/token_sync_service:unittest", ] } diff --git a/access_token.gni b/access_token.gni new file mode 100644 index 0000000000000000000000000000000000000000..a6a6a3bd984692328e8a83390fe1d1207a9731d4 --- /dev/null +++ b/access_token.gni @@ -0,0 +1,19 @@ +# Copyright (C) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +if (!defined(global_parts_info) || + defined(global_parts_info.distributedhardware_device_manager_base)) { + token_sync_enable = true +} else { + token_sync_enable = false +} diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index f620e2f56612dd2db108b3b23a846b3fd1c71937..c593a4c27b79fba0da0e737f594e5c1943206887 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -59,6 +59,7 @@ public: virtual int UpdateHapToken( AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0; +#ifdef TOKEN_SYNC_ENABLE virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) = 0; virtual int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) = 0; @@ -69,6 +70,7 @@ public: virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0; virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; +#endif virtual void DumpTokenInfo(std::string& tokenInfo) = 0; diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 5e59fdee8b8b3061d96fd95938828979f3261a3b..17346a945f1e7e02f1c32b8a06340b53796eb804 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") config("accesstoken") { @@ -58,4 +59,7 @@ ohos_shared_library("libaccesstoken_sdk") { "-DHILOG_ENABLE", "-DDEBUG_API_PERFORMANCE", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } } diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 9f6243cd28d79589546e508c249dfad6bd1dd7f4..2904763cc8b36872d718f438e1dfa658e3e2c9ee 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -54,6 +54,8 @@ public: static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int ClearUserGrantedPermissionState(AccessTokenID tokenID); + +#ifdef TOKEN_SYNC_ENABLE static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); static int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); @@ -62,6 +64,7 @@ public: static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); static int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif static void DumpTokenInfo(std::string& dumpInfo); }; } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index f8ba04b10bc354f484edc93b5b47b301d57361e0..182783c89f5cce2059a6dc5e5b1088de098eb0de 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -295,6 +295,7 @@ int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID) return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID); } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenKit::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); @@ -349,6 +350,7 @@ AccessTokenID AccessTokenKit::GetRemoteNativeTokenID(const std::string& deviceID __func__, deviceID.c_str(), tokenID); return AccessTokenManagerClient::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); } +#endif void AccessTokenKit::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 9d419a67ae56e63787fd96c91b6d865eb0d2bf96..a10c7114ba7e0e9b5b7eee454c0fc7c30721b3a4 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -275,6 +275,7 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo return res; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); @@ -383,6 +384,7 @@ int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& device int res = proxy->DeleteRemoteDeviceTokens(deviceID); return res; } +#endif void AccessTokenManagerClient::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 74df766ed959bff3d915bbaeb9b84371cf345685..37b3fc61c472e7d4d1b342d8d1947333e7780e38 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -59,6 +59,8 @@ public: int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); + +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); @@ -67,6 +69,8 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif + void DumpTokenInfo(std::string& dumpInfo); void OnRemoteDiedHandle(); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 218f1da474a91586075d3b401e2beff8b63b15bb..c6e1a5a0031def3059da18e4833f7923de59dc44 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -640,6 +640,7 @@ int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, return result; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) { @@ -863,6 +864,7 @@ int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceI ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } +#endif void AccessTokenManagerProxy::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 5463e216bfd43999769b4aaea6aa1ba9858f0992..90c65cee8b4c2741ffb549301d86d4eee0b6d363 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -59,6 +59,7 @@ public: int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) override; int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -67,6 +68,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; int DeleteRemoteDeviceTokens(const std::string& deviceID) override; +#endif void DumpTokenInfo(std::string& dumpInfo) override; private: diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index a4782cc9094234cfcc93c78bb0ac79f4258c7169..c9a97a081289fe52cbff9a79bf056646fb123587 100644 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/test.gni") ohos_unittest("libaccesstoken_sdk_test") { @@ -37,6 +38,9 @@ ohos_unittest("libaccesstoken_sdk_test") { ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } } group("unittest") { diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 34e30ce682e4e65ffd10ffd376b6a544c74a519a..56a4ada183414994e980c6fb6d840e1fa6c09999 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -185,6 +185,8 @@ void AccessTokenKitTest::SetUp() g_infoManagerTestInfoParms.instIndex); AccessTokenKit::DeleteToken(tokenID); (void)remove("/data/token.json"); + + ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok."); } void AccessTokenKitTest::TearDown() @@ -2080,6 +2082,7 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, res); } +#ifdef TOKEN_SYNC_ENABLE /** * @tc.name: SetRemoteHapTokenInfo001 * @tc.desc: set remote hap token info success @@ -3098,4 +3101,5 @@ HWTEST_F(AccessTokenKitTest, SetRemoteNativeTokenInfo001, TestSize.Level1) ASSERT_EQ(resultInfo.dcap[1], "DMSDCAP"); ASSERT_EQ(resultInfo.tokenID, mapID); ASSERT_EQ(resultInfo.tokenAttr, native1.tokenAttr); -} \ No newline at end of file +} +#endif diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 9862a58ab5e450c64a83ea318a09c3b15c35e68d..f2663afa5d312186516f764f9dd5ed139fec09e6 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") ohos_prebuilt_etc("access_token.rc") { @@ -33,7 +34,6 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", - "//base/security/access_token/interfaces/innerkits/tokensync/include", "//third_party/json/include", ] @@ -53,26 +53,36 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/src/service/accesstoken_manager_stub.cpp", "main/cpp/src/token/accesstoken_id_manager.cpp", "main/cpp/src/token/accesstoken_info_manager.cpp", - "main/cpp/src/token/accesstoken_remote_token_manager.cpp", "main/cpp/src/token/hap_token_info_inner.cpp", "main/cpp/src/token/native_token_info_inner.cpp", "main/cpp/src/token/native_token_receptor.cpp", - "main/cpp/src/token/token_modify_notifier.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ - #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", - #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//base/security/access_token/frameworks/common:accesstoken_common_cxx", - "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//base/security/access_token/services/accesstokenmanager:access_token.rc", "//third_party/sqlite:sqlite", "//utils/native/base:utils", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + + sources += [ + "main/cpp/src/token/accesstoken_remote_token_manager.cpp", + "main/cpp/src/token/token_modify_notifier.cpp", + ] + + include_dirs += [ + "//base/security/access_token/interfaces/innerkits/tokensync/include", + ] + + deps += [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk" ] + } + external_deps = [ "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index 589b641e4c4c041fbff4f6b1e5af55a2b8dd052d..e8ac7f2f8fe02e380581ccf2eb7f7c94708e46ee 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -59,6 +59,8 @@ public: int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override; int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override; + +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) override; int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -67,6 +69,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; int DeleteRemoteDeviceTokens(const std::string& deviceID) override; +#endif void DumpTokenInfo(std::string& dumpInfo) override; private: diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h index e382958009b8b38f089a78c0e9c7e33e55c0d060..7b34cc3a7f9cd9a8bd89c94c796948ea54539391 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -54,6 +54,7 @@ private: void CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply); void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply); +#ifdef TOKEN_SYNC_ENABLE void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply); void GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); @@ -62,6 +63,8 @@ private: void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply); void GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply); void GetRemoteHapTokenIDInner(MessageParcel& data, MessageParcel& reply); +#endif + void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply); bool IsAuthorizedCalling() const; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index db85e4eda245fa0a676d7c5a365a27889924c620..aa8fa7d72a113564d0ce71cbe98a2b730c592cdc 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -53,6 +53,7 @@ public: void DumpTokenInfo(std::string& dumpInfo); void RefreshTokenInfoIfNeeded(); +#ifdef TOKEN_SYNC_ENABLE /* tokensync needed */ int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); int GetHapTokenInfoFromRemote(AccessTokenID tokenID, @@ -64,6 +65,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif private: AccessTokenInfoManager(); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 4f352d8b3c1307a4f08cc8ce29273170894af321..eaf67ae7af4bc46d421a96db3b4d94ed62f2af32 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -19,7 +19,9 @@ #include "accesstoken_log.h" #include "permission_definition_cache.h" #include "permission_validator.h" +#ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" +#endif namespace OHOS { namespace Security { @@ -237,7 +239,9 @@ void PermissionManager::UpdateTokenPermissionState( } permPolicySet->UpdatePermissionStatus(permissionName, isGranted, flag); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); +#endif } void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 997da72d38acd1d0f03043cb875ae405b4ef72c0..6eb08a9bdf07e2a39f2ad5dfe7c7f3158c8c2691 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -239,6 +239,7 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT return AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, InfoParcel.nativeTokenInfoParams); } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) { @@ -309,6 +310,7 @@ int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& devic return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID); } +#endif void AccessTokenManagerService::DumpTokenInfo(std::string& dumpInfo) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index bf92f5464825380ea37c882f705f4fec5fc82d11..c92ab76485744564f29ecaa45d6d85eb61e1460f 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -286,6 +286,7 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag reply.WriteInt32(result); } +#ifdef TOKEN_SYNC_ENABLE void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply) { if (!IsAuthorizedCalling()) { @@ -391,6 +392,7 @@ void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, int result = this->DeleteRemoteDeviceTokens(deviceID); reply.WriteInt32(result); } +#endif void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply) { @@ -448,6 +450,8 @@ AccessTokenManagerStub::AccessTokenManagerStub() &AccessTokenManagerStub::GetHapTokenInfoInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN)] = &AccessTokenManagerStub::UpdateHapTokenInner; + +#ifdef TOKEN_SYNC_ENABLE requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_FROM_REMOTE)] = &AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_ALL_NATIVE_TOKEN_FROM_REMOTE)] = @@ -462,6 +466,8 @@ AccessTokenManagerStub::AccessTokenManagerStub() &AccessTokenManagerStub::DeleteRemoteDeviceTokensInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_NATIVE_REMOTE_TOKEN)] = &AccessTokenManagerStub::GetRemoteNativeTokenIDInner; +#endif + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::DUMP_TOKENINFO)] = &AccessTokenManagerStub::DumpTokenInfoInner; } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 059403f0cebf3228e767c29b9baf108c07904fcf..5c0235ccdbc83deea32c7519e416ce845bf61d4e 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -25,8 +25,11 @@ #include "generic_values.h" #include "hap_token_info_inner.h" #include "permission_manager.h" + +#ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" #include "token_sync_kit.h" +#endif namespace OHOS { namespace Security { @@ -308,7 +311,9 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_INFO(LABEL, "remove hap token 0x%{public}x ok!", id); RefreshTokenInfoIfNeeded(); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); +#endif return RET_SUCCESS; } @@ -511,11 +516,14 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, } PermissionManager::GetInstance().AddDefPermissions(infoPtr, true); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); +#endif RefreshTokenInfoIfNeeded(); return RET_SUCCESS; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenInfoManager::GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); @@ -791,6 +799,14 @@ AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remot return AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(remoteDeviceID, remoteTokenID); } +#else +AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remoteDeviceID, + AccessTokenID remoteTokenID) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "tokensync is disable, check dependent components"); + return 0; +} +#endif AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() { diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index de1ff1aaaa045b7585c178412091282f2cd609c1..3810056789d2d5cad9cb693d19fb698b53450abe 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -67,7 +67,7 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p if (j.find(JSON_TOKEN_ID) != j.end()) { native.tokenID = j.at(JSON_TOKEN_ID).get(); - if (native.tokenID == 0 && + if (native.tokenID == 0 || AccessTokenIDManager::GetTokenIdTypeEnum(native.tokenID) != TOKEN_NATIVE) { return; } diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 65e7b718ae1f82cb8d2ed40e0593634f8cd237f5..e35b82ca484ccdf9266ae7dc3795d341a691f4fa 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") ohos_prebuilt_etc("token_sync.rc") { @@ -75,6 +76,10 @@ ohos_shared_library("token_sync_manager_service") { "//utils/native/base:utils", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + external_deps = [ "device_manager_base:devicemanagersdk", "dsoftbus_standard:softbus_client", diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn index 73cb6e221d517d9e80cb787c43f2bc88041076f0..1a7ca56bf981ac3809298bb00c9d6549219bb482 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/test.gni") ohos_unittest("libtoken_sync_service_sdk_test") { @@ -86,6 +87,10 @@ ohos_unittest("libtoken_sync_service_sdk_test") { cflags_cc = [ "-DHILOG_ENABLE" ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + external_deps = [ "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core",