From 2e90160e98d9cbeb74776b645356bdb9f0c66c67 Mon Sep 17 00:00:00 2001 From: libing23 Date: Sun, 13 Mar 2022 16:40:38 +0800 Subject: [PATCH] fixed 598f0fa from https://gitee.com/libing23/security_access_token/pulls/136 add switch to disable token sync Signed-off-by: libing23 --- BUILD.gn | 11 +++++++--- access_token.gni | 19 ++++++++++++++++ .../include/i_accesstoken_manager.h | 2 ++ interfaces/innerkits/accesstoken/BUILD.gn | 4 ++++ .../accesstoken/include/accesstoken_kit.h | 3 +++ .../accesstoken/src/accesstoken_kit.cpp | 2 ++ .../src/accesstoken_manager_client.cpp | 2 ++ .../src/accesstoken_manager_client.h | 4 ++++ .../src/accesstoken_manager_proxy.cpp | 2 ++ .../src/accesstoken_manager_proxy.h | 2 ++ .../innerkits/accesstoken/test/BUILD.gn | 4 ++++ .../unittest/src/accesstoken_kit_test.cpp | 6 ++++- services/accesstokenmanager/BUILD.gn | 22 ++++++++++++++----- .../service/accesstoken_manager_service.h | 3 +++ .../service/accesstoken_manager_stub.h | 3 +++ .../include/token/accesstoken_info_manager.h | 2 ++ .../cpp/src/permission/permission_manager.cpp | 4 ++++ .../service/accesstoken_manager_service.cpp | 2 ++ .../src/service/accesstoken_manager_stub.cpp | 6 +++++ .../src/token/accesstoken_info_manager.cpp | 16 ++++++++++++++ .../cpp/src/token/native_token_receptor.cpp | 2 +- services/tokensyncmanager/BUILD.gn | 5 +++++ .../test/unittest/token_sync_service/BUILD.gn | 5 +++++ 23 files changed, 120 insertions(+), 11 deletions(-) create mode 100644 access_token.gni diff --git a/BUILD.gn b/BUILD.gn index 1d07fc454..50f09f676 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -11,8 +11,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -#import("//base/security/permission/permission.gni") +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") + group("accesstoken_build_module") { if (is_standard_system) { deps = [ @@ -28,7 +29,7 @@ group("accesstoken_build_module") { } group("tokensync_build_module") { - if (is_standard_system) { + if (is_standard_system && token_sync_enable == true) { deps = [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//base/security/access_token/services/tokensyncmanager:token_sync_manager_service", @@ -45,8 +46,12 @@ group("accesstoken_build_module_test") { "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", - "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", + ] + } + if (token_sync_enable == true) { + deps += [ + "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/tokensyncmanager/test/unittest/token_sync_service:unittest", ] } diff --git a/access_token.gni b/access_token.gni new file mode 100644 index 000000000..a6a6a3bd9 --- /dev/null +++ b/access_token.gni @@ -0,0 +1,19 @@ +# Copyright (C) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +if (!defined(global_parts_info) || + defined(global_parts_info.distributedhardware_device_manager_base)) { + token_sync_enable = true +} else { + token_sync_enable = false +} diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index f620e2f56..c593a4c27 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -59,6 +59,7 @@ public: virtual int UpdateHapToken( AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0; +#ifdef TOKEN_SYNC_ENABLE virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) = 0; virtual int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) = 0; @@ -69,6 +70,7 @@ public: virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; virtual AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) = 0; virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; +#endif virtual void DumpTokenInfo(std::string& tokenInfo) = 0; diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 5e59fdee8..17346a945 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") config("accesstoken") { @@ -58,4 +59,7 @@ ohos_shared_library("libaccesstoken_sdk") { "-DHILOG_ENABLE", "-DDEBUG_API_PERFORMANCE", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } } diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 9f6243cd2..2904763cc 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -54,6 +54,8 @@ public: static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int ClearUserGrantedPermissionState(AccessTokenID tokenID); + +#ifdef TOKEN_SYNC_ENABLE static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); static int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); @@ -62,6 +64,7 @@ public: static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); static int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif static void DumpTokenInfo(std::string& dumpInfo); }; } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index f8ba04b10..182783c89 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -295,6 +295,7 @@ int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID) return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID); } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenKit::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); @@ -349,6 +350,7 @@ AccessTokenID AccessTokenKit::GetRemoteNativeTokenID(const std::string& deviceID __func__, deviceID.c_str(), tokenID); return AccessTokenManagerClient::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); } +#endif void AccessTokenKit::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 9d419a67a..a10c7114b 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -275,6 +275,7 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo return res; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); @@ -383,6 +384,7 @@ int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& device int res = proxy->DeleteRemoteDeviceTokens(deviceID); return res; } +#endif void AccessTokenManagerClient::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 74df766ed..37b3fc61c 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -59,6 +59,8 @@ public: int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); + +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); @@ -67,6 +69,8 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif + void DumpTokenInfo(std::string& dumpInfo); void OnRemoteDiedHandle(); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 218f1da47..c6e1a5a00 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -640,6 +640,7 @@ int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, return result; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) { @@ -863,6 +864,7 @@ int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceI ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } +#endif void AccessTokenManagerProxy::DumpTokenInfo(std::string& dumpInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 5463e216b..90c65cee8 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -59,6 +59,7 @@ public: int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) override; int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -67,6 +68,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; int DeleteRemoteDeviceTokens(const std::string& deviceID) override; +#endif void DumpTokenInfo(std::string& dumpInfo) override; private: diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index a4782cc90..c9a97a081 100644 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/test.gni") ohos_unittest("libaccesstoken_sdk_test") { @@ -37,6 +38,9 @@ ohos_unittest("libaccesstoken_sdk_test") { ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } } group("unittest") { diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 34e30ce68..56a4ada18 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -185,6 +185,8 @@ void AccessTokenKitTest::SetUp() g_infoManagerTestInfoParms.instIndex); AccessTokenKit::DeleteToken(tokenID); (void)remove("/data/token.json"); + + ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok."); } void AccessTokenKitTest::TearDown() @@ -2080,6 +2082,7 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, res); } +#ifdef TOKEN_SYNC_ENABLE /** * @tc.name: SetRemoteHapTokenInfo001 * @tc.desc: set remote hap token info success @@ -3098,4 +3101,5 @@ HWTEST_F(AccessTokenKitTest, SetRemoteNativeTokenInfo001, TestSize.Level1) ASSERT_EQ(resultInfo.dcap[1], "DMSDCAP"); ASSERT_EQ(resultInfo.tokenID, mapID); ASSERT_EQ(resultInfo.tokenAttr, native1.tokenAttr); -} \ No newline at end of file +} +#endif diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 9862a58ab..f2663afa5 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") ohos_prebuilt_etc("access_token.rc") { @@ -33,7 +34,6 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", - "//base/security/access_token/interfaces/innerkits/tokensync/include", "//third_party/json/include", ] @@ -53,26 +53,36 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/src/service/accesstoken_manager_stub.cpp", "main/cpp/src/token/accesstoken_id_manager.cpp", "main/cpp/src/token/accesstoken_info_manager.cpp", - "main/cpp/src/token/accesstoken_remote_token_manager.cpp", "main/cpp/src/token/hap_token_info_inner.cpp", "main/cpp/src/token/native_token_info_inner.cpp", "main/cpp/src/token/native_token_receptor.cpp", - "main/cpp/src/token/token_modify_notifier.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ - #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", - #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//base/security/access_token/frameworks/common:accesstoken_common_cxx", - "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//base/security/access_token/services/accesstokenmanager:access_token.rc", "//third_party/sqlite:sqlite", "//utils/native/base:utils", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + + sources += [ + "main/cpp/src/token/accesstoken_remote_token_manager.cpp", + "main/cpp/src/token/token_modify_notifier.cpp", + ] + + include_dirs += [ + "//base/security/access_token/interfaces/innerkits/tokensync/include", + ] + + deps += [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk" ] + } + external_deps = [ "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index 589b641e4..e8ac7f2f8 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -59,6 +59,8 @@ public: int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override; int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override; + +#ifdef TOKEN_SYNC_ENABLE int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) override; int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; @@ -67,6 +69,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) override; int DeleteRemoteDeviceTokens(const std::string& deviceID) override; +#endif void DumpTokenInfo(std::string& dumpInfo) override; private: diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h index e38295800..7b34cc3a7 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -54,6 +54,7 @@ private: void CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply); void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply); +#ifdef TOKEN_SYNC_ENABLE void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply); void GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); @@ -62,6 +63,8 @@ private: void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply); void GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply); void GetRemoteHapTokenIDInner(MessageParcel& data, MessageParcel& reply); +#endif + void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply); bool IsAuthorizedCalling() const; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index db85e4eda..aa8fa7d72 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -53,6 +53,7 @@ public: void DumpTokenInfo(std::string& dumpInfo); void RefreshTokenInfoIfNeeded(); +#ifdef TOKEN_SYNC_ENABLE /* tokensync needed */ int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); int GetHapTokenInfoFromRemote(AccessTokenID tokenID, @@ -64,6 +65,7 @@ public: int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); int DeleteRemoteDeviceTokens(const std::string& deviceID); +#endif private: AccessTokenInfoManager(); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 4f352d8b3..eaf67ae7a 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -19,7 +19,9 @@ #include "accesstoken_log.h" #include "permission_definition_cache.h" #include "permission_validator.h" +#ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" +#endif namespace OHOS { namespace Security { @@ -237,7 +239,9 @@ void PermissionManager::UpdateTokenPermissionState( } permPolicySet->UpdatePermissionStatus(permissionName, isGranted, flag); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); +#endif } void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 997da72d3..6eb08a9bd 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -239,6 +239,7 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT return AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, InfoParcel.nativeTokenInfoParams); } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) { @@ -309,6 +310,7 @@ int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& devic return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID); } +#endif void AccessTokenManagerService::DumpTokenInfo(std::string& dumpInfo) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index bf92f5464..c92ab7648 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -286,6 +286,7 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag reply.WriteInt32(result); } +#ifdef TOKEN_SYNC_ENABLE void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply) { if (!IsAuthorizedCalling()) { @@ -391,6 +392,7 @@ void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, int result = this->DeleteRemoteDeviceTokens(deviceID); reply.WriteInt32(result); } +#endif void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply) { @@ -448,6 +450,8 @@ AccessTokenManagerStub::AccessTokenManagerStub() &AccessTokenManagerStub::GetHapTokenInfoInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN)] = &AccessTokenManagerStub::UpdateHapTokenInner; + +#ifdef TOKEN_SYNC_ENABLE requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_FROM_REMOTE)] = &AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_ALL_NATIVE_TOKEN_FROM_REMOTE)] = @@ -462,6 +466,8 @@ AccessTokenManagerStub::AccessTokenManagerStub() &AccessTokenManagerStub::DeleteRemoteDeviceTokensInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_NATIVE_REMOTE_TOKEN)] = &AccessTokenManagerStub::GetRemoteNativeTokenIDInner; +#endif + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::DUMP_TOKENINFO)] = &AccessTokenManagerStub::DumpTokenInfoInner; } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 059403f0c..5c0235ccd 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -25,8 +25,11 @@ #include "generic_values.h" #include "hap_token_info_inner.h" #include "permission_manager.h" + +#ifdef TOKEN_SYNC_ENABLE #include "token_modify_notifier.h" #include "token_sync_kit.h" +#endif namespace OHOS { namespace Security { @@ -308,7 +311,9 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_INFO(LABEL, "remove hap token 0x%{public}x ok!", id); RefreshTokenInfoIfNeeded(); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); +#endif return RET_SUCCESS; } @@ -511,11 +516,14 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, } PermissionManager::GetInstance().AddDefPermissions(infoPtr, true); +#ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); +#endif RefreshTokenInfoIfNeeded(); return RET_SUCCESS; } +#ifdef TOKEN_SYNC_ENABLE int AccessTokenInfoManager::GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); @@ -791,6 +799,14 @@ AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remot return AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(remoteDeviceID, remoteTokenID); } +#else +AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remoteDeviceID, + AccessTokenID remoteTokenID) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "tokensync is disable, check dependent components"); + return 0; +} +#endif AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() { diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index de1ff1aaa..381005678 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -67,7 +67,7 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p if (j.find(JSON_TOKEN_ID) != j.end()) { native.tokenID = j.at(JSON_TOKEN_ID).get(); - if (native.tokenID == 0 && + if (native.tokenID == 0 || AccessTokenIDManager::GetTokenIdTypeEnum(native.tokenID) != TOKEN_NATIVE) { return; } diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 65e7b718a..e35b82ca4 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/ohos.gni") ohos_prebuilt_etc("token_sync.rc") { @@ -75,6 +76,10 @@ ohos_shared_library("token_sync_manager_service") { "//utils/native/base:utils", ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + external_deps = [ "device_manager_base:devicemanagersdk", "dsoftbus_standard:softbus_client", diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn index 73cb6e221..1a7ca56bf 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn @@ -11,6 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +import("//base/security/access_token/access_token.gni") import("//build/test.gni") ohos_unittest("libtoken_sync_service_sdk_test") { @@ -86,6 +87,10 @@ ohos_unittest("libtoken_sync_service_sdk_test") { cflags_cc = [ "-DHILOG_ENABLE" ] + if (token_sync_enable == true) { + cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] + } + external_deps = [ "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", -- Gitee