diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index e6acaaed25e484bbde06c8181d8f0c3720611803..d6b0991f6d7d3ffe1422ca59fc9e26a11947826c 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -76,7 +76,7 @@ bool DataValidator::IsDcapValid(const std::string& dcap) bool DataValidator::IsPermissionFlagValid(int flag) { - return flag == DEFAULT_PERMISSION_FLAGS || + return flag == PermissionFlag::PERMISSION_DEFAULT_FLAG || flag == PermissionFlag::PERMISSION_USER_SET || flag == PermissionFlag::PERMISSION_USER_FIXED || flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; diff --git a/interfaces/innerkits/accesstoken/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h index b6d8e614f6bfb18faf0907693d149c16f04181ae..886c3393867c7bdacc7637a03a288c5745ca5661 100644 --- a/interfaces/innerkits/accesstoken/include/access_token.h +++ b/interfaces/innerkits/accesstoken/include/access_token.h @@ -22,7 +22,6 @@ namespace AccessToken { typedef unsigned int AccessTokenID; typedef unsigned int AccessTokenAttr; static const int DEFAULT_TOKEN_VERSION = 1; -static const int DEFAULT_PERMISSION_FLAGS = 0; static const int FIRSTCALLER_TOKENID_DEFAULT = 0; static const int MAX_PERMISSION_SIZE = 1000; static const int MAX_NATIVE_TOKEN_INFO_SIZE = 20480; @@ -70,6 +69,7 @@ typedef enum TypeGrantMode { } GrantMode; typedef enum TypePermissionFlag { + PERMISSION_DEFAULT_FLAG = 0, PERMISSION_USER_SET = 1 << 0, PERMISSION_USER_FIXED = 1 << 1, PERMISSION_SYSTEM_FIXED = 1 << 2, diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 91f1c6fb68bcc90ebbbdf7d8e0bcf55ba005a580..9a16bc7bbdce47941b0b33cdd1cb773702b41521 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -240,11 +240,11 @@ int AccessTokenKit::GetPermissionFlag(AccessTokenID tokenID, const std::string& ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } if (!DataValidator::IsPermissionNameValid(permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "permissionName is invalid"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); return AccessTokenManagerClient::GetInstance().GetPermissionFlag(tokenID, permissionName); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 8d23143f12806434eabd179ede76a07a20ccbccc..d8f78ff1c8c9a9f83fec63b65b7d0f7b17de3f30 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -121,7 +121,7 @@ int AccessTokenManagerClient::GetPermissionFlag(AccessTokenID tokenID, const std auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } return proxy->GetPermissionFlag(tokenID, permissionName); } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 28c68a9abe52c63381a09ad380010f264e8cfcaf..5ef80f692ce5e213ff942e0cc77ad7bd64de4290 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -223,11 +223,11 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } if (!data.WriteString(permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } MessageParcel reply; @@ -235,13 +235,13 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: sptr remote = Remote(); if (remote == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG), data, reply, option); if (requestResult != NO_ERROR) { ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } int32_t result = reply.ReadInt32(); diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 33f7db7ea3f6f72fb3d3201ae419301f8032c909..7758db9863c3236827ec97a775f3677008a87713 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -577,22 +577,22 @@ HWTEST_F(AccessTokenKitTest, GetPermissionFlag002, TestSize.Level1) ASSERT_NE(0, tokenID); int ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_GAMMA); - ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + ASSERT_EQ(PERMISSION_DEFAULT_FLAG, ret); ret = AccessTokenKit::GetPermissionFlag(tokenID, ""); - ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + ASSERT_EQ(PERMISSION_DEFAULT_FLAG, ret); std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); ret = AccessTokenKit::GetPermissionFlag(tokenID, invalidPerm); - ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + ASSERT_EQ(PERMISSION_DEFAULT_FLAG, ret); ret = AccessTokenKit::GetPermissionFlag(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_ALPHA); - ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + ASSERT_EQ(PERMISSION_DEFAULT_FLAG, ret); AccessTokenKit::DeleteToken(tokenID); ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); - ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + ASSERT_EQ(PERMISSION_DEFAULT_FLAG, ret); } /** diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 88c2404e9a84f5a0ebea7ca303ef4e385000f367..b46dac48f17b9b0f0859a76fabdbc9692a3617c2 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -227,7 +227,7 @@ void PermissionManager::GetSelfPermissionState(std::vector } if (goalGrantStatus == PERMISSION_DENIED) { - if ((goalGrantFlags == DEFAULT_PERMISSION_FLAGS) || + if ((goalGrantFlags == PERMISSION_DEFAULT_FLAG) || (goalGrantFlags == PERMISSION_USER_SET)) { permState.state = DYNAMIC_OPER; return; @@ -248,18 +248,18 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin __func__, tokenID, permissionName.c_str()); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } return permPolicySet->QueryPermissionFlag(permissionName); } @@ -357,7 +357,7 @@ void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) bool isGranted = false; GetDefPermission(perm.permissionName, permDef); isGranted = (permDef.grantMode == SYSTEM_GRANT) ? true : false; - permPolicySet->UpdatePermissionStatus(perm.permissionName, isGranted, DEFAULT_PERMISSION_FLAGS); + permPolicySet->UpdatePermissionStatus(perm.permissionName, isGranted, PERMISSION_DEFAULT_FLAG); } } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index 312686a4a72d3efce2cdc0a0b732b4f5524970ea..8f1bad23198877871138df38bd855589dd436e96 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -215,11 +215,11 @@ int PermissionPolicySet::QueryPermissionFlag(const std::string& permissionName) if (perm.isGeneral) { return perm.grantFlags[0]; } else { - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } } } - return DEFAULT_PERMISSION_FLAGS; + return PERMISSION_DEFAULT_FLAG; } void PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionName, bool isGranted, int flag) diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 474be8e67ac3971050a8a05cdea39dcf2cdf1cce..9eea11ef8892c2aa229fc80d4f41a8794cfb8406 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -35,7 +35,7 @@ bool PermissionValidator::IsGrantStatusValid(int grantStaus) bool PermissionValidator::IsPermissionFlagValid(int flag) { - return flag == DEFAULT_PERMISSION_FLAGS || + return flag == PermissionFlag::PERMISSION_DEFAULT_FLAG || flag == PermissionFlag::PERMISSION_USER_SET || flag == PermissionFlag::PERMISSION_USER_FIXED || flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 3d88bb7638af48a1d008101dbdc0dea26059828c..86b58819a17375549d2b61aafea6f8a7ce97a7dd 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -152,7 +152,7 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && VerifyAccessToken(callingTokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "permission denied"); - reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); + reply.WriteInt32(PERMISSION_DEFAULT_FLAG); return; } int result = this->GetPermissionFlag(tokenID, permissionName);