diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index f761cae9a3355fe9bbb199c0458e34cd334a7ec6..0dd05b9a9b5ba89cca18aeb971b9056c3fe61641 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -58,7 +58,7 @@ public: int RemoveHapTokenInfo(AccessTokenID id); int RemoveNativeTokenInfo(AccessTokenID id); int32_t AddAllNativeTokenInfoToDb(void); - int32_t ModifyHapTokenInfoFromDb(AccessTokenID tokenID); + int32_t ModifyHapTokenInfoFromDb(AccessTokenID tokenID, const std::shared_ptr& hapInner); int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); @@ -74,7 +74,8 @@ public: int32_t GetHapTokenDlpType(AccessTokenID id); int32_t SetPermDialogCap(AccessTokenID tokenID, bool enable); bool GetPermDialogCap(AccessTokenID tokenID); - int32_t ModifyHapPermStateFromDb(AccessTokenID tokenID, const std::string& permission); + int32_t ModifyHapPermStateFromDb( + AccessTokenID tokenID, const std::string& permission, const std::shared_ptr& hapInfo); void DumpToken(); int32_t GetCurDumpTaskNum(); void AddDumpTaskNum(); @@ -110,7 +111,7 @@ private: std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; bool TryUpdateExistNativeToken(const std::shared_ptr& infoPtr); int AllocNativeToken(const std::shared_ptr& infoPtr); - int AddHapTokenInfoToDb(AccessTokenID tokenID); + int AddHapTokenInfoToDb(AccessTokenID tokenID, const std::shared_ptr& hapInfo); int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index c2bdb24ade0afad309bfb0cb08643100cae4287f..a8b9b7dee64c8ed2c97b2fdcda3da2a59421e32c 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -622,8 +622,7 @@ int32_t PermissionManager::UpdateTokenPermissionState( #ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenModify(id); #endif - AccessTokenInfoManager::GetInstance().ModifyHapPermStateFromDb(id, permission); - return RET_SUCCESS; + return AccessTokenInfoManager::GetInstance().ModifyHapPermStateFromDb(id, permission, infoPtr); } int32_t PermissionManager::UpdatePermission(AccessTokenID tokenID, const std::string& permissionName, diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 8d9b1ea5494ef84497dedd374014b114906fec16..ed012590683cb4ef542722f8830ca3ee19e0fd40 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -299,8 +299,47 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner( if (iter != hapTokenInfoMap_.end()) { return iter->second; } - ACCESSTOKEN_LOG_ERROR(LABEL, "Token %{public}u is invalid.", id); - return nullptr; + GenericValues conditionValue; + if (PermissionDefinitionCache::GetInstance().IsHapPermissionDefEmpty()) { + std::vector permDefRes; + AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_PERMISSION_DEF, conditionValue, permDefRes); + PermissionDefinitionCache::GetInstance().RestorePermDefInfo(permDefRes); // restore all permission definition + ACCESSTOKEN_LOG_INFO(LABEL, "Restore perm def size: %{public}zu, mapSize: %{public}zu.", + permDefRes.size(), hapTokenInfoMap_.size()); + } + + conditionValue.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(id)); + std::vector hapTokenResults; + int32_t ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_HAP_INFO, conditionValue, hapTokenResults); + if (ret != RET_SUCCESS || hapTokenResults.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to find Id(%{public}u) from hap_token_table, err: %{public}d, " + "hapSize: %{public}zu, mapSize: %{public}zu.", id, ret, hapTokenResults.size(), hapTokenInfoMap_.size()); + return nullptr; + } + std::vector permStateRes; + ret = AccessTokenDb::GetInstance().Find(AtmDataType::ACCESSTOKEN_PERMISSION_STATE, conditionValue, permStateRes); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to find Id(%{public}u) from perm_state_table, err: %{public}d, " + "mapSize: %{public}zu.", id, ret, hapTokenInfoMap_.size()); + return nullptr; + } + + std::shared_ptr hap = std::make_shared(); + ret = hap->RestoreHapTokenInfo(id, hapTokenResults[0], permStateRes); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Id %{public}u restore failed, err: %{public}d, mapSize: %{public}zu.", + id, ret, hapTokenInfoMap_.size()); + return nullptr; + } + AccessTokenIDManager::GetInstance().RegisterTokenId(id, TOKEN_HAP); + hapTokenIdMap_[GetHapUniqueStr(hap)] = id; + hapTokenInfoMap_[id] = hap; + std::shared_ptr policySet = hap->GetHapInfoPermissionPolicySet(); + PermissionManager::GetInstance().AddPermToKernel(id, policySet); + ACCESSTOKEN_LOG_INFO(LABEL, " Token %{public}u is not found in map(mapSize: %{public}zu), begin load from DB," + " restore bundle %{public}s user %{public}d, idx %{public}d, permSize %{public}d.", id, hapTokenInfoMap_.size(), + hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetInstIndex(), hap->GetReqPermissionSize()); + return hap; } int32_t AccessTokenInfoManager::GetHapTokenDlpType(AccessTokenID id) @@ -310,7 +349,7 @@ int32_t AccessTokenInfoManager::GetHapTokenDlpType(AccessTokenID id) if ((iter != hapTokenInfoMap_.end()) && (iter->second != nullptr)) { return iter->second->GetDlpType(); } - ACCESSTOKEN_LOG_ERROR(LABEL, "Token %{public}u is invalid.", id); + ACCESSTOKEN_LOG_ERROR(LABEL, "Token %{public}u is invalid, mapSize: %{public}zu.", id, hapTokenInfoMap_.size()); return BUTT_DLP_TYPE; } @@ -394,8 +433,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) { ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); if (type != TOKEN_HAP) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "Token %{public}u is not hap.", id); + ACCESSTOKEN_LOG_ERROR(LABEL, "Token %{public}u is not hap.", id); return ERR_PARAM_INVALID; } std::shared_ptr info; @@ -403,6 +441,11 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) PermissionManager::GetInstance().RemoveDefPermissions(id); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + RemoveHapTokenInfoFromDb(id); + // remove hap to kernel + PermissionManager::GetInstance().RemovePermFromKernel(id); + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); + if (hapTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR(LABEL, "Hap token %{public}u no exist.", id); return ERR_TOKENID_NOT_EXIST; @@ -425,11 +468,7 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) hapTokenInfoMap_.erase(id); } - AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_INFO(LABEL, "Remove hap token %{public}u ok!", id); - RemoveHapTokenInfoFromDb(id); - // remove hap to kernel - PermissionManager::GetInstance().RemovePermFromKernel(id); PermissionStateNotify(info, id); #ifdef TOKEN_SYNC_ENABLE TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); @@ -536,7 +575,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( ACCESSTOKEN_LOG_INFO(LABEL, "Create hap token %{public}u bundleName %{public}s user %{public}d inst %{public}d ok", tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex()); AllocAccessTokenIDEx(info, tokenId, tokenIdEx); - AddHapTokenInfoToDb(tokenId); + AddHapTokenInfoToDb(tokenId, tokenInfo); return RET_SUCCESS; } @@ -703,7 +742,7 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const // update hap to kernel std::shared_ptr policySet = infoPtr->GetHapInfoPermissionPolicySet(); PermissionManager::GetInstance().AddPermToKernel(tokenID, policySet); - return ModifyHapTokenInfoFromDb(tokenID); + return ModifyHapTokenInfoFromDb(tokenID, infoPtr); } #ifdef TOKEN_SYNC_ENABLE @@ -1070,9 +1109,9 @@ int AccessTokenInfoManager::AddAllNativeTokenInfoToDb(void) return RET_SUCCESS; } -int AccessTokenInfoManager::ModifyHapTokenInfoFromDb(AccessTokenID tokenID) +int AccessTokenInfoManager::ModifyHapTokenInfoFromDb( + AccessTokenID tokenID, const std::shared_ptr& hapInner) { - std::shared_ptr hapInner = GetHapTokenInfoInner(tokenID); if (hapInner == nullptr) { ACCESSTOKEN_LOG_INFO(LABEL, "token %{public}u info is null!", tokenID); return AccessTokenError::ERR_TOKENID_NOT_EXIST; @@ -1099,11 +1138,11 @@ int AccessTokenInfoManager::ModifyHapTokenInfoFromDb(AccessTokenID tokenID) permStateValues); } -int32_t AccessTokenInfoManager::ModifyHapPermStateFromDb(AccessTokenID tokenID, const std::string& permission) +int32_t AccessTokenInfoManager::ModifyHapPermStateFromDb( + AccessTokenID tokenID, const std::string& permission, const std::shared_ptr& hapInfo) { std::vector permStateValues; Utils::UniqueWriteGuard infoGuard(this->modifyLock_); - std::shared_ptr hapInfo = GetHapTokenInfoInner(tokenID); if (hapInfo == nullptr) { ACCESSTOKEN_LOG_INFO(LABEL, "Token %{public}u info is null!", tokenID); return AccessTokenError::ERR_TOKENID_NOT_EXIST; @@ -1123,13 +1162,12 @@ int32_t AccessTokenInfoManager::ModifyHapPermStateFromDb(AccessTokenID tokenID, return RET_SUCCESS; } -int AccessTokenInfoManager::AddHapTokenInfoToDb(AccessTokenID tokenID) +int AccessTokenInfoManager::AddHapTokenInfoToDb( + AccessTokenID tokenID, const std::shared_ptr& hapInfo) { std::vector hapInfoValues; std::vector permDefValues; std::vector permStateValues; - - std::shared_ptr hapInfo = GetHapTokenInfoInner(tokenID); if (hapInfo == nullptr) { ACCESSTOKEN_LOG_INFO(LABEL, "Token %{public}u info is null!", tokenID); return AccessTokenError::ERR_TOKENID_NOT_EXIST; diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 23631914430bf4535fd47e320e399e03126f42d5..574860b011948bffd03f274ec8efede6e5b131bf 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -584,14 +584,18 @@ HWTEST_F(AccessTokenInfoManagerTest, GetNativePermissionPolicySet001, TestSize.L HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1) { AccessTokenIDEx tokenIdEx = {0}; - ASSERT_NE(AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID), RET_SUCCESS); + // type != TOKEN_HAP + ASSERT_EQ( + ERR_PARAM_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID)); AccessTokenID tokenId = 537919487; // 537919487 is max hap tokenId: 001 00 0 000000 11111111111111111111 ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP)); - ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); // count(id) == 0 + // hapTokenInfoMap_.count(id) == 0 + ASSERT_EQ(ERR_TOKENID_NOT_EXIST, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); + ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP)); AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = nullptr; - ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); // info is null + ASSERT_EQ(ERR_TOKEN_INVALID, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); // info == nullptr AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId); std::shared_ptr info = std::make_shared(); @@ -599,6 +603,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1) info->tokenInfoBasic_.bundleName = "com.ohos.TEST"; info->tokenInfoBasic_.instIndex = INST_INDEX; AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info; + ASSERT_EQ(RET_SUCCESS, AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP)); // count(HapUniqueKey) == 0 ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); @@ -610,8 +615,6 @@ HWTEST_F(AccessTokenInfoManagerTest, RemoveHapTokenInfo001, TestSize.Level1) // hapTokenIdMap_[HapUniqueKey] != id ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); AccessTokenInfoManager::GetInstance().hapTokenIdMap_.erase(hapUniqueKey); - - AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); } /**