From 9de0ee3009d7c48c73f9c3b32b94abf281e7db20 Mon Sep 17 00:00:00 2001 From: chennian Date: Sat, 2 Nov 2024 06:19:21 +0000 Subject: [PATCH] =?UTF-8?q?=E5=86=85=E5=AD=98=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: I8f7094ce2be2eb4426ae78f3b1126c89237319f4 --- BUILD.gn | 1 - access_token.gni | 2 + bundle.json | 2 + .../service/accesstoken_manager_service.cpp | 8 +- services/common/BUILD.gn | 12 - services/common/ability_manager/BUILD.gn | 52 ---- .../ability_manager_access_death_recipient.h | 35 --- .../include/ability_manager_access_proxy.h | 50 ---- ...ess_loader.h => ability_manager_adapter.h} | 118 ++++----- .../src/ability_manager_access_client.cpp | 125 ---------- ...ability_manager_access_death_recipient.cpp | 35 --- .../src/ability_manager_access_loader.cpp | 48 ---- ..._proxy.cpp => ability_manager_adapter.cpp} | 228 ++++++++++++------ services/common/test/BUILD.gn | 89 ------- .../test/unittest/interface_code_test.cpp | 124 ---------- services/privacymanager/BUILD.gn | 22 +- .../record/permission_record_manager.h | 7 +- .../ability_manager_adapter.h} | 118 ++++----- ...ivacy_client.h => audio_manager_adapter.h} | 45 ++-- .../audio_manager_privacy_death_recipient.h | 35 --- .../audio_manager_privacy_proxy.h | 47 ---- ...vacy_client.h => camera_manager_adapter.h} | 46 ++-- .../camera_manager_privacy_death_recipient.h | 35 --- .../camera_manager_privacy_proxy.h | 49 ---- .../src/record/permission_record_manager.cpp | 28 ++- .../ability_manager_adapter.cpp | 150 ++++++++++++ .../audio_manager/audio_manager_adapter.cpp | 170 +++++++++++++ .../audio_manager_privacy_client.cpp | 124 ---------- .../audio_manager_privacy_death_recipient.cpp | 38 --- .../audio_manager_privacy_proxy.cpp | 82 ------- .../camera_manager/camera_manager_adapter.cpp | 160 ++++++++++++ .../camera_manager_privacy_client.cpp | 125 ---------- ...camera_manager_privacy_death_recipient.cpp | 37 --- .../camera_manager_privacy_proxy.cpp | 86 ------- .../privacymanager/test/coverage/BUILD.gn | 32 +-- ...ermission_record_manager_coverage_test.cpp | 11 +- .../sensitive_manager_coverage_test.cpp | 29 +-- services/privacymanager/test/tool/BUILD.gn | 1 - .../privacymanager/test/unittest/BUILD.gn | 17 +- .../permission_record_manager_test.cpp | 22 +- .../test/unittest/sensitive_manager_test.cpp | 38 ++- .../services/privacy/privacy_service_fuzz.gni | 21 +- 42 files changed, 922 insertions(+), 1582 deletions(-) delete mode 100644 services/common/ability_manager/BUILD.gn delete mode 100644 services/common/ability_manager/include/ability_manager_access_death_recipient.h delete mode 100644 services/common/ability_manager/include/ability_manager_access_proxy.h rename services/common/ability_manager/include/{ability_manager_access_loader.h => ability_manager_adapter.h} (41%) delete mode 100644 services/common/ability_manager/src/ability_manager_access_client.cpp delete mode 100644 services/common/ability_manager/src/ability_manager_access_death_recipient.cpp delete mode 100644 services/common/ability_manager/src/ability_manager_access_loader.cpp rename services/common/ability_manager/src/{ability_manager_access_proxy.cpp => ability_manager_adapter.cpp} (36%) delete mode 100644 services/common/test/BUILD.gn delete mode 100644 services/common/test/unittest/interface_code_test.cpp rename services/{common/ability_manager/include/ability_manager_access_client.h => privacymanager/include/sensitive/ability_manager/ability_manager_adapter.h} (39%) rename services/privacymanager/include/sensitive/audio_manager/{audio_manager_privacy_client.h => audio_manager_adapter.h} (49%) delete mode 100644 services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_death_recipient.h delete mode 100644 services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_proxy.h rename services/privacymanager/include/sensitive/camera_manager/{camera_manager_privacy_client.h => camera_manager_adapter.h} (48%) delete mode 100644 services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_death_recipient.h delete mode 100644 services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_proxy.h create mode 100644 services/privacymanager/src/sensitive/ability_manager/ability_manager_adapter.cpp create mode 100644 services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp delete mode 100644 services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_client.cpp delete mode 100644 services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp delete mode 100644 services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp create mode 100644 services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp delete mode 100644 services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_client.cpp delete mode 100644 services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp delete mode 100644 services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp diff --git a/BUILD.gn b/BUILD.gn index 818f325b3..f463e1810 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -32,7 +32,6 @@ group("accesstoken_build_module_test") { ] if (ability_base_enable == true) { deps += [ - "services/common/test:unittest", "services/el5filekeymanager/test:unittest", "services/privacymanager/test:unittest", ] diff --git a/access_token.gni b/access_token.gni index 3c8f3ea55..c3c49eff5 100644 --- a/access_token.gni +++ b/access_token.gni @@ -12,7 +12,9 @@ # limitations under the License. access_token_path = "//base/security/access_token" +ability_runtime_path = "//foundation/ability/ability_runtime" audio_framework_path = "//foundation/multimedia/audio_framework" +camera_framework_path = "//foundation/multimedia/camera_framework" module_output_path_interface_privacy = "access_token/access_token/interface_privacy" module_output_path_interface_access_token = diff --git a/bundle.json b/bundle.json index 207d968ef..dbf57232b 100644 --- a/bundle.json +++ b/bundle.json @@ -30,9 +30,11 @@ "components": [ "ability_base", "ability_runtime", + "audio_framework", "ace_engine", "bounds_checking_function", "c_utils", + "camera_framework", "cJSON", "common_event_service", "config_policy", diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 59227ab8e..1d8532859 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -59,10 +59,10 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init"; constexpr int32_t ERROR = -1; constexpr int TWO_ARGS = 2; -const std::string GRANT_ABILITY_BUNDLE_NAME = "com.ohos.permissionmanager"; -const std::string GRANT_ABILITY_ABILITY_NAME = "com.ohos.permissionmanager.GrantAbility"; -const std::string PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.PermissionStateSheetAbility"; -const std::string GLOBAL_SWITCH_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.GlobalSwitchSheetAbility"; +const char* GRANT_ABILITY_BUNDLE_NAME = "com.ohos.permissionmanager"; +const char* GRANT_ABILITY_ABILITY_NAME = "com.ohos.permissionmanager.GrantAbility"; +const char* PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.PermissionStateSheetAbility"; +const char* GLOBAL_SWITCH_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.GlobalSwitchSheetAbility"; } const bool REGISTER_RESULT = diff --git a/services/common/BUILD.gn b/services/common/BUILD.gn index 4f82a545b..1c603ea50 100644 --- a/services/common/BUILD.gn +++ b/services/common/BUILD.gn @@ -84,18 +84,6 @@ ohos_static_library("accesstoken_service_common") { external_deps += [ "eventhandler:libeventhandler" ] } - if (ability_base_enable == true) { - include_dirs += [ "ability_manager/include" ] - - sources += [ - "ability_manager/src/ability_manager_access_client.cpp", - "ability_manager/src/ability_manager_access_death_recipient.cpp", - "ability_manager/src/ability_manager_access_proxy.cpp", - ] - - external_deps += [ "ability_base:want" ] - } - if (use_musl) { if (musl_use_jemalloc && musl_use_jemalloc_dfx_intf) { cflags_cc += [ "-DCONFIG_USE_JEMALLOC_DFX_INTF" ] diff --git a/services/common/ability_manager/BUILD.gn b/services/common/ability_manager/BUILD.gn deleted file mode 100644 index 8b2a70245..000000000 --- a/services/common/ability_manager/BUILD.gn +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/ohos.gni") -import("../../../access_token.gni") - -config("accesstoken_abillity_manager_config") { - visibility = [ ":*" ] - include_dirs = [ "include" ] -} - -ohos_shared_library("accesstoken_ability_manager_adapter") { - if (is_standard_system && ability_base_enable && - !ohos_indep_compiler_enable) { - subsystem_name = "security" - part_name = "access_token" - sanitize = { - cfi = true - cfi_cross_dso = true - debug = false - } - branch_protector_ret = "pac_ret" - - include_dirs = [ "include" ] - - sources = [ "src/ability_manager_access_loader.cpp" ] - - cflags_cc = [ "-fvisibility=hidden" ] - configs = [ - "${access_token_path}/config:access_token_compile_flags", - "${access_token_path}/config:coverage_flags", - ] - public_configs = [ ":accesstoken_abillity_manager_config" ] - - external_deps = [ - "ability_base:want", - "ability_runtime:ability_manager", - "c_utils:utils", - "ipc:ipc_core", - ] - } -} diff --git a/services/common/ability_manager/include/ability_manager_access_death_recipient.h b/services/common/ability_manager/include/ability_manager_access_death_recipient.h deleted file mode 100644 index fa063157d..000000000 --- a/services/common/ability_manager/include/ability_manager_access_death_recipient.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef ABILITY_MANAGER_ACCESS_DEATH_RECIPIENT_H -#define ABILITY_MANAGER_ACCESS_DEATH_RECIPIENT_H - -#include "iremote_object.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AbilityManagerAccessDeathRecipient : public IRemoteObject::DeathRecipient { -public: - AbilityManagerAccessDeathRecipient() {} - virtual ~AbilityManagerAccessDeathRecipient() override = default; - void OnRemoteDied(const wptr& object) override; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ABILITY_MANAGER_ACCESS_DEATH_RECIPIENT_H - diff --git a/services/common/ability_manager/include/ability_manager_access_proxy.h b/services/common/ability_manager/include/ability_manager_access_proxy.h deleted file mode 100644 index 6ca8d1c3d..000000000 --- a/services/common/ability_manager/include/ability_manager_access_proxy.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef OHOS_ABILITY_MANAGER_ACCESS_PROXY_H -#define OHOS_ABILITY_MANAGER_ACCESS_PROXY_H - -#include - -#include "service_ipc_interface_code.h" -#include "want.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -const int DEFAULT_INVAL_VALUE = -1; -class IAbilityManager : public IRemoteBroker { -public: - DECLARE_INTERFACE_DESCRIPTOR(u"ohos.aafwk.AbilityManager") - - virtual int StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int requestCode = DEFAULT_INVAL_VALUE, int32_t userId = DEFAULT_INVAL_VALUE) = 0; -}; - -class AbilityManagerAccessProxy : public IRemoteProxy { -public: - explicit AbilityManagerAccessProxy(const sptr& impl) : IRemoteProxy(impl) {} - - ~AbilityManagerAccessProxy() {} - int StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int requestCode = DEFAULT_INVAL_VALUE, int32_t userId = DEFAULT_INVAL_VALUE) override; - -private: - static inline BrokerDelegator delegator_; -}; -} -} -} -#endif // OHOS_ABILITY_MANAGER_ACCESS_PROXY_H diff --git a/services/common/ability_manager/include/ability_manager_access_loader.h b/services/common/ability_manager/include/ability_manager_adapter.h similarity index 41% rename from services/common/ability_manager/include/ability_manager_access_loader.h rename to services/common/ability_manager/include/ability_manager_adapter.h index 631a70e51..09f982a0a 100644 --- a/services/common/ability_manager/include/ability_manager_access_loader.h +++ b/services/common/ability_manager/include/ability_manager_adapter.h @@ -1,55 +1,63 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ABILITY_MANAGER_ACCESS_LOADER_H -#define ABILITY_MANAGER_ACCESS_LOADER_H - -#include - -#include "want.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { - const int32_t DEFAULT_VALUE = -1; -} -const static std::string ABILITY_MANAGER_LIBPATH = "libaccesstoken_ability_manager_adapter.z.so"; - -class AbilityManagerAccessLoaderInterface { -public: - AbilityManagerAccessLoaderInterface() {} - virtual ~AbilityManagerAccessLoaderInterface() {} - virtual int32_t StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int32_t requestCode = DEFAULT_VALUE, int32_t userId = DEFAULT_VALUE); -}; - -class AbilityManagerAccessLoader final: public AbilityManagerAccessLoaderInterface { - int32_t StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int32_t requestCode = DEFAULT_VALUE, int32_t userId = DEFAULT_VALUE) override; -}; - -#ifdef __cplusplus -extern "C" { -#endif - void* Create(); - void Destroy(void* loaderPtr); -#ifdef __cplusplus -} -#endif -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ABILITY_MANAGER_ACCESS_LOADER_H \ No newline at end of file +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H +#define ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H + +#include +#include "want.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using namespace AAFwk; +/** + * @class AbilityManagerAdapter + * AbilityManagerAdapter is used to access ability manager services. + */ +class AbilityManagerAdapter { +private: + AbilityManagerAdapter(); + virtual ~AbilityManagerAdapter(); + DISALLOW_COPY_AND_MOVE(AbilityManagerAdapter); + +public: + static AbilityManagerAdapter& GetInstance(); + + int32_t StartAbility(const AAFwk::Want &want, const sptr &callerToken); + +private: + void InitProxy(); + + class AbilityMgrDeathRecipient : public IRemoteObject::DeathRecipient { + public: + AbilityMgrDeathRecipient() = default; + ~AbilityMgrDeathRecipient() override = default; + void OnRemoteDied(const wptr& remote) override; + private: + DISALLOW_COPY_AND_MOVE(AbilityMgrDeathRecipient); + }; + + sptr GetProxy(); + void ReleaseProxy(const wptr& remote); + + std::mutex proxyMutex_; + sptr proxy_; + sptr deathRecipient_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H diff --git a/services/common/ability_manager/src/ability_manager_access_client.cpp b/services/common/ability_manager/src/ability_manager_access_client.cpp deleted file mode 100644 index c61859ce5..000000000 --- a/services/common/ability_manager/src/ability_manager_access_client.cpp +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "ability_manager_access_client.h" -#include "access_token_error.h" -#include "accesstoken_log.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AbilityManagerAccessClient" -}; -std::recursive_mutex g_instanceMutex; -} // namespace - -AbilityManagerAccessClient& AbilityManagerAccessClient::GetInstance() -{ - static AbilityManagerAccessClient* instance = nullptr; - if (instance == nullptr) { - std::lock_guard lock(g_instanceMutex); - if (instance == nullptr) { - instance = new AbilityManagerAccessClient(); - } - } - return *instance; -} - -AbilityManagerAccessClient::AbilityManagerAccessClient() -{} - -AbilityManagerAccessClient::~AbilityManagerAccessClient() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -int32_t AbilityManagerAccessClient::StartAbility( - const AAFwk::Want &want, const sptr &callerToken, int requestCode, int32_t userId) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); - return AccessTokenError::ERR_SERVICE_ABNORMAL; - } - ACCESSTOKEN_LOG_INFO(LABEL, "Start ability %{public}s, userId:%{public}d", - want.GetElement().GetAbilityName().c_str(), userId); - return proxy->StartAbility(want, callerToken, userId, requestCode); -} - -void AbilityManagerAccessClient::InitProxy() -{ - auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (sam == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbilityManager is null"); - return; - } - auto abilityManagerSa = sam->GetSystemAbility(ABILITY_MGR_SERVICE_ID); - if (abilityManagerSa == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbility %{public}d is null", ABILITY_MGR_SERVICE_ID); - return; - } - - serviceDeathObserver_ = sptr::MakeSptr(); - if (serviceDeathObserver_ == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Create AbilityManagerAccessDeathRecipient failed"); - return; - } - - if (!abilityManagerSa->IsProxyObject()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Not proxy object"); - return; - } - if (!abilityManagerSa->AddDeathRecipient(serviceDeathObserver_)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Add death recipient failed"); - return; - } - - proxy_ = new AbilityManagerAccessProxy(abilityManagerSa); - if (proxy_ == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Iface_cast get null"); - } -} - -void AbilityManagerAccessClient::OnRemoteDiedHandle() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -sptr AbilityManagerAccessClient::GetProxy() -{ - std::lock_guard lock(proxyMutex_); - if (proxy_ == nullptr) { - InitProxy(); - } - return proxy_; -} - -void AbilityManagerAccessClient::ReleaseProxy() -{ - if (proxy_ != nullptr && serviceDeathObserver_ != nullptr) { - proxy_->AsObject()->RemoveDeathRecipient(serviceDeathObserver_); - } - proxy_ = nullptr; - serviceDeathObserver_ = nullptr; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - diff --git a/services/common/ability_manager/src/ability_manager_access_death_recipient.cpp b/services/common/ability_manager/src/ability_manager_access_death_recipient.cpp deleted file mode 100644 index d8a558f89..000000000 --- a/services/common/ability_manager/src/ability_manager_access_death_recipient.cpp +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "ability_manager_access_death_recipient.h" -#include "accesstoken_log.h" -#include "ability_manager_access_client.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AbilityManagerAccessDeathRecipient"}; -} // namespace - -void AbilityManagerAccessDeathRecipient::OnRemoteDied(const wptr& object) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - AbilityManagerAccessClient::GetInstance().OnRemoteDiedHandle(); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - diff --git a/services/common/ability_manager/src/ability_manager_access_loader.cpp b/services/common/ability_manager/src/ability_manager_access_loader.cpp deleted file mode 100644 index 0cbc5bc93..000000000 --- a/services/common/ability_manager/src/ability_manager_access_loader.cpp +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "ability_manager_access_loader.h" - -#include "ability_manager_client.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -int32_t AbilityManagerAccessLoader::StartAbility( - const AAFwk::Want &want, const sptr &callerToken, int32_t requestCode, int32_t userId) -{ -#ifdef ABILITY_RUNTIME_ENABLE - return AAFwk::AbilityManagerClient::GetInstance()->StartAbility(want, callerToken, requestCode, userId); -#else - return 0; -#endif -} - -extern "C" { -void* Create() -{ - return reinterpret_cast(new AbilityManagerAccessLoader); -} - -void Destroy(void* loaderPtr) -{ - AbilityManagerAccessLoaderInterface* loader = reinterpret_cast(loaderPtr); - if (loader != nullptr) { - delete loader; - } -} -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/common/ability_manager/src/ability_manager_access_proxy.cpp b/services/common/ability_manager/src/ability_manager_adapter.cpp similarity index 36% rename from services/common/ability_manager/src/ability_manager_access_proxy.cpp rename to services/common/ability_manager/src/ability_manager_adapter.cpp index f459b7856..a37557244 100644 --- a/services/common/ability_manager/src/ability_manager_access_proxy.cpp +++ b/services/common/ability_manager/src/ability_manager_adapter.cpp @@ -1,78 +1,150 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "ability_manager_access_proxy.h" -#include "access_token_error.h" -#include "accesstoken_log.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { - constexpr HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AbilityManagerAccessProxy"}; -} - -int AbilityManagerAccessProxy::StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int requestCode, int32_t userId) -{ - MessageParcel data; - MessageParcel reply; - MessageOption option; - - if (!data.WriteInterfaceToken(GetDescriptor())) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - - if (!data.WriteParcelable(&want)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Want write failed."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - if (callerToken) { - if (!data.WriteBool(true) || !data.WriteRemoteObject(callerToken)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "CallerToken and flag write failed."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - } else { - if (!data.WriteBool(false)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Flag write failed."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - } - if (!data.WriteInt32(userId)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "UserId write failed."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteInt32(requestCode)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "RequestCode write failed."); - return AccessTokenError::ERR_WRITE_PARCEL_FAILED; - } - - sptr remote = Remote(); - if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Remote service is null."); - return AccessTokenError::ERR_REMOTE_CONNECTION; - } - int error = remote->SendRequest( - static_cast(AccessAbilityServiceInterfaceCode::START_ABILITY_ADD_CALLER), data, reply, option); - if (error != 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Send request error: %{public}d", error); - return error; - } - return reply.ReadInt32(); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ability_manager_adapter.h" +#include "ability_manager_ipc_interface_code.h" +#include "access_token_error.h" +#include "accesstoken_log.h" +#include +#include "iservice_registry.h" +#include "system_ability_definition.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AbilityManagerAdapter" +}; +const int32_t DEFAULT_INVAL_VALUE = -1; +const std::u16string ABILITY_MGR_DESCRIPTOR = u"ohos.aafwk.AbilityManager"; +} +using namespace AAFwk; +AbilityManagerAdapter& AbilityManagerAdapter::GetInstance() +{ + static AbilityManagerAdapter *instance = new (std::nothrow) AbilityManagerAdapter(); + return *instance; +} + +AbilityManagerAdapter::AbilityManagerAdapter() +{} + +AbilityManagerAdapter::~AbilityManagerAdapter() +{} + +int32_t AbilityManagerAdapter::StartAbility(const AAFwk::Want &want, const sptr &callerToken) +{ + auto abms = GetProxy(); + if (abms == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(ABILITY_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + if (!data.WriteParcelable(&want)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Want write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (callerToken) { + if (!data.WriteBool(true) || !data.WriteRemoteObject(callerToken)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "CallerToken and flag write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + } else { + if (!data.WriteBool(false)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Flag write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + } + if (!data.WriteInt32(DEFAULT_INVAL_VALUE)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UserId write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteInt32(DEFAULT_INVAL_VALUE)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "RequestCode write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = abms->SendRequest(static_cast(AbilityManagerInterfaceCode::START_ABILITY), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadInt32(); +} + +void AbilityManagerAdapter::InitProxy() +{ + if (proxy_ != nullptr) { + return; + } + sptr systemManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemManager == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to get system ability registry."); + return; + } + sptr remoteObj = systemManager->CheckSystemAbility(ABILITY_MGR_SERVICE_ID); + if (remoteObj == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to connect ability manager service."); + return; + } + + deathRecipient_ = sptr(new (std::nothrow) AbilityMgrDeathRecipient()); + if (deathRecipient_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to create AbilityMgrDeathRecipient!"); + return; + } + if ((remoteObj->IsProxyObject()) && (!remoteObj->AddDeathRecipient(deathRecipient_))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Add death recipient to AbilityManagerService failed."); + return; + } + proxy_ = remoteObj; +} + +sptr AbilityManagerAdapter::GetProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} + +void AbilityManagerAdapter::ReleaseProxy(const wptr& remote) +{ + std::lock_guard lock(proxyMutex_); + if ((proxy_ != nullptr) && (proxy_ == remote.promote())) { + proxy_->RemoveDeathRecipient(deathRecipient_); + proxy_ = nullptr; + deathRecipient_ = nullptr; + } +} + +void AbilityManagerAdapter::AbilityMgrDeathRecipient::OnRemoteDied(const wptr& remote) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "AbilityMgrDeathRecipient handle remote died."); + AbilityManagerAdapter::GetInstance().ReleaseProxy(remote); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/common/test/BUILD.gn b/services/common/test/BUILD.gn deleted file mode 100644 index 64387a263..000000000 --- a/services/common/test/BUILD.gn +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/test.gni") -import("../../../access_token.gni") - -if (is_standard_system && ability_base_enable) { - ohos_unittest("libipc_code_test") { - subsystem_name = "security" - part_name = "access_token" - module_out_path = part_name + "/" + part_name - sanitize = { - cfi = true - cfi_cross_dso = true - debug = false - } - branch_protector_ret = "pac_ret" - - include_dirs = [ - "${access_token_path}/frameworks/privacy/include", - "${access_token_path}/frameworks/common/include", - "${access_token_path}/services/common/ability_manager/include", - "${access_token_path}/services/common/app_manager/include", - "${access_token_path}/services/privacymanager/src/camera_manager", - ] - - sources = [ "unittest/interface_code_test.cpp" ] - - cflags_cc = [] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - deps = [ - "${access_token_path}/frameworks/common:accesstoken_common_cxx", - "${access_token_path}/frameworks/privacy:privacy_communication_adapter_cxx", - "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", - "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", - "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", - "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/privacymanager:privacy_manager_service", - ] - - external_deps = [ - "ability_base:want", - "access_token:libaccesstoken_sdk", - "c_utils:utils", - "googletest:gtest_main", - "hilog:libhilog", - "init:libbegetutil", - "ipc:ipc_core", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - "sqlite:sqlite", - ] - - if (audio_framework_enable) { - cflags_cc += [ "-DAUDIO_FRAMEWORK_ENABLE" ] - external_deps += [ "audio_framework:audio_client" ] - } - - if (ability_runtime_enable) { - cflags_cc += [ "-DABILITY_RUNTIME_ENABLE" ] - external_deps += [ - "ability_runtime:ability_manager", - "ability_runtime:app_manager", - ] - } - if (camera_framework_enable) { - cflags_cc += [ "-DCAMERA_FRAMEWORK_ENABLE" ] - external_deps += [ "camera_framework:camera_framework" ] - } - } -} - -group("unittest") { - testonly = true - deps = [ ":libipc_code_test" ] -} diff --git a/services/common/test/unittest/interface_code_test.cpp b/services/common/test/unittest/interface_code_test.cpp deleted file mode 100644 index 84c6f2cf9..000000000 --- a/services/common/test/unittest/interface_code_test.cpp +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "access_token.h" -#include "accesstoken_kit.h" -#ifdef ABILITY_RUNTIME_ENABLE -#include "ams_mgr_interface.h" -#include "app_manager_access_proxy.h" -#include "app_mgr_ipc_interface_code.h" - -#include "ability_manager_ipc_interface_code.h" -#include "iapplication_state_observer.h" -#endif - -#ifdef CAMERA_FRAMEWORK_ENABLE -#include "camera_service_ipc_interface_code.h" -#endif - -#include "privacy_camera_service_ipc_interface_code.h" -#include "service_ipc_interface_code.h" - -using namespace testing::ext; - -namespace OHOS { -namespace Security { -namespace AccessToken { -class IpcCodeTest : public testing::Test { -public: - static void SetUpTestCase(); - static void TearDownTestCase(); - void SetUp(); - void TearDown(); -}; - -void IpcCodeTest::SetUpTestCase() -{ -} - -void IpcCodeTest::TearDownTestCase() -{ -} - -void IpcCodeTest::SetUp() -{ -} - -void IpcCodeTest::TearDown() -{ -} - -#ifdef ABILITY_RUNTIME_ENABLE -/* - * @tc.name: AppManagerCodeTest001 - * @tc.desc: test appMgr ipc code - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(IpcCodeTest, AppManagerCodeTest001, TestSize.Level1) -{ - ASSERT_EQ(static_cast(AppExecFwk::AppMgrInterfaceCode::REGISTER_APPLICATION_STATE_OBSERVER), - static_cast(AccessToken::IAppMgr::Message::REGISTER_APPLICATION_STATE_OBSERVER)); // 12 - ASSERT_EQ(static_cast(AppExecFwk::AppMgrInterfaceCode::UNREGISTER_APPLICATION_STATE_OBSERVER), - static_cast(AccessToken::IAppMgr::Message::UNREGISTER_APPLICATION_STATE_OBSERVER)); // 13 - ASSERT_EQ(static_cast(AppExecFwk::AppMgrInterfaceCode::GET_FOREGROUND_APPLICATIONS), - static_cast(AccessToken::IAppMgr::Message::GET_FOREGROUND_APPLICATIONS)); // 14 -} - -/* - * @tc.name: AmsManagerCodeTest001 - * @tc.desc: test amsMgr ipc code - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(IpcCodeTest, AmsManagerCodeTest001, TestSize.Level1) -{ - ASSERT_EQ(static_cast(AppExecFwk::IAmsMgr::Message::FORCE_KILL_APPLICATION_BY_ACCESS_TOKEN_ID), - static_cast(AccessToken::IAmsMgr::Message::FORCE_KILL_APPLICATION_BY_ACCESS_TOKEN_ID)); -} - -/* - * @tc.name: AmsManagerCodeTest001 - * @tc.desc: test ability manager ipc code - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(IpcCodeTest, AbilityManagerCodeTest001, TestSize.Level1) -{ - ASSERT_EQ(static_cast(AAFwk::AbilityManagerInterfaceCode::START_ABILITY_ADD_CALLER), - static_cast(AccessToken::AccessAbilityServiceInterfaceCode::START_ABILITY_ADD_CALLER)); -} -#endif - -#ifdef CAMERA_FRAMEWORK_ENABLE -/* - * @tc.name: CameraManagerCodeTest001 - * @tc.desc: test camera framework ipc code - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(IpcCodeTest, CameraManagerCodeTest001, TestSize.Level1) -{ - ASSERT_EQ(static_cast(CameraStandard::CameraServiceInterfaceCode::CAMERA_SERVICE_IS_CAMERA_MUTED), - static_cast(AccessToken::PrivacyCameraServiceInterfaceCode::CAMERA_SERVICE_IS_CAMERA_MUTED)); - ASSERT_EQ(static_cast(CameraStandard::CameraServiceInterfaceCode::CAMERA_SERVICE_MUTE_CAMERA_PERSIST), - static_cast(AccessToken::PrivacyCameraServiceInterfaceCode::CAMERA_SERVICE_MUTE_CAMERA_PERSIST)); -} -#endif -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 78b897d8a..ae5ccc07c 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -60,7 +60,6 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/src", - "${access_token_path}/services/common/ability_manager/include", "${access_token_path}/services/common/app_manager/include", "${access_token_path}/services/common/config_policy/include", "${access_token_path}/services/common/database/include", @@ -85,12 +84,8 @@ if (is_standard_system && ability_base_enable == true) { "src/record/on_permission_used_record_callback_proxy.cpp", "src/record/permission_record.cpp", "src/record/permission_record_manager.cpp", - "src/sensitive/audio_manager/audio_manager_privacy_client.cpp", - "src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp", - "src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp", - "src/sensitive/camera_manager/camera_manager_privacy_client.cpp", - "src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp", - "src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp", + "src/sensitive/audio_manager/audio_manager_adapter.cpp", + "src/sensitive/camera_manager/camera_manager_adapter.cpp", "src/service/privacy_manager_service.cpp", "src/service/privacy_manager_stub.cpp", ] @@ -116,7 +111,9 @@ if (is_standard_system && ability_base_enable == true) { external_deps = [ "ability_base:want", + "audio_framework:audio_client", "c_utils:utils", + "camera_framework:camera_framework", "hilog:libhilog", "hisysevent:libhisysevent", "init:libbegetutil", @@ -126,11 +123,6 @@ if (is_standard_system && ability_base_enable == true) { "sqlite:sqlite", ] - if (audio_framework_enable) { - include_dirs += - [ "${audio_framework_path}/services/audio_policy/common/include" ] - } - if (ohos_indep_compiler_enable) { external_deps += [ "bounds_checking_function:libsec_shared", @@ -173,6 +165,12 @@ if (is_standard_system && ability_base_enable == true) { if (access_token_app_security_privacy_service_enable) { cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] + } else { + include_dirs += [ + "${access_token_path}/services/common/ability_manager/include", + "${ability_runtime_path}/interfaces/inner_api/ability_manager/include", + ] + sources += [ "${access_token_path}/services/common/ability_manager/src/ability_manager_adapter.cpp" ] } if (hicollie_enable == true) { diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index eb93848a9..8d53601b1 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -147,14 +147,16 @@ private: void ExecuteAndUpdateRecord(uint32_t tokenId, int32_t pid, ActiveChangeType status); +#ifndef APP_SECURITY_PRIVACY_SERVICE void ExecuteAndUpdateRecordByPerm(const std::string& permissionName, bool switchStatus); + bool ShowGlobalDialog(const std::string& permissionName); +#endif int32_t RemoveRecordFromStartList(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); int32_t AddRecordToStartList(uint32_t tokenId, int32_t pid, const std::string& permissionName, int32_t status); std::string GetDeviceId(AccessTokenID tokenId); void PermListToString(const std::vector& permList); bool GetGlobalSwitchStatus(const std::string& permissionName); - bool ShowGlobalDialog(const std::string& permissionName); void ModifyMuteStatus(const std::string& permissionName, int32_t index, bool isMute); bool GetMuteStatus(const std::string& permissionName, int32_t index); @@ -241,9 +243,10 @@ private: // record config int32_t recordSizeMaximum_ = 0; int32_t recordAgingTime_ = 0; +#ifndef APP_SECURITY_PRIVACY_SERVICE std::string globalDialogBundleName_; std::string globalDialogAbilityName_; - +#endif #ifdef EVENTHANDLER_ENABLE std::shared_ptr deleteEventRunner_; std::shared_ptr deleteEventHandler_; diff --git a/services/common/ability_manager/include/ability_manager_access_client.h b/services/privacymanager/include/sensitive/ability_manager/ability_manager_adapter.h similarity index 39% rename from services/common/ability_manager/include/ability_manager_access_client.h rename to services/privacymanager/include/sensitive/ability_manager/ability_manager_adapter.h index 9805b9614..09f982a0a 100644 --- a/services/common/ability_manager/include/ability_manager_access_client.h +++ b/services/privacymanager/include/sensitive/ability_manager/ability_manager_adapter.h @@ -1,55 +1,63 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ABILITY_MANAGER_ACCESS_CLIENT_H -#define ABILITY_MANAGER_ACCESS_CLIENT_H - -#include -#include - -#include "ability_manager_access_death_recipient.h" -#include "ability_manager_access_proxy.h" -#include "nocopyable.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AbilityManagerAccessClient final { -public: - static AbilityManagerAccessClient& GetInstance(); - - virtual ~AbilityManagerAccessClient(); - - int StartAbility(const AAFwk::Want &want, const sptr &callerToken, - int requestCode = DEFAULT_INVAL_VALUE, int32_t userId = DEFAULT_INVAL_VALUE); - void OnRemoteDiedHandle(); - -private: - AbilityManagerAccessClient(); - DISALLOW_COPY_AND_MOVE(AbilityManagerAccessClient); - - void InitProxy(); - sptr GetProxy(); - void ReleaseProxy(); - - sptr serviceDeathObserver_ = nullptr; - std::mutex proxyMutex_; - sptr proxy_ = nullptr; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ABILITY_MANAGER_ACCESS_CLIENT_H - +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H +#define ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H + +#include +#include "want.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using namespace AAFwk; +/** + * @class AbilityManagerAdapter + * AbilityManagerAdapter is used to access ability manager services. + */ +class AbilityManagerAdapter { +private: + AbilityManagerAdapter(); + virtual ~AbilityManagerAdapter(); + DISALLOW_COPY_AND_MOVE(AbilityManagerAdapter); + +public: + static AbilityManagerAdapter& GetInstance(); + + int32_t StartAbility(const AAFwk::Want &want, const sptr &callerToken); + +private: + void InitProxy(); + + class AbilityMgrDeathRecipient : public IRemoteObject::DeathRecipient { + public: + AbilityMgrDeathRecipient() = default; + ~AbilityMgrDeathRecipient() override = default; + void OnRemoteDied(const wptr& remote) override; + private: + DISALLOW_COPY_AND_MOVE(AbilityMgrDeathRecipient); + }; + + sptr GetProxy(); + void ReleaseProxy(const wptr& remote); + + std::mutex proxyMutex_; + sptr proxy_; + sptr deathRecipient_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESS_TOKEN_ABILITY_MANAGER_ADAPTER_H diff --git a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_client.h b/services/privacymanager/include/sensitive/audio_manager/audio_manager_adapter.h similarity index 49% rename from services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_client.h rename to services/privacymanager/include/sensitive/audio_manager/audio_manager_adapter.h index 433b08da3..224a34d45 100644 --- a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_client.h +++ b/services/privacymanager/include/sensitive/audio_manager/audio_manager_adapter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,42 +13,51 @@ * limitations under the License. */ -#ifndef AUDIO_MANAGER_PRIVACY_CLIENT_H -#define AUDIO_MANAGER_PRIVACY_CLIENT_H +#ifndef ACCESSTOKEN_AUDIO_MANAGER_ADAPTER_H +#define ACCESSTOKEN_AUDIO_MANAGER_ADAPTER_H #include #include -#include "audio_manager_privacy_death_recipient.h" -#include "audio_manager_privacy_proxy.h" +#include #include "nocopyable.h" +#include "privacy_param.h" namespace OHOS { namespace Security { namespace AccessToken { -class AudioManagerPrivacyClient final { +class AudioManagerAdapter final { +private: + AudioManagerAdapter(); + virtual ~AudioManagerAdapter(); + DISALLOW_COPY_AND_MOVE(AudioManagerAdapter); + public: - static AudioManagerPrivacyClient& GetInstance(); - virtual ~AudioManagerPrivacyClient(); + static AudioManagerAdapter& GetInstance(); int32_t SetMicrophoneMutePersistent(const bool isMute, const PolicyType type); bool GetPersistentMicMuteState(); - void OnRemoteDiedHandle(); private: - AudioManagerPrivacyClient(); - DISALLOW_COPY_AND_MOVE(AudioManagerPrivacyClient); - void InitProxy(); - sptr GetProxy(); - void ReleaseProxy(); - sptr serviceDeathObserver_ = nullptr; + class AudioManagerDeathRecipient : public IRemoteObject::DeathRecipient { + public: + AudioManagerDeathRecipient() = default; + ~AudioManagerDeathRecipient() override = default; + void OnRemoteDied(const wptr& remote) override; + private: + DISALLOW_COPY_AND_MOVE(AudioManagerDeathRecipient); + }; + + sptr GetProxy(); + void ReleaseProxy(const wptr& remote); + std::mutex proxyMutex_; - sptr proxy_ = nullptr; + sptr proxy_; + sptr deathRecipient_; }; } // namespace AccessToken } // namespace Security } // namespace OHOS -#endif // AUDIO_MANAGER_PRIVACY_CLIENT_H - +#endif // ACCESSTOKEN_AUDIO_MANAGER_ADAPTER_H diff --git a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_death_recipient.h b/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_death_recipient.h deleted file mode 100644 index f88ac5bb1..000000000 --- a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_death_recipient.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef AUDIO_MGR_DEATH_RECIPIENT_H -#define AUDIO_MGR_DEATH_RECIPIENT_H - -#include "iremote_object.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AudioMgrDeathRecipient : public IRemoteObject::DeathRecipient { -public: - AudioMgrDeathRecipient() {} - virtual ~AudioMgrDeathRecipient() override = default; - void OnRemoteDied(const wptr& object) override; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // AUDIO_MGR_DEATH_RECIPIENT_H - diff --git a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_proxy.h b/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_proxy.h deleted file mode 100644 index a49f2944a..000000000 --- a/services/privacymanager/include/sensitive/audio_manager/audio_manager_privacy_proxy.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef OHOS_AUDIO_MANAGER_PRIVACY_PROXY_H -#define OHOS_AUDIO_MANAGER_PRIVACY_PROXY_H - -#include -#include "privacy_param.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class IAudioPolicy : public IRemoteBroker { -public: - DECLARE_INTERFACE_DESCRIPTOR(u"IAudioPolicy"); - - virtual bool GetPersistentMicMuteState() = 0; - virtual int32_t SetMicrophoneMutePersistent(const bool isMute, const PolicyType type) = 0; -}; - -class AudioManagerPrivacyProxy : public IRemoteProxy { -public: - explicit AudioManagerPrivacyProxy(const sptr &impl) : IRemoteProxy(impl) {} - - virtual ~AudioManagerPrivacyProxy() = default; - - bool GetPersistentMicMuteState() override; - int32_t SetMicrophoneMutePersistent(const bool isMute, const PolicyType type) override; -private: - static inline BrokerDelegator delegator_; -}; -} -} -} -#endif // OHOS_AUDIO_MANAGER_PRIVACY_PROXY_H diff --git a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_client.h b/services/privacymanager/include/sensitive/camera_manager/camera_manager_adapter.h similarity index 48% rename from services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_client.h rename to services/privacymanager/include/sensitive/camera_manager/camera_manager_adapter.h index 9d91757c4..587bb1e14 100644 --- a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_client.h +++ b/services/privacymanager/include/sensitive/camera_manager/camera_manager_adapter.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2024 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,43 +13,51 @@ * limitations under the License. */ -#ifndef CAMERA_MANAGER_PRIVACY_CLIENT_H -#define CAMERA_MANAGER_PRIVACY_CLIENT_H +#ifndef ACCESSTOKEN_CAMERA_MANAGER_ADAPTER_H +#define ACCESSTOKEN_CAMERA_MANAGER_ADAPTER_H #include -#include #include -#include "camera_manager_privacy_death_recipient.h" -#include "camera_manager_privacy_proxy.h" +#include #include "nocopyable.h" +#include "privacy_param.h" namespace OHOS { namespace Security { namespace AccessToken { -class CameraManagerPrivacyClient final { +class CameraManagerAdapter final { +private: + CameraManagerAdapter(); + virtual ~CameraManagerAdapter(); + DISALLOW_COPY_AND_MOVE(CameraManagerAdapter); + public: - static CameraManagerPrivacyClient& GetInstance(); - virtual ~CameraManagerPrivacyClient(); + static CameraManagerAdapter& GetInstance(); int32_t MuteCameraPersist(PolicyType policyType, bool muteMode); bool IsCameraMuted(); - void OnRemoteDiedHandle(); private: - CameraManagerPrivacyClient(); - DISALLOW_COPY_AND_MOVE(CameraManagerPrivacyClient); - void InitProxy(); - sptr GetProxy(); - void ReleaseProxy(); - sptr serviceDeathObserver_ = nullptr; + class CameraManagerDeathRecipient : public IRemoteObject::DeathRecipient { + public: + CameraManagerDeathRecipient() = default; + ~CameraManagerDeathRecipient() override = default; + void OnRemoteDied(const wptr& remote) override; + private: + DISALLOW_COPY_AND_MOVE(CameraManagerDeathRecipient); + }; + + sptr GetProxy(); + void ReleaseProxy(const wptr& remote); + std::mutex proxyMutex_; - sptr proxy_ = nullptr; + sptr proxy_; + sptr deathRecipient_; }; } // namespace AccessToken } // namespace Security } // namespace OHOS -#endif // CAMERA_MANAGER_PRIVACY_CLIENT_H - +#endif // ACCESSTOKEN_CAMERA_MANAGER_ADAPTER_H diff --git a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_death_recipient.h b/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_death_recipient.h deleted file mode 100644 index 334392cd1..000000000 --- a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_death_recipient.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef CAMERA_MANAGER_PRIVACY_DEATH_RECIPIENT_H -#define CAMERA_MANAGER_PRIVACY_DEATH_RECIPIENT_H - -#include "iremote_object.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class CameraManagerPrivacyDeathRecipient : public IRemoteObject::DeathRecipient { -public: - CameraManagerPrivacyDeathRecipient() {} - virtual ~CameraManagerPrivacyDeathRecipient() override = default; - void OnRemoteDied(const wptr& object) override; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // CAMERA_MANAGER_PRIVACY_DEATH_RECIPIENT_H - diff --git a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_proxy.h b/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_proxy.h deleted file mode 100644 index d6240cc67..000000000 --- a/services/privacymanager/include/sensitive/camera_manager/camera_manager_privacy_proxy.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef OHOS_CAMERA_MANAGER_PRIVACY_PROXY_H -#define OHOS_CAMERA_MANAGER_PRIVACY_PROXY_H - -#include - -#include "privacy_camera_service_ipc_interface_code.h" -#include "privacy_param.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class ICameraService : public IRemoteBroker { -public: - DECLARE_INTERFACE_DESCRIPTOR(u"ICameraService"); - - virtual int32_t MuteCameraPersist(PolicyType policyType, bool muteMode) = 0; - virtual int32_t IsCameraMuted(bool &muteMode) = 0; -}; - -class CameraManagerPrivacyProxy : public IRemoteProxy { -public: - explicit CameraManagerPrivacyProxy(const sptr &impl) : IRemoteProxy(impl) {} - - virtual ~CameraManagerPrivacyProxy() = default; - - int32_t MuteCameraPersist(PolicyType policyType, bool muteMode) override; - int32_t IsCameraMuted(bool &muteMode) override; -private: - static inline BrokerDelegator delegator_; -}; -} -} -} -#endif // OHOS_CAMERA_MANAGER_PRIVACY_PROXY_H diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 0252a9fa1..def9a5c8f 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -19,14 +19,16 @@ #include #include -#include "ability_manager_access_client.h" +#ifndef APP_SECURITY_PRIVACY_SERVICE +#include "ability_manager_adapter.h" +#endif #include "access_token.h" #include "accesstoken_kit.h" #include "accesstoken_log.h" #include "active_status_callback_manager.h" #include "app_manager_access_client.h" -#include "audio_manager_privacy_client.h" -#include "camera_manager_privacy_client.h" +#include "audio_manager_adapter.h" +#include "camera_manager_adapter.h" #include "config_policy_loader.h" #include "constant.h" #include "constant_common.h" @@ -64,9 +66,11 @@ constexpr const char* CAMERA_PERMISSION_NAME = "ohos.permission.CAMERA"; constexpr const char* MICROPHONE_PERMISSION_NAME = "ohos.permission.MICROPHONE"; constexpr const char* EDM_MIC_MUTE_KEY = "persist.edm.mic_disable"; constexpr const char* EDM_CAMERA_MUTE_KEY = "persist.edm.camera_disable"; +#ifndef APP_SECURITY_PRIVACY_SERVICE constexpr const char* DEFAULT_PERMISSION_MANAGER_BUNDLE_NAME = "com.ohos.permissionmanager"; constexpr const char* DEFAULT_PERMISSION_MANAGER_DIALOG_ABILITY = "com.ohos.permissionmanager.GlobalExtAbility"; constexpr const char* RESOURCE_KEY = "ohos.sensitive.resource"; +#endif static const int32_t DEFAULT_PERMISSION_USED_RECORD_SIZE_MAXIMUM = 500000; static const int32_t DEFAULT_PERMISSION_USED_RECORD_AGING_TIME = 7; static const uint32_t NORMAL_TYPE_ADD_VALUE = 1; @@ -1052,7 +1056,7 @@ void PermissionRecordManager::ExecuteAndUpdateRecordByPerm(const std::string& pe CallbackExecute(record.tokenId, permissionName, record.status); } } -#endif + bool PermissionRecordManager::ShowGlobalDialog(const std::string& permissionName) { std::string resource; @@ -1068,13 +1072,14 @@ bool PermissionRecordManager::ShowGlobalDialog(const std::string& permissionName AAFwk::Want want; want.SetElementName(globalDialogBundleName_, globalDialogAbilityName_); want.SetParam(RESOURCE_KEY, resource); - ErrCode err = AbilityManagerAccessClient::GetInstance().StartAbility(want, nullptr); + ErrCode err = AbilityManagerAdapter::GetInstance().StartAbility(want, nullptr); if (err != ERR_OK) { ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to StartAbility, err:%{public}d", err); return false; } return true; } +#endif void PermissionRecordManager::ExecuteAllCameraExecuteCallback() { @@ -1616,7 +1621,7 @@ bool PermissionRecordManager::RegisterWindowCallback() void PermissionRecordManager::InitializeMuteState(const std::string& permissionName) { if (permissionName == MICROPHONE_PERMISSION_NAME) { - bool isMicMute = AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState(); + bool isMicMute = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState(); ACCESSTOKEN_LOG_INFO(LABEL, "Mic mute state: %{public}d.", isMicMute); ModifyMuteStatus(MICROPHONE_PERMISSION_NAME, MIXED, isMicMute); { @@ -1632,7 +1637,7 @@ void PermissionRecordManager::InitializeMuteState(const std::string& permissionN } } } else if (permissionName == CAMERA_PERMISSION_NAME) { - bool isCameraMute = CameraManagerPrivacyClient::GetInstance().IsCameraMuted(); + bool isCameraMute = CameraManagerAdapter::GetInstance().IsCameraMuted(); ACCESSTOKEN_LOG_INFO(LABEL, "Camera mute state: %{public}d.", isCameraMute); ModifyMuteStatus(CAMERA_PERMISSION_NAME, MIXED, isCameraMute); { @@ -1770,8 +1775,10 @@ void PermissionRecordManager::SetDefaultConfigValue() { recordSizeMaximum_ = DEFAULT_PERMISSION_USED_RECORD_SIZE_MAXIMUM; recordAgingTime_ = DEFAULT_PERMISSION_USED_RECORD_AGING_TIME; +#ifndef APP_SECURITY_PRIVACY_SERVICE globalDialogBundleName_ = DEFAULT_PERMISSION_MANAGER_BUNDLE_NAME; globalDialogAbilityName_ = DEFAULT_PERMISSION_MANAGER_DIALOG_ABILITY; +#endif } void PermissionRecordManager::GetConfigValue() @@ -1789,17 +1796,18 @@ void PermissionRecordManager::GetConfigValue() ? DEFAULT_PERMISSION_USED_RECORD_SIZE_MAXIMUM : value.pConfig.sizeMaxImum; recordAgingTime_ = value.pConfig.agingTime == 0 ? DEFAULT_PERMISSION_USED_RECORD_AGING_TIME : value.pConfig.agingTime; +#ifndef APP_SECURITY_PRIVACY_SERVICE globalDialogBundleName_ = value.pConfig.globalDialogBundleName.empty() ? DEFAULT_PERMISSION_MANAGER_BUNDLE_NAME : value.pConfig.globalDialogBundleName; globalDialogAbilityName_ = value.pConfig.globalDialogAbilityName.empty() ? DEFAULT_PERMISSION_MANAGER_DIALOG_ABILITY : value.pConfig.globalDialogAbilityName; +#endif } else { SetDefaultConfigValue(); } - ACCESSTOKEN_LOG_INFO(LABEL, "RecordSizeMaximum_ is %{public}d, recordAgingTime_ is %{public}d," - " globalDialogBundleName_ is %{public}s, globalDialogAbilityName_ is %{public}s.", - recordSizeMaximum_, recordAgingTime_, globalDialogBundleName_.c_str(), globalDialogAbilityName_.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "RecordSizeMaximum_ is %{public}d, recordAgingTime_ is %{public}d", + recordSizeMaximum_, recordAgingTime_); } uint64_t PermissionRecordManager::GetUniqueId(uint32_t tokenId, int32_t pid) const diff --git a/services/privacymanager/src/sensitive/ability_manager/ability_manager_adapter.cpp b/services/privacymanager/src/sensitive/ability_manager/ability_manager_adapter.cpp new file mode 100644 index 000000000..a37557244 --- /dev/null +++ b/services/privacymanager/src/sensitive/ability_manager/ability_manager_adapter.cpp @@ -0,0 +1,150 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ability_manager_adapter.h" +#include "ability_manager_ipc_interface_code.h" +#include "access_token_error.h" +#include "accesstoken_log.h" +#include +#include "iservice_registry.h" +#include "system_ability_definition.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AbilityManagerAdapter" +}; +const int32_t DEFAULT_INVAL_VALUE = -1; +const std::u16string ABILITY_MGR_DESCRIPTOR = u"ohos.aafwk.AbilityManager"; +} +using namespace AAFwk; +AbilityManagerAdapter& AbilityManagerAdapter::GetInstance() +{ + static AbilityManagerAdapter *instance = new (std::nothrow) AbilityManagerAdapter(); + return *instance; +} + +AbilityManagerAdapter::AbilityManagerAdapter() +{} + +AbilityManagerAdapter::~AbilityManagerAdapter() +{} + +int32_t AbilityManagerAdapter::StartAbility(const AAFwk::Want &want, const sptr &callerToken) +{ + auto abms = GetProxy(); + if (abms == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(ABILITY_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + if (!data.WriteParcelable(&want)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Want write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (callerToken) { + if (!data.WriteBool(true) || !data.WriteRemoteObject(callerToken)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "CallerToken and flag write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + } else { + if (!data.WriteBool(false)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Flag write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + } + if (!data.WriteInt32(DEFAULT_INVAL_VALUE)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UserId write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteInt32(DEFAULT_INVAL_VALUE)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "RequestCode write failed."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = abms->SendRequest(static_cast(AbilityManagerInterfaceCode::START_ABILITY), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadInt32(); +} + +void AbilityManagerAdapter::InitProxy() +{ + if (proxy_ != nullptr) { + return; + } + sptr systemManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemManager == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to get system ability registry."); + return; + } + sptr remoteObj = systemManager->CheckSystemAbility(ABILITY_MGR_SERVICE_ID); + if (remoteObj == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to connect ability manager service."); + return; + } + + deathRecipient_ = sptr(new (std::nothrow) AbilityMgrDeathRecipient()); + if (deathRecipient_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to create AbilityMgrDeathRecipient!"); + return; + } + if ((remoteObj->IsProxyObject()) && (!remoteObj->AddDeathRecipient(deathRecipient_))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Add death recipient to AbilityManagerService failed."); + return; + } + proxy_ = remoteObj; +} + +sptr AbilityManagerAdapter::GetProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} + +void AbilityManagerAdapter::ReleaseProxy(const wptr& remote) +{ + std::lock_guard lock(proxyMutex_); + if ((proxy_ != nullptr) && (proxy_ == remote.promote())) { + proxy_->RemoveDeathRecipient(deathRecipient_); + proxy_ = nullptr; + deathRecipient_ = nullptr; + } +} + +void AbilityManagerAdapter::AbilityMgrDeathRecipient::OnRemoteDied(const wptr& remote) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "AbilityMgrDeathRecipient handle remote died."); + AbilityManagerAdapter::GetInstance().ReleaseProxy(remote); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp b/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp new file mode 100644 index 000000000..fb9926009 --- /dev/null +++ b/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp @@ -0,0 +1,170 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "audio_manager_adapter.h" +#include "access_token_error.h" +#include "accesstoken_log.h" +#include "audio_policy_ipc_interface_code.h" +#include +#include "iservice_registry.h" +#include "system_ability_definition.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AudioManagerAdapter" +}; + + + + + + + + + + +const std::u16string AUDIO_MGR_DESCRIPTOR = u"IAudioPolicy"; +} + +AudioManagerAdapter& AudioManagerAdapter::GetInstance() +{ + static AudioManagerAdapter *instance = new (std::nothrow) AudioManagerAdapter(); + return *instance; +} + +AudioManagerAdapter::AudioManagerAdapter() +{} + +AudioManagerAdapter::~AudioManagerAdapter() +{} + +int32_t AudioManagerAdapter::SetMicrophoneMutePersistent(const bool isMute, const PolicyType type) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(AUDIO_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteBool(isMute)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write isMute."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteInt32(static_cast(type))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write type."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = proxy->SendRequest( + static_cast(AudioStandard::AudioPolicyInterfaceCode::SET_MICROPHONE_MUTE_PERSISTENT), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadInt32(); +} + +bool AudioManagerAdapter::GetPersistentMicMuteState() +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(AUDIO_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = proxy->SendRequest( + static_cast(AudioStandard::AudioPolicyInterfaceCode::GET_MICROPHONE_MUTE_PERSISTENT), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadBool(); +} + +void AudioManagerAdapter::InitProxy() +{ + if (proxy_ != nullptr) { + return; + } + sptr systemManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemManager == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to get system ability registry."); + return; + } + sptr remoteObj = systemManager->CheckSystemAbility(AUDIO_POLICY_SERVICE_ID); + if (remoteObj == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to connect ability manager service."); + return; + } + + deathRecipient_ = sptr(new (std::nothrow) AudioManagerDeathRecipient()); + if (deathRecipient_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to create AudioManagerDeathRecipient!"); + return; + } + if ((remoteObj->IsProxyObject()) && (!remoteObj->AddDeathRecipient(deathRecipient_))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Add death recipient to AbilityManagerService failed."); + return; + } + proxy_ = remoteObj; +} + +sptr AudioManagerAdapter::GetProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} + +void AudioManagerAdapter::ReleaseProxy(const wptr& remote) +{ + std::lock_guard lock(proxyMutex_); + if ((proxy_ != nullptr) && (proxy_ == remote.promote())) { + proxy_->RemoveDeathRecipient(deathRecipient_); + proxy_ = nullptr; + deathRecipient_ = nullptr; + } +} + +void AudioManagerAdapter::AudioManagerDeathRecipient::OnRemoteDied(const wptr& remote) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "AudioManagerDeathRecipient handle remote died."); + AudioManagerAdapter::GetInstance().ReleaseProxy(remote); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_client.cpp b/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_client.cpp deleted file mode 100644 index 4965d73f6..000000000 --- a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_client.cpp +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "audio_manager_privacy_client.h" -#include - -#include "accesstoken_log.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_PRIVACY, "AudioManagerPrivacyClient" -}; -std::recursive_mutex g_instanceMutex; -} // namespace - -AudioManagerPrivacyClient& AudioManagerPrivacyClient::GetInstance() -{ - static AudioManagerPrivacyClient* instance = nullptr; - if (instance == nullptr) { - std::lock_guard lock(g_instanceMutex); - if (instance == nullptr) { - instance = new AudioManagerPrivacyClient(); - } - } - return *instance; -} - -AudioManagerPrivacyClient::AudioManagerPrivacyClient() -{} - -AudioManagerPrivacyClient::~AudioManagerPrivacyClient() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -int32_t AudioManagerPrivacyClient::SetMicrophoneMutePersistent(const bool isMute, const PolicyType type) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); - return -1; - } - return proxy->SetMicrophoneMutePersistent(isMute, type); -} - -bool AudioManagerPrivacyClient::GetPersistentMicMuteState() -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); - return false; - } - return proxy->GetPersistentMicMuteState(); -} - -void AudioManagerPrivacyClient::InitProxy() -{ - auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (sam == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbilityManager is null"); - return; - } - auto audioManagerSa = sam->GetSystemAbility(AUDIO_POLICY_SERVICE_ID); - if (audioManagerSa == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbility %{public}d is null", - AUDIO_POLICY_SERVICE_ID); - return; - } - - serviceDeathObserver_ = sptr::MakeSptr(); - if (serviceDeathObserver_ != nullptr) { - audioManagerSa->AddDeathRecipient(serviceDeathObserver_); - } - - proxy_ = new AudioManagerPrivacyProxy(audioManagerSa); - if (proxy_ == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Iface_cast get null"); - } -} - -void AudioManagerPrivacyClient::OnRemoteDiedHandle() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -sptr AudioManagerPrivacyClient::GetProxy() -{ - std::lock_guard lock(proxyMutex_); - if (proxy_ == nullptr) { - InitProxy(); - } - return proxy_; -} - -void AudioManagerPrivacyClient::ReleaseProxy() -{ - if (proxy_ != nullptr && serviceDeathObserver_ != nullptr) { - proxy_->AsObject()->RemoveDeathRecipient(serviceDeathObserver_); - } - proxy_ = nullptr; - serviceDeathObserver_ = nullptr; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - diff --git a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp b/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp deleted file mode 100644 index 6159efb57..000000000 --- a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "audio_manager_privacy_death_recipient.h" - -#include "accesstoken_log.h" -#include "audio_manager_privacy_client.h" -#include "permission_record_manager.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_PRIVACY, "AudioMgrDeathRecipient" -}; -} // namespace - -void AudioMgrDeathRecipient::OnRemoteDied(const wptr& object) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - AudioManagerPrivacyClient::GetInstance().OnRemoteDiedHandle(); - PermissionRecordManager::GetInstance().OnAudioMgrRemoteDiedHandle(); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp b/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp deleted file mode 100644 index a9637e011..000000000 --- a/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "audio_manager_privacy_proxy.h" - -#include "accesstoken_log.h" -#include "audio_policy_ipc_interface_code.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -constexpr HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PRIVACY, "AudioManagerPrivacyProxy"}; -static constexpr int32_t ERROR = -1; -} - -bool AudioManagerPrivacyProxy::GetPersistentMicMuteState() -{ - MessageParcel data; - MessageParcel reply; - MessageOption option; - if (!data.WriteInterfaceToken(GetDescriptor())) { - ACCESSTOKEN_LOG_ERROR(LABEL, "WriteInterfaceToken failed"); - return false; - } - sptr remote = Remote(); - if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Remote service is null."); - return false; - } - int32_t error = remote->SendRequest(static_cast( - AudioStandard::AudioPolicyInterfaceCode::GET_MICROPHONE_MUTE_PERSISTENT), data, reply, option); - if (error != ERR_NONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetPersistentMicMuteState failed, error: %{public}d", error); - return false; - } - bool isMute = reply.ReadBool(); - ACCESSTOKEN_LOG_INFO(LABEL, "Mic mute state: %{public}d", isMute); - return isMute; -} - -int32_t AudioManagerPrivacyProxy::SetMicrophoneMutePersistent(const bool isMute, const PolicyType type) -{ - MessageParcel data; - MessageParcel reply; - MessageOption option; - if (!data.WriteInterfaceToken(GetDescriptor())) { - ACCESSTOKEN_LOG_ERROR(LABEL, "WriteInterfaceToken failed"); - return ERROR; - } - data.WriteBool(isMute); - data.WriteInt32(static_cast(type)); - sptr remote = Remote(); - if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Remote service is null."); - return ERROR; - } - int32_t error = remote->SendRequest(static_cast( - AudioStandard::AudioPolicyInterfaceCode::SET_MICROPHONE_MUTE_PERSISTENT), data, reply, option); - if (error != ERR_NONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Set microphoneMute failed, error: %d", error); - return error; - } - int32_t ret = reply.ReadInt32(); - ACCESSTOKEN_LOG_INFO(LABEL, "Set mute result: %{public}d", ret); - return ret; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp b/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp new file mode 100644 index 000000000..f79ac1f5b --- /dev/null +++ b/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "camera_manager_adapter.h" +#include "access_token_error.h" +#include "accesstoken_log.h" +#include "camera_service_ipc_interface_code.h" +#include +#include "iservice_registry.h" +#include "system_ability_definition.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "CameraManagerAdapter" +}; +const std::u16string AUDIO_MGR_DESCRIPTOR = u"ICameraService"; +} + +CameraManagerAdapter& CameraManagerAdapter::GetInstance() +{ + static CameraManagerAdapter *instance = new (std::nothrow) CameraManagerAdapter(); + return *instance; +} + +CameraManagerAdapter::CameraManagerAdapter() +{} + +CameraManagerAdapter::~CameraManagerAdapter() +{} + +int32_t CameraManagerAdapter::MuteCameraPersist(PolicyType policyType, bool muteMode) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(AUDIO_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteInt32(static_cast(policyType))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write policyType."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + if (!data.WriteBool(muteMode)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write muteMode."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = proxy->SendRequest( + static_cast(CameraStandard::CameraServiceInterfaceCode::CAMERA_SERVICE_MUTE_CAMERA_PERSIST), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadInt32(); +} + +bool CameraManagerAdapter::IsCameraMuted() +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetProxy."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + + MessageParcel data; + MessageParcel reply; + MessageOption option; + + if (!data.WriteInterfaceToken(AUDIO_MGR_DESCRIPTOR)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken."); + return AccessTokenError::ERR_WRITE_PARCEL_FAILED; + } + int32_t error = proxy->SendRequest( + static_cast(CameraStandard::CameraServiceInterfaceCode::CAMERA_SERVICE_IS_CAMERA_MUTED), + data, reply, option); + if (error != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest error: %{public}d", error); + return error; + } + return reply.ReadBool(); +} + +void CameraManagerAdapter::InitProxy() +{ + if (proxy_ != nullptr) { + return; + } + sptr systemManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (systemManager == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to get system ability registry."); + return; + } + sptr remoteObj = systemManager->CheckSystemAbility(AUDIO_POLICY_SERVICE_ID); + if (remoteObj == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Fail to connect ability manager service."); + return; + } + + deathRecipient_ = sptr(new (std::nothrow) CameraManagerDeathRecipient()); + if (deathRecipient_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to create CameraManagerDeathRecipient!"); + return; + } + if ((remoteObj->IsProxyObject()) && (!remoteObj->AddDeathRecipient(deathRecipient_))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Add death recipient to AbilityManagerService failed."); + return; + } + proxy_ = remoteObj; +} + +sptr CameraManagerAdapter::GetProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} + +void CameraManagerAdapter::ReleaseProxy(const wptr& remote) +{ + std::lock_guard lock(proxyMutex_); + if ((proxy_ != nullptr) && (proxy_ == remote.promote())) { + proxy_->RemoveDeathRecipient(deathRecipient_); + proxy_ = nullptr; + deathRecipient_ = nullptr; + } +} + +void CameraManagerAdapter::CameraManagerDeathRecipient::OnRemoteDied(const wptr& remote) +{ + ACCESSTOKEN_LOG_ERROR(LABEL, "CameraManagerDeathRecipient handle remote died."); + CameraManagerAdapter::GetInstance().ReleaseProxy(remote); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_client.cpp b/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_client.cpp deleted file mode 100644 index a590ca034..000000000 --- a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_client.cpp +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "camera_manager_privacy_client.h" - -#include "accesstoken_log.h" -#include "iservice_registry.h" -#include "system_ability_definition.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_PRIVACY, "CameraManagerPrivacyClient" -}; -std::recursive_mutex g_instanceMutex; -} // namespace - -CameraManagerPrivacyClient& CameraManagerPrivacyClient::GetInstance() -{ - static CameraManagerPrivacyClient* instance = nullptr; - if (instance == nullptr) { - std::lock_guard lock(g_instanceMutex); - if (instance == nullptr) { - instance = new CameraManagerPrivacyClient(); - } - } - return *instance; -} - -CameraManagerPrivacyClient::CameraManagerPrivacyClient() -{} - -CameraManagerPrivacyClient::~CameraManagerPrivacyClient() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -int32_t CameraManagerPrivacyClient::MuteCameraPersist(PolicyType policyType, bool muteMode) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); - return -1; - } - return proxy->MuteCameraPersist(policyType, muteMode); -} - -bool CameraManagerPrivacyClient::IsCameraMuted() -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); - return false; - } - bool muteMode = false; - proxy->IsCameraMuted(muteMode); - return muteMode; -} - -void CameraManagerPrivacyClient::InitProxy() -{ - auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (sam == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbilityManager is null"); - return; - } - auto cameraManagerSa = sam->GetSystemAbility(CAMERA_SERVICE_ID); - if (cameraManagerSa == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbility %{public}d is null", - CAMERA_SERVICE_ID); - return; - } - - serviceDeathObserver_ = sptr::MakeSptr(); - if (serviceDeathObserver_ != nullptr) { - cameraManagerSa->AddDeathRecipient(serviceDeathObserver_); - } - - proxy_ = new CameraManagerPrivacyProxy(cameraManagerSa); - if (proxy_ == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Iface_cast get null"); - } -} - -void CameraManagerPrivacyClient::OnRemoteDiedHandle() -{ - std::lock_guard lock(proxyMutex_); - ReleaseProxy(); -} - -sptr CameraManagerPrivacyClient::GetProxy() -{ - std::lock_guard lock(proxyMutex_); - if (proxy_ == nullptr) { - InitProxy(); - } - return proxy_; -} - -void CameraManagerPrivacyClient::ReleaseProxy() -{ - if (proxy_ != nullptr && serviceDeathObserver_ != nullptr) { - proxy_->AsObject()->RemoveDeathRecipient(serviceDeathObserver_); - } - proxy_ = nullptr; - serviceDeathObserver_ = nullptr; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - diff --git a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp b/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp deleted file mode 100644 index d36dfc7c8..000000000 --- a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include "camera_manager_privacy_death_recipient.h" -#include "accesstoken_log.h" -#include "camera_manager_privacy_client.h" -#include "permission_record_manager.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_PRIVACY, "CameraManagerPrivacyDeathRecipient"}; -} // namespace - -void CameraManagerPrivacyDeathRecipient::OnRemoteDied(const wptr& object) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - CameraManagerPrivacyClient::GetInstance().OnRemoteDiedHandle(); - PermissionRecordManager::GetInstance().OnCameraMgrRemoteDiedHandle(); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - diff --git a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp b/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp deleted file mode 100644 index 211650419..000000000 --- a/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "camera_manager_privacy_proxy.h" -#include "accesstoken_log.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -constexpr HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PRIVACY, "CameraManagerPrivacyProxy"}; -static constexpr int32_t ERROR = -1; -} - -int32_t CameraManagerPrivacyProxy::MuteCameraPersist(PolicyType policyType, bool muteMode) -{ - MessageParcel data; - MessageParcel reply; - MessageOption option; - if (!data.WriteInterfaceToken(GetDescriptor())) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write descriptor"); - return ERROR; - } - if (!data.WriteInt32(static_cast(policyType))) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write bool"); - return ERROR; - } - if (!data.WriteBool(muteMode)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write bool"); - return ERROR; - } - sptr remote = Remote(); - if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Remote service is null."); - return ERROR; - } - int32_t error = remote->SendRequest( - static_cast(CAMERA_SERVICE_MUTE_CAMERA_PERSIST), data, reply, option); - if (error != ERR_NONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest failed, error: %{public}d", error); - } - return error; -} - -int32_t CameraManagerPrivacyProxy::IsCameraMuted(bool &muteMode) -{ - MessageParcel data; - MessageParcel reply; - MessageOption option; - if (!data.WriteInterfaceToken(GetDescriptor())) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write descriptor"); - return ERROR; - } - if (!data.WriteBool(muteMode)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write bool"); - return ERROR; - } - sptr remote = Remote(); - if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Remote service is null."); - return ERROR; - } - int32_t error = remote->SendRequest(static_cast(CAMERA_SERVICE_IS_CAMERA_MUTED), data, reply, option); - if (error != ERR_NONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest failed, error: %{public}d", error); - return ERROR; - } - muteMode = reply.ReadBool(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "IsCameraMuted Read muteMode is %{public}d", muteMode); - return error; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index 08d18e589..9d7dd7198 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -32,7 +32,6 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/src", - "${access_token_path}/services/common/ability_manager/include", "${access_token_path}/services/common/app_manager/include", "${access_token_path}/services/common/config_policy/include", "${access_token_path}/services/common/database/include", @@ -64,12 +63,8 @@ if (is_standard_system && ability_base_enable == true) { "../../src/record/on_permission_used_record_callback_proxy.cpp", "../../src/record/permission_record.cpp", "../../src/record/permission_record_manager.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_client.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_client.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp", + "../../src/sensitive/audio_manager/audio_manager_adapter.cpp", + "../../src/sensitive/camera_manager/camera_manager_adapter.cpp", "../../src/service/privacy_manager_service.cpp", "../../src/service/privacy_manager_stub.cpp", "permission_record_manager_coverage_test.cpp", @@ -96,6 +91,7 @@ if (is_standard_system && ability_base_enable == true) { "access_token:libaccesstoken_sdk", "audio_framework:audio_client", "c_utils:utils", + "camera_framework:camera_framework", "googletest:gtest_main", "hilog:libhilog", "hisysevent:libhisysevent", @@ -126,19 +122,6 @@ if (is_standard_system && ability_base_enable == true) { ] } - if (camera_framework_enable) { - cflags_cc += [ "-DCAMERA_FRAMEWORK_ENABLE" ] - external_deps += [ "camera_framework:camera_framework" ] - } - - if (ability_runtime_enable) { - cflags_cc += [ "-DABILITY_RUNTIME_ENABLE" ] - external_deps += [ - "ability_runtime:ability_manager", - "ability_runtime:app_manager", - ] - } - if (window_manager_enable && access_token_camera_float_window_enable) { cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] include_dirs += @@ -155,5 +138,14 @@ if (is_standard_system && ability_base_enable == true) { ] external_deps += [ "window_manager:libwsutils" ] } + if (access_token_app_security_privacy_service_enable) { + cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] + } else { + include_dirs += [ + "${access_token_path}/services/common/ability_manager/include", + "${ability_runtime_path}/interfaces/inner_api/ability_manager/include", + ] + sources += [ "${access_token_path}/services/common/ability_manager/src/ability_manager_adapter.cpp" ] + } } } diff --git a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp index eae234a77..3fc22d947 100644 --- a/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/permission_record_manager_coverage_test.cpp @@ -19,8 +19,7 @@ #include "access_token.h" #include "accesstoken_kit.h" #include "accesstoken_log.h" -#include "audio_manager_privacy_client.h" -#include "camera_manager_privacy_client.h" +#include "camera_manager_adapter.h" #include "constant.h" #include "data_translator.h" #include "permission_record.h" @@ -248,7 +247,7 @@ HWTEST_F(PermissionRecordManagerTest, FindRecordsToUpdateAndExecutedTest001, Tes ActiveChangeType status = PERM_ACTIVE_IN_BACKGROUND; std::string permission = "ohos.permission.CAMERA"; - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); PermissionRecordManager::GetInstance().AddRecordToStartList(tokenId, PID, permission, status); #ifdef CAMERA_FLOAT_WINDOW_ENABLE PermissionRecordManager::GetInstance().NotifyCameraWindowChange(false, tokenId, false); @@ -956,8 +955,8 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve { EXPECT_EQ(0, SetSelfTokenID(g_nativeToken)); - bool isMuteCamera = CameraManagerPrivacyClient::GetInstance().IsCameraMuted(); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, true); // true means close + bool isMuteCamera = CameraManagerAdapter::GetInstance().IsCameraMuted(); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, true); // true means close auto callbackPtr = std::make_shared(); auto callbackWrap = new (std::nothrow) StateChangeCallback(callbackPtr); @@ -970,7 +969,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest001, TestSize.Leve tokenId, PID, "ohos.permission.CAMERA", callbackWrap->AsObject())); sleep(3); // wait for dialog disappear ASSERT_EQ(0, PermissionRecordManager::GetInstance().StopUsingPermission(tokenId, PID, "ohos.permission.CAMERA")); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, isMuteCamera); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, isMuteCamera); } /* diff --git a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp index d7268a3a4..1783ce36c 100644 --- a/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp +++ b/services/privacymanager/test/coverage/sensitive_manager_coverage_test.cpp @@ -21,11 +21,8 @@ #include "app_manager_access_proxy.h" #include "app_state_data.h" #define private public -#include "audio_manager_privacy_client.h" -#include "camera_manager_privacy_client.h" +#include "audio_manager_adapter.h" #undef private -#include "audio_manager_privacy_proxy.h" -#include "camera_manager_privacy_proxy.h" #include "token_setproc.h" using namespace testing::ext; @@ -134,30 +131,6 @@ HWTEST_F(SensitiveManagerCoverageTest, OnRemoteRequest003, TestSize.Level1) ASSERT_EQ(0, callback.OnRemoteRequest(static_cast( IApplicationStateObserver::Message::TRANSACT_ON_APP_STATE_CHANGED), data, reply, option)); } - -/* - * @tc.name: AudioRemoteDiedHandle001 - * @tc.desc: test audio remote die - * @tc.type: FUNC - * @tc.require: issueI5RWXF - */ -HWTEST_F(SensitiveManagerCoverageTest, AudioRemoteDiedHandle001, TestSize.Level1) -{ - AudioManagerPrivacyClient::GetInstance().OnRemoteDiedHandle(); - EXPECT_EQ(AudioManagerPrivacyClient::GetInstance().proxy_, nullptr); -} - -/* - * @tc.name: CameraRemoteDiedHandle001 - * @tc.desc: test camera remote die - * @tc.type: FUNC - * @tc.require: issueI5RWXF - */ -HWTEST_F(SensitiveManagerCoverageTest, CameraRemoteDiedHandle001, TestSize.Level1) -{ - CameraManagerPrivacyClient::GetInstance().OnRemoteDiedHandle(); - EXPECT_EQ(CameraManagerPrivacyClient::GetInstance().proxy_, nullptr); -} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/privacymanager/test/tool/BUILD.gn b/services/privacymanager/test/tool/BUILD.gn index 54e98bf4e..9c31d167c 100644 --- a/services/privacymanager/test/tool/BUILD.gn +++ b/services/privacymanager/test/tool/BUILD.gn @@ -32,7 +32,6 @@ ohos_unittest("CreateCameraWindowTest") { external_deps = [ "ability_base:configuration", "ability_runtime:ability_context_native", - "ability_runtime:ability_manager", "ability_runtime:abilitykit_native", "ability_runtime:ui_extension", "c_utils:utils", diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 9867a2ffb..bf9e15003 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -48,7 +48,6 @@ if (is_standard_system && ability_base_enable == true) { "${access_token_path}/services/privacymanager/include/service", "${access_token_path}/services/privacymanager/include/sensitive/audio_manager", "${access_token_path}/services/privacymanager/include/sensitive/camera_manager", - "${audio_framework_path}/services/audio_policy/common/include", ] sources = [ @@ -66,12 +65,8 @@ if (is_standard_system && ability_base_enable == true) { "../../src/record/on_permission_used_record_callback_proxy.cpp", "../../src/record/permission_record.cpp", "../../src/record/permission_record_manager.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_client.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp", - "../../src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_client.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp", - "../../src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp", + "../../src/sensitive/audio_manager/audio_manager_adapter.cpp", + "../../src/sensitive/camera_manager/camera_manager_adapter.cpp", "../../src/service/privacy_manager_service.cpp", "../../src/service/privacy_manager_stub.cpp", "permission_record_db_test.cpp", @@ -98,7 +93,9 @@ if (is_standard_system && ability_base_enable == true) { external_deps = [ "ability_base:want", "access_token:libaccesstoken_sdk", + "audio_framework:audio_client", "c_utils:utils", + "camera_framework:camera_framework", "googletest:gtest_main", "hilog:libhilog", "hisysevent:libhisysevent", @@ -148,6 +145,12 @@ if (is_standard_system && ability_base_enable == true) { if (access_token_app_security_privacy_service_enable) { cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] + } else { + include_dirs += [ + "${access_token_path}/services/common/ability_manager/include", + "${ability_runtime_path}/interfaces/inner_api/ability_manager/include", + ] + sources += [ "${access_token_path}/services/common/ability_manager/src/ability_manager_adapter.cpp" ] } } } diff --git a/services/privacymanager/test/unittest/permission_record_manager_test.cpp b/services/privacymanager/test/unittest/permission_record_manager_test.cpp index 95e4a930f..7d0f9fb68 100644 --- a/services/privacymanager/test/unittest/permission_record_manager_test.cpp +++ b/services/privacymanager/test/unittest/permission_record_manager_test.cpp @@ -17,13 +17,11 @@ #include #include -#include "ability_manager_access_loader.h" #include "access_token.h" #include "accesstoken_kit.h" #include "accesstoken_log.h" #include "active_change_response_info.h" -#include "audio_manager_privacy_client.h" -#include "camera_manager_privacy_client.h" +#include "audio_manager_adapter.h" #include "constant.h" #include "data_translator.h" #include "permission_record.h" @@ -144,7 +142,7 @@ void PermissionRecordManagerTest::SetUpTestCase() g_isMicMixMute = PermissionRecordManager::GetInstance().isMicMixMute_; PermissionRecordManager::GetInstance().isMicEdmMute_ = false; PermissionRecordManager::GetInstance().isMicMixMute_ = false; - g_isMicMute = AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState(); + g_isMicMute = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState(); } void PermissionRecordManagerTest::TearDownTestCase() @@ -160,7 +158,7 @@ void PermissionRecordManagerTest::SetUp() AccessTokenKit::AllocHapToken(g_InfoParms1, g_PolicyPrams1); AccessTokenKit::AllocHapToken(g_InfoParms2, g_PolicyPrams2); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); if (appStateObserver_ != nullptr) { return; } @@ -169,7 +167,7 @@ void PermissionRecordManagerTest::SetUp() void PermissionRecordManagerTest::TearDown() { - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(g_isMicMute, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(g_isMicMute, PolicyType::PRIVACY); AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); AccessTokenKit::DeleteToken(tokenId); @@ -376,7 +374,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest004, TestSize.Leve SetParameter(EDM_MIC_MUTE_KEY, "false"); ASSERT_EQ(RET_SUCCESS, - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY)); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY)); std::vector permList = {"ohos.permission.MICROPHONE"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); @@ -420,7 +418,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest005, TestSize.Leve bool isMute = strncmp(value, "true", VALUE_MAX_LEN) == 0; SetParameter(EDM_MIC_MUTE_KEY, "false"); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); std::vector permList = {"ohos.permission.MICROPHONE"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); ASSERT_NE(nullptr, callback); @@ -460,7 +458,7 @@ HWTEST_F(PermissionRecordManagerTest, StartUsingPermissionTest006, TestSize.Leve bool isMute = strncmp(value, "true", VALUE_MAX_LEN) == 0; SetParameter(EDM_MIC_MUTE_KEY, "true"); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); std::vector permList = {"ohos.permission.LOCATION"}; sptr callback = new (std::nothrow) PermActiveStatusChangeCallback(); ASSERT_NE(nullptr, callback); @@ -708,8 +706,8 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1 bool isMute = strncmp(value, "true", VALUE_MAX_LEN) == 0; SetParameter(EDM_MIC_MUTE_KEY, std::to_string(false).c_str()); - bool isMuteMic = AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState(); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); + bool isMuteMic = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState(); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(g_InfoParms1.userID, g_InfoParms1.bundleName, g_InfoParms1.instIndex); // status is inactive @@ -719,7 +717,7 @@ HWTEST_F(PermissionRecordManagerTest, AppStateChangeListener001, TestSize.Level1 PermissionRecordManager::GetInstance().NotifyAppStateChange(tokenId, PID, PERM_ACTIVE_IN_BACKGROUND); ASSERT_EQ(RET_SUCCESS, PermissionRecordManager::GetInstance().StopUsingPermission(tokenId, PID, "ohos.permission.MICROPHONE")); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(isMuteMic, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(isMuteMic, PolicyType::PRIVACY); std::string str = isMute ? "true" : "false"; SetParameter(EDM_MIC_MUTE_KEY, str.c_str()); } diff --git a/services/privacymanager/test/unittest/sensitive_manager_test.cpp b/services/privacymanager/test/unittest/sensitive_manager_test.cpp index fd47e2d81..f757c4680 100644 --- a/services/privacymanager/test/unittest/sensitive_manager_test.cpp +++ b/services/privacymanager/test/unittest/sensitive_manager_test.cpp @@ -21,14 +21,12 @@ #include "app_manager_access_proxy.h" #include "app_state_data.h" #define private public -#include "audio_manager_privacy_client.h" +#include "audio_manager_adapter.h" #undef private -#include "audio_manager_privacy_proxy.h" #ifdef AUDIO_FRAMEWORK_ENABLE #include "audio_policy_ipc_interface_code.h" #endif -#include "camera_manager_privacy_client.h" -#include "camera_manager_privacy_proxy.h" +#include "camera_manager_adapter.h" #include "token_setproc.h" using namespace testing::ext; @@ -140,18 +138,18 @@ void SensitiveManagerServiceTest::TearDown() */ HWTEST_F(SensitiveManagerServiceTest, SetMicroMuteTest001, TestSize.Level1) { - bool initMute = AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState(); + bool initMute = AudioManagerAdapter::GetInstance().GetPersistentMicMuteState(); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); - EXPECT_EQ(false, AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState()); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); + EXPECT_EQ(false, AudioManagerAdapter::GetInstance().GetPersistentMicMuteState()); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); - EXPECT_EQ(true, AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState()); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(true, PolicyType::PRIVACY); + EXPECT_EQ(true, AudioManagerAdapter::GetInstance().GetPersistentMicMuteState()); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); - EXPECT_EQ(false, AudioManagerPrivacyClient::GetInstance().GetPersistentMicMuteState()); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(false, PolicyType::PRIVACY); + EXPECT_EQ(false, AudioManagerAdapter::GetInstance().GetPersistentMicMuteState()); - AudioManagerPrivacyClient::GetInstance().SetMicrophoneMutePersistent(initMute, PolicyType::PRIVACY); + AudioManagerAdapter::GetInstance().SetMicrophoneMutePersistent(initMute, PolicyType::PRIVACY); } /* @@ -165,18 +163,18 @@ HWTEST_F(SensitiveManagerServiceTest, SetCameraMuteTest001, TestSize.Level1) AccessTokenID tokenId = AccessTokenKit::GetNativeTokenId("privacy_service"); EXPECT_EQ(0, SetSelfTokenID(tokenId)); - bool initMute = CameraManagerPrivacyClient::GetInstance().IsCameraMuted(); + bool initMute = CameraManagerAdapter::GetInstance().IsCameraMuted(); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); - EXPECT_EQ(false, CameraManagerPrivacyClient::GetInstance().IsCameraMuted()); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); + EXPECT_EQ(false, CameraManagerAdapter::GetInstance().IsCameraMuted()); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, true); - EXPECT_EQ(true, CameraManagerPrivacyClient::GetInstance().IsCameraMuted()); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, true); + EXPECT_EQ(true, CameraManagerAdapter::GetInstance().IsCameraMuted()); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); - EXPECT_EQ(false, CameraManagerPrivacyClient::GetInstance().IsCameraMuted()); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, false); + EXPECT_EQ(false, CameraManagerAdapter::GetInstance().IsCameraMuted()); - CameraManagerPrivacyClient::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, initMute); + CameraManagerAdapter::GetInstance().MuteCameraPersist(PolicyType::PRIVACY, initMute); } /* diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index 83df3276c..bd2422b62 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -54,6 +54,7 @@ privacy_external_deps = [ "ability_base:want", "audio_framework:audio_client", "c_utils:utils", + "camera_framework:camera_framework", "hilog:libhilog", "hisysevent:libhisysevent", "init:libbegetutil", @@ -84,12 +85,8 @@ privacy_sources = [ "${access_token_path}/services/privacymanager/src/record/on_permission_used_record_callback_proxy.cpp", "${access_token_path}/services/privacymanager/src/record/permission_record.cpp", "${access_token_path}/services/privacymanager/src/record/permission_record_manager.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_client.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_death_recipient.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_privacy_proxy.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_client.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_death_recipient.cpp", - "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_privacy_proxy.cpp", + "${access_token_path}/services/privacymanager/src/sensitive/audio_manager/audio_manager_adapter.cpp", + "${access_token_path}/services/privacymanager/src/sensitive/camera_manager/camera_manager_adapter.cpp", "${access_token_path}/services/privacymanager/src/service/privacy_manager_service.cpp", "${access_token_path}/services/privacymanager/src/service/privacy_manager_stub.cpp", ] @@ -139,3 +136,15 @@ if (eventhandler_enable == true) { privacy_cflags_cc += [ "-DEVENTHANDLER_ENABLE" ] privacy_external_deps += [ "eventhandler:libeventhandler" ] } + +if (access_token_app_security_privacy_service_enable) { + privacy_cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] +} else { + privacy_include_dirs += [ + "${access_token_path}/services/common/ability_manager/include", + "${ability_runtime_path}/interfaces/inner_api/ability_manager/include", + ] + privacy_sources += [ + "${access_token_path}/services/common/ability_manager/src/ability_manager_adapter.cpp", + ] +} \ No newline at end of file -- Gitee