diff --git a/BUILD.gn b/BUILD.gn index c838065740a691f29ba3ce8032dea5234ae93843..c450f028a9f6213689692f1150094543775676bd 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -40,6 +40,17 @@ group("tokensync_build_module") { } } +group("privacy_build_module") { + if (is_standard_system) { + deps = [ + "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "//base/security/access_token/services/privacymanager:privacy_manager_service", + "//base/security/access_token/services/privacymanager/sa_profile:privacy_sa_profile_standard", + ] + } +} + + group("accesstoken_build_module_test") { testonly = true deps = [] @@ -48,6 +59,7 @@ group("accesstoken_build_module_test") { "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", + "//base/security/access_token/interfaces/innerkits/privacy/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", ] } diff --git a/bundle.json b/bundle.json index f966813150b9b45fc7de85eeb769871c0edab5d2..65b7becb00f9cdd5c964aa673a13937bb8b52df9 100644 --- a/bundle.json +++ b/bundle.json @@ -44,7 +44,8 @@ "build": { "sub_component": [ "//base/security/access_token:accesstoken_build_module", - "//base/security/access_token:tokensync_build_module" + "//base/security/access_token:tokensync_build_module", + "//base/security/access_token:privacy_build_module" ], "inner_kits": [ { @@ -73,6 +74,15 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "header": { + "header_files": [ + "privacy_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/privacy/include" + } } ], "test": [ @@ -80,6 +90,7 @@ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", + "//base/security/access_token/interfaces/innerkits/privacy/test:unittest", "//base/security/access_token/interfaces/kits/accesstoken/test/benchmarktest:benchmarktest", "//base/security/access_token/test/fuzztest/access_token:fuzztest" ] diff --git a/frameworks/database/include/field_const.h b/frameworks/database/include/field_const.h index 88f935d1148fbf65454be79f1962f06a5cc3092e..4092c125f71acf2f2c8c978c0bfc10f1f6bf8928 100644 --- a/frameworks/database/include/field_const.h +++ b/frameworks/database/include/field_const.h @@ -52,7 +52,7 @@ const std::string FIELD_IS_REMOTE_DEVICE = "is_remote_device"; const std::string FIELD_VISITOR_ID = "visitor_id"; const std::string FIELD_OP_CODE = "op_code"; -const std::string FIELD_IS_FOREGROUND = "is_foreground"; +const std::string FIELD_STATUS = "status"; const std::string FIELD_TIMESTAMP = "timestamp"; const std::string FIELD_ACCESS_DURATION = "access_duration"; const std::string FIELD_ACCESS_COUNT = "access_count"; diff --git a/frameworks/database/include/generic_values.h b/frameworks/database/include/generic_values.h index 20e9934ada53ddf43bfa48ab9bf69ee6c8c450f9..337e62659c5ef70e018cb577a78317e4e1a1990c 100644 --- a/frameworks/database/include/generic_values.h +++ b/frameworks/database/include/generic_values.h @@ -32,6 +32,8 @@ public: void Put(const std::string& key, int value); + void Put(const std::string& key, int64_t value); + void Put(const std::string& key, const std::string& value); void Put(const std::string& key, const VariantValue& value); diff --git a/frameworks/database/include/statement.h b/frameworks/database/include/statement.h index ba40602d8b16e9c157f7b273be08af3ef5d11c0e..370ad8ca76cbfb9bfbf1dbfa080f00f00f4c4f71 100644 --- a/frameworks/database/include/statement.h +++ b/frameworks/database/include/statement.h @@ -34,6 +34,7 @@ public: void Bind(const int index, const std::string& text); void Bind(const int index, int value); + void Bind(const int index, int64_t value); void Bind(const std::string& tableColumnName, const VariantValue& value); State Step(); @@ -41,7 +42,7 @@ public: std::string GetColumnString(const int column) const; int GetColumnInt(const int column) const; - int GetColumnInt64(const int column) const; + int64_t GetColumnInt64(const int column) const; std::string GetColumnName(const int column) const; int GetParameterIndex(const std::string& name) const; int GetColumnCount() const; diff --git a/frameworks/database/src/generic_values.cpp b/frameworks/database/src/generic_values.cpp index f46ac39ce591cc10f65d0fb9e4fdf007fb847141..e40459836ac48004018aebcd9a6c29a8c1045a82 100644 --- a/frameworks/database/src/generic_values.cpp +++ b/frameworks/database/src/generic_values.cpp @@ -23,6 +23,11 @@ void GenericValues::Put(const std::string& key, int value) map_.insert(std::make_pair(key, VariantValue(value))); } +void GenericValues::Put(const std::string& key, int64_t value) +{ + map_.insert(std::make_pair(key, VariantValue(value))); +} + void GenericValues::Put(const std::string& key, const std::string& value) { map_.insert(std::make_pair(key, VariantValue(value))); diff --git a/frameworks/database/src/sqlite_helper.cpp b/frameworks/database/src/sqlite_helper.cpp index a01c5e5f676a2f7c5d40789d836dd02a0dee25f7..dd1d832b3cbe16255bacbbe4de1529a5a75a5ab6 100644 --- a/frameworks/database/src/sqlite_helper.cpp +++ b/frameworks/database/src/sqlite_helper.cpp @@ -46,6 +46,8 @@ void SqliteHelper::Open() return; } + ACCESSTOKEN_LOG_INFO(LABEL, "currentVersion: %{public}d", currentVersion_); + int version = GetVersion(); if (version == currentVersion_) { return; diff --git a/frameworks/database/src/statement.cpp b/frameworks/database/src/statement.cpp index 14bd5905752ce99a67638e612708ec7cc023c8de..f345ad7d3a4b56f11b10dc2e8579b13937d5d235 100644 --- a/frameworks/database/src/statement.cpp +++ b/frameworks/database/src/statement.cpp @@ -51,12 +51,19 @@ void Statement::Bind(const int index, int value) } } +void Statement::Bind(const int index, int64_t value) +{ + if (sqlite3_bind_int(statement_, index, value) != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind int, errorMsg: %{public}s", sqlite3_errmsg(db_)); + } +} + int Statement::GetColumnInt(const int column) const { return sqlite3_column_int(statement_, column); } -int Statement::GetColumnInt64(const int column) const +int64_t Statement::GetColumnInt64(const int column) const { return sqlite3_column_int64(statement_, column); } diff --git a/frameworks/privacy/BUILD.gn b/frameworks/privacy/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..58c54cd1e42d8174006b9946dff10b40b13909cd --- /dev/null +++ b/frameworks/privacy/BUILD.gn @@ -0,0 +1,38 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +ohos_shared_library("privacy_communication_adapter_cxx") { + subsystem_name = "security" + part_name = "access_token" + + include_dirs = [ + "include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + "//utils/native/base/include", + ] + + sources = [ + "src/bundle_used_record_parcel.cpp", + "src/permission_used_record_parcel.cpp", + "src/permission_used_request_parcel.cpp", + "src/permission_used_result_parcel.cpp", + "src/used_record_detail_parcel.cpp", + ] + + deps = [ "//utils/native/base:utils" ] + + external_deps = [ "ipc:ipc_core" ] +} diff --git a/frameworks/privacy/include/bundle_used_record_parcel.h b/frameworks/privacy/include/bundle_used_record_parcel.h new file mode 100644 index 0000000000000000000000000000000000000000..e181853dc6d121091d9db4cadce59b6284d988f8 --- /dev/null +++ b/frameworks/privacy/include/bundle_used_record_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef BUNDLE_USED_RECORD_PRACEL_H +#define BUNDLE_USED_RECORD_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct BundleUsedRecordParcel final : public Parcelable { + BundleUsedRecordParcel() = default; + + ~BundleUsedRecordParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static BundleUsedRecordParcel* Unmarshalling(Parcel& in); + + BundleUsedRecord bundleRecord; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // BUNDLE_USED_RECORD_PRACEL_H diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h new file mode 100644 index 0000000000000000000000000000000000000000..12d097b7791677c8a81419fa9be6dd1e0c5c2d9a --- /dev/null +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef I_PRIVACY_MANAGER_H +#define I_PRIVACY_MANAGER_H + +#include + +#include "access_token.h" +#include "errors.h" +#include "iremote_broker.h" + +#include "on_permission_used_record_callback.h" +#include "permission_used_request_parcel.h" +#include "permission_used_result_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class IPrivacyManager : public IRemoteBroker { +public: + static const int SA_ID_PRIVACY_MANAGER_SERVICE = 3505; + + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPrivacyManager"); + + virtual int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) = 0; + virtual int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) = 0; + virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; + virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) = 0; + + enum class InterfaceCode { + ADD_PERMISSION_USED_RECORD = 0xf001, + START_USING_PERMISSION = 0xf002, + STOP_USING_PERMISSION = 0xf003, + DELETE_PERMISSION_USED_RECORDS = 0xf004, + GET_PERMISSION_USED_RECORDS = 0xf005, + GET_PERMISSION_USED_RECORDS_ASYNC = 0xf006 + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // I_PRIVACY_MANAGER_H diff --git a/frameworks/privacy/include/permission_used_record_parcel.h b/frameworks/privacy/include/permission_used_record_parcel.h new file mode 100644 index 0000000000000000000000000000000000000000..7e8377160d43bacae6bc3f9d07785310d2b38a45 --- /dev/null +++ b/frameworks/privacy/include/permission_used_record_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RECORD_PRACEL_H +#define PERMISSION_USED_RECORD_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedRecordParcel final : public Parcelable { + PermissionUsedRecordParcel() = default; + + ~PermissionUsedRecordParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedRecordParcel* Unmarshalling(Parcel& in); + + PermissionUsedRecord permissionRecord; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_RECORD_PRACEL_H diff --git a/frameworks/privacy/include/permission_used_request_parcel.h b/frameworks/privacy/include/permission_used_request_parcel.h new file mode 100644 index 0000000000000000000000000000000000000000..c0d10966a3dd1a0e79379e0c31f0f5b265a18cdd --- /dev/null +++ b/frameworks/privacy/include/permission_used_request_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_REQUEST_PRACEL_H +#define PERMISSION_USED_REQUEST_PRACEL_H + +#include "parcel.h" +#include "permission_used_request.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedRequestParcel final : public Parcelable { + PermissionUsedRequestParcel() = default; + + ~PermissionUsedRequestParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedRequestParcel* Unmarshalling(Parcel& in); + + PermissionUsedRequest request; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_REQUEST_PRACEL_H diff --git a/frameworks/privacy/include/permission_used_result_parcel.h b/frameworks/privacy/include/permission_used_result_parcel.h new file mode 100644 index 0000000000000000000000000000000000000000..0af1a66310ac8b9d99ac3aee4039d4d11b4b6892 --- /dev/null +++ b/frameworks/privacy/include/permission_used_result_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RESPONSE_PRACEL_H +#define PERMISSION_USED_RESPONSE_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedResultParcel final : public Parcelable { + PermissionUsedResultParcel() = default; + + ~PermissionUsedResultParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedResultParcel* Unmarshalling(Parcel& in); + + PermissionUsedResult result; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_RESPONSE_PRACEL_H diff --git a/frameworks/privacy/include/used_record_detail_parcel.h b/frameworks/privacy/include/used_record_detail_parcel.h new file mode 100644 index 0000000000000000000000000000000000000000..460a5d40ea799316f9ddb68f048fe769d133d629 --- /dev/null +++ b/frameworks/privacy/include/used_record_detail_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USED_RECORD_DETAIL_PRACEL_H +#define USED_RECORD_DETAIL_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct UsedRecordDetailParcel final : public Parcelable { + UsedRecordDetailParcel() = default; + + ~UsedRecordDetailParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static UsedRecordDetailParcel* Unmarshalling(Parcel& in); + + UsedRecordDetail detail; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // USED_RECORD_DETAIL_PRACEL_H diff --git a/frameworks/privacy/src/bundle_used_record_parcel.cpp b/frameworks/privacy/src/bundle_used_record_parcel.cpp new file mode 100644 index 0000000000000000000000000000000000000000..f37e5ce095414ae47c38ad7b0081fc7cdf7f1d39 --- /dev/null +++ b/frameworks/privacy/src/bundle_used_record_parcel.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "bundle_used_record_parcel.h" +#include "permission_used_record_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool BundleUsedRecordParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->bundleRecord.deviceId)); + RETURN_IF_FALSE(out.WriteString(this->bundleRecord.bundleName)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->bundleRecord.permissionRecords.size()))); + for (auto permRecord : this->bundleRecord.permissionRecords) { + PermissionUsedRecordParcel permRecordParcel; + permRecordParcel.permissionRecord = permRecord; + out.WriteParcelable(&permRecordParcel); + } + return true; +} + +BundleUsedRecordParcel* BundleUsedRecordParcel::Unmarshalling(Parcel& in) +{ + auto* bundleRecordParcel = new (std::nothrow) BundleUsedRecordParcel(); + RELEASE_IF_FALSE(bundleRecordParcel != nullptr, bundleRecordParcel); + + RELEASE_IF_FALSE(in.ReadString(bundleRecordParcel->bundleRecord.deviceId), bundleRecordParcel); + RELEASE_IF_FALSE(in.ReadString(bundleRecordParcel->bundleRecord.bundleName), bundleRecordParcel); + + int permRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(permRecordSize), bundleRecordParcel); + for (int i = 0; i < permRecordSize; i++) { + sptr permRecord = in.ReadParcelable(); + RELEASE_IF_FALSE(permRecord != nullptr, bundleRecordParcel); + bundleRecordParcel->bundleRecord.permissionRecords.emplace_back(permRecord->permissionRecord); + } + return bundleRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_record_parcel.cpp b/frameworks/privacy/src/permission_used_record_parcel.cpp new file mode 100644 index 0000000000000000000000000000000000000000..0c6a54dc6adb9265494c04da0dc04c4d9a9b1e98 --- /dev/null +++ b/frameworks/privacy/src/permission_used_record_parcel.cpp @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_record_parcel.h" +#include "used_record_detail_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedRecordParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->permissionRecord.permissionName)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.accessCount)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.rejectCount));; + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessTime)); + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastRejectTime)); + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessDuration)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permissionRecord.accessRecords.size()))); + for (auto accRecord : this->permissionRecord.accessRecords) { + UsedRecordDetailParcel detailParcel; + detailParcel.detail = accRecord; + out.WriteParcelable(&detailParcel); + } + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permissionRecord.rejectRecords.size()))); + for (auto rejRecord : this->permissionRecord.rejectRecords) { + UsedRecordDetailParcel detailParcel; + detailParcel.detail = rejRecord; + out.WriteParcelable(&detailParcel); + } + return true; +} + +PermissionUsedRecordParcel* PermissionUsedRecordParcel::Unmarshalling(Parcel& in) +{ + auto* permissionRecordParcel = new (std::nothrow) PermissionUsedRecordParcel(); + RELEASE_IF_FALSE(permissionRecordParcel != nullptr, permissionRecordParcel); + + RELEASE_IF_FALSE(in.ReadString(permissionRecordParcel->permissionRecord.permissionName), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionRecordParcel->permissionRecord.accessCount), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionRecordParcel->permissionRecord.rejectCount), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastAccessTime), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastRejectTime), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastRejectTime), permissionRecordParcel); + + int accRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(accRecordSize), permissionRecordParcel); + for (int i = 0; i < accRecordSize; i++) { + sptr detailParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(detailParcel != nullptr, permissionRecordParcel); + permissionRecordParcel->permissionRecord.accessRecords.emplace_back(detailParcel->detail); + } + + int rejRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(rejRecordSize), permissionRecordParcel); + for (int i = 0; i < rejRecordSize; i++) { + sptr detailParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(detailParcel != nullptr, permissionRecordParcel); + permissionRecordParcel->permissionRecord.rejectRecords.emplace_back(detailParcel->detail); + } + return permissionRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_request_parcel.cpp b/frameworks/privacy/src/permission_used_request_parcel.cpp new file mode 100644 index 0000000000000000000000000000000000000000..3791b835edbe222e80412cbf0399443ac51e1eef --- /dev/null +++ b/frameworks/privacy/src/permission_used_request_parcel.cpp @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_request_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedRequestParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->request.deviceId)); + RETURN_IF_FALSE(out.WriteString(this->request.bundleName)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->request.permissionList.size()))); + for (auto perm : this->request.permissionList) { + RETURN_IF_FALSE(out.WriteString(perm)); + } + RETURN_IF_FALSE(out.WriteInt64(this->request.beginTimeMillis)); + RETURN_IF_FALSE(out.WriteInt64(this->request.endTimeMillis)); + RETURN_IF_FALSE(out.WriteInt32(this->request.flag)); + return true; +} + +PermissionUsedRequestParcel* PermissionUsedRequestParcel::Unmarshalling(Parcel& in) +{ + auto* requestParcel = new (std::nothrow) PermissionUsedRequestParcel(); + RELEASE_IF_FALSE(requestParcel != nullptr, requestParcel); + + RELEASE_IF_FALSE(in.ReadString(requestParcel->request.deviceId), requestParcel); + RELEASE_IF_FALSE(in.ReadString(requestParcel->request.bundleName), requestParcel); + + int permSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(permSize), requestParcel); + for (int i = 0; i < permSize; i++) { + std::string perm; + RELEASE_IF_FALSE(in.ReadString(perm), requestParcel); + requestParcel->request.permissionList.emplace_back(perm); + } + RELEASE_IF_FALSE(in.ReadInt64(requestParcel->request.beginTimeMillis), requestParcel); + RELEASE_IF_FALSE(in.ReadInt64(requestParcel->request.endTimeMillis), requestParcel); + int flag; + RELEASE_IF_FALSE(in.ReadInt32(flag), requestParcel); + requestParcel->request.flag = static_cast(flag); + return requestParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_result_parcel.cpp b/frameworks/privacy/src/permission_used_result_parcel.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ff3a2e1b05d5b6f83ace1e03139e36d9f5ea3458 --- /dev/null +++ b/frameworks/privacy/src/permission_used_result_parcel.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_result_parcel.h" +#include "bundle_used_record_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedResultParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt64(this->result.beginTimeMillis)); + RETURN_IF_FALSE(out.WriteInt64(this->result.endTimeMillis)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->result.bundleRecords.size()))); + for (auto bundRecord : this->result.bundleRecords) { + BundleUsedRecordParcel bundleParcel; + bundleParcel.bundleRecord = bundRecord; + out.WriteParcelable(&bundleParcel); + } + return true; +} + +PermissionUsedResultParcel* PermissionUsedResultParcel::Unmarshalling(Parcel& in) +{ + auto* resultParcel = new (std::nothrow) PermissionUsedResultParcel(); + RELEASE_IF_FALSE(resultParcel != nullptr, resultParcel); + + RELEASE_IF_FALSE(in.ReadInt64(resultParcel->result.beginTimeMillis), resultParcel); + RELEASE_IF_FALSE(in.ReadInt64(resultParcel->result.endTimeMillis), resultParcel); + + int bundResponseSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(bundResponseSize), resultParcel); + for (int i = 0; i < bundResponseSize; i++) { + sptr bunRecordParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(bunRecordParcel != nullptr, resultParcel); + resultParcel->result.bundleRecords.emplace_back(bunRecordParcel->bundleRecord); + } + return resultParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/used_record_detail_parcel.cpp b/frameworks/privacy/src/used_record_detail_parcel.cpp new file mode 100644 index 0000000000000000000000000000000000000000..50d6f5bbb37b40510ee7bc32be2dc5bdc3b82983 --- /dev/null +++ b/frameworks/privacy/src/used_record_detail_parcel.cpp @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "used_record_detail_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool UsedRecordDetailParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->detail.status)); + RETURN_IF_FALSE(out.WriteInt64(this->detail.timestamp)); + RETURN_IF_FALSE(out.WriteInt64(this->detail.accessDuration)); + return true; +} + +UsedRecordDetailParcel* UsedRecordDetailParcel::Unmarshalling(Parcel& in) +{ + auto* detailRecordParcel = new (std::nothrow) UsedRecordDetailParcel(); + RELEASE_IF_FALSE(detailRecordParcel != nullptr, detailRecordParcel); + + RELEASE_IF_FALSE(in.ReadInt32(detailRecordParcel->detail.status), detailRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(detailRecordParcel->detail.timestamp), detailRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(detailRecordParcel->detail.accessDuration), detailRecordParcel); + return detailRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/BUILD.gn b/interfaces/innerkits/privacy/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..9cb3efde61ea4fe68fdea08d255944c4ba65f8ac --- /dev/null +++ b/interfaces/innerkits/privacy/BUILD.gn @@ -0,0 +1,62 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +config("pricacy") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_shared_library("libprivacy_sdk") { + subsystem_name = "security" + part_name = "access_token" + + output_name = "libprivacy_sdk" + + public_configs = [ ":pricacy" ] + + include_dirs = [ + "//utils/native/base/include", + "include", + "src", + "//base/security/access_token/frameworks/privacy/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + ] + + sources = [ + "src/privacy_death_recipient.cpp", + "src/privacy_kit.cpp", + "src/privacy_manager_client.cpp", + "src/privacy_manager_proxy.cpp", + ] + + deps = [ + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "samgr_standard:samgr_proxy", + ] + + cflags_cc = [ + "-DHILOG_ENABLE", + "-DDEBUG_API_PERFORMANCE", + ] +} diff --git a/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h b/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h new file mode 100644 index 0000000000000000000000000000000000000000..d137770e2a72734d2541f8535dea8215953e736b --- /dev/null +++ b/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ON_PERMISSION_USED_RECORD_CALLBACK_H +#define ON_PERMISSION_USED_RECORD_CALLBACK_H + +#include "errors.h" +#include "iremote_broker.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class OnPermissionUsedRecordCallback : public IRemoteBroker { +public: + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.OnPermissionUsedRecordCallback"); + + virtual void OnQueried(ErrCode code, PermissionUsedResult& result) = 0; + + enum { + ON_QUERIED = 0, + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ON_PERMISSION_USED_RECORD_CALLBACK_H diff --git a/interfaces/innerkits/privacy/include/permission_used_request.h b/interfaces/innerkits/privacy/include/permission_used_request.h new file mode 100644 index 0000000000000000000000000000000000000000..ad58b8c559844a2e3905f95cc7895641d32b7035 --- /dev/null +++ b/interfaces/innerkits/privacy/include/permission_used_request.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_REQUEST_H +#define PERMISSION_USED_REQUEST_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +typedef enum PermissionUsageFlagEnum { + FLAG_PERMISSION_USAGE_SUMMARY = 0, + FLAG_PERMISSION_USAGE_DETAIL = 1, +} PermissionUsageFlag; + +struct PermissionUsedRequest { + std::string deviceId; + std::string bundleName; + std::vector permissionList; + int64_t beginTimeMillis = 0; + int64_t endTimeMillis = 0; + PermissionUsageFlag flag = FLAG_PERMISSION_USAGE_SUMMARY; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_USED_REQUEST_H diff --git a/interfaces/innerkits/privacy/include/permission_used_result.h b/interfaces/innerkits/privacy/include/permission_used_result.h new file mode 100644 index 0000000000000000000000000000000000000000..507f8c03a269a43c348fa5b36562074862efb297 --- /dev/null +++ b/interfaces/innerkits/privacy/include/permission_used_result.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RESPONSE_H +#define PERMISSION_USED_RESPONSE_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct UsedRecordDetail { + int32_t status; + int64_t timestamp; + int64_t accessDuration; +}; + +struct PermissionUsedRecord { + std::string permissionName; + int32_t accessCount = 0; + int32_t rejectCount = 0; + int64_t lastAccessTime = -1L; + int64_t lastRejectTime = -1L; + int64_t lastAccessDuration = 0; + std::vector accessRecords; + std::vector rejectRecords; +}; + +struct BundleUsedRecord { + std::string deviceId; + std::string bundleName; + std::vector permissionRecords; +}; + +struct PermissionUsedResult { + int64_t beginTimeMillis = 0L; + int64_t endTimeMillis = 0L; + std::vector bundleRecords; +}; + +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_USED_RESPONSE_H diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h new file mode 100644 index 0000000000000000000000000000000000000000..8d48e2ace086e168bf45956029f9b4ce8589e50a --- /dev/null +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_PRIVACY_KIT_H +#define INTERFACES_INNER_KITS_PRIVACY_KIT_H + +#include + +#include "access_token.h" +#include "on_permission_used_record_callback.h" +#include "permission_used_request.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyKit { +public: + static int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + static int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + static int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + static int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); + static int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); + static int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif diff --git a/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp b/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp new file mode 100644 index 0000000000000000000000000000000000000000..4a86bfeab85dc178da2adf4ab228c889c1be56ff --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "privacy_death_recipient.h" + +#include "accesstoken_log.h" +#include "privacy_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyDeathRecipient"}; +} // namespace + +void PrivacyDeathRecipient::OnRemoteDied(const wptr& object) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + PrivacyManagerClient::GetInstance().OnRemoteDiedHandle(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_death_recipient.h b/interfaces/innerkits/privacy/src/privacy_death_recipient.h new file mode 100644 index 0000000000000000000000000000000000000000..5670393ace16b14f48572fda1a7531dea839cb75 --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_death_recipient.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#ifndef PRIVACY_DEATH_RECIPIENT_H +#define PRIVACY_DEATH_RECIPIENT_H + +#include "iremote_object.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyDeathRecipient : public IRemoteObject::DeathRecipient { +public: + PrivacyDeathRecipient() {} + virtual ~PrivacyDeathRecipient() = default; + void OnRemoteDied(const wptr& object) override; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_DEATH_RECIPIENT_H + diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp new file mode 100644 index 0000000000000000000000000000000000000000..a96db4e4beb9e65c5f6cf5634a29fed0f33a8978 --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_kit.h" + +#include +#include + +#include "accesstoken_log.h" +#include "privacy_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyKit"}; +} // namespace + +int PrivacyKit::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s, \ + successCount=%{public}d, failCount=%{public}d", __func__, tokenID, permissionName.c_str(), successCount, failCount); + return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); +} + +int PrivacyKit::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s", + __func__, tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().StartUsingPermission(tokenID, permissionName); +} + +int PrivacyKit::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s", + __func__, tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().StopUsingPermission(tokenID, permissionName); +} + +int PrivacyKit::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID=0x%{public}x, deviceID=%{public}s", + __func__, tokenID, deviceID.c_str()); + return PrivacyManagerClient::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID); +} + +int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result); +} + +int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp new file mode 100644 index 0000000000000000000000000000000000000000..cf9929bc214ab809fcd6d957ce098eb17569c41e --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -0,0 +1,179 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "privacy_manager_client.h" + +#include "accesstoken_log.h" +#include "data_validator.h" +#include "iservice_registry.h" +#include "privacy_manager_proxy.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyManagerClient" +}; +} // namespace + +const static int32_t ERROR = -1; + +PrivacyManagerClient& PrivacyManagerClient::GetInstance() +{ + static PrivacyManagerClient instance; + return instance; +} + +PrivacyManagerClient::PrivacyManagerClient() +{} + +PrivacyManagerClient::~PrivacyManagerClient() +{} + +int PrivacyManagerClient::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, + int successCount, int failCount) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) { + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); +} + +int PrivacyManagerClient::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) { + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->StartUsingPermission(tokenID, permissionName); +} + +int PrivacyManagerClient::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) { + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->StopUsingPermission(tokenID, permissionName); +} + +int PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + if (!DataValidator::IsTokenIDValid(tokenID) && !DataValidator::IsDeviceIdValid(deviceID)) { + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->RemovePermissionUsedRecords(tokenID, deviceID); +} + +int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + + PermissionUsedRequestParcel requestParcel; + PermissionUsedResultParcel reultParcel; + requestParcel.request = request; + int ret = proxy->GetPermissionUsedRecords(requestParcel, reultParcel); + result = reultParcel.result; + return ret; +} + +int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, + const sptr& callback) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + + PermissionUsedRequestParcel requestParcel; + requestParcel.request = request; + return proxy->GetPermissionUsedRecords(requestParcel, callback); +} + +void PrivacyManagerClient::InitProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (sam == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbilityManager is null"); + return; + } + auto privacySa = sam->GetSystemAbility(IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + if (privacySa == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbility %{public}d is null", + IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + return; + } + + serviceDeathObserver_ = new (std::nothrow) PrivacyDeathRecipient(); + if (serviceDeathObserver_ != nullptr) { + privacySa->AddDeathRecipient(serviceDeathObserver_); + } + proxy_ = iface_cast(privacySa); + if (proxy_ == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "iface_cast get null"); + } + } +} + +void PrivacyManagerClient::OnRemoteDiedHandle() +{ + { + std::lock_guard lock(proxyMutex_); + proxy_ = nullptr; + } + InitProxy(); +} + +sptr PrivacyManagerClient::GetProxy() +{ + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h new file mode 100644 index 0000000000000000000000000000000000000000..8fc59316d8a70b351982bfe5b25be8d435643fdb --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -0,0 +1,41 @@ +#ifndef PRIVACY_MANAGER_CLIENT_H +#define PRIVACY_MANAGER_CLIENT_H + +#include +#include +#include + +#include "i_privacy_manager.h" +#include "privacy_death_recipient.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerClient final { +public: + static PrivacyManagerClient& GetInstance(); + + virtual ~PrivacyManagerClient(); + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); + int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); + int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); + + void OnRemoteDiedHandle(); +private: + PrivacyManagerClient(); + + DISALLOW_COPY_AND_MOVE(PrivacyManagerClient); + std::mutex proxyMutex_; + sptr proxy_ = nullptr; + sptr serviceDeathObserver_ = nullptr; + void InitProxy(); + sptr GetProxy(); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_CLIENT_H diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp new file mode 100644 index 0000000000000000000000000000000000000000..e04a42e689e9c97c3cf989b6c9a868967fe2b396 --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -0,0 +1,209 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_proxy.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyManagerProxy"}; +} + +const static int32_t ERROR = -1; + +PrivacyManagerProxy::PrivacyManagerProxy(const sptr& impl) + : IRemoteProxy(impl) { +} + +PrivacyManagerProxy::~PrivacyManagerProxy() +{} + +int PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, + int successCount, int failCount) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + if (!data.WriteInt32(successCount)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(successCount)"); + return ERROR; + } + if (!data.WriteInt32(failCount)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(failCount)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::ADD_PERMISSION_USED_RECORD, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::START_USING_PERMISSION, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::STOP_USING_PERMISSION, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(deviceID)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::DELETE_PERMISSION_USED_RECORDS, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, + PermissionUsedResultParcel& result) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteParcelable(&request)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return ERROR; + } + + sptr resultSptr = reply.ReadParcelable(); + if (resultSptr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail"); + return ERROR; + } + result = *resultSptr; + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, + const sptr& callback) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteParcelable(&request)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)"); + return ERROR; + } + if (!data.WriteRemoteObject(callback->AsObject())) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteRemoteObject(callback)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return ERROR; + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +bool PrivacyManagerProxy::SendRequest( + IPrivacyManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply) +{ + MessageOption option(MessageOption::TF_SYNC); + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return false; + } + + int32_t result = remote->SendRequest(static_cast(code), data, reply, option); + if (result != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest fail, result: %{public}d", result); + return false; + } + return true; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h new file mode 100644 index 0000000000000000000000000000000000000000..4ef0ceff721402b438aad7700e2d6ac18ea6bc25 --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_PROXY_H +#define PRIVACY_MANAGER_PROXY_H + +#include + +#include "i_privacy_manager.h" +#include "iremote_proxy.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerProxy : public IRemoteProxy { +public: + explicit PrivacyManagerProxy(const sptr& impl); + ~PrivacyManagerProxy() override; + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; + +private: + bool SendRequest(IPrivacyManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply); + static inline BrokerDelegator delegator_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_PROXY_H \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..a8cf4e07248ed72491651ae746007aee2e7ff486 --- /dev/null +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libprivacy_sdk_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//utils/native/base/include", + "//third_party/googletest/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + "//base/security/access_token/services/privacymanager/include/record", + ] + + sources = [ "unittest/src/privacy_kit_test.cpp" ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "//base/security/access_token/services/privacymanager:privacy_manager_service", + "//utils/native/base:utils", + ] + external_deps = [ + "ipc:ipc_core", + "samgr_standard:samgr_proxy", + "startup_l2:syspara", + ] +} + +group("unittest") { + testonly = true + deps = [ ":libprivacy_sdk_test" ] +} diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..b731759be60280a22c02973597690e431a638f4b --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_kit_test.h" + +#include "accesstoken_kit.h" +#include "parameter.h" +#include "privacy_kit.h" + +using namespace testing::ext; +using namespace OHOS::Security::AccessToken; + +void PrivacyKitTest::SetUpTestCase() +{} + +void PrivacyKitTest::TearDownTestCase() +{ +} + +void PrivacyKitTest::SetUp() +{ +} + +void PrivacyKitTest::TearDown() +{ +} + +/** + * @tc.name: AddPermissionUsedRecord001 + * @tc.desc: cannot AddPermissionUsedRecord with invalid tokenID and permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) +{ + int successCount = 1; + int fasilCount = 0; + std::string permission = "ohon.permission.READ_CONTACTS"; + PrivacyKit::AddPermissionUsedRecord(TEST_TOKENID_INVALID, permission, successCount, fasilCount); +} + +/** + * @tc.name: StartUsingPermission001 + * @tc.desc: cannot StartUsingPermission with invalid tokenID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, StartUsingPermission001, TestSize.Level1) +{ + std::string permission = "ohon.permission.READ_CONTACTS"; + PrivacyKit::StartUsingPermission(TEST_TOKENID_INVALID, permission); + +} + +/** + * @tc.name: StopUsingPermission001 + * @tc.desc: cannot StopUsingPermission with invalid tokenID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, StopUsingPermission001, TestSize.Level1) +{ + std::string permission = "ohon.permission.READ_CONTACTS"; + PrivacyKit::StopUsingPermission(TEST_TOKENID_INVALID, permission); +} + +/** + * @tc.name: RemovePermissionUsedRecords001 + * @tc.desc: cannot RemovePermissionUsedRecords with invalid tokenID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) +{ + std::string permission = "ohon.permission.READ_CONTACTS"; + PrivacyKit::RemovePermissionUsedRecords(TEST_TOKENID_INVALID, "device id"); +} + +/** + * @tc.name: GetPermissionUsedRecords001 + * @tc.desc: cannot GetPermissionUsedRecords with invalid tokenID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) +{ + std::string permission = "ohon.permission.READ_CONTACTS"; + PermissionUsedRequest request; + PermissionUsedResult result; + request.deviceId = "device_id"; + request.bundleName = "bundle"; + request.beginTimeMillis = 0; + request.endTimeMillis = 0; + request.endTimeMillis = FLAG_PERMISSION_USAGE_SUMMARY; + PrivacyKit::GetPermissionUsedRecords(request, result); +} + +/** + * @tc.name: GetPermissionUsedRecordsAsync001 + * @tc.desc: cannot GetPermissionUsedRecords with invalid tokenID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +{ + +} \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h new file mode 100644 index 0000000000000000000000000000000000000000..3b6434829f2a1dfbbf21f78dc08b8b344458d5dd --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_KIT_TEST_H +#define PRIVACY_KIT_TEST_H + +#include +#include "permission_used_request.h" +#include "permission_used_result.h" +#include "on_permission_used_record_callback.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +static const int32_t RET_ERROR = -1; +static const int32_t RET_NO_ERROR = 0; + +static const unsigned int TEST_TOKENID_INVALID = 0; +static const unsigned int TEST_VALID_TOKENID_A = 1; +static const unsigned int TEST_VALID_TOKENID_B = 2; +static const std::string TEST_EMPTY_DEVICEID = ""; +static const std::string TEST_PERMISSION_INVALID = ""; + +class PrivacyKitTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); + + class TestCallBack : public OnPermissionUsedRecordCallback { + public: + TestCallBack() = default; + virtual ~TestCallBack() = default; + + void OnQueried(ErrCode code, PermissionUsedResult& result) + { + GTEST_LOG_(INFO) << "TestCallBack, code :" << code; + } + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_KIT_TEST_H diff --git a/ohos.build b/ohos.build index dcd83476236ce9997c20f6f4f254893566b8819e..9bb34ca007ccbf63b9daf0e8b112575f2e0e1ceb 100644 --- a/ohos.build +++ b/ohos.build @@ -33,17 +33,28 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "header": { + "header_files": [ + "privacy_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/privacy/include" + } } ], "module_list": [ "//base/security/access_token:accesstoken_build_module", - "//base/security/access_token:tokensync_build_module" + "//base/security/access_token:tokensync_build_module", + "//base/security/access_token:privacy_build_module" ], "test_list": [ "//base/security/access_token:accesstoken_build_module_test", "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", - "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest" + "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", + "//base/security/access_token/interfaces/innerkits/privacy/test:unittest" ] } } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index 471ed5f2688377484e2653b83815a68effee2a6b..fd39cacb29ca02b184605bfd115e91943ff24999 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -146,7 +146,7 @@ void PermissionPolicySet::StorePermissionDef(std::vector& valueLi { for (auto permissionDef : permList_) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, tokenId_); + genericValues.Put(FIELD_TOKEN_ID, (int)tokenId_); DataTranslator::TranslationIntoGenericValues(permissionDef, genericValues); valueList.emplace_back(genericValues); } @@ -157,7 +157,7 @@ void PermissionPolicySet::StorePermissionState(std::vector& value for (auto permissionState : permStateList_) { if (permissionState.isGeneral) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, tokenId_); + genericValues.Put(FIELD_TOKEN_ID, (int)tokenId_); DataTranslator::TranslationIntoGenericValues(permissionState, 0, genericValues); valueList.emplace_back(genericValues); continue; @@ -166,7 +166,7 @@ void PermissionPolicySet::StorePermissionState(std::vector& value unsigned int stateSize = permissionState.resDeviceID.size(); for (unsigned int i = 0; i < stateSize; i++) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, tokenId_); + genericValues.Put(FIELD_TOKEN_ID, (int)tokenId_); DataTranslator::TranslationIntoGenericValues(permissionState, i, genericValues); valueList.emplace_back(genericValues); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 102565af1132c690419f0d8ec5cf8da9e5756ebf..f70b430178e9468da9fd6c3a8f69e582d1950abe 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -90,7 +90,7 @@ void HapTokenInfoInner::TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const { - outGenericValues.Put(FIELD_TOKEN_ID, tokenInfoBasic_.tokenID); + outGenericValues.Put(FIELD_TOKEN_ID, (int)tokenInfoBasic_.tokenID); outGenericValues.Put(FIELD_USER_ID, tokenInfoBasic_.userID); outGenericValues.Put(FIELD_BUNDLE_NAME, tokenInfoBasic_.bundleName); outGenericValues.Put(FIELD_INST_INDEX, tokenInfoBasic_.instIndex); @@ -99,7 +99,7 @@ void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericVa outGenericValues.Put(FIELD_DEVICE_ID, tokenInfoBasic_.deviceID); outGenericValues.Put(FIELD_APL, tokenInfoBasic_.apl); outGenericValues.Put(FIELD_TOKEN_VERSION, tokenInfoBasic_.ver); - outGenericValues.Put(FIELD_TOKEN_ATTR, tokenInfoBasic_.tokenAttr); + outGenericValues.Put(FIELD_TOKEN_ATTR, (int)tokenInfoBasic_.tokenAttr); } int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericValues) diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index 012433693a999db399197d70c0c89dd312be8970..19d692b1efcfcf2dc20cb079bf0c94db1d5a70e7 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -106,13 +106,13 @@ std::string NativeTokenInfoInner::NativeAclsToString(const std::vector +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class Constant { +public: + enum ErrorCode { + FAILURE = -1, + SUCCESS = 0, + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // CONSTANT_H diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h new file mode 100644 index 0000000000000000000000000000000000000000..66d9662849c3bca675d3f3b80004d477e8ed7a58 --- /dev/null +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_SERVICE_H +#define PRIVACY_MANAGER_SERVICE_H + +#include + +#include "privacy_manager_stub.h" +#include "iremote_object.h" +#include "nocopyable.h" +#include "singleton.h" +#include "system_ability.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; +class PrivacyManagerService final : public SystemAbility, public PrivacyManagerStub { + DECLARE_DELAYED_SINGLETON(PrivacyManagerService); + DECLEAR_SYSTEM_ABILITY(PrivacyManagerService); + +public: + void OnStart() override; + void OnStop() override; + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; + +private: + bool Initialize() const; + + ServiceRunningState state_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_SERVICE_H diff --git a/services/privacymanager/include/service/privacy_manager_stub.h b/services/privacymanager/include/service/privacy_manager_stub.h new file mode 100644 index 0000000000000000000000000000000000000000..21d0f8175fb3b242faee38a35016969a162cc2d7 --- /dev/null +++ b/services/privacymanager/include/service/privacy_manager_stub.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_STUB_H +#define PRIVACY_MANAGER_STUB_H + +#include "i_privacy_manager.h" + +#include "iremote_stub.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerStub : public IRemoteStub { +public: + PrivacyManagerStub() = default; + virtual ~PrivacyManagerStub() = default; + + int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override; + +private: + + void AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply); + void StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply); + void StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply); + void RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); + void GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); + void GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_STUB_H diff --git a/services/privacymanager/sa_profile/3505.xml b/services/privacymanager/sa_profile/3505.xml new file mode 100644 index 0000000000000000000000000000000000000000..af310ef907e02fbcbcb41953339a8d62b4888a97 --- /dev/null +++ b/services/privacymanager/sa_profile/3505.xml @@ -0,0 +1,24 @@ + + + + accesstoken_service + + 3505 + libprivacy_manager_service.z.so + true + true + 1 + + diff --git a/services/privacymanager/sa_profile/BUILD.gn b/services/privacymanager/sa_profile/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..0f952035882f8e296867e394ead4eabed273d3af --- /dev/null +++ b/services/privacymanager/sa_profile/BUILD.gn @@ -0,0 +1,20 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos/sa_profile/sa_profile.gni") + +ohos_sa_profile("privacy_sa_profile_standard") { + part_name = "access_token" + + sources = [ "3505.xml" ] +} diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp new file mode 100644 index 0000000000000000000000000000000000000000..576987ab62f725f7cb69e7442378a231fe21dac0 --- /dev/null +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -0,0 +1,113 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_service.h" + +#include "accesstoken_log.h" +#include "constant.h" +#include "ipc_skeleton.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyManagerService" +}; +} + +const bool REGISTER_RESULT = + SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); + +PrivacyManagerService::PrivacyManagerService() + : SystemAbility(SA_ID_PRIVACY_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService()"); +} + +PrivacyManagerService::~PrivacyManagerService() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "~PrivacyManagerService()"); +} + +void PrivacyManagerService::OnStart() +{ + if (state_ == ServiceRunningState::STATE_RUNNING) { + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService has already started!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService is starting"); + if (!Initialize()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); + return; + } + state_ = ServiceRunningState::STATE_RUNNING; + bool ret = Publish(DelayedSingleton::GetInstance().get()); + if (!ret) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to publish service!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "Congratulations, PrivacyManagerService start successfully!"); +} + +void PrivacyManagerService::OnStop() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); + state_ = ServiceRunningState::STATE_NOT_START; +} + +int PrivacyManagerService::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, deviceID: %{public}s", __func__, tokenID, deviceID.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return Constant::SUCCESS; +} + +int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return Constant::SUCCESS; +} + +bool PrivacyManagerService::Initialize() const +{ + return true; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp new file mode 100644 index 0000000000000000000000000000000000000000..65d5b530d6b00e00e1e6de639a58509677f4fbbf --- /dev/null +++ b/services/privacymanager/src/service/privacy_manager_stub.cpp @@ -0,0 +1,126 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_stub.h" + +#include "accesstoken_log.h" + +#include "ipc_skeleton.h" +#include "string_ex.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PrivacyManagerStub"}; +} + +int PrivacyManagerStub::OnRemoteRequest( + uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, code: 0x%{public}x", __func__, code); + std::u16string descriptor = data.ReadInterfaceToken(); + if (descriptor != IPrivacyManager::GetDescriptor()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); + return -1; + } + switch (code) { + case static_cast(IPrivacyManager::InterfaceCode::ADD_PERMISSION_USED_RECORD): + AddPermissionUsedRecordInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::START_USING_PERMISSION): + StartUsingPermissionInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::STOP_USING_PERMISSION): + StopUsingPermissionInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::DELETE_PERMISSION_USED_RECORDS): + RemovePermissionUsedRecordsInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS): + GetPermissionUsedRecordsInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC): + GetPermissionUsedRecordsAsyncInner(data, reply); + break; + default: + return IPCObjectStub::OnRemoteRequest(code, data, reply, option); + } + return NO_ERROR; +} + +void PrivacyManagerStub::AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int successCount = data.ReadInt32(); + int failCount = data.ReadInt32(); + int result = this->AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->StartUsingPermission(tokenID, permissionName); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->StopUsingPermission(tokenID, permissionName); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string deviceID = data.ReadString(); + int result = this->RemovePermissionUsedRecords(tokenID, deviceID); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) +{ + sptr requestParcel = data.ReadParcelable(); + if (requestParcel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable faild"); + reply.WriteInt32(RET_FAILED); + return; + } + PermissionUsedResultParcel responseParcel; + int result = this->GetPermissionUsedRecords(*requestParcel, responseParcel); + reply.WriteParcelable(&responseParcel); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply) +{ + sptr requestParcel = data.ReadParcelable(); + if (requestParcel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable faild"); + reply.WriteInt32(RET_FAILED); + return; + } + sptr callback = iface_cast(data.ReadRemoteObject()); + int result = this->GetPermissionUsedRecords(*requestParcel, callback); + reply.WriteInt32(result); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS