From 668955afe214a9f3a41760ea4f65d9dcaa8cdae0 Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 20 Dec 2024 09:26:36 +0800 Subject: [PATCH] Remove permstatefull Signed-off-by: chennian Change-Id: If5d67157c0ef4409c5943ba7d3105a87182f75e7 --- bundle.json | 1 + frameworks/accesstoken/BUILD.gn | 2 +- .../accesstoken/include/hap_policy_parcel.h | 2 +- .../include/i_accesstoken_manager.h | 4 +- ...ll_parcel.h => permission_status_parcel.h} | 12 +- .../accesstoken/src/hap_policy_parcel.cpp | 32 +- .../src/hap_token_info_for_sync_parcel.cpp | 12 +- ...arcel.cpp => permission_status_parcel.cpp} | 60 +--- .../test/unittest/accesstoken_parcel_test.cpp | 169 +++------ .../accesstoken/include/hap_token_info.h | 17 +- .../accesstoken/include/permission_status.h | 69 ++++ .../accesstoken/src/accesstoken_kit.cpp | 27 +- .../src/accesstoken_manager_client.cpp | 21 +- .../src/accesstoken_manager_client.h | 6 +- .../src/accesstoken_manager_proxy.cpp | 4 +- .../src/accesstoken_manager_proxy.h | 4 +- .../alloc_local_token_id_test.cpp | 10 +- .../delete_remote_device_tokens_test.cpp | 20 +- .../delete_remote_token_test.cpp | 20 +- .../get_hap_token_info_from_remote_test.cpp | 27 +- .../set_remote_hap_token_info_test.cpp | 110 +++--- .../unittest/src/remote_token_kit_test.cpp | 189 ++++------- .../cpp/include/database/data_translator.h | 8 +- .../permission/dlp_permission_set_manager.h | 4 +- .../include/permission/permission_manager.h | 20 +- .../permission/permission_policy_set.h | 23 +- .../include/permission/permission_validator.h | 8 +- .../permission/temp_permission_observer.h | 2 +- .../service/accesstoken_manager_service.h | 2 +- .../include/token/accesstoken_info_manager.h | 6 +- .../cpp/include/token/hap_token_info_inner.h | 17 +- .../include/token/native_token_info_inner.h | 4 +- .../cpp/include/token/native_token_receptor.h | 2 +- .../main/cpp/src/database/data_translator.cpp | 40 +-- .../permission/dlp_permission_set_manager.cpp | 6 +- .../cpp/src/permission/permission_manager.cpp | 54 +-- .../src/permission/permission_policy_set.cpp | 189 ++++------- .../src/permission/permission_validator.cpp | 43 +-- .../src/permission/short_grant_manager.cpp | 1 + .../permission/temp_permission_observer.cpp | 24 +- .../service/accesstoken_manager_service.cpp | 26 +- .../src/service/accesstoken_manager_stub.cpp | 2 +- .../src/token/accesstoken_info_manager.cpp | 10 +- .../cpp/src/token/hap_token_info_inner.cpp | 32 +- .../cpp/src/token/native_token_info_inner.cpp | 2 +- .../cpp/src/token/native_token_receptor.cpp | 12 +- .../cpp/src/token/token_modify_notifier.cpp | 3 + .../accesstoken_database_coverage_test.cpp | 15 +- .../permission_manager_coverage_test.cpp | 54 ++- .../unittest/accesstoken_database_test.cpp | 28 +- .../accesstoken_info_manager_test.cpp | 321 ++++-------------- .../unittest/native_token_receptor_test.cpp | 40 +-- .../permission_definition_parser_test.cpp | 3 +- .../test/unittest/permission_manager_test.cpp | 179 +++++----- .../unittest/short_grant_manager_test.cpp | 10 +- .../database/test/unittest/database_test.cpp | 125 ++----- .../include/command/base_remote_command.h | 8 +- .../command/sync_remote_hap_token_command.h | 2 +- .../src/command/base_remote_command.cpp | 58 +--- .../test/unittest/token_sync_service_test.cpp | 60 ++-- .../setremotehaptokeninfo_fuzzer.cpp | 12 +- .../allochaptokenstub_fuzzer.cpp | 18 +- .../initHapTokenstub_fuzzer.cpp | 18 +- .../setremotehaptokeninfostub_fuzzer.cpp | 22 +- .../updatehaptokenstub_fuzzer.cpp | 12 +- 65 files changed, 921 insertions(+), 1422 deletions(-) rename frameworks/accesstoken/include/{permission_state_full_parcel.h => permission_status_parcel.h} (78%) rename frameworks/accesstoken/src/{permission_state_full_parcel.cpp => permission_status_parcel.cpp} (30%) create mode 100644 interfaces/innerkits/accesstoken/include/permission_status.h diff --git a/bundle.json b/bundle.json index ffd3bab9f..285efcc94 100644 --- a/bundle.json +++ b/bundle.json @@ -109,6 +109,7 @@ "permission_list_state.h", "permission_state_change_info.h", "permission_state_full.h", + "permission_status.h", "sec_comp_enhance_data.h", "token_sync_kit_interface.h", "tokenid_kit.h", diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index bface813f..905cf9753 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -60,7 +60,7 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") { "src/permission_list_state_parcel.cpp", "src/permission_state_change_info_parcel.cpp", "src/permission_state_change_scope_parcel.cpp", - "src/permission_state_full_parcel.cpp", + "src/permission_status_parcel.cpp", ] external_deps = [ "c_utils:utils" ] diff --git a/frameworks/accesstoken/include/hap_policy_parcel.h b/frameworks/accesstoken/include/hap_policy_parcel.h index ceafe550f..a391e2a4d 100644 --- a/frameworks/accesstoken/include/hap_policy_parcel.h +++ b/frameworks/accesstoken/include/hap_policy_parcel.h @@ -31,7 +31,7 @@ struct HapPolicyParcel final : public Parcelable { static HapPolicyParcel *Unmarshalling(Parcel &in); - HapPolicyParams hapPolicyParameter; + HapPolicy hapPolicy; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 8205ebfff..3b768aeeb 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -33,7 +33,7 @@ #include "permission_def_parcel.h" #include "permission_grant_info_parcel.h" #include "permission_list_state_parcel.h" -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" #include "permission_state_change_scope_parcel.h" #include "system_ability_definition.h" @@ -54,7 +54,7 @@ public: virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; virtual int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) = 0; virtual int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) = 0; + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) = 0; virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) = 0; virtual int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID = 0) = 0; diff --git a/frameworks/accesstoken/include/permission_state_full_parcel.h b/frameworks/accesstoken/include/permission_status_parcel.h similarity index 78% rename from frameworks/accesstoken/include/permission_state_full_parcel.h rename to frameworks/accesstoken/include/permission_status_parcel.h index 71e869ed1..fef5f4d2c 100644 --- a/frameworks/accesstoken/include/permission_state_full_parcel.h +++ b/frameworks/accesstoken/include/permission_status_parcel.h @@ -16,22 +16,22 @@ #ifndef INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_PARCEL_H #define INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_PARCEL_H -#include "permission_state_full.h" +#include "permission_status.h" #include "parcel.h" namespace OHOS { namespace Security { namespace AccessToken { -struct PermissionStateFullParcel final : public Parcelable { - PermissionStateFullParcel() = default; +struct PermissionStatusParcel final : public Parcelable { + PermissionStatusParcel() = default; - ~PermissionStateFullParcel() override = default; + ~PermissionStatusParcel() override = default; bool Marshalling(Parcel &out) const override; - static PermissionStateFullParcel *Unmarshalling(Parcel &in); + static PermissionStatusParcel *Unmarshalling(Parcel &in); - PermissionStateFull permStatFull; + PermissionStatus permState; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 3d852a4cf..09e785e4f 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -20,17 +20,17 @@ #include "permission_def.h" #include "permission_def_parcel.h" #include "permission_state_full.h" -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" namespace OHOS { namespace Security { namespace AccessToken { bool HapPolicyParcel::Marshalling(Parcel& out) const { - RETURN_IF_FALSE(out.WriteInt32(this->hapPolicyParameter.apl)); - RETURN_IF_FALSE(out.WriteString(this->hapPolicyParameter.domain)); + RETURN_IF_FALSE(out.WriteInt32(this->hapPolicy.apl)); + RETURN_IF_FALSE(out.WriteString(this->hapPolicy.domain)); - const std::vector& permList = this->hapPolicyParameter.permList; + const std::vector& permList = this->hapPolicy.permList; uint32_t permListSize = permList.size(); RETURN_IF_FALSE(out.WriteUint32(permListSize)); @@ -40,17 +40,17 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteParcelable(&permDefParcel)); } - const std::vector& permStateList = this->hapPolicyParameter.permStateList; + const std::vector& permStateList = this->hapPolicy.permStateList; uint32_t permStateListSize = permStateList.size(); RETURN_IF_FALSE(out.WriteUint32(permStateListSize)); for (uint32_t i = 0; i < permStateListSize; i++) { - PermissionStateFullParcel permStateParcel; - permStateParcel.permStatFull = permStateList[i]; + PermissionStatusParcel permStateParcel; + permStateParcel.permState = permStateList[i]; RETURN_IF_FALSE(out.WriteParcelable(&permStateParcel)); } - const std::vector& aclRequestedList = this->hapPolicyParameter.aclRequestedList; + const std::vector& aclRequestedList = this->hapPolicy.aclRequestedList; uint32_t aclRequestedListSize = aclRequestedList.size(); RETURN_IF_FALSE(out.WriteUint32(aclRequestedListSize)); @@ -58,7 +58,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(aclRequestedList[i])); } - const std::vector& info = this->hapPolicyParameter.preAuthorizationInfo; + const std::vector& info = this->hapPolicy.preAuthorizationInfo; uint32_t infoSize = info.size(); RETURN_IF_FALSE(out.WriteUint32(infoSize)); @@ -78,9 +78,9 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) int32_t apl; RELEASE_IF_FALSE(in.ReadInt32(apl), hapPolicyParcel); - hapPolicyParcel->hapPolicyParameter.apl = ATokenAplEnum(apl); + hapPolicyParcel->hapPolicy.apl = ATokenAplEnum(apl); - hapPolicyParcel->hapPolicyParameter.domain = in.ReadString(); + hapPolicyParcel->hapPolicy.domain = in.ReadString(); uint32_t permListSize; RELEASE_IF_FALSE(in.ReadUint32(permListSize), hapPolicyParcel); @@ -89,16 +89,16 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) for (uint32_t i = 0; i < permListSize; i++) { sptr permDefParcel = in.ReadParcelable(); RELEASE_IF_FALSE(permDefParcel != nullptr, hapPolicyParcel); - hapPolicyParcel->hapPolicyParameter.permList.emplace_back(permDefParcel->permissionDef); + hapPolicyParcel->hapPolicy.permList.emplace_back(permDefParcel->permissionDef); } uint32_t permStateListSize; RELEASE_IF_FALSE(in.ReadUint32(permStateListSize), hapPolicyParcel); RELEASE_IF_FALSE((permStateListSize <= MAX_PERMLIST_SIZE), hapPolicyParcel); for (uint32_t i = 0; i < permStateListSize; i++) { - sptr permissionStateParcel = in.ReadParcelable(); + sptr permissionStateParcel = in.ReadParcelable(); RELEASE_IF_FALSE(permissionStateParcel != nullptr, hapPolicyParcel); - hapPolicyParcel->hapPolicyParameter.permStateList.emplace_back(permissionStateParcel->permStatFull); + hapPolicyParcel->hapPolicy.permStateList.emplace_back(permissionStateParcel->permState); } uint32_t aclRequestedListSize; RELEASE_IF_FALSE(in.ReadUint32(aclRequestedListSize), hapPolicyParcel); @@ -106,7 +106,7 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) for (uint32_t i = 0; i < aclRequestedListSize; i++) { std::string acl; RELEASE_IF_FALSE(in.ReadString(acl), hapPolicyParcel); - hapPolicyParcel->hapPolicyParameter.aclRequestedList.emplace_back(acl); + hapPolicyParcel->hapPolicy.aclRequestedList.emplace_back(acl); } uint32_t infoSize; RELEASE_IF_FALSE(in.ReadUint32(infoSize), hapPolicyParcel); @@ -115,7 +115,7 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) PreAuthorizationInfo info; RELEASE_IF_FALSE(in.ReadString(info.permissionName), hapPolicyParcel); RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel); - hapPolicyParcel->hapPolicyParameter.preAuthorizationInfo.emplace_back(info); + hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); } return hapPolicyParcel; } diff --git a/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp index 1eda5958b..fbbec4f94 100644 --- a/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp +++ b/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp @@ -18,7 +18,7 @@ #include "hap_token_info_parcel.h" #include "parcel_utils.h" #include "permission_state_full.h" -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" namespace OHOS { namespace Security { @@ -29,13 +29,13 @@ bool HapTokenInfoForSyncParcel::Marshalling(Parcel& out) const baseInfoParcel.hapTokenInfoParams = this->hapTokenInfoForSyncParams.baseInfo; RETURN_IF_FALSE(out.WriteParcelable(&baseInfoParcel)); - const std::vector& permStateList = this->hapTokenInfoForSyncParams.permStateList; + const std::vector& permStateList = this->hapTokenInfoForSyncParams.permStateList; uint32_t permStateListSize = permStateList.size(); RETURN_IF_FALSE(permStateListSize <= MAX_PERMLIST_SIZE); RETURN_IF_FALSE(out.WriteUint32(permStateListSize)); for (uint32_t i = 0; i < permStateListSize; i++) { - PermissionStateFullParcel permStateParcel; - permStateParcel.permStatFull = permStateList[i]; + PermissionStatusParcel permStateParcel; + permStateParcel.permState = permStateList[i]; RETURN_IF_FALSE(out.WriteParcelable(&permStateParcel)); } @@ -57,10 +57,10 @@ HapTokenInfoForSyncParcel* HapTokenInfoForSyncParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadUint32(permStateListSize), hapTokenInfoForSyncParcel); RELEASE_IF_FALSE((permStateListSize <= MAX_PERMLIST_SIZE), hapTokenInfoForSyncParcel); for (uint32_t i = 0; i < permStateListSize; i++) { - sptr permissionStateParcel = in.ReadParcelable(); + sptr permissionStateParcel = in.ReadParcelable(); RELEASE_IF_FALSE(permissionStateParcel != nullptr, hapTokenInfoForSyncParcel); hapTokenInfoForSyncParcel->hapTokenInfoForSyncParams.permStateList.emplace_back( - permissionStateParcel->permStatFull); + permissionStateParcel->permState); } return hapTokenInfoForSyncParcel; } diff --git a/frameworks/accesstoken/src/permission_state_full_parcel.cpp b/frameworks/accesstoken/src/permission_status_parcel.cpp similarity index 30% rename from frameworks/accesstoken/src/permission_state_full_parcel.cpp rename to frameworks/accesstoken/src/permission_status_parcel.cpp index da9e38d87..f7fc523e8 100644 --- a/frameworks/accesstoken/src/permission_state_full_parcel.cpp +++ b/frameworks/accesstoken/src/permission_status_parcel.cpp @@ -13,70 +13,30 @@ * limitations under the License. */ -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" #include "parcel_utils.h" namespace OHOS { namespace Security { namespace AccessToken { -bool PermissionStateFullParcel::Marshalling(Parcel& out) const +bool PermissionStatusParcel::Marshalling(Parcel& out) const { - RETURN_IF_FALSE(out.WriteString(this->permStatFull.permissionName)); - RETURN_IF_FALSE(out.WriteBool(this->permStatFull.isGeneral)); - - RETURN_IF_FALSE(out.WriteUint32(this->permStatFull.resDeviceID.size())); - for (auto devId : this->permStatFull.resDeviceID) { - RETURN_IF_FALSE(out.WriteString(devId)); - } - - RETURN_IF_FALSE(out.WriteUint32(this->permStatFull.grantStatus.size())); - for (auto grantStat : this->permStatFull.grantStatus) { - RETURN_IF_FALSE(out.WriteInt32(grantStat)); - } - - RETURN_IF_FALSE(out.WriteUint32(this->permStatFull.grantFlags.size())); - for (auto grantFlag : this->permStatFull.grantFlags) { - RETURN_IF_FALSE(out.WriteUint32(grantFlag)); - } + RETURN_IF_FALSE(out.WriteString(this->permState.permissionName)); + RETURN_IF_FALSE(out.WriteInt32(this->permState.grantStatus)); + RETURN_IF_FALSE(out.WriteUint32(this->permState.grantFlag)); return true; } -PermissionStateFullParcel* PermissionStateFullParcel::Unmarshalling(Parcel& in) +PermissionStatusParcel* PermissionStatusParcel::Unmarshalling(Parcel& in) { - auto* permissionStateParcel = new (std::nothrow) PermissionStateFullParcel(); + auto* permissionStateParcel = new (std::nothrow) PermissionStatusParcel(); if (permissionStateParcel == nullptr) { return nullptr; } - RELEASE_IF_FALSE(in.ReadString(permissionStateParcel->permStatFull.permissionName), permissionStateParcel); - RELEASE_IF_FALSE(in.ReadBool(permissionStateParcel->permStatFull.isGeneral), permissionStateParcel); - - uint32_t resIdSize = 0; - RELEASE_IF_FALSE(in.ReadUint32(resIdSize), permissionStateParcel); - RELEASE_IF_FALSE(resIdSize <= MAX_DEVICE_ID_SIZE, permissionStateParcel); - for (uint32_t i = 0; i < resIdSize; i++) { - std::string resId; - RELEASE_IF_FALSE(in.ReadString(resId), permissionStateParcel); - permissionStateParcel->permStatFull.resDeviceID.emplace_back(resId); - } - - uint32_t grantStatsSize = 0; - RELEASE_IF_FALSE(in.ReadUint32(grantStatsSize), permissionStateParcel); - RELEASE_IF_FALSE(grantStatsSize <= MAX_DEVICE_ID_SIZE, permissionStateParcel); - for (uint32_t i = 0; i < grantStatsSize; i++) { - int grantStat; - RELEASE_IF_FALSE(in.ReadInt32(grantStat), permissionStateParcel); - permissionStateParcel->permStatFull.grantStatus.emplace_back(grantStat); - } - - uint32_t grantFlagSize = 0; - RELEASE_IF_FALSE(in.ReadUint32(grantFlagSize), permissionStateParcel); - RELEASE_IF_FALSE(grantFlagSize <= MAX_DEVICE_ID_SIZE, permissionStateParcel); - for (uint32_t i = 0; i < grantFlagSize; i++) { - uint32_t flag; - RELEASE_IF_FALSE(in.ReadUint32(flag), permissionStateParcel); - permissionStateParcel->permStatFull.grantFlags.emplace_back(flag); - } + RELEASE_IF_FALSE(in.ReadString(permissionStateParcel->permState.permissionName), permissionStateParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionStateParcel->permState.grantStatus), permissionStateParcel); + RELEASE_IF_FALSE(in.ReadUint32(permissionStateParcel->permState.grantFlag), permissionStateParcel); return permissionStateParcel; } } // namespace AccessToken diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp index f8ed855e0..ebafe0eb7 100644 --- a/frameworks/test/unittest/accesstoken_parcel_test.cpp +++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp @@ -29,8 +29,7 @@ #include "permission_grant_info_parcel.h" #include "permission_state_change_scope_parcel.h" #include "permission_state_change_info_parcel.h" -#include "permission_state_full.h" -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" using namespace testing::ext; @@ -65,19 +64,15 @@ PermissionDef g_permDefBeta = { .descriptionId = 1 }; -PermissionStateFull g_permStatAlpha = { +PermissionStatus g_permStatAlpha = { .permissionName = TEST_PERMISSION_NAME_ALPHA, - .isGeneral = true, - .resDeviceID = {"device"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET }; -PermissionStateFull g_permStatBeta = { +PermissionStatus g_permStatBeta = { .permissionName = TEST_PERMISSION_NAME_BETA, - .isGeneral = true, - .resDeviceID = {"device"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED }; } class AccessTokenParcelTest : public testing::Test { @@ -135,12 +130,12 @@ HWTEST_F(AccessTokenParcelTest, HapPolicyParcel001, TestSize.Level1) { HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; - hapPolicyParcel.hapPolicyParameter.domain = "test.domain"; - hapPolicyParcel.hapPolicyParameter.permList.emplace_back(g_permDefAlpha); - hapPolicyParcel.hapPolicyParameter.permList.emplace_back(g_permDefBeta); - hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(g_permStatAlpha); - hapPolicyParcel.hapPolicyParameter.permStateList.emplace_back(g_permStatBeta); + hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; + hapPolicyParcel.hapPolicy.domain = "test.domain"; + hapPolicyParcel.hapPolicy.permList.emplace_back(g_permDefAlpha); + hapPolicyParcel.hapPolicy.permList.emplace_back(g_permDefBeta); + hapPolicyParcel.hapPolicy.permStateList.emplace_back(g_permStatAlpha); + hapPolicyParcel.hapPolicy.permStateList.emplace_back(g_permStatBeta); Parcel parcel; EXPECT_EQ(true, hapPolicyParcel.Marshalling(parcel)); @@ -148,42 +143,38 @@ HWTEST_F(AccessTokenParcelTest, HapPolicyParcel001, TestSize.Level1) std::shared_ptr readedData(HapPolicyParcel::Unmarshalling(parcel)); EXPECT_NE(nullptr, readedData); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.apl, readedData->hapPolicyParameter.apl); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.domain, readedData->hapPolicyParameter.domain); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList.size(), readedData->hapPolicyParameter.permList.size()); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList.size(), - readedData->hapPolicyParameter.permStateList.size()); - - for (uint32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permList.size(); i++) { - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].permissionName, - readedData->hapPolicyParameter.permList[i].permissionName); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].bundleName, - readedData->hapPolicyParameter.permList[i].bundleName); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].grantMode, - readedData->hapPolicyParameter.permList[i].grantMode); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].availableLevel, - readedData->hapPolicyParameter.permList[i].availableLevel); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].label, - readedData->hapPolicyParameter.permList[i].label); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].labelId, - readedData->hapPolicyParameter.permList[i].labelId); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].description, - readedData->hapPolicyParameter.permList[i].description); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permList[i].descriptionId, - readedData->hapPolicyParameter.permList[i].descriptionId); + EXPECT_EQ(hapPolicyParcel.hapPolicy.apl, readedData->hapPolicy.apl); + EXPECT_EQ(hapPolicyParcel.hapPolicy.domain, readedData->hapPolicy.domain); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList.size(), readedData->hapPolicy.permList.size()); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permStateList.size(), + readedData->hapPolicy.permStateList.size()); + + for (uint32_t i = 0; i < hapPolicyParcel.hapPolicy.permList.size(); i++) { + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].permissionName, + readedData->hapPolicy.permList[i].permissionName); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].bundleName, + readedData->hapPolicy.permList[i].bundleName); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].grantMode, + readedData->hapPolicy.permList[i].grantMode); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].availableLevel, + readedData->hapPolicy.permList[i].availableLevel); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].label, + readedData->hapPolicy.permList[i].label); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].labelId, + readedData->hapPolicy.permList[i].labelId); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].description, + readedData->hapPolicy.permList[i].description); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].descriptionId, + readedData->hapPolicy.permList[i].descriptionId); } - for (uint32_t i = 0; i < hapPolicyParcel.hapPolicyParameter.permStateList.size(); i++) { - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].permissionName, - readedData->hapPolicyParameter.permStateList[i].permissionName); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].isGeneral, - readedData->hapPolicyParameter.permStateList[i].isGeneral); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].resDeviceID, - readedData->hapPolicyParameter.permStateList[i].resDeviceID); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].grantStatus, - readedData->hapPolicyParameter.permStateList[i].grantStatus); - EXPECT_EQ(hapPolicyParcel.hapPolicyParameter.permStateList[i].grantFlags, - readedData->hapPolicyParameter.permStateList[i].grantFlags); + for (uint32_t i = 0; i < hapPolicyParcel.hapPolicy.permStateList.size(); i++) { + EXPECT_EQ(hapPolicyParcel.hapPolicy.permStateList[i].permissionName, + readedData->hapPolicy.permStateList[i].permissionName); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permStateList[i].grantStatus, + readedData->hapPolicy.permStateList[i].grantStatus); + EXPECT_EQ(hapPolicyParcel.hapPolicy.permStateList[i].grantFlag, + readedData->hapPolicy.permStateList[i].grantFlag); } } @@ -271,15 +262,15 @@ static void WriteParcelable( Parcel& out, const Parcelable& baseInfoParcel, uint32_t size) { out.WriteParcelable(&baseInfoParcel); - std::vector permStateList; + std::vector permStateList; for (uint32_t i = 0; i < size; i++) { permStateList.emplace_back(g_permStatBeta); } uint32_t permStateListSize = permStateList.size(); out.WriteUint32(permStateListSize); for (uint32_t i = 0; i < permStateListSize; i++) { - PermissionStateFullParcel permStateParcel; - permStateParcel.permStatFull = permStateList[i]; + PermissionStatusParcel permStateParcel; + permStateParcel.permState = permStateList[i]; out.WriteParcelable(&permStateParcel); } @@ -289,8 +280,8 @@ static void WriteParcelable( permStateListSize = permStateList.size(); out.WriteUint32(permStateListSize); for (uint32_t i = 0; i < permStateListSize; i++) { - PermissionStateFullParcel permStateParcel; - permStateParcel.permStatFull = permStateList[i]; + PermissionStatusParcel permStateParcel; + permStateParcel.permState = permStateList[i]; out.WriteParcelable(&permStateParcel); } } @@ -329,72 +320,22 @@ HWTEST_F(AccessTokenParcelTest, HapTokenInfoForSyncParcel002, TestSize.Level1) EXPECT_EQ(true, readedData1 == nullptr); } - -static void PutData(Parcel& out, uint32_t deviceSize, uint32_t statusSize, uint32_t flagSize) -{ - out.WriteString("ohos.permission.LOCATION"); - out.WriteBool(true); - out.WriteUint32(deviceSize); - for (uint32_t i = 0; i < deviceSize; i++) { - out.WriteString("deviceName"); - } - out.WriteUint32(statusSize); - for (uint32_t i = 0; i < statusSize; i++) { - out.WriteInt32(0); - } - out.WriteUint32(flagSize); - for (uint32_t i = 0; i < flagSize; i++) { - out.WriteInt32(0); - } -} - -/** - * @tc.name: PermissionStateFullParcel001 - * @tc.desc: Test permissionStateFullParcel Marshalling/Unmarshalling. - * @tc.type: FUNC - * @tc.require: issueI5QKZF - */ -HWTEST_F(AccessTokenParcelTest, PermissionStateFullParcel001, TestSize.Level1) -{ - Parcel out; - PutData(out, MAX_DEVICE_ID_SIZE, MAX_DEVICE_ID_SIZE, MAX_DEVICE_ID_SIZE + 1); - std::shared_ptr readedData(PermissionStateFullParcel::Unmarshalling(out)); - EXPECT_EQ(nullptr, readedData); - - Parcel out1; - PutData(out1, MAX_DEVICE_ID_SIZE, MAX_DEVICE_ID_SIZE + 1, MAX_DEVICE_ID_SIZE + 1); - std::shared_ptr readedData1(PermissionStateFullParcel::Unmarshalling(out1)); - EXPECT_EQ(readedData1, nullptr); - - Parcel out2; - PutData(out2, MAX_DEVICE_ID_SIZE + 1, MAX_DEVICE_ID_SIZE + 1, MAX_DEVICE_ID_SIZE + 1); - std::shared_ptr readedData2(PermissionStateFullParcel::Unmarshalling(out2)); - EXPECT_EQ(readedData2, nullptr); - - Parcel out3; - PutData(out3, MAX_DEVICE_ID_SIZE, MAX_DEVICE_ID_SIZE, MAX_DEVICE_ID_SIZE); - std::shared_ptr readedData3(PermissionStateFullParcel::Unmarshalling(out3)); - EXPECT_NE(readedData3, nullptr); -} - /** * @tc.name: PermissionStateFullParcel002 - * @tc.desc: Test permissionStateFullParcel Marshalling/Unmarshalling. + * @tc.desc: Test permissionStateParcel Marshalling/Unmarshalling. * @tc.type: FUNC * @tc.require: issueI5QKZF */ HWTEST_F(AccessTokenParcelTest, PermissionStateFullParcel002, TestSize.Level1) { - PermissionStateFullParcel permissionStateFullParcel; - permissionStateFullParcel.permStatFull.permissionName = "permissionName"; - permissionStateFullParcel.permStatFull.isGeneral = false; - permissionStateFullParcel.permStatFull.resDeviceID = {"device"}; - permissionStateFullParcel.permStatFull.grantStatus = {1}; - permissionStateFullParcel.permStatFull.grantFlags = {0}; + PermissionStatusParcel permissionStateParcel; + permissionStateParcel.permState.permissionName = "permissionName"; + permissionStateParcel.permState.grantStatus = 1; + permissionStateParcel.permState.grantFlag = 0; Parcel parcel; - EXPECT_EQ(true, permissionStateFullParcel.Marshalling(parcel)); + EXPECT_EQ(true, permissionStateParcel.Marshalling(parcel)); - std::shared_ptr readedData(PermissionStateFullParcel::Unmarshalling(parcel)); + std::shared_ptr readedData(PermissionStatusParcel::Unmarshalling(parcel)); EXPECT_NE(nullptr, readedData); } diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index 79939bc8a..bf2760d03 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -43,6 +43,7 @@ #include "access_token.h" #include "permission_def.h" #include "permission_state_full.h" +#include "permission_status.h" #include #include @@ -116,7 +117,7 @@ public: /** hap token info */ HapTokenInfo baseInfo; /** permission state list */ - std::vector permStateList; + std::vector permStateList; }; class HapTokenInfoExt final { @@ -164,6 +165,20 @@ public: std::vector preAuthorizationInfo; }; +class HapPolicy final { +public: + /** + * apl level, for details about the valid values, + * see the definition of ATokenAplEnum in the access_token.h file. + */ + ATokenAplEnum apl; + std::string domain; + std::vector permList; + std::vector permStateList; + std::vector aclRequestedList; + std::vector preAuthorizationInfo; +}; + /** * @brief Declares the result after failing to update or install hap */ diff --git a/interfaces/innerkits/accesstoken/include/permission_status.h b/interfaces/innerkits/accesstoken/include/permission_status.h new file mode 100644 index 000000000..764da4b3a --- /dev/null +++ b/interfaces/innerkits/accesstoken/include/permission_status.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @addtogroup AccessToken + * @{ + * + * @brief Provides permission management interfaces. + * + * Provides tokenID-based application permission verification mechanism. + * When an application accesses sensitive data or APIs, this module can check + * whether the application has the corresponding permission. Allows applications + * to query their access token information or APL levcels based on token IDs. + * + * @since 7.0 + * @version 7.0 + */ + +/** + * @file permission_state.h + * + * @brief Declares permission status class. + * + * @since 7.0 + * @version 7.0 + */ + +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATUS_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATUS_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * @brief Declares permission status class + */ +class PermissionStatus final { +public: + std::string permissionName; + /** + * permission grant status, for details about the valid values, + * see the definition of PermissionState in the access_token.h file. + */ + int32_t grantStatus; + /** + * permission grant flag, for details about the valid values, + * see the definition of PermissionFlag in the access_token.h file. + */ + uint32_t grantFlag; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATUS_H diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 998c7c0dc..6dbd16d11 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -68,6 +68,22 @@ int AccessTokenKit::GrantPermissionForSpecifiedTime( return AccessTokenManagerClient::GetInstance().GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); } +static void TransferHapPolicyParams(const HapPolicyParams& policyIn, HapPolicy& policyOut) +{ + policyOut.apl = policyIn.apl; + policyOut.domain = policyIn.domain; + policyOut.permList.assign(policyIn.permList.begin(), policyIn.permList.end()); + policyOut.aclRequestedList.assign(policyIn.aclRequestedList.begin(), policyIn.aclRequestedList.end()); + policyOut.preAuthorizationInfo.assign(policyIn.preAuthorizationInfo.begin(), policyIn.preAuthorizationInfo.end()); + for (const auto& perm : policyIn.permStateList) { + PermissionStatus tmp; + tmp.permissionName = perm.permissionName; + tmp.grantStatus = perm.grantStatus[0]; + tmp.grantFlag = perm.grantFlags[0]; + policyOut.permStateList.emplace_back(tmp); + } +} + AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) { AccessTokenIDEx res = {0}; @@ -80,7 +96,9 @@ permList: %{public}zu, stateList: %{public}zu", ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); return res; } - return AccessTokenManagerClient::GetInstance().AllocHapToken(info, policy); + HapPolicy newPolicy; + TransferHapPolicyParams(policy, newPolicy); + return AccessTokenManagerClient::GetInstance().AllocHapToken(info, newPolicy); } int32_t AccessTokenKit::InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, @@ -102,7 +120,9 @@ permList: %{public}zu, stateList: %{public}zu", ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); return AccessTokenError::ERR_PARAM_INVALID; } - return AccessTokenManagerClient::GetInstance().InitHapToken(info, policy, fullTokenId, result); + HapPolicy newPolicy; + TransferHapPolicyParams(policy, newPolicy); + return AccessTokenManagerClient::GetInstance().InitHapToken(info, newPolicy, fullTokenId, result); } AccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) @@ -137,6 +157,9 @@ permList: %{public}zu, stateList: %{public}zu", ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); return AccessTokenError::ERR_PARAM_INVALID; } + + HapPolicy newPolicy; + TransferHapPolicyParams(policy, newPolicy); return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenIdEx, info, policy, result); } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 6561dab00..1c17e766c 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -143,10 +143,15 @@ int AccessTokenManagerClient::GetReqPermissions( ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null"); return AccessTokenError::ERR_SERVICE_ABNORMAL; } - std::vector parcelList; + std::vector parcelList; int result = proxy->GetReqPermissions(tokenID, parcelList, isSystemGrant); for (const auto& permParcel : parcelList) { - PermissionStateFull perm = permParcel.permStatFull; + PermissionStateFull perm; + perm.permissionName = permParcel.permState.permissionName; + perm.isGeneral = true; + perm.resDeviceID.emplace_back(""); + perm.grantStatus.emplace_back(permParcel.permState.grantStatus); + perm.grantFlags.emplace_back(permParcel.permState.grantFlag); reqPermList.emplace_back(perm); } return result; @@ -377,7 +382,7 @@ int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback( return result; } -AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) +AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicy& policy) { AccessTokenIDEx tokenIdEx = { 0 }; auto proxy = GetProxy(); @@ -388,12 +393,12 @@ AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& inf HapInfoParcel hapInfoParcel; HapPolicyParcel hapPolicyParcel; hapInfoParcel.hapInfoParameter = info; - hapPolicyParcel.hapPolicyParameter = policy; + hapPolicyParcel.hapPolicy = policy; return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel); } -int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, +int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicy& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { auto proxy = GetProxy(); @@ -404,7 +409,7 @@ int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPol HapInfoParcel hapInfoParcel; HapPolicyParcel hapPolicyParcel; hapInfoParcel.hapInfoParameter = info; - hapPolicyParcel.hapPolicyParameter = policy; + hapPolicyParcel.hapPolicy = policy; return proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId, result); } @@ -453,7 +458,7 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( } int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParams& policy, HapInfoCheckResult& result) + const HapPolicy& policy, HapInfoCheckResult& result) { auto proxy = GetProxy(); if (proxy == nullptr) { @@ -461,7 +466,7 @@ int32_t AccessTokenManagerClient::UpdateHapToken(AccessTokenIDEx& tokenIdEx, con return AccessTokenError::ERR_SERVICE_ABNORMAL; } HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicyParameter = policy; + hapPolicyParcel.hapPolicy = policy; return proxy->UpdateHapToken(tokenIdEx, info, hapPolicyParcel, result); } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 3de146599..096806df5 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -67,15 +67,15 @@ public: int GrantPermissionForSpecifiedTime( AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime); int ClearUserGrantedPermissionState(AccessTokenID tokenID); - AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); - int32_t InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, + AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicy& policy); + int32_t InitHapToken(const HapInfoParams& info, HapPolicy& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result); int DeleteToken(AccessTokenID tokenID); ATokenTypeEnum GetTokenType(AccessTokenID tokenID); AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const HapPolicyParams& policy, HapInfoCheckResult& result); + const HapPolicy& policy, HapInfoCheckResult& result); int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); #ifndef ATM_BUILD_VARIANT_USER_ENABLE diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index dd5618dc5..75f9cd06a 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -214,7 +214,7 @@ int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, } int AccessTokenManagerProxy::GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { MessageParcel data; if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { @@ -246,7 +246,7 @@ int AccessTokenManagerProxy::GetReqPermissions( return ERR_OVERSIZE; } for (uint32_t i = 0; i < reqPermSize; i++) { - sptr permissionReq = reply.ReadParcelable(); + sptr permissionReq = reply.ReadParcelable(); if (permissionReq != nullptr) { reqPermList.emplace_back(*permissionReq); } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index a610970c4..712787917 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -32,7 +32,7 @@ #include "permission_def_parcel.h" #include "permission_grant_info_parcel.h" #include "permission_list_state_parcel.h" -#include "permission_state_full_parcel.h" +#include "permission_status_parcel.h" namespace OHOS { namespace Security { @@ -50,7 +50,7 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override; int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID) override; diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp index 9b469c674..144b2561d 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/alloc_local_token_id_test.cpp @@ -138,13 +138,11 @@ HWTEST_F(AllocLocalTokenIDTest, AllocLocalTokenIDFuncTest001, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "AllocLocalTokenIDFuncTest001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState_1 = { + PermissionStatus infoManagerTestState_1 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState_1); HapTokenInfoForSync remoteTokenInfo1 = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp index a85330b8c..ca8b32630 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_device_tokens_test.cpp @@ -140,13 +140,11 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest001, Test std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100001); - PermissionStateFull infoManagerTestState4 = { + PermissionStatus infoManagerTestState4 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState4); HapTokenInfoForSync remoteTokenInfo1 = { @@ -190,13 +188,11 @@ HWTEST_F(DeleteRemoteDeviceTokensTest, DeleteRemoteDeviceTokensFuncTest002, Test std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100001); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo2 = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp index 9ceb35984..57a8e55a9 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/delete_remote_token_test.cpp @@ -187,13 +187,11 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest001, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteTokenFuncTest001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState_3 = { + PermissionStatus infoManagerTestState_3 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState_3); HapTokenInfoForSync remoteTokenInfo11 = { @@ -229,13 +227,11 @@ HWTEST_F(DeleteRemoteTokenTest, DeleteRemoteTokenFuncTest002, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteTokenFuncTest002 start."); std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); - PermissionStateFull infoManagerTestState_2 = { + PermissionStatus infoManagerTestState_2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState_2); HapTokenInfoForSync remoteTokenInfo2 = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp index 54db67d40..b9fea7408 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/get_hap_token_info_from_remote_test.cpp @@ -159,23 +159,14 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest001, Te int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync); ASSERT_EQ(ret, RET_SUCCESS); ASSERT_EQ(infoSync.permStateList.size(), static_cast(2)); - ASSERT_EQ(infoSync.permStateList[1].grantFlags.size(), static_cast(2)); ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName); - ASSERT_EQ(infoSync.permStateList[0].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]); - ASSERT_EQ(infoSync.permStateList[0].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]); - ASSERT_EQ(infoSync.permStateList[0].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[0].resDeviceID[0]); - ASSERT_EQ(infoSync.permStateList[0].isGeneral, g_infoManagerTestPolicyPrams.permStateList[0].isGeneral); + ASSERT_EQ(infoSync.permStateList[0].grantFlag, g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[0].grantStatus, g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]); ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName); - ASSERT_EQ(infoSync.permStateList[1].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]); - ASSERT_EQ(infoSync.permStateList[1].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]); - ASSERT_EQ(infoSync.permStateList[1].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[0]); - ASSERT_EQ(infoSync.permStateList[1].isGeneral, g_infoManagerTestPolicyPrams.permStateList[1].isGeneral); - - ASSERT_EQ(infoSync.permStateList[1].grantFlags[1], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[1]); - ASSERT_EQ(infoSync.permStateList[1].grantStatus[1], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[1]); - ASSERT_EQ(infoSync.permStateList[1].resDeviceID[1], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[1]); + ASSERT_EQ(infoSync.permStateList[1].grantFlag, g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[1].grantStatus, g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]); ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName); ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID); @@ -198,13 +189,11 @@ HWTEST_F(GetHapTokenInfoFromRemoteTest, GetHapTokenInfoFromRemoteFuncTest002, Te ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemoteFuncTest002 start."); std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo2 = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp index 3fc6123ba..62c119431 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/DistributedTest/set_remote_hap_token_info_test.cpp @@ -141,13 +141,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest001, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoFuncTest001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo1 = { @@ -220,13 +218,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest002, TestSize.L HapTokenInfo wrongBaseInfo = rightBaseInfo; wrongBaseInfo.dlpType = static_cast(1000000); - PermissionStateFull infoManagerTestState_2 = { + PermissionStatus infoManagerTestState_2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState_2); HapTokenInfoForSync remoteTokenInfo2 = { @@ -252,14 +248,12 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest003, TestSize.L std::string deviceID3 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID3, 0x20100000); - PermissionStateFull infoManagerTestState_3 = { + PermissionStatus infoManagerTestState_3 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {11}, // wrong flags + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = 11, // wrong flags }; - std::vector permStateList3; + std::vector permStateList3; permStateList3.emplace_back(infoManagerTestState_3); HapTokenInfoForSync remoteTokenInfo3 = { @@ -292,13 +286,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoFuncTest004 start."); std::string deviceID4 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID4, 0x20100000); - PermissionStateFull infoManagerTestState_4 = { + PermissionStatus infoManagerTestState_4 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList4; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList4; permStateList4.emplace_back(infoManagerTestState_4); HapTokenInfoForSync remoteTokenInfo4 = { @@ -316,7 +308,7 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoFuncTest004, TestSize.L ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false); ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); - remoteTokenInfo4.permStateList[0].grantStatus[0] = PermissionState::PERMISSION_GRANTED; // second granted + remoteTokenInfo4.permStateList[0].grantStatus = PermissionState::PERMISSION_GRANTED; // second granted ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID4, remoteTokenInfo4); ASSERT_EQ(ret, RET_SUCCESS); @@ -338,13 +330,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest001, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoSpecTest001 start."); std::string deviceID5 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID5, 0x20100000); - PermissionStateFull infoManagerTestState5 = { + PermissionStatus infoManagerTestState5 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList5; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList5; permStateList5.emplace_back(infoManagerTestState5); HapTokenInfoForSync remoteTokenInfo5 = { @@ -383,19 +373,15 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest002, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoSpecTest002 start."); std::string deviceID6 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID6, 0x20100000); - PermissionStateFull infoManagerTestState6 = { + PermissionStatus infoManagerTestState6 = { .permissionName = "ohos.permission.READ_AUDIO", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - PermissionStateFull infoManagerTestState7 = { + .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + PermissionStatus infoManagerTestState7 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList6; + .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList6; permStateList6.emplace_back(infoManagerTestState6); permStateList6.emplace_back(infoManagerTestState7); @@ -436,13 +422,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest003, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoSpecTest003 start."); std::string deviceID7 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID7, 0x20100000); - PermissionStateFull infoManagerTestState7 = { + PermissionStatus infoManagerTestState7 = { .permissionName = "ohos.permission.READ_AUDIO", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList7; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList7; permStateList7.emplace_back(infoManagerTestState7); HapTokenInfoForSync remoteTokenInfo7 = { @@ -476,13 +460,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest004, TestSize.L std::string deviceID8 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID8, 0x20100000); int32_t DEFAULT_API_VERSION = 8; - PermissionStateFull infoManagerTestState8 = { + PermissionStatus infoManagerTestState8 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList8; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList8; permStateList8.emplace_back(infoManagerTestState8); HapTokenInfoForSync remoteTokenInfo8 = { @@ -523,13 +505,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest005, TestSize.L ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfoSpecTest005 start."); std::string deviceID9 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID9, 0x20100000); - PermissionStateFull infoManagerTestState9 = { + PermissionStatus infoManagerTestState9 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList9; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList9; permStateList9.emplace_back(infoManagerTestState9); HapTokenInfoForSync remoteTokenInfo9 = { @@ -576,13 +556,11 @@ HWTEST_F(SetRemoteHapTokenInfoTest, SetRemoteHapTokenInfoSpecTest006, TestSize.L .tokenAttr = 0 }; - PermissionStateFull infoManagerTestState = { + PermissionStatus infoManagerTestState = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList; permStateList.emplace_back(infoManagerTestState); HapTokenInfoForSync remoteTokenInfo = { diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp index 28f57b141..4d7fffb3f 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/remote_token_kit_test.cpp @@ -240,13 +240,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo1 = { @@ -320,13 +318,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1) HapTokenInfo wrongBaseInfo = rightBaseInfo; wrongBaseInfo.userID = -11; // wrong userid - PermissionStateFull infoManagerTestState_2 = { + PermissionStatus infoManagerTestState_2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState_2); HapTokenInfoForSync remoteTokenInfo2 = { @@ -352,14 +348,12 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1) std::string deviceID3 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID3, 0x20100000); - PermissionStateFull infoManagerTestState_3 = { + PermissionStatus infoManagerTestState_3 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {11}, // wrong flags - }; - std::vector permStateList3; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = 11, // wrong flags + }; + std::vector permStateList3; permStateList3.emplace_back(infoManagerTestState_3); HapTokenInfoForSync remoteTokenInfo3 = { @@ -392,13 +386,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo004 start."); std::string deviceID4 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID4, 0x20100000); - PermissionStateFull infoManagerTestState_4 = { + PermissionStatus infoManagerTestState_4 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList4; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList4; permStateList4.emplace_back(infoManagerTestState_4); HapTokenInfoForSync remoteTokenInfo4 = { @@ -416,7 +408,7 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1) ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.CAMERA", false); ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); - remoteTokenInfo4.permStateList[0].grantStatus[0] = PermissionState::PERMISSION_GRANTED; // second granted + remoteTokenInfo4.permStateList[0].grantStatus = PermissionState::PERMISSION_GRANTED; // second granted ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID4, remoteTokenInfo4); ASSERT_EQ(ret, RET_SUCCESS); @@ -438,13 +430,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo005 start."); std::string deviceID5 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID5, 0x20100000); - PermissionStateFull infoManagerTestState5 = { + PermissionStatus infoManagerTestState5 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList5; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList5; permStateList5.emplace_back(infoManagerTestState5); HapTokenInfoForSync remoteTokenInfo5 = { @@ -483,19 +473,15 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo006 start."); std::string deviceID6 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID6, 0x20100000); - PermissionStateFull infoManagerTestState6 = { + PermissionStatus infoManagerTestState6 = { .permissionName = "ohos.permission.READ_AUDIO", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - PermissionStateFull infoManagerTestState7 = { + .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + PermissionStatus infoManagerTestState7 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList6; + .grantStatus = PermissionState::PERMISSION_GRANTED, // first grant + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList6; permStateList6.emplace_back(infoManagerTestState6); permStateList6.emplace_back(infoManagerTestState7); @@ -536,13 +522,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo007 start."); std::string deviceID7 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID7, 0x20100000); - PermissionStateFull infoManagerTestState7 = { + PermissionStatus infoManagerTestState7 = { .permissionName = "ohos.permission.READ_AUDIO", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList7; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList7; permStateList7.emplace_back(infoManagerTestState7); HapTokenInfoForSync remoteTokenInfo7 = { @@ -576,13 +560,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1) std::string deviceID8 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID8, 0x20100000); int32_t DEFAULT_API_VERSION = 8; - PermissionStateFull infoManagerTestState8 = { + PermissionStatus infoManagerTestState8 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList8; + .grantStatus = PermissionState::PERMISSION_DENIED, // first denied + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList8; permStateList8.emplace_back(infoManagerTestState8); HapTokenInfoForSync remoteTokenInfo8 = { @@ -623,13 +605,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start."); std::string deviceID9 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID9, 0x20100000); - PermissionStateFull infoManagerTestState9 = { + PermissionStatus infoManagerTestState9 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList9; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList9; permStateList9.emplace_back(infoManagerTestState9); HapTokenInfoForSync remoteTokenInfo9 = { @@ -676,13 +656,11 @@ HWTEST_F(RemoteTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1) .tokenAttr = 0 }; - PermissionStateFull infoManagerTestState = { + PermissionStatus infoManagerTestState = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList; permStateList.emplace_back(infoManagerTestState); HapTokenInfoForSync remoteTokenInfo = { @@ -705,13 +683,11 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState_3 = { + PermissionStatus infoManagerTestState_3 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState_3); HapTokenInfoForSync remoteTokenInfo11 = { @@ -747,13 +723,11 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start."); std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); - PermissionStateFull infoManagerTestState_2 = { + PermissionStatus infoManagerTestState_2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState_2); HapTokenInfoForSync remoteTokenInfo2 = { @@ -809,13 +783,11 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1) std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100001); - PermissionStateFull infoManagerTestState4 = { + PermissionStatus infoManagerTestState4 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState4); HapTokenInfoForSync remoteTokenInfo1 = { @@ -859,13 +831,11 @@ HWTEST_F(RemoteTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1) std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100001); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo2 = { @@ -911,23 +881,14 @@ HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1) int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync); ASSERT_EQ(ret, RET_SUCCESS); ASSERT_EQ(infoSync.permStateList.size(), static_cast(2)); - ASSERT_EQ(infoSync.permStateList[1].grantFlags.size(), static_cast(2)); ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName); - ASSERT_EQ(infoSync.permStateList[0].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]); - ASSERT_EQ(infoSync.permStateList[0].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]); - ASSERT_EQ(infoSync.permStateList[0].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[0].resDeviceID[0]); - ASSERT_EQ(infoSync.permStateList[0].isGeneral, g_infoManagerTestPolicyPrams.permStateList[0].isGeneral); + ASSERT_EQ(infoSync.permStateList[0].grantFlag, g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[0].grantStatus, g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]); ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName); - ASSERT_EQ(infoSync.permStateList[1].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]); - ASSERT_EQ(infoSync.permStateList[1].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]); - ASSERT_EQ(infoSync.permStateList[1].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[0]); - ASSERT_EQ(infoSync.permStateList[1].isGeneral, g_infoManagerTestPolicyPrams.permStateList[1].isGeneral); - - ASSERT_EQ(infoSync.permStateList[1].grantFlags[1], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[1]); - ASSERT_EQ(infoSync.permStateList[1].grantStatus[1], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[1]); - ASSERT_EQ(infoSync.permStateList[1].resDeviceID[1], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[1]); + ASSERT_EQ(infoSync.permStateList[1].grantFlag, g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[1].grantStatus, g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]); ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName); ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID); @@ -950,13 +911,11 @@ HWTEST_F(RemoteTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote002 start."); std::string deviceID2 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID2, 0x20100000); - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList2; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList2; permStateList2.emplace_back(infoManagerTestState2); HapTokenInfoForSync remoteTokenInfo2 = { @@ -1002,13 +961,11 @@ HWTEST_F(RemoteTokenKitTest, AllocLocalTokenID001, TestSize.Level1) ACCESSTOKEN_LOG_INFO(LABEL, "AllocLocalTokenID001 start."); std::string deviceID1 = udid_; AccessTokenKit::DeleteRemoteToken(deviceID1, 0x20100000); - PermissionStateFull infoManagerTestState_1 = { + PermissionStatus infoManagerTestState_1 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local4"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}}; - std::vector permStateList1; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_USER_SET}; + std::vector permStateList1; permStateList1.emplace_back(infoManagerTestState_1); HapTokenInfoForSync remoteTokenInfo1 = { diff --git a/services/accesstokenmanager/main/cpp/include/database/data_translator.h b/services/accesstokenmanager/main/cpp/include/database/data_translator.h index a731e9b2f..be2eb79eb 100644 --- a/services/accesstokenmanager/main/cpp/include/database/data_translator.h +++ b/services/accesstokenmanager/main/cpp/include/database/data_translator.h @@ -29,10 +29,10 @@ class DataTranslator final { public: static int TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues); static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef); - static int TranslationIntoGenericValues(const PermissionStateFull& inPermissionState, - const unsigned int grantIndex, GenericValues& outGenericValues); - static int TranslationIntoPermissionStateFull(const GenericValues& inGenericValues, - PermissionStateFull& outPermissionState); + static int TranslationIntoGenericValues(const PermissionStatus& inPermissionState, + GenericValues& outGenericValues); + static int TranslationIntoPermissionStatus(const GenericValues& inGenericValues, + PermissionStatus& outPermissionState); }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/permission/dlp_permission_set_manager.h b/services/accesstokenmanager/main/cpp/include/permission/dlp_permission_set_manager.h index 7954ff228..3f6020e75 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/dlp_permission_set_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/dlp_permission_set_manager.h @@ -21,7 +21,7 @@ #include "nocopyable.h" #include "permission_dlp_mode.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { @@ -31,7 +31,7 @@ public: static DlpPermissionSetManager& GetInstance(); virtual ~DlpPermissionSetManager(); - void UpdatePermStateWithDlpInfo(int32_t hapDlpType, std::vector& permStateList); + void UpdatePermStateWithDlpInfo(int32_t hapDlpType, std::vector& permStateList); bool IsPermDlpModeAvailableToDlpHap(int32_t hapDlpType, int32_t permDlpMode); void ProcessDlpPermInfos(const std::vector& info); int32_t GetPermDlpMode(const std::string& permissionName); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 9c856f8f9..e17b72a2a 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -28,7 +28,7 @@ #include "permission_list_state.h" #include "permission_list_state_parcel.h" #include "permission_state_change_info.h" -#include "permission_state_full.h" +#include "permission_status.h" #include "temp_permission_observer.h" #include "rwlock.h" @@ -64,7 +64,7 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); void GetDefPermissions(AccessTokenID tokenID, std::vector& permList); int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID); int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, int32_t userID); @@ -76,14 +76,14 @@ public: int32_t RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag); int32_t GrantPermissionForSpecifiedTime( AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime); - void GetSelfPermissionState(const std::vector& permsList, + void GetSelfPermissionState(const std::vector& permsList, PermissionListState& permState, int32_t apiVersion); int32_t AddPermStateChangeCallback( const PermStateChangeScope& scope, const sptr& callback); int32_t RemovePermStateChangeCallback(const sptr& callback); bool GetApiVersionByTokenId(AccessTokenID tokenID, int32_t& apiVersion); bool LocationPermissionSpecialHandle(AccessTokenID tokenID, std::vector& reqPermList, - std::vector& permsList, int32_t apiVersion); + std::vector& permsList, int32_t apiVersion); void NotifyPermGrantStoreResult(bool result, uint64_t timestamp); void ParamUpdate(const std::string& permissionName, uint32_t flag, bool filtered); void NotifyWhenPermissionStateUpdated(AccessTokenID tokenID, const std::string& permissionName, @@ -93,12 +93,12 @@ public: void AddPermToKernel(AccessTokenID tokenID, const std::vector& permList); void RemovePermFromKernel(AccessTokenID tokenID); void SetPermToKernel(AccessTokenID tokenID, const std::string& permissionName, bool isGranted); - bool InitPermissionList(const std::string& appDistributionType, const HapPolicyParams& policy, + bool InitPermissionList(const std::string& appDistributionType, const HapPolicy& policy, std::vector& initializedList, HapInfoCheckResult& result); bool InitDlpPermissionList(const std::string& bundleName, int32_t userId, - std::vector& initializedList); - void GetStateOrFlagChangedList(std::vector& stateListBefore, - std::vector& stateListAfter, std::vector& stateChangeList); + std::vector& initializedList); + void GetStateOrFlagChangedList(std::vector& stateListBefore, + std::vector& stateListAfter, std::vector& stateChangeList); void NotifyUpdatedPermList(const std::vector& grantedPermListBefore, const std::vector& grantedPermListAfter, AccessTokenID tokenID); @@ -113,10 +113,10 @@ private: bool IsPermissionVaild(const std::string& permissionName); bool GetLocationPermissionIndex(std::vector& reqPermList, LocationIndex& locationIndex); bool GetLocationPermissionState(AccessTokenID tokenID, std::vector& reqPermList, - std::vector& permsList, int32_t apiVersion, const LocationIndex& locationIndex); + std::vector& permsList, int32_t apiVersion, const LocationIndex& locationIndex); int32_t FindPermRequestToggleStatusFromDb(int32_t userID, const std::string& permissionName); void AddPermRequestToggleStatusToDb(int32_t userID, const std::string& permissionName, int32_t status); - bool IsPermissionStateOrFlagMatched(const PermissionStateFull& stata1, const PermissionStateFull& stata2); + bool IsPermissionStateOrFlagMatched(const PermissionStatus& stata1, const PermissionStatus& stata2); PermissionGrantEvent grantEvent_; static std::recursive_mutex mutex_; diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h index b58cda34b..7c3462b8f 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h @@ -21,11 +21,10 @@ #include #include "access_token.h" -#include "callback_manager.h" #include "generic_values.h" #include "permission_def.h" #include "permission_data_brief.h" -#include "permission_state_full.h" +#include "permission_status.h" #include "rwlock.h" namespace OHOS { @@ -37,13 +36,13 @@ public: virtual ~PermissionPolicySet(); static std::shared_ptr BuildPermissionPolicySet(AccessTokenID tokenId, - const std::vector& permStateList); + const std::vector& permStateList); static std::shared_ptr BuildPolicySetWithoutDefCheck(AccessTokenID tokenId, - const std::vector& permStateList); + const std::vector& permStateList); static std::shared_ptr RestorePermissionPolicy(AccessTokenID tokenId, const std::vector& permStateRes); void StorePermissionPolicySet(std::vector& permStateValueList); - void Update(const std::vector& permStateList); + void Update(const std::vector& permStateList); PermUsedTypeEnum GetPermissionUsedType(const std::string& permissionName); void GetDefPermissions(std::vector& permList); @@ -53,11 +52,11 @@ public: const std::string& permissionName, bool isGranted, uint32_t flag, bool& statusChanged); void ToString(std::string& info); static void ToString(std::string& info, const std::vector& permList, - const std::vector& permStateList); + const std::vector& permStateList); bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, const std::vector& nativeAcls); void PermStateToString(int32_t tokenApl, const std::vector& nativeAcls, std::string& info); - void GetPermissionStateList(std::vector& stateList); + void GetPermissionStateList(std::vector& stateList); void ResetUserGrantPermissionStatus(void); static uint32_t GetFlagWroteToDb(uint32_t grantFlag); void GetPermissionStateList(std::vector& opCodeList, std::vector& statusList); @@ -66,17 +65,17 @@ public: AccessTokenID tokenId, const std::vector& permStateRes); private: static void GetPermissionBriefData(std::vector& list, - const std::vector &permStateList); - static void MergePermissionStateFull(std::vector& permStateList, - PermissionStateFull& state); - void UpdatePermStateFull(const PermissionStateFull& permOld, PermissionStateFull& permNew); + const std::vector &permStateList); + static void MergePermissionStatus(std::vector& permStateList, + PermissionStatus& state); + void UpdatePermStatus(const PermissionStatus& permOld, PermissionStatus& permNew); void StorePermissionDef(std::vector& valueList) const; void StorePermissionState(std::vector& valueList) const; int32_t UpdateSecCompGrantedPermList(const std::string& permissionName, bool isGranted); int32_t UpdatePermStateList(const std::string& permissionName, bool isGranted, uint32_t flag); void SetPermissionFlag(const std::string& permissionName, uint32_t flag, bool needToAdd); OHOS::Utils::RWLock permPolicySetLock_; - std::vector permStateList_; + std::vector permStateList_; std::vector secCompGrantedPermList_; AccessTokenID tokenId_; }; diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h index a3d0408b5..aec8b663e 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h @@ -16,7 +16,7 @@ #ifndef PERMISSION_VALIDATOR_H #define PERMISSION_VALIDATOR_H #include "permission_def.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { @@ -32,15 +32,13 @@ public: static bool IsToggleStatusValid(const uint32_t status); static bool IsPermissionFlagValid(uint32_t flag); static bool IsPermissionDefValid(const PermissionDef& permDef); - static bool IsPermissionStateValid(const PermissionStateFull& permState); + static bool IsPermissionStateValid(const PermissionStatus& permState); static void FilterInvalidPermissionDef( const std::vector& permList, std::vector& result); static void FilterInvalidPermissionState(ATokenTypeEnum tokenType, bool doPermAvailableCheck, - const std::vector& permList, std::vector& result); + const std::vector& permList, std::vector& result); static bool IsGrantModeValid(int grantMode); static bool IsGrantStatusValid(int grantStatus); -private: - static void DeduplicateResDevID(const PermissionStateFull& permState, PermissionStateFull& result); }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h index 124a43bfa..06df108e6 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h +++ b/services/accesstokenmanager/main/cpp/include/permission/temp_permission_observer.h @@ -92,7 +92,7 @@ public: const std::string& bundleName, const std::string& permissionName, const std::vector& list); void RevokeAllTempPermission(AccessTokenID tokenID); void RevokeTempPermission(AccessTokenID tokenID, const std::string& permissionName); - bool GetPermissionStateFull(AccessTokenID tokenID, std::vector& permissionStateFullList); + bool GetPermissionState(AccessTokenID tokenID, std::vector& permissionStateList); bool GetAppStateListByTokenID(AccessTokenID tokenID, std::vector& list); void ModifyAppState(AccessTokenID tokenID, int32_t index, bool flag); bool GetTokenIDByBundle(const std::string &bundleName, AccessTokenID& tokenID); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index b17ef8930..efa3548b6 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -56,7 +56,7 @@ public: int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; PermissionOper GetSelfPermissionsState(std::vector& reqPermList, PermissionGrantInfoParcel& infoParcel) override; int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector& reqPermList) override; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index dad46c57c..1e9bc60a2 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -56,12 +56,12 @@ public: int RemoveHapTokenInfo(AccessTokenID id); int RemoveNativeTokenInfo(AccessTokenID id); int32_t GetHapAppIdByTokenId(AccessTokenID tokenID, std::string& appId); - int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); + int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx); AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); void ProcessNativeTokenInfos(const std::vector>& tokenInfos); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, + const std::vector& permStateList, ATokenAplEnum apl, const std::vector& permList); void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); bool IsTokenIdExist(AccessTokenID id); @@ -120,7 +120,7 @@ private: const std::string& appId, ATokenAplEnum apl, std::vector& valueList); int32_t ModifyHapTokenInfoToDb(std::shared_ptr& infoPtr, - const std::vector& permStateList, + const std::vector& permStateList, const UpdateHapInfoParams& info, ATokenAplEnum apl); int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index de614e4cf..f18ddf548 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -25,7 +25,7 @@ #include "hap_token_info.h" #include "permission_def.h" #include "permission_policy_set.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { @@ -33,14 +33,13 @@ namespace AccessToken { class HapTokenInfoInner final { public: HapTokenInfoInner(); - HapTokenInfoInner(AccessTokenID id, const HapInfoParams& info, const HapPolicyParams& policy); + HapTokenInfoInner(AccessTokenID id, const HapInfoParams& info, const HapPolicy& policy); HapTokenInfoInner(AccessTokenID id, const HapTokenInfo &info, - const std::vector& permStateList); + const std::vector& permStateList); HapTokenInfoInner(AccessTokenID id, const HapTokenInfoForSync& info); virtual ~HapTokenInfoInner(); - void Update(const UpdateHapInfoParams& info, - const std::vector& permStateList); + void Update(const UpdateHapInfoParams& info, const std::vector& permStateList); void TranslateToHapTokenInfo(HapTokenInfo& infoParcel) const; void StoreHapInfo(std::vector& valueList) const; void StorePermissionPolicy(std::vector& permStateValues); @@ -65,10 +64,10 @@ public: int32_t UpdatePermissionStatus( const std::string& permissionName, bool isGranted, uint32_t flag, bool& statusChanged); - int32_t GetPermissionStateList(std::vector& permList); + int32_t GetPermissionStateList(std::vector& permList); int32_t ResetUserGrantPermissionStatus(void); void UpdateRemoteHapTokenInfo(AccessTokenID mapID, - const HapTokenInfo& baseInfo, std::vector& permStateList); + const HapTokenInfo& baseInfo, std::vector& permStateList); static void RefreshPermStateToKernel(const std::vector& constrainedList, bool hapUserIsActive, AccessTokenID tokenId, std::map& refreshedPermList); @@ -88,8 +87,8 @@ private: void StoreHapBasicInfo(std::vector& valueList) const; void TranslationIntoGenericValues(GenericValues& outGenericValues) const; int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); - bool UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList); - int32_t GetPermissionStateListFromBrief(std::vector& permList); + bool UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList); + int32_t GetPermissionStateListFromBrief(std::vector& permList); HapTokenInfo tokenInfoBasic_; diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h index b9b74f794..80f1189c5 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h @@ -22,7 +22,7 @@ #include "generic_values.h" #include "native_token_info_base.h" #include "permission_policy_set.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { @@ -34,7 +34,7 @@ class NativeTokenInfoInner final { public: NativeTokenInfoInner(); NativeTokenInfoInner(NativeTokenInfoBase& info, - const std::vector& permStateList); + const std::vector& permStateList); virtual ~NativeTokenInfoInner(); void TransferNativeInfo(std::vector& valueList) const; diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h index 9acf14b62..33e553efb 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h @@ -25,7 +25,7 @@ #include "nlohmann/json.hpp" #include "nocopyable.h" #include "permission_policy_set.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index f6432e200..4821a5dbc 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -71,28 +71,21 @@ int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericV return RET_SUCCESS; } -int DataTranslator::TranslationIntoGenericValues(const PermissionStateFull& inPermissionState, - const unsigned int grantIndex, GenericValues& outGenericValues) +int DataTranslator::TranslationIntoGenericValues(const PermissionStatus& inPermissionState, + GenericValues& outGenericValues) { - if (grantIndex >= inPermissionState.resDeviceID.size() || grantIndex >= inPermissionState.grantStatus.size() || - grantIndex >= inPermissionState.grantFlags.size()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Perm status grant size is wrong"); - return ERR_PARAM_INVALID; - } outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionState.permissionName); - outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, inPermissionState.resDeviceID[grantIndex]); - outGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, inPermissionState.isGeneral ? 1 : 0); - outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus[grantIndex]); - int32_t grantFlags = static_cast(inPermissionState.grantFlags[grantIndex]); - outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlags); + outGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, ""); + outGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); + outGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, inPermissionState.grantStatus); + int32_t grantFlag = static_cast(inPermissionState.grantFlag); + outGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, grantFlag); return RET_SUCCESS; } -int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGenericValues, - PermissionStateFull& outPermissionState) +int DataTranslator::TranslationIntoPermissionStatus(const GenericValues& inGenericValues, + PermissionStatus& outPermissionState) { - outPermissionState.isGeneral = - ((inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_IS_GENERAL) == 1) ? true : false); outPermissionState.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME); if (!DataValidator::IsPermissionNameValid(outPermissionState.permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "Permission name is wrong"); @@ -102,16 +95,6 @@ int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGe return ERR_PARAM_INVALID; } - std::string devID = inGenericValues.GetString(TokenFiledConst::FIELD_DEVICE_ID); - if (!DataValidator::IsDeviceIdValid(devID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DevID is wrong"); - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "PERMISSION_CHECK", - HiviewDFX::HiSysEvent::EventType::FAULT, "CODE", LOAD_DATABASE_ERROR, - "ERROR_REASON", "permission deviceId error"); - return ERR_PARAM_INVALID; - } - outPermissionState.resDeviceID.push_back(devID); - int grantFlag = (PermissionFlag)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_FLAG); if (!PermissionValidator::IsPermissionFlagValid(grantFlag)) { ACCESSTOKEN_LOG_ERROR(LABEL, "GrantFlag is wrong"); @@ -120,8 +103,7 @@ int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGe "ERROR_REASON", "permission grant flag error"); return ERR_PARAM_INVALID; } - - outPermissionState.grantFlags.push_back(grantFlag); + outPermissionState.grantFlag = grantFlag; int grantStatus = (PermissionState)inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_STATE); if (!PermissionValidator::IsGrantStatusValid(grantStatus)) { @@ -134,7 +116,7 @@ int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGe if (grantFlag & PERMISSION_ALLOW_THIS_TIME) { grantStatus = PERMISSION_DENIED; } - outPermissionState.grantStatus.push_back(grantStatus); + outPermissionState.grantStatus = grantStatus; return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp index 23796da98..ca4aca9ce 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/dlp_permission_set_manager.cpp @@ -76,17 +76,17 @@ int32_t DlpPermissionSetManager::GetPermDlpMode(const std::string& permissionNam } void DlpPermissionSetManager::UpdatePermStateWithDlpInfo(int32_t hapDlpType, - std::vector& permStateList) + std::vector& permStateList) { ACCESSTOKEN_LOG_DEBUG(LABEL, "DlpType: %{public}d", hapDlpType); for (auto iter = permStateList.begin(); iter != permStateList.end(); ++iter) { - if (iter->grantStatus[0] == PERMISSION_DENIED) { + if (iter->grantStatus == PERMISSION_DENIED) { continue; } int32_t permissionDlpMode = GetPermDlpMode(iter->permissionName); bool res = IsPermDlpModeAvailableToDlpHap(hapDlpType, permissionDlpMode); if (!res) { - iter->grantStatus[0] = PERMISSION_DENIED; + iter->grantStatus = PERMISSION_DENIED; } } } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index a8000ec41..b934bca45 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -162,7 +162,7 @@ void PermissionManager::GetDefPermissions(AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: %{public}u, isSystemGrant: %{public}d", __func__, tokenID, isSystemGrant); @@ -172,7 +172,7 @@ int PermissionManager::GetReqPermissions( return AccessTokenError::ERR_TOKENID_NOT_EXIST; } GrantMode mode = isSystemGrant ? SYSTEM_GRANT : USER_GRANT; - std::vector tmpList; + std::vector tmpList; int32_t ret = infoPtr->GetPermissionStateList(tmpList); if (ret != RET_SUCCESS) { ACCESSTOKEN_LOG_ERROR(LABEL, "GetPermissionStateList failed, token %{public}u is invalid.", tokenID); @@ -188,7 +188,7 @@ int PermissionManager::GetReqPermissions( return RET_SUCCESS; } -static bool IsPermissionRequestedInHap(const std::vector& permsList, +static bool IsPermissionRequestedInHap(const std::vector& permsList, PermissionListState& permState, int32_t& status, uint32_t& flag) { const std::string permission = permState.permissionName; @@ -197,7 +197,7 @@ static bool IsPermissionRequestedInHap(const std::vector& p permState.errorReason = PERM_INVALID; return false; } - auto iter = std::find_if(permsList.begin(), permsList.end(), [permission](const PermissionStateFull& perm) { + auto iter = std::find_if(permsList.begin(), permsList.end(), [permission](const PermissionStatus& perm) { return permission == perm.permissionName; }); if (iter == permsList.end()) { @@ -206,9 +206,9 @@ static bool IsPermissionRequestedInHap(const std::vector& p return false; } ACCESSTOKEN_LOG_DEBUG(LABEL, "Find goal permission: %{public}s, status: %{public}d, flag: %{public}d", - permission.c_str(), iter->grantStatus[0], iter->grantFlags[0]); - status = iter->grantStatus[0]; - flag = static_cast(iter->grantFlags[0]); + permission.c_str(), iter->grantStatus, iter->grantFlag); + status = iter->grantStatus; + flag = static_cast(iter->grantFlag); return true; } @@ -237,7 +237,7 @@ static bool IsPermissionRestrictedByRules(const std::string& permission) return false; } -void PermissionManager::GetSelfPermissionState(const std::vector& permsList, +void PermissionManager::GetSelfPermissionState(const std::vector& permsList, PermissionListState& permState, int32_t apiVersion) { int32_t goalGrantStatus; @@ -713,7 +713,7 @@ bool PermissionManager::GetLocationPermissionIndex(std::vector& reqPermList, std::vector& permsList, + std::vector& reqPermList, std::vector& permsList, int32_t apiVersion, const LocationIndex& locationIndex) { bool needVagueDynamic = false; @@ -775,7 +775,7 @@ bool PermissionManager::GetLocationPermissionState(AccessTokenID tokenID, bool PermissionManager::LocationPermissionSpecialHandle( AccessTokenID tokenID, std::vector& reqPermList, - std::vector& permsList, int32_t apiVersion) + std::vector& permsList, int32_t apiVersion) { struct LocationIndex locationIndex; if (!GetLocationPermissionIndex(reqPermList, locationIndex)) { @@ -807,20 +807,20 @@ void PermissionManager::NotifyUpdatedPermList(const std::vector& gr } } -bool PermissionManager::IsPermissionStateOrFlagMatched(const PermissionStateFull& state1, - const PermissionStateFull& state2) +bool PermissionManager::IsPermissionStateOrFlagMatched(const PermissionStatus& state1, + const PermissionStatus& state2) { - return ((state1.grantStatus[0] == state2.grantStatus[0]) && (state1.grantFlags[0] == state2.grantFlags[0])); + return ((state1.grantStatus == state2.grantStatus) && (state1.grantFlag == state2.grantFlag)); } -void PermissionManager::GetStateOrFlagChangedList(std::vector& stateListBefore, - std::vector& stateListAfter, std::vector& stateChangeList) +void PermissionManager::GetStateOrFlagChangedList(std::vector& stateListBefore, + std::vector& stateListAfter, std::vector& stateChangeList) { uint32_t size = stateListBefore.size(); for (uint32_t i = 0; i < size; ++i) { - PermissionStateFull state1 = stateListBefore[i]; - PermissionStateFull state2 = stateListAfter[i]; + PermissionStatus state1 = stateListBefore[i]; + PermissionStatus state2 = stateListAfter[i]; if (!IsPermissionStateOrFlagMatched(state1, state2)) { stateChangeList.emplace_back(state2); @@ -902,7 +902,7 @@ void PermissionManager::SetPermToKernel( tokenID, permissionName.c_str(), ret); } -bool IsAclSatisfied(const PermissionDef& permDef, const HapPolicyParams& policy) +bool IsAclSatisfied(const PermissionDef& permDef, const HapPolicy& policy) { if (policy.apl < permDef.availableLevel) { if (!permDef.provisionEnable) { @@ -954,7 +954,7 @@ bool IsUserGrantPermPreAuthorized(const std::vector &list, } bool PermissionManager::InitDlpPermissionList(const std::string& bundleName, int32_t userId, - std::vector& initializedList) + std::vector& initializedList) { // get dlp original app AccessTokenIDEx tokenId = AccessTokenInfoManager::GetInstance().GetHapTokenID(userId, bundleName, 0); @@ -968,8 +968,8 @@ bool PermissionManager::InitDlpPermissionList(const std::string& bundleName, int return true; } -bool PermissionManager::InitPermissionList(const std::string& appDistributionType, const HapPolicyParams& policy, - std::vector& initializedList, HapInfoCheckResult& result) +bool PermissionManager::InitPermissionList(const std::string& appDistributionType, const HapPolicy& policy, + std::vector& initializedList, HapInfoCheckResult& result) { ACCESSTOKEN_LOG_INFO(LABEL, "Before, request perm list size: %{public}zu, preAuthorizationInfo size %{public}zu, " "ACLRequestedList size %{public}zu.", @@ -998,12 +998,12 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp ACCESSTOKEN_LOG_ERROR(LABEL, "Available range of %{public}s is invalid.", permDef.permissionName.c_str()); return false; } - state.grantFlags[0] = PERMISSION_DEFAULT_FLAG; - state.grantStatus[0] = PERMISSION_DENIED; + state.grantFlag = PERMISSION_DEFAULT_FLAG; + state.grantStatus = PERMISSION_DENIED; if (permDef.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { - state.grantFlags[0] = PERMISSION_SYSTEM_FIXED; - state.grantStatus[0] = PERMISSION_GRANTED; + state.grantFlag = PERMISSION_SYSTEM_FIXED; + state.grantStatus = PERMISSION_GRANTED; initializedList.emplace_back(state); continue; } @@ -1013,8 +1013,8 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp } bool userCancelable = true; if (IsUserGrantPermPreAuthorized(policy.preAuthorizationInfo, state.permissionName, userCancelable)) { - state.grantFlags[0] = userCancelable ? PERMISSION_GRANTED_BY_POLICY : PERMISSION_SYSTEM_FIXED; - state.grantStatus[0] = PERMISSION_GRANTED; + state.grantFlag = userCancelable ? PERMISSION_GRANTED_BY_POLICY : PERMISSION_SYSTEM_FIXED; + state.grantStatus = PERMISSION_GRANTED; } initializedList.emplace_back(state); } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index 52c11d33d..cdff38c41 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -44,22 +44,22 @@ PermissionPolicySet::~PermissionPolicySet() void PermissionPolicySet::GetPermissionBriefData(std::vector& list, - const std::vector &permStateList) + const std::vector &permStateList) { for (const auto& state : permStateList) { BriefPermData data = {0}; uint32_t code; if (TransferPermissionToOpcode(state.permissionName, code)) { - data.status = (state.grantStatus[0] == PERMISSION_GRANTED) ? 1 : 0; + data.status = (state.grantStatus == PERMISSION_GRANTED) ? 1 : 0; data.permCode = code; - data.flag = state.grantFlags[0]; + data.flag = state.grantFlag; list.emplace_back(data); } } } std::shared_ptr PermissionPolicySet::BuildPermissionPolicySet( - AccessTokenID tokenId, const std::vector& permStateList) + AccessTokenID tokenId, const std::vector& permStateList) { ATokenTypeEnum tokenType = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(tokenId); std::shared_ptr policySet = std::make_shared(); @@ -76,7 +76,7 @@ std::shared_ptr PermissionPolicySet::BuildPermissionPolicyS } std::shared_ptr PermissionPolicySet::BuildPolicySetWithoutDefCheck( - AccessTokenID tokenId, const std::vector& permStateList) + AccessTokenID tokenId, const std::vector& permStateList) { std::shared_ptr policySet = std::make_shared(); PermissionValidator::FilterInvalidPermissionState( @@ -98,10 +98,10 @@ std::shared_ptr PermissionPolicySet::BuildPermissionPolicyS for (const GenericValues& stateValue : permStateRes) { if ((AccessTokenID)stateValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID) == tokenId) { - PermissionStateFull state; - int ret = DataTranslator::TranslationIntoPermissionStateFull(stateValue, state); + PermissionStatus state; + int ret = DataTranslator::TranslationIntoPermissionStatus(stateValue, state); if (ret == RET_SUCCESS) { - MergePermissionStateFull(policySet->permStateList_, state); + MergePermissionStatus(policySet->permStateList_, state); } else { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenId 0%{public}u permState is wrong.", tokenId); } @@ -110,44 +110,40 @@ std::shared_ptr PermissionPolicySet::BuildPermissionPolicyS return policySet; } -void PermissionPolicySet::UpdatePermStateFull(const PermissionStateFull& permOld, PermissionStateFull& permNew) +void PermissionPolicySet::UpdatePermStatus(const PermissionStatus& permOld, PermissionStatus& permNew) { - if (permNew.isGeneral == permOld.isGeneral) { - // if user_grant permission is not operated by user, it keeps the new initalized state. - // the new state can be pre_authorization. - if ((permOld.grantFlags[0] == PERMISSION_DEFAULT_FLAG) && (permOld.grantStatus[0] == PERMISSION_DENIED)) { - return; - } - // if old user_grant permission is granted by pre_authorization fixed, it keeps the new initalized state. - // the new state can be pre_authorization or not. - if ((permOld.grantFlags[0] == PERMISSION_SYSTEM_FIXED) || - // if old user_grant permission is granted by pre_authorization unfixed - // and the user has not operated this permission, it keeps the new initalized state. - (permOld.grantFlags[0] == PERMISSION_GRANTED_BY_POLICY)) { - return; - } - - // if old user_grant permission has been operated by user, it keeps the old status and old flag. - permNew.resDeviceID = permOld.resDeviceID; - permNew.grantStatus = permOld.grantStatus; - permNew.grantFlags = permOld.grantFlags; + // if user_grant permission is not operated by user, it keeps the new initalized state. + // the new state can be pre_authorization. + if ((permOld.grantFlag == PERMISSION_DEFAULT_FLAG) && (permOld.grantStatus == PERMISSION_DENIED)) { + return; + } + // if old user_grant permission is granted by pre_authorization fixed, it keeps the new initalized state. + // the new state can be pre_authorization or not. + if ((permOld.grantFlag == PERMISSION_SYSTEM_FIXED) || + // if old user_grant permission is granted by pre_authorization unfixed + // and the user has not operated this permission, it keeps the new initalized state. + (permOld.grantFlag == PERMISSION_GRANTED_BY_POLICY)) { + return; } + + permNew.grantStatus = permOld.grantStatus; + permNew.grantFlag = permOld.grantFlag; } -void PermissionPolicySet::Update(const std::vector& permStateList) +void PermissionPolicySet::Update(const std::vector& permStateList) { - std::vector permStateFilterList; + std::vector permStateFilterList; PermissionValidator::FilterInvalidPermissionState(TOKEN_HAP, true, permStateList, permStateFilterList); ACCESSTOKEN_LOG_INFO(LABEL, "PermStateFilterList size: %{public}zu.", permStateFilterList.size()); Utils::UniqueWriteGuard infoGuard(this->permPolicySetLock_); - for (PermissionStateFull& permStateNew : permStateFilterList) { + for (PermissionStatus& permStateNew : permStateFilterList) { auto iter = std::find_if(permStateList_.begin(), permStateList_.end(), - [permStateNew](const PermissionStateFull& permStateOld) { + [permStateNew](const PermissionStatus& permStateOld) { return permStateNew.permissionName == permStateOld.permissionName; }); if (iter != permStateList_.end()) { - UpdatePermStateFull(*iter, permStateNew); + UpdatePermStatus(*iter, permStateNew); } } permStateList_ = permStateFilterList; @@ -169,10 +165,10 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic for (const GenericValues& stateValue : permStateRes) { if ((AccessTokenID)stateValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID) == tokenId) { - PermissionStateFull state; - int ret = DataTranslator::TranslationIntoPermissionStateFull(stateValue, state); + PermissionStatus state; + int ret = DataTranslator::TranslationIntoPermissionStatus(stateValue, state); if (ret == RET_SUCCESS) { - MergePermissionStateFull(policySet->permStateList_, state); + MergePermissionStatus(policySet->permStateList_, state); } else { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenId 0x%{public}x permState is wrong.", tokenId); } @@ -189,16 +185,15 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic return policySet; } -void PermissionPolicySet::MergePermissionStateFull(std::vector& permStateList, - PermissionStateFull& state) +void PermissionPolicySet::MergePermissionStatus(std::vector& permStateList, + PermissionStatus& state) { - uint32_t flag = GetFlagWroteToDb(state.grantFlags[0]); - state.grantFlags[0] = flag; + uint32_t flag = GetFlagWroteToDb(state.grantFlag); + state.grantFlag = flag; for (auto iter = permStateList.begin(); iter != permStateList.end(); iter++) { if (state.permissionName == iter->permissionName) { - iter->resDeviceID.emplace_back(state.resDeviceID[0]); - iter->grantStatus.emplace_back(state.grantStatus[0]); - iter->grantFlags.emplace_back(state.grantFlags[0]); + iter->grantStatus = state.grantStatus; + iter->grantFlag = state.grantFlag; ACCESSTOKEN_LOG_DEBUG(LABEL, "Update permission: %{public}s.", state.permissionName.c_str()); return; } @@ -211,21 +206,10 @@ void PermissionPolicySet::StorePermissionState(std::vector& value { for (const auto& permissionState : permStateList_) { ACCESSTOKEN_LOG_DEBUG(LABEL, "PermissionName: %{public}s", permissionState.permissionName.c_str()); - if (permissionState.isGeneral) { - GenericValues genericValues; - genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenId_)); - DataTranslator::TranslationIntoGenericValues(permissionState, 0, genericValues); - valueList.emplace_back(genericValues); - continue; - } - - unsigned int stateSize = permissionState.resDeviceID.size(); - for (unsigned int i = 0; i < stateSize; i++) { - GenericValues genericValues; - genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenId_)); - DataTranslator::TranslationIntoGenericValues(permissionState, i, genericValues); - valueList.emplace_back(genericValues); - } + GenericValues genericValues; + genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenId_)); + DataTranslator::TranslationIntoGenericValues(permissionState, genericValues); + valueList.emplace_back(genericValues); } } @@ -245,13 +229,8 @@ int PermissionPolicySet::QueryPermissionFlag(const std::string& permissionName, Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); for (const auto& perm : permStateList_) { if (perm.permissionName == permissionName) { - if (perm.isGeneral) { - flag = perm.grantFlags[0]; - return RET_SUCCESS; - } else { - ACCESSTOKEN_LOG_ERROR(LABEL, "Permission %{public}s is invalid", permissionName.c_str()); - return AccessTokenError::ERR_PARAM_INVALID; - } + flag = perm.grantFlag; + return RET_SUCCESS; } } ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid params!"); @@ -269,23 +248,23 @@ int32_t PermissionPolicySet::UpdatePermStateList( { Utils::UniqueWriteGuard infoGuard(this->permPolicySetLock_); auto iter = std::find_if(permStateList_.begin(), permStateList_.end(), - [permissionName](const PermissionStateFull& permState) { + [permissionName](const PermissionStatus& permState) { return permissionName == permState.permissionName; }); if (iter != permStateList_.end()) { - if ((static_cast(iter->grantFlags[0]) & PERMISSION_SYSTEM_FIXED) == PERMISSION_SYSTEM_FIXED) { + if ((static_cast(iter->grantFlag) & PERMISSION_SYSTEM_FIXED) == PERMISSION_SYSTEM_FIXED) { ACCESSTOKEN_LOG_ERROR(LABEL, "Permission fixed by system!"); return AccessTokenError::ERR_PARAM_INVALID; } - iter->grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; - iter->grantFlags[0] = UpdateWithNewFlag(iter->grantFlags[0], flag); + iter->grantStatus = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; + iter->grantFlag = UpdateWithNewFlag(iter->grantFlag, flag); uint32_t opCode; if (!TransferPermissionToOpcode(permissionName, opCode)) { ACCESSTOKEN_LOG_ERROR(LABEL, "permissionName is invalid %{public}s.", permissionName.c_str()); return AccessTokenError::ERR_PARAM_INVALID; } - bool status = (iter->grantStatus[0] == PERMISSION_GRANTED) ? 1 : 0; - return PermissionDataBrief::GetInstance().SetBriefPermData(tokenId_, opCode, status, iter->grantFlags[0]); + bool status = (iter->grantStatus == PERMISSION_GRANTED) ? 1 : 0; + return PermissionDataBrief::GetInstance().SetBriefPermData(tokenId_, opCode, status, iter->grantFlag); } else { ACCESSTOKEN_LOG_ERROR(LABEL, "Permission not request!"); return AccessTokenError::ERR_PARAM_INVALID; @@ -345,23 +324,19 @@ void PermissionPolicySet::ResetUserGrantPermissionStatus(void) { Utils::UniqueWriteGuard infoGuard(this->permPolicySetLock_); for (auto& perm : permStateList_) { - if (perm.isGeneral) { - uint32_t oldFlag = static_cast(perm.grantFlags[0]); - if ((oldFlag & PERMISSION_SYSTEM_FIXED) != 0) { - continue; - } - /* A user_grant permission has been set by system for cancellable pre-authorization. */ - /* it should keep granted when the app reset. */ - if ((oldFlag & PERMISSION_GRANTED_BY_POLICY) != 0) { - perm.grantStatus[0] = PERMISSION_GRANTED; - perm.grantFlags[0] = PERMISSION_GRANTED_BY_POLICY; - continue; - } - perm.grantStatus[0] = PERMISSION_DENIED; - perm.grantFlags[0] = PERMISSION_DEFAULT_FLAG; - } else { + uint32_t oldFlag = static_cast(perm.grantFlag); + if ((oldFlag & PERMISSION_SYSTEM_FIXED) != 0) { + continue; + } + /* A user_grant permission has been set by system for cancellable pre-authorization. */ + /* it should keep granted when the app reset. */ + if ((oldFlag & PERMISSION_GRANTED_BY_POLICY) != 0) { + perm.grantStatus = PERMISSION_GRANTED; + perm.grantFlag = PERMISSION_GRANTED_BY_POLICY; continue; } + perm.grantStatus = PERMISSION_DENIED; + perm.grantFlag = PERMISSION_DEFAULT_FLAG; } std::vector list; GetPermissionBriefData(list, permStateList_); @@ -369,7 +344,7 @@ void PermissionPolicySet::ResetUserGrantPermissionStatus(void) PermissionDataBrief::GetInstance().ClearAllSecCompGrantedPermById(tokenId_); } -void PermissionPolicySet::GetPermissionStateList(std::vector& permList) +void PermissionPolicySet::GetPermissionStateList(std::vector& permList) { Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); permList.assign(permStateList_.begin(), permStateList_.end()); @@ -382,7 +357,7 @@ void PermissionPolicySet::GetPermissionStateList(std::vector& opCodeLi uint32_t code; if (TransferPermissionToOpcode(state.permissionName, code)) { opCodeList.emplace_back(code); - statusList.emplace_back(state.grantStatus[0] == PERMISSION_GRANTED); + statusList.emplace_back(state.grantStatus == PERMISSION_GRANTED); } } } @@ -409,43 +384,13 @@ void PermDefToString(const PermissionDef& def, std::string& info) info.append(R"( })"); } -void PermStateFullToString(const PermissionStateFull& state, std::string& info) +void PermStateFullToString(const PermissionStatus& state, std::string& info) { info.append(R"( {)"); info.append("\n"); info.append(R"( "permissionName": ")" + state.permissionName + R"(")" + ",\n"); - info.append(R"( "isGeneral": )" + std::to_string(state.isGeneral) + ",\n"); -#ifndef ATM_BUILD_VARIANT_USER_ENABLE - info.append(R"( "resDeviceIDList": [ )"); - for (auto iter = state.resDeviceID.begin(); iter != state.resDeviceID.end(); iter++) { - info.append("\n"); - info.append(R"( { "resDeviceID": ")" + *iter + R"(")" + " }"); - if (iter != (state.resDeviceID.end() - 1)) { - info.append(","); - } - } - info.append("\n ],\n"); -#endif - info.append(R"( "grantStatusList": [)"); - for (auto iter = state.grantStatus.begin(); iter != state.grantStatus.end(); iter++) { - info.append("\n"); - info.append(R"( { "grantStatus": )" + std::to_string(*iter) + " }"); - if (iter != (state.grantStatus.end() - 1)) { - info.append(","); - } - } - info.append("\n ],\n"); - - info.append(R"( "grantFlagsList": [)"); - for (auto iter = state.grantFlags.begin(); iter != state.grantFlags.end(); iter++) { - info.append("\n"); - info.append(R"( { "grantFlag": )" + std::to_string(*iter) + " }"); - if (iter != (state.grantFlags.end() - 1)) { - info.append(","); - } - } - info.append("\n ],\n"); - + info.append(R"( "grantStatus": ")" + std::to_string(state.grantStatus) + R"(")" + ",\n"); + info.append(R"( "grantFlag": ")" + std::to_string(state.grantFlag) + R"(")" + ",\n"); info.append(R"( })"); } @@ -476,7 +421,7 @@ void PermissionPolicySet::ToString(std::string& info) } void PermissionPolicySet::ToString(std::string& info, const std::vector& permList, - const std::vector& permStateList) + const std::vector& permStateList) { info.append(R"( "permDefList": [)"); info.append("\n"); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index ff5368af5..74d0eac28 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -104,27 +104,15 @@ bool PermissionValidator::IsPermissionAvailable(ATokenTypeEnum tokenType, const return true; } -bool PermissionValidator::IsPermissionStateValid(const PermissionStateFull& permState) +bool PermissionValidator::IsPermissionStateValid(const PermissionStatus& permState) { if (!DataValidator::IsPermissionNameValid(permState.permissionName)) { return false; } - size_t resDevIdSize = permState.resDeviceID.size(); - size_t grantStatSize = permState.grantStatus.size(); - size_t grantFlagSize = permState.grantFlags.size(); - if ((grantStatSize != resDevIdSize) || (grantFlagSize != resDevIdSize)) { - ACCESSTOKEN_LOG_ERROR(LABEL, - "list size is invalid, grantStatSize %{public}zu, grantFlagSize %{public}zu, resDevIdSize %{public}zu.", - grantStatSize, grantFlagSize, resDevIdSize); + if (!IsGrantStatusValid(permState.grantStatus) || !IsPermissionFlagValid(permState.grantFlag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GrantStatus or grantFlag is invalid"); return false; } - for (uint32_t i = 0; i < resDevIdSize; i++) { - if (!IsGrantStatusValid(permState.grantStatus[i]) || - !IsPermissionFlagValid(permState.grantFlags[i])) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GrantStatus or grantFlags is invalid"); - return false; - } - } return true; } @@ -142,38 +130,19 @@ void PermissionValidator::FilterInvalidPermissionDef( } } -void PermissionValidator::DeduplicateResDevID(const PermissionStateFull& permState, PermissionStateFull& result) -{ - std::set resDevId; - auto stateIter = permState.grantStatus.begin(); - auto flagIter = permState.grantFlags.begin(); - for (auto it = permState.resDeviceID.begin(); it != permState.resDeviceID.end(); ++it, ++stateIter, ++flagIter) { - if (resDevId.count(*it) != 0) { - continue; - } - resDevId.insert(*it); - result.resDeviceID.emplace_back(*it); - result.grantStatus.emplace_back(*stateIter); - result.grantFlags.emplace_back(*flagIter); - } - result.permissionName = permState.permissionName; - result.isGeneral = permState.isGeneral; -} - void PermissionValidator::FilterInvalidPermissionState(ATokenTypeEnum tokenType, bool doPermAvailableCheck, - const std::vector& permList, std::vector& result) + const std::vector& permList, std::vector& result) { std::set permStateSet; for (auto it = permList.begin(); it != permList.end(); ++it) { std::string permName = it->permissionName; - PermissionStateFull res; - if (!IsPermissionStateValid(*it) || permStateSet.count(permName) != 0) { + PermissionStatus res = *it; + if (!IsPermissionStateValid(res) || permStateSet.count(permName) != 0) { continue; } if (doPermAvailableCheck && !IsPermissionAvailable(tokenType, permName)) { continue; } - DeduplicateResDevID(*it, res); permStateSet.insert(permName); result.emplace_back(res); } diff --git a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp index b6204f5de..c9c935ae0 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/short_grant_manager.cpp @@ -21,6 +21,7 @@ #include "access_token.h" #include "access_token_error.h" +#include "accesstoken_log.h" #include "app_manager_access_client.h" #include "permission_manager.h" diff --git a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp index 3f62ade57..8e4472604 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/temp_permission_observer.cpp @@ -502,8 +502,8 @@ void TempPermissionObserver::AddTempPermTokenToList(AccessTokenID tokenID, } } -bool TempPermissionObserver::GetPermissionStateFull(AccessTokenID tokenID, - std::vector& permissionStateFullList) +bool TempPermissionObserver::GetPermissionState(AccessTokenID tokenID, + std::vector& permissionStateList) { std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); if (infoPtr == nullptr) { @@ -514,7 +514,7 @@ bool TempPermissionObserver::GetPermissionStateFull(AccessTokenID tokenID, ACCESSTOKEN_LOG_ERROR(LABEL, "It is a remote hap token %{public}u!", tokenID); return false; } - if (infoPtr->GetPermissionStateList(permissionStateFullList) != RET_SUCCESS) { + if (infoPtr->GetPermissionStateList(permissionStateList) != RET_SUCCESS) { ACCESSTOKEN_LOG_ERROR(LABEL, "GetPermissionStateList failed, token %{public}u!", tokenID); return false; } @@ -534,13 +534,13 @@ void TempPermissionObserver::RevokeAllTempPermission(AccessTokenID tokenID) UnRegisterCallback(); } - std::vector tmpList; - if (!GetPermissionStateFull(tokenID, tmpList)) { + std::vector tmpList; + if (!GetPermissionState(tokenID, tmpList)) { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID:%{public}d get permission state full fail!", tokenID); return; } for (const auto& permissionState : tmpList) { - if (permissionState.grantFlags[0] & PERMISSION_ALLOW_THIS_TIME) { + if (permissionState.grantFlag & PERMISSION_ALLOW_THIS_TIME) { if (PermissionManager::GetInstance().RevokePermission( tokenID, permissionState.permissionName, PERMISSION_ALLOW_THIS_TIME) != RET_SUCCESS) { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID:%{public}d revoke permission:%{public}s failed!", @@ -553,13 +553,13 @@ void TempPermissionObserver::RevokeAllTempPermission(AccessTokenID tokenID) void TempPermissionObserver::RevokeTempPermission(AccessTokenID tokenID, const std::string& permissionName) { - std::vector tmpList; - if (!GetPermissionStateFull(tokenID, tmpList)) { + std::vector tmpList; + if (!GetPermissionState(tokenID, tmpList)) { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID:%{public}d get permission state full fail!", tokenID); return; } for (const auto& permissionState : tmpList) { - if ((permissionState.grantFlags[0] & PERMISSION_ALLOW_THIS_TIME) && + if ((permissionState.grantFlag & PERMISSION_ALLOW_THIS_TIME) && permissionState.permissionName == permissionName) { if (PermissionManager::GetInstance().RevokePermission( tokenID, permissionState.permissionName, PERMISSION_ALLOW_THIS_TIME) != RET_SUCCESS) { @@ -575,10 +575,10 @@ void TempPermissionObserver::OnAppMgrRemoteDiedHandle() { std::unique_lock lck(tempPermissionMutex_); for (auto iter = tempPermTokenMap_.begin(); iter != tempPermTokenMap_.end(); ++iter) { - std::vector tmpList; - GetPermissionStateFull(iter->first, tmpList); + std::vector tmpList; + GetPermissionState(iter->first, tmpList); for (const auto& permissionState : tmpList) { - if (!(permissionState.grantFlags[0] & PERMISSION_ALLOW_THIS_TIME)) { + if (!(permissionState.grantFlag & PERMISSION_ALLOW_THIS_TIME)) { continue; } int32_t ret = PermissionManager::GetInstance().RevokePermission( diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index d0f80bae9..d3117b9fc 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -186,14 +186,14 @@ int AccessTokenManagerService::GetDefPermissions(AccessTokenID tokenID, std::vec } int AccessTokenManagerService::GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { - std::vector permList; + std::vector permList; int ret = PermissionManager::GetInstance().GetReqPermissions(tokenID, permList, isSystemGrant); for (const auto& perm : permList) { - PermissionStateFullParcel permParcel; - permParcel.permStatFull = perm; + PermissionStatusParcel permParcel; + permParcel.permState = perm; reqPermList.emplace_back(permParcel); } return ret; @@ -231,7 +231,7 @@ PermissionOper AccessTokenManagerService::GetPermissionsState(AccessTokenID toke ACCESSTOKEN_LOG_INFO(LABEL, "TokenID: %{public}d, apiVersion: %{public}d", tokenID, apiVersion); bool needRes = false; - std::vector permsList; + std::vector permsList; int retUserGrant = PermissionManager::GetInstance().GetReqPermissions(tokenID, permsList, false); int retSysGrant = PermissionManager::GetInstance().GetReqPermissions(tokenID, permsList, true); if ((retSysGrant != RET_SUCCESS) || (retUserGrant != RET_SUCCESS)) { @@ -346,7 +346,7 @@ AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& in tokenIdEx.tokenIDEx = 0LL; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( - info.hapInfoParameter, policy.hapPolicyParameter, tokenIdEx); + info.hapInfoParameter, policy.hapPolicy, tokenIdEx); if (ret != RET_SUCCESS) { ACCESSTOKEN_LOG_ERROR(LABEL, "Hap token info create failed"); } @@ -357,10 +357,10 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPo AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { ACCESSTOKEN_LOG_INFO(LABEL, "Init hap %{public}s.", info.hapInfoParameter.bundleName.c_str()); - std::vector initializedList; + std::vector initializedList; if (info.hapInfoParameter.dlpType == DLP_COMMON) { if (!PermissionManager::GetInstance().InitPermissionList(info.hapInfoParameter.appDistributionType, - policy.hapPolicyParameter, initializedList, result)) { + policy.hapPolicy, initializedList, result)) { return ERR_PERM_REQUEST_CFG_FAILED; } } else { @@ -369,10 +369,10 @@ int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPo return ERR_PERM_REQUEST_CFG_FAILED; } } - policy.hapPolicyParameter.permStateList = initializedList; + policy.hapPolicy.permStateList = initializedList; int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( - info.hapInfoParameter, policy.hapPolicyParameter, fullTokenId); + info.hapInfoParameter, policy.hapPolicy, fullTokenId); if (ret != RET_SUCCESS) { return ret; } @@ -414,13 +414,13 @@ int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, co const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) { ACCESSTOKEN_LOG_INFO(LABEL, "TokenID: %{public}d", tokenIdEx.tokenIdExStruct.tokenID); - std::vector InitializedList; + std::vector InitializedList; if (!PermissionManager::GetInstance().InitPermissionList( - info.appDistributionType, policyParcel.hapPolicyParameter, InitializedList, result)) { + info.appDistributionType, policyParcel.hapPolicy, InitializedList, result)) { return ERR_PERM_REQUEST_CFG_FAILED; } int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, - InitializedList, policyParcel.hapPolicyParameter.apl, policyParcel.hapPolicyParameter.permList); + InitializedList, policyParcel.hapPolicy.apl, policyParcel.hapPolicy.permList); return ret; } diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 41ed37291..04ef3b4fa 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -183,7 +183,7 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message { AccessTokenID tokenID = data.ReadUint32(); int isSystemGrant = data.ReadInt32(); - std::vector permList; + std::vector permList; int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); IF_FALSE_RETURN_LOG(LABEL, reply.WriteInt32(result), "WriteInt32 failed."); diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 44a156d3d..ab14ed441 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -535,7 +535,7 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) } #ifdef SUPPORT_SANDBOX_APP -static void GetPolicyCopied(const HapPolicyParams& policy, HapPolicyParams& policyNew) +static void GetPolicyCopied(const HapPolicy& policy, HapPolicy& policyNew) { policyNew.apl = policy.apl; policyNew.domain = policy.domain; @@ -550,7 +550,7 @@ static void GetPolicyCopied(const HapPolicyParams& policy, HapPolicyParams& poli #endif int AccessTokenInfoManager::CreateHapTokenInfo( - const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx) + const HapInfoParams& info, const HapPolicy& policy, AccessTokenIDEx& tokenIdEx) { if ((!DataValidator::IsUserIdValid(info.userID)) || (!DataValidator::IsBundleNameValid(info.bundleName)) || (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || (!DataValidator::IsDomainValid(policy.domain)) || @@ -569,7 +569,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( #ifdef SUPPORT_SANDBOX_APP std::shared_ptr tokenInfo; if (info.dlpType != DLP_COMMON) { - HapPolicyParams policyNew; + HapPolicy policyNew; GetPolicyCopied(policy, policyNew); DlpPermissionSetManager::GetInstance().UpdatePermStateWithDlpInfo(info.dlpType, policyNew.permStateList); tokenInfo = std::make_shared(tokenId, info, policyNew); @@ -740,7 +740,7 @@ void AccessTokenInfoManager::StoreHapInfo(const std::shared_ptr& infoPtr, - const std::vector& permStateList, + const std::vector& permStateList, const UpdateHapInfoParams& info, ATokenAplEnum apl) { infoPtr->Update(info, permStateList); @@ -780,7 +780,7 @@ inst %{public}d tokenAttr %{public}d update ok!", infoPtr->GetTokenID(), infoPtr } int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, + const std::vector& permStateList, ATokenAplEnum apl, const std::vector& permList) { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 0405fc902..acc050e0d 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -51,7 +51,7 @@ HapTokenInfoInner::HapTokenInfoInner() : permUpdateTimestamp_(0), isRemote_(fals } HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, - const HapInfoParams &info, const HapPolicyParams &policy) : permUpdateTimestamp_(0), isRemote_(false) + const HapInfoParams &info, const HapPolicy &policy) : permUpdateTimestamp_(0), isRemote_(false) { tokenInfoBasic_.tokenID = id; tokenInfoBasic_.userID = info.userID; @@ -68,7 +68,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, } HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, - const HapTokenInfo &info, const std::vector& permStateList) : isRemote_(false) + const HapTokenInfo &info, const std::vector& permStateList) : isRemote_(false) { permUpdateTimestamp_ = 0; tokenInfoBasic_ = info; @@ -89,8 +89,7 @@ HapTokenInfoInner::~HapTokenInfoInner() PermissionDataBrief::GetInstance().DeleteBriefPermDataByTokenId(tokenInfoBasic_.tokenID); } -void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, - const std::vector& permStateList) +void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList) { tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion); if (info.isSystemApp) { @@ -289,7 +288,7 @@ int32_t HapTokenInfoInner::GetApiVersion(int32_t apiVersion) } void HapTokenInfoInner::UpdateRemoteHapTokenInfo(AccessTokenID mapID, - const HapTokenInfo& baseInfo, std::vector& permStateList) + const HapTokenInfo& baseInfo, std::vector& permStateList) { std::shared_ptr newPermPolicySet = PermissionPolicySet::BuildPolicySetWithoutDefCheck(mapID, permStateList); @@ -337,7 +336,7 @@ int32_t HapTokenInfoInner::UpdatePermissionStatus( return RET_SUCCESS; } -int32_t HapTokenInfoInner::GetPermissionStateListFromBrief(std::vector& permList) +int32_t HapTokenInfoInner::GetPermissionStateListFromBrief(std::vector& permList) { std::vector briefPermDataList; int32_t ret = PermissionDataBrief::GetInstance().GetBriefPermDataByTokenId( @@ -346,19 +345,16 @@ int32_t HapTokenInfoInner::GetPermissionStateListFromBrief(std::vector& permList) +int32_t HapTokenInfoInner::GetPermissionStateList(std::vector& permList) { { Utils::UniqueReadGuard infoGuard(this->policySetLock_); @@ -370,12 +366,12 @@ int32_t HapTokenInfoInner::GetPermissionStateList(std::vector& stateChangeList) +bool HapTokenInfoInner::UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList) { for (const auto& state : stateChangeList) { GenericValues modifyValue; - modifyValue.Put(TokenFiledConst::FIELD_GRANT_STATE, state.grantStatus[0]); - modifyValue.Put(TokenFiledConst::FIELD_GRANT_FLAG, static_cast(state.grantFlags[0])); + modifyValue.Put(TokenFiledConst::FIELD_GRANT_STATE, state.grantStatus); + modifyValue.Put(TokenFiledConst::FIELD_GRANT_FLAG, static_cast(state.grantFlag)); GenericValues conditionValue; conditionValue.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenID)); @@ -406,7 +402,7 @@ int32_t HapTokenInfoInner::ResetUserGrantPermissionStatus(void) permPolicySet_->ResetUserGrantPermissionStatus(); - std::vector permListOfHap; + std::vector permListOfHap; permPolicySet_->GetPermissionStateList(permListOfHap); #ifdef SUPPORT_SANDBOX_APP @@ -486,7 +482,7 @@ void HapTokenInfoInner::ToString(std::string& info) std::vector permList; PermissionDefinitionCache::GetInstance().GetDefPermissionsByTokenId(permList, tokenInfoBasic_.tokenID); - std::vector permStateList; + std::vector permStateList; (void)GetPermissionStateListFromBrief(permStateList); PermissionPolicySet::ToString(info, permList, permStateList); info.append("}"); diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index b5d864069..c8d7c4e4d 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -38,7 +38,7 @@ NativeTokenInfoInner::NativeTokenInfoInner() } NativeTokenInfoInner::NativeTokenInfoInner(NativeTokenInfoBase& native, - const std::vector& permStateList) + const std::vector& permStateList) { tokenInfoBasic_ = native; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(native.tokenID, diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index 14de978ae..90c2d685e 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -45,7 +45,7 @@ static const std::string JSON_ACLS = "nativeAcls"; } int32_t NativeReqPermsGet( - const nlohmann::json& j, std::vector& permStateList) + const nlohmann::json& j, std::vector& permStateList) { std::vector permReqList; if (j.find(JSON_PERMS) == j.end() || (!j.at(JSON_PERMS).is_array())) { @@ -59,15 +59,13 @@ int32_t NativeReqPermsGet( } std::set permRes; for (const auto& permReq : permReqList) { - PermissionStateFull permState; + PermissionStatus permState; if (permRes.count(permReq) != 0) { continue; } permState.permissionName = permReq; - permState.isGeneral = true; - permState.resDeviceID.push_back(DEFAULT_DEVICEID); - permState.grantStatus.push_back(PERMISSION_GRANTED); - permState.grantFlags.push_back(PERMISSION_SYSTEM_FIXED); + permState.grantStatus = PERMISSION_GRANTED; + permState.grantFlag = PERMISSION_SYSTEM_FIXED; permStateList.push_back(permState); permRes.insert(permReq); } @@ -130,7 +128,7 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p return; } - std::vector permStateList; + std::vector permStateList; if (NativeReqPermsGet(j, permStateList) != RET_SUCCESS) { return; } diff --git a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp index 612db78c1..495de18fa 100644 --- a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp @@ -20,6 +20,9 @@ #include "accesstoken_info_manager.h" #include "accesstoken_log.h" #include "access_token_error.h" +#ifdef RESOURCESCHEDULE_FFRT_ENABLE +#include "ffrt.h" +#endif #include "hap_token_info.h" #include "hap_token_info_inner.h" #include "libraryloader.h" diff --git a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp index 297851e17..090aea951 100644 --- a/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/accesstoken_database_coverage_test.cpp @@ -68,12 +68,12 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, ToRdbValueBuckets001, TestSize.Level1) } /* - * @tc.name: TranslationIntoPermissionStateFull001 - * @tc.desc: DataTranslator::TranslationIntoPermissionStateFull + * @tc.name: TranslationIntoPermissionStatus001 + * @tc.desc: DataTranslator::TranslationIntoPermissionStatus * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStateFull001, TestSize.Level1) +HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStatus001, TestSize.Level1) { GenericValues value; value.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); @@ -84,9 +84,9 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, TranslationIntoPermissionStateFull001, ASSERT_EQ(static_cast(PermissionState::PERMISSION_GRANTED), value.GetInt(TokenFiledConst::FIELD_GRANT_STATE)); - PermissionStateFull permissionState; - DataTranslator::TranslationIntoPermissionStateFull(value, permissionState); - ASSERT_EQ(static_cast(PermissionState::PERMISSION_DENIED), permissionState.grantStatus[0]); + PermissionStatus permissionState; + DataTranslator::TranslationIntoPermissionStatus(value, permissionState); + ASSERT_EQ(static_cast(PermissionState::PERMISSION_DENIED), permissionState.grantStatus); } /* @@ -161,9 +161,6 @@ HWTEST_F(AccessTokenDatabaseCoverageTest, Remove001, TestSize.Level1) std::shared_ptr db = AccessTokenDb::GetInstance().db_; AccessTokenDb::GetInstance().db_ = nullptr; type = AtmDataType::ACCESSTOKEN_HAP_INFO; - ASSERT_EQ(NativeRdb::E_OK, AccessTokenDb::GetInstance().Remove(type, value)); - AccessTokenDb::GetInstance().db_ = db; - value.Put(TokenFiledConst::FIELD_PROCESS_NAME, "hdcd"); ASSERT_NE(NativeRdb::E_OK, AccessTokenDb::GetInstance().Remove(type, value)); diff --git a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp index fd1612b6a..50c6b6e4e 100644 --- a/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp +++ b/services/accesstokenmanager/test/coverage/permission_manager_coverage_test.cpp @@ -27,6 +27,7 @@ #undef private #include "accesstoken_callback_stubs.h" #include "callback_death_recipients.h" +#include "token_field_const.h" #include "token_setproc.h" using namespace testing::ext; @@ -40,12 +41,10 @@ static constexpr int USER_ID = 100; static constexpr int INST_INDEX = 0; static constexpr int INVALID_IPC_CODE = 0; -static PermissionStateFull g_permState = { +static PermissionStatus g_permState = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG }; static HapInfoParams g_info = { @@ -55,7 +54,7 @@ static HapInfoParams g_info = { .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_policy = { +static HapPolicy g_policy = { .apl = APL_NORMAL, .domain = "test.domain", .permStateList = {g_permState} @@ -193,6 +192,49 @@ HWTEST_F(PermissionRecordManagerCoverageTest, UpdateCapStateToDatabase001, TestS AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId); } + +/** + * @tc.name: RestorePermissionPolicy001 + * @tc.desc: PermissionPolicySet::RestorePermissionPolicy function test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(PermissionRecordManagerCoverageTest, RestorePermissionPolicy001, TestSize.Level1) +{ + GenericValues value1; + value1.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input + value1.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.CAMERA"); + value1.Put(TokenFiledConst::FIELD_GRANT_STATE, static_cast(3)); + value1.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); + + AccessTokenID tokenId = 123; // 123 is random input + std::vector permStateRes1; + permStateRes1.emplace_back(value1); + + std::shared_ptr policySet = PermissionPolicySet::RestorePermissionPolicy(tokenId, + permStateRes1); // ret != RET_SUCCESS + + ASSERT_EQ(tokenId, policySet->tokenId_); + + GenericValues value2; + value2.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input + value2.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.CAMERA"); + value2.Put(TokenFiledConst::FIELD_GRANT_STATE, PermissionState::PERMISSION_DENIED); + value2.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); + GenericValues value3; + value3.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input + value3.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.MICROPHONE"); + value3.Put(TokenFiledConst::FIELD_GRANT_STATE, PermissionState::PERMISSION_DENIED); + value3.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); + + std::vector permStateRes2; + permStateRes2.emplace_back(value2); + permStateRes2.emplace_back(value3); + + std::shared_ptr policySet2 = PermissionPolicySet::RestorePermissionPolicy(tokenId, + permStateRes2); // state.permissionName == iter->permissionName + ASSERT_EQ(static_cast(2), policySet2->permStateList_.size()); +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp index 43d4c4ad0..7403a1a56 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_database_test.cpp @@ -42,27 +42,9 @@ void AccessTokenDatabaseTest::TearDown() { } -/** - * @tc.name: DatabaseTranslationTest001 - * @tc.desc: test TranslationIntoGenericValues - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenDatabaseTest, DatabaseTranslationTest001, TestSize.Level1) -{ - DataTranslator trans; - PermissionStateFull inPermissionDef; - inPermissionDef.resDeviceID.resize(0); // 0 is the size - - unsigned int grantIndex = 1; // 1 is a test input - GenericValues outGenericValues; - - EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoGenericValues(inPermissionDef, grantIndex, outGenericValues)); -} - /** * @tc.name: DatabaseTranslationTest002 - * @tc.desc: test TranslationIntoPermissionStateFull + * @tc.desc: test TranslationIntoPermissionStatus * @tc.type: FUNC * @tc.require: */ @@ -70,18 +52,18 @@ HWTEST_F(AccessTokenDatabaseTest, DatabaseConverage002, TestSize.Level1) { DataTranslator trans; GenericValues inGenericValues; - PermissionStateFull outPermissionState; + PermissionStatus outPermissionState; outPermissionState.permissionName = ""; // empty name - EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); + EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); outPermissionState.permissionName = "test name"; // test name inGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, ""); // empty device id - EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); + EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); inGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "test dev id"); inGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, 0xffff); // 0xffff is test input - EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); + EXPECT_EQ(ERR_PARAM_INVALID, trans.TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); } } // namespace AccessToken diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 40d577ee3..942594298 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -43,9 +43,6 @@ namespace OHOS { namespace Security { namespace AccessToken { namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenInfoManagerTest" -}; static std::map g_permissionDefinitionMap; static bool g_hasHapPermissionDefinition; static constexpr int32_t DEFAULT_API_VERSION = 8; @@ -77,20 +74,16 @@ static PermissionDef g_infoManagerTestPermDef2 = { .descriptionId = 1 }; -static PermissionStateFull g_infoManagerTestState1 = { +static PermissionStatus g_infoManagerTestState1 = { .permissionName = "open the door", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {1}, - .grantFlags = {1} + .grantStatus = 1, + .grantFlag = 1 }; -static PermissionStateFull g_infoManagerTestState2 = { +static PermissionStatus g_infoManagerTestState2 = { .permissionName = "break the door", - .isGeneral = false, - .resDeviceID = {"device 1", "device 2"}, - .grantStatus = {1, 3}, - .grantFlags = {1, 2} + .grantStatus = 1, + .grantFlag = 1 }; static HapInfoParams g_infoManagerTestInfoParms = { @@ -100,19 +93,17 @@ static HapInfoParams g_infoManagerTestInfoParms = { .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPrams1 = { +static HapPolicy g_infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} }; -static PermissionStateFull g_permState = { +static PermissionStatus g_permState = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG }; #ifdef TOKEN_SYNC_ENABLE @@ -189,7 +180,7 @@ HWTEST_F(AccessTokenInfoManagerTest, HapTokenInfoInner001, TestSize.Level1) .tokenID = id, .tokenAttr = 0 }; - std::vector permStateList; + std::vector permStateList; std::shared_ptr hap = std::make_shared(id, info, permStateList); ASSERT_EQ(hap->IsRemote(), false); hap->SetRemote(true); @@ -240,8 +231,6 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "AddHapToken001 fill data"); - AccessTokenIDEx tokenIdEx = {0}; int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams1, tokenIdEx); @@ -283,7 +272,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo003, TestSize.Level1) HapInfoParams info = { .userID = -1 }; - HapPolicyParams policy; + HapPolicy policy; AccessTokenIDEx tokenIdEx; ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx)); @@ -301,7 +290,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo004, TestSize.Level1) .userID = USER_ID, .bundleName = "" }; - HapPolicyParams policy; + HapPolicy policy; AccessTokenIDEx tokenIdEx; ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx)); @@ -320,7 +309,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo005, TestSize.Level1) .bundleName = "ohos.com.testtesttest", .appIDDesc = "" }; - HapPolicyParams policy; + HapPolicy policy; AccessTokenIDEx tokenIdEx; ASSERT_NE(RET_SUCCESS, AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(info, policy, tokenIdEx)); @@ -339,7 +328,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo006, TestSize.Level1) .bundleName = "ohos.com.testtesttest", .appIDDesc = "who cares" }; - HapPolicyParams policy = { + HapPolicy policy = { .domain = "" }; AccessTokenIDEx tokenIdEx; @@ -361,7 +350,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1) .dlpType = -1, .appIDDesc = "who cares" }; - HapPolicyParams policy = { + HapPolicy policy = { .domain = "who cares" }; AccessTokenIDEx tokenIdEx; @@ -394,7 +383,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1) .bundleName = "ohos.com.testtesttest", .appIDDesc = "" }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {permDef} @@ -422,8 +411,8 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken001, TestSize.Level1) .isSystemApp = false, }; HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; - hapPolicyParcel.hapPolicyParameter.domain = "test.domain"; + hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; + hapPolicyParcel.hapPolicy.domain = "test.domain"; AccessTokenIDEx tokenIdEx; HapInfoCheckResult result; ASSERT_EQ(ERR_PARAM_INVALID, atManagerService_->InitHapToken(hapinfoParcel, hapPolicyParcel, tokenIdEx, result)); @@ -448,8 +437,8 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken002, TestSize.Level1) .isSystemApp = false, }; HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; - hapPolicyParcel.hapPolicyParameter.domain = "test.domain"; + hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; + hapPolicyParcel.hapPolicy.domain = "test.domain"; AccessTokenIDEx tokenIdEx; HapInfoCheckResult result; ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, @@ -475,21 +464,17 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1) .isSystemApp = false, }; HapPolicyParcel policy; - PermissionStateFull permissionStateA = { + PermissionStatus permissionStateA = { .permissionName = "ohos.permission.GET_ALL_APP_ACCOUNTS", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {1}, - .grantFlags = {1} + .grantStatus = 1, + .grantFlag = 1 }; - PermissionStateFull permissionStateB = { + PermissionStatus permissionStateB = { .permissionName = "ohos.permission.test", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {1}, - .grantFlags = {1} + .grantStatus = 1, + .grantFlag = 1 }; - policy.hapPolicyParameter = { + policy.hapPolicy = { .apl = APL_NORMAL, .domain = "test", .permList = {}, @@ -502,8 +487,8 @@ HWTEST_F(AccessTokenInfoManagerTest, InitHapToken003, TestSize.Level1) ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.GET_ALL_APP_ACCOUNTS"); ASSERT_EQ(result.permCheckResult.rule, PERMISSION_ACL_RULE); permissionStateA.permissionName = "ohos.permission.ENTERPRISE_MANAGE_SETTINGS"; - policy.hapPolicyParameter.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" }; - policy.hapPolicyParameter.permStateList = { permissionStateA, permissionStateB }; + policy.hapPolicy.aclRequestedList = { "ohos.permission.ENTERPRISE_MANAGE_SETTINGS" }; + policy.hapPolicy.permStateList = { permissionStateA, permissionStateB }; ASSERT_EQ(ERR_PERM_REQUEST_CFG_FAILED, atManagerService_->InitHapToken(info, policy, fullTokenId, result)); ASSERT_EQ(result.permCheckResult.permissionName, "ohos.permission.ENTERPRISE_MANAGE_SETTINGS"); ASSERT_EQ(result.permCheckResult.rule, PERMISSION_EDM_RULE); @@ -632,7 +617,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "add a hap token"; - HapPolicyParams policy = g_infoManagerTestPolicyPrams1; + HapPolicy policy = g_infoManagerTestPolicyPrams1; policy.apl = APL_SYSTEM_BASIC; UpdateHapInfoParams info; info.appIDDesc = std::string("updateAppId"); @@ -664,7 +649,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) { AccessTokenIDEx tokenIdEx = {0}; - HapPolicyParams policy = g_infoManagerTestPolicyPrams1; + HapPolicy policy = g_infoManagerTestPolicyPrams1; policy.apl = APL_SYSTEM_BASIC; UpdateHapInfoParams info; info.appIDDesc = std::string(""); @@ -694,7 +679,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) std::shared_ptr info = std::make_shared(); info->isRemote_ = true; AccessTokenInfoManager::GetInstance().hapTokenInfoMap_[tokenId] = info; - HapPolicyParams policy; + HapPolicy policy; UpdateHapInfoParams hapInfoParams; hapInfoParams.appIDDesc = "who cares"; hapInfoParams.apiVersion = DEFAULT_API_VERSION; @@ -842,7 +827,7 @@ HWTEST_F(AccessTokenInfoManagerTest, DeleteRemoteToken001, TestSize.Level1) static bool SetRemoteHapTokenInfoTest(const std::string& deviceID, const HapTokenInfo& baseInfo) { - std::vector permStateList; + std::vector permStateList; permStateList.emplace_back(g_infoManagerTestState1); HapTokenInfoForSync remoteTokenInfo = { .baseInfo = baseInfo, @@ -1389,7 +1374,7 @@ HWTEST_F(AccessTokenInfoManagerTest, AddHapTokenInfo002, TestSize.Level1) .instIndex = INST_INDEX, .appIDDesc = "accesstoken_info_manager_test" }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "domain" }; @@ -1576,35 +1561,23 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1) std::string deviceID = "dev-001"; int grantState = PermissionState::PERMISSION_DENIED; uint32_t grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG; - - std::vector resDeviceID; - std::vector grantStates; - std::vector grantFlags; - - resDeviceID.emplace_back(deviceID); - grantStates.emplace_back(grantState); - grantFlags.emplace_back(grantFlag); - - PermissionStateFull permState = { + PermissionStatus permState = { .permissionName = permissionName, - .isGeneral = false, - .resDeviceID = resDeviceID, - .grantStatus = grantStates, - .grantFlags = grantFlags + .grantStatus = grantState, + .grantFlag = grantFlag }; ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState)); // permissionName empty permState.permissionName = "com.ohos.TEST"; - permState.resDeviceID.emplace_back("dev-002"); - // deviceID nums not equal status nums or flag nums + permState.grantStatus = 1; // 1: invalid status ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState)); - permState.grantStatus.emplace_back(PermissionState::PERMISSION_DENIED); - // deviceID nums not equal flag nums + permState.grantStatus = grantState; + permState.grantFlag = -1; // -1: invalid flag ASSERT_EQ(false, PermissionValidator::IsPermissionStateValid(permState)); - permState.grantFlags.emplace_back(PermissionFlag::PERMISSION_DEFAULT_FLAG); + permState.grantFlag = grantFlag; ASSERT_EQ(true, PermissionValidator::IsPermissionStateValid(permState)); } @@ -1640,131 +1613,6 @@ HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Lev ASSERT_EQ(static_cast(1), result.size()); } -/** - * @tc.name: DeduplicateResDevID001 - * @tc.desc: PermissionValidator::DeduplicateResDevID function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, DeduplicateResDevID001, TestSize.Level1) -{ - GTEST_LOG_(INFO) << "DeduplicateResDevID001"; - PermissionStateFull permState = { - .permissionName = "ohos.permission.TEST", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} - }; - GTEST_LOG_(INFO) << "DeduplicateResDevID001_1"; - ASSERT_EQ(static_cast(2), permState.resDeviceID.size()); - - std::vector permList; - permList.emplace_back(permState); - std::vector result; - GTEST_LOG_(INFO) << "DeduplicateResDevID001_2"; - PermissionValidator::FilterInvalidPermissionState(TOKEN_NATIVE, false, permList, result); // resDevId.count != 0 - GTEST_LOG_(INFO) << "DeduplicateResDevID001_3"; - ASSERT_EQ(static_cast(1), result[0].resDeviceID.size()); -} - -/** - * @tc.name: Update001 - * @tc.desc: PermissionPolicySet::Update function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, Update001, TestSize.Level1) -{ - PermissionStateFull perm1 = { - .permissionName = "ohos.permission.TEST1", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} - }; - PermissionStateFull perm2 = { - .permissionName = "ohos.permission.TEST2", - .isGeneral = true, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} - }; - PermissionStateFull perm3 = { - .permissionName = "ohos.permission.TEST1", - .isGeneral = true, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} - }; - ASSERT_EQ(false, perm1.permissionName == perm2.permissionName); - ASSERT_EQ(true, perm1.permissionName == perm3.permissionName); - ASSERT_EQ(false, perm1.isGeneral == perm3.isGeneral); - - AccessTokenID tokenId = 123; // 123 is random input - std::vector permStateList1; - permStateList1.emplace_back(perm1); - std::vector permStateList2; - permStateList1.emplace_back(perm2); - std::vector permStateList3; - permStateList1.emplace_back(perm3); - - std::shared_ptr policySet = PermissionPolicySet::BuildPermissionPolicySet(tokenId, - permStateList1); - - policySet->Update(permStateList2); // iter reach end - policySet->Update(permStateList3); // permNew.isGeneral != permOld.isGeneral -} - -/** - * @tc.name: RestorePermissionPolicy001 - * @tc.desc: PermissionPolicySet::RestorePermissionPolicy function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, RestorePermissionPolicy001, TestSize.Level1) -{ - GenericValues value1; - value1.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input - value1.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, true); - value1.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.CAMERA"); - value1.Put(TokenFiledConst::FIELD_DEVICE_ID, "dev-001"); - value1.Put(TokenFiledConst::FIELD_GRANT_STATE, static_cast(3)); - value1.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); - - AccessTokenID tokenId = 123; // 123 is random input - std::vector permStateRes1; - permStateRes1.emplace_back(value1); - - std::shared_ptr policySet = PermissionPolicySet::RestorePermissionPolicy(tokenId, - permStateRes1); // ret != RET_SUCCESS - - ASSERT_EQ(tokenId, policySet->tokenId_); - - GenericValues value2; - value2.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input - value2.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, true); - value2.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.CAMERA"); - value2.Put(TokenFiledConst::FIELD_DEVICE_ID, "dev-002"); - value2.Put(TokenFiledConst::FIELD_GRANT_STATE, PermissionState::PERMISSION_DENIED); - value2.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); - GenericValues value3; - value3.Put(TokenFiledConst::FIELD_TOKEN_ID, 123); // 123 is random input - value3.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, true); - value3.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "ohos.permission.CAMERA"); - value3.Put(TokenFiledConst::FIELD_DEVICE_ID, "dev-003"); - value3.Put(TokenFiledConst::FIELD_GRANT_STATE, PermissionState::PERMISSION_DENIED); - value3.Put(TokenFiledConst::FIELD_GRANT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG); - - std::vector permStateRes2; - permStateRes2.emplace_back(value2); - permStateRes2.emplace_back(value3); - - std::shared_ptr policySet2 = PermissionPolicySet::RestorePermissionPolicy(tokenId, - permStateRes2); // state.permissionName == iter->permissionName - ASSERT_EQ(static_cast(2), policySet2->permStateList_[0].resDeviceID.size()); -} - /** * @tc.name: QueryPermissionFlag001 * @tc.desc: PermissionPolicySet::QueryPermissionFlag function test @@ -1785,17 +1633,15 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) .description = "description", .descriptionId = 1 }; - PermissionStateFull perm = { + PermissionStatus perm = { .permissionName = "ohos.permission.TEST", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG }; AccessTokenID tokenId = 0x280bc140; // 0x280bc140 is random native PermissionDefinitionCache::GetInstance().Insert(def, tokenId); - std::vector permStateList; + std::vector permStateList; permStateList.emplace_back(perm); std::shared_ptr policySet = PermissionPolicySet::BuildPermissionPolicySet(tokenId, @@ -1804,14 +1650,6 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) // perm.permissionName != permissionName int flag = 0; ASSERT_EQ(ERR_PERMISSION_NOT_EXIST, policySet->QueryPermissionFlag("ohos.permission.TEST1", flag)); - // isGeneral is false - ASSERT_EQ(ERR_PARAM_INVALID, policySet->QueryPermissionFlag("ohos.permission.TEST", flag)); - - perm.isGeneral = true; - std::shared_ptr policySet1 = PermissionPolicySet::BuildPermissionPolicySet(tokenId, - permStateList); - // isGeneral is true - ASSERT_EQ(ERR_PARAM_INVALID, policySet1->QueryPermissionFlag("ohos.permission.TEST", flag)); } /** @@ -1822,16 +1660,14 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1) { - PermissionStateFull perm = { + PermissionStatus perm = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG }; AccessTokenID tokenId = 789; // 789 is random input - std::vector permStateList; + std::vector permStateList; permStateList.emplace_back(perm); std::shared_ptr policySet = PermissionPolicySet::BuildPermissionPolicySet(tokenId, @@ -1841,41 +1677,31 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdatePermissionStatus001, TestSize.Level1) bool isGranted = false; uint32_t flag = PermissionFlag::PERMISSION_DEFAULT_FLAG; bool changed = false; + + // permission is invalid ASSERT_EQ(ERR_PARAM_INVALID, policySet->UpdatePermissionStatus("ohos.permission.TEST1", isGranted, flag, changed)); - // isGeneral is false + // flag != PERMISSION_COMPONENT_SET + flag = PermissionFlag::PERMISSION_DEFAULT_FLAG; + ASSERT_EQ(RET_SUCCESS, policySet->UpdatePermissionStatus("ohos.permission.CAMERA", + isGranted, flag, changed)); + + // flag == PERMISSION_COMPONENT_SET + flag = PermissionFlag::PERMISSION_COMPONENT_SET; ASSERT_EQ(RET_SUCCESS, policySet->UpdatePermissionStatus("ohos.permission.CAMERA", isGranted, flag, changed)); -} - -/** - * @tc.name: ResetUserGrantPermissionStatus001 - * @tc.desc: PermissionPolicySet::ResetUserGrantPermissionStatus function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, ResetUserGrantPermissionStatus001, TestSize.Level1) -{ - PermissionStateFull perm = { - .permissionName = "ohos.permission.TEST", - .isGeneral = false, - .resDeviceID = {"dev-001", "dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG, PermissionFlag::PERMISSION_DEFAULT_FLAG} - }; - - AccessTokenID tokenId = 1011; // 1011 is random input - std::vector permStateList; - permStateList.emplace_back(perm); - std::shared_ptr policySet = PermissionPolicySet::BuildPermissionPolicySet(tokenId, - permStateList); - ASSERT_EQ(tokenId, policySet->tokenId_); + // flag == PERMISSION_SYSTEM_FIXED + flag = PermissionFlag::PERMISSION_SYSTEM_FIXED; + ASSERT_EQ(RET_SUCCESS, policySet->UpdatePermissionStatus("ohos.permission.CAMERA", + isGranted, flag, changed)); - // isGeneral is false - policySet->ResetUserGrantPermissionStatus(); + // Permission fixed by system + flag = PermissionFlag::PERMISSION_DEFAULT_FLAG; + ASSERT_EQ(ERR_PARAM_INVALID, policySet->UpdatePermissionStatus("ohos.permission.CAMERA", + isGranted, flag, changed)); } /** @@ -1887,7 +1713,7 @@ HWTEST_F(AccessTokenInfoManagerTest, ResetUserGrantPermissionStatus001, TestSize HWTEST_F(AccessTokenInfoManagerTest, PermStateFullToString001, TestSize.Level1) { AccessTokenID tokenId = 123; // 123 is random input - std::vector permStateList; + std::vector permStateList; permStateList.emplace_back(g_permState); std::shared_ptr policySet = PermissionPolicySet::BuildPermissionPolicySet(tokenId, @@ -1899,6 +1725,7 @@ HWTEST_F(AccessTokenInfoManagerTest, PermStateFullToString001, TestSize.Level1) std::vector permList; // iter != end - 1 PermissionPolicySet::ToString(info, permList, permStateList); + ASSERT_TRUE(!info.empty()); } #ifdef TOKEN_SYNC_ENABLE @@ -2033,7 +1860,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreNativeTokenInfo001, TestSize.Level1) int version = 10; // 10 is random input which only need not equal 1 std::vector dcap; std::vector nativeAcls; - std::vector permStateList; + std::vector permStateList; GenericValues inGenericValues; std::vector permStateRes; @@ -2073,7 +1900,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) std::string appIDDesc; std::string deviceID; int version = 10; // 10 is random input which only need not equal 1 - HapPolicyParams policy; + HapPolicy policy; UpdateHapInfoParams hapInfo; hapInfo.apiVersion = DEFAULT_API_VERSION; hapInfo.isSystemApp = false; @@ -2255,8 +2082,8 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1) .isSystemApp = false, }; HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicyParameter.apl = ATokenAplEnum::APL_NORMAL; - hapPolicyParcel.hapPolicyParameter.domain = "test.domain"; + hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; + hapPolicyParcel.hapPolicy.domain = "test.domain"; AccessTokenIDEx tokenIDEx = atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel); ASSERT_EQ(INVALID_TOKENID, tokenIDEx.tokenIDEx); @@ -2422,7 +2249,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetAppId001, TestSize.Level1) .instIndex = INST_INDEX, .appIDDesc = "accesstoken_info_manager_test" }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "domain" }; diff --git a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp index c6f5061ca..35786d4f8 100644 --- a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp +++ b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp @@ -31,7 +31,7 @@ #include "access_token_error.h" #include "permission_definition_cache.h" #include "permission_manager.h" -#include "permission_state_full.h" +#include "permission_status.h" #include "token_field_const.h" #define private public #include "nativetoken_kit.h" @@ -285,7 +285,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos001, TestSize.Level1) .tokenAttr = 0 }; - std::vector permStateList = {}; + std::vector permStateList = {}; std::shared_ptr nativeToken = std::make_shared(info, permStateList); tokenInfos.emplace_back(nativeToken); AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); @@ -322,30 +322,24 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos001, TestSize.Level1) ASSERT_EQ(ret, RET_SUCCESS); } -static void PermStateListSet(std::vector &permStateList) +static void PermStateListSet(std::vector &permStateList) { - PermissionStateFull infoManagerTestState1 = { + PermissionStatus infoManagerTestState1 = { .permissionName = "ohos.permission.ACCELEROMETER", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {0}, - .grantFlags = {0} + .grantStatus = 0, + .grantFlag = 0 }; - PermissionStateFull infoManagerTestState2 = { + PermissionStatus infoManagerTestState2 = { .permissionName = "ohos.permission.MANAGE_USER_IDM", - .isGeneral = true, - .resDeviceID = {"device 1", "device 2"}, - .grantStatus = {0, 0}, - .grantFlags = {0, 2} + .grantStatus = 0, + .grantFlag = 0 }; - PermissionStateFull infoManagerTestState3 = { + PermissionStatus infoManagerTestState3 = { .permissionName = "ohos.permission.USER_TEAT", - .isGeneral = true, - .resDeviceID = {"device 1", "device 2"}, - .grantStatus = {0, 0}, - .grantFlags = {0, 2} + .grantStatus = 0, + .grantFlag = 0 }; permStateList.emplace_back(infoManagerTestState1); permStateList.emplace_back(infoManagerTestState2); @@ -387,7 +381,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos002, TestSize.Level1) info2.tokenID = 0x28100002; info2.tokenAttr = 0; - std::vector permStateList; + std::vector permStateList; PermStateListSet(permStateList); std::shared_ptr nativeToken1 = std::make_shared(info1, permStateList); @@ -395,7 +389,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos002, TestSize.Level1) nativeToken1->GetNativeInfoPermissionPolicySet(); GTEST_LOG_(INFO) <<"permPolicySet: " << permPolicySet; - std::vector permList; + std::vector permList; permPolicySet->GetPermissionStateList(permList); for (const auto& perm : permList) { GTEST_LOG_(INFO) <<"perm.permissionName: " << perm.permissionName; @@ -476,7 +470,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos004, TestSize.Level1) .tokenID = 0x28100003, .tokenAttr = 0 }; - std::vector permStateList = {}; + std::vector permStateList = {}; std::shared_ptr nativeToken3 = std::make_shared(info3, permStateList); tokenInfos.emplace_back(nativeToken3); @@ -523,7 +517,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos005, TestSize.Level1) .tokenID = 0x28100006, .tokenAttr = 0 }; - std::vector permStateList = {}; + std::vector permStateList = {}; std::shared_ptr nativeToken5 = std::make_shared(info5, permStateList); tokenInfos.emplace_back(nativeToken5); @@ -573,7 +567,7 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos006, TestSize.Level1) .tokenID = 0x28100007, .tokenAttr = 0 }; - std::vector permStateList = {}; + std::vector permStateList = {}; std::shared_ptr nativeToken7 = std::make_shared(info7, permStateList); tokenInfos.emplace_back(nativeToken7); diff --git a/services/accesstokenmanager/test/unittest/permission_definition_parser_test.cpp b/services/accesstokenmanager/test/unittest/permission_definition_parser_test.cpp index 775766c2b..92ff07fd7 100644 --- a/services/accesstokenmanager/test/unittest/permission_definition_parser_test.cpp +++ b/services/accesstokenmanager/test/unittest/permission_definition_parser_test.cpp @@ -31,7 +31,7 @@ #include "accesstoken_kit.h" #include "access_token_error.h" #include "permission_manager.h" -#include "permission_state_full.h" +#include "permission_status.h" #define private public #include "json_parser.h" #include "permission_definition_cache.h" @@ -39,7 +39,6 @@ #undef private #include "securec.h" #include "access_token_db.h" -#include "token_field_const.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; diff --git a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp index 24c191423..fbea6ad53 100644 --- a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp @@ -17,6 +17,7 @@ #include "access_token.h" #include "access_token_error.h" +#include "callback_manager.h" #ifdef SUPPORT_SANDBOX_APP #define private public #include "dlp_permission_set_manager.h" @@ -69,20 +70,16 @@ static PermissionDef g_infoManagerTestPermDef2 = { .descriptionId = 1 }; -static PermissionStateFull g_infoManagerTestState1 = { +static PermissionStatus g_infoManagerTestState1 = { .permissionName = "open the door", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {1}, - .grantFlags = {1} + .grantStatus = 1, + .grantFlag = 1 }; -static PermissionStateFull g_infoManagerTestState2 = { +static PermissionStatus g_infoManagerTestState2 = { .permissionName = "break the door", - .isGeneral = false, - .resDeviceID = {"device 1", "device 2"}, - .grantStatus = {1, 3}, - .grantFlags = {1, 2} + .grantStatus = 1, + .grantFlag = 1 }; static HapInfoParams g_infoManagerTestInfoParms = { @@ -92,87 +89,67 @@ static HapInfoParams g_infoManagerTestInfoParms = { .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPrams1 = { +static HapPolicy g_infoManagerTestPolicyPrams1 = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} }; -static PermissionStateFull g_infoManagerTestStateA = { - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PERMISSION_GRANTED}, - .grantFlags = {1} +static PermissionStatus g_infoManagerTestStateA = { + .grantStatus = PERMISSION_GRANTED, + .grantFlag = 1 }; -static PermissionStateFull g_infoManagerTestStateB = { - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PERMISSION_GRANTED}, - .grantFlags = {1} +static PermissionStatus g_infoManagerTestStateB = { + .grantStatus = PERMISSION_GRANTED, + .grantFlag = 1 }; -static PermissionStateFull g_infoManagerTestStateC = { - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PERMISSION_GRANTED}, - .grantFlags = {1} +static PermissionStatus g_infoManagerTestStateC = { + .grantStatus = PERMISSION_GRANTED, + .grantFlag = 1 }; -static PermissionStateFull g_infoManagerTestStateD = { - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PERMISSION_GRANTED}, - .grantFlags = {1} +static PermissionStatus g_infoManagerTestStateD = { + .grantStatus = PERMISSION_GRANTED, + .grantFlag = 1 }; -static PermissionStateFull g_permState1 = { +static PermissionStatus g_permState1 = { .permissionName = "ohos.permission.TEST", - .isGeneral = false, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED }; -static PermissionStateFull g_permState2 = { +static PermissionStatus g_permState2 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = false, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED }; -static PermissionStateFull g_permState6 = { +static PermissionStatus g_permState6 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_POLICY_FIXED} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_POLICY_FIXED }; -static PermissionStateFull g_permState7 = { +static PermissionStatus g_permState7 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_POLICY_FIXED} + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_POLICY_FIXED }; -static PermissionStateFull g_permState8 = { +static PermissionStatus g_permState8 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_POLICY_FIXED | PermissionFlag::PERMISSION_USER_SET} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_POLICY_FIXED | PermissionFlag::PERMISSION_USER_SET }; -static PermissionStateFull g_permState9 = { +static PermissionStatus g_permState9 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_POLICY_FIXED | PermissionFlag::PERMISSION_USER_SET} + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_POLICY_FIXED | PermissionFlag::PERMISSION_USER_SET }; static PermissionDef g_infoManagerPermDef1 = { @@ -296,10 +273,10 @@ void PermissionManagerTest::TearDown() static AccessTokenID CreateTempHapTokenInfo() { g_infoManagerTestStateA.permissionName = "ohos.permission.APPROXIMATELY_LOCATION"; - g_infoManagerTestStateA.grantStatus[0] = PERMISSION_DENIED; + g_infoManagerTestStateA.grantStatus = PERMISSION_DENIED; g_infoManagerTestStateB.permissionName = "ohos.permission.READ_PASTEBOARD"; - g_infoManagerTestStateB.grantStatus[0] = PERMISSION_DENIED; - static HapPolicyParams infoManagerTestPolicyPrams = { + g_infoManagerTestStateB.grantStatus = PERMISSION_DENIED; + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {}, @@ -355,7 +332,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig001, TestSize.Level1) g_infoManagerTestStateC.permissionName = "ohos.permission.CLEAN_APPLICATION_DATA"; g_infoManagerTestStateD.permissionName = "ohos.permission.COMMONEVENT_STICKY"; - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain1", .permList = {}, @@ -409,7 +386,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig002, TestSize.Level1) g_infoManagerTestStateC.permissionName = "ohos.permission.CLEAN_APPLICATION_DATA"; g_infoManagerTestStateD.permissionName = "ohos.permission.COMMONEVENT_STICKY"; - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain2", .permList = {}, @@ -463,7 +440,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level1) g_infoManagerTestStateC.permissionName = "ohos.permission.CLEAN_APPLICATION_DATA"; g_infoManagerTestStateD.permissionName = "ohos.permission.COMMONEVENT_STICKY"; - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain3", .permList = {}, @@ -504,13 +481,13 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig003, TestSize.Level1) static void PrepareUserPermState() { g_infoManagerTestStateA.permissionName = "ohos.permission.MEDIA_LOCATION"; - g_infoManagerTestStateA.grantStatus[0] = PERMISSION_DENIED; + g_infoManagerTestStateA.grantStatus = PERMISSION_DENIED; g_infoManagerTestStateB.permissionName = "ohos.permission.MICROPHONE"; - g_infoManagerTestStateB.grantStatus[0] = PERMISSION_DENIED; + g_infoManagerTestStateB.grantStatus = PERMISSION_DENIED; g_infoManagerTestStateC.permissionName = "ohos.permission.READ_CALENDAR"; - g_infoManagerTestStateC.grantStatus[0] = PERMISSION_DENIED; + g_infoManagerTestStateC.grantStatus = PERMISSION_DENIED; g_infoManagerTestStateD.permissionName = "ohos.permission.READ_CALL_LOG"; - g_infoManagerTestStateD.grantStatus[0] = PERMISSION_DENIED; + g_infoManagerTestStateD.grantStatus = PERMISSION_DENIED; } static void PrepareJsonData2() @@ -539,7 +516,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig004, TestSize.Level1) PrepareJsonData2(); PrepareUserPermState(); - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain4", .permList = {g_infoManagerPermDef1, g_infoManagerPermDef2, @@ -597,7 +574,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig005, TestSize.Level1) PrepareJsonData2(); PrepareUserPermState(); - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain5", .permList = {g_infoManagerPermDef1, g_infoManagerPermDef2, @@ -654,7 +631,7 @@ HWTEST_F(PermissionManagerTest, DlpPermissionConfig006, TestSize.Level1) PrepareJsonData2(); PrepareUserPermState(); - static HapPolicyParams infoManagerTestPolicyPrams = { + static HapPolicy infoManagerTestPolicyPrams = { .apl = APL_NORMAL, .domain = "test.domain6", .permList = {g_infoManagerPermDef1, g_infoManagerPermDef2, @@ -947,7 +924,7 @@ HWTEST_F(PermissionManagerTest, GetDefPermissions002, TestSize.Level1) */ HWTEST_F(PermissionManagerTest, GetReqPermissions001, TestSize.Level1) { - std::vector result; + std::vector result; // permissionName is empty ASSERT_EQ(ERR_TOKENID_NOT_EXIST, PermissionManager::GetInstance().GetReqPermissions(0, result, true)); @@ -967,7 +944,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1) g_infoManagerTestPolicyPrams1, tokenIdEx); ASSERT_EQ(RET_SUCCESS, ret); - std::vector result; + std::vector result; AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; // permissionName is empty ASSERT_EQ(RET_SUCCESS, PermissionManager::GetInstance().GetReqPermissions(tokenId, result, true)); @@ -984,7 +961,7 @@ HWTEST_F(PermissionManagerTest, GetReqPermissions002, TestSize.Level1) */ HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1) { - std::vector permsList1; + std::vector permsList1; permsList1.emplace_back(g_permState1); PermissionListState permState1; permState1.permissionName = "ohos.permission.GetSelfPermissionStateTest"; @@ -994,7 +971,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1) PermissionManager::GetInstance().GetSelfPermissionState(permsList1, permState1, apiVersion); ASSERT_EQ(PermissionOper::INVALID_OPER, permState1.state); - std::vector permsList2; + std::vector permsList2; permsList2.emplace_back(g_permState2); PermissionListState permState2; permState2.permissionName = "ohos.permission.CAMERA"; @@ -1012,7 +989,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState001, TestSize.Level1) */ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) { - std::vector permsList1; + std::vector permsList1; permsList1.emplace_back(g_permState6); PermissionListState permState1; permState1.permissionName = "ohos.permission.CAMERA"; @@ -1022,7 +999,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) PermissionManager::GetInstance().GetSelfPermissionState(permsList1, permState1, apiVersion); ASSERT_EQ(PermissionOper::SETTING_OPER, permState1.state); - std::vector permsList2; + std::vector permsList2; permsList2.emplace_back(g_permState7); PermissionListState permState2; permState2.permissionName = "ohos.permission.CAMERA"; @@ -1031,7 +1008,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) PermissionManager::GetInstance().GetSelfPermissionState(permsList2, permState2, apiVersion); ASSERT_EQ(PermissionOper::PASS_OPER, permState2.state); - std::vector permsList3; + std::vector permsList3; permsList3.emplace_back(g_permState8); PermissionListState permState3; permState3.permissionName = "ohos.permission.CAMERA"; @@ -1040,7 +1017,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) PermissionManager::GetInstance().GetSelfPermissionState(permsList3, permState3, apiVersion); ASSERT_EQ(PermissionOper::SETTING_OPER, permState3.state); - std::vector permsList4; + std::vector permsList4; permsList4.emplace_back(g_permState9); PermissionListState permState4; permState4.permissionName = "ohos.permission.CAMERA"; @@ -1058,7 +1035,7 @@ HWTEST_F(PermissionManagerTest, GetSelfPermissionState002, TestSize.Level1) */ HWTEST_F(PermissionManagerTest, GetSelfPermissionState003, TestSize.Level1) { - std::vector permsList1; + std::vector permsList1; permsList1.emplace_back(g_permState2); std::string permissionName = "ohos.permission.CAMERA"; uint32_t oriStatus; @@ -1241,14 +1218,12 @@ HWTEST_F(PermissionManagerTest, GetPermissionFlag002, TestSize.Level1) .instIndex = 0, .appIDDesc = "testtesttesttest" }; - PermissionStateFull permStat = { + PermissionStatus permStat = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED }; - HapPolicyParams policyPrams = { + HapPolicy policyPrams = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {}, @@ -1291,7 +1266,7 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState002, TestSize.Level1) .instIndex = INST_INDEX, .appIDDesc = "permission_manager_test" }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "domain" }; @@ -1331,14 +1306,12 @@ HWTEST_F(PermissionManagerTest, UpdateTokenPermissionState003, TestSize.Level1) .instIndex = INST_INDEX, .appIDDesc = "permission_manager_test" }; - PermissionStateFull permStat = { + PermissionStatus permStat = { .permissionName = permissionName, - .isGeneral = true, - .resDeviceID = {"dev-001"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = PermissionFlag::PERMISSION_DEFAULT_FLAG }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "domain", .permStateList = {permStat} @@ -1398,17 +1371,17 @@ HWTEST_F(PermissionManagerTest, IsPermissionVaild001, TestSize.Level1) } /** - * @tc.name: GetPermissionStateFull001 - * @tc.desc: TempPermissionObserver::GetPermissionStateFull function test + * @tc.name: GetPermissionState001 + * @tc.desc: TempPermissionObserver::GetPermissionState function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PermissionManagerTest, GetPermissionStateFull001, TestSize.Level1) +HWTEST_F(PermissionManagerTest, GetPermissionState001, TestSize.Level1) { AccessTokenID tokenId = 123; // random input - std::vector permissionStateFullList; + std::vector permissionStateList; // tokenId invalid - ASSERT_EQ(false, TempPermissionObserver::GetInstance().GetPermissionStateFull(tokenId, permissionStateFullList)); + ASSERT_EQ(false, TempPermissionObserver::GetInstance().GetPermissionState(tokenId, permissionStateList)); HapInfoParams info = { .userID = USER_ID, @@ -1416,7 +1389,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionStateFull001, TestSize.Level1) .instIndex = INST_INDEX, .appIDDesc = "permission_manager_test" }; - HapPolicyParams policy = { + HapPolicy policy = { .apl = APL_NORMAL, .domain = "domain" }; @@ -1428,7 +1401,7 @@ HWTEST_F(PermissionManagerTest, GetPermissionStateFull001, TestSize.Level1) std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenId); infoPtr->SetRemote(true); // remote token is true - ASSERT_EQ(false, TempPermissionObserver::GetInstance().GetPermissionStateFull(tokenId, permissionStateFullList)); + ASSERT_EQ(false, TempPermissionObserver::GetInstance().GetPermissionState(tokenId, permissionStateList)); infoPtr->SetRemote(false); ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); diff --git a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp index f59ff424d..d2e4b1165 100644 --- a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp @@ -32,15 +32,13 @@ namespace Security { namespace AccessToken { namespace { static std::string SHORT_TEMP_PERMISSION = "ohos.permission.SHORT_TERM_WRITE_IMAGEVIDEO"; -static PermissionStateFull g_permiState = { +static PermissionStatus g_permiState = { .permissionName = SHORT_TEMP_PERMISSION, - .isGeneral = true, - .resDeviceID = {"localC"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {1} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = 1 }; -static HapPolicyParams g_policyParams = { +static HapPolicy g_policyParams = { .apl = APL_NORMAL, .domain = "test.domain", .permStateList = {g_permiState} diff --git a/services/common/database/test/unittest/database_test.cpp b/services/common/database/test/unittest/database_test.cpp index a37e376f5..84e2c19e7 100644 --- a/services/common/database/test/unittest/database_test.cpp +++ b/services/common/database/test/unittest/database_test.cpp @@ -280,106 +280,37 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.L } /* - * @tc.name: DataTranslatorTranslationIntoGenericValues001 - * @tc.desc: DataTranslatorTranslationIntoGenericValues function test + * @tc.name: DataTranslatorTranslationIntoPermissionStatus001 + * @tc.desc: TranslationIntoPermissionStatus function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoGenericValues001, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues001 begin"); - PermissionStateFull grantPermissionReq = { - .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", - .isGeneral = true, - .resDeviceID = {"device1"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} - }; - int grantIndex = 1; - GenericValues genericValues; - ASSERT_NE(RET_SUCCESS, - DataTranslator::TranslationIntoGenericValues(grantPermissionReq, grantIndex, genericValues)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues001 end"); -} - -/* - * @tc.name: DataTranslatorTranslationIntoGenericValues002 - * @tc.desc: DataTranslatorTranslationIntoGenericValues function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoGenericValues002, TestSize.Level1) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues002 begin"); - PermissionStateFull grantPermissionReq = { - .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", - .isGeneral = true, - .resDeviceID = {"device1", "device2"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} - }; - int grantIndex = 1; - GenericValues genericValues; - ASSERT_NE(RET_SUCCESS, - DataTranslator::TranslationIntoGenericValues(grantPermissionReq, grantIndex, genericValues)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues002 end"); -} - -/* - * @tc.name: DataTranslatorTranslationIntoGenericValues003 - * @tc.desc: DataTranslatorTranslationIntoGenericValues function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoGenericValues003, TestSize.Level1) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues003 begin"); - PermissionStateFull grantPermissionReq = { - .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", - .isGeneral = true, - .resDeviceID = {"device1", "device2"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} - }; - int grantIndex = 1; - GenericValues genericValues; - ASSERT_NE(RET_SUCCESS, - DataTranslator::TranslationIntoGenericValues(grantPermissionReq, grantIndex, genericValues)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoGenericValues003 end"); -} - -/* - * @tc.name: DataTranslatorTranslationIntoPermissionStateFull001 - * @tc.desc: TranslationIntoPermissionStateFull function test - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull001, TestSize.Level1) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest001 begin"); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus001 begin"); - PermissionStateFull outPermissionState; + PermissionStatus outPermissionState; GenericValues inGenericValues; inGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); inGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, ""); PermissionDef outPermissionDef; - ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest001 end"); + ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus001 end"); } /* - * @tc.name: DataTranslatorTranslationIntoPermissionStateFull002 - * @tc.desc: TranslationIntoPermissionStateFull function test + * @tc.name: DataTranslatorTranslationIntoPermissionStatus002 + * @tc.desc: TranslationIntoPermissionStatus function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull002, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest002 begin"); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus002 begin"); - PermissionStateFull outPermissionState; + PermissionStatus outPermissionState; GenericValues inGenericValues; inGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); @@ -387,21 +318,21 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull002, Test inGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, ""); PermissionDef outPermissionDef; - ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest002 end"); + ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus002 end"); } /* - * @tc.name: DataTranslatorTranslationIntoPermissionStateFull003 - * @tc.desc: TranslationIntoPermissionStateFull function test + * @tc.name: DataTranslatorTranslationIntoPermissionStatus003 + * @tc.desc: TranslationIntoPermissionStatus function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull003, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest003 begin"); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus003 begin"); - PermissionStateFull outPermissionState; + PermissionStatus outPermissionState; GenericValues inGenericValues; inGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); @@ -410,21 +341,21 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull003, Test inGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, 100); PermissionDef outPermissionDef; - ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest003 end"); + ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus003 end"); } /* - * @tc.name: DataTranslatorTranslationIntoPermissionStateFull004 - * @tc.desc: TranslationIntoPermissionStateFull function test + * @tc.name: DataTranslatorTranslationIntoPermissionStatus004 + * @tc.desc: TranslationIntoPermissionStatus function test * @tc.type: FUNC * @tc.require: */ -HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull004, TestSize.Level1) +HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest004 begin"); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus004 begin"); - PermissionStateFull outPermissionState; + PermissionStatus outPermissionState; GenericValues inGenericValues; inGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); @@ -434,8 +365,8 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStateFull004, Test inGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, 100); PermissionDef outPermissionDef; - ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStateFull(inGenericValues, outPermissionState)); - ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStateFullTest004 end"); + ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); + ACCESSTOKEN_LOG_INFO(LABEL, "DataTranslatorTranslationIntoPermissionStatus004 end"); } } // namespace AccessToken } // namespace Security diff --git a/services/tokensyncmanager/include/command/base_remote_command.h b/services/tokensyncmanager/include/command/base_remote_command.h index bfc3f314b..f53a3dde0 100644 --- a/services/tokensyncmanager/include/command/base_remote_command.h +++ b/services/tokensyncmanager/include/command/base_remote_command.h @@ -21,7 +21,7 @@ #include "hap_token_info.h" #include "native_token_info_base.h" #include "nlohmann/json.hpp" -#include "permission_state_full.h" +#include "permission_status.h" #include "remote_protocol.h" namespace OHOS { @@ -36,7 +36,7 @@ public: /** native token info */ NativeTokenInfoBase baseInfo; /** permission state list */ - std::vector permStateList; + std::vector permStateList; }; /** @@ -60,9 +60,9 @@ public: nlohmann::json ToRemoteProtocolJson(); void FromRemoteProtocolJson(const nlohmann::json& jsonObject); - void ToPermStateJson(nlohmann::json& permStateJson, const PermissionStateFull& state); + void ToPermStateJson(nlohmann::json& permStateJson, const PermissionStatus& state); void FromPermStateListJson(const nlohmann::json& hapTokenJson, - std::vector& permStateList); + std::vector& permStateList); void FromHapTokenBasicInfoJson(const nlohmann::json& hapTokenJson, HapTokenInfo& hapTokenBasicInfo); diff --git a/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h b/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h index 7fbb9b7ad..90a349d17 100644 --- a/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h +++ b/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h @@ -21,7 +21,7 @@ #include "access_token.h" #include "base_remote_command.h" #include "hap_token_info.h" -#include "permission_state_full.h" +#include "permission_status.h" namespace OHOS { namespace Security { diff --git a/services/tokensyncmanager/src/command/base_remote_command.cpp b/services/tokensyncmanager/src/command/base_remote_command.cpp index 8448d1388..c83b19e18 100644 --- a/services/tokensyncmanager/src/command/base_remote_command.cpp +++ b/services/tokensyncmanager/src/command/base_remote_command.cpp @@ -120,26 +120,11 @@ nlohmann::json BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoFor return nativeTokenJson; } -void BaseRemoteCommand::ToPermStateJson(nlohmann::json& permStateJson, const PermissionStateFull& state) +void BaseRemoteCommand::ToPermStateJson(nlohmann::json& permStateJson, const PermissionStatus& state) { - if (state.resDeviceID.size() != state.grantStatus.size() || state.resDeviceID.size() != state.grantFlags.size()) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "State grant config size is invalid"); - return; - } - nlohmann::json permConfigsJson; - uint32_t size = state.resDeviceID.size(); - for (uint32_t i = 0; i < size; i++) { - nlohmann::json permConfigJson = nlohmann::json { - {"resDeviceID", state.resDeviceID[i]}, - {"grantStatus", state.grantStatus[i]}, - {"grantFlags", state.grantFlags[i]}, - }; - permConfigsJson.emplace_back(permConfigJson); - } - permStateJson["permissionName"] = state.permissionName; - permStateJson["isGeneral"] = state.isGeneral; - permStateJson["grantConfig"] = permConfigsJson; + permStateJson["grantStatus"] = state.grantStatus; + permStateJson["grantFlag"] = state.grantFlag; } nlohmann::json BaseRemoteCommand::ToHapTokenInfosJson(const HapTokenInfoForSync& tokenInfo) @@ -180,46 +165,25 @@ void BaseRemoteCommand::FromHapTokenBasicInfoJson(const nlohmann::json& hapToken } void BaseRemoteCommand::FromPermStateListJson(const nlohmann::json& hapTokenJson, - std::vector& permStateList) + std::vector& permStateList) { if (hapTokenJson.find("permState") != hapTokenJson.end() && hapTokenJson.at("permState").is_array() && !hapTokenJson.at("permState").empty()) { nlohmann::json permissionsJson = hapTokenJson.at("permState").get(); for (const auto& permissionJson : permissionsJson) { - PermissionStateFull permission; + PermissionStatus permission; if (permissionJson.find("permissionName") == permissionJson.end() || !permissionJson.at("permissionName").is_string() || - permissionJson.find("isGeneral") == permissionJson.end() || - !permissionJson.at("isGeneral").is_boolean() || - permissionJson.find("grantConfig") == permissionJson.end() || - !permissionJson.at("grantConfig").is_array() || - permissionJson.at("grantConfig").empty()) { + permissionJson.find("grantStatus") == permissionJson.end() || + !permissionJson.at("grantStatus").is_number() || + permissionJson.find("grantFlag") == permissionJson.end() || + !permissionJson.at("grantFlag").is_number()) { continue; } permissionJson.at("permissionName").get_to(permission.permissionName); - permissionJson.at("isGeneral").get_to(permission.isGeneral); - nlohmann::json grantConfigsJson = permissionJson.at("grantConfig").get(); - for (const auto& grantConfigJson :grantConfigsJson) { - if (grantConfigJson.find("resDeviceID") == grantConfigJson.end() || - !grantConfigJson.at("resDeviceID").is_string() || - grantConfigJson.find("grantStatus") == grantConfigJson.end() || - !grantConfigJson.at("grantStatus").is_number() || - grantConfigJson.find("grantFlags") == grantConfigJson.end() || - !grantConfigJson.at("grantFlags").is_number()) { - continue; - } - std::string deviceID; - grantConfigJson.at("resDeviceID").get_to(deviceID); - int grantStatus; - grantConfigJson.at("grantStatus").get_to(grantStatus); - int grantFlags; - grantConfigJson.at("grantFlags").get_to(grantFlags); - permission.resDeviceID.emplace_back(deviceID); - permission.grantStatus.emplace_back(grantStatus); - permission.grantFlags.emplace_back(grantFlags); - } - permStateList.emplace_back(permission); + permissionJson.at("grantStatus").get_to(permission.grantStatus); + permissionJson.at("grantFlag").get_to(permission.grantFlag); } } } diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp index 627cb992d..d189a1757 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp +++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp @@ -465,13 +465,11 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1) .tokenAttr = 0 }; - PermissionStateFull infoManagerTestState = { + PermissionStatus infoManagerTestState = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; - std::vector permStateList; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; + std::vector permStateList; permStateList.emplace_back(infoManagerTestState); HapTokenInfoForSync remoteTokenInfo = { @@ -486,21 +484,17 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson001, TestSize.Level1) cmd->FromHapTokenBasicInfoJson(hapTokenJson, hap.baseInfo); cmd->FromPermStateListJson(hapTokenJson, hap.permStateList); - PermissionStateFull state1 = { + PermissionStatus state1 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local", "local1"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}}; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; nlohmann::json permStateJson; cmd->ToPermStateJson(permStateJson, state1); - PermissionStateFull state2 = { + PermissionStatus state2 = { .permissionName = "ohos.permission.test1", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED, PermissionFlag::PERMISSION_SYSTEM_FIXED}}; + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED}; cmd->ToPermStateJson(permStateJson, state2); EXPECT_EQ(hap.baseInfo.tokenID, remoteTokenInfo.baseInfo.tokenID); @@ -552,31 +546,27 @@ HWTEST_F(TokenSyncServiceTest, FromPermStateListJson002, TestSize.Level1) nlohmann::json hapTokenJsonNull = "{\\\"bundleName\\\":\\\"\\\"," "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\", " - "\\\"grantConfig\\\":[{\\\"resDeviceID\\\":\\\"device\\\", " - "\\\"grantStatus\\\":0, \\\"grantFlags\\\":0}]}],\\\"tokenAttr\\\":0," + "\\\"grantStatus\\\":0, \\\"grantFlag\\\":0}],\\\"tokenAttr\\\":0," "\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; - std::vector permStateListNull; + std::vector permStateListNull; cmd->FromPermStateListJson(hapTokenJsonNull, permStateListNull); EXPECT_EQ(permStateListNull.size(), 0); hapTokenJsonNull = "{\\\"bundleName\\\":\\\"\\\"," - "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\", " - "\\\"isGeneral\\\":1}],\\\"tokenAttr\\\":0," - "\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; + "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\"}]," + "\\\"tokenAttr\\\":0,\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; cmd->FromPermStateListJson(hapTokenJsonNull, permStateListNull); EXPECT_EQ(permStateListNull.size(), 0); hapTokenJsonNull = "{\\\"bundleName\\\":\\\"\\\"," - "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\", " - "\\\"isGeneral\\\":1}],\\\"tokenAttr\\\":0," - "\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; + "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\"}]," + "\\\"tokenAttr\\\":0,\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; cmd->FromPermStateListJson(hapTokenJsonNull, permStateListNull); EXPECT_EQ(permStateListNull.size(), 0); hapTokenJsonNull = "{\\\"bundleName\\\":\\\"\\\"," "\\\"instIndex\\\":0,\\\"permState\\\":[{\\\"permissionName\\\":\\\"TEST\\\", " - "\\\"isGeneral\\\":1, \\\"grantConfig\\\":[{" - "\\\"grantStatus\\\":0, \\\"grantFlags\\\":0}]}],\\\"tokenAttr\\\":0," + "\\\"grantStatus\\\":0, \\\"grantFlag\\\":0}],\\\"tokenAttr\\\":0," "\\\"tokenID\\\":111,\\\"userID\\\":0,\\\"version\\\":1}"; cmd->FromPermStateListJson(hapTokenJsonNull, permStateListNull); EXPECT_EQ(permStateListNull.size(), 0); @@ -1436,20 +1426,16 @@ HWTEST_F(TokenSyncServiceTest, ProcessBufferedCommandsWithThread001, TestSize.Le } namespace { -PermissionStateFull g_infoManagerTestUpdateState1 = { +PermissionStatus g_infoManagerTestUpdateState1 = { .permissionName = "ohos.permission.CAMERA", - .isGeneral = true, - .resDeviceID = {"local"}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .grantFlags = {1} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = 1 }; -PermissionStateFull g_infoManagerTestUpdateState2 = { +PermissionStatus g_infoManagerTestUpdateState2 = { .permissionName = "ohos.permission.ANSWER_CALL", - .isGeneral = false, - .resDeviceID = {"device 1", "device 2"}, - .grantStatus = {PermissionState::PERMISSION_DENIED, PermissionState::PERMISSION_DENIED}, - .grantFlags = {1, 2} + .grantStatus = PermissionState::PERMISSION_DENIED, + .grantFlag = 1 }; HapTokenInfo g_remoteHapInfoBasic = { diff --git a/test/fuzztest/innerkits/accesstoken/setremotehaptokeninfo_fuzzer/setremotehaptokeninfo_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/setremotehaptokeninfo_fuzzer/setremotehaptokeninfo_fuzzer.cpp index 95746809c..29dd19510 100644 --- a/test/fuzztest/innerkits/accesstoken/setremotehaptokeninfo_fuzzer/setremotehaptokeninfo_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/setremotehaptokeninfo_fuzzer/setremotehaptokeninfo_fuzzer.cpp @@ -42,13 +42,11 @@ namespace OHOS { .tokenID = fuzzData.GetData(), .tokenAttr = 0 }; - PermissionStateFull infoManagerTestState = { - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .isGeneral = true, - .permissionName = fuzzData.GenerateStochasticString(), - .resDeviceID = {fuzzData.GenerateStochasticString()}}; - std::vector permStateList; + PermissionStatus infoManagerTestState = { + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED, + .grantStatus = PermissionState::PERMISSION_GRANTED, + .permissionName = fuzzData.GenerateStochasticString()}; + std::vector permStateList; permStateList.emplace_back(infoManagerTestState); HapTokenInfoForSync remoteTokenInfo = { .baseInfo = baseInfo, diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp index fdd38ee1e..15da22d9a 100644 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp @@ -45,14 +45,12 @@ namespace OHOS { .labelId = 1, .description = fuzzData.GenerateStochasticString(), .descriptionId = 1}; - PermissionStateFull TestState = { + PermissionStatus testState = { .permissionName = permissionName, - .isGeneral = true, - .resDeviceID = {fuzzData.GenerateStochasticString()}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {1}, + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = 1, }; - HapInfoParams TestInfoParms = { + HapInfoParams testInfoParms = { .userID = 1, .bundleName = bundleName, .instIndex = 0, @@ -61,17 +59,17 @@ namespace OHOS { .permissionName = permissionName, .userCancelable = true }; - HapPolicyParams TestPolicyPrams = { + HapPolicy testPolicy = { .apl = APL_NORMAL, .domain = fuzzData.GenerateStochasticString(), .permList = {testPermDef}, - .permStateList = {TestState}, + .permStateList = {testState}, .aclRequestedList = {permissionName}, .preAuthorizationInfo = {info1} }; - hapInfoParcel.hapInfoParameter = TestInfoParms; - hapPolicyParcel.hapPolicyParameter = TestPolicyPrams; + hapInfoParcel.hapInfoParameter = testInfoParms; + hapPolicyParcel.hapPolicy = testPolicy; } bool AllocHapTokenStubFuzzTest(const uint8_t* data, size_t size) diff --git a/test/fuzztest/services/accesstoken/initHapTokenstub_fuzzer/initHapTokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/initHapTokenstub_fuzzer/initHapTokenstub_fuzzer.cpp index 63702a66f..c6d0691d1 100644 --- a/test/fuzztest/services/accesstoken/initHapTokenstub_fuzzer/initHapTokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/initHapTokenstub_fuzzer/initHapTokenstub_fuzzer.cpp @@ -45,14 +45,12 @@ namespace OHOS { .labelId = 1, .description = fuzzData.GenerateStochasticString(), .descriptionId = 1}; - PermissionStateFull TestState = { + PermissionStatus testState = { .permissionName = permissionName, - .isGeneral = true, - .resDeviceID = {fuzzData.GenerateStochasticString()}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {1}, + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = 1, }; - HapInfoParams TestInfoParms = { + HapInfoParams testInfoParms = { .userID = 1, .bundleName = bundleName, .instIndex = 0, @@ -61,17 +59,17 @@ namespace OHOS { .permissionName = permissionName, .userCancelable = true }; - HapPolicyParams TestPolicyPrams = { + HapPolicy testPolicy = { .apl = APL_NORMAL, .domain = fuzzData.GenerateStochasticString(), .permList = {testPermDef}, - .permStateList = {TestState}, + .permStateList = {testState}, .aclRequestedList = {permissionName}, .preAuthorizationInfo = {info1} }; - hapInfoParcel.hapInfoParameter = TestInfoParms; - hapPolicyParcel.hapPolicyParameter = TestPolicyPrams; + hapInfoParcel.hapInfoParameter = testInfoParms; + hapPolicyParcel.hapPolicy = testPolicy; } bool InitHapTokenStubFuzzTest(const uint8_t* data, size_t size) diff --git a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp index 78ec9851e..8cda4c996 100644 --- a/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/setremotehaptokeninfostub_fuzzer/setremotehaptokeninfostub_fuzzer.cpp @@ -48,19 +48,15 @@ namespace OHOS { .tokenID = tokenId, .tokenAttr = 0 }; - PermissionStateFull infoManagerTestState = { - .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .isGeneral = true, - .permissionName = permissionName, - .resDeviceID = {fuzzData.GenerateStochasticString()}}; - PermissionStateFull infoManagerTestState2 = { - .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, - .grantStatus = {PermissionState::PERMISSION_DENIED}, - .isGeneral = true, - .permissionName = permissionName, - .resDeviceID = {fuzzData.GenerateStochasticString()}}; - std::vector permStateList; + PermissionStatus infoManagerTestState = { + .grantFlag = PermissionFlag::PERMISSION_SYSTEM_FIXED, + .grantStatus = PermissionState::PERMISSION_GRANTED, + .permissionName = permissionName}; + PermissionStatus infoManagerTestState2 = { + .grantFlag = PermissionFlag::PERMISSION_USER_SET, + .grantStatus = PermissionState::PERMISSION_DENIED, + .permissionName = permissionName}; + std::vector permStateList; permStateList.emplace_back(infoManagerTestState); HapTokenInfoForSync remoteTokenInfo = { .baseInfo = baseInfo, diff --git a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp index b28b52743..939f5f390 100644 --- a/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/updatehaptokenstub_fuzzer/updatehaptokenstub_fuzzer.cpp @@ -43,16 +43,14 @@ namespace OHOS { .labelId = 1, .description = fuzzData.GenerateStochasticString(), .descriptionId = 1}; - PermissionStateFull testState = {.permissionName = permissionName, - .isGeneral = true, - .resDeviceID = {fuzzData.GenerateStochasticString()}, - .grantStatus = {PermissionState::PERMISSION_GRANTED}, - .grantFlags = {1}}; - HapPolicyParams policy = {.apl = APL_NORMAL, + PermissionStatus testState = {.permissionName = permissionName, + .grantStatus = PermissionState::PERMISSION_GRANTED, + .grantFlag = 1}; + HapPolicy policy = {.apl = APL_NORMAL, .domain = fuzzData.GenerateStochasticString(), .permList = {testPermDef}, .permStateList = {testState}}; - hapPolicyParcel.hapPolicyParameter = policy; + hapPolicyParcel.hapPolicy = policy; } bool UpdateHapTokenStubFuzzTest(const uint8_t* data, size_t size) { -- Gitee