From f5678ea4b74ca5e4a08c3547a10a05815fc71289 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 7 Jun 2022 17:19:20 +0800 Subject: [PATCH 1/3] Signed-off-by:chennian Signed-off-by: chennian --- BUILD.gn | 10 + bundle.json | 12 +- frameworks/common/include/accesstoken_log.h | 1 + frameworks/database/include/field_const.h | 4 +- frameworks/database/include/generic_values.h | 2 + frameworks/database/include/statement.h | 3 +- frameworks/database/src/generic_values.cpp | 5 + frameworks/database/src/statement.cpp | 9 +- frameworks/privacy/BUILD.gn | 38 +++ .../include/bundle_used_record_parcel.h | 40 +++ .../privacy/include/i_privacy_manager.h | 60 +++++ .../include/permission_used_record_parcel.h | 40 +++ .../include/permission_used_request_parcel.h | 40 +++ .../include/permission_used_result_parcel.h | 40 +++ .../include/used_record_detail_parcel.h | 40 +++ .../privacy/src/bundle_used_record_parcel.cpp | 71 ++++++ .../src/permission_used_record_parcel.cpp | 90 +++++++ .../src/permission_used_request_parcel.cpp | 76 ++++++ .../src/permission_used_result_parcel.cpp | 67 +++++ .../privacy/src/used_record_detail_parcel.cpp | 53 ++++ interfaces/innerkits/privacy/BUILD.gn | 62 +++++ .../on_permission_used_record_callback.h | 39 +++ .../privacy/include/permission_used_request.h | 45 ++++ .../privacy/include/permission_used_result.h | 60 +++++ .../innerkits/privacy/include/privacy_kit.h | 42 ++++ .../privacy/src/privacy_death_recipient.cpp | 36 +++ .../privacy/src/privacy_death_recipient.h | 35 +++ .../innerkits/privacy/src/privacy_kit.cpp | 79 ++++++ .../privacy/src/privacy_manager_client.cpp | 189 ++++++++++++++ .../privacy/src/privacy_manager_client.h | 42 ++++ .../privacy/src/privacy_manager_proxy.cpp | 233 ++++++++++++++++++ .../privacy/src/privacy_manager_proxy.h | 47 ++++ interfaces/innerkits/privacy/test/BUILD.gn | 53 ++++ .../test/unittest/src/privacy_kit_test.cpp | 92 +++++++ .../test/unittest/src/privacy_kit_test.h | 63 +++++ ohos.build | 12 +- services/privacymanager/BUILD.gn | 54 ++++ .../privacymanager/include/common/constant.h | 36 +++ .../include/service/privacy_manager_service.h | 55 +++++ .../include/service/privacy_manager_stub.h | 47 ++++ services/privacymanager/sa_profile/3505.xml | 24 ++ services/privacymanager/sa_profile/BUILD.gn | 20 ++ .../src/service/privacy_manager_service.cpp | 120 +++++++++ .../src/service/privacy_manager_stub.cpp | 138 +++++++++++ 44 files changed, 2318 insertions(+), 6 deletions(-) create mode 100644 frameworks/privacy/BUILD.gn create mode 100644 frameworks/privacy/include/bundle_used_record_parcel.h create mode 100644 frameworks/privacy/include/i_privacy_manager.h create mode 100644 frameworks/privacy/include/permission_used_record_parcel.h create mode 100644 frameworks/privacy/include/permission_used_request_parcel.h create mode 100644 frameworks/privacy/include/permission_used_result_parcel.h create mode 100644 frameworks/privacy/include/used_record_detail_parcel.h create mode 100644 frameworks/privacy/src/bundle_used_record_parcel.cpp create mode 100644 frameworks/privacy/src/permission_used_record_parcel.cpp create mode 100644 frameworks/privacy/src/permission_used_request_parcel.cpp create mode 100644 frameworks/privacy/src/permission_used_result_parcel.cpp create mode 100644 frameworks/privacy/src/used_record_detail_parcel.cpp create mode 100644 interfaces/innerkits/privacy/BUILD.gn create mode 100644 interfaces/innerkits/privacy/include/on_permission_used_record_callback.h create mode 100644 interfaces/innerkits/privacy/include/permission_used_request.h create mode 100644 interfaces/innerkits/privacy/include/permission_used_result.h create mode 100644 interfaces/innerkits/privacy/include/privacy_kit.h create mode 100644 interfaces/innerkits/privacy/src/privacy_death_recipient.cpp create mode 100644 interfaces/innerkits/privacy/src/privacy_death_recipient.h create mode 100644 interfaces/innerkits/privacy/src/privacy_kit.cpp create mode 100644 interfaces/innerkits/privacy/src/privacy_manager_client.cpp create mode 100644 interfaces/innerkits/privacy/src/privacy_manager_client.h create mode 100644 interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp create mode 100644 interfaces/innerkits/privacy/src/privacy_manager_proxy.h create mode 100644 interfaces/innerkits/privacy/test/BUILD.gn create mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp create mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h create mode 100644 services/privacymanager/BUILD.gn create mode 100644 services/privacymanager/include/common/constant.h create mode 100644 services/privacymanager/include/service/privacy_manager_service.h create mode 100644 services/privacymanager/include/service/privacy_manager_stub.h create mode 100644 services/privacymanager/sa_profile/3505.xml create mode 100644 services/privacymanager/sa_profile/BUILD.gn create mode 100644 services/privacymanager/src/service/privacy_manager_service.cpp create mode 100644 services/privacymanager/src/service/privacy_manager_stub.cpp diff --git a/BUILD.gn b/BUILD.gn index c83806574..c48606cd3 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -40,6 +40,16 @@ group("tokensync_build_module") { } } +group("privacy_build_module") { + if (is_standard_system) { + deps = [ + "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "//base/security/access_token/services/privacymanager:privacy_manager_service", + "//base/security/access_token/services/privacymanager/sa_profile:privacy_sa_profile_standard", + ] + } +} + group("accesstoken_build_module_test") { testonly = true deps = [] diff --git a/bundle.json b/bundle.json index f96681315..7bd645199 100644 --- a/bundle.json +++ b/bundle.json @@ -44,7 +44,8 @@ "build": { "sub_component": [ "//base/security/access_token:accesstoken_build_module", - "//base/security/access_token:tokensync_build_module" + "//base/security/access_token:tokensync_build_module", + "//base/security/access_token:privacy_build_module" ], "inner_kits": [ { @@ -73,6 +74,15 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "header": { + "header_files": [ + "privacy_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/privacy/include" + } } ], "test": [ diff --git a/frameworks/common/include/accesstoken_log.h b/frameworks/common/include/accesstoken_log.h index d90d3bf33..1f811d37d 100644 --- a/frameworks/common/include/accesstoken_log.h +++ b/frameworks/common/include/accesstoken_log.h @@ -48,6 +48,7 @@ #undef LOG_DOMAIN static constexpr unsigned int SECURITY_DOMAIN_ACCESSTOKEN = 0xD002F01; +static constexpr unsigned int SECURITY_DOMAIN_PRIVACY = 0xD002F02; #else diff --git a/frameworks/database/include/field_const.h b/frameworks/database/include/field_const.h index 88f935d11..7689a5272 100644 --- a/frameworks/database/include/field_const.h +++ b/frameworks/database/include/field_const.h @@ -52,14 +52,14 @@ const std::string FIELD_IS_REMOTE_DEVICE = "is_remote_device"; const std::string FIELD_VISITOR_ID = "visitor_id"; const std::string FIELD_OP_CODE = "op_code"; -const std::string FIELD_IS_FOREGROUND = "is_foreground"; +const std::string FIELD_STATUS = "status"; const std::string FIELD_TIMESTAMP = "timestamp"; const std::string FIELD_ACCESS_DURATION = "access_duration"; const std::string FIELD_ACCESS_COUNT = "access_count"; const std::string FIELD_REJECT_COUNT = "reject_count"; const std::string FIELD_TIMESTAMP_BEGIN = "timestamp_begin"; -const std::string FIELD_TIMESTAMP_END = "timestamp_begin"; +const std::string FIELD_TIMESTAMP_END = "timestamp_end"; const std::string FIELD_FLAG = "flag"; } // namespace AccessToken } // namespace Security diff --git a/frameworks/database/include/generic_values.h b/frameworks/database/include/generic_values.h index 20e9934ad..337e62659 100644 --- a/frameworks/database/include/generic_values.h +++ b/frameworks/database/include/generic_values.h @@ -32,6 +32,8 @@ public: void Put(const std::string& key, int value); + void Put(const std::string& key, int64_t value); + void Put(const std::string& key, const std::string& value); void Put(const std::string& key, const VariantValue& value); diff --git a/frameworks/database/include/statement.h b/frameworks/database/include/statement.h index ba40602d8..370ad8ca7 100644 --- a/frameworks/database/include/statement.h +++ b/frameworks/database/include/statement.h @@ -34,6 +34,7 @@ public: void Bind(const int index, const std::string& text); void Bind(const int index, int value); + void Bind(const int index, int64_t value); void Bind(const std::string& tableColumnName, const VariantValue& value); State Step(); @@ -41,7 +42,7 @@ public: std::string GetColumnString(const int column) const; int GetColumnInt(const int column) const; - int GetColumnInt64(const int column) const; + int64_t GetColumnInt64(const int column) const; std::string GetColumnName(const int column) const; int GetParameterIndex(const std::string& name) const; int GetColumnCount() const; diff --git a/frameworks/database/src/generic_values.cpp b/frameworks/database/src/generic_values.cpp index f46ac39ce..e40459836 100644 --- a/frameworks/database/src/generic_values.cpp +++ b/frameworks/database/src/generic_values.cpp @@ -23,6 +23,11 @@ void GenericValues::Put(const std::string& key, int value) map_.insert(std::make_pair(key, VariantValue(value))); } +void GenericValues::Put(const std::string& key, int64_t value) +{ + map_.insert(std::make_pair(key, VariantValue(value))); +} + void GenericValues::Put(const std::string& key, const std::string& value) { map_.insert(std::make_pair(key, VariantValue(value))); diff --git a/frameworks/database/src/statement.cpp b/frameworks/database/src/statement.cpp index 14bd59057..f345ad7d3 100644 --- a/frameworks/database/src/statement.cpp +++ b/frameworks/database/src/statement.cpp @@ -51,12 +51,19 @@ void Statement::Bind(const int index, int value) } } +void Statement::Bind(const int index, int64_t value) +{ + if (sqlite3_bind_int(statement_, index, value) != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind int, errorMsg: %{public}s", sqlite3_errmsg(db_)); + } +} + int Statement::GetColumnInt(const int column) const { return sqlite3_column_int(statement_, column); } -int Statement::GetColumnInt64(const int column) const +int64_t Statement::GetColumnInt64(const int column) const { return sqlite3_column_int64(statement_, column); } diff --git a/frameworks/privacy/BUILD.gn b/frameworks/privacy/BUILD.gn new file mode 100644 index 000000000..58c54cd1e --- /dev/null +++ b/frameworks/privacy/BUILD.gn @@ -0,0 +1,38 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +ohos_shared_library("privacy_communication_adapter_cxx") { + subsystem_name = "security" + part_name = "access_token" + + include_dirs = [ + "include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + "//utils/native/base/include", + ] + + sources = [ + "src/bundle_used_record_parcel.cpp", + "src/permission_used_record_parcel.cpp", + "src/permission_used_request_parcel.cpp", + "src/permission_used_result_parcel.cpp", + "src/used_record_detail_parcel.cpp", + ] + + deps = [ "//utils/native/base:utils" ] + + external_deps = [ "ipc:ipc_core" ] +} diff --git a/frameworks/privacy/include/bundle_used_record_parcel.h b/frameworks/privacy/include/bundle_used_record_parcel.h new file mode 100644 index 000000000..e181853dc --- /dev/null +++ b/frameworks/privacy/include/bundle_used_record_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef BUNDLE_USED_RECORD_PRACEL_H +#define BUNDLE_USED_RECORD_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct BundleUsedRecordParcel final : public Parcelable { + BundleUsedRecordParcel() = default; + + ~BundleUsedRecordParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static BundleUsedRecordParcel* Unmarshalling(Parcel& in); + + BundleUsedRecord bundleRecord; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // BUNDLE_USED_RECORD_PRACEL_H diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h new file mode 100644 index 000000000..272043c07 --- /dev/null +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef I_PRIVACY_MANAGER_H +#define I_PRIVACY_MANAGER_H + +#include + +#include "access_token.h" +#include "errors.h" +#include "iremote_broker.h" + +#include "on_permission_used_record_callback.h" +#include "permission_used_request_parcel.h" +#include "permission_used_result_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class IPrivacyManager : public IRemoteBroker { +public: + static const int SA_ID_PRIVACY_MANAGER_SERVICE = 3505; + + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPrivacyManager"); + + virtual int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) = 0; + virtual int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) = 0; + virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; + virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) = 0; + virtual std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) = 0; + + enum class InterfaceCode { + ADD_PERMISSION_USED_RECORD = 0xf001, + START_USING_PERMISSION = 0xf002, + STOP_USING_PERMISSION = 0xf003, + DELETE_PERMISSION_USED_RECORDS = 0xf004, + GET_PERMISSION_USED_RECORDS = 0xf005, + GET_PERMISSION_USED_RECORDS_ASYNC = 0xf006, + DUMP_RECORD_INFO = 0xf007 + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // I_PRIVACY_MANAGER_H diff --git a/frameworks/privacy/include/permission_used_record_parcel.h b/frameworks/privacy/include/permission_used_record_parcel.h new file mode 100644 index 000000000..7e8377160 --- /dev/null +++ b/frameworks/privacy/include/permission_used_record_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RECORD_PRACEL_H +#define PERMISSION_USED_RECORD_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedRecordParcel final : public Parcelable { + PermissionUsedRecordParcel() = default; + + ~PermissionUsedRecordParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedRecordParcel* Unmarshalling(Parcel& in); + + PermissionUsedRecord permissionRecord; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_RECORD_PRACEL_H diff --git a/frameworks/privacy/include/permission_used_request_parcel.h b/frameworks/privacy/include/permission_used_request_parcel.h new file mode 100644 index 000000000..c0d10966a --- /dev/null +++ b/frameworks/privacy/include/permission_used_request_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_REQUEST_PRACEL_H +#define PERMISSION_USED_REQUEST_PRACEL_H + +#include "parcel.h" +#include "permission_used_request.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedRequestParcel final : public Parcelable { + PermissionUsedRequestParcel() = default; + + ~PermissionUsedRequestParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedRequestParcel* Unmarshalling(Parcel& in); + + PermissionUsedRequest request; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_REQUEST_PRACEL_H diff --git a/frameworks/privacy/include/permission_used_result_parcel.h b/frameworks/privacy/include/permission_used_result_parcel.h new file mode 100644 index 000000000..0af1a6631 --- /dev/null +++ b/frameworks/privacy/include/permission_used_result_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RESPONSE_PRACEL_H +#define PERMISSION_USED_RESPONSE_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedResultParcel final : public Parcelable { + PermissionUsedResultParcel() = default; + + ~PermissionUsedResultParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static PermissionUsedResultParcel* Unmarshalling(Parcel& in); + + PermissionUsedResult result; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // PERMISSION_USED_RESPONSE_PRACEL_H diff --git a/frameworks/privacy/include/used_record_detail_parcel.h b/frameworks/privacy/include/used_record_detail_parcel.h new file mode 100644 index 000000000..460a5d40e --- /dev/null +++ b/frameworks/privacy/include/used_record_detail_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USED_RECORD_DETAIL_PRACEL_H +#define USED_RECORD_DETAIL_PRACEL_H + +#include "parcel.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct UsedRecordDetailParcel final : public Parcelable { + UsedRecordDetailParcel() = default; + + ~UsedRecordDetailParcel() override = default; + + bool Marshalling(Parcel& out) const override; + + static UsedRecordDetailParcel* Unmarshalling(Parcel& in); + + UsedRecordDetail detail; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // USED_RECORD_DETAIL_PRACEL_H diff --git a/frameworks/privacy/src/bundle_used_record_parcel.cpp b/frameworks/privacy/src/bundle_used_record_parcel.cpp new file mode 100644 index 000000000..dfd4dbab0 --- /dev/null +++ b/frameworks/privacy/src/bundle_used_record_parcel.cpp @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "bundle_used_record_parcel.h" +#include "permission_used_record_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool BundleUsedRecordParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteUint32(this->bundleRecord.tokenId)); + RETURN_IF_FALSE(out.WriteBool(this->bundleRecord.isRemote)); + RETURN_IF_FALSE(out.WriteString(this->bundleRecord.deviceId)); + RETURN_IF_FALSE(out.WriteString(this->bundleRecord.bundleName)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->bundleRecord.permissionRecords.size()))); + for (auto permRecord : this->bundleRecord.permissionRecords) { + PermissionUsedRecordParcel permRecordParcel; + permRecordParcel.permissionRecord = permRecord; + out.WriteParcelable(&permRecordParcel); + } + return true; +} + +BundleUsedRecordParcel* BundleUsedRecordParcel::Unmarshalling(Parcel& in) +{ + auto* bundleRecordParcel = new (std::nothrow) BundleUsedRecordParcel(); + RELEASE_IF_FALSE(bundleRecordParcel != nullptr, bundleRecordParcel); + + RELEASE_IF_FALSE(in.ReadUint32(bundleRecordParcel->bundleRecord.tokenId), bundleRecordParcel); + RELEASE_IF_FALSE(in.ReadBool(bundleRecordParcel->bundleRecord.isRemote), bundleRecordParcel); + RELEASE_IF_FALSE(in.ReadString(bundleRecordParcel->bundleRecord.deviceId), bundleRecordParcel); + RELEASE_IF_FALSE(in.ReadString(bundleRecordParcel->bundleRecord.bundleName), bundleRecordParcel); + + int permRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(permRecordSize), bundleRecordParcel); + for (int i = 0; i < permRecordSize; i++) { + sptr permRecord = in.ReadParcelable(); + RELEASE_IF_FALSE(permRecord != nullptr, bundleRecordParcel); + bundleRecordParcel->bundleRecord.permissionRecords.emplace_back(permRecord->permissionRecord); + } + return bundleRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_record_parcel.cpp b/frameworks/privacy/src/permission_used_record_parcel.cpp new file mode 100644 index 000000000..aed02c900 --- /dev/null +++ b/frameworks/privacy/src/permission_used_record_parcel.cpp @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_record_parcel.h" +#include "used_record_detail_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedRecordParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->permissionRecord.permissionName)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.accessCount)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.rejectCount));; + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessTime)); + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastRejectTime)); + RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessDuration)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permissionRecord.accessRecords.size()))); + for (auto accRecord : this->permissionRecord.accessRecords) { + UsedRecordDetailParcel detailParcel; + detailParcel.detail = accRecord; + out.WriteParcelable(&detailParcel); + } + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permissionRecord.rejectRecords.size()))); + for (auto rejRecord : this->permissionRecord.rejectRecords) { + UsedRecordDetailParcel detailParcel; + detailParcel.detail = rejRecord; + out.WriteParcelable(&detailParcel); + } + return true; +} + +PermissionUsedRecordParcel* PermissionUsedRecordParcel::Unmarshalling(Parcel& in) +{ + auto* permissionRecordParcel = new (std::nothrow) PermissionUsedRecordParcel(); + RELEASE_IF_FALSE(permissionRecordParcel != nullptr, permissionRecordParcel); + + RELEASE_IF_FALSE(in.ReadString(permissionRecordParcel->permissionRecord.permissionName), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionRecordParcel->permissionRecord.accessCount), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionRecordParcel->permissionRecord.rejectCount), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastAccessTime), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastRejectTime), permissionRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(permissionRecordParcel->permissionRecord.lastAccessDuration), permissionRecordParcel); + + int accRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(accRecordSize), permissionRecordParcel); + for (int i = 0; i < accRecordSize; i++) { + sptr detailParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(detailParcel != nullptr, permissionRecordParcel); + permissionRecordParcel->permissionRecord.accessRecords.emplace_back(detailParcel->detail); + } + + int rejRecordSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(rejRecordSize), permissionRecordParcel); + for (int i = 0; i < rejRecordSize; i++) { + sptr detailParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(detailParcel != nullptr, permissionRecordParcel); + permissionRecordParcel->permissionRecord.rejectRecords.emplace_back(detailParcel->detail); + } + return permissionRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_request_parcel.cpp b/frameworks/privacy/src/permission_used_request_parcel.cpp new file mode 100644 index 000000000..28c6a7377 --- /dev/null +++ b/frameworks/privacy/src/permission_used_request_parcel.cpp @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_request_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedRequestParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteUint32(this->request.tokenId)); + RETURN_IF_FALSE(out.WriteBool(this->request.isRemote)); + RETURN_IF_FALSE(out.WriteString(this->request.deviceId)); + RETURN_IF_FALSE(out.WriteString(this->request.bundleName)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->request.permissionList.size()))); + for (auto perm : this->request.permissionList) { + RETURN_IF_FALSE(out.WriteString(perm)); + } + RETURN_IF_FALSE(out.WriteInt64(this->request.beginTimeMillis)); + RETURN_IF_FALSE(out.WriteInt64(this->request.endTimeMillis)); + RETURN_IF_FALSE(out.WriteInt32(this->request.flag)); + return true; +} + +PermissionUsedRequestParcel* PermissionUsedRequestParcel::Unmarshalling(Parcel& in) +{ + auto* requestParcel = new (std::nothrow) PermissionUsedRequestParcel(); + RELEASE_IF_FALSE(requestParcel != nullptr, requestParcel); + + RELEASE_IF_FALSE(in.ReadUint32(requestParcel->request.tokenId), requestParcel); + RELEASE_IF_FALSE(in.ReadBool (requestParcel->request.isRemote), requestParcel); + RELEASE_IF_FALSE(in.ReadString(requestParcel->request.deviceId), requestParcel); + RELEASE_IF_FALSE(in.ReadString(requestParcel->request.bundleName), requestParcel); + + int permSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(permSize), requestParcel); + for (int i = 0; i < permSize; i++) { + std::string perm; + RELEASE_IF_FALSE(in.ReadString(perm), requestParcel); + requestParcel->request.permissionList.emplace_back(perm); + } + RELEASE_IF_FALSE(in.ReadInt64(requestParcel->request.beginTimeMillis), requestParcel); + RELEASE_IF_FALSE(in.ReadInt64(requestParcel->request.endTimeMillis), requestParcel); + int flag; + RELEASE_IF_FALSE(in.ReadInt32(flag), requestParcel); + requestParcel->request.flag = static_cast(flag); + return requestParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/permission_used_result_parcel.cpp b/frameworks/privacy/src/permission_used_result_parcel.cpp new file mode 100644 index 000000000..ff3a2e1b0 --- /dev/null +++ b/frameworks/privacy/src/permission_used_result_parcel.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_result_parcel.h" +#include "bundle_used_record_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionUsedResultParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt64(this->result.beginTimeMillis)); + RETURN_IF_FALSE(out.WriteInt64(this->result.endTimeMillis)); + + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->result.bundleRecords.size()))); + for (auto bundRecord : this->result.bundleRecords) { + BundleUsedRecordParcel bundleParcel; + bundleParcel.bundleRecord = bundRecord; + out.WriteParcelable(&bundleParcel); + } + return true; +} + +PermissionUsedResultParcel* PermissionUsedResultParcel::Unmarshalling(Parcel& in) +{ + auto* resultParcel = new (std::nothrow) PermissionUsedResultParcel(); + RELEASE_IF_FALSE(resultParcel != nullptr, resultParcel); + + RELEASE_IF_FALSE(in.ReadInt64(resultParcel->result.beginTimeMillis), resultParcel); + RELEASE_IF_FALSE(in.ReadInt64(resultParcel->result.endTimeMillis), resultParcel); + + int bundResponseSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(bundResponseSize), resultParcel); + for (int i = 0; i < bundResponseSize; i++) { + sptr bunRecordParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(bunRecordParcel != nullptr, resultParcel); + resultParcel->result.bundleRecords.emplace_back(bunRecordParcel->bundleRecord); + } + return resultParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/privacy/src/used_record_detail_parcel.cpp b/frameworks/privacy/src/used_record_detail_parcel.cpp new file mode 100644 index 000000000..50d6f5bbb --- /dev/null +++ b/frameworks/privacy/src/used_record_detail_parcel.cpp @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "used_record_detail_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool UsedRecordDetailParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->detail.status)); + RETURN_IF_FALSE(out.WriteInt64(this->detail.timestamp)); + RETURN_IF_FALSE(out.WriteInt64(this->detail.accessDuration)); + return true; +} + +UsedRecordDetailParcel* UsedRecordDetailParcel::Unmarshalling(Parcel& in) +{ + auto* detailRecordParcel = new (std::nothrow) UsedRecordDetailParcel(); + RELEASE_IF_FALSE(detailRecordParcel != nullptr, detailRecordParcel); + + RELEASE_IF_FALSE(in.ReadInt32(detailRecordParcel->detail.status), detailRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(detailRecordParcel->detail.timestamp), detailRecordParcel); + RELEASE_IF_FALSE(in.ReadInt64(detailRecordParcel->detail.accessDuration), detailRecordParcel); + return detailRecordParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/BUILD.gn b/interfaces/innerkits/privacy/BUILD.gn new file mode 100644 index 000000000..9cb3efde6 --- /dev/null +++ b/interfaces/innerkits/privacy/BUILD.gn @@ -0,0 +1,62 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +config("pricacy") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_shared_library("libprivacy_sdk") { + subsystem_name = "security" + part_name = "access_token" + + output_name = "libprivacy_sdk" + + public_configs = [ ":pricacy" ] + + include_dirs = [ + "//utils/native/base/include", + "include", + "src", + "//base/security/access_token/frameworks/privacy/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + ] + + sources = [ + "src/privacy_death_recipient.cpp", + "src/privacy_kit.cpp", + "src/privacy_manager_client.cpp", + "src/privacy_manager_proxy.cpp", + ] + + deps = [ + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "samgr_standard:samgr_proxy", + ] + + cflags_cc = [ + "-DHILOG_ENABLE", + "-DDEBUG_API_PERFORMANCE", + ] +} diff --git a/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h b/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h new file mode 100644 index 000000000..d137770e2 --- /dev/null +++ b/interfaces/innerkits/privacy/include/on_permission_used_record_callback.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ON_PERMISSION_USED_RECORD_CALLBACK_H +#define ON_PERMISSION_USED_RECORD_CALLBACK_H + +#include "errors.h" +#include "iremote_broker.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class OnPermissionUsedRecordCallback : public IRemoteBroker { +public: + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.OnPermissionUsedRecordCallback"); + + virtual void OnQueried(ErrCode code, PermissionUsedResult& result) = 0; + + enum { + ON_QUERIED = 0, + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ON_PERMISSION_USED_RECORD_CALLBACK_H diff --git a/interfaces/innerkits/privacy/include/permission_used_request.h b/interfaces/innerkits/privacy/include/permission_used_request.h new file mode 100644 index 000000000..9dbda8c35 --- /dev/null +++ b/interfaces/innerkits/privacy/include/permission_used_request.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_REQUEST_H +#define PERMISSION_USED_REQUEST_H + +#include +#include + +#include "access_token.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +typedef enum PermissionUsageFlagEnum { + FLAG_PERMISSION_USAGE_SUMMARY = 0, + FLAG_PERMISSION_USAGE_DETAIL = 1, +} PermissionUsageFlag; + +struct PermissionUsedRequest { + AccessTokenID tokenId = 0; + bool isRemote = false; + std::string deviceId; + std::string bundleName; + std::vector permissionList; + int64_t beginTimeMillis = 0; + int64_t endTimeMillis = 0; + PermissionUsageFlag flag = FLAG_PERMISSION_USAGE_SUMMARY; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_USED_REQUEST_H diff --git a/interfaces/innerkits/privacy/include/permission_used_result.h b/interfaces/innerkits/privacy/include/permission_used_result.h new file mode 100644 index 000000000..548c5e64f --- /dev/null +++ b/interfaces/innerkits/privacy/include/permission_used_result.h @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RESPONSE_H +#define PERMISSION_USED_RESPONSE_H + +#include +#include +#include "access_token.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct UsedRecordDetail { + int32_t status; + int64_t timestamp; + int64_t accessDuration; +}; + +struct PermissionUsedRecord { + std::string permissionName; + int32_t accessCount = 0; + int32_t rejectCount = 0; + int64_t lastAccessTime = 0L; + int64_t lastRejectTime = 0L; + int64_t lastAccessDuration = 0L; + std::vector accessRecords; + std::vector rejectRecords; +}; + +struct BundleUsedRecord { + AccessTokenID tokenId; + bool isRemote; + std::string deviceId; + std::string bundleName; + std::vector permissionRecords; +}; + +struct PermissionUsedResult { + int64_t beginTimeMillis = 0L; + int64_t endTimeMillis = 0L; + std::vector bundleRecords; +}; + +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_USED_RESPONSE_H diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h new file mode 100644 index 000000000..ea0d4d69b --- /dev/null +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_PRIVACY_KIT_H +#define INTERFACES_INNER_KITS_PRIVACY_KIT_H + +#include + +#include "access_token.h" +#include "on_permission_used_record_callback.h" +#include "permission_used_request.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyKit { +public: + static int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + static int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + static int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + static int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); + static int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); + static int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); + static std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif diff --git a/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp b/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp new file mode 100644 index 000000000..6322643b8 --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_death_recipient.cpp @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "privacy_death_recipient.h" + +#include "accesstoken_log.h" +#include "privacy_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyDeathRecipient" +}; +} // namespace + +void PrivacyDeathRecipient::OnRemoteDied(const wptr& object) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + PrivacyManagerClient::GetInstance().OnRemoteDiedHandle(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_death_recipient.h b/interfaces/innerkits/privacy/src/privacy_death_recipient.h new file mode 100644 index 000000000..5670393ac --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_death_recipient.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#ifndef PRIVACY_DEATH_RECIPIENT_H +#define PRIVACY_DEATH_RECIPIENT_H + +#include "iremote_object.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyDeathRecipient : public IRemoteObject::DeathRecipient { +public: + PrivacyDeathRecipient() {} + virtual ~PrivacyDeathRecipient() = default; + void OnRemoteDied(const wptr& object) override; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_DEATH_RECIPIENT_H + diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp new file mode 100644 index 000000000..3cc19887d --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_kit.h" + +#include +#include + +#include "accesstoken_log.h" +#include "privacy_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyKit"}; +} // namespace + +int PrivacyKit::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s, \ + successCount=%{public}d, failCount=%{public}d", __func__, tokenID, permissionName.c_str(), successCount, failCount); + return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); +} + +int PrivacyKit::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s", + __func__, tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().StartUsingPermission(tokenID, permissionName); +} + +int PrivacyKit::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s", + __func__, tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().StopUsingPermission(tokenID, permissionName); +} + +int PrivacyKit::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return PrivacyManagerClient::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID); +} + +int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result); +} + +int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback); +} + +std::string PrivacyKit::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, bundleName=%{public}s, permissionName=%{public}s", + __func__, bundleName.c_str(), permissionName.c_str()); + return PrivacyManagerClient::GetInstance().DumpRecordInfo(bundleName, permissionName); +} + +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp new file mode 100644 index 000000000..42aa577ca --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "privacy_manager_client.h" + +#include "accesstoken_log.h" +#include "data_validator.h" +#include "iservice_registry.h" +#include "privacy_manager_proxy.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerClient" +}; +} // namespace + +const static int32_t ERROR = -1; + +PrivacyManagerClient& PrivacyManagerClient::GetInstance() +{ + static PrivacyManagerClient instance; + return instance; +} + +PrivacyManagerClient::PrivacyManagerClient() +{} + +PrivacyManagerClient::~PrivacyManagerClient() +{} + +int PrivacyManagerClient::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, + int successCount, int failCount) +{ + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName) || + (successCount < 0 || failCount < 0)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid"); + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); +} + +int PrivacyManagerClient::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid"); + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->StartUsingPermission(tokenID, permissionName); +} + +int PrivacyManagerClient::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid"); + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->StopUsingPermission(tokenID, permissionName); +} + +int PrivacyManagerClient::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + if (!DataValidator::IsTokenIDValid(tokenID) && !DataValidator::IsDeviceIdValid(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "parameter is invalid"); + return ERROR; + } + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + return proxy->RemovePermissionUsedRecords(tokenID, deviceID); +} + +int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + + PermissionUsedRequestParcel requestParcel; + PermissionUsedResultParcel reultParcel; + requestParcel.request = request; + int ret = proxy->GetPermissionUsedRecords(requestParcel, reultParcel); + result = reultParcel.result; + return ret; +} + +int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, + const sptr& callback) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ERROR; + } + + PermissionUsedRequestParcel requestParcel; + requestParcel.request = request; + return proxy->GetPermissionUsedRecords(requestParcel, callback); +} + +std::string PrivacyManagerClient::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +{ + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return ""; + } + + return proxy->DumpRecordInfo(bundleName, permissionName); +} + +void PrivacyManagerClient::InitProxy() +{ + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (sam == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbilityManager is null"); + return; + } + auto privacySa = sam->GetSystemAbility(IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + if (privacySa == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbility %{public}d is null", + IPrivacyManager::SA_ID_PRIVACY_MANAGER_SERVICE); + return; + } + + serviceDeathObserver_ = new (std::nothrow) PrivacyDeathRecipient(); + if (serviceDeathObserver_ != nullptr) { + privacySa->AddDeathRecipient(serviceDeathObserver_); + } + proxy_ = iface_cast(privacySa); + if (proxy_ == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "iface_cast get null"); + } + } +} + +void PrivacyManagerClient::OnRemoteDiedHandle() +{ + { + std::lock_guard lock(proxyMutex_); + proxy_ = nullptr; + } + InitProxy(); +} + +sptr PrivacyManagerClient::GetProxy() +{ + if (proxy_ == nullptr) { + InitProxy(); + } + return proxy_; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h new file mode 100644 index 000000000..258f2736a --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -0,0 +1,42 @@ +#ifndef PRIVACY_MANAGER_CLIENT_H +#define PRIVACY_MANAGER_CLIENT_H + +#include +#include +#include + +#include "i_privacy_manager.h" +#include "privacy_death_recipient.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerClient final { +public: + static PrivacyManagerClient& GetInstance(); + + virtual ~PrivacyManagerClient(); + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); + int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); + int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); + + void OnRemoteDiedHandle(); +private: + PrivacyManagerClient(); + + DISALLOW_COPY_AND_MOVE(PrivacyManagerClient); + std::mutex proxyMutex_; + sptr proxy_ = nullptr; + sptr serviceDeathObserver_ = nullptr; + void InitProxy(); + sptr GetProxy(); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_CLIENT_H diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp new file mode 100644 index 000000000..b9026bebc --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -0,0 +1,233 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_proxy.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerProxy" +}; +} + +const static int32_t ERROR = -1; + +PrivacyManagerProxy::PrivacyManagerProxy(const sptr& impl) + : IRemoteProxy(impl) { +} + +PrivacyManagerProxy::~PrivacyManagerProxy() +{} + +int PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, + int successCount, int failCount) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + if (!data.WriteInt32(successCount)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(successCount)"); + return ERROR; + } + if (!data.WriteInt32(failCount)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(failCount)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::ADD_PERMISSION_USED_RECORD, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::START_USING_PERMISSION, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::STOP_USING_PERMISSION, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + return ERROR; + } + if (!data.WriteString(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(deviceID)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::DELETE_PERMISSION_USED_RECORDS, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add result fail, result: %{public}d", requestResult); + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, + PermissionUsedResultParcel& result) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteParcelable(&request)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return ERROR; + } + + sptr resultSptr = reply.ReadParcelable(); + if (resultSptr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail"); + return ERROR; + } + result = *resultSptr; + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +int PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, + const sptr& callback) +{ + MessageParcel data; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteParcelable(&request)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(request)"); + return ERROR; + } + if (!data.WriteRemoteObject(callback->AsObject())) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteRemoteObject(callback)"); + return ERROR; + } + + MessageParcel reply; + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return ERROR; + } + int32_t ret = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", ret); + return ret; +} + +std::string PrivacyManagerProxy::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +{ + MessageParcel data; + MessageParcel reply; + data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); + if (!data.WriteString(bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(bundleName)"); + return ""; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + return ""; + } + int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::DUMP_RECORD_INFO, data, reply); + if (!requestResult) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return ""; + } + std::string dumpInfo = reply.ReadString(); + return dumpInfo; +} + +bool PrivacyManagerProxy::SendRequest( + IPrivacyManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply) +{ + MessageOption option(MessageOption::TF_SYNC); + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return false; + } + + int32_t result = remote->SendRequest(static_cast(code), data, reply, option); + if (result != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SendRequest fail, result: %{public}d", result); + return false; + } + return true; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h new file mode 100644 index 000000000..47267848b --- /dev/null +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_PROXY_H +#define PRIVACY_MANAGER_PROXY_H + +#include + +#include "i_privacy_manager.h" +#include "iremote_proxy.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerProxy : public IRemoteProxy { +public: + explicit PrivacyManagerProxy(const sptr& impl); + ~PrivacyManagerProxy() override; + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; + +private: + bool SendRequest(IPrivacyManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply); + static inline BrokerDelegator delegator_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_PROXY_H \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn new file mode 100644 index 000000000..4f740cd7d --- /dev/null +++ b/interfaces/innerkits/privacy/test/BUILD.gn @@ -0,0 +1,53 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libprivacy_sdk_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//utils/native/base/include", + "//third_party/googletest/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + "//base/security/access_token/services/privacymanager/include/record", + ] + + sources = [ + "unittest/src/privacy_kit_test.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "//base/security/access_token/services/privacymanager:privacy_manager_service", + "//utils/native/base:utils", + ] + external_deps = [ + "ipc:ipc_core", + "samgr_standard:samgr_proxy", + "startup_l2:syspara", + ] +} + +group("unittest") { + testonly = true + deps = [ ":libprivacy_sdk_test" ] +} diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp new file mode 100644 index 000000000..087dd4230 --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_kit_test.h" + +#include "accesstoken_kit.h" +#include "nativetoken_kit.h" +#include "parameter.h" +#include "privacy_kit.h" + +using namespace testing::ext; +using namespace OHOS::Security::AccessToken; + +const static int32_t RET_NO_ERROR = 0; +const static int32_t RET_ERROR = -1; + +void PrivacyKitTest::SetUpTestCase() +{} + +void PrivacyKitTest::TearDownTestCase() +{ +} + +void PrivacyKitTest::SetUp() +{ +} + +void PrivacyKitTest::TearDown() +{ +} + +/** + * @tc.name: AddPermissionUsedRecord001 + * @tc.desc: cannot AddPermissionUsedRecord with illegal tokenId and permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) +{ + int successCount = 1; + int failCount = 0; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(111, "ohos.permission.READ_CONTACTS", successCount, failCount)); +} + +/** + * @tc.name: RemovePermissionUsedRecords001 + * @tc.desc: cannot RemovePermissionUsedRecords with illegal tokenId and deviceID. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) +{ + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::RemovePermissionUsedRecords(111, "device")); +} + +/** + * @tc.name: GetPermissionUsedRecords001 + * @tc.desc: cannot GetPermissionUsedRecords with invalid query time. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) +{ + PermissionUsedRequest request; + PermissionUsedResult result; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); +} + +/** + * @tc.name: GetPermissionUsedRecordsAsync001 + * @tc.desc: cannot GetPermissionUsedRecordsAsync with invalid query time. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) +{ + PermissionUsedRequest request; + OHOS::sptr callback(new TestCallBack()); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, callback)); +} \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h new file mode 100644 index 000000000..86e91f78f --- /dev/null +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_KIT_TEST_H +#define PRIVACY_KIT_TEST_H + +#include + +#include "on_permission_used_record_callback.h" +#include "permission_used_request.h" +#include "permission_used_result.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +static const unsigned int TEST_TOKENID_INVALID = 0; +static const unsigned int TEST_VALID_TOKENID_A = 1; +static const unsigned int TEST_VALID_TOKENID_B = 2; +static const std::string TEST_EMPTY_DEVICEID = ""; +static const std::string TEST_PERMISSION_INVALID = ""; + +class PrivacyKitTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); + + class TestCallBack : public OnPermissionUsedRecordCallback { + public: + TestCallBack() = default; + virtual ~TestCallBack() = default; + + void OnQueried(ErrCode code, PermissionUsedResult& result) + { + GTEST_LOG_(INFO) << "TestCallBack, code :" << code << ", bundleSize :" << result.bundleRecords.size(); + } + }; + std::string GetLocalDeviceUdid(); + void BuildQueryRequest(AccessTokenID tokenId, const std::string deviceId, const std::string& bundleName, + const std::vector permissionList, PermissionUsedRequest& request); + void CheckPermissionUsedResult(const PermissionUsedRequest& request, const PermissionUsedResult& result, + int32_t permRecordSize, int32_t totalSuccessCount, int32_t totalFailCount); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_KIT_TEST_H diff --git a/ohos.build b/ohos.build index dcd834762..67d710d1d 100644 --- a/ohos.build +++ b/ohos.build @@ -33,11 +33,21 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", + "header": { + "header_files": [ + "privacy_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/privacy/include" + } } ], "module_list": [ "//base/security/access_token:accesstoken_build_module", - "//base/security/access_token:tokensync_build_module" + "//base/security/access_token:tokensync_build_module", + "//base/security/access_token:privacy_build_module" ], "test_list": [ "//base/security/access_token:accesstoken_build_module_test", diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn new file mode 100644 index 000000000..900f65e01 --- /dev/null +++ b/services/privacymanager/BUILD.gn @@ -0,0 +1,54 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +ohos_shared_library("privacy_manager_service") { + subsystem_name = "security" + part_name = "access_token" + + include_dirs = [ + "include/common", + "include/service", + "//base/security/access_token/frameworks/privacy/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/database/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/privacy/include", + "//third_party/json/include", + ] + + sources = [ + "src/service/privacy_manager_service.cpp", + "src/service/privacy_manager_stub.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/frameworks/database:accesstoken_database_cxx", + "//base/security/access_token/frameworks/privacy:privacy_communication_adapter_cxx", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//third_party/sqlite:sqlite", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "safwk:system_ability_fwk", + "samgr_standard:samgr_proxy", + "startup_l2:syspara", + ] +} diff --git a/services/privacymanager/include/common/constant.h b/services/privacymanager/include/common/constant.h new file mode 100644 index 000000000..768179065 --- /dev/null +++ b/services/privacymanager/include/common/constant.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CONSTANT_H +#define CONSTANT_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class Constant { +public: + enum ErrorCode { + FAILURE = -1, + SUCCESS = 0, + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // CONSTANT_H diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h new file mode 100644 index 000000000..a683e2209 --- /dev/null +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_SERVICE_H +#define PRIVACY_MANAGER_SERVICE_H + +#include + +#include "privacy_manager_stub.h" +#include "iremote_object.h" +#include "nocopyable.h" +#include "singleton.h" +#include "system_ability.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; +class PrivacyManagerService final : public SystemAbility, public PrivacyManagerStub { + DECLARE_DELAYED_SINGLETON(PrivacyManagerService); + DECLEAR_SYSTEM_ABILITY(PrivacyManagerService); + +public: + void OnStart() override; + void OnStop() override; + + int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; + int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; + int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; + +private: + bool Initialize() const; + + ServiceRunningState state_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_SERVICE_H diff --git a/services/privacymanager/include/service/privacy_manager_stub.h b/services/privacymanager/include/service/privacy_manager_stub.h new file mode 100644 index 000000000..14f0a54b6 --- /dev/null +++ b/services/privacymanager/include/service/privacy_manager_stub.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PRIVACY_MANAGER_STUB_H +#define PRIVACY_MANAGER_STUB_H + +#include "i_privacy_manager.h" + +#include "iremote_stub.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PrivacyManagerStub : public IRemoteStub { +public: + PrivacyManagerStub() = default; + virtual ~PrivacyManagerStub() = default; + + int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override; + +private: + + void AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply); + void StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply); + void StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply); + void RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); + void GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply); + void GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply); + void DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PRIVACY_MANAGER_STUB_H diff --git a/services/privacymanager/sa_profile/3505.xml b/services/privacymanager/sa_profile/3505.xml new file mode 100644 index 000000000..af310ef90 --- /dev/null +++ b/services/privacymanager/sa_profile/3505.xml @@ -0,0 +1,24 @@ + + + + accesstoken_service + + 3505 + libprivacy_manager_service.z.so + true + true + 1 + + diff --git a/services/privacymanager/sa_profile/BUILD.gn b/services/privacymanager/sa_profile/BUILD.gn new file mode 100644 index 000000000..0f9520358 --- /dev/null +++ b/services/privacymanager/sa_profile/BUILD.gn @@ -0,0 +1,20 @@ +# Copyright (c) 2021-2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos/sa_profile/sa_profile.gni") + +ohos_sa_profile("privacy_sa_profile_standard") { + part_name = "access_token" + + sources = [ "3505.xml" ] +} diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp new file mode 100644 index 000000000..a19e38896 --- /dev/null +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -0,0 +1,120 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_service.h" + +#include "accesstoken_log.h" +#include "constant.h" +#include "ipc_skeleton.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerService" +}; +} + +const bool REGISTER_RESULT = + SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); + +PrivacyManagerService::PrivacyManagerService() + : SystemAbility(SA_ID_PRIVACY_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService()"); +} + +PrivacyManagerService::~PrivacyManagerService() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "~PrivacyManagerService()"); +} + +void PrivacyManagerService::OnStart() +{ + if (state_ == ServiceRunningState::STATE_RUNNING) { + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService has already started!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService is starting"); + if (!Initialize()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); + return; + } + state_ = ServiceRunningState::STATE_RUNNING; + bool ret = Publish(DelayedSingleton::GetInstance().get()); + if (!ret) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to publish service!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "Congratulations, PrivacyManagerService start successfully!"); +} + +void PrivacyManagerService::OnStop() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); + state_ = ServiceRunningState::STATE_NOT_START; +} + +int PrivacyManagerService::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + return Constant::SUCCESS; +} + +int PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return Constant::SUCCESS; +} + +int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + PermissionUsedResult permissionRecord; + return Constant::SUCCESS; +} + +int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return Constant::SUCCESS; +} + +std::string PrivacyManagerService::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); + return ""; +} + +bool PrivacyManagerService::Initialize() const +{ + return true; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp new file mode 100644 index 000000000..56cd0e8e1 --- /dev/null +++ b/services/privacymanager/src/service/privacy_manager_stub.cpp @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "privacy_manager_stub.h" + +#include "accesstoken_log.h" + +#include "ipc_skeleton.h" +#include "string_ex.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyManagerStub" +}; +} + +int PrivacyManagerStub::OnRemoteRequest( + uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) +{ + std::u16string descriptor = data.ReadInterfaceToken(); + if (descriptor != IPrivacyManager::GetDescriptor()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); + return -1; + } + switch (code) { + case static_cast(IPrivacyManager::InterfaceCode::ADD_PERMISSION_USED_RECORD): + AddPermissionUsedRecordInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::START_USING_PERMISSION): + StartUsingPermissionInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::STOP_USING_PERMISSION): + StopUsingPermissionInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::DELETE_PERMISSION_USED_RECORDS): + RemovePermissionUsedRecordsInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS): + GetPermissionUsedRecordsInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::GET_PERMISSION_USED_RECORDS_ASYNC): + GetPermissionUsedRecordsAsyncInner(data, reply); + break; + case static_cast(IPrivacyManager::InterfaceCode::DUMP_RECORD_INFO): + DumpRecordInfoInner(data, reply); + break; + default: + return IPCObjectStub::OnRemoteRequest(code, data, reply, option); + } + return NO_ERROR; +} + +void PrivacyManagerStub::AddPermissionUsedRecordInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int successCount = data.ReadInt32(); + int failCount = data.ReadInt32(); + int result = this->AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->StartUsingPermission(tokenID, permissionName); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->StopUsingPermission(tokenID, permissionName); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::RemovePermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string deviceID = data.ReadString(); + int result = this->RemovePermissionUsedRecords(tokenID, deviceID); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::GetPermissionUsedRecordsInner(MessageParcel& data, MessageParcel& reply) +{ + sptr requestParcel = data.ReadParcelable(); + if (requestParcel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable faild"); + reply.WriteInt32(RET_FAILED); + return; + } + PermissionUsedResultParcel responseParcel; + int result = this->GetPermissionUsedRecords(*requestParcel, responseParcel); + reply.WriteParcelable(&responseParcel); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, MessageParcel& reply) +{ + sptr requestParcel = data.ReadParcelable(); + if (requestParcel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable faild"); + reply.WriteInt32(RET_FAILED); + return; + } + sptr callback = iface_cast(data.ReadRemoteObject()); + int result = this->GetPermissionUsedRecords(*requestParcel, callback); + reply.WriteInt32(result); +} + +void PrivacyManagerStub::DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply) +{ + std::string bundleName = data.ReadString(); + std::string permissionName = data.ReadString(); + std::string dumpInfo = this->DumpRecordInfo(bundleName, permissionName); + reply.WriteString(dumpInfo); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS -- Gitee From 63f29472d45e1abb91bc8a26511b85e5d7741bd8 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 7 Jun 2022 17:43:51 +0800 Subject: [PATCH 2/3] Signed-off-by:chennian Signed-off-by: chennian --- frameworks/common/include/accesstoken_log.h | 2 +- .../privacy/include/i_privacy_manager.h | 9 +- .../innerkits/privacy/include/privacy_kit.h | 6 +- .../innerkits/privacy/src/privacy_kit.cpp | 14 +-- .../privacy/src/privacy_manager_client.cpp | 6 +- .../privacy/src/privacy_manager_client.h | 6 +- .../privacy/src/privacy_manager_proxy.h | 9 +- interfaces/innerkits/privacy/test/BUILD.gn | 53 ----------- .../test/unittest/src/privacy_kit_test.cpp | 92 ------------------- .../test/unittest/src/privacy_kit_test.h | 63 ------------- .../permission_definition_cache.cpp | 2 +- .../src/permission/permission_policy_set.cpp | 4 +- .../cpp/src/token/hap_token_info_inner.cpp | 4 +- .../cpp/src/token/native_token_info_inner.cpp | 4 +- .../include/service/privacy_manager_service.h | 9 +- .../src/service/privacy_manager_service.cpp | 18 ++-- 16 files changed, 57 insertions(+), 244 deletions(-) delete mode 100644 interfaces/innerkits/privacy/test/BUILD.gn delete mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp delete mode 100644 interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h diff --git a/frameworks/common/include/accesstoken_log.h b/frameworks/common/include/accesstoken_log.h index 1f811d37d..8f0c43b2d 100644 --- a/frameworks/common/include/accesstoken_log.h +++ b/frameworks/common/include/accesstoken_log.h @@ -48,7 +48,7 @@ #undef LOG_DOMAIN static constexpr unsigned int SECURITY_DOMAIN_ACCESSTOKEN = 0xD002F01; -static constexpr unsigned int SECURITY_DOMAIN_PRIVACY = 0xD002F02; +static constexpr unsigned int SECURITY_DOMAIN_PRIVACY = 0xD002F03; #else diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h index 272043c07..252801a17 100644 --- a/frameworks/privacy/include/i_privacy_manager.h +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -35,12 +35,15 @@ public: DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPrivacyManager"); - virtual int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) = 0; + virtual int AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) = 0; virtual int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; virtual int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; virtual int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) = 0; - virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; - virtual int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) = 0; + virtual int GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; + virtual int GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, const sptr& callback) = 0; virtual std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) = 0; enum class InterfaceCode { diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h index ea0d4d69b..7ce90440b 100644 --- a/interfaces/innerkits/privacy/include/privacy_kit.h +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -28,12 +28,14 @@ namespace Security { namespace AccessToken { class PrivacyKit { public: - static int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + static int AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); static int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); static int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); static int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); static int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); - static int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); + static int GetPermissionUsedRecords( + const PermissionUsedRequest& request, const sptr& callback); static std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); }; } // namespace AccessToken diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index 3cc19887d..0e1588871 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -28,11 +28,13 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PrivacyKit"}; } // namespace -int PrivacyKit::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +int PrivacyKit::AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s, \ - successCount=%{public}d, failCount=%{public}d", __func__, tokenID, permissionName.c_str(), successCount, failCount); - return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID=0x%{public}x, permissionName=%{public}s,", + __func__, tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().AddPermissionUsedRecord( + tokenID, permissionName, successCount, failCount); } int PrivacyKit::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) @@ -61,7 +63,8 @@ int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, P return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result); } -int PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback) +int PrivacyKit::GetPermissionUsedRecords( + const PermissionUsedRequest& request, const sptr& callback) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback); @@ -73,7 +76,6 @@ std::string PrivacyKit::DumpRecordInfo(const std::string& bundleName, const std: __func__, bundleName.c_str(), permissionName.c_str()); return PrivacyManagerClient::GetInstance().DumpRecordInfo(bundleName, permissionName); } - } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp index 42aa577ca..32a583d43 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -42,8 +42,8 @@ PrivacyManagerClient::PrivacyManagerClient() PrivacyManagerClient::~PrivacyManagerClient() {} -int PrivacyManagerClient::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, - int successCount, int failCount) +int PrivacyManagerClient::AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) { if (!DataValidator::IsTokenIDValid(tokenID) || !DataValidator::IsPermissionNameValid(permissionName) || (successCount < 0 || failCount < 0)) { @@ -116,7 +116,7 @@ int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& return ret; } -int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, +int PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback) { auto proxy = GetProxy(); diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index 258f2736a..ee0870eec 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -17,12 +17,14 @@ public: virtual ~PrivacyManagerClient(); - int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); + int AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount); int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); int GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); - int GetPermissionUsedRecords(const PermissionUsedRequest& request, const sptr& callback); + int GetPermissionUsedRecords( + const PermissionUsedRequest& request, const sptr& callback); std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); void OnRemoteDiedHandle(); diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h index 47267848b..fa68f173a 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h @@ -29,12 +29,15 @@ public: explicit PrivacyManagerProxy(const sptr& impl); ~PrivacyManagerProxy() override; - int AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; + int AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) override; int StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; int StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; int RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; - int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; - int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; + int GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, + const sptr& callback) override; std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; private: diff --git a/interfaces/innerkits/privacy/test/BUILD.gn b/interfaces/innerkits/privacy/test/BUILD.gn deleted file mode 100644 index 4f740cd7d..000000000 --- a/interfaces/innerkits/privacy/test/BUILD.gn +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright (c) 2021-2022 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/test.gni") - -ohos_unittest("libprivacy_sdk_test") { - subsystem_name = "security" - part_name = "access_token" - module_out_path = part_name + "/" + part_name - - include_dirs = [ - "//utils/native/base/include", - "//third_party/googletest/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/include", - "//base/security/access_token/interfaces/innerkits/nativetoken/include", - "//base/security/access_token/interfaces/innerkits/privacy/include", - "//base/security/access_token/services/privacymanager/include/record", - ] - - sources = [ - "unittest/src/privacy_kit_test.cpp", - ] - - cflags_cc = [ "-DHILOG_ENABLE" ] - - deps = [ - "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", - "//base/security/access_token/interfaces/innerkits/privacy:libprivacy_sdk", - "//base/security/access_token/services/privacymanager:privacy_manager_service", - "//utils/native/base:utils", - ] - external_deps = [ - "ipc:ipc_core", - "samgr_standard:samgr_proxy", - "startup_l2:syspara", - ] -} - -group("unittest") { - testonly = true - deps = [ ":libprivacy_sdk_test" ] -} diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp deleted file mode 100644 index 087dd4230..000000000 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "privacy_kit_test.h" - -#include "accesstoken_kit.h" -#include "nativetoken_kit.h" -#include "parameter.h" -#include "privacy_kit.h" - -using namespace testing::ext; -using namespace OHOS::Security::AccessToken; - -const static int32_t RET_NO_ERROR = 0; -const static int32_t RET_ERROR = -1; - -void PrivacyKitTest::SetUpTestCase() -{} - -void PrivacyKitTest::TearDownTestCase() -{ -} - -void PrivacyKitTest::SetUp() -{ -} - -void PrivacyKitTest::TearDown() -{ -} - -/** - * @tc.name: AddPermissionUsedRecord001 - * @tc.desc: cannot AddPermissionUsedRecord with illegal tokenId and permission. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) -{ - int successCount = 1; - int failCount = 0; - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(111, "ohos.permission.READ_CONTACTS", successCount, failCount)); -} - -/** - * @tc.name: RemovePermissionUsedRecords001 - * @tc.desc: cannot RemovePermissionUsedRecords with illegal tokenId and deviceID. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords001, TestSize.Level1) -{ - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::RemovePermissionUsedRecords(111, "device")); -} - -/** - * @tc.name: GetPermissionUsedRecords001 - * @tc.desc: cannot GetPermissionUsedRecords with invalid query time. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords001, TestSize.Level1) -{ - PermissionUsedRequest request; - PermissionUsedResult result; - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); -} - -/** - * @tc.name: GetPermissionUsedRecordsAsync001 - * @tc.desc: cannot GetPermissionUsedRecordsAsync with invalid query time. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync001, TestSize.Level1) -{ - PermissionUsedRequest request; - OHOS::sptr callback(new TestCallBack()); - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, callback)); -} \ No newline at end of file diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h deleted file mode 100644 index 86e91f78f..000000000 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (c) 2021-2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PRIVACY_KIT_TEST_H -#define PRIVACY_KIT_TEST_H - -#include - -#include "on_permission_used_record_callback.h" -#include "permission_used_request.h" -#include "permission_used_result.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -static const unsigned int TEST_TOKENID_INVALID = 0; -static const unsigned int TEST_VALID_TOKENID_A = 1; -static const unsigned int TEST_VALID_TOKENID_B = 2; -static const std::string TEST_EMPTY_DEVICEID = ""; -static const std::string TEST_PERMISSION_INVALID = ""; - -class PrivacyKitTest : public testing::Test { -public: - static void SetUpTestCase(); - - static void TearDownTestCase(); - - void SetUp(); - - void TearDown(); - - class TestCallBack : public OnPermissionUsedRecordCallback { - public: - TestCallBack() = default; - virtual ~TestCallBack() = default; - - void OnQueried(ErrCode code, PermissionUsedResult& result) - { - GTEST_LOG_(INFO) << "TestCallBack, code :" << code << ", bundleSize :" << result.bundleRecords.size(); - } - }; - std::string GetLocalDeviceUdid(); - void BuildQueryRequest(AccessTokenID tokenId, const std::string deviceId, const std::string& bundleName, - const std::vector permissionList, PermissionUsedRequest& request); - void CheckPermissionUsedResult(const PermissionUsedRequest& request, const PermissionUsedResult& result, - int32_t permRecordSize, int32_t totalSuccessCount, int32_t totalFailCount); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // PRIVACY_KIT_TEST_H diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp index 5c35b0401..f42be2191 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp @@ -127,7 +127,7 @@ void PermissionDefinitionCache::StorePermissionDef(std::vector& v auto it = permissionDefinitionMap_.begin(); while (it != permissionDefinitionMap_.end()) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, it->second.tokenId); + genericValues.Put(FIELD_TOKEN_ID, (int)it->second.tokenId); DataTranslator::TranslationIntoGenericValues(it->second.permDef, genericValues); valueList.emplace_back(genericValues); ++it; diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index a4fb10b7b..7b770235a 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -115,7 +115,7 @@ void PermissionPolicySet::StorePermissionState(std::vector& value for (auto permissionState : permStateList_) { if (permissionState.isGeneral) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, tokenId_); + genericValues.Put(FIELD_TOKEN_ID, (int)tokenId_); DataTranslator::TranslationIntoGenericValues(permissionState, 0, genericValues); valueList.emplace_back(genericValues); continue; @@ -124,7 +124,7 @@ void PermissionPolicySet::StorePermissionState(std::vector& value unsigned int stateSize = permissionState.resDeviceID.size(); for (unsigned int i = 0; i < stateSize; i++) { GenericValues genericValues; - genericValues.Put(FIELD_TOKEN_ID, tokenId_); + genericValues.Put(FIELD_TOKEN_ID, (int)tokenId_); DataTranslator::TranslationIntoGenericValues(permissionState, i, genericValues); valueList.emplace_back(genericValues); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index ae09048c6..5c34e3096 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -89,7 +89,7 @@ void HapTokenInfoInner::TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const { - outGenericValues.Put(FIELD_TOKEN_ID, tokenInfoBasic_.tokenID); + outGenericValues.Put(FIELD_TOKEN_ID, (int)tokenInfoBasic_.tokenID); outGenericValues.Put(FIELD_USER_ID, tokenInfoBasic_.userID); outGenericValues.Put(FIELD_BUNDLE_NAME, tokenInfoBasic_.bundleName); outGenericValues.Put(FIELD_INST_INDEX, tokenInfoBasic_.instIndex); @@ -98,7 +98,7 @@ void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericVa outGenericValues.Put(FIELD_DEVICE_ID, tokenInfoBasic_.deviceID); outGenericValues.Put(FIELD_APL, tokenInfoBasic_.apl); outGenericValues.Put(FIELD_TOKEN_VERSION, tokenInfoBasic_.ver); - outGenericValues.Put(FIELD_TOKEN_ATTR, tokenInfoBasic_.tokenAttr); + outGenericValues.Put(FIELD_TOKEN_ATTR, (int)tokenInfoBasic_.tokenAttr); } int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericValues) diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index ea09e2b57..00c656f84 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -104,13 +104,13 @@ std::string NativeTokenInfoInner::NativeAclsToString(const std::vector& callback) override; + int GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; + int GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, const sptr& callback) override; std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; private: diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index a19e38896..eb9caf895 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -68,21 +68,25 @@ void PrivacyManagerService::OnStop() state_ = ServiceRunningState::STATE_NOT_START; } -int PrivacyManagerService::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) +int PrivacyManagerService::AddPermissionUsedRecord( + AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", + __func__, tokenID, permissionName.c_str()); return Constant::SUCCESS; } int PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", + __func__, tokenID, permissionName.c_str()); return Constant::SUCCESS; } int PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", __func__, tokenID, permissionName.c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called, tokenID: 0x%{public}x, permission: %{public}s", + __func__, tokenID, permissionName.c_str()); return Constant::SUCCESS; } @@ -92,14 +96,16 @@ int PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, co return Constant::SUCCESS; } -int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) +int PrivacyManagerService::GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); PermissionUsedResult permissionRecord; return Constant::SUCCESS; } -int PrivacyManagerService::GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) +int PrivacyManagerService::GetPermissionUsedRecords( + const PermissionUsedRequestParcel& request, const sptr& callback) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); return Constant::SUCCESS; -- Gitee From 6dc3185b4c15a176db57ff3ea66b106bd7389c4b Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 7 Jun 2022 18:42:22 +0800 Subject: [PATCH 3/3] Signed-off-by:chennian Signed-off-by: chennian --- .../privacy/src/permission_used_record_parcel.cpp | 2 +- .../privacy/include/permission_used_result.h | 1 - .../privacy/src/privacy_manager_client.h | 15 +++++++++++++++ .../privacy/src/privacy_manager_proxy.cpp | 2 +- .../src/service/privacy_manager_service.cpp | 2 +- 5 files changed, 18 insertions(+), 4 deletions(-) diff --git a/frameworks/privacy/src/permission_used_record_parcel.cpp b/frameworks/privacy/src/permission_used_record_parcel.cpp index aed02c900..a547d4b96 100644 --- a/frameworks/privacy/src/permission_used_record_parcel.cpp +++ b/frameworks/privacy/src/permission_used_record_parcel.cpp @@ -35,7 +35,7 @@ bool PermissionUsedRecordParcel::Marshalling(Parcel& out) const { RETURN_IF_FALSE(out.WriteString(this->permissionRecord.permissionName)); RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.accessCount)); - RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.rejectCount));; + RETURN_IF_FALSE(out.WriteInt32(this->permissionRecord.rejectCount)); RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessTime)); RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastRejectTime)); RETURN_IF_FALSE(out.WriteInt64(this->permissionRecord.lastAccessDuration)); diff --git a/interfaces/innerkits/privacy/include/permission_used_result.h b/interfaces/innerkits/privacy/include/permission_used_result.h index 548c5e64f..2c82d7e07 100644 --- a/interfaces/innerkits/privacy/include/permission_used_result.h +++ b/interfaces/innerkits/privacy/include/permission_used_result.h @@ -53,7 +53,6 @@ struct PermissionUsedResult { int64_t endTimeMillis = 0L; std::vector bundleRecords; }; - } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index ee0870eec..e882d4c98 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -1,3 +1,18 @@ +/* + * Copyright (c) 2021-2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + #ifndef PRIVACY_MANAGER_CLIENT_H #define PRIVACY_MANAGER_CLIENT_H diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index b9026bebc..46164ff4b 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -35,7 +35,7 @@ PrivacyManagerProxy::PrivacyManagerProxy(const sptr& impl) PrivacyManagerProxy::~PrivacyManagerProxy() {} -int PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, +int PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int successCount, int failCount) { MessageParcel data; diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index eb9caf895..ca9390385 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -106,7 +106,7 @@ int PrivacyManagerService::GetPermissionUsedRecords( int PrivacyManagerService::GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) -{ +{ ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s called", __func__); return Constant::SUCCESS; } -- Gitee