diff --git a/access_token.gni b/access_token.gni index e3bbe7321b2d1365ede0f78e7fe04bf348fc9859..12360e5d132179783bb7e7370555a9b7a7d15312 100644 --- a/access_token.gni +++ b/access_token.gni @@ -140,6 +140,7 @@ if (!defined(global_parts_info) || declare_args() { access_token_camera_float_window_enable = true + access_token_camera_control_enable = true } if (!defined(global_parts_info) || diff --git a/bundle.json b/bundle.json index 285efcc94bc58d81acc18b915b9725468b9c66c5..0f2e15548048a81ea3ad43f40e7c96dd86d57243 100644 --- a/bundle.json +++ b/bundle.json @@ -21,7 +21,8 @@ ], "features": [ "access_token_feature_coverage", - "access_token_camera_float_window_enable" + "access_token_camera_float_window_enable", + "access_token_camera_control_enable" ], "adapted_system_type": [ "standard" ], "rom": "10000KB", diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 5ec9285f4ed86c4eb07d6a51c6cab1321a587e64..1e970017e20a41b5e5df18d67e948d1a8e5aefb7 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -47,8 +47,7 @@ public: DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager"); - virtual PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t permCode) = 0; virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0; virtual int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) = 0; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 870e2565397bfb1163d773f875a3ee4835abcba4..79d83ac6e13d8edece46fb880097b53d339a7e62 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -45,11 +45,15 @@ PermUsedTypeEnum AccessTokenKit::GetPermissionUsedType( { ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s.", tokenID, permissionName.c_str()); - if ((tokenID == INVALID_TOKENID) || (!DataValidator::IsPermissionNameValid(permissionName))) { + if (tokenID == INVALID_TOKENID) { ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed."); return PermUsedTypeEnum::INVALID_USED_TYPE; } - return AccessTokenManagerClient::GetInstance().GetPermissionUsedType(tokenID, permissionName); + uint32_t code; + if (!TransferPermissionToOpcode(permissionName, code)) { + return PermUsedTypeEnum::INVALID_USED_TYPE; + } + return AccessTokenManagerClient::GetInstance().GetPermissionUsedType(tokenID, code); } int AccessTokenKit::GrantPermissionForSpecifiedTime( diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index a8e0ce1f1b182e716da2bdb193dbd706ae83870c..a9e59eccdc705b453516a6a2c1dbaec9e63db1cb 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -62,15 +62,14 @@ AccessTokenManagerClient::~AccessTokenManagerClient() ReleaseProxy(); } -PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType( - AccessTokenID tokenID, const std::string &permissionName) +PermUsedTypeEnum AccessTokenManagerClient::GetPermissionUsedType(AccessTokenID tokenID, uint32_t permCode) { auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null."); return PermUsedTypeEnum::INVALID_USED_TYPE; } - return proxy->GetPermissionUsedType(tokenID, permissionName); + return proxy->GetPermissionUsedType(tokenID, permCode); } int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index c185a95f6f33a1fa0087c19d85f1ccbb7edc032f..135a55391daeae2ceae654e22d9d8b4c97862e5c 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -48,7 +48,7 @@ public: virtual ~AccessTokenManagerClient(); - PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName); + PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t permCode); int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index e2ed43ae2aeb49a8fc93f8ea44b6645311ad9220..ebe0171d980800c99ca9f28106b8805ad7e0acfe 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -56,8 +56,7 @@ bool AccessTokenManagerProxy::SendRequest( return true; } -PermUsedTypeEnum AccessTokenManagerProxy::GetPermissionUsedType( - AccessTokenID tokenID, const std::string &permissionName) +PermUsedTypeEnum AccessTokenManagerProxy::GetPermissionUsedType(AccessTokenID tokenID, const uint32_t permCode) { MessageParcel data; if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { @@ -68,8 +67,8 @@ PermUsedTypeEnum AccessTokenManagerProxy::GetPermissionUsedType( ACCESSTOKEN_LOG_ERROR(LABEL, "WriteUint32 failed."); return PermUsedTypeEnum::INVALID_USED_TYPE; } - if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "WriteString failed."); + if (!data.WriteUint32(permCode)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "WriteUint32 failed."); return PermUsedTypeEnum::INVALID_USED_TYPE; } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 3c79708d665cd1db76e130d7ff83d24502eb6025..7d9b3958e94e536dd0d06299d6d739ff7ab06d9a 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -42,8 +42,7 @@ public: explicit AccessTokenManagerProxy(const sptr& impl); ~AccessTokenManagerProxy() override; - PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) override; + PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t permCode) override; int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) override; diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_data_brief.h b/services/accesstokenmanager/main/cpp/include/permission/permission_data_brief.h index a7088e8dadc29dee626c197567e9fd8d2765b4b3..2bc91c5757e5ce2d7e495dcdf01f3a5ca63f4fd6 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_data_brief.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_data_brief.h @@ -55,7 +55,7 @@ public: int32_t SetBriefPermData(AccessTokenID tokenID, int32_t opCode, bool status, uint32_t flag); int32_t GetBriefPermDataByTokenId(AccessTokenID tokenID, std::vector& data); void ToString(std::string& info); - PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, int32_t opCode); + PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode); bool IsPermissionGrantedWithSecComp(AccessTokenID tokenID, const std::string& permissionName); int32_t VerifyPermissionStatus(AccessTokenID tokenID, const std::string& permission); int32_t QueryPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 83e5eb808d6b3f6c71c9decc17f11bbab5f42b3a..fe0a9561270f013179dbbac9524d359812e1d057 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -61,7 +61,7 @@ public: bool updateFlag); void RemoveDefPermissions(AccessTokenID tokenID); int VerifyHapAccessToken(AccessTokenID tokenID, const std::string& permissionName); - PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName); + PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode); int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); void GetDefPermissions(AccessTokenID tokenID, std::vector& permList); int GetReqPermissions( diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h index 7c3462b8f712339473fca43983c4c664a3d97ca8..44a77612f532c47ef01f10ffaa2f3e06c5831868 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h @@ -44,7 +44,7 @@ public: void StorePermissionPolicySet(std::vector& permStateValueList); void Update(const std::vector& permStateList); - PermUsedTypeEnum GetPermissionUsedType(const std::string& permissionName); + PermUsedTypeEnum GetPermissionUsedType(uint32_t opCode); void GetDefPermissions(std::vector& permList); bool IsPermissionGrantedWithSecComp(const std::string& permissionName); int QueryPermissionFlag(const std::string& permissionName, int& flag); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index a808b9cec9ed762e2c8d53ff2c254a1cf00fab08..8289bd627a78abf47edbab3108ec09da6805cc7f 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -46,8 +46,7 @@ public: void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override; AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override; - PermUsedTypeEnum GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) override; + PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode) override; int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) override; int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index f18ddf548dda6093f1a3e1118e3e442a994f0ec4..08e0894421ba72ae9476ee4c788e8401b0de2648 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -72,7 +72,7 @@ public: static void RefreshPermStateToKernel(const std::vector& constrainedList, bool hapUserIsActive, AccessTokenID tokenId, std::map& refreshedPermList); static int32_t VerifyPermissionStatus(AccessTokenID tokenID, const std::string& permissionName); - static PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName); + static PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode); static int32_t QueryPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); static void GetPermStatusListByTokenId(AccessTokenID tokenID, const std::vector constrainedList, std::vector& opCodeList, std::vector& statusList); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp index 1914fe401391953246cc888bc53a75f3b16098f2..dcf2f2001c904349732a66d87549e0f83dc7bec0 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_data_brief.cpp @@ -202,7 +202,7 @@ void PermissionDataBrief::GetPermStatusListByTokenId(AccessTokenID tokenID, return; } -PermUsedTypeEnum PermissionDataBrief::GetPermissionUsedType(AccessTokenID tokenID, int32_t opCode) +PermUsedTypeEnum PermissionDataBrief::GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode) { Utils::UniqueReadGuard infoGuard(this->permissionStateDataLock_); auto iter = requestedPermData_.find(tokenID); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 0761e4ffd1143ef17b83d1afdc341937b0f2f16f..47490496b6d2243d55ff1721f18d419d51a8925b 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -140,17 +140,16 @@ int PermissionManager::VerifyHapAccessToken(AccessTokenID tokenID, const std::st return HapTokenInfoInner::VerifyPermissionStatus(tokenID, permissionName); // 从data获取 } -PermUsedTypeEnum PermissionManager::GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) +PermUsedTypeEnum PermissionManager::GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode) { if ((tokenID == INVALID_TOKENID) || (TOKEN_HAP != AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(tokenID))) { ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID: %{public}d is invalid.", tokenID); return PermUsedTypeEnum::INVALID_USED_TYPE; } - PermUsedTypeEnum ret = HapTokenInfoInner::GetPermissionUsedType(tokenID, permissionName); + PermUsedTypeEnum ret = HapTokenInfoInner::GetPermissionUsedType(tokenID, opCode); ACCESSTOKEN_LOG_INFO(LABEL, - "Application %{public}u apply for %{public}s for type %{public}d.", tokenID, permissionName.c_str(), ret); + "Application %{public}u apply for %{public}u for type %{public}d.", tokenID, opCode, ret); return ret; } diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 94c1899ac0c75bf4970a394c51aa1aa65a8023ab..0559cf6b0f58ee6717b9154a0808b7105175e1b8 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -129,11 +129,10 @@ void AccessTokenManagerService::OnRemoveSystemAbility(int32_t systemAbilityId, c } } -PermUsedTypeEnum AccessTokenManagerService::GetPermissionUsedType( - AccessTokenID tokenID, const std::string& permissionName) +PermUsedTypeEnum AccessTokenManagerService::GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode) { - ACCESSTOKEN_LOG_INFO(LABEL, "TokenID=%{public}d, permission=%{public}s", tokenID, permissionName.c_str()); - return PermissionManager::GetInstance().GetPermissionUsedType(tokenID, permissionName); + ACCESSTOKEN_LOG_INFO(LABEL, "TokenID=%{public}u, opCode=%{public}u", tokenID, opCode); + return PermissionManager::GetInstance().GetPermissionUsedType(tokenID, opCode); } int AccessTokenManagerService::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index f01619f39fee59a9ebc41bc13eee1a060ca4943c..8760245aceb9219d8f247ce2618cad847081aa28 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -118,14 +118,14 @@ void AccessTokenManagerStub::GetPermissionUsedTypeInner(MessageParcel& data, Mes "WriteInt32 failed."); return; } - std::string permissionName; - if (!data.ReadString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to read permissionName."); + uint32_t opCode; + if (!data.ReadUint32(opCode)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to read opCode."); IF_FALSE_PRINT_LOG(LABEL, reply.WriteInt32( static_cast(PermUsedTypeEnum::INVALID_USED_TYPE)), "WriteInt32 failed."); return; } - PermUsedTypeEnum result = this->GetPermissionUsedType(tokenID, permissionName); + PermUsedTypeEnum result = this->GetPermissionUsedType(tokenID, opCode); int32_t type = static_cast(result); IF_FALSE_PRINT_LOG(LABEL, reply.WriteInt32(type), "WriteInt32 failed."); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index d073febc437cb0ebc22fee5cbd3c990307701577..1fb4a44da180087df30a94051ebc159994847321 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -431,14 +431,9 @@ int32_t HapTokenInfoInner::VerifyPermissionStatus(AccessTokenID tokenID, const s return PermissionDataBrief::GetInstance().VerifyPermissionStatus(tokenID, permissionName); } -PermUsedTypeEnum HapTokenInfoInner::GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName) +PermUsedTypeEnum HapTokenInfoInner::GetPermissionUsedType(AccessTokenID tokenID, uint32_t opCode) { - uint32_t code; - if (!TransferPermissionToOpcode(permissionName, code)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "permissionName is invalid %{public}s.", permissionName.c_str()); - return PermUsedTypeEnum::INVALID_USED_TYPE; - } - return PermissionDataBrief::GetInstance().GetPermissionUsedType(tokenID, code); + return PermissionDataBrief::GetInstance().GetPermissionUsedType(tokenID, opCode); } int32_t HapTokenInfoInner::QueryPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 92c48374a9486a510333186c231c5ee60f140d50..813f5a7b0d6f2e09d2c6bf11bfdb9a15eeacc1d7 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -155,21 +155,24 @@ if (is_standard_system && ability_base_enable == true) { sources += [ "src/seccomp/privacy_sec_comp_enhance_agent.cpp" ] } - if (window_manager_enable && access_token_camera_float_window_enable) { - cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] - include_dirs += - [ "${access_token_path}/services/common/window_manager/include" ] - sources += [ - "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", - ] - external_deps += [ "window_manager:libwsutils" ] + if (access_token_camera_control_enable) { + cflags_cc += [ "-DCAMERA_CONTROL_ENABLE" ] + if (window_manager_enable && access_token_camera_float_window_enable) { + cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] + include_dirs += + [ "${access_token_path}/services/common/window_manager/include" ] + sources += [ + "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", + ] + external_deps += [ "window_manager:libwsutils" ] + } } if (access_token_app_security_privacy_service_enable) { diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 29b27d677cffbf18426eddc4eb453b3cb43bb5be..689c9978a72fcdd12a16060ef4d1e176512c1df3 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -106,7 +106,6 @@ public: int32_t SetTempMutePolicy(const std::string permissionName, bool isMute); int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed); - void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); void SetLockScreenStatus(int32_t lockScreenStatus); int32_t GetLockScreenStatus(bool isIpc = false); @@ -114,9 +113,10 @@ public: void NotifyCameraWindowChange(bool isPip, AccessTokenID tokenId, bool isShowing); void OnWindowMgrRemoteDied(); #endif +#ifdef CAMERA_CONTROL_ENABLE + void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); void OnAppMgrRemoteDiedHandle(); - void OnAudioMgrRemoteDiedHandle(); - void OnCameraMgrRemoteDiedHandle(); +#endif void RemoveRecordFromStartListByPid(const AccessTokenID tokenId, int32_t pid); void RemoveRecordFromStartListByToken(const AccessTokenID tokenId); void RemoveRecordFromStartListByOp(int32_t opCode); @@ -190,9 +190,7 @@ private: void InitializeMuteState(const std::string& permissionName); int32_t GetAppStatus(AccessTokenID tokenId, int32_t pid = -1); - bool RegisterAppStatusListener(); bool Register(); - bool RegisterApplicationStateObserver(); void Unregister(); bool GetMuteParameter(const char* key, bool& isMute); @@ -222,6 +220,7 @@ private: bool isCamMixMute_ = false; bool isCamLoad_ = false; +#ifdef CAMERA_CONTROL_ENABLE // appState std::mutex appStateMutex_; sptr appStateCallback_ = nullptr; @@ -229,6 +228,7 @@ private: // app manager death std::mutex appManagerDeathMutex_; std::shared_ptr appManagerDeathCallback_ = nullptr; +#endif // lockScreenState std::mutex lockScreenStateMutex_; @@ -240,7 +240,6 @@ private: #ifdef CAMERA_FLOAT_WINDOW_ENABLE std::mutex windowMutex_; - bool isWmRegistered = false; sptr floatWindowCallback_ = nullptr; sptr pipWindowCallback_ = nullptr; diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index d1f2fe7ebd701fe03391040348239cf6f2b9b025..6d7e50259c2070da15a70935355b238c5aa4e2cf 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -112,6 +112,7 @@ PermissionRecordManager::~PermissionRecordManager() Unregister(); } +#ifdef CAMERA_CONTROL_ENABLE void PrivacyAppStateObserver::OnAppStateChanged(const AppStateData &appStateData) { ACCESSTOKEN_LOG_DEBUG(LABEL, "OnChange(id=%{public}d, pid=%{public}d, state=%{public}d).", @@ -149,6 +150,25 @@ void PrivacyAppManagerDeathCallback::NotifyAppManagerDeath() PermissionRecordManager::GetInstance().OnAppMgrRemoteDiedHandle(); } +void PermissionRecordManager::OnAppMgrRemoteDiedHandle() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "Handle app fwk died."); + std::lock_guard lock(appStateMutex_); + appStateCallback_ = nullptr; +} + +/* + * when foreground change background or background change foreground,change accessDuration and store in database, + * change status and accessDuration and timestamp in cache +*/ +void PermissionRecordManager::NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "Id %{public}u, pid %{public}d, status %{public}d", tokenId, pid, status); + // find permissions from startRecordList_ by tokenId which status diff from currStatus + ExecuteAndUpdateRecord(tokenId, pid, status); +} +#endif + void PermissionRecordManager::AddRecToCacheAndValueVec(const PermissionRecord& record, std::vector& values) { @@ -1016,17 +1036,6 @@ void PermissionRecordManager::ExecuteAndUpdateRecord(uint32_t tokenId, int32_t p } } -/* - * when foreground change background or background change foreground,change accessDuration and store in database, - * change status and accessDuration and timestamp in cache -*/ -void PermissionRecordManager::NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "Id %{public}u, pid %{public}d, status %{public}d", tokenId, pid, status); - // find permissions from startRecordList_ by tokenId which status diff from currStatus - ExecuteAndUpdateRecord(tokenId, pid, status); -} - void PermissionRecordManager::SetLockScreenStatus(int32_t lockScreenStatus) { ACCESSTOKEN_LOG_INFO(LABEL, "LockScreenStatus %{public}d", lockScreenStatus); @@ -1698,6 +1707,7 @@ int32_t PermissionRecordManager::GetAppStatus(AccessTokenID tokenId, int32_t pid bool PermissionRecordManager::Register() { +#ifdef CAMERA_CONTROL_ENABLE // app manager death callback register { std::lock_guard lock(appManagerDeathMutex_); @@ -1726,6 +1736,7 @@ bool PermissionRecordManager::Register() } } } +#endif return true; } @@ -1840,12 +1851,14 @@ void PermissionRecordManager::InitializeMuteState(const std::string& permissionN void PermissionRecordManager::Unregister() { +#ifdef CAMERA_CONTROL_ENABLE // app state change callback unregister std::lock_guard lock(appStateMutex_); if (appStateCallback_ != nullptr) { AppManagerAccessClient::GetInstance().UnregisterApplicationStateObserver(appStateCallback_); appStateCallback_= nullptr; } +#endif } bool PermissionRecordManager::GetMuteParameter(const char* key, bool& isMute) @@ -1864,34 +1877,6 @@ bool PermissionRecordManager::GetMuteParameter(const char* key, bool& isMute) return true; } -void PermissionRecordManager::OnAppMgrRemoteDiedHandle() -{ - ACCESSTOKEN_LOG_INFO(LABEL, "Handle app fwk died."); - std::lock_guard lock(appStateMutex_); - appStateCallback_ = nullptr; -} - -void PermissionRecordManager::OnAudioMgrRemoteDiedHandle() -{ - ACCESSTOKEN_LOG_INFO(LABEL, "Handle audio fwk died."); - { - std::lock_guard lock(micLoadMutex_); - isMicLoad_ = false; - } -} - -void PermissionRecordManager::OnCameraMgrRemoteDiedHandle() -{ - ACCESSTOKEN_LOG_INFO(LABEL, "Handle camera fwk died."); - { - std::lock_guard lock(camLoadMutex_); - isCamLoad_ = false; - } -#ifdef CAMERA_FLOAT_WINDOW_ENABLE - ClearWindowShowing(); -#endif -} - bool PermissionRecordManager::IsCameraWindowShow(AccessTokenID tokenId) { bool isShow = true; diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index 2fad215660910147ab16f8175dfdf110b159a6cd..a68de0986bfd3e3599f1ad21859bb9d9220c163d 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -125,21 +125,24 @@ if (is_standard_system && ability_base_enable == true) { external_deps += [ "screenlock_mgr:screenlock_client" ] } - if (window_manager_enable && access_token_camera_float_window_enable) { - cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] - include_dirs += - [ "${access_token_path}/services/common/window_manager/include" ] - sources += [ - "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", - ] - external_deps += [ "window_manager:libwsutils" ] + if (access_token_camera_control_enable) { + cflags_cc += [ "-DCAMERA_CONTROL_ENABLE" ] + if (window_manager_enable && access_token_camera_float_window_enable) { + cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] + include_dirs += + [ "${access_token_path}/services/common/window_manager/include" ] + sources += [ + "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", + ] + external_deps += [ "window_manager:libwsutils" ] + } } if (access_token_app_security_privacy_service_enable) { cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 9899247f5eb0c611c00a77c71015813584d5b46b..90530a6e4abe858f60235530f212344531a9294f 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -131,21 +131,24 @@ if (is_standard_system && ability_base_enable == true) { external_deps += [ "screenlock_mgr:screenlock_client" ] } - if (window_manager_enable && access_token_camera_float_window_enable) { - cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] - include_dirs += - [ "${access_token_path}/services/common/window_manager/include" ] - sources += [ - "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", - ] - external_deps += [ "window_manager:libwsutils" ] + if (access_token_camera_control_enable) { + cflags_cc += [ "-DCAMERA_CONTROL_ENABLE" ] + if (window_manager_enable && access_token_camera_float_window_enable) { + cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] + include_dirs += + [ "${access_token_path}/services/common/window_manager/include" ] + sources += [ + "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", + ] + external_deps += [ "window_manager:libwsutils" ] + } } if (access_token_app_security_privacy_service_enable) { diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index f8bcdfa4f10f0f5c033ca56a51a7f56a3aae6c01..88ddeacffdacc7ad79b92f0328146669601b011c 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -106,21 +106,25 @@ if (common_event_service_enable) { privacy_sources += [ "${access_token_path}/services/privacymanager/src/common/privacy_common_event_subscriber.cpp" ] } -if (window_manager_enable && access_token_camera_float_window_enable) { - privacy_cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] - privacy_include_dirs += - [ "${access_token_path}/services/common/window_manager/include" ] - privacy_sources += [ - "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", - "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", - ] - privacy_external_deps += [ "window_manager:libwsutils" ] +if (access_token_camera_control_enable) { + privacy_cflags_cc += [ "-DCAMERA_CONTROL_ENABLE" ] + + if (window_manager_enable && access_token_camera_float_window_enable) { + privacy_cflags_cc += [ "-DCAMERA_FLOAT_WINDOW_ENABLE" ] + privacy_include_dirs += + [ "${access_token_path}/services/common/window_manager/include" ] + privacy_sources += [ + "${access_token_path}/services/common/window_manager/src/privacy_mock_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_lite_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_scene_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_session_manager_proxy.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_agent.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_client.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_death_recipient.cpp", + "${access_token_path}/services/common/window_manager/src/privacy_window_manager_proxy.cpp", + ] + privacy_external_deps += [ "window_manager:libwsutils" ] + } } if (theme_screenlock_mgr_enable) {