diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 09e785e4f96a976853f9c27dad674f931ebad22d..0c00072f2057a0cea476cbd3681a22ec34657b79 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -66,6 +66,13 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(info[i].permissionName)); RETURN_IF_FALSE(out.WriteBool(info[i].userCancelable)); } + + RETURN_IF_FALSE(out.WriteUint32(this->hapPolicy.aclExtendedMap.size())); + for (auto& iter : this->hapPolicy.aclExtendedMap) { + RETURN_IF_FALSE(out.WriteString(iter.first)); + RETURN_IF_FALSE(out.WriteString(iter.second)); + } + return true; } @@ -117,6 +124,17 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel); hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); } + + uint32_t extSize; + RELEASE_IF_FALSE(in.ReadUint32(extSize), hapPolicyParcel); + for (uint32_t i = 0; i < extSize; i++) { + std::string perm; + std::string value; + RELEASE_IF_FALSE(in.ReadString(perm), hapPolicyParcel); + RELEASE_IF_FALSE(in.ReadString(value), hapPolicyParcel); + hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value; + } + return hapPolicyParcel; } } // namespace AccessToken diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp index 94226a443bb58dd5feee8f55317f45814dc4eb89..4f8c02a3208fe69c61efee76d898f155fb171b6c 100644 --- a/frameworks/accesstoken/src/permission_def_parcel.cpp +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -34,6 +34,8 @@ bool PermissionDefParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableType)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.isKernelEffect)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.hasValue)); return true; } @@ -61,6 +63,8 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) int32_t availableType; RELEASE_IF_FALSE(in.ReadInt32(availableType), permissionDefParcel); permissionDefParcel->permissionDef.availableType = ATokenAvailableTypeEnum(availableType); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.isKernelEffect), permissionDefParcel); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.hasValue), permissionDefParcel); return permissionDefParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index b8b79d432f2e99edaae4fc7a88aec717eb142645..0009cf1c472b78f2e7a21fbc455f0d2158a5df23 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -44,6 +44,7 @@ #include "permission_def.h" #include "permission_state_full.h" #include "permission_status.h" +#include #include #include @@ -165,6 +166,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; /** @@ -199,6 +201,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/permission_def.h b/interfaces/innerkits/accesstoken/include/permission_def.h index 811e97999eb822da66834a8ea8fb1a8b6ded0a3f..238df3fed4251a05d1030fd36c89b26a27f303b6 100644 --- a/interfaces/innerkits/accesstoken/include/permission_def.h +++ b/interfaces/innerkits/accesstoken/include/permission_def.h @@ -74,6 +74,8 @@ public: std::string description = ""; int descriptionId = 0; ATokenAvailableTypeEnum availableType = NORMAL; + bool isKernelEffect = false; + bool hasValue = false; }; /** diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index c740150ab92790442e3e4817acae72713bfd16aa..56d70dd20b4b5aeb5029e8d26201568422748285 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -81,6 +81,7 @@ static void TransferHapPolicyParams(const HapPolicyParams& policyIn, HapPolicy& tmp.grantFlag = perm.grantFlags[0]; policyOut.permStateList.emplace_back(tmp); } + policyOut.aclExtendedMap = policyIn.aclExtendedMap; } AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) diff --git a/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h b/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h index 6f74f7a202094a4acd6a6a5bbb59e9a23ae77731..55e93b19503cb3447026744995e54ada2785286e 100644 --- a/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h +++ b/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h @@ -34,6 +34,7 @@ enum AtmDataType { ACCESSTOKEN_PERMISSION_DEF, ACCESSTOKEN_PERMISSION_STATE, ACCESSTOKEN_PERMISSION_REQUEST_TOGGLE_STATUS, + ACCESSTOKEN_PERMISSION_EXTEND_VALUE, }; class AccessTokenDbUtil final { diff --git a/services/accesstokenmanager/main/cpp/include/database/token_field_const.h b/services/accesstokenmanager/main/cpp/include/database/token_field_const.h index 5ec731a96998d4cf1bbef448d1b71aea079adcc3..74bb061e6f35087f6e399a0606e0cf3411c40b65 100644 --- a/services/accesstokenmanager/main/cpp/include/database/token_field_const.h +++ b/services/accesstokenmanager/main/cpp/include/database/token_field_const.h @@ -52,6 +52,9 @@ public: const static std::string FIELD_GRANT_STATE; const static std::string FIELD_GRANT_FLAG; const static std::string FIELD_REQUEST_TOGGLE_STATUS; + const static std::string FIELD_KERNEL_EFFECT; + const static std::string FIELD_HAS_VALUE; + const static std::string FIELD_VALUE; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 97eb3e1ec2f7dd2c4eacf49a7b839d5315b57b1d..a062b6429954206b2154aded2d0f7ba7ba28a9f8 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -60,8 +60,7 @@ public: AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList); + const std::vector& permStateList, const HapPolicy& hapPolicy); void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); bool IsTokenIdExist(AccessTokenID id); AccessTokenID GetNativeTokenId(const std::string& processName); @@ -108,7 +107,7 @@ private: std::string GetHapUniqueStr(const std::shared_ptr& info) const; std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; int AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate); + const std::string& appId, const HapPolicy& policy, bool isUpdate); int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index cbe2de083ff9c92a0fe481e11a858679c8d18b0a..d81d995ff27359f88e0968867a4d993be23d768b 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -40,7 +40,8 @@ public: HapTokenInfoInner(AccessTokenID id, const HapTokenInfoForSync& info); virtual ~HapTokenInfoInner(); - void Update(const UpdateHapInfoParams& info, const std::vector& permStateList); + void Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy); void TranslateToHapTokenInfo(HapTokenInfo& infoParcel) const; void StoreHapInfo(std::vector& valueList, const std::string& appId, ATokenAplEnum apl) const; void StorePermissionPolicy(std::vector& permStateValues); diff --git a/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp b/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp index b27da70fbb61d322b6110df6eb543f8f92f47493..4a09e0314b4c0a19db4646082b915316f5d65a68 100644 --- a/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp @@ -46,6 +46,9 @@ const std::string TokenFiledConst::FIELD_GRANT_IS_GENERAL = "is_general"; const std::string TokenFiledConst::FIELD_GRANT_STATE = "grant_state"; const std::string TokenFiledConst::FIELD_GRANT_FLAG = "grant_flag"; const std::string TokenFiledConst::FIELD_REQUEST_TOGGLE_STATUS = "status"; +const std::string TokenFiledConst::FIELD_KERNEL_EFFECT = "kernel_effect"; +const std::string TokenFiledConst::FIELD_HAS_VALUE = "has_value"; +const std::string TokenFiledConst::FIELD_VALUE = "value"; } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp index 4b74de0b171034a951c06dfaff19152da1c2d622..178d280b7d2fd1150da6b416e8bfb5f56bca3bb5 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp @@ -43,6 +43,8 @@ static const std::string PERMISSION_AVAILABLE_LEVEL = "availableLevel"; static const std::string PERMISSION_AVAILABLE_TYPE = "availableType"; static const std::string PERMISSION_PROVISION_ENABLE = "provisionEnable"; static const std::string PERMISSION_DISTRIBUTED_SCENE_ENABLE = "distributedSceneEnable"; +static const std::string PERMISSION_IS_KERNEL_EFFECT = "isKernelEffect"; +static const std::string PERMISSION_HAS_VALUE = "hasValue"; static const std::string PERMISSION_LABEL = "label"; static const std::string PERMISSION_DESCRIPTION = "description"; static const std::string AVAILABLE_TYPE_NORMAL_HAP = "NORMAL"; @@ -154,6 +156,9 @@ void from_json(const nlohmann::json& j, PermissionDefParseRet& result) if (!JsonParser::GetBoolFromJson(j, PERMISSION_DISTRIBUTED_SCENE_ENABLE, permDef.distributedSceneEnable)) { return; } + // default value is false + JsonParser::GetBoolFromJson(j, PERMISSION_IS_KERNEL_EFFECT, permDef.isKernelEffect); + JsonParser::GetBoolFromJson(j, PERMISSION_HAS_VALUE, permDef.hasValue); permDef.bundleName = "system_ability"; if (permDef.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { result.permDef = permDef; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index db205f14f17887b4d216b42714bc493542967c25..23640451c42447d657a9e452ddbbfe3aa57a3d3c 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -436,7 +436,7 @@ int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, co return ERR_PERM_REQUEST_CFG_FAILED; } int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, - InitializedList, policyParcel.hapPolicy.apl, policyParcel.hapPolicy.permList); + InitializedList, policyParcel.hapPolicy); return ret; } int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 79823d1cefaf26efc53f8d16a56ec5f7ac29985e..0e3e66a161a05e6f83365019d4305cd3ad7a946a 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -445,21 +445,6 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) return RET_SUCCESS; } -#ifdef SUPPORT_SANDBOX_APP -static void GetPolicyCopied(const HapPolicy& policy, HapPolicy& policyNew) -{ - policyNew.apl = policy.apl; - policyNew.domain = policy.domain; - - for (const auto& state : policy.permStateList) { - policyNew.permStateList.emplace_back(state); - } - for (const auto& def : policy.permList) { - policyNew.permList.emplace_back(def); - } -} -#endif - int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy) { if ((!DataValidator::IsUserIdValid(info.userID)) || (!DataValidator::IsBundleNameValid(info.bundleName)) || @@ -499,14 +484,13 @@ int AccessTokenInfoManager::CreateHapTokenInfo( std::shared_ptr tokenInfo; HapPolicy policyNew = policy; if (info.dlpType != DLP_COMMON) { - GetPolicyCopied(policy, policyNew); DlpPermissionSetManager::GetInstance().UpdatePermStateWithDlpInfo(info.dlpType, policyNew.permStateList); } tokenInfo = std::make_shared(tokenId, info, policyNew); #else std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); #endif - AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy.apl, false); + AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); int ret = AddHapTokenInfo(tokenInfo); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); @@ -611,8 +595,7 @@ void AccessTokenInfoManager::InitNativeTokenInfos(uint32_t& nativeSize) } int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList) + const std::vector& permStateList, const HapPolicy& hapPolicy) { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) { @@ -634,13 +617,13 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const } else { tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG; } - PermissionManager::GetInstance().AddDefPermissions(permList, tokenID, true); + PermissionManager::GetInstance().AddDefPermissions(hapPolicy.permList, tokenID, true); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); - infoPtr->Update(info, permStateList); + infoPtr->Update(info, permStateList, hapPolicy); } - int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, apl, true); + int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, hapPolicy, true); if (ret != RET_SUCCESS) { return ret; } @@ -921,8 +904,20 @@ AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() return *instance; } +static void GeneratePermExtendValues(AccessTokenID tokenID, const std::map& aclExtendedMap, + std::vector& permExtendValues) +{ + for (auto& extendValue : aclExtendedMap) { + GenericValues genericValues; + genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenID)); + genericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, extendValue.first); + genericValues.Put(TokenFiledConst::FIELD_VALUE, extendValue.second); + permExtendValues.emplace_back(genericValues); + } +} + int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate) + const std::string& appId, const HapPolicy& policy, bool isUpdate) { if (hapInfo == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null!"); @@ -936,7 +931,7 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr hapInfoValues; - hapInfo->StoreHapInfo(hapInfoValues, appId, apl); + hapInfo->StoreHapInfo(hapInfoValues, appId, policy.apl); // get new permission def from cache if exist std::vector permDefValues; @@ -946,11 +941,16 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr permStateValues; hapInfo->StorePermissionPolicy(permStateValues); + // get new extend permission value + std::vector permExtendValues; + GeneratePermExtendValues(tokenID, policy.aclExtendedMap, permExtendValues); + std::vector addDataTypes; std::vector delDataTypes; addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_HAP_INFO); addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_DEF); addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_STATE); + addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE); std::vector deleteValues; if (isUpdate) { // udapte: delete and add; otherwise add only @@ -960,12 +960,14 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr> addValues; addValues.emplace_back(hapInfoValues); addValues.emplace_back(permDefValues); addValues.emplace_back(permStateValues); + addValues.emplace_back(permExtendValues); int32_t ret = AccessTokenDb::GetInstance().DeleteAndInsertValues( delDataTypes, deleteValues, addDataTypes, addValues); @@ -985,6 +987,8 @@ int AccessTokenInfoManager::RemoveHapTokenInfoFromDb(AccessTokenID tokenID) deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_HAP_INFO); deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_DEF); deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_STATE); + deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE); + deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 70211011a34a7cef377377446c7d08a4e37cace2..e6b98bba1f36588266cf89a86c8119332132fe14 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -89,7 +89,8 @@ HapTokenInfoInner::~HapTokenInfoInner() PermissionDataBrief::GetInstance().DeleteBriefPermDataByTokenId(tokenInfoBasic_.tokenID); } -void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList) +void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy) { tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion); if (info.isSystemApp) { diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 147a6e5f7c63c0db0a7180492a4a477fd6527ed6..cfe76041ecba244c08147cc2951d630803f7012d 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -624,7 +624,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "update the hap token"; @@ -656,12 +656,12 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_PARAM_INVALID, ret); info.appIDDesc = std::string("updateAppId"); ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret); } @@ -685,7 +685,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) hapInfoParams.apiVersion = DEFAULT_API_VERSION; hapInfoParams.isSystemApp = false; ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, hapInfoParams, policy.permStateList, policy.apl, policy.permList)); + tokenIdEx, hapInfoParams, policy.permStateList, policy)); AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId); } @@ -1803,7 +1803,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) UpdateHapInfoParams hapInfo; hapInfo.apiVersion = DEFAULT_API_VERSION; hapInfo.isSystemApp = false; - hap->Update(hapInfo, policy.permStateList); // permPolicySet_ is null + hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null std::string info; hap->ToString(info); // permPolicySet_ is null