From 9649624d4df2b3277c88a8424156001c7e2cef24 Mon Sep 17 00:00:00 2001 From: bigtea Date: Tue, 18 Feb 2025 15:00:23 +0800 Subject: [PATCH] Add kv permission Signed-off-by: bigtea --- .../accesstoken/src/hap_policy_parcel.cpp | 18 +++++++ .../accesstoken/src/permission_def_parcel.cpp | 4 ++ .../accesstoken/include/hap_token_info.h | 3 ++ .../accesstoken/include/permission_def.h | 2 + .../accesstoken/src/accesstoken_kit.cpp | 1 + .../include/database/access_token_db_util.h | 1 + .../cpp/include/database/token_field_const.h | 3 ++ .../include/token/accesstoken_info_manager.h | 5 +- .../cpp/include/token/hap_token_info_inner.h | 3 +- .../cpp/src/database/token_field_const.cpp | 3 ++ .../permission_definition_parser.cpp | 5 ++ .../service/accesstoken_manager_service.cpp | 2 +- .../src/token/accesstoken_info_manager.cpp | 52 ++++++++++--------- .../cpp/src/token/hap_token_info_inner.cpp | 3 +- .../accesstoken_info_manager_test.cpp | 10 ++-- 15 files changed, 80 insertions(+), 35 deletions(-) diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 09e785e4f..0c00072f2 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -66,6 +66,13 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(info[i].permissionName)); RETURN_IF_FALSE(out.WriteBool(info[i].userCancelable)); } + + RETURN_IF_FALSE(out.WriteUint32(this->hapPolicy.aclExtendedMap.size())); + for (auto& iter : this->hapPolicy.aclExtendedMap) { + RETURN_IF_FALSE(out.WriteString(iter.first)); + RETURN_IF_FALSE(out.WriteString(iter.second)); + } + return true; } @@ -117,6 +124,17 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel); hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); } + + uint32_t extSize; + RELEASE_IF_FALSE(in.ReadUint32(extSize), hapPolicyParcel); + for (uint32_t i = 0; i < extSize; i++) { + std::string perm; + std::string value; + RELEASE_IF_FALSE(in.ReadString(perm), hapPolicyParcel); + RELEASE_IF_FALSE(in.ReadString(value), hapPolicyParcel); + hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value; + } + return hapPolicyParcel; } } // namespace AccessToken diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp index 94226a443..4f8c02a32 100644 --- a/frameworks/accesstoken/src/permission_def_parcel.cpp +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -34,6 +34,8 @@ bool PermissionDefParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableType)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.isKernelEffect)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.hasValue)); return true; } @@ -61,6 +63,8 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) int32_t availableType; RELEASE_IF_FALSE(in.ReadInt32(availableType), permissionDefParcel); permissionDefParcel->permissionDef.availableType = ATokenAvailableTypeEnum(availableType); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.isKernelEffect), permissionDefParcel); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.hasValue), permissionDefParcel); return permissionDefParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index b8b79d432..0009cf1c4 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -44,6 +44,7 @@ #include "permission_def.h" #include "permission_state_full.h" #include "permission_status.h" +#include #include #include @@ -165,6 +166,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; /** @@ -199,6 +201,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/permission_def.h b/interfaces/innerkits/accesstoken/include/permission_def.h index 811e97999..238df3fed 100644 --- a/interfaces/innerkits/accesstoken/include/permission_def.h +++ b/interfaces/innerkits/accesstoken/include/permission_def.h @@ -74,6 +74,8 @@ public: std::string description = ""; int descriptionId = 0; ATokenAvailableTypeEnum availableType = NORMAL; + bool isKernelEffect = false; + bool hasValue = false; }; /** diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index c740150ab..56d70dd20 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -81,6 +81,7 @@ static void TransferHapPolicyParams(const HapPolicyParams& policyIn, HapPolicy& tmp.grantFlag = perm.grantFlags[0]; policyOut.permStateList.emplace_back(tmp); } + policyOut.aclExtendedMap = policyIn.aclExtendedMap; } AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) diff --git a/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h b/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h index 6f74f7a20..55e93b195 100644 --- a/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h +++ b/services/accesstokenmanager/main/cpp/include/database/access_token_db_util.h @@ -34,6 +34,7 @@ enum AtmDataType { ACCESSTOKEN_PERMISSION_DEF, ACCESSTOKEN_PERMISSION_STATE, ACCESSTOKEN_PERMISSION_REQUEST_TOGGLE_STATUS, + ACCESSTOKEN_PERMISSION_EXTEND_VALUE, }; class AccessTokenDbUtil final { diff --git a/services/accesstokenmanager/main/cpp/include/database/token_field_const.h b/services/accesstokenmanager/main/cpp/include/database/token_field_const.h index 5ec731a96..74bb061e6 100644 --- a/services/accesstokenmanager/main/cpp/include/database/token_field_const.h +++ b/services/accesstokenmanager/main/cpp/include/database/token_field_const.h @@ -52,6 +52,9 @@ public: const static std::string FIELD_GRANT_STATE; const static std::string FIELD_GRANT_FLAG; const static std::string FIELD_REQUEST_TOGGLE_STATUS; + const static std::string FIELD_KERNEL_EFFECT; + const static std::string FIELD_HAS_VALUE; + const static std::string FIELD_VALUE; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 97eb3e1ec..a062b6429 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -60,8 +60,7 @@ public: AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList); + const std::vector& permStateList, const HapPolicy& hapPolicy); void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); bool IsTokenIdExist(AccessTokenID id); AccessTokenID GetNativeTokenId(const std::string& processName); @@ -108,7 +107,7 @@ private: std::string GetHapUniqueStr(const std::shared_ptr& info) const; std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; int AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate); + const std::string& appId, const HapPolicy& policy, bool isUpdate); int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index cbe2de083..d81d995ff 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -40,7 +40,8 @@ public: HapTokenInfoInner(AccessTokenID id, const HapTokenInfoForSync& info); virtual ~HapTokenInfoInner(); - void Update(const UpdateHapInfoParams& info, const std::vector& permStateList); + void Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy); void TranslateToHapTokenInfo(HapTokenInfo& infoParcel) const; void StoreHapInfo(std::vector& valueList, const std::string& appId, ATokenAplEnum apl) const; void StorePermissionPolicy(std::vector& permStateValues); diff --git a/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp b/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp index b27da70fb..4a09e0314 100644 --- a/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp @@ -46,6 +46,9 @@ const std::string TokenFiledConst::FIELD_GRANT_IS_GENERAL = "is_general"; const std::string TokenFiledConst::FIELD_GRANT_STATE = "grant_state"; const std::string TokenFiledConst::FIELD_GRANT_FLAG = "grant_flag"; const std::string TokenFiledConst::FIELD_REQUEST_TOGGLE_STATUS = "status"; +const std::string TokenFiledConst::FIELD_KERNEL_EFFECT = "kernel_effect"; +const std::string TokenFiledConst::FIELD_HAS_VALUE = "has_value"; +const std::string TokenFiledConst::FIELD_VALUE = "value"; } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp index 4b74de0b1..178d280b7 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp @@ -43,6 +43,8 @@ static const std::string PERMISSION_AVAILABLE_LEVEL = "availableLevel"; static const std::string PERMISSION_AVAILABLE_TYPE = "availableType"; static const std::string PERMISSION_PROVISION_ENABLE = "provisionEnable"; static const std::string PERMISSION_DISTRIBUTED_SCENE_ENABLE = "distributedSceneEnable"; +static const std::string PERMISSION_IS_KERNEL_EFFECT = "isKernelEffect"; +static const std::string PERMISSION_HAS_VALUE = "hasValue"; static const std::string PERMISSION_LABEL = "label"; static const std::string PERMISSION_DESCRIPTION = "description"; static const std::string AVAILABLE_TYPE_NORMAL_HAP = "NORMAL"; @@ -154,6 +156,9 @@ void from_json(const nlohmann::json& j, PermissionDefParseRet& result) if (!JsonParser::GetBoolFromJson(j, PERMISSION_DISTRIBUTED_SCENE_ENABLE, permDef.distributedSceneEnable)) { return; } + // default value is false + JsonParser::GetBoolFromJson(j, PERMISSION_IS_KERNEL_EFFECT, permDef.isKernelEffect); + JsonParser::GetBoolFromJson(j, PERMISSION_HAS_VALUE, permDef.hasValue); permDef.bundleName = "system_ability"; if (permDef.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { result.permDef = permDef; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index db205f14f..23640451c 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -436,7 +436,7 @@ int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, co return ERR_PERM_REQUEST_CFG_FAILED; } int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, - InitializedList, policyParcel.hapPolicy.apl, policyParcel.hapPolicy.permList); + InitializedList, policyParcel.hapPolicy); return ret; } int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 79823d1ce..0e3e66a16 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -445,21 +445,6 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) return RET_SUCCESS; } -#ifdef SUPPORT_SANDBOX_APP -static void GetPolicyCopied(const HapPolicy& policy, HapPolicy& policyNew) -{ - policyNew.apl = policy.apl; - policyNew.domain = policy.domain; - - for (const auto& state : policy.permStateList) { - policyNew.permStateList.emplace_back(state); - } - for (const auto& def : policy.permList) { - policyNew.permList.emplace_back(def); - } -} -#endif - int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy) { if ((!DataValidator::IsUserIdValid(info.userID)) || (!DataValidator::IsBundleNameValid(info.bundleName)) || @@ -499,14 +484,13 @@ int AccessTokenInfoManager::CreateHapTokenInfo( std::shared_ptr tokenInfo; HapPolicy policyNew = policy; if (info.dlpType != DLP_COMMON) { - GetPolicyCopied(policy, policyNew); DlpPermissionSetManager::GetInstance().UpdatePermStateWithDlpInfo(info.dlpType, policyNew.permStateList); } tokenInfo = std::make_shared(tokenId, info, policyNew); #else std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); #endif - AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy.apl, false); + AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); int ret = AddHapTokenInfo(tokenInfo); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); @@ -611,8 +595,7 @@ void AccessTokenInfoManager::InitNativeTokenInfos(uint32_t& nativeSize) } int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList) + const std::vector& permStateList, const HapPolicy& hapPolicy) { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) { @@ -634,13 +617,13 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const } else { tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG; } - PermissionManager::GetInstance().AddDefPermissions(permList, tokenID, true); + PermissionManager::GetInstance().AddDefPermissions(hapPolicy.permList, tokenID, true); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); - infoPtr->Update(info, permStateList); + infoPtr->Update(info, permStateList, hapPolicy); } - int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, apl, true); + int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, hapPolicy, true); if (ret != RET_SUCCESS) { return ret; } @@ -921,8 +904,20 @@ AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() return *instance; } +static void GeneratePermExtendValues(AccessTokenID tokenID, const std::map& aclExtendedMap, + std::vector& permExtendValues) +{ + for (auto& extendValue : aclExtendedMap) { + GenericValues genericValues; + genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(tokenID)); + genericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, extendValue.first); + genericValues.Put(TokenFiledConst::FIELD_VALUE, extendValue.second); + permExtendValues.emplace_back(genericValues); + } +} + int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate) + const std::string& appId, const HapPolicy& policy, bool isUpdate) { if (hapInfo == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null!"); @@ -936,7 +931,7 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr hapInfoValues; - hapInfo->StoreHapInfo(hapInfoValues, appId, apl); + hapInfo->StoreHapInfo(hapInfoValues, appId, policy.apl); // get new permission def from cache if exist std::vector permDefValues; @@ -946,11 +941,16 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr permStateValues; hapInfo->StorePermissionPolicy(permStateValues); + // get new extend permission value + std::vector permExtendValues; + GeneratePermExtendValues(tokenID, policy.aclExtendedMap, permExtendValues); + std::vector addDataTypes; std::vector delDataTypes; addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_HAP_INFO); addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_DEF); addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_STATE); + addDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE); std::vector deleteValues; if (isUpdate) { // udapte: delete and add; otherwise add only @@ -960,12 +960,14 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr> addValues; addValues.emplace_back(hapInfoValues); addValues.emplace_back(permDefValues); addValues.emplace_back(permStateValues); + addValues.emplace_back(permExtendValues); int32_t ret = AccessTokenDb::GetInstance().DeleteAndInsertValues( delDataTypes, deleteValues, addDataTypes, addValues); @@ -985,6 +987,8 @@ int AccessTokenInfoManager::RemoveHapTokenInfoFromDb(AccessTokenID tokenID) deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_HAP_INFO); deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_DEF); deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_STATE); + deleteDataTypes.emplace_back(AtmDataType::ACCESSTOKEN_PERMISSION_EXTEND_VALUE); + deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); deleteValues.emplace_back(condition); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 70211011a..e6b98bba1 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -89,7 +89,8 @@ HapTokenInfoInner::~HapTokenInfoInner() PermissionDataBrief::GetInstance().DeleteBriefPermDataByTokenId(tokenInfoBasic_.tokenID); } -void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList) +void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy) { tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion); if (info.isSystemApp) { diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 147a6e5f7..cfe76041e 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -624,7 +624,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "update the hap token"; @@ -656,12 +656,12 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_PARAM_INVALID, ret); info.appIDDesc = std::string("updateAppId"); ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret); } @@ -685,7 +685,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) hapInfoParams.apiVersion = DEFAULT_API_VERSION; hapInfoParams.isSystemApp = false; ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, hapInfoParams, policy.permStateList, policy.apl, policy.permList)); + tokenIdEx, hapInfoParams, policy.permStateList, policy)); AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId); } @@ -1803,7 +1803,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) UpdateHapInfoParams hapInfo; hapInfo.apiVersion = DEFAULT_API_VERSION; hapInfo.isSystemApp = false; - hap->Update(hapInfo, policy.permStateList); // permPolicySet_ is null + hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null std::string info; hap->ToString(info); // permPolicySet_ is null -- Gitee