diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 09e785e4f96a976853f9c27dad674f931ebad22d..0c00072f2057a0cea476cbd3681a22ec34657b79 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -66,6 +66,13 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(info[i].permissionName)); RETURN_IF_FALSE(out.WriteBool(info[i].userCancelable)); } + + RETURN_IF_FALSE(out.WriteUint32(this->hapPolicy.aclExtendedMap.size())); + for (auto& iter : this->hapPolicy.aclExtendedMap) { + RETURN_IF_FALSE(out.WriteString(iter.first)); + RETURN_IF_FALSE(out.WriteString(iter.second)); + } + return true; } @@ -117,6 +124,17 @@ HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadBool(info.userCancelable), hapPolicyParcel); hapPolicyParcel->hapPolicy.preAuthorizationInfo.emplace_back(info); } + + uint32_t extSize; + RELEASE_IF_FALSE(in.ReadUint32(extSize), hapPolicyParcel); + for (uint32_t i = 0; i < extSize; i++) { + std::string perm; + std::string value; + RELEASE_IF_FALSE(in.ReadString(perm), hapPolicyParcel); + RELEASE_IF_FALSE(in.ReadString(value), hapPolicyParcel); + hapPolicyParcel->hapPolicy.aclExtendedMap[perm] = value; + } + return hapPolicyParcel; } } // namespace AccessToken diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp index 94226a443bb58dd5feee8f55317f45814dc4eb89..4f8c02a3208fe69c61efee76d898f155fb171b6c 100644 --- a/frameworks/accesstoken/src/permission_def_parcel.cpp +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -34,6 +34,8 @@ bool PermissionDefParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableType)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.isKernelEffect)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.hasValue)); return true; } @@ -61,6 +63,8 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) int32_t availableType; RELEASE_IF_FALSE(in.ReadInt32(availableType), permissionDefParcel); permissionDefParcel->permissionDef.availableType = ATokenAvailableTypeEnum(availableType); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.isKernelEffect), permissionDefParcel); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.hasValue), permissionDefParcel); return permissionDefParcel; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index b8b79d432f2e99edaae4fc7a88aec717eb142645..0009cf1c472b78f2e7a21fbc455f0d2158a5df23 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -44,6 +44,7 @@ #include "permission_def.h" #include "permission_state_full.h" #include "permission_status.h" +#include #include #include @@ -165,6 +166,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; /** @@ -199,6 +201,7 @@ public: std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; + std::map aclExtendedMap; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/permission_def.h b/interfaces/innerkits/accesstoken/include/permission_def.h index 811e97999eb822da66834a8ea8fb1a8b6ded0a3f..238df3fed4251a05d1030fd36c89b26a27f303b6 100644 --- a/interfaces/innerkits/accesstoken/include/permission_def.h +++ b/interfaces/innerkits/accesstoken/include/permission_def.h @@ -74,6 +74,8 @@ public: std::string description = ""; int descriptionId = 0; ATokenAvailableTypeEnum availableType = NORMAL; + bool isKernelEffect = false; + bool hasValue = false; }; /** diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index c740150ab92790442e3e4817acae72713bfd16aa..56d70dd20b4b5aeb5029e8d26201568422748285 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -81,6 +81,7 @@ static void TransferHapPolicyParams(const HapPolicyParams& policyIn, HapPolicy& tmp.grantFlag = perm.grantFlags[0]; policyOut.permStateList.emplace_back(tmp); } + policyOut.aclExtendedMap = policyIn.aclExtendedMap; } AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp index 2a1e8be05ab404a814b1634909b42d32c6ce11c9..5f717e5c28d7157a81b6e88134410d223cc5a6ad 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/init_hap_token_test.cpp @@ -140,6 +140,9 @@ HWTEST_F(InitHapTokenTest, InitHapTokenFuncTest001, TestSize.Level1) HapInfoParams infoParams; HapPolicyParams policyParams; TestCommon::GetHapParams(infoParams, policyParams); + policyParams.aclExtendedMap["aaa"] = "111"; + policyParams.aclExtendedMap["bbb"] = "222"; + policyParams.aclExtendedMap["ttt"] = "666"; infoParams.isSystemApp = false; AccessTokenIDEx fullTokenId; int32_t ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); diff --git a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp index df8d70174ab9d0c87627b45394c95318686c45af..c386c89e1395b4f0d066013677fc89a4ef0aded4 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/HapTokenTest/update_hap_token_test.cpp @@ -142,6 +142,9 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1) HapInfoParams infoParams; HapPolicyParams policyParams; TestCommon::GetHapParams(infoParams, policyParams); + policyParams.aclExtendedMap["aaa"] = "111"; + policyParams.aclExtendedMap["bbb"] = "222"; + policyParams.aclExtendedMap["ttt"] = "666"; AccessTokenIDEx fullTokenId; int32_t ret = AccessTokenKit::InitHapToken(infoParams, policyParams, fullTokenId); AccessTokenID tokenID = fullTokenId.tokenIdExStruct.tokenID; @@ -152,6 +155,9 @@ HWTEST_F(UpdateHapTokenTest, UpdateHapTokenFuncTest001, TestSize.Level1) .isSystemApp = infoParams.isSystemApp, .appDistributionType = infoParams.appDistributionType }; + policyParams.aclExtendedMap["xxx"] = "qwerty"; + policyParams.aclExtendedMap["yyy"] = "123456"; + policyParams.aclExtendedMap["zzz"] = "++++++"; ret = AccessTokenKit::UpdateHapToken(fullTokenId, updateHapInfoParams, policyParams); ASSERT_EQ(RET_SUCCESS, ret); diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 97eb3e1ec2f7dd2c4eacf49a7b839d5315b57b1d..a062b6429954206b2154aded2d0f7ba7ba28a9f8 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -60,8 +60,7 @@ public: AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList); + const std::vector& permStateList, const HapPolicy& hapPolicy); void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); bool IsTokenIdExist(AccessTokenID id); AccessTokenID GetNativeTokenId(const std::string& processName); @@ -108,7 +107,7 @@ private: std::string GetHapUniqueStr(const std::shared_ptr& info) const; std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; int AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate); + const std::string& appId, const HapPolicy& policy, bool isUpdate); int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index cbe2de083ff9c92a0fe481e11a858679c8d18b0a..d81d995ff27359f88e0968867a4d993be23d768b 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -40,7 +40,8 @@ public: HapTokenInfoInner(AccessTokenID id, const HapTokenInfoForSync& info); virtual ~HapTokenInfoInner(); - void Update(const UpdateHapInfoParams& info, const std::vector& permStateList); + void Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy); void TranslateToHapTokenInfo(HapTokenInfo& infoParcel) const; void StoreHapInfo(std::vector& valueList, const std::string& appId, ATokenAplEnum apl) const; void StorePermissionPolicy(std::vector& permStateValues); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp index 4b74de0b171034a951c06dfaff19152da1c2d622..178d280b7d2fd1150da6b416e8bfb5f56bca3bb5 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_parser.cpp @@ -43,6 +43,8 @@ static const std::string PERMISSION_AVAILABLE_LEVEL = "availableLevel"; static const std::string PERMISSION_AVAILABLE_TYPE = "availableType"; static const std::string PERMISSION_PROVISION_ENABLE = "provisionEnable"; static const std::string PERMISSION_DISTRIBUTED_SCENE_ENABLE = "distributedSceneEnable"; +static const std::string PERMISSION_IS_KERNEL_EFFECT = "isKernelEffect"; +static const std::string PERMISSION_HAS_VALUE = "hasValue"; static const std::string PERMISSION_LABEL = "label"; static const std::string PERMISSION_DESCRIPTION = "description"; static const std::string AVAILABLE_TYPE_NORMAL_HAP = "NORMAL"; @@ -154,6 +156,9 @@ void from_json(const nlohmann::json& j, PermissionDefParseRet& result) if (!JsonParser::GetBoolFromJson(j, PERMISSION_DISTRIBUTED_SCENE_ENABLE, permDef.distributedSceneEnable)) { return; } + // default value is false + JsonParser::GetBoolFromJson(j, PERMISSION_IS_KERNEL_EFFECT, permDef.isKernelEffect); + JsonParser::GetBoolFromJson(j, PERMISSION_HAS_VALUE, permDef.hasValue); permDef.bundleName = "system_ability"; if (permDef.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { result.permDef = permDef; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index db205f14f17887b4d216b42714bc493542967c25..538cae0643cac21460d8de3767d7ba1ccab38ab5 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -369,10 +369,20 @@ AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& in return tokenIdEx; } +static void TttttPrint(const HapPolicy& policy) +{ + LOGI(ATM_DOMAIN, ATM_TAG, "ttttt ---------- aclExtendedMap.size = %{public}u", policy.aclExtendedMap.size()); + for (auto& ttt : policy.aclExtendedMap) { + LOGI(ATM_DOMAIN, ATM_TAG, "ttttt ---------- s1 = %{public}s, s2 = %{public}s", + ttt.first.c_str(), ttt.second.c_str()); + } +} + int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { LOGI(ATM_DOMAIN, ATM_TAG, "Init hap %{public}s.", info.hapInfoParameter.bundleName.c_str()); + TttttPrint(policy.hapPolicy); std::vector initializedList; if (info.hapInfoParameter.dlpType == DLP_COMMON) { if (!PermissionManager::GetInstance().InitPermissionList(info.hapInfoParameter.appDistributionType, @@ -430,13 +440,14 @@ int32_t AccessTokenManagerService::UpdateHapToken(AccessTokenIDEx& tokenIdEx, co const HapPolicyParcel& policyParcel, HapInfoCheckResult& result) { LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenIdEx.tokenIdExStruct.tokenID); + TttttPrint(policyParcel.hapPolicy); std::vector InitializedList; if (!PermissionManager::GetInstance().InitPermissionList( info.appDistributionType, policyParcel.hapPolicy, InitializedList, result)) { return ERR_PERM_REQUEST_CFG_FAILED; } int32_t ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx, info, - InitializedList, policyParcel.hapPolicy.apl, policyParcel.hapPolicy.permList); + InitializedList, policyParcel.hapPolicy); return ret; } int32_t AccessTokenManagerService::GetTokenIDByUserID(int32_t userID, std::unordered_set& tokenIdList) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 79823d1cefaf26efc53f8d16a56ec5f7ac29985e..48ce36cb8b601c12ccbbe751e6afcce28289b138 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -445,21 +445,6 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) return RET_SUCCESS; } -#ifdef SUPPORT_SANDBOX_APP -static void GetPolicyCopied(const HapPolicy& policy, HapPolicy& policyNew) -{ - policyNew.apl = policy.apl; - policyNew.domain = policy.domain; - - for (const auto& state : policy.permStateList) { - policyNew.permStateList.emplace_back(state); - } - for (const auto& def : policy.permList) { - policyNew.permList.emplace_back(def); - } -} -#endif - int32_t AccessTokenInfoManager::CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy) { if ((!DataValidator::IsUserIdValid(info.userID)) || (!DataValidator::IsBundleNameValid(info.bundleName)) || @@ -499,14 +484,13 @@ int AccessTokenInfoManager::CreateHapTokenInfo( std::shared_ptr tokenInfo; HapPolicy policyNew = policy; if (info.dlpType != DLP_COMMON) { - GetPolicyCopied(policy, policyNew); DlpPermissionSetManager::GetInstance().UpdatePermStateWithDlpInfo(info.dlpType, policyNew.permStateList); } tokenInfo = std::make_shared(tokenId, info, policyNew); #else std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); #endif - AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy.apl, false); + AddHapTokenInfoToDb(tokenInfo, info.appIDDesc, policy, false); int ret = AddHapTokenInfo(tokenInfo); if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); @@ -611,8 +595,7 @@ void AccessTokenInfoManager::InitNativeTokenInfos(uint32_t& nativeSize) } int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, - const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList) + const std::vector& permStateList, const HapPolicy& hapPolicy) { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) { @@ -634,13 +617,13 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const } else { tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG; } - PermissionManager::GetInstance().AddDefPermissions(permList, tokenID, true); + PermissionManager::GetInstance().AddDefPermissions(hapPolicy.permList, tokenID, true); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); - infoPtr->Update(info, permStateList); + infoPtr->Update(info, permStateList, hapPolicy); } - int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, apl, true); + int32_t ret = AddHapTokenInfoToDb(infoPtr, info.appIDDesc, hapPolicy, true); if (ret != RET_SUCCESS) { return ret; } @@ -922,7 +905,7 @@ AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() } int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr& hapInfo, - const std::string& appId, ATokenAplEnum apl, bool isUpdate) + const std::string& appId, const HapPolicy& policy, bool isUpdate) { if (hapInfo == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Token info is null!"); @@ -936,7 +919,7 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr hapInfoValues; - hapInfo->StoreHapInfo(hapInfoValues, appId, apl); + hapInfo->StoreHapInfo(hapInfoValues, appId, policy.apl); // get new permission def from cache if exist std::vector permDefValues; diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 70211011a34a7cef377377446c7d08a4e37cace2..e6b98bba1f36588266cf89a86c8119332132fe14 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -89,7 +89,8 @@ HapTokenInfoInner::~HapTokenInfoInner() PermissionDataBrief::GetInstance().DeleteBriefPermDataByTokenId(tokenInfoBasic_.tokenID); } -void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList) +void HapTokenInfoInner::Update(const UpdateHapInfoParams& info, const std::vector& permStateList, + const HapPolicy& hapPolicy) { tokenInfoBasic_.apiVersion = GetApiVersion(info.apiVersion); if (info.isSystemApp) { diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 147a6e5f7c63c0db0a7180492a4a477fd6527ed6..cfe76041ecba244c08147cc2951d630803f7012d 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -624,7 +624,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "update the hap token"; @@ -656,12 +656,12 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken002, TestSize.Level1) info.apiVersion = DEFAULT_API_VERSION; info.isSystemApp = false; int ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_PARAM_INVALID, ret); info.appIDDesc = std::string("updateAppId"); ret = AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, info, policy.permStateList, policy.apl, policy.permList); + tokenIdEx, info, policy.permStateList, policy); ASSERT_EQ(ERR_TOKENID_NOT_EXIST, ret); } @@ -685,7 +685,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken003, TestSize.Level1) hapInfoParams.apiVersion = DEFAULT_API_VERSION; hapInfoParams.isSystemApp = false; ASSERT_EQ(ERR_IDENTITY_CHECK_FAILED, AccessTokenInfoManager::GetInstance().UpdateHapToken( - tokenIdEx, hapInfoParams, policy.permStateList, policy.apl, policy.permList)); + tokenIdEx, hapInfoParams, policy.permStateList, policy)); AccessTokenInfoManager::GetInstance().hapTokenInfoMap_.erase(tokenId); } @@ -1803,7 +1803,7 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level1) UpdateHapInfoParams hapInfo; hapInfo.apiVersion = DEFAULT_API_VERSION; hapInfo.isSystemApp = false; - hap->Update(hapInfo, policy.permStateList); // permPolicySet_ is null + hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null std::string info; hap->ToString(info); // permPolicySet_ is null