diff --git a/README.md b/README.md index 81034313acc09da0f63dea661d1181d9ed3ae140..d2071c81cf723ea17c7b13c165e5f6bc70f8e726 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,6 @@ The following figure shows the ATM architecture. | int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); | Obtains the native token information.| | int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); | Checks whether an access token has the specified permission.| | int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); | Obtains definition information about the specified permission.| -| int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); | Obtains the permission definition set of a HAP.| | int GetReqPermissions(AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); | Obtains the status set of the permission requested by a HAP.| | int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); | Obtains the permissions of the app with the specified token ID.| | int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | Grants a permission to the app with the specified token ID.| diff --git a/README_zh.md b/README_zh.md index 4202198cf7a366cf4abfe3b60e18d8682d496ff7..a3b840c47c74cd3c67cbd6004bf4c72a17f62d90 100644 --- a/README_zh.md +++ b/README_zh.md @@ -69,7 +69,6 @@ ATM部件的架构图如下所示: | int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); | 查询指定tokenID对应的native的tokenInfo信息 | | int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); | 检查指定tokenID是否具有指定权限 | | int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); | 查询指定权限的权限定义信息 | -| int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); | 查询指定tokenID对应的hap包的权限定义集合 | | int GetReqPermissions(AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); | 查询指定tokenID对应的hap包申请的权限状态集合 | | int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); | 查询指定tokenID的应用的指定权限 | | int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 授予指定tokenID的应用的指定权限 | diff --git a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h index 9ef4d29ffb688ff9761111d39f4168972280e1c3..b7768d42164ffdab349e3c7f20103bc01719bec3 100644 --- a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h +++ b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h @@ -23,7 +23,6 @@ namespace AccessToken { enum class AccessTokenInterfaceCode { VERIFY_ACCESSTOKEN = 0x0000, GET_DEF_PERMISSION, - GET_DEF_PERMISSIONS, GET_REQ_PERMISSIONS, GET_PERMISSION_FLAG, GRANT_PERMISSION, diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 5ec9285f4ed86c4eb07d6a51c6cab1321a587e64..633ec30f0d51867313d2569a3c173a46adc09596 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -53,7 +53,6 @@ public: virtual int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) = 0; virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; - virtual int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) = 0; virtual int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) = 0; virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) = 0; diff --git a/frameworks/accesstoken/include/permission_def_parcel.h b/frameworks/accesstoken/include/permission_def_parcel.h index c509deb9167cc207010e5d44fd18c53477f889ec..5b6d543eb4dcb693127bd1a7a51cc5a390781fe5 100644 --- a/frameworks/accesstoken/include/permission_def_parcel.h +++ b/frameworks/accesstoken/include/permission_def_parcel.h @@ -31,7 +31,7 @@ struct PermissionDefParcel final : public Parcelable { static PermissionDefParcel *Unmarshalling(Parcel &in); - PermissionDef permissionDef; + PermissionDefData permissionDef; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 2f97c490c1e1e5e56af4d911ebb7765919810f9a..93d9fa174b22c4c7cba82ea2c784e0e85d43bd13 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -30,7 +30,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteInt32(this->hapPolicy.apl)); RETURN_IF_FALSE(out.WriteString(this->hapPolicy.domain)); - const std::vector& permList = this->hapPolicy.permList; + const std::vector& permList = this->hapPolicy.permList; uint32_t permListSize = permList.size(); RETURN_IF_FALSE(out.WriteUint32(permListSize)); diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp index 94226a443bb58dd5feee8f55317f45814dc4eb89..0d86c81adb8777db9777a16b6a40c93acdb70fdc 100644 --- a/frameworks/accesstoken/src/permission_def_parcel.cpp +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -24,14 +24,11 @@ namespace AccessToken { bool PermissionDefParcel::Marshalling(Parcel& out) const { RETURN_IF_FALSE(out.WriteString(this->permissionDef.permissionName)); - RETURN_IF_FALSE(out.WriteString(this->permissionDef.bundleName)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.grantMode)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableLevel)); RETURN_IF_FALSE(out.WriteBool(this->permissionDef.provisionEnable)); RETURN_IF_FALSE(out.WriteBool(this->permissionDef.distributedSceneEnable)); - RETURN_IF_FALSE(out.WriteString(this->permissionDef.label)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.labelId)); - RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableType)); return true; @@ -45,7 +42,6 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) } permissionDefParcel->permissionDef.permissionName = in.ReadString(); - permissionDefParcel->permissionDef.bundleName = in.ReadString(); RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.grantMode), permissionDefParcel); int level; @@ -54,9 +50,7 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.provisionEnable), permissionDefParcel); RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.distributedSceneEnable), permissionDefParcel); - permissionDefParcel->permissionDef.label = in.ReadString(); RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.labelId), permissionDefParcel); - permissionDefParcel->permissionDef.description = in.ReadString(); RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.descriptionId), permissionDefParcel); int32_t availableType; RELEASE_IF_FALSE(in.ReadInt32(availableType), permissionDefParcel); diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h index 1ee7c352ee08782044319947c57ed8172b7f9f88..4e7015b954560379c707f090fe3b14ce949eb9a9 100644 --- a/frameworks/common/include/data_validator.h +++ b/frameworks/common/include/data_validator.h @@ -43,10 +43,6 @@ public: static bool IsProcessNameValid(const std::string& processName); static bool IsDeviceIdValid(const std::string& deviceId); - - static bool IsLabelValid(const std::string& label); - - static bool IsDescValid(const std::string& desc); static bool IsPermissionFlagValid(uint32_t flag); static bool IsDcapValid(const std::string& dcap); static bool IsTokenIDValid(AccessTokenID id); diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 22fa6eea2891b6f14f6f4bf8b58e8e50db30f941..bef15344c378972b02435d89bad02c8f947d5025 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -30,16 +30,6 @@ bool DataValidator::IsBundleNameValid(const std::string& bundleName) return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH); } -bool DataValidator::IsLabelValid(const std::string& label) -{ - return label.length() <= MAX_LENGTH; -} - -bool DataValidator::IsDescValid(const std::string& desc) -{ - return desc.length() <= MAX_LENGTH; -} - bool DataValidator::IsPermissionNameValid(const std::string& permissionName) { if (permissionName.empty() || (permissionName.length() > MAX_LENGTH)) { diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp index ebafe0eb737d453bd0fafb944f36f45a3fd75c48..ed7c92fb5f71d7634ce45f1612d217d133b0ef66 100644 --- a/frameworks/test/unittest/accesstoken_parcel_test.cpp +++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp @@ -43,24 +43,18 @@ static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA"; static constexpr AccessTokenID TEST_TOKEN_ID = 10002; static constexpr int32_t TEST_PERMSTATE_CHANGE_TYPE = 10001; -PermissionDef g_permDefAlpha = { +PermissionDefData g_permDefAlpha = { .permissionName = TEST_PERMISSION_NAME_ALPHA, - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, - .label = "label", .labelId = 1, - .description = "annoying", .descriptionId = 1 }; -PermissionDef g_permDefBeta = { +PermissionDefData g_permDefBeta = { .permissionName = TEST_PERMISSION_NAME_BETA, - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, - .label = "label", .labelId = 1, - .description = "so trouble", .descriptionId = 1 }; @@ -152,18 +146,12 @@ HWTEST_F(AccessTokenParcelTest, HapPolicyParcel001, TestSize.Level1) for (uint32_t i = 0; i < hapPolicyParcel.hapPolicy.permList.size(); i++) { EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].permissionName, readedData->hapPolicy.permList[i].permissionName); - EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].bundleName, - readedData->hapPolicy.permList[i].bundleName); EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].grantMode, readedData->hapPolicy.permList[i].grantMode); EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].availableLevel, readedData->hapPolicy.permList[i].availableLevel); - EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].label, - readedData->hapPolicy.permList[i].label); EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].labelId, readedData->hapPolicy.permList[i].labelId); - EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].description, - readedData->hapPolicy.permList[i].description); EXPECT_EQ(hapPolicyParcel.hapPolicy.permList[i].descriptionId, readedData->hapPolicy.permList[i].descriptionId); } diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 32bf54fbf262e57fbb6fe11a2aeb099b70b64bc2..3e782a7a789f6aea42a2903d37614d036ad359ca 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -257,13 +257,6 @@ public: * @return error code, see access_token_error.h */ static int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); - /** - * @brief Get all permission definitions by token id. - * @param tokenID token id - * @param permList PermissionDef list quote, as query result - * @return error code, see access_token_error.h - */ - static int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); /** * @brief Get all requested permission full state by token id and grant mode. * @param tokenID token id diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index 0f090e7561103f9353596d1ff8ab9333d0bf3686..7081b2c84d6931bfe9f60ee03dd4089c068787fd 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -196,7 +196,7 @@ public: */ ATokenAplEnum apl; std::string domain; - std::vector permList; + std::vector permList; std::vector permStateList; std::vector aclRequestedList; std::vector preAuthorizationInfo; diff --git a/interfaces/innerkits/accesstoken/include/permission_def.h b/interfaces/innerkits/accesstoken/include/permission_def.h index 811e97999eb822da66834a8ea8fb1a8b6ded0a3f..4e8899d1eba50bbc795962e8a4bcf600c223e5b7 100644 --- a/interfaces/innerkits/accesstoken/include/permission_def.h +++ b/interfaces/innerkits/accesstoken/include/permission_def.h @@ -81,8 +81,24 @@ public: */ class PermissionDefData final { public: - AccessTokenID tokenId; - PermissionDef permDef; + /** permission name */ + std::string permissionName; + /** + * grant mode, for details about the valid values, + * see the definition of GrantMode in the access_token.h file. + */ + int32_t grantMode; + /** which SDK version can use this permission to develop app */ + ATokenAplEnum availableLevel; + /** indicats whether this permission can be access control list permission */ + bool provisionEnable; + /** + * indicates whether the distributed scene can use this permission or not + */ + bool distributedSceneEnable; + int labelId = 0; + int descriptionId = 0; + ATokenAvailableTypeEnum availableType = NORMAL; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map index 69b329fffcf42472699562974f9b223a429da8fb..1344687a6aaa22db6309f4c06e361217b89ae016 100644 --- a/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map +++ b/interfaces/innerkits/accesstoken/libaccesstoken_sdk.map @@ -45,7 +45,6 @@ "OHOS::Security::AccessToken::AccessTokenKit::DeleteRemoteDeviceTokens(std::__h::basic_string, std::__h::allocator> const&)"; "OHOS::Security::AccessToken::PermStateChangeCallbackCustomize::~PermStateChangeCallbackCustomize()"; "OHOS::Security::AccessToken::AccessTokenKit::GetDefPermission(std::__h::basic_string, std::__h::allocator> const&, OHOS::Security::AccessToken::PermissionDef&)"; - "OHOS::Security::AccessToken::AccessTokenKit::GetDefPermissions(unsigned int, std::__h::vector>&)"; "OHOS::Security::AccessToken::AccessTokenKit::GetReqPermissions(unsigned int, std::__h::vector>&, bool)"; "OHOS::Security::AccessToken::AccessTokenKit::VerifyAccessToken(unsigned int, std::__h::basic_string, std::__h::allocator> const&)"; "OHOS::Security::AccessToken::AccessTokenKit::VerifyAccessToken(unsigned int, std::__h::basic_string, std::__h::allocator> const&, bool)"; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index a8c1fe99b92f979078ff4b1ade6a489a40ac6126..7dca7f35c28091d0b9e00cfe2c3af3a97a7051fd 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -71,7 +71,12 @@ static void TransferHapPolicyParams(const HapPolicyParams& policyIn, HapPolicy& { policyOut.apl = policyIn.apl; policyOut.domain = policyIn.domain; - policyOut.permList.assign(policyIn.permList.begin(), policyIn.permList.end()); + for (const auto& permDef : policyIn.permList) { + PermissionDefData tmp; + // todo + tmp.permissionName = permDef.permissionName; + policyOut.permList.emplace_back(tmp); + } policyOut.aclRequestedList.assign(policyIn.aclRequestedList.begin(), policyIn.aclRequestedList.end()); policyOut.preAuthorizationInfo.assign(policyIn.preAuthorizationInfo.begin(), policyIn.preAuthorizationInfo.end()); for (const auto& perm : policyIn.permStateList) { @@ -404,6 +409,18 @@ int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::vector& permDefList) __attribute__((no_sanitize("cfi"))) -{ - LOGD(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d.", tokenID); - if (tokenID == INVALID_TOKENID) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenID is invalid"); - return AccessTokenError::ERR_PARAM_INVALID; - } - - return AccessTokenManagerClient::GetInstance().GetDefPermissions(tokenID, permDefList); -} - int AccessTokenKit::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 66df084ada76083ba6816493658086196b035bdc..8646221fb7dcbb546c70f02bab2c27514fe1c985 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -101,9 +101,8 @@ int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, } return proxy->VerifyAccessToken(tokenID, permissionList, permStateList); } - int AccessTokenManagerClient::GetDefPermission( - const std::string& permissionName, PermissionDef& permissionDefResult) + const std::string& permissionName, PermissionDefData& permissionDefResult) { auto proxy = GetProxy(); if (proxy == nullptr) { @@ -116,22 +115,6 @@ int AccessTokenManagerClient::GetDefPermission( return result; } -int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) -{ - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); - return AccessTokenError::ERR_SERVICE_ABNORMAL; - } - std::vector parcelList; - int result = proxy->GetDefPermissions(tokenID, parcelList); - for (const auto& permParcel : parcelList) { - PermissionDef perm = permParcel.permissionDef; - permList.emplace_back(perm); - } - return result; -} - int AccessTokenManagerClient::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index c185a95f6f33a1fa0087c19d85f1ccbb7edc032f..2db4d40e0ccf45e27e5aba3d50c79eca5dc7533f 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -52,8 +52,7 @@ public: int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList); - int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); - int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); + int GetDefPermission(const std::string& permissionName, PermissionDefData& permissionDefResult); int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 78b220a7c8536f0a9416263fa23cf97590ccc03d..e8c3416baa113beb32038f7bfd1a2d9dfea20e8a 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -177,43 +177,6 @@ int AccessTokenManagerProxy::GetDefPermission( return result; } -int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, - std::vector& permList) -{ - MessageParcel data; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return ERR_WRITE_PARCEL_FAILED; - } - if (!data.WriteUint32(tokenID)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteUint32 failed."); - return ERR_WRITE_PARCEL_FAILED; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::GET_DEF_PERMISSIONS, data, reply)) { - return ERR_SERVICE_ABNORMAL; - } - - int32_t result = reply.ReadInt32(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (error=%{public}d).", result); - if (result != RET_SUCCESS) { - return result; - } - uint32_t defPermSize = reply.ReadUint32(); - if (defPermSize > MAX_PERMISSION_SIZE) { - LOGE(ATM_DOMAIN, ATM_TAG, "Size(%{public}u) is oversize.", defPermSize); - return ERR_OVERSIZE; - } - for (uint32_t i = 0; i < defPermSize; i++) { - sptr permissionDef = reply.ReadParcelable(); - if (permissionDef != nullptr) { - permList.emplace_back(*permissionDef); - } - } - return result; -} - int AccessTokenManagerProxy::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 3c79708d665cd1db76e130d7ff83d24502eb6025..0c08d176d4989d75c0d3aa2a0cadbf83a1cc899a 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -48,7 +48,6 @@ public: int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) override; int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; - int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) override; diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp index 927de028f11451060e43c2c202e68bb51dc0cd00..3570f803ba47a4bbdceaf1a526a2fc9619518f9e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/get_permission_test.cpp @@ -233,114 +233,6 @@ HWTEST_F(GetPermissionTest, GetDefPermissionAbnormalTest001, TestSize.Level1) ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); } -/** - * @tc.name: GetDefPermissionSpecTest001 - * @tc.desc: GetDefPermission is invoked multiple times. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, GetDefPermissionSpecTest001, TestSize.Level0) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionSpecTest001"); - - for (int j = 0; j < CYCLE_TIMES; j++) { - PermissionDef permDefResultAlpha; - int32_t ret = AccessTokenKit::GetDefPermission("ohos.permission.ALPHA", permDefResultAlpha); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ("ohos.permission.ALPHA", permDefResultAlpha.permissionName); - } -} - -/** - * @tc.name: GetDefPermissionsFuncTest001 - * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, GetDefPermissionsFuncTest001, TestSize.Level1) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionsFuncTest001"); - - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenID); - std::vector permDefList; - int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(2), permDefList.size()); - - ret = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, ret); -} - -/** - * @tc.name: GetDefPermissionsFuncTest002 - * @tc.desc: Get permission definition info list after clear permission definition list - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, GetDefPermissionsFuncTest002, TestSize.Level1) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionsFuncTest002"); - - HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams; - testPolicyPrams.permList.clear(); - AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams); - - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, - g_infoManagerTestInfoParms.bundleName, - g_infoManagerTestInfoParms.instIndex); - ASSERT_NE(INVALID_TOKENID, tokenID); - - std::vector permDefList; - int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(0), permDefList.size()); - - ret = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, ret); -} - -/** - * @tc.name: GetDefPermissionsAbnormalTest001 - * @tc.desc: Get permission definition info list that tokenID is invalid. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, GetDefPermissionsAbnormalTest001, TestSize.Level1) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionsAbnormalTest001"); - - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenId); - int ret = AccessTokenKit::DeleteToken(tokenId); - ASSERT_EQ(RET_SUCCESS, ret); - - std::vector permDefList; - ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); -} - -/** - * @tc.name: GetDefPermissionsSpecTest001 - * @tc.desc: GetDefPermissions is invoked multiple times. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(GetPermissionTest, GetDefPermissionsSpecTest001, TestSize.Level0) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "GetDefPermissionsSpecTest001"); - - AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenID); - for (int i = 0; i < CYCLE_TIMES; i++) { - std::vector permDefList; - int32_t ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(2), permDefList.size()); - } - ASSERT_EQ(RET_SUCCESS, AccessTokenKit::DeleteToken(tokenID)); -} - /** * @tc.name: GetReqPermissionsFuncTest001 * @tc.desc: Get user granted permission state info. diff --git a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp index 37bb41c59f4518391165c253e88a2a9d7ce882be..711ecacb096f314da27679d75ba57e7ef8d98675 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/PermissionsTest/verify_access_token_test.cpp @@ -187,10 +187,6 @@ HWTEST_F(VerifyAccessTokenTest, VerifyAccessTokenFuncTest003, TestSize.Level0) ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo); ASSERT_EQ(RET_SUCCESS, ret); - std::vector permDefList; - ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - std::vector permStatList; ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); ASSERT_EQ(RET_SUCCESS, ret); @@ -198,7 +194,6 @@ HWTEST_F(VerifyAccessTokenTest, VerifyAccessTokenFuncTest003, TestSize.Level0) HapPolicyParams policy = { .apl = APL_NORMAL, .domain = "domain", - .permList = permDefList, .permStateList = permStatList }; UpdateHapInfoParams info; diff --git a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp index a808101e03dd252c18b6c171b797b074dcb9c995..710d394e26e6e0db01fca58fd314fe8fb7f42a11 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/ProxyMockTest/accesstoken_mock_test.cpp @@ -271,19 +271,6 @@ HWTEST_F(AccessTokenMockTest, GetDefPermission001, TestSize.Level1) ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetDefPermission(permission, def)); } -/** - * @tc.name: GetDefPermissions001 - * @tc.desc: GetDefPermissions with proxy is null - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenMockTest, GetDefPermissions001, TestSize.Level1) -{ - AccessTokenID tokenId = 123; - std::vector permList; - ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetDefPermissions(tokenId, permList)); -} - /** * @tc.name: GetReqPermissions001 * @tc.desc: GetReqPermissions with proxy is null diff --git a/interfaces/innerkits/accesstoken/test/unittest/accesstoken_mock_test/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/accesstoken_mock_test/accesstoken_kit_test.cpp index 4cc6fa271beba1fe2d57b02415f43bddfe762fb4..1cd0cfe88104d49ecbaa2ccd94e7be6aba742ea3 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/accesstoken_mock_test/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/accesstoken_mock_test/accesstoken_kit_test.cpp @@ -271,19 +271,6 @@ HWTEST_F(AccessTokenKitTest, GetDefPermission001, TestSize.Level1) ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetDefPermission(permission, def)); } -/** - * @tc.name: GetDefPermissions001 - * @tc.desc: GetDefPermissions with proxy is null - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1) -{ - AccessTokenID tokenId = 123; - std::vector permList; - ASSERT_EQ(AccessTokenError::ERR_SERVICE_ABNORMAL, AccessTokenKit::GetDefPermissions(tokenId, permList)); -} - /** * @tc.name: GetReqPermissions001 * @tc.desc: GetReqPermissions with proxy is null diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 9f86b5180e9e48026bce7f46bdb9f79786879fd3..abc2b8ccd30e771dbd361f14e480280feaf8b5ed 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -445,82 +445,6 @@ HWTEST_F(AccessTokenKitTest, GetDefPermission003, TestSize.Level0) } } -/** - * @tc.name: GetDefPermissions001 - * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1) -{ - AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenID); - std::vector permDefList; - int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(2), permDefList.size()); -} - -/** - * @tc.name: GetDefPermissions002 - * @tc.desc: Get permission definition info list after clear permission definition list - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1) -{ - HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams; - testPolicyPrams.permList.clear(); - AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams); - - AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, - g_infoManagerTestInfoParms.bundleName, - g_infoManagerTestInfoParms.instIndex); - ASSERT_NE(INVALID_TOKENID, tokenID); - - std::vector permDefList; - int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(0), permDefList.size()); - - AccessTokenKit::DeleteToken(tokenID); -} - -/** - * @tc.name: GetDefPermissions003 - * @tc.desc: Get permission definition info list that tokenID is invalid. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(AccessTokenKitTest, GetDefPermissions003, TestSize.Level1) -{ - AccessTokenID tokenId = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenId); - AccessTokenKit::DeleteToken(tokenId); - - std::vector permDefList; - int ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList); - ASSERT_EQ(AccessTokenError::ERR_PARAM_INVALID, ret); -} - -/** - * @tc.name: GetDefPermissions004 - * @tc.desc: GetDefPermissions is invoked multiple times. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(AccessTokenKitTest, GetDefPermissions004, TestSize.Level0) -{ - AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - ASSERT_NE(INVALID_TOKENID, tokenID); - for (int i = 0; i < CYCLE_TIMES; i++) { - std::vector permDefList; - int32_t ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(static_cast(2), permDefList.size()); - } -} - /** * @tc.name: GetReqPermissions001 * @tc.desc: Get user granted permission state info. @@ -1184,10 +1108,6 @@ HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0) ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo); ASSERT_EQ(RET_SUCCESS, ret); - std::vector permDefList; - ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); - ASSERT_EQ(RET_SUCCESS, ret); - std::vector permStatList; ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); ASSERT_EQ(RET_SUCCESS, ret); @@ -1195,7 +1115,6 @@ HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0) HapPolicyParams policy = { .apl = APL_NORMAL, .domain = "domain", - .permList = permDefList, .permStateList = permStatList }; UpdateHapInfoParams info; diff --git a/services/accesstokenmanager/main/cpp/include/database/data_translator.h b/services/accesstokenmanager/main/cpp/include/database/data_translator.h index 1c694c3c2b936879063e603211a089a090506e5d..2f0c75ee9b4b38292f969302d494f438dc6750e4 100644 --- a/services/accesstokenmanager/main/cpp/include/database/data_translator.h +++ b/services/accesstokenmanager/main/cpp/include/database/data_translator.h @@ -27,8 +27,8 @@ namespace Security { namespace AccessToken { class DataTranslator final { public: - static int TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues); - static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef); + static int TranslationIntoGenericValues(const PermissionDefData& inPermissionDef, GenericValues& outGenericValues); + static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDefData& outPermissionDef); static int TranslationIntoGenericValues(const PermissionStatus& inPermissionState, GenericValues& outGenericValues); static int TranslationIntoPermissionStatus(const GenericValues& inGenericValues, diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h index d387721ecec6638ba368fb0ab2d26857d2902b7d..d1690391a0abd56eef838997547b33be0b3e079b 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h @@ -34,13 +34,11 @@ public: virtual ~PermissionDefinitionCache(); - bool Insert(const PermissionDef& info, AccessTokenID tokenId); + bool Insert(const PermissionDefData& info); - bool Update(const PermissionDef& info, AccessTokenID tokenId); + bool Update(const PermissionDefData& info); - void DeleteByToken(AccessTokenID tokenId); - - int FindByPermissionName(const std::string& permissionName, PermissionDef& info); + int FindByPermissionName(const std::string& permissionName, PermissionDefData& info); bool IsSystemGrantedPermission(const std::string& permissionName); @@ -52,10 +50,6 @@ public: void StorePermissionDef(std::vector& valueList); - void StorePermissionDef(AccessTokenID tokenID, std::vector& valueList); - - void GetDefPermissionsByTokenId(std::vector& permList, AccessTokenID tokenId); - int32_t RestorePermDefInfo(std::vector& permDefRes); bool HasHapPermissionDefinitionForHap(const std::string& permissionName); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 2150418c7ecf65da0a588c9fcd772e319e9d98e5..92b4b9647435f1e579b7c6de4d8f67580fe6314d 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -57,13 +57,10 @@ public: void RegisterApplicationCallback(); void RegisterAppManagerDeathCallback(); - void AddDefPermissions(const std::vector& permList, AccessTokenID tokenId, - bool updateFlag); - void RemoveDefPermissions(AccessTokenID tokenID); + void AddDefPermissions(const std::vector& permList, bool updateFlag); int VerifyHapAccessToken(AccessTokenID tokenID, const std::string& permissionName); PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName); - int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); - void GetDefPermissions(AccessTokenID tokenID, std::vector& permList); + int GetDefPermission(const std::string& permissionName, PermissionDefData& permissionDefResult); int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h index aec8b663e3de759a952c71c17cf79e365ea5a105..34d919ba9f1b334e504a4f0183895f8d38326e73 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h @@ -31,10 +31,10 @@ public: static bool IsUserIdValid(const int32_t userID); static bool IsToggleStatusValid(const uint32_t status); static bool IsPermissionFlagValid(uint32_t flag); - static bool IsPermissionDefValid(const PermissionDef& permDef); + static bool IsPermissionDefValid(const PermissionDefData& permDef); static bool IsPermissionStateValid(const PermissionStatus& permState); static void FilterInvalidPermissionDef( - const std::vector& permList, std::vector& result); + const std::vector& permList, std::vector& result); static void FilterInvalidPermissionState(ATokenTypeEnum tokenType, bool doPermAvailableCheck, const std::vector& permList, std::vector& result); static bool IsGrantModeValid(int grantMode); diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index ade78794ce9cec8040149f4bcb68647aa1b4f67e..c1e364f42cd8dc93d0e0f9a6c736b81f4bf0c3d2 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -54,7 +54,6 @@ public: int VerifyAccessToken(AccessTokenID tokenID, const std::vector& permissionList, std::vector& permStateList) override; int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; - int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; int GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; PermissionOper GetSelfPermissionsState(std::vector& reqPermList, diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index c01a2ebcc0b8ab03469ec321f9f10fbcadf1b98a..e245b352c21a8d0e74a0292407541860849334b5 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -61,7 +61,7 @@ public: AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList); + const std::vector& permList); void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); bool IsTokenIdExist(AccessTokenID id); AccessTokenID GetNativeTokenId(const std::string& processName); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index cbe2de083ff9c92a0fe481e11a858679c8d18b0a..cc8acf95e92f5862ef1da1aee2970c5c9fbf400a 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -87,8 +87,7 @@ private: void TranslationIntoGenericValues(GenericValues& outGenericValues) const; int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); bool UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList); - static void PermToString(const std::vector& permList, - const std::vector& permStateList, std::string& info); + static void PermToString(const std::vector& permStateList, std::string& info); HapTokenInfo tokenInfoBasic_; diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index 7fccb5ec2a0ae71722207044aa3fdda6bfc954d3..74651cec34a09b42eb66403d00900b6297992918 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -28,27 +28,26 @@ namespace OHOS { namespace Security { namespace AccessToken { -int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues) +int DataTranslator::TranslationIntoGenericValues(const PermissionDefData& inPermissionDef, GenericValues& outGenericValues) { outGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, inPermissionDef.permissionName); - outGenericValues.Put(TokenFiledConst::FIELD_BUNDLE_NAME, inPermissionDef.bundleName); + outGenericValues.Put(TokenFiledConst::FIELD_BUNDLE_NAME, ""); outGenericValues.Put(TokenFiledConst::FIELD_GRANT_MODE, inPermissionDef.grantMode); outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_LEVEL, inPermissionDef.availableLevel); outGenericValues.Put(TokenFiledConst::FIELD_PROVISION_ENABLE, inPermissionDef.provisionEnable ? 1 : 0); outGenericValues.Put(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE, inPermissionDef.distributedSceneEnable ? 1 : 0); - outGenericValues.Put(TokenFiledConst::FIELD_LABEL, inPermissionDef.label); + outGenericValues.Put(TokenFiledConst::FIELD_LABEL, ""); outGenericValues.Put(TokenFiledConst::FIELD_LABEL_ID, inPermissionDef.labelId); - outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION, inPermissionDef.description); + outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION, ""); outGenericValues.Put(TokenFiledConst::FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId); outGenericValues.Put(TokenFiledConst::FIELD_AVAILABLE_TYPE, inPermissionDef.availableType); return RET_SUCCESS; } -int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef) +int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDefData& outPermissionDef) { outPermissionDef.permissionName = inGenericValues.GetString(TokenFiledConst::FIELD_PERMISSION_NAME); - outPermissionDef.bundleName = inGenericValues.GetString(TokenFiledConst::FIELD_BUNDLE_NAME); outPermissionDef.grantMode = inGenericValues.GetInt(TokenFiledConst::FIELD_GRANT_MODE); int aplNum = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_LEVEL); if (!DataValidator::IsAplNumValid(aplNum)) { @@ -59,9 +58,7 @@ int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericV outPermissionDef.provisionEnable = (inGenericValues.GetInt(TokenFiledConst::FIELD_PROVISION_ENABLE) == 1); outPermissionDef.distributedSceneEnable = (inGenericValues.GetInt(TokenFiledConst::FIELD_DISTRIBUTED_SCENE_ENABLE) == 1); - outPermissionDef.label = inGenericValues.GetString(TokenFiledConst::FIELD_LABEL); outPermissionDef.labelId = inGenericValues.GetInt(TokenFiledConst::FIELD_LABEL_ID); - outPermissionDef.description = inGenericValues.GetString(TokenFiledConst::FIELD_DESCRIPTION); outPermissionDef.descriptionId = inGenericValues.GetInt(TokenFiledConst::FIELD_DESCRIPTION_ID); int availableType = inGenericValues.GetInt(TokenFiledConst::FIELD_AVAILABLE_TYPE); outPermissionDef.availableType = static_cast(availableType); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp index a73ced1f7b147e86b4c6d2d5adc641247af74065..0b053eb517f87e96f99ac2dd474bf1911db3a758 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp @@ -26,7 +26,6 @@ namespace OHOS { namespace Security { namespace AccessToken { namespace { -static const int32_t EXTENSION_PERMISSION_ID = 0; std::recursive_mutex g_instanceMutex; } @@ -49,7 +48,7 @@ PermissionDefinitionCache::PermissionDefinitionCache() PermissionDefinitionCache::~PermissionDefinitionCache() {} -bool PermissionDefinitionCache::Insert(const PermissionDef& info, AccessTokenID tokenId) +bool PermissionDefinitionCache::Insert(const PermissionDefData& info) { Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); auto it = permissionDefinitionMap_.find(info.permissionName); @@ -58,36 +57,21 @@ bool PermissionDefinitionCache::Insert(const PermissionDef& info, AccessTokenID info.permissionName.c_str()); return false; } - permissionDefinitionMap_[info.permissionName].permDef = info; - permissionDefinitionMap_[info.permissionName].tokenId = tokenId; - if (!hasHapPermissionDefinition_ && (tokenId != EXTENSION_PERMISSION_ID)) { + permissionDefinitionMap_[info.permissionName] = info; + if (!hasHapPermissionDefinition_) { //todo hasHapPermissionDefinition_ = true; } return true; } -bool PermissionDefinitionCache::Update(const PermissionDef& info, AccessTokenID tokenId) +bool PermissionDefinitionCache::Update(const PermissionDefData& info) { Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); - permissionDefinitionMap_[info.permissionName].permDef = info; - permissionDefinitionMap_[info.permissionName].tokenId = tokenId; + permissionDefinitionMap_[info.permissionName] = info; return true; } -void PermissionDefinitionCache::DeleteByToken(AccessTokenID tokenId) -{ - Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); - auto it = permissionDefinitionMap_.begin(); - while (it != permissionDefinitionMap_.end()) { - if (tokenId == it->second.tokenId) { - it = permissionDefinitionMap_.erase(it); - } else { - ++it; - } - } -} - -int PermissionDefinitionCache::FindByPermissionName(const std::string& permissionName, PermissionDef& info) +int PermissionDefinitionCache::FindByPermissionName(const std::string& permissionName, PermissionDefData& info) { Utils::UniqueReadGuard cacheGuard(this->cacheLock_); auto it = permissionDefinitionMap_.find(permissionName); @@ -96,7 +80,7 @@ int PermissionDefinitionCache::FindByPermissionName(const std::string& permissio permissionName.c_str()); return AccessTokenError::ERR_PERMISSION_NOT_EXIST; } - info = it->second.permDef; + info = it->second; return RET_SUCCESS; } @@ -118,7 +102,7 @@ bool PermissionDefinitionCache::IsGrantedModeEqualInner(const std::string& permi if (it == permissionDefinitionMap_.end()) { return false; } - return it->second.permDef.grantMode == grantMode; + return it->second.grantMode == grantMode; } bool PermissionDefinitionCache::HasDefinition(const std::string& permissionName) @@ -135,7 +119,7 @@ bool PermissionDefinitionCache::HasHapPermissionDefinitionForHap(const std::stri { Utils::UniqueReadGuard cacheGuard(this->cacheLock_); auto it = permissionDefinitionMap_.find(permissionName); - if ((it != permissionDefinitionMap_.end()) && (it->second.tokenId != EXTENSION_PERMISSION_ID)) { + if ((it != permissionDefinitionMap_.end()) && (it->second.availableType != SERVICE)) { return true; } return false; @@ -153,52 +137,23 @@ void PermissionDefinitionCache::StorePermissionDef(std::vector& v auto it = permissionDefinitionMap_.begin(); while (it != permissionDefinitionMap_.end()) { GenericValues genericValues; - genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(it->second.tokenId)); - DataTranslator::TranslationIntoGenericValues(it->second.permDef, genericValues); + genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, 0); + DataTranslator::TranslationIntoGenericValues(it->second, genericValues); valueList.emplace_back(genericValues); ++it; } } -void PermissionDefinitionCache::StorePermissionDef(AccessTokenID tokenID, std::vector& valueList) -{ - Utils::UniqueReadGuard cacheGuard(this->cacheLock_); - auto it = permissionDefinitionMap_.begin(); - while (it != permissionDefinitionMap_.end()) { - if (tokenID == it->second.tokenId) { - GenericValues genericValues; - genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, static_cast(it->second.tokenId)); - DataTranslator::TranslationIntoGenericValues(it->second.permDef, genericValues); - valueList.emplace_back(genericValues); - } - ++it; - } -} - -void PermissionDefinitionCache::GetDefPermissionsByTokenId(std::vector& permList, - AccessTokenID tokenId) -{ - Utils::UniqueReadGuard cacheGuard(this->cacheLock_); - auto it = permissionDefinitionMap_.begin(); - while (it != permissionDefinitionMap_.end()) { - if (tokenId == it->second.tokenId) { - permList.emplace_back(it->second.permDef); - } - ++it; - } -} - int32_t PermissionDefinitionCache::RestorePermDefInfo(std::vector& permDefRes) { for (const GenericValues& defValue : permDefRes) { - PermissionDef def; - AccessTokenID tokenId = (AccessTokenID)defValue.GetInt(TokenFiledConst::FIELD_TOKEN_ID); + PermissionDefData def; int32_t ret = DataTranslator::TranslationIntoPermissionDef(defValue, def); if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "TokenId 0x%{public}x permDef is wrong.", tokenId); + LOGE(ATM_DOMAIN, ATM_TAG, "Failed to transfer permDef, err=%{public}d.", ret); return ret; } - Insert(def, tokenId); + Insert(def); } return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index a1917dd46ff1edb17144f85e5cdb7745d87b7bf5..9c9f0b787549e6bff216641b8279f04393c38897 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -101,33 +101,26 @@ PermissionManager::PermissionManager() PermissionManager::~PermissionManager() {} -void PermissionManager::AddDefPermissions(const std::vector& permList, AccessTokenID tokenId, - bool updateFlag) +void PermissionManager::AddDefPermissions(const std::vector& permList, bool updateFlag) { - std::vector permFilterList; + std::vector permFilterList; PermissionValidator::FilterInvalidPermissionDef(permList, permFilterList); LOGI(ATM_DOMAIN, ATM_TAG, "PermFilterList size: %{public}zu", permFilterList.size()); for (const auto& perm : permFilterList) { if (updateFlag) { - PermissionDefinitionCache::GetInstance().Update(perm, tokenId); + PermissionDefinitionCache::GetInstance().Update(perm); continue; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(perm.permissionName)) { - PermissionDefinitionCache::GetInstance().Insert(perm, tokenId); + PermissionDefinitionCache::GetInstance().Insert(perm); } else { - PermissionDefinitionCache::GetInstance().Update(perm, tokenId); + PermissionDefinitionCache::GetInstance().Update(perm); LOGI(ATM_DOMAIN, ATM_TAG, "Permission %{public}s has define", perm.permissionName.c_str()); } } } -void PermissionManager::RemoveDefPermissions(AccessTokenID tokenID) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "tokenID: %{public}u", tokenID); - PermissionDefinitionCache::GetInstance().DeleteByToken(tokenID); -} - int PermissionManager::VerifyHapAccessToken(AccessTokenID tokenID, const std::string& permissionName) { return HapTokenInfoInner::VerifyPermissionStatus(tokenID, permissionName); // 从data获取 @@ -147,7 +140,7 @@ PermUsedTypeEnum PermissionManager::GetPermissionUsedType( return ret; } -int PermissionManager::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) +int PermissionManager::GetDefPermission(const std::string& permissionName, PermissionDefData& permissionDefResult) { if (!PermissionValidator::IsPermissionNameValid(permissionName)) { LOGE(ATM_DOMAIN, ATM_TAG, "Invalid params!"); @@ -156,11 +149,6 @@ int PermissionManager::GetDefPermission(const std::string& permissionName, Permi return PermissionDefinitionCache::GetInstance().FindByPermissionName(permissionName, permissionDefResult); } -void PermissionManager::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) -{ - PermissionDefinitionCache::GetInstance().GetDefPermissionsByTokenId(permList, tokenID); -} - int PermissionManager::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { @@ -179,7 +167,7 @@ int PermissionManager::GetReqPermissions( return ret; } for (const auto& perm : tmpList) { - PermissionDef permDef; + PermissionDefData permDef; GetDefPermission(perm.permissionName, permDef); if (permDef.grantMode == mode) { reqPermList.emplace_back(perm); @@ -832,7 +820,7 @@ void PermissionManager::SetPermToKernel( tokenID, permissionName.c_str(), ret); } -bool IsAclSatisfied(const PermissionDef& permDef, const HapPolicy& policy) +bool IsAclSatisfied(const PermissionDefData& permDef, const HapPolicy& policy) { if (policy.checkIgnore == HapPolicyCheckIgnore::ACL_IGNORE_CHECK) { LOGI(ATM_DOMAIN, ATM_TAG, "%{public}s ignore acl check.", permDef.permissionName.c_str()); @@ -856,7 +844,7 @@ bool IsAclSatisfied(const PermissionDef& permDef, const HapPolicy& policy) return true; } -bool IsPermAvailableRangeSatisfied(const PermissionDef& permDef, const std::string& appDistributionType) +bool IsPermAvailableRangeSatisfied(const PermissionDefData& permDef, const std::string& appDistributionType) { if (permDef.availableType == ATokenAvailableTypeEnum::MDM) { if (appDistributionType == "none") { @@ -911,7 +899,7 @@ bool PermissionManager::InitPermissionList(const std::string& appDistributionTyp policy.permStateList.size(), policy.preAuthorizationInfo.size(), policy.aclRequestedList.size()); for (auto state : policy.permStateList) { - PermissionDef permDef; + PermissionDefData permDef; int32_t ret = PermissionManager::GetInstance().GetDefPermission( state.permissionName, permDef); if (ret != AccessToken::AccessTokenKitRet::RET_SUCCESS) { diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 9e21164a8d96e19d06dea45b79e9f31ff3e06897..a9e24c3e7f7314a3fb5070ad61c45c8fa0b0402a 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -55,20 +55,8 @@ bool PermissionValidator::IsToggleStatusValid(const uint32_t status) return DataValidator::IsToggleStatusValid(status); } -bool PermissionValidator::IsPermissionDefValid(const PermissionDef& permDef) +bool PermissionValidator::IsPermissionDefValid(const PermissionDefData& permDef) { - if (!DataValidator::IsLabelValid(permDef.label)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Label invalid."); - return false; - } - if (!DataValidator::IsDescValid(permDef.description)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Desc invalid."); - return false; - } - if (!DataValidator::IsBundleNameValid(permDef.bundleName)) { - LOGE(ATM_DOMAIN, ATM_TAG, "BundleName invalid."); - return false; - } if (!DataValidator::IsPermissionNameValid(permDef.permissionName)) { LOGE(ATM_DOMAIN, ATM_TAG, "PermissionName invalid."); return false; @@ -114,7 +102,7 @@ bool PermissionValidator::IsPermissionStateValid(const PermissionStatus& permSta } void PermissionValidator::FilterInvalidPermissionDef( - const std::vector& permList, std::vector& result) + const std::vector& permList, std::vector& result) { std::set permDefSet; for (auto it = permList.begin(); it != permList.end(); ++it) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index d8e6d31c03eac4b88d4a067535c3bb42177ca1f2..a16737b0a526b776ccbcb886657df115ce73da69 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -164,19 +164,6 @@ int AccessTokenManagerService::GetDefPermission( return PermissionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult.permissionDef); } -int AccessTokenManagerService::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "TokenID: %{public}d", tokenID); - std::vector permVec; - PermissionManager::GetInstance().GetDefPermissions(tokenID, permVec); - for (const auto& perm : permVec) { - PermissionDefParcel permParcel; - permParcel.permissionDef = perm; - permList.emplace_back(permParcel); - } - return RET_SUCCESS; -} - int AccessTokenManagerService::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index f9cd095b5c5edbe97cc8888d1d07d44e52784d30..d8e16f2f96998803ae6fdfe6f9b76c3983db89e2 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -165,21 +165,6 @@ void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageP reply.WriteParcelable(&permissionDefParcel), "Write PermissionDefParcel fail."); } -void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID = data.ReadUint32(); - std::vector permList; - - this->GetDefPermissions(tokenID, permList); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(RET_SUCCESS), "WriteInt32 failed."); - LOGD(ATM_DOMAIN, ATM_TAG, "%{public}s called, permList size: %{public}zu", __func__, permList.size()); - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteUint32(permList.size()), "WriteUint32 failed."); - - for (const auto& permDef : permList) { - IF_FALSE_RETURN_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteParcelable(&permDef), "WriteParcelable fail."); - } -} - void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply) { unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); @@ -1234,8 +1219,6 @@ void AccessTokenManagerStub::SetPermissionOpFuncInMap() &AccessTokenManagerStub::VerifyAccessTokenWithListInner; requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_DEF_PERMISSION)] = &AccessTokenManagerStub::GetDefPermissionInner; - requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_DEF_PERMISSIONS)] = - &AccessTokenManagerStub::GetDefPermissionsInner; requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_REQ_PERMISSIONS)] = &AccessTokenManagerStub::GetReqPermissionsInner; requestFuncMap_[static_cast(AccessTokenInterfaceCode::GET_PERMISSION_FLAG)] = diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 25621e1ec94231b19438844b3d8d4a4ea5c5bebd..8d8bbe971ac9aa13622a05328e57795572f440e7 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -63,7 +63,6 @@ static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length static const char* ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_sync"; #endif static const char* DUMP_JSON_PATH = "/data/service/el1/public/access_token/nativetoken.log"; -static const int32_t EXTENSION_PERMISSION_ID = 0; } AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {} @@ -121,13 +120,13 @@ void AccessTokenInfoManager::Init() DlpPermissionSetManager::GetInstance().ProcessDlpPermInfos(dlpPerms); } #endif - std::vector permDefList; + std::vector permDefList; ret = policy->GetAllPermissionDef(permDefList); if (ret != RET_SUCCESS) { ReportSysEventServiceStartError(INIT_PERM_DEF_JSON_ERROR, "GetAllPermissionDef from json fail.", ret); } for (const auto& perm : permDefList) { - PermissionDefinitionCache::GetInstance().Insert(perm, EXTENSION_PERMISSION_ID); + PermissionDefinitionCache::GetInstance().Insert(perm); } hasInited_ = true; LOGI(ATM_DOMAIN, ATM_TAG, "Init success"); @@ -405,8 +404,6 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) return ERR_PARAM_INVALID; } std::shared_ptr info; - // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. - PermissionManager::GetInstance().RemoveDefPermissions(id); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); RemoveHapTokenInfoFromDb(id); @@ -523,7 +520,7 @@ int AccessTokenInfoManager::CreateHapTokenInfo( return ERR_TOKENID_CREATE_FAILED; } } - PermissionManager::GetInstance().AddDefPermissions(policy.permList, tokenId, false); + PermissionManager::GetInstance().AddDefPermissions(policy.permList, false); #ifdef SUPPORT_SANDBOX_APP std::shared_ptr tokenInfo; HapPolicy policyNew = policy; @@ -540,7 +537,6 @@ int AccessTokenInfoManager::CreateHapTokenInfo( if (ret != RET_SUCCESS) { LOGE(ATM_DOMAIN, ATM_TAG, "%{public}s add token info failed", info.bundleName.c_str()); AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - PermissionManager::GetInstance().RemoveDefPermissions(tokenId); RemoveHapTokenInfoFromDb(tokenId); return ret; } @@ -632,7 +628,7 @@ void AccessTokenInfoManager::InitNativeTokenInfos(const std::vector& permStateList, ATokenAplEnum apl, - const std::vector& permList) + const std::vector& permList) { AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; if (!DataValidator::IsAppIDDescValid(info.appIDDesc)) { @@ -654,7 +650,7 @@ int32_t AccessTokenInfoManager::UpdateHapToken(AccessTokenIDEx& tokenIdEx, const } else { tokenIdEx.tokenIdExStruct.tokenAttr &= ~SYSTEM_APP_FLAG; } - PermissionManager::GetInstance().AddDefPermissions(permList, tokenID, true); + PermissionManager::GetInstance().AddDefPermissions(permList, true); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); infoPtr->Update(info, permStateList); @@ -960,7 +956,7 @@ int AccessTokenInfoManager::AddHapTokenInfoToDb(const std::shared_ptr permDefValues; - PermissionDefinitionCache::GetInstance().StorePermissionDef(tokenID, permDefValues); + PermissionDefinitionCache::GetInstance().StorePermissionDef(permDefValues); // get new permission status from cache if exist std::vector permStateValues; @@ -1718,7 +1714,7 @@ int32_t AccessTokenInfoManager::GetPermissionRequestToggleStatus(const std::stri bool AccessTokenInfoManager::IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, const std::vector& nativeAcls) { - PermissionDef permissionDef; + PermissionDefData permissionDef; int ret = PermissionDefinitionCache::GetInstance().FindByPermissionName( permissionName, permissionDef); if (ret != RET_SUCCESS) { diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 70211011a34a7cef377377446c7d08a4e37cace2..9bb929966e295012b843dc660ac67b6bd140a530 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -426,19 +426,16 @@ bool HapTokenInfoInner::IsPermissionGrantedWithSecComp(AccessTokenID tokenID, co return PermissionDataBrief::GetInstance().IsPermissionGrantedWithSecComp(tokenID, permissionName); } -void PermDefToString(const PermissionDef& def, std::string& info) +void PermDefToString(const PermissionDefData& def, std::string& info) { info.append(R"( {)"); info.append("\n"); info.append(R"( "permissionName": ")" + def.permissionName + R"(")" + ",\n"); - info.append(R"( "bundleName": ")" + def.bundleName + R"(")" + ",\n"); info.append(R"( "grantMode": )" + std::to_string(def.grantMode) + ",\n"); info.append(R"( "availableLevel": )" + std::to_string(def.availableLevel) + ",\n"); info.append(R"( "provisionEnable": )" + std::to_string(def.provisionEnable) + ",\n"); info.append(R"( "distributedSceneEnable": )" + std::to_string(def.distributedSceneEnable) + ",\n"); - info.append(R"( "label": ")" + def.label + R"(")" + ",\n"); info.append(R"( "labelId": )" + std::to_string(def.labelId) + ",\n"); - info.append(R"( "description": ")" + def.description + R"(")" + ",\n"); info.append(R"( "descriptionId": )" + std::to_string(def.descriptionId) + ",\n"); info.append(R"( })"); } @@ -453,19 +450,8 @@ void PermStateFullToString(const PermissionStatus& state, std::string& info) info.append(R"( })"); } -void HapTokenInfoInner::PermToString(const std::vector& permList, - const std::vector& permStateList, std::string& info) +void HapTokenInfoInner::PermToString(const std::vector& permStateList, std::string& info) { - info.append(R"( "permDefList": [)"); - info.append("\n"); - for (auto iter = permList.begin(); iter != permList.end(); iter++) { - PermDefToString(*iter, info); - if (iter != (permList.end() - 1)) { - info.append(",\n"); - } - } - info.append("\n ],\n"); - info.append(R"( "permStateList": [)"); info.append("\n"); for (auto iter = permStateList.begin(); iter != permStateList.end(); iter++) { @@ -491,11 +477,9 @@ void HapTokenInfoInner::ToString(std::string& info) info.append(R"( "isRemote": )" + std::to_string(isRemote_) + ",\n"); info.append(R"( "isPermDialogForbidden": )" + std::to_string(isPermDialogForbidden_) + ",\n"); - std::vector permList; - PermissionDefinitionCache::GetInstance().GetDefPermissionsByTokenId(permList, tokenInfoBasic_.tokenID); std::vector permStateList; (void)GetPermissionStateList(permStateList); - PermToString(permList, permStateList, info); + PermToString(permStateList, info); info.append("}"); } } // namespace AccessToken diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 147a6e5f7c63c0db0a7180492a4a477fd6527ed6..0f2bf92f44ed562abcebc8b435411c6ed92a7323 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -48,29 +48,23 @@ static bool g_hasHapPermissionDefinition; static constexpr int32_t DEFAULT_API_VERSION = 8; static constexpr int USER_ID = 100; static constexpr int INST_INDEX = 0; -static PermissionDef g_infoManagerTestPermDef1 = { +static PermissionDefData g_infoManagerTestPermDef1 = { .permissionName = "open the door", - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "open the door", .descriptionId = 1 }; -static PermissionDef g_infoManagerTestPermDef2 = { +static PermissionDefData g_infoManagerTestPermDef2 = { .permissionName = "break the door", - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "break the door", .descriptionId = 1 }; @@ -134,24 +128,22 @@ void AccessTokenInfoManagerTest::SetUp() { atManagerService_ = DelayedSingleton::GetInstance(); EXPECT_NE(nullptr, atManagerService_); - PermissionDef infoManagerPermDefA = { + PermissionDefData infoManagerPermDefA = { .permissionName = "ohos.permission.CAMERA", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, }; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDefA, 1); - PermissionDef infoManagerPermDefB = { + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDefA); + PermissionDefData infoManagerPermDefB = { .permissionName = "ohos.permission.LOCATION", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, }; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDefB, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDefB); g_permissionDefinitionMap = PermissionDefinitionCache::GetInstance().permissionDefinitionMap_; g_hasHapPermissionDefinition = PermissionDefinitionCache::GetInstance().hasHapPermissionDefinition_; } @@ -243,7 +235,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, ret); ASSERT_NE(tokenIdEx.tokenIdExStruct.tokenID, tokenIdEx1.tokenIdExStruct.tokenID); GTEST_LOG_(INFO) << "add same hap token"; - PermissionDef permDef; + PermissionDefData permDef; ASSERT_EQ(RET_SUCCESS, PermissionManager::GetInstance().GetDefPermission(g_infoManagerTestPermDef1.permissionName, permDef)); ASSERT_EQ(permDef.permissionName, g_infoManagerTestPermDef1.permissionName); @@ -366,16 +358,13 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo007, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo008, TestSize.Level1) { - static PermissionDef permDef = { + static PermissionDefData permDef = { .permissionName = "ohos.permission.test", - .bundleName = "accesstoken_test", .grantMode = -1, // -1:invalid grant mode .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "open the door", .descriptionId = 1 }; HapInfoParams info = { @@ -1409,21 +1398,17 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID002, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, Insert001, TestSize.Level1) { - PermissionDef info = { + PermissionDefData info = { .permissionName = "ohos.permission.CAMERA", - .bundleName = "com.ohos.test", .grantMode = 0, .availableLevel = ATokenAplEnum::APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "buzhidao", .labelId = 100, // 100 is random input - .description = "buzhidao", .descriptionId = 100 // 100 is random input }; - AccessTokenID tokenId = 123; // 123 is random input - ASSERT_EQ(false, PermissionDefinitionCache::GetInstance().Insert(info, tokenId)); // permission has insert + ASSERT_EQ(false, PermissionDefinitionCache::GetInstance().Insert(info)); // permission has insert } /** @@ -1471,16 +1456,13 @@ HWTEST_F(AccessTokenInfoManagerTest, RestorePermDefInfo001, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionDefValid001, TestSize.Level1) { - PermissionDef permDef = { + PermissionDefData permDef = { .permissionName = "ohos.permission.TEST", - .bundleName = "com.ohos.test", .grantMode = static_cast(2), .availableLevel = ATokenAplEnum::APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "buzhidao", .labelId = 100, // 100 is random input - .description = "buzhidao", .descriptionId = 100 // 100 is random input }; @@ -1532,26 +1514,23 @@ HWTEST_F(AccessTokenInfoManagerTest, IsPermissionStateValid001, TestSize.Level1) */ HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Level1) { - PermissionDef permDef = { + PermissionDefData permDef = { .permissionName = "ohos.permission.TEST", - .bundleName = "com.ohos.test", .grantMode = GrantMode::SYSTEM_GRANT, .availableLevel = ATokenAplEnum::APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "buzhidao", .labelId = 100, // 100 is random input - .description = "buzhidao", .descriptionId = 100 // 100 is random input }; - std::vector permList; + std::vector permList; permList.emplace_back(permDef); permList.emplace_back(permDef); ASSERT_EQ(static_cast(2), permList.size()); - std::vector result; + std::vector result; PermissionValidator::FilterInvalidPermissionDef(permList, result); // permDefSet.count != 0 ASSERT_EQ(static_cast(1), result.size()); } @@ -1564,16 +1543,13 @@ HWTEST_F(AccessTokenInfoManagerTest, FilterInvalidPermissionDef001, TestSize.Lev */ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) { - PermissionDef def = { + PermissionDefData def = { .permissionName = "ohos.permission.TEST", - .bundleName = "QueryPermissionFlag001", .grantMode = 1, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "description", .descriptionId = 1 }; PermissionStatus perm = { @@ -1583,7 +1559,7 @@ HWTEST_F(AccessTokenInfoManagerTest, QueryPermissionFlag001, TestSize.Level1) }; AccessTokenID tokenId = 0x280bc140; // 0x280bc140 is random native - PermissionDefinitionCache::GetInstance().Insert(def, tokenId); + PermissionDefinitionCache::GetInstance().Insert(def); std::vector permStateList; permStateList.emplace_back(perm); @@ -1663,9 +1639,8 @@ HWTEST_F(AccessTokenInfoManagerTest, PermStateFullToString001, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, PermissionDataBrief::GetInstance().GetBriefPermDataByTokenId(tokenId, briefPermDataList)); std::string info; - std::vector permList; // iter != end - 1 - HapTokenInfoInner::PermToString(permList, permStateList, info); + HapTokenInfoInner::PermToString(permStateList, info); ASSERT_TRUE(!info.empty()); } diff --git a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp index aac2855c11e58b165004cd0545f169f9d99e11a4..e7219a553fc85a84e5516bf974f8317115e3c4b1 100644 --- a/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp +++ b/services/accesstokenmanager/test/unittest/native_token_receptor_test.cpp @@ -48,23 +48,20 @@ void NativeTokenReceptorTest::SetUpTestCase() for (unsigned int i = 0x28100000; i <= 0x28100007; i++) { AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(i); } - PermissionDef infoManagerPermDef = { + PermissionDefData infoManagerPermDef = { .permissionName = "ohos.permission.DISCOVER_BLUETOOTH", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "CAMERA", .descriptionId = 1 }; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.MANAGE_USER_IDM"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.ACCELEROMETER"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); } void NativeTokenReceptorTest::TearDownTestCase() diff --git a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp index be9f5a49399b1b47fbb336b4eef3d61932e64fc3..59ab16eec5437235ad21bf8161e55474703fe09b 100644 --- a/services/accesstokenmanager/test/unittest/permission_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/permission_manager_test.cpp @@ -43,29 +43,23 @@ namespace { static constexpr uint32_t MAX_CALLBACK_SIZE = 1024; static constexpr int32_t USER_ID = 100; static constexpr int32_t INST_INDEX = 0; -static PermissionDef g_infoManagerTestPermDef1 = { +static PermissionDefData g_infoManagerTestPermDef1 = { .permissionName = "open the door", - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "open the door", .descriptionId = 1 }; -static PermissionDef g_infoManagerTestPermDef2 = { +static PermissionDefData g_infoManagerTestPermDef2 = { .permissionName = "break the door", - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "break the door", .descriptionId = 1 }; @@ -151,55 +145,43 @@ static PermissionStatus g_permState9 = { .grantFlag = PermissionFlag::PERMISSION_POLICY_FIXED | PermissionFlag::PERMISSION_USER_SET }; -static PermissionDef g_infoManagerPermDef1 = { +static PermissionDefData g_infoManagerPermDef1 = { .permissionName = "ohos.permission.MEDIA_LOCATION", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "MEDIA_LOCATION", .descriptionId = 1 }; -static PermissionDef g_infoManagerPermDef2 = { +static PermissionDefData g_infoManagerPermDef2 = { .permissionName = "ohos.permission.MICROPHONE", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "MICROPHONE", .descriptionId = 1 }; -static PermissionDef g_infoManagerPermDef3 = { +static PermissionDefData g_infoManagerPermDef3 = { .permissionName = "ohos.permission.READ_CALENDAR", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "READ_CALENDAR", .descriptionId = 1 }; -static PermissionDef g_infoManagerPermDef4 = { +static PermissionDefData g_infoManagerPermDef4 = { .permissionName = "ohos.permission.READ_CALL_LOG", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "READ_CALL_LOG", .descriptionId = 1 }; } @@ -236,31 +218,28 @@ void PermissionManagerTest::SetUp() } formStateObserver_ = std::make_shared(); - PermissionDef infoManagerPermDef = { + PermissionDefData infoManagerPermDef = { .permissionName = "ohos.permission.CAMERA", - .bundleName = "accesstoken_test", .grantMode = USER_GRANT, .availableLevel = APL_NORMAL, .provisionEnable = false, .distributedSceneEnable = false, - .label = "label", .labelId = 1, - .description = "CAMERA", .descriptionId = 1 }; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.APPROXIMATELY_LOCATION"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.LOCATION"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.CAPTURE_SCREEN"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.CHANGE_ABILITY_ENABLED_STATE"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.CLEAN_APPLICATION_DATA"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); infoManagerPermDef.permissionName = "ohos.permission.COMMONEVENT_STICKY"; - PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef, 1); + PermissionDefinitionCache::GetInstance().Insert(infoManagerPermDef); } void PermissionManagerTest::TearDown() @@ -476,7 +455,7 @@ HWTEST_F(PermissionManagerTest, RevokePermission001, TestSize.Level1) HWTEST_F(PermissionManagerTest, GetDefPermission001, TestSize.Level1) { std::string permissionName; - PermissionDef permissionDefResult; + PermissionDefData permissionDefResult; // permissionName is empty ASSERT_EQ( @@ -497,64 +476,12 @@ HWTEST_F(PermissionManagerTest, GetDefPermission001, TestSize.Level1) HWTEST_F(PermissionManagerTest, GetDefPermission002, TestSize.Level1) { std::string permissionName = "ohos.permission.CAMERA"; - PermissionDef permissionDefResult; + PermissionDefData permissionDefResult; // permissionName invalid ASSERT_EQ(RET_SUCCESS, PermissionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult)); } -/** - * @tc.name: GetDefPermissions001 - * @tc.desc: GetDefPermissions with invalid tokenid - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PermissionManagerTest, GetDefPermissions001, TestSize.Level1) -{ - std::vector result; - - AccessTokenID tokenId = 123; - PermissionManager::GetInstance().GetDefPermissions(tokenId, result); - ASSERT_TRUE(result.empty()); -} - -/** - * @tc.name: GetDefPermissions002 - * @tc.desc: GetDefPermissions with valid tokenid - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PermissionManagerTest, GetDefPermissions002, TestSize.Level1) -{ - AccessTokenIDEx tokenIdEx = {0}; - int32_t ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, - g_infoManagerTestPolicyPrams1, tokenIdEx); - ASSERT_EQ(RET_SUCCESS, ret); - - std::vector result; - AccessTokenID tokenId = tokenIdEx.tokenIdExStruct.tokenID; - PermissionManager::GetInstance().GetDefPermissions(tokenId, result); - ASSERT_TRUE(!result.empty()); - - ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); - ASSERT_EQ(RET_SUCCESS, ret); -} - -/** - * @tc.name: GetDefPermissions003 - * @tc.desc: GetDefPermissions with extension tokenId - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(PermissionManagerTest, GetDefPermissions003, TestSize.Level1) -{ - std::vector result; - - AccessTokenID tokenId = 0; - PermissionManager::GetInstance().GetDefPermissions(tokenId, result); - ASSERT_TRUE(!result.empty()); -} - /** * @tc.name: GetReqPermissions001 * @tc.desc: GetReqPermissions with invalid tokenid diff --git a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp index d2e4b116505c43005af5d6812c78cf905d671803..521c112f10cefe50605c8a80affb0e949005dbae 100644 --- a/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/short_grant_manager_test.cpp @@ -67,17 +67,14 @@ void ShortGrantManagerTest::SetUp() ShortGrantManager::GetInstance().InitEventHandler(); #endif - PermissionDef permDefAlpha = { + PermissionDefData permDefAlpha = { .permissionName = "ohos.permission.SHORT_TERM_WRITE_IMAGEVIDEO", - .bundleName = "accesstoken_test", .grantMode = 1, .availableLevel = APL_NORMAL, - .label = "label", .labelId = 1, - .description = "annoying", .descriptionId = 1 }; - PermissionDefinitionCache::GetInstance().Insert(permDefAlpha, 537719865); // 537719865 means a tokenId. + PermissionDefinitionCache::GetInstance().Insert(permDefAlpha); } void ShortGrantManagerTest::TearDown() diff --git a/services/common/database/test/unittest/database_test.cpp b/services/common/database/test/unittest/database_test.cpp index 99bd22516ba775a8a8818add18e54de9200cdfa5..52a38ba02273fe32292d5cfc50bb4b82b6e3fb3d 100644 --- a/services/common/database/test/unittest/database_test.cpp +++ b/services/common/database/test/unittest/database_test.cpp @@ -227,7 +227,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionDef001, TestSize.L genericValues.Put(TokenFiledConst::FIELD_TOKEN_ID, TEST_TOKEN_ID); genericValues.Put(TokenFiledConst::FIELD_AVAILABLE_LEVEL, ATokenAplEnum::APL_INVALID); - PermissionDef outPermissionDef; + PermissionDefData outPermissionDef; ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionDef(genericValues, outPermissionDef)); LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionDefTest001 end"); } @@ -248,7 +248,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus001, TestSiz inGenericValues.Put(TokenFiledConst::FIELD_GRANT_IS_GENERAL, 1); inGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, ""); - PermissionDef outPermissionDef; + PermissionDefData outPermissionDef; ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus001 end"); } @@ -270,7 +270,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus002, TestSiz inGenericValues.Put(TokenFiledConst::FIELD_PERMISSION_NAME, "test_permission_name"); inGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, ""); - PermissionDef outPermissionDef; + PermissionDefData outPermissionDef; ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus002 end"); } @@ -293,7 +293,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus003, TestSiz inGenericValues.Put(TokenFiledConst::FIELD_DEVICE_ID, "test_device_id"); inGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, 100); - PermissionDef outPermissionDef; + PermissionDefData outPermissionDef; ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus003 end"); } @@ -317,7 +317,7 @@ HWTEST_F(DatabaseTest, DataTranslatorTranslationIntoPermissionStatus004, TestSiz inGenericValues.Put(TokenFiledConst::FIELD_GRANT_STATE, PermissionState::PERMISSION_GRANTED); inGenericValues.Put(TokenFiledConst::FIELD_GRANT_FLAG, 100); - PermissionDef outPermissionDef; + PermissionDefData outPermissionDef; ASSERT_NE(RET_SUCCESS, DataTranslator::TranslationIntoPermissionStatus(inGenericValues, outPermissionState)); LOGI(ATM_DOMAIN, ATM_TAG, "DataTranslatorTranslationIntoPermissionStatus004 end"); } diff --git a/services/common/json_parse/include/json_parse_loader.h b/services/common/json_parse/include/json_parse_loader.h index 9ea7ad619e404f094b23b4cfafbc65a7ce9066a1..8b4924d6f1eaa93692d820e450fa27a6f35b2fb5 100644 --- a/services/common/json_parse/include/json_parse_loader.h +++ b/services/common/json_parse/include/json_parse_loader.h @@ -60,7 +60,7 @@ enum ServiceType { }; struct PermissionDefParseRet { - PermissionDef permDef; + PermissionDefData permDef; bool isSuccessful = false; }; @@ -71,14 +71,14 @@ public: virtual bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); virtual int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); virtual int32_t GetDlpPermissions(std::vector& dlpPerms); - virtual int32_t GetAllPermissionDef(std::vector& permDefList); + virtual int32_t GetAllPermissionDef(std::vector& permDefList); }; class ConfigPolicLoader final: public ConfigPolicyLoaderInterface { bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); int32_t GetDlpPermissions(std::vector& dlpPerms); - int32_t GetAllPermissionDef(std::vector& permDefList); + int32_t GetAllPermissionDef(std::vector& permDefList); private: #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE void GetConfigFilePathList(std::vector& pathList); @@ -86,7 +86,7 @@ private: AccessTokenConfigValue& config); #endif // CUSTOMIZATION_CONFIG_POLICY_ENABLE bool ParserNativeRawData(const std::string& nativeRawData, std::vector& tokenInfos); - bool ParserPermDefRawData(const std::string& permsRawData, std::vector& permDefList); + bool ParserPermDefRawData(const std::string& permsRawData, std::vector& permDefList); bool ParserDlpPermsRawData(const std::string& dlpPermsRawData, std::vector& dlpPerms); int32_t ReadCfgFile(const std::string& file, std::string& rawData); bool IsDirExsit(const std::string& file); diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index c14fe4c7d05a5c7b2a5266ebb282f031196ea687..c88f2ac7ee8d1cd959806d1e10add59d20f9e3d5 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -78,8 +78,6 @@ static const char* PERMISSION_AVAILABLE_LEVEL = "availableLevel"; static const char* PERMISSION_AVAILABLE_TYPE = "availableType"; static const char* PERMISSION_PROVISION_ENABLE = "provisionEnable"; static const char* PERMISSION_DISTRIBUTED_SCENE_ENABLE = "distributedSceneEnable"; -static const char* PERMISSION_LABEL = "label"; -static const char* PERMISSION_DESCRIPTION = "description"; static const char* AVAILABLE_TYPE_NORMAL_HAP = "NORMAL"; static const char* AVAILABLE_TYPE_SYSTEM_HAP = "SYSTEM"; static const char* AVAILABLE_TYPE_MDM = "MDM"; @@ -534,7 +532,7 @@ static int32_t GetPermissionGrantMode(const std::string &mode) static void FromJsonPermissionDefParseRet(const CJson *j, PermissionDefParseRet& result) { result.isSuccessful = false; - PermissionDef permDef; + PermissionDefData permDef; if (!GetStringFromJson(j, PERMISSION_NAME, permDef.permissionName) || !DataValidator::IsProcessNameValid(permDef.permissionName)) { return; @@ -567,24 +565,17 @@ static void FromJsonPermissionDefParseRet(const CJson *j, PermissionDefParseRet& if (!GetBoolFromJson(j, PERMISSION_DISTRIBUTED_SCENE_ENABLE, permDef.distributedSceneEnable)) { return; } - permDef.bundleName = "system_ability"; if (permDef.grantMode == AccessToken::GrantMode::SYSTEM_GRANT) { result.permDef = permDef; result.isSuccessful = true; return; } - if (!GetStringFromJson(j, PERMISSION_LABEL, permDef.label)) { - return; - } - if (!GetStringFromJson(j, PERMISSION_DESCRIPTION, permDef.description)) { - return; - } result.permDef = permDef; result.isSuccessful = true; return; } -static bool CheckPermissionDefRules(const PermissionDef& permDef) +static bool CheckPermissionDefRules(const PermissionDefData& permDef) { // Extension permission support permission for service only. if (permDef.availableType != AccessToken::ATokenAvailableTypeEnum::SERVICE) { @@ -595,7 +586,7 @@ static bool CheckPermissionDefRules(const PermissionDef& permDef) } static int32_t GetPermissionDefList(const CJsonUnique &json, const std::string& permsRawData, - const std::string& type, std::vector& permDefList) + const std::string& type, std::vector& permDefList) { cJSON *JsonData = GetArrayFromJson(json.get(), type); if (JsonData == nullptr) { @@ -620,7 +611,7 @@ static int32_t GetPermissionDefList(const CJsonUnique &json, const std::string& } bool ConfigPolicLoader::ParserPermDefRawData( - const std::string& permsRawData, std::vector& permDefList) + const std::string& permsRawData, std::vector& permDefList) { CJsonUnique jsonRes = CreateJsonFromString(permsRawData); if (jsonRes == nullptr) { @@ -642,7 +633,7 @@ bool ConfigPolicLoader::ParserPermDefRawData( return true; } -int32_t ConfigPolicLoader::GetAllPermissionDef(std::vector& permDefList) +int32_t ConfigPolicLoader::GetAllPermissionDef(std::vector& permDefList) { std::string permsRawData; int32_t ret = ReadCfgFile(DEFINE_PERMISSION_FILE, permsRawData); diff --git a/services/common/json_parse/unittest/json_parse_test.cpp b/services/common/json_parse/unittest/json_parse_test.cpp index 005172b82d479fc3f0b931afa57f123e17b3845f..4b9bad966cb2d6ed4b6b1974095ba2639fb0a98b 100644 --- a/services/common/json_parse/unittest/json_parse_test.cpp +++ b/services/common/json_parse/unittest/json_parse_test.cpp @@ -290,29 +290,26 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest001, TestSize.Level1) R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[)"\ R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\ - R"("label":"$string:test_label_B","description":"$string:test_description_B"}]})"; + R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(testStr, tokenInfos)); EXPECT_EQ(2, permDefList.size()); for (const auto& perm : permDefList) { GTEST_LOG_(INFO) << perm.permissionName.c_str(); - PermissionDefinitionCache::GetInstance().Insert(perm, EXTENSION_PERMISSION_ID); + PermissionDefinitionCache::GetInstance().Insert(perm); } EXPECT_TRUE(PermissionDefinitionCache::GetInstance().HasDefinition(SYSTEM_PERMISSION_A)); EXPECT_TRUE(PermissionDefinitionCache::GetInstance().HasDefinition(USER_PERMISSION_B)); - PermissionDef permissionDefResult; + PermissionDefData permissionDefResult; PermissionManager::GetInstance().GetDefPermission(SYSTEM_PERMISSION_A, permissionDefResult); EXPECT_EQ(SYSTEM_GRANT, permissionDefResult.grantMode); EXPECT_EQ(APL_SYSTEM_BASIC, permissionDefResult.availableLevel); EXPECT_EQ(SERVICE, permissionDefResult.availableType); EXPECT_EQ(true, permissionDefResult.provisionEnable); EXPECT_EQ(false, permissionDefResult.distributedSceneEnable); - EXPECT_EQ("", permissionDefResult.label); - EXPECT_EQ("", permissionDefResult.description); PermissionManager::GetInstance().GetDefPermission(USER_PERMISSION_B, permissionDefResult); EXPECT_EQ(USER_GRANT, permissionDefResult.grantMode); @@ -320,8 +317,6 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest001, TestSize.Level1) EXPECT_EQ(SERVICE, permissionDefResult.availableType); EXPECT_EQ(true, permissionDefResult.provisionEnable); EXPECT_EQ(false, permissionDefResult.distributedSceneEnable); - EXPECT_EQ("$string:test_label_B", permissionDefResult.label); - EXPECT_EQ("$string:test_description_B", permissionDefResult.description); } /** @@ -336,7 +331,7 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest002, TestSize.Level1) R"({"name":"ohos.permission.xxxxxxxxxxxxxxxxxxxxxxxxxx",)"\ R"("xxxxxxxxxxxxxxxxxxxxxxxxxx":"$string:test_description_B"}]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_FALSE(loader.ParserPermsRawData(testStr, tokenInfos)); } @@ -354,13 +349,12 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest003, TestSize.Level1) R"({"name":"ohos.permission.PermDefParserTestA","grantMode":"system_grant","availableLevel":"system_basic",)"\ R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_FALSE(loader.ParserPermsRawData(permsRawData, permDefList)); permsRawData = R"({"userGrantPermissions":[)"\ R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\ - R"("label":"$string:test_label_B","description":"$string:test_description_B"}]})"; + R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}]})"; ret = parser.ParserPermsRawData(permsRawData, permDefList); ASSERT_FALSE(loader.ParserPermsRawData(permsRawData, permDefList)); } @@ -378,7 +372,7 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest004, TestSize.Level1) R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); @@ -417,23 +411,14 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest005, TestSize.Level1) R"("availableType":"SERVICE","distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); permsRawData = R"({"systemGrantPermissions":[],)"\ R"("userGrantPermissions":[)"\ R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\ - R"("description":"$string:test_description_B"}]})"; - ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); - EXPECT_EQ(0, permDefList.size()); - - permsRawData = R"({"systemGrantPermissions":[],)"\ - R"("userGrantPermissions":[)"\ - R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,})"\ - R"("label":"$string:test_label_B"]})"; + R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}]})"; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); } @@ -451,7 +436,7 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest006, TestSize.Level1) R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); @@ -490,7 +475,7 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest007, TestSize.Level1) R"("availableType":"SERVICE","provisionEnable":"true","distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); @@ -500,22 +485,6 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest007, TestSize.Level1) R"("userGrantPermissions":[]})"; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); - - permsRawData = R"({"systemGrantPermissions":[],)"\ - R"("userGrantPermissions":[)"\ - R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,"label":123,)"\ - R"("description":"$string:test_description_B"}]})"; - ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); - EXPECT_EQ(0, permDefList.size()); - - permsRawData = R"({"systemGrantPermissions":[],)"\ - R"("userGrantPermissions":[)"\ - R"({"name":"ohos.permission.PermDefParserTestB","grantMode":"user_grant","availableLevel":"system_basic",)"\ - R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false,)"\ - R"("label":"$string:test_label_B","description":123}]})"; - ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); - EXPECT_EQ(0, permDefList.size()); } /** @@ -531,7 +500,7 @@ HWTEST_F(JsonParseTest, ParserPermsRawDataTest008, TestSize.Level1) R"("availableType":"SERVICE","provisionEnable":true,"distributedSceneEnable":false}],)"\ R"("userGrantPermissions":[]})"; ConfigPolicLoader loader; - std::vector permDefList; + std::vector permDefList; ASSERT_TRUE(loader.ParserPermsRawData(permsRawData, permDefList)); EXPECT_EQ(0, permDefList.size()); diff --git a/test/fuzztest/innerkits/accesstoken/BUILD.gn b/test/fuzztest/innerkits/accesstoken/BUILD.gn index ddeecb6867d36b02697e8893df071d2ad1018f2c..8b1334097bcf3cbf52c7894cda6ffa3d741faee8 100644 --- a/test/fuzztest/innerkits/accesstoken/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/BUILD.gn @@ -26,7 +26,6 @@ group("fuzztest") { "deletetoken_fuzzer:DeleteTokenFuzzTest", "dumptokeninfo_fuzzer:DumpTokenInfoFuzzTest", "getdefpermission_fuzzer:GetDefPermissionFuzzTest", - "getdefpermissions_fuzzer:GetDefPermissionsFuzzTest", "gethapdlpflag_fuzzer:GetHapDlpFlagFuzzTest", "gethaptokenid_fuzzer:GetHapTokenIDFuzzTest", "gethaptokeninfo_fuzzer:GetHapTokenInfoFuzzTest", diff --git a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/BUILD.gn deleted file mode 100644 index 821045397b349aaf856991de1272f0325082884a..0000000000000000000000000000000000000000 --- a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/BUILD.gn +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") - -ohos_fuzztest("GetDefPermissionsFuzzTest") { - module_out_path = module_output_path_interface_access_token - fuzz_config_file = "." - include_dirs = [ - "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/test/fuzztest/common", - ] - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - sources = [ "getdefpermissions_fuzzer.cpp" ] - deps = [ - "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - ] - - configs = [ "${access_token_path}/config:coverage_flags" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] -} diff --git a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/corpus/init b/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/corpus/init deleted file mode 100644 index 1b910144fb1ff33a40a44b1d2a491b1ab05b598b..0000000000000000000000000000000000000000 --- a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/corpus/init +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp deleted file mode 100644 index 26b374a1bd01166db4d08acf9292b5c4e9b39b27..0000000000000000000000000000000000000000 --- a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.cpp +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "getdefpermissions_fuzzer.h" - -#include -#include -#include -#include "accesstoken_fuzzdata.h" -#undef private -#include "accesstoken_kit.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { - bool GetDefPermissionsFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - AccessTokenFuzzData fuzzData(data, size); - std::vector permDefList; - int32_t result = AccessTokenKit::GetDefPermissions(fuzzData.GetData(), permDefList); - - return result == RET_SUCCESS; - } -} - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::GetDefPermissionsFuzzTest(data, size); - return 0; -} - diff --git a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h b/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h deleted file mode 100644 index a4909408e621429f94c89ff19714fa9ae9d2f994..0000000000000000000000000000000000000000 --- a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/getdefpermissions_fuzzer.h +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H -#define TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H - -#include -#include -#include -#include -#include -#include - -#define FUZZ_PROJECT_NAME "getdefpermissions_fuzzer" - -#endif // TEST_FUZZTEST_GETDEFPERMISSIONS_FUZZER_H diff --git a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/project.xml b/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/project.xml deleted file mode 100644 index 6e8ad2cfde8f8bda4beb6cabbe7efd8bc3c54eec..0000000000000000000000000000000000000000 --- a/test/fuzztest/innerkits/accesstoken/getdefpermissions_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - -