From fc8b602a75a7c2b192bf92f095da5c3ad9525808 Mon Sep 17 00:00:00 2001 From: lanhaoyu Date: Fri, 7 Mar 2025 12:55:16 +0800 Subject: [PATCH] add code Signed-off-by: lanhaoyu --- access_token.gni | 6 + bundle.json | 6 +- frameworks/js/arkts/BUILD.gn | 24 ++++ frameworks/js/arkts/accesstoken/BUILD.gn | 66 ++++++++++ .../arkts/abilityAccessCtrlAni.ets | 102 +++++++++++++++ .../js/arkts/accesstoken/arktsconfig.json | 28 +++++ .../native/ani_ability_access_ctrl.cpp | 90 +++++++++++++ .../common/arkts/PermissionRequestResult.ets | 118 ++++++++++++++++++ .../js/arkts/common/arkts/permissions.ets | 36 ++++++ frameworks/js/arkts/privacy/BUILD.gn | 68 ++++++++++ .../arkts/privacy/arkts/privacyManagerAni.ets | 106 ++++++++++++++++ frameworks/js/arkts/privacy/arktsconfig.json | 25 ++++ .../privacy/native/ani_privacy_manager.cpp | 112 +++++++++++++++++ 13 files changed, 785 insertions(+), 2 deletions(-) create mode 100644 frameworks/js/arkts/BUILD.gn create mode 100644 frameworks/js/arkts/accesstoken/BUILD.gn create mode 100644 frameworks/js/arkts/accesstoken/arkts/abilityAccessCtrlAni.ets create mode 100644 frameworks/js/arkts/accesstoken/arktsconfig.json create mode 100644 frameworks/js/arkts/accesstoken/native/ani_ability_access_ctrl.cpp create mode 100644 frameworks/js/arkts/common/arkts/PermissionRequestResult.ets create mode 100644 frameworks/js/arkts/common/arkts/permissions.ets create mode 100644 frameworks/js/arkts/privacy/BUILD.gn create mode 100644 frameworks/js/arkts/privacy/arkts/privacyManagerAni.ets create mode 100644 frameworks/js/arkts/privacy/arktsconfig.json create mode 100644 frameworks/js/arkts/privacy/native/ani_privacy_manager.cpp diff --git a/access_token.gni b/access_token.gni index 3c8f3ea55..dee74ca93 100644 --- a/access_token.gni +++ b/access_token.gni @@ -34,6 +34,12 @@ if (vendor_config_exist) { access_token_impl_include_dirs = [] } +if (product_name != "qemu-arm-linux-min") { + qemu_disable = true +} else { + qemu_disable = false +} + if (!defined(global_parts_info) || defined(global_parts_info.distributedhardware_device_manager)) { token_sync_enable = true diff --git a/bundle.json b/bundle.json index 207d968ef..49cabb8dc 100644 --- a/bundle.json +++ b/bundle.json @@ -57,7 +57,8 @@ "selinux_adapter", "sqlite", "window_manager", - "zlib" + "zlib", + "runtime_core" ], "third_party": [] }, @@ -69,7 +70,8 @@ "fwk_group": [ "//base/security/access_token/interfaces/kits/capi:capi_packages", "//base/security/access_token/interfaces/kits/cj:cj_packages", - "//base/security/access_token/frameworks/js/napi:napi_packages" + "//base/security/access_token/frameworks/js/napi:napi_packages", + "//base/security/access_token/frameworks/js/arkts:arkts_package" ], "service_group": [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", diff --git a/frameworks/js/arkts/BUILD.gn b/frameworks/js/arkts/BUILD.gn new file mode 100644 index 000000000..36b54ec50 --- /dev/null +++ b/frameworks/js/arkts/BUILD.gn @@ -0,0 +1,24 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//base/security/access_token/access_token.gni") + +group("arkts_package") { + deps = [] + if (qemu_disable) { + deps += [ + "accesstoken:accesstoken_arkts", + "privacy:privacy_manager_arkts", + ] + } +} diff --git a/frameworks/js/arkts/accesstoken/BUILD.gn b/frameworks/js/arkts/accesstoken/BUILD.gn new file mode 100644 index 000000000..a62190e08 --- /dev/null +++ b/frameworks/js/arkts/accesstoken/BUILD.gn @@ -0,0 +1,66 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//base/security/access_token/access_token.gni") +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//build/ohos.gni") +import("//build/ohos/ace/ace.gni") + +ohos_shared_library("ani_ability_access_ctrl") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + cflags_cc = [ "-DHILOG_ENABLE" ] + include_dirs = [ + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/privacy/include", + ] + sources = [ "native/ani_ability_access_ctrl.cpp" ] + + deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + + external_deps = [ + "hilog:libhilog", + "runtime_core:ani", + ] + + part_name = "access_token" + subsystem_name = "security" +} + +generate_static_abc("ability_access_ctrl_abc") { + arktsconfig = "arktsconfig.json" + dst_file = "$target_out_dir/ability_access_ctrl_ani.abc" + out_puts = [ "$target_out_dir/ability_access_ctrl_ani.abc" ] + + is_boot_abc = "True" + device_dst_file = "/system/framework/ability_access_ctrl_ani.abc" +} + +ohos_prebuilt_etc("ability_access_ctrl_abc_file") { + source = "$target_out_dir/ability_access_ctrl_ani.abc" + deps = [ ":ability_access_ctrl_abc" ] + module_install_dir = "framework" + part_name = "access_token" + subsystem_name = "security" +} + +group("accesstoken_arkts") { + deps = [ + ":ability_access_ctrl_abc_file", + ":ani_ability_access_ctrl", + ] +} diff --git a/frameworks/js/arkts/accesstoken/arkts/abilityAccessCtrlAni.ets b/frameworks/js/arkts/accesstoken/arkts/abilityAccessCtrlAni.ets new file mode 100644 index 000000000..e0538b45d --- /dev/null +++ b/frameworks/js/arkts/accesstoken/arkts/abilityAccessCtrlAni.ets @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { Permissions } from 'permissions'; +import { PermissionRequestResult } from 'PermissionRequestResult'; + +export { Permissions, PermissionRequestResult }; + +export class BusinessError { + code: number; + data: T; +} + +type AsyncCallback = (err: BusinessError, data: T) => void; + +class Result{ + result:T; + error:E; + constructor(result: T , error: E) { + this.result = result; + this.error = error; + } +} + +export namespace abilityAccessCtrl { + + loadLibrary("ani_ability_access_ctrl.z"); + + export enum GrantStatus { + + PERMISSION_DENIED = -1, + + PERMISSION_GRANTED = 0 + } + + export enum PermissionRequestToggleStatus { + + CLOSED = 0, + + OPEN = 1, + } + + export enum PermissionStatus { + + DENIED = -1, + + GRANTED = 0, + + NOT_DETERMINED = 1, + + INVALID = 2, + + RESTRICTED = 3 + } + + interface PermissionStateChangeInfo { + + change: PermissionStateChangeType; + + tokenID: number; + + permissionName: Permissions; + } + + export enum PermissionStateChangeType { + + PERMISSION_REVOKED_OPER = 0, + + PERMISSION_GRANTED_OPER = 1 + } + + export enum SwitchType { + + CAMERA = 0, + + MICROPHONE = 1, + + LOCATION = 2, + } + + export native function createAtManager(): AtManager; + + interface AtManager { + + } + + class AtManagerInner implements AtManager { + + } +} \ No newline at end of file diff --git a/frameworks/js/arkts/accesstoken/arktsconfig.json b/frameworks/js/arkts/accesstoken/arktsconfig.json new file mode 100644 index 000000000..fa81e9dca --- /dev/null +++ b/frameworks/js/arkts/accesstoken/arktsconfig.json @@ -0,0 +1,28 @@ +{ + "compilerOptions": { + "package": "", + "baseUrl": ".", + "outDir": "./out", + "paths": { + "std": [ + "../../../../../../../arkcompiler/runtime_core/static_core/plugins/ets/stdlib/std" + ], + "escompat": [ + "../../../../../../../arkcompiler/runtime_core/static_core/plugins/ets/stdlib/escompat" + ], + "@kit.abilityAccessCtrlAni": [ + "./arkts/abilityAccessCtrlAni.ets" + ], + "permissions": [ + "../common/arkts/permissions.ets" + ], + "PermissionRequestResult": [ + "../common/arkts/PermissionRequestResult.ets" + ] + } + }, + "include": [ + "./arkts/*.ets", + "../common/arkts/*.ets" + ] +} \ No newline at end of file diff --git a/frameworks/js/arkts/accesstoken/native/ani_ability_access_ctrl.cpp b/frameworks/js/arkts/accesstoken/native/ani_ability_access_ctrl.cpp new file mode 100644 index 000000000..d86227408 --- /dev/null +++ b/frameworks/js/arkts/accesstoken/native/ani_ability_access_ctrl.cpp @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "accesstoken_log.h" +#include "ani.h" + +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AniAbilityAccessCtrl" }; + +static ani_object CreateAtManager([[maybe_unused]] ani_env *env, [[maybe_unused]] ani_object object) +{ + ani_object atManagerObj = {}; + if (env == nullptr || object == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr env or object"); + return atManagerObj; + } + + static const char *className = "LabilityAccessCtrlAni/abilityAccessCtrl/AtManagerInner;"; + ani_class cls; + if (ANI_OK != env->FindClass(className, &cls)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Not found %{public}s", className); + return atManagerObj; + } + + ani_method ctor; + if (ANI_OK != env->Class_FindMethod(cls, "", nullptr, &ctor)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "get ctor Failed %{public}s", className); + return atManagerObj; + } + + if (ANI_OK != env->Object_New(cls, ctor, &atManagerObj)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Create Object Failed %{public}s", className); + return atManagerObj; + } + + return atManagerObj; +} + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "ANI_Constructor called"); + if (vm == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr vm"); + return ANI_INVALID_ARGS; + } + + ani_env *env; + if (ANI_OK != vm->GetEnv(ANI_VERSION_1, &env)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Unsupported ANI_VERSION_1"); + return ANI_OUT_OF_MEMORY; + } + + if (env == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr env"); + return ANI_NOT_FOUND; + } + + const char *spaceName = "LabilityAccessCtrlAni/abilityAccessCtrl;"; + ani_namespace spc; + if (ANI_OK != env->FindNamespace(spaceName, &spc)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Not found %{public}s", spaceName); + return ANI_NOT_FOUND; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "array methods called"); + std::array methods = { + ani_native_function{ "createAtManager", nullptr, reinterpret_cast(CreateAtManager) }, + }; + + if (ANI_OK != env->Namespace_BindNativeFunctions(spc, methods.data(), methods.size())) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind native methods to %{public}s", spaceName); + return ANI_ERROR; + }; + + *result = ANI_VERSION_1; + return ANI_OK; +} \ No newline at end of file diff --git a/frameworks/js/arkts/common/arkts/PermissionRequestResult.ets b/frameworks/js/arkts/common/arkts/PermissionRequestResult.ets new file mode 100644 index 000000000..73f1987e4 --- /dev/null +++ b/frameworks/js/arkts/common/arkts/PermissionRequestResult.ets @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"), + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @kit AbilityKit + */ + +/** + * The result of requestPermissionsFromUser with asynchronous callback. + * + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @since 9 + */ +/** + * The result of requestPermissionsFromUser with asynchronous callback. + * + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @since 10 + */ +/** + * The result of requestPermissionsFromUser with asynchronous callback. + * + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @atomicservice + * @since 11 + */ +export class PermissionRequestResult { + /** + * The permissions passed in by the user. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @since 9 + */ + /** + * The permissions passed in by the user. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @since 10 + */ + /** + * The permissions passed in by the user. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @atomicservice + * @since 11 + */ + permissions: Array = new Array(); + + /** + * The results for the corresponding request permissions. The value 0 indicates that a + * permission is granted, the value -1 indicates not, and the value 2 indicates the request is invalid. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @since 9 + */ + /** + * The results for the corresponding request permissions. The value 0 indicates that a + * permission is granted, the value -1 indicates not, and the value 2 indicates the request is invalid. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @since 10 + */ + /** + * The results for the corresponding request permissions. The value 0 indicates that a + * permission is granted, the value -1 indicates not, and the value 2 indicates the request is invalid. + * + * @type { Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @crossplatform + * @atomicservice + * @since 11 + */ + authResults: Array = new Array(); + + /** + * Specifies whether a dialog box is shown for each requested permission. + * The value true means that a dialog box is shown, and false means the opposite. + * + * @type { ?Array } + * @syscap SystemCapability.Security.AccessToken + * @stagemodelonly + * @atomicservice + * @since 12 + */ + dialogShownResults?: Array; +} \ No newline at end of file diff --git a/frameworks/js/arkts/common/arkts/permissions.ets b/frameworks/js/arkts/common/arkts/permissions.ets new file mode 100644 index 000000000..c06103b96 --- /dev/null +++ b/frameworks/js/arkts/common/arkts/permissions.ets @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file Defines all permissions. + * @kit AbilityKit + */ + +/** + * Indicates permissions. + * + * @typedef { string } + * @syscap SystemCapability.Security.AccessToken + * @since 9 + */ + /** + * Indicates permissions. + * + * @typedef { string } + * @syscap SystemCapability.Security.AccessToken + * @atomicservice + * @since 11 + */ +export type Permissions = string; \ No newline at end of file diff --git a/frameworks/js/arkts/privacy/BUILD.gn b/frameworks/js/arkts/privacy/BUILD.gn new file mode 100644 index 000000000..84b93b08f --- /dev/null +++ b/frameworks/js/arkts/privacy/BUILD.gn @@ -0,0 +1,68 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//base/security/access_token/access_token.gni") +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//build/ohos.gni") +import("//build/ohos/ace/ace.gni") + +ohos_shared_library("ani_privacy_manager") { + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + + cflags_cc = [ "-DHILOG_ENABLE" ] + include_dirs = [ + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/privacy/include", + ] + sources = [ "native/ani_privacy_manager.cpp" ] + + deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + + external_deps = [ + "hilog:libhilog", + "runtime_core:ani", + ] + + part_name = "access_token" + subsystem_name = "security" +} + +generate_static_abc("privacy_manager_abc") { + arktsconfig = "arktsconfig.json" + dst_file = "$target_out_dir/privacy_manager_ani.abc" + out_puts = [ "$target_out_dir/privacy_manager_ani.abc" ] + + is_boot_abc = "True" + device_dst_file = "/system/framework/privacy_manager_ani.abc" +} + +ohos_prebuilt_etc("privacy_manager_abc_file") { + source = "$target_out_dir/privacy_manager_ani.abc" + deps = [ ":privacy_manager_abc" ] + module_install_dir = "framework" + + part_name = "access_token" + subsystem_name = "security" +} + +group("privacy_manager_arkts") { + deps = [ + ":ani_privacy_manager", + ":privacy_manager_abc_file", + ] +} diff --git a/frameworks/js/arkts/privacy/arkts/privacyManagerAni.ets b/frameworks/js/arkts/privacy/arkts/privacyManagerAni.ets new file mode 100644 index 000000000..34295a75b --- /dev/null +++ b/frameworks/js/arkts/privacy/arkts/privacyManagerAni.ets @@ -0,0 +1,106 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { Permissions } from 'permissions'; + +export class BusinessError { + code: number; + data: T; + } + + export { Permissions } + + type AsyncCallback = (err: BusinessError, data: T) => void; + + class Result{ + result:T; + error:E; + constructor(result: T , error: E) { + this.result = result; + this.error = error; + } + } + export namespace privacyManager { + + loadLibrary("ani_privacy_manager.z"); + + export enum PermissionUsedType { + + NORMAL_TYPE = 0, + + PICKER_TYPE = 1, + + SECURITY_COMPONENT_TYPE = 2 + } + + export class AddPermissionUsedRecordOptions { + usedType: PermissionUsedType; + } + + export class PrivacyManagerInner { + + native addPermissionUsedRecordSync(tokenID: int, permissionName: Permissions, successCount: int, failCount: int, + options: AddPermissionUsedRecordOptions): int; + + } + + interface UsedRecordDetail { + + status: number; + + lockScreenStatus?: number; + + timestamp: number; + + count?: number; + + accessDuration: number; + + usedType?: PermissionUsedType; + } + + interface PermissionUsedTypeInfo { + + tokenId: number; + + permissionName: Permissions; + + usedType: PermissionUsedType; + } + + + export function addPermissionUsedRecord(tokenID: int, permissionName: string, successCount: int, failCount: int, + options?: AddPermissionUsedRecordOptions): Promise { + + let optionsLocal: AddPermissionUsedRecordOptions = { + usedType: PermissionUsedType.NORMAL_TYPE + }; + let optionsTmp = options ? options : optionsLocal + let p = new Promise((resolve: (v: int) => void, reject: (error: Object) => void) => { + let p1 = taskpool.execute((): int => { return new PrivacyManagerInner().addPermissionUsedRecordSync(tokenID, + permissionName, successCount, failCount, optionsTmp) }); + + p1.then((e: NullishType) => { + console.log("P1 then e = " + e + "."); + let r: Int = e as Int; + resolve(r.intValue()); + }, (err: Object): void => { + console.log("Test Promise. The promise shouldn`t be rejected."); + }); + } + ); + return p; + } +} diff --git a/frameworks/js/arkts/privacy/arktsconfig.json b/frameworks/js/arkts/privacy/arktsconfig.json new file mode 100644 index 000000000..c8f0f8c42 --- /dev/null +++ b/frameworks/js/arkts/privacy/arktsconfig.json @@ -0,0 +1,25 @@ +{ + "compilerOptions": { + "package": "", + "baseUrl": ".", + "outDir": "./out", + "paths": { + "std": [ + "../../../../../../../arkcompiler/runtime_core/static_core/plugins/ets/stdlib/std" + ], + "escompat": [ + "../../../../../../../arkcompiler/runtime_core/static_core/plugins/ets/stdlib/escompat" + ], + "@kit.privacyManagerAni": [ + "./arkts/privacyManagerAni.ets" + ], + "permissions": [ + "../common/arkts/permissions.ets" + ] + } + }, + "include": [ + "./arkts/*.ets", + "../common/arkts/*.ets" + ] +} \ No newline at end of file diff --git a/frameworks/js/arkts/privacy/native/ani_privacy_manager.cpp b/frameworks/js/arkts/privacy/native/ani_privacy_manager.cpp new file mode 100644 index 000000000..fa07d4b0c --- /dev/null +++ b/frameworks/js/arkts/privacy/native/ani_privacy_manager.cpp @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "accesstoken_log.h" +#include "ani.h" +#include "privacy_error.h" +#include "privacy_kit.h" + +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AniPrivacyManager" }; + +static int AddPermissionUsedRecordSync( + ani_int tokenID, std::string &permissionName, ani_int successCount, ani_int failCount, ani_int ntype) +{ + OHOS::Security::AccessToken::AddPermParamInfo info; + info.tokenId = tokenID; + info.permissionName = permissionName; + info.successCount = successCount; + info.failCount = failCount; + info.type = (OHOS::Security::AccessToken::PermissionUsedType)ntype; + ACCESSTOKEN_LOG_INFO(LABEL, "call addPermissionUsedRecord %{public}d", info.type); + auto retCode = OHOS::Security::AccessToken::PrivacyKit::AddPermissionUsedRecord(info); + ACCESSTOKEN_LOG_INFO(LABEL, "call addPermissionUsedRecord %{public}d", retCode); + return retCode; +} + +static ani_int AddPermissionUsedRecord([[maybe_unused]] ani_env *env, [[maybe_unused]] ani_object object, + ani_int tokenID, ani_string permissionName, ani_int successCount, ani_int failCount, ani_object options) +{ + + if (env == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr vm"); + return OHOS::Security::AccessToken::PrivacyError::ERR_PARAM_INVALID; + } + + ani_size strSize; + env->String_GetUTF8Size(permissionName, &strSize); + + std::vector buffer(strSize + 1); + char *utf8Buffer = buffer.data(); + + ani_size bytesWritten = 0; + env->String_GetUTF8(permissionName, utf8Buffer, strSize + 1, &bytesWritten); + + utf8Buffer[bytesWritten] = '\0'; + std::string content = std::string(utf8Buffer); + ACCESSTOKEN_LOG_INFO(LABEL, "permissionName Get %{public}s", content.c_str()); + + ani_int usedTypeRef = 0; + if (ANI_OK != env->Object_GetFieldByName_Int(options, "usedType", &usedTypeRef)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Object_GetFieldByName_Ref Faild"); + return OHOS::Security::AccessToken::PrivacyError::ERR_PARAM_INVALID; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "Object_GetFieldByName_Ref usedTypeRef:%{public}d", usedTypeRef); + + return AddPermissionUsedRecordSync(tokenID, content, successCount, failCount, usedTypeRef); +} + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "ANI_Constructor called"); + if (vm == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr vm"); + return ANI_INVALID_ARGS; + } + ani_env *env; + if (ANI_OK != vm->GetEnv(ANI_VERSION_1, &env)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Unsupported ANI_VERSION_1"); + return ANI_OUT_OF_MEMORY; + } + + if (env == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "nullptr env"); + return ANI_NOT_FOUND; + } + + const char *className = "LprivacyManagerAni/privacyManager/PrivacyManagerInner;"; + ani_class cls; + if (ANI_OK != env->FindClass(className, &cls)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Not found %{public}s", className); + return ANI_NOT_FOUND; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "array methods called"); + std::array methods = { + ani_native_function{ "addPermissionUsedRecordSync", + "ILstd/core/String;IILprivacyManagerAni/privacyManager/AddPermissionUsedRecordOptions;:I", + reinterpret_cast(AddPermissionUsedRecord) }, + }; + + if (ANI_OK != env->Class_BindNativeMethods(cls, methods.data(), methods.size())) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind native methods to %{public}s", className); + return ANI_ERROR; + }; + + *result = ANI_VERSION_1; + return ANI_OK; +} \ No newline at end of file -- Gitee