diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 92cd94d658539fe4c488c3de7f851b8d8ab01d77..d770f028cde062023426d240d3fa025f3678242f 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -417,6 +417,13 @@ bool PermissionRecordManager::CheckPermissionUsedRecordToggleStatus(int32_t user int32_t PermissionRecordManager::AddPermissionUsedRecord(const AddPermParamInfo& info) { + if (AccessTokenKit::GetTokenTypeFlag(info.tokenId) == TOKEN_NATIVE) { + LOGD(PRI_DOMAIN, PRI_TAG, "native (%{public}d).", info.tokenId); + bool isGrant = (AccessTokenKit::VerifyAccessToken(info.tokenId, "ohos.permission.MICROPHONE_BACKGROUND") == PERMISSION_GRANTED) && + (AccessTokenKit::VerifyAccessToken(info.tokenId, "ohos.permission.CAMERA_BACKGROUND") == PERMISSION_GRANTED); + return isGrant ? Constant::SUCCESS : PrivacyError::ERR_PARAM_INVALID; + } + HapTokenInfo tokenInfo; if (AccessTokenKit::GetHapTokenInfo(info.tokenId, tokenInfo) != Constant::SUCCESS) { LOGE(PRI_DOMAIN, PRI_TAG, "Invalid tokenId(%{public}d).", info.tokenId); @@ -1303,6 +1310,14 @@ int32_t PermissionRecordManager::StartUsingPermission(const PermissionUsedTypeIn LOGI(PRI_DOMAIN, PRI_TAG, "Id: %{public}u, pid: %{public}d, perm: %{public}s, type: %{public}d, callerPid: %{public}d.", tokenId, info.pid, permissionName.c_str(), info.type, callerPid); + + if (AccessTokenKit::GetTokenTypeFlag(tokenId) == TOKEN_NATIVE) { + LOGD(PRI_DOMAIN, PRI_TAG, "native (%{public}d).", tokenId); + bool isGrant = (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.MICROPHONE_BACKGROUND") == PERMISSION_GRANTED) && + (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.CAMERA_BACKGROUND") == PERMISSION_GRANTED); + return isGrant ? Constant::SUCCESS : PrivacyError::ERR_PARAM_INVALID; + } + if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { LOGD(PRI_DOMAIN, PRI_TAG, "Not hap(%{public}d).", tokenId); return PrivacyError::ERR_PARAM_INVALID; @@ -1376,6 +1391,13 @@ int32_t PermissionRecordManager::StartUsingPermission(const PermissionUsedTypeIn int32_t PermissionRecordManager::StopUsingPermission( AccessTokenID tokenId, int32_t pid, const std::string& permissionName, int32_t callerPid) { + if (AccessTokenKit::GetTokenTypeFlag(tokenId) == TOKEN_NATIVE) { + LOGD(PRI_DOMAIN, PRI_TAG, "native (%{public}d).", tokenId); + bool isGrant = (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.MICROPHONE_BACKGROUND") == PERMISSION_GRANTED) && + (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.CAMERA_BACKGROUND") == PERMISSION_GRANTED); + return isGrant ? Constant::SUCCESS : PrivacyError::ERR_PARAM_INVALID; + } + if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { LOGD(PRI_DOMAIN, PRI_TAG, "Not hap(%{public}d).", tokenId); return PrivacyError::ERR_PARAM_INVALID; @@ -1459,6 +1481,13 @@ bool PermissionRecordManager::IsAllowedUsingMicrophone(AccessTokenID tokenId, in bool PermissionRecordManager::IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName, int32_t pid) { + if (AccessTokenKit::GetTokenTypeFlag(tokenId) == TOKEN_NATIVE) { + LOGD(PRI_DOMAIN, PRI_TAG, "native (%{public}d).", tokenId); + bool isGrant = (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.MICROPHONE_BACKGROUND") == PERMISSION_GRANTED) && + (AccessTokenKit::VerifyAccessToken(tokenId, "ohos.permission.CAMERA_BACKGROUND") == PERMISSION_GRANTED); + return isGrant; + } + if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { LOGD(PRI_DOMAIN, PRI_TAG, "Id(%{public}d) is not hap.", tokenId); return false;