diff --git a/BUILD.gn b/BUILD.gn index 72be0780cac8c3b7f10750390bdbfc24cea5b09f..e7fb8303d0cc902aa0829d5b22a50e429bc32e62 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -19,6 +19,7 @@ group("accesstoken_build_module_test") { deps = [] if (is_standard_system) { deps += [ + "frameworks/json_adapter/test:unittest", "frameworks/test/unittest:unittest", "interfaces/inner_api/el5filekeymanager/test:unittest", "interfaces/innerkits/accesstoken/test:unittest", @@ -30,7 +31,6 @@ group("accesstoken_build_module_test") { "services/accesstokenmanager/test:unittest", "services/common/database/test:unittest", "services/common/dfx/test:unittest", - "services/common/json_parse/test:unittest", ] if (ability_base_enable == true) { deps += [ diff --git a/access_token.gni b/access_token.gni index db3bcb1891efba0c0282a3574b961fb14bfc763f..0862cb3aec5755db6a9abaf24ccaea0e4648acdc 100644 --- a/access_token.gni +++ b/access_token.gni @@ -151,4 +151,4 @@ if ("${target_platform}" == "watch" || "${target_platform}" == "wearable") { light_device_enable = true } else { light_device_enable = false -} \ No newline at end of file +} diff --git a/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp b/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp index 646d499689930430dee4e45d741f75e152cae0b7..8bb4f77f117b1fbe8560894495da12df016af5ce 100644 --- a/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp +++ b/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp @@ -21,7 +21,6 @@ namespace Security { namespace AccessToken { bool AtmToolsParamInfoParcel::Marshalling(Parcel& out) const { - RETURN_IF_FALSE(out.WriteInt32(this->info.type)); RETURN_IF_FALSE(out.WriteUint32(this->info.tokenId)); RETURN_IF_FALSE(out.WriteString(this->info.permissionName)); RETURN_IF_FALSE(out.WriteString(this->info.bundleName)); @@ -36,9 +35,6 @@ AtmToolsParamInfoParcel* AtmToolsParamInfoParcel::Unmarshalling(Parcel& in) return nullptr; } - int32_t type; - RELEASE_IF_FALSE(in.ReadInt32(type), atmToolsParamInfoParcel); - atmToolsParamInfoParcel->info.type = OptType(type); RELEASE_IF_FALSE(in.ReadUint32(atmToolsParamInfoParcel->info.tokenId), atmToolsParamInfoParcel); atmToolsParamInfoParcel->info.permissionName = in.ReadString(); atmToolsParamInfoParcel->info.bundleName = in.ReadString(); diff --git a/frameworks/json_adapter/BUILD.gn b/frameworks/json_adapter/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..db5a10f419ba4e527dd40c772eca31e6bd396e77 --- /dev/null +++ b/frameworks/json_adapter/BUILD.gn @@ -0,0 +1,55 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("../../access_token.gni") + +config("accesstoken_json_parse_config") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_shared_library("accesstoken_cjson_utils") { + if (is_standard_system) { + subsystem_name = "security" + part_name = "access_token" + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + include_dirs = [ + "include", + "${access_token_path}/frameworks/common/include", + ] + + sources = [ "src/cjson_utils.cpp" ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + public_configs = [ ":accesstoken_json_parse_config" ] + + deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "hilog:libhilog", + ] + } +} diff --git a/services/common/json_parse/include/cjson_utils.h b/frameworks/json_adapter/include/cjson_utils.h similarity index 91% rename from services/common/json_parse/include/cjson_utils.h rename to frameworks/json_adapter/include/cjson_utils.h index 36e48fb7b5461bf56380b440c943ad7453d5e261..214c9e72a70d96c8aa2c1404508bea770a27a707 100644 --- a/services/common/json_parse/include/cjson_utils.h +++ b/frameworks/json_adapter/include/cjson_utils.h @@ -35,12 +35,14 @@ CJsonUnique CreateJsonFromString(const std::string& jsonStr); CJsonUnique CreateJson(void); /* NO Need to call FreeJson to free the returned pointer when it's no longer in use. */ CJsonUnique CreateJsonArray(void); +CJsonUnique CreateJsonString(const std::string& value); void FreeJson(CJson* jsonObj); /* NO Need to call FreeJsonString to free the returned pointer when it's no longer in use. */ std::string PackJsonToString(const CJson* jsonObj); std::string PackJsonToString(const CJsonUnique& jsonObj); void FreeJsonString(char* jsonStr); +std::string JsonToStringFormatted(const CJson* jsonObj, int32_t level = 0); /* * Can't release the returned pointer, otherwise, an exception may occur. @@ -73,10 +75,12 @@ bool AddStringToJson(CJson* jsonObj, const std::string& key, const std::string& bool AddStringToJson(CJsonUnique& jsonObj, const std::string& key, const std::string& value); bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value); bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, const bool value); -bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value); -bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int value); +bool AddIntToJson(CJson* jsonObj, const std::string& key, const int32_t value); +bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int32_t value); bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t value); bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, const uint32_t value); +bool AddInt64ToJson(CJson* jsonObj, const std::string& key, const int64_t value); +bool AddInt64ToJson(CJsonUnique& jsonObj, const std::string& key, const int64_t value); } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/common/json_parse/src/cjson_utils.cpp b/frameworks/json_adapter/src/cjson_utils.cpp similarity index 73% rename from services/common/json_parse/src/cjson_utils.cpp rename to frameworks/json_adapter/src/cjson_utils.cpp index d01db42b62abdb10105e797d7f5dce91cd2872de..340a0c283968b4780deab6f0a7dee7a1d834f5f9 100644 --- a/services/common/json_parse/src/cjson_utils.cpp +++ b/frameworks/json_adapter/src/cjson_utils.cpp @@ -25,7 +25,7 @@ namespace { #define RECURSE_FLAG_TRUE 1 } -CJson *GetItemFromArray(const CJson* jsonArr, int32_t index) +CJson* GetItemFromArray(const CJson* jsonArr, int32_t index) { if (jsonArr == nullptr) { return nullptr; @@ -54,6 +54,12 @@ CJsonUnique CreateJsonArray(void) return aPtr; } +CJsonUnique CreateJsonString(const std::string& value) +{ + CJsonUnique aPtr(cJSON_CreateString(value.c_str()), FreeJson); + return aPtr; +} + void FreeJson(CJson* jsonObj) { cJSON_Delete(jsonObj); @@ -76,6 +82,63 @@ std::string PackJsonToString(const CJsonUnique& jsonObj) return PackJsonToString(jsonObj.get()); } +static std::string GetTabContentString(int32_t level) +{ + std::string str = ""; + for (int32_t i = 0; i < level; ++i) { + str += " "; + } + return str; +} + +std::string JsonToStringFormatted(const CJson* jsonObj, int32_t level) +{ + if (jsonObj == nullptr) { + return ""; + } + std::string str = ""; + CJson* child = nullptr; + switch (jsonObj->type) { + case cJSON_Object: + str += GetTabContentString(level) + "{\n"; + child = jsonObj->child; + while (child != nullptr) { + str += GetTabContentString(level + 2) + "\"" + std::string(child->string) + "\": "; // 2: space + str += JsonToStringFormatted(child, level + 2); // 2: space + str += (child->next != nullptr) ? ",\n" : "\n"; + child = child->next; + } + str += GetTabContentString(level) + "}"; + break; + case cJSON_Array: + str += "[\n"; + child = jsonObj->child; + while (child != nullptr) { + str += JsonToStringFormatted(child, level + 2); // 2: space + str += (child->next != nullptr) ? ",\n" : "\n"; + child = child->next; + } + str += GetTabContentString(level) + "]"; + break; + case cJSON_String: + str += "\"" + std::string(jsonObj->valuestring) + "\""; + break; + case cJSON_Number: + str += std::to_string(static_cast(jsonObj->valuedouble)); + break; + case cJSON_True: + str += "true"; + break; + case cJSON_False: + str += "false"; + break; + default: + str += "unkown type"; + break; + } + return str; +} + void FreeJsonString(char* jsonStr) { if (jsonStr != nullptr) { @@ -85,7 +148,7 @@ void FreeJsonString(char* jsonStr) CJson* GetObjFromJson(const CJson* jsonObj, const std::string& key) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return nullptr; } @@ -103,7 +166,7 @@ CJson* GetObjFromJson(CJsonUnique& jsonObj, const std::string& key) CJson* GetArrayFromJson(const CJson* jsonObj, const std::string& key) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return nullptr; } @@ -145,7 +208,7 @@ bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string return false; } - cJSON *jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); + cJSON* jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); if (jsonObjTmp != nullptr && cJSON_IsString(jsonObjTmp)) { out = cJSON_GetStringValue(jsonObjTmp); return true; @@ -155,7 +218,7 @@ bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string bool GetIntFromJson(const CJson* jsonObj, const std::string& key, int32_t& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -174,7 +237,7 @@ bool GetIntFromJson(const CJsonUnique& jsonObj, const std::string& key, int32_t& bool GetUnsignedIntFromJson(const CJson* jsonObj, const std::string& key, uint32_t& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -193,7 +256,7 @@ bool GetUnsignedIntFromJson(const CJsonUnique& jsonObj, const std::string& key, bool GetBoolFromJson(const CJson* jsonObj, const std::string& key, bool& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -212,7 +275,7 @@ bool GetBoolFromJson(const CJsonUnique& jsonObj, const std::string& key, bool& v bool AddObjToJson(CJson* jsonObj, const std::string& key, const CJson* childObj) { - if (key.empty() || childObj == nullptr) { + if ((jsonObj == nullptr) || key.empty() || (childObj == nullptr)) { return false; } @@ -243,7 +306,7 @@ bool AddObjToJson(CJsonUnique& jsonObj, const std::string& key, CJsonUnique& chi bool AddObjToArray(CJson* jsonArr, CJson* item) { - if (item == nullptr) { + if ((jsonArr == nullptr) || (item == nullptr)) { return false; } @@ -295,9 +358,9 @@ bool AddStringToJson(CJsonUnique& jsonObj, const std::string& key, const std::st return AddStringToJson(jsonObj.get(), key, value); } -bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value) +bool AddBoolToJson(CJson* jsonObj, const std::string& key, bool value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -320,14 +383,14 @@ bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value) return true; } -bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, const bool value) +bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, bool value) { return AddBoolToJson(jsonObj.get(), key, value); } -bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value) +bool AddIntToJson(CJson* jsonObj, const std::string& key, const int32_t value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -350,14 +413,14 @@ bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value) return true; } -bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int value) +bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, int32_t value) { return AddIntToJson(jsonObj.get(), key, value); } bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -380,10 +443,40 @@ bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t return true; } -bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, const uint32_t value) +bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, uint32_t value) { return AddUnsignedIntToJson(jsonObj.get(), key, value); } + +bool AddInt64ToJson(CJson* jsonObj, const std::string& key, int64_t value) +{ + if ((jsonObj == nullptr) || key.empty()) { + return false; + } + + CJson* objInJson = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); + double tmpValue = static_cast(value); + if (objInJson == nullptr) { + if (cJSON_AddNumberToObject(jsonObj, key.c_str(), tmpValue) == nullptr) { + return false; + } + } else { + CJson* tmp = cJSON_CreateNumber(tmpValue); + if (tmp == nullptr) { + return false; + } + if (!cJSON_ReplaceItemInObjectCaseSensitive(jsonObj, key.c_str(), tmp)) { + cJSON_Delete(tmp); + return false; + } + } + return true; +} + +bool AddInt64ToJson(CJsonUnique& jsonObj, const std::string& key, int64_t value) +{ + return AddInt64ToJson(jsonObj.get(), key, value); +} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/frameworks/json_adapter/test/BUILD.gn b/frameworks/json_adapter/test/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..4dc2e6d6424fe10b6ba8a05a0f32b990cfb067ba --- /dev/null +++ b/frameworks/json_adapter/test/BUILD.gn @@ -0,0 +1,68 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../access_token.gni") + +config("accesstoken_json_parse_config") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_unittest("libjsonparse_test") { + subsystem_name = "accesscontrol" + module_out_path = module_output_path_unittest_accesstoken + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + include_dirs = [ + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/frameworks/json_adapter/include", + ] + + sources = [ + "${access_token_path}/frameworks/json_adapter/src/cjson_utils.cpp", + "unittest/cjson_utils_test.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + public_configs = [ ":accesstoken_json_parse_config" ] + + deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + ] + + if (customization_config_policy_enable) { + cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ] + external_deps += [ "config_policy:configpolicy_util" ] + } +} + +group("unittest") { + testonly = true + deps = [ ":libjsonparse_test" ] +} diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/frameworks/json_adapter/test/unittest/cjson_utils_test.cpp similarity index 70% rename from services/common/json_parse/test/unittest/cjson_utils_test.cpp rename to frameworks/json_adapter/test/unittest/cjson_utils_test.cpp index 04c90ca9cb3782853e97a8dd677fb48a2cee37bd..2874509d5285fecfe0f69a93b2ca93117165221d 100644 --- a/services/common/json_parse/test/unittest/cjson_utils_test.cpp +++ b/frameworks/json_adapter/test/unittest/cjson_utils_test.cpp @@ -23,6 +23,46 @@ using namespace testing::ext; namespace OHOS { namespace Security { namespace AccessToken { +namespace { +std::string g_testJsonStr = R"( +{ + "beginTime": 11, + "endTime": 22, + "bundleRecords": [ + { + "tokenId": 123, + "isRemote": false, + "bundleName": "com.ohos.test1", + "permissionRecords": [{ + "permissionName": "ohos.permission.READ_IMAGEVIDEO", + "accessCount": 1, + "secAccessCount": 1, + "rejectCount": 1, + "lastAccessTime": 11, + "lastRejectTime": 22, + "lastAccessDuration": 0, + "accessRecords": [{ + "status": 1, + "lockScreenStatus": 1, + "timestamp": 11, + "duration": 0, + "count": 2, + "usedType": 0 + } + ], + "rejectRecords": [] + }] + }, + { + "tokenId": 234, + "isRemote": true, + "bundleName": "com.ohos.test", + "permissionRecords": [] + } + ] +} +)"; +}; class CJsonUtilsTest : public testing::Test { public: @@ -46,8 +86,11 @@ void CJsonUtilsTest::TearDown() {} */ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3) { - std::string test; - EXPECT_EQ(nullptr, CreateJsonFromString(test)); + std::string test1; + EXPECT_EQ(nullptr, CreateJsonFromString(test1)); + + std::string test2 = "{\"key\":\"value\"}"; + EXPECT_NE(nullptr, CreateJsonFromString(test2)); } /* @@ -59,7 +102,14 @@ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level3) { std::string res = PackJsonToString(nullptr); - EXPECT_EQ(res.size(), 0); + EXPECT_TRUE(res.empty()); + + std::string test = "{\"key\":\"value\"}"; + CJsonUnique json = CreateJsonFromString(test); + EXPECT_NE(nullptr, json); + + res = PackJsonToString(json); + EXPECT_FALSE(res.empty()); FreeJsonString(nullptr); } @@ -276,12 +326,12 @@ HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddStringToJson(nullptr, "", "")); - ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0")); + ASSERT_EQ(false, AddStringToJson(nullptr, "key_string", "test0")); CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); + ASSERT_EQ(true, AddStringToJson(jsonInner, "key_string", "test0")); // twice - ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); + ASSERT_EQ(true, AddStringToJson(jsonInner, "key_string", "test0")); } /* @@ -293,12 +343,12 @@ HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddBoolToJson(nullptr, "", true)); - ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true)); + ASSERT_EQ(false, AddBoolToJson(nullptr, "key_bool", true)); CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); + ASSERT_EQ(true, AddBoolToJson(jsonInner, "key_bool", true)); // twice - ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); + ASSERT_EQ(true, AddBoolToJson(jsonInner, "key_bool", true)); } /* @@ -310,12 +360,12 @@ HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddIntToJson(nullptr, "", 0)); - ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0)); + ASSERT_EQ(false, AddIntToJson(nullptr, "key_int32", 0)); CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddIntToJson(jsonInner, "key_int32", 0)); // twice - ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddIntToJson(jsonInner, "key_int32", 0)); } /* @@ -327,12 +377,56 @@ HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level3) { ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0)); - ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0)); + ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "key_uint32", 0)); + + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "key_uint32", 0)); + // twice + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "key_uint32", 0)); +} + +/* + * @tc.name: AddInt64ToJson + * @tc.desc: AddInt64ToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddInt64ToJsonTest001, TestSize.Level3) +{ + ASSERT_EQ(false, AddInt64ToJson(nullptr, "", 0)); + ASSERT_EQ(false, AddInt64ToJson(nullptr, "key_int64", 0)); CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddInt64ToJson(jsonInner, "key_int64", 0)); // twice - ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddInt64ToJson(jsonInner, "key_int64", 0)); +} + +/* + * @tc.name: JsonToStringFormatted + * @tc.desc: JsonToStringFormatted with json is nullptr + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, JsonToStringFormattedTest001, TestSize.Level3) +{ + std::string str = JsonToStringFormatted(nullptr); + EXPECT_TRUE(str.empty()); +} + +/* + * @tc.name: JsonToStringFormatted + * @tc.desc: JsonToStringFormatted + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, JsonToStringFormattedTest002, TestSize.Level3) +{ + CJsonUnique json = CreateJsonFromString(g_testJsonStr); + EXPECT_NE(nullptr, json.get()); + + std::string str = JsonToStringFormatted(json.get()); + EXPECT_TRUE(!str.empty()); } } // namespace AccessToken } // namespace Security diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp index aae920356b9496e2c396677b3dfc95440aab2fa0..5f4bc005493682491c24f35c7a29c14972308abb 100644 --- a/frameworks/test/unittest/accesstoken_parcel_test.cpp +++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp @@ -366,7 +366,6 @@ HWTEST_F(AccessTokenParcelTest, PermissionGrantInfoParcel001, TestSize.Level1) HWTEST_F(AccessTokenParcelTest, AtmToolsParamInfoParcel001, TestSize.Level1) { AtmToolsParamInfoParcel atmToolsParamInfoParcel; - atmToolsParamInfoParcel.info.type = DUMP_TOKEN; atmToolsParamInfoParcel.info.tokenId = INVALID_TOKENID; atmToolsParamInfoParcel.info.permissionName = "ohos.permission.CAMERA"; atmToolsParamInfoParcel.info.bundleName = "com.ohos.parceltest"; diff --git a/interfaces/innerkits/accesstoken/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h index e43cceca1ca7f797bc84e5d9d8283a653cf32ab0..ed73df16af9a4c8a69b1e051e871bcf25433f92c 100644 --- a/interfaces/innerkits/accesstoken/include/access_token.h +++ b/interfaces/innerkits/accesstoken/include/access_token.h @@ -294,40 +294,6 @@ typedef enum TypeDlpPerm { DLP_PERM_NONE = 2, } DlpPermMode; -/** - * @brief Atm toggle mode type - */ -typedef enum TypeToggleModeType { - /** toggle mode is request */ - TOGGLE_REQUEST = 0, - /** toggle mode is record */ - TOGGLE_RECORD, -} ToggleModeType; - -/** - * @brief Atm tools operate type - */ -typedef enum TypeOptType { - /** default */ - DEFAULT_OPER = 0, - /** dump hap or native token info */ - DUMP_TOKEN, - /** dump permission used records */ - DUMP_RECORD, - /** dump permission used types */ - DUMP_TYPE, - /** dump permission definition info */ - DUMP_PERM, - /** grant permission */ - PERM_GRANT, - /** revoke permission */ - PERM_REVOKE, - /** set toggle request/record status */ - TOGGLE_SET, - /** get toggle request/record status */ - TOGGLE_GET, -} OptType; - /** * @brief PermssionRule */ diff --git a/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h b/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h index c6326d1e6746c812b5cbc251164bc5be1963f285..75bd09e6a09973314a1e1054dbc73de6c83be6ad 100644 --- a/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h +++ b/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h @@ -46,7 +46,6 @@ namespace OHOS { namespace Security { namespace AccessToken { -constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; /** * @brief Declares atm tools param class */ @@ -56,20 +55,10 @@ constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; */ class AtmToolsParamInfo final { public: - /** - * operate type, for details about the valid values, - * see the definition of OptType in the access_token.h file. - */ - OptType type = DEFAULT_OPER; - union { - AccessTokenID tokenId = 0; - int32_t userID; - }; - uint32_t status = INVALID_ATM_SET_STATUS; + AccessTokenID tokenId = 0; std::string permissionName; std::string bundleName; std::string processName; - ToggleModeType toggleMode = TOGGLE_REQUEST; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 83453a03d3c76cb52b93c622a95217b43b94291f..304b9ffca4ddbce98030a008fec5a63d69a6e33f 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -715,85 +715,10 @@ int32_t AccessTokenKit::UnRegisterTokenSyncCallback() } #endif -static void FormatApl(ATokenAplEnum availableLevel, std::string& apl) -{ - if (availableLevel == ATokenAplEnum::APL_NORMAL) { - apl = "NORMAL"; - } else if (availableLevel == ATokenAplEnum::APL_SYSTEM_BASIC) { - apl = "SYSTEM_BASIC"; - } else { - apl = "SYSTEM_CORE"; - } -} - -static void FormatAvailableType(ATokenAvailableTypeEnum availableType, std::string& type) -{ - if (availableType == ATokenAvailableTypeEnum::NORMAL) { - type = "NORMAL"; - } else if (availableType == ATokenAvailableTypeEnum::SYSTEM) { - type = "SYSTEM"; - } else if (availableType == ATokenAvailableTypeEnum::MDM) { - type = "MDM"; - } else if (availableType == ATokenAvailableTypeEnum::SYSTEM_AND_MDM) { - type = "SYSTEM_AND_MDM"; - } else if (availableType == ATokenAvailableTypeEnum::SERVICE) { - type = "SERVICE"; - } else { - type = "ENTERPRISE_NORMAL"; - } -} - -static void PermDefinitionToString(const PermissionBriefDef& briefDef, std::string& dumpInfo) -{ - std::string grantMode = briefDef.grantMode == GrantMode::USER_GRANT ? "USER_GRANT" : "SYSTEM_GRANT"; - std::string apl; - FormatApl(briefDef.availableLevel, apl); - std::string availableType; - FormatAvailableType(briefDef.availableType, availableType); - - dumpInfo.append(R"({)"); - dumpInfo.append("\n"); - dumpInfo.append(R"( "permissionName": ")" + std::string(briefDef.permissionName) + R"(")" + ",\n"); - dumpInfo.append(R"( "grantMode": )" + grantMode + ",\n"); - dumpInfo.append(R"( "availableLevel": )" + apl + ",\n"); - dumpInfo.append(R"( "availableType": )" + availableType + ",\n"); - dumpInfo.append(R"( "provisionEnable": )" + std::string(briefDef.provisionEnable ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "distributedSceneEnable": )" + - std::string(briefDef.distributedSceneEnable ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "isKernelEffect": )" + std::string(briefDef.isKernelEffect ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "hasValue": )" + std::string(briefDef.hasValue ? "true" : "false") + ",\n"); - dumpInfo.append(R"(})"); - dumpInfo.append("\n"); -} - -static void DumpPermDefinition(const AtmToolsParamInfo& info, std::string& dumpInfo) -{ - if (info.permissionName.empty()) { - size_t count = GetDefPermissionsSize(); - - for (size_t i = 0; i < count; ++i) { - PermissionBriefDef briefDef; - GetPermissionBriefDef(i, briefDef); - PermDefinitionToString(briefDef, dumpInfo); - } - } else { - uint32_t code = 0; - if (TransferPermissionToOpcode(info.permissionName, code)) { - PermissionBriefDef briefDef; - GetPermissionBriefDef(code, briefDef); - PermDefinitionToString(briefDef, dumpInfo); - } - } -} - void AccessTokenKit::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) { LOGD(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d, bundleName=%{public}s, processName=%{public}s.", info.tokenId, info.bundleName.c_str(), info.processName.c_str()); - if (info.type == DUMP_PERM) { - DumpPermDefinition(info, dumpInfo); - return; - } AccessTokenManagerClient::GetInstance().DumpTokenInfo(info, dumpInfo); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp index 5f7ff2fbaf0a428940571cbf811db123431fc7d9..56d2dcb13722d5e43f904bc65ce83e69da0792fa 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp @@ -125,30 +125,30 @@ HWTEST_F(DumpTokenInfoTest, DumpTokenInfoAbnormalTest002, TestSize.Level1) } /** - * @tc.name: DumpPermDef001 - * @tc.desc: Get dump permission definitions + * @tc.name: DumpTokenInfoFuncTest001 + * @tc.desc: Get dump token information with valid tokenID * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(DumpTokenInfoTest, DumpPermDef001, TestSize.Level1) +HWTEST_F(DumpTokenInfoTest, DumpTokenInfoFuncTest001, TestSize.Level1) { - LOGI(ATM_DOMAIN, ATM_TAG, "DumpPermDef001"); - SetSelfTokenID(g_selfTokenId); - std::string dumpInfo1; - AtmToolsParamInfo info; - info.type = DUMP_PERM; - AccessTokenKit::DumpTokenInfo(info, dumpInfo1); - ASSERT_EQ(false, dumpInfo1.empty()); - - std::string dumpInfo2; - info.permissionName = "ohos.permission.READ_MEDIA"; - AccessTokenKit::DumpTokenInfo(info, dumpInfo2); - ASSERT_EQ(false, dumpInfo2.empty()); - - std::string dumpInfo3; - info.permissionName = "ohos.permission.INVALID"; - AccessTokenKit::DumpTokenInfo(info, dumpInfo3); - ASSERT_EQ(true, dumpInfo3.empty()); + LOGI(ATM_DOMAIN, ATM_TAG, "DumpTokenInfoFuncTest001"); + AccessTokenIDEx tokenIdEx = {0}; + ASSERT_EQ(RET_SUCCESS, TestCommon::AllocTestHapToken(g_InfoParms, g_PolicyPrams, tokenIdEx)); + ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID); + + std::string dumpInfo; + AtmToolsParamInfo info1; + info1.tokenId = tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenKit::DumpTokenInfo(info1, dumpInfo); + EXPECT_NE("", dumpInfo); + + AtmToolsParamInfo info2; + info2.processName = "hdcd"; + AccessTokenKit::DumpTokenInfo(info2, dumpInfo); + EXPECT_NE("", dumpInfo); + + ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index a9daab95e9730ba4b50dde6d45fb7777df530d5d..e1ef079b3129fb80650aedf100b4011f5bba916d 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -131,7 +131,6 @@ public: int32_t ClearUserPolicy() override; int32_t DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override; int32_t GetVersion(uint32_t& version) override; - int Dump(int fd, const std::vector& args) override; int32_t CallbackEnter(uint32_t code) override; int32_t CallbackExit(uint32_t code, int32_t result) override; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index ac7b1ec506eaf337e1e2fe120eaf156ff9990f57..4e60ebb7df25a33a8518fbeaa68474fac71ca7ed 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -75,10 +75,6 @@ public: int32_t UpdateUserPolicy(const std::vector& userList); int32_t ClearUserPolicy(); bool GetPermDialogCap(AccessTokenID tokenID); - void DumpToken(); - int32_t GetCurDumpTaskNum(); - void AddDumpTaskNum(); - void ReduceDumpTaskNum(); void ClearUserGrantedPermissionState(AccessTokenID tokenID); int32_t ClearUserGrantedPermission(AccessTokenID tokenID); bool IsPermissionRestrictedByUserPolicy(AccessTokenID id, const std::string& permissionName); @@ -145,16 +141,11 @@ private: int32_t FindPermRequestToggleStatusFromDb(int32_t userID, const std::string& permissionName); void GetNativePermissionList(const NativeTokenInfoBase& native, std::vector& opCodeList, std::vector& statusList); - bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, - const std::vector& nativeAcls); - int32_t GetNativeCfgInfo(std::vector& tokenInfos); - void NativeTokenStateToString(const NativeTokenInfoBase& native, std::string& info, std::string& invalidPermString); - void NativeTokenToString(AccessTokenID tokenID, std::string& info); + std::string NativeTokenToString(AccessTokenID tokenID); int32_t CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy); void UpdateHapToKernel(AccessTokenID tokenID, int32_t userId); std::shared_ptr GetHapTokenInfoInnerFromDb(AccessTokenID id); bool hasInited_; - std::atomic_int32_t dumpTaskNum_; OHOS::Utils::RWLock hapTokenInfoLock_; OHOS::Utils::RWLock nativeTokenInfoLock_; diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index e0d3ad63e3f8e9c113ca920d623fe8a63c546036..b02e9925c806c6fa6c40db3c5df3aba4ba20dc43 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -57,7 +57,7 @@ public: int GetInstIndex() const; AccessTokenID GetTokenID() const; void SetTokenBaseInfo(const HapTokenInfo& baseInfo); - void ToString(std::string& info); + std::string ToString(); bool IsRemote() const; void SetRemote(bool isRemote); bool IsPermDialogForbidden() const; @@ -89,8 +89,6 @@ private: void TranslationIntoGenericValues(GenericValues& outGenericValues) const; int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); bool UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList); - void PermToString(const std::vector& permStateList, std::string& info); - void PermStateFullToString(const PermissionStatus& state, std::string& info); HapTokenInfo tokenInfoBasic_; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 1bd833360c16f0240c65fc80382108166fb223a2..fb3f764212f6f556db53d908c5887bdca2f2a3d1 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -66,7 +66,6 @@ namespace AccessToken { namespace { static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init"; constexpr int32_t ERROR = -1; -constexpr int TWO_ARGS = 2; const char* GRANT_ABILITY_BUNDLE_NAME = "com.ohos.permissionmanager"; const char* GRANT_ABILITY_ABILITY_NAME = "com.ohos.permissionmanager.GrantAbility"; const char* PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.PermissionStateSheetAbility"; @@ -1298,41 +1297,6 @@ int32_t AccessTokenManagerService::ClearUserPolicy() return AccessTokenInfoManager::GetInstance().ClearUserPolicy(); } -int AccessTokenManagerService::Dump(int fd, const std::vector& args) -{ - if (fd < 0) { - return ERR_INVALID_VALUE; - } - - dprintf(fd, "AccessToken Dump:\n"); - std::string arg0 = ((args.size() == 0)? "" : Str16ToStr8(args.at(0))); - if (arg0.compare("-h") == 0) { - dprintf(fd, "Usage:\n"); - dprintf(fd, " -h: command help\n"); - dprintf(fd, " -a: dump all tokens\n"); - dprintf(fd, " -t : dump special token id\n"); - } else if (arg0.compare("-t") == 0) { - if (args.size() < TWO_ARGS) { - return ERR_INVALID_VALUE; - } - long long tokenID = atoll(static_cast(Str16ToStr8(args.at(1)).c_str())); - if (tokenID <= 0) { - return ERR_INVALID_VALUE; - } - AtmToolsParamInfoParcel infoParcel; - infoParcel.info.tokenId = static_cast(tokenID); - std::string dumpStr; - DumpTokenInfo(infoParcel, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - } else if (arg0.compare("-a") == 0 || arg0 == "") { - std::string dumpStr; - AtmToolsParamInfoParcel infoParcel; - DumpTokenInfo(infoParcel, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - } - return ERR_OK; -} - void AccessTokenManagerService::AccessTokenServiceParamSet() const { int32_t res = SetParameter(ACCESS_TOKEN_SERVICE_INIT_KEY, std::to_string(1).c_str()); diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index d0569f0fd3c0ec0abb76b60e65d744e67e4cc159..6e0511de14651d3a33d672ee42f462a9076d8f65 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -64,9 +64,7 @@ static constexpr int32_t SYSTEM_APP = 1; static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length static const char* ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_sync"; #endif -static const char* DUMP_JSON_PATH = "/data/service/el1/public/access_token/nativetoken.log"; static const char* SYSTEM_RESOURCE_BUNDLE_NAME = "ohos.global.systemres"; -constexpr uint64_t FD_TAG = 0xD005A01; } AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {} @@ -1214,10 +1212,10 @@ void AccessTokenInfoManager::DumpHapTokenInfoByTokenId(const AccessTokenID token if (type == TOKEN_HAP) { std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenId); if (infoPtr != nullptr) { - infoPtr->ToString(dumpInfo); + dumpInfo = infoPtr->ToString(); } } else if (type == TOKEN_NATIVE || type == TOKEN_SHELL) { - NativeTokenToString(tokenId, dumpInfo); + dumpInfo = NativeTokenToString(tokenId); } else { dumpInfo.append("invalid tokenId"); } @@ -1231,8 +1229,7 @@ void AccessTokenInfoManager::DumpHapTokenInfoByBundleName(const std::string& bun if (bundleName != iter->second->GetBundleName()) { continue; } - - iter->second->ToString(dumpInfo); + dumpInfo = iter->second->ToString(); dumpInfo.append("\n"); } } @@ -1253,7 +1250,7 @@ void AccessTokenInfoManager::DumpAllHapTokenname(std::string& dumpInfo) void AccessTokenInfoManager::DumpNativeTokenInfoByProcessName(const std::string& processName, std::string& dumpInfo) { - NativeTokenToString(GetNativeTokenId(processName), dumpInfo); + dumpInfo = NativeTokenToString(GetNativeTokenId(processName)); } void AccessTokenInfoManager::DumpAllNativeTokenName(std::string& dumpInfo) @@ -1267,37 +1264,6 @@ void AccessTokenInfoManager::DumpAllNativeTokenName(std::string& dumpInfo) } } -int32_t AccessTokenInfoManager::GetCurDumpTaskNum() -{ - return dumpTaskNum_.load(); -} - -void AccessTokenInfoManager::AddDumpTaskNum() -{ - dumpTaskNum_++; -} - -void AccessTokenInfoManager::ReduceDumpTaskNum() -{ - dumpTaskNum_--; -} - -void AccessTokenInfoManager::DumpToken() -{ - LOGI(ATM_DOMAIN, ATM_TAG, "AccessToken Dump"); - int32_t fd = open(DUMP_JSON_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP); - if (fd < 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno); - return; - } - fdsan_exchange_owner_tag(fd, 0, FD_TAG); - std::string dumpStr; - AtmToolsParamInfoParcel infoParcel; - DumpTokenInfo(infoParcel.info, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - (void)fdsan_close_with_tag(fd, FD_TAG); -} - void AccessTokenInfoManager::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) { if (info.tokenId != 0) { @@ -1834,25 +1800,6 @@ int32_t AccessTokenInfoManager::GetPermissionRequestToggleStatus(const std::stri return 0; } -bool AccessTokenInfoManager::IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, - const std::vector& nativeAcls) -{ - PermissionBriefDef briefDef; - if (!GetPermissionBriefDef(permissionName, briefDef)) { - return false; - } - - if (tokenApl >= briefDef.availableLevel) { - return true; - } - - auto iter = std::find(nativeAcls.begin(), nativeAcls.end(), permissionName); - if (iter != nativeAcls.end()) { - return true; - } - return false; -} - int32_t AccessTokenInfoManager::GetKernelPermissions( AccessTokenID tokenId, std::vector& kernelPermList) @@ -1868,50 +1815,19 @@ int32_t AccessTokenInfoManager::GetReqPermissionByName( tokenId, permissionName, value, true); } -int32_t AccessTokenInfoManager::GetNativeCfgInfo(std::vector& tokenInfos) +std::string AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID) { + std::vector tokenInfos; LibraryLoader loader(CONFIG_PARSE_LIBPATH); ConfigPolicyLoaderInterface* policy = loader.GetObject(); if (policy == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libaccesstoken_json_parse failed."); - return RET_FAILED; - } - int ret = policy->GetAllNativeTokenInfo(tokenInfos); - if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to load native from native json, err=%{public}d.", ret); - return ret; - } - - return RET_SUCCESS; -} - -void AccessTokenInfoManager::NativeTokenStateToString(const NativeTokenInfoBase& native, std::string& info, - std::string& invalidPermString) -{ - for (auto iter = native.permStateList.begin(); iter != native.permStateList.end(); iter++) { - if (!IsPermissionReqValid(native.apl, iter->permissionName, native.nativeAcls)) { - invalidPermString.append(R"( "permissionName": ")" + iter->permissionName + R"(")" + ",\n"); - continue; - } - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + iter->permissionName + R"(")" + ",\n"); - info.append(R"( "grantStatus": )" + std::to_string(iter->grantStatus) + ",\n"); - info.append(R"( "grantFlag": )" + std::to_string(iter->grantFlag) + ",\n"); - info.append(R"( })"); - if (iter != (native.permStateList.end() - 1)) { - info.append(",\n"); - } + return ""; } -} - -void AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID, std::string& info) -{ - std::vector tokenInfos; - int ret = GetNativeCfgInfo(tokenInfos); + int32_t ret = policy->GetAllNativeTokenInfo(tokenInfos); if (ret != RET_SUCCESS || tokenInfos.empty()) { LOGE(ATM_DOMAIN, ATM_TAG, "Failed to load native from native json, err=%{public}d.", ret); - return; + return ""; } auto iter = tokenInfos.begin(); while (iter != tokenInfos.end()) { @@ -1922,28 +1838,10 @@ void AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID, std::str } if (iter == tokenInfos.end()) { LOGE(ATM_DOMAIN, ATM_TAG, "Id %{public}u is not exist.", tokenID); - return; + return ""; } NativeTokenInfoBase native = *iter; - std::string invalidPermString = ""; - info.append(R"({)"); - info.append("\n"); - info.append(R"( "tokenID": )" + std::to_string(native.tokenID) + ",\n"); - info.append(R"( "processName": ")" + native.processName + R"(")" + ",\n"); - info.append(R"( "apl": )" + std::to_string(native.apl) + ",\n"); - info.append(R"( "permStateList": [)"); - info.append("\n"); - NativeTokenStateToString(native, info, invalidPermString); - info.append("\n ]\n"); - - if (invalidPermString.empty()) { - info.append("}"); - return; - } - - info.append(R"( "invalidPermList": [\n)"); - info.append(invalidPermString); - info.append("\n ]\n}"); + return policy->DumpNativeTokenInfo(native); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index dcca813b088a9456e1392975eb3ddeb68122a327..91d7d5222e1743393b68eeb13afb6f626c07144f 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -23,6 +23,7 @@ #include "data_translator.h" #include "data_validator.h" #include "hisysevent_adapter.h" +#include "json_parse_loader.h" #include "short_grant_manager.h" #include "token_field_const.h" #include "permission_map.h" @@ -450,72 +451,18 @@ bool HapTokenInfoInner::IsPermissionGrantedWithSecComp(AccessTokenID tokenID, co return PermissionDataBrief::GetInstance().IsPermissionGrantedWithSecComp(tokenID, permissionName); } -void PermDefToString(const PermissionDef& def, std::string& info) -{ - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + def.permissionName + R"(")" + ",\n"); - info.append(R"( "bundleName": ")" + def.bundleName + R"(")" + ",\n"); - info.append(R"( "grantMode": )" + std::to_string(def.grantMode) + ",\n"); - info.append(R"( "availableLevel": )" + std::to_string(def.availableLevel) + ",\n"); - info.append(R"( "provisionEnable": )" + std::to_string(def.provisionEnable) + ",\n"); - info.append(R"( "distributedSceneEnable": )" + std::to_string(def.distributedSceneEnable) + ",\n"); - info.append(R"( "label": ")" + def.label + R"(")" + ",\n"); - info.append(R"( "labelId": )" + std::to_string(def.labelId) + ",\n"); - info.append(R"( "description": ")" + def.description + R"(")" + ",\n"); - info.append(R"( "descriptionId": )" + std::to_string(def.descriptionId) + ",\n"); - info.append(R"( "isKernelEffect": )" + std::to_string(def.isKernelEffect) + ",\n"); - info.append(R"( "hasValue": )" + std::to_string(def.hasValue) + ",\n"); - info.append(R"( })"); -} - -void HapTokenInfoInner::PermStateFullToString(const PermissionStatus& state, std::string& info) -{ - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + state.permissionName + R"(")" + ",\n"); - info.append(R"( "grantStatus": ")" + std::to_string(state.grantStatus) + R"(")" + ",\n"); - info.append(R"( "grantFlag": ")" + std::to_string(state.grantFlag) + R"(")" + ",\n"); - std::string value; - int32_t ret = PermissionDataBrief::GetInstance().GetReqPermissionByName( - tokenInfoBasic_.tokenID, state.permissionName, value, false); - if (ret == RET_SUCCESS) { - info.append(R"( "value": ")" + value + R"(")" + ",\n"); - } - info.append(R"( })"); -} - -void HapTokenInfoInner::PermToString(const std::vector& permStateList, std::string& info) -{ - info.append(R"( "permStateList": [)"); - info.append("\n"); - for (auto iter = permStateList.begin(); iter != permStateList.end(); iter++) { - PermStateFullToString(*iter, info); - if (iter != (permStateList.end() - 1)) { - info.append(",\n"); - } - } - info.append("\n ]\n"); -} - -void HapTokenInfoInner::ToString(std::string& info) +std::string HapTokenInfoInner::ToString() { - info.append(R"({)"); - info.append("\n"); - info.append(R"( "tokenID": )" + std::to_string(tokenInfoBasic_.tokenID) + ",\n"); - info.append(R"( "tokenAttr": )" + std::to_string(tokenInfoBasic_.tokenAttr) + ",\n"); - info.append(R"( "ver": )" + std::to_string(tokenInfoBasic_.ver) + ",\n"); - info.append(R"( "userId": )" + std::to_string(tokenInfoBasic_.userID) + ",\n"); - info.append(R"( "bundleName": ")" + tokenInfoBasic_.bundleName + R"(")" + ",\n"); - info.append(R"( "instIndex": )" + std::to_string(tokenInfoBasic_.instIndex) + ",\n"); - info.append(R"( "dlpType": )" + std::to_string(tokenInfoBasic_.dlpType) + ",\n"); - info.append(R"( "isRemote": )" + std::to_string(isRemote_) + ",\n"); - info.append(R"( "isPermDialogForbidden": )" + std::to_string(isPermDialogForbidden_) + ",\n"); - std::vector permStateList; (void)GetPermissionStateList(permStateList); - PermToString(permStateList, info); - info.append("}"); + std::vector tokenInfos; + LibraryLoader loader(CONFIG_PARSE_LIBPATH); + ConfigPolicyLoaderInterface* policy = loader.GetObject(); + if (policy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libaccesstoken_json_parse failed."); + return ""; + } + return policy->DumpHapTokenInfo(tokenInfoBasic_, isRemote_, isPermDialogForbidden_, permStateList); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 5522bb9be66463e4e771d959bf452c70abbb603e..21a9c6f7adfba1bf7ba5ce07142db6ad91acbaf8 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -200,9 +200,6 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level0) std::shared_ptr tokenInfo; tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); @@ -238,10 +235,6 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level0) tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx1.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); - ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx1.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; @@ -877,9 +870,6 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level0) std::shared_ptr tokenInfo; tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); @@ -2081,9 +2071,6 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level0) hapInfo.isSystemApp = false; hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null - std::string info; - hap->ToString(info); // permPolicySet_ is null - std::vector hapInfoValues; std::vector permStateValues; hap->StoreHapInfo(hapInfoValues, "test", APL_NORMAL); diff --git a/services/common/BUILD.gn b/services/common/BUILD.gn index 08003e2a99cc8023f9116ebccaad6051ffeae32f..eaf040131364b41b110abfff0fc9a57bf519a9e1 100644 --- a/services/common/BUILD.gn +++ b/services/common/BUILD.gn @@ -97,7 +97,6 @@ group("accesstoken_common") { deps = [ ":accesstoken_service_common", "ability_manager:accesstoken_ability_manager_adapter", - "json_parse:accesstoken_cjson_utils", "json_parse:accesstoken_json_parse", "screenlock_manager:accesstoken_screenlock_manager", ] diff --git a/services/common/json_parse/BUILD.gn b/services/common/json_parse/BUILD.gn index 52a34088506a558a80403ce8e34364756c57565b..fa80142e1a53ca8fbe7c693e3f41fc7ba2fb29d5 100644 --- a/services/common/json_parse/BUILD.gn +++ b/services/common/json_parse/BUILD.gn @@ -33,12 +33,12 @@ ohos_shared_library("accesstoken_json_parse") { include_dirs = [ "include", "${access_token_path}/frameworks/common/include", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", ] sources = [ - "src/cjson_utils.cpp", "src/json_parse_loader.cpp", ] @@ -49,7 +49,10 @@ ohos_shared_library("accesstoken_json_parse") { ] public_configs = [ ":accesstoken_json_parse_config" ] - deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + deps = [ + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils" + ] external_deps = [ "cJSON:cjson", @@ -63,40 +66,3 @@ ohos_shared_library("accesstoken_json_parse") { } } } - -ohos_shared_library("accesstoken_cjson_utils") { - if (is_standard_system) { - subsystem_name = "security" - part_name = "access_token" - sanitize = { - cfi = true - cfi_cross_dso = true - debug = false - } - branch_protector_ret = "pac_ret" - - include_dirs = [ - "include", - "${access_token_path}/frameworks/common/include", - "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", - ] - - sources = [ "src/cjson_utils.cpp" ] - - cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ - "${access_token_path}/config:access_token_compile_flags", - "${access_token_path}/config:coverage_flags", - ] - public_configs = [ ":accesstoken_json_parse_config" ] - - deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] - - external_deps = [ - "cJSON:cjson", - "c_utils:utils", - "hilog:libhilog", - ] - } -} diff --git a/services/common/json_parse/include/json_parse_loader.h b/services/common/json_parse/include/json_parse_loader.h index 82339c0132c6fcfa451f0e62abaf0c0a0230c222..87a7697ebf38478cffeed1c7b532bc2fc1121f45 100644 --- a/services/common/json_parse/include/json_parse_loader.h +++ b/services/common/json_parse/include/json_parse_loader.h @@ -18,6 +18,7 @@ #include #include +#include "hap_token_info.h" #include "permission_def.h" #include "native_token_info_base.h" #include "permission_dlp_mode.h" @@ -72,12 +73,18 @@ public: virtual bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); virtual int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); virtual int32_t GetDlpPermissions(std::vector& dlpPerms); + virtual std::string DumpNativeTokenInfo(const NativeTokenInfoBase& native); + virtual std::string DumpHapTokenInfo(const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, + std::vector permStateList); }; class ConfigPolicLoader final: public ConfigPolicyLoaderInterface { bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); int32_t GetDlpPermissions(std::vector& dlpPerms); + std::string DumpNativeTokenInfo(const NativeTokenInfoBase& native); + std::string DumpHapTokenInfo(const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, + std::vector permStateList); private: #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE void GetConfigFilePathList(std::vector& pathList); diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index 8441cc9582afb362ecd049ffff210a4b446ba1c8..24d608c26256c977b85ef9b4ca04f9cc1dad6f16 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -29,6 +29,7 @@ #include "config_policy_utils.h" #endif #include "data_validator.h" +#include "permission_map.h" namespace OHOS { namespace Security { @@ -449,6 +450,78 @@ int32_t ConfigPolicLoader::GetDlpPermissions(std::vector& dlp return RET_SUCCESS; } +std::string ConfigPolicLoader::DumpHapTokenInfo( + const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, std::vector permStateList) +{ + CJsonUnique j = CreateJson(); + (void)AddUnsignedIntToJson(j, "tokenID", hapInfo.tokenID); + (void)AddUnsignedIntToJson(j, "tokenAttr", hapInfo.tokenAttr); + (void)AddIntToJson(j, "ver", static_cast(hapInfo.ver)); + (void)AddIntToJson(j, "userId", hapInfo.userID); + (void)AddStringToJson(j, "bundleName", hapInfo.bundleName); + (void)AddIntToJson(j, "instIndex", hapInfo.instIndex); + (void)AddIntToJson(j, "dlpType", hapInfo.dlpType); + (void)AddBoolToJson(j, "isRemote", isRemote); + (void)AddBoolToJson(j, "isPermDialogForbidden", isPermDialogForbidden); + + CJsonUnique permStateListJson = CreateJsonArray(); + for (auto iter = permStateList.begin(); iter != permStateList.end(); ++iter) { + CJsonUnique permStateJson = CreateJson(); + (void)AddStringToJson(permStateJson, "permissionName", iter->permissionName); + (void)AddIntToJson(permStateJson, "grantStatus", iter->grantStatus); + (void)AddUnsignedIntToJson(permStateJson, "grantFlag", iter->grantFlag); + (void)AddObjToArray(permStateListJson, permStateJson); + } + (void)AddObjToJson(j, "permStateList", permStateListJson); + return JsonToStringFormatted(j.get()); +} + +static bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, + const std::vector& nativeAcls) +{ + PermissionBriefDef briefDef; + if (!GetPermissionBriefDef(permissionName, briefDef)) { + return false; + } + + if (tokenApl >= briefDef.availableLevel) { + return true; + } + + auto iter = std::find(nativeAcls.begin(), nativeAcls.end(), permissionName); + if (iter != nativeAcls.end()) { + return true; + } + return false; +} + +std::string ConfigPolicLoader::DumpNativeTokenInfo(const NativeTokenInfoBase& native) +{ + CJsonUnique j = CreateJson(); + (void)AddUnsignedIntToJson(j, "tokenID", native.tokenID); + (void)AddStringToJson(j, "processName", native.processName); + (void)AddIntToJson(j, "apl", native.apl); + + CJsonUnique permStateListJson = CreateJsonArray(); + CJsonUnique invalidPermStringJson = CreateJsonArray(); + for (auto iter = native.permStateList.begin(); iter != native.permStateList.end(); ++iter) { + if (!IsPermissionReqValid(native.apl, iter->permissionName, native.nativeAcls)) { + CJsonUnique tmpJson = CreateJsonString(iter->permissionName); + (void)AddObjToArray(invalidPermStringJson, tmpJson); + continue; + } + CJsonUnique permStateJson = CreateJson(); + (void)AddStringToJson(permStateJson, "permissionName", iter->permissionName); + (void)AddIntToJson(permStateJson, "grantStatus", iter->grantStatus); + (void)AddUnsignedIntToJson(permStateJson, "grantFlag", iter->grantFlag); + (void)AddObjToArray(permStateListJson, permStateJson); + } + + (void)AddObjToJson(j, "permStateList", permStateListJson); + (void)AddObjToJson(j, "invalidPermList", invalidPermStringJson); + return JsonToStringFormatted(j.get()); +} + extern "C" { void* Create() { diff --git a/services/common/json_parse/test/BUILD.gn b/services/common/json_parse/test/BUILD.gn index 5a511265faacd325e768f262805c12ddc47c710e..0aa9a7cf48f7c63865e14b323cfd40329788d033 100644 --- a/services/common/json_parse/test/BUILD.gn +++ b/services/common/json_parse/test/BUILD.gn @@ -12,7 +12,7 @@ # limitations under the License. import("//build/test.gni") -import("../../../../access_token.gni") +import("../../../access_token.gni") config("accesstoken_json_parse_config") { visibility = [ ":*" ] @@ -32,14 +32,11 @@ ohos_unittest("libjsonparse_test") { include_dirs = [ "${access_token_path}/frameworks/common/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/common/json_parse/include", ] sources = [ - "${access_token_path}/services/common/json_parse/src/cjson_utils.cpp", "${access_token_path}/services/common/json_parse/src/json_parse_loader.cpp", - "unittest/cjson_utils_test.cpp", "unittest/json_parse_loader_test.cpp", ] diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 9e011b213c7c20ed822ba05bec42254569da286c..09c92bb818daabd757158744836e0c67bcacdacd 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -349,7 +349,7 @@ int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector for (size_t index = 0; index < result.bundleRecords[0].permissionRecords.size(); index++) { infos.append(R"( "permissionRecord": [)"); infos.append("\n"); - infos.append(R"( "bundleName": )" + result.bundleRecords[0].bundleName + ",\n"); + infos.append(R"( "bundleName": ")" + result.bundleRecords[0].bundleName + R"(")" + ",\n"); infos.append(R"( "isRemote": )" + std::to_string(result.bundleRecords[0].isRemote) + ",\n"); infos.append(R"( "permissionName": ")" + result.bundleRecords[0].permissionRecords[index].permissionName + R"(")" + ",\n"); @@ -357,8 +357,8 @@ int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector infos.append(R"( "lastAccessTime": )" + std::to_string(lastAccessTime) + ",\n"); infos.append(R"( "lastAccessDuration": )" + std::to_string(result.bundleRecords[0].permissionRecords[index].lastAccessDuration) + ",\n"); - infos.append(R"( "accessCount": ")" + - std::to_string(result.bundleRecords[0].permissionRecords[index].accessCount) + R"(")" + ",\n"); + infos.append(R"( "accessCount": )" + + std::to_string(result.bundleRecords[0].permissionRecords[index].accessCount) + ",\n"); infos.append(" ]"); infos.append("\n"); } diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 5edcf8ffb1ecf78432cab9568575c64e9b800786..e61907d1f09da94d7499ee69506dea2ba04c06fe 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -59,6 +59,7 @@ if (token_sync_enable == true) { "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/tokensync/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/services/common/libraryloader/include", @@ -101,10 +102,10 @@ if (token_sync_enable == true) { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", "${access_token_path}/services/tokensyncmanager:token_sync.rc", ] diff --git a/services/tokensyncmanager/src/command/base_remote_command.cpp b/services/tokensyncmanager/src/command/base_remote_command.cpp index b78f83703cd85890920be885a92a75f31e770197..d932b4cd75f94ec6f362c1b3a34070560c11c199 100644 --- a/services/tokensyncmanager/src/command/base_remote_command.cpp +++ b/services/tokensyncmanager/src/command/base_remote_command.cpp @@ -81,17 +81,17 @@ CJsonUnique BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoBase& ToPermStateJson(permStateJson.get(), permState); AddObjToArray(permStatesJson, permStateJson); } - CJsonUnique DcapsJson = CreateJsonArray(); + CJsonUnique dcapsJson = CreateJsonArray(); for (const auto& item : tokenInfo.dcap) { cJSON *tmpObj = cJSON_CreateString(item.c_str()); - AddObjToArray(DcapsJson.get(), tmpObj); + AddObjToArray(dcapsJson.get(), tmpObj); cJSON_Delete(tmpObj); tmpObj = nullptr; } - CJsonUnique NativeAclsJson = CreateJsonArray(); + CJsonUnique nativeAclsJson = CreateJsonArray(); for (const auto& item : tokenInfo.nativeAcls) { cJSON *tmpObj = cJSON_CreateString(item.c_str()); - AddObjToArray(NativeAclsJson.get(), tmpObj); + AddObjToArray(nativeAclsJson.get(), tmpObj); cJSON_Delete(tmpObj); tmpObj = nullptr; } @@ -101,8 +101,8 @@ CJsonUnique BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoBase& AddUnsignedIntToJson(nativeTokenJson, "version", tokenInfo.ver); AddUnsignedIntToJson(nativeTokenJson, "tokenId", tokenInfo.tokenID); AddUnsignedIntToJson(nativeTokenJson, "tokenAttr", tokenInfo.tokenAttr); - AddObjToJson(nativeTokenJson, "dcaps", DcapsJson); - AddObjToJson(nativeTokenJson, "nativeAcls", NativeAclsJson); + AddObjToJson(nativeTokenJson, "dcaps", dcapsJson); + AddObjToJson(nativeTokenJson, "nativeAcls", nativeAclsJson); AddObjToJson(nativeTokenJson, "permState", permStatesJson); return nativeTokenJson; } diff --git a/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp index cd1ce38f8941efd6001146684061e8765d3fed59..4be1b0b7618087a29c895fa3919e9326e3a7f267 100644 --- a/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp +++ b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp @@ -56,8 +56,8 @@ UpdateRemoteHapTokenCommand::UpdateRemoteHapTokenCommand(const std::string &json std::string UpdateRemoteHapTokenCommand::ToJsonPayload() { CJsonUnique j = BaseRemoteCommand::ToRemoteProtocolJson(); - CJsonUnique HapTokenInfos = BaseRemoteCommand::ToHapTokenInfosJson(updateTokenInfo_); - AddObjToJson(j, "HapTokenInfos", HapTokenInfos); + CJsonUnique hapTokenInfos = BaseRemoteCommand::ToHapTokenInfosJson(updateTokenInfo_); + AddObjToJson(j, "HapTokenInfos", hapTokenInfos); return PackJsonToString(j); } diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index 947c108c431783bbb0e838f1965c173f989e2014..5914bd47def68abab3e85963c1303b11bcab5ab1 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -61,6 +61,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") { "${access_token_path}/interfaces/innerkits/nativetoken/include", "${access_token_path}/interfaces/innerkits/token_setproc/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", @@ -70,10 +71,10 @@ ohos_unittest("libtoken_sync_service_coverage_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index 8e65906c507b8a0a7ebfe7b77b194b1bbed849a2..e4aef09a20cf44a4d112faf3db8ccc3db020f087 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -61,6 +61,7 @@ ohos_unittest("libtoken_sync_service_standard_test") { "${access_token_path}/interfaces/innerkits/nativetoken/include", "${access_token_path}/interfaces/innerkits/token_setproc/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", @@ -70,10 +71,10 @@ ohos_unittest("libtoken_sync_service_standard_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp index a98394fd4ae29659d5bd827794e78f7d4526f45a..280d508a2954b49b92717113f48b1ac1d49aeb02 100644 --- a/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp @@ -24,16 +24,6 @@ using namespace std; using namespace OHOS::Security::AccessToken; -static const vector TYPE_LIST = { - DEFAULT_OPER, - DUMP_TOKEN, - DUMP_RECORD, - DUMP_TYPE, - DUMP_PERM, - PERM_GRANT, - PERM_REVOKE -}; - namespace OHOS { bool DumpTokenInfoFuzzTest(const uint8_t* data, size_t size) { @@ -42,10 +32,7 @@ bool DumpTokenInfoFuzzTest(const uint8_t* data, size_t size) } FuzzedDataProvider provider(data, size); - uint32_t typeIndex = provider.ConsumeIntegral() % static_cast(TYPE_LIST.size()); - OptType type = TYPE_LIST[typeIndex]; AtmToolsParamInfo info = { - .type = type, .tokenId = provider.ConsumeIntegral(), }; diff --git a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni index 96c9bf1dc77996132a001ed4d0f66ee646008150..871feeae778aae5c8c3c34b16db30538074b271a 100644 --- a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni @@ -61,7 +61,6 @@ access_token_deps = [ "${access_token_path}/services/accesstokenmanager/etc:param_files", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] access_token_external_deps = [ diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index b651cf512e080a689505d014bb8f835ebe2d4994..713608566048d4f4a4542af94378194501cea688 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -32,6 +32,7 @@ access_token_include_dirs = [ "${access_token_path}/services/tokensyncmanager/include/service", "${access_token_path}/frameworks/accesstoken/include", "${access_token_path}/frameworks/common/include", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/src", @@ -53,6 +54,7 @@ access_token_deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", "${access_token_path}/frameworks/common:accesstoken_hisysevent", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", @@ -62,7 +64,6 @@ access_token_deps = [ "${access_token_path}/services/accesstokenmanager/etc:param_files", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] access_token_external_deps = [ @@ -87,9 +88,9 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/accesstoken_callback_proxys.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/callback_death_recipients.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db_operator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index 08a6138d61ec32cad6f2f41e41d3e9ed340ba6b5..805611be2d972a8ab9dacdd1965fabc9b92fbfb3 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -74,8 +74,8 @@ privacy_sources = [ "${access_token_path}/services/privacymanager/src/active/perm_active_status_callback_death_recipient.cpp", "${access_token_path}/services/privacymanager/src/active/perm_active_status_change_callback_proxy.cpp", "${access_token_path}/services/privacymanager/src/active/state_change_callback_proxy.cpp", - "${access_token_path}/services/privacymanager/src/common/constant.cpp", "${access_token_path}/services/privacymanager/src/common/access_token_helper.cpp", + "${access_token_path}/services/privacymanager/src/common/constant.cpp", "${access_token_path}/services/privacymanager/src/database/data_translator.cpp", "${access_token_path}/services/privacymanager/src/database/permission_used_record_db.cpp", "${access_token_path}/services/privacymanager/src/database/privacy_field_const.cpp", diff --git a/tools/accesstoken/BUILD.gn b/tools/accesstoken/BUILD.gn index 68c2c700a6a857e23ed800d95de2a5e10da6a277..266d937aef2c20ceb9b8cdfc4c7bb21cd038cc42 100644 --- a/tools/accesstoken/BUILD.gn +++ b/tools/accesstoken/BUILD.gn @@ -20,6 +20,7 @@ ohos_executable("atm") { part_name = "access_token" include_dirs = [ + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/interfaces/innerkits/privacy/include", "include", ] @@ -32,6 +33,7 @@ ohos_executable("atm") { deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", ] @@ -47,6 +49,7 @@ ohos_executable("atm") { } external_deps = [ + "cJSON:cjson", "c_utils:utils", "hilog:libhilog", "ipc:ipc_single", diff --git a/tools/accesstoken/include/atm_command.h b/tools/accesstoken/include/atm_command.h index 20433c5a21f7b571a3a56f85d407a3f1d9c23247..38ed24ff774cf5f447a3729e60d754d6b6f6fd5a 100644 --- a/tools/accesstoken/include/atm_command.h +++ b/tools/accesstoken/include/atm_command.h @@ -29,6 +29,53 @@ namespace OHOS { namespace Security { namespace AccessToken { +constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; +/** + * @brief Atm tools operate type + */ +typedef enum TypeOptType { + /** default */ + DEFAULT_OPER = 0, + /** dump hap or native token info */ + DUMP_TOKEN, + /** dump permission used records */ + DUMP_RECORD, + /** dump permission used types */ + DUMP_TYPE, + /** dump permission definition info */ + DUMP_PERM, + /** grant permission */ + PERM_GRANT, + /** revoke permission */ + PERM_REVOKE, +} OptType; + +/** + * @brief Atm toggle mode type + */ +typedef enum TypeToggleModeType { + /** toggle mode is request */ + TOGGLE_REQUEST = 0, + /** toggle mode is record */ + TOGGLE_RECORD, +} ToggleModeType; + +typedef enum TypeToggleOperateType { + /** set toggle request/record status */ + TOGGLE_SET, + /** get toggle request/record status */ + TOGGLE_GET, +} ToggleOperateType; + +class AtmToggleParamInfo final { +public: + ToggleModeType toggleMode; + ToggleOperateType type; + int32_t userID; + std::string permissionName; + uint32_t status = INVALID_ATM_SET_STATUS; +}; + class AtmCommand final { public: AtmCommand(int32_t argc, char *argv[]); @@ -40,28 +87,31 @@ private: std::string GetCommandErrorMsg() const; int32_t RunAsCommandError(void); std::string GetUnknownOptionMsg() const; - int32_t RunAsCommandMissingOptionArgument(void); - void RunAsCommandExistentOptionArgument(const int32_t& option, AtmToolsParamInfo& info); + int32_t RunAsCommandMissingOptionArgument(const std::vector& requeredOptions); + void RunAsCommandExistentOptionForDump( + const int32_t& option, AtmToolsParamInfo& info, OptType& type, std::string& permissionName); + void RunAsCommandExistentOptionForPerm( + const int32_t& option, bool& isGranted, AccessTokenID& tokenID, std::string& permission); + void RunAsCommandExistentOptionForToggle(const int32_t& option, AtmToggleParamInfo& info); std::string DumpRecordInfo(uint32_t tokenId, const std::string& permissionName); std::string DumpUsedTypeInfo(uint32_t tokenId, const std::string& permissionName); - int32_t ModifyPermission(const OptType& type, AccessTokenID tokenId, const std::string& permissionName); - int32_t RunCommandByOperationType(const AtmToolsParamInfo& info); - int32_t HandleComplexCommand(const std::string& shortOption, const struct option longOption[], - const std::string& helpMsg); + int32_t ModifyPermission(bool isGranted, AccessTokenID tokenId, const std::string& permissionName); + int32_t RunCommandByOperationType(const AtmToolsParamInfo& info, OptType type, std::string& permissionName); + int32_t SetToggleStatus(int32_t userID, const std::string& permissionName, const uint32_t& status); int32_t GetToggleStatus(int32_t userID, const std::string& permissionName, std::string& statusInfo); - void RunToggleCommandExistentOptionArgument(const int32_t& option, AtmToolsParamInfo& info); - int32_t HandleToggleCommand(const std::string& shortOption, const struct option longOption[], - const std::string& helpMsg); - int32_t RunToggleCommandByOperationType(const AtmToolsParamInfo& info); - int32_t HandleToggleRequest(const AtmToolsParamInfo& info, std::string& dumpInfo); - int32_t HandleToggleRecord(const AtmToolsParamInfo& info, std::string& dumpInfo); + + int32_t RunToggleCommandByOperationType(const AtmToggleParamInfo& info); + int32_t HandleToggleRequest(const AtmToggleParamInfo& info, std::string& dumpInfo); + int32_t HandleToggleRecord(const AtmToggleParamInfo& info, std::string& dumpInfo); int32_t SetRecordToggleStatus(int32_t userID, const uint32_t& recordStatus, std::string& statusInfo); int32_t GetRecordToggleStatus(int32_t userID, std::string& statusInfo); bool IsNumericString(const char* string); int32_t RunAsHelpCommand(); - int32_t RunAsCommonCommand(); + int32_t RunAsCommonCommandForDump(); + int32_t RunAsCommonCommandForPerm(); + int32_t RunAsCommonCommandForToggle(); int32_t argc_; char** argv_; diff --git a/tools/accesstoken/include/to_string.h b/tools/accesstoken/include/to_string.h index 6bc0e17e5ff4be76258566f407c77eb7242930d7..f00632deb660d2e4d9e4fc6259480b9eb65e2eeb 100644 --- a/tools/accesstoken/include/to_string.h +++ b/tools/accesstoken/include/to_string.h @@ -17,6 +17,7 @@ #define TO_STRING_H #include +#include "cjson_utils.h" #include "permission_used_request.h" #include "permission_used_result.h" #include "permission_used_type_info.h" @@ -26,13 +27,9 @@ namespace Security { namespace AccessToken { class ToString { public: - static void DetailUsedRecordToString( - bool isAccessDetail, const std::vector& detailRecord, std::string& infos); - static void PermissionUsedRecordToString( - const std::vector& permissionRecords, std::string& infos); - static void BundleUsedRecordToString(const BundleUsedRecord& bundleRecord, std::string& infos); - static void PermissionUsedResultToString(const PermissionUsedResult& result, std::string& infos); - static void PermissionUsedTypeInfoToString(const PermissionUsedTypeInfo& type, std::string& infos); + static std::string PermissionUsedResultToString(const PermissionUsedResult& result); + static std::string PermissionUsedTypeInfoToString(const std::vector& typeInfos); + static std::string DumpPermDefinition(const std::string& permissionName); }; } // namespace AccessToken } // namespace Security diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index d00dc6fcfd014c4af07cace6b8f565416ef06a7a..147657cbe160b9639afb5373d6ae44892d225e83 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -46,8 +46,8 @@ static const std::string HELP_MSG = static const std::string HELP_MSG_DUMP = "usage: atm dump