From b1f7327fdd52b1a2546d3ab6d82680a8eae4b31a Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 8 Aug 2025 17:20:22 +0800 Subject: [PATCH] Modify dump info Signed-off-by: chennian Change-Id: Idb59809eecc8a2022ce348519366d211261a7363 --- BUILD.gn | 2 +- access_token.gni | 2 +- .../src/atm_tools_param_info_parcel.cpp | 4 - frameworks/json_adapter/BUILD.gn | 55 ++++ .../json_adapter}/include/cjson_utils.h | 8 +- .../json_adapter}/src/cjson_utils.cpp | 130 +++++++-- frameworks/json_adapter/test/BUILD.gn | 68 +++++ .../test/unittest/cjson_utils_test.cpp | 175 +++++++++--- .../test/unittest/accesstoken_parcel_test.cpp | 1 - .../accesstoken/include/access_token.h | 34 --- .../include/atm_tools_param_info.h | 13 +- .../accesstoken/src/accesstoken_kit.cpp | 75 ------ .../unittest/SaTest/dump_token_info_test.cpp | 40 +-- .../test/unittest/src/privacy_kit_test.cpp | 16 +- .../service/accesstoken_manager_service.h | 1 - .../include/token/accesstoken_info_manager.h | 11 +- .../cpp/include/token/hap_token_info_inner.h | 4 +- .../service/accesstoken_manager_service.cpp | 36 --- .../src/token/accesstoken_info_manager.cpp | 124 +-------- .../cpp/src/token/hap_token_info_inner.cpp | 73 +---- .../accesstoken_info_manager_test.cpp | 59 ---- services/common/BUILD.gn | 1 - services/common/json_parse/BUILD.gn | 44 +-- .../json_parse/include/json_parse_loader.h | 7 + .../json_parse/src/json_parse_loader.cpp | 73 +++++ services/common/json_parse/test/BUILD.gn | 5 +- .../src/record/permission_record_manager.cpp | 5 +- .../src/service/privacy_manager_service.cpp | 31 ++- services/tokensyncmanager/BUILD.gn | 3 +- .../src/command/base_remote_command.cpp | 12 +- .../update_remote_hap_token_command.cpp | 4 +- .../tokensyncmanager/test/coverage/BUILD.gn | 3 +- .../tokensyncmanager/test/unittest/BUILD.gn | 3 +- .../dumptokeninfo_fuzzer.cpp | 13 - .../accesstoken/access_token_service_fuzz.gni | 1 - .../accesstoken/access_token_service_fuzz.gni | 5 +- .../services/privacy/privacy_service_fuzz.gni | 2 +- tools/accesstoken/BUILD.gn | 3 + tools/accesstoken/include/atm_command.h | 76 +++++- tools/accesstoken/include/to_string.h | 11 +- tools/accesstoken/src/atm_command.cpp | 251 +++++++++--------- tools/accesstoken/src/to_string.cpp | 208 +++++++++------ 42 files changed, 896 insertions(+), 796 deletions(-) create mode 100644 frameworks/json_adapter/BUILD.gn rename {services/common/json_parse => frameworks/json_adapter}/include/cjson_utils.h (91%) rename {services/common/json_parse => frameworks/json_adapter}/src/cjson_utils.cpp (72%) create mode 100644 frameworks/json_adapter/test/BUILD.gn rename {services/common/json_parse => frameworks/json_adapter}/test/unittest/cjson_utils_test.cpp (63%) diff --git a/BUILD.gn b/BUILD.gn index 72be0780c..e7fb8303d 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -19,6 +19,7 @@ group("accesstoken_build_module_test") { deps = [] if (is_standard_system) { deps += [ + "frameworks/json_adapter/test:unittest", "frameworks/test/unittest:unittest", "interfaces/inner_api/el5filekeymanager/test:unittest", "interfaces/innerkits/accesstoken/test:unittest", @@ -30,7 +31,6 @@ group("accesstoken_build_module_test") { "services/accesstokenmanager/test:unittest", "services/common/database/test:unittest", "services/common/dfx/test:unittest", - "services/common/json_parse/test:unittest", ] if (ability_base_enable == true) { deps += [ diff --git a/access_token.gni b/access_token.gni index db3bcb189..0862cb3ae 100644 --- a/access_token.gni +++ b/access_token.gni @@ -151,4 +151,4 @@ if ("${target_platform}" == "watch" || "${target_platform}" == "wearable") { light_device_enable = true } else { light_device_enable = false -} \ No newline at end of file +} diff --git a/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp b/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp index 646d49968..8bb4f77f1 100644 --- a/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp +++ b/frameworks/accesstoken/src/atm_tools_param_info_parcel.cpp @@ -21,7 +21,6 @@ namespace Security { namespace AccessToken { bool AtmToolsParamInfoParcel::Marshalling(Parcel& out) const { - RETURN_IF_FALSE(out.WriteInt32(this->info.type)); RETURN_IF_FALSE(out.WriteUint32(this->info.tokenId)); RETURN_IF_FALSE(out.WriteString(this->info.permissionName)); RETURN_IF_FALSE(out.WriteString(this->info.bundleName)); @@ -36,9 +35,6 @@ AtmToolsParamInfoParcel* AtmToolsParamInfoParcel::Unmarshalling(Parcel& in) return nullptr; } - int32_t type; - RELEASE_IF_FALSE(in.ReadInt32(type), atmToolsParamInfoParcel); - atmToolsParamInfoParcel->info.type = OptType(type); RELEASE_IF_FALSE(in.ReadUint32(atmToolsParamInfoParcel->info.tokenId), atmToolsParamInfoParcel); atmToolsParamInfoParcel->info.permissionName = in.ReadString(); atmToolsParamInfoParcel->info.bundleName = in.ReadString(); diff --git a/frameworks/json_adapter/BUILD.gn b/frameworks/json_adapter/BUILD.gn new file mode 100644 index 000000000..db5a10f41 --- /dev/null +++ b/frameworks/json_adapter/BUILD.gn @@ -0,0 +1,55 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("../../access_token.gni") + +config("accesstoken_json_parse_config") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_shared_library("accesstoken_cjson_utils") { + if (is_standard_system) { + subsystem_name = "security" + part_name = "access_token" + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + include_dirs = [ + "include", + "${access_token_path}/frameworks/common/include", + ] + + sources = [ "src/cjson_utils.cpp" ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + public_configs = [ ":accesstoken_json_parse_config" ] + + deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "hilog:libhilog", + ] + } +} diff --git a/services/common/json_parse/include/cjson_utils.h b/frameworks/json_adapter/include/cjson_utils.h similarity index 91% rename from services/common/json_parse/include/cjson_utils.h rename to frameworks/json_adapter/include/cjson_utils.h index 36e48fb7b..214c9e72a 100644 --- a/services/common/json_parse/include/cjson_utils.h +++ b/frameworks/json_adapter/include/cjson_utils.h @@ -35,12 +35,14 @@ CJsonUnique CreateJsonFromString(const std::string& jsonStr); CJsonUnique CreateJson(void); /* NO Need to call FreeJson to free the returned pointer when it's no longer in use. */ CJsonUnique CreateJsonArray(void); +CJsonUnique CreateJsonString(const std::string& value); void FreeJson(CJson* jsonObj); /* NO Need to call FreeJsonString to free the returned pointer when it's no longer in use. */ std::string PackJsonToString(const CJson* jsonObj); std::string PackJsonToString(const CJsonUnique& jsonObj); void FreeJsonString(char* jsonStr); +std::string JsonToStringFormatted(const CJson* jsonObj, int32_t level = 0); /* * Can't release the returned pointer, otherwise, an exception may occur. @@ -73,10 +75,12 @@ bool AddStringToJson(CJson* jsonObj, const std::string& key, const std::string& bool AddStringToJson(CJsonUnique& jsonObj, const std::string& key, const std::string& value); bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value); bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, const bool value); -bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value); -bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int value); +bool AddIntToJson(CJson* jsonObj, const std::string& key, const int32_t value); +bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int32_t value); bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t value); bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, const uint32_t value); +bool AddInt64ToJson(CJson* jsonObj, const std::string& key, const int64_t value); +bool AddInt64ToJson(CJsonUnique& jsonObj, const std::string& key, const int64_t value); } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/common/json_parse/src/cjson_utils.cpp b/frameworks/json_adapter/src/cjson_utils.cpp similarity index 72% rename from services/common/json_parse/src/cjson_utils.cpp rename to frameworks/json_adapter/src/cjson_utils.cpp index d01db42b6..73221f0ba 100644 --- a/services/common/json_parse/src/cjson_utils.cpp +++ b/frameworks/json_adapter/src/cjson_utils.cpp @@ -23,9 +23,10 @@ namespace Security { namespace AccessToken { namespace { #define RECURSE_FLAG_TRUE 1 +#define PRINT_FORMAT_LEVEL_MAX 500 } -CJson *GetItemFromArray(const CJson* jsonArr, int32_t index) +CJson* GetItemFromArray(const CJson* jsonArr, int32_t index) { if (jsonArr == nullptr) { return nullptr; @@ -54,6 +55,12 @@ CJsonUnique CreateJsonArray(void) return aPtr; } +CJsonUnique CreateJsonString(const std::string& value) +{ + CJsonUnique aPtr(cJSON_CreateString(value.c_str()), FreeJson); + return aPtr; +} + void FreeJson(CJson* jsonObj) { cJSON_Delete(jsonObj); @@ -76,6 +83,63 @@ std::string PackJsonToString(const CJsonUnique& jsonObj) return PackJsonToString(jsonObj.get()); } +static std::string GetTabContentString(int32_t level) +{ + std::string str = ""; + for (int32_t i = 0; i < level; ++i) { + str += " "; + } + return str; +} + +std::string JsonToStringFormatted(const CJson* jsonObj, int32_t level) +{ + if (jsonObj == nullptr || level > PRINT_FORMAT_LEVEL_MAX) { + return ""; + } + std::string str = ""; + CJson* child = nullptr; + switch (jsonObj->type) { + case cJSON_Object: + str += GetTabContentString(level) + "{\n"; + child = jsonObj->child; + while (child != nullptr) { + str += GetTabContentString(level + 2) + "\"" + std::string(child->string) + "\": "; // 2: space + str += JsonToStringFormatted(child, level + 2); // 2: space + str += (child->next != nullptr) ? ",\n" : "\n"; + child = child->next; + } + str += GetTabContentString(level) + "}"; + break; + case cJSON_Array: + str += "[\n"; + child = jsonObj->child; + while (child != nullptr) { + str += JsonToStringFormatted(child, level + 2); // 2: space + str += (child->next != nullptr) ? ",\n" : "\n"; + child = child->next; + } + str += GetTabContentString(level) + "]"; + break; + case cJSON_String: + str += "\"" + std::string(jsonObj->valuestring) + "\""; + break; + case cJSON_Number: + str += std::to_string(static_cast(jsonObj->valuedouble)); + break; + case cJSON_True: + str += "true"; + break; + case cJSON_False: + str += "false"; + break; + default: + str += "unkown type"; + break; + } + return str; +} + void FreeJsonString(char* jsonStr) { if (jsonStr != nullptr) { @@ -85,7 +149,7 @@ void FreeJsonString(char* jsonStr) CJson* GetObjFromJson(const CJson* jsonObj, const std::string& key) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return nullptr; } @@ -103,7 +167,7 @@ CJson* GetObjFromJson(CJsonUnique& jsonObj, const std::string& key) CJson* GetArrayFromJson(const CJson* jsonObj, const std::string& key) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return nullptr; } @@ -145,7 +209,7 @@ bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string return false; } - cJSON *jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); + cJSON* jsonObjTmp = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); if (jsonObjTmp != nullptr && cJSON_IsString(jsonObjTmp)) { out = cJSON_GetStringValue(jsonObjTmp); return true; @@ -155,7 +219,7 @@ bool GetStringFromJson(const CJson *jsonObj, const std::string& key, std::string bool GetIntFromJson(const CJson* jsonObj, const std::string& key, int32_t& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -174,7 +238,7 @@ bool GetIntFromJson(const CJsonUnique& jsonObj, const std::string& key, int32_t& bool GetUnsignedIntFromJson(const CJson* jsonObj, const std::string& key, uint32_t& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -193,7 +257,7 @@ bool GetUnsignedIntFromJson(const CJsonUnique& jsonObj, const std::string& key, bool GetBoolFromJson(const CJson* jsonObj, const std::string& key, bool& value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -212,7 +276,7 @@ bool GetBoolFromJson(const CJsonUnique& jsonObj, const std::string& key, bool& v bool AddObjToJson(CJson* jsonObj, const std::string& key, const CJson* childObj) { - if (key.empty() || childObj == nullptr) { + if ((jsonObj == nullptr) || key.empty() || (childObj == nullptr)) { return false; } @@ -243,7 +307,7 @@ bool AddObjToJson(CJsonUnique& jsonObj, const std::string& key, CJsonUnique& chi bool AddObjToArray(CJson* jsonArr, CJson* item) { - if (item == nullptr) { + if ((jsonArr == nullptr) || (item == nullptr)) { return false; } @@ -267,7 +331,7 @@ bool AddObjToArray(CJsonUnique& jsonArr, CJsonUnique& item) bool AddStringToJson(CJson* jsonObj, const std::string& key, const std::string& value) { - if (key.empty() || value.empty()) { + if ((jsonObj == nullptr) || key.empty() || value.empty()) { return false; } @@ -295,9 +359,9 @@ bool AddStringToJson(CJsonUnique& jsonObj, const std::string& key, const std::st return AddStringToJson(jsonObj.get(), key, value); } -bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value) +bool AddBoolToJson(CJson* jsonObj, const std::string& key, bool value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -320,14 +384,14 @@ bool AddBoolToJson(CJson* jsonObj, const std::string& key, const bool value) return true; } -bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, const bool value) +bool AddBoolToJson(CJsonUnique& jsonObj, const std::string& key, bool value) { return AddBoolToJson(jsonObj.get(), key, value); } -bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value) +bool AddIntToJson(CJson* jsonObj, const std::string& key, const int32_t value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -350,14 +414,14 @@ bool AddIntToJson(CJson* jsonObj, const std::string& key, const int value) return true; } -bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, const int value) +bool AddIntToJson(CJsonUnique& jsonObj, const std::string& key, int32_t value) { return AddIntToJson(jsonObj.get(), key, value); } bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t value) { - if (key.empty()) { + if ((jsonObj == nullptr) || key.empty()) { return false; } @@ -380,10 +444,40 @@ bool AddUnsignedIntToJson(CJson* jsonObj, const std::string& key, const uint32_t return true; } -bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, const uint32_t value) +bool AddUnsignedIntToJson(CJsonUnique& jsonObj, const std::string& key, uint32_t value) { return AddUnsignedIntToJson(jsonObj.get(), key, value); } + +bool AddInt64ToJson(CJson* jsonObj, const std::string& key, int64_t value) +{ + if ((jsonObj == nullptr) || key.empty()) { + return false; + } + + CJson* objInJson = cJSON_GetObjectItemCaseSensitive(jsonObj, key.c_str()); + double tmpValue = static_cast(value); + if (objInJson == nullptr) { + if (cJSON_AddNumberToObject(jsonObj, key.c_str(), tmpValue) == nullptr) { + return false; + } + } else { + CJson* tmp = cJSON_CreateNumber(tmpValue); + if (tmp == nullptr) { + return false; + } + if (!cJSON_ReplaceItemInObjectCaseSensitive(jsonObj, key.c_str(), tmp)) { + cJSON_Delete(tmp); + return false; + } + } + return true; +} + +bool AddInt64ToJson(CJsonUnique& jsonObj, const std::string& key, int64_t value) +{ + return AddInt64ToJson(jsonObj.get(), key, value); +} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/frameworks/json_adapter/test/BUILD.gn b/frameworks/json_adapter/test/BUILD.gn new file mode 100644 index 000000000..4dc2e6d64 --- /dev/null +++ b/frameworks/json_adapter/test/BUILD.gn @@ -0,0 +1,68 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../access_token.gni") + +config("accesstoken_json_parse_config") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_unittest("libjsonparse_test") { + subsystem_name = "accesscontrol" + module_out_path = module_output_path_unittest_accesstoken + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + include_dirs = [ + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/frameworks/json_adapter/include", + ] + + sources = [ + "${access_token_path}/frameworks/json_adapter/src/cjson_utils.cpp", + "unittest/cjson_utils_test.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + public_configs = [ ":accesstoken_json_parse_config" ] + + deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + ] + + if (customization_config_policy_enable) { + cflags_cc += [ "-DCUSTOMIZATION_CONFIG_POLICY_ENABLE" ] + external_deps += [ "config_policy:configpolicy_util" ] + } +} + +group("unittest") { + testonly = true + deps = [ ":libjsonparse_test" ] +} diff --git a/services/common/json_parse/test/unittest/cjson_utils_test.cpp b/frameworks/json_adapter/test/unittest/cjson_utils_test.cpp similarity index 63% rename from services/common/json_parse/test/unittest/cjson_utils_test.cpp rename to frameworks/json_adapter/test/unittest/cjson_utils_test.cpp index 04c90ca9c..70f20b0af 100644 --- a/services/common/json_parse/test/unittest/cjson_utils_test.cpp +++ b/frameworks/json_adapter/test/unittest/cjson_utils_test.cpp @@ -23,6 +23,46 @@ using namespace testing::ext; namespace OHOS { namespace Security { namespace AccessToken { +namespace { +std::string g_testJsonStr = R"( +{ + "beginTime": 11, + "endTime": 22, + "bundleRecords": [ + { + "tokenId": 123, + "isRemote": false, + "bundleName": "com.ohos.test1", + "permissionRecords": [{ + "permissionName": "ohos.permission.READ_IMAGEVIDEO", + "accessCount": 1, + "secAccessCount": 1, + "rejectCount": 1, + "lastAccessTime": 11, + "lastRejectTime": 22, + "lastAccessDuration": 0, + "accessRecords": [{ + "status": 1, + "lockScreenStatus": 1, + "timestamp": 11, + "duration": 0, + "count": 2, + "usedType": 0 + } + ], + "rejectRecords": [] + }] + }, + { + "tokenId": 234, + "isRemote": true, + "bundleName": "com.ohos.test", + "permissionRecords": [] + } + ] +} +)"; +}; class CJsonUtilsTest : public testing::Test { public: @@ -46,8 +86,11 @@ void CJsonUtilsTest::TearDown() {} */ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3) { - std::string test; - EXPECT_EQ(nullptr, CreateJsonFromString(test)); + std::string test1; + EXPECT_EQ(nullptr, CreateJsonFromString(test1)); + + std::string test2 = "{\"key\":\"value\"}"; + EXPECT_NE(nullptr, CreateJsonFromString(test2)); } /* @@ -59,7 +102,14 @@ HWTEST_F(CJsonUtilsTest, CreateJsonFromStringTest001, TestSize.Level3) HWTEST_F(CJsonUtilsTest, PackJsonToStringTest001, TestSize.Level3) { std::string res = PackJsonToString(nullptr); - EXPECT_EQ(res.size(), 0); + EXPECT_TRUE(res.empty()); + + std::string test = "{\"key\":\"value\"}"; + CJsonUnique json = CreateJsonFromString(test); + EXPECT_NE(nullptr, json); + + res = PackJsonToString(json); + EXPECT_FALSE(res.empty()); FreeJsonString(nullptr); } @@ -138,9 +188,10 @@ HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level3) { std::string test; std::string res; - EXPECT_EQ(false, GetStringFromJson(nullptr, test, res)); - CJsonUnique jsonInner = CreateJson(); + EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), "", res)); + EXPECT_EQ(false, GetStringFromJson(nullptr, "test", res)); + ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); EXPECT_EQ(false, GetStringFromJson(jsonInner.get(), test, res)); @@ -160,12 +211,12 @@ HWTEST_F(CJsonUtilsTest, GetStringFromJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level3) { - std::string test; + std::string test = "test1"; int32_t res; + CJsonUnique jsonInner = CreateJson(); + EXPECT_EQ(false, GetIntFromJson(jsonInner, "", res)); EXPECT_EQ(false, GetIntFromJson(nullptr, test, res)); - test = "test1"; - CJsonUnique jsonInner = CreateJson(); ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc")); EXPECT_EQ(false, GetIntFromJson(jsonInner, test, res)); @@ -181,12 +232,12 @@ HWTEST_F(CJsonUtilsTest, GetIntFromJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level3) { - std::string test; + std::string test = "test1"; uint32_t res; + CJsonUnique jsonInner = CreateJson(); + EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, "", res)); EXPECT_EQ(false, GetUnsignedIntFromJson(nullptr, test, res)); - test = "test1"; - CJsonUnique jsonInner = CreateJson(); ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "abc")); EXPECT_EQ(false, GetUnsignedIntFromJson(jsonInner, test, res)); @@ -202,12 +253,12 @@ HWTEST_F(CJsonUtilsTest, GetUnsignedIntFromJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest001, TestSize.Level3) { - std::string test; + std::string test = "test1"; bool res; + CJsonUnique jsonInner = CreateJson(); + EXPECT_EQ(false, GetBoolFromJson(jsonInner, "", res)); EXPECT_EQ(false, GetBoolFromJson(nullptr, test, res)); - test = "test1"; - CJsonUnique jsonInner = CreateJson(); ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); EXPECT_EQ(false, GetBoolFromJson(jsonInner, test, res)); @@ -226,6 +277,9 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level3) std::string test = "test1"; bool res; CJsonUnique jsonInner = CreateJson(); + EXPECT_EQ(false, GetBoolFromJson(jsonInner, "", res)); + EXPECT_EQ(false, GetBoolFromJson(nullptr, "test1", res)); + ASSERT_EQ(true, AddBoolToJson(jsonInner, test, true)); EXPECT_EQ(true, GetBoolFromJson(jsonInner, test, res)); @@ -240,11 +294,11 @@ HWTEST_F(CJsonUtilsTest, GetBoolFromJsonTest002, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, AddObjToJsonTest001, TestSize.Level3) { - ASSERT_EQ(false, AddObjToJson(nullptr, "", nullptr)); + CJsonUnique jsonInner = CreateJson(); std::string test = "test1"; - ASSERT_EQ(false, AddObjToJson(nullptr, test, nullptr)); + ASSERT_EQ(false, AddObjToJson(jsonInner.get(), "", nullptr)); + ASSERT_EQ(false, AddObjToJson(nullptr, "test", nullptr)); - CJsonUnique jsonInner = CreateJson(); ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "0")); ASSERT_EQ(true, AddStringToJson(jsonInner, "test1", "1")); @@ -275,13 +329,15 @@ HWTEST_F(CJsonUtilsTest, AddObjToArrayTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3) { - ASSERT_EQ(false, AddStringToJson(nullptr, "", "")); - ASSERT_EQ(false, AddStringToJson(nullptr, "test0", "test0")); - CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); + ASSERT_EQ(false, AddStringToJson(jsonInner, "", nullptr)); + ASSERT_EQ(false, AddStringToJson(nullptr, "test", nullptr)); + + ASSERT_EQ(false, AddStringToJson(nullptr, "key_string", "test0")); + + ASSERT_EQ(true, AddStringToJson(jsonInner, "key_string", "test0")); // twice - ASSERT_EQ(true, AddStringToJson(jsonInner, "test0", "test0")); + ASSERT_EQ(true, AddStringToJson(jsonInner, "key_string", "test0")); } /* @@ -292,13 +348,13 @@ HWTEST_F(CJsonUtilsTest, AddStringToJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3) { - ASSERT_EQ(false, AddBoolToJson(nullptr, "", true)); - ASSERT_EQ(false, AddBoolToJson(nullptr, "test0", true)); - CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); + ASSERT_EQ(false, AddStringToJson(jsonInner, "", nullptr)); + ASSERT_EQ(false, AddBoolToJson(nullptr, "key_bool", true)); + + ASSERT_EQ(true, AddBoolToJson(jsonInner, "key_bool", true)); // twice - ASSERT_EQ(true, AddBoolToJson(jsonInner, "test0", true)); + ASSERT_EQ(true, AddBoolToJson(jsonInner, "key_bool", true)); } /* @@ -309,13 +365,13 @@ HWTEST_F(CJsonUtilsTest, AddBoolToJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3) { - ASSERT_EQ(false, AddIntToJson(nullptr, "", 0)); - ASSERT_EQ(false, AddIntToJson(nullptr, "test0", 0)); - CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(false, AddIntToJson(jsonInner, "", 0)); + ASSERT_EQ(false, AddIntToJson(nullptr, "key_int32", 0)); + + ASSERT_EQ(true, AddIntToJson(jsonInner, "key_int32", 0)); // twice - ASSERT_EQ(true, AddIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddIntToJson(jsonInner, "key_int32", 0)); } /* @@ -326,13 +382,60 @@ HWTEST_F(CJsonUtilsTest, AddIntToJsonTest001, TestSize.Level3) */ HWTEST_F(CJsonUtilsTest, AddUnsignedIntToJsonTest001, TestSize.Level3) { - ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "", 0)); - ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "test0", 0)); + CJsonUnique jsonInner = CreateJson(); + ASSERT_EQ(false, AddUnsignedIntToJson(jsonInner, "", 0)); + ASSERT_EQ(false, AddUnsignedIntToJson(nullptr, "key_uint32", 0)); + + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "key_uint32", 0)); + // twice + ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "key_uint32", 0)); +} +/* + * @tc.name: AddInt64ToJson + * @tc.desc: AddInt64ToJson + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, AddInt64ToJsonTest001, TestSize.Level3) +{ CJsonUnique jsonInner = CreateJson(); - ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(false, AddInt64ToJson(jsonInner, "", 0)); + ASSERT_EQ(false, AddInt64ToJson(nullptr, "key_int64", 0)); + + ASSERT_EQ(true, AddInt64ToJson(jsonInner, "key_int64", 0)); // twice - ASSERT_EQ(true, AddUnsignedIntToJson(jsonInner, "test0", 0)); + ASSERT_EQ(true, AddInt64ToJson(jsonInner, "key_int64", 0)); +} + +/* + * @tc.name: JsonToStringFormatted + * @tc.desc: JsonToStringFormatted with json is nullptr + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, JsonToStringFormattedTest001, TestSize.Level3) +{ + std::string str = JsonToStringFormatted(nullptr); + EXPECT_TRUE(str.empty()); +} + +/* + * @tc.name: JsonToStringFormatted + * @tc.desc: JsonToStringFormatted + * @tc.type: FUNC + * @tc.require: TDD coverage + */ +HWTEST_F(CJsonUtilsTest, JsonToStringFormattedTest002, TestSize.Level3) +{ + CJsonUnique json = CreateJsonFromString(g_testJsonStr); + EXPECT_NE(nullptr, json.get()); + + std::string str = JsonToStringFormatted(json.get()); + EXPECT_FALSE(str.empty()); + + str = JsonToStringFormatted(json.get(), 501); // 501: level + EXPECT_TRUE(str.empty()); } } // namespace AccessToken } // namespace Security diff --git a/frameworks/test/unittest/accesstoken_parcel_test.cpp b/frameworks/test/unittest/accesstoken_parcel_test.cpp index aae920356..5f4bc0054 100644 --- a/frameworks/test/unittest/accesstoken_parcel_test.cpp +++ b/frameworks/test/unittest/accesstoken_parcel_test.cpp @@ -366,7 +366,6 @@ HWTEST_F(AccessTokenParcelTest, PermissionGrantInfoParcel001, TestSize.Level1) HWTEST_F(AccessTokenParcelTest, AtmToolsParamInfoParcel001, TestSize.Level1) { AtmToolsParamInfoParcel atmToolsParamInfoParcel; - atmToolsParamInfoParcel.info.type = DUMP_TOKEN; atmToolsParamInfoParcel.info.tokenId = INVALID_TOKENID; atmToolsParamInfoParcel.info.permissionName = "ohos.permission.CAMERA"; atmToolsParamInfoParcel.info.bundleName = "com.ohos.parceltest"; diff --git a/interfaces/innerkits/accesstoken/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h index e43cceca1..ed73df16a 100644 --- a/interfaces/innerkits/accesstoken/include/access_token.h +++ b/interfaces/innerkits/accesstoken/include/access_token.h @@ -294,40 +294,6 @@ typedef enum TypeDlpPerm { DLP_PERM_NONE = 2, } DlpPermMode; -/** - * @brief Atm toggle mode type - */ -typedef enum TypeToggleModeType { - /** toggle mode is request */ - TOGGLE_REQUEST = 0, - /** toggle mode is record */ - TOGGLE_RECORD, -} ToggleModeType; - -/** - * @brief Atm tools operate type - */ -typedef enum TypeOptType { - /** default */ - DEFAULT_OPER = 0, - /** dump hap or native token info */ - DUMP_TOKEN, - /** dump permission used records */ - DUMP_RECORD, - /** dump permission used types */ - DUMP_TYPE, - /** dump permission definition info */ - DUMP_PERM, - /** grant permission */ - PERM_GRANT, - /** revoke permission */ - PERM_REVOKE, - /** set toggle request/record status */ - TOGGLE_SET, - /** get toggle request/record status */ - TOGGLE_GET, -} OptType; - /** * @brief PermssionRule */ diff --git a/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h b/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h index c6326d1e6..75bd09e6a 100644 --- a/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h +++ b/interfaces/innerkits/accesstoken/include/atm_tools_param_info.h @@ -46,7 +46,6 @@ namespace OHOS { namespace Security { namespace AccessToken { -constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; /** * @brief Declares atm tools param class */ @@ -56,20 +55,10 @@ constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; */ class AtmToolsParamInfo final { public: - /** - * operate type, for details about the valid values, - * see the definition of OptType in the access_token.h file. - */ - OptType type = DEFAULT_OPER; - union { - AccessTokenID tokenId = 0; - int32_t userID; - }; - uint32_t status = INVALID_ATM_SET_STATUS; + AccessTokenID tokenId = 0; std::string permissionName; std::string bundleName; std::string processName; - ToggleModeType toggleMode = TOGGLE_REQUEST; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 83453a03d..304b9ffca 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -715,85 +715,10 @@ int32_t AccessTokenKit::UnRegisterTokenSyncCallback() } #endif -static void FormatApl(ATokenAplEnum availableLevel, std::string& apl) -{ - if (availableLevel == ATokenAplEnum::APL_NORMAL) { - apl = "NORMAL"; - } else if (availableLevel == ATokenAplEnum::APL_SYSTEM_BASIC) { - apl = "SYSTEM_BASIC"; - } else { - apl = "SYSTEM_CORE"; - } -} - -static void FormatAvailableType(ATokenAvailableTypeEnum availableType, std::string& type) -{ - if (availableType == ATokenAvailableTypeEnum::NORMAL) { - type = "NORMAL"; - } else if (availableType == ATokenAvailableTypeEnum::SYSTEM) { - type = "SYSTEM"; - } else if (availableType == ATokenAvailableTypeEnum::MDM) { - type = "MDM"; - } else if (availableType == ATokenAvailableTypeEnum::SYSTEM_AND_MDM) { - type = "SYSTEM_AND_MDM"; - } else if (availableType == ATokenAvailableTypeEnum::SERVICE) { - type = "SERVICE"; - } else { - type = "ENTERPRISE_NORMAL"; - } -} - -static void PermDefinitionToString(const PermissionBriefDef& briefDef, std::string& dumpInfo) -{ - std::string grantMode = briefDef.grantMode == GrantMode::USER_GRANT ? "USER_GRANT" : "SYSTEM_GRANT"; - std::string apl; - FormatApl(briefDef.availableLevel, apl); - std::string availableType; - FormatAvailableType(briefDef.availableType, availableType); - - dumpInfo.append(R"({)"); - dumpInfo.append("\n"); - dumpInfo.append(R"( "permissionName": ")" + std::string(briefDef.permissionName) + R"(")" + ",\n"); - dumpInfo.append(R"( "grantMode": )" + grantMode + ",\n"); - dumpInfo.append(R"( "availableLevel": )" + apl + ",\n"); - dumpInfo.append(R"( "availableType": )" + availableType + ",\n"); - dumpInfo.append(R"( "provisionEnable": )" + std::string(briefDef.provisionEnable ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "distributedSceneEnable": )" + - std::string(briefDef.distributedSceneEnable ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "isKernelEffect": )" + std::string(briefDef.isKernelEffect ? "true" : "false") + ",\n"); - dumpInfo.append(R"( "hasValue": )" + std::string(briefDef.hasValue ? "true" : "false") + ",\n"); - dumpInfo.append(R"(})"); - dumpInfo.append("\n"); -} - -static void DumpPermDefinition(const AtmToolsParamInfo& info, std::string& dumpInfo) -{ - if (info.permissionName.empty()) { - size_t count = GetDefPermissionsSize(); - - for (size_t i = 0; i < count; ++i) { - PermissionBriefDef briefDef; - GetPermissionBriefDef(i, briefDef); - PermDefinitionToString(briefDef, dumpInfo); - } - } else { - uint32_t code = 0; - if (TransferPermissionToOpcode(info.permissionName, code)) { - PermissionBriefDef briefDef; - GetPermissionBriefDef(code, briefDef); - PermDefinitionToString(briefDef, dumpInfo); - } - } -} - void AccessTokenKit::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) { LOGD(ATM_DOMAIN, ATM_TAG, "TokenID=%{public}d, bundleName=%{public}s, processName=%{public}s.", info.tokenId, info.bundleName.c_str(), info.processName.c_str()); - if (info.type == DUMP_PERM) { - DumpPermDefinition(info, dumpInfo); - return; - } AccessTokenManagerClient::GetInstance().DumpTokenInfo(info, dumpInfo); } diff --git a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp index 5f7ff2fba..56d2dcb13 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/SaTest/dump_token_info_test.cpp @@ -125,30 +125,30 @@ HWTEST_F(DumpTokenInfoTest, DumpTokenInfoAbnormalTest002, TestSize.Level1) } /** - * @tc.name: DumpPermDef001 - * @tc.desc: Get dump permission definitions + * @tc.name: DumpTokenInfoFuncTest001 + * @tc.desc: Get dump token information with valid tokenID * @tc.type: FUNC * @tc.require:Issue Number */ -HWTEST_F(DumpTokenInfoTest, DumpPermDef001, TestSize.Level1) +HWTEST_F(DumpTokenInfoTest, DumpTokenInfoFuncTest001, TestSize.Level1) { - LOGI(ATM_DOMAIN, ATM_TAG, "DumpPermDef001"); - SetSelfTokenID(g_selfTokenId); - std::string dumpInfo1; - AtmToolsParamInfo info; - info.type = DUMP_PERM; - AccessTokenKit::DumpTokenInfo(info, dumpInfo1); - ASSERT_EQ(false, dumpInfo1.empty()); - - std::string dumpInfo2; - info.permissionName = "ohos.permission.READ_MEDIA"; - AccessTokenKit::DumpTokenInfo(info, dumpInfo2); - ASSERT_EQ(false, dumpInfo2.empty()); - - std::string dumpInfo3; - info.permissionName = "ohos.permission.INVALID"; - AccessTokenKit::DumpTokenInfo(info, dumpInfo3); - ASSERT_EQ(true, dumpInfo3.empty()); + LOGI(ATM_DOMAIN, ATM_TAG, "DumpTokenInfoFuncTest001"); + AccessTokenIDEx tokenIdEx = {0}; + ASSERT_EQ(RET_SUCCESS, TestCommon::AllocTestHapToken(g_InfoParms, g_PolicyPrams, tokenIdEx)); + ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIdExStruct.tokenID); + + std::string dumpInfo; + AtmToolsParamInfo info1; + info1.tokenId = tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenKit::DumpTokenInfo(info1, dumpInfo); + EXPECT_NE("", dumpInfo); + + AtmToolsParamInfo info2; + info2.processName = "hdcd"; + AccessTokenKit::DumpTokenInfo(info2, dumpInfo); + EXPECT_NE("", dumpInfo); + + ASSERT_EQ(RET_SUCCESS, TestCommon::DeleteTestHapToken(tokenIdEx.tokenIdExStruct.tokenID)); } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index cacd0b9a6..345a6bd02 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -394,7 +394,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level0) std::vector permissionList; BuildQueryRequest(g_tokenIdA, g_infoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); } /** @@ -426,11 +426,11 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord002, TestSize.Level0) std::vector permissionList; BuildQueryRequest(g_nativeToken, "", permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); BuildQueryRequest(g_tokenIdA, g_infoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); } /** @@ -454,7 +454,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level0) BuildQueryRequest(g_nativeToken, "", permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); } /** @@ -723,7 +723,7 @@ HWTEST_F(PrivacyKitTest, RemovePermissionUsedRecords002, TestSize.Level0) ASSERT_EQ(RET_NO_ERROR, PrivacyKit::RemovePermissionUsedRecords(g_tokenIdA)); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); } /** @@ -818,14 +818,14 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level0) // query by unmatched tokenId, deviceId and bundle Name BuildQueryRequest(123, g_infoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(0), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); - // query by invalid permission Name + // query by invalid permission Name, results is empty permissionList.clear(); permissionList.emplace_back("invalid permission"); BuildQueryRequest(g_tokenIdA, g_infoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(static_cast(1), result.bundleRecords.size()); + ASSERT_TRUE(result.bundleRecords.empty()); } /** diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index a9daab95e..e1ef079b3 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -131,7 +131,6 @@ public: int32_t ClearUserPolicy() override; int32_t DumpTokenInfo(const AtmToolsParamInfoParcel& infoParcel, std::string& dumpInfo) override; int32_t GetVersion(uint32_t& version) override; - int Dump(int fd, const std::vector& args) override; int32_t CallbackEnter(uint32_t code) override; int32_t CallbackExit(uint32_t code, int32_t result) override; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index ac7b1ec50..4e60ebb7d 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -75,10 +75,6 @@ public: int32_t UpdateUserPolicy(const std::vector& userList); int32_t ClearUserPolicy(); bool GetPermDialogCap(AccessTokenID tokenID); - void DumpToken(); - int32_t GetCurDumpTaskNum(); - void AddDumpTaskNum(); - void ReduceDumpTaskNum(); void ClearUserGrantedPermissionState(AccessTokenID tokenID); int32_t ClearUserGrantedPermission(AccessTokenID tokenID); bool IsPermissionRestrictedByUserPolicy(AccessTokenID id, const std::string& permissionName); @@ -145,16 +141,11 @@ private: int32_t FindPermRequestToggleStatusFromDb(int32_t userID, const std::string& permissionName); void GetNativePermissionList(const NativeTokenInfoBase& native, std::vector& opCodeList, std::vector& statusList); - bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, - const std::vector& nativeAcls); - int32_t GetNativeCfgInfo(std::vector& tokenInfos); - void NativeTokenStateToString(const NativeTokenInfoBase& native, std::string& info, std::string& invalidPermString); - void NativeTokenToString(AccessTokenID tokenID, std::string& info); + std::string NativeTokenToString(AccessTokenID tokenID); int32_t CheckHapInfoParam(const HapInfoParams& info, const HapPolicy& policy); void UpdateHapToKernel(AccessTokenID tokenID, int32_t userId); std::shared_ptr GetHapTokenInfoInnerFromDb(AccessTokenID id); bool hasInited_; - std::atomic_int32_t dumpTaskNum_; OHOS::Utils::RWLock hapTokenInfoLock_; OHOS::Utils::RWLock nativeTokenInfoLock_; diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index e0d3ad63e..b02e9925c 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -57,7 +57,7 @@ public: int GetInstIndex() const; AccessTokenID GetTokenID() const; void SetTokenBaseInfo(const HapTokenInfo& baseInfo); - void ToString(std::string& info); + std::string ToString(); bool IsRemote() const; void SetRemote(bool isRemote); bool IsPermDialogForbidden() const; @@ -89,8 +89,6 @@ private: void TranslationIntoGenericValues(GenericValues& outGenericValues) const; int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); bool UpdateStatesToDB(AccessTokenID tokenID, std::vector& stateChangeList); - void PermToString(const std::vector& permStateList, std::string& info); - void PermStateFullToString(const PermissionStatus& state, std::string& info); HapTokenInfo tokenInfoBasic_; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 1bd833360..fb3f76421 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -66,7 +66,6 @@ namespace AccessToken { namespace { static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init"; constexpr int32_t ERROR = -1; -constexpr int TWO_ARGS = 2; const char* GRANT_ABILITY_BUNDLE_NAME = "com.ohos.permissionmanager"; const char* GRANT_ABILITY_ABILITY_NAME = "com.ohos.permissionmanager.GrantAbility"; const char* PERMISSION_STATE_SHEET_ABILITY_NAME = "com.ohos.permissionmanager.PermissionStateSheetAbility"; @@ -1298,41 +1297,6 @@ int32_t AccessTokenManagerService::ClearUserPolicy() return AccessTokenInfoManager::GetInstance().ClearUserPolicy(); } -int AccessTokenManagerService::Dump(int fd, const std::vector& args) -{ - if (fd < 0) { - return ERR_INVALID_VALUE; - } - - dprintf(fd, "AccessToken Dump:\n"); - std::string arg0 = ((args.size() == 0)? "" : Str16ToStr8(args.at(0))); - if (arg0.compare("-h") == 0) { - dprintf(fd, "Usage:\n"); - dprintf(fd, " -h: command help\n"); - dprintf(fd, " -a: dump all tokens\n"); - dprintf(fd, " -t : dump special token id\n"); - } else if (arg0.compare("-t") == 0) { - if (args.size() < TWO_ARGS) { - return ERR_INVALID_VALUE; - } - long long tokenID = atoll(static_cast(Str16ToStr8(args.at(1)).c_str())); - if (tokenID <= 0) { - return ERR_INVALID_VALUE; - } - AtmToolsParamInfoParcel infoParcel; - infoParcel.info.tokenId = static_cast(tokenID); - std::string dumpStr; - DumpTokenInfo(infoParcel, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - } else if (arg0.compare("-a") == 0 || arg0 == "") { - std::string dumpStr; - AtmToolsParamInfoParcel infoParcel; - DumpTokenInfo(infoParcel, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - } - return ERR_OK; -} - void AccessTokenManagerService::AccessTokenServiceParamSet() const { int32_t res = SetParameter(ACCESS_TOKEN_SERVICE_INIT_KEY, std::to_string(1).c_str()); diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index d0569f0fd..6e0511de1 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -64,9 +64,7 @@ static constexpr int32_t SYSTEM_APP = 1; static const int MAX_PTHREAD_NAME_LEN = 15; // pthread name max length static const char* ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_sync"; #endif -static const char* DUMP_JSON_PATH = "/data/service/el1/public/access_token/nativetoken.log"; static const char* SYSTEM_RESOURCE_BUNDLE_NAME = "ohos.global.systemres"; -constexpr uint64_t FD_TAG = 0xD005A01; } AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {} @@ -1214,10 +1212,10 @@ void AccessTokenInfoManager::DumpHapTokenInfoByTokenId(const AccessTokenID token if (type == TOKEN_HAP) { std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenId); if (infoPtr != nullptr) { - infoPtr->ToString(dumpInfo); + dumpInfo = infoPtr->ToString(); } } else if (type == TOKEN_NATIVE || type == TOKEN_SHELL) { - NativeTokenToString(tokenId, dumpInfo); + dumpInfo = NativeTokenToString(tokenId); } else { dumpInfo.append("invalid tokenId"); } @@ -1231,8 +1229,7 @@ void AccessTokenInfoManager::DumpHapTokenInfoByBundleName(const std::string& bun if (bundleName != iter->second->GetBundleName()) { continue; } - - iter->second->ToString(dumpInfo); + dumpInfo = iter->second->ToString(); dumpInfo.append("\n"); } } @@ -1253,7 +1250,7 @@ void AccessTokenInfoManager::DumpAllHapTokenname(std::string& dumpInfo) void AccessTokenInfoManager::DumpNativeTokenInfoByProcessName(const std::string& processName, std::string& dumpInfo) { - NativeTokenToString(GetNativeTokenId(processName), dumpInfo); + dumpInfo = NativeTokenToString(GetNativeTokenId(processName)); } void AccessTokenInfoManager::DumpAllNativeTokenName(std::string& dumpInfo) @@ -1267,37 +1264,6 @@ void AccessTokenInfoManager::DumpAllNativeTokenName(std::string& dumpInfo) } } -int32_t AccessTokenInfoManager::GetCurDumpTaskNum() -{ - return dumpTaskNum_.load(); -} - -void AccessTokenInfoManager::AddDumpTaskNum() -{ - dumpTaskNum_++; -} - -void AccessTokenInfoManager::ReduceDumpTaskNum() -{ - dumpTaskNum_--; -} - -void AccessTokenInfoManager::DumpToken() -{ - LOGI(ATM_DOMAIN, ATM_TAG, "AccessToken Dump"); - int32_t fd = open(DUMP_JSON_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP); - if (fd < 0) { - LOGE(ATM_DOMAIN, ATM_TAG, "Open failed errno %{public}d.", errno); - return; - } - fdsan_exchange_owner_tag(fd, 0, FD_TAG); - std::string dumpStr; - AtmToolsParamInfoParcel infoParcel; - DumpTokenInfo(infoParcel.info, dumpStr); - dprintf(fd, "%s\n", dumpStr.c_str()); - (void)fdsan_close_with_tag(fd, FD_TAG); -} - void AccessTokenInfoManager::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) { if (info.tokenId != 0) { @@ -1834,25 +1800,6 @@ int32_t AccessTokenInfoManager::GetPermissionRequestToggleStatus(const std::stri return 0; } -bool AccessTokenInfoManager::IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, - const std::vector& nativeAcls) -{ - PermissionBriefDef briefDef; - if (!GetPermissionBriefDef(permissionName, briefDef)) { - return false; - } - - if (tokenApl >= briefDef.availableLevel) { - return true; - } - - auto iter = std::find(nativeAcls.begin(), nativeAcls.end(), permissionName); - if (iter != nativeAcls.end()) { - return true; - } - return false; -} - int32_t AccessTokenInfoManager::GetKernelPermissions( AccessTokenID tokenId, std::vector& kernelPermList) @@ -1868,50 +1815,19 @@ int32_t AccessTokenInfoManager::GetReqPermissionByName( tokenId, permissionName, value, true); } -int32_t AccessTokenInfoManager::GetNativeCfgInfo(std::vector& tokenInfos) +std::string AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID) { + std::vector tokenInfos; LibraryLoader loader(CONFIG_PARSE_LIBPATH); ConfigPolicyLoaderInterface* policy = loader.GetObject(); if (policy == nullptr) { LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libaccesstoken_json_parse failed."); - return RET_FAILED; - } - int ret = policy->GetAllNativeTokenInfo(tokenInfos); - if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Failed to load native from native json, err=%{public}d.", ret); - return ret; - } - - return RET_SUCCESS; -} - -void AccessTokenInfoManager::NativeTokenStateToString(const NativeTokenInfoBase& native, std::string& info, - std::string& invalidPermString) -{ - for (auto iter = native.permStateList.begin(); iter != native.permStateList.end(); iter++) { - if (!IsPermissionReqValid(native.apl, iter->permissionName, native.nativeAcls)) { - invalidPermString.append(R"( "permissionName": ")" + iter->permissionName + R"(")" + ",\n"); - continue; - } - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + iter->permissionName + R"(")" + ",\n"); - info.append(R"( "grantStatus": )" + std::to_string(iter->grantStatus) + ",\n"); - info.append(R"( "grantFlag": )" + std::to_string(iter->grantFlag) + ",\n"); - info.append(R"( })"); - if (iter != (native.permStateList.end() - 1)) { - info.append(",\n"); - } + return ""; } -} - -void AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID, std::string& info) -{ - std::vector tokenInfos; - int ret = GetNativeCfgInfo(tokenInfos); + int32_t ret = policy->GetAllNativeTokenInfo(tokenInfos); if (ret != RET_SUCCESS || tokenInfos.empty()) { LOGE(ATM_DOMAIN, ATM_TAG, "Failed to load native from native json, err=%{public}d.", ret); - return; + return ""; } auto iter = tokenInfos.begin(); while (iter != tokenInfos.end()) { @@ -1922,28 +1838,10 @@ void AccessTokenInfoManager::NativeTokenToString(AccessTokenID tokenID, std::str } if (iter == tokenInfos.end()) { LOGE(ATM_DOMAIN, ATM_TAG, "Id %{public}u is not exist.", tokenID); - return; + return ""; } NativeTokenInfoBase native = *iter; - std::string invalidPermString = ""; - info.append(R"({)"); - info.append("\n"); - info.append(R"( "tokenID": )" + std::to_string(native.tokenID) + ",\n"); - info.append(R"( "processName": ")" + native.processName + R"(")" + ",\n"); - info.append(R"( "apl": )" + std::to_string(native.apl) + ",\n"); - info.append(R"( "permStateList": [)"); - info.append("\n"); - NativeTokenStateToString(native, info, invalidPermString); - info.append("\n ]\n"); - - if (invalidPermString.empty()) { - info.append("}"); - return; - } - - info.append(R"( "invalidPermList": [\n)"); - info.append(invalidPermString); - info.append("\n ]\n}"); + return policy->DumpNativeTokenInfo(native); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index dcca813b0..91d7d5222 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -23,6 +23,7 @@ #include "data_translator.h" #include "data_validator.h" #include "hisysevent_adapter.h" +#include "json_parse_loader.h" #include "short_grant_manager.h" #include "token_field_const.h" #include "permission_map.h" @@ -450,72 +451,18 @@ bool HapTokenInfoInner::IsPermissionGrantedWithSecComp(AccessTokenID tokenID, co return PermissionDataBrief::GetInstance().IsPermissionGrantedWithSecComp(tokenID, permissionName); } -void PermDefToString(const PermissionDef& def, std::string& info) -{ - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + def.permissionName + R"(")" + ",\n"); - info.append(R"( "bundleName": ")" + def.bundleName + R"(")" + ",\n"); - info.append(R"( "grantMode": )" + std::to_string(def.grantMode) + ",\n"); - info.append(R"( "availableLevel": )" + std::to_string(def.availableLevel) + ",\n"); - info.append(R"( "provisionEnable": )" + std::to_string(def.provisionEnable) + ",\n"); - info.append(R"( "distributedSceneEnable": )" + std::to_string(def.distributedSceneEnable) + ",\n"); - info.append(R"( "label": ")" + def.label + R"(")" + ",\n"); - info.append(R"( "labelId": )" + std::to_string(def.labelId) + ",\n"); - info.append(R"( "description": ")" + def.description + R"(")" + ",\n"); - info.append(R"( "descriptionId": )" + std::to_string(def.descriptionId) + ",\n"); - info.append(R"( "isKernelEffect": )" + std::to_string(def.isKernelEffect) + ",\n"); - info.append(R"( "hasValue": )" + std::to_string(def.hasValue) + ",\n"); - info.append(R"( })"); -} - -void HapTokenInfoInner::PermStateFullToString(const PermissionStatus& state, std::string& info) -{ - info.append(R"( {)"); - info.append("\n"); - info.append(R"( "permissionName": ")" + state.permissionName + R"(")" + ",\n"); - info.append(R"( "grantStatus": ")" + std::to_string(state.grantStatus) + R"(")" + ",\n"); - info.append(R"( "grantFlag": ")" + std::to_string(state.grantFlag) + R"(")" + ",\n"); - std::string value; - int32_t ret = PermissionDataBrief::GetInstance().GetReqPermissionByName( - tokenInfoBasic_.tokenID, state.permissionName, value, false); - if (ret == RET_SUCCESS) { - info.append(R"( "value": ")" + value + R"(")" + ",\n"); - } - info.append(R"( })"); -} - -void HapTokenInfoInner::PermToString(const std::vector& permStateList, std::string& info) -{ - info.append(R"( "permStateList": [)"); - info.append("\n"); - for (auto iter = permStateList.begin(); iter != permStateList.end(); iter++) { - PermStateFullToString(*iter, info); - if (iter != (permStateList.end() - 1)) { - info.append(",\n"); - } - } - info.append("\n ]\n"); -} - -void HapTokenInfoInner::ToString(std::string& info) +std::string HapTokenInfoInner::ToString() { - info.append(R"({)"); - info.append("\n"); - info.append(R"( "tokenID": )" + std::to_string(tokenInfoBasic_.tokenID) + ",\n"); - info.append(R"( "tokenAttr": )" + std::to_string(tokenInfoBasic_.tokenAttr) + ",\n"); - info.append(R"( "ver": )" + std::to_string(tokenInfoBasic_.ver) + ",\n"); - info.append(R"( "userId": )" + std::to_string(tokenInfoBasic_.userID) + ",\n"); - info.append(R"( "bundleName": ")" + tokenInfoBasic_.bundleName + R"(")" + ",\n"); - info.append(R"( "instIndex": )" + std::to_string(tokenInfoBasic_.instIndex) + ",\n"); - info.append(R"( "dlpType": )" + std::to_string(tokenInfoBasic_.dlpType) + ",\n"); - info.append(R"( "isRemote": )" + std::to_string(isRemote_) + ",\n"); - info.append(R"( "isPermDialogForbidden": )" + std::to_string(isPermDialogForbidden_) + ",\n"); - std::vector permStateList; (void)GetPermissionStateList(permStateList); - PermToString(permStateList, info); - info.append("}"); + std::vector tokenInfos; + LibraryLoader loader(CONFIG_PARSE_LIBPATH); + ConfigPolicyLoaderInterface* policy = loader.GetObject(); + if (policy == nullptr) { + LOGE(ATM_DOMAIN, ATM_TAG, "Dlopen libaccesstoken_json_parse failed."); + return ""; + } + return policy->DumpHapTokenInfo(tokenInfoBasic_, isRemote_, isPermDialogForbidden_, permStateList); } } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 5522bb9be..e702e6bc6 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -200,9 +200,6 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level0) std::shared_ptr tokenInfo; tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); @@ -238,10 +235,6 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level0) tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx1.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); - ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx1.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; @@ -877,9 +870,6 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level0) std::shared_ptr tokenInfo; tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_NE(nullptr, tokenInfo); - std::string infoDes; - tokenInfo->ToString(infoDes); - GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); @@ -1467,52 +1457,6 @@ HWTEST_F(AccessTokenInfoManagerTest, AllocLocalTokenID001, TestSize.Level0) } #endif -/** - * @tc.name: Dump001 - * @tc.desc: Dump tokeninfo. - * @tc.type: FUNC - * @tc.require: issueI4V02P - */ -HWTEST_F(AccessTokenInfoManagerTest, Dump001, TestSize.Level0) -{ - int fd = -1; - std::vector args; - - // fd is 0 - ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - fd = open("/dev/null", O_WRONLY); - - // hidumper - ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - // hidumper -h - args.emplace_back(Str8ToStr16("-h")); - ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - args.clear(); - // hidumper -a - args.emplace_back(Str8ToStr16("-a")); - ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - args.clear(); - // hidumper -t - args.emplace_back(Str8ToStr16("-t")); - ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - args.clear(); - // hidumper -t - args.emplace_back(Str8ToStr16("-t")); - args.emplace_back(Str8ToStr16("-1")); // illegal tokenId - ASSERT_NE(RET_SUCCESS, atManagerService_->Dump(fd, args)); - - args.clear(); - // hidumper -t - args.emplace_back(Str8ToStr16("-t")); - args.emplace_back(Str8ToStr16("123")); // invalid tokenId - ASSERT_EQ(RET_SUCCESS, atManagerService_->Dump(fd, args)); -} - /** * @tc.name: DumpTokenInfo001 * @tc.desc: Test DumpTokenInfo with invalid tokenId. @@ -2081,9 +2025,6 @@ HWTEST_F(AccessTokenInfoManagerTest, RestoreHapTokenInfo001, TestSize.Level0) hapInfo.isSystemApp = false; hap->Update(hapInfo, policy.permStateList, policy); // permPolicySet_ is null - std::string info; - hap->ToString(info); // permPolicySet_ is null - std::vector hapInfoValues; std::vector permStateValues; hap->StoreHapInfo(hapInfoValues, "test", APL_NORMAL); diff --git a/services/common/BUILD.gn b/services/common/BUILD.gn index 08003e2a9..eaf040131 100644 --- a/services/common/BUILD.gn +++ b/services/common/BUILD.gn @@ -97,7 +97,6 @@ group("accesstoken_common") { deps = [ ":accesstoken_service_common", "ability_manager:accesstoken_ability_manager_adapter", - "json_parse:accesstoken_cjson_utils", "json_parse:accesstoken_json_parse", "screenlock_manager:accesstoken_screenlock_manager", ] diff --git a/services/common/json_parse/BUILD.gn b/services/common/json_parse/BUILD.gn index 52a340885..fa80142e1 100644 --- a/services/common/json_parse/BUILD.gn +++ b/services/common/json_parse/BUILD.gn @@ -33,12 +33,12 @@ ohos_shared_library("accesstoken_json_parse") { include_dirs = [ "include", "${access_token_path}/frameworks/common/include", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", ] sources = [ - "src/cjson_utils.cpp", "src/json_parse_loader.cpp", ] @@ -49,7 +49,10 @@ ohos_shared_library("accesstoken_json_parse") { ] public_configs = [ ":accesstoken_json_parse_config" ] - deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + deps = [ + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils" + ] external_deps = [ "cJSON:cjson", @@ -63,40 +66,3 @@ ohos_shared_library("accesstoken_json_parse") { } } } - -ohos_shared_library("accesstoken_cjson_utils") { - if (is_standard_system) { - subsystem_name = "security" - part_name = "access_token" - sanitize = { - cfi = true - cfi_cross_dso = true - debug = false - } - branch_protector_ret = "pac_ret" - - include_dirs = [ - "include", - "${access_token_path}/frameworks/common/include", - "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", - ] - - sources = [ "src/cjson_utils.cpp" ] - - cflags_cc = [ "-DHILOG_ENABLE" ] - configs = [ - "${access_token_path}/config:access_token_compile_flags", - "${access_token_path}/config:coverage_flags", - ] - public_configs = [ ":accesstoken_json_parse_config" ] - - deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] - - external_deps = [ - "cJSON:cjson", - "c_utils:utils", - "hilog:libhilog", - ] - } -} diff --git a/services/common/json_parse/include/json_parse_loader.h b/services/common/json_parse/include/json_parse_loader.h index 82339c013..87a7697eb 100644 --- a/services/common/json_parse/include/json_parse_loader.h +++ b/services/common/json_parse/include/json_parse_loader.h @@ -18,6 +18,7 @@ #include #include +#include "hap_token_info.h" #include "permission_def.h" #include "native_token_info_base.h" #include "permission_dlp_mode.h" @@ -72,12 +73,18 @@ public: virtual bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); virtual int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); virtual int32_t GetDlpPermissions(std::vector& dlpPerms); + virtual std::string DumpNativeTokenInfo(const NativeTokenInfoBase& native); + virtual std::string DumpHapTokenInfo(const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, + std::vector permStateList); }; class ConfigPolicLoader final: public ConfigPolicyLoaderInterface { bool GetConfigValue(const ServiceType& type, AccessTokenConfigValue& config); int32_t GetAllNativeTokenInfo(std::vector& tokenInfos); int32_t GetDlpPermissions(std::vector& dlpPerms); + std::string DumpNativeTokenInfo(const NativeTokenInfoBase& native); + std::string DumpHapTokenInfo(const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, + std::vector permStateList); private: #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE void GetConfigFilePathList(std::vector& pathList); diff --git a/services/common/json_parse/src/json_parse_loader.cpp b/services/common/json_parse/src/json_parse_loader.cpp index 8441cc958..24d608c26 100644 --- a/services/common/json_parse/src/json_parse_loader.cpp +++ b/services/common/json_parse/src/json_parse_loader.cpp @@ -29,6 +29,7 @@ #include "config_policy_utils.h" #endif #include "data_validator.h" +#include "permission_map.h" namespace OHOS { namespace Security { @@ -449,6 +450,78 @@ int32_t ConfigPolicLoader::GetDlpPermissions(std::vector& dlp return RET_SUCCESS; } +std::string ConfigPolicLoader::DumpHapTokenInfo( + const HapTokenInfo& hapInfo, bool isRemote, bool isPermDialogForbidden, std::vector permStateList) +{ + CJsonUnique j = CreateJson(); + (void)AddUnsignedIntToJson(j, "tokenID", hapInfo.tokenID); + (void)AddUnsignedIntToJson(j, "tokenAttr", hapInfo.tokenAttr); + (void)AddIntToJson(j, "ver", static_cast(hapInfo.ver)); + (void)AddIntToJson(j, "userId", hapInfo.userID); + (void)AddStringToJson(j, "bundleName", hapInfo.bundleName); + (void)AddIntToJson(j, "instIndex", hapInfo.instIndex); + (void)AddIntToJson(j, "dlpType", hapInfo.dlpType); + (void)AddBoolToJson(j, "isRemote", isRemote); + (void)AddBoolToJson(j, "isPermDialogForbidden", isPermDialogForbidden); + + CJsonUnique permStateListJson = CreateJsonArray(); + for (auto iter = permStateList.begin(); iter != permStateList.end(); ++iter) { + CJsonUnique permStateJson = CreateJson(); + (void)AddStringToJson(permStateJson, "permissionName", iter->permissionName); + (void)AddIntToJson(permStateJson, "grantStatus", iter->grantStatus); + (void)AddUnsignedIntToJson(permStateJson, "grantFlag", iter->grantFlag); + (void)AddObjToArray(permStateListJson, permStateJson); + } + (void)AddObjToJson(j, "permStateList", permStateListJson); + return JsonToStringFormatted(j.get()); +} + +static bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName, + const std::vector& nativeAcls) +{ + PermissionBriefDef briefDef; + if (!GetPermissionBriefDef(permissionName, briefDef)) { + return false; + } + + if (tokenApl >= briefDef.availableLevel) { + return true; + } + + auto iter = std::find(nativeAcls.begin(), nativeAcls.end(), permissionName); + if (iter != nativeAcls.end()) { + return true; + } + return false; +} + +std::string ConfigPolicLoader::DumpNativeTokenInfo(const NativeTokenInfoBase& native) +{ + CJsonUnique j = CreateJson(); + (void)AddUnsignedIntToJson(j, "tokenID", native.tokenID); + (void)AddStringToJson(j, "processName", native.processName); + (void)AddIntToJson(j, "apl", native.apl); + + CJsonUnique permStateListJson = CreateJsonArray(); + CJsonUnique invalidPermStringJson = CreateJsonArray(); + for (auto iter = native.permStateList.begin(); iter != native.permStateList.end(); ++iter) { + if (!IsPermissionReqValid(native.apl, iter->permissionName, native.nativeAcls)) { + CJsonUnique tmpJson = CreateJsonString(iter->permissionName); + (void)AddObjToArray(invalidPermStringJson, tmpJson); + continue; + } + CJsonUnique permStateJson = CreateJson(); + (void)AddStringToJson(permStateJson, "permissionName", iter->permissionName); + (void)AddIntToJson(permStateJson, "grantStatus", iter->grantStatus); + (void)AddUnsignedIntToJson(permStateJson, "grantFlag", iter->grantFlag); + (void)AddObjToArray(permStateListJson, permStateJson); + } + + (void)AddObjToJson(j, "permStateList", permStateListJson); + (void)AddObjToJson(j, "invalidPermList", invalidPermStringJson); + return JsonToStringFormatted(j.get()); +} + extern "C" { void* Create() { diff --git a/services/common/json_parse/test/BUILD.gn b/services/common/json_parse/test/BUILD.gn index 5a511265f..0aa9a7cf4 100644 --- a/services/common/json_parse/test/BUILD.gn +++ b/services/common/json_parse/test/BUILD.gn @@ -12,7 +12,7 @@ # limitations under the License. import("//build/test.gni") -import("../../../../access_token.gni") +import("../../../access_token.gni") config("accesstoken_json_parse_config") { visibility = [ ":*" ] @@ -32,14 +32,11 @@ ohos_unittest("libjsonparse_test") { include_dirs = [ "${access_token_path}/frameworks/common/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", - "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", "${access_token_path}/services/common/json_parse/include", ] sources = [ - "${access_token_path}/services/common/json_parse/src/cjson_utils.cpp", "${access_token_path}/services/common/json_parse/src/json_parse_loader.cpp", - "unittest/cjson_utils_test.cpp", "unittest/json_parse_loader_test.cpp", ] diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 974ae69ff..3e315de6d 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -683,9 +683,8 @@ static void TransferToOpcode(const std::vector& permissionList, std { for (const auto& permission : permissionList) { int32_t opCode = Constant::OP_INVALID; - if (Constant::TransferPermissionToOpcode(permission, opCode)) { - opCodeList.insert(opCode); - } + (void)Constant::TransferPermissionToOpcode(permission, opCode); + opCodeList.insert(opCode); } } diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 9e011b213..0939a1df6 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -346,22 +346,31 @@ int32_t PrivacyManagerService::ResponseDumpCommand(int32_t fd, const std::vector dprintf(fd, "No Record \n"); return ERR_OK; } - for (size_t index = 0; index < result.bundleRecords[0].permissionRecords.size(); index++) { - infos.append(R"( "permissionRecord": [)"); - infos.append("\n"); - infos.append(R"( "bundleName": )" + result.bundleRecords[0].bundleName + ",\n"); - infos.append(R"( "isRemote": )" + std::to_string(result.bundleRecords[0].isRemote) + ",\n"); - infos.append(R"( "permissionName": ")" + result.bundleRecords[0].permissionRecords[index].permissionName + + size_t size = result.bundleRecords[0].permissionRecords.size(); + infos.append("{\n"); + infos.append(R"( "permissionRecord": [)"); + infos.append("\n"); + for (size_t index = 0; index < size; index++) { + infos.append(" {\n"); + infos.append(R"( "bundleName": ")" + result.bundleRecords[0].bundleName + R"(")" + ",\n"); + std::string isRemoteStr = (result.bundleRecords[0].isRemote ? "true" : "false"); + infos.append(R"( "isRemote": )" + isRemoteStr + ",\n"); + infos.append(R"( "permissionName": ")" + result.bundleRecords[0].permissionRecords[index].permissionName + R"(")" + ",\n"); time_t lastAccessTime = static_cast(result.bundleRecords[0].permissionRecords[index].lastAccessTime); - infos.append(R"( "lastAccessTime": )" + std::to_string(lastAccessTime) + ",\n"); - infos.append(R"( "lastAccessDuration": )" + + infos.append(R"( "lastAccessTime": )" + std::to_string(lastAccessTime) + ",\n"); + infos.append(R"( "lastAccessDuration": )" + std::to_string(result.bundleRecords[0].permissionRecords[index].lastAccessDuration) + ",\n"); - infos.append(R"( "accessCount": ")" + - std::to_string(result.bundleRecords[0].permissionRecords[index].accessCount) + R"(")" + ",\n"); - infos.append(" ]"); + infos.append(R"( "accessCount": )" + + std::to_string(result.bundleRecords[0].permissionRecords[index].accessCount) + "\n"); + infos.append(" }"); + if (index != (size - 1)) { + infos.append(","); + } infos.append("\n"); } + infos.append(" ]\n"); + infos.append("}"); dprintf(fd, "%s\n", infos.c_str()); return ERR_OK; } diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 5edcf8ffb..e61907d1f 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -59,6 +59,7 @@ if (token_sync_enable == true) { "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/tokensync/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/services/common/libraryloader/include", @@ -101,10 +102,10 @@ if (token_sync_enable == true) { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", "${access_token_path}/services/tokensyncmanager:token_sync.rc", ] diff --git a/services/tokensyncmanager/src/command/base_remote_command.cpp b/services/tokensyncmanager/src/command/base_remote_command.cpp index b78f83703..d932b4cd7 100644 --- a/services/tokensyncmanager/src/command/base_remote_command.cpp +++ b/services/tokensyncmanager/src/command/base_remote_command.cpp @@ -81,17 +81,17 @@ CJsonUnique BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoBase& ToPermStateJson(permStateJson.get(), permState); AddObjToArray(permStatesJson, permStateJson); } - CJsonUnique DcapsJson = CreateJsonArray(); + CJsonUnique dcapsJson = CreateJsonArray(); for (const auto& item : tokenInfo.dcap) { cJSON *tmpObj = cJSON_CreateString(item.c_str()); - AddObjToArray(DcapsJson.get(), tmpObj); + AddObjToArray(dcapsJson.get(), tmpObj); cJSON_Delete(tmpObj); tmpObj = nullptr; } - CJsonUnique NativeAclsJson = CreateJsonArray(); + CJsonUnique nativeAclsJson = CreateJsonArray(); for (const auto& item : tokenInfo.nativeAcls) { cJSON *tmpObj = cJSON_CreateString(item.c_str()); - AddObjToArray(NativeAclsJson.get(), tmpObj); + AddObjToArray(nativeAclsJson.get(), tmpObj); cJSON_Delete(tmpObj); tmpObj = nullptr; } @@ -101,8 +101,8 @@ CJsonUnique BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfoBase& AddUnsignedIntToJson(nativeTokenJson, "version", tokenInfo.ver); AddUnsignedIntToJson(nativeTokenJson, "tokenId", tokenInfo.tokenID); AddUnsignedIntToJson(nativeTokenJson, "tokenAttr", tokenInfo.tokenAttr); - AddObjToJson(nativeTokenJson, "dcaps", DcapsJson); - AddObjToJson(nativeTokenJson, "nativeAcls", NativeAclsJson); + AddObjToJson(nativeTokenJson, "dcaps", dcapsJson); + AddObjToJson(nativeTokenJson, "nativeAcls", nativeAclsJson); AddObjToJson(nativeTokenJson, "permState", permStatesJson); return nativeTokenJson; } diff --git a/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp index cd1ce38f8..4be1b0b76 100644 --- a/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp +++ b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp @@ -56,8 +56,8 @@ UpdateRemoteHapTokenCommand::UpdateRemoteHapTokenCommand(const std::string &json std::string UpdateRemoteHapTokenCommand::ToJsonPayload() { CJsonUnique j = BaseRemoteCommand::ToRemoteProtocolJson(); - CJsonUnique HapTokenInfos = BaseRemoteCommand::ToHapTokenInfosJson(updateTokenInfo_); - AddObjToJson(j, "HapTokenInfos", HapTokenInfos); + CJsonUnique hapTokenInfos = BaseRemoteCommand::ToHapTokenInfosJson(updateTokenInfo_); + AddObjToJson(j, "HapTokenInfos", hapTokenInfos); return PackJsonToString(j); } diff --git a/services/tokensyncmanager/test/coverage/BUILD.gn b/services/tokensyncmanager/test/coverage/BUILD.gn index 947c108c4..5914bd47d 100644 --- a/services/tokensyncmanager/test/coverage/BUILD.gn +++ b/services/tokensyncmanager/test/coverage/BUILD.gn @@ -61,6 +61,7 @@ ohos_unittest("libtoken_sync_service_coverage_test") { "${access_token_path}/interfaces/innerkits/nativetoken/include", "${access_token_path}/interfaces/innerkits/token_setproc/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", @@ -70,10 +71,10 @@ ohos_unittest("libtoken_sync_service_coverage_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/services/tokensyncmanager/test/unittest/BUILD.gn b/services/tokensyncmanager/test/unittest/BUILD.gn index 8e65906c5..e4aef09a2 100644 --- a/services/tokensyncmanager/test/unittest/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/BUILD.gn @@ -61,6 +61,7 @@ ohos_unittest("libtoken_sync_service_standard_test") { "${access_token_path}/interfaces/innerkits/nativetoken/include", "${access_token_path}/interfaces/innerkits/token_setproc/include", "${access_token_path}/services/accesstokenmanager/main/cpp/include/token", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/services/common/json_parse/include", "${access_token_path}/services/common/handler/include", "${access_token_path}/interfaces/innerkits/accesstoken/test/unittest/common/", @@ -70,10 +71,10 @@ ohos_unittest("libtoken_sync_service_standard_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libtokensetproc_shared", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp index a98394fd4..280d508a2 100644 --- a/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/dumptokeninfo_fuzzer/dumptokeninfo_fuzzer.cpp @@ -24,16 +24,6 @@ using namespace std; using namespace OHOS::Security::AccessToken; -static const vector TYPE_LIST = { - DEFAULT_OPER, - DUMP_TOKEN, - DUMP_RECORD, - DUMP_TYPE, - DUMP_PERM, - PERM_GRANT, - PERM_REVOKE -}; - namespace OHOS { bool DumpTokenInfoFuzzTest(const uint8_t* data, size_t size) { @@ -42,10 +32,7 @@ bool DumpTokenInfoFuzzTest(const uint8_t* data, size_t size) } FuzzedDataProvider provider(data, size); - uint32_t typeIndex = provider.ConsumeIntegral() % static_cast(TYPE_LIST.size()); - OptType type = TYPE_LIST[typeIndex]; AtmToolsParamInfo info = { - .type = type, .tokenId = provider.ConsumeIntegral(), }; diff --git a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni index 96c9bf1dc..871feeae7 100644 --- a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni @@ -61,7 +61,6 @@ access_token_deps = [ "${access_token_path}/services/accesstokenmanager/etc:param_files", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] access_token_external_deps = [ diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index b651cf512..713608566 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -32,6 +32,7 @@ access_token_include_dirs = [ "${access_token_path}/services/tokensyncmanager/include/service", "${access_token_path}/frameworks/accesstoken/include", "${access_token_path}/frameworks/common/include", + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/include", "${access_token_path}/interfaces/innerkits/privacy/src", @@ -53,6 +54,7 @@ access_token_deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", "${access_token_path}/frameworks/common:accesstoken_hisysevent", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", @@ -62,7 +64,6 @@ access_token_deps = [ "${access_token_path}/services/accesstokenmanager/etc:param_files", "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", "${access_token_path}/services/common:accesstoken_service_common", - "${access_token_path}/services/common/json_parse:accesstoken_cjson_utils", ] access_token_external_deps = [ @@ -87,9 +88,9 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/accesstoken_callback_proxys.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/callback_death_recipients.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp", + "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db_operator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db_util.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_db.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", diff --git a/test/fuzztest/services/privacy/privacy_service_fuzz.gni b/test/fuzztest/services/privacy/privacy_service_fuzz.gni index 08a6138d6..805611be2 100644 --- a/test/fuzztest/services/privacy/privacy_service_fuzz.gni +++ b/test/fuzztest/services/privacy/privacy_service_fuzz.gni @@ -74,8 +74,8 @@ privacy_sources = [ "${access_token_path}/services/privacymanager/src/active/perm_active_status_callback_death_recipient.cpp", "${access_token_path}/services/privacymanager/src/active/perm_active_status_change_callback_proxy.cpp", "${access_token_path}/services/privacymanager/src/active/state_change_callback_proxy.cpp", - "${access_token_path}/services/privacymanager/src/common/constant.cpp", "${access_token_path}/services/privacymanager/src/common/access_token_helper.cpp", + "${access_token_path}/services/privacymanager/src/common/constant.cpp", "${access_token_path}/services/privacymanager/src/database/data_translator.cpp", "${access_token_path}/services/privacymanager/src/database/permission_used_record_db.cpp", "${access_token_path}/services/privacymanager/src/database/privacy_field_const.cpp", diff --git a/tools/accesstoken/BUILD.gn b/tools/accesstoken/BUILD.gn index 68c2c700a..266d937ae 100644 --- a/tools/accesstoken/BUILD.gn +++ b/tools/accesstoken/BUILD.gn @@ -20,6 +20,7 @@ ohos_executable("atm") { part_name = "access_token" include_dirs = [ + "${access_token_path}/frameworks/json_adapter/include", "${access_token_path}/interfaces/innerkits/privacy/include", "include", ] @@ -32,6 +33,7 @@ ohos_executable("atm") { deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/json_adapter:accesstoken_cjson_utils", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", ] @@ -47,6 +49,7 @@ ohos_executable("atm") { } external_deps = [ + "cJSON:cjson", "c_utils:utils", "hilog:libhilog", "ipc:ipc_single", diff --git a/tools/accesstoken/include/atm_command.h b/tools/accesstoken/include/atm_command.h index 20433c5a2..38ed24ff7 100644 --- a/tools/accesstoken/include/atm_command.h +++ b/tools/accesstoken/include/atm_command.h @@ -29,6 +29,53 @@ namespace OHOS { namespace Security { namespace AccessToken { +constexpr const uint32_t INVALID_ATM_SET_STATUS = 2; +/** + * @brief Atm tools operate type + */ +typedef enum TypeOptType { + /** default */ + DEFAULT_OPER = 0, + /** dump hap or native token info */ + DUMP_TOKEN, + /** dump permission used records */ + DUMP_RECORD, + /** dump permission used types */ + DUMP_TYPE, + /** dump permission definition info */ + DUMP_PERM, + /** grant permission */ + PERM_GRANT, + /** revoke permission */ + PERM_REVOKE, +} OptType; + +/** + * @brief Atm toggle mode type + */ +typedef enum TypeToggleModeType { + /** toggle mode is request */ + TOGGLE_REQUEST = 0, + /** toggle mode is record */ + TOGGLE_RECORD, +} ToggleModeType; + +typedef enum TypeToggleOperateType { + /** set toggle request/record status */ + TOGGLE_SET, + /** get toggle request/record status */ + TOGGLE_GET, +} ToggleOperateType; + +class AtmToggleParamInfo final { +public: + ToggleModeType toggleMode; + ToggleOperateType type; + int32_t userID; + std::string permissionName; + uint32_t status = INVALID_ATM_SET_STATUS; +}; + class AtmCommand final { public: AtmCommand(int32_t argc, char *argv[]); @@ -40,28 +87,31 @@ private: std::string GetCommandErrorMsg() const; int32_t RunAsCommandError(void); std::string GetUnknownOptionMsg() const; - int32_t RunAsCommandMissingOptionArgument(void); - void RunAsCommandExistentOptionArgument(const int32_t& option, AtmToolsParamInfo& info); + int32_t RunAsCommandMissingOptionArgument(const std::vector& requeredOptions); + void RunAsCommandExistentOptionForDump( + const int32_t& option, AtmToolsParamInfo& info, OptType& type, std::string& permissionName); + void RunAsCommandExistentOptionForPerm( + const int32_t& option, bool& isGranted, AccessTokenID& tokenID, std::string& permission); + void RunAsCommandExistentOptionForToggle(const int32_t& option, AtmToggleParamInfo& info); std::string DumpRecordInfo(uint32_t tokenId, const std::string& permissionName); std::string DumpUsedTypeInfo(uint32_t tokenId, const std::string& permissionName); - int32_t ModifyPermission(const OptType& type, AccessTokenID tokenId, const std::string& permissionName); - int32_t RunCommandByOperationType(const AtmToolsParamInfo& info); - int32_t HandleComplexCommand(const std::string& shortOption, const struct option longOption[], - const std::string& helpMsg); + int32_t ModifyPermission(bool isGranted, AccessTokenID tokenId, const std::string& permissionName); + int32_t RunCommandByOperationType(const AtmToolsParamInfo& info, OptType type, std::string& permissionName); + int32_t SetToggleStatus(int32_t userID, const std::string& permissionName, const uint32_t& status); int32_t GetToggleStatus(int32_t userID, const std::string& permissionName, std::string& statusInfo); - void RunToggleCommandExistentOptionArgument(const int32_t& option, AtmToolsParamInfo& info); - int32_t HandleToggleCommand(const std::string& shortOption, const struct option longOption[], - const std::string& helpMsg); - int32_t RunToggleCommandByOperationType(const AtmToolsParamInfo& info); - int32_t HandleToggleRequest(const AtmToolsParamInfo& info, std::string& dumpInfo); - int32_t HandleToggleRecord(const AtmToolsParamInfo& info, std::string& dumpInfo); + + int32_t RunToggleCommandByOperationType(const AtmToggleParamInfo& info); + int32_t HandleToggleRequest(const AtmToggleParamInfo& info, std::string& dumpInfo); + int32_t HandleToggleRecord(const AtmToggleParamInfo& info, std::string& dumpInfo); int32_t SetRecordToggleStatus(int32_t userID, const uint32_t& recordStatus, std::string& statusInfo); int32_t GetRecordToggleStatus(int32_t userID, std::string& statusInfo); bool IsNumericString(const char* string); int32_t RunAsHelpCommand(); - int32_t RunAsCommonCommand(); + int32_t RunAsCommonCommandForDump(); + int32_t RunAsCommonCommandForPerm(); + int32_t RunAsCommonCommandForToggle(); int32_t argc_; char** argv_; diff --git a/tools/accesstoken/include/to_string.h b/tools/accesstoken/include/to_string.h index 6bc0e17e5..f00632deb 100644 --- a/tools/accesstoken/include/to_string.h +++ b/tools/accesstoken/include/to_string.h @@ -17,6 +17,7 @@ #define TO_STRING_H #include +#include "cjson_utils.h" #include "permission_used_request.h" #include "permission_used_result.h" #include "permission_used_type_info.h" @@ -26,13 +27,9 @@ namespace Security { namespace AccessToken { class ToString { public: - static void DetailUsedRecordToString( - bool isAccessDetail, const std::vector& detailRecord, std::string& infos); - static void PermissionUsedRecordToString( - const std::vector& permissionRecords, std::string& infos); - static void BundleUsedRecordToString(const BundleUsedRecord& bundleRecord, std::string& infos); - static void PermissionUsedResultToString(const PermissionUsedResult& result, std::string& infos); - static void PermissionUsedTypeInfoToString(const PermissionUsedTypeInfo& type, std::string& infos); + static std::string PermissionUsedResultToString(const PermissionUsedResult& result); + static std::string PermissionUsedTypeInfoToString(const std::vector& typeInfos); + static std::string DumpPermDefinition(const std::string& permissionName); }; } // namespace AccessToken } // namespace Security diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index d00dc6fcf..2b6c24071 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -46,8 +46,8 @@ static const std::string HELP_MSG = static const std::string HELP_MSG_DUMP = "usage: atm dump