diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h index ff8bebda82f39a273b4e9568985444c7b3d7800f..137f5886406aaf77e073d446879683e823247240 100644 --- a/frameworks/privacy/include/i_privacy_manager.h +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -44,7 +44,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; virtual int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) = 0; - virtual std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) = 0; virtual int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) = 0; virtual int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) = 0; diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h index a06fa1f8c85e10e99c1105a289bcec7624e9e759..1279757e7eb8dca9a98e26421347d2a6148fb784 100644 --- a/interfaces/innerkits/privacy/include/privacy_kit.h +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -37,7 +37,7 @@ public: static int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); static int32_t GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback); - static std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); + static std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); static int32_t RegisterPermActiveStatusCallback(const std::shared_ptr& callback); static int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); }; diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index b6349f0b74854d561f40e57da995ad0dd769fce5..2e91a684dea85272c6f9471c79359c86366d9949 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -61,29 +61,33 @@ int32_t PrivacyKit::RemovePermissionUsedRecords(AccessTokenID tokenID, const std int32_t PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result); } int32_t PrivacyKit::GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback); } -std::string PrivacyKit::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PrivacyKit::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID=%{public}d, permissionName=%{public}s", - tokenID, permissionName.c_str()); - return PrivacyManagerClient::GetInstance().DumpRecordInfo(tokenID, permissionName); + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName=%{public}s, permissionName=%{public}s", + bundleName.c_str(), permissionName.c_str()); + return PrivacyManagerClient::GetInstance().DumpRecordInfo(bundleName, permissionName); } int32_t PrivacyKit::RegisterPermActiveStatusCallback(const std::shared_ptr& callback) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().RegisterPermActiveStatusCallback(callback); } int32_t PrivacyKit::UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().UnRegisterPermActiveStatusCallback(callback); } } // namespace AccessToken diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp index 12ac9e296752de45807a434ade965eee3ee7ba92..769dc785ad86720b8c9e3551490b8b27fae2cbc4 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -133,7 +133,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedReque return proxy->GetPermissionUsedRecords(requestParcel, callback); } -std::string PrivacyManagerClient::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PrivacyManagerClient::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) { auto proxy = GetProxy(); if (proxy == nullptr) { @@ -141,7 +141,7 @@ std::string PrivacyManagerClient::DumpRecordInfo(AccessTokenID tokenID, const st return ""; } - return proxy->DumpRecordInfo(tokenID, permissionName); + return proxy->DumpRecordInfo(bundleName, permissionName); } int32_t PrivacyManagerClient::CreateActiveStatusChangeCbk( diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index ee288ad69046c9f73dca259255ab43a13e0366b2..ebae78818372656a08426f1daa67942634206fca 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -43,7 +43,7 @@ public: int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); int32_t GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback); - std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); int32_t RegisterPermActiveStatusCallback(const std::shared_ptr& callback); int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); int32_t CreateActiveStatusChangeCbk( diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index 0014a3c02e8daa7e24f28dc6eb9c0fa2b28b52a2..c8f7c149e6b6d0ee3fd87ade716aa466ca8ecdd9 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -41,7 +41,7 @@ int32_t PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, cons MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); return ERROR; } if (!data.WriteString(permissionName)) { @@ -72,7 +72,7 @@ int32_t PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const s MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); return ERROR; } if (!data.WriteString(permissionName)) { @@ -95,7 +95,7 @@ int32_t PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const st MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); return ERROR; } if (!data.WriteString(permissionName)) { @@ -118,7 +118,7 @@ int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); return ERROR; } if (!data.WriteString(deviceID)) { @@ -189,17 +189,17 @@ int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedReques return ret; } -std::string PrivacyManagerProxy::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PrivacyManagerProxy::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) { MessageParcel data; MessageParcel reply; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); + if (!data.WriteString(bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(bundleName)"); return ""; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(%{public}s)", permissionName.c_str()); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); return ""; } int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::DUMP_RECORD_INFO, data, reply); diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h index 5ea5aaa615a6399bc22b7549e1c9f195924a0224..50ca074da6201c11519043cdd3d28c1a9a32200f 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h @@ -38,7 +38,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; int32_t GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; - std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) override; + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3ba27bd00fcb442063f0b6988a30596c3d177d24..4f7ed70a661cbeb6ffc4395b4df958cdcb2716b0 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -434,11 +434,28 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1) request.bundleName = g_InfoParmsA.bundleName; CheckPermissionUsedResult(request, result, 3, 3, 0); + // query by deviceId and bundle Name + BuildQueryRequest(0, GetLocalDeviceUdid(), g_InfoParmsA.bundleName, permissionList, request); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(1, result.bundleRecords.size()); + request.tokenId = g_TokenId_A; + CheckPermissionUsedResult(request, result, 3, 3, 0); + // query by unmatched tokenId, deviceId and bundle Name BuildQueryRequest(123, GetLocalDeviceUdid(), g_InfoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); ASSERT_EQ(0, result.bundleRecords.size()); + // query by unmatched tokenId, deviceId and bundle Name + BuildQueryRequest(g_TokenId_A, "local device", g_InfoParmsA.bundleName, permissionList, request); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(0, result.bundleRecords.size()); + + // query by unmatched tokenId, deviceId and bundle Name + BuildQueryRequest(g_TokenId_A, GetLocalDeviceUdid(), "bundleA", permissionList, request); + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(0, result.bundleRecords.size()); + // query by invalid permission Name permissionList.clear(); permissionList.emplace_back("invalid permission"); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 392893a6745c4cd719622bd914efbeda05cf5e42..5c34e309626597044e03dcd3f00ad9baf9c06da9 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -50,7 +50,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, tokenInfoBasic_.instIndex = info.instIndex; tokenInfoBasic_.dlpType = info.dlpType; tokenInfoBasic_.appID = info.appIDDesc; - tokenInfoBasic_.deviceID = ""; + tokenInfoBasic_.deviceID = "0"; tokenInfoBasic_.apl = policy.apl; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permStateList); } diff --git a/services/common/database/include/field_const.h b/services/common/database/include/field_const.h index 54f5e2136b5f09df688add2b62da9e5ae5ce6678..7689a5272b191c530d2a77bf076645317bb10e8b 100644 --- a/services/common/database/include/field_const.h +++ b/services/common/database/include/field_const.h @@ -47,6 +47,10 @@ const std::string FIELD_GRANT_STATE = "grant_state"; const std::string FIELD_GRANT_FLAG = "grant_flag"; const std::string FIELD_GRANT_IS_GENERAL = "is_general"; +const std::string FIELD_ID = "id"; +const std::string FIELD_IS_REMOTE_DEVICE = "is_remote_device"; + +const std::string FIELD_VISITOR_ID = "visitor_id"; const std::string FIELD_OP_CODE = "op_code"; const std::string FIELD_STATUS = "status"; const std::string FIELD_TIMESTAMP = "timestamp"; diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 958233c544ef510d8c78dca5e82b7b51036abe45..bd0ccba5b19d5fb9a159ec6a428e846c4aa7ed47 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -53,6 +53,8 @@ if (is_standard_system) { "src/record/permission_record.cpp", "src/record/permission_record_manager.cpp", "src/record/permission_record_repository.cpp", + "src/record/permission_visitor.cpp", + "src/record/permission_visitor_repository.cpp", "src/service/privacy_manager_service.cpp", "src/service/privacy_manager_stub.cpp", ] diff --git a/services/privacymanager/include/database/data_translator.h b/services/privacymanager/include/database/data_translator.h index 488d887fff8c95759488ded9784fc850cb4939f5..60e07037ecad190e5b41d746ccaeaf8905ac67f6 100644 --- a/services/privacymanager/include/database/data_translator.h +++ b/services/privacymanager/include/database/data_translator.h @@ -28,7 +28,7 @@ namespace AccessToken { class DataTranslator final { public: static int32_t TranslationIntoGenericValues(const PermissionUsedRequest& request, - GenericValues& andGenericValues, GenericValues& orGenericValues); + GenericValues& visitorGenericValues, GenericValues& andGenericValues, GenericValues& orGenericValues); static int32_t TranslationGenericValuesIntoPermissionUsedRecord( const GenericValues& inGenericValues, PermissionUsedRecord& permissionRecord); }; diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index d2f4c38dfe061e1836b9853fad69a2f1d839e284..059e0082aac7277038e93678e9b64272f580eb33 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -33,6 +33,7 @@ public: class PermissionUsedRecordDb : public SqliteHelper { public: enum DataType { + PERMISSION_VISITOR = 0, PERMISSION_RECORD, }; enum ExecuteResult { FAILURE = -1, SUCCESS }; @@ -40,12 +41,13 @@ public: ~PermissionUsedRecordDb() override; - int32_t Add(DataType type, const std::vector& values); - int32_t Remove(DataType type, const GenericValues& conditions); - int32_t FindByConditions(DataType type, const GenericValues& andConditions, + int32_t Add(const DataType type, const std::vector& values); + int32_t Remove(const DataType type, const GenericValues& conditions); + int32_t Find(const DataType type, std::vector& results); + int32_t FindByConditions(const DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); - int32_t Modify(DataType type, const GenericValues& modifyValues, const GenericValues& conditions); - int32_t GetDistinctValue(DataType type, const std::string& condition, std::vector& results); + int32_t Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions); + int32_t RefreshAll(const DataType type, const std::vector& values); void OnCreate() override; void OnUpdate() override; @@ -57,18 +59,20 @@ private: std::map dataTypeToSqlTable_; OHOS::Utils::RWLock rwLock_; + int32_t CreatePermissionVisitorTable() const; int32_t CreatePermissionRecordTable() const; - std::string CreateInsertPrepareSqlCmd(DataType type) const; + std::string CreateInsertPrepareSqlCmd(const DataType type) const; std::string CreateDeletePrepareSqlCmd( - DataType type, const std::vector& columnNames = std::vector()) const; - std::string CreateSelectByConditionPrepareSqlCmd(DataType type, + const DataType type, const std::vector& columnNames = std::vector()) const; + std::string CreateSelectPrepareSqlCmd(const DataType type) const; + std::string CreateSelectByConditionPrepareSqlCmd(const DataType type, const std::vector& andColumns, const std::vector& orColumns) const; - std::string CreateUpdatePrepareSqlCmd(DataType type, const std::vector& modifyColumns, + std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const; - std::string CreateGetDistinctValue(DataType type, const std::string conditionColumns) const; private: + inline static const std::string PERMISSION_VISITOR_TABLE = "permission_visitor_table"; inline static const std::string PERMISSION_RECORD_TABLE = "permission_record_table"; inline static const std::string DATABASE_NAME = "permission_used_record.db"; inline static const std::string DATABASE_PATH = "/data/service/el1/public/access_token/"; diff --git a/services/privacymanager/include/record/permission_record.h b/services/privacymanager/include/record/permission_record.h index f2c0abb0731e3b70c4b03e8408a1eeb80ba12f3c..3c61287dd8a03e461edb5d2f33384431055b9e98 100644 --- a/services/privacymanager/include/record/permission_record.h +++ b/services/privacymanager/include/record/permission_record.h @@ -22,7 +22,7 @@ namespace OHOS { namespace Security { namespace AccessToken { struct PermissionRecord { - uint32_t tokenId = 0; + int32_t visitorId = 0; int32_t opCode = 0; int32_t status = 0; int64_t timestamp = 0L; diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 48ad1c52fb132c66a8cabf6dc56e0b1549ff2cf3..bc8b417b278e29f23114e188d2935cdcfeb56921 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -25,6 +25,7 @@ #include "permission_record.h" #include "permission_used_request.h" #include "permission_used_result.h" +#include "permission_visitor.h" #include "rwlock.h" #include "thread_pool.h" @@ -39,35 +40,36 @@ public: void Init(); int32_t AddPermissionUsedRecord( - AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); - void RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID); + AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount); + void RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); int32_t GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback); - std::string DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName); - int32_t StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName); - int32_t StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName); + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); + int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback); int32_t UnRegisterPermActiveStatusCallback(const sptr& callback); + bool GetPermissionVisitor(AccessTokenID tokenID, PermissionVisitor& visitor); private: PermissionRecordManager(); DISALLOW_COPY_AND_MOVE(PermissionRecordManager); - bool GetLocalRecordTokenIdList(std::vector& tokenIdList); - bool AddRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); - bool GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, + bool AddVisitor(AccessTokenID tokenID, int32_t& visitorId); + bool AddRecord(int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount); + bool GetPermissionsRecord(int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record); void ExecuteDeletePermissionRecordTask(); int32_t DeletePermissionRecord(int32_t days); - bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); + bool GetRecordsFromDB(const PermissionUsedRequest& request, PermissionUsedResult& result); bool GetRecords(int32_t flag, std::vector recordValues, BundleUsedRecord& bundleRecord, PermissionUsedResult& result); void UpdateRecords(int32_t flag, const PermissionUsedRecord& inBundleRecord, PermissionUsedRecord& outBundleRecord); - std::string GetDeviceId(AccessTokenID tokenId); + bool IsLocalDevice(const std::string& deviceId); OHOS::ThreadPool deleteTaskWorker_; bool hasInited_; diff --git a/services/privacymanager/include/record/permission_record_repository.h b/services/privacymanager/include/record/permission_record_repository.h index 4cd89a9aecc36949fc212868283f5c0173ad2e60..ffda94fb527f1ed4164f39216d641c3ff16bbaa9 100644 --- a/services/privacymanager/include/record/permission_record_repository.h +++ b/services/privacymanager/include/record/permission_record_repository.h @@ -33,7 +33,6 @@ public: bool FindRecordValues(const GenericValues& andConditionValues, const GenericValues& orConditionValues, std::vector& recordValues); bool RemoveRecordValues(const GenericValues& conditionValues); - bool GetAllRecordValuesByKey(const std::string& condition, std::vector& resultValues); }; } // namespace AccessToken } // namespace Security diff --git a/services/privacymanager/include/record/permission_visitor.h b/services/privacymanager/include/record/permission_visitor.h new file mode 100644 index 0000000000000000000000000000000000000000..212094c510bd6b2052ccd68f1bada4996d64fae7 --- /dev/null +++ b/services/privacymanager/include/record/permission_visitor.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_VISITOR_H +#define PERMISSION_VISITOR_H + +#include +#include "access_token.h" +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionVisitor { + int32_t id = -1; + AccessTokenID tokenId = 0; + bool isRemoteDevice = false; + std::string deviceId; + int32_t userId; + std::string bundleName; + + PermissionVisitor() = default; + + static void TranslationIntoGenericValues(const PermissionVisitor& visitor, GenericValues& values); + static void TranslationIntoPermissionVisitor(const GenericValues& values, PermissionVisitor& visitor); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_VISITOR_H diff --git a/services/privacymanager/include/record/permission_visitor_repository.h b/services/privacymanager/include/record/permission_visitor_repository.h new file mode 100644 index 0000000000000000000000000000000000000000..3fdc41159395fabb2b2c03614117bdeb94a4d94e --- /dev/null +++ b/services/privacymanager/include/record/permission_visitor_repository.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_VISITOR_REPOSITORY_H +#define PERMISSION_VISITOR_REPOSITORY_H + +#include +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PermissionVisitorRepository final { +public: + virtual ~PermissionVisitorRepository(); + PermissionVisitorRepository(); + + static PermissionVisitorRepository& GetInstance(); + + bool AddVisitorValues(const GenericValues& visitorValues); + bool FindVisitorValues(const GenericValues& andConditionValues, + const GenericValues& orConditionValues, std::vector& visitorValues); + bool RemoveVisitorValues(const GenericValues& conditionValues); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_VISITOR_REPOSITORY_H diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 347db8602941a25c489afd26d32bf6f00356d535..116249c7fb4b76e13dea65d9f943ed16bb40d170 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -45,7 +45,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) override; - std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) override; + std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; diff --git a/services/privacymanager/src/database/data_translator.cpp b/services/privacymanager/src/database/data_translator.cpp index 27753200fbf65e5bedc50cfe939a1f340f8d5d21..514fbe3146521253aae0544d79496bd5346fd0a4 100644 --- a/services/privacymanager/src/database/data_translator.cpp +++ b/services/privacymanager/src/database/data_translator.cpp @@ -23,7 +23,7 @@ namespace OHOS { namespace Security { namespace AccessToken { int32_t DataTranslator::TranslationIntoGenericValues(const PermissionUsedRequest& request, - GenericValues& andGenericValues, GenericValues& orGenericValues) + GenericValues& visitorGenericValues, GenericValues& andGenericValues, GenericValues& orGenericValues) { int64_t begin = request.beginTimeMillis; int64_t end = request.endTimeMillis; @@ -48,6 +48,17 @@ int32_t DataTranslator::TranslationIntoGenericValues(const PermissionUsedRequest andGenericValues.Put(FIELD_TIMESTAMP_END, end); } + if (!request.deviceId.empty()) { + visitorGenericValues.Put(FIELD_DEVICE_ID, request.deviceId); + } + if (!request.bundleName.empty()) { + visitorGenericValues.Put(FIELD_BUNDLE_NAME, request.bundleName); + } + + if (request.tokenId != 0) { + visitorGenericValues.Put(FIELD_TOKEN_ID, (int32_t)request.tokenId); + } + for (const auto& perm : request.permissionList) { int32_t opCode; if (Constant::TransferPermissionToOpcode(perm, opCode)) { diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index 4815d96e097035f7ea20da2dfe198d1b098028b3..60b82be4b1912f29cf22533fb71733ab3e29d17c 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -41,6 +41,7 @@ PermissionUsedRecordDb::~PermissionUsedRecordDb() void PermissionUsedRecordDb::OnCreate() { ACCESSTOKEN_LOG_INFO(LABEL, "Entry"); + CreatePermissionVisitorTable(); CreatePermissionRecordTable(); } @@ -51,10 +52,21 @@ void PermissionUsedRecordDb::OnUpdate() PermissionUsedRecordDb::PermissionUsedRecordDb() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATABASE_VERSION) { + SqliteTable permissionVisorTable; + permissionVisorTable.tableName_ = PERMISSION_VISITOR_TABLE; + permissionVisorTable.tableColumnNames_ = { + FIELD_ID, + FIELD_TOKEN_ID, + FIELD_IS_REMOTE_DEVICE, + FIELD_DEVICE_ID, + FIELD_USER_ID, + FIELD_BUNDLE_NAME + }; + SqliteTable permissionRecordTable; permissionRecordTable.tableName_ = PERMISSION_RECORD_TABLE; permissionRecordTable.tableColumnNames_ = { - FIELD_TOKEN_ID, + FIELD_VISITOR_ID, FIELD_OP_CODE, FIELD_STATUS, FIELD_TIMESTAMP, @@ -64,12 +76,13 @@ PermissionUsedRecordDb::PermissionUsedRecordDb() : SqliteHelper(DATABASE_NAME, D }; dataTypeToSqlTable_ = { + {PERMISSION_VISITOR, permissionVisorTable}, {PERMISSION_RECORD, permissionRecordTable}, }; Open(); } -int32_t PermissionUsedRecordDb::Add(DataType type, const std::vector& values) +int32_t PermissionUsedRecordDb::Add(const DataType type, const std::vector& values) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::string prepareSql = CreateInsertPrepareSqlCmd(type); @@ -98,7 +111,7 @@ int32_t PermissionUsedRecordDb::Add(DataType type, const std::vector lock(this->rwLock_); std::vector columnNames = conditions.GetAllKeys(); @@ -112,7 +125,7 @@ int32_t PermissionUsedRecordDb::Remove(DataType type, const GenericValues& condi } int32_t PermissionUsedRecordDb::Modify( - DataType type, const GenericValues& modifyValues, const GenericValues& conditions) + const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::vector modifyColumns = modifyValues.GetAllKeys(); @@ -129,7 +142,27 @@ int32_t PermissionUsedRecordDb::Modify( return (ret == Statement::State::DONE) ? SUCCESS : FAILURE; } -int32_t PermissionUsedRecordDb::FindByConditions(DataType type, const GenericValues& andConditions, +int32_t PermissionUsedRecordDb::Find(const DataType type, std::vector& results) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string prepareSql = CreateSelectPrepareSqlCmd(type); + auto statement = Prepare(prepareSql); + while (statement.Step() == Statement::State::ROW) { + int32_t columnCount = statement.GetColumnCount(); + GenericValues value; + for (int32_t i = 0; i < columnCount; i++) { + if (statement.GetColumnName(i) == FIELD_TIMESTAMP || statement.GetColumnName(i) == FIELD_ACCESS_DURATION) { + value.Put(statement.GetColumnName(i), statement.GetValue(i, true)); + } else { + value.Put(statement.GetColumnName(i), statement.GetValue(i, false)); + } + } + results.emplace_back(value); + } + return SUCCESS; +} + +int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); @@ -160,28 +193,39 @@ int32_t PermissionUsedRecordDb::FindByConditions(DataType type, const GenericVal return SUCCESS; } -int32_t PermissionUsedRecordDb::GetDistinctValue(DataType type, - const std::string& condition, std::vector& results) +int32_t PermissionUsedRecordDb::RefreshAll(const DataType type, const std::vector& values) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); - std::string getDistinctValueSql = CreateGetDistinctValue(type, condition); - auto statement = Prepare(getDistinctValueSql); - while (statement.Step() == Statement::State::ROW) { - int32_t columnCount = statement.GetColumnCount(); - GenericValues value; - for (int32_t i = 0; i < columnCount; i++) { - if (statement.GetColumnName(i) == FIELD_TOKEN_ID) { - value.Put(statement.GetColumnName(i), statement.GetValue(i, false)); - } else if (statement.GetColumnName(i) == FIELD_DEVICE_ID) { - value.Put(statement.GetColumnName(i), statement.GetColumnString(i)); - } + std::string deleteSql = CreateDeletePrepareSqlCmd(type); + std::string insertSql = CreateInsertPrepareSqlCmd(type); + auto deleteStatement = Prepare(deleteSql); + auto insertStatement = Prepare(insertSql); + BeginTransaction(); + bool canCommit = deleteStatement.Step() == Statement::State::DONE; + for (const auto& value : values) { + std::vector columnNames = value.GetAllKeys(); + for (const auto& columnName : columnNames) { + insertStatement.Bind(columnName, value.Get(columnName)); } - results.emplace_back(value); + int32_t ret = insertStatement.Step(); + if (ret != Statement::State::DONE) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "insert failed, errorMsg: %{public}s", SpitError().c_str()); + canCommit = false; + } + insertStatement.Reset(); + } + if (!canCommit) { + ACCESSTOKEN_LOG_ERROR(LABEL, "rollback transaction."); + RollbackTransaction(); + return FAILURE; } + ACCESSTOKEN_LOG_INFO(LABEL, "commit transaction."); + CommitTransaction(); return SUCCESS; } -std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(DataType type) const +std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(const DataType type) const { auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { @@ -201,7 +245,7 @@ std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(DataType type) con } std::string PermissionUsedRecordDb::CreateDeletePrepareSqlCmd( - DataType type, const std::vector& columnNames) const + const DataType type, const std::vector& columnNames) const { auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { @@ -215,7 +259,7 @@ std::string PermissionUsedRecordDb::CreateDeletePrepareSqlCmd( return sql; } -std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(DataType type, +std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const { if (modifyColumns.empty()) { @@ -247,7 +291,17 @@ std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(DataType type, return sql; } -std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(DataType type, +std::string PermissionUsedRecordDb::CreateSelectPrepareSqlCmd(const DataType type) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "select * from " + it->second.tableName_; + return sql; +} + +std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(const DataType type, const std::vector& andColumns, const std::vector& orColumns) const { auto it = dataTypeToSqlTable_.find(type); @@ -281,16 +335,22 @@ std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(DataTyp return sql; } -std::string PermissionUsedRecordDb::CreateGetDistinctValue(DataType type, - const std::string conditionColumns) const +int32_t PermissionUsedRecordDb::CreatePermissionVisitorTable() const { - auto it = dataTypeToSqlTable_.find(type); + auto it = dataTypeToSqlTable_.find(DataType::PERMISSION_VISITOR); if (it == dataTypeToSqlTable_.end()) { - return std::string(); + return FAILURE; } - std::string sql = "select distinct "; - sql.append(conditionColumns + " from "+ it->second.tableName_); - return sql; + std::string sql = "create table if not exists "; + sql.append(it->second.tableName_ + " (") + .append(FIELD_ID + " integer PRIMARY KEY autoincrement not null,") + .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_IS_REMOTE_DEVICE + " integer not null,") + .append(FIELD_DEVICE_ID + " text not null,") + .append(FIELD_USER_ID + " integer not null,") + .append(FIELD_BUNDLE_NAME + " text not null") + .append(")"); + return ExecuteSql(sql); } int32_t PermissionUsedRecordDb::CreatePermissionRecordTable() const @@ -301,14 +361,14 @@ int32_t PermissionUsedRecordDb::CreatePermissionRecordTable() const } std::string sql = "create table if not exists "; sql.append(it->second.tableName_ + " (") - .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_VISITOR_ID + " integer not null,") .append(FIELD_OP_CODE + " integer not null,") .append(FIELD_STATUS + " integer not null,") .append(FIELD_TIMESTAMP + " integer not null,") .append(FIELD_ACCESS_DURATION + " integer not null,") .append(FIELD_ACCESS_COUNT + " integer not null,") .append(FIELD_REJECT_COUNT + " integer not null,") - .append("primary key(" + FIELD_TOKEN_ID) + .append("primary key(" + FIELD_VISITOR_ID) .append("," + FIELD_OP_CODE) .append("," + FIELD_STATUS) .append("," + FIELD_TIMESTAMP) diff --git a/services/privacymanager/src/record/permission_record.cpp b/services/privacymanager/src/record/permission_record.cpp index 643ec0f84f5bd7c8e4a511bf56158d821aa9a760..48906ef039a886205b5e75cfe238ebb30bb0ea8c 100644 --- a/services/privacymanager/src/record/permission_record.cpp +++ b/services/privacymanager/src/record/permission_record.cpp @@ -21,7 +21,7 @@ namespace Security { namespace AccessToken { void PermissionRecord::TranslationIntoGenericValues(const PermissionRecord& record, GenericValues& values) { - values.Put(FIELD_TOKEN_ID, (int32_t)record.tokenId); + values.Put(FIELD_VISITOR_ID, record.visitorId); values.Put(FIELD_OP_CODE, record.opCode); values.Put(FIELD_STATUS, record.status); values.Put(FIELD_TIMESTAMP, record.timestamp); @@ -32,7 +32,7 @@ void PermissionRecord::TranslationIntoGenericValues(const PermissionRecord& reco void PermissionRecord::TranslationIntoPermissionRecord(const GenericValues& values, PermissionRecord& record) { - record.tokenId = values.GetInt(FIELD_TOKEN_ID); + record.visitorId = values.GetInt(FIELD_VISITOR_ID); record.opCode = values.GetInt(FIELD_OP_CODE); record.status = values.GetInt(FIELD_STATUS); record.timestamp = values.GetInt64(FIELD_TIMESTAMP); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index b1b0425a7d9675e3b0bb1892ad224905b29a01af..59a4036c938a70911bd614ea856655d103a88401 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -22,6 +22,7 @@ #include "data_translator.h" #include "field_const.h" #include "permission_record_repository.h" +#include "permission_visitor_repository.h" #include "active_status_callback_manager.h" #include "time_util.h" #include "to_string.h" @@ -51,12 +52,58 @@ PermissionRecordManager::~PermissionRecordManager() hasInited_ = false; } +bool PermissionRecordManager::AddVisitor(AccessTokenID tokenID, int32_t& visitorId) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); + PermissionVisitor visitor; + if (!GetPermissionVisitor(tokenID, visitor)) { + return false; + } + + GenericValues visitorValues; + GenericValues nullValues; + std::vector resultValues; + PermissionVisitor::TranslationIntoGenericValues(visitor, visitorValues); + if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, resultValues)) { + return false; + } + if (resultValues.empty()) { + if (!PermissionVisitorRepository::GetInstance().AddVisitorValues(visitorValues)) { + return false; + } + if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, resultValues)) { + return false; + } + } + PermissionVisitor::TranslationIntoPermissionVisitor(resultValues[0], visitor); + visitorId = visitor.id; + return true; +} + +bool PermissionRecordManager::GetPermissionVisitor(AccessTokenID tokenID, PermissionVisitor& visitor) +{ + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenID, tokenInfo) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); + return false; + } + visitor.isRemoteDevice = true; + visitor.userId = tokenInfo.userID; + visitor.bundleName = tokenInfo.bundleName; + if (IsLocalDevice(tokenInfo.deviceID)) { + visitor.deviceId = ConstantCommon::GetLocalDeviceId(); + visitor.isRemoteDevice = false; + visitor.tokenId = tokenID; + } + return true; +} + bool PermissionRecordManager::AddRecord( - AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) + int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount) { - Utils::UniqueWriteGuard lk(this->rwLock_); + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); PermissionRecord record; - if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { + if (!GetPermissionsRecord(visitorId, permissionName, successCount, failCount, record)) { return false; } @@ -105,7 +152,7 @@ bool PermissionRecordManager::AddRecord( return PermissionRecordRepository::GetInstance().AddRecordValues(insertValues); } -bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, +bool PermissionRecordManager::GetPermissionsRecord(int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record) { int32_t opCode; @@ -117,7 +164,7 @@ bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const ACCESSTOKEN_LOG_ERROR(LABEL, "successCount and failCount are both zero"); return false; } - record.tokenId = tokenId; + record.visitorId = visitorId; record.accessCount = successCount; record.rejectCount = failCount; record.opCode = opCode; @@ -127,60 +174,66 @@ bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const return true; } -int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, const std::string& permissionName, +int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}x, permissionName: %{public}s", + tokenID, permissionName.c_str()); ExecuteDeletePermissionRecordTask(); - if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "invalid token type"); + if (AccessTokenKit::GetTokenTypeFlag(tokenID) != TOKEN_HAP) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Invalid token type"); return Constant::SUCCESS; } - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); + Utils::UniqueWriteGuard lk(this->rwLock_); + int32_t visitorId; + if (!AddVisitor(tokenID, visitorId)) { return Constant::FAILURE; } - - if (!AddRecord(tokenId, permissionName, successCount, failCount)) { + if (!AddRecord(visitorId, permissionName, successCount, failCount)) { return Constant::FAILURE; } return Constant::SUCCESS; } -void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) +void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) { - if (tokenId == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is 0"); - return; - } + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}x", tokenID); - // only support remove by tokenId(local) - std::string device = GetDeviceId(tokenId); - if (device.empty()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); + Utils::UniqueWriteGuard lk(this->rwLock_); + PermissionVisitor visitor; + if (!GetPermissionVisitor(tokenID, visitor) && deviceID.empty()) { return; } + if (!deviceID.empty()) { + visitor.deviceId = deviceID; + } - if (!deviceID.empty() && device != deviceID) { - ACCESSTOKEN_LOG_ERROR(LABEL, "deviceID mismatch"); + GenericValues nullValues; + GenericValues visitorValues; + std::vector findVisitorValues; + PermissionVisitor::TranslationIntoGenericValues(visitor, visitorValues); + if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, findVisitorValues)) { return; } - Utils::UniqueWriteGuard lk(this->rwLock_); - GenericValues record; - record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); - PermissionRecordRepository::GetInstance().RemoveRecordValues(record); + for (const auto& visitor : findVisitorValues) { + GenericValues record; + record.Put(FIELD_VISITOR_ID, visitor.GetInt(FIELD_ID)); + PermissionRecordRepository::GetInstance().RemoveRecordValues(record); + } + PermissionVisitorRepository::GetInstance().RemoveVisitorValues(visitorValues); } int32_t PermissionRecordManager::GetPermissionUsedRecords( const PermissionUsedRequest& request, PermissionUsedResult& result) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); ExecuteDeletePermissionRecordTask(); - if (!request.isRemote && !GetRecordsFromLocalDB(request, result)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetRecordsFromLocalDB"); + if (!GetRecordsFromDB(request, result)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetRecordsFromDB"); return Constant::FAILURE; } return Constant::SUCCESS; @@ -189,6 +242,7 @@ int32_t PermissionRecordManager::GetPermissionUsedRecords( int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); auto task = [request, callback]() { ACCESSTOKEN_LOG_INFO(LABEL, "GetPermissionUsedRecordsAsync task called"); PermissionUsedResult result; @@ -200,54 +254,40 @@ int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( return Constant::SUCCESS; } -bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) -{ - std::vector results; - { - Utils::UniqueWriteGuard lk(this->rwLock_); - PermissionRecordRepository::GetInstance().GetAllRecordValuesByKey(FIELD_TOKEN_ID, results); - } - for (const auto& res : results) { - tokenIdList.emplace_back(res.GetInt(FIELD_TOKEN_ID)); - } - return true; -} - -bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result) +bool PermissionRecordManager::GetRecordsFromDB(const PermissionUsedRequest& request, PermissionUsedResult& result) { + GenericValues visitorValues; GenericValues andConditionValues; GenericValues orConditionValues; - if (DataTranslator::TranslationIntoGenericValues(request, andConditionValues, orConditionValues) - != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "query time or flag is invalid"); + if (DataTranslator::TranslationIntoGenericValues(request, visitorValues, andConditionValues, + orConditionValues) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "query time is invalid"); return false; } - std::vector tokenIdList; - if (request.tokenId == 0) { - GetLocalRecordTokenIdList(tokenIdList); - } else { - tokenIdList.emplace_back(request.tokenId); + GenericValues nullValues; + std::vector findVisitorValues; + if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, findVisitorValues)) { + return false; + } + if (findVisitorValues.empty()) { + ACCESSTOKEN_LOG_INFO(LABEL, "no visitor"); + return true; } - Utils::UniqueWriteGuard lk(this->rwLock_); - for (const auto& tokenId : tokenIdList) { - andConditionValues.Put(FIELD_TOKEN_ID, (int32_t)tokenId); + for (const auto& visitor : findVisitorValues) { + andConditionValues.Put(FIELD_VISITOR_ID, visitor.GetInt(FIELD_ID)); std::vector findRecordsValues; + BundleUsedRecord bundleRecord; if (!PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { return false; } - andConditionValues.Remove(FIELD_TOKEN_ID); - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - continue; - } - BundleUsedRecord bundleRecord; - bundleRecord.tokenId = tokenId; - bundleRecord.isRemote = false; - bundleRecord.deviceId = ConstantCommon::GetLocalDeviceId(); - bundleRecord.bundleName = tokenInfo.bundleName; + andConditionValues.Remove(FIELD_VISITOR_ID); + bundleRecord.tokenId = (AccessTokenID)visitor.GetInt(FIELD_TOKEN_ID); + bundleRecord.isRemote = visitor.GetInt(FIELD_IS_REMOTE_DEVICE); + bundleRecord.deviceId = visitor.GetString(FIELD_DEVICE_ID); + bundleRecord.bundleName = visitor.GetString(FIELD_BUNDLE_NAME); if (!findRecordsValues.empty()) { if (!GetRecords(request.flag, findRecordsValues, bundleRecord, result)) { @@ -277,8 +317,7 @@ bool PermissionRecordManager::GetRecords( record.Put(FIELD_FLAG, flag); if (DataTranslator::TranslationGenericValuesIntoPermissionUsedRecord(record, tmpPermissionRecord) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_INFO(LABEL, "Failed to transform opcode(%{public}d) into permission", - record.GetInt(FIELD_OP_CODE)); + ACCESSTOKEN_LOG_INFO(LABEL, "Failed to transform permission to opcode"); continue; } @@ -358,18 +397,20 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) return Constant::SUCCESS; } -std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName) +std::string PermissionRecordManager::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName=%{public}s, permissionName=%{public}s", + bundleName.c_str(), permissionName.c_str()); PermissionUsedRequest request; - request.tokenId = tokenId; + request.bundleName = bundleName; request.flag = FLAG_PERMISSION_USAGE_DETAIL; if (!permissionName.empty()) { request.permissionList.emplace_back(permissionName); } PermissionUsedResult result; - if (!GetRecordsFromLocalDB(request, result)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "failed to GetRecordsFromLocalDB"); + if (!GetRecordsFromDB(request, result)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "failed to GetRecordsFromDB"); return ""; } @@ -382,17 +423,28 @@ std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenId, const return dumpInfo; } -int32_t PermissionRecordManager::StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName) +int32_t PermissionRecordManager::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { + // to do + PermissionVisitor visitor; + if (!GetPermissionVisitor(tokenID, visitor)) { + return Constant::FAILURE; + } ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( - tokenId, permissionName, ConstantCommon::GetLocalDeviceId(), PERM_ACTIVE_IN_FOREGROUND); + tokenID, permissionName, visitor.deviceId, PERM_ACTIVE_IN_FOREGROUND); return Constant::SUCCESS; } -int32_t PermissionRecordManager::StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName) +int32_t PermissionRecordManager::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { + // to do + PermissionVisitor visitor; + if (!GetPermissionVisitor(tokenID, visitor)) { + return Constant::FAILURE; + } + ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( - tokenId, permissionName, ConstantCommon::GetLocalDeviceId(), PERM_INACTIVE); + tokenID, permissionName, visitor.deviceId, PERM_INACTIVE); return Constant::SUCCESS; } @@ -407,16 +459,12 @@ int32_t PermissionRecordManager::UnRegisterPermActiveStatusCallback(const sptr& resultValues) -{ - if (PermissionUsedRecordDb::GetInstance().GetDistinctValue(PermissionUsedRecordDb::PERMISSION_RECORD, - condition, resultValues) != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_RECORD table add fail"); - return false; - } - return true; -} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/record/permission_visitor.cpp b/services/privacymanager/src/record/permission_visitor.cpp new file mode 100644 index 0000000000000000000000000000000000000000..d0b126b13963246cfc31beca5de51c8f6c9b9b1c --- /dev/null +++ b/services/privacymanager/src/record/permission_visitor.cpp @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_visitor.h" +#include "field_const.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +void PermissionVisitor::TranslationIntoGenericValues(const PermissionVisitor& visitor, GenericValues& values) +{ + values.Put(FIELD_TOKEN_ID, (int32_t)visitor.tokenId); + values.Put(FIELD_IS_REMOTE_DEVICE, visitor.isRemoteDevice ? 1 : 0); + values.Put(FIELD_DEVICE_ID, visitor.deviceId); + values.Put(FIELD_USER_ID, visitor.userId); + values.Put(FIELD_BUNDLE_NAME, visitor.bundleName); +} + +void PermissionVisitor::TranslationIntoPermissionVisitor(const GenericValues& values, PermissionVisitor& visitor) +{ + visitor.id = values.GetInt(FIELD_ID); + visitor.tokenId = (AccessTokenID)values.GetInt(FIELD_TOKEN_ID); + visitor.isRemoteDevice = values.GetInt(FIELD_IS_REMOTE_DEVICE); + visitor.deviceId = values.GetString(FIELD_DEVICE_ID); + visitor.userId = values.GetInt(FIELD_USER_ID); + visitor.bundleName = values.GetString(FIELD_BUNDLE_NAME); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/record/permission_visitor_repository.cpp b/services/privacymanager/src/record/permission_visitor_repository.cpp new file mode 100644 index 0000000000000000000000000000000000000000..5df400cad5c5091b8e8d58302ad4e9bcd2831caa --- /dev/null +++ b/services/privacymanager/src/record/permission_visitor_repository.cpp @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_visitor_repository.h" + +#include "accesstoken_log.h" +#include "permission_used_record_db.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionVisitorRepository" +}; +} + +PermissionVisitorRepository& PermissionVisitorRepository::GetInstance() +{ + static PermissionVisitorRepository instance; + return instance; +} + +PermissionVisitorRepository::PermissionVisitorRepository() +{ +} + +PermissionVisitorRepository::~PermissionVisitorRepository() +{ +} + +bool PermissionVisitorRepository::AddVisitorValues(const GenericValues& visitorValues) +{ + GenericValues nullValues; + std::vector insertValues; + std::vector resultValues; + if (PermissionUsedRecordDb::GetInstance().FindByConditions(PermissionUsedRecordDb::PERMISSION_VISITOR, + visitorValues, nullValues, resultValues) != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table find fail"); + return false; + } + if (!resultValues.empty()) { + return true; + } + + insertValues.emplace_back(visitorValues); + if (PermissionUsedRecordDb::GetInstance().Add(PermissionUsedRecordDb::PERMISSION_VISITOR, insertValues) + != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table add fail"); + return false; + } + return true; +} + +bool PermissionVisitorRepository::FindVisitorValues( + const GenericValues& andValues, const GenericValues& orValues, std::vector& visitorValues) +{ + if (PermissionUsedRecordDb::GetInstance().FindByConditions(PermissionUsedRecordDb::PERMISSION_VISITOR, andValues, + orValues, visitorValues) != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table find fail"); + return false; + } + return true; +} + +bool PermissionVisitorRepository::RemoveVisitorValues(const GenericValues& conditionValues) +{ + if (PermissionUsedRecordDb::GetInstance().Remove(PermissionUsedRecordDb::PERMISSION_VISITOR, conditionValues) + != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table remove fail"); + return false; + } + return true; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 03143c7a5aaf5fa9b792ab947ed43aea29174d4d..92e690931b13fa823fba36d359ba1453e58ae60c 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -50,6 +50,7 @@ void PrivacyManagerService::OnStart() ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService has already started!"); return; } + ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService is starting"); if (!Initialize()) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); return; @@ -72,22 +73,30 @@ void PrivacyManagerService::OnStop() int32_t PrivacyManagerService::AddPermissionUsedRecord( AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", + tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().AddPermissionUsedRecord( tokenID, permissionName, successCount, failCount); } int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", + tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().StartUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", + tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().StopUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, deviceID: %{public}s", + tokenID, ConstantCommon::EncryptDevId(deviceID).c_str()); PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID); return Constant::SUCCESS; } @@ -95,6 +104,7 @@ int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID int32_t PrivacyManagerService::GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); PermissionUsedResult permissionRecord; int32_t ret = PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request.request, permissionRecord); result.result = permissionRecord; @@ -104,12 +114,15 @@ int32_t PrivacyManagerService::GetPermissionUsedRecords( int32_t PrivacyManagerService::GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request.request, callback); } -std::string PrivacyManagerService::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PrivacyManagerService::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().DumpRecordInfo(tokenID, permissionName); + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName: %{public}s, permissionName: %{public}s", + bundleName.c_str(), permissionName.c_str()); + return PermissionRecordManager::GetInstance().DumpRecordInfo(bundleName, permissionName); } int32_t PrivacyManagerService::RegisterPermActiveStatusCallback( diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp index 18937294ba1377f913ea9d2e09c07563e8feaff2..10a767c8f3bcab9a7bdb50959a8fb8f3e4f641cf 100644 --- a/services/privacymanager/src/service/privacy_manager_stub.cpp +++ b/services/privacymanager/src/service/privacy_manager_stub.cpp @@ -159,9 +159,9 @@ void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, void PrivacyManagerStub::DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenID = data.ReadUint32(); + std::string bundleName = data.ReadString(); std::string permissionName = data.ReadString(); - std::string dumpInfo = this->DumpRecordInfo(tokenID, permissionName); + std::string dumpInfo = this->DumpRecordInfo(bundleName, permissionName); reply.WriteString(dumpInfo); } diff --git a/tools/accesstoken/include/atm_command.h b/tools/accesstoken/include/atm_command.h index a69f689811679dd8ca825febf6ef43e9268c90c2..7ff2ec3192af7ef326ab49666e5c8237a0f5d92f 100644 --- a/tools/accesstoken/include/atm_command.h +++ b/tools/accesstoken/include/atm_command.h @@ -32,7 +32,7 @@ const std::string HELP_MSG_DUMP = "options list:\n" " -h, --help list available options\n" " -t, --token-info list all token info in system\n" - " -r [-i ] [-p ] list used records in system\n"; + " -r [-b ] [-p ] list used records in system\n"; class AtmCommand : public OHOS::AAFwk::ShellCommand { public: @@ -51,7 +51,7 @@ private: ErrCode RunAsDumpCommandError(void); ErrCode RunAsDumpCommandMissingOptionArgument(void); ErrCode RunAsDumpCommandExistentOptionArgument(const int &option, - bool &isDumpTokenInfo, bool &isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName); + bool &isDumpTokenInfo, bool &isDumpRecordInfo, std::string& bundleName, std::string& permissionName); }; } // namespace AccessToken } // namespace Security diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index 882c648b7b2955bb9c2e191245fba88f3c4eec60..1ec70cede85b8742ad639e1df15fcd2fb0aa8a40 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -26,12 +26,12 @@ using namespace OHOS::AAFwk; namespace OHOS { namespace Security { namespace AccessToken { -const std::string SHORT_OPTIONS_DUMP = "htr::i:p:"; +const std::string SHORT_OPTIONS_DUMP = "htr::b:p:"; const struct option LONG_OPTIONS_DUMP[] = { {"help", no_argument, nullptr, 'h'}, {"token-info", no_argument, nullptr, 't'}, {"record-info", no_argument, nullptr, 'r'}, - {"token-id", required_argument, nullptr, 'i'}, + {"bundle-name", required_argument, nullptr, 'b'}, {"permission-name", required_argument, nullptr, 'p'}, {nullptr, 0, nullptr, 0} }; @@ -79,7 +79,7 @@ ErrCode AtmCommand::RunAsDumpCommand() std::string dumpInfo = ""; bool isDumpTokenInfo = false; bool isDumpRecordInfo = false; - uint32_t tokenId = 0; + std::string bundleName = ""; std::string permissionName = ""; int option = -1; int counter = 0; @@ -103,7 +103,7 @@ ErrCode AtmCommand::RunAsDumpCommand() } result = RunAsDumpCommandExistentOptionArgument( - option, isDumpTokenInfo, isDumpRecordInfo, tokenId, permissionName); + option, isDumpTokenInfo, isDumpRecordInfo, bundleName, permissionName); } if (result != OHOS::ERR_OK) { @@ -114,7 +114,7 @@ ErrCode AtmCommand::RunAsDumpCommand() resultReceiver_.append(dumpInfo + "\n"); } if (isDumpRecordInfo) { - dumpInfo = PrivacyKit::DumpRecordInfo(tokenId, permissionName); + dumpInfo = PrivacyKit::DumpRecordInfo(bundleName, permissionName); resultReceiver_.append(dumpInfo + "\n"); } } @@ -149,8 +149,8 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) result = OHOS::ERR_INVALID_VALUE; break; } - case 'i' : { - // 'atm dump -i' with no argument + case 'b' : { + // 'atm dump -b' with no argument resultReceiver_.append("error: option "); resultReceiver_.append("requires a value.\n"); result = OHOS::ERR_INVALID_VALUE; @@ -175,8 +175,8 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) return result; } -ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int& option, - bool& isDumpTokenInfo, bool& isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName) +ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int &option, + bool &isDumpTokenInfo, bool &isDumpRecordInfo, std::string& bundleName, std::string& permissionName) { ErrCode result = ERR_OK; switch (option) { @@ -190,10 +190,10 @@ ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int& option, case 'r': isDumpRecordInfo = true; break; - case 'i': + case 'b': isDumpRecordInfo = true; if (optarg != nullptr) { - tokenId = std::atoi(optarg); + bundleName = optarg; } break; case 'p':