diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index eea5a2d2f4847bea82189424b49cb16da3343d21..f2278527d971c6daf553263c30778f7709da143d 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -67,7 +67,6 @@ if (is_standard_system) { "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "//base/security/access_token/services/common/database:accesstoken_database_cxx", "//base/security/access_token/services/privacymanager:privacy.rc", - "//utils/native/base:utils", ] external_deps = [ diff --git a/services/privacymanager/include/common/constant.h b/services/privacymanager/include/common/constant.h index 1893d77e377034f4fb0b8d13f851a9b7cfccb6c1..6e3602ac6997e3bb12487543d7179de4991567ad 100644 --- a/services/privacymanager/include/common/constant.h +++ b/services/privacymanager/include/common/constant.h @@ -62,7 +62,6 @@ public: const static int32_t RECORD_DELETE_TIME = 30 * 86400; const static int32_t PRECISE = 60; const static int32_t LATEST_RECORD_TIME = 7 * 86400; - const static std::string COUNT_CMD; const static std::map PERMISSION_OPCODE_MAP; public: diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index 6b11926691a5faa919abf3de0b71a050a5ef3a16..3ae7d5bb5db1838987d7717ac55b5a3cb56b3502 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -45,9 +45,9 @@ public: int32_t FindByConditions(DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); int32_t Modify(DataType type, const GenericValues& modifyValues, const GenericValues& conditions); - int32_t Count(DataType type, GenericValues& result); + void Count(DataType type, GenericValues& result); int32_t DeleteExpireRecords(DataType type, const GenericValues& andConditions); - int32_t DeleteExcessiveRecords(DataType type, unsigned excessiveSize); + int32_t DeleteExcessiveRecords(DataType type, uint32_t excessiveSize); int32_t GetDistinctValue(DataType type, const std::string& condition, std::vector& results); void OnCreate() override; diff --git a/services/privacymanager/include/record/permission_record_repository.h b/services/privacymanager/include/record/permission_record_repository.h index 0e249f33d3a741bffac1e2a1c46d280b04068eb5..1ca8caee907aa98710b5b9b1e38da2516c8b2542 100644 --- a/services/privacymanager/include/record/permission_record_repository.h +++ b/services/privacymanager/include/record/permission_record_repository.h @@ -34,7 +34,7 @@ public: const GenericValues& orConditionValues, std::vector& recordValues); bool RemoveRecordValues(const GenericValues& conditionValues); bool GetAllRecordValuesByKey(const std::string& condition, std::vector& resultValues); - int32_t CountRecordValues(GenericValues& resultValues); + void CountRecordValues(GenericValues& resultValues); bool DeleteExpireRecordsValues(const GenericValues& andConditions); bool DeleteExcessiveSizeRecordValues(uint32_t excessiveSize); }; diff --git a/services/privacymanager/include/record/permission_used_record_cache.h b/services/privacymanager/include/record/permission_used_record_cache.h index 7cf3a0e6ccbd1bf9287cc442fa3413ce8b2f201c..272bef4716fc953a84c376292c4e21fbcf296d72 100644 --- a/services/privacymanager/include/record/permission_used_record_cache.h +++ b/services/privacymanager/include/record/permission_used_record_cache.h @@ -39,24 +39,23 @@ public: void ExecuteReadRecordBufferTask(); int32_t PersistPendingRecords(); void GetPersistPendingRecordsAndReset(); - int32_t RemoveRecords(const GenericValues &record); - void RemoveRecordsFromPersistPendingBufferQueue(const GenericValues &record, + int32_t RemoveRecords(const AccessTokenID tokenId); + void RemoveRecordsFromPersistPendingBufferQueue(const AccessTokenID tokenId, std::shared_ptr persistPendingBufferHead, std::shared_ptr persistPendingBufferEnd); void GetRecords(const std::vector& permissionList, - const GenericValues &andConditionValues, const GenericValues& orConditionValues, - std::vector& findRecordsValues); - void GetAllRecords(const std::vector& permissionList, - const GenericValues &andConditionValues, const GenericValues& orConditionValues, + const GenericValues& andConditionValues, const GenericValues& orConditionValues, std::vector& findRecordsValues); - void GetRecordsFromPersistPendingBufferQueue(const std::vector& permissionList, + void GetRecordsFromPersistPendingBufferQueue(const std::set& opCodeList, const GenericValues& andConditionValues, const GenericValues& orConditionValues, - std::vector& findRecordsValues, const std::set& opCodeList); + std::vector& findRecordsValues); bool RecordCompare(const AccessTokenID tokenId, const std::set& opCodeList, - const GenericValues &andConditionValues, const PermissionRecord &record); + const GenericValues& andConditionValues, const PermissionRecord& record); void FindTokenIdList(std::set& tokenIdList); void TransferToOpcode(std::set& opCodeList, const std::vector& permissionList); + void ResetRecordBuffer(const int32_t remainCount, + std::shared_ptr& persistPendingBufferEnd); void AddRecordNode(const PermissionRecord& record); void DeleteRecordNode(std::shared_ptr deleteRecordNode); diff --git a/services/privacymanager/src/common/constant.cpp b/services/privacymanager/src/common/constant.cpp index 1a9b748559ad8801a76bbe294d7c0d37c169debc..34fda467f258b1d64a42f07a37f98c7203b51854 100644 --- a/services/privacymanager/src/common/constant.cpp +++ b/services/privacymanager/src/common/constant.cpp @@ -18,7 +18,6 @@ namespace OHOS { namespace Security { namespace AccessToken { -const std::string Constant::COUNT_CMD = "COUNT"; const std::map Constant::PERMISSION_OPCODE_MAP = { std::map::value_type("ohos.permission.ANSWER_CALL", Constant::OP_ANSWER_CALL), std::map::value_type("ohos.permission.READ_CALENDAR", Constant::OP_READ_CALENDAR), diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index 9c3a78662814e6d4e4d1a05cbd05796bac099385..1e216b7a5f085f75af83268494ee0ede684bee33 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -26,6 +26,7 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionUsedRecordDb" }; +static const std::string FIELD_COUNT_NUMBER = "count"; } PermissionUsedRecordDb& PermissionUsedRecordDb::GetInstance() @@ -182,16 +183,15 @@ int32_t PermissionUsedRecordDb::GetDistinctValue(DataType type, return SUCCESS; } -int32_t PermissionUsedRecordDb::Count(DataType type, GenericValues& result) +void PermissionUsedRecordDb::Count(DataType type, GenericValues& result) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::string countSql = CreateCountPrepareSqlCmd(type); auto countStatement = Prepare(countSql); if (countStatement.Step() == Statement::State::ROW) { int32_t column = 0; - result.Put(Constant::COUNT_CMD, countStatement.GetValue(column, true)); + result.Put(FIELD_COUNT_NUMBER, countStatement.GetValue(column, true)); } - return SUCCESS; } int32_t PermissionUsedRecordDb::DeleteExpireRecords(DataType type, @@ -205,15 +205,14 @@ int32_t PermissionUsedRecordDb::DeleteExpireRecords(DataType type, for (const auto& columnName : andColumns) { deleteExpireStatement.Bind(columnName, andConditions.Get(columnName)); } - int32_t ret = deleteExpireStatement.Step(); - if (ret != Statement::State::DONE) { + if (deleteExpireStatement.Step() != Statement::State::DONE) { return FAILURE; } } return SUCCESS; } -int32_t PermissionUsedRecordDb::DeleteExcessiveRecords(DataType type, unsigned excessiveSize) +int32_t PermissionUsedRecordDb::DeleteExcessiveRecords(DataType type, uint32_t excessiveSize) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::string deleteExcessiveSql = CreateDeleteExcessiveRecordsPrepareSqlCmd(type, excessiveSize); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 658613dd35ba704870fd46d5ab26106d583d99cf..37514e9f5700b7eae12d3405ef18d2ddc47c53a2 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -35,6 +35,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionRecordManager" }; static const std::string DEFAULT_DEVICEID = "0"; +static const std::string FIELD_COUNT_NUMBER = "count"; } PermissionRecordManager& PermissionRecordManager::GetInstance() { @@ -125,9 +126,7 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, } Utils::UniqueWriteGuard lk(this->rwLock_); - GenericValues record; - record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); - PermissionUsedRecordCache::GetInstance().RemoveRecords(record); // remove from cache and database + PermissionUsedRecordCache::GetInstance().RemoveRecords(tokenId); // remove from cache and database } int32_t PermissionRecordManager::GetPermissionUsedRecords( @@ -300,10 +299,8 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) { Utils::UniqueWriteGuard lk(this->rwLock_); GenericValues countValue; - if (!PermissionRecordRepository::GetInstance().CountRecordValues(countValue)) { - return Constant::FAILURE; - } - int64_t total = countValue.GetInt64(Constant::COUNT_CMD); + PermissionRecordRepository::GetInstance().CountRecordValues(countValue); + int64_t total = countValue.GetInt64(FIELD_COUNT_NUMBER); if (total > Constant::MAX_TOTAL_RECORD) { uint32_t excessiveSize = total - Constant::MAX_TOTAL_RECORD; if (!PermissionRecordRepository::GetInstance().DeleteExcessiveSizeRecordValues(excessiveSize)) { diff --git a/services/privacymanager/src/record/permission_record_repository.cpp b/services/privacymanager/src/record/permission_record_repository.cpp index d9ff4fd42f79d1d0bd9fb0c1cc4346e1e01c9f45..4d2e7d08aeed75836da24c65c09b50dd838453e6 100644 --- a/services/privacymanager/src/record/permission_record_repository.cpp +++ b/services/privacymanager/src/record/permission_record_repository.cpp @@ -83,14 +83,9 @@ bool PermissionRecordRepository::GetAllRecordValuesByKey( return true; } -int32_t PermissionRecordRepository::CountRecordValues(GenericValues& resultValues) +void PermissionRecordRepository::CountRecordValues(GenericValues& resultValues) { - if (PermissionUsedRecordDb::GetInstance().Count(PermissionUsedRecordDb::PERMISSION_RECORD, resultValues) - != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot count PERMISSION_RECORD"); - return false; - } - return true; + PermissionUsedRecordDb::GetInstance().Count(PermissionUsedRecordDb::PERMISSION_RECORD, resultValues); } bool PermissionRecordRepository::DeleteExpireRecordsValues(const GenericValues& andConditions) diff --git a/services/privacymanager/src/record/permission_used_record_cache.cpp b/services/privacymanager/src/record/permission_used_record_cache.cpp index 738a366202ad053d578af3abe1d08daf348b21be..b256d0757893ac8bfa30975589dc50d6f1299f22 100644 --- a/services/privacymanager/src/record/permission_used_record_cache.cpp +++ b/services/privacymanager/src/record/permission_used_record_cache.cpp @@ -61,6 +61,7 @@ void PermissionUsedRecordCache::AddRecordToBuffer(PermissionRecord& record) break; } else if (curFindMergePos->record.tokenId == record.tokenId && record.opCode == curFindMergePos->record.opCode && + record.status == curFindMergePos->record.status && (record.timestamp - curFindMergePos->record.timestamp) <= Constant::PRECISE) { MergeRecord(record, curFindMergePos); } else { @@ -71,17 +72,7 @@ void PermissionUsedRecordCache::AddRecordToBuffer(PermissionRecord& record) AddRecordNode(record); // refresh curRecordBUfferPos and readableSize remainCount++; if (persistPendingBufferEnd != nullptr) { - readableSize_ = remainCount; - std::shared_ptr tmpRecordBufferHead = - std::make_shared(); - tmpRecordBufferHead->next = persistPendingBufferEnd->next; - persistPendingBufferEnd->next.reset(); - recordBufferHead_ = tmpRecordBufferHead; - if (persistPendingBufferEnd == curRecordBufferPos_) { // persistPendingBufferEnd == curRecordBufferPos - curRecordBufferPos_ = recordBufferHead_; - } else { // remainCount !=0 ==> recordBufferHead->next != nullptr - recordBufferHead_->next->pre = recordBufferHead_; - } + ResetRecordBuffer(remainCount, persistPendingBufferEnd); } } if (persistPendingBufferEnd != nullptr) { @@ -180,9 +171,8 @@ int32_t PermissionUsedRecordCache::PersistPendingRecords() return true; } -int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues& record) +int32_t PermissionUsedRecordCache::RemoveRecords(const AccessTokenID tokenId) { - AccessTokenID tokenId = record.GetInt(FIELD_TOKEN_ID); std::shared_ptr curFindDeletePos; std::shared_ptr persistPendingBufferHead; std::shared_ptr persistPendingBufferEnd = nullptr; @@ -207,34 +197,23 @@ int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues& record) curFindDeletePos = next; } if (countPersistPendingNode != 0) { // refresh recordBufferHead - readableSize_ -= countPersistPendingNode; - std::shared_ptr tmpRecordBufferHead = - std::make_shared(); - tmpRecordBufferHead->next = persistPendingBufferEnd->next; - persistPendingBufferEnd->next.reset(); - recordBufferHead_ = tmpRecordBufferHead; - recordBufferHead_->pre.reset(); - if (persistPendingBufferEnd == curRecordBufferPos_) { - curRecordBufferPos_ = recordBufferHead_; - } else { // remainCount !=0 ==> recordBufferHead->next != nullptr - recordBufferHead_->next->pre = recordBufferHead_; - } + int32_t remainCount = readableSize_ - countPersistPendingNode; + ResetRecordBuffer(remainCount, persistPendingBufferEnd); } } - RemoveRecordsFromPersistPendingBufferQueue(record, persistPendingBufferHead, persistPendingBufferEnd); + RemoveRecordsFromPersistPendingBufferQueue(tokenId, persistPendingBufferHead, persistPendingBufferEnd); return Constant::SUCCESS; } -void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const GenericValues& record, +void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const AccessTokenID tokenId, std::shared_ptr persistPendingBufferHead, std::shared_ptr persistPendingBufferEnd) { - AccessTokenID tokenId = record.GetInt(FIELD_TOKEN_ID); { std::shared_ptr curFindDeletePos; Utils::UniqueWriteGuard lock2(this->cacheLock_); if (!persistPendingBufferQueue_.empty()) { - for (auto persistHead : persistPendingBufferQueue_) { + for (auto& persistHead : persistPendingBufferQueue_) { curFindDeletePos = persistHead->next; while (curFindDeletePos != nullptr) { auto next = curFindDeletePos->next; @@ -245,8 +224,10 @@ void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const } } } - PermissionRecordRepository::GetInstance().RemoveRecordValues(record); // remove from database } + GenericValues record; + record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); + PermissionRecordRepository::GetInstance().RemoveRecordValues(record); // remove from database if (persistPendingBufferEnd != nullptr) { // add to queue AddToPersistQueue(persistPendingBufferHead); } @@ -281,36 +262,26 @@ void PermissionUsedRecordCache::GetRecords(const std::vector& permi curFindPos = next; } if (countPersistPendingNode != 0) { // refresh recordBufferHead - readableSize_ -= countPersistPendingNode; - std::shared_ptr tmpRecordBufferHead = - std::make_shared(); - tmpRecordBufferHead->next = persistPendingBufferEnd->next; - persistPendingBufferEnd->next.reset(); - recordBufferHead_ = tmpRecordBufferHead; - if (persistPendingBufferEnd == curRecordBufferPos_) { - curRecordBufferPos_ = recordBufferHead_; - } else { // remainCount !=0 ==> recordBufferHead->next != nullptr - recordBufferHead_->next->pre = recordBufferHead_; - } + int32_t remainCount = readableSize_ - countPersistPendingNode; + ResetRecordBuffer(remainCount, persistPendingBufferEnd); } } - GetRecordsFromPersistPendingBufferQueue(permissionList, andConditionValues, - orConditionValues, findRecordsValues, opCodeList); + GetRecordsFromPersistPendingBufferQueue(opCodeList, andConditionValues, + orConditionValues, findRecordsValues); if (countPersistPendingNode != 0) { AddToPersistQueue(persistPendingBufferHead); } } -void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( - const std::vector& permissionList, const GenericValues& andConditionValues, - const GenericValues& orConditionValues, std::vector& findRecordsValues, - const std::set& opCodeList) +void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue(const std::set& opCodeList, + const GenericValues& andConditionValues, const GenericValues& orConditionValues, + std::vector& findRecordsValues) { AccessTokenID tokenId = andConditionValues.GetInt(FIELD_TOKEN_ID); std::shared_ptr curFindPos; Utils::UniqueWriteGuard lock2(this->cacheLock_); if (!persistPendingBufferQueue_.empty()) { - for (auto persistHead : persistPendingBufferQueue_) { + for (auto& persistHead : persistPendingBufferQueue_) { curFindPos = persistHead->next; while (curFindPos != nullptr) { auto next = curFindPos->next; @@ -323,12 +294,32 @@ void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( } } } - if (tokenId != INVALID_TOKENID && !PermissionRecordRepository::GetInstance().FindRecordValues( + if (!PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { // find records from database ACCESSTOKEN_LOG_ERROR(LABEL, "find records from database failed"); } } +void PermissionUsedRecordCache::ResetRecordBuffer(const int32_t remainCount, + std::shared_ptr& persistPendingBufferEnd) +{ + readableSize_ = remainCount; + // refresh recordBufferHead + std::shared_ptr tmpRecordBufferHead = + std::make_shared(); + tmpRecordBufferHead->next = persistPendingBufferEnd->next; + persistPendingBufferEnd->next.reset(); + recordBufferHead_ = tmpRecordBufferHead; + + if (persistPendingBufferEnd == curRecordBufferPos_) { + // persistPendingBufferEnd == curRecordBufferPos, reset curRecordBufferPos + curRecordBufferPos_ = recordBufferHead_; + } else { + // recordBufferHead_->next->pre = persistPendingBufferEnd, reset recordBufferHead_->next->pre + recordBufferHead_->next->pre = recordBufferHead_; + } +} + void PermissionUsedRecordCache::TransferToOpcode(std::set& opCodeList, const std::vector& permissionList) {