diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h index ff8bebda82f39a273b4e9568985444c7b3d7800f..c5dcc2eefe6c40d697ea35b6f7b2f118437e9800 100644 --- a/frameworks/privacy/include/i_privacy_manager.h +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -48,6 +48,8 @@ public: virtual int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) = 0; virtual int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) = 0; + virtual bool IsAllowUsingPermission(AccessTokenID tokenID, const std::string& permissionName) = 0; + enum class InterfaceCode { ADD_PERMISSION_USED_RECORD = 0xf001, START_USING_PERMISSION = 0xf002, @@ -58,6 +60,7 @@ public: DUMP_RECORD_INFO = 0xf007, REGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK = 0xf008, UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK = 0xf009, + IS_ALLOW_USING_PERMISSION = 0xf010, }; }; } // namespace AccessToken diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h index a06fa1f8c85e10e99c1105a289bcec7624e9e759..f86a3d01a5b30b1cd2ed7ecc183c054ee9faed41 100644 --- a/interfaces/innerkits/privacy/include/privacy_kit.h +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -40,6 +40,7 @@ public: static std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); static int32_t RegisterPermActiveStatusCallback(const std::shared_ptr& callback); static int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); + static bool IsAllowUsingPermission(AccessTokenID tokenID, const std::string& permissionName); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index b6349f0b74854d561f40e57da995ad0dd769fce5..6c3bc31681cce661c3ac129ef1663331f01b242e 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -86,6 +86,12 @@ int32_t PrivacyKit::UnRegisterPermActiveStatusCallback(const std::shared_ptrIsAllowUsingPermission(tokenID, permissionName); +} + void PrivacyManagerClient::OnRemoteDiedHandle() { { diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index ee288ad69046c9f73dca259255ab43a13e0366b2..0cd621ba3d86c0d73475993a364b4f02a1e188f1 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -48,7 +48,7 @@ public: int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); int32_t CreateActiveStatusChangeCbk( const std::shared_ptr& callback, sptr& callbackObject); - + bool IsAllowUsingPermission(AccessTokenID tokenID, const std::string& permissionName); void OnRemoteDiedHandle(); private: PrivacyManagerClient(); diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index 0014a3c02e8daa7e24f28dc6eb9c0fa2b28b52a2..e0a9c5ae6ba3c5f68eb1502b766712ce28a9aa93 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -295,6 +295,29 @@ int32_t PrivacyManagerProxy::UnRegisterPermActiveStatusCallback(const sptr& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; - + bool IsAllowUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; private: bool SendRequest(IPrivacyManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply); static inline BrokerDelegator delegator_; diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 399abdc1ae8586edfca6adb15cd80fdf77ca6030..c6f6fa74cb4d5edc3d5ce87b97db7b0f11d07b77 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -700,6 +700,20 @@ HWTEST_F(PrivacyKitTest, DumpRecordInfo003, TestSize.Level1) ASSERT_EQ(true, info.empty()); } + +HWTEST_F(PrivacyKitTest, IsAllowUsingPermission001, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + // invalid tokenId + bool info = PrivacyKit::IsAllowUsingPermission(123, "ohos.permission.CAMERA"); + ASSERT_EQ(true, info); + + // invalid permission + info = PrivacyKit::IsAllowUsingPermission(g_TokenId_A, "invalid permission"); + ASSERT_EQ(true, info); +} + + class CbCustomizeTest1 : public PermActiveStatusCustomizedCbk { public: explicit CbCustomizeTest1(const std::vector &permList) @@ -839,3 +853,11 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1) res = PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr2); ASSERT_EQ(RET_NO_ERROR, res); } + +/** + * @tc.name: IsAllowUsingPermission001 + * @tc.desc: IsAllowUsingPermission with valid permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ + diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index a4cf29f568256d4fd43c08221d0732f915a1c804..b100bef9c2932471172ac1d43e80c1634afa0285 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -52,7 +52,7 @@ public: int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback); int32_t UnRegisterPermActiveStatusCallback(const sptr& callback); - + bool IsAllowUsingPermission(AccessTokenID tokenId, const std::string& permissionName); private: PermissionRecordManager(); DISALLOW_COPY_AND_MOVE(PermissionRecordManager); diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index ce276d297ecefa5984f0e7b0cedd97a9d6908e6a..4fd04742894abe3e16cad89f5739af92a8053009 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -49,7 +49,7 @@ public: int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; - + bool IsAllowUsingPermission(AccessTokenID tokenId, const std::string& permissionName) override; private: bool Initialize() const; diff --git a/services/privacymanager/include/service/privacy_manager_stub.h b/services/privacymanager/include/service/privacy_manager_stub.h index 17f592436b386e52ffd31ebc9528acb30db5edb4..a388be35dbe25f7a9b5728e1846477ba44c3ee9a 100644 --- a/services/privacymanager/include/service/privacy_manager_stub.h +++ b/services/privacymanager/include/service/privacy_manager_stub.h @@ -41,6 +41,7 @@ private: void DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply); void RegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply); void UnRegisterPermActiveStatusCallbackInner(MessageParcel& data, MessageParcel& reply); + void IsAllowUsingPermissionInner(MessageParcel& data, MessageParcel& reply); bool IsAccessTokenCalling() const; static const int32_t ACCESSTOKEN_UID = 3020; }; diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index ca2b7e5608e7b262fdeb29cd20d372a1e49ed137..9fa40b3f133afa959b7908a63f73614967daf022 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -374,6 +374,30 @@ std::string PermissionRecordManager::GetDeviceId(AccessTokenID tokenId) return tokenInfo.deviceID; } +bool PermissionRecordManager::IsAllowUsingPermission(AccessTokenID tokenId, const std::string& permissionName) +{ + PermissionUsedRequest request; + request.tokenId = tokenId; + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + if (!permissionName.empty()) { + request.permissionList.emplace_back(permissionName); + } + + PermissionUsedResult result; + if (!GetRecordsFromLocalDB(request, result)) { + // ACCESSTOKEN_LOG_ERROR(LABEL, "failed to GetRecordsFromLocalDB"); + return false; + } + + if (result.bundleRecords.empty()) { + // ACCESSTOKEN_LOG_DEBUG(LABEL, "no record"); + return false; + } + bool allowperInfo = false; + // ToString::PermissionUsedResultToString(result, allowperInfo); + return allowperInfo; +} + void PermissionRecordManager::Init() { if (hasInited_) { diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 41e1087e1458ec3d3c26dbbd9bd694b996245052..638d1fec0859017385ab61c612a6bd6af60a7740 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -123,6 +123,11 @@ int32_t PrivacyManagerService::UnRegisterPermActiveStatusCallback(const sptr(IPrivacyManager::InterfaceCode::UNREGISTER_PERM_ACTIVE_STATUS_CHANGE_CALLBACK): UnRegisterPermActiveStatusCallbackInner(data, reply); break; + case static_cast(IPrivacyManager::InterfaceCode::IS_ALLOW_USING_PERMISSION): + IsAllowUsingPermissionInner(data, reply); + break; default: return IPCObjectStub::OnRemoteRequest(code, data, reply, option); } @@ -201,6 +204,15 @@ void PrivacyManagerStub::UnRegisterPermActiveStatusCallbackInner(MessageParcel& reply.WriteInt32(result); } +void PrivacyManagerStub::IsAllowUsingPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenId = data.ReadUint32(); + std::string permissionName = data.ReadString(); + bool allowperInfo = this->IsAllowUsingPermission(tokenId, permissionName); + reply.WriteBool(allowperInfo); +} + + bool PrivacyManagerStub::IsAccessTokenCalling() const { int32_t callingUid = IPCSkeleton::GetCallingUid();