From c9bae35662a1948266c885d4d081fb98bc12cf59 Mon Sep 17 00:00:00 2001 From: cc_ggboy Date: Fri, 5 Aug 2022 16:42:11 +0800 Subject: [PATCH 01/68] =?UTF-8?q?access=5Ftoken=20fuzz=20gn=E6=96=87?= =?UTF-8?q?=E4=BB=B6=E7=BA=A0=E9=94=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: cc_ggboy --- test/fuzztest/access_token/allochaptoken_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/alloclocaltokenid_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/checknativedcap_fuzzer/BUILD.gn | 5 ----- .../clearusergrantedpermissionstate_fuzzer/BUILD.gn | 5 ----- .../access_token/deleteremotedevicetokens_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/deleteremotetoken_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/deletetoken_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/getdefpermission_fuzzer/BUILD.gn | 5 ----- .../fuzztest/access_token/getpermissionflags_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/grantpermission_fuzzer/BUILD.gn | 5 ----- .../access_token/revokeusergrantedpermission_fuzzer/BUILD.gn | 5 ----- .../access_token/setremotehaptokeninfo_fuzzer/BUILD.gn | 5 ----- .../access_token/setremotenativetokeninfo_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/updatehaptoken_fuzzer/BUILD.gn | 5 ----- .../access_token/verifyaccesstoken001_fuzzer/BUILD.gn | 5 ----- test/fuzztest/access_token/verifyaccesstoken_fuzzer/BUILD.gn | 5 ----- 16 files changed, 80 deletions(-) diff --git a/test/fuzztest/access_token/allochaptoken_fuzzer/BUILD.gn b/test/fuzztest/access_token/allochaptoken_fuzzer/BUILD.gn index 7f773f0c8..d0fc5f5f2 100644 --- a/test/fuzztest/access_token/allochaptoken_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/allochaptoken_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("AllocHapTokenFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/alloclocaltokenid_fuzzer/BUILD.gn b/test/fuzztest/access_token/alloclocaltokenid_fuzzer/BUILD.gn index 87ddbd2a1..0c424e29f 100644 --- a/test/fuzztest/access_token/alloclocaltokenid_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/alloclocaltokenid_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("AllocLocalTokenIDFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/checknativedcap_fuzzer/BUILD.gn b/test/fuzztest/access_token/checknativedcap_fuzzer/BUILD.gn index 38d3c8425..59b64e92c 100644 --- a/test/fuzztest/access_token/checknativedcap_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/checknativedcap_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("CheckNativeDCapFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/clearusergrantedpermissionstate_fuzzer/BUILD.gn b/test/fuzztest/access_token/clearusergrantedpermissionstate_fuzzer/BUILD.gn index 32f153f3f..75477a0d5 100644 --- a/test/fuzztest/access_token/clearusergrantedpermissionstate_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/clearusergrantedpermissionstate_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("ClearUserGrantedPermissionStateFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/deleteremotedevicetokens_fuzzer/BUILD.gn b/test/fuzztest/access_token/deleteremotedevicetokens_fuzzer/BUILD.gn index 6d69bec75..c4e8d936e 100644 --- a/test/fuzztest/access_token/deleteremotedevicetokens_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/deleteremotedevicetokens_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("DeleteRemoteDeviceTokensFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/deleteremotetoken_fuzzer/BUILD.gn b/test/fuzztest/access_token/deleteremotetoken_fuzzer/BUILD.gn index 5b686f792..65cebb7eb 100644 --- a/test/fuzztest/access_token/deleteremotetoken_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/deleteremotetoken_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("DeleteRemoteTokenFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/deletetoken_fuzzer/BUILD.gn b/test/fuzztest/access_token/deletetoken_fuzzer/BUILD.gn index f37c04746..a115d7f21 100644 --- a/test/fuzztest/access_token/deletetoken_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/deletetoken_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("DeleteTokenFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/getdefpermission_fuzzer/BUILD.gn b/test/fuzztest/access_token/getdefpermission_fuzzer/BUILD.gn index 925202101..8b018b2c3 100644 --- a/test/fuzztest/access_token/getdefpermission_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/getdefpermission_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("GetDefPermissionFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/getpermissionflags_fuzzer/BUILD.gn b/test/fuzztest/access_token/getpermissionflags_fuzzer/BUILD.gn index 328246ace..af7020915 100644 --- a/test/fuzztest/access_token/getpermissionflags_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/getpermissionflags_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("GetPermissionFlagsFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/grantpermission_fuzzer/BUILD.gn b/test/fuzztest/access_token/grantpermission_fuzzer/BUILD.gn index bb588f85f..d1f4cbf09 100644 --- a/test/fuzztest/access_token/grantpermission_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/grantpermission_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("GrantPermissionFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/revokeusergrantedpermission_fuzzer/BUILD.gn b/test/fuzztest/access_token/revokeusergrantedpermission_fuzzer/BUILD.gn index 94f45a419..2b4f8a2a3 100644 --- a/test/fuzztest/access_token/revokeusergrantedpermission_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/revokeusergrantedpermission_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("RevokeUserGrantedPermissionFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/setremotehaptokeninfo_fuzzer/BUILD.gn b/test/fuzztest/access_token/setremotehaptokeninfo_fuzzer/BUILD.gn index d9591910a..df7f00dfe 100644 --- a/test/fuzztest/access_token/setremotehaptokeninfo_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/setremotehaptokeninfo_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("SetRemoteHapTokenInfoFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/setremotenativetokeninfo_fuzzer/BUILD.gn b/test/fuzztest/access_token/setremotenativetokeninfo_fuzzer/BUILD.gn index fbfdebf50..580e14874 100644 --- a/test/fuzztest/access_token/setremotenativetokeninfo_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/setremotenativetokeninfo_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("SetRemoteNativeTokenInfoFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/updatehaptoken_fuzzer/BUILD.gn b/test/fuzztest/access_token/updatehaptoken_fuzzer/BUILD.gn index 2ae1796e7..0fad04826 100644 --- a/test/fuzztest/access_token/updatehaptoken_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/updatehaptoken_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("UpdateHapTokenFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/verifyaccesstoken001_fuzzer/BUILD.gn b/test/fuzztest/access_token/verifyaccesstoken001_fuzzer/BUILD.gn index d373c8157..8921f1833 100644 --- a/test/fuzztest/access_token/verifyaccesstoken001_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/verifyaccesstoken001_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("VerifyAccessToken001FuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } diff --git a/test/fuzztest/access_token/verifyaccesstoken_fuzzer/BUILD.gn b/test/fuzztest/access_token/verifyaccesstoken_fuzzer/BUILD.gn index 961604817..c3993eba5 100644 --- a/test/fuzztest/access_token/verifyaccesstoken_fuzzer/BUILD.gn +++ b/test/fuzztest/access_token/verifyaccesstoken_fuzzer/BUILD.gn @@ -38,9 +38,4 @@ ohos_fuzztest("VerifyAccessTokenFuzzTest") { "c_utils:utils", "hiviewdfx_hilog_native:libhilog", ] - - defines = [ - "ACCOUNT_LOG_TAG = \"AccessTokenFuzzTest\"", - "LOG_DOMAIN = 0xD001B00", - ] } -- Gitee From 2a9adb2bf075125427c50c6b16d11043efcb3987 Mon Sep 17 00:00:00 2001 From: fanchenxuan Date: Mon, 15 Aug 2022 22:00:22 +0800 Subject: [PATCH 02/68] =?UTF-8?q?=E6=B5=8B=E8=AF=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: fanchenxuan --- .../innerkits/token_callback/src/token_callback_stub.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/interfaces/innerkits/token_callback/src/token_callback_stub.cpp b/interfaces/innerkits/token_callback/src/token_callback_stub.cpp index 1d70b043e..1a26d2da5 100644 --- a/interfaces/innerkits/token_callback/src/token_callback_stub.cpp +++ b/interfaces/innerkits/token_callback/src/token_callback_stub.cpp @@ -43,7 +43,7 @@ int32_t TokenCallbackStub::OnRemoteRequest( if (msgCode == ITokenCallback::GRANT_RESULT_CALLBACK) { uint32_t permListSize = data.ReadUint32(); if (permListSize > LIST_SIZE_MAX) { - ACCESSTOKEN_LOG_ERROR(LABEL, "read permListSize fail"); + ACCESSTOKEN_LOG_ERROR(LABEL, "read permListSize fail %{public}u", permListSize); return FAILED; } std::vector permList; @@ -54,7 +54,7 @@ int32_t TokenCallbackStub::OnRemoteRequest( uint32_t statusListSize = data.ReadUint32(); if (statusListSize != permListSize) { - ACCESSTOKEN_LOG_ERROR(LABEL, "read permListSize fail"); + ACCESSTOKEN_LOG_ERROR(LABEL, "read permListSize fail %{public}u", statusListSize); return FAILED; } std::vector grantResults; -- Gitee From e0f4183f3878af541b70693955e02067fbbb3061 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 09:49:13 +0800 Subject: [PATCH 03/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../privacy/include/i_privacy_manager.h | 2 +- .../innerkits/privacy/include/privacy_kit.h | 2 +- .../innerkits/privacy/src/privacy_kit.cpp | 12 ++++------- .../privacy/src/privacy_manager_client.cpp | 4 ++-- .../privacy/src/privacy_manager_client.h | 2 +- .../privacy/src/privacy_manager_proxy.cpp | 4 ++-- .../privacy/src/privacy_manager_proxy.h | 2 +- .../record/permission_record_manager.h | 2 +- .../include/service/privacy_manager_service.h | 2 +- .../src/record/permission_record_manager.cpp | 8 ++++---- .../src/service/privacy_manager_service.cpp | 17 ++-------------- .../src/service/privacy_manager_stub.cpp | 4 ++-- tools/accesstoken/src/atm_command.cpp | 20 +++++++++---------- 13 files changed, 32 insertions(+), 49 deletions(-) diff --git a/frameworks/privacy/include/i_privacy_manager.h b/frameworks/privacy/include/i_privacy_manager.h index 137f58864..ff8bebda8 100644 --- a/frameworks/privacy/include/i_privacy_manager.h +++ b/frameworks/privacy/include/i_privacy_manager.h @@ -44,7 +44,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) = 0; virtual int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) = 0; - virtual std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) = 0; + virtual std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) = 0; virtual int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) = 0; virtual int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) = 0; diff --git a/interfaces/innerkits/privacy/include/privacy_kit.h b/interfaces/innerkits/privacy/include/privacy_kit.h index 1279757e7..a06fa1f8c 100644 --- a/interfaces/innerkits/privacy/include/privacy_kit.h +++ b/interfaces/innerkits/privacy/include/privacy_kit.h @@ -37,7 +37,7 @@ public: static int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); static int32_t GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback); - static std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); + static std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); static int32_t RegisterPermActiveStatusCallback(const std::shared_ptr& callback); static int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); }; diff --git a/interfaces/innerkits/privacy/src/privacy_kit.cpp b/interfaces/innerkits/privacy/src/privacy_kit.cpp index 2e91a684d..b6349f0b7 100644 --- a/interfaces/innerkits/privacy/src/privacy_kit.cpp +++ b/interfaces/innerkits/privacy/src/privacy_kit.cpp @@ -61,33 +61,29 @@ int32_t PrivacyKit::RemovePermissionUsedRecords(AccessTokenID tokenID, const std int32_t PrivacyKit::GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, result); } int32_t PrivacyKit::GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().GetPermissionUsedRecords(request, callback); } -std::string PrivacyKit::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +std::string PrivacyKit::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName=%{public}s, permissionName=%{public}s", - bundleName.c_str(), permissionName.c_str()); - return PrivacyManagerClient::GetInstance().DumpRecordInfo(bundleName, permissionName); + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID=%{public}d, permissionName=%{public}s", + tokenID, permissionName.c_str()); + return PrivacyManagerClient::GetInstance().DumpRecordInfo(tokenID, permissionName); } int32_t PrivacyKit::RegisterPermActiveStatusCallback(const std::shared_ptr& callback) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().RegisterPermActiveStatusCallback(callback); } int32_t PrivacyKit::UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PrivacyManagerClient::GetInstance().UnRegisterPermActiveStatusCallback(callback); } } // namespace AccessToken diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp index 769dc785a..12ac9e296 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.cpp @@ -133,7 +133,7 @@ int32_t PrivacyManagerClient::GetPermissionUsedRecords(const PermissionUsedReque return proxy->GetPermissionUsedRecords(requestParcel, callback); } -std::string PrivacyManagerClient::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +std::string PrivacyManagerClient::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { auto proxy = GetProxy(); if (proxy == nullptr) { @@ -141,7 +141,7 @@ std::string PrivacyManagerClient::DumpRecordInfo(const std::string& bundleName, return ""; } - return proxy->DumpRecordInfo(bundleName, permissionName); + return proxy->DumpRecordInfo(tokenID, permissionName); } int32_t PrivacyManagerClient::CreateActiveStatusChangeCbk( diff --git a/interfaces/innerkits/privacy/src/privacy_manager_client.h b/interfaces/innerkits/privacy/src/privacy_manager_client.h index ebae78818..ee288ad69 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_client.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_client.h @@ -43,7 +43,7 @@ public: int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); int32_t GetPermissionUsedRecords( const PermissionUsedRequest& request, const sptr& callback); - std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); + std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); int32_t RegisterPermActiveStatusCallback(const std::shared_ptr& callback); int32_t UnRegisterPermActiveStatusCallback(const std::shared_ptr& callback); int32_t CreateActiveStatusChangeCbk( diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index c8f7c149e..3745b7c58 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -189,7 +189,7 @@ int32_t PrivacyManagerProxy::GetPermissionUsedRecords(const PermissionUsedReques return ret; } -std::string PrivacyManagerProxy::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +std::string PrivacyManagerProxy::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { MessageParcel data; MessageParcel reply; @@ -198,7 +198,7 @@ std::string PrivacyManagerProxy::DumpRecordInfo(const std::string& bundleName, c ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(bundleName)"); return ""; } - if (!data.WriteString(permissionName)) { + if (!data.WriteUint32(tokenID)) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); return ""; } diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h index 50ca074da..5ea5aaa61 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.h +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.h @@ -38,7 +38,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; int32_t GetPermissionUsedRecords(const PermissionUsedRequestParcel& request, const sptr& callback) override; - std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; + std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) override; int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index bc8b417b2..3ff5cdaf0 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -45,7 +45,7 @@ public: int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); int32_t GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback); - std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName); + std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); int32_t RegisterPermActiveStatusCallback( diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 116249c7f..347db8602 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -45,7 +45,7 @@ public: const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) override; - std::string DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) override; + std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) override; int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 59a4036c9..c6c535124 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -397,12 +397,12 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) return Constant::SUCCESS; } -std::string PermissionRecordManager::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName=%{public}s, permissionName=%{public}s", - bundleName.c_str(), permissionName.c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID=%{public}d, permissionName=%{public}s", + tokenID, permissionName.c_str()); PermissionUsedRequest request; - request.bundleName = bundleName; + request.tokenId = tokenID; request.flag = FLAG_PERMISSION_USAGE_DETAIL; if (!permissionName.empty()) { request.permissionList.emplace_back(permissionName); diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 92e690931..03143c7a5 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -50,7 +50,6 @@ void PrivacyManagerService::OnStart() ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService has already started!"); return; } - ACCESSTOKEN_LOG_INFO(LABEL, "PrivacyManagerService is starting"); if (!Initialize()) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); return; @@ -73,30 +72,22 @@ void PrivacyManagerService::OnStop() int32_t PrivacyManagerService::AddPermissionUsedRecord( AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", - tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().AddPermissionUsedRecord( tokenID, permissionName, successCount, failCount); } int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", - tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().StartUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, permission: %{public}s", - tokenID, permissionName.c_str()); return PermissionRecordManager::GetInstance().StopUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID: 0x%{public}x, deviceID: %{public}s", - tokenID, ConstantCommon::EncryptDevId(deviceID).c_str()); PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID); return Constant::SUCCESS; } @@ -104,7 +95,6 @@ int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID int32_t PrivacyManagerService::GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); PermissionUsedResult permissionRecord; int32_t ret = PermissionRecordManager::GetInstance().GetPermissionUsedRecords(request.request, permissionRecord); result.result = permissionRecord; @@ -114,15 +104,12 @@ int32_t PrivacyManagerService::GetPermissionUsedRecords( int32_t PrivacyManagerService::GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); return PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request.request, callback); } -std::string PrivacyManagerService::DumpRecordInfo(const std::string& bundleName, const std::string& permissionName) +std::string PrivacyManagerService::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, bundleName: %{public}s, permissionName: %{public}s", - bundleName.c_str(), permissionName.c_str()); - return PermissionRecordManager::GetInstance().DumpRecordInfo(bundleName, permissionName); + return PermissionRecordManager::GetInstance().DumpRecordInfo(tokenID, permissionName); } int32_t PrivacyManagerService::RegisterPermActiveStatusCallback( diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp index 10a767c8f..18937294b 100644 --- a/services/privacymanager/src/service/privacy_manager_stub.cpp +++ b/services/privacymanager/src/service/privacy_manager_stub.cpp @@ -159,9 +159,9 @@ void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, void PrivacyManagerStub::DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply) { - std::string bundleName = data.ReadString(); + AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); - std::string dumpInfo = this->DumpRecordInfo(bundleName, permissionName); + std::string dumpInfo = this->DumpRecordInfo(tokenID, permissionName); reply.WriteString(dumpInfo); } diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index 1ec70cede..561150cab 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -31,7 +31,7 @@ const struct option LONG_OPTIONS_DUMP[] = { {"help", no_argument, nullptr, 'h'}, {"token-info", no_argument, nullptr, 't'}, {"record-info", no_argument, nullptr, 'r'}, - {"bundle-name", required_argument, nullptr, 'b'}, + {"token-id", required_argument, nullptr, 'i'}, {"permission-name", required_argument, nullptr, 'p'}, {nullptr, 0, nullptr, 0} }; @@ -79,7 +79,7 @@ ErrCode AtmCommand::RunAsDumpCommand() std::string dumpInfo = ""; bool isDumpTokenInfo = false; bool isDumpRecordInfo = false; - std::string bundleName = ""; + uint32_t tokenId = 0; std::string permissionName = ""; int option = -1; int counter = 0; @@ -103,7 +103,7 @@ ErrCode AtmCommand::RunAsDumpCommand() } result = RunAsDumpCommandExistentOptionArgument( - option, isDumpTokenInfo, isDumpRecordInfo, bundleName, permissionName); + option, isDumpTokenInfo, isDumpRecordInfo, tokenId, permissionName); } if (result != OHOS::ERR_OK) { @@ -114,7 +114,7 @@ ErrCode AtmCommand::RunAsDumpCommand() resultReceiver_.append(dumpInfo + "\n"); } if (isDumpRecordInfo) { - dumpInfo = PrivacyKit::DumpRecordInfo(bundleName, permissionName); + dumpInfo = PrivacyKit::DumpRecordInfo(tokenId, permissionName); resultReceiver_.append(dumpInfo + "\n"); } } @@ -149,15 +149,15 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) result = OHOS::ERR_INVALID_VALUE; break; } - case 'b' : { - // 'atm dump -b' with no argument + case 'i' : { + // 'atm dump -r -i' with no argument resultReceiver_.append("error: option "); resultReceiver_.append("requires a value.\n"); result = OHOS::ERR_INVALID_VALUE; break; } case 'p' : { - // 'atm dump -p' with no argument + // 'atm dump -r -p' with no argument resultReceiver_.append("error: option "); resultReceiver_.append("requires a value.\n"); result = OHOS::ERR_INVALID_VALUE; @@ -176,7 +176,7 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) } ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int &option, - bool &isDumpTokenInfo, bool &isDumpRecordInfo, std::string& bundleName, std::string& permissionName) + bool &isDumpTokenInfo, bool &isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName) { ErrCode result = ERR_OK; switch (option) { @@ -190,10 +190,10 @@ ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int &option, case 'r': isDumpRecordInfo = true; break; - case 'b': + case 't': isDumpRecordInfo = true; if (optarg != nullptr) { - bundleName = optarg; + tokenId = std::atoi(optarg); } break; case 'p': -- Gitee From c9bfce86ec08ab1643ee8c7aa2fa8d1a2ccab1b5 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 10:14:41 +0800 Subject: [PATCH 04/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../innerkits/privacy/src/privacy_manager_proxy.cpp | 6 +++--- .../src/record/permission_record_manager.cpp | 8 -------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index 3745b7c58..6ad838a8e 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -194,11 +194,11 @@ std::string PrivacyManagerProxy::DumpRecordInfo(AccessTokenID tokenID, const std MessageParcel data; MessageParcel reply; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!data.WriteString(bundleName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(bundleName)"); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); return ""; } - if (!data.WriteUint32(tokenID)) { + if (!data.WriteString(permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); return ""; } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index c6c535124..c08128743 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -177,8 +177,6 @@ bool PermissionRecordManager::GetPermissionsRecord(int32_t visitorId, const std: int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}x, permissionName: %{public}s", - tokenID, permissionName.c_str()); ExecuteDeletePermissionRecordTask(); if (AccessTokenKit::GetTokenTypeFlag(tokenID) != TOKEN_HAP) { @@ -199,8 +197,6 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenID, void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}x", tokenID); - Utils::UniqueWriteGuard lk(this->rwLock_); PermissionVisitor visitor; if (!GetPermissionVisitor(tokenID, visitor) && deviceID.empty()) { @@ -229,7 +225,6 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenID, int32_t PermissionRecordManager::GetPermissionUsedRecords( const PermissionUsedRequest& request, PermissionUsedResult& result) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); ExecuteDeletePermissionRecordTask(); if (!GetRecordsFromDB(request, result)) { @@ -242,7 +237,6 @@ int32_t PermissionRecordManager::GetPermissionUsedRecords( int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); auto task = [request, callback]() { ACCESSTOKEN_LOG_INFO(LABEL, "GetPermissionUsedRecordsAsync task called"); PermissionUsedResult result; @@ -399,8 +393,6 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenID=%{public}d, permissionName=%{public}s", - tokenID, permissionName.c_str()); PermissionUsedRequest request; request.tokenId = tokenID; request.flag = FLAG_PERMISSION_USAGE_DETAIL; -- Gitee From e09cbfd1846eebda5081691ce34305dc13035e8a Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 10:32:22 +0800 Subject: [PATCH 05/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- tools/accesstoken/include/atm_command.h | 2 +- tools/accesstoken/src/atm_command.cpp | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/accesstoken/include/atm_command.h b/tools/accesstoken/include/atm_command.h index 7ff2ec319..1f7ffc6f7 100644 --- a/tools/accesstoken/include/atm_command.h +++ b/tools/accesstoken/include/atm_command.h @@ -51,7 +51,7 @@ private: ErrCode RunAsDumpCommandError(void); ErrCode RunAsDumpCommandMissingOptionArgument(void); ErrCode RunAsDumpCommandExistentOptionArgument(const int &option, - bool &isDumpTokenInfo, bool &isDumpRecordInfo, std::string& bundleName, std::string& permissionName); + bool &isDumpTokenInfo, bool &isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName); }; } // namespace AccessToken } // namespace Security diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index 561150cab..33233b4d7 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -175,8 +175,8 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) return result; } -ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int &option, - bool &isDumpTokenInfo, bool &isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName) +ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int& option, + bool& isDumpTokenInfo, bool& isDumpRecordInfo, uint32_t& tokenId, std::string& permissionName) { ErrCode result = ERR_OK; switch (option) { @@ -190,7 +190,7 @@ ErrCode AtmCommand::RunAsDumpCommandExistentOptionArgument(const int &option, case 'r': isDumpRecordInfo = true; break; - case 't': + case 'i': isDumpRecordInfo = true; if (optarg != nullptr) { tokenId = std::atoi(optarg); -- Gitee From 832f1b14e2308fe9dfab604af00a5664f288cb99 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 12:18:08 +0800 Subject: [PATCH 06/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../common/database/include/field_const.h | 4 - services/privacymanager/BUILD.gn | 2 - .../include/database/data_translator.h | 2 +- .../database/permission_used_record_db.h | 7 +- .../include/record/permission_record.h | 2 +- .../record/permission_record_manager.h | 20 +- .../include/record/permission_visitor.h | 42 ----- .../record/permission_visitor_repository.h | 40 ---- .../src/database/data_translator.cpp | 13 +- .../database/permission_used_record_db.cpp | 78 +++----- .../src/record/permission_record.cpp | 4 +- .../src/record/permission_record_manager.cpp | 172 +++++------------- .../src/record/permission_visitor.cpp | 42 ----- .../record/permission_visitor_repository.cpp | 89 --------- .../src/service/privacy_manager_service.cpp | 4 +- 15 files changed, 90 insertions(+), 431 deletions(-) delete mode 100644 services/privacymanager/include/record/permission_visitor.h delete mode 100644 services/privacymanager/include/record/permission_visitor_repository.h delete mode 100644 services/privacymanager/src/record/permission_visitor.cpp delete mode 100644 services/privacymanager/src/record/permission_visitor_repository.cpp diff --git a/services/common/database/include/field_const.h b/services/common/database/include/field_const.h index 7689a5272..54f5e2136 100644 --- a/services/common/database/include/field_const.h +++ b/services/common/database/include/field_const.h @@ -47,10 +47,6 @@ const std::string FIELD_GRANT_STATE = "grant_state"; const std::string FIELD_GRANT_FLAG = "grant_flag"; const std::string FIELD_GRANT_IS_GENERAL = "is_general"; -const std::string FIELD_ID = "id"; -const std::string FIELD_IS_REMOTE_DEVICE = "is_remote_device"; - -const std::string FIELD_VISITOR_ID = "visitor_id"; const std::string FIELD_OP_CODE = "op_code"; const std::string FIELD_STATUS = "status"; const std::string FIELD_TIMESTAMP = "timestamp"; diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index bd0ccba5b..958233c54 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -53,8 +53,6 @@ if (is_standard_system) { "src/record/permission_record.cpp", "src/record/permission_record_manager.cpp", "src/record/permission_record_repository.cpp", - "src/record/permission_visitor.cpp", - "src/record/permission_visitor_repository.cpp", "src/service/privacy_manager_service.cpp", "src/service/privacy_manager_stub.cpp", ] diff --git a/services/privacymanager/include/database/data_translator.h b/services/privacymanager/include/database/data_translator.h index 60e07037e..488d887ff 100644 --- a/services/privacymanager/include/database/data_translator.h +++ b/services/privacymanager/include/database/data_translator.h @@ -28,7 +28,7 @@ namespace AccessToken { class DataTranslator final { public: static int32_t TranslationIntoGenericValues(const PermissionUsedRequest& request, - GenericValues& visitorGenericValues, GenericValues& andGenericValues, GenericValues& orGenericValues); + GenericValues& andGenericValues, GenericValues& orGenericValues); static int32_t TranslationGenericValuesIntoPermissionUsedRecord( const GenericValues& inGenericValues, PermissionUsedRecord& permissionRecord); }; diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index 059e0082a..4ddbc5822 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -33,7 +33,6 @@ public: class PermissionUsedRecordDb : public SqliteHelper { public: enum DataType { - PERMISSION_VISITOR = 0, PERMISSION_RECORD, }; enum ExecuteResult { FAILURE = -1, SUCCESS }; @@ -47,7 +46,7 @@ public: int32_t FindByConditions(const DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); int32_t Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions); - int32_t RefreshAll(const DataType type, const std::vector& values); + int32_t GetDistinctValue(const DataType type, const std::string conditionColumns); void OnCreate() override; void OnUpdate() override; @@ -59,7 +58,6 @@ private: std::map dataTypeToSqlTable_; OHOS::Utils::RWLock rwLock_; - int32_t CreatePermissionVisitorTable() const; int32_t CreatePermissionRecordTable() const; std::string CreateInsertPrepareSqlCmd(const DataType type) const; @@ -70,9 +68,10 @@ private: const std::vector& andColumns, const std::vector& orColumns) const; std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const; + std::string PermissionUsedRecordDb::CreateGetDistinctValue(const DataType type, + const std::string conditionColumns) const; private: - inline static const std::string PERMISSION_VISITOR_TABLE = "permission_visitor_table"; inline static const std::string PERMISSION_RECORD_TABLE = "permission_record_table"; inline static const std::string DATABASE_NAME = "permission_used_record.db"; inline static const std::string DATABASE_PATH = "/data/service/el1/public/access_token/"; diff --git a/services/privacymanager/include/record/permission_record.h b/services/privacymanager/include/record/permission_record.h index 3c61287dd..f2c0abb07 100644 --- a/services/privacymanager/include/record/permission_record.h +++ b/services/privacymanager/include/record/permission_record.h @@ -22,7 +22,7 @@ namespace OHOS { namespace Security { namespace AccessToken { struct PermissionRecord { - int32_t visitorId = 0; + uint32_t tokenId = 0; int32_t opCode = 0; int32_t status = 0; int64_t timestamp = 0L; diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 3ff5cdaf0..79eafea39 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -25,7 +25,6 @@ #include "permission_record.h" #include "permission_used_request.h" #include "permission_used_result.h" -#include "permission_visitor.h" #include "rwlock.h" #include "thread_pool.h" @@ -40,31 +39,30 @@ public: void Init(); int32_t AddPermissionUsedRecord( - AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount); - void RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID); + AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); + void RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID); int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); int32_t GetPermissionUsedRecordsAsync( const PermissionUsedRequest& request, const sptr& callback); - std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName); - int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName); - int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName); + std::string DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName); + int32_t StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName); + int32_t StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName); int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback); int32_t UnRegisterPermActiveStatusCallback(const sptr& callback); - bool GetPermissionVisitor(AccessTokenID tokenID, PermissionVisitor& visitor); private: PermissionRecordManager(); DISALLOW_COPY_AND_MOVE(PermissionRecordManager); - bool AddVisitor(AccessTokenID tokenID, int32_t& visitorId); - bool AddRecord(int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount); - bool GetPermissionsRecord(int32_t visitorId, const std::string& permissionName, + bool GetLocalRecordTokenIdList(std::vector& tokenIdList); + bool AddRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); + bool GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record); void ExecuteDeletePermissionRecordTask(); int32_t DeletePermissionRecord(int32_t days); - bool GetRecordsFromDB(const PermissionUsedRequest& request, PermissionUsedResult& result); + bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); bool GetRecords(int32_t flag, std::vector recordValues, BundleUsedRecord& bundleRecord, PermissionUsedResult& result); void UpdateRecords(int32_t flag, const PermissionUsedRecord& inBundleRecord, PermissionUsedRecord& outBundleRecord); diff --git a/services/privacymanager/include/record/permission_visitor.h b/services/privacymanager/include/record/permission_visitor.h deleted file mode 100644 index 212094c51..000000000 --- a/services/privacymanager/include/record/permission_visitor.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PERMISSION_VISITOR_H -#define PERMISSION_VISITOR_H - -#include -#include "access_token.h" -#include "generic_values.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -struct PermissionVisitor { - int32_t id = -1; - AccessTokenID tokenId = 0; - bool isRemoteDevice = false; - std::string deviceId; - int32_t userId; - std::string bundleName; - - PermissionVisitor() = default; - - static void TranslationIntoGenericValues(const PermissionVisitor& visitor, GenericValues& values); - static void TranslationIntoPermissionVisitor(const GenericValues& values, PermissionVisitor& visitor); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // PERMISSION_VISITOR_H diff --git a/services/privacymanager/include/record/permission_visitor_repository.h b/services/privacymanager/include/record/permission_visitor_repository.h deleted file mode 100644 index 3fdc41159..000000000 --- a/services/privacymanager/include/record/permission_visitor_repository.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PERMISSION_VISITOR_REPOSITORY_H -#define PERMISSION_VISITOR_REPOSITORY_H - -#include -#include "generic_values.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class PermissionVisitorRepository final { -public: - virtual ~PermissionVisitorRepository(); - PermissionVisitorRepository(); - - static PermissionVisitorRepository& GetInstance(); - - bool AddVisitorValues(const GenericValues& visitorValues); - bool FindVisitorValues(const GenericValues& andConditionValues, - const GenericValues& orConditionValues, std::vector& visitorValues); - bool RemoveVisitorValues(const GenericValues& conditionValues); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // PERMISSION_VISITOR_REPOSITORY_H diff --git a/services/privacymanager/src/database/data_translator.cpp b/services/privacymanager/src/database/data_translator.cpp index 514fbe314..27753200f 100644 --- a/services/privacymanager/src/database/data_translator.cpp +++ b/services/privacymanager/src/database/data_translator.cpp @@ -23,7 +23,7 @@ namespace OHOS { namespace Security { namespace AccessToken { int32_t DataTranslator::TranslationIntoGenericValues(const PermissionUsedRequest& request, - GenericValues& visitorGenericValues, GenericValues& andGenericValues, GenericValues& orGenericValues) + GenericValues& andGenericValues, GenericValues& orGenericValues) { int64_t begin = request.beginTimeMillis; int64_t end = request.endTimeMillis; @@ -48,17 +48,6 @@ int32_t DataTranslator::TranslationIntoGenericValues(const PermissionUsedRequest andGenericValues.Put(FIELD_TIMESTAMP_END, end); } - if (!request.deviceId.empty()) { - visitorGenericValues.Put(FIELD_DEVICE_ID, request.deviceId); - } - if (!request.bundleName.empty()) { - visitorGenericValues.Put(FIELD_BUNDLE_NAME, request.bundleName); - } - - if (request.tokenId != 0) { - visitorGenericValues.Put(FIELD_TOKEN_ID, (int32_t)request.tokenId); - } - for (const auto& perm : request.permissionList) { int32_t opCode; if (Constant::TransferPermissionToOpcode(perm, opCode)) { diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index 60b82be4b..67eb20f35 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -41,7 +41,6 @@ PermissionUsedRecordDb::~PermissionUsedRecordDb() void PermissionUsedRecordDb::OnCreate() { ACCESSTOKEN_LOG_INFO(LABEL, "Entry"); - CreatePermissionVisitorTable(); CreatePermissionRecordTable(); } @@ -52,21 +51,10 @@ void PermissionUsedRecordDb::OnUpdate() PermissionUsedRecordDb::PermissionUsedRecordDb() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATABASE_VERSION) { - SqliteTable permissionVisorTable; - permissionVisorTable.tableName_ = PERMISSION_VISITOR_TABLE; - permissionVisorTable.tableColumnNames_ = { - FIELD_ID, - FIELD_TOKEN_ID, - FIELD_IS_REMOTE_DEVICE, - FIELD_DEVICE_ID, - FIELD_USER_ID, - FIELD_BUNDLE_NAME - }; - SqliteTable permissionRecordTable; permissionRecordTable.tableName_ = PERMISSION_RECORD_TABLE; permissionRecordTable.tableColumnNames_ = { - FIELD_VISITOR_ID, + FIELD_TOKEN_ID, FIELD_OP_CODE, FIELD_STATUS, FIELD_TIMESTAMP, @@ -76,7 +64,6 @@ PermissionUsedRecordDb::PermissionUsedRecordDb() : SqliteHelper(DATABASE_NAME, D }; dataTypeToSqlTable_ = { - {PERMISSION_VISITOR, permissionVisorTable}, {PERMISSION_RECORD, permissionRecordTable}, }; Open(); @@ -193,35 +180,24 @@ int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const Gene return SUCCESS; } -int32_t PermissionUsedRecordDb::RefreshAll(const DataType type, const std::vector& values) +int32_t PermissionUsedRecordDb::GetDistinctValue(const DataType type, + const std::string conditionColumns) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); - std::string deleteSql = CreateDeletePrepareSqlCmd(type); - std::string insertSql = CreateInsertPrepareSqlCmd(type); - auto deleteStatement = Prepare(deleteSql); - auto insertStatement = Prepare(insertSql); - BeginTransaction(); - bool canCommit = deleteStatement.Step() == Statement::State::DONE; - for (const auto& value : values) { - std::vector columnNames = value.GetAllKeys(); - for (const auto& columnName : columnNames) { - insertStatement.Bind(columnName, value.Get(columnName)); - } - int32_t ret = insertStatement.Step(); - if (ret != Statement::State::DONE) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "insert failed, errorMsg: %{public}s", SpitError().c_str()); - canCommit = false; + std::string getDistinctValueSql = CreateGetDistinctValue(type, conditionColumns); + auto statement = Prepare(getDistinctValueSql); + while (statement.Step() == Statement::State::ROW) { + int32_t columnCount = statement.GetColumnCount(); + GenericValues value; + for (int32_t i = 0; i < columnCount; i++) { + if (statement.GetColumnName(i) == FIELD_TOKEN_ID) { + value.Put(statement.GetColumnName(i), statement.GetValue(i, false)); + } else if (statement.GetColumnName(i) == FIELD_DEVICE_ID) { + value.Put(statement.GetColumnName(i), statement.GetColumnString(i)); + } } - insertStatement.Reset(); - } - if (!canCommit) { - ACCESSTOKEN_LOG_ERROR(LABEL, "rollback transaction."); - RollbackTransaction(); - return FAILURE; + results.emplace_back(value); } - ACCESSTOKEN_LOG_INFO(LABEL, "commit transaction."); - CommitTransaction(); return SUCCESS; } @@ -335,22 +311,16 @@ std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(const D return sql; } -int32_t PermissionUsedRecordDb::CreatePermissionVisitorTable() const +std::string PermissionUsedRecordDb::CreateGetDistinctValue(const DataType type, + const std::string conditionColumns) const { - auto it = dataTypeToSqlTable_.find(DataType::PERMISSION_VISITOR); + auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { - return FAILURE; + return std::string(); } - std::string sql = "create table if not exists "; - sql.append(it->second.tableName_ + " (") - .append(FIELD_ID + " integer PRIMARY KEY autoincrement not null,") - .append(FIELD_TOKEN_ID + " integer not null,") - .append(FIELD_IS_REMOTE_DEVICE + " integer not null,") - .append(FIELD_DEVICE_ID + " text not null,") - .append(FIELD_USER_ID + " integer not null,") - .append(FIELD_BUNDLE_NAME + " text not null") - .append(")"); - return ExecuteSql(sql); + std::string sql = "select distinct "; + sql.append(conditionColumns + " from "+ it->second.tableName_); + return sql; } int32_t PermissionUsedRecordDb::CreatePermissionRecordTable() const @@ -361,14 +331,14 @@ int32_t PermissionUsedRecordDb::CreatePermissionRecordTable() const } std::string sql = "create table if not exists "; sql.append(it->second.tableName_ + " (") - .append(FIELD_VISITOR_ID + " integer not null,") + .append(FIELD_TOKEN_ID + " integer not null,") .append(FIELD_OP_CODE + " integer not null,") .append(FIELD_STATUS + " integer not null,") .append(FIELD_TIMESTAMP + " integer not null,") .append(FIELD_ACCESS_DURATION + " integer not null,") .append(FIELD_ACCESS_COUNT + " integer not null,") .append(FIELD_REJECT_COUNT + " integer not null,") - .append("primary key(" + FIELD_VISITOR_ID) + .append("primary key(" + FIELD_TOKEN_ID) .append("," + FIELD_OP_CODE) .append("," + FIELD_STATUS) .append("," + FIELD_TIMESTAMP) diff --git a/services/privacymanager/src/record/permission_record.cpp b/services/privacymanager/src/record/permission_record.cpp index 48906ef03..9509f1141 100644 --- a/services/privacymanager/src/record/permission_record.cpp +++ b/services/privacymanager/src/record/permission_record.cpp @@ -21,7 +21,7 @@ namespace Security { namespace AccessToken { void PermissionRecord::TranslationIntoGenericValues(const PermissionRecord& record, GenericValues& values) { - values.Put(FIELD_VISITOR_ID, record.visitorId); + values.Put(FIELD_TOKEN_ID, record.tokenId); values.Put(FIELD_OP_CODE, record.opCode); values.Put(FIELD_STATUS, record.status); values.Put(FIELD_TIMESTAMP, record.timestamp); @@ -32,7 +32,7 @@ void PermissionRecord::TranslationIntoGenericValues(const PermissionRecord& reco void PermissionRecord::TranslationIntoPermissionRecord(const GenericValues& values, PermissionRecord& record) { - record.visitorId = values.GetInt(FIELD_VISITOR_ID); + record.tokenId = values.GetInt(FIELD_TOKEN_ID); record.opCode = values.GetInt(FIELD_OP_CODE); record.status = values.GetInt(FIELD_STATUS); record.timestamp = values.GetInt64(FIELD_TIMESTAMP); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index c08128743..44a56b5ef 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -22,7 +22,6 @@ #include "data_translator.h" #include "field_const.h" #include "permission_record_repository.h" -#include "permission_visitor_repository.h" #include "active_status_callback_manager.h" #include "time_util.h" #include "to_string.h" @@ -52,58 +51,19 @@ PermissionRecordManager::~PermissionRecordManager() hasInited_ = false; } -bool PermissionRecordManager::AddVisitor(AccessTokenID tokenID, int32_t& visitorId) +bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); - PermissionVisitor visitor; - if (!GetPermissionVisitor(tokenID, visitor)) { - return false; - } - - GenericValues visitorValues; - GenericValues nullValues; - std::vector resultValues; - PermissionVisitor::TranslationIntoGenericValues(visitor, visitorValues); - if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, resultValues)) { - return false; - } - if (resultValues.empty()) { - if (!PermissionVisitorRepository::GetInstance().AddVisitorValues(visitorValues)) { - return false; - } - if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, resultValues)) { - return false; - } - } - PermissionVisitor::TranslationIntoPermissionVisitor(resultValues[0], visitor); - visitorId = visitor.id; - return true; -} - -bool PermissionRecordManager::GetPermissionVisitor(AccessTokenID tokenID, PermissionVisitor& visitor) -{ - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenID, tokenInfo) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); - return false; - } - visitor.isRemoteDevice = true; - visitor.userId = tokenInfo.userID; - visitor.bundleName = tokenInfo.bundleName; - if (IsLocalDevice(tokenInfo.deviceID)) { - visitor.deviceId = ConstantCommon::GetLocalDeviceId(); - visitor.isRemoteDevice = false; - visitor.tokenId = tokenID; - } + // PermissionRecordRepository::GetInstance().xxx(); + return true; } bool PermissionRecordManager::AddRecord( - int32_t visitorId, const std::string& permissionName, int32_t successCount, int32_t failCount) + AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) { ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); PermissionRecord record; - if (!GetPermissionsRecord(visitorId, permissionName, successCount, failCount, record)) { + if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { return false; } @@ -152,7 +112,7 @@ bool PermissionRecordManager::AddRecord( return PermissionRecordRepository::GetInstance().AddRecordValues(insertValues); } -bool PermissionRecordManager::GetPermissionsRecord(int32_t visitorId, const std::string& permissionName, +bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record) { int32_t opCode; @@ -164,7 +124,7 @@ bool PermissionRecordManager::GetPermissionsRecord(int32_t visitorId, const std: ACCESSTOKEN_LOG_ERROR(LABEL, "successCount and failCount are both zero"); return false; } - record.visitorId = visitorId; + record.tokenId = tokenId; record.accessCount = successCount; record.rejectCount = failCount; record.opCode = opCode; @@ -174,52 +134,39 @@ bool PermissionRecordManager::GetPermissionsRecord(int32_t visitorId, const std: return true; } -int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenID, const std::string& permissionName, +int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) { ExecuteDeletePermissionRecordTask(); - if (AccessTokenKit::GetTokenTypeFlag(tokenID) != TOKEN_HAP) { + if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { ACCESSTOKEN_LOG_DEBUG(LABEL, "Invalid token type"); return Constant::SUCCESS; } Utils::UniqueWriteGuard lk(this->rwLock_); - int32_t visitorId; - if (!AddVisitor(tokenID, visitorId)) { - return Constant::FAILURE; - } - if (!AddRecord(visitorId, permissionName, successCount, failCount)) { + if (!AddRecord(tokenId, permissionName, successCount, failCount)) { return Constant::FAILURE; } return Constant::SUCCESS; } -void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) { - Utils::UniqueWriteGuard lk(this->rwLock_); - PermissionVisitor visitor; - if (!GetPermissionVisitor(tokenID, visitor) && deviceID.empty()) { - return; - } - if (!deviceID.empty()) { - visitor.deviceId = deviceID; - } - - GenericValues nullValues; - GenericValues visitorValues; - std::vector findVisitorValues; - PermissionVisitor::TranslationIntoGenericValues(visitor, visitorValues); - if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, findVisitorValues)) { + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); return; } - for (const auto& visitor : findVisitorValues) { + if (IsLocalDevice(tokenInfo.deviceID)) { + Utils::UniqueWriteGuard lk(this->rwLock_); GenericValues record; - record.Put(FIELD_VISITOR_ID, visitor.GetInt(FIELD_ID)); + record.Put(FIELD_TOKEN_ID, tokenId); PermissionRecordRepository::GetInstance().RemoveRecordValues(record); + } else { + // distributed permission record } - PermissionVisitorRepository::GetInstance().RemoveVisitorValues(visitorValues); } int32_t PermissionRecordManager::GetPermissionUsedRecords( @@ -227,8 +174,8 @@ int32_t PermissionRecordManager::GetPermissionUsedRecords( { ExecuteDeletePermissionRecordTask(); - if (!GetRecordsFromDB(request, result)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetRecordsFromDB"); + if (!request.isRemote && !GetRecordsFromLocalDB(request, result)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to GetRecordsFromLocalDB"); return Constant::FAILURE; } return Constant::SUCCESS; @@ -248,40 +195,40 @@ int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( return Constant::SUCCESS; } -bool PermissionRecordManager::GetRecordsFromDB(const PermissionUsedRequest& request, PermissionUsedResult& result) +bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result) { - GenericValues visitorValues; GenericValues andConditionValues; GenericValues orConditionValues; - if (DataTranslator::TranslationIntoGenericValues(request, visitorValues, andConditionValues, - orConditionValues) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "query time is invalid"); + if (DataTranslator::TranslationIntoGenericValues(request, andConditionValues, orConditionValues) + != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "query time or flag is invalid"); return false; } - GenericValues nullValues; - std::vector findVisitorValues; - if (!PermissionVisitorRepository::GetInstance().FindVisitorValues(visitorValues, nullValues, findVisitorValues)) { - return false; - } - if (findVisitorValues.empty()) { - ACCESSTOKEN_LOG_INFO(LABEL, "no visitor"); - return true; + std::vector tokenIdList; + if (request.tokenId = 0) { + GetLocalRecordTokenIdList(tokenIdList); + } else { + tokenIdList.emplace_back(request.tokenId); } - for (const auto& visitor : findVisitorValues) { - andConditionValues.Put(FIELD_VISITOR_ID, visitor.GetInt(FIELD_ID)); - std::vector findRecordsValues; - BundleUsedRecord bundleRecord; + for (const auto& tokenId : tokenIdList) { + andConditionValues.Put(FIELD_TOKEN_ID, tokenId); + std::vector findRecordsValues; if (!PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { return false; } - andConditionValues.Remove(FIELD_VISITOR_ID); - bundleRecord.tokenId = (AccessTokenID)visitor.GetInt(FIELD_TOKEN_ID); - bundleRecord.isRemote = visitor.GetInt(FIELD_IS_REMOTE_DEVICE); - bundleRecord.deviceId = visitor.GetString(FIELD_DEVICE_ID); - bundleRecord.bundleName = visitor.GetString(FIELD_BUNDLE_NAME); + andConditionValues.Remove(FIELD_TOKEN_ID); + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { + continue; + } + BundleUsedRecord bundleRecord; + bundleRecord.tokenId = tokenId; + bundleRecord.isRemote = false; + bundleRecord.deviceId = ConstantCommon::GetLocalDeviceId(); + bundleRecord.bundleName = tokenId.bundleName; if (!findRecordsValues.empty()) { if (!GetRecords(request.flag, findRecordsValues, bundleRecord, result)) { @@ -391,18 +338,18 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) return Constant::SUCCESS; } -std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName) { PermissionUsedRequest request; - request.tokenId = tokenID; + request.tokenId = tokenId; request.flag = FLAG_PERMISSION_USAGE_DETAIL; if (!permissionName.empty()) { request.permissionList.emplace_back(permissionName); } PermissionUsedResult result; - if (!GetRecordsFromDB(request, result)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "failed to GetRecordsFromDB"); + if (!GetRecordsFromLocalDB(request, result)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "failed to GetRecordsFromLocalDB"); return ""; } @@ -415,31 +362,6 @@ std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenID, const return dumpInfo; } -int32_t PermissionRecordManager::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) -{ - // to do - PermissionVisitor visitor; - if (!GetPermissionVisitor(tokenID, visitor)) { - return Constant::FAILURE; - } - ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( - tokenID, permissionName, visitor.deviceId, PERM_ACTIVE_IN_FOREGROUND); - return Constant::SUCCESS; -} - -int32_t PermissionRecordManager::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) -{ - // to do - PermissionVisitor visitor; - if (!GetPermissionVisitor(tokenID, visitor)) { - return Constant::FAILURE; - } - - ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( - tokenID, permissionName, visitor.deviceId, PERM_INACTIVE); - return Constant::SUCCESS; -} - int32_t PermissionRecordManager::RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) { diff --git a/services/privacymanager/src/record/permission_visitor.cpp b/services/privacymanager/src/record/permission_visitor.cpp deleted file mode 100644 index d0b126b13..000000000 --- a/services/privacymanager/src/record/permission_visitor.cpp +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "permission_visitor.h" -#include "field_const.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -void PermissionVisitor::TranslationIntoGenericValues(const PermissionVisitor& visitor, GenericValues& values) -{ - values.Put(FIELD_TOKEN_ID, (int32_t)visitor.tokenId); - values.Put(FIELD_IS_REMOTE_DEVICE, visitor.isRemoteDevice ? 1 : 0); - values.Put(FIELD_DEVICE_ID, visitor.deviceId); - values.Put(FIELD_USER_ID, visitor.userId); - values.Put(FIELD_BUNDLE_NAME, visitor.bundleName); -} - -void PermissionVisitor::TranslationIntoPermissionVisitor(const GenericValues& values, PermissionVisitor& visitor) -{ - visitor.id = values.GetInt(FIELD_ID); - visitor.tokenId = (AccessTokenID)values.GetInt(FIELD_TOKEN_ID); - visitor.isRemoteDevice = values.GetInt(FIELD_IS_REMOTE_DEVICE); - visitor.deviceId = values.GetString(FIELD_DEVICE_ID); - visitor.userId = values.GetInt(FIELD_USER_ID); - visitor.bundleName = values.GetString(FIELD_BUNDLE_NAME); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/record/permission_visitor_repository.cpp b/services/privacymanager/src/record/permission_visitor_repository.cpp deleted file mode 100644 index 5df400cad..000000000 --- a/services/privacymanager/src/record/permission_visitor_repository.cpp +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "permission_visitor_repository.h" - -#include "accesstoken_log.h" -#include "permission_used_record_db.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionVisitorRepository" -}; -} - -PermissionVisitorRepository& PermissionVisitorRepository::GetInstance() -{ - static PermissionVisitorRepository instance; - return instance; -} - -PermissionVisitorRepository::PermissionVisitorRepository() -{ -} - -PermissionVisitorRepository::~PermissionVisitorRepository() -{ -} - -bool PermissionVisitorRepository::AddVisitorValues(const GenericValues& visitorValues) -{ - GenericValues nullValues; - std::vector insertValues; - std::vector resultValues; - if (PermissionUsedRecordDb::GetInstance().FindByConditions(PermissionUsedRecordDb::PERMISSION_VISITOR, - visitorValues, nullValues, resultValues) != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table find fail"); - return false; - } - if (!resultValues.empty()) { - return true; - } - - insertValues.emplace_back(visitorValues); - if (PermissionUsedRecordDb::GetInstance().Add(PermissionUsedRecordDb::PERMISSION_VISITOR, insertValues) - != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table add fail"); - return false; - } - return true; -} - -bool PermissionVisitorRepository::FindVisitorValues( - const GenericValues& andValues, const GenericValues& orValues, std::vector& visitorValues) -{ - if (PermissionUsedRecordDb::GetInstance().FindByConditions(PermissionUsedRecordDb::PERMISSION_VISITOR, andValues, - orValues, visitorValues) != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table find fail"); - return false; - } - return true; -} - -bool PermissionVisitorRepository::RemoveVisitorValues(const GenericValues& conditionValues) -{ - if (PermissionUsedRecordDb::GetInstance().Remove(PermissionUsedRecordDb::PERMISSION_VISITOR, conditionValues) - != PermissionUsedRecordDb::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_VISITOR table remove fail"); - return false; - } - return true; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 03143c7a5..52bde9197 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -78,12 +78,12 @@ int32_t PrivacyManagerService::AddPermissionUsedRecord( int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().StartUsingPermission(tokenID, permissionName); + return 0; } int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().StopUsingPermission(tokenID, permissionName); + return 0; } int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) -- Gitee From 849db9de78537ce859f7b04a2cda529421606c1f Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 12:41:58 +0800 Subject: [PATCH 07/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../database/permission_used_record_db.h | 4 +-- .../record/permission_record_repository.h | 1 + .../database/permission_used_record_db.cpp | 34 ++----------------- .../src/record/permission_record.cpp | 2 +- .../src/record/permission_record_manager.cpp | 16 ++++++--- .../record/permission_record_repository.cpp | 12 +++++++ 6 files changed, 28 insertions(+), 41 deletions(-) diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index 4ddbc5822..60ca7a1c1 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -42,11 +42,10 @@ public: int32_t Add(const DataType type, const std::vector& values); int32_t Remove(const DataType type, const GenericValues& conditions); - int32_t Find(const DataType type, std::vector& results); int32_t FindByConditions(const DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); int32_t Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions); - int32_t GetDistinctValue(const DataType type, const std::string conditionColumns); + int32_t GetDistinctValue(const DataType type, const std::string& condition, std::vector& results); void OnCreate() override; void OnUpdate() override; @@ -63,7 +62,6 @@ private: std::string CreateInsertPrepareSqlCmd(const DataType type) const; std::string CreateDeletePrepareSqlCmd( const DataType type, const std::vector& columnNames = std::vector()) const; - std::string CreateSelectPrepareSqlCmd(const DataType type) const; std::string CreateSelectByConditionPrepareSqlCmd(const DataType type, const std::vector& andColumns, const std::vector& orColumns) const; std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, diff --git a/services/privacymanager/include/record/permission_record_repository.h b/services/privacymanager/include/record/permission_record_repository.h index ffda94fb5..4cd89a9ae 100644 --- a/services/privacymanager/include/record/permission_record_repository.h +++ b/services/privacymanager/include/record/permission_record_repository.h @@ -33,6 +33,7 @@ public: bool FindRecordValues(const GenericValues& andConditionValues, const GenericValues& orConditionValues, std::vector& recordValues); bool RemoveRecordValues(const GenericValues& conditionValues); + bool GetAllRecordValuesByKey(const std::string& condition, std::vector& resultValues); }; } // namespace AccessToken } // namespace Security diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index 67eb20f35..ed22f053a 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -129,26 +129,6 @@ int32_t PermissionUsedRecordDb::Modify( return (ret == Statement::State::DONE) ? SUCCESS : FAILURE; } -int32_t PermissionUsedRecordDb::Find(const DataType type, std::vector& results) -{ - OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); - std::string prepareSql = CreateSelectPrepareSqlCmd(type); - auto statement = Prepare(prepareSql); - while (statement.Step() == Statement::State::ROW) { - int32_t columnCount = statement.GetColumnCount(); - GenericValues value; - for (int32_t i = 0; i < columnCount; i++) { - if (statement.GetColumnName(i) == FIELD_TIMESTAMP || statement.GetColumnName(i) == FIELD_ACCESS_DURATION) { - value.Put(statement.GetColumnName(i), statement.GetValue(i, true)); - } else { - value.Put(statement.GetColumnName(i), statement.GetValue(i, false)); - } - } - results.emplace_back(value); - } - return SUCCESS; -} - int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results) { @@ -181,10 +161,10 @@ int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const Gene } int32_t PermissionUsedRecordDb::GetDistinctValue(const DataType type, - const std::string conditionColumns) + const std::string& condition, std::vector& results) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); - std::string getDistinctValueSql = CreateGetDistinctValue(type, conditionColumns); + std::string getDistinctValueSql = CreateGetDistinctValue(type, condition); auto statement = Prepare(getDistinctValueSql); while (statement.Step() == Statement::State::ROW) { int32_t columnCount = statement.GetColumnCount(); @@ -267,16 +247,6 @@ std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(const DataType typ return sql; } -std::string PermissionUsedRecordDb::CreateSelectPrepareSqlCmd(const DataType type) const -{ - auto it = dataTypeToSqlTable_.find(type); - if (it == dataTypeToSqlTable_.end()) { - return std::string(); - } - std::string sql = "select * from " + it->second.tableName_; - return sql; -} - std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(const DataType type, const std::vector& andColumns, const std::vector& orColumns) const { diff --git a/services/privacymanager/src/record/permission_record.cpp b/services/privacymanager/src/record/permission_record.cpp index 9509f1141..643ec0f84 100644 --- a/services/privacymanager/src/record/permission_record.cpp +++ b/services/privacymanager/src/record/permission_record.cpp @@ -21,7 +21,7 @@ namespace Security { namespace AccessToken { void PermissionRecord::TranslationIntoGenericValues(const PermissionRecord& record, GenericValues& values) { - values.Put(FIELD_TOKEN_ID, record.tokenId); + values.Put(FIELD_TOKEN_ID, (int32_t)record.tokenId); values.Put(FIELD_OP_CODE, record.opCode); values.Put(FIELD_STATUS, record.status); values.Put(FIELD_TIMESTAMP, record.timestamp); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 44a56b5ef..83d852025 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -53,15 +53,21 @@ PermissionRecordManager::~PermissionRecordManager() bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) { - // PermissionRecordRepository::GetInstance().xxx(); - + std::vector results; + { + Utils::UniqueWriteGuard lk(this->rwLock_); + PermissionRecordRepository::GetInstance().GetAllRecordValuesByKey(FIELD_TOKEN_ID, results); + } + for (const auto& res : results) { + tokenIdList.emplace_back(res.GetInt(FIELD_TOKEN_ID)); + } return true; } bool PermissionRecordManager::AddRecord( AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry"); + Utils::UniqueWriteGuard lk(this->rwLock_); PermissionRecord record; if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { return false; @@ -144,7 +150,6 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, return Constant::SUCCESS; } - Utils::UniqueWriteGuard lk(this->rwLock_); if (!AddRecord(tokenId, permissionName, successCount, failCount)) { return Constant::FAILURE; } @@ -212,9 +217,10 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& tokenIdList.emplace_back(request.tokenId); } + Utils::UniqueWriteGuard lk(this->rwLock_); for (const auto& tokenId : tokenIdList) { andConditionValues.Put(FIELD_TOKEN_ID, tokenId); - std::vector findRecordsValues; + std::vector findRecordsValues; if (!PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { return false; diff --git a/services/privacymanager/src/record/permission_record_repository.cpp b/services/privacymanager/src/record/permission_record_repository.cpp index 7f053023b..ca6db2af0 100644 --- a/services/privacymanager/src/record/permission_record_repository.cpp +++ b/services/privacymanager/src/record/permission_record_repository.cpp @@ -71,6 +71,18 @@ bool PermissionRecordRepository::RemoveRecordValues(const GenericValues& conditi } return true; } + +bool PermissionRecordRepository::GetAllRecordValuesByKey( + const std::string& condition, std::vector& resultValues) +{ + if (PermissionUsedRecordDb::GetInstance().GetDistinctValue(PermissionUsedRecordDb::PERMISSION_RECORD, + condition, resultValues) != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_RECORD table add fail"); + return false; + } + return true; +} + } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file -- Gitee From 8272464fb58489634e1754c9a2b1282b14c98883 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 13:45:21 +0800 Subject: [PATCH 08/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../database/permission_used_record_db.h | 3 +- .../src/record/permission_record_manager.cpp | 48 ++++++++++++------- .../src/service/privacy_manager_service.cpp | 4 +- 3 files changed, 34 insertions(+), 21 deletions(-) diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index 60ca7a1c1..eb972ed42 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -66,8 +66,7 @@ private: const std::vector& andColumns, const std::vector& orColumns) const; std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const; - std::string PermissionUsedRecordDb::CreateGetDistinctValue(const DataType type, - const std::string conditionColumns) const; + std::string CreateGetDistinctValue(const DataType type, const std::string conditionColumns) const; private: inline static const std::string PERMISSION_RECORD_TABLE = "permission_record_table"; diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 83d852025..b20b63b9a 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -51,19 +51,6 @@ PermissionRecordManager::~PermissionRecordManager() hasInited_ = false; } -bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) -{ - std::vector results; - { - Utils::UniqueWriteGuard lk(this->rwLock_); - PermissionRecordRepository::GetInstance().GetAllRecordValuesByKey(FIELD_TOKEN_ID, results); - } - for (const auto& res : results) { - tokenIdList.emplace_back(res.GetInt(FIELD_TOKEN_ID)); - } - return true; -} - bool PermissionRecordManager::AddRecord( AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) { @@ -167,7 +154,7 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, if (IsLocalDevice(tokenInfo.deviceID)) { Utils::UniqueWriteGuard lk(this->rwLock_); GenericValues record; - record.Put(FIELD_TOKEN_ID, tokenId); + record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); PermissionRecordRepository::GetInstance().RemoveRecordValues(record); } else { // distributed permission record @@ -200,6 +187,19 @@ int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( return Constant::SUCCESS; } +bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) +{ + std::vector results; + { + Utils::UniqueWriteGuard lk(this->rwLock_); + PermissionRecordRepository::GetInstance().GetAllRecordValuesByKey(FIELD_TOKEN_ID, results); + } + for (const auto& res : results) { + tokenIdList.emplace_back(res.GetInt(FIELD_TOKEN_ID)); + } + return true; +} + bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result) { GenericValues andConditionValues; @@ -211,7 +211,7 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& } std::vector tokenIdList; - if (request.tokenId = 0) { + if (request.tokenId == 0) { GetLocalRecordTokenIdList(tokenIdList); } else { tokenIdList.emplace_back(request.tokenId); @@ -219,7 +219,7 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& Utils::UniqueWriteGuard lk(this->rwLock_); for (const auto& tokenId : tokenIdList) { - andConditionValues.Put(FIELD_TOKEN_ID, tokenId); + andConditionValues.Put(FIELD_TOKEN_ID, (int32_t)tokenId); std::vector findRecordsValues; if (!PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { @@ -234,7 +234,7 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& bundleRecord.tokenId = tokenId; bundleRecord.isRemote = false; bundleRecord.deviceId = ConstantCommon::GetLocalDeviceId(); - bundleRecord.bundleName = tokenId.bundleName; + bundleRecord.bundleName = tokenInfo.bundleName; if (!findRecordsValues.empty()) { if (!GetRecords(request.flag, findRecordsValues, bundleRecord, result)) { @@ -368,6 +368,20 @@ std::string PermissionRecordManager::DumpRecordInfo(AccessTokenID tokenId, const return dumpInfo; } +int32_t PermissionRecordManager::StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName) +{ + ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( + tokenId, permissionName, ConstantCommon::GetLocalDeviceId(), PERM_ACTIVE_IN_FOREGROUND); + return Constant::SUCCESS; +} + +int32_t PermissionRecordManager::StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName) +{ + ActiveStatusCallbackManager::GetInstance().ExecuteCallbackAsync( + tokenId, permissionName, ConstantCommon::GetLocalDeviceId(), PERM_INACTIVE); + return Constant::SUCCESS; +} + int32_t PermissionRecordManager::RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) { diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 52bde9197..03143c7a5 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -78,12 +78,12 @@ int32_t PrivacyManagerService::AddPermissionUsedRecord( int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - return 0; + return PermissionRecordManager::GetInstance().StartUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) { - return 0; + return PermissionRecordManager::GetInstance().StopUsingPermission(tokenID, permissionName); } int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) -- Gitee From 403f2589580b57df3c505cca5041fccb6e5dda12 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 15:06:02 +0800 Subject: [PATCH 09/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../test/unittest/src/privacy_kit_test.cpp | 17 ------- .../record/permission_record_manager.h | 2 +- .../src/record/permission_record_manager.cpp | 45 +++++++++++++------ .../record/permission_record_repository.cpp | 1 - tools/accesstoken/include/atm_command.h | 2 +- 5 files changed, 33 insertions(+), 34 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 4f7ed70a6..3ba27bd00 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -434,28 +434,11 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecords002, TestSize.Level1) request.bundleName = g_InfoParmsA.bundleName; CheckPermissionUsedResult(request, result, 3, 3, 0); - // query by deviceId and bundle Name - BuildQueryRequest(0, GetLocalDeviceUdid(), g_InfoParmsA.bundleName, permissionList, request); - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(1, result.bundleRecords.size()); - request.tokenId = g_TokenId_A; - CheckPermissionUsedResult(request, result, 3, 3, 0); - // query by unmatched tokenId, deviceId and bundle Name BuildQueryRequest(123, GetLocalDeviceUdid(), g_InfoParmsA.bundleName, permissionList, request); ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); ASSERT_EQ(0, result.bundleRecords.size()); - // query by unmatched tokenId, deviceId and bundle Name - BuildQueryRequest(g_TokenId_A, "local device", g_InfoParmsA.bundleName, permissionList, request); - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(0, result.bundleRecords.size()); - - // query by unmatched tokenId, deviceId and bundle Name - BuildQueryRequest(g_TokenId_A, GetLocalDeviceUdid(), "bundleA", permissionList, request); - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(0, result.bundleRecords.size()); - // query by invalid permission Name permissionList.clear(); permissionList.emplace_back("invalid permission"); diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 79eafea39..48ad1c52f 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -67,7 +67,7 @@ private: BundleUsedRecord& bundleRecord, PermissionUsedResult& result); void UpdateRecords(int32_t flag, const PermissionUsedRecord& inBundleRecord, PermissionUsedRecord& outBundleRecord); - bool IsLocalDevice(const std::string& deviceId); + std::string GetDeviceId(AccessTokenID tokenId); OHOS::ThreadPool deleteTaskWorker_; bool hasInited_; diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index b20b63b9a..080beef2a 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -137,6 +137,12 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, return Constant::SUCCESS; } + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is invalid"); + return Constant::FAILURE; + } + if (!AddRecord(tokenId, permissionName, successCount, failCount)) { return Constant::FAILURE; } @@ -145,20 +151,27 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) { - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); + if (tokenId == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is 0"); return; } - if (IsLocalDevice(tokenInfo.deviceID)) { - Utils::UniqueWriteGuard lk(this->rwLock_); - GenericValues record; - record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); - PermissionRecordRepository::GetInstance().RemoveRecordValues(record); - } else { - // distributed permission record + // only support remove by tokenId(local) + std::string device = GetDeviceId(tokenId); + if (device.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); + return; } + + if (!deviceID.empty() && device != deviceID) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); + return; + } + + Utils::UniqueWriteGuard lk(this->rwLock_); + GenericValues record; + record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); + PermissionRecordRepository::GetInstance().RemoveRecordValues(record); } int32_t PermissionRecordManager::GetPermissionUsedRecords( @@ -393,12 +406,16 @@ int32_t PermissionRecordManager::UnRegisterPermActiveStatusCallback(const sptr] [-p ] list used records in system\n"; + " -r [-i ] [-p ] list used records in system\n"; class AtmCommand : public OHOS::AAFwk::ShellCommand { public: -- Gitee From b7ab288a4f8e3c87bebf2b316e062e4edff98475 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 15:33:54 +0800 Subject: [PATCH 10/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- tools/accesstoken/src/atm_command.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/accesstoken/src/atm_command.cpp b/tools/accesstoken/src/atm_command.cpp index 33233b4d7..882c648b7 100644 --- a/tools/accesstoken/src/atm_command.cpp +++ b/tools/accesstoken/src/atm_command.cpp @@ -26,7 +26,7 @@ using namespace OHOS::AAFwk; namespace OHOS { namespace Security { namespace AccessToken { -const std::string SHORT_OPTIONS_DUMP = "htr::b:p:"; +const std::string SHORT_OPTIONS_DUMP = "htr::i:p:"; const struct option LONG_OPTIONS_DUMP[] = { {"help", no_argument, nullptr, 'h'}, {"token-info", no_argument, nullptr, 't'}, @@ -150,14 +150,14 @@ ErrCode AtmCommand::RunAsDumpCommandMissingOptionArgument(void) break; } case 'i' : { - // 'atm dump -r -i' with no argument + // 'atm dump -i' with no argument resultReceiver_.append("error: option "); resultReceiver_.append("requires a value.\n"); result = OHOS::ERR_INVALID_VALUE; break; } case 'p' : { - // 'atm dump -r -p' with no argument + // 'atm dump -p' with no argument resultReceiver_.append("error: option "); resultReceiver_.append("requires a value.\n"); result = OHOS::ERR_INVALID_VALUE; -- Gitee From f75a65b90246207811934a55e516d3b216e95869 Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 17:18:19 +0800 Subject: [PATCH 11/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../database/permission_used_record_db.h | 20 +++++++++---------- .../database/permission_used_record_db.cpp | 20 +++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index eb972ed42..d2f4c38df 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -40,12 +40,12 @@ public: ~PermissionUsedRecordDb() override; - int32_t Add(const DataType type, const std::vector& values); - int32_t Remove(const DataType type, const GenericValues& conditions); - int32_t FindByConditions(const DataType type, const GenericValues& andConditions, + int32_t Add(DataType type, const std::vector& values); + int32_t Remove(DataType type, const GenericValues& conditions); + int32_t FindByConditions(DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); - int32_t Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions); - int32_t GetDistinctValue(const DataType type, const std::string& condition, std::vector& results); + int32_t Modify(DataType type, const GenericValues& modifyValues, const GenericValues& conditions); + int32_t GetDistinctValue(DataType type, const std::string& condition, std::vector& results); void OnCreate() override; void OnUpdate() override; @@ -59,14 +59,14 @@ private: int32_t CreatePermissionRecordTable() const; - std::string CreateInsertPrepareSqlCmd(const DataType type) const; + std::string CreateInsertPrepareSqlCmd(DataType type) const; std::string CreateDeletePrepareSqlCmd( - const DataType type, const std::vector& columnNames = std::vector()) const; - std::string CreateSelectByConditionPrepareSqlCmd(const DataType type, + DataType type, const std::vector& columnNames = std::vector()) const; + std::string CreateSelectByConditionPrepareSqlCmd(DataType type, const std::vector& andColumns, const std::vector& orColumns) const; - std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, + std::string CreateUpdatePrepareSqlCmd(DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const; - std::string CreateGetDistinctValue(const DataType type, const std::string conditionColumns) const; + std::string CreateGetDistinctValue(DataType type, const std::string conditionColumns) const; private: inline static const std::string PERMISSION_RECORD_TABLE = "permission_record_table"; diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index ed22f053a..4815d96e0 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -69,7 +69,7 @@ PermissionUsedRecordDb::PermissionUsedRecordDb() : SqliteHelper(DATABASE_NAME, D Open(); } -int32_t PermissionUsedRecordDb::Add(const DataType type, const std::vector& values) +int32_t PermissionUsedRecordDb::Add(DataType type, const std::vector& values) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::string prepareSql = CreateInsertPrepareSqlCmd(type); @@ -98,7 +98,7 @@ int32_t PermissionUsedRecordDb::Add(const DataType type, const std::vector lock(this->rwLock_); std::vector columnNames = conditions.GetAllKeys(); @@ -112,7 +112,7 @@ int32_t PermissionUsedRecordDb::Remove(const DataType type, const GenericValues& } int32_t PermissionUsedRecordDb::Modify( - const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) + DataType type, const GenericValues& modifyValues, const GenericValues& conditions) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); std::vector modifyColumns = modifyValues.GetAllKeys(); @@ -129,7 +129,7 @@ int32_t PermissionUsedRecordDb::Modify( return (ret == Statement::State::DONE) ? SUCCESS : FAILURE; } -int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const GenericValues& andConditions, +int32_t PermissionUsedRecordDb::FindByConditions(DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); @@ -160,7 +160,7 @@ int32_t PermissionUsedRecordDb::FindByConditions(const DataType type, const Gene return SUCCESS; } -int32_t PermissionUsedRecordDb::GetDistinctValue(const DataType type, +int32_t PermissionUsedRecordDb::GetDistinctValue(DataType type, const std::string& condition, std::vector& results) { OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); @@ -181,7 +181,7 @@ int32_t PermissionUsedRecordDb::GetDistinctValue(const DataType type, return SUCCESS; } -std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(const DataType type) const +std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(DataType type) const { auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { @@ -201,7 +201,7 @@ std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(const DataType typ } std::string PermissionUsedRecordDb::CreateDeletePrepareSqlCmd( - const DataType type, const std::vector& columnNames) const + DataType type, const std::vector& columnNames) const { auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { @@ -215,7 +215,7 @@ std::string PermissionUsedRecordDb::CreateDeletePrepareSqlCmd( return sql; } -std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(const DataType type, +std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const { if (modifyColumns.empty()) { @@ -247,7 +247,7 @@ std::string PermissionUsedRecordDb::CreateUpdatePrepareSqlCmd(const DataType typ return sql; } -std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(const DataType type, +std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(DataType type, const std::vector& andColumns, const std::vector& orColumns) const { auto it = dataTypeToSqlTable_.find(type); @@ -281,7 +281,7 @@ std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(const D return sql; } -std::string PermissionUsedRecordDb::CreateGetDistinctValue(const DataType type, +std::string PermissionUsedRecordDb::CreateGetDistinctValue(DataType type, const std::string conditionColumns) const { auto it = dataTypeToSqlTable_.find(type); -- Gitee From bda9c87bc53d037078cc6b5208c5f18429d400bc Mon Sep 17 00:00:00 2001 From: fanchenxuan Date: Tue, 16 Aug 2022 16:54:49 +0800 Subject: [PATCH 12/68] =?UTF-8?q?=E6=8E=88=E6=9D=83=E5=9B=9E=E8=B0=83?= =?UTF-8?q?=E5=A4=B1=E8=B4=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: fanchenxuan --- .../src/main/ets/common/utils/constant.ets | 1 + .../src/main/ets/pages/dialogPlus.ets | 18 ++++++++---------- .../token_callback/src/token_callback_stub.cpp | 10 ++++++++-- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/common/utils/constant.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/common/utils/constant.ets index feae6cd0e..1bfa23125 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/common/utils/constant.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/common/utils/constant.ets @@ -344,5 +344,6 @@ export default class Constants { // static INITIAL_INDEX = 10 + static ACCESS_TOKEN = 'ohos.security.accesstoken.tokencallback' } \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/pages/dialogPlus.ets index f833b2b93..a56068a72 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/pages/dialogPlus.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/pages/dialogPlus.ets @@ -150,18 +150,16 @@ struct dialogPlusPage { let option = new rpc.MessageOption() let data = new rpc.MessageParcel() let reply = new rpc.MessageParcel() - if(!data.writeStringArray(perms)) { - Log.error('writeStringArray permission failed!') + Promise.all([data.writeInterfaceToken(Constants.ACCESS_TOKEN), + data.writeStringArray(perms), + data.writeIntArray(results) + ]).then(() => { + this.proxy.sendRequest(Constants.RESULT_CODE, data, reply, option) this.destruction() - return - } - if (!data.writeIntArray(results)) { - Log.error('writeIntArray result failed!') + }).catch(() => { + Log.error('write result failed!') this.destruction() - return - } - this.proxy.sendRequest(Constants.RESULT_CODE, data, reply, option) - this.destruction() + }) } destruction() { diff --git a/interfaces/innerkits/token_callback/src/token_callback_stub.cpp b/interfaces/innerkits/token_callback/src/token_callback_stub.cpp index 1a26d2da5..e51cd4c87 100644 --- a/interfaces/innerkits/token_callback/src/token_callback_stub.cpp +++ b/interfaces/innerkits/token_callback/src/token_callback_stub.cpp @@ -29,6 +29,11 @@ static const int32_t LIST_SIZE_MAX = 200; static const int32_t FAILED = -1; } +static std::string to_utf8(std::u16string str16) +{ + return std::wstring_convert, char16_t> {}.to_bytes(str16); +} + int32_t TokenCallbackStub::OnRemoteRequest( uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) { @@ -48,13 +53,14 @@ int32_t TokenCallbackStub::OnRemoteRequest( } std::vector permList; for (uint32_t i = 0; i < permListSize; i++) { - std::string perm = data.ReadString(); + std::u16string u16Perm = data.ReadString16(); + std::string perm = to_utf8(u16Perm); permList.emplace_back(perm); } uint32_t statusListSize = data.ReadUint32(); if (statusListSize != permListSize) { - ACCESSTOKEN_LOG_ERROR(LABEL, "read permListSize fail %{public}u", statusListSize); + ACCESSTOKEN_LOG_ERROR(LABEL, "read statusListSize fail %{public}u", statusListSize); return FAILED; } std::vector grantResults; -- Gitee From ee34f7e4f70ac8f7aefc958237d7d7cd5d7da0dd Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 22:30:45 +0800 Subject: [PATCH 13/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../innerkits/privacy/src/privacy_manager_proxy.cpp | 12 ++++++------ .../main/cpp/src/token/hap_token_info_inner.cpp | 2 +- .../src/record/permission_record_manager.cpp | 11 ++++++----- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index 6ad838a8e..8721558ed 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -41,7 +41,7 @@ int32_t PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, cons MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -72,7 +72,7 @@ int32_t PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const s MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -95,7 +95,7 @@ int32_t PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const st MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -118,7 +118,7 @@ int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); return ERROR; } if (!data.WriteString(deviceID)) { @@ -195,11 +195,11 @@ std::string PrivacyManagerProxy::DumpRecordInfo(AccessTokenID tokenID, const std MessageParcel reply; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(tokenID)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); return ""; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(permissionName)"); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteString(%{public}s)", permissionName.c_str()); return ""; } int32_t requestResult = SendRequest(IPrivacyManager::InterfaceCode::DUMP_RECORD_INFO, data, reply); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 5c34e3096..392893a67 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -50,7 +50,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, tokenInfoBasic_.instIndex = info.instIndex; tokenInfoBasic_.dlpType = info.dlpType; tokenInfoBasic_.appID = info.appIDDesc; - tokenInfoBasic_.deviceID = "0"; + tokenInfoBasic_.deviceID = ""; tokenInfoBasic_.apl = policy.apl; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permStateList); } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 080beef2a..b1b0425a7 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -133,13 +133,13 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, ExecuteDeletePermissionRecordTask(); if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Invalid token type"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "invalid token type"); return Constant::SUCCESS; } HapTokenInfo tokenInfo; if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is invalid"); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); return Constant::FAILURE; } @@ -164,7 +164,7 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, } if (!deviceID.empty() && device != deviceID) { - ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo fail"); + ACCESSTOKEN_LOG_ERROR(LABEL, "deviceID mismatch"); return; } @@ -277,7 +277,8 @@ bool PermissionRecordManager::GetRecords( record.Put(FIELD_FLAG, flag); if (DataTranslator::TranslationGenericValuesIntoPermissionUsedRecord(record, tmpPermissionRecord) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_INFO(LABEL, "Failed to transform permission to opcode"); + ACCESSTOKEN_LOG_INFO(LABEL, "Failed to transform opcode(%{public}d) into permission", + record.GetInt(FIELD_OP_CODE)); continue; } @@ -412,7 +413,7 @@ std::string PermissionRecordManager::GetDeviceId(AccessTokenID tokenId) if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { return ""; } - if (tokenInfo.deviceID == "0") { // local + if (tokenInfo.deviceID.empty()) { // local return ConstantCommon::GetLocalDeviceId(); } return tokenInfo.deviceID; -- Gitee From 2f427af60f91ed584221d46658c7d03124effc9b Mon Sep 17 00:00:00 2001 From: chennian Date: Tue, 16 Aug 2022 22:42:59 +0800 Subject: [PATCH 14/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9dump=E6=8C=87=E4=BB=A4?= =?UTF-8?q?=EF=BC=8C=E4=BD=BF=E7=94=A8tokenID=E6=9F=A5=E8=AF=A2=20Signed-o?= =?UTF-8?q?ff-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../innerkits/privacy/src/privacy_manager_proxy.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp index 8721558ed..0014a3c02 100644 --- a/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp +++ b/interfaces/innerkits/privacy/src/privacy_manager_proxy.cpp @@ -41,7 +41,7 @@ int32_t PrivacyManagerProxy::AddPermissionUsedRecord(AccessTokenID tokenID, cons MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -72,7 +72,7 @@ int32_t PrivacyManagerProxy::StartUsingPermission(AccessTokenID tokenID, const s MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -95,7 +95,7 @@ int32_t PrivacyManagerProxy::StopUsingPermission(AccessTokenID tokenID, const st MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); return ERROR; } if (!data.WriteString(permissionName)) { @@ -118,7 +118,7 @@ int32_t PrivacyManagerProxy::RemovePermissionUsedRecords(AccessTokenID tokenID, MessageParcel data; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); return ERROR; } if (!data.WriteString(deviceID)) { @@ -195,7 +195,7 @@ std::string PrivacyManagerProxy::DumpRecordInfo(AccessTokenID tokenID, const std MessageParcel reply; data.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)",tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteUint32(%{public}d)", tokenID); return ""; } if (!data.WriteString(permissionName)) { -- Gitee From 2b105bfe04a965e9e70333ba5e0a4cd81a3f8849 Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Wed, 17 Aug 2022 18:39:35 +0800 Subject: [PATCH 15/68] =?UTF-8?q?2022/08/17=20deviceId=E7=BD=AE=E9=9B=B6?= =?UTF-8?q?=20Signed-off-by:hanshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../main/cpp/src/token/hap_token_info_inner.cpp | 2 +- .../privacymanager/src/record/permission_record_manager.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 392893a67..5c34e3096 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -50,7 +50,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, tokenInfoBasic_.instIndex = info.instIndex; tokenInfoBasic_.dlpType = info.dlpType; tokenInfoBasic_.appID = info.appIDDesc; - tokenInfoBasic_.deviceID = ""; + tokenInfoBasic_.deviceID = "0"; tokenInfoBasic_.apl = policy.apl; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permStateList); } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index b1b0425a7..7d1434a49 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -413,7 +413,7 @@ std::string PermissionRecordManager::GetDeviceId(AccessTokenID tokenId) if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { return ""; } - if (tokenInfo.deviceID.empty()) { // local + if (tokenInfo.deviceID == "0") { // local return ConstantCommon::GetLocalDeviceId(); } return tokenInfo.deviceID; -- Gitee From 0fb630f3a180cd91166c421d80b6d80bcfd77b6a Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Wed, 17 Aug 2022 20:12:44 +0800 Subject: [PATCH 16/68] =?UTF-8?q?2022/08/17=20deviceId=E7=BD=AE=E9=9B=B6?= =?UTF-8?q?=20Signed-off-by:hanshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../main/cpp/src/token/hap_token_info_inner.cpp | 3 ++- .../privacymanager/src/record/permission_record_manager.cpp | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 5c34e3096..96a763881 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -26,6 +26,7 @@ namespace Security { namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "HapTokenInfoInner"}; +static constexpr DEFAULT_DEVICEID = "0"; } HapTokenInfoInner::HapTokenInfoInner() : isRemote_(false) @@ -50,7 +51,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, tokenInfoBasic_.instIndex = info.instIndex; tokenInfoBasic_.dlpType = info.dlpType; tokenInfoBasic_.appID = info.appIDDesc; - tokenInfoBasic_.deviceID = "0"; + tokenInfoBasic_.deviceID = DEFAULT_DEVICEID; tokenInfoBasic_.apl = policy.apl; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permStateList); } diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 7d1434a49..a05f184e5 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -33,6 +33,7 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionRecordManager" }; +static constexpr DEFAULT_DEVICEID = "0"; } PermissionRecordManager& PermissionRecordManager::GetInstance() { @@ -413,7 +414,7 @@ std::string PermissionRecordManager::GetDeviceId(AccessTokenID tokenId) if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { return ""; } - if (tokenInfo.deviceID == "0") { // local + if (tokenInfo.deviceID == DEFAULT_DEVICEID) { // local return ConstantCommon::GetLocalDeviceId(); } return tokenInfo.deviceID; -- Gitee From f916cffb733618d1927d0de076ca9f967bb58aa9 Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Wed, 17 Aug 2022 20:14:36 +0800 Subject: [PATCH 17/68] =?UTF-8?q?2022/08/17=20deviceId=E7=BD=AE=E9=9B=B6?= =?UTF-8?q?=20Signed-off-by:hanshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../main/cpp/src/token/hap_token_info_inner.cpp | 2 +- .../privacymanager/src/record/permission_record_manager.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 96a763881..560c16d76 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -26,7 +26,7 @@ namespace Security { namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "HapTokenInfoInner"}; -static constexpr DEFAULT_DEVICEID = "0"; +static const std::string DEFAULT_DEVICEID = "0"; } HapTokenInfoInner::HapTokenInfoInner() : isRemote_(false) diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index a05f184e5..a49c3feab 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -33,7 +33,7 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionRecordManager" }; -static constexpr DEFAULT_DEVICEID = "0"; +static const std::string DEFAULT_DEVICEID = "0"; } PermissionRecordManager& PermissionRecordManager::GetInstance() { -- Gitee From 4d6985c96e19ceb71042aceca6878269f257f7f1 Mon Sep 17 00:00:00 2001 From: chennian Date: Wed, 17 Aug 2022 22:06:22 +0800 Subject: [PATCH 18/68] =?UTF-8?q?=E6=8E=92=E6=9F=A5=E4=BF=AE=E6=94=B9?= =?UTF-8?q?=E7=89=B9=E6=88=98=E9=98=9F=E6=A3=80=E8=A7=86=E6=84=8F=E8=A7=81?= =?UTF-8?q?=20Signed-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- frameworks/accesstoken/src/hap_policy_parcel.cpp | 2 +- .../accesstoken/src/native_token_info_parcel.cpp | 4 ++-- .../src/permission_state_change_scope_parcel.cpp | 2 +- .../main/cpp/include/token/hap_token_info_inner.h | 2 +- .../cpp/src/token/accesstoken_info_manager.cpp | 14 +++++++------- .../main/cpp/src/token/hap_token_info_inner.cpp | 2 +- .../src/database/permission_used_record_db.cpp | 2 +- .../src/command/base_remote_command.cpp | 6 +++--- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index a437e4614..6bbccf7de 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -41,7 +41,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const } const std::vector& permStateList = this->hapPolicyParameter.permStateList; - int32_t permStateListSize = (int32_t)permStateList.size(); + int32_t permStateListSize = static_cast(permStateList.size()); RETURN_IF_FALSE(out.WriteInt32(permStateListSize)); for (int i = 0; i < permStateListSize; i++) { diff --git a/frameworks/accesstoken/src/native_token_info_parcel.cpp b/frameworks/accesstoken/src/native_token_info_parcel.cpp index d48c7fbd8..621ce872c 100644 --- a/frameworks/accesstoken/src/native_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/native_token_info_parcel.cpp @@ -38,7 +38,7 @@ bool NativeTokenInfoParcel::Marshalling(Parcel& out) const int32_t dcapSize = static_cast((this->nativeTokenInfoParams.dcap).size()); RETURN_IF_FALSE(out.WriteInt32(dcapSize)); - for (auto dcapItem : this->nativeTokenInfoParams.dcap) { + for (const auto& dcapItem : this->nativeTokenInfoParams.dcap) { RETURN_IF_FALSE(out.WriteString(dcapItem)); } @@ -48,7 +48,7 @@ bool NativeTokenInfoParcel::Marshalling(Parcel& out) const int32_t nativeAclSize = static_cast((this->nativeTokenInfoParams.nativeAcls).size()); RETURN_IF_FALSE(out.WriteInt32(nativeAclSize)); - for (auto item : this->nativeTokenInfoParams.nativeAcls) { + for (const auto& item : this->nativeTokenInfoParams.nativeAcls) { RETURN_IF_FALSE(out.WriteString(item)); } diff --git a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp index 7305a31a3..8555df353 100644 --- a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp +++ b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp @@ -22,7 +22,7 @@ namespace AccessToken { bool PermStateChangeScopeParcel::Marshalling(Parcel& out) const { RETURN_IF_FALSE(out.WriteUint32((this->scope.tokenIDs.size()))); - for (auto& tokenID : this->scope.tokenIDs) { + for (const auto& tokenID : this->scope.tokenIDs) { RETURN_IF_FALSE(out.WriteUint32(tokenID)); } diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index 73781ccaa..d62cd14e9 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -42,7 +42,7 @@ public: void TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const; void StoreHapInfo(std::vector& hapInfoValues, std::vector& permStateValues) const; - int RestoreHapTokenInfo(AccessTokenID tokenId, GenericValues& tokenValue, + int RestoreHapTokenInfo(AccessTokenID tokenId, const GenericValues& tokenValue, const std::vector& permStateRes); std::shared_ptr GetHapInfoPermissionPolicySet() const; diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index a4cabdbea..3e873829a 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -81,7 +81,7 @@ void AccessTokenInfoManager::InitHapTokenInfos() DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_PERMISSION_DEF, permDefRes); DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_PERMISSION_STATE, permStateRes); - for (GenericValues& tokenValue : hapTokenRes) { + for (const GenericValues& tokenValue : hapTokenRes) { AccessTokenID tokenId = (AccessTokenID)tokenValue.GetInt(FIELD_TOKEN_ID); int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); if (ret != RET_SUCCESS) { @@ -121,7 +121,7 @@ void AccessTokenInfoManager::InitNativeTokenInfos() DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_NATIVE_INFO, nativeTokenResults); DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_PERMISSION_STATE, permStateRes); - for (GenericValues nativeTokenValue : nativeTokenResults) { + for (const GenericValues& nativeTokenValue : nativeTokenResults) { AccessTokenID tokenId = (AccessTokenID)nativeTokenValue.GetInt(FIELD_TOKEN_ID); int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_NATIVE); if (ret != RET_SUCCESS) { @@ -380,10 +380,10 @@ static void GetPolicyCopied(const HapPolicyParams& policy, HapPolicyParams& poli policyNew.apl = policy.apl; policyNew.domain = policy.domain; - for (auto& state : policy.permStateList) { + for (const auto& state : policy.permStateList) { policyNew.permStateList.emplace_back(state); } - for (auto& def : policy.permList) { + for (const auto& def : policy.permList) { policyNew.permList.emplace_back(def); } } @@ -610,10 +610,10 @@ void AccessTokenInfoManager::GetAllNativeTokenInfo( std::vector& nativeTokenInfosRes) { Utils::UniqueReadGuard infoGuard(this->nativeTokenInfoLock_); - for (auto nativeTokenInner : nativeTokenInfoMap_) { + for (const auto& nativeTokenInner : nativeTokenInfoMap_) { std::shared_ptr nativeTokenInnerPtr = nativeTokenInner.second; if (nativeTokenInnerPtr == nullptr || nativeTokenInnerPtr->IsRemote() - || nativeTokenInnerPtr->GetDcap().size() <= 0) { + || nativeTokenInnerPtr->GetDcap().empty()) { continue; } NativeTokenInfoForSync token; @@ -732,7 +732,7 @@ int AccessTokenInfoManager::SetRemoteNativeTokenInfo(const std::string& deviceID if (!DataValidator::IsAplNumValid(nativeToken.baseInfo.apl) || nativeToken.baseInfo.ver != DEFAULT_TOKEN_VERSION || !DataValidator::IsProcessNameValid(nativeToken.baseInfo.processName) || - nativeToken.baseInfo.dcap.size() <= 0 || + nativeToken.baseInfo.dcap.empty() || AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(nativeToken.baseInfo.tokenID) != TOKEN_NATIVE) { ACCESSTOKEN_LOG_ERROR( LABEL, "device %{public}s token %{public}u is invalid.", diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 392893a67..dc970a1b8 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -147,7 +147,7 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa } int HapTokenInfoInner::RestoreHapTokenInfo(AccessTokenID tokenId, - GenericValues& tokenValue, + const GenericValues& tokenValue, const std::vector& permStateRes) { tokenInfoBasic_.tokenID = tokenId; diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index 4815d96e0..e99c37bec 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -268,7 +268,7 @@ std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(DataTyp sql.append(andColName + "=:" + andColName); } } - if (orColumns.size() > 0) { + if (!orColumns.empty()) { sql.append(" and ("); for (const auto& orColName : orColumns) { if (orColName.find(FIELD_OP_CODE) != std::string::npos) { diff --git a/services/tokensyncmanager/src/command/base_remote_command.cpp b/services/tokensyncmanager/src/command/base_remote_command.cpp index 696eb9bc1..35384269a 100644 --- a/services/tokensyncmanager/src/command/base_remote_command.cpp +++ b/services/tokensyncmanager/src/command/base_remote_command.cpp @@ -192,7 +192,7 @@ void BaseRemoteCommand::FromPermStateListJson(const nlohmann::json& hapTokenJson { if (hapTokenJson.find("permState") != hapTokenJson.end() && hapTokenJson.at("permState").is_array() - && hapTokenJson.at("permState").size() > 0) { + && !hapTokenJson.at("permState").empty()) { nlohmann::json permissionsJson = hapTokenJson.at("permState").get(); for (const auto& permissionJson : permissionsJson) { PermissionStateFull permission; @@ -265,11 +265,11 @@ void BaseRemoteCommand::FromNativeTokenInfoJson(const nlohmann::json& nativeToke nativeTokenInfo.baseInfo.tokenAttr = (unsigned)nativeTokenJson.at("tokenAttr").get(); } if (nativeTokenJson.find("dcaps") != nativeTokenJson.end() && nativeTokenJson.at("dcaps").is_array() - && nativeTokenJson.at("dcaps").size() > 0 && (nativeTokenJson.at("dcaps"))[0].is_string()) { + && !nativeTokenJson.at("dcaps").empty() && (nativeTokenJson.at("dcaps"))[0].is_string()) { nativeTokenInfo.baseInfo.dcap = nativeTokenJson.at("dcaps").get>(); } if (nativeTokenJson.find("nativeAcls") != nativeTokenJson.end() && nativeTokenJson.at("nativeAcls").is_array() - && nativeTokenJson.at("nativeAcls").size() > 0 && (nativeTokenJson.at("nativeAcls"))[0].is_string()) { + && !nativeTokenJson.at("nativeAcls").empty() && (nativeTokenJson.at("nativeAcls"))[0].is_string()) { nativeTokenInfo.baseInfo.nativeAcls = nativeTokenJson.at("nativeAcls").get>(); } -- Gitee From e6b3130e98517d8323092be5e0a9ef6f5f9c532e Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Thu, 18 Aug 2022 08:03:11 +0800 Subject: [PATCH 19/68] =?UTF-8?q?2022/08/18=20=E6=9D=83=E9=99=90=E4=BD=BF?= =?UTF-8?q?=E7=94=A8=E8=AE=B0=E5=BD=95=E4=BC=98=E5=8C=96=20Signed-off-by:h?= =?UTF-8?q?anshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../test/unittest/src/privacy_kit_test.cpp | 92 ++++ services/privacymanager/BUILD.gn | 2 + .../privacymanager/include/common/constant.h | 1 + .../database/permission_used_record_db.h | 7 + .../record/permission_record_manager.h | 6 +- .../include/record/permission_record_node.h | 35 ++ .../record/permission_record_repository.h | 3 + .../record/permission_used_record_cache.h | 78 ++++ .../privacymanager/src/common/constant.cpp | 1 + .../database/permission_used_record_db.cpp | 96 ++++ .../src/record/permission_record_manager.cpp | 129 +++--- .../record/permission_record_repository.cpp | 30 ++ .../record/permission_used_record_cache.cpp | 425 ++++++++++++++++++ 13 files changed, 825 insertions(+), 80 deletions(-) create mode 100644 services/privacymanager/include/record/permission_record_node.h create mode 100644 services/privacymanager/include/record/permission_used_record_cache.h create mode 100644 services/privacymanager/src/record/permission_used_record_cache.cpp diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3ba27bd00..3d0ea000a 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -150,6 +150,53 @@ void PrivacyKitTest::CheckPermissionUsedResult(const PermissionUsedRequest& requ ASSERT_EQ(totalFailCount, failCount); } +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { + void SetTokenID(std::vector& g_InfoParms_List, + std::vector& g_TokenId_List, int32_t number) + { + SetSelfTokenID(g_selfTokenId); + for (int32_t i = 0; i < number; i++) { + HapInfoParams g_InfoParmsTmp = { + .userID = i, + .bundleName = "ohos.privacy_test.bundle" + std::to_string(i), + .instIndex = i, + .appIDDesc = "privacy_test.bundle" + std::to_string(i) + }; + g_InfoParms_List.push_back(g_InfoParmsTmp); + HapPolicyParams g_PolicyPramsTmp = { + .apl = APL_NORMAL, + .domain = "test.domain." + std::to_string(i) + }; + AccessTokenKit::AllocHapToken(g_InfoParmsTmp, g_PolicyPramsTmp); + AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParmsTmp.userID, + g_InfoParmsTmp.bundleName, + g_InfoParmsTmp.instIndex); + g_TokenId_List.push_back(g_TokenId_Tmp); + } + AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); + SetSelfTokenID(tokenId); + } + + void DeleteTokenID(std::vector& g_InfoParms_List) + { + SetSelfTokenID(g_selfTokenId); + for (size_t i = 0; i < g_InfoParms_List.size(); i++) { + AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParms_List[i].userID, + g_InfoParms_List[i].bundleName, + g_InfoParms_List[i].instIndex); + AccessTokenKit::DeleteToken(g_TokenId_Tmp); + } + AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); + SetSelfTokenID(tokenId); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + /** * @tc.name: AddPermissionUsedRecord001 * @tc.desc: cannot AddPermissionUsedRecord with illegal tokenId and permission. @@ -720,4 +767,49 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1) res = AccessTokenKit::DeleteToken(tokenID); ASSERT_EQ(RET_SUCCESS, res); +} + +/** + * @tc.name: AddPermissionUsedRecord007 + * @tc.desc: AddPermissionUsedRecord user_grant permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) +{ + std::vector g_InfoParms_List; + std::vector g_TokenId_List; + SetTokenID(g_InfoParms_List, g_TokenId_List, 100); + std::vector addPermissionList = { + "ohos.permission.ANSWER_CALL", + "ohos.permission.READ_CALENDAR", + }; + for (int32_t i = 0; i < 200; i++) { + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(g_TokenId_List[i % 100], + addPermissionList[i % 2], 1, 0)); + + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_TokenId_List[i % 100], GetLocalDeviceUdid(), + g_InfoParms_List[i % 100].bundleName, permissionList, request); + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + } + sleep(70); + for (int32_t i = 0; i < 100; i++) { + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_TokenId_List[i], GetLocalDeviceUdid(), + g_InfoParms_List[i].bundleName, permissionList, request); + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(1, result.bundleRecords.size()); + ASSERT_EQ(1, result.bundleRecords[0].permissionRecords.size()); + ASSERT_EQ(1, result.bundleRecords[0].permissionRecords[0].accessRecords.size()); + CheckPermissionUsedResult(request, result, 1, 2, 0); + } + DeleteTokenID(g_InfoParms_List); } \ No newline at end of file diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 958233c54..a6db98aa7 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -53,6 +53,7 @@ if (is_standard_system) { "src/record/permission_record.cpp", "src/record/permission_record_manager.cpp", "src/record/permission_record_repository.cpp", + "src/record/permission_used_record_cache.cpp", "src/service/privacy_manager_service.cpp", "src/service/privacy_manager_stub.cpp", ] @@ -66,6 +67,7 @@ if (is_standard_system) { "//base/security/access_token/services/common/database:accesstoken_database_cxx", "//base/security/access_token/services/privacymanager:privacy.rc", "//third_party/sqlite:sqlite", + "//utils/native/base:utils", ] external_deps = [ diff --git a/services/privacymanager/include/common/constant.h b/services/privacymanager/include/common/constant.h index 6e3602ac6..1893d77e3 100644 --- a/services/privacymanager/include/common/constant.h +++ b/services/privacymanager/include/common/constant.h @@ -62,6 +62,7 @@ public: const static int32_t RECORD_DELETE_TIME = 30 * 86400; const static int32_t PRECISE = 60; const static int32_t LATEST_RECORD_TIME = 7 * 86400; + const static std::string COUNT_CMD; const static std::map PERMISSION_OPCODE_MAP; public: diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index d2f4c38df..3d1ae056e 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -45,6 +45,9 @@ public: int32_t FindByConditions(DataType type, const GenericValues& andConditions, const GenericValues& orConditions, std::vector& results); int32_t Modify(DataType type, const GenericValues& modifyValues, const GenericValues& conditions); + int32_t Count(DataType type, GenericValues& result); + int32_t DeleteExpireRecords(DataType type, const GenericValues& andConditions); + int32_t DeleteExcessiveRecords(DataType type, unsigned excessiveSize); int32_t GetDistinctValue(DataType type, const std::string& condition, std::vector& results); void OnCreate() override; @@ -66,6 +69,10 @@ private: const std::vector& andColumns, const std::vector& orColumns) const; std::string CreateUpdatePrepareSqlCmd(DataType type, const std::vector& modifyColumns, const std::vector& conditionColumns) const; + std::string CreateCountPrepareSqlCmd(DataType type) const; + std::string CreateDeleteExpireRecordsPrepareSqlCmd(DataType type, + const std::vector& andColumns) const; + std::string CreateDeleteExcessiveRecordsPrepareSqlCmd(DataType type, unsigned excessiveSize) const; std::string CreateGetDistinctValue(DataType type, const std::string conditionColumns) const; private: diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 48ad1c52f..0815f2396 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -17,9 +17,11 @@ #define PERMISSION_RECORD_MANAGER_H #include +#include #include #include "access_token.h" +#include "hap_token_info.h" #include "nocopyable.h" #include "on_permission_used_record_callback.h" #include "permission_record.h" @@ -55,11 +57,11 @@ private: PermissionRecordManager(); DISALLOW_COPY_AND_MOVE(PermissionRecordManager); - bool GetLocalRecordTokenIdList(std::vector& tokenIdList); + bool GetLocalRecordTokenIdList(std::set& tokenIdList); bool AddRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); bool GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record); - + bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); void ExecuteDeletePermissionRecordTask(); int32_t DeletePermissionRecord(int32_t days); bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); diff --git a/services/privacymanager/include/record/permission_record_node.h b/services/privacymanager/include/record/permission_record_node.h new file mode 100644 index 000000000..d56b3d800 --- /dev/null +++ b/services/privacymanager/include/record/permission_record_node.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_UESD_RECORD_NODE_H +#define PERMISSION_UESD_RECORD_NODE_H + +#include +#include "permission_record.h" +#include "rwlock.h" +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionUsedRecordNode { + std::weak_ptr pre; + std::shared_ptr next; + PermissionRecord record; + + PermissionUsedRecordNode() = default; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_UESD_RECORD_NODE_H diff --git a/services/privacymanager/include/record/permission_record_repository.h b/services/privacymanager/include/record/permission_record_repository.h index 4cd89a9ae..e29ffc898 100644 --- a/services/privacymanager/include/record/permission_record_repository.h +++ b/services/privacymanager/include/record/permission_record_repository.h @@ -34,6 +34,9 @@ public: const GenericValues& orConditionValues, std::vector& recordValues); bool RemoveRecordValues(const GenericValues& conditionValues); bool GetAllRecordValuesByKey(const std::string& condition, std::vector& resultValues); + int32_t CountRecordValues(GenericValues& resultValues); + bool DeleteExpireRecordsValues(const GenericValues& andConditions); + bool DeleteExcessiveSizeRecordValues(int32_t excessiveSize); }; } // namespace AccessToken } // namespace Security diff --git a/services/privacymanager/include/record/permission_used_record_cache.h b/services/privacymanager/include/record/permission_used_record_cache.h new file mode 100644 index 000000000..5065cd282 --- /dev/null +++ b/services/privacymanager/include/record/permission_used_record_cache.h @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_USED_RECORD_CACHE_H +#define PERMISSION_USED_RECORD_CACHE_H + +#include +#include +#include +#include +#include +#include "accesstoken_kit.h" +#include "nocopyable.h" +#include "permission_record.h" +#include "permission_record_node.h" +#include "rwlock.h" +#include "thread_pool.h" +namespace OHOS { +namespace Security { +namespace AccessToken { +class PermissionUsedRecordCache { +public: + static PermissionUsedRecordCache& GetInstance(); + int32_t AddRecordToBuffer(PermissionRecord& record); + void MergeRecord(PermissionRecord& record, std::shared_ptr curFindMergePos); + void AddToPersistQueue(const std::shared_ptr persistPendingBufferHead); + void ExecuteReadRecordBufferTask(); + int32_t PersistPendingRecords(); + void GetPersistPendingRecordsAndReset(); + int32_t RemoveRecords(const GenericValues &record); + void RemoveRecordsFromPersistPendingBufferQueue(const GenericValues &record, + std::shared_ptr persistPendingBufferHead, + std::shared_ptr persistPendingBufferEnd); + void GetRecords(const std::vector& permissionList, + const GenericValues &andConditionValues, const GenericValues& orConditionValues, + std::vector& findRecordsValues); + void GetAllRecords(const std::vector& permissionList, + const GenericValues &andConditionValues, const GenericValues& orConditionValues, + std::vector& findRecordsValues); + void GetRecordsFromPersistPendingBufferQueue(const std::vector& permissionList, + const GenericValues& andConditionValues, const GenericValues& orConditionValues, + std::vector& findRecordsValues, const std::set& opCodeList); + bool RecordCompare(const AccessTokenID tokenID, const std::set& opCodeList, + const GenericValues &andConditionValues, const PermissionRecord &record); + void FindTokenIdList(std::set& tokenIdList); + void TransferToOpcode(std::set& opCodeList, + const std::vector& permissionList); + void AddRecordNode(const PermissionRecord& record); + void DeleteRecordNode(std::shared_ptr deleteRecordNode); + +private: + int32_t readableSize_ = 0; + std::shared_ptr recordBufferHead_ = std::make_shared(); + std::shared_ptr curRecordBufferPos_ = recordBufferHead_; + std::vector> persistPendingBufferQueue_; + int64_t nextPersistTimestamp_ = 0L; + const static int32_t INTERVAL = 60; + const static int32_t MAX_PERSIST_SIZE = 100; + int32_t persistIsRunning_ = 0; + OHOS::Utils::RWLock cacheLock_; + OHOS::ThreadPool readRecordBufferTaskWorker_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_USED_RECORD_CACHE_H diff --git a/services/privacymanager/src/common/constant.cpp b/services/privacymanager/src/common/constant.cpp index 34fda467f..1a9b74855 100644 --- a/services/privacymanager/src/common/constant.cpp +++ b/services/privacymanager/src/common/constant.cpp @@ -18,6 +18,7 @@ namespace OHOS { namespace Security { namespace AccessToken { +const std::string Constant::COUNT_CMD = "COUNT"; const std::map Constant::PERMISSION_OPCODE_MAP = { std::map::value_type("ohos.permission.ANSWER_CALL", Constant::OP_ANSWER_CALL), std::map::value_type("ohos.permission.READ_CALENDAR", Constant::OP_READ_CALENDAR), diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index e99c37bec..b10f6d9d1 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -16,6 +16,7 @@ #include "permission_used_record_db.h" #include "accesstoken_log.h" +#include "constant.h" #include "field_const.h" namespace OHOS { @@ -181,6 +182,50 @@ int32_t PermissionUsedRecordDb::GetDistinctValue(DataType type, return SUCCESS; } +int32_t PermissionUsedRecordDb::Count(DataType type, GenericValues& result) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string countSql = CreateCountPrepareSqlCmd(type); + auto countStatement = Prepare(countSql); + if (countStatement.Step() == Statement::State::ROW) { + int32_t column = 0; + result.Put(Constant::COUNT_CMD, countStatement.GetValue(column, true)); + } + return SUCCESS; +} + +int32_t PermissionUsedRecordDb::DeleteExpireRecords(DataType type, + const GenericValues& andConditions) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::vector andColumns = andConditions.GetAllKeys(); + if (!andColumns.empty()) { + std::string deleteExpireSql = CreateDeleteExpireRecordsPrepareSqlCmd(type, andColumns); + auto deleteExpireStatement = Prepare(deleteExpireSql); + for (const auto& columnName : andColumns) { + deleteExpireStatement.Bind(columnName, andConditions.Get(columnName)); + } + int32_t ret = deleteExpireStatement.Step(); + if (ret != Statement::State::DONE) { + ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExpireRecords failed"); + return FAILURE; + } + } + return SUCCESS; +} + +int32_t PermissionUsedRecordDb::DeleteExcessiveRecords(DataType type, unsigned excessiveSize) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string deleteExcessiveSql = CreateDeleteExcessiveRecordsPrepareSqlCmd(type, excessiveSize); + auto deleteExcessiveStatement = Prepare(deleteExcessiveSql); + if (deleteExcessiveStatement.Step() != Statement::State::DONE) { + ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExcessiveRecords failed"); + return FAILURE; + } + return SUCCESS; +} + std::string PermissionUsedRecordDb::CreateInsertPrepareSqlCmd(DataType type) const { auto it = dataTypeToSqlTable_.find(type); @@ -281,6 +326,57 @@ std::string PermissionUsedRecordDb::CreateSelectByConditionPrepareSqlCmd(DataTyp return sql; } +std::string PermissionUsedRecordDb::CreateCountPrepareSqlCmd(DataType type) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "select count(*) from " + it->second.tableName_; + return sql; +} + +std::string PermissionUsedRecordDb::CreateDeleteExpireRecordsPrepareSqlCmd(DataType type, + const std::vector& andColumns) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "delete from " + it->second.tableName_ + " where "; + sql.append(FIELD_TIMESTAMP + " in (select "); + sql.append(FIELD_TIMESTAMP + " from " + it->second.tableName_ + " where 1 = 1"); + for (const auto& andColName : andColumns) { + if (andColName == FIELD_TIMESTAMP_BEGIN) { + sql.append(" and "); + sql.append(FIELD_TIMESTAMP + " >=:" + andColName); + } else if (andColName == FIELD_TIMESTAMP_END) { + sql.append(" and "); + sql.append(FIELD_TIMESTAMP + " <=:" + andColName); + } else { + sql.append(" and "); + sql.append(andColName + "=:" + andColName); + } + } + sql.append(" )"); + return sql; +} + +std::string PermissionUsedRecordDb::CreateDeleteExcessiveRecordsPrepareSqlCmd(DataType type, + unsigned excessiveSize) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "delete from " + it->second.tableName_ + " where "; + sql.append(FIELD_TIMESTAMP + " in (select "); + sql.append(FIELD_TIMESTAMP + " from " + it->second.tableName_ + " order by "); + sql.append(FIELD_TIMESTAMP + " limit "); + sql.append(std::to_string(excessiveSize) + " )"); + return sql; +} + std::string PermissionUsedRecordDb::CreateGetDistinctValue(DataType type, const std::string conditionColumns) const { diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index a49c3feab..bbc2994d2 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -22,6 +22,7 @@ #include "data_translator.h" #include "field_const.h" #include "permission_record_repository.h" +#include "permission_used_record_cache.h" #include "active_status_callback_manager.h" #include "time_util.h" #include "to_string.h" @@ -60,50 +61,10 @@ bool PermissionRecordManager::AddRecord( if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { return false; } - - GenericValues nullValues; - GenericValues recordValues; - std::vector insertValues; - std::vector findValues; - PermissionRecord::TranslationIntoGenericValues(record, recordValues); - - int64_t insertTimestamp = record.timestamp; - int64_t insertAccessDuration = record.accessDuration; - int32_t insertAccessCount = record.accessCount; - int32_t insertRejectCount = record.rejectCount; - recordValues.Remove(FIELD_TIMESTAMP); - recordValues.Remove(FIELD_ACCESS_DURATION); - recordValues.Remove(FIELD_ACCESS_COUNT); - recordValues.Remove(FIELD_REJECT_COUNT); - if (!PermissionRecordRepository::GetInstance().FindRecordValues(recordValues, nullValues, findValues)) { - return false; - } - - recordValues.Put(FIELD_TIMESTAMP, insertTimestamp); - recordValues.Put(FIELD_ACCESS_DURATION, insertAccessDuration); - recordValues.Put(FIELD_ACCESS_COUNT, insertAccessCount); - recordValues.Put(FIELD_REJECT_COUNT, insertRejectCount); - for (const auto& rec : findValues) { - if (insertTimestamp - rec.GetInt64(FIELD_TIMESTAMP) < Constant::PRECISE) { - insertAccessDuration += rec.GetInt64(FIELD_ACCESS_DURATION); - insertAccessCount += rec.GetInt(FIELD_ACCESS_COUNT); - insertRejectCount += rec.GetInt(FIELD_REJECT_COUNT); - recordValues.Remove(FIELD_ACCESS_DURATION); - recordValues.Remove(FIELD_ACCESS_COUNT); - recordValues.Remove(FIELD_REJECT_COUNT); - - recordValues.Put(FIELD_ACCESS_DURATION, insertAccessDuration); - recordValues.Put(FIELD_ACCESS_COUNT, insertAccessCount); - recordValues.Put(FIELD_REJECT_COUNT, insertRejectCount); - - if (!PermissionRecordRepository::GetInstance().RemoveRecordValues(rec)) { - return false; - } - break; - } + if (PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(record) == Constant::SUCCESS) { + return true; } - insertValues.emplace_back(recordValues); - return PermissionRecordRepository::GetInstance().AddRecordValues(insertValues); + return false; } bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, @@ -145,13 +106,16 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, } if (!AddRecord(tokenId, permissionName, successCount, failCount)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Add record failed"); return Constant::FAILURE; } + ACCESSTOKEN_LOG_DEBUG(LABEL, "Add record successful"); return Constant::SUCCESS; } void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}d, deviceID = %{public}s", tokenId, deviceID.c_str()); if (tokenId == 0) { ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is 0"); return; @@ -160,7 +124,7 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, // only support remove by tokenId(local) std::string device = GetDeviceId(tokenId); if (device.empty()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId = %{public}d", tokenId); return; } @@ -172,7 +136,7 @@ void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, Utils::UniqueWriteGuard lk(this->rwLock_); GenericValues record; record.Put(FIELD_TOKEN_ID, (int32_t)tokenId); - PermissionRecordRepository::GetInstance().RemoveRecordValues(record); + PermissionUsedRecordCache::GetInstance().RemoveRecords(record); // remove from cache and database } int32_t PermissionRecordManager::GetPermissionUsedRecords( @@ -201,15 +165,18 @@ int32_t PermissionRecordManager::GetPermissionUsedRecordsAsync( return Constant::SUCCESS; } -bool PermissionRecordManager::GetLocalRecordTokenIdList(std::vector& tokenIdList) +bool PermissionRecordManager::GetLocalRecordTokenIdList(std::set& tokenIdList) { std::vector results; { Utils::UniqueWriteGuard lk(this->rwLock_); + // find tokenId from cache + PermissionUsedRecordCache::GetInstance().FindTokenIdList(tokenIdList); + // find tokenId from database PermissionRecordRepository::GetInstance().GetAllRecordValuesByKey(FIELD_TOKEN_ID, results); } for (const auto& res : results) { - tokenIdList.emplace_back(res.GetInt(FIELD_TOKEN_ID)); + tokenIdList.emplace(res.GetInt(FIELD_TOKEN_ID)); } return true; } @@ -224,32 +191,23 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& return false; } - std::vector tokenIdList; + std::set tokenIdList; if (request.tokenId == 0) { - GetLocalRecordTokenIdList(tokenIdList); + GetLocalRecordTokenIdList(tokenIdList); } else { - tokenIdList.emplace_back(request.tokenId); + tokenIdList.emplace(request.tokenId); } - + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetLocalRecordTokenIdList.size = %{public}zu", tokenIdList.size()); Utils::UniqueWriteGuard lk(this->rwLock_); for (const auto& tokenId : tokenIdList) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenId = %{public}d", tokenId); andConditionValues.Put(FIELD_TOKEN_ID, (int32_t)tokenId); std::vector findRecordsValues; - if (!PermissionRecordRepository::GetInstance().FindRecordValues( - andConditionValues, orConditionValues, findRecordsValues)) { - return false; - } + PermissionUsedRecordCache::GetInstance().GetRecords(request.permissionList, + andConditionValues, orConditionValues, findRecordsValues); // find records from cache and database andConditionValues.Remove(FIELD_TOKEN_ID); - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - continue; - } BundleUsedRecord bundleRecord; - bundleRecord.tokenId = tokenId; - bundleRecord.isRemote = false; - bundleRecord.deviceId = ConstantCommon::GetLocalDeviceId(); - bundleRecord.bundleName = tokenInfo.bundleName; - + CreateBundleUsedRecord(tokenId, bundleRecord); if (!findRecordsValues.empty()) { if (!GetRecords(request.flag, findRecordsValues, bundleRecord, result)) { return false; @@ -263,6 +221,20 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& return true; } +bool PermissionRecordManager::CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord) +{ + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetHapTokenInfo failed"); + return false; + } + bundleRecord.tokenId = tokenId; + bundleRecord.isRemote = false; + bundleRecord.deviceId = ConstantCommon::GetLocalDeviceId(); + bundleRecord.bundleName = tokenInfo.bundleName; + return true; +} + bool PermissionRecordManager::GetRecords( int32_t flag, std::vector recordValues, BundleUsedRecord& bundleRecord, PermissionUsedResult& result) { @@ -278,7 +250,7 @@ bool PermissionRecordManager::GetRecords( record.Put(FIELD_FLAG, flag); if (DataTranslator::TranslationGenericValuesIntoPermissionUsedRecord(record, tmpPermissionRecord) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_INFO(LABEL, "Failed to transform opcode(%{public}d) into permission", + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to transform opcode(%{public}d) into permission", record.GetInt(FIELD_OP_CODE)); continue; } @@ -337,24 +309,25 @@ void PermissionRecordManager::ExecuteDeletePermissionRecordTask() int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) { Utils::UniqueWriteGuard lk(this->rwLock_); - GenericValues nullValues; - std::vector deleteRecordValues; - if (!PermissionRecordRepository::GetInstance().FindRecordValues(nullValues, nullValues, deleteRecordValues)) { + GenericValues countValue; + if (!PermissionRecordRepository::GetInstance().CountRecordValues(countValue)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "DeletePermissionRecord failed"); return Constant::FAILURE; } - - size_t deleteSize = 0; - if (deleteRecordValues.size() > Constant::MAX_TOTAL_RECORD) { - deleteSize = deleteRecordValues.size() - Constant::MAX_TOTAL_RECORD; - for (size_t i = 0; i < deleteSize; ++i) { - PermissionRecordRepository::GetInstance().RemoveRecordValues(deleteRecordValues[i]); + int64_t total = countValue.GetInt64(Constant::COUNT_CMD); + if (total > Constant::MAX_TOTAL_RECORD) { + unsigned excessiveSize = total - Constant::MAX_TOTAL_RECORD; + if (!PermissionRecordRepository::GetInstance().DeleteExcessiveSizeRecordValues(excessiveSize)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExcessiveSizeRecordValues failed"); + return Constant::FAILURE; } } + GenericValues andConditionValues; int64_t deleteTimestamp = TimeUtil::GetCurrentTimestamp() - days; - for (size_t i = deleteSize; i < deleteRecordValues.size(); ++i) { - if (deleteRecordValues[i].GetInt64(FIELD_TIMESTAMP) < deleteTimestamp) { - PermissionRecordRepository::GetInstance().RemoveRecordValues(deleteRecordValues[i]); - } + andConditionValues.Put(FIELD_TIMESTAMP_END, deleteTimestamp); + if (!PermissionRecordRepository::GetInstance().DeleteExpireRecordsValues(andConditionValues)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExpireRecordsValues failed"); + return Constant::FAILURE; } return Constant::SUCCESS; } diff --git a/services/privacymanager/src/record/permission_record_repository.cpp b/services/privacymanager/src/record/permission_record_repository.cpp index 60eb58f66..1fa1d10af 100644 --- a/services/privacymanager/src/record/permission_record_repository.cpp +++ b/services/privacymanager/src/record/permission_record_repository.cpp @@ -82,6 +82,36 @@ bool PermissionRecordRepository::GetAllRecordValuesByKey( } return true; } + +int32_t PermissionRecordRepository::CountRecordValues(GenericValues& resultValues) +{ + if (PermissionUsedRecordDb::GetInstance().Count(PermissionUsedRecordDb::PERMISSION_RECORD, resultValues) + != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot count PERMISSION_RECORD"); + return false; + } + return true; +} + +bool PermissionRecordRepository::DeleteExpireRecordsValues(const GenericValues& andConditions) +{ + if (PermissionUsedRecordDb::GetInstance().DeleteExpireRecords(PermissionUsedRecordDb::PERMISSION_RECORD, + andConditions) != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_RECORD delete fail"); + return false; + } + return true; +} + +bool PermissionRecordRepository::DeleteExcessiveSizeRecordValues(int32_t excessiveSize) +{ + if (PermissionUsedRecordDb::GetInstance().DeleteExcessiveRecords(PermissionUsedRecordDb::PERMISSION_RECORD, + excessiveSize) != PermissionUsedRecordDb::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "PERMISSION_RECORD delete fail"); + return false; + } + return true; +} } // namespace AccessToken } // namespace Security } // namespace OHOS \ No newline at end of file diff --git a/services/privacymanager/src/record/permission_used_record_cache.cpp b/services/privacymanager/src/record/permission_used_record_cache.cpp new file mode 100644 index 000000000..30c64fcd5 --- /dev/null +++ b/services/privacymanager/src/record/permission_used_record_cache.cpp @@ -0,0 +1,425 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_used_record_cache.h" +#include "accesstoken_log.h" +#include "constant.h" +#include "field_const.h" +#include "generic_values.h" +#include "permission_record.h" +#include "permission_record_manager.h" +#include "permission_record_node.h" +#include "permission_record_repository.h" +#include "permission_used_record_db.h" +#include "time_util.h" +#include "to_string.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_PRIVACY, "PermissionUsedRecordCache" +}; +} + +PermissionUsedRecordCache& PermissionUsedRecordCache::GetInstance() +{ + static PermissionUsedRecordCache instance; + return instance; +} + +int32_t PermissionUsedRecordCache::AddRecordToBuffer(PermissionRecord& record) +{ + if (nextPersistTimestamp_ == 0) { + nextPersistTimestamp_ = record.timestamp + INTERVAL; + } + std::shared_ptr curFindMergePos; + std::shared_ptr persistPendingBufferHead; + std::shared_ptr persistPendingBufferEnd = nullptr; + { + Utils::UniqueWriteGuard lock1(this->cacheLock_); + curFindMergePos = curRecordBufferPos_; + persistPendingBufferHead = recordBufferHead_; + int32_t remainCount = 0; + while (curFindMergePos != recordBufferHead_) { + auto pre = curFindMergePos->pre.lock(); + if ((record.timestamp - curFindMergePos->record.timestamp) >= INTERVAL) { + persistPendingBufferEnd = curFindMergePos; + break; + } else if (curFindMergePos->record.tokenId == record.tokenId && + record.opCode == curFindMergePos->record.opCode && + (record.timestamp - curFindMergePos->record.timestamp) <= Constant::PRECISE) { + MergeRecord(record, curFindMergePos); + } else { + remainCount++; + } + curFindMergePos = pre; + } + AddRecordNode(record); // refresh curRecordBUfferPos and readableSize + remainCount++; + if (persistPendingBufferEnd != nullptr) { + readableSize_ = remainCount; + std::shared_ptr tmpRecordBufferHead = + std::make_shared(); + tmpRecordBufferHead->next = persistPendingBufferEnd->next; + persistPendingBufferEnd->next.reset(); + recordBufferHead_ = tmpRecordBufferHead; + if (persistPendingBufferEnd == curRecordBufferPos_) { // persistPendingBufferEnd == curRecordBufferPos + curRecordBufferPos_ = recordBufferHead_; + } else { // remainCount !=0 ==> recordBufferHead->next != nullptr + recordBufferHead_->next->pre = recordBufferHead_; + } + } + } + if (persistPendingBufferEnd != nullptr) { + AddToPersistQueue(persistPendingBufferHead); + } + return Constant::SUCCESS; +} + +void PermissionUsedRecordCache::MergeRecord(PermissionRecord& record, + std::shared_ptr curFindMergePos) +{ + record.accessDuration += curFindMergePos->record.accessDuration; + record.accessCount += curFindMergePos->record.accessCount; + record.rejectCount += curFindMergePos->record.rejectCount; + if (curRecordBufferPos_ == curFindMergePos) { + curRecordBufferPos_ = curRecordBufferPos_->pre.lock(); + } + DeleteRecordNode(curFindMergePos); // delete old same node + readableSize_--; +} + +void PermissionUsedRecordCache::AddToPersistQueue( + const std::shared_ptr persistPendingBufferHead) +{ + bool startPersist = false; + { + Utils::UniqueWriteGuard lock2(this->cacheLock_); + persistPendingBufferQueue_.emplace_back(persistPendingBufferHead); + if ((TimeUtil::GetCurrentTimestamp() >= nextPersistTimestamp_ || + readableSize_ >= MAX_PERSIST_SIZE) && persistIsRunning_ == 0) { + startPersist = true; + } + } + if (startPersist) { + ExecuteReadRecordBufferTask(); + } +} + +void PermissionUsedRecordCache::ExecuteReadRecordBufferTask() +{ + if (readRecordBufferTaskWorker_.GetCurTaskNum() > 1) { + ACCESSTOKEN_LOG_INFO(LABEL, "Already has read record buffer task!"); + return; + } + auto readRecordBufferTask = [this]() { + ACCESSTOKEN_LOG_INFO(LABEL, "ReadRecordBuffer task called"); + PersistPendingRecords(); + }; + readRecordBufferTaskWorker_.AddTask(readRecordBufferTask); +} + +int32_t PermissionUsedRecordCache::PersistPendingRecords() +{ + std::shared_ptr persistPendingBufferHead; + bool isEmpty; + std::vector insertValues; + { + Utils::UniqueReadGuard lock2(this->cacheLock_); + isEmpty = persistPendingBufferQueue_.empty(); + persistIsRunning_ = 1; + nextPersistTimestamp_ = 0; + } + while (!isEmpty) { + { + Utils::UniqueWriteGuard lock2(this->cacheLock_); + persistPendingBufferHead = persistPendingBufferQueue_[0]; + persistPendingBufferQueue_.erase(persistPendingBufferQueue_.begin()); + } + std::shared_ptr curPendingRecordNode = + persistPendingBufferHead->next; + while (curPendingRecordNode != nullptr) { + auto next = curPendingRecordNode->next; + GenericValues tmpRecordValues; + PermissionRecord tmpRecord = curPendingRecordNode->record; + PermissionRecord::TranslationIntoGenericValues(tmpRecord, tmpRecordValues); + insertValues.emplace_back(tmpRecordValues); + DeleteRecordNode(curPendingRecordNode); + curPendingRecordNode = next; + } + if (!insertValues.empty() && !PermissionRecordRepository::GetInstance().AddRecordValues(insertValues)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to persist pending records"); + } + ACCESSTOKEN_LOG_DEBUG(LABEL, "Persist pending records successful"); + { + Utils::UniqueReadGuard lock2(this->cacheLock_); + isEmpty = persistPendingBufferQueue_.empty(); + } + } + { + Utils::UniqueReadGuard lock2(this->cacheLock_); + if (isEmpty) { // free persistPendingBufferQueue + std::vector> tmpPersistPendingBufferQueue; + std::swap(tmpPersistPendingBufferQueue, persistPendingBufferQueue_); + } + persistIsRunning_ = 0; + } + return true; +} + +int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues &record) +{ + AccessTokenID tokenID = record.GetInt(FIELD_TOKEN_ID); + std::shared_ptr curFindDeletePos; + std::shared_ptr persistPendingBufferHead; + std::shared_ptr persistPendingBufferEnd = nullptr; + int32_t countPersistPendingNode = 0; + { + Utils::UniqueWriteGuard lock1(this->cacheLock_); + curFindDeletePos = recordBufferHead_->next; + persistPendingBufferHead = recordBufferHead_; + while (curFindDeletePos != nullptr) { + auto next = curFindDeletePos->next; + if (curFindDeletePos->record.tokenId == tokenID) { + if (curRecordBufferPos_ == curFindDeletePos) { + curRecordBufferPos_ = curFindDeletePos->pre.lock(); + } + DeleteRecordNode(curFindDeletePos); + readableSize_--; + } else if (TimeUtil::GetCurrentTimestamp() - + curFindDeletePos->record.timestamp >= INTERVAL) { + persistPendingBufferEnd = curFindDeletePos; + countPersistPendingNode++; + } + curFindDeletePos = next; + } + if (countPersistPendingNode != 0) { // refresh recordBufferHead + readableSize_ -= countPersistPendingNode; + std::shared_ptr tmpRecordBufferHead = + std::make_shared(); + tmpRecordBufferHead->next = persistPendingBufferEnd->next; + persistPendingBufferEnd->next.reset(); + recordBufferHead_ = tmpRecordBufferHead; + recordBufferHead_->pre.reset(); + if (persistPendingBufferEnd == curRecordBufferPos_) { + curRecordBufferPos_ = recordBufferHead_; + } else { // remainCount !=0 ==> recordBufferHead->next != nullptr + recordBufferHead_->next->pre = recordBufferHead_; + } + } + } + RemoveRecordsFromPersistPendingBufferQueue(record, persistPendingBufferHead, persistPendingBufferEnd); + return Constant::SUCCESS; +} + +void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const GenericValues &record, + std::shared_ptr persistPendingBufferHead, + std::shared_ptr persistPendingBufferEnd) +{ + AccessTokenID tokenID = record.GetInt(FIELD_TOKEN_ID); + { + std::shared_ptr curFindDeletePos; + Utils::UniqueWriteGuard lock2(this->cacheLock_); + if (!persistPendingBufferQueue_.empty()) { + for (auto persistHead : persistPendingBufferQueue_) { + curFindDeletePos = persistHead->next; + while (curFindDeletePos != nullptr) { + auto next = curFindDeletePos->next; + if (curFindDeletePos->record.tokenId == tokenID) { + DeleteRecordNode(curFindDeletePos); + } + curFindDeletePos = next; + } + } + } + PermissionRecordRepository::GetInstance().RemoveRecordValues(record); // remove from database + } + if (persistPendingBufferEnd != nullptr) { // add to queue + AddToPersistQueue(persistPendingBufferHead); + } +} + +void PermissionUsedRecordCache::GetRecords(const std::vector& permissionList, + const GenericValues &andConditionValues, const GenericValues& orConditionValues, + std::vector& findRecordsValues) +{ + std::set opCodeList; + std::shared_ptr curFindPos; + std::shared_ptr persistPendingBufferHead; + std::shared_ptr persistPendingBufferEnd = nullptr; + int32_t countPersistPendingNode = 0; + AccessTokenID tokenID = andConditionValues.GetInt(FIELD_TOKEN_ID); + TransferToOpcode(opCodeList, permissionList); + { + Utils::UniqueWriteGuard lock1(this->cacheLock_); + curFindPos = recordBufferHead_->next; + persistPendingBufferHead = recordBufferHead_; + while (curFindPos != nullptr) { + auto next = curFindPos->next; + if (RecordCompare(tokenID, opCodeList, andConditionValues, curFindPos->record)) { + GenericValues recordValues; + PermissionRecord::TranslationIntoGenericValues(curFindPos->record, recordValues); + findRecordsValues.emplace_back(recordValues); + } + if (TimeUtil::GetCurrentTimestamp() - curFindPos->record.timestamp >= INTERVAL) { + persistPendingBufferEnd = curFindPos; + countPersistPendingNode++; + } + curFindPos = next; + } + if (countPersistPendingNode != 0) { // refresh recordBufferHead + readableSize_ -= countPersistPendingNode; + std::shared_ptr tmpRecordBufferHead = + std::make_shared(); + tmpRecordBufferHead->next = persistPendingBufferEnd->next; + persistPendingBufferEnd->next.reset(); + recordBufferHead_ = tmpRecordBufferHead; + if (persistPendingBufferEnd == curRecordBufferPos_) { + curRecordBufferPos_ = recordBufferHead_; + } else { // remainCount !=0 ==> recordBufferHead->next != nullptr + recordBufferHead_->next->pre = recordBufferHead_; + } + } + } + GetRecordsFromPersistPendingBufferQueue(permissionList, andConditionValues, + orConditionValues, findRecordsValues, opCodeList); + if (countPersistPendingNode != 0) { + AddToPersistQueue(persistPendingBufferHead); + } +} + +void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( + const std::vector& permissionList, const GenericValues& andConditionValues, + const GenericValues& orConditionValues, std::vector& findRecordsValues, + const std::set& opCodeList) +{ + AccessTokenID tokenID = andConditionValues.GetInt(FIELD_TOKEN_ID); + std::shared_ptr curFindPos; + Utils::UniqueWriteGuard lock2(this->cacheLock_); + if (!persistPendingBufferQueue_.empty()) { + for (auto persistHead : persistPendingBufferQueue_) { + curFindPos = persistHead->next; + while (curFindPos != nullptr) { + auto next = curFindPos->next; + if (RecordCompare(tokenID, opCodeList, andConditionValues, curFindPos->record)) { + GenericValues recordValues; + PermissionRecord::TranslationIntoGenericValues(curFindPos->record, recordValues); + findRecordsValues.emplace_back(recordValues); + } + curFindPos = next; + } + } + } + if (tokenID != INVALID_TOKENID && !PermissionRecordRepository::GetInstance().FindRecordValues( + andConditionValues, orConditionValues, findRecordsValues)) { // find records from database + ACCESSTOKEN_LOG_ERROR(LABEL, "find records from database failed"); + } +} + +void PermissionUsedRecordCache::TransferToOpcode(std::set& opCodeList, + const std::vector& permissionList) +{ + for (const auto& permission : permissionList) { + int32_t opCode = Constant::OP_INVALID; + Constant::TransferPermissionToOpcode(permission, opCode); + opCodeList.insert(opCode); + } +} + +bool PermissionUsedRecordCache::RecordCompare(const AccessTokenID tokenID, const std::set& opCodeList, + const GenericValues &andConditionValues, const PermissionRecord &record) +{ + // compare tokenId + if (record.tokenId != (int32_t)tokenID) { + return false; + } + // compare opCode + if (!opCodeList.empty() && opCodeList.find(record.opCode) == opCodeList.end()) { + return false; + } + // compare timestamp + std::vector andColumns = andConditionValues.GetAllKeys(); + if (!andColumns.empty()) { + for (auto andColumn : andColumns) { + if (andColumn == FIELD_TIMESTAMP_BEGIN && + record.timestamp < andConditionValues.GetInt64(andColumn)) { + return false; + } else if (andColumn == FIELD_TIMESTAMP_END && + record.timestamp > andConditionValues.GetInt64(andColumn)) { + return false; + } else if (andColumn == FIELD_TIMESTAMP && + record.timestamp != andConditionValues.GetInt64(andColumn)) { + return false; + } + } + } + return true; +} + +void PermissionUsedRecordCache::FindTokenIdList(std::set& tokenIdList) +{ + std::shared_ptr curFindPos; + { + // find tokenIdList from recordBuffer + Utils::UniqueWriteGuard lock1(this->cacheLock_); + curFindPos = recordBufferHead_->next; + while (curFindPos != nullptr) { + auto next = curFindPos->next; + tokenIdList.emplace((AccessTokenID)curFindPos->record.tokenId); + curFindPos = next; + } + } + { + // find tokenIdList from BufferQueue + Utils::UniqueWriteGuard lock2(this->cacheLock_); + if (!persistPendingBufferQueue_.empty()) { + for (auto persistHead : persistPendingBufferQueue_) { + curFindPos = persistHead->next; + while (curFindPos != nullptr) { + auto next = curFindPos->next; + tokenIdList.emplace((AccessTokenID)curFindPos->record.tokenId); + curFindPos = next; + } + } + } + } +} + +void PermissionUsedRecordCache::AddRecordNode(const PermissionRecord& record) +{ + std::shared_ptr tmpRecordNode = std::make_shared(); + tmpRecordNode->record = record; + tmpRecordNode->pre = curRecordBufferPos_; + curRecordBufferPos_->next = tmpRecordNode; + curRecordBufferPos_ = curRecordBufferPos_->next; + readableSize_++; +} + +void PermissionUsedRecordCache::DeleteRecordNode(std::shared_ptr deleteRecordNode) +{ + std::shared_ptr pre = deleteRecordNode->pre.lock(); + if (deleteRecordNode->next == nullptr) { // End of the linked list + pre->next = nullptr; + } else { + std::shared_ptr next = deleteRecordNode->next; + pre->next = next; + next->pre = pre; + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file -- Gitee From 696b590bb2c2baa72959d193a9e2ef3a8b88aa8b Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 18 Aug 2022 12:45:16 +0800 Subject: [PATCH 20/68] =?UTF-8?q?Hap=20=E7=9A=84tokeninfo=E4=B8=AD?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0apiversion=E5=AD=97=E6=AE=B5=20Signed-off-by:?= =?UTF-8?q?chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- README.md | 2 +- README_zh.md | 2 +- frameworks/accesstoken/include/i_accesstoken_manager.h | 4 ++-- frameworks/accesstoken/src/hap_info_parcel.cpp | 2 ++ frameworks/accesstoken/src/hap_token_info_parcel.cpp | 2 ++ interfaces/innerkits/accesstoken/include/accesstoken_kit.h | 3 ++- interfaces/innerkits/accesstoken/include/hap_token_info.h | 2 ++ interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp | 5 +++-- .../accesstoken/src/accesstoken_manager_client.cpp | 4 ++-- .../innerkits/accesstoken/src/accesstoken_manager_client.h | 3 ++- .../accesstoken/src/accesstoken_manager_proxy.cpp | 7 +++++-- .../innerkits/accesstoken/src/accesstoken_manager_proxy.h | 2 +- .../main/cpp/include/service/accesstoken_manager_service.h | 2 +- .../main/cpp/include/token/accesstoken_info_manager.h | 3 ++- .../main/cpp/include/token/hap_token_info_inner.h | 2 +- .../main/cpp/src/database/sqlite_storage.cpp | 3 ++- .../main/cpp/src/service/accesstoken_manager_service.cpp | 6 +++--- .../main/cpp/src/service/accesstoken_manager_stub.cpp | 3 ++- .../main/cpp/src/token/accesstoken_info_manager.cpp | 4 ++-- .../main/cpp/src/token/hap_token_info_inner.cpp | 7 ++++++- services/common/database/include/field_const.h | 2 ++ 21 files changed, 46 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 709d3a7bd..177f40424 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ The ATM module provides the following functions: | --- | --- | | AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | Allocates a token ID to an app.| | AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | Allocates a local token ID to the app of a remote device.| -| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); | Updates token information.| +| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); | Updates token information.| | int DeleteToken(AccessTokenID tokenID); | Deletes the app's token ID and information.| | int GetTokenType(AccessTokenID tokenID); | Obtains the type of an access token.| | int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); | Checks whether the native process corresponding to the given token ID has the specified distributed capability.| diff --git a/README_zh.md b/README_zh.md index 60e5fa6b4..5405b3aba 100644 --- a/README_zh.md +++ b/README_zh.md @@ -44,7 +44,7 @@ ATM模块主要提供如下功能: | --- | --- | | AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | 为应用进程分配一个tokenID | | AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | 为远端设备的应用进程分配一个本地tokenID | -| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | +| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | | int DeleteToken(AccessTokenID tokenID); | 删除应用tokenID及其对应的tokenInfo信息 | | int GetTokenType(AccessTokenID tokenID); | 查询指定tokenID的类型 | | int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); | 检测指定tokenID对应的native进程是否具有指定的分布式能力 | diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 466cafd37..4e681974e 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -62,8 +62,8 @@ public: virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0; virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0; virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0; - virtual int UpdateHapToken( - AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0; + virtual int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, + const HapPolicyParcel& policyParcel) = 0; virtual int32_t RegisterPermStateChangeCallback( const PermStateChangeScopeParcel& scope, const sptr& callback) = 0; virtual int32_t UnRegisterPermStateChangeCallback(const sptr& callback) = 0; diff --git a/frameworks/accesstoken/src/hap_info_parcel.cpp b/frameworks/accesstoken/src/hap_info_parcel.cpp index 8168de392..1816c7296 100644 --- a/frameworks/accesstoken/src/hap_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_info_parcel.cpp @@ -26,6 +26,7 @@ bool HapInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.instIndex)); RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.dlpType)); RETURN_IF_FALSE(out.WriteString(this->hapInfoParameter.appIDDesc)); + RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.apiVersion)); return true; } @@ -38,6 +39,7 @@ HapInfoParcel* HapInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.instIndex), hapInfoParcel); RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.dlpType), hapInfoParcel); hapInfoParcel->hapInfoParameter.appIDDesc = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.apiVersion), hapInfoParcel); return hapInfoParcel; } diff --git a/frameworks/accesstoken/src/hap_token_info_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_parcel.cpp index 414587d82..6d209ca4b 100644 --- a/frameworks/accesstoken/src/hap_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_token_info_parcel.cpp @@ -25,6 +25,7 @@ bool HapTokenInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteUint8(this->hapTokenInfoParams.ver)); RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.userID)); RETURN_IF_FALSE(out.WriteString(this->hapTokenInfoParams.bundleName)); + RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.apiVersion)); RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.instIndex)); RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.dlpType)); RETURN_IF_FALSE(out.WriteString(this->hapTokenInfoParams.appID)); @@ -46,6 +47,7 @@ HapTokenInfoParcel* HapTokenInfoParcel::Unmarshalling(Parcel& in) hapTokenInfoParcel->hapTokenInfoParams.ver = ver; RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.userID), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.bundleName = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.apiVersion), hapTokenInfoParcel); RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.instIndex), hapTokenInfoParcel); RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.dlpType), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.appID = in.ReadString(); diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 64f6b7b5c..fa031d18e 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -35,7 +35,8 @@ class AccessTokenKit { public: static AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); - static int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + static int UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); static int DeleteToken(AccessTokenID tokenID); /* Get token type by ATM service */ static ATokenTypeEnum GetTokenType(AccessTokenID tokenID); diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index a48318843..917b8733b 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -32,6 +32,7 @@ public: int instIndex; int dlpType; std::string appIDDesc; + int32_t apiVersion; }; class HapPolicyParams final { @@ -48,6 +49,7 @@ public: char ver; int userID; std::string bundleName; + int32_t apiVersion; int instIndex; int dlpType; std::string appID; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 5efb0221c..b1d470447 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -59,7 +59,8 @@ AccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceI #endif } -int AccessTokenKit::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) +int AccessTokenKit::UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if ((tokenID == 0) || (!DataValidator::IsAppIDDescValid(appIDDesc)) || @@ -67,7 +68,7 @@ int AccessTokenKit::UpdateHapToken(AccessTokenID tokenID, const std::string& app ACCESSTOKEN_LOG_ERROR(LABEL, "input param failed"); return RET_FAILED; } - return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenID, appIDDesc, policy); + return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenID, appIDDesc, apiVersion, policy); } int AccessTokenKit::DeleteToken(AccessTokenID tokenID) diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 44f470037..c8b2f0633 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -349,7 +349,7 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( } int AccessTokenManagerClient::UpdateHapToken( - AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -359,7 +359,7 @@ int AccessTokenManagerClient::UpdateHapToken( } HapPolicyParcel hapPolicyParcel; hapPolicyParcel.hapPolicyParameter = policy; - return proxy->UpdateHapToken(tokenID, appIDDesc, hapPolicyParcel); + return proxy->UpdateHapToken(tokenID, appIDDesc, apiVersion, hapPolicyParcel); } int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index f2ef276ae..1d0dbddef 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -60,7 +60,8 @@ public: int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); - int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + int UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); int32_t RegisterPermStateChangeCallback( diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 0b5b01b17..98692fa75 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -739,8 +739,8 @@ int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo return result; } -int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, - const std::string& appIDDesc, const HapPolicyParcel& policyParcel) +int AccessTokenManagerProxy::UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyParcel) { MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); @@ -750,6 +750,9 @@ int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, if (!data.WriteString(appIDDesc)) { return RET_FAILED; } + if (!data.WriteInt32(apiVersion)) { + return RET_FAILED; + } if (!data.WriteParcelable(&policyParcel)) { return RET_FAILED; } diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 6177b1c6d..cc897d6cd 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -57,7 +57,7 @@ public: AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override; int DeleteToken(AccessTokenID tokenID) override; - int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyPar) override; int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index ebc754ad1..e2414ca25 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -61,7 +61,7 @@ public: int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& InfoParcel) override; int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override; int UpdateHapToken(AccessTokenID tokenID, - const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override; + const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyParcel) override; int32_t RegisterPermStateChangeCallback( const PermStateChangeScopeParcel& scope, const sptr& callback) override; int32_t UnRegisterPermStateChangeCallback(const sptr& callback) override; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 0620800f0..88994f2f2 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -53,7 +53,8 @@ public: AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); void ProcessNativeTokenInfos(const std::vector>& tokenInfos); - int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + int UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); void DumpTokenInfo(std::string& dumpInfo); void RefreshTokenInfoIfNeeded(); diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index d62cd14e9..ace08daad 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -38,7 +38,7 @@ public: const std::vector& permStateList); virtual ~HapTokenInfoInner(); - void Update(const std::string& appIDDesc, const HapPolicyParams& policy); + void Update(const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); void TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const; void StoreHapInfo(std::vector& hapInfoValues, std::vector& permStateValues) const; diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp index ed72bd2d8..5763a0c4a 100644 --- a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp @@ -58,7 +58,7 @@ SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATA FIELD_BUNDLE_NAME, FIELD_INST_INDEX, FIELD_DLP_TYPE, FIELD_APP_ID, FIELD_DEVICE_ID, FIELD_APL, FIELD_TOKEN_VERSION, - FIELD_TOKEN_ATTR + FIELD_TOKEN_ATTR, FIELD_API_VERSION }; SqliteTable NativeTokenInfoTable; @@ -299,6 +299,7 @@ int SqliteStorage::CreateHapTokenInfoTable() const .append(FIELD_APL + " integer not null,") .append(FIELD_TOKEN_VERSION + " integer not null,") .append(FIELD_TOKEN_ATTR + " integer not null,") + .append(FIELD_API_VERSION + " integer not null,") .append("primary key(" + FIELD_TOKEN_ID) .append("))"); return ExecuteSql(sql); diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index f09dcdccb..ce1a55351 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -271,12 +271,12 @@ AccessTokenID AccessTokenManagerService::AllocLocalTokenID( return AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); } -int AccessTokenManagerService::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, - const HapPolicyParcel& policyParcel) +int AccessTokenManagerService::UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyParcel) { ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); - return AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenID, appIDDesc, + return AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenID, appIDDesc, apiVersion, policyParcel.hapPolicyParameter); } diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 4d4033611..dd2c129e9 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -284,13 +284,14 @@ void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessagePar } AccessTokenID tokenID = data.ReadUint32(); std::string appIDDesc = data.ReadString(); + int32_t apiVersion = data.ReadInt32(); sptr policyParcel = data.ReadParcelable(); if (policyParcel == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "policyParcel read faild"); reply.WriteInt32(RET_FAILED); return; } - int32_t result = this->UpdateHapToken(tokenID, appIDDesc, *policyParcel); + int32_t result = this->UpdateHapToken(tokenID, appIDDesc, apiVersion, *policyParcel); reply.WriteInt32(result); } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 3e873829a..ef440cdda 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -545,7 +545,7 @@ void AccessTokenInfoManager::ProcessNativeTokenInfos( } int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, - const std::string& appIDDesc, const HapPolicyParams& policy) + const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy) { if (!DataValidator::IsAppIDDescValid(appIDDesc)) { ACCESSTOKEN_LOG_INFO(LABEL, "token %{public}u parm format error!", tokenID); @@ -564,7 +564,7 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); - infoPtr->Update(appIDDesc, policy); + infoPtr->Update(appIDDesc, apiVersion, policy); ACCESSTOKEN_LOG_INFO(LABEL, "token %{public}u bundle name %{public}s user %{public}d inst %{public}d update ok!", tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index b1371e267..195743792 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -35,6 +35,7 @@ HapTokenInfoInner::HapTokenInfoInner() : isRemote_(false) tokenInfoBasic_.tokenID = 0; tokenInfoBasic_.tokenAttr = 0; tokenInfoBasic_.userID = 0; + tokenInfoBasic_.apiVersion = 0; tokenInfoBasic_.instIndex = 0; tokenInfoBasic_.dlpType = 0; tokenInfoBasic_.apl = APL_NORMAL; @@ -48,6 +49,7 @@ HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, tokenInfoBasic_.ver = DEFAULT_TOKEN_VERSION; tokenInfoBasic_.tokenAttr = 0; tokenInfoBasic_.bundleName = info.bundleName; + tokenInfoBasic_.apiVersion = info.apiVersion; tokenInfoBasic_.instIndex = info.instIndex; tokenInfoBasic_.dlpType = info.dlpType; tokenInfoBasic_.appID = info.appIDDesc; @@ -69,9 +71,10 @@ HapTokenInfoInner::~HapTokenInfoInner() "tokenID: 0x%{public}x destruction", tokenInfoBasic_.tokenID); } -void HapTokenInfoInner::Update(const std::string& appIDDesc, const HapPolicyParams& policy) +void HapTokenInfoInner::Update(const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy) { tokenInfoBasic_.appID = appIDDesc; + tokenInfoBasic_.apiVersion = apiVersion; tokenInfoBasic_.apl = policy.apl; if (permPolicySet_ == nullptr) { permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(tokenInfoBasic_.tokenID, @@ -93,6 +96,7 @@ void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericVa outGenericValues.Put(FIELD_TOKEN_ID, (int)tokenInfoBasic_.tokenID); outGenericValues.Put(FIELD_USER_ID, tokenInfoBasic_.userID); outGenericValues.Put(FIELD_BUNDLE_NAME, tokenInfoBasic_.bundleName); + outGenericValues.Put(FIELD_API_VERSION, tokenInfoBasic_.apiVersion); outGenericValues.Put(FIELD_INST_INDEX, tokenInfoBasic_.instIndex); outGenericValues.Put(FIELD_DLP_TYPE, tokenInfoBasic_.dlpType); outGenericValues.Put(FIELD_APP_ID, tokenInfoBasic_.appID); @@ -112,6 +116,7 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa return RET_FAILED; } + tokenInfoBasic_.apiVersion = inGenericValues.GetInt(FIELD_API_VERSION); tokenInfoBasic_.instIndex = inGenericValues.GetInt(FIELD_INST_INDEX); tokenInfoBasic_.dlpType = inGenericValues.GetInt(FIELD_DLP_TYPE); tokenInfoBasic_.appID = inGenericValues.GetString(FIELD_APP_ID); diff --git a/services/common/database/include/field_const.h b/services/common/database/include/field_const.h index 54f5e2136..aaa185f04 100644 --- a/services/common/database/include/field_const.h +++ b/services/common/database/include/field_const.h @@ -57,6 +57,8 @@ const std::string FIELD_REJECT_COUNT = "reject_count"; const std::string FIELD_TIMESTAMP_BEGIN = "timestamp_begin"; const std::string FIELD_TIMESTAMP_END = "timestamp_end"; const std::string FIELD_FLAG = "flag"; + +const std::string FIELD_API_VERSION = "api_version"; } // namespace AccessToken } // namespace Security } // namespace OHOS -- Gitee From c13dce0d45656af239a199ddc07a207011aab87e Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 18 Aug 2022 15:43:44 +0800 Subject: [PATCH 21/68] =?UTF-8?q?Hap=20=E7=9A=84tokeninfo=E4=B8=AD?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0apiversion=E5=AD=97=E6=AE=B5=EF=BC=8C?= =?UTF-8?q?=E9=80=82=E9=85=8D=E6=B5=8B=E8=AF=95=E4=BB=A3=E7=A0=81=20Signed?= =?UTF-8?q?-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../unittest/src/accesstoken_kit_test.cpp | 49 +++++++++++-------- .../cpp/src/accesstoken_info_manager_test.cpp | 3 +- 2 files changed, 31 insertions(+), 21 deletions(-) diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 700a7bb98..e68907169 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -26,6 +26,7 @@ using namespace testing::ext; using namespace OHOS::Security::AccessToken; namespace { +static constexpr int32_t DEFAULT_API_VERSION = 8; static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKitTest"}; PermissionStateFull g_grantPermissionReq = { @@ -85,7 +86,8 @@ HapInfoParams g_infoManagerTestInfoParms = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; HapPolicyParams g_infoManagerTestPolicyPrams = { @@ -99,7 +101,8 @@ HapInfoParams g_infoManagerTestInfoParmsBak = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; HapPolicyParams g_infoManagerTestPolicyPramsBak = { @@ -136,6 +139,7 @@ void AccessTokenKitTest::SetUp() .bundleName = TEST_BUNDLE_NAME, .instIndex = 0, .appIDDesc = "appIDDesc", + .apiVersion = DEFAULT_API_VERSION }; HapPolicyParams policy = { @@ -495,7 +499,7 @@ HWTEST_F(AccessTokenKitTest, GetReqPermissions003, TestSize.Level1) }; policy.permStateList.clear(); - ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, policy); + ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, DEFAULT_API_VERSION, policy); ASSERT_EQ(RET_SUCCESS, ret); std::vector permStatUserList; @@ -726,7 +730,7 @@ HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0) .permStateList = permStatList }; - ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, policy); + ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, DEFAULT_API_VERSION, policy); ASSERT_EQ(RET_SUCCESS, ret); ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); @@ -1683,21 +1687,24 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken018, TestSize.Level1) .userID = 1, .instIndex = 0, .dlpType = DLP_COMMON, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; HapInfoParams infoManagerTestInfoParms2 = { .bundleName = "dlp_test2", .userID = 1, .instIndex = 1, .dlpType = DLP_READ, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; HapInfoParams infoManagerTestInfoParms3 = { .bundleName = "dlp_test3", .userID = 1, .instIndex = 2, .dlpType = DLP_FULL_CONTROL, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; HapTokenInfo hapTokenInfoRes; AccessTokenID tokenID; @@ -1769,7 +1776,8 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken019, TestSize.Level1) .userID = 1, .instIndex = 4, .dlpType = INVALID_DLP_TYPE, - .appIDDesc = "testtesttesttest" + .appIDDesc = "testtesttesttest", + .apiVersion = DEFAULT_API_VERSION }; tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfoParms1, infoManagerTestPolicyPrams); @@ -1798,7 +1806,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken001, TestSize.Level1) GTEST_LOG_(INFO) << "tokenID :" << tokenID; g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; - int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(0, ret); HapTokenInfo hapTokenInfoRes; @@ -1820,7 +1828,8 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken001, TestSize.Level1) */ HWTEST_F(AccessTokenKitTest, UpdateHapToken002, TestSize.Level1) { - int ret = AccessTokenKit::UpdateHapToken(TEST_USER_ID_INVALID, "appIDDesc", g_infoManagerTestPolicyPrams); + int ret = AccessTokenKit::UpdateHapToken( + TEST_USER_ID_INVALID, "appIDDesc", DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_FAILED, ret); } @@ -1843,7 +1852,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken003, TestSize.Level1) AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); - int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_FAILED, ret); HapTokenInfo hapTokenInfoRes; @@ -1877,7 +1886,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken004, TestSize.Level1) g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5; - int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_FAILED, ret); HapTokenInfo hapTokenInfoRes; @@ -1909,7 +1918,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) std::string backup = g_infoManagerTestPolicyPrams.permList[0].permissionName; g_infoManagerTestPolicyPrams.permList[0].permissionName = ""; - int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); ASSERT_EQ(RET_FAILED, ret); g_infoManagerTestPolicyPrams.permList[0].permissionName = backup; @@ -1918,7 +1927,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp11"; backup = g_infoManagerTestPolicyPrams.permList[0].bundleName; g_infoManagerTestPolicyPrams.permList[0].bundleName = ""; - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); ASSERT_EQ(RET_FAILED, ret); g_infoManagerTestPolicyPrams.permList[0].bundleName = backup; @@ -1928,7 +1937,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp12"; backup = g_infoManagerTestPolicyPrams.permList[0].label; g_infoManagerTestPolicyPrams.permList[0].label = ""; - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_SUCCESS, ret); ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); ASSERT_EQ(RET_SUCCESS, ret); @@ -1939,7 +1948,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp13"; backup = g_infoManagerTestPolicyPrams.permList[0].description; g_infoManagerTestPolicyPrams.permList[0].description = ""; - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_SUCCESS, ret); ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); ASSERT_EQ(RET_SUCCESS, ret); @@ -1988,7 +1997,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) infoManagerTestInfo.instIndex = 1; g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; for (size_t i = 0; i < obj.size(); i++) { - ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); if (RET_SUCCESS != ret) { updateFlag = 1; break; @@ -2032,7 +2041,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken007, TestSize.Level1) backup = g_infoManagerTestPolicyPrams.permList[0].permissionName; g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.test3"; - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_SUCCESS, ret); g_infoManagerTestPolicyPrams.permList[0].permissionName = backup; @@ -2078,7 +2087,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken008, TestSize.Level1) backup = g_infoManagerTestPolicyPrams.permList[0].label; g_infoManagerTestPolicyPrams.permList[0].grantMode = 0; g_infoManagerTestPolicyPrams.permList[0].label = "updated label"; - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, g_infoManagerTestPolicyPrams); ASSERT_EQ(RET_SUCCESS, ret); g_infoManagerTestPolicyPrams.permList[0].label = backup; g_infoManagerTestPolicyPrams.permList[0].grantMode = 1; @@ -2128,7 +2137,7 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken009, TestSize.Level1) ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1"); ASSERT_EQ(ret, g_infoManagerTestState1.grantStatus[0]); - ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, infoManagerTestPolicyPrams); + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, DEFAULT_API_VERSION, infoManagerTestPolicyPrams); ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1"); ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp index 1f73623ba..d09a2b536 100644 --- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp @@ -35,6 +35,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenInfoManagerTest" }; +static constexpr int32_t DEFAULT_API_VERSION = 8; static PermissionDef g_infoManagerTestPermDef1 = { .permissionName = "open the door", .bundleName = "accesstoken_test", @@ -308,7 +309,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) HapPolicyParams policy = g_infoManagerTestPolicyPrams; policy.apl = APL_SYSTEM_BASIC; ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx.tokenIdExStruct.tokenID, - std::string("updateAppId"), policy); + std::string("updateAppId"), DEFAULT_API_VERSION, policy); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "update the hap token"; -- Gitee From a8c609a21a72d826137eeefea28bb600ca020b82 Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 18 Aug 2022 21:15:57 +0800 Subject: [PATCH 22/68] =?UTF-8?q?Hap=20=E7=9A=84tokeninfo=E4=B8=AD?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0apiversion=E5=AD=97=E6=AE=B5=EF=BC=8C?= =?UTF-8?q?=E9=80=82=E9=85=8Dfuzz=E6=B5=8B=E8=AF=95=E4=BB=A3=E7=A0=81=20Si?= =?UTF-8?q?gned-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../updatehaptoken_fuzzer/updatehaptoken_fuzzer.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/fuzztest/access_token/updatehaptoken_fuzzer/updatehaptoken_fuzzer.cpp b/test/fuzztest/access_token/updatehaptoken_fuzzer/updatehaptoken_fuzzer.cpp index 4fcdd1c35..80a4cd472 100644 --- a/test/fuzztest/access_token/updatehaptoken_fuzzer/updatehaptoken_fuzzer.cpp +++ b/test/fuzztest/access_token/updatehaptoken_fuzzer/updatehaptoken_fuzzer.cpp @@ -58,8 +58,8 @@ namespace OHOS { .permList = {TestPermDef}, .permStateList = {TestState} }; - - result = AccessTokenKit::UpdateHapToken(TOKENID, testdata, TestPolicyPrams); + constexpr int32_t DEFAULT_API_VERSION = 8; + result = AccessTokenKit::UpdateHapToken(TOKENID, testdata, DEFAULT_API_VERSION, TestPolicyPrams); } return result; } -- Gitee From 63b434dffbee682efe60d3c3c135892092d7c814 Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 19 Aug 2022 09:55:13 +0800 Subject: [PATCH 23/68] =?UTF-8?q?=E8=A1=A5=E5=85=85TDD=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=20Signed-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: Ie7aa2f4cd7add8d7a3c6baa399f1920de68c1ad9 --- .../unittest/src/accesstoken_kit_test.cpp | 32 ++++++++++ .../test/unittest/src/privacy_kit_test.cpp | 58 ++++++++++++++++++- .../token_callback/test/unittest/src/BUILD.gn | 0 .../test/unittest/src/token_callback_test.cpp | 43 ++++++++++++++ .../test/unittest/src/token_callback_test.h | 38 ++++++++++++ 5 files changed, 170 insertions(+), 1 deletion(-) create mode 100644 interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn create mode 100644 interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp create mode 100644 interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 700a7bb98..cded157da 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2416,6 +2416,38 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, res); } +/** + * @tc.name: DumpTokenInfo001 + * @tc.desc: Get dump token information + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, DumpTokenInfo001, TestSize.Level1) +{ + std::string info; + AccessTokenKit::DumpTokenInfo(info); + ASSERT_EQ(false, info.empty()); +} + +/** + * @tc.name: DeleteRemoteToken001 + * @tc.desc: DeleteRemoteToken with invalid parameters. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteToken001, TestSize.Level1) +{ + std::string deviceId = "device"; + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + int res = AccessTokenKit::DeleteRemoteToken("", tokenID); + ASSERT_EQ(RET_FAILED, res); + + res = AccessTokenKit::DeleteRemoteToken(deviceId, tokenID); + ASSERT_EQ(RET_FAILED, res); +} + class CbCustomizeTest : public PermStateChangeCallbackCustomize { public: explicit CbCustomizeTest(const PermStateChangeScope &scopeInfo) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3ba27bd00..766d32f1f 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -538,6 +538,63 @@ HWTEST_F(PrivacyKitTest, GetPermissionUsedRecordsAsync002, TestSize.Level1) ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, callback)); } +/** + * @tc.name: DumpRecordInfo001 + * @tc.desc: cannot DumpRecordInfo with invalid params. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, DumpRecordInfo001, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + + // invalid tokenId + std::string info = PrivacyKit::DumpRecordInfo(123, permission); + ASSERT_EQ(true, info.empty()); + + // invalid permission + info = PrivacyKit::DumpRecordInfo(g_TokenId_A, "invalid permission"); + ASSERT_EQ(true, info.empty()); +} + +/** + * @tc.name: DumpRecordInfo002 + * @tc.desc: cannot DumpRecordInfo with no record. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, DumpRecordInfo002, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(g_TokenId_A, permission, 1, 0)); + + std::string info = PrivacyKit::DumpRecordInfo(g_TokenId_A, ""); + ASSERT_EQ(false, info.empty()); + + info = PrivacyKit::DumpRecordInfo(0, permission); + ASSERT_EQ(false, info.empty()); + + info = PrivacyKit::DumpRecordInfo(0, ""); + ASSERT_EQ(false, info.empty()); +} + +/** + * @tc.name: DumpRecordInfo003 + * @tc.desc: cannot DumpRecordInfo with record. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, DumpRecordInfo003, TestSize.Level1) +{ + std::string permission = "ohos.permission.CAMERA"; + + std::string info = PrivacyKit::DumpRecordInfo(g_TokenId_A, ""); + ASSERT_EQ(true, info.empty()); + + info = PrivacyKit::DumpRecordInfo(0, ""); + ASSERT_EQ(true, info.empty()); +} + class CbCustomizeTest1 : public PermActiveStatusCustomizedCbk { public: explicit CbCustomizeTest1(const std::vector &permList) @@ -650,7 +707,6 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, res); } - /** * @tc.name: RegisterPermActiveStatusCallback002 * @tc.desc: RegisterPermActiveStatusCallback with valid permission. diff --git a/interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn b/interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn new file mode 100644 index 000000000..e69de29bb diff --git a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp new file mode 100644 index 000000000..4d1b923f0 --- /dev/null +++ b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_callback_test.h" +#include "token_callback_stub.h" + +void TokenCallbackTest::SetUpTestCase() +{ +} + +void TokenCallbackTest::TearDownTestCase() +{ +} + +void TokenCallbackTest::SetUp() +{ +} + +void TokenCallbackTest::TearDown() +{ +} + +/** + * @tc.name: AddPermissionUsedRecord001 + * @tc.desc: cannot AddPermissionUsedRecord with illegal tokenId and permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) +{ +} \ No newline at end of file diff --git a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h new file mode 100644 index 000000000..53d9cee71 --- /dev/null +++ b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKEN_CALLBACK_TEST_H +#define TOKEN_CALLBACK_TEST_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class TokenCallbackTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // TOKEN_CALLBACK_TEST_H -- Gitee From c1b97360fcf2d36eb6b7fa8ccc43615b9a75c265 Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 19 Aug 2022 10:04:14 +0800 Subject: [PATCH 24/68] =?UTF-8?q?=E8=A1=A5=E5=85=85TDD=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=20Signed-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian Change-Id: I15e48b7bf1d6944c71f88a16621258e7d146b377 --- .../unittest/src/accesstoken_kit_test.cpp | 4 +- .../token_callback/test/unittest/src/BUILD.gn | 0 .../test/unittest/src/token_callback_test.cpp | 43 ------------------- .../test/unittest/src/token_callback_test.h | 38 ---------------- 4 files changed, 2 insertions(+), 83 deletions(-) delete mode 100644 interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn delete mode 100644 interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp delete mode 100644 interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index cded157da..fb019c37c 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2420,7 +2420,7 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) * @tc.name: DumpTokenInfo001 * @tc.desc: Get dump token information * @tc.type: FUNC - * @tc.require: + * @tc.require:Issue Number */ HWTEST_F(AccessTokenKitTest, DumpTokenInfo001, TestSize.Level1) { @@ -2433,7 +2433,7 @@ HWTEST_F(AccessTokenKitTest, DumpTokenInfo001, TestSize.Level1) * @tc.name: DeleteRemoteToken001 * @tc.desc: DeleteRemoteToken with invalid parameters. * @tc.type: FUNC - * @tc.require: + * @tc.require:Issue Number */ HWTEST_F(AccessTokenKitTest, DeleteRemoteToken001, TestSize.Level1) { diff --git a/interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn b/interfaces/innerkits/token_callback/test/unittest/src/BUILD.gn deleted file mode 100644 index e69de29bb..000000000 diff --git a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp deleted file mode 100644 index 4d1b923f0..000000000 --- a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.cpp +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "token_callback_test.h" -#include "token_callback_stub.h" - -void TokenCallbackTest::SetUpTestCase() -{ -} - -void TokenCallbackTest::TearDownTestCase() -{ -} - -void TokenCallbackTest::SetUp() -{ -} - -void TokenCallbackTest::TearDown() -{ -} - -/** - * @tc.name: AddPermissionUsedRecord001 - * @tc.desc: cannot AddPermissionUsedRecord with illegal tokenId and permission. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord001, TestSize.Level1) -{ -} \ No newline at end of file diff --git a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h b/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h deleted file mode 100644 index 53d9cee71..000000000 --- a/interfaces/innerkits/token_callback/test/unittest/src/token_callback_test.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TOKEN_CALLBACK_TEST_H -#define TOKEN_CALLBACK_TEST_H - -#include -#include - -namespace OHOS { -namespace Security { -namespace AccessToken { -class TokenCallbackTest : public testing::Test { -public: - static void SetUpTestCase(); - - static void TearDownTestCase(); - - void SetUp(); - - void TearDown(); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // TOKEN_CALLBACK_TEST_H -- Gitee From b87f24afd3eceba2140eac09046e3b22f16710fb Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Fri, 19 Aug 2022 14:17:09 +0800 Subject: [PATCH 25/68] =?UTF-8?q?2022/08/19=20=E6=9D=83=E9=99=90=E4=BD=BF?= =?UTF-8?q?=E7=94=A8=E8=AE=B0=E5=BD=95=E4=BC=98=E5=8C=96=20Signed-off-by:h?= =?UTF-8?q?anshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../include/record/permission_used_record_cache.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/privacymanager/include/record/permission_used_record_cache.h b/services/privacymanager/include/record/permission_used_record_cache.h index 5065cd282..bab172af4 100644 --- a/services/privacymanager/include/record/permission_used_record_cache.h +++ b/services/privacymanager/include/record/permission_used_record_cache.h @@ -66,7 +66,7 @@ private: std::shared_ptr curRecordBufferPos_ = recordBufferHead_; std::vector> persistPendingBufferQueue_; int64_t nextPersistTimestamp_ = 0L; - const static int32_t INTERVAL = 60; + const static int32_t INTERVAL = 60 * 15; const static int32_t MAX_PERSIST_SIZE = 100; int32_t persistIsRunning_ = 0; OHOS::Utils::RWLock cacheLock_; -- Gitee From 0f819ce8e828657f29c10301a2c7ea06c1f00591 Mon Sep 17 00:00:00 2001 From: hhhhs9527 Date: Fri, 19 Aug 2022 15:27:05 +0800 Subject: [PATCH 26/68] =?UTF-8?q?2022/08/19=20=E6=9D=83=E9=99=90=E4=BD=BF?= =?UTF-8?q?=E7=94=A8=E8=AE=B0=E5=BD=95=E4=BC=98=E5=8C=96=20Signed-off-by:h?= =?UTF-8?q?anshu5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: hhhhs9527 --- .../test/unittest/src/privacy_kit_test.cpp | 76 +++++++++---------- .../database/permission_used_record_db.h | 2 +- .../record/permission_record_repository.h | 2 +- .../database/permission_used_record_db.cpp | 4 +- .../src/record/permission_record_manager.cpp | 11 +-- .../record/permission_record_repository.cpp | 2 +- .../record/permission_used_record_cache.cpp | 8 +- 7 files changed, 44 insertions(+), 61 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 3d0ea000a..e2607c5a8 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -150,52 +150,44 @@ void PrivacyKitTest::CheckPermissionUsedResult(const PermissionUsedRequest& requ ASSERT_EQ(totalFailCount, failCount); } -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { - void SetTokenID(std::vector& g_InfoParms_List, - std::vector& g_TokenId_List, int32_t number) - { - SetSelfTokenID(g_selfTokenId); - for (int32_t i = 0; i < number; i++) { - HapInfoParams g_InfoParmsTmp = { - .userID = i, - .bundleName = "ohos.privacy_test.bundle" + std::to_string(i), - .instIndex = i, - .appIDDesc = "privacy_test.bundle" + std::to_string(i) - }; - g_InfoParms_List.push_back(g_InfoParmsTmp); - HapPolicyParams g_PolicyPramsTmp = { - .apl = APL_NORMAL, - .domain = "test.domain." + std::to_string(i) - }; - AccessTokenKit::AllocHapToken(g_InfoParmsTmp, g_PolicyPramsTmp); - AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParmsTmp.userID, - g_InfoParmsTmp.bundleName, - g_InfoParmsTmp.instIndex); - g_TokenId_List.push_back(g_TokenId_Tmp); - } - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); - SetSelfTokenID(tokenId); +static void SetTokenID(std::vector& g_InfoParms_List, + std::vector& g_TokenId_List, int32_t number) +{ + SetSelfTokenID(g_selfTokenId); + for (int32_t i = 0; i < number; i++) { + HapInfoParams g_InfoParmsTmp = { + .userID = i, + .bundleName = "ohos.privacy_test.bundle" + std::to_string(i), + .instIndex = i, + .appIDDesc = "privacy_test.bundle" + std::to_string(i) + }; + g_InfoParms_List.push_back(g_InfoParmsTmp); + HapPolicyParams g_PolicyPramsTmp = { + .apl = APL_NORMAL, + .domain = "test.domain." + std::to_string(i) + }; + AccessTokenKit::AllocHapToken(g_InfoParmsTmp, g_PolicyPramsTmp); + AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParmsTmp.userID, + g_InfoParmsTmp.bundleName, + g_InfoParmsTmp.instIndex); + g_TokenId_List.push_back(g_TokenId_Tmp); } + AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); + SetSelfTokenID(tokenId); +} - void DeleteTokenID(std::vector& g_InfoParms_List) - { - SetSelfTokenID(g_selfTokenId); - for (size_t i = 0; i < g_InfoParms_List.size(); i++) { - AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParms_List[i].userID, - g_InfoParms_List[i].bundleName, - g_InfoParms_List[i].instIndex); - AccessTokenKit::DeleteToken(g_TokenId_Tmp); - } - AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); - SetSelfTokenID(tokenId); +static void DeleteTokenID(std::vector& g_InfoParms_List) +{ + SetSelfTokenID(g_selfTokenId); + for (size_t i = 0; i < g_InfoParms_List.size(); i++) { + AccessTokenID g_TokenId_Tmp = AccessTokenKit::GetHapTokenID(g_InfoParms_List[i].userID, + g_InfoParms_List[i].bundleName, + g_InfoParms_List[i].instIndex); + AccessTokenKit::DeleteToken(g_TokenId_Tmp); } + AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); + SetSelfTokenID(tokenId); } -} // namespace AccessToken -} // namespace Security -} // namespace OHOS /** * @tc.name: AddPermissionUsedRecord001 diff --git a/services/privacymanager/include/database/permission_used_record_db.h b/services/privacymanager/include/database/permission_used_record_db.h index 3d1ae056e..6b1192669 100644 --- a/services/privacymanager/include/database/permission_used_record_db.h +++ b/services/privacymanager/include/database/permission_used_record_db.h @@ -72,7 +72,7 @@ private: std::string CreateCountPrepareSqlCmd(DataType type) const; std::string CreateDeleteExpireRecordsPrepareSqlCmd(DataType type, const std::vector& andColumns) const; - std::string CreateDeleteExcessiveRecordsPrepareSqlCmd(DataType type, unsigned excessiveSize) const; + std::string CreateDeleteExcessiveRecordsPrepareSqlCmd(DataType type, uint32_t excessiveSize) const; std::string CreateGetDistinctValue(DataType type, const std::string conditionColumns) const; private: diff --git a/services/privacymanager/include/record/permission_record_repository.h b/services/privacymanager/include/record/permission_record_repository.h index e29ffc898..0e249f33d 100644 --- a/services/privacymanager/include/record/permission_record_repository.h +++ b/services/privacymanager/include/record/permission_record_repository.h @@ -36,7 +36,7 @@ public: bool GetAllRecordValuesByKey(const std::string& condition, std::vector& resultValues); int32_t CountRecordValues(GenericValues& resultValues); bool DeleteExpireRecordsValues(const GenericValues& andConditions); - bool DeleteExcessiveSizeRecordValues(int32_t excessiveSize); + bool DeleteExcessiveSizeRecordValues(uint32_t excessiveSize); }; } // namespace AccessToken } // namespace Security diff --git a/services/privacymanager/src/database/permission_used_record_db.cpp b/services/privacymanager/src/database/permission_used_record_db.cpp index b10f6d9d1..9c3a78662 100644 --- a/services/privacymanager/src/database/permission_used_record_db.cpp +++ b/services/privacymanager/src/database/permission_used_record_db.cpp @@ -207,7 +207,6 @@ int32_t PermissionUsedRecordDb::DeleteExpireRecords(DataType type, } int32_t ret = deleteExpireStatement.Step(); if (ret != Statement::State::DONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExpireRecords failed"); return FAILURE; } } @@ -220,7 +219,6 @@ int32_t PermissionUsedRecordDb::DeleteExcessiveRecords(DataType type, unsigned e std::string deleteExcessiveSql = CreateDeleteExcessiveRecordsPrepareSqlCmd(type, excessiveSize); auto deleteExcessiveStatement = Prepare(deleteExcessiveSql); if (deleteExcessiveStatement.Step() != Statement::State::DONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExcessiveRecords failed"); return FAILURE; } return SUCCESS; @@ -363,7 +361,7 @@ std::string PermissionUsedRecordDb::CreateDeleteExpireRecordsPrepareSqlCmd(DataT } std::string PermissionUsedRecordDb::CreateDeleteExcessiveRecordsPrepareSqlCmd(DataType type, - unsigned excessiveSize) const + uint32_t excessiveSize) const { auto it = dataTypeToSqlTable_.find(type); if (it == dataTypeToSqlTable_.end()) { diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index bbc2994d2..179e6a9a3 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -106,16 +106,13 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, } if (!AddRecord(tokenId, permissionName, successCount, failCount)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Add record failed"); return Constant::FAILURE; } - ACCESSTOKEN_LOG_DEBUG(LABEL, "Add record successful"); return Constant::SUCCESS; } void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, tokenId: %{public}d, deviceID = %{public}s", tokenId, deviceID.c_str()); if (tokenId == 0) { ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId is 0"); return; @@ -193,14 +190,13 @@ bool PermissionRecordManager::GetRecordsFromLocalDB(const PermissionUsedRequest& std::set tokenIdList; if (request.tokenId == 0) { - GetLocalRecordTokenIdList(tokenIdList); + GetLocalRecordTokenIdList(tokenIdList); } else { tokenIdList.emplace(request.tokenId); } ACCESSTOKEN_LOG_DEBUG(LABEL, "GetLocalRecordTokenIdList.size = %{public}zu", tokenIdList.size()); Utils::UniqueWriteGuard lk(this->rwLock_); for (const auto& tokenId : tokenIdList) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenId = %{public}d", tokenId); andConditionValues.Put(FIELD_TOKEN_ID, (int32_t)tokenId); std::vector findRecordsValues; PermissionUsedRecordCache::GetInstance().GetRecords(request.permissionList, @@ -311,14 +307,12 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) Utils::UniqueWriteGuard lk(this->rwLock_); GenericValues countValue; if (!PermissionRecordRepository::GetInstance().CountRecordValues(countValue)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DeletePermissionRecord failed"); return Constant::FAILURE; } int64_t total = countValue.GetInt64(Constant::COUNT_CMD); if (total > Constant::MAX_TOTAL_RECORD) { - unsigned excessiveSize = total - Constant::MAX_TOTAL_RECORD; + uint32_t excessiveSize = total - Constant::MAX_TOTAL_RECORD; if (!PermissionRecordRepository::GetInstance().DeleteExcessiveSizeRecordValues(excessiveSize)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExcessiveSizeRecordValues failed"); return Constant::FAILURE; } } @@ -326,7 +320,6 @@ int32_t PermissionRecordManager::DeletePermissionRecord(int32_t days) int64_t deleteTimestamp = TimeUtil::GetCurrentTimestamp() - days; andConditionValues.Put(FIELD_TIMESTAMP_END, deleteTimestamp); if (!PermissionRecordRepository::GetInstance().DeleteExpireRecordsValues(andConditionValues)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "DeleteExpireRecordsValues failed"); return Constant::FAILURE; } return Constant::SUCCESS; diff --git a/services/privacymanager/src/record/permission_record_repository.cpp b/services/privacymanager/src/record/permission_record_repository.cpp index 1fa1d10af..d9ff4fd42 100644 --- a/services/privacymanager/src/record/permission_record_repository.cpp +++ b/services/privacymanager/src/record/permission_record_repository.cpp @@ -103,7 +103,7 @@ bool PermissionRecordRepository::DeleteExpireRecordsValues(const GenericValues& return true; } -bool PermissionRecordRepository::DeleteExcessiveSizeRecordValues(int32_t excessiveSize) +bool PermissionRecordRepository::DeleteExcessiveSizeRecordValues(uint32_t excessiveSize) { if (PermissionUsedRecordDb::GetInstance().DeleteExcessiveRecords(PermissionUsedRecordDb::PERMISSION_RECORD, excessiveSize) != PermissionUsedRecordDb::SUCCESS) { diff --git a/services/privacymanager/src/record/permission_used_record_cache.cpp b/services/privacymanager/src/record/permission_used_record_cache.cpp index 30c64fcd5..a1a759652 100644 --- a/services/privacymanager/src/record/permission_used_record_cache.cpp +++ b/services/privacymanager/src/record/permission_used_record_cache.cpp @@ -181,7 +181,7 @@ int32_t PermissionUsedRecordCache::PersistPendingRecords() return true; } -int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues &record) +int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues& record) { AccessTokenID tokenID = record.GetInt(FIELD_TOKEN_ID); std::shared_ptr curFindDeletePos; @@ -226,7 +226,7 @@ int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues &record) return Constant::SUCCESS; } -void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const GenericValues &record, +void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const GenericValues& record, std::shared_ptr persistPendingBufferHead, std::shared_ptr persistPendingBufferEnd) { @@ -254,7 +254,7 @@ void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const } void PermissionUsedRecordCache::GetRecords(const std::vector& permissionList, - const GenericValues &andConditionValues, const GenericValues& orConditionValues, + const GenericValues& andConditionValues, const GenericValues& orConditionValues, std::vector& findRecordsValues) { std::set opCodeList; @@ -341,7 +341,7 @@ void PermissionUsedRecordCache::TransferToOpcode(std::set& opCodeList, } bool PermissionUsedRecordCache::RecordCompare(const AccessTokenID tokenID, const std::set& opCodeList, - const GenericValues &andConditionValues, const PermissionRecord &record) + const GenericValues& andConditionValues, const PermissionRecord& record) { // compare tokenId if (record.tokenId != (int32_t)tokenID) { -- Gitee From 6f2a38bf39de3fdbcfc5d28e4e8cc3f5691afa67 Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 19 Aug 2022 07:39:14 +0000 Subject: [PATCH 27/68] =?UTF-8?q?=E8=A1=A5=E5=85=85ut=E6=B5=8B=E8=AF=95?= =?UTF-8?q?=E7=94=A8=E4=BE=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../unittest/src/accesstoken_kit_test.cpp | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index e68907169..e2bbebc4e 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2146,6 +2146,34 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken009, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, ret); } +/** + * @tc.name: UpdateHapToken010 + * @tc.desc: update api version. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken010, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + + uint32_t apiVersion = DEFAULT_API_VERSION - 1; + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, apiVersion, g_infoManagerTestPolicyPrams); + + HapTokenInfo hapTokenInfoRes; + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(apiVersion, hapTokenInfoRes.apiVersion); + + apiVersion = DEFAULT_API_VERSION + 1; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, apiVersion, g_infoManagerTestPolicyPrams); + + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(apiVersion, hapTokenInfoRes.apiVersion); +} + static void *ThreadTestFunc01(void *args) { ATokenTypeEnum type; -- Gitee From 5b8efe82ec6e12b76bcf4c88a809b6696a2a1a85 Mon Sep 17 00:00:00 2001 From: chennian Date: Fri, 19 Aug 2022 08:12:06 +0000 Subject: [PATCH 28/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=BC=E5=BC=8F?= =?UTF-8?q?=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../accesstoken/test/unittest/src/accesstoken_kit_test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index e2bbebc4e..563c31c3b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -139,7 +139,7 @@ void AccessTokenKitTest::SetUp() .bundleName = TEST_BUNDLE_NAME, .instIndex = 0, .appIDDesc = "appIDDesc", - .apiVersion = DEFAULT_API_VERSION + .apiVersion = DEFAULT_API_VERSION }; HapPolicyParams policy = { -- Gitee From 11c8cccb23b81c2b63f8de2db361d0b4d56758bd Mon Sep 17 00:00:00 2001 From: chennian Date: Sun, 21 Aug 2022 13:08:53 +0800 Subject: [PATCH 29/68] =?UTF-8?q?tokenID=E6=94=B9=E6=88=90tokenId=20Signed?= =?UTF-8?q?-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../test/unittest/src/privacy_kit_test.cpp | 246 ++++++++---------- .../active/active_status_callback_manager.h | 2 +- .../record/permission_record_manager.h | 2 +- .../record/permission_used_record_cache.h | 2 +- .../include/service/privacy_manager_service.h | 10 +- .../active/active_status_callback_manager.cpp | 6 +- .../src/record/permission_record_manager.cpp | 31 +-- .../record/permission_used_record_cache.cpp | 22 +- .../src/service/privacy_manager_service.cpp | 20 +- .../src/service/privacy_manager_stub.cpp | 20 +- 10 files changed, 167 insertions(+), 194 deletions(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 9dd2b6e94..209448f27 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -51,6 +51,27 @@ static HapInfoParams g_InfoParmsB = { .appIDDesc = "privacy_test.bundleB" }; +static PermissionStateFull g_infoManagerTestStateA = { + .permissionName = "ohos.permission.CAMERA", + .grantFlags = {1}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .resDeviceID = {"local"} +}; + +static PermissionStateFull g_infoManagerTestStateB = { + .permissionName = "ohos.permission.MICROPHONE", + .grantFlags = {1}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .resDeviceID = {"local"} +}; +static HapPolicyParams g_PolicyPramsE = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = {g_infoManagerTestStateA, g_infoManagerTestStateB} +}; static HapInfoParams g_InfoParmsE = { .userID = 1, .bundleName = "ohos.privacy_test.bundleE", @@ -61,6 +82,7 @@ static HapInfoParams g_InfoParmsE = { static AccessTokenID g_selfTokenId = 0; static AccessTokenID g_TokenId_A = 0; static AccessTokenID g_TokenId_B = 0; +static AccessTokenID g_TokenId_E = 0; void PrivacyKitTest::SetUpTestCase() { @@ -73,9 +95,9 @@ void PrivacyKitTest::TearDownTestCase() void PrivacyKitTest::SetUp() { - AccessTokenID tokenId; AccessTokenKit::AllocHapToken(g_InfoParmsA, g_PolicyPramsA); AccessTokenKit::AllocHapToken(g_InfoParmsB, g_PolicyPramsB); + AccessTokenKit::AllocHapToken(g_InfoParmsE, g_PolicyPramsE); g_TokenId_A = AccessTokenKit::GetHapTokenID(g_InfoParmsA.userID, g_InfoParmsA.bundleName, @@ -83,12 +105,11 @@ void PrivacyKitTest::SetUp() g_TokenId_B = AccessTokenKit::GetHapTokenID(g_InfoParmsB.userID, g_InfoParmsB.bundleName, g_InfoParmsB.instIndex); - tokenId = AccessTokenKit::GetHapTokenID(g_InfoParmsE.userID, - g_InfoParmsE.bundleName, - g_InfoParmsE.instIndex); - AccessTokenKit::DeleteToken(tokenId); + g_TokenId_E = AccessTokenKit::GetHapTokenID(g_InfoParmsE.userID, + g_InfoParmsE.bundleName, + g_InfoParmsE.instIndex); - tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); // 100 is userID + AccessTokenID tokenId = AccessTokenKit::GetHapTokenID(100, "com.ohos.permissionmanager", 0); // 100 is userID SetSelfTokenID(tokenId); } @@ -372,6 +393,51 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord006, TestSize.Level1) CheckPermissionUsedResult(request, result, 1, 5, 0); } +/** + * @tc.name: AddPermissionUsedRecord007 + * @tc.desc: AddPermissionUsedRecord user_grant permission. + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) +{ + std::vector g_InfoParms_List; + std::vector g_TokenId_List; + SetTokenID(g_InfoParms_List, g_TokenId_List, 100); + std::vector addPermissionList = { + "ohos.permission.ANSWER_CALL", + "ohos.permission.READ_CALENDAR", + }; + for (int32_t i = 0; i < 200; i++) { + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(g_TokenId_List[i % 100], + addPermissionList[i % 2], 1, 0)); + + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_TokenId_List[i % 100], GetLocalDeviceUdid(), + g_InfoParms_List[i % 100].bundleName, permissionList, request); + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + } + sleep(70); + for (int32_t i = 0; i < 100; i++) { + PermissionUsedRequest request; + PermissionUsedResult result; + std::vector permissionList; + BuildQueryRequest(g_TokenId_List[i], GetLocalDeviceUdid(), + g_InfoParms_List[i].bundleName, permissionList, request); + request.flag = FLAG_PERMISSION_USAGE_DETAIL; + + ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); + ASSERT_EQ(1, result.bundleRecords.size()); + ASSERT_EQ(1, result.bundleRecords[0].permissionRecords.size()); + ASSERT_EQ(1, result.bundleRecords[0].permissionRecords[0].accessRecords.size()); + CheckPermissionUsedResult(request, result, 1, 2, 0); + } + DeleteTokenID(g_InfoParms_List); +} + /** * @tc.name: RemovePermissionUsedRecords001 * @tc.desc: cannot RemovePermissionUsedRecords with illegal tokenId and deviceID. @@ -649,10 +715,10 @@ public: { type_ = result.type; GTEST_LOG_(INFO) << "CbCustomizeTest1 ActiveChangeResponse"; - GTEST_LOG_(INFO) << "tokenid " << result.tokenID; - GTEST_LOG_(INFO) << "permissionName " << result.permissionName; - GTEST_LOG_(INFO) << "deviceId " << result.deviceId; - GTEST_LOG_(INFO) << "type " << result.type; + GTEST_LOG_(INFO) << "CbCustomizeTest1 tokenid " << result.tokenID; + GTEST_LOG_(INFO) << "CbCustomizeTest1 permissionName " << result.permissionName; + GTEST_LOG_(INFO) << "CbCustomizeTest1 deviceId " << result.deviceId; + GTEST_LOG_(INFO) << "CbCustomizeTest1 type " << result.type; } ActiveChangeType type_ = PERM_INACTIVE; @@ -673,10 +739,10 @@ public: { type_ = result.type; GTEST_LOG_(INFO) << "CbCustomizeTest2 ActiveChangeResponse"; - GTEST_LOG_(INFO) << "tokenid " << result.tokenID; - GTEST_LOG_(INFO) << "permissionName " << result.permissionName; - GTEST_LOG_(INFO) << "deviceId " << result.deviceId; - GTEST_LOG_(INFO) << "type " << result.type; + GTEST_LOG_(INFO) << "CbCustomizeTest2 tokenid " << result.tokenID; + GTEST_LOG_(INFO) << "CbCustomizeTest2 permissionName " << result.permissionName; + GTEST_LOG_(INFO) << "CbCustomizeTest2 deviceId " << result.deviceId; + GTEST_LOG_(INFO) << "CbCustomizeTest2 type " << result.type; } ActiveChangeType type_; @@ -697,53 +763,29 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback001, TestSize.Level1) int32_t res = PrivacyKit::RegisterPermActiveStatusCallback(callbackPtr); - static PermissionStateFull infoManagerTestStateA = { - .permissionName = "ohos.permission.CAMERA", - .grantFlags = {1}, - .grantStatus = {PERMISSION_GRANTED}, - .isGeneral = true, - .resDeviceID = {"local"} - }; - static HapPolicyParams infoManagerTestPolicyPrams = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = {infoManagerTestStateA} - }; - - AccessTokenIDEx tokenIdEx = {0}; - AccessTokenID tokenID; - tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParmsE, infoManagerTestPolicyPrams); - - tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(0, tokenID); - - ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID); - ASSERT_EQ(ret, TOKEN_HAP); - - res = PrivacyKit::StartUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StartUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_ACTIVE_IN_FOREGROUND, callbackPtr->type_); - res = PrivacyKit::StopUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StopUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); + + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_INACTIVE, callbackPtr->type_); res = PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr); - ASSERT_EQ(RET_SUCCESS, res); + ASSERT_EQ(RET_NO_ERROR, res); callbackPtr->type_ = PERM_INACTIVE; - res = PrivacyKit::StartUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StartUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); ASSERT_EQ(PERM_INACTIVE, callbackPtr->type_); - res = PrivacyKit::StopUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StopUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); ASSERT_EQ(PERM_INACTIVE, callbackPtr->type_); - - res = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, res); } /** @@ -759,105 +801,41 @@ HWTEST_F(PrivacyKitTest, RegisterPermActiveStatusCallback002, TestSize.Level1) auto callbackPtr1 = std::make_shared(permList1); callbackPtr1->type_ = PERM_INACTIVE; - std::vector permList2 = {"ohos.permission.GET_BUNDLE_INFO"}; + std::vector permList2 = {"ohos.permission.MICROPHONE"}; auto callbackPtr2 = std::make_shared(permList2); callbackPtr2->type_ = PERM_INACTIVE; int32_t res = PrivacyKit::RegisterPermActiveStatusCallback(callbackPtr1); res = PrivacyKit::RegisterPermActiveStatusCallback(callbackPtr2); - static PermissionStateFull infoManagerTestStateA = { - .permissionName = "ohos.permission.CAMERA", - .grantFlags = {1}, - .grantStatus = {PERMISSION_GRANTED}, - .isGeneral = true, - .resDeviceID = {"local"} - }; - static PermissionStateFull infoManagerTestStateB = { - .permissionName = "ohos.permission.GET_BUNDLE_INFO", - .grantFlags = {1}, - .grantStatus = {PERMISSION_GRANTED}, - .isGeneral = true, - .resDeviceID = {"local"} - }; - static HapPolicyParams infoManagerTestPolicyPrams = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = {infoManagerTestStateA, infoManagerTestStateB} - }; - - AccessTokenIDEx tokenIdEx = {0}; - AccessTokenID tokenID; - tokenIdEx = AccessTokenKit::AllocHapToken(g_InfoParmsE, infoManagerTestPolicyPrams); - - tokenID = tokenIdEx.tokenIdExStruct.tokenID; - ASSERT_NE(0, tokenID); - - res = PrivacyKit::StartUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StartUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_ACTIVE_IN_FOREGROUND, callbackPtr1->type_); ASSERT_EQ(PERM_INACTIVE, callbackPtr2->type_); - res = PrivacyKit::StopUsingPermission(tokenID, "ohos.permission.CAMERA"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StopUsingPermission(g_TokenId_E, "ohos.permission.CAMERA"); + ASSERT_EQ(RET_NO_ERROR, res); + + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_INACTIVE, callbackPtr1->type_); - res = PrivacyKit::StartUsingPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StartUsingPermission(g_TokenId_E, "ohos.permission.MICROPHONE"); + ASSERT_EQ(RET_NO_ERROR, res); + + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_INACTIVE, callbackPtr1->type_); ASSERT_EQ(PERM_ACTIVE_IN_FOREGROUND, callbackPtr2->type_); - res = PrivacyKit::StopUsingPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO"); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::StopUsingPermission(g_TokenId_E, "ohos.permission.MICROPHONE"); + ASSERT_EQ(RET_NO_ERROR, res); + + usleep(500000); // 500000us = 0.5s ASSERT_EQ(PERM_INACTIVE, callbackPtr2->type_); - res = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, res); + res = PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr1); + ASSERT_EQ(RET_NO_ERROR, res); + res = PrivacyKit::UnRegisterPermActiveStatusCallback(callbackPtr2); + ASSERT_EQ(RET_NO_ERROR, res); } - -/** - * @tc.name: AddPermissionUsedRecord007 - * @tc.desc: AddPermissionUsedRecord user_grant permission. - * @tc.type: FUNC - * @tc.require:Issue Number - */ -HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord007, TestSize.Level1) -{ - std::vector g_InfoParms_List; - std::vector g_TokenId_List; - SetTokenID(g_InfoParms_List, g_TokenId_List, 100); - std::vector addPermissionList = { - "ohos.permission.ANSWER_CALL", - "ohos.permission.READ_CALENDAR", - }; - for (int32_t i = 0; i < 200; i++) { - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord(g_TokenId_List[i % 100], - addPermissionList[i % 2], 1, 0)); - - PermissionUsedRequest request; - PermissionUsedResult result; - std::vector permissionList; - BuildQueryRequest(g_TokenId_List[i % 100], GetLocalDeviceUdid(), - g_InfoParms_List[i % 100].bundleName, permissionList, request); - request.flag = FLAG_PERMISSION_USAGE_DETAIL; - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - } - sleep(70); - for (int32_t i = 0; i < 100; i++) { - PermissionUsedRequest request; - PermissionUsedResult result; - std::vector permissionList; - BuildQueryRequest(g_TokenId_List[i], GetLocalDeviceUdid(), - g_InfoParms_List[i].bundleName, permissionList, request); - request.flag = FLAG_PERMISSION_USAGE_DETAIL; - - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::GetPermissionUsedRecords(request, result)); - ASSERT_EQ(1, result.bundleRecords.size()); - ASSERT_EQ(1, result.bundleRecords[0].permissionRecords.size()); - ASSERT_EQ(1, result.bundleRecords[0].permissionRecords[0].accessRecords.size()); - CheckPermissionUsedResult(request, result, 1, 2, 0); - } - DeleteTokenID(g_InfoParms_List); -} \ No newline at end of file diff --git a/services/privacymanager/include/active/active_status_callback_manager.h b/services/privacymanager/include/active/active_status_callback_manager.h index 853e91d3e..df6d801ae 100644 --- a/services/privacymanager/include/active/active_status_callback_manager.h +++ b/services/privacymanager/include/active/active_status_callback_manager.h @@ -49,7 +49,7 @@ public: int32_t RemoveCallback(const sptr& callback); bool NeedCalled(const std::vector& permList, const std::string& permName); void ExecuteCallbackAsync( - AccessTokenID tokenID, const std::string& permName, const std::string& deviceId, ActiveChangeType changeType); + AccessTokenID tokenId, const std::string& permName, const std::string& deviceId, ActiveChangeType changeType); private: std::mutex mutex_; diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index 0815f2396..c81a6565d 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -58,7 +58,7 @@ private: DISALLOW_COPY_AND_MOVE(PermissionRecordManager); bool GetLocalRecordTokenIdList(std::set& tokenIdList); - bool AddRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount); + bool AddRecord(const PermissionRecord& record); bool GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record); bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); diff --git a/services/privacymanager/include/record/permission_used_record_cache.h b/services/privacymanager/include/record/permission_used_record_cache.h index bab172af4..6f6745e60 100644 --- a/services/privacymanager/include/record/permission_used_record_cache.h +++ b/services/privacymanager/include/record/permission_used_record_cache.h @@ -52,7 +52,7 @@ public: void GetRecordsFromPersistPendingBufferQueue(const std::vector& permissionList, const GenericValues& andConditionValues, const GenericValues& orConditionValues, std::vector& findRecordsValues, const std::set& opCodeList); - bool RecordCompare(const AccessTokenID tokenID, const std::set& opCodeList, + bool RecordCompare(const AccessTokenID tokenId, const std::set& opCodeList, const GenericValues &andConditionValues, const PermissionRecord &record); void FindTokenIdList(std::set& tokenIdList); void TransferToOpcode(std::set& opCodeList, diff --git a/services/privacymanager/include/service/privacy_manager_service.h b/services/privacymanager/include/service/privacy_manager_service.h index 347db8602..ce276d297 100644 --- a/services/privacymanager/include/service/privacy_manager_service.h +++ b/services/privacymanager/include/service/privacy_manager_service.h @@ -37,15 +37,15 @@ public: void OnStop() override; int32_t AddPermissionUsedRecord( - AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) override; - int32_t StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; - int32_t StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) override; - int32_t RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) override; + AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) override; + int32_t StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName) override; + int32_t StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName) override; + int32_t RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) override; int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, PermissionUsedResultParcel& result) override; int32_t GetPermissionUsedRecords( const PermissionUsedRequestParcel& request, const sptr& callback) override; - std::string DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) override; + std::string DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName) override; int32_t RegisterPermActiveStatusCallback( std::vector& permList, const sptr& callback) override; int32_t UnRegisterPermActiveStatusCallback(const sptr& callback) override; diff --git a/services/privacymanager/src/active/active_status_callback_manager.cpp b/services/privacymanager/src/active/active_status_callback_manager.cpp index abaa1dbb3..b14bcd6e2 100644 --- a/services/privacymanager/src/active/active_status_callback_manager.cpp +++ b/services/privacymanager/src/active/active_status_callback_manager.cpp @@ -112,7 +112,7 @@ bool ActiveStatusCallbackManager::NeedCalled(const std::vector& per } void ActiveStatusCallbackManager::ExecuteCallbackAsync( - AccessTokenID tokenID, const std::string& permName, const std::string& deviceId, ActiveChangeType changeType) + AccessTokenID tokenId, const std::string& permName, const std::string& deviceId, ActiveChangeType changeType) { ACCESSTOKEN_LOG_INFO(LABEL, "entry"); @@ -122,7 +122,7 @@ void ActiveStatusCallbackManager::ExecuteCallbackAsync( for (auto it = callbackDataList_.begin(); it != callbackDataList_.end(); ++it) { std::vector permList = (*it).permList_; if (!NeedCalled(permList, permName)) { - ACCESSTOKEN_LOG_INFO(LABEL, "tokenID %{public}u, permName %{public}s", tokenID, permName.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenId %{public}u, permName %{public}s", tokenId, permName.c_str()); continue; } auto callback = iface_cast((*it).callbackObject_); @@ -130,7 +130,7 @@ void ActiveStatusCallbackManager::ExecuteCallbackAsync( ActiveChangeResponse resInfo; resInfo.type = changeType; resInfo.permissionName = permName; - resInfo.tokenID = tokenID; + resInfo.tokenID = tokenId; resInfo.deviceId = deviceId; ACCESSTOKEN_LOG_INFO(LABEL, "callback excute changeType %{public}d", changeType); callback->ActiveStatusChangeCallback(resInfo); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 179e6a9a3..361d4426f 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -53,15 +53,11 @@ PermissionRecordManager::~PermissionRecordManager() hasInited_ = false; } -bool PermissionRecordManager::AddRecord( - AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) +bool PermissionRecordManager::AddRecord(const PermissionRecord& record) { Utils::UniqueWriteGuard lk(this->rwLock_); - PermissionRecord record; - if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { - return false; - } - if (PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(record) == Constant::SUCCESS) { + if (PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(const_cast(record)) + == Constant::SUCCESS) { return true; } return false; @@ -70,9 +66,14 @@ bool PermissionRecordManager::AddRecord( bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record) { + HapTokenInfo tokenInfo; + if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId(%{public}d)", tokenId); + return false; + } int32_t opCode; if (!Constant::TransferPermissionToOpcode(permissionName, opCode)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to TransferPermissionToOpcode"); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid permission(%{public}s)", permissionName.c_str()); return false; } if (successCount == 0 && failCount == 0) { @@ -83,7 +84,7 @@ bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const record.accessCount = successCount; record.rejectCount = failCount; record.opCode = opCode; - record.status = 0; // get isForeground by uid lockscreen + record.status = 0; record.timestamp = TimeUtil::GetCurrentTimestamp(); record.accessDuration = 0; return true; @@ -94,18 +95,12 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, { ExecuteDeletePermissionRecordTask(); - if (AccessTokenKit::GetTokenTypeFlag(tokenId) != TOKEN_HAP) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "invalid token type"); - return Constant::SUCCESS; - } - - HapTokenInfo tokenInfo; - if (AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo) != Constant::SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "invalid tokenId%{public}d", tokenId); + PermissionRecord record; + if (!GetPermissionsRecord(tokenId, permissionName, successCount, failCount, record)) { return Constant::FAILURE; } - if (!AddRecord(tokenId, permissionName, successCount, failCount)) { + if (!AddRecord(record)) { return Constant::FAILURE; } return Constant::SUCCESS; diff --git a/services/privacymanager/src/record/permission_used_record_cache.cpp b/services/privacymanager/src/record/permission_used_record_cache.cpp index a1a759652..8df9c8e01 100644 --- a/services/privacymanager/src/record/permission_used_record_cache.cpp +++ b/services/privacymanager/src/record/permission_used_record_cache.cpp @@ -183,7 +183,7 @@ int32_t PermissionUsedRecordCache::PersistPendingRecords() int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues& record) { - AccessTokenID tokenID = record.GetInt(FIELD_TOKEN_ID); + AccessTokenID tokenId = record.GetInt(FIELD_TOKEN_ID); std::shared_ptr curFindDeletePos; std::shared_ptr persistPendingBufferHead; std::shared_ptr persistPendingBufferEnd = nullptr; @@ -194,7 +194,7 @@ int32_t PermissionUsedRecordCache::RemoveRecords(const GenericValues& record) persistPendingBufferHead = recordBufferHead_; while (curFindDeletePos != nullptr) { auto next = curFindDeletePos->next; - if (curFindDeletePos->record.tokenId == tokenID) { + if (curFindDeletePos->record.tokenId == tokenId) { if (curRecordBufferPos_ == curFindDeletePos) { curRecordBufferPos_ = curFindDeletePos->pre.lock(); } @@ -230,7 +230,7 @@ void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const std::shared_ptr persistPendingBufferHead, std::shared_ptr persistPendingBufferEnd) { - AccessTokenID tokenID = record.GetInt(FIELD_TOKEN_ID); + AccessTokenID tokenId = record.GetInt(FIELD_TOKEN_ID); { std::shared_ptr curFindDeletePos; Utils::UniqueWriteGuard lock2(this->cacheLock_); @@ -239,7 +239,7 @@ void PermissionUsedRecordCache::RemoveRecordsFromPersistPendingBufferQueue(const curFindDeletePos = persistHead->next; while (curFindDeletePos != nullptr) { auto next = curFindDeletePos->next; - if (curFindDeletePos->record.tokenId == tokenID) { + if (curFindDeletePos->record.tokenId == tokenId) { DeleteRecordNode(curFindDeletePos); } curFindDeletePos = next; @@ -262,7 +262,7 @@ void PermissionUsedRecordCache::GetRecords(const std::vector& permi std::shared_ptr persistPendingBufferHead; std::shared_ptr persistPendingBufferEnd = nullptr; int32_t countPersistPendingNode = 0; - AccessTokenID tokenID = andConditionValues.GetInt(FIELD_TOKEN_ID); + AccessTokenID tokenId = andConditionValues.GetInt(FIELD_TOKEN_ID); TransferToOpcode(opCodeList, permissionList); { Utils::UniqueWriteGuard lock1(this->cacheLock_); @@ -270,7 +270,7 @@ void PermissionUsedRecordCache::GetRecords(const std::vector& permi persistPendingBufferHead = recordBufferHead_; while (curFindPos != nullptr) { auto next = curFindPos->next; - if (RecordCompare(tokenID, opCodeList, andConditionValues, curFindPos->record)) { + if (RecordCompare(tokenId, opCodeList, andConditionValues, curFindPos->record)) { GenericValues recordValues; PermissionRecord::TranslationIntoGenericValues(curFindPos->record, recordValues); findRecordsValues.emplace_back(recordValues); @@ -307,7 +307,7 @@ void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( const GenericValues& orConditionValues, std::vector& findRecordsValues, const std::set& opCodeList) { - AccessTokenID tokenID = andConditionValues.GetInt(FIELD_TOKEN_ID); + AccessTokenID tokenId = andConditionValues.GetInt(FIELD_TOKEN_ID); std::shared_ptr curFindPos; Utils::UniqueWriteGuard lock2(this->cacheLock_); if (!persistPendingBufferQueue_.empty()) { @@ -315,7 +315,7 @@ void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( curFindPos = persistHead->next; while (curFindPos != nullptr) { auto next = curFindPos->next; - if (RecordCompare(tokenID, opCodeList, andConditionValues, curFindPos->record)) { + if (RecordCompare(tokenId, opCodeList, andConditionValues, curFindPos->record)) { GenericValues recordValues; PermissionRecord::TranslationIntoGenericValues(curFindPos->record, recordValues); findRecordsValues.emplace_back(recordValues); @@ -324,7 +324,7 @@ void PermissionUsedRecordCache::GetRecordsFromPersistPendingBufferQueue( } } } - if (tokenID != INVALID_TOKENID && !PermissionRecordRepository::GetInstance().FindRecordValues( + if (tokenId != INVALID_TOKENID && !PermissionRecordRepository::GetInstance().FindRecordValues( andConditionValues, orConditionValues, findRecordsValues)) { // find records from database ACCESSTOKEN_LOG_ERROR(LABEL, "find records from database failed"); } @@ -340,11 +340,11 @@ void PermissionUsedRecordCache::TransferToOpcode(std::set& opCodeList, } } -bool PermissionUsedRecordCache::RecordCompare(const AccessTokenID tokenID, const std::set& opCodeList, +bool PermissionUsedRecordCache::RecordCompare(const AccessTokenID tokenId, const std::set& opCodeList, const GenericValues& andConditionValues, const PermissionRecord& record) { // compare tokenId - if (record.tokenId != (int32_t)tokenID) { + if (record.tokenId != (int32_t)tokenId) { return false; } // compare opCode diff --git a/services/privacymanager/src/service/privacy_manager_service.cpp b/services/privacymanager/src/service/privacy_manager_service.cpp index 03143c7a5..41e1087e1 100644 --- a/services/privacymanager/src/service/privacy_manager_service.cpp +++ b/services/privacymanager/src/service/privacy_manager_service.cpp @@ -70,25 +70,25 @@ void PrivacyManagerService::OnStop() } int32_t PrivacyManagerService::AddPermissionUsedRecord( - AccessTokenID tokenID, const std::string& permissionName, int32_t successCount, int32_t failCount) + AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount) { return PermissionRecordManager::GetInstance().AddPermissionUsedRecord( - tokenID, permissionName, successCount, failCount); + tokenId, permissionName, successCount, failCount); } -int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +int32_t PrivacyManagerService::StartUsingPermission(AccessTokenID tokenId, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().StartUsingPermission(tokenID, permissionName); + return PermissionRecordManager::GetInstance().StartUsingPermission(tokenId, permissionName); } -int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenID, const std::string& permissionName) +int32_t PrivacyManagerService::StopUsingPermission(AccessTokenID tokenId, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().StopUsingPermission(tokenID, permissionName); + return PermissionRecordManager::GetInstance().StopUsingPermission(tokenId, permissionName); } -int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenID, const std::string& deviceID) +int32_t PrivacyManagerService::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) { - PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenID, deviceID); + PermissionRecordManager::GetInstance().RemovePermissionUsedRecords(tokenId, deviceID); return Constant::SUCCESS; } @@ -107,9 +107,9 @@ int32_t PrivacyManagerService::GetPermissionUsedRecords( return PermissionRecordManager::GetInstance().GetPermissionUsedRecordsAsync(request.request, callback); } -std::string PrivacyManagerService::DumpRecordInfo(AccessTokenID tokenID, const std::string& permissionName) +std::string PrivacyManagerService::DumpRecordInfo(AccessTokenID tokenId, const std::string& permissionName) { - return PermissionRecordManager::GetInstance().DumpRecordInfo(tokenID, permissionName); + return PermissionRecordManager::GetInstance().DumpRecordInfo(tokenId, permissionName); } int32_t PrivacyManagerService::RegisterPermActiveStatusCallback( diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp index 18937294b..743cd11b5 100644 --- a/services/privacymanager/src/service/privacy_manager_stub.cpp +++ b/services/privacymanager/src/service/privacy_manager_stub.cpp @@ -82,27 +82,27 @@ void PrivacyManagerStub::AddPermissionUsedRecordInner(MessageParcel& data, Messa reply.WriteInt32(RET_FAILED); return; } - AccessTokenID tokenID = data.ReadUint32(); + AccessTokenID tokenId = data.ReadUint32(); std::string permissionName = data.ReadString(); int32_t successCount = data.ReadInt32(); int32_t failCount = data.ReadInt32(); - int32_t result = this->AddPermissionUsedRecord(tokenID, permissionName, successCount, failCount); + int32_t result = this->AddPermissionUsedRecord(tokenId, permissionName, successCount, failCount); reply.WriteInt32(result); } void PrivacyManagerStub::StartUsingPermissionInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenID = data.ReadUint32(); + AccessTokenID tokenId = data.ReadUint32(); std::string permissionName = data.ReadString(); - int32_t result = this->StartUsingPermission(tokenID, permissionName); + int32_t result = this->StartUsingPermission(tokenId, permissionName); reply.WriteInt32(result); } void PrivacyManagerStub::StopUsingPermissionInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenID = data.ReadUint32(); + AccessTokenID tokenId = data.ReadUint32(); std::string permissionName = data.ReadString(); - int32_t result = this->StopUsingPermission(tokenID, permissionName); + int32_t result = this->StopUsingPermission(tokenId, permissionName); reply.WriteInt32(result); } @@ -115,9 +115,9 @@ void PrivacyManagerStub::RemovePermissionUsedRecordsInner(MessageParcel& data, M reply.WriteInt32(RET_FAILED); return; } - AccessTokenID tokenID = data.ReadUint32(); + AccessTokenID tokenId = data.ReadUint32(); std::string deviceID = data.ReadString(); - int32_t result = this->RemovePermissionUsedRecords(tokenID, deviceID); + int32_t result = this->RemovePermissionUsedRecords(tokenId, deviceID); reply.WriteInt32(result); } @@ -159,9 +159,9 @@ void PrivacyManagerStub::GetPermissionUsedRecordsAsyncInner(MessageParcel& data, void PrivacyManagerStub::DumpRecordInfoInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenID = data.ReadUint32(); + AccessTokenID tokenId = data.ReadUint32(); std::string permissionName = data.ReadString(); - std::string dumpInfo = this->DumpRecordInfo(tokenID, permissionName); + std::string dumpInfo = this->DumpRecordInfo(tokenId, permissionName); reply.WriteString(dumpInfo); } -- Gitee From ea6c0e30a07b310fe40fda903062d144b898dde6 Mon Sep 17 00:00:00 2001 From: chennian Date: Sun, 21 Aug 2022 07:39:25 +0000 Subject: [PATCH 30/68] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E5=A4=B1=E8=B4=A5=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../innerkits/privacy/test/unittest/src/privacy_kit_test.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp index 209448f27..399abdc1a 100644 --- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp +++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp @@ -291,7 +291,7 @@ HWTEST_F(PrivacyKitTest, AddPermissionUsedRecord003, TestSize.Level1) delete[] dcaps; delete[] acls; - ASSERT_EQ(RET_NO_ERROR, PrivacyKit::AddPermissionUsedRecord( + ASSERT_EQ(RET_ERROR, PrivacyKit::AddPermissionUsedRecord( tokenId, "ohos.permission.READ_CONTACTS", 1, 0)); PermissionUsedRequest request; -- Gitee From 9d28456e4e0dd756335aa76034ba1c25ad61863e Mon Sep 17 00:00:00 2001 From: chennian Date: Sun, 21 Aug 2022 10:17:52 +0000 Subject: [PATCH 31/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9review=E6=84=8F?= =?UTF-8?q?=E8=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../include/record/permission_record_manager.h | 2 +- .../src/record/permission_record_manager.cpp | 13 +++---------- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/services/privacymanager/include/record/permission_record_manager.h b/services/privacymanager/include/record/permission_record_manager.h index c81a6565d..a4cf29f56 100644 --- a/services/privacymanager/include/record/permission_record_manager.h +++ b/services/privacymanager/include/record/permission_record_manager.h @@ -58,7 +58,7 @@ private: DISALLOW_COPY_AND_MOVE(PermissionRecordManager); bool GetLocalRecordTokenIdList(std::set& tokenIdList); - bool AddRecord(const PermissionRecord& record); + int32_t AddRecord(const PermissionRecord& record); bool GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, int32_t successCount, int32_t failCount, PermissionRecord& record); bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 361d4426f..154d8141c 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -53,14 +53,10 @@ PermissionRecordManager::~PermissionRecordManager() hasInited_ = false; } -bool PermissionRecordManager::AddRecord(const PermissionRecord& record) +int32_t PermissionRecordManager::AddRecord(const PermissionRecord& record) { Utils::UniqueWriteGuard lk(this->rwLock_); - if (PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(const_cast(record)) - == Constant::SUCCESS) { - return true; - } - return false; + return PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(const_cast(record); } bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, @@ -100,10 +96,7 @@ int32_t PermissionRecordManager::AddPermissionUsedRecord(AccessTokenID tokenId, return Constant::FAILURE; } - if (!AddRecord(record)) { - return Constant::FAILURE; - } - return Constant::SUCCESS; + return AddRecord(record); } void PermissionRecordManager::RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID) -- Gitee From e61c880516edbce18c7eb91576ee2b875e5d8cea Mon Sep 17 00:00:00 2001 From: chennian Date: Sun, 21 Aug 2022 10:31:41 +0000 Subject: [PATCH 32/68] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=BC=96=E8=AF=91?= =?UTF-8?q?=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../privacymanager/src/record/permission_record_manager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/privacymanager/src/record/permission_record_manager.cpp b/services/privacymanager/src/record/permission_record_manager.cpp index 154d8141c..ca2b7e560 100644 --- a/services/privacymanager/src/record/permission_record_manager.cpp +++ b/services/privacymanager/src/record/permission_record_manager.cpp @@ -56,7 +56,7 @@ PermissionRecordManager::~PermissionRecordManager() int32_t PermissionRecordManager::AddRecord(const PermissionRecord& record) { Utils::UniqueWriteGuard lk(this->rwLock_); - return PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(const_cast(record); + return PermissionUsedRecordCache::GetInstance().AddRecordToBuffer(const_cast(record)); } bool PermissionRecordManager::GetPermissionsRecord(AccessTokenID tokenId, const std::string& permissionName, -- Gitee From 4ad6314fd6f1d457d3e475bbb88fc7f8434eafbb Mon Sep 17 00:00:00 2001 From: chennian Date: Sun, 21 Aug 2022 18:50:01 +0800 Subject: [PATCH 33/68] =?UTF-8?q?Aytm=20dump=E6=8C=87=E4=BB=A4=E6=95=B4?= =?UTF-8?q?=E6=94=B9=20Signed-off-by:chennian?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: chennian --- .../include/i_accesstoken_manager.h | 2 +- .../accesstoken/include/accesstoken_kit.h | 2 +- .../accesstoken/src/accesstoken_kit.cpp | 6 +- .../src/accesstoken_manager_client.cpp | 4 +- .../src/accesstoken_manager_client.h | 2 +- .../src/accesstoken_manager_proxy.cpp | 5 +- .../src/accesstoken_manager_proxy.h | 2 +- .../unittest/src/accesstoken_kit_test.cpp | 33 +++- .../service/accesstoken_manager_service.h | 2 +- .../include/token/accesstoken_info_manager.h | 2 +- .../service/accesstoken_manager_service.cpp | 4 +- .../src/service/accesstoken_manager_stub.cpp | 3 +- .../src/token/accesstoken_info_manager.cpp | 20 +- .../cpp/src/accesstoken_info_manager_test.cpp | 8 +- tools/accesstoken/include/atm_command.h | 35 +++- tools/accesstoken/src/atm_command.cpp | 176 +++++++++++++----- 16 files changed, 231 insertions(+), 75 deletions(-) diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 4e681974e..d5216bf64 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -81,7 +81,7 @@ public: virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; #endif - virtual void DumpTokenInfo(std::string& tokenInfo) = 0; + virtual void DumpTokenInfo(AccessTokenID tokenID, std::string& tokenInfo) = 0; enum class InterfaceCode { VERIFY_ACCESSTOKEN = 0xff10, diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index fa031d18e..ba1ebc0eb 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -74,7 +74,7 @@ public: static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); static int DeleteRemoteDeviceTokens(const std::string& deviceID); #endif - static void DumpTokenInfo(std::string& dumpInfo); + static void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index b1d470447..6e3c71d96 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -386,10 +386,10 @@ AccessTokenID AccessTokenKit::GetRemoteNativeTokenID(const std::string& deviceID } #endif -void AccessTokenKit::DumpTokenInfo(std::string& dumpInfo) +void AccessTokenKit::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - AccessTokenManagerClient::GetInstance().DumpTokenInfo(dumpInfo); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called,tokenID: %{public}d", __func__, tokenID); + AccessTokenManagerClient::GetInstance().DumpTokenInfo(tokenID, dumpInfo); } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index c8b2f0633..c7c1e5ac1 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -502,7 +502,7 @@ int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& device } #endif -void AccessTokenManagerClient::DumpTokenInfo(std::string& dumpInfo) +void AccessTokenManagerClient::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -510,7 +510,7 @@ void AccessTokenManagerClient::DumpTokenInfo(std::string& dumpInfo) ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); return; } - proxy->DumpTokenInfo(dumpInfo); + proxy->DumpTokenInfo(tokenID, dumpInfo); } void AccessTokenManagerClient::InitProxy() diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index 1d0dbddef..8a0e14df3 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -80,7 +80,7 @@ public: int DeleteRemoteDeviceTokens(const std::string& deviceID); #endif - void DumpTokenInfo(std::string& dumpInfo); + void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo); void OnRemoteDiedHandle(); private: diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 98692fa75..19785428e 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -1006,11 +1006,14 @@ int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceI } #endif -void AccessTokenManagerProxy::DumpTokenInfo(std::string& dumpInfo) +void AccessTokenManagerProxy::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) { MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + return; + } MessageParcel reply; MessageOption option; sptr remote = Remote(); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index cc897d6cd..809061d35 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -76,7 +76,7 @@ public: int DeleteRemoteDeviceTokens(const std::string& deviceID) override; #endif - void DumpTokenInfo(std::string& dumpInfo) override; + void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) override; private: static inline BrokerDelegator delegator_; diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 23d4c9803..c908ebd0b 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2455,14 +2455,43 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) /** * @tc.name: DumpTokenInfo001 - * @tc.desc: Get dump token information + * @tc.desc: Get dump token information with invalid tokenID * @tc.type: FUNC * @tc.require:Issue Number */ HWTEST_F(AccessTokenKitTest, DumpTokenInfo001, TestSize.Level1) { std::string info; - AccessTokenKit::DumpTokenInfo(info); + AccessTokenKit::DumpTokenInfo(123, info); + ASSERT_EQ("invalid tokenId", info); +} + +/** + * @tc.name: DumpTokenInfo002 + * @tc.desc: Get dump token information + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(AccessTokenKitTest, DumpTokenInfo002, TestSize.Level1) +{ + std::string info; + AccessTokenKit::DumpTokenInfo(0, info); + ASSERT_EQ(false, info.empty()); +} + +/** + * @tc.name: DumpTokenInfo003 + * @tc.desc: Get dump token information + * @tc.type: FUNC + * @tc.require:Issue Number + */ +HWTEST_F(AccessTokenKitTest, DumpTokenInfo003, TestSize.Level1) +{ + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + std::string info; + AccessTokenKit::DumpTokenInfo(tokenID, info); ASSERT_EQ(false, info.empty()); } diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index e2414ca25..2b46210f1 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -79,7 +79,7 @@ public: void DestroyDeviceListenner(); #endif - void DumpTokenInfo(std::string& dumpInfo) override; + void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) override; private: bool Initialize(); diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 88994f2f2..d6e866d56 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -55,7 +55,7 @@ public: void ProcessNativeTokenInfos(const std::vector>& tokenInfos); int UpdateHapToken( AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); - void DumpTokenInfo(std::string& dumpInfo); + void DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo); void RefreshTokenInfoIfNeeded(); #ifdef TOKEN_SYNC_ENABLE diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index ce1a55351..974b71c1c 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -367,11 +367,11 @@ int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& devic } #endif -void AccessTokenManagerService::DumpTokenInfo(std::string& dumpInfo) +void AccessTokenManagerService::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) { ACCESSTOKEN_LOG_INFO(LABEL, "called"); - AccessTokenInfoManager::GetInstance().DumpTokenInfo(dumpInfo); + AccessTokenInfoManager::GetInstance().DumpTokenInfo(tokenID, dumpInfo); } #ifdef TOKEN_SYNC_ENABLE void AccessTokenManagerService::CreateDeviceListenner() diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index dd2c129e9..766939fa6 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -484,8 +484,9 @@ void AccessTokenManagerStub::DumpTokenInfoInner(MessageParcel& data, MessageParc reply.WriteInt32(RET_FAILED); return; } + AccessTokenID tokenID = data.ReadUint32(); std::string dumpInfo = ""; - this->DumpTokenInfo(dumpInfo); + this->DumpTokenInfo(tokenID, dumpInfo); reply.WriteString(dumpInfo); } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index ef440cdda..e6ef009f3 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -949,10 +949,26 @@ void AccessTokenInfoManager::RefreshTokenInfoIfNeeded() }); } -void AccessTokenInfoManager::DumpTokenInfo(std::string& dumpInfo) +void AccessTokenInfoManager::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); ACCESSTOKEN_LOG_INFO(LABEL, "get hapTokenInfo"); + if (tokenID != 0) { + ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID); + if (type == TOKEN_HAP) { + std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); + if (infoPtr != nullptr) { + infoPtr->ToString(dumpInfo); + } + } else if (type == TOKEN_NATIVE) { + std::shared_ptr infoPtr = GetNativeTokenInfoInner(tokenID); + if (infoPtr != nullptr) { + infoPtr->ToString(dumpInfo); + } + } else { + dumpInfo.append("invalid tokenId"); + } + return; + } Utils::UniqueReadGuard hapInfoGuard(this->hapTokenInfoLock_); for (auto iter = hapTokenInfoMap_.begin(); iter != hapTokenInfoMap_.end(); iter++) { diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp index d09a2b536..fbe8f922a 100644 --- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp @@ -182,14 +182,14 @@ void AccessTokenInfoManagerTest::TearDown() HWTEST_F(AccessTokenInfoManagerTest, Init001, TestSize.Level1) { AccessTokenInfoManager::GetInstance().Init(); + AccessTokenID getTokenId = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); + std::string dumpInfo; - AccessTokenInfoManager::GetInstance().DumpTokenInfo(dumpInfo); + AccessTokenInfoManager::GetInstance().DumpTokenInfo(getTokenId, dumpInfo); GTEST_LOG_(INFO) << "dump all:" << dumpInfo.c_str(); // delete test token - AccessTokenID getTokenId = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID, - g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); - if (getTokenId != 0) { int ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(getTokenId); ASSERT_EQ(RET_SUCCESS, ret); diff --git a/tools/accesstoken/include/atm_command.h b/tools/accesstoken/include/atm_command.h index a69f68981..ad69570c6 100644 --- a/tools/accesstoken/include/atm_command.h +++ b/tools/accesstoken/include/atm_command.h @@ -21,18 +21,34 @@ namespace OHOS { namespace Security { namespace AccessToken { +typedef enum TypeOptType { + DEFAULT = 0, + DUMP_TOKEN, + DUMP_RECORD, + PERM_GRANT, + PERM_REVOKE, +} OptType; + const std::string TOOLS_NAME = "atm"; const std::string HELP_MSG = "usage: atm