diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json index 5a463361f786ddc124c35c5ebc8fc21e834f919f..eb73d812e357cb7d68503443b85634495be644ad 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -61,14 +61,6 @@ { "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", "reason": "revoke sensitive permissions" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "reason": "get bundle previleged info" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO", - "reason": "get bundle default info" } ] } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index d8ece485681f452f834cb28c5a065b4966cef893..4e2b9c2829b34c81e963fb8229edc7d9037e2d3f 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -14,8 +14,6 @@ */ import { getPermissionGroup } from "../utils/utils.ets" -import { BundleFlag, userId } from "../model/bundle.ets" -import bundle from '@ohos.bundle'; import featureAbility from '@ohos.ability.featureAbility'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; @@ -128,12 +126,11 @@ export struct privacyDialog { aboutToAppear() { this.count = 0; + this.hasPrepared = false; featureAbility.getWant((err, want) => { - this.reqPerms = want.parameters["ohos.user.grant.permission"] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " bundleName=" + want.bundleName) - bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { - this.accessTokenId = res.accessTokenId - }) + this.reqPerms = want.parameters['ohos.user.grant.permission'] + this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId)) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index a9e0076e0111b3f4118d196f4020c08e2083a8ea..377c5dd1e1739dc3868ca20485aa8a3eae9e2369 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -108,12 +108,14 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); return; @@ -124,11 +126,13 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -139,11 +143,13 @@ void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessagePa void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return;