1fc0b0055Sopenharmony_ci/* 2fc0b0055Sopenharmony_ci * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3fc0b0055Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4fc0b0055Sopenharmony_ci * you may not use this file except in compliance with the License. 5fc0b0055Sopenharmony_ci * You may obtain a copy of the License at 6fc0b0055Sopenharmony_ci * 7fc0b0055Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8fc0b0055Sopenharmony_ci * 9fc0b0055Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10fc0b0055Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11fc0b0055Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12fc0b0055Sopenharmony_ci * See the License for the specific language governing permissions and 13fc0b0055Sopenharmony_ci * limitations under the License. 14fc0b0055Sopenharmony_ci */ 15fc0b0055Sopenharmony_ci 16fc0b0055Sopenharmony_ci/** 17fc0b0055Sopenharmony_ci * @addtogroup AccessToken 18fc0b0055Sopenharmony_ci * @{ 19fc0b0055Sopenharmony_ci * 20fc0b0055Sopenharmony_ci * @brief Provides permission management. 21fc0b0055Sopenharmony_ci * 22fc0b0055Sopenharmony_ci * Provides tokenID-based application permission verification mechanism. 23fc0b0055Sopenharmony_ci * When an application accesses sensitive data or APIs, this module can check 24fc0b0055Sopenharmony_ci * whether the application has the corresponding permission. Allows applications 25fc0b0055Sopenharmony_ci * to query their access token information or APL levcels based on token IDs. 26fc0b0055Sopenharmony_ci * 27fc0b0055Sopenharmony_ci * @since 7.0 28fc0b0055Sopenharmony_ci * @version 7.0 29fc0b0055Sopenharmony_ci */ 30fc0b0055Sopenharmony_ci 31fc0b0055Sopenharmony_ci/** 32fc0b0055Sopenharmony_ci * @file accesstoken_kit.h 33fc0b0055Sopenharmony_ci * 34fc0b0055Sopenharmony_ci * @brief Declares access token interfaces. 35fc0b0055Sopenharmony_ci * 36fc0b0055Sopenharmony_ci * @since 7.0 37fc0b0055Sopenharmony_ci * @version 7.0 38fc0b0055Sopenharmony_ci */ 39fc0b0055Sopenharmony_ci 40fc0b0055Sopenharmony_ci#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H 41fc0b0055Sopenharmony_ci#define INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H 42fc0b0055Sopenharmony_ci 43fc0b0055Sopenharmony_ci#include <string> 44fc0b0055Sopenharmony_ci#include <vector> 45fc0b0055Sopenharmony_ci 46fc0b0055Sopenharmony_ci#include "access_token.h" 47fc0b0055Sopenharmony_ci#include "atm_tools_param_info.h" 48fc0b0055Sopenharmony_ci#include "hap_token_info.h" 49fc0b0055Sopenharmony_ci#include "native_token_info.h" 50fc0b0055Sopenharmony_ci#include "permission_def.h" 51fc0b0055Sopenharmony_ci#include "permission_list_state.h" 52fc0b0055Sopenharmony_ci#include "permission_grant_info.h" 53fc0b0055Sopenharmony_ci#include "permission_state_change_info.h" 54fc0b0055Sopenharmony_ci#include "permission_state_full.h" 55fc0b0055Sopenharmony_ci#include "perm_state_change_callback_customize.h" 56fc0b0055Sopenharmony_ci#ifdef TOKEN_SYNC_ENABLE 57fc0b0055Sopenharmony_ci#include "token_sync_kit_interface.h" 58fc0b0055Sopenharmony_ci#endif // TOKEN_SYNC_ENABLE 59fc0b0055Sopenharmony_ci 60fc0b0055Sopenharmony_cinamespace OHOS { 61fc0b0055Sopenharmony_cinamespace Security { 62fc0b0055Sopenharmony_cinamespace AccessToken { 63fc0b0055Sopenharmony_ci/** 64fc0b0055Sopenharmony_ci * @brief Declares AccessTokenKit class 65fc0b0055Sopenharmony_ci */ 66fc0b0055Sopenharmony_ciclass AccessTokenKit { 67fc0b0055Sopenharmony_cipublic: 68fc0b0055Sopenharmony_ci /** 69fc0b0055Sopenharmony_ci * @brief Get permission used type by tokenID. 70fc0b0055Sopenharmony_ci * @param tokenID token id 71fc0b0055Sopenharmony_ci * @param permissionName permission to be checked 72fc0b0055Sopenharmony_ci * @return enum PermUsedTypeEnum, see access_token.h 73fc0b0055Sopenharmony_ci */ 74fc0b0055Sopenharmony_ci static PermUsedTypeEnum GetPermissionUsedType(AccessTokenID tokenID, const std::string& permissionName); 75fc0b0055Sopenharmony_ci 76fc0b0055Sopenharmony_ci /** 77fc0b0055Sopenharmony_ci * @brief Grant input permission to input tokenID flag for specified time. 78fc0b0055Sopenharmony_ci * @param tokenID token id 79fc0b0055Sopenharmony_ci * @param permissionName permission name quote 80fc0b0055Sopenharmony_ci * @param onceTime the time it takes to work, the unit is second. 81fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 82fc0b0055Sopenharmony_ci */ 83fc0b0055Sopenharmony_ci static int GrantPermissionForSpecifiedTime( 84fc0b0055Sopenharmony_ci AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime); 85fc0b0055Sopenharmony_ci 86fc0b0055Sopenharmony_ci /** 87fc0b0055Sopenharmony_ci * @brief Create a unique hap token by input values. 88fc0b0055Sopenharmony_ci * @param info struct HapInfoParams quote, see hap_token_info.h 89fc0b0055Sopenharmony_ci * @param policy struct HapPolicyParams quote, see hap_token_info.h 90fc0b0055Sopenharmony_ci * @return union AccessTokenIDEx, see access_token.h 91fc0b0055Sopenharmony_ci */ 92fc0b0055Sopenharmony_ci static AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); 93fc0b0055Sopenharmony_ci /** 94fc0b0055Sopenharmony_ci * @brief Create a unique hap token by input values and init the permission state. 95fc0b0055Sopenharmony_ci * @param info struct HapInfoParams quote, see hap_token_info.h 96fc0b0055Sopenharmony_ci * @param policy struct HapPolicyParams quote, see hap_token_info.h 97fc0b0055Sopenharmony_ci * @return union AccessTokenIDEx, see access_token.h 98fc0b0055Sopenharmony_ci */ 99fc0b0055Sopenharmony_ci static int32_t InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, AccessTokenIDEx& fullTokenId); 100fc0b0055Sopenharmony_ci /** 101fc0b0055Sopenharmony_ci * @brief Create a unique mapping token binding remote tokenID and DeviceID. 102fc0b0055Sopenharmony_ci * @param remoteDeviceID remote device deviceID 103fc0b0055Sopenharmony_ci * @param remoteTokenID remote device tokenID 104fc0b0055Sopenharmony_ci * @return local tokenID which mapped by local token 105fc0b0055Sopenharmony_ci */ 106fc0b0055Sopenharmony_ci static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 107fc0b0055Sopenharmony_ci /** 108fc0b0055Sopenharmony_ci * @brief Update hap token info. 109fc0b0055Sopenharmony_ci * @param tokenIdEx union AccessTokenIDEx quote, see access_token.h 110fc0b0055Sopenharmony_ci * @param isSystemApp is system app or not 111fc0b0055Sopenharmony_ci * @param appIDDesc app id description quote 112fc0b0055Sopenharmony_ci * @param apiVersion app api version 113fc0b0055Sopenharmony_ci * @param policy struct HapPolicyParams quote, see hap_token_info.h 114fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 115fc0b0055Sopenharmony_ci */ 116fc0b0055Sopenharmony_ci static int32_t UpdateHapToken( 117fc0b0055Sopenharmony_ci AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, const HapPolicyParams& policy); 118fc0b0055Sopenharmony_ci /** 119fc0b0055Sopenharmony_ci * @brief Delete token info. 120fc0b0055Sopenharmony_ci * @param tokenID token id 121fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 122fc0b0055Sopenharmony_ci */ 123fc0b0055Sopenharmony_ci static int DeleteToken(AccessTokenID tokenID); 124fc0b0055Sopenharmony_ci /** 125fc0b0055Sopenharmony_ci * @brief Get token type by ATM service. 126fc0b0055Sopenharmony_ci * @param tokenID token id 127fc0b0055Sopenharmony_ci * @return token type enum, see access_token.h 128fc0b0055Sopenharmony_ci */ 129fc0b0055Sopenharmony_ci static ATokenTypeEnum GetTokenType(AccessTokenID tokenID); 130fc0b0055Sopenharmony_ci /** 131fc0b0055Sopenharmony_ci * @brief Get token type from flag in tokenId, which doesn't depend on ATM service. 132fc0b0055Sopenharmony_ci * @param tokenID token id 133fc0b0055Sopenharmony_ci * @return token type enum, see access_token.h 134fc0b0055Sopenharmony_ci */ 135fc0b0055Sopenharmony_ci static ATokenTypeEnum GetTokenTypeFlag(AccessTokenID tokenID); 136fc0b0055Sopenharmony_ci /** 137fc0b0055Sopenharmony_ci * @brief Get token type by ATM service with uint_64 parameters. 138fc0b0055Sopenharmony_ci * @param tokenID token id 139fc0b0055Sopenharmony_ci * @return token type enum, see access_token.h 140fc0b0055Sopenharmony_ci */ 141fc0b0055Sopenharmony_ci static ATokenTypeEnum GetTokenType(FullTokenID tokenID); 142fc0b0055Sopenharmony_ci /** 143fc0b0055Sopenharmony_ci * @brief Get token type from flag in tokenId, which doesn't depend 144fc0b0055Sopenharmony_ci * on ATM service, with uint_64 parameters. 145fc0b0055Sopenharmony_ci * @param tokenID token id 146fc0b0055Sopenharmony_ci * @return token type enum, see access_token.h 147fc0b0055Sopenharmony_ci */ 148fc0b0055Sopenharmony_ci static ATokenTypeEnum GetTokenTypeFlag(FullTokenID tokenID); 149fc0b0055Sopenharmony_ci /** 150fc0b0055Sopenharmony_ci * @brief Query hap tokenID by input prarms. 151fc0b0055Sopenharmony_ci * @param userID user id 152fc0b0055Sopenharmony_ci * @param bundleName bundle name 153fc0b0055Sopenharmony_ci * @param instIndex inst index 154fc0b0055Sopenharmony_ci * @return token id if exsit or 0 if not exsit 155fc0b0055Sopenharmony_ci */ 156fc0b0055Sopenharmony_ci static AccessTokenID GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); 157fc0b0055Sopenharmony_ci /** 158fc0b0055Sopenharmony_ci * @brief Query hap token attribute by input prarms. 159fc0b0055Sopenharmony_ci * @param userID user id 160fc0b0055Sopenharmony_ci * @param bundleName bundle name 161fc0b0055Sopenharmony_ci * @param instIndex inst index 162fc0b0055Sopenharmony_ci * @return union AccessTokenIDEx, see access_token.h 163fc0b0055Sopenharmony_ci */ 164fc0b0055Sopenharmony_ci static AccessTokenIDEx GetHapTokenIDEx(int32_t userID, const std::string& bundleName, int32_t instIndex); 165fc0b0055Sopenharmony_ci /** 166fc0b0055Sopenharmony_ci * @brief Get hap token info by token id. 167fc0b0055Sopenharmony_ci * @param tokenID token id 168fc0b0055Sopenharmony_ci * @param hapTokenInfoRes HapTokenInfo quote, as query result 169fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 170fc0b0055Sopenharmony_ci */ 171fc0b0055Sopenharmony_ci static int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); 172fc0b0055Sopenharmony_ci /** 173fc0b0055Sopenharmony_ci * @brief Get native token info by token id. 174fc0b0055Sopenharmony_ci * @param tokenID token id 175fc0b0055Sopenharmony_ci * @param nativeTokenInfoRes NativeTokenInfo quote, as query result 176fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 177fc0b0055Sopenharmony_ci */ 178fc0b0055Sopenharmony_ci static int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); 179fc0b0055Sopenharmony_ci /** 180fc0b0055Sopenharmony_ci * @brief Check if the input tokenID has been granted the input permission. 181fc0b0055Sopenharmony_ci * @param tokenID token id 182fc0b0055Sopenharmony_ci * @param permissionName permission to be checked 183fc0b0055Sopenharmony_ci * @return enum PermissionState, see access_token.h 184fc0b0055Sopenharmony_ci */ 185fc0b0055Sopenharmony_ci static int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); 186fc0b0055Sopenharmony_ci /** 187fc0b0055Sopenharmony_ci * @brief Check if the input tokenID has been granted the input permission. 188fc0b0055Sopenharmony_ci * @param callerTokenID the tokenID of caller native process or hap process 189fc0b0055Sopenharmony_ci * @param firstTokenID the tokenID of first caller native process or hap process 190fc0b0055Sopenharmony_ci * @param permissionName permission to be checked 191fc0b0055Sopenharmony_ci * @return enum PermissionState, see access_token.h 192fc0b0055Sopenharmony_ci */ 193fc0b0055Sopenharmony_ci static int VerifyAccessToken( 194fc0b0055Sopenharmony_ci AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName); 195fc0b0055Sopenharmony_ci /** 196fc0b0055Sopenharmony_ci * @brief Check if the input tokenID has been granted the input permission. 197fc0b0055Sopenharmony_ci * @param tokenID token id 198fc0b0055Sopenharmony_ci * @param permissionName permission to be checked 199fc0b0055Sopenharmony_ci * @param crossIpc whether to cross ipc 200fc0b0055Sopenharmony_ci * @return enum PermissionState, see access_token.h 201fc0b0055Sopenharmony_ci */ 202fc0b0055Sopenharmony_ci static int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName, bool crossIpc); 203fc0b0055Sopenharmony_ci /** 204fc0b0055Sopenharmony_ci * @brief Check if the input tokenID has been granted the input permission. 205fc0b0055Sopenharmony_ci * @param callerTokenID the tokenID of caller native process or hap process 206fc0b0055Sopenharmony_ci * @param firstTokenID the tokenID of first caller native process or hap process 207fc0b0055Sopenharmony_ci * @param permissionName permission to be checked 208fc0b0055Sopenharmony_ci * @param crossIpc whether to cross ipc 209fc0b0055Sopenharmony_ci * @return enum PermissionState, see access_token.h 210fc0b0055Sopenharmony_ci */ 211fc0b0055Sopenharmony_ci static int VerifyAccessToken(AccessTokenID callerTokenID, 212fc0b0055Sopenharmony_ci AccessTokenID firstTokenID, const std::string& permissionName, bool crossIpc); 213fc0b0055Sopenharmony_ci 214fc0b0055Sopenharmony_ci /** 215fc0b0055Sopenharmony_ci * @brief Get permission definition by permission name. 216fc0b0055Sopenharmony_ci * @param permissionName permission name quote 217fc0b0055Sopenharmony_ci * @param permissionDefResult PermissionDef quote, as query result 218fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 219fc0b0055Sopenharmony_ci */ 220fc0b0055Sopenharmony_ci static int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); 221fc0b0055Sopenharmony_ci /** 222fc0b0055Sopenharmony_ci * @brief Get all permission definitions by token id. 223fc0b0055Sopenharmony_ci * @param tokenID token id 224fc0b0055Sopenharmony_ci * @param permList PermissionDef list quote, as query result 225fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 226fc0b0055Sopenharmony_ci */ 227fc0b0055Sopenharmony_ci static int GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList); 228fc0b0055Sopenharmony_ci /** 229fc0b0055Sopenharmony_ci * @brief Get all requested permission full state by token id and grant mode. 230fc0b0055Sopenharmony_ci * @param tokenID token id 231fc0b0055Sopenharmony_ci * @param reqPermList PermissionStateFull list quote, as query result 232fc0b0055Sopenharmony_ci * @param isSystemGrant grant mode 233fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 234fc0b0055Sopenharmony_ci */ 235fc0b0055Sopenharmony_ci static int GetReqPermissions( 236fc0b0055Sopenharmony_ci AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant); 237fc0b0055Sopenharmony_ci /** 238fc0b0055Sopenharmony_ci * @brief Get permission grant flag 239fc0b0055Sopenharmony_ci * @param tokenID token id 240fc0b0055Sopenharmony_ci * @param permissionName permission name quote 241fc0b0055Sopenharmony_ci * @param flag the permission grant flag, as query result 242fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 243fc0b0055Sopenharmony_ci */ 244fc0b0055Sopenharmony_ci static int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag); 245fc0b0055Sopenharmony_ci /** 246fc0b0055Sopenharmony_ci * @brief Set permission request toggle status 247fc0b0055Sopenharmony_ci * @param permissionName permission name quote 248fc0b0055Sopenharmony_ci * @param status the permission request toggle status to set 249fc0b0055Sopenharmony_ci * @param userID the userID 250fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 251fc0b0055Sopenharmony_ci */ 252fc0b0055Sopenharmony_ci static int32_t SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, int32_t userID); 253fc0b0055Sopenharmony_ci /** 254fc0b0055Sopenharmony_ci * @brief Get permission request toggle status 255fc0b0055Sopenharmony_ci * @param permissionName permission name quote 256fc0b0055Sopenharmony_ci * @param status the permission request toggle status to get 257fc0b0055Sopenharmony_ci * @param userID the userID 258fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 259fc0b0055Sopenharmony_ci */ 260fc0b0055Sopenharmony_ci static int32_t GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, 261fc0b0055Sopenharmony_ci int32_t userID); 262fc0b0055Sopenharmony_ci /** 263fc0b0055Sopenharmony_ci * @brief Get requsted permission grant result 264fc0b0055Sopenharmony_ci * @param permList PermissionListState list quote, as input and query result 265fc0b0055Sopenharmony_ci * @return enum PermissionOper, see access_token.h 266fc0b0055Sopenharmony_ci */ 267fc0b0055Sopenharmony_ci static PermissionOper GetSelfPermissionsState(std::vector<PermissionListState>& permList, 268fc0b0055Sopenharmony_ci PermissionGrantInfo& info); 269fc0b0055Sopenharmony_ci /** 270fc0b0055Sopenharmony_ci * @brief Get requsted permissions status 271fc0b0055Sopenharmony_ci * @param permList PermissionListState list quote, as input and query result 272fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 273fc0b0055Sopenharmony_ci */ 274fc0b0055Sopenharmony_ci static int32_t GetPermissionsStatus(AccessTokenID tokenID, std::vector<PermissionListState>& permList); 275fc0b0055Sopenharmony_ci /** 276fc0b0055Sopenharmony_ci * @brief Grant input permission to input tokenID with input flag. 277fc0b0055Sopenharmony_ci * @param tokenID token id 278fc0b0055Sopenharmony_ci * @param permissionName permission name quote 279fc0b0055Sopenharmony_ci * @param flag enum PermissionFlag, see access_token.h 280fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 281fc0b0055Sopenharmony_ci */ 282fc0b0055Sopenharmony_ci static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag); 283fc0b0055Sopenharmony_ci /** 284fc0b0055Sopenharmony_ci * @brief Revoke input permission to input tokenID with input flag. 285fc0b0055Sopenharmony_ci * @param tokenID token id 286fc0b0055Sopenharmony_ci * @param permissionName permission name quote 287fc0b0055Sopenharmony_ci * @param flag enum PermissionFlag, see access_token.h 288fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 289fc0b0055Sopenharmony_ci */ 290fc0b0055Sopenharmony_ci static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag); 291fc0b0055Sopenharmony_ci /** 292fc0b0055Sopenharmony_ci * @brief Clear all user granted permissions state in input tokenID. 293fc0b0055Sopenharmony_ci * @param tokenID token id 294fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 295fc0b0055Sopenharmony_ci */ 296fc0b0055Sopenharmony_ci static int ClearUserGrantedPermissionState(AccessTokenID tokenID); 297fc0b0055Sopenharmony_ci /** 298fc0b0055Sopenharmony_ci * @brief Register permission state change callback. 299fc0b0055Sopenharmony_ci * @param callback smart point of class PermStateChangeCallbackCustomize quote 300fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 301fc0b0055Sopenharmony_ci */ 302fc0b0055Sopenharmony_ci static int32_t RegisterPermStateChangeCallback( 303fc0b0055Sopenharmony_ci const std::shared_ptr<PermStateChangeCallbackCustomize>& callback); 304fc0b0055Sopenharmony_ci /** 305fc0b0055Sopenharmony_ci * @brief Unregister permission state change callback. 306fc0b0055Sopenharmony_ci * @param callback smart point of class PermStateChangeCallbackCustomize quote 307fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 308fc0b0055Sopenharmony_ci */ 309fc0b0055Sopenharmony_ci static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& callback); 310fc0b0055Sopenharmony_ci /** 311fc0b0055Sopenharmony_ci * @brief Get current version. 312fc0b0055Sopenharmony_ci * @param version access token version. 313fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 314fc0b0055Sopenharmony_ci */ 315fc0b0055Sopenharmony_ci static int32_t GetVersion(uint32_t& version); 316fc0b0055Sopenharmony_ci /** 317fc0b0055Sopenharmony_ci * @brief Get hap dlp flag by input tokenID. 318fc0b0055Sopenharmony_ci * @param tokenID token id 319fc0b0055Sopenharmony_ci * @return dlp flag in tokenID bitmap, or default -1 320fc0b0055Sopenharmony_ci */ 321fc0b0055Sopenharmony_ci static int32_t GetHapDlpFlag(AccessTokenID tokenID); 322fc0b0055Sopenharmony_ci /** 323fc0b0055Sopenharmony_ci * @brief Reload native token info. 324fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 325fc0b0055Sopenharmony_ci */ 326fc0b0055Sopenharmony_ci static int32_t ReloadNativeTokenInfo(); 327fc0b0055Sopenharmony_ci /** 328fc0b0055Sopenharmony_ci * @brief Get tokenID by native process name. 329fc0b0055Sopenharmony_ci * @param processName native process name 330fc0b0055Sopenharmony_ci * @return token id of native process 331fc0b0055Sopenharmony_ci */ 332fc0b0055Sopenharmony_ci static AccessTokenID GetNativeTokenId(const std::string& processName); 333fc0b0055Sopenharmony_ci 334fc0b0055Sopenharmony_ci /** 335fc0b0055Sopenharmony_ci * @brief Set permission dialog capability 336fc0b0055Sopenharmony_ci * @param hapBaseInfo base infomation of hap 337fc0b0055Sopenharmony_ci * @param enable status of enable dialog 338fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 339fc0b0055Sopenharmony_ci */ 340fc0b0055Sopenharmony_ci static int32_t SetPermDialogCap(const HapBaseInfo& hapBaseInfo, bool enable); 341fc0b0055Sopenharmony_ci 342fc0b0055Sopenharmony_ci#ifdef TOKEN_SYNC_ENABLE 343fc0b0055Sopenharmony_ci /** 344fc0b0055Sopenharmony_ci * @brief Get remote hap token info by remote token id. 345fc0b0055Sopenharmony_ci * @param tokenID remote token id 346fc0b0055Sopenharmony_ci * @param hapSync HapTokenInfoForSync quote, as query result 347fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 348fc0b0055Sopenharmony_ci */ 349fc0b0055Sopenharmony_ci static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 350fc0b0055Sopenharmony_ci /** 351fc0b0055Sopenharmony_ci * @brief Set remote hap token info with remote deviceID. 352fc0b0055Sopenharmony_ci * @param deviceID remote deviceID 353fc0b0055Sopenharmony_ci * @param hapSync hap token info to set 354fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 355fc0b0055Sopenharmony_ci */ 356fc0b0055Sopenharmony_ci static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 357fc0b0055Sopenharmony_ci /** 358fc0b0055Sopenharmony_ci * @brief Delete remote token by remote deviceID and remote tokenID. 359fc0b0055Sopenharmony_ci * @param deviceID remote deviceID 360fc0b0055Sopenharmony_ci * @param tokenID remote tokenID 361fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 362fc0b0055Sopenharmony_ci */ 363fc0b0055Sopenharmony_ci static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 364fc0b0055Sopenharmony_ci /** 365fc0b0055Sopenharmony_ci * @brief Get local mapping native tokenID by remote deviceID 366fc0b0055Sopenharmony_ci * and remote tokenID. 367fc0b0055Sopenharmony_ci * @param deviceID remote deviceID 368fc0b0055Sopenharmony_ci * @param tokenID remote tokenID 369fc0b0055Sopenharmony_ci * @return token id of mapping native tokenID 370fc0b0055Sopenharmony_ci */ 371fc0b0055Sopenharmony_ci static AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 372fc0b0055Sopenharmony_ci /** 373fc0b0055Sopenharmony_ci * @brief Delete remote tokens by remote deviceID. 374fc0b0055Sopenharmony_ci * @param deviceID remote deviceID 375fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 376fc0b0055Sopenharmony_ci */ 377fc0b0055Sopenharmony_ci static int DeleteRemoteDeviceTokens(const std::string& deviceID); 378fc0b0055Sopenharmony_ci /** 379fc0b0055Sopenharmony_ci * @brief Regist a token sync service callback 380fc0b0055Sopenharmony_ci * @param syncCallback token sync class 381fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 382fc0b0055Sopenharmony_ci */ 383fc0b0055Sopenharmony_ci static int32_t RegisterTokenSyncCallback(const std::shared_ptr<TokenSyncKitInterface>& syncCallback); 384fc0b0055Sopenharmony_ci /** 385fc0b0055Sopenharmony_ci * @brief UnRegist a token sync service callback 386fc0b0055Sopenharmony_ci * @param syncCallback token sync class 387fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 388fc0b0055Sopenharmony_ci */ 389fc0b0055Sopenharmony_ci static int32_t UnRegisterTokenSyncCallback(); 390fc0b0055Sopenharmony_ci#endif 391fc0b0055Sopenharmony_ci /** 392fc0b0055Sopenharmony_ci * @brief Dump all token infos in the cache. 393fc0b0055Sopenharmony_ci * @param tokenID token id, if tokenID is valid, only dump this token info 394fc0b0055Sopenharmony_ci * @param dumpInfo all token info 395fc0b0055Sopenharmony_ci */ 396fc0b0055Sopenharmony_ci static void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); 397fc0b0055Sopenharmony_ci /** 398fc0b0055Sopenharmony_ci * @brief Get application info of permission manager. 399fc0b0055Sopenharmony_ci * @param info application info of permission manager 400fc0b0055Sopenharmony_ci */ 401fc0b0055Sopenharmony_ci static void GetPermissionManagerInfo(PermissionGrantInfo& info); 402fc0b0055Sopenharmony_ci 403fc0b0055Sopenharmony_ci /** 404fc0b0055Sopenharmony_ci * @brief Set user permission policy 405fc0b0055Sopenharmony_ci * @param userList list of user id. 406fc0b0055Sopenharmony_ci * @param permList list of permission 407fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 408fc0b0055Sopenharmony_ci */ 409fc0b0055Sopenharmony_ci static int32_t InitUserPolicy(const std::vector<UserState>& userList, const std::vector<std::string>& permList); 410fc0b0055Sopenharmony_ci 411fc0b0055Sopenharmony_ci /** 412fc0b0055Sopenharmony_ci * @brief Update user permission policy 413fc0b0055Sopenharmony_ci * @param userList list of user id. 414fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 415fc0b0055Sopenharmony_ci */ 416fc0b0055Sopenharmony_ci static int32_t UpdateUserPolicy(const std::vector<UserState>& userList); 417fc0b0055Sopenharmony_ci 418fc0b0055Sopenharmony_ci /** 419fc0b0055Sopenharmony_ci * @brief Clear user permission policy 420fc0b0055Sopenharmony_ci * @return error code, see access_token_error.h 421fc0b0055Sopenharmony_ci */ 422fc0b0055Sopenharmony_ci static int32_t ClearUserPolicy(); 423fc0b0055Sopenharmony_ci}; 424fc0b0055Sopenharmony_ci} // namespace AccessToken 425fc0b0055Sopenharmony_ci} // namespace Security 426fc0b0055Sopenharmony_ci} // namespace OHOS 427fc0b0055Sopenharmony_ci#endif 428