1e41f4b71Sopenharmony_ci# @ohos.abilityAccessCtrl (程序访问控制管理) 2e41f4b71Sopenharmony_ci 3e41f4b71Sopenharmony_ci程序访问控制提供程序的权限管理能力,包括鉴权、授权等。 4e41f4b71Sopenharmony_ci 5e41f4b71Sopenharmony_ci> **说明:** 6e41f4b71Sopenharmony_ci> 本模块首批接口从API version 8开始支持。后续版本的新增接口,采用上角标单独标记接口的起始版本。 7e41f4b71Sopenharmony_ci 8e41f4b71Sopenharmony_ci## 导入模块 9e41f4b71Sopenharmony_ci 10e41f4b71Sopenharmony_ci```ts 11e41f4b71Sopenharmony_ciimport { abilityAccessCtrl } from '@kit.AbilityKit' 12e41f4b71Sopenharmony_ci``` 13e41f4b71Sopenharmony_ci 14e41f4b71Sopenharmony_ci## abilityAccessCtrl.createAtManager 15e41f4b71Sopenharmony_ci 16e41f4b71Sopenharmony_cicreateAtManager(): AtManager 17e41f4b71Sopenharmony_ci 18e41f4b71Sopenharmony_ci访问控制管理:获取访问控制模块对象。 19e41f4b71Sopenharmony_ci 20e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 21e41f4b71Sopenharmony_ci 22e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 23e41f4b71Sopenharmony_ci 24e41f4b71Sopenharmony_ci 25e41f4b71Sopenharmony_ci**返回值:** 26e41f4b71Sopenharmony_ci 27e41f4b71Sopenharmony_ci| 类型 | 说明 | 28e41f4b71Sopenharmony_ci| -------- | -------- | 29e41f4b71Sopenharmony_ci| [AtManager](#atmanager) | 获取访问控制模块的实例。 | 30e41f4b71Sopenharmony_ci 31e41f4b71Sopenharmony_ci**示例:** 32e41f4b71Sopenharmony_ci 33e41f4b71Sopenharmony_ci```ts 34e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 35e41f4b71Sopenharmony_ci``` 36e41f4b71Sopenharmony_ci 37e41f4b71Sopenharmony_ci## AtManager 38e41f4b71Sopenharmony_ci 39e41f4b71Sopenharmony_ci管理访问控制模块的实例。 40e41f4b71Sopenharmony_ci 41e41f4b71Sopenharmony_ci### checkAccessToken<sup>9+</sup> 42e41f4b71Sopenharmony_ci 43e41f4b71Sopenharmony_cicheckAccessToken(tokenID: number, permissionName: Permissions): Promise<GrantStatus> 44e41f4b71Sopenharmony_ci 45e41f4b71Sopenharmony_ci校验应用是否授予权限。使用Promise异步回调。 46e41f4b71Sopenharmony_ci 47e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 48e41f4b71Sopenharmony_ci 49e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 50e41f4b71Sopenharmony_ci 51e41f4b71Sopenharmony_ci**参数:** 52e41f4b71Sopenharmony_ci 53e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 54e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ------------------------------------------ | 55e41f4b71Sopenharmony_ci| tokenID | number | 是 | 要校验的目标应用的身份标识。可通过应用的[ApplicationInfo](js-apis-bundleManager-applicationInfo.md)的accessTokenId字段获得。| 56e41f4b71Sopenharmony_ci| permissionName | Permissions | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 57e41f4b71Sopenharmony_ci 58e41f4b71Sopenharmony_ci**返回值:** 59e41f4b71Sopenharmony_ci 60e41f4b71Sopenharmony_ci| 类型 | 说明 | 61e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 62e41f4b71Sopenharmony_ci| Promise<[GrantStatus](#grantstatus)> | Promise对象。返回授权状态结果。 | 63e41f4b71Sopenharmony_ci 64e41f4b71Sopenharmony_ci**错误码:** 65e41f4b71Sopenharmony_ci 66e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 67e41f4b71Sopenharmony_ci 68e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 69e41f4b71Sopenharmony_ci| -------- | -------- | 70e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 71e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. The tokenID is 0, or the permissionName exceeds 256 characters. | 72e41f4b71Sopenharmony_ci 73e41f4b71Sopenharmony_ci**示例:** 74e41f4b71Sopenharmony_ci 75e41f4b71Sopenharmony_ci```ts 76e41f4b71Sopenharmony_ciimport { abilityAccessCtrl } from '@kit.AbilityKit'; 77e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 78e41f4b71Sopenharmony_ci 79e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 80e41f4b71Sopenharmony_cilet tokenID: number = 0; // 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取 81e41f4b71Sopenharmony_ciatManager.checkAccessToken(tokenID, 'ohos.permission.GRANT_SENSITIVE_PERMISSIONS').then((data: abilityAccessCtrl.GrantStatus) => { 82e41f4b71Sopenharmony_ci console.log(`checkAccessToken success, data->${JSON.stringify(data)}`); 83e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 84e41f4b71Sopenharmony_ci console.error(`checkAccessToken fail, err->${JSON.stringify(err)}`); 85e41f4b71Sopenharmony_ci}); 86e41f4b71Sopenharmony_ci``` 87e41f4b71Sopenharmony_ci 88e41f4b71Sopenharmony_ci### verifyAccessTokenSync<sup>9+</sup> 89e41f4b71Sopenharmony_ci 90e41f4b71Sopenharmony_civerifyAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus 91e41f4b71Sopenharmony_ci 92e41f4b71Sopenharmony_ci校验应用是否被授予权限,同步返回结果。 93e41f4b71Sopenharmony_ci 94e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 95e41f4b71Sopenharmony_ci 96e41f4b71Sopenharmony_ci**参数:** 97e41f4b71Sopenharmony_ci 98e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 99e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ------------------------------------------ | 100e41f4b71Sopenharmony_ci| tokenID | number | 是 | 要校验应用的身份标识。可通过应用的[ApplicationInfo](js-apis-bundleManager-applicationInfo.md)的accessTokenId字段获得。| 101e41f4b71Sopenharmony_ci| permissionName | Permissions | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 102e41f4b71Sopenharmony_ci 103e41f4b71Sopenharmony_ci**返回值:** 104e41f4b71Sopenharmony_ci 105e41f4b71Sopenharmony_ci| 类型 | 说明 | 106e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 107e41f4b71Sopenharmony_ci| [GrantStatus](#grantstatus) | 枚举实例,返回授权状态。 | 108e41f4b71Sopenharmony_ci 109e41f4b71Sopenharmony_ci**错误码:** 110e41f4b71Sopenharmony_ci 111e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 112e41f4b71Sopenharmony_ci 113e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 114e41f4b71Sopenharmony_ci| -------- | -------- | 115e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 116e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. The tokenID is 0, or the permissionName exceeds 256 characters. | 117e41f4b71Sopenharmony_ci 118e41f4b71Sopenharmony_ci**示例:** 119e41f4b71Sopenharmony_ci 120e41f4b71Sopenharmony_ci```ts 121e41f4b71Sopenharmony_ciimport { abilityAccessCtrl } from '@kit.AbilityKit'; 122e41f4b71Sopenharmony_ci 123e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 124e41f4b71Sopenharmony_cilet tokenID: number = 0; // 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取 125e41f4b71Sopenharmony_citry { 126e41f4b71Sopenharmony_ci let data: abilityAccessCtrl.GrantStatus = atManager.verifyAccessTokenSync(tokenID, 'ohos.permission.GRANT_SENSITIVE_PERMISSIONS'); 127e41f4b71Sopenharmony_ci console.log(`data->${JSON.stringify(data)}`); 128e41f4b71Sopenharmony_ci} catch(err) { 129e41f4b71Sopenharmony_ci console.error(`catch err->${JSON.stringify(err)}`); 130e41f4b71Sopenharmony_ci} 131e41f4b71Sopenharmony_ci``` 132e41f4b71Sopenharmony_ci 133e41f4b71Sopenharmony_ci### verifyAccessToken<sup>9+</sup> 134e41f4b71Sopenharmony_ci 135e41f4b71Sopenharmony_civerifyAccessToken(tokenID: number, permissionName: Permissions): Promise<GrantStatus> 136e41f4b71Sopenharmony_ci 137e41f4b71Sopenharmony_ci校验应用是否授予权限。使用Promise异步回调。 138e41f4b71Sopenharmony_ci 139e41f4b71Sopenharmony_ci> **说明:** 140e41f4b71Sopenharmony_ci> 141e41f4b71Sopenharmony_ci> 建议使用[checkAccessToken](#checkaccesstoken9)替代。 142e41f4b71Sopenharmony_ci 143e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 144e41f4b71Sopenharmony_ci 145e41f4b71Sopenharmony_ci**参数:** 146e41f4b71Sopenharmony_ci 147e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 148e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ------------------------------------------ | 149e41f4b71Sopenharmony_ci| tokenID | number | 是 | 要校验的目标应用的身份标识。可通过应用的[ApplicationInfo](js-apis-bundleManager-applicationInfo.md)的accessTokenId字段获得。| 150e41f4b71Sopenharmony_ci| permissionName | Permissions | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 151e41f4b71Sopenharmony_ci 152e41f4b71Sopenharmony_ci**返回值:** 153e41f4b71Sopenharmony_ci 154e41f4b71Sopenharmony_ci| 类型 | 说明 | 155e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 156e41f4b71Sopenharmony_ci| Promise<[GrantStatus](#grantstatus)> | Promise对象。返回授权状态结果。 | 157e41f4b71Sopenharmony_ci 158e41f4b71Sopenharmony_ci**示例:** 159e41f4b71Sopenharmony_ci 160e41f4b71Sopenharmony_ci```ts 161e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Permissions } from '@kit.AbilityKit'; 162e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 163e41f4b71Sopenharmony_ci 164e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 165e41f4b71Sopenharmony_cilet tokenID: number = 0; // 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取 166e41f4b71Sopenharmony_cilet permissionName: Permissions = 'ohos.permission.GRANT_SENSITIVE_PERMISSIONS'; 167e41f4b71Sopenharmony_ciatManager.verifyAccessToken(tokenID, permissionName).then((data: abilityAccessCtrl.GrantStatus) => { 168e41f4b71Sopenharmony_ci console.log(`promise: data->${JSON.stringify(data)}`); 169e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 170e41f4b71Sopenharmony_ci console.error(`verifyAccessToken fail, err->${JSON.stringify(err)}`); 171e41f4b71Sopenharmony_ci}); 172e41f4b71Sopenharmony_ci``` 173e41f4b71Sopenharmony_ci 174e41f4b71Sopenharmony_ci### requestPermissionsFromUser<sup>9+</sup> 175e41f4b71Sopenharmony_ci 176e41f4b71Sopenharmony_cirequestPermissionsFromUser(context: Context, permissionList: Array<Permissions>, requestCallback: AsyncCallback<PermissionRequestResult>): void 177e41f4b71Sopenharmony_ci 178e41f4b71Sopenharmony_ci用于<!--RP1-->UIAbility<!--RP1End-->拉起弹框请求用户授权。使用callback异步回调。 179e41f4b71Sopenharmony_ci 180e41f4b71Sopenharmony_ci如果用户拒绝授权,将无法再次拉起弹框,需要用户在系统应用“设置”的界面中,手动授予权限。或是调用[requestPermissionOnSetting](#requestpermissiononsetting12),拉起权限设置弹框,引导用户授权。 181e41f4b71Sopenharmony_ci 182e41f4b71Sopenharmony_ci> **说明:** 183e41f4b71Sopenharmony_ci> 184e41f4b71Sopenharmony_ci> 仅支持<!--RP1-->UIAbility<!--RP1End-->。 185e41f4b71Sopenharmony_ci 186e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 187e41f4b71Sopenharmony_ci 188e41f4b71Sopenharmony_ci**模型约束**:此接口仅可在Stage模型下使用。 189e41f4b71Sopenharmony_ci 190e41f4b71Sopenharmony_ci**系统能力**: SystemCapability.Security.AccessToken 191e41f4b71Sopenharmony_ci 192e41f4b71Sopenharmony_ci**参数:** 193e41f4b71Sopenharmony_ci 194e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 195e41f4b71Sopenharmony_ci| -------- | -------- | -------- | -------- | 196e41f4b71Sopenharmony_ci| context | [Context](js-apis-inner-application-context.md) | 是 | 请求权限的<!--RP1-->UIAbility<!--RP1End-->的Context。 | 197e41f4b71Sopenharmony_ci| permissionList | Array<Permissions> | 是 | 权限名列表,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 198e41f4b71Sopenharmony_ci| requestCallback | AsyncCallback<[PermissionRequestResult](js-apis-permissionrequestresult.md)> | 是 | 回调函数,返回接口调用是否成功的结果。 | 199e41f4b71Sopenharmony_ci 200e41f4b71Sopenharmony_ci**错误码:** 201e41f4b71Sopenharmony_ci 202e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 203e41f4b71Sopenharmony_ci 204e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 205e41f4b71Sopenharmony_ci| -------- | -------- | 206e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 207e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. The context is invalid when it does not belong to the application itself. | 208e41f4b71Sopenharmony_ci 209e41f4b71Sopenharmony_ci**示例:** 210e41f4b71Sopenharmony_ci示例中context的获取方式请参见[获取UIAbility的上下文信息](../../application-models/uiability-usage.md#获取uiability的上下文信息)。 211e41f4b71Sopenharmony_ci 212e41f4b71Sopenharmony_ci```ts 213e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Context, PermissionRequestResult, common } from '@kit.AbilityKit'; 214e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 215e41f4b71Sopenharmony_ci 216e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 217e41f4b71Sopenharmony_cilet context: Context = getContext(this) as common.UIAbilityContext; 218e41f4b71Sopenharmony_ciatManager.requestPermissionsFromUser(context, ['ohos.permission.CAMERA'], (err: BusinessError, data: PermissionRequestResult) => { 219e41f4b71Sopenharmony_ci if (err) { 220e41f4b71Sopenharmony_ci console.error(`requestPermissionsFromUser fail, err->${JSON.stringify(err)}`); 221e41f4b71Sopenharmony_ci } else { 222e41f4b71Sopenharmony_ci console.info('data:' + JSON.stringify(data)); 223e41f4b71Sopenharmony_ci console.info('data permissions:' + data.permissions); 224e41f4b71Sopenharmony_ci console.info('data authResults:' + data.authResults); 225e41f4b71Sopenharmony_ci console.info('data dialogShownResults:' + data.dialogShownResults); 226e41f4b71Sopenharmony_ci } 227e41f4b71Sopenharmony_ci}); 228e41f4b71Sopenharmony_ci``` 229e41f4b71Sopenharmony_ci 230e41f4b71Sopenharmony_ci### requestPermissionsFromUser<sup>9+</sup> 231e41f4b71Sopenharmony_ci 232e41f4b71Sopenharmony_cirequestPermissionsFromUser(context: Context, permissionList: Array<Permissions>): Promise<PermissionRequestResult> 233e41f4b71Sopenharmony_ci 234e41f4b71Sopenharmony_ci用于<!--RP1-->UIAbility<!--RP1End-->拉起弹框请求用户授权。使用promise异步回调。 235e41f4b71Sopenharmony_ci 236e41f4b71Sopenharmony_ci如果用户拒绝授权,将无法再次拉起弹框,需要用户在系统应用“设置”的界面中,手动授予权限。或是调用[requestPermissionOnSetting](#requestpermissiononsetting12),拉起权限设置弹框,引导用户授权。 237e41f4b71Sopenharmony_ci 238e41f4b71Sopenharmony_ci> **说明:** 239e41f4b71Sopenharmony_ci> 240e41f4b71Sopenharmony_ci> 仅支持<!--RP1-->UIAbility<!--RP1End-->。 241e41f4b71Sopenharmony_ci 242e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 243e41f4b71Sopenharmony_ci 244e41f4b71Sopenharmony_ci**模型约束**:此接口仅可在Stage模型下使用。 245e41f4b71Sopenharmony_ci 246e41f4b71Sopenharmony_ci**系统能力**: SystemCapability.Security.AccessToken 247e41f4b71Sopenharmony_ci 248e41f4b71Sopenharmony_ci**参数:** 249e41f4b71Sopenharmony_ci 250e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 251e41f4b71Sopenharmony_ci| -------- | -------- | -------- | -------- | 252e41f4b71Sopenharmony_ci| context | [Context](js-apis-inner-application-context.md) | 是 | 请求权限的<!--RP1-->UIAbility<!--RP1End-->的Context。 | 253e41f4b71Sopenharmony_ci| permissionList | Array<Permissions> | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 254e41f4b71Sopenharmony_ci 255e41f4b71Sopenharmony_ci**返回值:** 256e41f4b71Sopenharmony_ci 257e41f4b71Sopenharmony_ci| 类型 | 说明 | 258e41f4b71Sopenharmony_ci| -------- | -------- | 259e41f4b71Sopenharmony_ci| Promise<[PermissionRequestResult](js-apis-permissionrequestresult.md)> | 返回一个Promise,包含接口的结果。 | 260e41f4b71Sopenharmony_ci 261e41f4b71Sopenharmony_ci**错误码:** 262e41f4b71Sopenharmony_ci 263e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 264e41f4b71Sopenharmony_ci 265e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 266e41f4b71Sopenharmony_ci| -------- | -------- | 267e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 268e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. The context is invalid when it does not belong to the application itself. | 269e41f4b71Sopenharmony_ci 270e41f4b71Sopenharmony_ci**示例:** 271e41f4b71Sopenharmony_ci示例中context的获取方式请参见[获取UIAbility的上下文信息](../../application-models/uiability-usage.md#获取uiability的上下文信息)。 272e41f4b71Sopenharmony_ci 273e41f4b71Sopenharmony_ci```ts 274e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Context, PermissionRequestResult, common } from '@kit.AbilityKit'; 275e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 276e41f4b71Sopenharmony_ci 277e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 278e41f4b71Sopenharmony_cilet context: Context = getContext(this) as common.UIAbilityContext; 279e41f4b71Sopenharmony_ciatManager.requestPermissionsFromUser(context, ['ohos.permission.CAMERA']).then((data: PermissionRequestResult) => { 280e41f4b71Sopenharmony_ci console.info('data:' + JSON.stringify(data)); 281e41f4b71Sopenharmony_ci console.info('data permissions:' + data.permissions); 282e41f4b71Sopenharmony_ci console.info('data authResults:' + data.authResults); 283e41f4b71Sopenharmony_ci console.info('data dialogShownResults:' + data.dialogShownResults); 284e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 285e41f4b71Sopenharmony_ci console.error('data:' + JSON.stringify(err)); 286e41f4b71Sopenharmony_ci}); 287e41f4b71Sopenharmony_ci``` 288e41f4b71Sopenharmony_ci 289e41f4b71Sopenharmony_ci### verifyAccessToken<sup>(deprecated)</sup> 290e41f4b71Sopenharmony_ci 291e41f4b71Sopenharmony_civerifyAccessToken(tokenID: number, permissionName: string): Promise<GrantStatus> 292e41f4b71Sopenharmony_ci 293e41f4b71Sopenharmony_ci校验应用是否授予权限。使用Promise异步回调。 294e41f4b71Sopenharmony_ci 295e41f4b71Sopenharmony_ci> **说明:** 296e41f4b71Sopenharmony_ci> 297e41f4b71Sopenharmony_ci> 从API version 9开始不再维护,建议使用[checkAccessToken](#checkaccesstoken9)替代。 298e41f4b71Sopenharmony_ci 299e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 300e41f4b71Sopenharmony_ci 301e41f4b71Sopenharmony_ci**参数:** 302e41f4b71Sopenharmony_ci 303e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 304e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ------------------------------------------ | 305e41f4b71Sopenharmony_ci| tokenID | number | 是 | 要校验的目标应用的身份标识。可通过应用的[ApplicationInfo](js-apis-bundleManager-applicationInfo.md)的accessTokenId字段获得。| 306e41f4b71Sopenharmony_ci| permissionName | string | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 307e41f4b71Sopenharmony_ci 308e41f4b71Sopenharmony_ci**返回值:** 309e41f4b71Sopenharmony_ci 310e41f4b71Sopenharmony_ci| 类型 | 说明 | 311e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 312e41f4b71Sopenharmony_ci| Promise<[GrantStatus](#grantstatus)> | Promise对象。返回授权状态结果。 | 313e41f4b71Sopenharmony_ci 314e41f4b71Sopenharmony_ci**示例:** 315e41f4b71Sopenharmony_ci 316e41f4b71Sopenharmony_ci```ts 317e41f4b71Sopenharmony_ciimport { abilityAccessCtrl } from '@kit.AbilityKit'; 318e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 319e41f4b71Sopenharmony_ci 320e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 321e41f4b71Sopenharmony_cilet tokenID: number = 0; // 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取 322e41f4b71Sopenharmony_ciatManager.verifyAccessToken(tokenID, 'ohos.permission.GRANT_SENSITIVE_PERMISSIONS').then((data: abilityAccessCtrl.GrantStatus) => { 323e41f4b71Sopenharmony_ci console.log(`promise: data->${JSON.stringify(data)}`); 324e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 325e41f4b71Sopenharmony_ci console.error(`verifyAccessToken fail, err->${JSON.stringify(err)}`); 326e41f4b71Sopenharmony_ci}); 327e41f4b71Sopenharmony_ci``` 328e41f4b71Sopenharmony_ci 329e41f4b71Sopenharmony_ci### checkAccessTokenSync<sup>10+</sup> 330e41f4b71Sopenharmony_ci 331e41f4b71Sopenharmony_cicheckAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus 332e41f4b71Sopenharmony_ci 333e41f4b71Sopenharmony_ci校验应用是否被授予权限,同步返回结果。 334e41f4b71Sopenharmony_ci 335e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 336e41f4b71Sopenharmony_ci 337e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 338e41f4b71Sopenharmony_ci 339e41f4b71Sopenharmony_ci**参数:** 340e41f4b71Sopenharmony_ci 341e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 342e41f4b71Sopenharmony_ci| -------- | ------------------- | ---- | ------------------------------------------ | 343e41f4b71Sopenharmony_ci| tokenID | number | 是 | 要校验应用的身份标识。可通过应用的[ApplicationInfo](js-apis-bundleManager-applicationInfo.md)的accessTokenId字段获得。| 344e41f4b71Sopenharmony_ci| permissionName | Permissions | 是 | 需要校验的权限名称,合法的权限名取值可在[应用权限列表](../../security/AccessToken/permissions-for-all.md)中查询。 | 345e41f4b71Sopenharmony_ci 346e41f4b71Sopenharmony_ci**返回值:** 347e41f4b71Sopenharmony_ci 348e41f4b71Sopenharmony_ci| 类型 | 说明 | 349e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 350e41f4b71Sopenharmony_ci| [GrantStatus](#grantstatus) | 枚举实例,返回授权状态。 | 351e41f4b71Sopenharmony_ci 352e41f4b71Sopenharmony_ci**错误码:** 353e41f4b71Sopenharmony_ci 354e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 355e41f4b71Sopenharmony_ci 356e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 357e41f4b71Sopenharmony_ci| -------- | -------- | 358e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 359e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. The tokenID is 0, or the permissionName exceeds 256 characters. | 360e41f4b71Sopenharmony_ci 361e41f4b71Sopenharmony_ci**示例:** 362e41f4b71Sopenharmony_ci 363e41f4b71Sopenharmony_ci```ts 364e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Permissions } from '@kit.AbilityKit'; 365e41f4b71Sopenharmony_ci 366e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 367e41f4b71Sopenharmony_cilet tokenID: number = 0; // 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取 368e41f4b71Sopenharmony_cilet permissionName: Permissions = 'ohos.permission.GRANT_SENSITIVE_PERMISSIONS'; 369e41f4b71Sopenharmony_cilet data: abilityAccessCtrl.GrantStatus = atManager.checkAccessTokenSync(tokenID, permissionName); 370e41f4b71Sopenharmony_ciconsole.log(`data->${JSON.stringify(data)}`); 371e41f4b71Sopenharmony_ci``` 372e41f4b71Sopenharmony_ci 373e41f4b71Sopenharmony_ci### GrantStatus 374e41f4b71Sopenharmony_ci 375e41f4b71Sopenharmony_ci表示授权状态的枚举。 376e41f4b71Sopenharmony_ci 377e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 11开始,该接口支持在原子化服务中使用。 378e41f4b71Sopenharmony_ci 379e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 380e41f4b71Sopenharmony_ci 381e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 382e41f4b71Sopenharmony_ci| ------------------ | ----- | ----------- | 383e41f4b71Sopenharmony_ci| PERMISSION_DENIED | -1 | 表示未授权。 | 384e41f4b71Sopenharmony_ci| PERMISSION_GRANTED | 0 | 表示已授权。 | 385e41f4b71Sopenharmony_ci 386e41f4b71Sopenharmony_ci### requestPermissionOnSetting<sup>12+</sup> 387e41f4b71Sopenharmony_ci 388e41f4b71Sopenharmony_cirequestPermissionOnSetting(context: Context, permissionList: Array<Permissions>): Promise<Array<GrantStatus>> 389e41f4b71Sopenharmony_ci 390e41f4b71Sopenharmony_ci用于UIAbility/UIExtensionAbility二次拉起权限设置弹框。 391e41f4b71Sopenharmony_ci 392e41f4b71Sopenharmony_ci在调用此接口前,应用需要先调用[requestPermissionsFromUser](#requestpermissionsfromuser9),如果用户在首次弹窗授权时已授权,调用当前接口将无法拉起弹窗。 393e41f4b71Sopenharmony_ci 394e41f4b71Sopenharmony_ci> **说明:** 395e41f4b71Sopenharmony_ci> 396e41f4b71Sopenharmony_ci> 仅支持UIAbility/UIExtensionAbility。 397e41f4b71Sopenharmony_ci 398e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 399e41f4b71Sopenharmony_ci 400e41f4b71Sopenharmony_ci**模型约束**:此接口仅可在Stage模型下使用。 401e41f4b71Sopenharmony_ci 402e41f4b71Sopenharmony_ci**系统能力**: SystemCapability.Security.AccessToken 403e41f4b71Sopenharmony_ci 404e41f4b71Sopenharmony_ci**参数:** 405e41f4b71Sopenharmony_ci 406e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 407e41f4b71Sopenharmony_ci| -------- | -------- | -------- | -------- | 408e41f4b71Sopenharmony_ci| context | [Context](js-apis-inner-application-context.md) | 是 | 请求权限的UIAbility/UIExtensionAbility的Context。 | 409e41f4b71Sopenharmony_ci| permissionList | Array<Permissions> | 是 | 权限名列表,合法的权限名取值可在[应用权限组列表](../../security/AccessToken/app-permission-group-list.md)中查询。 | 410e41f4b71Sopenharmony_ci 411e41f4b71Sopenharmony_ci**返回值:** 412e41f4b71Sopenharmony_ci 413e41f4b71Sopenharmony_ci| 类型 | 说明 | 414e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 415e41f4b71Sopenharmony_ci| Promise<Array<[GrantStatus](#grantstatus)>> | Promise对象。返回授权状态结果。 | 416e41f4b71Sopenharmony_ci 417e41f4b71Sopenharmony_ci**错误码:** 418e41f4b71Sopenharmony_ci 419e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 420e41f4b71Sopenharmony_ci 421e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 422e41f4b71Sopenharmony_ci| -------- | -------- | 423e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1.Mandatory parameters are left unspecified; 2.Incorrect parameter types. | 424e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. Possible causes: 1. The context is invalid because it does not belong to the application itself; 2. The permission list contains the permission that is not declared in the module.json file; 3. The permission list is invalid because the permissions in it do not belong to the same permission group. | 425e41f4b71Sopenharmony_ci| 12100010 | The request already exists. | 426e41f4b71Sopenharmony_ci| 12100011 | All permissions in the permission list have been granted. | 427e41f4b71Sopenharmony_ci| 12100012 | The permission list contains the permission that has not been revoked by the user. | 428e41f4b71Sopenharmony_ci 429e41f4b71Sopenharmony_ci**示例:** 430e41f4b71Sopenharmony_ci示例中context的获取方式请参见[获取UIAbility的上下文信息](../../application-models/uiability-usage.md#获取uiability的上下文信息)。 431e41f4b71Sopenharmony_ci 432e41f4b71Sopenharmony_ci```ts 433e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Context, common } from '@kit.AbilityKit'; 434e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 435e41f4b71Sopenharmony_ci 436e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 437e41f4b71Sopenharmony_cilet context: Context = getContext(this) as common.UIAbilityContext; 438e41f4b71Sopenharmony_ciatManager.requestPermissionOnSetting(context, ['ohos.permission.CAMERA']).then((data: Array<abilityAccessCtrl.GrantStatus>) => { 439e41f4b71Sopenharmony_ci console.info('data:' + JSON.stringify(data)); 440e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 441e41f4b71Sopenharmony_ci console.error('data:' + JSON.stringify(err)); 442e41f4b71Sopenharmony_ci}); 443e41f4b71Sopenharmony_ci``` 444e41f4b71Sopenharmony_ci 445e41f4b71Sopenharmony_ci### requestGlobalSwitch<sup>12+</sup> 446e41f4b71Sopenharmony_ci 447e41f4b71Sopenharmony_cirequestGlobalSwitch(context: Context, type: SwitchType): Promise<boolean> 448e41f4b71Sopenharmony_ci 449e41f4b71Sopenharmony_ci用于UIAbility/UIExtensionAbility拉起全局开关设置弹框。 450e41f4b71Sopenharmony_ci 451e41f4b71Sopenharmony_ci部分情况下,录音、拍照等功能禁用,应用可拉起此弹框请求用户同意开启对应功能。如果当前全局开关的状态为开启,则不拉起弹框。 452e41f4b71Sopenharmony_ci 453e41f4b71Sopenharmony_ci> **说明:** 454e41f4b71Sopenharmony_ci> 455e41f4b71Sopenharmony_ci> 仅支持UIAbility/UIExtensionAbility。 456e41f4b71Sopenharmony_ci 457e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 458e41f4b71Sopenharmony_ci 459e41f4b71Sopenharmony_ci**模型约束**:此接口仅可在Stage模型下使用。 460e41f4b71Sopenharmony_ci 461e41f4b71Sopenharmony_ci**系统能力**: SystemCapability.Security.AccessToken 462e41f4b71Sopenharmony_ci 463e41f4b71Sopenharmony_ci**参数:** 464e41f4b71Sopenharmony_ci 465e41f4b71Sopenharmony_ci| 参数名 | 类型 | 必填 | 说明 | 466e41f4b71Sopenharmony_ci| -------- | -------- | -------- | -------- | 467e41f4b71Sopenharmony_ci| context | [Context](js-apis-inner-application-context.md) | 是 | 请求权限的UIAbility/UIExtensionAbility>的Context。 | 468e41f4b71Sopenharmony_ci| type | [SwitchType](#switchtype12) | 是 | 全局开关类型。 | 469e41f4b71Sopenharmony_ci 470e41f4b71Sopenharmony_ci**返回值:** 471e41f4b71Sopenharmony_ci 472e41f4b71Sopenharmony_ci| 类型 | 说明 | 473e41f4b71Sopenharmony_ci| :------------ | :---------------------------------- | 474e41f4b71Sopenharmony_ci| Promise<boolean> | Promise对象。返回全局开关状态。 | 475e41f4b71Sopenharmony_ci 476e41f4b71Sopenharmony_ci**错误码:** 477e41f4b71Sopenharmony_ci 478e41f4b71Sopenharmony_ci以下错误码的详细介绍请参见[访问控制错误码](errorcode-access-token.md)。 479e41f4b71Sopenharmony_ci 480e41f4b71Sopenharmony_ci| 错误码ID | 错误信息 | 481e41f4b71Sopenharmony_ci| -------- | -------- | 482e41f4b71Sopenharmony_ci| 401 | Parameter error. Possible causes: 1. Mandatory parameters are left unspecified; 2. Incorrect parameter types. | 483e41f4b71Sopenharmony_ci| 12100001 | Invalid parameter. Possible causes: 1. The context is invalid because it does not belong to the application itself; 2. The type of global switch is not support. | 484e41f4b71Sopenharmony_ci| 12100010 | The request already exists. | 485e41f4b71Sopenharmony_ci| 12100013 | The specific global switch is already open. | 486e41f4b71Sopenharmony_ci 487e41f4b71Sopenharmony_ci**示例:** 488e41f4b71Sopenharmony_ci示例中context的获取方式请参见[获取UIAbility的上下文信息](../../application-models/uiability-usage.md#获取uiability的上下文信息)。 489e41f4b71Sopenharmony_ci 490e41f4b71Sopenharmony_ci```ts 491e41f4b71Sopenharmony_ciimport { abilityAccessCtrl, Context, common } from '@kit.AbilityKit'; 492e41f4b71Sopenharmony_ciimport { BusinessError } from '@kit.BasicServicesKit'; 493e41f4b71Sopenharmony_ci 494e41f4b71Sopenharmony_cilet atManager: abilityAccessCtrl.AtManager = abilityAccessCtrl.createAtManager(); 495e41f4b71Sopenharmony_cilet context: Context = getContext(this) as common.UIAbilityContext; 496e41f4b71Sopenharmony_ciatManager.requestGlobalSwitch(context, abilityAccessCtrl.SwitchType.CAMERA).then((data: Boolean) => { 497e41f4b71Sopenharmony_ci console.info('data:' + JSON.stringify(data)); 498e41f4b71Sopenharmony_ci}).catch((err: BusinessError) => { 499e41f4b71Sopenharmony_ci console.error('data:' + JSON.stringify(err)); 500e41f4b71Sopenharmony_ci}); 501e41f4b71Sopenharmony_ci``` 502e41f4b71Sopenharmony_ci 503e41f4b71Sopenharmony_ci### SwitchType<sup>12+</sup> 504e41f4b71Sopenharmony_ci 505e41f4b71Sopenharmony_ci表示全局开关类型。 506e41f4b71Sopenharmony_ci 507e41f4b71Sopenharmony_ci**原子化服务API:** 从API version 12开始,该接口支持在原子化服务中使用。 508e41f4b71Sopenharmony_ci 509e41f4b71Sopenharmony_ci**系统能力:** SystemCapability.Security.AccessToken 510e41f4b71Sopenharmony_ci 511e41f4b71Sopenharmony_ci| 名称 | 值 | 说明 | 512e41f4b71Sopenharmony_ci| ------------------ | ----- | ----------- | 513e41f4b71Sopenharmony_ci| CAMERA | 0 | 表示相机全局开关。 | 514e41f4b71Sopenharmony_ci| MICROPHONE | 1 | 表示麦克风全局开关。 | 515e41f4b71Sopenharmony_ci| LOCATION | 2 | 表示位置全局开关。 |