1 /*
2  * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "utils/extension_permissions_util.h"
17 
18 #include "hilog_tag_wrapper.h"
19 #include "permission_verification.h"
20 
21 namespace OHOS {
22 namespace AAFwk {
23 
CheckSAPermission(const AppExecFwk::ExtensionAbilityType &extensionType)24 bool ExtensionPermissionsUtil::CheckSAPermission(const AppExecFwk::ExtensionAbilityType &extensionType)
25 {
26     auto checkRet = false;
27     if (!PermissionVerification::GetInstance()->IsSACall()) {
28         return true;
29     }
30     TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckSAPermission, extensionType: %{public}d.", extensionType);
31     if (extensionType == AppExecFwk::ExtensionAbilityType::FORM) {
32         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
33             "ohos.permission.CONNECT_FORM_EXTENSION");
34     } else if (extensionType == AppExecFwk::ExtensionAbilityType::WORK_SCHEDULER) {
35         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
36             "ohos.permission.CONNECT_WORK_SCHEDULER_EXTENSION");
37     } else if (extensionType == AppExecFwk::ExtensionAbilityType::INPUTMETHOD) {
38         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
39             "ohos.permission.CONNECT_INPUT_METHOD_EXTENSION");
40     } else if (extensionType == AppExecFwk::ExtensionAbilityType::ACCESSIBILITY) {
41         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
42             "ohos.permission.CONNECT_ACCESSIBILITY_EXTENSION");
43     } else if (extensionType == AppExecFwk::ExtensionAbilityType::STATICSUBSCRIBER) {
44         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
45             "ohos.permission.CONNECT_STATIC_SUBSCRIBER_EXTENSION");
46     } else if (extensionType == AppExecFwk::ExtensionAbilityType::WALLPAPER) {
47         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
48             "ohos.permission.CONNECT_WALLPAPER_EXTENSION");
49     } else if (extensionType == AppExecFwk::ExtensionAbilityType::BACKUP) {
50         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
51             "ohos.permission.CONNECT_BACKUP_EXTENSION");
52     } else if (extensionType == AppExecFwk::ExtensionAbilityType::ENTERPRISE_ADMIN) {
53         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
54             "ohos.permission.CONNECT_ENTERPRISE_ADMIN_EXTENSION");
55     } else if (extensionType == AppExecFwk::ExtensionAbilityType::PRINT) {
56         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
57             "ohos.permission.CONNECT_PRINT_EXTENSION");
58     } else if (extensionType == AppExecFwk::ExtensionAbilityType::VPN) {
59         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
60             "ohos.permission.CONNECT_VPN_EXTENSION");
61     } else {
62         checkRet = CheckSAPermissionMore(extensionType);
63     }
64     if (!checkRet) {
65         TAG_LOGE(AAFwkTag::ABILITYMGR, "SA connect permission verification failed.");
66         return false;
67     }
68 
69     return true;
70 }
71 
CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType &extensionType)72 bool ExtensionPermissionsUtil::CheckSAPermissionMore(const AppExecFwk::ExtensionAbilityType &extensionType)
73 {
74     auto checkRet = false;
75     if (extensionType == AppExecFwk::ExtensionAbilityType::FILEACCESS_EXTENSION) {
76         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
77             "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION");
78     } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_NOTIFICATION) {
79         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
80             "ohos.permission.CONNECT_REMOTE_NOTIFICATION_EXTENSION");
81     } else if (extensionType == AppExecFwk::ExtensionAbilityType::REMOTE_LOCATION) {
82         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
83             "ohos.permission.CONNECT_REMOTE_LOCATION_EXTENSION");
84     } else if (extensionType == AppExecFwk::ExtensionAbilityType::DRIVER) {
85         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
86             "ohos.permission.CONNECT_DRIVER_EXTENSION");
87     } else if (extensionType == AppExecFwk::ExtensionAbilityType::PUSH) {
88         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
89             "ohos.permission.CONNECT_PUSH_EXTENSION");
90     } else if (extensionType == AppExecFwk::ExtensionAbilityType::VOIP) {
91         checkRet = PermissionVerification::GetInstance()->VerifyCallingPermission(
92             "ohos.permission.CONNECT_VOIP_EXTENSION");
93     } else {
94         TAG_LOGI(AAFwkTag::ABILITYMGR, "No need connect permission for extension type %{public}d.", extensionType);
95         return true;
96     }
97 
98     return checkRet;
99 }
100 
101 } // namespace AAFwk
102 } // namespace OHOS
103