1eace7efcSopenharmony_ci/* 2eace7efcSopenharmony_ci * Copyright (c) 2024 Huawei Device Co., Ltd. 3eace7efcSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4eace7efcSopenharmony_ci * you may not use this file except in compliance with the License. 5eace7efcSopenharmony_ci * You may obtain a copy of the License at 6eace7efcSopenharmony_ci * 7eace7efcSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8eace7efcSopenharmony_ci * 9eace7efcSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10eace7efcSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11eace7efcSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12eace7efcSopenharmony_ci * See the License for the specific language governing permissions and 13eace7efcSopenharmony_ci * limitations under the License. 14eace7efcSopenharmony_ci */ 15eace7efcSopenharmony_ci 16eace7efcSopenharmony_ci#include "uri_utils.h" 17eace7efcSopenharmony_ci 18eace7efcSopenharmony_ci#include "ability_util.h" 19eace7efcSopenharmony_ci#include "ability_config.h" 20eace7efcSopenharmony_ci#include "ability_manager_errors.h" 21eace7efcSopenharmony_ci#include "accesstoken_kit.h" 22eace7efcSopenharmony_ci#include "extension_ability_info.h" 23eace7efcSopenharmony_ci#include "hilog_tag_wrapper.h" 24eace7efcSopenharmony_ci#include "in_process_call_wrapper.h" 25eace7efcSopenharmony_ci#include "ipc_skeleton.h" 26eace7efcSopenharmony_ci#include "tokenid_kit.h" 27eace7efcSopenharmony_ci#include "ui_extension_utils.h" 28eace7efcSopenharmony_ci#include "uri_permission_manager_client.h" 29eace7efcSopenharmony_ci 30eace7efcSopenharmony_cinamespace OHOS { 31eace7efcSopenharmony_cinamespace AAFwk { 32eace7efcSopenharmony_cinamespace { 33eace7efcSopenharmony_ciconst std::string PARAMS_URI = "ability.verify.uri"; 34eace7efcSopenharmony_ciconst std::string DISTRIBUTED_FILES_PATH = "/data/storage/el2/distributedfiles/"; 35eace7efcSopenharmony_ciconst int32_t MAX_URI_COUNT = 500; 36eace7efcSopenharmony_ciconstexpr int32_t API13 = 13; 37eace7efcSopenharmony_ciconstexpr int32_t API_VERSION_MOD = 100; 38eace7efcSopenharmony_ciconstexpr uint32_t TOKEN_ID_BIT_SIZE = 32; 39eace7efcSopenharmony_ci} 40eace7efcSopenharmony_ci 41eace7efcSopenharmony_ciUriUtils::UriUtils() {} 42eace7efcSopenharmony_ci 43eace7efcSopenharmony_ciUriUtils::~UriUtils() {} 44eace7efcSopenharmony_ci 45eace7efcSopenharmony_ciUriUtils &UriUtils::GetInstance() 46eace7efcSopenharmony_ci{ 47eace7efcSopenharmony_ci static UriUtils utils; 48eace7efcSopenharmony_ci return utils; 49eace7efcSopenharmony_ci} 50eace7efcSopenharmony_ci 51eace7efcSopenharmony_cistd::vector<std::string> UriUtils::GetUriListFromWantDms(const Want &want) 52eace7efcSopenharmony_ci{ 53eace7efcSopenharmony_ci std::vector<std::string> uriVec = want.GetStringArrayParam(PARAMS_URI); 54eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "uriVec size: %{public}zu", uriVec.size()); 55eace7efcSopenharmony_ci if (uriVec.size() > MAX_URI_COUNT) { 56eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "uri list size is more than %{public}u", MAX_URI_COUNT); 57eace7efcSopenharmony_ci return {}; 58eace7efcSopenharmony_ci } 59eace7efcSopenharmony_ci std::vector<std::string> validUriVec; 60eace7efcSopenharmony_ci for (auto &&str : uriVec) { 61eace7efcSopenharmony_ci Uri uri(str); 62eace7efcSopenharmony_ci auto &&scheme = uri.GetScheme(); 63eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "uri scheme: %{public}s", scheme.c_str()); 64eace7efcSopenharmony_ci // only support file scheme 65eace7efcSopenharmony_ci if (scheme != "file") { 66eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "only support file uri"); 67eace7efcSopenharmony_ci continue; 68eace7efcSopenharmony_ci } 69eace7efcSopenharmony_ci std::string srcPath = uri.GetPath(); 70eace7efcSopenharmony_ci if (std::filesystem::exists(srcPath) && std::filesystem::is_symlink(srcPath)) { 71eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "soft links not allowed"); 72eace7efcSopenharmony_ci continue; 73eace7efcSopenharmony_ci } 74eace7efcSopenharmony_ci std::string absolutePath; 75eace7efcSopenharmony_ci if (uri.IsRelative()) { 76eace7efcSopenharmony_ci char path[PATH_MAX] = {0}; 77eace7efcSopenharmony_ci if (realpath(srcPath.c_str(), path) == nullptr) { 78eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "fail, errno :%{public}d", errno); 79eace7efcSopenharmony_ci continue; 80eace7efcSopenharmony_ci } 81eace7efcSopenharmony_ci absolutePath = path; 82eace7efcSopenharmony_ci } else { 83eace7efcSopenharmony_ci absolutePath = srcPath; 84eace7efcSopenharmony_ci } 85eace7efcSopenharmony_ci if (absolutePath.compare(0, DISTRIBUTED_FILES_PATH.size(), DISTRIBUTED_FILES_PATH) != 0) { 86eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "uri not distributed path"); 87eace7efcSopenharmony_ci continue; 88eace7efcSopenharmony_ci } 89eace7efcSopenharmony_ci validUriVec.emplace_back(str); 90eace7efcSopenharmony_ci } 91eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "size of vaid uri is %{public}zu", validUriVec.size()); 92eace7efcSopenharmony_ci return validUriVec; 93eace7efcSopenharmony_ci} 94eace7efcSopenharmony_ci 95eace7efcSopenharmony_civoid UriUtils::FilterUriWithPermissionDms(Want &want, uint32_t tokenId) 96eace7efcSopenharmony_ci{ 97eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "called"); 98eace7efcSopenharmony_ci if ((want.GetFlags() & (Want::FLAG_AUTH_READ_URI_PERMISSION | Want::FLAG_AUTH_WRITE_URI_PERMISSION)) == 0) { 99eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "flag invalid"); 100eace7efcSopenharmony_ci return; 101eace7efcSopenharmony_ci } 102eace7efcSopenharmony_ci auto uriVec = GetUriListFromWantDms(want); 103eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "uri valid uris size: %{public}zu", uriVec.size()); 104eace7efcSopenharmony_ci if (uriVec.empty()) { 105eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "uriVec empty"); 106eace7efcSopenharmony_ci want.SetParam(PARAMS_URI, uriVec); 107eace7efcSopenharmony_ci return; 108eace7efcSopenharmony_ci } 109eace7efcSopenharmony_ci auto checkResult = IN_PROCESS_CALL(UriPermissionManagerClient::GetInstance().CheckUriAuthorization( 110eace7efcSopenharmony_ci uriVec, want.GetFlags(), tokenId)); 111eace7efcSopenharmony_ci std::vector<std::string> validUriVec; 112eace7efcSopenharmony_ci for (size_t i = 0; i < checkResult.size(); i++) { 113eace7efcSopenharmony_ci if (checkResult[i]) { 114eace7efcSopenharmony_ci validUriVec.emplace_back(uriVec[i]); 115eace7efcSopenharmony_ci } 116eace7efcSopenharmony_ci } 117eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "authorized uri size :%{public}zu", validUriVec.size()); 118eace7efcSopenharmony_ci want.SetParam(PARAMS_URI, validUriVec); 119eace7efcSopenharmony_ci} 120eace7efcSopenharmony_ci 121eace7efcSopenharmony_ciint32_t UriUtils::CheckNonImplicitShareFileUri(const Want &want, int32_t userId, uint32_t specifyTokenId) 122eace7efcSopenharmony_ci{ 123eace7efcSopenharmony_ci auto element = want.GetElement(); 124eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckNonImplicitShareFileUri, %{public}s-%{public}s", 125eace7efcSopenharmony_ci element.GetBundleName().c_str(), element.GetAbilityName().c_str()); 126eace7efcSopenharmony_ci if (element.GetBundleName().empty() || element.GetAbilityName().empty()) { 127eace7efcSopenharmony_ci return ERR_OK; 128eace7efcSopenharmony_ci } 129eace7efcSopenharmony_ci if (!IsGrantUriPermissionFlag(want)) { 130eace7efcSopenharmony_ci return ERR_OK; 131eace7efcSopenharmony_ci } 132eace7efcSopenharmony_ci bool isFileUri = (!want.GetUriString().empty() && want.GetUri().GetScheme() == "file"); 133eace7efcSopenharmony_ci if (!isFileUri && want.GetStringArrayParam(AbilityConfig::PARAMS_STREAM).empty()) { 134eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "not file uri"); 135eace7efcSopenharmony_ci return ERR_OK; 136eace7efcSopenharmony_ci } 137eace7efcSopenharmony_ci // SA and system app support 138eace7efcSopenharmony_ci auto callerTokenId = specifyTokenId > 0 ? specifyTokenId : IPCSkeleton::GetCallingTokenID(); 139eace7efcSopenharmony_ci return CheckNonImplicitShareFileUriInner(callerTokenId, element.GetBundleName(), userId); 140eace7efcSopenharmony_ci} 141eace7efcSopenharmony_ci 142eace7efcSopenharmony_ciint32_t UriUtils::CheckNonImplicitShareFileUriInner(uint32_t callerTokenId, const std::string &targetBundleName, 143eace7efcSopenharmony_ci int32_t userId) 144eace7efcSopenharmony_ci{ 145eace7efcSopenharmony_ci auto tokenType = Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerTokenId); 146eace7efcSopenharmony_ci if (tokenType == Security::AccessToken::ATokenTypeEnum::TOKEN_NATIVE) { 147eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "SA call"); 148eace7efcSopenharmony_ci return ERR_OK; 149eace7efcSopenharmony_ci } 150eace7efcSopenharmony_ci if (tokenType == Security::AccessToken::ATokenTypeEnum::TOKEN_HAP) { 151eace7efcSopenharmony_ci Security::AccessToken::HapTokenInfo hapInfo; 152eace7efcSopenharmony_ci auto ret = Security::AccessToken::AccessTokenKit::GetHapTokenInfo(callerTokenId, hapInfo); 153eace7efcSopenharmony_ci if (ret != Security::AccessToken::AccessTokenKitRet::RET_SUCCESS) { 154eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::URIPERMMGR, "GetHapTokenInfo failed, ret:%{public}d", ret); 155eace7efcSopenharmony_ci return INNER_ERR; 156eace7efcSopenharmony_ci } 157eace7efcSopenharmony_ci // check api version 158eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "CallerBundleName:%{public}s, API:%{public}d", 159eace7efcSopenharmony_ci hapInfo.bundleName.c_str(), hapInfo.apiVersion); 160eace7efcSopenharmony_ci if ((hapInfo.apiVersion % API_VERSION_MOD) < API13) { 161eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "api version lower than 13"); 162eace7efcSopenharmony_ci return ERR_OK; 163eace7efcSopenharmony_ci } 164eace7efcSopenharmony_ci // check system app 165eace7efcSopenharmony_ci uint64_t fullCallerTokenId = (static_cast<uint64_t>(hapInfo.tokenAttr) << TOKEN_ID_BIT_SIZE) + callerTokenId; 166eace7efcSopenharmony_ci if (Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(fullCallerTokenId)) { 167eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "system app call"); 168eace7efcSopenharmony_ci return ERR_OK; 169eace7efcSopenharmony_ci } 170eace7efcSopenharmony_ci } 171eace7efcSopenharmony_ci // target is system app 172eace7efcSopenharmony_ci if (IsSystemApplication(targetBundleName, userId)) { 173eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "target is system app"); 174eace7efcSopenharmony_ci return ERR_OK; 175eace7efcSopenharmony_ci } 176eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "Not allowed to share file uri non-implicitly"); 177eace7efcSopenharmony_ci return CHECK_PERMISSION_FAILED; 178eace7efcSopenharmony_ci} 179eace7efcSopenharmony_ci 180eace7efcSopenharmony_cibool UriUtils::IsSystemApplication(const std::string &bundleName, int32_t userId) 181eace7efcSopenharmony_ci{ 182eace7efcSopenharmony_ci auto bundleMgrHelper = AbilityUtil::GetBundleManagerHelper(); 183eace7efcSopenharmony_ci if (!bundleMgrHelper) { 184eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "GetBundleManagerHelper failed"); 185eace7efcSopenharmony_ci return false; 186eace7efcSopenharmony_ci } 187eace7efcSopenharmony_ci AppExecFwk::ApplicationInfo appInfo; 188eace7efcSopenharmony_ci if (!IN_PROCESS_CALL(bundleMgrHelper->GetApplicationInfo(bundleName, 189eace7efcSopenharmony_ci AppExecFwk::BundleFlag::GET_BUNDLE_DEFAULT, userId, appInfo))) { 190eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "GetApplicationInfo failed"); 191eace7efcSopenharmony_ci return false; 192eace7efcSopenharmony_ci } 193eace7efcSopenharmony_ci return appInfo.isSystemApp; 194eace7efcSopenharmony_ci} 195eace7efcSopenharmony_ci 196eace7efcSopenharmony_cistd::vector<Uri> UriUtils::GetPermissionedUriList(const std::vector<std::string> &uriVec, 197eace7efcSopenharmony_ci const std::vector<bool> &checkResults, Want &want) 198eace7efcSopenharmony_ci{ 199eace7efcSopenharmony_ci std::vector<Uri> permissionedUris; 200eace7efcSopenharmony_ci if (uriVec.size() != checkResults.size()) { 201eace7efcSopenharmony_ci TAG_LOGE(AAFwkTag::ABILITYMGR, "Invalid param: %{public}zu : %{public}zu", 202eace7efcSopenharmony_ci uriVec.size(), checkResults.size()); 203eace7efcSopenharmony_ci return permissionedUris; 204eace7efcSopenharmony_ci } 205eace7efcSopenharmony_ci // process uri 206eace7efcSopenharmony_ci size_t startIndex = 0; 207eace7efcSopenharmony_ci if (!want.GetUriString().empty()) { 208eace7efcSopenharmony_ci if (checkResults[startIndex]) { 209eace7efcSopenharmony_ci permissionedUris.emplace_back(want.GetUri()); 210eace7efcSopenharmony_ci } else if (want.GetUri().GetScheme() == "file") { 211eace7efcSopenharmony_ci // erase uri param 212eace7efcSopenharmony_ci want.SetUri(""); 213eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "erase uri param."); 214eace7efcSopenharmony_ci } 215eace7efcSopenharmony_ci startIndex = 1; 216eace7efcSopenharmony_ci } 217eace7efcSopenharmony_ci // process param stream 218eace7efcSopenharmony_ci std::vector<std::string> paramStreamUris; 219eace7efcSopenharmony_ci for (size_t index = startIndex; index < checkResults.size(); index++) { 220eace7efcSopenharmony_ci auto uri = Uri(uriVec[index]); 221eace7efcSopenharmony_ci if (checkResults[index]) { 222eace7efcSopenharmony_ci permissionedUris.emplace_back(uri); 223eace7efcSopenharmony_ci paramStreamUris.emplace_back(uriVec[index]); 224eace7efcSopenharmony_ci } else if (uri.GetScheme() != "file") { 225eace7efcSopenharmony_ci paramStreamUris.emplace_back(uriVec[index]); 226eace7efcSopenharmony_ci } 227eace7efcSopenharmony_ci } 228eace7efcSopenharmony_ci if (paramStreamUris.size() != (checkResults.size() - startIndex)) { 229eace7efcSopenharmony_ci // erase old param stream and set new param stream 230eace7efcSopenharmony_ci want.RemoveParam(AbilityConfig::PARAMS_STREAM); 231eace7efcSopenharmony_ci want.SetParam(AbilityConfig::PARAMS_STREAM, paramStreamUris); 232eace7efcSopenharmony_ci TAG_LOGI(AAFwkTag::ABILITYMGR, "startIndex: %{public}zu, uriVec: %{public}zu, paramStreamUris: %{public}zu", 233eace7efcSopenharmony_ci startIndex, uriVec.size(), paramStreamUris.size()); 234eace7efcSopenharmony_ci } 235eace7efcSopenharmony_ci return permissionedUris; 236eace7efcSopenharmony_ci} 237eace7efcSopenharmony_ci 238eace7efcSopenharmony_cibool UriUtils::GetUriListFromWant(Want &want, std::vector<std::string> &uriVec) 239eace7efcSopenharmony_ci{ 240eace7efcSopenharmony_ci auto uriStr = want.GetUri().ToString(); 241eace7efcSopenharmony_ci uriVec = want.GetStringArrayParam(AbilityConfig::PARAMS_STREAM); 242eace7efcSopenharmony_ci if (uriVec.empty() && uriStr.empty()) { 243eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "uriVec empty."); 244eace7efcSopenharmony_ci return false; 245eace7efcSopenharmony_ci } 246eace7efcSopenharmony_ci // process param stream 247eace7efcSopenharmony_ci auto paramStreamUriCount = uriVec.size(); 248eace7efcSopenharmony_ci if (uriStr.empty() && paramStreamUriCount > MAX_URI_COUNT) { 249eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "uri empty, paream stream counts: %{public}zu", paramStreamUriCount); 250eace7efcSopenharmony_ci uriVec.resize(MAX_URI_COUNT); 251eace7efcSopenharmony_ci want.RemoveParam(AbilityConfig::PARAMS_STREAM); 252eace7efcSopenharmony_ci want.SetParam(AbilityConfig::PARAMS_STREAM, uriVec); 253eace7efcSopenharmony_ci } 254eace7efcSopenharmony_ci if (!uriStr.empty() && paramStreamUriCount > MAX_URI_COUNT - 1) { 255eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "paream stream counts: %{public}zu", paramStreamUriCount); 256eace7efcSopenharmony_ci uriVec.resize(MAX_URI_COUNT - 1); 257eace7efcSopenharmony_ci want.RemoveParam(AbilityConfig::PARAMS_STREAM); 258eace7efcSopenharmony_ci want.SetParam(AbilityConfig::PARAMS_STREAM, uriVec); 259eace7efcSopenharmony_ci } 260eace7efcSopenharmony_ci // process uri 261eace7efcSopenharmony_ci if (!uriStr.empty()) { 262eace7efcSopenharmony_ci uriVec.insert(uriVec.begin(), uriStr); 263eace7efcSopenharmony_ci } 264eace7efcSopenharmony_ci return true; 265eace7efcSopenharmony_ci} 266eace7efcSopenharmony_ci 267eace7efcSopenharmony_cibool UriUtils::IsGrantUriPermissionFlag(const Want &want) 268eace7efcSopenharmony_ci{ 269eace7efcSopenharmony_ci return ((want.GetFlags() & (Want::FLAG_AUTH_READ_URI_PERMISSION | Want::FLAG_AUTH_WRITE_URI_PERMISSION)) != 0); 270eace7efcSopenharmony_ci} 271eace7efcSopenharmony_ci 272eace7efcSopenharmony_civoid UriUtils::CheckUriPermissionForServiceExtension(Want &want, AppExecFwk::ExtensionAbilityType extensionAbilityType) 273eace7efcSopenharmony_ci{ 274eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckUriPermissionForServiceExtension called."); 275eace7efcSopenharmony_ci if (extensionAbilityType != AppExecFwk::ExtensionAbilityType::SERVICE && 276eace7efcSopenharmony_ci extensionAbilityType != AppExecFwk::ExtensionAbilityType::UI_SERVICE) { 277eace7efcSopenharmony_ci return; 278eace7efcSopenharmony_ci } 279eace7efcSopenharmony_ci CheckUriPermissionForExtension(want, 0); 280eace7efcSopenharmony_ci return; 281eace7efcSopenharmony_ci} 282eace7efcSopenharmony_ci 283eace7efcSopenharmony_civoid UriUtils::CheckUriPermissionForUIExtension(Want &want, AppExecFwk::ExtensionAbilityType extensionAbilityType, 284eace7efcSopenharmony_ci uint32_t tokenId) 285eace7efcSopenharmony_ci{ 286eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "CheckUriPermissionForUIExtension called."); 287eace7efcSopenharmony_ci if (!UIExtensionUtils::IsUIExtension(extensionAbilityType)) { 288eace7efcSopenharmony_ci return; 289eace7efcSopenharmony_ci } 290eace7efcSopenharmony_ci CheckUriPermissionForExtension(want, tokenId); 291eace7efcSopenharmony_ci return; 292eace7efcSopenharmony_ci} 293eace7efcSopenharmony_ci 294eace7efcSopenharmony_civoid UriUtils::CheckUriPermissionForExtension(Want &want, uint32_t tokenId) 295eace7efcSopenharmony_ci{ 296eace7efcSopenharmony_ci uint32_t flag = want.GetFlags(); 297eace7efcSopenharmony_ci if (!IsGrantUriPermissionFlag(want)) { 298eace7efcSopenharmony_ci TAG_LOGD(AAFwkTag::ABILITYMGR, "No grant uri flag: %{public}u.", flag); 299eace7efcSopenharmony_ci return; 300eace7efcSopenharmony_ci } 301eace7efcSopenharmony_ci std::vector<std::string> uriVec; 302eace7efcSopenharmony_ci if (!UriUtils::GetUriListFromWant(want, uriVec)) { 303eace7efcSopenharmony_ci TAG_LOGW(AAFwkTag::ABILITYMGR, "No file uri neet grant."); 304eace7efcSopenharmony_ci return; 305eace7efcSopenharmony_ci } 306eace7efcSopenharmony_ci auto callerTokenId = tokenId > 0 ? tokenId : want.GetIntParam(Want::PARAM_RESV_CALLER_TOKEN, 0); 307eace7efcSopenharmony_ci // check uri permission 308eace7efcSopenharmony_ci auto checkResults = IN_PROCESS_CALL(UriPermissionManagerClient::GetInstance().CheckUriAuthorization( 309eace7efcSopenharmony_ci uriVec, flag, callerTokenId)); 310eace7efcSopenharmony_ci // remove unpermissioned uri from want 311eace7efcSopenharmony_ci UriUtils::GetInstance().GetPermissionedUriList(uriVec, checkResults, want); 312eace7efcSopenharmony_ci return; 313eace7efcSopenharmony_ci} 314eace7efcSopenharmony_ci 315eace7efcSopenharmony_cibool UriUtils::IsPermissionPreCheckedType(AppExecFwk::ExtensionAbilityType extensionAbilityType) 316eace7efcSopenharmony_ci{ 317eace7efcSopenharmony_ci return extensionAbilityType == AppExecFwk::ExtensionAbilityType::SERVICE || 318eace7efcSopenharmony_ci extensionAbilityType == AppExecFwk::ExtensionAbilityType::UI_SERVICE || 319eace7efcSopenharmony_ci UIExtensionUtils::IsUIExtension(extensionAbilityType); 320eace7efcSopenharmony_ci} 321eace7efcSopenharmony_ci} // AAFwk 322eace7efcSopenharmony_ci} // OHOS 323