1eace7efcSopenharmony_ci/* 2eace7efcSopenharmony_ci * Copyright (c) 2022 Huawei Device Co., Ltd. 3eace7efcSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4eace7efcSopenharmony_ci * you may not use this file except in compliance with the License. 5eace7efcSopenharmony_ci * You may obtain a copy of the License at 6eace7efcSopenharmony_ci * 7eace7efcSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8eace7efcSopenharmony_ci * 9eace7efcSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10eace7efcSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11eace7efcSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12eace7efcSopenharmony_ci * See the License for the specific language governing permissions and 13eace7efcSopenharmony_ci * limitations under the License. 14eace7efcSopenharmony_ci */ 15eace7efcSopenharmony_ci 16eace7efcSopenharmony_ci#ifndef OHOS_ABILITY_RUNTIME_PERMISSION_VERIFICATION_H 17eace7efcSopenharmony_ci#define OHOS_ABILITY_RUNTIME_PERMISSION_VERIFICATION_H 18eace7efcSopenharmony_ci 19eace7efcSopenharmony_ci#include "ipc_skeleton.h" 20eace7efcSopenharmony_ci#include "singleton.h" 21eace7efcSopenharmony_ci#include "want.h" 22eace7efcSopenharmony_ci 23eace7efcSopenharmony_cinamespace OHOS { 24eace7efcSopenharmony_cinamespace AAFwk { 25eace7efcSopenharmony_ciclass PermissionVerification : public DelayedSingleton<PermissionVerification> { 26eace7efcSopenharmony_cipublic: 27eace7efcSopenharmony_cistruct VerificationInfo { 28eace7efcSopenharmony_ci bool visible = false; 29eace7efcSopenharmony_ci bool isBackgroundCall = true; 30eace7efcSopenharmony_ci bool associatedWakeUp = false; 31eace7efcSopenharmony_ci uint32_t accessTokenId = 0; 32eace7efcSopenharmony_ci int32_t apiTargetVersion = 0; 33eace7efcSopenharmony_ci bool withContinuousTask = false; 34eace7efcSopenharmony_ci uint32_t specifyTokenId = 0; 35eace7efcSopenharmony_ci}; 36eace7efcSopenharmony_ci 37eace7efcSopenharmony_ci PermissionVerification() = default; 38eace7efcSopenharmony_ci ~PermissionVerification() = default; 39eace7efcSopenharmony_ci 40eace7efcSopenharmony_ci bool VerifyPermissionByTokenId(const int &tokenId, const std::string &permissionName) const; 41eace7efcSopenharmony_ci 42eace7efcSopenharmony_ci bool VerifyCallingPermission(const std::string &permissionName, const uint32_t specifyTokenId = 0) const; 43eace7efcSopenharmony_ci 44eace7efcSopenharmony_ci bool IsSACall() const; 45eace7efcSopenharmony_ci 46eace7efcSopenharmony_ci bool IsSACallByTokenId(uint32_t callerTokenId) const; 47eace7efcSopenharmony_ci 48eace7efcSopenharmony_ci bool IsShellCall() const; 49eace7efcSopenharmony_ci 50eace7efcSopenharmony_ci bool IsShellCallByTokenId(uint32_t callerTokenId) const; 51eace7efcSopenharmony_ci 52eace7efcSopenharmony_ci bool CheckSpecificSystemAbilityAccessPermission(const std::string &processName) const; 53eace7efcSopenharmony_ci 54eace7efcSopenharmony_ci bool CheckObserverCallerPermission() const; 55eace7efcSopenharmony_ci 56eace7efcSopenharmony_ci bool VerifyRunningInfoPerm() const; 57eace7efcSopenharmony_ci 58eace7efcSopenharmony_ci bool VerifyControllerPerm() const; 59eace7efcSopenharmony_ci 60eace7efcSopenharmony_ci bool VerifyDlpPermission(Want &want) const; 61eace7efcSopenharmony_ci 62eace7efcSopenharmony_ci int VerifyAccountPermission() const; 63eace7efcSopenharmony_ci 64eace7efcSopenharmony_ci bool VerifyMissionPermission() const; 65eace7efcSopenharmony_ci 66eace7efcSopenharmony_ci int VerifyAppStateObserverPermission() const; 67eace7efcSopenharmony_ci 68eace7efcSopenharmony_ci int32_t VerifyUpdateConfigurationPerm() const; 69eace7efcSopenharmony_ci 70eace7efcSopenharmony_ci int32_t VerifyUpdateAPPConfigurationPerm() const; 71eace7efcSopenharmony_ci 72eace7efcSopenharmony_ci bool VerifyInstallBundlePermission() const; 73eace7efcSopenharmony_ci 74eace7efcSopenharmony_ci bool VerifyGetBundleInfoPrivilegedPermission() const; 75eace7efcSopenharmony_ci 76eace7efcSopenharmony_ci bool VerifyStartRecentAbilityPermission() const; 77eace7efcSopenharmony_ci 78eace7efcSopenharmony_ci int CheckCallDataAbilityPermission(const VerificationInfo &verificationInfo, bool isShell) const; 79eace7efcSopenharmony_ci 80eace7efcSopenharmony_ci int CheckCallServiceAbilityPermission(const VerificationInfo &verificationInfo) const; 81eace7efcSopenharmony_ci 82eace7efcSopenharmony_ci int CheckCallAbilityPermission(const VerificationInfo &verificationInfo, bool isCallByShortcut = false) const; 83eace7efcSopenharmony_ci 84eace7efcSopenharmony_ci /** 85eace7efcSopenharmony_ci * Check if Caller is allowed to start ServiceExtension(Stage) or DataShareExtension(Stage) 86eace7efcSopenharmony_ci * 87eace7efcSopenharmony_ci * @param verificationInfo, verificationInfo. 88eace7efcSopenharmony_ci * @return Returns ERR_OK on check success, others on check failure. 89eace7efcSopenharmony_ci */ 90eace7efcSopenharmony_ci int CheckCallServiceExtensionPermission(const VerificationInfo &verificationInfo) const; 91eace7efcSopenharmony_ci 92eace7efcSopenharmony_ci int CheckStartByCallPermission(const VerificationInfo &verificationInfo) const; 93eace7efcSopenharmony_ci 94eace7efcSopenharmony_ci bool JudgeCallerIsAllowedToUseSystemAPI() const; 95eace7efcSopenharmony_ci 96eace7efcSopenharmony_ci bool IsSystemAppCall() const; 97eace7efcSopenharmony_ci 98eace7efcSopenharmony_ci bool IsSystemAppCallByTokenId(uint32_t callerTokenId) const; 99eace7efcSopenharmony_ci 100eace7efcSopenharmony_ci bool VerifyPrepareTerminatePermission() const; 101eace7efcSopenharmony_ci 102eace7efcSopenharmony_ci bool VerifyPrepareTerminatePermission(const int &tokenId) const; 103eace7efcSopenharmony_ci 104eace7efcSopenharmony_ci bool VerifyShellStartExtensionType(int32_t type) const; 105eace7efcSopenharmony_ci 106eace7efcSopenharmony_ci bool VerifyPreloadApplicationPermission() const; 107eace7efcSopenharmony_ci 108eace7efcSopenharmony_ci bool VerifyPreStartAtomicServicePermission() const; 109eace7efcSopenharmony_ci 110eace7efcSopenharmony_ci bool VerifyKillProcessDependedOnWebPermission() const; 111eace7efcSopenharmony_ci 112eace7efcSopenharmony_ci bool VerifyBackgroundCallPermission(const bool isBackgroundCall) const; 113eace7efcSopenharmony_ci 114eace7efcSopenharmony_ci bool VerifyBlockAllAppStartPermission() const; 115eace7efcSopenharmony_ci 116eace7efcSopenharmony_ci bool VerifyStartUIAbilityToHiddenPermission() const; 117eace7efcSopenharmony_ci 118eace7efcSopenharmony_ci bool VerifySuperviseKiaServicePermission() const; 119eace7efcSopenharmony_ci 120eace7efcSopenharmony_ciprivate: 121eace7efcSopenharmony_ci DISALLOW_COPY_AND_MOVE(PermissionVerification); 122eace7efcSopenharmony_ci 123eace7efcSopenharmony_ci constexpr static int32_t API8 = 8; 124eace7efcSopenharmony_ci 125eace7efcSopenharmony_ci unsigned int GetCallingTokenID() const; 126eace7efcSopenharmony_ci 127eace7efcSopenharmony_ci bool JudgeStartInvisibleAbility(const uint32_t accessTokenId, const bool visible, 128eace7efcSopenharmony_ci const uint32_t specifyTokenId = 0) const; 129eace7efcSopenharmony_ci 130eace7efcSopenharmony_ci bool JudgeStartAbilityFromBackground(const bool isBackgroundCall, bool withContinuousTask = false) const; 131eace7efcSopenharmony_ci 132eace7efcSopenharmony_ci bool JudgeAssociatedWakeUp(const uint32_t accessTokenId, const bool associatedWakeUp) const; 133eace7efcSopenharmony_ci 134eace7efcSopenharmony_ci int JudgeInvisibleAndBackground(const VerificationInfo &verificationInfo, bool isCallByShortcut = false) const; 135eace7efcSopenharmony_ci 136eace7efcSopenharmony_ci inline bool IsCallFromSameAccessToken(const uint32_t accessTokenId) const 137eace7efcSopenharmony_ci { 138eace7efcSopenharmony_ci return IPCSkeleton::GetCallingTokenID() == accessTokenId; 139eace7efcSopenharmony_ci } 140eace7efcSopenharmony_ci}; 141eace7efcSopenharmony_ci} // namespace AAFwk 142eace7efcSopenharmony_ci} // namespace OHOS 143eace7efcSopenharmony_ci#endif // OHOS_ABILITY_RUNTIME_PERMISSION_VERIFICATION_H 144