1/*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#ifndef DISTRIBUTED_SCHED_PERMISSION_H
17#define DISTRIBUTED_SCHED_PERMISSION_H
18
19#include <stdint.h>
20#include <string>
21
22#include "distributed_sched_interface.h"
23#include "nlohmann/json.hpp"
24#include "single_instance.h"
25
26namespace OHOS {
27namespace DistributedSchedule {
28struct GroupInfo {
29    std::string groupName;
30    std::string groupId;
31    std::string groupOwner;
32    int32_t groupType;
33    int32_t groupVisibility;
34
35    GroupInfo() : groupName(""), groupId(""), groupOwner(""), groupType(0), groupVisibility(0) {}
36};
37
38void from_json(const nlohmann::json& jsonObject, GroupInfo& groupInfo);
39
40class DistributedSchedPermission {
41    DECLARE_SINGLE_INSTANCE(DistributedSchedPermission);
42
43public:
44    using AccountInfo = IDistributedSched::AccountInfo;
45
46    int32_t CheckSendResultPermission(const AAFwk::Want& want, const CallerInfo& callerInfo,
47        const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility);
48    int32_t CheckStartPermission(const AAFwk::Want& want, const CallerInfo& callerInfo,
49        const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility, bool isSameBundle = true);
50    int32_t CheckGetCallerPermission(const AAFwk::Want& want, const CallerInfo& callerInfo,
51        const AccountInfo& accountInfo, AppExecFwk::AbilityInfo& targetAbility);
52    bool IsFoundationCall() const;
53    bool IsSceneBoardCall() const;
54    int32_t CheckPermission(uint32_t accessToken, const std::string& permissionName) const;
55    int32_t CheckPermissionAll(uint32_t accessToken, const std::string& permissionName) const;
56    int32_t GetAccountInfo(const std::string& remoteNetworkId, const CallerInfo& callerInfo,
57        AccountInfo& accountInfo);
58    bool GetTargetAbility(const AAFwk::Want& want, AppExecFwk::AbilityInfo& targetAbility,
59        bool needQueryExtension = false) const;
60    void MarkUriPermission(OHOS::AAFwk::Want& want, uint32_t accessToken);
61    void RemoveRemoteObjectFromWant(std::shared_ptr<AAFwk::Want> want) const;
62
63private:
64    bool GetOsAccountData(AccountInfo& dmsAccountInfo);
65    bool CheckDstSameAccount(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo,
66        const CallerInfo& callerInfo);
67    bool CheckAclList(const std::string& dstNetworkId, const AccountInfo& dmsAccountInfo,
68        const CallerInfo& callerInfo);
69    bool GetRelatedGroups(const std::string& udid, const std::vector<std::string>& bundleNames,
70        AccountInfo& accountInfo);
71    bool ParseGroupInfos(const std::string& returnGroupStr, std::vector<GroupInfo>& groupInfos);
72    bool VerifyPermission(uint32_t accessToken, const std::string& permissionName) const;
73    bool CheckAccountAccessPermission(const CallerInfo& callerInfo,
74        const AccountInfo& accountInfo, const std::string& targetBundleName);
75    bool CheckComponentAccessPermission(const AppExecFwk::AbilityInfo& targetAbility,
76        const CallerInfo& callerInfo, const AccountInfo& accountInfo, const AAFwk::Want& want) const;
77    bool CheckMigrateStartCtrlPer(const AppExecFwk::AbilityInfo& targetAbility,
78        const CallerInfo& callerInfo, const AAFwk::Want& want, bool isSameBundle = true);
79    bool CheckCollaborateStartCtrlPer(const AppExecFwk::AbilityInfo& targetAbility,
80        const CallerInfo& callerInfo, const AAFwk::Want& want) const;
81    bool CheckStartControlPermission(const AppExecFwk::AbilityInfo& targetAbility,
82        const CallerInfo& callerInfo, const AAFwk::Want& want, bool isSameBundle = true);
83    bool CheckBackgroundPermission(const AppExecFwk::AbilityInfo& targetAbility,
84        const CallerInfo& callerInfo, const AAFwk::Want& want, bool needCheckApiVersion) const;
85    bool CheckMinApiVersion(const AppExecFwk::AbilityInfo& targetAbility, int32_t apiVersion) const;
86    bool CheckDeviceSecurityLevel(const std::string& srcDeviceId, const std::string& dstDeviceId) const;
87    int32_t GetDeviceSecurityLevel(const std::string& udid) const;
88    bool CheckTargetAbilityVisible(const AppExecFwk::AbilityInfo& targetAbility, const CallerInfo& callerInfo) const;
89    bool IsDistributedFile(const std::string& path) const;
90};
91} // namespace DistributedSchedule
92} // namespace OHOS
93#endif // DISTRIBUTED_SCHED_PERMISSION_H