1 /* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ACCESSTOKEN_TOKEN_INFO_MANAGER_H 17 #define ACCESSTOKEN_TOKEN_INFO_MANAGER_H 18 19 #include <atomic> 20 #include <map> 21 #include <memory> 22 #include <vector> 23 24 #include "access_token.h" 25 #include "atm_tools_param_info.h" 26 #ifdef TOKEN_SYNC_ENABLE 27 #include "device_manager.h" 28 #endif 29 #include "hap_token_info.h" 30 #include "hap_token_info_inner.h" 31 #include "native_token_info_inner.h" 32 #include "thread_pool.h" 33 34 namespace OHOS { 35 namespace Security { 36 namespace AccessToken { 37 static const int UDID_MAX_LENGTH = 128; // udid/uuid max length 38 39 #ifdef TOKEN_SYNC_ENABLE 40 class AccessTokenDmInitCallback final : public DistributedHardware::DmInitCallback { OnRemoteDied()41 void OnRemoteDied() override 42 {} 43 }; 44 #endif 45 46 class AccessTokenInfoManager final { 47 public: 48 static AccessTokenInfoManager& GetInstance(); 49 ~AccessTokenInfoManager(); 50 void Init(); 51 std::shared_ptr<HapTokenInfoInner> GetHapTokenInfoInner(AccessTokenID id); 52 int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& infoParcel); 53 std::shared_ptr<NativeTokenInfoInner> GetNativeTokenInfoInner(AccessTokenID id); 54 int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& infoParcel); 55 int AllocAccessTokenIDEx(const HapInfoParams& info, AccessTokenID tokenId, AccessTokenIDEx& tokenIdEx); 56 std::shared_ptr<PermissionPolicySet> GetNativePermissionPolicySet(AccessTokenID id); 57 std::shared_ptr<PermissionPolicySet> GetHapPermissionPolicySet(AccessTokenID id); 58 int RemoveHapTokenInfo(AccessTokenID id); 59 int RemoveNativeTokenInfo(AccessTokenID id); 60 int32_t AddAllNativeTokenInfoToDb(void); 61 int32_t ModifyHapTokenInfoFromDb(AccessTokenID tokenID, const std::shared_ptr<HapTokenInfoInner>& hapInner); 62 int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); 63 int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); 64 AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex); 65 AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); 66 void ProcessNativeTokenInfos(const std::vector<std::shared_ptr<NativeTokenInfoInner>>& tokenInfos); 67 int32_t UpdateHapToken(AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, 68 const std::vector<PermissionStateFull>& permStateList, ATokenAplEnum apl, 69 const std::vector<PermissionDef>& permList); 70 void DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo); 71 bool IsTokenIdExist(AccessTokenID id); 72 AccessTokenID GetNativeTokenId(const std::string& processName); 73 void GetRelatedSandBoxHapList(AccessTokenID tokenId, std::vector<AccessTokenID>& tokenIdList); 74 int32_t GetHapTokenDlpType(AccessTokenID id); 75 int32_t SetPermDialogCap(AccessTokenID tokenID, bool enable); 76 bool GetPermDialogCap(AccessTokenID tokenID); 77 int32_t ModifyHapPermStateFromDb( 78 AccessTokenID tokenID, const std::string& permission, const std::shared_ptr<HapTokenInfoInner>& hapInfo); 79 void DumpToken(); 80 int32_t GetCurDumpTaskNum(); 81 void AddDumpTaskNum(); 82 void ReduceDumpTaskNum(); 83 84 #ifdef TOKEN_SYNC_ENABLE 85 /* tokensync needed */ 86 void InitDmCallback(void); 87 int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); 88 int GetHapTokenInfoFromRemote(AccessTokenID tokenID, 89 HapTokenInfoForSync& hapSync); 90 int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync); 91 bool IsRemoteHapTokenValid(const std::string& deviceID, const HapTokenInfoForSync& hapSync); 92 int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); 93 AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID); 94 int DeleteRemoteDeviceTokens(const std::string& deviceID); 95 #endif 96 97 bool UpdateStatesToDatabase(AccessTokenID tokenID, std::vector<PermissionStateFull>& stateChangeList); 98 bool UpdateCapStateToDatabase(AccessTokenID tokenID, bool enable); 99 100 private: 101 AccessTokenInfoManager(); 102 DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); 103 104 void InitHapTokenInfos(uint32_t& hapSize); 105 void InitNativeTokenInfos(uint32_t& nativeSize); 106 int AddHapTokenInfo(const std::shared_ptr<HapTokenInfoInner>& info); 107 int AddNativeTokenInfo(const std::shared_ptr<NativeTokenInfoInner>& info); 108 std::string GetHapUniqueStr(const std::shared_ptr<HapTokenInfoInner>& info) const; 109 std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; 110 bool TryUpdateExistNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 111 int AllocNativeToken(const std::shared_ptr<NativeTokenInfoInner>& infoPtr); 112 int AddHapTokenInfoToDb(AccessTokenID tokenID, const std::shared_ptr<HapTokenInfoInner>& hapInfo); 113 int RemoveHapTokenInfoFromDb(AccessTokenID tokenID); 114 int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 115 int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); 116 void PermissionStateNotify(const std::shared_ptr<HapTokenInfoInner>& info, AccessTokenID id); 117 void DumpHapTokenInfoByTokenId(const AccessTokenID tokenId, std::string& dumpInfo); 118 void DumpHapTokenInfoByBundleName(const std::string& bundleName, std::string& dumpInfo); 119 void DumpAllHapTokenInfo(std::string& dumpInfo); 120 void DumpNativeTokenInfoByProcessName(const std::string& processName, std::string& dumpInfo); 121 void DumpAllNativeTokenInfo(std::string& dumpInfo); 122 123 #ifdef RESOURCESCHEDULE_FFRT_ENABLE 124 std::atomic_int32_t curTaskNum_; 125 std::shared_ptr<ffrt::queue> ffrtTaskQueue_ = std::make_shared<ffrt::queue>("TokenStore"); 126 #else 127 OHOS::ThreadPool tokenDataWorker_; 128 #endif 129 bool RemoveNativeInfoFromDatabase(AccessTokenID tokenID); 130 131 bool hasInited_; 132 std::atomic_int32_t dumpTaskNum_; 133 134 OHOS::Utils::RWLock hapTokenInfoLock_; 135 OHOS::Utils::RWLock nativeTokenInfoLock_; 136 OHOS::Utils::RWLock managerLock_; 137 OHOS::Utils::RWLock modifyLock_; 138 139 std::map<int, std::shared_ptr<HapTokenInfoInner>> hapTokenInfoMap_; 140 std::map<std::string, AccessTokenID> hapTokenIdMap_; 141 std::map<int, std::shared_ptr<NativeTokenInfoInner>> nativeTokenInfoMap_; 142 std::map<std::string, AccessTokenID> nativeTokenIdMap_; 143 }; 144 } // namespace AccessToken 145 } // namespace Security 146 } // namespace OHOS 147 #endif // ACCESSTOKEN_TOKEN_INFO_MANAGER_H 148