1 /* 2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef PERMISSION_RECORD_MANAGER_H 17 #define PERMISSION_RECORD_MANAGER_H 18 19 #include <vector> 20 #include <set> 21 #include <string> 22 23 #ifdef EVENTHANDLER_ENABLE 24 #include "access_event_handler.h" 25 #endif 26 #include "access_token.h" 27 #include "active_change_response_info.h" 28 #include "add_perm_param_info.h" 29 #include "app_manager_death_callback.h" 30 #include "app_manager_death_recipient.h" 31 #include "app_status_change_callback.h" 32 #include "hap_token_info.h" 33 #include "libraryloader.h" 34 #include "nocopyable.h" 35 #include "on_permission_used_record_callback.h" 36 #include "permission_record.h" 37 #include "permission_used_request.h" 38 #include "permission_used_result.h" 39 #include "permission_used_type_info.h" 40 #include "privacy_param.h" 41 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 42 #include "privacy_window_manager_agent.h" 43 #endif 44 #include "rwlock.h" 45 #include "safe_map.h" 46 #include "thread_pool.h" 47 #ifdef CUSTOMIZATION_CONFIG_POLICY_ENABLE 48 #include "nlohmann/json.hpp" 49 #include "permission_record_config.h" 50 #endif 51 52 namespace OHOS { 53 namespace Security { 54 namespace AccessToken { 55 class PrivacyAppStateObserver : public ApplicationStateObserverStub { 56 public: 57 PrivacyAppStateObserver() = default; 58 ~PrivacyAppStateObserver() = default; 59 void OnProcessDied(const ProcessData &processData) override; 60 void OnAppStopped(const AppStateData &appStateData) override; 61 void OnAppStateChanged(const AppStateData &appStateData) override; 62 DISALLOW_COPY_AND_MOVE(PrivacyAppStateObserver); 63 }; 64 65 class PrivacyAppManagerDeathCallback : public AppManagerDeathCallback { 66 public: 67 PrivacyAppManagerDeathCallback() = default; 68 ~PrivacyAppManagerDeathCallback() = default; 69 70 void NotifyAppManagerDeath() override; 71 DISALLOW_COPY_AND_MOVE(PrivacyAppManagerDeathCallback); 72 }; 73 74 class PermissionRecordManager final { 75 public: 76 static PermissionRecordManager& GetInstance(); 77 virtual ~PermissionRecordManager(); 78 79 void Init(); 80 int32_t AddPermissionUsedRecord(const AddPermParamInfo& info); 81 void RemovePermissionUsedRecords(AccessTokenID tokenId, const std::string& deviceID); 82 int32_t GetPermissionUsedRecords(const PermissionUsedRequest& request, PermissionUsedResult& result); 83 int32_t GetPermissionUsedRecordsAsync( 84 const PermissionUsedRequest& request, const sptr<OnPermissionUsedRecordCallback>& callback); 85 int32_t StartUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 86 int32_t StartUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName, 87 const sptr<IRemoteObject>& callback); 88 int32_t StopUsingPermission(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 89 int32_t RegisterPermActiveStatusCallback( 90 AccessTokenID regiterTokenId, const std::vector<std::string>& permList, const sptr<IRemoteObject>& callback); 91 int32_t UnRegisterPermActiveStatusCallback(const sptr<IRemoteObject>& callback); 92 93 void CallbackExecute(AccessTokenID tokenId, const std::string& permissionName, int32_t status); 94 int32_t PermissionListFilter(const std::vector<std::string>& listSrc, std::vector<std::string>& listRes); 95 bool IsAllowedUsingPermission(AccessTokenID tokenId, const std::string& permissionName); 96 int32_t GetPermissionUsedTypeInfos(const AccessTokenID tokenId, const std::string& permissionName, 97 std::vector<PermissionUsedTypeInfo>& results); 98 int32_t SetMutePolicy(const PolicyType& policyType, const CallerType& callerType, bool isMute); 99 int32_t SetEdmMutePolicy(const std::string permissionName, bool isMute); 100 int32_t SetPrivacyMutePolicy(const std::string permissionName, bool isMute); 101 int32_t SetTempMutePolicy(const std::string permissionName, bool isMute); 102 int32_t SetHapWithFGReminder(uint32_t tokenId, bool isAllowed); 103 104 void NotifyAppStateChange(AccessTokenID tokenId, int32_t pid, ActiveChangeType status); 105 void SetLockScreenStatus(int32_t lockScreenStatus); 106 int32_t GetLockScreenStatus(); 107 108 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 109 void NotifyCameraWindowChange(bool isPip, AccessTokenID tokenId, bool isShowing); 110 void OnWindowMgrRemoteDied(); 111 #endif 112 void OnAppMgrRemoteDiedHandle(); 113 void OnAudioMgrRemoteDiedHandle(); 114 void OnCameraMgrRemoteDiedHandle(); 115 void RemoveRecordFromStartListByPid(const AccessTokenID tokenId, int32_t pid); 116 void RemoveRecordFromStartListByToken(const AccessTokenID tokenId); 117 void RemoveRecordFromStartListByOp(int32_t opCode); 118 void ExecuteAllCameraExecuteCallback(); 119 void UpdatePermRecImmediately(); 120 void ExecuteDeletePermissionRecordTask(); 121 122 private: 123 PermissionRecordManager(); 124 DISALLOW_COPY_AND_MOVE(PermissionRecordManager); 125 126 bool IsAllowedUsingCamera(AccessTokenID tokenId); 127 bool IsAllowedUsingMicrophone(AccessTokenID tokenId); 128 129 void AddRecToCacheAndValueVec(const PermissionRecord& record, std::vector<GenericValues>& values); 130 int32_t MergeOrInsertRecord(const PermissionRecord& record); 131 bool UpdatePermissionUsedRecordToDb(const PermissionRecord& record); 132 int32_t AddRecord(const PermissionRecord& record); 133 int32_t GetPermissionRecord(const AddPermParamInfo& info, PermissionRecord& record); 134 bool CreateBundleUsedRecord(const AccessTokenID tokenId, BundleUsedRecord& bundleRecord); 135 int32_t GetCurDeleteTaskNum(); 136 void AddDeleteTaskNum(); 137 void ReduceDeleteTaskNum(); 138 int32_t DeletePermissionRecord(int32_t days); 139 140 void GetMergedRecordsFromCache(std::vector<PermissionRecord>& mergedRecords); 141 void InsteadMergedRecIfNecessary(GenericValues& mergedRecord, std::vector<PermissionRecord>& mergedRecords); 142 void MergeSamePermission(const PermissionUsageFlag& flag, const PermissionUsedRecord& inRecord, 143 PermissionUsedRecord& outRecord); 144 void FillPermissionUsedRecords(const PermissionUsedRecord& record, const PermissionUsageFlag& flag, 145 std::vector<PermissionUsedRecord>& permissionRecords); 146 bool FillBundleUsedRecord(const GenericValues& value, const PermissionUsageFlag& flag, 147 std::map<int32_t, BundleUsedRecord>& tokenIdToBundleMap, std::map<int32_t, int32_t>& tokenIdToCountMap, 148 PermissionUsedResult& result); 149 bool GetRecordsFromLocalDB(const PermissionUsedRequest& request, PermissionUsedResult& result); 150 151 void ExecuteAndUpdateRecord(uint32_t tokenId, int32_t pid, ActiveChangeType status); 152 153 void ExecuteAndUpdateRecordByPerm(const std::string& permissionName, bool switchStatus); 154 int32_t RemoveRecordFromStartList(AccessTokenID tokenId, int32_t pid, const std::string& permissionName); 155 int32_t AddRecordToStartList(uint32_t tokenId, int32_t pid, const std::string& permissionName, int32_t status); 156 157 std::string GetDeviceId(AccessTokenID tokenId); 158 void PermListToString(const std::vector<std::string>& permList); 159 bool GetGlobalSwitchStatus(const std::string& permissionName); 160 bool ShowGlobalDialog(const std::string& permissionName); 161 void ModifyMuteStatus(const std::string& permissionName, int32_t index, bool isMute); 162 bool GetMuteStatus(const std::string& permissionName, int32_t index); 163 164 void ExecuteCameraCallbackAsync(AccessTokenID tokenId, int32_t pid); 165 166 void TransformEnumToBitValue(const PermissionUsedType type, uint32_t& value); 167 bool AddOrUpdateUsedTypeIfNeeded(const AccessTokenID tokenId, const int32_t opCode, 168 const PermissionUsedType type); 169 void AddDataValueToResults(const GenericValues value, std::vector<PermissionUsedTypeInfo>& results); 170 171 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 172 bool HasUsingCamera(); 173 void ClearWindowShowing(); 174 #endif 175 bool IsCameraWindowShow(AccessTokenID tokenId); 176 uint64_t GetUniqueId(uint32_t tokenId, int32_t pid) const; 177 bool IsPidValid(int32_t pid) const; 178 bool RegisterWindowCallback(); 179 void InitializeMuteState(const std::string& permissionName); 180 int32_t GetAppStatus(AccessTokenID tokenId); 181 182 bool RegisterAppStatusListener(); 183 bool Register(); 184 bool RegisterApplicationStateObserver(); 185 void Unregister(); 186 bool GetMuteParameter(const char* key, bool& isMute); 187 188 void SetDefaultConfigValue(); 189 void GetConfigValue(); 190 191 private: 192 bool hasInited_ = false; 193 OHOS::Utils::RWLock rwLock_; 194 std::mutex startRecordListMutex_; 195 std::vector<ContinusPermissionRecord> startRecordList_; 196 SafeMap<uint64_t, sptr<IRemoteObject>> cameraCallbackMap_; 197 198 // microphone 199 std::mutex micMuteMutex_; 200 std::mutex micLoadMutex_; 201 bool isMicEdmMute_ = false; 202 bool isMicMixMute_ = false; 203 bool isMicLoad_ = false; 204 205 // camera 206 std::mutex camMuteMutex_; 207 std::mutex camLoadMutex_; 208 bool isCamEdmMute_ = false; 209 bool isCamMixMute_ = false; 210 bool isCamLoad_ = false; 211 212 // appState 213 std::mutex appStateMutex_; 214 sptr<PrivacyAppStateObserver> appStateCallback_ = nullptr; 215 216 // app manager death 217 std::mutex appManagerDeathMutex_; 218 std::shared_ptr<PrivacyAppManagerDeathCallback> appManagerDeathCallback_ = nullptr; 219 220 // lockScreenState 221 std::mutex lockScreenStateMutex_; 222 int32_t lockScreenStatus_ = LockScreenStatusChangeType::PERM_ACTIVE_IN_UNLOCKED; 223 224 // foreground reminder 225 std::mutex foreReminderMutex_; 226 std::vector<uint32_t> foreTokenIdList_; 227 228 #ifdef CAMERA_FLOAT_WINDOW_ENABLE 229 std::mutex windowMutex_; 230 bool isWmRegistered = false; 231 sptr<PrivacyWindowManagerAgent> floatWindowCallback_ = nullptr; 232 sptr<PrivacyWindowManagerAgent> pipWindowCallback_ = nullptr; 233 234 std::mutex windowStatusMutex_; 235 // camera float window 236 bool camFloatWindowShowing_ = false; 237 AccessTokenID floatWindowTokenId_ = 0; 238 239 // pip window 240 bool pipWindowShowing_ = false; 241 AccessTokenID pipWindowTokenId_ = 0; 242 #endif 243 244 // record config 245 int32_t recordSizeMaximum_ = 0; 246 int32_t recordAgingTime_ = 0; 247 std::string globalDialogBundleName_; 248 std::string globalDialogAbilityName_; 249 250 #ifdef EVENTHANDLER_ENABLE 251 std::shared_ptr<AppExecFwk::EventRunner> deleteEventRunner_; 252 std::shared_ptr<AccessEventHandler> deleteEventHandler_; 253 #endif 254 std::atomic_int32_t deleteTaskNum_ = 0; 255 256 std::mutex permUsedRecMutex_; 257 std::vector<PermissionRecordCache> permUsedRecList_; 258 }; 259 } // namespace AccessToken 260 } // namespace Security 261 } // namespace OHOS 262 #endif // PERMISSION_RECORD_MANAGER_H