1 /*
2 * Copyright (C) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #define MLOG_TAG "AbsPermissionHandler"
17
18 #include "abs_permission_handler.h"
19
20 #include <cstdlib>
21
22 #include "medialibrary_bundle_manager.h"
23 #include "medialibrary_uripermission_operations.h"
24 #include "permission_utils.h"
25 #include "system_ability_definition.h"
26 #include "medialibrary_operation.h"
27 #include "parameters.h"
28 #ifdef MEDIALIBRARY_SECURITY_OPEN
29 #include "sec_comp_kit.h"
30 #endif
31
32 using namespace std;
33 using namespace OHOS::Security::AccessToken;
34
35 namespace OHOS::Media {
36
CheckPermission(MediaLibraryCommand & cmd,PermParam & permParam)37 int32_t AbsPermissionHandler::CheckPermission(MediaLibraryCommand &cmd, PermParam &permParam)
38 {
39 MEDIA_DEBUG_LOG("CheckPermission:isDoDfx_=%{public}d", isDoDfx_);
40 int32_t err = ExecuteCheckPermissionWithDfx(cmd, permParam);
41 if (err == E_SUCCESS || nextHandler_ == nullptr) {
42 MEDIA_DEBUG_LOG("permission chain is end");
43 return err;
44 }
45 return nextHandler_->CheckPermission(cmd, permParam); // 下一鉴权处理器鉴权
46 }
47
IsFitCollectInfo(MediaLibraryCommand & cmd)48 static bool IsFitCollectInfo(MediaLibraryCommand &cmd)
49 {
50 return (cmd.GetOprnObject() == OperationObject::FILESYSTEM_PHOTO) ||
51 (cmd.GetOprnObject() == OperationObject::THUMBNAIL) ||
52 (cmd.GetOprnObject() == OperationObject::THUMBNAIL_ASTC);
53 }
54
ExecuteCheckPermissionWithDfx(MediaLibraryCommand & cmd,PermParam & permParam)55 int32_t AbsPermissionHandler::ExecuteCheckPermissionWithDfx(MediaLibraryCommand &cmd, PermParam &permParam)
56 {
57 MEDIA_DEBUG_LOG("ExecuteCheckPermissionWithDfx begin, isOpenFile: %{public}d", permParam.isOpenFile);
58 int32_t err = ExecuteCheckPermission(cmd, permParam);
59 if (isDoDfx_ && IsFitCollectInfo(cmd) && permParam.isOpenFile) {
60 MEDIA_DEBUG_LOG("dfx begin");
61 bool permGranted = err == E_SUCCESS;
62 PermissionUsedType type = PermissionUsedTypeValue::SECURITY_COMPONENT_TYPE;
63 if (permParam.isWrite) {
64 PermissionUtils::CollectPermissionInfo(PERM_WRITE_IMAGEVIDEO, permGranted, type);
65 } else {
66 PermissionUtils::CollectPermissionInfo(PERM_READ_IMAGEVIDEO, permGranted, type);
67 }
68 MEDIA_DEBUG_LOG("dfx end");
69 }
70 MEDIA_DEBUG_LOG("ExecuteCheckPermissionWithDfx end:err=%{public}d", err);
71 return err;
72 }
73
74 } // namespace name