1 /*
2  * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef SANDBOXMANAGER_KIT_H
17 #define SANDBOXMANAGER_KIT_H
18 
19 #include "policy_info.h"
20 #include "sandbox_manager_err_code.h"
21 
22 namespace OHOS {
23 namespace AccessControl {
24 namespace SandboxManager {
25 /**
26  * @brief Declares SandboxManagerKit class
27  */
28 class SandboxManagerKit {
29 public:
30     /**
31      * @brief Clear the persistence policy
32      * @param Policy vector of string, file path
33      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
34      */
35     static int32_t CleanPersistPolicyByPath(const std::vector<std::string>& filePathList);
36     /**
37      * @brief Persist policys with caller's tokenId
38      * @param policy vector of PolicyInfo, see policy_info.h
39      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
40      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
41      */
42     static int32_t PersistPolicy(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
43     /**
44      * @brief Unpersist policys with caller's tokenId
45      * @param policy vector of PolicyInfo, see policy_info.h
46      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
47      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
48      */
49     static int32_t UnPersistPolicy(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
50     /**
51      * @brief Persist policys with a given tokenId
52      * @param tokenId a given tokenId
53      * @param policy vector of PolicyInfo, see policy_info.h
54      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
55      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
56      */
57     static int32_t PersistPolicy(
58         uint32_t tokenId, const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
59     /**
60      * @brief Unpersist policys with a given tokenId
61      * @param tokenId a given tokenId
62      * @param policy vector of PolicyInfo, see policy_info.h
63      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
64      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
65      */
66     static int32_t UnPersistPolicy(
67         uint32_t tokenId, const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
68     /**
69      * @brief Set policys with a given tokenId to MAC layer
70      * @param tokenId a given tokenId
71      * @param policy vector of PolicyInfo, see policy_info.h
72      * @param policyFlag flag of policy
73      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
74      */
75     static int32_t SetPolicy(uint32_t tokenId, const std::vector<PolicyInfo> &policy, uint64_t policyFlag,
76                              std::vector<uint32_t> &result);
77     /**
78      * @brief Set policys with a given tokenId to MAC layer
79      * @param tokenId a given tokenId
80      * @param policy vector of PolicyInfo, see policy_info.h
81      * @param policyFlag flag of policy
82      * @param timestamp timestamp of policy
83      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
84      */
85     static int32_t SetPolicy(uint32_t tokenId, const std::vector<PolicyInfo> &policy, uint64_t policyFlag,
86                              std::vector<uint32_t> &result, uint64_t timestamp);
87     /**
88      * @brief Unset policy with a given tokenId from MAC layer
89      * @param tokenId a given tokenId
90      * @param policy vector of PolicyInfo, see policy_info.h
91      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
92      */
93     static int32_t UnSetPolicy(uint32_t tokenId, const PolicyInfo &policy);
94     /**
95      * @brief Set policys with a given tokenId to MAC layer async
96      * @param tokenId a given tokenId
97      * @param policy vector of PolicyInfo, see policy_info.h
98      * @param policyFlag flag of policy
99      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
100      */
101     static int32_t SetPolicyAsync(uint32_t tokenId, const std::vector<PolicyInfo> &policy, uint64_t policyFlag);
102     /**
103      * @brief Set policys with a given tokenId to MAC layer async
104      * @param tokenId a given tokenId
105      * @param policy vector of PolicyInfo, see policy_info.h
106      * @param policyFlag flag of policy
107      * @param timestamp timestamp of policy
108      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
109      */
110     static int32_t SetPolicyAsync(uint32_t tokenId, const std::vector<PolicyInfo> &policy, uint64_t policyFlag,
111         uint64_t timestamp);
112     /**
113      * @brief Unset policy with a given tokenId from MAC layer async
114      * @param tokenId a given tokenId
115      * @param policy vector of PolicyInfo, see policy_info.h
116      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
117      */
118     static int32_t UnSetPolicyAsync(uint32_t tokenId, const PolicyInfo &policy);
119     /**
120      * @brief Check policy with a given tokenId from MAC layer
121      * @param tokenId a given tokenId
122      * @param policy vector of PolicyInfo, see policy_info.h
123      * @param result check result of each policy
124      * @return true if policy exist, else false
125      */
126     static int32_t CheckPolicy(uint32_t tokenId, const std::vector<PolicyInfo> &policy, std::vector<bool> &result);
127     /**
128      * @brief Set existing persisted policys with caller's tokenId to MAC layer
129      *        not existed policy would be ignored, but have a return in result
130      * @param policy vector of PolicyInfo, see policy_info.h
131      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
132      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
133      */
134     static int32_t StartAccessingPolicy(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
135     /**
136      * @brief Set existing persisted policys with caller's tokenId or a given tokenId
137      *        to MAC layer, not existed policy would be ignored, but have a return in result
138      * @param policy vector of PolicyInfo, see policy_info.h
139      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
140      * @param useCallerToken use caller token if true, else use the given tokenId
141      * @param tokenId a given tokenId
142      * @param timestamp timestamp to access policy
143      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
144      */
145     static int32_t StartAccessingPolicy(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result,
146         bool useCallerToken, uint32_t tokenId, uint64_t timestamp);
147     /**
148      * @brief Stop existing persisted policys with caller's tokenId to MAC layer
149      *        not existed policy would be ignored, but have a return in result
150      * @param policy vector of PolicyInfo, see policy_info.h
151      * @param result insert result of each policy, result is SandboxRetType in policy_info.h
152      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
153      */
154     static int32_t StopAccessingPolicy(const std::vector<PolicyInfo> &policy, std::vector<uint32_t> &result);
155     /**
156      * @brief check policys whether is persisted
157      * @param policy vector of PolicyInfo, see policy_info.h
158      * @param result true - exist, false - not exist
159      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
160      */
161     static int32_t CheckPersistPolicy(
162         uint32_t tokenId, const std::vector<PolicyInfo> &policy, std::vector<bool> &result);
163     /**
164      * @brief load all policys by tokenid that auto-loaded flag = 1
165      * @param tokenId a given tokenId
166      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
167      */
168     static int32_t StartAccessingByTokenId(uint32_t tokenId);
169     /**
170      * @brief load all policys by tokenid that auto-loaded flag = 1
171      * @param tokenId a given tokenId
172      * @param timestamp timestamp to access policy
173      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
174      */
175     static int32_t StartAccessingByTokenId(uint32_t tokenId, uint64_t timestamp);
176     /**
177      * @brief unset all policy of a given tokenid
178      * @param tokenId a given tokenId
179      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
180      */
181     static int32_t UnSetAllPolicyByToken(uint32_t tokenId);
182     /**
183      * @brief unset all policy of a given tokenid
184      * @param tokenId a given tokenId
185      * @param timestamp timestamp to unset policy
186      * @return SandboxManagerErrCode, see sandbox_manager_err_code.h
187      */
188     static int32_t UnSetAllPolicyByToken(uint32_t tokenId, uint64_t timestamp);
189 };
190 } // SandboxManager
191 } // AccessControl
192 } // OHOS
193 #endif //SANDBOXMANAGER_KIT_H