1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "access_token_wrapper.h" 17 18 #include <cstring> 19 #include "securec.h" 20 21 #include "accesstoken_kit.h" 22 #include "tokenid_kit.h" 23 #include "ipc_skeleton.h" 24 25 #include "asset_type.h" 26 #include "asset_log.h" 27 28 using namespace OHOS; 29 using namespace Security::AccessToken; 30 31 namespace { CheckSystemApp(void)32bool CheckSystemApp(void) 33 { 34 auto accessTokenId = IPCSkeleton::GetCallingFullTokenID(); 35 bool isSystemApp = TokenIdKit::IsSystemAppByFullTokenID(accessTokenId); 36 if (isSystemApp) { 37 LOGI("[INFO]Check system app success!"); 38 return true; 39 } else { 40 LOGE("[FATAL]Check system app failed"); 41 return false; 42 } 43 } 44 45 } // namespace 46 CheckPermission(const char * permission)47bool CheckPermission(const char *permission) 48 { 49 auto tokenId = IPCSkeleton::GetCallingTokenID(); 50 int result = AccessTokenKit::VerifyAccessToken(tokenId, permission); 51 if (result == PERMISSION_GRANTED) { 52 LOGI("[INFO]Check permission success!"); 53 return true; 54 } else { 55 LOGE("[FATAL]Check permission failed, ret=%{public}d", result); 56 return false; 57 } 58 } 59 CheckSystemHapPermission(void)60bool CheckSystemHapPermission(void) 61 { 62 auto tokenId = IPCSkeleton::GetCallingTokenID(); 63 ATokenTypeEnum tokenType = AccessTokenKit::GetTokenTypeFlag(tokenId); 64 return (tokenType == ATokenTypeEnum::TOKEN_HAP) ? CheckSystemApp() : true; 65 } 66