1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef OHOS_DISTRIBUTED_DEVICE_PROFILE_AUTHORITY_MANAGER_H 17 #define OHOS_DISTRIBUTED_DEVICE_PROFILE_AUTHORITY_MANAGER_H 18 19 #include <string> 20 #include <unordered_set> 21 22 #include "single_instance.h" 23 24 #include "nlohmann/json.hpp" 25 26 namespace OHOS { 27 namespace DeviceProfile { 28 enum AuthValue : uint16_t { 29 // 0000 0000 0000 0001, the authority of read 30 AUTH_R = 0x0001, 31 // 0000 0000 0000 0010, the authority of write 32 AUTH_W = 0x0002, 33 // 0000 0000 0000 0011, the authority of both read and write 34 AUTH_RW = 0x0003 35 }; 36 37 class AuthorityManager { 38 DECLARE_SINGLE_INSTANCE(AuthorityManager); 39 40 public: 41 bool Init(); 42 43 bool CheckCallerTrust(); 44 bool CheckInterfaceAuthority(const std::string& ifaceName); 45 bool CheckServiceAuthority(AuthValue authVal, const std::string& serviceId); 46 bool CheckServicesAuthority(AuthValue authVal, const std::vector<std::string>& serviceIds); 47 48 private: 49 bool LoadAuthorityCfg(const std::string& filePath); 50 void InitSupportedInterfaces(); 51 52 void ValidateAuthorityCfg(); 53 bool ValidateProcess(nlohmann::json& processJson); 54 bool ValidateInterfaces(nlohmann::json& interfacesJson); 55 bool ValidateServices(nlohmann::json& servicesJson); 56 bool ValidateServicesHelper(nlohmann::json& servicesJson); 57 bool ValidateService(const nlohmann::json& authValJson, bool readOnly); 58 59 bool CheckServicesAuth(const nlohmann::json& servicesJson, AuthValue authVal, 60 const std::vector<std::string>& serviceIds); 61 bool CheckPrefixServiceAuth(const nlohmann::json& prefixSvcsJson, 62 const std::string& serviceId, AuthValue authVal); 63 bool CheckSpecificServiceAuth(const nlohmann::json& specificSvcsJson, 64 const std::string& serviceId, AuthValue authVal); 65 66 std::string GetCallingProcName(); 67 68 private: 69 nlohmann::json authJson_; 70 std::unordered_set<std::string> supportedInterfaces_; 71 }; 72 } // namespace DeviceProfile 73 } // namespace OHOS 74 #endif // OHOS_DISTRIBUTED_DEVICE_PROFILE_AUTHORITY_MANAGER_H