1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef APP_FILE_SERVICE_FILE_PERMISSION 17 #define APP_FILE_SERVICE_FILE_PERMISSION 18 19 #include <deque> 20 #include <string> 21 #include <vector> 22 #ifdef SANDBOX_MANAGER 23 #include "sandbox_manager_kit.h" 24 #endif 25 26 namespace OHOS { 27 namespace AppFileService { 28 using namespace std; 29 #ifdef SANDBOX_MANAGER 30 using namespace AccessControl::SandboxManager; 31 #endif 32 constexpr const int32_t MAX_ARRAY_SIZE = 500; 33 typedef enum OperationMode { 34 READ_MODE = 1 << 0, 35 WRITE_MODE = 1 << 1, 36 } OperationMode; 37 38 typedef enum PolicyFlag { 39 ALLOW_PERSISTENCE = 1 << 0, 40 FORBID_PERSISTENCE = 1 << 1, 41 } PolicyFlag; 42 43 enum PolicyErrorCode { 44 PERSISTENCE_FORBIDDEN = 1, 45 INVALID_MODE = 2, 46 INVALID_PATH = 3, 47 PERMISSION_NOT_PERSISTED = 4, 48 }; 49 50 struct UriPolicyInfo { 51 string uri = ""; 52 uint32_t mode = OperationMode::READ_MODE; 53 }; 54 55 struct PathPolicyInfo { 56 string path = ""; 57 uint32_t mode = OperationMode::READ_MODE; 58 }; 59 60 struct PolicyErrorResult { 61 string uri = ""; 62 PolicyErrorCode code = PolicyErrorCode::PERSISTENCE_FORBIDDEN; 63 string message = ""; 64 }; 65 66 class FilePermission { 67 public: 68 static int32_t PersistPermission(const vector<UriPolicyInfo> &uriPolicies, 69 deque<struct PolicyErrorResult> &errorResults); 70 static int32_t RevokePermission(const vector<UriPolicyInfo> &uriPolicies, 71 deque<struct PolicyErrorResult> &errorResults); 72 static int32_t ActivatePermission(const vector<UriPolicyInfo> &uriPolicies, 73 deque<struct PolicyErrorResult> &errorResults); 74 static int32_t DeactivatePermission(const vector<UriPolicyInfo> &uriPolicies, 75 deque<struct PolicyErrorResult> &errorResults); 76 static int32_t CheckPersistentPermission(const vector<UriPolicyInfo> &uriPolicies, vector<bool> &errorResults); 77 static string GetPathByPermission(const std::string &permission); 78 #ifdef SANDBOX_MANAGER 79 private: 80 static void ParseErrorResults(const vector<uint32_t> &resultCodes, 81 const vector<PolicyInfo> &pathPolicies, 82 deque<struct PolicyErrorResult> &errorResults); 83 static void ParseErrorResults(const vector<bool> &resultCodes, vector<bool> &errorResults); 84 static vector<PolicyInfo> GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> &uriPolicies, 85 deque<struct PolicyErrorResult> &errorResults); 86 static vector<PolicyInfo> GetPathPolicyInfoFromUriPolicyInfo(const vector<UriPolicyInfo> &uriPolicies, 87 vector<bool> &errorResults); 88 static int32_t CheckUriPersistentPermission(uint32_t tokenId, 89 const vector<UriPolicyInfo> &uriPolicies, 90 vector<bool> &errorResults); 91 #endif 92 }; 93 } // namespace AppFileService 94 } // namespace OHOS 95 96 #endif