From 37264468dadc92825c751f7629079ff82df4dbd5 Mon Sep 17 00:00:00 2001 From: ligongshao Date: Tue, 20 May 2025 07:16:45 +0800 Subject: [PATCH] support create remove rename Signed-off-by: ligongshao --- .../file_share/include/file_permission.h | 7 ++- .../native/file_share/src/file_permission.cpp | 32 ++++++++++++- .../js/file_share/fileshare_n_exporter.cpp | 6 +++ .../kits/js/file_share/grant_permissions.cpp | 48 +++++++++++++++++++ .../kits/js/file_share/grant_permissions.h | 1 + .../js/file_share/grant_uri_permission.cpp | 6 +++ 6 files changed, 97 insertions(+), 3 deletions(-) diff --git a/interfaces/innerkits/native/file_share/include/file_permission.h b/interfaces/innerkits/native/file_share/include/file_permission.h index 71207fc03..b4073028d 100644 --- a/interfaces/innerkits/native/file_share/include/file_permission.h +++ b/interfaces/innerkits/native/file_share/include/file_permission.h @@ -33,6 +33,9 @@ constexpr const int32_t MAX_ARRAY_SIZE = 500; typedef enum OperationMode { READ_MODE = 1 << 0, WRITE_MODE = 1 << 1, + CREATE_MODE = 1 << 2, + DELETE_MODE = 1 << 3, + RENAME_MODE = 1 << 4, } OperationMode; typedef enum PolicyFlag { @@ -87,6 +90,8 @@ public: const vector &uriPolicies, int32_t policyType, vector &errorResults); + static int32_t GrantPermission(const vector &uriPolicies, const std::string &bundleName, + int32_t appCloneIndex, deque &errorResults); #ifdef SANDBOX_MANAGER private: static void ParseErrorResults(const vector &resultCodes, @@ -94,7 +99,7 @@ private: deque &errorResults); static void ParseErrorResults(const vector &resultCodes, vector &errorResults); static vector GetPathPolicyInfoFromUriPolicyInfo(const vector &uriPolicies, - deque &errorResults); + deque &errorResults, bool checkAccess = true); static vector GetPathPolicyInfoFromUriPolicyInfo(const vector &uriPolicies, vector &errorResults); static vector GetSandboxPolicyInfo(const vector &pathPolicies); diff --git a/interfaces/innerkits/native/file_share/src/file_permission.cpp b/interfaces/innerkits/native/file_share/src/file_permission.cpp index feaaa7cc3..ca15f6a4f 100644 --- a/interfaces/innerkits/native/file_share/src/file_permission.cpp +++ b/interfaces/innerkits/native/file_share/src/file_permission.cpp @@ -181,13 +181,13 @@ void FilePermission::ParseErrorResults(const vector &resultCodes, vector FilePermission::GetPathPolicyInfoFromUriPolicyInfo(const vector &uriPolicies, - deque &errorResults) + deque &errorResults, bool checkAccess) { vector pathPolicies; for (auto uriPolicy : uriPolicies) { AppFileService::ModuleFileUri::FileUri fileuri(uriPolicy.uri); string path = fileuri.GetRealPath(); - if (!CheckValidUri(uriPolicy.uri, path, true)) { + if (!CheckValidUri(uriPolicy.uri, path, checkAccess)) { LOGE("Not correct uri!"); PolicyErrorResult result = {uriPolicy.uri, PolicyErrorCode::INVALID_PATH, INVALID_PATH_MESSAGE}; errorResults.emplace_back(result); @@ -333,6 +333,34 @@ int32_t FilePermission::PersistPermission(const vector &uriPolici return errorCode; } +int32_t FilePermission::GrantPermission(const vector &uriPolicies, const std::string &bundleName, + int32_t appCloneIndex, deque &errorResults) +{ + int errorCode = 0; +#ifdef SANDBOX_MANAGER + if (uriPolicies.size() == 0 || uriPolicies.size() > MAX_ARRAY_SIZE) { + LOGE("The number of result codes exceeds the maximum"); + return FileManagement::LibN::E_PARAMS; + } + vector pathPolicies = GetPathPolicyInfoFromUriPolicyInfo(uriPolicies, errorResults, false); + if (pathPolicies.size() == 0) { + return EPERM; + } + vector resultCodes; + LOGI("GrantDecPermission size:%{public}zu bundleName:%{public}s appCloneIndex:%{public}d", + pathPolicies.size(), bundleName.c_str(), appCloneIndex); + + uint64_t policyFlag = 1; // support persistent + int32_t sandboxManagerErrorCode = SandboxManagerKit::SetPolicyByBundleName(bundleName, + appCloneIndex, pathPolicies, policyFlag, resultCodes); + errorCode = ErrorCodeConversion(sandboxManagerErrorCode, errorResults, resultCodes); + if (errorCode == EPERM) { + ParseErrorResults(resultCodes, pathPolicies, errorResults); + } +#endif + return errorCode; +} + int32_t FilePermission::RevokePermission(const vector &uriPolicies, deque &errorResults) { diff --git a/interfaces/kits/js/file_share/fileshare_n_exporter.cpp b/interfaces/kits/js/file_share/fileshare_n_exporter.cpp index 637701be7..972f4ff5c 100644 --- a/interfaces/kits/js/file_share/fileshare_n_exporter.cpp +++ b/interfaces/kits/js/file_share/fileshare_n_exporter.cpp @@ -70,6 +70,12 @@ void InitOperationMode(napi_env env, napi_value exports) NVal::CreateUint32(env, static_cast(OperationMode::READ_MODE)).val_), DECLARE_NAPI_STATIC_PROPERTY("WRITE_MODE", NVal::CreateUint32(env, static_cast(OperationMode::WRITE_MODE)).val_), + DECLARE_NAPI_STATIC_PROPERTY("CREATE_MODE", + NVal::CreateUint32(env, static_cast(OperationMode::CREATE_MODE)).val_), + DECLARE_NAPI_STATIC_PROPERTY("DELETE_MODE", + NVal::CreateUint32(env, static_cast(OperationMode::DELETE_MODE)).val_), + DECLARE_NAPI_STATIC_PROPERTY("RENAME_MODE", + NVal::CreateUint32(env, static_cast(OperationMode::RENAME_MODE)).val_), }; napi_value obj = nullptr; napi_status status = napi_create_object(env, &obj); diff --git a/interfaces/kits/js/file_share/grant_permissions.cpp b/interfaces/kits/js/file_share/grant_permissions.cpp index 1838702b4..742232580 100644 --- a/interfaces/kits/js/file_share/grant_permissions.cpp +++ b/interfaces/kits/js/file_share/grant_permissions.cpp @@ -508,6 +508,54 @@ napi_value CheckPathPermission(napi_env env, napi_callback_info info) return NAsyncWorkPromise(env, thisVar).Schedule(procedureName, cbExec, cbCompl).val_; } +napi_value GrantDecUriPermission(napi_env env, FileManagement::LibN::NFuncArg &funcArg) +{ + LOGI("GrantDecUriPermission"); + std::vector uriPolicies; + if (GetUriPoliciesArg(env, funcArg[NARG_POS::FIRST], uriPolicies) != napi_ok) { + NError(E_PARAMS).ThrowErr(env); + return nullptr; + } + + auto [succBundleName, bundleName, lenBundleName] = NVal(env, funcArg[NARG_POS::SECOND]).ToUTF8String(); + if (!succBundleName) { + LOGE("FileShare::GetJSArgs get bundleName parameter failed!"); + NError(EINVAL).ThrowErr(env); + return nullptr; + } + std::string targetBundleName = string(bundleName.get()); + + auto [succAppCloneIndex, appCloneIndex] = NVal(env, funcArg[NARG_POS::THIRD]).ToInt32(); + + shared_ptr arg = make_shared(); + if (arg == nullptr) { + LOGE("Make_shared is failed"); + std::tuple errInfo = + std::make_tuple(E_UNKNOWN_ERROR, "Out of memory, execute make_shared function failed"); + ErrParam errorParam = [errInfo]() { return errInfo; }; + NError(errorParam).ThrowErr(env); + return nullptr; + } + auto cbExec = [uriPolicies, targetBundleName, appCloneIndex {move(appCloneIndex)}, arg]() -> NError { + arg->errNo = FilePermission::GrantPermission(uriPolicies, targetBundleName, appCloneIndex, arg->errorResults); + return NError(arg->errNo); + }; + auto cbCompl = [arg](napi_env env, NError err) -> NVal { + if (err) { + if (arg->errNo == EPERM) { + napi_value data = err.GetNapiErr(env); + napi_set_named_property(env, data, FILEIO_TAG_ERR_DATA.c_str(), GetErrData(env, arg->errorResults)); + return NVal(env, data); + } + return {env, err.GetNapiErr(env)}; + } + return NVal::CreateUndefined(env); + }; + const string procedureName = "grant_permission"; + NVal thisVar(env, funcArg.GetThisVar()); + return NAsyncWorkPromise(env, thisVar).Schedule(procedureName, cbExec, cbCompl).val_; +} + } // namespace ModuleFileShare } // namespace AppFileService } // namespace OHOS diff --git a/interfaces/kits/js/file_share/grant_permissions.h b/interfaces/kits/js/file_share/grant_permissions.h index 9e3b690c7..3d3b4dce2 100644 --- a/interfaces/kits/js/file_share/grant_permissions.h +++ b/interfaces/kits/js/file_share/grant_permissions.h @@ -32,6 +32,7 @@ napi_value ActivatePermission(napi_env env, napi_callback_info info); napi_value DeactivatePermission(napi_env env, napi_callback_info info); napi_value CheckPersistentPermission(napi_env env, napi_callback_info info); napi_value CheckPathPermission(napi_env env, napi_callback_info info); +napi_value GrantDecUriPermission(napi_env env, FileManagement::LibN::NFuncArg &funcArg); struct PolicyErrorArgs { deque errorResults; diff --git a/interfaces/kits/js/file_share/grant_uri_permission.cpp b/interfaces/kits/js/file_share/grant_uri_permission.cpp index 34fc2b20f..453537b13 100644 --- a/interfaces/kits/js/file_share/grant_uri_permission.cpp +++ b/interfaces/kits/js/file_share/grant_uri_permission.cpp @@ -17,6 +17,7 @@ #include "ability.h" #include "datashare_helper.h" #include "datashare_values_bucket.h" +#include "grant_permissions.h" #include "ipc_skeleton.h" #include "log.h" #include "remote_uri.h" @@ -255,6 +256,11 @@ namespace ModuleFileShare { return nullptr; } + if (!NVal(env, funcArg[NARG_POS::FIRST]).TypeIs(napi_string)) { + LOGI("is grant dec permissions."); + return GrantDecUriPermission(env, funcArg); + } + UriPermissionInfo uriPermInfo; bool result = GetJSArgs(env, funcArg, uriPermInfo); if (!result) { -- Gitee