From d756426f782fa847a98c2b23ee1f35e06f9460af Mon Sep 17 00:00:00 2001
From: l00520400 <linshuqing2@huawei.com>
Date: Fri, 11 Mar 2022 16:50:15 +0800
Subject: [PATCH] auth

Signed-off-by: l00520400 <linshuqing2@huawei.com>
Change-Id: I57b0efe84249e47a3ffb68256800cd418a19eae0
Signed-off-by: l00520400 <linshuqing2@huawei.com>
---
 .../main/cpp/src/service/accesstoken_manager_stub.cpp       | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
index fe3f37809..bf92f5464 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
@@ -230,7 +230,8 @@ void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParc
 
 void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if ((!IsAuthorizedCalling()) && (this->GetTokenType(tokenCaller) != TOKEN_NATIVE)) {
         ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
@@ -272,7 +273,8 @@ void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessagePa
 
 void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply)
 {
-    if (!IsAuthorizedCalling()) {
+    AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID();
+    if ((!IsAuthorizedCalling()) && (this->GetTokenType(tokenCaller) != TOKEN_NATIVE)) {
         ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__);
         reply.WriteInt32(RET_FAILED);
         return;
-- 
Gitee