From 226d579e66302535283b753bd1dcdae4dcbaf858 Mon Sep 17 00:00:00 2001 From: lsq Date: Fri, 7 Jan 2022 17:10:23 +0800 Subject: [PATCH 01/51] update access_token Signed-off-by: lsq --- BUILD.gn | 36 +- README.md | 4 +- config/base/string.json | 436 ++++++++++ config/config.json | 770 ++++++++++++++++++ config/zh_CN/string.json | 428 ++++++++++ frameworks/accesstoken/BUILD.gn | 52 ++ .../accesstoken/include/hap_info_parcel.h | 40 + .../accesstoken/include/hap_policy_parcel.h | 41 + .../include/hap_token_info_parcel.h | 40 + .../include/i_accesstoken_manager.h | 85 ++ .../include/native_token_info_parcel.h | 40 + .../include/permission_def_parcel.h | 39 + .../include/permission_state_full_parcel.h | 39 + .../accesstoken/src/hap_info_parcel.cpp | 55 ++ .../accesstoken/src/hap_policy_parcel.cpp | 92 +++ .../accesstoken/src/hap_token_info_parcel.cpp | 68 ++ .../src/native_token_info_parcel.cpp | 77 ++ .../accesstoken/src/permission_def_parcel.cpp | 62 ++ .../src/permission_state_full_parcel.cpp | 90 ++ frameworks/common/BUILD.gn | 49 ++ frameworks/common/include/accesstoken_log.h | 63 ++ frameworks/common/include/data_validator.h | 42 + frameworks/common/include/random.h | 32 + frameworks/common/include/random_mbedtls.h | 43 + frameworks/common/src/data_validator.cpp | 53 ++ frameworks/common/src/random_mbedtls.cpp | 67 ++ .../tokensync/include/i_tokensync_manager.h | 43 + interfaces/innerkits/accesstoken/BUILD.gn | 12 +- .../main/cpp/include/access_token.h | 82 ++ .../main/cpp/include/accesstoken_kit.h | 89 +- .../main/cpp/include/hap_token_info.h | 59 ++ .../main/cpp/include/native_token_info.h | 38 + .../main/cpp/include/permission_def.h | 39 + .../main/cpp/include/permission_state_full.h | 36 + .../main/cpp/src/accesstoken_kit.cpp | 213 ++++- .../cpp/src/accesstoken_manager_client.cpp | 221 ++++- .../main/cpp/src/accesstoken_manager_client.h | 28 +- .../cpp/src/accesstoken_manager_proxy.cpp | 549 ++++++++++++- .../main/cpp/src/accesstoken_manager_proxy.h | 31 +- .../innerkits/accesstoken/test/BUILD.gn | 3 +- .../unittest/cpp/src/accesstoken_kit_test.cpp | 279 ++++++- .../unittest/cpp/src/accesstoken_kit_test.h | 8 + interfaces/innerkits/atlib/BUILD.gn | 55 ++ .../atlib/main/include/accesstoken_lib.h | 91 +++ .../atlib/main/include/accesstoken_log.h | 49 ++ .../atlib/main/include/accesstokenlib_kit.h | 35 + .../atlib/main/src/accesstoken_lib.c | 514 ++++++++++++ interfaces/innerkits/atlib/test/BUILD.gn | 44 + .../cpp/src/accesstokenlib_kit_test.cpp | 123 +++ .../cpp/src/accesstokenlib_kit_test.h | 36 + interfaces/innerkits/tokensync/BUILD.gn | 64 ++ .../main/cpp/include/tokensync_kit.h | 33 + .../tokensync/main/cpp/src/tokensync_kit.cpp | 42 + .../main/cpp/src/tokensync_manager_client.cpp | 76 ++ .../main/cpp/src/tokensync_manager_client.h | 46 ++ .../main/cpp/src/tokensync_manager_proxy.cpp | 74 ++ .../main/cpp/src/tokensync_manager_proxy.h | 41 + interfaces/innerkits/tokensync/test/BUILD.gn | 42 + .../unittest/cpp/src/tokensync_kit_test.cpp | 52 ++ .../unittest/cpp/src/tokensync_kit_test.h | 37 + ohos.build | 7 +- services/accesstokenmanager/BUILD.gn | 78 ++ services/accesstokenmanager/access_token.cfg | 17 + services/accesstokenmanager/access_token.rc | 22 + .../main/cpp/include/database/data_storage.h | 54 ++ .../cpp/include/database/data_translator.h | 40 + .../main/cpp/include/database/field_const.h | 48 ++ .../cpp/include/database/generic_values.h | 53 ++ .../main/cpp/include/database/sqlite_helper.h | 62 ++ .../cpp/include/database/sqlite_storage.h | 88 ++ .../main/cpp/include/database/statement.h | 57 ++ .../main/cpp/include/database/variant_value.h | 52 ++ .../permission/permission_definition_cache.h | 66 ++ .../include/permission/permission_manager.h | 69 ++ .../permission/permission_policy_set.h | 62 ++ .../include/permission/permission_validator.h | 47 ++ .../service/accesstoken_manager_service.h | 69 ++ .../service/accesstoken_manager_stub.h | 66 ++ .../include/token/accesstoken_id_manager.h | 54 ++ .../include/token/accesstoken_info_manager.h | 83 ++ .../cpp/include/token/hap_token_info_inner.h | 74 ++ .../include/token/native_token_info_inner.h | 69 ++ .../main/cpp/src/database/data_storage.cpp | 29 + .../main/cpp/src/database/data_translator.cpp | 79 ++ .../main/cpp/src/database/generic_values.cpp | 73 ++ .../main/cpp/src/database/sqlite_helper.cpp | 188 +++++ .../main/cpp/src/database/sqlite_storage.cpp | 368 +++++++++ .../main/cpp/src/database/statement.cpp | 125 +++ .../main/cpp/src/database/variant_value.cpp | 61 ++ .../permission_definition_cache.cpp | 109 +++ .../cpp/src/permission/permission_manager.cpp | 304 +++++++ .../src/permission/permission_policy_set.cpp | 236 ++++++ .../src/permission/permission_validator.cpp | 140 ++++ .../service/accesstoken_manager_service.cpp | 246 ++++++ .../src/service/accesstoken_manager_stub.cpp | 334 ++++++++ .../cpp/src/token/accesstoken_id_manager.cpp | 116 +++ .../src/token/accesstoken_info_manager.cpp | 543 ++++++++++++ .../cpp/src/token/hap_token_info_inner.cpp | 181 ++++ .../cpp/src/token/native_token_info_inner.cpp | 184 +++++ .../main/sa_profile/3503.xml | 24 + .../main/sa_profile/BUILD.gn | 20 + services/accesstokenmanager/test/BUILD.gn | 53 ++ .../cpp/src/accesstoken_info_manager_test.cpp | 240 ++++++ .../cpp/src/accesstoken_info_manager_test.h | 37 + services/tokensyncmanager/BUILD.gn | 48 ++ .../main/cpp/tokensync_manager_service.cpp | 78 ++ .../main/cpp/tokensync_manager_service.h | 49 ++ .../main/cpp/tokensync_manager_stub.cpp | 59 ++ .../main/cpp/tokensync_manager_stub.h | 40 + .../tokensyncmanager/main/sa_profile/3504.xml | 24 + .../tokensyncmanager/main/sa_profile/BUILD.gn | 22 + 111 files changed, 11161 insertions(+), 113 deletions(-) create mode 100644 config/base/string.json create mode 100644 config/config.json create mode 100644 config/zh_CN/string.json create mode 100644 frameworks/accesstoken/BUILD.gn create mode 100644 frameworks/accesstoken/include/hap_info_parcel.h create mode 100644 frameworks/accesstoken/include/hap_policy_parcel.h create mode 100644 frameworks/accesstoken/include/hap_token_info_parcel.h create mode 100644 frameworks/accesstoken/include/i_accesstoken_manager.h create mode 100644 frameworks/accesstoken/include/native_token_info_parcel.h create mode 100644 frameworks/accesstoken/include/permission_def_parcel.h create mode 100644 frameworks/accesstoken/include/permission_state_full_parcel.h create mode 100644 frameworks/accesstoken/src/hap_info_parcel.cpp create mode 100644 frameworks/accesstoken/src/hap_policy_parcel.cpp create mode 100644 frameworks/accesstoken/src/hap_token_info_parcel.cpp create mode 100644 frameworks/accesstoken/src/native_token_info_parcel.cpp create mode 100644 frameworks/accesstoken/src/permission_def_parcel.cpp create mode 100644 frameworks/accesstoken/src/permission_state_full_parcel.cpp create mode 100644 frameworks/common/BUILD.gn create mode 100644 frameworks/common/include/accesstoken_log.h create mode 100644 frameworks/common/include/data_validator.h create mode 100644 frameworks/common/include/random.h create mode 100644 frameworks/common/include/random_mbedtls.h create mode 100644 frameworks/common/src/data_validator.cpp create mode 100644 frameworks/common/src/random_mbedtls.cpp create mode 100644 frameworks/tokensync/include/i_tokensync_manager.h create mode 100644 interfaces/innerkits/accesstoken/main/cpp/include/access_token.h create mode 100644 interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h create mode 100644 interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h create mode 100644 interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h create mode 100644 interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h create mode 100644 interfaces/innerkits/atlib/BUILD.gn create mode 100644 interfaces/innerkits/atlib/main/include/accesstoken_lib.h create mode 100644 interfaces/innerkits/atlib/main/include/accesstoken_log.h create mode 100644 interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h create mode 100644 interfaces/innerkits/atlib/main/src/accesstoken_lib.c create mode 100644 interfaces/innerkits/atlib/test/BUILD.gn create mode 100644 interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp create mode 100644 interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h create mode 100644 interfaces/innerkits/tokensync/BUILD.gn create mode 100644 interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h create mode 100644 interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp create mode 100644 interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp create mode 100644 interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h create mode 100644 interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp create mode 100644 interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h create mode 100644 interfaces/innerkits/tokensync/test/BUILD.gn create mode 100644 interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp create mode 100644 interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h create mode 100644 services/accesstokenmanager/BUILD.gn create mode 100644 services/accesstokenmanager/access_token.cfg create mode 100644 services/accesstokenmanager/access_token.rc create mode 100644 services/accesstokenmanager/main/cpp/include/database/data_storage.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/data_translator.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/field_const.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/generic_values.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/sqlite_helper.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/sqlite_storage.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/statement.h create mode 100644 services/accesstokenmanager/main/cpp/include/database/variant_value.h create mode 100644 services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h create mode 100644 services/accesstokenmanager/main/cpp/include/permission/permission_manager.h create mode 100644 services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h create mode 100644 services/accesstokenmanager/main/cpp/include/permission/permission_validator.h create mode 100644 services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h create mode 100644 services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h create mode 100644 services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h create mode 100644 services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h create mode 100644 services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h create mode 100644 services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h create mode 100644 services/accesstokenmanager/main/cpp/src/database/data_storage.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/data_translator.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/generic_values.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/statement.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/database/variant_value.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp create mode 100644 services/accesstokenmanager/main/sa_profile/3503.xml create mode 100644 services/accesstokenmanager/main/sa_profile/BUILD.gn create mode 100644 services/accesstokenmanager/test/BUILD.gn create mode 100644 services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp create mode 100644 services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h create mode 100644 services/tokensyncmanager/BUILD.gn create mode 100644 services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp create mode 100644 services/tokensyncmanager/main/cpp/tokensync_manager_service.h create mode 100644 services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp create mode 100644 services/tokensyncmanager/main/cpp/tokensync_manager_stub.h create mode 100644 services/tokensyncmanager/main/sa_profile/3504.xml create mode 100644 services/tokensyncmanager/main/sa_profile/BUILD.gn diff --git a/BUILD.gn b/BUILD.gn index 4e262743d..c26997082 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -11,24 +11,50 @@ # See the License for the specific language governing permissions and # limitations under the License. +#import("//base/security/permission/permission.gni") import("//build/ohos.gni") -group("accesstoken_build_module_standard") { +group("accesstoken_build_module") { if (is_standard_system) { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "//base/security/access_token/services/accesstoken:accesstoken_manager_service", - "//base/security/access_token/services/accesstoken/main/sa_profile:accesstoken_sa_profile_standard", + "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", + "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", + "//base/security/access_token/services/accesstokenmanager/main/sa_profile:accesstoken_sa_profile_standard", ] } } -group("accesstoken_build_module_standard_test") { +group("tokensync_build_module") { + if (is_standard_system) { + deps = [ + "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", + "//base/security/access_token/services/tokensyncmanager:tokensync_manager_service", + "//base/security/access_token/services/tokensyncmanager/main/sa_profile:tokensync_sa_profile_standard", + ] + } +} + +group("accesstoken_build_module_test") { testonly = true deps = [] if (is_standard_system) { deps += [ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/atlib/test:unittest", + "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", + "//base/security/access_token/services/accesstokenmanager/test:unittest", ] } -} \ No newline at end of file +} + +#group("distributed_permission") { +# if (is_standard_system) { +# deps = [ +# "${distributed_permission_innerkits_distributed_path}:distributed_permission_innerkits", +# "${distributed_permission_record_database_path}:permission_standard_infrastructure_record_database", +# "${distributed_permission_services_path}:distributed_permission_services", +# "${distributed_permission_services_path}/main/sa_profile:distributed_permission_sa_profile_standard", +# ] +# } +#} diff --git a/README.md b/README.md index 9d2b06ed3..616187854 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ - [接口说明](#section1551164914237) - [使用说明](#section129654513264) -- [相关仓](#section1371113476307) +- [相关仓](#section1371113476307) ## 简介 @@ -24,7 +24,7 @@ ATM模块主要提供如下功能: ## 目录 ``` -/base/security/access_token +/base/security/access_token ├── frameworks # 框架层,作为基础功能目录,被interfaces和services使用 │ ├── accesstoken # Accesstoken管理框架代码实现 │ ├── tokensync # Accesstoken信息同步框架代码实现 diff --git a/config/base/string.json b/config/base/string.json new file mode 100644 index 000000000..cd352ad63 --- /dev/null +++ b/config/base/string.json @@ -0,0 +1,436 @@ +{ + "string": [ + { + "name": "ohos_id_text_font_family_regular", + "value": "sans-serif" + }, + { + "name": "ohos_id_text_font_family_medium", + "value": "HwChinese-medium" + }, + { + "name": "ohos_lab_answer_call", + "value": "Answer phone calls" + }, + { + "name": "ohos_desc_answer_call", + "value": "Allows an application to answer incoming calls." + }, + { + "name": "ohos_lab_internet", + "value": "Access Internet" + }, + { + "name": "ohos_desc_internet", + "value": "Allows an application to access the Internet." + }, + { + "name": "ohos_lab_modify_audio_settings", + "value": "Play audio" + }, + { + "name": "ohos_desc_modify_audio_settings", + "value": "Allows an application to enable or disable the audio playback channel." + }, + { + "name": "ohos_lab_read_calendar", + "value": "Read calendar information" + }, + { + "name": "ohos_desc_read_calendar", + "value": "Allows an application to read calendar information." + }, + { + "name": "ohos_lab_read_call_log", + "value": "Read call logs" + }, + { + "name": "ohos_desc_read_call_log", + "value": "Allows an application to read call logs." + }, + { + "name": "ohos_lab_read_cell_messages", + "value": "Read cell broadcast messages" + }, + { + "name": "ohos_desc_read_cell_messages", + "value": "Allows an application to read cell broadcast messages received by the device." + }, + { + "name": "ohos_lab_read_contacts", + "value": "Read Contacts" + }, + { + "name": "ohos_desc_read_contacts", + "value": "Allows an application to read Contacts." + }, + { + "name": "ohos_lab_get_telephony_state", + "value": "Read telephony information" + }, + { + "name": "ohos_desc_get_telephony_state", + "value": "Allows an application to access telephony information, including the phone number, device ID, voice mailbox, IMEI, and ICCID." + }, + { + "name": "ohos_lab_read_messages", + "value": "Read SMS/MMS messages" + }, + { + "name": "ohos_desc_read_messages", + "value": "Allows an application to read SMS/MMS messages." + }, + { + "name": "ohos_lab_receive_mms", + "value": "Receive MMS messages" + }, + { + "name": "ohos_desc_receive_mms", + "value": "Allows an application to receive MMS messages." + }, + { + "name": "ohos_lab_receive_sms", + "value": "Receive SMS messages" + }, + { + "name": "ohos_desc_receive_sms", + "value": "Allows an application to receive SMS messages." + }, + { + "name": "ohos_lab_receive_wap_messages", + "value": "Receive WAP messages" + }, + { + "name": "ohos_desc_receive_wap_messages", + "value": "Allows an application to receive WAP messages." + }, + { + "name": "ohos_lab_microphone", + "value": "Record audio" + }, + { + "name": "ohos_desc_microphone", + "value": "Allows an application to enable or disable the audio recording channel." + }, + { + "name": "ohos_lab_send_messages", + "value": "Send SMS/MMS messages" + }, + { + "name": "ohos_desc_send_messages", + "value": "Allows an application to send SMS/MMS messages." + }, + { + "name": "ohos_lab_write_calendar", + "value": "Add/Modify/Delete calendar events" + }, + { + "name": "ohos_desc_write_calendar", + "value": "Allows an application to add, modify, and delete calendar events." + }, + { + "name": "ohos_lab_write_call_log", + "value": "Add/Modify/Delete call logs" + }, + { + "name": "ohos_desc_write_call_log", + "value": "Allows an application to add, modify, and delete call logs." + }, + { + "name": "ohos_lab_write_contacts", + "value": "Add/Modify/Delete Contacts" + }, + { + "name": "ohos_desc_write_contacts", + "value": "Allows an application to add, modify, and delete Contacts." + }, + { + "name": "ohos_lab_distributed_datasync", + "value": "Obtain the device location" + }, + { + "name": "ohos_desc_distributed_datasync", + "value": "Allows a background application to obtain the device location." + }, + { + "name": "ohos_lab_manage_voicemail", + "value": "Manage the voice mailbox" + }, + { + "name": "ohos_desc_manage_voicemail", + "value": "Allows an application to manage the voice mailbox." + }, + { + "name": "ohos_lab_location_in_background", + "value": "Obtain the device location" + }, + { + "name": "ohos_desc_location_in_background", + "value": "Allows a background application to obtain the device location." + }, + { + "name": "ohos_lab_location", + "value": "Obtain the device location" + }, + { + "name": "ohos_desc_location", + "value": "Allows a foreground application to obtain the device location." + }, + { + "name": "ohos_lab_media_location", + "value": "Access location information" + }, + { + "name": "ohos_desc_media_location", + "value": "Allows an application to read the location where a photo is taken, such as the longitude and latitude." + }, + { + "name": "ohos_lab_get_network_info", + "value": "Read network information" + }, + { + "name": "ohos_desc_get_network_info", + "value": "Allows an application to obtain network information." + }, + { + "name": "ohos_lab_place_call", + "value": "Make calls" + }, + { + "name": "ohos_desc_place_call", + "value": "Allows an application to make calls without starting the dialer." + }, + { + "name": "ohos_lab_camera", + "value": "Take photos or shoot videos" + }, + { + "name": "ohos_desc_camera", + "value": "Allows an application to take photos and shoot videos." + }, + { + "name": "ohos_lab_set_network_info", + "value": "Set data network" + }, + { + "name": "ohos_desc_set_network_info", + "value": "Allows an application to set data network information." + }, + { + "name": "ohos_lab_read_media", + "value": "Read media files" + }, + { + "name": "ohos_desc_read_media", + "value": "Allows an application to read media files, such as video and audio clips and images." + }, + { + "name": "ohos_lab_write_media", + "value": "Read and write media files" + }, + { + "name": "ohos_desc_write_media", + "value": "Allows an application to read and write media files, such as video and audio clips and images." + }, + { + "name": "ohos_lab_distributed_virtualdevice", + "value": "Discover devices for multi-device collaboration" + }, + { + "name": "ohos_desc_distributed_virtualdevice", + "value": "Allows an application to discover and access other devices in multi-device collaboration." + }, + { + "name": "ohos_lab_enroll_biometric", + "value": "Manage biological features" + }, + { + "name": "ohos_desc_enroll_biometric", + "value": "Allows an application to manage biometrical features." + }, + { + "name": "ohos_lab_access_biometric", + "value": "Biometric feature authentication" + }, + { + "name": "ohos_desc_access_biometric", + "value": "Allows an application to use biometric features for authentication." + }, + { + "name": "ohos_lab_access_biometric_internal", + "value": "Biometric feature authentication for system applications" + }, + { + "name": "ohos_desc_access_biometric_internal", + "value": "Allows a system application to use biometric features for authentication." + }, + { + "name": "ohos_lab_reset_biometric_lockout", + "value": "Reset the upper limit for biometric feature authentication failures" + }, + { + "name": "ohos_desc_reset_biometric_lockout", + "value": "Allows an application to reset the maximum number of failures allowed before biometric feature authentication is locked." + }, + { + "name": "ohos_lab_set_time", + "value": "Set the system time" + }, + { + "name": "ohos_desc_set_time", + "value": "Allows an application to set the system time." + }, + { + "name": "ohos_lab_set_time_zone", + "value": "Set the system time zone" + }, + { + "name": "ohos_desc_set_time_zone", + "value": "Allows an application to set the system time zone." + }, + { + "name": "ohos_lab_download_session_manager", + "value": "Manage download sessions" + }, + { + "name": "ohos_desc_download_session_manager", + "value": "Allows an application to manage download sessions." + }, + { + "name": "ohos_lab_commonevent_sticky", + "value": "Sticky common events" + }, + { + "name": "ohos_desc_commonevent_sticky", + "value": "Allows an application to publish sticky common events." + }, + { + "name": "ohos_lab_manage_local_accounts", + "value": "Manage local accounts" + }, + { + "name": "ohos_desc_manage_local_accounts", + "value": "Allows an application to add, delete, modify, and query local accounts." + }, + { + "name": "ohos_lab_interact_across_local_accounts", + "value": "Multi-account mutual access" + }, + { + "name": "ohos_desc_interact_across_local_accounts", + "value": "Allows an application to access accounts of other applications." + }, + { + "name": "ohos_lab_vibrate", + "value": "Vibrate" + }, + { + "name": "ohos_desc_vibrate", + "value": "Allows an application to use the vibrator." + }, + { + "name": "ohos_lab_activity_motion", + "value": "Read workout status" + }, + { + "name": "ohos_desc_activity_motion", + "value": "Allows an application to read the workout status of the user." + }, + { + "name": "ohos_lab_read_health_data", + "value": "Read health data" + }, + { + "name": "ohos_desc_read_health_data", + "value": "Allows an application to read the health data of the user." + }, + { + "name": "ohos_lab_connect_ime_ability", + "value": "Bind to the input method framework" + }, + { + "name": "ohos_desc_connect_ime_ability", + "value": "Allows an application to be invoked by the input method framework." + }, + { + "name": "ohos_lab_set_wallpaper", + "value": "Set static wallpapers" + }, + { + "name": "ohos_desc_set_wallpaper", + "value": "Allows an application to set a static wallpaper." + }, + { + "name": "ohos_lab_get_wallpaper", + "value": "Read wallpaper files" + }, + { + "name": "ohos_desc_get_wallpaper", + "value": "Allows an application to read wallpaper files." + }, + { + "name": "ohos_lab_interact_across_local_accounts_extension", + "value": "Multi-account access extension" + }, + { + "name": "ohos_desc_interact_across_local_accounts_extension", + "value": "Allows an application to set the attributes of applications of other users." + }, + { + "name": "ohos_lab_accelerometer", + "value": "Read acceleration sensor data" + }, + { + "name": "ohos_desc_accelerometer", + "value": "Allows an application to read data from an acceleration sensor." + }, + { + "name": "ohos_lab_gyroscope", + "value": "Read gyroscope sensor data" + }, + { + "name": "ohos_desc_gyroscope", + "value": "Allows an application to read data from a gyroscope sensor." + }, + { + "name": "ohos_lab_set_telephony_state", + "value": "Set telephony state" + }, + { + "name": "ohos_desc_set_telephony_state", + "value": "Allows an application to set the telephony state, for example, to enable or disable the airplane mode, and change the network mode." + }, + { + "name": "ohos_lab_bundle_active_info", + "value": "Query application running time" + }, + { + "name": "ohos_desc_bundle_active_info", + "value": "Allows a system application or privileged application to obtain how long other applications have been running in the foreground or background." + }, + { + "name": "ohos_lab_publish_agent_reminder", + "value": "Agent-powered reminder" + }, + { + "name": "ohos_desc_publish_agent_reminder", + "value": "Allows an application to use agent-powered reminders." + }, + { + "name": "ohos_lab_control_task_sync_animator", + "value": "Sync task animation" + }, + { + "name": "ohos_desc_control_task_sync_animator", + "value": "Allows an application to use sync task animations." + }, + { + "name": "ohos_lab_notification_controller", + "value": "System interfaces" + }, + { + "name": "ohos_desc_notification_controller", + "value": "Allows an application to use notification management interfaces." + } + ] +} \ No newline at end of file diff --git a/config/config.json b/config/config.json new file mode 100644 index 000000000..a3737ed91 --- /dev/null +++ b/config/config.json @@ -0,0 +1,770 @@ +{ + "app": { + "bundleName": "ohos.global.systemres", + "vendor": "ohos", + "version": { + "code": 1, + "name": "1.0.0.1" + }, + "apiVersion": { + "compatible": 3, + "target": 3 + } + }, + "deviceConfig": { + "default": { + } + }, + "module": { + "package": "ohos.global.systemres", + "deviceType": [ + "default", + "tv", + "car", + "wearable" + ], + "distro": { + "deliveryWithInstall": true, + "moduleName": "entry", + "moduleType": "entry" + }, + "definePermissions": [ + { + "name": "ohos.permission.ANSWER_CALL", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_answer_call", + "description": "$string:ohos_desc_answer_call" + }, + { + "name": "ohos.permission.USE_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.DISCOVER_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INTERNET", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_internet", + "description": "$string:ohos_desc_internet" + }, + { + "name": "ohos.permission.MODIFY_AUDIO_SETTINGS", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_modify_audio_settings", + "description": "$string:ohos_desc_modify_audio_settings" + }, + { + "name": "ohos.permission.READ_CALENDAR", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_calendar", + "description": "$string:ohos_desc_read_calendar" + }, + { + "name": "ohos.permission.READ_CALL_LOG", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_call_log", + "description": "$string:ohos_desc_read_call_log" + }, + { + "name": "ohos.permission.READ_CELL_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_cell_messages", + "description": "$string:ohos_desc_read_cell_messages" + }, + { + "name": "ohos.permission.READ_CONTACTS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_contacts", + "description": "$string:ohos_desc_read_contacts" + }, + { + "name": "ohos.permission.GET_TELEPHONY_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_telephony_state", + "description": "$string:ohos_desc_get_telephony_state" + }, + { + "name": "ohos.permission.READ_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_messages", + "description": "$string:ohos_desc_read_messages" + }, + { + "name": "ohos.permission.RECEIVE_MMS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_mms", + "description": "$string:ohos_desc_receive_mms" + }, + { + "name": "ohos.permission.RECEIVE_SMS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_sms", + "description": "$string:ohos_desc_receive_sms" + }, + { + "name": "ohos.permission.RECEIVE_WAP_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_wap_messages", + "description": "$string:ohos_desc_receive_wap_messages" + }, + { + "name": "ohos.permission.MICROPHONE", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_microphone", + "description": "$string:ohos_desc_microphone" + }, + { + "name": "ohos.permission.SEND_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_send_messages", + "description": "$string:ohos_desc_send_messages" + }, + { + "name": "ohos.permission.WRITE_CALENDAR", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_calendar", + "description": "$string:ohos_desc_write_calendar" + }, + { + "name": "ohos.permission.WRITE_CALL_LOG", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_call_log", + "description": "$string:ohos_desc_write_call_log" + }, + { + "name": "ohos.permission.WRITE_CONTACTS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_contacts", + "description": "$string:ohos_desc_write_contacts" + }, + { + "name": "ohos.permission.DISTRIBUTED_DATASYNC", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_distributed_datasync", + "description": "$string:ohos_desc_distributed_datasync" + }, + { + "name": "ohos.permission.MANAGE_VOICEMAIL", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_manage_voicemail", + "description": "$string:ohos_desc_manage_voicemail" + }, + { + "name": "ohos.permission.REQUIRE_FORM", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.LOCATION_IN_BACKGROUND", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_location_in_background", + "description": "$string:ohos_desc_location_in_background" + }, + { + "name": "ohos.permission.LOCATION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_location", + "description": "$string:ohos_desc_location" + }, + { + "name": "ohos.permission.MEDIA_LOCATION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_media_location", + "description": "$string:ohos_desc_media_location" + }, + { + "name": "ohos.permission.GET_NETWORK_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_network_info", + "description": "$string:ohos_desc_get_network_info" + }, + { + "name": "ohos.permission.PLACE_CALL", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_place_call", + "description": "$string:ohos_desc_place_call" + }, + { + "name": "ohos.permission.CAMERA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_camera", + "description": "$string:ohos_desc_camera" + }, + { + "name": "ohos.permission.SET_NETWORK_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_network_info", + "description": "$string:ohos_desc_set_network_info" + }, + { + "name": "ohos.permission.REMOVE_CACHE_FILES", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.READ_MEDIA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_read_media", + "description": "$string:ohos_desc_read_media" + }, + { + "name": "ohos.permission.REBOOT", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.RUNNING_LOCK", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.WRITE_MEDIA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_write_media", + "description": "$string:ohos_desc_write_media" + }, + { + "name": "com.huawei.permission.DISTRIBUTED_VIRTUALDEVICE", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_distributed_virtualdevice", + "description": "$string:ohos_desc_distributed_virtualdevice" + }, + { + "name": "ohos.permission.ENROLL_BIOMETRIC", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_enroll_biometric", + "description": "$string:ohos_desc_enroll_biometric" + }, + { + "name": "ohos.permission.ACCESS_BIOMETRIC", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_access_biometric", + "description": "$string:ohos_desc_access_biometric" + }, + { + "name": "ohos.permission.ACCESS_BIOMETRIC_INTERNAL", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_access_biometric_internal", + "description": "$string:ohos_desc_access_biometric_internal" + }, + { + "name": "ohos.permission.RESET_BIOMETRIC_LOCKOUT", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_reset_biometric_lockout", + "description": "$string:ohos_desc_reset_biometric_lockout" + }, + { + "name": "ohos.permission.SET_TIME", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_time", + "description": "$string:ohos_desc_set_time" + }, + { + "name": "ohos.permission.SET_TIME_ZONE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_time_zone", + "description": "$string:ohos_desc_set_time_zone" + }, + { + "name": "ohos.permission.DOWNLOAD_SESSION_MANAGER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_download_session_manager", + "description": "$string:ohos_desc_download_session_manager" + }, + { + "name": "ohos.permission.COMMONEVENT_STICKY", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_commonevent_sticky", + "description": "$string:ohos_desc_commonevent_sticky" + }, + { + "name": "ohos.permission.SYSTEM_FLOAT_WINDOW", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.POWER_MANAGER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REFRESH_USER_ACTION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.POWER_OPTIMIZATION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REBOOT_RECOVERY", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_LOCAL_ACCOUNTS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_manage_local_accounts", + "description": "$string:ohos_desc_manage_local_accounts" + }, + { + "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_interact_across_local_accounts", + "description": "$string:ohos_desc_interact_across_local_accounts" + }, + { + "name": "ohos.permission.VIBRATE", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_vibrate", + "description": "$string:ohos_desc_vibrate" + }, + { + "name": "ohos.permission.ACTIVITY_MOTION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_activity_motion", + "description": "$string:ohos_desc_activity_motion" + }, + { + "name": "ohos.permission.READ_HEALTH_DATA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_health_data", + "description": "$string:ohos_desc_read_health_data" + }, + { + "name": "ohos.permission.CONNECT_IME_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_connect_ime_ability", + "description": "$string:ohos_desc_connect_ime_ability" + }, + { + "name": "ohos.permission.CONNECT_SCREEN_SAVER_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.READ_SCREEN_SAVER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.WRITE_SCREEN_SAVER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SET_WALLPAPER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_wallpaper", + "description": "$string:ohos_desc_set_wallpaper" + }, + { + "name": "ohos.permission.GET_WALLPAPER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_wallpaper", + "description": "$string:ohos_desc_get_wallpaper" + }, + { + "name": "ohos.permission.CHANGE_ABILITY_ENABLED_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCESS_MISSIONS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.KEEP_BACKGROUND_RUNNING", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.UPDATE_CONFIGURATION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_interact_across_local_accounts_extension", + "description": "$string:ohos_desc_interact_across_local_accounts_extension" + }, + { + "name": "ohos.permission.LISTEN_BUNDLE_CHANGE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCELEROMETER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_accelerometer", + "description": "$string:ohos_desc_accelerometer" + }, + { + "name": "ohos.permission.GYROSCOPE", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_gyroscope", + "description": "$string:ohos_desc_gyroscope" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INSTALL_BUNDLE", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_SHORTCUTS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.radio.ACCESS_FM_AM", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SET_TELEPHONY_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_telephony_state", + "description": "$string:ohos_desc_set_telephony_state" + }, + { + "name": "ohos.permission.START_ABILIIES_FROM_BACKGROUND", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.BUNDLE_ACTIVE_INFO", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_bundle_active_info", + "description": "$string:ohos_desc_bundle_active_info" + }, + { + "name": "ohos.permission.START_INVISIBLE_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.sec.ACCESS_UDID", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.LAUNCH_DATA_PRIVACY_CENTER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_MEDIA_RESOURCES", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.PUBLISH_AGENT_REMINDER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_publish_agent_reminder", + "description": "$string:ohos_desc_publish_agent_reminder" + }, + { + "name": "ohos.permission.CONTROL_TASK_SYNC_ANIMATOR", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_control_task_sync_animator", + "description": "$string:ohos_desc_control_task_sync_animator" + }, + { + "name": "ohos.permission.INPUT_MONITORING", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_MISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.NOTIFICATION_CONTROLLER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_notification_controller", + "description": "$string:ohos_desc_notification_controller" + }, + { + "name": "ohos.permission.CONNECTIVITY_INTERNAL", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + } + ] + } +} diff --git a/config/zh_CN/string.json b/config/zh_CN/string.json new file mode 100644 index 000000000..5f0134df3 --- /dev/null +++ b/config/zh_CN/string.json @@ -0,0 +1,428 @@ +{ + "string": [ + { + "name": "ohos_lab_answer_call", + "value": "绰" + }, + { + "name": "ohos_desc_answer_call", + "value": "Ӧý绰" + }, + { + "name": "ohos_lab_internet", + "value": "" + }, + { + "name": "ohos_desc_internet", + "value": "Ӧ÷硣" + }, + { + "name": "ohos_lab_modify_audio_settings", + "value": "Ƶ" + }, + { + "name": "ohos_desc_modify_audio_settings", + "value": "Ӧô򿪻رղͨ·" + }, + { + "name": "ohos_lab_read_calendar", + "value": "ȡ" + }, + { + "name": "ohos_desc_read_calendar", + "value": "Ӧöȡ" + }, + { + "name": "ohos_lab_read_call_log", + "value": "ȡͨ¼" + }, + { + "name": "ohos_desc_read_call_log", + "value": "Ӧöȡ豸ϵͨ¼Ϣ" + }, + { + "name": "ohos_lab_read_cell_messages", + "value": "ȡС㲥" + }, + { + "name": "ohos_desc_read_cell_messages", + "value": "Ӧöȡ豸յС㲥Ϣ" + }, + { + "name": "ohos_lab_read_contacts", + "value": "ȡͨѶ¼" + }, + { + "name": "ohos_desc_read_contacts", + "value": "Ӧöȡ豸ϴ洢ϵϢ" + }, + { + "name": "ohos_lab_get_telephony_state", + "value": "ȡ绰Ϣ" + }, + { + "name": "ohos_desc_get_telephony_state", + "value": "Ӧ÷豸ı롢豸ID䡢IMEIICCIDϢ" + }, + { + "name": "ohos_lab_read_messages", + "value": "ȡ̲" + }, + { + "name": "ohos_desc_read_messages", + "value": "Ӧöȡ豸յĶ̲Ϣ" + }, + { + "name": "ohos_lab_receive_mms", + "value": "ղ" + }, + { + "name": "ohos_desc_receive_mms", + "value": "Ӧýղš" + }, + { + "name": "ohos_lab_receive_sms", + "value": "ն" + }, + { + "name": "ohos_desc_receive_sms", + "value": "Ӧýնš" + }, + { + "name": "ohos_lab_receive_wap_messages", + "value": "WAPϢ" + }, + { + "name": "ohos_desc_receive_wap_messages", + "value": "ӦýWAPϢ" + }, + { + "name": "ohos_lab_microphone", + "value": "¼Ƶ" + }, + { + "name": "ohos_desc_microphone", + "value": "Ӧô򿪻ر¼ͨ·" + }, + { + "name": "ohos_lab_send_messages", + "value": "Ͷ̲" + }, + { + "name": "ohos_desc_send_messages", + "value": "Ӧ÷Ͷ̲š" + }, + { + "name": "ohos_lab_write_calendar", + "value": "½/޸/ɾ" + }, + { + "name": "ohos_desc_write_calendar", + "value": "Ӧ½/޸/ɾ" + }, + { + "name": "ohos_lab_write_call_log", + "value": "½/޸/ɾͨ¼" + }, + { + "name": "ohos_desc_write_call_log", + "value": "Ӧ½/޸/ɾ豸ϵͨ¼Ϣ" + }, + { + "name": "ohos_lab_write_contacts", + "value": "½/޸/ɾͨѶ¼" + }, + { + "name": "ohos_desc_write_contacts", + "value": "Ӧ½/޸/ɾ豸ϴ洢ϵϢ" + }, + { + "name": "ohos_lab_distributed_datasync", + "value": "ͬ豸ݽ" + }, + { + "name": "ohos_desc_distributed_datasync", + "value": "ӦԶ豸ûݣͼƬ֡ƵӦݵȣ" + }, + { + "name": "ohos_lab_manage_voicemail", + "value": "" + }, + { + "name": "ohos_desc_manage_voicemail", + "value": "Ӧù䡣" + }, + { + "name": "ohos_lab_location_in_background", + "value": "λȨ" + }, + { + "name": "ohos_desc_location_in_background", + "value": "Ӧں̨ʱȡλϢ" + }, + { + "name": "ohos_lab_location", + "value": "λȨ" + }, + { + "name": "ohos_desc_location", + "value": "Ӧǰ̨ʱȡλϢ" + }, + { + "name": "ohos_lab_media_location", + "value": "Ӧ÷λ" + }, + { + "name": "ohos_desc_media_location", + "value": "Ӧ÷ûýļеλϢ羭γϢҪȨޡ" + }, + { + "name": "ohos_lab_get_network_info", + "value": "ȡϢ" + }, + { + "name": "ohos_desc_get_network_info", + "value": "ӦûȡϢ" + }, + { + "name": "ohos_lab_place_call", + "value": "绰" + }, + { + "name": "ohos_desc_place_call", + "value": "ӦֱӲ绰" + }, + { + "name": "ohos_lab_camera", + "value": "Ƭ¼Ƶ" + }, + { + "name": "ohos_desc_camera", + "value": "ӦƬƵ" + }, + { + "name": "ohos_lab_set_network_info", + "value": "" + }, + { + "name": "ohos_desc_set_network_info", + "value": "Ӧ硣" + }, + { + "name": "ohos_lab_read_media", + "value": "Ӧöȡýļ" + }, + { + "name": "ohos_desc_read_media", + "value": "Ӧ÷ûýļƵƵͼƬȣҪȨޡ" + }, + { + "name": "ohos_lab_write_media", + "value": "Ӧöдýļ" + }, + { + "name": "ohos_desc_write_media", + "value": "ӦöдûýļƵƵͼƬȣҪȨޡ" + }, + { + "name": "ohos_lab_distributed_virtualdevice", + "value": "ֶ֧豸Эͬ豸" + }, + { + "name": "ohos_desc_distributed_virtualdevice", + "value": "Ӧ÷ֲ豸Աж豸Эͬ" + }, + { + "name": "ohos_lab_enroll_biometric", + "value": "" + }, + { + "name": "ohos_desc_enroll_biometric", + "value": "Ӧù" + }, + { + "name": "ohos_lab_access_biometric", + "value": "ʹ֤" + }, + { + "name": "ohos_desc_access_biometric", + "value": "Ӧʹ֤" + }, + { + "name": "ohos_lab_access_biometric_internal", + "value": "ϵͳӦʹ֤" + }, + { + "name": "ohos_desc_access_biometric_internal", + "value": "Ӧʹ֤" + }, + { + "name": "ohos_lab_reset_biometric_lockout", + "value": "֤ʧܼ" + }, + { + "name": "ohos_desc_reset_biometric_lockout", + "value": "Ӧ֤ʧܵļ" + }, + { + "name": "ohos_lab_set_time", + "value": "޸ϵͳʱ" + }, + { + "name": "ohos_desc_set_time", + "value": "Ӧ޸ϵͳʱ䡣" + }, + { + "name": "ohos_lab_set_time_zone", + "value": "޸ϵͳʱ" + }, + { + "name": "ohos_desc_set_time_zone", + "value": "Ӧ޸ϵͳʱ" + }, + { + "name": "ohos_lab_download_session_manager", + "value": "Ự" + }, + { + "name": "ohos_desc_download_session_manager", + "value": "ӦùỰ" + }, + { + "name": "ohos_lab_commonevent_sticky", + "value": "ճԹ¼" + }, + { + "name": "ohos_desc_commonevent_sticky", + "value": "Ӧ÷ճԹ¼" + }, + { + "name": "ohos_lab_manage_local_accounts", + "value": "˻" + }, + { + "name": "ohos_desc_manage_local_accounts", + "value": "ӦöԱ˻ɾIJ顣" + }, + { + "name": "ohos_lab_interact_across_local_accounts", + "value": "˻໥" + }, + { + "name": "ohos_desc_interact_across_local_accounts", + "value": "˺֮໥ʡ" + }, + { + "name": "ohos_lab_vibrate", + "value": "ʹ" + }, + { + "name": "ohos_desc_vibrate", + "value": "Ӧóʹ񶯡" + }, + { + "name": "ohos_lab_activity_motion", + "value": "ȡû˶״̬" + }, + { + "name": "ohos_desc_activity_motion", + "value": "Ӧóȡû˶״̬" + }, + { + "name": "ohos_lab_read_health_data", + "value": "ȡûĽ" + }, + { + "name": "ohos_desc_read_health_data", + "value": "ӦóȡûĽݡ" + }, + { + "name": "ohos_lab_connect_ime_ability", + "value": "뷨Ӧ" + }, + { + "name": "ohos_desc_connect_ime_ability", + "value": "뷨ܿôȨ޵档" + }, + { + "name": "ohos_lab_set_wallpaper", + "value": "þֽ̬" + }, + { + "name": "ohos_desc_set_wallpaper", + "value": "Ӧþֽ̬" + }, + { + "name": "ohos_lab_get_wallpaper", + "value": "ȡֽļ" + }, + { + "name": "ohos_desc_get_wallpaper", + "value": "Ӧöȡֽļ" + }, + { + "name": "ohos_lab_interact_across_local_accounts_extension", + "value": "˻չ" + }, + { + "name": "ohos_desc_interact_across_local_accounts_extension", + "value": "ӦÿźöӦõԽá" + }, + { + "name": "ohos_lab_accelerometer", + "value": "ȡٶȴ" + }, + { + "name": "ohos_desc_accelerometer", + "value": "Ӧóȡٶȴݡ" + }, + { + "name": "ohos_lab_gyroscope", + "value": "ȡǴ" + }, + { + "name": "ohos_desc_gyroscope", + "value": "ӦóȡǴݡ" + }, + { + "name": "ohos_lab_set_telephony_state", + "value": "õ绰Ϣ" + }, + { + "name": "ohos_desc_set_telephony_state", + "value": "Ӧ޸telephony״̬翪رշģʽ޸ģʽȡ" + }, + { + "name": "ohos_lab_bundle_active_info", + "value": "ѯӦǰ̨̨ʱ" + }, + { + "name": "ohos_desc_bundle_active_info", + "value": "ϵͳ/ȨӦòѯӦǰ̨̨ʱ䡣" + }, + { + "name": "ohos_lab_publish_agent_reminder", + "value": "" + }, + { + "name": "ohos_desc_publish_agent_reminder", + "value": "Ӧʹų́ѡ" + }, + { + "name": "ohos_lab_control_task_sync_animator", + "value": "ͬ" + }, + { + "name": "ohos_desc_control_task_sync_animator", + "value": "Ӧʹͬ" + }, + { + "name": "ohos_lab_notification_controller", + "value": "ϵͳӿ" + }, + { + "name": "ohos_desc_notification_controller", + "value": "Ӧʹ֪ͨӿڡ" + } + ] +} diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn new file mode 100644 index 000000000..b11ba2978 --- /dev/null +++ b/frameworks/accesstoken/BUILD.gn @@ -0,0 +1,52 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +################################################################ +# C++, Main source file here. +################################################################ +config("accesstoken_communication_adapter_cxx_public_config") { + visibility = [ ":*" ] + include_dirs = [ + "include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + ] +} + +ohos_shared_library("accesstoken_communication_adapter_cxx") { + subsystem_name = "security" + part_name = "access_token" + + public_configs = + [ ":accesstoken_communication_adapter_cxx_public_config" ] + + include_dirs = [ + "include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//utils/native/base/include", + ] + + sources = [ + "src/permission_def_parcel.cpp", + "src/permission_state_full_parcel.cpp", + "src/hap_policy_parcel.cpp", + "src/hap_token_info_parcel.cpp", + "src/hap_info_parcel.cpp", + "src/native_token_info_parcel.cpp" + ] + + deps = [ "//utils/native/base:utils" ] + + external_deps = [ "ipc:ipc_core" ] +} diff --git a/frameworks/accesstoken/include/hap_info_parcel.h b/frameworks/accesstoken/include/hap_info_parcel.h new file mode 100644 index 000000000..8f496175e --- /dev/null +++ b/frameworks/accesstoken/include/hap_info_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HAP_INFO_PARCEL_H +#define HAP_INFO_PARCEL_H + +#include "hap_token_info.h" + +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct HapInfoParcel final : public Parcelable { + HapInfoParcel() = default; + + ~HapInfoParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static HapInfoParcel *Unmarshalling(Parcel &in); + + HapInfoParams hapInfoParameter; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // HAP_INFO_PARCEL_H diff --git a/frameworks/accesstoken/include/hap_policy_parcel.h b/frameworks/accesstoken/include/hap_policy_parcel.h new file mode 100644 index 000000000..7886bfbeb --- /dev/null +++ b/frameworks/accesstoken/include/hap_policy_parcel.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HAP_POLICY_PARCEL_H +#define HAP_POLICY_PARCEL_H + +#include "hap_token_info.h" +#include "permission_def_parcel.h" +#include "permission_state_full_parcel.h" + + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct HapPolicyParcel final : public Parcelable { + HapPolicyParcel() = default; + + ~HapPolicyParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static HapPolicyParcel *Unmarshalling(Parcel &in); + + HapPolicyParams hapPolicyParameter; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // HAP_POLICY_PARCEL_H diff --git a/frameworks/accesstoken/include/hap_token_info_parcel.h b/frameworks/accesstoken/include/hap_token_info_parcel.h new file mode 100644 index 000000000..d13fda88a --- /dev/null +++ b/frameworks/accesstoken/include/hap_token_info_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HAP_TOKEN_INFO_PARCEL_H +#define HAP_TOKEN_INFO_PARCEL_H + +#include "hap_token_info.h" + +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct HapTokenInfoParcel final : public Parcelable { + HapTokenInfoParcel() = default; + + ~HapTokenInfoParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static HapTokenInfoParcel *Unmarshalling(Parcel &in); + + HapTokenInfo hapTokenInfoParams; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // HAP_TOKEN_INFO_PARCEL_H diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h new file mode 100644 index 000000000..aec6c78be --- /dev/null +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -0,0 +1,85 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef I_ACCESSTOKEN_MANAGER_H +#define I_ACCESSTOKEN_MANAGER_H + +#include + +#include "iremote_broker.h" +#include "errors.h" + +#include "access_token.h" +#include "permission_def_parcel.h" +#include "permission_state_full_parcel.h" +#include "hap_policy_parcel.h" +#include "hap_token_info_parcel.h" +#include "hap_info_parcel.h" +#include "native_token_info_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class IAccessTokenManager : public IRemoteBroker { +public: + static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; + + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokenManager"); + + virtual int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) = 0; + virtual int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) = 0; + virtual int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) = 0; + virtual int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) = 0; + virtual int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0; + virtual int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) = 0; + virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0; + virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0; + virtual int DeleteToken(AccessTokenID tokenID) = 0; + virtual int GetTokenType(AccessTokenID tokenID) = 0; + virtual int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) = 0; + virtual AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) = 0; + virtual AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) = 0; + virtual int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) = 0; + virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0; + virtual int UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0; + + enum class InterfaceCode { + VERIFY_ACCESSTOKEN = 0xff10, + GET_DEF_PERMISSION = 0xff11, + GET_DEF_PERMISSIONS = 0xff12, + GET_REQ_PERMISSIONS = 0xff13, + GET_PERMISSION_FLAG = 0xff14, + GRANT_PERMISSION = 0xff15, + REVOKE_PERMISSION = 0xff16, + CLEAR_USER_GRANT_PERMISSION = 0xff17, + ALLOC_TOKEN_HAP = 0xff18, + TOKEN_DELETE = 0xff19, + GET_TOKEN_TYPE = 0xff20, + CHECK_NATIVE_DCAP = 0xff21, + GET_HAP_TOKEN_ID = 0xff22, + ALLOC_LOCAL_TOKEN_ID = 0xff23, + GET_NATIVE_TOKENINFO = 0xff24, + GET_HAP_TOKENINFO = 0xff25, + UPDATE_HAP_TOKEN = 0xff26, + }; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // I_ACCESSTOKEN_MANAGER_H diff --git a/frameworks/accesstoken/include/native_token_info_parcel.h b/frameworks/accesstoken/include/native_token_info_parcel.h new file mode 100644 index 000000000..80bf8909c --- /dev/null +++ b/frameworks/accesstoken/include/native_token_info_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NATIVE_TOKEN_INFO_PARCEL_H +#define NATIVE_TOKEN_INFO_PARCEL_H + +#include "native_token_info.h" + +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct NativeTokenInfoParcel final : public Parcelable { + NativeTokenInfoParcel() = default; + + ~NativeTokenInfoParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static NativeTokenInfoParcel *Unmarshalling(Parcel &in); + + NativeTokenInfo nativeTokenInfoParams; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // NATIVE_TOKEN_INFO_PARCEL_H diff --git a/frameworks/accesstoken/include/permission_def_parcel.h b/frameworks/accesstoken/include/permission_def_parcel.h new file mode 100644 index 000000000..52e0a80c4 --- /dev/null +++ b/frameworks/accesstoken/include/permission_def_parcel.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_DEF_PARCEL_H +#define PERMISSION_DEF_PARCEL_H + +#include "permission_def.h" +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionDefParcel final : public Parcelable { + PermissionDefParcel() = default; + + ~PermissionDefParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static PermissionDefParcel *Unmarshalling(Parcel &in); + + PermissionDef permissionDef; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_DEF_PARCEL_H diff --git a/frameworks/accesstoken/include/permission_state_full_parcel.h b/frameworks/accesstoken/include/permission_state_full_parcel.h new file mode 100644 index 000000000..f4b8714a7 --- /dev/null +++ b/frameworks/accesstoken/include/permission_state_full_parcel.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_PARCEL_H +#define INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_PARCEL_H + +#include "permission_state_full.h" +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionStateFullParcel final : public Parcelable { + PermissionStateFullParcel() = default; + + ~PermissionStateFullParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static PermissionStateFullParcel *Unmarshalling(Parcel &in); + + PermissionStateFull permStatFull; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_PARCEL_H diff --git a/frameworks/accesstoken/src/hap_info_parcel.cpp b/frameworks/accesstoken/src/hap_info_parcel.cpp new file mode 100644 index 000000000..c0e3d984a --- /dev/null +++ b/frameworks/accesstoken/src/hap_info_parcel.cpp @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hap_info_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool HapInfoParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.userID)); + RETURN_IF_FALSE(out.WriteString(this->hapInfoParameter.bundleName)); + RETURN_IF_FALSE(out.WriteInt32(this->hapInfoParameter.instIndex)); + RETURN_IF_FALSE(out.WriteString(this->hapInfoParameter.appIDDesc)); + return true; +} + +HapInfoParcel* HapInfoParcel::Unmarshalling(Parcel& in) +{ + auto* hapInfoParcel = new (std::nothrow) HapInfoParcel(); + RELEASE_IF_FALSE(hapInfoParcel != nullptr, hapInfoParcel); + RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.userID), hapInfoParcel); + hapInfoParcel->hapInfoParameter.bundleName = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(hapInfoParcel->hapInfoParameter.instIndex), hapInfoParcel); + hapInfoParcel->hapInfoParameter.appIDDesc = in.ReadString(); + + return hapInfoParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp new file mode 100644 index 000000000..0c14d15a3 --- /dev/null +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hap_policy_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool HapPolicyParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->hapPolicyParameter.apl)); + RETURN_IF_FALSE(out.WriteString(this->hapPolicyParameter.domain)); + + const std::vector& permList = this->hapPolicyParameter.permList; + int permListSize = permList.size(); + RETURN_IF_FALSE(out.WriteInt32(permListSize)); + + for (int i = 0; i < permListSize; i++) { + PermissionDefParcel permDefParcel; + permDefParcel.permissionDef = permList[i]; + out.WriteParcelable(&permDefParcel); + } + + const std::vector& permStateList = this->hapPolicyParameter.permStateList; + int permStateListSize = permStateList.size(); + RETURN_IF_FALSE(out.WriteInt32(permStateListSize)); + + for (int i = 0; i < permStateListSize; i++) { + PermissionStateFullParcel permStateParcel; + permStateParcel.permStatFull = permStateList[i]; + out.WriteParcelable(&permStateParcel); + } + + return true; +} + +HapPolicyParcel* HapPolicyParcel::Unmarshalling(Parcel& in) +{ + auto* hapPolicyParcel = new (std::nothrow) HapPolicyParcel(); + RELEASE_IF_FALSE(hapPolicyParcel != nullptr, hapPolicyParcel); + + int32_t apl; + RELEASE_IF_FALSE(in.ReadInt32(apl), hapPolicyParcel); + hapPolicyParcel->hapPolicyParameter.apl = ATokenAplEnum(apl); + + hapPolicyParcel->hapPolicyParameter.domain = in.ReadString(); + + int permListSize; + RELEASE_IF_FALSE(in.ReadInt32(permListSize), hapPolicyParcel); + + for (int i = 0; i < permListSize; i++) { + sptr permDefParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(permDefParcel != nullptr, hapPolicyParcel); + hapPolicyParcel->hapPolicyParameter.permList.emplace_back(permDefParcel->permissionDef); + } + + int permStateListSize; + RELEASE_IF_FALSE(in.ReadInt32(permStateListSize), hapPolicyParcel); + for (int i = 0; i < permStateListSize; i++) { + sptr permissionStateParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(permissionStateParcel != nullptr, hapPolicyParcel); + hapPolicyParcel->hapPolicyParameter.permStateList.emplace_back(permissionStateParcel->permStatFull); + } + return hapPolicyParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/accesstoken/src/hap_token_info_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_parcel.cpp new file mode 100644 index 000000000..5d5c2c519 --- /dev/null +++ b/frameworks/accesstoken/src/hap_token_info_parcel.cpp @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hap_token_info_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool HapTokenInfoParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.apl)); + RETURN_IF_FALSE(out.WriteUint8(this->hapTokenInfoParams.ver)); + RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.userID)); + RETURN_IF_FALSE(out.WriteString(this->hapTokenInfoParams.bundleName)); + RETURN_IF_FALSE(out.WriteInt32(this->hapTokenInfoParams.instIndex)); + RETURN_IF_FALSE(out.WriteString(this->hapTokenInfoParams.appID)); + RETURN_IF_FALSE(out.WriteString(this->hapTokenInfoParams.deviceID)); + RETURN_IF_FALSE(out.WriteUint32(this->hapTokenInfoParams.tokenID)); + RETURN_IF_FALSE(out.WriteUint32(this->hapTokenInfoParams.tokenAttr)); + return true; +} + +HapTokenInfoParcel* HapTokenInfoParcel::Unmarshalling(Parcel& in) +{ + auto* hapTokenInfoParcel = new (std::nothrow) HapTokenInfoParcel(); + RELEASE_IF_FALSE(hapTokenInfoParcel != nullptr, hapTokenInfoParcel); + int apl; + int8_t ver; + RELEASE_IF_FALSE(in.ReadInt32(apl), hapTokenInfoParcel); + hapTokenInfoParcel->hapTokenInfoParams.apl = ATokenAplEnum(apl); + RELEASE_IF_FALSE(in.ReadInt8(ver), hapTokenInfoParcel); + hapTokenInfoParcel->hapTokenInfoParams.ver = ver; + RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.userID), hapTokenInfoParcel); + hapTokenInfoParcel->hapTokenInfoParams.bundleName = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.instIndex), hapTokenInfoParcel); + hapTokenInfoParcel->hapTokenInfoParams.appID = in.ReadString(); + hapTokenInfoParcel->hapTokenInfoParams.deviceID = in.ReadString(); + RELEASE_IF_FALSE(in.ReadUint32(hapTokenInfoParcel->hapTokenInfoParams.tokenID), hapTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint32(hapTokenInfoParcel->hapTokenInfoParams.tokenAttr), hapTokenInfoParcel); + return hapTokenInfoParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/accesstoken/src/native_token_info_parcel.cpp b/frameworks/accesstoken/src/native_token_info_parcel.cpp new file mode 100644 index 000000000..f623cfd0b --- /dev/null +++ b/frameworks/accesstoken/src/native_token_info_parcel.cpp @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "native_token_info_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool NativeTokenInfoParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteInt32(this->nativeTokenInfoParams.apl)); + RETURN_IF_FALSE(out.WriteUint8(this->nativeTokenInfoParams.ver)); + RETURN_IF_FALSE(out.WriteString(this->nativeTokenInfoParams.processName)); + RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenID)); + RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenAttr)); + + int dcapSize = (this->nativeTokenInfoParams.dcap).size(); + RETURN_IF_FALSE(out.WriteInt32(dcapSize)); + + for (int i = 0; i < dcapSize; i++) { + RETURN_IF_FALSE(out.WriteString(this->nativeTokenInfoParams.dcap[i])); + } + + return true; +} + +NativeTokenInfoParcel* NativeTokenInfoParcel::Unmarshalling(Parcel& in) +{ + auto* nativeTokenInfoParcel = new (std::nothrow) NativeTokenInfoParcel(); + RELEASE_IF_FALSE(nativeTokenInfoParcel != nullptr, nativeTokenInfoParcel); + + int32_t apl; + int8_t ver; + RELEASE_IF_FALSE(in.ReadInt32(apl), nativeTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadInt8(ver), nativeTokenInfoParcel); + nativeTokenInfoParcel->nativeTokenInfoParams.apl = ATokenAplEnum(apl); + nativeTokenInfoParcel->nativeTokenInfoParams.ver = ver; + + nativeTokenInfoParcel->nativeTokenInfoParams.processName = in.ReadString(); + RELEASE_IF_FALSE(in.ReadUint32(nativeTokenInfoParcel->nativeTokenInfoParams.tokenID), nativeTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint32(nativeTokenInfoParcel->nativeTokenInfoParams.tokenAttr), nativeTokenInfoParcel); + + int dcapSize; + RELEASE_IF_FALSE(in.ReadInt32(dcapSize), nativeTokenInfoParcel); + + for (int i = 0; i < dcapSize; i++) { + nativeTokenInfoParcel->nativeTokenInfoParams.dcap[i] = in.ReadString(); + } + return nativeTokenInfoParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp new file mode 100644 index 000000000..421731e9f --- /dev/null +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_def_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionDefParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->permissionDef.permissionName)); + RETURN_IF_FALSE(out.WriteString(this->permissionDef.bundleName)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.grantMode)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableScope)); + RETURN_IF_FALSE(out.WriteString(this->permissionDef.label)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.labelId)); + RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.descriptionId)); + return true; +} + +PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) +{ + auto* permissionDefParcel = new (std::nothrow) PermissionDefParcel(); + RELEASE_IF_FALSE(permissionDefParcel != nullptr, permissionDefParcel); + permissionDefParcel->permissionDef.permissionName = in.ReadString(); + permissionDefParcel->permissionDef.bundleName = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.grantMode), permissionDefParcel); + RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.availableScope), permissionDefParcel); + permissionDefParcel->permissionDef.label = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.labelId), permissionDefParcel); + permissionDefParcel->permissionDef.description = in.ReadString(); + RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.descriptionId), permissionDefParcel); + return permissionDefParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/accesstoken/src/permission_state_full_parcel.cpp b/frameworks/accesstoken/src/permission_state_full_parcel.cpp new file mode 100644 index 000000000..50ce4bf2b --- /dev/null +++ b/frameworks/accesstoken/src/permission_state_full_parcel.cpp @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_state_full_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool PermissionStateFullParcel::Marshalling(Parcel& out) const +{ + RETURN_IF_FALSE(out.WriteString(this->permStatFull.permissionName)); + RETURN_IF_FALSE(out.WriteBool(this->permStatFull.isGeneral)); + + RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.resDeviceID.size())); + for (auto devId : this->permStatFull.resDeviceID) { + RETURN_IF_FALSE(out.WriteString(devId)); + } + + RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantStatus.size())); + for (auto grantStat : this->permStatFull.grantStatus) { + RETURN_IF_FALSE(out.WriteInt32(grantStat)); + } + + RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantFlags.size())); + for (auto grantFlag : this->permStatFull.grantFlags) { + RETURN_IF_FALSE(out.WriteInt32(grantFlag)); + } + return true; +} + +PermissionStateFullParcel* PermissionStateFullParcel::Unmarshalling(Parcel& in) +{ + auto* permissionStateParcel = new (std::nothrow) PermissionStateFullParcel(); + RELEASE_IF_FALSE(permissionStateParcel != nullptr, permissionStateParcel); + + RELEASE_IF_FALSE(in.ReadString(permissionStateParcel->permStatFull.permissionName), permissionStateParcel); + RELEASE_IF_FALSE(in.ReadBool(permissionStateParcel->permStatFull.isGeneral), permissionStateParcel); + + int resIdSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(resIdSize), permissionStateParcel); + for (int i = 0; i < resIdSize; i++) { + std::string resId; + RELEASE_IF_FALSE(in.ReadString(resId), permissionStateParcel); + permissionStateParcel->permStatFull.resDeviceID.emplace_back(resId); + } + + int grantStatsSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(grantStatsSize), permissionStateParcel); + for (int i = 0; i < grantStatsSize; i++) { + int grantStat; + RELEASE_IF_FALSE(in.ReadInt32(grantStat), permissionStateParcel); + permissionStateParcel->permStatFull.grantStatus.emplace_back(grantStat); + } + + int grantFlagSize = 0; + RELEASE_IF_FALSE(in.ReadInt32(grantFlagSize), permissionStateParcel); + for (int i = 0; i < grantFlagSize; i++) { + int flag; + RELEASE_IF_FALSE(in.ReadInt32(flag), permissionStateParcel); + permissionStateParcel->permStatFull.grantFlags.emplace_back(flag); + } + return permissionStateParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn new file mode 100644 index 000000000..b63c67b3c --- /dev/null +++ b/frameworks/common/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +################################################################ +# C++, Main source file here. +################################################################ +config("accesstoken_common_cxx_public_config") { + visibility = [ ":*" ] + include_dirs = [ "main/cpp/include" ] +} + +ohos_shared_library("accesstoken_common_cxx") { + subsystem_name = "security" + part_name = "access_token" + + public_configs = [ ":accesstoken_common_cxx_public_config" ] + + include_dirs = [ + "include", + "//utils/system/safwk/native/include", + "//third_party/mbedtls/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + ] + + sources = [ + "src/data_validator.cpp", + "src/random_mbedtls.cpp" + ] + + deps = [ + "//utils/native/base:utils", + "//third_party/mbedtls:mbedtls_shared", + ] + external_deps = [ "hiviewdfx_hilog_native:libhilog" ] + + cflags_cc = [ "-DHILOG_ENABLE" ] +} diff --git a/frameworks/common/include/accesstoken_log.h b/frameworks/common/include/accesstoken_log.h new file mode 100644 index 000000000..3fb142587 --- /dev/null +++ b/frameworks/common/include/accesstoken_log.h @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_LOG_H +#define ACCESSTOKEN_LOG_H + +#ifdef HILOG_ENABLE + +#include "hilog/log.h" + +#ifndef __cplusplus + +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__) + +#else + +#define ACCESSTOKEN_LOG_DEBUG(label, fmt, ...) OHOS::HiviewDFX::HiLog::Debug(label, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(label, fmt, ...) OHOS::HiviewDFX::HiLog::Info(label, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(label, fmt, ...) OHOS::HiviewDFX::HiLog::Warn(label, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(label, fmt, ...) OHOS::HiviewDFX::HiLog::Error(label, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(label, fmt, ...) OHOS::HiviewDFX::HiLog::Fatal(label, fmt, ##__VA_ARGS__) + +#endif // __cplusplus + +/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ +#undef LOG_TAG +#undef LOG_DOMAIN + +static constexpr unsigned int SECURITY_DOMAIN_ACCESSTOKEN = 0xD002F01; + +#else + +#include +#include + +/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ +#undef LOG_TAG + +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) + +#endif // HILOG_ENABLE + +#endif // ACCESSTOKEN_LOG_H diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h new file mode 100644 index 000000000..dc486baa6 --- /dev/null +++ b/frameworks/common/include/data_validator.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#ifndef DATA_VALIDATOR_H +#define DATA_VALIDATOR_H +namespace OHOS { +namespace Security { +namespace AccessToken { +class DataValidator final { +public: + static bool IsBundleNameValid(const std::string& bundleName); + + static bool IsPermissionNameValid(const std::string& permissionName); + + static bool IsUserIdValid(const int userId); + + static bool IsAppIDDescValid(const std::string& appIDDesc); + + static bool IsDomainValid(const std::string& domain); + + static bool IsAplNumValid(const int apl); +private: + const static int MAX_LENGTH = 256; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // DATA_VALIDATOR_H diff --git a/frameworks/common/include/random.h b/frameworks/common/include/random.h new file mode 100644 index 000000000..936276421 --- /dev/null +++ b/frameworks/common/include/random.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_RANDOM_H +#define ACCESSTOKEN_RANDOM_H + +#ifdef __cplusplus +#if __cplusplus +extern "C" { +#endif +#endif + +unsigned int GetRandomUint32(); + +#ifdef __cplusplus +#if __cplusplus +} +#endif /* __cplusplus */ +#endif /* __cplusplus */ +#endif /* ACCESSTOKEN_RANDOM_H */ diff --git a/frameworks/common/include/random_mbedtls.h b/frameworks/common/include/random_mbedtls.h new file mode 100644 index 000000000..ffd3ddd14 --- /dev/null +++ b/frameworks/common/include/random_mbedtls.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESS_TOKEN_RANDOM_MBEDTLS +#define ACCESS_TOKEN_RANDOM_MBEDTLS + +#include "rwlock.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/entropy.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class RandomMbedtls { +public: + static RandomMbedtls& GetInstance(); + int GenerateRandomArray(unsigned char *randStr, unsigned int len); + ~RandomMbedtls() {}; + static unsigned int GetRandomUint32(); + +private: + RandomMbedtls() : initFlag_(false) {}; + mbedtls_entropy_context entropy_; + mbedtls_ctr_drbg_context ctrDrbg_; + OHOS::Utils::RWLock randomLock_; + bool initFlag_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESS_TOKEN_RANDOM_MBEDTLS diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp new file mode 100644 index 000000000..8928c3d77 --- /dev/null +++ b/frameworks/common/src/data_validator.cpp @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "data_validator.h" +#include "access_token.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +bool DataValidator::IsBundleNameValid(const std::string& bundleName) +{ + return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH); +} + +bool DataValidator::IsPermissionNameValid(const std::string& permissionName) +{ + return !permissionName.empty() && (permissionName.length() <= MAX_LENGTH); +} + +bool DataValidator::IsUserIdValid(const int userId) +{ + return userId >= 0; +} + +bool DataValidator::IsAppIDDescValid(const std::string& appIDDesc) +{ + return !appIDDesc.empty() && (appIDDesc.length() <= MAX_LENGTH); +} + +bool DataValidator::IsDomainValid(const std::string& domain) +{ + return !domain.empty() && (domain.length() <= MAX_LENGTH); +} + +bool DataValidator::IsAplNumValid(const int apl) +{ + return (apl == APL_NORMAL || apl == APL_SYSTEM_BASIC || apl == APL_SYSTEM_CORE); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/common/src/random_mbedtls.cpp b/frameworks/common/src/random_mbedtls.cpp new file mode 100644 index 000000000..20d7dfbbc --- /dev/null +++ b/frameworks/common/src/random_mbedtls.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "random_mbedtls.h" +#include "access_token.h" + +using OHOS::Security::AccessToken::RandomMbedtls; +using OHOS::Security::AccessToken::RET_SUCCESS; + +namespace OHOS { +namespace Security { +namespace AccessToken { +extern "C" unsigned int GetRandomUint32() +{ + unsigned int rand; + int ret = RandomMbedtls::GetInstance().GenerateRandomArray((unsigned char *)&rand, sizeof(rand)); + if (ret != RET_SUCCESS) { + return 0; + } + return rand; +} + +int RandomMbedtls::GenerateRandomArray(unsigned char *randStr, unsigned int len) +{ + if (randStr == NULL || len == 0) { + return RET_FAILED; + } + int ret; + + Utils::UniqueWriteGuard infoGuard(this->randomLock_); + if (initFlag_ == false) { + mbedtls_ctr_drbg_init(&ctrDrbg_); + mbedtls_entropy_init(&entropy_); + ret = mbedtls_ctr_drbg_seed(&ctrDrbg_, mbedtls_entropy_func, &entropy_, NULL, 0); + if (ret != 0) { + return RET_FAILED; + } + initFlag_ = true; + } + + ret = mbedtls_ctr_drbg_random(&ctrDrbg_, randStr, len); + if (ret != 0) { + return RET_FAILED; + } + return RET_SUCCESS; +} + +RandomMbedtls& RandomMbedtls::GetInstance() +{ + static RandomMbedtls instance; + return instance; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/frameworks/tokensync/include/i_tokensync_manager.h b/frameworks/tokensync/include/i_tokensync_manager.h new file mode 100644 index 000000000..9a2769ee3 --- /dev/null +++ b/frameworks/tokensync/include/i_tokensync_manager.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef I_TOKENSYNC_MANAGER_H +#define I_TOKENSYNC_MANAGER_H + +#include + +#include "iremote_broker.h" +#include "errors.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +class ITokenSyncManager : public IRemoteBroker { +public: + static const int SA_ID_TOKENSYNC_MANAGER_SERVICE = 3504; + + DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.ITokenSyncManager"); + + virtual int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0; + + enum class InterfaceCode { + VERIFY_PERMISSION = 0xff01, + }; +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS + +#endif // I_TOKENSYNC_MANAGER_H diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 2cc576843..b6cc8e22c 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -16,7 +16,7 @@ import("//build/ohos.gni") ################################################################ # C++, Main, source file here. ################################################################ -config("accesstoken_sdk_cxx_public_config_standard") { +config("accesstoken") { visibility = [ ":*" ] include_dirs = [ "main/cpp/include" ] } @@ -27,14 +27,15 @@ ohos_shared_library("libaccesstoken_sdk") { output_name = "libaccesstoken_sdk" - public_configs = [ ":accesstoken_sdk_cxx_public_config_standard" ] + public_configs = [ ":accesstoken" ] include_dirs = [ "//utils/native/base/include", "main/cpp/include", "main/cpp/src", - "//base/security/access_token/frameworks/accesstoken", - "//base/security/access_token/nterfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/frameworks/accesstoken/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" ] sources = [ @@ -44,8 +45,7 @@ ohos_shared_library("libaccesstoken_sdk") { ] deps = [ - "//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", - "//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//utils/native/base:utils", ] diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h b/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h new file mode 100644 index 000000000..5f8909948 --- /dev/null +++ b/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h @@ -0,0 +1,82 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESS_TOKEN_DEF_H +#define ACCESS_TOKEN_DEF_H + +namespace OHOS { +namespace Security { +namespace AccessToken { +typedef unsigned int AccessTokenID; +typedef unsigned int AccessTokenAttr; +static const int DEFAULT_TOKEN_VERSION = 1; + +enum AccessTokenKitRet { + RET_FAILED = -1, + RET_SUCCESS = 0, +}; + +typedef struct { + unsigned int tokenUniqueID : 24; + unsigned int res : 3; + unsigned int type : 2; + unsigned int version : 3; +} AccessTokenIDInner; + +typedef enum TypeATokenTypeEnum { + TOKEN_INVALID = -1, + TOKEN_HAP = 0, + TOKEN_NATIVE, +} ATokenTypeEnum; + +typedef enum TypeATokenAplEnum { + APL_NORMAL = 1, + APL_SYSTEM_BASIC = 2, + APL_SYSTEM_CORE = 3, +} ATokenAplEnum; + +typedef union { + unsigned long long tokenIDEx; + struct { + AccessTokenID tokenID; + AccessTokenAttr tokenAttr; + } tokenIdExStruct; +} AccessTokenIDEx; + +typedef enum TypePermissionState { + PERMISSION_DENIED = -1, + PERMISSION_GRANTED = 0, +} PermissionState; + +typedef enum TypeGrantMode { + USER_GRANT = 0, + SYSTEM_GRANT = 1, +} GrantMode; + +typedef enum TypeAvailableScope { + AVAILABLE_SCOPE_ALL = 1 << 0, + AVAILABLE_SCOPE_SIGNATURE = 1 << 1, + AVAILABLE_SCOPE_RESTRICTED = 1 << 2 +} AvailableScope; + +typedef enum TypePermissionFlag { + PERMISSION_USER_SET = 1 << 0, + PERMISSION_USER_FIXED = 1 << 1, + PERMISSION_SYSTEM_FIXED = 1 << 2, +} PermissionFlag; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESS_TOKEN_DEF_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h index 22fedd97a..c8ccb5860 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h @@ -1,32 +1,57 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H -#define INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H - -#include -#include "accesstoken.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AccessTokenKit { -public: - static int VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName); -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_KIT_H + +#include +#include + +#include "access_token.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "permission_def.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class AccessTokenKit { +public: + static AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); + static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); + static int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + static int DeleteToken(AccessTokenID tokenID); + static int GetTokenType(AccessTokenID tokenID); + static int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); + static AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); + static int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); + static int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); + static int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); + static int VerifyAccessToken( + AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName); + static int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); + static int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); + static int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); + static int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); + static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + static int ClearUserGrantedPermissionState(AccessTokenID tokenID); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h b/interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h new file mode 100644 index 000000000..26477f893 --- /dev/null +++ b/interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_HAP_TOKEN_INFO_H +#define ACCESSTOKEN_HAP_TOKEN_INFO_H + +#include "access_token.h" +#include "permission_def.h" +#include "permission_state_full.h" +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class HapInfoParams final { +public: + int userID; + std::string bundleName; + int instIndex; + std::string appIDDesc; +}; + +class HapPolicyParams final { +public: + ATokenAplEnum apl; + std::string domain; + std::vector permList; + std::vector permStateList; +}; + +class HapTokenInfo final { +public: + ATokenAplEnum apl; + char ver; + int userID; + std::string bundleName; + int instIndex; + std::string appID; + std::string deviceID; + AccessTokenID tokenID; + AccessTokenAttr tokenAttr; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_HAP_TOKEN_INFO_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h b/interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h new file mode 100644 index 000000000..60b427f35 --- /dev/null +++ b/interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_NATIVE_TOKEN_INFO_H +#define ACCESSTOKEN_NATIVE_TOKEN_INFO_H + +#include "access_token.h" +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class NativeTokenInfo final { +public: + ATokenAplEnum apl; + unsigned char ver; + std::string processName; + std::vector dcap; + AccessTokenID tokenID; + AccessTokenAttr tokenAttr; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_NATIVE_TOKEN_INFO_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h b/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h new file mode 100644 index 000000000..a08b3103c --- /dev/null +++ b/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_DEF_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_DEF_H + +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PermissionDef final { +public: + std::string permissionName; + std::string bundleName; + int grantMode; + int availableScope; + std::string label; + int labelId; + std::string description; + int descriptionId; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_DEF_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h b/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h new file mode 100644 index 000000000..17b8b0137 --- /dev/null +++ b/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H +#define INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PermissionStateFull final { +public: + std::string permissionName; + bool isGeneral; + std::vector resDeviceID; + std::vector grantStatus; + std::vector grantFlags; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp index 1e0e8e06e..5d4d82bdc 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp @@ -1,42 +1,171 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstoken_kit.h" - -#include -#include - -#include "accesstoken_log.h" -#include "accesstoken_manager_client.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -using namespace std; - -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKit"}; -} // namespace - -int AccessTokenKit::VerifyAccesstoken(AccessTokenID tokenID, const std::string &permissionName) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", - tokenID, permissionName.c_str()); - return AccessTokenManagerClient::GetInstance().VerifyAccesstoken(tokenID, permissionName); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_kit.h" + +#include +#include + +#include "accesstoken_log.h" +#include "accesstoken_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKit"}; +} // namespace + +AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + + return AccessTokenManagerClient::GetInstance().AllocHapToken(info, policy); +} + +AccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return AccessTokenManagerClient::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); +} + +int AccessTokenKit::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenID, appIDDesc, policy); +} + +int AccessTokenKit::DeleteToken(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + + return AccessTokenManagerClient::GetInstance().DeleteToken(tokenID); +} + +int AccessTokenKit::GetTokenType(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + return AccessTokenManagerClient::GetInstance().GetTokenType(tokenID); +} + +int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, dcap=%{public}s", tokenID, dcap.c_str()); + return AccessTokenManagerClient::GetInstance().CheckNativeDCap(tokenID, dcap); +} + +AccessTokenID AccessTokenKit::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "int userID=%{public}d, bundleName=%{public}s, instIndex=%{public}d", + userID, bundleName.c_str(), instIndex); + + return AccessTokenManagerClient::GetInstance().GetHapTokenID(userID, bundleName, instIndex); +} + +int AccessTokenKit::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + + return AccessTokenManagerClient::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfoRes); +} + +int AccessTokenKit::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + + return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes); +} + +int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); + return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); +} + +int AccessTokenKit::VerifyAccessToken( + AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName) +{ + return 0; +} + +int AccessTokenKit::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "permissionName=%{public}s", permissionName.c_str()); + + int ret = AccessTokenManagerClient::GetInstance().GetDefPermission(permissionName, permissionDefResult); + ACCESSTOKEN_LOG_INFO(LABEL, "GetDefPermission bundleName = %{public}s", permissionDefResult.bundleName.c_str()); + + return ret; +} + +int AccessTokenKit::GetDefPermissions(AccessTokenID tokenID, std::vector& permDefList) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + + ACCESSTOKEN_LOG_INFO(LABEL, "GetDefPermissions permDefList size = %{public}d", permDefList.size()); + return AccessTokenManagerClient::GetInstance().GetDefPermissions(tokenID, permDefList); +} + +int AccessTokenKit::GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, isSystemGrant=%{public}d", tokenID, isSystemGrant); + + ACCESSTOKEN_LOG_INFO(LABEL, "GetReqPermissions, reqPermList size=%{public}d", reqPermList.size()); + return AccessTokenManagerClient::GetInstance().GetReqPermissions(tokenID, reqPermList, isSystemGrant); +} + +int AccessTokenKit::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); + return AccessTokenManagerClient::GetInstance().GetPermissionFlag(tokenID, permissionName); +} + +int AccessTokenKit::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s, flag=%{public}d", + tokenID, permissionName.c_str(), flag); + return AccessTokenManagerClient::GetInstance().GrantPermission(tokenID, permissionName, flag); +} + +int AccessTokenKit::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s, flag=%{public}d", + tokenID, permissionName.c_str(), flag); + return AccessTokenManagerClient::GetInstance().RevokePermission(tokenID, permissionName, flag); +} + +int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); + return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp index a5de7d88e..8f259f150 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp @@ -16,8 +16,9 @@ #include "accesstoken_manager_client.h" #include "accesstoken_log.h" - +#include "hap_token_info.h" #include "iservice_registry.h" +#include "native_token_info.h" namespace OHOS { namespace Security { @@ -40,15 +41,225 @@ AccessTokenManagerClient::AccessTokenManagerClient() AccessTokenManagerClient::~AccessTokenManagerClient() {} -int AccessTokenManagerClient::VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName) const +int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->VerifyAccessToken(tokenID, permissionName); +} + +int AccessTokenManagerClient::GetDefPermission( + const std::string& permissionName, PermissionDef& permissionDefResult) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + PermissionDefParcel permissionDefParcel; + int result = proxy->GetDefPermission(permissionName, permissionDefParcel); + permissionDefResult = permissionDefParcel.permissionDef; + return result; +} + +int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + std::vector parcelList; + int result = proxy->GetDefPermissions(tokenID, parcelList); + for (auto permParcel : parcelList) { + PermissionDef perm = permParcel.permissionDef; + permList.emplace_back(perm); + } + return result; +} + +int AccessTokenManagerClient::GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + std::vector parcelList; + int result = proxy->GetReqPermissions(tokenID, parcelList, isSystemGrant); + for (auto permParcel : parcelList) { + PermissionStateFull perm = permParcel.permStatFull; + reqPermList.emplace_back(perm); + } + return result; +} + +int AccessTokenManagerClient::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->GetPermissionFlag(tokenID, permissionName); +} + +int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->GrantPermission(tokenID, permissionName, flag); +} + +int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->RevokePermission(tokenID, permissionName, flag); +} + +int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->ClearUserGrantedPermissionState(tokenID); +} + +AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) const +{ + AccessTokenIDEx res = { 0 }; + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return res; + } + HapInfoParcel hapInfoParcel; + HapPolicyParcel hapPolicyParcel; + hapInfoParcel.hapInfoParameter = info; + hapPolicyParcel.hapPolicyParameter = policy; + + return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel); +} + +int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->DeleteToken(tokenID); +} + +int AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->GetTokenType(tokenID); +} + +int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->CheckNativeDCap(tokenID, dcap); +} + +AccessTokenID AccessTokenManagerClient::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->GetHapTokenID(userID, bundleName, instIndex); +} + +AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( + const std::string& remoteDeviceID, AccessTokenID remoteTokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + return proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID); +} + +int AccessTokenManagerClient::UpdateHapToken( + AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + HapPolicyParcel hapPolicyParcel; + hapPolicyParcel.hapPolicyParameter = policy; + return proxy->UpdateHapToken(tokenID, appIDDesc, hapPolicyParcel); +} + +int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return RET_FAILED; + } + HapTokenInfoParcel hapTokenInfoParcel; + int res = proxy->GetHapTokenInfo(tokenID, hapTokenInfoParcel); + + hapTokenInfoRes = hapTokenInfoParcel.hapTokenInfoParams; + return res; +} + +int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) const { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); - return PERMISSION_DENIED; + return RET_FAILED; } - return proxy->VerifyAccesstoken(tokenID, permissionName); + NativeTokenInfoParcel nativeTokenInfoParcel; + int res = proxy->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel); + nativeTokenInfoRes = nativeTokenInfoParcel.nativeTokenInfoParams; + return res; } sptr AccessTokenManagerClient::GetProxy() const @@ -74,4 +285,4 @@ sptr AccessTokenManagerClient::GetProxy() const } } // namespace AccessToken } // namespace Security -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h index 758e6f598..cedcdae10 100755 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h @@ -17,9 +17,17 @@ #define ACCESSTOKEN_MANAGER_CLIENT_H #include +#include +#include "access_token.h" +#include "hap_info_parcel.h" +#include "hap_policy_parcel.h" +#include "hap_token_info.h" #include "i_accesstoken_manager.h" +#include "native_token_info.h" #include "nocopyable.h" +#include "permission_def.h" +#include "permission_state_full.h" namespace OHOS { namespace Security { @@ -30,7 +38,25 @@ public: virtual ~AccessTokenManagerClient(); - int VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName) const; + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) const; + int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) const; + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) const; + int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) const; + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) const; + int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const; + int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const; + int ClearUserGrantedPermissionState(AccessTokenID tokenID) const; + AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) const; + int DeleteToken(AccessTokenID tokenID) const; + int GetTokenType(AccessTokenID tokenID) const; + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) const; + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) const; + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) const; + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) const; + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) const; + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) const; + private: AccessTokenManagerClient(); diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp index ce8d6ec7f..e031e8c02 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp @@ -28,13 +28,13 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ } AccessTokenManagerProxy::AccessTokenManagerProxy(const sptr& impl) - : IRemoteProxy(impl) -{} + : IRemoteProxy(impl) { +} AccessTokenManagerProxy::~AccessTokenManagerProxy() {} -int AccessTokenManagerProxy::VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName) +int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) { MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); @@ -66,6 +66,547 @@ int AccessTokenManagerProxy::VerifyAccesstoken(AccessTokenID tokenID, const std: return result; } +int AccessTokenManagerProxy::GetDefPermission( + const std::string& permissionName, PermissionDefParcel& permissionDefResult) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSION), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + sptr resultSptr = reply.ReadParcelable(); + if (resultSptr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + return RET_FAILED; + } + permissionDefResult = *resultSptr; + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, + std::vector& permList) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSIONS), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t size = reply.ReadInt32(); + for (int i = 0; i < size; i++) { + sptr permissionDef = reply.ReadParcelable(); + if (permissionDef != nullptr) { + permList.emplace_back(*permissionDef); + } + } + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + if (!data.WriteInt32(isSystemGrant)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write isSystemGrant", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_REQ_PERMISSIONS), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t size = reply.ReadInt32(); + for (int i = 0; i < size; i++) { + sptr permissionReq = reply.ReadParcelable(); + if (permissionReq != nullptr) { + reqPermList.emplace_back(*permissionReq); + } + } + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + if (!data.WriteInt32(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write flag", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GRANT_PERMISSION), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + if (!data.WriteInt32(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write flag", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::REVOKE_PERMISSION), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID tokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::CLEAR_USER_GRANT_PERMISSION), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken( + const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) +{ + MessageParcel data; + AccessTokenIDEx res; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteParcelable(&hapInfo)) { + res.tokenIDEx = 0; + return res; + } + if (!data.WriteParcelable(&policyParcel)) { + res.tokenIDEx = 0; + return res; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + res.tokenIDEx = 0; + return res; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::ALLOC_TOKEN_HAP), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + res.tokenIDEx = 0; + return res; + } + + uint64_t result = reply.ReadUint64(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}llu", __func__, result); + res.tokenIDEx = result; + return res; +} + +int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::TOKEN_DELETE), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_TOKEN_TYPE), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return RET_FAILED; + } + if (!data.WriteString(dcap)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + return RET_FAILED; + } + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::CHECK_NATIVE_DCAP), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +AccessTokenID AccessTokenManagerProxy::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteInt32(userID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + return 0; + } + if (!data.WriteString(bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + return 0; + } + if (!data.WriteInt32(instIndex)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + return 0; + } + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return 0; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_ID), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return 0; + } + + int result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +AccessTokenID AccessTokenManagerProxy::AllocLocalTokenID( + const std::string& remoteDeviceID, AccessTokenID remoteTokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + if (!data.WriteString(remoteDeviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + return 0; + } + if (!data.WriteUint32(remoteTokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + return 0; + } + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return 0; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::ALLOC_LOCAL_TOKEN_ID), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return 0; + } + + AccessTokenID result = reply.ReadUint32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_NATIVE_TOKENINFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + sptr resultSptr = reply.ReadParcelable(); + if (resultSptr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + return RET_FAILED; + } + nativeTokenInfoRes = *resultSptr; + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKENINFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + sptr resultSptr = reply.ReadParcelable(); + if (resultSptr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + return RET_FAILED; + } + hapTokenInfoRes = *resultSptr; + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} + +int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, + const std::string& appIDDesc, const HapPolicyParcel& policyParcel) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + return RET_FAILED; + } + if (!data.WriteString(appIDDesc)) { + return RET_FAILED; + } + if (!data.WriteParcelable(&policyParcel)) { + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} } // namespace AccessToken } // namespace Security -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h index e0c99c62d..973714702 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h @@ -16,9 +16,18 @@ #ifndef ACCESSTOKEN_MANAGER_PROXY_H #define ACCESSTOKEN_MANAGER_PROXY_H -#include "i_accesstoken_manager.h" +#include +#include +#include "access_token.h" +#include "hap_info_parcel.h" +#include "hap_policy_parcel.h" +#include "hap_token_info_parcel.h" +#include "i_accesstoken_manager.h" #include "iremote_proxy.h" +#include "native_token_info_parcel.h" +#include "permission_def_parcel.h" +#include "permission_state_full_parcel.h" namespace OHOS { namespace Security { @@ -28,7 +37,25 @@ public: explicit AccessTokenManagerProxy(const sptr& impl); virtual ~AccessTokenManagerProxy() override; - int VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName) override; + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; + int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; + int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) override; + int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; + int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; + int ClearUserGrantedPermissionState(AccessTokenID tokenID) override; + int GetTokenType(AccessTokenID tokenID) override; + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) override; + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) override; + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; + AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override; + int DeleteToken(AccessTokenID tokenID) override; + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, + const HapPolicyParcel& policyPar) override; + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; private: static inline BrokerDelegator delegator_; }; diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index a61294493..fed32567e 100755 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -20,7 +20,8 @@ ohos_unittest("libaccesstoken_sdk_test") { include_dirs = [ "//utils/native/base/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include/", + "//third_party/googletest/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" ] sources = [ "unittest/cpp/src/accesstoken_kit_test.cpp" ] diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp index 7fbf82406..cce73330e 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp @@ -24,26 +24,285 @@ void AccessTokenKitTest::SetUpTestCase() {} void AccessTokenKitTest::TearDownTestCase() -{} +{ +} void AccessTokenKitTest::SetUp() -{} +{ + HapInfoParams info = { + .userID = TEST_USER_ID, + .bundleName = TEST_BUNDLE_NAME, + .instIndex = 0, + .appIDDesc = "appIDDesc", + }; + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "domain" + }; + + PermissionDef permissionDefAlpha = { + .permissionName = TEST_PERMISSION_NAME_ALPHA, + .bundleName = TEST_BUNDLE_NAME, + .grantMode = GrantMode::USER_GRANT, + .availableScope = AVAILABLE_SCOPE_ALL, + }; + + PermissionDef permissionDefBeta = { + .permissionName = TEST_PERMISSION_NAME_BETA, + .bundleName = TEST_BUNDLE_NAME, + .grantMode = GrantMode::SYSTEM_GRANT, + .availableScope = AVAILABLE_SCOPE_ALL, + }; + policy.permList.emplace_back(permissionDefAlpha); + policy.permList.emplace_back(permissionDefBeta); + + PermissionStateFull permStatAlpha = { + .permissionName = TEST_PERMISSION_NAME_ALPHA, + .isGeneral = true, + .resDeviceID = {"device"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} + }; + PermissionStateFull permStatBeta = { + .permissionName = TEST_PERMISSION_NAME_BETA, + .isGeneral = true, + .resDeviceID = {"device"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {PermissionFlag::PERMISSION_USER_SET} + }; + policy.permStateList.emplace_back(permStatAlpha); + policy.permStateList.emplace_back(permStatBeta); + + AccessTokenKit::AllocHapToken(info, policy); +} void AccessTokenKitTest::TearDown() -{} +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenKit::DeleteToken(tokenID); +} + +unsigned int AccessTokenKitTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex) +{ + return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); +} +/** + * @tc.name: AllocHapToken001 + * @tc.desc: Get permission definition info after AllocHapToken function has been invoked. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken001, TestSize.Level1) +{ + PermissionDef permDefResultAlpha; + int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); + ASSERT_EQ(RET_SUCCESS, ret); + + PermissionDef permDefResultBeta; + ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_BETA, permDefResultBeta); + ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permDefResultBeta.permissionName); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: AllocHapToken002 + * @tc.desc: Get permission definition info that permission is not exist. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken002, TestSize.Level1) +{ + PermissionDef permDefResult; + int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_GAMMA, permDefResult); + ASSERT_EQ(RET_FAILED, ret); +} /** - * @tc.name: VerifyAccesstoken001 - * @tc.desc: Verify user granted permission + * @tc.name: AllocHapToken003 + * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked. * @tc.type: FUNC * @tc.require: */ -HWTEST_F(AccessTokenKitTest, VerifyAccesstoken001, TestSize.Level0) +HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1) { - AccessTokenID tokenID = 1; - const std::string TEST_PERMISSION_NAME = "ohos.permission.TEST"; + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + std::vector permDefList; + int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(2, permDefList.size()); +} - int ret = AccessTokenKit::VerifyAccesstoken(tokenID, TEST_PERMISSION_NAME); +/** + * @tc.name: AllocHapToken004 + * @tc.desc: Get permission definition info list that tokenID is invalid. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken004, TestSize.Level1) +{ + std::vector permDefList; + int ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: GetReqPermissions001 + * @tc.desc: Get user granted permission state info. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, GetReqPermissions001, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + std::vector permStatList; + int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(1, permStatList.size()); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(ret, permStatList[0].grantStatus[0]); +} + +/** + * @tc.name: GetReqPermissions002 + * @tc.desc: Get system granted permission state info. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, GetReqPermissions002, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + std::vector permStatList; + int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, true); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(1, permStatList.size()); + ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permStatList[0].permissionName); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); + ASSERT_EQ(ret, permStatList[0].grantStatus[0]); +} + +/** + * @tc.name: GetPermissionFlag001 + * @tc.desc: Get permission flag after grant permission. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, GetPermissionFlag001, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_USER_FIXED, ret); +} + +/** + * @tc.name: VerifyAccessToken001 + * @tc.desc: Verify user granted permission. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, VerifyAccessToken001, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_GRANTED, ret); + + ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); +} + +/** + * @tc.name: VerifyAccessToken002 + * @tc.desc: Verify system granted permission. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, VerifyAccessToken002, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); ASSERT_EQ(PERMISSION_GRANTED, ret); -} \ No newline at end of file + ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); + ASSERT_EQ(PERMISSION_DENIED, ret); +} + +/** + * @tc.name: VerifyAccessToken003 + * @tc.desc: Verify permission that has not been defined. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, VerifyAccessToken003, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_GAMMA); + ASSERT_EQ(PERMISSION_DENIED, ret); +} + +/** + * @tc.name: ClearUserGrantedPermissionState001 + * @tc.desc: Clear user granted permission fater ClearUserGrantedPermissionState has been invoked. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState001, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); +} + +/** + * @tc.name: DeleteToken001 + * @tc.desc: Cannot get permission definition info after DeleteToken function has been invoked. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, DeleteToken001, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + PermissionDef permDefResultAlpha; + int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + PermissionDef defResult; + ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, defResult); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: DeleteToken002 + * @tc.desc: Delete invalid tokenID. + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(AccessTokenKitTest, DeleteToken002, TestSize.Level1) +{ + int ret = AccessTokenKit::DeleteToken(TEST_USER_ID_INVALID); + ASSERT_EQ(RET_FAILED, ret); +} diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h index 5784ad6f4..25de97777 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h +++ b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h @@ -21,6 +21,13 @@ namespace OHOS { namespace Security { namespace AccessToken { +static const std::string TEST_BUNDLE_NAME = "ohos"; +static const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA"; +static const std::string TEST_PERMISSION_NAME_BETA = "ohos.permission.BETA"; +static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA"; +static const int TEST_USER_ID = 0; +static const int TEST_USER_ID_INVALID = -1; +static const unsigned int TEST_TOKENID_INVALID = 0; class AccessTokenKitTest : public testing::Test { public: static void SetUpTestCase(); @@ -30,6 +37,7 @@ public: void SetUp(); void TearDown(); + unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/atlib/BUILD.gn b/interfaces/innerkits/atlib/BUILD.gn new file mode 100644 index 000000000..29099e670 --- /dev/null +++ b/interfaces/innerkits/atlib/BUILD.gn @@ -0,0 +1,55 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +################################################################ +# C, Main, source file here. +################################################################ +config("accesstokenlib") { + visibility = [ ":*" ] + include_dirs = [ "main/include" ] +} + +ohos_shared_library("libaccesstoken_lib") { + subsystem_name = "security" + part_name = "access_token" + output_name = "libaccesstoken_lib" + + public_configs = [ ":accesstokenlib" ] + + cflags = [ "-Wall" ] + + include_dirs = [ + "//utils/native/base/include", + "main/include", + "main/src", + "//third_party/cJSON", + "//third_party/bounds_checking_function/include", + "//base/hiviewdfx/hilog_lite/interfaces/native/kits", + ] + + sources = [ + "main/src/accesstoken_lib.c", + ] + + deps = [ + "//utils/native/base:utils", + "//third_party/cJSON:cjson_static", + "//utils/native/base:utilsecurec_shared", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + ] +} diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_lib.h b/interfaces/innerkits/atlib/main/include/accesstoken_lib.h new file mode 100644 index 000000000..da3744711 --- /dev/null +++ b/interfaces/innerkits/atlib/main/include/accesstoken_lib.h @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing ACCESSTOKENs and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "cJSON.h" +#include "securec.h" +#include "accesstoken_log.h" + +#ifndef ACCESSTOKEN_LIB_H +#define ACCESSTOKEN_LIB_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define MAX_PROCESS_NAME_LEN 256 +#define TOKEN_ID_CFG_PATH "/data/token.json" +#define SOCKET_FILE "/data/token_unix_socket" +#define ERR 1 +#define SUCCESS 0 +#define TOKEN_NATIVE_TYPE 1 +#define DEFAULT_AT_VERSION 1 +#define TRANSFER_KEY_WORDS "NativeTokenInfo" +#define MAX_JSON_FILE_LEN 102400 + +typedef unsigned int NativeAtId; +typedef unsigned int NativeAtAttr; + +typedef struct { + unsigned int tokenUniqueId : 24; + unsigned int reserved : 3; + unsigned int type : 2; + unsigned int version : 3; +} AtInnerInfo; + +typedef struct { + NativeAtId tokenId; + NativeAtAttr tokenAttr; +} NativeAtIdEx; + +typedef struct TokenList { + NativeAtId tokenId; + char processName[MAX_PROCESS_NAME_LEN]; + struct TokenList *next; +} NativeTokenList; + +typedef struct TokenQueue { + NativeAtId tokenId; + int apl; + const char *processName; + const char **dcaps; + int dcapsNum; + int flag; + struct TokenQueue *next; +} NativeTokenQueue; + +#define TOKEN_QUEUE_NODE_INFO_SET(tmp, aplStr, processname, tokenId, exist, dcap, dacpNum) do { \ + (tmp).apl = GetAplLevel((aplStr)); \ + (tmp).processName = (processname); \ + (tmp).tokenId = (tokenId); \ + (tmp).flag = (exist); \ + (tmp).dcaps = (dcap); \ + (tmp).dcapsNum = (dacpNum); \ +} while (0) + +extern void *ThreadTransferFunc(const void *args); + +#ifdef __cplusplus +} +#endif + +#endif // ACCESSTOKEN_LIB_H diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_log.h b/interfaces/innerkits/atlib/main/include/accesstoken_log.h new file mode 100644 index 000000000..cdf5fa761 --- /dev/null +++ b/interfaces/innerkits/atlib/main/include/accesstoken_log.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing ACCESSTOKENs and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_LOG_H +#define ACCESSTOKEN_LOG_H + +#ifdef HILOG_ENABLE + +#include "hilog/log.h" + +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) ACCESSTOKEN_LOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__) + +/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ +#undef LOG_TAG +#undef LOG_DOMAIN + +#else + +#include +#include + +/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ +#define LOG_TAG "accssToken_" + +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) + +#endif // HILOG_ENABLE + +#endif // ACCESSTOKEN_LOG_H diff --git a/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h b/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h new file mode 100644 index 000000000..d0511410e --- /dev/null +++ b/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +extern int32_t AtlibInit(void); + +extern uint64_t GetAccessTokenId(const char *processname, const char **dcap, int32_t dacpNum, const char *aplStr); + +#ifdef __cplusplus +} +#endif + +#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H diff --git a/interfaces/innerkits/atlib/main/src/accesstoken_lib.c b/interfaces/innerkits/atlib/main/src/accesstoken_lib.c new file mode 100644 index 000000000..7a921900e --- /dev/null +++ b/interfaces/innerkits/atlib/main/src/accesstoken_lib.c @@ -0,0 +1,514 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing ACCESSTOKENs and + * limitations under the License. + */ + +#include "accesstoken_lib.h" +#include "accesstokenlib_kit.h" + +NativeTokenQueue *g_tokenQueueHead; +NativeTokenList *g_tokenListHead; +int g_isAtmExist; +int g_signalFd; +static pthread_mutex_t g_tokenQueueHeadLock = PTHREAD_MUTEX_INITIALIZER; + +char *GetFileBuff(const char *cfg) +{ + char *buff = NULL; + FILE *cfgFd = NULL; + struct stat fileStat; + int fileSize; + + if (stat(cfg, &fileStat) != 0) { + ACCESSTOKEN_LOG_ERROR("stat file failed."); + return NULL; + } + fileSize = (int)fileStat.st_size; + if ((fileSize < 0) || (fileSize > MAX_JSON_FILE_LEN)) { + ACCESSTOKEN_LOG_ERROR("stat file size is invalid."); + return NULL; + } + + cfgFd = fopen(cfg, "r"); + if (cfgFd == NULL) { + ACCESSTOKEN_LOG_ERROR("fopen file failed."); + return NULL; + } + + buff = (char *)malloc((size_t)(fileSize + 1)); + if (buff == NULL) { + ACCESSTOKEN_LOG_ERROR("memory alloc failed."); + fclose(cfgFd); + return NULL; + } + + if (fread(buff, fileSize, 1, cfgFd) != 1) { + ACCESSTOKEN_LOG_ERROR("fread failed."); + free(buff); + buff = NULL; + } else { + buff[fileSize] = '\0'; + } + + fclose(cfgFd); + return buff; +} + +int GetTokenList(const cJSON *object) +{ + if (object == NULL) { + return ERR; + } + int arraySize = cJSON_GetArraySize(object); + + for (int i = 0; i < arraySize; i++) { + cJSON *cjsonItem = cJSON_GetArrayItem(object, i); + cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, "processName"); + cJSON *tokenIdJson = cJSON_GetObjectItem(cjsonItem, "tokenId"); + if (cJSON_IsString(processNameJson) == 0 || (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN)) { + ACCESSTOKEN_LOG_ERROR("processNameJson is invalid."); + return ERR; + } + if ((cJSON_IsNumber(tokenIdJson) == 0) || (cJSON_GetNumberValue(tokenIdJson) <= 0)) { + ACCESSTOKEN_LOG_ERROR("tokenIdJson is invalid."); + return ERR; + } + + NativeTokenList *tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); + if (tmp == NULL) { + ACCESSTOKEN_LOG_ERROR("memory alloc failed."); + return ERR; + } + (void)strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN, processNameJson->valuestring); + tmp->tokenId = tokenIdJson->valueint; + tmp->next = g_tokenListHead->next; + g_tokenListHead->next = tmp; + } + return SUCCESS; +} + +int ParseTokenInfoCfg(const char *filename) +{ + char *fileBuff; + cJSON *record; + int ret; + + if (filename == NULL || filename[0] == '\0') { + return ERR; + } + fileBuff = GetFileBuff(filename); + if (fileBuff == NULL) { + return ERR; + } + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; + + ret = GetTokenList(record); + cJSON_Delete(record); + + return ret; +} + +int AtlibInit(void) +{ + g_tokenListHead = (NativeTokenList *)malloc(sizeof(NativeTokenList)); + if (g_tokenListHead == NULL) { + ACCESSTOKEN_LOG_ERROR("g_tokenListHead memory alloc failed."); + return ERR; + } + g_tokenListHead->next = NULL; + + g_tokenQueueHead = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); + if (g_tokenQueueHead == NULL) { + free(g_tokenListHead); + ACCESSTOKEN_LOG_ERROR("g_tokenQueueHead memory alloc failed."); + return ERR; + } + g_tokenQueueHead->next = NULL; + g_isAtmExist = 0; + + return ParseTokenInfoCfg(TOKEN_ID_CFG_PATH); +} + +int GetRandomTokenId(unsigned int *randNum) +{ + unsigned int random; + int len; + int fd = open("/dev/urandom", O_RDONLY); + if (fd == -1) { + return ERR; + } + len = read(fd, &random, sizeof(random)); + (void)close(fd); + if (len != sizeof(random)) { + ACCESSTOKEN_LOG_ERROR("read failed."); + return ERR; + } + *randNum = random; + return SUCCESS; +} + +NativeAtId CreateNativeTokenId(const char *processName) +{ + unsigned int rand; + NativeAtId tokenId; + AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId); + + if (GetRandomTokenId(&rand) == ERR) { + return 0; + } + + innerId->reserved = 0; + innerId->tokenUniqueId = rand & (0xFFFFFF); + innerId->type = TOKEN_NATIVE_TYPE; + innerId->version = 1; + return tokenId; +} + +int TriggerTransfer() +{ + int ret; + static const uint64_t increment = 1; + ret = write(g_signalFd, &increment, sizeof(increment)); + if (ret == -1) { + ACCESSTOKEN_LOG_ERROR("TriggerTransfer write failed."); + return ERR; + } + return SUCCESS; +} + +int TokenInfoSave(const NativeTokenQueue *node) +{ + if (node->apl == 0) { + return ERR; + } + NativeTokenQueue *curr; + curr = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); + if (curr == NULL) { + ACCESSTOKEN_LOG_ERROR("memory alloc failed."); + return ERR; + } + curr->apl = node->apl; + curr->processName = node->processName; + curr->tokenId = node->tokenId; + curr->flag = node->flag; + curr->dcaps = node->dcaps; + curr->dcapsNum = node->dcapsNum; + + pthread_mutex_lock(&g_tokenQueueHeadLock); + curr->next = g_tokenQueueHead->next; + g_tokenQueueHead->next = curr; + pthread_mutex_unlock(&g_tokenQueueHeadLock); + + if (g_isAtmExist == 1) { + return TriggerTransfer(); + } + return SUCCESS; +} + +int GetAplLevel(const char *aplStr) +{ + if (strcmp(aplStr, "system_core") == 0) { + return 3; // system_core means apl level is 3 + } + if (strcmp(aplStr, "system_basic") == 0) { + return 2; // system_basic means apl level is 2 + } + if (strcmp(aplStr, "normal") == 0) { + return 1; + } + return 0; +} + +uint64_t GetAccessTokenId(const char *processname, const char **dcap, int dacpNum, const char *aplStr) +{ + NativeAtId tokenId; + NativeTokenList *tokenNode = g_tokenListHead; + NativeTokenQueue tmp; + + int exist = 0; + int ret; + uint64_t result = 0; + NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); + + while (tokenNode != NULL) { + if (strcmp(tokenNode->processName, processname) == 0) { + exist = 1; + tokenId = tokenNode->tokenId; + break; + } + tokenNode = tokenNode->next; + } + + if (exist == 0) { + tokenId = CreateNativeTokenId(processname); + tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); + if (tokenNode == NULL) { + ACCESSTOKEN_LOG_ERROR("memory alloc failed."); + return 0; + } + (void)strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN, processname); + tokenNode->tokenId = tokenId; + tokenNode->next = g_tokenListHead->next; + g_tokenListHead->next = tokenNode; + ACCESSTOKEN_LOG_INFO("tokenNode->tokenId :%d, tokenNode->processName: %s\n", tokenNode->tokenId, tokenNode->processName); + } + + TOKEN_QUEUE_NODE_INFO_SET(tmp, aplStr, processname, tokenId, exist, dcap, dacpNum); + ret = TokenInfoSave(&tmp); + if (ret == 0) { + return result; + } + atPoint->tokenId = tokenId; + atPoint->tokenAttr = 0; + return result; +} + +int SendString(const char *str, int fd) +{ + int writtenSize; + int len = strlen(str); + + writtenSize = write(fd, str, len); + if (len != writtenSize) { + ACCESSTOKEN_LOG_ERROR("SendString write failed."); + return ERR; + } + return SUCCESS; +} + +void WriteToFile(const cJSON *root) +{ + char *jsonStr; + jsonStr = cJSON_PrintUnformatted(root); + if (jsonStr == NULL) { + ACCESSTOKEN_LOG_ERROR("cJSON_PrintUnformatted failed."); + return; + } + ACCESSTOKEN_LOG_INFO("jsonStr %s.\n", jsonStr); + + do { + int fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (fd < 0) { + break; + } + int strLen = strlen(jsonStr); + int writtenLen = write(fd, (void *)jsonStr, strLen); + close(fd); + if (writtenLen != strLen) { + ACCESSTOKEN_LOG_ERROR("write failed."); + break; + } + } while (0); + + cJSON_free(jsonStr); + return; +} + +int ExistNewTokenInfo(const NativeTokenQueue *head) +{ + const NativeTokenQueue *iter = head; + while (iter != NULL) { + if (iter->flag == 0) { + return 1; + } + iter = iter->next; + } + return 0; +} +void SaveTokenIdToCfg(const NativeTokenQueue *head) +{ + const NativeTokenQueue *iter = head; + char *fileBuff; + cJSON *record; + int ret; + + ret = ExistNewTokenInfo(head); + if (ret == 0) { + ACCESSTOKEN_LOG_INFO("there is no new info.\n"); + return; + } + fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + if (fileBuff == NULL) { + return; + } + + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; + + if (record == NULL) { + ACCESSTOKEN_LOG_ERROR("cJSON_Parse failed."); + return; + } + + while (iter != NULL) { + if (iter->flag == 1) { + continue; + } + cJSON *node = cJSON_CreateObject(); + if (node == NULL) { + ACCESSTOKEN_LOG_ERROR("cJSON_CreateObject failed."); + cJSON_Delete(record); + return; + } + cJSON_AddItemToObject(node, "processName", cJSON_CreateString(iter->processName)); + cJSON_AddItemToObject(node, "tokenId", cJSON_CreateNumber(iter->tokenId)); + cJSON_AddItemToArray(record, node); + iter = iter->next; + } + WriteToFile(record); + cJSON_Delete(record); + return; +} + +char * GetStringToBeSync(NativeTokenQueue *head) +{ + if (head == NULL) { + return NULL; + } + + cJSON *array = cJSON_CreateArray(); + if (array == NULL) { + return NULL; + } + + NativeTokenQueue *curr = head; + while (curr != 0) { + cJSON *object = cJSON_CreateObject(); + if (object == NULL) { + cJSON_Delete(array); + return NULL; + } + cJSON_AddItemToObject(object, "processName", cJSON_CreateString(curr->processName)); + cJSON_AddItemToObject(object, "APL", cJSON_CreateNumber(curr->apl)); + cJSON_AddItemToObject(object, "version", cJSON_CreateNumber(DEFAULT_AT_VERSION)); + cJSON_AddItemToObject(object, "tokenId", cJSON_CreateNumber(curr->tokenId)); + cJSON_AddItemToObject(object, "tokenAttr", cJSON_CreateNumber(0)); + + cJSON *dcapsArr = cJSON_CreateArray(); + if (dcapsArr == NULL) { + cJSON_Delete(array); + return NULL; + } + for (int i = 0; i < curr->dcapsNum; i++) { + cJSON_AddItemToArray(dcapsArr, cJSON_CreateString(curr->dcaps[i])); + } + cJSON_AddItemToObject(object, "dcaps", dcapsArr); + cJSON_AddItemToArray(array, object); + + NativeTokenQueue *node; + node = curr; + curr = curr->next; + free(node); + node = NULL; + } + + cJSON *root = cJSON_CreateObject(); + if (root == NULL) { + cJSON_Delete(array); + return NULL; + } + + cJSON_AddItemToObject(root, TRANSFER_KEY_WORDS, array); + + char *jsonStr = cJSON_PrintUnformatted(root); + if (jsonStr == NULL) { + cJSON_Delete(root); + return NULL; + } + + char *str = (char *)malloc(sizeof(char) * (strlen(jsonStr) + 1)); + if (str == NULL) { + cJSON_free(jsonStr); + cJSON_Delete(root); + return NULL; + } + + (void)strcpy_s(str, strlen(jsonStr) + 1, jsonStr); + cJSON_free(jsonStr); + cJSON_Delete(root); + return str; +} + +int SyncToAtm(void) +{ + int result; + struct sockaddr_un addr; + int fd; + char *str; + + /* get data to be processed */ + pthread_mutex_lock(&g_tokenQueueHeadLock); + NativeTokenQueue *begin = g_tokenQueueHead->next; + g_tokenQueueHead->next = NULL; + pthread_mutex_unlock(&g_tokenQueueHeadLock); + + /* update the token file */ + SaveTokenIdToCfg(begin); + + str = GetStringToBeSync(begin); + if (str == NULL) { + return SUCCESS; + } + + /* set socket */ + fd = socket(AF_UNIX, SOCK_STREAM, 0); + (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { + ACCESSTOKEN_LOG_ERROR("memcpy_s failed."); + return ERR; + } + result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); // 建立socket后默认connect()函数为阻塞连接状态 + if (result != 0) { + ACCESSTOKEN_LOG_ERROR("connect failed %d.", result); + return ERR; + } + + result = SendString(str, fd); + free(str); + close(fd); + return result; +} + +void *ThreadTransferFunc(const void *args) +{ + uint64_t result; + + /* + getpram + */ + + g_signalFd = eventfd(0, 0); + if (g_signalFd == -1) { + ACCESSTOKEN_LOG_ERROR("eventfd failed."); + return NULL; + } + + g_isAtmExist = 1; + while (1) { + int ret; + ret = read(g_signalFd, &result, sizeof(uint64_t)); + if (ret == -1) { + ACCESSTOKEN_LOG_ERROR("read failed."); + continue; + } + ret = SyncToAtm(); + if (ret == -1) { + ACCESSTOKEN_LOG_ERROR("SyncToAtm failed."); + } + } + return NULL; +} diff --git a/interfaces/innerkits/atlib/test/BUILD.gn b/interfaces/innerkits/atlib/test/BUILD.gn new file mode 100644 index 000000000..913506e79 --- /dev/null +++ b/interfaces/innerkits/atlib/test/BUILD.gn @@ -0,0 +1,44 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libaccesstoken_lib_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//utils/native/base/include", + "//third_party/cJSON", + "//third_party/bounds_checking_function/include", + "//base/security/access_token/interfaces/innerkits/atlib/main/include" + ] + + sources = [ "unittest/cpp/src/accesstokenlib_kit_test.cpp" ] + cflags_cc = ["-fexceptions" ] + ldflags = ["-lpthread",] + deps = [ + "//third_party/cJSON:cjson_static", + "//utils/native/base:utils", + "//third_party/googletest:gmock", + "//third_party/googletest:gtest", + "//third_party/libuv:uv_static", + "//third_party/bounds_checking_function:libsec_static", + ] +} + +group("unittest") { + testonly = true + deps = [ ":libaccesstoken_lib_test" ] +} diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp new file mode 100644 index 000000000..04a1e5ffb --- /dev/null +++ b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp @@ -0,0 +1,123 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstokenlib_kit_test.h" + +#include "accesstokenlib_kit.h" +#include "accesstoken_lib.h" + +using namespace testing::ext; +using namespace OHOS::Security; + +void TokenLibKitTest::SetUpTestCase() +{} + +void TokenLibKitTest::TearDownTestCase() +{} + +void TokenLibKitTest::SetUp() +{} + +void TokenLibKitTest::TearDown() +{} + +extern char *GetFileBuff(const char *cfg); + +void * ThreadATMFuncBackUp(void *args) +{ + socklen_t len = sizeof(struct sockaddr_un); + struct sockaddr_un addr; + struct sockaddr_un clientAddr; + int listenFd, ret; + int readLen; + + /* set socket */ + (void)memset_s(&addr, sizeof(addr), 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { + return NULL; + } + unlink(SOCKET_FILE); + listenFd = socket(AF_UNIX, SOCK_STREAM, 0); + if (listenFd < 0) { + ACCESSTOKEN_LOG_INFO("socket failed %d\n", listenFd); + return NULL; + } + + ::bind(listenFd, (struct sockaddr *)(&addr), (unsigned int)len); + + ret = listen(listenFd, 1); + if (ret < 0) { + ACCESSTOKEN_LOG_INFO("listenFd failed %d\n", errno); + remove(SOCKET_FILE); + close(listenFd); + return NULL; + } + while (1) { + int sockFd = accept(listenFd, (struct sockaddr *)(&clientAddr), &len); + ACCESSTOKEN_LOG_INFO("accept sockFd %d\n", sockFd); + do { + readLen = read(sockFd, OHOS::Security::TokenLibKitTest::buffer, 102400); + OHOS::Security::TokenLibKitTest::buffer[readLen] = '\0'; + ACCESSTOKEN_LOG_INFO("read :%s\n", OHOS::Security::TokenLibKitTest::buffer); + } while (readLen > 0); + + close(sockFd); + if (readLen < 0) { + break; + } + } + close(listenFd); + return NULL; +} + +int Start(const char *processName) +{ + const char *processname = processName; + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = 2; + pthread_t tid[2]; + (void)GetAccessTokenId(processname, dcaps, dcapNum, "system_core"); + + if (strcmp("foundation", processname) == 0) { + (void)pthread_create(&tid[0], 0, ThreadTransferFunc, NULL); + } + return 0; +} + +HWTEST_F(TokenLibKitTest, TestAtlib, TestSize.Level1) +{ + pthread_t tid[2]; + + AtlibInit(); + (void)pthread_create(&tid[1], 0, ThreadATMFuncBackUp, NULL); + sleep(5); + Start("process1"); + Start("process2"); + Start("process3"); + Start("process4"); + sleep(5); + Start("foundation"); + Start("process5"); + Start("process6"); + sleep(20); + Start("process7"); + Start("process8"); + Start("process9"); + sleep(50); + +} diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h new file mode 100644 index 000000000..f03660d8c --- /dev/null +++ b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_KIT_TEST_H +#define TOKENSYNC_KIT_TEST_H + +#include + +namespace OHOS { +namespace Security { +class TokenLibKitTest : public testing::Test { +public: + static char buffer[102400]; + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace Security +} // namespace OHOS +#endif // TOKENSYNC_KIT_TEST_H diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn new file mode 100644 index 000000000..0fe7a7907 --- /dev/null +++ b/interfaces/innerkits/tokensync/BUILD.gn @@ -0,0 +1,64 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +################################################################ +# C++, Main, source file here. +################################################################ +config("tokensync") { + visibility = [ ":*" ] + include_dirs = [ "main/cpp/include" ] +} + +ohos_shared_library("libtokensync_sdk") { + subsystem_name = "security" + part_name = "access_token" + + output_name = "libtokensync_sdk" + + public_configs = [ ":tokensync" ] + + include_dirs = [ + "//utils/native/base/include", + "main/cpp/include", + "main/cpp/src", + "//base/security/access_token/frameworks/tokensync/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/innerkits/tokensync/main/cpp/include" + #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission", + ] + + sources = [ + #"main/cpp/src/permission/permission_kit.cpp", + #"main/cpp/src/permission/permission_manager_client.cpp", + #"main/cpp/src/permission/permission_manager_proxy.cpp", + "main/cpp/src/tokensync_kit.cpp", + "main/cpp/src/tokensync_manager_client.cpp", + "main/cpp/src/tokensync_manager_proxy.cpp", + ] + + deps = [ + #"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", + #"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "samgr_standard:samgr_proxy", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] +} diff --git a/interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h b/interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h new file mode 100644 index 000000000..c39e1a64a --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_TOKENSYNC_KIT_H +#define INTERFACES_INNER_KITS_TOKENSYNC_KIT_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace TokenSync { +class TokenSyncKit { +public: + static int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId); +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS + +#endif diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp new file mode 100644 index 000000000..02a462ffb --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_kit.h" + +#include +#include + +#include "accesstoken_log.h" +#include "tokensync_manager_client.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +using namespace std; + +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncKit"}; +} // namespace + +int TokenSyncKit::VerifyPermission(const string& bundleName, const string& permissionName, int userId) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "bundleName=%{public}s, permissionName=%{public}s, userId=%{public}d", + bundleName.c_str(), permissionName.c_str(), userId); + return TokenSyncManagerClient::GetInstance().VerifyPermission(bundleName, permissionName, userId); +} +} // namespace TokenSync +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp new file mode 100644 index 000000000..98f658bc6 --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_manager_client.h" + +#include "accesstoken_log.h" + +#include "iservice_registry.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerClient"}; +} // namespace + +TokenSyncManagerClient& TokenSyncManagerClient::GetInstance() +{ + static TokenSyncManagerClient instance; + return instance; +} + +TokenSyncManagerClient::TokenSyncManagerClient() +{} + +TokenSyncManagerClient::~TokenSyncManagerClient() +{} + +int TokenSyncManagerClient::VerifyPermission( + const std::string& bundleName, const std::string& permissionName, int userId) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + return -1; + } + return proxy->VerifyPermission(bundleName, permissionName, userId); +} + +sptr TokenSyncManagerClient::GetProxy() const +{ + auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (sam == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__); + return nullptr; + } + auto tokensyncSa = sam->GetSystemAbility(ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); + if (tokensyncSa == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__, + ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); + return nullptr; + } + + auto proxy = iface_cast(tokensyncSa); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); + return nullptr; + } + return proxy; +} +} // namespace TokenSync +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h new file mode 100644 index 000000000..06445abc5 --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_MANAGER_CLIENT_H +#define ACCESSTOKEN_MANAGER_CLIENT_H + +#include + +#include "i_tokensync_manager.h" + +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +class TokenSyncManagerClient final { +public: + static TokenSyncManagerClient& GetInstance(); + + virtual ~TokenSyncManagerClient(); + + int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const; + +private: + TokenSyncManagerClient(); + + DISALLOW_COPY_AND_MOVE(TokenSyncManagerClient); + + sptr GetProxy() const; +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_MANAGER_CLIENT_H diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp new file mode 100644 index 000000000..4a0e9f830 --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_manager_proxy.h" + +#include "accesstoken_log.h" + +#include "parcel.h" +#include "string_ex.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerProxy"}; +} + +TokenSyncManagerProxy::TokenSyncManagerProxy(const sptr& impl) : IRemoteProxy(impl) +{} + +TokenSyncManagerProxy::~TokenSyncManagerProxy() +{} + +int TokenSyncManagerProxy::VerifyPermission( + const std::string& bundleName, const std::string& permissionName, int userId) +{ + MessageParcel data; + data.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); + if (!data.WriteString(bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__); + return -1; + } + if (!data.WriteString(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + return -1; + } + if (!data.WriteInt32(userId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__); + return -1; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + return -1; + } + int32_t requestResult = remote->SendRequest( + static_cast(ITokenSyncManager::InterfaceCode::VERIFY_PERMISSION), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + return -1; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + return result; +} +} // namespace TokenSync +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h new file mode 100644 index 000000000..fc0dbc10d --- /dev/null +++ b/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_MANAGER_PROXY_H +#define TOKENSYNC_MANAGER_PROXY_H + +#include + +#include "i_tokensync_manager.h" +#include "iremote_broker.h" +#include "iremote_proxy.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +class TokenSyncManagerProxy : public IRemoteProxy { +public: + explicit TokenSyncManagerProxy(const sptr& impl); + virtual ~TokenSyncManagerProxy() override; + + int VerifyPermission(const std::string& packageName, const std::string& permissionName, int userId) override; + +private: + static inline BrokerDelegator delegator_; +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS +#endif // TOKENSYNC_MANAGER_PROXY_H diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn new file mode 100644 index 000000000..afbd3655f --- /dev/null +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -0,0 +1,42 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libtokensync_sdk_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//utils/native/base/include", + "//third_party/googletest/include", + #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission/", + "//base/security/access_token/interfaces/innerkits/tokensync/main/cpp/include" + ] + + sources = [ "unittest/cpp/src/tokensync_kit_test.cpp" ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ +#"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", + "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", + "//utils/native/base:utils", + ] +} + +group("unittest") { + testonly = true + deps = [ ":libtokensync_sdk_test" ] +} diff --git a/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp new file mode 100644 index 000000000..b4ae1174e --- /dev/null +++ b/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_kit_test.h" + +#include "tokensync_kit.h" + +using namespace testing::ext; +using namespace OHOS::Security::TokenSync; + +void TokenSyncKitTest::SetUpTestCase() +{} + +void TokenSyncKitTest::TearDownTestCase() +{ +} + +void TokenSyncKitTest::SetUp() +{ +} + +void TokenSyncKitTest::TearDown() +{} + +/** + * @tc.name: VerifyPermission001 + * @tc.desc: Verify user granted permission + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(TokenSyncKitTest, VerifyPermission001, TestSize.Level1) +{ + const std::string TEST_BUNDLE_NAME = "ohos"; + const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA"; + const int TEST_USER_ID = 0; + int ret = TokenSyncKit::VerifyPermission(TEST_BUNDLE_NAME, TEST_PERMISSION_NAME_ALPHA, TEST_USER_ID); + + ASSERT_EQ(0, ret); +} + diff --git a/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h b/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h new file mode 100644 index 000000000..4202bcd9b --- /dev/null +++ b/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_KIT_TEST_H +#define TOKENSYNC_KIT_TEST_H + +#include + +namespace OHOS { +namespace Security { +namespace TokenSync { +class TokenSyncKitTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS +#endif // TOKENSYNC_KIT_TEST_H diff --git a/ohos.build b/ohos.build index f8bc9d11f..f87ae64db 100644 --- a/ohos.build +++ b/ohos.build @@ -11,7 +11,6 @@ "name": "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "header": { "header_files": [ - "accesstoken.h", "accesstoken_kit.h" ], "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" @@ -19,10 +18,12 @@ } ], "module_list": [ - "//base/security/access_token:accesstoken_build_module_standard" + "//base/security/access_token:accesstoken_build_module", + "//base/security/access_token:tokensync_build_module" ], "test_list": [ - "//base/security/access_token:accesstoken_build_module_standard_test" + "//base/security/access_token:accesstoken_build_module_test", + "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest" ] } } diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn new file mode 100644 index 000000000..4622a3086 --- /dev/null +++ b/services/accesstokenmanager/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + + +ohos_prebuilt_etc("access_token.rc") { + source = "access_token.cfg" + relative_install_dir = "init" + subsystem_name = "security" + part_name = "access_token" +} + +ohos_shared_library("accesstoken_manager_service") { + subsystem_name = "security" + part_name = "access_token" + + include_dirs = [ + "main/cpp/include/service", + "main/cpp/include/token", + "main/cpp/include/permission", + "main/cpp/include/database", + "//utils/system/safwk/native/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//third_party/json/include", + ] + + sources = [ + "main/cpp/src/service/accesstoken_manager_service.cpp", + "main/cpp/src/service/accesstoken_manager_stub.cpp", + "main/cpp/src/token/accesstoken_id_manager.cpp", + "main/cpp/src/token/accesstoken_info_manager.cpp", + "main/cpp/src/token/hap_token_info_inner.cpp", + "main/cpp/src/token/native_token_info_inner.cpp", + "main/cpp/src/permission/permission_manager.cpp", + "main/cpp/src/permission/permission_definition_cache.cpp", + "main/cpp/src/permission/permission_policy_set.cpp", + "main/cpp/src/permission/permission_validator.cpp", + "main/cpp/src/database/data_storage.cpp", + "main/cpp/src/database/data_translator.cpp", + "main/cpp/src/database/generic_values.cpp", + "main/cpp/src/database/sqlite_helper.cpp", + "main/cpp/src/database/sqlite_storage.cpp", + "main/cpp/src/database/statement.cpp", + "main/cpp/src/database/variant_value.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", + #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", + "//third_party/sqlite:sqlite", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/services/accesstokenmanager:access_token.rc", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "safwk:system_ability_fwk", + "samgr_standard:samgr_proxy", + ] +} diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg new file mode 100644 index 000000000..e06136d1c --- /dev/null +++ b/services/accesstokenmanager/access_token.cfg @@ -0,0 +1,17 @@ +{ + "jobs" : [{ + "name" : "late-fs", + "cmds" : [ + "start accesstoken_service" + ] + } + ], + "services" : [{ + "name" : "accesstoken_service", + "path" : ["/system/bin/sa_main", "/system/profile/accesstoken_service.xml"], + "importance" : -20, + "uid" : "system", + "gid" : ["system"] + } + ] +} diff --git a/services/accesstokenmanager/access_token.rc b/services/accesstokenmanager/access_token.rc new file mode 100644 index 000000000..68b9f548b --- /dev/null +++ b/services/accesstokenmanager/access_token.rc @@ -0,0 +1,22 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +on late-fs + start accesstoken_service + +service accesstoken_service /system/bin/sa_main /system/profile/accesstoken_service.xml + class accesstoken_service + priority -20 + user system + group system + seclabel u:r:accesstoken_service:s0 diff --git a/services/accesstokenmanager/main/cpp/include/database/data_storage.h b/services/accesstokenmanager/main/cpp/include/database/data_storage.h new file mode 100644 index 000000000..9233596bb --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/data_storage.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATA_STORAGE_H +#define DATA_STORAGE_H + +#include +#include + +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class DataStorage { +public: + enum DataType { + ACCESSTOKEN_HAP_INFO, + ACCESSTOKEN_NATIVE_INFO, + ACCESSTOKEN_PERMISSION_DEF, + ACCESSTOKEN_PERMISSION_STATE, + }; + + static DataStorage& GetRealDataStorage(); + + virtual ~DataStorage() = default; + + virtual int Add(const DataType type, const std::vector& values) = 0; + + virtual int Remove(const DataType type, const GenericValues& conditions) = 0; + + virtual int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) = 0; + + virtual int Find(const DataType type, std::vector& results) = 0; + + virtual int RefreshAll(const DataType type, const std::vector& values) = 0; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // DATA_STORAGE_H diff --git a/services/accesstokenmanager/main/cpp/include/database/data_translator.h b/services/accesstokenmanager/main/cpp/include/database/data_translator.h new file mode 100644 index 000000000..1be472818 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/data_translator.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATA_TRANSLATOR_H +#define DATA_TRANSLATOR_H + +#include + +#include "hap_token_info_inner.h" +#include "native_token_info_inner.h" +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class DataTranslator final { +public: + static int TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues); + static int TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef); + static int TranslationIntoGenericValues(const PermissionStateFull& inPermissionState, + const unsigned int grantIndex, GenericValues& outGenericValues); + static int TranslationIntoPermissionStateFull(const GenericValues& inGenericValues, + PermissionStateFull& outPermissionState); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // DATA_TRANSLATOR_H diff --git a/services/accesstokenmanager/main/cpp/include/database/field_const.h b/services/accesstokenmanager/main/cpp/include/database/field_const.h new file mode 100644 index 000000000..3d9ec533f --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/field_const.h @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FIELD_CONST_H +#define FIELD_CONST_H + +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +const std::string FIELD_TOKEN_ID = "token_id"; +const std::string FIELD_USER_ID = "user_id"; +const std::string FIELD_BUNDLE_NAME = "bundle_name"; +const std::string FIELD_INST_INDEX = "inst_index"; +const std::string FIELD_APP_ID = "app_id"; +const std::string FIELD_DEVICE_ID = "device_id"; +const std::string FIELD_APL = "apl"; +const std::string FIELD_TOKEN_VERSION = "token_version"; +const std::string FIELD_TOKEN_ATTR = "token_attr"; +const std::string FIELD_PROCESS_NAME = "process_name"; +const std::string FIELD_DCAP = "dcap"; +const std::string FIELD_PERMISSION_NAME = "permission_name"; +const std::string FIELD_GRANT_MODE = "grant_mode"; +const std::string FIELD_AVAILABLE_SCOPE = "available_scope"; +const std::string FIELD_LABEL = "label"; +const std::string FIELD_LABEL_ID = "label_id"; +const std::string FIELD_DESCRIPTION = "description"; +const std::string FIELD_DESCRIPTION_ID = "description_id"; +const std::string FIELD_GRANT_STATE = "grant_state"; +const std::string FIELD_GRANT_FLAG = "grant_flag"; +const std::string FIELD_GRANT_IS_GENERAL = "is_general"; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // FIELD_CONST_H diff --git a/services/accesstokenmanager/main/cpp/include/database/generic_values.h b/services/accesstokenmanager/main/cpp/include/database/generic_values.h new file mode 100644 index 000000000..55c6b7ba6 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/generic_values.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GENERIC_VALUES_H +#define GENERIC_VALUES_H + +#include +#include +#include + +#include "variant_value.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class GenericValues final { +public: + GenericValues() = default; + virtual ~GenericValues() = default; + + void Put(const std::string& key, int value); + + void Put(const std::string& key, const std::string& value); + + void Put(const std::string& key, const VariantValue& value); + + std::vector GetAllKeys() const; + + VariantValue Get(const std::string& key) const; + + int GetInt(const std::string& key) const; + + std::string GetString(const std::string& key) const; + +private: + std::map map_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // GENERIC_VALUES_H diff --git a/services/accesstokenmanager/main/cpp/include/database/sqlite_helper.h b/services/accesstokenmanager/main/cpp/include/database/sqlite_helper.h new file mode 100644 index 000000000..003859839 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/sqlite_helper.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SQLITE_HELPER_H +#define SQLITE_HELPER_H + +#include + +#include "statement.h" + +#include "sqlite3sym.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SqliteHelper { +public: + explicit SqliteHelper(const std::string& dbName, const std::string& dbPath, int version); + virtual ~SqliteHelper(); + + void Open(); + void Close(); + + int BeginTransaction() const; + int CommitTransaction() const; + int RollbackTransaction() const; + + Statement Prepare(const std::string& sql) const; + int ExecuteSql(const std::string& sql) const; + std::string SpitError() const; + + virtual void OnCreate() = 0; + virtual void OnUpdate() = 0; + +private: + inline static const std::string PRAGMA_VERSION_COMMAND = "PRAGMA user_version"; + static const int GENERAL_ERROR = -1; + + const std::string dbName_; + const std::string dbPath_; + int currentVersion_; + sqlite3* db_; + + int GetVersion() const; + void SetVersion() const; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // SQLITE_HELPER_H diff --git a/services/accesstokenmanager/main/cpp/include/database/sqlite_storage.h b/services/accesstokenmanager/main/cpp/include/database/sqlite_storage.h new file mode 100644 index 000000000..5aeb78713 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/sqlite_storage.h @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SQLITE_STORAGE_H +#define SQLITE_STORAGE_H + +#include "data_storage.h" +#include "sqlite_helper.h" +#include "field_const.h" + +#include "nocopyable.h" +#include "rwlock.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SqliteStorage : public DataStorage, public SqliteHelper { +public: + enum ExecuteResult { FAILURE = -1, SUCCESS }; + + struct SqliteTable { + public: + std::string tableName_; + std::vector tableColumnNames_; + }; + + static SqliteStorage& GetInstance(); + + ~SqliteStorage() override; + + int Add(const DataType type, const std::vector& values) override; + + int Remove(const DataType type, const GenericValues& conditions) override; + + int Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) override; + + int Find(const DataType type, std::vector& results) override; + + int RefreshAll(const DataType type, const std::vector& values) override; + + void OnCreate() override; + void OnUpdate() override; + +private: + SqliteStorage(); + DISALLOW_COPY_AND_MOVE(SqliteStorage); + + std::map dataTypeToSqlTable_; + OHOS::Utils::RWLock rwLock_; + + int CreateHapTokenInfoTable() const; + int CreateNativeTokenInfoTable() const; + int CreatePermissionDefinitionTable() const; + int CreatePermissionStateTable() const; + + std::string CreateInsertPrepareSqlCmd(const DataType type) const; + std::string CreateDeletePrepareSqlCmd( + const DataType type, const std::vector& columnNames = std::vector()) const; + std::string CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, + const std::vector& conditionColumns) const; + std::string CreateSelectPrepareSqlCmd(const DataType type) const; + +private: + inline static const std::string HAP_TOKEN_INFO_TABLE = "hap_token_info_table"; + inline static const std::string NATIVE_TOKEN_INFO_TABLE = "native_token_info_table"; + inline static const std::string PERMISSION_DEF_TABLE = "permission_definition_table"; + inline static const std::string PERMISSION_STATE_TABLE = "permission_state_table"; + inline static const std::string DATABASE_NAME = "access_token.db"; + inline static const std::string DATABASE_PATH = "/data/system/"; + static const int DATABASE_VERSION = 1; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // SQLITE_STORAGE_H diff --git a/services/accesstokenmanager/main/cpp/include/database/statement.h b/services/accesstokenmanager/main/cpp/include/database/statement.h new file mode 100644 index 000000000..e84ec0b2f --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/statement.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef STATEMENT_H +#define STATEMENT_H + +#include + +#include "variant_value.h" + +#include "sqlite3sym.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class Statement final { +public: + enum State { BUSY, ROW, DONE, MISUSE, UNKNOWN }; + + Statement(sqlite3* db, const std::string& sql); + virtual ~Statement(); + + void Bind(const int index, const std::string& text); + void Bind(const int index, int value); + void Bind(const std::string& tableColumnName, const VariantValue& value); + + State Step(); + int Reset(); + + std::string GetColumnString(const int column) const; + int GetColumnInt(const int column) const; + std::string GetColumnName(const int column) const; + int GetParameterIndex(const std::string& name) const; + int GetColumnCount() const; + VariantValue GetValue(const int column) const; + +private: + sqlite3* db_; + sqlite3_stmt* statement_; + const std::string sql_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // STATEMENT_H diff --git a/services/accesstokenmanager/main/cpp/include/database/variant_value.h b/services/accesstokenmanager/main/cpp/include/database/variant_value.h new file mode 100644 index 000000000..cfb16f8e1 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/database/variant_value.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef VARIANT_VALUE_H +#define VARIANT_VALUE_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +enum class ValueType { + TYPE_NULL, + TYPE_INT, + TYPE_STRING, +}; + +class VariantValue final { +public: + VariantValue(); + virtual ~VariantValue(); + + explicit VariantValue(int value); + explicit VariantValue(const std::string& value); + + ValueType GetType() const; + int GetInt() const; + std::string GetString() const; + + static const int DEFAULT_VALUE = -1; + +private: + ValueType type_; + std::variant value_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // VARIANT_VALUE_H diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h new file mode 100644 index 000000000..76e492897 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_DEFINITION_CACHE_H +#define PERMISSION_DEFINITION_CACHE_H + +#include +#include + +#include "permission_def.h" + +#include "rwlock.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class PermissionDefinitionCache final { +public: + static PermissionDefinitionCache& GetInstance(); + + virtual ~PermissionDefinitionCache(); + + bool Insert(const PermissionDef& info); + + void DeleteByBundleName(const std::string& bundleName); + + int FindByPermissionName(const std::string& permissionName, PermissionDef& info); + + bool IsSystemGrantedPermission(const std::string& permissionName); + + bool IsUserGrantedPermission(const std::string& permissionName); + + bool HasDefinition(const std::string& permissionName); + +private: + PermissionDefinitionCache(); + + bool IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const; + + DISALLOW_COPY_AND_MOVE(PermissionDefinitionCache); + + /** + * key: the permission name. + * value: the object of PermissionDef. + */ + std::map permissionDefinitionMap_; + + OHOS::Utils::RWLock cacheLock_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_DEFINITION_CACHE_H diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h new file mode 100644 index 000000000..5925deec7 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_MANAGER_H +#define PERMISSION_MANAGER_H + +#include +#include + +#include "access_token.h" +#include "hap_token_info_inner.h" +#include "permission_def.h" +#include "permission_state_full.h" + +#include "rwlock.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +static const int DEFAULT_PERMISSION_FLAGS = 0; +class PermissionManager final { +public: + static PermissionManager& GetInstance(); + virtual ~PermissionManager(); + + void AddDefPermissions(const std::vector& permList); + void RemoveDefPermissions(AccessTokenID tokenID); + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); + int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); + int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); + void GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + void RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + void ClearUserGrantedPermissionState(AccessTokenID tokenID); +private: + PermissionManager(); + int UpdatePermissionStatus(PermissionStateFull& permStat, bool isGranted, int flag); + void UpdateTokenPermissionState( + AccessTokenID tokenID, const std::string& permissionName, bool isGranted, int flag); + + int QueryPermissionFlag(const PermissionStateFull& permStat); + int QueryPermissionStatus(const PermissionStateFull& permStat); + std::string TransferPermissionDefToString(const PermissionDef& inPermissionDef); + bool IsPermissionFlagValid(int flag) const; + bool IsGrantModeValid(const int grantMode) const; + bool IsAvailableScopeValid(const int availableScope) const; + bool IsPermissionDefValid(const PermissionDef& permissionDef) const; + + DISALLOW_COPY_AND_MOVE(PermissionManager); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_MANAGER_H diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h new file mode 100644 index 000000000..b51fe0713 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_POLICY_SET_H +#define PERMISSION_POLICY_SET_H + +#include "permission_def.h" +#include "permission_state_full.h" +#include "access_token.h" +#include "generic_values.h" + +#include +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionPolicySet final { +public: + PermissionPolicySet() : tokenId_(0) {}; + virtual ~PermissionPolicySet() {}; + + static std::shared_ptr BuildPermissionPolicySet(AccessTokenID tokenId, + const std::vector& permList, const std::vector& permStateList); + static std::shared_ptr RestorePermissionPolicy(AccessTokenID tokenId, + const std::vector& permDefRes, const std::vector& permStateRes); + void StorePermissionPolicySet(std::vector& permDefValueList, + std::vector& permStateValueList) const; + void Update(const std::vector& permList, const std::vector& permStateList); + void ToString(std::string& info) const; + std::vector permList_; + std::vector permStateList_; + +private: + static void MergePermissionStateFull(std::vector& permStateList, + const PermissionStateFull& state); + void UpdatePermStateFull(PermissionStateFull& permOld, const PermissionStateFull& permNew); + void UpdatePermDef(PermissionDef& permOld, const PermissionDef& permNew); + void StorePermissionDef(std::vector& valueList) const; + void StorePermissionState(std::vector& valueList) const; + void PermDefToString(const PermissionDef& def, std::string& info) const; + void PermStateFullToString(const PermissionStateFull& state, std::string& info) const; + AccessTokenID tokenId_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_POLICY_SET_H + diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h new file mode 100644 index 000000000..ebfb0b73b --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_VALIDATOR_H +#define PERMISSION_VALIDATOR_H +#include "permission_def.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct PermissionValidator final { +public: + PermissionValidator() {}; + ~PermissionValidator() {}; + + static bool IsPermissionNameValid(const std::string& permissionName); + static bool IsPermissionFlagValid(int flag); + static bool IsPermissionDefValid(const PermissionDef& permDef); + static bool IsPermissionStateValid(const PermissionStateFull& permState); + static void FilterInvalidPermisionDef( + const std::vector& permList, std::vector& result); + static void FilterInvalidPermisionState( + const std::vector& permList, std::vector& result); + static bool IsGrantModeValid(int grantMode); + static bool IsAvailableScopeValid(int availableScope); + static bool IsGrantStatusValid(int grantStaus); +private: + static void DeduplicateResDevID(const PermissionStateFull& permState, PermissionStateFull& result); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // PERMISSION_VALIDATOR_H + diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h new file mode 100644 index 000000000..401437f40 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_MANAGER_SERVICE_H +#define ACCESSTOKEN_MANAGER_SERVICE_H + +#include +#include + +#include "accesstoken_manager_stub.h" +#include "iremote_object.h" +#include "nocopyable.h" +#include "singleton.h" +#include "system_ability.h" +#include "hap_token_info.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; +class AccessTokenManagerService final : public SystemAbility, public AccessTokenManagerStub { + DECLARE_DELAYED_SINGLETON(AccessTokenManagerService); + DECLEAR_SYSTEM_ABILITY(AccessTokenManagerService); + +public: + void OnStart() override; + void OnStop() override; + + AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override; + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) override; + int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) override; + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) override; + int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) override; + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) override; + int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; + int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) override; + int ClearUserGrantedPermissionState(AccessTokenID tokenID) override; + int DeleteToken(AccessTokenID tokenID) override; + int GetTokenType(AccessTokenID tokenID) override; + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) override; + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) override; + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& InfoParcel) override; + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override; + int UpdateHapToken(AccessTokenID tokenID, + const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override; + +private: + bool Initialize() const; + + ServiceRunningState state_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_MANAGER_SERVICE_H diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h new file mode 100644 index 000000000..f01b0edec --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_MANAGER_STUB_H +#define ACCESSTOKEN_MANAGER_STUB_H + +#include "i_accesstoken_manager.h" + +#include + +#include "iremote_stub.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class AccessTokenManagerStub : public IRemoteStub { +public: + AccessTokenManagerStub(); + virtual ~AccessTokenManagerStub(); + + int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override; + +private: + void VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply); + void GetDefPermissionInner(MessageParcel& data, MessageParcel& reply); + void GetDefPermissionsInner(MessageParcel& data, MessageParcel& reply); + void GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply); + void GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply); + void GrantPermissionInner(MessageParcel& data, MessageParcel& reply); + void RevokePermissionInner(MessageParcel& data, MessageParcel& reply); + void ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply); + void AllocHapTokenInner(MessageParcel& data, MessageParcel& reply); + void DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void AllocNativeTokenInner(MessageParcel& data, MessageParcel& reply); + void UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply); + void GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply); + void GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply); + void CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply); + void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply); + + bool IsAuthorizedCalling() const; + static const int SYSTEM_UID = 1000; + static const int ROOT_UID = 0; + + using RequestFuncType = void (AccessTokenManagerStub::*)(MessageParcel &data, MessageParcel &reply); + std::map requestFuncMap_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_MANAGER_STUB_H diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h new file mode 100644 index 000000000..b74934975 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_TOKEN_ID_MANAGER_H +#define ACCESSTOKEN_TOKEN_ID_MANAGER_H + +#include +#include + +#include "access_token.h" +#include "nocopyable.h" +#include "rwlock.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +static constexpr int TOKEN_RANDOM_MASK = (1 << 24) - 1; +static const int MAX_CREATE_TOKEN_ID_RETRY = 2; + +class AccessTokenIDManager final { +public: + static AccessTokenIDManager& GetInstance(); + virtual ~AccessTokenIDManager() = default; + + int AddTokenId(AccessTokenID id, ATokenTypeEnum type); + AccessTokenID CreateAndRegisterTokenId(ATokenTypeEnum type); + int RegisterTokenId(AccessTokenID id, ATokenTypeEnum type); + void ReleaseTokenId(AccessTokenID id); + ATokenTypeEnum GetTokenIdType(AccessTokenID id); + +private: + AccessTokenIDManager() = default; + DISALLOW_COPY_AND_MOVE(AccessTokenIDManager); + AccessTokenID CreateTokenId(ATokenTypeEnum type) const; + + OHOS::Utils::RWLock tokenIdLock_; + std::set tokenIdSet_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_TOKEN_ID_MANAGER_H diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h new file mode 100644 index 000000000..7b282ec13 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_TOKEN_INFO_MANAGER_H +#define ACCESSTOKEN_TOKEN_INFO_MANAGER_H + +#include +#include +#include + +#include "access_token.h" +#include "hap_token_info.h" +#include "hap_token_info_inner.h" +#include "native_token_info.h" +#include "native_token_info_inner.h" +#include "nocopyable.h" +#include "rwlock.h" +#include "thread_pool.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class AccessTokenInfoManager final { +public: + static AccessTokenInfoManager& GetInstance(); + ~AccessTokenInfoManager(); + void Init(); + std::shared_ptr GetHapTokenInfoInner(AccessTokenID id); + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& InfoParcel); + std::shared_ptr GetNativeTokenInfoInner(AccessTokenID id); + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& InfoParcel); + std::shared_ptr GetHapPermissionPolicySet(AccessTokenID id); + int RemoveTokenInfo(AccessTokenID id); + int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); + void ProcessNativeTokenInfos(const std::vector>& tokenInfos); + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + void Dump(std::string& dumpInfo); + void RefreshTokenInfoIfNeeded(); + +private: + AccessTokenInfoManager(); + DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); + + void InitHapTokenInfos(); + void InitNativeTokenInfos(); + int AddHapTokenInfo(const std::shared_ptr& info); + int AddNativeTokenInfo(const std::shared_ptr& info); + std::string GetHapUniqueStr(const std::shared_ptr& info) const; + std::string GetHapUniqueStr(const int& userID, const std::string& bundleName, const int& instIndex) const; + bool TryUpdateExistNativeToken(const std::shared_ptr& infoPtr); + int AllocNativeToken(const std::shared_ptr& infoPtr); + void StoreAllTokenInfo(); + + OHOS::ThreadPool tokenDataWorker_; + bool hasInited_; + + OHOS::Utils::RWLock hapTokenInfoLock_; + OHOS::Utils::RWLock nativeTokenInfoLock_; + OHOS::Utils::RWLock managerLock_; + + std::map> hapTokenInfoMap_; + std::map hapTokenIdMap_; + std::map> nativeTokenInfoMap_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_TOKEN_INFO_MANAGER_H diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h new file mode 100644 index 000000000..53fea91ad --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_HAP_TOKEN_INFO_INNER_H +#define ACCESSTOKEN_HAP_TOKEN_INFO_INNER_H + +#include +#include +#include + +#include "access_token.h" +#include "generic_values.h" +#include "hap_token_info.h" +#include "permission_def.h" +#include "permission_policy_set.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class HapTokenInfoInner final { +public: + HapTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), userID_(0), + instIndex_(0), apl_(APL_NORMAL) {}; + virtual ~HapTokenInfoInner() = default; + + void Init(AccessTokenID id, const HapInfoParams& info, const HapPolicyParams& policy); + void Update(const std::string& appIDDesc, const HapPolicyParams& policy); + void TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const; + void StoreHapInfo(std::vector& hapInfoValues, + std::vector& permDefValues, + std::vector& permStateValues) const; + int RestoreHapTokenInfo(AccessTokenID tokenId, GenericValues& tokenValue, + const std::vector& permDefRes, const std::vector& permStateRes); + + std::shared_ptr GetHapInfoPermissionPolicySet() const; + int GetUserID() const; + std::string GetBundleName() const; + int GetInstIndex() const; + AccessTokenID GetTokenID() const; + void ToString(std::string& info) const; + +private: + void StoreHapBasicInfo(std::vector& valueList) const; + void TranslationIntoGenericValues(GenericValues& outGenericValues) const; + int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); + + char ver_; + AccessTokenID tokenID_; + AccessTokenAttr tokenAttr_; + int userID_; + std::string bundleName_; + int instIndex_; + std::string appID_; + std::string deviceID_; + ATokenAplEnum apl_; + std::shared_ptr permPolicySet_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_HAP_TOKEN_INFO_INNER_H diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h new file mode 100644 index 000000000..f24c27b59 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_NATIVE_TOKEN_INFO_INNER_H +#define ACCESSTOKEN_NATIVE_TOKEN_INFO_INNER_H + +#include "access_token.h" +#include "native_token_info.h" +#include +#include +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +static const std::string JSON_PROCESS_NAME = "processName"; +static const std::string JSON_APL = "APL"; +static const std::string JSON_VERSION = "version"; +static const std::string JSON_TOKEN_ID = "tokenId"; +static const std::string JSON_TOKEN_ATTR = "tokenAttr"; +static const std::string JSON_DCAPS = "dcaps"; + +class NativeTokenInfoInner final { +public: + NativeTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), apl_(APL_NORMAL) {}; + virtual ~NativeTokenInfoInner() = default; + + void Init(AccessTokenID id, const std::string& processName, ATokenAplEnum apl, + const std::vector& dcap); + void StoreNativeInfo(std::vector& valueList) const; + void TranslateToNativeTokenInfo(NativeTokenInfo& InfoParcel) const; + void SetDcaps(const std::string& dcapStr); + void ToString(std::string& info) const; + int RestoreNativeTokenInfo(AccessTokenID tokenId, const GenericValues& inGenericValues); + void Update(AccessTokenID tokenId, const std::string& processName, + int apl, const std::vector& dcap); + + std::vector GetDcap() const; + AccessTokenID GetTokenID() const; + std::string GetProcessName() const; + bool FromJsonString(const std::string& jsonString); + +private: + int TranslationIntoGenericValues(GenericValues& outGenericValues) const; + std::string DcapToString(const std::vector& dcap) const; + + char ver_; + AccessTokenID tokenID_; + AccessTokenAttr tokenAttr_; + std::string processName_; + ATokenAplEnum apl_; + std::vector dcap_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_NATIVE_TOKEN_INFO_INNER_H diff --git a/services/accesstokenmanager/main/cpp/src/database/data_storage.cpp b/services/accesstokenmanager/main/cpp/src/database/data_storage.cpp new file mode 100644 index 000000000..90559c6c2 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/data_storage.cpp @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "data_storage.h" + +#include "sqlite_storage.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +DataStorage& DataStorage::GetRealDataStorage() +{ + return SqliteStorage::GetInstance(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp new file mode 100644 index 000000000..1f039a174 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "data_translator.h" + +#include + +#include "accesstoken_log.h" +#include "field_const.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues) +{ + outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionDef.permissionName); + outGenericValues.Put(FIELD_BUNDLE_NAME, inPermissionDef.bundleName); + outGenericValues.Put(FIELD_GRANT_MODE, inPermissionDef.grantMode); + outGenericValues.Put(FIELD_AVAILABLE_SCOPE, inPermissionDef.availableScope); + outGenericValues.Put(FIELD_LABEL, inPermissionDef.label); + outGenericValues.Put(FIELD_LABEL_ID, inPermissionDef.labelId); + outGenericValues.Put(FIELD_DESCRIPTION, inPermissionDef.description); + outGenericValues.Put(FIELD_DESCRIPTION_ID, inPermissionDef.descriptionId); + return RET_SUCCESS; +} + +int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericValues, PermissionDef& outPermissionDef) +{ + outPermissionDef.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME); + outPermissionDef.bundleName = inGenericValues.GetString(FIELD_BUNDLE_NAME); + outPermissionDef.grantMode = inGenericValues.GetInt(FIELD_GRANT_MODE); + outPermissionDef.availableScope = inGenericValues.GetInt(FIELD_AVAILABLE_SCOPE); + outPermissionDef.label = inGenericValues.GetString(FIELD_LABEL); + outPermissionDef.labelId = inGenericValues.GetInt(FIELD_LABEL_ID); + outPermissionDef.description = inGenericValues.GetString(FIELD_DESCRIPTION); + outPermissionDef.descriptionId = inGenericValues.GetInt(FIELD_DESCRIPTION_ID); + return RET_SUCCESS; +} + +int DataTranslator::TranslationIntoGenericValues(const PermissionStateFull& inPermissionState, + const unsigned int grantIndex, GenericValues& outGenericValues) +{ + if (grantIndex >= inPermissionState.resDeviceID.size() || grantIndex >= inPermissionState.grantStatus.size() + || grantIndex >= inPermissionState.grantFlags.size()) { + return RET_FAILED; + } + outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionState.permissionName); + outGenericValues.Put(FIELD_DEVICE_ID, inPermissionState.resDeviceID[grantIndex]); + outGenericValues.Put(FIELD_GRANT_IS_GENERAL, inPermissionState.isGeneral ? 1 : 0); + outGenericValues.Put(FIELD_GRANT_STATE, inPermissionState.grantStatus[grantIndex]); + outGenericValues.Put(FIELD_GRANT_FLAG, inPermissionState.grantFlags[grantIndex]); + return RET_SUCCESS; +} + +int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGenericValues, + PermissionStateFull& outPermissionState) +{ + outPermissionState.isGeneral = ((inGenericValues.GetInt(FIELD_GRANT_IS_GENERAL) == 1) ? true : false); + outPermissionState.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME); + outPermissionState.resDeviceID.push_back(inGenericValues.GetString(FIELD_DEVICE_ID)); + outPermissionState.grantStatus.push_back((PermissionState)inGenericValues.GetInt(FIELD_GRANT_STATE)); + outPermissionState.grantFlags.push_back(inGenericValues.GetInt(FIELD_GRANT_FLAG)); + return RET_SUCCESS; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/database/generic_values.cpp b/services/accesstokenmanager/main/cpp/src/database/generic_values.cpp new file mode 100644 index 000000000..db130ace6 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/generic_values.cpp @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "generic_values.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +void GenericValues::Put(const std::string& key, int value) +{ + map_.insert(std::make_pair(key, VariantValue(value))); +} + +void GenericValues::Put(const std::string& key, const std::string& value) +{ + map_.insert(std::make_pair(key, VariantValue(value))); +} + +void GenericValues::Put(const std::string& key, const VariantValue& value) +{ + map_.insert(std::make_pair(key, value)); +} + +VariantValue GenericValues::Get(const std::string& key) const +{ + auto iter = map_.find(key); + if (iter == map_.end()) { + return VariantValue(); + } + return iter->second; +} + +int GenericValues::GetInt(const std::string& key) const +{ + auto it = map_.find(key); + if (it == map_.end()) { + return VariantValue::DEFAULT_VALUE; + } + return it->second.GetInt(); +} + +std::string GenericValues::GetString(const std::string& key) const +{ + auto it = map_.find(key); + if (it == map_.end()) { + return std::string(); + } + return it->second.GetString(); +} + +std::vector GenericValues::GetAllKeys() const +{ + std::vector keys; + for (auto it = map_.begin(); it != map_.end(); ++it) { + keys.emplace_back(it->first); + } + return keys; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp new file mode 100644 index 000000000..618b9cf2d --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp @@ -0,0 +1,188 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sqlite_helper.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SqliteHelper"}; +} + +SqliteHelper::SqliteHelper(const std::string& dbName, const std::string& dbPath, int version) + : dbName_(dbName), dbPath_(dbPath), currentVersion_(version), db_(nullptr) +{} + +SqliteHelper::~SqliteHelper() +{} + +void SqliteHelper::Open() +{ + if (db_ != nullptr) { + return; + } + if (dbName_.empty() || dbPath_.empty() || currentVersion_ < 0) { + return; + } + std::string fileName = dbPath_ + dbName_; + int res = sqlite3_open(fileName.c_str(), &db_); + if (res != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to open db: %{public}s", sqlite3_errmsg(db_)); + return; + } + + int version = GetVersion(); + if (version == currentVersion_) { + return; + } + + BeginTransaction(); + if (version == 0) { + OnCreate(); + } else { + if (version < currentVersion_) { + OnUpdate(); + } + } + SetVersion(); + CommitTransaction(); +} + +void SqliteHelper::Close() +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return; + } + int ret = sqlite3_close(db_); + if (ret != SQLITE_OK) { + ACCESSTOKEN_LOG_WARN(LABEL, "sqlite3_close error, ret=%{public}d", ret); + return; + } + db_ = nullptr; +} + +int SqliteHelper::BeginTransaction() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return GENERAL_ERROR; + } + char* errorMessage = nullptr; + int result = 0; + int ret = sqlite3_exec(db_, "BEGIN;", nullptr, nullptr, &errorMessage); + if (ret != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + result = GENERAL_ERROR; + } + sqlite3_free(errorMessage); + return result; +} + +int SqliteHelper::CommitTransaction() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return GENERAL_ERROR; + } + char* errorMessage = nullptr; + int result = 0; + int ret = sqlite3_exec(db_, "COMMIT;", nullptr, nullptr, &errorMessage); + if (ret != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + result = GENERAL_ERROR; + } + sqlite3_free(errorMessage); + return result; +} + +int SqliteHelper::RollbackTransaction() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return GENERAL_ERROR; + } + int result = 0; + char* errorMessage = nullptr; + int ret = sqlite3_exec(db_, "ROLLBACK;", nullptr, nullptr, &errorMessage); + if (ret != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + result = GENERAL_ERROR; + } + sqlite3_free(errorMessage); + return result; +} + +Statement SqliteHelper::Prepare(const std::string& sql) const +{ + return Statement(db_, sql); +} + +int SqliteHelper::ExecuteSql(const std::string& sql) const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return GENERAL_ERROR; + } + char* errorMessage = nullptr; + int result = 0; + int res = sqlite3_exec(db_, sql.c_str(), nullptr, nullptr, &errorMessage); + if (res != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + result = GENERAL_ERROR; + } + sqlite3_free(errorMessage); + return result; +} + +int SqliteHelper::GetVersion() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return GENERAL_ERROR; + } + auto statement = Prepare(PRAGMA_VERSION_COMMAND); + int version = 0; + while (statement.Step() == Statement::State::ROW) { + version = statement.GetColumnInt(0); + } + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: version: %{public}d", __func__, version); + return version; +} + +void SqliteHelper::SetVersion() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return; + } + auto statement = Prepare(PRAGMA_VERSION_COMMAND + " = " + std::to_string(currentVersion_)); + statement.Step(); +} + +std::string SqliteHelper::SpitError() const +{ + if (db_ == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + return ""; + } + return sqlite3_errmsg(db_); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp new file mode 100644 index 000000000..421ab572a --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp @@ -0,0 +1,368 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sqlite_storage.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SqliteStorage"}; +} + +SqliteStorage& SqliteStorage::GetInstance() +{ + static SqliteStorage instance; + return instance; +} + +SqliteStorage::~SqliteStorage() +{ + Close(); +} + +void SqliteStorage::OnCreate() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called.", __func__); + CreateHapTokenInfoTable(); + CreateNativeTokenInfoTable(); + CreatePermissionDefinitionTable(); + CreatePermissionStateTable(); +} + +void SqliteStorage::OnUpdate() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called.", __func__); +} + +SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATABASE_VERSION) +{ + SqliteTable hapTokenInfoTable; + hapTokenInfoTable.tableName_ = HAP_TOKEN_INFO_TABLE; + hapTokenInfoTable.tableColumnNames_ = { + FIELD_TOKEN_ID, FIELD_USER_ID, + FIELD_BUNDLE_NAME, FIELD_INST_INDEX, + FIELD_APP_ID, FIELD_DEVICE_ID, + FIELD_APL, FIELD_TOKEN_VERSION, + FIELD_TOKEN_ATTR + }; + + SqliteTable NativeTokenInfoTable; + NativeTokenInfoTable.tableName_ = NATIVE_TOKEN_INFO_TABLE; + NativeTokenInfoTable.tableColumnNames_ = { + FIELD_TOKEN_ID, FIELD_PROCESS_NAME, + FIELD_TOKEN_VERSION, FIELD_TOKEN_ATTR, + FIELD_DCAP + }; + + SqliteTable permissionDefTable; + permissionDefTable.tableName_ = PERMISSION_DEF_TABLE; + permissionDefTable.tableColumnNames_ = { + FIELD_TOKEN_ID, FIELD_PERMISSION_NAME, + FIELD_BUNDLE_NAME, FIELD_GRANT_MODE, + FIELD_AVAILABLE_SCOPE, FIELD_LABEL, + FIELD_LABEL_ID, FIELD_DESCRIPTION, + FIELD_DESCRIPTION_ID + }; + + SqliteTable permissionStateTable; + permissionStateTable.tableName_ = PERMISSION_STATE_TABLE; + permissionStateTable.tableColumnNames_ = { + FIELD_TOKEN_ID, FIELD_PERMISSION_NAME, + FIELD_DEVICE_ID, FIELD_GRANT_IS_GENERAL, + FIELD_GRANT_STATE, FIELD_GRANT_FLAG + }; + + dataTypeToSqlTable_ = { + {ACCESSTOKEN_HAP_INFO, hapTokenInfoTable}, + {ACCESSTOKEN_NATIVE_INFO, NativeTokenInfoTable}, + {ACCESSTOKEN_PERMISSION_DEF, permissionDefTable}, + {ACCESSTOKEN_PERMISSION_STATE, permissionStateTable}, + }; + + Open(); +} + +int SqliteStorage::Add(const DataType type, const std::vector& values) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string prepareSql = CreateInsertPrepareSqlCmd(type); + auto statement = Prepare(prepareSql); + BeginTransaction(); + bool isExecuteSuccessfully = true; + for (auto value : values) { + std::vector columnNames = value.GetAllKeys(); + for (auto columnName : columnNames) { + statement.Bind(columnName, value.Get(columnName)); + } + int ret = statement.Step(); + if (ret != Statement::State::DONE) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, SpitError().c_str()); + isExecuteSuccessfully = false; + } + statement.Reset(); + } + if (!isExecuteSuccessfully) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__); + RollbackTransaction(); + return FAILURE; + } + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__); + CommitTransaction(); + return SUCCESS; +} + +int SqliteStorage::Remove(const DataType type, const GenericValues& conditions) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::vector columnNames = conditions.GetAllKeys(); + std::string prepareSql = CreateDeletePrepareSqlCmd(type, columnNames); + auto statement = Prepare(prepareSql); + for (auto columnName : columnNames) { + statement.Bind(columnName, conditions.Get(columnName)); + } + int ret = statement.Step(); + return (ret == Statement::State::DONE) ? SUCCESS : FAILURE; +} + +int SqliteStorage::Modify(const DataType type, const GenericValues& modifyValues, const GenericValues& conditions) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::vector modifyColumns = modifyValues.GetAllKeys(); + std::vector conditionColumns = conditions.GetAllKeys(); + std::string prepareSql = CreateUpdatePrepareSqlCmd(type, modifyColumns, conditionColumns); + auto statement = Prepare(prepareSql); + for (auto columnName : modifyColumns) { + statement.Bind(columnName, modifyValues.Get(columnName)); + } + for (auto columnName : conditionColumns) { + statement.Bind(columnName, conditions.Get(columnName)); + } + int ret = statement.Step(); + return (ret == Statement::State::DONE) ? SUCCESS : FAILURE; +} + +int SqliteStorage::Find(const DataType type, std::vector& results) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string prepareSql = CreateSelectPrepareSqlCmd(type); + auto statement = Prepare(prepareSql); + while (statement.Step() == Statement::State::ROW) { + int columnCount = statement.GetColumnCount(); + GenericValues value; + for (int i = 0; i < columnCount; i++) { + value.Put(statement.GetColumnName(i), statement.GetValue(i)); + } + results.emplace_back(value); + } + return SUCCESS; +} + +int SqliteStorage::RefreshAll(const DataType type, const std::vector& values) +{ + OHOS::Utils::UniqueWriteGuard lock(this->rwLock_); + std::string deleteSql = CreateDeletePrepareSqlCmd(type); + std::string insertSql = CreateInsertPrepareSqlCmd(type); + auto deleteStatement = Prepare(deleteSql); + auto insertStatement = Prepare(insertSql); + BeginTransaction(); + bool canCommit = deleteStatement.Step() == Statement::State::DONE; + for (auto value : values) { + std::vector columnNames = value.GetAllKeys(); + for (auto columnName : columnNames) { + insertStatement.Bind(columnName, value.Get(columnName)); + } + int ret = insertStatement.Step(); + if (ret != Statement::State::DONE) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: insert failed, errorMsg: %{public}s", __func__, SpitError().c_str()); + canCommit = false; + } + insertStatement.Reset(); + } + if (!canCommit) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__); + RollbackTransaction(); + return FAILURE; + } + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__); + CommitTransaction(); + return SUCCESS; +} + +std::string SqliteStorage::CreateInsertPrepareSqlCmd(const DataType type) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "insert into " + it->second.tableName_ + " values("; + int i = 1; + for (const auto& columnName : it->second.tableColumnNames_) { + sql.append(":" + columnName); + if (i < (int) it->second.tableColumnNames_.size()) { + sql.append(","); + } + i += 1; + } + sql.append(")"); + return sql; +} + +std::string SqliteStorage::CreateDeletePrepareSqlCmd( + const DataType type, const std::vector& columnNames) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "delete from " + it->second.tableName_ + " where 1 = 1"; + for (auto columnName : columnNames) { + sql.append(" and "); + sql.append(columnName + "=:" + columnName); + } + return sql; +} + +std::string SqliteStorage::CreateUpdatePrepareSqlCmd(const DataType type, const std::vector& modifyColumns, + const std::vector& conditionColumns) const +{ + if (modifyColumns.empty()) { + return std::string(); + } + + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + + std::string sql = "update " + it->second.tableName_ + " set "; + int i = 1; + for (const auto& columnName : modifyColumns) { + sql.append(columnName + "=:" + columnName); + if (i < (int) modifyColumns.size()) { + sql.append(","); + } + i += 1; + } + + if (!conditionColumns.empty()) { + sql.append(" where 1 = 1"); + for (const auto& columnName : conditionColumns) { + sql.append(" and "); + sql.append(columnName + "=:" + columnName); + } + } + return sql; +} + +std::string SqliteStorage::CreateSelectPrepareSqlCmd(const DataType type) const +{ + auto it = dataTypeToSqlTable_.find(type); + if (it == dataTypeToSqlTable_.end()) { + return std::string(); + } + std::string sql = "select * from " + it->second.tableName_; + return sql; +} + +int SqliteStorage::CreateHapTokenInfoTable() const +{ + auto it = dataTypeToSqlTable_.find(DataType::ACCESSTOKEN_HAP_INFO); + if (it == dataTypeToSqlTable_.end()) { + return FAILURE; + } + std::string sql = "create table if not exists "; + sql.append(it->second.tableName_ + " (") + .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_USER_ID + " integer not null,") + .append(FIELD_BUNDLE_NAME + " text not null,") + .append(FIELD_INST_INDEX + " integer not null,") + .append(FIELD_APP_ID + " text not null,") + .append(FIELD_DEVICE_ID + " text not null,") + .append(FIELD_APL + " integer not null,") + .append(FIELD_TOKEN_VERSION + " integer not null,") + .append(FIELD_TOKEN_ATTR + " integer not null,") + .append("primary key(" + FIELD_TOKEN_ID) + .append("))"); + return ExecuteSql(sql); +} + +int SqliteStorage::CreateNativeTokenInfoTable() const +{ + auto it = dataTypeToSqlTable_.find(DataType::ACCESSTOKEN_NATIVE_INFO); + if (it == dataTypeToSqlTable_.end()) { + return FAILURE; + } + std::string sql = "create table if not exists "; + sql.append(it->second.tableName_ + " (") + .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_PROCESS_NAME + " text not null,") + .append(FIELD_TOKEN_VERSION + " integer not null,") + .append(FIELD_TOKEN_ATTR + " integer not null,") + .append(FIELD_DCAP + " text not null,") + .append("primary key(" + FIELD_TOKEN_ID) + .append("))"); + return ExecuteSql(sql); +} + +int SqliteStorage::CreatePermissionDefinitionTable() const +{ + auto it = dataTypeToSqlTable_.find(DataType::ACCESSTOKEN_PERMISSION_DEF); + if (it == dataTypeToSqlTable_.end()) { + return FAILURE; + } + std::string sql = "create table if not exists "; + sql.append(it->second.tableName_ + " (") + .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_PERMISSION_NAME + " text not null,") + .append(FIELD_BUNDLE_NAME + " text not null,") + .append(FIELD_GRANT_MODE + " integer not null,") + .append(FIELD_AVAILABLE_SCOPE + " integer not null,") + .append(FIELD_LABEL + " text not null,") + .append(FIELD_LABEL_ID + " integer not null,") + .append(FIELD_DESCRIPTION + " text not null,") + .append(FIELD_DESCRIPTION_ID + " integer not null,") + .append("primary key(" + FIELD_TOKEN_ID) + .append("," + FIELD_PERMISSION_NAME) + .append("))"); + return ExecuteSql(sql); +} + +int SqliteStorage::CreatePermissionStateTable() const +{ + auto it = dataTypeToSqlTable_.find(DataType::ACCESSTOKEN_PERMISSION_STATE); + if (it == dataTypeToSqlTable_.end()) { + return FAILURE; + } + std::string sql = "create table if not exists "; + sql.append(it->second.tableName_ + " (") + .append(FIELD_TOKEN_ID + " integer not null,") + .append(FIELD_PERMISSION_NAME + " text not null,") + .append(FIELD_DEVICE_ID + " text not null,") + .append(FIELD_GRANT_IS_GENERAL + " integer not null,") + .append(FIELD_GRANT_STATE + " integer not null,") + .append(FIELD_GRANT_FLAG + " integer not null,") + .append("primary key(" + FIELD_TOKEN_ID) + .append("," + FIELD_PERMISSION_NAME) + .append("," + FIELD_DEVICE_ID) + .append("))"); + return ExecuteSql(sql); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/database/statement.cpp b/services/accesstokenmanager/main/cpp/src/database/statement.cpp new file mode 100644 index 000000000..42d2e3656 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/statement.cpp @@ -0,0 +1,125 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "statement.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "Statement"}; +} + +Statement::Statement(sqlite3* db, const std::string& sql) : db_(db), sql_(sql) +{ + if (sqlite3_prepare_v2(db, sql.c_str(), sql.size(), &statement_, nullptr) != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot prepare, errorMsg: %{public}s", sqlite3_errmsg(db_)); + } +} + +Statement::~Statement() +{ + sqlite3_finalize(statement_); + statement_ = nullptr; +} + +void Statement::Bind(const int index, const std::string& text) +{ + if (sqlite3_bind_text(statement_, index, text.c_str(), text.size(), SQLITE_TRANSIENT) != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind string, errorMsg: %{public}s", sqlite3_errmsg(db_)); + } +} + +void Statement::Bind(const int index, int value) +{ + if (sqlite3_bind_int(statement_, index, value) != SQLITE_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Cannot bind int, errorMsg: %{public}s", sqlite3_errmsg(db_)); + } +} + +int Statement::GetColumnInt(const int column) const +{ + return sqlite3_column_int(statement_, column); +} + +std::string Statement::GetColumnString(const int column) const +{ + return std::string(reinterpret_cast(sqlite3_column_text(statement_, column))); +} + +std::string Statement::GetColumnName(const int column) const +{ + return sqlite3_column_name(statement_, column); +} + +Statement::State Statement::Step() +{ + int ret = sqlite3_step(statement_); + switch (ret) { + case SQLITE_ROW: + return Statement::State::ROW; + case SQLITE_DONE: + return Statement::State::DONE; + case SQLITE_BUSY: + return Statement::State::BUSY; + case SQLITE_MISUSE: + return Statement::State::MISUSE; + default: + return Statement::State::UNKNOWN; + } +} + +int Statement::GetParameterIndex(const std::string& name) const +{ + return sqlite3_bind_parameter_index(statement_, name.c_str()); +} + +void Statement::Bind(const std::string& tableColumnName, const VariantValue& value) +{ + int index = GetParameterIndex(":" + tableColumnName); + if (value.GetType() == ValueType::TYPE_STRING) { + Bind(index, value.GetString()); + } else if (value.GetType() == ValueType::TYPE_INT) { + Bind(index, value.GetInt()); + } +} + +int Statement::Reset() +{ + return sqlite3_reset(statement_); +} + +int Statement::GetColumnCount() const +{ + return sqlite3_column_count(statement_); +} + +VariantValue Statement::GetValue(const int column) const +{ + int type = sqlite3_column_type(statement_, column); + switch (type) { + case SQLITE_INTEGER: + return VariantValue(GetColumnInt(column)); + case SQLITE_TEXT: + return VariantValue(GetColumnString(column)); + default: + return VariantValue(); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/database/variant_value.cpp b/services/accesstokenmanager/main/cpp/src/database/variant_value.cpp new file mode 100644 index 000000000..3dae32731 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/database/variant_value.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "variant_value.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +VariantValue::VariantValue() : type_(ValueType::TYPE_NULL) +{} + +VariantValue::~VariantValue() +{} + +VariantValue::VariantValue(int value) : type_(ValueType::TYPE_INT) +{ + value_ = value; +} + +VariantValue::VariantValue(const std::string& value) : type_(ValueType::TYPE_STRING) +{ + value_ = value; +} + +ValueType VariantValue::GetType() const +{ + return type_; +} + +int VariantValue::GetInt() const +{ + if (type_ != ValueType::TYPE_INT) { + return DEFAULT_VALUE; + } + + return std::get(value_); +} + +std::string VariantValue::GetString() const +{ + if (type_ != ValueType::TYPE_STRING) { + return std::string(); + } + + return std::get(value_); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp new file mode 100644 index 000000000..d9894dac6 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_definition_cache.h" + +#include "access_token.h" +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionDefinitionCache" +}; +} + +PermissionDefinitionCache& PermissionDefinitionCache::GetInstance() +{ + static PermissionDefinitionCache instance; + return instance; +} + +PermissionDefinitionCache::PermissionDefinitionCache() +{} + +PermissionDefinitionCache::~PermissionDefinitionCache() +{} + +bool PermissionDefinitionCache::Insert(const PermissionDef& info) +{ + Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); + auto it = permissionDefinitionMap_.find(info.permissionName); + if (it != permissionDefinitionMap_.end()) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: info for permission: %{public}s has been insert, please check!", + __func__, info.permissionName.c_str()); + return false; + } + permissionDefinitionMap_[info.permissionName] = info; + return true; +} + +void PermissionDefinitionCache::DeleteByBundleName(const std::string& bundleName) +{ + Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); + auto it = permissionDefinitionMap_.begin(); + while (it != permissionDefinitionMap_.end()) { + if (bundleName == it->second.bundleName) { + permissionDefinitionMap_.erase(it++); + } else { + ++it; + } + } +} + +int PermissionDefinitionCache::FindByPermissionName(const std::string& permissionName, PermissionDef& info) +{ + Utils::UniqueReadGuard cacheGuard(this->cacheLock_); + auto it = permissionDefinitionMap_.find(permissionName); + if (it == permissionDefinitionMap_.end()) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: can not find definition info for permission: %{public}s", __func__, + permissionName.c_str()); + return RET_FAILED; + } + info = it->second; + return RET_SUCCESS; +} + +bool PermissionDefinitionCache::IsSystemGrantedPermission(const std::string& permissionName) +{ + Utils::UniqueReadGuard cacheGuard(this->cacheLock_); + return IsGrantedModeEqualInner(permissionName, SYSTEM_GRANT); +} + +bool PermissionDefinitionCache::IsUserGrantedPermission(const std::string& permissionName) +{ + Utils::UniqueReadGuard cacheGuard(this->cacheLock_); + return IsGrantedModeEqualInner(permissionName, USER_GRANT); +} + +bool PermissionDefinitionCache::IsGrantedModeEqualInner(const std::string& permissionName, int grantMode) const +{ + auto it = permissionDefinitionMap_.find(permissionName); + if (it == permissionDefinitionMap_.end()) { + return false; + } + return it->second.grantMode == grantMode; +} + +bool PermissionDefinitionCache::HasDefinition(const std::string& permissionName) +{ + Utils::UniqueReadGuard cacheGuard(this->cacheLock_); + return permissionDefinitionMap_.count(permissionName) == 1; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp new file mode 100644 index 000000000..35bf38fa4 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -0,0 +1,304 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_manager.h" +#include "access_token.h" +#include "accesstoken_info_manager.h" +#include "accesstoken_log.h" +#include "permission_definition_cache.h" +#include "permission_validator.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionManager"}; +} + +PermissionManager& PermissionManager::GetInstance() +{ + static PermissionManager instance; + return instance; +} + +PermissionManager::PermissionManager() +{ +} + +PermissionManager::~PermissionManager() +{ +} + +void PermissionManager::AddDefPermissions(const std::vector& permList) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, permList.size()); + for (auto perm : permList) { + if (!PermissionValidator::IsPermissionDefValid(perm)) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: invalid permission definition info: %{public}s", __func__, + TransferPermissionDefToString(perm).c_str()); + } else { + PermissionDefinitionCache::GetInstance().Insert(perm); + } + } +} + +void PermissionManager::RemoveDefPermissions(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + std::shared_ptr tokenInfo = + AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); + if (tokenInfo == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params(tokenID: 0x%{public}x)!", __func__, tokenID); + return; + } + std::string bundleName = tokenInfo->GetBundleName(); + PermissionDefinitionCache::GetInstance().DeleteByBundleName(bundleName); +} + +int PermissionManager::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + tokenID, permissionName.c_str()); + if (!PermissionValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return PERMISSION_DENIED; + } + if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + return PERMISSION_DENIED; + } + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return PERMISSION_DENIED; + } + + std::vector permList = permPolicySet->permStateList_; + for (auto perm : permList) { + if (perm.permissionName == permissionName) { + return QueryPermissionStatus(perm); + } + } + return PERMISSION_DENIED; +} + +int PermissionManager::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permissionName: %{public}s", __func__, permissionName.c_str()); + if (!PermissionValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return RET_FAILED; + } + if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + return RET_FAILED; + } + return PermissionDefinitionCache::GetInstance().FindByPermissionName(permissionName, permissionDefResult); +} + +int PermissionManager::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return RET_FAILED; + } + std::vector permListGet = permPolicySet->permList_; + permList.assign(permListGet.begin(), permListGet.end()); + return RET_SUCCESS; +} + +int PermissionManager::GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, isSystemGrant: %{public}d", + __func__, tokenID, isSystemGrant); + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return RET_FAILED; + } + + GrantMode mode = isSystemGrant ? SYSTEM_GRANT : USER_GRANT; + std::vector permList = permPolicySet->permStateList_; + for (auto perm : permList) { + PermissionDef permDef; + GetDefPermission(perm.permissionName, permDef); + if (permDef.grantMode == mode) { + reqPermList.emplace_back(perm); + } + } + return RET_SUCCESS; +} + +int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", + __func__, tokenID, permissionName.c_str()); + if (!PermissionValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return DEFAULT_PERMISSION_FLAGS; + } + if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + return DEFAULT_PERMISSION_FLAGS; + } + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return DEFAULT_PERMISSION_FLAGS; + } + + std::vector permList = permPolicySet->permStateList_; + for (auto perm : permList) { + if (perm.permissionName == permissionName) { + return QueryPermissionFlag(perm); + } + } + return DEFAULT_PERMISSION_FLAGS; +} + + +int PermissionManager::UpdatePermissionStatus(PermissionStateFull& permStat, bool isGranted, int flag) +{ + if (permStat.isGeneral == true) { + permStat.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; + permStat.grantFlags[0] = flag; + } + return RET_FAILED; +} + +void PermissionManager::UpdateTokenPermissionState( + AccessTokenID tokenID, const std::string& permissionName, bool isGranted, int flag) +{ + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + + std::vector& permList = permPolicySet->permStateList_; + for (auto& perm : permList) { + if (perm.permissionName == permissionName) { + UpdatePermissionStatus(perm, isGranted, flag); + break; + } + } +} + +void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", + __func__, tokenID, permissionName.c_str(), flag); + if (!PermissionValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + return; + } + if (!PermissionValidator::IsPermissionFlagValid(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + UpdateTokenPermissionState(tokenID, permissionName, true, flag); +} + +void PermissionManager::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", + __func__, tokenID, permissionName.c_str(), flag); + if (!PermissionValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + return; + } + if (!PermissionValidator::IsPermissionFlagValid(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + UpdateTokenPermissionState(tokenID, permissionName, false, flag); +} + +void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + std::shared_ptr permPolicySet = + AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + if (permPolicySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + return; + } + + std::vector& permList = permPolicySet->permStateList_; + for (auto& perm : permList) { + PermissionDef permDef; + bool isGranted; + GetDefPermission(perm.permissionName, permDef); + isGranted = (permDef.grantMode == SYSTEM_GRANT) ? true : false; + UpdatePermissionStatus(perm, isGranted, DEFAULT_PERMISSION_FLAGS); + } +} + +int PermissionManager::QueryPermissionFlag(const PermissionStateFull& permStat) +{ + if (permStat.isGeneral == true) { + return permStat.grantFlags[0]; + } + return DEFAULT_PERMISSION_FLAGS; +} + +int PermissionManager::QueryPermissionStatus(const PermissionStateFull& permStat) +{ + if (permStat.isGeneral == true) { + return permStat.grantStatus[0]; + } + return PERMISSION_DENIED; +} + +std::string PermissionManager::TransferPermissionDefToString(const PermissionDef& inPermissionDef) +{ + std::string infos; + infos.append(R"({"permissionName": ")" + inPermissionDef.permissionName + R"(")"); + infos.append(R"(, "bundleName": ")" + inPermissionDef.bundleName + R"(")"); + infos.append(R"(, "grantMode": )" + std::to_string(inPermissionDef.grantMode)); + infos.append(R"(, "availableScope": )" + std::to_string(inPermissionDef.availableScope)); + infos.append(R"(, "label": ")" + inPermissionDef.label + R"(")"); + infos.append(R"(, "labelId": )" + std::to_string(inPermissionDef.labelId)); + infos.append(R"(, "description": ")" + inPermissionDef.description + R"(")"); + infos.append(R"(, "descriptionId": )" + std::to_string(inPermissionDef.descriptionId)); + infos.append("}"); + return infos; +} +} // namespace AccessToken +} // namespace Security +} diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp new file mode 100644 index 000000000..176e4afff --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -0,0 +1,236 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_policy_set.h" + +#include "accesstoken_log.h" +#include "data_storage.h" +#include "data_translator.h" +#include "field_const.h" +#include "permission_validator.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionPolicySet"}; +} + +std::shared_ptr PermissionPolicySet::BuildPermissionPolicySet( + AccessTokenID tokenId, const std::vector& permList, + const std::vector& permStateList) +{ + std::shared_ptr policySet = std::make_shared(); + if (policySet != nullptr) { + PermissionValidator::FilterInvalidPermisionDef(permList, policySet->permList_); + PermissionValidator::FilterInvalidPermisionState(permStateList, policySet->permStateList_); + policySet->tokenId_ = tokenId; + } + return policySet; +} + +void PermissionPolicySet::UpdatePermDef(PermissionDef& permOld, const PermissionDef& permNew) +{ + permOld.bundleName = permNew.bundleName; + permOld.grantMode = permNew.grantMode; + permOld.availableScope = permNew.availableScope; + permOld.label = permNew.label; + permOld.labelId = permNew.labelId; + permOld.description = permNew.description; + permOld.descriptionId = permNew.descriptionId; +} + +void PermissionPolicySet::UpdatePermStateFull(PermissionStateFull& permOld, const PermissionStateFull& permNew) +{ + if (permOld.isGeneral != permNew.isGeneral) { + permOld.resDeviceID.clear(); + permOld.grantStatus.clear(); + permOld.grantFlags.clear(); + permOld.isGeneral = permNew.isGeneral; + } +} + +void PermissionPolicySet::Update(const std::vector& permList, + const std::vector& permStateList) +{ + for (const PermissionDef& permNew : permList) { + for (PermissionDef& permOld : permList_) { + if (permNew.permissionName == permOld.permissionName) { + UpdatePermDef(permOld, permNew); + break; + } + } + permList_.emplace_back(permNew); + } + + for (const PermissionStateFull& permStateNew : permStateList) { + for (PermissionStateFull& permStateOld : permStateList_) { + if (permStateNew.permissionName == permStateOld.permissionName) { + UpdatePermStateFull(permStateOld, permStateNew); + break; + } + } + permStateList_.emplace_back(permStateNew); + } +} + +std::shared_ptr PermissionPolicySet::RestorePermissionPolicy(AccessTokenID tokenId, + const std::vector& permDefRes, const std::vector& permStateRes) +{ + std::shared_ptr policySet = std::make_shared(); + if (policySet == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x new failed.", __func__, tokenId); + return nullptr; + } + policySet->tokenId_ = tokenId; + + for (GenericValues defValue : permDefRes) { + if ((AccessTokenID)defValue.GetInt(FIELD_TOKEN_ID) == tokenId) { + PermissionDef def; + DataTranslator::TranslationIntoPermissionDef(defValue, def); + policySet->permList_.emplace_back(def); + } + } + + for (GenericValues stateValue : permStateRes) { + if ((AccessTokenID)stateValue.GetInt(FIELD_TOKEN_ID) == tokenId) { + PermissionStateFull state; + DataTranslator::TranslationIntoPermissionStateFull(stateValue, state); + MergePermissionStateFull(policySet->permStateList_, state); + } + } + return policySet; +} + +void PermissionPolicySet::MergePermissionStateFull(std::vector& permStateList, + const PermissionStateFull& state) +{ + for (auto iter = permStateList.begin(); iter != permStateList.end(); iter++) { + if (state.permissionName == iter->permissionName) { + iter->resDeviceID.emplace_back(state.resDeviceID[0]); + iter->grantStatus.emplace_back(state.grantStatus[0]); + iter->grantFlags.emplace_back(state.grantFlags[0]); + return; + } + } + permStateList.emplace_back(state); +} + +void PermissionPolicySet::StorePermissionDef(std::vector& valueList) const +{ + for (auto permissionDef : permList_) { + GenericValues genericValues; + genericValues.Put(FIELD_TOKEN_ID, tokenId_); + DataTranslator::TranslationIntoGenericValues(permissionDef, genericValues); + valueList.emplace_back(genericValues); + } +} + +void PermissionPolicySet::StorePermissionState(std::vector& valueList) const +{ + for (auto permissionState : permStateList_) { + if (permissionState.isGeneral) { + GenericValues genericValues; + genericValues.Put(FIELD_TOKEN_ID, tokenId_); + DataTranslator::TranslationIntoGenericValues(permissionState, 0, genericValues); + valueList.emplace_back(genericValues); + continue; + } + + unsigned int stateSize = permissionState.resDeviceID.size(); + for (unsigned int i = 0; i < stateSize; i++) { + GenericValues genericValues; + genericValues.Put(FIELD_TOKEN_ID, tokenId_); + DataTranslator::TranslationIntoGenericValues(permissionState, i, genericValues); + valueList.emplace_back(genericValues); + } + } +} + +void PermissionPolicySet::StorePermissionPolicySet(std::vector& permDefValueList, + std::vector& permStateValueList) const +{ + StorePermissionDef(permDefValueList); + StorePermissionState(permStateValueList); +} + +void PermissionPolicySet::PermDefToString(const PermissionDef& def, std::string& info) const +{ + info.append(R"({"permissionName": ")" + def.permissionName + R"(")"); + info.append(R"(, "bundleName": ")" + def.bundleName + R"(")"); + info.append(R"(, "grantMode": )" + std::to_string(def.grantMode)); + info.append(R"(, "availableScope": )" + std::to_string(def.availableScope)); + info.append(R"(, "label": ")" + def.label + R"(")"); + info.append(R"(, "labelId": )" + std::to_string(def.labelId)); + info.append(R"(, "description": ")" + def.description + R"(")"); + info.append(R"(, "descriptionId": )" + std::to_string(def.descriptionId)); + info.append(R"(})"); +} + +void PermissionPolicySet::PermStateFullToString(const PermissionStateFull& state, std::string& info) const +{ + info.append(R"({"permissionName": ")" + state.permissionName + R"(")"); + info.append(R"(, "isGeneral": )" + std::to_string(state.isGeneral)); + + info.append(R"(, "resDeviceIDList": [ )"); + for (auto iter = state.resDeviceID.begin(); iter != state.resDeviceID.end(); iter++) { + info.append(R"({"resDeviceID": ")" + *iter + R"("})"); + if (iter != (state.resDeviceID.end() - 1)) { + info.append(","); + } + } + + info.append(R"(], "grantStatusList": [)"); + for (auto iter = state.grantStatus.begin(); iter != state.grantStatus.end(); iter++) { + info.append(R"({"grantStatus": )" + std::to_string(*iter) + "}"); + if (iter != (state.grantStatus.end() - 1)) { + info.append(","); + } + } + + info.append(R"(], "grantFlagsList": [)"); + for (auto iter = state.grantFlags.begin(); iter != state.grantFlags.end(); iter++) { + info.append(R"({"grantFlag": )" + std::to_string(*iter) + "}"); + if (iter != (state.grantFlags.end() - 1)) { + info.append(","); + } + } + + info.append(R"(]})"); +} + +void PermissionPolicySet::ToString(std::string& info) const +{ + info.append(R"(, "permDefList": [)"); + for (auto iter = permList_.begin(); iter != permList_.end(); iter++) { + PermDefToString(*iter, info); + if (iter != (permList_.end() - 1)) { + info.append(","); + } + } + info.append("]"); + + info.append(R"(, "permStateList": [)"); + for (auto iter = permStateList_.begin(); iter != permStateList_.end(); iter++) { + PermStateFullToString(*iter, info); + if (iter != (permStateList_.end() - 1)) { + info.append(","); + } + } + info.append("]"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp new file mode 100644 index 000000000..47f39b62e --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -0,0 +1,140 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "permission_validator.h" + +#include + +#include "access_token.h" +#include "data_validator.h" +#include "permission_definition_cache.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +bool PermissionValidator::IsGrantModeValid(int grantMode) +{ + return grantMode == GrantMode::SYSTEM_GRANT || grantMode == GrantMode::USER_GRANT; +} + +bool PermissionValidator::IsAvailableScopeValid(int availableScope) +{ + return availableScope == AvailableScope::AVAILABLE_SCOPE_ALL || + availableScope == AvailableScope::AVAILABLE_SCOPE_RESTRICTED || + availableScope == AvailableScope::AVAILABLE_SCOPE_SIGNATURE; +} + +bool PermissionValidator::IsGrantStatusValid(int grantStaus) +{ + return grantStaus == PermissionState::PERMISSION_GRANTED || grantStaus == PermissionState::PERMISSION_DENIED; +} + +bool PermissionValidator::IsPermissionFlagValid(int flag) +{ + return flag == PermissionFlag::PERMISSION_USER_SET || + flag == PermissionFlag::PERMISSION_USER_FIXED || + flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; +} + +bool PermissionValidator::IsPermissionNameValid(const std::string& permissionName) +{ + return DataValidator::IsPermissionNameValid(permissionName); +} + +bool PermissionValidator::IsPermissionDefValid(const PermissionDef& permDef) +{ + if (!DataValidator::IsPermissionNameValid(permDef.permissionName)) { + return false; + } + if (!IsGrantModeValid(permDef.grantMode)) { + return false; + } + return IsAvailableScopeValid(permDef.availableScope); +} + +bool PermissionValidator::IsPermissionStateValid(const PermissionStateFull& permState) +{ + if (!DataValidator::IsPermissionNameValid(permState.permissionName)) { + return false; + } + + size_t resDevIdSize = permState.resDeviceID.size(); + size_t grantStatSize = permState.grantStatus.size(); + size_t grantFlagSize = permState.grantFlags.size(); + if ((grantStatSize != resDevIdSize) || (grantFlagSize != resDevIdSize)) { + return false; + } + + for (int i = 0; i < resDevIdSize; i++) { + if (!IsGrantStatusValid(permState.grantStatus[i]) || + !IsPermissionFlagValid(permState.grantFlags[i])) { + return false; + } + } + return true; +} + + +void PermissionValidator::FilterInvalidPermisionDef( + const std::vector& permList, std::vector& result) +{ + std::set permDefSet; + for (auto it = permList.begin(); it != permList.end(); ++it) { + std::string permName = it->permissionName; + if (!IsPermissionDefValid(*it) || permDefSet.count(permName) != 0) { + continue; + } + permDefSet.insert(permName); + result.emplace_back(*it); + } +} + +void PermissionValidator::DeduplicateResDevID(const PermissionStateFull& permState, PermissionStateFull& result) +{ + std::set resDevId; + auto stateIter = permState.grantStatus.begin(); + auto flagIter = permState.grantFlags.begin(); + for (auto it = permState.resDeviceID.begin(); it != permState.resDeviceID.end(); ++it, ++stateIter, ++flagIter) { + if (resDevId.count(*it) != 0) { + continue; + } + resDevId.insert(*it); + result.resDeviceID.emplace_back(*it); + result.grantStatus.emplace_back(*stateIter); + result.grantFlags.emplace_back(*flagIter); + ++stateIter; + ++flagIter; + } + result.permissionName = permState.permissionName; + result.isGeneral = permState.isGeneral; +} + +void PermissionValidator::FilterInvalidPermisionState( + const std::vector& permList, std::vector& result) +{ + std::set permStateSet; + for (auto it = permList.begin(); it != permList.end(); ++it) { + std::string permName = it->permissionName; + PermissionStateFull res; + if (!IsPermissionStateValid(*it) || permStateSet.count(permName) != 0) { + continue; + } + DeduplicateResDevID(*it, res); + permStateSet.insert(permName); + result.emplace_back(res); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp new file mode 100644 index 000000000..a0c176542 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -0,0 +1,246 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_manager_service.h" + +#include "access_token.h" +#include "accesstoken_id_manager.h" +#include "accesstoken_info_manager.h" +#include "accesstoken_log.h" +#include "hap_token_info.h" +#include "hap_token_info_inner.h" +#include "native_token_info_inner.h" +#include "permission_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerService" +}; +} + +const bool REGISTER_RESULT = + SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); + +AccessTokenManagerService::AccessTokenManagerService() + : SystemAbility(SA_ID_ACCESSTOKEN_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService()"); +} + +AccessTokenManagerService::~AccessTokenManagerService() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "~AccessTokenManagerService()"); +} + +void AccessTokenManagerService::OnStart() +{ + if (state_ == ServiceRunningState::STATE_RUNNING) { + ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService has already started!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService is starting"); + if (!Initialize()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); + return; + } + state_ = ServiceRunningState::STATE_RUNNING; + bool ret = Publish(DelayedSingleton::GetInstance().get()); + if (!ret) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to publish service!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "Congratulations, AccessTokenManagerService start successfully!"); +} + +void AccessTokenManagerService::OnStop() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); + state_ = ServiceRunningState::STATE_NOT_START; +} + +int AccessTokenManagerService::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + tokenID, permissionName.c_str()); + return PermissionManager::GetInstance().VerifyAccessToken(tokenID, permissionName); +} + +int AccessTokenManagerService::GetDefPermission( + const std::string& permissionName, PermissionDefParcel& permissionDefResult) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, permissionName: %{public}s", __func__, permissionName.c_str()); + return PermissionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult.permissionDef); +} + +int AccessTokenManagerService::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + std::vector permVec; + int ret = PermissionManager::GetInstance().GetDefPermissions(tokenID, permVec); + for (auto perm : permVec) { + PermissionDefParcel permPrcel; + permPrcel.permissionDef = perm; + permList.emplace_back(permPrcel); + } + return ret; +} + +int AccessTokenManagerService::GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, isSystemGrant: %{public}d", __func__, tokenID, isSystemGrant); + + std::vector permList; + int ret = PermissionManager::GetInstance().GetReqPermissions(tokenID, permList, isSystemGrant); + + for (auto& perm : permList) { + PermissionStateFullParcel permPrcel; + permPrcel.permStatFull = perm; + reqPermList.emplace_back(permPrcel); + } + return ret; +} + +int AccessTokenManagerService::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + tokenID, permissionName.c_str()); + return PermissionManager::GetInstance().GetPermissionFlag(tokenID, permissionName); +} + +int AccessTokenManagerService::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, + tokenID, permissionName.c_str(), flag); + PermissionManager::GetInstance().GrantPermission(tokenID, permissionName, flag); + AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +int AccessTokenManagerService::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, + tokenID, permissionName.c_str(), flag); + PermissionManager::GetInstance().RevokePermission(tokenID, permissionName, flag); + AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + PermissionManager::GetInstance().ClearUserGrantedPermissionState(tokenID); + AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + AccessTokenIDEx tokenIdEx; + tokenIdEx.tokenIDEx = 0LL; + + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( + info.hapInfoParameter, policy.hapPolicyParameter, tokenIdEx); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, hap token info create failed", __func__); + } + return tokenIdEx; +} + +int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + return AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenID); +} + +int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + return AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID); +} + +int AccessTokenManagerService::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, dcap: %{public}s", + __func__, tokenID, dcap.c_str()); + return AccessTokenInfoManager::GetInstance().CheckNativeDCap(tokenID, dcap); +} + +AccessTokenID AccessTokenManagerService::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, userID: %{public}d, bundleName: %{public}s, instIndex: %{public}d", + __func__, userID, bundleName.c_str(), instIndex); + return AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex); +} + +AccessTokenID AccessTokenManagerService::AllocLocalTokenID( + const std::string& remoteDeviceID, AccessTokenID remoteTokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, remoteDeviceID: %{public}s, remoteTokenID: %{public}d", + __func__, remoteDeviceID.c_str(), remoteTokenID); + return AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); +} + +int AccessTokenManagerService::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, + const HapPolicyParcel& policyParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + + return AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenID, appIDDesc, + policyParcel.hapPolicyParameter); +} + +int AccessTokenManagerService::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + + HapTokenInfo hapTokenInfo; + AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfo); + InfoParcel.hapTokenInfoParams = hapTokenInfo; + return RET_SUCCESS; +} + +int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& InfoParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + + NativeTokenInfo nativeTokenInfo; + AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfo); + InfoParcel.nativeTokenInfoParams = nativeTokenInfo; + + return RET_SUCCESS; +} + +bool AccessTokenManagerService::Initialize() const +{ + AccessTokenInfoManager::GetInstance().Init(); + return true; +} +} // namespace AccessToken +} // namespace Security +} diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp new file mode 100644 index 000000000..cc6e8e07f --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -0,0 +1,334 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_manager_stub.h" + +#include "accesstoken_log.h" + +#include "ipc_skeleton.h" +#include "string_ex.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerStub"}; +} + +int32_t AccessTokenManagerStub::OnRemoteRequest( + uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, code: %{public}d", __func__, code); + std::u16string descriptor = data.ReadInterfaceToken(); + if (descriptor != IAccessTokenManager::GetDescriptor()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); + return -1; + } + auto itFunc = requestFuncMap_.find(code); + if (itFunc != requestFuncMap_.end()) { + auto requestFunc = itFunc->second; + if (requestFunc != nullptr) { + (this->*requestFunc)(data, reply); + } else { + return IPCObjectStub::OnRemoteRequest(code, data, reply, option); + } + } + return NO_ERROR; +} + +void AccessTokenManagerStub::DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + int result = this->DeleteToken(tokenID); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->VerifyAccessToken(tokenID, permissionName); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string permissionName = data.ReadString(); + PermissionDefParcel permissionDefParcel; + int result = this->GetDefPermission(permissionName, permissionDefParcel); + reply.WriteParcelable(&permissionDefParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + std::vector permList; + + int result = this->GetDefPermissions(tokenID, permList); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); + reply.WriteInt32(permList.size()); + for (auto permDef : permList) { + reply.WriteParcelable(&permDef); + } + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + int isSystemGrant = data.ReadInt32(); + std::vector permList; + + int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); + reply.WriteInt32(permList.size()); + for (auto permDef : permList) { + reply.WriteParcelable(&permDef); + } + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int result = this->GetPermissionFlag(tokenID, permissionName); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int flag = data.ReadInt32(); + int result = this->GrantPermission(tokenID, permissionName, flag); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int flag = data.ReadInt32(); + int result = this->RevokePermission(tokenID, permissionName, flag); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + int result = this->ClearUserGrantedPermissionState(tokenID); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::AllocHapTokenInner(MessageParcel& data, MessageParcel& reply) +{ + AccessTokenIDEx res = {0}; + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + + sptr hapInfoParcel = data.ReadParcelable(); + sptr hapPolicyParcel = data.ReadParcelable(); + + res = this->AllocHapToken(*hapInfoParcel, *hapPolicyParcel); + reply.WriteUint64(res.tokenIDEx); +} + +void AccessTokenManagerStub::GetTokenTypeInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + int result = this->GetTokenType(tokenID); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + std::string dCap = data.ReadString(); + int result = this->CheckNativeDCap(tokenID, dCap); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + int userID = data.ReadInt32(); + std::string bundleName = data.ReadString(); + int instIndex = data.ReadInt32(); + AccessTokenID result = this->GetHapTokenID(userID, bundleName, instIndex); + reply.WriteUint32(result); +} + +void AccessTokenManagerStub::AllocLocalTokenIDInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string remoteDeviceID = data.ReadString(); + AccessTokenID remoteTokenID = data.ReadUint32(); + AccessTokenID result = this->AllocLocalTokenID(remoteDeviceID, remoteTokenID); + reply.WriteUint32(result); +} + +void AccessTokenManagerStub::UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + std::string appIDDesc = data.ReadString(); + sptr policyParcel = data.ReadParcelable(); + + int32_t result = this->UpdateHapToken(tokenID, appIDDesc, *policyParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + HapTokenInfoParcel hapTokenInfoParcel; + AccessTokenID tokenID = data.ReadUint32(); + int result = this->GetHapTokenInfo(tokenID, hapTokenInfoParcel); + reply.WriteParcelable(&hapTokenInfoParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + NativeTokenInfoParcel nativeTokenInfoParcel; + int result = this->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel); + reply.WriteParcelable(&nativeTokenInfoParcel); + reply.WriteInt32(result); +} + +bool AccessTokenManagerStub::IsAuthorizedCalling() const +{ + int callingUid = IPCSkeleton::GetCallingUid(); + ACCESSTOKEN_LOG_INFO(LABEL, "Calling uid: %{public}d", callingUid); + return callingUid == SYSTEM_UID || callingUid == ROOT_UID; +} + +AccessTokenManagerStub::AccessTokenManagerStub() +{ + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::VERIFY_ACCESSTOKEN)] = + &AccessTokenManagerStub::VerifyAccessTokenInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSION)] = + &AccessTokenManagerStub::GetDefPermissionInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSIONS)] = + &AccessTokenManagerStub::GetDefPermissionsInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_REQ_PERMISSIONS)] = + &AccessTokenManagerStub::GetReqPermissionsInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG)] = + &AccessTokenManagerStub::GetPermissionFlagInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GRANT_PERMISSION)] = + &AccessTokenManagerStub::GrantPermissionInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::REVOKE_PERMISSION)] = + &AccessTokenManagerStub::RevokePermissionInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::CLEAR_USER_GRANT_PERMISSION)] = + &AccessTokenManagerStub::ClearUserGrantedPermissionStateInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::ALLOC_TOKEN_HAP)] = + &AccessTokenManagerStub::AllocHapTokenInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::TOKEN_DELETE)] = + &AccessTokenManagerStub::DeleteTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_TOKEN_TYPE)] = + &AccessTokenManagerStub::GetTokenTypeInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::CHECK_NATIVE_DCAP)] = + &AccessTokenManagerStub::CheckNativeDCapInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_ID)] = + &AccessTokenManagerStub::GetHapTokenIDInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::ALLOC_LOCAL_TOKEN_ID)] = + &AccessTokenManagerStub::AllocLocalTokenIDInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_NATIVE_TOKENINFO)] = + &AccessTokenManagerStub::GetNativeTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKENINFO)] = + &AccessTokenManagerStub::GetHapTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN)] = + &AccessTokenManagerStub::UpdateHapTokenInner; +} + +AccessTokenManagerStub::~AccessTokenManagerStub() +{ + requestFuncMap_.clear(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp new file mode 100644 index 000000000..bdd34a724 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_id_manager.h" + +#include + +#include "accesstoken_log.h" +#include "data_validator.h" +#include "random.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenIDManager"}; +} + +ATokenTypeEnum AccessTokenIDManager::GetTokenIdType(AccessTokenID id) +{ + { + Utils::UniqueReadGuard idGuard(this->tokenIdLock_); + if (tokenIdSet_.count(id) == 0) { + return TOKEN_INVALID; + } + } + AccessTokenIDInner *idInner = (AccessTokenIDInner *)&id; + return (ATokenTypeEnum)idInner->type; +} + +int AccessTokenIDManager::RegisterTokenId(AccessTokenID id, ATokenTypeEnum type) +{ + AccessTokenIDInner *idInner = (AccessTokenIDInner *)&id; + if (idInner->version != DEFAULT_TOKEN_VERSION || idInner->type != type) { + return RET_FAILED; + } + + Utils::UniqueWriteGuard idGuard(this->tokenIdLock_); + if (tokenIdSet_.count(id) != 0) { + return RET_FAILED; + } + + tokenIdSet_.insert(id); + return RET_SUCCESS; +} + +AccessTokenID AccessTokenIDManager::CreateTokenId(ATokenTypeEnum type) const +{ + unsigned int rand = GetRandomUint32(); + if (rand == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, get random failed", __func__); + return 0; + } + + AccessTokenIDInner innerId = {0}; + innerId.version = DEFAULT_TOKEN_VERSION; + innerId.type = type; + innerId.res = 0; + innerId.tokenUniqueID = rand & TOKEN_RANDOM_MASK; + AccessTokenID tokenId = *(AccessTokenID *)&innerId; + return tokenId; +} + +AccessTokenID AccessTokenIDManager::CreateAndRegisterTokenId(ATokenTypeEnum type) +{ + AccessTokenID tokenId = 0; + // random maybe repeat, retry twice. + for (int i = 0; i < MAX_CREATE_TOKEN_ID_RETRY; i++) { + tokenId = CreateTokenId(type); + if (tokenId == 0) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, create tokenId failed", __func__); + return 0; + } + + int ret = RegisterTokenId(tokenId, type); + if (ret == RET_SUCCESS) { + break; + } else if (i == MAX_CREATE_TOKEN_ID_RETRY - 1) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, reigster tokenId failed, maybe repeat, retry", __func__); + } else { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, reigster tokenId finally failed", __func__); + } + } + return tokenId; +} + +void AccessTokenIDManager::ReleaseTokenId(AccessTokenID id) +{ + Utils::UniqueWriteGuard idGuard(this->tokenIdLock_); + if (tokenIdSet_.count(id) == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, id %{public}x is not exist", __func__, id); + return; + } + tokenIdSet_.erase(id); +} + +AccessTokenIDManager& AccessTokenIDManager::GetInstance() +{ + static AccessTokenIDManager instance; + return instance; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp new file mode 100644 index 000000000..757719227 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -0,0 +1,543 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_info_manager.h" + +#include "accesstoken_id_manager.h" +#include "accesstoken_log.h" +#include "data_storage.h" +#include "data_translator.h" +#include "data_validator.h" +#include "field_const.h" +#include "generic_values.h" +#include "hap_token_info_inner.h" +#include "permission_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenInfoManager"}; +} + +AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) +{} + +AccessTokenInfoManager::~AccessTokenInfoManager() +{ + if (!hasInited_) { + return; + } + this->tokenDataWorker_.Stop(); + this->hasInited_ = false; +} + +void AccessTokenInfoManager::Init() +{ + OHOS::Utils::UniqueWriteGuard lk(this->managerLock_); + if (hasInited_) { + return; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "init begin!"); + InitHapTokenInfos(); + InitNativeTokenInfos(); + this->tokenDataWorker_.Start(1); + hasInited_ = true; + ACCESSTOKEN_LOG_INFO(LABEL, "Init success"); +} + +void AccessTokenInfoManager::InitHapTokenInfos() +{ + std::vector hapTokenRes; + std::vector permDefRes; + std::vector permStateRes; + + DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_HAP_INFO, hapTokenRes); + DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_PERMISSION_DEF, permDefRes); + DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_PERMISSION_STATE, permStateRes); + + for (GenericValues& tokenValue : hapTokenRes) { + AccessTokenID tokenId = (AccessTokenID)tokenValue.GetInt(FIELD_TOKEN_ID); + int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add id failed.", + __func__, tokenId); + continue; + } + std::shared_ptr hap = std::make_shared(); + if (hap == nullptr) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x alloc failed.", __func__, tokenId); + continue; + } + ret = hap->RestoreHapTokenInfo(tokenId, tokenValue, permDefRes, permStateRes); + if (ret != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x restore failed.", __func__, tokenId); + continue; + } + + ret = AddHapTokenInfo(hap); + if (ret != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + continue; + } + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s:restore hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", + __func__, tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetInstIndex()); + } +} + +void AccessTokenInfoManager::InitNativeTokenInfos() +{ + std::vector nativeTokenResults; + DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_NATIVE_INFO, nativeTokenResults); + for (GenericValues nativeTokenValue : nativeTokenResults) { + AccessTokenID tokenId = (AccessTokenID)nativeTokenValue.GetInt(FIELD_TOKEN_ID); + int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_NATIVE); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + continue; + } + std::shared_ptr native = std::make_shared(); + if (native == nullptr) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x alloc failed.", __func__, tokenId); + continue; + } + + ret = native->RestoreNativeTokenInfo(tokenId, nativeTokenValue); + if (ret != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x restore failed.", __func__, tokenId); + continue; + } + + ret = AddNativeTokenInfo(native); + if (ret != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + continue; + } + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s:restore native token 0x%{public}x process name %{public}s ok!", + __func__, tokenId, native->GetProcessName().c_str()); + } +} + +std::string AccessTokenInfoManager::GetHapUniqueStr(const int& userID, + const std::string& bundleName, const int& instIndex) const +{ + return bundleName + "&" + std::to_string(userID) + "&" + std::to_string(instIndex); +} + +std::string AccessTokenInfoManager::GetHapUniqueStr(const std::shared_ptr& info) const +{ + if (info == nullptr) { + return std::string(""); + } + return GetHapUniqueStr(info->GetUserID(), info->GetBundleName(), info->GetInstIndex()); +} + +int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr& info) +{ + if (info == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: token info is null.", __func__); + return RET_FAILED; + } + AccessTokenID id = info->GetTokenID(); + + { + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + if (hapTokenInfoMap_.count(id) > 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x info has exist.", __func__, id); + return RET_FAILED; + } + + std::string HapUniqueKey = GetHapUniqueStr(info); + if (hapTokenIdMap_.count(HapUniqueKey) > 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x Unique info has exist.", __func__, id); + return RET_FAILED; + } + + hapTokenInfoMap_[id] = info; + hapTokenIdMap_[HapUniqueKey] = id; + } + std::shared_ptr permPolicySet = info->GetHapInfoPermissionPolicySet(); + if (permPolicySet != nullptr) { + PermissionManager::GetInstance().AddDefPermissions(permPolicySet->permList_); + } + return RET_SUCCESS; +} + +int AccessTokenInfoManager::AddNativeTokenInfo(const std::shared_ptr& info) +{ + if (info == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: token info is null.", __func__); + return RET_FAILED; + } + + AccessTokenID id = info->GetTokenID(); + Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); + if (nativeTokenInfoMap_.count(id) > 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x has exist.", __func__, id); + return RET_FAILED; + } + nativeTokenInfoMap_[id] = info; + return RET_SUCCESS; +} + +std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner(AccessTokenID id) +{ + Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); + if (hapTokenInfoMap_.count(id) == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + return nullptr; + } + return hapTokenInfoMap_[id]; +} + +int AccessTokenInfoManager::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& InfoParcel) +{ + std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + return RET_FAILED; + } + infoPtr->TranslateToHapTokenInfo(InfoParcel); + return RET_SUCCESS; +} + +std::shared_ptr AccessTokenInfoManager::GetHapPermissionPolicySet(AccessTokenID id) +{ + std::shared_ptr infoPtr = GetHapTokenInfoInner(id); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + return nullptr; + } + return infoPtr->GetHapInfoPermissionPolicySet(); +} + +std::shared_ptr AccessTokenInfoManager::GetNativeTokenInfoInner(AccessTokenID id) +{ + Utils::UniqueReadGuard infoGuard(this->nativeTokenInfoLock_); + if (nativeTokenInfoMap_.count(id) == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + return nullptr; + } + return nativeTokenInfoMap_[id]; +} + +int AccessTokenInfoManager::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& InfoParcel) +{ + std::shared_ptr infoPtr = GetNativeTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + return RET_FAILED; + } + + infoPtr->TranslateToNativeTokenInfo(InfoParcel); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::RemoveTokenInfo(AccessTokenID id) +{ + ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); + if (type == TOKEN_HAP) { + // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. + PermissionManager::GetInstance().RemoveDefPermissions(id); + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + if (hapTokenInfoMap_.count(id) == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: hap token %{public}x is null.", __func__, id); + return RET_FAILED; + } + + const std::shared_ptr info = hapTokenInfoMap_[id]; + if (info == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: hap token %{public}x is null.", __func__, id); + return RET_FAILED; + } + std::string HapUniqueKey = GetHapUniqueStr(info); + if (hapTokenIdMap_.count(HapUniqueKey) != 0) { + hapTokenIdMap_.erase(HapUniqueKey); + } + + hapTokenInfoMap_.erase(id); + } else if (type == TOKEN_NATIVE) { + Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); + if (nativeTokenInfoMap_.count(id) == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: native token %{public}x is null.", __func__, id); + return RET_FAILED; + } + nativeTokenInfoMap_.erase(id); + } else { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x unknown type.", __func__, id); + return RET_FAILED; + } + + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:remove hap token 0x%{public}x ok!", __func__, id); + RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::CreateHapTokenInfo( + const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx) +{ + if (!DataValidator::IsUserIdValid(info.userID) || !DataValidator::IsBundleNameValid(info.bundleName) + || !DataValidator::IsAppIDDescValid(info.appIDDesc) || !DataValidator::IsDomainValid(policy.domain)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, hap token param failed", __func__); + return RET_FAILED; + } + + AccessTokenID tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP); + if (tokenId == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, token Id create failed", __func__); + return RET_FAILED; + } + + std::shared_ptr tokenInfo = std::make_shared(); + if (tokenInfo == nullptr) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, alloc token info failed", __func__); + return RET_FAILED; + } + tokenInfo->Init(tokenId, info, policy); + + int ret = AddHapTokenInfo(tokenInfo); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, %{public}s add token info failed", + __func__, info.bundleName.c_str()); + AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); + return RET_FAILED; + } + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s:create hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", + __func__, tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex()); + + tokenIdEx.tokenIdExStruct.tokenID = tokenId; + tokenIdEx.tokenIdExStruct.tokenAttr = 0; + RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) +{ + std::shared_ptr infoPtr = GetNativeTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + return RET_FAILED; + } + + std::vector dcaps = infoPtr->GetDcap(); + for (auto iter = dcaps.begin(); iter != dcaps.end(); iter++) { + if (*iter == dcap) { + return RET_SUCCESS; + } + } + return RET_FAILED; +} + +AccessTokenID AccessTokenInfoManager::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) +{ + Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); + std::string HapUniqueKey = GetHapUniqueStr(userID, bundleName, instIndex); + if (hapTokenIdMap_.count(HapUniqueKey) > 0) { + return hapTokenIdMap_[HapUniqueKey]; + } + return 0; +} + +AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remoteDeviceID, + AccessTokenID remoteTokenID) +{ + return 0; +} + +bool AccessTokenInfoManager::TryUpdateExistNativeToken(const std::shared_ptr& infoPtr) +{ + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, info is null", __func__); + return false; + } + + Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); + AccessTokenID id = infoPtr->GetTokenID(); + // if native token is exist, update it + if (nativeTokenInfoMap_.count(id) == 0) { + return false; + } + std::shared_ptr oldTokenInfoPtr = nativeTokenInfoMap_[id]; + if (oldTokenInfoPtr != nullptr) { + nativeTokenInfoMap_[id] = infoPtr; + } else { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: native token exist, but is null.", __func__); + } + return true; +} + +int AccessTokenInfoManager::AllocNativeToken(const std::shared_ptr& infoPtr) +{ + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, token info is null", __func__); + return RET_FAILED; + } + + AccessTokenID id = infoPtr->GetTokenID(); + int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(id, TOKEN_NATIVE); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, token Id register fail", __func__); + return RET_FAILED; + } + + ret = AddNativeTokenInfo(infoPtr); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, %{public}s add token info failed", + __func__, infoPtr->GetProcessName().c_str()); + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); + return RET_FAILED; + } + + return RET_SUCCESS; +} + +void AccessTokenInfoManager::ProcessNativeTokenInfos( + const std::vector>& tokenInfos) +{ + for (auto& infoPtr: tokenInfos) { + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, token info from libat is null", __func__); + continue; + } + bool isUpdated = TryUpdateExistNativeToken(infoPtr); + if (!isUpdated) { + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s: token 0x%{public}x process name %{public}s is new, add to manager!", + __func__, infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); + int ret = AllocNativeToken(infoPtr); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s: token 0x%{public}x process name %{public}s add to manager failed!", + __func__, infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); + } + } + } + RefreshTokenInfoIfNeeded(); +} + +int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, + const std::string& appIDDesc, const HapPolicyParams& policy) +{ + std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:token 0x%{public}x is null, can not update!", __func__, tokenID); + return RET_FAILED; + } + + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + infoPtr->Update(appIDDesc, policy); + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s: token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d update ok!", + __func__, tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); + + RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() +{ + static AccessTokenInfoManager instance; + return instance; +} + +void AccessTokenInfoManager::StoreAllTokenInfo() +{ + std::vector hapInfoValues; + std::vector permDefValues; + std::vector permStateValues; + std::vector nativeTokenValues; + { + Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); + for (auto iter = hapTokenInfoMap_.begin(); iter != hapTokenInfoMap_.end(); iter++) { + if (iter->second != nullptr) { + iter->second->StoreHapInfo(hapInfoValues, permDefValues, permStateValues); + } + } + } + + { + Utils::UniqueReadGuard infoGuard(this->nativeTokenInfoLock_); + for (auto iter = nativeTokenInfoMap_.begin(); iter != nativeTokenInfoMap_.end(); iter++) { + if (iter->second != nullptr) { + iter->second->StoreNativeInfo(nativeTokenValues); + } + } + } + + DataStorage::GetRealDataStorage().RefreshAll(DataStorage::ACCESSTOKEN_HAP_INFO, hapInfoValues); + DataStorage::GetRealDataStorage().RefreshAll(DataStorage::ACCESSTOKEN_NATIVE_INFO, nativeTokenValues); + DataStorage::GetRealDataStorage().RefreshAll(DataStorage::ACCESSTOKEN_PERMISSION_DEF, permDefValues); + DataStorage::GetRealDataStorage().RefreshAll(DataStorage::ACCESSTOKEN_PERMISSION_STATE, permStateValues); +} + +void AccessTokenInfoManager::RefreshTokenInfoIfNeeded() +{ + if (tokenDataWorker_.GetCurTaskNum() > 1) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: has refresh task!", __func__); + return; + } + tokenDataWorker_.AddTask([]() { + AccessTokenInfoManager::GetInstance().StoreAllTokenInfo(); + + // Sleep for one second to avoid frequent refresh of the database. + std::this_thread::sleep_for(std::chrono::seconds(1)); + }); +} + +void AccessTokenInfoManager::Dump(std::string& dumpInfo) +{ + Utils::UniqueReadGuard hapInfoGuard(this->hapTokenInfoLock_); + for (auto iter = hapTokenInfoMap_.begin(); iter != hapTokenInfoMap_.end(); iter++) { + if (iter->second != nullptr) { + iter->second->ToString(dumpInfo); + } + } + + Utils::UniqueReadGuard nativeInfoGuard(this->nativeTokenInfoLock_); + for (auto iter = nativeTokenInfoMap_.begin(); iter != nativeTokenInfoMap_.end(); iter++) { + if (iter->second != nullptr) { + iter->second->ToString(dumpInfo); + } + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp new file mode 100644 index 000000000..0d71b7446 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -0,0 +1,181 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hap_token_info_inner.h" + +#include "accesstoken_id_manager.h" +#include "accesstoken_log.h" +#include "data_translator.h" +#include "data_validator.h" +#include "field_const.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "HapTokenInfoInner"}; +} +void HapTokenInfoInner::Init(AccessTokenID id, const HapInfoParams &info, const HapPolicyParams &policy) +{ + tokenID_ = id; + userID_ = info.userID; + bundleName_ = info.bundleName; + instIndex_ = info.instIndex; + appID_ = info.appIDDesc; + deviceID_ = "0"; + apl_ = policy.apl; + permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permList, policy.permStateList); +} + +void HapTokenInfoInner::Update(const std::string& appIDDesc, const HapPolicyParams& policy) +{ + appID_ = appIDDesc; + if (permPolicySet_ == nullptr) { + permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(tokenID_, + policy.permList, policy.permStateList); + return; + } + + permPolicySet_->Update(policy.permList, policy.permStateList); + return; +} + +void HapTokenInfoInner::TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const +{ + InfoParcel.apl = apl_; + InfoParcel.ver = ver_; + InfoParcel.userID = userID_; + InfoParcel.bundleName = bundleName_; + InfoParcel.instIndex = instIndex_; + InfoParcel.appID = appID_; + InfoParcel.deviceID = deviceID_; + InfoParcel.tokenID = tokenID_; + InfoParcel.tokenAttr = tokenAttr_; +} + +void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const +{ + outGenericValues.Put(FIELD_TOKEN_ID, tokenID_); + outGenericValues.Put(FIELD_USER_ID, userID_); + outGenericValues.Put(FIELD_BUNDLE_NAME, bundleName_); + outGenericValues.Put(FIELD_INST_INDEX, instIndex_); + outGenericValues.Put(FIELD_APP_ID, appID_); + outGenericValues.Put(FIELD_DEVICE_ID, deviceID_); + outGenericValues.Put(FIELD_APL, apl_); + outGenericValues.Put(FIELD_TOKEN_VERSION, ver_); + outGenericValues.Put(FIELD_TOKEN_ATTR, tokenAttr_); +} + +int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericValues) +{ + userID_ = inGenericValues.GetInt(FIELD_USER_ID); + bundleName_ = inGenericValues.GetString(FIELD_BUNDLE_NAME); + instIndex_ = inGenericValues.GetInt(FIELD_INST_INDEX); + appID_ = inGenericValues.GetString(FIELD_APP_ID); + deviceID_ = inGenericValues.GetString(FIELD_DEVICE_ID); + int aplNum = inGenericValues.GetInt(FIELD_APL); + if (DataValidator::IsAplNumValid(aplNum)) { + apl_ = (ATokenAplEnum)aplNum; + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); + return RET_FAILED; + } + ver_ = inGenericValues.GetInt(FIELD_TOKEN_VERSION); + if (ver_ != DEFAULT_TOKEN_VERSION) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); + return RET_FAILED; + } + tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + return RET_SUCCESS; +} + +int HapTokenInfoInner::RestoreHapTokenInfo(AccessTokenID tokenId, + GenericValues& tokenValue, const std::vector& permDefRes, + const std::vector& permStateRes) +{ + tokenID_ = tokenId; + int ret = RestoreHapTokenBasicInfo(tokenValue); + if (ret != RET_SUCCESS) { + return RET_FAILED; + } + permPolicySet_ = PermissionPolicySet::RestorePermissionPolicy(tokenId, + permDefRes, permStateRes); + return RET_SUCCESS; +} + +void HapTokenInfoInner::StoreHapBasicInfo(std::vector& valueList) const +{ + GenericValues genericValues; + TranslationIntoGenericValues(genericValues); + valueList.emplace_back(genericValues); +} + +void HapTokenInfoInner::StoreHapInfo(std::vector& hapInfoValues, + std::vector& permDefValues, + std::vector& permStateValues) const +{ + StoreHapBasicInfo(hapInfoValues); + if (permPolicySet_ != nullptr) { + permPolicySet_->StorePermissionPolicySet(permDefValues, permStateValues); + } +} + +std::shared_ptr HapTokenInfoInner::GetHapInfoPermissionPolicySet() const +{ + return permPolicySet_; +} + +int HapTokenInfoInner::GetUserID() const +{ + return userID_; +} + +std::string HapTokenInfoInner::GetBundleName() const +{ + return bundleName_; +} + +int HapTokenInfoInner::GetInstIndex() const +{ + return instIndex_; +} + +AccessTokenID HapTokenInfoInner::GetTokenID() const +{ + return tokenID_; +} + +void HapTokenInfoInner::ToString(std::string& info) const +{ + info.append(R"({"tokenID": )" + std::to_string(tokenID_)); + info.append(R"(, "tokenAttr": )" + std::to_string(tokenAttr_)); + info.append(R"(, "ver": )" + std::to_string(ver_)); + info.append(R"(, "userId": )" + std::to_string(userID_)); + info.append(R"(, "bundleName": ")" + bundleName_ + R"(")"); + info.append(R"(, "instIndex": )" + std::to_string(instIndex_)); + info.append(R"(, "appID": ")" + appID_ + R"(")"); + info.append(R"(, "deviceID": ")" + deviceID_ + R"(")"); + info.append(R"(, "apl": )" + std::to_string(apl_)); + + if (permPolicySet_ != nullptr) { + permPolicySet_->ToString(info); + } + info.append("}"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp new file mode 100644 index 000000000..e57208456 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -0,0 +1,184 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "native_token_info_inner.h" + +#include "data_translator.h" +#include "data_validator.h" +#include "field_const.h" +#include "nlohmann/json.hpp" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "NativeTokenInfoInner"}; +} + +void NativeTokenInfoInner::Init(AccessTokenID id, const std::string& processName, + ATokenAplEnum apl, const std::vector& dcap) +{ + tokenID_ = id; + processName_ = processName; + apl_ = apl; + dcap_ = dcap; +} + +std::string NativeTokenInfoInner::DcapToString(const std::vector& dcap) const +{ + std::string dcapStr; + for (auto iter = dcap.begin(); iter != dcap.end(); iter++) { + dcapStr.append(*iter); + if (iter != (dcap.end() - 1)) { + dcapStr.append(","); + } + } + return dcapStr; +} + +int NativeTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const +{ + outGenericValues.Put(FIELD_TOKEN_ID, tokenID_); + outGenericValues.Put(FIELD_PROCESS_NAME, processName_); + outGenericValues.Put(FIELD_APL, apl_); + outGenericValues.Put(FIELD_TOKEN_VERSION, ver_); + outGenericValues.Put(FIELD_DCAP, DcapToString(dcap_)); + outGenericValues.Put(FIELD_TOKEN_ATTR, tokenAttr_); + + return RET_SUCCESS; +} + +int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const GenericValues& inGenericValues) +{ + tokenID_ = tokenId; + processName_ = inGenericValues.GetString(FIELD_PROCESS_NAME); + int aplNum = inGenericValues.GetInt(FIELD_APL); + if (DataValidator::IsAplNumValid(aplNum)) { + apl_ = (ATokenAplEnum)aplNum; + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); + return RET_FAILED; + } + ver_ = inGenericValues.GetInt(FIELD_TOKEN_VERSION); + if (ver_ != DEFAULT_TOKEN_VERSION) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); + return RET_FAILED; + } + + SetDcaps(inGenericValues.GetString(FIELD_DCAP)); + tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + return RET_SUCCESS; +} + +void NativeTokenInfoInner::TranslateToNativeTokenInfo(NativeTokenInfo& InfoParcel) const +{ + InfoParcel.apl = apl_; + InfoParcel.ver = ver_; + InfoParcel.processName = processName_; + InfoParcel.dcap = dcap_; + InfoParcel.tokenID = tokenID_; + InfoParcel.tokenAttr = tokenAttr_; +} + +void NativeTokenInfoInner::StoreNativeInfo(std::vector& valueList) const +{ + GenericValues genericValues; + TranslationIntoGenericValues(genericValues); + valueList.emplace_back(genericValues); +} + +bool NativeTokenInfoInner::FromJsonString(const std::string& jsonString) +{ + nlohmann::json jsonObject = nlohmann::json::parse(jsonString); + if (jsonObject.is_discarded()) { + return false; + } + + if (jsonObject.find(JSON_PROCESS_NAME) != jsonObject.end()) { + processName_ = jsonObject.at(JSON_PROCESS_NAME).get(); + } + + if (jsonObject.find(JSON_APL) != jsonObject.end()) { + int aplNum = jsonObject.at(JSON_APL).get(); + if (DataValidator::IsAplNumValid(aplNum)) { + apl_ = (ATokenAplEnum)aplNum; + } + } + + if (jsonObject.find(JSON_VERSION) != jsonObject.end()) { + ver_ = jsonObject.at(JSON_VERSION).get(); + } + + if (jsonObject.find(JSON_TOKEN_ID) != jsonObject.end()) { + tokenID_ = jsonObject.at(JSON_TOKEN_ID).get(); + } + + if (jsonObject.find(JSON_TOKEN_ATTR) != jsonObject.end()) { + tokenAttr_ = jsonObject.at(JSON_TOKEN_ATTR).get(); + } + + if (jsonObject.find(JSON_DCAPS) != jsonObject.end()) { + dcap_ = jsonObject.at(JSON_DCAPS).get>(); + } + + return true; +} + +AccessTokenID NativeTokenInfoInner::GetTokenID() const +{ + return tokenID_; +} + +std::vector NativeTokenInfoInner::GetDcap() const +{ + return dcap_; +} + +std::string NativeTokenInfoInner::GetProcessName() const +{ + return processName_; +} + +void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) +{ + int start = 0; + while (true) { + unsigned int offset = dcapStr.find(',', start); + if (offset == std::string::npos) { + dcap_.push_back(dcapStr.substr(start)); + break; + } + dcap_.push_back(dcapStr.substr(start, offset)); + start = offset + 1; + } +} + +void NativeTokenInfoInner::ToString(std::string& info) const +{ + info.append(R"({"tokenID": )" + std::to_string(tokenID_)); + info.append(R"(, "tokenAttr": )" + std::to_string(tokenAttr_)); + info.append(R"(, "ver": )" + std::to_string(ver_)); + info.append(R"(, "processName": ")" + processName_ + R"(")"); + info.append(R"(, "apl": )" + std::to_string(apl_)); + info.append(R"(, "dcap": ")" + DcapToString(dcap_) + R"(")"); + info.append("}"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/sa_profile/3503.xml b/services/accesstokenmanager/main/sa_profile/3503.xml new file mode 100644 index 000000000..d20563c46 --- /dev/null +++ b/services/accesstokenmanager/main/sa_profile/3503.xml @@ -0,0 +1,24 @@ + + + + accesstoken_service + + 3503 + libaccesstoken_manager_service.z.so + true + false + 1 + + diff --git a/services/accesstokenmanager/main/sa_profile/BUILD.gn b/services/accesstokenmanager/main/sa_profile/BUILD.gn new file mode 100644 index 000000000..c199a410c --- /dev/null +++ b/services/accesstokenmanager/main/sa_profile/BUILD.gn @@ -0,0 +1,20 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos/sa_profile/sa_profile.gni") + +ohos_sa_profile("accesstoken_sa_profile_standard") { + part_name = "access_token" + + sources = [ "3503.xml" ] +} diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn new file mode 100644 index 000000000..b22343c7f --- /dev/null +++ b/services/accesstokenmanager/test/BUILD.gn @@ -0,0 +1,53 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libaccesstoken_manager_service_standard_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//utils/native/base/include", + "//third_party/googletest/include", + "//base/security/access_token/services/accesstokenmanager/main/cpp/include/service", + "//base/security/access_token/services/accesstokenmanager/main/cpp/include/token", + "//base/security/access_token/services/accesstokenmanager/main/cpp/include/permission", + "//base/security/access_token/services/accesstokenmanager/main/cpp/include/database", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + ] + + sources = [ + "unittest/cpp/src/accesstoken_info_manager_test.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//third_party/googletest:gtest_main", + "//utils/native/base:utils", + ] + + external_deps = [ "hiviewdfx_hilog_native:libhilog" ] +} + +group("unittest") { + testonly = true + deps = [ ":libaccesstoken_manager_service_standard_test" ] +} diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp new file mode 100644 index 000000000..89bec7c88 --- /dev/null +++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp @@ -0,0 +1,240 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_info_manager_test.h" + +#include +#include +#include "accesstoken_info_manager.h" +#include "accesstoken_log.h" + +using namespace testing::ext; +using namespace OHOS::Security::AccessToken; + +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenInfoManagerTest" +}; + +static PermissionDef g_infoManagerTestPermDef1 = { + .permissionName = "open the door", + .bundleName = "accesstoken_test", + .grantMode = 1, + .label = "label", + .labelId = 1, + .description = "open the door", + .descriptionId = 1, + .availableScope = 1 +}; + +static PermissionDef g_infoManagerTestPermDef2 = { + .permissionName = "break the door", + .bundleName = "accesstoken_test", + .grantMode = 1, + .label = "label", + .labelId = 1, + .description = "break the door", + .descriptionId = 1, + .availableScope = 1 +}; + +static PermissionStateFull g_infoManagerTestState1 = { + .grantFlags = {1}, + .grantStatus = {1}, + .isGeneral = true, + .permissionName = "open the door", + .resDeviceID = {"local"} +}; + +static PermissionStateFull g_infoManagerTestState2 = { + .permissionName = "break the door", + .isGeneral = false, + .grantFlags = {1, 2}, + .grantStatus = {1, 3}, + .resDeviceID = {"device 1", "device 2"} +}; + +static HapInfoParams g_infoManagerTestInfoParms = { + .bundleName = "accesstoken_test", + .userID = 1, + .instIndex = 0, + .appIDDesc = "testtesttesttest" +}; + +static HapPolicyParams g_infoManagerTestPolicyPrams = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, + .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} +}; +} + +void AccessTokenInfoManagerTest::SetUpTestCase() +{} + +void AccessTokenInfoManagerTest::TearDownTestCase() +{} + +void AccessTokenInfoManagerTest::SetUp() +{} + +void AccessTokenInfoManagerTest::TearDown() +{} + +HWTEST_F(AccessTokenInfoManagerTest, Init001, TestSize.Level1) +{ + AccessTokenInfoManager::GetInstance().Init(); + std::string dumpInfo; + AccessTokenInfoManager::GetInstance().Dump(dumpInfo); + GTEST_LOG_(INFO) << "dump all:" << dumpInfo.c_str(); + + // delete test token + AccessTokenID getTokenId = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); + + if (getTokenId != 0) { + int ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(getTokenId); + ASSERT_EQ(RET_SUCCESS, ret); + } + + ASSERT_EQ(RET_SUCCESS, RET_SUCCESS); +} + +/** + * @tc.name: CreateHapTokenInfo001 + * @tc.desc: Verify the CreateHapTokenInfo add one hap token function. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, + g_infoManagerTestPolicyPrams, tokenIdEx); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "add a hap token"; + + std::shared_ptr tokenInfo; + tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_NE(nullptr, tokenInfo); + std::string infoDes; + tokenInfo->ToString(infoDes); + GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); + + ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "remove the token info"; + + tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(nullptr, tokenInfo); +} + +/** + * @tc.name: CreateHapTokenInfo002 + * @tc.desc: Verify the CreateHapTokenInfo add one hap token twice function. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "AddHapToken001 fill data"); + + AccessTokenIDEx tokenIdEx = {0}; + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, + g_infoManagerTestPolicyPrams, tokenIdEx); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "add a hap token"; + + AccessTokenIDEx tokenIdEx1 = {0}; + ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, + g_infoManagerTestPolicyPrams, tokenIdEx1); + ASSERT_EQ(RET_FAILED, ret); + ASSERT_EQ(0, tokenIdEx1.tokenIdExStruct.tokenID); + GTEST_LOG_(INFO) << "add same hap token"; + + std::shared_ptr tokenInfo; + tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_NE(nullptr, tokenInfo); + + std::string infoDes; + tokenInfo->ToString(infoDes); + GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); + + ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "remove the token info"; +} + +/** + * @tc.name: GetHapTokenID001 + * @tc.desc: Verify the GetHapTokenID by userID/bundleName/instIndex, function. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, + g_infoManagerTestPolicyPrams, tokenIdEx); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "add a hap token"; + + AccessTokenID getTokenId = AccessTokenInfoManager::GetInstance().GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); + ASSERT_EQ(tokenIdEx.tokenIdExStruct.tokenID, getTokenId); + GTEST_LOG_(INFO) << "find hap info"; + + std::shared_ptr tokenInfo; + tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_NE(nullptr, tokenInfo); + GTEST_LOG_(INFO) << "remove the token info"; + + ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "remove the token info"; +} + +/** + * @tc.name: UpdateHapToken001 + * @tc.desc: Verify the UpdateHapToken token function. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo(g_infoManagerTestInfoParms, + g_infoManagerTestPolicyPrams, tokenIdEx); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "add a hap token"; + + HapPolicyParams policy = g_infoManagerTestPolicyPrams; + policy.apl = APL_SYSTEM_BASIC; + ret = AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenIdEx.tokenIdExStruct.tokenID, + std::string("updateAppId"), policy); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "update the hap token"; + + std::shared_ptr tokenInfo; + tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_NE(nullptr, tokenInfo); + std::string infoDes; + tokenInfo->ToString(infoDes); + GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); + + ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + GTEST_LOG_(INFO) << "remove the token info"; +} diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h new file mode 100644 index 000000000..3d92f4650 --- /dev/null +++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_INFO_MANAGER_TEST_H +#define ACCESSTOKEN_INFO_MANAGER_TEST_H + +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class AccessTokenInfoManagerTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_INFO_MANAGER_TEST_H diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn new file mode 100644 index 000000000..375cba960 --- /dev/null +++ b/services/tokensyncmanager/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +ohos_shared_library("tokensync_manager_service") { + subsystem_name = "security" + part_name = "access_token" + + include_dirs = [ + "include", + "//utils/system/safwk/native/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/tokensync/include", + #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission", + ] + + sources = [ + "main/cpp/tokensync_manager_service.cpp", + "main/cpp/tokensync_manager_stub.cpp", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] + + deps = [ + #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", + #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", + #"//third_party/sqlite:sqlite", + "//utils/native/base:utils", + ] + + external_deps = [ + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + "safwk:system_ability_fwk", + "samgr_standard:samgr_proxy", + ] +} diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp b/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp new file mode 100644 index 000000000..6e011816a --- /dev/null +++ b/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_manager_service.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerService"}; +} + +const bool REGISTER_RESULT = + SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); + +TokenSyncManagerService::TokenSyncManagerService() + : SystemAbility(SA_ID_TOKENSYNC_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "TokenSyncManagerService()"); +} + +TokenSyncManagerService::~TokenSyncManagerService() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "~TokenSyncManagerService()"); +} + +void TokenSyncManagerService::OnStart() +{ + if (state_ == ServiceRunningState::STATE_RUNNING) { + ACCESSTOKEN_LOG_INFO(LABEL, "TokenSyncManagerService has already started!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "TokenSyncManagerService is starting"); + state_ = ServiceRunningState::STATE_RUNNING; + bool ret = Publish(DelayedSingleton::GetInstance().get()); + if (!ret) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to publish service!"); + return; + } + ACCESSTOKEN_LOG_INFO(LABEL, "Congratulations, TokenSyncManagerService start successfully!"); +} + +void TokenSyncManagerService::OnStop() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); + state_ = ServiceRunningState::STATE_NOT_START; +} + +int TokenSyncManagerService::VerifyPermission( + const std::string& bundleName, const std::string& permissionName, int userId) +{ + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s called, packageName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__, + bundleName.c_str(), permissionName.c_str(), userId); + return 0; +} + +bool TokenSyncManagerService::Initialize() const +{ + return true; +} +} // namespace TokenSync +} // namespace Security +} diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_service.h b/services/tokensyncmanager/main/cpp/tokensync_manager_service.h new file mode 100644 index 000000000..076609994 --- /dev/null +++ b/services/tokensyncmanager/main/cpp/tokensync_manager_service.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_MANAGER_SERVICE_H +#define TOKENSYNC_MANAGER_SERVICE_H + +#include + +#include "iremote_object.h" +#include "nocopyable.h" +#include "singleton.h" +#include "system_ability.h" +#include "tokensync_manager_stub.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; +class TokenSyncManagerService final : public SystemAbility, public TokenSyncManagerStub { + DECLARE_DELAYED_SINGLETON(TokenSyncManagerService); + DECLEAR_SYSTEM_ABILITY(TokenSyncManagerService); + +public: + void OnStart() override; + void OnStop() override; + + int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override; + +private: + bool Initialize() const; + + ServiceRunningState state_; +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS +#endif // TOKENSYNC_MANAGER_SERVICE_H diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp b/services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp new file mode 100644 index 000000000..21c222bd6 --- /dev/null +++ b/services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensync_manager_stub.h" + +#include "accesstoken_log.h" + +#include "ipc_skeleton.h" +#include "string_ex.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerStub"}; +} + +int32_t TokenSyncManagerStub::OnRemoteRequest( + uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, code: %{public}d", __func__, code); + std::u16string descriptor = data.ReadInterfaceToken(); + if (descriptor != ITokenSyncManager::GetDescriptor()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); + return -1; + } + switch (code) { + case static_cast(ITokenSyncManager::InterfaceCode::VERIFY_PERMISSION): + VerifyPermissionInner(data, reply); + break; + default: + return IPCObjectStub::OnRemoteRequest(code, data, reply, option); + } + return NO_ERROR; +} + +void TokenSyncManagerStub::VerifyPermissionInner(MessageParcel& data, MessageParcel& reply) +{ + std::string bundleName = data.ReadString(); + std::string permissionName = data.ReadString(); + int userId = data.ReadInt32(); + int result = this->VerifyPermission(bundleName, permissionName, userId); + reply.WriteInt32(result); +} +} // namespace TokenSync +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.h b/services/tokensyncmanager/main/cpp/tokensync_manager_stub.h new file mode 100644 index 000000000..991e3947f --- /dev/null +++ b/services/tokensyncmanager/main/cpp/tokensync_manager_stub.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_MANAGER_STUB_H +#define TOKENSYNC_MANAGER_STUB_H + +#include "i_tokensync_manager.h" + +#include "iremote_stub.h" +#include "nocopyable.h" + +namespace OHOS { +namespace Security { +namespace TokenSync { +class TokenSyncManagerStub : public IRemoteStub { +public: + TokenSyncManagerStub() = default; + virtual ~TokenSyncManagerStub() = default; + + int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override; + +private: + void VerifyPermissionInner(MessageParcel& data, MessageParcel& reply); +}; +} // namespace TokenSync +} // namespace Security +} // namespace OHOS +#endif // TOKENSYNC_MANAGER_STUB_H diff --git a/services/tokensyncmanager/main/sa_profile/3504.xml b/services/tokensyncmanager/main/sa_profile/3504.xml new file mode 100644 index 000000000..3348d7156 --- /dev/null +++ b/services/tokensyncmanager/main/sa_profile/3504.xml @@ -0,0 +1,24 @@ + + + + foundation + + 3504 + libtoken_manager_service.z.so + true + true + 1 + + diff --git a/services/tokensyncmanager/main/sa_profile/BUILD.gn b/services/tokensyncmanager/main/sa_profile/BUILD.gn new file mode 100644 index 000000000..40f038f5a --- /dev/null +++ b/services/tokensyncmanager/main/sa_profile/BUILD.gn @@ -0,0 +1,22 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos/sa_profile/sa_profile.gni") + +ohos_sa_profile("tokensync_sa_profile_standard") { + part_name = "token_sync" + + sources = [ "3504.xml" ] +} + + -- Gitee From aa345f8f10414331844877413fcaa91038cfd075 Mon Sep 17 00:00:00 2001 From: lsq Date: Fri, 7 Jan 2022 18:15:35 +0800 Subject: [PATCH 02/51] update readme Signed-off-by: lsq --- README.md | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 616187854..d3b376cb0 100644 --- a/README.md +++ b/README.md @@ -11,31 +11,35 @@ ## 简介 -ATM(AccessTokenManager)是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力,应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符tokenID来标识。 +ATM是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 +应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符tokenID来标识。 ATM模块主要提供如下功能: - 提供基于tokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限; - 提供基于tokenID的Accestoken信息查询,应用可以根据tokenID查询自身的APL等级等信息; ## 缩略词 -- AT:Access Token, 访问凭据 -- AACL:API Access Control List, 权限访问控制列表 -- APL:API Ability Privilege Level, 权限访问控制列表 +- AT: AccessToken, 访问凭据 +- ATM: AccessTokenManager, 访问凭据管理 +- API: Application Programming Interface, 应用程序接口 +- APL: API Ability Privilege Level, 权限访问控制列表 +- APPID: APP identity,应用身份标识 +- tokenID: token identity,凭据身份标识 ## 目录 ``` /base/security/access_token -├── frameworks # 框架层,作为基础功能目录,被interfaces和services使用 -│ ├── accesstoken # Accesstoken管理框架代码实现 -│ ├── tokensync # Accesstoken信息同步框架代码实现 -│ └── common # 框架公共代码实现 +├── frameworks # 框架层,基础功能代码存放目录,被interfaces和services使用 +│ ├── accesstoken # Accesstoken管理框架代码存放目录 +│ ├── tokensync # Accesstoken信息同步框架代码存放目录 +│ └── common # 框架公共代码存放目录 ├── interfaces # 接口层 │ └── innerkits # 内部接口层 -│ ├── accesstoken # Accesstoken内部接口实现代码 -│ └── tokensync # Accesstoken信息同步内部接口实现代码 +│ ├── accesstoken # Accesstoken内部接口代码存放目录 +│ └── tokensync # Accesstoken信息同步内部接口代码存放目录 └── services # 服务层 - ├── accesstokenmanager # Accesstoken管理服务代码 - └── tokensyncmanager # Accesstoken信息同步服务代码 + ├── accesstokenmanager # Accesstoken管理服务代码存放目录 + └── tokensyncmanager # Accesstoken信息同步服务代码存放目录 ``` ## 使用 @@ -48,4 +52,6 @@ ATM模块主要提供如下功能: ## 相关仓 安全子系统 -security\_access\_token \ No newline at end of file +[startup\_init\_lite](https://gitee.com/openharmony/startup_init_lite/blob/master/README.md) +[security\_deviceauth](https://gitee.com/openharmony/security_deviceauth/blob/master/README.md) +**[security\_access\_token](https://gitee.com/openharmony-sig/security_access_token/blob/master/README.md)** \ No newline at end of file -- Gitee From a04a0219ab6b89758e1221dd461ac5f704540376 Mon Sep 17 00:00:00 2001 From: lsq Date: Mon, 10 Jan 2022 11:54:27 +0800 Subject: [PATCH 03/51] OAT.xml Signed-off-by: lsq --- OAT.xml | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 OAT.xml diff --git a/OAT.xml b/OAT.xml new file mode 100644 index 000000000..b11daf527 --- /dev/null +++ b/OAT.xml @@ -0,0 +1,84 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -- Gitee From c2b387d21e5c2f0be962318e1602ec61eb2c9387 Mon Sep 17 00:00:00 2001 From: lsq Date: Mon, 10 Jan 2022 18:07:22 +0800 Subject: [PATCH 04/51] update Signed-off-by: lsq --- services/accesstoken/BUILD.gn | 44 ---------- .../cpp/include/accesstoken_manager_service.h | 47 ----------- .../cpp/include/accesstoken_manager_stub.h | 41 ---------- .../cpp/src/accesstoken_manager_service.cpp | 82 ------------------- .../main/cpp/src/accesstoken_manager_stub.cpp | 61 -------------- services/accesstoken/main/sa_profile/3503.xml | 24 ------ services/accesstoken/main/sa_profile/BUILD.gn | 20 ----- 7 files changed, 319 deletions(-) delete mode 100644 services/accesstoken/BUILD.gn delete mode 100644 services/accesstoken/main/cpp/include/accesstoken_manager_service.h delete mode 100644 services/accesstoken/main/cpp/include/accesstoken_manager_stub.h delete mode 100644 services/accesstoken/main/cpp/src/accesstoken_manager_service.cpp delete mode 100644 services/accesstoken/main/cpp/src/accesstoken_manager_stub.cpp delete mode 100755 services/accesstoken/main/sa_profile/3503.xml delete mode 100644 services/accesstoken/main/sa_profile/BUILD.gn diff --git a/services/accesstoken/BUILD.gn b/services/accesstoken/BUILD.gn deleted file mode 100644 index a58bc6e08..000000000 --- a/services/accesstoken/BUILD.gn +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) 2021 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/ohos.gni") - -ohos_shared_library("accesstoken_manager_service") { - subsystem_name = "security" - part_name = "access_token" - - include_dirs = [ - "main/cpp/include", - "//utils/system/safwk/native/include", - "//base/security/access_token/frameworks/accesstoken", - "//base/security/access_token/interfaces/innerkits/accesstoken//main/cpp/include", - ] - - sources = [ - "main/cpp/src/accesstoken_manager_service.cpp", - "main/cpp/src/accesstoken_manager_stub.cpp", - ] - - cflags_cc = [ "-DHILOG_ENABLE" ] - - deps = [ - "//utils/native/base:utils", - ] - - external_deps = [ - "hiviewdfx_hilog_native:libhilog", - "ipc:ipc_core", - "safwk:system_ability_fwk", - "samgr_standard:samgr_proxy", - ] -} diff --git a/services/accesstoken/main/cpp/include/accesstoken_manager_service.h b/services/accesstoken/main/cpp/include/accesstoken_manager_service.h deleted file mode 100644 index 8174ae72f..000000000 --- a/services/accesstoken/main/cpp/include/accesstoken_manager_service.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ACCESSTOKEN_MANAGER_SERVICE_H -#define ACCESSTOKEN_MANAGER_SERVICE_H - -#include "accesstoken_manager_stub.h" -#include "singleton.h" -#include "iremote_object.h" -#include "system_ability.h" -#include "nocopyable.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; -class AccessTokenManagerService final : public SystemAbility, public AccessTokenManagerStub { - DECLARE_DELAYED_SINGLETON(AccessTokenManagerService); - DECLEAR_SYSTEM_ABILITY(AccessTokenManagerService); - -public: - void OnStart() override; - void OnStop() override; - - int VerifyAccesstoken(AccessTokenID tokenID, const std::string& permissionName) override; - -private: - bool Initialize() const; - - ServiceRunningState state_; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ACCESSTOKEN_MANAGER_SERVICE_H diff --git a/services/accesstoken/main/cpp/include/accesstoken_manager_stub.h b/services/accesstoken/main/cpp/include/accesstoken_manager_stub.h deleted file mode 100644 index ffcbf3d57..000000000 --- a/services/accesstoken/main/cpp/include/accesstoken_manager_stub.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ACCESSTOKEN_MANAGER_STUB_H -#define ACCESSTOKEN_MANAGER_STUB_H - -#include "i_accesstoken_manager.h" - -#include "iremote_stub.h" -#include "nocopyable.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class AccessTokenManagerStub : public IRemoteStub { -public: - AccessTokenManagerStub() = default; - virtual ~AccessTokenManagerStub() = default; - - int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override; - -private: - void VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply); - -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS -#endif // ACCESSTOKEN_MANAGER_STUB_H diff --git a/services/accesstoken/main/cpp/src/accesstoken_manager_service.cpp b/services/accesstoken/main/cpp/src/accesstoken_manager_service.cpp deleted file mode 100644 index 2b4bda109..000000000 --- a/services/accesstoken/main/cpp/src/accesstoken_manager_service.cpp +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstoken_manager_service.h" - -#include "accesstoken.h" -#include "accesstoken_log.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerService"}; -} - -const bool REGISTER_RESULT = - SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); - -AccessTokenManagerService::AccessTokenManagerService() - : SystemAbility(SA_ID_ACCESSTOKEN_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService()"); -} - -AccessTokenManagerService::~AccessTokenManagerService() -{ - ACCESSTOKEN_LOG_INFO(LABEL, "~AccessTokenManagerService()"); -} - -void AccessTokenManagerService::OnStart() -{ - if (state_ == ServiceRunningState::STATE_RUNNING) { - ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService has already started!"); - return; - } - ACCESSTOKEN_LOG_INFO(LABEL, "AccessTokenManagerService is starting"); - if (!Initialize()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); - return; - } - state_ = ServiceRunningState::STATE_RUNNING; - bool ret = Publish(DelayedSingleton::GetInstance().get()); - if (!ret) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to publish service!"); - return; - } - ACCESSTOKEN_LOG_INFO(LABEL, "Congratulations, AccessTokenManagerService start successfully!"); -} - -void AccessTokenManagerService::OnStop() -{ - ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); - state_ = ServiceRunningState::STATE_NOT_START; -} - -int AccessTokenManagerService::VerifyAccesstoken(AccessTokenID tokenID, const std::string &permissionName) -{ - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: %{public}d, permissionName: %{public}s", __func__, - tokenID, permissionName.c_str()); - return PERMISSION_GRANTED; -} - -bool AccessTokenManagerService::Initialize() const -{ - return true; -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/services/accesstoken/main/cpp/src/accesstoken_manager_stub.cpp b/services/accesstoken/main/cpp/src/accesstoken_manager_stub.cpp deleted file mode 100644 index a8b1c6cef..000000000 --- a/services/accesstoken/main/cpp/src/accesstoken_manager_stub.cpp +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstoken_manager_stub.h" - -#include "accesstoken.h" -#include "accesstoken_log.h" - -#include "ipc_skeleton.h" -#include "string_ex.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -namespace { -static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { - LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerStub" -}; -} - -int32_t AccessTokenManagerStub::OnRemoteRequest( - uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, code: %{public}d", __func__, code); - std::u16string descriptor = data.ReadInterfaceToken(); - if (descriptor != IAccessTokenManager::GetDescriptor()) { - ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); - return RET_FAILED; - } - switch (code) { - case static_cast(IAccessTokenManager::InterfaceCode::VERIFY_ACCESSTOKEN): - VerifyAccessTokenInner(data, reply); - break; - default: - return IPCObjectStub::OnRemoteRequest(code, data, reply, option); - } - return NO_ERROR; -} - -void AccessTokenManagerStub::VerifyAccessTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - int result = this->VerifyAccesstoken(tokenID, permissionName); - reply.WriteInt32(result); -} -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/services/accesstoken/main/sa_profile/3503.xml b/services/accesstoken/main/sa_profile/3503.xml deleted file mode 100755 index 622c5f8a5..000000000 --- a/services/accesstoken/main/sa_profile/3503.xml +++ /dev/null @@ -1,24 +0,0 @@ - - - - foundation - - 3503 - libaccesstoken_manager_service.z.so - true - false - 1 - - \ No newline at end of file diff --git a/services/accesstoken/main/sa_profile/BUILD.gn b/services/accesstoken/main/sa_profile/BUILD.gn deleted file mode 100644 index c199a410c..000000000 --- a/services/accesstoken/main/sa_profile/BUILD.gn +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2021 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/ohos/sa_profile/sa_profile.gni") - -ohos_sa_profile("accesstoken_sa_profile_standard") { - part_name = "access_token" - - sources = [ "3503.xml" ] -} -- Gitee From 268a4ef0f904ad8b058c8e928be21e7cad28c3ad Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 11 Jan 2022 09:50:16 +0800 Subject: [PATCH 05/51] delete config Signed-off-by: lsq --- config/base/string.json | 436 ---------------------- config/config.json | 770 --------------------------------------- config/zh_CN/string.json | 428 ---------------------- 3 files changed, 1634 deletions(-) delete mode 100644 config/base/string.json delete mode 100644 config/config.json delete mode 100644 config/zh_CN/string.json diff --git a/config/base/string.json b/config/base/string.json deleted file mode 100644 index cd352ad63..000000000 --- a/config/base/string.json +++ /dev/null @@ -1,436 +0,0 @@ -{ - "string": [ - { - "name": "ohos_id_text_font_family_regular", - "value": "sans-serif" - }, - { - "name": "ohos_id_text_font_family_medium", - "value": "HwChinese-medium" - }, - { - "name": "ohos_lab_answer_call", - "value": "Answer phone calls" - }, - { - "name": "ohos_desc_answer_call", - "value": "Allows an application to answer incoming calls." - }, - { - "name": "ohos_lab_internet", - "value": "Access Internet" - }, - { - "name": "ohos_desc_internet", - "value": "Allows an application to access the Internet." - }, - { - "name": "ohos_lab_modify_audio_settings", - "value": "Play audio" - }, - { - "name": "ohos_desc_modify_audio_settings", - "value": "Allows an application to enable or disable the audio playback channel." - }, - { - "name": "ohos_lab_read_calendar", - "value": "Read calendar information" - }, - { - "name": "ohos_desc_read_calendar", - "value": "Allows an application to read calendar information." - }, - { - "name": "ohos_lab_read_call_log", - "value": "Read call logs" - }, - { - "name": "ohos_desc_read_call_log", - "value": "Allows an application to read call logs." - }, - { - "name": "ohos_lab_read_cell_messages", - "value": "Read cell broadcast messages" - }, - { - "name": "ohos_desc_read_cell_messages", - "value": "Allows an application to read cell broadcast messages received by the device." - }, - { - "name": "ohos_lab_read_contacts", - "value": "Read Contacts" - }, - { - "name": "ohos_desc_read_contacts", - "value": "Allows an application to read Contacts." - }, - { - "name": "ohos_lab_get_telephony_state", - "value": "Read telephony information" - }, - { - "name": "ohos_desc_get_telephony_state", - "value": "Allows an application to access telephony information, including the phone number, device ID, voice mailbox, IMEI, and ICCID." - }, - { - "name": "ohos_lab_read_messages", - "value": "Read SMS/MMS messages" - }, - { - "name": "ohos_desc_read_messages", - "value": "Allows an application to read SMS/MMS messages." - }, - { - "name": "ohos_lab_receive_mms", - "value": "Receive MMS messages" - }, - { - "name": "ohos_desc_receive_mms", - "value": "Allows an application to receive MMS messages." - }, - { - "name": "ohos_lab_receive_sms", - "value": "Receive SMS messages" - }, - { - "name": "ohos_desc_receive_sms", - "value": "Allows an application to receive SMS messages." - }, - { - "name": "ohos_lab_receive_wap_messages", - "value": "Receive WAP messages" - }, - { - "name": "ohos_desc_receive_wap_messages", - "value": "Allows an application to receive WAP messages." - }, - { - "name": "ohos_lab_microphone", - "value": "Record audio" - }, - { - "name": "ohos_desc_microphone", - "value": "Allows an application to enable or disable the audio recording channel." - }, - { - "name": "ohos_lab_send_messages", - "value": "Send SMS/MMS messages" - }, - { - "name": "ohos_desc_send_messages", - "value": "Allows an application to send SMS/MMS messages." - }, - { - "name": "ohos_lab_write_calendar", - "value": "Add/Modify/Delete calendar events" - }, - { - "name": "ohos_desc_write_calendar", - "value": "Allows an application to add, modify, and delete calendar events." - }, - { - "name": "ohos_lab_write_call_log", - "value": "Add/Modify/Delete call logs" - }, - { - "name": "ohos_desc_write_call_log", - "value": "Allows an application to add, modify, and delete call logs." - }, - { - "name": "ohos_lab_write_contacts", - "value": "Add/Modify/Delete Contacts" - }, - { - "name": "ohos_desc_write_contacts", - "value": "Allows an application to add, modify, and delete Contacts." - }, - { - "name": "ohos_lab_distributed_datasync", - "value": "Obtain the device location" - }, - { - "name": "ohos_desc_distributed_datasync", - "value": "Allows a background application to obtain the device location." - }, - { - "name": "ohos_lab_manage_voicemail", - "value": "Manage the voice mailbox" - }, - { - "name": "ohos_desc_manage_voicemail", - "value": "Allows an application to manage the voice mailbox." - }, - { - "name": "ohos_lab_location_in_background", - "value": "Obtain the device location" - }, - { - "name": "ohos_desc_location_in_background", - "value": "Allows a background application to obtain the device location." - }, - { - "name": "ohos_lab_location", - "value": "Obtain the device location" - }, - { - "name": "ohos_desc_location", - "value": "Allows a foreground application to obtain the device location." - }, - { - "name": "ohos_lab_media_location", - "value": "Access location information" - }, - { - "name": "ohos_desc_media_location", - "value": "Allows an application to read the location where a photo is taken, such as the longitude and latitude." - }, - { - "name": "ohos_lab_get_network_info", - "value": "Read network information" - }, - { - "name": "ohos_desc_get_network_info", - "value": "Allows an application to obtain network information." - }, - { - "name": "ohos_lab_place_call", - "value": "Make calls" - }, - { - "name": "ohos_desc_place_call", - "value": "Allows an application to make calls without starting the dialer." - }, - { - "name": "ohos_lab_camera", - "value": "Take photos or shoot videos" - }, - { - "name": "ohos_desc_camera", - "value": "Allows an application to take photos and shoot videos." - }, - { - "name": "ohos_lab_set_network_info", - "value": "Set data network" - }, - { - "name": "ohos_desc_set_network_info", - "value": "Allows an application to set data network information." - }, - { - "name": "ohos_lab_read_media", - "value": "Read media files" - }, - { - "name": "ohos_desc_read_media", - "value": "Allows an application to read media files, such as video and audio clips and images." - }, - { - "name": "ohos_lab_write_media", - "value": "Read and write media files" - }, - { - "name": "ohos_desc_write_media", - "value": "Allows an application to read and write media files, such as video and audio clips and images." - }, - { - "name": "ohos_lab_distributed_virtualdevice", - "value": "Discover devices for multi-device collaboration" - }, - { - "name": "ohos_desc_distributed_virtualdevice", - "value": "Allows an application to discover and access other devices in multi-device collaboration." - }, - { - "name": "ohos_lab_enroll_biometric", - "value": "Manage biological features" - }, - { - "name": "ohos_desc_enroll_biometric", - "value": "Allows an application to manage biometrical features." - }, - { - "name": "ohos_lab_access_biometric", - "value": "Biometric feature authentication" - }, - { - "name": "ohos_desc_access_biometric", - "value": "Allows an application to use biometric features for authentication." - }, - { - "name": "ohos_lab_access_biometric_internal", - "value": "Biometric feature authentication for system applications" - }, - { - "name": "ohos_desc_access_biometric_internal", - "value": "Allows a system application to use biometric features for authentication." - }, - { - "name": "ohos_lab_reset_biometric_lockout", - "value": "Reset the upper limit for biometric feature authentication failures" - }, - { - "name": "ohos_desc_reset_biometric_lockout", - "value": "Allows an application to reset the maximum number of failures allowed before biometric feature authentication is locked." - }, - { - "name": "ohos_lab_set_time", - "value": "Set the system time" - }, - { - "name": "ohos_desc_set_time", - "value": "Allows an application to set the system time." - }, - { - "name": "ohos_lab_set_time_zone", - "value": "Set the system time zone" - }, - { - "name": "ohos_desc_set_time_zone", - "value": "Allows an application to set the system time zone." - }, - { - "name": "ohos_lab_download_session_manager", - "value": "Manage download sessions" - }, - { - "name": "ohos_desc_download_session_manager", - "value": "Allows an application to manage download sessions." - }, - { - "name": "ohos_lab_commonevent_sticky", - "value": "Sticky common events" - }, - { - "name": "ohos_desc_commonevent_sticky", - "value": "Allows an application to publish sticky common events." - }, - { - "name": "ohos_lab_manage_local_accounts", - "value": "Manage local accounts" - }, - { - "name": "ohos_desc_manage_local_accounts", - "value": "Allows an application to add, delete, modify, and query local accounts." - }, - { - "name": "ohos_lab_interact_across_local_accounts", - "value": "Multi-account mutual access" - }, - { - "name": "ohos_desc_interact_across_local_accounts", - "value": "Allows an application to access accounts of other applications." - }, - { - "name": "ohos_lab_vibrate", - "value": "Vibrate" - }, - { - "name": "ohos_desc_vibrate", - "value": "Allows an application to use the vibrator." - }, - { - "name": "ohos_lab_activity_motion", - "value": "Read workout status" - }, - { - "name": "ohos_desc_activity_motion", - "value": "Allows an application to read the workout status of the user." - }, - { - "name": "ohos_lab_read_health_data", - "value": "Read health data" - }, - { - "name": "ohos_desc_read_health_data", - "value": "Allows an application to read the health data of the user." - }, - { - "name": "ohos_lab_connect_ime_ability", - "value": "Bind to the input method framework" - }, - { - "name": "ohos_desc_connect_ime_ability", - "value": "Allows an application to be invoked by the input method framework." - }, - { - "name": "ohos_lab_set_wallpaper", - "value": "Set static wallpapers" - }, - { - "name": "ohos_desc_set_wallpaper", - "value": "Allows an application to set a static wallpaper." - }, - { - "name": "ohos_lab_get_wallpaper", - "value": "Read wallpaper files" - }, - { - "name": "ohos_desc_get_wallpaper", - "value": "Allows an application to read wallpaper files." - }, - { - "name": "ohos_lab_interact_across_local_accounts_extension", - "value": "Multi-account access extension" - }, - { - "name": "ohos_desc_interact_across_local_accounts_extension", - "value": "Allows an application to set the attributes of applications of other users." - }, - { - "name": "ohos_lab_accelerometer", - "value": "Read acceleration sensor data" - }, - { - "name": "ohos_desc_accelerometer", - "value": "Allows an application to read data from an acceleration sensor." - }, - { - "name": "ohos_lab_gyroscope", - "value": "Read gyroscope sensor data" - }, - { - "name": "ohos_desc_gyroscope", - "value": "Allows an application to read data from a gyroscope sensor." - }, - { - "name": "ohos_lab_set_telephony_state", - "value": "Set telephony state" - }, - { - "name": "ohos_desc_set_telephony_state", - "value": "Allows an application to set the telephony state, for example, to enable or disable the airplane mode, and change the network mode." - }, - { - "name": "ohos_lab_bundle_active_info", - "value": "Query application running time" - }, - { - "name": "ohos_desc_bundle_active_info", - "value": "Allows a system application or privileged application to obtain how long other applications have been running in the foreground or background." - }, - { - "name": "ohos_lab_publish_agent_reminder", - "value": "Agent-powered reminder" - }, - { - "name": "ohos_desc_publish_agent_reminder", - "value": "Allows an application to use agent-powered reminders." - }, - { - "name": "ohos_lab_control_task_sync_animator", - "value": "Sync task animation" - }, - { - "name": "ohos_desc_control_task_sync_animator", - "value": "Allows an application to use sync task animations." - }, - { - "name": "ohos_lab_notification_controller", - "value": "System interfaces" - }, - { - "name": "ohos_desc_notification_controller", - "value": "Allows an application to use notification management interfaces." - } - ] -} \ No newline at end of file diff --git a/config/config.json b/config/config.json deleted file mode 100644 index a3737ed91..000000000 --- a/config/config.json +++ /dev/null @@ -1,770 +0,0 @@ -{ - "app": { - "bundleName": "ohos.global.systemres", - "vendor": "ohos", - "version": { - "code": 1, - "name": "1.0.0.1" - }, - "apiVersion": { - "compatible": 3, - "target": 3 - } - }, - "deviceConfig": { - "default": { - } - }, - "module": { - "package": "ohos.global.systemres", - "deviceType": [ - "default", - "tv", - "car", - "wearable" - ], - "distro": { - "deliveryWithInstall": true, - "moduleName": "entry", - "moduleType": "entry" - }, - "definePermissions": [ - { - "name": "ohos.permission.ANSWER_CALL", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_answer_call", - "description": "$string:ohos_desc_answer_call" - }, - { - "name": "ohos.permission.USE_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.DISCOVER_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INTERNET", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_internet", - "description": "$string:ohos_desc_internet" - }, - { - "name": "ohos.permission.MODIFY_AUDIO_SETTINGS", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_modify_audio_settings", - "description": "$string:ohos_desc_modify_audio_settings" - }, - { - "name": "ohos.permission.READ_CALENDAR", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_calendar", - "description": "$string:ohos_desc_read_calendar" - }, - { - "name": "ohos.permission.READ_CALL_LOG", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_call_log", - "description": "$string:ohos_desc_read_call_log" - }, - { - "name": "ohos.permission.READ_CELL_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_cell_messages", - "description": "$string:ohos_desc_read_cell_messages" - }, - { - "name": "ohos.permission.READ_CONTACTS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_contacts", - "description": "$string:ohos_desc_read_contacts" - }, - { - "name": "ohos.permission.GET_TELEPHONY_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_telephony_state", - "description": "$string:ohos_desc_get_telephony_state" - }, - { - "name": "ohos.permission.READ_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_messages", - "description": "$string:ohos_desc_read_messages" - }, - { - "name": "ohos.permission.RECEIVE_MMS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_mms", - "description": "$string:ohos_desc_receive_mms" - }, - { - "name": "ohos.permission.RECEIVE_SMS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_sms", - "description": "$string:ohos_desc_receive_sms" - }, - { - "name": "ohos.permission.RECEIVE_WAP_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_wap_messages", - "description": "$string:ohos_desc_receive_wap_messages" - }, - { - "name": "ohos.permission.MICROPHONE", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_microphone", - "description": "$string:ohos_desc_microphone" - }, - { - "name": "ohos.permission.SEND_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_send_messages", - "description": "$string:ohos_desc_send_messages" - }, - { - "name": "ohos.permission.WRITE_CALENDAR", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_calendar", - "description": "$string:ohos_desc_write_calendar" - }, - { - "name": "ohos.permission.WRITE_CALL_LOG", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_call_log", - "description": "$string:ohos_desc_write_call_log" - }, - { - "name": "ohos.permission.WRITE_CONTACTS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_contacts", - "description": "$string:ohos_desc_write_contacts" - }, - { - "name": "ohos.permission.DISTRIBUTED_DATASYNC", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_distributed_datasync", - "description": "$string:ohos_desc_distributed_datasync" - }, - { - "name": "ohos.permission.MANAGE_VOICEMAIL", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_manage_voicemail", - "description": "$string:ohos_desc_manage_voicemail" - }, - { - "name": "ohos.permission.REQUIRE_FORM", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.LOCATION_IN_BACKGROUND", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_location_in_background", - "description": "$string:ohos_desc_location_in_background" - }, - { - "name": "ohos.permission.LOCATION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_location", - "description": "$string:ohos_desc_location" - }, - { - "name": "ohos.permission.MEDIA_LOCATION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_media_location", - "description": "$string:ohos_desc_media_location" - }, - { - "name": "ohos.permission.GET_NETWORK_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_network_info", - "description": "$string:ohos_desc_get_network_info" - }, - { - "name": "ohos.permission.PLACE_CALL", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_place_call", - "description": "$string:ohos_desc_place_call" - }, - { - "name": "ohos.permission.CAMERA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_camera", - "description": "$string:ohos_desc_camera" - }, - { - "name": "ohos.permission.SET_NETWORK_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_network_info", - "description": "$string:ohos_desc_set_network_info" - }, - { - "name": "ohos.permission.REMOVE_CACHE_FILES", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.READ_MEDIA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_read_media", - "description": "$string:ohos_desc_read_media" - }, - { - "name": "ohos.permission.REBOOT", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.RUNNING_LOCK", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.WRITE_MEDIA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_write_media", - "description": "$string:ohos_desc_write_media" - }, - { - "name": "com.huawei.permission.DISTRIBUTED_VIRTUALDEVICE", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_distributed_virtualdevice", - "description": "$string:ohos_desc_distributed_virtualdevice" - }, - { - "name": "ohos.permission.ENROLL_BIOMETRIC", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_enroll_biometric", - "description": "$string:ohos_desc_enroll_biometric" - }, - { - "name": "ohos.permission.ACCESS_BIOMETRIC", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_access_biometric", - "description": "$string:ohos_desc_access_biometric" - }, - { - "name": "ohos.permission.ACCESS_BIOMETRIC_INTERNAL", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_access_biometric_internal", - "description": "$string:ohos_desc_access_biometric_internal" - }, - { - "name": "ohos.permission.RESET_BIOMETRIC_LOCKOUT", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_reset_biometric_lockout", - "description": "$string:ohos_desc_reset_biometric_lockout" - }, - { - "name": "ohos.permission.SET_TIME", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_time", - "description": "$string:ohos_desc_set_time" - }, - { - "name": "ohos.permission.SET_TIME_ZONE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_time_zone", - "description": "$string:ohos_desc_set_time_zone" - }, - { - "name": "ohos.permission.DOWNLOAD_SESSION_MANAGER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_download_session_manager", - "description": "$string:ohos_desc_download_session_manager" - }, - { - "name": "ohos.permission.COMMONEVENT_STICKY", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_commonevent_sticky", - "description": "$string:ohos_desc_commonevent_sticky" - }, - { - "name": "ohos.permission.SYSTEM_FLOAT_WINDOW", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.POWER_MANAGER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REFRESH_USER_ACTION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.POWER_OPTIMIZATION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REBOOT_RECOVERY", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_LOCAL_ACCOUNTS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_manage_local_accounts", - "description": "$string:ohos_desc_manage_local_accounts" - }, - { - "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_interact_across_local_accounts", - "description": "$string:ohos_desc_interact_across_local_accounts" - }, - { - "name": "ohos.permission.VIBRATE", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_vibrate", - "description": "$string:ohos_desc_vibrate" - }, - { - "name": "ohos.permission.ACTIVITY_MOTION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_activity_motion", - "description": "$string:ohos_desc_activity_motion" - }, - { - "name": "ohos.permission.READ_HEALTH_DATA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_health_data", - "description": "$string:ohos_desc_read_health_data" - }, - { - "name": "ohos.permission.CONNECT_IME_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_connect_ime_ability", - "description": "$string:ohos_desc_connect_ime_ability" - }, - { - "name": "ohos.permission.CONNECT_SCREEN_SAVER_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.READ_SCREEN_SAVER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.WRITE_SCREEN_SAVER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.SET_WALLPAPER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_wallpaper", - "description": "$string:ohos_desc_set_wallpaper" - }, - { - "name": "ohos.permission.GET_WALLPAPER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_wallpaper", - "description": "$string:ohos_desc_get_wallpaper" - }, - { - "name": "ohos.permission.CHANGE_ABILITY_ENABLED_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.ACCESS_MISSIONS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.KEEP_BACKGROUND_RUNNING", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.UPDATE_CONFIGURATION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_interact_across_local_accounts_extension", - "description": "$string:ohos_desc_interact_across_local_accounts_extension" - }, - { - "name": "ohos.permission.LISTEN_BUNDLE_CHANGE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.ACCELEROMETER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_accelerometer", - "description": "$string:ohos_desc_accelerometer" - }, - { - "name": "ohos.permission.GYROSCOPE", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_gyroscope", - "description": "$string:ohos_desc_gyroscope" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INSTALL_BUNDLE", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_SHORTCUTS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.radio.ACCESS_FM_AM", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.SET_TELEPHONY_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_telephony_state", - "description": "$string:ohos_desc_set_telephony_state" - }, - { - "name": "ohos.permission.START_ABILIIES_FROM_BACKGROUND", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.BUNDLE_ACTIVE_INFO", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_bundle_active_info", - "description": "$string:ohos_desc_bundle_active_info" - }, - { - "name": "ohos.permission.START_INVISIBLE_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.sec.ACCESS_UDID", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.LAUNCH_DATA_PRIVACY_CENTER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_MEDIA_RESOURCES", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.PUBLISH_AGENT_REMINDER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_publish_agent_reminder", - "description": "$string:ohos_desc_publish_agent_reminder" - }, - { - "name": "ohos.permission.CONTROL_TASK_SYNC_ANIMATOR", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_control_task_sync_animator", - "description": "$string:ohos_desc_control_task_sync_animator" - }, - { - "name": "ohos.permission.INPUT_MONITORING", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_MISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.NOTIFICATION_CONTROLLER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_notification_controller", - "description": "$string:ohos_desc_notification_controller" - }, - { - "name": "ohos.permission.CONNECTIVITY_INTERNAL", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - } - ] - } -} diff --git a/config/zh_CN/string.json b/config/zh_CN/string.json deleted file mode 100644 index 5f0134df3..000000000 --- a/config/zh_CN/string.json +++ /dev/null @@ -1,428 +0,0 @@ -{ - "string": [ - { - "name": "ohos_lab_answer_call", - "value": "绰" - }, - { - "name": "ohos_desc_answer_call", - "value": "Ӧý绰" - }, - { - "name": "ohos_lab_internet", - "value": "" - }, - { - "name": "ohos_desc_internet", - "value": "Ӧ÷硣" - }, - { - "name": "ohos_lab_modify_audio_settings", - "value": "Ƶ" - }, - { - "name": "ohos_desc_modify_audio_settings", - "value": "Ӧô򿪻رղͨ·" - }, - { - "name": "ohos_lab_read_calendar", - "value": "ȡ" - }, - { - "name": "ohos_desc_read_calendar", - "value": "Ӧöȡ" - }, - { - "name": "ohos_lab_read_call_log", - "value": "ȡͨ¼" - }, - { - "name": "ohos_desc_read_call_log", - "value": "Ӧöȡ豸ϵͨ¼Ϣ" - }, - { - "name": "ohos_lab_read_cell_messages", - "value": "ȡС㲥" - }, - { - "name": "ohos_desc_read_cell_messages", - "value": "Ӧöȡ豸յС㲥Ϣ" - }, - { - "name": "ohos_lab_read_contacts", - "value": "ȡͨѶ¼" - }, - { - "name": "ohos_desc_read_contacts", - "value": "Ӧöȡ豸ϴ洢ϵϢ" - }, - { - "name": "ohos_lab_get_telephony_state", - "value": "ȡ绰Ϣ" - }, - { - "name": "ohos_desc_get_telephony_state", - "value": "Ӧ÷豸ı롢豸ID䡢IMEIICCIDϢ" - }, - { - "name": "ohos_lab_read_messages", - "value": "ȡ̲" - }, - { - "name": "ohos_desc_read_messages", - "value": "Ӧöȡ豸յĶ̲Ϣ" - }, - { - "name": "ohos_lab_receive_mms", - "value": "ղ" - }, - { - "name": "ohos_desc_receive_mms", - "value": "Ӧýղš" - }, - { - "name": "ohos_lab_receive_sms", - "value": "ն" - }, - { - "name": "ohos_desc_receive_sms", - "value": "Ӧýնš" - }, - { - "name": "ohos_lab_receive_wap_messages", - "value": "WAPϢ" - }, - { - "name": "ohos_desc_receive_wap_messages", - "value": "ӦýWAPϢ" - }, - { - "name": "ohos_lab_microphone", - "value": "¼Ƶ" - }, - { - "name": "ohos_desc_microphone", - "value": "Ӧô򿪻ر¼ͨ·" - }, - { - "name": "ohos_lab_send_messages", - "value": "Ͷ̲" - }, - { - "name": "ohos_desc_send_messages", - "value": "Ӧ÷Ͷ̲š" - }, - { - "name": "ohos_lab_write_calendar", - "value": "½/޸/ɾ" - }, - { - "name": "ohos_desc_write_calendar", - "value": "Ӧ½/޸/ɾ" - }, - { - "name": "ohos_lab_write_call_log", - "value": "½/޸/ɾͨ¼" - }, - { - "name": "ohos_desc_write_call_log", - "value": "Ӧ½/޸/ɾ豸ϵͨ¼Ϣ" - }, - { - "name": "ohos_lab_write_contacts", - "value": "½/޸/ɾͨѶ¼" - }, - { - "name": "ohos_desc_write_contacts", - "value": "Ӧ½/޸/ɾ豸ϴ洢ϵϢ" - }, - { - "name": "ohos_lab_distributed_datasync", - "value": "ͬ豸ݽ" - }, - { - "name": "ohos_desc_distributed_datasync", - "value": "ӦԶ豸ûݣͼƬ֡ƵӦݵȣ" - }, - { - "name": "ohos_lab_manage_voicemail", - "value": "" - }, - { - "name": "ohos_desc_manage_voicemail", - "value": "Ӧù䡣" - }, - { - "name": "ohos_lab_location_in_background", - "value": "λȨ" - }, - { - "name": "ohos_desc_location_in_background", - "value": "Ӧں̨ʱȡλϢ" - }, - { - "name": "ohos_lab_location", - "value": "λȨ" - }, - { - "name": "ohos_desc_location", - "value": "Ӧǰ̨ʱȡλϢ" - }, - { - "name": "ohos_lab_media_location", - "value": "Ӧ÷λ" - }, - { - "name": "ohos_desc_media_location", - "value": "Ӧ÷ûýļеλϢ羭γϢҪȨޡ" - }, - { - "name": "ohos_lab_get_network_info", - "value": "ȡϢ" - }, - { - "name": "ohos_desc_get_network_info", - "value": "ӦûȡϢ" - }, - { - "name": "ohos_lab_place_call", - "value": "绰" - }, - { - "name": "ohos_desc_place_call", - "value": "ӦֱӲ绰" - }, - { - "name": "ohos_lab_camera", - "value": "Ƭ¼Ƶ" - }, - { - "name": "ohos_desc_camera", - "value": "ӦƬƵ" - }, - { - "name": "ohos_lab_set_network_info", - "value": "" - }, - { - "name": "ohos_desc_set_network_info", - "value": "Ӧ硣" - }, - { - "name": "ohos_lab_read_media", - "value": "Ӧöȡýļ" - }, - { - "name": "ohos_desc_read_media", - "value": "Ӧ÷ûýļƵƵͼƬȣҪȨޡ" - }, - { - "name": "ohos_lab_write_media", - "value": "Ӧöдýļ" - }, - { - "name": "ohos_desc_write_media", - "value": "ӦöдûýļƵƵͼƬȣҪȨޡ" - }, - { - "name": "ohos_lab_distributed_virtualdevice", - "value": "ֶ֧豸Эͬ豸" - }, - { - "name": "ohos_desc_distributed_virtualdevice", - "value": "Ӧ÷ֲ豸Աж豸Эͬ" - }, - { - "name": "ohos_lab_enroll_biometric", - "value": "" - }, - { - "name": "ohos_desc_enroll_biometric", - "value": "Ӧù" - }, - { - "name": "ohos_lab_access_biometric", - "value": "ʹ֤" - }, - { - "name": "ohos_desc_access_biometric", - "value": "Ӧʹ֤" - }, - { - "name": "ohos_lab_access_biometric_internal", - "value": "ϵͳӦʹ֤" - }, - { - "name": "ohos_desc_access_biometric_internal", - "value": "Ӧʹ֤" - }, - { - "name": "ohos_lab_reset_biometric_lockout", - "value": "֤ʧܼ" - }, - { - "name": "ohos_desc_reset_biometric_lockout", - "value": "Ӧ֤ʧܵļ" - }, - { - "name": "ohos_lab_set_time", - "value": "޸ϵͳʱ" - }, - { - "name": "ohos_desc_set_time", - "value": "Ӧ޸ϵͳʱ䡣" - }, - { - "name": "ohos_lab_set_time_zone", - "value": "޸ϵͳʱ" - }, - { - "name": "ohos_desc_set_time_zone", - "value": "Ӧ޸ϵͳʱ" - }, - { - "name": "ohos_lab_download_session_manager", - "value": "Ự" - }, - { - "name": "ohos_desc_download_session_manager", - "value": "ӦùỰ" - }, - { - "name": "ohos_lab_commonevent_sticky", - "value": "ճԹ¼" - }, - { - "name": "ohos_desc_commonevent_sticky", - "value": "Ӧ÷ճԹ¼" - }, - { - "name": "ohos_lab_manage_local_accounts", - "value": "˻" - }, - { - "name": "ohos_desc_manage_local_accounts", - "value": "ӦöԱ˻ɾIJ顣" - }, - { - "name": "ohos_lab_interact_across_local_accounts", - "value": "˻໥" - }, - { - "name": "ohos_desc_interact_across_local_accounts", - "value": "˺֮໥ʡ" - }, - { - "name": "ohos_lab_vibrate", - "value": "ʹ" - }, - { - "name": "ohos_desc_vibrate", - "value": "Ӧóʹ񶯡" - }, - { - "name": "ohos_lab_activity_motion", - "value": "ȡû˶״̬" - }, - { - "name": "ohos_desc_activity_motion", - "value": "Ӧóȡû˶״̬" - }, - { - "name": "ohos_lab_read_health_data", - "value": "ȡûĽ" - }, - { - "name": "ohos_desc_read_health_data", - "value": "ӦóȡûĽݡ" - }, - { - "name": "ohos_lab_connect_ime_ability", - "value": "뷨Ӧ" - }, - { - "name": "ohos_desc_connect_ime_ability", - "value": "뷨ܿôȨ޵档" - }, - { - "name": "ohos_lab_set_wallpaper", - "value": "þֽ̬" - }, - { - "name": "ohos_desc_set_wallpaper", - "value": "Ӧþֽ̬" - }, - { - "name": "ohos_lab_get_wallpaper", - "value": "ȡֽļ" - }, - { - "name": "ohos_desc_get_wallpaper", - "value": "Ӧöȡֽļ" - }, - { - "name": "ohos_lab_interact_across_local_accounts_extension", - "value": "˻չ" - }, - { - "name": "ohos_desc_interact_across_local_accounts_extension", - "value": "ӦÿźöӦõԽá" - }, - { - "name": "ohos_lab_accelerometer", - "value": "ȡٶȴ" - }, - { - "name": "ohos_desc_accelerometer", - "value": "Ӧóȡٶȴݡ" - }, - { - "name": "ohos_lab_gyroscope", - "value": "ȡǴ" - }, - { - "name": "ohos_desc_gyroscope", - "value": "ӦóȡǴݡ" - }, - { - "name": "ohos_lab_set_telephony_state", - "value": "õ绰Ϣ" - }, - { - "name": "ohos_desc_set_telephony_state", - "value": "Ӧ޸telephony״̬翪رշģʽ޸ģʽȡ" - }, - { - "name": "ohos_lab_bundle_active_info", - "value": "ѯӦǰ̨̨ʱ" - }, - { - "name": "ohos_desc_bundle_active_info", - "value": "ϵͳ/ȨӦòѯӦǰ̨̨ʱ䡣" - }, - { - "name": "ohos_lab_publish_agent_reminder", - "value": "" - }, - { - "name": "ohos_desc_publish_agent_reminder", - "value": "Ӧʹų́ѡ" - }, - { - "name": "ohos_lab_control_task_sync_animator", - "value": "ͬ" - }, - { - "name": "ohos_desc_control_task_sync_animator", - "value": "Ӧʹͬ" - }, - { - "name": "ohos_lab_notification_controller", - "value": "ϵͳӿ" - }, - { - "name": "ohos_desc_notification_controller", - "value": "Ӧʹ֪ͨӿڡ" - } - ] -} -- Gitee From 2d87968d93ccf5a9cf2a5642252ca7b9c1932224 Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 11 Jan 2022 09:57:13 +0800 Subject: [PATCH 06/51] update Signed-off-by: lsq --- frameworks/accesstoken/accesstoken_log.h | 63 ------------------- .../accesstoken/i_accesstoken_manager.h | 44 ------------- 2 files changed, 107 deletions(-) delete mode 100644 frameworks/accesstoken/accesstoken_log.h delete mode 100644 frameworks/accesstoken/i_accesstoken_manager.h diff --git a/frameworks/accesstoken/accesstoken_log.h b/frameworks/accesstoken/accesstoken_log.h deleted file mode 100644 index 9435908dd..000000000 --- a/frameworks/accesstoken/accesstoken_log.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef ACCESSTOKEN_LOG_H -#define ACCESSTOKEN_LOG_H - -#ifdef HILOG_ENABLE - -#include "hilog/log.h" - -#ifndef __cplusplus - -#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__) - -#else - -#define ACCESSTOKEN_LOG_DEBUG(label, fmt, ...) OHOS::HiviewDFX::HiLog::Debug(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(label, fmt, ...) OHOS::HiviewDFX::HiLog::Info(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(label, fmt, ...) OHOS::HiviewDFX::HiLog::Warn(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(label, fmt, ...) OHOS::HiviewDFX::HiLog::Error(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(label, fmt, ...) OHOS::HiviewDFX::HiLog::Fatal(label, fmt, ##__VA_ARGS__) - -#endif // __cplusplus - -/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ -#undef LOG_TAG -#undef LOG_DOMAIN - -static constexpr unsigned int SECURITY_DOMAIN_ACCESSTOKEN = 0xD002F01; - -#else - -#include -#include - -/* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ -#undef LOG_TAG - -#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) - -#endif // HILOG_ENABLE - -#endif // ACCESSTOKEN_LOG_H diff --git a/frameworks/accesstoken/i_accesstoken_manager.h b/frameworks/accesstoken/i_accesstoken_manager.h deleted file mode 100644 index e3774c8a4..000000000 --- a/frameworks/accesstoken/i_accesstoken_manager.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef I_ACCESSTOKEN_MANAGER_H -#define I_ACCESSTOKEN_MANAGER_H - -#include -#include "iremote_broker.h" -#include "errors.h" - -#include "accesstoken.h" - -namespace OHOS { -namespace Security { -namespace AccessToken { -class IAccessTokenManager : public IRemoteBroker { -public: - static const int SA_ID_ACCESSTOKEN_MANAGER_SERVICE = 3503; - - DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IAccessTokennManager"); - - virtual int VerifyAccesstoken(AccessTokenID tokenID, const std::string &permissionName) = 0; - - enum class InterfaceCode { - VERIFY_ACCESSTOKEN = 0xff01, - }; -}; -} // namespace AccessToken -} // namespace Security -} // namespace OHOS - -#endif // I_ACCESSTOKEN_MANAGER_H -- Gitee From ef887f1ccb15d384eebae1f59530023480bf8e1c Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 11 Jan 2022 13:13:12 +0800 Subject: [PATCH 07/51] update readme Signed-off-by: lsq --- README.md | 39 ++++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index d3b376cb0..7e620ce5c 100644 --- a/README.md +++ b/README.md @@ -5,31 +5,30 @@ - [目录](#section119744591305) - [使用](#section137768191623) - [接口说明](#section1551164914237) - - [使用说明](#section129654513264) - [相关仓](#section1371113476307) ## 简介 ATM是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 -应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符tokenID来标识。 +应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符TokenID来标识。 ATM模块主要提供如下功能: -- 提供基于tokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限; -- 提供基于tokenID的Accestoken信息查询,应用可以根据tokenID查询自身的APL等级等信息; +- 提供基于TokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限。 +- 提供基于TokenID的Accestoken信息查询,应用可以根据tokenID查询自身的APL等级等信息。 ## 缩略词 - AT: AccessToken, 访问凭据 - ATM: AccessTokenManager, 访问凭据管理 - API: Application Programming Interface, 应用程序接口 -- APL: API Ability Privilege Level, 权限访问控制列表 +- APL: API Ability Privilege Level, 元能力权限等级 - APPID: APP identity,应用身份标识 -- tokenID: token identity,凭据身份标识 +- TokenID: Token identity,凭据身份标识 ## 目录 ``` /base/security/access_token -├── frameworks # 框架层,基础功能代码存放目录,被interfaces和services使用 +├── frameworks # 框架层,基础功能代码存放目录 │ ├── accesstoken # Accesstoken管理框架代码存放目录 │ ├── tokensync # Accesstoken信息同步框架代码存放目录 │ └── common # 框架公共代码存放目录 @@ -45,13 +44,31 @@ ATM模块主要提供如下功能: ## 使用 ### 接口说明 -### 使用说明 -1. xxxx -2. xxxx -3. xxxx +| **接口申明** | **接口描述** | +| --- | --- | +| AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | 为应用进程分配一个tokenID | +| AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | 为远端设备的应用进程分配一个本地tokenID | +| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | +| int DeleteToken(AccessTokenID tokenID); | 删除应用tokenID及其对应的tokenInfo信息 | +| int GetTokenType(AccessTokenID tokenID); | 查询指定tokenID的类型 | +| int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); | 检测指定tokenID对应的native进程是否具有指定的分布式能力 | +| AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); | 查询指定应用的tokenId | +| int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); | 查询指定tokenID对应的hap包的tokenInfo信息 | +| int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); | 查询指定tokenID对应的native的tokenInfo信息 | +| int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); | 检查指定tokenID是否具有指定权限 | +| int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); | 查询指定权限的权限定义信息 | +| int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); | 查询指定tokenID对应的hap包的权限定义集合 | +| int GetReqPermissions(AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); | 查询指定tokenID对应的hap包申请的权限状态集合 | +| int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); | 查询指定tokenID的应用的指定权限 | +| int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 授予指定tokenID的应用的指定权限 | +| int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 撤销指定tokenID的应用的指定权限 | +| int ClearUserGrantedPermissionState(AccessTokenID tokenID); | 清空指定tokenID的应用的user_grant权限状态 | ## 相关仓 安全子系统 + [startup\_init\_lite](https://gitee.com/openharmony/startup_init_lite/blob/master/README.md) + [security\_deviceauth](https://gitee.com/openharmony/security_deviceauth/blob/master/README.md) + **[security\_access\_token](https://gitee.com/openharmony-sig/security_access_token/blob/master/README.md)** \ No newline at end of file -- Gitee From b8637ea204c8c2675cfde2e6c27b3407c846ebd6 Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 11 Jan 2022 15:09:36 +0800 Subject: [PATCH 08/51] update readme Signed-off-by: lsq --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7e620ce5c..5f1f8080b 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,10 @@ ## 简介 -ATM是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 +ATM(AccessTokenManager)是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 + 应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符TokenID来标识。 + ATM模块主要提供如下功能: - 提供基于TokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限。 - 提供基于TokenID的Accestoken信息查询,应用可以根据tokenID查询自身的APL等级等信息。 @@ -19,7 +21,6 @@ ATM模块主要提供如下功能: ## 缩略词 - AT: AccessToken, 访问凭据 - ATM: AccessTokenManager, 访问凭据管理 -- API: Application Programming Interface, 应用程序接口 - APL: API Ability Privilege Level, 元能力权限等级 - APPID: APP identity,应用身份标识 - TokenID: Token identity,凭据身份标识 @@ -35,6 +36,7 @@ ATM模块主要提供如下功能: ├── interfaces # 接口层 │ └── innerkits # 内部接口层 │ ├── accesstoken # Accesstoken内部接口代码存放目录 +│ ├── accesstoken_lib # Accesstoken_lib内部接口代码存放目录 │ └── tokensync # Accesstoken信息同步内部接口代码存放目录 └── services # 服务层 ├── accesstokenmanager # Accesstoken管理服务代码存放目录 -- Gitee From 67a2c601f07d5b6e7efc1fc687fdd3ca1cb154bb Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 11 Jan 2022 19:56:31 +0800 Subject: [PATCH 09/51] update readme Signed-off-by: lsq --- BUILD.gn | 4 +- README.en.md | 36 -------- README.md | 90 ++++++------------- README_zh.md | 81 +++++++++++++++++ .../innerkits/{atlib => nativetoken}/BUILD.gn | 0 .../main/include/accesstoken_lib.h | 0 .../main/include/accesstoken_log.h | 0 .../main/include/accesstokenlib_kit.h | 0 .../main/src/accesstoken_lib.c | 0 .../{atlib => nativetoken}/test/BUILD.gn | 0 .../cpp/src/accesstokenlib_kit_test.cpp | 0 .../cpp/src/accesstokenlib_kit_test.h | 0 12 files changed, 108 insertions(+), 103 deletions(-) delete mode 100644 README.en.md create mode 100644 README_zh.md rename interfaces/innerkits/{atlib => nativetoken}/BUILD.gn (100%) rename interfaces/innerkits/{atlib => nativetoken}/main/include/accesstoken_lib.h (100%) rename interfaces/innerkits/{atlib => nativetoken}/main/include/accesstoken_log.h (100%) rename interfaces/innerkits/{atlib => nativetoken}/main/include/accesstokenlib_kit.h (100%) rename interfaces/innerkits/{atlib => nativetoken}/main/src/accesstoken_lib.c (100%) rename interfaces/innerkits/{atlib => nativetoken}/test/BUILD.gn (100%) rename interfaces/innerkits/{atlib => nativetoken}/test/unittest/cpp/src/accesstokenlib_kit_test.cpp (100%) rename interfaces/innerkits/{atlib => nativetoken}/test/unittest/cpp/src/accesstokenlib_kit_test.h (100%) diff --git a/BUILD.gn b/BUILD.gn index c26997082..b9397ed3d 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -18,7 +18,7 @@ group("accesstoken_build_module") { if (is_standard_system) { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", + "//base/security/access_token/interfaces/innerkits/nativetoken:libaccesstoken_lib", "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", "//base/security/access_token/services/accesstokenmanager/main/sa_profile:accesstoken_sa_profile_standard", ] @@ -41,7 +41,7 @@ group("accesstoken_build_module_test") { if (is_standard_system) { deps += [ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", - "//base/security/access_token/interfaces/innerkits/atlib/test:unittest", + "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", ] diff --git a/README.en.md b/README.en.md deleted file mode 100644 index 11f465df9..000000000 --- a/README.en.md +++ /dev/null @@ -1,36 +0,0 @@ -# security_access_token - -#### Description -{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**} - -#### Software Architecture -Software architecture description - -#### Installation - -1. xxxx -2. xxxx -3. xxxx - -#### Instructions - -1. xxxx -2. xxxx -3. xxxx - -#### Contribution - -1. Fork the repository -2. Create Feat_xxx branch -3. Commit your code -4. Create Pull Request - - -#### Gitee Feature - -1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md -2. Gitee blog [blog.gitee.com](https://blog.gitee.com) -3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) -4. The most valuable open source project [GVP](https://gitee.com/gvp) -5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) -6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README.md b/README.md index 5f1f8080b..11f465df9 100644 --- a/README.md +++ b/README.md @@ -1,76 +1,36 @@ -# security_access_token +# security_access_token -- [简介](#section11660541593) -- [缩略词](#section161941989596) -- [目录](#section119744591305) -- [使用](#section137768191623) - - [接口说明](#section1551164914237) +#### Description +{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**} -- [相关仓](#section1371113476307) +#### Software Architecture +Software architecture description -## 简介 +#### Installation -ATM(AccessTokenManager)是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 +1. xxxx +2. xxxx +3. xxxx -应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符TokenID来标识。 +#### Instructions -ATM模块主要提供如下功能: -- 提供基于TokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限。 -- 提供基于TokenID的Accestoken信息查询,应用可以根据tokenID查询自身的APL等级等信息。 +1. xxxx +2. xxxx +3. xxxx -## 缩略词 -- AT: AccessToken, 访问凭据 -- ATM: AccessTokenManager, 访问凭据管理 -- APL: API Ability Privilege Level, 元能力权限等级 -- APPID: APP identity,应用身份标识 -- TokenID: Token identity,凭据身份标识 +#### Contribution -## 目录 +1. Fork the repository +2. Create Feat_xxx branch +3. Commit your code +4. Create Pull Request -``` -/base/security/access_token -├── frameworks # 框架层,基础功能代码存放目录 -│ ├── accesstoken # Accesstoken管理框架代码存放目录 -│ ├── tokensync # Accesstoken信息同步框架代码存放目录 -│ └── common # 框架公共代码存放目录 -├── interfaces # 接口层 -│ └── innerkits # 内部接口层 -│ ├── accesstoken # Accesstoken内部接口代码存放目录 -│ ├── accesstoken_lib # Accesstoken_lib内部接口代码存放目录 -│ └── tokensync # Accesstoken信息同步内部接口代码存放目录 -└── services # 服务层 - ├── accesstokenmanager # Accesstoken管理服务代码存放目录 - └── tokensyncmanager # Accesstoken信息同步服务代码存放目录 -``` -## 使用 -### 接口说明 +#### Gitee Feature -| **接口申明** | **接口描述** | -| --- | --- | -| AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | 为应用进程分配一个tokenID | -| AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | 为远端设备的应用进程分配一个本地tokenID | -| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | -| int DeleteToken(AccessTokenID tokenID); | 删除应用tokenID及其对应的tokenInfo信息 | -| int GetTokenType(AccessTokenID tokenID); | 查询指定tokenID的类型 | -| int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); | 检测指定tokenID对应的native进程是否具有指定的分布式能力 | -| AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); | 查询指定应用的tokenId | -| int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); | 查询指定tokenID对应的hap包的tokenInfo信息 | -| int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); | 查询指定tokenID对应的native的tokenInfo信息 | -| int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); | 检查指定tokenID是否具有指定权限 | -| int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); | 查询指定权限的权限定义信息 | -| int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); | 查询指定tokenID对应的hap包的权限定义集合 | -| int GetReqPermissions(AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); | 查询指定tokenID对应的hap包申请的权限状态集合 | -| int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); | 查询指定tokenID的应用的指定权限 | -| int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 授予指定tokenID的应用的指定权限 | -| int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 撤销指定tokenID的应用的指定权限 | -| int ClearUserGrantedPermissionState(AccessTokenID tokenID); | 清空指定tokenID的应用的user_grant权限状态 | - -## 相关仓 -安全子系统 - -[startup\_init\_lite](https://gitee.com/openharmony/startup_init_lite/blob/master/README.md) - -[security\_deviceauth](https://gitee.com/openharmony/security_deviceauth/blob/master/README.md) - -**[security\_access\_token](https://gitee.com/openharmony-sig/security_access_token/blob/master/README.md)** \ No newline at end of file +1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md +2. Gitee blog [blog.gitee.com](https://blog.gitee.com) +3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) +4. The most valuable open source project [GVP](https://gitee.com/gvp) +5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) +6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README_zh.md b/README_zh.md new file mode 100644 index 000000000..e2ae4ca90 --- /dev/null +++ b/README_zh.md @@ -0,0 +1,81 @@ +# security_access_token + +- [简介](#section11660541593) +- [目录](#section119744591305) +- [使用](#section137768191623) + - [接口说明](#section1551164914237) + - [使用说明](#section129654513264) +- [相关仓](#section1371113476307) + +## 简介 + +ATM(AccessTokenManager)是OpenHarmony上基于AccessToken构建的统一的应用权限管理能力。 + +应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL(Ability Privilege Level)等级、应用权限信息等。每个应用的Accestoken信息由一个32bits的设备内唯一标识符TokenID(Token identity)来标识。 + +ATM模块主要提供如下功能: +- 提供基于TokenID的应用权限校验机制,应用访问敏感数据或者API时可以检查是否有对应的权限。 +- 提供基于TokenID的Accestoken信息查询,应用可以根据TokenID查询自身的APL等级等信息。 + +## 目录 + +``` +/base/security/access_token +├── frameworks # 框架层,基础功能代码存放目录 +│ ├── accesstoken # Accesstoken管理框架代码存放目录 +│ ├── tokensync # Accesstoken信息同步框架代码存放目录 +│ └── common # 框架公共代码存放目录 +├── interfaces # 接口层 +│ └── innerkits # 内部接口层 +│ ├── accesstoken # Accesstoken内部接口代码存放目录 +│ ├── accesstoken_lib # Accesstoken_lib内部接口代码存放目录 +│ └── tokensync # Accesstoken信息同步内部接口代码存放目录 +└── services # 服务层 + ├── accesstokenmanager # Accesstoken管理服务代码存放目录 + └── tokensyncmanager # Accesstoken信息同步服务代码存放目录 +``` + +## 使用 +### 接口说明 + +| **接口申明** | **接口描述** | +| --- | --- | +| AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | 为应用进程分配一个tokenID | +| AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | 为远端设备的应用进程分配一个本地tokenID | +| int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | +| int DeleteToken(AccessTokenID tokenID); | 删除应用tokenID及其对应的tokenInfo信息 | +| int GetTokenType(AccessTokenID tokenID); | 查询指定tokenID的类型 | +| int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); | 检测指定tokenID对应的native进程是否具有指定的分布式能力 | +| AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); | 查询指定应用的tokenId | +| int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); | 查询指定tokenID对应的hap包的tokenInfo信息 | +| int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); | 查询指定tokenID对应的native的tokenInfo信息 | +| int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); | 检查指定tokenID是否具有指定权限 | +| int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); | 查询指定权限的权限定义信息 | +| int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); | 查询指定tokenID对应的hap包的权限定义集合 | +| int GetReqPermissions(AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); | 查询指定tokenID对应的hap包申请的权限状态集合 | +| int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); | 查询指定tokenID的应用的指定权限 | +| int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 授予指定tokenID的应用的指定权限 | +| int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); | 撤销指定tokenID的应用的指定权限 | +| int ClearUserGrantedPermissionState(AccessTokenID tokenID); | 清空指定tokenID的应用的user_grant权限状态 | +| uint64_t GetAccessTokenId(const char *processname, const char **dcap, int32_t dacpNum, const char *aplStr); | 创建获取native进程的tokenId | + +### 使用说明 +ATM提供了统一的应用权限访问控制功能,支持应用程序或者SA查询校验应用权限、APL等信息。从使用者角度,可以分为基于native进程启动的SA和应用Hap两类使用者。 + +#### native进程 +- 在native进程拉起前,需要调用GetAccessTokenId函数,获取该native进程的TokenID;再调用SetSelfTokenID将进程TokenID设置到内核中。 +- 在native进程运行过程中,可以通过调用GetNativeTokenInfo、CheckNativeDCap来查验对应进程所具备的token信息,包括分布式能力、APL等级等信息。 + +#### 应用hap +- 在应用安装时,需要调用AllocHapToken创建获取该应用的TokenID。 +- 在应用运行过程中,需要进行鉴权等操作时,可调用VerifyAccessToken、GetReqPermissions等函数查询校验应用权限、APL等信息。 +- 在应用卸载时,需要调用DeleteToken函数删除系统中管理的对应Accesstoken信息。 + +## 相关仓 +安全子系统 + +[startup\_init\_lite](https://gitee.com/openharmony/startup_init_lite/blob/master/README.md) + +[security\_deviceauth](https://gitee.com/openharmony/security_deviceauth/blob/master/README.md) + +**[security\_access\_token](https://gitee.com/openharmony-sig/security_access_token/blob/master/README.md)** \ No newline at end of file diff --git a/interfaces/innerkits/atlib/BUILD.gn b/interfaces/innerkits/nativetoken/BUILD.gn similarity index 100% rename from interfaces/innerkits/atlib/BUILD.gn rename to interfaces/innerkits/nativetoken/BUILD.gn diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_lib.h b/interfaces/innerkits/nativetoken/main/include/accesstoken_lib.h similarity index 100% rename from interfaces/innerkits/atlib/main/include/accesstoken_lib.h rename to interfaces/innerkits/nativetoken/main/include/accesstoken_lib.h diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_log.h b/interfaces/innerkits/nativetoken/main/include/accesstoken_log.h similarity index 100% rename from interfaces/innerkits/atlib/main/include/accesstoken_log.h rename to interfaces/innerkits/nativetoken/main/include/accesstoken_log.h diff --git a/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h b/interfaces/innerkits/nativetoken/main/include/accesstokenlib_kit.h similarity index 100% rename from interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h rename to interfaces/innerkits/nativetoken/main/include/accesstokenlib_kit.h diff --git a/interfaces/innerkits/atlib/main/src/accesstoken_lib.c b/interfaces/innerkits/nativetoken/main/src/accesstoken_lib.c similarity index 100% rename from interfaces/innerkits/atlib/main/src/accesstoken_lib.c rename to interfaces/innerkits/nativetoken/main/src/accesstoken_lib.c diff --git a/interfaces/innerkits/atlib/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn similarity index 100% rename from interfaces/innerkits/atlib/test/BUILD.gn rename to interfaces/innerkits/nativetoken/test/BUILD.gn diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp similarity index 100% rename from interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp rename to interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h b/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.h similarity index 100% rename from interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h rename to interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.h -- Gitee From e05a8e4026eda56dbb143b123b7e455a614c93eb Mon Sep 17 00:00:00 2001 From: lsq Date: Wed, 12 Jan 2022 12:07:33 +0800 Subject: [PATCH 10/51] update readme Signed-off-by: lsq --- README.md | 37 +------------------------------------ 1 file changed, 1 insertion(+), 36 deletions(-) diff --git a/README.md b/README.md index 11f465df9..9ef56a6a2 100644 --- a/README.md +++ b/README.md @@ -1,36 +1 @@ -# security_access_token - -#### Description -{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**} - -#### Software Architecture -Software architecture description - -#### Installation - -1. xxxx -2. xxxx -3. xxxx - -#### Instructions - -1. xxxx -2. xxxx -3. xxxx - -#### Contribution - -1. Fork the repository -2. Create Feat_xxx branch -3. Commit your code -4. Create Pull Request - - -#### Gitee Feature - -1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md -2. Gitee blog [blog.gitee.com](https://blog.gitee.com) -3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) -4. The most valuable open source project [GVP](https://gitee.com/gvp) -5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) -6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) +An english translation is now being prepared. \ No newline at end of file -- Gitee From 95e90fbbcd165e23a962eeb343377c69e42f8590 Mon Sep 17 00:00:00 2001 From: lsq Date: Thu, 13 Jan 2022 10:24:55 +0800 Subject: [PATCH 11/51] Signed-off-by: huadongqin Change-Id: I35ccad6dcd68f1ec3b0c6c2a66bc1afc2c7713de Signed-off-by: lsq --- BUILD.gn | 2 + interfaces/innerkits/token_setproc/BUILD.gn | 44 +++++++ .../token_setproc/include/token_setproc.h | 37 ++++++ .../token_setproc/src/token_setproc.c | 114 ++++++++++++++++++ .../innerkits/token_setproc/test/BUILD.gn | 43 +++++++ .../cpp/src/tokensetproc_kit_test.cpp | 33 +++++ .../unittest/cpp/src/tokensetproc_kit_test.h | 35 ++++++ 7 files changed, 308 insertions(+) create mode 100644 interfaces/innerkits/token_setproc/BUILD.gn create mode 100644 interfaces/innerkits/token_setproc/include/token_setproc.h create mode 100644 interfaces/innerkits/token_setproc/src/token_setproc.c create mode 100644 interfaces/innerkits/token_setproc/test/BUILD.gn create mode 100644 interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp create mode 100644 interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h diff --git a/BUILD.gn b/BUILD.gn index b9397ed3d..1a7fc27f6 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -19,6 +19,7 @@ group("accesstoken_build_module") { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "//base/security/access_token/interfaces/innerkits/nativetoken:libaccesstoken_lib", + "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", "//base/security/access_token/services/accesstokenmanager/main/sa_profile:accesstoken_sa_profile_standard", ] @@ -43,6 +44,7 @@ group("accesstoken_build_module_test") { "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", + "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", ] } diff --git a/interfaces/innerkits/token_setproc/BUILD.gn b/interfaces/innerkits/token_setproc/BUILD.gn new file mode 100644 index 000000000..a214169fd --- /dev/null +++ b/interfaces/innerkits/token_setproc/BUILD.gn @@ -0,0 +1,44 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +################################################################ +# C, Main, source file here. +################################################################ +config("token_setproc") { + visibility = [ ":*" ] + include_dirs = [ "include" ] +} + +ohos_static_library("libtoken_setproc") { + subsystem_name = "security" + part_name = "access_token" + + output_name = "libtoken_setproc" + + public_configs = [ ":token_setproc" ] + + cflags = [ "-Wall" ] + + include_dirs = [ + "include", + "src", + ] + + sources = [ + "src/token_setproc.c", + ] + + deps = [] +} diff --git a/interfaces/innerkits/token_setproc/include/token_setproc.h b/interfaces/innerkits/token_setproc/include/token_setproc.h new file mode 100644 index 000000000..f95ae7147 --- /dev/null +++ b/interfaces/innerkits/token_setproc/include/token_setproc.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#ifndef TOKEN_setproc_H +#define TOKEN_setproc_H +#include + +#ifdef __cplusplus +extern "C"{ +#endif + +uint64_t GetSelfTokenID(); + +int SetSelfTokenID(uint64_t tokenID); + +uint64_t GetFirstCallerTokenID(); + +int SetFirstCallerTokenID(uint64_t tokenID); + +#ifdef __cplusplus +} +#endif + +#endif \ No newline at end of file diff --git a/interfaces/innerkits/token_setproc/src/token_setproc.c b/interfaces/innerkits/token_setproc/src/token_setproc.c new file mode 100644 index 000000000..59420d191 --- /dev/null +++ b/interfaces/innerkits/token_setproc/src/token_setproc.c @@ -0,0 +1,114 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_setproc.h" +#include +#include +#include +#include +#include + +#define ACCESS_TOKEN_ID_IOCTL_BASE 'A' + +enum { + GET_TOKEN_ID = 1, + SET_TOKEN_ID, + GET_FTOKEN_ID, + SET_FTOKEN_ID, + ACCESS_TOKENID_MAX_NR, +}; + +#define ACCESS_TOKENID_GET_TOKENID \ + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE,GET_TOKEN_ID,unsigned long long) +#define ACCESS_TOKENID_SET_TOKENID \ + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE,SET_TOKEN_ID,unsigned long long) +#define ACCESS_TOKENID_GET_FTOKENID\ + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE,GET_FTOKEN_ID,unsigned long long) +#define ACCESS_TOKENID_SET_FTOKENID \ + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE,SET_FTOKEN_ID,unsigned long long) + +#define ACCESS_TOKEN_OK 0 +#define ACCESS_TOKEN_ERROR (-1) + +#define INVAL_TOKEN_ID 0x0 +#define TOKEN_ID_LOWMASK 0xffffffff + +#define TOKENID_DEVNODE "/dev/access_token_id" + +uint64_t GetSelfTokenID() +{ + uint64_t token = INVAL_TOKEN_ID; + int fd = open(TOKENID_DEVNODE,O_RDWR); + if (fd < 0) { + return INVAL_TOKEN_ID; + } + int ret =ioctl(fd,ACCESS_TOKENID_GET_TOKENID,&token); + if (ret) { + close(fd); + return INVAL_TOKEN_ID; + } + + close(fd); + return token; +} + +int SetSelfTokenID(uint64_t tokenID) +{ + int fd = open(TOKENID_DEVNODE,O_RDWR); + if (fd < 0) { + return ACCESS_TOKEN_ERROR; + } + int ret = ioctl(fd,ACCESS_TOKENID_SET_TOKENID,&tokenID); + if (ret) { + close(fd); + return ACCESS_TOKEN_ERROR; + } + + close(fd); + return ACCESS_TOKEN_OK; +} + +uint64_t GetFirstCallerTokenID() +{ + uint64_t token = INVAL_TOKEN_ID; + int fd = open(TOKENID_DEVNODE,O_RDWR); + if (fd < 0) { + return INVAL_TOKEN_ID; + } + int ret = ioctl(fd,ACCESS_TOKENID_GET_FTOKENID,&token); + if (ret) { + close(fd); + return INVAL_TOKEN_ID; + } + + close(fd); + return token; +} + +int SetFirstCallerTokenID(uint64_t tokenID) +{ + int fd = open(TOKENID_DEVNODE,O_RDWR); + if (fd < 0) { + return ACCESS_TOKEN_ERROR; + } + int ret = ioctl(fd,ACCESS_TOKENID_SET_FTOKENID,&tokenID); + if (ret) { + close(fd); + return ACCESS_TOKEN_ERROR; + } + + close(fd); + return ACCESS_TOKEN_OK; +} \ No newline at end of file diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn new file mode 100644 index 000000000..de0c63587 --- /dev/null +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -0,0 +1,43 @@ +# Copyright (C) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +ohos_unittest("libtoken_setproc_test") { + subsystem_name = "security" + part_name = "access_token" + module_out_path = part_name + "/" + part_name + + include_dirs = [ + "//base/security/access_token/interfaces/innerkits/token_setproc/include", + ] + + sources = [ + "unittest/cpp/src/tokensetproc_kit_test.cpp", + ] + + cflags_cc = [ "-fexceptions" ] + + deps = [ + "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "//third_party/googletest:gmock", + "//third_party/googletest:gtest", + ] +} + +group("unittest") { + testonly = true + deps = [ + ":libtoken_setproc_test", + ] +} diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp new file mode 100644 index 000000000..4463b0954 --- /dev/null +++ b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensetproc_kit_test.h" + +#include "token_setproc.h" + +using namespace testing::ext; +using namespace OHOS::Security; + +void TokensetprocKitTest::SetUpTestCase() +{} + +void TokensetprocKitTest::TearDownTestCase() +{} + +void TokensetprocKitTest::SetUp() +{} + +void TokensetprocKitTest::TearDown() +{} \ No newline at end of file diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h new file mode 100644 index 000000000..c215f7a96 --- /dev/null +++ b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_KIT_TEST_H +#define TOKENSYNC_KIT_TEST_H + +#include + +namespace OHOS { +namespace Security { +class TokensetprocKitTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace Security +} // namespace OHOS +#endif \ No newline at end of file -- Gitee From ac3cdec4b227e4bc31f67495af0f45d52aa2232b Mon Sep 17 00:00:00 2001 From: huadongqin Date: Thu, 13 Jan 2022 10:39:27 +0800 Subject: [PATCH 12/51] Signed-off-by: huadongqin Change-Id: I35ccad6dcd68f1ec3b0c6c2a66bc1afc2c7713de --- BUILD.gn | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/BUILD.gn b/BUILD.gn index 1a7fc27f6..d0e402760 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -43,13 +43,12 @@ group("accesstoken_build_module_test") { deps += [ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", - "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", + "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", ] } } - #group("distributed_permission") { # if (is_standard_system) { # deps = [ -- Gitee From 5fdb68b19a178632c98ae04404f580bb63e24ebb Mon Sep 17 00:00:00 2001 From: huadongqin Date: Thu, 13 Jan 2022 10:54:54 +0800 Subject: [PATCH 13/51] Signed-off-by: huadongqin Change-Id: I35ccad6dcd68f1ec3b0c6c2a66bc1afc2c7713de --- .../token_setproc/include/token_setproc.h | 6 ++-- .../token_setproc/src/token_setproc.c | 30 +++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/interfaces/innerkits/token_setproc/include/token_setproc.h b/interfaces/innerkits/token_setproc/include/token_setproc.h index f95ae7147..2a6b47574 100644 --- a/interfaces/innerkits/token_setproc/include/token_setproc.h +++ b/interfaces/innerkits/token_setproc/include/token_setproc.h @@ -19,14 +19,14 @@ #include #ifdef __cplusplus -extern "C"{ +extern "C" { #endif -uint64_t GetSelfTokenID(); +uint64_t GetSelfTokenID(void); int SetSelfTokenID(uint64_t tokenID); -uint64_t GetFirstCallerTokenID(); +uint64_t GetFirstCallerTokenID(void); int SetFirstCallerTokenID(uint64_t tokenID); diff --git a/interfaces/innerkits/token_setproc/src/token_setproc.c b/interfaces/innerkits/token_setproc/src/token_setproc.c index 59420d191..8a793c25d 100644 --- a/interfaces/innerkits/token_setproc/src/token_setproc.c +++ b/interfaces/innerkits/token_setproc/src/token_setproc.c @@ -31,13 +31,13 @@ enum { }; #define ACCESS_TOKENID_GET_TOKENID \ - _IOR(ACCESS_TOKEN_ID_IOCTL_BASE,GET_TOKEN_ID,unsigned long long) + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_TOKEN_ID, unsigned long long) #define ACCESS_TOKENID_SET_TOKENID \ - _IOW(ACCESS_TOKEN_ID_IOCTL_BASE,SET_TOKEN_ID,unsigned long long) -#define ACCESS_TOKENID_GET_FTOKENID\ - _IOR(ACCESS_TOKEN_ID_IOCTL_BASE,GET_FTOKEN_ID,unsigned long long) + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_TOKEN_ID, unsigned long long) +#define ACCESS_TOKENID_GET_FTOKENID \ + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_FTOKEN_ID, unsigned long long) #define ACCESS_TOKENID_SET_FTOKENID \ - _IOW(ACCESS_TOKEN_ID_IOCTL_BASE,SET_FTOKEN_ID,unsigned long long) + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_FTOKEN_ID, unsigned long long) #define ACCESS_TOKEN_OK 0 #define ACCESS_TOKEN_ERROR (-1) @@ -47,14 +47,14 @@ enum { #define TOKENID_DEVNODE "/dev/access_token_id" -uint64_t GetSelfTokenID() +uint64_t GetSelfTokenID(void) { uint64_t token = INVAL_TOKEN_ID; - int fd = open(TOKENID_DEVNODE,O_RDWR); + int fd = open(TOKENID_DEVNODE, O_RDWR); if (fd < 0) { return INVAL_TOKEN_ID; } - int ret =ioctl(fd,ACCESS_TOKENID_GET_TOKENID,&token); + int ret =ioctl(fd, ACCESS_TOKENID_GET_TOKENID, &token); if (ret) { close(fd); return INVAL_TOKEN_ID; @@ -66,11 +66,11 @@ uint64_t GetSelfTokenID() int SetSelfTokenID(uint64_t tokenID) { - int fd = open(TOKENID_DEVNODE,O_RDWR); + int fd = open(TOKENID_DEVNODE, O_RDWR); if (fd < 0) { return ACCESS_TOKEN_ERROR; } - int ret = ioctl(fd,ACCESS_TOKENID_SET_TOKENID,&tokenID); + int ret = ioctl(fd, ACCESS_TOKENID_SET_TOKENID, &tokenID); if (ret) { close(fd); return ACCESS_TOKEN_ERROR; @@ -80,14 +80,14 @@ int SetSelfTokenID(uint64_t tokenID) return ACCESS_TOKEN_OK; } -uint64_t GetFirstCallerTokenID() +uint64_t GetFirstCallerTokenID(void) { uint64_t token = INVAL_TOKEN_ID; - int fd = open(TOKENID_DEVNODE,O_RDWR); + int fd = open(TOKENID_DEVNODE, O_RDWR); if (fd < 0) { return INVAL_TOKEN_ID; } - int ret = ioctl(fd,ACCESS_TOKENID_GET_FTOKENID,&token); + int ret = ioctl(fd, ACCESS_TOKENID_GET_FTOKENID, &token); if (ret) { close(fd); return INVAL_TOKEN_ID; @@ -99,11 +99,11 @@ uint64_t GetFirstCallerTokenID() int SetFirstCallerTokenID(uint64_t tokenID) { - int fd = open(TOKENID_DEVNODE,O_RDWR); + int fd = open(TOKENID_DEVNODE, O_RDWR); if (fd < 0) { return ACCESS_TOKEN_ERROR; } - int ret = ioctl(fd,ACCESS_TOKENID_SET_FTOKENID,&tokenID); + int ret = ioctl(fd, ACCESS_TOKENID_SET_FTOKENID, &tokenID); if (ret) { close(fd); return ACCESS_TOKEN_ERROR; -- Gitee From 7439029ec7b6f26958bd2ddc73bbdc24a7f707c8 Mon Sep 17 00:00:00 2001 From: huadongqin Date: Thu, 13 Jan 2022 11:11:24 +0800 Subject: [PATCH 14/51] Signed-off-by: huadongqin Change-Id: I35ccad6dcd68f1ec3b0c6c2a66bc1afc2c7713de --- BUILD.gn | 1 - 1 file changed, 1 deletion(-) diff --git a/BUILD.gn b/BUILD.gn index d0e402760..5f5cae979 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -13,7 +13,6 @@ #import("//base/security/permission/permission.gni") import("//build/ohos.gni") - group("accesstoken_build_module") { if (is_standard_system) { deps = [ -- Gitee From 3eaa3414ad5fab6009b4cc0ea2077f81ff5f4e78 Mon Sep 17 00:00:00 2001 From: huadongqin Date: Thu, 13 Jan 2022 11:30:42 +0800 Subject: [PATCH 15/51] Signed-off-by: huadongqin Change-Id: I35ccad6dcd68f1ec3b0c6c2a66bc1afc2c7713de --- interfaces/innerkits/token_setproc/BUILD.gn | 4 +--- interfaces/innerkits/token_setproc/test/BUILD.gn | 8 ++------ 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/interfaces/innerkits/token_setproc/BUILD.gn b/interfaces/innerkits/token_setproc/BUILD.gn index a214169fd..74e429ff1 100644 --- a/interfaces/innerkits/token_setproc/BUILD.gn +++ b/interfaces/innerkits/token_setproc/BUILD.gn @@ -36,9 +36,7 @@ ohos_static_library("libtoken_setproc") { "src", ] - sources = [ - "src/token_setproc.c", - ] + sources = [ "src/token_setproc.c" ] deps = [] } diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn index de0c63587..14c1dbf80 100644 --- a/interfaces/innerkits/token_setproc/test/BUILD.gn +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -22,9 +22,7 @@ ohos_unittest("libtoken_setproc_test") { "//base/security/access_token/interfaces/innerkits/token_setproc/include", ] - sources = [ - "unittest/cpp/src/tokensetproc_kit_test.cpp", - ] + sources = [ "unittest/cpp/src/tokensetproc_kit_test.cpp" ] cflags_cc = [ "-fexceptions" ] @@ -37,7 +35,5 @@ ohos_unittest("libtoken_setproc_test") { group("unittest") { testonly = true - deps = [ - ":libtoken_setproc_test", - ] + deps = [ ":libtoken_setproc_test" ] } -- Gitee From 9a42865335b6057a1beda53b3228927be0cd3f1c Mon Sep 17 00:00:00 2001 From: lsq Date: Thu, 13 Jan 2022 20:54:49 +0800 Subject: [PATCH 16/51] update access_token Signed-off-by: lsq --- BUILD.gn | 5 +- .../accesstoken/src/permission_def_parcel.cpp | 16 +- frameworks/common/include/data_validator.h | 10 + frameworks/common/src/data_validator.cpp | 30 +- interfaces/innerkits/accesstoken/BUILD.gn | 3 +- .../main/cpp/include/access_token.h | 7 +- .../main/cpp/include/accesstoken_kit.h | 2 +- .../main/cpp/include/permission_def.h | 6 +- .../main/cpp/include/permission_state_full.h | 6 +- .../main/cpp/src/accesstoken_kit.cpp | 93 +- .../cpp/src/accesstoken_manager_client.cpp | 84 +- .../main/cpp/src/accesstoken_manager_client.h | 40 +- .../cpp/src/accesstoken_manager_proxy.cpp | 10 +- .../unittest/cpp/src/accesstoken_kit_test.cpp | 1744 ++++++++++++++++- .../unittest/cpp/src/accesstoken_kit_test.h | 9 + .../innerkits/{nativetoken => atlib}/BUILD.gn | 16 +- .../main/include/accesstoken_lib.h | 18 +- .../main/include/accesstoken_log.h | 10 +- .../main/include/accesstokenlib_kit.h | 0 .../main/src/accesstoken_lib.c | 536 +++-- .../{nativetoken => atlib}/test/BUILD.gn | 13 +- .../cpp/src/accesstokenlib_kit_test.cpp | 353 ++++ .../cpp/src/accesstokenlib_kit_test.h | 6 +- .../cpp/src/accesstokenlib_kit_test.cpp | 123 -- interfaces/innerkits/token_setproc/BUILD.gn | 1 - .../token_setproc/include/token_setproc.h | 73 +- .../token_setproc/src/token_setproc.c | 230 +-- .../innerkits/token_setproc/test/BUILD.gn | 1 - .../cpp/src/tokensetproc_kit_test.cpp | 64 +- .../unittest/cpp/src/tokensetproc_kit_test.h | 70 +- interfaces/kits/accesstoken/BUILD.gn | 66 + .../accesstoken/napi/include/napi_atmanager.h | 88 + .../accesstoken/napi/src/napi_atmanager.cpp | 589 ++++++ services/accesstokenmanager/BUILD.gn | 28 +- .../main/cpp/include/database/field_const.h | 4 +- .../permission/permission_definition_cache.h | 2 + .../include/permission/permission_manager.h | 11 +- .../permission/permission_policy_set.h | 34 +- .../include/permission/permission_validator.h | 1 - .../include/token/accesstoken_id_manager.h | 1 + .../include/token/accesstoken_info_manager.h | 4 +- .../cpp/include/token/hap_token_info_inner.h | 2 +- .../include/token/native_token_info_inner.h | 5 +- .../cpp/include/token/native_token_receptor.h | 69 + .../main/cpp/src/database/data_translator.cpp | 48 +- .../main/cpp/src/database/sqlite_storage.cpp | 10 +- .../permission_definition_cache.cpp | 7 + .../cpp/src/permission/permission_manager.cpp | 98 +- .../src/permission/permission_policy_set.cpp | 135 +- .../src/permission/permission_validator.cpp | 23 +- .../service/accesstoken_manager_service.cpp | 16 +- .../src/service/accesstoken_manager_stub.cpp | 46 +- .../cpp/src/token/accesstoken_id_manager.cpp | 9 +- .../src/token/accesstoken_info_manager.cpp | 130 +- .../cpp/src/token/hap_token_info_inner.cpp | 25 + .../cpp/src/token/native_token_info_inner.cpp | 41 +- .../cpp/src/token/native_token_receptor.cpp | 249 +++ services/accesstokenmanager/test/BUILD.gn | 8 +- .../cpp/src/accesstoken_info_manager_test.cpp | 18 +- .../cpp/src/native_token_receptor_test.cpp | 716 +++++++ .../cpp/src/native_token_receptor_test.h | 28 +- .../main/cpp/tokensync_manager_service.cpp | 4 + 62 files changed, 5122 insertions(+), 972 deletions(-) rename interfaces/innerkits/{nativetoken => atlib}/BUILD.gn (76%) rename interfaces/innerkits/{nativetoken => atlib}/main/include/accesstoken_lib.h (79%) rename interfaces/innerkits/{nativetoken => atlib}/main/include/accesstoken_log.h (71%) rename interfaces/innerkits/{nativetoken => atlib}/main/include/accesstokenlib_kit.h (100%) rename interfaces/innerkits/{nativetoken => atlib}/main/src/accesstoken_lib.c (41%) rename interfaces/innerkits/{nativetoken => atlib}/test/BUILD.gn (89%) create mode 100644 interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp rename interfaces/innerkits/{nativetoken => atlib}/test/unittest/cpp/src/accesstokenlib_kit_test.h (84%) delete mode 100644 interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp create mode 100644 interfaces/kits/accesstoken/BUILD.gn create mode 100644 interfaces/kits/accesstoken/napi/include/napi_atmanager.h create mode 100644 interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp create mode 100644 services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h create mode 100644 services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp create mode 100644 services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp rename interfaces/innerkits/accesstoken/main/cpp/include/accesstoken.h => services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.h (68%) diff --git a/BUILD.gn b/BUILD.gn index 5f5cae979..f2393de68 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -17,8 +17,9 @@ group("accesstoken_build_module") { if (is_standard_system) { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "//base/security/access_token/interfaces/innerkits/nativetoken:libaccesstoken_lib", + "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl", "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", "//base/security/access_token/services/accesstokenmanager/main/sa_profile:accesstoken_sa_profile_standard", ] @@ -41,7 +42,7 @@ group("accesstoken_build_module_test") { if (is_standard_system) { deps += [ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", - "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/atlib/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", diff --git a/frameworks/accesstoken/src/permission_def_parcel.cpp b/frameworks/accesstoken/src/permission_def_parcel.cpp index 421731e9f..09943e9a0 100644 --- a/frameworks/accesstoken/src/permission_def_parcel.cpp +++ b/frameworks/accesstoken/src/permission_def_parcel.cpp @@ -15,6 +15,8 @@ #include "permission_def_parcel.h" +#include "access_token.h" + namespace OHOS { namespace Security { namespace AccessToken { @@ -35,7 +37,9 @@ bool PermissionDefParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permissionDef.permissionName)); RETURN_IF_FALSE(out.WriteString(this->permissionDef.bundleName)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.grantMode)); - RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableScope)); + RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.availableLevel)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.provisionEnable)); + RETURN_IF_FALSE(out.WriteBool(this->permissionDef.distributedSceneEnable)); RETURN_IF_FALSE(out.WriteString(this->permissionDef.label)); RETURN_IF_FALSE(out.WriteInt32(this->permissionDef.labelId)); RETURN_IF_FALSE(out.WriteString(this->permissionDef.description)); @@ -50,7 +54,13 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) permissionDefParcel->permissionDef.permissionName = in.ReadString(); permissionDefParcel->permissionDef.bundleName = in.ReadString(); RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.grantMode), permissionDefParcel); - RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.availableScope), permissionDefParcel); + + int level; + RELEASE_IF_FALSE(in.ReadInt32(level), permissionDefParcel); + permissionDefParcel->permissionDef.availableLevel = ATokenAplEnum(level); + + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.provisionEnable), permissionDefParcel); + RELEASE_IF_FALSE(in.ReadBool(permissionDefParcel->permissionDef.distributedSceneEnable), permissionDefParcel); permissionDefParcel->permissionDef.label = in.ReadString(); RELEASE_IF_FALSE(in.ReadInt32(permissionDefParcel->permissionDef.labelId), permissionDefParcel); permissionDefParcel->permissionDef.description = in.ReadString(); @@ -59,4 +69,4 @@ PermissionDefParcel* PermissionDefParcel::Unmarshalling(Parcel& in) } } // namespace AccessToken } // namespace Security -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h index dc486baa6..e5d8191e2 100644 --- a/frameworks/common/include/data_validator.h +++ b/frameworks/common/include/data_validator.h @@ -33,8 +33,18 @@ public: static bool IsDomainValid(const std::string& domain); static bool IsAplNumValid(const int apl); + + static bool IsProcessNameValid(const std::string& processName); + + static bool IsDeviceIdValid(const std::string& deviceId); + + static bool IsLabelValid(const std::string& label); + + static bool IsDescValid(const std::string& desc); + static bool IsPermissionFlagValid(int flag); private: const static int MAX_LENGTH = 256; + const static int MAX_APPIDDESC_LENGTH = 10240; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 8928c3d77..9d359022b 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -24,6 +24,16 @@ bool DataValidator::IsBundleNameValid(const std::string& bundleName) return !bundleName.empty() && (bundleName.length() <= MAX_LENGTH); } +bool DataValidator::IsLabelValid(const std::string& label) +{ + return label.length() <= MAX_LENGTH; +} + +bool DataValidator::IsDescValid(const std::string& desc) +{ + return desc.length() <= MAX_LENGTH; +} + bool DataValidator::IsPermissionNameValid(const std::string& permissionName) { return !permissionName.empty() && (permissionName.length() <= MAX_LENGTH); @@ -36,7 +46,7 @@ bool DataValidator::IsUserIdValid(const int userId) bool DataValidator::IsAppIDDescValid(const std::string& appIDDesc) { - return !appIDDesc.empty() && (appIDDesc.length() <= MAX_LENGTH); + return !appIDDesc.empty() && (appIDDesc.length() <= MAX_APPIDDESC_LENGTH); } bool DataValidator::IsDomainValid(const std::string& domain) @@ -48,6 +58,24 @@ bool DataValidator::IsAplNumValid(const int apl) { return (apl == APL_NORMAL || apl == APL_SYSTEM_BASIC || apl == APL_SYSTEM_CORE); } + +bool DataValidator::IsProcessNameValid(const std::string& processName) +{ + return !processName.empty() && (processName.length() <= MAX_LENGTH); +} + +bool DataValidator::IsDeviceIdValid(const std::string& deviceId) +{ + return !deviceId.empty() && (deviceId.length() <= MAX_LENGTH); +} + +bool DataValidator::IsPermissionFlagValid(int flag) +{ + return flag == DEFAULT_PERMISSION_FLAGS || + flag == PermissionFlag::PERMISSION_USER_SET || + flag == PermissionFlag::PERMISSION_USER_FIXED || + flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index b6cc8e22c..1db916653 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -35,7 +35,7 @@ ohos_shared_library("libaccesstoken_sdk") { "main/cpp/src", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/frameworks/common/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", ] sources = [ @@ -46,6 +46,7 @@ ohos_shared_library("libaccesstoken_sdk") { deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", "//utils/native/base:utils", ] diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h b/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h index 5f8909948..bd69ff1d3 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h +++ b/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h @@ -22,6 +22,7 @@ namespace AccessToken { typedef unsigned int AccessTokenID; typedef unsigned int AccessTokenAttr; static const int DEFAULT_TOKEN_VERSION = 1; +static const int DEFAULT_PERMISSION_FLAGS = 0; enum AccessTokenKitRet { RET_FAILED = -1, @@ -65,12 +66,6 @@ typedef enum TypeGrantMode { SYSTEM_GRANT = 1, } GrantMode; -typedef enum TypeAvailableScope { - AVAILABLE_SCOPE_ALL = 1 << 0, - AVAILABLE_SCOPE_SIGNATURE = 1 << 1, - AVAILABLE_SCOPE_RESTRICTED = 1 << 2 -} AvailableScope; - typedef enum TypePermissionFlag { PERMISSION_USER_SET = 1 << 0, PERMISSION_USER_FIXED = 1 << 1, diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h index c8ccb5860..6334ed496 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h @@ -34,7 +34,7 @@ public: static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); static int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); static int DeleteToken(AccessTokenID tokenID); - static int GetTokenType(AccessTokenID tokenID); + static ATokenTypeEnum GetTokenType(AccessTokenID tokenID); static int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); static AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); static int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h b/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h index a08b3103c..f3cc81b63 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h +++ b/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h @@ -18,6 +18,8 @@ #include +#include "access_token.h" + namespace OHOS { namespace Security { namespace AccessToken { @@ -26,7 +28,9 @@ public: std::string permissionName; std::string bundleName; int grantMode; - int availableScope; + TypeATokenAplEnum availableLevel; + bool provisionEnable; + bool distributedSceneEnable; std::string label; int labelId; std::string description; diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h b/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h index 17b8b0137..7805a3d9e 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h +++ b/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h @@ -13,8 +13,8 @@ * limitations under the License. */ -#ifndef INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H -#define INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATE_FULL_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATE_FULL_H #include #include @@ -33,4 +33,4 @@ public: } // namespace AccessToken } // namespace Security } // namespace OHOS -#endif // INTERFACES_INNER_KITS_PERMISSION_PERMISSION_STATE_FULL_H +#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_PERMISSION_STATE_FULL_H diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp index 5d4d82bdc..3a2f1aef0 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp @@ -20,6 +20,7 @@ #include "accesstoken_log.h" #include "accesstoken_manager_client.h" +#include "data_validator.h" namespace OHOS { namespace Security { @@ -30,7 +31,14 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) { + AccessTokenIDEx res = {0}; ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) + || !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) + || !DataValidator::IsDomainValid(policy.domain)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, input param failed", __func__); + return res; + } return AccessTokenManagerClient::GetInstance().AllocHapToken(info, policy); } @@ -44,20 +52,32 @@ AccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceI int AccessTokenKit::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if ((tokenID == 0) || (!DataValidator::IsAppIDDescValid(appIDDesc)) + || (!DataValidator::IsAplNumValid(policy.apl))) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, input param failed", __func__); + return RET_FAILED; + } return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenID, appIDDesc, policy); } int AccessTokenKit::DeleteToken(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); - return AccessTokenManagerClient::GetInstance().DeleteToken(tokenID); } -int AccessTokenKit::GetTokenType(AccessTokenID tokenID) +ATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return TOKEN_INVALID; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); return AccessTokenManagerClient::GetInstance().GetTokenType(tokenID); } @@ -72,15 +92,22 @@ int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dc AccessTokenID AccessTokenKit::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (!DataValidator::IsUserIdValid(userID) || !DataValidator::IsBundleNameValid(bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, hap token param failed", __func__); + return 0; + } ACCESSTOKEN_LOG_INFO(LABEL, "int userID=%{public}d, bundleName=%{public}s, instIndex=%{public}d", userID, bundleName.c_str(), instIndex); - return AccessTokenManagerClient::GetInstance().GetHapTokenID(userID, bundleName, instIndex); } int AccessTokenKit::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); return AccessTokenManagerClient::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfoRes); @@ -97,6 +124,14 @@ int AccessTokenKit::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& n int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return PERMISSION_DENIED; + } + if (!DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + return PERMISSION_DENIED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); } @@ -104,12 +139,16 @@ int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& int AccessTokenKit::VerifyAccessToken( AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName) { - return 0; + return PERMISSION_DENIED; } int AccessTokenKit::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (!DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "permissionName=%{public}s", permissionName.c_str()); int ret = AccessTokenManagerClient::GetInstance().GetDefPermission(permissionName, permissionDefResult); @@ -121,9 +160,12 @@ int AccessTokenKit::GetDefPermission(const std::string& permissionName, Permissi int AccessTokenKit::GetDefPermissions(AccessTokenID tokenID, std::vector& permDefList) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); - ACCESSTOKEN_LOG_INFO(LABEL, "GetDefPermissions permDefList size = %{public}d", permDefList.size()); return AccessTokenManagerClient::GetInstance().GetDefPermissions(tokenID, permDefList); } @@ -131,15 +173,26 @@ int AccessTokenKit::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, isSystemGrant=%{public}d", tokenID, isSystemGrant); - ACCESSTOKEN_LOG_INFO(LABEL, "GetReqPermissions, reqPermList size=%{public}d", reqPermList.size()); return AccessTokenManagerClient::GetInstance().GetReqPermissions(tokenID, reqPermList, isSystemGrant); } int AccessTokenKit::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return DEFAULT_PERMISSION_FLAGS; + } + if (!DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + return DEFAULT_PERMISSION_FLAGS; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); return AccessTokenManagerClient::GetInstance().GetPermissionFlag(tokenID, permissionName); } @@ -147,6 +200,18 @@ int AccessTokenKit::GetPermissionFlag(AccessTokenID tokenID, const std::string& int AccessTokenKit::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsPermissionFlagValid(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: flag is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s, flag=%{public}d", tokenID, permissionName.c_str(), flag); return AccessTokenManagerClient::GetInstance().GrantPermission(tokenID, permissionName, flag); @@ -155,6 +220,18 @@ int AccessTokenKit::GrantPermission(AccessTokenID tokenID, const std::string& pe int AccessTokenKit::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsPermissionNameValid(permissionName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsPermissionFlagValid(flag)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: flag is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s, flag=%{public}d", tokenID, permissionName.c_str(), flag); return AccessTokenManagerClient::GetInstance().RevokePermission(tokenID, permissionName, flag); @@ -163,6 +240,10 @@ int AccessTokenKit::RevokePermission(AccessTokenID tokenID, const std::string& p int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID); } diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp index 8f259f150..dcfec1f30 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp @@ -16,6 +16,7 @@ #include "accesstoken_manager_client.h" #include "accesstoken_log.h" +#include "accesstoken_manager_proxy.h" #include "hap_token_info.h" #include "iservice_registry.h" #include "native_token_info.h" @@ -41,19 +42,19 @@ AccessTokenManagerClient::AccessTokenManagerClient() AccessTokenManagerClient::~AccessTokenManagerClient() {} -int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) const +int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); - return RET_FAILED; + return PERMISSION_DENIED; } return proxy->VerifyAccessToken(tokenID, permissionName); } int AccessTokenManagerClient::GetDefPermission( - const std::string& permissionName, PermissionDef& permissionDefResult) const + const std::string& permissionName, PermissionDef& permissionDefResult) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -67,7 +68,7 @@ int AccessTokenManagerClient::GetDefPermission( return result; } -int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) const +int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -85,7 +86,7 @@ int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vect } int AccessTokenManagerClient::GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) const + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -102,18 +103,18 @@ int AccessTokenManagerClient::GetReqPermissions( return result; } -int AccessTokenManagerClient::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) const +int AccessTokenManagerClient::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); - return RET_FAILED; + return DEFAULT_PERMISSION_FLAGS; } return proxy->GetPermissionFlag(tokenID, permissionName); } -int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const +int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -124,7 +125,7 @@ int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std:: return proxy->GrantPermission(tokenID, permissionName, flag); } -int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const +int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -135,7 +136,7 @@ int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std: return proxy->RevokePermission(tokenID, permissionName, flag); } -int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID) const +int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -146,7 +147,7 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke return proxy->ClearUserGrantedPermissionState(tokenID); } -AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) const +AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) { AccessTokenIDEx res = { 0 }; ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); @@ -163,7 +164,7 @@ AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& inf return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel); } -int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) const +int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -174,18 +175,18 @@ int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) const return proxy->DeleteToken(tokenID); } -int AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) const +ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); - return RET_FAILED; + return TOKEN_INVALID; } - return proxy->GetTokenType(tokenID); + return (ATokenTypeEnum)(proxy->GetTokenType(tokenID)); } -int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) const +int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -196,7 +197,7 @@ int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std:: return proxy->CheckNativeDCap(tokenID, dcap); } -AccessTokenID AccessTokenManagerClient::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) const +AccessTokenID AccessTokenManagerClient::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -208,7 +209,7 @@ AccessTokenID AccessTokenManagerClient::GetHapTokenID(int userID, const std::str } AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( - const std::string& remoteDeviceID, AccessTokenID remoteTokenID) const + const std::string& remoteDeviceID, AccessTokenID remoteTokenID) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -220,7 +221,7 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( } int AccessTokenManagerClient::UpdateHapToken( - AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) const + AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -233,7 +234,7 @@ int AccessTokenManagerClient::UpdateHapToken( return proxy->UpdateHapToken(tokenID, appIDDesc, hapPolicyParcel); } -int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) const +int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -248,7 +249,7 @@ int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInf return res; } -int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) const +int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); @@ -262,26 +263,33 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo return res; } -sptr AccessTokenManagerClient::GetProxy() const +sptr AccessTokenManagerClient::GetProxy() { - auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); - if (sam == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__); - return nullptr; - } - auto accesstokenSa = sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); - if (accesstokenSa == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__, - IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); - return nullptr; - } + if (proxy_ == nullptr) { + std::lock_guard lock(proxyMutex_); + if (proxy_ == nullptr) { + auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); + if (sam == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__); + return nullptr; + } + auto accesstokenSa = sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); + if (accesstokenSa == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__, + IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); + return nullptr; + } - auto proxy = iface_cast(accesstokenSa); - if (proxy == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); - return nullptr; + auto proxy = iface_cast(accesstokenSa); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); + return nullptr; + } + proxy_ = proxy; + } } - return proxy; + + return proxy_; } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h index cedcdae10..e3a9263f9 100755 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h @@ -16,6 +16,7 @@ #ifndef ACCESSTOKEN_MANAGER_CLIENT_H #define ACCESSTOKEN_MANAGER_CLIENT_H +#include #include #include @@ -38,31 +39,32 @@ public: virtual ~AccessTokenManagerClient(); - int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) const; - int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) const; - int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) const; + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); + int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList); int GetReqPermissions( - AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) const; - int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) const; - int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const; - int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) const; - int ClearUserGrantedPermissionState(AccessTokenID tokenID) const; - AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) const; - int DeleteToken(AccessTokenID tokenID) const; - int GetTokenType(AccessTokenID tokenID) const; - int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) const; - AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) const; - AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) const; - int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) const; - int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) const; - int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) const; + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant); + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName); + int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); + int ClearUserGrantedPermissionState(AccessTokenID tokenID); + AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); + int DeleteToken(AccessTokenID tokenID); + ATokenTypeEnum GetTokenType(AccessTokenID tokenID); + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); private: AccessTokenManagerClient(); DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient); - - sptr GetProxy() const; + std::mutex proxyMutex_; + sptr proxy_ = nullptr; + sptr GetProxy(); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp index e031e8c02..0f330c8d5 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp @@ -183,11 +183,11 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); - return RET_FAILED; + return DEFAULT_PERMISSION_FLAGS; } if (!data.WriteString(permissionName)) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); - return RET_FAILED; + return DEFAULT_PERMISSION_FLAGS; } MessageParcel reply; @@ -195,13 +195,13 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: sptr remote = Remote(); if (remote == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); - return RET_FAILED; + return DEFAULT_PERMISSION_FLAGS; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG), data, reply, option); if (requestResult != NO_ERROR) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); - return RET_FAILED; + return DEFAULT_PERMISSION_FLAGS; } int32_t result = reply.ReadInt32(); @@ -341,7 +341,7 @@ AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken( return res; } - uint64_t result = reply.ReadUint64(); + unsigned long long result = reply.ReadUint64(); ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}llu", __func__, result); res.tokenIDEx = result; return res; diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp index cce73330e..6d38f1ee3 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp @@ -14,14 +14,107 @@ */ #include "accesstoken_kit_test.h" +#include #include "accesstoken_kit.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; +namespace { +static PermissionStateFull g_grantPermissionReq = { + .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", + .isGeneral = true, + .resDeviceID = {"device"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} +}; +static PermissionStateFull g_revokePermissionReq = { + .permissionName = "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", + .isGeneral = true, + .resDeviceID = {"device"}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED} +}; + +static PermissionDef g_infoManagerTestPermDef1 = { + .permissionName = "ohos.permission.test1", + .bundleName = "accesstoken_test", + .grantMode = 1, + .label = "label", + .labelId = 1, + .description = "open the door", + .descriptionId = 1, + .availableLevel = APL_NORMAL +}; + +static PermissionDef g_infoManagerTestPermDef2 = { + .permissionName = "ohos.permission.test2", + .bundleName = "accesstoken_test", + .grantMode = 1, + .label = "label", + .labelId = 1, + .description = "break the door", + .descriptionId = 1, + .availableLevel = APL_NORMAL +}; + +static PermissionStateFull g_infoManagerTestState1 = { + .grantFlags = {1}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"} +}; + +static PermissionStateFull g_infoManagerTestState2 = { + .permissionName = "ohos.permission.test2", + .isGeneral = false, + .grantFlags = {1, 2}, + .grantStatus = {PermissionState::PERMISSION_GRANTED, PermissionState::PERMISSION_GRANTED}, + .resDeviceID = {"device 1", "device 2"} +}; + +static HapInfoParams g_infoManagerTestInfoParms = { + .bundleName = "accesstoken_test", + .userID = 1, + .instIndex = 0, + .appIDDesc = "testtesttesttest" +}; + +static HapPolicyParams g_infoManagerTestPolicyPrams = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, + .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} +}; + +static HapInfoParams g_infoManagerTestInfoParms_bak = { + .bundleName = "accesstoken_test", + .userID = 1, + .instIndex = 0, + .appIDDesc = "testtesttesttest" +}; + +static HapPolicyParams g_infoManagerTestPolicyPrams_bak = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, + .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} +}; +} + void AccessTokenKitTest::SetUpTestCase() -{} +{ + // make test case clean + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + AccessTokenKit::DeleteToken(tokenID); + + tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + AccessTokenKit::DeleteToken(tokenID); +} void AccessTokenKitTest::TearDownTestCase() { @@ -29,12 +122,15 @@ void AccessTokenKitTest::TearDownTestCase() void AccessTokenKitTest::SetUp() { + g_infoManagerTestInfoParms = g_infoManagerTestInfoParms_bak; + g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPrams_bak; HapInfoParams info = { .userID = TEST_USER_ID, .bundleName = TEST_BUNDLE_NAME, .instIndex = 0, .appIDDesc = "appIDDesc", }; + HapPolicyParams policy = { .apl = APL_NORMAL, .domain = "domain" @@ -44,14 +140,18 @@ void AccessTokenKitTest::SetUp() .permissionName = TEST_PERMISSION_NAME_ALPHA, .bundleName = TEST_BUNDLE_NAME, .grantMode = GrantMode::USER_GRANT, - .availableScope = AVAILABLE_SCOPE_ALL, + .availableLevel = APL_NORMAL, + .provisionEnable = false, + .distributedSceneEnable = false }; PermissionDef permissionDefBeta = { .permissionName = TEST_PERMISSION_NAME_BETA, .bundleName = TEST_BUNDLE_NAME, .grantMode = GrantMode::SYSTEM_GRANT, - .availableScope = AVAILABLE_SCOPE_ALL, + .availableLevel = APL_NORMAL, + .provisionEnable = false, + .distributedSceneEnable = false }; policy.permList.emplace_back(permissionDefAlpha); policy.permList.emplace_back(permissionDefBeta); @@ -72,8 +172,14 @@ void AccessTokenKitTest::SetUp() }; policy.permStateList.emplace_back(permStatAlpha); policy.permStateList.emplace_back(permStatBeta); + policy.permStateList.emplace_back(g_grantPermissionReq); + policy.permStateList.emplace_back(g_revokePermissionReq); AccessTokenKit::AllocHapToken(info, policy); + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + AccessTokenKit::DeleteToken(tokenID); } void AccessTokenKitTest::TearDown() @@ -86,47 +192,91 @@ unsigned int AccessTokenKitTest::GetAccessTokenID(int userID, std::string bundle { return AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); } + +void AccessTokenKitTest::DeleteTestToken() const +{ + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + int ret = AccessTokenKit::DeleteToken(tokenID); + if (tokenID != 0) { + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +void AccessTokenKitTest::AllocTestToken() const +{ + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); +} + /** - * @tc.name: AllocHapToken001 + * @tc.name: GetDefPermission001 * @tc.desc: Get permission definition info after AllocHapToken function has been invoked. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC AR000GK6TG */ -HWTEST_F(AccessTokenKitTest, AllocHapToken001, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GetDefPermission001, TestSize.Level1) { PermissionDef permDefResultAlpha; int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); - ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); PermissionDef permDefResultBeta; ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_BETA, permDefResultBeta); - ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permDefResultBeta.permissionName); ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permDefResultBeta.permissionName); } /** - * @tc.name: AllocHapToken002 - * @tc.desc: Get permission definition info that permission is not exist. + * @tc.name: GetDefPermission002 + * @tc.desc: Get permission definition info that permission is invalid. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC */ -HWTEST_F(AccessTokenKitTest, AllocHapToken002, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GetDefPermission002, TestSize.Level1) { PermissionDef permDefResult; int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_GAMMA, permDefResult); ASSERT_EQ(RET_FAILED, ret); + + ret = AccessTokenKit::GetDefPermission("", permDefResult); + ASSERT_EQ(RET_FAILED, ret); + + std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); + ret = AccessTokenKit::GetDefPermission(invalidPerm, permDefResult); + ASSERT_EQ(RET_FAILED, ret); } /** - * @tc.name: AllocHapToken003 + * @tc.name: GetDefPermission003 + * @tc.desc: GetDefPermission is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetDefPermission003, TestSize.Level0) +{ + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + PermissionDef permDefResultAlpha; + ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); + } +} + +/** + * @tc.name: GetDefPermissions001 * @tc.desc: Get permission definition info list after AllocHapToken function has been invoked. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC AR000GK6TG */ -HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); std::vector permDefList; int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); ASSERT_EQ(RET_SUCCESS, ret); @@ -134,27 +284,81 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1) } /** - * @tc.name: AllocHapToken004 + * @tc.name: GetDefPermissions002 + * @tc.desc: Get permission definition info list after clear permission definition list + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1) +{ + HapPolicyParams TestPolicyPrams = g_infoManagerTestPolicyPrams; + TestPolicyPrams.permList.clear(); + AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, TestPolicyPrams); + + AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + ASSERT_NE(0, tokenID); + + std::vector permDefList; + int ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(0, permDefList.size()); + + AccessTokenKit::DeleteToken(tokenID); +} + +/** + * @tc.name: GetDefPermissions003 * @tc.desc: Get permission definition info list that tokenID is invalid. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC */ -HWTEST_F(AccessTokenKitTest, AllocHapToken004, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GetDefPermissions003, TestSize.Level1) { + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + AccessTokenKit::DeleteToken(tokenID); + std::vector permDefList; int ret = AccessTokenKit::GetDefPermissions(TEST_TOKENID_INVALID, permDefList); ASSERT_EQ(RET_FAILED, ret); + + std::vector permDefListRes; + ret = AccessTokenKit::GetDefPermissions(tokenID, permDefListRes); + ASSERT_EQ(RET_FAILED, ret); + ASSERT_EQ(0, permDefListRes.size()); +} + +/** + * @tc.name: GetDefPermissions004 + * @tc.desc: GetDefPermissions is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetDefPermissions004, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + std::vector permDefList; + ret = ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(2, permDefList.size()); + } } /** * @tc.name: GetReqPermissions001 * @tc.desc: Get user granted permission state info. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC AR000GK6TG */ HWTEST_F(AccessTokenKitTest, GetReqPermissions001, TestSize.Level1) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); std::vector permStatList; int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); ASSERT_EQ(RET_SUCCESS, ret); @@ -169,30 +373,109 @@ HWTEST_F(AccessTokenKitTest, GetReqPermissions001, TestSize.Level1) * @tc.name: GetReqPermissions002 * @tc.desc: Get system granted permission state info. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC */ HWTEST_F(AccessTokenKitTest, GetReqPermissions002, TestSize.Level1) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); std::vector permStatList; int ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, true); ASSERT_EQ(RET_SUCCESS, ret); - ASSERT_EQ(1, permStatList.size()); + ASSERT_EQ(3, permStatList.size()); ASSERT_EQ(TEST_PERMISSION_NAME_BETA, permStatList[0].permissionName); ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); ASSERT_EQ(ret, permStatList[0].grantStatus[0]); } +/** + * @tc.name: GetReqPermissions003 + * @tc.desc: Get user granted permission state info after clear request permission list. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetReqPermissions003, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + HapTokenInfo hapInfo; + int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo); + ASSERT_EQ(RET_SUCCESS, ret); + + HapPolicyParams policy = { + .apl = hapInfo.apl, + .domain = "domain" + }; + policy.permStateList.clear(); + + ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, policy); + ASSERT_EQ(RET_SUCCESS, ret); + + std::vector permStatUserList; + ret = AccessTokenKit::GetReqPermissions(tokenID, permStatUserList, false); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(0, permStatUserList.size()); + + std::vector permStatSystemList; + ret = AccessTokenKit::GetReqPermissions(tokenID, permStatSystemList, true); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(0, permStatSystemList.size()); +} + +/** + * @tc.name: GetReqPermissions004 + * @tc.desc: Get permission state info list that tokenID is invalid. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetReqPermissions004, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + std::vector permStatList; + int ret = AccessTokenKit::GetReqPermissions(TEST_TOKENID_INVALID, permStatList, false); + ASSERT_EQ(RET_FAILED, ret); + + AccessTokenKit::DeleteToken(tokenID); + + ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); + ASSERT_EQ(RET_FAILED, ret); + ASSERT_EQ(0, permStatList.size()); +} + +/** + * @tc.name: GetReqPermissions005 + * @tc.desc: GetReqPermissions is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetReqPermissions005, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + std::vector permStatList; + ret = ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(1, permStatList.size()); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permStatList[0].permissionName); + } +} + /** * @tc.name: GetPermissionFlag001 * @tc.desc: Get permission flag after grant permission. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GM5FC AR000GK6TG */ HWTEST_F(AccessTokenKitTest, GetPermissionFlag001, TestSize.Level1) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_SUCCESS, ret); @@ -200,15 +483,66 @@ HWTEST_F(AccessTokenKitTest, GetPermissionFlag001, TestSize.Level1) ASSERT_EQ(PERMISSION_USER_FIXED, ret); } +/** + * @tc.name: GetPermissionFlag002 + * @tc.desc: Get permission flag that tokenID or permission is invalid. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetPermissionFlag002, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + int ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_GAMMA); + ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + + ret = AccessTokenKit::GetPermissionFlag(tokenID, ""); + ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + + std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); + ret = AccessTokenKit::GetPermissionFlag(tokenID, invalidPerm); + ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + + ret = AccessTokenKit::GetPermissionFlag(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); + + AccessTokenKit::DeleteToken(tokenID); + + ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(DEFAULT_PERMISSION_FLAGS, ret); +} + +/** + * @tc.name: GetPermissionFlag003 + * @tc.desc: GetPermissionFlag is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GM5FC + */ +HWTEST_F(AccessTokenKitTest, GetPermissionFlag003, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_USER_FIXED, ret); + } +} + /** * @tc.name: VerifyAccessToken001 * @tc.desc: Verify user granted permission. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6T8 AR000GK6TG */ HWTEST_F(AccessTokenKitTest, VerifyAccessToken001, TestSize.Level0) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_SUCCESS, ret); @@ -226,11 +560,12 @@ HWTEST_F(AccessTokenKitTest, VerifyAccessToken001, TestSize.Level0) * @tc.name: VerifyAccessToken002 * @tc.desc: Verify system granted permission. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6T8 */ HWTEST_F(AccessTokenKitTest, VerifyAccessToken002, TestSize.Level0) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_SUCCESS, ret); @@ -246,63 +581,1378 @@ HWTEST_F(AccessTokenKitTest, VerifyAccessToken002, TestSize.Level0) /** * @tc.name: VerifyAccessToken003 - * @tc.desc: Verify permission that has not been defined. + * @tc.desc: Verify permission that tokenID or permission is invalid. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6T8 */ HWTEST_F(AccessTokenKitTest, VerifyAccessToken003, TestSize.Level0) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); int ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_GAMMA); ASSERT_EQ(PERMISSION_DENIED, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, ""); + ASSERT_EQ(PERMISSION_DENIED, ret); + + std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); + ret = AccessTokenKit::VerifyAccessToken(tokenID, invalidPerm); + ASSERT_EQ(PERMISSION_DENIED, ret); + + AccessTokenKit::VerifyAccessToken(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA); + ASSERT_EQ(PERMISSION_DENIED, ret); + + AccessTokenKit::DeleteToken(tokenID); + + AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); + ASSERT_EQ(PERMISSION_DENIED, ret); } /** - * @tc.name: ClearUserGrantedPermissionState001 - * @tc.desc: Clear user granted permission fater ClearUserGrantedPermissionState has been invoked. + * @tc.name: VerifyAccessToken004 + * @tc.desc: Verify permission after update. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6T8 */ -HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState001, TestSize.Level0) +HWTEST_F(AccessTokenKitTest, VerifyAccessToken004, TestSize.Level0) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID); + ASSERT_NE(0, tokenID); + + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + HapTokenInfo hapInfo; + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapInfo); + ASSERT_EQ(RET_SUCCESS, ret); + + std::vector permDefList; + ret = AccessTokenKit::GetDefPermissions(tokenID, permDefList); + ASSERT_EQ(RET_SUCCESS, ret); + + std::vector permStatList; + ret = AccessTokenKit::GetReqPermissions(tokenID, permStatList, false); + ASSERT_EQ(RET_SUCCESS, ret); + + HapPolicyParams policy = { + .apl = hapInfo.apl, + .domain = "domain", + .permList = permDefList, + .permStateList = permStatList + }; + + ret = AccessTokenKit::UpdateHapToken(tokenID, hapInfo.appID, policy); ASSERT_EQ(RET_SUCCESS, ret); ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); - ASSERT_EQ(PERMISSION_DENIED, ret); + ASSERT_EQ(PERMISSION_GRANTED, ret); } /** - * @tc.name: DeleteToken001 - * @tc.desc: Cannot get permission definition info after DeleteToken function has been invoked. + * @tc.name: GrantPermission001 + * @tc.desc: Grant permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6TF AR000GK6TG */ -HWTEST_F(AccessTokenKitTest, DeleteToken001, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GrantPermission001, TestSize.Level0) { AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); - PermissionDef permDefResultAlpha; - int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); - ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); + ASSERT_NE(0, tokenID); + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_SUCCESS, ret); - ret = AccessTokenKit::DeleteToken(tokenID); + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_GRANTED, ret); + + ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_SUCCESS, ret); - PermissionDef defResult; - ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, defResult); + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_GRANTED, ret); +} + +/** + * @tc.name: GrantPermission002 + * @tc.desc: Grant permission that tokenID or permission is invalid. + * @tc.type: FUNC + * @tc.require:AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, GrantPermission002, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + int ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::GrantPermission(tokenID, "", PERMISSION_USER_FIXED); + ASSERT_EQ(RET_FAILED, ret); + + std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); + ret = AccessTokenKit::GrantPermission(tokenID, invalidPerm, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_FAILED, ret); + + ret = AccessTokenKit::GrantPermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_FAILED, ret); + + AccessTokenKit::DeleteToken(tokenID); + + ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); } /** - * @tc.name: DeleteToken002 - * @tc.desc: Delete invalid tokenID. + * @tc.name: GrantPermission003 + * @tc.desc: GrantPermission is invoked multiple times. * @tc.type: FUNC - * @tc.require: + * @tc.require:AR000GK6TF */ -HWTEST_F(AccessTokenKitTest, DeleteToken002, TestSize.Level1) +HWTEST_F(AccessTokenKitTest, GrantPermission003, TestSize.Level0) { - int ret = AccessTokenKit::DeleteToken(TEST_USER_ID_INVALID); + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + ret = AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_GRANTED, ret); + + ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_USER_FIXED, ret); + } +} + +/** + * @tc.name: RevokePermission001 + * @tc.desc: Revoke permission that has ohos.permission.GRANT_SENSITIVE_PERMISSIONS + * @tc.type: FUNC + * @tc.require:AR000GK6TF AR000GK6TG + */ +HWTEST_F(AccessTokenKitTest, RevokePermission001, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); + + ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); +} + +/** + * @tc.name: RevokePermission002 + * @tc.desc: Revoke permission that tokenID or permission is invalid. + * @tc.type: FUNC + * @tc.require:AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, RevokePermission002, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + int ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_GAMMA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::RevokePermission(tokenID, "", PERMISSION_USER_FIXED); + ASSERT_EQ(RET_FAILED, ret); + + std::string invalidPerm(INVALID_PERMNAME_LEN, 'a'); + ret = AccessTokenKit::RevokePermission(tokenID, invalidPerm, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_FAILED, ret); + + ret = AccessTokenKit::RevokePermission(TEST_TOKENID_INVALID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); ASSERT_EQ(RET_FAILED, ret); + + AccessTokenKit::DeleteToken(tokenID); + + ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_BETA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: RevokePermission003 + * @tc.desc: RevokePermission is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, RevokePermission003, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + ret = AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); + + ret = AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_USER_FIXED, ret); + } +} + +/** + * @tc.name: ClearUserGrantedPermissionState001 + * @tc.desc: Clear user/system granted permission after ClearUserGrantedPermissionState has been invoked. + * @tc.type: FUNC + * @tc.require:AR000GK6TF AR000GK6TG + */ +HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState001, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_BETA); + ASSERT_EQ(PERMISSION_GRANTED, ret); +} + +/** + * @tc.name: ClearUserGrantedPermissionState002 + * @tc.desc: Clear user/system granted permission that tokenID or permission is invalid. + * @tc.type: FUNC + * @tc.require:AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState002, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + + int ret = AccessTokenKit::ClearUserGrantedPermissionState(TEST_TOKENID_INVALID); + ASSERT_EQ(RET_FAILED, ret); + + AccessTokenKit::DeleteToken(tokenID); + + ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: ClearUserGrantedPermissionState003 + * @tc.desc: ClearUserGrantedPermissionState is invoked multiple times. + * @tc.type: FUNC + * @tc.require:AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, ClearUserGrantedPermissionState003, TestSize.Level0) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + int ret = RET_FAILED; + for (int i = 0; i < CYCLE_TIMES; i++) { + ret = AccessTokenKit::ClearUserGrantedPermissionState(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + ASSERT_EQ(PERMISSION_DENIED, ret); + } +} + +/** + * @tc.name: GetTokenType001 + * @tc.desc: get the token type. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetTokenType001, TestSize.Level0) +{ + AllocTestToken(); + AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + int ret = AccessTokenKit::GetTokenType(tokenID); + ASSERT_EQ(TOKEN_HAP, ret); + DeleteTestToken(); +} + +/** + * @tc.name: GetHapTokenInfo001 + * @tc.desc: get the token info and verify. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenInfo001, TestSize.Level0) +{ + HapTokenInfo hapTokenInfoRes; + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + + ASSERT_EQ(hapTokenInfoRes.apl, APL_NORMAL); + ASSERT_EQ(hapTokenInfoRes.userID, TEST_USER_ID); + ASSERT_EQ(hapTokenInfoRes.tokenID, tokenID); + ASSERT_EQ(hapTokenInfoRes.tokenAttr, 0); + ASSERT_EQ(hapTokenInfoRes.instIndex, 0); + + ASSERT_EQ(hapTokenInfoRes.appID, "appIDDesc"); + + ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME); +} + +/** + * @tc.name: GetHapTokenInfo002 + * @tc.desc: try to get the token info with invalid tokenId. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenInfo002, TestSize.Level0) +{ + HapTokenInfo hapTokenInfoRes; + int ret = AccessTokenKit::GetHapTokenInfo(TEST_TOKENID_INVALID, hapTokenInfoRes); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: DeleteToken001 + * @tc.desc: Cannot get permission definition info after DeleteToken function has been invoked. + * @tc.type: FUNC + * @tc.require:AR000GK6TI + */ +HWTEST_F(AccessTokenKitTest, DeleteToken001, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + PermissionDef permDefResultAlpha; + int ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha); + ASSERT_EQ(TEST_PERMISSION_NAME_ALPHA, permDefResultAlpha.permissionName); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + PermissionDef defResult; + ret = AccessTokenKit::GetDefPermission(TEST_PERMISSION_NAME_ALPHA, defResult); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: DeleteToken002 + * @tc.desc: Delete invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TI + */ +HWTEST_F(AccessTokenKitTest, DeleteToken002, TestSize.Level1) +{ + int ret = AccessTokenKit::DeleteToken(TEST_USER_ID_INVALID); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: DeleteToken002 + * @tc.desc: Delete invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TI + */ +HWTEST_F(AccessTokenKitTest, DeleteToken003, TestSize.Level1) +{ + HapTokenInfo hapTokenInfoRes; + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + + int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: DeleteToken004 + * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delte it again. + * @tc.type: FUNC + * @tc.require:AR000GK6TI + */ +HWTEST_F(AccessTokenKitTest, DeleteToken004, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + + int ret = AccessTokenKit::DeleteToken(tokenID); + GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.userID :" << g_infoManagerTestInfoParms.userID; + GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.bundleName :" << g_infoManagerTestInfoParms.bundleName.c_str(); + GTEST_LOG_(INFO) << "g_infoManagerTestInfoParms.instIndex :" << g_infoManagerTestInfoParms.instIndex; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + ASSERT_EQ(RET_SUCCESS, ret); + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: GetHapTokenID001 + * @tc.desc: get hap tokenid. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenID001, TestSize.Level1) +{ + HapTokenInfo hapTokenInfoRes; + AccessTokenID tokenID; + tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + + int ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ(hapTokenInfoRes.bundleName, TEST_BUNDLE_NAME); +} + +/** + * @tc.name: GetHapTokenID002 + * @tc.desc: cannot get hap tokenid with invalid userId. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenID002, TestSize.Level1) +{ + AccessTokenID tokenID; + tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID_INVALID, TEST_BUNDLE_NAME, 0); + ASSERT_EQ(0, tokenID); +} + +/** + * @tc.name: GetHapTokenID003 + * @tc.desc: cannot get hap tokenid with invalid bundlename. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenID003, TestSize.Level1) +{ + AccessTokenID tokenID; + tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, "invalid bundlename", 0); + ASSERT_EQ(0, tokenID); +} + +/** + * @tc.name: GetHapTokenID003 + * @tc.desc: cannot get hap tokenid with invalid bundlename. + * @tc.type: FUNC + * @tc.require:AR000GK6TH + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenID004, TestSize.Level1) +{ + AccessTokenID tokenID; + tokenID = AccessTokenKit::GetHapTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0xffff); + ASSERT_EQ(0, tokenID); +} + +/** + * @tc.name: AllocHapToken001 + * @tc.desc: alloc a tokenId successfully, delete it successfully the first time and fail to delte it again. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken001, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + int ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: AllocHapToken002 + * @tc.desc: alloc a tokenId successfully, + * and fail to alloc it with the same info and policy again. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken002, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + AccessTokenID tokenID; + int ret; + + tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + + ret = AccessTokenKit::DeleteToken(tokenID); + GTEST_LOG_(INFO) << "DeleteToken ret:" << ret; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + GTEST_LOG_(INFO) << "tokenIdEx.tokenIdExStruct.tokenID :" << tokenIdEx.tokenIdExStruct.tokenID; + + tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + ASSERT_NE(0, tokenID); + + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: AllocHapToken003 + * @tc.desc: cannot alloc a tokenId with invalid bundlename. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken003, TestSize.Level1) +{ + std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x'); + AccessTokenIDEx tokenIdEx = {0}; + int ret; + AccessTokenID tokenID; + + DeleteTestToken(); + GTEST_LOG_(INFO) << "get hap token info:" << invalidBundleName.length(); + g_infoManagerTestInfoParms.bundleName = invalidBundleName; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + + tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + ASSERT_EQ(0, tokenID); + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_FAILED, ret); + + g_infoManagerTestInfoParms.bundleName = "accesstoken_test"; +} + +/** + * @tc.name: AllocHapToken004 + * @tc.desc: cannot alloc a tokenId with invalid apl. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken004, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + AccessTokenID tokenID; + ATokenAplEnum typeBackUp = g_infoManagerTestPolicyPrams.apl; + DeleteTestToken(); + + g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + + tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + ASSERT_EQ(0, tokenID); + int ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_FAILED, ret); + g_infoManagerTestPolicyPrams.apl = typeBackUp; +} + +/** + * @tc.name: AllocHapToken005 + * @tc.desc: can alloc a tokenId when bundlename in permdef is different with bundlename in info. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken005, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + std::string backUp; + std::string backUpPermission; + std::string bundleNameBackUp = g_infoManagerTestPermDef1.bundleName; + DeleteTestToken(); + + backUp = g_infoManagerTestPolicyPrams.permList[0].bundleName; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + + g_infoManagerTestPolicyPrams.permList[0].bundleName = "invalid_bundleName"; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp01"; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].bundleName = backUp; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: AllocHapToken006 + * @tc.desc: can alloc a tokenId with a invalid permList permissionName. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken006, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + std::string backUp; + DeleteTestToken(); + + const std::string invalidPermissionName (INVALID_PERMNAME_LEN, 'x'); + backUp = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = invalidPermissionName; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission(invalidPermissionName, permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUp; +} + +/** + * @tc.name: AllocHapToken007 + * @tc.desc: can alloc a tokenId with invalid permdef. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken007, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + std::string backUp; + std::string backUpPermission; + DeleteTestToken(); + + const std::string invalidBundleName (INVALID_BUNDLENAME_LEN, 'x'); + backUp = g_infoManagerTestPolicyPrams.permList[0].bundleName; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp02"; + g_infoManagerTestPolicyPrams.permList[0].bundleName = invalidBundleName; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].bundleName = backUp; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: AllocHapToken008 + * @tc.desc: can alloc a tokenId with invalid permdef. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken008, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + std::string backUp; + std::string backUpPermission; + DeleteTestToken(); + + const std::string invalidLabel (INVALID_LABEL_LEN, 'x'); + backUp = g_infoManagerTestPolicyPrams.permList[0].label; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp03"; + g_infoManagerTestPolicyPrams.permList[0].label = invalidLabel; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].label = backUp; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: AllocHapToken009 + * @tc.desc: can alloc a tokenId with invalid permdef. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken009, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + std::string backUp; + std::string backUpPermission; + DeleteTestToken(); + + const std::string invalidDescription (INVALID_DESCRIPTION_LEN, 'x'); + backUp = g_infoManagerTestPolicyPrams.permList[0].description; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp04"; + g_infoManagerTestPolicyPrams.permList[0].description = invalidDescription; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + + g_infoManagerTestPolicyPrams.permList[0].description = backUp; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +static bool ExistInVector(vector array, unsigned int value) +{ + vector::iterator it; + it = find(array.begin(), array.end(), value); + if (it != array.end()) { + return true; + } else { + return false; + } +} + +/** + * @tc.name: AllocHapToken010 + * @tc.desc: alloc and delete in a loop. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + AccessTokenID tokenID; + int ret; + bool exist = false; + + DeleteTestToken(); + vector obj; + for (int i = 0; i < CYCLE_TIMES; i++) { + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + + exist = ExistInVector(obj, tokenID); + ASSERT_EQ(false, exist); + obj.push_back(tokenID); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: AllocHapToken011 + * @tc.desc: cannot alloc a tokenId with invalid appIDDesc. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken011, TestSize.Level1) +{ + std::string invalidAppIDDesc (INVALID_APPIDDESC_LEN, 'x'); + std::string backup; + AccessTokenIDEx tokenIdEx = {0}; + + DeleteTestToken(); + backup = g_infoManagerTestInfoParms.appIDDesc; + g_infoManagerTestInfoParms.appIDDesc = invalidAppIDDesc; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + g_infoManagerTestInfoParms.appIDDesc = backup; +} + +/** + * @tc.name: AllocHapToken012 + * @tc.desc: cannot alloc a tokenId with invalid bundleName. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken012, TestSize.Level1) +{ + std::string backup; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestInfoParms.bundleName; + g_infoManagerTestInfoParms.bundleName = ""; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + g_infoManagerTestInfoParms.bundleName = backup; +} + +/** + * @tc.name: AllocHapToken013 + * @tc.desc: cannot alloc a tokenId with invalid appIDDesc. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken013, TestSize.Level1) +{ + std::string backup; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestInfoParms.appIDDesc; + g_infoManagerTestInfoParms.appIDDesc = ""; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_EQ(0, tokenIdEx.tokenIdExStruct.tokenID); + g_infoManagerTestInfoParms.appIDDesc = backup; +} + +/** + * @tc.name: AllocHapToken014 + * @tc.desc: can alloc a tokenId with permList permissionName as "". + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken014, TestSize.Level1) +{ + std::string backup; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = ""; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission("", permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + g_infoManagerTestPolicyPrams.permList[0].permissionName = backup; +} + +/** + * @tc.name: AllocHapToken015 + * @tc.desc: can alloc a tokenId with permList bundleName as "". + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken015, TestSize.Level1) +{ + std::string backup; + std::string backUpPermission; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestPolicyPrams.permList[0].bundleName; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].bundleName = ""; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp05"; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + PermissionDef permDefResultBeta; + int ret = AccessTokenKit::GetDefPermission( + g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResultBeta); + ASSERT_EQ(RET_FAILED, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[1].permissionName, permDefResultBeta); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].bundleName = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: AllocHapToken016 + * @tc.desc: can alloc a tokenId with label as "". + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken016, TestSize.Level1) +{ + std::string backup; + std::string backUpPermission; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestPolicyPrams.permList[0].label; + g_infoManagerTestPolicyPrams.permList[0].label = ""; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp06"; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + PermissionDef permDefResult; + int ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(ret, RET_SUCCESS); + g_infoManagerTestPolicyPrams.permList[0].label = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: AllocHapToken017 + * @tc.desc: cannot alloc a tokenId with invalid permdef. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, AllocHapToken017, TestSize.Level1) +{ + std::string backUpPermission; + std::string backup; + AccessTokenIDEx tokenIdEx = {0}; + + backup = g_infoManagerTestPolicyPrams.permList[0].description; + g_infoManagerTestPolicyPrams.permList[0].description = ""; + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp07"; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + PermissionDef permDefResult; + int ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(ret, RET_SUCCESS); + g_infoManagerTestPolicyPrams.permList[0].description = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; +} + +/** + * @tc.name: UpdateHapToken001 + * @tc.desc: alloc a tokenId successfully, update it successfully and verify it. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken001, TestSize.Level1) +{ + int userID = g_infoManagerTestInfoParms.userID; + const std::string bundleName = g_infoManagerTestInfoParms.bundleName; + int instIndex = g_infoManagerTestInfoParms.instIndex; + + const std::string appIDDesc = "housework app"; + + DeleteTestToken(); + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + GTEST_LOG_(INFO) << "tokenID :" << tokenIdEx.tokenIdExStruct.tokenID; + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; + + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(0, ret); + + HapTokenInfo hapTokenInfoRes; + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + + ASSERT_EQ(hapTokenInfoRes.appID, "housework app"); + ASSERT_EQ(hapTokenInfoRes.apl, APL_SYSTEM_BASIC); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: UpdateHapToken002 + * @tc.desc: cannot update hap token info with invalid userId. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken002, TestSize.Level1) +{ + int ret = AccessTokenKit::UpdateHapToken(TEST_USER_ID_INVALID, "appIDDesc", g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: UpdateHapToken003 + * @tc.desc: cannot update hap token info with invalid appIDDesc. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken003, TestSize.Level1) +{ + int userID = g_infoManagerTestInfoParms.userID; + const std::string bundleName = g_infoManagerTestInfoParms.bundleName; + int instIndex = g_infoManagerTestInfoParms.instIndex; + + const std::string appIDDesc (INVALID_APPIDDESC_LEN, 'x'); + + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); + + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_FAILED, ret); + + HapTokenInfo hapTokenInfoRes; + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + + ASSERT_EQ(hapTokenInfoRes.appID, "testtesttesttest"); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: UpdateHapToken004 + * @tc.desc: cannot update a tokenId with invalid apl. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken004, TestSize.Level1) +{ + int userID = g_infoManagerTestInfoParms.userID; + const std::string bundleName = g_infoManagerTestInfoParms.bundleName; + int instIndex = g_infoManagerTestInfoParms.instIndex; + + const std::string appIDDesc = "housework app"; + + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + + AccessTokenID tokenID = AccessTokenKit::GetHapTokenID(userID, bundleName, instIndex); + + g_infoManagerTestPolicyPrams.apl = (ATokenAplEnum)5; + + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_FAILED, ret); + + HapTokenInfo hapTokenInfoRes; + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + ASSERT_EQ(RET_SUCCESS, ret); + + ASSERT_EQ(hapTokenInfoRes.apl, APL_NORMAL); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: UpdateHapToken005 + * @tc.desc: cannot update a tokenId with invalid string value. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) +{ + std::string backUpPermission; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + PermissionDef permDefResult; + + DeleteTestToken(); + g_infoManagerTestInfoParms.bundleName = "test_UpdateHapToken005"; + AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + ASSERT_NE(0, tokenID); + + std::string backup = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = ""; + int ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(RET_FAILED, ret); + g_infoManagerTestPolicyPrams.permList[0].permissionName = backup; + + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp11"; + backup = g_infoManagerTestPolicyPrams.permList[0].bundleName; + g_infoManagerTestPolicyPrams.permList[0].bundleName = ""; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(RET_FAILED, ret); + g_infoManagerTestPolicyPrams.permList[0].bundleName = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; + + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp12"; + backup = g_infoManagerTestPolicyPrams.permList[0].label; + g_infoManagerTestPolicyPrams.permList[0].label = ""; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_SUCCESS, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].label = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; + + backUpPermission = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.testtmp13"; + backup = g_infoManagerTestPolicyPrams.permList[0].description; + g_infoManagerTestPolicyPrams.permList[0].description = ""; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_SUCCESS, ret); + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].description = backup; + g_infoManagerTestPolicyPrams.permList[0].permissionName = backUpPermission; + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: UpdateHapToken006 + * @tc.desc: update a batch of tokenId. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + AccessTokenID tokenID; + int ret; + vector obj; + bool exist; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + HapInfoParams infoManagerTestInfo = g_infoManagerTestInfoParms; + DeleteTestToken(); + + for (int i = 0; i < CYCLE_TIMES; i++) { + tokenIdEx = AccessTokenKit::AllocHapToken(infoManagerTestInfo, g_infoManagerTestPolicyPrams); + tokenID = GetAccessTokenID(infoManagerTestInfo.userID, + infoManagerTestInfo.bundleName, + infoManagerTestInfo.instIndex); + + exist = ExistInVector(obj, tokenID); + ASSERT_EQ(false, exist); + obj.push_back(tokenID); + infoManagerTestInfo.userID++; + } + + infoManagerTestInfo.instIndex = 1; + g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; + for (int i = 0; i < obj.size(); i++) { + ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_SUCCESS, ret); + } + g_infoManagerTestPolicyPrams.apl = APL_NORMAL; + + for (int i = 0; i < obj.size(); i++) { + ret = AccessTokenKit::DeleteToken(obj[i]); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: UpdateHapToken007 + * @tc.desc: add new permissdef. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken007, TestSize.Level1) +{ + int ret; + std::string backup; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + DeleteTestToken(); + + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + + PermissionDef permDefResult; + /* check permission define befor update */ + ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult); + ASSERT_EQ(RET_FAILED, ret); + + backup = g_infoManagerTestPolicyPrams.permList[0].permissionName; + g_infoManagerTestPolicyPrams.permList[0].permissionName = "ohos.permission.test3"; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].permissionName = backup; + + GTEST_LOG_(INFO) << "permissionName :" << g_infoManagerTestPolicyPrams.permList[0].permissionName; + + ret = AccessTokenKit::GetDefPermission("ohos.permission.test3", permDefResult); + if (ret != RET_SUCCESS) { + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); + } + ASSERT_EQ(RET_SUCCESS, ret); + ASSERT_EQ("ohos.permission.test3", permDefResult.permissionName); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} +/** + * @tc.name: UpdateHapToken008 + * @tc.desc: modify permissdef's grantMode. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken008, TestSize.Level1) +{ + int ret; + std::string backup; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + DeleteTestToken(); + + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + + PermissionDef permDefResult; + /* check permission define befor update */ + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult.permissionName); + ASSERT_EQ("label", permDefResult.label); + ASSERT_EQ(1, permDefResult.grantMode); + ASSERT_EQ(RET_SUCCESS, ret); + + backup = g_infoManagerTestPolicyPrams.permList[0].label; + g_infoManagerTestPolicyPrams.permList[0].grantMode = 0; + g_infoManagerTestPolicyPrams.permList[0].label = "updated label"; + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, g_infoManagerTestPolicyPrams); + ASSERT_EQ(RET_SUCCESS, ret); + g_infoManagerTestPolicyPrams.permList[0].label = backup; + g_infoManagerTestPolicyPrams.permList[0].grantMode = 1; + + /* check permission define after update */ + ret = AccessTokenKit::GetDefPermission(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult); + ASSERT_EQ(g_infoManagerTestPolicyPrams.permList[0].permissionName, permDefResult.permissionName); + ASSERT_EQ("updated label", permDefResult.label); + ASSERT_EQ(0, permDefResult.grantMode); + ASSERT_EQ(RET_SUCCESS, ret); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +/** + * @tc.name: UpdateHapToken009 + * @tc.desc: old permission define will not update its grantStatus. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, UpdateHapToken009, TestSize.Level1) +{ + int ret; + std::vector permDefList; + const std::string appIDDesc = g_infoManagerTestInfoParms.appIDDesc; + PermissionDef infoManagerTestPermDef = g_infoManagerTestPermDef1; + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionState::PERMISSION_DENIED}, + .grantStatus = {3}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + + HapPolicyParams infoManagerTestPolicyPrams = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {infoManagerTestPermDef}, + .permStateList = {infoManagerTestState}}; + + DeleteTestToken(); + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; + GTEST_LOG_(INFO) << "tokenID :" << tokenID; + + ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1"); + ASSERT_EQ(ret, g_infoManagerTestState1.grantStatus[0]); + + ret = AccessTokenKit::UpdateHapToken(tokenID, appIDDesc, infoManagerTestPolicyPrams); + + ret = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); + + ret = AccessTokenKit::DeleteToken(tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +static void *ThreadTestFunc01(void *args) +{ + ATokenTypeEnum type; + AccessTokenID tokenID; + + for (int i = 0; i < CYCLE_TIMES; i++) { + tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + type = AccessTokenKit::GetTokenType(tokenID); + if (type != TOKEN_HAP) { + GTEST_LOG_(INFO) << "ThreadTestFunc01 failed" << tokenID; + } + } + return NULL; +} + +static void *ThreadTestFunc02(void *args) +{ + int ret; + AccessTokenID tokenID; + HapTokenInfo hapTokenInfoRes; + + for (int i = 0; i < CYCLE_TIMES; i++) { + tokenID = AccessTokenKit::GetHapTokenID(g_infoManagerTestInfoParms.userID, + g_infoManagerTestInfoParms.bundleName, + g_infoManagerTestInfoParms.instIndex); + ret = AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfoRes); + if (ret != RET_SUCCESS) { + GTEST_LOG_(INFO) << "ThreadTestFunc02 failed" << tokenID; + } + } + return NULL; +} + +/** + * @tc.name: AllocHapToken011 + * @tc.desc: Mulitpulthread test. + * @tc.type: FUNC + * @tc.require:AR000GK6TJ + */ +HWTEST_F(AccessTokenKitTest, Mulitpulthread001, TestSize.Level1) +{ + int ret; + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + pthread_t tid[2]; + (void)pthread_create(&tid[0], 0, &ThreadTestFunc01, NULL); + (void)pthread_create(&tid[1], 0, &ThreadTestFunc01, NULL); + pthread_join(tid[0], NULL); + pthread_join(tid[1], NULL); + + (void)pthread_create(&tid[0], 0, &ThreadTestFunc02, NULL); + (void)pthread_create(&tid[1], 0, &ThreadTestFunc02, NULL); + pthread_join(tid[0], NULL); + pthread_join(tid[1], NULL); + + ret = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, ret); +} + +void ConcurrencyTask(unsigned int tokenID) +{ + for (int i = 0; i < CYCLE_TIMES; i++) { + AccessTokenKit::GrantPermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_FIXED); + AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + + AccessTokenKit::RevokePermission(tokenID, TEST_PERMISSION_NAME_ALPHA, PERMISSION_USER_SET); + AccessTokenKit::GetPermissionFlag(tokenID, TEST_PERMISSION_NAME_ALPHA); + AccessTokenKit::VerifyAccessToken(tokenID, TEST_PERMISSION_NAME_ALPHA); + } +} + +/** + * @tc.name: ConcurrencyTest001 + * @tc.desc: Concurrency testing + * @tc.type: FUNC + * @tc.require:AR000GM5FC AR000GK6T8 AR000GK6TF + */ +HWTEST_F(AccessTokenKitTest, ConcurrencyTest001, TestSize.Level1) +{ + AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0); + ASSERT_NE(0, tokenID); + std::vector threadVec; + for (int i = 0; i < THREAD_NUM; i++) { + threadVec.emplace_back(std::thread(ConcurrencyTask, tokenID)); + } + for (auto it = threadVec.begin(); it != threadVec.end(); it++) { + it->join(); + } } diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h index 25de97777..06eb17525 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h +++ b/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h @@ -28,6 +28,13 @@ static const std::string TEST_PERMISSION_NAME_GAMMA = "ohos.permission.GAMMA"; static const int TEST_USER_ID = 0; static const int TEST_USER_ID_INVALID = -1; static const unsigned int TEST_TOKENID_INVALID = 0; +static const int INVALID_BUNDLENAME_LEN = 260; +static const int INVALID_APPIDDESC_LEN = 10244; +static const int INVALID_LABEL_LEN = 260; +static const int INVALID_DESCRIPTION_LEN = 260; +static const int INVALID_PERMNAME_LEN = 260; +static const int CYCLE_TIMES = 100; +static const int THREAD_NUM = 3; class AccessTokenKitTest : public testing::Test { public: static void SetUpTestCase(); @@ -38,6 +45,8 @@ public: void TearDown(); unsigned int GetAccessTokenID(int userID, std::string bundleName, int instIndex); + void DeleteTestToken() const; + void AllocTestToken() const; }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/nativetoken/BUILD.gn b/interfaces/innerkits/atlib/BUILD.gn similarity index 76% rename from interfaces/innerkits/nativetoken/BUILD.gn rename to interfaces/innerkits/atlib/BUILD.gn index 29099e670..b24aa1ff7 100644 --- a/interfaces/innerkits/nativetoken/BUILD.gn +++ b/interfaces/innerkits/atlib/BUILD.gn @@ -29,27 +29,27 @@ ohos_shared_library("libaccesstoken_lib") { public_configs = [ ":accesstokenlib" ] cflags = [ "-Wall" ] + cflags += [ "-pthread" ] include_dirs = [ "//utils/native/base/include", + "//base/security/access_token/frameworks/common/include", "main/include", "main/src", "//third_party/cJSON", "//third_party/bounds_checking_function/include", - "//base/hiviewdfx/hilog_lite/interfaces/native/kits", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] - sources = [ - "main/src/accesstoken_lib.c", - ] + sources = [ "main/src/accesstoken_lib.c" ] deps = [ - "//utils/native/base:utils", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//third_party/cJSON:cjson_static", + "//utils/native/base:utils", "//utils/native/base:utilsecurec_shared", ] - external_deps = [ - "hiviewdfx_hilog_native:libhilog", - ] + external_deps = [ "hiviewdfx_hilog_native:libhilog" ] } diff --git a/interfaces/innerkits/nativetoken/main/include/accesstoken_lib.h b/interfaces/innerkits/atlib/main/include/accesstoken_lib.h similarity index 79% rename from interfaces/innerkits/nativetoken/main/include/accesstoken_lib.h rename to interfaces/innerkits/atlib/main/include/accesstoken_lib.h index da3744711..e28f4b5e6 100644 --- a/interfaces/innerkits/nativetoken/main/include/accesstoken_lib.h +++ b/interfaces/innerkits/atlib/main/include/accesstoken_lib.h @@ -34,13 +34,18 @@ extern "C" { #define MAX_PROCESS_NAME_LEN 256 #define TOKEN_ID_CFG_PATH "/data/token.json" -#define SOCKET_FILE "/data/token_unix_socket" -#define ERR 1 -#define SUCCESS 0 +#define SOCKET_FILE "/data/system/token_unix_socket.socket" +#define ATRET_FAILED 1 +#define ATRET_SUCCESS 0 #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 #define TRANSFER_KEY_WORDS "NativeTokenInfo" #define MAX_JSON_FILE_LEN 102400 +#define MAX_DCAPS_NUM 32 +#define MAX_DCAP_LEN 1024 +#define MAX_PARAMTER_LEN 128 +#define SYSTEM_PROP_NATIVE_RECEPTOR "rw.nativetoken.receptor.startup" +#define PATH_MAX_LEN 4096 typedef unsigned int NativeAtId; typedef unsigned int NativeAtAttr; @@ -73,8 +78,8 @@ typedef struct TokenQueue { struct TokenQueue *next; } NativeTokenQueue; -#define TOKEN_QUEUE_NODE_INFO_SET(tmp, aplStr, processname, tokenId, exist, dcap, dacpNum) do { \ - (tmp).apl = GetAplLevel((aplStr)); \ +#define TOKEN_QUEUE_NODE_INFO_SET(tmp, apl, processname, tokenId, exist, dcap, dacpNum) do { \ + (tmp).apl = (apl); \ (tmp).processName = (processname); \ (tmp).tokenId = (tokenId); \ (tmp).flag = (exist); \ @@ -82,8 +87,7 @@ typedef struct TokenQueue { (tmp).dcapsNum = (dacpNum); \ } while (0) -extern void *ThreadTransferFunc(const void *args); - +extern char *GetFileBuff(const char *cfg); #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/nativetoken/main/include/accesstoken_log.h b/interfaces/innerkits/atlib/main/include/accesstoken_log.h similarity index 71% rename from interfaces/innerkits/nativetoken/main/include/accesstoken_log.h rename to interfaces/innerkits/atlib/main/include/accesstoken_log.h index cdf5fa761..a0338d25e 100644 --- a/interfaces/innerkits/nativetoken/main/include/accesstoken_log.h +++ b/interfaces/innerkits/atlib/main/include/accesstoken_log.h @@ -38,11 +38,11 @@ /* define LOG_TAG as "security_*" at your submodule, * means your submodule name such as "security_dac" */ #define LOG_TAG "accssToken_" -#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) printf("[%s] debug: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(fmt, ...) printf("[%s] info: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(fmt, ...) printf("[%s] warn: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(fmt, ...) printf("[%s] error: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(fmt, ...) printf("[%s] fatal: %s: " fmt "\n", LOG_TAG, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) printf("[%s] debug: " fmt "\n", LOG_TAG, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) printf("[%s] info: " fmt "\n", LOG_TAG, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) printf("[%s] warn: " fmt "\n", LOG_TAG, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) printf("[%s] error: " fmt "\n", LOG_TAG, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) printf("[%s] fatal: " fmt "\n", LOG_TAG, ##__VA_ARGS__) #endif // HILOG_ENABLE diff --git a/interfaces/innerkits/nativetoken/main/include/accesstokenlib_kit.h b/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h similarity index 100% rename from interfaces/innerkits/nativetoken/main/include/accesstokenlib_kit.h rename to interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h diff --git a/interfaces/innerkits/nativetoken/main/src/accesstoken_lib.c b/interfaces/innerkits/atlib/main/src/accesstoken_lib.c similarity index 41% rename from interfaces/innerkits/nativetoken/main/src/accesstoken_lib.c rename to interfaces/innerkits/atlib/main/src/accesstoken_lib.c index 7a921900e..e227657be 100644 --- a/interfaces/innerkits/nativetoken/main/src/accesstoken_lib.c +++ b/interfaces/innerkits/atlib/main/src/accesstoken_lib.c @@ -12,14 +12,15 @@ * See the License for the specific language governing ACCESSTOKENs and * limitations under the License. */ - #include "accesstoken_lib.h" #include "accesstokenlib_kit.h" +#include "parameter.h" +#include "random.h" NativeTokenQueue *g_tokenQueueHead; NativeTokenList *g_tokenListHead; -int g_isAtmExist; -int g_signalFd; +int32_t g_isAtmExist; +int32_t g_signalFd; static pthread_mutex_t g_tokenQueueHeadLock = PTHREAD_MUTEX_INITIALIZER; char *GetFileBuff(const char *cfg) @@ -27,33 +28,39 @@ char *GetFileBuff(const char *cfg) char *buff = NULL; FILE *cfgFd = NULL; struct stat fileStat; - int fileSize; + int32_t fileSize; if (stat(cfg, &fileStat) != 0) { - ACCESSTOKEN_LOG_ERROR("stat file failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file failed.", __func__); return NULL; } - fileSize = (int)fileStat.st_size; + fileSize = (int32_t)fileStat.st_size; if ((fileSize < 0) || (fileSize > MAX_JSON_FILE_LEN)) { - ACCESSTOKEN_LOG_ERROR("stat file size is invalid."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file size is invalid.", __func__); + return NULL; + } + + char filePath[PATH_MAX_LEN + 1] = {0}; + if (realpath(cfg, filePath) == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:invalid filePath.", __func__); return NULL; } - cfgFd = fopen(cfg, "r"); + cfgFd = fopen(filePath, "r"); if (cfgFd == NULL) { - ACCESSTOKEN_LOG_ERROR("fopen file failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fopen file failed.", __func__); return NULL; } buff = (char *)malloc((size_t)(fileSize + 1)); if (buff == NULL) { - ACCESSTOKEN_LOG_ERROR("memory alloc failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); fclose(cfgFd); return NULL; } if (fread(buff, fileSize, 1, cfgFd) != 1) { - ACCESSTOKEN_LOG_ERROR("fread failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fread failed.", __func__); free(buff); buff = NULL; } else { @@ -64,51 +71,61 @@ char *GetFileBuff(const char *cfg) return buff; } -int GetTokenList(const cJSON *object) +int32_t GetTokenList(const cJSON *object) { + cJSON *cjsonItem = NULL; + int32_t arraySize; + int32_t i; + cJSON *processNameJson = NULL; + cJSON *tokenIdJson = NULL; + NativeTokenList *tmp = NULL; + if (object == NULL) { - return ERR; + return ATRET_FAILED; } - int arraySize = cJSON_GetArraySize(object); - - for (int i = 0; i < arraySize; i++) { - cJSON *cjsonItem = cJSON_GetArrayItem(object, i); - cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, "processName"); - cJSON *tokenIdJson = cJSON_GetObjectItem(cjsonItem, "tokenId"); + arraySize = cJSON_GetArraySize(object); + for (i = 0; i < arraySize; i++) { + cjsonItem = cJSON_GetArrayItem(object, i); + processNameJson = cJSON_GetObjectItem(cjsonItem, "processName"); + tokenIdJson = cJSON_GetObjectItem(cjsonItem, "tokenId"); if (cJSON_IsString(processNameJson) == 0 || (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN)) { - ACCESSTOKEN_LOG_ERROR("processNameJson is invalid."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processNameJson is invalid.", __func__); + return ATRET_FAILED; } if ((cJSON_IsNumber(tokenIdJson) == 0) || (cJSON_GetNumberValue(tokenIdJson) <= 0)) { - ACCESSTOKEN_LOG_ERROR("tokenIdJson is invalid."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenIdJson is invalid.", __func__); + return ATRET_FAILED; } - NativeTokenList *tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); + tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tmp == NULL) { - ACCESSTOKEN_LOG_ERROR("memory alloc failed."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); + return ATRET_FAILED; + } + if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN, processNameJson->valuestring) != EOK) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); + free(tmp); + return ATRET_FAILED; } - (void)strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN, processNameJson->valuestring); tmp->tokenId = tokenIdJson->valueint; tmp->next = g_tokenListHead->next; g_tokenListHead->next = tmp; } - return SUCCESS; + return ATRET_SUCCESS; } -int ParseTokenInfoCfg(const char *filename) +int32_t ParseTokenInfoCfg(const char *filename) { - char *fileBuff; - cJSON *record; - int ret; + char *fileBuff = NULL; + cJSON *record = NULL; + int32_t ret; if (filename == NULL || filename[0] == '\0') { - return ERR; + return ATRET_FAILED; } fileBuff = GetFileBuff(filename); if (fileBuff == NULL) { - return ERR; + return ATRET_FAILED; } record = cJSON_Parse(fileBuff); free(fileBuff); @@ -120,20 +137,21 @@ int ParseTokenInfoCfg(const char *filename) return ret; } -int AtlibInit(void) +int32_t AtlibInit(void) { g_tokenListHead = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (g_tokenListHead == NULL) { - ACCESSTOKEN_LOG_ERROR("g_tokenListHead memory alloc failed."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:g_tokenListHead memory alloc failed.", __func__); + return ATRET_FAILED; } g_tokenListHead->next = NULL; g_tokenQueueHead = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); if (g_tokenQueueHead == NULL) { free(g_tokenListHead); - ACCESSTOKEN_LOG_ERROR("g_tokenQueueHead memory alloc failed."); - return ERR; + g_tokenListHead = NULL; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:g_tokenQueueHead memory alloc failed.", __func__); + return ATRET_FAILED; } g_tokenQueueHead->next = NULL; g_isAtmExist = 0; @@ -141,33 +159,13 @@ int AtlibInit(void) return ParseTokenInfoCfg(TOKEN_ID_CFG_PATH); } -int GetRandomTokenId(unsigned int *randNum) +NativeAtId CreateNativeTokenId(void) { - unsigned int random; - int len; - int fd = open("/dev/urandom", O_RDONLY); - if (fd == -1) { - return ERR; - } - len = read(fd, &random, sizeof(random)); - (void)close(fd); - if (len != sizeof(random)) { - ACCESSTOKEN_LOG_ERROR("read failed."); - return ERR; - } - *randNum = random; - return SUCCESS; -} - -NativeAtId CreateNativeTokenId(const char *processName) -{ - unsigned int rand; + uint32_t rand; NativeAtId tokenId; AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId); - if (GetRandomTokenId(&rand) == ERR) { - return 0; - } + rand = GetRandomUint32(); innerId->reserved = 0; innerId->tokenUniqueId = rand & (0xFFFFFF); @@ -176,28 +174,28 @@ NativeAtId CreateNativeTokenId(const char *processName) return tokenId; } -int TriggerTransfer() +int32_t TriggerTransfer() { - int ret; + int32_t ret; static const uint64_t increment = 1; ret = write(g_signalFd, &increment, sizeof(increment)); if (ret == -1) { - ACCESSTOKEN_LOG_ERROR("TriggerTransfer write failed."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:TriggerTransfer write failed.", __func__); + return ATRET_FAILED; } - return SUCCESS; + return ATRET_SUCCESS; } -int TokenInfoSave(const NativeTokenQueue *node) +int32_t TokenInfoSave(const NativeTokenQueue *node) { if (node->apl == 0) { - return ERR; + return ATRET_FAILED; } NativeTokenQueue *curr; curr = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); if (curr == NULL) { - ACCESSTOKEN_LOG_ERROR("memory alloc failed."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); + return ATRET_FAILED; } curr->apl = node->apl; curr->processName = node->processName; @@ -214,10 +212,10 @@ int TokenInfoSave(const NativeTokenQueue *node) if (g_isAtmExist == 1) { return TriggerTransfer(); } - return SUCCESS; + return ATRET_SUCCESS; } -int GetAplLevel(const char *aplStr) +int32_t GetAplLevel(const char *aplStr) { if (strcmp(aplStr, "system_core") == 0) { return 3; // system_core means apl level is 3 @@ -228,86 +226,46 @@ int GetAplLevel(const char *aplStr) if (strcmp(aplStr, "normal") == 0) { return 1; } + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is invalid.", __func__); return 0; } -uint64_t GetAccessTokenId(const char *processname, const char **dcap, int dacpNum, const char *aplStr) +int32_t SendString(const char *str, int32_t fd) { - NativeAtId tokenId; - NativeTokenList *tokenNode = g_tokenListHead; - NativeTokenQueue tmp; - - int exist = 0; - int ret; - uint64_t result = 0; - NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); - - while (tokenNode != NULL) { - if (strcmp(tokenNode->processName, processname) == 0) { - exist = 1; - tokenId = tokenNode->tokenId; - break; - } - tokenNode = tokenNode->next; - } - - if (exist == 0) { - tokenId = CreateNativeTokenId(processname); - tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); - if (tokenNode == NULL) { - ACCESSTOKEN_LOG_ERROR("memory alloc failed."); - return 0; - } - (void)strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN, processname); - tokenNode->tokenId = tokenId; - tokenNode->next = g_tokenListHead->next; - g_tokenListHead->next = tokenNode; - ACCESSTOKEN_LOG_INFO("tokenNode->tokenId :%d, tokenNode->processName: %s\n", tokenNode->tokenId, tokenNode->processName); - } - - TOKEN_QUEUE_NODE_INFO_SET(tmp, aplStr, processname, tokenId, exist, dcap, dacpNum); - ret = TokenInfoSave(&tmp); - if (ret == 0) { - return result; - } - atPoint->tokenId = tokenId; - atPoint->tokenAttr = 0; - return result; -} - -int SendString(const char *str, int fd) -{ - int writtenSize; - int len = strlen(str); + int32_t writtenSize; + int32_t len = strlen(str); writtenSize = write(fd, str, len); if (len != writtenSize) { - ACCESSTOKEN_LOG_ERROR("SendString write failed."); - return ERR; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SendString write failed.", __func__); + return ATRET_FAILED; } - return SUCCESS; + return ATRET_SUCCESS; } void WriteToFile(const cJSON *root) { - char *jsonStr; + int32_t strLen; + int32_t writtenLen; + + char *jsonStr = NULL; jsonStr = cJSON_PrintUnformatted(root); if (jsonStr == NULL) { - ACCESSTOKEN_LOG_ERROR("cJSON_PrintUnformatted failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_PrintUnformatted failed.", __func__); return; } - ACCESSTOKEN_LOG_INFO("jsonStr %s.\n", jsonStr); do { - int fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + int32_t fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); if (fd < 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:open failed.", __func__); break; } - int strLen = strlen(jsonStr); - int writtenLen = write(fd, (void *)jsonStr, strLen); + strLen = strlen(jsonStr); + writtenLen = write(fd, (void *)jsonStr, strLen); close(fd); if (writtenLen != strLen) { - ACCESSTOKEN_LOG_ERROR("write failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %d.", __func__, writtenLen); break; } } while (0); @@ -316,7 +274,7 @@ void WriteToFile(const cJSON *root) return; } -int ExistNewTokenInfo(const NativeTokenQueue *head) +int32_t ExistNewTokenInfo(const NativeTokenQueue *head) { const NativeTokenQueue *iter = head; while (iter != NULL) { @@ -330,13 +288,13 @@ int ExistNewTokenInfo(const NativeTokenQueue *head) void SaveTokenIdToCfg(const NativeTokenQueue *head) { const NativeTokenQueue *iter = head; - char *fileBuff; - cJSON *record; - int ret; + char *fileBuff = NULL; + cJSON *record = NULL; + int32_t ret; ret = ExistNewTokenInfo(head); if (ret == 0) { - ACCESSTOKEN_LOG_INFO("there is no new info.\n"); + ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:there is no new info.", __func__); return; } fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); @@ -349,17 +307,18 @@ void SaveTokenIdToCfg(const NativeTokenQueue *head) fileBuff = NULL; if (record == NULL) { - ACCESSTOKEN_LOG_ERROR("cJSON_Parse failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_Parse failed.", __func__); return; } while (iter != NULL) { if (iter->flag == 1) { + iter = iter->next; continue; } cJSON *node = cJSON_CreateObject(); if (node == NULL) { - ACCESSTOKEN_LOG_ERROR("cJSON_CreateObject failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateObject failed.", __func__); cJSON_Delete(record); return; } @@ -373,42 +332,109 @@ void SaveTokenIdToCfg(const NativeTokenQueue *head) return; } -char * GetStringToBeSync(NativeTokenQueue *head) +static cJSON *CreateNativeTokenJsonObject(const NativeTokenQueue *curr) { - if (head == NULL) { + cJSON *object = cJSON_CreateObject(); + if (object == NULL) { return NULL; } + cJSON *item = cJSON_CreateString(curr->processName); + if (item == NULL || !cJSON_AddItemToObject(object, "processName", item)) { + cJSON_Delete(item); + return NULL; + } + + item = cJSON_CreateNumber(curr->apl); + if (item == NULL || !cJSON_AddItemToObject(object, "APL", item)) { + cJSON_Delete(item); + return NULL; + } + + item = cJSON_CreateNumber(DEFAULT_AT_VERSION); + if (item == NULL || !cJSON_AddItemToObject(object, "version", item)) { + cJSON_Delete(item); + return NULL; + } + + item = cJSON_CreateNumber(curr->tokenId); + if (item == NULL || !cJSON_AddItemToObject(object, "tokenId", item)) { + cJSON_Delete(item); + return NULL; + } + + item = cJSON_CreateNumber(0); + if (item == NULL || !cJSON_AddItemToObject(object, "tokenAttr", item)) { + cJSON_Delete(item); + return NULL; + } + + cJSON *dcapsArr = cJSON_CreateArray(); + if (dcapsArr == NULL) { + return NULL; + } + for (int32_t i = 0; i < curr->dcapsNum; i++) { + item = cJSON_CreateString(curr->dcaps[i]); + if (item == NULL || !cJSON_AddItemToArray(dcapsArr, item)) { + cJSON_Delete(item); + cJSON_Delete(dcapsArr); + return NULL; + } + } + if (!cJSON_AddItemToObject(object, "dcaps", dcapsArr)) { + cJSON_Delete(dcapsArr); + return NULL; + } + + return object; +} + +static char *GetStrFromJson(const cJSON *root) +{ + char *jsonStr = cJSON_PrintUnformatted(root); + if (jsonStr == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_PrintUnformatted failed.", __func__); + return NULL; + } + + char *str = (char *)malloc(sizeof(char) * (strlen(jsonStr) + 1)); + if (str == NULL) { + cJSON_free(jsonStr); + return NULL; + } + + if (strcpy_s(str, strlen(jsonStr) + 1, jsonStr) != EOK) { + free(str); + str = NULL; + } + cJSON_free(jsonStr); + return str; +} + +static char *GetStringToBeSync(NativeTokenQueue *head) +{ + cJSON *object = NULL; + NativeTokenQueue *node = NULL; cJSON *array = cJSON_CreateArray(); if (array == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateArray failed.", __func__); return NULL; } NativeTokenQueue *curr = head; while (curr != 0) { - cJSON *object = cJSON_CreateObject(); + object = CreateNativeTokenJsonObject(curr); if (object == NULL) { cJSON_Delete(array); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:CreateNativeTokenJsonObject failed.", __func__); return NULL; } - cJSON_AddItemToObject(object, "processName", cJSON_CreateString(curr->processName)); - cJSON_AddItemToObject(object, "APL", cJSON_CreateNumber(curr->apl)); - cJSON_AddItemToObject(object, "version", cJSON_CreateNumber(DEFAULT_AT_VERSION)); - cJSON_AddItemToObject(object, "tokenId", cJSON_CreateNumber(curr->tokenId)); - cJSON_AddItemToObject(object, "tokenAttr", cJSON_CreateNumber(0)); - - cJSON *dcapsArr = cJSON_CreateArray(); - if (dcapsArr == NULL) { + if (!cJSON_AddItemToArray(array, object)) { + cJSON_Delete(object); cJSON_Delete(array); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_AddItemToArray failed.", __func__); return NULL; } - for (int i = 0; i < curr->dcapsNum; i++) { - cJSON_AddItemToArray(dcapsArr, cJSON_CreateString(curr->dcaps[i])); - } - cJSON_AddItemToObject(object, "dcaps", dcapsArr); - cJSON_AddItemToArray(array, object); - - NativeTokenQueue *node; node = curr; curr = curr->next; free(node); @@ -418,97 +444,209 @@ char * GetStringToBeSync(NativeTokenQueue *head) cJSON *root = cJSON_CreateObject(); if (root == NULL) { cJSON_Delete(array); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateObject failed.", __func__); return NULL; } - cJSON_AddItemToObject(root, TRANSFER_KEY_WORDS, array); - - char *jsonStr = cJSON_PrintUnformatted(root); - if (jsonStr == NULL) { - cJSON_Delete(root); - return NULL; - } - - char *str = (char *)malloc(sizeof(char) * (strlen(jsonStr) + 1)); - if (str == NULL) { - cJSON_free(jsonStr); + if (!cJSON_AddItemToObject(root, TRANSFER_KEY_WORDS, array)) { cJSON_Delete(root); + cJSON_Delete(array); return NULL; } - - (void)strcpy_s(str, strlen(jsonStr) + 1, jsonStr); - cJSON_free(jsonStr); + char *str = GetStrFromJson(root); cJSON_Delete(root); return str; } -int SyncToAtm(void) +static int32_t SyncToAtm(void) { - int result; + int32_t result; struct sockaddr_un addr; - int fd; - char *str; + int32_t fd = -1; + char *str = NULL; - /* get data to be processed */ pthread_mutex_lock(&g_tokenQueueHeadLock); NativeTokenQueue *begin = g_tokenQueueHead->next; g_tokenQueueHead->next = NULL; pthread_mutex_unlock(&g_tokenQueueHeadLock); - /* update the token file */ + if (begin == NULL) { + ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:noting to be sent.", __func__); + return ATRET_SUCCESS; + } + SaveTokenIdToCfg(begin); str = GetStringToBeSync(begin); if (str == NULL) { - return SUCCESS; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:str is null.", __func__); + return ATRET_FAILED; } - /* set socket */ - fd = socket(AF_UNIX, SOCK_STREAM, 0); - (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); - addr.sun_family = AF_UNIX; - if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { - ACCESSTOKEN_LOG_ERROR("memcpy_s failed."); - return ERR; - } - result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); // 建立socket后默认connect()函数为阻塞连接状态 - if (result != 0) { - ACCESSTOKEN_LOG_ERROR("connect failed %d.", result); - return ERR; - } + do { + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) { + result = ATRET_FAILED; + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:socket failed.", __func__); + break; + } + (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strncpy_s failed.", __func__); + close(fd); + result = ATRET_FAILED; + break; + } + result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); + if (result != 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:connect failed. errno %d", __func__, errno); + close(fd); + result = ATRET_FAILED; + break; + } + ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:str is to be sent %s.", __func__, str); + result = SendString(str, fd); + close(fd); + } while (0); - result = SendString(str, fd); free(str); - close(fd); return result; } void *ThreadTransferFunc(const void *args) { + int32_t ret; uint64_t result; - /* - getpram - */ + /* getpram */ + while (1) { + char buffer[MAX_PARAMTER_LEN] = {0}; + ret = GetParameter(SYSTEM_PROP_NATIVE_RECEPTOR, "false", buffer, MAX_PARAMTER_LEN - 1); + if (ret > 0 && !strncmp(buffer, "true", strlen("true"))) { + break; + } + ACCESSTOKEN_LOG_INFO("[ATLIB-%s]: %s get failed.", __func__, SYSTEM_PROP_NATIVE_RECEPTOR); + sleep(1); + } g_signalFd = eventfd(0, 0); if (g_signalFd == -1) { - ACCESSTOKEN_LOG_ERROR("eventfd failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:eventfd failed.", __func__); return NULL; } g_isAtmExist = 1; + while (1) { - int ret; ret = read(g_signalFd, &result, sizeof(uint64_t)); if (ret == -1) { - ACCESSTOKEN_LOG_ERROR("read failed."); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:read failed.", __func__); continue; } + ret = SyncToAtm(); - if (ret == -1) { - ACCESSTOKEN_LOG_ERROR("SyncToAtm failed."); + if (ret != ATRET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SyncToAtm failed.", __func__); } } return NULL; } + +int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) +{ + if ((processname == NULL) || strlen(processname) > MAX_PROCESS_NAME_LEN + || strlen(processname) == 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processname is invalid.", __func__); + return ATRET_FAILED; + } + + if ((dcaps == NULL) || dacpNum > MAX_DCAPS_NUM || dacpNum < 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps is null or dacpNum is invalid.", __func__); + return ATRET_FAILED; + } + for (int i = 0; i < dacpNum; i++) { + if (strlen(dcaps[i]) > MAX_DCAP_LEN) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcap length is invalid.", __func__); + return ATRET_FAILED; + } + } + + if (aplStr == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is null.", __func__); + return ATRET_FAILED; + } + return ATRET_SUCCESS; +} + +static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *tokenId) +{ + NativeTokenList *tokenNode; + NativeAtId id; + id = CreateNativeTokenId(); + tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); + if (tokenNode == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); + return ATRET_FAILED; + } + if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN, processname) != EOK) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); + free(tokenNode); + return ATRET_FAILED; + } + tokenNode->tokenId = id; + tokenNode->next = g_tokenListHead->next; + g_tokenListHead->next = tokenNode; + + *tokenId = id; + return ATRET_SUCCESS; +} + +uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) +{ + NativeAtId tokenId; + NativeTokenList *tokenNode = g_tokenListHead; + NativeTokenQueue tmp = {0}; + pthread_t tid; + int32_t exist = 0; + uint64_t result = 0; + NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); + + int32_t ret = CheckProcessInfo(processname, dcaps, dacpNum, aplStr); + if (ret != ATRET_SUCCESS) { + return 0; + } + int32_t apl = GetAplLevel(aplStr); + if (apl == 0) { + return 0; + } + + if (strcmp("foundation", processname) == 0) { + (void)pthread_create(&tid, 0, (void*)ThreadTransferFunc, NULL); + } + + while (tokenNode != NULL) { + if (strcmp(tokenNode->processName, processname) == 0) { + exist = 1; + tokenId = tokenNode->tokenId; + break; + } + tokenNode = tokenNode->next; + } + + if (tokenNode == NULL) { + ret = AddNewNativeTokenToList(processname, &tokenId); + if (ret != ATRET_SUCCESS) { + return 0; + } + } + + TOKEN_QUEUE_NODE_INFO_SET(tmp, apl, processname, tokenId, exist, dcaps, dacpNum); + ret = TokenInfoSave(&tmp); + if (ret != 0) { + return result; + } + atPoint->tokenId = tokenId; + atPoint->tokenAttr = 0; + return result; +} diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/atlib/test/BUILD.gn similarity index 89% rename from interfaces/innerkits/nativetoken/test/BUILD.gn rename to interfaces/innerkits/atlib/test/BUILD.gn index 913506e79..0ec2f8404 100644 --- a/interfaces/innerkits/nativetoken/test/BUILD.gn +++ b/interfaces/innerkits/atlib/test/BUILD.gn @@ -22,19 +22,20 @@ ohos_unittest("libaccesstoken_lib_test") { "//utils/native/base/include", "//third_party/cJSON", "//third_party/bounds_checking_function/include", - "//base/security/access_token/interfaces/innerkits/atlib/main/include" + "//base/security/access_token/interfaces/innerkits/atlib/main/include", ] sources = [ "unittest/cpp/src/accesstokenlib_kit_test.cpp" ] - cflags_cc = ["-fexceptions" ] - ldflags = ["-lpthread",] + cflags_cc = [ "-fexceptions" ] + cflags_cc += [ "-pthread" ] + deps = [ + "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", + "//third_party/bounds_checking_function:libsec_static", "//third_party/cJSON:cjson_static", - "//utils/native/base:utils", "//third_party/googletest:gmock", "//third_party/googletest:gtest", - "//third_party/libuv:uv_static", - "//third_party/bounds_checking_function:libsec_static", + "//utils/native/base:utils", ] } diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp new file mode 100644 index 000000000..be80fe735 --- /dev/null +++ b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp @@ -0,0 +1,353 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstokenlib_kit_test.h" +#include +#include "accesstoken_lib.h" +#include "accesstokenlib_kit.h" + +using namespace testing::ext; +using namespace OHOS::Security; + +extern NativeTokenQueue *g_tokenQueueHead; +extern NativeTokenList *g_tokenListHead; +extern char *GetFileBuff(const char *cfg); +namespace { +static NativeTokenQueue g_readRes; +static string g_jsonStr = "[" + "{\"processName\":\"asdf\", \"tokenId\":15}," + "{\"processName\":\"GetAccessTokenId008\", \"tokenId\":16}," + "{\"processName\":\"GetAccessTokenId009\", \"tokenId\":17}" + "]"; +} +void TokenLibKitTest::SetUpTestCase() +{} + +void TokenLibKitTest::TearDownTestCase() +{} + +void TokenLibKitTest::SetUp() +{ + AtlibInit(); + ResetFile(); + g_readRes.next = nullptr; +} + +void TokenLibKitTest::TearDown() +{ + while (g_tokenQueueHead->next != nullptr) { + NativeTokenQueue *tmp = g_tokenQueueHead->next; + g_tokenQueueHead->next = tmp->next; + free(tmp); + tmp = nullptr; + } + while (g_tokenListHead->next != nullptr) { + NativeTokenList *tmp = g_tokenListHead->next; + g_tokenListHead->next = tmp->next; + free(tmp); + tmp = nullptr; + } + while (g_readRes.next != nullptr) { + NativeTokenQueue *tmp = g_readRes.next; + g_readRes.next = tmp->next; + free(tmp); + tmp = nullptr; + } +} + +void TokenLibKitTest::ResetFile(void) +{ + int32_t fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + if (fd < 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:open failed.", __func__); + return; + } + int32_t strLen = strlen(g_jsonStr.c_str()); + int32_t writtenLen = write(fd, (void *)g_jsonStr.c_str(), strLen); + close(fd); + if (writtenLen != strLen) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %d.", __func__, writtenLen); + } +} + +void TokenLibKitTest::PthreadCloseTrigger(void) +{ + struct sockaddr_un addr; + int32_t fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:socket failed.", __func__); + return; + } + (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strncpy_s failed.", __func__); + close(fd); + return; + } + int result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); + if (result != 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:connect failed.", __func__); + close(fd); + return; + } + int32_t writtenSize = write(fd, "over", 4); + if (writtenSize != 4) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SendString write failed.", __func__); + } + close(fd); + return; +} + + +int Start(const char *processName) +{ + const char *processname = processName; + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId(processname, dcaps, dcapNum, "system_core"); + return tokenId; +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId("", dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); + tokenId = GetAccessTokenId(nullptr, dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); + const std::string invalidProcName (257, 'x'); + tokenId = GetAccessTokenId(invalidProcName.c_str(), dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = -1; + uint64_t tokenId; + tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); + + dcapNum = 1025; + tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId("GetAccessTokenId003", nullptr, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); + + const std::string invalidDcaps (1025, 'x'); + dcaps[0] = invalidDcaps.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, "system_core"); + ASSERT_EQ(tokenId, 0); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP"; + dcaps[1] = "ST_CAP"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, nullptr); + ASSERT_EQ(tokenId, 0); + + tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, "system_invalid"); + ASSERT_EQ(tokenId, 0); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) +{ + uint64_t tokenId01 = Start("GetAccessTokenId005"); + ASSERT_NE(tokenId01, 0); + uint64_t tokenId02 = Start("GetAccessTokenId005"); + ASSERT_NE(tokenId02, 0); + + ASSERT_EQ(tokenId01, tokenId02); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) +{ + uint64_t tokenID; + NativeAtIdEx *tokenIdEx = (NativeAtIdEx *)(&tokenID); + tokenID = Start("GetAccessTokenId007"); + + int ret = strcmp("GetAccessTokenId007", g_tokenListHead->next->processName); + ASSERT_EQ(ret, 0); + ASSERT_EQ(tokenIdEx->tokenId, g_tokenListHead->next->tokenId); + + ret = strcmp("GetAccessTokenId007", g_tokenQueueHead->next->processName); + ASSERT_EQ(ret, 0); + ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); + + char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + string s = "GetAccessTokenId007"; + char *pos = strstr(fileBuff, s.c_str()); + ASSERT_EQ(pos, nullptr); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) +{ + uint64_t tokenID; + NativeAtIdEx *tokenIdEx = (NativeAtIdEx *)(&tokenID); + tokenID = Start("GetAccessTokenId008"); + + string s = "GetAccessTokenId008"; + int ret = strcmp(s.c_str(), g_tokenQueueHead->next->processName); + ASSERT_EQ(ret, 0); + ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) +{ + char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId009"); + ASSERT_NE(posMatch, nullptr); + free(fileBuffBefore); + + uint64_t tokenIdFoundation = Start("foundation"); + ASSERT_NE(tokenIdFoundation, 0); + sleep(DELAY_ONE_SECONDS); + uint64_t tokenID009 = Start("GetAccessTokenId009"); + ASSERT_NE(tokenID009, 0); + + tokenID009 = Start("GetAccessTokenId009_01"); + ASSERT_NE(tokenID009, 0); + + tokenID009 = Start("GetAccessTokenId009_02"); + ASSERT_NE(tokenID009, 0); + + sleep(DELAY_ONE_SECONDS); + char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *pos = strstr(fileBuff, "GetAccessTokenId009"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "GetAccessTokenId009_01"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "GetAccessTokenId009_02"); + ASSERT_NE(pos, nullptr); + free(fileBuff); + PthreadCloseTrigger(); +} + +HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) +{ + char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId010"); + ASSERT_EQ(posMatch, nullptr); + free(fileBuffBefore); + + uint64_t tokenIdFoundation = Start("foundation"); + ASSERT_NE(tokenIdFoundation, 0); + sleep(DELAY_ONE_SECONDS); + uint64_t tokenID010 = Start("GetAccessTokenId010"); + ASSERT_NE(tokenID010, 0); + + sleep(DELAY_ONE_SECONDS); + char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *pos = strstr(fileBuff, "GetAccessTokenId010"); + ASSERT_NE(pos, nullptr); + free(fileBuff); + + PthreadCloseTrigger(); +} + + HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +{ + Start("process1"); + Start("process2"); + Start("process3"); + Start("process4"); + Start("process5"); + sleep(5); + + Start("foundation"); + Start("process6"); + Start("process7"); + Start("process8"); + Start("process9"); + Start("process10"); + sleep(5); + Start("process15"); + Start("process16"); + sleep(5); + Start("process17"); + sleep(5); + Start("process18"); + sleep(5); + Start("process19"); + sleep(5); + char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *pos = strstr(fileBuff, "process1"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process2"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process3"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process4"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process5"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process6"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process7"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process8"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "process9"); + ASSERT_NE(pos, nullptr); + pos = strstr(fileBuff, "foundation"); + ASSERT_NE(pos, nullptr); + free(fileBuff); + PthreadCloseTrigger(); +} + + HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) +{ + sleep(5); + Start("process1"); + Start("process2"); + Start("process3"); + Start("process4"); + Start("process5"); + sleep(5); + Start("foundation"); + Start("process6"); + sleep(5); + Start("process11"); + Start("process12"); + Start("process13"); + Start("process15"); + Start("process16"); + Start("process17"); + sleep(1); + PthreadCloseTrigger(); +} diff --git a/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.h b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h similarity index 84% rename from interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.h rename to interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h index f03660d8c..8aa651750 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.h +++ b/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h @@ -20,9 +20,11 @@ namespace OHOS { namespace Security { +static const int BUFF_LEN = 102400; +static const int DELAY_ONE_SECONDS = 5; +static const int DELAY_FIVE_SECONDS = 10; class TokenLibKitTest : public testing::Test { public: - static char buffer[102400]; static void SetUpTestCase(); static void TearDownTestCase(); @@ -30,6 +32,8 @@ public: void SetUp(); void TearDown(); + void ResetFile(void); + void PthreadCloseTrigger(void); }; } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp deleted file mode 100644 index 04a1e5ffb..000000000 --- a/interfaces/innerkits/nativetoken/test/unittest/cpp/src/accesstokenlib_kit_test.cpp +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "accesstokenlib_kit_test.h" - -#include "accesstokenlib_kit.h" -#include "accesstoken_lib.h" - -using namespace testing::ext; -using namespace OHOS::Security; - -void TokenLibKitTest::SetUpTestCase() -{} - -void TokenLibKitTest::TearDownTestCase() -{} - -void TokenLibKitTest::SetUp() -{} - -void TokenLibKitTest::TearDown() -{} - -extern char *GetFileBuff(const char *cfg); - -void * ThreadATMFuncBackUp(void *args) -{ - socklen_t len = sizeof(struct sockaddr_un); - struct sockaddr_un addr; - struct sockaddr_un clientAddr; - int listenFd, ret; - int readLen; - - /* set socket */ - (void)memset_s(&addr, sizeof(addr), 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { - return NULL; - } - unlink(SOCKET_FILE); - listenFd = socket(AF_UNIX, SOCK_STREAM, 0); - if (listenFd < 0) { - ACCESSTOKEN_LOG_INFO("socket failed %d\n", listenFd); - return NULL; - } - - ::bind(listenFd, (struct sockaddr *)(&addr), (unsigned int)len); - - ret = listen(listenFd, 1); - if (ret < 0) { - ACCESSTOKEN_LOG_INFO("listenFd failed %d\n", errno); - remove(SOCKET_FILE); - close(listenFd); - return NULL; - } - while (1) { - int sockFd = accept(listenFd, (struct sockaddr *)(&clientAddr), &len); - ACCESSTOKEN_LOG_INFO("accept sockFd %d\n", sockFd); - do { - readLen = read(sockFd, OHOS::Security::TokenLibKitTest::buffer, 102400); - OHOS::Security::TokenLibKitTest::buffer[readLen] = '\0'; - ACCESSTOKEN_LOG_INFO("read :%s\n", OHOS::Security::TokenLibKitTest::buffer); - } while (readLen > 0); - - close(sockFd); - if (readLen < 0) { - break; - } - } - close(listenFd); - return NULL; -} - -int Start(const char *processName) -{ - const char *processname = processName; - const char **dcaps = (const char **)malloc(sizeof(char *) * 2); - dcaps[0] = "AT_CAP"; - dcaps[1] = "ST_CAP"; - int dcapNum = 2; - pthread_t tid[2]; - (void)GetAccessTokenId(processname, dcaps, dcapNum, "system_core"); - - if (strcmp("foundation", processname) == 0) { - (void)pthread_create(&tid[0], 0, ThreadTransferFunc, NULL); - } - return 0; -} - -HWTEST_F(TokenLibKitTest, TestAtlib, TestSize.Level1) -{ - pthread_t tid[2]; - - AtlibInit(); - (void)pthread_create(&tid[1], 0, ThreadATMFuncBackUp, NULL); - sleep(5); - Start("process1"); - Start("process2"); - Start("process3"); - Start("process4"); - sleep(5); - Start("foundation"); - Start("process5"); - Start("process6"); - sleep(20); - Start("process7"); - Start("process8"); - Start("process9"); - sleep(50); - -} diff --git a/interfaces/innerkits/token_setproc/BUILD.gn b/interfaces/innerkits/token_setproc/BUILD.gn index 74e429ff1..1cdcc6f30 100644 --- a/interfaces/innerkits/token_setproc/BUILD.gn +++ b/interfaces/innerkits/token_setproc/BUILD.gn @@ -24,7 +24,6 @@ config("token_setproc") { ohos_static_library("libtoken_setproc") { subsystem_name = "security" part_name = "access_token" - output_name = "libtoken_setproc" public_configs = [ ":token_setproc" ] diff --git a/interfaces/innerkits/token_setproc/include/token_setproc.h b/interfaces/innerkits/token_setproc/include/token_setproc.h index 2a6b47574..81c75d92a 100644 --- a/interfaces/innerkits/token_setproc/include/token_setproc.h +++ b/interfaces/innerkits/token_setproc/include/token_setproc.h @@ -1,37 +1,36 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef TOKEN_setproc_H -#define TOKEN_setproc_H -#include - -#ifdef __cplusplus -extern "C" { -#endif - -uint64_t GetSelfTokenID(void); - -int SetSelfTokenID(uint64_t tokenID); - -uint64_t GetFirstCallerTokenID(void); - -int SetFirstCallerTokenID(uint64_t tokenID); - -#ifdef __cplusplus -} -#endif - -#endif \ No newline at end of file +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKEN_SETPROC_H +#define TOKEN_SETPROC_H +#include + +#ifdef __cplusplus +extern "C" { +#endif + +uint64_t GetSelfTokenID(); + +int SetSelfTokenID(uint64_t tokenID); + +uint64_t GetFirstCallerTokenID(); + +int SetFirstCallerTokenID(uint64_t tokenID); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/interfaces/innerkits/token_setproc/src/token_setproc.c b/interfaces/innerkits/token_setproc/src/token_setproc.c index 8a793c25d..b2d09dbef 100644 --- a/interfaces/innerkits/token_setproc/src/token_setproc.c +++ b/interfaces/innerkits/token_setproc/src/token_setproc.c @@ -1,114 +1,116 @@ -/* - * Copyright (C) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "token_setproc.h" -#include -#include -#include -#include -#include - -#define ACCESS_TOKEN_ID_IOCTL_BASE 'A' - -enum { - GET_TOKEN_ID = 1, - SET_TOKEN_ID, - GET_FTOKEN_ID, - SET_FTOKEN_ID, - ACCESS_TOKENID_MAX_NR, -}; - -#define ACCESS_TOKENID_GET_TOKENID \ - _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_TOKEN_ID, unsigned long long) -#define ACCESS_TOKENID_SET_TOKENID \ - _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_TOKEN_ID, unsigned long long) -#define ACCESS_TOKENID_GET_FTOKENID \ - _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_FTOKEN_ID, unsigned long long) -#define ACCESS_TOKENID_SET_FTOKENID \ - _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_FTOKEN_ID, unsigned long long) - -#define ACCESS_TOKEN_OK 0 -#define ACCESS_TOKEN_ERROR (-1) - -#define INVAL_TOKEN_ID 0x0 -#define TOKEN_ID_LOWMASK 0xffffffff - -#define TOKENID_DEVNODE "/dev/access_token_id" - -uint64_t GetSelfTokenID(void) -{ - uint64_t token = INVAL_TOKEN_ID; - int fd = open(TOKENID_DEVNODE, O_RDWR); - if (fd < 0) { - return INVAL_TOKEN_ID; - } - int ret =ioctl(fd, ACCESS_TOKENID_GET_TOKENID, &token); - if (ret) { - close(fd); - return INVAL_TOKEN_ID; - } - - close(fd); - return token; -} - -int SetSelfTokenID(uint64_t tokenID) -{ - int fd = open(TOKENID_DEVNODE, O_RDWR); - if (fd < 0) { - return ACCESS_TOKEN_ERROR; - } - int ret = ioctl(fd, ACCESS_TOKENID_SET_TOKENID, &tokenID); - if (ret) { - close(fd); - return ACCESS_TOKEN_ERROR; - } - - close(fd); - return ACCESS_TOKEN_OK; -} - -uint64_t GetFirstCallerTokenID(void) -{ - uint64_t token = INVAL_TOKEN_ID; - int fd = open(TOKENID_DEVNODE, O_RDWR); - if (fd < 0) { - return INVAL_TOKEN_ID; - } - int ret = ioctl(fd, ACCESS_TOKENID_GET_FTOKENID, &token); - if (ret) { - close(fd); - return INVAL_TOKEN_ID; - } - - close(fd); - return token; -} - -int SetFirstCallerTokenID(uint64_t tokenID) -{ - int fd = open(TOKENID_DEVNODE, O_RDWR); - if (fd < 0) { - return ACCESS_TOKEN_ERROR; - } - int ret = ioctl(fd, ACCESS_TOKENID_SET_FTOKENID, &tokenID); - if (ret) { - close(fd); - return ACCESS_TOKEN_ERROR; - } - - close(fd); - return ACCESS_TOKEN_OK; -} \ No newline at end of file +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_setproc.h" + +#include +#include +#include +#include +#include + +#define ACCESS_TOKEN_ID_IOCTL_BASE 'A' + +enum { + GET_TOKEN_ID = 1, + SET_TOKEN_ID, + GET_FTOKEN_ID, + SET_FTOKEN_ID, + ACCESS_TOKENID_MAX_NR, +}; + +#define ACCESS_TOKENID_GET_TOKENID \ + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_TOKEN_ID, unsigned long long) +#define ACCESS_TOKENID_SET_TOKENID \ + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_TOKEN_ID, unsigned long long) +#define ACCESS_TOKENID_GET_FTOKENID \ + _IOR(ACCESS_TOKEN_ID_IOCTL_BASE, GET_FTOKEN_ID, unsigned long long) +#define ACCESS_TOKENID_SET_FTOKENID \ + _IOW(ACCESS_TOKEN_ID_IOCTL_BASE, SET_FTOKEN_ID, unsigned long long) + +#define ACCESS_TOKEN_OK 0 +#define ACCESS_TOKEN_ERROR (-1) + +#define INVAL_TOKEN_ID 0x0 +#define TOKEN_ID_LOWMASK 0xffffffff + +#define TOKENID_DEVNODE "/dev/access_token_id" + +uint64_t GetSelfTokenID() +{ + uint64_t token = INVAL_TOKEN_ID; + int fd = open(TOKENID_DEVNODE, O_RDWR); + if (fd < 0) { + return INVAL_TOKEN_ID; + } + int ret = ioctl(fd, ACCESS_TOKENID_GET_TOKENID, &token); + if (ret) { + close(fd); + return INVAL_TOKEN_ID; + } + + close(fd); + return token; +} + +int SetSelfTokenID(uint64_t tokenID) +{ + int fd = open(TOKENID_DEVNODE, O_RDWR); + if (fd < 0) { + return ACCESS_TOKEN_ERROR; + } + int ret = ioctl(fd, ACCESS_TOKENID_SET_TOKENID, &tokenID); + if (ret) { + close(fd); + return ACCESS_TOKEN_ERROR; + } + + close(fd); + return ACCESS_TOKEN_OK; +} + +uint64_t GetFirstCallerTokenID() +{ + uint64_t token = INVAL_TOKEN_ID; + int fd = open(TOKENID_DEVNODE, O_RDWR); + if (fd < 0) { + return INVAL_TOKEN_ID; + } + int ret = ioctl(fd, ACCESS_TOKENID_GET_FTOKENID, &token); + if (ret) { + close(fd); + return INVAL_TOKEN_ID; + } + + close(fd); + return token; +} + + +int SetFirstCallerTokenID(uint64_t tokenID) +{ + int fd = open(TOKENID_DEVNODE, O_RDWR); + if (fd < 0) { + return ACCESS_TOKEN_ERROR; + } + int ret = ioctl(fd, ACCESS_TOKENID_SET_FTOKENID, &tokenID); + if (ret) { + close(fd); + return ACCESS_TOKEN_ERROR; + } + + close(fd); + return ACCESS_TOKEN_OK; +} diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn index 14c1dbf80..ce6cf8dd1 100644 --- a/interfaces/innerkits/token_setproc/test/BUILD.gn +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -23,7 +23,6 @@ ohos_unittest("libtoken_setproc_test") { ] sources = [ "unittest/cpp/src/tokensetproc_kit_test.cpp" ] - cflags_cc = [ "-fexceptions" ] deps = [ diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp index 4463b0954..5fe3f833c 100644 --- a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp +++ b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp @@ -1,33 +1,33 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "tokensetproc_kit_test.h" - -#include "token_setproc.h" - -using namespace testing::ext; -using namespace OHOS::Security; - -void TokensetprocKitTest::SetUpTestCase() -{} - -void TokensetprocKitTest::TearDownTestCase() -{} - -void TokensetprocKitTest::SetUp() -{} - -void TokensetprocKitTest::TearDown() +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tokensetproc_kit_test.h" + +#include "token_setproc.h" + +using namespace testing::ext; +using namespace OHOS::Security; + +void TokensetprocKitTest::SetUpTestCase() +{} + +void TokensetprocKitTest::TearDownTestCase() +{} + +void TokensetprocKitTest::SetUp() +{} + +void TokensetprocKitTest::TearDown() {} \ No newline at end of file diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h index c215f7a96..29bef17d2 100644 --- a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h +++ b/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h @@ -1,35 +1,35 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TOKENSYNC_KIT_TEST_H -#define TOKENSYNC_KIT_TEST_H - -#include - -namespace OHOS { -namespace Security { -class TokensetprocKitTest : public testing::Test { -public: - static void SetUpTestCase(); - - static void TearDownTestCase(); - - void SetUp(); - - void TearDown(); -}; -} // namespace Security -} // namespace OHOS -#endif \ No newline at end of file +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKENSYNC_KIT_TEST_H +#define TOKENSYNC_KIT_TEST_H + +#include + +namespace OHOS { +namespace Security { +class TokensetprocKitTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); + + void SetUp(); + + void TearDown(); +}; +} // namespace Security +} // namespace OHOS +#endif diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn new file mode 100644 index 000000000..d385180a6 --- /dev/null +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -0,0 +1,66 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +group("napi_packages") { + deps = [ "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl" ] +} + +ohos_shared_library("libabilityaccessctrl") { + include_dirs = [ + "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler/include", + "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include", + "//foundation/ace/napi/interfaces/kits", + "//third_party/json/single_include", + "//third_party/node/src", + "//utils/system/safwk/native/include", + "//foundation/communication/dsoftbus/interfaces/kits/transport", + "//foundation/communication/dsoftbus/interfaces/kits/common", + "//foundation/communication/dsoftbus/interfaces/kits/bus_center", + "//third_party/json/include", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base/include", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core/include/bundlemgr", + "//foundation/aafwk/standard/interfaces/innerkits/ability_manager/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/kits/accesstoken/napi/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + ] + + sources = [ "//base/security/access_token/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp" ] + + deps = [ + "//base/notification/ans_standard/frameworks/ans/core:ans_core", + "//base/notification/ans_standard/frameworks/wantagent:wantagent_innerkits", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", + "//foundation/aafwk/standard/interfaces/innerkits/base:base", + "//foundation/ace/napi:ace_napi", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base:appexecfwk_base", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core:appexecfwk_core", + "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler:libeventhandler", + "//foundation/distributedschedule/safwk/interfaces/innerkits/safwk:system_ability_fwk", + "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy:samgr_proxy", + "//utils/native/base:utils", + ] + cflags_cc = [ "-DHILOG_ENABLE" ] + external_deps = [ + "aafwk_standard:want", + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + ] + + relative_install_dir = "module" + subsystem_name = "security" + part_name = "access_token" +} diff --git a/interfaces/kits/accesstoken/napi/include/napi_atmanager.h b/interfaces/kits/accesstoken/napi/include/napi_atmanager.h new file mode 100644 index 000000000..3fee43806 --- /dev/null +++ b/interfaces/kits/accesstoken/napi/include/napi_atmanager.h @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef NAPI_ATMANAGER_H_ +#define NAPI_ATMANAGER_H_ + +#include +#include +#include +#include + +#include "napi/native_api.h" +#include "napi/native_node_api.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define ASYN_THREAD_EXEC_SUCC 0 +#define ASYN_THREAD_EXEC_FAIL -1 +#define ACCESSTOKEN_PERMISSION_GRANT_FAIL -1 +#define ACCESSTOKEN_PERMISSION_GRANT_SUCC 0 +#define ACCESSTOKEN_PERMISSION_REVOKE_FAIL -1 +#define ACCESSTOKEN_PERMISSION_REVOKE_SUCC 0 +#define VALUE_BUFFER_SIZE 128 + +const std::string ATMANAGER_CLASS_NAME = "atManager"; + +struct AtManagerAsyncContext { + napi_env env = nullptr; + uint32_t tokenId = 0; + char permissionName[ VALUE_BUFFER_SIZE ] = { 0 }; + size_t pNameLen = 0; + int flag = 0; + int result = 0; // callback or promise return result + int status = ASYN_THREAD_EXEC_FAIL; // napi_create_async_work-execute function exec result, default failure + + napi_deferred deferred = nullptr; // promise handle + napi_ref callbackRef = nullptr; // callback handle + napi_async_work work = nullptr; // work handle +}; + +class NapiAtManager { +public: + static napi_value Init(napi_env env, napi_value exports); + +private: + static napi_value JsConstructor(napi_env env, napi_callback_info cbinfo); + static napi_value CreateAtManager(napi_env env, napi_callback_info cbInfo); + static napi_value VerifyAccessToken(napi_env env, napi_callback_info info); + static napi_value GrantUserGrantedPermission(napi_env env, napi_callback_info info); + static napi_value RevokeUserGrantedPermission(napi_env env, napi_callback_info info); + static napi_value GetPermissionFlags(napi_env env, napi_callback_info info); + + static void ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info, + AtManagerAsyncContext& asyncContext); + static void VerifyAccessTokenExecute(napi_env env, void *data); + static void VerifyAccessTokenComplete(napi_env env, napi_status status, void *data); + static void ParseInputGrantOrRevokePermission(const napi_env env, const napi_callback_info info, + AtManagerAsyncContext& asyncContext); + static void GrantUserGrantedPermissionExcute(napi_env env, void *data); + static void GrantUserGrantedPermissionComplete(napi_env env, napi_status status, void *data); + static void RevokeUserGrantedPermissionExcute(napi_env env, void *data); + static void RevokeUserGrantedPermissionComplete(napi_env env, napi_status status, void *data); + static void GetPermissionFlagsExcute(napi_env env, void *data); + static void GetPermissionFlagsComplete(napi_env env, napi_status status, void *data); + + static napi_ref constructorRef_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +/* + * function for module exports + */ +static napi_value Init(napi_env env, napi_value exports); + +#endif /* NAPI_ATMANAGER_H_ */ diff --git a/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp new file mode 100644 index 000000000..02dd841c4 --- /dev/null +++ b/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp @@ -0,0 +1,589 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "napi_atmanager.h" + +#include +#include +#include +#include + +#include "accesstoken_kit.h" +#include "accesstoken_log.h" +#include "napi/native_api.h" +#include "napi/native_node_api.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenAbilityAccessCtrl" +}; +} // namespace + +napi_ref NapiAtManager::constructorRef_; + +napi_value NapiAtManager::Init(napi_env env, napi_value exports) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "enter init."); + + napi_property_descriptor descriptor[] = { DECLARE_NAPI_FUNCTION("createAtManager", CreateAtManager) }; + + NAPI_CALL(env, napi_define_properties(env, + exports, sizeof(descriptor) / sizeof(napi_property_descriptor), descriptor)); + + napi_property_descriptor properties[] = { + DECLARE_NAPI_FUNCTION("verifyAccessToken", VerifyAccessToken), + DECLARE_NAPI_FUNCTION("grantUserGrantedPermission", GrantUserGrantedPermission), + DECLARE_NAPI_FUNCTION("revokeUserGrantedPermission", RevokeUserGrantedPermission), + DECLARE_NAPI_FUNCTION("getPermissionFlags", GetPermissionFlags) + }; + + napi_value cons = nullptr; + NAPI_CALL(env, napi_define_class(env, ATMANAGER_CLASS_NAME.c_str(), ATMANAGER_CLASS_NAME.size(), + JsConstructor, nullptr, sizeof(properties) / sizeof(napi_property_descriptor), properties, &cons)); + + NAPI_CALL(env, napi_create_reference(env, cons, 1, &constructorRef_)); + NAPI_CALL(env, napi_set_named_property(env, exports, ATMANAGER_CLASS_NAME.c_str(), cons)); + + return exports; +} + +napi_value NapiAtManager::JsConstructor(napi_env env, napi_callback_info cbinfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "enter JsConstructor"); + + napi_value thisVar = nullptr; + + NAPI_CALL(env, napi_get_cb_info(env, cbinfo, nullptr, nullptr, &thisVar, nullptr)); + + return thisVar; +} + +napi_value NapiAtManager::CreateAtManager(napi_env env, napi_callback_info cbInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "enter CreateAtManager"); + + napi_value instance = nullptr; + napi_value cons = nullptr; + + if (napi_get_reference_value(env, constructorRef_, &cons) != napi_ok) { + return nullptr; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "Get a reference to the global variable constructorRef_ complete"); + + if (napi_new_instance(env, cons, 0, nullptr, &instance) != napi_ok) { + return nullptr; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "New the js instance complete"); + + return instance; +} + +void NapiAtManager::ParseInputVerifyPermissionOrGetFlag(const napi_env env, const napi_callback_info info, + AtManagerAsyncContext& asyncContext) +{ + size_t argc = 2; + + napi_value argv[2] = { 0 }; + napi_value thisVar = nullptr; + + void *data = nullptr; + + napi_get_cb_info(env, info, &argc, argv, &thisVar, &data); + + asyncContext.env = env; + + // parse input tokenId and permissionName + for (size_t i = 0; i < argc; i++) { + napi_valuetype valueType = napi_undefined; + napi_typeof(env, argv[i], &valueType); + + if (valueType == napi_number) { + napi_get_value_uint32(env, argv[i], &(asyncContext.tokenId)); // get tokenId + } else if (valueType == napi_string) { + napi_get_value_string_utf8(env, argv[i], asyncContext.permissionName, + VALUE_BUFFER_SIZE, &(asyncContext.pNameLen)); // get permissionName + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "Type matching failed"); + asyncContext.result = -1; + } + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID = %{public}d", asyncContext.tokenId); + ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName = %{public}s", asyncContext.permissionName); +} + +void NapiAtManager::VerifyAccessTokenExecute(napi_env env, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext *)data; + + // use innerkit class method to verify permission + asyncContext->result = AccessTokenKit::VerifyAccessToken(asyncContext->tokenId, + asyncContext->permissionName); + + // set status according to the innerkit class method return + if ((asyncContext->result == PERMISSION_GRANTED) || (asyncContext->result == PERMISSION_DENIED)) { + asyncContext->status = ASYN_THREAD_EXEC_SUCC; // granted and denied regard as function exec success + } else { + asyncContext->status = ASYN_THREAD_EXEC_FAIL; // other regard as function exec failure + } +} + +void NapiAtManager::VerifyAccessTokenComplete(napi_env env, napi_status status, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext*)data; + napi_value result; + + ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenId = %{public}d, permissionName = %{public}s, verify result = %{public}d.", + asyncContext->tokenId, asyncContext->permissionName, asyncContext->result); + + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // execute succ, use resolve to return result by the deferred create before + napi_create_int32(env, asyncContext->result, &result); // verify result + napi_resolve_deferred(env, asyncContext->deferred, result); + } else { + // execute fail, use reject to return default PERMISSION_DENIED by the deferred create before + napi_create_int32(env, PERMISSION_DENIED, &result); // verify result + napi_reject_deferred(env, asyncContext->deferred, result); + } + + // after return the result, free resources + napi_delete_async_work(env, asyncContext->work); + delete asyncContext; +} + +napi_value NapiAtManager::VerifyAccessToken(napi_env env, napi_callback_info info) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "VerifyAccessToken begin."); + + auto *asyncContext = new AtManagerAsyncContext(); // for async work deliver data + if (asyncContext == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail."); + return nullptr; + } + + ParseInputVerifyPermissionOrGetFlag(env, info, *asyncContext); + if (asyncContext->result == -1) { + delete asyncContext; + return nullptr; + } + + napi_value result = nullptr; + + napi_create_promise(env, &(asyncContext->deferred), &result); // create delay promise object + + napi_value resource = nullptr; // resource name + napi_create_string_utf8(env, "VerifyAccessToken", NAPI_AUTO_LENGTH, &resource); + + napi_create_async_work( // define work + env, nullptr, resource, VerifyAccessTokenExecute, VerifyAccessTokenComplete, + (void *)asyncContext, &(asyncContext->work)); + napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result + + ACCESSTOKEN_LOG_DEBUG(LABEL, "VerifyAccessToken end."); + + return result; +} + +void NapiAtManager::ParseInputGrantOrRevokePermission(const napi_env env, const napi_callback_info info, + AtManagerAsyncContext& asyncContext) +{ + size_t argc = 4; + + napi_value argv[4] = { 0 }; + napi_value thisVar = nullptr; + + void *data = nullptr; + + napi_get_cb_info(env, info, &argc, argv, &thisVar, &data); + + asyncContext.env = env; + + // parse input tokenId and permissionName + for (size_t i = 0; i < argc; i++) { + napi_valuetype valueType = napi_undefined; + napi_typeof(env, argv[i], &valueType); + + if ((i == 0) && (valueType == napi_number)) { + napi_get_value_uint32(env, argv[i], &(asyncContext.tokenId)); // get tokenId + } else if (valueType == napi_string) { + napi_get_value_string_utf8(env, argv[i], asyncContext.permissionName, + VALUE_BUFFER_SIZE, &(asyncContext.pNameLen)); // get permissionName + } else if (valueType == napi_number) { + napi_get_value_int32(env, argv[i], &(asyncContext.flag)); // get flag + } else if (valueType == napi_function) { + napi_create_reference(env, argv[i], 1, &asyncContext.callbackRef); // get probably callback + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "Type matching failed"); + asyncContext.result = -1; + } + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "tokenID = %{public}d", asyncContext.tokenId); + ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName = %{public}s", asyncContext.permissionName); + ACCESSTOKEN_LOG_DEBUG(LABEL, "flag = %{public}d", asyncContext.flag); +} + +void NapiAtManager::GrantUserGrantedPermissionExcute(napi_env env, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext *)data; + PermissionDef permissionDef; + + // struct init, can not use = { 0 } or memset otherwise program crashdump + permissionDef.grantMode = 0; + permissionDef.availableLevel = APL_NORMAL; + permissionDef.provisionEnable = false; + permissionDef.distributedSceneEnable = false; + permissionDef.labelId = 0; + permissionDef.descriptionId = 0; + + // use innerkit class method to check if the permission grantmode is USER_GRANT-0 + AccessTokenKit::GetDefPermission(asyncContext->permissionName, permissionDef); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName = %{public}s, grantmode = %{public}d.", asyncContext->permissionName, + permissionDef.grantMode); + + if (permissionDef.grantMode != USER_GRANT) { + // system_grant permission, return fail directly + asyncContext->result = ACCESSTOKEN_PERMISSION_GRANT_FAIL; + asyncContext->status = ASYN_THREAD_EXEC_SUCC; + } else { + // user_grant permission, use innerkit class method to grant permission + asyncContext->result = AccessTokenKit::GrantPermission(asyncContext->tokenId, + asyncContext->permissionName, + asyncContext->flag); + + ACCESSTOKEN_LOG_DEBUG(LABEL, + "tokenId = %{public}d, permissionName = %{public}s, flag = %{public}d, grant result = %{public}d.", + asyncContext->tokenId, asyncContext->permissionName, asyncContext->flag, asyncContext->result); + + // set status according to the innerkit class method return + if ((asyncContext->result == ACCESSTOKEN_PERMISSION_GRANT_SUCC) + || (asyncContext->result == ACCESSTOKEN_PERMISSION_GRANT_FAIL)) { + asyncContext->status = ASYN_THREAD_EXEC_SUCC; // success or failure regard as function exec success + } else { + asyncContext->status = ASYN_THREAD_EXEC_FAIL; // other regard as function exec failure + } + } +} + +void NapiAtManager::GrantUserGrantedPermissionComplete(napi_env env, napi_status status, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext*)data; + napi_value result = nullptr; + + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // execute succ, consider asyncContext->result as return result + napi_create_int32(env, asyncContext->result, &result); + } else { + // execute fail, set default failure result + napi_create_int32(env, ACCESSTOKEN_PERMISSION_GRANT_FAIL, &result); + } + + if (asyncContext->deferred) { + // promise type + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // innerkit class methon exec success, use resolve to return result + napi_resolve_deferred(env, asyncContext->deferred, result); + } else { + // innerkit class methon exec failure, use reject to return result + napi_reject_deferred(env, asyncContext->deferred, result); + } + } else { + // callback type + napi_value callback = nullptr; + napi_value thisValue = nullptr; // recv napi value + napi_value thatValue = nullptr; // result napi value + + // set call function params->napi_call_function(env, recv, func, argc, argv, result) + napi_get_undefined(env, &thisValue); // can not null otherwise js code can not get return + napi_create_int32(env, 0, &thatValue); // can not null otherwise js code can not get return + napi_get_reference_value(env, asyncContext->callbackRef, &callback); + napi_call_function(env, thisValue, callback, 1, &result, &thatValue); + napi_delete_reference(env, asyncContext->callbackRef); // release callback handle + } + + // after return the result, free resources + napi_delete_async_work(env, asyncContext->work); + delete asyncContext; +} + +napi_value NapiAtManager::GrantUserGrantedPermission(napi_env env, napi_callback_info info) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "GrantUserGrantedPermission begin."); + + auto *asyncContext = new (std::nothrow) AtManagerAsyncContext(); // for async work deliver data + if (asyncContext == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail."); + return nullptr; + } + + ParseInputGrantOrRevokePermission(env, info, *asyncContext); + if (asyncContext->result == -1) { + delete asyncContext; + return nullptr; + } + + napi_value result = nullptr; + + if (asyncContext->callbackRef == nullptr) { + // when callback null, create delay promise object for returning result in async work complete function + napi_create_promise(env, &(asyncContext->deferred), &result); + } else { + // callback not null, use callback type to return result + napi_get_undefined(env, &result); + } + + napi_value resource = nullptr; // resource name + napi_create_string_utf8(env, "GrantUserGrantedPermission", NAPI_AUTO_LENGTH, &resource); + + napi_create_async_work( // define work + env, nullptr, resource, GrantUserGrantedPermissionExcute, GrantUserGrantedPermissionComplete, + (void *)asyncContext, &(asyncContext->work)); + + napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result + + ACCESSTOKEN_LOG_DEBUG(LABEL, "GrantUserGrantedPermission end."); + + return result; +} + +void NapiAtManager::RevokeUserGrantedPermissionExcute(napi_env env, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext *)data; + PermissionDef permissionDef; + + // struct init, can not use = { 0 } or memset otherwise program crashdump + permissionDef.grantMode = 0; + permissionDef.availableLevel = APL_NORMAL; + permissionDef.provisionEnable = false; + permissionDef.distributedSceneEnable = false; + permissionDef.labelId = 0; + permissionDef.descriptionId = 0; + + // use innerkit class method to check if the permission grantmode is USER_GRANT-0 + AccessTokenKit::GetDefPermission(asyncContext->permissionName, permissionDef); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName = %{public}s, grantmode = %{public}d.", asyncContext->permissionName, + permissionDef.grantMode); + + if (permissionDef.grantMode != USER_GRANT) { + // system_grant permission, return fail directly + asyncContext->result = ACCESSTOKEN_PERMISSION_REVOKE_FAIL; + asyncContext->status = ASYN_THREAD_EXEC_SUCC; + } else { + // user_grant permission, use innerkit class method to grant permission + asyncContext->result = AccessTokenKit::RevokePermission(asyncContext->tokenId, + asyncContext->permissionName, asyncContext->flag); + + ACCESSTOKEN_LOG_DEBUG(LABEL, + "tokenId = %{public}d, permissionName = %{public}s, flag = %{public}d, revoke result = %{public}d.", + asyncContext->tokenId, asyncContext->permissionName, asyncContext->flag, asyncContext->result); + + // set status according to the innerkit class method return + if ((asyncContext->result == ACCESSTOKEN_PERMISSION_REVOKE_SUCC) + || (asyncContext->result == ACCESSTOKEN_PERMISSION_REVOKE_FAIL)) { + asyncContext->status = ASYN_THREAD_EXEC_SUCC; // success or failure regard as function exec success + } else { + asyncContext->status = ASYN_THREAD_EXEC_FAIL; // other regard as function exec failure + } + } +} + +void NapiAtManager::RevokeUserGrantedPermissionComplete(napi_env env, napi_status status, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext*)data; + napi_value result = nullptr; + + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // execute succ, consider asyncContext->result as return result + napi_create_int32(env, asyncContext->result, &result); + } else { + // execute fail, set default failure result + napi_create_int32(env, ACCESSTOKEN_PERMISSION_GRANT_FAIL, &result); + } + + if (asyncContext->deferred) { + // promise type + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // innerkit class methon exec success, use resolve to return result + napi_resolve_deferred(env, asyncContext->deferred, result); + } else { + // innerkit class methon exec failure, use reject to return result + napi_reject_deferred(env, asyncContext->deferred, result); + } + } else { + // callback type + napi_value callback = nullptr; + napi_value thisValue = nullptr; // recv napi value + napi_value thatValue = nullptr; // result napi value + + // set call function params->napi_call_function(env, recv, func, argc, argv, result) + napi_get_undefined(env, &thisValue); // can not null otherwise js code can not get return + napi_create_int32(env, 0, &thatValue); // can not null otherwise js code can not get return + napi_get_reference_value(env, asyncContext->callbackRef, &callback); + napi_call_function(env, thisValue, callback, 1, &result, &thatValue); + napi_delete_reference(env, asyncContext->callbackRef); // release callback handle + } + + // after return the result, free resources + napi_delete_async_work(env, asyncContext->work); + delete asyncContext; +} + +napi_value NapiAtManager::RevokeUserGrantedPermission(napi_env env, napi_callback_info info) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "RevokeUserGrantedPermission begin."); + + auto *asyncContext = new AtManagerAsyncContext(); // for async work deliver data + if (asyncContext == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail."); + return nullptr; + } + + ParseInputGrantOrRevokePermission(env, info, *asyncContext); + if (asyncContext->result == -1) { + delete asyncContext; + return nullptr; + } + + napi_value result = nullptr; + + if (asyncContext->callbackRef == nullptr) { + // when callback null, create delay promise object for returning result in async work complete function + napi_create_promise(env, &(asyncContext->deferred), &result); + } else { + // callback not null, use callback type to return result + napi_get_undefined(env, &result); + } + + napi_value resource = nullptr; // resource name + napi_create_string_utf8(env, "RevokeUserGrantedPermission", NAPI_AUTO_LENGTH, &resource); + + napi_create_async_work( // define work + env, nullptr, resource, RevokeUserGrantedPermissionExcute, RevokeUserGrantedPermissionComplete, + (void *)asyncContext, &(asyncContext->work)); + + napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result + + ACCESSTOKEN_LOG_DEBUG(LABEL, "RevokeUserGrantedPermission end."); + + return result; +} + +void NapiAtManager::GetPermissionFlagsExcute(napi_env env, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext *)data; + + // use innerkit class method to get permission flag + asyncContext->flag = AccessTokenKit::GetPermissionFlag(asyncContext->tokenId, + asyncContext->permissionName); + asyncContext->status = ASYN_THREAD_EXEC_SUCC; // status default failure +} + +void NapiAtManager::GetPermissionFlagsComplete(napi_env env, napi_status status, void *data) +{ + AtManagerAsyncContext* asyncContext = (AtManagerAsyncContext*)data; + napi_value result; + + ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName = %{public}s, tokenId = %{public}d, flag = %{public}d.", + asyncContext->permissionName, asyncContext->tokenId, asyncContext->flag); + + if (asyncContext->status == ASYN_THREAD_EXEC_SUCC) { + // execute succ, use resolve to return result by the deferred create before + napi_create_int32(env, asyncContext->flag, &result); + napi_resolve_deferred(env, asyncContext->deferred, result); + } else { + // execute fail, this way may not match, but for code strict, still keep + napi_create_int32(env, asyncContext->flag, &result); + napi_reject_deferred(env, asyncContext->deferred, result); + } + + // after return the result, free resources + napi_delete_async_work(env, asyncContext->work); + delete asyncContext; +} + +napi_value NapiAtManager::GetPermissionFlags(napi_env env, napi_callback_info info) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetPermissionFlags begin."); + + auto *asyncContext = new AtManagerAsyncContext(); // for async work deliver data + if (asyncContext == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "new struct fail."); + return nullptr; + } + + ParseInputVerifyPermissionOrGetFlag(env, info, *asyncContext); + if (asyncContext->result == -1) { + delete asyncContext; + return nullptr; + } + + napi_value result = nullptr; + + napi_create_promise(env, &(asyncContext->deferred), &result); // create delay promise object + + napi_value resource = nullptr; // resource name + napi_create_string_utf8(env, "VerifyAccessToken", NAPI_AUTO_LENGTH, &resource); + + napi_create_async_work( // define work + env, nullptr, resource, GetPermissionFlagsExcute, GetPermissionFlagsComplete, + (void *)asyncContext, &(asyncContext->work)); + napi_queue_async_work(env, asyncContext->work); // add async work handle to the napi queue and wait for result + + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetPermissionFlags end."); + + return result; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +EXTERN_C_START +/* + * function for module exports + */ +static napi_value Init(napi_env env, napi_value exports) +{ + ACCESSTOKEN_LOG_DEBUG(OHOS::Security::AccessToken::LABEL, "Register end, start init."); + + return OHOS::Security::AccessToken::NapiAtManager::Init(env, exports); +} +EXTERN_C_END + +/* + * Module define + */ +static napi_module _module = { + .nm_version = 1, + .nm_flags = 0, + .nm_filename = nullptr, + .nm_register_func = Init, + .nm_modname = "abilityAccessCtrl", + .nm_priv = ((void *)0), + .reserved = {0} +}; + +/* + * Module register function + */ +extern "C" __attribute__((constructor)) void AbilityAccessCtrlmoduleRegister(void) +{ + napi_module_register(&_module); +} diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 4622a3086..a46905ab6 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -13,7 +13,6 @@ import("//build/ohos.gni") - ohos_prebuilt_etc("access_token.rc") { source = "access_token.cfg" relative_install_dir = "init" @@ -35,19 +34,10 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", "//third_party/json/include", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] sources = [ - "main/cpp/src/service/accesstoken_manager_service.cpp", - "main/cpp/src/service/accesstoken_manager_stub.cpp", - "main/cpp/src/token/accesstoken_id_manager.cpp", - "main/cpp/src/token/accesstoken_info_manager.cpp", - "main/cpp/src/token/hap_token_info_inner.cpp", - "main/cpp/src/token/native_token_info_inner.cpp", - "main/cpp/src/permission/permission_manager.cpp", - "main/cpp/src/permission/permission_definition_cache.cpp", - "main/cpp/src/permission/permission_policy_set.cpp", - "main/cpp/src/permission/permission_validator.cpp", "main/cpp/src/database/data_storage.cpp", "main/cpp/src/database/data_translator.cpp", "main/cpp/src/database/generic_values.cpp", @@ -55,6 +45,17 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/src/database/sqlite_storage.cpp", "main/cpp/src/database/statement.cpp", "main/cpp/src/database/variant_value.cpp", + "main/cpp/src/permission/permission_definition_cache.cpp", + "main/cpp/src/permission/permission_manager.cpp", + "main/cpp/src/permission/permission_policy_set.cpp", + "main/cpp/src/permission/permission_validator.cpp", + "main/cpp/src/service/accesstoken_manager_service.cpp", + "main/cpp/src/service/accesstoken_manager_stub.cpp", + "main/cpp/src/token/accesstoken_id_manager.cpp", + "main/cpp/src/token/accesstoken_info_manager.cpp", + "main/cpp/src/token/hap_token_info_inner.cpp", + "main/cpp/src/token/native_token_info_inner.cpp", + "main/cpp/src/token/native_token_receptor.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] @@ -62,10 +63,11 @@ ohos_shared_library("accesstoken_manager_service") { deps = [ #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", - "//third_party/sqlite:sqlite", - "//base/security/access_token/frameworks/common:accesstoken_common_cxx", "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", "//base/security/access_token/services/accesstokenmanager:access_token.rc", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", + "//third_party/sqlite:sqlite", "//utils/native/base:utils", ] diff --git a/services/accesstokenmanager/main/cpp/include/database/field_const.h b/services/accesstokenmanager/main/cpp/include/database/field_const.h index 3d9ec533f..a73a3a9d3 100644 --- a/services/accesstokenmanager/main/cpp/include/database/field_const.h +++ b/services/accesstokenmanager/main/cpp/include/database/field_const.h @@ -34,7 +34,9 @@ const std::string FIELD_PROCESS_NAME = "process_name"; const std::string FIELD_DCAP = "dcap"; const std::string FIELD_PERMISSION_NAME = "permission_name"; const std::string FIELD_GRANT_MODE = "grant_mode"; -const std::string FIELD_AVAILABLE_SCOPE = "available_scope"; +const std::string FIELD_AVAILABLE_LEVEL = "available_level"; +const std::string FIELD_PROVISION_ENABLE = "provision_enable"; +const std::string FIELD_DISTRIBUTED_SCENE_ENABLE = "distributed_scene_enable"; const std::string FIELD_LABEL = "label"; const std::string FIELD_LABEL_ID = "label_id"; const std::string FIELD_DESCRIPTION = "description"; diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h index 76e492897..969509549 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_definition_cache.h @@ -35,6 +35,8 @@ public: bool Insert(const PermissionDef& info); + bool Update(const PermissionDef& info); + void DeleteByBundleName(const std::string& bundleName); int FindByPermissionName(const std::string& permissionName, PermissionDef& info); diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h index 5925deec7..fcc3087cc 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h @@ -30,13 +30,12 @@ namespace OHOS { namespace Security { namespace AccessToken { -static const int DEFAULT_PERMISSION_FLAGS = 0; class PermissionManager final { public: static PermissionManager& GetInstance(); virtual ~PermissionManager(); - void AddDefPermissions(const std::vector& permList); + void AddDefPermissions(std::shared_ptr tokenInfo, bool updateFlag); void RemoveDefPermissions(AccessTokenID tokenID); int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName); int GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult); @@ -49,17 +48,9 @@ public: void ClearUserGrantedPermissionState(AccessTokenID tokenID); private: PermissionManager(); - int UpdatePermissionStatus(PermissionStateFull& permStat, bool isGranted, int flag); void UpdateTokenPermissionState( AccessTokenID tokenID, const std::string& permissionName, bool isGranted, int flag); - - int QueryPermissionFlag(const PermissionStateFull& permStat); - int QueryPermissionStatus(const PermissionStateFull& permStat); std::string TransferPermissionDefToString(const PermissionDef& inPermissionDef); - bool IsPermissionFlagValid(int flag) const; - bool IsGrantModeValid(const int grantMode) const; - bool IsAvailableScopeValid(const int availableScope) const; - bool IsPermissionDefValid(const PermissionDef& permissionDef) const; DISALLOW_COPY_AND_MOVE(PermissionManager); }; diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h index b51fe0713..84dc327c7 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h @@ -16,14 +16,15 @@ #ifndef PERMISSION_POLICY_SET_H #define PERMISSION_POLICY_SET_H -#include "permission_def.h" -#include "permission_state_full.h" +#include +#include +#include + #include "access_token.h" #include "generic_values.h" - -#include -#include -#include +#include "permission_def.h" +#include "permission_state_full.h" +#include "rwlock.h" namespace OHOS { namespace Security { @@ -31,28 +32,35 @@ namespace AccessToken { struct PermissionPolicySet final { public: PermissionPolicySet() : tokenId_(0) {}; - virtual ~PermissionPolicySet() {}; + virtual ~PermissionPolicySet(); static std::shared_ptr BuildPermissionPolicySet(AccessTokenID tokenId, const std::vector& permList, const std::vector& permStateList); static std::shared_ptr RestorePermissionPolicy(AccessTokenID tokenId, const std::vector& permDefRes, const std::vector& permStateRes); void StorePermissionPolicySet(std::vector& permDefValueList, - std::vector& permStateValueList) const; + std::vector& permStateValueList); void Update(const std::vector& permList, const std::vector& permStateList); - void ToString(std::string& info) const; - std::vector permList_; - std::vector permStateList_; + + int VerifyPermissStatus(const std::string& permissionName); + void GetDefPermissions(std::vector& permList); + void GetPermissionStateFulls(std::vector& permList); + int QueryPermissionFlag(const std::string& permissionName); + void UpdatePermissionStatus(const std::string& permissionName, bool isGranted, int flag); + void ToString(std::string& info); private: static void MergePermissionStateFull(std::vector& permStateList, const PermissionStateFull& state); - void UpdatePermStateFull(PermissionStateFull& permOld, const PermissionStateFull& permNew); - void UpdatePermDef(PermissionDef& permOld, const PermissionDef& permNew); + void UpdatePermStateFull(const PermissionStateFull& permOld, PermissionStateFull& permNew); void StorePermissionDef(std::vector& valueList) const; void StorePermissionState(std::vector& valueList) const; void PermDefToString(const PermissionDef& def, std::string& info) const; void PermStateFullToString(const PermissionStateFull& state, std::string& info) const; + + OHOS::Utils::RWLock permPolicySetLock_; + std::vector permList_; + std::vector permStateList_; AccessTokenID tokenId_; }; } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h index ebfb0b73b..99dad5945 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_validator.h @@ -35,7 +35,6 @@ public: static void FilterInvalidPermisionState( const std::vector& permList, std::vector& result); static bool IsGrantModeValid(int grantMode); - static bool IsAvailableScopeValid(int availableScope); static bool IsGrantStatusValid(int grantStaus); private: static void DeduplicateResDevID(const PermissionStateFull& permState, PermissionStateFull& result); diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h index b74934975..1ad68ac8e 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h @@ -39,6 +39,7 @@ public: int RegisterTokenId(AccessTokenID id, ATokenTypeEnum type); void ReleaseTokenId(AccessTokenID id); ATokenTypeEnum GetTokenIdType(AccessTokenID id); + static ATokenTypeEnum GetTokenIdTypeEnum(AccessTokenID id); private: AccessTokenIDManager() = default; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 7b282ec13..40786992f 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -42,7 +42,8 @@ public: std::shared_ptr GetNativeTokenInfoInner(AccessTokenID id); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& InfoParcel); std::shared_ptr GetHapPermissionPolicySet(AccessTokenID id); - int RemoveTokenInfo(AccessTokenID id); + int RemoveHapTokenInfo(AccessTokenID id); + int RemoveNativeTokenInfo(AccessTokenID id); int CreateHapTokenInfo(const HapInfoParams& info, const HapPolicyParams& policy, AccessTokenIDEx& tokenIdEx); int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); @@ -76,6 +77,7 @@ private: std::map> hapTokenInfoMap_; std::map hapTokenIdMap_; std::map> nativeTokenInfoMap_; + std::map nativeTokenIdMap_; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index 53fea91ad..9d3557e43 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -34,7 +34,7 @@ class HapTokenInfoInner final { public: HapTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), userID_(0), instIndex_(0), apl_(APL_NORMAL) {}; - virtual ~HapTokenInfoInner() = default; + virtual ~HapTokenInfoInner(); void Init(AccessTokenID id, const HapInfoParams& info, const HapPolicyParams& policy); void Update(const std::string& appIDDesc, const HapPolicyParams& policy); diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h index f24c27b59..1a646f8c1 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h @@ -35,9 +35,10 @@ static const std::string JSON_DCAPS = "dcaps"; class NativeTokenInfoInner final { public: NativeTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), apl_(APL_NORMAL) {}; - virtual ~NativeTokenInfoInner() = default; + NativeTokenInfoInner(NativeTokenInfo& info); + virtual ~NativeTokenInfoInner(); - void Init(AccessTokenID id, const std::string& processName, ATokenAplEnum apl, + int Init(AccessTokenID id, const std::string& processName, int apl, const std::vector& dcap); void StoreNativeInfo(std::vector& valueList) const; void TranslateToNativeTokenInfo(NativeTokenInfo& InfoParcel) const; diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h new file mode 100644 index 000000000..2d3e6de45 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_NATIVE_TOKEN_RECEPTOR_H +#define ACCESSTOKEN_NATIVE_TOKEN_RECEPTOR_H + +#include +#include +#include +#include + +#include "access_token.h" +#include "nlohmann/json.hpp" +#include "native_token_info_inner.h" +#include "nocopyable.h" +#include "parameter.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +const std::string JSON_KEY_NATIVE_TOKEN_INFO_JSON = "NativeTokenInfo"; +const std::string SOCKET_FILE = "/data/system/token_unix_socket.socket"; +constexpr int MAX_RECEPTOR_SIZE = 1024; +const std::string SYSTEM_PROP_NATIVE_RECEPTOR = "rw.nativetoken.receptor.startup"; +class NativeTokenReceptor final { +public: + static NativeTokenReceptor& GetInstance(); + virtual ~NativeTokenReceptor() = default; + int Init(); + void Release(); + void LoopHandler(); + static void ThreadFunc(NativeTokenReceptor *receptor); + +private: + NativeTokenReceptor() : receptorThread_(nullptr), listenSocket_(-1), + connectSocket_(-1), ready_(false), socketPath_(SOCKET_FILE) {}; + DISALLOW_COPY_AND_MOVE(NativeTokenReceptor); + + void FromJson(const nlohmann::json &jsonObject, + std::vector>& tokenInfos); + void ParserNativeRawData(const std::string& nativeRawData, + std::vector>& tokenInfos); + int InitNativeTokenSocket(); + void from_json(const nlohmann::json& j, NativeTokenInfo& p); + + std::unique_ptr receptorThread_; + std::mutex receptorThreadMutex_; + int listenSocket_; + int connectSocket_; + bool ready_; + std::string socketPath_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_NATIVE_TOKEN_RECEPTOR_H + diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index 1f039a174..4052d8210 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -18,17 +18,25 @@ #include #include "accesstoken_log.h" +#include "data_validator.h" #include "field_const.h" +#include "permission_validator.h" namespace OHOS { namespace Security { namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "DataTranslator"}; +} + int DataTranslator::TranslationIntoGenericValues(const PermissionDef& inPermissionDef, GenericValues& outGenericValues) { outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionDef.permissionName); outGenericValues.Put(FIELD_BUNDLE_NAME, inPermissionDef.bundleName); outGenericValues.Put(FIELD_GRANT_MODE, inPermissionDef.grantMode); - outGenericValues.Put(FIELD_AVAILABLE_SCOPE, inPermissionDef.availableScope); + outGenericValues.Put(FIELD_AVAILABLE_LEVEL, inPermissionDef.availableLevel); + outGenericValues.Put(FIELD_PROVISION_ENABLE, inPermissionDef.provisionEnable ? 1 : 0); + outGenericValues.Put(FIELD_DISTRIBUTED_SCENE_ENABLE, inPermissionDef.distributedSceneEnable ? 1 : 0); outGenericValues.Put(FIELD_LABEL, inPermissionDef.label); outGenericValues.Put(FIELD_LABEL_ID, inPermissionDef.labelId); outGenericValues.Put(FIELD_DESCRIPTION, inPermissionDef.description); @@ -41,7 +49,14 @@ int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericV outPermissionDef.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME); outPermissionDef.bundleName = inGenericValues.GetString(FIELD_BUNDLE_NAME); outPermissionDef.grantMode = inGenericValues.GetInt(FIELD_GRANT_MODE); - outPermissionDef.availableScope = inGenericValues.GetInt(FIELD_AVAILABLE_SCOPE); + int aplNum = inGenericValues.GetInt(FIELD_AVAILABLE_LEVEL); + if (!DataValidator::IsAplNumValid(aplNum)) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s:Apl is wrong.", __func__); + return RET_FAILED; + } + outPermissionDef.availableLevel = (ATokenAplEnum)aplNum; + outPermissionDef.provisionEnable = (inGenericValues.GetInt(FIELD_PROVISION_ENABLE) == 1); + outPermissionDef.distributedSceneEnable = (inGenericValues.GetInt(FIELD_DISTRIBUTED_SCENE_ENABLE) == 1); outPermissionDef.label = inGenericValues.GetString(FIELD_LABEL); outPermissionDef.labelId = inGenericValues.GetInt(FIELD_LABEL_ID); outPermissionDef.description = inGenericValues.GetString(FIELD_DESCRIPTION); @@ -54,6 +69,7 @@ int DataTranslator::TranslationIntoGenericValues(const PermissionStateFull& inPe { if (grantIndex >= inPermissionState.resDeviceID.size() || grantIndex >= inPermissionState.grantStatus.size() || grantIndex >= inPermissionState.grantFlags.size()) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: perm status grant size is wrong", __func__); return RET_FAILED; } outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionState.permissionName); @@ -69,9 +85,31 @@ int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGe { outPermissionState.isGeneral = ((inGenericValues.GetInt(FIELD_GRANT_IS_GENERAL) == 1) ? true : false); outPermissionState.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME); - outPermissionState.resDeviceID.push_back(inGenericValues.GetString(FIELD_DEVICE_ID)); - outPermissionState.grantStatus.push_back((PermissionState)inGenericValues.GetInt(FIELD_GRANT_STATE)); - outPermissionState.grantFlags.push_back(inGenericValues.GetInt(FIELD_GRANT_FLAG)); + if (!DataValidator::IsPermissionNameValid(outPermissionState.permissionName)) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: permission name is wrong", __func__); + return RET_FAILED; + } + + std::string devID = inGenericValues.GetString(FIELD_DEVICE_ID); + if (!DataValidator::IsDeviceIdValid(devID)) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: devID is wrong", __func__); + return RET_FAILED; + } + outPermissionState.resDeviceID.push_back(devID); + + int grantStatus = (PermissionState)inGenericValues.GetInt(FIELD_GRANT_STATE); + if (!PermissionValidator::IsGrantStatusValid(grantStatus)) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: grantStatus is wrong", __func__); + return RET_FAILED; + } + outPermissionState.grantStatus.push_back(grantStatus); + + int grantFlag = (PermissionState)inGenericValues.GetInt(FIELD_GRANT_FLAG); + if (!PermissionValidator::IsPermissionFlagValid(grantFlag)) { + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: grantFlag is wrong", __func__); + return RET_FAILED; + } + outPermissionState.grantFlags.push_back(grantFlag); return RET_SUCCESS; } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp index 421ab572a..46c1d3797 100644 --- a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp @@ -66,7 +66,7 @@ SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATA NativeTokenInfoTable.tableColumnNames_ = { FIELD_TOKEN_ID, FIELD_PROCESS_NAME, FIELD_TOKEN_VERSION, FIELD_TOKEN_ATTR, - FIELD_DCAP + FIELD_DCAP, FIELD_APL }; SqliteTable permissionDefTable; @@ -74,7 +74,8 @@ SqliteStorage::SqliteStorage() : SqliteHelper(DATABASE_NAME, DATABASE_PATH, DATA permissionDefTable.tableColumnNames_ = { FIELD_TOKEN_ID, FIELD_PERMISSION_NAME, FIELD_BUNDLE_NAME, FIELD_GRANT_MODE, - FIELD_AVAILABLE_SCOPE, FIELD_LABEL, + FIELD_AVAILABLE_LEVEL, FIELD_PROVISION_ENABLE, + FIELD_DISTRIBUTED_SCENE_ENABLE, FIELD_LABEL, FIELD_LABEL_ID, FIELD_DESCRIPTION, FIELD_DESCRIPTION_ID }; @@ -315,6 +316,7 @@ int SqliteStorage::CreateNativeTokenInfoTable() const .append(FIELD_TOKEN_VERSION + " integer not null,") .append(FIELD_TOKEN_ATTR + " integer not null,") .append(FIELD_DCAP + " text not null,") + .append(FIELD_APL + " integer not null,") .append("primary key(" + FIELD_TOKEN_ID) .append("))"); return ExecuteSql(sql); @@ -332,7 +334,9 @@ int SqliteStorage::CreatePermissionDefinitionTable() const .append(FIELD_PERMISSION_NAME + " text not null,") .append(FIELD_BUNDLE_NAME + " text not null,") .append(FIELD_GRANT_MODE + " integer not null,") - .append(FIELD_AVAILABLE_SCOPE + " integer not null,") + .append(FIELD_AVAILABLE_LEVEL + " integer not null,") + .append(FIELD_PROVISION_ENABLE + " integer not null,") + .append(FIELD_DISTRIBUTED_SCENE_ENABLE + " integer not null,") .append(FIELD_LABEL + " text not null,") .append(FIELD_LABEL_ID + " integer not null,") .append(FIELD_DESCRIPTION + " text not null,") diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp index d9894dac6..c7636c150 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_definition_cache.cpp @@ -52,6 +52,13 @@ bool PermissionDefinitionCache::Insert(const PermissionDef& info) return true; } +bool PermissionDefinitionCache::Update(const PermissionDef& info) +{ + Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); + permissionDefinitionMap_[info.permissionName] = info; + return true; +} + void PermissionDefinitionCache::DeleteByBundleName(const std::string& bundleName) { Utils::UniqueWriteGuard cacheGuard(this->cacheLock_); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 35bf38fa4..f648a59b3 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -41,15 +41,34 @@ PermissionManager::~PermissionManager() { } -void PermissionManager::AddDefPermissions(const std::vector& permList) +void PermissionManager::AddDefPermissions(std::shared_ptr tokenInfo, bool updateFlag) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, permList.size()); + if (tokenInfo == nullptr) { + return; + } + std::shared_ptr permPolicySet = tokenInfo->GetHapInfoPermissionPolicySet(); + if (permPolicySet == nullptr) { + return; + } + std::vector permList; + permPolicySet->GetDefPermissions(permList); for (auto perm : permList) { if (!PermissionValidator::IsPermissionDefValid(perm)) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: invalid permission definition info: %{public}s", __func__, TransferPermissionDefToString(perm).c_str()); - } else { + continue; + } + + if (updateFlag) { + PermissionDefinitionCache::GetInstance().Update(perm); + continue; + } + + if (!PermissionDefinitionCache::GetInstance().HasDefinition(perm.permissionName)) { PermissionDefinitionCache::GetInstance().Insert(perm); + } else { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: permission %{public}s has define", __func__, + TransferPermissionDefToString(perm).c_str()); } } } @@ -87,13 +106,7 @@ int PermissionManager::VerifyAccessToken(AccessTokenID tokenID, const std::strin return PERMISSION_DENIED; } - std::vector permList = permPolicySet->permStateList_; - for (auto perm : permList) { - if (perm.permissionName == permissionName) { - return QueryPermissionStatus(perm); - } - } - return PERMISSION_DENIED; + return permPolicySet->VerifyPermissStatus(permissionName); } int PermissionManager::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) @@ -120,8 +133,8 @@ int PermissionManager::GetDefPermissions(AccessTokenID tokenID, std::vector permListGet = permPolicySet->permList_; - permList.assign(permListGet.begin(), permListGet.end()); + + permPolicySet->GetDefPermissions(permList); return RET_SUCCESS; } @@ -138,8 +151,9 @@ int PermissionManager::GetReqPermissions( } GrantMode mode = isSystemGrant ? SYSTEM_GRANT : USER_GRANT; - std::vector permList = permPolicySet->permStateList_; - for (auto perm : permList) { + std::vector tmpList; + permPolicySet->GetPermissionStateFulls(tmpList); + for (auto perm : tmpList) { PermissionDef permDef; GetDefPermission(perm.permissionName, permDef); if (permDef.grantMode == mode) { @@ -168,24 +182,7 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); return DEFAULT_PERMISSION_FLAGS; } - - std::vector permList = permPolicySet->permStateList_; - for (auto perm : permList) { - if (perm.permissionName == permissionName) { - return QueryPermissionFlag(perm); - } - } - return DEFAULT_PERMISSION_FLAGS; -} - - -int PermissionManager::UpdatePermissionStatus(PermissionStateFull& permStat, bool isGranted, int flag) -{ - if (permStat.isGeneral == true) { - permStat.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; - permStat.grantFlags[0] = flag; - } - return RET_FAILED; + return permPolicySet->QueryPermissionFlag(permissionName); } void PermissionManager::UpdateTokenPermissionState( @@ -198,13 +195,8 @@ void PermissionManager::UpdateTokenPermissionState( return; } - std::vector& permList = permPolicySet->permStateList_; - for (auto& perm : permList) { - if (perm.permissionName == permissionName) { - UpdatePermissionStatus(perm, isGranted, flag); - break; - } - } + permPolicySet->UpdatePermissionStatus(permissionName, isGranted, flag); + AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); } void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) @@ -259,30 +251,16 @@ void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) return; } - std::vector& permList = permPolicySet->permStateList_; + std::vector permList; + permPolicySet->GetPermissionStateFulls(permList); for (auto& perm : permList) { PermissionDef permDef; - bool isGranted; + bool isGranted = false; GetDefPermission(perm.permissionName, permDef); isGranted = (permDef.grantMode == SYSTEM_GRANT) ? true : false; - UpdatePermissionStatus(perm, isGranted, DEFAULT_PERMISSION_FLAGS); - } -} - -int PermissionManager::QueryPermissionFlag(const PermissionStateFull& permStat) -{ - if (permStat.isGeneral == true) { - return permStat.grantFlags[0]; - } - return DEFAULT_PERMISSION_FLAGS; -} - -int PermissionManager::QueryPermissionStatus(const PermissionStateFull& permStat) -{ - if (permStat.isGeneral == true) { - return permStat.grantStatus[0]; + permPolicySet->UpdatePermissionStatus(perm.permissionName, isGranted, DEFAULT_PERMISSION_FLAGS); } - return PERMISSION_DENIED; + AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); } std::string PermissionManager::TransferPermissionDefToString(const PermissionDef& inPermissionDef) @@ -291,7 +269,9 @@ std::string PermissionManager::TransferPermissionDefToString(const PermissionDef infos.append(R"({"permissionName": ")" + inPermissionDef.permissionName + R"(")"); infos.append(R"(, "bundleName": ")" + inPermissionDef.bundleName + R"(")"); infos.append(R"(, "grantMode": )" + std::to_string(inPermissionDef.grantMode)); - infos.append(R"(, "availableScope": )" + std::to_string(inPermissionDef.availableScope)); + infos.append(R"(, "availableLevel": )" + std::to_string(inPermissionDef.availableLevel)); + infos.append(R"(, "provisionEnable": )" + std::to_string(inPermissionDef.provisionEnable)); + infos.append(R"(, "distributedSceneEnable": )" + std::to_string(inPermissionDef.distributedSceneEnable)); infos.append(R"(, "label": ")" + inPermissionDef.label + R"(")"); infos.append(R"(, "labelId": )" + std::to_string(inPermissionDef.labelId)); infos.append(R"(, "description": ")" + inPermissionDef.description + R"(")"); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index 176e4afff..31e64a4a0 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -28,6 +28,12 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionPolicySet"}; } +PermissionPolicySet::~PermissionPolicySet() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, + "%{public}s called, tokenID: 0x%{public}x destruction", __func__, tokenId_); +} + std::shared_ptr PermissionPolicySet::BuildPermissionPolicySet( AccessTokenID tokenId, const std::vector& permList, const std::vector& permStateList) @@ -41,49 +47,48 @@ std::shared_ptr PermissionPolicySet::BuildPermissionPolicyS return policySet; } -void PermissionPolicySet::UpdatePermDef(PermissionDef& permOld, const PermissionDef& permNew) +void PermissionPolicySet::UpdatePermStateFull(const PermissionStateFull& permOld, PermissionStateFull& permNew) { - permOld.bundleName = permNew.bundleName; - permOld.grantMode = permNew.grantMode; - permOld.availableScope = permNew.availableScope; - permOld.label = permNew.label; - permOld.labelId = permNew.labelId; - permOld.description = permNew.description; - permOld.descriptionId = permNew.descriptionId; -} - -void PermissionPolicySet::UpdatePermStateFull(PermissionStateFull& permOld, const PermissionStateFull& permNew) -{ - if (permOld.isGeneral != permNew.isGeneral) { - permOld.resDeviceID.clear(); - permOld.grantStatus.clear(); - permOld.grantFlags.clear(); - permOld.isGeneral = permNew.isGeneral; + if (permNew.isGeneral == permOld.isGeneral) { + permNew.resDeviceID = permOld.resDeviceID; + permNew.grantStatus = permOld.grantStatus; + permNew.grantFlags = permOld.grantFlags; } } void PermissionPolicySet::Update(const std::vector& permList, const std::vector& permStateList) { - for (const PermissionDef& permNew : permList) { + std::vector permFilterList; + std::vector permStateFilterList; + + PermissionValidator::FilterInvalidPermisionDef(permList, permFilterList); + PermissionValidator::FilterInvalidPermisionState(permStateList, permStateFilterList); + + Utils::UniqueWriteGuard infoGuard(this->permPolicySetLock_); + for (const PermissionDef& permNew : permFilterList) { + bool found = false; for (PermissionDef& permOld : permList_) { if (permNew.permissionName == permOld.permissionName) { - UpdatePermDef(permOld, permNew); + permOld = permNew; + found = true; break; } } - permList_.emplace_back(permNew); + if (!found) { + permList_.emplace_back(permNew); + } } - for (const PermissionStateFull& permStateNew : permStateList) { - for (PermissionStateFull& permStateOld : permStateList_) { + for (PermissionStateFull& permStateNew : permStateFilterList) { + for (const PermissionStateFull& permStateOld : permStateList_) { if (permStateNew.permissionName == permStateOld.permissionName) { UpdatePermStateFull(permStateOld, permStateNew); break; } } - permStateList_.emplace_back(permStateNew); } + permStateList_ = permStateFilterList; } std::shared_ptr PermissionPolicySet::RestorePermissionPolicy(AccessTokenID tokenId, @@ -99,16 +104,25 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic for (GenericValues defValue : permDefRes) { if ((AccessTokenID)defValue.GetInt(FIELD_TOKEN_ID) == tokenId) { PermissionDef def; - DataTranslator::TranslationIntoPermissionDef(defValue, def); - policySet->permList_.emplace_back(def); + int ret = DataTranslator::TranslationIntoPermissionDef(defValue, def); + if (ret == RET_SUCCESS) { + policySet->permList_.emplace_back(def); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x permDef is wrong.", __func__, tokenId); + } } } for (GenericValues stateValue : permStateRes) { if ((AccessTokenID)stateValue.GetInt(FIELD_TOKEN_ID) == tokenId) { PermissionStateFull state; - DataTranslator::TranslationIntoPermissionStateFull(stateValue, state); - MergePermissionStateFull(policySet->permStateList_, state); + int ret = DataTranslator::TranslationIntoPermissionStateFull(stateValue, state); + if (ret == RET_SUCCESS) { + MergePermissionStateFull(policySet->permStateList_, state); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x permState is wrong.", + __func__, tokenId); + } } } return policySet; @@ -160,18 +174,78 @@ void PermissionPolicySet::StorePermissionState(std::vector& value } void PermissionPolicySet::StorePermissionPolicySet(std::vector& permDefValueList, - std::vector& permStateValueList) const + std::vector& permStateValueList) { + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); StorePermissionDef(permDefValueList); StorePermissionState(permStateValueList); } +int PermissionPolicySet::VerifyPermissStatus(const std::string& permissionName) +{ + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); + for (auto perm : permStateList_) { + if (perm.permissionName == permissionName) { + if (perm.isGeneral == true) { + return perm.grantStatus[0]; + } else { + return PERMISSION_DENIED; + } + } + } + return PERMISSION_DENIED; +} + +void PermissionPolicySet::GetDefPermissions(std::vector& permList) +{ + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); + permList.assign(permList_.begin(), permList_.end()); +} + +void PermissionPolicySet::GetPermissionStateFulls(std::vector& permList) +{ + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); + permList.assign(permStateList_.begin(), permStateList_.end()); +} + +int PermissionPolicySet::QueryPermissionFlag(const std::string& permissionName) +{ + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); + for (auto perm : permStateList_) { + if (perm.permissionName == permissionName) { + if (perm.isGeneral == true) { + return perm.grantFlags[0]; + } else { + return DEFAULT_PERMISSION_FLAGS; + } + } + } + return DEFAULT_PERMISSION_FLAGS; +} + +void PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionName, bool isGranted, int flag) +{ + Utils::UniqueWriteGuard infoGuard(this->permPolicySetLock_); + for (auto& perm : permStateList_) { + if (perm.permissionName == permissionName) { + if (perm.isGeneral == true) { + perm.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; + perm.grantFlags[0] = flag; + } else { + return; + } + } + } +} + void PermissionPolicySet::PermDefToString(const PermissionDef& def, std::string& info) const { info.append(R"({"permissionName": ")" + def.permissionName + R"(")"); info.append(R"(, "bundleName": ")" + def.bundleName + R"(")"); info.append(R"(, "grantMode": )" + std::to_string(def.grantMode)); - info.append(R"(, "availableScope": )" + std::to_string(def.availableScope)); + info.append(R"(, "availableLevel": )" + std::to_string(def.availableLevel)); + info.append(R"(, "provisionEnable": )" + std::to_string(def.provisionEnable)); + info.append(R"(, "distributedSceneEnable": )" + std::to_string(def.distributedSceneEnable)); info.append(R"(, "label": ")" + def.label + R"(")"); info.append(R"(, "labelId": )" + std::to_string(def.labelId)); info.append(R"(, "description": ")" + def.description + R"(")"); @@ -211,8 +285,9 @@ void PermissionPolicySet::PermStateFullToString(const PermissionStateFull& state info.append(R"(]})"); } -void PermissionPolicySet::ToString(std::string& info) const +void PermissionPolicySet::ToString(std::string& info) { + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); info.append(R"(, "permDefList": [)"); for (auto iter = permList_.begin(); iter != permList_.end(); iter++) { PermDefToString(*iter, info); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 47f39b62e..148a9369a 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -28,13 +28,6 @@ bool PermissionValidator::IsGrantModeValid(int grantMode) return grantMode == GrantMode::SYSTEM_GRANT || grantMode == GrantMode::USER_GRANT; } -bool PermissionValidator::IsAvailableScopeValid(int availableScope) -{ - return availableScope == AvailableScope::AVAILABLE_SCOPE_ALL || - availableScope == AvailableScope::AVAILABLE_SCOPE_RESTRICTED || - availableScope == AvailableScope::AVAILABLE_SCOPE_SIGNATURE; -} - bool PermissionValidator::IsGrantStatusValid(int grantStaus) { return grantStaus == PermissionState::PERMISSION_GRANTED || grantStaus == PermissionState::PERMISSION_DENIED; @@ -42,7 +35,8 @@ bool PermissionValidator::IsGrantStatusValid(int grantStaus) bool PermissionValidator::IsPermissionFlagValid(int flag) { - return flag == PermissionFlag::PERMISSION_USER_SET || + return flag == DEFAULT_PERMISSION_FLAGS || + flag == PermissionFlag::PERMISSION_USER_SET || flag == PermissionFlag::PERMISSION_USER_FIXED || flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; } @@ -54,13 +48,22 @@ bool PermissionValidator::IsPermissionNameValid(const std::string& permissionNam bool PermissionValidator::IsPermissionDefValid(const PermissionDef& permDef) { + if (!DataValidator::IsLabelValid(permDef.label)) { + return false; + } + if (!DataValidator::IsDescValid(permDef.description)) { + return false; + } + if (!DataValidator::IsBundleNameValid(permDef.bundleName)) { + return false; + } if (!DataValidator::IsPermissionNameValid(permDef.permissionName)) { return false; } if (!IsGrantModeValid(permDef.grantMode)) { return false; } - return IsAvailableScopeValid(permDef.availableScope); + return DataValidator::IsAplNumValid(permDef.availableLevel); } bool PermissionValidator::IsPermissionStateValid(const PermissionStateFull& permState) @@ -137,4 +140,4 @@ void PermissionValidator::FilterInvalidPermisionState( } } // namespace AccessToken } // namespace Security -} // namespace OHOS \ No newline at end of file +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index a0c176542..df942dcf3 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -22,6 +22,7 @@ #include "hap_token_info.h" #include "hap_token_info_inner.h" #include "native_token_info_inner.h" +#include "native_token_receptor.h" #include "permission_manager.h" namespace OHOS { @@ -175,7 +176,8 @@ int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); - return AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenID); + // only support hap token deletion + return AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); } int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID) @@ -219,26 +221,20 @@ int AccessTokenManagerService::GetHapTokenInfo(AccessTokenID tokenID, HapTokenIn { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); - HapTokenInfo hapTokenInfo; - AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfo); - InfoParcel.hapTokenInfoParams = hapTokenInfo; - return RET_SUCCESS; + return AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, InfoParcel.hapTokenInfoParams); } int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& InfoParcel) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); - NativeTokenInfo nativeTokenInfo; - AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfo); - InfoParcel.nativeTokenInfoParams = nativeTokenInfo; - - return RET_SUCCESS; + return AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, InfoParcel.nativeTokenInfoParams); } bool AccessTokenManagerService::Initialize() const { AccessTokenInfoManager::GetInstance().Init(); + NativeTokenReceptor::GetInstance().Init(); return true; } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index cc6e8e07f..15a1a86ab 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -70,11 +70,6 @@ void AccessTokenManagerStub::VerifyAccessTokenInner(MessageParcel& data, Message void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); - reply.WriteInt32(RET_FAILED); - return; - } std::string permissionName = data.ReadString(); PermissionDefParcel permissionDefParcel; int result = this->GetDefPermission(permissionName, permissionDefParcel); @@ -84,11 +79,6 @@ void AccessTokenManagerStub::GetDefPermissionInner(MessageParcel& data, MessageP void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); - reply.WriteInt32(RET_FAILED); - return; - } AccessTokenID tokenID = data.ReadUint32(); std::vector permList; @@ -103,11 +93,6 @@ void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, Message void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); - reply.WriteInt32(RET_FAILED); - return; - } AccessTokenID tokenID = data.ReadUint32(); int isSystemGrant = data.ReadInt32(); std::vector permList; @@ -125,45 +110,50 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message { AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); + if (!IsAuthorizedCalling() && + VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(tokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); + return; + } int result = this->GetPermissionFlag(tokenID, permissionName); reply.WriteInt32(result); } void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int flag = data.ReadInt32(); + if (!IsAuthorizedCalling() && + VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - int flag = data.ReadInt32(); int result = this->GrantPermission(tokenID, permissionName, flag); reply.WriteInt32(result); } void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + AccessTokenID tokenID = data.ReadUint32(); + std::string permissionName = data.ReadString(); + int flag = data.ReadInt32(); + if (!IsAuthorizedCalling() && + VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; } - AccessTokenID tokenID = data.ReadUint32(); - std::string permissionName = data.ReadString(); - int flag = data.ReadInt32(); int result = this->RevokePermission(tokenID, permissionName, flag); reply.WriteInt32(result); } void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); - reply.WriteInt32(RET_FAILED); - return; - } AccessTokenID tokenID = data.ReadUint32(); int result = this->ClearUserGrantedPermissionState(tokenID); reply.WriteInt32(result); diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp index bdd34a724..4237a5104 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp @@ -28,6 +28,12 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenIDManager"}; } +ATokenTypeEnum AccessTokenIDManager::GetTokenIdTypeEnum(AccessTokenID id) +{ + AccessTokenIDInner *idInner = (AccessTokenIDInner *)&id; + return (ATokenTypeEnum)idInner->type; +} + ATokenTypeEnum AccessTokenIDManager::GetTokenIdType(AccessTokenID id) { { @@ -36,8 +42,7 @@ ATokenTypeEnum AccessTokenIDManager::GetTokenIdType(AccessTokenID id) return TOKEN_INVALID; } } - AccessTokenIDInner *idInner = (AccessTokenIDInner *)&id; - return (ATokenTypeEnum)idInner->type; + return GetTokenIdTypeEnum(id); } int AccessTokenIDManager::RegisterTokenId(AccessTokenID id, ATokenTypeEnum type) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 757719227..1c7483c47 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -179,10 +179,8 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr permPolicySet = info->GetHapInfoPermissionPolicySet(); - if (permPolicySet != nullptr) { - PermissionManager::GetInstance().AddDefPermissions(permPolicySet->permList_); - } + PermissionManager::GetInstance().AddDefPermissions(info, false); + return RET_SUCCESS; } @@ -194,13 +192,17 @@ int AccessTokenInfoManager::AddNativeTokenInfo(const std::shared_ptrGetTokenID(); + std::string processName = info->GetProcessName(); Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); - if (nativeTokenInfoMap_.count(id) > 0) { + if (nativeTokenInfoMap_.count(id) > 0 + || nativeTokenIdMap_.count(processName) > 0) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x has exist.", __func__, id); + LABEL, "%{public}s: token %{public}x process name %{public}s has exist.", + __func__, id, processName.c_str()); return RET_FAILED; } nativeTokenInfoMap_[id] = info; + nativeTokenIdMap_[processName] = id; return RET_SUCCESS; } @@ -262,12 +264,17 @@ int AccessTokenInfoManager::GetNativeTokenInfo(AccessTokenID tokenID, NativeToke return RET_SUCCESS; } -int AccessTokenInfoManager::RemoveTokenInfo(AccessTokenID id) +int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) { ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); - if (type == TOKEN_HAP) { - // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. - PermissionManager::GetInstance().RemoveDefPermissions(id); + if (type != TOKEN_HAP) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is not hap.", __func__, id); + } + + // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. + PermissionManager::GetInstance().RemoveDefPermissions(id); + { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR( @@ -287,20 +294,35 @@ int AccessTokenInfoManager::RemoveTokenInfo(AccessTokenID id) } hapTokenInfoMap_.erase(id); - } else if (type == TOKEN_NATIVE) { + } + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:remove hap token 0x%{public}x ok!", __func__, id); + RefreshTokenInfoIfNeeded(); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) +{ + ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); + if (type != TOKEN_NATIVE) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "%{public}s: token %{public}x is not hap.", __func__, id); + } + + { Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); if (nativeTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR( LABEL, "%{public}s: native token %{public}x is null.", __func__, id); return RET_FAILED; } + + std::string processName = nativeTokenInfoMap_[id]->GetProcessName(); + if (nativeTokenIdMap_.count(processName) != 0) { + nativeTokenIdMap_.erase(processName); + } nativeTokenInfoMap_.erase(id); - } else { - ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x unknown type.", __func__, id); - return RET_FAILED; } - AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:remove hap token 0x%{public}x ok!", __func__, id); RefreshTokenInfoIfNeeded(); @@ -390,43 +412,33 @@ bool AccessTokenInfoManager::TryUpdateExistNativeToken(const std::shared_ptr infoGuard(this->nativeTokenInfoLock_); AccessTokenID id = infoPtr->GetTokenID(); - // if native token is exist, update it - if (nativeTokenInfoMap_.count(id) == 0) { - return false; - } - std::shared_ptr oldTokenInfoPtr = nativeTokenInfoMap_[id]; - if (oldTokenInfoPtr != nullptr) { - nativeTokenInfoMap_[id] = infoPtr; - } else { + std::string processName = infoPtr->GetProcessName(); + bool idExist = (nativeTokenInfoMap_.count(id) > 0); + bool processExist = (nativeTokenIdMap_.count(processName) > 0); + // id is exist, but it is not this process, so neither update nor add. + if (idExist && !processExist) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: native token exist, but is null.", __func__); - } - return true; -} - -int AccessTokenInfoManager::AllocNativeToken(const std::shared_ptr& infoPtr) -{ - if (infoPtr == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, token info is null", __func__); - return RET_FAILED; + LABEL, "%{public}s: token Id is exist, but process name is not exist, can not update.", __func__); + return true; } - AccessTokenID id = infoPtr->GetTokenID(); - int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(id, TOKEN_NATIVE); - if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, token Id register fail", __func__); - return RET_FAILED; + // this process is exist, but id is not same, perhaps libat lose his data, we need delete old, add new later. + if (!idExist && processExist) { + AccessTokenID idRemove = nativeTokenIdMap_[processName]; + nativeTokenIdMap_.erase(processName); + if (nativeTokenInfoMap_.count(idRemove) > 0) { + nativeTokenInfoMap_.erase(idRemove); + } + AccessTokenIDManager::GetInstance().ReleaseTokenId(idRemove); + return false; } - ret = AddNativeTokenInfo(infoPtr); - if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, %{public}s add token info failed", - __func__, infoPtr->GetProcessName().c_str()); - AccessTokenIDManager::GetInstance().ReleaseTokenId(id); - return RET_FAILED; + if (!idExist && !processExist) { + return false; } - return RET_SUCCESS; + nativeTokenInfoMap_[id] = infoPtr; + return true; } void AccessTokenInfoManager::ProcessNativeTokenInfos( @@ -442,8 +454,15 @@ void AccessTokenInfoManager::ProcessNativeTokenInfos( ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: token 0x%{public}x process name %{public}s is new, add to manager!", __func__, infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); - int ret = AllocNativeToken(infoPtr); + AccessTokenID id = infoPtr->GetTokenID(); + int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(id, TOKEN_NATIVE); if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, token Id register fail", __func__); + continue; + } + ret = AddNativeTokenInfo(infoPtr); + if (ret != RET_SUCCESS) { + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: token 0x%{public}x process name %{public}s add to manager failed!", __func__, infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); @@ -456,18 +475,25 @@ void AccessTokenInfoManager::ProcessNativeTokenInfos( int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) { + if (!DataValidator::IsAppIDDescValid(appIDDesc)) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:token 0x%{public}x parm format error!", __func__, tokenID); + return RET_FAILED; + } std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); if (infoPtr == nullptr) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:token 0x%{public}x is null, can not update!", __func__, tokenID); return RET_FAILED; } - Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); - infoPtr->Update(appIDDesc, policy); - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s: token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d update ok!", - __func__, tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); + { + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + infoPtr->Update(appIDDesc, policy); + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s: token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d update ok!", + __func__, tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); + } + PermissionManager::GetInstance().AddDefPermissions(infoPtr, true); RefreshTokenInfoIfNeeded(); return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 0d71b7446..e08142fa1 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -27,6 +27,13 @@ namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "HapTokenInfoInner"}; } + +HapTokenInfoInner::~HapTokenInfoInner() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, + "%{public}s called, tokenID: 0x%{public}x destruction", __func__, tokenID_); +} + void HapTokenInfoInner::Init(AccessTokenID id, const HapInfoParams &info, const HapPolicyParams &policy) { tokenID_ = id; @@ -42,6 +49,7 @@ void HapTokenInfoInner::Init(AccessTokenID id, const HapInfoParams &info, const void HapTokenInfoInner::Update(const std::string& appIDDesc, const HapPolicyParams& policy) { appID_ = appIDDesc; + apl_ = policy.apl; if (permPolicySet_ == nullptr) { permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(tokenID_, policy.permList, policy.permStateList); @@ -82,9 +90,26 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa { userID_ = inGenericValues.GetInt(FIELD_USER_ID); bundleName_ = inGenericValues.GetString(FIELD_BUNDLE_NAME); + if (!DataValidator::IsBundleNameValid(bundleName_)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x bundle name is error", __func__, tokenID_); + return RET_FAILED; + } + instIndex_ = inGenericValues.GetInt(FIELD_INST_INDEX); appID_ = inGenericValues.GetString(FIELD_APP_ID); + if (!DataValidator::IsAppIDDescValid(appID_)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x appID is error", __func__, tokenID_); + return RET_FAILED; + } + deviceID_ = inGenericValues.GetString(FIELD_DEVICE_ID); + if (!DataValidator::IsDeviceIdValid(deviceID_)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x devId is error", __func__, tokenID_); + return RET_FAILED; + } int aplNum = inGenericValues.GetInt(FIELD_APL); if (DataValidator::IsAplNumValid(aplNum)) { apl_ = (ATokenAplEnum)aplNum; diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index e57208456..0278b5eff 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -29,13 +29,36 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "NativeTokenInfoInner"}; } -void NativeTokenInfoInner::Init(AccessTokenID id, const std::string& processName, - ATokenAplEnum apl, const std::vector& dcap) +NativeTokenInfoInner::NativeTokenInfoInner(NativeTokenInfo& native) + : ver_(native.ver), tokenID_(native.tokenID), tokenAttr_(native.tokenAttr), + processName_(native.processName), apl_(native.apl), dcap_(native.dcap) +{} + +NativeTokenInfoInner::~NativeTokenInfoInner() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, + "%{public}s called, tokenID: 0x%{public}x destruction", __func__, tokenID_); +} + +int NativeTokenInfoInner::Init(AccessTokenID id, const std::string& processName, + int apl, const std::vector& dcap) { tokenID_ = id; + if (!DataValidator::IsProcessNameValid(processName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x process name is null", __func__, tokenID_); + return RET_FAILED; + } processName_ = processName; - apl_ = apl; + if (!DataValidator::IsAplNumValid(apl)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x init failed, apl %{public}d is invalid", + __func__, tokenID_, apl); + return RET_FAILED; + } + apl_ = (ATokenAplEnum)apl; dcap_ = dcap; + return RET_SUCCESS; } std::string NativeTokenInfoInner::DcapToString(const std::vector& dcap) const @@ -66,14 +89,18 @@ int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const Ge { tokenID_ = tokenId; processName_ = inGenericValues.GetString(FIELD_PROCESS_NAME); + if (!DataValidator::IsProcessNameValid(processName_)) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "%{public}s called, tokenID: 0x%{public}x process name is null", __func__, tokenID_); + return RET_FAILED; + } int aplNum = inGenericValues.GetInt(FIELD_APL); - if (DataValidator::IsAplNumValid(aplNum)) { - apl_ = (ATokenAplEnum)aplNum; - } else { + if (!DataValidator::IsAplNumValid(aplNum)) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); return RET_FAILED; } + apl_ = (ATokenAplEnum)aplNum; ver_ = inGenericValues.GetInt(FIELD_TOKEN_VERSION); if (ver_ != DEFAULT_TOKEN_VERSION) { ACCESSTOKEN_LOG_ERROR(LABEL, @@ -159,7 +186,7 @@ void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) { int start = 0; while (true) { - unsigned int offset = dcapStr.find(',', start); + std::string::size_type offset = dcapStr.find(',', start); if (offset == std::string::npos) { dcap_.push_back(dcapStr.substr(start)); break; diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp new file mode 100644 index 000000000..815acd9f4 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -0,0 +1,249 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include + +#include "accesstoken_id_manager.h" +#include "accesstoken_info_manager.h" +#include "accesstoken_log.h" +#include "data_validator.h" +#include "native_token_receptor.h" +#include "parameter.h" +#include "securec.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "NativeTokenReceptor"}; +} + +// nlohmann json need the function named from_json to parse NativeTokenInfo +void from_json(const nlohmann::json& j, std::shared_ptr& p) +{ + NativeTokenInfo native; + if (j.find(JSON_PROCESS_NAME) != j.end()) { + native.processName = j.at(JSON_PROCESS_NAME).get(); + if (!DataValidator::IsProcessNameValid(native.processName)) { + return; + } + } else { + return; + } + + if (j.find(JSON_APL) != j.end()) { + int aplNum = j.at(JSON_APL).get(); + if (DataValidator::IsAplNumValid(aplNum)) { + native.apl = (ATokenAplEnum)aplNum; + } else { + return; + } + } else { + return; + } + + if (j.find(JSON_VERSION) != j.end()) { + native.ver = j.at(JSON_VERSION).get(); + if (native.ver != DEFAULT_TOKEN_VERSION) { + return; + } + } else { + return; + } + + if (j.find(JSON_TOKEN_ID) != j.end()) { + native.tokenID = j.at(JSON_TOKEN_ID).get(); + if (native.tokenID == 0 && + AccessTokenIDManager::GetTokenIdTypeEnum(native.tokenID) != TOKEN_NATIVE) { + return; + } + } else { + return; + } + + if (j.find(JSON_TOKEN_ATTR) != j.end()) { + native.tokenAttr = j.at(JSON_TOKEN_ATTR).get(); + } else { + return; + } + + if (j.find(JSON_DCAPS) != j.end()) { + native.dcap = j.at(JSON_DCAPS).get>(); + } else { + return; + } + p = std::make_shared(native); +} + +int NativeTokenReceptor::Init() +{ + std::lock_guard lock(receptorThreadMutex_); + if (ready_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: receptor thread is already running.", __func__); + return RET_SUCCESS; + } + if (receptorThread_ != nullptr && receptorThread_->joinable()) { + receptorThread_->join(); + } + + receptorThread_ = std::make_unique(NativeTokenReceptor::ThreadFunc, this); + if (receptorThread_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: receptor thread is nullptr.", __func__); + return RET_FAILED; + } + ready_ = true; + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: init ok.", __func__); + return RET_SUCCESS; +} + +void NativeTokenReceptor::Release() +{ + std::lock_guard lock(receptorThreadMutex_); + ready_ = false; + if (listenSocket_ >= 0) { + close(listenSocket_); + listenSocket_ = -1; + } + + if (connectSocket_ >= 0) { + close(connectSocket_); + connectSocket_ = -1; + } + + int ret = SetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "false"); + if (ret != 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: set parameter failed.", __func__); + return; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "Release ok."); +} + +NativeTokenReceptor& NativeTokenReceptor::GetInstance() +{ + static NativeTokenReceptor instance; + return instance; +} + +void NativeTokenReceptor::ParserNativeRawData(const std::string& nativeRawData, + std::vector>& tokenInfos) +{ + nlohmann::json jsonRes = nlohmann::json::parse(nativeRawData, nullptr, false); + if (jsonRes.find(JSON_KEY_NATIVE_TOKEN_INFO_JSON) != jsonRes.end()) { + auto nativeTokenVect = + jsonRes.at(JSON_KEY_NATIVE_TOKEN_INFO_JSON).get>>(); + for (auto& token : nativeTokenVect) { + if (token != nullptr) { + tokenInfos.emplace_back(token); + } + } + } +} + +int NativeTokenReceptor::InitNativeTokenSocket() +{ + struct sockaddr_un addr; + (void)memset_s(&addr, sizeof(addr), 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), socketPath_.c_str(), sizeof(addr.sun_path) - 1) != EOK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: init socket path failed.", __func__); + return -1; + } + + unlink(socketPath_.c_str()); + listenSocket_ = socket(AF_UNIX, SOCK_STREAM, 0); + if (listenSocket_ < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: init socket failed.", __func__); + return -1; + } + + socklen_t len = sizeof(struct sockaddr_un); + int ret = bind(listenSocket_, (struct sockaddr *)(&addr), len); + if (ret == -1) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: bind socket failed.", __func__); + close(listenSocket_); + listenSocket_ = -1; + return -1; + } + ret = listen(listenSocket_, 1); + if (ret < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: listen socket failed.", __func__); + remove(socketPath_.c_str()); + close(listenSocket_); + listenSocket_ = -1; + return -1; + } + return 0; +} + +void NativeTokenReceptor::LoopHandler() +{ + int ret = InitNativeTokenSocket(); + if (ret < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: InitNativeTokenSocket failed.", __func__); + return; + } + + ret = SetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "true"); + if (ret != 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: set parameter failed.", __func__); + return; + } + + while (true) { + socklen_t len = sizeof(struct sockaddr_un); + struct sockaddr_un clientAddr; + int connectSocket_ = accept(listenSocket_, (struct sockaddr *)(&clientAddr), &len); + if (connectSocket_ < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: accept fail errno %{public}d.", __func__, errno); + continue; + } + std::string nativeRawData; + char buff[MAX_RECEPTOR_SIZE + 1]; + while (true) { + int readLen = read(connectSocket_, buff, MAX_RECEPTOR_SIZE); + if (readLen <= 0) { + break; + } + buff[readLen] = '\0'; + nativeRawData.append(buff); + } + close(connectSocket_); + connectSocket_ = -1; + + std::vector> tokenInfos; + ParserNativeRawData(nativeRawData, tokenInfos); + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + } +} + +void NativeTokenReceptor::ThreadFunc(NativeTokenReceptor *receptor) +{ + if (receptor != nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: start handler loop.", __func__); + receptor->LoopHandler(); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: native token loop end, native token can not sync.", __func__); + receptor->Release(); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn index b22343c7f..be37ead41 100644 --- a/services/accesstokenmanager/test/BUILD.gn +++ b/services/accesstokenmanager/test/BUILD.gn @@ -28,18 +28,22 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//third_party/json/include", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] sources = [ "unittest/cpp/src/accesstoken_info_manager_test.cpp", + "unittest/cpp/src/native_token_receptor_test.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ - "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service", - "//base/security/access_token/frameworks/common:accesstoken_common_cxx", "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//third_party/googletest:gtest_main", "//utils/native/base:utils", ] diff --git a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp index 89bec7c88..d981b08d9 100644 --- a/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/cpp/src/accesstoken_info_manager_test.cpp @@ -36,7 +36,9 @@ static PermissionDef g_infoManagerTestPermDef1 = { .labelId = 1, .description = "open the door", .descriptionId = 1, - .availableScope = 1 + .availableLevel = APL_NORMAL, + .provisionEnable = false, + .distributedSceneEnable = false }; static PermissionDef g_infoManagerTestPermDef2 = { @@ -47,7 +49,9 @@ static PermissionDef g_infoManagerTestPermDef2 = { .labelId = 1, .description = "break the door", .descriptionId = 1, - .availableScope = 1 + .availableLevel = APL_NORMAL, + .provisionEnable = false, + .distributedSceneEnable = false }; static PermissionStateFull g_infoManagerTestState1 = { @@ -105,7 +109,7 @@ HWTEST_F(AccessTokenInfoManagerTest, Init001, TestSize.Level1) g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); if (getTokenId != 0) { - int ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(getTokenId); + int ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(getTokenId); ASSERT_EQ(RET_SUCCESS, ret); } @@ -133,7 +137,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo001, TestSize.Level1) tokenInfo->ToString(infoDes); GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); - ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; @@ -172,7 +176,7 @@ HWTEST_F(AccessTokenInfoManagerTest, CreateHapTokenInfo002, TestSize.Level1) tokenInfo->ToString(infoDes); GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); - ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; } @@ -201,7 +205,7 @@ HWTEST_F(AccessTokenInfoManagerTest, GetHapTokenID001, TestSize.Level1) ASSERT_NE(nullptr, tokenInfo); GTEST_LOG_(INFO) << "remove the token info"; - ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; } @@ -234,7 +238,7 @@ HWTEST_F(AccessTokenInfoManagerTest, UpdateHapToken001, TestSize.Level1) tokenInfo->ToString(infoDes); GTEST_LOG_(INFO) << "get hap token info:" << infoDes.c_str(); - ret = AccessTokenInfoManager::GetInstance().RemoveTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); + ret = AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, ret); GTEST_LOG_(INFO) << "remove the token info"; } diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp new file mode 100644 index 000000000..226415ee1 --- /dev/null +++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp @@ -0,0 +1,716 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#include "native_token_receptor_test.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "accesstoken_info_manager.h" +#include "data_storage.h" +#include "field_const.h" +#define private public +#include "native_token_receptor.h" +#undef private +#include "securec.h" + +using namespace testing::ext; +using namespace OHOS::Security::AccessToken; + +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "NativeTokenReceptorTest"}; +} + +void NativeTokenReceptorTest::SetUpTestCase() +{ + // delete all test 0x28100000 - 0x28100007 + for (unsigned int i = 0x28100000; i <= 0x28100007; i++) { + AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(i); + } +} + +void NativeTokenReceptorTest::TearDownTestCase() +{} + +void NativeTokenReceptorTest::SetUp() +{} + +void NativeTokenReceptorTest::TearDown() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test down!"); +} + +/** + * @tc.name: Init001 + * @tc.desc: Verify socket init result. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, Init001, TestSize.Level1) +{ + NativeTokenReceptor::GetInstance().socketPath_ = "/data/system/token_unix_socket.test.socket"; + NativeTokenReceptor::GetInstance().Init(); + NativeTokenReceptor::GetInstance().receptorThread_->detach(); + ASSERT_LT(NativeTokenReceptor::GetInstance().listenSocket_, 0); + sleep(3); + char buffer[128] = {0}; + int ret = GetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "false", buffer, 127); + GTEST_LOG_(INFO) << "ret " << ret << " buffer " << buffer; + ASSERT_EQ(ret, strlen("true")); + ASSERT_EQ(strcmp(buffer, "true"), 0); +} + +/** + * @tc.name: ParserNativeRawData001 + * @tc.desc: Verify processing right native token json. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ParserNativeRawData001!"); + std::string testStr = R"({"NativeTokenInfo":[)"\ + R"({"processName":"process6","APL":3,"version":1,"tokenId":685266937,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]},)"\ + R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + + NativeTokenReceptor& receptor = NativeTokenReceptor::GetInstance(); + std::vector> tokenInfos; + receptor.ParserNativeRawData(testStr, tokenInfos); + int size = tokenInfos.size(); + ASSERT_EQ(2, size); + ASSERT_NE(nullptr, tokenInfos[0]); + ASSERT_NE(nullptr, tokenInfos[1]); + + ASSERT_EQ("process6", tokenInfos[0]->GetProcessName()); + ASSERT_EQ(685266937, tokenInfos[0]->GetTokenID()); + ASSERT_EQ(2, tokenInfos[0]->GetDcap().size()); + ASSERT_EQ("AT_CAP", (tokenInfos[0]->GetDcap())[0]); + ASSERT_EQ("ST_CAP", (tokenInfos[0]->GetDcap())[1]); + + ASSERT_EQ("process5", tokenInfos[1]->GetProcessName()); + ASSERT_EQ(678065606, tokenInfos[1]->GetTokenID()); + ASSERT_EQ(2, tokenInfos[1]->GetDcap().size()); + ASSERT_EQ("AT_CAP", (tokenInfos[1]->GetDcap())[0]); + ASSERT_EQ("ST_CAP", (tokenInfos[1]->GetDcap())[1]); +} + +/** + * @tc.name: ParserNativeRawData002 + * @tc.desc: Verify processing wrong native token json. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ParserNativeRawData002!"); + std::string testStr = R"({"NativeTokenInfo":[{"processName":""}]})"; + std::vector> tokenInfos; + + NativeTokenReceptor& receptor = NativeTokenReceptor::GetInstance(); + + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"({"NativeTokenInfo":[{"processName":"", }]})"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"({"NativeTokenInfo":[{"processName":"process6"}, {}]})"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"({"NativeTokenInfo":[{"processName":""}, {"":"", ""}]})"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"({"NativeTokenInfo":[{"processName":"process6", "tokenId":685266937, "APL":3, "version":new}]})"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"({"NativeTokenInfo":[{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}]})"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); +} + +namespace OHOS { +namespace Security { +namespace AccessToken { + extern void from_json(const nlohmann::json& j, std::shared_ptr& p); +} +} +} + +/** + * @tc.name: from_json001 + * @tc.desc: Verify from json right case. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, from_json001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test from_json001!"); + nlohmann::json j = nlohmann::json{ + {"processName", "process6"}, + {"APL", APL_SYSTEM_CORE}, + {"version", 1}, + {"tokenId", 685266937}, + {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + std::shared_ptr p; + from_json(j, p); + ASSERT_NE((p == nullptr), true); +} + +/** + * @tc.name: from_json002 + * @tc.desc: Verify from json wrong case. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, from_json002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test from_json002!"); + // version wrong + nlohmann::json j = nlohmann::json{ + {"processName", "process6"}, {"APL", APL_SYSTEM_CORE}, + {"version", 2}, {"tokenId", 685266937}, + {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + std::shared_ptr p; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); + + // APL wrong + j = nlohmann::json{ + {"processName", "process6"}, + {"APL", -1}, {"version", 1}, + {"tokenId", 685266937}, {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); + + // tokenId wrong + j = nlohmann::json{ + {"processName", "process6"}, + {"APL", APL_SYSTEM_BASIC}, {"version", 1}, + {"tokenId", 0}, {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); + + // process name empty + j = nlohmann::json{ + {"processName", ""}, + {"APL", APL_SYSTEM_BASIC}, {"version", 1}, + {"tokenId", 685266937}, {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); + + // process name too long + std::string name(512, 'c'); + j = nlohmann::json{ + {"processName", name}, + {"APL", APL_SYSTEM_BASIC}, {"version", 1}, + {"tokenId", 685266937}, {"tokenAttr", 0}, + {"dcaps", {"AT_CAP", "ST_CAP"}}}; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); + + // lose process name + j = nlohmann::json{ + {"APL", APL_SYSTEM_BASIC}, + {"version", 1}, {"tokenId", 685266937}, + {"tokenAttr", 0}, {"dcaps", {"AT_CAP", "ST_CAP"}}}; + from_json(j, p); + ASSERT_EQ((p == nullptr), true); +} + +/** + * @tc.name: ProcessNativeTokenInfos001 + * @tc.desc: test add one native token + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos001!"); + std::vector> tokenInfos; + + // test process one + NativeTokenInfo info = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test0", + .tokenID = 0x28100000, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + std::shared_ptr nativeToken = std::make_shared(info); + tokenInfos.emplace_back(nativeToken); + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info.apl); + ASSERT_EQ(findInfo.ver, info.ver); + ASSERT_EQ(findInfo.processName, info.processName); + ASSERT_EQ(findInfo.tokenID, info.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info.tokenAttr); + ASSERT_EQ(findInfo.dcap, info.dcap); + + // wait fresh tokens to sql. + sleep(3); + + // get sql data + std::vector nativeTokenResults; + DataStorage::GetRealDataStorage().Find(DataStorage::ACCESSTOKEN_NATIVE_INFO, nativeTokenResults); + for (GenericValues nativeTokenValue : nativeTokenResults) { + AccessTokenID tokenId = (AccessTokenID)nativeTokenValue.GetInt(FIELD_TOKEN_ID); + if (tokenId != info.tokenID) { + continue; + } + GTEST_LOG_(INFO) <<"apl " << nativeTokenValue.GetInt(FIELD_APL); + std::shared_ptr native = std::make_shared(); + ASSERT_NE(native, nullptr); + ret = native->RestoreNativeTokenInfo(tokenId, nativeTokenValue); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(native->GetTokenID(), info.tokenID); + ASSERT_EQ(native->GetProcessName(), info.processName); + ASSERT_EQ(native->GetDcap(), info.dcap); + } + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ProcessNativeTokenInfos002 + * @tc.desc: test add two native tokens. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos002!"); + std::vector> tokenInfos; + + NativeTokenInfo info1 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test1", + .tokenID = 0x28100001, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + NativeTokenInfo info2 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test2", + .tokenID = 0x28100002, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + std::shared_ptr nativeToken1 = std::make_shared(info1); + tokenInfos.emplace_back(nativeToken1); + + std::shared_ptr nativeToken2 = std::make_shared(info2); + tokenInfos.emplace_back(nativeToken2); + + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + NativeTokenInfo findInfo; + + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info1.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info1.apl); + ASSERT_EQ(findInfo.ver, info1.ver); + ASSERT_EQ(findInfo.processName, info1.processName); + ASSERT_EQ(findInfo.tokenID, info1.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info1.tokenAttr); + ASSERT_EQ(findInfo.dcap, info1.dcap); + + ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info2.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info2.apl); + ASSERT_EQ(findInfo.ver, info2.ver); + ASSERT_EQ(findInfo.processName, info2.processName); + ASSERT_EQ(findInfo.tokenID, info2.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info2.tokenAttr); + ASSERT_EQ(findInfo.dcap, info2.dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info1.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info2.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ProcessNativeTokenInfos003 + * @tc.desc: test add nullptr tokenInfo. + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos003, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos003!"); + std::vector> tokenInfos; + + std::shared_ptr nativeToken1 = std::make_shared(); + tokenInfos.emplace_back(nativeToken1); + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + ASSERT_EQ(RET_SUCCESS, RET_SUCCESS); +} + +/** + * @tc.name: ProcessNativeTokenInfos004 + * @tc.desc: test add repeat id, but process doesnt + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos004, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos004!"); + std::vector> tokenInfos; + + NativeTokenInfo info3 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test3", + .tokenID = 0x28100003, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + NativeTokenInfo info4 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test4", + .tokenID = 0x28100003, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + std::shared_ptr nativeToken3 = std::make_shared(info3); + tokenInfos.emplace_back(nativeToken3); + + std::shared_ptr nativeToken4 = std::make_shared(info4); + tokenInfos.emplace_back(nativeToken4); + + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info3.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info3.apl); + ASSERT_EQ(findInfo.ver, info3.ver); + ASSERT_EQ(findInfo.processName, info3.processName); + ASSERT_EQ(findInfo.tokenID, info3.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info3.tokenAttr); + ASSERT_EQ(findInfo.dcap, info3.dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info3.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ProcessNativeTokenInfos005 + * @tc.desc: test add repeat process, but id doesnt + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos005, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos005!"); + std::vector> tokenInfos; + + NativeTokenInfo info5 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test5", + .tokenID = 0x28100005, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + NativeTokenInfo info6 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test5", + .tokenID = 0x28100006, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + std::shared_ptr nativeToken5 = std::make_shared(info5); + tokenInfos.emplace_back(nativeToken5); + + std::shared_ptr nativeToken6 = std::make_shared(info6); + tokenInfos.emplace_back(nativeToken6); + + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info5.tokenID, findInfo); + ASSERT_EQ(ret, RET_FAILED); + + ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info6.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info6.apl); + ASSERT_EQ(findInfo.ver, info6.ver); + ASSERT_EQ(findInfo.processName, info6.processName); + ASSERT_EQ(findInfo.tokenID, info6.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info6.tokenAttr); + ASSERT_EQ(findInfo.dcap, info6.dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info6.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ProcessNativeTokenInfos006 + * @tc.desc: test add repeat process and id + * @tc.type: FUNC + * @tc.require: Issue Number + */ +HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos006, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ProcessNativeTokenInfos006!"); + std::vector> tokenInfos; + + NativeTokenInfo info7 = { + .apl = APL_NORMAL, + .ver = 1, + .processName = "native_token_test7", + .tokenID = 0x28100007, + .tokenAttr = 0, + .dcap = {"AT_CAP", "ST_CAP"} + }; + + NativeTokenInfo info8 = { + .apl = APL_SYSTEM_BASIC, + .ver = 1, + .processName = "native_token_test7", + .tokenID = 0x28100007, + .tokenAttr = 0, + .dcap = {"AT_CAP"} + }; + + std::shared_ptr nativeToken7 = std::make_shared(info7); + tokenInfos.emplace_back(nativeToken7); + + std::shared_ptr nativeToken8 = std::make_shared(info8); + tokenInfos.emplace_back(nativeToken8); + + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(info7.tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, info8.apl); + ASSERT_EQ(findInfo.ver, info8.ver); + ASSERT_EQ(findInfo.processName, info8.processName); + ASSERT_EQ(findInfo.tokenID, info8.tokenID); + ASSERT_EQ(findInfo.tokenAttr, info8.tokenAttr); + ASSERT_EQ(findInfo.dcap, info8.dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(info8.tokenID); + ASSERT_EQ(ret, RET_SUCCESS); +} + +static int initClientSocket() +{ + struct sockaddr_un addr; + int fd = -1; + + /* set socket */ + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if (fd < 0) { + return -1; + } + (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), + "/data/system/token_unix_socket.test.socket", sizeof(addr.sun_path) - 1) != EOK) { + close(fd); + return -1; + } + int ret = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); + if (ret != 0) { + close(fd); + return -1; + } + return fd; +} + +void LibatConcurrencyTask(const char* syncMesg) +{ + int fd = initClientSocket(); + if (fd <= 0) { + GTEST_LOG_(INFO) << "initClientSocket failed"; + return; + } + int writtenSize; + int len = strlen(syncMesg); + + writtenSize = write(fd, syncMesg, len); + ASSERT_EQ(writtenSize, len); + if (writtenSize != len) { + GTEST_LOG_(INFO) << "send mesg failed"; + } + close(fd); +} + +/** + * @tc.name: ClientConnect001 + * @tc.desc: client connect and send a nativetoken, and close + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(NativeTokenReceptorTest, ClientConnect001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect001!"); + // 672137216 = 0x28100000 + std::string testStr = R"({"NativeTokenInfo":[)"\ + R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + + LibatConcurrencyTask(testStr.c_str()); + sleep(5); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "process6"); + ASSERT_EQ(findInfo.tokenID, 672137216); + ASSERT_EQ(findInfo.tokenAttr, 0); + std::vector dcap = {"AT_CAP", "ST_CAP"}; + ASSERT_EQ(findInfo.dcap, dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ClientConnect002 + * @tc.desc: client connect and send two nativetokens at same time by two threads + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(NativeTokenReceptorTest, ClientConnect002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect002!"); + std::string testStr1 = R"({"NativeTokenInfo":[)"\ + R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + + std::string testStr2 = R"({"NativeTokenInfo":[)"\ + R"({"processName":"process7","APL":3,"version":1,"tokenId":672137217,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + + std::thread threadClient1(LibatConcurrencyTask, testStr1.c_str()); + + std::thread threadClient2(LibatConcurrencyTask, testStr2.c_str()); + threadClient1.join(); + threadClient2.join(); + + sleep(5); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "process6"); + ASSERT_EQ(findInfo.tokenID, 672137216); + ASSERT_EQ(findInfo.tokenAttr, 0); + std::vector dcap = {"AT_CAP", "ST_CAP"}; + ASSERT_EQ(findInfo.dcap, dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137217, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "process7"); + ASSERT_EQ(findInfo.tokenID, 672137217); + ASSERT_EQ(findInfo.tokenAttr, 0); + ASSERT_EQ(findInfo.dcap, dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137217); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: ClientConnect003 + * @tc.desc: client connect and send two nativetokens at one time + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(NativeTokenReceptorTest, ClientConnect003, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect003!"); + std::string testStr = R"({"NativeTokenInfo":[)"\ + R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]},)"\ + R"({"processName":"process7","APL":3,"version":1,"tokenId":672137217,"tokenAttr":0,)"\ + R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + + LibatConcurrencyTask(testStr.c_str()); + + sleep(5); + + NativeTokenInfo findInfo; + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "process6"); + ASSERT_EQ(findInfo.tokenID, 672137216); + ASSERT_EQ(findInfo.tokenAttr, 0); + std::vector dcap = {"AT_CAP", "ST_CAP"}; + ASSERT_EQ(findInfo.dcap, dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137217, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "process7"); + ASSERT_EQ(findInfo.tokenID, 672137217); + ASSERT_EQ(findInfo.tokenAttr, 0); + ASSERT_EQ(findInfo.dcap, dcap); + + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137217); + ASSERT_EQ(ret, RET_SUCCESS); +} diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken.h b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.h similarity index 68% rename from interfaces/innerkits/accesstoken/main/cpp/include/accesstoken.h rename to services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.h index f0084d347..1df01e7d4 100644 --- a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken.h +++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.h @@ -13,24 +13,26 @@ * limitations under the License. */ -#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_H -#define INTERFACES_INNER_KITS_ACCESSTOKEN_H +#ifndef NATIVE_TOKEN_RECEPTOR_TEST_H +#define NATIVE_TOKEN_RECEPTOR_TEST_H + +#include +#include "accesstoken_log.h" namespace OHOS { namespace Security { namespace AccessToken { -typedef unsigned int AccessTokenID; -enum AccessTokenKitRet { - RET_FAILED = -1, - RET_SUCCESS = 0, -}; +class NativeTokenReceptorTest : public testing::Test { +public: + static void SetUpTestCase(); + + static void TearDownTestCase(); -typedef enum TypePermissionState { - PERMISSION_DENIED = -1, - PERMISSION_GRANTED = 0, -} PermissionState; + void SetUp(); + + void TearDown(); +}; } // namespace AccessToken } // namespace Security } // namespace OHOS - -#endif +#endif // NATIVE_TOKEN_RECEPTOR_TEST_H diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp b/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp index 6e011816a..eda9f78cc 100644 --- a/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp +++ b/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp @@ -45,6 +45,10 @@ void TokenSyncManagerService::OnStart() return; } ACCESSTOKEN_LOG_INFO(LABEL, "TokenSyncManagerService is starting"); + if (!Initialize()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to initialize"); + return; + } state_ = ServiceRunningState::STATE_RUNNING; bool ret = Publish(DelayedSingleton::GetInstance().get()); if (!ret) { -- Gitee From a5cfdf8854c344b581242445f4bd2ca8d7ca8e3d Mon Sep 17 00:00:00 2001 From: lsq Date: Thu, 13 Jan 2022 22:18:39 +0800 Subject: [PATCH 17/51] update readme title Signed-off-by: lsq --- README_zh.md | 2 +- bundle.json | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 bundle.json diff --git a/README_zh.md b/README_zh.md index e2ae4ca90..3553aebf0 100644 --- a/README_zh.md +++ b/README_zh.md @@ -1,4 +1,4 @@ -# security_access_token +# 访问控制 - [简介](#section11660541593) - [目录](#section119744591305) diff --git a/bundle.json b/bundle.json new file mode 100644 index 000000000..98aaaa038 --- /dev/null +++ b/bundle.json @@ -0,0 +1,56 @@ +{ + "name": "@openharmony/access_token", + "version": "3.1.0", + "description": "access_token", + "publishAs": "code-segment", + "author": {}, + "repository": "", + "license": "Apache License 2.0", + "component": { + "name": "access_token", + "subsystem": "security", + "adapted_system_type": [ "standard" ], + "deps": { + "components": [ + "hiviewdfx_hilog_native", + "ipc_core", + "ans_standard", + "aafwk_standard", + "system_ability_fwk", + "samgr_proxy", + "appexecfwk_standard", + "eventhandler", + "napi", + "safwk", + "samgr_standard", + "utils_base" + ], + "third_party": [ + "cJSON", + "sqlite", + "mbedtls" + ] + }, + "build": { + "sub_component": [ + "//base/security/access_token:accesstoken_build_module", + "//base/security/access_token:tokensync_build_module" + ], + "inner_kits": [ + { + "name": "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "header": { + "header_files": [ + "accesstoken_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" + } + } + ], + "test": [ + "//base/security/access_token:accesstoken_build_module_test", + "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest" + ] + } + } +} -- Gitee From 150f480673308f64e8168d08ba5c255325b8efdf Mon Sep 17 00:00:00 2001 From: lsq Date: Fri, 14 Jan 2022 16:04:11 +0800 Subject: [PATCH 18/51] modify path Change-Id: If53368b276421e069b91a59b1dc4231ff9a26259 Signed-off-by: lsq --- BUILD.gn | 4 +-- README_zh.md | 2 +- bundle.json | 2 +- frameworks/accesstoken/BUILD.gn | 15 ++++---- frameworks/common/BUILD.gn | 8 ++--- interfaces/innerkits/accesstoken/BUILD.gn | 14 ++++---- .../{main/cpp => }/include/access_token.h | 0 .../accesstoken/include/accesstoken.h | 36 +++++++++++++++++++ .../{main/cpp => }/include/accesstoken_kit.h | 0 .../{main/cpp => }/include/hap_token_info.h | 0 .../cpp => }/include/native_token_info.h | 0 .../{main/cpp => }/include/permission_def.h | 0 .../cpp => }/include/permission_state_full.h | 0 .../{main/cpp => }/src/accesstoken_kit.cpp | 0 .../src/accesstoken_manager_client.cpp | 0 .../cpp => }/src/accesstoken_manager_client.h | 0 .../src/accesstoken_manager_proxy.cpp | 0 .../cpp => }/src/accesstoken_manager_proxy.h | 0 .../innerkits/accesstoken/test/BUILD.gn | 4 +-- .../{cpp => }/src/accesstoken_kit_test.cpp | 0 .../{cpp => }/src/accesstoken_kit_test.h | 0 .../innerkits/{atlib => nativetoken}/BUILD.gn | 12 +++---- .../include/nativetoken.h} | 8 ++--- .../include/nativetoken_kit.h} | 7 ++-- .../include/nativetoken_log.h} | 0 .../src/nativetoken.c} | 4 +-- .../{atlib => nativetoken}/test/BUILD.gn | 10 +++--- .../unittest/src/nativetoken_kit_test.cpp} | 6 ++-- .../test/unittest/src/nativetoken_kit_test.h} | 0 .../innerkits/token_setproc/test/BUILD.gn | 2 +- .../{cpp => }/src/tokensetproc_kit_test.cpp | 0 .../{cpp => }/src/tokensetproc_kit_test.h | 0 interfaces/innerkits/tokensync/BUILD.gn | 15 ++++---- .../{main/cpp => }/include/tokensync_kit.h | 0 .../{main/cpp => }/src/tokensync_kit.cpp | 0 .../cpp => }/src/tokensync_manager_client.cpp | 0 .../cpp => }/src/tokensync_manager_client.h | 0 .../cpp => }/src/tokensync_manager_proxy.cpp | 0 .../cpp => }/src/tokensync_manager_proxy.h | 0 interfaces/innerkits/tokensync/test/BUILD.gn | 7 ++-- .../{cpp => }/src/tokensync_kit_test.cpp | 0 .../{cpp => }/src/tokensync_kit_test.h | 0 interfaces/kits/accesstoken/BUILD.gn | 2 +- ohos.build | 2 +- services/accesstokenmanager/BUILD.gn | 2 +- 45 files changed, 100 insertions(+), 62 deletions(-) mode change 100644 => 100755 bundle.json rename interfaces/innerkits/accesstoken/{main/cpp => }/include/access_token.h (100%) create mode 100755 interfaces/innerkits/accesstoken/include/accesstoken.h rename interfaces/innerkits/accesstoken/{main/cpp => }/include/accesstoken_kit.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/include/hap_token_info.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/include/native_token_info.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/include/permission_def.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/include/permission_state_full.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/src/accesstoken_kit.cpp (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/src/accesstoken_manager_client.cpp (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/src/accesstoken_manager_client.h (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/src/accesstoken_manager_proxy.cpp (100%) rename interfaces/innerkits/accesstoken/{main/cpp => }/src/accesstoken_manager_proxy.h (100%) rename interfaces/innerkits/accesstoken/test/unittest/{cpp => }/src/accesstoken_kit_test.cpp (100%) rename interfaces/innerkits/accesstoken/test/unittest/{cpp => }/src/accesstoken_kit_test.h (100%) rename interfaces/innerkits/{atlib => nativetoken}/BUILD.gn (89%) rename interfaces/innerkits/{atlib/main/include/accesstoken_lib.h => nativetoken/include/nativetoken.h} (92%) rename interfaces/innerkits/{atlib/main/include/accesstokenlib_kit.h => nativetoken/include/nativetoken_kit.h} (82%) rename interfaces/innerkits/{atlib/main/include/accesstoken_log.h => nativetoken/include/nativetoken_log.h} (100%) rename interfaces/innerkits/{atlib/main/src/accesstoken_lib.c => nativetoken/src/nativetoken.c} (99%) rename interfaces/innerkits/{atlib => nativetoken}/test/BUILD.gn (79%) rename interfaces/innerkits/{atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp => nativetoken/test/unittest/src/nativetoken_kit_test.cpp} (99%) rename interfaces/innerkits/{atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h => nativetoken/test/unittest/src/nativetoken_kit_test.h} (100%) rename interfaces/innerkits/token_setproc/test/unittest/{cpp => }/src/tokensetproc_kit_test.cpp (100%) rename interfaces/innerkits/token_setproc/test/unittest/{cpp => }/src/tokensetproc_kit_test.h (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/include/tokensync_kit.h (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/src/tokensync_kit.cpp (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/src/tokensync_manager_client.cpp (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/src/tokensync_manager_client.h (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/src/tokensync_manager_proxy.cpp (100%) rename interfaces/innerkits/tokensync/{main/cpp => }/src/tokensync_manager_proxy.h (100%) rename interfaces/innerkits/tokensync/test/unittest/{cpp => }/src/tokensync_kit_test.cpp (100%) rename interfaces/innerkits/tokensync/test/unittest/{cpp => }/src/tokensync_kit_test.h (100%) diff --git a/BUILD.gn b/BUILD.gn index f2393de68..97c62f984 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -17,7 +17,7 @@ group("accesstoken_build_module") { if (is_standard_system) { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl", "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", @@ -42,7 +42,7 @@ group("accesstoken_build_module_test") { if (is_standard_system) { deps += [ "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", - "//base/security/access_token/interfaces/innerkits/atlib/test:unittest", + "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest", "//base/security/access_token/interfaces/innerkits/tokensync/test:unittest", "//base/security/access_token/services/accesstokenmanager/test:unittest", diff --git a/README_zh.md b/README_zh.md index 3553aebf0..23be5b3af 100644 --- a/README_zh.md +++ b/README_zh.md @@ -28,7 +28,7 @@ ATM模块主要提供如下功能: ├── interfaces # 接口层 │ └── innerkits # 内部接口层 │ ├── accesstoken # Accesstoken内部接口代码存放目录 -│ ├── accesstoken_lib # Accesstoken_lib内部接口代码存放目录 +│ ├── nativetoken # nativetoken内部接口代码存放目录 │ └── tokensync # Accesstoken信息同步内部接口代码存放目录 └── services # 服务层 ├── accesstokenmanager # Accesstoken管理服务代码存放目录 diff --git a/bundle.json b/bundle.json old mode 100644 new mode 100755 index 98aaaa038..a33458f1f --- a/bundle.json +++ b/bundle.json @@ -43,7 +43,7 @@ "header_files": [ "accesstoken_kit.h" ], - "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" + "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" } } ], diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index b11ba2978..1489a5df0 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -20,7 +20,7 @@ config("accesstoken_communication_adapter_cxx_public_config") { visibility = [ ":*" ] include_dirs = [ "include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] } @@ -28,22 +28,21 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") { subsystem_name = "security" part_name = "access_token" - public_configs = - [ ":accesstoken_communication_adapter_cxx_public_config" ] + public_configs = [ ":accesstoken_communication_adapter_cxx_public_config" ] include_dirs = [ "include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//utils/native/base/include", ] sources = [ - "src/permission_def_parcel.cpp", - "src/permission_state_full_parcel.cpp", + "src/hap_info_parcel.cpp", "src/hap_policy_parcel.cpp", "src/hap_token_info_parcel.cpp", - "src/hap_info_parcel.cpp", - "src/native_token_info_parcel.cpp" + "src/native_token_info_parcel.cpp", + "src/permission_def_parcel.cpp", + "src/permission_state_full_parcel.cpp", ] deps = [ "//utils/native/base:utils" ] diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn index b63c67b3c..aad20da42 100644 --- a/frameworks/common/BUILD.gn +++ b/frameworks/common/BUILD.gn @@ -18,7 +18,7 @@ import("//build/ohos.gni") ################################################################ config("accesstoken_common_cxx_public_config") { visibility = [ ":*" ] - include_dirs = [ "main/cpp/include" ] + include_dirs = [ "include" ] } ohos_shared_library("accesstoken_common_cxx") { @@ -31,17 +31,17 @@ ohos_shared_library("accesstoken_common_cxx") { "include", "//utils/system/safwk/native/include", "//third_party/mbedtls/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] sources = [ "src/data_validator.cpp", - "src/random_mbedtls.cpp" + "src/random_mbedtls.cpp", ] deps = [ - "//utils/native/base:utils", "//third_party/mbedtls:mbedtls_shared", + "//utils/native/base:utils", ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn index 1db916653..2c353eec6 100644 --- a/interfaces/innerkits/accesstoken/BUILD.gn +++ b/interfaces/innerkits/accesstoken/BUILD.gn @@ -18,7 +18,7 @@ import("//build/ohos.gni") ################################################################ config("accesstoken") { visibility = [ ":*" ] - include_dirs = [ "main/cpp/include" ] + include_dirs = [ "include" ] } ohos_shared_library("libaccesstoken_sdk") { @@ -31,17 +31,17 @@ ohos_shared_library("libaccesstoken_sdk") { include_dirs = [ "//utils/native/base/include", - "main/cpp/include", - "main/cpp/src", + "include", + "src", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/frameworks/common/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] sources = [ - "main/cpp/src/accesstoken_kit.cpp", - "main/cpp/src/accesstoken_manager_client.cpp", - "main/cpp/src/accesstoken_manager_proxy.cpp", + "src/accesstoken_kit.cpp", + "src/accesstoken_manager_client.cpp", + "src/accesstoken_manager_proxy.cpp", ] deps = [ diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/access_token.h rename to interfaces/innerkits/accesstoken/include/access_token.h diff --git a/interfaces/innerkits/accesstoken/include/accesstoken.h b/interfaces/innerkits/accesstoken/include/accesstoken.h new file mode 100755 index 000000000..f0084d347 --- /dev/null +++ b/interfaces/innerkits/accesstoken/include/accesstoken.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_H +#define INTERFACES_INNER_KITS_ACCESSTOKEN_H + +namespace OHOS { +namespace Security { +namespace AccessToken { +typedef unsigned int AccessTokenID; +enum AccessTokenKitRet { + RET_FAILED = -1, + RET_SUCCESS = 0, +}; + +typedef enum TypePermissionState { + PERMISSION_DENIED = -1, + PERMISSION_GRANTED = 0, +} PermissionState; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/accesstoken_kit.h rename to interfaces/innerkits/accesstoken/include/accesstoken_kit.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/hap_token_info.h rename to interfaces/innerkits/accesstoken/include/hap_token_info.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h b/interfaces/innerkits/accesstoken/include/native_token_info.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/native_token_info.h rename to interfaces/innerkits/accesstoken/include/native_token_info.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h b/interfaces/innerkits/accesstoken/include/permission_def.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/permission_def.h rename to interfaces/innerkits/accesstoken/include/permission_def.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h b/interfaces/innerkits/accesstoken/include/permission_state_full.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/include/permission_state_full.h rename to interfaces/innerkits/accesstoken/include/permission_state_full.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_kit.cpp rename to interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.cpp rename to interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_client.h rename to interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.cpp rename to interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp diff --git a/interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h similarity index 100% rename from interfaces/innerkits/accesstoken/main/cpp/src/accesstoken_manager_proxy.h rename to interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index fed32567e..1a7965889 100755 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -21,10 +21,10 @@ ohos_unittest("libaccesstoken_sdk_test") { include_dirs = [ "//utils/native/base/include", "//third_party/googletest/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] - sources = [ "unittest/cpp/src/accesstoken_kit_test.cpp" ] + sources = [ "unittest/src/accesstoken_kit_test.cpp" ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp similarity index 100% rename from interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.cpp rename to interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp diff --git a/interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h similarity index 100% rename from interfaces/innerkits/accesstoken/test/unittest/cpp/src/accesstoken_kit_test.h rename to interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h diff --git a/interfaces/innerkits/atlib/BUILD.gn b/interfaces/innerkits/nativetoken/BUILD.gn similarity index 89% rename from interfaces/innerkits/atlib/BUILD.gn rename to interfaces/innerkits/nativetoken/BUILD.gn index b24aa1ff7..cfac0a924 100644 --- a/interfaces/innerkits/atlib/BUILD.gn +++ b/interfaces/innerkits/nativetoken/BUILD.gn @@ -18,13 +18,13 @@ import("//build/ohos.gni") ################################################################ config("accesstokenlib") { visibility = [ ":*" ] - include_dirs = [ "main/include" ] + include_dirs = [ "include" ] } -ohos_shared_library("libaccesstoken_lib") { +ohos_static_library("libnativetoken") { subsystem_name = "security" part_name = "access_token" - output_name = "libaccesstoken_lib" + output_name = "libnativetoken" public_configs = [ ":accesstokenlib" ] @@ -34,14 +34,14 @@ ohos_shared_library("libaccesstoken_lib") { include_dirs = [ "//utils/native/base/include", "//base/security/access_token/frameworks/common/include", - "main/include", - "main/src", + "include", + "src", "//third_party/cJSON", "//third_party/bounds_checking_function/include", "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] - sources = [ "main/src/accesstoken_lib.c" ] + sources = [ "src/nativetoken.c" ] deps = [ "//base/security/access_token/frameworks/common:accesstoken_common_cxx", diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_lib.h b/interfaces/innerkits/nativetoken/include/nativetoken.h similarity index 92% rename from interfaces/innerkits/atlib/main/include/accesstoken_lib.h rename to interfaces/innerkits/nativetoken/include/nativetoken.h index e28f4b5e6..e40462310 100644 --- a/interfaces/innerkits/atlib/main/include/accesstoken_lib.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -23,10 +23,10 @@ #include #include "cJSON.h" #include "securec.h" -#include "accesstoken_log.h" +#include "nativetoken_log.h" -#ifndef ACCESSTOKEN_LIB_H -#define ACCESSTOKEN_LIB_H +#ifndef NATIVE_TOKEN_H +#define NATIVE_TOKEN_H #ifdef __cplusplus extern "C" { @@ -92,4 +92,4 @@ extern char *GetFileBuff(const char *cfg); } #endif -#endif // ACCESSTOKEN_LIB_H +#endif // NATIVE_TOKEN_H diff --git a/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h b/interfaces/innerkits/nativetoken/include/nativetoken_kit.h similarity index 82% rename from interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h rename to interfaces/innerkits/nativetoken/include/nativetoken_kit.h index d0511410e..f03eff95b 100644 --- a/interfaces/innerkits/atlib/main/include/accesstokenlib_kit.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken_kit.h @@ -13,9 +13,10 @@ * limitations under the License. */ -#ifndef INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H -#define INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H +#ifndef INTERFACES_INNER_KITS_NATIVE_TOKEN_H +#define INTERFACES_INNER_KITS_NATIVE_TOKEN_H +#include #include #include #include @@ -32,4 +33,4 @@ extern uint64_t GetAccessTokenId(const char *processname, const char **dcap, int } #endif -#endif // INTERFACES_INNER_KITS_ACCESSTOKEN_LIB_H +#endif // INTERFACES_INNER_KITS_NATIVE_TOKEN_H diff --git a/interfaces/innerkits/atlib/main/include/accesstoken_log.h b/interfaces/innerkits/nativetoken/include/nativetoken_log.h similarity index 100% rename from interfaces/innerkits/atlib/main/include/accesstoken_log.h rename to interfaces/innerkits/nativetoken/include/nativetoken_log.h diff --git a/interfaces/innerkits/atlib/main/src/accesstoken_lib.c b/interfaces/innerkits/nativetoken/src/nativetoken.c similarity index 99% rename from interfaces/innerkits/atlib/main/src/accesstoken_lib.c rename to interfaces/innerkits/nativetoken/src/nativetoken.c index e227657be..74ab8c62b 100644 --- a/interfaces/innerkits/atlib/main/src/accesstoken_lib.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -12,8 +12,8 @@ * See the License for the specific language governing ACCESSTOKENs and * limitations under the License. */ -#include "accesstoken_lib.h" -#include "accesstokenlib_kit.h" +#include "nativetoken.h" +#include "nativetoken_kit.h" #include "parameter.h" #include "random.h" diff --git a/interfaces/innerkits/atlib/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn similarity index 79% rename from interfaces/innerkits/atlib/test/BUILD.gn rename to interfaces/innerkits/nativetoken/test/BUILD.gn index 0ec2f8404..25f2784d0 100644 --- a/interfaces/innerkits/atlib/test/BUILD.gn +++ b/interfaces/innerkits/nativetoken/test/BUILD.gn @@ -13,7 +13,7 @@ import("//build/test.gni") -ohos_unittest("libaccesstoken_lib_test") { +ohos_unittest("libnativetoken_test") { subsystem_name = "security" part_name = "access_token" module_out_path = part_name + "/" + part_name @@ -22,15 +22,15 @@ ohos_unittest("libaccesstoken_lib_test") { "//utils/native/base/include", "//third_party/cJSON", "//third_party/bounds_checking_function/include", - "//base/security/access_token/interfaces/innerkits/atlib/main/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", ] - sources = [ "unittest/cpp/src/accesstokenlib_kit_test.cpp" ] + sources = [ "unittest/src/nativetoken_kit_test.cpp" ] cflags_cc = [ "-fexceptions" ] cflags_cc += [ "-pthread" ] deps = [ - "//base/security/access_token/interfaces/innerkits/atlib:libaccesstoken_lib", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//third_party/bounds_checking_function:libsec_static", "//third_party/cJSON:cjson_static", "//third_party/googletest:gmock", @@ -41,5 +41,5 @@ ohos_unittest("libaccesstoken_lib_test") { group("unittest") { testonly = true - deps = [ ":libaccesstoken_lib_test" ] + deps = [ ":libnativetoken_test" ] } diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp similarity index 99% rename from interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp rename to interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index be80fe735..ff107e66a 100644 --- a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -13,10 +13,10 @@ * limitations under the License. */ -#include "accesstokenlib_kit_test.h" +#include "nativetoken_kit_test.h" #include -#include "accesstoken_lib.h" -#include "accesstokenlib_kit.h" +#include "nativetoken.h" +#include "nativetoken_kit.h" using namespace testing::ext; using namespace OHOS::Security; diff --git a/interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.h similarity index 100% rename from interfaces/innerkits/atlib/test/unittest/cpp/src/accesstokenlib_kit_test.h rename to interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.h diff --git a/interfaces/innerkits/token_setproc/test/BUILD.gn b/interfaces/innerkits/token_setproc/test/BUILD.gn index ce6cf8dd1..9cac0ef65 100644 --- a/interfaces/innerkits/token_setproc/test/BUILD.gn +++ b/interfaces/innerkits/token_setproc/test/BUILD.gn @@ -22,7 +22,7 @@ ohos_unittest("libtoken_setproc_test") { "//base/security/access_token/interfaces/innerkits/token_setproc/include", ] - sources = [ "unittest/cpp/src/tokensetproc_kit_test.cpp" ] + sources = [ "unittest/src/tokensetproc_kit_test.cpp" ] cflags_cc = [ "-fexceptions" ] deps = [ diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp similarity index 100% rename from interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.cpp rename to interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.cpp diff --git a/interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h b/interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.h similarity index 100% rename from interfaces/innerkits/token_setproc/test/unittest/cpp/src/tokensetproc_kit_test.h rename to interfaces/innerkits/token_setproc/test/unittest/src/tokensetproc_kit_test.h diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn index 0fe7a7907..1d8ba9af6 100644 --- a/interfaces/innerkits/tokensync/BUILD.gn +++ b/interfaces/innerkits/tokensync/BUILD.gn @@ -18,7 +18,7 @@ import("//build/ohos.gni") ################################################################ config("tokensync") { visibility = [ ":*" ] - include_dirs = [ "main/cpp/include" ] + include_dirs = [ "include" ] } ohos_shared_library("libtokensync_sdk") { @@ -31,11 +31,12 @@ ohos_shared_library("libtokensync_sdk") { include_dirs = [ "//utils/native/base/include", - "main/cpp/include", - "main/cpp/src", + "include", + "src", "//base/security/access_token/frameworks/tokensync/include", "//base/security/access_token/frameworks/common/include", - "//base/security/access_token/interfaces/innerkits/tokensync/main/cpp/include" + "//base/security/access_token/interfaces/innerkits/tokensync/include", + #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission", ] @@ -43,9 +44,9 @@ ohos_shared_library("libtokensync_sdk") { #"main/cpp/src/permission/permission_kit.cpp", #"main/cpp/src/permission/permission_manager_client.cpp", #"main/cpp/src/permission/permission_manager_proxy.cpp", - "main/cpp/src/tokensync_kit.cpp", - "main/cpp/src/tokensync_manager_client.cpp", - "main/cpp/src/tokensync_manager_proxy.cpp", + "src/tokensync_kit.cpp", + "src/tokensync_manager_client.cpp", + "src/tokensync_manager_proxy.cpp", ] deps = [ diff --git a/interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h b/interfaces/innerkits/tokensync/include/tokensync_kit.h similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/include/tokensync_kit.h rename to interfaces/innerkits/tokensync/include/tokensync_kit.h diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp b/interfaces/innerkits/tokensync/src/tokensync_kit.cpp similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/src/tokensync_kit.cpp rename to interfaces/innerkits/tokensync/src/tokensync_kit.cpp diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp b/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.cpp rename to interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h b/interfaces/innerkits/tokensync/src/tokensync_manager_client.h similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_client.h rename to interfaces/innerkits/tokensync/src/tokensync_manager_client.h diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.cpp rename to interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp diff --git a/interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h similarity index 100% rename from interfaces/innerkits/tokensync/main/cpp/src/tokensync_manager_proxy.h rename to interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index afbd3655f..867549338 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -21,16 +21,17 @@ ohos_unittest("libtokensync_sdk_test") { include_dirs = [ "//utils/native/base/include", "//third_party/googletest/include", + #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission/", - "//base/security/access_token/interfaces/innerkits/tokensync/main/cpp/include" + "//base/security/access_token/interfaces/innerkits/tokensync/include", ] - sources = [ "unittest/cpp/src/tokensync_kit_test.cpp" ] + sources = [ "unittest/src/tokensync_kit_test.cpp" ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ -#"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", + #"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//utils/native/base:utils", ] diff --git a/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp similarity index 100% rename from interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.cpp rename to interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp diff --git a/interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h similarity index 100% rename from interfaces/innerkits/tokensync/test/unittest/cpp/src/tokensync_kit_test.h rename to interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn index d385180a6..ac5b3afef 100644 --- a/interfaces/kits/accesstoken/BUILD.gn +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -34,7 +34,7 @@ ohos_shared_library("libabilityaccessctrl") { "//foundation/aafwk/standard/interfaces/innerkits/ability_manager/include", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/interfaces/kits/accesstoken/napi/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] sources = [ "//base/security/access_token/interfaces/kits/accesstoken/napi/src/napi_atmanager.cpp" ] diff --git a/ohos.build b/ohos.build index f87ae64db..096603d4d 100644 --- a/ohos.build +++ b/ohos.build @@ -13,7 +13,7 @@ "header_files": [ "accesstoken_kit.h" ], - "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include" + "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" } } ], diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index a46905ab6..fc866172a 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -32,7 +32,7 @@ ohos_shared_library("accesstoken_manager_service") { "//utils/system/safwk/native/include", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", - "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//third_party/json/include", "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] -- Gitee From e04606555b8484dffac4ce98402850584e82dab9 Mon Sep 17 00:00:00 2001 From: libing23 Date: Sun, 16 Jan 2022 17:23:10 +0800 Subject: [PATCH 19/51] add bundle.json Signed-off-by: libing23 Signed-off-by: libing23 Change-Id: I3dfb0bdc39b32bd25c2aff27ee2381d15d868866 --- bundle.json | 78 ++++++++++++++++++++++++++++------------------------- 1 file changed, 42 insertions(+), 36 deletions(-) diff --git a/bundle.json b/bundle.json index a33458f1f..1bf820947 100755 --- a/bundle.json +++ b/bundle.json @@ -1,22 +1,28 @@ -{ - "name": "@openharmony/access_token", - "version": "3.1.0", - "description": "access_token", - "publishAs": "code-segment", - "author": {}, - "repository": "", - "license": "Apache License 2.0", - "component": { - "name": "access_token", - "subsystem": "security", - "adapted_system_type": [ "standard" ], - "deps": { - "components": [ +{ + "name": "@openharmony/access_token", + "description": "access_token", + "version": "3.1.0", + "license": "Apache License 2.0", + "publishAs": "code-segment", + "segment": { + "destPath": "base/security/access_token" + }, + "dirs": {}, + "scripts": {}, + "component": { + "name": "access_token", + "subsystem": "security", + "syscap": [ + "Systemcapability.Security.AccessToken" + ], + "adapted_system_type": [ "standard" ], + "deps": { + "components": [ "hiviewdfx_hilog_native", "ipc_core", "ans_standard", "aafwk_standard", - "system_ability_fwk", + "system_ability_fwk", "samgr_proxy", "appexecfwk_standard", "eventhandler", @@ -24,33 +30,33 @@ "safwk", "samgr_standard", "utils_base" - ], - "third_party": [ + ], + "third_party": [ "cJSON", "sqlite", "mbedtls" - ] - }, - "build": { - "sub_component": [ + ] + }, + "build": { + "sub_component": [ "//base/security/access_token:accesstoken_build_module", "//base/security/access_token:tokensync_build_module" - ], - "inner_kits": [ - { + ], + "inner_kits": [ + { "name": "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", - "header": { - "header_files": [ - "accesstoken_kit.h" - ], - "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" - } - } - ], - "test": [ + "header": { + "header_files": [ + "accesstoken_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" + } + } + ], + "test": [ "//base/security/access_token:accesstoken_build_module_test", "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest" - ] - } - } + ] + } + } } -- Gitee From 4ba9e94b2b270076116f0e76259f72c70af8a43c Mon Sep 17 00:00:00 2001 From: lsq Date: Mon, 17 Jan 2022 11:22:27 +0800 Subject: [PATCH 20/51] update ohos.build Change-Id: Ia8016062bbfb6d3b4c86e35f20a70834fe46b9b0 Signed-off-by: lsq --- bundle.json | 22 +++++++++++++++++++++- ohos.build | 22 +++++++++++++++++++++- 2 files changed, 42 insertions(+), 2 deletions(-) diff --git a/bundle.json b/bundle.json index 1bf820947..ad2b7a8b8 100755 --- a/bundle.json +++ b/bundle.json @@ -51,11 +51,31 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "header": { + "header_files": [ + "nativetoken_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/nativetoken/include" + } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "header": { + "header_files": [ + "token_setproc.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" + } } ], "test": [ "//base/security/access_token:accesstoken_build_module_test", - "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest" + "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest" ] } } diff --git a/ohos.build b/ohos.build index 096603d4d..dcd834762 100644 --- a/ohos.build +++ b/ohos.build @@ -15,6 +15,24 @@ ], "header_base": "//base/security/access_token/interfaces/innerkits/accesstoken/include" } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "header": { + "header_files": [ + "nativetoken_kit.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/nativetoken/include" + } + }, + { + "name": "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "header": { + "header_files": [ + "token_setproc.h" + ], + "header_base": "//base/security/access_token/interfaces/innerkits/token_setproc/include" + } } ], "module_list": [ @@ -23,7 +41,9 @@ ], "test_list": [ "//base/security/access_token:accesstoken_build_module_test", - "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest" + "//base/security/access_token/interfaces/innerkits/accesstoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/nativetoken/test:unittest", + "//base/security/access_token/interfaces/innerkits/token_setproc/test:unittest" ] } } -- Gitee From ff448e2434faa818a23059f0b0d037b7e7e51130 Mon Sep 17 00:00:00 2001 From: libing23 Date: Tue, 18 Jan 2022 22:31:57 +0800 Subject: [PATCH 21/51] add rom/ram Signed-off-by: libing23 Signed-off-by: libing23 --- bundle.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bundle.json b/bundle.json index ad2b7a8b8..d8a704711 100755 --- a/bundle.json +++ b/bundle.json @@ -16,6 +16,8 @@ "Systemcapability.Security.AccessToken" ], "adapted_system_type": [ "standard" ], + "rom": "2048KB", + "ram": "5102KB", "deps": { "components": [ "hiviewdfx_hilog_native", -- Gitee From f31678bcea918bc456ad391b24e21d5b2b9f61b7 Mon Sep 17 00:00:00 2001 From: hanhaibin Date: Wed, 19 Jan 2022 07:50:20 +0800 Subject: [PATCH 22/51] Fix atomic ability part name change Signed-off-by: hanhaibin --- interfaces/kits/accesstoken/BUILD.gn | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn index ac5b3afef..fe8d9002e 100644 --- a/interfaces/kits/accesstoken/BUILD.gn +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -55,7 +55,8 @@ ohos_shared_library("libabilityaccessctrl") { ] cflags_cc = [ "-DHILOG_ENABLE" ] external_deps = [ - "aafwk_standard:want", + "ability_runtime:app_manager", + "ability_runtime:want", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", ] -- Gitee From b066cf8d9e6e3a99557322dd29e5a7f797af5938 Mon Sep 17 00:00:00 2001 From: lsq Date: Sat, 15 Jan 2022 21:07:35 +0800 Subject: [PATCH 23/51] modify nativetoken Change-Id: I2782c8b56e35838473191a1e387374e8ee9f5639 Signed-off-by: lsq --- .../accesstoken/src/hap_policy_parcel.cpp | 4 +- .../accesstoken/src/hap_token_info_parcel.cpp | 4 +- .../src/native_token_info_parcel.cpp | 14 +- .../src/permission_state_full_parcel.cpp | 6 +- frameworks/common/include/data_validator.h | 2 + frameworks/common/src/data_validator.cpp | 5 + .../accesstoken/src/accesstoken_kit.cpp | 8 + .../innerkits/accesstoken/test/BUILD.gn | 2 + .../unittest/src/accesstoken_kit_test.cpp | 234 +++++++++++++++++- .../test/unittest/src/accesstoken_kit_test.h | 1 + .../nativetoken/include/nativetoken.h | 13 +- .../innerkits/nativetoken/src/nativetoken.c | 144 +++++++---- .../unittest/src/nativetoken_kit_test.cpp | 165 ++++++++++-- .../test/unittest/src/tokensync_kit_test.cpp | 8 +- .../include/token/accesstoken_id_manager.h | 2 +- .../include/token/accesstoken_info_manager.h | 4 +- .../src/permission/permission_validator.cpp | 2 +- .../src/service/accesstoken_manager_stub.cpp | 4 +- .../cpp/src/token/hap_token_info_inner.cpp | 2 +- .../cpp/src/token/native_token_info_inner.cpp | 6 +- .../cpp/src/token/native_token_receptor.cpp | 2 +- 21 files changed, 524 insertions(+), 108 deletions(-) diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 0c14d15a3..fe2a079ce 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -36,7 +36,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->hapPolicyParameter.domain)); const std::vector& permList = this->hapPolicyParameter.permList; - int permListSize = permList.size(); + int32_t permListSize = (int32_t)permList.size(); RETURN_IF_FALSE(out.WriteInt32(permListSize)); for (int i = 0; i < permListSize; i++) { @@ -46,7 +46,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const } const std::vector& permStateList = this->hapPolicyParameter.permStateList; - int permStateListSize = permStateList.size(); + int32_t permStateListSize = (int32_t)permStateList.size(); RETURN_IF_FALSE(out.WriteInt32(permStateListSize)); for (int i = 0; i < permStateListSize; i++) { diff --git a/frameworks/accesstoken/src/hap_token_info_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_parcel.cpp index 5d5c2c519..4a349518c 100644 --- a/frameworks/accesstoken/src/hap_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_token_info_parcel.cpp @@ -49,10 +49,10 @@ HapTokenInfoParcel* HapTokenInfoParcel::Unmarshalling(Parcel& in) auto* hapTokenInfoParcel = new (std::nothrow) HapTokenInfoParcel(); RELEASE_IF_FALSE(hapTokenInfoParcel != nullptr, hapTokenInfoParcel); int apl; - int8_t ver; + uint8_t ver; RELEASE_IF_FALSE(in.ReadInt32(apl), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.apl = ATokenAplEnum(apl); - RELEASE_IF_FALSE(in.ReadInt8(ver), hapTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint8(ver), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.ver = ver; RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.userID), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.bundleName = in.ReadString(); diff --git a/frameworks/accesstoken/src/native_token_info_parcel.cpp b/frameworks/accesstoken/src/native_token_info_parcel.cpp index f623cfd0b..50795dc36 100644 --- a/frameworks/accesstoken/src/native_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/native_token_info_parcel.cpp @@ -38,11 +38,11 @@ bool NativeTokenInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenID)); RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenAttr)); - int dcapSize = (this->nativeTokenInfoParams.dcap).size(); + int dcapSize = (int)(this->nativeTokenInfoParams.dcap).size(); RETURN_IF_FALSE(out.WriteInt32(dcapSize)); - for (int i = 0; i < dcapSize; i++) { - RETURN_IF_FALSE(out.WriteString(this->nativeTokenInfoParams.dcap[i])); + for (auto dcapItem : this->nativeTokenInfoParams.dcap) { + RETURN_IF_FALSE(out.WriteString(dcapItem)); } return true; @@ -54,9 +54,9 @@ NativeTokenInfoParcel* NativeTokenInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(nativeTokenInfoParcel != nullptr, nativeTokenInfoParcel); int32_t apl; - int8_t ver; + uint8_t ver; RELEASE_IF_FALSE(in.ReadInt32(apl), nativeTokenInfoParcel); - RELEASE_IF_FALSE(in.ReadInt8(ver), nativeTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint8(ver), nativeTokenInfoParcel); nativeTokenInfoParcel->nativeTokenInfoParams.apl = ATokenAplEnum(apl); nativeTokenInfoParcel->nativeTokenInfoParams.ver = ver; @@ -68,7 +68,9 @@ NativeTokenInfoParcel* NativeTokenInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadInt32(dcapSize), nativeTokenInfoParcel); for (int i = 0; i < dcapSize; i++) { - nativeTokenInfoParcel->nativeTokenInfoParams.dcap[i] = in.ReadString(); + std::string dcapsItem; + RELEASE_IF_FALSE(in.ReadString(dcapsItem), nativeTokenInfoParcel); + nativeTokenInfoParcel->nativeTokenInfoParams.dcap.emplace_back(dcapsItem); } return nativeTokenInfoParcel; } diff --git a/frameworks/accesstoken/src/permission_state_full_parcel.cpp b/frameworks/accesstoken/src/permission_state_full_parcel.cpp index 50ce4bf2b..2a5dd6fe5 100644 --- a/frameworks/accesstoken/src/permission_state_full_parcel.cpp +++ b/frameworks/accesstoken/src/permission_state_full_parcel.cpp @@ -35,17 +35,17 @@ bool PermissionStateFullParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permStatFull.permissionName)); RETURN_IF_FALSE(out.WriteBool(this->permStatFull.isGeneral)); - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.resDeviceID.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.resDeviceID.size()))); for (auto devId : this->permStatFull.resDeviceID) { RETURN_IF_FALSE(out.WriteString(devId)); } - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantStatus.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.grantStatus.size()))); for (auto grantStat : this->permStatFull.grantStatus) { RETURN_IF_FALSE(out.WriteInt32(grantStat)); } - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantFlags.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.grantFlags.size()))); for (auto grantFlag : this->permStatFull.grantFlags) { RETURN_IF_FALSE(out.WriteInt32(grantFlag)); } diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h index e5d8191e2..f9cb353d1 100644 --- a/frameworks/common/include/data_validator.h +++ b/frameworks/common/include/data_validator.h @@ -42,9 +42,11 @@ public: static bool IsDescValid(const std::string& desc); static bool IsPermissionFlagValid(int flag); + static bool IsDcapValid(const std::string& dcap); private: const static int MAX_LENGTH = 256; const static int MAX_APPIDDESC_LENGTH = 10240; + const static int MAX_DCAP_LENGTH = 1024; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 9d359022b..3eb3e0c67 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -69,6 +69,11 @@ bool DataValidator::IsDeviceIdValid(const std::string& deviceId) return !deviceId.empty() && (deviceId.length() <= MAX_LENGTH); } +bool DataValidator::IsDcapValid(const std::string& dcap) +{ + return !dcap.empty() && (dcap.length() <= MAX_DCAP_LENGTH); +} + bool DataValidator::IsPermissionFlagValid(int flag) { return flag == DEFAULT_PERMISSION_FLAGS || diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 3a2f1aef0..336687a94 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -85,6 +85,14 @@ ATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsDcapValid(dcap)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: dcap is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, dcap=%{public}s", tokenID, dcap.c_str()); return AccessTokenManagerClient::GetInstance().CheckNativeDCap(tokenID, dcap); } diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index 1a7965889..a39d7014d 100755 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -22,6 +22,7 @@ ohos_unittest("libaccesstoken_sdk_test") { "//utils/native/base/include", "//third_party/googletest/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", ] sources = [ "unittest/src/accesstoken_kit_test.cpp" ] @@ -30,6 +31,7 @@ ohos_unittest("libaccesstoken_sdk_test") { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//utils/native/base:utils", ] } diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 6d38f1ee3..fa4fec5ea 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -17,6 +17,7 @@ #include #include "accesstoken_kit.h" +#include "nativetoken_kit.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; @@ -89,14 +90,14 @@ static HapPolicyParams g_infoManagerTestPolicyPrams = { .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} }; -static HapInfoParams g_infoManagerTestInfoParms_bak = { +static HapInfoParams g_infoManagerTestInfoParmsBak = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPrams_bak = { +static HapPolicyParams g_infoManagerTestPolicyPramsBak = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, @@ -122,8 +123,8 @@ void AccessTokenKitTest::TearDownTestCase() void AccessTokenKitTest::SetUp() { - g_infoManagerTestInfoParms = g_infoManagerTestInfoParms_bak; - g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPrams_bak; + g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak; + g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak; HapInfoParams info = { .userID = TEST_USER_ID, .bundleName = TEST_BUNDLE_NAME, @@ -180,6 +181,7 @@ void AccessTokenKitTest::SetUp() g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); AccessTokenKit::DeleteToken(tokenID); + (void)remove("/data/token.json"); } void AccessTokenKitTest::TearDown() @@ -291,9 +293,9 @@ HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1) */ HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1) { - HapPolicyParams TestPolicyPrams = g_infoManagerTestPolicyPrams; - TestPolicyPrams.permList.clear(); - AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, TestPolicyPrams); + HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams; + testPolicyPrams.permList.clear(); + AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams); AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, g_infoManagerTestInfoParms.bundleName, @@ -1343,6 +1345,8 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1) AccessTokenID tokenID; int ret; bool exist = false; + int allocFlag = 0; + int deleteFlag = 0; DeleteTestToken(); vector obj; @@ -1353,12 +1357,18 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1) g_infoManagerTestInfoParms.instIndex); exist = ExistInVector(obj, tokenID); - ASSERT_EQ(false, exist); + if (exist) { + allocFlag = 1; + } obj.push_back(tokenID); ret = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + deleteFlag = 1; + } } + ASSERT_EQ(allocFlag, 0); + ASSERT_EQ(deleteFlag, 0); } /** @@ -1642,7 +1652,6 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) PermissionDef permDefResult; DeleteTestToken(); - g_infoManagerTestInfoParms.bundleName = "test_UpdateHapToken005"; AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(0, tokenID); @@ -1698,6 +1707,9 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) */ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) { + int allocFlag = 0; + int updateFlag = 0; + int deleteFlag = 0; AccessTokenIDEx tokenIdEx = {0}; AccessTokenID tokenID; int ret; @@ -1714,7 +1726,10 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) infoManagerTestInfo.instIndex); exist = ExistInVector(obj, tokenID); - ASSERT_EQ(false, exist); + if (exist) { + allocFlag = 1; + break; + } obj.push_back(tokenID); infoManagerTestInfo.userID++; } @@ -1723,14 +1738,22 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; for (int i = 0; i < obj.size(); i++) { ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, g_infoManagerTestPolicyPrams); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + updateFlag = 1; + break; + } } g_infoManagerTestPolicyPrams.apl = APL_NORMAL; for (int i = 0; i < obj.size(); i++) { ret = AccessTokenKit::DeleteToken(obj[i]); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + deleteFlag = 1; + } } + ASSERT_EQ(allocFlag, 0); + ASSERT_EQ(updateFlag, 0); + ASSERT_EQ(deleteFlag, 0); } /** @@ -1956,3 +1979,188 @@ HWTEST_F(AccessTokenKitTest, ConcurrencyTest001, TestSize.Level1) it->join(); } } + +/** + * @tc.name: CheckNativeDCap001 + * @tc.desc: cannot Check native dcap with invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap001, TestSize.Level1) +{ + AccessTokenID tokenID = 0; + const std::string dcap = "AT_CAP"; + int ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap); + ASSERT_EQ(RET_FAILED, ret); + + tokenID = 1; + ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: CheckNativeDCap002 + * @tc.desc: cannot Check native dcap with invalid dcap. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap002, TestSize.Level1) +{ + AccessTokenID tokenID = 0Xff; + const std::string invalidDcap (INVALID_DCAP_LEN, 'x'); + int ret = AccessTokenKit::CheckNativeDCap(tokenID, invalidDcap); + ASSERT_EQ(RET_FAILED, ret); +} + +static void ConcurrencyCheckNativeDCapTask(unsigned int tokenID) +{ + for (int i = 0; i < CYCLE_TIMES; i++) { + int ret = AccessTokenKit::CheckNativeDCap(tokenID, "AT_CAP_01"); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: CheckNativeDCap004 + * @tc.desc: Check native dcap multiple threads. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap004, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 1); + dcaps[0] = "AT_CAP_01"; + int dcapNum = 1; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("CheckNativeDCap004", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + std::vector threadVec; + for (int i = 0; i < THREAD_NUM; i++) { + threadVec.emplace_back(std::thread(ConcurrencyCheckNativeDCapTask, tokenID)); + } + for (auto it = threadVec.begin(); it != threadVec.end(); it++) { + it->join(); + } +} + +/** + * @tc.name: GetNativeTokenInfo001 + * @tc.desc: cannot get native token with invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1) +{ + AccessTokenID tokenID = 0; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_FAILED); + + tokenID = 0xff; + ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_FAILED); +} + +/** + * @tc.name: GetNativeTokenInfo002 + * @tc.desc: get native token successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo002, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP_01"; + dcaps[1] = "ST_CAP_01"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo002", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo002"); + ASSERT_EQ(findInfo.tokenID, tokenID); + ASSERT_EQ(findInfo.tokenAttr, 0); + std::vector dcap = {"AT_CAP_01", "ST_CAP_01"}; + ASSERT_EQ(findInfo.dcap, dcap); +} + +/** + * @tc.name: GetNativeTokenInfo003 + * @tc.desc: get native token successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo003, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP_01"; + dcaps[1] = "ST_CAP_01"; + int dcapNum = 0; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo003", nullptr, 0, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo003"); + ASSERT_EQ(findInfo.tokenID, tokenID); + ASSERT_EQ(findInfo.tokenAttr, 0); +} + +static void ConcurrGetNativeTokenInfoTask(unsigned int tokenID) +{ + NativeTokenInfo findInfo; + for (int i = 0; i < CYCLE_TIMES; i++) { + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: GetNativeTokenInfo004 + * @tc.desc: Concurrency testing. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo004, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 1); + dcaps[0] = "AT_CAP_01"; + int dcapNum = 1; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo004", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + std::vector threadVec; + for (int i = 0; i < THREAD_NUM; i++) { + threadVec.emplace_back(std::thread(ConcurrGetNativeTokenInfoTask, tokenID)); + } + for (auto it = threadVec.begin(); it != threadVec.end(); it++) { + it->join(); + } +} \ No newline at end of file diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h index 06eb17525..dfdd20e85 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h @@ -35,6 +35,7 @@ static const int INVALID_DESCRIPTION_LEN = 260; static const int INVALID_PERMNAME_LEN = 260; static const int CYCLE_TIMES = 100; static const int THREAD_NUM = 3; +static const int INVALID_DCAP_LEN = 1025; class AccessTokenKitTest : public testing::Test { public: static void SetUpTestCase(); diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index e40462310..ed40a0704 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -35,8 +35,6 @@ extern "C" { #define MAX_PROCESS_NAME_LEN 256 #define TOKEN_ID_CFG_PATH "/data/token.json" #define SOCKET_FILE "/data/system/token_unix_socket.socket" -#define ATRET_FAILED 1 -#define ATRET_SUCCESS 0 #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 #define TRANSFER_KEY_WORDS "NativeTokenInfo" @@ -47,6 +45,13 @@ extern "C" { #define SYSTEM_PROP_NATIVE_RECEPTOR "rw.nativetoken.receptor.startup" #define PATH_MAX_LEN 4096 +#define FOUNDATION_NOT_STARTED 0 +#define FOUNDATION_STARTING 1 +#define ATM_SERVICE_STARTUP 2 + +#define ATRET_FAILED 1 +#define ATRET_SUCCESS 0 + typedef unsigned int NativeAtId; typedef unsigned int NativeAtAttr; @@ -64,7 +69,7 @@ typedef struct { typedef struct TokenList { NativeAtId tokenId; - char processName[MAX_PROCESS_NAME_LEN]; + char processName[MAX_PROCESS_NAME_LEN + 1]; struct TokenList *next; } NativeTokenList; @@ -87,7 +92,7 @@ typedef struct TokenQueue { (tmp).dcapsNum = (dacpNum); \ } while (0) -extern char *GetFileBuff(const char *cfg); +extern int32_t GetFileBuff(const char *cfg, char **retBuff); #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index 74ab8c62b..5cedde572 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -19,56 +19,64 @@ NativeTokenQueue *g_tokenQueueHead; NativeTokenList *g_tokenListHead; -int32_t g_isAtmExist; +int32_t g_tranferStatus; +int32_t g_isNativeTokenInited = 0; int32_t g_signalFd; static pthread_mutex_t g_tokenQueueHeadLock = PTHREAD_MUTEX_INITIALIZER; -char *GetFileBuff(const char *cfg) +int32_t GetFileBuff(const char *cfg, char **retBuff) { - char *buff = NULL; - FILE *cfgFd = NULL; struct stat fileStat; - int32_t fileSize; + int32_t ret; - if (stat(cfg, &fileStat) != 0) { + char filePath[PATH_MAX_LEN + 1] = {0}; + if (realpath(cfg, filePath) == NULL) { + if (errno == ENOENT) { + /* file doesn't exist */ + *retBuff = NULL; + return ATRET_SUCCESS; + } + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:invalid filePath.", __func__); + return ATRET_FAILED; + } + + if (stat(filePath, &fileStat) != 0) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file failed.", __func__); - return NULL; + return ATRET_FAILED; } - fileSize = (int32_t)fileStat.st_size; + + int32_t fileSize = (int32_t)fileStat.st_size; if ((fileSize < 0) || (fileSize > MAX_JSON_FILE_LEN)) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file size is invalid.", __func__); - return NULL; - } - - char filePath[PATH_MAX_LEN + 1] = {0}; - if (realpath(cfg, filePath) == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:invalid filePath.", __func__); - return NULL; + return ATRET_FAILED; } - cfgFd = fopen(filePath, "r"); + FILE *cfgFd = fopen(filePath, "r"); if (cfgFd == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fopen file failed.", __func__); - return NULL; + return ATRET_FAILED; } - buff = (char *)malloc((size_t)(fileSize + 1)); + char *buff = (char *)malloc((size_t)(fileSize + 1)); if (buff == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); fclose(cfgFd); - return NULL; + return ATRET_FAILED; } if (fread(buff, fileSize, 1, cfgFd) != 1) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fread failed.", __func__); free(buff); buff = NULL; + ret = ATRET_FAILED; } else { buff[fileSize] = '\0'; + *retBuff = buff; + ret = ATRET_SUCCESS; } fclose(cfgFd); - return buff; + return ret; } int32_t GetTokenList(const cJSON *object) @@ -102,19 +110,19 @@ int32_t GetTokenList(const cJSON *object) ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } - if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN, processNameJson->valuestring) != EOK) { + if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN + 1, processNameJson->valuestring) != EOK) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); free(tmp); return ATRET_FAILED; } - tmp->tokenId = tokenIdJson->valueint; + tmp->tokenId = (NativeAtId)tokenIdJson->valueint; tmp->next = g_tokenListHead->next; g_tokenListHead->next = tmp; } return ATRET_SUCCESS; } -int32_t ParseTokenInfoCfg(const char *filename) +int32_t ParseTokenInfoFromCfg(const char *filename) { char *fileBuff = NULL; cJSON *record = NULL; @@ -123,9 +131,12 @@ int32_t ParseTokenInfoCfg(const char *filename) if (filename == NULL || filename[0] == '\0') { return ATRET_FAILED; } - fileBuff = GetFileBuff(filename); + ret = GetFileBuff(filename, &fileBuff); + if (ret != ATRET_SUCCESS) { + return ret; + } if (fileBuff == NULL) { - return ATRET_FAILED; + return ATRET_SUCCESS; } record = cJSON_Parse(fileBuff); free(fileBuff); @@ -154,9 +165,19 @@ int32_t AtlibInit(void) return ATRET_FAILED; } g_tokenQueueHead->next = NULL; - g_isAtmExist = 0; - return ParseTokenInfoCfg(TOKEN_ID_CFG_PATH); + int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_PATH); + if (ret != ATRET_SUCCESS) { + free(g_tokenListHead); + g_tokenListHead = NULL; + free(g_tokenQueueHead); + g_tokenQueueHead = NULL; + return ret; + } + g_tranferStatus = FOUNDATION_NOT_STARTED; + g_isNativeTokenInited = 1; + + return ATRET_SUCCESS; } NativeAtId CreateNativeTokenId(void) @@ -209,7 +230,7 @@ int32_t TokenInfoSave(const NativeTokenQueue *node) g_tokenQueueHead->next = curr; pthread_mutex_unlock(&g_tokenQueueHeadLock); - if (g_isAtmExist == 1) { + if (g_tranferStatus == ATM_SERVICE_STARTUP) { return TriggerTransfer(); } return ATRET_SUCCESS; @@ -217,6 +238,9 @@ int32_t TokenInfoSave(const NativeTokenQueue *node) int32_t GetAplLevel(const char *aplStr) { + if (aplStr == NULL) { + return 0; + } if (strcmp(aplStr, "system_core") == 0) { return 3; // system_core means apl level is 3 } @@ -297,17 +321,21 @@ void SaveTokenIdToCfg(const NativeTokenQueue *head) ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:there is no new info.", __func__); return; } - fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); - if (fileBuff == NULL) { + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + if (ret != ATRET_SUCCESS) { return; } - record = cJSON_Parse(fileBuff); - free(fileBuff); - fileBuff = NULL; + if (fileBuff == NULL) { + record = cJSON_CreateArray(); + } else { + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; + } if (record == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_Parse failed.", __func__); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:get record failed.", __func__); return; } @@ -517,7 +545,7 @@ static int32_t SyncToAtm(void) void *ThreadTransferFunc(const void *args) { int32_t ret; - uint64_t result; + g_tranferStatus = FOUNDATION_STARTING; /* getpram */ while (1) { @@ -536,8 +564,9 @@ void *ThreadTransferFunc(const void *args) return NULL; } - g_isAtmExist = 1; + g_tranferStatus = ATM_SERVICE_STARTUP; + uint64_t result; while (1) { ret = read(g_signalFd, &result, sizeof(uint64_t)); if (ret == -1) { @@ -553,7 +582,8 @@ void *ThreadTransferFunc(const void *args) return NULL; } -int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) +int32_t CheckProcessInfo(const char *processname, const char **dcaps, + int32_t dacpNum, const char *aplStr, int32_t *aplRet) { if ((processname == NULL) || strlen(processname) > MAX_PROCESS_NAME_LEN || strlen(processname) == 0) { @@ -561,7 +591,7 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t da return ATRET_FAILED; } - if ((dcaps == NULL) || dacpNum > MAX_DCAPS_NUM || dacpNum < 0) { + if (((dcaps == NULL) && (dacpNum != 0)) || dacpNum > MAX_DCAPS_NUM || dacpNum < 0) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps is null or dacpNum is invalid.", __func__); return ATRET_FAILED; } @@ -572,24 +602,41 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t da } } - if (aplStr == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is null.", __func__); + int32_t apl = GetAplLevel(aplStr); + if (apl == 0) { return ATRET_FAILED; } + *aplRet = apl; return ATRET_SUCCESS; } +int NativeTokenIdCheck(NativeAtId tokenId) +{ + NativeTokenList *tokenNode = g_tokenListHead; + while (tokenNode != NULL) { + if (tokenNode->tokenId == tokenId) { + return 1; + } + tokenNode = tokenNode->next; + } + return 0; +} static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *tokenId) { NativeTokenList *tokenNode; NativeAtId id; - id = CreateNativeTokenId(); + int32_t repeat; + do { + id = CreateNativeTokenId(); + repeat = NativeTokenIdCheck(id); + } while (repeat == 1); + tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tokenNode == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } - if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN, processname) != EOK) { + if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, processname) != EOK) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); free(tokenNode); return ATRET_FAILED; @@ -605,26 +652,27 @@ static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *toke uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) { NativeAtId tokenId; - NativeTokenList *tokenNode = g_tokenListHead; NativeTokenQueue tmp = {0}; pthread_t tid; int32_t exist = 0; uint64_t result = 0; + int32_t apl; NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); - int32_t ret = CheckProcessInfo(processname, dcaps, dacpNum, aplStr); - if (ret != ATRET_SUCCESS) { + if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) { return 0; } - int32_t apl = GetAplLevel(aplStr); - if (apl == 0) { + + int32_t ret = CheckProcessInfo(processname, dcaps, dacpNum, aplStr, &apl); + if (ret != ATRET_SUCCESS) { return 0; } - if (strcmp("foundation", processname) == 0) { + if ((g_tranferStatus == FOUNDATION_NOT_STARTED) && strcmp("foundation", processname) == 0) { (void)pthread_create(&tid, 0, (void*)ThreadTransferFunc, NULL); } + NativeTokenList *tokenNode = g_tokenListHead; while (tokenNode != NULL) { if (strcmp(tokenNode->processName, processname) == 0) { exist = 1; diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index ff107e66a..69fd15cf2 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -23,7 +23,8 @@ using namespace OHOS::Security; extern NativeTokenQueue *g_tokenQueueHead; extern NativeTokenList *g_tokenListHead; -extern char *GetFileBuff(const char *cfg); +extern int32_t g_isNativeTokenInited; +extern int32_t GetFileBuff(const char *cfg, char **retBuff); namespace { static NativeTokenQueue g_readRes; static string g_jsonStr = "[" @@ -40,7 +41,7 @@ void TokenLibKitTest::TearDownTestCase() void TokenLibKitTest::SetUp() { - AtlibInit(); + g_isNativeTokenInited = 0; ResetFile(); g_readRes.next = nullptr; } @@ -124,6 +125,12 @@ int Start(const char *processName) return tokenId; } +/** + * @tc.name: GetAccessTokenId001 + * @tc.desc: cannot getAccessTokenId with invalid processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -135,11 +142,29 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) ASSERT_EQ(tokenId, 0); tokenId = GetAccessTokenId(nullptr, dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 257 is invalid processName length */ const std::string invalidProcName (257, 'x'); tokenId = GetAccessTokenId(invalidProcName.c_str(), dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 255 is valid processName length */ + const std::string validProcName01 (255, 'x'); + tokenId = GetAccessTokenId(validProcName01.c_str(), dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + /* 256 is valid processName length */ + const std::string validProcName02 (256, 'x'); + tokenId = GetAccessTokenId(validProcName02.c_str(), dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId002 + * @tc.desc: cannot getAccessTokenId with invalid dcapNum. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -150,11 +175,18 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); - dcapNum = 1025; - tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); + /* 33 is invalid dcapNum */ + dcapNum = 33; + tokenId = GetAccessTokenId("GetAccessTokenId002_00", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId003 + * @tc.desc: cannot getAccessTokenId with invalid dcaps. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -165,12 +197,36 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) tokenId = GetAccessTokenId("GetAccessTokenId003", nullptr, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); - const std::string invalidDcaps (1025, 'x'); - dcaps[0] = invalidDcaps.c_str(); - tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, "system_core"); + dcapNum = 0; + tokenId = GetAccessTokenId("GetAccessTokenId003_01", nullptr, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + dcapNum = 2; + /* 1025 is invalid dcap length */ + const std::string invalidDcap (1025, 'x'); + dcaps[0] = invalidDcap.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_02", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 1024 is valid dcap length */ + const std::string validDcap01 (1024, 'x'); + dcaps[0] = validDcap01.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_03", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + /* 1023 is valid dcap length */ + const std::string validDcap02 (1023, 'x'); + dcaps[0] = validDcap02.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_04", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId004 + * @tc.desc: cannot getAccessTokenId with invalid APL. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -185,6 +241,12 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) ASSERT_EQ(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId005 + * @tc.desc: Get AccessTokenId successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) { uint64_t tokenId01 = Start("GetAccessTokenId005"); @@ -195,6 +257,12 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) ASSERT_EQ(tokenId01, tokenId02); } +/** + * @tc.name: GetAccessTokenId007 + * @tc.desc: Get AccessTokenId before ATM is prepared with new processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) { uint64_t tokenID; @@ -209,12 +277,20 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) ASSERT_EQ(ret, 0); ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); string s = "GetAccessTokenId007"; char *pos = strstr(fileBuff, s.c_str()); ASSERT_EQ(pos, nullptr); } +/** + * @tc.name: GetAccessTokenId008 + * @tc.desc: Get AccessTokenId before ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) { uint64_t tokenID; @@ -227,9 +303,17 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); } +/** + * @tc.name: GetAccessTokenId009 + * @tc.desc: Get AccessTokenId after ATM is prepared with new processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) { - char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuffBefore = nullptr; + int32_t ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); + ASSERT_EQ(ret, ATRET_SUCCESS); char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId009"); ASSERT_NE(posMatch, nullptr); free(fileBuffBefore); @@ -247,7 +331,9 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) ASSERT_NE(tokenID009, 0); sleep(DELAY_ONE_SECONDS); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); char *pos = strstr(fileBuff, "GetAccessTokenId009"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "GetAccessTokenId009_01"); @@ -258,9 +344,18 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) PthreadCloseTrigger(); } +/** + * @tc.name: GetAccessTokenId010 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) { - char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuffBefore = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); + ASSERT_EQ(ret, ATRET_SUCCESS); + char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId010"); ASSERT_EQ(posMatch, nullptr); free(fileBuffBefore); @@ -272,15 +367,47 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) ASSERT_NE(tokenID010, 0); sleep(DELAY_ONE_SECONDS); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); + char *pos = strstr(fileBuff, "GetAccessTokenId010"); ASSERT_NE(pos, nullptr); free(fileBuff); PthreadCloseTrigger(); } +/** + * @tc.name: GetAccessTokenId011 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +{ + char processName[200][MAX_PROCESS_NAME_LEN]; + /* enable 200 process before fondation is prepared */ + for (int32_t i = 0; i < 200; i++) { + processName[i][0] = '\0'; + int ret = sprintf_s(processName[i], MAX_PROCESS_NAME_LEN, "processName_%d", i); + ASSERT_NE(ret, 0); + uint64_t tokenId = Start(processName[i]); + ASSERT_NE(tokenId, 0); + } + uint64_t tokenId011 = Start("foundation"); + ASSERT_NE(tokenId011, 0); + sleep(5); + tokenId011 = Start("process"); + ASSERT_NE(tokenId011, 0); +} - HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +/** + * @tc.name: GetAccessTokenId012 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) { Start("process1"); Start("process2"); @@ -305,7 +432,9 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) sleep(5); Start("process19"); sleep(5); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, 0); char *pos = strstr(fileBuff, "process1"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process2"); @@ -330,7 +459,13 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) PthreadCloseTrigger(); } - HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) +/** + * @tc.name: GetAccessTokenId013 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1) { sleep(5); Start("process1"); diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp index b4ae1174e..800becd14 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp @@ -42,10 +42,10 @@ void TokenSyncKitTest::TearDown() */ HWTEST_F(TokenSyncKitTest, VerifyPermission001, TestSize.Level1) { - const std::string TEST_BUNDLE_NAME = "ohos"; - const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA"; - const int TEST_USER_ID = 0; - int ret = TokenSyncKit::VerifyPermission(TEST_BUNDLE_NAME, TEST_PERMISSION_NAME_ALPHA, TEST_USER_ID); + const std::string testBundleName = "ohos"; + const std::string testPermissionNameAlpha = "ohos.permission.ALPHA"; + const int testUserId = 0; + int ret = TokenSyncKit::VerifyPermission(testBundleName, testPermissionNameAlpha, testUserId); ASSERT_EQ(0, ret); } diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h index 1ad68ac8e..336228323 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h @@ -26,7 +26,7 @@ namespace OHOS { namespace Security { namespace AccessToken { -static constexpr int TOKEN_RANDOM_MASK = (1 << 24) - 1; +static constexpr unsigned int TOKEN_RANDOM_MASK = (1 << 24) - 1; static const int MAX_CREATE_TOKEN_ID_RETRY = 2; class AccessTokenIDManager final { diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 40786992f..c8a337350 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -75,9 +75,9 @@ private: OHOS::Utils::RWLock managerLock_; std::map> hapTokenInfoMap_; - std::map hapTokenIdMap_; + std::map hapTokenIdMap_; std::map> nativeTokenInfoMap_; - std::map nativeTokenIdMap_; + std::map nativeTokenIdMap_; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 148a9369a..3647ab976 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -79,7 +79,7 @@ bool PermissionValidator::IsPermissionStateValid(const PermissionStateFull& perm return false; } - for (int i = 0; i < resDevIdSize; i++) { + for (uint32_t i = 0; i < resDevIdSize; i++) { if (!IsGrantStatusValid(permState.grantStatus[i]) || !IsPermissionFlagValid(permState.grantFlags[i])) { return false; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 15a1a86ab..a9e0076e0 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -84,7 +84,7 @@ void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, Message int result = this->GetDefPermissions(tokenID, permList); ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); - reply.WriteInt32(permList.size()); + reply.WriteInt32((int32_t)permList.size()); for (auto permDef : permList) { reply.WriteParcelable(&permDef); } @@ -99,7 +99,7 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); - reply.WriteInt32(permList.size()); + reply.WriteInt32((int32_t)permList.size()); for (auto permDef : permList) { reply.WriteParcelable(&permDef); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index e08142fa1..34dd4f0c9 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -124,7 +124,7 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); return RET_FAILED; } - tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index 0278b5eff..62a4e8cac 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -109,7 +109,7 @@ int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const Ge } SetDcaps(inGenericValues.GetString(FIELD_DCAP)); - tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } @@ -149,7 +149,7 @@ bool NativeTokenInfoInner::FromJsonString(const std::string& jsonString) } if (jsonObject.find(JSON_VERSION) != jsonObject.end()) { - ver_ = jsonObject.at(JSON_VERSION).get(); + ver_ = jsonObject.at(JSON_VERSION).get(); } if (jsonObject.find(JSON_TOKEN_ID) != jsonObject.end()) { @@ -184,7 +184,7 @@ std::string NativeTokenInfoInner::GetProcessName() const void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) { - int start = 0; + std::string::size_type start = 0; while (true) { std::string::size_type offset = dcapStr.find(',', start); if (offset == std::string::npos) { diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index 815acd9f4..63b66da54 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -60,7 +60,7 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p } if (j.find(JSON_VERSION) != j.end()) { - native.ver = j.at(JSON_VERSION).get(); + native.ver = (uint8_t)j.at(JSON_VERSION).get(); if (native.ver != DEFAULT_TOKEN_VERSION) { return; } -- Gitee From 3c6b9a4925eba4a57743667868859d9a5c4e2344 Mon Sep 17 00:00:00 2001 From: wenfei Date: Tue, 18 Jan 2022 20:07:40 +0800 Subject: [PATCH 24/51] Signed-off-by: wenfei Signed-off-by: wenfei Signed-off-by: wenfei Signed-off-by: wenfei add permission-manager code Signed-off-by: wenfei --- .../.gitignore | 21 ++ .../build.gradle | 33 +++ .../entry/.gitignore | 2 + .../entry/build.gradle | 26 ++ .../entry/package.json | 1 + .../entry/src/main/config.json | 64 ++++ .../entry/src/main/ets/default/app.ets | 23 ++ .../ets/default/common/components/dialog.ets | 158 ++++++++++ .../default/common/model/dialogDataList.ets | 21 ++ .../src/main/ets/default/pages/dialog.ets | 40 +++ .../src/main/ets/default/pages/dialogPlus.ets | 53 ++++ .../resources/ar/properties/string.json | 14 + .../resources/dark/properties/string.json | 7 + .../resources/default/media/icon_actived.png | Bin 0 -> 1671 bytes .../resources/default/media/icon_normal.png | Bin 0 -> 1107 bytes .../resources/default/properties/string.json | 19 ++ .../resources/en/properties/string.json | 14 + .../resources/light/properties/string.json | 7 + .../resources/zh/properties/string.json | 14 + .../main/resources/base/element/color.json | 20 ++ .../main/resources/base/element/string.json | 12 + .../main/resources/base/media/ic_exercise.svg | 16 + .../main/resources/base/media/ic_nearby.svg | 7 + .../src/main/resources/base/media/icon.png | Bin 0 -> 6790 bytes .../gradle.properties | 14 + .../gradlew | 183 ++++++++++++ .../gradlew.bat | 103 +++++++ .../settings.gradle | 1 + .../.gitignore | 21 ++ .../build.gradle | 33 +++ .../entry/.gitignore | 2 + .../entry/build.gradle | 26 ++ .../entry/package.json | 1 + .../entry/src/main/config.json | 69 +++++ .../entry/src/main/ets/default/app.ets | 23 ++ .../common/components/alphabeticalIndex.ets | 61 ++++ .../ets/default/common/components/backBar.ets | 74 +++++ .../default/common/components/category.ets | 123 ++++++++ .../ets/default/common/components/dialog.ets | 188 ++++++++++++ .../ets/default/common/components/search.ets | 51 ++++ .../default/common/components/titleBar.ets | 39 +++ .../ets/default/common/model/appNameList.ets | 32 ++ .../common/model/authorityManagementList.ets | 50 ++++ .../ets/default/common/model/categoryList.ets | 27 ++ .../default/common/model/dialogDataList.ets | 21 ++ .../ets/default/common/model/mediaDocList.ets | 19 ++ .../common/model/otherPermissionsList.ets | 20 ++ .../model/permissionAccessRecordList.ets | 19 ++ .../ets/default/common/model/privacyList.ets | 21 ++ .../main/ets/default/common/utils/utils.ets | 14 + .../main/ets/default/pages/app-name-plus.ets | 210 +++++++++++++ .../src/main/ets/default/pages/app-name.ets | 153 ++++++++++ .../default/pages/authority-management.ets | 277 ++++++++++++++++++ .../main/ets/default/pages/location-info.ets | 156 ++++++++++ .../ets/default/pages/media-documents.ets | 150 ++++++++++ .../ets/default/pages/other-permissions.ets | 106 +++++++ .../pages/permission-access-record.ets | 187 ++++++++++++ .../src/main/ets/default/pages/privacy.ets | 171 +++++++++++ .../resources/ar/properties/string.json | 14 + .../resources/dark/properties/string.json | 7 + .../resources/default/media/icon_actived.png | Bin 0 -> 1671 bytes .../resources/default/media/icon_normal.png | Bin 0 -> 1107 bytes .../resources/default/properties/string.json | 19 ++ .../resources/en/properties/string.json | 14 + .../resources/light/properties/string.json | 7 + .../resources/zh/properties/string.json | 14 + .../main/resources/base/element/color.json | 48 +++ .../main/resources/base/element/string.json | 64 ++++ .../src/main/resources/base/media/51cto.png | Bin 0 -> 15573 bytes .../src/main/resources/base/media/aiqiyi.png | Bin 0 -> 8210 bytes .../src/main/resources/base/media/anquan.png | Bin 0 -> 6146 bytes .../resources/base/media/baiduwangpan.png | Bin 0 -> 7893 bytes .../src/main/resources/base/media/beifen.png | Bin 0 -> 4730 bytes .../main/resources/base/media/beiwanglu.png | Bin 0 -> 19983 bytes .../main/resources/base/media/bilibili.png | Bin 0 -> 6830 bytes .../main/resources/base/media/calendar.png | Bin 0 -> 2862 bytes .../src/main/resources/base/media/cunchu.png | Bin 0 -> 2227 bytes .../src/main/resources/base/media/dianchi.png | Bin 0 -> 3942 bytes .../main/resources/base/media/downarrow.png | Bin 0 -> 720 bytes .../main/resources/base/media/gaodeditu.png | Bin 0 -> 4160 bytes .../resources/base/media/ic_call_logs.svg | 31 ++ .../main/resources/base/media/ic_dropzone.svg | 19 ++ .../main/resources/base/media/ic_exercise.svg | 16 + .../main/resources/base/media/ic_forward.svg | 14 + .../src/main/resources/base/media/ic_more.svg | 7 + .../main/resources/base/media/ic_nearby.svg | 7 + .../base/media/ic_public_calendar.svg | 13 + .../resources/base/media/ic_public_camera.svg | 13 + .../base/media/ic_public_contacts_group.svg | 13 + .../resources/base/media/ic_public_folder.svg | 13 + .../resources/base/media/ic_public_gps.svg | 13 + .../base/media/ic_public_message.svg | 13 + .../resources/base/media/ic_public_phone.svg | 13 + .../resources/base/media/ic_public_voice.svg | 13 + .../main/resources/base/media/ic_sport.svg | 7 + .../main/resources/base/media/ic_ssensor.svg | 9 + .../src/main/resources/base/media/icon.png | Bin 0 -> 6790 bytes .../base/media/in_app_installations.svg | 13 + .../main/resources/base/media/jiankang.png | Bin 0 -> 4001 bytes .../src/main/resources/base/media/left.png | Bin 0 -> 1070 bytes .../main/resources/base/media/maikefeng.png | Bin 0 -> 8041 bytes .../base/media/noinstallationpackage.svg | 17 ++ .../resources/base/media/nopermission.svg | 16 + .../src/main/resources/base/media/phone.png | Bin 0 -> 8732 bytes .../src/main/resources/base/media/photo.png | Bin 0 -> 9234 bytes .../src/main/resources/base/media/qq.png | Bin 0 -> 6144 bytes .../src/main/resources/base/media/record.png | Bin 0 -> 7877 bytes .../main/resources/base/media/rightarrow.png | Bin 0 -> 1058 bytes .../src/main/resources/base/media/search.png | Bin 0 -> 1147 bytes .../resources/base/media/searchnoresult.svg | 22 ++ .../main/resources/base/media/shengyin.png | Bin 0 -> 3578 bytes .../src/main/resources/base/media/shezhi.png | Bin 0 -> 15118 bytes .../src/main/resources/base/media/shibie.png | Bin 0 -> 7640 bytes .../resources/base/media/tengxunshipin.png | Bin 0 -> 13394 bytes .../main/resources/base/media/tongxunlu.png | Bin 0 -> 5551 bytes .../src/main/resources/base/media/tongzhi.png | Bin 0 -> 5943 bytes .../src/main/resources/base/media/uparrow.png | Bin 0 -> 730 bytes .../src/main/resources/base/media/weixin.png | Bin 0 -> 9388 bytes .../main/resources/base/media/yingyong.png | Bin 0 -> 2130 bytes .../src/main/resources/base/media/yinsi.png | Bin 0 -> 3620 bytes .../main/resources/base/media/yuncunchu.png | Bin 0 -> 8559 bytes .../main/resources/base/media/zhifubao.png | Bin 0 -> 8091 bytes .../gradle.properties | 14 + .../gradlew | 183 ++++++++++++ .../gradlew.bat | 103 +++++++ .../settings.gradle | 1 + 126 files changed, 3987 insertions(+) create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradle.properties create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/.gitignore create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/build.gradle create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/app.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/otherPermissionsList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionAccessRecordList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/anquan.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beiwanglu.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/bilibili.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/calendar.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/cunchu.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/downarrow.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/icon.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/in_app_installations.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/left.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/maikefeng.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/photo.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/record.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/search.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shezhi.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/weixin.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yingyong.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradle.properties create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/settings.gradle diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore new file mode 100644 index 000000000..b297692be --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore @@ -0,0 +1,21 @@ +*.iml +.gradle +/local.properties +/.idea/caches +/.idea/libraries +/.idea/modules.xml +/.idea/workspace.xml +/.idea/navEditor.xml +/.idea/assetWizardSettings.xml +.DS_Store +/build +/captures +.externalNativeBuild +/entry/.preview +.cxx +/node_modules +**/.gradle +**/.idea + +/.idea/previewer/phone/ +/.idea/previewer/previewConfigV2.json diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle new file mode 100644 index 000000000..924a888a1 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle @@ -0,0 +1,33 @@ +// Top-level build file where you can add configuration options common to all sub-projects/modules. +apply plugin: 'com.huawei.ohos.app' + +//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 +ohos { + compileSdkVersion 7 +} + +buildscript { + repositories { + maven { + url 'https://repo.huaweicloud.com/repository/maven/' + } + maven { + url 'https://developer.huawei.com/repo/' + } + } + dependencies { + classpath 'com.huawei.ohos:hap:3.0.5.2' + classpath 'com.huawei.ohos:decctest:1.2.7.2' + } +} + +allprojects { + repositories { + maven { + url 'https://repo.huaweicloud.com/repository/maven/' + } + maven { + url 'https://developer.huawei.com/repo/' + } + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore new file mode 100644 index 000000000..7d5b7a94f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore @@ -0,0 +1,2 @@ +/build +/node_modules diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle new file mode 100644 index 000000000..0f0156791 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle @@ -0,0 +1,26 @@ +apply plugin: 'com.huawei.ohos.hap' +apply plugin: 'com.huawei.ohos.decctest' +//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 +ohos { + compileSdkVersion 7 + defaultConfig { + compatibleSdkVersion 7 + } + buildTypes { + release { + proguardOpt { + proguardEnabled false + rulesFiles 'proguard-rules.pro' + } + } + } +} + +dependencies { + implementation fileTree(dir: 'libs', include: ['*.jar', '*.har']) + testImplementation 'junit:junit:4.13.1' + ohosTestImplementation 'com.huawei.ohos.testkit:runner:2.0.0.200' +} +decc { + supportType = ['html','xml'] +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json @@ -0,0 +1 @@ +{} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json new file mode 100644 index 000000000..693761dd8 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json @@ -0,0 +1,64 @@ +{ + "app": { + "bundleName": "com.example.myapplication", + "vendor": "example", + "version": { + "code": 1000000, + "name": "1.0.0" + } + }, + "deviceConfig": {}, + "module": { + "package": "com.example.myapplication", + "name": ".MyApplication", + "mainAbility": "com.example.myapplication.GrantAbility", + "deviceType": [ + "phone" + ], + "distro": { + "deliveryWithInstall": true, + "moduleName": "entry", + "moduleType": "entry", + "installationFree": false + }, + "abilities": [ + { + "skills": [ + { + "entities": [ + "entity.system.home" + ], + "actions": [ + "action.system.home" + ] + } + ], + "orientation": "portrait", + "visible": true, + "name": "com.example.myapplication.GrantAbility", + "icon": "$media:icon", + "description": "$string:mainability_description", + "label": "$string:entry_MainAbility", + "type": "page", + "launchType": "standard" + } + ], + "js": [ + { + "mode": { + "syntax": "ets", + "type": "pageAbility" + }, + "pages": [ + "pages/dialog", + "pages/dialogPlus" + ], + "name": "default", + "window": { + "designWidth": 720, + "autoDesignWidth": false + } + } + ] + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets new file mode 100644 index 000000000..2a3b62387 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default { + onCreate() { + console.info('Application onCreate') + }, + onDestroy() { + console.info('Application onDestroy') + }, +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets new file mode 100644 index 000000000..4c1632976 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets @@ -0,0 +1,158 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { dialogData } from "../model/dialogDataList.ets" + +@Extend(Button) function customizeButton() { + .backgroundColor($r('app.color.default_background_color')) + .fontColor($r('app.color.button_color')) +} + +@CustomDialog +export struct spaceDialog { + controller: CustomDialogController + cancel: () => void + confirm: () => void + + build() { + Column() { + Image($r('app.media.ic_nearby')) + .width(24) + .height(24) + .margin({ + top: 24 + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text('是否允许“XX”查找、连接附近设备?').fontSize(16) + .margin({ + top: 16, + left: 24 + }) + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text('用于XXXX。').fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2, + left: 24 + }) + } + } + } + Row() { + Flex({ justifyContent: FlexAlign.SpaceAround }) { + Button('禁止') + .fontSize(16) + .onClick(() => { + this.controller.close() + this.cancel() + }).customizeButton() + Text('|').fontSize(30).fontColor($r('app.color.divider_color')) + Button('允许') + .fontSize(16) + .onClick(() => { + this.controller.close() + this.confirm() + }).customizeButton() + }.margin({ + top: 8 + }) + } + } + .backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .height(170) + .width(336) + } +} + +@CustomDialog +export struct privacyDialog { + @Prop count: number + controller: CustomDialogController + cancel: () => void + confirm: () => void + + build() { + Column() { + if (this.count < dialogData.length) { + Image(dialogData[this.count].icon) + .width(24) + .height(24) + .margin({ + top: 24 + }) + Text(`${this.count + 1} / ${dialogData.length}`) + .fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2 + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text(dialogData[this.count].message1).fontSize(16) + .margin({ + top: 16, + left: 24 + }) + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text(dialogData[this.count].message2).fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2, + left: 24 + }) + } + } + } + } + Row() { + Flex({ justifyContent: FlexAlign.SpaceAround }) { + Button('禁止') + .fontSize(16) + .onClick(() => { + this.cancel() + if (this.count === dialogData.length) { + this.controller.close() + } + }).customizeButton() + Text('|').fontSize(30).fontColor($r('app.color.divider_color')) + Button('允许') + .fontSize(16) + .onClick(() => { + this.confirm() + if (this.count === dialogData.length) { + this.controller.close() + } + }).customizeButton() + }.margin({ + top: 8 + }) + } + } + .backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .height(186) + .width(336) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets new file mode 100644 index 000000000..f3c5572c2 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const dialogData: any[] = [ + { 'name': '权限1', 'index': 1, 'message1': '内容1','message2': '内容一', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限2', 'index': 2, 'message1': '内容2','message2': '内容二', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限3', 'index': 3, 'message1': '内容3','message2': '内容三', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限4', 'index': 4, 'message1': '内容4','message2': '内容四', 'icon': $r("app.media.ic_exercise") } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets new file mode 100644 index 000000000..45ee546a7 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { spaceDialog } from "../common/components/dialog.ets" + +@Entry +@Component +struct dialogPage { + spaceDialogController: CustomDialogController = new CustomDialogController({ + builder: spaceDialog({ cancel: this.spaceCancel, confirm: this.spaceAccept }), + cancel: this.spaceExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + spaceCancel() { + } + spaceAccept() { + } + spaceExist() { + } + aboutToAppear() { + this.spaceDialogController.open() + } + build() { + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets new file mode 100644 index 000000000..b8e8718d3 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { privacyDialog } from "../common/components/dialog.ets" +import { dialogData } from "../common/model/dialogDataList.ets" + +@Entry +@Component +struct dialogPlusPage { + @State count: number = 0 + privacyDialogController: CustomDialogController = new CustomDialogController({ + builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), + cancel: this.privacyExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + privacyAccept() { + this.count < dialogData.length ? this.count += 1 : this.count = 0 + console.info('accept ' + this.count) + + } + privacyCancel() { + if (this.count < dialogData.length) { + this.count += 1 + } else { + this.count = 0 + } + console.info('cancel' + this.count) + + } + privacyExist() { + console.info("exist") + } + aboutToAppear() { + this.privacyDialogController.open() + } + build() { + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json new file mode 100644 index 000000000..c3a6df19c --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "< more" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json new file mode 100644 index 000000000..ddc52a17f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json @@ -0,0 +1,7 @@ +{ + "colors": { + "colorSubBackground": "#000000", + "appbar_subtitle_color": "#99ffffff", + "text_color": "#ffffff" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png new file mode 100644 index 0000000000000000000000000000000000000000..49991d108d51f1803ff3dcadc8870d69977908e7 GIT binary patch literal 1671 zcmV;226*|2P)FV00001b5ch_0Itp) z=>Px*K}keGRA>e5S!-++RS=%p`$R&uO$0?K@<;FU50F43#8!FH$C>oSPVef0lnOn9!yL?k)bY zlich%XJ)=L-`PE{xd1~lGy)Zk09NF!I8R=jnN~1h5t7wF0HYD`URIChUy|$H{Om@e zE=1#OEQb5qTas;xd)dW`2ux|pOwALmVUWc{biYm%Oz<2U&_ZBr>u62>sN<{JmPKI7 zQW{sV%nby%8i))PP``|XNZS*M^joKPV3)4H7J*qWQ=;c`W+M>10YE9;&VudHWFng< zj!kd)Y71t9Z3ncG2~2OIktUftiQusT_rWhA!r?Tgn|^A=%TdrH5vXs@&dB8pyBV-H z3TUM^hSP#JC;^$M1&a<7(1obKcl)6dgZvN)S1p(Y5W|xm@8*@bTix=L1j@xnVigX0w@}`9-FE{Cu158;P)XWgO~iozNX!1Y17K z!*7>4ByGV=GMTC?wNI3M1KF(kemTKERFAM}eZmvG#4ChECpP**sa(!{uauvMKwVSz z0RViylyOj7)o_5UC@_qP(A*odvJ$gW@CoM~|Tc?cj_t9bOahiT>f7zY;aCN?YB zR$KVUk}J?lZa)tJvY^>*6s10MvIol7ZI*_u3W5ZS)Vh=%y~>Wu>+g8CQIvYkUE!l| zVq328Y9u$kesK`suefXi7cLQe{&jd@Vk5TY3dbnd z)P8ZV+GF}PWfWSzEx=#@5Ug1egWK%law*Sxs~te6*r>MG}VuSOt*gq-|VFW?D(pa2Js=+6hqEvdMUHvnYt z9W*-V2tJgpdm#=F);Sh46~AOzh`zEc4s)kluz7nPu4&8-NsOtWj-I))S5*d;t9hnu zd^MpRyoxEr1w*i+ie&XvThBYMTWs>48hjp-WAO*CCty4$5C=ofT_kw(qa5V&!Dy1r z>)4Z?pjtWJfGGGN{iSM9s{G=j*q{Y3_%aZJ877j7blZ3cBx3k6Ao@;(T3*}dH->lS z?kKD-n1byuJbgKj>ehP*w6~;A@oMy`+t98*_jC+`y0PtapMojaej@qPQb}MB0RiAd z>pOg{lwH{&!*~yz!^`0962X=}yn?1Af4%Ll3yp11y!|75XxHuMgfR%RVcjkfZ0W-- zlJqT=kq|rI;j9{&dYhpRsbHr%3AXOagH`@vQiXGr1yiu44^<@DD;aCGO)Y!rDq2bF zUC)|Fxv5rZhS{7NS-&a)>57hh1Bhl8VAHl79Buame}OaAbAmF}fdr%rxhLoI)jJ?@JtrFrf6^Q46;1&%@t6P9sU~#tdu>%TR|B5ZGddT9Uja@}v{_ zn_c=;3?wU&^37m6gUjRqj`NXw7vCQ`e|3)fEz7P%Jhmh(GcC4}2#DdWKR8;MM5EN* zlH}lp#LOuOqiPUp_`FkdXCM5Ps{~hi2>!T2aQrm?IQT4+C?)K1Xm~QctZfJWSxWD2 zi%dWqC1Wi~Um{$`d$#Mq?1t8@^Rmq=pDZ57wxSO`FQyg&+r2OOEBRANLF#AmY@Fhg zcYWD7W$*D@DjoK&N?8PK49TNPDpIm}VFy6l$9~GeOwL_$bdlZPZr6QQL_qCKRx3%2 zNp6Y%H|1P(ap@hyS5)~l literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png new file mode 100644 index 0000000000000000000000000000000000000000..cdf5bb49392dfce97ea9fa1be0ace95715903498 GIT binary patch literal 1107 zcmV-Z1g!gsP)FV00001b5ch_0Itp) z=>Px(4M{{nRA>e5n0ap$F$~4aeUm-VoFq@wM0-OltrqH0TZSvN#0@VoM~bD%1vm{Dyc`;;+DIJsyeV{HnoTx+s1Sf0PCr5&%v=7LS&UP52$Z z*kA9(>`IgZAZ?iWgLGcQEkJso7pYXedmG^QYJX_5_njI(5*O8Yo@wNDq5~F2SEP;+(+SVs)*T4rP1S)9qVdJE{wT)CR!{qW@M*z|vUYcuVRq0H<>a$an#k^r%Xm{pbbI;yi=X6ZNeq z-vf|AwgnwMF94Rg1vMvhjcn`-O=AKZ0O`XfY(Y(0)X2uZ;9HVLHUJKeR@9Wq8d>X4 zvI;f;Tl%bW?)R76NAs;l)~M!Jpf!CM4NeXfaA{ z=9stkVp{}6TEVL#`=!&I>0JrQ3fSI-bATBf3iNM@^iOuib2dUSoT}`Xn$_TjMtUw_ z2d$YAW}DWT8&fOL#YS%BtnH+V*#Ovd$r4%Z0Iu;07#>~jCWLQNZ;M`KK)$9*VXFq%_I$#ZEzgiAj2xR~*HIYLZae1OSKb)(P;POt=Rjp{Iu_8i>FkTF1{i(>LxriO} z1ZaUd_4rF8b{4}NDCm1juGfQsofo3LBQW+8kxsT3u~WT5`oNL@K#bEV$P)n7gHv^= zJ!YKLpk!Oe^=gstn|gMt4j*F-9S|KZ68FWv)&X1W4Tvo5LAZRdcW9@1vZBz<>E*X) zdLmmyO#m39YVpq+r)I6LRI(r-Dj(&tFSw3@RwqcM4UsN%3hc=UXOCMda|5&n5NvXB zAqXm!w?BfM_rzKHF7^SZe-p+A5D!W){4vI+CK$*bARWl(K%B+#W~Ze)W1fL|2L6{B Z_ye>Cr2VxM_(lK#002ovPDHLkV1jHc1@-^{ literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json new file mode 100644 index 000000000..127f01aeb --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json @@ -0,0 +1,19 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "more >" + }, + "colors": { + "colorSubBackground": "#f1f3f5", + "appbar_subtitle_color": "#99000000", + "text_color": "#000000" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json new file mode 100644 index 000000000..319b5d66e --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "more >" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json new file mode 100644 index 000000000..4b9482c8f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json @@ -0,0 +1,7 @@ +{ + "colors": { + "colorSubBackground": "#f1f3f5", + "appbar_subtitle_color": "#99000000", + "text_color": "#000000" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json new file mode 100644 index 000000000..4ca364c62 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "分类页", + "describe": "描述", + "category": "分类", + "itemChild": "子类", + "item": "类型", + "search": "搜索...", + "you_search": "你搜索了", + "you_clicked": "你点击了", + "tab": "分页", + "more": "更多 >" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json new file mode 100644 index 000000000..3477227c1 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json @@ -0,0 +1,20 @@ +{ + "color": [ + { + "name": "divider_color", + "value": "#f3f4f6" + }, + { + "name": "default_background_color", + "value": "#ffffff" + }, + { + "name": "button_color", + "value": "#0a59f7" + }, + { + "name": "secondary_font_color", + "value": "#808080" + } + ] +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json new file mode 100644 index 000000000..319332fcd --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json @@ -0,0 +1,12 @@ +{ + "string": [ + { + "name": "entry_MainAbility", + "value": "entry_MainAbility" + }, + { + "name": "mainability_description", + "value": "ETS_Category Ability" + } + ] +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg new file mode 100644 index 000000000..b488a4243 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg @@ -0,0 +1,16 @@ + + + + + diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg new file mode 100644 index 000000000..4b201c865 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg @@ -0,0 +1,7 @@ + + + HM/ic/24x24/ic_nearby + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..ce307a8827bd75456441ceb57d530e4c8d45d36c GIT binary patch literal 6790 zcmX|G1ymHk)?T_}Vd;>R?p|tHQo6fg38|$UVM!6BLrPFWk?s;$LOP{GmJpBl$qoSA!PUg~PA65-S00{{S`XKG6NkG0RgjEntPrmV+?0|00mu7;+5 zrdpa{2QLqPJ4Y{j7=Mrl{BaxrkdY69+c~(w{Fv-v&aR%aEI&JYSeRTLWm!zbv;?)_ ziZB;fwGbbeL5Q}YLx`J$lp~A09KK8t_z}PZ=4ZzgdeKtgoc+o5EvN9A1K1_<>M?MBqb#!ASf&# zEX?<)!RH(7>1P+j=jqG(58}TVN-$psA6K}atCuI!KTJD&FMmH-78ZejBm)0qc{ESp z|LuG1{QnBUJRg_E=h1#XMWt2%fcoN@l7eAS!Es?Q+;XsRNPhiiE=@AqlLkJzF`O18 zbsbSmKN=aaq8k3NFYZfDWpKmM!coBU0(XnL8R{4=i|wi{!uWYM2je{U{B*K2PVdu&=E zTq*-XsEsJ$u5H4g6DIm2Y!DN`>^v|AqlwuCD;w45K0@eqauiqWf7l&o)+YLHm~|L~ z7$0v5mkobriU!H<@mVJHLlmQqzQ3d6Rh_-|%Yy2li*tHO>_vcnuZ7OR_xkAIuIU&x z-|8Y0wj|6|a6_I(v91y%k_kNw6pnkNdxjqG8!%Vz_d%c_!X+6-;1`GC9_FpjoHev5fEV7RhJ>r=mh-jp$fqbqRJ=obwdgLDVP5+s zy1=_DWG0Y-Jb3t^WXmkr(d9~08k-|#Ly zaNOmT(^9tIb&eb4%CzIT zAm3CUtWSr1t4?h1kk#NBi{U|pJslvME{q|_eS^3En>SOqSxyuN1x;Is@8~m?*>}** znrRFArP!K_52RpX*&JHMR<^lVdm8ypJ}0R(SD(51j;6@ni$6bQ+2XL+R^|NnSp5}(kzvMZ^(@4fD_{QVu$(&K6H|C37TG1Am9Re{<<3gd zh@`>;BqkXMW&p0T6rt|iB$)~CvFe(XC)F9WgAZn*0@t$oZo;!*}r@_`h?KKH&6A@3= zISXoQB+~`op>NP-buiA*^0n{@i{_?MRG)&k)c)k_F+-2Lud!S9pc+i`s74NpBCaGF zXN+pHkubw*msGBTY27BKHv)RRh3;nMg4&$fD_6X9Vt~;_4D+5XPH~#Kn-yjcy!$}1 zigv#FNY>TqMhtIBb@UoF!cE~Q8~;!Pek>SQQwHnHuWKoVBosAiOr}q>!>aE*Krc)V zBUMEcJ5NU0g8}-h6i1zpMY9>m4ne?=U2~`w7K7Q0gB_=p@$5K7p6}thw z-~3dMj?YNX2X$lZ+7ngQ$=s}3mizNN@kE%OtB)?c&i~2L55z8^=yz;xMHLmlY>&Q# zJj?!)M#q_SyfkQh)k?j8IfLtB)ZCp|*vf4_B zos?73yd^h-Ac+;?E4*bpf=o*^3x3-`TVjbY4n6!EN10K6o@fxdyps05Vo3PU)otB} z`3kR+2w7_C#8Z!q`J)p{Vh!+m9-UP!$STp+Hb}}#@#_u^SsUQg<}59< zTvH3%XS4G+6FF^(m6bVF&nSUIXcl;nw{=H$%fgeJ>CgDYiLdpDXr{;-AnG z8dvcrHYVMI&`R6;GWekI@Ir3!uo)oz4^{6q0m^}@f2tM9&=YHNi6-?rh0-{+k@cQm zdp`g#YdQn%MDVg2GR>wZ`n2<0l4)9nx1Wfr&!Dvz=bPwU!h2S?ez6MVc5APE4-xLB zi&W9Q8k2@0w!C53g?iAIQ}~p*3O(@zja6KQ=M3zfW*_6o5SwR-)6VBh~m7{^-=MC-owYH5-u40a}a0liho3QZZ5L{bS_xM1)4}19)zTU$$MY zq3eZML1WC{K%YFd`Be0M-rkO^l?h{kM{$2oK1*A@HVJ57*yhDkUF!2WZ&oA4Y-sK( zCY69%#`mBCi6>6uw(x4gbFaP0+FD*JKJ-q!F1E?vLJ+d35!I5d7@^eU?(CS|C^tmI5?lv@s{{*|1F zFg|OzNpZ0hxljdjaW%45O0MOttRrd(Z?h{HYbB-KFUx&9GfFL3b8NwZ$zNu)WbBD` zYkj$^UB5%3Pj1MDr>S2Ejr9pUcgA!;ZG!@{uAy12)vG=*^9-|dNQBc8&`oxBlU~#y zs!anJX&T?57Jdr^sb>e+V`MVfY>Y0ESg7MG<7W0g&bR-ZYzzZ%2H&Etcp zcd6QeXO1D!5A#zM0lx*GH}`M)2~ZFLE;sP^RSB5wVMNfiZXPd(cmO>j=OSA3`o5r& zna(|^jGXbdN7PK)U8b7^zYtYkkeb%<%F~=OqB~kXMQkq}ii|skh@WSRt>5za;cjP0 zZ~nD%6)wzedqE}BMLt~qKwlvTr33))#uP~xyw#*Eaa|DbMQ_%mG0U8numf8)0DX`r zRoG2bM;#g|p-8gWnwRV5SCW0tLjLO&9Z?K>FImeIxlGUgo0Zk`9Qzhj1eco~7XZy+hXc@YF&ZQ=? zn*^1O56yK^x{y}q`j7}blGCx%dydV!c7)g~tJzmHhV=W~jbWRRR{1<^oDK+1clprm zz$eCy7y9+?{E|YgkW~}}iB#I4XoJ*xr8R?i_Hv$=Cof5bo-Nj~f`-DLebH}&0% zfQj9@WGd4;N~Y?mzQsHJTJq6!Qzl^-vwol(+fMt#Pl=Wh#lI5Vmu@QM0=_r+1wHt` z+8WZ~c2}KQQ+q)~2Ki77QvV&`xb|xVcTms99&cD$Zz4+-^R4kvUBxG8gDk7Y`K*)JZ^2rL(+ZWV~%W(@6 z)0bPArG#BROa_PHs~&WplQ_UIrpd)1N1QGPfv!J(Z9jNT#i%H?CE6|pPZb9hJ1JW4 z^q;ft#!HRNV0YgPojzIYT`8LuET2rUe-J|c!9l4`^*;4WtY@Ew@pL>wkjmMgGfN7 ze}}GtmU0@<_#08~I-Suk=^*9GLW=H4xhsml;vAV{%hy5Eegl@!6qKqbG024%n2HHw zCc@ivW_$@5ZoHP70(7D+(`PvgjW1Pd`wsiuv-aCukMrafwDm)B!xXVy*j2opohhoU zcJz%ADmj>i3`-3-$7nQKBQQuGY;2Qt&+(L~C>vSGFj5{Mlv?T_^dql;{zkpe4R1}R z%XfZyQ}wr*sr>jrKgm*PWLjuVc%6&&`Kbf1SuFpHPN&>W)$GmqC;pIoBC`=4-hPY8 zT*>%I2fP}vGW;R=^!1be?ta2UQd2>alOFFbVl;(SQJ4Jk#)4Z0^wpWEVvY4=vyDk@ zqlModi@iVPMC+{?rm=4(n+<;|lmUO@UKYA>EPTS~AndtK^Wy^%#3<;(dQdk3WaUkRtzSMC9}7x2||CNpF#(3T4C)@ z$~RWs`BNABKX|{cmBt>Q=&gkXl&x!!NK_%5hW0LS)Z4PB>%sV?F-{Wyj#s7W%$F{D zXdK^Fp3wvy+48+GP6F_|^PCRx=ddcTO3sG;B23A49~Qaw31SZ0Rc~`r4qqt%#OGW{ zCA_(LG5^N>yzUn&kAgVmxb=EA8s&tBXC}S1CZ(KoW)(%^JjLTPo^fs`Va;`=YlVPgmB$!yB}<(4ym6OeZ3xAJJ#;)2+B%p3P1Wt+d$eo`vz`T zXfUP2))kBDPoscH;Jc7I3NU<({|@wM$&GaDt`n7WLgIY3IA7A6-_R?z8N3mz|}*i z(zl5ot--Oq@f2-nv{X(ujT2T(k1vY_qh93pK@>H-qc%2Xta)IP0Q%zt%bqYgI`o!wv!0QerB`nCN^1n|@$sVOQ!V0teVG!I z_fD%JvfDeT1cK#-{o6Gv7}& zY0#NWin~kVaf$aufV&;63Hbs|`QVZWpDX6IMk1Hj2G}fiH9e-^6u2zf^FIr^BwD<6zjw63+{yUe8PUFvk8v{sJ=R{d#`O!sz`Q13~< zPT$JS(w=yQfU2`zPCNfSw=&zup@DXc(98afjhv@1w_f!m2Z>rMJ19AB&dB%P#Ls3b z=lK7OILM+SQ&VEd=1GN6o&>YVVtIzoZ%=Z_SdqJN2}E43{bE`>w+A;=y->@^k{oCC z$F*WTY&?34;kfyFV?b*Xb1Pq`Z=%OgwEg)Rz)tx=`f%5#w_INP=x&z5!jI;#;N$ma zhO)+MDm;SxOEVL15; zGq(v2pL3&P1Sl)8P*;G-fd{l1QJsv@e@d8)1PK4w2m*M%V3j-V~L^$i|&C@b?D?9tfwE{B^}Z$k8e5FmQ>v7Xz)sG32g9t}YBt zyR$+*_00RmPx+0mW+vVG4mxd(n$(eQf3-w>JPl2UJpafrPaL5@2j}%{VE-) zBI%6Qpj*dsdH<;g!S!avA~bv^0E+ zfyJbSjPb+j;J52U)<|cIcntQBI2T#>2;tOxu{%D?kML476AErF(qN9hPva5Nkc@BF zC-tLF@3ZFb%Kpj)M<{)x*l|*Ia@ECeXo2E4h2f!aV=cHAhi_E_mfUth(sM4^hJq7B zQsGWqdZUm9S%F`$nQ*_#NcuD`&)Ek%_s{&^78{9Hm ztri&rYLOxgFdG>O@+XHy z9#;|&vBCPXH5Mon^I`jSuR$&~ZWtyB67ujzFSj!51>#C}C17~TffQ{c-!QFQkTQ%! zIR^b1`zHx|*1GU?tbBx23weFLz5H?y_Q%N&t$}k?w+``2A=aotj0;2v$~AL z{scF-cL{wsdrmPvf#a9OHyYLcwQD4Kcm)`LLwMh4WT~p29f7M!iafJSU`IV}QY5Wa z(n44-9oA}?J{a+ah*@31WTs#&J#o1`H98#6IQf;Wv0N_!);f&9g7o-k(lW5rWnDUR zQBFIRG+X=6NnsI@mxnwm;tf5;_Uxg?jZ8m-m0}&6+DA!qam(p$mN5R})yA_7m$q@| zFEd|dpS595rxQr-n#GjI5i-AhnUE>Cr;jpCqSrD~EwK_DqI^7%3#p5)%T_od!t3SOmH9MyXeeGO2(UQL;ax|x?Ncixmeo1=$ z{-);Au{*tfzOG?KQ~K|ak8-HQ?`Pekhe2WM(8s{xv-p>Zmu_6{G!-oE$7$mY`MOJorI=+mMx?H;`pr!;fVYz?5~yXBACruWB`Ph zZM}90_<^OBxIhyZ9BW$`>6JvO;%VFpqVr8|7t3~AmxYak6?`Pp#c;**_SYmi`&z23 z`p6_~ePvH)C6x-G9$hgL=eVALq`-AiamN>!3~Lxw&{H(b{B(7xSRm6<3<{%{yXiH# zos5Rv1L+8fUKJLo%P>4I&$}y \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn () { + echo "$*" +} + +die () { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=`expr $i + 1` + done + case $i in + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=`save "$@"` + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +exec "$JAVACMD" "$@" diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat new file mode 100644 index 000000000..acdc32e2d --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat @@ -0,0 +1,103 @@ +@rem +@rem Copyright (c) 2021 Huawei Device Co., Ltd. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem http://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle new file mode 100644 index 000000000..4773db732 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle @@ -0,0 +1 @@ +include ':entry' diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore new file mode 100644 index 000000000..b297692be --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore @@ -0,0 +1,21 @@ +*.iml +.gradle +/local.properties +/.idea/caches +/.idea/libraries +/.idea/modules.xml +/.idea/workspace.xml +/.idea/navEditor.xml +/.idea/assetWizardSettings.xml +.DS_Store +/build +/captures +.externalNativeBuild +/entry/.preview +.cxx +/node_modules +**/.gradle +**/.idea + +/.idea/previewer/phone/ +/.idea/previewer/previewConfigV2.json diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle new file mode 100644 index 000000000..924a888a1 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle @@ -0,0 +1,33 @@ +// Top-level build file where you can add configuration options common to all sub-projects/modules. +apply plugin: 'com.huawei.ohos.app' + +//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 +ohos { + compileSdkVersion 7 +} + +buildscript { + repositories { + maven { + url 'https://repo.huaweicloud.com/repository/maven/' + } + maven { + url 'https://developer.huawei.com/repo/' + } + } + dependencies { + classpath 'com.huawei.ohos:hap:3.0.5.2' + classpath 'com.huawei.ohos:decctest:1.2.7.2' + } +} + +allprojects { + repositories { + maven { + url 'https://repo.huaweicloud.com/repository/maven/' + } + maven { + url 'https://developer.huawei.com/repo/' + } + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/.gitignore new file mode 100644 index 000000000..7d5b7a94f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/.gitignore @@ -0,0 +1,2 @@ +/build +/node_modules diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/build.gradle new file mode 100644 index 000000000..0f0156791 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/build.gradle @@ -0,0 +1,26 @@ +apply plugin: 'com.huawei.ohos.hap' +apply plugin: 'com.huawei.ohos.decctest' +//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 +ohos { + compileSdkVersion 7 + defaultConfig { + compatibleSdkVersion 7 + } + buildTypes { + release { + proguardOpt { + proguardEnabled false + rulesFiles 'proguard-rules.pro' + } + } + } +} + +dependencies { + implementation fileTree(dir: 'libs', include: ['*.jar', '*.har']) + testImplementation 'junit:junit:4.13.1' + ohosTestImplementation 'com.huawei.ohos.testkit:runner:2.0.0.200' +} +decc { + supportType = ['html','xml'] +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json @@ -0,0 +1 @@ +{} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json new file mode 100644 index 000000000..8de07a383 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json @@ -0,0 +1,69 @@ +{ + "app": { + "bundleName": "com.example.myapplication", + "vendor": "example", + "version": { + "code": 1000000, + "name": "1.0.0" + } + }, + "deviceConfig": {}, + "module": { + "package": "com.example.myapplication", + "name": ".MyApplication", + "mainAbility": "com.example.myapplication.MainAbility", + "deviceType": [ + "phone" + ], + "distro": { + "deliveryWithInstall": true, + "moduleName": "entry", + "moduleType": "entry", + "installationFree": false + }, + "abilities": [ + { + "skills": [ + { + "entities": [ + "entity.system.home" + ], + "actions": [ + "action.system.home" + ] + } + ], + "orientation": "portrait", + "visible": true, + "name": "com.example.myapplication.MainAbility", + "icon": "$media:icon", + "description": "$string:mainability_description", + "label": "$string:entry_MainAbility", + "type": "page", + "launchType": "standard" + } + ], + "js": [ + { + "mode": { + "syntax": "ets", + "type": "pageAbility" + }, + "pages": [ + "pages/authority-management", + "pages/permission-access-record", + "pages/media-documents", + "pages/app-name", + "pages/location-info", + "pages/app-name-plus", + "pages/other-permissions" + ], + "name": "default", + "window": { + "designWidth": 720, + "autoDesignWidth": false + } + } + ] + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/app.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/app.ets new file mode 100644 index 000000000..2a3b62387 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/app.ets @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default { + onCreate() { + console.info('Application onCreate') + }, + onDestroy() { + console.info('Application onDestroy') + }, +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets new file mode 100644 index 000000000..d4332cdc6 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { applicationListItem } from "../model/authorityManagementList.ets" + +@Component +export struct alphabetIndexerComponent { + @State alphabeticalIndex: number = 0 + @Prop page: string + @Link applicationList: any[] + private value: string[] = ['#', '☆', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'] + filterData(index) { + this.alphabeticalIndex = index + if (index === 0 || index === 1) { + this.applicationList = applicationListItem + } + else { + this.applicationList = applicationListItem.filter((item) => { + return item.alphabeticalIndex === this.value[index] + }) + } + } + + build() { + Flex({ justifyContent: FlexAlign.End }) { + AlphabetIndexer({ ArrayValue: this.value, selected: this.alphabeticalIndex }) + .selectedColor(0xffffff) // 选中颜色 + .popupColor(0xFFFAF0) // 弹出框颜色 + .selectedBackgroundColor(0xCCCCCC) // 选中背景颜色 + .popupBackground(0xD2B48C) // 弹出框背景颜色 + .usingPopup(true) // 是否显示弹出框 + .selectedFont({ size: 12, weight: FontWeight.Bolder }) // 选中的样式 + .popupFont({ size: 30, weight: FontWeight.Bolder }) // 弹出框的演示 + .itemSize(16) // 每一项的大小正方形 + .alignStyle(IndexerAlign.Left) // 左对齐 + .onSelected((index: number) => { + if (this.page === 'location-info') { + this.filterData(index) + } + if (this.page === 'authority-management') { + this.filterData(index) + } + console.info(this.value[index] + '被选中了') // 选中的事件 + }) + .height(448) + .width(24) + } + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets new file mode 100644 index 000000000..a5d8ff6da --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import router from '@system.router' + +@Component +export struct backBar { + @Prop title: string + + build() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + if (this.title == JSON.stringify($r('app.string.privacy'))) { + Text($r('app.string.privacy')) + .fontColor($r('app.color.title_text_color')) + .fontSize("20fp") + .margin({ + left: "15vp", + right: "24vp", + top: "17vp" + }) + } else { + Image($r('app.media.left')) + .objectFit(ImageFit.Contain) + .height(24) + .width(24) + .margin({ + top: "17vp", + left: "24vp", + right: "15vp" + }) + .onClick(() => { + router.back() + }) + Text(JSON.parse(this.title)) + .fontColor($r('app.color.title_text_color')) + .fontSize(20) + .flexGrow(1) + .margin({ top: "17vp" }) + if (false) { + Image($r('app.media.record')) + .objectFit(ImageFit.Contain) + .height(25) + .width(25) + .margin({ + right: "15vp", + top: "17vp" + }) + .onClick(() => { + router.push({ uri: "pages/permission-access-record" }) + }) + } + } + } + } + .width(360) + .height(56) + .constraintSize({ minHeight: "56vp" }) + .alignItems(HorizontalAlign.Start) + .backgroundColor($r('app.color.background_color')) + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets new file mode 100644 index 000000000..5fb0927b5 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets @@ -0,0 +1,123 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { categoryListItem } from "../model/categoryList.ets" + +@Component +export struct categoryPage { + build() { + Column() { + categoryList({ + categoryListItem: categoryListItem, + }) + } + } +} + +@Component +struct categoryList { + private categoryListItem: any[] + @State color: string[] = [ + "#ffffff", + "#ffffff", + "#ffffff", + "#ffffff", + "#ffffff", + "#ffffff", + "#ffffff", + "#e5f3ff", + "#ffffff", + "#ffffff", + "#ffffff" + ] + private listState: number = 0 + + build() { + Column() { + List() { + ForEach(this.categoryListItem, (item) => { + ListItem() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Image(item.image) + .objectFit(ImageFit.Contain) + .height(25) + .width(25) + .margin({ + left: "10vp", + right: "15vp" + }) + Text(item.name) + .fontSize("18vp") + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Image(item.icon) + .objectFit(ImageFit.Contain) + .height(20) + .width(20) + } + }.margin({ + top: '16vp' + } + ) + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + .margin({ + top: '10vp', + left: '24%' + }) + } + } + .backgroundColor(this.color[item.index - 1]) + .width('100%') + .height('10%') + .borderRadius('25px') + .margin({ + bottom: '10vp' + }) + .onClick(() => { + if (this.color[item.index - 1] == "#ffffff") { + for (var i = 0; i < this.color.length; i++) { + if (i == item.index - 1) { + this.color[i] = "#e5f3ff" + } else { + this.color[i] = "#ffffff" + } + } + } + this.listState = item.index - 1; + console.debug("you click" + this.listState) + }) + } + }, item => item.index.toString()) + }.width('40%') + Divider() + .vertical(true) + .color($r('app.color.divider_color')) + .width('2vp') + .margin({ + top: "8vp", + bottom: "8vp" + }) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets new file mode 100644 index 000000000..5aba06993 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets @@ -0,0 +1,188 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { dialogData } from "../model/dialogDataList.ets" + +@Extend(Button) function customizeButton() { + .backgroundColor($r('app.color.default_background_color')) + .fontColor($r('app.color.button_color')) +} + +@CustomDialog +export struct positionDialog { + @Link messageList: string[] + controller: CustomDialogController + cancel: () => void + confirm: () => void + + build() { + Column() { + Text('是否开启定位服务?').width('45%').fontSize(16).margin({ top: 20, bottom: 10 }) + Flex({ justifyContent: FlexAlign.SpaceAround }) { + Button('禁止') + .onClick(() => { + this.controller.close() + this.cancel() + }).customizeButton() + Text('|').fontSize(25).fontColor($r('app.color.divider_color')).margin({ top: 3 }) + Button('允许') + .onClick(() => { + this.controller.close() + this.confirm() + }).customizeButton() + }.margin({ bottom: 10 }) + }.backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .height(100) + .width(336) + } +} + +@CustomDialog +export struct spaceDialog { + controller: CustomDialogController + cancel: () => void + confirm: () => void + + build() { + Column() { + Image($r('app.media.ic_nearby')) + .width(24) + .height(24) + .margin({ + top: 24 + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text('是否允许“XX”查找、连接附近设备?').fontSize(16) + .margin({ + top: 16, + left: 24 + }) + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text('用于XXXX。').fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2, + left: 24 + }) + } + } + } + Row() { + Flex({ justifyContent: FlexAlign.SpaceAround }) { + Button('禁止') + .fontSize(16) + .onClick(() => { + this.controller.close() + this.cancel() + }).customizeButton() + Text('|').fontSize(30).fontColor($r('app.color.divider_color')) + Button('允许') + .fontSize(16) + .onClick(() => { + this.controller.close() + this.confirm() + }).customizeButton() + }.margin({ + top: 8 + }) + } + } + .backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .height(170) + .width(336) + } +} + +@CustomDialog +export struct privacyDialog { + @Prop count: number + controller: CustomDialogController + cancel: () => void + confirm: () => void + + build() { + Column() { + if (this.count < dialogData.length) { + Image(dialogData[this.count].icon) + .width(24) + .height(24) + .margin({ + top: 24 + }) + Text(`${this.count + 1} / ${dialogData.length}`) + .fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2 + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text(dialogData[this.count].message1).fontSize(16) + .margin({ + top: 16, + left: 24 + }) + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start }) { + Text(dialogData[this.count].message2).fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ + top: 2, + left: 24 + }) + } + } + } + } + Row() { + Flex({ justifyContent: FlexAlign.SpaceAround }) { + Button('禁止') + .fontSize(16) + .onClick(() => { + this.cancel() + if (this.count === dialogData.length) { + this.controller.close() + } + }).customizeButton() + Text('|').fontSize(30).fontColor($r('app.color.divider_color')) + Button('允许') + .fontSize(16) + .onClick(() => { + this.confirm() + if (this.count === dialogData.length) { + this.controller.close() + } + }).customizeButton() + }.margin({ + top: 8 + }) + } + } + .backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .height(186) + .width(336) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets new file mode 100644 index 000000000..79ccd9496 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@Component +export struct textInput { + @Prop placeholder: string + build() { + Column() { + Flex({ alignContent: FlexAlign.Start }) { + TextInput({ placeholder: this.placeholder }) + .padding({ left: 36 }) + .type(InputType.Normal) + .border({ radius: 20 }) + .placeholderColor($r('app.color.secondary_font_color')) + .placeholderFont({ size: '16vp', weight: FontWeight.Normal, family: "sans-serif", style: FontStyle.Normal }) + .caretColor($r('app.color.secondary_font_color')) + .backgroundColor($r('app.color.default_background_color')) + .height(40) + .width(324) + .onChange((value: string) => { + + }) + .onSubmit((enterKey) => { + + }) + .onEditChanged((isEditing) => { + + }) + Column() { + Image($r('app.media.search')) + .objectFit(ImageFit.Contain) + .width(16) + .height(16) + .margin({ left: -312, top: 12 }) + } + } + } + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets new file mode 100644 index 000000000..cb0cfa744 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@Component +export struct titleBar { + build() { + Column() { + Text($r('app.string.settings')) + .fontColor($r('app.color.title_text_color')) + .fontSize("24fp") + .margin({ + left: "14vp", + right: "24vp", + top: "12vp" + }) + } + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .width('40%') + .height(56) + .constraintSize({ minHeight: "56vp" }) + .alignItems(HorizontalAlign.Start) + .backgroundColor($r('app.color.background_color')) + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets new file mode 100644 index 000000000..5ac4cb35a --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const calendarListItem: any[] = [ + { 'name': '读取日历', 'index': 1 }, + { 'name': '新建/修改/删除日历', 'index': 2 } +] +export const dynamicListItem: any[] = [ + { 'name': 'xxxxxx', 'index': 1 }, + { 'name': 'xxxxxx', 'index': 2 } +] +export const allowedListItem: any[] = [ + { 'name': '相机', 'index': 1, permission:'' }, + { 'name': '麦克风', 'index': 2, permission:'' }, + { 'name': '媒体和文件', 'index': 3, permission:'仅媒体' }, + { 'name': '日历', 'index': 4, permission:'读取日历' } +] +export const bannedListItem: any[] = [ + { 'name': '悬浮窗', 'index': 1 } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets new file mode 100644 index 000000000..bf8f8bc76 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const authorityListItem: any[] = [ + { 'name': '位置信息', 'index': 1, 'image': $r('app.media.ic_public_gps'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '相机', 'index': 2, 'image': $r('app.media.ic_public_camera'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '麦克风', 'index': 3, 'image': $r('app.media.ic_public_voice'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, +] +export const messageListItem: any[] = [ + { 'name': '电话', 'index': 1, 'image': $r('app.media.ic_public_phone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '信息', 'index': 2, 'image': $r('app.media.ic_public_message'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '通讯录', 'index': 3, 'image': $r('app.media.ic_public_contacts_group'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '通话记录', 'index': 4, 'image': $r('app.media.ic_call_logs'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '媒体和文件', 'index': 5, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '健身运动', 'index': 7, 'image': $r('app.media.ic_sport'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '身体传感器', 'index': 8, 'image': $r('app.media.ic_ssensor'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '附近设备', 'index': 9, 'image': $r('app.media.ic_nearby'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } +] +export const appInstallListItem: any[] = [ + { 'name': '已安装应用列表', 'index': 1, 'image': $r('app.media.in_app_installations'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '应用内安装其他应用', 'index': 2, 'image': $r('app.media.in_app_installations'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '创建桌面快捷方式', 'index': 3, 'image': $r('app.media.ic_forward'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '悬浮窗', 'index': 4, 'image': $r('app.media.ic_dropzone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } +] +export const otherPermissionsListItem: any[] = [ + { 'name': '其他权限', 'index': 1, 'image': $r('app.media.ic_more'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } +] +export const applicationListItem: any[] = [ + { 'name': '备忘录', 'index': 1, 'image': $r('app.media.beiwanglu'), 'message': '6项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'B' }, + { 'name': '拨号权限', 'index': 2, 'image': $r('app.media.phone'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'B' }, + { 'name': '电子邮件', 'index': 3, 'image': $r('app.media.baiduwangpan'), 'message': '1项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'D' }, + { 'name': '华为视频', 'index': 4,'image': $r('app.media.bilibili'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'H' }, + { 'name': '联系人', 'index': 5, 'image': $r('app.media.tongxunlu'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'L' }, + { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'R' }, + { 'name': '手机管家', 'index': 7, 'image': $r('app.media.weixin'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'S' }, + { 'name': '图库', 'index': 8, 'image': $r("app.media.photo"), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'T' } +] diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets new file mode 100644 index 000000000..bbeb6f392 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const categoryListItem: any[] = [ + { 'name': '声音和振动', 'index': 1, 'image': $r('app.media.shengyin'), 'icon': $r('app.media.rightarrow') }, + { 'name': '通知', 'index': 2, 'image': $r('app.media.tongzhi'), 'icon': $r('app.media.rightarrow') }, + { 'name': '生物识别', 'index': 3, 'image': $r('app.media.shibie'), 'icon': $r('app.media.rightarrow') }, + { 'name': '应用和服务', 'index': 4,'image': $r('app.media.yingyong'), 'icon': $r('app.media.rightarrow') }, + { 'name': '电池', 'index': 5, 'image': $r('app.media.dianchi'), 'icon': $r('app.media.rightarrow') }, + { 'name': '存储', 'index': 6, 'image': $r('app.media.cunchu'), 'icon': $r('app.media.rightarrow') }, + { 'name': '安全', 'index': 7, 'image': $r('app.media.anquan'), 'icon': $r('app.media.rightarrow') }, + { 'name': '隐私', 'index': 8, 'image': $r('app.media.yinsi'), 'icon': $r('app.media.rightarrow') }, + { 'name': '平板健康', 'index': 9, 'image': $r('app.media.jiankang'), 'icon': $r('app.media.rightarrow') }, + { 'name': '应用设置', 'index': 10, 'image': $r('app.media.shezhi'), 'icon': $r('app.media.rightarrow') } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets new file mode 100644 index 000000000..f3c5572c2 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const dialogData: any[] = [ + { 'name': '权限1', 'index': 1, 'message1': '内容1','message2': '内容一', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限2', 'index': 2, 'message1': '内容2','message2': '内容二', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限3', 'index': 3, 'message1': '内容3','message2': '内容三', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限4', 'index': 4, 'message1': '内容4','message2': '内容四', 'icon': $r("app.media.ic_exercise") } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets new file mode 100644 index 000000000..bf9dcd340 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const mediaDocListItem: any[] = [ + { 'name': '允许', 'index': 1, groupName: 'radio', checked: 1 }, + { 'name': '禁止', 'index': 2, groupName: 'radio', checked: 0 } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/otherPermissionsList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/otherPermissionsList.ets new file mode 100644 index 000000000..893dbf0b7 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/otherPermissionsList.ets @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const otherPermissionsListItem: any[] = [ + { 'name': '生物识别', 'index': 1, 'icon': $r('app.media.rightarrow') }, + { 'name': '微博', 'index': 2, 'icon': $r('app.media.rightarrow') }, + { 'name': '附近设备', 'index': 3, 'icon': $r('app.media.rightarrow') }, +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionAccessRecordList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionAccessRecordList.ets new file mode 100644 index 000000000..eb6771276 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionAccessRecordList.ets @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const permissionAccessRecordListItem: any[] = [ + { 'name1': '微信', 'index': 1, 'image1': $r('app.media.weixin'), 'image2': $r('app.media.phone'), 'name2': '电话', 'visits': 16, 'lastVisitTime': '12月29日 上午12:22' }, + { 'name1': 'QQ', 'index': 2, 'image1': $r('app.media.qq'), 'image2': $r('app.media.phone'), 'name2': '电话', 'visits': 10, 'lastVisitTime': '12月30日 上午13:54' } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets new file mode 100644 index 000000000..4e0561447 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const privacyListItem: any[] = [ + { 'name': '权限管理', 'index': 1, 'message': '', 'icon': $r('app.media.rightarrow') }, + { 'name': '定位服务', 'index': 2, 'message': '已开启', 'icon': $r('app.media.rightarrow') }, + { 'name': '隐私空间', 'index': 3, 'message': '', 'icon': $r('app.media.rightarrow') }, + { 'name': '广告与隐私', 'index': 4,'message': '', 'icon': $r('app.media.rightarrow') } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets new file mode 100644 index 000000000..2e73d04e2 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets @@ -0,0 +1,14 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets new file mode 100644 index 000000000..8d6e5c7be --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets @@ -0,0 +1,210 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { allowedListItem, bannedListItem } from "../common/model/appNameList.ets" +import router from '@system.router' + +@Entry +@Component +struct appNamePlusPage { + private routerData = router.getParams().routerData + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar({ title: JSON.stringify(this.routerData.name) }) + } + Row() { + // categoryPage() + Column() { + Scroll() { + appNameItem({ + allowedListItem: allowedListItem, + bannedListItem: bannedListItem, +// buttonListItem: buttonListItem + }) + } + }.width('100%') + }.layoutWeight(1).width(360) + } + } + } +} + +@Component +struct appNameItem { + private allowedListItem: any[] + private bannedListItem: any[] +// private buttonListItem: any[] + @State text: string = '' + @State fontColor: string = '' + + build() { + Row() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text($r('app.string.allowed')) + .fontSize(14) + .margin({ top: 19.5, left: 48 }) + } + } + Row() { + List() { + ForEach(this.allowedListItem, (item) => { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Column() { + if(item.permission != ''){ + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + } + }.margin({ top: 8 }) + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text(item.permission) + .fontSize(14) + .fontColor($r('app.color.icon_color')) + } + }.margin({ bottom: 8 }) + }else{ + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + }.margin({ top: 8, bottom: 8 }) + }.height('100%') + } + + }.flexGrow(1).constraintSize({ minHeight: "48vp" }) + Image($r('app.media.rightarrow')) + .objectFit(ImageFit.Contain) + .height(24) + .width(12) + } + .width('100%') + .height(48) + } + if (item.index !== this.allowedListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + router.push({ + uri: 'pages/app-name', + params: { routerData: item } + }) + }) + } + }.padding({ left: 24, right: 24 }) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 9 }).padding({ left: 24, right: 24 }) + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text($r('app.string.banned')) + .fontSize(14) + .margin({ top: 19.5, left: 48 }) + } + } + Row() { + List() { + ForEach(this.bannedListItem, (item) => { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Image($r('app.media.rightarrow')) + .objectFit(ImageFit.Contain) + .height(24) + .width(12) + } + .width('100%') + .height(48) + } + if (item.index !== this.bannedListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + router.push({ + uri: 'pages/app-name', + params: { routerData: item } + }) + }) + } + }.padding({ left: 24, right: 24 }) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 9 }).padding({ left: 24, right: 24 }) + Row() { +// if(this.buttonListItem[0]['name'] !== 'disabled' ) { +// Button('查看所有权限', { type: ButtonType.Capsule, stateEffect: false }) +// .fontColor($r('app.color.icon_color')) +// .backgroundColor($r('app.color.background_color')) +// .width(90) +// }else{ + Button('查看所有权限', { type: ButtonType.Capsule, stateEffect: true }) + .fontColor($r('app.color.button_color')) + .backgroundColor($r('app.color.background_color')) + .width(90).height(48) + .onTouch((event: TouchEvent) => { + if (event.type === TouchType.Down) { + } + if (event.type === TouchType.Up) { + } + if (event.type === TouchType.Move) { + if(event.touches[0].x < 0 || event.touches[0].x > 90 || event.touches[0].y > 0 || event.touches[0].y > 48) { + this.fontColor = $r('app.color.icon_color') + '' + } + } + }) +// } + }.margin({top:16}) + } + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets new file mode 100644 index 000000000..60acc9c60 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets @@ -0,0 +1,153 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { calendarListItem, dynamicListItem } from "../common/model/appNameList.ets" +import router from '@system.router' +@Entry +@Component +struct appNamePage { + private routerData = router.getParams().routerData + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar({ title: JSON.stringify(this.routerData.name) }) + } + Row() { + // categoryPage() + Column() { + Scroll() { + appNameItem({ + calendarListItem: calendarListItem, + dynamicListItem: dynamicListItem + }) + } + } + }.layoutWeight(1).width(360) + } + } + } +} + +@Component +struct appNameItem { + private calendarListItem: any[] + private dynamicListItem: any[] + + build() { + Row() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text($r('app.string.calendar')) + .fontSize(14) + .margin({ top: 19.5, left: 48 }) + } + } + Row() { + List() { + ForEach(this.calendarListItem, (item) => { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Toggle({ type: ToggleType.Switch, isOn: true }) + .selectedColor($r('app.color.toggle_color')) + .width(36) + .height(20) + .onChange((isOn: boolean) => { + }) + } + .width('100%') + .height(48) + } + if (item.index !== this.calendarListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + }) + } + }.padding({ left: 24, right: 24 }) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 9 }).padding({ left: 24, right: 24 }) + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text('xxx') + .fontSize(14) + .margin({ top: 19.5, left: 48 }) + } + } + Row() { + List() { + ForEach(this.dynamicListItem, (item) => { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Toggle({ type: ToggleType.Switch, isOn: true }) + .selectedColor($r('app.color.toggle_color')) + .width(36) + .height(20) + .onChange((isOn: boolean) => { + }) + } + .width('100%') + .height(48) + } + if (item.index !== this.dynamicListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + }) + } + }.padding({ left: 24, right: 24 }) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 9 }).padding({ left: 24, right: 24 }) + } + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets new file mode 100644 index 000000000..9080c6268 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets @@ -0,0 +1,277 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { authorityListItem, messageListItem, appInstallListItem, otherPermissionsListItem, applicationListItem } from "../common/model/authorityManagementList.ets" +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" +import { textInput } from "../common/components/search.ets" +import router from '@system.router' + +@Extend(Text) function customizeText(fontSize: string) { + .fontSize(fontSize) + .fontColor($r('app.color.text_color')) +} +@Extend(Image) function customizeImage(width: number, height: number) { + .objectFit(ImageFit.Contain) + .width(width) + .height(height) +} +@Extend(Row) function customizeRow() { + .backgroundColor($r('app.color.default_background_color')) + .width('500%') + .height('7%') + .borderRadius('20px') + .margin({ + left: '10vp' + }) +} + +@Entry +@Component +struct authorityManagementPage { + + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar( { title: JSON.stringify($r('app.string.authority_management')) }) + } + Row() { + // categoryPage() + Column() { + Column() { + Stack() { + Tabs() { + TabContent() { + Scroll() { + authorityItem({ + authorityListItem: authorityListItem, + messageListItem: messageListItem, + appInstallListItem: appInstallListItem, + otherPermissionsListItem: otherPermissionsListItem + }) + } + }.tabBar('权限') + + TabContent() { + Scroll() { + applicationItem({ + applicationListItem: applicationListItem, + }) + } + }.tabBar('应用') + } + .backgroundColor($r('app.color.background_color')) + .barWidth(744) + .barMode(BarMode.Scrollable) + }.height('100%') + } + }.width('100%') + } + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .layoutWeight(1) + .width(360) + } + } + } +} + +@Component +struct authorityItem { + private authorityListItem: any[] + private messageListItem: any[] + private appInstallListItem: any[] + private otherPermissionsListItem: any[] +@Builder ListItemLayout(item, list) { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Image(item.image) + .customizeImage(24, 24) + .margin({ right: 16 }) + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Image(item.icon) + .customizeImage(12, 24) + } + .width('100%') + .height(56) + } + if (item.index !== list.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + if (item.name === '其他权限') { + router.push({ + uri: 'pages/other-permissions', + }) + }else if (item.name === '位置信息') { + router.push({ + uri: 'pages/location-info', + }) + }else if (item.name === '媒体和文件') { + router.push({ + uri: 'pages/media-documents', + params: { routerData: item } + }) + }else{ + router.push({ + uri: 'pages/media-documents', + params: { routerData: item } + }) + } + + }) + } + }.padding({ left: 12, right: 12 }) +} + build() { + Row() { + Column() { + Row() { + List() { + ForEach(this.authorityListItem, (item) => { + this.ListItemLayout(item, this.authorityListItem) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.padding({ left: 12, right: 12, top: 8 }) + Row() { + List() { + ForEach(this.messageListItem, (item) => { + this.ListItemLayout(item, this.messageListItem) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 12 }).padding({ left: 12, right: 12 }) + Row() { + List() { + ForEach(this.appInstallListItem, (item) => { + this.ListItemLayout(item, this.appInstallListItem) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 12 }).padding({ left: 12, right: 12 }) + Row() { + List() { + ForEach(this.otherPermissionsListItem, (item) => { + this.ListItemLayout(item, this.otherPermissionsListItem) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 12 }).padding({ left: 12, right: 12 }) + }.width('100%') + .backgroundColor($r('app.color.background_color')) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} + +@Component +struct applicationItem { + @State applicationList: any[] = applicationListItem + private applicationListItem: any[] + + @Builder ListItemLayout(item, index) { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Image(item.image) + .customizeImage(40, 40) + .margin({ right: 16 }) + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Text(item.message) + .fontSize(14) + .fontColor($r('app.color.icon_color')) + .margin({ right: 4 }) + Image(item.icon) + .customizeImage(12, 24) + } + .width('100%') + .height(72) + .constraintSize({ minHeight: "72vp" }) + } + if (index === 0) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + router.push({ + uri: 'pages/app-name-plus', + params: { routerData: item } + }) + }) + } + }.padding({ left: 12, right: 12 }) + } + build() { + Column() { + Row() { + textInput({ placeholder: '搜索应用' }) + }.padding({ left: 12, top: 8 }) + Scroll() { + Row() { + Flex({ alignItems: ItemAlign.Start }) { + Column() { + Row() { + List() { + ForEach(this.applicationList.slice(0, this.applicationList.length - 1), (item) => { + this.ListItemLayout(item, 0) + }, item => item.toString()) + ForEach(this.applicationList.slice(-1), (item, index) => { + this.ListItemLayout(item, 1) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 12 }).padding({ left: 12 }) + } + .backgroundColor($r('app.color.background_color')) + .height("89%") + Column() { + alphabetIndexerComponent({ page: 'authority-management', applicationList: $applicationList }) + } + .margin({ top: 12 }) + .width(24) + .padding({ right: 0 }) + } + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } + } + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets new file mode 100644 index 000000000..c73e36217 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { applicationListItem } from "../common/model/authorityManagementList.ets" +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" +import { textInput } from "../common/components/search.ets" +import router from '@system.router' + +@Extend(Text) function customizeText(fontSize: string) { + .fontSize(fontSize) + .fontColor($r('app.color.text_color')) +} +@Extend(Image) function customizeImage(width: number, height: number) { + .objectFit(ImageFit.Contain) + .width(width) + .height(height) +} +@Extend(Row) function customizeRow() { + .backgroundColor($r('app.color.default_background_color')) + .width('500%') + .height('7%') + .borderRadius('20px') + .margin({ + left: '10vp' + }) +} + +@Entry +@Component +struct locationInfoPage { + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar({title: JSON.stringify($r("app.string.location_info"))}) + } + Row() { + // categoryPage() + Column() { + applicationItem({ + applicationListItem: applicationListItem + }) + }.width(360) + } + .layoutWeight(1) + } + } + } +} + +@Component +struct applicationItem { + @State applicationList: any[] = applicationListItem + private applicationListItem: any[] + @Builder ListItemLayout(item, index) { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Image(item.image) + .customizeImage(40, 40) + .margin({ right: 16 }) + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Toggle({ type: ToggleType.Switch, isOn: true }) + .selectedColor($r('app.color.toggle_color')) + .width(36) + .height(20) + .onChange((isOn: boolean) => { + }) + } + .width('100%') + .height(72) + .constraintSize({ minHeight: "72vp" }) + } + if (index === 0) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + }) + } + }.padding({ left: 12, right: 12 }) + } + build() { + Column() { + Row() { + textInput({ placeholder: '搜索应用' }) + }.padding({ left: 12 }) + .backgroundColor($r('app.color.background_color')) + Row() { + Flex({ alignItems:ItemAlign.Start, justifyContent: FlexAlign.Start }) { + Column() { + Flex({ justifyContent: FlexAlign.Start }) { + Text($r('app.string.location_info_message')) + .fontSize(14) + .fontColor($r('app.color.secondary_font_color')) + .margin({ top: 24, left: 12 }) + } + Scroll() { + Row() { + Column() { + Row() { + List() { + ForEach(this.applicationList.slice(0, this.applicationList.length - 1), (item) => { + this.ListItemLayout(item, 0) + }, item => item.toString()) + ForEach(this.applicationList.slice(-1), (item, index) => { + this.ListItemLayout(item, 1) + }, item => item.toString()) + } + .backgroundColor($r('app.color.default_background_color')) + .borderRadius(24) + .padding({ top: 4, bottom: 4 }) + }.margin({ top: 24 }) + }.width('100%') + .height('89%') + .backgroundColor($r('app.color.background_color')) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } + }.padding({ left: 12 }).width(336) + Column() { + alphabetIndexerComponent({ page: 'location-info', applicationList: $applicationList }) + }.width(24).padding({ top: 16 }) + } + } + .backgroundColor($r('app.color.background_color')) + } + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets new file mode 100644 index 000000000..5b098a51e --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets @@ -0,0 +1,150 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { mediaDocListItem } from "../common/model/mediaDocList.ets" +import router from '@system.router' +@Entry +@Component +struct mediaDocumentPage { + private routerData = router.getParams().routerData + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { +// titleBar() + backBar({title: JSON.stringify(this.routerData.name)}) + } + Row() { +// categoryPage() + Column() { + Scroll() { + otherMediaDocItem({ + mediaDocListItem:mediaDocListItem + }) + } + }.width(360) + } + .layoutWeight(1) + } + } + } +} + +@Component +struct otherMediaDocItem { + private routerData = router.getParams().routerData + @State checkList: any[] = [1, 0] + private mediaDocListItem: any[] + build() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Image(this.routerData.image) + .width(64) + .height(64) + .margin({left:24,right:12}) + Column() { + Row() { + Text(this.routerData.name) + .fontSize(16) + .fontColor("#182431") + } + Row() { + Text(this.routerData.version) + .fontSize(12) + } + } + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(this.routerData.use) + .fontSize(12) + }.margin({left:36,right:12}) + } + } + .margin({top:24}) + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text('媒体和文件访问权限') + }.margin({left:36,right:12}) + } + } + .height(48) + .margin({top:12}) + Column() { + List() { + ForEach(this.mediaDocListItem, (item) => { + ListItem() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Radio({ group:item.groupName,value:item.index }) + .width(24) + .height(24) + .checked(this.checkList[item.index - 1]) + .onChange((isChecked) => { + if (item.index - 1) { + if (!isChecked) { + this.checkList[1] = 0 + } + this.checkList = [0, 1] + } else { + if (!isChecked) { + this.checkList[1] = 1 + } + this.checkList = [1, 0] + } + }) + Image($r('app.media.ic_ssensor')) + }.backgroundColor($r('app.color.default_background_color')) + .width('100%') + .height('48') + } + } + } + .onClick(() => { + }) + } + .padding({ left: 12,right: 12 }) + .margin({ top: 1 }) + }, item => item.toString()) + } + .borderRadius(24) + .backgroundColor($r('app.color.default_background_color')) + .padding({ left: 12, right: 12, top: 3, bottom: 4 }) + } + .padding({ left: 24, right: 24 }) + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + } + .backgroundColor($r('app.color.background_color')) + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets new file mode 100644 index 000000000..c376f0390 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets @@ -0,0 +1,106 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { otherPermissionsListItem } from "../common/model/otherPermissionsList.ets" +import router from '@system.router' +@Entry +@Component +struct permissionsPage { + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { +// titleBar() + backBar({title: JSON.stringify($r("app.string.other_permissions"))}) + } + Row() { + Column() { +// categoryPage() + } + Column() { + Scroll() { + otherPermissionsItem({ + otherPermissionsListItem: otherPermissionsListItem + }) + } + }.width(360) + } + .layoutWeight(1) + } + } + } +} + +@Component +struct otherPermissionsItem { + private otherPermissionsListItem: any[] + build() { + Row() { + Column() { + List() { + ForEach(this.otherPermissionsListItem, (item) => { + ListItem() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Image(item.icon) + .objectFit(ImageFit.Contain) + .height(24) + .width(12) + }.backgroundColor($r('app.color.default_background_color')) + .width('100%') + .height('48') + } + } + if (item.index !== this.otherPermissionsListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + } + .onClick(() => { + }) + } + .padding({ left: 12,right: 12 }) + .margin({ top: 1 }) + }, item => item.toString()) + } + .margin({top:8}) + .borderRadius(24) + .backgroundColor($r('app.color.default_background_color')) + .padding({ left: 12, right: 12, top: 3, bottom: 4 }) + } + .padding({ left: 37, right: 37 }) + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + } + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets new file mode 100644 index 000000000..322154909 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets @@ -0,0 +1,187 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { permissionAccessRecordListItem } from "../common/model/permissionAccessRecordList.ets" +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import router from '@system.router' + +@Extend(Text) function customizeText(fontSize: string) { + .fontSize(fontSize) + .fontColor($r('app.color.text_color')) +} +@Extend(Image) function customizeImage(width: number, height: number) { + .objectFit(ImageFit.Contain) + .width(width) + .height(height) +} + +@Entry +@Component +struct permissionAccessRecordPage { + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar({ title: JSON.stringify($r('app.string.permission_access_record'))}) + } + Row() { + // categoryPage() + Column() { + Column() { + Flex({ justifyContent: FlexAlign.Start }) { + Text($r('app.string.authority_message')) + .fontSize("16vp") + .margin({ + left: '15vp' + }) + } + .backgroundColor($r('app.color.background_color')) + Scroll() { + permissionAccessRecordItem({ + permissionAccessRecordListItem: permissionAccessRecordListItem, + }) + } + } + }.width(360) + } + .layoutWeight(1) + } + } + } +} + +@Component +struct permissionAccessRecordItem { + private permissionAccessRecordListItem: any[] + @State collapseList: boolean[] = new Array(permissionAccessRecordListItem.length).fill(false) + @State iconList: any[] = new Array(permissionAccessRecordListItem.length).fill($r('app.media.downarrow')) + build() { + Row() { + Column() { + List() { + ForEach(this.permissionAccessRecordListItem, (item) => { + ListItem() { + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Image(item.image1) + .customizeImage(40, 40) + .margin({ + left: "10vp", + right: "5vp" + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text(item.name1) + .customizeText('16vp') + } + .flexGrow(1) + Image(this.iconList[item.index - 1]) + .customizeImage(20, 20) + .margin({ + top: '20vp', + right: '40vp' + }) + } + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Image(item.image2) + .customizeImage(20, 20) + .margin({ + top: '-8vp' + }) + } + } + } + } + .margin({ + top: '10vp', + bottom: '10vp' + }) + }.onClick(() => { + if (this.collapseList[item.index - 1]) { + this.collapseList[item.index - 1] = false + this.iconList[item.index - 1] = $r('app.media.downarrow') + } else { + this.collapseList[item.index - 1]= true + this.iconList[item.index - 1] = $r('app.media.uparrow') + } + }) + if (this.collapseList[item.index - 1]) { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Image(item.image2) + .customizeImage(30, 30) + .margin({ + left: "15vp", + right: "5vp" + }) + Column() { + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text(item.name2) + .customizeText('16vp') + .margin({ + top: '2vp' + }) + } + } + Row() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Text("访问次数:" + item.visits + "; " + "最近访问:" + item.lastVisitTime) + .customizeText('16vp') + .margin({ + top: '2vp' + }) + } + } + } + } + }.margin({ + bottom: '20vp' + }) + } + }.backgroundColor($r('app.color.default_background_color')) + .borderRadius('25px') + .width('100%') + .margin({ + left: '10vp', + top: '10vp' + }).onClick(() => { + if (item.name === '权限管理') { + router.push({ uri: 'pages/authority_management' }) + } + }) + } + }, item => item.index.toString()) + } + } + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets new file mode 100644 index 000000000..afcdc8b09 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets @@ -0,0 +1,171 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { positionDialog, spaceDialog, privacyDialog } from "../common/components/dialog.ets" +import { titleBar } from "../common/components/titleBar.ets" +import { categoryPage } from "../common/components/category.ets" +import { backBar } from "../common/components/backBar.ets" +import { privacyListItem } from "../common/../common/model/privacyList.ets" +import { dialogData } from "../common/model/dialogDataList.ets" +import router from '@system.router' + +@Entry +@Component +struct privacyPage { + build() { + Flex({ justifyContent: FlexAlign.Center }) { + Column() { + Row() { + // titleBar() + backBar({title: JSON.stringify($r("app.string.privacy"))}) + } + Row() { + // categoryPage() + Column() { + Scroll() { + privacyItem({ + privacyListItem: privacyListItem + }) + } + }.width(360) + }.layoutWeight(1) + } + } + } +} + +@Component +struct privacyItem { + private privacyListItem: any[] + @State messageList: string[] = [ '', '未开启', '', ''] + @State count: number = 0 +// @State returnList :string[] = [] + positionDialogController: CustomDialogController = new CustomDialogController({ + builder: positionDialog({ cancel: this.positionCancel, confirm: this.positionAccept, messageList: $messageList }), + cancel: this.positionExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + positionCancel() { + const index = privacyListItem.findIndex((item) => { return item.name === '定位服务' }) + this.messageList[index] = '未开启' + } + positionAccept() { + const index = privacyListItem.findIndex((item) => { return item.name === '定位服务' }) + this.messageList[index] = '已开启' + } + positionExist() { + } + spaceDialogController: CustomDialogController = new CustomDialogController({ + builder: spaceDialog({ cancel: this.spaceCancel, confirm: this.spaceAccept }), + cancel: this.spaceExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + spaceCancel() { + } + spaceAccept() { + } + spaceExist() { + } + privacyDialogController: CustomDialogController = new CustomDialogController({ + builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), + cancel: this.privacyExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + privacyAccept() { + this.count < dialogData.length ? this.count += 1 : this.count = 0 + // this.returnList.push('0') + console.info('accept ' + this.count) + + } + privacyCancel() { + if (this.count < dialogData.length) { + this.count += 1 + // this.returnList.push('1') + } else { + this.count = 0 + // this.returnList = [] + } + console.info('cancel' + this.count) + + } + privacyExist() { + // this.returnList = [] + console.info("exist") + } + build() { + Row() { + Column() { + List() { + ForEach(this.privacyListItem, (item) => { + ListItem() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(18) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Text(this.messageList[item.index - 1]) + .fontSize(18) + .fontColor($r('app.color.icon_color')) + Image(item.icon) + .objectFit(ImageFit.Contain) + .height(20) + .width(20) + }.backgroundColor($r('app.color.default_background_color')) + .borderRadius('25px') + .width('100%') + .height('7%') + .margin({ + left: '10vp', + bottom: '10vp' + }) + } + }.margin({ right: '20vp'}).onClick(() => { + if (item.name === '权限管理') { + router.push({ uri: 'pages/authority-management' }) + } + if (item.name === '定位服务') { + this.positionDialogController.open() + } + if (item.name === '隐私空间') { + this.spaceDialogController.open() + } + if (item.name === '广告与隐私') { + this.privacyDialogController.open() + } + }) + } + }, item => item.toString()) + } + } + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + }.useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json new file mode 100644 index 000000000..c3a6df19c --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "< more" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json new file mode 100644 index 000000000..ddc52a17f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json @@ -0,0 +1,7 @@ +{ + "colors": { + "colorSubBackground": "#000000", + "appbar_subtitle_color": "#99ffffff", + "text_color": "#ffffff" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png new file mode 100644 index 0000000000000000000000000000000000000000..49991d108d51f1803ff3dcadc8870d69977908e7 GIT binary patch literal 1671 zcmV;226*|2P)FV00001b5ch_0Itp) z=>Px*K}keGRA>e5S!-++RS=%p`$R&uO$0?K@<;FU50F43#8!FH$C>oSPVef0lnOn9!yL?k)bY zlich%XJ)=L-`PE{xd1~lGy)Zk09NF!I8R=jnN~1h5t7wF0HYD`URIChUy|$H{Om@e zE=1#OEQb5qTas;xd)dW`2ux|pOwALmVUWc{biYm%Oz<2U&_ZBr>u62>sN<{JmPKI7 zQW{sV%nby%8i))PP``|XNZS*M^joKPV3)4H7J*qWQ=;c`W+M>10YE9;&VudHWFng< zj!kd)Y71t9Z3ncG2~2OIktUftiQusT_rWhA!r?Tgn|^A=%TdrH5vXs@&dB8pyBV-H z3TUM^hSP#JC;^$M1&a<7(1obKcl)6dgZvN)S1p(Y5W|xm@8*@bTix=L1j@xnVigX0w@}`9-FE{Cu158;P)XWgO~iozNX!1Y17K z!*7>4ByGV=GMTC?wNI3M1KF(kemTKERFAM}eZmvG#4ChECpP**sa(!{uauvMKwVSz z0RViylyOj7)o_5UC@_qP(A*odvJ$gW@CoM~|Tc?cj_t9bOahiT>f7zY;aCN?YB zR$KVUk}J?lZa)tJvY^>*6s10MvIol7ZI*_u3W5ZS)Vh=%y~>Wu>+g8CQIvYkUE!l| zVq328Y9u$kesK`suefXi7cLQe{&jd@Vk5TY3dbnd z)P8ZV+GF}PWfWSzEx=#@5Ug1egWK%law*Sxs~te6*r>MG}VuSOt*gq-|VFW?D(pa2Js=+6hqEvdMUHvnYt z9W*-V2tJgpdm#=F);Sh46~AOzh`zEc4s)kluz7nPu4&8-NsOtWj-I))S5*d;t9hnu zd^MpRyoxEr1w*i+ie&XvThBYMTWs>48hjp-WAO*CCty4$5C=ofT_kw(qa5V&!Dy1r z>)4Z?pjtWJfGGGN{iSM9s{G=j*q{Y3_%aZJ877j7blZ3cBx3k6Ao@;(T3*}dH->lS z?kKD-n1byuJbgKj>ehP*w6~;A@oMy`+t98*_jC+`y0PtapMojaej@qPQb}MB0RiAd z>pOg{lwH{&!*~yz!^`0962X=}yn?1Af4%Ll3yp11y!|75XxHuMgfR%RVcjkfZ0W-- zlJqT=kq|rI;j9{&dYhpRsbHr%3AXOagH`@vQiXGr1yiu44^<@DD;aCGO)Y!rDq2bF zUC)|Fxv5rZhS{7NS-&a)>57hh1Bhl8VAHl79Buame}OaAbAmF}fdr%rxhLoI)jJ?@JtrFrf6^Q46;1&%@t6P9sU~#tdu>%TR|B5ZGddT9Uja@}v{_ zn_c=;3?wU&^37m6gUjRqj`NXw7vCQ`e|3)fEz7P%Jhmh(GcC4}2#DdWKR8;MM5EN* zlH}lp#LOuOqiPUp_`FkdXCM5Ps{~hi2>!T2aQrm?IQT4+C?)K1Xm~QctZfJWSxWD2 zi%dWqC1Wi~Um{$`d$#Mq?1t8@^Rmq=pDZ57wxSO`FQyg&+r2OOEBRANLF#AmY@Fhg zcYWD7W$*D@DjoK&N?8PK49TNPDpIm}VFy6l$9~GeOwL_$bdlZPZr6QQL_qCKRx3%2 zNp6Y%H|1P(ap@hyS5)~l literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png new file mode 100644 index 0000000000000000000000000000000000000000..cdf5bb49392dfce97ea9fa1be0ace95715903498 GIT binary patch literal 1107 zcmV-Z1g!gsP)FV00001b5ch_0Itp) z=>Px(4M{{nRA>e5n0ap$F$~4aeUm-VoFq@wM0-OltrqH0TZSvN#0@VoM~bD%1vm{Dyc`;;+DIJsyeV{HnoTx+s1Sf0PCr5&%v=7LS&UP52$Z z*kA9(>`IgZAZ?iWgLGcQEkJso7pYXedmG^QYJX_5_njI(5*O8Yo@wNDq5~F2SEP;+(+SVs)*T4rP1S)9qVdJE{wT)CR!{qW@M*z|vUYcuVRq0H<>a$an#k^r%Xm{pbbI;yi=X6ZNeq z-vf|AwgnwMF94Rg1vMvhjcn`-O=AKZ0O`XfY(Y(0)X2uZ;9HVLHUJKeR@9Wq8d>X4 zvI;f;Tl%bW?)R76NAs;l)~M!Jpf!CM4NeXfaA{ z=9stkVp{}6TEVL#`=!&I>0JrQ3fSI-bATBf3iNM@^iOuib2dUSoT}`Xn$_TjMtUw_ z2d$YAW}DWT8&fOL#YS%BtnH+V*#Ovd$r4%Z0Iu;07#>~jCWLQNZ;M`KK)$9*VXFq%_I$#ZEzgiAj2xR~*HIYLZae1OSKb)(P;POt=Rjp{Iu_8i>FkTF1{i(>LxriO} z1ZaUd_4rF8b{4}NDCm1juGfQsofo3LBQW+8kxsT3u~WT5`oNL@K#bEV$P)n7gHv^= zJ!YKLpk!Oe^=gstn|gMt4j*F-9S|KZ68FWv)&X1W4Tvo5LAZRdcW9@1vZBz<>E*X) zdLmmyO#m39YVpq+r)I6LRI(r-Dj(&tFSw3@RwqcM4UsN%3hc=UXOCMda|5&n5NvXB zAqXm!w?BfM_rzKHF7^SZe-p+A5D!W){4vI+CK$*bARWl(K%B+#W~Ze)W1fL|2L6{B Z_ye>Cr2VxM_(lK#002ovPDHLkV1jHc1@-^{ literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json new file mode 100644 index 000000000..127f01aeb --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json @@ -0,0 +1,19 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "more >" + }, + "colors": { + "colorSubBackground": "#f1f3f5", + "appbar_subtitle_color": "#99000000", + "text_color": "#000000" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json new file mode 100644 index 000000000..319b5d66e --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "CategoryPage", + "describe": "describe", + "category": "Category", + "itemChild": "ItemChild", + "item": "Item", + "search": "search...", + "you_search": "You search ", + "you_clicked": "You clicked ", + "tab": "Tab", + "more": "more >" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json new file mode 100644 index 000000000..4b9482c8f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json @@ -0,0 +1,7 @@ +{ + "colors": { + "colorSubBackground": "#f1f3f5", + "appbar_subtitle_color": "#99000000", + "text_color": "#000000" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json new file mode 100644 index 000000000..4ca364c62 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json @@ -0,0 +1,14 @@ +{ + "strings": { + "app_name": "分类页", + "describe": "描述", + "category": "分类", + "itemChild": "子类", + "item": "类型", + "search": "搜索...", + "you_search": "你搜索了", + "you_clicked": "你点击了", + "tab": "分页", + "more": "更多 >" + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json new file mode 100644 index 000000000..f2bfa884a --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json @@ -0,0 +1,48 @@ +{ + "color": [ + { + "name": "text_color", + "value": "#182331" + }, + { + "name": "background_color", + "value": "#f1f3f5" + }, + { + "name": "title_text_color", + "value": "#182431" + }, + { + "name": "active_background_color", + "value": "#e5f3ff" + }, + { + "name": "divider_color", + "value": "#f3f4f6" + }, + { + "name": "text_decoration_color", + "value": "#f3f4f6" + }, + { + "name": "icon_color", + "value": "#18233199" + }, + { + "name": "default_background_color", + "value": "#ffffff" + }, + { + "name": "button_color", + "value": "#0a59f7" + }, + { + "name": "secondary_font_color", + "value": "#808080" + }, + { + "name": "toggle_color", + "value": "#409eff" + } + ] +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json new file mode 100644 index 000000000..2088d38fe --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json @@ -0,0 +1,64 @@ +{ + "string": [ + { + "name": "entry_MainAbility", + "value": "entry_MainAbility" + }, + { + "name": "mainability_description", + "value": "ETS_Category Ability" + }, + { + "name": "settings", + "value": "设置" + }, + { + "name": "permission_access_record", + "value": "权限访问记录" + }, + { + "name": "authority_management", + "value": "权限管理" + }, + { + "name": "privacy", + "value": "隐私" + }, + { + "name": "authority_message", + "value": "近7天的应用访问权限" + }, + { + "name": "other_permissions", + "value": "其它权限" + }, + { + "name": "app_name", + "value": "应用名称" + }, + { + "name": "location_info", + "value": "位置信息" + }, + { + "name": "media_document", + "value": "媒体和文件" + }, + { + "name": "calendar", + "value": "日历" + }, + { + "name": "allowed", + "value": "已允许" + }, + { + "name": "banned", + "value": "已禁止" + }, + { + "name": "location_info_message", + "value": "已允许7个应用查找、连接附近的设备。" + } + ] +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png new file mode 100644 index 0000000000000000000000000000000000000000..091f4ce356fff5def14609457dc08b60f871acfd GIT binary patch literal 15573 zcmV;`JSxM9P)PyA07*naRCr$PT?bSYR~P<BA0 zi5jCOzl}u`yMP+Iu{U4=MNqLO+ylGOqtvd3ECB{5hE&@f~xd^dLC%)J=`vzHg=;RX-XMUZZr)y zK>FjN9%pW|Y0%LWMcoJaO~7L;i4Yy#E8@nba`cBDs00YdYr=iN@LDFcpbLOrG|)@i zK;Wou8bDnFO<$snBsa~?@@`*0a3Gr_j|x4!5+DrA-=g1$Y65{#C(s~2AA>@B!@Xjp zk7}0y>J~uVrYPgvVSzhd8?HT?*Sr!Sa(vvfpP#!CMSlSb9RcbifHu?oQs_tmjX;W` z0+DYV79@#+xDJaNK0|Qz+O{)5cq7Vq03JeSK|4);G^qqHw1c+B(AA1N) zhtLER6!nR|FOqKcqi)d@?Qad!-B$y5r0Z4}?Mtsv0P*^4gfonc#?urg0H~vVcN?_C z#}w$@D4=(To!I-#pe^B`e1!mrXa5nd6lFA?h7=ezIQXY>Xju=WfW~gx$Y^(X;GVGZ z?x1oF5U+tFo6!=AfP(yx6YEOi(E~JSeZ!-50O@yJ%MSd~kFcn%uj2?7jS3Xbx- zMXN8D5{*C!jdc;ng_re3CBF11R{&`_c%+j+OnpaF^fZ7fSGMuB;2P$$fui!)g$4dy zZVn&I%|+xjz;_Bw<2wM(8omfB*(>z`{S>s(I#ICy@8!W!1`iO={=VHoVIF|K%vd$d0>dP8YDox zy#2=0pvmKut06kQ0_vPVQCJcdDE!0FY&R%?NDul1g7q}$!G`AON`0js*e)>7ofmT8 zK&qkm!(ag7 zj4TRZ=T#u&gi3&dI=CuZ@)1By#YW~eRP_pbZYC~1Qr&SxOBVR#{iabAx&dk zc(8D%rhKa^U%dl}SO1Ye&=j>uRf7z5o_nJPSUGDvoSmI9Vd0Mmxm)on`A`%!H!RR! zuiiEF3Lu`|ej5P#YeT)rRn^iQ#0P*zp4F=Fp*N)J({OYzgSTNBSuFj4!qDupWd~omKW6b_> z1LBiXw5_5Z$fJTqLH^#lR79r$@$~k+0HC`r9iR)@Ru<-%KVbw~G%j16^h1CU{ccA@ z;hWXJAw4ro7wYO%CW#6T4-)FEu!hb6Qc=NSVr-1>CJaZL=1t^Yc=7;32421+!raxr zL7bPb(+gG?!YR;)!-4`xSthNMP5|QB-}e|O4A8o@dLVG#xMAqz<*rZ@MF1fa&R)HR zZ`W+n11of(0)^j1fkLhCaB3YOp5DGc1DLA=7wcT)klr7`&zsb{R!qtOLS}8)u@8HW zp3u21x==tD=OkJMh=;fDB(jC43+L)uX3HiGrDq*X!~~F>TrnmsT8+qwSd zO$iJ1->NO+v<48*0e(K9>HXR=OrPYC13&@}av;b=OaLMCZ;0+<%91rqtjg`@6h)5@ z3k=wy4Fk0T5HIgheQ8K4=5qmnNk0AYS+@?X){_lD2%|st9>(^+kFerd9tY7B?H3*x zAk?&N8V5+LfxcZO5?s=>A^OU{M>{Xf@?*aN!xkXK-mey|#;u4beKlR6Bn++ox2*_^)!Gbq2ei; z?iCg+4Cg~x-T>m^?R$_a>=avJ>8Cl9;MSm?TK208kpFIl;_H>9AWQ`&3I|1jLLWXn zzzaY;2KY{=XjITR?80T}+qFHu8mfNso4NoYx-4416~`}L<>UG=TpkoXNfa1B>Kv#= zY6FB6l%|c0u7Cn_B%WHT>hEMrb2I6-E;%_@m-qlk<+iVM6`oNAl8@Bw$g4I$JiUFl z0GOigg<;6^efo6A$o~9fh4KLq;>(J@?JK>WXzEWT}=t}V3yLMpD)pek&XE^#~w zW#7192JEZzQv{MPfV_SekHORCBUda|=lU@CxfD(Ngarp2RMil*08&x&%1b-Dcc(U( zI-I{yAie-n`7ZK)m1u~vjZC}61nx*z1tcm1q_QPJp}SYi7>AZ}s*|X)7-SBg0J(4@ z1ansXs;VmGW*!Bs2@4X=SH&Qe0OHwygexecD*$S$BDB2BA;2I2;gk3T2+_-D#)1l2 zo$zz+B4;7wOoW_`RCuDXOcX3!&ejjC z0pdPzSY2a@F^Q0@#+G?`9XHc=FnYFc#mT(r$ItP@);-eZIHk$j%ox=yOkrs%fWU}C zzJx}WxB$snVq}VC>+srFuZE3FzL7qDait%(?8L!;Id9@{6~j2*n4*zSv%c&Y`Kd4< zR-B&e8FleM2AjF8HTCrNC0&0slK0C-QGFV-efc-2S)Kj&#Pc_CSg>Kc3^=MVg!ox0INAc26Qk&!RZsU8$f zO$iHTSDld+K$`jZn40F8k#3|-b!wR&2yfn~K7O1vfs-cle%Xo#PfI#Q)vIO+S9=@Q zJYwR~@iL{P^+CIq&9H4Hx1FiP%&@*aG3>LRtkv89??voAezthLb9E~;va@DAzi8lt zxOBWI1(LbrM`Gl_PdV|Ky!a>F48O-|4qt;muN#NC&7NY|<(7DnWzH8{mHE&#Jvcl# zfboEc6+kLuu1eNn<;?MLcWuCGVMvvc(F=b zl5?2TySSy`>^u~Vjl2J0rMs$w$RpJBCNB_`YK1dz3O5uSEpxHIYhi-lm}~BMm~N>m zdp_sw7X=9!+x{^Eq%vZ+WKBrk$KIb8vtFb#*X~Gnt%|5^z3Ql9Zo+#0hXcurd+5vL z;(z|>+iB?2m0itWGKo}#AN4Kk4IGvAbg!C$ZSA9wRUp8V3=5>^3DCi=a7%mg&1Q&9 z;eH2ISsBF>3nUbpM+6FEl<{T+h^MzNd9$0U0R;_?Wk=8E_>RN&?%MzD!!=RiBMo^O z_i|GG?os5d+s~7VU)l$J+zrcTP2}Xq?jxrlHJ#N44kx}J4j$_K4zt{zmEm#jZFM|O zx5SMETSTW>sU?Gl$={2DgsW5rNJk$Zi>w^e7z$Kf9+WY77E`_)fIeN?v9@EgVdsFzhA}}(-ouk~!{2V>=AC_;@&VI}6rqA$2y|Q(>ZYSCz@TEP@zh&=Bwm#=P zj;8vFg8daH{V9FK@*Lp18#G377FrG`*xFcO_bT>VtGVJleEChu^M32P)j-ZZ)FpB@ z68@^NCA5)|5kfcuH-scr;lxXmgDINY5fWGP7^y9>B?Dsz*Ij!)8xJgYLI8{}Ddy~9>koOQm z^&D#B*jCaLl^YG6xeyPZzTh^A!)V_IZ(wO$fb9=U3f+u$d5uY~FR|)w0~~*)e)Sg) z>M#zaK+OsZ^54h_AYR@h57D4FCzvp5W1s`34jYKxo!fHKe)*Q&2)qAKI;W$c$EOV>HiV>7|oDhJOp}3D zc`Y`qv^nOIC`kAbYk+tT8dDzy`DA}s{bvGgnyEoqKh2&5Hy3VI6OWv`jNM016>HVm z#SZ4is>dOb;KdtHOLm18P8p+882tYZ1Y)!Q0S$UfK5HxE0t~754tpLuXk9jwKqF(S zS?H0novP$MVpUd3EbGp_KQDr%Ikymr_~aB!T(Yj1nWL=*+-j-*f=YI;$SxKk^8Rr_ zxCK?Lxo;g`ycvqwKkBADX*1hQ=_$Lu5lv%Uc(8EihkD5ch^MzNiAPYc3bVd>Kn;ED zs@dYN72m4FVe3DE`1i`K;<-(0Re^)81!rC)4vWNN715~AKf~;?+;dXM{FiUz;63RZ z&N`Im35r@LC;|w{=;5Appr!{q+o#}aJU<24)Ko=gdaGuQv1E#ByWMFSnV7k16H-c@ zUULNriR2{_y+!0yyCx29UJWx-)t`Vnd@;Vl7nPG)WC|itpwNr)4)VS;Z781?7+YSO z+eTwqL_;Lxn!wg1AC8teh)UIc+|HnnyI{;9ZjrO4ZN3#5jaA!aTY8fnEteWrFcBCj zbWd)+1dkIl@H#bHX3Vx9=A)fQbGB}kJI?o;rMUO-v06OJ+hl84UU0Z3MX5poNRq(N>wVjcBj4aN`o4Bp*4sin)g8==?~a9H+BivsFYv5?6q zERfL1lx7s>;!T=t_92E@=`-sms*=G3SlKRy=II5v=_?$6A(XDk$wb|VWkHYVJk03ou_Kv`YG07xcHgf_x zwNhUXB5&pIJ8E)+82BpYqyh!g-R;z z0l{la(~ywu#YF&Q-a)(u_zk0JdY`UbHmB(`tiP}I%`--Gcl|gYRjcs#?JZ9r+2zX1 z%ZH0g15~$F{j7x1nD+zpp@;)pU9~!nMh{W2@M4inS%CES-9%H+S!O@UIwOfR`bI}K z{s4+%%q`7 zv1c`@c%&WD7C>U3y~G!lHGAbPs?3YJ%-5o)x9?j3{6Fw&=i1VUl)ANRV$=89D<-Ke zfFz}+;bXsP8u6KdGd&>+5*CMT7XzfV_aw^#WEJLeR#LGCNCgv8$wXVEEr1YvyaxDb z%Pd2Z^H>xlEZ(v#28h?dk z$804Mszt<_74vVkmfg(yn}fAlHi~+@$hl95WQLsZ7Gu=3KB|d6G&4|b>DJojH=cmYU`ko zv}R~OWSm;MmgmW$AfXf+(*Lyd_G@4Sx-$P#&Wfv3utAjzNLv6&Oi9HjqjVORs)}p0 zI!Ay4`;ef02~vQx8ZfG*gq9R`IH@EV4;TvsIQXmPdukL3)fPaWy?TQ|Q|48!wgL}G zD7cZ{AyR;N4j9=PGBM+$%>qiE`X6~%Zic8)a5LiaC+z`iZ3uEAVb%Z!zzry^3|RaA4&pltG=4P%y|t<1H1kaKGR?u`?w`S>m$ybm zrytydtgGjxGV1zGLY>c5D=W%Y$+Y8#ki74I_#?*(r^MW94zrbE(Bmj-p(xOQ_4_-B z-y({pe=ul+cvgOoO){!b5-Hcv7H!dLnC8w5a-+hL@@GjgY10~ZXuj@GnAmDAupxQh z4x}AFD7EkJTuc0&tDQ{}U!z!UKhy3jyNoH=6>zUSrY>jPX|M6x22fG1{zCRG*-gaylV+jjr-S$wRm?B$mu1KfD=Dh|bG8kx=BZxmS7VCm zjIm^_C}{64DL}mX`;MY1aO(!CGsQJ4c)n#iIv5u=s41eq#QB);^Pd_KT#%H2#5Lc8 z7U#k5tyC~F;jW>V02Uj@>hHV8{@J&SO;<~5Rj{WFGb#!)-pqi zHtG}>yytr19i;yVS5QWzCU1qMspgsJZ7M&Y`SUB6uzts3G-$~4S%^e}xP?gp#n@n5878t7~!_X%e6woarPXt6t0n)sWPjwSh zvy$d_hHf24{TmAM@rzZe+*x@N3Hn{Sh~;axpktShIdWD$Jpav0B(7bgbWp2ZM`2ur z-)fT^*R4Rk3n$@KO@49k(_(XM$>INQ$*c1;%}kKrKy>u)r=_c!6o7`}ZZ4WuNQeBD z-96%Sb20MzRZN++5T6en&8wCYXnyG zyNIc=k=?B$dlE~f-1@}D4A4eM&moQO~u$3%82Kep<4b@t?8kX_J+O{;# z!wSnZrP?2S@f_P@A4$jjyxAWfUhR0ZRu=%-w0 zKphSX@*g4#kp6xPK+&rzk~7AeXTn>-)^3p>{(2mX{m-9C|98UFxfnWfB5y9rJR6LR z_wi7Qm^%4Rgu~zwyvZbY4{{f2ZflDTUagh#C6Q?4G3%{Fz?*zSU_{ecA08}}Hj*z@ zS#jj&6h+ClVKoG6)XRiD?t8z-c~}-8Cg*@ z0&J2PwOkw-j+=>vM?`k^wXpZ-CB`|*29RnZZ{id2Iz9>6_ao5!=D$k$U24`1V#fxs zwXue+jTNd`li!7Z+e-hoLKPcpklcADdiEq1WCx3owXrb{cVSMs@<@jBU(0TgqCiuaIIe#F7+H?VJ7>6 zee|FZ-+euySl;RGJsIr~<(ptxmgajVGAg3Q0hAHlJnUG2bZ17U!<2{j$omwi3bEBo z!b->iArpOZ^)k}(ikqHd`kW;gFl40MX{qU%2#i!KJPv2!MoJf5zc|b{5M!-mN=KjFfNVrqD(hldd1_xS7_9 zug?Xrvle^GQjsRXnf9>AbsYe?DV{}-n}mtX89FSr>>u1*-yV0|9@IW7H&pF z;YLIhB4QpRFJJMNu{?ilHhu*Y$iH!C!3eYS9e8u2Q&tonM3?kP+S8#UYMV1BN=?Y9 zh6G84IS+X!3KACg{Fd!eIAG)|(9{CnRz!~(k;g0Yn5B%e^7Aq1itIawZPn^HaQr$# z?mfUY(Op~)i3EACP?c5+-ol=eug5Fe1S<;oX&Gr^Y>d=fvK_w3E*9C%Vj}X0MIN;( z0#U$?upnV^Y>x~;DpKOq7V8u^l*$^ExA?EKvoYqTY!(0|FhzqNet4Ut{QQLN#WYtC z4_8VyS*mF6UD_O*3hdajQaY}Un=>x$T_-bUQFC{6v#-g>e|@$!F6m$=%R(SQc7b;9 zTr}v7;Xwhjiku>Q2N^WN69q0;;j4fZ*bH;d=;)bpYud{=>77%JViR$yZahTieDLS9x zFLHqmkSNO3F)VOL@y>}HfcOOgbbmI?40R028r)$++My_?lW$&QLrip;LB__$sMB>6 z5>wNeSTKIx+bA7FjO6E{kh=%Di>OOAt5?OdbAN%RW$&1MYS+OxZcQ24YcjG|K+%}q zry&A_(yQOGI~;7NuB((?r9U{`31HUUBb+rol`la&I*Yru$ZG;Q=B zqt^_0KnvqM{J;>TNX*;(@Bso}y_9Qd$4>?!JV|zE$I{#kE_EGHt46i=Kh+C=+f_rg zD)NK=#1Ep7{D=JSBllnagk^(9oIIVHUIdmjB)tdCse}K+jdNu~_1&se!Nyi?82R5T zFv0hk{5B+~*{;;P|!CV!FC^7No-j0+DImK+qxdk5+0 z<71JXW1bAqM>ySO8?{-3VMyNRYdxHSB7laj$V`+Rz!K$xeNT+916|xKjSx zSJJXS^2lq)VVG1^?lf(NrMa|{$%jPFK*(7L6GayoV}2%g+nD%%`1#V7vFKe# z@m)DZY>e}7YvBC5>Ih5XKgzgtfAk{V$~w##Nt8je#Zjws~A zCLZfafiY%l7$BYPQ?RyG*}^(AZ@VERNwbf4#5pvLzr%xtWeOrI0LZ9;fJAw+wAxFj zI|iLi#Q4^N`3~}7n8}A4yEJNot-IAv!%bYhpiGs+DlJ;UZTT;1IVnEwEqZrpj;t)j zF=uQ5@bDhd0vnokJ?8bclOt9pwVV zYrr@MnijuOYjyN^ayOG)%(0Mv_E1`FCV-H!oBlk2Ce4_4f|R) zmznC_osR7H$NV|U6TJ3!>Vm4K%FB(umI$PYQ<@_3?h%`A3E`7E#Ue(#yv8KgmsoYT z0gk`Ycr6hz1jbE7M|VB_&_=lcA%i^o`yK{WJ_8qfn&e_813*&p#29*&xhvhcujXLb zsISzzc2b4gkrQ%FhKIwDk#HJW5}K}xfH~7fffR{TMt`(vhlbYHO2@=Wj4&xfz0Cqe z0-D-p;(n_9v!2B*9!ozv_?(}3G(|d4pbv)y1xQnDSp&qwdxReaBlRDGRasdL&*^27 zi)jo1d6t=piMMYuYU0(VBi8)3i*cN?0U1I2k$L`v%n;`ZGg0d^)dQ!=AzAq%sCD&dVDhJ?Ihf3l3lg4^ zjBiEk!qT?w2||O0jaAk(>%vK-2g(+(ZuIRkRPV^V!=y;)kpupiKbtv!es&W#^sS@( z0@P(rNHg0^=_$MBh)SaJbKJsC9*F032O)#+K8StP+?6?4Co<*{F5d}9$lYj!-YXlL zp*iDJVpZ8rwI@>8BMKBMESahB4nhR~d+ElK zK3&^$Y7#EG{{XuWAIHU;p=#@{DFy>gvoY3Oc{J{U7titM`*J@_dep4tAT26qWv$xb zmH5FuB>(ZVj2MqC0Whnr+M`9(T@gP2l(`@S5!m0s5i=VrFUp-wQy5-u0YVKG1^ORQ zw8lySLMFXSNX)KTqdMm^{-bCA!|p@J@${8!lNP3nO&gyNG0TRZnR0+^dGr8BU&;?N zk*DL2OV*)nAJzI8eptks5(v;*7z}b)s0wXZvjkf=u?wf`XlIAz?#g%J@<72St^D0V zXwWY#&BaZwA2^_}v?e1!{<|4^wp%+dmCBl@q@`o)z9abO_!(8!Sz~iZsZmmLR2i+f z7l|wJavw{}O#8^CIWk)J#p_4{7C@7F%(S*^s zd?^U=3fd}^=GEAy3O2V^9*;%pV+~GI{vyv-KRp|_MHD2Qrc5VBfczbJy7!mfz0_*2 z6ny>)7XP|UZ+zopmJQP0SsBd;y@QxEWmPF=o%`9J@T2KlMLixAvPRvvL|Z)S#oj>;>}l5UMd${|1~(4U0`1t^W@ zVFU2O@sJ>0}UW??^H1zaSdPif@mzU4k zZ1XBRMepcPAF*}Xfb8ykNGoTKhr4S7&Uz+qTL*FUUFp19{fEGLT-g9dCZ?C~h%j?S z+3=K>$x*oRMDdOsQ@9DK@IJbnmHweXjS36$_h<4cD}WFtuj3Lj>e$y%dqaBviL+R} zRksaw*_@;+0!SB^76`4XxO7;CaTpJVEh zwF;A_T+^T8)$>Rs$aybe0!X~X2orU1P{?%gs_}Vo^>!v6tO0T>JnB%}mQ4pUF=X@k zn(ce=cd+hW+`E{FF;_{jVo}?*(zaALHASO_ZE@FvdF!>htqmI1bwmSuD-l=)O(>wtUD6A%&e2pL(5`}9Qa-@iH&lrS{-!#4tQb2{RWyHeiU>8bKR_dbsR9PuCr9nwK4Y*$q*t!#!&)e zShO4jP^^~`v^Wcm;=&ObR{~s8#F`YdRzyz=1o%2rbHR#yuP+0?XAl^BijMAL75>5A zvj9Tx#hmkM)|k1VD+`OShecxQQg(awEZA`x;$@tNrAjgiOPBj;TgMp>>a+v%B`#kD z@$(SmC&2b(?$eiNe!nP{rH7Tqx zGA-A^aQnZ^q z-V%y^@d}ThzrwwTk8$a?2+3*b=@N;=GxGRe=5MU`PUi#=GUx2I+b2Hm*rqR=i-T!Q zMD!z!p2sPYg^4Ar&zlJHu|`Q%lYd^kK&WXg#8|L<4`33S6ZJ17Im#2X>RDRiM|Tg9 zF#8!{WsB8)D8t>OHJ%tZEK|ydNtX{lH%)zoPLd>i?X39SDm32&EA$W`-P(F#$frF( zezT#gA>ntswDDBlR_g;soB^^?c*to$_fC(U9c%Matd$%fl7mETl8Yc8>lFaxVSzE$ zrJLZL5q~`~^4{D-^M=l7rQ{ING(QiWBSVpHX@xsYn1d7@9P8pzY%1kuC1(`9Q^su(Scu&8O|vMlrunxuzkU&j}7bB zYXBb?^@STDn6v6vK3K8l;bc^R&DLe#(MZEe(zsF+v}?^0cr;aBMl)>eU|2P3g2vyk zW~IW`eTT7apW=LTR!m9_BAJ%6EHd!neio_AOX~CL1Nrp*7z?LxZ;O5I+O12UbZ*Z% ze?TRGwEKKijlWhedETN)LtegS$>AY6MAR15GAh8f4*;?w#|nWOsy|!D-VP`Jw}H{T z$XR1y-J}^BO#PN|EE#Y+@;)Yg&u?4FdPW79ZIL0<`S)C&88+zwK!)_`fko5CvGPsn zL2u#`#mCS5*Knfm5O#a+r6#Kc5HjEY$cat9gZgqm?v-O6IXEN-h}xpkrANtW__}Nx zjh6Qx)~^@7`--`NaP-nSuy%8Y({OedfrO^fVaPbnJxSR3ncPWwm=uQEoD`d5TMqXv zZZ>k*j`3{T7(3T2W;cJaqJ8em9KWuu=+;T73txUdt&<*5HPSx8o@p zxkY(1$HW%cslz^n_SLIm`;QAz-;w*K$-`$ak{Z{qr}9>xS^(L9;`}6^zCF|q)4d=2 z6eDJ<_U*v>N-8zboT4$>EK4ijidAi_aUtLjR%$-q`MWfdw^|40=9)ze|Jr{HzY7nt z;;+geQiZa)AP)gruI^r1*RO_uj>*GS3*tC)_2!b^T{`@ritS{MS^yyoF5eN|?9$pp zts3>uU%$n`$?TrHRW-EqJn|AsLb$a-13vDC<+D`F6JeuYSX2zg&0oo8sLEriQWB87 zbX^d+djzci0pvGV3Xgga?b-bO;S$%$@5ieRkV7XfIC-^b{Gfr819P)G1xk{t(Psj3l!WH1!&}#LhxhM|d6T%mK4fO+NNz?(^!m7c zd)X$F91T(%AVi-3(Ua?a2Yx!6qwM10Ik{qV^ck<}biJKtYGQ(``~PIs!(1IBrY~QI zt09H`G|C%oUOE?@TYGRe>-@Dlfgg8nJCO6l4<_&e5W@4{%Qs^BbZM_r?VEyv0<`&@ z``)&?#%p?hug>kT_Pdf)T20B@c_7ROxY--Qtb0r35}eccqzxo z8$c#6UfX%j_~92_ot-$xY3WNM72k{h!|bonzeg9o*_Po)LfuDytNoB2WrjJ_v_qFR zo~T==CaPFl!`8+c=4Pfy%g8MLx&P>ibO$ayQ+{A(HQOpU?_bh#o2?_Sg+xs4+{T05 z&Ikij-T)$f)H-(JSKk4Bi#vp}HR#!^w-_`}B9Sq%81?NkPL9y`!Q{D_JU?rTbeUg6Z1nEg1%87* zgKPb|Dw|A-4w6K=Ggk|9>Iu;P{Ba>`ehJAb>2}qsx>FRTI0>IMx59zE10*KqwVk;& z^`xFdZPvj%f#)t`>2I=?1v%QGcf(1%5Q!Vo7Wp4NiS;}7YD-+PoT^o9uw?pp^ytu< zH`(W|-Nwq_cSw6Wp4z#QHQ$H_v12@%G~zX%n|FW^YyP_x`c1dCUb0>5m6%DuK|oTT z=+w^NP_u^iimgRGdV-O2RI7xds^1$os0R`yP@^jU?b&WeL`iEG9Nw~qm3sf(4E68c zp*3?n4=ZjZgERsV!v02Bly$n^aHjRA!4zZM#Cx1(1JlFP1;Na5>IdbR_@ z)_ID?%^o`(qdsT#-Jq^0nfc$W{tf4^-{F;~JZ9vv>h#WyFfrl0VadC05z!AbHu)cD z^w+BI3oBmmOd179Ywt;xTUO3`-mYacg~4L${uh9NWB)2Ni)fq`;3v@kw4a|6j;Z|m|?))pi}tyPocVOl+G6j1lX|fYjkbv zsZlv>n8zh1OAekqH)@)nPXL?os*KSnK!`$<7p?9&bM&y2O&irO)8{KGB@I3^7l8aO zA}dP^bntXX&kk+yS@%wiHjzl+YatQ19(Gp>7+q7-hV`*`gUYdSYN;Rdns=>v(k{Pr1sHH=e|_k=Qm(P=mS- z@c(%k$d{O|>G0_b0Ym!q^wqQ;S^)?#;^)8of0{jZ#CHOt!l+PEaYDPupA9igY}3 z=D#z8dw1`xiVa-nXbm7lvETO|+&gvn5NR*!A2$C_dU8r)l}OAI-&9oPoNvC$_&Gb) z!O=f-Q|qfpFHMzpCGQ?*c5MU+|Ij6!x_l$#({36Lk1l1PRsllf1_YiuU*D-tk7-NS zY787j_K~=sk48+^+Io_mE3$*7ONxE|5?@SLuYI&U{X4g6iOtJ&8xC~u!Q(gXO&T)S ze&ulivz zS%^za;yO*~_&MW7NaL(@MQItCxwbaespcs#nrVnA@n^@odJZ% zzkFNtyh|Go)uY=uI7X8%uSAV6`u4>4Q^s=8NOMCEow^{6W#W@A2K=GY?xMOnWMpM$ z+gMp@CnQ>qvN{C_(dTCP-SBoTn=9`ksjim+X?@nw^HzW)XK8{qEt!ihZMbK?X+js$ zIQ8=>^LS%Tw%rLpv`vXAsY!O#s;XR(gb#gn4iI95=>Eg=9&U|#@L`ZL9wh6IWZ&^k z)>f9dyie`oF1)J6XM7uZv?7mK+N9U<2`?RM+H2+MLYZB90T7~K}zaVNF?t1%!aK>sE$*(3rm!`D>o`(mjTBqsi%4X^)%}0L%#@d6 z_k5{^mv7_XJxT4ptHt{KvHUx9@M5kyuZ{tyF5kHLX}69Vf7Irpquv38D1YI`omov9 z)L&btW{oldj$DkBHj_pIpH zr)k&1?#>wRdcp8;u4e5XY5S5?3`-X1Su6tavfZq zoj~G`6y1f+U%P{|*KT3|##JB*MEXd<7p`FO27Y$e$U*47Uss|!kFi)+Ln0o8N5*_K zZS2sJZyY^yq}~IB`0K>Q%Uim&Yx9+rg}K@VVsph}bofHHienQOXDKiSe%zH)C^t!O zRV6fETi3vw_(Xg*{%hXE%^dwD#t!MPHowg5Y+Sq%daQrXF6_(Lt1VSE1_l8TV%pI& zS4K2(aoXhO;;dFBgzVg0bn=-{?5&AI2V$!47pi&B0A>xI`W>FUe9eod&W^RQZ^KGh zn4780?^a|~#?8=(?`Mt~&c0lU%F@)IXfOaNG?k`~U$}bhv+kWcsA@VX4nYpl2&r24 zRaM!#nD^tBojCZf^7_rBmK7;9@k!@)(yd(bLyEwqr5C0)lN9H(S8qw{RgE3ujbZ(J zaW*9{KOYB9oV&Mf+n#=5C-y$$%s@vI3=ANJURu9n@46lxTF>xo+L-e$7YRA>{bngH z|Ggd7dXO2X>2?42(se9Yw?(cP0*c|@eeg-Awyf2-78-$0t+*Xii0(hkI(PNf#<>%H z`H#bAt+{Fg4H6*4)E50lxUBwW%HDoGxSi1bbNr0-rMgd7m2X0-d0I!a;**lmdra9) z33aw@-^M2*D?3NplUx~*H0bl!Z(pDP+txu5NBrY-p5v_fr*@-w(SAAa}xS- z&J)pm4n6&Rx5m{ojqye}d0lT4qQG zeH_g!GrU3pq{#a8^xS5TUOd}U-?4V5s#R?CE0IIp73Fb$LUIb}p8M?F^*cMRT)+88 z*vSL&JhC?kRuvK;rB~)^NW>buYPLR&8`P`3tGstibnMgIh?v-G|6abnYUfXj&l<#) ztRW>UJV1*4nvs#w;_jm-^J>}E=w08j4y!{)4XugR*^&yBA$Oxmu1iGh^Vj<>-aP-? z^#cd8wXTRB3akW(oJEOTev(6UVvY8NRsuv#pVKrwEFn2%n6bdv%hJNE zrm2aE)(b3?YLVGFxe`*QGbJtk-JAG?uxsJ>4jnmu>P+PwLcIm91c-Y6lRKNHX_7F} zE+!%2pNr?OdFAC~yVEq~Y9yfQT9}#Hnwpx~n3@QzjEx1B#sXt=6JvpSwJJ8|9lTmd zYtWM9BC$A+&K2iLa>U~N9I-erCnq;2D?2AEJu53cJv}2iAt^QfZDP{R;}@=-ipzL; j|Ix{lxf(E~!n6E8##0LQ_IchZ00000NkvXXu0mjf7-C@% literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png new file mode 100644 index 0000000000000000000000000000000000000000..63f768db04b296dc1410b83c9bae3b17190f66b3 GIT binary patch literal 8210 zcma)>9YUze$>5{G`Md@xtQn-x;8$D$? zw5C~_BQ!Mn8C3Au$Mp0XL{@;K#p~A0h90=(w9YUNFp*pla*iJ+<(y+qQC6_mOe@a13gOC1duSO1cict>5L>!qDmAouyl)|&z00D&p5zGWUGs1Dt{slG^>X>1&AZAr6vpiRPbQs9KGf__! z9tl-J2)FYuQDDHKRSMrRxCg*K-Pt$Ss4Cu5<0G?9#2$7d{q*0l=TI&0=zmIZG{=(K#h z62O3O7!_|~k@P0Qrs(6~`Csh(^BU^7^GY0Hw8TcliXo1z9dB#$Z(K8ZfaO?K%rinC z9KRjtc)yUHO~|?{MCZN?<|G@f3;$pS%Lpp>8tJYP?eoS4c45U>ctUQBF#V$D^i4^L z!T_+{sBVIjqP6P{0jMC;_>HJR`Xg6Fs^0x1vG#!)*9`>FO6*a%BI5t_;ytXg5Pg5m zV2u6?W00tdez^WYe(wmLB^C@N`?cC%qsFW9%)>RPNYBDmpLC?|LmYh8WVi0^x_ciM zOq@yDmZ?qOVp1M-hmLzk45K62kA~)AFq=Jf9(^KWqBqmk#8jpAm?TG2$sOR4GS z6Y0ElKF2r%7SRxQ}4z;gia&Y`yi7I6uy-kBsT+pGoQoUe5dipnRfT zY_sS@sMG?+D6HPC84_mVL{%1JD3Sc`vCo3PerrlP_p^nM1J`%TX}=O|p$cpQj9p1b zYH(AwsSzh;vMeJ5*Z+)^%_oPMW;c)3tLTCE+uZQgh8XPdlS!r7kj9CKa9)*ZT`m4Y z9BQD1EO6Ge$h2RQYy<&^LfkUH>G2oqwd|41h72TB-Gm~u7bCC{KD-GQgR12OqoB8< z(r=dXBplN045%j{l_)A>eH+QhOeL6FfiE+r-gsArU^pSDgK35pxz)aEewU|fPotip zy4;!KN4&>fvBUgYf{`c+8C-TRSNbCnW4paaD7?2wBc(f$YT9T5T!|vQYsb8e+AUD< z+6X$~t13lD_<$3np04?wa4U@V#Jf6kOrTAzy{7>nYxftf%v$fUXx^j%8~N~ zJA2v~?w!?9#sv50{PKtX9($l(H|2X6KUdo4ogek8$LuQSi=(ufz<(2mO*T)`{#7w- zDqmSsVqzXRy!&}SDLQQeTk3Mu5MOk=KdrqRG$KdR^IcoCTBh^jYGyQ%Un!3+HkPoa z%QPc{IVv>*7}q~TDnw3}KrIEJT#6GtEqG@FJdX+1i& z6<7WJ12k(t_OuU|`M~4_XL28&qHdE(f&Z9XBcc=Huoi$1Y_~&aVPCF~nauqG1WkSo zWW!cvxB4B-#pT5c(RkEXO#z6m>GhG4x8rpxzoj9qrlz2{mq}{5a<$z9ip_VlZ7v}yQ=dEt>Fp3 zbk-!b5&L#a+#DxLQiy%7(wbdnp3j5XP}J}ul{;o^bW@dUlo;zrA;uPJID*#>d7iS#dI%tuenQ)?n@K2Oz}1$TBV-lX zo&wzi6V%ZPz>#%EWS&p}Cz7f7gDcyqcKhSW3>4`sf&5-S5j`5llq31LAMZ9u<=b=q(*RxVqDb{JwZ$-) zNquLz`I~=|Rg#C5B&jvtxUf!Ex}lf`1*-GC8mT8oeftnt!63mbpa{*U9MdF?^g^B$eR6!*t}=n^0CgRct*K zDhuYbc((2*EyGv2s%|O|>qw_|&WCxq+cHB}x#Y#0)2qN?O!6_bT`EF}!@$3v+a)8@ zz8Cvp1h~tT>BS*qrGtU@U3f&H0pX&6U|$B4lAubNA<0vMm1vpU+PRQZf|l)*c~C7Z z%ti*IU52jSr$K+VfDloC#9j7L@{9`Jh*C<`oWNRFj@DPQ@t*dfDDcHd($m(9 z@O986=N;~|_r)jb$kxWp5~cpEDp8iygN*{hVR4vPNW#~FS9MO8j380YKc<5r3B ztaSM<>!&pta?7l(xrW?4MA7fow(DQlmKp>*uRMv>uMf0jf3~PL1(XuZZ3rtRKQ(xd z7b<~zG@5y5`>CrWZrAIt&Z;$}JcbC&)Vw&iA=_%{kOZuh5%QC9DE7l zI7p~J%WD_zgOBX5dYJw-^1R8jAi)d37HwDp{oWw09fLW(GINEPg-R1WXt=`RHX1kG zRTe>&;o{fGHxYj8dJKa}%ZL}qecH9^7j&Q|IBWc1+Va83oK?dtJ{ z>-p3qvK`ByJJ>w2@icpJE@porA|g%4_s-7i&RSUHEmFe?JW7E!Pwo_I{(X)m0C&O4H;Umv;Rnyr0Zu)1oWk-vIe@(=lRWuH2636d3RwHSnG>=Or&uw`6T^yBX z6$D?POE?oIG<3!X-6zU<_vKt-wH}XVLmdmfd9yDAP-<7~5g!lDEQ%*Af^IbFg^j;0 zj88EPaA`e)wPyZEC{>q|2Q+QcBDHVLVDjnO=TDsAtcZ{u8Gc)BY7ML+HSpHxw_Yj2pn3`EbUT1hnPS%Gf6ANy|q!_2hilXmwaG<$|e+?Ky$CcNT{1vwebR-Tw;CSUjvpU)1p( z^+8UA0}1}%=&4qh9aHMkd2thU)#w?LY*kS##U70kpX{UF$E*3%p7?}rwlWNacG_TK zSJROG>^ThFj*K{u*qslQ*Gn7u3-^-yepZ*v0McM*cC-R=ycuTXRMqC5D!R|aHH;yh z%7rcm(G1=gQGuFx`v8ewT(4J00`{FfUOmny%v&09!5C8k8Y`%?8e92wocKCFxqFGu z!-R-9!(a7l8za|=?NM&ZaM@|g1Nv@fR7t>2cCHxA9dfP22jhH@N%Gk$9NwL-=Gf#g zrUQt^zR0C>?<6Vx`1huz`2%qbX;S;p-Qw2v&T?3M^RdQMar}!mxn|V+2rU?HXG;bZDis zOxd05p>dUes<;2bq>;ng52%Bok+fBj#nfr=!Op2Jv9+ctnu8S*6f$%gG()5g?Bzd} zm(ob8t!DK!4Gs`-8~7Jz{0g;yZ= z@!U_rPTSTZRc-_jF=`*qUSIlr`c_l+>ERJ~udicNBP046t*Mz7@cT6XI$&Bw`Nmj; zZ+I`YxCX$unS+1BJ39Sid5qAb9#r&C54_c3M(zp7ZzomGioC%;#99sBqV`rCn6P67 zuGiQwsa#Zc=(jDTq`H+YHtiVs7l;gs;1iL?{Hy7f>Ld{JBsk--Z07CdPg6~cNq&^S zGSd*mC;6_FktiarSq_w;6n&SstjNfdeH@IF-}i`*@;Z4DovB56bnwtmdsug#I7~a~ z@IdGO#AF~?p1gbpF7I#nI~KI%CesO4@Mm^rV)MxiSp538`14+9^;=^w9WBk87t#p+ zcHy3AW<40aLra3enUMDr;hE#5*TcDSdVkRgLEqVRJndnO|4CK?fPo~?Fx#dC3S~)I;r|OqxL+n=B>oAK;y9Oxt?Dv zj4)Y&32O{ZA1n!f2E!D4We^h}-?#-kmV=Fg5h$fT7JwRIsVMgS9w{auXkXMM8sWd) z7v$>oBb$eHvX-|Sxl?Qkis36)0up;38GQokE&XFTZ+Zd;!ue|;?uzQ#_nMCsEz$A4 zQ}xO?=fPO8KXPs&u+;_PkErP$eL-y&A~MwSX+HA?Y^Ee65v&ku4bex@nT!d-Q7-oo zva_yKDOld%$uBZHRL#ZNq)s-^*00yS3)kMGbWk8M4t&)k|G#7Ks0KV`winQG8)2y5 zuw^BN@%%;rV8UgjGLR1Ns3&!-5o8p_VH5~?Y0^T7#gQ3}e*ttKZCp=FSvyV?hwH%e zKP6pG)Q? zk1}F#{xLPkpBBcYS2=;8_c_5m)Y6M}o9EJHM(c9^c?!%x=9C+vG0rVO0&6-StUj}4 zVv|zm1-6&LoY;+)Sx&Gi9!H9nklf0hyrq$tsS-mcZua^moJ*AeGJb=g_8{jN|TTJQR6S<@KUiKmoLjfG5 z0p6DYBrV_kWK|iq>T;w__aD?z<$}$;gh@5;ykgh5Yi%pV45gkW1Tm)s>^{Wa+&q$M4h;Vxfc7e-0(yx8{z-x!g0 z3vI+M>l`8$>ObHXxOQw4J|Vfmb93DUOTP3;`Ovd=Qd0B#`{msQj;uVWP;R!#0M4)^ zrZIeV>ZaBTjy!xxBRZL~5}4r`AhY2eT*}q=tj|4t&`(m&$=>lAXQAMm%7$vB3Koht zuc(6pkkPb92?s2FJ?<#ah+z@u#WW}{&3kvCD8>x4N30w}O-ctg zo%knKXJ7$y4mBJrzhWOU7#w32WEP!ja6eZn?u-4ib1^SjV$^h|JAW?S#`(~CoAim! zzupkX#9D+`^9M95HjBwbvV`7uqkn+FJWrnR#vQCyaDJUdUHBMpsM*5(X^+>j|x4uN9m>Y9{Q^KX|T!+26q6u1qlIXY_jUoEE^A@F>r|dn@to z@`L$4Pwehuu9|meg}r>EJqq-EIYrbO3~{V8_xPxnjNjCGGpy#JkyQ_N9HzCjoDJQX?*QRA9`Kxzt>z3P7Sc&au%igy~SDl z{M29x(>FSyE@WitVHPWX_}aA5Jhaxfk3+X2#d}HBOcxg{@No5H8&&QMo$f-#j61a9 zTiGr40`~Mq_gG)Ou>RYegniX&&{Fk~_LX)7?yQhzKladfP$l*NK=InXii)KDb&ks{ zi940jV3T*;mt>s{eM9)eUR^r};HX>rhBh+%N|<*8S*hwe@7Ky+a4z=!!Mpq6vIV&5 zc&e7+qU)J2-?z0i;v$~+yAR&_&vs=S{m3<)17J&vG#pWmn(vzsR)_%2ShZhJU%Rdr z1o_*1@AU9Hp6zC82|^8tkAaQVrU< zoa7-hE4-jeQpO1!p9f~Is^4(Qlq;Fmnprdy2wh^*6qDWCph_S^PSh~qKNG{4e5d~) zn*FYT))C>8DTeh-p7`{`UtgLUF1OG>Ju)c2hAj1`w_kteeEcu!@bbE;L9@X+-9~kM zO8v!EYl)!KzR2@?mFM(XdY4C}=uPD{>^(jG$3IuD>K3!Z`3u!y4sEw-;3H>68T7%) zAr-sm>yiPAuo2J%Oh6x(_`-DsxpCJCRbO`#db8ZsXOBsRX+94^=~^2E2Dp!=4YKN- zc!eAv<9Tuzrz&NiaQ=8Z9o_SfF2%O4B7=+E1yOS|-Nb4u;82d|X(fuEJ`RPO>+0hQ zCd-*wV}37@?rre#tiC2i9&(PJG8sk1it-o0+c8szcsOnIw(B;d8eJ+ryHxPF=$p-N zJxYag@)VaYIkh)z2Yz2dIPA*dsVd`5$=2U%yt;NMbyUYB^uG`Hg|XpU6g#L0QT*3e zWAzQ=$z`GVO-Zx|I!Rv$bAWHoYn7rpfGt(__+8F7?Tsw&H~rfn@hQE8yKB3sh>-Zy zt4BrAI@+Ib z)+PJLoEw{MH5-19q~bH6=0MT-o*}+p|W-Sv#_} z%>2HB|IjU;S(jHoa(xNl*F!0WDO-3py6NVc)2aEaw-NtM%$5BF92O<4f*L`f-48xi zE0h^oN*j|oIMC!r6->g%S)#^-@lYDQA zSN31}UR<7^(33pK>sTbX* zSIbf{;DON_q$3Y$xg^hF#e4fA$?%h!&9tZYTcBR_d)QT4l}ggI1}qZPE6=>q(hf@d zs&RyCU;!-eZ&@FW$l>T?HI31eKH?j?(GnGVt`;w8@6~xxjDSogeM!nkz{gay2ge-> zYk_0PYD#VWL@M-{y^WF-X=7`^qlhiVIQVE1Pn(*;1^Yt&n~EFrVBp?HxrMe0GDZ`D z>m)T@4H|!z799)u5o$IKX3@ojA4g6hObLbrl66$M;2qM2W5|uSeB?=!h*+aIUeW__ z(L>#o;JlLLjl>$OLVo%nS%g4}^?$uM;&{vVi8U4$5X;?gS5(Dmwd$V-Sa*(I>^9 zxl}dc4x@3cr{p7{y;8nX<(z(tv1k{s+qyZ^5nq1;jzZYFqR`T>ge@l9NHIQcdTRjT zE!9PxlzYr@F^^@GTz(#yf3LuOM(t}DDOXWcmAN-I`xaKJwM}rz4qG30R@2naQ4w3E z49^Pn4jW2T*tY%Fqkt-DcF@0+Kn#HzfeVwe){cderLI4(ghZ<*fxbWZ>v zKVafH{fW2r!8mR*J&0kREL*6gO2ZXv>>4}G$lUQ@v{f=>SXqV93i+$J!1-;|#B8aU zv)RAdH|8hW{G1AZ&SArx5fTaBSOT#a`iL1-z^|$vW|dZl{{gcGdkIC) zMdC_lOs)FyAl&%LUF63zj|n%mZ@G&*4Vd!h`e8Heox01WM_DoO?c7C#CCGhhQR2fMnyWMaU?0^(vIJGL0s7!w?&9Qk@D zIU~6U2MJ4rNDPpLcYSd;RfTKIv2mszB3(s6NRG?yL(?P8MV?d*K2OF_QxlVmEPy9} z3Tz-AqZSJ+EzXnsYbFo<&UIJhZ}TpGb$!)6znycatZZw|Go%3qXCc}o@|rtl@|x&jQV%MU06()D>YvSebAy#=U531Qdz(k+kZ#wW3zJ? zvyDlC&IN5>jp42m>wPS%1rP|2n$qPt^BSuIFUUuEhCf6c)6uw=D<=@#84Umc;oX3t ztSbZNmW*q2G(xwvb1X`&L;15xPD!RM8Hd7qv${(;a=E^t-<~ObrIc?r7JR&5!!!B% zfD@CBAKy<~sElnTiR}|b*jCc)o1jr6WqDRTE@wN%B@#k$KWLDTE7Uq8?|*xd{i%Bl z4xRMK1MfJA*S%TQip|$L8Dx?yrBpjUw{!pGv^J zDC0>5d{Dy1bFbDbWovfp;`WA2c57(f&sM*Hsx7bAc!6m(8pFdMcqbAy^2xjNIWV7s zIX>}y8x4^bu?H?pSgl(ax`4`+jok$tipCtoKg&H}be(yqvGd+|N0EG6!}a|bf!@KI zhZoC;)qzc&+5~lxUghK`ix<$*5IL%4*yRU?-#V_~2|Y!=M)y|Ui~wGWw5Lc?XjpAv zrQd_d#^84!eQzxkWzL{s)gK?NZV6lrZVPUV-ZsemP{<*GTW&lRuUiT6)*sOSd?9`e z+rT1TKm}G4!aq#;LXH*0_|Ex!qo-mT`iBTPXw`2jVC%{N?&4_cWz1cl>bl)4o>Q$4 zmt+);?p*ndk8Wsej93z{It;JV*V}P3jp7_;X6?@uZ7IPHjE4VtJ!PM4{Gc|fxmBRE zG5o_*>8dj>WZxT6<9gSp^LctJxy!JnI!Lbt?O!B0W^L8l^B!v&a3M8G|2fP^Lci%7 zqVnS#DI+tG`+BI4EZOeU$RHNg=Nc-s9m8hr>_Be-%$dtlY%us!wEuwBxUT*;K_eHs z#`#4XgUw^|L)$m??lTY9qZ6g{)B$<|CsX;}g+WKwI^zb*D{+X=10ZD)L^ z%Ho8A_<+M%m+Z0Ti1;bhdL=ttF@>^mt)@TAD3j9LI4FA#3*h+?xR;9I11^#1obQ=4 z!hxq^nqWxWo&R8`MwpHq6$3Gu&S0P494)@mO)2`dG8?qcBtYLx<@UAvFPx zy&>2LzV@_5%v-`-Jf3{dEBM*E-i|F>vZo9ytDPt)nh^g&4GJBh@VR%s^R^#2EhqYf zevdId8l>~%H+2Dj@XpJ=K-x_AUX9iEm--BJ^=*{sCFZE{64qxKjL6wk8H(O$LYS3j ze+bg^2qlQf7L%xmhgM4Q&hZ0U2TQIG?-HncCtj(_wDS1`oAz52wJ3Z>o;dlySyr2_ul6(>T^>|{$F zv%!0|oAV}I-0{4~*+V_RnTw=6Lj&W6Vk_uTLKk>VS--8E2s7m(nm=IZ)_r3Xs@T&d zJ{8=0^tJn$aj4XYD=4<6HR`Z2aopcENc*$lL7(y34Aev972*!LZ;0-WBCtQNq%wBu zX{BDdls7j1VYp4)_qqroMs}l6pq(AJF`~HMqLe+FyQM$QB0MC{VG_WT9$`<5l&pCZ z)NIvhJ9Dl?1pRwS$76DH;jF~I#mWY>bG&_B68=EXA7^Yd3~RyzP1ykIbiQRV13WEf zw0*5#n&3l3_xmT04$sLWjEPxBWlbB_&M9L94QhxhJ#~x!q6)K#>fFz_A-h|gn zf?@$_UwV#8H}S^C^L)Gc#{e3n=!44+A9K9Xo|rzi2<8Bx?C*4CC6jT0Vza!`p0WT{ z0K*4s7t>yN<3v@wMW`0fAgvj zsZFDZH1R-iB8zkl{?w1y0?!!RQ|Bo4!nE(=n2C~o#fGOvUS|K==Gv2(N8~8As|t$6 zN)_Cg1cuw{EdTxtno0Bg4?D&o8hOcdWU7$s*@BJpqGHarFhhmSt3f~fOKy~0$*Wgq z1cTS$MDD!W-k-)nj=m*H8R`Narz70|Nfor45=Cro!V?O-vXcX6k8`Co9^@$55tDe! zRj1HHV0(X#sTL^4>2X?L@#YnON7Y)rOnD~R1?MkKJ+N!8mg4=bw{Na zDwfsv6YloYMM9boLkH5UYa#4*m%P0yK~Beef;o5zN=&xBbG%N7KP9uK8AU$?sM2tJ z^4K{iuQyMoNHcnc?;zobh7=O@ek)#97o}9K?Bhh20R9!EZLhZ6s-pz4Ds+t+386%F z_TQ&nH%;-Z5=(%kRdsWs;f$EK1NRZ0k@sM!57W5u0HQ!?%>lANsozm|MNuD!V*qJ7 z$lU0UL{Uzv;qU}J9ui`>D#nhU5(r;M!+~i6|2LU5=ddgcgi-^<5kSIitvrYPE|f6v zmr@=@{g0uCpuxdN<$t*E+2codo<{@HM3HZ!RMsxHG<|{aXtWA2t{Z!DUke`rNWuc~ z9SJ()aQZuO&sM>zC#)~#f)1%ij>^V>VWN?V*Hrg*{jsn1ktqM>$8!!Qks2uU(jjyB)Ndct z(eA`nO~v_>xW0KQI8$^VQOTG?_!Id$50nf`6hSb5!>mD45=gXSY)Oi-mA$@e0lOQb zA3-==OriQ}T}PHdaK6JS5@sDkPahHTz5$T2rHTzT7u;z&()>O&5FU9 zVv1!V%xZJ9H>B>|Mfpe$nE0&i?51P5kGso!Pi>8Q(nU&Lv@^1SKjI%C1DQTs`NB z6D?P>oIO>IJqbb)CUesBn%wXMVw^K8*n?%rcBM=efJsRNr(bf~hkxg7-2LHqv8g_; z9Ava445TDYlU8iZ2avoHw?6$S7y8Mhox-a9bCbxi)=C+P#gD!ZVwADY0Y&}(XwL?t z`(W;J2n3b#NUm~3^U{~GL8Y!!tumPAHsOs@Uj^N?0F5kuo)cZX;H15 z6)*uwelCEflMT4PbsX=`kk%=z-mI9@P&jH!#;){?FU+F+?`(>^3)wCSYaznb7N{c8 zZn9lEwqRLKOPH@;zia6m(l7axluqD}B)ZV4X^&*EOkU!pvPcRAwc?BbI+!&t8C?1u z0*4Zja(6OB^);rktoA%;al-=j@;~XfuunLV5TQwC_UT&-P(!f56eHSn{PiM@xzq z`z;GXL<&73TGRcpjSKiU_9^Do1i^x;e#>`UO%L0saFJnds0~{>KEfPBwDzRtSKPvF zHQ#Mkjit#itc8t)aJ?&lo1OIoEU)30&(#p85GRk$@yT0ru^+;$c@d$G5;{~ickFC( z{6|G@ZemPUtq!KlN~H*RImT1@b?Po90beJz`lWFd(?1qNIc57PQQpw0RnU-FOKOScrkJZ@pNseZ+7(A5+_+Qq>)m(;oOc zK#sgusI?;P1yqR(pu6!+{f3MSR?81(G?q5Je%(|ktx|(r-OvKvj2(xW*E3rNUBvu! z-%5gUE7<@@>M;7xpgzzx#`I;(r?X%`-oo+H_ zYM%ml&yoRbKwB5Z0{gYgR?WT0oKvx??k(@Y-dt<|p!@43syZ34xP;vedwKbIJ53sy zTOa$2^YcDE*Gw{?eM5U=PQ{P;2b@kb^v4x_Q)npgZzTtFw~w}ybY*wepv}{TfreO>6Ulc%<2WTeI!HB<(>T#}SoCC!}l>AA;ZXP{H!HiH{kKQ%JW) zZ&+>Ktx$J{QmpNFNba%{edAB>)VBfZKI8o_5GZE9>t8A3B8BK!6%;nUnwvtWw2}0-ILq8?0nUusF8$B+C+mTJz5=3bpkw`$!;=2GQJu*Vt#f41qbP={ zm|GXJVO3`bTB@NENLZ=TVL__)6`dFTcSPfA=0VEw<$+n1dtgGCW;YPXoO;Ph9d}11 zuCV#i6%@MFMjdrA)ooC&78H|trL}OKth8>`TY64tXuZJ<40$|EKV$&G{O9<645okY)}&5PqULaJP6q0K-*6OzjWdUF%4VyjFPD_Ek%4^SlX`Y^GaOj_1bjEp?;;Rh&2) zJgd!yQs@)Kwz2V^RrI&WzUkg;+QOU3j$F?n0KDW)%Q$}40j6Z zqO^iw7ipwB#J2U+i;MdU8C0BF2b`wF7%)d*F1XY*`j6NzzDEn_kQ_zz#4yqp_4Q3C zgw2<4>q!1J`1h`qk2>(J3Xf@s1VQ;Vy&XXpF|h($D^E#49I1ZYr3T<{l_X!(6arLJ z@x{lK5t{}n{sz$Pg$fwOSjYI+KsI&lf6lh;ZkNyrp&pPj91A&mJ0w*oZIGWl7kKgB zN6GO70(r;%uT1_tu%Ia$Ctt3xIQHTzY5H1zSl+4K8ALulOe4#9>0`ob_1K|9jo}r& zu&S3Sl-gfYZzDa<(~U5~a>?;cd2`;M2N4UYQLfHjl+=#(-|sKZ@39-XIU&ta02q^{C0V*0S9>zC{p|Y&_*jc-!rUpEr{})kagCc>i^)a( z3|oTX-NzG)hC5HcJUj~i8Mmy_5%)z~IugwT{X|8BD7H`k^~B`vQNR$1C@^-~_4h}) z!@d+x>{or3Co=`%4B(x0ugk!fY!!Esu{Zbpj{khj4`vV^8hzf^TyQM5N+`B*P^@Y# zMld9+dj_3=x4gLwEw?KHRa|HybsR>8YLv?h8e5NS+DF+Z_`->Ef-C(5lDUY8+N>_+e+-y4GZ`m7OOU}| zO_{5B9?DmbuHv^X>i-H*D(Gh1dgfoCdm>)>w3H$txNXPZ0ycN;G{+1B;jHBV1AZ1a zpvCs#D4C~W#`n(9jD?!>Nv4k#X`o`Z!wZcq{(XNZX&uhyWpJF1$PV?QKgwSyH%ORq zKis+xn&1D7xc?g}2|*ImH_PO`6J+dJ?U-jr?3snA#~ou{xFIM@fIPVU7}Bj12<`iG z(r2_hYGg8G94t_8p=JhSYhqe^!k1JJo^O^cuErcnG3a`XEV4Rz6Je~kR{WqIjZN%g zA^^2X{||QsZQiUUa$6Y`xCe>r_-1?ROzy!x5ZkK?Y^1jX7vif1^^c+8^Za_ANRiz&)} z>9M%O@<^h~{>qDyj^rv(Y_e&j>s;k~89xWwMkd5TL9c?@IZ1O$wwHY4x@o!kJY%Q| zJ@V$A65vb`SSDJ3PpBXkqY!D-Z?vtc{uQl%m- zROUNEFxKLgVA!Hd*+W)d2SQ29QpUX%>gvu`BRC2yUg;mJz%;-eP z3Z@Yi*&x(MN4KRg+xAdF&AG-A6f095W0(6+GmDA@FBAfOCl@WXt3_Ob`h5 zeuO(oq8bgbG4&eG;=^Mw$W&)`F$Dtq8#dB}4e|1J1z(oomY^`5rH5>lq3; zRXO1W@R@k^P6J*Jbjf@3X_FbeYZ-l3NQE8}plbNB1Y3p|lr{K;uJlT~{}PzX{?_5W T5q*mn^#Q7nv{Y)8ts?#h{?sgB literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png new file mode 100644 index 0000000000000000000000000000000000000000..c7deac2c5ab48a13f5ec76db191d92e2f1aabd76 GIT binary patch literal 7893 zcma)BWm8gHvPfc~-KGP@agPH<11_cHJ0s^)oSXSe8?EmjUd-M8+>sDmH4v20V3epG_ zqg49{2sH7EvY?M%#>YnJ?q6pX0#1aJLqoYjxe1A@Po|sd*zV^FJt}o?Nl5Jz0rqeh z2?3W={J>p~NiccUMdNcl7&fn8X0*(~ldF9wP25)V`4k$mMS%wEufZlbh&I}U1esJ-lASL5FeJ)xOxpS#@Hr*>=rG_sLVaE$D4l_I7_B&NMH(1Jy3i}MTi!v zHLVgR1!)2X{usLjk7T%HizYHJcw=!PgxfQeT2o*KeZcN$Pm2nr9-p_yb296&W>`cD zp9$_go8ob`0TU8|mX}3&YT<=>&&`VAmyxbQ7G%5wEl`9&E3Eiy_lInnc2iIWQ>(@_ z8w?yg(X7-UG;0JhwQ=as0|2GRtG6x~bQP7tZz43P-nf4Y_iRnG)_ zzp}~Hp#3lL9j?B)^zO|v$CM)+u=i1Im`i{C+@1!wq7KQsnJf6>t4Pv8UnPNN@eGlK zKbxyY#sWo7`9>5n$>x5Ii#bnrk1tGijC`4$x65IO%(88+gL7kh#HROJ6Xs18vfv0D z@@RiJ8!9zft{K5GAO;;tEfhM9PwL4nL2;UqrDBy;sRqj%lS1$PL-JVR4F>qK@47@! z4L{`l!&G?NWqU_ZfapYY7sy{~*`tJ34j7NPT*dm>)uH5`Pfa1i335QOMJ3Zm^pEI$ zq^;!ew(I`Nj?2WH5q11x6c|~tNrM-c24CXw2Tbb-hj(c=6r&}fG)**<(kdyY_XkBG zuxPBF)^L5qF-|#?ATt;vgR^GA=jyi%Ql@rW6YWF|LN3)%Ck|8&n@ebrS2SnHp7XSX z*kRwK8jd}`#FS<595{e-SOl|5}n^$d)=5}>Ujx&{$v(J8V@CI+Bmm95QbYZ;2{hKOG~ zJCp~)f@+!ScY%Vzy$M&RdQH-EdDfG3`fXKQ7%y@$>(WR@mNiWo(Ulb7RHxW$dZdG8 z%UpK@G+qEKFWK@y3$U+H>;GqCN-ya?D%jr&c2vhBp6$nve=G)Em_bgMn$=yFs16HW z%g-6GXRbuA`LsWo|F-a)qSuu;l4SsC2JXX_jlimy&-vzgHJi9=Sc=a*4eRA1iOy-H zG4>3!>-!=o>mG_l=ca_(Nf&)SMLonm6&A}31=0Q5Gh4rqAsXg{)h&A)cz}Y9yJJG$ z0{INiT0X3jsRNsG`!Js@93r@`SDM_{1o zimXi|hzO$EN;a#t&z!8w_tPdic^93)31bYQn~Q-eg&pjz31MXdHYY?vgRf%R*>yVQ zu;#RcLj#ga)U%nv25xuev}PoTtD{7je(>TxLa;29+~I2`X_u%Lan$B~=F%ihKF&_r zE*e2AzZgZ>5eY;3_sguqD&zs9l}H6>Fu`OcY~g^MG2MU|i+A9MIs~6-vc>BiV^bJ{ zas{;|l553W-Vf&(7Qcg(vaSw^z5NLmtBb!Y`~W)x8vAK7hyEEg_vV#>3bKu3>ffU2 zcmeom;m&WrxQ!B8?$(T}OVB!_%v;uumR;=Nt!Z+r5vZja5+X@l;>S@^VmS#~_^J_x z^7fFMl`J+1PHiuwsmcOl>lG`|@kdH=!ULUpPcoUob?jpCL1EUJT2|Zi3CWr~;R;CD zd6y%(32uP(h=4@3tau9k;rFG3g9<^k95*L1JCp2wF8Sl_V*!%w9uaI5sraETjVw=& zCVNfOQV0^X4j*hN^H&`FMFMi?mk5GshGNH?Wxp9yW5My{C#WbH522uR z%8)<6d};ABj0te>=3#O7kRPec3jV?V_&%ss4*SD)ONbOtLMY-yY43+HwgU}x0wbDI z=H4I6-J~8;DQ=`l)lQ;D?JQ=YwPgUAH;T;v%_IwQTb{8Rq-e&EbXq_R$Qi1ac6Xp7 zd;T5iUxU7Jjhe;qt@ItjvMRwWm8~HY5f?-VG>w+OXGSLl%u9nb8op2BTRSi9O&C{E z-~dhgv;Bz+MkCv0g5%#NhVG3>@%hDoT@;zoT=*7=o->2|Whr#5TH+A`2Pqxwkljf~ z+Q^qkY;~EwVu696d&Qd2pd6p}hm;5gw6ooo^DOnm{Dzd0e1e>QO+#h0uGS-4eIQFz z_NQ_Glo<8A(Vq$XAN&2Dk=}5Gs)hBu&`x1^Jin0NjWHkCl{>9Q!m0b_(uofEyp zs#kx#{64;PztNRXaL2~IKDDP#X8+7nslZpH?-MUt@#9Wlwc5g2zlw+2zJd`=ST~W$ zsBwFz{je4Ns-Z5pUBg}9T~!jAlR>h}0@6?A<>EANI|g96QGjRK3;}ndw|}WeD;4}u zP#$9b{oyv4^xhrB{}Gt?64O+lQStEka#aNMUOkg&0(=%tr*@-}-7u1K(%aA|a?_TD zm{CR{BaJv{q?iEblKw0TpleQ|o7g#n%O;R?83WL? zdIJDd8TQ}3d=7!IpVV9rk{^rp1&Z{Spup;~>t-p7J$w9ieirajO~Q0S_HeN(!rpva z|KVReryjODj z`|eRNJri|T6dM`%D3N3!Ii#PnM101{_Q(-U-9;u*X^(cyx|qrbn(p#;1^Zjv3P!H4 zzR;-;tEL>ToUxc!J|cfT(}!gQccYOPL{hsbpt*a#CJ4ub8Xn7QnAahiMnrMk_=)uL zIc^NFiCw%OGE#M3jmg$|Mtoi>>k6^x^VFA&w*6rQ6#8`*piZTVC#zZs4H?A1Q1=_O z9FmXi1jfhH`7y0CM(g~!uxSc4qEJGz2m!4dA)37&4{3W=8anUo9mPTw0a2jC=he}# z$OOKd%ss||6Tzu)m&tHyI4W{%-j`u71~oj3TMWr}1280uK%EdVvq7H4p## z@L$%bD?1%BBhJ)&O0QggY&IQaj1*cBvY?&D`u+X0VMFmoL>}1QtSY{;=X1deKAGPU zNz%Qp8f>^ieQMV8V;TsM$1#G>TYaq=!UW!d`qYUd&iHQj#-+Mfiw4K-DK_m`jDbC8t-~_O zGU@X3J!QuqP8@pUf1U|pv_q-<3VNfpL8td~6PFiLUE6MjrY;W6(@f$Os+}ZuIAcg= zb`|c!rqFlow9Lu8q|dG*?B*^ND3avDoGtJ!M%KK&Z!ZKDiR z>%_xzd)VNP61@cMERo58KK!tha`@N~+i_}|Czafym9KT9c&j^3oEg4!9_v!@kOTR_ zZPOsNuG1cD)|ZpspubTYKYl%JGL<@1h@?@Zhjmzbm88gUUK!ri3xs*mP5KUylXgm; zbbMVUUM*a_-fKSFc(*WF}wBkqkzS314T)>2mo2))^H!)?L6&*#YzB%12r`M@K?Qq3Og~ z^UMzbQpN9X`qHmic_)F8mhLgEx-AE-^fC6vX?4MDZ5|jD)E2<9N_!$3_mer85M7-3 zx4W%Zzu7P-2J{;vSr4uA-yyVq1EaUo8|7jE|0FgoSbp=1-1kn1lU7b+pdupBWyu3K z@%lqwYdhkfn$>@ALy~8#e1#e@+J%_Lsb^x>9jq3avgoK)^QPRZ%69|aWev;Don01n z2?OOq{lug8R@w(;J>)&2Z{e?`X z)luenR>x;TYmJmBf*@e5^fKTfRqs*J8q1t~?{v7MVr0n{!Z%r>&8RvQeJvr+a zoM$rVZ*OW3!sRe)Z5gbz{sHVTE}bH#eUr4k8P#1Dh$Ru@HIkG8=NsC*eeDlZ#|X#x zyrFpX*!*Rb(zxKGo7Ru7^>?l&?BS2U1VjZk6zC(;DG+>X_zQf?0cxxJz}mniq|*H9@e#!d z>c{$8`t2}A-pn6E$+GPzhfNURpX<&yDMd)y-XdBwM*H|mRew9rfWS52lF-JH%5P_7 zEKu;kK50k$ODB5@PmM9kqD|aNlBAkyjE54p(Ce0t|S$QHjr=>7ZXk*@%ap2w&6p0 zb37a6D)gV6LPJ}=^@)zv18+Wr1H_=Z-iSy=KUp94>19__WH=sE~xN1_m6$AXxN2eG>aFU!6n)q^du}JCI&O+w|h+3|< zWD;1}no;&P>R44K%K4O6sG0b2b}-u>-AQmL#D!N?jKuYHsZxI)CNiTk2jR$hdy3*# zU&G5COZR`*shX^HDx?7FmaRI>HB2;x`Z1c{Ac202#g5D9uK|^_1e7Ce#{nmAE$~m@ zm{Bz6K9>G&kn~EFPssA*22K>)z0^^wj6@_&jY1v-W_g-x&>y;;uHq$o&iaU@En7Tx zal11~dUc)tUHw*tF44!*i6vwbf;R53bpobl%Fkr#?;c!2px88@C8r`Img7{A`u_D% zhjw+x4My(yk#d|b1Y!lcKhrSHuH5qUoJMFH+gUbEDh;i@46YZ+6kl)(t~k&LFvtMe z0n6|6i<}czgti1gvd+Iw(AjWD2v_f1m<;a14SWW6y6fLvu{CDyV(zb;$*&T78bMBD z#v;19whny`T)MX5Y(EK6I2{hdE-(fiC5zD+E)HCTb6W zi9YzI(n=JCFXb|iZQTYL)AwW!1{U(;!wCKk_`I`A?=1AUc4uX#`+9K?*ZmpZP z2cXaFAoiIda9cszDZ^FqCtEzuSculpqw=Wdb2Q``r*85}lZW*(i4BJ4&)^@1fs=0f zLrR(TQD#FEd0~T6D=cXs4Lyu0Wkx7Id;apkZG35qmgV7A9D&)!C~5X%vxz#60NXCQ z`K}NzD=MoZNA*1h+Uh5Y8`b@{NN+r%6u!i_S|8*1oJZN@t&KBICH0ha;E6!+L~${O zDt^trr&3|Afi$2xINbe{M4(kICulRG^1T)*(Jak#+@5m}54^=VqZ}`ho%I>zvX0?v zZ)tE2Uhr8+O>6jKHK#?GxF0lA(C0i3r;sDadF}%jB;0MuoN?|$(N||S5HB^NEWUVj z;d0m?9(_rgz=a9GT>YVj+FLsF-Z5-Ck111ry(tOqpWNgmT%TPB-WUAa6W_zf)JQ-l z>r76@k-WXAV-`Kp!^louR5Mc%E%dw3+&y+oZe&iOgBp77it_mRzDt?^N2DEE)$Amg z-2(N5Nd|9Ev9{K}cq;Vto9w+|Z*@&SrxHnVhkK8ctsD_${b|<_@ozi!G`1w{xj@zQ zYYc(PZ^)!7(sZ%3yC&xec1 zg=;$%MIFPzzP7S{UZ~5FWoju^&h8&6*dGkHm!xhLyw1=L9Ss|$NwHitwwJ}-Ir>%3 zmL$w~b8s2?^kAahx$fN>GhcJD_*?Sxp!z-_>MtdYs<>_SBz>Ymopw9}Ljh`EkWJo( z!I;uJ8L7EX>f13*sQhJF{@nY3eUqP;;v>^@(zR7aOmh4>E?PY@n{u05LmE4L0*fzR zj9%qj%-RX-~BDFqu|r#IDRx{ndS+y%ngi;+`z;`j-3^=BjOS!_dASnt&WWVP#6b93TkGPw%l&YmdUl}=7qk|4)AzgE7 zP-;Xmtn=bZS?q`nSJGa-JjUzW@;y0J{24*2LDGm1IrwnsT{z12)Zvb((@zh;zH)@= zu|OHE_=FL6S?A8F#ND)#izgRmr~v6dQPS*|h<2W>X6U_I_S~7#rd}2I##CJ8H=(|B zWTqiB^Em+rPn+-PGWJ@ip3hEU!u@Z}zkUj{=35t$@jAid3_~1y4Yn+ME6V&PICG@x zR5>sB^L?0qBZL~SG67jaQfcf3G{~P_!TKE2vl9=O`Oepz-*6HLcaSoyEd=C+zkyr$ zEjR$ExSchi%*Vs~ecan~?akUx1KWD$f8Ne;$md^e?6Y%Twfv%JJ#A&Lm^K`s;g;VV zswnXkT9s}eNhRp{W-X}qGUy6<#KgJhh>jEK?2k1oJhLf&{8y3|T0FFaxTO)5ayxW) zHHeknb0)%gqu53Ia@=nx`Ou?clvtBW7^)o}uCRF|$cObDuGuq)HCVN=z7`P`Mi@7c z3q9a?%+`5qZ9FolQo1#@4WnwT84Ad(`Ez3P5_hLS=~$=qvqW3IyrD(gIbCQ7z01g< zoztCh>f5myqxX`S5^B4yZq*BDE$VG8J};pK9Z$EK7-pDE&%R*xiUgFF?QaJ5*VO5H z^G`0ApnT781x-X_WWG@XOTgEQH4Hz*v7E$vq}R)OJl;=~GddJMP`cxSxuyFc>N+|! z8gf5syuWrwizd-p;~t#N+)QUo z` zBOSE97`^Y|*)QEI1al2x99h?+<4Un=nJmB~vqbyn{3pi84%F|+90^J)IvYaJh_KOl zs=(_9Aa*rHFE&~5mjFLfKcJgm?l-AaedQr#l)93Vb9y3LAX!vPcvjzfi?G`dmEU*6 z3Z_BGATxc~^krzl%-`j-o?f*HyN$#9;r7~}O$Ndny66k1paAU<;>RE6_t%d*4ZA(~ zFjpdYT+a6I?9X{JvUkUki%kxOw&?=NRE%JSDQ*jQA~D>m?jPO-L<><;5$zqG^Jkoa zO@Bt^kDZ6!!pI81nqCx$oJUao`ZRGQZNtOsB4&drJ{mN8zvk z*i^YIPXc}&{Lm8{*BS@R zl?p1vD>A8Y&xjxBFlJZes8E;i)e|F=zu;coW#{e z5)+VB;#O)rO2=26UvwfQtbb?^bM08nkiI0J=XM4_7MRcx2gWR!^{jq=5(mX3ZdIH? za@U35QR_4rh6a7XrE-JOy-`f>66@>SwXSZs{_c!SxcoX;EVippmd+s8UESKit0ovB*Kbbvm{zJrHWbb%>{+rcd~f@ zx^U{iNlAE{szXFI;hDOEGmjpSJ19bSS!{(ArZ7D{xBI28yW_ZYHW;38E)H&(xE&bOj z*4ZiaGs$qD3`wcKyb!7i-$l!pCuHxDl8C23#=qhMLE~A{<3}{j)cz>SgnF2A3FKSz z#0w?gZrH(&PFBDs9Y=Z`rGA5_tyvvi+*v5=GS0R0@|hK^2r>!rrnPZPunSo#6nJ z06C*Fovg3NX$<`cvW&M}B4p@KR0)a8eVFJ0v#@F{x~KE#^!xf6$!x#zVzhU%yt{mQ zci{71y;Vwy489ngFf`NonL01S%zai^9U&qRzhe%ibU}-$mrR?`EVjrFl4>NlOWjN{ z8UZB&z1!Q~Yh9lhAX75~s*MX!sfD5kIf%53wea1t}KP%(Bnm)UJ)EA3>^{F7L h{hRs!wVkyWM7#0{XMvTH|8!~uML9Lu3Tac={{S!=A&>w7 literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png new file mode 100644 index 0000000000000000000000000000000000000000..134821a2410b9edb95d8773ee39ffea7b9100200 GIT binary patch literal 4730 zcmcIocTiJZl)p*n&4?f%ElN>9dJ`205a~rgdXwIzh;%Rl(!qdqMI=(C7wJV21TjKr zA_DSJq#6W4A|SBOnQwMyXZO$DH}l@P@6Fs(e(&CMf9E9J)Yo97J4XiqVARsY7(sI2 z?@dDmJ*&*CpFsk4*GNMZR1a~j0l+Myg;BW`Y)i_g_q8_R=^iH!PR6BR0)QD5RI9#+b7twcQ1qo0c2NZU&L#+Rsx zv$e&6K@CC12ZT+(p_2Ai+V-iP+5XMWu;ZZE!rGIah?PIxI~%R-D@qjeScLEMG6ekV zYuJ^WGcXV}1*2B?1K8W4ub~$OK>bt!%i5dk$DAQ9fEo%{6H$X?EX%pK z0m}gREpu9OEC3)`L}V|KrUvoSbHqU;B+oy5Cy}oJ&`#>>2?E76|f< zQoS(XpjjxX>&gU>u3d$h=OL*^mtueQF2G*dVXR_+{9re7V;IYYO#gqoKyeNin=mW# zl##xwBM=?G`^U*ky=Kxcnn!#UJMf&-P5UH9vl))VnzY+H$OBqUJ)nuEv;U#aggc{5 zber9E^Hc-v<`XvS*0l+3XT1oir?C{Z~`znSp%Mo5A7$J9S(^N8kFjY)R` z%vEZmDEv05OAG)7mcm7fs*dmPz|WQn`ohnTMbZkz^g3U3RxgcQu&=SGJM!t*56w-P z)Qj`13&{Ve*PI%!k3eaqKp3v z1d0HMBTMX+25Xdk6pqN5kseq5xkN)Zqwu+RI(}<~I@?4saoVYoecH;(HcND#;n@nl z-cUsy^oW)Ae)1Y%=_b*YSl=3!YWPsoLQ!;6@%XT*6TCnxKusyMvs5nk;Q>4o* zpc$*heSpz4U_p$#`M@{G9W><56b<1MJx}7r-kb>;+|EC=!R)UefmFwRC9$GV@b0{fLx^Gp*sQ*Re zd^Q5<0;^!el_!nuV4SuhI3u|p4JXGOl)8hSr>r2xl^x9Q7r$WIox5T}7awX_DBiy) z%~u#n&t{5TZY+~S=e(8Ihx7_i|1WxB{}Ybas#qEMAnt6<#_l18Vu5DmS?=t1PmASp z8mt8AGKJ>b-s0|83*H6Jv7_nKj5vCp0jD1+1Kd)41>aj61y77}(+WHp>k0U@2p&;I z2+C3v>f>zlAWe!^AKuPBRz&F3CDcCK!9em;JAgxXZ@D@Zz%<{xmx*7Z&^+qh+@Kgy zO&_-xz;{nRGPUHmiLQ;x5X<*TB$A5cWrCU>#|H>&K)FKDQ988Kzmx^_OH@Z(tM3cX zPhs8#h9FRCPT(*MrVLqn8zoiYU)T{-#Da=D*x?r8=}b^y8IXn2>N&wFfxgH-ZTjsm zTQ_res($Z&BW(GkdBX8o)nS$9(<`&fYGIYA>Sc6Y1akU>H&Of>TP5bOW`=*9%1Poq zorsdJlA*>IJ^e;*e;`70SB?cy)Kwf-j0j|)9axKX+7H^3e2l% zVLsWF(m=h#?6IeA)M&2Z2Zp9NUgi;blYde-3vely&C9NKSt$H4~e z(LX_a5V8M|PtPcPP`godaXFf&)EshZo3&_TOf^xt{2$)yJ{6qpIbwR%27Mw5dISQVeS% z+B|GqU_r9#gF{%^}NyjcqYA9!z7Pf5J3^KAo-6{f0c7${sfCX{f1%?=-L zN<85VMn>f*X!_no=bDL8#e+j8;)mhBwZ76IXL-)K&u#6ujc1K7hdKU2yonN5y7v7i zi%Nin6pu~iboWTWL~Sc{5J^9vkEfgaJbEuJW8qZmEo1Ql-RvRWFTC>s_H)l*^?{^| zB25LAHiz{m`kUuw%!GD5Ey_P1l1tp@Co0zVyP0gBUC<)v^-V|KeCb_2Trqzj3XEP3 z@+k$uHP5DN*|>g44whou{JwUPI1%)8h_G4k=b2AU>9_7W(yq=yab~>jnjjzWTeRJ7 zD(oCD%HY=1n{{=$&?r@EY<4u%wuTt@|4vkQC})q1JRY!lvNmt!oxMiC&Y>gA&39j6 zr{R=JQVMH~#pzNJO))*254`$`1G{-MLFtQgRt96$3JFSbq$@54f6^)#2?dcB_k6Z+ zm=nT)X8&ey-yWy+A1$8OWe}t+&DgR44W9jtw`9g~MJ@iF6?50{1M{}6q#q^kOXVcP zmh!{ro*<@v@NI-t}{iPIYQC4@ssB~)C^Vd z$GJrF58rdIwH~;K%zvNQ9c;sh5$iQwp1-K6dF#)nFjEB`?UA-{ywNG!Bb|nX-Xd$W z)DSc7h=scsN8OE6@ml@+Cr20?Vwow^^ga80(~hcWO@{X4hwdgO1JKlDTLgYoUQR3` zE_q;zzt`(RNN}~zdTQ_3(6vPUC;kCvv)TlIm}RC6zpM8xD@Z!UO}5-#W!1HMX$qaN z#lH|ZYc@d{Wq<7yO*^$BG)H7Ir*bT`bCkjqC&To8N*o0z4Q=j<>bboXxM$J%*pXDv z9kB9!LdF;M*jwyji!`g}lSO{h>Xf-B(RU8AJd@(g!sZ>)*dyT(5Wbj|gpBfBRU`fL z7pknBlWa`w2#MYIy0n!K2Z<5Jszh>nUD?K@%3%k2UdwrV%frCyGFK57_OrCS%%AcE z4<_C7X_Up6E_0!Ix?SmyLXU~07S;HT$8}A-A@-bLyQgo&@fJzFknNLf<7E?N#sYng z{X5Ju7B*jt7uMmUA^qy>ZFk3Rno-!e_u;#D@jesmh&h!U6HzjqlqLCl-x$oPcT9gz zQ^l;vVPsBHR6-kq|TCzed?$H`VEIZ0*T z<-I@HSoZR7x*Dnl^?oMFn@|f>T3Xp;l@^f@#-XB#cs%bgh7z&I0AcxVrlE3?yVe1SiJ*LjJ){>Lm_ZJ-Dt=_ z;LFaB7;=xe&LaA*gr+siE%0jwF!px?0`dwj?h*3Sl-JFD3Mu2GsWW; zKD@_Ft1j1~#G!J}UOxpO>NPamno|e{XlP=V(Ym#CgDj z0)wHlvmy0w|0ZZYmygs*;ecuax89Zi&O)gN5Y)pXLW#zD!-Tp{{b{Pgzto%cB_ncq zE9Eg1>-+zroq^~az5GD~6N8H;DOJHT#L@zNYWAf-=$~?Pq6k@=-#~9?+zbtfS!4f~ zG}8vdG}^y4G24hY*163w1T=1&KX|Zu=QbQi#}fBg$_<;`@hfmC`guf`Y__9~p(u|n zDIw(z4IJH3g8p&LZ1nt3 zt?2rw-<`0sc0V(v6>8~umWr8F=^aW+q)T&!Iujahs|}2%;4s|aft}PfAmpA_0|yHg zotx1JB$=lz0ib7E%wn5B5rg2PbU60br<3$4n5I@zI4eNfk?!$wVOz*VJqob!u2ZU! z66GwxQEHwkJEa$R4Ye-Yd&i-$N}4)`J-kKU7C|B?+gVM)wq;L8Wd{IkMq}9@I53JF zPI9I|y(z!Zb#YzC0kk`NWvAD1u->;+tX`H4Jh1=gD%4uw&VDZW32Hfbtx5WFL#0uw z4v~EW>RB}HvbUrn0H$BSE%_eQaj*(yuq86A7CBz&Ky!(SKR;l9z^1=im5nOLXC^hqmKXg=KneA XAJj}9R+8=k(4}=lA5*P*JL*3Gl!JPyA07*naRCr$PT?bSg*SY@g?$WD-dIeQLLcLQ|+@07-{PN<&u@lF3Tw}*A?h-<_ zVmt13;ugoTr|QZ-`f-6l$LB$Zc&1~~Ovgtsy>2kmvrwi-Ak#5FU69`2lgWi9yM+tf z%I(}N*kOcSsOADIV|J7XoEJi;%Zb{zBZs9y@MJt+AI~YkJn!o3sipwuV5V;uuV}Ui zmoWpMr}NWI)CU_zFatC62DP}2+w6_DGQlbw*)`3`T){_ zx7d`KG{IbDy%q*ssPorP*9Ykb!P_aw0eh3Z#@=i{!0gx%80GhVP;%C>4s3fsclGwy z+p90fl$AKjT5rD&9KT?J`UHJ|F1S}0)J2oqn}tShw(k?bzYK^l{3j$S`%D)N-S39+ z0Yvpm>oSrTz+}4}2Hhq4Al-<5_r^6gWN#A6U=!9M#PDiFO6IPCuxC&A=mQ9V`s}5P zg?j5S+0%dph&g-7#O6kRht5xb zJu|RD9UC0`rMzGr72?%EY2u$2|bfD~8zRv*%kjAW(Us;>&59kAQa|hxJ@9duK z%|f1Efc|g6Nf{q^c8tFG+<*XxamNM2xy5`t=j>jco`v?s7v(K$7VO-}7=NDm2fiA* zXj8ejtgE}$(XRnw+?J96t8hQ`?04Noz=1rjVB`PMG2OGFOEdQMS32}dfHZDPUSPNI zhna!>yuZFUZ`zk&<6jzd?8)GMXaVb20IAJPnyUvMVT@hnO$TV8tcBb8=Q@A3He_+; z?*6jpegTl$>?IQog6O0d-(I{-w@d4D z0I5k&neC_NPXV~NFA{tJuX(-I&K?@HG$X$+(V$NOq#-jYl`*!uFA>eEw}==A(m05kgvVSVdtlLC7LJG(u6X~s5hr<2zM#FU-%DCg`6ZzrU0 zeI2I&W9+ez#Ei8af3oME@LGV>W+qKAfV~QaOL~qRzL|QQ0vzk~;J15g5|>v3gaQf$ z@HYTN_V^3)P1xfU;2d>e?3S>kjE{PJ@^&WlI)E6nlK%?eVQ(XpZ#_Lg0nVQaP0sSF zckeX-sm)9pq-X3M23*+#ufjKlmr{TOU)wpqJ~BD0#v7LC6#y}1Ce7tK_8vImyn!gb zHS{tC7z!B|eixFIo!iSR>HV4<^_fY(&@uLTZxg~dzxPo<$N5#k$ys0Y=E{1NgP5|D zZ{r-~-|#gb1vDwZ7;XIvZx9?DZF}5-!F{4*}VZ8zn zV^;Ft0Q{xzydvL9y?_GGgeGM^(9`Saae$bzl3(G#pL%+uzWMq-1sL%6kfh8zdvYf| z3Xq1ZU23ksoE2-4w05N7KZv@8$UAai#SUw7PL;;3Pp^2Fndeqm$ zPF)HRQ&#fJ9OzL`r-%FWbsHcQV8AOONtt(b)polKAf~L88#(w}U9~XZI6ew=mI4gy zrjVqJe|7eG`Ey+Y5MyT2OfXi^6$|o>;iEv8P=NDUp~+c$&UdUX0f;F(Ih%7VIp4+j zp7&9pt0=%2wuK~SCZ6wj=M4~JcFI%W{K4~Gi0^s#6gYUyg!l;|J`#150*pN!nwarW zM<44l5zCmJaxpkxcRmXkXwME=kqv*Y!_$A7i0l4mSi9T*;J=l4@Qov|>IIZ<^fBpn z38wDA*d?Kf8S6XzT+0LJ#X*c&$t3`yJ3D!Qc&@Od5u9_6zVI`DnTv`lD|C!u$BGop z-;$2M-7yi@UF8atbsK7N^E1VGar!LWwtF|eOk9BL3i6Qm(Hw+_8rmdX^hG;Sx?y2| zAa7Ufp)@opGp4fxbs8YPtUw3Jcjh5N^)PL%~JM#D5d0{`u%s zT((?!bM^WiHMlXg7&lHEk9YQ*L}a8M1)upY@@)Y|r?U||1(3#VDN6)_XLlBr{pGog zo%Oip(SxwsxOjk1G&SMMZ96bH%nxOC&8XR$gz)4{j0q3Ild&_L+m-`F`eT{ZjElBx z$KPhmK$O3~f)fC za@0@^3kYyh<4~g!x904{IkOpW&!4ZL((SuM zVSt#jl5gceua#lxz}`CDb>>yM_~gZDm@+O%bByn{R^xZ6g?M|Olq1CE=TF;oT|>Ms|Wj)_3#;+tFkdFeKO?!2voz4;ZaByq6Y-!zY_?=d*|Lp9KpP+qym{2M1MO zc{}HrzHT$#RrMu~uyt7yh6X4Pw>yBSMJ$?l$`2dy{z6wp{O&ykB0$t_)`qQ!3iU&? zML=D%4gZ?w5WT*xIE|}EjKXaP3UKthey`Y{3keIFz-F#Dd3q*01dxH?^N7B5CtjL1 zTk|V_*l5C)Svy<~JP}*#5Yyl1ZA{0jbLJ@CM{z>~5+Xt|D^e*QxdX`WcI`sZrONnE zcYU?=8=8FamJGZ!bGFO5_6=vX zY}KEAUJZL@u&C_byRQIQOI^RjOSfhrHGUdGTP#e{$X}f~gSFGAx=b{GQ#$@JTM3ZU zO-&%iboof7dDq>cKW=Kk|BfA{7<=Z1EuvzsZX{yuT#=&q^M@x+VQt|d7yaf`Qxgu> z)!?ys$GZ3NS`7Pz9kZtO?|V^g%s$D}E2=#Ph$%byP0sO0&yHH(>t!}^yt1+qQ&@z! z_*$zK5AEHH-7V%-X-7wmCcJ#41iu}pOn0elZbqZsf?tkl{~$NmY`8N&-$f+T0*I9h zun1NxA38)q)Y%)i;*B{{TAw=YxW$jK&58mp~z)4nELx(hE% zo2A&|pYrpu>jLH1m^!%o(qFf07m8J)kUL#LOJ~s5l8`+Z)WAe~((44XeQ6r)LPz>)@}~!JuQ%>ltcHR!wo`mb^T? zyI?kEL^!yL)Go@{jO@?x+G4@7 zghBZBHP`)n^ZVCW+dH92nSW?+&FuoDAw4CI>G{F-2J+_LckOFH_P?xnvY-fiE^2kS zNoyuE?Wd>8F*(##_SQPc1+{hf;&eHFGIFG1+rQtn3xz5ULgLi7XDTpJH8z1SUnRc9 zuiK1wRDO`m%1YcfMHwlvqpAkym=za-xKEGtl5lbii?r8+*QV&wP6e1)KGdmB4(8|84(i{hy{a{VIXriY{hGH zmHL8~vrvnJXgLY#fYKM9#2u;GILBT2`7RDfGVi{rnwy@vcTWMbG|a&X>$f;f!19B0 zYhE6*RwN@>uSZcs1Fp%-#n}ygJ9v^Y_G(CC+Z7ty1c-6R!r`#_m-V$TgM7U|Y^}kO zPl0g(j&O0}2sM>UE!0(3ot!GX&E}u(0~&bGoqNX|E>9X_;k^HObAgXEomKS`jYQc0Ys}Gg|O$T z;<2;=vKzZq{j^NHS^y!DjpD%MUqLcoKd^VNGdfrz%z9%vxY2+?szAwWckO~7V=l2^ z^c;;3#u4IgKu~}l0e%cR9RmkPy~&QOw`XI_DDUPljIq-pi5aeziWb7S3&RKbBgkKm06l|&=>R)mu?jd=-Q*GyA{_{Kp6|IEx4Kw-=oziAu9ldU zU0I3SCXGj+OicOc+-Z!_g~CtvH?4RqO@QR(x%gtVzVuq6n3nECzK;zlOE5NAso>Av zuoZ7;=qi8A%flX(F@flDNB&+cjv9g~p~{a8{YK*I!~6C^08rP4PsM9KyqsSXnyg)! zu?>JE{|JUlyk-+_78072iC}|X(>g_uXdOEG`_AfWj0*I_|EL^$*|pU$3qTl@(XCp_ zdfd9rczpUaj0;lgEm<|^aPP#4&J`auHeyem5o3Z{4<-3Q@-JK_nw;CxLA1o1xF0tu z!d;9uo2Ycl^`znkBYw3b$Hjat4=s`AEw(mbZ+WAprR(4G=V1O|r5H)i&0N0)|5W*5 z)E}P=lb|V-cTiuE0&Ji$(tig@gO6 zluLSa(WVUCK4}tSRgO0L&7Ewm6+cB`8LRg1SIF+1;+KBhgJ5d2b;2}XM}ZirS!0l2f^-I$w; zeX=~1wty`CCKnwSY)Qw-jf=ef7>Vl>IG-AxoOMXOSWSSKvXfFdXREz^XT&}JF=q}U z{rvFTojY+@6=ET+U(4!4zmbLN?t%iB=f1BlLx>QFAf3|ErKLA$In}hpH?<|}Oj8p= z3=9_yAKE4dxob~8b}VmIzCS5Hg<-l-g%wUq|IiY{=)hB|Z-}9FUo|!>J}5nd1%n4G zUN?zWpDdb(DJrYjYhonV{{Eh{iGVu7c zX$s}`n=@zdxGHdQ!KQTlT^6)xve`rqCXbua;vi~suofV-OvdvzrQ=mqkmR*Hce=!B zO<%v+nb#t{Z#vj_?B1=Zn7h+eC;;=}efwOZj+bR;q4@hgkZZzG7@C|J-!2EK&tAG% z$AxX)4vww4wYcG-LwI4PGJeV(Na(=dmoOO*7np8Icw+i?`Pp~jAja(Er@_(V*X?!`kR)Eoxrg*T0c6pT!FX@JGQ^yIcc-wE zxB9EZg_tDM2i$QHt$Yiuan*-kD`-(|8PfuY8oX)~Z>6mn_vi0bfR>W9)M>t2VjmrN zH8@D@yl>AQ7f$f6(&Kox=!j-640+krQP0x*Al*w~97DtWVc`NkesVhICU|L$FNVK` zCT1#XylDU=r4XFQcJ#pZRR3*z>v8EFdmwOV0)*DlmZ;^<8TQA#To+52R?fw-MiW-= zKcF~3DO<9{Vhi%n5A}iEQCow`CcEORte#VCogyPZwWSG{jcCmqQ3Hg;t1U|t75OQ1 zHf+V~GLtQFzWev?5%mvw)8cA$*tcJh;w%6m^>-&)(Z}VZMe|*JO7t9wgAd2XB0gN1 z7OZqbxmX|iHN z%3{$RS!im&l^Hub3=(?L56_;8Xr1z<+>GI&y^K5NTPo)ZXnfvl%ZOD#8DZ zY4ta0WdW)=jrz;0<{&1)hQWS1%#?{rY7tAVpdT|e;-^_V6hV))mhX}lVWNyf{xo|B z?w=AX##Tw~cw-|{4;*mGQ=xr#`lt^Qdb2Dglz6^dLBUs#g~%o1DZbYVNF4I~%KUZTjvGgT!4v z$8EbwVOJJM&=N!FU~gHLhzMB-x_ZoWmS#*22~@;JkwX7>SxlDNDyHTjB_)M$ z3e;Mx_^PrTae=Mj_gWyMpi8L)kURZAE38J#?7go193I$vKrhfOK15wD9jXNq59skH}?-L*CN{rJ&NlkTRf3fOIW(X1^swFOHpLY`}G#z}Jn zZi{I(BBX51!UI!d72+OQxX9D5E-%#4_$;E~^7L#?K+&4FS5@Jx&V;8XI*RBm$;d#- zII z+&Osy?wT|~F+Q1nADulF6ZFbZ2`w(7#c}S)&qt0dIFKB88*8dCC#2OsppMH@gVN>e zukw(q&9W36C^t+{M&LX1=U{PE>zry`f%KfMOOr6jzZFzk!IN5{Dm33SGiG3vECPUt zNO>ZSU0v%IB(pYd!5tGOVP>RjScE&JoqPZk6)RV+Y5(dR z3^EAJ-M9sB$RcRzaQ|6Kz%6H;+*<WT&Yb$EunY30$<__ZG~-oI$O$D{3&}w>$G(Qgu%>Hj4fZEsjnf9ZCb% za;|MGFGr)l6;Di5y4MQp8?b1#9>GCMr)+PYLpy}aBa*UzPyob~oxGNFJkpyBlg~Z+ zlI?hPx-!Y=?a~r#DnI8IB!O!OJ6p^mqwF?Jj8Hj3tr~?|+At7qq*qrWzp4RCqLfubZrPnD1`|q+^o}K)GZlpr z=nI~)EXf(Vky%lNQ&tNm2DVzr?%lJ;nZa1yY{BH{pwuu`d!AC_?#vv12FxXY^Q12~molTBdLs zh&~=Gr^O*U$ko5GuDlHPKpR%aXoG`H&|=s;;5BKy9LNew$`rHSoZQfqmE6PuWgx?02p2P#A;wZcjYDJkM|AgL`; zYH>|&Hl{r9!Tx$A4spamsR5!^;^p$a*=`3_QItxOo;I7Yd~3F%kb_!>QR@eEI0-~@ z#hg9_G!DhM$s383pDdo|Qo!Or$4|my0A>Wainc$Nmw^S^u`)*6t(IO7Qw+Tp0b<&oJcrwn*Nb=%rxpYtJS7uB20fZ=cJXgo-g5eT zL2a#=U#=w!lg=>pN2Nk5?Tuc-M~mlUPNb5hFWQ`emsP2$Y7vGkLMzg<6|qa|%s{or zT>X__yg36ewai0@yv)*wUyXLu(o)A+$qfb+7DD0mQneA%PrgoC==}1l^%L@ae7 z;=>(Wpw4Oq1x(64=LC+8OO;W;3F|iFjd}B6kmb9Rf8?aC0ry5vQXCQTb=;JjubFf6 zeOVd&LIgZI-nE#X^f92~d+Mr_^xJM;iRX45#gb_e_~ONB254*8??o?bJ+Ulqy)=OVGcOaqg?ML_T*8~Y22>M#P z3rA4{E4```x903ogi_R7tsrZayw;UEp^7XzlryoY#gg=C*%<_Jf2Z$acVjhf9n%_K zt`35f*QQbfL@pxb*VW;q$>Pk8R0C7Z-PHOK0qE^{tpobKojnVZG9MnVU0{xM#oH!MMA8tYSSvqA}r+uxakgh@Rg znj!#y3{T2@O9V(mR`M$h_)|{~RslWC=_pChaj+;hqVOFFu8=%u*#d5%}l|26-^%f{p3;yGpduis7P<5BXBG zN}qmv_AEj}86FrvS@SrxWk?avqRj>pg^9a-aLH_p`n7<#7-d3QPn=W6@JdKx=3Np% zwlJW>cPE_hLJ1(015I~YxN`(ba}Z&vSX;CzFPwg-@N7~xH!V%XI8`cXVPgZXOm_`Q zA+g~R4RdAUmQ0rjVYQV<%>_sl+P0!Keo3u|$iq$u1QZb~RaKE6Ks7+_*_)5-WsdkM zwSFRx;QgrVG@@9Lv$)*Nxw%-EvIN6hN{W)$M>>V%`KQqIm8#?~t@5O#!;rsYmP#CT z=j-_9>={Ic>Tq8t!SQZssc7+fByI}+5Iqj3&NercT1m6Wm{UNFbr+PUIr}g5+)~VMp4~=ar}NU{0aSbCOah2WNU^ z74F=q#o4y6t{#W1jTozQa6O8}dTjrG=PgjLpDe-jputZ6gd7A1 z>KbsM-sA+jT#Ql!{<^C?#uRK_YZ%>yia?(kB zJ!v!Iz8Iz6K^*WOvuC@6ynlW645GsHxM!TQKhcK@MGyyc_ui=j$$;+(z9^aq$$q6duwa)!r{XT%hmi%8RDUrH|-pm&3HN?!KF&f zS7%ORScD(`Jhn9tUmEMfQ>T!+ugEPp$kd&7@SvCy{Y{c<$jR)jTTs?Z1?ucNTNJCy zNM4}V!C_zP;ihHEmDubzNsADxO81nOcX7rxl$aXZ`=e znl7<;IVZ`itis&|`xT)U>bp1ORSRj&boiu#Y-)h5 zDLja86CGbjIrot}1LXiA>zxh)mJD&kS;@m#jMJKilli3Xh=3qqBL`18}JFfK9xw~tlExzT!w z&eukd$7REn=>yU^(-Nt)&fsM^+fnePYw}x9oL3HZH8WzB#<2gLEtq`g4 z@p$e;F?N4Er|114jNQ+S+mfG$fO~oxAP>BB46lB28i`R+Vp$${ZGT-Io-8WDEfb@0 z{}k zBhJvC(k-ov9BT9e+;NlkKr(O8ApGAVrMTt}BnnZhq6+u#J)kH)E$0SmE+fx2B(M8Z z368I1xvdFT40EK;ZmFt3otcYafVO)SCB7kT^G?LaXH^tI#1W*aMKbDmv^+2&=PwL2F@}(qg$#SU-PrBH{36t>$ zne&t8KhtCeT~F7R$Sb{bcV~^jMTuVOi-F|*DP31@U?|_%{UP$)&c9&wTN8Kb47whv z%QF759jI#1PJZ$PC|{pBgO5&L@pf7bx@L!G9if_uw5gXz-#H$YM$B)U2QE#Qd#|$y! zj;?MS5$K0GgCZ0_ARUYjG;tX@Cz1nD?sO!*>h;k1*efj9CM_)fG`9lDbN(06JxC!sH+}0!y6_-q_RzX0OtqE6-7@+`& zTqKk0EbjiUR@`5oGY0{BJ%|%fjVtM5AL2%I2uZ}FMjY&v)rbcsw(1?^SD|uB@>{Kl zJFQHZifczJ>patV<3mC;Z`|@k5vM%-+b2%KLRH~9t#?l%purEQ*wizH=maY-VGUao zE15y3ZDZ>qpxp7)VZ8fo8J?Pzfd7%@Cb%2k6K?W+aWV30-6v4d7&8Y&;DIU1NYYgY z4&bQKs5tybO^vuTW19jb>X(~US%nAp9(0;4=?nkfg1KVdTJo|I7m@A&k$>ec%-Dv% zPEQcGDnG<>OP0j3xK*fPJ?TZK8&W^`p&ZZ8nSm>Y zE3ZIS?}`o`eVwSelWXZ~P5OYArHY<&2ecOs9YStRjRGW}ojrqx3J$t}cL~k|L_UtT|kS_l}%$0g1d1B~6j(mm2wE z=u1y#Uz5#_<>^_@@}lx++NpG9T1$!4`}Y(eV|lVduaLwhIY1;XL}40q#~~$I(Ol^* zx`fw3^Vq*iID?a4BL}zP7CGO1M zrwCpDeNGOZoF0##k8XAJQDKV9GPida9QAf9QZ{E{?eqjiU1RkDKV>)J>7rtM@xnCB zjdQ(sq$dEOo}*U*A}!{(j~3#q^h&(FU=EU_lvT#%3#OuImt;7~2DfES92)44ZL*5! za**8^6N42k=2rUq_h--IgA*qdAR#e@F2IrQzxcH56uvm#3M5iupG=tHESn>7i;89o zF3;L7hRhR3dvNbwu_Wh@W#f2M1})7K&1563)8pZuL%wv zMk;&y#pyDPZt-8pjRkV2p=SMGo1P2a^K6z#wJ{my+d(WU?F z2+4FRe_`nr6?pU5F$GAd-{Pn!{Heu>sa87WnSpe<&W;ty;#~5mTe*m{`oJMvK5``F zg&HJtD?R^X@**(=g*?Y&f`i37$*CB$6guBzu;I@;9hcoM z3U_SZCvq)$5j*+2q<8q>fjxNso=Ld+C#}~&^d=y@l7pxhb=7?buzqK?W@@awZ+l`F zy}+N18G&aLl(*4pJx5AADerRmnfl2y-)OvtV<+Q=nDNN2til8P4mw4xKNaL-*NPMn zXSixxju^v5Vh-h;lcFyVUL>7kP@n;IW*Z_y^=Pzkym;p%R2^x64jhe90eJe~Cs1#* zAw;jo*ujBlXtd+5X%ld9#4s$~nk|k`c^{N)MkPh%ehYVrRv(@`f!~fBEh_ocNcpFf zS4r$7rTzJt({YKc7BJD^*W<_HiV=>qU?(dj3h1hfPa%at2Iv}J}N=`w!6OnWd%A9|9{(R9>O+F1$*yW-Q9ai%F+?baSx=vYO zz-P}+!~9_ZFdl3`(AXe^#5$^=)MQmdunLG;?ug%NJYqs)Nh3n0h62L_aO$iXWtp}3 z<=Z6)2{6Fi%*DG+wpCVRS4};ZL`8|&coa5HoRu7mlw?L0G`icIOydPDH%5^a?CFFV zPMv@h{g-AZ-~yS^g!WDxV6g0BPl;>DX(YW1>ffFceq&xP^ak{ZC)`sIwAIh60U|9t z{;C|DIA_MUNsCmT9@$s12Qi?|^ zjF!GE$yts^t{YI4Eq!UFFQ?p#e$So)WG_z!6+^pjm&39~2ZkGfBWvSeYp@|~dKdym z2EtlvMO{uU{GT1zQz)_Arowa)lohuyRsUO z?JpFggNcI>$A}E@L%qd@qff?RP@===(0J5@#$$~lI0z(yML>0W74$)R3`%nJA%NJ; zb_}_|A&=MYs)eo2DuRJPVJtMle5wgS(ZL9r?8s)U-Bp8vA``Cv@D%LLz~*I+s}SU7 zV7W7pENXX8nT$D+4rQ1)-)nPbAgLwKWlKc`ZqD7K;H-P=>hN??5rzc#W4r1K1sacZ zFR~D7wLQEVZyhW}?uT9$k{rYT}fCO$j{oO(b!P6w=~v=Yt(>gymeb zC>{lk3xciQhT5Gq(D~~yc&Q_BfdE24A(4t17;3gv!`^7ekP96EasIwy2$;U*cat3v zb0gt5*iYmx#AOT-eu!KUi5pw|OBD4>hn5_d@1Hy_=65U{JP7X|KY^!~;s+E9C9Cs9W7CVDKO_<# z&Y$O;ip-%TE~xK4e0g>PE*mi%pPV{_NA|UP+i47{X}c(Du;>~8_Aiq$=W>U5WT~{E zKEDozPy-?tI}RY}81^PR!e@rVe^>zOa%*9&v5JSA4tdS?8rY3C47q41xSgYFb0u^E zIt)&UasrI$7@}4T5i6S2@2-QT%HkZ4=BV0IiQoV0G>%qTaNU?_ym;uas8f-z3 zPKyX(p$Hrk z1k)iSnvORiaBL7lV?&)HQ`odH1dIwq?T#8zPazIsH`zqM_zm(y#Jor}l{Uh3*dzjr z0A{VWpf0aYA)=88N1`0*E7ox#nDDb5*tQ}WjW#=ev2B+#bCAIC?t(eatU;pBA16$} zvY`&nMa8K}7gOtO z)7Km6CZwYb3l6}Bq$P@*lW1=b?K_CiPMr|}q%NyThy0<~$+$7bQQ$4FrWU{6K`~zA zap?$$vyA%OGi4%fpBMwlARy7qn3W7`l?8RX>qJqBL?A=BK@_p-_tcC3j$Akh)@m#2 z@@hdME$JprC!1g@G9ox87{QZ5oB$yu-CAWueL)=pM+G8uT9}htgvN&Ad)DLh^}CnSpAdteXDHhZ7A2fZ`ro47VBduui)cHiGxgUODOmuy2!cnH=fwx-ZZ z`_vMA}P5&KAopJFORK-5@8D-(TqBt_aU z(og)dlkbBLKm8UsCQ#H%3}FUDE*d0Sq)6^1rJY2jrV~vFYbly0D&sBvj73J6Pc|WV zVhDmK1f%(^84ddzoZ=X*$#|dv<}+qdhaofZ;GgV3gug+|W&gj^C$Va8u~SSW?>SlE zNE{m)5FqZUz*vXtx98)5xG9(vtkflL$*h z4!EVlB7%xoy$Gt9U{SxR$*dNYcv9X;Stss7O|ouDoQ!@GeJCwDreyu2ii_kVl=e#h zm2*x~!Y>*=9KRW>%=4gh*Wf@sioaTbpn$&P%joRUGVZHC%}zg`us32sq(g@2$L(B= z6%(%5f$4)I@Wn!<&ECmP$d<2jy!Z{}<#?yG)Om2;JXVTlijRoDRe!NiRD`KXiZKC# z#40ksI+f)XCm?;v>A;i1O?@O#5Z55zhUn`^94z)BAdwlE6mYU=5eNuyq+>+PjS#sL zjV~$s^#%2?R5Uw%Ba&W2Yjbios^EXvBr5vRX+^kl%qUzvdaO%Qlcm{bVYGE zN|=fY^TW3P%*Mz*Y|!cG@vhrdyN{h%6Sr>giXj(w^x?kR|4fAiQ+}}%bA}AUN3xn* zlEO;+Qk!{yGj25Qo;(p(?A(rB_c^KuO8yP{x9N}xO~)HW9|r+|6lBsZNO6~R0!hE1 zFFJ`thSu(5`6cM z>4@z|da9>qw|YzEdRCem_g>TmQP&dj22wjw){OXH?!v-hgYo{{*1}}h?94?@b*&zVu|aC2*1HmYj%m zn8Rjv(zoPtRPhZ264H{#jiLwN0xDYz)n^~R|4p>tn*w#Cu=90BCskVzrW5j!5p zE$3hZmfu`}6(fh?jad!_mQr;o?}OU$HE{?W8;Fp}4vs-$PHj$&_+Ndf9%0kNLENK( zbb>02$SJ~RISx7zo5U#+lgL>p>MsJsenj`Cl1A~%4jmK4GIBOjKT^mE1f;|hry}k_ z{emZiIQ=OEJV|$vfM_{q5y3&+MC3Np!$k2)-6mhL3y)7sKoe|uqPP$h#%9zzuI3x? zjoyjri0M9dJT?AT{v-T8lFW$%oibmiSK^vS3vtQl5%~Lz>7c9G@>fj~W2UH)s6rfo z#2;#8ks^m69l(&dP|;#UiZdzRbU4YJOQv6L<02QKLr!0H@$esS68jU^V17&tOA$dc z&H;?T(LpeuZW8Ar2c*bdW`v92Az)I_BU!qLYf&&`#O!c1ms`Z&smVn^ckea&lAWTb z{oJPRFT~cD&K8-~EoIiLSxIW#B15olyA*ZWmp0LzYkmE*Gr0eSqv8}~(j`AbbD7z3 zT@#@2IY?n3^mlU7QDg!s&vuht6rJesN?(8CET$tSk;4!eND()L7+^EnL{W@DKzav( zPU;glG7#poW|2eDzv+333fB2C5lA{ehjD;_LdF7WAyYySG=5-91?O`<$Vg&q6c)2% zk4zt~^RtzaX_2fjzNVzWKfgGOKmKB*_(wX#B+ihxn;LPAfYE_sTovgA#5t&u9zcha zKtkaj#6^f}(4i;JLC!<^JNZILryw1HtXHIj+vvaH25}BupiblzBvz45LExhVDsuh> zj0kjsfw&5dP2-XnNBRn_!Ph!R0Vx$huo^~)f@x`LET=EfKvmQ`N=Eu>lZ+~fU81*I z7Fxos926lMitl`dzeC^->L~j?&Rv`%977(P>4FV5E}NxShe#K?|fL9B*B?x2;Pp zc9HceVornz3KE}4^dVqS*a$WM5dk7dh(p+$1kn^Ma-tRx&;ch-LyZ7IAd&t?A1``w z5|nKpUp@OcH zcwoYs;%6Kp)~eV`7{iaG?2&2G*E&yuhJ6iaE^oDV>4Nm&&4LI7U64);50QW&iBaNg zGEUKo7#a8QV<6o|&Sm7`E}dVo?@2iYq{0}Sl&zjI%*-w2WRfHch_9U= z1;{cbTDuw?9D@$O2!>|Csc%SnhbA!O)5}Gy7F~rnjcBRzeaz19MQJ=Og$xBU|KTH6 z?>*;qua>69mgoX?(Swt_^(KTa-;g&Cs201#$_@?{!_mmQEfcZY+)E2kNZcZD_$*c3 z^X98F#bD6V=(Hm7&KxH|N>)w%FJtU#%0KWCziWvv*0(Beb}HMQ9o=uRKf_)Z`CP=V4sMoAx?v>#4y>T- z4pQm-x=T4T9Q>Y`wBi>P06DR8%6vhm+a(ngIKQcUPrIW4#b1d|#ugulCzPUqM#}H- zweF>WSh%mz4xJz@829+090fq=|By$W{!94_VsxpmbsGgd6}u>mg+khWt$QgTPhlVr zx-^@DVV9=HeF5;FQw=97C*y0~O96_vBCCnh+9jWk^2uj73e5Rh_ftSB>&iL%DrQaL z&ou#Zd{yk7oZ)3MBT5yaXyzrfXdw!x5lb(D5hdp;Ts7?SyG%$|4 z#;+-QMH3(;tEa>=t}CP;rD}gYx5R-v6UA*&q7?xozm#Kkw1crrl}`pPWqM}kl=(?1 z&|p^!>%Qd;+>xd7K%P*5!c!=zjdDbMt?MWtRo!nH z@ww=XD?7hK|lakq$nPbd+lD`^(=02bRaA6^Uox zt%yZGl%~d>1TcpFO*NV*K+e~?jsi}xN-IE7YnqmR6u&iSiI0nP)tjK$xatf?RZ0M- zqSK1Ts>jy!%a)|ZzQlmLsIydgysH-F8^>{XNW=bmF*?`NMnxS$V|}T#p3=*ce$EoD zj-ct6W73NL>=8hYt&C6B=>)Ofjabo-E~kt!)c^nuu}MThRBZ9JE~Nn7|3TFkDd)Vs zCKjWcNo9rl=0!*C?XS0fr^0)b&P+`ZbSV=aKbYweK&Vq`YHT?G@d1eqcJjgpsfu`S zZKS`>OR2Jr$4szRTAlgr^1V`sJk`+hr66?u2~ZhG&PAsc4cD5*ZRlI+>Zy-`v&Tg) z;&U8!{Tq^vNMA83;y~%U0R)&~0nm*M6di@c!F{dkDIhrp#gQ3b8NIsriH-r}v8gf8 zvt!ajbPok_5?||H3h49eAWR4bkMPC9br+@Ox`#N2oll5%EEN`T)|caZiBr zN2M{yK2OE2eeL`xpwFy=-}mJJl?Nh+Rj2{Nm_Sicr|KuRnS3z1!ZL>y1w0t0{Bp$hBkgsTRCtsfYF~jx$$^Iy zqL!~*sV8)9w+~sdEPtMefX9nrpAi8*$Pe~85wQCzUA9X*cOA5HZaDB%Oj^;yo(|d} zfRv<0M=}JKQe`0d1it)rPs#1Rp9qi}$0OkH$6${S2Mi3hlqerSI!RhZp1E@jR%WCb_gJ%F0yLsU%=SkItXH70Sa6?}utUT&78zka+2ryJgYN3_X$L><&|q3+e>@#P5$P*?$X6=UQwl2k`M*{I zR@&$Uh$v#+KhXz}4v>?8K>$%Vb+yC}4B7cw;m6m+PvdrBzt&{F8*@AI3LJfX0O>f* zv1l{!Uj~_hHnHf4IVo4K~u8La;#@DDPW_~(E&W{u?zV|iHDBuH#XLQo) zMfW$>=F~cG4VL#2I9oMgO`(_>+nIJ=0HFy>Q)8)2{5m zMp`|nG7MElq;zGCmK&W`G{18rJDxi4(|clNe6r9|0Y$wKx)CX2t}is+lNaOzh$mEX z?NgUm=eQ1Aqv-@)$~cWmB^{aRyaD3iB2(7@Y^B!3bkQW;p6hFEQ@{t1j-QZ*y)9SU zX+Fvyk4`II)$vi4Pjm@DXvmV(*j)_JWM_e+0>z8&ea$@ud;sa#>7ZMLDaS)o>;iIP z(u%qykgdxAax8V~3?0}WciZ%Z$NM-)#~|Row^sPNyte>8b3$72-maLh%K$=)IhGoG zvkrK}JxF{vS9Qfp8^~j*i!P{XApo~bNGp1?t7z1v0BI4m-eADZZb9OU{_U!FH{ix; zuOdDN-i%2rx}_@#)8znZ0m*g-EONI{su)ODjQN_60-jPpy!5oJ&Ghjd(P>4CJsr=} ze%%6)Gpnb>HVe8Pj48w7<%{wk;t%q;`F#KG=~Nh^G@yC~PK0HH-| z6?@RyOxW}=1dI&qu6_E(?L!o3K5It9{<$1LB#*xRFIVmQsR6EY3i|Ns00HJm7Pn|Y6l-t*P0ut))yZWt*-?kSH z*O9y8!I5WV`irNh9jNZ9t@J2BXj8`?nLb=+uzlw#NQjG&0#EgTeXajcfa>IuB2L`H zqsEaZ*bG1Mq+F;+<9XPr#{tqAkWki2$dph7jdNTJ;A?%G0!=5HU^--U-tyG$Zh8qE zw60zONN2fOZd+7k02U*wA>`1dFF!gZ9u1VwIe9y#^3kL`iCN zAVa`so>;f!i}sm=z3}w6vn0>WxAKAb_v54NSFv{P@aRrz^eRB4jd|)PkrRRnLXZ+q z8H>K=y%cCJZw7&b3M+K1^^BjRy)}6SKxmPkdfe3;qM%3OC=}P_Yu-Zvik~72RhvPE z?w8x`9&%49dZl%kPeU_C`CJN*iH5-8nZ!cgI$B zbkAM|5D_F41q}8s+6a|zYm-#|G-!N~uaI^}Pr`Zj7n#@mk(Cgnu8%bB~ZCC`#*dSl=y7mZlp1+fBL7>p8hwJIk9M}=S zgg=a0eTc3c_p0WV0FfwEk{a7)`mQIGqzGXu7~u=2_k>!W_n~lfy7!MFZ_lT7N1E*U ztVjK3EPl@3-$Pa;|1AQU&o)XMWKLP~l7uK4#lbAf2rmG7qcrs^4`*=M- z93YuGgMq!}uI^SxHmwWLi69B2yUBfbk9$NqyU_;o*=CVj2+e{=&$QKv134W0rmiZ@ zbKVPTV}L#Z5NZ8wRdDPKk%+5M0g1rTLA@AL(3zF@z%v{$pKcNhC3FS1XkBsFR6Ohf z3W!tmDS*&|TWSG6uT?Pne2C^h)L*>Pn*KXb10yMb&{AOmU7bw-?c$cJ6Lj~UZ>`)e zUQ@fn^*Mk@J36*1ZlzA+>V_G>=!G2=g7ex~H_qZ>LkD`cLijT5ZpTAzANnXxY zMW4qN1RlJyZtK!#0YVfxzA}EA!1!9m_|LkFLb^a5s7gJFV`K^I>yAirr*KDm#@JWTu}8fGfu-Stj8GH#y+h_un;sqw$!;H%Xai*|$%p7tdrpTb)F zA`CEu8$?ClTSYPwnMlF5)!SgLvx((%xmC7kk6yP+T!t?&${I^!) zHUZoYPysdiw_xMo76F2li=04cw)X}IG}p?2rv#Xvj!7%6^#;0k)f)O8K%CrUZQMv$ z_`?wnid_W+T0dido@0sb}mTe-k)12DBeztnErTQLWFJvz$zT5o3gb>seAh8{2g zk?;IO>eMSa)7`*%_nC)#@+EfnTx70gTzGq2TJhK2J(stQKOh0()Keat8Uuswx8VFv z0K>fP<@EA;&Vlh)V8aK|PZXE*@>+Ur`T-3PIn|G?j8A4d;g<}!3c#3Ndn3I&@hJ{` z&IR446VCJc0Y?P zUR{z8AnlN!vKyIBf1v<&L3f6<^z12MUoy@&3p!y#j2C9{^(-ygp3Mi44!(^OE2qr2 z>sTT<7BR*a0*LP55Ix7tojI^8w^M-(K138N-?c%WMul zL$71g1kU0Zc$Zva-_fOUuw6RF3+)0wz`*tf>HPCYtloRBqvQDcw^G0dkZw8+8%#a*#}qTLIu2e9uu6cFbM6d-?vwz2f?M?^Jzdnf eo5<#M!~Q>(Rk2*PwoQcq00000t!g45s)IiN)x4nQUnA90jWVCNEM_> zml6c&y@&qgeeeD5ANP+lJI|TfnSIWlnfc9boE}o0jF^cS0059_JXSHlkMsDa4{`@j zU9tbf@dMDuKpg?78e-W10GJ##RFsVTpYG&A-?JDu_ug6$+C8_n&#Kzp)X+0Z%FhqY zr%vI4|DJfqaC$<qfItfSV=>86tGEKDjG=sm=4;6GTo_eb5&?G6>%6&vGN# zs>iCGx|t2_+V~MamV;n+l>>R0F%hJGaa#U!8r>P=a&OQi^Pd8rGMbu8?$VQ9xYO;k z+b$k{FMCm*DQFnPn^H$?O|Xu-Q<5P#7-^9;Z$a#^l)N&e?`CNgB`k)$p{{rIBdBu| z;$Xy8sx`@H{Qg*>s=jKX&XKiqPTEpDri9XbNqqfHJa~EZiTvY`iaUvqOD1*JQ%(L7 zkzO=gzlR*N`D_r&XpF z@r#z+rtmTxsP1Fli z^{X`*=nB3Q<|x)8J%Q}~04-O8Z6UMI`X_^*_gYh6NE15C+jh3IeoleL&h*XBM+i@D zlR8B$dm;^w_*)0m+jK-E52~ho1x`*D05-`Swv_vPuUq!?E+hZNC`}$HTWpLl`mOq^ zxNKPi63&WdY9(TkHHI}a_K9gqT-32I;xC=Lo-U^T%`cp3V60eK(!MV>L7q2p1j8uE z(NZhF$$gP?K}a?3mYLcU{(%b;6e5hq;*=Z-*#d~$A!O^*A{Huri1p)Ub%rK zNjq+Bf5YO2&>7R-N9j?{LJM@((|xmX!bx;03vtS!*83q*4JdL*#0 zj9$BYY<&8WpyK!MsgaZ?n@f*yH#1yX%sVIHr>}X4s5kqTSib9eg6n~~sNg|KCgU(o z!I;!Zud!9%{a~Ke*;ywcp@*WLkKZfaae*CC9B$y~1pFC?BG3ija)|)jMdZ>Kr6mR5 z0?oIDU&^cQaW_{t!CDpwX@X<|9!7ZdiA^E5)CHDbuyRqO`%QWX>yWdqEoHS%i829; zIfw;ykXN^?rCrViZMS@74Oc;hyZumu&h_uj5~-dqc9SyMK#v%bJ=nPSXw5cirI1N{ zNN;y#Wkf1=J>F8_G@?Aa;z%P-`>!@9+Hyh)667|N5Ta`p5-+P|9_3PgHE0>jdXOvh zJYdbRMc*SEjNTF`)|h?Z}^TL$(zshn*h_|?n`3z+PzoY=jRe*Nq;IPzUQ z?1XKlb<)Oj>h_7a!+ELVOM=*>3MJn6W!Y+m#%+tm?(6RTiM{B_QlQuKXk+D zht#gq5UvGdlbfgQA%>?*UFHLg)Hyv3)qL-2t%FRYP;6b1D|2x83!PUG5AU$PonOV& zA&{?j`)Sl90c|S9sg0e%{5a>=M)^? zB_#OVg}gkG;RX)7?5bZ1?PMOKL%75B4HQw=EmkG|yi|gh%_A4-J(v5^9-CNlhmCN3 z9fvm=u%oPw&qO8Wpd(T_)<#gpVv(m+Q7&uX2=H0J{#y1Fwtz%iNxQc1uT=J=^Ugt1 zezQlCw>S{zN~ibTMRN0sc$x!-D;Bx4La;xcCqMa9Q+a60KSfmFuKaL1#g@(kgu^YG z$cV1=Az5G#dgVI1MSCt1X)i(KGFt60QM)7l*B{8_8(U6CHvq6onUZn)eoIdZ|gaKdqj!v(#BDD0sy=ib-4rx;t;r1RN@4 zPw64fnqLhkU)#);T#6s5fOww`K5`}!wUu}`xPKN#)4M=gXzH*KAL~nukb~=BlSiIo zfH-@{V*?lV_U|*yU)!(7f3`&35d6a+rli^#n8)JF0J@d$u(pJ_D=H^@sHmUvSUP56 zwIM0+cEOZl;croX>jfM7(+WzwKso&G@$b0T0I(w1QP|6g%B}7oc>dC(hBK7uCYYHkz01PJpO(YGj94UBp~tzCc3osBCpaCp z-cNybYu)_V>wekB{-K)v9fCP|dIy!6WXrCpO9vNuHQSZziE|Quj5q?SG4e3p{MX) zWCuR+t3kYvr);T5@^`Rq4cA_E*;{1un1|ZpMbJKMR464bGgRx(LX^>LCzlwb6iSV^ zk@53H%e7}~o)YJl2)K~9I$Y8XdsWv^I`zU1H!`syQd3kSbP|Pe1|2_hff9X}RWM;m z>f=N3i3qO5aeF8j1dOkGQ-E^U8qa&-_ljR&Y>(f@# zc;J~XrN>7|-b@7e1kCR_R?TdrW?gCX?wkf}X!bruz>Dx=W=bDKJ~@7(@nYF>ucc>wkmX=b$tS2uWP6Y?Ib^}JH6zto|@F(s~-7xP~mOa6@$G=_Gq%Fy&A zm0nxYV|Uw=qctgdu6@n1$)p3X7%`=E2b0SA?3LF_g`90&YOK_b)_U?r#rstI&O_sV z`6@kLv6P0PPIrWa9@Un*-=>0|b|DC;MDNlLhYpykEl~S>%}Yu?@s-{C;Ao-d99!MD z@Nc3lQ@&ZmfZgD`Ewl@EZYAm5%)IDU=<3aqi0um0JpRzBA_^Oa5N2SA3=t?uf!YK3y*6b4OYkoB1#r$X8aZzTsSHAGMg zJ0YCSBEXi+4|^jmoCF+EIjL~*t=z7JEiR`8606?=Z5@l1oTB@=ZkuxIdZwDhK!$Xm zhoKS5>SEPnbb$2&dLjWu0!2`=L9G&0<@BUCY(({_C-vcHT9HXG z4Vl=4uYXq-YiDq_T~wMKUs?EfPdUR|8Or_TM>5ptH1Sc;--r7j+{Gf!4ppmzsGwHo zU+nDQVA6qu*Um>~@Wajl@@>?@!Ge=DDgK|o z&`4yfB$YZD5{{T!Bzdq?rVdAxE@a0R-QnXXcw-Zms67NQpUlnZ+g8+2(S_lxe(y_V zE(nKx^f5TFr<$&4Nv%;Gx+}zPOWeFm?vlfovAZWU`mQ_cLNhHJ@3o0($K)nQxQ+z4 zt?w|ym$`n{wfk%~0c*ONTf#8;L1^3L84EoBTK$4tBy548L#{XwDNNU*Oejr_PBH1| zlP!(#GOk~NG)4CwTiLOv2349Ts%5^APhr*-?6K@v+%s9AP|(C|e;$6AHe%f7O*fc{ z+7irpFU90X5pjiM9K*(K6k5uj&cq9J*zl{(A(=jSN6P5MR8@If;f&p*Ns3M%HI`;!8YDvx^IBU0{{JL(~ zP&&}OOX5gL5@9#5_YU67iAgk%#zLqHvKbwp(wAR1i~8wE5zDz zIq$b_53wV8cAkOsO^YZprj_t`vGyh+bKGcc&Y8#J^M+= z>J}<)vrI;X*6J9`h`!~we5?|-C%yHD`MZv1TEoBx-U319iFJY^QdXLhHN!-&OOa0R zLg`oro2Ry=%Q=Z{zv~lIMkabZ`nK;Y6a9D~H^D$}$VtKqm>vJwTiR7^@E>RDOtQWq z&q`_5E~k-p2KWsbdAQl3LMbL6 z_A775`#Vjs@B!ABG5#=WO`Ic9Q3df(wn$SQd?8sKX^dkFdu?3CZ{71yZ#^~Lhn^q? z_oEnr&rngAeg-zj^#tv|{*?1Z(a9Xqxo$ZZ#Y&KvN++{!EFcIm{Sx@4PA51bf2)6Q zBZxbp|SE zc6kw)rYZbSQCvqIQXCj?^|O}mzP#wDF;3A5rHZ@zvtiIod>#FtZ_l@De)?onFzPiu z!`G;%84dB9le&tW+Zmd6c}1~a63JbmFC!XAe0bu$z>6K*!1eK%s9=#Gn1>yaUe)Dv-}99_bb16XWUVVJBpJrWQtG7bUlVw~5N9Sc}mS%W-f0Zy?%hfM-(7s}LfQ@_tTQ}FJ z@Fa^UZ|e3s8Hzo}Sjw{D$OQ{3UMEhXSP88e=3_Cr%|VW?ijw zePk=apyUBBdQIl)*?~|H>|Wv8PQtm_%0Ky0WowuBq63Fuco}!z?!AGFvK>zyAykq1 zB(fu1s}rmV7g7<<>ANe!vFf8NdU(&}xnjo01~=hI^Ax<+tF2eV9(8}Gb#CcWtm$0Wanwzf@)wX~o~l%+??nVY0=^64S3RbN@J)|B zOFl0&CE|>8J)nHnHsDbKzVa9vPd>HqlTd)pJ4OcK0x!Q8=b)eCkv!&$M$)=$;(F?? zlUr0aYSYuZa9|;$?(QBUM#MC#^R-5^lsD8WRu>bw!cqoQH@Wym$7{ZQjTHG9KhIid zwW6tmUQ6?8ZCw`O?g^Q++2wc0&C%U@8>DWsFg8)`U9WwzP%5gQE%}EmL4@LLkYq2t zhqO)0XTE!$6)J){WZ+1t&W(^n5W#ebK7YUbNp&4&`SfvX#VTqzw~13Tvvy2XBP8Ef z{v9?=lJidMva`_MgIUKGKhdlU+Uk<;Q8yMyg21p*@}<+8TkryJp}PYrLaX_%PRmOt z%@E@>2X0jPmq?r=6NnmJ^2FK6hz>+8YixoDk{|;@t;QbIOOz7>p?Ly=_Y||ELnEu4 z(#@HSqwpm+Esc_0M;TvoCA5SR%MtjJ+pig$Tyl@2z$LplUCkKJ7~1o6sgF^nj7Sa| zXcd*?nX+2yr6MQDJY)0(dN3*h=0@p!8~^=T0MGpY%ZW>XMM2IYH%mv8 zjVb6#Xe;DE*Xr7$F@aN-P^)#kmfjbnR+%7=3o#32yvTv61(&h>7V^b_kH z|69=~tc`ZF4i7YT{AA^tDse5cJ(FIDV+pZG{lBzAe@FPrItgwWC#WhfekU?dv`WaF z6qoAxRWcC70PMd;C15Dle&H4*HrUvv8q0CE5_RR}XljfF#{;6}%5qvegCa@>qI|bS z>o*rVqdN_Za=G$F(JS(#ixrzWcViIwuc4G}{w(CB3MFl;V_}l5SQEvxRzA(4#vMhOkKNtjca{J|F?wL#v}Bj>e7yW9B#R__qA# zn9`N#nKopc23YvYS70&(Xy00(VOBl84g$ukgNRoy=ux~yREw07KWa1d71m{Z4Xh8jxHt$dSb9%VA7?~td z3wE6XzX;bo?PY1W5O5{X_V3r{Nz>OwPXq-~1Ra-TaJ~fI`yuq8!N;MGwN?z=?5z$& zA;t{cAO5H z(~ix&)-NJ5gpj-rdv8V$G~<7o-5U`FL*~unO7M_UKvCms`N&E8_%B*NTkjBLzK0a) zV<#1S=!9nN^_4Ee1{h?wQ_7VeewOkKukx!NJ)Ou-d4|;$DI;(D`$zl$vUf=$oxeQ(xluMbB(yh zF`<=4|Al`b&=X)?4`z)H&3hlp#~TSh2d9U5W?0M3qU{Nw^M6!RN#4k{@SN#|`$8~* z>Da~uT2KMCe`M_4X3Ww*UN;H_>8y+JayI|h3KZn z>ZLX^^AA?&=%uCgXlvY}cnDh(-wC!Js*ah=9aNsZ@xmj+^chsk^i@h4xO_xN5FUBz zde-f0QTs?*qQ}jgjYY#TBSB=mZN4_w?9oWPpEF5IAXr#q*98i~*n#&|;vlzMyv%0N!}-Sao7qX?Wtr1zpn-#z6K!)za~k-FG)#uNpA3rou!8X5U*{Ed}If~ znw~E)(MSTRTYK)RN&uQsC7kZmG+wet7C=r$?8ce#iWCrTyO? zM7Bo%OfVn|bRN1Z`gtdY-;o!HCq7)aqpD!-iiUXeA9#f*uADvT%S!#kavSQY40hQ- z;r#NLx`M%Fv-WO4G3CtL!QmRyZ$zPZm$LOhjcn-lPuv?>3k%R#vXZi#cV=VQyK>E8_Xv{bsPLb)jLv*kxgJjbTHTrT4W9uGIKfR0K|A zl+#Ur>%*A*V1*eQMee2lhP}pQ8(vS2J?}`3M=gd6Ds}-6oI=maV&{}oz)E9>W!=G+ zww7pRVx3dd(|)C}I6iv0;mft1i>_`@<76U==F39%Q_;e)E#nvrGcv1+#YePW7e)9l zJVHL?m$!Z&#-xJGHKl@;7DLqZ_>d{BXK*}WZ6|j=Isa3IzRXRx^JXa8CDbd?6Gfam z(nb685IF;8^3%SS6P+11ZAphIkbY)CNa^D85M1_1n0PK!a3-SrNBG6ByE9))SAt6_ zA{eJ{2xK~>$Si)Sp+(xRdE6s__yh*PNdjvyQG%-%d~M?Y@ND|sLvE?@TX^n*C9fiy zVoWS&b3aoH4o2#Yums1(&v2LfRucsuqPd>!LW|RH(}5ESL7Y)TPS|?CLtsFR;7Yum zm+{;VV0han7XNWz%zV!4gt$$#5sr=&lXRK4*RZm5-N^riekMj%`kKt8sgYT#+7DK9 z`aY!QY1eG@uGhjSV@#y)-$m|j`;@z7eY%%BJG+vetl}AfYc2;1zR$Mh9_I>vAm`GK zv8f$AeL&Om5DZ5biKrtHe;;9Kv-C+Bw0^`@kY zegm!!Br3Y?nJG?lT3WZy4z{}!R@j~~$&hW+@8DnL5#tG05`9<4Z_!0FrIR(5x)Z?` zoD=F}bsJsp#Em;`oY;5Uiap@@>mvIHCn36e{714;a1}lZYyHiKwOZV}6rZT>4?qz! z?ugcnD-*#@`){LhgKeruvxSF+^vd#mY>ey5rhKm~P`d4AdCHYca2- zNj$aUeUXvKIuM;vaRJbThdRSQqHwBONuV?liYQdc04Ywtkbu5)J2*~90SgVX+YM-L zy$(v779*gDG#j|oy?%fMv}sTvJwZ?`nFq%u1(=dR>j*&83aN^P7oq+kL(Bu;5vxd{@R4vksiw1?wKCFoS`V@`}4Af2q<6M9TOk^$& z-l+F~nLj%lbSG!226K)j<7S??dhcW67InAvOP%az5l7R&h)Y$YWXX!i>EDXrDOzRM zTDXV40l*IOwk}kJ9Ed00FE{gn!u{UB{Asn4T`@T7nr|cxnD|^ZaU@Cuig)&w9oZoT zr9QJ(*=ryLO?{jDPCFe!I()JyUFi;l)H>A}tRy*Fw9B2^Qym~!p2)9SPO@W4t~!&g zdy@W*{kc7qSb^M-oO~H8Y|X3uruPr(G(Kx}%1FrWvGvIG2cPLCuPbX=sFT*edo-+%k({kQ>5%IuG-utCrLpnCq0T#T8AcY8(tJ%^lO(>jF+(OE#J^`iDf7_s5-6nzEaU8d+Wx4EkKEcnYw40cMeDc zXBZ|5v>XVjq@?H6X8@$sb)mu!Ng$PD7EhIo;p|G;&KA50+!oAwV*bpcITaiYPE19I|o=X294WL`7%= z1FHh=C@72u6uB>11Pp@^MFBws1e9eZxPZtoEHG_t?H{mJQ?*<5UcdLfSHJJ;-|wqm z)w{4q=%J~$NezM^O+Jt7O|J4U6In}sWqu|3#zyClT#KP2)n3pZO0P?$Z0!c*VDzoZLR0^AQ%l!GpM_WvI*0q+nsi*2&?U~ zzZ(L0SFjiFX)5r>v9=OZ7%h;IyR_(QP6C}*m-DEkGcQ{n{>K9-YjAuQWNVu%XL{W7Cl<$$!uj{M0j9f%nuwX zkbDze_2IUJk*XUUu3RdsG?`v!rTp=3+kkPzy#Pi1o#^S0wKhu=qcJB;&bU;?X8PJD zMKNtb`&)Q%vHW{O;r>u%>DgX|%-&Gp)lrgr=vU?P;fYJ2&+pB0-Acnf<=xbGCrYas zby_ZG{+@lrOm4ZEQIki5YdVX}hp@zo%ZxsX7__c&aBiHbj>z;nD^GBML|%c&9I%Wn%Pw+jsAuzAtw>9{tP=E` zU6TfoK(J>aK^L}bab3K%CFQf=krxh9l7ZZ^Af%L!!k7j;WK+zb;5}jeQA9a+H6^`^Ue}4hGz`qT+s|rkuDhn3?On9CSrn9jW+k^nIGy)Mm*w(u*ry)R1X&iIjn`u)o-+ z->(9sFwgyu%p!**pe6-!_(<2TW-Hv#Ul(rYO~Bia>5j|)a~y_qzb<>{ah7Dy(|eh_ zm)Ocj$2m==DK4|hX}$4=B}C_5t!>EQNWv2%3~ixRbaWimZxJyuf{P8d-(u6wJtuz$ z@cfWtwqMQ4F9C!lDtX+M3ij=po(Z^r-ZPs+hsn}#@Pcn)4CQWrO;4aBcrwhdAT5!E zRJ#7kL18LY8lpp9_k^W>Iu8(CT}F>7dHqwr)}%UyG8nv{+(-_eheq8SNG%@WL+ao~ zM;!}nVT>R^u|DbH-p*KF02xHbysb$mZ(dUpjsNe$S9cRH*y(e}!e!R>CJT!lqoWsq zy;@m$>Q&d%Sr28hgjKRBKILv8E1!9zc)^r68#nDD8_w>XmgV$^g5Ejb166%a`8TpV zjU9K^J*)XAkU#i=LyRxdd90D~SwyNq!=x(A91kM6i3Gc9oNxxkodoUgbQl}Akw9pZ z0ouhR_;X}D%wL;Eg3Jyx9_ug(at|7l(I#$$^>B@+dt!ytTwF%#>2A#nTw;!>PNFrB z?Qiz7(r);r;c1d1@A~ps&&-3WeO$8Wgk>XX5IJ5&6pL1)go%MMofZjpb0b>KM#+x6 zKJ873ouN&wrSXf~OX*u?1l5I4?B{)gjhzC+KT9em`qVEcuGhwa{3!k@rE@NGRnd@t zx=N&&s_8AYSFALyE5$V04dXSt4R$=X+bwYVQR)0};#(w;c4wA-Mr1$2vYtt=bvDx9ANF*^5ffgOpPi+67fRDK;;3y^en&)yHXV#ZJV~kVf_Ynv8`~ z3N&-JWh~rZw92N7&2F@^vhq%n4JJQ&<9(jZateiP9w1-8mn24=aj|@q@S)RtqDMTJlLs%}eo^i`{vd5WY*L%>O!s zA6Mi|=fY?Ul~4}AC|A@NJ;B)Hjxw2*t{|_e#N?aZAJf&@O}`tr7zo8-eOts}V6M=S wsREx;4X)dv0zc2Ued9ppp$A@9{BG&2P*Ou~V-cdF1LP|N;=2jCC7i?fZz)Z+fB*mh literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png new file mode 100644 index 0000000000000000000000000000000000000000..cdcc8838746f71e1d0292869f014e03a1799820f GIT binary patch literal 3942 zcmeHKXH?T$68|S85Kth*AYCIh6u~@cDg**iLPu0Uq({I4QbUoF5S~acDhdYaAk92L z5QNa1KIu=vLPDN&DWVYpX&c|}e%k%IUv~GNbMKrpGxyA#IrE#6U}I$>C?F{S0Dzz= z0dLEtFMeJaFZX@oK+ok8P>`*O5kMc5UH|}Llqnu}KFnn~hn$RDljzO62o4J^NfA_P zcxu8Z*qx06OBl>oU{jWvyphL7@as5?uyPd`%QsGFq6zjb>e0?o0h3l7RX$$3lkj1*%I4w zW<{x*ZyXiIJJqz(1$gbVs?lod5)aCLGVt!T7&JjQ#i+nP`uprn9v(PCYFsP&OP&+RDbSOiJ3j}lK;*95|oJIO4EupDDsrr$$*b| zwTrcouG_-GNfkTM<8)_-reI~+#IMJR{ma(|F0(t4@}2M^>|WzsZp5+Bl?j;r>l8?! z1x@>?S%z3L=3Eh^Qp*@8Yk~bViOmh4&BpIVtc_e!MhX;!&Tj3_derDDYdZ9R1Q6~U z^u<=8d)eyLS!0c_V69`G@%3X(`pNALiTZNcqcQXr$W@m zesev1Fll-H++(YrRGCwSucrhScf*#yx;%n zO=Yv|Kw_BmYSdmI5AXi4rlO)E@h>?Q@g--{J7W2SC3XGTp1E_*LTX1~`2hB8TFvjemTm-o$8wU8F=Eb_3-rq;o0SJI|*4L&U`MfUfec_P|PV!DDG z-<-K}c=>977RI6Bh78rd#z$|ZaY{(J)TwPfE7;6f6KC*Lz}E8j zwoK(P^4L9PJN=cL#?g70SyrI8?E(7KSKMUngiwGLzlhk8#709PLc#v?dkZ{ zJKs8D?Z`aCBTnk;Jv@9u+gexC$6%wJ#0#t46HRh(xvTp(H$rj6i}$b>!;^8oPaW|3C#yba^)@2Ulc5(K`Omv@zlTJ*O+ zSl``!c>WUPOINRCWTw?>w%?(5C^+L6@fn)E-Vp8Hw9e?cbRRvIZKxO$f9#iW(sLYy zQ423YQI&1spsHlNa=cqQ5)Y`#ofVK3mxqe9|4z8at!1V-NcArWt{U!tTJ7>j>V`Mv zt{)G}6gMuBHhV4R;Sku0oGDd;0#_x#0zH)czl9o(A7W1*LZ$!Ow|AgS2J~8!hjg@^ zT`nqz$3f6UvEpy4?b{Z^M~avbEJmnt1$H$ zk+X2nNfIu#isxiBdOm)H0Ez1d1fFCRdf(<+p*5jo41m-+{*xY>h#2ys=g#=Zg(j|+D>Xl76s#OSCLU)Z`rW7ZK z5dWfUb4t%+gN*r^i0UsUTlu6XRsKr&K&|$-DU?4nY`2S!{3RsJsj%6SIFsZvvNq#j zr?39S^Y6HlcJ8;f{nc~Y>~Cjr_Q`Pw@$c|s^R>fopM$yRvUE<*e-N6-x7%v*7rw4I z!JIT(dS4p;lG$WtNqPTM65*5-Cz6VM5g;=!;1}|^2 z`xX(wkG@=?A1ssk(lG?JG+cgByUPl|nj!J48>V{ymHOMfnc!!UZr3y@rPUD=wVwMP(r8^C+ff3ry1F{{iwwDfN0LND zRI;Muw(-eZMt@$ITsNN7iQ)|C5PK3u3v48+Y3t0s716m8k+o-84wP?lL^1Rp0I zhE$_|x5R#ZA(!=wr`bL9@%sogQsC^Vh}YuBPhE46^S*@=6cjuV^n9YUOsDbkO9Z#? zD_zSuVg9p$y01(;&uIPWQ?o%51}fNV(%n~tA3#8 zsEva`0JvjLNKu>^qR33}rA|Qd{qklk9-+^t+gP_FyNbYnjrVgF-N&b>BL;h;=Nljne{5<{dcJSm1h zr}hskU5>b$^89wo9>CFOF+>AVIXHts{tYu*p6Fad6{~ejXJe(Lq^|1?U0>cbkC-;- zuuB)wC^2D21H$6OsvWO@Md+r#wwO!UpO1Nkq{B+4bf;n;P-Xfgp!qI-A&kIV{EW}K zR?VNc$Y40*Xao)8MZR_Y{B~fu$h1=^Yj_wAL&SG>-2iWym5gGWFX@GbmLHT)X@3{g z1hYvG9!O<2QFn`*UVSPgAJH*Ikyhy}(F$FSgnPbuM-0cr;)RG@ffSQgo-um`K(1iZ>i|Wo?+BDm9gQ#eT^WYr}T#z-yjcRFxNFC=c y5y$=Sn~Q-2?$E<)K4kIRq-VuEb^2Eq*apIkCpN~0TRYsv88AI0x$iEP)Px%ib+I4RA@u(n7fMZ*uuR8+h@MMcFE6+H0ZPCQUy zoo)jY13?250|PSy0}}%mObiTUDe0p|*7J5}rXR>kPqdHes_&~`)B8Y}@e601ACkbo zPB0~q67ZZr+CrWK^j@A4@E)OOfs}yf0KJ$0UkMBbgDss-=e74(A{N-l_&Wiu^&$Wq z2Y^dNG#`<{xpYw!eMFpR<~gO*LtAJw0sHz@B0BHfDZ;`M-j-(O1*KH~4*~nc81tB! zx5-U6lu~CRurw|?3H~nuk$A++JEhAa5uI$@G2nt}@S6(Q7q!+a05B&UcZuj|K&INI zs^BLIh{OW`*eBa*Nhx)xcIN;$)`6cYVBai?;yxlC6rN=w+8=Z}1VrK%0GwD~fVh@r*)9*piA$Tp*A|fNbR7{-OZTTll-naYl!yy_ zBLPX`3ILoF=x4*>Fz@wxKYb-!;TsEx!~y_Zl+)??Xf(>Z-R=)p2_JYT0lUZ;bAg#J z3-pUttChFg?e9$`#^DjMpJkaHPNU2D>$KMTEC5`SBwk7q-|BV`0q>kZ38}R{1pqhY z`6~d(iRf#UL@0P~0ohK+nEAFqzme_qWs*cl_#grzahRF!3G`cL-maATyip=Fd@uny zoeluNl0d&h#5~KgPo+c*_@Dx|SWy&v5ph|d-^+IT7z;kQfJp2{#8r{_z|6+}3|w#K zcvMb16r7LIX+@1OJD7QG{GJ%_Q4$zCVz&aolUS24`$S2gEN=e-v5#Z^RTEX9>H{sr z`$-_g6n$!>1bn6!Vr@zw#1wsMqy&7X7h>(qC-4i~i#9;Awu)B(0000`~ literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png new file mode 100644 index 0000000000000000000000000000000000000000..920931e140e722a5c69d6b745d5757dc355587f6 GIT binary patch literal 4160 zcmc&&_g7O}w@ri44IomaM2JY|Qj~y#2ZRu+G)1ahA#{)grTg6|RShNdE=rfGGy{m> zr6V9Mv>-|m0RaUB0k6E1``&ne!5icKaI(i(S$nU!=GtfNJqOR^Ni>T=sBG{EU9smYCdLgW4O~K4YFSAACGFuQ?yswzA*Xy7`Y2^!N)zZ0ado z?>2LM0Y^l&MDl#?gu>o#=pxzJ_90>cf#e#rf18RN3dx2?N4n?u^Po@~^Fjh~a0Dhv zx6Vuh$rhJ$o5BH3;_EG#F3Eu-ItMjyEDI1QyW4x;u|X(o;q&Q27?DgysCqW8euhAa zJMotHu>b%QR-e5SNG88J=q>|9(dheJ*?!HM0KkZFwL$Zsk^t7h3v;0T{~)|oK!JKO z(v@v1W&zD2PL-y2r;rF7R!*fDw39lJBI@8i@t!RRsLe-}_nGvr<2aj#Q03(F_*|)abow$>9_DW7}0|w4Ess z@S;Nb8J6apcDtqf9Iqje96;4<#MTab&xMCrALW$OE4uUV-Pjq#CI|2FKEcaCjXH7C zp-;T$w(bm$C%1`NiVD~+m)=`hRf9rT$AB2P)Ol^ghJS+AlA?aS(n(nQ6-D}y z7DL`8+??tt&dz82hE(IXV_W0pgnVq4G<05>01=sQ$rBd2qlE;vMT=Ic@1p_|i51(Q zI(M|BG3bQuXrb$^#wVzB4eNGI*&oM~cDkWg4CuwFZ&vCNMIHlhIj5RROk&8ytd`7x z$$C+X4!1(dF|Xy|J`=#vkrU&7EIb!z&B@XA3U*X9-3U3MP2+X_>*kqbW9!mM2BOHe z2WEF!wNS9>O%{x&*3*vsc%2$S*Q*fZhK)XUfL1C_?3&gqUACnNHy#aOll_&Q)fG6= z=#ro#`Rm#AMXgEG1|>Q5fB0Rzw3Bm84O&i0p`Aq1CJB!{b{nE;EeAurWj(WCy@&DP z&UP@>8iNDJ+IczcfE~tMgrNJ(pZq;tDcg~zK2r~|(C>FuWhWZuQMs76 z*^q5JWm~*I@X>nPJ=}{u?&-9hu_8@R(BFCL_x0yLg1prS?DHq+FdiR;l$LvC1jF+v z)RWQ_3qO$TNm|a<$0)14Cpe;+W7?@o=VM+}P0!d(VwcxFkCo1($^8u3?_YXySW+jI zQ)2mta|85X$+b^)isY+DHSl#{5it^L)6J|bB_h;_&YqdZ>W5^mx2esQ#QKuhp&=)= zA0L#ie9e%hZ$6VbCRmBT5ZrR2l6N<=f_V$i&)sC<*V+&7t_^0wP$bpFxD-`e?l2OR?2l>LSv4h%X{wfwlkx>!A){p8G~ z>1$sLd(=lp7)FE3_;r;QdoS9I6Cm2p&uOYGorhl!EAjZ+9A*GG=BXvfo3FEr{qez9 zA&-)~korn)-dH-z=@jhNN<+%%7fPFXPNqeNmpS_{w&wE*n1iE9?l37dt8@#VGW10k zoVUfdWlcF1VCtI1ShY5rqw4|9cl$k^yoyh$Fn)iVJ9J+=z`gY9XP^v8{@F0E&(dhG z=GiNoUAAjG9GqG=r#T*JM;*4_vF4YlNnD!L5v0}4u*D%$)c6T_?2N@z_%3WTgFZ@XuM}}?!h~7DxC9lSpMcLT0zjS=R zlX@e+Jk5Ixf#D9nO@F!|p)vx#xFJR&eBvvYafuiryXS_^Y!T}_!I(r z=l2B7ffz2@_ab!d5gDUCNEOyD59|#rxk@lA6Dw7h!#=g7Ze3&v7tsd}Mc?&O#HSDY zPd#`ift~h{zZYGxupa;1?XH&V&4w+7OfuHqA$v4ZWk2<-a(?m36z@; z*tL!HfiTg|g)}WIp&1fn)?Yhjg+ybkuCiTvcIkp4(44#GTybZgWl-^|o&7lB2HQZs zj7&HE+H%LG3noBwrZ>@E`KxIA-Xo=SWP?80UOU;_IY%0OG3#qDrL7{cw=UyE@OKw$ zdTh2#O@g&b^dsYu`mMBzK{s^T)JO%V2#MH^=@bv3-OxH{NSjrGrv0e zsFMCVR>P0xzQz)H3BNe=*D1q=*@xfDZ=f*fSm)A~ONSb!^$8m%U5w<0K4Z&I1$et= zMM(81`gBfX(lvnti);~{&qLhkqv0?4 zIVTs*>OW2O7}g;hr8`_-vb+9R-Y&hr(edJ&BSaPKw!zg|TJ0mqm<`5#`9=KoD9=#< zZk0V!oOdNZFz``KY|gjD8)Q<%!(VfM&sZsYp`o&7>%_dC#N{{N9~YxIw^Rot~6)$Lx@y&tzLFMJtNEx4()w*EzIT5P5(B>5A>|VR52Et zfS^Ljn?YQ|2APv&1)A}G-W=oikCwan8{)Kp2q4>{ODz65*XJD+|L&9tknZ@D(VB5yTPUxssSC$A`u?$@vXZsDDN%5?@}ja(8neK$ghg4jiGs{N5wT^J{mP-(lolJJSfF(8_>klLpEna73mGoSZx@cWeoJnQeiW~0zt zVf5qDAIp+AqyY=tSn2bxQn!B@X3I>TTW*qFmUva41sT6|?bTRj`!0Jaj_rhZNPu`4<4HC#nuX+NDs`yRe#jjqop3z@apjLpNpt);s_ zKUgI$#o|tJ6>&jTL>$UXf??QxeD&$98gOTq=0u;VIfKTH?Q@|73LF!coD27m*JH>+ z@k44rb%NAEf#o_}@d`lcUg1R_x4WkEyCoFD=u&3hAVOS@2rXgN}Z1;gNG7?clWm_wTjge~s*MkQESq zN7-%x0R;4uAFdzZ;Yf9*^z$%F?03HtVwuZlyX=4?AesB15zr$uL=3li3X^5wWY8fJ z0~wJ{@G>=Cw~PIyMgmR3c@VTlCpFi{Mv0&WN|?f`_vg^VUr_z=1Izy@B!S?3_kqjg zvW1lR=Z@YEDiiiR-vl~6C3c~`|8tg8jEmm|f@%ae+aZAZ?*rU2D|Nab3cFQ*Rumc< zVyk;FED*{lGwnwu`Rk>0E0Mb#DYOYi0-Fz|gw+(NRs3 zD#;R~-1|TiS)C=erl!{^rr7dP4SIU(zCXmWs{u?R^UkBM3YRi_92>v#vKI$cDryaiQfl$uY_8b~kkkN7j6K-Kv+>-@#LAVzFvcTxZt l=F_|EJT1`v{}TSEvPE>#o>kxo4*VnlF)}dMuhw&U@LzEHbm;&9 literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg new file mode 100644 index 000000000..d3ff7d855 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg @@ -0,0 +1,31 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg new file mode 100644 index 000000000..960483f7f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg @@ -0,0 +1,19 @@ + + + IC/ic_floatingwindow + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg new file mode 100644 index 000000000..b488a4243 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg @@ -0,0 +1,16 @@ + + + + + diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg new file mode 100644 index 000000000..abac73611 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg @@ -0,0 +1,14 @@ + + + + + + + + diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg new file mode 100644 index 000000000..3fdc1e9d6 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg @@ -0,0 +1,7 @@ + + + HM/ic/24x24/more1.5 + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg new file mode 100644 index 000000000..4b201c865 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg @@ -0,0 +1,7 @@ + + + HM/ic/24x24/ic_nearby + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg new file mode 100644 index 000000000..56e634cab --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_calendar + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg new file mode 100644 index 000000000..7be7ccc41 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_camera + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg new file mode 100644 index 000000000..6805946fb --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_contacts_group + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg new file mode 100644 index 000000000..c2a26b5df --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_folder + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg new file mode 100644 index 000000000..88ad317dd --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_gps + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg new file mode 100644 index 000000000..3191fb6e4 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_message + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg new file mode 100644 index 000000000..c78bb4fb5 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_phone + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg new file mode 100644 index 000000000..ac9311b12 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg @@ -0,0 +1,13 @@ + + + Public/ic_public_voice + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg new file mode 100644 index 000000000..58c9f7a83 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg @@ -0,0 +1,7 @@ + + + HM/ic/24x24/s0324ok + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg new file mode 100644 index 000000000..31a035d87 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg @@ -0,0 +1,9 @@ + + + HM/ic/24x24/ssensor + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/icon.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..ce307a8827bd75456441ceb57d530e4c8d45d36c GIT binary patch literal 6790 zcmX|G1ymHk)?T_}Vd;>R?p|tHQo6fg38|$UVM!6BLrPFWk?s;$LOP{GmJpBl$qoSA!PUg~PA65-S00{{S`XKG6NkG0RgjEntPrmV+?0|00mu7;+5 zrdpa{2QLqPJ4Y{j7=Mrl{BaxrkdY69+c~(w{Fv-v&aR%aEI&JYSeRTLWm!zbv;?)_ ziZB;fwGbbeL5Q}YLx`J$lp~A09KK8t_z}PZ=4ZzgdeKtgoc+o5EvN9A1K1_<>M?MBqb#!ASf&# zEX?<)!RH(7>1P+j=jqG(58}TVN-$psA6K}atCuI!KTJD&FMmH-78ZejBm)0qc{ESp z|LuG1{QnBUJRg_E=h1#XMWt2%fcoN@l7eAS!Es?Q+;XsRNPhiiE=@AqlLkJzF`O18 zbsbSmKN=aaq8k3NFYZfDWpKmM!coBU0(XnL8R{4=i|wi{!uWYM2je{U{B*K2PVdu&=E zTq*-XsEsJ$u5H4g6DIm2Y!DN`>^v|AqlwuCD;w45K0@eqauiqWf7l&o)+YLHm~|L~ z7$0v5mkobriU!H<@mVJHLlmQqzQ3d6Rh_-|%Yy2li*tHO>_vcnuZ7OR_xkAIuIU&x z-|8Y0wj|6|a6_I(v91y%k_kNw6pnkNdxjqG8!%Vz_d%c_!X+6-;1`GC9_FpjoHev5fEV7RhJ>r=mh-jp$fqbqRJ=obwdgLDVP5+s zy1=_DWG0Y-Jb3t^WXmkr(d9~08k-|#Ly zaNOmT(^9tIb&eb4%CzIT zAm3CUtWSr1t4?h1kk#NBi{U|pJslvME{q|_eS^3En>SOqSxyuN1x;Is@8~m?*>}** znrRFArP!K_52RpX*&JHMR<^lVdm8ypJ}0R(SD(51j;6@ni$6bQ+2XL+R^|NnSp5}(kzvMZ^(@4fD_{QVu$(&K6H|C37TG1Am9Re{<<3gd zh@`>;BqkXMW&p0T6rt|iB$)~CvFe(XC)F9WgAZn*0@t$oZo;!*}r@_`h?KKH&6A@3= zISXoQB+~`op>NP-buiA*^0n{@i{_?MRG)&k)c)k_F+-2Lud!S9pc+i`s74NpBCaGF zXN+pHkubw*msGBTY27BKHv)RRh3;nMg4&$fD_6X9Vt~;_4D+5XPH~#Kn-yjcy!$}1 zigv#FNY>TqMhtIBb@UoF!cE~Q8~;!Pek>SQQwHnHuWKoVBosAiOr}q>!>aE*Krc)V zBUMEcJ5NU0g8}-h6i1zpMY9>m4ne?=U2~`w7K7Q0gB_=p@$5K7p6}thw z-~3dMj?YNX2X$lZ+7ngQ$=s}3mizNN@kE%OtB)?c&i~2L55z8^=yz;xMHLmlY>&Q# zJj?!)M#q_SyfkQh)k?j8IfLtB)ZCp|*vf4_B zos?73yd^h-Ac+;?E4*bpf=o*^3x3-`TVjbY4n6!EN10K6o@fxdyps05Vo3PU)otB} z`3kR+2w7_C#8Z!q`J)p{Vh!+m9-UP!$STp+Hb}}#@#_u^SsUQg<}59< zTvH3%XS4G+6FF^(m6bVF&nSUIXcl;nw{=H$%fgeJ>CgDYiLdpDXr{;-AnG z8dvcrHYVMI&`R6;GWekI@Ir3!uo)oz4^{6q0m^}@f2tM9&=YHNi6-?rh0-{+k@cQm zdp`g#YdQn%MDVg2GR>wZ`n2<0l4)9nx1Wfr&!Dvz=bPwU!h2S?ez6MVc5APE4-xLB zi&W9Q8k2@0w!C53g?iAIQ}~p*3O(@zja6KQ=M3zfW*_6o5SwR-)6VBh~m7{^-=MC-owYH5-u40a}a0liho3QZZ5L{bS_xM1)4}19)zTU$$MY zq3eZML1WC{K%YFd`Be0M-rkO^l?h{kM{$2oK1*A@HVJ57*yhDkUF!2WZ&oA4Y-sK( zCY69%#`mBCi6>6uw(x4gbFaP0+FD*JKJ-q!F1E?vLJ+d35!I5d7@^eU?(CS|C^tmI5?lv@s{{*|1F zFg|OzNpZ0hxljdjaW%45O0MOttRrd(Z?h{HYbB-KFUx&9GfFL3b8NwZ$zNu)WbBD` zYkj$^UB5%3Pj1MDr>S2Ejr9pUcgA!;ZG!@{uAy12)vG=*^9-|dNQBc8&`oxBlU~#y zs!anJX&T?57Jdr^sb>e+V`MVfY>Y0ESg7MG<7W0g&bR-ZYzzZ%2H&Etcp zcd6QeXO1D!5A#zM0lx*GH}`M)2~ZFLE;sP^RSB5wVMNfiZXPd(cmO>j=OSA3`o5r& zna(|^jGXbdN7PK)U8b7^zYtYkkeb%<%F~=OqB~kXMQkq}ii|skh@WSRt>5za;cjP0 zZ~nD%6)wzedqE}BMLt~qKwlvTr33))#uP~xyw#*Eaa|DbMQ_%mG0U8numf8)0DX`r zRoG2bM;#g|p-8gWnwRV5SCW0tLjLO&9Z?K>FImeIxlGUgo0Zk`9Qzhj1eco~7XZy+hXc@YF&ZQ=? zn*^1O56yK^x{y}q`j7}blGCx%dydV!c7)g~tJzmHhV=W~jbWRRR{1<^oDK+1clprm zz$eCy7y9+?{E|YgkW~}}iB#I4XoJ*xr8R?i_Hv$=Cof5bo-Nj~f`-DLebH}&0% zfQj9@WGd4;N~Y?mzQsHJTJq6!Qzl^-vwol(+fMt#Pl=Wh#lI5Vmu@QM0=_r+1wHt` z+8WZ~c2}KQQ+q)~2Ki77QvV&`xb|xVcTms99&cD$Zz4+-^R4kvUBxG8gDk7Y`K*)JZ^2rL(+ZWV~%W(@6 z)0bPArG#BROa_PHs~&WplQ_UIrpd)1N1QGPfv!J(Z9jNT#i%H?CE6|pPZb9hJ1JW4 z^q;ft#!HRNV0YgPojzIYT`8LuET2rUe-J|c!9l4`^*;4WtY@Ew@pL>wkjmMgGfN7 ze}}GtmU0@<_#08~I-Suk=^*9GLW=H4xhsml;vAV{%hy5Eegl@!6qKqbG024%n2HHw zCc@ivW_$@5ZoHP70(7D+(`PvgjW1Pd`wsiuv-aCukMrafwDm)B!xXVy*j2opohhoU zcJz%ADmj>i3`-3-$7nQKBQQuGY;2Qt&+(L~C>vSGFj5{Mlv?T_^dql;{zkpe4R1}R z%XfZyQ}wr*sr>jrKgm*PWLjuVc%6&&`Kbf1SuFpHPN&>W)$GmqC;pIoBC`=4-hPY8 zT*>%I2fP}vGW;R=^!1be?ta2UQd2>alOFFbVl;(SQJ4Jk#)4Z0^wpWEVvY4=vyDk@ zqlModi@iVPMC+{?rm=4(n+<;|lmUO@UKYA>EPTS~AndtK^Wy^%#3<;(dQdk3WaUkRtzSMC9}7x2||CNpF#(3T4C)@ z$~RWs`BNABKX|{cmBt>Q=&gkXl&x!!NK_%5hW0LS)Z4PB>%sV?F-{Wyj#s7W%$F{D zXdK^Fp3wvy+48+GP6F_|^PCRx=ddcTO3sG;B23A49~Qaw31SZ0Rc~`r4qqt%#OGW{ zCA_(LG5^N>yzUn&kAgVmxb=EA8s&tBXC}S1CZ(KoW)(%^JjLTPo^fs`Va;`=YlVPgmB$!yB}<(4ym6OeZ3xAJJ#;)2+B%p3P1Wt+d$eo`vz`T zXfUP2))kBDPoscH;Jc7I3NU<({|@wM$&GaDt`n7WLgIY3IA7A6-_R?z8N3mz|}*i z(zl5ot--Oq@f2-nv{X(ujT2T(k1vY_qh93pK@>H-qc%2Xta)IP0Q%zt%bqYgI`o!wv!0QerB`nCN^1n|@$sVOQ!V0teVG!I z_fD%JvfDeT1cK#-{o6Gv7}& zY0#NWin~kVaf$aufV&;63Hbs|`QVZWpDX6IMk1Hj2G}fiH9e-^6u2zf^FIr^BwD<6zjw63+{yUe8PUFvk8v{sJ=R{d#`O!sz`Q13~< zPT$JS(w=yQfU2`zPCNfSw=&zup@DXc(98afjhv@1w_f!m2Z>rMJ19AB&dB%P#Ls3b z=lK7OILM+SQ&VEd=1GN6o&>YVVtIzoZ%=Z_SdqJN2}E43{bE`>w+A;=y->@^k{oCC z$F*WTY&?34;kfyFV?b*Xb1Pq`Z=%OgwEg)Rz)tx=`f%5#w_INP=x&z5!jI;#;N$ma zhO)+MDm;SxOEVL15; zGq(v2pL3&P1Sl)8P*;G-fd{l1QJsv@e@d8)1PK4w2m*M%V3j-V~L^$i|&C@b?D?9tfwE{B^}Z$k8e5FmQ>v7Xz)sG32g9t}YBt zyR$+*_00RmPx+0mW+vVG4mxd(n$(eQf3-w>JPl2UJpafrPaL5@2j}%{VE-) zBI%6Qpj*dsdH<;g!S!avA~bv^0E+ zfyJbSjPb+j;J52U)<|cIcntQBI2T#>2;tOxu{%D?kML476AErF(qN9hPva5Nkc@BF zC-tLF@3ZFb%Kpj)M<{)x*l|*Ia@ECeXo2E4h2f!aV=cHAhi_E_mfUth(sM4^hJq7B zQsGWqdZUm9S%F`$nQ*_#NcuD`&)Ek%_s{&^78{9Hm ztri&rYLOxgFdG>O@+XHy z9#;|&vBCPXH5Mon^I`jSuR$&~ZWtyB67ujzFSj!51>#C}C17~TffQ{c-!QFQkTQ%! zIR^b1`zHx|*1GU?tbBx23weFLz5H?y_Q%N&t$}k?w+``2A=aotj0;2v$~AL z{scF-cL{wsdrmPvf#a9OHyYLcwQD4Kcm)`LLwMh4WT~p29f7M!iafJSU`IV}QY5Wa z(n44-9oA}?J{a+ah*@31WTs#&J#o1`H98#6IQf;Wv0N_!);f&9g7o-k(lW5rWnDUR zQBFIRG+X=6NnsI@mxnwm;tf5;_Uxg?jZ8m-m0}&6+DA!qam(p$mN5R})yA_7m$q@| zFEd|dpS595rxQr-n#GjI5i-AhnUE>Cr;jpCqSrD~EwK_DqI^7%3#p5)%T_od!t3SOmH9MyXeeGO2(UQL;ax|x?Ncixmeo1=$ z{-);Au{*tfzOG?KQ~K|ak8-HQ?`Pekhe2WM(8s{xv-p>Zmu_6{G!-oE$7$mY`MOJorI=+mMx?H;`pr!;fVYz?5~yXBACruWB`Ph zZM}90_<^OBxIhyZ9BW$`>6JvO;%VFpqVr8|7t3~AmxYak6?`Pp#c;**_SYmi`&z23 z`p6_~ePvH)C6x-G9$hgL=eVALq`-AiamN>!3~Lxw&{H(b{B(7xSRm6<3<{%{yXiH# zos5Rv1L+8fUKJLo%P>4I&$}y + + HM/ic/24x24/in-app installations + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png new file mode 100644 index 0000000000000000000000000000000000000000..1f5004bdc946a5778b0b32bd41a51d5d3d98ffc2 GIT binary patch literal 4001 zcmcgvcU05MwoYP#N$3zdXsDqJhmPRM52Q&I1>w-Eh2Df9B}C)^f<{4!2$5z10z&8n zB#59O2+~85AVH)END)+yyqtH}UHAO|*1Lbq%-Y}DGqY#S?C+bM;b3RMjTA?MKp<`_ z%hQhR@y*{2&cW`hT&l_J0UYIMVFIdtC%Fs)@w!=^2F}NMekr_GlN%uQx}(Dwi`2!L zzI`i~`Jf0+JIeDxVAwIgA78II(#c!{qT6y8sv>I4pN_s)9huz2@2Q@E=PP7ix}+>J zNK;(Uc@Q4$KsT@I=ZyT|wLN^tj!va*;K)nuiF?NbjRv=A2}v8Tm)6L$v9JUp2r(*$ z_BVydIXncx=EnfYG#U%U;fQQQ2Mc)*--KrLWYZ!|@C26sP_ULb7%7k~5xbZQg7x+m zF#@$AC^>Px^*#g`c{c~B8@L2jwA2orxhKfRG1mhhzK1&yFU>ToVA!}F$AE4re-Zk9 zbHoKZHeSG$A7URms=Cj_aTJ0-&DkuL~%yHqga*ad|GwGky-baE8lnDIXp;jNMyL?8^ z!J&_goU5&UQ>-d82-+HVe%@a`UQ8OI509$ycg|$^u}+pN=|3@1vXt7~Qya?zOY)5* zP@Xt3D|$mBi^t@YcWO{^d4d6s;FqdrTc>BqkJ``K|r;a@$i6OX3Ufp8>8gdAu4Nf$n8( z-!sk*T!-IWaGFncGVH8@E0555R$whbV`J0qn4_Y}AB(AP9GY!z6r)j4R9WK)DwW_s z3@N~&%EqIJkK^w{CN8e*-4Gvm=H1WI+_E_qAJS-nbi6)!AaAJ3*EXa&q+OkSXuK9a zRlBvJJswI6L{hn5vQN1L=4vud)nBOe?Pk?RS{CTY8N{wY#Ud(rl(}9qf6auELXodmG)L{Owtj`s3e|eHQgA@ZH8&Km@yLUNCF2aCGJRWXM>+!Z0^yyT(s|$oKWp=4CHLV< zcYAVq}33xku z*tf?jFpoUnT7Sp{b>Khtn~!4>vz0&n+BQu%-1)k7R<=QSIwlhy8tNay(jiPkm{W^F zIQ2*_P6{ zgHEN>G0|w3Pt89?oHpyOn5~Bw#NLdq<#fDqftT=&gzeumMm*ZzK6@Qo?h$r_S?>Z; zs@^%dSmF}7CzowYG<~}AZq~- zWU5NY?VIB8wsN-(li#psB#YxY^)vF~!G`!Xy z)i>FVL@1LGoy{B%THLSR-srVb7c>+qYoOd#*%Zp-)_rK5@(Awm)fiXFXus^4yeZat z?l81K*7D%bSL)x4zqhE2zk@2peCBrO4eXJgU-yM87}VWZo3NkPjb!r{N$E6{BUQPSBfFY=Qp8%#^yo({7!B^IqoJ@<}z*# zZ6=s1fNw%6FDe3@h>osa;7$3P;i85cP?XAFc8ob;jvzu-=tL<59A+LE6q!ZKz#|nV zf6(vg0A~XJQo>ssSP0bEVI$h-lrB!c@jFNCpW}bkgB8_+fNypLy7K!+(|CBH#pnbg zUIijQms7Fq?+itR@#hfsc1VG}ahd|~InxWfWehjLv8u^T^keD=I5Vr2(SnEe^Y3SG zWPIKG;mXgB^csv5TpepJlM*6WvpX)RLdZ4TK`7p0Iatxfz@1(PnWBe^H>7|*#$SOh z7mr*l2}HDgytcI%s5j;oW=-5Itvoqq{q9i?9)LKXx*KH8r!%QDgA5#VTdmO0rM0wi<ORhw^F$Xx&beN9FN3J{6ZQN1d1{6`1)vu-LWSz8@U;_AFRG7LB|+ zER78J$ipl>Q0+KBz6nLx3!I8)YgDc$Quo8I#Y7r^hG0^yX$&rOVa z)OCMu3Ta@cQeqVXmUWit50d>UsR9NorguqS`hCr-{j9U0jhI`7FU^j>bD&npTTv6H z38i|9N*upam8Z4-D9><*N6{{WcIyS}DLS!u;?;+BNSe_}YtJBG>y^B~c~mi4UEQ=> zrsG@>&GKHo?+;1|a7 zPxUlk%0E{m<3C#dJIGM6ZJoIs=}<>`73-;v@oYjfjokBttQwQ2{>!G+aA%0{ad}@Q z!xIe4cvsCR+)lJt(4{F2tk!L2JE3093q8ZWzStVE!REbNUG?wIWfxTctXB*)(d@=W zb|I9~eTukKIp=0uEmJl(jwHsPH*TTWgLS7Re;x05{`Is5DiZ;^x*kN4TYHMOBAKL$ z$4x(i56J`XOSeh<06{0nrVs@db^^OHgQXO&m6N=y)UxF%ju z;sdGl21?GNE3k4vun0Y%wQx(4O$!F%x^5w4Y(Dh6C>{UFjm0C7Ziludw1K^!f3Awe zAhd103paY#Z8s|F0Gp#+3-|g~jwnv050K;>uG6<)V2(a~;%7!2r=FtFBc9w0FcNrX zhQ(XZj5L4!d5%qNQ@hS^y9NFKCAN)&%!I+{Q*H!z?#}Q3^0mTlT6f4SShMo2z<81rf^n}-9xTt>Hy}0L+#hO<7Um@XIVko z5%r2ZF5^nc4M2B3+NZXg`r!nZ_I)jjADfPR0+e2wsl?%ws-F!@31P(~RKM+9(TVDOTeu&g{nl z_p51{iylPsIo27l`kPreqecfZ|2nUd?0!iNu=mCgB!BbRTN7bMfPOMU)4xUm%zNB0 z$-ib)T|;PY7(%LTz1@glJ^p*6gztenpZ@S3%SxosP_S(2LKR!}UYhy!-?4>Mkj{U} z#Z|XPDO*mSFQ*iOp0r#c;(jw@Cd}moxnE_u6UjNLv9M@^MJ|?rH;{)BbZ-*4i8j9L zu1>%0q1T_VEQ_W~d5{alEf#AL)U$W58e2hQyWi_aJxRqgBRgdBdYnQigdHP{7_YZ3 zK5>CSZ_AKl|3Pji*so{RwNAni55o$pkCuOwVKbm0M-+xVt!XN|vZ5})Y(_}lglI2~ znvN-fC&8KN&7B&_s!;Oz?gn+Qo~ns}5-3CNjO*a6Vy5p#Joo037#bbtS1L+&&#Mm= zP_l$yW}#+l13*29@Lb5k%fnplILcFd=zZmy8b0P_HKx*BPV$aY{^NlRA^+{9=_kvc zvugVl5HlyPJBO#rk3+nP^156>Y1p{!TTaLWTWF;=T}vjee~+c6HUGujDjVIPkwvPe z?ec1zh6IO+2$kxYVmbFWb0E%DB>B~RMqYhGxrp3ltgC$^Ti=2Qa%M#pumIPQfac)8 zr8OTz)3m`8L^=Ax88TRas$+lEj|75ga^=ob&F}>OAo5y|1{mops@N59lU)Rk8!@td zAgEUw4rypI0jt2WpERPY+Z) zs|YX$YK9jR?L{nD!s2BPsU!)BJF zLOt@<$&~pWH+fwK`4>-gy{v-0_Q&C1>_aORvru>~&Og0039MC3(hzVbx5#DjB5 zjPe5}^+7Ap-18n*K>BRVS)Qbh=Dq@|IUb$zA;Y}PM)jh9%2%U+V>d{uGozow1boX^lp;- zu5B?_u-35775O(*CL zQJ8c4X2443GAq}0-t3fg71<~Ib*lqDwtO~^|8?IUx!w?9K9j3i*av!yC}4Y3#1>+x zxZ!w}$WQUTpq(mNdV4^k64x$qT6lxX`u*u+?e%BYSSgT1Qc?5qD?Cs%SNQvqI{*}; z^wHMAP!Qg!Oq*i+G0%TWEcL89*EYc&$k$7wxPm>xc65c0l7cF$N6VI zy4G}8+FIcUeCaDG=Wa=Xs1c^IlfMF)c&L|gu>kss%dIl=cH~yr(RrR^J_z_92P;vh zMc9J`FY+$~-Hq!@fwYG!l+Y(!Qm;+b9vhd%@1jHaRWY*X%qou#&0gm6UPtr9dc@MH zU$Dr`-y-W1b zd%g4d-sj%G;6C?1lV(# zL3tLo!Ew`8kO7nrF>C<1eB~FbXA)AhXvC%awH1k+DC=bm zl>>p6I$WX&vUAyUDqm^)C_j&CKQT@rOsJRMGM^>ECyrO`bB$=f8#{CUYQyaqX#5$s zQ$1Xvo?Se`s(Uiy8fD2@FPul;n;@DnBoX`g`Y>bv(}wu|`OxKAEHu_jTEb!rhjJ;L zumf+B35-<4fGOAx5n#FEFfVBki-)vCToxf4GJiu%NskTtoSJA@d*DO@3RL>zoKUQY z?Qm1(eEYKHEe%S@T4K|S$69H#NvjBr9V5VOk}XQbEZEWV6%n5;3pQ|=6@C2Eb&Ju% z^RsVB|Ae$1Q|qrk^?D+_9^d9h)>%3x&+;BRET4H2J!~&ar2I_3{{3#6Zdbx{8wwCi z+tbj8$fwOCn{(M6feRQvsg=fSNDjO%35tJJ_+2*P+cI`|;vr?dTJe0Qeddf-B1?-u zx?^)a0gA1+AG;Do`Db>a*Br)TN9lts@ME(ibsGo_|+}i%ABk z_ahofi*lB{Bn}_(rZ+7PA*yrrnSrUmn}wBaf)GhwnEMFZxHUUBj_FIQWRWJ04KrrN zw7aO#9jX4-hq##Rg2*xe3qavZG6>>05RQ=U&`ix4jTw28EX@;_vkM zXn5@k);W=<&_>&{Doytw1~&!{jO8*c7D-q#G@Rw~rAr$%x2_)hfk{eD%Z0~{*pI2L z1dTYG>0LK}zZC-IhAuuTHZBfogL-AM=Nb2}{QT(SV$~#kIi8RDjkDR1f#3+^eszLh zr<<20I}yUo0sI*5D3b3VLG%`vXEy?xTj+q5*#R(wSqmR{y-bRGRO99n8tbZ;-nrEYgkxeFVjyQ1p{CoR65$HSBP)078a z#ELTic1&7+h9IYN9+Q={;2-FTyKWw?d=q_l=02^*v1cdFki&~3HKYD);k?~%KleUU z{HybhYB}-(*Bp9u?0(E0>Mj$<#?{@n{f)G=nl((I$Zxj1nk`M6(Qk>6`wcEvRbuw8 zZxDm=5}NUFaGz7Jb2#M)6J$A~}s zd+`{M?TXiG4Pk4zF;=s$tg_04UD(cMDw%q`CZE9-(!UMB~Z!{_Y+p1h|-q7HpDN__Byp8UXV zlN~pp-!ySniXn4yMpQv*rC$z?m4E-oCi8Nz1pGG`%F1?9nD?Y;e?j% zaMgnTc=d@)@#iciS!Ri;{qvjhu*134ttaPRG-}Rw7py;0Y%AD zl3wjs9D=VT9w2O3D4Mu%+dR;Sb)V{YZM2>*gQ0mqqLQvVjGs<4)6HQcez=ZudiJh# z@0sr$*XsAp1JM9$@$N(?@r4|75Uzza)%ZRZIFI&xShNa39DVqaWlH`13;gCyA!FUT znV9aV$t)Cz116ceje{)-;~_yBUU;+GHSqbWJ03(uKRaS;-AOKfP{0)5>P6&?j#kUb zpndjz8RlV)`|+O?cNs7%GI+-f(Bq&saf;5VH(m-BXDY=}Hpi`0KqDkahRU388DtkK z($dV0jtvJ4ToxllDtZmJ&1*GAsMzW!TWGsyTzg9<9NsJrd(zW+`z5R_hjLb7Zm$QL zOxcAsJuU_vzoWNMxi(?DTtMs^z5(fRCxk)>O6t|lM-3m7qsrKttDIiC)5*4-8Jn1z zG_Bq~q8j8YdAAOGlViQk8C!5!c+=b2*;8y!2{XEl6|C7BdTF)Z{IZBq6oT`?{N4$? zl%Qu_p!gF84&o}fjgv$NM_#JIb#9ODgxR1_(7rPTG@2@o_dvuLMe^O8 zz3DP@os{*Cy-~yo^m~u4-2=2Y%;rF|E+)y}`_FtD&5#(=JpE~mliM=V{I6b|lcbHAidbtLC^R&M-(&YA zRcf)gkND-*uiqbmTXxq|F~TLpYeMU?S6M9`)q;8oHnCQ(T zb2$|G{@&wKy>h~N-$6UxWtv>SrYUywHHQZ&g_^FJOy}gKxD!euelUE=m$u~o29~@4 zdmEVs9nn7(5o8iPrh=HA5!8O9U2*Z9BZKbzJ0QQoD910h+z>vOdZM{kD=ai_Y;ThE z8m@JFRAXX@;CrYy4vYx7U9vd9(A=4BkT?{o+L_Uh4dDyqp+`yb1+G%pCzTYy;<6(!8DJ+=NF$*0Ox{MOd_hIwbIRh zk{|NRPdS{wo8>gtl!9A3`a#ZQvGZMU9CxI~FOYrS7~|-uZ#T8e))QJUFGzf}_sZ(a z6y2VvFVC5sOy^C!w6a~UceK;x1w?VmmN{Gp=`P_)p0o71JZ~XmNC=jbp>oQ3-#2K} zTk9kP?gkpd8KoylQl3T+P;a}bgV9;r>3ncg^{>4;pOe8I+^}b*EsO(8U!GbQ2(oqq znHz)F`R~uUMff)iiC`I&`FR*EK)-8@0S&2(DtK9_*qN`Gmns-KL}Zx(aDpo+(iA(N z=@m%FO?^jKEr*r*3`O(DCA!I~F1v*I2BolMqX2^XmfhAK%7 z$$*)|!EzwWJsf*WC93{%8v%$MOSl|30!j%>@Z<;HDF7j$L|3OAvFhU5+kF%2ZBebZ$3%7?M^sof8JPu&h zb?CPy11*r{hG9x`3h3zzXfSm0ju#~rE*GaHBnM&v(!(KzC$O$Jp#O1S0$Udd77WF@ zUeRb!b1SIFVX^kjaUYkyQAYZe+|x+W7uhQR+u;cu`bOrE|009+zfut^5Q6;A(sZ;V zf#b7C)qo__v1->L)O{2ir~f>^0B<|_^j5ijUc5Hgx_A-2b5SBiJ)fYPS(0 zRoI>ypS|U`^TRmxM)y&6q#{r#7ApC*kvDv^o96B^RiLPh!LJ+t6WPi7n*hYcI)&LVf>A1xf|3?z@&XGL>cmlA9a{#j< z!Ol)niE;{b;cMeJ;t?wvNPb@9Yez0Gq#*0rK#Q^EGsi=Z1J!KK|2wE+$-Q96Wrcph z1#)%>hLXVq9Sqx^NWtUTAL@lIkn&`51A8s}GF|mX^y?^4hPL!O1MkLbM$lA3lYkCScw0Cm&0n^|A~!P7oNs{ZKv(1nRw)aP))5aqZP^m*k! z(c?ggZ}VY&viio9`JB7=Oo0J*vvT-t6R+t2d{40@iUe6 zWIF@VNyA> zI7r&@*Y6?WhF_ScYkR*=Ofl#rKLIlwKd7aHK_^pTuI1g);XYl8j_exGTK2;Ekd*Y{ zrn6D9LxXum>9zcn?RoM`(J10zXx(*}p^$vFYBo-6?vVYWwHXxv8zc_I<9fyNpvoTK zaYm9H*8TnYNBnDNY60^1O>o0W8de`VE$jI_3;aPRQg#q!xwt7#Dn$U!BR`na)QPWy z$Ee;YJ`CKR*K0c#;ZiP^gYoR$;G#_T-^tc8YugXXNz0S{;T79_%M9i#f8_R{AO0HwP(*)n=hkpSMjC=Pr=Gt1=7bbEhM_bsG}Y@dV8K72bR zC7L5LWCDa&XRAzX11!k_QIcH?5L^`M7o{X`xxM@Jv)^@c-cy96;p_G>oUZ1y>nO6> zKVi_14nO@gm3Jkz&aKg^wlr4T&&qNr&oTPybu6;5G}FS5#t{9Y+=4|Bt|)23eA7t` zV0k(BXtP<8UV5a`p_I3pMS2Q_&s)J=X6E9E4wRT&{JNJ?b;>`MEJjrI^wdRl>CbzQ zit2=IjXT3!?__sPyoJRa+lPinBhL7;;Py*N=DJMKX@T@}0|{EP2_`aaRSjvS;JH!5 zk`nSJ?uvI|KhWMJp+2Zf$>Z)?H?-`Do9@yVgA^JvV+}B_R}byDdcVTcFEb{Zz=--{ zcu@S`BOe<9bCk{_EEOVsTz@IXWOK|% z-a$0)4SXQIE_`!(#h_u&y*`Tp7*tV8F7Ka2A@$M0>Ng~RU+OfxA?95|ZT$TviF{0* zn`Z4q0OSi*-ZOoTPA0XYF9DI6#Tn?w7gMry7j}Nyj|%))5J%qK#z1@%IkIT6M*?{( z`6UIgVTvPYRno1Y!z1 z{=6hO`okBeb$XC_t#60fp_J5}gF>(TC{EalH~}i2hNslMjguSoDR4+`jCqF2NiQ)5 z6sBaT^db#^ zZ(EaTR#fQiE5eIUoOk*KgYvK2pC(Q~?i?(t<<+bfq)$SIw|xJpbdOaE2t>~H=W34XZkkKffM%j)yo&z8xH zTe(@EumNSqEET^lDmmkJo^i<){Yoj=dM>#;6R|%Y^C^MX3;Etm{2H;+aCiT<3eJo} zv!;Qj!PphHzBZmnwz%o|{z*oi8}=QR)Y#6ELA|OP1!1m-OOdSQgshnL4<;7$_2>lB zXQQW;mNtE{%hL1L<(#Ebu-?$VK#H)hkF{ubXE#fMm)v>>Kp~4Q>~cK(TS=i51o93_ z%af94c{(G4-Eb4~q-ISIIq(^3^*MUpFkQ|mzT2gmB5drsWr{?{>yrtm`3Os$s(IOR zY(-**ZvYcwSyD1F*6H2yXzsI}+0m!dHW86XXy~83vh7<7gREGa9o6*YG#wdZvK`@eb8`> zY(vPpD2KZHmc8B^@S0h=NJYw1^)EBI9<$p|0D-y8;emSa>419N`bCr^?&dOhFyppv zsO}Ty8%@?LN)LN)Z_On)BQ{>+<%v9kL1j3I080`Vs}s z3{cUvxfkwDBHri=fKeTL3DYiN3IsI|{Jy}VirPC5Af z%0@6ZEbkrZi(P%`*lm?MqU|2?6p{ywFiJL}iCZSQdR`wKseW3N!DFUm;QXTg{o9YG z=H*F)CckBk`PH2=OfZ5ynnu6C>|K9KHD2n~KPatuX4|WC_?kIWcXeDV)I^JtO-smV zLhSdn$7NQ?)R(H_#@Fdy1n+pH|SY!(Na6>9j6~HOYeat}vc}UoRxtJsQHb5A}V6{(D zTjM)$z0um7_ArfdEn#PZ z9}L4xSgrKhtDO}lXbw8~nmCax!TKyly_xYex+Gjt%o>|pme^Seo9_JgNgTRuCgf9i z1$>Zn7t>2S_{6`oMI8fD2OVGDpc53z~xJ1QdYmQhj_oaQTjBj1slR0B)HEc8b1!oKIM^YdE8m{t0OPPVUYw_vNFNN7NZ(;ZX=5Cy+kq zLoo>ir{njhlD3Q26OlblspVWZD|l|p+>QtZdjwN9g%>5<6mxM{t8=ULnS`%NwuaVA zu?0~kK=V`>P69D~5687B=-;ySlZhkRM7^I9eP(o-iKn2IHzO)Ba6akh;mYW};hm;( zRyVmPK5*iJORr_Md#dSKe4mS#G6Agnd+m;?rJnZ17M61)nLWPB7$l!86ZY3rqIlD@ z3Mg+OYuokTiv;3bFq9Nyhd_q?_x|si^}50*E5ihI(pilQ+7>_c$$}Dq{Dr~;pLsye zfrmihR|X4|O0Lve+j<-{XO9(@6X^y0-)}tSbKPWF=E3gv(M5tDW5hfm;0}VJ^2+dFs11~q7_r2PtLt_kW#Xt?_eloJ7*|)0AFzL<(p#-PmhdrS zS)RgD!=|(sv3*G%Iw4T|2Cp5wIyVA>B)6krE*TWIzNW?kObtFJ&3(UA{)q}D5O|QP zRMhuLd;Jwyt3(df`%@oVV7SMqF8q?09LZazCO`@2x{lqje6pU8UDY~}{zpGsL(gNR zRRTd;)7|a)mheg{_a43+u|&{PSqXte>4$7}Ge4eRn|m-;a1on5Iy%sKni6lQK>~Za zqoL!}wOe1#ONiSnK!xc?-S*ItxhXTqi{b5qSDY;U33K2%%X-ez*BjJd%*PEuFjvs4 z3dtP4Vz{XW=@^-zYQsq3xY_GL=NID7gu-mN$4f(?FXZceqkW=tmmP$KBfUAzW8TiB z{sOagD`Krl5o%{LaSUr%5lsjn1BT;a6&x`sN|-Au7K;EVVz2(Yy~YY*>%RCOyxjk1 zP}~4sMK!PuRaW@h(yIuMYaxr^=(9M<{Xne@egcC}G+z z`h2^uf>JAhE3MQCKjo7U8y>5UC3x|fZ)$#aJx_Va0{jS4{omzRjOP4=gjGps0|~fh-S??g={Hy`YBI(FOYdCG#}fa$q&J%m8;VgH7Mwe`PvwBkx?`nsS`@Gg*vlOWU__*0HmH)l>O?Ebi6h1VknX`xq5Snbz(swG$Q zk0e$;bpv$X?D}9OU(@@@Gl_Go()$O8`nYBXD>8cC^3ER5SsZy!bU(A62M Podc9!tIL(kSRnrwK7TK# literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg new file mode 100644 index 000000000..5b10a66c6 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg @@ -0,0 +1,17 @@ + + + EmptyPage/08 NoInstallationPackage + + + + + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg new file mode 100644 index 000000000..fe47a1df8 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg @@ -0,0 +1,16 @@ + + + EmptyPage/18 NoPermission + + + + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png new file mode 100644 index 0000000000000000000000000000000000000000..6b55011ef5c00deeabbae47be3645185d08de008 GIT binary patch literal 8732 zcmV+%BIDhOP)00001b5ch_0Itp) z=>PyA07*naRCr$Poe9)-RaM9T8mn-C955%eoD#Lv%CRs@GsOW-Q3Onl%pB7c1qGq|72xa3U4M!VJnGNpQ$A2NVRsAsJe~@4NTqzR&v%cki>$z2`p9*=s%P z{ggBAd;j+gd+-0gimD8)ftyNN_WS-h1G-GoC6X>~e(k?ME9sM+-=~J2%%=5sl}(%Q z2=l$Gq($^)uThhCl-xtDrSmOpOU}7Hb zTO>U)rl~<&`SuKWK0Rpf6YQ)4CjFs3UefE*n<=7&zm#->q!Wu6O@V``fJuKS|1RnF z>CF_?!oNyt!Smlmjcnw>RKTP?fZIy?L|PL?*XF_i;PCs0qDMN=;3{C!6#Z~Xf0fq6 zWNQD7q~DkHfysDvF*tTq7WyOW+t&%sx~^i#>8G0?UeiO$DUx0y>4QUdn!B$GnA{pJ zr+ol(KS>8j8WKE!h82fcp2Sl0fP@#`_%&^H;{DgIn(`26Bu=lB>v40`v>-bDrp*cgrrAFdQe(3D{J$t zo+9Z@D@zt!U<|+jke_dUw@c8?=bCFwt}_26p`BWFw+1-x033c-aN_t+#_OmuU zBw!Af^h=UB7)Q&=9q`muCr!JzY(T?maNV?~7S=vq(o-c}kg5G_%?<&W!yBONpKTUb zHq5H?a!Icqps#iB;ug&o3gGOKVY2_!fQC?l$w*GX{DPz-B>m(F+F+mjoK5p{%A{wm z$N>$zgJ}731DeTr2;=|^2YG<&^A*XOwuhnKW@YqJ5(QG)cYF3+~6&?i`_PfVr`uapD5UVq* z-hV_iR@>M`9R))U;E5E1)E*YuV02p%fMJOSEP$qD!9|6!V#BEtqk$Z&4Nj?;9-xCN zPErBG7K|^=R0Mm?LmThlsf@YwapqWUAl|r-r2i~!@?OAPr-`;Zth5RB7!S^XEc@s6 zC|is4*8r;xJB@w%S6NyT+FK}gi{cRQ00uv#-y7J0FX$O;HS-=x2T8gpy5S9P55Kfm zO8TilJz(%IhG@hJ82pZ2BZ(De>hksmG~b!}L<$=}foy;VgLRZVt=Z8;wdZcf0vPNn zf9CFKdByW3y+hKUNaEjLYyR#j>E@juhe3!ZqU3E2XrkJy?OdsWX9wF>im=u61r(7yV2pMACiQj3KDOx?ANS#clI{Wsdq@jDICyLmL{+vaiCr# z#0i^lFCLhwl>_suA>3NWi4ly%Vm+pvp70uTyQa^V4f?9*o7#0Lj#r^hC|Lism_5X zNqTV9WP{ovY=OwgRN;fb8Idbm_yxuy-}^&JPfVSRq)R2;W(;gw_P+s zza|N{hn&JW1a7Pp`7KEpV@nXOQ%OA$E&nI!y(7jCab|p0z@$h`h(qY0ThDob!5yFM zR1pr8q=(~+GL#S3uS$At!o%P&P2?flnX!eKo+o7<#8^?Qzai}g+h+DwE^I%H~ti0AUqR1^2ugvh5>affp#_8eZKEp*qXNN{JE3HUQN^-6FsoOxp(g6)X&mt{gI5go`82X%0R&@3`P?$d#(_mnHp?cVJDuY&;GvV2ErZ*N8=Mi|6{8WICk_ z+ZsUQ5mqP;lw%897H*Zu+)R`sXEgqOjgbb%r37bQwyx0vGbTpl6nSKm{W+zL9d!W= zUa%fl39RbS7)?dIhCsLgcu`9gzyol&f@c4Y^?N8GPr`Hga$CU zUs$PCF*e~bIyHetmi@O?@KeJFYHGrj`U4x_L^yFSn?FQ+1bIaY+fG1ZJuY;|fVWBN znP{s$0K;8Bcm5V3z5y4MsR_}WtTI-T?RN%w4UefWww2IKJtX56lXodPK`xmd01c)O zkKivy7B)P#lLf%A|HR?YB3!lRHfCAIV=2oG3a&F2!SYQG$s)P3EE8$Uvg+_+=g0{Y zz71*|cvH4~WV()U`4WJEJsrYni*N<~=avcumGv6P_&T3h&^#iBk_$Kl^+g+8z1!(l zPn_xgHdSc=1`9t2c#CkDOf@iB`im}$CHTh1MyI+B?K4fbX}ALYNT0$z%V5Y(jf9=; ziWi=-dW1_GvP&oVtpON_6mDW1L5XfKmMOsK&)3x=#E}n?bdxe5ilaIdRg$6G`kA0P|JHA$aP5@q}Nq5@YXJcfoT5;6yRK++PyxKv9C*3!dm+ z!Q+FAAC~|a?$P1@vdGi{CtB4^EVLUAgEV-@M0o2LfQ& z(-D(kkxc{)ylJFF-xT2*7tlnIR$#Xy-YV(*&`~`8bx=uJ%>!){Kj)1s1u#s;>iWU5 znA6oe_e<$nVJ?((t=t1Eu>B~iEz&5aGW&GZlQJ$Y54bfm3xI)j(i+2F61$3d(oT0E z=%Gr_f#cCdpE^fPuY(7<`LljXAIk#97wE6U{-<6C&Uo zVsX_XK*P2ct9ul&AZIMRFg!vuE?YB`02qvrR>B7&+amAmO@j_7%*$`3n61R+yU!u1 zu}@s-6BrjIUN3a|=kRYL*at9omju_bRaVi=TH70{JlCACKw2gF4&T~gq2+NAg7P;- zo*d}ijAJGdpq>;g=3N6XJvR;5Vywc~#sf5KKhfpAY%EiD2a47qQLNucXcQ(Iwq{YZ z!6^Y}ra-fHmB5n|E2>4H`^3LzO5(X4Yv)Hi%}@-UQ_v|6yD5QVf9&v*U!<44n^neR zSjImPKfzwo0>*Pw=DwQiHL^T~{?567CbE#&{wmuw0J%sC7g%Jz7rd|WO7;k;25~}O zDJ@_;^r};{eB<)r^{^(J*0TI8D;2%Q1-x5aRKiQj%Nixze0f5&dA2;`mC^#nyH$Y% zBNye)%E227;Oas40ME@H?3Z`U$#rFzM~Ov$pdrt*8o%4Q5Vs$d-HzKgb`e(LNP
q03NpH5!w4vDf9Y?*~RZ_vi%9JDKJ@>rFY(Hgd7P-oJFCyT2Seodm3m7b==Qu2; zu%$=EO+-EHRIqT+Cnmja#q3YSyEThkWxU=TgbZL%?X|*Ch!uvF#wsO|`lW(}xf27D zlKRi8zjZ24xH})3Yda`q9OyWb6A)19G=f`OonU;#2iKBcOewR z6Gp&00D0hCndfor-In3?>=~d#uRE$lfCZ91mg5kH#E3~vybWTe4sy(abQk2=j1b;O zPYe?t(46OY$UMM!w`DJpbaccljcs_Z!)LpJ%0k%XS-2b*r#w>`3#t3@~0NHj>wn#3r|R zg5KIOK~U$-teksZ>()N+g2#Oy?-9I6QU#JqJn_HJ*w9=*!exMAIVB|5+R>#=b}}5` zathXDu7R!6J6Oota4kPq12>ZNDTgy;q~oh6uxu{7%_`=X<0T#HcoEn)vO?t)64{c^ z(IPn3S(7PQ+OK8jYXI_a4)PWu5X_s}VzwVVQAjChkR!#!>SjF%aNF9ZY!BQxbaM=T1Kaf6x{}<< z%LFs4VgO?$`{OwB7As)(l5}QceYHO4oU6>a4s!77iEMp>apmD5!{x*xxTjd_ENb5a z*d0dgK3g&d09pCcNVEl`%(=>VeaL!qP+6XAExS?!9x5+xTD|G{W(VYPD&Ap;?+X~N z23cjSw^9r`I>kY&2y%^hyjrWla^<_7rGVFagg~^2bnhNVOsJ5z`NH)D3>rLE(vc2T z=2~S^$PVf%<9LvXRlFqT2PCAl=nffY%2yfZfUR%ag_i{|w{BLMs~bC|c&@XIm+Sz$ z03_5^hSh*4#eLMf<4GpVIT;ejEwKQGN+5Ku+w%&&e?<~3nV$}RK3=i|hJlx}hb1R? z3LDj&C#WonUxB==aF1Dp8(xkhZom*^1>v73IVxcD#CflppqK1`_?`WO_Q$KnSpWNO z4S3EGQKkSc4?b#q5O^!&wd@8A6>%}>Mch1Ra8TF~{~swStnJL@sK~+8ww7wZYH`PD z63*s`uyH7Ztu{ftrMHD9Shr+ogTouE4Dl#d$(17GBa(i?I+&(BQJWASR2fDC7JCT6 zXHN?n7HQOR47Lhq_HVV7JbEFZ7>nSsjOX$$@vbn`Jvd>dc&4ORSVrBWtk;m)HjU35fn`;O(*QdIQh!6y zMaoD%!UQ0mlxfBHkaBQ_+PW-A0Ssy-^s{$(&31vhTCX3>`t zk@KrXP7R1G(Qqe%u~?kr~*VO{+)qwa7>s@WfDsTr1Dc7xx9&0zHz0Vm4)~*v{2 z&MsD8M#@85yCso;@un_kFiTSmBs?o`o|0~tH54G>0Tfgfn-8~S7QrilEAK3Tp-~Ro z9J)PnMB-t6QJ*O*A8m5o40%Jeq1B_KTF0*ek7qmfplz(3kt+;S!Hs|mfNe1ZJ?DsL zC`PQMS!{c@)h))7dWw^iplv6T^2afSS|vaOp4-zMEUwXjVO}J}p(BsLWlJb)v~ad! zrAZNzHr*?wfm(M|4Pf`PQW(FuapBn-cn-kOI9|zK*1{J_f+jRtA}#^mnQ*ZYJ)hd1 zO#^sv;9X*o$4G){C_7*vKzsk}m7HOu2TFq5Hd^psgS{k0A}LH$#!>6qG=RtPKDH{m zoI|k{W(N!%;9v>IvPYoT;XLzYPvsSLpw7X=AVn%CK#KN;uZwZr6NCm4KZ$Aw0SukI zLlUM;B9VCZ%!9|UV87W4xy~?cKZK;RHQUoN(oR_t z9(i($tm=-XnN`fgv({}phXd)VvDg1@*8qq2=NPNKZC)1W+<;+>43q(TgeXY1X7EEr z3vmwHh^Cz#)Z|P~#SK`^L&r6j-f0NHpcgFpy!al08i#A)ZF@;iLv!kQj9K%#9wHx3 z(3Cf_8ILpWwm6tpYeNBsyq9dvuIhYT3)4V5+v`^Irj(oQx+ZH1co>cbJm)+`q# zQiP3$apF&hUtE=PG;rJImh5&thqN#g_|SkMl{EWF{(1y95kTX)Q}5HCCx^+rcG&`W zqfq;dvzD=Ipf6~aaybtT7^dmXo8GEu?scDCe+z3w7&d8~R2=x#RVhaU7%(9QWP3kL zcTA>dNK}??&Bp)?>PtP(`Yq}o8pYK0s27Q=c5 zUDLMLAFewbC`WP0nVP`O1!n_U=*XAS{$RxaT*KSN-}c8xW-X-zz@S*j^B$F;;T_34 z6WUr-^}DmVLY#dN?hL?7f2r=)@Mi;*ZFwGh%$tmJ+&FPgJ*`Li$rLFCFxP5Ah_^9x z7_~?U@&k-@ti_>_g%BfE03R6)a&9HPW4xavA`QJ9)wBJ=d`|=}XU%te2USYFQUHTK z`0Db~L!{xAoG~=*n7)?4-8?%lE-i@QEJ5Haz}V^`m+w1%ZXQY9$c|!?QW9WLpeNJq ztl|kler4vT@rBuBp$Yx*lHwUKmO$VRqYCLlh7wj9fRiH(J?k7w0}PWrS`voI6d587 z-)AJoXMPXN(2l_kMQZ@j6nK|oI*Oe+XQt$ zI5%Hc92iL@aCRNy@V^qs2M3knkh~4qAU4joGYMX+Q5sn0|@JpA|8_+~& zbV#0e>40H^DY<953cBF{#zIoDMcB#gbI%Txe^qK9y@p#oGJ=gNQvwW%@(@bTQ}7V; zCd~$RhNv5~b{<^0!#}{4_A?OrF}}XsCK4Z% z8vflKBi;-E1$IxX5E1|v*t4t^SCl8=7ND`_s|*>&Q~|>|e&O_ z_^|qV(!bA}A6q}{LAdIt2-`F+Y`h7B=k-lo5uh33xozuzs(@h4VD;LJTE?Ty98)3@D4<+x2_g&-a$ zMLypo5+20MdtCs7!ueWrg&QG51fjL#Bo91aTZT$NMD%bAYU@Ls_i9j}TDy$$rKw~l~e-ndZUdln&V^LVj_6e2GH{*5wrx+4dD z#=iPC4X;4T`4OUVfR|0y6)-3a7L-$iG{-H>lO@3zGnBBuCn+w;fFglIDtEjNtXYMJ znm6Ye@3r=s4f{~Gv92>_Jo4zA zG*0Ud7!*#3a+C`NL0Euh3|_74Ny1LV&ua99D*$6DzbOcu4iK1N7>T;5#2RSCeZ5!LV zaM>ilpuB4~t}nQNL7NK@nGN2<&h&j1aFm|E2?m=YYp7K4?(_IRv07j)X31f+MuU zwwLp#Medq`1Vj}uyB|Sn+Q8WdNs2#ME2m=ju)K(4lqEl?)%HXNHP6blbbb{uSE>j9 zGyISuX@W>uhZpU~#(2xts83dHt2qE}?vF?7paN#QMu|ybRY*x4IQxw7KVtGsD4dJ;}7Ha@TPis2)4@rU$K3pnb`l%F-WI&T6 z(=ed|04Mx_+HYz_m%^EpGao$I79l-IG)3*M{wrWCk72iMC7KbE5kT?Ed8w{8+nHjueSY3#g_2~HqxxyPNV0^D7Ml_6^kvT29 zBf-ZF;6PHhsp4H-h}0zId={yI@v9ZPz_A(ASYWIJG@IyNgOwg%JW?!Lg`hr9dX8TG zRKWC7)6zn0(IAi`R5*v6)&PgJb(?toQV4P2=XSG{3pot>fSkx^< zg@A_N=(+5B>ZV&P<=jF$@KBSAJ-bxEWLNR74%jNNO^YHDTr_H&Ia}bIKg`sUd%;KV zg9)t=jR}wTAW{J{h?;kGLZ&T1gWE=KA@xHGoRSIs_K|d6qA~`}oK^vo__Q3=$tFyO zGj4=(3m(y&ad5ebB4v*p^A(AWu?=H8Hkeev45sRB9r0xaH2kcQgx(Qj0L4|FUkOp4 zgl=EQI~hs1@ZWpr%Z>_|geMkI6{|F$i4KQeHMCPY;2FbTjk8wD3VT_@&_B47Y6Z-y zS8JI6PJk4^;fpz>a24III{Y0XVHEjw;0#NVqZ&TBlr~&-E60Tr{r~_0%1J~)RA5|c z%T|fhfB3SgU4~QqyrM$B)vTTd!tAN%qVJK+9@8oPj7%j zq~}=D0*JE@?kZ$p^9pt-*g#WP7CanCmNeRxc?FF3706$YYiL#*JO)Y-0L1D8Z}b-z z{N1xT$a9z{@as;JV4#djFG2#TsBCgBomRlO)HY}(UN#u)A2MjK<#m=VtC(e~6)+ZU zja!!JPEv*QBgf4q2?k#xFh`dPn9(1Bc>qKs0vf!bBYB|B0~x47F<@c76)*!m^$gwM z1>LSVIC-w46a|(FnDuzYuF(Mw$%ocOiUUgp%(}cVcBTbq|^Ml%!a&RKQH>HS&+O1rC34`Yc%>9w+j$SgD8pVjoTTzyM1ZJmDQA zGzc#NZb8MTZm)nzc*+y5$~KMd8UV_|a&OQLaXL6to@%HwTG0xa(Nted$2fZ8!a};j z_P56XqdQ5`nVjBl=AoAevydP(gi<=+pHT;|C&UZDT1Mo#pTK*qM1CkVu7}RfJJTSm=*O0n+RD8}92?B!PSQv1i49i(A!XM*Z>z;0P zPGzM%g)`lQ#&l~gYgic+?VUs^;*7XdLWVU!f>>1s8Uq)K;eT{EWO&tM|L=PX7uUZL z@8w&XG;Yh$I}2Zj!wkVM1Oco-v;cp4;5#D*2n5W^00q-q1WQO@pur$-L_t6V)Pw*G zilBpPLQI=Obw45ep&{S!>bDEufIzT_Rc4zO?5BS|y&cQ__7egDz4`jB7{v?*Bbt9n zgnxQ2DFONM>{D*iHz*Xm#*F^5)f(?f@BhP!u+a@_hW;5c7gtQPi?$CiPn5lGY;}P{ zejthJ_OV$p3mOzv3^Ft-k3-noJ6l~OAjs2@aZ$8&wt{fMG8b%@e8e=%eV9|Jnk5J( z5S_%tw*rl)b=ESX*fqY+$dgM}LlJ3cS8VDxyq%u2 zly)U#scyk#xHiqWML4cJhRYqE_9W^@YXId{XdRc zs@30;2hV9f1Tna?ajQi`!C21Lc3oyTtucY@vKXNYm{%^V1yRwNXKt{`<*mH%^YNiP zrkxKlJ&HN9VNbRJY(vkZu^`>B#9IjHD&-y7_a0pCx-&3hHk32+d`}wYI$N@-JhfLC$cY6Zde-~A!p>!j|o5}s;if)xje{hMpr#?72Pp4Ko2<#>5BaFR!} zA+xangJq_mfvRlnJ(Pck>vO##N+~IJu6d60<{=y)bdI64n#|$OeYcDlF{b^P%yvZd zJ8Gda{09*(<+~g5jnpY6sq)8Lkb6dxFF!pP+$}TF=J>(^&tvC{0Bl>S6S6D&>SWhH zjRxn2_IGh^@~~An5c%`Q5M!lJuTz)^L`o%cLrSn7Nyp_wz#=16zRV3WdsRhXwcWBw zq_J)KUXN$`AEk|^_^wci))i{XLINAk8Jq9+8NoJqpuX#f7!&o)Qjt@*)=2I}=r+02 zEn4aL(5F5I_~lhq4k-h^I++G3B)f|$^FvTw#(!N@(#XRL+#)1(T}>Kf=KV^#w7T&Z z`#1e^Pty?M_7q9Kv2&EJ+wDxX(v=o~LQ5Q_Rwdk&%wUsVt1(kL-}>wbQ5IopeyZW} z(OhAXTpTO`H7sheu_+IVGLxpqGUUqgD35=o1umLrd~r|5=mgg(_$_LrwfN|ez{VOE z@e=?95T4;HcJ7U4dk0@TafwVlw3U%%&UgSaUw<-gXzuOGtI{Y~hg%=y(v|gF=@-@l zkfi?fBuM7mg;RiUTB_~W5pV31qyC1K_*+m&zqZP5ev|L8|A*~zPtbr8UK=2FcT!m@qhAo2P3Yypc8CE>7tiQ+aXLCf3BM*<&;A@lw{cxl&#cYX-^9J z@Vk!)YKBKXqHCO={1g1v`n{n_bu#@25O4||4cF6Dwti&3zma5PwaI72)EI_ySWYtl z=D+~rp*i7I$Vv~VTTi}lpT~Z?QxOf@Sq5zb19pP}*MK*5AM5%)%|AKsKv>0C&|DrJ zt_fXH2dhMDYKw5|R4FzRnXN@A0|fSK|_FOo_XZgwxMV4ui`sBLb49saQVms_N*l#`F z`)RAZ1QP7+dhn9isIkyW_DsBP*TFfo{mEsr^&K}yJL@m7vw*+1I~>21k{xq|Df5H& zS(T`#%^u6Zj~xf#hJmPDP{cj>%EM5y^F8JE3@b@*S|NSzA=7Q5jg^4me(?ELnyIwK zGgpfsS&k@q@-VF$fg4FtpSl1jw+TRDEKhylne8~l0=k*ex&5Iq3mU)l zmr2C=T*5|SGa$+G82*C@&nn$mAt1CN4rkX$$=lL9b8P&FW_jrz*45fKmc#zyw!cf$ z(_w)uudNTA5)A5YFM9ZXyd#{Lq`U{E3akr2dlt6QrpQyj=cJ~PQwG1Oh_frvWUAfw zLDgL;X{VWuQhxqDZ9IEhRm5{UeLTVi$r`-~$4kx&37t-~nj%M}gB*n`@aMOe$mX$7 zCb}C$3ixh=?$)J&b*~yQHW{6N7M>OAW4&=(5{GP*-LodAdSMuIZF>f()N-M{8ISdh zpa6{r5=*B(&m>D3cj>IRx$>$TC`b=;1FuX%jy@UPUswawNzt_G0?Kswzt^D+R*hhU z9vmN!x5YTNWG-f;+$IybTZBANk6d=t+0c*=8^fji0-X5EcncAm510t7TC#xH+)*QcACYrqMuU5{S&Xz! z3?n3)U{2X!1)Qt@qQ6L5n5tBmwVkQ4y~I{+NBQR4_bZ|aE{bQ?YLFjb8;dEA^2N{I z!jAC=yHp}L#3DU%I6a~v?d_sLSpIh}vvp4GKI%Mqu_wIEF8c53-Jo1~!JM0O29lM%>+}uVY+q3BwUEQxIYs3j;$ui4QE!V80{Aaj1O|p}yrNc(T zeN(lPTd2&onuJ7x;#4zEa)GvN+&!%M(t^H!85a_z*H zZ-zS(8gRasDhFxFB>yqw6OMKh)pIxymo$}eQN|G~Cl z;q==g+fCnj$o_c)@qUM-*6|*YScnWvStQ>shs1H!)k;`sXieiPJAxm0+-L=9eU)DA z#lGC07(voxG!f&vQAYKzq=8D_adEIw?({3K%0+#tWc_y@(YNRJ;t&7qISZoxK{cy9 zoz$!3l{{vpL7Z5Ek73gT6-@)$KhKHaY6q^p&H`!v=;uHG4&Q;!7Uo-be;VL)8w@e; z#+k!yKct0GNs@A;?r1W z-k){ve|F;-^lLytGq07F*$XF%y&y=mn8XCc`n;(Np?@kOV;8k@q`f&=VjvUGk9IMx z_lgrRG7l!TLuU^=pPpc$fME255Z~~ukmXkq%uZCKJj?pDl9$ z*FB|-9Np!wrjKBwi6-UY!ja~;QO1%Y6v@<=bYOJeOK(1cs^xMoz%T@_L?bLO`p*Ar zgFMevysNm}*7Mdu6z{aOD3*oK9-~6JeSQt+W2hR_`B$7 z@n3jWGt~3S&-IxS^}cW+UQ?^CMXm0`db#ZR2p1~IG#A> z#%!ak+FQ-8o<8YDl^HHjT9V`}kJi3dI;260D11O~u9i^C+5y5OVLeNLyEbb+DMBd# zYD*pEnoihTe4eM`K9caGH;r$JaU~OE3}Ccd48paX!WtxJY%t3@ghaR8H`;^-IM0GX zXR65@vLMk@9u;S8wX9xH`>ua|3O+JohWWzxpls<>*||$?K3HJbJLu~|GPKVFL!j9L zz0#1^xyNR*3*$<^@B6s?IG@boTy%XJI*+@$0l(Ld=sBy3ahKK}^9Wf2v~GYfwa*uP z))Mx*6aHHG;FWPz08d6`W#Kl&>P}*$5VL|N@F3MV&50SOnG5!;_*d{+tal2AA5W9Q zzgF71R@--Vc4t7DQ@20(E!B{-@(0NVIde{%Uq8<*u3lD9M(LMw#je4B9gGr0KqFY) zK%4Tx$$`BSys|HCt24R3r88yAs%hM|vA2-X{8cHCMJ#@U+MOGff%O!J*{9%D?ZucsJd_*s@qBe6-rlN8OA`0KnE- z7Ra{d4v2_WzvXdV_tExkj8weeWZho^8B5g0U#NLGXIfB6Jj9C$ADL_rq0+=6C4}yP zf9y&))!ZRG#?^<@$&8DkE&W3Dd}XnRLb?b}&q4VYgz`QmdTO@{k`puA9x4iOJ!G}CW?mv`bK67<=AWYW51TFndKE$$k|Xc7{_$!z7KH6lN%OzUT& zc@}q6Ce0K!CWO?ysYre0!2sWXJ0l+(e5`=w6J3};GPC>Lbl7dL*;B6H(iQJ#`#RD4 z;fAItC|L67vZ0es{5H44Xi3v=H3mP$Svt4&W9KN8NH5`^qY7?*U107quf6FHci*Cm z@Tx-k4B$Tdk>AaBIHAnndk~0C_}N4q7l7ismR+jH{e`YrC3~X}25h!C|L2ST)Ij!V zm=Mdzh{+|NVjma79}@CdzGVPiG^@=_nm{6%;qp8dE%lB~m)vdXnL|Q=M(@mS*pL)G zANm81+poDsUN5BCgDH;r&BK!WWz0j{_Qm;r^j`!N52w+yS_5f$?R)fIp(P%}{R68m z*QSu+;QUKp(xQ{Hi$5OADFxdf4cBd86~YodGeEJNTK}=LNAw9xjvf~waj-pwtzEz= zwM5w~800IkEwv= zNi2KSysIht$yjAqnp&Uk=!NY2*ETF44~zFP;eTIYAcBXQ`jrNiMT%{P^sqcvGnTy^ z>$DUd!A6qa8WFF?aS(pB_}zJeGSO*=@e5 z_B$iyAyhdgv%S)aNy-{DjX7ts8r%yz%@Tb5mJkh#31~y1Hx;6 zYc6N?JGsz)_$D*|aIICX=NWdNl3z`Qk)1T-vQJw_`T~&{e;v~(?{9Psb)5L5nbUr& zJkIL?@;;@OCMYf?esT$9s17HZpgczi9rl-_xj|nS+f!GtyfE*d^lTlXx>5;0xkw9`+1WdDF{6+iH^A|bp79)o~mvQ^&*K$vP9ein1*A3yU=}7!i6vOk~wd>l($R+(| zz2sXvFye?&CK_`t?n^E`jNT34dlK+%C&yKy#rsbCLi@vGr*htKcdA9?zRBXkbs995)W%Ht{LF#(FaXYU^rU#Fe*^6nLOcKL4!$ z%xs5H1}kfb=*v1J>8mn}OCJi2y+gGZX>1?b8!6pa$<1erq(7@7R);e|X+-%HaJ*Tx zX7iZ6Hk>7%f=@PPuETY8YBYGGKhoabHU3e`ta2%Cs}jC*GYO&|9jC3HLnD!PBf(G} z4(gmRxQwZR+HWk+<>QCTbC}N?d;Im{oBQcFi0jSl=6n-XOkdPbh86UMmlI9 zijo#lIHF2jGWIVku0wLvk|3oF_2VjN@ba%t!p+5r7BIiJhx1zd$5yxxQR9m27yKq0 zivLD+KzN7rjU***_(KVt`1n8(TiA|f_A7YXa$LH-(|epKzB_@BFH)Bd!!PEgjrjBD z-Blgmy@|+6#a#-!N3owKYams2IRL{t=H)p{Kz$MmnxZFgAeQiNjOKRqrucvZJ{7fd zu%=oE#X5=2xqLha1%;leA6tS2F0Hg@>~H|b^3s1wWOn`t8qHao%g=H^6;YFDVyuy`uR2Mh2G#3ny5;LG!}&H*)8ntIVOVSU6Y_Mbau1p^&8(zfv3q}R(1Uy8p%gUV zil~>QQ5)KSy9X1OX~bgnC|)Ef@p;gs6g`~!&L7!f1v!>|41g|@(R9A5!W1o7aQMH{ z!89KuM(J?6X?K?howf*T*GpV4(=mL?xF2=mw*owNweSrCKa9kqsEj_W{ZkFWh~XvV zL1{?!K4ZqCiVy!UK8lqv9}i=I6a%EzSRCuUrI~nz!@N_p_>VMDq7xmTDa4@Qk+dWP z$pTZSWwGJG*l|+uCAJs|s*f*Fp*|BZ#(DZK94PHyZ@~GO_j!|YCD%KS4ol1x=gC1} zFG_Q+g4&=f|1(v`$59C0~N|EyE!XHM;ORk}qrw5pZ)$MPD}Qz^K#!aS-u+cBM);%B{FPpy}F zoK@*N!JN;cXi4tsh2CDZ=$Q+fF@L}as0elsu*BZWsO2q8=m6bj2uakC5O|3Dp*%T- zBI1H?lVpqc*TFb<)1#)yi%RNT^{{v{)~x1u8Y=?*WMzssr$)-v(f@nHsK*(WjvMrG zwx%enY}cyPtVSq_E5Ywjo&+f*cWDB=$6oc=W&~+(`?vx5!FL_5@9{#RI6)OOc4VLb zXDvZoWd;av$-;G)@RBkv_IdhBIi=ppC+Zu7O)oxku(OS+r&z>xGLjO8$A%MKQ1kGeiyXx(lwp`JyR?5dFCErtAI&(UJy`WUp4 zHG#HjjtaT`ZYUl-vG*~`9|l44!ye{PfLt%u{z&@Oy@0OowSi@>SO^VAvn~NIi{&E= zHf^^oIXUb#>0>ksLFJ9i=1 z`uMd~K528Ss~4p48^$RY?DLJ3OcH{#B;t8%m<&^Ay?a56XZ!ALtv+x7PTd}H zDx?sFdTUnWq0`FOm)q#s1@vSkW=$qM>(U$*rr-#E|28KN0kwdb!N0xZd|v8gG`peb z??W0^A7*8i=wxKax_BC8|GBQ>Q^S*Rb#a`kvuw~>ml1v5D~8lJZx+=gz&wpDHbr9#tL7FCvXJ zvM!%{*%MySwB^SCsl`GO2Eioy2NF^!+RUf>2#wW4GYoPI?YW;e{1av}^+Dk!o zKYiYSF&o;0*>6HgKBHXS+zGjzu_Bl@HD?ff9SbOhLu3pPcze*R$c%${{d!oYn_NE+ z&#RwP!?nQ(zidG*8I$c+Po_;s2xo}0hdDM+&i%;z>CS?rm49qNaRBeBuru)~sMh*< za-Mcy+l&Zugi`UvRL7tz2=sk?Dx$lwHNBd-wD9`MR!A`H3uGFq&B_GnsMk#}3mapqodcihLeTHxd(m2hV zmF8D)Vu#W}x53mol8t}{dqVTUM8&*~$Cy>6*)W;1L<@M-R})42;VFKqNluc5Xg)+X zd6mWH>*1_aIJxOF#NAHeD4*%SA^4n}(2?PSW~v|qL9V(QO;t6=I+5MpDVjy~aFa||rSn$ap)Sqv9L3Qb<=)fXoj;`I zv8q&mTGi&Ja|OoY34t>Seks}@sm<&i|0^xIr)@X?h5V15j?Q_W9lIwO$B0iQJt(cw zu0vt{$gN^oEhMX*wqY0PJjDJSr|L#V_BD67Pr<*_C)9cLKd6)E_+{L8olID7A3t%N zWT95Jr#OKdaF8@NW1;wZ^SfAzPji{Ent-~q1ETsgI?$HSzk=Q(`5)%}SLyjdL%RDs z`{*>N0ST%KwPd$){aZq<=$n1*!42<8rxttu@qGY&kfS(1lK9n3yk<0Ue{(}P**gL> zZo^Rrd#>6;raPfEOXN*ymTgxXnhZbcMTYp$a|Nm(ljsG=f^9dG5k< z-43&cCmgq`5_~RI+!U6p(p3fm3|tHm)XU`I<=nemqZW9`O>8goyoPy%^8z~L1^-ql zg0&G6*fN^#gWa4RL;Jv-{UU{0`u9;Q3ruxAYJC`XZfPXCO_^x?A4=v4*NT~XQBXLV zqMi88__J>n%Br+U$KM^`ayZ^;vS8)U9EIhi(etyT0KYYe*wk}_Rymm63 z`o08be@xRVZxbzeJ{~dFhWVUpqgW{~=?73}rvkMwCby&dL{`QF?zjfq{g z?0_4=(A?Y!Zq1&A0^kf6+RQA=*3V0(t~$OI4Zm|MukpUglR@lX9+CD?gR(itL*N-DBW9=6}`X|b#Y$chhQ zs8@e_dUpT@9-i~~G@7gg>5i(w`0L zb)5@4Pg%gsqXO7np-npJ*nZ}Etw?_QMyYY=pgfidKh-WKK6l5Ot}&E zYls_r006z~KQ2H9vX%Fs`M&>`HZGI4Uu96ei8{=RMyVr4!xRTLTVP!z`ka?UQF_m! zY@oWZq`7EEaAA>=EVBNU>1Uqm@*Z5O$u!y2Oka81uNxe@T6Thb2QnJcL?jg)asuP_ zQ^=h*2^reO6L<_2@RCO`IQC^+fj{oZeU;;+Udi^L2CbcpZ4__G%NphajfP*Y=2(z< z2ua0Ir0!GQt)l^)pj6+>`XLb=m?8N}Zi{Wdqu}Gngt$-LZr1dv} zKo4xbu{`YoFesfg0Pn}Uz3<)TR8J+sD=>&l*t$PR2Z$yLzN30GUbRPL_Lh&>%##X| z%fKG6v>B8x(bWxBcdzf7NNs(wYR3?AmU2EF4DjjeUL+pD2JK7x$IWSrgxmA&ylNyd z>ze;)Whcl^fbU|;3Cci2gRj+CC5=#Q*t3M3n~UOfeX`tcs)j+canT6Reh`k|#MLb1 zk3EAi#wpOE$7DHEvLHb~jZi=ip~<*#SwxCaI<&k&c9PZ~Lmn0~X$a>7Mir|a5V3v@ zis+Bi`AX6^D-HR&jP!E`9;f4GYc&L`Id{20vYq+C9^`Mvu`iqleG%%7V%9fh*~kMf zVV8CauP$PjGBhBm;8EADHtGEvLfdO1q|WKlyjU@e7OTJ%4R6IbdyEb;7TU!JIbnD^ z&@?NiCMcMzWS(f^jqUVhUAcocBrfhSJE<|7CK62^AcE{ok6dT?fr3CkG1$0@ zpkopLl+?R_XtUmNufEDdS1iCOO^9a7nB2C?&?mZxZB*Gd8Osx0L;#KLPc!oqU8GX5 zGFL18i7v7V%2!!W`;RWN*&O!qGyI89K@tOxw55Ndi=?fyd-h>J(M6ObaCrZ}RdgpF YAVU^07hq)aMDhX1N-4dogc~9L7l-Rzb^rhX literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png new file mode 100644 index 0000000000000000000000000000000000000000..ad0b28104f4f0233ce203879fa494ac7303177dc GIT binary patch literal 6144 zcmXw7byyQn*WbpNBZfmdgbAZW>6V(blprY~4bmwMgOQTb4blhZ4j1I8cYr1zKM!Nf`!av5H(D8 z2w^i{?F2=3jb>aHZjv#whb*!`2gS}ujMaYbVd zv38Wlmt(5%DUr7_x2dkIq@X63w~3~pSt<q@vMY04dyn`c*mIlc# z1=iZd`)1rt&|L|hMl4z2b_eG(bnX`YxPd27&D_j(NJxe(yjk11eBEapdmkimySC4w zcu`I`t@>rakSJwMa65-OrXxXlG?SnBm<{l`BnT~F%|UHyHdc94IlC`ok=-rX+jZN4 z^C@_;{s>JV1Af1u$`s_IV_26cm8!~wv?YJ0`nE3N6eXZ`;VW#&ch}DM%uJ6#X&N!X zzfPZIHcFN0x>ZdYh97Hf&C>VMLDEQKO5?vMtjRhBNxy{Ey|d#y^%SJKdfIv1C&jM| z@dzP_4&Nsd5w3xe>52n=X}$4{C`X4EzlP}*N7L!T2}9$M<$#k)i`_%wTEn>(-j@+5 z-SuqP%|7ahVG^l8_kNYhEaLcdj$TIZO~xBM*OK`0woVZLmE#NU(sky(HT?dwOP(xk$MnI7_Y_L6Pl(J8(=D;D z%Ve#dzn@+}wAIrvPP2(hOX#f%yraorAiZEfHrF)q52Vci_7~W07*?lwG*?w;Mt5c% zF!gh9C#t;S^FJ`pOj^;t>1TwaT*-gO&i|IXleaw`qMFN%+7JhgFn_F62)&L~mx zTVzHEI70Y|n;_FO##vnjr{pFb+0+l>ku*UO-f}j(yDEK8-MC>wp$9XeF)l2j@c0Ew zVpfh7#g7A#8Y5QkdVrU9!X$Ww+h| z{*W>4ss6AHni_i(*EfjphD;sx*@yjPjf6Gf;)XQLU@NsEmzwB}4xdyM#rc7&tS^||7xv2VEhqt9n|sREScbq?yo z`0$wp#J?pUJCGk`24c7U3;l-=x~Ph-gz$vOu8Ko$lmj{2{ye^N6BTV4vN*;`LHaam z>HLdeOwekdi*_XIP((>@!<8yGxzOS0iHSA;a0PLs+#fR%oAsl&dos63F{Pdc8PE&t z_9*HOLjG?~K#(gmf{hs>Sn~ra!A~w`^iVTVDMLb;%c(j_u{o6yY zQ38~&Ke;JBCtW{66(K$xzSY<0ycE(hVrnB*NFqS^R$L%4`dtJTO}C1uGCd(@qrJQm zf%&pI0-@Tu4Elu8&J89-S+CWG*;t*WvkZGXXZU;hFEF<5(3l{CNO=Oy*5?6iVxbuA zz}mt?CS<40rbYoR(;vF9cot^hWmgr~#7(|X{FoIJ(r`Mf@^L4*BwHTXFQJNyg37pk z5~9X1%Lc;UVkpAR0)SC2b~8pqltG1en@~-8=|rf%`QaLHX5io*JA(^NcM#{Ndrc_a zsOAiGr&1)BkEm8pRHyr6ZPIq4`nM3Z?7IDj)@~P7hqS}chg24q*lbNx#2aNx7@Kb; z4Lhz%tym{`i7CK{iZTcH^*+#~idlBP zd8uSo8PA#11F2^LyO)aFe&lAOvgjolh!1!d!>A-S>;;fTu!&TSn1B?69^FYb+Hlcx zD~@$eHUtdc&+pu6oYbK|k1Q@A6vVJ8i9zF_8jeR{XqV7|JuUMcg|ATxq|cM}u*(Yl z!7xKEq6iGSN1KlHIeeTO55!R={(6*d4v*1U+S|%z_~b`9I!YhT*q_2$*RkhGZ$)w{ zs4jsSR(jLtE^=1%YWsySmE3srFf5Y#6XImrqyKkf)SHx41ywYQ0G=?UM8#Ktil3GQ zx1mHH>n5#%9ZIT(eE&XBuRV+uj#>WDGE3Vs;rGNa@&QXERVhPRE>Nn(XOWNBLtVb# zry)Y<+R?TyoO7?%X)BrM9Kro25LNE$tUc{Zg8VI|R{KKrr9qPJhYv(tZ@OueG6f*U zZ_l@kTUI#fs%W={p&HRf_LP?7DHA4{0-GjbcqLBS$evTpx}?4CfG@IcFA=H;OxnJ! zoh9ok-D_i=sUD5a0q3A9D4x_3K29$MdK|(5f>)uSAm6OEyZxK9R`f{2HfqIZbj6~& ziU(jQhj0leh7Kh7hg;)&EzOt&3XIUjaD(@(HDumPIfz>2p^j#`>7QVt?i`aT$|tu6 z5{bvyk&hFn>4Tb;A5n$_YQ^vbL6kblGU9pPM*#~k?BO@M#2%_^2jh0o4`V9*OfO{? z=BYl3unDP$3cSTuR-b`u@4El{fk<$hm;+p>+Z}8!?&FhLq)+S$_YVx5j7GPfD79Xg zF)A)^vM+w5@3S*VxBwLcfKdX7(K#4LUnmo-WtzKq5-!sx3!}x{2dp? z56SM{+qyYmLiX4ZJP%BVe`2=G}X+Uz)RQ+hl%F|BsFW zCdJWAy6}@BbF%b9WSANW95NQaxFyP=4VyN;$CWm|XF9#|$?3IF0rGJInsrGn&=LNg z;N497@$UsvUY^0FzJzQiyP)=PFB>(j>@SPCaREkHtAqHUegRKP>>*R}N5KHHcSCt( zMV_j0l!(dRaF*_wxCUuK)knX0x0U#9$Ui|37@ue}e^ZjsCNE|vQvpih$WTI2$aP{M zBotf82x={1y!iKK&oE@?L9obVo1lE$hXYA6k$?gklGQ%(Pp|tXU3ylwu92DYStQCJ59)| zcGOI`K_bm7`C77x89TT?{!xE{x~3=`G3i1q6VkTCgN3F1VwK9H*_v}D8uds)7lFlG z7bUyqcC8(j6J-BFM$)^+6rcG}=_S4bD{}U;5 z8n999m{ZM&oRQ088xX4|PT5xnePLVwMN8PdF4{_9QyT0>*;BP5sW6ZEvl?7#s_Q+I z8AOgH13+lz^9W^%d@FSREgi+~h?=2=w{U=!E>z6?XFVu^K`T ze77fr*BgJ*M$RVQPoiH}HZKJg_)=-59Q>9K;}Esw93$MF*x~sS38w%>)MV@A^ENL9 zX`WK53)jdEUqJe%?5i5IK%^6*?Ksw1CpcEPHjk4e0wbRu$^0fCRf_7J`o>)q1nlWz zq3xK*&G17)A$OK32G4-ZJC+_odN` z(nJWN=3Brxl~rl4=_@`F~(XZ#7I(RgcW0`^9 zOvaoy$SYjO-{##Q@VVvzVL1WP`gJH}fQFMQ_;A6F)8lgneU6Sf@xgMG)yI)3q{Whq zov-J@S|Z1f5CE$aIfO<-rmIL6^R>33C(Eo30QpOU?^iSVH0L?n9eyw#VExfwhogtz zbZO2eE`{XoBGnJlpMg5G-)Wp<6p(u zv*I=!ZNa>zHN9AQKcyvq0@xu5k>ONxNNF|9_!$fhE7*fN3w-DG)z4)gjiG*DQ- z>dCUVn~4rLKt`YfPQ^5sTnabtCI38iRGM733Aus_5WJLR?)2~5Jf!bO)iNlkpsjd6 zbi{>j+uBT#zzKoGGKa)E-lW#>8>)8=r7$tBw8V+HDI1Vtb-4>);oGLaMdO+i9V^}s z8Ekry{!W5|Z}`;tN#(2hctPi+d-Kwb?VEyiYyp%i5*SktVqPZ-o(F3xiO0qA4D3iS zv?7}U|6&S9YM&fi{ggA`nWC}51hl$TzLVREdk2O=XlD^r_9?x*XUBd6?-Oi)m=H7GGuEPu1cY@x zncRFBx<&pO>V>f#quf zReM(gQN+t*_TolPU6plQDOwr2tWcCo7SK`m3NfC;`>%EIK@wF^e$fE9jEA!wi-ZA= z*#Q@Ri+<-VWt}365%E4{@M*-3shV|fm41O$O|^xjngl2m@oj0a;?0`*l$u*?xt0W` z^k{1|=0r}Bhyzd1S`TTO%C?jGwWr2DrhW}%VLvD!vh3uyc}hpX1e&6sHctwT=h&A+ zVrT}h@ks!6k-`PH?jSh>Fmv==q~uKxZ2I$GT-wy1#5sV5oAL)C6$hy4^W9y;a08}F zRNE2%zVVlNe&C|;KVawwj@b@>$jP!T_BD**>rdh6J)Y$lBV_oN4Xf6wp$j%&O|i#S>}>^+yPfjFF=MREyD^@KdDLJy#dXred#VT%d$xIpd=@F4&%yQKDr;HXy=QH{z+E~{YK4J7o zTcc3qI%}?3%^00Ih&-sJvU=6!YVVd30y0HDx?qpJ4Bj%O<%({G1B>~yvk9SM?Zs$v z-4Mt+QO-XdE09>B^9!z=E-HD%b-TA^0u2g?S>h-Y&j#pQ-JsUWJ8@3^Jlk>+X1Fo^ zep*SRX};ReGO4de3RHV`CiT_)$mH;?M(|l~@9Dyo`~-r`bGE{{S0;p(wtQY}FA@`Q zG+QfLLGE-P7#LkevDS3!zX;CcTn%)?3a*lr!M_46Z^UpvEzO%)D5xQ6L2>XNgPu5UDr!OsPA&j%meEG8a}_HA%EQv(EwhM*(GK}2%g zySv{pZx8|)3F3j=bk_;CT?WQe;>{W6N@`^7zQfSx62X4lb{h1U z4J10;uTpy|hQ9eSGt+-Ar>)Jc8BO`^IBGoTqlH*~2P3=O+RbHzj%aLEHFiN|63Jw& zBl~1;*J$hehkeeLADr(=W{0!3nZX@6993s?!|AA2?W6S@8ntasET7Kr2^K!x){@md zHf806TEi<^nk<7e!ju53`wF#T(KhQT#aQzvb#Qy2Oe6tPBpS+oXI(4)a4T}Pe=&f; zUq+i7BQaom7M*JSva_=6MW^j~l34irAX$cqioSDD0a{zUmL>Go*89$2 z9i1gSPiU_=t-cY)nMZvz^Fj8MLcff~-n`L!&D;ynQmao#!%16v;NSDqLgOd?PAr1K zEbC2${?dsT-QatcOO_bvSt%b3_ye{wC zZA|1-y$*<+Mwn3j+W8Tepq2gLrr0OqsY^FG`-Z~rW{3{pH+$%BZYmZ7hjT+Bvv#@f z{wzsEETO*7hj`ctP^xcm2MS@??KREh4q*JyhjR()8j1}{b3bi1*{Xb7UIP2Wch>R(l_HPlMLdow2>3wOlMbjHJYZ z#nvKi-C4h<}cq@<*Tlnk8%(lInhC?Pp?hk(*x&f)vYojB^oLV=+tt0 zI6yn++qcS#$|KGw;dJ>n=@4DN*?-@}!oD3}*Iet)J}cid!I>t;!He)B2jMYBhC^(E z0mP7Re}#c=xY)`dF~)b^nprMr58)-iLsUcKfgShzCLIqiKHZ2A~ zZ|rP(?|Mr?{oKz!iXe_f-=JeUl z@k#tsMzt{_400=d20h23gO4S* zaHzWCD^D6*A4!8?Dk;*OwRx3qD8}#)>{~*JH)I<=ax_g3hFxNS%J~o?6J1-SVGUE% z>(YFZ?(#y-uMhVMz*BH-dkjhcxT!GA^6TcC*Z$Gq%`dCg@(gTxIJ$TupNl@1e(wk- zFpZ}gA6dG1{WjgUKN@WAYt`V5b@X=>s71aRPIcjmnE0UBIbOe*l{PL*KALu$FVyx0;c(ejhubud)HWgQ zx9+=KBP5xho&PW(SoPlGi-#R-s3&^L{}cOJE;8>!Q7Yxn-o7eHw!ug5y@$=RPqft; znx7W?G$vObPBl&o?ht*WnCFlE<=xhS$0vdWAM#Su9-2|7X+V7(j2{44<#76tM`JOi zj8Jl>k3CcHfZj(9CV=PIme0X+xciE=_^z9~@_rPtaebT!O7b}sM7rk!^Or(rdW+3r zzObltBPVx?)iexn+E!)lYl)MHfszh~aQG^Aulm?FxNtCS-0T76O~XW08~*jHx=c>{ zzP5!3<(53~Jnw=nAgt;nf+uxfUL`c;X*!c%Bf(Ugqx2h&6pjV1QLuaBn@2#{#9ymL zq_wBEh4dVw6?Fv zkzoFgE$!y-VUNOdx!-MjK!CcfSvhB@uXB^5m+|~&+*c1f;Ze?!;!OO>IrI`I4jxji zzEm?Y_`;GP>Gbf`d7X49$8+6xQ9p)CO7O)z_DVGR#R35IyoV9|_Zi|JK^wJ?`J|V* z^5tQ$jg5a469W8xuSTR>)Mx^_X){e7o^eRU4cp`0>k-Yc0C-+|R6&b{_@9c6=_ZWp97yD(oLt?jB*JqzDQ za~&F6utvV3-cFJl{**tw0%xKib17mdRElCF)U%E~TW2}6 z2#Wu_!H3<{T4{`fy=8y(muR$TxkTrQ?d)*QoXzA+x)Sst? ze>}D>GM2m!qUAXxvcT`AOdu93ec0Xt%#=NY^vBn4aqXbB`+3&ON$VtgNFCe@-O&Wk z#?{wU&?F9M(U}P7LXy))@pv=>&BfJLbx5~G0_}C zo%|;GPc*&5AnFP_<2FSZ)g>UHq*(FD;a3IzzE!+FnVy2pFqv9u0H4QfEUh);ax z0532N7vEW)mXog@_;PF}B>J6ihdiUJ*>J z5W>hm;a$SD1685FQ_aqFwYDVpOuZ%!k@}&Jtvb(z^>)@D2 zD(a)@RD9)SWGI{pPY>&9&z+9)etDzKg?~!dkSM#sMyb9P%c{}BT%44pOL}!{SvEKu znjrVs#Tk~d!f?xB&^-lm0PS z56rj_zziN7Q-ucP9#_D5p%+lpaxZalm1Vhp*2`e2)|GoA1|P3;wvovj7l#D#r)+}U z*^{jw^jP}_sqqzWaG~6;(a>B4lHnc>JcTb7%?uDK&3BERvs%n{6H5S(zLE8rx=Whj`Rvb1yN<@p7aKbpaI@+Uh3kYfBmB;4*#G5u!| zQ)d{QH}=NFGQ8f$+MN9A355V;BUjF<6s>tNNEhuZE=UYz)nuUn>j_Q$Rwy} zBj_B-c6UboXwTqG4KQT{!^ai|i_TsnRp|s3bp#{6ljxqyO1TiBRBrGiWkj2> zU`8F*nbpC9<6*ybux_HLxa#D&TGE67wZ+4`?kx6dij;CGFSi50-&^2)Kjj&B5k ziNiLt-@wO!4%3boZ{J-lNVQ5I(p9Odf|mEk?2lWj<{w3ak5!-#RyF)y2SW4v?*qdy zM((zq$Sb-~;^JPcx;rHd#KTTg7;i|TOzUu211)uER(jh7fvb!x<{0oqbcwrxH}{Bs zusf}meh+1eCV>p8b(qRi#trRd&5cS~77_YJ@j%0zQ-{*7$Tokm#@i9Qp1%T$%6DV7 z$Cpcefy?UZC#Z#hS8g#JBRZ~S!qO=9H*FJ|0i;(4=dUQVqiWekE|({)r5V}I40)fo z{cUYI9?X@gBatTkN?uwQ{Dh{nmYZK>rh$yeH&EcUcif~HfWDXCrKM#C-%(E8$1=HO z{@!e&0hA2hL$=fl66|#+Ta}vQi4Xq$j$|8Y^_mK3*X_)v*fxs63mrOzUt1lU;;gqGu>*j}*aXlIVkFE|(il6=lCq#qKBaVea zDA|<4elbp`f>_zI37V%lq#)P)))1(iiCv2qozudD5$kLQlny>~T){Zb>X!%6e!Q91mAO^I0oRgQRblD>KQl-QWxIr?kv`vpF>J9Ck&h4h;2`X*_ zuLx4Z!P~u95%a!FKr}bg4H7)cX*>)XFrTLy+pE6LU5N_O_#AC_{8x)(Mr=gUnatv} z989{uKN2=D8rs%l5zk2s>4q5>`LM)>opT?&7)uKheR>1e6M%mQ4}PIctu37QHegbe z|5v)ILLuM*+^7k<=4Vxe3Q$v!&kc{lt^|u&62aFj6Z}%Gha}&rH0a^}$4DhJ%gKV% z+O_ARYmtG%aH=sEze9Q!<$oM#WhR*&{>9rUTKzfDfQ;um6vZ0VF<~K>$52Cv!YbfD zBBud3zF>Oq_hsYIcv+?u<46GjTjv^J@}{@;%ev%=tra*TFJME@Q;KNp@0~c_#S~W$ zLBeZ}?=dmO5_f}Wl1!k3m?y~l%$L$;5;S1VL#3$&$=}i&O=!NA)I|pirRCYfL0fpB zq90euls23WFK;DV4BJu&8n<<2@{h-~7DfXW&3mph5%yH^Td0Bj>K`a(nV{nMy}bMk9kI3=vb0H^ci zgQyt9Un$`W@#Mqms$dYj8*s2EWJfmj^}R;zewZw@Om6^#=mRzWYNQWG$EqFwFy``_ z{vY;0LW$UQ%aOy*A-$8zR0)hVqrq%HHD4sUd`n}|4?6}7NG()4<)1;aex@S*FUwK3 z6(&*wiA7!>x?2LgmM%*C{wQ3M@SLLfK0v;S#jcWIKUSPj2O&_sUQ0W|LhrTs@5;(l<+nW=zWITAOO$vZhEMi{5sS-+pR#|RHmi)4 zU(3W^r5%N7?{Y&0ih1bB<-YxtJyz(8axT5m3LHHcM9CCxu*JUDU>VMQo0C0jm^SLM zfxZ3WGi|lLXji};I>-W0ImE@{@au5h?Lp$>ZP_Os`R%TN?*X7*4i00uVPsHL>LkmK z-d)qGJ|)|Sy?@{xm7)g`Dh0@l_x{rn^s}=gq}6zN^`~on_TNR1P95*wuK?jQ z(tqcP$u2z6wL-4DLY8WnZMRLo)zo%Lu=J39md7tfmlY^UE$M2MzK9HZpJh359%z0T z4-+^quy>G~RJpZuGNK%p&grmBxgMQXfMlF21<2JGu&S@v=QRsvY4&)`_L$Dqgx4L; zt$0@RpM#Z+$%s0QXEWWJ!)rTDAJ-KnGv8SeG9tj4>WVB#?C~8WvYnvfrH+Vd+J$pp zZL-EGR)1qm(;K53$qpS82UXt9Up*dEBx(p-2XX_ni{ce2levKE`!)fFe2uOkegm!D zxi_2K+jk?qxyr}r$hb%C`o^$o`AW7Pe6NF)%NE8&FmB|BVOWV!J$T@;cWz~9Im6(QE;;FV!@=}nz+F!$Eg1iLR52Bj_v1r zo3(S|BWWF1GZ9vvCMXe9L+mB*@gtNmsEGlz_!$}06!Y^4?SdJ0*r=b2kHQl;H4RSd zK!;toFuUPBw~F7UO+DC|e-#q&F!*_INxOcac&f0uGFOFZCY<-!v7%)7IFI>_*WS_) z;Ao_4w_xX{#F-9G44(8_C_5gbT$Fwy*nd}dl>F;sp$2K(__m`$+K1EYMV23V4U)dA z<}yz*Bnl)bej>&X7&&`E0Q&qCpE|OQ=33p@gw_2;-Kstke!r5MLt_A|n_{fOdR=kM zTQLvuKELk{4Wf*EVV{P3Zv}PHtdYM+Aqdos3qDL-d{koVP{^e|-z|NR`dF>Ca(k}m z6#wzj?@M1-%iErad(JW>3wJ83Fqaw+or%_&UU|#YjM5U?xt6U zq-nPN&~f#3@KFijIW@u-exJXc65!At^RK+Rfa0{}SblyqgRkmxpzvjWr+f6uk>YA7 zCW?RDKgp1u1Iz0OmdtI}%*R)kvsGLFCUaFpjhp7}uFI0IDwNx9zkpuh%5}tBZ`daj zyU1`t#%OU&0I(h%IX(}r4|mNpOU}Zbf5XbB<|?70GHB0F7Gnw3LG3;dBn_8GLU&kf z@}GvYZ)x)n=HZK^>WGcCROkgQq+ouM(bn)N?|QT3Ro`x%J^5@(Tuh7zrM@45kbPjg zVIpAWqRcqtyTA;pYB~?D$G6U+S9`-F-y)fS;VZ>o4xQi5Uj4CzXvWhOypua_)Cv>gK|jJCy@4DCKVdKMnrvvoisbf{uJya_B? zk9>Qc_HTc5;gA1_mqqFcVAmQZ`?XU{8wB$a>T9T*dab}*=3&-F)W1KwRFg8qSpQ(2 zD?4n$8%A)MY(D^%}W9ZUbmDy=r-CS$qw zFzxJwwxwBU@}Q88z2)#G7(JPmu;#aQFwym?gnfhy+EdFlS@ryXJp1~fe5CPZRx^KE zY{{8gO)Asl6Qykn#6ztB{+IdDh3x1SRuTwJ=Bgf}UNng#5*Te2sz`a;@dWF#vlGkVsBChh6|NY0d0k4$Cr+ zmtyZy$+6_Xhs2TcpI;)qTT$VOB1{bc))WY6)&2hicLE$H_8Mh4>K)rkbm2&=fVlI58 zO&S*#sO8n^U3OS2zGhg{sfyCy_ z5P`6^^fr4OsD?4S6w~m%9oFHFky*PpMM2e3meizmnn-F1+NO4o?sc%LfOS#HKgA#Z zCiW6>C0tPIs4x6|MtOAS5?_+G4mz%xN@q|Km{lt$a4|X1SP_lQWV)7Yb=RHiq$uAX zU-7=+rj~=u+)WNHS2YL=cqL`zIeFi3ZERzQtj?tCVw;Kr`-uHD1p8LAy(=v#pm6*x}RJ8_a zPZM@iJ!s1RyQ&Cz%?{o5Am0%A$gvmR)_4)b?MYnD)16=D2pSUaJ((nJ&AZ3t{NR7H zYR9P#lhOEN35IzzGO3N3Z8beGOUwiU4T8WoWNTv2@o!0kb^`2!V`;}F=Zt2w8yhm5 z61OUnBc{&5JFcv_Cm~EXtUi~Mn6n;_`|&PEjl)kxXM{R`8koAUTlvDK^_q>iF3%&iJqMaK(nHgbc6DoXY|*v zDUDn_Voz^O6dtQda^lP$3bOZ%CBlzWn|_ke!z^KUVzGop9)mte-^ zDYP-G!udM05TvT@u||u8Jy{4}(knAh!DmZusVNjbce8Fo@#sg310wmE0rF#ptq%NF z@Cs;r<}?D;+D`HN>rW#o^dpj!rC>oAtpy#K2-^-~yh2Of&h?a1<PsQ*N6jdVHWYc7N&glYBtoS@=vOo<&9gGh1IZbk@vHa zxoMx`q{5be{7&fBt& zKL#2+(36#^@se5Kq!5+>A}DNo>2LJ-%N{72Tct|%6ORS*P*c24xgGM8**tpQA8zQ;2pQy;N5zfzDQw zOs3G?$#)#7ce{wcvp6rYUUE|0p+x*7^E${;;7uujc>@hB-7{I0#5Yi5B46nHVE-$j zV&ke=14F8l`x*loQG32fBBn`1>|IA>yFS?}Mso(P-FEaQ z+pl7fFB*_9zGgp8lD+O-`*j@u+XWgqng@~OGUTo9>TDy*{Xlv?3(PVcr9h$CnZG1C zzc|dRN-OSsZum1KZ9Of3a=4K0M-D9-GS@`^0+=oiMg(|cg!ti6(KWcq?h`ssvYx(;GdEbg&1`l3i|)%P z3mLn4^;O7@Bat1zcwg&FS$hli6rQM6*q&esh1(7HE{~}H8s&-A>R{kUUu!57#fa){4rj|YA1CEen8!O%C{ z&z~-binx6xnDiq@DmV6^%`ruI=8Dy-xVSZ4rPw$qH(SLW9zWY@49TVollih}=4BQO zoR^oeO-KHeIrlvlWqrs1nei_Bf2Nv7GIh>YXY|58naw>C9B8Q1eL=Cy0nOz6loFxO zDe`o+%&u9E6s44Z@N=5{$ozR(I(QcUBHM51O)mx8j3mKyT6}m$h$#nc+7e91K>4?^ z1xAi2Ltbk=;A>e#aHg`ppOWHbk29-hF$v8LMz69r%!4_0d7v=K%5Q3#EnC<6k)Go2 ztI2(J0W#B?xVVMgXZUSC7OHLcB@)o1b8bna=+(s==3 zh(@|}hbtEDI2oVY3=4i#O3A=yXG087iI`mX5cOC@Ile3JAZVcrZpzzjE}fF#gN7qaN;@5o8=oM-KfbqBPo;*(d&t425j5)|Vc&-)wRg z)>yJAzRmz6&OywwBlNj{Zp(g;p`yXBg2FHv2{JEfOTYB-<&z7K-)YE~oEvY{WSGS5jMK4(3hPlKnn?&vaaOf>A`?p(Iw+^kJMY2uj3Tiz{m7uqf}>NVNa z&HI#2k4ch1HV*Ezj$EDUE_@qbwWt3$l%}WO9e8tGx_mhBW`Dq2rh2`74m9@{#IbiV z0y;cYCjR_vAS#*d{_-0ro2AmlGnWPzBU_4uyIGWCOm9`ygZ;60yfE2hRL#lz~!T=4A y)!Y#~#Xb-x9wI5>jNJy9w$dY(Ivn2jfKMR%LZ5wh+6SXcV`-@Bs?;jk!2b_*(k}l1 literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png new file mode 100644 index 0000000000000000000000000000000000000000..51aad9fae9c47616835ecc4841028e1c887565e8 GIT binary patch literal 1058 zcmV+-1l{|IP)Px&+(|@1RA@uhnN5fsMHq(PZ+bm=@ZiA(4=#A{ASig)g9i^DJmesB*U$C@H)x2W z5`zQ@K|)YNkRU-82^vPxprYbHRqdaOL4pJk2@)it1Q7`me^60TamAkLPd;eD%Q~|& z)jhL)YUrx&=c#(Ty7-!~%@2yf@0{xp(amL9?y=ThjB(Fl?-5Jj2_kwNz=b49Oq!-& z4ht}DyC?zz5kff1%!dJ-CnBSix->4_F#V$m$iuw%#{fJE;2bj>W6b4YAjWAERiKhM z4&VSYe+a-DW4;>)a8Tdq0#%%rn0Y^dv%Ox==6U|(Adpe7*CJ3!oM7gC0M2Y|Y}m!c z#a~8+{J(y+2~=@93E)8hr;{YHX`22XTcTEhO5z0o_Yu+CMNvqcHeyQDE>Okk6f^Gz zusSz4XXoeVi&zqk2vjriDu7+G+A5_i5pfKO#sn&fHvsGe(A8SEx19hpQwX6e-v=Uk zT`9FVu0*3VAh4ZI=Ze|c*)B6@0AA5r-!qOx;{pQP?RKx6nVFH9xD&ujTI+j9m6(Wt zz^<&UT-ERQMPdgLJ+G8{U=)do2?*@^`uf#HQAnKbVCIv?n7vz-n5aM%r)#P>-OkJ> zj4=;yMPlLt0_&W+mWU)yw*gqvT0b(Z#8e0f?DF#Rb!AzK#H|31Ypo9sBQZ4s0=v4p zdcC~Z%sfv-$COfs21!hnfWWS;t=-V;^+e(pB08#+dTe6b=|Q8n*>&&zjq zWQ=)kv$j(=1J#~MM*WDKmu0!bTKn#{5eOk1W@f2yl&w}PS4z2U6Cvl^AtHJbK#!So zV@wzn!>Ngo_g=~|QkMA}K(4i383Zrar$QivaFCgwV&=b+B+0WZTN?&`Dg?au2js&A z;Lj>HZw(7SaRKkWY#E*g@COme3;WJi;3p~&LfFsDO8|b8)h5fbO_$24TZO#$vg3RP zz_0y&zrC=qaC)mF|8M)oU*ZtLKG`+{__-|0wzc-XQQ;epkaKP?5j_jwCjf1&^_g+t z8x`>0ONmiRjXzYed4F8^#soqL_cL<`!1v7DHpZNd0pEy#b581_QXl=cip>YH;Aol%tukltDDs#;Jv>az{>zG5m8$y zb*>KhS|Sue*u~6JiT)}{l6IP=AJ+vRUBEea7ZJV2%<`XDVspMu_^1Njdnubs`TUD2 zHlNfDA59>HkTdg}04`RsxzGfBOo4A?V^$Q!&OFaQZ3;e`fcJi(EX&WWwVyQ!A5EZX c=>I4T>t<807*qoM6N<$f~)T41cdvEP)Px(HAzH4R9Hv7mtSZcRTRd*GrQV08Y)vx0o4p%FL_|f+LnSDpd9c3K+L?7Tvnv5DXyUGOM0o&=ySr!?7@Q^W8P^#4YNa4u0aRf<2+$z_cZCf~;N!~L=<|gg$-l#U zIw)0PPXHJX8^ot$zThblqm&u=DU5$f1=O5<5{&(RGhGIA7QhT4I#XE_wIhp*BSbvn zfrbg3X-`&GNS{w@`Q;#d05Or@Md0_^Ow$TQo|(%ef9MuW%~@k$UK$h_@h*vRB?ijDu1C!Q6q|iqV zLqv((Sx6^;>=i&2`O^UJsrzSLL%$>V6r6Exz`C-W+c(vY0p4*l`s2L-ByxpekG-z} z?yvdjuxn_?0s*Q`le6CjjCLnrrF@+T(=k^7scAZ^d=d zQTA{<$@c<6KNA(?y8#2!MPu-br4_t%2vB_IpNQUaGTOdYZ76`y8_*_Us)#U2!*`I+foGk5Bo(r?al1ja~B!G?K=JwTD5c zTOfpM=;o>c$i%Tpdz=)=x2|gPRojBr(#Lao)5&OZ##EnGtw5(9`5#LUf-p}l^$Y+2 N002ovPDHLkV1oB;9~1xp literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg new file mode 100644 index 000000000..e948acc0b --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg @@ -0,0 +1,22 @@ + + + EmptyPage/05 SearchNoResult + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png new file mode 100644 index 0000000000000000000000000000000000000000..3a388e5176556ebdb4218448e9690cf63cd76d22 GIT binary patch literal 3578 zcmeHKi8s`1AD@}Vn2{J%v>1a()=^h>4VUcW8dSzMSu=ym)}@gtYqlYzYm2dE*N~kk zTh{Dbi&P}S)u2fCedfLAJ@5S&-gDkL=Qqze&+qemx99tOexK*=Zv?{wJV$vT5Xb>z zBYh$mdpHjg0shM`Rb+z!>PIxxgH#M2Ujm>SV|`ug-yOeXy-q&vcBFG?G+7?a8zXUt zNP7{5FpBWsR=g{PFwn6+7}#`EjwS=s)sg2Bmx#V2b4Mi6S=9-TZIGT*uxXg*pSvg9 zC&(JDzG8bJ=uj`QXNx)z>BU;9n3NBdHJn3d&LHDtkptN#!@U!Qy^0iDQ`d*GQ7MvAd-BV$1k zuD=$8Mz?s4ryR4~$%JCmyzuxjCIUL#H_^DkZe)l5!N8qr`(hX?gkH8BLJ0zBxvWL! zlIQJqIGvsR4BkN*``UqwcC4L9c`Jr_nuF^MSFUeNm4QA!ya^MBG1JNqeLSy)5tfne zm}3Rrfp?gUDHw3@+H#B6Hxv$@hPIb!ReX{o^DgUze< zv_P$D%YC(vHd&*+xT@YnYC|6ZYv}nK-FnHGU7Z%|9N)Eu6!iLOE1djg{sow;k!co!0+Mtvb$OlEK??Ehp zaf3Ol&xV$poZEbOXhG_>SB?DZ3kmd3Qs#Jh_uaar;WLr$6ip~?lIdl53g&x)x$oxN zS1*;T6#3AJiqA+ZS1=5R6Uac3uu8jo@(RD=6JQ_WLkj(`N%09L3W^745E;pvIM%Q9 z@vK1#EsKsu$2-~%ml;mq(C|Yc=>Ll zRfKd}95^DT&h(8vXF~ z5h|A5dZ1F5is#rfkH-zr%{_p3ijfG5adipjPSe7%GIt!t;wv7On@1 zk^|f4#qsU-DY(SfGyFXzA9> zgja#b9zr81h162%e@-taYIPgS{j+&ZMPw>0AAcS{Me;yh3gr^V`b`qQ@ywS^PQ;<2 z=eI#?kSwxLAjA1GnvMu)gZW=Avc4E`I(Fkb*$j;Q+5xqaAmG8?#V}afSA6F|Uf zau4~t!1(Q@m4_zi+y5K*AFRQ@TWfl5rT0FLk3I`+Xy_Pr*@_OpZ>^eoM>U*op;USg zTnOfVGv(p66K$@nP#&D(b*QI>w9~pggXmb)N-)N!3zuOEEO^!*4GCLNZ@`$}oaD=6 z3v*|qs|UIsC>)*9p@QZ(orcGFWRUw!b%bZORzcVFFI!`zi=$W0w%x7mTgbzJ#@Zj8 zVYpNWU4gC}h?#o(dBF7Wq^)8BMt7mi7QU+2{T+>SlJdPh-X6m|CEHrAAgbQfInU0d z0oE{RstI*{FMQ{ZuqLkhi3>}#5zbL|aVnZDIN48gbrk67N{C9Ef&!Z+7aK7}vz>FR zBl}F}u)wdwc)ftT#SvwOzsiR{F9Sql#Z`>^Q~HB*{@S13an5QgCByKA1!UURb1F|9 z0Aweh2o$~V>Tk{co#vJV72_~WQ4FDTN#(Zg*Oq&u!GcF$atsAmxQD1YoaA!kT2IaH zM3~V5i^`?;zkeJXhjJ7kcf`!mqtP4=jag&FWh+~a0V1SOnF$eq(;k!BLm999N4U?3 zoeeE=eN|E=sSHe7m!ugk#X?rC1=jLpKxmYJzPyzqZCd&6FS$7`t*Q6BUr6FMQcCVJ z)xi6hO^p+;qeq+K+XDk6x%L6XLCTZgd^OCj%DZkI=*<1^2STIo!}Ay0X5y7R>)!{9 zxZlIU>JV>d$w5Wch-t3&?;$D`SI*;+MxCFn#WG?>|4y~O(IiwFklvETsLs24hIxyy zCkx#lGeVuOkj3B}j#zYh9$$1^iTeh`C{tm$9WXq)=rzs5Mx$m!e;VPkdacpum>-A= z!Ay(CO*`wK;Ra3@EL1 zHFd-LO=K>vlK`E#f3%7g4Z`Y6WhrfM%e1WLkTrQ*J)J_X8-TcWUN@NB+PubQ<0*Cr za3tfLc{Eg=C$Z(K&m$3+K4qoVWS_4nDs|6qQ{m*#8=pdxVP9RmE1&NGwc`n6rg%&C zW~<`1EcH9rPKlp;r+5!4yg z=D5P|s`b_z03vMp@y=5Da^=Q~w+LMnr#8J+jm6dqX)_J+Y?ecgJ>wqrvTGA^u=XEP zZkDLdU{ylh<>)H4WvJ-#6T+W4B70W$sc>PMys()_TW zn)pIYD>oVrcMZ|hg*i)ozAwR&IB69fO~bhJz-V z|MUIKL8cu1V;b>2|!Xr zNX1q6%nQL)yTAT}+W}`-`ra!Ta*a5?V5PG_mVPi%IESv1S8ExPfkBh>n;Am4G#b@7X9uqsONWhJ({O#_t={cIG^>=l|w@b5D8hO7ovz zq;os$6OCo0)RM%f=D~Wp;CEKL6mK{}qmuZ7)}O5o@!o16zS(z%guP9l08Z+jsjjq6 z2)$+iSUh=6$Hjj-pUiDGMevmQ2b4hQLgi`c4Hs#O^@Eoax#OEJm~Y*6@xRRdLlcLY6to}z*6=ro9&<|ymW&IdqyFmXo`a7X zp2=LpEP#=pj{*u~R&`7slbC&dO83j>cw~6izPBFHz7^ztt&s?%1BPsh$mn#7_2@Rp zqwCHxPc&6r`B~68g6cEx zKJns8*#sJgJ|jmEihS}*`8a^^XiSW0zK2Mkbfh>RiGrs3y6`#l@gf`91=V}!i3w2m zlyvvaQm;S34U{ymA}YNc2(%!7^qq;TcKhj7!uGcv!{?|x)yn1ACNq{HshYg4aiV`U zV9_&89Ff9+4@L>xb_{p?hb%8(#q|*YpHJwC@Ht^w%__w9syod#~7~|W0!+?@c!ms_Vf9nl+lxvg;r5g1k9B=#B)G*4wGdGR#F5J;k6n^$>$Qpa4aV4q@W70Lz0)V zJ%Uv2cX6RdNuzY+Bm*SOjvA{tPgup-*PsF<7R1Gvk1Pe@dV528F3T$Voy<$n% z#Z>QS_1^I5Vf1H}eU=f|zt>r(GR%h+4^1jNegVFbQgqI_cm4QEBIVY89KP+d0RxJ& zkkx$D@0xm^Q+7$neL~6|38CVrYG>g+h^je!_B=q^FqiNfxaBOkK8Mu`l61KY{nvcA zOqW7!pd4&Vte;`>Udh0tnPulaY`B5(Mg$S>Wbb;!YHoV!MN$zX?%D`o{BeQ^nuMr0 z{x}i25U!WAggie)4rDtl2m%i2h_SBaJsYkg&=*aJCYHFNnUtf5X=CWi$S+|seCeWZ zrctF#YYaB_u#N`q3`UeYH(L5QPYI80y2NM*e^INt$$Q!+2EEjv~fS&Bx`yJe%Yr$V2+a`sF9@mL!A%tme#D{|WeC zbxX8A=vkW@nZC+S`9K6bJmgoqnCW+%pT9@RNYSHA&}dVV_YV6qB>T;l)iNTFD-qK< z7pPUT>}&AMis@g+<|c`fbJ7X#((KW^%2reAm$gt)oRCF7wm#}eRLYklx-a6HdD@Pa zU7uY~r#E54utu9nmp5@BGBO&IZ;4r+2i%=9+ugCs{8^5<{9RsxUMX#*e5-3{E4tAE zHW~2~+q)-STT}N#yX3|GFRMG>df7*n=cbBb{g>?T{@(nq^#|;n z_Iq)Z%`F#7c+H(D-n5Yjx)B~XOT-5{=ujywAw)0wG-Bk#L3aAU6Wpioz!q=5uivyv zTFgFzRSG-TA7FCM5OF6E^`477J0BT%fYx3VY%44A7dQ&>0s^Y}t#fe6e#3hh!HX|s zoTk&k)VXhj+NwqfhF7XCKnBOC=ci1^Rf%{E$6q%DUJ>-2KX*#;u^JcQ5`wG+N?Z06 z2Q+-(b&B+2EuKJEH=Lqb5U_)5&B>K+-PQ>LW5;~r^pWIc+Px0EjbH3#il4XX;MOY3 zvUL{e@W3)sKQS_u2Xx+V=C51)XWwH{?X`$g_lC6zB`t_0P7I`42x$OA(S=5!&TXYWlAAC&jHf}8F z8|FLK9!1CNYmg8_3LbFoTW%`l!KnxFeAGM`GYigMNvX#$|GGYYv+&lx+zKbkQ?`ND zJy{(iiWaP#8K1(hr5eL*-FFH=*)JJb+#&aKSiyVrk$d+meMmyNW-dbnt@E$+S3>4p zoGGDMzYwmym&FE5YL{tt#%g~oxa!)mM#`|cu|#JMwlt&TIvEQWv`3gWC1A|U!Pl|W zp^=un01XUM`q$yGseEDbQY8P>$Ppm2F$wc<5D=KB1&qt3KP0t`q|1kujf2X`*u)}t zM`CZU6B7J(?9i=*BO3e=J^ZRN{%)@bUIG?R9gVxOt9}t^aQXKS+oqsHVrUNOd-yzx zS;fPv!N%P*4!I;%_pj$=GLiQQ_Wp)}xtr~aEwoWx{YhU_)T()KeKpo{m5P&1!pZhl zgkcnW_clrJcF-J8QUtsGVs_elzw+fHNg5(NLVcQxKe?&%=;X^_v)gS^nVzfV2lQxZ zu&>YvnD+HBX(Ni6yhwRHOPIgHX118HS#@k|YEAK+drobRa9_?{0;s2=HJZb`%2kI( zL4@?~5~KhbOyJDWSJFUpzcI8(Jni?yz$0(X5X&R|x0ei>W~W>)sA7s~BEgiKHTt-I z;LAM6-TF@iHA~MSYNR^le?HKR6^}msl-lxcuicC001nO!FmLvV=M2=Xpf|^Pe|FkK z*1iAx%|({U{*T0Tpu`*|oltAYYzmnR_wal_IgZrOP=Fw4p~5|Es;1cZvaanR$p}uF zT;?v7iPa`B9)m(F6C{v{9Q57ITP z@4hhec)yVt9vQgeov3h6g)pSHT2)~kdaJHa8?VhSM(7j6GGqb>4nRBeK2N$U!x4!q zfn|Xv5J1a-C#L2THvX?x_PH%)&YILKc6)t-s{|*sd1WTTNO$tHukV*1wT%||XK!H+ z>noPxbP`#sA@U%h6jMlM4h!Y8Xb)(~a9B005btP`wykgI(j<#KY*mdG(+I@rt|m9> zC%P}2F~3CyX7;+GN{#S>>HZC#wU3w>1&X7X?sC|lk~dXw-~ZZS zpV+x)bZSD*`f1<>L0}Y%a4do(_-j>mhbPS(?&JHy8+KS$C-<{i_GP|=kLS)fO8;`j z-akIk{0$Xcr!a_P;KwlO7Kf5jO0)(+s=9NqHaC}!8Z79I=;mg>HLMOQ?fY=@2Jc{N zNzvx2#J|Ql@k8A+n}oo76ru?hrdAG<=;%-Aa5mh-F8Q{>}k?F{;ULpw(?xQ zlIx#M$2MLBz29zU)xFkA0exQIm))h|P6(U%usZc4S4#|?PSX1qP;rWAk!O)$Pg-gx_h&jhc8?MhD%R44H-uxE5QiHan`ruH+z zuNOpO-POqYNF>b^%1mp)Ve2@>CXVP53g=v#z@)hC1cdqHN!~X+DgqzfHAmYJ#AO2g zTSNeFLJGX+lf3o(W2YM-vbFL3l+O(lc@V^PhU`QqT@)@pI<8Jk3AF- zLnbvD+3XV)|9LCGsgFG=`N!0D)-O*d$qHui54rcWkD?lK4{jL1Q+hlxI~b8AK!PIg z=?~oFLXZr3UKvg=(w%`D*vM1|C~-%-17XqVo+2Y|oiW^$W16iu?yG|e-YcWUgtX4< zI+rxPa$=Yfa~T2~WgA!ooZX;rasd8$r2O$bq$Mhe=a*0@oRt1iJ6opEa7^=qgBUD?aA7bc^&8h^`ssR4SCWFTpG^4B?-HeCmI%z6z=6Jjcq8did2J>h z>JEsvyC)W2FpvE5+sJhu8r2(H@rtw;A;c107zB^I<3iK6FN%zwH)INC0kaG^EB??< zHUHDhp#WTh#hfP&(S?CmhY*yr&a5Ti`Plk$z2|_XR3^iQ|HFYV+|V!{g#L+b7fv7Q z?m&dmi0)i%B81V>&HuRIzBhEDz(A-&_3#fYmXo#YzNGhkZC)4|tFDaqQ(3bwcqV{iD=gGk$)Z1lL;(YJUoJQny)kQTPAms+Z44m(a+GE> z|5T_`NMrD?^H0SM0Zwn$9Z|l!(>AI_5v8iOHqeR>Ln}LLvRfGx#~NMbB%5KvYVL)B z&Is96d-Lr@P3#iR?^tLsEan;Nj1@xhQ6z?HcxSK^BrDMW+2JYs=mv_p!lXFISq%kB zwrGxvKr{YAtn^D2TygA~oIsxt)<1x_uaMsUk=uFG^aX#2*uOp?Qkqx`2W(~B#ZT3f zv@v$sLJj&{ZuO9urUOAM@W2q8gr|^pZH$VU!5~%26waW1SL+yzwm=4Nl=K&Z8L_%S z{z%FfXcA8X7ES+O$bf5e^n%jM%qpTz!%A;USi@iCS`J^OTL2MM3l2FBL3OL~PK|tWn=$MatEaOXVgh{yJ&QNrsX7YR-S)Sj}{1LhE z+5F{i*^yRtM`nuE;UWm{SXjZ2aa=5IJo>=Loju79-YKyGjkMl{BeUMP8T*nBo_8#Z zq<5&PNG?<=d>j#D56+><_$mq%!)adu+&!4k{c!W)^>Y6wpIB?^B3#xU)^>d5yO?Rg z!u5|xoQ)KM1nzm&fn>i)C!)?nL8+!#SP?b_EH38I>;bF*q~>hf%$hmxVcV0l%c$F# zK$Je0B#efKzdb-+SJB)dS=t9b+WJ^n`wG7neMc5)cj9n%BK~w&rE}|VYxRA0bP{9B zkB$auMA%q+@KPC;KUa8HJQ|T@5wxd$|H2lEtzRXkkY|2z658@Cf4DUq_&Oy9J7xMf zcx?A2Eb0^K@UO;sM)JJ_^Bj6XP)GUJ1MH`=uA|9`4I1~P z_AEa*;Zt2274(bSG1X@AuQ8VTTN{UxLuaQG)!q7FpUYE>=P zFe=m6(Jo81z8#u<_d zZ9DHm&jE_>nRdd%i?PG}_r>}biUq7Wrg7yq>|^sjy*v_lLts5;*&}y#pK#!CJX{6d z#;!h$7b%+_4*#3|+!TOx`;QP!J0b*Y3uxDo3;A6prQLZHks)2VL$vST2KF00vny|c z1TO{p1n0jsxtd{p`9D)STPJgd%k%kuk7~*CD;^2*yFbu|X@!N$jJBGo4vObzEfy6f ze<1*{M%H7IG9LE)d>^n7U4qs0JJmZ!1|Q9#rn1O;9^9`R9*T$E!Apg~$NQ3$8l^oq zw@(`Fg(pfD9_P}`bOz;#aaQapEknKp)X2wL}2*(}}!8&g3yR$zP+mf+=3>?BK z^y9SZC|t)B6VaKf8-{8{sy3$an5ME;zGj6B^nPJLX{y=`8+Hh;?>@AGuS!-QtI@6 zCM(kpwBAYvnVpo%71ANsc3LSihac5Sy}K88);q%MuJB}9LEB&0;){XNfXlMV3{R>K zAze5kX*@q!9{Ei;#RJqQg#0F;SI)_&-%fSDoT(TU2m!S2 z6dM^X*cpe=7@MFba;3V#TVJ29K^OQl>PrPh71g*CH@6=M~2Y3-cwm zKri`lY^-ijrOm`bqWPJSd$tt#d6sOx8BhJv*}W7oPW6H9x@lQzLa3IdfHVhhGrwq- z^%dk0o2DuKPB*N43bL!1gMFCxI@Xk1l$jXTUnc5MBuqt#de1FK5a|pIkw#w}Y%$tY zjdGnzvD9`^veK;!{vZ|q*cVTv7m7^Z8pJsK1?gD%n&PeZ6kW|81506r(rY;wC;hxE zOK3tmJqQsu42X*ep0me^wN$qPjks$PBC5l7CULih+8Ro#=2au2QnMOisXeG9gXTTi z*fwqoe$ujRw7vS7LXprPE=8qjeev2;5z`bD)9zCK2GE&Y1c_Z z1|&=$|8kX-hLWOkNIV~e>7K%kw(^pUqw&t9anW)116MVc=ZtVEk7;}#fcxL zL{oW0u4GL?;x2S$G}aH@|yMh^wX-e9ghe z^9rB=8d)rH!|V>~`-iJ_@f6(maTDlqI9PSaDoMsZUa=luK0+I!S61lx6X=0ZDzb_& zdhsn=H7f5V{?5moh1j`zVn8$isXae2ByI^`;XRN=KVC2Xq^SQWR$adFcu|em}M| z1qmm%It5{5m9eEPFWaLV;GPbMfl<|>kxuZ|eJBsH`BJ=l@IdGZ6Js?3e=;_S=A^C- zxvs7T8~ao8yvli6ScFSAc_zBs(dTjCRQh&=b`;^l#=H{-w~#l?S$RofALlujYLTS2 z^hQemRw`wvS=ZqA<(sQ(G%UE>3C|+xAgXRQ&bw2j3}uiX@~a2NjHml`x_V7gHD3lQ z#qAVQYQ5hjx{gCsgCE7N^=1OiK1GgZX719r>%5=-mj^0gjMI0A}TT%#MSd`e`FP_vC^I z787U_k2J%>=ijxT)jQd^+_bV@ECnO?C63kL8go*GobQ6$omT37Jm4*-K)3l@T4)N! zaq5raCuMz-BpTRXbOo**7_@pQzCS=DRWIasBVU$=(on2qv(HpSt|1}w+o&8ISg4iJ zSmRE)S)zA~<`HjbTGXHN|K^4rv6eQ_G?W~mxK*+!`1Zwp>2lSG)fYDRqOJMiqlKP{ zp@tu_9u9BM#MDE}%6phJYs@?4*DKHT{w4X1T466HvDMax(J*mO5eK~X&-aasFyr*# z3(!h{P&a$8&p^;~9!8AMs(7v+6|1^T2eC@=yZZu@u&}SwI*H^4?YD`76JPQCl*%xa zBY3p?)-4=tfcr7*+6%g#2QRw3a(NN`Zr}`XpsIqW z??hLynKQ9`HWI4$^@MNw=_I%#Sc+hkZsPjH$1;vb|Diirs|+mT3*XcO<$mm+G|wD& zza(7G8(o@8Lk*|V$?8NoGCXstkLs1)j2GV^IS zoEcztH_FdxY^@vmHl+XBeYgQ3I1~;6alWC!s$u;>MlO@Mn3vh|@lT~vr!ch~G~&%s zr!Xpc==v~eZ$pBaVC!ZpwQH<;dO$ild?@Yx4b!$yfYk^uhL5irKJ&gWW9UYGul$LV zC>1fxzN}EMB@%tBGQK;n1vZM8!^*bPvLhp2VP%#dA6PLQ7)JxnlVM>(9lL&=D%MLm z;O0bMcbj8SxCUy@_x8VQ&M`C!EWRs<5raB}&_bVn6-pBx-x6{0O^l9e>`tJ{12D?^u30 zJuW0Rg_$_mMH3?i_>O|!-T72eR|8c3vNYrt2+?SqHhv=Q!J%NkE%&-#Zv()9F!LLR zTvi{F7QO`K-<%8+3bD7Hn5KsDcaE+(nQ?h*nQMFff+hGnNacj??OjdJ<%>m~G%fhJ zhGkEgu0OWl^Wd%XL~nKIaeW*HQv{DjQ+8tz7!;`R!c!02@$LCK+Hm1PkF*7#%vz@j+-p7BoU_xH{& z`_uP;ik7ie`IQ6=x!V!b6XG10mdRo;7Sq&0E{@HWarMQ9VJFn0pyxt0+DeHRs=>%o zd`hQBo6v+tp{B|N&?g_7-%j*KCx-O?v(sK4`Z+Y0B)+bOuBh$`ns%pXlbE1g*HL5n z6sxiz3(BPz#x6wIqs;`^#&f~x0lo)-&7}}q4g>L@O7Oiiy(q5qt<7cDqE}Aci>1hm z;;dVuQ28}ZW)t6p-;oW2uA17_-^${8hHOtZwuq0WSt#T@SwGzSbs_a5#oTgnhnm${ z%I$GI;ehD@fCFazgG&+CVn;(dt`_vhvv>X3ZP6H3ypU`hVSb0oy)nTOH438qR`$Vc zYS6!RV23UbV;cw`$~LzgX<*%;%az_`fYOKrnaR?utMmKSY1D!00#T+QyA3FHsyM+Z z$7KgkhHIs@j)WKT9XQCiA1itdP-=7|M_d@z&vQK_)Uzmk~@ck_eL_ zypP>)vg7_zIW`-s%o7ZkZoA{AL5HcOBz-q%T5FP9!ADqjCj7EGSWGY|2I2}`n~0ub z7M<8aGZF{k7ZP-dMWk1(QiUHuV9(z!S=wW5XA!%6@8$5um-H zRQcLC$hHacq1I(%OA9?JyhExW$sGi* zdD5hsSZkiUvEzWkE;qR?c)lBKK>u08zlcw>vGbv9Xe-ctijmk@(pQ>$kT4^mx~A0G zPJXDrB-8nR|2+)>lN~+tn=jK%?ifu#C^fMnfgVdVHIq@#DAj7HB z2Lymnopvh0Mv&+xOcy(LYJO%5ruiXfn9c1|873hprcP_tguhBeq?)ZhfVYiK8KBZu zbNgVBiHE6TM1R2(Zs5m4N^yOz0TC#L95=t~zfc0oobXx>5i=(OGTW@Cix?YdG!BQd z!0eoV4m=R?*!IxG+(OEu56Tb4sy%9ql-{`7N#rKp{0{GYqd7c64Ra3!rTJo{(YLXe7|&LJuO;0tZZ)JDVUWhQ&Do7GesGl&cgmpjkUn3FD0WxGXt)$ zV)l}!FeVZgjdPC6d4SFjT=}bOgBm%PPVV&~>xRrvEYU0FYjqKZ zjuaPPr*FIoFdiAN`GmT)bh6tcNv+Y(COy}n?ir`_wyi53M-$yoRYO(l1TcOU`ZDSA z^t$HAa3#WET!hn$XFk`FjM2F-(x_vEa2bO zw}Q0t74wpi!zlVe-+Wi#mQ(kk39jG>9$nirrWFnnmYj3X=EUcxMAsZY5t<}`o`x_q z&%O2NaAU-DiFZg=ei+9gqcb?LP2_iv-vO287`Of>6$un}}6 z-m2=rn{h}~<{rl0=vJ7?QW_NUdsV*!9h~(m=LwOSGMz(_QheqLRDCBnl$*$NrNepc zJo5;3mIT& zAgUy2BBng(qbNoU=SvD2!M?+a-5Lfww$vfvp6;9ZMNOkZVmpLmoFEaK6%Tq>QmbNd zJu3Q_L?7JvGG;4(0uK3y;?*&&rZ37?=!|upG|%Mvw!xQxNJyh?QA4)_n2GFy0za8i zBpVzVi-2mJnJ)~-qvK=il^fDkPilA=t*TD{P^Vq0`ZfAkRb?GxxLq9TXnQyhaAD;e z*`m`;i2jL%e3+_8J0Y`&0)G$=%x=tzGI%~%0Vj!2x$O_IIIa34ix>i|P6b~Zht=mVWt1%au{ z`Y%TCLk{;+oE}B6ZJ5?q^*wG!EkF;-q?C?V5vadP!&@9eIq{#CigVtDuoJXtsIbzO znbij=U{dljZz*p62oxyOI+;E?ZRN+QGyxXwRsC*)erg4Gb1}cb8if4fmTYLySI9>=t z9-0y~_x_b`QQzI}n01^S%B&o0$ZUnS@wbrvhK|fMhXsVAS!}rT@Ws=>?BYx3=14bg zmcH+URfYJL)*tReR*SE!sXU#6#c#>*4$L!vImvyiF$dnr&|Q&u73xpB(0`q7%~90BTy8nuV)?mEd&aW~m`?)U zjk$*4V?U5#{@`8k7F7^^P(6}m*Fjj<;4CvF-8~< z>ej$XJ;?B~#L;zXos(J#ISCy=To#3$DiXfA%eDJ6YHTlJ<~25jQ38WQ3X!=V@-ck; zGYP`-TL^w}i50R8oy;Gxsp@;2|5ki%P!l2m^c+i}9%rR>O%nLAVnr@|lzI7^Jtg5F z`4i+0R5mytJ`6F-TARYI*!U)`d*oK)lDQYJOgiH!51C-ZY0gdXD-9#C;(Qm`Y%b3< z>dJ&t^=UK2K4SMW#F8(Gr9-SKPAS2rl1F;DRu+ERadOIKsdcO1)YPwA;I>w6zoK2M zG%mwmQ1<*J`$*dqaHO_quKhDYlEaDCI1g=`K{C~LxFB3(y2--D$*&JTv`0U?udmj; z(N11h!ZM*K5pOg)%XygwJJru1T@=IoIl2^gCa9E-@yFz5WjCR3Mb?ez$A%}%`%BLV z?Hjm5Of#XBFSA2AIl9VTxV~2j-wbvn>0P<}ZIyvDl#2&!W7APa{{+q{CmW|%^&4rO za%Chb&X70qrDmnS?)~gZV4Kv2V)uiJgSX#7Z=;GSMo&bBYUKR0Z_$ofT+~LJ#CLx- z@v2skbhta&1tVLHrU~W)1Bfw!)pwDZw`E_gj%sr9*`kj>Wrcd>glnM@@n!L;?gU$^ z23T{>dLKxHR}27ED46Z&>jYM$G@FxueW6<>ew1>8VjW!M7Ru5QfE*i5fO zyG=r2d%m9~+a_9r4;G*RbH$Fhp%3c|puu%Qj&u`s zn=CP!0_ApIP$&D${Ex`-bgD!2cvmF|)+Bl>WqRW~tfxx3%xgr$J^!

ZBt+5mn3d zO)TuI-{B9zze#h@Xc9ZHWHUn=4#KV-2mUf_k+40X1+hvuCr{qAVDh|l%!bELvCXnG z1>$`%!tiw_tUpNi;G4%e53XkJcOoYQyIXcVmnELrCy+lK`I)+KIGcKNh~YEMFL`8? zS=eQD(p&}1<_>b_I8=!g({kjoxk`uW%xFJbN>xlJxK^Gq^*zNRp@htbsQ;!W3l-5D znuaHhREO|XDgRtQX!0!(Bw z2+FT`e-Y|r)fJjUAl`Bh$DBLF_9$BsKB;6(-F&2?s#p*@|73Bv6|KW*+A6wi1OJzl za)Asc(S*l+b*N!i&umr*H&q>?lj)BLo1r)tB9N?6*`Bkgd2`ICSwS^a{K%TY=xNKb z=H7%|8~Bz`)y~e$Ueh>j;BG=zl>*=@NWR^nEaeB9yiR4E4@G zz2J&FPjRs(%myE}sz8=&8HYickwqEBi=`h@BRdmg3wxMB;Y26*gu!%B#nxb^I_E?C zByRZ0n)IgQ%IFb+rI(UVg+UPAwdW)^0y`p@wgBs*7%M__%%L5n=H}!%sJvxuRdyvl zo+$b#P~p$iSvb+5c*}hZ>wzbnqrhwUk#v2Cesh%0Qpn`rYTY?h-bs`nem2YaJ(bb=7LZ z$r=A?CFmBf*<0e73TMg=4st3i-(W`47B%DoGQUSm$p=6-UI$1`T~S7mmH^I3x|S2j zmq?9Ldjx?_eF{U=;U0QiN;6Q1w(8DHh4LT)?DUk>d()1YQ6IM#%Al! z_q-VG1n`k;>B6_fX}LXn_vj{FD-dEnNDOx6A_mkFL$>M!@*sXm`(6Pf<`(ojhcjwH zFsJ-D=Cz00{Lm;{1|*bW3NUnK#nh(FAJwHJFHiar?zli@qX~pxn5e`5J0=tT{G=eJ zIT7^rcyLeeZY`rJYapJf8kgp0N+8j|H17lttGI*ittF#(Y(oF{-w|Y-i^Hi@t!$eE z-G=Ij2(tPVFiyD$BO;jr^)3#|IMD3bF)I>k&4r)r^`{?D*Q3ZiD3B;tA>HyPddk__ zq^$b?l66_}dvVgd#o57j@NdfhMFDN5D-$i|U*uS5JynHCPOPrvgR#E=8*I z^#kr4cX09NB_n64;w?v@PdYxGHd2x`x|d}rfexiw#!l06WbFQ#Lf6xNnoD2}-+K`b zY#-%Qx-MKjZc0NX7*0fMg4ey%r~!fIIy3^BFBbzDffK)6LuuXOTwf&|ev`~SXe4P} z#BL1J#x9^hU`^!0&F20CLSO84rTOb4M*23hs~ z3SWA3YnCW5wExD-QZ6>~Xoa0`eU51j$I4ES^%`xp8vu%TOw?F%&xP0oVN^eqL>3>{ z#y4*aecFxd6m72rL71N}#7&sO0OOp8c;V;&0Xrhb9NvybEeAjnV~s;*=o2NceBtj=5v$bu^TAy;vG=cOHvzmR z=!)T6z{kv@OAVzv$hQy?%$_Z_A{f*zxG1M`Wkuo&uyp=jtB<(Ij7m??y=@2`Zg5_) z4dJU&Gkz&6H6Hi(U{G-0*(=ie#&X;ka0yKL^Or$rulwA=n9 zm$x4wC9!da$WX+Ocppx=|CQN%#1a|x9$OSv%)qe%5CL_HS=N{Y`Eg0D(FWXJ8Lmru zK+5?*V>Et}?+vM+sgZ_=4SgL~{u33-S`lYhVM;1~;!K@HhoafG|EZ0cM;yMtQc1G= zo&UH(_|wl&OeaFG%OzivouW$*NsV$3p~JR^^82PQ(`$@!A3e9sIh`Vf>o_3_IZ-)D zONw_XdQS;8Bz=fdcbX~GceaRt^kN-Sd4?hM@}Sjay!V)Q2+i*pp6kegF8odyPR>)j zv=pd0FIBPc9K7;LQcT}KL)KuMau%fTzcRf9`Go&4VkK@YYLQ2vS*NIW@Tv2zU0%T% zpg~rBNQ$Q+?I?(8*!+MgLmiu6XpT_~EHtmLj&+K*sc|Mthi@<7_puXmV@KZ@=_5W< zV=!noJP)e?*Abg`h$Y=0U@E%Og8$E8{n>ggGDKxMj^MsrO*$J$GMhXLst%AF6OD5?rC>x<{r8%7lOTPt=?Wc1|Tu$T1j{dOT zvy)cG3DF%we~*pKEb7}zvprs65` zgR17JljO4pu=rQsNWmxW!ERLcW^3A!$T^CmD&u6Z{q-fgX7VU$BvjAm3)>x>0R%uT zPL6-ah)Dsb8vm7A8)(hRHgVS^1#_IwlyWd_C_p+QAfp!g*M(K6)LNqp-`Mf4h>WjXYnwUSYbo|rZkmZDM&0A~#0_+Nt za2MS4)Mz5<$$mgWoiL%fSG`$OK~Kmti&*`2_P46m4Pvns=!X21 zQ~%@t^2u_(bCrhc@E>9`qF%F#QW&><;y+Kyq5C$!kgNdvl&FB2 z!09|@A0V&@UWV_1n{B5!!ly}L;{If5$$g{0Bcw(|yOtm~A+?&)CGMCjx*-M80VNP+ z)yrj|O-mD8|hh&dQFiwZTH030awM_M4w>yYEUKLFj2@=W!sZoFSJvzSm^QEwSX2X)- zj>UGg=TYw#ASeB2Ln^Jp)&jsfYwAR;sxUX~EKrJ6S{v4xrA2o;n81@^Uz*S88NGb# zFoy`oNf1|miA9)hH}0xOy5H%fZ}9AQ_FE9EeJ$BR@OIxVw3jXjy*spA%i6L4GA1Ob z39cBS&L@_He@@-;gpaU{Gh@R8)Z@`>7Ls zZlR-+%cG87bI@9J@QF4j+DSieQAJWrIRf|Hzj8+u+_nKQf~dk`OXqN!L)a(Rm-KJya!sFojURj`)Xe;VNtM;} zMml`m@VxieAVdn)R&gg{u6P}F8vHQ+^^#{l!6P1{lPKQqD}k$ zC#5Utj?iZ#f+p^7bN}{FidS(<<5Wzb;G}KyU)TXmu(wk0f2qT_nG2(xF`w#;lug6@ zJ9pQZcMPFK&0Zxh<0}JQ@71(oGvY1;S@rFTG8ird+<0V>-?2v5o|07zTx=VhZ!p9P zL_GAskZgNVHFP1hH&nWEl5J&$&lsgn=&2C2<{eL29UMm1XV41%Sn3vAI$Ec*N2*9; z`6DN9AaYoqT+_|FI6Cn&j*$|qa^$7X-xiiW1V}wQ)PV|cA0mmuY{)XEW&Na kzT0tvChPZZ;H%G>WiV!0ff3JVz!e}VDkoC$L*M`Z0lp@4FaQ7m literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png new file mode 100644 index 0000000000000000000000000000000000000000..a5048f260a6433c47f69ad65de1f67021b01b061 GIT binary patch literal 7640 zcmcI}WmHsO^!Ciq-2zf09RdOZ62j1(l0zsADV>rsq=0}UQqo;R4&5a%bayG;2-1kW z{NDG|`}M!p|HD0Jt$p^rXYY05dG>Rov^AB8@SoxX001HtWqIAl9{t~gi~ZP^8&zaJ zc0dnZC0RhlDE%G)z!0w@FQeyUew2aZY1-S=|KQP3LT!Q?RGsgmfzeXG55dF4FkdKS z$NU6=|0WExR365V^(RrzVGkou*G`A*vSEI*8JLeC6@T@USu`@XJkbDEhC z;9Ota|5_qktaC1~A8BB7l&*0u9KfpPT?wJ{Wa)Av zZ01^bG6PS_1RI_75lRuOPzmVDRVUTGt||gelQ6HCq@1)?CLw?l4lq2hM%!0~gh?J; z<=Bi~ih2%1IB8jq;4zZNUE0yGd=ejht9|VW>h_CaIpj{MGD!xxkdEK6Q~Q~Z>o0c8 z+GFH%(KM+^Y8v|#-87!xdxal|2c+bVMkipPo+&H6A-`vVPtAO1b+<-=D2>Dl#skyM z0@S&{X?`qI)<0jXeuYuXgk_XGPC7}RoU25ilHBn6!cfRNJOPM$Mro`Zd>8YbL)8`q z5@b_iFxtGO9+N7>M0jQ+CrR*kPQwU-I~+S)3j< zyk{H-0<6a0M~h<`yu+)TIiefHZ^A8InA#;4L+P&g1x<+ME>>E_&=({_FGlY%5Km!Z zqtxPYd@jP9t#RFjKvX+N0L52ythgghwQ^9prTsgA+7k9SWBsvCXQWm~re4hVylbCj zzc!W_lX}e9Mws=&6YZNEBj-_!Jc8>Ih758rHwgUfATva zpv7RN3?$1g;)G_g_Jl6o{jTj;Q>Jny&F*}b)2TxK;LaxJOp6NFAZOHF?>n_-l)K1p ze&L^Y;dYh$E!?0WGUi9Vvr9~_s3w`ft)oWuEA5lEY4sq_hJ2!~pLVM5P{8iTPd64H zFgxbQ^MlQA!O0*CEL3aOhsXP)7o7IfDCqgg#9+!%?&ttZ+|L$fCQZLDj*#jBB= zB2f-HeEBpvYt8}JKk)9GmbfrAQ}V%&5`D20v!qbdS+B^1ulTJ~R9!A2IBQQ4dpb}C zR!AUnY^k_z+4aV&p{j5d-IIN5euSzxUyOZy{Xt8wj>Os-Zw)!zTawrWBAh8*klHBd zZ(Cx_?UaSnS1i&+XT*oyCM~Q6A^C)46<6S8B#PpA!4WLo$jvk};FZk^St<<ir2dBbkQSGipX%3x^4IsJ@9o6G z$V=akkzutJj2Pzm7n*T^e?0)v{B^4_L$hA6KxN-|qqBU~!s^U;SjFmNnYxF*0WNGW zC7p>>F@-LO=e>Za98q_Yf=1J!BbdKfg`;kq;sE>N6D?ku617R)HgsAJK53MxwAh;0 zkn6Gj%iFi$&Z`8|BJf&;Xm2N#M2eCPf5HQjIyvP&3uO7M31N05x2aDeFmJA>qx1VFZLWd# zSpQeT=4#TYC;wTC*=3(9JDcbY{%a4#X5B6Khb$Sl%y_or<-a;hUnUvpW%cj=CNx-Si^lpinlX{u)1SkG#KN@1pFVrU7~KJ93s#r?K1 z&aI`pyIKG$U|$D}AS-VJ$`=c; z5O)n1Ax;shNrhBRu2+<9J_)mQDOfj&K>KrPB+X(Hf&`-mIm2(b!0QMFG+Dq%=GSYi z_E4u-QFR87OK_13|E*2vp8+h(S0ZXO1>c`y0;_78{w+x&2&bu(g`# z6LAj$D$yk+%lqDpKkVGwOH-W*7`c~3vjm^wu$M3sN4RM6=1HU3yMs}#r7JBxCB)%4 zyxyvuZe&$smdRn395PN76n9paB%hhVEjar}U{0;skLxH&x1IFGvD(_|1dQ%&sd@TH zUFg4~vmdhyj%tL_B+V>F3j)RdZ~x_kY%MVs8dO)lUq8`i0LPA;05?qr7Qd*wS^2ja zo+i3N{SjKBI?th%gy=z*`0gyX<*L`em^>AJ_f^Qus6EU?y81*(0P&aNB)NtBtP

a3WqtJIq+}rhik%sA5n5Lk?M|=nmB8W%&gezVlrdAErHADtfE(CO2239NaNEFa2@GbXValZ#DvjcM3 zED2ly8766;JRBMs8VMkW#F2{w+N+)OQ<+2k)U4gj?kSjHZ|pGMjfX4^nOZ{VhZwkV z>}^Dp!mFeX7~Owko151Yn+0 zz~_k&I32q^Q@nke+Zw(69pAm&U-mpkL zFRJG;SwMI9_3~-cnToMDrUh$S;FegUO@}Ox8TsQp2wUjwX(#pNqK9*>bd}Q|L43PwmTT670vX}Cp)7RTG`oFT0mi8^uP=JLnk48nc z_PyxwSWte)RSR>Y$Po6PblGT+RzLLVsr(9yL1>TwE}!OXJYLuQ?85316xveZvjzn= z9Y{ZGT^2cOKjOLM{Sig=7e{|}p00<@p`~`$;jWdC7&|Ilg$k@s#7nI!%cN|%(+_-H zfbx&|Sfn=7)hEaFv-NUnkNg`|5DJ+|#p-rTZxU}|$6wf>@*hUMC;^2n7*5PjLLh-X z3*2g>dq@3-WfS{KivWv=N2(V&5-3nh+()rvP(><4kMsO4BIyvU>kYOSVY|fsOf=1_ zUJA4jG2nA~O`_LM*vSfLfuM2plKAYAm5y^8a!}v|4D4df_jp5Q@zC3kq>U&Z`kqz^ zQX2c8#j!(TuEkA_fsu*|Sx$TXStu*M&7}h8Wy>Ra+!hHCX{^)qxyDuc`Jom&$EDuI-<%|A^C-q2aj}Od!NBE)y1BSQWc|%Gir!RoVp7;h zu0EPk{=#g76(%BS<96o5=0~cz*lHsr=<9O338FsEg60~3qog8ztsEVuVPCg&3v2Xo z673e0=9o|2dSS9Un$+YGj|om+#vQS#nrl0(b73!_?d4n6@7Fka##nv0+&CW%nEi|i z`%bYH#{1Ozvyzx-PMjkfj%<1Zc$AKi6;8YVfB`jt^4f@b3cA70T z_fcWhABc07X-u%|=|&?kVCybl1Y( z1clGMCNo{I8jIw3UPeN2(qm5!clCq4OzS27WA({zk&D4_yX%6YX?27PQ2i!U7j-eQ zEhX99!x(zmqq-dBhO?sr=)NJEbj)OkQ~n9I%!Qg^f!`;h-n5tB3z&8Y;MQv-H+W9{ zQ+SnH*%W6*jtB8^fY>Zd(I&d>*gk6=8<@P_r^l&C)sEa#SZ*7nf~U;v9vW!HfW8P{ zS=hfDpQOENg1M7_a!1LzIVQ=ISk}-L4w=?Jx3*t;x9(Z$$>(YnETCC3+^hGG9Wb-c z3D806v2VhV@J|qx0_nr?v^U)Do!#6El6Vluj~HIx$2125TXUXLHjUX`;awC3meD8D&?07ApV!AQKPLo5EvJgkf=Ev-bwxz1^yRfxP>tS?KCou|^>cTXsFWs0Q)cVS7xI93V-3>Gnzi~5k`SUF!mCj%F%9B9rY*uX)3L_ZVkyFlJ$E#UfNn1}T?~yHHtg%`w@#lK1gmtE*Ircq&1nNdRO*4*Rc6!Z#oVUNsBhT z1AU{DZk~ZX0Rh2e zcf4G8#%~F~h+J(rjWXq(NB8t`NMCLTm*Z}O?Lqk{i+&Ao923BE(0S=?JnU5A=+EVi z=@))`46FP%&PVQww}{3d2L=Ga@VLVtMmY_bSUI<-8=Bic*3m+jNZC5?!5C0PVvEca znlyghEIGFrDp}h`qIIJbciz=KTJ>8UG$i#y!Bu-U+;6G|CBXQXb#KAwz6=^#YYTcKai9DHPi*HPhNK} zmpVbgDq`UGazD!?b4@?5*bk(Yw_)41MTtY6niv4jQ#Rq~8jy#>+W4doCYYtTcU5zx zO*nxHM#M`LvGux$okY4s!=zXjh)a=C#F+nB$vQs_n?IAU6LHVG87m&`35QLAq5xqW z5OZg`A7&3^uEoH}ST#O|YR5UDv}AYvn9=4Ak{uVw|hckD`o>k+6K0T#AIC?On$ z$qE30YCp3`AtxTB40{tVNIJ=p+LgxsXMeJ9=cs{}3_08gFLGCG*kQ6}$iwyMW8u}~ z>qvkFU2?_y{ouA_+SIwuk>b5|H>_7}+;cId5&Kmv;9t~0_voioJ{g==N}@uq4(lb& zVz&*pEi9UkQ%plbqcuK*AJolq?g-hkxSLWr35lf$nR&GZQv=6%z=y>zy{%G}w|P1Z zFocxxM~pU=_cFW`GLea8oA`)}wqGWAY;&BnBRt@BuZmO&+vj7g0%DDm>7phC2ly*j zJjOlL;I6I*cKO@#_z6i6N`z8F5?cLdL_xJ2sJfK?vu-}hO z$B0%+jM*ka1i$Llr}HDv@s?L@1BsD$F?jVxFpsE(X-a2z)+i1@+W~vD={PEW3Ilel z01JQJ`BloVlSKdtg0C4-#iG9Wrfd|rI+E~A9?0zFBtA|o_VlZfDe!%Wu-WypjSSVa z-LQWqPGO>@WqZX7Ig@?-l{@6=7amATmqreH31GubJ4OJ0PCqu1Ms&1h=&m0i9Rm8l zfPYc;mu>U788pW%-0hBozI}JDD!ZGZ+V=;9j!g?$?l0AyoUB;;;-+RK2urxEQO7-< zp=wM*o~B7aM9vk6a|ESy1v7CVB3Hex6RCV`Z+fq|^xjRhW4$Vo9iro1gc|Oa7&wrB zfFFJwzNPG}wbJ|zz%?ltnl+8G$^acYUao0z>9_!T^Sl&}vx<2;dB7hqu4%{MRd8nl zsUytKA35Xe@RtRej4n!A!p3XZseLl_90Zc#j(8KzoU!c$A!KVC#w(#!9s?%}i%0|8 zul(Wo!?fQ*kuxI|NN9FrQHd$2o6vNPqCHA^v+t{C-BZL{XX5o(vjCiUO^dY6(tQC& zJS`?k=mh)s!6JI2gg+#`G5%IRpCEW!>~y9X0&zOEi~B2YtcAhS(3PlqSJTh4%r5v; zKCVzMqZiF&6ulddk=N9vcJhLwy8K?C0GK2sI|+$!%>TGe^Bd$Wa}Yk2wow+9BE8Uo z>N4`tQy4t_ohWBl5Fgsn05bqFcVF2#*_4cBInF&RIIrhY$aJ_c>Us@62$^7EixLT8 zcG1Eq#|-POw?st#_yQ6ZBmR4ltP@s=lAg{Jk?;YV!3?XBbREI+K_q6T0xV&$Zu8BrspS z9lk`NCdNQStSj|2-|}V{Jo@V1H+c^NE&B9CZa)BuRcz+v9!rB~T66X4y#JzG4Y(j^ zp2(@Ub5t#BLQ7$#TmJ$%d#P0~u$$MsE&l~*oZL@gpxqy&W!&@xapui|^|p}wVO=-~ zNsoBKq`ey;rJt$aUcW)}DqkP};spP?)f(!gOadkv`4WQgh^I|1>@lj{XE{62hpz`} zKd<2Ne$aQJdOsBCE7JUOJ^D=kb=XTR8$*(oY>@@8Nz6zT1{EVt;Qmh?`)Z}~-^^Jy zSRr9QPXJESs0Ecj`j_0<`$SLBbdR|4ynIeoEwt?aX*i8Rfih03Orxa((xi~HDb+eZ zuCpR_An1qncu`c(X@lMP#H+UWeBs|lH#{ah415jI!J=(~Kan>X2G1rzxI(3^jH$r}6?r_86w8H@|;30^)`z2U$ z76$&UZ3c|t%SKw?eMdeu;mgeq(mT_R8=6|$ndMfrTW-m$1?pC}-T-9>!d2r)Roj=K zZ|}7V0@nR=AU8D!`1EXfs~E+T^Ohc+I~n;()sNmYjT`-xlQ8a>0KT7pMh(AeSq->j zaXyeI7`3h|dyUOQNCw68}vUAP9vSCmbn<%Yh z@RlR>C80n}B&epXf8R@@9G)QTTw{U%ovRwbahy<~?=}cxzLPGas^C=#6 z8@&wqcfKUugvCb39WmO=$o)+6R;rYv*HC@)uUtHo+M+wBiIiV316KdU;C`EBv_g+R zB6}KGd+s-$$iT!k-XryxXk(a)gycSF!cVAt&+jS^;|J=k(9_C94#s_Vx=1{T@p*>_ zri%Ud4X;Ws^p_c?mCU2Ebn97m;8hvqP+dwg95+I(Y zO7zwR<2OMpv7{2`O=t?oL~*J{%@<#ysLDE8N0VH*gdC z$)W-X!iGTwRDS%-P0GGQW&6Z!TUUIxVqmHvj5m0(4(2SdBtYSuTr~w|8t!grdHYjg z9vpR1nUe0(zU>+=ba-|OW{7*iU+Kac;XF2uN|zT%5Vz8p)ots z{25HYXC(W-WhBOq6k%){XF3Y@JX!d)TzTJ!KeguR{z!@JmP^aUFm$fIVP0p_hMel+ zu$|S`FVs2sRux&^#Fd1pexEX_N!IV=Kn)3h*eMg>@-5rOM&w}YO^l!U%kGZ(+G%gk zL&gZM-!lpn@xkhf7kzCH$?bVHaFZhP?sq&#(^60ypPMkkxJ+l}1IV!WfavL3?#$@V z-_NC138&86gL`xTPs~eXk6mp)c&}Le(GsL#;!Y63vR4Q4=-4*!uPEUBSSJR>nohF zL)+!8^H~U|SnZ?MzHx5ub&V`pxg8EIe_IngIR?D-5$~dDmb!u;a_P++@Os##k7Dea znsmy#>c6YMYLFCe9NhZHBjd)QB|_vtpa3UreU8Cjchj0W%JXtc)C71YY?O3EQYbG) z3x)w=f@|--h1`EA`Oa)#`Z+sP*D)Tq!an2ZKDiKOKWJLF{J`*iT}1W;9%U*_;kz9> z!S8Y6ac_9-*Oj25&Owp4Blr}Rc`e*apxh;xjy7ku%wtuAT`fO*_~x-H3cND)Df?fv c1V3N|Ey<+$M%eN`{;CD2C}_%8$i55tKh1kwSpWb4 literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png new file mode 100644 index 0000000000000000000000000000000000000000..6aff0dea0b65ecbd59083b408a5a49740e0ff3ba GIT binary patch literal 13394 zcmd5@k-G`a( z-_-PU)l~H}Rn=25>Z)>>Xk=(GFff=3^3s~ncI3YU1qpht*00HfHn3kc}Hw&Xu?$Ks$o7Gk!eHG|)lh&h6Siprh&KgbZCu`4K$A z>;_aoW4O@Hj=bFQ#C&9kDvndzp{8J1h-xCmp%LGnU1nrK#LqY zans*YrCk(gr_jTr_7D^P3bh1-{d@9`5z<~<{3E7y#PL^P=Z-OtXIQwWZ~kF32tCY| zn8z7$nkNZYveyrZ2+z(d;SBR`eNih5FKKShBM{2Nucu#|$hWmz+cj98J{_5h_)(2B}0(NC%xT9 z^`Y$wnRB$9QC+_RSISYg(sfxM{w_lc&0&(yC&es5$jkdEvAr*)f-$2iJ?Ah?Fd3U~ zsy35}vcoI+XH>oQ>#LbJzvp)c-bl&Zp`9o2QYQ;BGM+^k_EI^?6uY8z4Qn{j^ zGwM`fN=a5RwXim3zk1s)$#J}+!2MQDby))Sg1o{;A;i|^Pcmv(xd?UpHAPTa?0_T-?4N|ls4H0 zwHCr(J>*-dY)-fW^4>OtUWL%$@8&1)791ggvs3pu-p_oKEk>$hYhG8Q_Pu<&26z`P zmRZ^+i_gcYwl%gSgrQcE01@AjTbx}|nxFXPWs3C*1f26McMmqU>x9BRt6HnJUnUaT zXM^ZJm$|_Ml&?sA+y@T&rJmYU#o>k#Bz^uR=EJ|(6uO=sB#6FK{V1}QoV8+H9HsAs&0AI?N13bQo?^gC-rufJ(Tca;&z z)OD#{@IT@ZZh9*yzmJ43Z9ClF1x4PYXAF&cS_g{DOKte2!!%?8L@cIp5-r3+w2}`e z1Zsy1Pnov-M@M{y!c>GEdRo6OoEagX{CYk^933eYXA6`VPx&&2MqJ!ewf2z)jH-Df zgwmtj0?wmU`I3EYa1C&|y)$UO+`??Gyj$~=^_)xW8%@vezIln2&oCA*o%(Z=mSiMo z%O>eFyOm^KF+FRd_Cp3eQs3|edN*B{n> z4(HzU7P&8X+PNZ6iDteTjPfa*tW|%NED^yvRqIr!rIG9Shs!D#5 zu3M1R%5Kxn*Y1>i%I*&|ukq>bcu5x1m5=M;m&i&URwL3EnzKMANuj!TpOxr{XY|W& zKnX>e)uYm%=%ACf%IC;$bR23jL0MPkjz|^(PWFF;c}MpP)LZa&3^+wgOM3n!>@`z)5@_C1^w=26uwp~A@e_`un{x3^*D*(5sL9^i!s?B6N@%-%2r zHDK@oJf7^eh?mQ>!HuIC{iwrFfOGlhh97{JvB$3I#j3-HhH@CbVDg2>9d&OKspZz@ zr*_ZlR*?X&z+-y_W)b1pOS#2mxt4ZQrmmV(d5cCD!;88Lqok7vc- zr02#A?dok+)U43}DmFE~F2o{2sKj2)w*@o#(&<@Y!PyU2?B6wzSU`aYnffNdM#vfiA*txmQ0Cm(m}sf7=@!Cznt!iUz3Wy0q>zXT+3w8lCdRiLKwv zBYv;WoSWQ#N^;f34L2hTVDD^FJ+=#2h(`2B=VPny4&2*e>w=-EWrqxJcRP6v zppzQ4#N@PE-EL&Jj&EK?GZuastjWrF)7M&j&L`V#)Mf2J;kIx^jpmi33)qM)!5kj) zPDMMP_}YPO_Lve>YerTL`qCu~5;}VKS^Kl-yKn12-{kXLW%_dZs#1BMYLZ*d9dqF6 zeDT(O_x`kCQ!zft&eVZY*ypc~d12<<-`*mU17bb6M8O+LSZWUFG`CrIsddC9*R)W~ zSLgeZHL1_*4W>rt*&7_{M4%TlG+K30{Y*H1CA}h>xDWfH%CfgTR+pgg!y|b<1t7U2 z0%`M|E5m&M_1Jk?9gi4d9^$=dDtewWu|4T*C&+-WVYmt#)YQ^6Ra_i0-aiO^h&{|$ z)4!J;eW&D69BF2Y9`AvF2@ceP*51!qbIoa4ov9~-CE3Bu zK#~9X5`8Y>=M|YmRGB!5>88CJaja+4I!1AS`M_ThfMkkq*tL#tuD4aI!`)LjJp2?# zMye(v{&Nrg>z*Knt{mm|Wa-MS+YM9yuRS^nV4F}0FI=GIObrm8_d{UaD}w3$-fgjc zuN_0QrWgKFz-c-8xzWPQj0`CSzRD&ACr4)2-`Yd*Q%gr8%t)gnm!seG-%i2u8U|80 zR8b-~Yz|AYW3jXWg4Z3Z1o8Vs7*K6(7v)r0efb*xKQOtgrxtXebzL;SZH%{ zjKd#=+wFogL~IUCTh7>N>cnf}3i7P>_+znwZge50Lr?hV&+Xdu)o5nUNT17RoGQ#iUE!hU3zzLH^Xf?*l6QyS%G7fYD4k&}GF`1FN9X>T z1v@T^dyyE*jUn%KiLOEweXI?^9u!)srEl09cZ zg>1@2(nmekuIunadvwv&KNG@x^J+B)(>G5;h7eGdu?hHaQ`ulox%QH7ruNJ5jp|2M z$A(jR@23+QdF18;7vluq&Abq52iTjN7bVckRd~W|x9z9tZZ~V+SA3>mNDHgIb!oa+ zOis^z+7t+Do;Ldzh7^UV-m1Wtd-@eAs3ip>{GE#NQub*N{@(kt{@Ua;t2Wwm0XEAu zUjkaz{_J*Q$+E3+TYUX{<&};BntQ=n=xQ>z&i6>`myj{B|H)=lG{ksw+9}pk@SXg#2j;9=?Lt{z7TrXk{1H_58G(sa1O^ zo)gjsn&o!AVLyWeRK!_Swk0OL=K65IiX7)Jow$)!I@4Yo+*$|nmo&Z|jtKkP;C!$5 zA)L-@ylfZ{Z5o=9i^HBTJ-6T@u+EZUQ6c4e#>qdfJ5R_HsW*I3?10VP$?E0 zEvA_cA{7ETAF3l2ZZ~}LpKB*O!iJr_AV-52t7biX%=c~;e~nI0ITJQp;yAM1`ck>Tk?0JU%YVRH?QWbIA$9lRhmA@HF_$`!0x}BBt#TjQ8 zYtk8^m{5N}4MVkvW{zAdnsGfoY9tg2Fz!0I5H|BA%NrfJs%iHfv3)lZyB4Y@kxTk= z_vmUrFcCqnnd2hc0RB%NGVDM2h8n)^tYok^^B?lv!nFNcgSo2r`ta|3mWn+UO8TuJ z9bg-(U-qQQnxg36-gWd=_o=?OdAIA|;XwTrCdr#7-NC%h%ue&kxexhVVVrTu#C+Yi zo-zYwJltPC_*5+i4#y)JQGZ;BR^zQlY!>y$j*2nV%5nMgzYI{ke2@rUiXBg}+O4Bi zFnc2Xz(I!~xC6O*Y&t?lI=ig_A2cIFz62dK1ivQRP-^Xn{dDOt6Xtj{_p5=vgeRd<|i7eJm< zLXb+=od4D<(k3G9p)-!kREm`wNeDrRAvlFUjN-!C@Ke`bx7NL{0M?>r{g07x!{^#s zulXR3-Qn8te}qtH9OPN-Y$C&-jp8mGy|IY4*2X>0E%~J_Hx*wx+~xjdpw{`V*uwIU z?RQ)V9*S(*B6@$=1fJ|8zhmLZqzK49Dlpip9w(Q52wv z+EDwN9idfuPVFJTR;b`sUXR(J55-V3Wuw~--|CJ2RDaw()JSM>HUCvj?r3QN*cb(% zjCbI6X1(Jq;H&$ph(g=nx;+<3+>`75P!ey1#Dk8kciMe>{0IpG{g|s)L7Y$lopm@B zc%%j?i$VcZ;hS7o`Dd0Vs8N@FkT`C(r(_&CyK6=-U0f3`UTme?))UneAPhA9{r7h$ zGWnG1;~@#pnx}OHvl#5$D!3d36~lwmb#1O>c@Mw9lddWgAm$8tJN&C4yifh6_s16V zkiVitIH*4G@`t~sqfrTlbe^`+>i*ApY;aAA6+bSJQ^KhE^Sv@Nzb~TQg5nq2k;%J- z>#~J4Z{1uM5FE%3`zz(EXk4dtAzWy3c%@;O^f zNqSdb%NZ}2Z%r_wZ;VgvdJMezBdtYNUU^#L^LfpwJ>xKWC;By*m-;@)2&~ zu{8ippT~QvnP_9Ftc{LA*QE<<{uXq4W#?eZl7B{(Q4^O{!DkNn`iYZqQp6#F*z@VP zM&+nItVCn{VIuHbYK9jdH((jK2nsy$(yo?J@hVqn(TEf5tR)o$|^&p&cnM6z=npLO)3PuJ7?n-3TaC z-YL0W^XoaN+(zuKhz7}N~*-bi}0vMO|I zw(?V=F3AaOhy&n9Vj$NOP_rDC(e+iPu(M*qiA`>{*m$qBUbl*7VX64|eE$;j5Sqmm zSS&#*_zEPIoTNa*6L2`Jf5#YDt0p@~p3yX|0Fw0oREd(UdUU+T2eq`^&p0?{`gmr5 z(511pK}11$ZPWGH+#M)atGkbO70z?Blyfydrxx?Z%I{hiHPZ%xDBZcudh8jEhuBgM zhOykhd3m1Ijv4sx3|)5&x}#R&I=Z;hM_7wKgdUG+8I6w7EiB92q8M2GdCjgH>B9+| zI>Ek%R_5gpncmGWis;l}52Fr0-xaw;1u3F1L3_;G6D3aXx8JKZ=3s3mDrd@v-LPux zT_+LkoLO`!tHpd@a$Krf=F_5;G=SEFhpZrUWX!is_=9v{pP>&sk+vzGpK`V%)uH0% z(P`Hnn9`ft^!KwZsV?^w#@*$%r@;L}K$llL=i$dk8#>81wCU|pxV8Y4?hH?cS)v=k zl_&YbY{)a4QKPrx+&`D|(JDQfB#=x{VNI2Kd$UroB_I(RqwzjCbH1{yn3{N_aRk2` zj;+ly_#ql$@#X%u8=dUva1r6;9^gUh?WGMnk6E1!`kFk%Njzr@4G1yVk&>8JCRZWE zK6JOrd8`6q@4`%-@Q1C za`2~w!sJB<@#9Wlsz&b?Q>-+w3pfn~F%ON743Q=bu1<3|JdtG;+KH=a)c6P}*+26H z4yy6SGruq*X6_mjttcd-ehWq{3}%EFsevq0)H?Jm*8T;oIYI8EmYm-#_eJ5c`0~KZ7KQC|cvC&cW1+bKQ<4C7j3)LKQ(rIMbl&|hEeGHADH`jJ)wieF zjvL$f^is+)}N8#$B&!DK-C-s;(#Df=OYT{);*2W54CG zyCF1W130jRsKqRVB#7x}cVuk0t){HG&J3AOzI-{q9r`0RP^ov)e)^EL$HS0a8;@)z zU(5zWMnYnyXZY(;F&Y6pdI&U7!SN+h2%|Sr?SE;Fq8Y4`3jbSq^rw-(THMaTpwZUx z-OJ4TP+#|0MmUp9`5hLWV=?`9Opy9g8MZ1l&d^p=%5<7x z_xF6MHScODJ8;t?6{0)c`YV`wf zSx3(KdeQ5J*GMZZ4jU)g59YJ-+wFAm=?qd?dd{JXMgVRe-g>EDm3}-t3cm=*tW!1j z`(4`Poj&1_`T4`w-5q+#r$BXYYM!nf!3=zMdtzKu{+-rt_d1}2>YtyAB;^X4xtTOMR>V^JD5dtM@TJzz)paItQv|xSOsKRji?+OL;4MAPXlqRauIbOc zynO)WYN~am>mdmR!U`r;vd|oc=uYBHjdz21tG~s4%IfBrTq@U+Il5+xOvkkfs&x|v z*{rRo++7<;{lPFmzyWXIV7PrdjfIyRLm4Wq=K?A!8$Kyje} z)JJLjZ#D1_!!Q`AA!ZZOgoBnPO91VIGIdlyx{QKHnDk+l7Da&Z*DnLNC)?l!g^ad{ zn3g`K^{g+;i~5UST!?O4O&92Kp}BQ>bHA&#&k{`X&bO@_tN%Bb@R0P~E`RkMFcRr5 zpH`*}auy`ZfAS_YG%%JI~yxsPI@Xe-X1R9>omfx_Hj7__!8~+RefrfngK*DZoo+NCPxU z@||HnC6riEBa~!$$8B{gmj6>c(XlN;ERl-X3|C39|Kw@YyI5Z0sHQu0ue-LqWvUF> zNJ&Xa7g@GZi7#s*<78a@0fGpoWIO4t)#t<1!K`Yx0wfb0xYw_er2m8~Meu-T)uer7 z&w%~(2?KBH#Z6a13{#bdXJ6sNvq?}EV?q^gCE`q5lZj&?R1U9_l z!0mku1|i`macTk0<^$704;>lNCMPjoHny9@iL0p?l}5=zI8rw%dv+Kbomfz~8Be~5 z&um{(piD^_N=lC{_4dOshOgI-oX2bhSI(sX=6AVjy+2W?*jq>4;3|5<%6aB3_~B=W zCBkAnqh(AKvD@Oof6J*@o4hJI!)Ik@7n2JwXur<(j^2VG5K-w&P}S<{w4Gm z8|Wl3K@~Uk=S%CTWeR)QZ)rv1^Dh;XEOmp4-Dh96*|e0?@q~Ndo;OHc+D-1v1}j0_ zZC5efvC>!y8^HQkvR?Y&mY8#RWuoKR-VND`cNKQfdQU34zw8gHz=od_9Y%kU^pD+F ztqb+57rzDu?A%$DJHmao!NL8PqyJ33fXsb_L5f|Z-905D$;!{%G`Srr8(yWMqI*2m z%gX@sl5e8=oH9EFUBYvMCm);imB?d!l5=3%6GQRmL%60fE-c{!*^)kxWz3!cc4CZP z&+T&|20=k0TT&>K%X?lcah9Vb6LL1+E-+iAdEx#<$2Z1I!%3{NG=F}~eC^?Bi;$>X zmZ)U`lQu5g@$)#}rwDtH+B7YfDuMOk*xUudB`kYk34Vuk5+aa859fI8;FJXi*c7^) z4pc-^LkqU71o)z0jhq-{2dAL(Z^k$msOm|_nI7uj`A#dI!vrSQxiCxXZ# zMZ*1Z6F$`_Qi;UeF>9mvA+YqrMT<(G5!9#Mu$V-mk>&?zQ=`y7u4 zTx)adPqt>cQ-H-Ri44#G{7b;6`Y{q;EK~4$`r_X|3xrr-O#-p(4?Oa$btt^875$XA z(c0+KvX!TNmhy7r=CDgXCtmiA)VEv)j(9{@3gq?YJ|M785q*014a~5}F3rd=SQO~H z70h1tT1Ka+s5*6h+4>gn5CSyx)(2jTow* z5@ot@1q__}jG{6xg?EyeW*JS!hArzcuHd9zJaO6Sw@PpdNajd2h3(>CRuA0Mf~!i@ zgg&NdgppJ)R>s&TY1;Eie!i#vbaYHq{*$g>wN&B;C1#`bBMXbLjBlyoz|uLS@i^QX zoZc*V45(Z%+_754^Xb_*ZOYG9w#{N~(Sc#d8jJR5hM06OJGQK3sI$+(*ZJq%;W2z4 z)x09<4SgjRJ@ZO`XZv(8!Ow%A(?D_UlK{RPw!76xTi^0pMNimqNwFyl#pCk7I|%v{ zPs)=;w~Na^$2jj;&NhNirE4<~9JX;!V5POcg@qPz*1y21KYm{L!gX*p>iM0&N-VSmb)-Cwr02+S#2esrVGWi7*|cH_1;dp^33;;NvlF?{u3`n2(6 zd=)O)dKf2epYIt%pXT8YC~GKms9*n7n!%k@BVNLCD(I=ooBf>VZV5YAEae}&^c0ZP zFKx*~fpl(ed#%2wNeD74C3A&AEi9#zHq4CGvKt~tF`vxBuMV^0>0}gJ|Y&ksMWcnmiX{~zxZ3{OmS-E21aoeQj8rNO<1E7?-*zC8)~@> ztHl`^SKI-mZ!ui!rws`@M@1Cq!Y)XHl$rg|SR=9NOf zMPX(9^>sW3jDr5TMEfggXP!3Eo7 zk-?3-c|M)r3PHmK4p!vIYc*f5!jT`MNQe(_uxU5z2zqOd9{)#+IpGUFQPCu)&P=va}@a9 zWBkZ%<=t&(9hbb^l_6);@>M{hfha$w_Wlz^{vR^cq;x5oI~}+h56G!xBQ-^?iGw1s5l$mV4$cb*3>6KNolTq*I($Qa^Py{Cg5cLZdBwSS(M)=Ib!Ns8AVWcg zRRRfKGUuPujN6|cnhO)h&0Iy{5?7^KxAU&4us*!*1TFKiDtK{2?&&C!22Y5mee;Ys zl!ugub`T)*BX#dvt?(sD>%gT&u?QOxxSTdTmun3DaXO=_<+u4rqeeKUU*Zk!26OCC zOP(m&(^Ll6wrdl2(Zn5NoM#U(mmC~jw`}>C2lMw@Vk6jH__Tqmd{nc6Wb0f}937|D zT`2d8IrB#2ii^3$Sb;jiyEvadT1%!YWof?i>>rZjlp`r_6= zBmbl?Qkv&bq%YyY=si_N5jsb`3eP6Y;x(BJI>QyeW^t%Vh+8+3*97AMOwTYV(850w zT}D9c-%YFb$`dj&A88W6T+EI!q-%`|K-y9z$xb=*0UF!@B3$4#Zbb1wB<69DaqZ`x z?(n+d(>mm8WGIGvDql?5gnO@Jb(};djxy09aAi*rbCWJUKw@k_b3r+?@|6pI##<~j zuPVAYKR)m)@T=F4xP|n6L7f*ZP&iYS@MiQt24`6xp08WNGD~z87Z(2eaID+>8v$0* zzs`>67aWEjwMI9h9pds!1VDgm5|THmZXfm9mazGxrZ<~ft6f`kl)DBh5O>V zXjS6oV@3%>R6}tJa`BAAD=yb#pcRS|l)-%IH#%#3RN|&_9f*MeD}z8R>^mOg%iMO| zCOKv+P9ZM;{fVh-QZYvS4m_Ta(!apgfj9i3l{>Pe&Dmba;;hm}@Uo+Tgmjv*&2qOw z7Xji0dFvcIhZ4^tFcP49oI6hM|6X1#Ub4CHjEz{3G*rq=``{tj&Yn5wf-p@7gUEj? zQdH5OQU_X%woI`U<46kLz6wqD7r%#$6sfcn^xj7 zX1rNW7K2JT9A2gYDIU$h#o__;e7k{6txsOPXRtD)#coI%wvbLNZsKV4`o?a$3RCuo ze8x#zsC$3#E?9R4*?5GfGrY~7dQk0_lv-gt3U{aTQGh>)Day4Hc`Q@Yp~YvSR5U87e;df&vjJ7sngCfd^F@8{}EX(`C{` z58VmD_hDVLBpnE2)VHqw_(%ajjKGD0)-e;doz0qf$1K}1IiBx4LX2(BhuyNOl9GHv z|2q9$61EmIybC{o3gz<^`;CuSY`Y7}j6S~TKljvUwRAYOjDC$p>!!G6MTy`{s*{e9 zUH3qSS60enFZe7pG_*T@{#M0|kwxSqmA20Ct1B{ltEyBBz*+f&=C2qcC2B2AO?SVJ zgc4Fcu}<|PTp>Cnl)|e90sw}$kZmCCV>u5g{jL>k#)enNm~}+G-&g8x0d7M_FiIjQ zQPiJ+U_67Xh%HG>%{nU{XAtTNDAs}h=@^ImI7Q5rb5ma`#ed*$592|pFCW`Z!aT$C zB?yzx9$q2L%b>E8-9DHb*;>aP@h*bcV;^Z0rdc;E(_=o=?nuIWb>v`ut@119TO7QR z0#%CaFd8@a6~X)!qJGqG_EwoeMe zl5qas+R4-jXn0oImjMY4keqtznBAcH{M$GV;KlBhK<_>$H7~^i0}`Psd{k zh3A(in4?lo(#!9~xuiD18h-eMki@q*(;dqgH&Hu-#VYVQT{Rr7b)ZH_^$tYPuD}=t zF<{SsA~a%MLc!^;E!_C$wYm!rmon;yjL@TNq`B5^jAhM;VIMYXc!idc)-~z}f5{iy zn7$eYkp7_jm*gKEHD?tDlU{cyQW^*Zrv3oMR(QO>@A`}f%IUo%N&sCe#pKi#*I z((!0xmhb_=7KN19k;mN0&Oa41oyBWeJ^Kqx(iRc9+mdMh;``mopPQ zx`^s?^VnwUK$M+n&|fjC!M35@1~r|X?|aGnF`vfuB9}-}#I^lJpuV4XF#`ZTs@wn3 znn~>SX08w#rpD7T&?&srS%yQLK#u+9ypS^u)lP{UmewMX1FW?quEZ)ws6-By-}j-Z znIcKoSDLTDKor>b=$%yhW2x0Zxko-Gh`KoHYm43tP{jtqiUYj9kX~~fxJQQ?=*~n2 z*8nkFFch4=LbuCgl2qegkcmXbPCXFd4Z|~oq9 zx>KA%FE2`To-0QmI4eS_{=G1~n(S6mH5IB0PetszKrPjbtY;zogYll%RI+ga&l@ld z(D#8DZtz?U{qRY<>UFPOYtwQ?0k$tHb0DF@erI zM!w(QT-qH!4;qbFS9?~;wYW}xF(Ja}#Th~vajXv-FE~!?q|L1O1=5s$DFFZV83nRu z!u+cw~{^sQtkC+zSVCAjPW=C~Dr3u?!B!1$cPH(-&bO z(4c*4?RPe#u5>!0vp`z(gX_b!9L<H}Yx2gzi-pBbgHn1DX1!@3IZZ zam$A`5ICHmt$nH$kxBPpz&DhsI^nZ}ptU}Sp#k>Nsa9HN?FeePhaTrLx(fVEYPA(_ zDMQ_I6VDP+9akbkfa#Hk5Z!7_d1bZcn@p1p7KyQ9WKt~CjzjcD(hP=NT4xkyN71ue zSJ)?ca0?~E+e38zbdpr0G?HukTrmhhV?*vUcG`rTYbU$vD1}M;qQRq0rd>4Sla-(# z=x{3kZ2dJEcc^sBFg-?Y^3LbQ5K_k^4WXz*j??ieC@Qg%?@{x~Q1fkb9Enj$o%`jQ zS*PNqtl};~$DSlruemGM9}}Rx@B#g=ok`k7%lGQ?5y|38!7LwUxQvxh0xT&!sLiueU}=nxArI%YkGs4!?*I{ zosSPMjK@iz55nP{o0h3`R8Rg5&FcW6u9$A!<_=@>q;wu%e9>M~ssS#aaBrX^l)-y5hWu3{w4A)*o}2$Ll16}czU z`F6+Ms78T66xXhI-IoA0X)z#-Dn5@)_fqyVMf#@C^ce@5;`+#Qb{V`* zH$0+4Yzf7q>lCfso^oZj!e+jcj5{7^_UWb&;{b);@)zAtd5cdaRyT?2vJO#2(zZ2Q z7<=9)$pk5yC+pKFcbATnaG~e(;mO%pd2<169elIB_i{BL(0W6&1h)o_u#ipRXjuf{ zuXC276#V{?X2_oT@E@T^^^cV5L_dIaCj*q{F*u%Fcb7F2UWn52Hanr0aZ53{pG%97 z^Hi=364`9<4U-M3qEdYZ$0U+Q5tD0zNH9vvV*`^#wlk`0L*&Jb)jg!I4in@#nB{8w zp5U}-wgeN_gXl>N-sOAA-wC(ohHSvogdsDkScRI!5?zCV?U#;3 zowbw;$nj2qPWkfqz5TyQRv;wQp5mmV6XGtE^d%5E}?2}(ezgX}gv+h%YUDGbT7 zVe}xumBtQgS^2_{RWk(B?X_uar@5!?)~rUW8^VT+!b{%xQ2fa7a>cDN(H|W@C)gq1 z$m9E>>m-r`40ye7l1E#hnIRa7*-44zWoC*7uA@qAc!V7Fb&|k!-+iKJ=&27D9lOU% z+41@|FJcJCu17qNvsHE!2v!pQmEqK>x<8@QLJNEUj?*X$di z`~g0}DingC;Uk)qomxE6)YnTKXD$fvy0FOk6F!I1(5UI^OFz-Vy5(hQkOh1D0^`2d5O%&mPZu*&dsVDF2RG*B~3${Iblo%DH~ zLXehzhA6B}m)@}CwzQ^K?)Zlf&yP~cq;T~y)MV)uKTXO|_5^7C2m7XsAEGcmw1Olz zrrXpD1g$@j2c6S)h2=u`zY-^<%{V&1bOrduVDBW;zDa2))wZw}w7v`7%$nWpkgqkj zrG-*?W|qKbSJ29o!z+_wy*i%%sF?@H*51C*dJd0A_F0zY%>Ss$H@6KPBG8JG_5k8T z!V~5HsEkj3D<)J>228r+ZqU3Kp;RIKz^;@35A3~BYuS85AVyGvhZYIJD9ETv*L*e) F`yYm4BGCW< literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png new file mode 100644 index 0000000000000000000000000000000000000000..772dab0fe8ff88f6a16fb0223358382bfba8390f GIT binary patch literal 5551 zcmb`LXEdBqx5t^$4Q4RWW5^&%FnTv(^dUNtXcN7QE<=nGU1UVBK_q$!Lez{FB1DAf zy-V~6334azUF)v(e!m}{=d87#v)4N3JZJy*{_l8011&llb{Y~A5;`4ilreGq@b96b zAik?DYYK=1sh_cy8cEFv=Qarm)Kv#{+cenbhxOw+j){P)5gLyffc*+%KM#EGGn^T~ zUr)JE^S!rh-2y?X7h0=M4d#D8LIPw}JAW1!(a5S6kxGikWZ|;td)i-FKQQ4e^7=vM zPChka_=^8iqifNHOKvF-9Gp<^uOR$!ZC!bA#(Mrylf|Rc!e6l?=Oglqt&8{OC*~hf zKcof{kQNl$Ef9)m+#VEKTVd}NO#-)jf+@ZrU_q(=?eP`{M8jI?n6Z-r z1q!wu%v75v4g(D8l)N1FCpvyPHr6c(+>abgIkUf2#C20+W9masy(*Z z$%9&0m)Opbm;Rv|T4vMC+Uec`1R5@K z+KmGQGWuaP3YRh@AqW;*0*lL6%0$nfQFn4XV28^1c_4DR5-O@y~7sg8v$eYTX>{p2;gM_CN z%4Vx6(?%oB(1~kZa+4kY+t3coLBn2!Pk>EIVnfIM8{Nvc3<9G zuSR7#>(ugnVg^~>0?RJ>#rtwZEZ#AC#F<%$SWXCyHxH5sti%dJ_TqqWnLr7$Et{S5fRoyLJQ{4`n{r8o z$ydlPV626RX%vO|*N;-3oy+G~;Rs>$25iNyL4iQt?V%blOA^VOG|hNqdggQ=5%@8v+zz#n3QiqJS@!+4@i z_64AupQ2NpPHFt+(o5$dDNioTKa|5CNiK}Ukmv2P#4ESJNjDdXYdgKQl(Ao+Bi5%= z7JwAAS7wdvt!K&o$CU3M>tx*dqFu{*Lfz*FR{?kJY(p0xdk) zOSYsIOfz?nbpbUx>mmlXi0fkGq#~<&9T5Ci*|ma}d-(0%Hqo<<4UBW}fQ#E# z*%VWoxwew3B9o3ym)GgE$nY;xDz9moS|OI0vJV}e3^fWtA=;WVFV#68=^kTK$R1)e zb(@6fAlei&8cA*L(07&=LVZGo1JRWJ%M6k=R1OF8mr%)+N{cPqfR_>qBQX{|^2-u`+7d84LyC}3_MG&<9FCVX3N}Xp)Mf1or_TBpX(YHos68_L zla0x-QGF3DQkICrD=F4|ECo;M3R&h9uD0Td{Qv|9-}3Rdb4jbeJ&_$31=cpL+4MV+ zc8A~IZk2}O;2xL7z6+0?NxO8nCdcyF^md`4C~|YgBuu)P6QS{q0p4z{&zuZjJnohL z6h>e$ZZQauR~1P+v~8KqUDSArWiT=9F;tI38aG??Ews<41n6ZO^U98H{vpN6JTswB zu4d6b33Vlvi=i&Dg$UBu6+{TgX5O?a9y{E56!eSVi%M%d6e=&!ck}l}2*sZM zPNwXmO7a!`gP%S=(h=D??7t-W?;DAY?HHVSrHk)hNxsX)NE4 zNZV=006OcHK)htGC&T}7Nyqao?)%Tj2Ja3-;+AV)@z0hjWuyaqE59?b+1~l;d%YM5 zgY^%%L1$jHw{eju7nW$Xjoq+m#fTHx)gIvuTs>m_SuS;#F=M;FJmNCE&utk}L$7xN zO&<&-9AQ-`kplt`-#wU3@cxIoLUeS^tI-NC3d!aPVW}>r8V({*MRtVw?foo^W5Vpe z_l1mUE_iRcx3DGY1@y6+-xnrllj+=^@=jF6jD2M!73RTf!fL{3Ct~97@*4kXM)7;!=aX?2 zsJt_sIvKv`2ETbX<3VsW`W3&ndu#NqehzkKDJY$H?)aFVN@Qng6TRR@A33L55+8{Qcw8fWdQzQ(HJi2M2@TRa@=j!w zfT`U&-Hpe9!)#BNh8?p`uWnm-zlG;(Wj*->WW(3w!B()13$ysqFdOrwO7YqeHf7RY zW4C@SVUP%VexoSy2TNt|2>FYSD){z9-qf``wqv{g+%-G6$XM5F8lmH74(J3V{?KtD z$Jg8Pg`*JgBNncb%bR+3pKkbzZ(Z=QaZ~PnqRmE819lk9{u)Z^?&c^|j#k^aaX7_{ z>s@tSGN0?U3^ScS-!{4}!M#0i4$<~bX~5LWi&Q?|HQc!I$h(#bF5IK4dA%aDXP;W| z_}SiCA`$}{9?k-XZ-Wh{+MhR<59@5);7tu;I}o|+*1$rlbS*>Bio5Itf3EGUuufm> zpT!0kZ`4m6)++mThYaI_7N$Rzk@Zyzd#={ka!}Du6HRNnI+Gv(sBiQm^LU-Ujhfgl zd{^Myd39|PD0f@BIXRdY%+WSElFj;ULg>VCg0Jx{Z360uXJV>(IUeb;JM|n(E%(Bl zf1N{{IqXUb=zi#8Omz~0Y3fVsx%#eAniZC z-%TI8EQM?B&7vge#QRV+N#f{>veOb`whhL7UG8Po)z7kRKhqoA44{xrOSE8L{qwaKKf`+ItQ6~D z-X~-`9If~$1WF^fQ!crEZWCzJy&2^TjOYoSreE=^B*&~_!Gv!;jMkIo@}9oo?%?EI zh{?yuer1Gm;a|pX+n_;vtrrpXaw}7-`zgoV3gmO$-G$D{dhX=LRY&^hmKmxS`g7ov zFO6JmEc2s(ekg%!fm!zOrw+F}*)p~X4x)$Evx;+zz@-~$?bijF4_?AovN-F*+JpRM zLu@b5CstO1sgOd|Ws)(qj_lBF*Agb1TjCq4W@UeK*hedmnC|BLNUY|B#&}Kk88wby z&eDnS60}&)-iBsRo^VwDycx#Q2~umd6@gw6B}Vnp1gb@coU|U1BPY!HGWHd9@8*{F z`j*Q&+6I(oEjF&6jrJ1L2_dxwXf}>~SB@H<*Tn^^Xt_tLc;Z{U{w7-&S}^(~58h|& z56!32bK{%I`|Q26;gznsXXx&QakIE|m7Wz!?E?BVkI_qH#6aH#xuM?<1u-sTN?PG` zW#@zDU;ObiEWl2Dkm~mD{L;?LnR|k%#iPR02ai25dFGXdjbs;ZMMpP&~uW^5KVlH~c5=F@)kCV4woQi)mLmw5H= z9jok-aW-|?z&{W_e_3DufrNuUS@$}{--I>YPZj4-u0aVQT(VZz%u`vvnuQuhD0~)Bxd=-ZiZd2~`$TxQ^ z(isYI!17h4W-q2b7wF>n%(eN;nDlQY^_8`y`#$WEkWZM6uKqCjvUZ?P9SwoA-%r0k z$mv?0>$vf64T0fFMc(LYwlLLF0lIfGFLv21U*O`+CMIc7Jd5!~RUMDe6~?oQ@c1mW z_kGZrhZE|KRFgF^g1%m>#PTtD=`81HWXjuT+YDncz7M~2K#Hi~1}yy3%-@c%3o*B- z=OsKx=q|j%k`{*i@z(fbK)A-{H)8IHG%^CU^nz4ziPB|s{d3Mjjq^Ftv+?iD7IdRS z-W^@To!B)u!JgK4+lz3l;VG?wb`qkHp(aLheoT47^7(~O#B{|$*~*#$ta>ouX(IKT zIB|~Xp7(OinU|?y;bxZn!W$Mp_PpVShP zA;?|?Y;6}(B_rG|i%dkK5z0!w;dBJs7(R*4-L~E1Ff!~2Je?Pu=D}bh(w_#KbJ_92 zEKNK~nTOy&<3(JkTS*+P@f-nHPQ-8yK?mEx)~7EBrtAd&+ADP0IQY!NbzWb$^a3R` zx;ajAaakmXSNu?v#Z71-Q<{NSRb*-pMvM>?WqDJ1IA2GJmfOAvUj1Gi(KSfWY2!`3 z{j`iHWi;BGX?1pAO1$1N>8j15e4uJ$QPJ+P$b)Pvn8o`W6i- zF%_kvaqKEYA<^^Aq+FYaD7Upa_lT_nb9%?~;|rm-7>Cf^pLI>y8PHy&AxOn!B{%f0LIC ziDfFm`o0L}pYFcv)vXtI=%O3s`zD%nmwd%Mgw1GI^;|8ci?Byh7emdl%V#xTovBgy zjqZ=r!;GW{o~~B6!1J>P&6WaKWsxz*e1#_9UPzLy zY-y|>2AGZ^y+@AujwJ+zJji1*cbT!jRWSMscvh8Ex9reuj#Kgq-KJ!!DbL*6DDUb1 z8N$b=f)AC8#mH1Pn87rg^DnA15dT434zdC(0I5=umdRC@{q}k>VPBrl?2Z7=#GUsEJfcTq7SQ%-fzp8+%D)X`c zlY4JqORf6-eopuJ$I$=U47~Wch%W7`!j-Pu+cl+6WXFQqLl#lLXLXMT~3V{w)` zsMmjR@+1YB&8%(udh>XmMD(jsqa8g280~29`ukpKh0t&na)$Rjh$OaB$lT{i3XYN> zkzf0!0!>@WhmTMfzn>4MYEB1XZ-|U*yptSlN6rM{g-PZrazXFkM&b$?56%s|pYD8E zpuwSH+RRk4ixqYJ@unx4K1K9uWRhv1c93R1=hs|%nXjXz`?*73*l}6Bs1+(;8d0== z2nJJ}5?h0)C$Yp9;xhycRQdq9_y5^bv{zO?r5f*nuU{(J(;O IsM$sS59UG?l>h($ literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png new file mode 100644 index 0000000000000000000000000000000000000000..921bd1440ad5933af6385fb0af9c9a7bcbee5a21 GIT binary patch literal 5943 zcmcK8=RaF-*Z^>n2r*-CVpBm;tBTmMN{x!zn-*=g_9nJkCA4NsDO$BRHEY(YT|yCi z*H%3FJ%7XVyg2tb*Y&y2{W&kr^*wj2!9z_7QWjDI0s;yxq?#eV@B8l}0pr`RsPbHV zNBGK6Q-z>>m~E4QfZ64&IvZ)dVMYfea&eH1C7dwj-;;QHh^be6QIeAcZ?Snx(81 zTnvMcV&x=`ba?ZS-yuU=G%C9ApAua=>uq{4M@OacbzqXOm(m+|GgvT6EE;^|*bZ7A zG@fdRY6JhF6szai>9K2EAbXati+>Fc+Rlv5)hD&&6~Kc)u&=_v%iIO30*gW8Jx#w* z^`nO3oDM??8-SM9QsLTO?e4FZFv3&yS>idREa!;@`*xt9lIppl(FMeLFi-Nx-DAqO z9h8d0jZOqH;c`fxv(k1WFni7Cm(-mn2^Dd+jg{@e0ZqcR$hqTk`X2coYAI9p45#&k zI+I3WP zb-Fp!;npIRw@-ZB0f$0p+*lTZf2Fk~`h&Y|OL_K$!(17Jmn(-q`6M>0__rkf5fF&n*W6i2w;q~{ zXD5KNU^V_^uU8WjJdYGj3y2T)Ofw}iFb%ll+1lCr5rn5IGaQZqXy(zIm(#zx?3JkA zT;G`FJm1%atz_sGdi*$7@irX;=iY$k<2!RxkBn6DQvc4WXg zgp7CmHtck3u4Y%rhPeRljPlUi{$hMp)E4(>jhoHHfK5q5E(sG@pMMkHw5cDKU1%;r zVM=HF6l%^I&go8OkB&EkpA{aPwE3x0ABdSjGSYkjW z3b!s4Xgqjt{BP*nJ2VqP-OJbslaD7!h_x+_gd>rqp4d#rJ=YPIO1Qp*wMhYTq4k!F zo@`&-ZnlV2{3IHm=AGb4Q4ydrE@s1$=M>i9oQQQz5d}Xi*$5ToW2n!`pP1qVxNdwR z;neLr7Kp`#qw6N6;*Wio;wLGfefIQ-rO*Itn4SU!?hC@|{tKL5&1#Waor(0*4c3&? zgeLX4yCI}s2ySwyIcx_|kOC=P=j2VnazxJu!F}zq=)sP$n$=WeMMI{uI>dW_67AHp zZJr1HuLLY_Qo;|kGo_EW(3}Jd;k`JL3<=(cu!Y}lLE^xMZ-;pVb^9I_gvdh!JQrkSAkHQkCW5WwuA1 z^#pkXnkV>Mg_EOhSUUp%%$~vqiwO7`@!TX(QKz_)M}}v&C-Fv4E)`?3_q>AI!AM_2 zPG-i`nc*<2Hath)V>Am8d#u_%4e)EqAar_}cy1z3{@M!StC~f!4(j3F8A+apI{c!T zpKyP4Q_t$w`aL89mD=V4*?B6`at88@diV$8p)o5Tny&eXGN133*~Un0L%{2q^vZX@ zbZ(9Y+<9GMbl9iF8g$_;)f>yGz)AkuiZugGI5iX*XNTz-dp zN<-?kbmt3%E}2XJCia{>w3QEPigBipA#M|C%tR&jhYmh%cGbE`lnRUOqb#l5`DCutB zUN(=%b3bvB@qOU_@y?gg?2|+Uw}l6*0jKmnTkv3S ze$vZxj^Vo`tqiQm8vJsDWd%Sks3vSZq$|-OUk2h%K3?BDeqYJM+;s8}Ua7kc9>DFV z+(2bNmpwNH74SXZj~gTz6$Ui&ijzlwkmrQH?jNuY&P^YapjKLfX(}@#CL!F zfER+54L}1j*AqshQAR;7y=>ZV*M6(WyXK!BatE;-Gy z>Hemx{(qC^Fz1b;2g5+@{+VzEVe#kg8%rgMR!&=iq_z+pc(dc<8Qwx{UvX%R^vGCKBI&iE;`qIhw8|!=c!$~FD-Bs-lm~W zPud*;CG`kyuiDqwr4_=~g?zy?x}U!$zl{ne{&ROErieB^z)7f1>ck_>^!2WBV>srV zq@+xk6VXaUQx&Kpo5^*NOC_Wb?Ycn}v;J;ppx33pN<}WSI6$&! z60;V1kd_Aj=7Ah6W`HAd_l?}+;wqwg(2nPP7HVF6IrztJ6iBML9JJR@vEHwX%bJ6<^x)w?pL+9SPf*ej7`wqUbuxWUMn)zFA~u z113rIali*I-Yg1T0*aQf6&LJaP-Nbfm2=qV^;(Pb5cZLVxJa)%_13JTuF}K@ZeLVy zzpbxWVb$TL#0gwdHMxLy#my4oS;~P=ZemYkKaw)t?sKh-t@T=N&~P=pL8)w!J9PRg z5RH$jQqM~w&-k;4li?ebJ3zH69?D^UhQ(IiU|tP>IP?i{N!HG6Yg*a+vp*@XVZHc( zd-9QMr2e3ya(Yzky;YosfG%!3K_ai`=xXAn=A|R728Gw&~IV6Q(e|>s;r_g8{bg)C0Sr z-W{VRsgdPUzM=)+*Lrv$z+uO}F z)(7Jo<%h-)XvuFzqh0&ew5|cg>$-Bl%N~ZnM8oEIl$FV+?JC2{d#@QfWrXQ}&DlKU z$M8A!J~j<&=(IKWOE%rW5+?bU61#4d2wqGq>M72Z#quq5$oF5}$PYG=cAp7fQgl~^ zXjq(-XCW7WHNx1(!L*{b$V5@4s?H%o0q1M-M0a9C{0*n3#i{3c@Ng}+vS0ZzJGA-3lr5Xxy>NVe0 z4wqO_6+B2dfEGNkILpcAPlk&!{2i+%&qVl3*GgBw@kDp%_;|5l2G)fsWIbU;G2la0 zHe-Rua3FtjuHIJ)I2k@XOXy-wl%51ri%sf zL#>O*W#oV`i%xHazWy8tuL#;Z0A6^EhL_q=DTWA(|ut|8-P&a zHg-qI(1$Kpp5~i*a|G&i2V6S0s0T9{L@q3E1_#u7t5r_y`IlL?+dtR&(iC8Vb^w%U z^H0U{7}6q5#_j%_=)&lS&{wBpyA+rOJNjJNEM?N-z;Q}F*kpgtBDZ*$v49YN^44l6 z$gtmHM&vPW+)fhdW%ys?IhI)XL7w};5`DTSk%(VC;}oKw$z{U_O8HlU!$FgwKf-Dz zE_CaRy|6^Hj>_innNAGOLFw}c8gb~RU%Qr7-2iosLnLDzcm93SRkpMu#*hJvClafX zQU(%WmN_-q-e10%D3;tA?e;Cf=Gpq>H%=c#}8-2vT&g5U1O zim^Wy3p*D}*oMmYdB9Txw4EC>fG!)NB;P5Smhag4y&`Bcb_v3lc1h}C5}R%3?xRbB z7Uj1R&?Ek`U%j|)PlxfnxSFzP1WOamp97fP&IM0Qx$#m_Fgflcf^!jup#sm*QGTn# z#|41%=qgv3r2gGLQFy8nc#io21ehZ^xlfc!>(a*JOJ6z9>0-*%(gc76VNn?pA9|A2 zA}d|km5uDv9G-thuP~>Ql_Bj`!Au5rtRm~vdnKu$26Q+ zrn^j1BMUPK_w{??XvR_>-{Ex1P7I5ZhAtaFO#9{9A8xEDAt8#d+8m&N!WBBD;*$-h zhNUk}$7KJd|5GbK_0T0cf0#E}gAURojYiZW+T3-A(qjvTp1CZyRZ~MqIGvGg7E=U+ z)O~n~Mvw!ei#Qr$d88s6<@&UFUr=`jMy={M_S}zMStg>{BqlJ`aqUfuX!S|BXZ|cb zwa?-w&-Ey(%{sFxPrmmk$WdEKd98<(_hh97K_-?vhRYdS0ym&MzG zQX^&2SJEeR`J~YW+fNiE0h!-tNwa+dbQpw2VFW6K)nWC3Z)Bv8&6LYB zO?{MKGB@~wS^O!M%`)xXUpKl{4hMtZ6^J>8E`qE4=_&)IMt>}|4k3(`;;P^-F$3i_ zt1`;cmhH1-yoNsH2UIN)HMPcA;}iCZzdyTg|Cr11Zu1mZGa^;>)#e7LgXT_T`{Yu*6fm5JHXoss(F z*)>#IT_zBkVvb4d8s)#eT=$8W;yCz*da2^UW)SGGHwN z!rnvr){+J>vT?M1zM}Gj2J_n1rmiFJ#i0Z3oR8YN1sSVQq!(70Tal?ty4Ox`X_=Qm zX*nv)5`oqd1`T(An2B1!Ruo1icMY5*1_r6UiM-u!t*&~S#J+)8@97ilefYhgab0)a z6G9=wAZ7n$B*YI;(v=P^F*iK&95LY3l#SuKC=pQPL>Zka|4vs9)X%=AsB8!^nBvEm zx2noP?(tt?Bg7VRG8II`hsSUe3vN`&2XQHJm(x-q~R8v-y+wXAJ+IwBko4V6%!ZA|$K3v>Q!;28QOHT$M(1Fr@d@KlEEg1x5+!9Z z&kJ)0A8Pp)?zyZ01M@?==!8-ome0j2*_iGXDT1;PfvH%$8OsmCZrJe$4TOq$zi0jR z7MOjGrO?mKA5#|aEmCk80%@_M)zlA9BELmk(T_9qPt(ji^q?uBjk$%ArH+hVo4L9$Eh7VgluX%FC%ImQ%~;ja6kB#RyJe)8@+^63oMJu?&Do{Q z&xn9ILH;Tqs?|NOy?1`H`;2*b$w(+@o;l@HJ3+B0tv5 zrY@ZYw~sB{I`!B#biiD-24%FFfA6S0f)+UiQP8XZ;lhZJt?_|$dpMISkV>REh#6s8Z!YpOm# zzu+v`aaiA@-YLpu^;`(IPM8DoE}O;mOw7 zUpYG9+zv7fri6!+O4d{#5?C*cHI>JQb*Rcyll2e@D!@Bjb+ literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png new file mode 100644 index 0000000000000000000000000000000000000000..dc004b22db3bf7eb1e9dc4ba9f0a15445fba0e2d GIT binary patch literal 730 zcmV<00ww*4P)Px%lu1NERA@u(mhYaBuR3UBnb(1 z)m0Q_o#!M;l1P#y<(4F&C`pQ+LbhN+J~jt@T!BK4oCP3L%=F=iThwv{^`43uvvkGxKo+ z``L`m?QSPd+7ea*M6?UQQL{lmCh$_qySAfi104kxfei1*B#Y}g0A;M3j{ zLkVcD_c8N91OGOT z-}j#l3!jEW-vUahBSMJXrs$mM{Bv7)TZz5|i0BxAou=5+D2kemM&o5#@HP@X1&HV* zfNiG8<2a7PAPC;14L_{Jq5?{(GeU^X=A3_6EEdCRwfZhA_+ccv3J}o@fDH!zzT-Hd z>$)GZh96YozXC)w3t*i&=kJ)0)TgC_A4K9G0j>1~W?p09ZzW?>sZ_o!HGIDk3k0;* zmzX&;i*FPPg=B2LjS9XWiN69wl>C$>KWE8xEsCPB(P;b_HGCI|9a72@f2O4UfKuwT z5Mm2}tEEyYESJmCxWIQxF!PL*a$~2!a>sF&xvo1mZs7BITCLW~dcA(HeXr+-Y@B5l zBrxuv-T3kZMx9)qK%RhQ2l5fJY@qe>JOS$#TD~Apz_NkX%O^g8-PyA07*naRCr$PeG8ZzRkiin)jc6#B0=RM0j{8Nx_S~(o|5V6At7BIf)YUlM6aL{ zQ2|9k*iHWFB4JUDb7}r_T36Qpw|@XA5^>QkQ4tC(AW|%9Yl?0= zn#%St-f{V4KR{4(jPWCwxS6GBBY)CSa+kGI1u zanAfGfP2|iZZDpkc_JvV-M~3D1ai;Wk=UWnT|h(^Or>`VH*SzoHV7{OxSbT`_QL$N zzjNKbga%t$AalBx92`~pF96EIm?t6sfrUiCU10n6LULU;ut7Kg-jV_-zh6-Fd@zJC z4s*am*riSe70NySeQ6V1h z86cvs7ZRC&_ui9p57G!E*0cCjvTd=C=TPVH!=A0i00BQNXvQaHiAxHB#PjL*GxO~L zrpZD~h{IO~R#}>Hj;{y?o%=43SU&X;Vrr=!pfU_>3t(7pX~rVI;_Q&!SA!Y`!02qbRmS26Hazk&|^28{vU zZE0CwGFdiVAn{!KVkW*RXhRg@^__tiEzM|p&a$QoM9rm72l20br#b`>R0g(Ln$gtc z8%+~PJhv#tq!>XRnGm-u4DcFD%Pwganx+V(!(5!SVRttxsL)S~Gr)ASmCRh!j3_-9 zNXO>%JM9v;!~y3_PtsNqceV%5{MZ?#%sJGgt|Igbchoi{OExX1vR7MqCw0 zdrw-8*qmX&x4koN6BODD5Ca~Zad%Z9s;P^wS#Y!wDJ#gdG$?+O51>t_VamQ||@n{{@Z95N~TTAd=G+64^7|h^}FQbmUV1%A~Ak z@LSvf6xs+GaD@TpYure4+OR-WQx_)!FL5QP&`8LDdkpNRh@v%`FuNgvs6DC0uxX8Z zF$KpG1J4uVSwQ^Z86Y|YfcO(ONf;1WU)??_=^q8V90C6nM0Z#TBO}udB9_YubS?u@Bu$fv zn+CCz2&~mpShQw=1o&L}b40iUigHJzD;o_CR@KX6-HVPUMLD-3mT>vJDq#*fi0Zq= zWbNNZ>JW%-f{<{4Nscar$JwSkBCzl1O=kZh2PkJK4)2-2|IE^ik22wM0B?47RoH7H z2AKK6TI;yiB#^kNFJs{5KnwxlDQ0|q#`NiT`0;MxCP(F!v3})pst6_OrtK+aYm22B z^J|H@CV{A?z8SztwK(vlFX88i+E-fdT=$qS{ylQqo?mo=0_Ad4Ug*PC2LlW~x2R?B zaeAp^fy8sE^O;CwV3)b=1>s67VSGnskd0!Cb*JA)ikMBfrr(B*`fY{lMMbMx&W$)0 zh?>_ofzc%`NrX+T;L75BBQGsRmx0Ah{bmA|xoo!O%@NyrA-OK=Bv3~Jk^Ph)6ILAE zIqS+*w5sGJ=vL|z&!?|tW~r(&$<8kUcNH|_Lr!oy5=bnkXNll@t%mUes`Z)D2`NGA z6YtiSu@aEQ6G_OWh;p2h<^HMyk@>6#G0ra}jXNdb+*cU!E&5xzAHM~m=?R{F4ZL3G zgd44daapy?s|qA;>JKo`v|Omw01y3~fR7b4;})m=r%J!TtTg&PAcPlqfQ~7ioOxn0 zD3c1L-Apf0zz_Hx%UJ*XDNDq$S5E6o}a7@S4($B9S~Pe3<#FVlw+R z38|J2QhWE}6BWgNP�e0V3je7ZTZDPXud1fy8q9*+g*s#nJ1yiEvjT;cRKnYb-&r zACQl`zS2p+tp&}P@LSS^0#VKM?Es(eEBaTR|DzP)uE*zR3zFao3=B1|e;tf32L^ES zfj$?F+VQO?t$SuX*W(IgPWO_7qso8<;C0Q%JJutCE-z@A8@$3Ycgv!Vy(QkeJ+c0O zyz()b-M4N^#W`yCdF5X<_5TL2)Q{ML;FEz*7B%CCjs+6Sr9MJLw@DIQ#?lPev&5^p z^hE$)0D?FtK4UP}9nAbdo6>gu*2HR0#S%Bu;;e`GnkzPczJAC*K-~=Gx}vtG=obI+ zP3bO<@FutHwVWM7#!8HTkBvKnsHQHGz`a)rB5W+Mx(wF_H=aM`P0SGy-*J<~_be1T z!|KfRxXr=aa@s-tw7)pXD9)r$+)7w%o$TI;$9P`1)<{}I{ko`_v{fX77HB2_Mp<=pXyz>ahHR>j=RLn z)ZOBwVATs8EJ0SaF`~n~P3a^0Bb=u&vG_!^U1w>=mDL4erY;5Od$o}7MPCMf54_S< z)bcO6WnVSZ-van^j_uj_h}C8M#Bu*B9o3wE9ti*C)E+a=DJG3oPWxBu7t86F5#hVl z`c1{36QNK@7#$7-BFEzuGhJ0oW?cQ|p_=*zhqFh8C&rCdvig1OThXVW<5; z_>Pq@oD154Vd;-8IEcZkE(+|fUTs}&r2SEkSZDLukw502{~LgVy#nFXF5C9oi(Ts; zb=u!aKh@OPNxu<&Hd>nDT4FrE{foF_roNN_v8oleF$~a`EiLnn2?Y{2(>jACNQFaL zOUvkPkDzL%dulp`=l%>LKD?goI4%!n5aC-j^~V9sag1Y%bR=MPK{HO9P$02f>RKX_ z;P8z%n-OEV)J;S+>@9Qs9VC4bi2u{+{pR*N$dF&vOx+03r<~%LLj86Pycm7M_S07H z9g2C>BUa7N=-x2bKka2Y=+VWQm)$lmJ_wcu6!BYpZdKci9_64}3w!6S>Z{turyN}Ju%#K3F9ka=GF}&XcWKudkc*cw+e?bcb;AkShXpdY1o|R?h>QMe zHswY}?#Y~%MN(4k0#`}%*&jK|TDWFM%>h)oKrFWoMD1UK>DWoTGJV`iW`5+h|5s;` z@G)yVZi%q6kT8ZTG!F|To=?4tneO*$K%CmOL8m>YWmY@wUr)b|4GU)2ZEa$I(m3B( zXfs3kh?`%s_r=(8PscQS_UuoC=rS-4AN_OMYy;PN%|ZB>HQ}A}prskZsjY?uqUQAP zppux(&$h?XjQyJh;OMpK*Yr(O4z{QD9~>Q^0qj5RZ@nizu(MhI#Uqz;$P0(`NBEFP ziA&A&A3kPHJj#syUt83ERsR0=sz6NrcM@b5w=B(wH|qv%H9zt0#fLKUQE0P|WX4en z(@|VGSvd4(7npZ}Xcq`CfiW{&%^G_bFz}wDW{8T-6@d)Cf4KfqT>A}3Yb-4z-TC+0 z<7mzmb9)xg87P&K1WJRDmSy*KbE5ao%gFbTvOqd|Qpeafi5bM#M!*jXn(;|rK}hUe zyx^B2=w#T5!OC9qYJpoW8wZF-NbzSjK!*Y>W|6RsX5d$rX1r&329YK)9P^i~WcHik zXpLqdW-g2oqL%^?e%1>A2 zf2cYAXCVJGh7)*xJyn3}B|+Bfj@+U%z}XBC1&GuLwkr6)Y(I{fG80+}N~bR=>!f%x^ree~4}V z+yoVI?pV-@b(yC(Pg38Y1z}Kl9m&&1)tRaDj6|4jNBwhF(criMC`*bR?-ceH94rYl=q)P6ndUBetKk`Y8up1J`BF zh9!qb+Xh6&^`R{s&w%VRt;9M}Uc04R5Jf`$^fvK`wHn}4Wf>i>&SCobQ%V*H?juXX-v8 ze(z*;DI6OPSjQlVgd&PA1S0nGOj>29$z!lXnKdisX0n7P;~(QrHB%n|=%+(JV4|~& ziOkRa#^sm)pooMR?-c?OS zKd|~Eh&`A-3jMrE_B_EvI9~`v6b|{9`os0)%AZ)8@exlfH`%C~(=Qh(L@xBg)$IGveyl7in;$$q%dwcgdE(=jvsK^jbS$H0Tc^jj;LdDx9O=5{aYC@IQD z8FE377Y`9#MR8Mqjz@2lb0c;)Y&=cVmE(gti^RK6IhK`(m^~_WRtSr&gnI>XCV0`^ z3+5ZFq&qcLVrKdV0)J-AU=sgm0QO2Zb{VVr)Th8C<@Oo^e^z`bd=j*8@-jE>Zx?I? zcovD7`d10Ks-g|tRnXk4(5srdsDw0Gg{+2`%GG@8Kf!d-B%^q*r5UbNA&Z;(12XOa zCL13Uk65B|tgMG!o-VPS4B{CPHJ5rAR7o%D=2?5E888|2Z$&LLytG`)ud6v*mK+`( z7tNCm8&&BR?A&}nyIHB3j9s6Va+)5hGO9nVL>|IB3#=|Dw zGU(xNmS(t?9VDJlU(C!mIY3|cO5os5T(N(uTC3Z~NWwzTgW!nhWHEyT zqK5XqY3XaYUz^@lHT7*GA79xq^Fk|`6)QEaG^dYP1iY)D84uLs)afHuBR=-U74J^J zpB4UDJ$SvkhV0UDVzc5;0seqjPF%FRl}og=cyi_m7j3$3D%QQ|Xi}6vRK$TNtfb-k zE`@3@>27TJtooAf!2*h!*PjRDK-UMQPJOWxM6K>nB*B;r*Y*O?3 zx52ogUL(!E&g~^rxABks%}bzV1ub){+dhWu#dG?ZQ1DiOb}{T{sANCk_J=}slb%MD zV$5~~On)WNpWOOTIOZ|S`2vJjl#a5i%<7*>6aSWI3WmCzh)raLgmGtG7khk>YU(0w z{^?~mHlJ#BW!HM_vSrN6R)JTfA0@R%KM%I^;`XwPhFF3tbY*`n3!WhyBi|1qQG4#T zlh*ahhEY~LgS!u0*~a2RjE`BG5hFF1J`Tj<%WU8p0Us-9#w{`dS55t|Lq}={qR|7l zpR`)keGHoe2Ih1xIXJ2e{M|v2~ct{`{04%7oC0CMEJO0D_rr-i;v}!U3tl5JY^+~BZ5MlEI4J! zkwDXx+2V<0sDREDAbeXEk{ZTA{1q#ay{2J1H5w2Vp#}z&;rb>+Rf=jfGo`z$rY<%u zmQP^%*XSin%e+?juLz_k{chNNpMQYd^{gG~@VJ1(I9T4pNF<1>I!3|FksY4Ndkr>~7R=K(afhLe@mLxE5vJrnj{{ z=a#*??J$03C5`g_#PSSMo<&|=o~+xh3>OmkTLmpUbPl}fkW@3>1Mqy|*o{qtO%K3F zhwa_zGZck=EiYFNf5b-2kpjs8(0$~`71yN_cRYS_R-BUbrNvDBW&)N~e*4hn1uYY1 zF>yE&6P|&0c)eTQ*oIc@GV-HlkeHeNJb^{3`XIO6mS*@`YjK|gO{*-;I48)2HWPcy z)E^<>9nJJPj;~iN&3Mhw-w)3qF;hRDfZzHIu2J_lS(+hACp&Ixw|+7!G{=tEJ&(_C zeCBy;Zqb_~q=;;l<+e-Nb-+`dn|C_~G(|hAJ?T!^T>h=?XCu&m7qrY7V+11pLN#@< z59VM$0XE{BffI_F;b>o3tXoeg5nRKJ;apYBcpiiv5cdGe=DmG=Jv$a|6k8u^Y9rt0 z6!5vdTGq+=?wWkGT4&Wve*@qz`W+WBE-fUD;WPikGe|`sfjM0`E{{&WI}HA&5(k>n z4hQ2A5Q<>h!QelG?HvT#M>ITxS(&9o=(T|OZ+r;AP$8i3G0Oqbs;O@UFxNp>PrE1z zAKTlRePrAjBxdTLAm9g{BJj#M;m20O_~=CDJIuw&66`M$aGF;TCbG-GVMWat+N0HM z_tN{5=p4wOEzKBJQ*qP`65Dd>(KJx1oTm<2v$4SHGB)iCJ7z9gNKiy}z@>hL#K0$u znz2tcTfflA=U1BjSHPGwMxz8GsEgR+dxMp44KLXqilP z7X>aE4|lmmf4z3Z0jY@6zgddy?En-g^Ln+lB4yKX8)pVdzn@vI{6y6TK;&nF&BO`` zVar-_czZNzYgzEjTn67QON7jHSuvRzlVyI4K+2CPrY`a-T_OwkR>HwV zi>6X#+wsP3-lp^s0}&S0edkCqwuBdKD$RYYbG z>0nrmnW?)8bgnFDiRiXMA~WuL_qYNXoJC}-ek%)~4dWo-KMI<0ZNr8FXh6-Ue*|W! zikME8V|YS=j4S{Xz;TcsGJ}>EwamAq2kIg~)zrTX;Oj1$Y}^#{@2q5Y!eT^|38WP^ zFE&n~mllXWZ6&hb^U{SZw%fb)MT&x~EO>@-*tpW_GOn8l*MtJ8JZ7cW1H4eWpjrsf zRQNuk=JfMGQfBWgF$U%qwG9)VrkzwEaWnN9289QHJQpN?(9*L1<+&Rl9K>?^WkmR{ z53Z}aB;cNcW=y(RFsVQW>wJr{!iQA#7ItWiffjt+Qq9yi0P=kc`-G2A3Y}T#%=~h) zftyqy;=*_?{WT`Ova!(*uXe-$-HmWl4XJTAcNXl8>p&I(wru0!1;hzBLs@B)fpEL7? z#boxjY8a{tq&$n5sg(@+d^Ka?&)s8yn0~-}OIKN`b^mnFs`r-SJ^Gn!;}_n0YRJP@ z>*-nVz&Wc*)vP!Yh+4^;C1#Ns)eMF|ca?!ZFwt$(?6y1qnEbW>`Jx<#CVvVk{=B7S z9c2=AB#_Fxi2hwBT;`CYu$zkvFz_S+ca}h>xK=SE%%q(V+X-*7>eLP@*&_|3rnfWd^OG~?rG@eUe%*4Zq58SrjkUhe6R>E++ z=;T-+0#q!Yx`~)BZU|s_u{#Vf)-u>6z-)$C<~*=uzv#^V`A&Sz?OFV~l5NZQ?zEdR zaLi;M2KODDngk+Q4LNsiwAQflGy|pr7$v2&dc1AhwT3w_zvM0b7?=;6=aZtG1mP%?fwM(u%H>@7`Ee9lRzr7i2hAte8I7Yu%izQ z(4zovXX2eyqGv$%P9|k1+se);m3HEwgLV$=+4EZ7yXWvI_%McY7&9NP5FN(g!@v+? zm^42c1EMzM)e~iFiRV+-GSk2N5d1_gpJfarYneUDzYl5+U~u}(0qCgp+OU7?F+jv$ zqXP$4^v>J3Yh-llrqtUI5ki%vIbXRNiMVEgh>KM-eF0GZ7!C~ zQcYc?T%9ffMUK9jkB74^feeb|=K!B2LGU32c^KHiOxG5ZnerFvcs_kAGf$YzuUW7s zI}lY3L)`*t&o4SbVZ{uWeXCJC1%FPonQgv-BK#t3TH_}J^}Luj{D?JVAUt*G=gj7YqE=U{dj=8SIyNkrVYju3S>)|?c@HlN8Ss#SiBkF0;<6!u zl;1_8 zL^oTB%tdZNcTFJW_mO=1Q(zvG-_$Lzp`DO{Nf{vgcKQMR>E9o-@p-qHa#bMZ_Yp}x z4!K28XeS^H5c;8T+M1u;=q6&<1)@H<==B(gWQKQtx`{Tl6*4dZ0|fr;zFS?~Aj@@u zl;1~s^hGw45Q*Xj$k0Z}KotgVw>0C!Ua;heKq~Je`W0X}I``{EV4=+^!@wV=5v3nZ zWJC#b*PCYoDT~BRT@TP_T}K@n3>l~}@Hg8oo$*-L`rmj(h^GQ6izJu29Yp7Q6+mcr z$}-T$it?Uf=UPuULwYWd%Hvl0J}|#~$_`~1xa$lM(RqbL#|MnH$xPCW+vs_W>BK*aFIO#LqutXk|- z@2-?2Vq&_akaTBvZml8tCXmYNmYxTrvsTby|0%=((^4y$xzDeNeHBP$CQ08-U}7|ueMesDD<^SA&|02!XiDs z-U#wI=bcJKIiq)e=0O=SNh6TTOp^W@b65{ih8x2t43?ts2YNfRkND(&j9aM$GWg1?8X$F|EqL?tGEEg@M zK*}@8gNt5I1Cf<7rrU3s{tZ3lnC0b}M^g_$GyUWp6V37f-BvWHfLB zDL-;;STLj1*0!8b7D`x_+M}Dp9kaXv3RYO1*|qN2Yp#_*3S@|)N)eyP7s5(c&An-y zd83^Kdu2h(-r%gioV@}qkm1L!O3lROVPR28ZZe{qBYm`T+rqWmB|%g-jFu3Hh+b6R z9bkKTSfaY_d!g|Q8F_$K__;m3@gPQ9Xc>VFg%$5Ua!K_ISgefzzZ8Cu+^_;#*C~9NBgMQ=OZ4Pc>l-#XF@1GIG$>yq*SE#KKcE9Z?^E zvM5U2cK`OS)z3~}cUw>k2ItNEO<|V;B)mCZ;5Vg^s|U}jSxrF&lD!1b$WmH4}`O~61XkQ#4| zSht=4(Ly5o6o7*8lK%)88%W{x2kf{1hKG;8@0A)up3>bzfiyV$YHm?GB9V5KI0l8= z!6dTRi$Aj)G+oQ(;-)WxQG~)4K`9d1#r>!4Ukn9N3yov@h5~7fzX`97nTeUiuW3hw z2gO4(z~YNO%>;M`z%v07U-)N=zbC>B7XJi@uTTC0YlNW77l=2E`zjL%_TwgapJR0tO0AO#sDF5QK76NcxsS zK)@6^6p@Kw@IovVmBR+<0Kuw}L)40j6|gcO2v+1M((QlHX`TAR?lb%O<=LIt&we*+ z+ZG?A#TJVZ1Thluxk6am{~p*vIA0W1m%&0gDD?3{s&$q_2!a_3xI{qG7q3ndaZ3ca zccTeQqr0Jg-4z)n-uujLl3wz9oxw2`b^dN~LGZNbg0RqGxTlz55!E-fh=P^U9`0HI z%Mv!eWf7XjK?oOXoQ>-c)LoCM(B=kmFwm|fx+{GU!acgm!V4iX3`;)q(8Hd`N_%iU z%rU&9cF2^CA6b4O17|Dg-&Xn`LCB=Xq7CT?X=v`WKLy2G`rFRaQ9Qg|71hm<18e6X zBf1=L7W$vCrl8|>HG44%YVNq_(H|K2=Pm2b0ofCq`H|kq=H8TwK<(u8V6yD`K;D?A z)sbF}N9csd`Fm-}k1l-`eQA={L>>n9j7;EKv?<6-dF#Mjy&aXN-b`|1m#xYGopiuo zy89amMzhlU0H~d+llE#xw38crdskO_z6l6aN@quEZN!WTuCfoCn5mWJnDFhB5@nWM z`Q>Ej8`a72xH5X<3(e;qhu; zY7FZyOn?b}wuB#gMf1J?ARK)TG_yP-RIS2B{u$br7vnz<4 z^}eK82OqbBeEo3BlEf#@R7vS}T8o@VzJ&Z_@PiX|!x{nJpOX(3I?=e9kl${2+7kB8 zpETQDfU;C@E0FKL|8~XbN7&*$w6pJ2dv^II)sFPM>qcp8A70QQ3dvoR4z`!-XVdxd z7)EOiR+*99O!)^y>v+n>ty*b8=x-8-yR+V3e>WJBA?rSq?9fdMq${Bdu0;VMN`$m` z2?+Vcl&!S%vs=SQh-H>`YX&jE&$BID#*_mCs*r(ABfR zxqmz}CI`r{A0Ee{S$QZ??qaZ%qkM_u%}QQC+rju-5f{E|3F8+vcNdDQN7?nrIZp6)UnNo(dFxc?k@dkP24! zX+MMrjjLKtAOtVx_=+%?konRl7)(gXZKt9Cr)3|~+2!Ksdii|>{3IX(?=9SFuP@2J E0O%A{EC2ui literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png new file mode 100644 index 0000000000000000000000000000000000000000..b4b449fc49f6c89ab71a03fe29c7835c83b0e3da GIT binary patch literal 3620 zcmdT{XIoR*7EWS9NJI!2M5>{Ulz@Ps#()Hs-cj06gcuAAf=Dld2_+Pzs-bs59YQZr zKtu=%f>A6GKqG<(jtNDIC<6B|bMO5H_sjjT%d?+%t-aQH_ugl{sdhG|dyrB{5D2u# z-0ZXiF!t{>K>?tzb*U=>25^Xj=}Ax>TjmP@;+mf}IveT9FZQ@jauj{K{kDUrxj&UL z5#a<*s8ISzA);TxT`N-hlckmp7nGF=Opih)BEr+z8Q+Et5{AVOq=2uB2vnF1oQzjO zEk0J6f}5Pbu7En#GsM?Rvv<$>qGN#Xm^{|}?)aTqu3PL@@sQhFTv(jrcHLhOm>bA- z1+bXQElSoNL{|4-P!*ID93evk!Fs-7z{o^B0>m52G3vQLtS$;cn<=Dz*6tOw!+5`& zyCn!lDrKKu&hv(Sn{iH()4u>uzgP1vx0#4_xMS$PLb|0g=6)M zbBtoOKzI<@pR&L{r*6!PUNIz4Ad=q7q#HlYg@PoZ2Qz|PCmhm}jT^{a2V*W~w0Ne1 zU^?;bd2@5HU5~@TZRuVQ>@_Zz3N?`9oC4+E#;ewyqMjzj4hqKx)FkmiC(w;U$;gw77#Sp~6*PDTPoJ_yIiepD;So_vYwZOMl%!$_lKU=9iheugJDUfLq>r;h!V z=Dcj%b!7XvuWHup5lF38!jkZuvtQ8PE-dTV~p_b~F4*1+#lH8khDqf=o_G!eiF(mK+Ql7-ejy8ikcXcOKqOYlNd;FEROGS~SDz)NQtNg3e@}e>a z99V-_wyL`2BqythPFwo%tNU^}`cFQ!ybiCwaZqtoQaS=j za#d?~e7v=PAVBhzQDoagmRe1iIbD`MJwqVc!qM^7R;9&~uvYIy^#a*Z7U- z?76A1!k5|p2cUPvJ)-W8B++?1rM$w6@>F*?_+-}*@YiPWx?)1$Pcd;qF=81vbq^~xyZ@n7U$EH>M z9boH4$@Oi4`ELR=`V2;v_weDnE>0X(Hxyoyg_nMU=?o8lJ-etHq60fB;qjwvtp2xT zMrDV59+I=QVQfod-dFlz@jHfZZeUD%e`;u(A9XgPyYO@U&0%g@(-UP5d$lBM;ko+a zTAb~?%k-kugDc~ZfmMIVm60MzqdRlY7-RJpl2ePLON4_8^@PB6g$n~@M%=VlX$zsr zJ$bu4s#QB%L}n9e^F11Gf**YdDY~S;oM3G0>AfPkdzl2w;lH}kNcrH>d^as~jZ9iE z4$ZB9sToi6n7xOLYlq~&87#j)A{dSBa!0>1c93n(5jVq+PQZ?hDxkocc?+pgG$zkJ zDZop@Jb1{$3FBI~4PESf1-r*#&X~z;Z1_d}*h+k1Y&HSm3Wyy$c`%Ve5y+)v-U$ zJifEx@q^ZPXP}L59$Tow7(Ei_wDM_>^@-8D=PeyEhTuh$-9z-rst}JT*3|3J3GC>{ z^I}*-$db$O4T+XMIZ}llMQjG|>i@9M05|5f(4#xJiU(OS2hoKMqUXQi7*;tB z;{Apo{YOG&<>?USO3XKE)0!u5T=tKS7~RJ)tTQD&?T+@CwKTRp8CV#RdI(3g`V`#-iP0GQ z-S^|Is}D`Kyq1=Tg)_&ml-c}vYQMY7BXmaL(CoGJ!v@sQ6{6mj!-jof&?m*$O@{lz z_ii@3Zwr>K6t^SaO)L!LTk8-0&bnDb2!3Dn zvSg~uBOf!WZfE!T-b%t&E(R97o@NoqsvxMK1`Dw;hxmP_3^L|2OU+)Z#F}HoF~Y76 z3InTnLA+V2j-<%ma8x+TQn@+dW?7$bkFZ09)sx;t*+f~E!vGJX?Aw^okZ@Dw#*&sd z+#B9_Hn>)n)addx()H?$yW)Yr{0yfTqvQrdmU-kWjGN4a6UohPTSX}Q$CC5|Epnc4 zQRAU$loNj9PqNyD+aOVO(I<`g`{xO>TD2iV!fM2gilhB)s7>3s|l0<@o%4< z*uZZUozk3Bd&C`?2)WlbRm3-;+F{rhZR0_zDCF(&w2(Gw7+|D6_D63OK_%-Cb@o^w zS`aqHAl2;2g_INitUX5Vu>Y?U7AC9R+tE#G`a$99T19)v{9m4ocJFlZfK!YblGQyS zjqM%wZAXGH;mB}rRc8wdM0;{gU@%Cxpecbh3WABfcsYUO2D3#6-I8#bxe#romw%f) z6IJgLP|1pm`|CawfxNNsmBf9bRdRXBLI9zBzfbr>h7; zh?T!x2eZ=Zfx4ljoGIQpQ=~{|B17a3!H8yMM_p)@!#5S3uI#bHED1fVoz$3>Y3y{& zTaHvkoq{}ktRs_NEz>yVPl2S8=K^4taI-1mcHXXagQaiK4Hm1K){!F$Fk*klQ5Sfo z33Y!?=g=EB_LvbQ*qRC@xCNIJgm|5giEwSD+yk#(Cm2(2=K`UFcf5eo73s24rdWLQ zevvJSL7Plj7F&pi0l(xJ@pjq}Q6K16c4izSNS*l81YZ!Qz<@X^J>)q9l~N+JCVPn zyQ`pf;V(6CjD!Y!;N~LxU^$*_91-@Z=s$7EH1dXo!?Zo&h-C6239j8e1tjaAe~o$6 z7^#Gr1uKrs6HSC8I#O|IjLI{pygK%>)84}uxPK5$1vdEeNMvHE5wGfV?fYO>(`@8} z^pk34LNOe401ei4X+FrDI){6v^Y4)-0J zPU;DY6tE3P?ZUvy5U(MUr|jU zvq+#_01m(o-DQ9g;aU*z2K1hXHy(ETh1do$$31=;;F{+#oexzVFk#MC#Eml;T4GFs z&oL=$XL;b{@-WyL3xpj;;N3rWB0Otds*Ert8SVDi4d5uMMr(G-0YigE|80UJ_WeIx zx0%|WqNkQXeYziF342Y`@EzBJROB`3UkP0Yy*Yk$k?jcgbE%WGfdLv~y7IbuKZ5Ct z0we^)&klFw5PE0g>3Bp%;eWJJaU0g;MVNG)Y zm*Y2EJ}6d3c$QP)v7;`OUb9c-Dg%|bvT=tJfHSWyPS&)fKvXT$!p#9(jul?SgAS-4 oI+~xOM4&3=hs(A9H-O1UC1ko$e#aMSK=y&mjcrcXo%D+T7ldhw%>V!Z literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png new file mode 100644 index 0000000000000000000000000000000000000000..f2aa3269600eb74b1a67c576e7e3d2a725c623d6 GIT binary patch literal 8559 zcmdUV)mz-n5APRP%Hj)@;x0vsTXA<^ifbvZr9deTi@SS^ySo*(@Z#=JoC3wIxGfxh zf5N#t=VB%onPf7PCz;QaNrZ-)JT?X?1^@uqiV8B&7drUA0esJs+V zJx;z40Mvk@jO2%JCdbBTdLQH$!~y~W!1?%uc-}~u*Ka<(t22+5izc<_y(F%|CT877I zvKCeVVJILSK!Ai2iY*;L(-i~IfwL&EkVwFsunt@`R=|c8F^dK$@0T=RI zk{KBA0RhIm0lxUaEpiv(eu)fuS- zF@&Q7j{u-d7&0(9xMv%NB)utLWn{lF+D2vqwkzxy8yo6$KPw6IvsTmF7M;-9vAH7$ zDnS9fF-*gxG_=$*u*<|mlvD2QH<*V)npA3;*Ta@W0^>V6^WW&k4I}<_5+NqwtAbo> z9zW>KT|`k|d(txuVWS?@v)D;U*nl!XKp0YPs>nOL`SL59$NppI2leblX%k~r|7Ttr z{;S^eyP*ggB#Z=dKnJBuP4#eS2?c^LxdU|3$i5o$90b=0%0Dfy78Yl;(O%t^6S!O~ zA;cFrIEEC}wSs$>3&Zey$|};1F+!+?0kf12ymI3jzuQ@3G%R6USC>>>-7NUC^*Z~n zil5C(sjmr#m&uM%11y&ce^wvTf?z92q=aAMLIS(9aNnw6=G5&{lTu>Ti>ND(-?==7 zNAEH#Qv7w>00SG#$%NR{xyPXHv3*Yc_vs7Gk$PSSiJnm>ol7yk2KlKB9gQ%OJ60R8&@QWFBSn;1&TajR6F$nRiut5#>Kd%>rperJObP2#w~ zUl5fNP6hpxuGGvWeLfD|VA2a+g-d8}Qyi|*> zImxe&hgEqOY1n`9cw+bw@5K1+5b{4P9ard(HVA-k)tY^mgCxz#K7om#JHXQ+r|iLo0tb4BC)Zb*R8)!+S77R1Z-lP z)-#ge1F7S88lj`8z~=y~ES1#jmBIqPYFr?9-zx<=^B=9{^A-`#y_i|aN~-570s&bt zp1=eoko)$9)p#Fj*qk9ow4)n)dW&yz!ga9?o94<2jI_~Q+;5sC1#Ou{1+%S{*|Y=y zep4d@Z(;!7iq+q-kE~Kg>v!g%{Pn}sSxKtRZLMNQAyuHqXN^^h1^_FBvTblvAoZS; z5?1BpNkQNf>xA*CbXkoMo!mGSbL-2{QpFw?PUaqX9n=kA+Q3cR*EK8V3lI?#6nsc9 z$Z~wcY-UO6-v-D-wc?LEM)2>a9NOE*X| zMtrF(_E(61XANwq?`O%E_?O<&g7Hz%p+&hfGue9|I)Ae1x~EnhFLO~Jx=1-|=hXDO z5_=FU!gBWP2B!|>?`Xj#O()yO;;1<3Vq_>hwfO*YcN#}9RW?t^Db?#}_KPIs1B_}6 zQxFY%jRWaY$WgSy5&Qeso;u&$Tjskl?wcyKW`dv|8|Lo(`L>HbkYHC&KC3Y~)3l=X zQtz2E+vvHq?A-`c>E~N3uATQZZ=?%I)!7c`N9sKso|l^Sm22x-1gh;93XAJ(ReR3S zlrS)drzzzKEqcY0E#8Xr52>nG7(zeLPuNy`@!q5C)Jsb>@_~SY@)D$ehkMA~e$UHvUBhFynCa zA{Z#ee!lkSu{l@$c#%8XviiiIDtfwTj_uOZ)2CC7HP;$~eHoqsRkMHY2DM5lFNSG{HM1$Xi1EI7^ciydr-6p+U!Yk1v?y38Hmw*PHuO$j zJKIPNfwpSwcfBORzaJbC@O(FeCr>n%+_c-R`hZSztu_OSKnq}Tjtm)?SSK=Q)u6#? z7IGJBnL3U$47=X!|NbGr&`K6ILRX^*GsF3^(yGmzbs9py*kr%1@&jeiqJk=rt>e@!QbN_@Rg9lN z+K{reh>li;#ufhM!^1LH(QE@d+_q+!${qEP(|5|SNqhV-`l z+WebXD)h(GOa>zzyl)CYJ4`U9O!`5o>BG5Z+o%A?z$u?w98Fw=c>g={}Ml>B>OYVxRXN$I}2-1ID#+=3{3iAa>O*jU#_zk9O-^c0s9)<`-KA2 zPBcJ8(g_6LUt>IyHDF<8qLw?8H~m`0@pAGdgO4)NH<4{AS3#zm*>#io2IAVux@TRL z5%7-->Snms;~{kSzV~Ea*>-z{AK>+>?m?4w*C|s$cle*uQswsG5Cx# zTnVH=3X+^bqJNc{So#6p=JvMkB^QMLDS;H0^dS1dxxI7_fd@+0n~v{^&}!Z&_n812&#*?&L%b)8^m z#)_JC`uetYAu{y!$qAeac$NqxGjw2MKMg8N2&>d)@$3wgggZ98sY5CDWh3DZ6K>6b z8Z-=hMM!+l@vyiZtC-k&>`=*J>=g`GQckWz_QwP+kT!5FyR=fN(^;@N9=G3M8S#Ja zC)a#tHud0asZS)5SF9G%38c}$L#ivS9DSJm$2mdpE2UUG@=LM;ee1SvVQw42(;(}I zWSVfPZKk-r1&__wvULBL3z;fjh2%#$$Vy_y{_vf&>@69cj2~03lHKTy^u+B@r%2qfnfFLc4)jFTho=G}@yt2wPCV z6R#5^lC)s2>aSWq|NH`=>q%#g8}%nZ5fW!b7Xr8wKZI05&wIPR(!&Og3{;oSKW*gd zU!ZPrGY?K#C{>^ax@N7iuL{+s9eyLCoBULoe?wax4~8xLllfWN>??L|aCO6$NC!6% z>J8=w+0ap2Z}|}elYEcHWh(KDKtM|QYXY9ARw_D50nV0Yb2wR}e9X`cF>;9W+BV1O z##v)wX*}y{|5>D<0}Da$#W9!r?o;lQ7Tg@ZMM|bLAKwmXZT9$i+IO7Qn%I|bc)M}l z%!>cAZmQDNBj-w>Lw_63J%%``!Ud$`?nwAOD`DIcCxo)DgeAw^1ui;o9C}agE|)^JFz`mfG9r6hS+5s8g5?&!rdAQI&<6os+tKse#`6a4mk?QU7I5YN|twEELgI+}-J;RY0fs z)}VE?JPOn;fCiT=PevUW4|XHr%Djs_+@3Z2Aq8@xd>ndyEavllKS>+_y2DMw+zc%I z?xV%yy0g{2lQ>Qre@9RA$v7wWD>=n?7^qw3R9osM-9WFG{M#dp;`rcb){KHx-s~$u z#RpAvE+Ci;A0%2{PW*Y1-x05sjWd&kq29Cb0$h2#O7otTIl=Ai7XW<|4bYx9b9}hG zcyX_zReI^gOpyE80xFLP%CnI4`KMq1+lNsbtL0wx`w5@#grppV-`|Zg5Ocle0$%4Y zz>ID79)Ftw(9@OccJI;o_3KzM8h~Lor_V|bx z?=jkz4VmPi*LQZu4~%E^52MONSQ0^Zi6z~>4C`#3J_a zgxcX7yCBx~SItJP;#`Iw8d4dQB?|jpJ|E7k2|Nsants0`3xo7T z3*nOdY1-R1ji$CEO&`b$jB9DfvY}D$P^J4B@Z(R!5gRRTsh!WSR>y+yM_mrZfy03W z>MW#<<>7M*A)yDSRtoCFg(^~(I{958y|-y^h+JQx)r3!OEJleiI<0k!2+#34S_#xC z;in|WwEp~s)*{>qPUVbiA(_1A`kn7HHiSYJ}KQ$CIxc-mE$r8MTPNUAqi9Uc3G zBR2HWgKil4ZHXWB+ujx%-MtH&dl-$R9U#H1IKHy3hU(@)GBW=w`IYPk0|TLw2yM6w zZJD`fjOsh*?LEXrL;8*-zTzin(*LlX{tLEyn>_o`956dg%Rv=6YwhD3P#x}hf?Pm^ z-g~&Lf1Wut{tgYbxq|2|lt|m`B=tJcGppJgfMf;ZPWCT^guS-uZmx~k#st67<_@I) zJCd*PlKywH--a_^R@B#5=yOOsXkj5J$%x#wKkT^4eQ5S2wymy=B=nVe5h>Vc1v^tewKJ7=SaM&dw^Ulzj>$epykE)p80@_t zTN8%V;fhja=;|n~RQ%?5-tQcHMjAq?CN(%%FL-g#Rm8_5L*Pv%6dGhVA-G`y(gL zMAjQ(pMT_BLeXV`AEz&}3Es!xw-k$?tzQ+#f&(w9w6i-ua_$pD>;>u)eXv7*_1qi?uUH#;tPCS=-nDCP#wBMtl zl$A%T_5x7>SC3qSq_w_OYVdybihjb;QHn;_@!fVk{S#MB*P1w4j0Btz@~{$so|j+n zYvR(OfNki)oOT5D94^kU@$}vMSGvy z=kgf!R}M*juz{DUJ0fiSX##(%mECRuxvTk0JWGjL&tnixA*V#BoZJNeDkdSH-D>JL zxtg0&U1YO|y>29QNx$B$-(LO2cfAuAToHJb=Q=e1qLSE16Z5#m%z^+3fv z_w$9WqzWQeR2dZj5P3JWMGJmaH~x6p)p@P(Li!%TGBypJ?)%bG^QHMxOY z`nJPXAF@wLLc;;Pn+XpT>kEs$s%?1*noD`fX;j2>oL0(aB)M>(%!JlHm{KSACus{f{ow)W|xr-3xXW=$s}&Zm4@**2gjRVzcS$0wMG)WzV=W~ z8h?r+YtkCVsUR=8m$crDVldy#E{f0^@Lu->VNc4c*k0MnmRM2N)N{8*ixm`l$C-PA zx=(js>Rar6#V3ypbu5JBZ>eb>?CvoMY=sq^oWS1UL`GfzBw;}#box9w4o2os+ znPNrSM|hT#Q(@v*ux{z0MOGc=ls)Jt5{<$;^=5r=Hk8ef$Nw4wKs6O1^7*#LTOIsE zkDx~2O(JKCETocZsA={;js+u^8^^fw^B7Un)eJx^{o^K<=pj>!4&SpP9kP|HV(-E>d> zzrps63^O)IJIEqky#sZc#D>ItTrjND4WtZ_Bn8hm{GOLBoo zHm}@Zc>!4R>`oh~l}^pgOl_iyHG%Ux4|XuH{Fnqgy)ML%Uu&nlx@dGUQhqyx7%!O4 z$}-TYQ_G!NH_=>Jr6SzMTg8i3RVBb>{L3%E$;(?fl?t(V-7!2O-07z;Gr7LI6xm0s zwxwZfx|WeNNev#}P`TEx3v7=$4tndbq+c*HIAwGLNOc)}q}b)Fx@avd4c|*>ZqyV$ z9a9ym7(005yyzG-0f#8k7xMN`R=Nt*TnYGWug$Zr=(ANZu`siVUaZ>r*Jurp%P=rR z-rh|B0b7x7@>2o|ZSO>u`cz|9=+=sVwBKGnoL6Lu4zvqp%#~Lq!7-P`DYla!N9slf zO{KOZ#D7GTj+u|xcZ=^;BX0hR2vN59MV+37u)3X7GaP@ksGQg*$Pg=0=YPjMs@rQS zjtR)2NW{}_Yq;S;^;0u0V=c;IF|TKBEr=F8OO>Yr_8X2#n_TEUotc@GyvscwzfzxF z-V@3o6O#~ISl!&_SJwsR)iLsZjk##|JGAUqFgJYls-^`^%tvcIkECS3gVC*UuAlDo zXM#r@#i-BrmaXphXPpep!(|{KOtB_qN_J5|L3Yt*HoQM(IMs*lQxdtB>xGD`{UL1W z$}!53bSWZ*@IMbk?O~d*Lhoify(kXvDIxb_bDJF9f4mrCRChWmUu)}aZHT5j4C8#@ zTw2A5`c3nov<&r_H4*=h24_1dvWg$`n)K+U*0HrmZNDnsObwTwIjw1nhiXA{&8HhM#Wl8{v0W7o0_=*86&=aGwHPl$Bi_hAp=l3R)sgM|)=Sp@+BN*nj;X-R5O{-b%2-RGT z{r9g!{(;72)qYOPqM?-k>N_pFcM0LH{Udg9GY<3H_r^+CjdCUR4ke25=hbGTZ+X*M zpP3pGpg1^e<)TG?m^BED_Y!4>mK~PPL@sU3pf2dDqiw|FXP^}YfCC#^Q)xk=eh1VF zmYtkv!X{RKUTOz+TSfYgq{H@6Sl$Ftxnag~_Axz)9fn^WyH!y|&p;T)=3Bsq5U_$8 zU_rRe^ccbBtvP;KDh<}?Vd?nuD%5yvB z%3fjm!Ja^Nl{2MPXa_$LDNXgSe~M6k(UiEmTV$xo5_ zBC~UvFZL7rus6xj?zGSLnSSh$@X2GRaFb-G3xCuUc?H;HY7|}8R_-33@XFW=^qxB{ z7PWnZC*lS^&6|M|M6Y>}HUyxAm_4K}6JF7~SG`IJw!(aCyZuEgyp080EDgX$DQ*2_ z9S$A%rnGQ)$ ziD=?yc)W&N*VTVtnyhvbj%jvNd_|`)Hzjl7?mSIR26SNTZ=V-8={q*Pc+cD1J*MLz zL*rI%J_{F@{H#8PkQq6e`cxg2ZXX_G(|=;MJ~c2_Ejslq4d%gcUZglR<-%8{H(L7| zIE@Hb03)V?UyMC1c%-wEqC;A5OO1)sefS7tkoU~Fw(j?8V+b2L=U%}ESb4ebf+t_m z4L-+B>jAe>yf%E;G59k-fAVv2aen9{l04k$u9ZKbe5z@%lofsXKjJivUL%r=e^x~@ z`m&M0KGpJQGXl@6z9M&HjDW1w3!t|_ayZzxxas>e)W3~9Ib#66?9tTEWC#L4!i|Q~ zcwy}#P6q*UEv(qHfM;e=K3aCPynCjIt`t<&^lUeX!;_ICH#ht=bJkm(bLilfni1i5 zvTIs6IBc#Gty@uHL4BpXjt*1C5>LDnwaV^X_^2mGgh`e`k{c|hZxCXPHO|7e?Uj^! z^^VkB4zn|-{GjF()NS-zM!3i_hTNB*&*jZySxQF)-ar1g#r~IU(Y&9!HFd3y3_Q<6 zo;t+{EJOhxb<(cu9d{puFwVk|9<=buNg?WNB@2(vKIe+9m>=)nLRZ$`mjT?4QXpWE zVs37hPQL7};^^oa0JZ#_;#q9HEe_`jsj)yXVSxg?hX-dv+V2%0qq!mS?Y*CtQO3Mc z)teowJ*M=zBQfiR)_xfou_Sy(y~a$TM8MMm6^Rt6D{x-~u+SQULBnT4U$d>3FBjVA zjAh^cOQ^gJNKwq|?Ja5tzN|+n8p45QsURy=fNiv6U2fF98|F?9Lcb*V;IwmV^jl-IdL>F}weuCdS5l z(BnF%V#dhrI8FJhnZguJN)MJ(>3uRw5P&z*(mH*3L!CF9hL)>wpQq}zDXNr0W{piC zWBsze6Qh`z5t5< z^#c6AX1!wklMYo!{@hC6cV36E51b=x%A1PlHgXUp2_1+uJs4s2o`D;t0m{M)rcH-x z{@+}A9Oy0D44isCqj~gv_a}H?xVY&k^V88 Wj&QuM)qLro02F1_WU8giVE+e?z8vHL literal 0 HcmV?d00001 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png new file mode 100644 index 0000000000000000000000000000000000000000..4aa6a5d2bc9e9bb9a957bc20d3921610672535d1 GIT binary patch literal 8091 zcmV;MA7tQ(P)Py9RY^oaRCr$PeG9Z*Rdx0^*WPEJn+LQ*G|=`JsZB|YZH2ZGB|HMf8gllz0fOP7 zBw$6WRDQu09IX~K79p*{wx}hsU>??TO@Q39&rNuXK#)o$j4F}>`D3V7`H=?6>+Hvx z9qZgA;mXDu-wIjT?A48Zz6h4{T&j&AQI2Q!q(c^v^BOM zdfYJec>JA*U-{)5ZEMmDk~D*eW`KDnm}Y=5qjTdeSYT`g@m3H$%gkF@@YXQeyA|al zUv9yQX*!AlBajxSMBiO}Tx3OaNzmy4<^njbMH5Lk-wxp0Ecsz8vcA3VTvC5GSCb4F zfixhhE{H;Ox&X~#qB&rm)g-ssY)149F+V23k6D5Buo2ARhsg+J9De#dJ|luG6Z0t` znw`y=t_cEnG!gsLN-PM&_5L}g`~tVCBZ(KP@c zn^nTQ8yD>$=4G|A_2q7fvnvELy!ei;1?auqGBEj$gYOZrZt8}`e69te9;bYk*AQ@3 zz9&?7qG#Y{hs3fxKX&C-AcabJIgwD0Q`5V1dUZ=w^gOd%7L@Ikd5kD`0OYIGGdmgk9JgLNbWM7X+EvTn``FZmG208cGWmdhEq zJTJr=oD(xZz{=VlaWxi^+Vhp^EAs*=Y~kRT_0s6BQy*ZNYL$Wj%E<3+avxHL@y zjPJ}d@O9s{E=vn#Y65Y*=qUgvq!qaFn=1yk_^x$g8i-R7h~q_^MzF?bz8UacEAjc7 zxI@Q_RBqU}vF}=m=0Z+XAVn{Hm_etdM6Pk$1q=}QJ2lr31PP&@`<~4rVUYtabi3r50L`y;VbP@p>A3eeV#x9V;VE7>t zl*{9mag%TCcg6rqzC7r+zt)+R!}pF=AVrVQV#q20C(a;@?Ve@8Cx}wbrTgPzAU1*2 zcja1zAppM}7kFdWFaY2=ih}uZ?E;QXAWl^dnl0;Q0w=-%QN=Hb{y2QaA`o-fDUP8s zHXASy%b_dn0@;5|_UmRi4FgFtz~D=DAK%p~5S3toBDu+&Ay0a07=Qa2c!e!7PiG?3BfrpbWHmQvee&C``qNSi>4UbMpGt!ip&{DeWzHPv#0Mg&&%+08W} zKUi6Ftq3`@f`BV)uJw=2wI07!!IKXefiz}NR|dz91yawIE9Ik&A@_WX zZ~3mZs8beSz3UNxOxqv$si22^p3vn;C($z@UcjBOM83xC8;M zXaREXHZ=lCW$c;x!=02~Xj>q|wE+1MQ=g;BaW?{Kk|^EH==lQCsqGf=XWjO{QRG zi{ots(jsBHoAW)sYtL)dYRdu{F13tXT6NU(?TtWEp8~}AvsOz~w+_XD{0V9xXOb4Q8{M~dS7Lnf!pr!?4J_b&AWv`C`j&XtKBXC}O$o%Qh6};8t{H=-%>)b>fn;lH5TEat?DdU6H7O92 zfT0nQ4gcK;q#;F#HfVAqV?%-D@vFIHc}7?+d^=IXjk7ufb|siANIaAWI-2>q-cTTp z7pVjcOY#u#0gOf<>5W#N1Oi}{?^=f~;B;7lICs}(!M1;x9^LJEHUepnHyyolCJ-PD z-|nANd}gB94=)feQptfor-Qg8Z5V+h$@WNJxf2NR*S>2lZC4;$0K6kTy4&+?1kxUF zI(p?$AW!?QHDM{h3GX1qN?2y1K^>$eZNms8X~tjomqUSonEPvGyD}bY6AC1ci}OPl z>FG_8i9PFhv*uKS>mdX~%7!mk8gih^&S*y@u50K!TMZ^$tdC1_-{78Or6{V!`P6L1 zkz+LGJ4luXZ`rH~zbq0(;axf9-ao-gu9}0AYKqd|G|B0l0F$a<4526uBF2>9f;>~;K(|;WR zJ3=6i7rqamfm}qAH;_gkITYDQ!P(lMb< zCHg)HCw6Qo;|6@*{U(%;e7SxHv4?^=LW=G$#AyW5@w9ZjXg7e#9UIEH0V(7u;rzm5 zb%7MT@Ph>U=Zs_S9G($KM;sOg{dbYD9`DFVPC7IAPXgDztu7F!8r=lOH95iFK1?H! z_PJB@WH9<11XLoA?!O4j{E~I;ut2*sX!pA}Mu8xf4rZW%vuDxJb zAeHD@5N6~Cdz(Phe9hY?)eb*u?ZsZvp$!BvOi-A9ufrv=Vs+H(J zb&%s!quao^Ooy$!*dR;Hq@u_D47njMpbgIE7+}!-fh*qAT{vehX!KxnnOw{3b`r9|1V3 zV_P{iz~KAUBUTS>AIRY-wG5dy_^vpom`(@)>|ZJ&J+7LW-ID`e{rW|5llD zJoQUc{qpST>&HqU>RGiXpE0{{=y||*?F)3o-CVB;4`AT_n2HwR#K zLwpUOZ4CJmk=P9>_Yl!;3G60dPn{FOG%z0x64M~npO~f&VCn{<%^vdy{IdNG9rheA zd=j8P&|xdbHvFy^h}z;#;B5f5fy6cjwgrT3m{0AU!M~G_avV&P93E|vIDzZuv*`pd z|6a-y;irBiW?})o)+vsn7o5cq_jPKg3;Ndu(ru4euK?Hx=8b;A+K73i{vQ7|z*eCc zoCsT-0Hza3i3Y5a8%&DdIY5Mes+Fvd>hM+cqOUNZ#g+~{DcYz%Vs*zNo$(Y2vDOap zjol0A=P8mp!nHb1Aj9Zn0{#d@X9D=OIIxir^K0{IW2d(FXV_GW^Iz@MRu}YFi}bv| z=H)72t@T~XMOH{>1OFZgc^ZQc2SMz@a^`6I12Mgy^ZYXGWB6b(l@-- zBww2qUjgxl{gS=DqnVJ0&I7OfN@4Pm7Z3>-%t|cdRwM>+o9|kGq9df7%>^AHH?To> zjr@a&aAt!fad$@WrIoE{9yi;`mybp6e8FVbGsV!uq#P?Q~Ut zwcR}r2d0?lzMv%jxNY(We&9@+`qpV-XipOsO_M~^grsQ9q;&8W! zd29*ZQkw znXxOuT!NShfte)vZ6KNn;MivSk7^eIcxm{De+d0-DlQs~rqUKs3Ic&_E_zg}FoeiS10jQrh=;UZ(Tl@rrHVcRcYI|@W7LlKf zU;SPjFIo#gOM*H5=u)((k~U;F?GFw5u2?V;J%uX&As{aXlX@;cIz<|lYaieT3G{%J z(St$1^Zk_ZH0{1`FgQ~R@j%lZdZ{7vxmisdw}XT@vo@bz7(E`&5YGbh=fJ!$t7Apr z?*O#Uip2Uo3+Sg=#i?*Pm2e%1GRtMU+=*G4Og*ZytOTz0)p5lkc>v(Ir%PP3-f1U+ z*F*C9TEE@#Hjrk$HruW^7@p07hMH~PYwi3!!p>mwYO4CKQ1AUmT=hFguEa4q0)7&b z){`UF)#lOjS(t45Hzi&S;8(JMCu101@Lg+q=E@&PDNYUhX+*WF{EK76&<9X=6|&a( zCCbDHPsig6L3}Zo%Nd)b>A_LE!OQmij1|z~JAKz4^E~W$;YNVwrN>rWp84MySfMKe zd#5PXPF@+wi&)S_y}lodfiDHFbyc=Xu#tGbU!s3Gbf61E;bM}ss?)*GcK>V%MR8TA z@=1{LVnMi=fj4HGKmF(qtb?;u#Pk38Q^YKsLHiC3H^;k;+ZeU%2?f`&aNdb?!F(~m z=d}@3F1rYpXYDH&9vI#LmxVIWgxmd+H6nvwal^jpY!y1*XOzDY%Aiox(a3xF%`%V+ z8FUfATF#$jb!@D#cI@7BCck)ahp6Mp7XW^1T7a4G(V%4g(}>3_FZvh(Urq~C`hNM} z3H(Y z4&FibAJ%^{CB)DAuJyLjz8x=8iIdfC+#b7Vi+>Eg6MslSUIX91Ls$uXQ3t!J(+OXQ zxBK(ynGpg}e{sBM3xIbdjf%k!1gq z;2c0Iv8YEdp~rA+R(ANVbubn0h+~`uFIrB(Rk69A$S`5GU$T~ra|iiv0LLVbCryXM z7yBjqn`uIb%Xi;KK8~dl3Z28ur^V%`BfHGE`(^v!+td*PN$t=+;R}Ar8dC$$smjN} z{H~4y&QWJ#e4o>qo{Vf=gs%fIcQcTSEc#aNP ze~b}``X7!bHv|0cL_tm@kZSY=Fg}$imNcAc7Kh_SJUqDkC?qef^%w3i2v}Nk?W!(6aoZ_Y`8{BHJ_Bm=Y9i%12>9okYkla@*v1H?&*L*BVE3zH5*8 z7C3G)vZ5D0%Ah1a^n`vO-h^{$=V$_oUi3)@{w`i(lC`c%G6Xg))R}p{32_`6q$<0& z)OYP~B^!BX-fS;8l_1We;YYAHcV=x&@9q9i#PRsZ$Zt>M3#1xd#f;^e0UXvGkvzLr zDr_1fkSZU~EVm|!B~D)qd@*pXKiBD_MR6SJ`dJV!^-K1MBL+IL#bWDzKB}-c>L*f< zU!bJ9a6L#|mlT$`{1D+2wUXY~ zxE+Y&&@i84@ZSWkox5{4>f8#k><4f@faBX8J1N8|;d~mC8*HL{uj;G%*8zH21YB8jt$&=z zr>5VQNrto=j2r!_;zpc7p)SXc7hVWZoL}3wGq7yD%rd%Sh|^ACkbj>nSq7^uE;yl) zFJgSMR<_1nQXE!gN$<_7=aVAq3$+rBS&OJ3)fogqA}4#4cz`2$W3a%{nrz#tMz?`+ zS))PM^Y65Sh`*@wHMAaFOCgJF5 zM)ag#60;{XHpIn(WRJjOHaF@4(6N;tG4qW<*07O^<=LmzAP70c++-x z66jfg*Z97;73b;A3hz{T0l;4cbGj$@2x{}_Klml<#$+diMsE+X?d*!m5LAXlKUw0k z+I*@^FKt6yvrUkwG4%9r&zUK;XU(eNGjl>7PUuqGEXV=;gc`)FF4 z>8&;o=uN8g{zH5^%^H+U6-TR+W!N_tve$g-fZh$F=^#u8 z^KYv(PowN@W6(AM-Uh}qEX0F;iTgt0U_~Is7f_~`+n^&eU78k1 zp%PwBL@QE5-o%@&)Ub8nSS99WDX$>lV;z{uYS%r?a%G`l-?V2QsW)J`yP6gV)XA?Y z{1ljHr50ruiKOo?K2F;5W1zY)nyH7L8tob!*Hn^jONzhCTW$O11u~rVf+!P0&d9Dm)%0uKMAldq2brjN9ZCVmv$JE1Xi#Vf8XdkMB4GSB#`=Iy%Jr) zgj>=EuKY9T0b=>(wioaT1X1+3#E?o9DuJ50Mlql&88eAnl6)c3${@5X5M|u)!c73Z zw-rZmwk6P`QqbyP64s0^pAe_tiEP_dK21QnU~&N-lQA+4Oj-A-&Vx%Sz7q6PrYZ!t zC6M&Kt~VHF##Rtk6N_&p@y+5O8fMW~4NsSh(;=)9Se2+YS6d7aZfA&FgAzT_R)5W% z+7gJukVf{CR$^!72ZgXUNelM|^GI7_gaa6gRX$#FG?y4>GSQhmx8QDNFxqKLSS?Ac z81Ix{JLcN$)3!kNFW4UeIJJ#}O$V(`$}tbA4}e0*?JVu>{#0yl>T&FL?kh~gOak5p zmTv<{Ju=M(_+b9lrg4~t?J%%bl3W><3g2m`bEkdU7D)XrlJ>{LPNN5Y2BPiE7*Y1^ zfLR(A!Ebi%##qq6z&8bp75mEcZ4I`XHqntll$X>tGBzEeY1mZ^5bh9Cu2l5{lZdNh zfv6y0Wi*#zAW;UG z`GY~(zFntN?E+EY94}H^;?>r8a~TE_VIYpA;0kyw0;!86twaxr42N-&B?cJuP~eI) zV~K#CjoO=qj1-YBT^-{vw5#KnN`yH;#<4Pz6CVx#EsSq!PlemQZmW9;@e10=-s zI8P_WDvXvdsozPwXgdIN*eIzH?jk=-SRRzDPbL{s;sV((5>7Hm@mQ=6@hDgB@JY$31q)W)V`TZ(+J%7%m)L^{NbQ%r}mj3Re=mI z+@nu0aC1I}%b-k>0VcjIDA}oQd`(>-its`uTuel{D`KDIWa&9y%pdT}_BYawI}-w_ z-$|;W%S?9wn4C5##(#4N+X@S&5vXN(tD7x8XOVKhR zvt(q8guF6z3y)+8)MzZ37f2m&J*ALb&cNkaCevVRk^$!RcES319twNrLm>NkHyIq8 zoPgPGc9ZW~pUO7G*U{xlAoW+lDi<*GwdO5XUZ&VEPA0lfgwfyD78GL5rK_8j+zI3W z0mG#i#5K97PojI&@??+kA_2>4Wh)bPEnB57w*patsvK6xM!!ZXgtG}536~7oEneat`Nw9z=lgylX~n*yN-K4 zX0mRSIe(n$dVw5x>jjPF+^BXs0Ix zGIB95mjF;d=4zP%+5nbo{j$BT<*qsH&{G0AFhjx|iRR?~+X~|s5EulBL4Ox2SVU3MlP*vG zj6hl(t-4^WXf6pl9l%@w$F*o8$>#qBqAdV#f#j!2T3c!h==mf8_8(03QKBy+KodN@l!Dz)leD1j|>|pTztsgLZHP \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn () { + echo "$*" +} + +die () { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=`expr $i + 1` + done + case $i in + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=`save "$@"` + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +exec "$JAVACMD" "$@" diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat new file mode 100644 index 000000000..acdc32e2d --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat @@ -0,0 +1,103 @@ +@rem +@rem Copyright (c) 2021 Huawei Device Co., Ltd. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem http://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/settings.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/settings.gradle new file mode 100644 index 000000000..4773db732 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/settings.gradle @@ -0,0 +1 @@ +include ':entry' -- Gitee From 4899bdcfd22791f8ad102040a700aea86c6b1235 Mon Sep 17 00:00:00 2001 From: lsq Date: Thu, 20 Jan 2022 14:59:28 +0800 Subject: [PATCH 25/51] modify native token Change-Id: I384bd7c58e9346781f1cc59517c416527b0a17e5 Signed-off-by: lsq --- .../unittest/src/accesstoken_kit_test.cpp | 135 ---- interfaces/innerkits/nativetoken/BUILD.gn | 9 +- .../nativetoken/include/nativetoken.h | 49 +- .../nativetoken/include/nativetoken_kit.h | 2 - .../innerkits/nativetoken/src/nativetoken.c | 705 +++++++++--------- .../innerkits/nativetoken/test/BUILD.gn | 4 - .../unittest/src/nativetoken_kit_test.cpp | 278 ++----- 7 files changed, 451 insertions(+), 731 deletions(-) diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index fa4fec5ea..84fd25bc9 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2012,42 +2012,6 @@ HWTEST_F(AccessTokenKitTest, CheckNativeDCap002, TestSize.Level1) ASSERT_EQ(RET_FAILED, ret); } -static void ConcurrencyCheckNativeDCapTask(unsigned int tokenID) -{ - for (int i = 0; i < CYCLE_TIMES; i++) { - int ret = AccessTokenKit::CheckNativeDCap(tokenID, "AT_CAP_01"); - ASSERT_EQ(RET_SUCCESS, ret); - } -} - -/** - * @tc.name: CheckNativeDCap004 - * @tc.desc: Check native dcap multiple threads. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(AccessTokenKitTest, CheckNativeDCap004, TestSize.Level1) -{ - const char **dcaps = (const char **)malloc(sizeof(char *) * 1); - dcaps[0] = "AT_CAP_01"; - int dcapNum = 1; - uint64_t tokenId; - tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - tokenId = GetAccessTokenId("CheckNativeDCap004", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - - sleep(5); - AccessTokenID tokenID = tokenId & 0xffffffff; - std::vector threadVec; - for (int i = 0; i < THREAD_NUM; i++) { - threadVec.emplace_back(std::thread(ConcurrencyCheckNativeDCapTask, tokenID)); - } - for (auto it = threadVec.begin(); it != threadVec.end(); it++) { - it->join(); - } -} - /** * @tc.name: GetNativeTokenInfo001 * @tc.desc: cannot get native token with invalid tokenID. @@ -2064,103 +2028,4 @@ HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1) tokenID = 0xff; ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); ASSERT_EQ(ret, RET_FAILED); -} - -/** - * @tc.name: GetNativeTokenInfo002 - * @tc.desc: get native token successfully. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo002, TestSize.Level1) -{ - const char **dcaps = (const char **)malloc(sizeof(char *) * 2); - dcaps[0] = "AT_CAP_01"; - dcaps[1] = "ST_CAP_01"; - int dcapNum = 2; - uint64_t tokenId; - tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - tokenId = GetAccessTokenId("GetNativeTokenInfo002", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - - sleep(5); - AccessTokenID tokenID = tokenId & 0xffffffff; - NativeTokenInfo findInfo; - int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo002"); - ASSERT_EQ(findInfo.tokenID, tokenID); - ASSERT_EQ(findInfo.tokenAttr, 0); - std::vector dcap = {"AT_CAP_01", "ST_CAP_01"}; - ASSERT_EQ(findInfo.dcap, dcap); -} - -/** - * @tc.name: GetNativeTokenInfo003 - * @tc.desc: get native token successfully. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo003, TestSize.Level1) -{ - const char **dcaps = (const char **)malloc(sizeof(char *) * 2); - dcaps[0] = "AT_CAP_01"; - dcaps[1] = "ST_CAP_01"; - int dcapNum = 0; - uint64_t tokenId; - tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - tokenId = GetAccessTokenId("GetNativeTokenInfo003", nullptr, 0, "system_core"); - ASSERT_NE(tokenId, 0); - - sleep(5); - AccessTokenID tokenID = tokenId & 0xffffffff; - NativeTokenInfo findInfo; - int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo003"); - ASSERT_EQ(findInfo.tokenID, tokenID); - ASSERT_EQ(findInfo.tokenAttr, 0); -} - -static void ConcurrGetNativeTokenInfoTask(unsigned int tokenID) -{ - NativeTokenInfo findInfo; - for (int i = 0; i < CYCLE_TIMES; i++) { - int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); - ASSERT_EQ(RET_SUCCESS, ret); - } -} - -/** - * @tc.name: GetNativeTokenInfo004 - * @tc.desc: Concurrency testing. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo004, TestSize.Level1) -{ - const char **dcaps = (const char **)malloc(sizeof(char *) * 1); - dcaps[0] = "AT_CAP_01"; - int dcapNum = 1; - uint64_t tokenId; - tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - tokenId = GetAccessTokenId("GetNativeTokenInfo004", dcaps, dcapNum, "system_core"); - ASSERT_NE(tokenId, 0); - - sleep(5); - AccessTokenID tokenID = tokenId & 0xffffffff; - std::vector threadVec; - for (int i = 0; i < THREAD_NUM; i++) { - threadVec.emplace_back(std::thread(ConcurrGetNativeTokenInfoTask, tokenID)); - } - for (auto it = threadVec.begin(); it != threadVec.end(); it++) { - it->join(); - } } \ No newline at end of file diff --git a/interfaces/innerkits/nativetoken/BUILD.gn b/interfaces/innerkits/nativetoken/BUILD.gn index cfac0a924..5a4163d3b 100644 --- a/interfaces/innerkits/nativetoken/BUILD.gn +++ b/interfaces/innerkits/nativetoken/BUILD.gn @@ -29,26 +29,19 @@ ohos_static_library("libnativetoken") { public_configs = [ ":accesstokenlib" ] cflags = [ "-Wall" ] - cflags += [ "-pthread" ] include_dirs = [ - "//utils/native/base/include", - "//base/security/access_token/frameworks/common/include", "include", "src", "//third_party/cJSON", "//third_party/bounds_checking_function/include", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] sources = [ "src/nativetoken.c" ] deps = [ - "//base/security/access_token/frameworks/common:accesstoken_common_cxx", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", + "//third_party/bounds_checking_function:libsec_static", "//third_party/cJSON:cjson_static", - "//utils/native/base:utils", - "//utils/native/base:utilsecurec_shared", ] external_deps = [ "hiviewdfx_hilog_native:libhilog" ] diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index ed40a0704..dc036b648 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -13,14 +13,14 @@ * limitations under the License. */ -#include -#include -#include +#include #include +#include #include -#include #include #include +#include + #include "cJSON.h" #include "securec.h" #include "nativetoken_log.h" @@ -33,7 +33,7 @@ extern "C" { #endif #define MAX_PROCESS_NAME_LEN 256 -#define TOKEN_ID_CFG_PATH "/data/token.json" +#define TOKEN_ID_CFG_PATH "/data/system/access_token/nativetoken.json" #define SOCKET_FILE "/data/system/token_unix_socket.socket" #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 @@ -45,13 +45,20 @@ extern "C" { #define SYSTEM_PROP_NATIVE_RECEPTOR "rw.nativetoken.receptor.startup" #define PATH_MAX_LEN 4096 -#define FOUNDATION_NOT_STARTED 0 -#define FOUNDATION_STARTING 1 -#define ATM_SERVICE_STARTUP 2 - #define ATRET_FAILED 1 #define ATRET_SUCCESS 0 +#define DCAPS_KEY_NAME "dcaps" +#define TOKENID_KEY_NAME "tokenId" +#define TOKEN_ATTR_KEY_NAME "tokenAttr" +#define APL_KEY_NAME "APL" +#define VERSION_KEY_NAME "version" +#define PROCESS_KEY_NAME "processName" + +#define SYSTEM_CORE 3 +#define SYSTEM_BASIC 2 +#define NORMAL 1 + typedef unsigned int NativeAtId; typedef unsigned int NativeAtAttr; @@ -69,32 +76,16 @@ typedef struct { typedef struct TokenList { NativeAtId tokenId; + int32_t apl; + char *dcaps[MAX_DCAPS_NUM]; + int dcapsNum; char processName[MAX_PROCESS_NAME_LEN + 1]; struct TokenList *next; } NativeTokenList; -typedef struct TokenQueue { - NativeAtId tokenId; - int apl; - const char *processName; - const char **dcaps; - int dcapsNum; - int flag; - struct TokenQueue *next; -} NativeTokenQueue; - -#define TOKEN_QUEUE_NODE_INFO_SET(tmp, apl, processname, tokenId, exist, dcap, dacpNum) do { \ - (tmp).apl = (apl); \ - (tmp).processName = (processname); \ - (tmp).tokenId = (tokenId); \ - (tmp).flag = (exist); \ - (tmp).dcaps = (dcap); \ - (tmp).dcapsNum = (dacpNum); \ -} while (0) - extern int32_t GetFileBuff(const char *cfg, char **retBuff); #ifdef __cplusplus } #endif -#endif // NATIVE_TOKEN_H +#endif // NATIVE_TOKEN_H \ No newline at end of file diff --git a/interfaces/innerkits/nativetoken/include/nativetoken_kit.h b/interfaces/innerkits/nativetoken/include/nativetoken_kit.h index f03eff95b..564dcb76f 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken_kit.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken_kit.h @@ -25,8 +25,6 @@ extern "C" { #endif -extern int32_t AtlibInit(void); - extern uint64_t GetAccessTokenId(const char *processname, const char **dcap, int32_t dacpNum, const char *aplStr); #ifdef __cplusplus diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index 5cedde572..5373e41a6 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -14,15 +14,9 @@ */ #include "nativetoken.h" #include "nativetoken_kit.h" -#include "parameter.h" -#include "random.h" -NativeTokenQueue *g_tokenQueueHead; NativeTokenList *g_tokenListHead; -int32_t g_tranferStatus; int32_t g_isNativeTokenInited = 0; -int32_t g_signalFd; -static pthread_mutex_t g_tokenQueueHeadLock = PTHREAD_MUTEX_INITIALIZER; int32_t GetFileBuff(const char *cfg, char **retBuff) { @@ -64,7 +58,7 @@ int32_t GetFileBuff(const char *cfg, char **retBuff) return ATRET_FAILED; } - if (fread(buff, fileSize, 1, cfgFd) != 1) { + if (fread(buff, (size_t)fileSize, 1, cfgFd) != 1) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fread failed.", __func__); free(buff); buff = NULL; @@ -79,13 +73,95 @@ int32_t GetFileBuff(const char *cfg, char **retBuff) return ret; } +void FreeDcaps(char *dcaps[MAX_DCAPS_NUM], int32_t num) +{ + for (int32_t i = 0; i <= num; i++) { + if (dcaps[i] != NULL) { + free(dcaps[i]); + dcaps[i] = NULL; + } + } +} + +int32_t GetprocessNameFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) +{ + cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, PROCESS_KEY_NAME); + if (cJSON_IsString(processNameJson) == 0 || (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processNameJson is invalid.", __func__); + return ATRET_FAILED; + } + + if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, processNameJson->valuestring) != EOK) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); + return ATRET_FAILED; + } + return ATRET_SUCCESS; +} + +int32_t GetTokenIdFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) +{ + cJSON *tokenIdJson = cJSON_GetObjectItem(cjsonItem, TOKENID_KEY_NAME); + if ((cJSON_IsNumber(tokenIdJson) == 0) || (cJSON_GetNumberValue(tokenIdJson) <= 0)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenIdJson is invalid.", __func__); + return ATRET_FAILED; + } + tokenNode->tokenId = (NativeAtId)tokenIdJson->valueint; + return ATRET_SUCCESS; +} + +int32_t GetAplFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) +{ + cJSON *aplJson = cJSON_GetObjectItem(cjsonItem, APL_KEY_NAME); + if (cJSON_IsNumber(aplJson) == 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplJson is invalid.", __func__); + return ATRET_FAILED; + } + int apl = cJSON_GetNumberValue(aplJson); + if (apl <= 0 || apl > SYSTEM_CORE) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:apl = %d in file is invalid.", __func__, apl); + return ATRET_FAILED; + } + tokenNode->apl = aplJson->valueint; + return ATRET_SUCCESS; +} + +int32_t GetDcapsInfoFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) +{ + cJSON *dcapsJson = cJSON_GetObjectItem(cjsonItem, DCAPS_KEY_NAME); + int32_t dcapSize = cJSON_GetArraySize(dcapsJson); + + tokenNode->dcapsNum = dcapSize; + for (int32_t i = 0; i < dcapSize; i++) { + cJSON *dcapItem = cJSON_GetArrayItem(dcapsJson, i); + if (dcapItem == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_GetArrayItem failed.", __func__); + return ATRET_FAILED; + } + size_t length = strlen(dcapItem->valuestring); + if (cJSON_IsString(dcapItem) == 0 || (length > MAX_DCAP_LEN)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcapItem is invalid.", __func__); + return ATRET_FAILED; + } + tokenNode->dcaps[i] = (char *)malloc(sizeof(char) * length); + if (tokenNode->dcaps[i] == NULL) { + FreeDcaps(tokenNode->dcaps, i - 1); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:malloc invalid.", __func__); + return ATRET_FAILED; + } + if (strcpy_s(tokenNode->dcaps[i], length + 1, dcapItem->valuestring) != EOK) { + FreeDcaps(tokenNode->dcaps, i); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); + return ATRET_FAILED; + } + } + return ATRET_SUCCESS; +} + int32_t GetTokenList(const cJSON *object) { - cJSON *cjsonItem = NULL; int32_t arraySize; int32_t i; - cJSON *processNameJson = NULL; - cJSON *tokenIdJson = NULL; + int ret; NativeTokenList *tmp = NULL; if (object == NULL) { @@ -93,29 +169,26 @@ int32_t GetTokenList(const cJSON *object) } arraySize = cJSON_GetArraySize(object); for (i = 0; i < arraySize; i++) { - cjsonItem = cJSON_GetArrayItem(object, i); - processNameJson = cJSON_GetObjectItem(cjsonItem, "processName"); - tokenIdJson = cJSON_GetObjectItem(cjsonItem, "tokenId"); - if (cJSON_IsString(processNameJson) == 0 || (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN)) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processNameJson is invalid.", __func__); - return ATRET_FAILED; - } - if ((cJSON_IsNumber(tokenIdJson) == 0) || (cJSON_GetNumberValue(tokenIdJson) <= 0)) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenIdJson is invalid.", __func__); - return ATRET_FAILED; - } - tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tmp == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } - if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN + 1, processNameJson->valuestring) != EOK) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); + cJSON *cjsonItem = cJSON_GetArrayItem(object, i); + if (cjsonItem == NULL) { free(tmp); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_GetArrayItem failed.", __func__); return ATRET_FAILED; } - tmp->tokenId = (NativeAtId)tokenIdJson->valueint; + ret = GetprocessNameFromJson(cjsonItem, tmp); + ret |= GetTokenIdFromJson(cjsonItem, tmp); + ret |= GetAplFromJson(cjsonItem, tmp); + ret |= GetDcapsInfoFromJson(cjsonItem, tmp); + if (ret != ATRET_SUCCESS) { + free(tmp); + return ret; + } + tmp->next = g_tokenListHead->next; g_tokenListHead->next = tmp; } @@ -157,36 +230,45 @@ int32_t AtlibInit(void) } g_tokenListHead->next = NULL; - g_tokenQueueHead = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); - if (g_tokenQueueHead == NULL) { - free(g_tokenListHead); - g_tokenListHead = NULL; - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:g_tokenQueueHead memory alloc failed.", __func__); - return ATRET_FAILED; - } - g_tokenQueueHead->next = NULL; - int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_PATH); if (ret != ATRET_SUCCESS) { free(g_tokenListHead); g_tokenListHead = NULL; - free(g_tokenQueueHead); - g_tokenQueueHead = NULL; return ret; } - g_tranferStatus = FOUNDATION_NOT_STARTED; g_isNativeTokenInited = 1; return ATRET_SUCCESS; } +int GetRandomTokenId(uint32_t *randNum) +{ + uint32_t random; + int len; + int fd = open("/dev/urandom", O_RDONLY); + if (fd < 0) { + return ATRET_FAILED; + } + len = read(fd, &random, sizeof(random)); + (void)close(fd); + if (len != sizeof(random)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:read failed.", __func__); + return ATRET_FAILED; + } + *randNum = random; + return ATRET_SUCCESS; +} + NativeAtId CreateNativeTokenId(void) { uint32_t rand; NativeAtId tokenId; AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId); - rand = GetRandomUint32(); + int ret = GetRandomTokenId(&rand); + if (ret != ATRET_SUCCESS) { + return 0; + } innerId->reserved = 0; innerId->tokenUniqueId = rand & (0xFFFFFF); @@ -195,78 +277,24 @@ NativeAtId CreateNativeTokenId(void) return tokenId; } -int32_t TriggerTransfer() -{ - int32_t ret; - static const uint64_t increment = 1; - ret = write(g_signalFd, &increment, sizeof(increment)); - if (ret == -1) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:TriggerTransfer write failed.", __func__); - return ATRET_FAILED; - } - return ATRET_SUCCESS; -} - -int32_t TokenInfoSave(const NativeTokenQueue *node) -{ - if (node->apl == 0) { - return ATRET_FAILED; - } - NativeTokenQueue *curr; - curr = (NativeTokenQueue *)malloc(sizeof(NativeTokenQueue)); - if (curr == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); - return ATRET_FAILED; - } - curr->apl = node->apl; - curr->processName = node->processName; - curr->tokenId = node->tokenId; - curr->flag = node->flag; - curr->dcaps = node->dcaps; - curr->dcapsNum = node->dcapsNum; - - pthread_mutex_lock(&g_tokenQueueHeadLock); - curr->next = g_tokenQueueHead->next; - g_tokenQueueHead->next = curr; - pthread_mutex_unlock(&g_tokenQueueHeadLock); - - if (g_tranferStatus == ATM_SERVICE_STARTUP) { - return TriggerTransfer(); - } - return ATRET_SUCCESS; -} - int32_t GetAplLevel(const char *aplStr) { if (aplStr == NULL) { return 0; } if (strcmp(aplStr, "system_core") == 0) { - return 3; // system_core means apl level is 3 + return SYSTEM_CORE; // system_core means apl level is 3 } if (strcmp(aplStr, "system_basic") == 0) { - return 2; // system_basic means apl level is 2 + return SYSTEM_BASIC; // system_basic means apl level is 2 } if (strcmp(aplStr, "normal") == 0) { - return 1; + return NORMAL; } ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is invalid.", __func__); return 0; } -int32_t SendString(const char *str, int32_t fd) -{ - int32_t writtenSize; - int32_t len = strlen(str); - - writtenSize = write(fd, str, len); - if (len != writtenSize) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SendString write failed.", __func__); - return ATRET_FAILED; - } - return ATRET_SUCCESS; -} - void WriteToFile(const cJSON *root) { int32_t strLen; @@ -286,7 +314,7 @@ void WriteToFile(const cJSON *root) break; } strLen = strlen(jsonStr); - writtenLen = write(fd, (void *)jsonStr, strLen); + writtenLen = write(fd, (void *)jsonStr, (size_t)strLen); close(fd); if (writtenLen != strLen) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %d.", __func__, writtenLen); @@ -298,288 +326,118 @@ void WriteToFile(const cJSON *root) return; } -int32_t ExistNewTokenInfo(const NativeTokenQueue *head) +int32_t AddDcapsArray(cJSON *object, const NativeTokenList *curr) { - const NativeTokenQueue *iter = head; - while (iter != NULL) { - if (iter->flag == 0) { - return 1; - } - iter = iter->next; - } - return 0; -} -void SaveTokenIdToCfg(const NativeTokenQueue *head) -{ - const NativeTokenQueue *iter = head; - char *fileBuff = NULL; - cJSON *record = NULL; - int32_t ret; - - ret = ExistNewTokenInfo(head); - if (ret == 0) { - ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:there is no new info.", __func__); - return; - } - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); - if (ret != ATRET_SUCCESS) { - return; - } - - if (fileBuff == NULL) { - record = cJSON_CreateArray(); - } else { - record = cJSON_Parse(fileBuff); - free(fileBuff); - fileBuff = NULL; - } - - if (record == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:get record failed.", __func__); - return; + cJSON *dcapsArr = cJSON_CreateArray(); + if (dcapsArr == NULL) { + return ATRET_FAILED; } - - while (iter != NULL) { - if (iter->flag == 1) { - iter = iter->next; - continue; - } - cJSON *node = cJSON_CreateObject(); - if (node == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateObject failed.", __func__); - cJSON_Delete(record); - return; + for (int32_t i = 0; i < curr->dcapsNum; i++) { + cJSON *item = cJSON_CreateString(curr->dcaps[i]); + if (item == NULL || !cJSON_AddItemToArray(dcapsArr, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenAttr cJSON_AddItemToArray failed.", __func__); + cJSON_Delete(item); + cJSON_Delete(dcapsArr); + return ATRET_FAILED; } - cJSON_AddItemToObject(node, "processName", cJSON_CreateString(iter->processName)); - cJSON_AddItemToObject(node, "tokenId", cJSON_CreateNumber(iter->tokenId)); - cJSON_AddItemToArray(record, node); - iter = iter->next; } - WriteToFile(record); - cJSON_Delete(record); - return; + if (!cJSON_AddItemToObject(object, DCAPS_KEY_NAME, dcapsArr)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps cJSON_AddItemToObject failed.", __func__); + cJSON_Delete(dcapsArr); + return ATRET_FAILED; + } + return ATRET_SUCCESS; } -static cJSON *CreateNativeTokenJsonObject(const NativeTokenQueue *curr) +static cJSON *CreateNativeTokenJsonObject(const NativeTokenList *curr) { cJSON *object = cJSON_CreateObject(); if (object == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateObject failed.", __func__); return NULL; } + cJSON *item = cJSON_CreateString(curr->processName); - if (item == NULL || !cJSON_AddItemToObject(object, "processName", item)) { + if (item == NULL || !cJSON_AddItemToObject(object, PROCESS_KEY_NAME, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processName cJSON_AddItemToObject failed.", __func__); cJSON_Delete(item); + cJSON_Delete(object); return NULL; } item = cJSON_CreateNumber(curr->apl); - if (item == NULL || !cJSON_AddItemToObject(object, "APL", item)) { + if (item == NULL || !cJSON_AddItemToObject(object, APL_KEY_NAME, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:APL cJSON_AddItemToObject failed.", __func__); cJSON_Delete(item); + cJSON_Delete(object); return NULL; } item = cJSON_CreateNumber(DEFAULT_AT_VERSION); - if (item == NULL || !cJSON_AddItemToObject(object, "version", item)) { + if (item == NULL || !cJSON_AddItemToObject(object, VERSION_KEY_NAME, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:version cJSON_AddItemToObject failed.", __func__); cJSON_Delete(item); + cJSON_Delete(object); return NULL; } item = cJSON_CreateNumber(curr->tokenId); - if (item == NULL || !cJSON_AddItemToObject(object, "tokenId", item)) { + if (item == NULL || !cJSON_AddItemToObject(object, TOKENID_KEY_NAME, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenId cJSON_AddItemToObject failed.", __func__); cJSON_Delete(item); + cJSON_Delete(object); return NULL; } item = cJSON_CreateNumber(0); - if (item == NULL || !cJSON_AddItemToObject(object, "tokenAttr", item)) { + if (item == NULL || !cJSON_AddItemToObject(object, TOKEN_ATTR_KEY_NAME, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:tokenAttr cJSON_AddItemToObject failed.", __func__); cJSON_Delete(item); + cJSON_Delete(object); return NULL; } - - cJSON *dcapsArr = cJSON_CreateArray(); - if (dcapsArr == NULL) { - return NULL; - } - for (int32_t i = 0; i < curr->dcapsNum; i++) { - item = cJSON_CreateString(curr->dcaps[i]); - if (item == NULL || !cJSON_AddItemToArray(dcapsArr, item)) { - cJSON_Delete(item); - cJSON_Delete(dcapsArr); - return NULL; - } - } - if (!cJSON_AddItemToObject(object, "dcaps", dcapsArr)) { - cJSON_Delete(dcapsArr); - return NULL; + int ret = AddDcapsArray(object, curr); + if (ret != ATRET_SUCCESS) { + cJSON_Delete(object); } - return object; } - -static char *GetStrFromJson(const cJSON *root) -{ - char *jsonStr = cJSON_PrintUnformatted(root); - if (jsonStr == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_PrintUnformatted failed.", __func__); - return NULL; - } - - char *str = (char *)malloc(sizeof(char) * (strlen(jsonStr) + 1)); - if (str == NULL) { - cJSON_free(jsonStr); - return NULL; - } - - if (strcpy_s(str, strlen(jsonStr) + 1, jsonStr) != EOK) { - free(str); - str = NULL; - } - cJSON_free(jsonStr); - return str; -} - -static char *GetStringToBeSync(NativeTokenQueue *head) + +void SaveTokenIdToCfg(const NativeTokenList *curr) { - cJSON *object = NULL; - NativeTokenQueue *node = NULL; - - cJSON *array = cJSON_CreateArray(); - if (array == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateArray failed.", __func__); - return NULL; - } - - NativeTokenQueue *curr = head; - while (curr != 0) { - object = CreateNativeTokenJsonObject(curr); - if (object == NULL) { - cJSON_Delete(array); - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:CreateNativeTokenJsonObject failed.", __func__); - return NULL; - } - if (!cJSON_AddItemToArray(array, object)) { - cJSON_Delete(object); - cJSON_Delete(array); - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_AddItemToArray failed.", __func__); - return NULL; - } - node = curr; - curr = curr->next; - free(node); - node = NULL; - } - - cJSON *root = cJSON_CreateObject(); - if (root == NULL) { - cJSON_Delete(array); - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateObject failed.", __func__); - return NULL; - } - - if (!cJSON_AddItemToObject(root, TRANSFER_KEY_WORDS, array)) { - cJSON_Delete(root); - cJSON_Delete(array); - return NULL; - } - char *str = GetStrFromJson(root); - cJSON_Delete(root); - return str; -} + char *fileBuff = NULL; + cJSON *record = NULL; + int32_t ret; -static int32_t SyncToAtm(void) -{ - int32_t result; - struct sockaddr_un addr; - int32_t fd = -1; - char *str = NULL; - - pthread_mutex_lock(&g_tokenQueueHeadLock); - NativeTokenQueue *begin = g_tokenQueueHead->next; - g_tokenQueueHead->next = NULL; - pthread_mutex_unlock(&g_tokenQueueHeadLock); - - if (begin == NULL) { - ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:noting to be sent.", __func__); - return ATRET_SUCCESS; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + if (ret != ATRET_SUCCESS) { + return; } - SaveTokenIdToCfg(begin); - - str = GetStringToBeSync(begin); - if (str == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:str is null.", __func__); - return ATRET_FAILED; + if (fileBuff == NULL) { + record = cJSON_CreateArray(); + } else { + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; } - do { - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) { - result = ATRET_FAILED; - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:socket failed.", __func__); - break; - } - (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); - addr.sun_family = AF_UNIX; - if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strncpy_s failed.", __func__); - close(fd); - result = ATRET_FAILED; - break; - } - result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); - if (result != 0) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:connect failed. errno %d", __func__, errno); - close(fd); - result = ATRET_FAILED; - break; - } - ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:str is to be sent %s.", __func__, str); - result = SendString(str, fd); - close(fd); - } while (0); - - free(str); - return result; -} - -void *ThreadTransferFunc(const void *args) -{ - int32_t ret; - g_tranferStatus = FOUNDATION_STARTING; - - /* getpram */ - while (1) { - char buffer[MAX_PARAMTER_LEN] = {0}; - ret = GetParameter(SYSTEM_PROP_NATIVE_RECEPTOR, "false", buffer, MAX_PARAMTER_LEN - 1); - if (ret > 0 && !strncmp(buffer, "true", strlen("true"))) { - break; - } - ACCESSTOKEN_LOG_INFO("[ATLIB-%s]: %s get failed.", __func__, SYSTEM_PROP_NATIVE_RECEPTOR); - sleep(1); + if (record == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:get record failed.", __func__); + return; } - g_signalFd = eventfd(0, 0); - if (g_signalFd == -1) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:eventfd failed.", __func__); - return NULL; + cJSON *node = CreateNativeTokenJsonObject(curr); + if (node == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:CreateNativeTokenJsonObject failed.", __func__); + cJSON_Delete(record); + return; } + cJSON_AddItemToArray(record, node); - g_tranferStatus = ATM_SERVICE_STARTUP; - - uint64_t result; - while (1) { - ret = read(g_signalFd, &result, sizeof(uint64_t)); - if (ret == -1) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:read failed.", __func__); - continue; - } - - ret = SyncToAtm(); - if (ret != ATRET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SyncToAtm failed.", __func__); - } - } - return NULL; + WriteToFile(record); + cJSON_Delete(record); + return; } int32_t CheckProcessInfo(const char *processname, const char **dcaps, @@ -595,7 +453,7 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps is null or dacpNum is invalid.", __func__); return ATRET_FAILED; } - for (int i = 0; i < dacpNum; i++) { + for (int32_t i = 0; i < dacpNum; i++) { if (strlen(dcaps[i]) > MAX_DCAP_LEN) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcap length is invalid.", __func__); return ATRET_FAILED; @@ -610,7 +468,7 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, return ATRET_SUCCESS; } -int NativeTokenIdCheck(NativeAtId tokenId) +int32_t NativeTokenIdCheck(NativeAtId tokenId) { NativeTokenList *tokenNode = g_tokenListHead; while (tokenNode != NULL) { @@ -621,11 +479,14 @@ int NativeTokenIdCheck(NativeAtId tokenId) } return 0; } -static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *tokenId) + +static int32_t AddNewTokenToListAndCfgFile(const char *processname, const char **dcapsIn, + int32_t dacpNumIn, int32_t aplIn, NativeAtId *tokenId) { NativeTokenList *tokenNode; NativeAtId id; int32_t repeat; + do { id = CreateNativeTokenId(); repeat = NativeTokenIdCheck(id); @@ -636,25 +497,169 @@ static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *toke ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } + tokenNode->tokenId = id; + tokenNode->apl = aplIn; if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, processname) != EOK) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); free(tokenNode); return ATRET_FAILED; } - tokenNode->tokenId = id; + tokenNode->dcapsNum = dacpNumIn; + + for (int32_t i = 0; i < dacpNumIn; i++) { + tokenNode->dcaps[i] = (char *)malloc(sizeof(char) * (strlen(dcapsIn[i]) + 1)); + if (tokenNode->dcaps[i] != NULL && + (strcpy_s(tokenNode->dcaps[i], strlen(dcapsIn[i]) + 1, dcapsIn[i]) != EOK)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:copy dcapsIn[%d] failed.", __func__, i); + FreeDcaps(tokenNode->dcaps, i); + free(tokenNode); + return ATRET_FAILED; + } + } tokenNode->next = g_tokenListHead->next; g_tokenListHead->next = tokenNode; *tokenId = id; + + SaveTokenIdToCfg(tokenNode); + return ATRET_SUCCESS; +} + +int32_t CompareProcessInfo(NativeTokenList *tokenNode, const char **dcapsIn, int32_t dacpNumIn, int32_t aplIn) +{ + if (tokenNode->apl != aplIn) { + return 1; + } + if (tokenNode->dcapsNum != dacpNumIn) { + return 1; + } + for (int32_t i = 0; i < dacpNumIn; i++) { + if (strcmp(tokenNode->dcaps[i], dcapsIn[i]) != 0) { + return 1; + } + } + return 0; +} + +int32_t UpdateTokenInfoInList(NativeTokenList *tokenNode, const char **dcapsIn, int32_t dacpNumIn, int32_t aplIn) +{ + tokenNode->apl = aplIn; + + for (int32_t i = 0; i < tokenNode->dcapsNum; i++) { + free(tokenNode->dcaps[i]); + tokenNode->dcaps[i] = NULL; + } + + tokenNode->dcapsNum = dacpNumIn; + for (int32_t i = 0; i < dacpNumIn; i++) { + int32_t len = strlen(dcapsIn[i]) + 1; + tokenNode->dcaps[i] = (char *)malloc(sizeof(char) * len); + if (tokenNode->dcaps[i] != NULL && (strcpy_s(tokenNode->dcaps[i], len, dcapsIn[i]) != EOK)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:copy dcapsIn[%d] failed.", __func__, i); + FreeDcaps(tokenNode->dcaps, i); + return ATRET_FAILED; + } + } + return ATRET_SUCCESS; +} + +int32_t UpdateItemcontent(const NativeTokenList *tokenNode, cJSON *record) +{ + cJSON *itemApl = cJSON_CreateNumber(tokenNode->apl); + if (itemApl == NULL) { + return ATRET_FAILED; + } + if (!cJSON_ReplaceItemInObject(record, APL_KEY_NAME, itemApl)) { + cJSON_Delete(itemApl); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:APL update failed.", __func__); + return ATRET_FAILED; + } + + cJSON *dcapsArr = cJSON_CreateArray(); + if (dcapsArr == NULL) { + return ATRET_FAILED; + } + for (int32_t i = 0; i < tokenNode->dcapsNum; i++) { + cJSON *item = cJSON_CreateString(tokenNode->dcaps[i]); + if (item == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_CreateString failed.", __func__); + cJSON_Delete(dcapsArr); + return ATRET_FAILED; + } + if (!cJSON_AddItemToArray(dcapsArr, item)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_AddItemToArray failed.", __func__); + cJSON_Delete(item); + return ATRET_FAILED; + } + } + if (!cJSON_ReplaceItemInObject(record, DCAPS_KEY_NAME, dcapsArr)) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps update failed.", __func__); + cJSON_Delete(dcapsArr); + return ATRET_FAILED; + } + return ATRET_SUCCESS; +} + +int32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, cJSON *record) +{ + int32_t arraySize = cJSON_GetArraySize(record); + for (int32_t i = 0; i < arraySize; i++) { + cJSON *cjsonItem = cJSON_GetArrayItem(record, i); + if (cjsonItem == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_GetArrayItem failed.", __func__); + return ATRET_FAILED; + } + cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, PROCESS_KEY_NAME); + if (processNameJson == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:processNameJson is null.", __func__); + return ATRET_FAILED; + } + if (strcmp(processNameJson->valuestring, tokenNode->processName) == 0) { + return UpdateItemcontent(tokenNode, cjsonItem); + } + } + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cannot find process in config file.", __func__); + return ATRET_FAILED; +} + +int32_t UpdateTokenInfoInCfgFile(NativeTokenList *tokenNode) +{ + cJSON *record = NULL; + char *fileBuff = NULL; + + int32_t ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + if (ret != ATRET_SUCCESS) { + return ret; + } + + if (fileBuff == NULL) { + record = cJSON_CreateArray(); + } else { + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; + } + + if (record == NULL) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:get record failed.", __func__); + return ATRET_FAILED; + } + + ret = UpdateGoalItemFromRecord(tokenNode, record); + if (ret != ATRET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:UpdateGoalItemFromRecord failed.", __func__); + cJSON_Delete(record); + return ATRET_FAILED; + } + + WriteToFile(record); + cJSON_Delete(record); return ATRET_SUCCESS; } uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) { - NativeAtId tokenId; - NativeTokenQueue tmp = {0}; - pthread_t tid; - int32_t exist = 0; + NativeAtId tokenId = 0; uint64_t result = 0; int32_t apl; NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); @@ -668,14 +673,9 @@ uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t d return 0; } - if ((g_tranferStatus == FOUNDATION_NOT_STARTED) && strcmp("foundation", processname) == 0) { - (void)pthread_create(&tid, 0, (void*)ThreadTransferFunc, NULL); - } - NativeTokenList *tokenNode = g_tokenListHead; while (tokenNode != NULL) { if (strcmp(tokenNode->processName, processname) == 0) { - exist = 1; tokenId = tokenNode->tokenId; break; } @@ -683,18 +683,19 @@ uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t d } if (tokenNode == NULL) { - ret = AddNewNativeTokenToList(processname, &tokenId); - if (ret != ATRET_SUCCESS) { - return 0; + ret = AddNewTokenToListAndCfgFile(processname, dcaps, dacpNum, apl, &tokenId); + } else { + int32_t needUpdate = CompareProcessInfo(tokenNode, dcaps, dacpNum, apl); + if (needUpdate != 0) { + ret = UpdateTokenInfoInList(tokenNode, dcaps, dacpNum, apl); + ret |= UpdateTokenInfoInCfgFile(tokenNode); } } - - TOKEN_QUEUE_NODE_INFO_SET(tmp, apl, processname, tokenId, exist, dcaps, dacpNum); - ret = TokenInfoSave(&tmp); - if (ret != 0) { - return result; + if (ret != ATRET_SUCCESS) { + return 0; } + atPoint->tokenId = tokenId; atPoint->tokenAttr = 0; return result; -} +} \ No newline at end of file diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn index 25f2784d0..6b14f56e0 100644 --- a/interfaces/innerkits/nativetoken/test/BUILD.gn +++ b/interfaces/innerkits/nativetoken/test/BUILD.gn @@ -19,15 +19,12 @@ ohos_unittest("libnativetoken_test") { module_out_path = part_name + "/" + part_name include_dirs = [ - "//utils/native/base/include", "//third_party/cJSON", "//third_party/bounds_checking_function/include", "//base/security/access_token/interfaces/innerkits/nativetoken/include", ] sources = [ "unittest/src/nativetoken_kit_test.cpp" ] - cflags_cc = [ "-fexceptions" ] - cflags_cc += [ "-pthread" ] deps = [ "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", @@ -35,7 +32,6 @@ ohos_unittest("libnativetoken_test") { "//third_party/cJSON:cjson_static", "//third_party/googletest:gmock", "//third_party/googletest:gtest", - "//utils/native/base:utils", ] } diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index 69fd15cf2..a6782999a 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -21,16 +21,17 @@ using namespace testing::ext; using namespace OHOS::Security; -extern NativeTokenQueue *g_tokenQueueHead; extern NativeTokenList *g_tokenListHead; extern int32_t g_isNativeTokenInited; extern int32_t GetFileBuff(const char *cfg, char **retBuff); namespace { -static NativeTokenQueue g_readRes; static string g_jsonStr = "[" - "{\"processName\":\"asdf\", \"tokenId\":15}," - "{\"processName\":\"GetAccessTokenId008\", \"tokenId\":16}," - "{\"processName\":\"GetAccessTokenId009\", \"tokenId\":17}" + "{\"processName\":\"asdf\", \"tokenId\":15, \"APL\":3, \"version\":1, " + "\"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}," + "{\"processName\":\"GetAccessTokenId008\", \"tokenId\":16, \"APL\":3, \"version\":1," + " \"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}," + "{\"processName\":\"GetAccessTokenId009\", \"tokenId\":17, \"APL\":3, \"version\":1, " + "\"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}" "]"; } void TokenLibKitTest::SetUpTestCase() @@ -43,29 +44,16 @@ void TokenLibKitTest::SetUp() { g_isNativeTokenInited = 0; ResetFile(); - g_readRes.next = nullptr; } void TokenLibKitTest::TearDown() { - while (g_tokenQueueHead->next != nullptr) { - NativeTokenQueue *tmp = g_tokenQueueHead->next; - g_tokenQueueHead->next = tmp->next; - free(tmp); - tmp = nullptr; - } while (g_tokenListHead->next != nullptr) { NativeTokenList *tmp = g_tokenListHead->next; g_tokenListHead->next = tmp->next; free(tmp); tmp = nullptr; } - while (g_readRes.next != nullptr) { - NativeTokenQueue *tmp = g_readRes.next; - g_readRes.next = tmp->next; - free(tmp); - tmp = nullptr; - } } void TokenLibKitTest::ResetFile(void) @@ -83,36 +71,6 @@ void TokenLibKitTest::ResetFile(void) } } -void TokenLibKitTest::PthreadCloseTrigger(void) -{ - struct sockaddr_un addr; - int32_t fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:socket failed.", __func__); - return; - } - (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); - addr.sun_family = AF_UNIX; - if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), SOCKET_FILE, sizeof(addr.sun_path) - 1) != EOK) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strncpy_s failed.", __func__); - close(fd); - return; - } - int result = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); - if (result != 0) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:connect failed.", __func__); - close(fd); - return; - } - int32_t writtenSize = write(fd, "over", 4); - if (writtenSize != 4) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:SendString write failed.", __func__); - } - close(fd); - return; -} - - int Start(const char *processName) { const char *processname = processName; @@ -122,6 +80,7 @@ int Start(const char *processName) int dcapNum = 2; uint64_t tokenId; tokenId = GetAccessTokenId(processname, dcaps, dcapNum, "system_core"); + free(dcaps); return tokenId; } @@ -157,6 +116,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) const std::string validProcName02 (256, 'x'); tokenId = GetAccessTokenId(validProcName02.c_str(), dcaps, dcapNum, "system_core"); ASSERT_NE(tokenId, 0); + free(dcaps); } /** @@ -167,7 +127,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) */ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) { - const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + const char **dcaps = (const char **)malloc(sizeof(char *) * 32); dcaps[0] = "AT_CAP"; dcaps[1] = "ST_CAP"; int dcapNum = -1; @@ -179,6 +139,21 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) dcapNum = 33; tokenId = GetAccessTokenId("GetAccessTokenId002_00", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + for (int32_t i = 0; i < 32; i++) { + dcaps[i] = "AT_CAP"; + } + /* 32 is valid dcapNum */ + dcapNum = 32; + tokenId = GetAccessTokenId("GetAccessTokenId002_01", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + /* 31 is valid dcapNum */ + dcapNum = 31; + tokenId = GetAccessTokenId("GetAccessTokenId002_02", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + free(dcaps); } /** @@ -219,6 +194,8 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) dcaps[0] = validDcap02.c_str(); tokenId = GetAccessTokenId("GetAccessTokenId003_04", dcaps, dcapNum, "system_core"); ASSERT_NE(tokenId, 0); + + free(dcaps); } /** @@ -239,6 +216,8 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, "system_invalid"); ASSERT_EQ(tokenId, 0); + + free(dcaps); } /** @@ -258,132 +237,36 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) } /** - * @tc.name: GetAccessTokenId007 - * @tc.desc: Get AccessTokenId before ATM is prepared with new processName. + * @tc.name: GetAccessTokenId006 + * @tc.desc: Get AccessTokenId with new processName and check g_tokenListHead. * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1) { uint64_t tokenID; NativeAtIdEx *tokenIdEx = (NativeAtIdEx *)(&tokenID); - tokenID = Start("GetAccessTokenId007"); + tokenID = Start("GetAccessTokenId006"); - int ret = strcmp("GetAccessTokenId007", g_tokenListHead->next->processName); + int ret = strcmp("GetAccessTokenId006", g_tokenListHead->next->processName); ASSERT_EQ(ret, 0); ASSERT_EQ(tokenIdEx->tokenId, g_tokenListHead->next->tokenId); - ret = strcmp("GetAccessTokenId007", g_tokenQueueHead->next->processName); - ASSERT_EQ(ret, 0); - ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); - char *fileBuff = nullptr; ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); ASSERT_EQ(ret, ATRET_SUCCESS); - string s = "GetAccessTokenId007"; + string s = "GetAccessTokenId006"; char *pos = strstr(fileBuff, s.c_str()); - ASSERT_EQ(pos, nullptr); -} - -/** - * @tc.name: GetAccessTokenId008 - * @tc.desc: Get AccessTokenId before ATM is prepared with processName which has existed. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) -{ - uint64_t tokenID; - NativeAtIdEx *tokenIdEx = (NativeAtIdEx *)(&tokenID); - tokenID = Start("GetAccessTokenId008"); - - string s = "GetAccessTokenId008"; - int ret = strcmp(s.c_str(), g_tokenQueueHead->next->processName); - ASSERT_EQ(ret, 0); - ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); -} - -/** - * @tc.name: GetAccessTokenId009 - * @tc.desc: Get AccessTokenId after ATM is prepared with new processName. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) -{ - char *fileBuffBefore = nullptr; - int32_t ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); - ASSERT_EQ(ret, ATRET_SUCCESS); - char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId009"); - ASSERT_NE(posMatch, nullptr); - free(fileBuffBefore); - - uint64_t tokenIdFoundation = Start("foundation"); - ASSERT_NE(tokenIdFoundation, 0); - sleep(DELAY_ONE_SECONDS); - uint64_t tokenID009 = Start("GetAccessTokenId009"); - ASSERT_NE(tokenID009, 0); - - tokenID009 = Start("GetAccessTokenId009_01"); - ASSERT_NE(tokenID009, 0); - - tokenID009 = Start("GetAccessTokenId009_02"); - ASSERT_NE(tokenID009, 0); - - sleep(DELAY_ONE_SECONDS); - char *fileBuff = nullptr; - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); - ASSERT_EQ(ret, ATRET_SUCCESS); - char *pos = strstr(fileBuff, "GetAccessTokenId009"); - ASSERT_NE(pos, nullptr); - pos = strstr(fileBuff, "GetAccessTokenId009_01"); ASSERT_NE(pos, nullptr); - pos = strstr(fileBuff, "GetAccessTokenId009_02"); - ASSERT_NE(pos, nullptr); - free(fileBuff); - PthreadCloseTrigger(); } /** - * @tc.name: GetAccessTokenId010 - * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) -{ - char *fileBuffBefore = nullptr; - int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); - ASSERT_EQ(ret, ATRET_SUCCESS); - - char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId010"); - ASSERT_EQ(posMatch, nullptr); - free(fileBuffBefore); - - uint64_t tokenIdFoundation = Start("foundation"); - ASSERT_NE(tokenIdFoundation, 0); - sleep(DELAY_ONE_SECONDS); - uint64_t tokenID010 = Start("GetAccessTokenId010"); - ASSERT_NE(tokenID010, 0); - - sleep(DELAY_ONE_SECONDS); - char *fileBuff = nullptr; - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); - ASSERT_EQ(ret, ATRET_SUCCESS); - - char *pos = strstr(fileBuff, "GetAccessTokenId010"); - ASSERT_NE(pos, nullptr); - free(fileBuff); - - PthreadCloseTrigger(); -} -/** - * @tc.name: GetAccessTokenId011 - * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.name: GetAccessTokenId007 + * @tc.desc: Get a batch of AccessTokenId. * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) { char processName[200][MAX_PROCESS_NAME_LEN]; /* enable 200 process before fondation is prepared */ @@ -394,48 +277,70 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) uint64_t tokenId = Start(processName[i]); ASSERT_NE(tokenId, 0); } - uint64_t tokenId011 = Start("foundation"); - ASSERT_NE(tokenId011, 0); - sleep(5); - tokenId011 = Start("process"); - ASSERT_NE(tokenId011, 0); + char *fileBuff = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, 0); + for (int32_t i = 0; i < 200; i++) { + char *pos = strstr(fileBuff, processName[i]); + ASSERT_NE(pos, nullptr); + } + free(fileBuff); } /** - * @tc.name: GetAccessTokenId012 - * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.name: GetAccessTokenId008 + * @tc.desc: Get AccessTokenId and check the config file. * @tc.type: FUNC * @tc.require:AR000GK6TD */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) +HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) { + char *fileBuff = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, 0); + char *pos = strstr(fileBuff, "process1"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process2"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process3"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process4"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process5"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process6"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process7"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process8"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process9"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "foundation"); + ASSERT_EQ(pos, nullptr); + free(fileBuff); + Start("process1"); Start("process2"); Start("process3"); Start("process4"); Start("process5"); - sleep(5); - Start("foundation"); Start("process6"); Start("process7"); Start("process8"); Start("process9"); Start("process10"); - sleep(5); Start("process15"); Start("process16"); - sleep(5); Start("process17"); - sleep(5); Start("process18"); - sleep(5); Start("process19"); - sleep(5); - char *fileBuff = nullptr; - int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); ASSERT_EQ(ret, 0); - char *pos = strstr(fileBuff, "process1"); + GTEST_LOG_(INFO) << "fileBuff" << fileBuff; + pos = strstr(fileBuff, "process1"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process2"); ASSERT_NE(pos, nullptr); @@ -456,33 +361,4 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) pos = strstr(fileBuff, "foundation"); ASSERT_NE(pos, nullptr); free(fileBuff); - PthreadCloseTrigger(); -} - -/** - * @tc.name: GetAccessTokenId013 - * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. - * @tc.type: FUNC - * @tc.require:AR000GK6TD - */ -HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1) -{ - sleep(5); - Start("process1"); - Start("process2"); - Start("process3"); - Start("process4"); - Start("process5"); - sleep(5); - Start("foundation"); - Start("process6"); - sleep(5); - Start("process11"); - Start("process12"); - Start("process13"); - Start("process15"); - Start("process16"); - Start("process17"); - sleep(1); - PthreadCloseTrigger(); } -- Gitee From d9db7f8310d565f2ccf914c5cf483f361add9cb2 Mon Sep 17 00:00:00 2001 From: wenfei Date: Fri, 21 Jan 2022 18:20:00 +0800 Subject: [PATCH 26/51] add permission-manager code Signed-off-by: wenfei --- .../.gitignore | 21 - .../build.gradle | 33 - .../entry/.gitignore | 2 - .../entry/build.gradle | 26 - .../entry/package.json | 1 - .../entry/src/main/config.json | 64 -- .../entry/src/main/ets/default/app.ets | 23 - .../ets/default/common/components/dialog.ets | 158 ---- .../default/common/model/dialogDataList.ets | 21 - .../src/main/ets/default/pages/dialogPlus.ets | 53 -- .../resources/ar/properties/string.json | 14 - .../resources/dark/properties/string.json | 7 - .../resources/default/media/icon_actived.png | Bin 1671 -> 0 bytes .../resources/default/media/icon_normal.png | Bin 1107 -> 0 bytes .../resources/default/properties/string.json | 19 - .../resources/en/properties/string.json | 14 - .../resources/light/properties/string.json | 7 - .../resources/zh/properties/string.json | 14 - .../main/resources/base/element/color.json | 20 - .../main/resources/base/element/string.json | 12 - .../main/resources/base/media/ic_exercise.svg | 16 - .../main/resources/base/media/ic_nearby.svg | 7 - .../src/main/resources/base/media/icon.png | Bin 6790 -> 0 bytes .../gradle.properties | 14 - .../gradlew | 183 ----- .../gradlew.bat | 103 --- .../settings.gradle | 1 - .../build.gradle | 11 + .../entry/src/main/config.json | 25 +- .../common/components/alphabeticalIndex.ets | 2 +- .../ets/default/common/components/backBar.ets | 1 - .../default/common/components/category.ets | 123 --- .../ets/default/common/components/dialog.ets | 73 +- .../ets/default/common/components/search.ets | 5 +- .../default/common/components/titleBar.ets | 39 - .../common/model/authorityManagementList.ets | 23 +- .../default/common/model/definePermission.ets | 753 ++++++++++++++++++ .../default/common/model/dialogDataList.ets | 2 +- .../ets/default/common/model/mediaDocList.ets | 10 +- .../default/common/model/permissionGroup.ets | 59 ++ .../ets/default/common/model/privacyList.ets | 21 - .../main/ets/default/pages/app-name-plus.ets | 78 +- .../src/main/ets/default/pages/app-name.ets | 53 +- .../default/pages/authority-management.ets | 148 ++-- .../src/main/ets/default/pages/calendar.ets | 116 +++ .../src/main/ets/default/pages/dialog.ets | 0 .../src/main/ets/default/pages/dialogPlus.ets | 135 ++++ .../main/ets/default/pages/location-info.ets | 58 +- .../ets/default/pages/media-documents.ets | 79 +- .../ets/default/pages/other-permissions.ets | 54 +- .../pages/permission-access-record.ets | 77 +- .../src/main/ets/default/pages/privacy.ets | 171 ---- .../main/resources/base/element/string.json | 2 +- 53 files changed, 1471 insertions(+), 1480 deletions(-) delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradle.properties delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.GrantAbility => com.ohos.permissionmanager.MainAbility}/entry/src/main/ets/default/pages/dialog.ets (100%) create mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore deleted file mode 100644 index b297692be..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/.gitignore +++ /dev/null @@ -1,21 +0,0 @@ -*.iml -.gradle -/local.properties -/.idea/caches -/.idea/libraries -/.idea/modules.xml -/.idea/workspace.xml -/.idea/navEditor.xml -/.idea/assetWizardSettings.xml -.DS_Store -/build -/captures -.externalNativeBuild -/entry/.preview -.cxx -/node_modules -**/.gradle -**/.idea - -/.idea/previewer/phone/ -/.idea/previewer/previewConfigV2.json diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle deleted file mode 100644 index 924a888a1..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/build.gradle +++ /dev/null @@ -1,33 +0,0 @@ -// Top-level build file where you can add configuration options common to all sub-projects/modules. -apply plugin: 'com.huawei.ohos.app' - -//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 -ohos { - compileSdkVersion 7 -} - -buildscript { - repositories { - maven { - url 'https://repo.huaweicloud.com/repository/maven/' - } - maven { - url 'https://developer.huawei.com/repo/' - } - } - dependencies { - classpath 'com.huawei.ohos:hap:3.0.5.2' - classpath 'com.huawei.ohos:decctest:1.2.7.2' - } -} - -allprojects { - repositories { - maven { - url 'https://repo.huaweicloud.com/repository/maven/' - } - maven { - url 'https://developer.huawei.com/repo/' - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore deleted file mode 100644 index 7d5b7a94f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -/build -/node_modules diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle deleted file mode 100644 index 0f0156791..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/build.gradle +++ /dev/null @@ -1,26 +0,0 @@ -apply plugin: 'com.huawei.ohos.hap' -apply plugin: 'com.huawei.ohos.decctest' -//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 -ohos { - compileSdkVersion 7 - defaultConfig { - compatibleSdkVersion 7 - } - buildTypes { - release { - proguardOpt { - proguardEnabled false - rulesFiles 'proguard-rules.pro' - } - } - } -} - -dependencies { - implementation fileTree(dir: 'libs', include: ['*.jar', '*.har']) - testImplementation 'junit:junit:4.13.1' - ohosTestImplementation 'com.huawei.ohos.testkit:runner:2.0.0.200' -} -decc { - supportType = ['html','xml'] -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json deleted file mode 100644 index 0967ef424..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/package.json +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json deleted file mode 100644 index 693761dd8..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/config.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "app": { - "bundleName": "com.example.myapplication", - "vendor": "example", - "version": { - "code": 1000000, - "name": "1.0.0" - } - }, - "deviceConfig": {}, - "module": { - "package": "com.example.myapplication", - "name": ".MyApplication", - "mainAbility": "com.example.myapplication.GrantAbility", - "deviceType": [ - "phone" - ], - "distro": { - "deliveryWithInstall": true, - "moduleName": "entry", - "moduleType": "entry", - "installationFree": false - }, - "abilities": [ - { - "skills": [ - { - "entities": [ - "entity.system.home" - ], - "actions": [ - "action.system.home" - ] - } - ], - "orientation": "portrait", - "visible": true, - "name": "com.example.myapplication.GrantAbility", - "icon": "$media:icon", - "description": "$string:mainability_description", - "label": "$string:entry_MainAbility", - "type": "page", - "launchType": "standard" - } - ], - "js": [ - { - "mode": { - "syntax": "ets", - "type": "pageAbility" - }, - "pages": [ - "pages/dialog", - "pages/dialogPlus" - ], - "name": "default", - "window": { - "designWidth": 720, - "autoDesignWidth": false - } - } - ] - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets deleted file mode 100644 index 2a3b62387..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/app.ets +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export default { - onCreate() { - console.info('Application onCreate') - }, - onDestroy() { - console.info('Application onDestroy') - }, -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets deleted file mode 100644 index 4c1632976..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/components/dialog.ets +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { dialogData } from "../model/dialogDataList.ets" - -@Extend(Button) function customizeButton() { - .backgroundColor($r('app.color.default_background_color')) - .fontColor($r('app.color.button_color')) -} - -@CustomDialog -export struct spaceDialog { - controller: CustomDialogController - cancel: () => void - confirm: () => void - - build() { - Column() { - Image($r('app.media.ic_nearby')) - .width(24) - .height(24) - .margin({ - top: 24 - }) - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text('是否允许“XX”查找、连接附近设备?').fontSize(16) - .margin({ - top: 16, - left: 24 - }) - } - } - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text('用于XXXX。').fontSize(14) - .fontColor($r('app.color.secondary_font_color')) - .margin({ - top: 2, - left: 24 - }) - } - } - } - Row() { - Flex({ justifyContent: FlexAlign.SpaceAround }) { - Button('禁止') - .fontSize(16) - .onClick(() => { - this.controller.close() - this.cancel() - }).customizeButton() - Text('|').fontSize(30).fontColor($r('app.color.divider_color')) - Button('允许') - .fontSize(16) - .onClick(() => { - this.controller.close() - this.confirm() - }).customizeButton() - }.margin({ - top: 8 - }) - } - } - .backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .height(170) - .width(336) - } -} - -@CustomDialog -export struct privacyDialog { - @Prop count: number - controller: CustomDialogController - cancel: () => void - confirm: () => void - - build() { - Column() { - if (this.count < dialogData.length) { - Image(dialogData[this.count].icon) - .width(24) - .height(24) - .margin({ - top: 24 - }) - Text(`${this.count + 1} / ${dialogData.length}`) - .fontSize(14) - .fontColor($r('app.color.secondary_font_color')) - .margin({ - top: 2 - }) - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text(dialogData[this.count].message1).fontSize(16) - .margin({ - top: 16, - left: 24 - }) - } - } - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text(dialogData[this.count].message2).fontSize(14) - .fontColor($r('app.color.secondary_font_color')) - .margin({ - top: 2, - left: 24 - }) - } - } - } - } - Row() { - Flex({ justifyContent: FlexAlign.SpaceAround }) { - Button('禁止') - .fontSize(16) - .onClick(() => { - this.cancel() - if (this.count === dialogData.length) { - this.controller.close() - } - }).customizeButton() - Text('|').fontSize(30).fontColor($r('app.color.divider_color')) - Button('允许') - .fontSize(16) - .onClick(() => { - this.confirm() - if (this.count === dialogData.length) { - this.controller.close() - } - }).customizeButton() - }.margin({ - top: 8 - }) - } - } - .backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .height(186) - .width(336) - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets deleted file mode 100644 index f3c5572c2..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/common/model/dialogDataList.ets +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const dialogData: any[] = [ - { 'name': '权限1', 'index': 1, 'message1': '内容1','message2': '内容一', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限2', 'index': 2, 'message1': '内容2','message2': '内容二', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限3', 'index': 3, 'message1': '内容3','message2': '内容三', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限4', 'index': 4, 'message1': '内容4','message2': '内容四', 'icon': $r("app.media.ic_exercise") } -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets deleted file mode 100644 index b8e8718d3..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialogPlus.ets +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { privacyDialog } from "../common/components/dialog.ets" -import { dialogData } from "../common/model/dialogDataList.ets" - -@Entry -@Component -struct dialogPlusPage { - @State count: number = 0 - privacyDialogController: CustomDialogController = new CustomDialogController({ - builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), - cancel: this.privacyExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true - }) - privacyAccept() { - this.count < dialogData.length ? this.count += 1 : this.count = 0 - console.info('accept ' + this.count) - - } - privacyCancel() { - if (this.count < dialogData.length) { - this.count += 1 - } else { - this.count = 0 - } - console.info('cancel' + this.count) - - } - privacyExist() { - console.info("exist") - } - aboutToAppear() { - this.privacyDialogController.open() - } - build() { - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json deleted file mode 100644 index c3a6df19c..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/ar/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "< more" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json deleted file mode 100644 index ddc52a17f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/dark/properties/string.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "colors": { - "colorSubBackground": "#000000", - "appbar_subtitle_color": "#99ffffff", - "text_color": "#ffffff" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png deleted file mode 100644 index 49991d108d51f1803ff3dcadc8870d69977908e7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1671 zcmV;226*|2P)FV00001b5ch_0Itp) z=>Px*K}keGRA>e5S!-++RS=%p`$R&uO$0?K@<;FU50F43#8!FH$C>oSPVef0lnOn9!yL?k)bY zlich%XJ)=L-`PE{xd1~lGy)Zk09NF!I8R=jnN~1h5t7wF0HYD`URIChUy|$H{Om@e zE=1#OEQb5qTas;xd)dW`2ux|pOwALmVUWc{biYm%Oz<2U&_ZBr>u62>sN<{JmPKI7 zQW{sV%nby%8i))PP``|XNZS*M^joKPV3)4H7J*qWQ=;c`W+M>10YE9;&VudHWFng< zj!kd)Y71t9Z3ncG2~2OIktUftiQusT_rWhA!r?Tgn|^A=%TdrH5vXs@&dB8pyBV-H z3TUM^hSP#JC;^$M1&a<7(1obKcl)6dgZvN)S1p(Y5W|xm@8*@bTix=L1j@xnVigX0w@}`9-FE{Cu158;P)XWgO~iozNX!1Y17K z!*7>4ByGV=GMTC?wNI3M1KF(kemTKERFAM}eZmvG#4ChECpP**sa(!{uauvMKwVSz z0RViylyOj7)o_5UC@_qP(A*odvJ$gW@CoM~|Tc?cj_t9bOahiT>f7zY;aCN?YB zR$KVUk}J?lZa)tJvY^>*6s10MvIol7ZI*_u3W5ZS)Vh=%y~>Wu>+g8CQIvYkUE!l| zVq328Y9u$kesK`suefXi7cLQe{&jd@Vk5TY3dbnd z)P8ZV+GF}PWfWSzEx=#@5Ug1egWK%law*Sxs~te6*r>MG}VuSOt*gq-|VFW?D(pa2Js=+6hqEvdMUHvnYt z9W*-V2tJgpdm#=F);Sh46~AOzh`zEc4s)kluz7nPu4&8-NsOtWj-I))S5*d;t9hnu zd^MpRyoxEr1w*i+ie&XvThBYMTWs>48hjp-WAO*CCty4$5C=ofT_kw(qa5V&!Dy1r z>)4Z?pjtWJfGGGN{iSM9s{G=j*q{Y3_%aZJ877j7blZ3cBx3k6Ao@;(T3*}dH->lS z?kKD-n1byuJbgKj>ehP*w6~;A@oMy`+t98*_jC+`y0PtapMojaej@qPQb}MB0RiAd z>pOg{lwH{&!*~yz!^`0962X=}yn?1Af4%Ll3yp11y!|75XxHuMgfR%RVcjkfZ0W-- zlJqT=kq|rI;j9{&dYhpRsbHr%3AXOagH`@vQiXGr1yiu44^<@DD;aCGO)Y!rDq2bF zUC)|Fxv5rZhS{7NS-&a)>57hh1Bhl8VAHl79Buame}OaAbAmF}fdr%rxhLoI)jJ?@JtrFrf6^Q46;1&%@t6P9sU~#tdu>%TR|B5ZGddT9Uja@}v{_ zn_c=;3?wU&^37m6gUjRqj`NXw7vCQ`e|3)fEz7P%Jhmh(GcC4}2#DdWKR8;MM5EN* zlH}lp#LOuOqiPUp_`FkdXCM5Ps{~hi2>!T2aQrm?IQT4+C?)K1Xm~QctZfJWSxWD2 zi%dWqC1Wi~Um{$`d$#Mq?1t8@^Rmq=pDZ57wxSO`FQyg&+r2OOEBRANLF#AmY@Fhg zcYWD7W$*D@DjoK&N?8PK49TNPDpIm}VFy6l$9~GeOwL_$bdlZPZr6QQL_qCKRx3%2 zNp6Y%H|1P(ap@hyS5)~l diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png deleted file mode 100644 index cdf5bb49392dfce97ea9fa1be0ace95715903498..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1107 zcmV-Z1g!gsP)FV00001b5ch_0Itp) z=>Px(4M{{nRA>e5n0ap$F$~4aeUm-VoFq@wM0-OltrqH0TZSvN#0@VoM~bD%1vm{Dyc`;;+DIJsyeV{HnoTx+s1Sf0PCr5&%v=7LS&UP52$Z z*kA9(>`IgZAZ?iWgLGcQEkJso7pYXedmG^QYJX_5_njI(5*O8Yo@wNDq5~F2SEP;+(+SVs)*T4rP1S)9qVdJE{wT)CR!{qW@M*z|vUYcuVRq0H<>a$an#k^r%Xm{pbbI;yi=X6ZNeq z-vf|AwgnwMF94Rg1vMvhjcn`-O=AKZ0O`XfY(Y(0)X2uZ;9HVLHUJKeR@9Wq8d>X4 zvI;f;Tl%bW?)R76NAs;l)~M!Jpf!CM4NeXfaA{ z=9stkVp{}6TEVL#`=!&I>0JrQ3fSI-bATBf3iNM@^iOuib2dUSoT}`Xn$_TjMtUw_ z2d$YAW}DWT8&fOL#YS%BtnH+V*#Ovd$r4%Z0Iu;07#>~jCWLQNZ;M`KK)$9*VXFq%_I$#ZEzgiAj2xR~*HIYLZae1OSKb)(P;POt=Rjp{Iu_8i>FkTF1{i(>LxriO} z1ZaUd_4rF8b{4}NDCm1juGfQsofo3LBQW+8kxsT3u~WT5`oNL@K#bEV$P)n7gHv^= zJ!YKLpk!Oe^=gstn|gMt4j*F-9S|KZ68FWv)&X1W4Tvo5LAZRdcW9@1vZBz<>E*X) zdLmmyO#m39YVpq+r)I6LRI(r-Dj(&tFSw3@RwqcM4UsN%3hc=UXOCMda|5&n5NvXB zAqXm!w?BfM_rzKHF7^SZe-p+A5D!W){4vI+CK$*bARWl(K%B+#W~Ze)W1fL|2L6{B Z_ye>Cr2VxM_(lK#002ovPDHLkV1jHc1@-^{ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json deleted file mode 100644 index 127f01aeb..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/default/properties/string.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "more >" - }, - "colors": { - "colorSubBackground": "#f1f3f5", - "appbar_subtitle_color": "#99000000", - "text_color": "#000000" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json deleted file mode 100644 index 319b5d66e..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/en/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "more >" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json deleted file mode 100644 index 4b9482c8f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/light/properties/string.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "colors": { - "colorSubBackground": "#f1f3f5", - "appbar_subtitle_color": "#99000000", - "text_color": "#000000" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json deleted file mode 100644 index 4ca364c62..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/resources/zh/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "分类页", - "describe": "描述", - "category": "分类", - "itemChild": "子类", - "item": "类型", - "search": "搜索...", - "you_search": "你搜索了", - "you_clicked": "你点击了", - "tab": "分页", - "more": "更多 >" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json deleted file mode 100644 index 3477227c1..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/color.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "color": [ - { - "name": "divider_color", - "value": "#f3f4f6" - }, - { - "name": "default_background_color", - "value": "#ffffff" - }, - { - "name": "button_color", - "value": "#0a59f7" - }, - { - "name": "secondary_font_color", - "value": "#808080" - } - ] -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json deleted file mode 100644 index 319332fcd..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/element/string.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "string": [ - { - "name": "entry_MainAbility", - "value": "entry_MainAbility" - }, - { - "name": "mainability_description", - "value": "ETS_Category Ability" - } - ] -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg deleted file mode 100644 index b488a4243..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_exercise.svg +++ /dev/null @@ -1,16 +0,0 @@ - - - - - diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg deleted file mode 100644 index 4b201c865..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/ic_nearby.svg +++ /dev/null @@ -1,7 +0,0 @@ - - - HM/ic/24x24/ic_nearby - - - - \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/resources/base/media/icon.png deleted file mode 100644 index ce307a8827bd75456441ceb57d530e4c8d45d36c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6790 zcmX|G1ymHk)?T_}Vd;>R?p|tHQo6fg38|$UVM!6BLrPFWk?s;$LOP{GmJpBl$qoSA!PUg~PA65-S00{{S`XKG6NkG0RgjEntPrmV+?0|00mu7;+5 zrdpa{2QLqPJ4Y{j7=Mrl{BaxrkdY69+c~(w{Fv-v&aR%aEI&JYSeRTLWm!zbv;?)_ ziZB;fwGbbeL5Q}YLx`J$lp~A09KK8t_z}PZ=4ZzgdeKtgoc+o5EvN9A1K1_<>M?MBqb#!ASf&# zEX?<)!RH(7>1P+j=jqG(58}TVN-$psA6K}atCuI!KTJD&FMmH-78ZejBm)0qc{ESp z|LuG1{QnBUJRg_E=h1#XMWt2%fcoN@l7eAS!Es?Q+;XsRNPhiiE=@AqlLkJzF`O18 zbsbSmKN=aaq8k3NFYZfDWpKmM!coBU0(XnL8R{4=i|wi{!uWYM2je{U{B*K2PVdu&=E zTq*-XsEsJ$u5H4g6DIm2Y!DN`>^v|AqlwuCD;w45K0@eqauiqWf7l&o)+YLHm~|L~ z7$0v5mkobriU!H<@mVJHLlmQqzQ3d6Rh_-|%Yy2li*tHO>_vcnuZ7OR_xkAIuIU&x z-|8Y0wj|6|a6_I(v91y%k_kNw6pnkNdxjqG8!%Vz_d%c_!X+6-;1`GC9_FpjoHev5fEV7RhJ>r=mh-jp$fqbqRJ=obwdgLDVP5+s zy1=_DWG0Y-Jb3t^WXmkr(d9~08k-|#Ly zaNOmT(^9tIb&eb4%CzIT zAm3CUtWSr1t4?h1kk#NBi{U|pJslvME{q|_eS^3En>SOqSxyuN1x;Is@8~m?*>}** znrRFArP!K_52RpX*&JHMR<^lVdm8ypJ}0R(SD(51j;6@ni$6bQ+2XL+R^|NnSp5}(kzvMZ^(@4fD_{QVu$(&K6H|C37TG1Am9Re{<<3gd zh@`>;BqkXMW&p0T6rt|iB$)~CvFe(XC)F9WgAZn*0@t$oZo;!*}r@_`h?KKH&6A@3= zISXoQB+~`op>NP-buiA*^0n{@i{_?MRG)&k)c)k_F+-2Lud!S9pc+i`s74NpBCaGF zXN+pHkubw*msGBTY27BKHv)RRh3;nMg4&$fD_6X9Vt~;_4D+5XPH~#Kn-yjcy!$}1 zigv#FNY>TqMhtIBb@UoF!cE~Q8~;!Pek>SQQwHnHuWKoVBosAiOr}q>!>aE*Krc)V zBUMEcJ5NU0g8}-h6i1zpMY9>m4ne?=U2~`w7K7Q0gB_=p@$5K7p6}thw z-~3dMj?YNX2X$lZ+7ngQ$=s}3mizNN@kE%OtB)?c&i~2L55z8^=yz;xMHLmlY>&Q# zJj?!)M#q_SyfkQh)k?j8IfLtB)ZCp|*vf4_B zos?73yd^h-Ac+;?E4*bpf=o*^3x3-`TVjbY4n6!EN10K6o@fxdyps05Vo3PU)otB} z`3kR+2w7_C#8Z!q`J)p{Vh!+m9-UP!$STp+Hb}}#@#_u^SsUQg<}59< zTvH3%XS4G+6FF^(m6bVF&nSUIXcl;nw{=H$%fgeJ>CgDYiLdpDXr{;-AnG z8dvcrHYVMI&`R6;GWekI@Ir3!uo)oz4^{6q0m^}@f2tM9&=YHNi6-?rh0-{+k@cQm zdp`g#YdQn%MDVg2GR>wZ`n2<0l4)9nx1Wfr&!Dvz=bPwU!h2S?ez6MVc5APE4-xLB zi&W9Q8k2@0w!C53g?iAIQ}~p*3O(@zja6KQ=M3zfW*_6o5SwR-)6VBh~m7{^-=MC-owYH5-u40a}a0liho3QZZ5L{bS_xM1)4}19)zTU$$MY zq3eZML1WC{K%YFd`Be0M-rkO^l?h{kM{$2oK1*A@HVJ57*yhDkUF!2WZ&oA4Y-sK( zCY69%#`mBCi6>6uw(x4gbFaP0+FD*JKJ-q!F1E?vLJ+d35!I5d7@^eU?(CS|C^tmI5?lv@s{{*|1F zFg|OzNpZ0hxljdjaW%45O0MOttRrd(Z?h{HYbB-KFUx&9GfFL3b8NwZ$zNu)WbBD` zYkj$^UB5%3Pj1MDr>S2Ejr9pUcgA!;ZG!@{uAy12)vG=*^9-|dNQBc8&`oxBlU~#y zs!anJX&T?57Jdr^sb>e+V`MVfY>Y0ESg7MG<7W0g&bR-ZYzzZ%2H&Etcp zcd6QeXO1D!5A#zM0lx*GH}`M)2~ZFLE;sP^RSB5wVMNfiZXPd(cmO>j=OSA3`o5r& zna(|^jGXbdN7PK)U8b7^zYtYkkeb%<%F~=OqB~kXMQkq}ii|skh@WSRt>5za;cjP0 zZ~nD%6)wzedqE}BMLt~qKwlvTr33))#uP~xyw#*Eaa|DbMQ_%mG0U8numf8)0DX`r zRoG2bM;#g|p-8gWnwRV5SCW0tLjLO&9Z?K>FImeIxlGUgo0Zk`9Qzhj1eco~7XZy+hXc@YF&ZQ=? zn*^1O56yK^x{y}q`j7}blGCx%dydV!c7)g~tJzmHhV=W~jbWRRR{1<^oDK+1clprm zz$eCy7y9+?{E|YgkW~}}iB#I4XoJ*xr8R?i_Hv$=Cof5bo-Nj~f`-DLebH}&0% zfQj9@WGd4;N~Y?mzQsHJTJq6!Qzl^-vwol(+fMt#Pl=Wh#lI5Vmu@QM0=_r+1wHt` z+8WZ~c2}KQQ+q)~2Ki77QvV&`xb|xVcTms99&cD$Zz4+-^R4kvUBxG8gDk7Y`K*)JZ^2rL(+ZWV~%W(@6 z)0bPArG#BROa_PHs~&WplQ_UIrpd)1N1QGPfv!J(Z9jNT#i%H?CE6|pPZb9hJ1JW4 z^q;ft#!HRNV0YgPojzIYT`8LuET2rUe-J|c!9l4`^*;4WtY@Ew@pL>wkjmMgGfN7 ze}}GtmU0@<_#08~I-Suk=^*9GLW=H4xhsml;vAV{%hy5Eegl@!6qKqbG024%n2HHw zCc@ivW_$@5ZoHP70(7D+(`PvgjW1Pd`wsiuv-aCukMrafwDm)B!xXVy*j2opohhoU zcJz%ADmj>i3`-3-$7nQKBQQuGY;2Qt&+(L~C>vSGFj5{Mlv?T_^dql;{zkpe4R1}R z%XfZyQ}wr*sr>jrKgm*PWLjuVc%6&&`Kbf1SuFpHPN&>W)$GmqC;pIoBC`=4-hPY8 zT*>%I2fP}vGW;R=^!1be?ta2UQd2>alOFFbVl;(SQJ4Jk#)4Z0^wpWEVvY4=vyDk@ zqlModi@iVPMC+{?rm=4(n+<;|lmUO@UKYA>EPTS~AndtK^Wy^%#3<;(dQdk3WaUkRtzSMC9}7x2||CNpF#(3T4C)@ z$~RWs`BNABKX|{cmBt>Q=&gkXl&x!!NK_%5hW0LS)Z4PB>%sV?F-{Wyj#s7W%$F{D zXdK^Fp3wvy+48+GP6F_|^PCRx=ddcTO3sG;B23A49~Qaw31SZ0Rc~`r4qqt%#OGW{ zCA_(LG5^N>yzUn&kAgVmxb=EA8s&tBXC}S1CZ(KoW)(%^JjLTPo^fs`Va;`=YlVPgmB$!yB}<(4ym6OeZ3xAJJ#;)2+B%p3P1Wt+d$eo`vz`T zXfUP2))kBDPoscH;Jc7I3NU<({|@wM$&GaDt`n7WLgIY3IA7A6-_R?z8N3mz|}*i z(zl5ot--Oq@f2-nv{X(ujT2T(k1vY_qh93pK@>H-qc%2Xta)IP0Q%zt%bqYgI`o!wv!0QerB`nCN^1n|@$sVOQ!V0teVG!I z_fD%JvfDeT1cK#-{o6Gv7}& zY0#NWin~kVaf$aufV&;63Hbs|`QVZWpDX6IMk1Hj2G}fiH9e-^6u2zf^FIr^BwD<6zjw63+{yUe8PUFvk8v{sJ=R{d#`O!sz`Q13~< zPT$JS(w=yQfU2`zPCNfSw=&zup@DXc(98afjhv@1w_f!m2Z>rMJ19AB&dB%P#Ls3b z=lK7OILM+SQ&VEd=1GN6o&>YVVtIzoZ%=Z_SdqJN2}E43{bE`>w+A;=y->@^k{oCC z$F*WTY&?34;kfyFV?b*Xb1Pq`Z=%OgwEg)Rz)tx=`f%5#w_INP=x&z5!jI;#;N$ma zhO)+MDm;SxOEVL15; zGq(v2pL3&P1Sl)8P*;G-fd{l1QJsv@e@d8)1PK4w2m*M%V3j-V~L^$i|&C@b?D?9tfwE{B^}Z$k8e5FmQ>v7Xz)sG32g9t}YBt zyR$+*_00RmPx+0mW+vVG4mxd(n$(eQf3-w>JPl2UJpafrPaL5@2j}%{VE-) zBI%6Qpj*dsdH<;g!S!avA~bv^0E+ zfyJbSjPb+j;J52U)<|cIcntQBI2T#>2;tOxu{%D?kML476AErF(qN9hPva5Nkc@BF zC-tLF@3ZFb%Kpj)M<{)x*l|*Ia@ECeXo2E4h2f!aV=cHAhi_E_mfUth(sM4^hJq7B zQsGWqdZUm9S%F`$nQ*_#NcuD`&)Ek%_s{&^78{9Hm ztri&rYLOxgFdG>O@+XHy z9#;|&vBCPXH5Mon^I`jSuR$&~ZWtyB67ujzFSj!51>#C}C17~TffQ{c-!QFQkTQ%! zIR^b1`zHx|*1GU?tbBx23weFLz5H?y_Q%N&t$}k?w+``2A=aotj0;2v$~AL z{scF-cL{wsdrmPvf#a9OHyYLcwQD4Kcm)`LLwMh4WT~p29f7M!iafJSU`IV}QY5Wa z(n44-9oA}?J{a+ah*@31WTs#&J#o1`H98#6IQf;Wv0N_!);f&9g7o-k(lW5rWnDUR zQBFIRG+X=6NnsI@mxnwm;tf5;_Uxg?jZ8m-m0}&6+DA!qam(p$mN5R})yA_7m$q@| zFEd|dpS595rxQr-n#GjI5i-AhnUE>Cr;jpCqSrD~EwK_DqI^7%3#p5)%T_od!t3SOmH9MyXeeGO2(UQL;ax|x?Ncixmeo1=$ z{-);Au{*tfzOG?KQ~K|ak8-HQ?`Pekhe2WM(8s{xv-p>Zmu_6{G!-oE$7$mY`MOJorI=+mMx?H;`pr!;fVYz?5~yXBACruWB`Ph zZM}90_<^OBxIhyZ9BW$`>6JvO;%VFpqVr8|7t3~AmxYak6?`Pp#c;**_SYmi`&z23 z`p6_~ePvH)C6x-G9$hgL=eVALq`-AiamN>!3~Lxw&{H(b{B(7xSRm6<3<{%{yXiH# zos5Rv1L+8fUKJLo%P>4I&$}y \(.*\)$'` - if expr "$link" : '/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`"/$link" - fi -done -SAVED="`pwd`" -cd "`dirname \"$PRG\"`/" >/dev/null -APP_HOME="`pwd -P`" -cd "$SAVED" >/dev/null - -APP_NAME="Gradle" -APP_BASE_NAME=`basename "$0"` - -# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' - -# Use the maximum available, or set MAX_FD != -1 to use that value. -MAX_FD="maximum" - -warn () { - echo "$*" -} - -die () { - echo - echo "$*" - echo - exit 1 -} - -# OS specific support (must be 'true' or 'false'). -cygwin=false -msys=false -darwin=false -nonstop=false -case "`uname`" in - CYGWIN* ) - cygwin=true - ;; - Darwin* ) - darwin=true - ;; - MINGW* ) - msys=true - ;; - NONSTOP* ) - nonstop=true - ;; -esac - -CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar - -# Determine the Java command to use to start the JVM. -if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - if [ ! -x "$JAVACMD" ] ; then - die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME - -Please set the JAVA_HOME variable in your environment to match the -location of your Java installation." - fi -else - JAVACMD="java" - which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. - -Please set the JAVA_HOME variable in your environment to match the -location of your Java installation." -fi - -# Increase the maximum file descriptors if we can. -if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then - MAX_FD_LIMIT=`ulimit -H -n` - if [ $? -eq 0 ] ; then - if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then - MAX_FD="$MAX_FD_LIMIT" - fi - ulimit -n $MAX_FD - if [ $? -ne 0 ] ; then - warn "Could not set maximum file descriptor limit: $MAX_FD" - fi - else - warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" - fi -fi - -# For Darwin, add options to specify how the application appears in the dock -if $darwin; then - GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" -fi - -# For Cygwin or MSYS, switch paths to Windows format before running java -if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then - APP_HOME=`cygpath --path --mixed "$APP_HOME"` - CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` - JAVACMD=`cygpath --unix "$JAVACMD"` - - # We build the pattern for arguments to be converted via cygpath - ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` - SEP="" - for dir in $ROOTDIRSRAW ; do - ROOTDIRS="$ROOTDIRS$SEP$dir" - SEP="|" - done - OURCYGPATTERN="(^($ROOTDIRS))" - # Add a user-defined pattern to the cygpath arguments - if [ "$GRADLE_CYGPATTERN" != "" ] ; then - OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" - fi - # Now convert the arguments - kludge to limit ourselves to /bin/sh - i=0 - for arg in "$@" ; do - CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` - CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option - - if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition - eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` - else - eval `echo args$i`="\"$arg\"" - fi - i=`expr $i + 1` - done - case $i in - 0) set -- ;; - 1) set -- "$args0" ;; - 2) set -- "$args0" "$args1" ;; - 3) set -- "$args0" "$args1" "$args2" ;; - 4) set -- "$args0" "$args1" "$args2" "$args3" ;; - 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; - 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; - 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; - 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; - 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; - esac -fi - -# Escape application args -save () { - for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done - echo " " -} -APP_ARGS=`save "$@"` - -# Collect all arguments for the java command, following the shell quoting and substitution rules -eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" - -exec "$JAVACMD" "$@" diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat deleted file mode 100644 index acdc32e2d..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/gradlew.bat +++ /dev/null @@ -1,103 +0,0 @@ -@rem -@rem Copyright (c) 2021 Huawei Device Co., Ltd. -@rem -@rem Licensed under the Apache License, Version 2.0 (the "License"); -@rem you may not use this file except in compliance with the License. -@rem You may obtain a copy of the License at -@rem -@rem http://www.apache.org/licenses/LICENSE-2.0 -@rem -@rem Unless required by applicable law or agreed to in writing, software -@rem distributed under the License is distributed on an "AS IS" BASIS, -@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -@rem See the License for the specific language governing permissions and -@rem limitations under the License. -@rem - -@if "%DEBUG%" == "" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Resolve any "." and ".." in APP_HOME to make it shorter. -for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto init - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:init -@rem Get command-line arguments, handling Windows variants - -if not "%OS%" == "Windows_NT" goto win9xME_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% - -:end -@rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle deleted file mode 100644 index 4773db732..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/settings.gradle +++ /dev/null @@ -1 +0,0 @@ -include ':entry' diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle index 924a888a1..1a5f01714 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle @@ -3,6 +3,17 @@ apply plugin: 'com.huawei.ohos.app' //For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 ohos { + signingConfigs { + release { + storeFile file('D:\\myKey\\myApplication.p12') + storePassword '00000019158AC866FF55373F18ED315DEED8BB1B9C4423EEA7DA65E15E2C670DCF82991936587199A8' + keyAlias = 'fcx_app' + keyPassword '000000194B2CB7E4FF552AC3A6435D0061BD7A5A5357AECE4EDAD989D1B61DFEF758FCAB0B9DAADD63' + signAlg = 'SHA256withECDSA' + profile file('D:\\myKey\\myApplication_ohos_Provision.p7b') + certpath file('D:\\myKey\\myApplication_ohos.cer') + } + } compileSdkVersion 7 } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json index 8de07a383..8b2995420 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/config.json @@ -41,6 +41,26 @@ "label": "$string:entry_MainAbility", "type": "page", "launchType": "standard" + }, + { + "skills": [ + { + "entities": [ + "entity.system.home" + ], + "actions": [ + "action.system.home" + ] + } + ], + "orientation": "portrait", + "visible": true, + "name": "com.example.myapplication.GrantAbility", + "icon": "$media:icon", + "description": "$string:mainability_description", + "label": "$string:entry_MainAbility", + "type": "page", + "launchType": "standard" } ], "js": [ @@ -56,7 +76,10 @@ "pages/app-name", "pages/location-info", "pages/app-name-plus", - "pages/other-permissions" + "pages/other-permissions", + "pages/calendar", + "pages/dialog", + "pages/dialogPlus" ], "name": "default", "window": { diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets index d4332cdc6..98e91a0d4 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets @@ -34,7 +34,7 @@ export struct alphabetIndexerComponent { } build() { - Flex({ justifyContent: FlexAlign.End }) { + Flex({ justifyContent: FlexAlign.Start }) { AlphabetIndexer({ ArrayValue: this.value, selected: this.alphabeticalIndex }) .selectedColor(0xffffff) // 选中颜色 .popupColor(0xFFFAF0) // 弹出框颜色 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets index a5d8ff6da..cb999982b 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets @@ -65,7 +65,6 @@ export struct backBar { } } } - .width(360) .height(56) .constraintSize({ minHeight: "56vp" }) .alignItems(HorizontalAlign.Start) diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets deleted file mode 100644 index 5fb0927b5..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/category.ets +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { categoryListItem } from "../model/categoryList.ets" - -@Component -export struct categoryPage { - build() { - Column() { - categoryList({ - categoryListItem: categoryListItem, - }) - } - } -} - -@Component -struct categoryList { - private categoryListItem: any[] - @State color: string[] = [ - "#ffffff", - "#ffffff", - "#ffffff", - "#ffffff", - "#ffffff", - "#ffffff", - "#ffffff", - "#e5f3ff", - "#ffffff", - "#ffffff", - "#ffffff" - ] - private listState: number = 0 - - build() { - Column() { - List() { - ForEach(this.categoryListItem, (item) => { - ListItem() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Image(item.image) - .objectFit(ImageFit.Contain) - .height(25) - .width(25) - .margin({ - left: "10vp", - right: "15vp" - }) - Text(item.name) - .fontSize("18vp") - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Image(item.icon) - .objectFit(ImageFit.Contain) - .height(20) - .width(20) - } - }.margin({ - top: '16vp' - } - ) - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - .margin({ - top: '10vp', - left: '24%' - }) - } - } - .backgroundColor(this.color[item.index - 1]) - .width('100%') - .height('10%') - .borderRadius('25px') - .margin({ - bottom: '10vp' - }) - .onClick(() => { - if (this.color[item.index - 1] == "#ffffff") { - for (var i = 0; i < this.color.length; i++) { - if (i == item.index - 1) { - this.color[i] = "#e5f3ff" - } else { - this.color[i] = "#ffffff" - } - } - } - this.listState = item.index - 1; - console.debug("you click" + this.listState) - }) - } - }, item => item.index.toString()) - }.width('40%') - Divider() - .vertical(true) - .color($r('app.color.divider_color')) - .width('2vp') - .margin({ - top: "8vp", - bottom: "8vp" - }) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets index 5aba06993..689f130db 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets @@ -14,42 +14,14 @@ */ import { dialogData } from "../model/dialogDataList.ets" +import { permissionGroups, groups } from "../model/permissionGroup.ets" +import bundle from '@ohos.bundle'; @Extend(Button) function customizeButton() { .backgroundColor($r('app.color.default_background_color')) .fontColor($r('app.color.button_color')) } -@CustomDialog -export struct positionDialog { - @Link messageList: string[] - controller: CustomDialogController - cancel: () => void - confirm: () => void - - build() { - Column() { - Text('是否开启定位服务?').width('45%').fontSize(16).margin({ top: 20, bottom: 10 }) - Flex({ justifyContent: FlexAlign.SpaceAround }) { - Button('禁止') - .onClick(() => { - this.controller.close() - this.cancel() - }).customizeButton() - Text('|').fontSize(25).fontColor($r('app.color.divider_color')).margin({ top: 3 }) - Button('允许') - .onClick(() => { - this.controller.close() - this.confirm() - }).customizeButton() - }.margin({ bottom: 10 }) - }.backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .height(100) - .width(336) - } -} - @CustomDialog export struct spaceDialog { controller: CustomDialogController @@ -58,7 +30,7 @@ export struct spaceDialog { build() { Column() { - Image($r('app.media.ic_nearby')) + Image($r('app.media.ic_ssensor')) .width(24) .height(24) .margin({ @@ -67,7 +39,7 @@ export struct spaceDialog { Column() { Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text('是否允许“XX”查找、连接附近设备?').fontSize(16) + Text('是否允许“XX”使用身体传感器?').fontSize(16) .margin({ top: 16, left: 24 @@ -118,17 +90,18 @@ export struct privacyDialog { controller: CustomDialogController cancel: () => void confirm: () => void + @State permissionList: Array = [] build() { Column() { - if (this.count < dialogData.length) { + if (this.count < this.permissionList.length) { Image(dialogData[this.count].icon) .width(24) .height(24) .margin({ top: 24 }) - Text(`${this.count + 1} / ${dialogData.length}`) + Text(`${this.count + 1} / ${this.permissionList.length}`) .fontSize(14) .fontColor($r('app.color.secondary_font_color')) .margin({ @@ -137,7 +110,7 @@ export struct privacyDialog { Column() { Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text(dialogData[this.count].message1).fontSize(16) + Text("是否允许该应用访问" + this.current().groupName).fontSize(16) .margin({ top: 16, left: 24 @@ -146,7 +119,7 @@ export struct privacyDialog { } Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text(dialogData[this.count].message2).fontSize(14) + Text("用于" + this.current().description).fontSize(14) .fontColor($r('app.color.secondary_font_color')) .margin({ top: 2, @@ -162,18 +135,22 @@ export struct privacyDialog { .fontSize(16) .onClick(() => { this.cancel() - if (this.count === dialogData.length) { - this.controller.close() - } + setTimeout(() => { + if (this.count === this.permissionList.length) { + this.controller.close() + } + }, 1) }).customizeButton() Text('|').fontSize(30).fontColor($r('app.color.divider_color')) Button('允许') .fontSize(16) .onClick(() => { this.confirm() - if (this.count === dialogData.length) { - this.controller.close() - } + setTimeout(() => { + if (this.count === this.permissionList.length) { + this.controller.close() + } + }, 1) }).customizeButton() }.margin({ top: 8 @@ -185,4 +162,16 @@ export struct privacyDialog { .height(186) .width(336) } + current() { + var current = this.permissionList[this.count] + var permission = permissionGroups.filter(item => item.name == current) + var group = groups.filter(item => item.name == permission[0].group) + return group[0] + } + + aboutToAppear() { + bundle.getApplicationInfo('com.example.myapplication', 0x00000000, 0).then(res => { + this.permissionList = res.permissions + }) + } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets index 79ccd9496..30b569689 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets @@ -23,12 +23,11 @@ export struct textInput { .padding({ left: 36 }) .type(InputType.Normal) .border({ radius: 20 }) - .placeholderColor($r('app.color.secondary_font_color')) + .placeholderColor($r('app.color.default_background_color')) .placeholderFont({ size: '16vp', weight: FontWeight.Normal, family: "sans-serif", style: FontStyle.Normal }) .caretColor($r('app.color.secondary_font_color')) .backgroundColor($r('app.color.default_background_color')) .height(40) - .width(324) .onChange((value: string) => { }) @@ -43,7 +42,7 @@ export struct textInput { .objectFit(ImageFit.Contain) .width(16) .height(16) - .margin({ left: -312, top: 12 }) + .margin({ left: -300, top: 12 }) } } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets deleted file mode 100644 index cb0cfa744..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/titleBar.ets +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -@Component -export struct titleBar { - build() { - Column() { - Text($r('app.string.settings')) - .fontColor($r('app.color.title_text_color')) - .fontSize("24fp") - .margin({ - left: "14vp", - right: "24vp", - top: "12vp" - }) - } - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .width('40%') - .height(56) - .constraintSize({ minHeight: "56vp" }) - .alignItems(HorizontalAlign.Start) - .backgroundColor($r('app.color.background_color')) - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets index bf8f8bc76..f24fa36e9 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets @@ -19,24 +19,11 @@ export const authorityListItem: any[] = [ { 'name': '麦克风', 'index': 3, 'image': $r('app.media.ic_public_voice'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, ] export const messageListItem: any[] = [ - { 'name': '电话', 'index': 1, 'image': $r('app.media.ic_public_phone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '信息', 'index': 2, 'image': $r('app.media.ic_public_message'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '通讯录', 'index': 3, 'image': $r('app.media.ic_public_contacts_group'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '通话记录', 'index': 4, 'image': $r('app.media.ic_call_logs'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '媒体和文件', 'index': 5, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '健身运动', 'index': 7, 'image': $r('app.media.ic_sport'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '身体传感器', 'index': 8, 'image': $r('app.media.ic_ssensor'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '附近设备', 'index': 9, 'image': $r('app.media.ic_nearby'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } -] -export const appInstallListItem: any[] = [ - { 'name': '已安装应用列表', 'index': 1, 'image': $r('app.media.in_app_installations'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '应用内安装其他应用', 'index': 2, 'image': $r('app.media.in_app_installations'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '创建桌面快捷方式', 'index': 3, 'image': $r('app.media.ic_forward'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '悬浮窗', 'index': 4, 'image': $r('app.media.ic_dropzone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } -] -export const otherPermissionsListItem: any[] = [ - { 'name': '其他权限', 'index': 1, 'image': $r('app.media.ic_more'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } + { 'name': '媒体和文件', 'index': 1, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '日历', 'index': 2, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '健身运动', 'index': 3, 'image': $r('app.media.ic_sport'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '身体传感器', 'index': 4, 'image': $r('app.media.ic_ssensor'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '多设备协同', 'index': 5, 'image': $r('app.media.ic_dropzone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } ] export const applicationListItem: any[] = [ { 'name': '备忘录', 'index': 1, 'image': $r('app.media.beiwanglu'), 'message': '6项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'B' }, diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets new file mode 100644 index 000000000..3ec8b5776 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets @@ -0,0 +1,753 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const definePermissions: any[] = [ + { + "name": "ohos.permission.ANSWER_CALL", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_answer_call", + "description": "$string:ohos_desc_answer_call" + }, + { + "name": "ohos.permission.USE_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.DISCOVER_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_BLUETOOTH", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INTERNET", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_internet", + "description": "$string:ohos_desc_internet" + }, + { + "name": "ohos.permission.MODIFY_AUDIO_SETTINGS", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_modify_audio_settings", + "description": "$string:ohos_desc_modify_audio_settings" + }, + { + "name": "ohos.permission.READ_CALENDAR", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_calendar", + "description": "$string:ohos_desc_read_calendar" + }, + { + "name": "ohos.permission.READ_CALL_LOG", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_call_log", + "description": "$string:ohos_desc_read_call_log" + }, + { + "name": "ohos.permission.READ_CELL_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_cell_messages", + "description": "$string:ohos_desc_read_cell_messages" + }, + { + "name": "ohos.permission.READ_CONTACTS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_contacts", + "description": "$string:ohos_desc_read_contacts" + }, + { + "name": "ohos.permission.GET_TELEPHONY_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_telephony_state", + "description": "$string:ohos_desc_get_telephony_state" + }, + { + "name": "ohos.permission.READ_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_messages", + "description": "$string:ohos_desc_read_messages" + }, + { + "name": "ohos.permission.RECEIVE_MMS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_mms", + "description": "$string:ohos_desc_receive_mms" + }, + { + "name": "ohos.permission.RECEIVE_SMS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_sms", + "description": "$string:ohos_desc_receive_sms" + }, + { + "name": "ohos.permission.RECEIVE_WAP_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_receive_wap_messages", + "description": "$string:ohos_desc_receive_wap_messages" + }, + { + "name": "ohos.permission.MICROPHONE", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_microphone", + "description": "$string:ohos_desc_microphone" + }, + { + "name": "ohos.permission.SEND_MESSAGES", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_send_messages", + "description": "$string:ohos_desc_send_messages" + }, + { + "name": "ohos.permission.WRITE_CALENDAR", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_calendar", + "description": "$string:ohos_desc_write_calendar" + }, + { + "name": "ohos.permission.WRITE_CALL_LOG", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_call_log", + "description": "$string:ohos_desc_write_call_log" + }, + { + "name": "ohos.permission.WRITE_CONTACTS", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_write_contacts", + "description": "$string:ohos_desc_write_contacts" + }, + { + "name": "ohos.permission.DISTRIBUTED_DATASYNC", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_distributed_datasync", + "description": "$string:ohos_desc_distributed_datasync" + }, + { + "name": "ohos.permission.MANAGE_VOICEMAIL", + "grantMode": "user_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_manage_voicemail", + "description": "$string:ohos_desc_manage_voicemail" + }, + { + "name": "ohos.permission.REQUIRE_FORM", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.LOCATION_IN_BACKGROUND", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_location_in_background", + "description": "$string:ohos_desc_location_in_background" + }, + { + "name": "ohos.permission.LOCATION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_location", + "description": "$string:ohos_desc_location" + }, + { + "name": "ohos.permission.MEDIA_LOCATION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_media_location", + "description": "$string:ohos_desc_media_location" + }, + { + "name": "ohos.permission.GET_NETWORK_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_network_info", + "description": "$string:ohos_desc_get_network_info" + }, + { + "name": "ohos.permission.PLACE_CALL", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_place_call", + "description": "$string:ohos_desc_place_call" + }, + { + "name": "ohos.permission.CAMERA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_camera", + "description": "$string:ohos_desc_camera" + }, + { + "name": "ohos.permission.SET_NETWORK_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_network_info", + "description": "$string:ohos_desc_set_network_info" + }, + { + "name": "ohos.permission.REMOVE_CACHE_FILES", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.READ_MEDIA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_read_media", + "description": "$string:ohos_desc_read_media" + }, + { + "name": "ohos.permission.REBOOT", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.RUNNING_LOCK", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.WRITE_MEDIA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_write_media", + "description": "$string:ohos_desc_write_media" + }, + { + "name": "com.huawei.permission.DISTRIBUTED_VIRTUALDEVICE", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_distributed_virtualdevice", + "description": "$string:ohos_desc_distributed_virtualdevice" + }, + { + "name": "ohos.permission.ENROLL_BIOMETRIC", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_enroll_biometric", + "description": "$string:ohos_desc_enroll_biometric" + }, + { + "name": "ohos.permission.ACCESS_BIOMETRIC", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_access_biometric", + "description": "$string:ohos_desc_access_biometric" + }, + { + "name": "ohos.permission.ACCESS_BIOMETRIC_INTERNAL", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_access_biometric_internal", + "description": "$string:ohos_desc_access_biometric_internal" + }, + { + "name": "ohos.permission.RESET_BIOMETRIC_LOCKOUT", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": false, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_reset_biometric_lockout", + "description": "$string:ohos_desc_reset_biometric_lockout" + }, + { + "name": "ohos.permission.SET_TIME", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_time", + "description": "$string:ohos_desc_set_time" + }, + { + "name": "ohos.permission.SET_TIME_ZONE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_time_zone", + "description": "$string:ohos_desc_set_time_zone" + }, + { + "name": "ohos.permission.DOWNLOAD_SESSION_MANAGER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_download_session_manager", + "description": "$string:ohos_desc_download_session_manager" + }, + { + "name": "ohos.permission.COMMONEVENT_STICKY", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": true, + "label": "$string:ohos_lab_commonevent_sticky", + "description": "$string:ohos_desc_commonevent_sticky" + }, + { + "name": "ohos.permission.SYSTEM_FLOAT_WINDOW", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.POWER_MANAGER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REFRESH_USER_ACTION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.POWER_OPTIMIZATION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REBOOT_RECOVERY", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_LOCAL_ACCOUNTS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_manage_local_accounts", + "description": "$string:ohos_desc_manage_local_accounts" + }, + { + "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_interact_across_local_accounts", + "description": "$string:ohos_desc_interact_across_local_accounts" + }, + { + "name": "ohos.permission.VIBRATE", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_vibrate", + "description": "$string:ohos_desc_vibrate" + }, + { + "name": "ohos.permission.ACTIVITY_MOTION", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_activity_motion", + "description": "$string:ohos_desc_activity_motion" + }, + { + "name": "ohos.permission.READ_HEALTH_DATA", + "grantMode": "user_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_read_health_data", + "description": "$string:ohos_desc_read_health_data" + }, + { + "name": "ohos.permission.CONNECT_IME_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_connect_ime_ability", + "description": "$string:ohos_desc_connect_ime_ability" + }, + { + "name": "ohos.permission.CONNECT_SCREEN_SAVER_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.READ_SCREEN_SAVER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.WRITE_SCREEN_SAVER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SET_WALLPAPER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_wallpaper", + "description": "$string:ohos_desc_set_wallpaper" + }, + { + "name": "ohos.permission.GET_WALLPAPER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_get_wallpaper", + "description": "$string:ohos_desc_get_wallpaper" + }, + { + "name": "ohos.permission.CHANGE_ABILITY_ENABLED_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCESS_MISSIONS", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.KEEP_BACKGROUND_RUNNING", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.UPDATE_CONFIGURATION", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_interact_across_local_accounts_extension", + "description": "$string:ohos_desc_interact_across_local_accounts_extension" + }, + { + "name": "ohos.permission.LISTEN_BUNDLE_CHANGE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.ACCELEROMETER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_accelerometer", + "description": "$string:ohos_desc_accelerometer" + }, + { + "name": "ohos.permission.GYROSCOPE", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_gyroscope", + "description": "$string:ohos_desc_gyroscope" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.INSTALL_BUNDLE", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_SHORTCUTS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.radio.ACCESS_FM_AM", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.SET_TELEPHONY_STATE", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_set_telephony_state", + "description": "$string:ohos_desc_set_telephony_state" + }, + { + "name": "ohos.permission.START_ABILIIES_FROM_BACKGROUND", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.BUNDLE_ACTIVE_INFO", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_bundle_active_info", + "description": "$string:ohos_desc_bundle_active_info" + }, + { + "name": "ohos.permission.START_INVISIBLE_ABILITY", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.sec.ACCESS_UDID", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.LAUNCH_DATA_PRIVACY_CENTER", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_MEDIA_RESOURCES", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.PUBLISH_AGENT_REMINDER", + "grantMode": "system_grant", + "availableScope": "normal", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_publish_agent_reminder", + "description": "$string:ohos_desc_publish_agent_reminder" + }, + { + "name": "ohos.permission.CONTROL_TASK_SYNC_ANIMATOR", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_control_task_sync_animator", + "description": "$string:ohos_desc_control_task_sync_animator" + }, + { + "name": "ohos.permission.INPUT_MONITORING", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.MANAGE_MISSIONS", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false + }, + { + "name": "ohos.permission.NOTIFICATION_CONTROLLER", + "grantMode": "system_grant", + "availableScope": "system_core", + "provisionEnable": true, + "distributedSceneEnable": false, + "label": "$string:ohos_lab_notification_controller", + "description": "$string:ohos_desc_notification_controller" + }, + { + "name": "ohos.permission.CONNECTIVITY_INTERNAL", + "grantMode": "system_grant", + "availableScope": "system_basic", + "provisionEnable": true, + "distributedSceneEnable": false + } +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets index f3c5572c2..f6dbf9c9b 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets @@ -14,7 +14,7 @@ */ export const dialogData: any[] = [ - { 'name': '权限1', 'index': 1, 'message1': '内容1','message2': '内容一', 'icon': $r("app.media.ic_exercise") }, + { 'name': '权限1', 'index': 1, 'message1': '是否允许"XX"访问健身运动','message2': '用于XXXX', 'icon': $r("app.media.ic_exercise") }, { 'name': '权限2', 'index': 2, 'message1': '内容2','message2': '内容二', 'icon': $r("app.media.ic_exercise") }, { 'name': '权限3', 'index': 3, 'message1': '内容3','message2': '内容三', 'icon': $r("app.media.ic_exercise") }, { 'name': '权限4', 'index': 4, 'message1': '内容4','message2': '内容四', 'icon': $r("app.media.ic_exercise") } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets index bf9dcd340..6bcb6341f 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets @@ -14,6 +14,12 @@ */ export const mediaDocListItem: any[] = [ - { 'name': '允许', 'index': 1, groupName: 'radio', checked: 1 }, - { 'name': '禁止', 'index': 2, groupName: 'radio', checked: 0 } + { 'name': '允许', 'index': 1, groupName: 'radio' }, + { 'name': '禁止', 'index': 2, groupName: 'radio' } +] +export const mediaListItem: any[] = [ + { 'name': '相机', 'index': 2, 'image': $r('app.media.ic_public_camera'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '麦克风', 'index': 3, 'image': $r('app.media.ic_public_voice'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '媒体和文件', 'index': 5, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, + { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } ] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets new file mode 100644 index 000000000..e37aabf77 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const permissionGroups: any[] = [ + { 'name': 'ohos.permission.READ_CALENDAR', "group": "CALENDAR"}, + { 'name': 'ohos.permission.WRITE_CALENDAR', "group": "CALENDAR"}, + { 'name': 'ohos.permission.READ_CALL_LOG', "group": "CALL_LOG"}, + { 'name': 'ohos.permission.WRITE_CALL_LOG', "group": "CALL_LOG"}, + { 'name': 'ohos.permission.READ_CONTACTS', "group": "CONTACTS"}, + { 'name': 'ohos.permission.WRITE_CONTACTS', "group": "CONTACTS"}, + { 'name': 'ohos.permission.ANSWER_CALL', "group": "PHONE"}, + { 'name': 'ohos.permission.MANAGE_VOICEMAIL', "group": "PHONE"}, + { 'name': 'ohos.permission.READ_CELL_MESSAGES', "group": "SMS"}, + { 'name': 'ohos.permission.READ_MESSAGES', "group": "SMS"}, + { 'name': 'ohos.permission.RECEIVE_MMS', "group": "SMS"}, + { 'name': 'ohos.permission.RECEIVE_SMS', "group": "SMS"}, + { 'name': 'ohos.permission.RECEIVE_WAP_MESSAGES', "group": "SMS"}, + { 'name': 'ohos.permission.SEND_MESSAGES', "group": "SMS"}, +] + +export const groups: any[] = [ + { 'name': 'CALENDAR', + "permissions": ["ohos.permission.READ_CALENDAR", 'ohos.permission.WRITE_CALENDAR'], + "groupName": '日历', + "description": '访问日历和活动' + }, + { 'name': 'CALL_LOG', + "permissions": ["ohos.permission.READ_CALL_LOG", 'ohos.permission.WRITE_CALL_LOG'], + "groupName": '通话记录', + "description": '读取和写入手机通话记录' + }, + { 'name': 'CONTACTS', + "permissions": ["ohos.permission.READ_CONTACTS", 'ohos.permission.WRITE_CONTACTS'], + "groupName": '通讯录', + "description": '访问您的通讯录' + }, + { 'name': 'PHONE', + "permissions": ["ohos.permission.ANSWER_CALL", 'ohos.permission.MANAGE_VOICEMAIL'], + "groupName": '电话', + "description": '拨打电话和管理通话' + }, + { 'name': 'SMS', + "permissions": ["ohos.permission.READ_CELL_MESSAGES", 'ohos.permission.READ_MESSAGES', 'ohos.permission.RECEIVE_MMS', 'ohos.permission.RECEIVE_SMS', 'ohos.permission.RECEIVE_WAP_MESSAGES', 'ohos.permission.SEND_MESSAGES'], + "groupName": '短信', + "description": '发送和查看短信' + }, +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets deleted file mode 100644 index 4e0561447..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/privacyList.ets +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const privacyListItem: any[] = [ - { 'name': '权限管理', 'index': 1, 'message': '', 'icon': $r('app.media.rightarrow') }, - { 'name': '定位服务', 'index': 2, 'message': '已开启', 'icon': $r('app.media.rightarrow') }, - { 'name': '隐私空间', 'index': 3, 'message': '', 'icon': $r('app.media.rightarrow') }, - { 'name': '广告与隐私', 'index': 4,'message': '', 'icon': $r('app.media.rightarrow') } -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets index 8d6e5c7be..a410d7466 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets @@ -13,8 +13,6 @@ * limitations under the License. */ -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" import { allowedListItem, bannedListItem } from "../common/model/appNameList.ets" import router from '@system.router' @@ -24,31 +22,52 @@ import router from '@system.router' struct appNamePlusPage { private routerData = router.getParams().routerData build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar({ title: JSON.stringify(this.routerData.name) }) - } - Row() { - // categoryPage() - Column() { - Scroll() { - appNameItem({ - allowedListItem: allowedListItem, - bannedListItem: bannedListItem, -// buttonListItem: buttonListItem - }) - } - }.width('100%') - }.layoutWeight(1).width(360) - } - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") + Row() { + Column() { + Row() { + backBar({ title: JSON.stringify(this.routerData.name) }) + } + Row() { + Column() { + Scroll() { + appNameItem({ + allowedListItem: allowedListItem, + bannedListItem: bannedListItem, + // buttonListItem: buttonListItem + }) + } + }.width('100%') + }.layoutWeight(1).width("100%") + } + } + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") + } + .height('100%') + } } } @Component struct appNameItem { + private routerData = router.getParams().routerData private allowedListItem: any[] private bannedListItem: any[] // private buttonListItem: any[] @@ -118,8 +137,8 @@ struct appNameItem { } }.onClick(() => { router.push({ - uri: 'pages/app-name', - params: { routerData: item } + uri: 'pages/media-documents', + params: { routerData: item} }) }) } @@ -164,7 +183,7 @@ struct appNameItem { } }.onClick(() => { router.push({ - uri: 'pages/app-name', + uri: 'pages/media-documents', params: { routerData: item } }) }) @@ -188,6 +207,10 @@ struct appNameItem { if (event.type === TouchType.Down) { } if (event.type === TouchType.Up) { + router.push({ + uri: 'pages/app-name', + params: { routerData: this.routerData.name } + }) } if (event.type === TouchType.Move) { if(event.touches[0].x < 0 || event.touches[0].x > 90 || event.touches[0].y > 0 || event.touches[0].y > 48) { @@ -202,9 +225,6 @@ struct appNameItem { .height('100%') .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets index 60acc9c60..f26f8e8f6 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets @@ -13,8 +13,6 @@ * limitations under the License. */ -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" import { calendarListItem, dynamicListItem } from "../common/model/appNameList.ets" import router from '@system.router' @@ -23,24 +21,44 @@ import router from '@system.router' struct appNamePage { private routerData = router.getParams().routerData build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar({ title: JSON.stringify(this.routerData.name) }) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { - // categoryPage() Column() { - Scroll() { - appNameItem({ - calendarListItem: calendarListItem, - dynamicListItem: dynamicListItem - }) + Row() { + backBar({ title: JSON.stringify(this.routerData) }) } + Row() { + Column() { + Scroll() { + appNameItem({ + calendarListItem: calendarListItem, + dynamicListItem: dynamicListItem + }) + } + } + }.layoutWeight(1).width("100%") } - }.layoutWeight(1).width(360) + } + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @@ -145,9 +163,6 @@ struct appNameItem { .width('100%') .height('100%') .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets index 9080c6268..787fa6016 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets @@ -13,13 +13,12 @@ * limitations under the License. */ -import { authorityListItem, messageListItem, appInstallListItem, otherPermissionsListItem, applicationListItem } from "../common/model/authorityManagementList.ets" -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" +import { authorityListItem, messageListItem, applicationListItem } from "../common/model/authorityManagementList.ets" import { backBar } from "../common/components/backBar.ets" import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" import { textInput } from "../common/components/search.ets" import router from '@system.router' +import bundle from "@ohos.bundle" @Extend(Text) function customizeText(fontSize: string) { .fontSize(fontSize) @@ -45,51 +44,64 @@ import router from '@system.router' struct authorityManagementPage { build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar( { title: JSON.stringify($r('app.string.authority_management')) }) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { - // categoryPage() Column() { - Column() { - Stack() { - Tabs() { - TabContent() { - Scroll() { - authorityItem({ - authorityListItem: authorityListItem, - messageListItem: messageListItem, - appInstallListItem: appInstallListItem, - otherPermissionsListItem: otherPermissionsListItem - }) - } - }.tabBar('权限') + Row() { + backBar( { title: JSON.stringify($r('app.string.authority_management')) }) + } + Row() { + Column() { + Column() { + Stack() { + Tabs() { + TabContent() { + Scroll() { + authorityItem({ + authorityListItem: authorityListItem, + messageListItem: messageListItem + }) + } + }.tabBar('权限') - TabContent() { - Scroll() { - applicationItem({ - applicationListItem: applicationListItem, - }) + TabContent() { + Scroll() { + applicationItem({ + applicationListItem: applicationListItem, + }) + } + }.tabBar('应用') } - }.tabBar('应用') + .backgroundColor($r('app.color.background_color')) + .barWidth(744) + .barMode(BarMode.Scrollable) + }.height('100%') } - .backgroundColor($r('app.color.background_color')) - .barWidth(744) - .barMode(BarMode.Scrollable) - }.height('100%') + } } - }.width('100%') + .layoutWeight(1) + } } .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } }) - .layoutWeight(1) - .width(360) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @@ -98,9 +110,7 @@ struct authorityManagementPage { struct authorityItem { private authorityListItem: any[] private messageListItem: any[] - private appInstallListItem: any[] - private otherPermissionsListItem: any[] -@Builder ListItemLayout(item, list) { + @Builder ListItemLayout(item, list) { ListItem() { Row() { Column() { @@ -128,22 +138,14 @@ struct authorityItem { } } }.onClick(() => { - if (item.name === '其他权限') { + if (item.name === '日历') { router.push({ - uri: 'pages/other-permissions', - }) - }else if (item.name === '位置信息') { - router.push({ - uri: 'pages/location-info', - }) - }else if (item.name === '媒体和文件') { - router.push({ - uri: 'pages/media-documents', + uri: 'pages/calendar', params: { routerData: item } }) - }else{ + } else { router.push({ - uri: 'pages/media-documents', + uri: 'pages/location-info', params: { routerData: item } }) } @@ -152,6 +154,18 @@ struct authorityItem { } }.padding({ left: 12, right: 12 }) } + aboutToAppear() { + console.info("start run testcase!!!!") +// bundle.getAllApplicationInfo(0x00000000,1) +// .then((Want) => { +// console.info( "yanxi" + JSON.stringify(Want)); +// console.log( "yanxi" + JSON.stringify(Want)); +// }) +// .catch((error) => { +// console.error('Operation failed. Cause: ' + JSON.stringify(error)); +// }) + + } build() { Row() { Column() { @@ -169,26 +183,9 @@ struct authorityItem { }, item => item.toString()) }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) }.margin({ top: 12 }).padding({ left: 12, right: 12 }) - Row() { - List() { - ForEach(this.appInstallListItem, (item) => { - this.ListItemLayout(item, this.appInstallListItem) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 12 }).padding({ left: 12, right: 12 }) - Row() { - List() { - ForEach(this.otherPermissionsListItem, (item) => { - this.ListItemLayout(item, this.otherPermissionsListItem) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 12 }).padding({ left: 12, right: 12 }) }.width('100%') .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } } @@ -242,7 +239,8 @@ struct applicationItem { Column() { Row() { textInput({ placeholder: '搜索应用' }) - }.padding({ left: 12, top: 8 }) +// .width("100%") + }.padding({ left: 12, top: 8, right: 4 }) Scroll() { Row() { Flex({ alignItems: ItemAlign.Start }) { @@ -265,12 +263,8 @@ struct applicationItem { } .margin({ top: 12 }) .width(24) - .padding({ right: 0 }) } - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets new file mode 100644 index 000000000..7938a47a3 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { backBar } from "../common/components/backBar.ets" +import { calendarListItem } from "../common/model/appNameList.ets" +import router from '@system.router' +@Entry +@Component +struct appNamePage { + build() { + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") + Row() { + Column() { + Row() { + backBar({title: JSON.stringify($r("app.string.calendar"))}) + } + Row() { + Column() { + Scroll() { + appNameItem({ + calendarListItem: calendarListItem, + }) + } + } + }.layoutWeight(1) + } + } + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") + } + .height('100%') + } + } +} + +@Component +struct appNameItem { + private calendarListItem: any[] + + build() { + Row() { + Column() { + Row() { + List() { + ForEach(this.calendarListItem, (item) => { + ListItem() { + Row() { + Column() { + Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { + Row() { + Text(item.name) + .fontSize(16) + .fontColor($r('app.color.text_color')) + .flexGrow(1) + Image($r('app.media.rightarrow')) + .objectFit(ImageFit.Contain) + .height(24) + .width(12) + } + .width('100%') + .height(48) + } + if (item.index !== this.calendarListItem.length) { + Row() { + Column() + .backgroundColor($r('app.color.text_decoration_color')) + .width('100%') + .height('2vp') + } + } + }.onClick(() => { + router.push({ + uri: 'pages/location-info', + params: { routerData: item } + }) + }) + } + }.padding({ left: 24, right: 24 }) + }, item => item.toString()) + }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) + }.margin({ top: 9 }).padding({ left: 24, right: 24 }) + } + .width('100%') + .height('100%') + .backgroundColor($r('app.color.background_color')) + } + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.GrantAbility/entry/src/main/ets/default/pages/dialog.ets rename to frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets new file mode 100644 index 000000000..0eb74ca8b --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { privacyDialog } from "../common/components/dialog.ets" +import { dialogData } from "../common/model/dialogDataList.ets" +import { permissionGroups, groups } from "../common/model/permissionGroup.ets" +import bundle from '@ohos.bundle'; +import prompt from '@system.prompt'; +import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; + +@Entry +@Component +struct dialogPlusPage { + @State count: number = 0 + @State userId: number = 0 + @State GET_BUNDLE_DEFAULT: number = 0x00000000 + privacyDialogController: CustomDialogController = new CustomDialogController({ + builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), + cancel: this.privacyExist, + autoCancel: true, + alignment: DialogAlignment.Bottom, + offset: { dx: 0 , dy: -12 }, + customStyle: true + }) + privacyAccept() { + bundle.getApplicationInfo('com.example.myapplication', this.GET_BUNDLE_DEFAULT, this.userId).then(async res => { + var acManager = abilityAccessCtrl.createAtManager() + var verify = await acManager.verifyAccessToken(res.accessTokenId, res.permissions[this.count]) + if(verify) { + var permission = permissionGroups.filter(item => item.name == res.permissions[this.count]) + if(permission.length) { + var group = groups.filter(item => item.name == permission[0].group) + await group[0].permissions.forEach(async item => { + var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, item) + acManager.grantUserGrantedPermission(res.accessTokenId, item, permissionFlag).then(result => { + if(result !== 0) { + prompt.showToast({ + message: '授权信息失败', + duration: 2000, + }); + } + }) + }) + this.verify(res.accessTokenId, res.permissions[this.count]) + }else { + var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, res.permissions[this.count]) + acManager.grantUserGrantedPermission(res.accessTokenId, res.permissions[this.count], permissionFlag).then(result => { + if(result !== 0) { + prompt.showToast({ + message: '授权信息失败', + duration: 2000, + }); + } + this.verify(res.accessTokenId, res.permissions[this.count]) + }) + } + }else { + this.verify(res.accessTokenId, res.permissions[this.count]) + } + }).catch(() => { + this.count < dialogData.length ? this.count += 1 : '' + }) + + } + privacyCancel() { + bundle.getApplicationInfo('com.example.myapplication', this.GET_BUNDLE_DEFAULT, this.userId).then(async res => { + var acManager = abilityAccessCtrl.createAtManager() + var verify = await acManager.verifyAccessToken(res.accessTokenId, res.permissions[this.count]) + if(verify) { + var permission = permissionGroups.filter(item => item.name == res.permissions[this.count]) + if(permission.length) { + var group = groups.filter(item => item.name == permission[0].group) + await group[0].permissions.forEach(async item => { + var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, item) + acManager.revokeUserGrantedPermission(res.accessTokenId, item, permissionFlag).then(result => { + if(result !== 0) { + prompt.showToast({ + message: '授权信息失败', + duration: 2000, + }); + } + }) + }) + this.verify(res.accessTokenId, res.permissions[this.count]) + }else { + var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, res.permissions[this.count]) + acManager.revokeUserGrantedPermission(res.accessTokenId, res.permissions[this.count], permissionFlag).then(result => { + if(result !== 0) { + prompt.showToast({ + message: '授权信息失败', + duration: 2000, + }); + } + this.verify(res.accessTokenId, res.permissions[this.count]) + }) + } + }else { + this.verify(res.accessTokenId, res.permissions[this.count]) + } + }).catch(() => { + this.count < dialogData.length ? this.count += 1 : '' + }) + + } + async verify(tokenId, permissions) { + if(this.count < dialogData.length) { + this.count += 1 + var acManager = abilityAccessCtrl.createAtManager() + var verify = await acManager.verifyAccessToken(tokenId, permissions) + if (verify) { + this.verify(tokenId, permissions) + } + } + } + privacyExist() { + console.info("exist") + } + aboutToAppear() { + this.privacyDialogController.open() + } + build() { + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets index c73e36217..23761a23b 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets @@ -14,8 +14,6 @@ */ import { applicationListItem } from "../common/model/authorityManagementList.ets" -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" import { textInput } from "../common/components/search.ets" @@ -43,23 +41,44 @@ import router from '@system.router' @Entry @Component struct locationInfoPage { + private routerData = router.getParams().routerData build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar({title: JSON.stringify($r("app.string.location_info"))}) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { - // categoryPage() Column() { - applicationItem({ - applicationListItem: applicationListItem - }) - }.width(360) + Row() { + backBar({title: JSON.stringify(this.routerData.name)}) + } + Row() { + Column() { + applicationItem({ + applicationListItem: applicationListItem + }) + }.width("100%") + } + .layoutWeight(1) + } } - .layoutWeight(1) + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @@ -109,7 +128,7 @@ struct applicationItem { Column() { Row() { textInput({ placeholder: '搜索应用' }) - }.padding({ left: 12 }) + }.padding({ left: 12, right: 4 }) .backgroundColor($r('app.color.background_color')) Row() { Flex({ alignItems:ItemAlign.Start, justifyContent: FlexAlign.Start }) { @@ -137,14 +156,11 @@ struct applicationItem { .padding({ top: 4, bottom: 4 }) }.margin({ top: 24 }) }.width('100%') - .height('89%') + .height('95%') .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } - }.padding({ left: 12 }).width(336) + }.padding({ left: 12 }) Column() { alphabetIndexerComponent({ page: 'location-info', applicationList: $applicationList }) }.width(24).padding({ top: 16 }) diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets index 5b098a51e..51173c37f 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets @@ -13,48 +13,85 @@ * limitations under the License. */ -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" -import { mediaDocListItem } from "../common/model/mediaDocList.ets" +import { mediaDocListItem, mediaListItem } from "../common/model/mediaDocList.ets" import router from '@system.router' +import AccessCtrl from "@ohos.abilityAccessCtrl" + @Entry @Component struct mediaDocumentPage { private routerData = router.getParams().routerData build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { -// titleBar() - backBar({title: JSON.stringify(this.routerData.name)}) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { -// categoryPage() Column() { - Scroll() { - otherMediaDocItem({ - mediaDocListItem:mediaDocListItem - }) + Row() { + backBar({title: JSON.stringify(this.routerData.name)}) } - }.width(360) + Row() { + Column() { + Scroll() { + otherMediaDocItem({ + mediaDocListItem:mediaDocListItem, + mediaListItem:mediaListItem + }) + } + }.width("100%") + } + .layoutWeight(1) + } } - .layoutWeight(1) + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @Component struct otherMediaDocItem { + aboutToAppear() { + console.info("yanxi" + "start run testcase!!!!") + AccessCtrl.createAtManager().verifyAccessToken(0, 'ohos.permission.PLACE_CALL') + .then((Want) => { + console.info( "yanxi" + Want); + console.info( "yanxi" + Want); + }) + .catch((error) => { + console.error("yanxi" + 'Operation failed. Cause: ' + error); + }) + } private routerData = router.getParams().routerData @State checkList: any[] = [1, 0] private mediaDocListItem: any[] + private mediaListItem: any[] build() { Column() { Row() { Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Image(this.routerData.image) +// Text(this.mediaListItem[0].name) +// this.mediaListItem.filter(item => { +// +// }) + Image(this.mediaListItem[0].image) .width(64) .height(64) .margin({left:24,right:12}) @@ -83,7 +120,8 @@ struct otherMediaDocItem { Row() { Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { Row() { - Text('媒体和文件访问权限') + Text(this.routerData.name + '访问权限') + .fontSize(16) }.margin({left:36,right:12}) } } @@ -118,7 +156,6 @@ struct otherMediaDocItem { this.checkList = [1, 0] } }) - Image($r('app.media.ic_ssensor')) }.backgroundColor($r('app.color.default_background_color')) .width('100%') .height('48') @@ -142,9 +179,5 @@ struct otherMediaDocItem { .backgroundColor($r('app.color.background_color')) } .backgroundColor($r('app.color.background_color')) - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) } } \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets index c376f0390..be5c75a60 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets @@ -13,8 +13,6 @@ * limitations under the License. */ -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" import { otherPermissionsListItem } from "../common/model/otherPermissionsList.ets" import router from '@system.router' @@ -22,26 +20,44 @@ import router from '@system.router' @Component struct permissionsPage { build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { -// titleBar() - backBar({title: JSON.stringify($r("app.string.other_permissions"))}) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { Column() { -// categoryPage() - } - Column() { - Scroll() { - otherPermissionsItem({ - otherPermissionsListItem: otherPermissionsListItem - }) + Row() { + backBar({title: JSON.stringify($r("app.string.other_permissions"))}) } - }.width(360) + Row() { + Column() { + Scroll() { + otherPermissionsItem({ + otherPermissionsListItem: otherPermissionsListItem + }) + } + }.width("100%") + } + .layoutWeight(1) + } } - .layoutWeight(1) + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @@ -98,9 +114,5 @@ struct otherPermissionsItem { .height('100%') .backgroundColor($r('app.color.background_color')) } - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) } } \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets index 322154909..7467ff5d1 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets @@ -14,8 +14,6 @@ */ import { permissionAccessRecordListItem } from "../common/model/permissionAccessRecordList.ets" -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" import { backBar } from "../common/components/backBar.ets" import router from '@system.router' @@ -33,34 +31,54 @@ import router from '@system.router' @Component struct permissionAccessRecordPage { build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar({ title: JSON.stringify($r('app.string.permission_access_record'))}) - } + GridContainer({ gutter: 0 }) { + Row() { + Row() + .useSizeType({ + xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, + md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } + }) + .height("100%") Row() { - // categoryPage() Column() { - Column() { - Flex({ justifyContent: FlexAlign.Start }) { - Text($r('app.string.authority_message')) - .fontSize("16vp") - .margin({ - left: '15vp' - }) - } - .backgroundColor($r('app.color.background_color')) - Scroll() { - permissionAccessRecordItem({ - permissionAccessRecordListItem: permissionAccessRecordListItem, - }) - } + Row() { + backBar({ title: JSON.stringify($r('app.string.permission_access_record'))}) } - }.width(360) + Row() { + Column() { + Column() { + Flex({ justifyContent: FlexAlign.Start }) { + Text($r('app.string.authority_message')) + .fontSize("16vp") + .margin({ + left: '15vp' + }) + } + .backgroundColor($r('app.color.background_color')) + Scroll() { + permissionAccessRecordItem({ + permissionAccessRecordListItem: permissionAccessRecordListItem, + }) + } + } + }.width("100%") + } + .layoutWeight(1) + } } - .layoutWeight(1) + .useSizeType({ + xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, + md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } + }) + .height("100%") + Row() + .useSizeType({ + xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, + md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } + }) + .height("100%") } + .height('100%') } } } @@ -172,16 +190,9 @@ struct permissionAccessRecordItem { }, item => item.index.toString()) } } - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) .width('100%') .height('100%') .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) + } } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets deleted file mode 100644 index afcdc8b09..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/privacy.ets +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { positionDialog, spaceDialog, privacyDialog } from "../common/components/dialog.ets" -import { titleBar } from "../common/components/titleBar.ets" -import { categoryPage } from "../common/components/category.ets" -import { backBar } from "../common/components/backBar.ets" -import { privacyListItem } from "../common/../common/model/privacyList.ets" -import { dialogData } from "../common/model/dialogDataList.ets" -import router from '@system.router' - -@Entry -@Component -struct privacyPage { - build() { - Flex({ justifyContent: FlexAlign.Center }) { - Column() { - Row() { - // titleBar() - backBar({title: JSON.stringify($r("app.string.privacy"))}) - } - Row() { - // categoryPage() - Column() { - Scroll() { - privacyItem({ - privacyListItem: privacyListItem - }) - } - }.width(360) - }.layoutWeight(1) - } - } - } -} - -@Component -struct privacyItem { - private privacyListItem: any[] - @State messageList: string[] = [ '', '未开启', '', ''] - @State count: number = 0 -// @State returnList :string[] = [] - positionDialogController: CustomDialogController = new CustomDialogController({ - builder: positionDialog({ cancel: this.positionCancel, confirm: this.positionAccept, messageList: $messageList }), - cancel: this.positionExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true - }) - positionCancel() { - const index = privacyListItem.findIndex((item) => { return item.name === '定位服务' }) - this.messageList[index] = '未开启' - } - positionAccept() { - const index = privacyListItem.findIndex((item) => { return item.name === '定位服务' }) - this.messageList[index] = '已开启' - } - positionExist() { - } - spaceDialogController: CustomDialogController = new CustomDialogController({ - builder: spaceDialog({ cancel: this.spaceCancel, confirm: this.spaceAccept }), - cancel: this.spaceExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true - }) - spaceCancel() { - } - spaceAccept() { - } - spaceExist() { - } - privacyDialogController: CustomDialogController = new CustomDialogController({ - builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), - cancel: this.privacyExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true - }) - privacyAccept() { - this.count < dialogData.length ? this.count += 1 : this.count = 0 - // this.returnList.push('0') - console.info('accept ' + this.count) - - } - privacyCancel() { - if (this.count < dialogData.length) { - this.count += 1 - // this.returnList.push('1') - } else { - this.count = 0 - // this.returnList = [] - } - console.info('cancel' + this.count) - - } - privacyExist() { - // this.returnList = [] - console.info("exist") - } - build() { - Row() { - Column() { - List() { - ForEach(this.privacyListItem, (item) => { - ListItem() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(18) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Text(this.messageList[item.index - 1]) - .fontSize(18) - .fontColor($r('app.color.icon_color')) - Image(item.icon) - .objectFit(ImageFit.Contain) - .height(20) - .width(20) - }.backgroundColor($r('app.color.default_background_color')) - .borderRadius('25px') - .width('100%') - .height('7%') - .margin({ - left: '10vp', - bottom: '10vp' - }) - } - }.margin({ right: '20vp'}).onClick(() => { - if (item.name === '权限管理') { - router.push({ uri: 'pages/authority-management' }) - } - if (item.name === '定位服务') { - this.positionDialogController.open() - } - if (item.name === '隐私空间') { - this.spaceDialogController.open() - } - if (item.name === '广告与隐私') { - this.privacyDialogController.open() - } - }) - } - }, item => item.toString()) - } - } - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - }.useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json index 2088d38fe..bca2742b6 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json +++ b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json @@ -58,7 +58,7 @@ }, { "name": "location_info_message", - "value": "已允许7个应用查找、连接附近的设备。" + "value": "系统定位服务开关开启时,已允许19个应用获取此设备的位置。" } ] } \ No newline at end of file -- Gitee From efacabee028e9ee4af9b1961778deb5a0b1bfb9a Mon Sep 17 00:00:00 2001 From: libing23 Date: Sat, 22 Jan 2022 11:03:03 +0800 Subject: [PATCH 27/51] add token sync and native receptor Signed-off-by: libing23 --- BUILD.gn | 4 +- .../tokensync/include/i_tokensync_manager.h | 4 +- .../tokensync/include/tokensync_kit.h | 4 +- .../innerkits/tokensync/src/tokensync_kit.cpp | 4 +- .../src/tokensync_manager_client.cpp | 4 +- .../tokensync/src/tokensync_manager_client.h | 4 +- .../tokensync/src/tokensync_manager_proxy.cpp | 4 +- .../tokensync/src/tokensync_manager_proxy.h | 4 +- .../test/unittest/src/tokensync_kit_test.cpp | 2 +- .../test/unittest/src/tokensync_kit_test.h | 4 +- services/accesstokenmanager/BUILD.gn | 2 - .../cpp/include/token/native_token_receptor.h | 25 +- .../cpp/src/token/hap_token_info_inner.cpp | 2 +- .../cpp/src/token/native_token_info_inner.cpp | 2 +- .../cpp/src/token/native_token_receptor.cpp | 186 +++++--------- services/accesstokenmanager/test/BUILD.gn | 5 +- .../cpp/src/native_token_receptor_test.cpp | 232 ++++-------------- services/tokensyncmanager/BUILD.gn | 27 +- .../include/remote/soft_bus_manager.h | 75 ++++++ .../{main => }/sa_profile/3504.xml | 4 +- .../{main => }/sa_profile/BUILD.gn | 4 +- .../src/remote/soft_bus_manager.cpp | 215 ++++++++++++++++ .../service}/tokensync_manager_service.cpp | 11 +- .../service}/tokensync_manager_service.h | 4 +- .../service}/tokensync_manager_stub.cpp | 4 +- .../service}/tokensync_manager_stub.h | 4 +- services/tokensyncmanager/token_sync.cfg | 17 ++ services/tokensyncmanager/token_sync.rc | 22 ++ 28 files changed, 493 insertions(+), 386 deletions(-) create mode 100644 services/tokensyncmanager/include/remote/soft_bus_manager.h rename services/tokensyncmanager/{main => }/sa_profile/3504.xml (89%) rename services/tokensyncmanager/{main => }/sa_profile/BUILD.gn (96%) create mode 100644 services/tokensyncmanager/src/remote/soft_bus_manager.cpp rename services/tokensyncmanager/{main/cpp => src/service}/tokensync_manager_service.cpp (89%) rename services/tokensyncmanager/{main/cpp => src/service}/tokensync_manager_service.h (96%) rename services/tokensyncmanager/{main/cpp => src/service}/tokensync_manager_stub.cpp (97%) rename services/tokensyncmanager/{main/cpp => src/service}/tokensync_manager_stub.h (96%) create mode 100644 services/tokensyncmanager/token_sync.cfg create mode 100644 services/tokensyncmanager/token_sync.rc diff --git a/BUILD.gn b/BUILD.gn index 97c62f984..f88c0ba9d 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -30,8 +30,8 @@ group("tokensync_build_module") { if (is_standard_system) { deps = [ "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", - "//base/security/access_token/services/tokensyncmanager:tokensync_manager_service", - "//base/security/access_token/services/tokensyncmanager/main/sa_profile:tokensync_sa_profile_standard", + "//base/security/access_token/services/tokensyncmanager:token_sync_manager_service", + "//base/security/access_token/services/tokensyncmanager/sa_profile:tokensync_sa_profile_standard", ] } } diff --git a/frameworks/tokensync/include/i_tokensync_manager.h b/frameworks/tokensync/include/i_tokensync_manager.h index 9a2769ee3..4555102b9 100644 --- a/frameworks/tokensync/include/i_tokensync_manager.h +++ b/frameworks/tokensync/include/i_tokensync_manager.h @@ -23,7 +23,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class ITokenSyncManager : public IRemoteBroker { public: static const int SA_ID_TOKENSYNC_MANAGER_SERVICE = 3504; @@ -36,7 +36,7 @@ public: VERIFY_PERMISSION = 0xff01, }; }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/tokensync/include/tokensync_kit.h b/interfaces/innerkits/tokensync/include/tokensync_kit.h index c39e1a64a..3ac9d29ee 100644 --- a/interfaces/innerkits/tokensync/include/tokensync_kit.h +++ b/interfaces/innerkits/tokensync/include/tokensync_kit.h @@ -21,12 +21,12 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class TokenSyncKit { public: static int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId); }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/tokensync/src/tokensync_kit.cpp b/interfaces/innerkits/tokensync/src/tokensync_kit.cpp index 02a462ffb..2fbaee384 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_kit.cpp +++ b/interfaces/innerkits/tokensync/src/tokensync_kit.cpp @@ -23,7 +23,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { using namespace std; namespace { @@ -37,6 +37,6 @@ int TokenSyncKit::VerifyPermission(const string& bundleName, const string& permi bundleName.c_str(), permissionName.c_str(), userId); return TokenSyncManagerClient::GetInstance().VerifyPermission(bundleName, permissionName, userId); } -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp b/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp index 98f658bc6..b63d0ab49 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp +++ b/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp @@ -21,7 +21,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerClient"}; } // namespace @@ -71,6 +71,6 @@ sptr TokenSyncManagerClient::GetProxy() const } return proxy; } -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_client.h b/interfaces/innerkits/tokensync/src/tokensync_manager_client.h index 06445abc5..a44602772 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_client.h +++ b/interfaces/innerkits/tokensync/src/tokensync_manager_client.h @@ -24,7 +24,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class TokenSyncManagerClient final { public: static TokenSyncManagerClient& GetInstance(); @@ -40,7 +40,7 @@ private: sptr GetProxy() const; }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS #endif // ACCESSTOKEN_MANAGER_CLIENT_H diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp index 4a0e9f830..f1988a60e 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp +++ b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp @@ -22,7 +22,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerProxy"}; } @@ -69,6 +69,6 @@ int TokenSyncManagerProxy::VerifyPermission( ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); return result; } -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h index fc0dbc10d..c92e8be00 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h +++ b/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h @@ -24,7 +24,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class TokenSyncManagerProxy : public IRemoteProxy { public: explicit TokenSyncManagerProxy(const sptr& impl); @@ -35,7 +35,7 @@ public: private: static inline BrokerDelegator delegator_; }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS #endif // TOKENSYNC_MANAGER_PROXY_H diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp index 800becd14..52b2489d3 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp @@ -18,7 +18,7 @@ #include "tokensync_kit.h" using namespace testing::ext; -using namespace OHOS::Security::TokenSync; +using namespace OHOS::Security::AccessToken; void TokenSyncKitTest::SetUpTestCase() {} diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h index 4202bcd9b..1cb07f236 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h +++ b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h @@ -20,7 +20,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class TokenSyncKitTest : public testing::Test { public: static void SetUpTestCase(); @@ -31,7 +31,7 @@ public: void TearDown(); }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS #endif // TOKENSYNC_KIT_TEST_H diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index fc866172a..a77a08994 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -34,7 +34,6 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//third_party/json/include", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", ] sources = [ @@ -66,7 +65,6 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//base/security/access_token/frameworks/common:accesstoken_common_cxx", "//base/security/access_token/services/accesstokenmanager:access_token.rc", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//third_party/sqlite:sqlite", "//utils/native/base:utils", ] diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h index 2d3e6de45..491d09dc0 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h @@ -18,52 +18,37 @@ #include #include -#include -#include #include "access_token.h" #include "nlohmann/json.hpp" #include "native_token_info_inner.h" #include "nocopyable.h" -#include "parameter.h" namespace OHOS { namespace Security { namespace AccessToken { -const std::string JSON_KEY_NATIVE_TOKEN_INFO_JSON = "NativeTokenInfo"; -const std::string SOCKET_FILE = "/data/system/token_unix_socket.socket"; -constexpr int MAX_RECEPTOR_SIZE = 1024; -const std::string SYSTEM_PROP_NATIVE_RECEPTOR = "rw.nativetoken.receptor.startup"; +const std::string NATIVE_TOKEN_CONFIG_FILE = "/data/system/access_token/nativetoken.json"; +constexpr int MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M +constexpr size_t BUFFER_SIZE = 1024; class NativeTokenReceptor final { public: static NativeTokenReceptor& GetInstance(); virtual ~NativeTokenReceptor() = default; int Init(); - void Release(); - void LoopHandler(); - static void ThreadFunc(NativeTokenReceptor *receptor); private: - NativeTokenReceptor() : receptorThread_(nullptr), listenSocket_(-1), - connectSocket_(-1), ready_(false), socketPath_(SOCKET_FILE) {}; + NativeTokenReceptor() : ready_(false) {}; DISALLOW_COPY_AND_MOVE(NativeTokenReceptor); - + int ReadCfgFile(std::string &nativeRawData); void FromJson(const nlohmann::json &jsonObject, std::vector>& tokenInfos); void ParserNativeRawData(const std::string& nativeRawData, std::vector>& tokenInfos); - int InitNativeTokenSocket(); void from_json(const nlohmann::json& j, NativeTokenInfo& p); - std::unique_ptr receptorThread_; - std::mutex receptorThreadMutex_; - int listenSocket_; - int connectSocket_; bool ready_; - std::string socketPath_; }; } // namespace AccessToken } // namespace Security } // namespace OHOS #endif // ACCESSTOKEN_NATIVE_TOKEN_RECEPTOR_H - diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index 34dd4f0c9..d603a133b 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -118,7 +118,7 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); return RET_FAILED; } - ver_ = inGenericValues.GetInt(FIELD_TOKEN_VERSION); + ver_ = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); if (ver_ != DEFAULT_TOKEN_VERSION) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index 62a4e8cac..ccdc9b415 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -101,7 +101,7 @@ int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const Ge return RET_FAILED; } apl_ = (ATokenAplEnum)aplNum; - ver_ = inGenericValues.GetInt(FIELD_TOKEN_VERSION); + ver_ = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); if (ver_ != DEFAULT_TOKEN_VERSION) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index 63b66da54..8bb01fd82 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -12,12 +12,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - -#include +#include #include -#include +#include #include -#include #include #include "accesstoken_id_manager.h" @@ -25,7 +23,6 @@ #include "accesstoken_log.h" #include "data_validator.h" #include "native_token_receptor.h" -#include "parameter.h" #include "securec.h" namespace OHOS { @@ -92,158 +89,85 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p p = std::make_shared(native); } -int NativeTokenReceptor::Init() -{ - std::lock_guard lock(receptorThreadMutex_); - if (ready_) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: receptor thread is already running.", __func__); - return RET_SUCCESS; - } - if (receptorThread_ != nullptr && receptorThread_->joinable()) { - receptorThread_->join(); - } - - receptorThread_ = std::make_unique(NativeTokenReceptor::ThreadFunc, this); - if (receptorThread_ == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: receptor thread is nullptr.", __func__); - return RET_FAILED; - } - ready_ = true; - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: init ok.", __func__); - return RET_SUCCESS; -} - -void NativeTokenReceptor::Release() -{ - std::lock_guard lock(receptorThreadMutex_); - ready_ = false; - if (listenSocket_ >= 0) { - close(listenSocket_); - listenSocket_ = -1; - } - - if (connectSocket_ >= 0) { - close(connectSocket_); - connectSocket_ = -1; - } - - int ret = SetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "false"); - if (ret != 0) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: set parameter failed.", __func__); - return; - } - - ACCESSTOKEN_LOG_INFO(LABEL, "Release ok."); -} - -NativeTokenReceptor& NativeTokenReceptor::GetInstance() -{ - static NativeTokenReceptor instance; - return instance; -} - void NativeTokenReceptor::ParserNativeRawData(const std::string& nativeRawData, std::vector>& tokenInfos) { nlohmann::json jsonRes = nlohmann::json::parse(nativeRawData, nullptr, false); - if (jsonRes.find(JSON_KEY_NATIVE_TOKEN_INFO_JSON) != jsonRes.end()) { - auto nativeTokenVect = - jsonRes.at(JSON_KEY_NATIVE_TOKEN_INFO_JSON).get>>(); - for (auto& token : nativeTokenVect) { - if (token != nullptr) { - tokenInfos.emplace_back(token); - } + for (auto it = jsonRes.begin(); it != jsonRes.end(); it++) { + auto token = it->get>(); + if (token != nullptr) { + tokenInfos.emplace_back(token); } } } -int NativeTokenReceptor::InitNativeTokenSocket() +int NativeTokenReceptor::ReadCfgFile(std::string& nativeRawData) { - struct sockaddr_un addr; - (void)memset_s(&addr, sizeof(addr), 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - if (memcpy_s(addr.sun_path, sizeof(addr.sun_path), socketPath_.c_str(), sizeof(addr.sun_path) - 1) != EOK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: init socket path failed.", __func__); - return -1; + int32_t fd = open(NATIVE_TOKEN_CONFIG_FILE.c_str(), O_RDONLY); + if (fd < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: open failed.", __func__); + return RET_FAILED; } + struct stat statBuffer; - unlink(socketPath_.c_str()); - listenSocket_ = socket(AF_UNIX, SOCK_STREAM, 0); - if (listenSocket_ < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: init socket failed.", __func__); - return -1; + if (fstat(fd, &statBuffer) != 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: fstat failed.", __func__); + close(fd); + return RET_FAILED; } - socklen_t len = sizeof(struct sockaddr_un); - int ret = bind(listenSocket_, (struct sockaddr *)(&addr), len); - if (ret == -1) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: bind socket failed.", __func__); - close(listenSocket_); - listenSocket_ = -1; - return -1; + if (statBuffer.st_size == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: config file size is invalid.", __func__); + close(fd); + return RET_FAILED; } - ret = listen(listenSocket_, 1); - if (ret < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: listen socket failed.", __func__); - remove(socketPath_.c_str()); - close(listenSocket_); - listenSocket_ = -1; - return -1; + if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: config file size is too large.", __func__); + close(fd); + return RET_FAILED; } - return 0; -} + nativeRawData.reserve(statBuffer.st_size); -void NativeTokenReceptor::LoopHandler() -{ - int ret = InitNativeTokenSocket(); - if (ret < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: InitNativeTokenSocket failed.", __func__); - return; + char buff[BUFFER_SIZE] = { 0 }; + ssize_t readLen = 0; + while ((readLen = read(fd, buff, BUFFER_SIZE)) > 0) { + nativeRawData.append(buff, readLen); } + close(fd); - ret = SetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "true"); - if (ret != 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: set parameter failed.", __func__); - return; + if (readLen == 0) { + return RET_SUCCESS; } + return RET_FAILED; +} - while (true) { - socklen_t len = sizeof(struct sockaddr_un); - struct sockaddr_un clientAddr; - int connectSocket_ = accept(listenSocket_, (struct sockaddr *)(&clientAddr), &len); - if (connectSocket_ < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: accept fail errno %{public}d.", __func__, errno); - continue; - } - std::string nativeRawData; - char buff[MAX_RECEPTOR_SIZE + 1]; - while (true) { - int readLen = read(connectSocket_, buff, MAX_RECEPTOR_SIZE); - if (readLen <= 0) { - break; - } - buff[readLen] = '\0'; - nativeRawData.append(buff); - } - close(connectSocket_); - connectSocket_ = -1; +int NativeTokenReceptor::Init() +{ + if (ready_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: native token has been inited.", __func__); + return RET_SUCCESS; + } - std::vector> tokenInfos; - ParserNativeRawData(nativeRawData, tokenInfos); - AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + std::string nativeRawData; + int ret = ReadCfgFile(nativeRawData); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: readCfgFile failed.", __func__); + return RET_FAILED; } + std::vector> tokenInfos; + ParserNativeRawData(nativeRawData, tokenInfos); + AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); + + ready_ = true; + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: init ok.", __func__); + return RET_SUCCESS; } -void NativeTokenReceptor::ThreadFunc(NativeTokenReceptor *receptor) +NativeTokenReceptor& NativeTokenReceptor::GetInstance() { - if (receptor != nullptr) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: start handler loop.", __func__); - receptor->LoopHandler(); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: native token loop end, native token can not sync.", __func__); - receptor->Release(); - } + static NativeTokenReceptor instance; + return instance; } } // namespace AccessToken } // namespace Security } // namespace OHOS - diff --git a/services/accesstokenmanager/test/BUILD.gn b/services/accesstokenmanager/test/BUILD.gn index be37ead41..208ff66dd 100644 --- a/services/accesstokenmanager/test/BUILD.gn +++ b/services/accesstokenmanager/test/BUILD.gn @@ -28,8 +28,9 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/main/cpp/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", "//third_party/json/include", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara/include/", + "//third_party/cJSON", ] sources = [ @@ -42,8 +43,8 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { deps = [ "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service", - "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//third_party/googletest:gtest_main", "//utils/native/base:utils", ] diff --git a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp index 226415ee1..c1602a659 100644 --- a/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp +++ b/services/accesstokenmanager/test/unittest/cpp/src/native_token_receptor_test.cpp @@ -30,6 +30,7 @@ #include "data_storage.h" #include "field_const.h" #define private public +#include "nativetoken_kit.h" #include "native_token_receptor.h" #undef private #include "securec.h" @@ -60,26 +61,6 @@ void NativeTokenReceptorTest::TearDown() ACCESSTOKEN_LOG_INFO(LABEL, "test down!"); } -/** - * @tc.name: Init001 - * @tc.desc: Verify socket init result. - * @tc.type: FUNC - * @tc.require: Issue Number - */ -HWTEST_F(NativeTokenReceptorTest, Init001, TestSize.Level1) -{ - NativeTokenReceptor::GetInstance().socketPath_ = "/data/system/token_unix_socket.test.socket"; - NativeTokenReceptor::GetInstance().Init(); - NativeTokenReceptor::GetInstance().receptorThread_->detach(); - ASSERT_LT(NativeTokenReceptor::GetInstance().listenSocket_, 0); - sleep(3); - char buffer[128] = {0}; - int ret = GetParameter(SYSTEM_PROP_NATIVE_RECEPTOR.c_str(), "false", buffer, 127); - GTEST_LOG_(INFO) << "ret " << ret << " buffer " << buffer; - ASSERT_EQ(ret, strlen("true")); - ASSERT_EQ(strcmp(buffer, "true"), 0); -} - /** * @tc.name: ParserNativeRawData001 * @tc.desc: Verify processing right native token json. @@ -89,11 +70,11 @@ HWTEST_F(NativeTokenReceptorTest, Init001, TestSize.Level1) HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1) { ACCESSTOKEN_LOG_INFO(LABEL, "test ParserNativeRawData001!"); - std::string testStr = R"({"NativeTokenInfo":[)"\ + std::string testStr = R"([)"\ R"({"processName":"process6","APL":3,"version":1,"tokenId":685266937,"tokenAttr":0,)"\ R"("dcaps":["AT_CAP","ST_CAP"]},)"\ R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + R"("dcaps":["AT_CAP","ST_CAP"]}])"; NativeTokenReceptor& receptor = NativeTokenReceptor::GetInstance(); std::vector> tokenInfos; @@ -125,7 +106,7 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData001, TestSize.Level1) HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) { ACCESSTOKEN_LOG_INFO(LABEL, "test ParserNativeRawData002!"); - std::string testStr = R"({"NativeTokenInfo":[{"processName":""}]})"; + std::string testStr = R"([{"processName":""}])"; std::vector> tokenInfos; NativeTokenReceptor& receptor = NativeTokenReceptor::GetInstance(); @@ -133,23 +114,39 @@ HWTEST_F(NativeTokenReceptorTest, ParserNativeRawData002, TestSize.Level1) receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); - testStr = R"({"NativeTokenInfo":[{"processName":"", }]})"; + testStr = R"([{"processName":"", }])"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"([{"processName":"process6"}, {}])"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"([{"processName":""}, {"":"", ""}])"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"([{"processName":"process6", "tokenId":685266937, "APL":3, "version":new}])"; receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); - testStr = R"({"NativeTokenInfo":[{"processName":"process6"}, {}]})"; + testStr = R"([{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}])"; receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); - testStr = R"({"NativeTokenInfo":[{"processName":""}, {"":"", ""}]})"; + testStr = R"({"NativeToken":[{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}]})"; receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); - testStr = R"({"NativeTokenInfo":[{"processName":"process6", "tokenId":685266937, "APL":3, "version":new}]})"; + testStr = R"({"NativeToken":[{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}])"; receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); - testStr = R"({"NativeTokenInfo":[{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}]})"; + testStr = R"(["NativeToken":])"; + receptor.ParserNativeRawData(testStr, tokenInfos); + ASSERT_EQ(0, tokenInfos.size()); + + testStr = R"([)"; receptor.ParserNativeRawData(testStr, tokenInfos); ASSERT_EQ(0, tokenInfos.size()); } @@ -542,175 +539,34 @@ HWTEST_F(NativeTokenReceptorTest, ProcessNativeTokenInfos006, TestSize.Level1) ASSERT_EQ(ret, RET_SUCCESS); } -static int initClientSocket() -{ - struct sockaddr_un addr; - int fd = -1; - - /* set socket */ - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) { - return -1; - } - (void)memset_s(&addr, sizeof(struct sockaddr_un), 0, sizeof(struct sockaddr_un)); - addr.sun_family = AF_UNIX; - if (strncpy_s(addr.sun_path, sizeof(addr.sun_path), - "/data/system/token_unix_socket.test.socket", sizeof(addr.sun_path) - 1) != EOK) { - close(fd); - return -1; - } - int ret = connect(fd, (struct sockaddr *)&addr, sizeof(addr)); - if (ret != 0) { - close(fd); - return -1; - } - return fd; -} - -void LibatConcurrencyTask(const char* syncMesg) -{ - int fd = initClientSocket(); - if (fd <= 0) { - GTEST_LOG_(INFO) << "initClientSocket failed"; - return; - } - int writtenSize; - int len = strlen(syncMesg); - - writtenSize = write(fd, syncMesg, len); - ASSERT_EQ(writtenSize, len); - if (writtenSize != len) { - GTEST_LOG_(INFO) << "send mesg failed"; - } - close(fd); -} - -/** - * @tc.name: ClientConnect001 - * @tc.desc: client connect and send a nativetoken, and close - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(NativeTokenReceptorTest, ClientConnect001, TestSize.Level1) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect001!"); - // 672137216 = 0x28100000 - std::string testStr = R"({"NativeTokenInfo":[)"\ - R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]}]})"; - - LibatConcurrencyTask(testStr.c_str()); - sleep(5); - - NativeTokenInfo findInfo; - int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "process6"); - ASSERT_EQ(findInfo.tokenID, 672137216); - ASSERT_EQ(findInfo.tokenAttr, 0); - std::vector dcap = {"AT_CAP", "ST_CAP"}; - ASSERT_EQ(findInfo.dcap, dcap); - - ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); - ASSERT_EQ(ret, RET_SUCCESS); -} - -/** - * @tc.name: ClientConnect002 - * @tc.desc: client connect and send two nativetokens at same time by two threads - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(NativeTokenReceptorTest, ClientConnect002, TestSize.Level1) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect002!"); - std::string testStr1 = R"({"NativeTokenInfo":[)"\ - R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]}]})"; - - std::string testStr2 = R"({"NativeTokenInfo":[)"\ - R"({"processName":"process7","APL":3,"version":1,"tokenId":672137217,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]}]})"; - - std::thread threadClient1(LibatConcurrencyTask, testStr1.c_str()); - - std::thread threadClient2(LibatConcurrencyTask, testStr2.c_str()); - threadClient1.join(); - threadClient2.join(); - - sleep(5); - - NativeTokenInfo findInfo; - int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "process6"); - ASSERT_EQ(findInfo.tokenID, 672137216); - ASSERT_EQ(findInfo.tokenAttr, 0); - std::vector dcap = {"AT_CAP", "ST_CAP"}; - ASSERT_EQ(findInfo.dcap, dcap); - - ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); - ASSERT_EQ(ret, RET_SUCCESS); - - ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137217, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "process7"); - ASSERT_EQ(findInfo.tokenID, 672137217); - ASSERT_EQ(findInfo.tokenAttr, 0); - ASSERT_EQ(findInfo.dcap, dcap); - - ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137217); - ASSERT_EQ(ret, RET_SUCCESS); -} - /** - * @tc.name: ClientConnect003 - * @tc.desc: client connect and send two nativetokens at one time + * @tc.name: init001 + * @tc.desc: test get native cfg * @tc.type: FUNC - * @tc.require: + * @tc.require: Issue Number */ -HWTEST_F(NativeTokenReceptorTest, ClientConnect003, TestSize.Level1) +HWTEST_F(NativeTokenReceptorTest, init001, TestSize.Level1) { - ACCESSTOKEN_LOG_INFO(LABEL, "test ClientConnect003!"); - std::string testStr = R"({"NativeTokenInfo":[)"\ - R"({"processName":"process6","APL":3,"version":1,"tokenId":672137216,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]},)"\ - R"({"processName":"process7","APL":3,"version":1,"tokenId":672137217,"tokenAttr":0,)"\ - R"("dcaps":["AT_CAP","ST_CAP"]}]})"; + ACCESSTOKEN_LOG_INFO(LABEL, "test init001!"); + std::vector> tokenInfos; - LibatConcurrencyTask(testStr.c_str()); + const char **dcaps = (const char **)malloc(sizeof(char *) * 1); + dcaps[0] = "AT_CAP_01"; + int dcapNum = 1; + char processName[32]; + strcpy(processName, "native_token_test7"); + char apl[32]; + strcpy(apl, "system_core"); - sleep(5); + uint64_t tokenId = ::GetAccessTokenId(processName, dcaps, dcapNum, apl); + ASSERT_NE(tokenId, 0); + NativeTokenReceptor::GetInstance().Init(); NativeTokenInfo findInfo; - int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137216, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "process6"); - ASSERT_EQ(findInfo.tokenID, 672137216); - ASSERT_EQ(findInfo.tokenAttr, 0); - std::vector dcap = {"AT_CAP", "ST_CAP"}; - ASSERT_EQ(findInfo.dcap, dcap); - - ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137216); + int ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenId, findInfo); ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.processName, processName); - ret = AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(672137217, findInfo); - ASSERT_EQ(ret, RET_SUCCESS); - ASSERT_EQ(findInfo.apl, 3); - ASSERT_EQ(findInfo.ver, 1); - ASSERT_EQ(findInfo.processName, "process7"); - ASSERT_EQ(findInfo.tokenID, 672137217); - ASSERT_EQ(findInfo.tokenAttr, 0); - ASSERT_EQ(findInfo.dcap, dcap); - - ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(672137217); + ret = AccessTokenInfoManager::GetInstance().RemoveNativeTokenInfo(tokenId); ASSERT_EQ(ret, RET_SUCCESS); } diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 375cba960..42ca7f73b 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -13,33 +13,44 @@ import("//build/ohos.gni") -ohos_shared_library("tokensync_manager_service") { +ohos_prebuilt_etc("token_sync.rc") { + source = "token_sync.cfg" + relative_install_dir = "init" + subsystem_name = "security" + part_name = "access_token" +} + +ohos_shared_library("token_sync_manager_service") { subsystem_name = "security" part_name = "access_token" include_dirs = [ - "include", + "include/service", + "include/remote", "//utils/system/safwk/native/include", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/tokensync/include", - #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//foundation/communication/dsoftbus/interfaces/kits/transport", + "//foundation/communication/dsoftbus/interfaces/kits/common", + "//foundation/communication/dsoftbus/interfaces/kits/bus_center", ] sources = [ - "main/cpp/tokensync_manager_service.cpp", - "main/cpp/tokensync_manager_stub.cpp", + "src/remote/soft_bus_manager.cpp", + "src/service/tokensync_manager_service.cpp", + "src/service/tokensync_manager_stub.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ - #"//base/security/accesstoken/frameworks/accesstooken/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", - #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", - #"//third_party/sqlite:sqlite", + "//base/security/access_token/services/tokensyncmanager:token_sync.rc", "//utils/native/base:utils", ] external_deps = [ + "dsoftbus_standard:softbus_client", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", "safwk:system_ability_fwk", diff --git a/services/tokensyncmanager/include/remote/soft_bus_manager.h b/services/tokensyncmanager/include/remote/soft_bus_manager.h new file mode 100644 index 000000000..d7ab6e7e3 --- /dev/null +++ b/services/tokensyncmanager/include/remote/soft_bus_manager.h @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SOFT_BUS_MANAGER_H +#define SOFT_BUS_MANAGER_H + +#include +#include +#include +#include +#include +#include + +#include "accesstoken_log.h" +#include "rwlock.h" +#include "session.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SoftBusManager final { +public: + virtual ~SoftBusManager(); + static SoftBusManager &GetInstance(); + void Initialize(); + void Destroy(); + + static int OnSessionOpend(int sessionId, int result); + static void OnSessionClosed(int sessionId); + static void OnBytesReceived(int sessionId, const void *data, unsigned int dataLen); + static void OnMessageReceived(int sessionId, const void *data, unsigned int dataLen); + static void isSessionRespond(int sessionId); + + void InsertSessionRespondStatus(int sessionId); + bool IsSessionRespond(int sessionId); + int32_t SendRequest(); + bool IsSessionWaitingOpen(int sessionId); + bool IsSessionOpen(int sessionId); + void ModifySessionStatus(int sessionId); + void SetSessionWaitingOpen(int sessionId); + +public: + static const std::string SESSION_NAME; + +private: + SoftBusManager(); + + static const std::string ACCESS_TOKEN_PACKAGE_NAME; + + // soft bus session server opened flag + bool isSoftBusServiceBindSuccess_; + std::atomic_bool inited_; + + // init mutex + std::mutex mutex_; + + OHOS::Utils::RWLock sessIdLock_; + std::set sessOpenSet_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // SOFT_BUS_MANAGER_H diff --git a/services/tokensyncmanager/main/sa_profile/3504.xml b/services/tokensyncmanager/sa_profile/3504.xml similarity index 89% rename from services/tokensyncmanager/main/sa_profile/3504.xml rename to services/tokensyncmanager/sa_profile/3504.xml index 3348d7156..c8ea08efd 100644 --- a/services/tokensyncmanager/main/sa_profile/3504.xml +++ b/services/tokensyncmanager/sa_profile/3504.xml @@ -13,10 +13,10 @@ limitations under the License. --> - foundation + token_sync_service 3504 - libtoken_manager_service.z.so + libtoken_sync_manager_service.z.so true true 1 diff --git a/services/tokensyncmanager/main/sa_profile/BUILD.gn b/services/tokensyncmanager/sa_profile/BUILD.gn similarity index 96% rename from services/tokensyncmanager/main/sa_profile/BUILD.gn rename to services/tokensyncmanager/sa_profile/BUILD.gn index 40f038f5a..4491128f6 100644 --- a/services/tokensyncmanager/main/sa_profile/BUILD.gn +++ b/services/tokensyncmanager/sa_profile/BUILD.gn @@ -14,9 +14,7 @@ import("//build/ohos/sa_profile/sa_profile.gni") ohos_sa_profile("tokensync_sa_profile_standard") { - part_name = "token_sync" + part_name = "access_token" sources = [ "3504.xml" ] } - - diff --git a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp new file mode 100644 index 000000000..c0d294b9e --- /dev/null +++ b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp @@ -0,0 +1,215 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "soft_bus_manager.h" + +#include + +#include "accesstoken.h" +#include "softbus_bus_center.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusManager"}; +} + +namespace { +static const SessionAttribute SESSION_ATTR = {.dataType = TYPE_BYTES}; + +static const int REASON_EXIST = -3; +static const int OPENSESSION_RETRY_TIMES = 100; +static const int OPENSESSION_RETRY_INTERVAL_MS = 100; +static const int CREAT_SERVER_RETRY_INTERVAL_MS = 1000; +} // namespace + +const std::string SoftBusManager::ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_access_token"; +const std::string SoftBusManager::SESSION_NAME = "ohos.security.atm_channel"; + +SoftBusManager::SoftBusManager() : isSoftBusServiceBindSuccess_(false), inited_(false), mutex_() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SoftBusManager()"); +} + +SoftBusManager::~SoftBusManager() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "~SoftBusManager()"); +} + +SoftBusManager &SoftBusManager::GetInstance() +{ + static SoftBusManager instance; + return instance; +} + +int SoftBusManager::OnSessionOpend(int sessionId, int result) +{ + if (result != 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "session is open failed, result %{public}d", result); + return RET_FAILED; + } + SoftBusManager::GetInstance().ModifySessionStatus(sessionId); + ACCESSTOKEN_LOG_INFO(LABEL, "session is open"); + return 0; +} + +void SoftBusManager::OnSessionClosed(int sessionId) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "session is closed"); +} + +void SoftBusManager::OnBytesReceived(int sessionId, const void *data, unsigned int dataLen) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "session receive data."); +} + +void SoftBusManager::OnMessageReceived(int sessionId, const void *data, unsigned int dataLen) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "session receive message."); +} + +bool SoftBusManager::IsSessionOpen(int sessionId) +{ + Utils::UniqueReadGuard idGuard(this->sessIdLock_); + if (sessOpenSet_.count(sessionId) == 0) { + return true; + } + return false; +} + +void SoftBusManager::ModifySessionStatus(int sessionId) +{ + Utils::UniqueWriteGuard idGuard(this->sessIdLock_); + if (sessOpenSet_.count(sessionId) > 0) { + sessOpenSet_.erase(sessionId); + } +} + +void SoftBusManager::SetSessionWaitingOpen(int sessionId) +{ + Utils::UniqueWriteGuard idGuard(this->sessIdLock_); + sessOpenSet_.insert(sessionId); +} + +void SoftBusManager::Initialize() +{ + bool inited = false; + // cas failed means already inited. + if (!inited_.compare_exchange_strong(inited, true)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "already initialized, skip"); + return; + } + + while (1) { + std::unique_lock lock(mutex_); + // register session listener + ISessionListener sessionListener; + sessionListener.OnSessionOpened = SoftBusManager::OnSessionOpend; + sessionListener.OnSessionClosed = SoftBusManager::OnSessionClosed; + sessionListener.OnBytesReceived = SoftBusManager::OnBytesReceived; + sessionListener.OnMessageReceived = SoftBusManager::OnMessageReceived; + + int ret = ::CreateSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str(), &sessionListener); + ACCESSTOKEN_LOG_INFO(LABEL, "Initialize: createSessionServer, result: %{public}d", ret); + // REASON_EXIST + if ((ret != 0) && (ret != REASON_EXIST)) { + auto sleepTime = std::chrono::milliseconds(CREAT_SERVER_RETRY_INTERVAL_MS); + std::this_thread::sleep_for(sleepTime); + continue; + } + isSoftBusServiceBindSuccess_ = true; + break; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "Initialize thread started"); +} + +void SoftBusManager::Destroy() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, init: %{public}d, isSoftBusServiceBindSuccess: %{public}d", inited_.load(), + isSoftBusServiceBindSuccess_); + + if (inited_.load() == false) { + ACCESSTOKEN_LOG_ERROR(LABEL, "not inited, skip"); + return; + } + + std::unique_lock lock(mutex_); + if (inited_.load() == false) { + ACCESSTOKEN_LOG_ERROR(LABEL, "not inited, skip"); + return; + } + + if (isSoftBusServiceBindSuccess_) { + int32_t ret = ::RemoveSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str()); + ACCESSTOKEN_LOG_ERROR(LABEL, "destroy, RemoveSessionServer: %{public}d", ret); + isSoftBusServiceBindSuccess_ = false; + } + + inited_.store(false); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, done"); +} + +int32_t SoftBusManager::SendRequest() +{ + NodeBasicInfo *info = nullptr; + int32_t infoNum; + int ret = GetAllNodeDeviceInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), &info, &infoNum); + if (ret != 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "can not get node device"); + return RET_FAILED; + } + + // async open session, should waitting for OnSessionOpened event. + int sessionId = ::OpenSession(SESSION_NAME.c_str(), SESSION_NAME.c_str(), info[0].networkId, + "0", &SESSION_ATTR); + if (sessionId < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "open session failed"); + return RET_FAILED; + } + + SetSessionWaitingOpen(sessionId); + + // wait session opening + int retryTimes = 0; + int logSpan = 10; + auto sleepTime = std::chrono::milliseconds(OPENSESSION_RETRY_INTERVAL_MS); + bool isOpen = false; + while (retryTimes++ < OPENSESSION_RETRY_TIMES) { + if (!IsSessionOpen(sessionId)) { + std::this_thread::sleep_for(sleepTime); + if (retryTimes % logSpan == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "openSession, waitting for: %{public}d ms", + retryTimes * OPENSESSION_RETRY_INTERVAL_MS); + } + continue; + } + isOpen = true; + break; + } + int cmd = 0; + ret = ::SendBytes(sessionId, &cmd, sizeof(int)); + if (ret != 0) { + ::CloseSession(sessionId); + ACCESSTOKEN_LOG_ERROR(LABEL, "send cmd failed ret = %{public}d", ret); + return RET_FAILED; + } + ::CloseSession(sessionId); + return RET_SUCCESS; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp b/services/tokensyncmanager/src/service/tokensync_manager_service.cpp similarity index 89% rename from services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp rename to services/tokensyncmanager/src/service/tokensync_manager_service.cpp index eda9f78cc..c471fa466 100644 --- a/services/tokensyncmanager/main/cpp/tokensync_manager_service.cpp +++ b/services/tokensyncmanager/src/service/tokensync_manager_service.cpp @@ -15,11 +15,13 @@ #include "tokensync_manager_service.h" +#include #include "accesstoken_log.h" +#include "soft_bus_manager.h" namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerService"}; } @@ -70,13 +72,16 @@ int TokenSyncManagerService::VerifyPermission( ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, packageName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__, bundleName.c_str(), permissionName.c_str(), userId); - return 0; + int ret = SoftBusManager::GetInstance().SendRequest(); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, ret %{public}d", __func__, ret); + return ret; } bool TokenSyncManagerService::Initialize() const { + SoftBusManager::GetInstance().Initialize(); return true; } -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_service.h b/services/tokensyncmanager/src/service/tokensync_manager_service.h similarity index 96% rename from services/tokensyncmanager/main/cpp/tokensync_manager_service.h rename to services/tokensyncmanager/src/service/tokensync_manager_service.h index 076609994..9af5026e9 100644 --- a/services/tokensyncmanager/main/cpp/tokensync_manager_service.h +++ b/services/tokensyncmanager/src/service/tokensync_manager_service.h @@ -26,7 +26,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { enum class ServiceRunningState { STATE_NOT_START, STATE_RUNNING }; class TokenSyncManagerService final : public SystemAbility, public TokenSyncManagerStub { DECLARE_DELAYED_SINGLETON(TokenSyncManagerService); @@ -43,7 +43,7 @@ private: ServiceRunningState state_; }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS #endif // TOKENSYNC_MANAGER_SERVICE_H diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp b/services/tokensyncmanager/src/service/tokensync_manager_stub.cpp similarity index 97% rename from services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp rename to services/tokensyncmanager/src/service/tokensync_manager_stub.cpp index 21c222bd6..f6a3506f8 100644 --- a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.cpp +++ b/services/tokensyncmanager/src/service/tokensync_manager_stub.cpp @@ -22,7 +22,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncManagerStub"}; } @@ -54,6 +54,6 @@ void TokenSyncManagerStub::VerifyPermissionInner(MessageParcel& data, MessagePar int result = this->VerifyPermission(bundleName, permissionName, userId); reply.WriteInt32(result); } -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.h b/services/tokensyncmanager/src/service/tokensync_manager_stub.h similarity index 96% rename from services/tokensyncmanager/main/cpp/tokensync_manager_stub.h rename to services/tokensyncmanager/src/service/tokensync_manager_stub.h index 991e3947f..a8d530d2e 100644 --- a/services/tokensyncmanager/main/cpp/tokensync_manager_stub.h +++ b/services/tokensyncmanager/src/service/tokensync_manager_stub.h @@ -23,7 +23,7 @@ namespace OHOS { namespace Security { -namespace TokenSync { +namespace AccessToken { class TokenSyncManagerStub : public IRemoteStub { public: TokenSyncManagerStub() = default; @@ -34,7 +34,7 @@ public: private: void VerifyPermissionInner(MessageParcel& data, MessageParcel& reply); }; -} // namespace TokenSync +} // namespace AccessToken } // namespace Security } // namespace OHOS #endif // TOKENSYNC_MANAGER_STUB_H diff --git a/services/tokensyncmanager/token_sync.cfg b/services/tokensyncmanager/token_sync.cfg new file mode 100644 index 000000000..e8e2f4782 --- /dev/null +++ b/services/tokensyncmanager/token_sync.cfg @@ -0,0 +1,17 @@ +{ + "jobs" : [{ + "name" : "late-fs", + "cmds" : [ + "start token_sync_service" + ] + } + ], + "services" : [{ + "name" : "token_sync_service", + "path" : ["/system/bin/sa_main", "/system/profile/token_sync_service.xml"], + "importance" : -20, + "uid" : "system", + "gid" : ["system"] + } + ] +} \ No newline at end of file diff --git a/services/tokensyncmanager/token_sync.rc b/services/tokensyncmanager/token_sync.rc new file mode 100644 index 000000000..804c898ad --- /dev/null +++ b/services/tokensyncmanager/token_sync.rc @@ -0,0 +1,22 @@ +# Copyright (C) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +on late-fs + start token_sync_service + +service token_sync_service /system/bin/sa_main /system/profile/token_sync_service.xml + class token_sync_service + priority -20 + user system + group system + seclabel u:r:token_sync_service:s0 -- Gitee From 87e2c971d460eba323599e5c47784f5452a1d1cd Mon Sep 17 00:00:00 2001 From: lsq Date: Sat, 22 Jan 2022 18:03:10 +0800 Subject: [PATCH 28/51] modify access_token Change-Id: I5ae84af7e210c135ddb78e6112ce04fc2123938a Signed-off-by: lsq --- services/accesstokenmanager/access_token.cfg | 2 ++ 1 file changed, 2 insertions(+) diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg index e06136d1c..a2fc1e6ce 100644 --- a/services/accesstokenmanager/access_token.cfg +++ b/services/accesstokenmanager/access_token.cfg @@ -2,6 +2,8 @@ "jobs" : [{ "name" : "late-fs", "cmds" : [ + "mkdir /data/system/access_token 0640 root system", + "load_access_token_id ", "start accesstoken_service" ] } -- Gitee From d84f840ace9dd48dc61655d1022548769ffc63fc Mon Sep 17 00:00:00 2001 From: lsq Date: Mon, 24 Jan 2022 10:16:03 +0800 Subject: [PATCH 29/51] update pre_init Change-Id: I65a60dd27730fa877310cd2c98c80fda4a8728e4 Signed-off-by: lsq --- services/accesstokenmanager/access_token.cfg | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg index a2fc1e6ce..6c3deb612 100644 --- a/services/accesstokenmanager/access_token.cfg +++ b/services/accesstokenmanager/access_token.cfg @@ -1,9 +1,13 @@ { "jobs" : [{ + "name" : "pre-init", + "cmds" : [ + "mkdir /data/system/access_token 0650 root system", + "load_access_token_id " + ] + }, { "name" : "late-fs", "cmds" : [ - "mkdir /data/system/access_token 0640 root system", - "load_access_token_id ", "start accesstoken_service" ] } -- Gitee From e61f6d6052605402bc19296f8a0836b05d06aa56 Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 25 Jan 2022 11:49:20 +0800 Subject: [PATCH 30/51] update dir Change-Id: Ia34977c7ec8e306cee675ae3628e028a0f356782 Signed-off-by: lsq --- interfaces/innerkits/nativetoken/include/nativetoken.h | 3 +-- services/accesstokenmanager/access_token.cfg | 2 +- .../main/cpp/include/token/native_token_receptor.h | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index dc036b648..6706c491d 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -33,8 +33,7 @@ extern "C" { #endif #define MAX_PROCESS_NAME_LEN 256 -#define TOKEN_ID_CFG_PATH "/data/system/access_token/nativetoken.json" -#define SOCKET_FILE "/data/system/token_unix_socket.socket" +#define TOKEN_ID_CFG_PATH "/data/access_token/nativetoken.json" #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 #define TRANSFER_KEY_WORDS "NativeTokenInfo" diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg index 6c3deb612..a803fe1ae 100644 --- a/services/accesstokenmanager/access_token.cfg +++ b/services/accesstokenmanager/access_token.cfg @@ -2,7 +2,7 @@ "jobs" : [{ "name" : "pre-init", "cmds" : [ - "mkdir /data/system/access_token 0650 root system", + "mkdir /data/access_token 0750 root system", "load_access_token_id " ] }, { diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h index 491d09dc0..cd1b899dd 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h @@ -27,7 +27,7 @@ namespace OHOS { namespace Security { namespace AccessToken { -const std::string NATIVE_TOKEN_CONFIG_FILE = "/data/system/access_token/nativetoken.json"; +const std::string NATIVE_TOKEN_CONFIG_FILE = "/data/access_token/nativetoken.json"; constexpr int MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M constexpr size_t BUFFER_SIZE = 1024; class NativeTokenReceptor final { -- Gitee From 8ed796322572c947254c3a12283aa6d1c959168e Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 25 Jan 2022 14:07:19 +0800 Subject: [PATCH 31/51] Change-Id: I1228c638fbc2618034bec2581436fe7f28e8014b Change-Id: Ic1d46e767a4dc6176fbdf98a8949d5396ea8d49a Signed-off-by: lsq --- .../nativetoken/include/nativetoken.h | 3 +- .../innerkits/nativetoken/src/nativetoken.c | 42 +++++++++- .../unittest/src/nativetoken_kit_test.cpp | 82 +++++++------------ services/accesstokenmanager/access_token.cfg | 2 +- .../cpp/include/token/native_token_receptor.h | 2 +- .../cpp/src/token/native_token_receptor.cpp | 2 +- 6 files changed, 73 insertions(+), 60 deletions(-) diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index 6706c491d..71c34e2c2 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -33,7 +33,8 @@ extern "C" { #endif #define MAX_PROCESS_NAME_LEN 256 -#define TOKEN_ID_CFG_PATH "/data/access_token/nativetoken.json" +#define TOKEN_ID_CFG_FILE_PATH "/data/service/el0/access_token/nativetoken.json" +#define TOKEN_ID_CFG_DIR_PATH "/data/service/el0/access_token" #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 #define TRANSFER_KEY_WORDS "NativeTokenInfo" diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index 5373e41a6..f39d36eef 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -230,7 +230,7 @@ int32_t AtlibInit(void) } g_tokenListHead->next = NULL; - int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_PATH); + int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_FILE_PATH); if (ret != ATRET_SUCCESS) { free(g_tokenListHead); g_tokenListHead = NULL; @@ -294,6 +294,29 @@ int32_t GetAplLevel(const char *aplStr) ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is invalid.", __func__); return 0; } +int32_t NeedSetUidGid(int16_t *uid, int16_t *gid, int *needSet) +{ + struct stat buf; + if (stat(TOKEN_ID_CFG_FILE_PATH, &buf) == 0) { + *needSet = 0; + return ATRET_SUCCESS; + } + if (errno != ENOENT) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat %s is invalid %d.", + __func__, TOKEN_ID_CFG_FILE_PATH, errno); + return ATRET_FAILED; + } + if (stat(TOKEN_ID_CFG_DIR_PATH, &buf) != 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat %s is invalid %d.", + __func__, TOKEN_ID_CFG_DIR_PATH, errno); + return ATRET_FAILED; + } + *uid = buf.st_uid; + *gid = buf.st_gid; + *needSet = 1; + ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:needSet is true.", __func__); + return ATRET_SUCCESS; +} void WriteToFile(const cJSON *root) { @@ -308,7 +331,14 @@ void WriteToFile(const cJSON *root) } do { - int32_t fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + int16_t uid; + int16_t gid; + int needSet = 0; + if (NeedSetUidGid(&uid, &gid, &needSet) != ATRET_SUCCESS) { + break; + } + int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR | S_IRGRP); if (fd < 0) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:open failed.", __func__); break; @@ -320,6 +350,10 @@ void WriteToFile(const cJSON *root) ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %d.", __func__, writtenLen); break; } + if ((needSet == 1) && chown(TOKEN_ID_CFG_FILE_PATH, uid, gid) != 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:chown failed, errno is %d.", __func__, errno); + break; + } } while (0); cJSON_free(jsonStr); @@ -409,7 +443,7 @@ void SaveTokenIdToCfg(const NativeTokenList *curr) cJSON *record = NULL; int32_t ret; - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); if (ret != ATRET_SUCCESS) { return; } @@ -627,7 +661,7 @@ int32_t UpdateTokenInfoInCfgFile(NativeTokenList *tokenNode) cJSON *record = NULL; char *fileBuff = NULL; - int32_t ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + int32_t ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); if (ret != ATRET_SUCCESS) { return ret; } diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index a6782999a..3320426c3 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -24,16 +24,7 @@ using namespace OHOS::Security; extern NativeTokenList *g_tokenListHead; extern int32_t g_isNativeTokenInited; extern int32_t GetFileBuff(const char *cfg, char **retBuff); -namespace { -static string g_jsonStr = "[" - "{\"processName\":\"asdf\", \"tokenId\":15, \"APL\":3, \"version\":1, " - "\"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}," - "{\"processName\":\"GetAccessTokenId008\", \"tokenId\":16, \"APL\":3, \"version\":1," - " \"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}," - "{\"processName\":\"GetAccessTokenId009\", \"tokenId\":17, \"APL\":3, \"version\":1, " - "\"tokenAttr\":0, \"dcaps\":[\"AT_CAP\", \"ST_CAP\"]}" - "]"; -} + void TokenLibKitTest::SetUpTestCase() {} @@ -43,7 +34,7 @@ void TokenLibKitTest::TearDownTestCase() void TokenLibKitTest::SetUp() { g_isNativeTokenInited = 0; - ResetFile(); + (void)remove(TOKEN_ID_CFG_FILE_PATH); } void TokenLibKitTest::TearDown() @@ -56,21 +47,6 @@ void TokenLibKitTest::TearDown() } } -void TokenLibKitTest::ResetFile(void) -{ - int32_t fd = open(TOKEN_ID_CFG_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); - if (fd < 0) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:open failed.", __func__); - return; - } - int32_t strLen = strlen(g_jsonStr.c_str()); - int32_t writtenLen = write(fd, (void *)g_jsonStr.c_str(), strLen); - close(fd); - if (writtenLen != strLen) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:write failed, writtenLen is %d.", __func__, writtenLen); - } -} - int Start(const char *processName) { const char *processname = processName; @@ -253,7 +229,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1) ASSERT_EQ(tokenIdEx->tokenId, g_tokenListHead->next->tokenId); char *fileBuff = nullptr; - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, ATRET_SUCCESS); string s = "GetAccessTokenId006"; char *pos = strstr(fileBuff, s.c_str()); @@ -278,7 +254,7 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) ASSERT_NE(tokenId, 0); } char *fileBuff = nullptr; - int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + int ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, 0); for (int32_t i = 0; i < 200; i++) { char *pos = strstr(fileBuff, processName[i]); @@ -296,29 +272,31 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) { char *fileBuff = nullptr; - int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + int ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, 0); - char *pos = strstr(fileBuff, "process1"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process2"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process3"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process4"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process5"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process6"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process7"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process8"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process9"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "foundation"); - ASSERT_EQ(pos, nullptr); - free(fileBuff); + if (fileBuff != nullptr) { + char *pos = strstr(fileBuff, "process1"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process2"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process3"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process4"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process5"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process6"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process7"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process8"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "process9"); + ASSERT_EQ(pos, nullptr); + pos = strstr(fileBuff, "foundation"); + ASSERT_EQ(pos, nullptr); + free(fileBuff); + } Start("process1"); Start("process2"); @@ -337,10 +315,10 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) Start("process18"); Start("process19"); - ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, 0); GTEST_LOG_(INFO) << "fileBuff" << fileBuff; - pos = strstr(fileBuff, "process1"); + char *pos = strstr(fileBuff, "process1"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process2"); ASSERT_NE(pos, nullptr); diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg index a803fe1ae..ba4b720b8 100644 --- a/services/accesstokenmanager/access_token.cfg +++ b/services/accesstokenmanager/access_token.cfg @@ -2,7 +2,7 @@ "jobs" : [{ "name" : "pre-init", "cmds" : [ - "mkdir /data/access_token 0750 root system", + "mkdir /data/service/el0/access_token 0750 root system", "load_access_token_id " ] }, { diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h index cd1b899dd..53097f3fc 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_receptor.h @@ -27,7 +27,7 @@ namespace OHOS { namespace Security { namespace AccessToken { -const std::string NATIVE_TOKEN_CONFIG_FILE = "/data/access_token/nativetoken.json"; +const std::string NATIVE_TOKEN_CONFIG_FILE = "/data/service/el0/access_token/nativetoken.json"; constexpr int MAX_NATIVE_CONFIG_FILE_SIZE = 5 * 1024 * 1024; // 5M constexpr size_t BUFFER_SIZE = 1024; class NativeTokenReceptor final { diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index 8bb01fd82..d5ee4ac8e 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -105,7 +105,7 @@ int NativeTokenReceptor::ReadCfgFile(std::string& nativeRawData) { int32_t fd = open(NATIVE_TOKEN_CONFIG_FILE.c_str(), O_RDONLY); if (fd < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: open failed.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: open failed errno %{public}d.", __func__, errno); return RET_FAILED; } struct stat statBuffer; -- Gitee From a3746adf760721c3db124dae1e17c7516beda48d Mon Sep 17 00:00:00 2001 From: lsq Date: Tue, 25 Jan 2022 20:42:50 +0800 Subject: [PATCH 32/51] update test Change-Id: I817210f2232dbd6c8cf974ab35f832e81831e03f Signed-off-by: lsq --- .../unittest/src/nativetoken_kit_test.cpp | 42 ++----------------- 1 file changed, 4 insertions(+), 38 deletions(-) diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index 3320426c3..74b986ccf 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -34,7 +34,6 @@ void TokenLibKitTest::TearDownTestCase() void TokenLibKitTest::SetUp() { g_isNativeTokenInited = 0; - (void)remove(TOKEN_ID_CFG_FILE_PATH); } void TokenLibKitTest::TearDown() @@ -221,15 +220,11 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) HWTEST_F(TokenLibKitTest, GetAccessTokenId006, TestSize.Level1) { uint64_t tokenID; - NativeAtIdEx *tokenIdEx = (NativeAtIdEx *)(&tokenID); tokenID = Start("GetAccessTokenId006"); - - int ret = strcmp("GetAccessTokenId006", g_tokenListHead->next->processName); - ASSERT_EQ(ret, 0); - ASSERT_EQ(tokenIdEx->tokenId, g_tokenListHead->next->tokenId); + ASSERT_NE(tokenID, 0); char *fileBuff = nullptr; - ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); + int ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, ATRET_SUCCESS); string s = "GetAccessTokenId006"; char *pos = strstr(fileBuff, s.c_str()); @@ -271,33 +266,6 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) */ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) { - char *fileBuff = nullptr; - int ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); - ASSERT_EQ(ret, 0); - if (fileBuff != nullptr) { - char *pos = strstr(fileBuff, "process1"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process2"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process3"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process4"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process5"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process6"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process7"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process8"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "process9"); - ASSERT_EQ(pos, nullptr); - pos = strstr(fileBuff, "foundation"); - ASSERT_EQ(pos, nullptr); - free(fileBuff); - } - Start("process1"); Start("process2"); Start("process3"); @@ -315,9 +283,9 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) Start("process18"); Start("process19"); - ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); + char *fileBuff = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); ASSERT_EQ(ret, 0); - GTEST_LOG_(INFO) << "fileBuff" << fileBuff; char *pos = strstr(fileBuff, "process1"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process2"); @@ -336,7 +304,5 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process9"); ASSERT_NE(pos, nullptr); - pos = strstr(fileBuff, "foundation"); - ASSERT_NE(pos, nullptr); free(fileBuff); } -- Gitee From 53054d278e12b8520931f8fea27a79e8d6d3af51 Mon Sep 17 00:00:00 2001 From: jiang-xiaofeng Date: Wed, 26 Jan 2022 10:50:02 +0800 Subject: [PATCH 33/51] upload dynamic diag to set permission Signed-off-by: jiang-xiaofeng Signed-off-by: jiang-xiaofeng --- .../build.gradle | 12 +- .../.gitignore | 21 - .../common/components/alphabeticalIndex.ets | 61 -- .../ets/default/common/components/backBar.ets | 73 -- .../common/model/authorityManagementList.ets | 37 - .../ets/default/common/model/categoryList.ets | 27 - .../default/common/model/definePermission.ets | 753 ------------------ .../ets/default/common/model/mediaDocList.ets | 25 - .../default/common/model/permissionGroup.ets | 59 -- .../main/ets/default/pages/app-name-plus.ets | 230 ------ .../src/main/ets/default/pages/app-name.ets | 168 ---- .../default/pages/authority-management.ets | 271 ------- .../src/main/ets/default/pages/calendar.ets | 116 --- .../src/main/ets/default/pages/dialogPlus.ets | 135 ---- .../main/ets/default/pages/location-info.ets | 172 ---- .../ets/default/pages/media-documents.ets | 183 ----- .../ets/default/pages/other-permissions.ets | 118 --- .../pages/permission-access-record.ets | 198 ----- .../resources/ar/properties/string.json | 14 - .../resources/dark/properties/string.json | 7 - .../resources/default/media/icon_actived.png | Bin 1671 -> 0 bytes .../resources/default/media/icon_normal.png | Bin 1107 -> 0 bytes .../resources/default/properties/string.json | 19 - .../resources/en/properties/string.json | 14 - .../resources/light/properties/string.json | 7 - .../resources/zh/properties/string.json | 14 - .../src/main/resources/base/media/51cto.png | Bin 15573 -> 0 bytes .../src/main/resources/base/media/aiqiyi.png | Bin 8210 -> 0 bytes .../src/main/resources/base/media/anquan.png | Bin 6146 -> 0 bytes .../resources/base/media/baiduwangpan.png | Bin 7893 -> 0 bytes .../src/main/resources/base/media/beifen.png | Bin 4730 -> 0 bytes .../main/resources/base/media/beiwanglu.png | Bin 19983 -> 0 bytes .../main/resources/base/media/bilibili.png | Bin 6830 -> 0 bytes .../main/resources/base/media/calendar.png | Bin 2862 -> 0 bytes .../src/main/resources/base/media/cunchu.png | Bin 2227 -> 0 bytes .../src/main/resources/base/media/dianchi.png | Bin 3942 -> 0 bytes .../main/resources/base/media/downarrow.png | Bin 720 -> 0 bytes .../main/resources/base/media/gaodeditu.png | Bin 4160 -> 0 bytes .../main/resources/base/media/jiankang.png | Bin 4001 -> 0 bytes .../src/main/resources/base/media/left.png | Bin 1070 -> 0 bytes .../main/resources/base/media/maikefeng.png | Bin 8041 -> 0 bytes .../src/main/resources/base/media/phone.png | Bin 8732 -> 0 bytes .../src/main/resources/base/media/photo.png | Bin 9234 -> 0 bytes .../src/main/resources/base/media/qq.png | Bin 6144 -> 0 bytes .../src/main/resources/base/media/record.png | Bin 7877 -> 0 bytes .../main/resources/base/media/rightarrow.png | Bin 1058 -> 0 bytes .../src/main/resources/base/media/search.png | Bin 1147 -> 0 bytes .../main/resources/base/media/shengyin.png | Bin 3578 -> 0 bytes .../src/main/resources/base/media/shezhi.png | Bin 15118 -> 0 bytes .../src/main/resources/base/media/shibie.png | Bin 7640 -> 0 bytes .../resources/base/media/tengxunshipin.png | Bin 13394 -> 0 bytes .../main/resources/base/media/tongxunlu.png | Bin 5551 -> 0 bytes .../src/main/resources/base/media/tongzhi.png | Bin 5943 -> 0 bytes .../src/main/resources/base/media/uparrow.png | Bin 730 -> 0 bytes .../src/main/resources/base/media/weixin.png | Bin 9388 -> 0 bytes .../main/resources/base/media/yingyong.png | Bin 2130 -> 0 bytes .../src/main/resources/base/media/yinsi.png | Bin 3620 -> 0 bytes .../main/resources/base/media/yuncunchu.png | Bin 8559 -> 0 bytes .../main/resources/base/media/zhifubao.png | Bin 8091 -> 0 bytes .../settings.gradle | 1 - .../entry/.gitignore | 0 .../entry/build.gradle | 0 .../entry/proguard-rules.pro | 1 + .../entry/src/main/config.json | 45 +- .../entry/src/main/ets/default/app.ets | 0 .../src/main/ets/default/pages/index.ets} | 17 +- .../ohos/permissionmanager/MainAbility.java | 16 + .../ohos/permissionmanager/MyApplication.java | 10 + .../main/resources/base/element/string.json | 12 + .../src/main/resources/base/media/icon.png | Bin .../src/ohosTest/ets/default/app.ets} | 16 +- .../src/ohosTest/ets/default/i18n/en-US.json | 8 + .../src/ohosTest/ets/default/i18n/zh-CN.json | 8 + .../ets/default/pages/index/index.ets} | 76 +- .../ohosTest/ets/test/ExampleJsunit.test.ets} | 33 +- .../src/ohosTest/ets/test/List.test.ets} | 11 +- .../permissionmanager/ExampleOhosTest.java | 14 + .../resources/base/element/string.json | 12 + .../ohosTest/resources/base/media/icon.png | Bin 0 -> 6790 bytes .../gradle.properties | 3 +- .../gradlew | 204 ++--- .../gradlew.bat | 0 .../entry => }/package.json | 0 .../permissionmanager/.gitignore | 2 + .../permissionmanager/build.gradle | 28 + .../permissionmanager/proguard-rules.pro | 1 + .../permissionmanager/src/main/config.json | 75 ++ .../src/main/ets/default/app.ets | 23 + .../src/main/ets/dynamic/app.ets | 23 + .../ets/dynamic}/common/components/dialog.ets | 169 ++-- .../main/ets/dynamic/common/model/bundle.ets} | 40 +- .../dynamic/common/model/permissionGroup.ets | 335 ++++++++ .../main/ets/dynamic}/common/utils/utils.ets | 9 + .../src/main/ets/dynamic/pages/dialogPlus.ets | 67 ++ .../ohos/permissionmanager/MainAbility.java | 17 + .../ohos/permissionmanager/MyApplication.java | 10 + .../main/resources/base/element/color.json | 0 .../main/resources/base/element/string.json | 24 + .../resources/base/media/ic_call_logs.svg | 0 .../main/resources/base/media/ic_dropzone.svg | 0 .../main/resources/base/media/ic_exercise.svg | 0 .../main/resources/base/media/ic_forward.svg | 0 .../src/main/resources/base/media/ic_more.svg | 0 .../main/resources/base/media/ic_nearby.svg | 0 .../base/media/ic_public_calendar.svg | 0 .../resources/base/media/ic_public_camera.svg | 0 .../base/media/ic_public_contacts_group.svg | 0 .../resources/base/media/ic_public_folder.svg | 0 .../resources/base/media/ic_public_gps.svg | 0 .../base/media/ic_public_message.svg | 0 .../resources/base/media/ic_public_phone.svg | 0 .../resources/base/media/ic_public_voice.svg | 0 .../main/resources/base/media/ic_sport.svg | 0 .../main/resources/base/media/ic_ssensor.svg | 0 .../base/media/in_app_installations.svg | 0 .../base/media/noinstallationpackage.svg | 0 .../resources/base/media/nopermission.svg | 0 .../resources/base/media/searchnoresult.svg | 0 .../src/ohosTest/ets/default/app.ets | 26 + .../src/ohosTest/ets/default/i18n/en-US.json | 8 + .../src/ohosTest/ets/default/i18n/zh-CN.json | 8 + .../ets/default/pages/index/index.ets | 64 ++ .../ohosTest/ets/test/ExampleJsunit.test.ets | 27 + .../src/ohosTest/ets/test/List.test.ets | 20 + .../permissionmanager/ExampleOhosTest.java | 14 + .../resources/base/element/string.json | 12 + .../ohosTest/resources/base/media/icon.png | Bin 0 -> 6790 bytes .../settings.gradle | 1 + 128 files changed, 1176 insertions(+), 3048 deletions(-) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/build.gradle (65%) delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/anquan.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beiwanglu.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/bilibili.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/calendar.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/cunchu.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/downarrow.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/left.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/maikefeng.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/photo.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/record.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/search.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shezhi.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/weixin.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yingyong.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png delete mode 100644 frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/settings.gradle rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/entry/.gitignore (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/entry/build.gradle (100%) create mode 100644 frameworks/com.ohos.permissionmanager/entry/proguard-rules.pro rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/entry/src/main/config.json (48%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/entry/src/main/ets/default/app.ets (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionAccessRecordList.ets => entry/src/main/ets/default/pages/index.ets} (59%) create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/main/java/com/ohos/permissionmanager/MainAbility.java create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/main/java/com/ohos/permissionmanager/MyApplication.java create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/main/resources/base/element/string.json rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/entry/src/main/resources/base/media/icon.png (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/otherPermissionsList.ets => entry/src/ohosTest/ets/default/app.ets} (68%) create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/default/i18n/en-US.json create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/default/i18n/zh-CN.json rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/search.ets => entry/src/ohosTest/ets/default/pages/index/index.ets} (30%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets => entry/src/ohosTest/ets/test/ExampleJsunit.test.ets} (52%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets => entry/src/ohosTest/ets/test/List.test.ets} (52%) create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/element/string.json create mode 100644 frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/media/icon.png rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/gradle.properties (91%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/gradlew (39%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility => }/gradlew.bat (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => }/package.json (100%) create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/.gitignore create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/build.gradle create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/proguard-rules.pro create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/default/app.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/app.ets rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default => permissionmanager/src/main/ets/dynamic}/common/components/dialog.ets (42%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets => permissionmanager/src/main/ets/dynamic/common/model/bundle.ets} (49%) create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default => permissionmanager/src/main/ets/dynamic}/common/utils/utils.ets (66%) create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MainAbility.java create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MyApplication.java rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/element/color.json (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/element/string.json (68%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_call_logs.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_dropzone.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_exercise.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_forward.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_more.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_nearby.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_calendar.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_camera.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_contacts_group.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_folder.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_gps.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_message.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_phone.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_public_voice.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_sport.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/ic_ssensor.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/in_app_installations.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/noinstallationpackage.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/nopermission.svg (100%) rename frameworks/com.ohos.permissionmanager/{com.ohos.permissionmanager.MainAbility/entry => permissionmanager}/src/main/resources/base/media/searchnoresult.svg (100%) create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/app.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/en-US.json create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/zh-CN.json create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/pages/index/index.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/ExampleJsunit.test.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/List.test.ets create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/element/string.json create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/media/icon.png create mode 100644 frameworks/com.ohos.permissionmanager/settings.gradle diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle b/frameworks/com.ohos.permissionmanager/build.gradle similarity index 65% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle rename to frameworks/com.ohos.permissionmanager/build.gradle index 1a5f01714..d867e2f57 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/build.gradle +++ b/frameworks/com.ohos.permissionmanager/build.gradle @@ -5,13 +5,13 @@ apply plugin: 'com.huawei.ohos.app' ohos { signingConfigs { release { - storeFile file('D:\\myKey\\myApplication.p12') - storePassword '00000019158AC866FF55373F18ED315DEED8BB1B9C4423EEA7DA65E15E2C670DCF82991936587199A8' - keyAlias = 'fcx_app' - keyPassword '000000194B2CB7E4FF552AC3A6435D0061BD7A5A5357AECE4EDAD989D1B61DFEF758FCAB0B9DAADD63' + storeFile file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.p12') + storePassword '0000001AA260E03E4EFC6DAE11257137D057327B7D76708207E97F857840A6BB0C3E2EDEBC8175EFE2D7' + keyAlias = 'zhouyan' + keyPassword '0000001ABE41800D8041F8025A346900B00C8D44BE5145EADC3F6C769D4F24BA17CD120C388C3E21659E' signAlg = 'SHA256withECDSA' - profile file('D:\\myKey\\myApplication_ohos_Provision.p7b') - certpath file('D:\\myKey\\myApplication_ohos.cer') + profile file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.p7b') + certpath file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.cer') } } compileSdkVersion 7 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore deleted file mode 100644 index b297692be..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/.gitignore +++ /dev/null @@ -1,21 +0,0 @@ -*.iml -.gradle -/local.properties -/.idea/caches -/.idea/libraries -/.idea/modules.xml -/.idea/workspace.xml -/.idea/navEditor.xml -/.idea/assetWizardSettings.xml -.DS_Store -/build -/captures -.externalNativeBuild -/entry/.preview -.cxx -/node_modules -**/.gradle -**/.idea - -/.idea/previewer/phone/ -/.idea/previewer/previewConfigV2.json diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets deleted file mode 100644 index 98e91a0d4..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/alphabeticalIndex.ets +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { applicationListItem } from "../model/authorityManagementList.ets" - -@Component -export struct alphabetIndexerComponent { - @State alphabeticalIndex: number = 0 - @Prop page: string - @Link applicationList: any[] - private value: string[] = ['#', '☆', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'] - filterData(index) { - this.alphabeticalIndex = index - if (index === 0 || index === 1) { - this.applicationList = applicationListItem - } - else { - this.applicationList = applicationListItem.filter((item) => { - return item.alphabeticalIndex === this.value[index] - }) - } - } - - build() { - Flex({ justifyContent: FlexAlign.Start }) { - AlphabetIndexer({ ArrayValue: this.value, selected: this.alphabeticalIndex }) - .selectedColor(0xffffff) // 选中颜色 - .popupColor(0xFFFAF0) // 弹出框颜色 - .selectedBackgroundColor(0xCCCCCC) // 选中背景颜色 - .popupBackground(0xD2B48C) // 弹出框背景颜色 - .usingPopup(true) // 是否显示弹出框 - .selectedFont({ size: 12, weight: FontWeight.Bolder }) // 选中的样式 - .popupFont({ size: 30, weight: FontWeight.Bolder }) // 弹出框的演示 - .itemSize(16) // 每一项的大小正方形 - .alignStyle(IndexerAlign.Left) // 左对齐 - .onSelected((index: number) => { - if (this.page === 'location-info') { - this.filterData(index) - } - if (this.page === 'authority-management') { - this.filterData(index) - } - console.info(this.value[index] + '被选中了') // 选中的事件 - }) - .height(448) - .width(24) - } - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets deleted file mode 100644 index cb999982b..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/backBar.ets +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import router from '@system.router' - -@Component -export struct backBar { - @Prop title: string - - build() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - if (this.title == JSON.stringify($r('app.string.privacy'))) { - Text($r('app.string.privacy')) - .fontColor($r('app.color.title_text_color')) - .fontSize("20fp") - .margin({ - left: "15vp", - right: "24vp", - top: "17vp" - }) - } else { - Image($r('app.media.left')) - .objectFit(ImageFit.Contain) - .height(24) - .width(24) - .margin({ - top: "17vp", - left: "24vp", - right: "15vp" - }) - .onClick(() => { - router.back() - }) - Text(JSON.parse(this.title)) - .fontColor($r('app.color.title_text_color')) - .fontSize(20) - .flexGrow(1) - .margin({ top: "17vp" }) - if (false) { - Image($r('app.media.record')) - .objectFit(ImageFit.Contain) - .height(25) - .width(25) - .margin({ - right: "15vp", - top: "17vp" - }) - .onClick(() => { - router.push({ uri: "pages/permission-access-record" }) - }) - } - } - } - } - .height(56) - .constraintSize({ minHeight: "56vp" }) - .alignItems(HorizontalAlign.Start) - .backgroundColor($r('app.color.background_color')) - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets deleted file mode 100644 index f24fa36e9..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/authorityManagementList.ets +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const authorityListItem: any[] = [ - { 'name': '位置信息', 'index': 1, 'image': $r('app.media.ic_public_gps'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '相机', 'index': 2, 'image': $r('app.media.ic_public_camera'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '麦克风', 'index': 3, 'image': $r('app.media.ic_public_voice'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, -] -export const messageListItem: any[] = [ - { 'name': '媒体和文件', 'index': 1, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '日历', 'index': 2, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '健身运动', 'index': 3, 'image': $r('app.media.ic_sport'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '身体传感器', 'index': 4, 'image': $r('app.media.ic_ssensor'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '多设备协同', 'index': 5, 'image': $r('app.media.ic_dropzone'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } -] -export const applicationListItem: any[] = [ - { 'name': '备忘录', 'index': 1, 'image': $r('app.media.beiwanglu'), 'message': '6项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'B' }, - { 'name': '拨号权限', 'index': 2, 'image': $r('app.media.phone'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'B' }, - { 'name': '电子邮件', 'index': 3, 'image': $r('app.media.baiduwangpan'), 'message': '1项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'D' }, - { 'name': '华为视频', 'index': 4,'image': $r('app.media.bilibili'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'H' }, - { 'name': '联系人', 'index': 5, 'image': $r('app.media.tongxunlu'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'L' }, - { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'R' }, - { 'name': '手机管家', 'index': 7, 'image': $r('app.media.weixin'), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'S' }, - { 'name': '图库', 'index': 8, 'image': $r("app.media.photo"), 'message': '5项权限', 'icon': $r('app.media.rightarrow'), alphabeticalIndex: 'T' } -] diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets deleted file mode 100644 index bbeb6f392..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/categoryList.ets +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const categoryListItem: any[] = [ - { 'name': '声音和振动', 'index': 1, 'image': $r('app.media.shengyin'), 'icon': $r('app.media.rightarrow') }, - { 'name': '通知', 'index': 2, 'image': $r('app.media.tongzhi'), 'icon': $r('app.media.rightarrow') }, - { 'name': '生物识别', 'index': 3, 'image': $r('app.media.shibie'), 'icon': $r('app.media.rightarrow') }, - { 'name': '应用和服务', 'index': 4,'image': $r('app.media.yingyong'), 'icon': $r('app.media.rightarrow') }, - { 'name': '电池', 'index': 5, 'image': $r('app.media.dianchi'), 'icon': $r('app.media.rightarrow') }, - { 'name': '存储', 'index': 6, 'image': $r('app.media.cunchu'), 'icon': $r('app.media.rightarrow') }, - { 'name': '安全', 'index': 7, 'image': $r('app.media.anquan'), 'icon': $r('app.media.rightarrow') }, - { 'name': '隐私', 'index': 8, 'image': $r('app.media.yinsi'), 'icon': $r('app.media.rightarrow') }, - { 'name': '平板健康', 'index': 9, 'image': $r('app.media.jiankang'), 'icon': $r('app.media.rightarrow') }, - { 'name': '应用设置', 'index': 10, 'image': $r('app.media.shezhi'), 'icon': $r('app.media.rightarrow') } -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets deleted file mode 100644 index 3ec8b5776..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/definePermission.ets +++ /dev/null @@ -1,753 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const definePermissions: any[] = [ - { - "name": "ohos.permission.ANSWER_CALL", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_answer_call", - "description": "$string:ohos_desc_answer_call" - }, - { - "name": "ohos.permission.USE_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.DISCOVER_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_BLUETOOTH", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INTERNET", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_internet", - "description": "$string:ohos_desc_internet" - }, - { - "name": "ohos.permission.MODIFY_AUDIO_SETTINGS", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_modify_audio_settings", - "description": "$string:ohos_desc_modify_audio_settings" - }, - { - "name": "ohos.permission.READ_CALENDAR", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_calendar", - "description": "$string:ohos_desc_read_calendar" - }, - { - "name": "ohos.permission.READ_CALL_LOG", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_call_log", - "description": "$string:ohos_desc_read_call_log" - }, - { - "name": "ohos.permission.READ_CELL_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_cell_messages", - "description": "$string:ohos_desc_read_cell_messages" - }, - { - "name": "ohos.permission.READ_CONTACTS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_contacts", - "description": "$string:ohos_desc_read_contacts" - }, - { - "name": "ohos.permission.GET_TELEPHONY_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_telephony_state", - "description": "$string:ohos_desc_get_telephony_state" - }, - { - "name": "ohos.permission.READ_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_messages", - "description": "$string:ohos_desc_read_messages" - }, - { - "name": "ohos.permission.RECEIVE_MMS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_mms", - "description": "$string:ohos_desc_receive_mms" - }, - { - "name": "ohos.permission.RECEIVE_SMS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_sms", - "description": "$string:ohos_desc_receive_sms" - }, - { - "name": "ohos.permission.RECEIVE_WAP_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_receive_wap_messages", - "description": "$string:ohos_desc_receive_wap_messages" - }, - { - "name": "ohos.permission.MICROPHONE", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_microphone", - "description": "$string:ohos_desc_microphone" - }, - { - "name": "ohos.permission.SEND_MESSAGES", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_send_messages", - "description": "$string:ohos_desc_send_messages" - }, - { - "name": "ohos.permission.WRITE_CALENDAR", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_calendar", - "description": "$string:ohos_desc_write_calendar" - }, - { - "name": "ohos.permission.WRITE_CALL_LOG", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_call_log", - "description": "$string:ohos_desc_write_call_log" - }, - { - "name": "ohos.permission.WRITE_CONTACTS", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_write_contacts", - "description": "$string:ohos_desc_write_contacts" - }, - { - "name": "ohos.permission.DISTRIBUTED_DATASYNC", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_distributed_datasync", - "description": "$string:ohos_desc_distributed_datasync" - }, - { - "name": "ohos.permission.MANAGE_VOICEMAIL", - "grantMode": "user_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_manage_voicemail", - "description": "$string:ohos_desc_manage_voicemail" - }, - { - "name": "ohos.permission.REQUIRE_FORM", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.LOCATION_IN_BACKGROUND", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_location_in_background", - "description": "$string:ohos_desc_location_in_background" - }, - { - "name": "ohos.permission.LOCATION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_location", - "description": "$string:ohos_desc_location" - }, - { - "name": "ohos.permission.MEDIA_LOCATION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_media_location", - "description": "$string:ohos_desc_media_location" - }, - { - "name": "ohos.permission.GET_NETWORK_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_network_info", - "description": "$string:ohos_desc_get_network_info" - }, - { - "name": "ohos.permission.PLACE_CALL", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_place_call", - "description": "$string:ohos_desc_place_call" - }, - { - "name": "ohos.permission.CAMERA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_camera", - "description": "$string:ohos_desc_camera" - }, - { - "name": "ohos.permission.SET_NETWORK_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_network_info", - "description": "$string:ohos_desc_set_network_info" - }, - { - "name": "ohos.permission.REMOVE_CACHE_FILES", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.READ_MEDIA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_read_media", - "description": "$string:ohos_desc_read_media" - }, - { - "name": "ohos.permission.REBOOT", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.RUNNING_LOCK", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.WRITE_MEDIA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_write_media", - "description": "$string:ohos_desc_write_media" - }, - { - "name": "com.huawei.permission.DISTRIBUTED_VIRTUALDEVICE", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_distributed_virtualdevice", - "description": "$string:ohos_desc_distributed_virtualdevice" - }, - { - "name": "ohos.permission.ENROLL_BIOMETRIC", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_enroll_biometric", - "description": "$string:ohos_desc_enroll_biometric" - }, - { - "name": "ohos.permission.ACCESS_BIOMETRIC", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_access_biometric", - "description": "$string:ohos_desc_access_biometric" - }, - { - "name": "ohos.permission.ACCESS_BIOMETRIC_INTERNAL", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_access_biometric_internal", - "description": "$string:ohos_desc_access_biometric_internal" - }, - { - "name": "ohos.permission.RESET_BIOMETRIC_LOCKOUT", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": false, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_reset_biometric_lockout", - "description": "$string:ohos_desc_reset_biometric_lockout" - }, - { - "name": "ohos.permission.SET_TIME", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_time", - "description": "$string:ohos_desc_set_time" - }, - { - "name": "ohos.permission.SET_TIME_ZONE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_time_zone", - "description": "$string:ohos_desc_set_time_zone" - }, - { - "name": "ohos.permission.DOWNLOAD_SESSION_MANAGER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_download_session_manager", - "description": "$string:ohos_desc_download_session_manager" - }, - { - "name": "ohos.permission.COMMONEVENT_STICKY", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": true, - "label": "$string:ohos_lab_commonevent_sticky", - "description": "$string:ohos_desc_commonevent_sticky" - }, - { - "name": "ohos.permission.SYSTEM_FLOAT_WINDOW", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.POWER_MANAGER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REFRESH_USER_ACTION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.POWER_OPTIMIZATION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REBOOT_RECOVERY", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_LOCAL_ACCOUNTS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_manage_local_accounts", - "description": "$string:ohos_desc_manage_local_accounts" - }, - { - "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_interact_across_local_accounts", - "description": "$string:ohos_desc_interact_across_local_accounts" - }, - { - "name": "ohos.permission.VIBRATE", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_vibrate", - "description": "$string:ohos_desc_vibrate" - }, - { - "name": "ohos.permission.ACTIVITY_MOTION", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_activity_motion", - "description": "$string:ohos_desc_activity_motion" - }, - { - "name": "ohos.permission.READ_HEALTH_DATA", - "grantMode": "user_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_read_health_data", - "description": "$string:ohos_desc_read_health_data" - }, - { - "name": "ohos.permission.CONNECT_IME_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_connect_ime_ability", - "description": "$string:ohos_desc_connect_ime_ability" - }, - { - "name": "ohos.permission.CONNECT_SCREEN_SAVER_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.READ_SCREEN_SAVER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.WRITE_SCREEN_SAVER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.SET_WALLPAPER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_wallpaper", - "description": "$string:ohos_desc_set_wallpaper" - }, - { - "name": "ohos.permission.GET_WALLPAPER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_get_wallpaper", - "description": "$string:ohos_desc_get_wallpaper" - }, - { - "name": "ohos.permission.CHANGE_ABILITY_ENABLED_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.ACCESS_MISSIONS", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.CLEAN_BACKGROUND_PROCESSES", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.KEEP_BACKGROUND_RUNNING", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.UPDATE_CONFIGURATION", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_interact_across_local_accounts_extension", - "description": "$string:ohos_desc_interact_across_local_accounts_extension" - }, - { - "name": "ohos.permission.LISTEN_BUNDLE_CHANGE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.ACCELEROMETER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_accelerometer", - "description": "$string:ohos_desc_accelerometer" - }, - { - "name": "ohos.permission.GYROSCOPE", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_gyroscope", - "description": "$string:ohos_desc_gyroscope" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.INSTALL_BUNDLE", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_SHORTCUTS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.radio.ACCESS_FM_AM", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.SET_TELEPHONY_STATE", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_set_telephony_state", - "description": "$string:ohos_desc_set_telephony_state" - }, - { - "name": "ohos.permission.START_ABILIIES_FROM_BACKGROUND", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.BUNDLE_ACTIVE_INFO", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_bundle_active_info", - "description": "$string:ohos_desc_bundle_active_info" - }, - { - "name": "ohos.permission.START_INVISIBLE_ABILITY", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.sec.ACCESS_UDID", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.LAUNCH_DATA_PRIVACY_CENTER", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_MEDIA_RESOURCES", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.PUBLISH_AGENT_REMINDER", - "grantMode": "system_grant", - "availableScope": "normal", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_publish_agent_reminder", - "description": "$string:ohos_desc_publish_agent_reminder" - }, - { - "name": "ohos.permission.CONTROL_TASK_SYNC_ANIMATOR", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_control_task_sync_animator", - "description": "$string:ohos_desc_control_task_sync_animator" - }, - { - "name": "ohos.permission.INPUT_MONITORING", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.MANAGE_MISSIONS", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false - }, - { - "name": "ohos.permission.NOTIFICATION_CONTROLLER", - "grantMode": "system_grant", - "availableScope": "system_core", - "provisionEnable": true, - "distributedSceneEnable": false, - "label": "$string:ohos_lab_notification_controller", - "description": "$string:ohos_desc_notification_controller" - }, - { - "name": "ohos.permission.CONNECTIVITY_INTERNAL", - "grantMode": "system_grant", - "availableScope": "system_basic", - "provisionEnable": true, - "distributedSceneEnable": false - } -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets deleted file mode 100644 index 6bcb6341f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/mediaDocList.ets +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const mediaDocListItem: any[] = [ - { 'name': '允许', 'index': 1, groupName: 'radio' }, - { 'name': '禁止', 'index': 2, groupName: 'radio' } -] -export const mediaListItem: any[] = [ - { 'name': '相机', 'index': 2, 'image': $r('app.media.ic_public_camera'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '麦克风', 'index': 3, 'image': $r('app.media.ic_public_voice'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '媒体和文件', 'index': 5, 'image': $r('app.media.ic_public_folder'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' }, - { 'name': '日历', 'index': 6, 'image': $r('app.media.ic_public_calendar'), 'icon': $r('app.media.rightarrow'), version: '1.1.1', use: '用途001' } -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets deleted file mode 100644 index e37aabf77..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/permissionGroup.ets +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -export const permissionGroups: any[] = [ - { 'name': 'ohos.permission.READ_CALENDAR', "group": "CALENDAR"}, - { 'name': 'ohos.permission.WRITE_CALENDAR', "group": "CALENDAR"}, - { 'name': 'ohos.permission.READ_CALL_LOG', "group": "CALL_LOG"}, - { 'name': 'ohos.permission.WRITE_CALL_LOG', "group": "CALL_LOG"}, - { 'name': 'ohos.permission.READ_CONTACTS', "group": "CONTACTS"}, - { 'name': 'ohos.permission.WRITE_CONTACTS', "group": "CONTACTS"}, - { 'name': 'ohos.permission.ANSWER_CALL', "group": "PHONE"}, - { 'name': 'ohos.permission.MANAGE_VOICEMAIL', "group": "PHONE"}, - { 'name': 'ohos.permission.READ_CELL_MESSAGES', "group": "SMS"}, - { 'name': 'ohos.permission.READ_MESSAGES', "group": "SMS"}, - { 'name': 'ohos.permission.RECEIVE_MMS', "group": "SMS"}, - { 'name': 'ohos.permission.RECEIVE_SMS', "group": "SMS"}, - { 'name': 'ohos.permission.RECEIVE_WAP_MESSAGES', "group": "SMS"}, - { 'name': 'ohos.permission.SEND_MESSAGES', "group": "SMS"}, -] - -export const groups: any[] = [ - { 'name': 'CALENDAR', - "permissions": ["ohos.permission.READ_CALENDAR", 'ohos.permission.WRITE_CALENDAR'], - "groupName": '日历', - "description": '访问日历和活动' - }, - { 'name': 'CALL_LOG', - "permissions": ["ohos.permission.READ_CALL_LOG", 'ohos.permission.WRITE_CALL_LOG'], - "groupName": '通话记录', - "description": '读取和写入手机通话记录' - }, - { 'name': 'CONTACTS', - "permissions": ["ohos.permission.READ_CONTACTS", 'ohos.permission.WRITE_CONTACTS'], - "groupName": '通讯录', - "description": '访问您的通讯录' - }, - { 'name': 'PHONE', - "permissions": ["ohos.permission.ANSWER_CALL", 'ohos.permission.MANAGE_VOICEMAIL'], - "groupName": '电话', - "description": '拨打电话和管理通话' - }, - { 'name': 'SMS', - "permissions": ["ohos.permission.READ_CELL_MESSAGES", 'ohos.permission.READ_MESSAGES', 'ohos.permission.RECEIVE_MMS', 'ohos.permission.RECEIVE_SMS', 'ohos.permission.RECEIVE_WAP_MESSAGES', 'ohos.permission.SEND_MESSAGES'], - "groupName": '短信', - "description": '发送和查看短信' - }, -] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets deleted file mode 100644 index a410d7466..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name-plus.ets +++ /dev/null @@ -1,230 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { backBar } from "../common/components/backBar.ets" -import { allowedListItem, bannedListItem } from "../common/model/appNameList.ets" -import router from '@system.router' - -@Entry -@Component -struct appNamePlusPage { - private routerData = router.getParams().routerData - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({ title: JSON.stringify(this.routerData.name) }) - } - Row() { - Column() { - Scroll() { - appNameItem({ - allowedListItem: allowedListItem, - bannedListItem: bannedListItem, - // buttonListItem: buttonListItem - }) - } - }.width('100%') - }.layoutWeight(1).width("100%") - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct appNameItem { - private routerData = router.getParams().routerData - private allowedListItem: any[] - private bannedListItem: any[] -// private buttonListItem: any[] - @State text: string = '' - @State fontColor: string = '' - - build() { - Row() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text($r('app.string.allowed')) - .fontSize(14) - .margin({ top: 19.5, left: 48 }) - } - } - Row() { - List() { - ForEach(this.allowedListItem, (item) => { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Column() { - if(item.permission != ''){ - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - } - }.margin({ top: 8 }) - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text(item.permission) - .fontSize(14) - .fontColor($r('app.color.icon_color')) - } - }.margin({ bottom: 8 }) - }else{ - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - }.margin({ top: 8, bottom: 8 }) - }.height('100%') - } - - }.flexGrow(1).constraintSize({ minHeight: "48vp" }) - Image($r('app.media.rightarrow')) - .objectFit(ImageFit.Contain) - .height(24) - .width(12) - } - .width('100%') - .height(48) - } - if (item.index !== this.allowedListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - router.push({ - uri: 'pages/media-documents', - params: { routerData: item} - }) - }) - } - }.padding({ left: 24, right: 24 }) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 9 }).padding({ left: 24, right: 24 }) - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text($r('app.string.banned')) - .fontSize(14) - .margin({ top: 19.5, left: 48 }) - } - } - Row() { - List() { - ForEach(this.bannedListItem, (item) => { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Image($r('app.media.rightarrow')) - .objectFit(ImageFit.Contain) - .height(24) - .width(12) - } - .width('100%') - .height(48) - } - if (item.index !== this.bannedListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - router.push({ - uri: 'pages/media-documents', - params: { routerData: item } - }) - }) - } - }.padding({ left: 24, right: 24 }) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 9 }).padding({ left: 24, right: 24 }) - Row() { -// if(this.buttonListItem[0]['name'] !== 'disabled' ) { -// Button('查看所有权限', { type: ButtonType.Capsule, stateEffect: false }) -// .fontColor($r('app.color.icon_color')) -// .backgroundColor($r('app.color.background_color')) -// .width(90) -// }else{ - Button('查看所有权限', { type: ButtonType.Capsule, stateEffect: true }) - .fontColor($r('app.color.button_color')) - .backgroundColor($r('app.color.background_color')) - .width(90).height(48) - .onTouch((event: TouchEvent) => { - if (event.type === TouchType.Down) { - } - if (event.type === TouchType.Up) { - router.push({ - uri: 'pages/app-name', - params: { routerData: this.routerData.name } - }) - } - if (event.type === TouchType.Move) { - if(event.touches[0].x < 0 || event.touches[0].x > 90 || event.touches[0].y > 0 || event.touches[0].y > 48) { - this.fontColor = $r('app.color.icon_color') + '' - } - } - }) -// } - }.margin({top:16}) - } - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets deleted file mode 100644 index f26f8e8f6..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/app-name.ets +++ /dev/null @@ -1,168 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { backBar } from "../common/components/backBar.ets" -import { calendarListItem, dynamicListItem } from "../common/model/appNameList.ets" -import router from '@system.router' -@Entry -@Component -struct appNamePage { - private routerData = router.getParams().routerData - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({ title: JSON.stringify(this.routerData) }) - } - Row() { - Column() { - Scroll() { - appNameItem({ - calendarListItem: calendarListItem, - dynamicListItem: dynamicListItem - }) - } - } - }.layoutWeight(1).width("100%") - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct appNameItem { - private calendarListItem: any[] - private dynamicListItem: any[] - - build() { - Row() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text($r('app.string.calendar')) - .fontSize(14) - .margin({ top: 19.5, left: 48 }) - } - } - Row() { - List() { - ForEach(this.calendarListItem, (item) => { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Toggle({ type: ToggleType.Switch, isOn: true }) - .selectedColor($r('app.color.toggle_color')) - .width(36) - .height(20) - .onChange((isOn: boolean) => { - }) - } - .width('100%') - .height(48) - } - if (item.index !== this.calendarListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - }) - } - }.padding({ left: 24, right: 24 }) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 9 }).padding({ left: 24, right: 24 }) - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text('xxx') - .fontSize(14) - .margin({ top: 19.5, left: 48 }) - } - } - Row() { - List() { - ForEach(this.dynamicListItem, (item) => { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Toggle({ type: ToggleType.Switch, isOn: true }) - .selectedColor($r('app.color.toggle_color')) - .width(36) - .height(20) - .onChange((isOn: boolean) => { - }) - } - .width('100%') - .height(48) - } - if (item.index !== this.dynamicListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - }) - } - }.padding({ left: 24, right: 24 }) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 9 }).padding({ left: 24, right: 24 }) - } - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets deleted file mode 100644 index 787fa6016..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/authority-management.ets +++ /dev/null @@ -1,271 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { authorityListItem, messageListItem, applicationListItem } from "../common/model/authorityManagementList.ets" -import { backBar } from "../common/components/backBar.ets" -import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" -import { textInput } from "../common/components/search.ets" -import router from '@system.router' -import bundle from "@ohos.bundle" - -@Extend(Text) function customizeText(fontSize: string) { - .fontSize(fontSize) - .fontColor($r('app.color.text_color')) -} -@Extend(Image) function customizeImage(width: number, height: number) { - .objectFit(ImageFit.Contain) - .width(width) - .height(height) -} -@Extend(Row) function customizeRow() { - .backgroundColor($r('app.color.default_background_color')) - .width('500%') - .height('7%') - .borderRadius('20px') - .margin({ - left: '10vp' - }) -} - -@Entry -@Component -struct authorityManagementPage { - - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar( { title: JSON.stringify($r('app.string.authority_management')) }) - } - Row() { - Column() { - Column() { - Stack() { - Tabs() { - TabContent() { - Scroll() { - authorityItem({ - authorityListItem: authorityListItem, - messageListItem: messageListItem - }) - } - }.tabBar('权限') - - TabContent() { - Scroll() { - applicationItem({ - applicationListItem: applicationListItem, - }) - } - }.tabBar('应用') - } - .backgroundColor($r('app.color.background_color')) - .barWidth(744) - .barMode(BarMode.Scrollable) - }.height('100%') - } - } - } - .layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct authorityItem { - private authorityListItem: any[] - private messageListItem: any[] - @Builder ListItemLayout(item, list) { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Image(item.image) - .customizeImage(24, 24) - .margin({ right: 16 }) - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Image(item.icon) - .customizeImage(12, 24) - } - .width('100%') - .height(56) - } - if (item.index !== list.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - if (item.name === '日历') { - router.push({ - uri: 'pages/calendar', - params: { routerData: item } - }) - } else { - router.push({ - uri: 'pages/location-info', - params: { routerData: item } - }) - } - - }) - } - }.padding({ left: 12, right: 12 }) -} - aboutToAppear() { - console.info("start run testcase!!!!") -// bundle.getAllApplicationInfo(0x00000000,1) -// .then((Want) => { -// console.info( "yanxi" + JSON.stringify(Want)); -// console.log( "yanxi" + JSON.stringify(Want)); -// }) -// .catch((error) => { -// console.error('Operation failed. Cause: ' + JSON.stringify(error)); -// }) - - } - build() { - Row() { - Column() { - Row() { - List() { - ForEach(this.authorityListItem, (item) => { - this.ListItemLayout(item, this.authorityListItem) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.padding({ left: 12, right: 12, top: 8 }) - Row() { - List() { - ForEach(this.messageListItem, (item) => { - this.ListItemLayout(item, this.messageListItem) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 12 }).padding({ left: 12, right: 12 }) - }.width('100%') - .backgroundColor($r('app.color.background_color')) - } - } -} - -@Component -struct applicationItem { - @State applicationList: any[] = applicationListItem - private applicationListItem: any[] - - @Builder ListItemLayout(item, index) { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Image(item.image) - .customizeImage(40, 40) - .margin({ right: 16 }) - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Text(item.message) - .fontSize(14) - .fontColor($r('app.color.icon_color')) - .margin({ right: 4 }) - Image(item.icon) - .customizeImage(12, 24) - } - .width('100%') - .height(72) - .constraintSize({ minHeight: "72vp" }) - } - if (index === 0) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - router.push({ - uri: 'pages/app-name-plus', - params: { routerData: item } - }) - }) - } - }.padding({ left: 12, right: 12 }) - } - build() { - Column() { - Row() { - textInput({ placeholder: '搜索应用' }) -// .width("100%") - }.padding({ left: 12, top: 8, right: 4 }) - Scroll() { - Row() { - Flex({ alignItems: ItemAlign.Start }) { - Column() { - Row() { - List() { - ForEach(this.applicationList.slice(0, this.applicationList.length - 1), (item) => { - this.ListItemLayout(item, 0) - }, item => item.toString()) - ForEach(this.applicationList.slice(-1), (item, index) => { - this.ListItemLayout(item, 1) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 12 }).padding({ left: 12 }) - } - .backgroundColor($r('app.color.background_color')) - .height("89%") - Column() { - alphabetIndexerComponent({ page: 'authority-management', applicationList: $applicationList }) - } - .margin({ top: 12 }) - .width(24) - } - } - } - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets deleted file mode 100644 index 7938a47a3..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/calendar.ets +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { backBar } from "../common/components/backBar.ets" -import { calendarListItem } from "../common/model/appNameList.ets" -import router from '@system.router' -@Entry -@Component -struct appNamePage { - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({title: JSON.stringify($r("app.string.calendar"))}) - } - Row() { - Column() { - Scroll() { - appNameItem({ - calendarListItem: calendarListItem, - }) - } - } - }.layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct appNameItem { - private calendarListItem: any[] - - build() { - Row() { - Column() { - Row() { - List() { - ForEach(this.calendarListItem, (item) => { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Image($r('app.media.rightarrow')) - .objectFit(ImageFit.Contain) - .height(24) - .width(12) - } - .width('100%') - .height(48) - } - if (item.index !== this.calendarListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - router.push({ - uri: 'pages/location-info', - params: { routerData: item } - }) - }) - } - }.padding({ left: 24, right: 24 }) - }, item => item.toString()) - }.backgroundColor($r('app.color.default_background_color')).borderRadius(24).padding({ top: 4, bottom: 4 }) - }.margin({ top: 9 }).padding({ left: 24, right: 24 }) - } - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets deleted file mode 100644 index 0eb74ca8b..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialogPlus.ets +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { privacyDialog } from "../common/components/dialog.ets" -import { dialogData } from "../common/model/dialogDataList.ets" -import { permissionGroups, groups } from "../common/model/permissionGroup.ets" -import bundle from '@ohos.bundle'; -import prompt from '@system.prompt'; -import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; - -@Entry -@Component -struct dialogPlusPage { - @State count: number = 0 - @State userId: number = 0 - @State GET_BUNDLE_DEFAULT: number = 0x00000000 - privacyDialogController: CustomDialogController = new CustomDialogController({ - builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:this.count }), - cancel: this.privacyExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true - }) - privacyAccept() { - bundle.getApplicationInfo('com.example.myapplication', this.GET_BUNDLE_DEFAULT, this.userId).then(async res => { - var acManager = abilityAccessCtrl.createAtManager() - var verify = await acManager.verifyAccessToken(res.accessTokenId, res.permissions[this.count]) - if(verify) { - var permission = permissionGroups.filter(item => item.name == res.permissions[this.count]) - if(permission.length) { - var group = groups.filter(item => item.name == permission[0].group) - await group[0].permissions.forEach(async item => { - var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, item) - acManager.grantUserGrantedPermission(res.accessTokenId, item, permissionFlag).then(result => { - if(result !== 0) { - prompt.showToast({ - message: '授权信息失败', - duration: 2000, - }); - } - }) - }) - this.verify(res.accessTokenId, res.permissions[this.count]) - }else { - var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, res.permissions[this.count]) - acManager.grantUserGrantedPermission(res.accessTokenId, res.permissions[this.count], permissionFlag).then(result => { - if(result !== 0) { - prompt.showToast({ - message: '授权信息失败', - duration: 2000, - }); - } - this.verify(res.accessTokenId, res.permissions[this.count]) - }) - } - }else { - this.verify(res.accessTokenId, res.permissions[this.count]) - } - }).catch(() => { - this.count < dialogData.length ? this.count += 1 : '' - }) - - } - privacyCancel() { - bundle.getApplicationInfo('com.example.myapplication', this.GET_BUNDLE_DEFAULT, this.userId).then(async res => { - var acManager = abilityAccessCtrl.createAtManager() - var verify = await acManager.verifyAccessToken(res.accessTokenId, res.permissions[this.count]) - if(verify) { - var permission = permissionGroups.filter(item => item.name == res.permissions[this.count]) - if(permission.length) { - var group = groups.filter(item => item.name == permission[0].group) - await group[0].permissions.forEach(async item => { - var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, item) - acManager.revokeUserGrantedPermission(res.accessTokenId, item, permissionFlag).then(result => { - if(result !== 0) { - prompt.showToast({ - message: '授权信息失败', - duration: 2000, - }); - } - }) - }) - this.verify(res.accessTokenId, res.permissions[this.count]) - }else { - var permissionFlag = await acManager.getPermissionFlags(res.accessTokenId, res.permissions[this.count]) - acManager.revokeUserGrantedPermission(res.accessTokenId, res.permissions[this.count], permissionFlag).then(result => { - if(result !== 0) { - prompt.showToast({ - message: '授权信息失败', - duration: 2000, - }); - } - this.verify(res.accessTokenId, res.permissions[this.count]) - }) - } - }else { - this.verify(res.accessTokenId, res.permissions[this.count]) - } - }).catch(() => { - this.count < dialogData.length ? this.count += 1 : '' - }) - - } - async verify(tokenId, permissions) { - if(this.count < dialogData.length) { - this.count += 1 - var acManager = abilityAccessCtrl.createAtManager() - var verify = await acManager.verifyAccessToken(tokenId, permissions) - if (verify) { - this.verify(tokenId, permissions) - } - } - } - privacyExist() { - console.info("exist") - } - aboutToAppear() { - this.privacyDialogController.open() - } - build() { - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets deleted file mode 100644 index 23761a23b..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/location-info.ets +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { applicationListItem } from "../common/model/authorityManagementList.ets" -import { backBar } from "../common/components/backBar.ets" -import { alphabetIndexerComponent } from "../common/components/alphabeticalIndex.ets" -import { textInput } from "../common/components/search.ets" -import router from '@system.router' - -@Extend(Text) function customizeText(fontSize: string) { - .fontSize(fontSize) - .fontColor($r('app.color.text_color')) -} -@Extend(Image) function customizeImage(width: number, height: number) { - .objectFit(ImageFit.Contain) - .width(width) - .height(height) -} -@Extend(Row) function customizeRow() { - .backgroundColor($r('app.color.default_background_color')) - .width('500%') - .height('7%') - .borderRadius('20px') - .margin({ - left: '10vp' - }) -} - -@Entry -@Component -struct locationInfoPage { - private routerData = router.getParams().routerData - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({title: JSON.stringify(this.routerData.name)}) - } - Row() { - Column() { - applicationItem({ - applicationListItem: applicationListItem - }) - }.width("100%") - } - .layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct applicationItem { - @State applicationList: any[] = applicationListItem - private applicationListItem: any[] - @Builder ListItemLayout(item, index) { - ListItem() { - Row() { - Column() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Image(item.image) - .customizeImage(40, 40) - .margin({ right: 16 }) - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Toggle({ type: ToggleType.Switch, isOn: true }) - .selectedColor($r('app.color.toggle_color')) - .width(36) - .height(20) - .onChange((isOn: boolean) => { - }) - } - .width('100%') - .height(72) - .constraintSize({ minHeight: "72vp" }) - } - if (index === 0) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - }.onClick(() => { - }) - } - }.padding({ left: 12, right: 12 }) - } - build() { - Column() { - Row() { - textInput({ placeholder: '搜索应用' }) - }.padding({ left: 12, right: 4 }) - .backgroundColor($r('app.color.background_color')) - Row() { - Flex({ alignItems:ItemAlign.Start, justifyContent: FlexAlign.Start }) { - Column() { - Flex({ justifyContent: FlexAlign.Start }) { - Text($r('app.string.location_info_message')) - .fontSize(14) - .fontColor($r('app.color.secondary_font_color')) - .margin({ top: 24, left: 12 }) - } - Scroll() { - Row() { - Column() { - Row() { - List() { - ForEach(this.applicationList.slice(0, this.applicationList.length - 1), (item) => { - this.ListItemLayout(item, 0) - }, item => item.toString()) - ForEach(this.applicationList.slice(-1), (item, index) => { - this.ListItemLayout(item, 1) - }, item => item.toString()) - } - .backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .padding({ top: 4, bottom: 4 }) - }.margin({ top: 24 }) - }.width('100%') - .height('95%') - .backgroundColor($r('app.color.background_color')) - } - } - }.padding({ left: 12 }) - Column() { - alphabetIndexerComponent({ page: 'location-info', applicationList: $applicationList }) - }.width(24).padding({ top: 16 }) - } - } - .backgroundColor($r('app.color.background_color')) - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets deleted file mode 100644 index 51173c37f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/media-documents.ets +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { backBar } from "../common/components/backBar.ets" -import { mediaDocListItem, mediaListItem } from "../common/model/mediaDocList.ets" -import router from '@system.router' -import AccessCtrl from "@ohos.abilityAccessCtrl" - -@Entry -@Component -struct mediaDocumentPage { - private routerData = router.getParams().routerData - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({title: JSON.stringify(this.routerData.name)}) - } - Row() { - Column() { - Scroll() { - otherMediaDocItem({ - mediaDocListItem:mediaDocListItem, - mediaListItem:mediaListItem - }) - } - }.width("100%") - } - .layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct otherMediaDocItem { - aboutToAppear() { - console.info("yanxi" + "start run testcase!!!!") - AccessCtrl.createAtManager().verifyAccessToken(0, 'ohos.permission.PLACE_CALL') - .then((Want) => { - console.info( "yanxi" + Want); - console.info( "yanxi" + Want); - }) - .catch((error) => { - console.error("yanxi" + 'Operation failed. Cause: ' + error); - }) - } - private routerData = router.getParams().routerData - @State checkList: any[] = [1, 0] - private mediaDocListItem: any[] - private mediaListItem: any[] - build() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { -// Text(this.mediaListItem[0].name) -// this.mediaListItem.filter(item => { -// -// }) - Image(this.mediaListItem[0].image) - .width(64) - .height(64) - .margin({left:24,right:12}) - Column() { - Row() { - Text(this.routerData.name) - .fontSize(16) - .fontColor("#182431") - } - Row() { - Text(this.routerData.version) - .fontSize(12) - } - } - } - } - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(this.routerData.use) - .fontSize(12) - }.margin({left:36,right:12}) - } - } - .margin({top:24}) - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(this.routerData.name + '访问权限') - .fontSize(16) - }.margin({left:36,right:12}) - } - } - .height(48) - .margin({top:12}) - Column() { - List() { - ForEach(this.mediaDocListItem, (item) => { - ListItem() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Radio({ group:item.groupName,value:item.index }) - .width(24) - .height(24) - .checked(this.checkList[item.index - 1]) - .onChange((isChecked) => { - if (item.index - 1) { - if (!isChecked) { - this.checkList[1] = 0 - } - this.checkList = [0, 1] - } else { - if (!isChecked) { - this.checkList[1] = 1 - } - this.checkList = [1, 0] - } - }) - }.backgroundColor($r('app.color.default_background_color')) - .width('100%') - .height('48') - } - } - } - .onClick(() => { - }) - } - .padding({ left: 12,right: 12 }) - .margin({ top: 1 }) - }, item => item.toString()) - } - .borderRadius(24) - .backgroundColor($r('app.color.default_background_color')) - .padding({ left: 12, right: 12, top: 3, bottom: 4 }) - } - .padding({ left: 24, right: 24 }) - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - } - .backgroundColor($r('app.color.background_color')) - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets deleted file mode 100644 index be5c75a60..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/other-permissions.ets +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { backBar } from "../common/components/backBar.ets" -import { otherPermissionsListItem } from "../common/model/otherPermissionsList.ets" -import router from '@system.router' -@Entry -@Component -struct permissionsPage { - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({title: JSON.stringify($r("app.string.other_permissions"))}) - } - Row() { - Column() { - Scroll() { - otherPermissionsItem({ - otherPermissionsListItem: otherPermissionsListItem - }) - } - }.width("100%") - } - .layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct otherPermissionsItem { - private otherPermissionsListItem: any[] - build() { - Row() { - Column() { - List() { - ForEach(this.otherPermissionsListItem, (item) => { - ListItem() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Row() { - Text(item.name) - .fontSize(16) - .fontColor($r('app.color.text_color')) - .flexGrow(1) - Image(item.icon) - .objectFit(ImageFit.Contain) - .height(24) - .width(12) - }.backgroundColor($r('app.color.default_background_color')) - .width('100%') - .height('48') - } - } - if (item.index !== this.otherPermissionsListItem.length) { - Row() { - Column() - .backgroundColor($r('app.color.text_decoration_color')) - .width('100%') - .height('2vp') - } - } - } - .onClick(() => { - }) - } - .padding({ left: 12,right: 12 }) - .margin({ top: 1 }) - }, item => item.toString()) - } - .margin({top:8}) - .borderRadius(24) - .backgroundColor($r('app.color.default_background_color')) - .padding({ left: 12, right: 12, top: 3, bottom: 4 }) - } - .padding({ left: 37, right: 37 }) - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - } - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets deleted file mode 100644 index 7467ff5d1..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/permission-access-record.ets +++ /dev/null @@ -1,198 +0,0 @@ -/* - * Copyright (c) 2021 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -import { permissionAccessRecordListItem } from "../common/model/permissionAccessRecordList.ets" -import { backBar } from "../common/components/backBar.ets" -import router from '@system.router' - -@Extend(Text) function customizeText(fontSize: string) { - .fontSize(fontSize) - .fontColor($r('app.color.text_color')) -} -@Extend(Image) function customizeImage(width: number, height: number) { - .objectFit(ImageFit.Contain) - .width(width) - .height(height) -} - -@Entry -@Component -struct permissionAccessRecordPage { - build() { - GridContainer({ gutter: 0 }) { - Row() { - Row() - .useSizeType({ - xs: { span: 1, offset: 0 }, sm: { span: 1, offset: 0 }, - md: { span: 1, offset: 0 }, lg: { span: 2, offset: 0 } - }) - .height("100%") - Row() { - Column() { - Row() { - backBar({ title: JSON.stringify($r('app.string.permission_access_record'))}) - } - Row() { - Column() { - Column() { - Flex({ justifyContent: FlexAlign.Start }) { - Text($r('app.string.authority_message')) - .fontSize("16vp") - .margin({ - left: '15vp' - }) - } - .backgroundColor($r('app.color.background_color')) - Scroll() { - permissionAccessRecordItem({ - permissionAccessRecordListItem: permissionAccessRecordListItem, - }) - } - } - }.width("100%") - } - .layoutWeight(1) - } - } - .useSizeType({ - xs: { span: 1, offset: 1 }, sm: { span: 2, offset: 1 }, - md: { span: 6, offset: 1 }, lg: { span: 8, offset: 2 } - }) - .height("100%") - Row() - .useSizeType({ - xs: { span: 1, offset: 2 }, sm: { span: 1, offset: 3 }, - md: { span: 1, offset: 7 }, lg: { span: 2, offset: 10 } - }) - .height("100%") - } - .height('100%') - } - } -} - -@Component -struct permissionAccessRecordItem { - private permissionAccessRecordListItem: any[] - @State collapseList: boolean[] = new Array(permissionAccessRecordListItem.length).fill(false) - @State iconList: any[] = new Array(permissionAccessRecordListItem.length).fill($r('app.media.downarrow')) - build() { - Row() { - Column() { - List() { - ForEach(this.permissionAccessRecordListItem, (item) => { - ListItem() { - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Image(item.image1) - .customizeImage(40, 40) - .margin({ - left: "10vp", - right: "5vp" - }) - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text(item.name1) - .customizeText('16vp') - } - .flexGrow(1) - Image(this.iconList[item.index - 1]) - .customizeImage(20, 20) - .margin({ - top: '20vp', - right: '40vp' - }) - } - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Image(item.image2) - .customizeImage(20, 20) - .margin({ - top: '-8vp' - }) - } - } - } - } - .margin({ - top: '10vp', - bottom: '10vp' - }) - }.onClick(() => { - if (this.collapseList[item.index - 1]) { - this.collapseList[item.index - 1] = false - this.iconList[item.index - 1] = $r('app.media.downarrow') - } else { - this.collapseList[item.index - 1]= true - this.iconList[item.index - 1] = $r('app.media.uparrow') - } - }) - if (this.collapseList[item.index - 1]) { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Image(item.image2) - .customizeImage(30, 30) - .margin({ - left: "15vp", - right: "5vp" - }) - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text(item.name2) - .customizeText('16vp') - .margin({ - top: '2vp' - }) - } - } - Row() { - Flex({ justifyContent: FlexAlign.Start, alignItems: ItemAlign.Center }) { - Text("访问次数:" + item.visits + "; " + "最近访问:" + item.lastVisitTime) - .customizeText('16vp') - .margin({ - top: '2vp' - }) - } - } - } - } - }.margin({ - bottom: '20vp' - }) - } - }.backgroundColor($r('app.color.default_background_color')) - .borderRadius('25px') - .width('100%') - .margin({ - left: '10vp', - top: '10vp' - }).onClick(() => { - if (item.name === '权限管理') { - router.push({ uri: 'pages/authority_management' }) - } - }) - } - }, item => item.index.toString()) - } - } - .width('100%') - .height('100%') - .backgroundColor($r('app.color.background_color')) - } - } -} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json deleted file mode 100644 index c3a6df19c..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/ar/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "< more" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json deleted file mode 100644 index ddc52a17f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/dark/properties/string.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "colors": { - "colorSubBackground": "#000000", - "appbar_subtitle_color": "#99ffffff", - "text_color": "#ffffff" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_actived.png deleted file mode 100644 index 49991d108d51f1803ff3dcadc8870d69977908e7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1671 zcmV;226*|2P)FV00001b5ch_0Itp) z=>Px*K}keGRA>e5S!-++RS=%p`$R&uO$0?K@<;FU50F43#8!FH$C>oSPVef0lnOn9!yL?k)bY zlich%XJ)=L-`PE{xd1~lGy)Zk09NF!I8R=jnN~1h5t7wF0HYD`URIChUy|$H{Om@e zE=1#OEQb5qTas;xd)dW`2ux|pOwALmVUWc{biYm%Oz<2U&_ZBr>u62>sN<{JmPKI7 zQW{sV%nby%8i))PP``|XNZS*M^joKPV3)4H7J*qWQ=;c`W+M>10YE9;&VudHWFng< zj!kd)Y71t9Z3ncG2~2OIktUftiQusT_rWhA!r?Tgn|^A=%TdrH5vXs@&dB8pyBV-H z3TUM^hSP#JC;^$M1&a<7(1obKcl)6dgZvN)S1p(Y5W|xm@8*@bTix=L1j@xnVigX0w@}`9-FE{Cu158;P)XWgO~iozNX!1Y17K z!*7>4ByGV=GMTC?wNI3M1KF(kemTKERFAM}eZmvG#4ChECpP**sa(!{uauvMKwVSz z0RViylyOj7)o_5UC@_qP(A*odvJ$gW@CoM~|Tc?cj_t9bOahiT>f7zY;aCN?YB zR$KVUk}J?lZa)tJvY^>*6s10MvIol7ZI*_u3W5ZS)Vh=%y~>Wu>+g8CQIvYkUE!l| zVq328Y9u$kesK`suefXi7cLQe{&jd@Vk5TY3dbnd z)P8ZV+GF}PWfWSzEx=#@5Ug1egWK%law*Sxs~te6*r>MG}VuSOt*gq-|VFW?D(pa2Js=+6hqEvdMUHvnYt z9W*-V2tJgpdm#=F);Sh46~AOzh`zEc4s)kluz7nPu4&8-NsOtWj-I))S5*d;t9hnu zd^MpRyoxEr1w*i+ie&XvThBYMTWs>48hjp-WAO*CCty4$5C=ofT_kw(qa5V&!Dy1r z>)4Z?pjtWJfGGGN{iSM9s{G=j*q{Y3_%aZJ877j7blZ3cBx3k6Ao@;(T3*}dH->lS z?kKD-n1byuJbgKj>ehP*w6~;A@oMy`+t98*_jC+`y0PtapMojaej@qPQb}MB0RiAd z>pOg{lwH{&!*~yz!^`0962X=}yn?1Af4%Ll3yp11y!|75XxHuMgfR%RVcjkfZ0W-- zlJqT=kq|rI;j9{&dYhpRsbHr%3AXOagH`@vQiXGr1yiu44^<@DD;aCGO)Y!rDq2bF zUC)|Fxv5rZhS{7NS-&a)>57hh1Bhl8VAHl79Buame}OaAbAmF}fdr%rxhLoI)jJ?@JtrFrf6^Q46;1&%@t6P9sU~#tdu>%TR|B5ZGddT9Uja@}v{_ zn_c=;3?wU&^37m6gUjRqj`NXw7vCQ`e|3)fEz7P%Jhmh(GcC4}2#DdWKR8;MM5EN* zlH}lp#LOuOqiPUp_`FkdXCM5Ps{~hi2>!T2aQrm?IQT4+C?)K1Xm~QctZfJWSxWD2 zi%dWqC1Wi~Um{$`d$#Mq?1t8@^Rmq=pDZ57wxSO`FQyg&+r2OOEBRANLF#AmY@Fhg zcYWD7W$*D@DjoK&N?8PK49TNPDpIm}VFy6l$9~GeOwL_$bdlZPZr6QQL_qCKRx3%2 zNp6Y%H|1P(ap@hyS5)~l diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/media/icon_normal.png deleted file mode 100644 index cdf5bb49392dfce97ea9fa1be0ace95715903498..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1107 zcmV-Z1g!gsP)FV00001b5ch_0Itp) z=>Px(4M{{nRA>e5n0ap$F$~4aeUm-VoFq@wM0-OltrqH0TZSvN#0@VoM~bD%1vm{Dyc`;;+DIJsyeV{HnoTx+s1Sf0PCr5&%v=7LS&UP52$Z z*kA9(>`IgZAZ?iWgLGcQEkJso7pYXedmG^QYJX_5_njI(5*O8Yo@wNDq5~F2SEP;+(+SVs)*T4rP1S)9qVdJE{wT)CR!{qW@M*z|vUYcuVRq0H<>a$an#k^r%Xm{pbbI;yi=X6ZNeq z-vf|AwgnwMF94Rg1vMvhjcn`-O=AKZ0O`XfY(Y(0)X2uZ;9HVLHUJKeR@9Wq8d>X4 zvI;f;Tl%bW?)R76NAs;l)~M!Jpf!CM4NeXfaA{ z=9stkVp{}6TEVL#`=!&I>0JrQ3fSI-bATBf3iNM@^iOuib2dUSoT}`Xn$_TjMtUw_ z2d$YAW}DWT8&fOL#YS%BtnH+V*#Ovd$r4%Z0Iu;07#>~jCWLQNZ;M`KK)$9*VXFq%_I$#ZEzgiAj2xR~*HIYLZae1OSKb)(P;POt=Rjp{Iu_8i>FkTF1{i(>LxriO} z1ZaUd_4rF8b{4}NDCm1juGfQsofo3LBQW+8kxsT3u~WT5`oNL@K#bEV$P)n7gHv^= zJ!YKLpk!Oe^=gstn|gMt4j*F-9S|KZ68FWv)&X1W4Tvo5LAZRdcW9@1vZBz<>E*X) zdLmmyO#m39YVpq+r)I6LRI(r-Dj(&tFSw3@RwqcM4UsN%3hc=UXOCMda|5&n5NvXB zAqXm!w?BfM_rzKHF7^SZe-p+A5D!W){4vI+CK$*bARWl(K%B+#W~Ze)W1fL|2L6{B Z_ye>Cr2VxM_(lK#002ovPDHLkV1jHc1@-^{ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json deleted file mode 100644 index 127f01aeb..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/default/properties/string.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "more >" - }, - "colors": { - "colorSubBackground": "#f1f3f5", - "appbar_subtitle_color": "#99000000", - "text_color": "#000000" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json deleted file mode 100644 index 319b5d66e..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/en/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "CategoryPage", - "describe": "describe", - "category": "Category", - "itemChild": "ItemChild", - "item": "Item", - "search": "search...", - "you_search": "You search ", - "you_clicked": "You clicked ", - "tab": "Tab", - "more": "more >" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json deleted file mode 100644 index 4b9482c8f..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/light/properties/string.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "colors": { - "colorSubBackground": "#f1f3f5", - "appbar_subtitle_color": "#99000000", - "text_color": "#000000" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json deleted file mode 100644 index 4ca364c62..000000000 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/resources/zh/properties/string.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "strings": { - "app_name": "分类页", - "describe": "描述", - "category": "分类", - "itemChild": "子类", - "item": "类型", - "search": "搜索...", - "you_search": "你搜索了", - "you_clicked": "你点击了", - "tab": "分页", - "more": "更多 >" - } -} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/51cto.png deleted file mode 100644 index 091f4ce356fff5def14609457dc08b60f871acfd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 15573 zcmV;`JSxM9P)PyA07*naRCr$PT?bSYR~P<BA0 zi5jCOzl}u`yMP+Iu{U4=MNqLO+ylGOqtvd3ECB{5hE&@f~xd^dLC%)J=`vzHg=;RX-XMUZZr)y zK>FjN9%pW|Y0%LWMcoJaO~7L;i4Yy#E8@nba`cBDs00YdYr=iN@LDFcpbLOrG|)@i zK;Wou8bDnFO<$snBsa~?@@`*0a3Gr_j|x4!5+DrA-=g1$Y65{#C(s~2AA>@B!@Xjp zk7}0y>J~uVrYPgvVSzhd8?HT?*Sr!Sa(vvfpP#!CMSlSb9RcbifHu?oQs_tmjX;W` z0+DYV79@#+xDJaNK0|Qz+O{)5cq7Vq03JeSK|4);G^qqHw1c+B(AA1N) zhtLER6!nR|FOqKcqi)d@?Qad!-B$y5r0Z4}?Mtsv0P*^4gfonc#?urg0H~vVcN?_C z#}w$@D4=(To!I-#pe^B`e1!mrXa5nd6lFA?h7=ezIQXY>Xju=WfW~gx$Y^(X;GVGZ z?x1oF5U+tFo6!=AfP(yx6YEOi(E~JSeZ!-50O@yJ%MSd~kFcn%uj2?7jS3Xbx- zMXN8D5{*C!jdc;ng_re3CBF11R{&`_c%+j+OnpaF^fZ7fSGMuB;2P$$fui!)g$4dy zZVn&I%|+xjz;_Bw<2wM(8omfB*(>z`{S>s(I#ICy@8!W!1`iO={=VHoVIF|K%vd$d0>dP8YDox zy#2=0pvmKut06kQ0_vPVQCJcdDE!0FY&R%?NDul1g7q}$!G`AON`0js*e)>7ofmT8 zK&qkm!(ag7 zj4TRZ=T#u&gi3&dI=CuZ@)1By#YW~eRP_pbZYC~1Qr&SxOBVR#{iabAx&dk zc(8D%rhKa^U%dl}SO1Ye&=j>uRf7z5o_nJPSUGDvoSmI9Vd0Mmxm)on`A`%!H!RR! zuiiEF3Lu`|ej5P#YeT)rRn^iQ#0P*zp4F=Fp*N)J({OYzgSTNBSuFj4!qDupWd~omKW6b_> z1LBiXw5_5Z$fJTqLH^#lR79r$@$~k+0HC`r9iR)@Ru<-%KVbw~G%j16^h1CU{ccA@ z;hWXJAw4ro7wYO%CW#6T4-)FEu!hb6Qc=NSVr-1>CJaZL=1t^Yc=7;32421+!raxr zL7bPb(+gG?!YR;)!-4`xSthNMP5|QB-}e|O4A8o@dLVG#xMAqz<*rZ@MF1fa&R)HR zZ`W+n11of(0)^j1fkLhCaB3YOp5DGc1DLA=7wcT)klr7`&zsb{R!qtOLS}8)u@8HW zp3u21x==tD=OkJMh=;fDB(jC43+L)uX3HiGrDq*X!~~F>TrnmsT8+qwSd zO$iJ1->NO+v<48*0e(K9>HXR=OrPYC13&@}av;b=OaLMCZ;0+<%91rqtjg`@6h)5@ z3k=wy4Fk0T5HIgheQ8K4=5qmnNk0AYS+@?X){_lD2%|st9>(^+kFerd9tY7B?H3*x zAk?&N8V5+LfxcZO5?s=>A^OU{M>{Xf@?*aN!xkXK-mey|#;u4beKlR6Bn++ox2*_^)!Gbq2ei; z?iCg+4Cg~x-T>m^?R$_a>=avJ>8Cl9;MSm?TK208kpFIl;_H>9AWQ`&3I|1jLLWXn zzzaY;2KY{=XjITR?80T}+qFHu8mfNso4NoYx-4416~`}L<>UG=TpkoXNfa1B>Kv#= zY6FB6l%|c0u7Cn_B%WHT>hEMrb2I6-E;%_@m-qlk<+iVM6`oNAl8@Bw$g4I$JiUFl z0GOigg<;6^efo6A$o~9fh4KLq;>(J@?JK>WXzEWT}=t}V3yLMpD)pek&XE^#~w zW#7192JEZzQv{MPfV_SekHORCBUda|=lU@CxfD(Ngarp2RMil*08&x&%1b-Dcc(U( zI-I{yAie-n`7ZK)m1u~vjZC}61nx*z1tcm1q_QPJp}SYi7>AZ}s*|X)7-SBg0J(4@ z1ansXs;VmGW*!Bs2@4X=SH&Qe0OHwygexecD*$S$BDB2BA;2I2;gk3T2+_-D#)1l2 zo$zz+B4;7wOoW_`RCuDXOcX3!&ejjC z0pdPzSY2a@F^Q0@#+G?`9XHc=FnYFc#mT(r$ItP@);-eZIHk$j%ox=yOkrs%fWU}C zzJx}WxB$snVq}VC>+srFuZE3FzL7qDait%(?8L!;Id9@{6~j2*n4*zSv%c&Y`Kd4< zR-B&e8FleM2AjF8HTCrNC0&0slK0C-QGFV-efc-2S)Kj&#Pc_CSg>Kc3^=MVg!ox0INAc26Qk&!RZsU8$f zO$iHTSDld+K$`jZn40F8k#3|-b!wR&2yfn~K7O1vfs-cle%Xo#PfI#Q)vIO+S9=@Q zJYwR~@iL{P^+CIq&9H4Hx1FiP%&@*aG3>LRtkv89??voAezthLb9E~;va@DAzi8lt zxOBWI1(LbrM`Gl_PdV|Ky!a>F48O-|4qt;muN#NC&7NY|<(7DnWzH8{mHE&#Jvcl# zfboEc6+kLuu1eNn<;?MLcWuCGVMvvc(F=b zl5?2TySSy`>^u~Vjl2J0rMs$w$RpJBCNB_`YK1dz3O5uSEpxHIYhi-lm}~BMm~N>m zdp_sw7X=9!+x{^Eq%vZ+WKBrk$KIb8vtFb#*X~Gnt%|5^z3Ql9Zo+#0hXcurd+5vL z;(z|>+iB?2m0itWGKo}#AN4Kk4IGvAbg!C$ZSA9wRUp8V3=5>^3DCi=a7%mg&1Q&9 z;eH2ISsBF>3nUbpM+6FEl<{T+h^MzNd9$0U0R;_?Wk=8E_>RN&?%MzD!!=RiBMo^O z_i|GG?os5d+s~7VU)l$J+zrcTP2}Xq?jxrlHJ#N44kx}J4j$_K4zt{zmEm#jZFM|O zx5SMETSTW>sU?Gl$={2DgsW5rNJk$Zi>w^e7z$Kf9+WY77E`_)fIeN?v9@EgVdsFzhA}}(-ouk~!{2V>=AC_;@&VI}6rqA$2y|Q(>ZYSCz@TEP@zh&=Bwm#=P zj;8vFg8daH{V9FK@*Lp18#G377FrG`*xFcO_bT>VtGVJleEChu^M32P)j-ZZ)FpB@ z68@^NCA5)|5kfcuH-scr;lxXmgDINY5fWGP7^y9>B?Dsz*Ij!)8xJgYLI8{}Ddy~9>koOQm z^&D#B*jCaLl^YG6xeyPZzTh^A!)V_IZ(wO$fb9=U3f+u$d5uY~FR|)w0~~*)e)Sg) z>M#zaK+OsZ^54h_AYR@h57D4FCzvp5W1s`34jYKxo!fHKe)*Q&2)qAKI;W$c$EOV>HiV>7|oDhJOp}3D zc`Y`qv^nOIC`kAbYk+tT8dDzy`DA}s{bvGgnyEoqKh2&5Hy3VI6OWv`jNM016>HVm z#SZ4is>dOb;KdtHOLm18P8p+882tYZ1Y)!Q0S$UfK5HxE0t~754tpLuXk9jwKqF(S zS?H0novP$MVpUd3EbGp_KQDr%Ikymr_~aB!T(Yj1nWL=*+-j-*f=YI;$SxKk^8Rr_ zxCK?Lxo;g`ycvqwKkBADX*1hQ=_$Lu5lv%Uc(8EihkD5ch^MzNiAPYc3bVd>Kn;ED zs@dYN72m4FVe3DE`1i`K;<-(0Re^)81!rC)4vWNN715~AKf~;?+;dXM{FiUz;63RZ z&N`Im35r@LC;|w{=;5Appr!{q+o#}aJU<24)Ko=gdaGuQv1E#ByWMFSnV7k16H-c@ zUULNriR2{_y+!0yyCx29UJWx-)t`Vnd@;Vl7nPG)WC|itpwNr)4)VS;Z781?7+YSO z+eTwqL_;Lxn!wg1AC8teh)UIc+|HnnyI{;9ZjrO4ZN3#5jaA!aTY8fnEteWrFcBCj zbWd)+1dkIl@H#bHX3Vx9=A)fQbGB}kJI?o;rMUO-v06OJ+hl84UU0Z3MX5poNRq(N>wVjcBj4aN`o4Bp*4sin)g8==?~a9H+BivsFYv5?6q zERfL1lx7s>;!T=t_92E@=`-sms*=G3SlKRy=II5v=_?$6A(XDk$wb|VWkHYVJk03ou_Kv`YG07xcHgf_x zwNhUXB5&pIJ8E)+82BpYqyh!g-R;z z0l{la(~ywu#YF&Q-a)(u_zk0JdY`UbHmB(`tiP}I%`--Gcl|gYRjcs#?JZ9r+2zX1 z%ZH0g15~$F{j7x1nD+zpp@;)pU9~!nMh{W2@M4inS%CES-9%H+S!O@UIwOfR`bI}K z{s4+%%q`7 zv1c`@c%&WD7C>U3y~G!lHGAbPs?3YJ%-5o)x9?j3{6Fw&=i1VUl)ANRV$=89D<-Ke zfFz}+;bXsP8u6KdGd&>+5*CMT7XzfV_aw^#WEJLeR#LGCNCgv8$wXVEEr1YvyaxDb z%Pd2Z^H>xlEZ(v#28h?dk z$804Mszt<_74vVkmfg(yn}fAlHi~+@$hl95WQLsZ7Gu=3KB|d6G&4|b>DJojH=cmYU`ko zv}R~OWSm;MmgmW$AfXf+(*Lyd_G@4Sx-$P#&Wfv3utAjzNLv6&Oi9HjqjVORs)}p0 zI!Ay4`;ef02~vQx8ZfG*gq9R`IH@EV4;TvsIQXmPdukL3)fPaWy?TQ|Q|48!wgL}G zD7cZ{AyR;N4j9=PGBM+$%>qiE`X6~%Zic8)a5LiaC+z`iZ3uEAVb%Z!zzry^3|RaA4&pltG=4P%y|t<1H1kaKGR?u`?w`S>m$ybm zrytydtgGjxGV1zGLY>c5D=W%Y$+Y8#ki74I_#?*(r^MW94zrbE(Bmj-p(xOQ_4_-B z-y({pe=ul+cvgOoO){!b5-Hcv7H!dLnC8w5a-+hL@@GjgY10~ZXuj@GnAmDAupxQh z4x}AFD7EkJTuc0&tDQ{}U!z!UKhy3jyNoH=6>zUSrY>jPX|M6x22fG1{zCRG*-gaylV+jjr-S$wRm?B$mu1KfD=Dh|bG8kx=BZxmS7VCm zjIm^_C}{64DL}mX`;MY1aO(!CGsQJ4c)n#iIv5u=s41eq#QB);^Pd_KT#%H2#5Lc8 z7U#k5tyC~F;jW>V02Uj@>hHV8{@J&SO;<~5Rj{WFGb#!)-pqi zHtG}>yytr19i;yVS5QWzCU1qMspgsJZ7M&Y`SUB6uzts3G-$~4S%^e}xP?gp#n@n5878t7~!_X%e6woarPXt6t0n)sWPjwSh zvy$d_hHf24{TmAM@rzZe+*x@N3Hn{Sh~;axpktShIdWD$Jpav0B(7bgbWp2ZM`2ur z-)fT^*R4Rk3n$@KO@49k(_(XM$>INQ$*c1;%}kKrKy>u)r=_c!6o7`}ZZ4WuNQeBD z-96%Sb20MzRZN++5T6en&8wCYXnyG zyNIc=k=?B$dlE~f-1@}D4A4eM&moQO~u$3%82Kep<4b@t?8kX_J+O{;# z!wSnZrP?2S@f_P@A4$jjyxAWfUhR0ZRu=%-w0 zKphSX@*g4#kp6xPK+&rzk~7AeXTn>-)^3p>{(2mX{m-9C|98UFxfnWfB5y9rJR6LR z_wi7Qm^%4Rgu~zwyvZbY4{{f2ZflDTUagh#C6Q?4G3%{Fz?*zSU_{ecA08}}Hj*z@ zS#jj&6h+ClVKoG6)XRiD?t8z-c~}-8Cg*@ z0&J2PwOkw-j+=>vM?`k^wXpZ-CB`|*29RnZZ{id2Iz9>6_ao5!=D$k$U24`1V#fxs zwXue+jTNd`li!7Z+e-hoLKPcpklcADdiEq1WCx3owXrb{cVSMs@<@jBU(0TgqCiuaIIe#F7+H?VJ7>6 zee|FZ-+euySl;RGJsIr~<(ptxmgajVGAg3Q0hAHlJnUG2bZ17U!<2{j$omwi3bEBo z!b->iArpOZ^)k}(ikqHd`kW;gFl40MX{qU%2#i!KJPv2!MoJf5zc|b{5M!-mN=KjFfNVrqD(hldd1_xS7_9 zug?Xrvle^GQjsRXnf9>AbsYe?DV{}-n}mtX89FSr>>u1*-yV0|9@IW7H&pF z;YLIhB4QpRFJJMNu{?ilHhu*Y$iH!C!3eYS9e8u2Q&tonM3?kP+S8#UYMV1BN=?Y9 zh6G84IS+X!3KACg{Fd!eIAG)|(9{CnRz!~(k;g0Yn5B%e^7Aq1itIawZPn^HaQr$# z?mfUY(Op~)i3EACP?c5+-ol=eug5Fe1S<;oX&Gr^Y>d=fvK_w3E*9C%Vj}X0MIN;( z0#U$?upnV^Y>x~;DpKOq7V8u^l*$^ExA?EKvoYqTY!(0|FhzqNet4Ut{QQLN#WYtC z4_8VyS*mF6UD_O*3hdajQaY}Un=>x$T_-bUQFC{6v#-g>e|@$!F6m$=%R(SQc7b;9 zTr}v7;Xwhjiku>Q2N^WN69q0;;j4fZ*bH;d=;)bpYud{=>77%JViR$yZahTieDLS9x zFLHqmkSNO3F)VOL@y>}HfcOOgbbmI?40R028r)$++My_?lW$&QLrip;LB__$sMB>6 z5>wNeSTKIx+bA7FjO6E{kh=%Di>OOAt5?OdbAN%RW$&1MYS+OxZcQ24YcjG|K+%}q zry&A_(yQOGI~;7NuB((?r9U{`31HUUBb+rol`la&I*Yru$ZG;Q=B zqt^_0KnvqM{J;>TNX*;(@Bso}y_9Qd$4>?!JV|zE$I{#kE_EGHt46i=Kh+C=+f_rg zD)NK=#1Ep7{D=JSBllnagk^(9oIIVHUIdmjB)tdCse}K+jdNu~_1&se!Nyi?82R5T zFv0hk{5B+~*{;;P|!CV!FC^7No-j0+DImK+qxdk5+0 z<71JXW1bAqM>ySO8?{-3VMyNRYdxHSB7laj$V`+Rz!K$xeNT+916|xKjSx zSJJXS^2lq)VVG1^?lf(NrMa|{$%jPFK*(7L6GayoV}2%g+nD%%`1#V7vFKe# z@m)DZY>e}7YvBC5>Ih5XKgzgtfAk{V$~w##Nt8je#Zjws~A zCLZfafiY%l7$BYPQ?RyG*}^(AZ@VERNwbf4#5pvLzr%xtWeOrI0LZ9;fJAw+wAxFj zI|iLi#Q4^N`3~}7n8}A4yEJNot-IAv!%bYhpiGs+DlJ;UZTT;1IVnEwEqZrpj;t)j zF=uQ5@bDhd0vnokJ?8bclOt9pwVV zYrr@MnijuOYjyN^ayOG)%(0Mv_E1`FCV-H!oBlk2Ce4_4f|R) zmznC_osR7H$NV|U6TJ3!>Vm4K%FB(umI$PYQ<@_3?h%`A3E`7E#Ue(#yv8KgmsoYT z0gk`Ycr6hz1jbE7M|VB_&_=lcA%i^o`yK{WJ_8qfn&e_813*&p#29*&xhvhcujXLb zsISzzc2b4gkrQ%FhKIwDk#HJW5}K}xfH~7fffR{TMt`(vhlbYHO2@=Wj4&xfz0Cqe z0-D-p;(n_9v!2B*9!ozv_?(}3G(|d4pbv)y1xQnDSp&qwdxReaBlRDGRasdL&*^27 zi)jo1d6t=piMMYuYU0(VBi8)3i*cN?0U1I2k$L`v%n;`ZGg0d^)dQ!=AzAq%sCD&dVDhJ?Ihf3l3lg4^ zjBiEk!qT?w2||O0jaAk(>%vK-2g(+(ZuIRkRPV^V!=y;)kpupiKbtv!es&W#^sS@( z0@P(rNHg0^=_$MBh)SaJbKJsC9*F032O)#+K8StP+?6?4Co<*{F5d}9$lYj!-YXlL zp*iDJVpZ8rwI@>8BMKBMESahB4nhR~d+ElK zK3&^$Y7#EG{{XuWAIHU;p=#@{DFy>gvoY3Oc{J{U7titM`*J@_dep4tAT26qWv$xb zmH5FuB>(ZVj2MqC0Whnr+M`9(T@gP2l(`@S5!m0s5i=VrFUp-wQy5-u0YVKG1^ORQ zw8lySLMFXSNX)KTqdMm^{-bCA!|p@J@${8!lNP3nO&gyNG0TRZnR0+^dGr8BU&;?N zk*DL2OV*)nAJzI8eptks5(v;*7z}b)s0wXZvjkf=u?wf`XlIAz?#g%J@<72St^D0V zXwWY#&BaZwA2^_}v?e1!{<|4^wp%+dmCBl@q@`o)z9abO_!(8!Sz~iZsZmmLR2i+f z7l|wJavw{}O#8^CIWk)J#p_4{7C@7F%(S*^s zd?^U=3fd}^=GEAy3O2V^9*;%pV+~GI{vyv-KRp|_MHD2Qrc5VBfczbJy7!mfz0_*2 z6ny>)7XP|UZ+zopmJQP0SsBd;y@QxEWmPF=o%`9J@T2KlMLixAvPRvvL|Z)S#oj>;>}l5UMd${|1~(4U0`1t^W@ zVFU2O@sJ>0}UW??^H1zaSdPif@mzU4k zZ1XBRMepcPAF*}Xfb8ykNGoTKhr4S7&Uz+qTL*FUUFp19{fEGLT-g9dCZ?C~h%j?S z+3=K>$x*oRMDdOsQ@9DK@IJbnmHweXjS36$_h<4cD}WFtuj3Lj>e$y%dqaBviL+R} zRksaw*_@;+0!SB^76`4XxO7;CaTpJVEh zwF;A_T+^T8)$>Rs$aybe0!X~X2orU1P{?%gs_}Vo^>!v6tO0T>JnB%}mQ4pUF=X@k zn(ce=cd+hW+`E{FF;_{jVo}?*(zaALHASO_ZE@FvdF!>htqmI1bwmSuD-l=)O(>wtUD6A%&e2pL(5`}9Qa-@iH&lrS{-!#4tQb2{RWyHeiU>8bKR_dbsR9PuCr9nwK4Y*$q*t!#!&)e zShO4jP^^~`v^Wcm;=&ObR{~s8#F`YdRzyz=1o%2rbHR#yuP+0?XAl^BijMAL75>5A zvj9Tx#hmkM)|k1VD+`OShecxQQg(awEZA`x;$@tNrAjgiOPBj;TgMp>>a+v%B`#kD z@$(SmC&2b(?$eiNe!nP{rH7Tqx zGA-A^aQnZ^q z-V%y^@d}ThzrwwTk8$a?2+3*b=@N;=GxGRe=5MU`PUi#=GUx2I+b2Hm*rqR=i-T!Q zMD!z!p2sPYg^4Ar&zlJHu|`Q%lYd^kK&WXg#8|L<4`33S6ZJ17Im#2X>RDRiM|Tg9 zF#8!{WsB8)D8t>OHJ%tZEK|ydNtX{lH%)zoPLd>i?X39SDm32&EA$W`-P(F#$frF( zezT#gA>ntswDDBlR_g;soB^^?c*to$_fC(U9c%Matd$%fl7mETl8Yc8>lFaxVSzE$ zrJLZL5q~`~^4{D-^M=l7rQ{ING(QiWBSVpHX@xsYn1d7@9P8pzY%1kuC1(`9Q^su(Scu&8O|vMlrunxuzkU&j}7bB zYXBb?^@STDn6v6vK3K8l;bc^R&DLe#(MZEe(zsF+v}?^0cr;aBMl)>eU|2P3g2vyk zW~IW`eTT7apW=LTR!m9_BAJ%6EHd!neio_AOX~CL1Nrp*7z?LxZ;O5I+O12UbZ*Z% ze?TRGwEKKijlWhedETN)LtegS$>AY6MAR15GAh8f4*;?w#|nWOsy|!D-VP`Jw}H{T z$XR1y-J}^BO#PN|EE#Y+@;)Yg&u?4FdPW79ZIL0<`S)C&88+zwK!)_`fko5CvGPsn zL2u#`#mCS5*Knfm5O#a+r6#Kc5HjEY$cat9gZgqm?v-O6IXEN-h}xpkrANtW__}Nx zjh6Qx)~^@7`--`NaP-nSuy%8Y({OedfrO^fVaPbnJxSR3ncPWwm=uQEoD`d5TMqXv zZZ>k*j`3{T7(3T2W;cJaqJ8em9KWuu=+;T73txUdt&<*5HPSx8o@p zxkY(1$HW%cslz^n_SLIm`;QAz-;w*K$-`$ak{Z{qr}9>xS^(L9;`}6^zCF|q)4d=2 z6eDJ<_U*v>N-8zboT4$>EK4ijidAi_aUtLjR%$-q`MWfdw^|40=9)ze|Jr{HzY7nt z;;+geQiZa)AP)gruI^r1*RO_uj>*GS3*tC)_2!b^T{`@ritS{MS^yyoF5eN|?9$pp zts3>uU%$n`$?TrHRW-EqJn|AsLb$a-13vDC<+D`F6JeuYSX2zg&0oo8sLEriQWB87 zbX^d+djzci0pvGV3Xgga?b-bO;S$%$@5ieRkV7XfIC-^b{Gfr819P)G1xk{t(Psj3l!WH1!&}#LhxhM|d6T%mK4fO+NNz?(^!m7c zd)X$F91T(%AVi-3(Ua?a2Yx!6qwM10Ik{qV^ck<}biJKtYGQ(``~PIs!(1IBrY~QI zt09H`G|C%oUOE?@TYGRe>-@Dlfgg8nJCO6l4<_&e5W@4{%Qs^BbZM_r?VEyv0<`&@ z``)&?#%p?hug>kT_Pdf)T20B@c_7ROxY--Qtb0r35}eccqzxo z8$c#6UfX%j_~92_ot-$xY3WNM72k{h!|bonzeg9o*_Po)LfuDytNoB2WrjJ_v_qFR zo~T==CaPFl!`8+c=4Pfy%g8MLx&P>ibO$ayQ+{A(HQOpU?_bh#o2?_Sg+xs4+{T05 z&Ikij-T)$f)H-(JSKk4Bi#vp}HR#!^w-_`}B9Sq%81?NkPL9y`!Q{D_JU?rTbeUg6Z1nEg1%87* zgKPb|Dw|A-4w6K=Ggk|9>Iu;P{Ba>`ehJAb>2}qsx>FRTI0>IMx59zE10*KqwVk;& z^`xFdZPvj%f#)t`>2I=?1v%QGcf(1%5Q!Vo7Wp4NiS;}7YD-+PoT^o9uw?pp^ytu< zH`(W|-Nwq_cSw6Wp4z#QHQ$H_v12@%G~zX%n|FW^YyP_x`c1dCUb0>5m6%DuK|oTT z=+w^NP_u^iimgRGdV-O2RI7xds^1$os0R`yP@^jU?b&WeL`iEG9Nw~qm3sf(4E68c zp*3?n4=ZjZgERsV!v02Bly$n^aHjRA!4zZM#Cx1(1JlFP1;Na5>IdbR_@ z)_ID?%^o`(qdsT#-Jq^0nfc$W{tf4^-{F;~JZ9vv>h#WyFfrl0VadC05z!AbHu)cD z^w+BI3oBmmOd179Ywt;xTUO3`-mYacg~4L${uh9NWB)2Ni)fq`;3v@kw4a|6j;Z|m|?))pi}tyPocVOl+G6j1lX|fYjkbv zsZlv>n8zh1OAekqH)@)nPXL?os*KSnK!`$<7p?9&bM&y2O&irO)8{KGB@I3^7l8aO zA}dP^bntXX&kk+yS@%wiHjzl+YatQ19(Gp>7+q7-hV`*`gUYdSYN;Rdns=>v(k{Pr1sHH=e|_k=Qm(P=mS- z@c(%k$d{O|>G0_b0Ym!q^wqQ;S^)?#;^)8of0{jZ#CHOt!l+PEaYDPupA9igY}3 z=D#z8dw1`xiVa-nXbm7lvETO|+&gvn5NR*!A2$C_dU8r)l}OAI-&9oPoNvC$_&Gb) z!O=f-Q|qfpFHMzpCGQ?*c5MU+|Ij6!x_l$#({36Lk1l1PRsllf1_YiuU*D-tk7-NS zY787j_K~=sk48+^+Io_mE3$*7ONxE|5?@SLuYI&U{X4g6iOtJ&8xC~u!Q(gXO&T)S ze&ulivz zS%^za;yO*~_&MW7NaL(@MQItCxwbaespcs#nrVnA@n^@odJZ% zzkFNtyh|Go)uY=uI7X8%uSAV6`u4>4Q^s=8NOMCEow^{6W#W@A2K=GY?xMOnWMpM$ z+gMp@CnQ>qvN{C_(dTCP-SBoTn=9`ksjim+X?@nw^HzW)XK8{qEt!ihZMbK?X+js$ zIQ8=>^LS%Tw%rLpv`vXAsY!O#s;XR(gb#gn4iI95=>Eg=9&U|#@L`ZL9wh6IWZ&^k z)>f9dyie`oF1)J6XM7uZv?7mK+N9U<2`?RM+H2+MLYZB90T7~K}zaVNF?t1%!aK>sE$*(3rm!`D>o`(mjTBqsi%4X^)%}0L%#@d6 z_k5{^mv7_XJxT4ptHt{KvHUx9@M5kyuZ{tyF5kHLX}69Vf7Irpquv38D1YI`omov9 z)L&btW{oldj$DkBHj_pIpH zr)k&1?#>wRdcp8;u4e5XY5S5?3`-X1Su6tavfZq zoj~G`6y1f+U%P{|*KT3|##JB*MEXd<7p`FO27Y$e$U*47Uss|!kFi)+Ln0o8N5*_K zZS2sJZyY^yq}~IB`0K>Q%Uim&Yx9+rg}K@VVsph}bofHHienQOXDKiSe%zH)C^t!O zRV6fETi3vw_(Xg*{%hXE%^dwD#t!MPHowg5Y+Sq%daQrXF6_(Lt1VSE1_l8TV%pI& zS4K2(aoXhO;;dFBgzVg0bn=-{?5&AI2V$!47pi&B0A>xI`W>FUe9eod&W^RQZ^KGh zn4780?^a|~#?8=(?`Mt~&c0lU%F@)IXfOaNG?k`~U$}bhv+kWcsA@VX4nYpl2&r24 zRaM!#nD^tBojCZf^7_rBmK7;9@k!@)(yd(bLyEwqr5C0)lN9H(S8qw{RgE3ujbZ(J zaW*9{KOYB9oV&Mf+n#=5C-y$$%s@vI3=ANJURu9n@46lxTF>xo+L-e$7YRA>{bngH z|Ggd7dXO2X>2?42(se9Yw?(cP0*c|@eeg-Awyf2-78-$0t+*Xii0(hkI(PNf#<>%H z`H#bAt+{Fg4H6*4)E50lxUBwW%HDoGxSi1bbNr0-rMgd7m2X0-d0I!a;**lmdra9) z33aw@-^M2*D?3NplUx~*H0bl!Z(pDP+txu5NBrY-p5v_fr*@-w(SAAa}xS- z&J)pm4n6&Rx5m{ojqye}d0lT4qQG zeH_g!GrU3pq{#a8^xS5TUOd}U-?4V5s#R?CE0IIp73Fb$LUIb}p8M?F^*cMRT)+88 z*vSL&JhC?kRuvK;rB~)^NW>buYPLR&8`P`3tGstibnMgIh?v-G|6abnYUfXj&l<#) ztRW>UJV1*4nvs#w;_jm-^J>}E=w08j4y!{)4XugR*^&yBA$Oxmu1iGh^Vj<>-aP-? z^#cd8wXTRB3akW(oJEOTev(6UVvY8NRsuv#pVKrwEFn2%n6bdv%hJNE zrm2aE)(b3?YLVGFxe`*QGbJtk-JAG?uxsJ>4jnmu>P+PwLcIm91c-Y6lRKNHX_7F} zE+!%2pNr?OdFAC~yVEq~Y9yfQT9}#Hnwpx~n3@QzjEx1B#sXt=6JvpSwJJ8|9lTmd zYtWM9BC$A+&K2iLa>U~N9I-erCnq;2D?2AEJu53cJv}2iAt^QfZDP{R;}@=-ipzL; j|Ix{lxf(E~!n6E8##0LQ_IchZ00000NkvXXu0mjf7-C@% diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/aiqiyi.png deleted file mode 100644 index 63f768db04b296dc1410b83c9bae3b17190f66b3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8210 zcma)>9YUze$>5{G`Md@xtQn-x;8$D$? zw5C~_BQ!Mn8C3Au$Mp0XL{@;K#p~A0h90=(w9YUNFp*pla*iJ+<(y+qQC6_mOe@a13gOC1duSO1cict>5L>!qDmAouyl)|&z00D&p5zGWUGs1Dt{slG^>X>1&AZAr6vpiRPbQs9KGf__! z9tl-J2)FYuQDDHKRSMrRxCg*K-Pt$Ss4Cu5<0G?9#2$7d{q*0l=TI&0=zmIZG{=(K#h z62O3O7!_|~k@P0Qrs(6~`Csh(^BU^7^GY0Hw8TcliXo1z9dB#$Z(K8ZfaO?K%rinC z9KRjtc)yUHO~|?{MCZN?<|G@f3;$pS%Lpp>8tJYP?eoS4c45U>ctUQBF#V$D^i4^L z!T_+{sBVIjqP6P{0jMC;_>HJR`Xg6Fs^0x1vG#!)*9`>FO6*a%BI5t_;ytXg5Pg5m zV2u6?W00tdez^WYe(wmLB^C@N`?cC%qsFW9%)>RPNYBDmpLC?|LmYh8WVi0^x_ciM zOq@yDmZ?qOVp1M-hmLzk45K62kA~)AFq=Jf9(^KWqBqmk#8jpAm?TG2$sOR4GS z6Y0ElKF2r%7SRxQ}4z;gia&Y`yi7I6uy-kBsT+pGoQoUe5dipnRfT zY_sS@sMG?+D6HPC84_mVL{%1JD3Sc`vCo3PerrlP_p^nM1J`%TX}=O|p$cpQj9p1b zYH(AwsSzh;vMeJ5*Z+)^%_oPMW;c)3tLTCE+uZQgh8XPdlS!r7kj9CKa9)*ZT`m4Y z9BQD1EO6Ge$h2RQYy<&^LfkUH>G2oqwd|41h72TB-Gm~u7bCC{KD-GQgR12OqoB8< z(r=dXBplN045%j{l_)A>eH+QhOeL6FfiE+r-gsArU^pSDgK35pxz)aEewU|fPotip zy4;!KN4&>fvBUgYf{`c+8C-TRSNbCnW4paaD7?2wBc(f$YT9T5T!|vQYsb8e+AUD< z+6X$~t13lD_<$3np04?wa4U@V#Jf6kOrTAzy{7>nYxftf%v$fUXx^j%8~N~ zJA2v~?w!?9#sv50{PKtX9($l(H|2X6KUdo4ogek8$LuQSi=(ufz<(2mO*T)`{#7w- zDqmSsVqzXRy!&}SDLQQeTk3Mu5MOk=KdrqRG$KdR^IcoCTBh^jYGyQ%Un!3+HkPoa z%QPc{IVv>*7}q~TDnw3}KrIEJT#6GtEqG@FJdX+1i& z6<7WJ12k(t_OuU|`M~4_XL28&qHdE(f&Z9XBcc=Huoi$1Y_~&aVPCF~nauqG1WkSo zWW!cvxB4B-#pT5c(RkEXO#z6m>GhG4x8rpxzoj9qrlz2{mq}{5a<$z9ip_VlZ7v}yQ=dEt>Fp3 zbk-!b5&L#a+#DxLQiy%7(wbdnp3j5XP}J}ul{;o^bW@dUlo;zrA;uPJID*#>d7iS#dI%tuenQ)?n@K2Oz}1$TBV-lX zo&wzi6V%ZPz>#%EWS&p}Cz7f7gDcyqcKhSW3>4`sf&5-S5j`5llq31LAMZ9u<=b=q(*RxVqDb{JwZ$-) zNquLz`I~=|Rg#C5B&jvtxUf!Ex}lf`1*-GC8mT8oeftnt!63mbpa{*U9MdF?^g^B$eR6!*t}=n^0CgRct*K zDhuYbc((2*EyGv2s%|O|>qw_|&WCxq+cHB}x#Y#0)2qN?O!6_bT`EF}!@$3v+a)8@ zz8Cvp1h~tT>BS*qrGtU@U3f&H0pX&6U|$B4lAubNA<0vMm1vpU+PRQZf|l)*c~C7Z z%ti*IU52jSr$K+VfDloC#9j7L@{9`Jh*C<`oWNRFj@DPQ@t*dfDDcHd($m(9 z@O986=N;~|_r)jb$kxWp5~cpEDp8iygN*{hVR4vPNW#~FS9MO8j380YKc<5r3B ztaSM<>!&pta?7l(xrW?4MA7fow(DQlmKp>*uRMv>uMf0jf3~PL1(XuZZ3rtRKQ(xd z7b<~zG@5y5`>CrWZrAIt&Z;$}JcbC&)Vw&iA=_%{kOZuh5%QC9DE7l zI7p~J%WD_zgOBX5dYJw-^1R8jAi)d37HwDp{oWw09fLW(GINEPg-R1WXt=`RHX1kG zRTe>&;o{fGHxYj8dJKa}%ZL}qecH9^7j&Q|IBWc1+Va83oK?dtJ{ z>-p3qvK`ByJJ>w2@icpJE@porA|g%4_s-7i&RSUHEmFe?JW7E!Pwo_I{(X)m0C&O4H;Umv;Rnyr0Zu)1oWk-vIe@(=lRWuH2636d3RwHSnG>=Or&uw`6T^yBX z6$D?POE?oIG<3!X-6zU<_vKt-wH}XVLmdmfd9yDAP-<7~5g!lDEQ%*Af^IbFg^j;0 zj88EPaA`e)wPyZEC{>q|2Q+QcBDHVLVDjnO=TDsAtcZ{u8Gc)BY7ML+HSpHxw_Yj2pn3`EbUT1hnPS%Gf6ANy|q!_2hilXmwaG<$|e+?Ky$CcNT{1vwebR-Tw;CSUjvpU)1p( z^+8UA0}1}%=&4qh9aHMkd2thU)#w?LY*kS##U70kpX{UF$E*3%p7?}rwlWNacG_TK zSJROG>^ThFj*K{u*qslQ*Gn7u3-^-yepZ*v0McM*cC-R=ycuTXRMqC5D!R|aHH;yh z%7rcm(G1=gQGuFx`v8ewT(4J00`{FfUOmny%v&09!5C8k8Y`%?8e92wocKCFxqFGu z!-R-9!(a7l8za|=?NM&ZaM@|g1Nv@fR7t>2cCHxA9dfP22jhH@N%Gk$9NwL-=Gf#g zrUQt^zR0C>?<6Vx`1huz`2%qbX;S;p-Qw2v&T?3M^RdQMar}!mxn|V+2rU?HXG;bZDis zOxd05p>dUes<;2bq>;ng52%Bok+fBj#nfr=!Op2Jv9+ctnu8S*6f$%gG()5g?Bzd} zm(ob8t!DK!4Gs`-8~7Jz{0g;yZ= z@!U_rPTSTZRc-_jF=`*qUSIlr`c_l+>ERJ~udicNBP046t*Mz7@cT6XI$&Bw`Nmj; zZ+I`YxCX$unS+1BJ39Sid5qAb9#r&C54_c3M(zp7ZzomGioC%;#99sBqV`rCn6P67 zuGiQwsa#Zc=(jDTq`H+YHtiVs7l;gs;1iL?{Hy7f>Ld{JBsk--Z07CdPg6~cNq&^S zGSd*mC;6_FktiarSq_w;6n&SstjNfdeH@IF-}i`*@;Z4DovB56bnwtmdsug#I7~a~ z@IdGO#AF~?p1gbpF7I#nI~KI%CesO4@Mm^rV)MxiSp538`14+9^;=^w9WBk87t#p+ zcHy3AW<40aLra3enUMDr;hE#5*TcDSdVkRgLEqVRJndnO|4CK?fPo~?Fx#dC3S~)I;r|OqxL+n=B>oAK;y9Oxt?Dv zj4)Y&32O{ZA1n!f2E!D4We^h}-?#-kmV=Fg5h$fT7JwRIsVMgS9w{auXkXMM8sWd) z7v$>oBb$eHvX-|Sxl?Qkis36)0up;38GQokE&XFTZ+Zd;!ue|;?uzQ#_nMCsEz$A4 zQ}xO?=fPO8KXPs&u+;_PkErP$eL-y&A~MwSX+HA?Y^Ee65v&ku4bex@nT!d-Q7-oo zva_yKDOld%$uBZHRL#ZNq)s-^*00yS3)kMGbWk8M4t&)k|G#7Ks0KV`winQG8)2y5 zuw^BN@%%;rV8UgjGLR1Ns3&!-5o8p_VH5~?Y0^T7#gQ3}e*ttKZCp=FSvyV?hwH%e zKP6pG)Q? zk1}F#{xLPkpBBcYS2=;8_c_5m)Y6M}o9EJHM(c9^c?!%x=9C+vG0rVO0&6-StUj}4 zVv|zm1-6&LoY;+)Sx&Gi9!H9nklf0hyrq$tsS-mcZua^moJ*AeGJb=g_8{jN|TTJQR6S<@KUiKmoLjfG5 z0p6DYBrV_kWK|iq>T;w__aD?z<$}$;gh@5;ykgh5Yi%pV45gkW1Tm)s>^{Wa+&q$M4h;Vxfc7e-0(yx8{z-x!g0 z3vI+M>l`8$>ObHXxOQw4J|Vfmb93DUOTP3;`Ovd=Qd0B#`{msQj;uVWP;R!#0M4)^ zrZIeV>ZaBTjy!xxBRZL~5}4r`AhY2eT*}q=tj|4t&`(m&$=>lAXQAMm%7$vB3Koht zuc(6pkkPb92?s2FJ?<#ah+z@u#WW}{&3kvCD8>x4N30w}O-ctg zo%knKXJ7$y4mBJrzhWOU7#w32WEP!ja6eZn?u-4ib1^SjV$^h|JAW?S#`(~CoAim! zzupkX#9D+`^9M95HjBwbvV`7uqkn+FJWrnR#vQCyaDJUdUHBMpsM*5(X^+>j|x4uN9m>Y9{Q^KX|T!+26q6u1qlIXY_jUoEE^A@F>r|dn@to z@`L$4Pwehuu9|meg}r>EJqq-EIYrbO3~{V8_xPxnjNjCGGpy#JkyQ_N9HzCjoDJQX?*QRA9`Kxzt>z3P7Sc&au%igy~SDl z{M29x(>FSyE@WitVHPWX_}aA5Jhaxfk3+X2#d}HBOcxg{@No5H8&&QMo$f-#j61a9 zTiGr40`~Mq_gG)Ou>RYegniX&&{Fk~_LX)7?yQhzKladfP$l*NK=InXii)KDb&ks{ zi940jV3T*;mt>s{eM9)eUR^r};HX>rhBh+%N|<*8S*hwe@7Ky+a4z=!!Mpq6vIV&5 zc&e7+qU)J2-?z0i;v$~+yAR&_&vs=S{m3<)17J&vG#pWmn(vzsR)_%2ShZhJU%Rdr z1o_*1@AU9Hp6zC82|^8tkAaQVrU< zoa7-hE4-jeQpO1!p9f~Is^4(Qlq;Fmnprdy2wh^*6qDWCph_S^PSh~qKNG{4e5d~) zn*FYT))C>8DTeh-p7`{`UtgLUF1OG>Ju)c2hAj1`w_kteeEcu!@bbE;L9@X+-9~kM zO8v!EYl)!KzR2@?mFM(XdY4C}=uPD{>^(jG$3IuD>K3!Z`3u!y4sEw-;3H>68T7%) zAr-sm>yiPAuo2J%Oh6x(_`-DsxpCJCRbO`#db8ZsXOBsRX+94^=~^2E2Dp!=4YKN- zc!eAv<9Tuzrz&NiaQ=8Z9o_SfF2%O4B7=+E1yOS|-Nb4u;82d|X(fuEJ`RPO>+0hQ zCd-*wV}37@?rre#tiC2i9&(PJG8sk1it-o0+c8szcsOnIw(B;d8eJ+ryHxPF=$p-N zJxYag@)VaYIkh)z2Yz2dIPA*dsVd`5$=2U%yt;NMbyUYB^uG`Hg|XpU6g#L0QT*3e zWAzQ=$z`GVO-Zx|I!Rv$bAWHoYn7rpfGt(__+8F7?Tsw&H~rfn@hQE8yKB3sh>-Zy zt4BrAI@+Ib z)+PJLoEw{MH5-19q~bH6=0MT-o*}+p|W-Sv#_} z%>2HB|IjU;S(jHoa(xNl*F!0WDO-3py6NVc)2aEaw-NtM%$5BF92O<4f*L`f-48xi zE0h^oN*j|oIMC!r6->g%S)#^-@lYDQA zSN31}UR<7^(33pK>sTbX* zSIbf{;DON_q$3Y$xg^hF#e4fA$?%h!&9tZYTcBR_d)QT4l}ggI1}qZPE6=>q(hf@d zs&RyCU;!-eZ&@FW$l>T?HI31eKH?j?(GnGVt`;w8@6~xxjDSogeM!nkz{gay2ge-> zYk_0PYD#VWL@M-{y^WF-X=7`^qlhiVIQVE1Pn(*;1^Yt&n~EFrVBp?HxrMe0GDZ`D z>m)T@4H|!z799)u5o$IKX3@ojA4g6hObLbrl66$M;2qM2W5|uSeB?=!h*+aIUeW__ z(L>#o;JlLLjl>$OLVo%nS%g4}^?$uM;&{vVi8U4$5X;?gS5(Dmwd$V-Sa*(I>^9 zxl}dc4x@3cr{p7{y;8nX<(z(tv1k{s+qyZ^5nq1;jzZYFqR`T>ge@l9NHIQcdTRjT zE!9PxlzYr@F^^@GTz(#yf3LuOM(t}DDOXWcmAN-I`xaKJwM}rz4qG30R@2naQ4w3E z49^Pn4jW2T*tY%Fqkt-DcF@0+Kn#HzfeVwe){cderLI4(ghZ<*fxbWZ>v zKVafH{fW2r!8mR*J&0kREL*6gO2ZXv>>4}G$lUQ@v{f=>SXqV93i+$J!1-;|#B8aU zv)RAdH|8hW{G1AZ&SArx5fTaBSOT#a`iL1-z^|$vW|dZl{{gcGdkIC) zMdC_lOs)FyAl&%LUF63zj|n%mZ@G&*4Vd!h`e8Heox01WM_DoO?c7C#CCGhhQR2fMnyWMaU?0^(vIJGL0s7!w?&9Qk@D zIU~6U2MJ4rNDPpLcYSd;RfTKIv2mszB3(s6NRG?yL(?P8MV?d*K2OF_QxlVmEPy9} z3Tz-AqZSJ+EzXnsYbFo<&UIJhZ}TpGb$!)6znycatZZw|Go%3qXCc}o@|rtl@|x&jQV%MU06()D>YvSebAy#=U531Qdz(k+kZ#wW3zJ? zvyDlC&IN5>jp42m>wPS%1rP|2n$qPt^BSuIFUUuEhCf6c)6uw=D<=@#84Umc;oX3t ztSbZNmW*q2G(xwvb1X`&L;15xPD!RM8Hd7qv${(;a=E^t-<~ObrIc?r7JR&5!!!B% zfD@CBAKy<~sElnTiR}|b*jCc)o1jr6WqDRTE@wN%B@#k$KWLDTE7Uq8?|*xd{i%Bl z4xRMK1MfJA*S%TQip|$L8Dx?yrBpjUw{!pGv^J zDC0>5d{Dy1bFbDbWovfp;`WA2c57(f&sM*Hsx7bAc!6m(8pFdMcqbAy^2xjNIWV7s zIX>}y8x4^bu?H?pSgl(ax`4`+jok$tipCtoKg&H}be(yqvGd+|N0EG6!}a|bf!@KI zhZoC;)qzc&+5~lxUghK`ix<$*5IL%4*yRU?-#V_~2|Y!=M)y|Ui~wGWw5Lc?XjpAv zrQd_d#^84!eQzxkWzL{s)gK?NZV6lrZVPUV-ZsemP{<*GTW&lRuUiT6)*sOSd?9`e z+rT1TKm}G4!aq#;LXH*0_|Ex!qo-mT`iBTPXw`2jVC%{N?&4_cWz1cl>bl)4o>Q$4 zmt+);?p*ndk8Wsej93z{It;JV*V}P3jp7_;X6?@uZ7IPHjE4VtJ!PM4{Gc|fxmBRE zG5o_*>8dj>WZxT6<9gSp^LctJxy!JnI!Lbt?O!B0W^L8l^B!v&a3M8G|2fP^Lci%7 zqVnS#DI+tG`+BI4EZOeU$RHNg=Nc-s9m8hr>_Be-%$dtlY%us!wEuwBxUT*;K_eHs z#`#4XgUw^|L)$m??lTY9qZ6g{)B$<|CsX;}g+WKwI^zb*D{+X=10ZD)L^ z%Ho8A_<+M%m+Z0Ti1;bhdL=ttF@>^mt)@TAD3j9LI4FA#3*h+?xR;9I11^#1obQ=4 z!hxq^nqWxWo&R8`MwpHq6$3Gu&S0P494)@mO)2`dG8?qcBtYLx<@UAvFPx zy&>2LzV@_5%v-`-Jf3{dEBM*E-i|F>vZo9ytDPt)nh^g&4GJBh@VR%s^R^#2EhqYf zevdId8l>~%H+2Dj@XpJ=K-x_AUX9iEm--BJ^=*{sCFZE{64qxKjL6wk8H(O$LYS3j ze+bg^2qlQf7L%xmhgM4Q&hZ0U2TQIG?-HncCtj(_wDS1`oAz52wJ3Z>o;dlySyr2_ul6(>T^>|{$F zv%!0|oAV}I-0{4~*+V_RnTw=6Lj&W6Vk_uTLKk>VS--8E2s7m(nm=IZ)_r3Xs@T&d zJ{8=0^tJn$aj4XYD=4<6HR`Z2aopcENc*$lL7(y34Aev972*!LZ;0-WBCtQNq%wBu zX{BDdls7j1VYp4)_qqroMs}l6pq(AJF`~HMqLe+FyQM$QB0MC{VG_WT9$`<5l&pCZ z)NIvhJ9Dl?1pRwS$76DH;jF~I#mWY>bG&_B68=EXA7^Yd3~RyzP1ykIbiQRV13WEf zw0*5#n&3l3_xmT04$sLWjEPxBWlbB_&M9L94QhxhJ#~x!q6)K#>fFz_A-h|gn zf?@$_UwV#8H}S^C^L)Gc#{e3n=!44+A9K9Xo|rzi2<8Bx?C*4CC6jT0Vza!`p0WT{ z0K*4s7t>yN<3v@wMW`0fAgvj zsZFDZH1R-iB8zkl{?w1y0?!!RQ|Bo4!nE(=n2C~o#fGOvUS|K==Gv2(N8~8As|t$6 zN)_Cg1cuw{EdTxtno0Bg4?D&o8hOcdWU7$s*@BJpqGHarFhhmSt3f~fOKy~0$*Wgq z1cTS$MDD!W-k-)nj=m*H8R`Narz70|Nfor45=Cro!V?O-vXcX6k8`Co9^@$55tDe! zRj1HHV0(X#sTL^4>2X?L@#YnON7Y)rOnD~R1?MkKJ+N!8mg4=bw{Na zDwfsv6YloYMM9boLkH5UYa#4*m%P0yK~Beef;o5zN=&xBbG%N7KP9uK8AU$?sM2tJ z^4K{iuQyMoNHcnc?;zobh7=O@ek)#97o}9K?Bhh20R9!EZLhZ6s-pz4Ds+t+386%F z_TQ&nH%;-Z5=(%kRdsWs;f$EK1NRZ0k@sM!57W5u0HQ!?%>lANsozm|MNuD!V*qJ7 z$lU0UL{Uzv;qU}J9ui`>D#nhU5(r;M!+~i6|2LU5=ddgcgi-^<5kSIitvrYPE|f6v zmr@=@{g0uCpuxdN<$t*E+2codo<{@HM3HZ!RMsxHG<|{aXtWA2t{Z!DUke`rNWuc~ z9SJ()aQZuO&sM>zC#)~#f)1%ij>^V>VWN?V*Hrg*{jsn1ktqM>$8!!Qks2uU(jjyB)Ndct z(eA`nO~v_>xW0KQI8$^VQOTG?_!Id$50nf`6hSb5!>mD45=gXSY)Oi-mA$@e0lOQb zA3-==OriQ}T}PHdaK6JS5@sDkPahHTz5$T2rHTzT7u;z&()>O&5FU9 zVv1!V%xZJ9H>B>|Mfpe$nE0&i?51P5kGso!Pi>8Q(nU&Lv@^1SKjI%C1DQTs`NB z6D?P>oIO>IJqbb)CUesBn%wXMVw^K8*n?%rcBM=efJsRNr(bf~hkxg7-2LHqv8g_; z9Ava445TDYlU8iZ2avoHw?6$S7y8Mhox-a9bCbxi)=C+P#gD!ZVwADY0Y&}(XwL?t z`(W;J2n3b#NUm~3^U{~GL8Y!!tumPAHsOs@Uj^N?0F5kuo)cZX;H15 z6)*uwelCEflMT4PbsX=`kk%=z-mI9@P&jH!#;){?FU+F+?`(>^3)wCSYaznb7N{c8 zZn9lEwqRLKOPH@;zia6m(l7axluqD}B)ZV4X^&*EOkU!pvPcRAwc?BbI+!&t8C?1u z0*4Zja(6OB^);rktoA%;al-=j@;~XfuunLV5TQwC_UT&-P(!f56eHSn{PiM@xzq z`z;GXL<&73TGRcpjSKiU_9^Do1i^x;e#>`UO%L0saFJnds0~{>KEfPBwDzRtSKPvF zHQ#Mkjit#itc8t)aJ?&lo1OIoEU)30&(#p85GRk$@yT0ru^+;$c@d$G5;{~ickFC( z{6|G@ZemPUtq!KlN~H*RImT1@b?Po90beJz`lWFd(?1qNIc57PQQpw0RnU-FOKOScrkJZ@pNseZ+7(A5+_+Qq>)m(;oOc zK#sgusI?;P1yqR(pu6!+{f3MSR?81(G?q5Je%(|ktx|(r-OvKvj2(xW*E3rNUBvu! z-%5gUE7<@@>M;7xpgzzx#`I;(r?X%`-oo+H_ zYM%ml&yoRbKwB5Z0{gYgR?WT0oKvx??k(@Y-dt<|p!@43syZ34xP;vedwKbIJ53sy zTOa$2^YcDE*Gw{?eM5U=PQ{P;2b@kb^v4x_Q)npgZzTtFw~w}ybY*wepv}{TfreO>6Ulc%<2WTeI!HB<(>T#}SoCC!}l>AA;ZXP{H!HiH{kKQ%JW) zZ&+>Ktx$J{QmpNFNba%{edAB>)VBfZKI8o_5GZE9>t8A3B8BK!6%;nUnwvtWw2}0-ILq8?0nUusF8$B+C+mTJz5=3bpkw`$!;=2GQJu*Vt#f41qbP={ zm|GXJVO3`bTB@NENLZ=TVL__)6`dFTcSPfA=0VEw<$+n1dtgGCW;YPXoO;Ph9d}11 zuCV#i6%@MFMjdrA)ooC&78H|trL}OKth8>`TY64tXuZJ<40$|EKV$&G{O9<645okY)}&5PqULaJP6q0K-*6OzjWdUF%4VyjFPD_Ek%4^SlX`Y^GaOj_1bjEp?;;Rh&2) zJgd!yQs@)Kwz2V^RrI&WzUkg;+QOU3j$F?n0KDW)%Q$}40j6Z zqO^iw7ipwB#J2U+i;MdU8C0BF2b`wF7%)d*F1XY*`j6NzzDEn_kQ_zz#4yqp_4Q3C zgw2<4>q!1J`1h`qk2>(J3Xf@s1VQ;Vy&XXpF|h($D^E#49I1ZYr3T<{l_X!(6arLJ z@x{lK5t{}n{sz$Pg$fwOSjYI+KsI&lf6lh;ZkNyrp&pPj91A&mJ0w*oZIGWl7kKgB zN6GO70(r;%uT1_tu%Ia$Ctt3xIQHTzY5H1zSl+4K8ALulOe4#9>0`ob_1K|9jo}r& zu&S3Sl-gfYZzDa<(~U5~a>?;cd2`;M2N4UYQLfHjl+=#(-|sKZ@39-XIU&ta02q^{C0V*0S9>zC{p|Y&_*jc-!rUpEr{})kagCc>i^)a( z3|oTX-NzG)hC5HcJUj~i8Mmy_5%)z~IugwT{X|8BD7H`k^~B`vQNR$1C@^-~_4h}) z!@d+x>{or3Co=`%4B(x0ugk!fY!!Esu{Zbpj{khj4`vV^8hzf^TyQM5N+`B*P^@Y# zMld9+dj_3=x4gLwEw?KHRa|HybsR>8YLv?h8e5NS+DF+Z_`->Ef-C(5lDUY8+N>_+e+-y4GZ`m7OOU}| zO_{5B9?DmbuHv^X>i-H*D(Gh1dgfoCdm>)>w3H$txNXPZ0ycN;G{+1B;jHBV1AZ1a zpvCs#D4C~W#`n(9jD?!>Nv4k#X`o`Z!wZcq{(XNZX&uhyWpJF1$PV?QKgwSyH%ORq zKis+xn&1D7xc?g}2|*ImH_PO`6J+dJ?U-jr?3snA#~ou{xFIM@fIPVU7}Bj12<`iG z(r2_hYGg8G94t_8p=JhSYhqe^!k1JJo^O^cuErcnG3a`XEV4Rz6Je~kR{WqIjZN%g zA^^2X{||QsZQiUUa$6Y`xCe>r_-1?ROzy!x5ZkK?Y^1jX7vif1^^c+8^Za_ANRiz&)} z>9M%O@<^h~{>qDyj^rv(Y_e&j>s;k~89xWwMkd5TL9c?@IZ1O$wwHY4x@o!kJY%Q| zJ@V$A65vb`SSDJ3PpBXkqY!D-Z?vtc{uQl%m- zROUNEFxKLgVA!Hd*+W)d2SQ29QpUX%>gvu`BRC2yUg;mJz%;-eP z3Z@Yi*&x(MN4KRg+xAdF&AG-A6f095W0(6+GmDA@FBAfOCl@WXt3_Ob`h5 zeuO(oq8bgbG4&eG;=^Mw$W&)`F$Dtq8#dB}4e|1J1z(oomY^`5rH5>lq3; zRXO1W@R@k^P6J*Jbjf@3X_FbeYZ-l3NQE8}plbNB1Y3p|lr{K;uJlT~{}PzX{?_5W T5q*mn^#Q7nv{Y)8ts?#h{?sgB diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/baiduwangpan.png deleted file mode 100644 index c7deac2c5ab48a13f5ec76db191d92e2f1aabd76..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 7893 zcma)BWm8gHvPfc~-KGP@agPH<11_cHJ0s^)oSXSe8?EmjUd-M8+>sDmH4v20V3epG_ zqg49{2sH7EvY?M%#>YnJ?q6pX0#1aJLqoYjxe1A@Po|sd*zV^FJt}o?Nl5Jz0rqeh z2?3W={J>p~NiccUMdNcl7&fn8X0*(~ldF9wP25)V`4k$mMS%wEufZlbh&I}U1esJ-lASL5FeJ)xOxpS#@Hr*>=rG_sLVaE$D4l_I7_B&NMH(1Jy3i}MTi!v zHLVgR1!)2X{usLjk7T%HizYHJcw=!PgxfQeT2o*KeZcN$Pm2nr9-p_yb296&W>`cD zp9$_go8ob`0TU8|mX}3&YT<=>&&`VAmyxbQ7G%5wEl`9&E3Eiy_lInnc2iIWQ>(@_ z8w?yg(X7-UG;0JhwQ=as0|2GRtG6x~bQP7tZz43P-nf4Y_iRnG)_ zzp}~Hp#3lL9j?B)^zO|v$CM)+u=i1Im`i{C+@1!wq7KQsnJf6>t4Pv8UnPNN@eGlK zKbxyY#sWo7`9>5n$>x5Ii#bnrk1tGijC`4$x65IO%(88+gL7kh#HROJ6Xs18vfv0D z@@RiJ8!9zft{K5GAO;;tEfhM9PwL4nL2;UqrDBy;sRqj%lS1$PL-JVR4F>qK@47@! z4L{`l!&G?NWqU_ZfapYY7sy{~*`tJ34j7NPT*dm>)uH5`Pfa1i335QOMJ3Zm^pEI$ zq^;!ew(I`Nj?2WH5q11x6c|~tNrM-c24CXw2Tbb-hj(c=6r&}fG)**<(kdyY_XkBG zuxPBF)^L5qF-|#?ATt;vgR^GA=jyi%Ql@rW6YWF|LN3)%Ck|8&n@ebrS2SnHp7XSX z*kRwK8jd}`#FS<595{e-SOl|5}n^$d)=5}>Ujx&{$v(J8V@CI+Bmm95QbYZ;2{hKOG~ zJCp~)f@+!ScY%Vzy$M&RdQH-EdDfG3`fXKQ7%y@$>(WR@mNiWo(Ulb7RHxW$dZdG8 z%UpK@G+qEKFWK@y3$U+H>;GqCN-ya?D%jr&c2vhBp6$nve=G)Em_bgMn$=yFs16HW z%g-6GXRbuA`LsWo|F-a)qSuu;l4SsC2JXX_jlimy&-vzgHJi9=Sc=a*4eRA1iOy-H zG4>3!>-!=o>mG_l=ca_(Nf&)SMLonm6&A}31=0Q5Gh4rqAsXg{)h&A)cz}Y9yJJG$ z0{INiT0X3jsRNsG`!Js@93r@`SDM_{1o zimXi|hzO$EN;a#t&z!8w_tPdic^93)31bYQn~Q-eg&pjz31MXdHYY?vgRf%R*>yVQ zu;#RcLj#ga)U%nv25xuev}PoTtD{7je(>TxLa;29+~I2`X_u%Lan$B~=F%ihKF&_r zE*e2AzZgZ>5eY;3_sguqD&zs9l}H6>Fu`OcY~g^MG2MU|i+A9MIs~6-vc>BiV^bJ{ zas{;|l553W-Vf&(7Qcg(vaSw^z5NLmtBb!Y`~W)x8vAK7hyEEg_vV#>3bKu3>ffU2 zcmeom;m&WrxQ!B8?$(T}OVB!_%v;uumR;=Nt!Z+r5vZja5+X@l;>S@^VmS#~_^J_x z^7fFMl`J+1PHiuwsmcOl>lG`|@kdH=!ULUpPcoUob?jpCL1EUJT2|Zi3CWr~;R;CD zd6y%(32uP(h=4@3tau9k;rFG3g9<^k95*L1JCp2wF8Sl_V*!%w9uaI5sraETjVw=& zCVNfOQV0^X4j*hN^H&`FMFMi?mk5GshGNH?Wxp9yW5My{C#WbH522uR z%8)<6d};ABj0te>=3#O7kRPec3jV?V_&%ss4*SD)ONbOtLMY-yY43+HwgU}x0wbDI z=H4I6-J~8;DQ=`l)lQ;D?JQ=YwPgUAH;T;v%_IwQTb{8Rq-e&EbXq_R$Qi1ac6Xp7 zd;T5iUxU7Jjhe;qt@ItjvMRwWm8~HY5f?-VG>w+OXGSLl%u9nb8op2BTRSi9O&C{E z-~dhgv;Bz+MkCv0g5%#NhVG3>@%hDoT@;zoT=*7=o->2|Whr#5TH+A`2Pqxwkljf~ z+Q^qkY;~EwVu696d&Qd2pd6p}hm;5gw6ooo^DOnm{Dzd0e1e>QO+#h0uGS-4eIQFz z_NQ_Glo<8A(Vq$XAN&2Dk=}5Gs)hBu&`x1^Jin0NjWHkCl{>9Q!m0b_(uofEyp zs#kx#{64;PztNRXaL2~IKDDP#X8+7nslZpH?-MUt@#9Wlwc5g2zlw+2zJd`=ST~W$ zsBwFz{je4Ns-Z5pUBg}9T~!jAlR>h}0@6?A<>EANI|g96QGjRK3;}ndw|}WeD;4}u zP#$9b{oyv4^xhrB{}Gt?64O+lQStEka#aNMUOkg&0(=%tr*@-}-7u1K(%aA|a?_TD zm{CR{BaJv{q?iEblKw0TpleQ|o7g#n%O;R?83WL? zdIJDd8TQ}3d=7!IpVV9rk{^rp1&Z{Spup;~>t-p7J$w9ieirajO~Q0S_HeN(!rpva z|KVReryjODj z`|eRNJri|T6dM`%D3N3!Ii#PnM101{_Q(-U-9;u*X^(cyx|qrbn(p#;1^Zjv3P!H4 zzR;-;tEL>ToUxc!J|cfT(}!gQccYOPL{hsbpt*a#CJ4ub8Xn7QnAahiMnrMk_=)uL zIc^NFiCw%OGE#M3jmg$|Mtoi>>k6^x^VFA&w*6rQ6#8`*piZTVC#zZs4H?A1Q1=_O z9FmXi1jfhH`7y0CM(g~!uxSc4qEJGz2m!4dA)37&4{3W=8anUo9mPTw0a2jC=he}# z$OOKd%ss||6Tzu)m&tHyI4W{%-j`u71~oj3TMWr}1280uK%EdVvq7H4p## z@L$%bD?1%BBhJ)&O0QggY&IQaj1*cBvY?&D`u+X0VMFmoL>}1QtSY{;=X1deKAGPU zNz%Qp8f>^ieQMV8V;TsM$1#G>TYaq=!UW!d`qYUd&iHQj#-+Mfiw4K-DK_m`jDbC8t-~_O zGU@X3J!QuqP8@pUf1U|pv_q-<3VNfpL8td~6PFiLUE6MjrY;W6(@f$Os+}ZuIAcg= zb`|c!rqFlow9Lu8q|dG*?B*^ND3avDoGtJ!M%KK&Z!ZKDiR z>%_xzd)VNP61@cMERo58KK!tha`@N~+i_}|Czafym9KT9c&j^3oEg4!9_v!@kOTR_ zZPOsNuG1cD)|ZpspubTYKYl%JGL<@1h@?@Zhjmzbm88gUUK!ri3xs*mP5KUylXgm; zbbMVUUM*a_-fKSFc(*WF}wBkqkzS314T)>2mo2))^H!)?L6&*#YzB%12r`M@K?Qq3Og~ z^UMzbQpN9X`qHmic_)F8mhLgEx-AE-^fC6vX?4MDZ5|jD)E2<9N_!$3_mer85M7-3 zx4W%Zzu7P-2J{;vSr4uA-yyVq1EaUo8|7jE|0FgoSbp=1-1kn1lU7b+pdupBWyu3K z@%lqwYdhkfn$>@ALy~8#e1#e@+J%_Lsb^x>9jq3avgoK)^QPRZ%69|aWev;Don01n z2?OOq{lug8R@w(;J>)&2Z{e?`X z)luenR>x;TYmJmBf*@e5^fKTfRqs*J8q1t~?{v7MVr0n{!Z%r>&8RvQeJvr+a zoM$rVZ*OW3!sRe)Z5gbz{sHVTE}bH#eUr4k8P#1Dh$Ru@HIkG8=NsC*eeDlZ#|X#x zyrFpX*!*Rb(zxKGo7Ru7^>?l&?BS2U1VjZk6zC(;DG+>X_zQf?0cxxJz}mniq|*H9@e#!d z>c{$8`t2}A-pn6E$+GPzhfNURpX<&yDMd)y-XdBwM*H|mRew9rfWS52lF-JH%5P_7 zEKu;kK50k$ODB5@PmM9kqD|aNlBAkyjE54p(Ce0t|S$QHjr=>7ZXk*@%ap2w&6p0 zb37a6D)gV6LPJ}=^@)zv18+Wr1H_=Z-iSy=KUp94>19__WH=sE~xN1_m6$AXxN2eG>aFU!6n)q^du}JCI&O+w|h+3|< zWD;1}no;&P>R44K%K4O6sG0b2b}-u>-AQmL#D!N?jKuYHsZxI)CNiTk2jR$hdy3*# zU&G5COZR`*shX^HDx?7FmaRI>HB2;x`Z1c{Ac202#g5D9uK|^_1e7Ce#{nmAE$~m@ zm{Bz6K9>G&kn~EFPssA*22K>)z0^^wj6@_&jY1v-W_g-x&>y;;uHq$o&iaU@En7Tx zal11~dUc)tUHw*tF44!*i6vwbf;R53bpobl%Fkr#?;c!2px88@C8r`Img7{A`u_D% zhjw+x4My(yk#d|b1Y!lcKhrSHuH5qUoJMFH+gUbEDh;i@46YZ+6kl)(t~k&LFvtMe z0n6|6i<}czgti1gvd+Iw(AjWD2v_f1m<;a14SWW6y6fLvu{CDyV(zb;$*&T78bMBD z#v;19whny`T)MX5Y(EK6I2{hdE-(fiC5zD+E)HCTb6W zi9YzI(n=JCFXb|iZQTYL)AwW!1{U(;!wCKk_`I`A?=1AUc4uX#`+9K?*ZmpZP z2cXaFAoiIda9cszDZ^FqCtEzuSculpqw=Wdb2Q``r*85}lZW*(i4BJ4&)^@1fs=0f zLrR(TQD#FEd0~T6D=cXs4Lyu0Wkx7Id;apkZG35qmgV7A9D&)!C~5X%vxz#60NXCQ z`K}NzD=MoZNA*1h+Uh5Y8`b@{NN+r%6u!i_S|8*1oJZN@t&KBICH0ha;E6!+L~${O zDt^trr&3|Afi$2xINbe{M4(kICulRG^1T)*(Jak#+@5m}54^=VqZ}`ho%I>zvX0?v zZ)tE2Uhr8+O>6jKHK#?GxF0lA(C0i3r;sDadF}%jB;0MuoN?|$(N||S5HB^NEWUVj z;d0m?9(_rgz=a9GT>YVj+FLsF-Z5-Ck111ry(tOqpWNgmT%TPB-WUAa6W_zf)JQ-l z>r76@k-WXAV-`Kp!^louR5Mc%E%dw3+&y+oZe&iOgBp77it_mRzDt?^N2DEE)$Amg z-2(N5Nd|9Ev9{K}cq;Vto9w+|Z*@&SrxHnVhkK8ctsD_${b|<_@ozi!G`1w{xj@zQ zYYc(PZ^)!7(sZ%3yC&xec1 zg=;$%MIFPzzP7S{UZ~5FWoju^&h8&6*dGkHm!xhLyw1=L9Ss|$NwHitwwJ}-Ir>%3 zmL$w~b8s2?^kAahx$fN>GhcJD_*?Sxp!z-_>MtdYs<>_SBz>Ymopw9}Ljh`EkWJo( z!I;uJ8L7EX>f13*sQhJF{@nY3eUqP;;v>^@(zR7aOmh4>E?PY@n{u05LmE4L0*fzR zj9%qj%-RX-~BDFqu|r#IDRx{ndS+y%ngi;+`z;`j-3^=BjOS!_dASnt&WWVP#6b93TkGPw%l&YmdUl}=7qk|4)AzgE7 zP-;Xmtn=bZS?q`nSJGa-JjUzW@;y0J{24*2LDGm1IrwnsT{z12)Zvb((@zh;zH)@= zu|OHE_=FL6S?A8F#ND)#izgRmr~v6dQPS*|h<2W>X6U_I_S~7#rd}2I##CJ8H=(|B zWTqiB^Em+rPn+-PGWJ@ip3hEU!u@Z}zkUj{=35t$@jAid3_~1y4Yn+ME6V&PICG@x zR5>sB^L?0qBZL~SG67jaQfcf3G{~P_!TKE2vl9=O`Oepz-*6HLcaSoyEd=C+zkyr$ zEjR$ExSchi%*Vs~ecan~?akUx1KWD$f8Ne;$md^e?6Y%Twfv%JJ#A&Lm^K`s;g;VV zswnXkT9s}eNhRp{W-X}qGUy6<#KgJhh>jEK?2k1oJhLf&{8y3|T0FFaxTO)5ayxW) zHHeknb0)%gqu53Ia@=nx`Ou?clvtBW7^)o}uCRF|$cObDuGuq)HCVN=z7`P`Mi@7c z3q9a?%+`5qZ9FolQo1#@4WnwT84Ad(`Ez3P5_hLS=~$=qvqW3IyrD(gIbCQ7z01g< zoztCh>f5myqxX`S5^B4yZq*BDE$VG8J};pK9Z$EK7-pDE&%R*xiUgFF?QaJ5*VO5H z^G`0ApnT781x-X_WWG@XOTgEQH4Hz*v7E$vq}R)OJl;=~GddJMP`cxSxuyFc>N+|! z8gf5syuWrwizd-p;~t#N+)QUo z` zBOSE97`^Y|*)QEI1al2x99h?+<4Un=nJmB~vqbyn{3pi84%F|+90^J)IvYaJh_KOl zs=(_9Aa*rHFE&~5mjFLfKcJgm?l-AaedQr#l)93Vb9y3LAX!vPcvjzfi?G`dmEU*6 z3Z_BGATxc~^krzl%-`j-o?f*HyN$#9;r7~}O$Ndny66k1paAU<;>RE6_t%d*4ZA(~ zFjpdYT+a6I?9X{JvUkUki%kxOw&?=NRE%JSDQ*jQA~D>m?jPO-L<><;5$zqG^Jkoa zO@Bt^kDZ6!!pI81nqCx$oJUao`ZRGQZNtOsB4&drJ{mN8zvk z*i^YIPXc}&{Lm8{*BS@R zl?p1vD>A8Y&xjxBFlJZes8E;i)e|F=zu;coW#{e z5)+VB;#O)rO2=26UvwfQtbb?^bM08nkiI0J=XM4_7MRcx2gWR!^{jq=5(mX3ZdIH? za@U35QR_4rh6a7XrE-JOy-`f>66@>SwXSZs{_c!SxcoX;EVippmd+s8UESKit0ovB*Kbbvm{zJrHWbb%>{+rcd~f@ zx^U{iNlAE{szXFI;hDOEGmjpSJ19bSS!{(ArZ7D{xBI28yW_ZYHW;38E)H&(xE&bOj z*4ZiaGs$qD3`wcKyb!7i-$l!pCuHxDl8C23#=qhMLE~A{<3}{j)cz>SgnF2A3FKSz z#0w?gZrH(&PFBDs9Y=Z`rGA5_tyvvi+*v5=GS0R0@|hK^2r>!rrnPZPunSo#6nJ z06C*Fovg3NX$<`cvW&M}B4p@KR0)a8eVFJ0v#@F{x~KE#^!xf6$!x#zVzhU%yt{mQ zci{71y;Vwy489ngFf`NonL01S%zai^9U&qRzhe%ibU}-$mrR?`EVjrFl4>NlOWjN{ z8UZB&z1!Q~Yh9lhAX75~s*MX!sfD5kIf%53wea1t}KP%(Bnm)UJ)EA3>^{F7L h{hRs!wVkyWM7#0{XMvTH|8!~uML9Lu3Tac={{S!=A&>w7 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/beifen.png deleted file mode 100644 index 134821a2410b9edb95d8773ee39ffea7b9100200..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 4730 zcmcIocTiJZl)p*n&4?f%ElN>9dJ`205a~rgdXwIzh;%Rl(!qdqMI=(C7wJV21TjKr zA_DSJq#6W4A|SBOnQwMyXZO$DH}l@P@6Fs(e(&CMf9E9J)Yo97J4XiqVARsY7(sI2 z?@dDmJ*&*CpFsk4*GNMZR1a~j0l+Myg;BW`Y)i_g_q8_R=^iH!PR6BR0)QD5RI9#+b7twcQ1qo0c2NZU&L#+Rsx zv$e&6K@CC12ZT+(p_2Ai+V-iP+5XMWu;ZZE!rGIah?PIxI~%R-D@qjeScLEMG6ekV zYuJ^WGcXV}1*2B?1K8W4ub~$OK>bt!%i5dk$DAQ9fEo%{6H$X?EX%pK z0m}gREpu9OEC3)`L}V|KrUvoSbHqU;B+oy5Cy}oJ&`#>>2?E76|f< zQoS(XpjjxX>&gU>u3d$h=OL*^mtueQF2G*dVXR_+{9re7V;IYYO#gqoKyeNin=mW# zl##xwBM=?G`^U*ky=Kxcnn!#UJMf&-P5UH9vl))VnzY+H$OBqUJ)nuEv;U#aggc{5 zber9E^Hc-v<`XvS*0l+3XT1oir?C{Z~`znSp%Mo5A7$J9S(^N8kFjY)R` z%vEZmDEv05OAG)7mcm7fs*dmPz|WQn`ohnTMbZkz^g3U3RxgcQu&=SGJM!t*56w-P z)Qj`13&{Ve*PI%!k3eaqKp3v z1d0HMBTMX+25Xdk6pqN5kseq5xkN)Zqwu+RI(}<~I@?4saoVYoecH;(HcND#;n@nl z-cUsy^oW)Ae)1Y%=_b*YSl=3!YWPsoLQ!;6@%XT*6TCnxKusyMvs5nk;Q>4o* zpc$*heSpz4U_p$#`M@{G9W><56b<1MJx}7r-kb>;+|EC=!R)UefmFwRC9$GV@b0{fLx^Gp*sQ*Re zd^Q5<0;^!el_!nuV4SuhI3u|p4JXGOl)8hSr>r2xl^x9Q7r$WIox5T}7awX_DBiy) z%~u#n&t{5TZY+~S=e(8Ihx7_i|1WxB{}Ybas#qEMAnt6<#_l18Vu5DmS?=t1PmASp z8mt8AGKJ>b-s0|83*H6Jv7_nKj5vCp0jD1+1Kd)41>aj61y77}(+WHp>k0U@2p&;I z2+C3v>f>zlAWe!^AKuPBRz&F3CDcCK!9em;JAgxXZ@D@Zz%<{xmx*7Z&^+qh+@Kgy zO&_-xz;{nRGPUHmiLQ;x5X<*TB$A5cWrCU>#|H>&K)FKDQ988Kzmx^_OH@Z(tM3cX zPhs8#h9FRCPT(*MrVLqn8zoiYU)T{-#Da=D*x?r8=}b^y8IXn2>N&wFfxgH-ZTjsm zTQ_res($Z&BW(GkdBX8o)nS$9(<`&fYGIYA>Sc6Y1akU>H&Of>TP5bOW`=*9%1Poq zorsdJlA*>IJ^e;*e;`70SB?cy)Kwf-j0j|)9axKX+7H^3e2l% zVLsWF(m=h#?6IeA)M&2Z2Zp9NUgi;blYde-3vely&C9NKSt$H4~e z(LX_a5V8M|PtPcPP`godaXFf&)EshZo3&_TOf^xt{2$)yJ{6qpIbwR%27Mw5dISQVeS% z+B|GqU_r9#gF{%^}NyjcqYA9!z7Pf5J3^KAo-6{f0c7${sfCX{f1%?=-L zN<85VMn>f*X!_no=bDL8#e+j8;)mhBwZ76IXL-)K&u#6ujc1K7hdKU2yonN5y7v7i zi%Nin6pu~iboWTWL~Sc{5J^9vkEfgaJbEuJW8qZmEo1Ql-RvRWFTC>s_H)l*^?{^| zB25LAHiz{m`kUuw%!GD5Ey_P1l1tp@Co0zVyP0gBUC<)v^-V|KeCb_2Trqzj3XEP3 z@+k$uHP5DN*|>g44whou{JwUPI1%)8h_G4k=b2AU>9_7W(yq=yab~>jnjjzWTeRJ7 zD(oCD%HY=1n{{=$&?r@EY<4u%wuTt@|4vkQC})q1JRY!lvNmt!oxMiC&Y>gA&39j6 zr{R=JQVMH~#pzNJO))*254`$`1G{-MLFtQgRt96$3JFSbq$@54f6^)#2?dcB_k6Z+ zm=nT)X8&ey-yWy+A1$8OWe}t+&DgR44W9jtw`9g~MJ@iF6?50{1M{}6q#q^kOXVcP zmh!{ro*<@v@NI-t}{iPIYQC4@ssB~)C^Vd z$GJrF58rdIwH~;K%zvNQ9c;sh5$iQwp1-K6dF#)nFjEB`?UA-{ywNG!Bb|nX-Xd$W z)DSc7h=scsN8OE6@ml@+Cr20?Vwow^^ga80(~hcWO@{X4hwdgO1JKlDTLgYoUQR3` zE_q;zzt`(RNN}~zdTQ_3(6vPUC;kCvv)TlIm}RC6zpM8xD@Z!UO}5-#W!1HMX$qaN z#lH|ZYc@d{Wq<7yO*^$BG)H7Ir*bT`bCkjqC&To8N*o0z4Q=j<>bboXxM$J%*pXDv z9kB9!LdF;M*jwyji!`g}lSO{h>Xf-B(RU8AJd@(g!sZ>)*dyT(5Wbj|gpBfBRU`fL z7pknBlWa`w2#MYIy0n!K2Z<5Jszh>nUD?K@%3%k2UdwrV%frCyGFK57_OrCS%%AcE z4<_C7X_Up6E_0!Ix?SmyLXU~07S;HT$8}A-A@-bLyQgo&@fJzFknNLf<7E?N#sYng z{X5Ju7B*jt7uMmUA^qy>ZFk3Rno-!e_u;#D@jesmh&h!U6HzjqlqLCl-x$oPcT9gz zQ^l;vVPsBHR6-kq|TCzed?$H`VEIZ0*T z<-I@HSoZR7x*Dnl^?oMFn@|f>T3Xp;l@^f@#-XB#cs%bgh7z&I0AcxVrlE3?yVe1SiJ*LjJ){>Lm_ZJ-Dt=_ z;LFaB7;=xe&LaA*gr+siE%0jwF!px?0`dwj?h*3Sl-JFD3Mu2GsWW; zKD@_Ft1j1~#G!J}UOxpO>NPamno|e{XlP=V(Ym#CgDj z0)wHlvmy0w|0ZZYmygs*;ecuax89Zi&O)gN5Y)pXLW#zD!-Tp{{b{Pgzto%cB_ncq zE9Eg1>-+zroq^~az5GD~6N8H;DOJHT#L@zNYWAf-=$~?Pq6k@=-#~9?+zbtfS!4f~ zG}8vdG}^y4G24hY*163w1T=1&KX|Zu=QbQi#}fBg$_<;`@hfmC`guf`Y__9~p(u|n zDIw(z4IJH3g8p&LZ1nt3 zt?2rw-<`0sc0V(v6>8~umWr8F=^aW+q)T&!Iujahs|}2%;4s|aft}PfAmpA_0|yHg zotx1JB$=lz0ib7E%wn5B5rg2PbU60br<3$4n5I@zI4eNfk?!$wVOz*VJqob!u2ZU! z66GwxQEHwkJEa$R4Ye-Yd&i-$N}4)`J-kKU7C|B?+gVM)wq;L8Wd{IkMq}9@I53JF zPI9I|y(z!Zb#YzC0kk`NWvAD1u->;+tX`H4Jh1=gD%4uw&VDZW32Hfbtx5WFL#0uw z4v~EW>RB}HvbUrn0H$BSE%_eQaj*(yuq86A7CBz&Ky!(SKR;l9z^1=im5nOLXC^hqmKXg=KneA XAJj}9R+8=k(4}=lA5*P*JL*3Gl!JPyA07*naRCr$PT?bSg*SY@g?$WD-dIeQLLcLQ|+@07-{PN<&u@lF3Tw}*A?h-<_ zVmt13;ugoTr|QZ-`f-6l$LB$Zc&1~~Ovgtsy>2kmvrwi-Ak#5FU69`2lgWi9yM+tf z%I(}N*kOcSsOADIV|J7XoEJi;%Zb{zBZs9y@MJt+AI~YkJn!o3sipwuV5V;uuV}Ui zmoWpMr}NWI)CU_zFatC62DP}2+w6_DGQlbw*)`3`T){_ zx7d`KG{IbDy%q*ssPorP*9Ykb!P_aw0eh3Z#@=i{!0gx%80GhVP;%C>4s3fsclGwy z+p90fl$AKjT5rD&9KT?J`UHJ|F1S}0)J2oqn}tShw(k?bzYK^l{3j$S`%D)N-S39+ z0Yvpm>oSrTz+}4}2Hhq4Al-<5_r^6gWN#A6U=!9M#PDiFO6IPCuxC&A=mQ9V`s}5P zg?j5S+0%dph&g-7#O6kRht5xb zJu|RD9UC0`rMzGr72?%EY2u$2|bfD~8zRv*%kjAW(Us;>&59kAQa|hxJ@9duK z%|f1Efc|g6Nf{q^c8tFG+<*XxamNM2xy5`t=j>jco`v?s7v(K$7VO-}7=NDm2fiA* zXj8ejtgE}$(XRnw+?J96t8hQ`?04Noz=1rjVB`PMG2OGFOEdQMS32}dfHZDPUSPNI zhna!>yuZFUZ`zk&<6jzd?8)GMXaVb20IAJPnyUvMVT@hnO$TV8tcBb8=Q@A3He_+; z?*6jpegTl$>?IQog6O0d-(I{-w@d4D z0I5k&neC_NPXV~NFA{tJuX(-I&K?@HG$X$+(V$NOq#-jYl`*!uFA>eEw}==A(m05kgvVSVdtlLC7LJG(u6X~s5hr<2zM#FU-%DCg`6ZzrU0 zeI2I&W9+ez#Ei8af3oME@LGV>W+qKAfV~QaOL~qRzL|QQ0vzk~;J15g5|>v3gaQf$ z@HYTN_V^3)P1xfU;2d>e?3S>kjE{PJ@^&WlI)E6nlK%?eVQ(XpZ#_Lg0nVQaP0sSF zckeX-sm)9pq-X3M23*+#ufjKlmr{TOU)wpqJ~BD0#v7LC6#y}1Ce7tK_8vImyn!gb zHS{tC7z!B|eixFIo!iSR>HV4<^_fY(&@uLTZxg~dzxPo<$N5#k$ys0Y=E{1NgP5|D zZ{r-~-|#gb1vDwZ7;XIvZx9?DZF}5-!F{4*}VZ8zn zV^;Ft0Q{xzydvL9y?_GGgeGM^(9`Saae$bzl3(G#pL%+uzWMq-1sL%6kfh8zdvYf| z3Xq1ZU23ksoE2-4w05N7KZv@8$UAai#SUw7PL;;3Pp^2Fndeqm$ zPF)HRQ&#fJ9OzL`r-%FWbsHcQV8AOONtt(b)polKAf~L88#(w}U9~XZI6ew=mI4gy zrjVqJe|7eG`Ey+Y5MyT2OfXi^6$|o>;iEv8P=NDUp~+c$&UdUX0f;F(Ih%7VIp4+j zp7&9pt0=%2wuK~SCZ6wj=M4~JcFI%W{K4~Gi0^s#6gYUyg!l;|J`#150*pN!nwarW zM<44l5zCmJaxpkxcRmXkXwME=kqv*Y!_$A7i0l4mSi9T*;J=l4@Qov|>IIZ<^fBpn z38wDA*d?Kf8S6XzT+0LJ#X*c&$t3`yJ3D!Qc&@Od5u9_6zVI`DnTv`lD|C!u$BGop z-;$2M-7yi@UF8atbsK7N^E1VGar!LWwtF|eOk9BL3i6Qm(Hw+_8rmdX^hG;Sx?y2| zAa7Ufp)@opGp4fxbs8YPtUw3Jcjh5N^)PL%~JM#D5d0{`u%s zT((?!bM^WiHMlXg7&lHEk9YQ*L}a8M1)upY@@)Y|r?U||1(3#VDN6)_XLlBr{pGog zo%Oip(SxwsxOjk1G&SMMZ96bH%nxOC&8XR$gz)4{j0q3Ild&_L+m-`F`eT{ZjElBx z$KPhmK$O3~f)fC za@0@^3kYyh<4~g!x904{IkOpW&!4ZL((SuM zVSt#jl5gceua#lxz}`CDb>>yM_~gZDm@+O%bByn{R^xZ6g?M|Olq1CE=TF;oT|>Ms|Wj)_3#;+tFkdFeKO?!2voz4;ZaByq6Y-!zY_?=d*|Lp9KpP+qym{2M1MO zc{}HrzHT$#RrMu~uyt7yh6X4Pw>yBSMJ$?l$`2dy{z6wp{O&ykB0$t_)`qQ!3iU&? zML=D%4gZ?w5WT*xIE|}EjKXaP3UKthey`Y{3keIFz-F#Dd3q*01dxH?^N7B5CtjL1 zTk|V_*l5C)Svy<~JP}*#5Yyl1ZA{0jbLJ@CM{z>~5+Xt|D^e*QxdX`WcI`sZrONnE zcYU?=8=8FamJGZ!bGFO5_6=vX zY}KEAUJZL@u&C_byRQIQOI^RjOSfhrHGUdGTP#e{$X}f~gSFGAx=b{GQ#$@JTM3ZU zO-&%iboof7dDq>cKW=Kk|BfA{7<=Z1EuvzsZX{yuT#=&q^M@x+VQt|d7yaf`Qxgu> z)!?ys$GZ3NS`7Pz9kZtO?|V^g%s$D}E2=#Ph$%byP0sO0&yHH(>t!}^yt1+qQ&@z! z_*$zK5AEHH-7V%-X-7wmCcJ#41iu}pOn0elZbqZsf?tkl{~$NmY`8N&-$f+T0*I9h zun1NxA38)q)Y%)i;*B{{TAw=YxW$jK&58mp~z)4nELx(hE% zo2A&|pYrpu>jLH1m^!%o(qFf07m8J)kUL#LOJ~s5l8`+Z)WAe~((44XeQ6r)LPz>)@}~!JuQ%>ltcHR!wo`mb^T? zyI?kEL^!yL)Go@{jO@?x+G4@7 zghBZBHP`)n^ZVCW+dH92nSW?+&FuoDAw4CI>G{F-2J+_LckOFH_P?xnvY-fiE^2kS zNoyuE?Wd>8F*(##_SQPc1+{hf;&eHFGIFG1+rQtn3xz5ULgLi7XDTpJH8z1SUnRc9 zuiK1wRDO`m%1YcfMHwlvqpAkym=za-xKEGtl5lbii?r8+*QV&wP6e1)KGdmB4(8|84(i{hy{a{VIXriY{hGH zmHL8~vrvnJXgLY#fYKM9#2u;GILBT2`7RDfGVi{rnwy@vcTWMbG|a&X>$f;f!19B0 zYhE6*RwN@>uSZcs1Fp%-#n}ygJ9v^Y_G(CC+Z7ty1c-6R!r`#_m-V$TgM7U|Y^}kO zPl0g(j&O0}2sM>UE!0(3ot!GX&E}u(0~&bGoqNX|E>9X_;k^HObAgXEomKS`jYQc0Ys}Gg|O$T z;<2;=vKzZq{j^NHS^y!DjpD%MUqLcoKd^VNGdfrz%z9%vxY2+?szAwWckO~7V=l2^ z^c;;3#u4IgKu~}l0e%cR9RmkPy~&QOw`XI_DDUPljIq-pi5aeziWb7S3&RKbBgkKm06l|&=>R)mu?jd=-Q*GyA{_{Kp6|IEx4Kw-=oziAu9ldU zU0I3SCXGj+OicOc+-Z!_g~CtvH?4RqO@QR(x%gtVzVuq6n3nECzK;zlOE5NAso>Av zuoZ7;=qi8A%flX(F@flDNB&+cjv9g~p~{a8{YK*I!~6C^08rP4PsM9KyqsSXnyg)! zu?>JE{|JUlyk-+_78072iC}|X(>g_uXdOEG`_AfWj0*I_|EL^$*|pU$3qTl@(XCp_ zdfd9rczpUaj0;lgEm<|^aPP#4&J`auHeyem5o3Z{4<-3Q@-JK_nw;CxLA1o1xF0tu z!d;9uo2Ycl^`znkBYw3b$Hjat4=s`AEw(mbZ+WAprR(4G=V1O|r5H)i&0N0)|5W*5 z)E}P=lb|V-cTiuE0&Ji$(tig@gO6 zluLSa(WVUCK4}tSRgO0L&7Ewm6+cB`8LRg1SIF+1;+KBhgJ5d2b;2}XM}ZirS!0l2f^-I$w; zeX=~1wty`CCKnwSY)Qw-jf=ef7>Vl>IG-AxoOMXOSWSSKvXfFdXREz^XT&}JF=q}U z{rvFTojY+@6=ET+U(4!4zmbLN?t%iB=f1BlLx>QFAf3|ErKLA$In}hpH?<|}Oj8p= z3=9_yAKE4dxob~8b}VmIzCS5Hg<-l-g%wUq|IiY{=)hB|Z-}9FUo|!>J}5nd1%n4G zUN?zWpDdb(DJrYjYhonV{{Eh{iGVu7c zX$s}`n=@zdxGHdQ!KQTlT^6)xve`rqCXbua;vi~suofV-OvdvzrQ=mqkmR*Hce=!B zO<%v+nb#t{Z#vj_?B1=Zn7h+eC;;=}efwOZj+bR;q4@hgkZZzG7@C|J-!2EK&tAG% z$AxX)4vww4wYcG-LwI4PGJeV(Na(=dmoOO*7np8Icw+i?`Pp~jAja(Er@_(V*X?!`kR)Eoxrg*T0c6pT!FX@JGQ^yIcc-wE zxB9EZg_tDM2i$QHt$Yiuan*-kD`-(|8PfuY8oX)~Z>6mn_vi0bfR>W9)M>t2VjmrN zH8@D@yl>AQ7f$f6(&Kox=!j-640+krQP0x*Al*w~97DtWVc`NkesVhICU|L$FNVK` zCT1#XylDU=r4XFQcJ#pZRR3*z>v8EFdmwOV0)*DlmZ;^<8TQA#To+52R?fw-MiW-= zKcF~3DO<9{Vhi%n5A}iEQCow`CcEORte#VCogyPZwWSG{jcCmqQ3Hg;t1U|t75OQ1 zHf+V~GLtQFzWev?5%mvw)8cA$*tcJh;w%6m^>-&)(Z}VZMe|*JO7t9wgAd2XB0gN1 z7OZqbxmX|iHN z%3{$RS!im&l^Hub3=(?L56_;8Xr1z<+>GI&y^K5NTPo)ZXnfvl%ZOD#8DZ zY4ta0WdW)=jrz;0<{&1)hQWS1%#?{rY7tAVpdT|e;-^_V6hV))mhX}lVWNyf{xo|B z?w=AX##Tw~cw-|{4;*mGQ=xr#`lt^Qdb2Dglz6^dLBUs#g~%o1DZbYVNF4I~%KUZTjvGgT!4v z$8EbwVOJJM&=N!FU~gHLhzMB-x_ZoWmS#*22~@;JkwX7>SxlDNDyHTjB_)M$ z3e;Mx_^PrTae=Mj_gWyMpi8L)kURZAE38J#?7go193I$vKrhfOK15wD9jXNq59skH}?-L*CN{rJ&NlkTRf3fOIW(X1^swFOHpLY`}G#z}Jn zZi{I(BBX51!UI!d72+OQxX9D5E-%#4_$;E~^7L#?K+&4FS5@Jx&V;8XI*RBm$;d#- zII z+&Osy?wT|~F+Q1nADulF6ZFbZ2`w(7#c}S)&qt0dIFKB88*8dCC#2OsppMH@gVN>e zukw(q&9W36C^t+{M&LX1=U{PE>zry`f%KfMOOr6jzZFzk!IN5{Dm33SGiG3vECPUt zNO>ZSU0v%IB(pYd!5tGOVP>RjScE&JoqPZk6)RV+Y5(dR z3^EAJ-M9sB$RcRzaQ|6Kz%6H;+*<WT&Yb$EunY30$<__ZG~-oI$O$D{3&}w>$G(Qgu%>Hj4fZEsjnf9ZCb% za;|MGFGr)l6;Di5y4MQp8?b1#9>GCMr)+PYLpy}aBa*UzPyob~oxGNFJkpyBlg~Z+ zlI?hPx-!Y=?a~r#DnI8IB!O!OJ6p^mqwF?Jj8Hj3tr~?|+At7qq*qrWzp4RCqLfubZrPnD1`|q+^o}K)GZlpr z=nI~)EXf(Vky%lNQ&tNm2DVzr?%lJ;nZa1yY{BH{pwuu`d!AC_?#vv12FxXY^Q12~molTBdLs zh&~=Gr^O*U$ko5GuDlHPKpR%aXoG`H&|=s;;5BKy9LNew$`rHSoZQfqmE6PuWgx?02p2P#A;wZcjYDJkM|AgL`; zYH>|&Hl{r9!Tx$A4spamsR5!^;^p$a*=`3_QItxOo;I7Yd~3F%kb_!>QR@eEI0-~@ z#hg9_G!DhM$s383pDdo|Qo!Or$4|my0A>Wainc$Nmw^S^u`)*6t(IO7Qw+Tp0b<&oJcrwn*Nb=%rxpYtJS7uB20fZ=cJXgo-g5eT zL2a#=U#=w!lg=>pN2Nk5?Tuc-M~mlUPNb5hFWQ`emsP2$Y7vGkLMzg<6|qa|%s{or zT>X__yg36ewai0@yv)*wUyXLu(o)A+$qfb+7DD0mQneA%PrgoC==}1l^%L@ae7 z;=>(Wpw4Oq1x(64=LC+8OO;W;3F|iFjd}B6kmb9Rf8?aC0ry5vQXCQTb=;JjubFf6 zeOVd&LIgZI-nE#X^f92~d+Mr_^xJM;iRX45#gb_e_~ONB254*8??o?bJ+Ulqy)=OVGcOaqg?ML_T*8~Y22>M#P z3rA4{E4```x903ogi_R7tsrZayw;UEp^7XzlryoY#gg=C*%<_Jf2Z$acVjhf9n%_K zt`35f*QQbfL@pxb*VW;q$>Pk8R0C7Z-PHOK0qE^{tpobKojnVZG9MnVU0{xM#oH!MMA8tYSSvqA}r+uxakgh@Rg znj!#y3{T2@O9V(mR`M$h_)|{~RslWC=_pChaj+;hqVOFFu8=%u*#d5%}l|26-^%f{p3;yGpduis7P<5BXBG zN}qmv_AEj}86FrvS@SrxWk?avqRj>pg^9a-aLH_p`n7<#7-d3QPn=W6@JdKx=3Np% zwlJW>cPE_hLJ1(015I~YxN`(ba}Z&vSX;CzFPwg-@N7~xH!V%XI8`cXVPgZXOm_`Q zA+g~R4RdAUmQ0rjVYQV<%>_sl+P0!Keo3u|$iq$u1QZb~RaKE6Ks7+_*_)5-WsdkM zwSFRx;QgrVG@@9Lv$)*Nxw%-EvIN6hN{W)$M>>V%`KQqIm8#?~t@5O#!;rsYmP#CT z=j-_9>={Ic>Tq8t!SQZssc7+fByI}+5Iqj3&NercT1m6Wm{UNFbr+PUIr}g5+)~VMp4~=ar}NU{0aSbCOah2WNU^ z74F=q#o4y6t{#W1jTozQa6O8}dTjrG=PgjLpDe-jputZ6gd7A1 z>KbsM-sA+jT#Ql!{<^C?#uRK_YZ%>yia?(kB zJ!v!Iz8Iz6K^*WOvuC@6ynlW645GsHxM!TQKhcK@MGyyc_ui=j$$;+(z9^aq$$q6duwa)!r{XT%hmi%8RDUrH|-pm&3HN?!KF&f zS7%ORScD(`Jhn9tUmEMfQ>T!+ugEPp$kd&7@SvCy{Y{c<$jR)jTTs?Z1?ucNTNJCy zNM4}V!C_zP;ihHEmDubzNsADxO81nOcX7rxl$aXZ`=e znl7<;IVZ`itis&|`xT)U>bp1ORSRj&boiu#Y-)h5 zDLja86CGbjIrot}1LXiA>zxh)mJD&kS;@m#jMJKilli3Xh=3qqBL`18}JFfK9xw~tlExzT!w z&eukd$7REn=>yU^(-Nt)&fsM^+fnePYw}x9oL3HZH8WzB#<2gLEtq`g4 z@p$e;F?N4Er|114jNQ+S+mfG$fO~oxAP>BB46lB28i`R+Vp$${ZGT-Io-8WDEfb@0 z{}k zBhJvC(k-ov9BT9e+;NlkKr(O8ApGAVrMTt}BnnZhq6+u#J)kH)E$0SmE+fx2B(M8Z z368I1xvdFT40EK;ZmFt3otcYafVO)SCB7kT^G?LaXH^tI#1W*aMKbDmv^+2&=PwL2F@}(qg$#SU-PrBH{36t>$ zne&t8KhtCeT~F7R$Sb{bcV~^jMTuVOi-F|*DP31@U?|_%{UP$)&c9&wTN8Kb47whv z%QF759jI#1PJZ$PC|{pBgO5&L@pf7bx@L!G9if_uw5gXz-#H$YM$B)U2QE#Qd#|$y! zj;?MS5$K0GgCZ0_ARUYjG;tX@Cz1nD?sO!*>h;k1*efj9CM_)fG`9lDbN(06JxC!sH+}0!y6_-q_RzX0OtqE6-7@+`& zTqKk0EbjiUR@`5oGY0{BJ%|%fjVtM5AL2%I2uZ}FMjY&v)rbcsw(1?^SD|uB@>{Kl zJFQHZifczJ>patV<3mC;Z`|@k5vM%-+b2%KLRH~9t#?l%purEQ*wizH=maY-VGUao zE15y3ZDZ>qpxp7)VZ8fo8J?Pzfd7%@Cb%2k6K?W+aWV30-6v4d7&8Y&;DIU1NYYgY z4&bQKs5tybO^vuTW19jb>X(~US%nAp9(0;4=?nkfg1KVdTJo|I7m@A&k$>ec%-Dv% zPEQcGDnG<>OP0j3xK*fPJ?TZK8&W^`p&ZZ8nSm>Y zE3ZIS?}`o`eVwSelWXZ~P5OYArHY<&2ecOs9YStRjRGW}ojrqx3J$t}cL~k|L_UtT|kS_l}%$0g1d1B~6j(mm2wE z=u1y#Uz5#_<>^_@@}lx++NpG9T1$!4`}Y(eV|lVduaLwhIY1;XL}40q#~~$I(Ol^* zx`fw3^Vq*iID?a4BL}zP7CGO1M zrwCpDeNGOZoF0##k8XAJQDKV9GPida9QAf9QZ{E{?eqjiU1RkDKV>)J>7rtM@xnCB zjdQ(sq$dEOo}*U*A}!{(j~3#q^h&(FU=EU_lvT#%3#OuImt;7~2DfES92)44ZL*5! za**8^6N42k=2rUq_h--IgA*qdAR#e@F2IrQzxcH56uvm#3M5iupG=tHESn>7i;89o zF3;L7hRhR3dvNbwu_Wh@W#f2M1})7K&1563)8pZuL%wv zMk;&y#pyDPZt-8pjRkV2p=SMGo1P2a^K6z#wJ{my+d(WU?F z2+4FRe_`nr6?pU5F$GAd-{Pn!{Heu>sa87WnSpe<&W;ty;#~5mTe*m{`oJMvK5``F zg&HJtD?R^X@**(=g*?Y&f`i37$*CB$6guBzu;I@;9hcoM z3U_SZCvq)$5j*+2q<8q>fjxNso=Ld+C#}~&^d=y@l7pxhb=7?buzqK?W@@awZ+l`F zy}+N18G&aLl(*4pJx5AADerRmnfl2y-)OvtV<+Q=nDNN2til8P4mw4xKNaL-*NPMn zXSixxju^v5Vh-h;lcFyVUL>7kP@n;IW*Z_y^=Pzkym;p%R2^x64jhe90eJe~Cs1#* zAw;jo*ujBlXtd+5X%ld9#4s$~nk|k`c^{N)MkPh%ehYVrRv(@`f!~fBEh_ocNcpFf zS4r$7rTzJt({YKc7BJD^*W<_HiV=>qU?(dj3h1hfPa%at2Iv}J}N=`w!6OnWd%A9|9{(R9>O+F1$*yW-Q9ai%F+?baSx=vYO zz-P}+!~9_ZFdl3`(AXe^#5$^=)MQmdunLG;?ug%NJYqs)Nh3n0h62L_aO$iXWtp}3 z<=Z6)2{6Fi%*DG+wpCVRS4};ZL`8|&coa5HoRu7mlw?L0G`icIOydPDH%5^a?CFFV zPMv@h{g-AZ-~yS^g!WDxV6g0BPl;>DX(YW1>ffFceq&xP^ak{ZC)`sIwAIh60U|9t z{;C|DIA_MUNsCmT9@$s12Qi?|^ zjF!GE$yts^t{YI4Eq!UFFQ?p#e$So)WG_z!6+^pjm&39~2ZkGfBWvSeYp@|~dKdym z2EtlvMO{uU{GT1zQz)_Arowa)lohuyRsUO z?JpFggNcI>$A}E@L%qd@qff?RP@===(0J5@#$$~lI0z(yML>0W74$)R3`%nJA%NJ; zb_}_|A&=MYs)eo2DuRJPVJtMle5wgS(ZL9r?8s)U-Bp8vA``Cv@D%LLz~*I+s}SU7 zV7W7pENXX8nT$D+4rQ1)-)nPbAgLwKWlKc`ZqD7K;H-P=>hN??5rzc#W4r1K1sacZ zFR~D7wLQEVZyhW}?uT9$k{rYT}fCO$j{oO(b!P6w=~v=Yt(>gymeb zC>{lk3xciQhT5Gq(D~~yc&Q_BfdE24A(4t17;3gv!`^7ekP96EasIwy2$;U*cat3v zb0gt5*iYmx#AOT-eu!KUi5pw|OBD4>hn5_d@1Hy_=65U{JP7X|KY^!~;s+E9C9Cs9W7CVDKO_<# z&Y$O;ip-%TE~xK4e0g>PE*mi%pPV{_NA|UP+i47{X}c(Du;>~8_Aiq$=W>U5WT~{E zKEDozPy-?tI}RY}81^PR!e@rVe^>zOa%*9&v5JSA4tdS?8rY3C47q41xSgYFb0u^E zIt)&UasrI$7@}4T5i6S2@2-QT%HkZ4=BV0IiQoV0G>%qTaNU?_ym;uas8f-z3 zPKyX(p$Hrk z1k)iSnvORiaBL7lV?&)HQ`odH1dIwq?T#8zPazIsH`zqM_zm(y#Jor}l{Uh3*dzjr z0A{VWpf0aYA)=88N1`0*E7ox#nDDb5*tQ}WjW#=ev2B+#bCAIC?t(eatU;pBA16$} zvY`&nMa8K}7gOtO z)7Km6CZwYb3l6}Bq$P@*lW1=b?K_CiPMr|}q%NyThy0<~$+$7bQQ$4FrWU{6K`~zA zap?$$vyA%OGi4%fpBMwlARy7qn3W7`l?8RX>qJqBL?A=BK@_p-_tcC3j$Akh)@m#2 z@@hdME$JprC!1g@G9ox87{QZ5oB$yu-CAWueL)=pM+G8uT9}htgvN&Ad)DLh^}CnSpAdteXDHhZ7A2fZ`ro47VBduui)cHiGxgUODOmuy2!cnH=fwx-ZZ z`_vMA}P5&KAopJFORK-5@8D-(TqBt_aU z(og)dlkbBLKm8UsCQ#H%3}FUDE*d0Sq)6^1rJY2jrV~vFYbly0D&sBvj73J6Pc|WV zVhDmK1f%(^84ddzoZ=X*$#|dv<}+qdhaofZ;GgV3gug+|W&gj^C$Va8u~SSW?>SlE zNE{m)5FqZUz*vXtx98)5xG9(vtkflL$*h z4!EVlB7%xoy$Gt9U{SxR$*dNYcv9X;Stss7O|ouDoQ!@GeJCwDreyu2ii_kVl=e#h zm2*x~!Y>*=9KRW>%=4gh*Wf@sioaTbpn$&P%joRUGVZHC%}zg`us32sq(g@2$L(B= z6%(%5f$4)I@Wn!<&ECmP$d<2jy!Z{}<#?yG)Om2;JXVTlijRoDRe!NiRD`KXiZKC# z#40ksI+f)XCm?;v>A;i1O?@O#5Z55zhUn`^94z)BAdwlE6mYU=5eNuyq+>+PjS#sL zjV~$s^#%2?R5Uw%Ba&W2Yjbios^EXvBr5vRX+^kl%qUzvdaO%Qlcm{bVYGE zN|=fY^TW3P%*Mz*Y|!cG@vhrdyN{h%6Sr>giXj(w^x?kR|4fAiQ+}}%bA}AUN3xn* zlEO;+Qk!{yGj25Qo;(p(?A(rB_c^KuO8yP{x9N}xO~)HW9|r+|6lBsZNO6~R0!hE1 zFFJ`thSu(5`6cM z>4@z|da9>qw|YzEdRCem_g>TmQP&dj22wjw){OXH?!v-hgYo{{*1}}h?94?@b*&zVu|aC2*1HmYj%m zn8Rjv(zoPtRPhZ264H{#jiLwN0xDYz)n^~R|4p>tn*w#Cu=90BCskVzrW5j!5p zE$3hZmfu`}6(fh?jad!_mQr;o?}OU$HE{?W8;Fp}4vs-$PHj$&_+Ndf9%0kNLENK( zbb>02$SJ~RISx7zo5U#+lgL>p>MsJsenj`Cl1A~%4jmK4GIBOjKT^mE1f;|hry}k_ z{emZiIQ=OEJV|$vfM_{q5y3&+MC3Np!$k2)-6mhL3y)7sKoe|uqPP$h#%9zzuI3x? zjoyjri0M9dJT?AT{v-T8lFW$%oibmiSK^vS3vtQl5%~Lz>7c9G@>fj~W2UH)s6rfo z#2;#8ks^m69l(&dP|;#UiZdzRbU4YJOQv6L<02QKLr!0H@$esS68jU^V17&tOA$dc z&H;?T(LpeuZW8Ar2c*bdW`v92Az)I_BU!qLYf&&`#O!c1ms`Z&smVn^ckea&lAWTb z{oJPRFT~cD&K8-~EoIiLSxIW#B15olyA*ZWmp0LzYkmE*Gr0eSqv8}~(j`AbbD7z3 zT@#@2IY?n3^mlU7QDg!s&vuht6rJesN?(8CET$tSk;4!eND()L7+^EnL{W@DKzav( zPU;glG7#poW|2eDzv+333fB2C5lA{ehjD;_LdF7WAyYySG=5-91?O`<$Vg&q6c)2% zk4zt~^RtzaX_2fjzNVzWKfgGOKmKB*_(wX#B+ihxn;LPAfYE_sTovgA#5t&u9zcha zKtkaj#6^f}(4i;JLC!<^JNZILryw1HtXHIj+vvaH25}BupiblzBvz45LExhVDsuh> zj0kjsfw&5dP2-XnNBRn_!Ph!R0Vx$huo^~)f@x`LET=EfKvmQ`N=Eu>lZ+~fU81*I z7Fxos926lMitl`dzeC^->L~j?&Rv`%977(P>4FV5E}NxShe#K?|fL9B*B?x2;Pp zc9HceVornz3KE}4^dVqS*a$WM5dk7dh(p+$1kn^Ma-tRx&;ch-LyZ7IAd&t?A1``w z5|nKpUp@OcH zcwoYs;%6Kp)~eV`7{iaG?2&2G*E&yuhJ6iaE^oDV>4Nm&&4LI7U64);50QW&iBaNg zGEUKo7#a8QV<6o|&Sm7`E}dVo?@2iYq{0}Sl&zjI%*-w2WRfHch_9U= z1;{cbTDuw?9D@$O2!>|Csc%SnhbA!O)5}Gy7F~rnjcBRzeaz19MQJ=Og$xBU|KTH6 z?>*;qua>69mgoX?(Swt_^(KTa-;g&Cs201#$_@?{!_mmQEfcZY+)E2kNZcZD_$*c3 z^X98F#bD6V=(Hm7&KxH|N>)w%FJtU#%0KWCziWvv*0(Beb}HMQ9o=uRKf_)Z`CP=V4sMoAx?v>#4y>T- z4pQm-x=T4T9Q>Y`wBi>P06DR8%6vhm+a(ngIKQcUPrIW4#b1d|#ugulCzPUqM#}H- zweF>WSh%mz4xJz@829+090fq=|By$W{!94_VsxpmbsGgd6}u>mg+khWt$QgTPhlVr zx-^@DVV9=HeF5;FQw=97C*y0~O96_vBCCnh+9jWk^2uj73e5Rh_ftSB>&iL%DrQaL z&ou#Zd{yk7oZ)3MBT5yaXyzrfXdw!x5lb(D5hdp;Ts7?SyG%$|4 z#;+-QMH3(;tEa>=t}CP;rD}gYx5R-v6UA*&q7?xozm#Kkw1crrl}`pPWqM}kl=(?1 z&|p^!>%Qd;+>xd7K%P*5!c!=zjdDbMt?MWtRo!nH z@ww=XD?7hK|lakq$nPbd+lD`^(=02bRaA6^Uox zt%yZGl%~d>1TcpFO*NV*K+e~?jsi}xN-IE7YnqmR6u&iSiI0nP)tjK$xatf?RZ0M- zqSK1Ts>jy!%a)|ZzQlmLsIydgysH-F8^>{XNW=bmF*?`NMnxS$V|}T#p3=*ce$EoD zj-ct6W73NL>=8hYt&C6B=>)Ofjabo-E~kt!)c^nuu}MThRBZ9JE~Nn7|3TFkDd)Vs zCKjWcNo9rl=0!*C?XS0fr^0)b&P+`ZbSV=aKbYweK&Vq`YHT?G@d1eqcJjgpsfu`S zZKS`>OR2Jr$4szRTAlgr^1V`sJk`+hr66?u2~ZhG&PAsc4cD5*ZRlI+>Zy-`v&Tg) z;&U8!{Tq^vNMA83;y~%U0R)&~0nm*M6di@c!F{dkDIhrp#gQ3b8NIsriH-r}v8gf8 zvt!ajbPok_5?||H3h49eAWR4bkMPC9br+@Ox`#N2oll5%EEN`T)|caZiBr zN2M{yK2OE2eeL`xpwFy=-}mJJl?Nh+Rj2{Nm_Sicr|KuRnS3z1!ZL>y1w0t0{Bp$hBkgsTRCtsfYF~jx$$^Iy zqL!~*sV8)9w+~sdEPtMefX9nrpAi8*$Pe~85wQCzUA9X*cOA5HZaDB%Oj^;yo(|d} zfRv<0M=}JKQe`0d1it)rPs#1Rp9qi}$0OkH$6${S2Mi3hlqerSI!RhZp1E@jR%WCb_gJ%F0yLsU%=SkItXH70Sa6?}utUT&78zka+2ryJgYN3_X$L><&|q3+e>@#P5$P*?$X6=UQwl2k`M*{I zR@&$Uh$v#+KhXz}4v>?8K>$%Vb+yC}4B7cw;m6m+PvdrBzt&{F8*@AI3LJfX0O>f* zv1l{!Uj~_hHnHf4IVo4K~u8La;#@DDPW_~(E&W{u?zV|iHDBuH#XLQo) zMfW$>=F~cG4VL#2I9oMgO`(_>+nIJ=0HFy>Q)8)2{5m zMp`|nG7MElq;zGCmK&W`G{18rJDxi4(|clNe6r9|0Y$wKx)CX2t}is+lNaOzh$mEX z?NgUm=eQ1Aqv-@)$~cWmB^{aRyaD3iB2(7@Y^B!3bkQW;p6hFEQ@{t1j-QZ*y)9SU zX+Fvyk4`II)$vi4Pjm@DXvmV(*j)_JWM_e+0>z8&ea$@ud;sa#>7ZMLDaS)o>;iIP z(u%qykgdxAax8V~3?0}WciZ%Z$NM-)#~|Row^sPNyte>8b3$72-maLh%K$=)IhGoG zvkrK}JxF{vS9Qfp8^~j*i!P{XApo~bNGp1?t7z1v0BI4m-eADZZb9OU{_U!FH{ix; zuOdDN-i%2rx}_@#)8znZ0m*g-EONI{su)ODjQN_60-jPpy!5oJ&Ghjd(P>4CJsr=} ze%%6)Gpnb>HVe8Pj48w7<%{wk;t%q;`F#KG=~Nh^G@yC~PK0HH-| z6?@RyOxW}=1dI&qu6_E(?L!o3K5It9{<$1LB#*xRFIVmQsR6EY3i|Ns00HJm7Pn|Y6l-t*P0ut))yZWt*-?kSH z*O9y8!I5WV`irNh9jNZ9t@J2BXj8`?nLb=+uzlw#NQjG&0#EgTeXajcfa>IuB2L`H zqsEaZ*bG1Mq+F;+<9XPr#{tqAkWki2$dph7jdNTJ;A?%G0!=5HU^--U-tyG$Zh8qE zw60zONN2fOZd+7k02U*wA>`1dFF!gZ9u1VwIe9y#^3kL`iCN zAVa`so>;f!i}sm=z3}w6vn0>WxAKAb_v54NSFv{P@aRrz^eRB4jd|)PkrRRnLXZ+q z8H>K=y%cCJZw7&b3M+K1^^BjRy)}6SKxmPkdfe3;qM%3OC=}P_Yu-Zvik~72RhvPE z?w8x`9&%49dZl%kPeU_C`CJN*iH5-8nZ!cgI$B zbkAM|5D_F41q}8s+6a|zYm-#|G-!N~uaI^}Pr`Zj7n#@mk(Cgnu8%bB~ZCC`#*dSl=y7mZlp1+fBL7>p8hwJIk9M}=S zgg=a0eTc3c_p0WV0FfwEk{a7)`mQIGqzGXu7~u=2_k>!W_n~lfy7!MFZ_lT7N1E*U ztVjK3EPl@3-$Pa;|1AQU&o)XMWKLP~l7uK4#lbAf2rmG7qcrs^4`*=M- z93YuGgMq!}uI^SxHmwWLi69B2yUBfbk9$NqyU_;o*=CVj2+e{=&$QKv134W0rmiZ@ zbKVPTV}L#Z5NZ8wRdDPKk%+5M0g1rTLA@AL(3zF@z%v{$pKcNhC3FS1XkBsFR6Ohf z3W!tmDS*&|TWSG6uT?Pne2C^h)L*>Pn*KXb10yMb&{AOmU7bw-?c$cJ6Lj~UZ>`)e zUQ@fn^*Mk@J36*1ZlzA+>V_G>=!G2=g7ex~H_qZ>LkD`cLijT5ZpTAzANnXxY zMW4qN1RlJyZtK!#0YVfxzA}EA!1!9m_|LkFLb^a5s7gJFV`K^I>yAirr*KDm#@JWTu}8fGfu-Stj8GH#y+h_un;sqw$!;H%Xai*|$%p7tdrpTb)F zA`CEu8$?ClTSYPwnMlF5)!SgLvx((%xmC7kk6yP+T!t?&${I^!) zHUZoYPysdiw_xMo76F2li=04cw)X}IG}p?2rv#Xvj!7%6^#;0k)f)O8K%CrUZQMv$ z_`?wnid_W+T0dido@0sb}mTe-k)12DBeztnErTQLWFJvz$zT5o3gb>seAh8{2g zk?;IO>eMSa)7`*%_nC)#@+EfnTx70gTzGq2TJhK2J(stQKOh0()Keat8Uuswx8VFv z0K>fP<@EA;&Vlh)V8aK|PZXE*@>+Ur`T-3PIn|G?j8A4d;g<}!3c#3Ndn3I&@hJ{` z&IR446VCJc0Y?P zUR{z8AnlN!vKyIBf1v<&L3f6<^z12MUoy@&3p!y#j2C9{^(-ygp3Mi44!(^OE2qr2 z>sTT<7BR*a0*LP55Ix7tojI^8w^M-(K138N-?c%WMul zL$71g1kU0Zc$Zva-_fOUuw6RF3+)0wz`*tf>HPCYtloRBqvQDcw^G0dkZw8+8%#a*#}qTLIu2e9uu6cFbM6d-?vwz2f?M?^Jzdnf eo5<#M!~Q>(Rk2*PwoQcq00000t!g45s)IiN)x4nQUnA90jWVCNEM_> zml6c&y@&qgeeeD5ANP+lJI|TfnSIWlnfc9boE}o0jF^cS0059_JXSHlkMsDa4{`@j zU9tbf@dMDuKpg?78e-W10GJ##RFsVTpYG&A-?JDu_ug6$+C8_n&#Kzp)X+0Z%FhqY zr%vI4|DJfqaC$<qfItfSV=>86tGEKDjG=sm=4;6GTo_eb5&?G6>%6&vGN# zs>iCGx|t2_+V~MamV;n+l>>R0F%hJGaa#U!8r>P=a&OQi^Pd8rGMbu8?$VQ9xYO;k z+b$k{FMCm*DQFnPn^H$?O|Xu-Q<5P#7-^9;Z$a#^l)N&e?`CNgB`k)$p{{rIBdBu| z;$Xy8sx`@H{Qg*>s=jKX&XKiqPTEpDri9XbNqqfHJa~EZiTvY`iaUvqOD1*JQ%(L7 zkzO=gzlR*N`D_r&XpF z@r#z+rtmTxsP1Fli z^{X`*=nB3Q<|x)8J%Q}~04-O8Z6UMI`X_^*_gYh6NE15C+jh3IeoleL&h*XBM+i@D zlR8B$dm;^w_*)0m+jK-E52~ho1x`*D05-`Swv_vPuUq!?E+hZNC`}$HTWpLl`mOq^ zxNKPi63&WdY9(TkHHI}a_K9gqT-32I;xC=Lo-U^T%`cp3V60eK(!MV>L7q2p1j8uE z(NZhF$$gP?K}a?3mYLcU{(%b;6e5hq;*=Z-*#d~$A!O^*A{Huri1p)Ub%rK zNjq+Bf5YO2&>7R-N9j?{LJM@((|xmX!bx;03vtS!*83q*4JdL*#0 zj9$BYY<&8WpyK!MsgaZ?n@f*yH#1yX%sVIHr>}X4s5kqTSib9eg6n~~sNg|KCgU(o z!I;!Zud!9%{a~Ke*;ywcp@*WLkKZfaae*CC9B$y~1pFC?BG3ija)|)jMdZ>Kr6mR5 z0?oIDU&^cQaW_{t!CDpwX@X<|9!7ZdiA^E5)CHDbuyRqO`%QWX>yWdqEoHS%i829; zIfw;ykXN^?rCrViZMS@74Oc;hyZumu&h_uj5~-dqc9SyMK#v%bJ=nPSXw5cirI1N{ zNN;y#Wkf1=J>F8_G@?Aa;z%P-`>!@9+Hyh)667|N5Ta`p5-+P|9_3PgHE0>jdXOvh zJYdbRMc*SEjNTF`)|h?Z}^TL$(zshn*h_|?n`3z+PzoY=jRe*Nq;IPzUQ z?1XKlb<)Oj>h_7a!+ELVOM=*>3MJn6W!Y+m#%+tm?(6RTiM{B_QlQuKXk+D zht#gq5UvGdlbfgQA%>?*UFHLg)Hyv3)qL-2t%FRYP;6b1D|2x83!PUG5AU$PonOV& zA&{?j`)Sl90c|S9sg0e%{5a>=M)^? zB_#OVg}gkG;RX)7?5bZ1?PMOKL%75B4HQw=EmkG|yi|gh%_A4-J(v5^9-CNlhmCN3 z9fvm=u%oPw&qO8Wpd(T_)<#gpVv(m+Q7&uX2=H0J{#y1Fwtz%iNxQc1uT=J=^Ugt1 zezQlCw>S{zN~ibTMRN0sc$x!-D;Bx4La;xcCqMa9Q+a60KSfmFuKaL1#g@(kgu^YG z$cV1=Az5G#dgVI1MSCt1X)i(KGFt60QM)7l*B{8_8(U6CHvq6onUZn)eoIdZ|gaKdqj!v(#BDD0sy=ib-4rx;t;r1RN@4 zPw64fnqLhkU)#);T#6s5fOww`K5`}!wUu}`xPKN#)4M=gXzH*KAL~nukb~=BlSiIo zfH-@{V*?lV_U|*yU)!(7f3`&35d6a+rli^#n8)JF0J@d$u(pJ_D=H^@sHmUvSUP56 zwIM0+cEOZl;croX>jfM7(+WzwKso&G@$b0T0I(w1QP|6g%B}7oc>dC(hBK7uCYYHkz01PJpO(YGj94UBp~tzCc3osBCpaCp z-cNybYu)_V>wekB{-K)v9fCP|dIy!6WXrCpO9vNuHQSZziE|Quj5q?SG4e3p{MX) zWCuR+t3kYvr);T5@^`Rq4cA_E*;{1un1|ZpMbJKMR464bGgRx(LX^>LCzlwb6iSV^ zk@53H%e7}~o)YJl2)K~9I$Y8XdsWv^I`zU1H!`syQd3kSbP|Pe1|2_hff9X}RWM;m z>f=N3i3qO5aeF8j1dOkGQ-E^U8qa&-_ljR&Y>(f@# zc;J~XrN>7|-b@7e1kCR_R?TdrW?gCX?wkf}X!bruz>Dx=W=bDKJ~@7(@nYF>ucc>wkmX=b$tS2uWP6Y?Ib^}JH6zto|@F(s~-7xP~mOa6@$G=_Gq%Fy&A zm0nxYV|Uw=qctgdu6@n1$)p3X7%`=E2b0SA?3LF_g`90&YOK_b)_U?r#rstI&O_sV z`6@kLv6P0PPIrWa9@Un*-=>0|b|DC;MDNlLhYpykEl~S>%}Yu?@s-{C;Ao-d99!MD z@Nc3lQ@&ZmfZgD`Ewl@EZYAm5%)IDU=<3aqi0um0JpRzBA_^Oa5N2SA3=t?uf!YK3y*6b4OYkoB1#r$X8aZzTsSHAGMg zJ0YCSBEXi+4|^jmoCF+EIjL~*t=z7JEiR`8606?=Z5@l1oTB@=ZkuxIdZwDhK!$Xm zhoKS5>SEPnbb$2&dLjWu0!2`=L9G&0<@BUCY(({_C-vcHT9HXG z4Vl=4uYXq-YiDq_T~wMKUs?EfPdUR|8Or_TM>5ptH1Sc;--r7j+{Gf!4ppmzsGwHo zU+nDQVA6qu*Um>~@Wajl@@>?@!Ge=DDgK|o z&`4yfB$YZD5{{T!Bzdq?rVdAxE@a0R-QnXXcw-Zms67NQpUlnZ+g8+2(S_lxe(y_V zE(nKx^f5TFr<$&4Nv%;Gx+}zPOWeFm?vlfovAZWU`mQ_cLNhHJ@3o0($K)nQxQ+z4 zt?w|ym$`n{wfk%~0c*ONTf#8;L1^3L84EoBTK$4tBy548L#{XwDNNU*Oejr_PBH1| zlP!(#GOk~NG)4CwTiLOv2349Ts%5^APhr*-?6K@v+%s9AP|(C|e;$6AHe%f7O*fc{ z+7irpFU90X5pjiM9K*(K6k5uj&cq9J*zl{(A(=jSN6P5MR8@If;f&p*Ns3M%HI`;!8YDvx^IBU0{{JL(~ zP&&}OOX5gL5@9#5_YU67iAgk%#zLqHvKbwp(wAR1i~8wE5zDz zIq$b_53wV8cAkOsO^YZprj_t`vGyh+bKGcc&Y8#J^M+= z>J}<)vrI;X*6J9`h`!~we5?|-C%yHD`MZv1TEoBx-U319iFJY^QdXLhHN!-&OOa0R zLg`oro2Ry=%Q=Z{zv~lIMkabZ`nK;Y6a9D~H^D$}$VtKqm>vJwTiR7^@E>RDOtQWq z&q`_5E~k-p2KWsbdAQl3LMbL6 z_A775`#Vjs@B!ABG5#=WO`Ic9Q3df(wn$SQd?8sKX^dkFdu?3CZ{71yZ#^~Lhn^q? z_oEnr&rngAeg-zj^#tv|{*?1Z(a9Xqxo$ZZ#Y&KvN++{!EFcIm{Sx@4PA51bf2)6Q zBZxbp|SE zc6kw)rYZbSQCvqIQXCj?^|O}mzP#wDF;3A5rHZ@zvtiIod>#FtZ_l@De)?onFzPiu z!`G;%84dB9le&tW+Zmd6c}1~a63JbmFC!XAe0bu$z>6K*!1eK%s9=#Gn1>yaUe)Dv-}99_bb16XWUVVJBpJrWQtG7bUlVw~5N9Sc}mS%W-f0Zy?%hfM-(7s}LfQ@_tTQ}FJ z@Fa^UZ|e3s8Hzo}Sjw{D$OQ{3UMEhXSP88e=3_Cr%|VW?ijw zePk=apyUBBdQIl)*?~|H>|Wv8PQtm_%0Ky0WowuBq63Fuco}!z?!AGFvK>zyAykq1 zB(fu1s}rmV7g7<<>ANe!vFf8NdU(&}xnjo01~=hI^Ax<+tF2eV9(8}Gb#CcWtm$0Wanwzf@)wX~o~l%+??nVY0=^64S3RbN@J)|B zOFl0&CE|>8J)nHnHsDbKzVa9vPd>HqlTd)pJ4OcK0x!Q8=b)eCkv!&$M$)=$;(F?? zlUr0aYSYuZa9|;$?(QBUM#MC#^R-5^lsD8WRu>bw!cqoQH@Wym$7{ZQjTHG9KhIid zwW6tmUQ6?8ZCw`O?g^Q++2wc0&C%U@8>DWsFg8)`U9WwzP%5gQE%}EmL4@LLkYq2t zhqO)0XTE!$6)J){WZ+1t&W(^n5W#ebK7YUbNp&4&`SfvX#VTqzw~13Tvvy2XBP8Ef z{v9?=lJidMva`_MgIUKGKhdlU+Uk<;Q8yMyg21p*@}<+8TkryJp}PYrLaX_%PRmOt z%@E@>2X0jPmq?r=6NnmJ^2FK6hz>+8YixoDk{|;@t;QbIOOz7>p?Ly=_Y||ELnEu4 z(#@HSqwpm+Esc_0M;TvoCA5SR%MtjJ+pig$Tyl@2z$LplUCkKJ7~1o6sgF^nj7Sa| zXcd*?nX+2yr6MQDJY)0(dN3*h=0@p!8~^=T0MGpY%ZW>XMM2IYH%mv8 zjVb6#Xe;DE*Xr7$F@aN-P^)#kmfjbnR+%7=3o#32yvTv61(&h>7V^b_kH z|69=~tc`ZF4i7YT{AA^tDse5cJ(FIDV+pZG{lBzAe@FPrItgwWC#WhfekU?dv`WaF z6qoAxRWcC70PMd;C15Dle&H4*HrUvv8q0CE5_RR}XljfF#{;6}%5qvegCa@>qI|bS z>o*rVqdN_Za=G$F(JS(#ixrzWcViIwuc4G}{w(CB3MFl;V_}l5SQEvxRzA(4#vMhOkKNtjca{J|F?wL#v}Bj>e7yW9B#R__qA# zn9`N#nKopc23YvYS70&(Xy00(VOBl84g$ukgNRoy=ux~yREw07KWa1d71m{Z4Xh8jxHt$dSb9%VA7?~td z3wE6XzX;bo?PY1W5O5{X_V3r{Nz>OwPXq-~1Ra-TaJ~fI`yuq8!N;MGwN?z=?5z$& zA;t{cAO5H z(~ix&)-NJ5gpj-rdv8V$G~<7o-5U`FL*~unO7M_UKvCms`N&E8_%B*NTkjBLzK0a) zV<#1S=!9nN^_4Ee1{h?wQ_7VeewOkKukx!NJ)Ou-d4|;$DI;(D`$zl$vUf=$oxeQ(xluMbB(yh zF`<=4|Al`b&=X)?4`z)H&3hlp#~TSh2d9U5W?0M3qU{Nw^M6!RN#4k{@SN#|`$8~* z>Da~uT2KMCe`M_4X3Ww*UN;H_>8y+JayI|h3KZn z>ZLX^^AA?&=%uCgXlvY}cnDh(-wC!Js*ah=9aNsZ@xmj+^chsk^i@h4xO_xN5FUBz zde-f0QTs?*qQ}jgjYY#TBSB=mZN4_w?9oWPpEF5IAXr#q*98i~*n#&|;vlzMyv%0N!}-Sao7qX?Wtr1zpn-#z6K!)za~k-FG)#uNpA3rou!8X5U*{Ed}If~ znw~E)(MSTRTYK)RN&uQsC7kZmG+wet7C=r$?8ce#iWCrTyO? zM7Bo%OfVn|bRN1Z`gtdY-;o!HCq7)aqpD!-iiUXeA9#f*uADvT%S!#kavSQY40hQ- z;r#NLx`M%Fv-WO4G3CtL!QmRyZ$zPZm$LOhjcn-lPuv?>3k%R#vXZi#cV=VQyK>E8_Xv{bsPLb)jLv*kxgJjbTHTrT4W9uGIKfR0K|A zl+#Ur>%*A*V1*eQMee2lhP}pQ8(vS2J?}`3M=gd6Ds}-6oI=maV&{}oz)E9>W!=G+ zww7pRVx3dd(|)C}I6iv0;mft1i>_`@<76U==F39%Q_;e)E#nvrGcv1+#YePW7e)9l zJVHL?m$!Z&#-xJGHKl@;7DLqZ_>d{BXK*}WZ6|j=Isa3IzRXRx^JXa8CDbd?6Gfam z(nb685IF;8^3%SS6P+11ZAphIkbY)CNa^D85M1_1n0PK!a3-SrNBG6ByE9))SAt6_ zA{eJ{2xK~>$Si)Sp+(xRdE6s__yh*PNdjvyQG%-%d~M?Y@ND|sLvE?@TX^n*C9fiy zVoWS&b3aoH4o2#Yums1(&v2LfRucsuqPd>!LW|RH(}5ESL7Y)TPS|?CLtsFR;7Yum zm+{;VV0han7XNWz%zV!4gt$$#5sr=&lXRK4*RZm5-N^riekMj%`kKt8sgYT#+7DK9 z`aY!QY1eG@uGhjSV@#y)-$m|j`;@z7eY%%BJG+vetl}AfYc2;1zR$Mh9_I>vAm`GK zv8f$AeL&Om5DZ5biKrtHe;;9Kv-C+Bw0^`@kY zegm!!Br3Y?nJG?lT3WZy4z{}!R@j~~$&hW+@8DnL5#tG05`9<4Z_!0FrIR(5x)Z?` zoD=F}bsJsp#Em;`oY;5Uiap@@>mvIHCn36e{714;a1}lZYyHiKwOZV}6rZT>4?qz! z?ugcnD-*#@`){LhgKeruvxSF+^vd#mY>ey5rhKm~P`d4AdCHYca2- zNj$aUeUXvKIuM;vaRJbThdRSQqHwBONuV?liYQdc04Ywtkbu5)J2*~90SgVX+YM-L zy$(v779*gDG#j|oy?%fMv}sTvJwZ?`nFq%u1(=dR>j*&83aN^P7oq+kL(Bu;5vxd{@R4vksiw1?wKCFoS`V@`}4Af2q<6M9TOk^$& z-l+F~nLj%lbSG!226K)j<7S??dhcW67InAvOP%az5l7R&h)Y$YWXX!i>EDXrDOzRM zTDXV40l*IOwk}kJ9Ed00FE{gn!u{UB{Asn4T`@T7nr|cxnD|^ZaU@Cuig)&w9oZoT zr9QJ(*=ryLO?{jDPCFe!I()JyUFi;l)H>A}tRy*Fw9B2^Qym~!p2)9SPO@W4t~!&g zdy@W*{kc7qSb^M-oO~H8Y|X3uruPr(G(Kx}%1FrWvGvIG2cPLCuPbX=sFT*edo-+%k({kQ>5%IuG-utCrLpnCq0T#T8AcY8(tJ%^lO(>jF+(OE#J^`iDf7_s5-6nzEaU8d+Wx4EkKEcnYw40cMeDc zXBZ|5v>XVjq@?H6X8@$sb)mu!Ng$PD7EhIo;p|G;&KA50+!oAwV*bpcITaiYPE19I|o=X294WL`7%= z1FHh=C@72u6uB>11Pp@^MFBws1e9eZxPZtoEHG_t?H{mJQ?*<5UcdLfSHJJ;-|wqm z)w{4q=%J~$NezM^O+Jt7O|J4U6In}sWqu|3#zyClT#KP2)n3pZO0P?$Z0!c*VDzoZLR0^AQ%l!GpM_WvI*0q+nsi*2&?U~ zzZ(L0SFjiFX)5r>v9=OZ7%h;IyR_(QP6C}*m-DEkGcQ{n{>K9-YjAuQWNVu%XL{W7Cl<$$!uj{M0j9f%nuwX zkbDze_2IUJk*XUUu3RdsG?`v!rTp=3+kkPzy#Pi1o#^S0wKhu=qcJB;&bU;?X8PJD zMKNtb`&)Q%vHW{O;r>u%>DgX|%-&Gp)lrgr=vU?P;fYJ2&+pB0-Acnf<=xbGCrYas zby_ZG{+@lrOm4ZEQIki5YdVX}hp@zo%ZxsX7__c&aBiHbj>z;nD^GBML|%c&9I%Wn%Pw+jsAuzAtw>9{tP=E` zU6TfoK(J>aK^L}bab3K%CFQf=krxh9l7ZZ^Af%L!!k7j;WK+zb;5}jeQA9a+H6^`^Ue}4hGz`qT+s|rkuDhn3?On9CSrn9jW+k^nIGy)Mm*w(u*ry)R1X&iIjn`u)o-+ z->(9sFwgyu%p!**pe6-!_(<2TW-Hv#Ul(rYO~Bia>5j|)a~y_qzb<>{ah7Dy(|eh_ zm)Ocj$2m==DK4|hX}$4=B}C_5t!>EQNWv2%3~ixRbaWimZxJyuf{P8d-(u6wJtuz$ z@cfWtwqMQ4F9C!lDtX+M3ij=po(Z^r-ZPs+hsn}#@Pcn)4CQWrO;4aBcrwhdAT5!E zRJ#7kL18LY8lpp9_k^W>Iu8(CT}F>7dHqwr)}%UyG8nv{+(-_eheq8SNG%@WL+ao~ zM;!}nVT>R^u|DbH-p*KF02xHbysb$mZ(dUpjsNe$S9cRH*y(e}!e!R>CJT!lqoWsq zy;@m$>Q&d%Sr28hgjKRBKILv8E1!9zc)^r68#nDD8_w>XmgV$^g5Ejb166%a`8TpV zjU9K^J*)XAkU#i=LyRxdd90D~SwyNq!=x(A91kM6i3Gc9oNxxkodoUgbQl}Akw9pZ z0ouhR_;X}D%wL;Eg3Jyx9_ug(at|7l(I#$$^>B@+dt!ytTwF%#>2A#nTw;!>PNFrB z?Qiz7(r);r;c1d1@A~ps&&-3WeO$8Wgk>XX5IJ5&6pL1)go%MMofZjpb0b>KM#+x6 zKJ873ouN&wrSXf~OX*u?1l5I4?B{)gjhzC+KT9em`qVEcuGhwa{3!k@rE@NGRnd@t zx=N&&s_8AYSFALyE5$V04dXSt4R$=X+bwYVQR)0};#(w;c4wA-Mr1$2vYtt=bvDx9ANF*^5ffgOpPi+67fRDK;;3y^en&)yHXV#ZJV~kVf_Ynv8`~ z3N&-JWh~rZw92N7&2F@^vhq%n4JJQ&<9(jZateiP9w1-8mn24=aj|@q@S)RtqDMTJlLs%}eo^i`{vd5WY*L%>O!s zA6Mi|=fY?Ul~4}AC|A@NJ;B)Hjxw2*t{|_e#N?aZAJf&@O}`tr7zo8-eOts}V6M=S wsREx;4X)dv0zc2Ued9ppp$A@9{BG&2P*Ou~V-cdF1LP|N;=2jCC7i?fZz)Z+fB*mh diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/dianchi.png deleted file mode 100644 index cdcc8838746f71e1d0292869f014e03a1799820f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3942 zcmeHKXH?T$68|S85Kth*AYCIh6u~@cDg**iLPu0Uq({I4QbUoF5S~acDhdYaAk92L z5QNa1KIu=vLPDN&DWVYpX&c|}e%k%IUv~GNbMKrpGxyA#IrE#6U}I$>C?F{S0Dzz= z0dLEtFMeJaFZX@oK+ok8P>`*O5kMc5UH|}Llqnu}KFnn~hn$RDljzO62o4J^NfA_P zcxu8Z*qx06OBl>oU{jWvyphL7@as5?uyPd`%QsGFq6zjb>e0?o0h3l7RX$$3lkj1*%I4w zW<{x*ZyXiIJJqz(1$gbVs?lod5)aCLGVt!T7&JjQ#i+nP`uprn9v(PCYFsP&OP&+RDbSOiJ3j}lK;*95|oJIO4EupDDsrr$$*b| zwTrcouG_-GNfkTM<8)_-reI~+#IMJR{ma(|F0(t4@}2M^>|WzsZp5+Bl?j;r>l8?! z1x@>?S%z3L=3Eh^Qp*@8Yk~bViOmh4&BpIVtc_e!MhX;!&Tj3_derDDYdZ9R1Q6~U z^u<=8d)eyLS!0c_V69`G@%3X(`pNALiTZNcqcQXr$W@m zesev1Fll-H++(YrRGCwSucrhScf*#yx;%n zO=Yv|Kw_BmYSdmI5AXi4rlO)E@h>?Q@g--{J7W2SC3XGTp1E_*LTX1~`2hB8TFvjemTm-o$8wU8F=Eb_3-rq;o0SJI|*4L&U`MfUfec_P|PV!DDG z-<-K}c=>977RI6Bh78rd#z$|ZaY{(J)TwPfE7;6f6KC*Lz}E8j zwoK(P^4L9PJN=cL#?g70SyrI8?E(7KSKMUngiwGLzlhk8#709PLc#v?dkZ{ zJKs8D?Z`aCBTnk;Jv@9u+gexC$6%wJ#0#t46HRh(xvTp(H$rj6i}$b>!;^8oPaW|3C#yba^)@2Ulc5(K`Omv@zlTJ*O+ zSl``!c>WUPOINRCWTw?>w%?(5C^+L6@fn)E-Vp8Hw9e?cbRRvIZKxO$f9#iW(sLYy zQ423YQI&1spsHlNa=cqQ5)Y`#ofVK3mxqe9|4z8at!1V-NcArWt{U!tTJ7>j>V`Mv zt{)G}6gMuBHhV4R;Sku0oGDd;0#_x#0zH)czl9o(A7W1*LZ$!Ow|AgS2J~8!hjg@^ zT`nqz$3f6UvEpy4?b{Z^M~avbEJmnt1$H$ zk+X2nNfIu#isxiBdOm)H0Ez1d1fFCRdf(<+p*5jo41m-+{*xY>h#2ys=g#=Zg(j|+D>Xl76s#OSCLU)Z`rW7ZK z5dWfUb4t%+gN*r^i0UsUTlu6XRsKr&K&|$-DU?4nY`2S!{3RsJsj%6SIFsZvvNq#j zr?39S^Y6HlcJ8;f{nc~Y>~Cjr_Q`Pw@$c|s^R>fopM$yRvUE<*e-N6-x7%v*7rw4I z!JIT(dS4p;lG$WtNqPTM65*5-Cz6VM5g;=!;1}|^2 z`xX(wkG@=?A1ssk(lG?JG+cgByUPl|nj!J48>V{ymHOMfnc!!UZr3y@rPUD=wVwMP(r8^C+ff3ry1F{{iwwDfN0LND zRI;Muw(-eZMt@$ITsNN7iQ)|C5PK3u3v48+Y3t0s716m8k+o-84wP?lL^1Rp0I zhE$_|x5R#ZA(!=wr`bL9@%sogQsC^Vh}YuBPhE46^S*@=6cjuV^n9YUOsDbkO9Z#? zD_zSuVg9p$y01(;&uIPWQ?o%51}fNV(%n~tA3#8 zsEva`0JvjLNKu>^qR33}rA|Qd{qklk9-+^t+gP_FyNbYnjrVgF-N&b>BL;h;=Nljne{5<{dcJSm1h zr}hskU5>b$^89wo9>CFOF+>AVIXHts{tYu*p6Fad6{~ejXJe(Lq^|1?U0>cbkC-;- zuuB)wC^2D21H$6OsvWO@Md+r#wwO!UpO1Nkq{B+4bf;n;P-Xfgp!qI-A&kIV{EW}K zR?VNc$Y40*Xao)8MZR_Y{B~fu$h1=^Yj_wAL&SG>-2iWym5gGWFX@GbmLHT)X@3{g z1hYvG9!O<2QFn`*UVSPgAJH*Ikyhy}(F$FSgnPbuM-0cr;)RG@ffSQgo-um`K(1iZ>i|Wo?+BDm9gQ#eT^WYr}T#z-yjcRFxNFC=c y5y$=Sn~Q-2?$E<)K4kIRq-VuEb^2Eq*apIkCpN~0TRYsv88AI0x$iEP)Px%ib+I4RA@u(n7fMZ*uuR8+h@MMcFE6+H0ZPCQUy zoo)jY13?250|PSy0}}%mObiTUDe0p|*7J5}rXR>kPqdHes_&~`)B8Y}@e601ACkbo zPB0~q67ZZr+CrWK^j@A4@E)OOfs}yf0KJ$0UkMBbgDss-=e74(A{N-l_&Wiu^&$Wq z2Y^dNG#`<{xpYw!eMFpR<~gO*LtAJw0sHz@B0BHfDZ;`M-j-(O1*KH~4*~nc81tB! zx5-U6lu~CRurw|?3H~nuk$A++JEhAa5uI$@G2nt}@S6(Q7q!+a05B&UcZuj|K&INI zs^BLIh{OW`*eBa*Nhx)xcIN;$)`6cYVBai?;yxlC6rN=w+8=Z}1VrK%0GwD~fVh@r*)9*piA$Tp*A|fNbR7{-OZTTll-naYl!yy_ zBLPX`3ILoF=x4*>Fz@wxKYb-!;TsEx!~y_Zl+)??Xf(>Z-R=)p2_JYT0lUZ;bAg#J z3-pUttChFg?e9$`#^DjMpJkaHPNU2D>$KMTEC5`SBwk7q-|BV`0q>kZ38}R{1pqhY z`6~d(iRf#UL@0P~0ohK+nEAFqzme_qWs*cl_#grzahRF!3G`cL-maATyip=Fd@uny zoeluNl0d&h#5~KgPo+c*_@Dx|SWy&v5ph|d-^+IT7z;kQfJp2{#8r{_z|6+}3|w#K zcvMb16r7LIX+@1OJD7QG{GJ%_Q4$zCVz&aolUS24`$S2gEN=e-v5#Z^RTEX9>H{sr z`$-_g6n$!>1bn6!Vr@zw#1wsMqy&7X7h>(qC-4i~i#9;Awu)B(0000`~ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/gaodeditu.png deleted file mode 100644 index 920931e140e722a5c69d6b745d5757dc355587f6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 4160 zcmc&&_g7O}w@ri44IomaM2JY|Qj~y#2ZRu+G)1ahA#{)grTg6|RShNdE=rfGGy{m> zr6V9Mv>-|m0RaUB0k6E1``&ne!5icKaI(i(S$nU!=GtfNJqOR^Ni>T=sBG{EU9smYCdLgW4O~K4YFSAACGFuQ?yswzA*Xy7`Y2^!N)zZ0ado z?>2LM0Y^l&MDl#?gu>o#=pxzJ_90>cf#e#rf18RN3dx2?N4n?u^Po@~^Fjh~a0Dhv zx6Vuh$rhJ$o5BH3;_EG#F3Eu-ItMjyEDI1QyW4x;u|X(o;q&Q27?DgysCqW8euhAa zJMotHu>b%QR-e5SNG88J=q>|9(dheJ*?!HM0KkZFwL$Zsk^t7h3v;0T{~)|oK!JKO z(v@v1W&zD2PL-y2r;rF7R!*fDw39lJBI@8i@t!RRsLe-}_nGvr<2aj#Q03(F_*|)abow$>9_DW7}0|w4Ess z@S;Nb8J6apcDtqf9Iqje96;4<#MTab&xMCrALW$OE4uUV-Pjq#CI|2FKEcaCjXH7C zp-;T$w(bm$C%1`NiVD~+m)=`hRf9rT$AB2P)Ol^ghJS+AlA?aS(n(nQ6-D}y z7DL`8+??tt&dz82hE(IXV_W0pgnVq4G<05>01=sQ$rBd2qlE;vMT=Ic@1p_|i51(Q zI(M|BG3bQuXrb$^#wVzB4eNGI*&oM~cDkWg4CuwFZ&vCNMIHlhIj5RROk&8ytd`7x z$$C+X4!1(dF|Xy|J`=#vkrU&7EIb!z&B@XA3U*X9-3U3MP2+X_>*kqbW9!mM2BOHe z2WEF!wNS9>O%{x&*3*vsc%2$S*Q*fZhK)XUfL1C_?3&gqUACnNHy#aOll_&Q)fG6= z=#ro#`Rm#AMXgEG1|>Q5fB0Rzw3Bm84O&i0p`Aq1CJB!{b{nE;EeAurWj(WCy@&DP z&UP@>8iNDJ+IczcfE~tMgrNJ(pZq;tDcg~zK2r~|(C>FuWhWZuQMs76 z*^q5JWm~*I@X>nPJ=}{u?&-9hu_8@R(BFCL_x0yLg1prS?DHq+FdiR;l$LvC1jF+v z)RWQ_3qO$TNm|a<$0)14Cpe;+W7?@o=VM+}P0!d(VwcxFkCo1($^8u3?_YXySW+jI zQ)2mta|85X$+b^)isY+DHSl#{5it^L)6J|bB_h;_&YqdZ>W5^mx2esQ#QKuhp&=)= zA0L#ie9e%hZ$6VbCRmBT5ZrR2l6N<=f_V$i&)sC<*V+&7t_^0wP$bpFxD-`e?l2OR?2l>LSv4h%X{wfwlkx>!A){p8G~ z>1$sLd(=lp7)FE3_;r;QdoS9I6Cm2p&uOYGorhl!EAjZ+9A*GG=BXvfo3FEr{qez9 zA&-)~korn)-dH-z=@jhNN<+%%7fPFXPNqeNmpS_{w&wE*n1iE9?l37dt8@#VGW10k zoVUfdWlcF1VCtI1ShY5rqw4|9cl$k^yoyh$Fn)iVJ9J+=z`gY9XP^v8{@F0E&(dhG z=GiNoUAAjG9GqG=r#T*JM;*4_vF4YlNnD!L5v0}4u*D%$)c6T_?2N@z_%3WTgFZ@XuM}}?!h~7DxC9lSpMcLT0zjS=R zlX@e+Jk5Ixf#D9nO@F!|p)vx#xFJR&eBvvYafuiryXS_^Y!T}_!I(r z=l2B7ffz2@_ab!d5gDUCNEOyD59|#rxk@lA6Dw7h!#=g7Ze3&v7tsd}Mc?&O#HSDY zPd#`ift~h{zZYGxupa;1?XH&V&4w+7OfuHqA$v4ZWk2<-a(?m36z@; z*tL!HfiTg|g)}WIp&1fn)?Yhjg+ybkuCiTvcIkp4(44#GTybZgWl-^|o&7lB2HQZs zj7&HE+H%LG3noBwrZ>@E`KxIA-Xo=SWP?80UOU;_IY%0OG3#qDrL7{cw=UyE@OKw$ zdTh2#O@g&b^dsYu`mMBzK{s^T)JO%V2#MH^=@bv3-OxH{NSjrGrv0e zsFMCVR>P0xzQz)H3BNe=*D1q=*@xfDZ=f*fSm)A~ONSb!^$8m%U5w<0K4Z&I1$et= zMM(81`gBfX(lvnti);~{&qLhkqv0?4 zIVTs*>OW2O7}g;hr8`_-vb+9R-Y&hr(edJ&BSaPKw!zg|TJ0mqm<`5#`9=KoD9=#< zZk0V!oOdNZFz``KY|gjD8)Q<%!(VfM&sZsYp`o&7>%_dC#N{{N9~YxIw^Rot~6)$Lx@y&tzLFMJtNEx4()w*EzIT5P5(B>5A>|VR52Et zfS^Ljn?YQ|2APv&1)A}G-W=oikCwan8{)Kp2q4>{ODz65*XJD+|L&9tknZ@D(VB5yTPUxssSC$A`u?$@vXZsDDN%5?@}ja(8neK$ghg4jiGs{N5wT^J{mP-(lolJJSfF(8_>klLpEna73mGoSZx@cWeoJnQeiW~0zt zVf5qDAIp+AqyY=tSn2bxQn!B@X3I>TTW*qFmUva41sT6|?bTRj`!0Jaj_rhZNPu`4<4HC#nuX+NDs`yRe#jjqop3z@apjLpNpt);s_ zKUgI$#o|tJ6>&jTL>$UXf??QxeD&$98gOTq=0u;VIfKTH?Q@|73LF!coD27m*JH>+ z@k44rb%NAEf#o_}@d`lcUg1R_x4WkEyCoFD=u&3hAVOS@2rXgN}Z1;gNG7?clWm_wTjge~s*MkQESq zN7-%x0R;4uAFdzZ;Yf9*^z$%F?03HtVwuZlyX=4?AesB15zr$uL=3li3X^5wWY8fJ z0~wJ{@G>=Cw~PIyMgmR3c@VTlCpFi{Mv0&WN|?f`_vg^VUr_z=1Izy@B!S?3_kqjg zvW1lR=Z@YEDiiiR-vl~6C3c~`|8tg8jEmm|f@%ae+aZAZ?*rU2D|Nab3cFQ*Rumc< zVyk;FED*{lGwnwu`Rk>0E0Mb#DYOYi0-Fz|gw+(NRs3 zD#;R~-1|TiS)C=erl!{^rr7dP4SIU(zCXmWs{u?R^UkBM3YRi_92>v#vKI$cDryaiQfl$uY_8b~kkkN7j6K-Kv+>-@#LAVzFvcTxZt l=F_|EJT1`v{}TSEvPE>#o>kxo4*VnlF)}dMuhw&U@LzEHbm;&9 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/jiankang.png deleted file mode 100644 index 1f5004bdc946a5778b0b32bd41a51d5d3d98ffc2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 4001 zcmcgvcU05MwoYP#N$3zdXsDqJhmPRM52Q&I1>w-Eh2Df9B}C)^f<{4!2$5z10z&8n zB#59O2+~85AVH)END)+yyqtH}UHAO|*1Lbq%-Y}DGqY#S?C+bM;b3RMjTA?MKp<`_ z%hQhR@y*{2&cW`hT&l_J0UYIMVFIdtC%Fs)@w!=^2F}NMekr_GlN%uQx}(Dwi`2!L zzI`i~`Jf0+JIeDxVAwIgA78II(#c!{qT6y8sv>I4pN_s)9huz2@2Q@E=PP7ix}+>J zNK;(Uc@Q4$KsT@I=ZyT|wLN^tj!va*;K)nuiF?NbjRv=A2}v8Tm)6L$v9JUp2r(*$ z_BVydIXncx=EnfYG#U%U;fQQQ2Mc)*--KrLWYZ!|@C26sP_ULb7%7k~5xbZQg7x+m zF#@$AC^>Px^*#g`c{c~B8@L2jwA2orxhKfRG1mhhzK1&yFU>ToVA!}F$AE4re-Zk9 zbHoKZHeSG$A7URms=Cj_aTJ0-&DkuL~%yHqga*ad|GwGky-baE8lnDIXp;jNMyL?8^ z!J&_goU5&UQ>-d82-+HVe%@a`UQ8OI509$ycg|$^u}+pN=|3@1vXt7~Qya?zOY)5* zP@Xt3D|$mBi^t@YcWO{^d4d6s;FqdrTc>BqkJ``K|r;a@$i6OX3Ufp8>8gdAu4Nf$n8( z-!sk*T!-IWaGFncGVH8@E0555R$whbV`J0qn4_Y}AB(AP9GY!z6r)j4R9WK)DwW_s z3@N~&%EqIJkK^w{CN8e*-4Gvm=H1WI+_E_qAJS-nbi6)!AaAJ3*EXa&q+OkSXuK9a zRlBvJJswI6L{hn5vQN1L=4vud)nBOe?Pk?RS{CTY8N{wY#Ud(rl(}9qf6auELXodmG)L{Owtj`s3e|eHQgA@ZH8&Km@yLUNCF2aCGJRWXM>+!Z0^yyT(s|$oKWp=4CHLV< zcYAVq}33xku z*tf?jFpoUnT7Sp{b>Khtn~!4>vz0&n+BQu%-1)k7R<=QSIwlhy8tNay(jiPkm{W^F zIQ2*_P6{ zgHEN>G0|w3Pt89?oHpyOn5~Bw#NLdq<#fDqftT=&gzeumMm*ZzK6@Qo?h$r_S?>Z; zs@^%dSmF}7CzowYG<~}AZq~- zWU5NY?VIB8wsN-(li#psB#YxY^)vF~!G`!Xy z)i>FVL@1LGoy{B%THLSR-srVb7c>+qYoOd#*%Zp-)_rK5@(Awm)fiXFXus^4yeZat z?l81K*7D%bSL)x4zqhE2zk@2peCBrO4eXJgU-yM87}VWZo3NkPjb!r{N$E6{BUQPSBfFY=Qp8%#^yo({7!B^IqoJ@<}z*# zZ6=s1fNw%6FDe3@h>osa;7$3P;i85cP?XAFc8ob;jvzu-=tL<59A+LE6q!ZKz#|nV zf6(vg0A~XJQo>ssSP0bEVI$h-lrB!c@jFNCpW}bkgB8_+fNypLy7K!+(|CBH#pnbg zUIijQms7Fq?+itR@#hfsc1VG}ahd|~InxWfWehjLv8u^T^keD=I5Vr2(SnEe^Y3SG zWPIKG;mXgB^csv5TpepJlM*6WvpX)RLdZ4TK`7p0Iatxfz@1(PnWBe^H>7|*#$SOh z7mr*l2}HDgytcI%s5j;oW=-5Itvoqq{q9i?9)LKXx*KH8r!%QDgA5#VTdmO0rM0wi<ORhw^F$Xx&beN9FN3J{6ZQN1d1{6`1)vu-LWSz8@U;_AFRG7LB|+ zER78J$ipl>Q0+KBz6nLx3!I8)YgDc$Quo8I#Y7r^hG0^yX$&rOVa z)OCMu3Ta@cQeqVXmUWit50d>UsR9NorguqS`hCr-{j9U0jhI`7FU^j>bD&npTTv6H z38i|9N*upam8Z4-D9><*N6{{WcIyS}DLS!u;?;+BNSe_}YtJBG>y^B~c~mi4UEQ=> zrsG@>&GKHo?+;1|a7 zPxUlk%0E{m<3C#dJIGM6ZJoIs=}<>`73-;v@oYjfjokBttQwQ2{>!G+aA%0{ad}@Q z!xIe4cvsCR+)lJt(4{F2tk!L2JE3093q8ZWzStVE!REbNUG?wIWfxTctXB*)(d@=W zb|I9~eTukKIp=0uEmJl(jwHsPH*TTWgLS7Re;x05{`Is5DiZ;^x*kN4TYHMOBAKL$ z$4x(i56J`XOSeh<06{0nrVs@db^^OHgQXO&m6N=y)UxF%ju z;sdGl21?GNE3k4vun0Y%wQx(4O$!F%x^5w4Y(Dh6C>{UFjm0C7Ziludw1K^!f3Awe zAhd103paY#Z8s|F0Gp#+3-|g~jwnv050K;>uG6<)V2(a~;%7!2r=FtFBc9w0FcNrX zhQ(XZj5L4!d5%qNQ@hS^y9NFKCAN)&%!I+{Q*H!z?#}Q3^0mTlT6f4SShMo2z<81rf^n}-9xTt>Hy}0L+#hO<7Um@XIVko z5%r2ZF5^nc4M2B3+NZXg`r!nZ_I)jjADfPR0+e2wsl?%ws-F!@31P(~RKM+9(TVDOTeu&g{nl z_p51{iylPsIo27l`kPreqecfZ|2nUd?0!iNu=mCgB!BbRTN7bMfPOMU)4xUm%zNB0 z$-ib)T|;PY7(%LTz1@glJ^p*6gztenpZ@S3%SxosP_S(2LKR!}UYhy!-?4>Mkj{U} z#Z|XPDO*mSFQ*iOp0r#c;(jw@Cd}moxnE_u6UjNLv9M@^MJ|?rH;{)BbZ-*4i8j9L zu1>%0q1T_VEQ_W~d5{alEf#AL)U$W58e2hQyWi_aJxRqgBRgdBdYnQigdHP{7_YZ3 zK5>CSZ_AKl|3Pji*so{RwNAni55o$pkCuOwVKbm0M-+xVt!XN|vZ5})Y(_}lglI2~ znvN-fC&8KN&7B&_s!;Oz?gn+Qo~ns}5-3CNjO*a6Vy5p#Joo037#bbtS1L+&&#Mm= zP_l$yW}#+l13*29@Lb5k%fnplILcFd=zZmy8b0P_HKx*BPV$aY{^NlRA^+{9=_kvc zvugVl5HlyPJBO#rk3+nP^156>Y1p{!TTaLWTWF;=T}vjee~+c6HUGujDjVIPkwvPe z?ec1zh6IO+2$kxYVmbFWb0E%DB>B~RMqYhGxrp3ltgC$^Ti=2Qa%M#pumIPQfac)8 zr8OTz)3m`8L^=Ax88TRas$+lEj|75ga^=ob&F}>OAo5y|1{mops@N59lU)Rk8!@td zAgEUw4rypI0jt2WpERPY+Z) zs|YX$YK9jR?L{nD!s2BPsU!)BJF zLOt@<$&~pWH+fwK`4>-gy{v-0_Q&C1>_aORvru>~&Og0039MC3(hzVbx5#DjB5 zjPe5}^+7Ap-18n*K>BRVS)Qbh=Dq@|IUb$zA;Y}PM)jh9%2%U+V>d{uGozow1boX^lp;- zu5B?_u-35775O(*CL zQJ8c4X2443GAq}0-t3fg71<~Ib*lqDwtO~^|8?IUx!w?9K9j3i*av!yC}4Y3#1>+x zxZ!w}$WQUTpq(mNdV4^k64x$qT6lxX`u*u+?e%BYSSgT1Qc?5qD?Cs%SNQvqI{*}; z^wHMAP!Qg!Oq*i+G0%TWEcL89*EYc&$k$7wxPm>xc65c0l7cF$N6VI zy4G}8+FIcUeCaDG=Wa=Xs1c^IlfMF)c&L|gu>kss%dIl=cH~yr(RrR^J_z_92P;vh zMc9J`FY+$~-Hq!@fwYG!l+Y(!Qm;+b9vhd%@1jHaRWY*X%qou#&0gm6UPtr9dc@MH zU$Dr`-y-W1b zd%g4d-sj%G;6C?1lV(# zL3tLo!Ew`8kO7nrF>C<1eB~FbXA)AhXvC%awH1k+DC=bm zl>>p6I$WX&vUAyUDqm^)C_j&CKQT@rOsJRMGM^>ECyrO`bB$=f8#{CUYQyaqX#5$s zQ$1Xvo?Se`s(Uiy8fD2@FPul;n;@DnBoX`g`Y>bv(}wu|`OxKAEHu_jTEb!rhjJ;L zumf+B35-<4fGOAx5n#FEFfVBki-)vCToxf4GJiu%NskTtoSJA@d*DO@3RL>zoKUQY z?Qm1(eEYKHEe%S@T4K|S$69H#NvjBr9V5VOk}XQbEZEWV6%n5;3pQ|=6@C2Eb&Ju% z^RsVB|Ae$1Q|qrk^?D+_9^d9h)>%3x&+;BRET4H2J!~&ar2I_3{{3#6Zdbx{8wwCi z+tbj8$fwOCn{(M6feRQvsg=fSNDjO%35tJJ_+2*P+cI`|;vr?dTJe0Qeddf-B1?-u zx?^)a0gA1+AG;Do`Db>a*Br)TN9lts@ME(ibsGo_|+}i%ABk z_ahofi*lB{Bn}_(rZ+7PA*yrrnSrUmn}wBaf)GhwnEMFZxHUUBj_FIQWRWJ04KrrN zw7aO#9jX4-hq##Rg2*xe3qavZG6>>05RQ=U&`ix4jTw28EX@;_vkM zXn5@k);W=<&_>&{Doytw1~&!{jO8*c7D-q#G@Rw~rAr$%x2_)hfk{eD%Z0~{*pI2L z1dTYG>0LK}zZC-IhAuuTHZBfogL-AM=Nb2}{QT(SV$~#kIi8RDjkDR1f#3+^eszLh zr<<20I}yUo0sI*5D3b3VLG%`vXEy?xTj+q5*#R(wSqmR{y-bRGRO99n8tbZ;-nrEYgkxeFVjyQ1p{CoR65$HSBP)078a z#ELTic1&7+h9IYN9+Q={;2-FTyKWw?d=q_l=02^*v1cdFki&~3HKYD);k?~%KleUU z{HybhYB}-(*Bp9u?0(E0>Mj$<#?{@n{f)G=nl((I$Zxj1nk`M6(Qk>6`wcEvRbuw8 zZxDm=5}NUFaGz7Jb2#M)6J$A~}s zd+`{M?TXiG4Pk4zF;=s$tg_04UD(cMDw%q`CZE9-(!UMB~Z!{_Y+p1h|-q7HpDN__Byp8UXV zlN~pp-!ySniXn4yMpQv*rC$z?m4E-oCi8Nz1pGG`%F1?9nD?Y;e?j% zaMgnTc=d@)@#iciS!Ri;{qvjhu*134ttaPRG-}Rw7py;0Y%AD zl3wjs9D=VT9w2O3D4Mu%+dR;Sb)V{YZM2>*gQ0mqqLQvVjGs<4)6HQcez=ZudiJh# z@0sr$*XsAp1JM9$@$N(?@r4|75Uzza)%ZRZIFI&xShNa39DVqaWlH`13;gCyA!FUT znV9aV$t)Cz116ceje{)-;~_yBUU;+GHSqbWJ03(uKRaS;-AOKfP{0)5>P6&?j#kUb zpndjz8RlV)`|+O?cNs7%GI+-f(Bq&saf;5VH(m-BXDY=}Hpi`0KqDkahRU388DtkK z($dV0jtvJ4ToxllDtZmJ&1*GAsMzW!TWGsyTzg9<9NsJrd(zW+`z5R_hjLb7Zm$QL zOxcAsJuU_vzoWNMxi(?DTtMs^z5(fRCxk)>O6t|lM-3m7qsrKttDIiC)5*4-8Jn1z zG_Bq~q8j8YdAAOGlViQk8C!5!c+=b2*;8y!2{XEl6|C7BdTF)Z{IZBq6oT`?{N4$? zl%Qu_p!gF84&o}fjgv$NM_#JIb#9ODgxR1_(7rPTG@2@o_dvuLMe^O8 zz3DP@os{*Cy-~yo^m~u4-2=2Y%;rF|E+)y}`_FtD&5#(=JpE~mliM=V{I6b|lcbHAidbtLC^R&M-(&YA zRcf)gkND-*uiqbmTXxq|F~TLpYeMU?S6M9`)q;8oHnCQ(T zb2$|G{@&wKy>h~N-$6UxWtv>SrYUywHHQZ&g_^FJOy}gKxD!euelUE=m$u~o29~@4 zdmEVs9nn7(5o8iPrh=HA5!8O9U2*Z9BZKbzJ0QQoD910h+z>vOdZM{kD=ai_Y;ThE z8m@JFRAXX@;CrYy4vYx7U9vd9(A=4BkT?{o+L_Uh4dDyqp+`yb1+G%pCzTYy;<6(!8DJ+=NF$*0Ox{MOd_hIwbIRh zk{|NRPdS{wo8>gtl!9A3`a#ZQvGZMU9CxI~FOYrS7~|-uZ#T8e))QJUFGzf}_sZ(a z6y2VvFVC5sOy^C!w6a~UceK;x1w?VmmN{Gp=`P_)p0o71JZ~XmNC=jbp>oQ3-#2K} zTk9kP?gkpd8KoylQl3T+P;a}bgV9;r>3ncg^{>4;pOe8I+^}b*EsO(8U!GbQ2(oqq znHz)F`R~uUMff)iiC`I&`FR*EK)-8@0S&2(DtK9_*qN`Gmns-KL}Zx(aDpo+(iA(N z=@m%FO?^jKEr*r*3`O(DCA!I~F1v*I2BolMqX2^XmfhAK%7 z$$*)|!EzwWJsf*WC93{%8v%$MOSl|30!j%>@Z<;HDF7j$L|3OAvFhU5+kF%2ZBebZ$3%7?M^sof8JPu&h zb?CPy11*r{hG9x`3h3zzXfSm0ju#~rE*GaHBnM&v(!(KzC$O$Jp#O1S0$Udd77WF@ zUeRb!b1SIFVX^kjaUYkyQAYZe+|x+W7uhQR+u;cu`bOrE|009+zfut^5Q6;A(sZ;V zf#b7C)qo__v1->L)O{2ir~f>^0B<|_^j5ijUc5Hgx_A-2b5SBiJ)fYPS(0 zRoI>ypS|U`^TRmxM)y&6q#{r#7ApC*kvDv^o96B^RiLPh!LJ+t6WPi7n*hYcI)&LVf>A1xf|3?z@&XGL>cmlA9a{#j< z!Ol)niE;{b;cMeJ;t?wvNPb@9Yez0Gq#*0rK#Q^EGsi=Z1J!KK|2wE+$-Q96Wrcph z1#)%>hLXVq9Sqx^NWtUTAL@lIkn&`51A8s}GF|mX^y?^4hPL!O1MkLbM$lA3lYkCScw0Cm&0n^|A~!P7oNs{ZKv(1nRw)aP))5aqZP^m*k! z(c?ggZ}VY&viio9`JB7=Oo0J*vvT-t6R+t2d{40@iUe6 zWIF@VNyA> zI7r&@*Y6?WhF_ScYkR*=Ofl#rKLIlwKd7aHK_^pTuI1g);XYl8j_exGTK2;Ekd*Y{ zrn6D9LxXum>9zcn?RoM`(J10zXx(*}p^$vFYBo-6?vVYWwHXxv8zc_I<9fyNpvoTK zaYm9H*8TnYNBnDNY60^1O>o0W8de`VE$jI_3;aPRQg#q!xwt7#Dn$U!BR`na)QPWy z$Ee;YJ`CKR*K0c#;ZiP^gYoR$;G#_T-^tc8YugXXNz0S{;T79_%M9i#f8_R{AO0HwP(*)n=hkpSMjC=Pr=Gt1=7bbEhM_bsG}Y@dV8K72bR zC7L5LWCDa&XRAzX11!k_QIcH?5L^`M7o{X`xxM@Jv)^@c-cy96;p_G>oUZ1y>nO6> zKVi_14nO@gm3Jkz&aKg^wlr4T&&qNr&oTPybu6;5G}FS5#t{9Y+=4|Bt|)23eA7t` zV0k(BXtP<8UV5a`p_I3pMS2Q_&s)J=X6E9E4wRT&{JNJ?b;>`MEJjrI^wdRl>CbzQ zit2=IjXT3!?__sPyoJRa+lPinBhL7;;Py*N=DJMKX@T@}0|{EP2_`aaRSjvS;JH!5 zk`nSJ?uvI|KhWMJp+2Zf$>Z)?H?-`Do9@yVgA^JvV+}B_R}byDdcVTcFEb{Zz=--{ zcu@S`BOe<9bCk{_EEOVsTz@IXWOK|% z-a$0)4SXQIE_`!(#h_u&y*`Tp7*tV8F7Ka2A@$M0>Ng~RU+OfxA?95|ZT$TviF{0* zn`Z4q0OSi*-ZOoTPA0XYF9DI6#Tn?w7gMry7j}Nyj|%))5J%qK#z1@%IkIT6M*?{( z`6UIgVTvPYRno1Y!z1 z{=6hO`okBeb$XC_t#60fp_J5}gF>(TC{EalH~}i2hNslMjguSoDR4+`jCqF2NiQ)5 z6sBaT^db#^ zZ(EaTR#fQiE5eIUoOk*KgYvK2pC(Q~?i?(t<<+bfq)$SIw|xJpbdOaE2t>~H=W34XZkkKffM%j)yo&z8xH zTe(@EumNSqEET^lDmmkJo^i<){Yoj=dM>#;6R|%Y^C^MX3;Etm{2H;+aCiT<3eJo} zv!;Qj!PphHzBZmnwz%o|{z*oi8}=QR)Y#6ELA|OP1!1m-OOdSQgshnL4<;7$_2>lB zXQQW;mNtE{%hL1L<(#Ebu-?$VK#H)hkF{ubXE#fMm)v>>Kp~4Q>~cK(TS=i51o93_ z%af94c{(G4-Eb4~q-ISIIq(^3^*MUpFkQ|mzT2gmB5drsWr{?{>yrtm`3Os$s(IOR zY(-**ZvYcwSyD1F*6H2yXzsI}+0m!dHW86XXy~83vh7<7gREGa9o6*YG#wdZvK`@eb8`> zY(vPpD2KZHmc8B^@S0h=NJYw1^)EBI9<$p|0D-y8;emSa>419N`bCr^?&dOhFyppv zsO}Ty8%@?LN)LN)Z_On)BQ{>+<%v9kL1j3I080`Vs}s z3{cUvxfkwDBHri=fKeTL3DYiN3IsI|{Jy}VirPC5Af z%0@6ZEbkrZi(P%`*lm?MqU|2?6p{ywFiJL}iCZSQdR`wKseW3N!DFUm;QXTg{o9YG z=H*F)CckBk`PH2=OfZ5ynnu6C>|K9KHD2n~KPatuX4|WC_?kIWcXeDV)I^JtO-smV zLhSdn$7NQ?)R(H_#@Fdy1n+pH|SY!(Na6>9j6~HOYeat}vc}UoRxtJsQHb5A}V6{(D zTjM)$z0um7_ArfdEn#PZ z9}L4xSgrKhtDO}lXbw8~nmCax!TKyly_xYex+Gjt%o>|pme^Seo9_JgNgTRuCgf9i z1$>Zn7t>2S_{6`oMI8fD2OVGDpc53z~xJ1QdYmQhj_oaQTjBj1slR0B)HEc8b1!oKIM^YdE8m{t0OPPVUYw_vNFNN7NZ(;ZX=5Cy+kq zLoo>ir{njhlD3Q26OlblspVWZD|l|p+>QtZdjwN9g%>5<6mxM{t8=ULnS`%NwuaVA zu?0~kK=V`>P69D~5687B=-;ySlZhkRM7^I9eP(o-iKn2IHzO)Ba6akh;mYW};hm;( zRyVmPK5*iJORr_Md#dSKe4mS#G6Agnd+m;?rJnZ17M61)nLWPB7$l!86ZY3rqIlD@ z3Mg+OYuokTiv;3bFq9Nyhd_q?_x|si^}50*E5ihI(pilQ+7>_c$$}Dq{Dr~;pLsye zfrmihR|X4|O0Lve+j<-{XO9(@6X^y0-)}tSbKPWF=E3gv(M5tDW5hfm;0}VJ^2+dFs11~q7_r2PtLt_kW#Xt?_eloJ7*|)0AFzL<(p#-PmhdrS zS)RgD!=|(sv3*G%Iw4T|2Cp5wIyVA>B)6krE*TWIzNW?kObtFJ&3(UA{)q}D5O|QP zRMhuLd;Jwyt3(df`%@oVV7SMqF8q?09LZazCO`@2x{lqje6pU8UDY~}{zpGsL(gNR zRRTd;)7|a)mheg{_a43+u|&{PSqXte>4$7}Ge4eRn|m-;a1on5Iy%sKni6lQK>~Za zqoL!}wOe1#ONiSnK!xc?-S*ItxhXTqi{b5qSDY;U33K2%%X-ez*BjJd%*PEuFjvs4 z3dtP4Vz{XW=@^-zYQsq3xY_GL=NID7gu-mN$4f(?FXZceqkW=tmmP$KBfUAzW8TiB z{sOagD`Krl5o%{LaSUr%5lsjn1BT;a6&x`sN|-Au7K;EVVz2(Yy~YY*>%RCOyxjk1 zP}~4sMK!PuRaW@h(yIuMYaxr^=(9M<{Xne@egcC}G+z z`h2^uf>JAhE3MQCKjo7U8y>5UC3x|fZ)$#aJx_Va0{jS4{omzRjOP4=gjGps0|~fh-S??g={Hy`YBI(FOYdCG#}fa$q&J%m8;VgH7Mwe`PvwBkx?`nsS`@Gg*vlOWU__*0HmH)l>O?Ebi6h1VknX`xq5Snbz(swG$Q zk0e$;bpv$X?D}9OU(@@@Gl_Go()$O8`nYBXD>8cC^3ER5SsZy!bU(A62M Podc9!tIL(kSRnrwK7TK# diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/phone.png deleted file mode 100644 index 6b55011ef5c00deeabbae47be3645185d08de008..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8732 zcmV+%BIDhOP)00001b5ch_0Itp) z=>PyA07*naRCr$Poe9)-RaM9T8mn-C955%eoD#Lv%CRs@GsOW-Q3Onl%pB7c1qGq|72xa3U4M!VJnGNpQ$A2NVRsAsJe~@4NTqzR&v%cki>$z2`p9*=s%P z{ggBAd;j+gd+-0gimD8)ftyNN_WS-h1G-GoC6X>~e(k?ME9sM+-=~J2%%=5sl}(%Q z2=l$Gq($^)uThhCl-xtDrSmOpOU}7Hb zTO>U)rl~<&`SuKWK0Rpf6YQ)4CjFs3UefE*n<=7&zm#->q!Wu6O@V``fJuKS|1RnF z>CF_?!oNyt!Smlmjcnw>RKTP?fZIy?L|PL?*XF_i;PCs0qDMN=;3{C!6#Z~Xf0fq6 zWNQD7q~DkHfysDvF*tTq7WyOW+t&%sx~^i#>8G0?UeiO$DUx0y>4QUdn!B$GnA{pJ zr+ol(KS>8j8WKE!h82fcp2Sl0fP@#`_%&^H;{DgIn(`26Bu=lB>v40`v>-bDrp*cgrrAFdQe(3D{J$t zo+9Z@D@zt!U<|+jke_dUw@c8?=bCFwt}_26p`BWFw+1-x033c-aN_t+#_OmuU zBw!Af^h=UB7)Q&=9q`muCr!JzY(T?maNV?~7S=vq(o-c}kg5G_%?<&W!yBONpKTUb zHq5H?a!Icqps#iB;ug&o3gGOKVY2_!fQC?l$w*GX{DPz-B>m(F+F+mjoK5p{%A{wm z$N>$zgJ}731DeTr2;=|^2YG<&^A*XOwuhnKW@YqJ5(QG)cYF3+~6&?i`_PfVr`uapD5UVq* z-hV_iR@>M`9R))U;E5E1)E*YuV02p%fMJOSEP$qD!9|6!V#BEtqk$Z&4Nj?;9-xCN zPErBG7K|^=R0Mm?LmThlsf@YwapqWUAl|r-r2i~!@?OAPr-`;Zth5RB7!S^XEc@s6 zC|is4*8r;xJB@w%S6NyT+FK}gi{cRQ00uv#-y7J0FX$O;HS-=x2T8gpy5S9P55Kfm zO8TilJz(%IhG@hJ82pZ2BZ(De>hksmG~b!}L<$=}foy;VgLRZVt=Z8;wdZcf0vPNn zf9CFKdByW3y+hKUNaEjLYyR#j>E@juhe3!ZqU3E2XrkJy?OdsWX9wF>im=u61r(7yV2pMACiQj3KDOx?ANS#clI{Wsdq@jDICyLmL{+vaiCr# z#0i^lFCLhwl>_suA>3NWi4ly%Vm+pvp70uTyQa^V4f?9*o7#0Lj#r^hC|Lism_5X zNqTV9WP{ovY=OwgRN;fb8Idbm_yxuy-}^&JPfVSRq)R2;W(;gw_P+s zza|N{hn&JW1a7Pp`7KEpV@nXOQ%OA$E&nI!y(7jCab|p0z@$h`h(qY0ThDob!5yFM zR1pr8q=(~+GL#S3uS$At!o%P&P2?flnX!eKo+o7<#8^?Qzai}g+h+DwE^I%H~ti0AUqR1^2ugvh5>affp#_8eZKEp*qXNN{JE3HUQN^-6FsoOxp(g6)X&mt{gI5go`82X%0R&@3`P?$d#(_mnHp?cVJDuY&;GvV2ErZ*N8=Mi|6{8WICk_ z+ZsUQ5mqP;lw%897H*Zu+)R`sXEgqOjgbb%r37bQwyx0vGbTpl6nSKm{W+zL9d!W= zUa%fl39RbS7)?dIhCsLgcu`9gzyol&f@c4Y^?N8GPr`Hga$CU zUs$PCF*e~bIyHetmi@O?@KeJFYHGrj`U4x_L^yFSn?FQ+1bIaY+fG1ZJuY;|fVWBN znP{s$0K;8Bcm5V3z5y4MsR_}WtTI-T?RN%w4UefWww2IKJtX56lXodPK`xmd01c)O zkKivy7B)P#lLf%A|HR?YB3!lRHfCAIV=2oG3a&F2!SYQG$s)P3EE8$Uvg+_+=g0{Y zz71*|cvH4~WV()U`4WJEJsrYni*N<~=avcumGv6P_&T3h&^#iBk_$Kl^+g+8z1!(l zPn_xgHdSc=1`9t2c#CkDOf@iB`im}$CHTh1MyI+B?K4fbX}ALYNT0$z%V5Y(jf9=; ziWi=-dW1_GvP&oVtpON_6mDW1L5XfKmMOsK&)3x=#E}n?bdxe5ilaIdRg$6G`kA0P|JHA$aP5@q}Nq5@YXJcfoT5;6yRK++PyxKv9C*3!dm+ z!Q+FAAC~|a?$P1@vdGi{CtB4^EVLUAgEV-@M0o2LfQ& z(-D(kkxc{)ylJFF-xT2*7tlnIR$#Xy-YV(*&`~`8bx=uJ%>!){Kj)1s1u#s;>iWU5 znA6oe_e<$nVJ?((t=t1Eu>B~iEz&5aGW&GZlQJ$Y54bfm3xI)j(i+2F61$3d(oT0E z=%Gr_f#cCdpE^fPuY(7<`LljXAIk#97wE6U{-<6C&Uo zVsX_XK*P2ct9ul&AZIMRFg!vuE?YB`02qvrR>B7&+amAmO@j_7%*$`3n61R+yU!u1 zu}@s-6BrjIUN3a|=kRYL*at9omju_bRaVi=TH70{JlCACKw2gF4&T~gq2+NAg7P;- zo*d}ijAJGdpq>;g=3N6XJvR;5Vywc~#sf5KKhfpAY%EiD2a47qQLNucXcQ(Iwq{YZ z!6^Y}ra-fHmB5n|E2>4H`^3LzO5(X4Yv)Hi%}@-UQ_v|6yD5QVf9&v*U!<44n^neR zSjImPKfzwo0>*Pw=DwQiHL^T~{?567CbE#&{wmuw0J%sC7g%Jz7rd|WO7;k;25~}O zDJ@_;^r};{eB<)r^{^(J*0TI8D;2%Q1-x5aRKiQj%Nixze0f5&dA2;`mC^#nyH$Y% zBNye)%E227;Oas40ME@H?3Z`U$#rFzM~Ov$pdrt*8o%4Q5Vs$d-HzKgb`e(LNP
q03NpH5!w4vDf9Y?*~RZ_vi%9JDKJ@>rFY(Hgd7P-oJFCyT2Seodm3m7b==Qu2; zu%$=EO+-EHRIqT+Cnmja#q3YSyEThkWxU=TgbZL%?X|*Ch!uvF#wsO|`lW(}xf27D zlKRi8zjZ24xH})3Yda`q9OyWb6A)19G=f`OonU;#2iKBcOewR z6Gp&00D0hCndfor-In3?>=~d#uRE$lfCZ91mg5kH#E3~vybWTe4sy(abQk2=j1b;O zPYe?t(46OY$UMM!w`DJpbaccljcs_Z!)LpJ%0k%XS-2b*r#w>`3#t3@~0NHj>wn#3r|R zg5KIOK~U$-teksZ>()N+g2#Oy?-9I6QU#JqJn_HJ*w9=*!exMAIVB|5+R>#=b}}5` zathXDu7R!6J6Oota4kPq12>ZNDTgy;q~oh6uxu{7%_`=X<0T#HcoEn)vO?t)64{c^ z(IPn3S(7PQ+OK8jYXI_a4)PWu5X_s}VzwVVQAjChkR!#!>SjF%aNF9ZY!BQxbaM=T1Kaf6x{}<< z%LFs4VgO?$`{OwB7As)(l5}QceYHO4oU6>a4s!77iEMp>apmD5!{x*xxTjd_ENb5a z*d0dgK3g&d09pCcNVEl`%(=>VeaL!qP+6XAExS?!9x5+xTD|G{W(VYPD&Ap;?+X~N z23cjSw^9r`I>kY&2y%^hyjrWla^<_7rGVFagg~^2bnhNVOsJ5z`NH)D3>rLE(vc2T z=2~S^$PVf%<9LvXRlFqT2PCAl=nffY%2yfZfUR%ag_i{|w{BLMs~bC|c&@XIm+Sz$ z03_5^hSh*4#eLMf<4GpVIT;ejEwKQGN+5Ku+w%&&e?<~3nV$}RK3=i|hJlx}hb1R? z3LDj&C#WonUxB==aF1Dp8(xkhZom*^1>v73IVxcD#CflppqK1`_?`WO_Q$KnSpWNO z4S3EGQKkSc4?b#q5O^!&wd@8A6>%}>Mch1Ra8TF~{~swStnJL@sK~+8ww7wZYH`PD z63*s`uyH7Ztu{ftrMHD9Shr+ogTouE4Dl#d$(17GBa(i?I+&(BQJWASR2fDC7JCT6 zXHN?n7HQOR47Lhq_HVV7JbEFZ7>nSsjOX$$@vbn`Jvd>dc&4ORSVrBWtk;m)HjU35fn`;O(*QdIQh!6y zMaoD%!UQ0mlxfBHkaBQ_+PW-A0Ssy-^s{$(&31vhTCX3>`t zk@KrXP7R1G(Qqe%u~?kr~*VO{+)qwa7>s@WfDsTr1Dc7xx9&0zHz0Vm4)~*v{2 z&MsD8M#@85yCso;@un_kFiTSmBs?o`o|0~tH54G>0Tfgfn-8~S7QrilEAK3Tp-~Ro z9J)PnMB-t6QJ*O*A8m5o40%Jeq1B_KTF0*ek7qmfplz(3kt+;S!Hs|mfNe1ZJ?DsL zC`PQMS!{c@)h))7dWw^iplv6T^2afSS|vaOp4-zMEUwXjVO}J}p(BsLWlJb)v~ad! zrAZNzHr*?wfm(M|4Pf`PQW(FuapBn-cn-kOI9|zK*1{J_f+jRtA}#^mnQ*ZYJ)hd1 zO#^sv;9X*o$4G){C_7*vKzsk}m7HOu2TFq5Hd^psgS{k0A}LH$#!>6qG=RtPKDH{m zoI|k{W(N!%;9v>IvPYoT;XLzYPvsSLpw7X=AVn%CK#KN;uZwZr6NCm4KZ$Aw0SukI zLlUM;B9VCZ%!9|UV87W4xy~?cKZK;RHQUoN(oR_t z9(i($tm=-XnN`fgv({}phXd)VvDg1@*8qq2=NPNKZC)1W+<;+>43q(TgeXY1X7EEr z3vmwHh^Cz#)Z|P~#SK`^L&r6j-f0NHpcgFpy!al08i#A)ZF@;iLv!kQj9K%#9wHx3 z(3Cf_8ILpWwm6tpYeNBsyq9dvuIhYT3)4V5+v`^Irj(oQx+ZH1co>cbJm)+`q# zQiP3$apF&hUtE=PG;rJImh5&thqN#g_|SkMl{EWF{(1y95kTX)Q}5HCCx^+rcG&`W zqfq;dvzD=Ipf6~aaybtT7^dmXo8GEu?scDCe+z3w7&d8~R2=x#RVhaU7%(9QWP3kL zcTA>dNK}??&Bp)?>PtP(`Yq}o8pYK0s27Q=c5 zUDLMLAFewbC`WP0nVP`O1!n_U=*XAS{$RxaT*KSN-}c8xW-X-zz@S*j^B$F;;T_34 z6WUr-^}DmVLY#dN?hL?7f2r=)@Mi;*ZFwGh%$tmJ+&FPgJ*`Li$rLFCFxP5Ah_^9x z7_~?U@&k-@ti_>_g%BfE03R6)a&9HPW4xavA`QJ9)wBJ=d`|=}XU%te2USYFQUHTK z`0Db~L!{xAoG~=*n7)?4-8?%lE-i@QEJ5Haz}V^`m+w1%ZXQY9$c|!?QW9WLpeNJq ztl|kler4vT@rBuBp$Yx*lHwUKmO$VRqYCLlh7wj9fRiH(J?k7w0}PWrS`voI6d587 z-)AJoXMPXN(2l_kMQZ@j6nK|oI*Oe+XQt$ zI5%Hc92iL@aCRNy@V^qs2M3knkh~4qAU4joGYMX+Q5sn0|@JpA|8_+~& zbV#0e>40H^DY<953cBF{#zIoDMcB#gbI%Txe^qK9y@p#oGJ=gNQvwW%@(@bTQ}7V; zCd~$RhNv5~b{<^0!#}{4_A?OrF}}XsCK4Z% z8vflKBi;-E1$IxX5E1|v*t4t^SCl8=7ND`_s|*>&Q~|>|e&O_ z_^|qV(!bA}A6q}{LAdIt2-`F+Y`h7B=k-lo5uh33xozuzs(@h4VD;LJTE?Ty98)3@D4<+x2_g&-a$ zMLypo5+20MdtCs7!ueWrg&QG51fjL#Bo91aTZT$NMD%bAYU@Ls_i9j}TDy$$rKw~l~e-ndZUdln&V^LVj_6e2GH{*5wrx+4dD z#=iPC4X;4T`4OUVfR|0y6)-3a7L-$iG{-H>lO@3zGnBBuCn+w;fFglIDtEjNtXYMJ znm6Ye@3r=s4f{~Gv92>_Jo4zA zG*0Ud7!*#3a+C`NL0Euh3|_74Ny1LV&ua99D*$6DzbOcu4iK1N7>T;5#2RSCeZ5!LV zaM>ilpuB4~t}nQNL7NK@nGN2<&h&j1aFm|E2?m=YYp7K4?(_IRv07j)X31f+MuU zwwLp#Medq`1Vj}uyB|Sn+Q8WdNs2#ME2m=ju)K(4lqEl?)%HXNHP6blbbb{uSE>j9 zGyISuX@W>uhZpU~#(2xts83dHt2qE}?vF?7paN#QMu|ybRY*x4IQxw7KVtGsD4dJ;}7Ha@TPis2)4@rU$K3pnb`l%F-WI&T6 z(=ed|04Mx_+HYz_m%^EpGao$I79l-IG)3*M{wrWCk72iMC7KbE5kT?Ed8w{8+nHjueSY3#g_2~HqxxyPNV0^D7Ml_6^kvT29 zBf-ZF;6PHhsp4H-h}0zId={yI@v9ZPz_A(ASYWIJG@IyNgOwg%JW?!Lg`hr9dX8TG zRKWC7)6zn0(IAi`R5*v6)&PgJb(?toQV4P2=XSG{3pot>fSkx^< zg@A_N=(+5B>ZV&P<=jF$@KBSAJ-bxEWLNR74%jNNO^YHDTr_H&Ia}bIKg`sUd%;KV zg9)t=jR}wTAW{J{h?;kGLZ&T1gWE=KA@xHGoRSIs_K|d6qA~`}oK^vo__Q3=$tFyO zGj4=(3m(y&ad5ebB4v*p^A(AWu?=H8Hkeev45sRB9r0xaH2kcQgx(Qj0L4|FUkOp4 zgl=EQI~hs1@ZWpr%Z>_|geMkI6{|F$i4KQeHMCPY;2FbTjk8wD3VT_@&_B47Y6Z-y zS8JI6PJk4^;fpz>a24III{Y0XVHEjw;0#NVqZ&TBlr~&-E60Tr{r~_0%1J~)RA5|c z%T|fhfB3SgU4~QqyrM$B)vTTd!tAN%qVJK+9@8oPj7%j zq~}=D0*JE@?kZ$p^9pt-*g#WP7CanCmNeRxc?FF3706$YYiL#*JO)Y-0L1D8Z}b-z z{N1xT$a9z{@as;JV4#djFG2#TsBCgBomRlO)HY}(UN#u)A2MjK<#m=VtC(e~6)+ZU zja!!JPEv*QBgf4q2?k#xFh`dPn9(1Bc>qKs0vf!bBYB|B0~x47F<@c76)*!m^$gwM z1>LSVIC-w46a|(FnDuzYuF(Mw$%ocOiUUgp%(}cVcBTbq|^Ml%!a&RKQH>HS&+O1rC34`Yc%>9w+j$SgD8pVjoTTzyM1ZJmDQA zGzc#NZb8MTZm)nzc*+y5$~KMd8UV_|a&OQLaXL6to@%HwTG0xa(Nted$2fZ8!a};j z_P56XqdQ5`nVjBl=AoAevydP(gi<=+pHT;|C&UZDT1Mo#pTK*qM1CkVu7}RfJJTSm=*O0n+RD8}92?B!PSQv1i49i(A!XM*Z>z;0P zPGzM%g)`lQ#&l~gYgic+?VUs^;*7XdLWVU!f>>1s8Uq)K;eT{EWO&tM|L=PX7uUZL z@8w&XG;Yh$I}2Zj!wkVM1Oco-v;cp4;5#D*2n5W^00q-q1WQO@pur$-L_t6V)Pw*G zilBpPLQI=Obw45ep&{S!>bDEufIzT_Rc4zO?5BS|y&cQ__7egDz4`jB7{v?*Bbt9n zgnxQ2DFONM>{D*iHz*Xm#*F^5)f(?f@BhP!u+a@_hW;5c7gtQPi?$CiPn5lGY;}P{ zejthJ_OV$p3mOzv3^Ft-k3-noJ6l~OAjs2@aZ$8&wt{fMG8b%@e8e=%eV9|Jnk5J( z5S_%tw*rl)b=ESX*fqY+$dgM}LlJ3cS8VDxyq%u2 zly)U#scyk#xHiqWML4cJhRYqE_9W^@YXId{XdRc zs@30;2hV9f1Tna?ajQi`!C21Lc3oyTtucY@vKXNYm{%^V1yRwNXKt{`<*mH%^YNiP zrkxKlJ&HN9VNbRJY(vkZu^`>B#9IjHD&-y7_a0pCx-&3hHk32+d`}wYI$N@-JhfLC$cY6Zde-~A!p>!j|o5}s;if)xje{hMpr#?72Pp4Ko2<#>5BaFR!} zA+xangJq_mfvRlnJ(Pck>vO##N+~IJu6d60<{=y)bdI64n#|$OeYcDlF{b^P%yvZd zJ8Gda{09*(<+~g5jnpY6sq)8Lkb6dxFF!pP+$}TF=J>(^&tvC{0Bl>S6S6D&>SWhH zjRxn2_IGh^@~~An5c%`Q5M!lJuTz)^L`o%cLrSn7Nyp_wz#=16zRV3WdsRhXwcWBw zq_J)KUXN$`AEk|^_^wci))i{XLINAk8Jq9+8NoJqpuX#f7!&o)Qjt@*)=2I}=r+02 zEn4aL(5F5I_~lhq4k-h^I++G3B)f|$^FvTw#(!N@(#XRL+#)1(T}>Kf=KV^#w7T&Z z`#1e^Pty?M_7q9Kv2&EJ+wDxX(v=o~LQ5Q_Rwdk&%wUsVt1(kL-}>wbQ5IopeyZW} z(OhAXTpTO`H7sheu_+IVGLxpqGUUqgD35=o1umLrd~r|5=mgg(_$_LrwfN|ez{VOE z@e=?95T4;HcJ7U4dk0@TafwVlw3U%%&UgSaUw<-gXzuOGtI{Y~hg%=y(v|gF=@-@l zkfi?fBuM7mg;RiUTB_~W5pV31qyC1K_*+m&zqZP5ev|L8|A*~zPtbr8UK=2FcT!m@qhAo2P3Yypc8CE>7tiQ+aXLCf3BM*<&;A@lw{cxl&#cYX-^9J z@Vk!)YKBKXqHCO={1g1v`n{n_bu#@25O4||4cF6Dwti&3zma5PwaI72)EI_ySWYtl z=D+~rp*i7I$Vv~VTTi}lpT~Z?QxOf@Sq5zb19pP}*MK*5AM5%)%|AKsKv>0C&|DrJ zt_fXH2dhMDYKw5|R4FzRnXN@A0|fSK|_FOo_XZgwxMV4ui`sBLb49saQVms_N*l#`F z`)RAZ1QP7+dhn9isIkyW_DsBP*TFfo{mEsr^&K}yJL@m7vw*+1I~>21k{xq|Df5H& zS(T`#%^u6Zj~xf#hJmPDP{cj>%EM5y^F8JE3@b@*S|NSzA=7Q5jg^4me(?ELnyIwK zGgpfsS&k@q@-VF$fg4FtpSl1jw+TRDEKhylne8~l0=k*ex&5Iq3mU)l zmr2C=T*5|SGa$+G82*C@&nn$mAt1CN4rkX$$=lL9b8P&FW_jrz*45fKmc#zyw!cf$ z(_w)uudNTA5)A5YFM9ZXyd#{Lq`U{E3akr2dlt6QrpQyj=cJ~PQwG1Oh_frvWUAfw zLDgL;X{VWuQhxqDZ9IEhRm5{UeLTVi$r`-~$4kx&37t-~nj%M}gB*n`@aMOe$mX$7 zCb}C$3ixh=?$)J&b*~yQHW{6N7M>OAW4&=(5{GP*-LodAdSMuIZF>f()N-M{8ISdh zpa6{r5=*B(&m>D3cj>IRx$>$TC`b=;1FuX%jy@UPUswawNzt_G0?Kswzt^D+R*hhU z9vmN!x5YTNWG-f;+$IybTZBANk6d=t+0c*=8^fji0-X5EcncAm510t7TC#xH+)*QcACYrqMuU5{S&Xz! z3?n3)U{2X!1)Qt@qQ6L5n5tBmwVkQ4y~I{+NBQR4_bZ|aE{bQ?YLFjb8;dEA^2N{I z!jAC=yHp}L#3DU%I6a~v?d_sLSpIh}vvp4GKI%Mqu_wIEF8c53-Jo1~!JM0O29lM%>+}uVY+q3BwUEQxIYs3j;$ui4QE!V80{Aaj1O|p}yrNc(T zeN(lPTd2&onuJ7x;#4zEa)GvN+&!%M(t^H!85a_z*H zZ-zS(8gRasDhFxFB>yqw6OMKh)pIxymo$}eQN|G~Cl z;q==g+fCnj$o_c)@qUM-*6|*YScnWvStQ>shs1H!)k;`sXieiPJAxm0+-L=9eU)DA z#lGC07(voxG!f&vQAYKzq=8D_adEIw?({3K%0+#tWc_y@(YNRJ;t&7qISZoxK{cy9 zoz$!3l{{vpL7Z5Ek73gT6-@)$KhKHaY6q^p&H`!v=;uHG4&Q;!7Uo-be;VL)8w@e; z#+k!yKct0GNs@A;?r1W z-k){ve|F;-^lLytGq07F*$XF%y&y=mn8XCc`n;(Np?@kOV;8k@q`f&=VjvUGk9IMx z_lgrRG7l!TLuU^=pPpc$fME255Z~~ukmXkq%uZCKJj?pDl9$ z*FB|-9Np!wrjKBwi6-UY!ja~;QO1%Y6v@<=bYOJeOK(1cs^xMoz%T@_L?bLO`p*Ar zgFMevysNm}*7Mdu6z{aOD3*oK9-~6JeSQt+W2hR_`B$7 z@n3jWGt~3S&-IxS^}cW+UQ?^CMXm0`db#ZR2p1~IG#A> z#%!ak+FQ-8o<8YDl^HHjT9V`}kJi3dI;260D11O~u9i^C+5y5OVLeNLyEbb+DMBd# zYD*pEnoihTe4eM`K9caGH;r$JaU~OE3}Ccd48paX!WtxJY%t3@ghaR8H`;^-IM0GX zXR65@vLMk@9u;S8wX9xH`>ua|3O+JohWWzxpls<>*||$?K3HJbJLu~|GPKVFL!j9L zz0#1^xyNR*3*$<^@B6s?IG@boTy%XJI*+@$0l(Ld=sBy3ahKK}^9Wf2v~GYfwa*uP z))Mx*6aHHG;FWPz08d6`W#Kl&>P}*$5VL|N@F3MV&50SOnG5!;_*d{+tal2AA5W9Q zzgF71R@--Vc4t7DQ@20(E!B{-@(0NVIde{%Uq8<*u3lD9M(LMw#je4B9gGr0KqFY) zK%4Tx$$`BSys|HCt24R3r88yAs%hM|vA2-X{8cHCMJ#@U+MOGff%O!J*{9%D?ZucsJd_*s@qBe6-rlN8OA`0KnE- z7Ra{d4v2_WzvXdV_tExkj8weeWZho^8B5g0U#NLGXIfB6Jj9C$ADL_rq0+=6C4}yP zf9y&))!ZRG#?^<@$&8DkE&W3Dd}XnRLb?b}&q4VYgz`QmdTO@{k`puA9x4iOJ!G}CW?mv`bK67<=AWYW51TFndKE$$k|Xc7{_$!z7KH6lN%OzUT& zc@}q6Ce0K!CWO?ysYre0!2sWXJ0l+(e5`=w6J3};GPC>Lbl7dL*;B6H(iQJ#`#RD4 z;fAItC|L67vZ0es{5H44Xi3v=H3mP$Svt4&W9KN8NH5`^qY7?*U107quf6FHci*Cm z@Tx-k4B$Tdk>AaBIHAnndk~0C_}N4q7l7ismR+jH{e`YrC3~X}25h!C|L2ST)Ij!V zm=Mdzh{+|NVjma79}@CdzGVPiG^@=_nm{6%;qp8dE%lB~m)vdXnL|Q=M(@mS*pL)G zANm81+poDsUN5BCgDH;r&BK!WWz0j{_Qm;r^j`!N52w+yS_5f$?R)fIp(P%}{R68m z*QSu+;QUKp(xQ{Hi$5OADFxdf4cBd86~YodGeEJNTK}=LNAw9xjvf~waj-pwtzEz= zwM5w~800IkEwv= zNi2KSysIht$yjAqnp&Uk=!NY2*ETF44~zFP;eTIYAcBXQ`jrNiMT%{P^sqcvGnTy^ z>$DUd!A6qa8WFF?aS(pB_}zJeGSO*=@e5 z_B$iyAyhdgv%S)aNy-{DjX7ts8r%yz%@Tb5mJkh#31~y1Hx;6 zYc6N?JGsz)_$D*|aIICX=NWdNl3z`Qk)1T-vQJw_`T~&{e;v~(?{9Psb)5L5nbUr& zJkIL?@;;@OCMYf?esT$9s17HZpgczi9rl-_xj|nS+f!GtyfE*d^lTlXx>5;0xkw9`+1WdDF{6+iH^A|bp79)o~mvQ^&*K$vP9ein1*A3yU=}7!i6vOk~wd>l($R+(| zz2sXvFye?&CK_`t?n^E`jNT34dlK+%C&yKy#rsbCLi@vGr*htKcdA9?zRBXkbs995)W%Ht{LF#(FaXYU^rU#Fe*^6nLOcKL4!$ z%xs5H1}kfb=*v1J>8mn}OCJi2y+gGZX>1?b8!6pa$<1erq(7@7R);e|X+-%HaJ*Tx zX7iZ6Hk>7%f=@PPuETY8YBYGGKhoabHU3e`ta2%Cs}jC*GYO&|9jC3HLnD!PBf(G} z4(gmRxQwZR+HWk+<>QCTbC}N?d;Im{oBQcFi0jSl=6n-XOkdPbh86UMmlI9 zijo#lIHF2jGWIVku0wLvk|3oF_2VjN@ba%t!p+5r7BIiJhx1zd$5yxxQR9m27yKq0 zivLD+KzN7rjU***_(KVt`1n8(TiA|f_A7YXa$LH-(|epKzB_@BFH)Bd!!PEgjrjBD z-Blgmy@|+6#a#-!N3owKYams2IRL{t=H)p{Kz$MmnxZFgAeQiNjOKRqrucvZJ{7fd zu%=oE#X5=2xqLha1%;leA6tS2F0Hg@>~H|b^3s1wWOn`t8qHao%g=H^6;YFDVyuy`uR2Mh2G#3ny5;LG!}&H*)8ntIVOVSU6Y_Mbau1p^&8(zfv3q}R(1Uy8p%gUV zil~>QQ5)KSy9X1OX~bgnC|)Ef@p;gs6g`~!&L7!f1v!>|41g|@(R9A5!W1o7aQMH{ z!89KuM(J?6X?K?howf*T*GpV4(=mL?xF2=mw*owNweSrCKa9kqsEj_W{ZkFWh~XvV zL1{?!K4ZqCiVy!UK8lqv9}i=I6a%EzSRCuUrI~nz!@N_p_>VMDq7xmTDa4@Qk+dWP z$pTZSWwGJG*l|+uCAJs|s*f*Fp*|BZ#(DZK94PHyZ@~GO_j!|YCD%KS4ol1x=gC1} zFG_Q+g4&=f|1(v`$59C0~N|EyE!XHM;ORk}qrw5pZ)$MPD}Qz^K#!aS-u+cBM);%B{FPpy}F zoK@*N!JN;cXi4tsh2CDZ=$Q+fF@L}as0elsu*BZWsO2q8=m6bj2uakC5O|3Dp*%T- zBI1H?lVpqc*TFb<)1#)yi%RNT^{{v{)~x1u8Y=?*WMzssr$)-v(f@nHsK*(WjvMrG zwx%enY}cyPtVSq_E5Ywjo&+f*cWDB=$6oc=W&~+(`?vx5!FL_5@9{#RI6)OOc4VLb zXDvZoWd;av$-;G)@RBkv_IdhBIi=ppC+Zu7O)oxku(OS+r&z>xGLjO8$A%MKQ1kGeiyXx(lwp`JyR?5dFCErtAI&(UJy`WUp4 zHG#HjjtaT`ZYUl-vG*~`9|l44!ye{PfLt%u{z&@Oy@0OowSi@>SO^VAvn~NIi{&E= zHf^^oIXUb#>0>ksLFJ9i=1 z`uMd~K528Ss~4p48^$RY?DLJ3OcH{#B;t8%m<&^Ay?a56XZ!ALtv+x7PTd}H zDx?sFdTUnWq0`FOm)q#s1@vSkW=$qM>(U$*rr-#E|28KN0kwdb!N0xZd|v8gG`peb z??W0^A7*8i=wxKax_BC8|GBQ>Q^S*Rb#a`kvuw~>ml1v5D~8lJZx+=gz&wpDHbr9#tL7FCvXJ zvM!%{*%MySwB^SCsl`GO2Eioy2NF^!+RUf>2#wW4GYoPI?YW;e{1av}^+Dk!o zKYiYSF&o;0*>6HgKBHXS+zGjzu_Bl@HD?ff9SbOhLu3pPcze*R$c%${{d!oYn_NE+ z&#RwP!?nQ(zidG*8I$c+Po_;s2xo}0hdDM+&i%;z>CS?rm49qNaRBeBuru)~sMh*< za-Mcy+l&Zugi`UvRL7tz2=sk?Dx$lwHNBd-wD9`MR!A`H3uGFq&B_GnsMk#}3mapqodcihLeTHxd(m2hV zmF8D)Vu#W}x53mol8t}{dqVTUM8&*~$Cy>6*)W;1L<@M-R})42;VFKqNluc5Xg)+X zd6mWH>*1_aIJxOF#NAHeD4*%SA^4n}(2?PSW~v|qL9V(QO;t6=I+5MpDVjy~aFa||rSn$ap)Sqv9L3Qb<=)fXoj;`I zv8q&mTGi&Ja|OoY34t>Seks}@sm<&i|0^xIr)@X?h5V15j?Q_W9lIwO$B0iQJt(cw zu0vt{$gN^oEhMX*wqY0PJjDJSr|L#V_BD67Pr<*_C)9cLKd6)E_+{L8olID7A3t%N zWT95Jr#OKdaF8@NW1;wZ^SfAzPji{Ent-~q1ETsgI?$HSzk=Q(`5)%}SLyjdL%RDs z`{*>N0ST%KwPd$){aZq<=$n1*!42<8rxttu@qGY&kfS(1lK9n3yk<0Ue{(}P**gL> zZo^Rrd#>6;raPfEOXN*ymTgxXnhZbcMTYp$a|Nm(ljsG=f^9dG5k< z-43&cCmgq`5_~RI+!U6p(p3fm3|tHm)XU`I<=nemqZW9`O>8goyoPy%^8z~L1^-ql zg0&G6*fN^#gWa4RL;Jv-{UU{0`u9;Q3ruxAYJC`XZfPXCO_^x?A4=v4*NT~XQBXLV zqMi88__J>n%Br+U$KM^`ayZ^;vS8)U9EIhi(etyT0KYYe*wk}_Rymm63 z`o08be@xRVZxbzeJ{~dFhWVUpqgW{~=?73}rvkMwCby&dL{`QF?zjfq{g z?0_4=(A?Y!Zq1&A0^kf6+RQA=*3V0(t~$OI4Zm|MukpUglR@lX9+CD?gR(itL*N-DBW9=6}`X|b#Y$chhQ zs8@e_dUpT@9-i~~G@7gg>5i(w`0L zb)5@4Pg%gsqXO7np-npJ*nZ}Etw?_QMyYY=pgfidKh-WKK6l5Ot}&E zYls_r006z~KQ2H9vX%Fs`M&>`HZGI4Uu96ei8{=RMyVr4!xRTLTVP!z`ka?UQF_m! zY@oWZq`7EEaAA>=EVBNU>1Uqm@*Z5O$u!y2Oka81uNxe@T6Thb2QnJcL?jg)asuP_ zQ^=h*2^reO6L<_2@RCO`IQC^+fj{oZeU;;+Udi^L2CbcpZ4__G%NphajfP*Y=2(z< z2ua0Ir0!GQt)l^)pj6+>`XLb=m?8N}Zi{Wdqu}Gngt$-LZr1dv} zKo4xbu{`YoFesfg0Pn}Uz3<)TR8J+sD=>&l*t$PR2Z$yLzN30GUbRPL_Lh&>%##X| z%fKG6v>B8x(bWxBcdzf7NNs(wYR3?AmU2EF4DjjeUL+pD2JK7x$IWSrgxmA&ylNyd z>ze;)Whcl^fbU|;3Cci2gRj+CC5=#Q*t3M3n~UOfeX`tcs)j+canT6Reh`k|#MLb1 zk3EAi#wpOE$7DHEvLHb~jZi=ip~<*#SwxCaI<&k&c9PZ~Lmn0~X$a>7Mir|a5V3v@ zis+Bi`AX6^D-HR&jP!E`9;f4GYc&L`Id{20vYq+C9^`Mvu`iqleG%%7V%9fh*~kMf zVV8CauP$PjGBhBm;8EADHtGEvLfdO1q|WKlyjU@e7OTJ%4R6IbdyEb;7TU!JIbnD^ z&@?NiCMcMzWS(f^jqUVhUAcocBrfhSJE<|7CK62^AcE{ok6dT?fr3CkG1$0@ zpkopLl+?R_XtUmNufEDdS1iCOO^9a7nB2C?&?mZxZB*Gd8Osx0L;#KLPc!oqU8GX5 zGFL18i7v7V%2!!W`;RWN*&O!qGyI89K@tOxw55Ndi=?fyd-h>J(M6ObaCrZ}RdgpF YAVU^07hq)aMDhX1N-4dogc~9L7l-Rzb^rhX diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/qq.png deleted file mode 100644 index ad0b28104f4f0233ce203879fa494ac7303177dc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6144 zcmXw7byyQn*WbpNBZfmdgbAZW>6V(blprY~4bmwMgOQTb4blhZ4j1I8cYr1zKM!Nf`!av5H(D8 z2w^i{?F2=3jb>aHZjv#whb*!`2gS}ujMaYbVd zv38Wlmt(5%DUr7_x2dkIq@X63w~3~pSt<q@vMY04dyn`c*mIlc# z1=iZd`)1rt&|L|hMl4z2b_eG(bnX`YxPd27&D_j(NJxe(yjk11eBEapdmkimySC4w zcu`I`t@>rakSJwMa65-OrXxXlG?SnBm<{l`BnT~F%|UHyHdc94IlC`ok=-rX+jZN4 z^C@_;{s>JV1Af1u$`s_IV_26cm8!~wv?YJ0`nE3N6eXZ`;VW#&ch}DM%uJ6#X&N!X zzfPZIHcFN0x>ZdYh97Hf&C>VMLDEQKO5?vMtjRhBNxy{Ey|d#y^%SJKdfIv1C&jM| z@dzP_4&Nsd5w3xe>52n=X}$4{C`X4EzlP}*N7L!T2}9$M<$#k)i`_%wTEn>(-j@+5 z-SuqP%|7ahVG^l8_kNYhEaLcdj$TIZO~xBM*OK`0woVZLmE#NU(sky(HT?dwOP(xk$MnI7_Y_L6Pl(J8(=D;D z%Ve#dzn@+}wAIrvPP2(hOX#f%yraorAiZEfHrF)q52Vci_7~W07*?lwG*?w;Mt5c% zF!gh9C#t;S^FJ`pOj^;t>1TwaT*-gO&i|IXleaw`qMFN%+7JhgFn_F62)&L~mx zTVzHEI70Y|n;_FO##vnjr{pFb+0+l>ku*UO-f}j(yDEK8-MC>wp$9XeF)l2j@c0Ew zVpfh7#g7A#8Y5QkdVrU9!X$Ww+h| z{*W>4ss6AHni_i(*EfjphD;sx*@yjPjf6Gf;)XQLU@NsEmzwB}4xdyM#rc7&tS^||7xv2VEhqt9n|sREScbq?yo z`0$wp#J?pUJCGk`24c7U3;l-=x~Ph-gz$vOu8Ko$lmj{2{ye^N6BTV4vN*;`LHaam z>HLdeOwekdi*_XIP((>@!<8yGxzOS0iHSA;a0PLs+#fR%oAsl&dos63F{Pdc8PE&t z_9*HOLjG?~K#(gmf{hs>Sn~ra!A~w`^iVTVDMLb;%c(j_u{o6yY zQ38~&Ke;JBCtW{66(K$xzSY<0ycE(hVrnB*NFqS^R$L%4`dtJTO}C1uGCd(@qrJQm zf%&pI0-@Tu4Elu8&J89-S+CWG*;t*WvkZGXXZU;hFEF<5(3l{CNO=Oy*5?6iVxbuA zz}mt?CS<40rbYoR(;vF9cot^hWmgr~#7(|X{FoIJ(r`Mf@^L4*BwHTXFQJNyg37pk z5~9X1%Lc;UVkpAR0)SC2b~8pqltG1en@~-8=|rf%`QaLHX5io*JA(^NcM#{Ndrc_a zsOAiGr&1)BkEm8pRHyr6ZPIq4`nM3Z?7IDj)@~P7hqS}chg24q*lbNx#2aNx7@Kb; z4Lhz%tym{`i7CK{iZTcH^*+#~idlBP zd8uSo8PA#11F2^LyO)aFe&lAOvgjolh!1!d!>A-S>;;fTu!&TSn1B?69^FYb+Hlcx zD~@$eHUtdc&+pu6oYbK|k1Q@A6vVJ8i9zF_8jeR{XqV7|JuUMcg|ATxq|cM}u*(Yl z!7xKEq6iGSN1KlHIeeTO55!R={(6*d4v*1U+S|%z_~b`9I!YhT*q_2$*RkhGZ$)w{ zs4jsSR(jLtE^=1%YWsySmE3srFf5Y#6XImrqyKkf)SHx41ywYQ0G=?UM8#Ktil3GQ zx1mHH>n5#%9ZIT(eE&XBuRV+uj#>WDGE3Vs;rGNa@&QXERVhPRE>Nn(XOWNBLtVb# zry)Y<+R?TyoO7?%X)BrM9Kro25LNE$tUc{Zg8VI|R{KKrr9qPJhYv(tZ@OueG6f*U zZ_l@kTUI#fs%W={p&HRf_LP?7DHA4{0-GjbcqLBS$evTpx}?4CfG@IcFA=H;OxnJ! zoh9ok-D_i=sUD5a0q3A9D4x_3K29$MdK|(5f>)uSAm6OEyZxK9R`f{2HfqIZbj6~& ziU(jQhj0leh7Kh7hg;)&EzOt&3XIUjaD(@(HDumPIfz>2p^j#`>7QVt?i`aT$|tu6 z5{bvyk&hFn>4Tb;A5n$_YQ^vbL6kblGU9pPM*#~k?BO@M#2%_^2jh0o4`V9*OfO{? z=BYl3unDP$3cSTuR-b`u@4El{fk<$hm;+p>+Z}8!?&FhLq)+S$_YVx5j7GPfD79Xg zF)A)^vM+w5@3S*VxBwLcfKdX7(K#4LUnmo-WtzKq5-!sx3!}x{2dp? z56SM{+qyYmLiX4ZJP%BVe`2=G}X+Uz)RQ+hl%F|BsFW zCdJWAy6}@BbF%b9WSANW95NQaxFyP=4VyN;$CWm|XF9#|$?3IF0rGJInsrGn&=LNg z;N497@$UsvUY^0FzJzQiyP)=PFB>(j>@SPCaREkHtAqHUegRKP>>*R}N5KHHcSCt( zMV_j0l!(dRaF*_wxCUuK)knX0x0U#9$Ui|37@ue}e^ZjsCNE|vQvpih$WTI2$aP{M zBotf82x={1y!iKK&oE@?L9obVo1lE$hXYA6k$?gklGQ%(Pp|tXU3ylwu92DYStQCJ59)| zcGOI`K_bm7`C77x89TT?{!xE{x~3=`G3i1q6VkTCgN3F1VwK9H*_v}D8uds)7lFlG z7bUyqcC8(j6J-BFM$)^+6rcG}=_S4bD{}U;5 z8n999m{ZM&oRQ088xX4|PT5xnePLVwMN8PdF4{_9QyT0>*;BP5sW6ZEvl?7#s_Q+I z8AOgH13+lz^9W^%d@FSREgi+~h?=2=w{U=!E>z6?XFVu^K`T ze77fr*BgJ*M$RVQPoiH}HZKJg_)=-59Q>9K;}Esw93$MF*x~sS38w%>)MV@A^ENL9 zX`WK53)jdEUqJe%?5i5IK%^6*?Ksw1CpcEPHjk4e0wbRu$^0fCRf_7J`o>)q1nlWz zq3xK*&G17)A$OK32G4-ZJC+_odN` z(nJWN=3Brxl~rl4=_@`F~(XZ#7I(RgcW0`^9 zOvaoy$SYjO-{##Q@VVvzVL1WP`gJH}fQFMQ_;A6F)8lgneU6Sf@xgMG)yI)3q{Whq zov-J@S|Z1f5CE$aIfO<-rmIL6^R>33C(Eo30QpOU?^iSVH0L?n9eyw#VExfwhogtz zbZO2eE`{XoBGnJlpMg5G-)Wp<6p(u zv*I=!ZNa>zHN9AQKcyvq0@xu5k>ONxNNF|9_!$fhE7*fN3w-DG)z4)gjiG*DQ- z>dCUVn~4rLKt`YfPQ^5sTnabtCI38iRGM733Aus_5WJLR?)2~5Jf!bO)iNlkpsjd6 zbi{>j+uBT#zzKoGGKa)E-lW#>8>)8=r7$tBw8V+HDI1Vtb-4>);oGLaMdO+i9V^}s z8Ekry{!W5|Z}`;tN#(2hctPi+d-Kwb?VEyiYyp%i5*SktVqPZ-o(F3xiO0qA4D3iS zv?7}U|6&S9YM&fi{ggA`nWC}51hl$TzLVREdk2O=XlD^r_9?x*XUBd6?-Oi)m=H7GGuEPu1cY@x zncRFBx<&pO>V>f#quf zReM(gQN+t*_TolPU6plQDOwr2tWcCo7SK`m3NfC;`>%EIK@wF^e$fE9jEA!wi-ZA= z*#Q@Ri+<-VWt}365%E4{@M*-3shV|fm41O$O|^xjngl2m@oj0a;?0`*l$u*?xt0W` z^k{1|=0r}Bhyzd1S`TTO%C?jGwWr2DrhW}%VLvD!vh3uyc}hpX1e&6sHctwT=h&A+ zVrT}h@ks!6k-`PH?jSh>Fmv==q~uKxZ2I$GT-wy1#5sV5oAL)C6$hy4^W9y;a08}F zRNE2%zVVlNe&C|;KVawwj@b@>$jP!T_BD**>rdh6J)Y$lBV_oN4Xf6wp$j%&O|i#S>}>^+yPfjFF=MREyD^@KdDLJy#dXred#VT%d$xIpd=@F4&%yQKDr;HXy=QH{z+E~{YK4J7o zTcc3qI%}?3%^00Ih&-sJvU=6!YVVd30y0HDx?qpJ4Bj%O<%({G1B>~yvk9SM?Zs$v z-4Mt+QO-XdE09>B^9!z=E-HD%b-TA^0u2g?S>h-Y&j#pQ-JsUWJ8@3^Jlk>+X1Fo^ zep*SRX};ReGO4de3RHV`CiT_)$mH;?M(|l~@9Dyo`~-r`bGE{{S0;p(wtQY}FA@`Q zG+QfLLGE-P7#LkevDS3!zX;CcTn%)?3a*lr!M_46Z^UpvEzO%)D5xQ6L2>XNgPu5UDr!OsPA&j%meEG8a}_HA%EQv(EwhM*(GK}2%g zySv{pZx8|)3F3j=bk_;CT?WQe;>{W6N@`^7zQfSx62X4lb{h1U z4J10;uTpy|hQ9eSGt+-Ar>)Jc8BO`^IBGoTqlH*~2P3=O+RbHzj%aLEHFiN|63Jw& zBl~1;*J$hehkeeLADr(=W{0!3nZX@6993s?!|AA2?W6S@8ntasET7Kr2^K!x){@md zHf806TEi<^nk<7e!ju53`wF#T(KhQT#aQzvb#Qy2Oe6tPBpS+oXI(4)a4T}Pe=&f; zUq+i7BQaom7M*JSva_=6MW^j~l34irAX$cqioSDD0a{zUmL>Go*89$2 z9i1gSPiU_=t-cY)nMZvz^Fj8MLcff~-n`L!&D;ynQmao#!%16v;NSDqLgOd?PAr1K zEbC2${?dsT-QatcOO_bvSt%b3_ye{wC zZA|1-y$*<+Mwn3j+W8Tepq2gLrr0OqsY^FG`-Z~rW{3{pH+$%BZYmZ7hjT+Bvv#@f z{wzsEETO*7hj`ctP^xcm2MS@??KREh4q*JyhjR()8j1}{b3bi1*{Xb7UIP2Wch>R(l_HPlMLdow2>3wOlMbjHJYZ z#nvKi-C4h<}cq@<*Tlnk8%(lInhC?Pp?hk(*x&f)vYojB^oLV=+tt0 zI6yn++qcS#$|KGw;dJ>n=@4DN*?-@}!oD3}*Iet)J}cid!I>t;!He)B2jMYBhC^(E z0mP7Re}#c=xY)`dF~)b^nprMr58)-iLsUcKfgShzCLIqiKHZ2A~ zZ|rP(?|Mr?{oKz!iXe_f-=JeUl z@k#tsMzt{_400=d20h23gO4S* zaHzWCD^D6*A4!8?Dk;*OwRx3qD8}#)>{~*JH)I<=ax_g3hFxNS%J~o?6J1-SVGUE% z>(YFZ?(#y-uMhVMz*BH-dkjhcxT!GA^6TcC*Z$Gq%`dCg@(gTxIJ$TupNl@1e(wk- zFpZ}gA6dG1{WjgUKN@WAYt`V5b@X=>s71aRPIcjmnE0UBIbOe*l{PL*KALu$FVyx0;c(ejhubud)HWgQ zx9+=KBP5xho&PW(SoPlGi-#R-s3&^L{}cOJE;8>!Q7Yxn-o7eHw!ug5y@$=RPqft; znx7W?G$vObPBl&o?ht*WnCFlE<=xhS$0vdWAM#Su9-2|7X+V7(j2{44<#76tM`JOi zj8Jl>k3CcHfZj(9CV=PIme0X+xciE=_^z9~@_rPtaebT!O7b}sM7rk!^Or(rdW+3r zzObltBPVx?)iexn+E!)lYl)MHfszh~aQG^Aulm?FxNtCS-0T76O~XW08~*jHx=c>{ zzP5!3<(53~Jnw=nAgt;nf+uxfUL`c;X*!c%Bf(Ugqx2h&6pjV1QLuaBn@2#{#9ymL zq_wBEh4dVw6?Fv zkzoFgE$!y-VUNOdx!-MjK!CcfSvhB@uXB^5m+|~&+*c1f;Ze?!;!OO>IrI`I4jxji zzEm?Y_`;GP>Gbf`d7X49$8+6xQ9p)CO7O)z_DVGR#R35IyoV9|_Zi|JK^wJ?`J|V* z^5tQ$jg5a469W8xuSTR>)Mx^_X){e7o^eRU4cp`0>k-Yc0C-+|R6&b{_@9c6=_ZWp97yD(oLt?jB*JqzDQ za~&F6utvV3-cFJl{**tw0%xKib17mdRElCF)U%E~TW2}6 z2#Wu_!H3<{T4{`fy=8y(muR$TxkTrQ?d)*QoXzA+x)Sst? ze>}D>GM2m!qUAXxvcT`AOdu93ec0Xt%#=NY^vBn4aqXbB`+3&ON$VtgNFCe@-O&Wk z#?{wU&?F9M(U}P7LXy))@pv=>&BfJLbx5~G0_}C zo%|;GPc*&5AnFP_<2FSZ)g>UHq*(FD;a3IzzE!+FnVy2pFqv9u0H4QfEUh);ax z0532N7vEW)mXog@_;PF}B>J6ihdiUJ*>J z5W>hm;a$SD1685FQ_aqFwYDVpOuZ%!k@}&Jtvb(z^>)@D2 zD(a)@RD9)SWGI{pPY>&9&z+9)etDzKg?~!dkSM#sMyb9P%c{}BT%44pOL}!{SvEKu znjrVs#Tk~d!f?xB&^-lm0PS z56rj_zziN7Q-ucP9#_D5p%+lpaxZalm1Vhp*2`e2)|GoA1|P3;wvovj7l#D#r)+}U z*^{jw^jP}_sqqzWaG~6;(a>B4lHnc>JcTb7%?uDK&3BERvs%n{6H5S(zLE8rx=Whj`Rvb1yN<@p7aKbpaI@+Uh3kYfBmB;4*#G5u!| zQ)d{QH}=NFGQ8f$+MN9A355V;BUjF<6s>tNNEhuZE=UYz)nuUn>j_Q$Rwy} zBj_B-c6UboXwTqG4KQT{!^ai|i_TsnRp|s3bp#{6ljxqyO1TiBRBrGiWkj2> zU`8F*nbpC9<6*ybux_HLxa#D&TGE67wZ+4`?kx6dij;CGFSi50-&^2)Kjj&B5k ziNiLt-@wO!4%3boZ{J-lNVQ5I(p9Odf|mEk?2lWj<{w3ak5!-#RyF)y2SW4v?*qdy zM((zq$Sb-~;^JPcx;rHd#KTTg7;i|TOzUu211)uER(jh7fvb!x<{0oqbcwrxH}{Bs zusf}meh+1eCV>p8b(qRi#trRd&5cS~77_YJ@j%0zQ-{*7$Tokm#@i9Qp1%T$%6DV7 z$Cpcefy?UZC#Z#hS8g#JBRZ~S!qO=9H*FJ|0i;(4=dUQVqiWekE|({)r5V}I40)fo z{cUYI9?X@gBatTkN?uwQ{Dh{nmYZK>rh$yeH&EcUcif~HfWDXCrKM#C-%(E8$1=HO z{@!e&0hA2hL$=fl66|#+Ta}vQi4Xq$j$|8Y^_mK3*X_)v*fxs63mrOzUt1lU;;gqGu>*j}*aXlIVkFE|(il6=lCq#qKBaVea zDA|<4elbp`f>_zI37V%lq#)P)))1(iiCv2qozudD5$kLQlny>~T){Zb>X!%6e!Q91mAO^I0oRgQRblD>KQl-QWxIr?kv`vpF>J9Ck&h4h;2`X*_ zuLx4Z!P~u95%a!FKr}bg4H7)cX*>)XFrTLy+pE6LU5N_O_#AC_{8x)(Mr=gUnatv} z989{uKN2=D8rs%l5zk2s>4q5>`LM)>opT?&7)uKheR>1e6M%mQ4}PIctu37QHegbe z|5v)ILLuM*+^7k<=4Vxe3Q$v!&kc{lt^|u&62aFj6Z}%Gha}&rH0a^}$4DhJ%gKV% z+O_ARYmtG%aH=sEze9Q!<$oM#WhR*&{>9rUTKzfDfQ;um6vZ0VF<~K>$52Cv!YbfD zBBud3zF>Oq_hsYIcv+?u<46GjTjv^J@}{@;%ev%=tra*TFJME@Q;KNp@0~c_#S~W$ zLBeZ}?=dmO5_f}Wl1!k3m?y~l%$L$;5;S1VL#3$&$=}i&O=!NA)I|pirRCYfL0fpB zq90euls23WFK;DV4BJu&8n<<2@{h-~7DfXW&3mph5%yH^Td0Bj>K`a(nV{nMy}bMk9kI3=vb0H^ci zgQyt9Un$`W@#Mqms$dYj8*s2EWJfmj^}R;zewZw@Om6^#=mRzWYNQWG$EqFwFy``_ z{vY;0LW$UQ%aOy*A-$8zR0)hVqrq%HHD4sUd`n}|4?6}7NG()4<)1;aex@S*FUwK3 z6(&*wiA7!>x?2LgmM%*C{wQ3M@SLLfK0v;S#jcWIKUSPj2O&_sUQ0W|LhrTs@5;(l<+nW=zWITAOO$vZhEMi{5sS-+pR#|RHmi)4 zU(3W^r5%N7?{Y&0ih1bB<-YxtJyz(8axT5m3LHHcM9CCxu*JUDU>VMQo0C0jm^SLM zfxZ3WGi|lLXji};I>-W0ImE@{@au5h?Lp$>ZP_Os`R%TN?*X7*4i00uVPsHL>LkmK z-d)qGJ|)|Sy?@{xm7)g`Dh0@l_x{rn^s}=gq}6zN^`~on_TNR1P95*wuK?jQ z(tqcP$u2z6wL-4DLY8WnZMRLo)zo%Lu=J39md7tfmlY^UE$M2MzK9HZpJh359%z0T z4-+^quy>G~RJpZuGNK%p&grmBxgMQXfMlF21<2JGu&S@v=QRsvY4&)`_L$Dqgx4L; zt$0@RpM#Z+$%s0QXEWWJ!)rTDAJ-KnGv8SeG9tj4>WVB#?C~8WvYnvfrH+Vd+J$pp zZL-EGR)1qm(;K53$qpS82UXt9Up*dEBx(p-2XX_ni{ce2levKE`!)fFe2uOkegm!D zxi_2K+jk?qxyr}r$hb%C`o^$o`AW7Pe6NF)%NE8&FmB|BVOWV!J$T@;cWz~9Im6(QE;;FV!@=}nz+F!$Eg1iLR52Bj_v1r zo3(S|BWWF1GZ9vvCMXe9L+mB*@gtNmsEGlz_!$}06!Y^4?SdJ0*r=b2kHQl;H4RSd zK!;toFuUPBw~F7UO+DC|e-#q&F!*_INxOcac&f0uGFOFZCY<-!v7%)7IFI>_*WS_) z;Ao_4w_xX{#F-9G44(8_C_5gbT$Fwy*nd}dl>F;sp$2K(__m`$+K1EYMV23V4U)dA z<}yz*Bnl)bej>&X7&&`E0Q&qCpE|OQ=33p@gw_2;-Kstke!r5MLt_A|n_{fOdR=kM zTQLvuKELk{4Wf*EVV{P3Zv}PHtdYM+Aqdos3qDL-d{koVP{^e|-z|NR`dF>Ca(k}m z6#wzj?@M1-%iErad(JW>3wJ83Fqaw+or%_&UU|#YjM5U?xt6U zq-nPN&~f#3@KFijIW@u-exJXc65!At^RK+Rfa0{}SblyqgRkmxpzvjWr+f6uk>YA7 zCW?RDKgp1u1Iz0OmdtI}%*R)kvsGLFCUaFpjhp7}uFI0IDwNx9zkpuh%5}tBZ`daj zyU1`t#%OU&0I(h%IX(}r4|mNpOU}Zbf5XbB<|?70GHB0F7Gnw3LG3;dBn_8GLU&kf z@}GvYZ)x)n=HZK^>WGcCROkgQq+ouM(bn)N?|QT3Ro`x%J^5@(Tuh7zrM@45kbPjg zVIpAWqRcqtyTA;pYB~?D$G6U+S9`-F-y)fS;VZ>o4xQi5Uj4CzXvWhOypua_)Cv>gK|jJCy@4DCKVdKMnrvvoisbf{uJya_B? zk9>Qc_HTc5;gA1_mqqFcVAmQZ`?XU{8wB$a>T9T*dab}*=3&-F)W1KwRFg8qSpQ(2 zD?4n$8%A)MY(D^%}W9ZUbmDy=r-CS$qw zFzxJwwxwBU@}Q88z2)#G7(JPmu;#aQFwym?gnfhy+EdFlS@ryXJp1~fe5CPZRx^KE zY{{8gO)Asl6Qykn#6ztB{+IdDh3x1SRuTwJ=Bgf}UNng#5*Te2sz`a;@dWF#vlGkVsBChh6|NY0d0k4$Cr+ zmtyZy$+6_Xhs2TcpI;)qTT$VOB1{bc))WY6)&2hicLE$H_8Mh4>K)rkbm2&=fVlI58 zO&S*#sO8n^U3OS2zGhg{sfyCy_ z5P`6^^fr4OsD?4S6w~m%9oFHFky*PpMM2e3meizmnn-F1+NO4o?sc%LfOS#HKgA#Z zCiW6>C0tPIs4x6|MtOAS5?_+G4mz%xN@q|Km{lt$a4|X1SP_lQWV)7Yb=RHiq$uAX zU-7=+rj~=u+)WNHS2YL=cqL`zIeFi3ZERzQtj?tCVw;Kr`-uHD1p8LAy(=v#pm6*x}RJ8_a zPZM@iJ!s1RyQ&Cz%?{o5Am0%A$gvmR)_4)b?MYnD)16=D2pSUaJ((nJ&AZ3t{NR7H zYR9P#lhOEN35IzzGO3N3Z8beGOUwiU4T8WoWNTv2@o!0kb^`2!V`;}F=Zt2w8yhm5 z61OUnBc{&5JFcv_Cm~EXtUi~Mn6n;_`|&PEjl)kxXM{R`8koAUTlvDK^_q>iF3%&iJqMaK(nHgbc6DoXY|*v zDUDn_Voz^O6dtQda^lP$3bOZ%CBlzWn|_ke!z^KUVzGop9)mte-^ zDYP-G!udM05TvT@u||u8Jy{4}(knAh!DmZusVNjbce8Fo@#sg310wmE0rF#ptq%NF z@Cs;r<}?D;+D`HN>rW#o^dpj!rC>oAtpy#K2-^-~yh2Of&h?a1<PsQ*N6jdVHWYc7N&glYBtoS@=vOo<&9gGh1IZbk@vHa zxoMx`q{5be{7&fBt& zKL#2+(36#^@se5Kq!5+>A}DNo>2LJ-%N{72Tct|%6ORS*P*c24xgGM8**tpQA8zQ;2pQy;N5zfzDQw zOs3G?$#)#7ce{wcvp6rYUUE|0p+x*7^E${;;7uujc>@hB-7{I0#5Yi5B46nHVE-$j zV&ke=14F8l`x*loQG32fBBn`1>|IA>yFS?}Mso(P-FEaQ z+pl7fFB*_9zGgp8lD+O-`*j@u+XWgqng@~OGUTo9>TDy*{Xlv?3(PVcr9h$CnZG1C zzc|dRN-OSsZum1KZ9Of3a=4K0M-D9-GS@`^0+=oiMg(|cg!ti6(KWcq?h`ssvYx(;GdEbg&1`l3i|)%P z3mLn4^;O7@Bat1zcwg&FS$hli6rQM6*q&esh1(7HE{~}H8s&-A>R{kUUu!57#fa){4rj|YA1CEen8!O%C{ z&z~-binx6xnDiq@DmV6^%`ruI=8Dy-xVSZ4rPw$qH(SLW9zWY@49TVollih}=4BQO zoR^oeO-KHeIrlvlWqrs1nei_Bf2Nv7GIh>YXY|58naw>C9B8Q1eL=Cy0nOz6loFxO zDe`o+%&u9E6s44Z@N=5{$ozR(I(QcUBHM51O)mx8j3mKyT6}m$h$#nc+7e91K>4?^ z1xAi2Ltbk=;A>e#aHg`ppOWHbk29-hF$v8LMz69r%!4_0d7v=K%5Q3#EnC<6k)Go2 ztI2(J0W#B?xVVMgXZUSC7OHLcB@)o1b8bna=+(s==3 zh(@|}hbtEDI2oVY3=4i#O3A=yXG087iI`mX5cOC@Ile3JAZVcrZpzzjE}fF#gN7qaN;@5o8=oM-KfbqBPo;*(d&t425j5)|Vc&-)wRg z)>yJAzRmz6&OywwBlNj{Zp(g;p`yXBg2FHv2{JEfOTYB-<&z7K-)YE~oEvY{WSGS5jMK4(3hPlKnn?&vaaOf>A`?p(Iw+^kJMY2uj3Tiz{m7uqf}>NVNa z&HI#2k4ch1HV*Ezj$EDUE_@qbwWt3$l%}WO9e8tGx_mhBW`Dq2rh2`74m9@{#IbiV z0y;cYCjR_vAS#*d{_-0ro2AmlGnWPzBU_4uyIGWCOm9`ygZ;60yfE2hRL#lz~!T=4A y)!Y#~#Xb-x9wI5>jNJy9w$dY(Ivn2jfKMR%LZ5wh+6SXcV`-@Bs?;jk!2b_*(k}l1 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/rightarrow.png deleted file mode 100644 index 51aad9fae9c47616835ecc4841028e1c887565e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1058 zcmV+-1l{|IP)Px&+(|@1RA@uhnN5fsMHq(PZ+bm=@ZiA(4=#A{ASig)g9i^DJmesB*U$C@H)x2W z5`zQ@K|)YNkRU-82^vPxprYbHRqdaOL4pJk2@)it1Q7`me^60TamAkLPd;eD%Q~|& z)jhL)YUrx&=c#(Ty7-!~%@2yf@0{xp(amL9?y=ThjB(Fl?-5Jj2_kwNz=b49Oq!-& z4ht}DyC?zz5kff1%!dJ-CnBSix->4_F#V$m$iuw%#{fJE;2bj>W6b4YAjWAERiKhM z4&VSYe+a-DW4;>)a8Tdq0#%%rn0Y^dv%Ox==6U|(Adpe7*CJ3!oM7gC0M2Y|Y}m!c z#a~8+{J(y+2~=@93E)8hr;{YHX`22XTcTEhO5z0o_Yu+CMNvqcHeyQDE>Okk6f^Gz zusSz4XXoeVi&zqk2vjriDu7+G+A5_i5pfKO#sn&fHvsGe(A8SEx19hpQwX6e-v=Uk zT`9FVu0*3VAh4ZI=Ze|c*)B6@0AA5r-!qOx;{pQP?RKx6nVFH9xD&ujTI+j9m6(Wt zz^<&UT-ERQMPdgLJ+G8{U=)do2?*@^`uf#HQAnKbVCIv?n7vz-n5aM%r)#P>-OkJ> zj4=;yMPlLt0_&W+mWU)yw*gqvT0b(Z#8e0f?DF#Rb!AzK#H|31Ypo9sBQZ4s0=v4p zdcC~Z%sfv-$COfs21!hnfWWS;t=-V;^+e(pB08#+dTe6b=|Q8n*>&&zjq zWQ=)kv$j(=1J#~MM*WDKmu0!bTKn#{5eOk1W@f2yl&w}PS4z2U6Cvl^AtHJbK#!So zV@wzn!>Ngo_g=~|QkMA}K(4i383Zrar$QivaFCgwV&=b+B+0WZTN?&`Dg?au2js&A z;Lj>HZw(7SaRKkWY#E*g@COme3;WJi;3p~&LfFsDO8|b8)h5fbO_$24TZO#$vg3RP zz_0y&zrC=qaC)mF|8M)oU*ZtLKG`+{__-|0wzc-XQQ;epkaKP?5j_jwCjf1&^_g+t z8x`>0ONmiRjXzYed4F8^#soqL_cL<`!1v7DHpZNd0pEy#b581_QXl=cip>YH;Aol%tukltDDs#;Jv>az{>zG5m8$y zb*>KhS|Sue*u~6JiT)}{l6IP=AJ+vRUBEea7ZJV2%<`XDVspMu_^1Njdnubs`TUD2 zHlNfDA59>HkTdg}04`RsxzGfBOo4A?V^$Q!&OFaQZ3;e`fcJi(EX&WWwVyQ!A5EZX c=>I4T>t<807*qoM6N<$f~)T41cdvEP)Px(HAzH4R9Hv7mtSZcRTRd*GrQV08Y)vx0o4p%FL_|f+LnSDpd9c3K+L?7Tvnv5DXyUGOM0o&=ySr!?7@Q^W8P^#4YNa4u0aRf<2+$z_cZCf~;N!~L=<|gg$-l#U zIw)0PPXHJX8^ot$zThblqm&u=DU5$f1=O5<5{&(RGhGIA7QhT4I#XE_wIhp*BSbvn zfrbg3X-`&GNS{w@`Q;#d05Or@Md0_^Ow$TQo|(%ef9MuW%~@k$UK$h_@h*vRB?ijDu1C!Q6q|iqV zLqv((Sx6^;>=i&2`O^UJsrzSLL%$>V6r6Exz`C-W+c(vY0p4*l`s2L-ByxpekG-z} z?yvdjuxn_?0s*Q`le6CjjCLnrrF@+T(=k^7scAZ^d=d zQTA{<$@c<6KNA(?y8#2!MPu-br4_t%2vB_IpNQUaGTOdYZ76`y8_*_Us)#U2!*`I+foGk5Bo(r?al1ja~B!G?K=JwTD5c zTOfpM=;o>c$i%Tpdz=)=x2|gPRojBr(#Lao)5&OZ##EnGtw5(9`5#LUf-p}l^$Y+2 N002ovPDHLkV1oB;9~1xp diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shengyin.png deleted file mode 100644 index 3a388e5176556ebdb4218448e9690cf63cd76d22..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3578 zcmeHKi8s`1AD@}Vn2{J%v>1a()=^h>4VUcW8dSzMSu=ym)}@gtYqlYzYm2dE*N~kk zTh{Dbi&P}S)u2fCedfLAJ@5S&-gDkL=Qqze&+qemx99tOexK*=Zv?{wJV$vT5Xb>z zBYh$mdpHjg0shM`Rb+z!>PIxxgH#M2Ujm>SV|`ug-yOeXy-q&vcBFG?G+7?a8zXUt zNP7{5FpBWsR=g{PFwn6+7}#`EjwS=s)sg2Bmx#V2b4Mi6S=9-TZIGT*uxXg*pSvg9 zC&(JDzG8bJ=uj`QXNx)z>BU;9n3NBdHJn3d&LHDtkptN#!@U!Qy^0iDQ`d*GQ7MvAd-BV$1k zuD=$8Mz?s4ryR4~$%JCmyzuxjCIUL#H_^DkZe)l5!N8qr`(hX?gkH8BLJ0zBxvWL! zlIQJqIGvsR4BkN*``UqwcC4L9c`Jr_nuF^MSFUeNm4QA!ya^MBG1JNqeLSy)5tfne zm}3Rrfp?gUDHw3@+H#B6Hxv$@hPIb!ReX{o^DgUze< zv_P$D%YC(vHd&*+xT@YnYC|6ZYv}nK-FnHGU7Z%|9N)Eu6!iLOE1djg{sow;k!co!0+Mtvb$OlEK??Ehp zaf3Ol&xV$poZEbOXhG_>SB?DZ3kmd3Qs#Jh_uaar;WLr$6ip~?lIdl53g&x)x$oxN zS1*;T6#3AJiqA+ZS1=5R6Uac3uu8jo@(RD=6JQ_WLkj(`N%09L3W^745E;pvIM%Q9 z@vK1#EsKsu$2-~%ml;mq(C|Yc=>Ll zRfKd}95^DT&h(8vXF~ z5h|A5dZ1F5is#rfkH-zr%{_p3ijfG5adipjPSe7%GIt!t;wv7On@1 zk^|f4#qsU-DY(SfGyFXzA9> zgja#b9zr81h162%e@-taYIPgS{j+&ZMPw>0AAcS{Me;yh3gr^V`b`qQ@ywS^PQ;<2 z=eI#?kSwxLAjA1GnvMu)gZW=Avc4E`I(Fkb*$j;Q+5xqaAmG8?#V}afSA6F|Uf zau4~t!1(Q@m4_zi+y5K*AFRQ@TWfl5rT0FLk3I`+Xy_Pr*@_OpZ>^eoM>U*op;USg zTnOfVGv(p66K$@nP#&D(b*QI>w9~pggXmb)N-)N!3zuOEEO^!*4GCLNZ@`$}oaD=6 z3v*|qs|UIsC>)*9p@QZ(orcGFWRUw!b%bZORzcVFFI!`zi=$W0w%x7mTgbzJ#@Zj8 zVYpNWU4gC}h?#o(dBF7Wq^)8BMt7mi7QU+2{T+>SlJdPh-X6m|CEHrAAgbQfInU0d z0oE{RstI*{FMQ{ZuqLkhi3>}#5zbL|aVnZDIN48gbrk67N{C9Ef&!Z+7aK7}vz>FR zBl}F}u)wdwc)ftT#SvwOzsiR{F9Sql#Z`>^Q~HB*{@S13an5QgCByKA1!UURb1F|9 z0Aweh2o$~V>Tk{co#vJV72_~WQ4FDTN#(Zg*Oq&u!GcF$atsAmxQD1YoaA!kT2IaH zM3~V5i^`?;zkeJXhjJ7kcf`!mqtP4=jag&FWh+~a0V1SOnF$eq(;k!BLm999N4U?3 zoeeE=eN|E=sSHe7m!ugk#X?rC1=jLpKxmYJzPyzqZCd&6FS$7`t*Q6BUr6FMQcCVJ z)xi6hO^p+;qeq+K+XDk6x%L6XLCTZgd^OCj%DZkI=*<1^2STIo!}Ay0X5y7R>)!{9 zxZlIU>JV>d$w5Wch-t3&?;$D`SI*;+MxCFn#WG?>|4y~O(IiwFklvETsLs24hIxyy zCkx#lGeVuOkj3B}j#zYh9$$1^iTeh`C{tm$9WXq)=rzs5Mx$m!e;VPkdacpum>-A= z!Ay(CO*`wK;Ra3@EL1 zHFd-LO=K>vlK`E#f3%7g4Z`Y6WhrfM%e1WLkTrQ*J)J_X8-TcWUN@NB+PubQ<0*Cr za3tfLc{Eg=C$Z(K&m$3+K4qoVWS_4nDs|6qQ{m*#8=pdxVP9RmE1&NGwc`n6rg%&C zW~<`1EcH9rPKlp;r+5!4yg z=D5P|s`b_z03vMp@y=5Da^=Q~w+LMnr#8J+jm6dqX)_J+Y?ecgJ>wqrvTGA^u=XEP zZkDLdU{ylh<>)H4WvJ-#6T+W4B70W$sc>PMys()_TW zn)pIYD>oVrcMZ|hg*i)ozAwR&IB69fO~bhJz-V z|MUIKL8cu1V;b>2|!Xr zNX1q6%nQL)yTAT}+W}`-`ra!Ta*a5?V5PG_mVPi%IESv1S8ExPfkBh>n;Am4G#b@7X9uqsONWhJ({O#_t={cIG^>=l|w@b5D8hO7ovz zq;os$6OCo0)RM%f=D~Wp;CEKL6mK{}qmuZ7)}O5o@!o16zS(z%guP9l08Z+jsjjq6 z2)$+iSUh=6$Hjj-pUiDGMevmQ2b4hQLgi`c4Hs#O^@Eoax#OEJm~Y*6@xRRdLlcLY6to}z*6=ro9&<|ymW&IdqyFmXo`a7X zp2=LpEP#=pj{*u~R&`7slbC&dO83j>cw~6izPBFHz7^ztt&s?%1BPsh$mn#7_2@Rp zqwCHxPc&6r`B~68g6cEx zKJns8*#sJgJ|jmEihS}*`8a^^XiSW0zK2Mkbfh>RiGrs3y6`#l@gf`91=V}!i3w2m zlyvvaQm;S34U{ymA}YNc2(%!7^qq;TcKhj7!uGcv!{?|x)yn1ACNq{HshYg4aiV`U zV9_&89Ff9+4@L>xb_{p?hb%8(#q|*YpHJwC@Ht^w%__w9syod#~7~|W0!+?@c!ms_Vf9nl+lxvg;r5g1k9B=#B)G*4wGdGR#F5J;k6n^$>$Qpa4aV4q@W70Lz0)V zJ%Uv2cX6RdNuzY+Bm*SOjvA{tPgup-*PsF<7R1Gvk1Pe@dV528F3T$Voy<$n% z#Z>QS_1^I5Vf1H}eU=f|zt>r(GR%h+4^1jNegVFbQgqI_cm4QEBIVY89KP+d0RxJ& zkkx$D@0xm^Q+7$neL~6|38CVrYG>g+h^je!_B=q^FqiNfxaBOkK8Mu`l61KY{nvcA zOqW7!pd4&Vte;`>Udh0tnPulaY`B5(Mg$S>Wbb;!YHoV!MN$zX?%D`o{BeQ^nuMr0 z{x}i25U!WAggie)4rDtl2m%i2h_SBaJsYkg&=*aJCYHFNnUtf5X=CWi$S+|seCeWZ zrctF#YYaB_u#N`q3`UeYH(L5QPYI80y2NM*e^INt$$Q!+2EEjv~fS&Bx`yJe%Yr$V2+a`sF9@mL!A%tme#D{|WeC zbxX8A=vkW@nZC+S`9K6bJmgoqnCW+%pT9@RNYSHA&}dVV_YV6qB>T;l)iNTFD-qK< z7pPUT>}&AMis@g+<|c`fbJ7X#((KW^%2reAm$gt)oRCF7wm#}eRLYklx-a6HdD@Pa zU7uY~r#E54utu9nmp5@BGBO&IZ;4r+2i%=9+ugCs{8^5<{9RsxUMX#*e5-3{E4tAE zHW~2~+q)-STT}N#yX3|GFRMG>df7*n=cbBb{g>?T{@(nq^#|;n z_Iq)Z%`F#7c+H(D-n5Yjx)B~XOT-5{=ujywAw)0wG-Bk#L3aAU6Wpioz!q=5uivyv zTFgFzRSG-TA7FCM5OF6E^`477J0BT%fYx3VY%44A7dQ&>0s^Y}t#fe6e#3hh!HX|s zoTk&k)VXhj+NwqfhF7XCKnBOC=ci1^Rf%{E$6q%DUJ>-2KX*#;u^JcQ5`wG+N?Z06 z2Q+-(b&B+2EuKJEH=Lqb5U_)5&B>K+-PQ>LW5;~r^pWIc+Px0EjbH3#il4XX;MOY3 zvUL{e@W3)sKQS_u2Xx+V=C51)XWwH{?X`$g_lC6zB`t_0P7I`42x$OA(S=5!&TXYWlAAC&jHf}8F z8|FLK9!1CNYmg8_3LbFoTW%`l!KnxFeAGM`GYigMNvX#$|GGYYv+&lx+zKbkQ?`ND zJy{(iiWaP#8K1(hr5eL*-FFH=*)JJb+#&aKSiyVrk$d+meMmyNW-dbnt@E$+S3>4p zoGGDMzYwmym&FE5YL{tt#%g~oxa!)mM#`|cu|#JMwlt&TIvEQWv`3gWC1A|U!Pl|W zp^=un01XUM`q$yGseEDbQY8P>$Ppm2F$wc<5D=KB1&qt3KP0t`q|1kujf2X`*u)}t zM`CZU6B7J(?9i=*BO3e=J^ZRN{%)@bUIG?R9gVxOt9}t^aQXKS+oqsHVrUNOd-yzx zS;fPv!N%P*4!I;%_pj$=GLiQQ_Wp)}xtr~aEwoWx{YhU_)T()KeKpo{m5P&1!pZhl zgkcnW_clrJcF-J8QUtsGVs_elzw+fHNg5(NLVcQxKe?&%=;X^_v)gS^nVzfV2lQxZ zu&>YvnD+HBX(Ni6yhwRHOPIgHX118HS#@k|YEAK+drobRa9_?{0;s2=HJZb`%2kI( zL4@?~5~KhbOyJDWSJFUpzcI8(Jni?yz$0(X5X&R|x0ei>W~W>)sA7s~BEgiKHTt-I z;LAM6-TF@iHA~MSYNR^le?HKR6^}msl-lxcuicC001nO!FmLvV=M2=Xpf|^Pe|FkK z*1iAx%|({U{*T0Tpu`*|oltAYYzmnR_wal_IgZrOP=Fw4p~5|Es;1cZvaanR$p}uF zT;?v7iPa`B9)m(F6C{v{9Q57ITP z@4hhec)yVt9vQgeov3h6g)pSHT2)~kdaJHa8?VhSM(7j6GGqb>4nRBeK2N$U!x4!q zfn|Xv5J1a-C#L2THvX?x_PH%)&YILKc6)t-s{|*sd1WTTNO$tHukV*1wT%||XK!H+ z>noPxbP`#sA@U%h6jMlM4h!Y8Xb)(~a9B005btP`wykgI(j<#KY*mdG(+I@rt|m9> zC%P}2F~3CyX7;+GN{#S>>HZC#wU3w>1&X7X?sC|lk~dXw-~ZZS zpV+x)bZSD*`f1<>L0}Y%a4do(_-j>mhbPS(?&JHy8+KS$C-<{i_GP|=kLS)fO8;`j z-akIk{0$Xcr!a_P;KwlO7Kf5jO0)(+s=9NqHaC}!8Z79I=;mg>HLMOQ?fY=@2Jc{N zNzvx2#J|Ql@k8A+n}oo76ru?hrdAG<=;%-Aa5mh-F8Q{>}k?F{;ULpw(?xQ zlIx#M$2MLBz29zU)xFkA0exQIm))h|P6(U%usZc4S4#|?PSX1qP;rWAk!O)$Pg-gx_h&jhc8?MhD%R44H-uxE5QiHan`ruH+z zuNOpO-POqYNF>b^%1mp)Ve2@>CXVP53g=v#z@)hC1cdqHN!~X+DgqzfHAmYJ#AO2g zTSNeFLJGX+lf3o(W2YM-vbFL3l+O(lc@V^PhU`QqT@)@pI<8Jk3AF- zLnbvD+3XV)|9LCGsgFG=`N!0D)-O*d$qHui54rcWkD?lK4{jL1Q+hlxI~b8AK!PIg z=?~oFLXZr3UKvg=(w%`D*vM1|C~-%-17XqVo+2Y|oiW^$W16iu?yG|e-YcWUgtX4< zI+rxPa$=Yfa~T2~WgA!ooZX;rasd8$r2O$bq$Mhe=a*0@oRt1iJ6opEa7^=qgBUD?aA7bc^&8h^`ssR4SCWFTpG^4B?-HeCmI%z6z=6Jjcq8did2J>h z>JEsvyC)W2FpvE5+sJhu8r2(H@rtw;A;c107zB^I<3iK6FN%zwH)INC0kaG^EB??< zHUHDhp#WTh#hfP&(S?CmhY*yr&a5Ti`Plk$z2|_XR3^iQ|HFYV+|V!{g#L+b7fv7Q z?m&dmi0)i%B81V>&HuRIzBhEDz(A-&_3#fYmXo#YzNGhkZC)4|tFDaqQ(3bwcqV{iD=gGk$)Z1lL;(YJUoJQny)kQTPAms+Z44m(a+GE> z|5T_`NMrD?^H0SM0Zwn$9Z|l!(>AI_5v8iOHqeR>Ln}LLvRfGx#~NMbB%5KvYVL)B z&Is96d-Lr@P3#iR?^tLsEan;Nj1@xhQ6z?HcxSK^BrDMW+2JYs=mv_p!lXFISq%kB zwrGxvKr{YAtn^D2TygA~oIsxt)<1x_uaMsUk=uFG^aX#2*uOp?Qkqx`2W(~B#ZT3f zv@v$sLJj&{ZuO9urUOAM@W2q8gr|^pZH$VU!5~%26waW1SL+yzwm=4Nl=K&Z8L_%S z{z%FfXcA8X7ES+O$bf5e^n%jM%qpTz!%A;USi@iCS`J^OTL2MM3l2FBL3OL~PK|tWn=$MatEaOXVgh{yJ&QNrsX7YR-S)Sj}{1LhE z+5F{i*^yRtM`nuE;UWm{SXjZ2aa=5IJo>=Loju79-YKyGjkMl{BeUMP8T*nBo_8#Z zq<5&PNG?<=d>j#D56+><_$mq%!)adu+&!4k{c!W)^>Y6wpIB?^B3#xU)^>d5yO?Rg z!u5|xoQ)KM1nzm&fn>i)C!)?nL8+!#SP?b_EH38I>;bF*q~>hf%$hmxVcV0l%c$F# zK$Je0B#efKzdb-+SJB)dS=t9b+WJ^n`wG7neMc5)cj9n%BK~w&rE}|VYxRA0bP{9B zkB$auMA%q+@KPC;KUa8HJQ|T@5wxd$|H2lEtzRXkkY|2z658@Cf4DUq_&Oy9J7xMf zcx?A2Eb0^K@UO;sM)JJ_^Bj6XP)GUJ1MH`=uA|9`4I1~P z_AEa*;Zt2274(bSG1X@AuQ8VTTN{UxLuaQG)!q7FpUYE>=P zFe=m6(Jo81z8#u<_d zZ9DHm&jE_>nRdd%i?PG}_r>}biUq7Wrg7yq>|^sjy*v_lLts5;*&}y#pK#!CJX{6d z#;!h$7b%+_4*#3|+!TOx`;QP!J0b*Y3uxDo3;A6prQLZHks)2VL$vST2KF00vny|c z1TO{p1n0jsxtd{p`9D)STPJgd%k%kuk7~*CD;^2*yFbu|X@!N$jJBGo4vObzEfy6f ze<1*{M%H7IG9LE)d>^n7U4qs0JJmZ!1|Q9#rn1O;9^9`R9*T$E!Apg~$NQ3$8l^oq zw@(`Fg(pfD9_P}`bOz;#aaQapEknKp)X2wL}2*(}}!8&g3yR$zP+mf+=3>?BK z^y9SZC|t)B6VaKf8-{8{sy3$an5ME;zGj6B^nPJLX{y=`8+Hh;?>@AGuS!-QtI@6 zCM(kpwBAYvnVpo%71ANsc3LSihac5Sy}K88);q%MuJB}9LEB&0;){XNfXlMV3{R>K zAze5kX*@q!9{Ei;#RJqQg#0F;SI)_&-%fSDoT(TU2m!S2 z6dM^X*cpe=7@MFba;3V#TVJ29K^OQl>PrPh71g*CH@6=M~2Y3-cwm zKri`lY^-ijrOm`bqWPJSd$tt#d6sOx8BhJv*}W7oPW6H9x@lQzLa3IdfHVhhGrwq- z^%dk0o2DuKPB*N43bL!1gMFCxI@Xk1l$jXTUnc5MBuqt#de1FK5a|pIkw#w}Y%$tY zjdGnzvD9`^veK;!{vZ|q*cVTv7m7^Z8pJsK1?gD%n&PeZ6kW|81506r(rY;wC;hxE zOK3tmJqQsu42X*ep0me^wN$qPjks$PBC5l7CULih+8Ro#=2au2QnMOisXeG9gXTTi z*fwqoe$ujRw7vS7LXprPE=8qjeev2;5z`bD)9zCK2GE&Y1c_Z z1|&=$|8kX-hLWOkNIV~e>7K%kw(^pUqw&t9anW)116MVc=ZtVEk7;}#fcxL zL{oW0u4GL?;x2S$G}aH@|yMh^wX-e9ghe z^9rB=8d)rH!|V>~`-iJ_@f6(maTDlqI9PSaDoMsZUa=luK0+I!S61lx6X=0ZDzb_& zdhsn=H7f5V{?5moh1j`zVn8$isXae2ByI^`;XRN=KVC2Xq^SQWR$adFcu|em}M| z1qmm%It5{5m9eEPFWaLV;GPbMfl<|>kxuZ|eJBsH`BJ=l@IdGZ6Js?3e=;_S=A^C- zxvs7T8~ao8yvli6ScFSAc_zBs(dTjCRQh&=b`;^l#=H{-w~#l?S$RofALlujYLTS2 z^hQemRw`wvS=ZqA<(sQ(G%UE>3C|+xAgXRQ&bw2j3}uiX@~a2NjHml`x_V7gHD3lQ z#qAVQYQ5hjx{gCsgCE7N^=1OiK1GgZX719r>%5=-mj^0gjMI0A}TT%#MSd`e`FP_vC^I z787U_k2J%>=ijxT)jQd^+_bV@ECnO?C63kL8go*GobQ6$omT37Jm4*-K)3l@T4)N! zaq5raCuMz-BpTRXbOo**7_@pQzCS=DRWIasBVU$=(on2qv(HpSt|1}w+o&8ISg4iJ zSmRE)S)zA~<`HjbTGXHN|K^4rv6eQ_G?W~mxK*+!`1Zwp>2lSG)fYDRqOJMiqlKP{ zp@tu_9u9BM#MDE}%6phJYs@?4*DKHT{w4X1T466HvDMax(J*mO5eK~X&-aasFyr*# z3(!h{P&a$8&p^;~9!8AMs(7v+6|1^T2eC@=yZZu@u&}SwI*H^4?YD`76JPQCl*%xa zBY3p?)-4=tfcr7*+6%g#2QRw3a(NN`Zr}`XpsIqW z??hLynKQ9`HWI4$^@MNw=_I%#Sc+hkZsPjH$1;vb|Diirs|+mT3*XcO<$mm+G|wD& zza(7G8(o@8Lk*|V$?8NoGCXstkLs1)j2GV^IS zoEcztH_FdxY^@vmHl+XBeYgQ3I1~;6alWC!s$u;>MlO@Mn3vh|@lT~vr!ch~G~&%s zr!Xpc==v~eZ$pBaVC!ZpwQH<;dO$ild?@Yx4b!$yfYk^uhL5irKJ&gWW9UYGul$LV zC>1fxzN}EMB@%tBGQK;n1vZM8!^*bPvLhp2VP%#dA6PLQ7)JxnlVM>(9lL&=D%MLm z;O0bMcbj8SxCUy@_x8VQ&M`C!EWRs<5raB}&_bVn6-pBx-x6{0O^l9e>`tJ{12D?^u30 zJuW0Rg_$_mMH3?i_>O|!-T72eR|8c3vNYrt2+?SqHhv=Q!J%NkE%&-#Zv()9F!LLR zTvi{F7QO`K-<%8+3bD7Hn5KsDcaE+(nQ?h*nQMFff+hGnNacj??OjdJ<%>m~G%fhJ zhGkEgu0OWl^Wd%XL~nKIaeW*HQv{DjQ+8tz7!;`R!c!02@$LCK+Hm1PkF*7#%vz@j+-p7BoU_xH{& z`_uP;ik7ie`IQ6=x!V!b6XG10mdRo;7Sq&0E{@HWarMQ9VJFn0pyxt0+DeHRs=>%o zd`hQBo6v+tp{B|N&?g_7-%j*KCx-O?v(sK4`Z+Y0B)+bOuBh$`ns%pXlbE1g*HL5n z6sxiz3(BPz#x6wIqs;`^#&f~x0lo)-&7}}q4g>L@O7Oiiy(q5qt<7cDqE}Aci>1hm z;;dVuQ28}ZW)t6p-;oW2uA17_-^${8hHOtZwuq0WSt#T@SwGzSbs_a5#oTgnhnm${ z%I$GI;ehD@fCFazgG&+CVn;(dt`_vhvv>X3ZP6H3ypU`hVSb0oy)nTOH438qR`$Vc zYS6!RV23UbV;cw`$~LzgX<*%;%az_`fYOKrnaR?utMmKSY1D!00#T+QyA3FHsyM+Z z$7KgkhHIs@j)WKT9XQCiA1itdP-=7|M_d@z&vQK_)Uzmk~@ck_eL_ zypP>)vg7_zIW`-s%o7ZkZoA{AL5HcOBz-q%T5FP9!ADqjCj7EGSWGY|2I2}`n~0ub z7M<8aGZF{k7ZP-dMWk1(QiUHuV9(z!S=wW5XA!%6@8$5um-H zRQcLC$hHacq1I(%OA9?JyhExW$sGi* zdD5hsSZkiUvEzWkE;qR?c)lBKK>u08zlcw>vGbv9Xe-ctijmk@(pQ>$kT4^mx~A0G zPJXDrB-8nR|2+)>lN~+tn=jK%?ifu#C^fMnfgVdVHIq@#DAj7HB z2Lymnopvh0Mv&+xOcy(LYJO%5ruiXfn9c1|873hprcP_tguhBeq?)ZhfVYiK8KBZu zbNgVBiHE6TM1R2(Zs5m4N^yOz0TC#L95=t~zfc0oobXx>5i=(OGTW@Cix?YdG!BQd z!0eoV4m=R?*!IxG+(OEu56Tb4sy%9ql-{`7N#rKp{0{GYqd7c64Ra3!rTJo{(YLXe7|&LJuO;0tZZ)JDVUWhQ&Do7GesGl&cgmpjkUn3FD0WxGXt)$ zV)l}!FeVZgjdPC6d4SFjT=}bOgBm%PPVV&~>xRrvEYU0FYjqKZ zjuaPPr*FIoFdiAN`GmT)bh6tcNv+Y(COy}n?ir`_wyi53M-$yoRYO(l1TcOU`ZDSA z^t$HAa3#WET!hn$XFk`FjM2F-(x_vEa2bO zw}Q0t74wpi!zlVe-+Wi#mQ(kk39jG>9$nirrWFnnmYj3X=EUcxMAsZY5t<}`o`x_q z&%O2NaAU-DiFZg=ei+9gqcb?LP2_iv-vO287`Of>6$un}}6 z-m2=rn{h}~<{rl0=vJ7?QW_NUdsV*!9h~(m=LwOSGMz(_QheqLRDCBnl$*$NrNepc zJo5;3mIT& zAgUy2BBng(qbNoU=SvD2!M?+a-5Lfww$vfvp6;9ZMNOkZVmpLmoFEaK6%Tq>QmbNd zJu3Q_L?7JvGG;4(0uK3y;?*&&rZ37?=!|upG|%Mvw!xQxNJyh?QA4)_n2GFy0za8i zBpVzVi-2mJnJ)~-qvK=il^fDkPilA=t*TD{P^Vq0`ZfAkRb?GxxLq9TXnQyhaAD;e z*`m`;i2jL%e3+_8J0Y`&0)G$=%x=tzGI%~%0Vj!2x$O_IIIa34ix>i|P6b~Zht=mVWt1%au{ z`Y%TCLk{;+oE}B6ZJ5?q^*wG!EkF;-q?C?V5vadP!&@9eIq{#CigVtDuoJXtsIbzO znbij=U{dljZz*p62oxyOI+;E?ZRN+QGyxXwRsC*)erg4Gb1}cb8if4fmTYLySI9>=t z9-0y~_x_b`QQzI}n01^S%B&o0$ZUnS@wbrvhK|fMhXsVAS!}rT@Ws=>?BYx3=14bg zmcH+URfYJL)*tReR*SE!sXU#6#c#>*4$L!vImvyiF$dnr&|Q&u73xpB(0`q7%~90BTy8nuV)?mEd&aW~m`?)U zjk$*4V?U5#{@`8k7F7^^P(6}m*Fjj<;4CvF-8~< z>ej$XJ;?B~#L;zXos(J#ISCy=To#3$DiXfA%eDJ6YHTlJ<~25jQ38WQ3X!=V@-ck; zGYP`-TL^w}i50R8oy;Gxsp@;2|5ki%P!l2m^c+i}9%rR>O%nLAVnr@|lzI7^Jtg5F z`4i+0R5mytJ`6F-TARYI*!U)`d*oK)lDQYJOgiH!51C-ZY0gdXD-9#C;(Qm`Y%b3< z>dJ&t^=UK2K4SMW#F8(Gr9-SKPAS2rl1F;DRu+ERadOIKsdcO1)YPwA;I>w6zoK2M zG%mwmQ1<*J`$*dqaHO_quKhDYlEaDCI1g=`K{C~LxFB3(y2--D$*&JTv`0U?udmj; z(N11h!ZM*K5pOg)%XygwJJru1T@=IoIl2^gCa9E-@yFz5WjCR3Mb?ez$A%}%`%BLV z?Hjm5Of#XBFSA2AIl9VTxV~2j-wbvn>0P<}ZIyvDl#2&!W7APa{{+q{CmW|%^&4rO za%Chb&X70qrDmnS?)~gZV4Kv2V)uiJgSX#7Z=;GSMo&bBYUKR0Z_$ofT+~LJ#CLx- z@v2skbhta&1tVLHrU~W)1Bfw!)pwDZw`E_gj%sr9*`kj>Wrcd>glnM@@n!L;?gU$^ z23T{>dLKxHR}27ED46Z&>jYM$G@FxueW6<>ew1>8VjW!M7Ru5QfE*i5fO zyG=r2d%m9~+a_9r4;G*RbH$Fhp%3c|puu%Qj&u`s zn=CP!0_ApIP$&D${Ex`-bgD!2cvmF|)+Bl>WqRW~tfxx3%xgr$J^!

ZBt+5mn3d zO)TuI-{B9zze#h@Xc9ZHWHUn=4#KV-2mUf_k+40X1+hvuCr{qAVDh|l%!bELvCXnG z1>$`%!tiw_tUpNi;G4%e53XkJcOoYQyIXcVmnELrCy+lK`I)+KIGcKNh~YEMFL`8? zS=eQD(p&}1<_>b_I8=!g({kjoxk`uW%xFJbN>xlJxK^Gq^*zNRp@htbsQ;!W3l-5D znuaHhREO|XDgRtQX!0!(Bw z2+FT`e-Y|r)fJjUAl`Bh$DBLF_9$BsKB;6(-F&2?s#p*@|73Bv6|KW*+A6wi1OJzl za)Asc(S*l+b*N!i&umr*H&q>?lj)BLo1r)tB9N?6*`Bkgd2`ICSwS^a{K%TY=xNKb z=H7%|8~Bz`)y~e$Ueh>j;BG=zl>*=@NWR^nEaeB9yiR4E4@G zz2J&FPjRs(%myE}sz8=&8HYickwqEBi=`h@BRdmg3wxMB;Y26*gu!%B#nxb^I_E?C zByRZ0n)IgQ%IFb+rI(UVg+UPAwdW)^0y`p@wgBs*7%M__%%L5n=H}!%sJvxuRdyvl zo+$b#P~p$iSvb+5c*}hZ>wzbnqrhwUk#v2Cesh%0Qpn`rYTY?h-bs`nem2YaJ(bb=7LZ z$r=A?CFmBf*<0e73TMg=4st3i-(W`47B%DoGQUSm$p=6-UI$1`T~S7mmH^I3x|S2j zmq?9Ldjx?_eF{U=;U0QiN;6Q1w(8DHh4LT)?DUk>d()1YQ6IM#%Al! z_q-VG1n`k;>B6_fX}LXn_vj{FD-dEnNDOx6A_mkFL$>M!@*sXm`(6Pf<`(ojhcjwH zFsJ-D=Cz00{Lm;{1|*bW3NUnK#nh(FAJwHJFHiar?zli@qX~pxn5e`5J0=tT{G=eJ zIT7^rcyLeeZY`rJYapJf8kgp0N+8j|H17lttGI*ittF#(Y(oF{-w|Y-i^Hi@t!$eE z-G=Ij2(tPVFiyD$BO;jr^)3#|IMD3bF)I>k&4r)r^`{?D*Q3ZiD3B;tA>HyPddk__ zq^$b?l66_}dvVgd#o57j@NdfhMFDN5D-$i|U*uS5JynHCPOPrvgR#E=8*I z^#kr4cX09NB_n64;w?v@PdYxGHd2x`x|d}rfexiw#!l06WbFQ#Lf6xNnoD2}-+K`b zY#-%Qx-MKjZc0NX7*0fMg4ey%r~!fIIy3^BFBbzDffK)6LuuXOTwf&|ev`~SXe4P} z#BL1J#x9^hU`^!0&F20CLSO84rTOb4M*23hs~ z3SWA3YnCW5wExD-QZ6>~Xoa0`eU51j$I4ES^%`xp8vu%TOw?F%&xP0oVN^eqL>3>{ z#y4*aecFxd6m72rL71N}#7&sO0OOp8c;V;&0Xrhb9NvybEeAjnV~s;*=o2NceBtj=5v$bu^TAy;vG=cOHvzmR z=!)T6z{kv@OAVzv$hQy?%$_Z_A{f*zxG1M`Wkuo&uyp=jtB<(Ij7m??y=@2`Zg5_) z4dJU&Gkz&6H6Hi(U{G-0*(=ie#&X;ka0yKL^Or$rulwA=n9 zm$x4wC9!da$WX+Ocppx=|CQN%#1a|x9$OSv%)qe%5CL_HS=N{Y`Eg0D(FWXJ8Lmru zK+5?*V>Et}?+vM+sgZ_=4SgL~{u33-S`lYhVM;1~;!K@HhoafG|EZ0cM;yMtQc1G= zo&UH(_|wl&OeaFG%OzivouW$*NsV$3p~JR^^82PQ(`$@!A3e9sIh`Vf>o_3_IZ-)D zONw_XdQS;8Bz=fdcbX~GceaRt^kN-Sd4?hM@}Sjay!V)Q2+i*pp6kegF8odyPR>)j zv=pd0FIBPc9K7;LQcT}KL)KuMau%fTzcRf9`Go&4VkK@YYLQ2vS*NIW@Tv2zU0%T% zpg~rBNQ$Q+?I?(8*!+MgLmiu6XpT_~EHtmLj&+K*sc|Mthi@<7_puXmV@KZ@=_5W< zV=!noJP)e?*Abg`h$Y=0U@E%Og8$E8{n>ggGDKxMj^MsrO*$J$GMhXLst%AF6OD5?rC>x<{r8%7lOTPt=?Wc1|Tu$T1j{dOT zvy)cG3DF%we~*pKEb7}zvprs65` zgR17JljO4pu=rQsNWmxW!ERLcW^3A!$T^CmD&u6Z{q-fgX7VU$BvjAm3)>x>0R%uT zPL6-ah)Dsb8vm7A8)(hRHgVS^1#_IwlyWd_C_p+QAfp!g*M(K6)LNqp-`Mf4h>WjXYnwUSYbo|rZkmZDM&0A~#0_+Nt za2MS4)Mz5<$$mgWoiL%fSG`$OK~Kmti&*`2_P46m4Pvns=!X21 zQ~%@t^2u_(bCrhc@E>9`qF%F#QW&><;y+Kyq5C$!kgNdvl&FB2 z!09|@A0V&@UWV_1n{B5!!ly}L;{If5$$g{0Bcw(|yOtm~A+?&)CGMCjx*-M80VNP+ z)yrj|O-mD8|hh&dQFiwZTH030awM_M4w>yYEUKLFj2@=W!sZoFSJvzSm^QEwSX2X)- zj>UGg=TYw#ASeB2Ln^Jp)&jsfYwAR;sxUX~EKrJ6S{v4xrA2o;n81@^Uz*S88NGb# zFoy`oNf1|miA9)hH}0xOy5H%fZ}9AQ_FE9EeJ$BR@OIxVw3jXjy*spA%i6L4GA1Ob z39cBS&L@_He@@-;gpaU{Gh@R8)Z@`>7Ls zZlR-+%cG87bI@9J@QF4j+DSieQAJWrIRf|Hzj8+u+_nKQf~dk`OXqN!L)a(Rm-KJya!sFojURj`)Xe;VNtM;} zMml`m@VxieAVdn)R&gg{u6P}F8vHQ+^^#{l!6P1{lPKQqD}k$ zC#5Utj?iZ#f+p^7bN}{FidS(<<5Wzb;G}KyU)TXmu(wk0f2qT_nG2(xF`w#;lug6@ zJ9pQZcMPFK&0Zxh<0}JQ@71(oGvY1;S@rFTG8ird+<0V>-?2v5o|07zTx=VhZ!p9P zL_GAskZgNVHFP1hH&nWEl5J&$&lsgn=&2C2<{eL29UMm1XV41%Sn3vAI$Ec*N2*9; z`6DN9AaYoqT+_|FI6Cn&j*$|qa^$7X-xiiW1V}wQ)PV|cA0mmuY{)XEW&Na kzT0tvChPZZ;H%G>WiV!0ff3JVz!e}VDkoC$L*M`Z0lp@4FaQ7m diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/shibie.png deleted file mode 100644 index a5048f260a6433c47f69ad65de1f67021b01b061..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 7640 zcmcI}WmHsO^!Ciq-2zf09RdOZ62j1(l0zsADV>rsq=0}UQqo;R4&5a%bayG;2-1kW z{NDG|`}M!p|HD0Jt$p^rXYY05dG>Rov^AB8@SoxX001HtWqIAl9{t~gi~ZP^8&zaJ zc0dnZC0RhlDE%G)z!0w@FQeyUew2aZY1-S=|KQP3LT!Q?RGsgmfzeXG55dF4FkdKS z$NU6=|0WExR365V^(RrzVGkou*G`A*vSEI*8JLeC6@T@USu`@XJkbDEhC z;9Ota|5_qktaC1~A8BB7l&*0u9KfpPT?wJ{Wa)Av zZ01^bG6PS_1RI_75lRuOPzmVDRVUTGt||gelQ6HCq@1)?CLw?l4lq2hM%!0~gh?J; z<=Bi~ih2%1IB8jq;4zZNUE0yGd=ejht9|VW>h_CaIpj{MGD!xxkdEK6Q~Q~Z>o0c8 z+GFH%(KM+^Y8v|#-87!xdxal|2c+bVMkipPo+&H6A-`vVPtAO1b+<-=D2>Dl#skyM z0@S&{X?`qI)<0jXeuYuXgk_XGPC7}RoU25ilHBn6!cfRNJOPM$Mro`Zd>8YbL)8`q z5@b_iFxtGO9+N7>M0jQ+CrR*kPQwU-I~+S)3j< zyk{H-0<6a0M~h<`yu+)TIiefHZ^A8InA#;4L+P&g1x<+ME>>E_&=({_FGlY%5Km!Z zqtxPYd@jP9t#RFjKvX+N0L52ythgghwQ^9prTsgA+7k9SWBsvCXQWm~re4hVylbCj zzc!W_lX}e9Mws=&6YZNEBj-_!Jc8>Ih758rHwgUfATva zpv7RN3?$1g;)G_g_Jl6o{jTj;Q>Jny&F*}b)2TxK;LaxJOp6NFAZOHF?>n_-l)K1p ze&L^Y;dYh$E!?0WGUi9Vvr9~_s3w`ft)oWuEA5lEY4sq_hJ2!~pLVM5P{8iTPd64H zFgxbQ^MlQA!O0*CEL3aOhsXP)7o7IfDCqgg#9+!%?&ttZ+|L$fCQZLDj*#jBB= zB2f-HeEBpvYt8}JKk)9GmbfrAQ}V%&5`D20v!qbdS+B^1ulTJ~R9!A2IBQQ4dpb}C zR!AUnY^k_z+4aV&p{j5d-IIN5euSzxUyOZy{Xt8wj>Os-Zw)!zTawrWBAh8*klHBd zZ(Cx_?UaSnS1i&+XT*oyCM~Q6A^C)46<6S8B#PpA!4WLo$jvk};FZk^St<<ir2dBbkQSGipX%3x^4IsJ@9o6G z$V=akkzutJj2Pzm7n*T^e?0)v{B^4_L$hA6KxN-|qqBU~!s^U;SjFmNnYxF*0WNGW zC7p>>F@-LO=e>Za98q_Yf=1J!BbdKfg`;kq;sE>N6D?ku617R)HgsAJK53MxwAh;0 zkn6Gj%iFi$&Z`8|BJf&;Xm2N#M2eCPf5HQjIyvP&3uO7M31N05x2aDeFmJA>qx1VFZLWd# zSpQeT=4#TYC;wTC*=3(9JDcbY{%a4#X5B6Khb$Sl%y_or<-a;hUnUvpW%cj=CNx-Si^lpinlX{u)1SkG#KN@1pFVrU7~KJ93s#r?K1 z&aI`pyIKG$U|$D}AS-VJ$`=c; z5O)n1Ax;shNrhBRu2+<9J_)mQDOfj&K>KrPB+X(Hf&`-mIm2(b!0QMFG+Dq%=GSYi z_E4u-QFR87OK_13|E*2vp8+h(S0ZXO1>c`y0;_78{w+x&2&bu(g`# z6LAj$D$yk+%lqDpKkVGwOH-W*7`c~3vjm^wu$M3sN4RM6=1HU3yMs}#r7JBxCB)%4 zyxyvuZe&$smdRn395PN76n9paB%hhVEjar}U{0;skLxH&x1IFGvD(_|1dQ%&sd@TH zUFg4~vmdhyj%tL_B+V>F3j)RdZ~x_kY%MVs8dO)lUq8`i0LPA;05?qr7Qd*wS^2ja zo+i3N{SjKBI?th%gy=z*`0gyX<*L`em^>AJ_f^Qus6EU?y81*(0P&aNB)NtBtP

a3WqtJIq+}rhik%sA5n5Lk?M|=nmB8W%&gezVlrdAErHADtfE(CO2239NaNEFa2@GbXValZ#DvjcM3 zED2ly8766;JRBMs8VMkW#F2{w+N+)OQ<+2k)U4gj?kSjHZ|pGMjfX4^nOZ{VhZwkV z>}^Dp!mFeX7~Owko151Yn+0 zz~_k&I32q^Q@nke+Zw(69pAm&U-mpkL zFRJG;SwMI9_3~-cnToMDrUh$S;FegUO@}Ox8TsQp2wUjwX(#pNqK9*>bd}Q|L43PwmTT670vX}Cp)7RTG`oFT0mi8^uP=JLnk48nc z_PyxwSWte)RSR>Y$Po6PblGT+RzLLVsr(9yL1>TwE}!OXJYLuQ?85316xveZvjzn= z9Y{ZGT^2cOKjOLM{Sig=7e{|}p00<@p`~`$;jWdC7&|Ilg$k@s#7nI!%cN|%(+_-H zfbx&|Sfn=7)hEaFv-NUnkNg`|5DJ+|#p-rTZxU}|$6wf>@*hUMC;^2n7*5PjLLh-X z3*2g>dq@3-WfS{KivWv=N2(V&5-3nh+()rvP(><4kMsO4BIyvU>kYOSVY|fsOf=1_ zUJA4jG2nA~O`_LM*vSfLfuM2plKAYAm5y^8a!}v|4D4df_jp5Q@zC3kq>U&Z`kqz^ zQX2c8#j!(TuEkA_fsu*|Sx$TXStu*M&7}h8Wy>Ra+!hHCX{^)qxyDuc`Jom&$EDuI-<%|A^C-q2aj}Od!NBE)y1BSQWc|%Gir!RoVp7;h zu0EPk{=#g76(%BS<96o5=0~cz*lHsr=<9O338FsEg60~3qog8ztsEVuVPCg&3v2Xo z673e0=9o|2dSS9Un$+YGj|om+#vQS#nrl0(b73!_?d4n6@7Fka##nv0+&CW%nEi|i z`%bYH#{1Ozvyzx-PMjkfj%<1Zc$AKi6;8YVfB`jt^4f@b3cA70T z_fcWhABc07X-u%|=|&?kVCybl1Y( z1clGMCNo{I8jIw3UPeN2(qm5!clCq4OzS27WA({zk&D4_yX%6YX?27PQ2i!U7j-eQ zEhX99!x(zmqq-dBhO?sr=)NJEbj)OkQ~n9I%!Qg^f!`;h-n5tB3z&8Y;MQv-H+W9{ zQ+SnH*%W6*jtB8^fY>Zd(I&d>*gk6=8<@P_r^l&C)sEa#SZ*7nf~U;v9vW!HfW8P{ zS=hfDpQOENg1M7_a!1LzIVQ=ISk}-L4w=?Jx3*t;x9(Z$$>(YnETCC3+^hGG9Wb-c z3D806v2VhV@J|qx0_nr?v^U)Do!#6El6Vluj~HIx$2125TXUXLHjUX`;awC3meD8D&?07ApV!AQKPLo5EvJgkf=Ev-bwxz1^yRfxP>tS?KCou|^>cTXsFWs0Q)cVS7xI93V-3>Gnzi~5k`SUF!mCj%F%9B9rY*uX)3L_ZVkyFlJ$E#UfNn1}T?~yHHtg%`w@#lK1gmtE*Ircq&1nNdRO*4*Rc6!Z#oVUNsBhT z1AU{DZk~ZX0Rh2e zcf4G8#%~F~h+J(rjWXq(NB8t`NMCLTm*Z}O?Lqk{i+&Ao923BE(0S=?JnU5A=+EVi z=@))`46FP%&PVQww}{3d2L=Ga@VLVtMmY_bSUI<-8=Bic*3m+jNZC5?!5C0PVvEca znlyghEIGFrDp}h`qIIJbciz=KTJ>8UG$i#y!Bu-U+;6G|CBXQXb#KAwz6=^#YYTcKai9DHPi*HPhNK} zmpVbgDq`UGazD!?b4@?5*bk(Yw_)41MTtY6niv4jQ#Rq~8jy#>+W4doCYYtTcU5zx zO*nxHM#M`LvGux$okY4s!=zXjh)a=C#F+nB$vQs_n?IAU6LHVG87m&`35QLAq5xqW z5OZg`A7&3^uEoH}ST#O|YR5UDv}AYvn9=4Ak{uVw|hckD`o>k+6K0T#AIC?On$ z$qE30YCp3`AtxTB40{tVNIJ=p+LgxsXMeJ9=cs{}3_08gFLGCG*kQ6}$iwyMW8u}~ z>qvkFU2?_y{ouA_+SIwuk>b5|H>_7}+;cId5&Kmv;9t~0_voioJ{g==N}@uq4(lb& zVz&*pEi9UkQ%plbqcuK*AJolq?g-hkxSLWr35lf$nR&GZQv=6%z=y>zy{%G}w|P1Z zFocxxM~pU=_cFW`GLea8oA`)}wqGWAY;&BnBRt@BuZmO&+vj7g0%DDm>7phC2ly*j zJjOlL;I6I*cKO@#_z6i6N`z8F5?cLdL_xJ2sJfK?vu-}hO z$B0%+jM*ka1i$Llr}HDv@s?L@1BsD$F?jVxFpsE(X-a2z)+i1@+W~vD={PEW3Ilel z01JQJ`BloVlSKdtg0C4-#iG9Wrfd|rI+E~A9?0zFBtA|o_VlZfDe!%Wu-WypjSSVa z-LQWqPGO>@WqZX7Ig@?-l{@6=7amATmqreH31GubJ4OJ0PCqu1Ms&1h=&m0i9Rm8l zfPYc;mu>U788pW%-0hBozI}JDD!ZGZ+V=;9j!g?$?l0AyoUB;;;-+RK2urxEQO7-< zp=wM*o~B7aM9vk6a|ESy1v7CVB3Hex6RCV`Z+fq|^xjRhW4$Vo9iro1gc|Oa7&wrB zfFFJwzNPG}wbJ|zz%?ltnl+8G$^acYUao0z>9_!T^Sl&}vx<2;dB7hqu4%{MRd8nl zsUytKA35Xe@RtRej4n!A!p3XZseLl_90Zc#j(8KzoU!c$A!KVC#w(#!9s?%}i%0|8 zul(Wo!?fQ*kuxI|NN9FrQHd$2o6vNPqCHA^v+t{C-BZL{XX5o(vjCiUO^dY6(tQC& zJS`?k=mh)s!6JI2gg+#`G5%IRpCEW!>~y9X0&zOEi~B2YtcAhS(3PlqSJTh4%r5v; zKCVzMqZiF&6ulddk=N9vcJhLwy8K?C0GK2sI|+$!%>TGe^Bd$Wa}Yk2wow+9BE8Uo z>N4`tQy4t_ohWBl5Fgsn05bqFcVF2#*_4cBInF&RIIrhY$aJ_c>Us@62$^7EixLT8 zcG1Eq#|-POw?st#_yQ6ZBmR4ltP@s=lAg{Jk?;YV!3?XBbREI+K_q6T0xV&$Zu8BrspS z9lk`NCdNQStSj|2-|}V{Jo@V1H+c^NE&B9CZa)BuRcz+v9!rB~T66X4y#JzG4Y(j^ zp2(@Ub5t#BLQ7$#TmJ$%d#P0~u$$MsE&l~*oZL@gpxqy&W!&@xapui|^|p}wVO=-~ zNsoBKq`ey;rJt$aUcW)}DqkP};spP?)f(!gOadkv`4WQgh^I|1>@lj{XE{62hpz`} zKd<2Ne$aQJdOsBCE7JUOJ^D=kb=XTR8$*(oY>@@8Nz6zT1{EVt;Qmh?`)Z}~-^^Jy zSRr9QPXJESs0Ecj`j_0<`$SLBbdR|4ynIeoEwt?aX*i8Rfih03Orxa((xi~HDb+eZ zuCpR_An1qncu`c(X@lMP#H+UWeBs|lH#{ah415jI!J=(~Kan>X2G1rzxI(3^jH$r}6?r_86w8H@|;30^)`z2U$ z76$&UZ3c|t%SKw?eMdeu;mgeq(mT_R8=6|$ndMfrTW-m$1?pC}-T-9>!d2r)Roj=K zZ|}7V0@nR=AU8D!`1EXfs~E+T^Ohc+I~n;()sNmYjT`-xlQ8a>0KT7pMh(AeSq->j zaXyeI7`3h|dyUOQNCw68}vUAP9vSCmbn<%Yh z@RlR>C80n}B&epXf8R@@9G)QTTw{U%ovRwbahy<~?=}cxzLPGas^C=#6 z8@&wqcfKUugvCb39WmO=$o)+6R;rYv*HC@)uUtHo+M+wBiIiV316KdU;C`EBv_g+R zB6}KGd+s-$$iT!k-XryxXk(a)gycSF!cVAt&+jS^;|J=k(9_C94#s_Vx=1{T@p*>_ zri%Ud4X;Ws^p_c?mCU2Ebn97m;8hvqP+dwg95+I(Y zO7zwR<2OMpv7{2`O=t?oL~*J{%@<#ysLDE8N0VH*gdC z$)W-X!iGTwRDS%-P0GGQW&6Z!TUUIxVqmHvj5m0(4(2SdBtYSuTr~w|8t!grdHYjg z9vpR1nUe0(zU>+=ba-|OW{7*iU+Kac;XF2uN|zT%5Vz8p)ots z{25HYXC(W-WhBOq6k%){XF3Y@JX!d)TzTJ!KeguR{z!@JmP^aUFm$fIVP0p_hMel+ zu$|S`FVs2sRux&^#Fd1pexEX_N!IV=Kn)3h*eMg>@-5rOM&w}YO^l!U%kGZ(+G%gk zL&gZM-!lpn@xkhf7kzCH$?bVHaFZhP?sq&#(^60ypPMkkxJ+l}1IV!WfavL3?#$@V z-_NC138&86gL`xTPs~eXk6mp)c&}Le(GsL#;!Y63vR4Q4=-4*!uPEUBSSJR>nohF zL)+!8^H~U|SnZ?MzHx5ub&V`pxg8EIe_IngIR?D-5$~dDmb!u;a_P++@Os##k7Dea znsmy#>c6YMYLFCe9NhZHBjd)QB|_vtpa3UreU8Cjchj0W%JXtc)C71YY?O3EQYbG) z3x)w=f@|--h1`EA`Oa)#`Z+sP*D)Tq!an2ZKDiKOKWJLF{J`*iT}1W;9%U*_;kz9> z!S8Y6ac_9-*Oj25&Owp4Blr}Rc`e*apxh;xjy7ku%wtuAT`fO*_~x-H3cND)Df?fv c1V3N|Ey<+$M%eN`{;CD2C}_%8$i55tKh1kwSpWb4 diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tengxunshipin.png deleted file mode 100644 index 6aff0dea0b65ecbd59083b408a5a49740e0ff3ba..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 13394 zcmd5@k-G`a( z-_-PU)l~H}Rn=25>Z)>>Xk=(GFff=3^3s~ncI3YU1qpht*00HfHn3kc}Hw&Xu?$Ks$o7Gk!eHG|)lh&h6Siprh&KgbZCu`4K$A z>;_aoW4O@Hj=bFQ#C&9kDvndzp{8J1h-xCmp%LGnU1nrK#LqY zans*YrCk(gr_jTr_7D^P3bh1-{d@9`5z<~<{3E7y#PL^P=Z-OtXIQwWZ~kF32tCY| zn8z7$nkNZYveyrZ2+z(d;SBR`eNih5FKKShBM{2Nucu#|$hWmz+cj98J{_5h_)(2B}0(NC%xT9 z^`Y$wnRB$9QC+_RSISYg(sfxM{w_lc&0&(yC&es5$jkdEvAr*)f-$2iJ?Ah?Fd3U~ zsy35}vcoI+XH>oQ>#LbJzvp)c-bl&Zp`9o2QYQ;BGM+^k_EI^?6uY8z4Qn{j^ zGwM`fN=a5RwXim3zk1s)$#J}+!2MQDby))Sg1o{;A;i|^Pcmv(xd?UpHAPTa?0_T-?4N|ls4H0 zwHCr(J>*-dY)-fW^4>OtUWL%$@8&1)791ggvs3pu-p_oKEk>$hYhG8Q_Pu<&26z`P zmRZ^+i_gcYwl%gSgrQcE01@AjTbx}|nxFXPWs3C*1f26McMmqU>x9BRt6HnJUnUaT zXM^ZJm$|_Ml&?sA+y@T&rJmYU#o>k#Bz^uR=EJ|(6uO=sB#6FK{V1}QoV8+H9HsAs&0AI?N13bQo?^gC-rufJ(Tca;&z z)OD#{@IT@ZZh9*yzmJ43Z9ClF1x4PYXAF&cS_g{DOKte2!!%?8L@cIp5-r3+w2}`e z1Zsy1Pnov-M@M{y!c>GEdRo6OoEagX{CYk^933eYXA6`VPx&&2MqJ!ewf2z)jH-Df zgwmtj0?wmU`I3EYa1C&|y)$UO+`??Gyj$~=^_)xW8%@vezIln2&oCA*o%(Z=mSiMo z%O>eFyOm^KF+FRd_Cp3eQs3|edN*B{n> z4(HzU7P&8X+PNZ6iDteTjPfa*tW|%NED^yvRqIr!rIG9Shs!D#5 zu3M1R%5Kxn*Y1>i%I*&|ukq>bcu5x1m5=M;m&i&URwL3EnzKMANuj!TpOxr{XY|W& zKnX>e)uYm%=%ACf%IC;$bR23jL0MPkjz|^(PWFF;c}MpP)LZa&3^+wgOM3n!>@`z)5@_C1^w=26uwp~A@e_`un{x3^*D*(5sL9^i!s?B6N@%-%2r zHDK@oJf7^eh?mQ>!HuIC{iwrFfOGlhh97{JvB$3I#j3-HhH@CbVDg2>9d&OKspZz@ zr*_ZlR*?X&z+-y_W)b1pOS#2mxt4ZQrmmV(d5cCD!;88Lqok7vc- zr02#A?dok+)U43}DmFE~F2o{2sKj2)w*@o#(&<@Y!PyU2?B6wzSU`aYnffNdM#vfiA*txmQ0Cm(m}sf7=@!Cznt!iUz3Wy0q>zXT+3w8lCdRiLKwv zBYv;WoSWQ#N^;f34L2hTVDD^FJ+=#2h(`2B=VPny4&2*e>w=-EWrqxJcRP6v zppzQ4#N@PE-EL&Jj&EK?GZuastjWrF)7M&j&L`V#)Mf2J;kIx^jpmi33)qM)!5kj) zPDMMP_}YPO_Lve>YerTL`qCu~5;}VKS^Kl-yKn12-{kXLW%_dZs#1BMYLZ*d9dqF6 zeDT(O_x`kCQ!zft&eVZY*ypc~d12<<-`*mU17bb6M8O+LSZWUFG`CrIsddC9*R)W~ zSLgeZHL1_*4W>rt*&7_{M4%TlG+K30{Y*H1CA}h>xDWfH%CfgTR+pgg!y|b<1t7U2 z0%`M|E5m&M_1Jk?9gi4d9^$=dDtewWu|4T*C&+-WVYmt#)YQ^6Ra_i0-aiO^h&{|$ z)4!J;eW&D69BF2Y9`AvF2@ceP*51!qbIoa4ov9~-CE3Bu zK#~9X5`8Y>=M|YmRGB!5>88CJaja+4I!1AS`M_ThfMkkq*tL#tuD4aI!`)LjJp2?# zMye(v{&Nrg>z*Knt{mm|Wa-MS+YM9yuRS^nV4F}0FI=GIObrm8_d{UaD}w3$-fgjc zuN_0QrWgKFz-c-8xzWPQj0`CSzRD&ACr4)2-`Yd*Q%gr8%t)gnm!seG-%i2u8U|80 zR8b-~Yz|AYW3jXWg4Z3Z1o8Vs7*K6(7v)r0efb*xKQOtgrxtXebzL;SZH%{ zjKd#=+wFogL~IUCTh7>N>cnf}3i7P>_+znwZge50Lr?hV&+Xdu)o5nUNT17RoGQ#iUE!hU3zzLH^Xf?*l6QyS%G7fYD4k&}GF`1FN9X>T z1v@T^dyyE*jUn%KiLOEweXI?^9u!)srEl09cZ zg>1@2(nmekuIunadvwv&KNG@x^J+B)(>G5;h7eGdu?hHaQ`ulox%QH7ruNJ5jp|2M z$A(jR@23+QdF18;7vluq&Abq52iTjN7bVckRd~W|x9z9tZZ~V+SA3>mNDHgIb!oa+ zOis^z+7t+Do;Ldzh7^UV-m1Wtd-@eAs3ip>{GE#NQub*N{@(kt{@Ua;t2Wwm0XEAu zUjkaz{_J*Q$+E3+TYUX{<&};BntQ=n=xQ>z&i6>`myj{B|H)=lG{ksw+9}pk@SXg#2j;9=?Lt{z7TrXk{1H_58G(sa1O^ zo)gjsn&o!AVLyWeRK!_Swk0OL=K65IiX7)Jow$)!I@4Yo+*$|nmo&Z|jtKkP;C!$5 zA)L-@ylfZ{Z5o=9i^HBTJ-6T@u+EZUQ6c4e#>qdfJ5R_HsW*I3?10VP$?E0 zEvA_cA{7ETAF3l2ZZ~}LpKB*O!iJr_AV-52t7biX%=c~;e~nI0ITJQp;yAM1`ck>Tk?0JU%YVRH?QWbIA$9lRhmA@HF_$`!0x}BBt#TjQ8 zYtk8^m{5N}4MVkvW{zAdnsGfoY9tg2Fz!0I5H|BA%NrfJs%iHfv3)lZyB4Y@kxTk= z_vmUrFcCqnnd2hc0RB%NGVDM2h8n)^tYok^^B?lv!nFNcgSo2r`ta|3mWn+UO8TuJ z9bg-(U-qQQnxg36-gWd=_o=?OdAIA|;XwTrCdr#7-NC%h%ue&kxexhVVVrTu#C+Yi zo-zYwJltPC_*5+i4#y)JQGZ;BR^zQlY!>y$j*2nV%5nMgzYI{ke2@rUiXBg}+O4Bi zFnc2Xz(I!~xC6O*Y&t?lI=ig_A2cIFz62dK1ivQRP-^Xn{dDOt6Xtj{_p5=vgeRd<|i7eJm< zLXb+=od4D<(k3G9p)-!kREm`wNeDrRAvlFUjN-!C@Ke`bx7NL{0M?>r{g07x!{^#s zulXR3-Qn8te}qtH9OPN-Y$C&-jp8mGy|IY4*2X>0E%~J_Hx*wx+~xjdpw{`V*uwIU z?RQ)V9*S(*B6@$=1fJ|8zhmLZqzK49Dlpip9w(Q52wv z+EDwN9idfuPVFJTR;b`sUXR(J55-V3Wuw~--|CJ2RDaw()JSM>HUCvj?r3QN*cb(% zjCbI6X1(Jq;H&$ph(g=nx;+<3+>`75P!ey1#Dk8kciMe>{0IpG{g|s)L7Y$lopm@B zc%%j?i$VcZ;hS7o`Dd0Vs8N@FkT`C(r(_&CyK6=-U0f3`UTme?))UneAPhA9{r7h$ zGWnG1;~@#pnx}OHvl#5$D!3d36~lwmb#1O>c@Mw9lddWgAm$8tJN&C4yifh6_s16V zkiVitIH*4G@`t~sqfrTlbe^`+>i*ApY;aAA6+bSJQ^KhE^Sv@Nzb~TQg5nq2k;%J- z>#~J4Z{1uM5FE%3`zz(EXk4dtAzWy3c%@;O^f zNqSdb%NZ}2Z%r_wZ;VgvdJMezBdtYNUU^#L^LfpwJ>xKWC;By*m-;@)2&~ zu{8ippT~QvnP_9Ftc{LA*QE<<{uXq4W#?eZl7B{(Q4^O{!DkNn`iYZqQp6#F*z@VP zM&+nItVCn{VIuHbYK9jdH((jK2nsy$(yo?J@hVqn(TEf5tR)o$|^&p&cnM6z=npLO)3PuJ7?n-3TaC z-YL0W^XoaN+(zuKhz7}N~*-bi}0vMO|I zw(?V=F3AaOhy&n9Vj$NOP_rDC(e+iPu(M*qiA`>{*m$qBUbl*7VX64|eE$;j5Sqmm zSS&#*_zEPIoTNa*6L2`Jf5#YDt0p@~p3yX|0Fw0oREd(UdUU+T2eq`^&p0?{`gmr5 z(511pK}11$ZPWGH+#M)atGkbO70z?Blyfydrxx?Z%I{hiHPZ%xDBZcudh8jEhuBgM zhOykhd3m1Ijv4sx3|)5&x}#R&I=Z;hM_7wKgdUG+8I6w7EiB92q8M2GdCjgH>B9+| zI>Ek%R_5gpncmGWis;l}52Fr0-xaw;1u3F1L3_;G6D3aXx8JKZ=3s3mDrd@v-LPux zT_+LkoLO`!tHpd@a$Krf=F_5;G=SEFhpZrUWX!is_=9v{pP>&sk+vzGpK`V%)uH0% z(P`Hnn9`ft^!KwZsV?^w#@*$%r@;L}K$llL=i$dk8#>81wCU|pxV8Y4?hH?cS)v=k zl_&YbY{)a4QKPrx+&`D|(JDQfB#=x{VNI2Kd$UroB_I(RqwzjCbH1{yn3{N_aRk2` zj;+ly_#ql$@#X%u8=dUva1r6;9^gUh?WGMnk6E1!`kFk%Njzr@4G1yVk&>8JCRZWE zK6JOrd8`6q@4`%-@Q1C za`2~w!sJB<@#9Wlsz&b?Q>-+w3pfn~F%ON743Q=bu1<3|JdtG;+KH=a)c6P}*+26H z4yy6SGruq*X6_mjttcd-ehWq{3}%EFsevq0)H?Jm*8T;oIYI8EmYm-#_eJ5c`0~KZ7KQC|cvC&cW1+bKQ<4C7j3)LKQ(rIMbl&|hEeGHADH`jJ)wieF zjvL$f^is+)}N8#$B&!DK-C-s;(#Df=OYT{);*2W54CG zyCF1W130jRsKqRVB#7x}cVuk0t){HG&J3AOzI-{q9r`0RP^ov)e)^EL$HS0a8;@)z zU(5zWMnYnyXZY(;F&Y6pdI&U7!SN+h2%|Sr?SE;Fq8Y4`3jbSq^rw-(THMaTpwZUx z-OJ4TP+#|0MmUp9`5hLWV=?`9Opy9g8MZ1l&d^p=%5<7x z_xF6MHScODJ8;t?6{0)c`YV`wf zSx3(KdeQ5J*GMZZ4jU)g59YJ-+wFAm=?qd?dd{JXMgVRe-g>EDm3}-t3cm=*tW!1j z`(4`Poj&1_`T4`w-5q+#r$BXYYM!nf!3=zMdtzKu{+-rt_d1}2>YtyAB;^X4xtTOMR>V^JD5dtM@TJzz)paItQv|xSOsKRji?+OL;4MAPXlqRauIbOc zynO)WYN~am>mdmR!U`r;vd|oc=uYBHjdz21tG~s4%IfBrTq@U+Il5+xOvkkfs&x|v z*{rRo++7<;{lPFmzyWXIV7PrdjfIyRLm4Wq=K?A!8$Kyje} z)JJLjZ#D1_!!Q`AA!ZZOgoBnPO91VIGIdlyx{QKHnDk+l7Da&Z*DnLNC)?l!g^ad{ zn3g`K^{g+;i~5UST!?O4O&92Kp}BQ>bHA&#&k{`X&bO@_tN%Bb@R0P~E`RkMFcRr5 zpH`*}auy`ZfAS_YG%%JI~yxsPI@Xe-X1R9>omfx_Hj7__!8~+RefrfngK*DZoo+NCPxU z@||HnC6riEBa~!$$8B{gmj6>c(XlN;ERl-X3|C39|Kw@YyI5Z0sHQu0ue-LqWvUF> zNJ&Xa7g@GZi7#s*<78a@0fGpoWIO4t)#t<1!K`Yx0wfb0xYw_er2m8~Meu-T)uer7 z&w%~(2?KBH#Z6a13{#bdXJ6sNvq?}EV?q^gCE`q5lZj&?R1U9_l z!0mku1|i`macTk0<^$704;>lNCMPjoHny9@iL0p?l}5=zI8rw%dv+Kbomfz~8Be~5 z&um{(piD^_N=lC{_4dOshOgI-oX2bhSI(sX=6AVjy+2W?*jq>4;3|5<%6aB3_~B=W zCBkAnqh(AKvD@Oof6J*@o4hJI!)Ik@7n2JwXur<(j^2VG5K-w&P}S<{w4Gm z8|Wl3K@~Uk=S%CTWeR)QZ)rv1^Dh;XEOmp4-Dh96*|e0?@q~Ndo;OHc+D-1v1}j0_ zZC5efvC>!y8^HQkvR?Y&mY8#RWuoKR-VND`cNKQfdQU34zw8gHz=od_9Y%kU^pD+F ztqb+57rzDu?A%$DJHmao!NL8PqyJ33fXsb_L5f|Z-905D$;!{%G`Srr8(yWMqI*2m z%gX@sl5e8=oH9EFUBYvMCm);imB?d!l5=3%6GQRmL%60fE-c{!*^)kxWz3!cc4CZP z&+T&|20=k0TT&>K%X?lcah9Vb6LL1+E-+iAdEx#<$2Z1I!%3{NG=F}~eC^?Bi;$>X zmZ)U`lQu5g@$)#}rwDtH+B7YfDuMOk*xUudB`kYk34Vuk5+aa859fI8;FJXi*c7^) z4pc-^LkqU71o)z0jhq-{2dAL(Z^k$msOm|_nI7uj`A#dI!vrSQxiCxXZ# zMZ*1Z6F$`_Qi;UeF>9mvA+YqrMT<(G5!9#Mu$V-mk>&?zQ=`y7u4 zTx)adPqt>cQ-H-Ri44#G{7b;6`Y{q;EK~4$`r_X|3xrr-O#-p(4?Oa$btt^875$XA z(c0+KvX!TNmhy7r=CDgXCtmiA)VEv)j(9{@3gq?YJ|M785q*014a~5}F3rd=SQO~H z70h1tT1Ka+s5*6h+4>gn5CSyx)(2jTow* z5@ot@1q__}jG{6xg?EyeW*JS!hArzcuHd9zJaO6Sw@PpdNajd2h3(>CRuA0Mf~!i@ zgg&NdgppJ)R>s&TY1;Eie!i#vbaYHq{*$g>wN&B;C1#`bBMXbLjBlyoz|uLS@i^QX zoZc*V45(Z%+_754^Xb_*ZOYG9w#{N~(Sc#d8jJR5hM06OJGQK3sI$+(*ZJq%;W2z4 z)x09<4SgjRJ@ZO`XZv(8!Ow%A(?D_UlK{RPw!76xTi^0pMNimqNwFyl#pCk7I|%v{ zPs)=;w~Na^$2jj;&NhNirE4<~9JX;!V5POcg@qPz*1y21KYm{L!gX*p>iM0&N-VSmb)-Cwr02+S#2esrVGWi7*|cH_1;dp^33;;NvlF?{u3`n2(6 zd=)O)dKf2epYIt%pXT8YC~GKms9*n7n!%k@BVNLCD(I=ooBf>VZV5YAEae}&^c0ZP zFKx*~fpl(ed#%2wNeD74C3A&AEi9#zHq4CGvKt~tF`vxBuMV^0>0}gJ|Y&ksMWcnmiX{~zxZ3{OmS-E21aoeQj8rNO<1E7?-*zC8)~@> ztHl`^SKI-mZ!ui!rws`@M@1Cq!Y)XHl$rg|SR=9NOf zMPX(9^>sW3jDr5TMEfggXP!3Eo7 zk-?3-c|M)r3PHmK4p!vIYc*f5!jT`MNQe(_uxU5z2zqOd9{)#+IpGUFQPCu)&P=va}@a9 zWBkZ%<=t&(9hbb^l_6);@>M{hfha$w_Wlz^{vR^cq;x5oI~}+h56G!xBQ-^?iGw1s5l$mV4$cb*3>6KNolTq*I($Qa^Py{Cg5cLZdBwSS(M)=Ib!Ns8AVWcg zRRRfKGUuPujN6|cnhO)h&0Iy{5?7^KxAU&4us*!*1TFKiDtK{2?&&C!22Y5mee;Ys zl!ugub`T)*BX#dvt?(sD>%gT&u?QOxxSTdTmun3DaXO=_<+u4rqeeKUU*Zk!26OCC zOP(m&(^Ll6wrdl2(Zn5NoM#U(mmC~jw`}>C2lMw@Vk6jH__Tqmd{nc6Wb0f}937|D zT`2d8IrB#2ii^3$Sb;jiyEvadT1%!YWof?i>>rZjlp`r_6= zBmbl?Qkv&bq%YyY=si_N5jsb`3eP6Y;x(BJI>QyeW^t%Vh+8+3*97AMOwTYV(850w zT}D9c-%YFb$`dj&A88W6T+EI!q-%`|K-y9z$xb=*0UF!@B3$4#Zbb1wB<69DaqZ`x z?(n+d(>mm8WGIGvDql?5gnO@Jb(};djxy09aAi*rbCWJUKw@k_b3r+?@|6pI##<~j zuPVAYKR)m)@T=F4xP|n6L7f*ZP&iYS@MiQt24`6xp08WNGD~z87Z(2eaID+>8v$0* zzs`>67aWEjwMI9h9pds!1VDgm5|THmZXfm9mazGxrZ<~ft6f`kl)DBh5O>V zXjS6oV@3%>R6}tJa`BAAD=yb#pcRS|l)-%IH#%#3RN|&_9f*MeD}z8R>^mOg%iMO| zCOKv+P9ZM;{fVh-QZYvS4m_Ta(!apgfj9i3l{>Pe&Dmba;;hm}@Uo+Tgmjv*&2qOw z7Xji0dFvcIhZ4^tFcP49oI6hM|6X1#Ub4CHjEz{3G*rq=``{tj&Yn5wf-p@7gUEj? zQdH5OQU_X%woI`U<46kLz6wqD7r%#$6sfcn^xj7 zX1rNW7K2JT9A2gYDIU$h#o__;e7k{6txsOPXRtD)#coI%wvbLNZsKV4`o?a$3RCuo ze8x#zsC$3#E?9R4*?5GfGrY~7dQk0_lv-gt3U{aTQGh>)Day4Hc`Q@Yp~YvSR5U87e;df&vjJ7sngCfd^F@8{}EX(`C{` z58VmD_hDVLBpnE2)VHqw_(%ajjKGD0)-e;doz0qf$1K}1IiBx4LX2(BhuyNOl9GHv z|2q9$61EmIybC{o3gz<^`;CuSY`Y7}j6S~TKljvUwRAYOjDC$p>!!G6MTy`{s*{e9 zUH3qSS60enFZe7pG_*T@{#M0|kwxSqmA20Ct1B{ltEyBBz*+f&=C2qcC2B2AO?SVJ zgc4Fcu}<|PTp>Cnl)|e90sw}$kZmCCV>u5g{jL>k#)enNm~}+G-&g8x0d7M_FiIjQ zQPiJ+U_67Xh%HG>%{nU{XAtTNDAs}h=@^ImI7Q5rb5ma`#ed*$592|pFCW`Z!aT$C zB?yzx9$q2L%b>E8-9DHb*;>aP@h*bcV;^Z0rdc;E(_=o=?nuIWb>v`ut@119TO7QR z0#%CaFd8@a6~X)!qJGqG_EwoeMe zl5qas+R4-jXn0oImjMY4keqtznBAcH{M$GV;KlBhK<_>$H7~^i0}`Psd{k zh3A(in4?lo(#!9~xuiD18h-eMki@q*(;dqgH&Hu-#VYVQT{Rr7b)ZH_^$tYPuD}=t zF<{SsA~a%MLc!^;E!_C$wYm!rmon;yjL@TNq`B5^jAhM;VIMYXc!idc)-~z}f5{iy zn7$eYkp7_jm*gKEHD?tDlU{cyQW^*Zrv3oMR(QO>@A`}f%IUo%N&sCe#pKi#*I z((!0xmhb_=7KN19k;mN0&Oa41oyBWeJ^Kqx(iRc9+mdMh;``mopPQ zx`^s?^VnwUK$M+n&|fjC!M35@1~r|X?|aGnF`vfuB9}-}#I^lJpuV4XF#`ZTs@wn3 znn~>SX08w#rpD7T&?&srS%yQLK#u+9ypS^u)lP{UmewMX1FW?quEZ)ws6-By-}j-Z znIcKoSDLTDKor>b=$%yhW2x0Zxko-Gh`KoHYm43tP{jtqiUYj9kX~~fxJQQ?=*~n2 z*8nkFFch4=LbuCgl2qegkcmXbPCXFd4Z|~oq9 zx>KA%FE2`To-0QmI4eS_{=G1~n(S6mH5IB0PetszKrPjbtY;zogYll%RI+ga&l@ld z(D#8DZtz?U{qRY<>UFPOYtwQ?0k$tHb0DF@erI zM!w(QT-qH!4;qbFS9?~;wYW}xF(Ja}#Th~vajXv-FE~!?q|L1O1=5s$DFFZV83nRu z!u+cw~{^sQtkC+zSVCAjPW=C~Dr3u?!B!1$cPH(-&bO z(4c*4?RPe#u5>!0vp`z(gX_b!9L<H}Yx2gzi-pBbgHn1DX1!@3IZZ zam$A`5ICHmt$nH$kxBPpz&DhsI^nZ}ptU}Sp#k>Nsa9HN?FeePhaTrLx(fVEYPA(_ zDMQ_I6VDP+9akbkfa#Hk5Z!7_d1bZcn@p1p7KyQ9WKt~CjzjcD(hP=NT4xkyN71ue zSJ)?ca0?~E+e38zbdpr0G?HukTrmhhV?*vUcG`rTYbU$vD1}M;qQRq0rd>4Sla-(# z=x{3kZ2dJEcc^sBFg-?Y^3LbQ5K_k^4WXz*j??ieC@Qg%?@{x~Q1fkb9Enj$o%`jQ zS*PNqtl};~$DSlruemGM9}}Rx@B#g=ok`k7%lGQ?5y|38!7LwUxQvxh0xT&!sLiueU}=nxArI%YkGs4!?*I{ zosSPMjK@iz55nP{o0h3`R8Rg5&FcW6u9$A!<_=@>q;wu%e9>M~ssS#aaBrX^l)-y5hWu3{w4A)*o}2$Ll16}czU z`F6+Ms78T66xXhI-IoA0X)z#-Dn5@)_fqyVMf#@C^ce@5;`+#Qb{V`* zH$0+4Yzf7q>lCfso^oZj!e+jcj5{7^_UWb&;{b);@)zAtd5cdaRyT?2vJO#2(zZ2Q z7<=9)$pk5yC+pKFcbATnaG~e(;mO%pd2<169elIB_i{BL(0W6&1h)o_u#ipRXjuf{ zuXC276#V{?X2_oT@E@T^^^cV5L_dIaCj*q{F*u%Fcb7F2UWn52Hanr0aZ53{pG%97 z^Hi=364`9<4U-M3qEdYZ$0U+Q5tD0zNH9vvV*`^#wlk`0L*&Jb)jg!I4in@#nB{8w zp5U}-wgeN_gXl>N-sOAA-wC(ohHSvogdsDkScRI!5?zCV?U#;3 zowbw;$nj2qPWkfqz5TyQRv;wQp5mmV6XGtE^d%5E}?2}(ezgX}gv+h%YUDGbT7 zVe}xumBtQgS^2_{RWk(B?X_uar@5!?)~rUW8^VT+!b{%xQ2fa7a>cDN(H|W@C)gq1 z$m9E>>m-r`40ye7l1E#hnIRa7*-44zWoC*7uA@qAc!V7Fb&|k!-+iKJ=&27D9lOU% z+41@|FJcJCu17qNvsHE!2v!pQmEqK>x<8@QLJNEUj?*X$di z`~g0}DingC;Uk)qomxE6)YnTKXD$fvy0FOk6F!I1(5UI^OFz-Vy5(hQkOh1D0^`2d5O%&mPZu*&dsVDF2RG*B~3${Iblo%DH~ zLXehzhA6B}m)@}CwzQ^K?)Zlf&yP~cq;T~y)MV)uKTXO|_5^7C2m7XsAEGcmw1Olz zrrXpD1g$@j2c6S)h2=u`zY-^<%{V&1bOrduVDBW;zDa2))wZw}w7v`7%$nWpkgqkj zrG-*?W|qKbSJ29o!z+_wy*i%%sF?@H*51C*dJd0A_F0zY%>Ss$H@6KPBG8JG_5k8T z!V~5HsEkj3D<)J>228r+ZqU3Kp;RIKz^;@35A3~BYuS85AVyGvhZYIJD9ETv*L*e) F`yYm4BGCW< diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongxunlu.png deleted file mode 100644 index 772dab0fe8ff88f6a16fb0223358382bfba8390f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5551 zcmb`LXEdBqx5t^$4Q4RWW5^&%FnTv(^dUNtXcN7QE<=nGU1UVBK_q$!Lez{FB1DAf zy-V~6334azUF)v(e!m}{=d87#v)4N3JZJy*{_l8011&llb{Y~A5;`4ilreGq@b96b zAik?DYYK=1sh_cy8cEFv=Qarm)Kv#{+cenbhxOw+j){P)5gLyffc*+%KM#EGGn^T~ zUr)JE^S!rh-2y?X7h0=M4d#D8LIPw}JAW1!(a5S6kxGikWZ|;td)i-FKQQ4e^7=vM zPChka_=^8iqifNHOKvF-9Gp<^uOR$!ZC!bA#(Mrylf|Rc!e6l?=Oglqt&8{OC*~hf zKcof{kQNl$Ef9)m+#VEKTVd}NO#-)jf+@ZrU_q(=?eP`{M8jI?n6Z-r z1q!wu%v75v4g(D8l)N1FCpvyPHr6c(+>abgIkUf2#C20+W9masy(*Z z$%9&0m)Opbm;Rv|T4vMC+Uec`1R5@K z+KmGQGWuaP3YRh@AqW;*0*lL6%0$nfQFn4XV28^1c_4DR5-O@y~7sg8v$eYTX>{p2;gM_CN z%4Vx6(?%oB(1~kZa+4kY+t3coLBn2!Pk>EIVnfIM8{Nvc3<9G zuSR7#>(ugnVg^~>0?RJ>#rtwZEZ#AC#F<%$SWXCyHxH5sti%dJ_TqqWnLr7$Et{S5fRoyLJQ{4`n{r8o z$ydlPV626RX%vO|*N;-3oy+G~;Rs>$25iNyL4iQt?V%blOA^VOG|hNqdggQ=5%@8v+zz#n3QiqJS@!+4@i z_64AupQ2NpPHFt+(o5$dDNioTKa|5CNiK}Ukmv2P#4ESJNjDdXYdgKQl(Ao+Bi5%= z7JwAAS7wdvt!K&o$CU3M>tx*dqFu{*Lfz*FR{?kJY(p0xdk) zOSYsIOfz?nbpbUx>mmlXi0fkGq#~<&9T5Ci*|ma}d-(0%Hqo<<4UBW}fQ#E# z*%VWoxwew3B9o3ym)GgE$nY;xDz9moS|OI0vJV}e3^fWtA=;WVFV#68=^kTK$R1)e zb(@6fAlei&8cA*L(07&=LVZGo1JRWJ%M6k=R1OF8mr%)+N{cPqfR_>qBQX{|^2-u`+7d84LyC}3_MG&<9FCVX3N}Xp)Mf1or_TBpX(YHos68_L zla0x-QGF3DQkICrD=F4|ECo;M3R&h9uD0Td{Qv|9-}3Rdb4jbeJ&_$31=cpL+4MV+ zc8A~IZk2}O;2xL7z6+0?NxO8nCdcyF^md`4C~|YgBuu)P6QS{q0p4z{&zuZjJnohL z6h>e$ZZQauR~1P+v~8KqUDSArWiT=9F;tI38aG??Ews<41n6ZO^U98H{vpN6JTswB zu4d6b33Vlvi=i&Dg$UBu6+{TgX5O?a9y{E56!eSVi%M%d6e=&!ck}l}2*sZM zPNwXmO7a!`gP%S=(h=D??7t-W?;DAY?HHVSrHk)hNxsX)NE4 zNZV=006OcHK)htGC&T}7Nyqao?)%Tj2Ja3-;+AV)@z0hjWuyaqE59?b+1~l;d%YM5 zgY^%%L1$jHw{eju7nW$Xjoq+m#fTHx)gIvuTs>m_SuS;#F=M;FJmNCE&utk}L$7xN zO&<&-9AQ-`kplt`-#wU3@cxIoLUeS^tI-NC3d!aPVW}>r8V({*MRtVw?foo^W5Vpe z_l1mUE_iRcx3DGY1@y6+-xnrllj+=^@=jF6jD2M!73RTf!fL{3Ct~97@*4kXM)7;!=aX?2 zsJt_sIvKv`2ETbX<3VsW`W3&ndu#NqehzkKDJY$H?)aFVN@Qng6TRR@A33L55+8{Qcw8fWdQzQ(HJi2M2@TRa@=j!w zfT`U&-Hpe9!)#BNh8?p`uWnm-zlG;(Wj*->WW(3w!B()13$ysqFdOrwO7YqeHf7RY zW4C@SVUP%VexoSy2TNt|2>FYSD){z9-qf``wqv{g+%-G6$XM5F8lmH74(J3V{?KtD z$Jg8Pg`*JgBNncb%bR+3pKkbzZ(Z=QaZ~PnqRmE819lk9{u)Z^?&c^|j#k^aaX7_{ z>s@tSGN0?U3^ScS-!{4}!M#0i4$<~bX~5LWi&Q?|HQc!I$h(#bF5IK4dA%aDXP;W| z_}SiCA`$}{9?k-XZ-Wh{+MhR<59@5);7tu;I}o|+*1$rlbS*>Bio5Itf3EGUuufm> zpT!0kZ`4m6)++mThYaI_7N$Rzk@Zyzd#={ka!}Du6HRNnI+Gv(sBiQm^LU-Ujhfgl zd{^Myd39|PD0f@BIXRdY%+WSElFj;ULg>VCg0Jx{Z360uXJV>(IUeb;JM|n(E%(Bl zf1N{{IqXUb=zi#8Omz~0Y3fVsx%#eAniZC z-%TI8EQM?B&7vge#QRV+N#f{>veOb`whhL7UG8Po)z7kRKhqoA44{xrOSE8L{qwaKKf`+ItQ6~D z-X~-`9If~$1WF^fQ!crEZWCzJy&2^TjOYoSreE=^B*&~_!Gv!;jMkIo@}9oo?%?EI zh{?yuer1Gm;a|pX+n_;vtrrpXaw}7-`zgoV3gmO$-G$D{dhX=LRY&^hmKmxS`g7ov zFO6JmEc2s(ekg%!fm!zOrw+F}*)p~X4x)$Evx;+zz@-~$?bijF4_?AovN-F*+JpRM zLu@b5CstO1sgOd|Ws)(qj_lBF*Agb1TjCq4W@UeK*hedmnC|BLNUY|B#&}Kk88wby z&eDnS60}&)-iBsRo^VwDycx#Q2~umd6@gw6B}Vnp1gb@coU|U1BPY!HGWHd9@8*{F z`j*Q&+6I(oEjF&6jrJ1L2_dxwXf}>~SB@H<*Tn^^Xt_tLc;Z{U{w7-&S}^(~58h|& z56!32bK{%I`|Q26;gznsXXx&QakIE|m7Wz!?E?BVkI_qH#6aH#xuM?<1u-sTN?PG` zW#@zDU;ObiEWl2Dkm~mD{L;?LnR|k%#iPR02ai25dFGXdjbs;ZMMpP&~uW^5KVlH~c5=F@)kCV4woQi)mLmw5H= z9jok-aW-|?z&{W_e_3DufrNuUS@$}{--I>YPZj4-u0aVQT(VZz%u`vvnuQuhD0~)Bxd=-ZiZd2~`$TxQ^ z(isYI!17h4W-q2b7wF>n%(eN;nDlQY^_8`y`#$WEkWZM6uKqCjvUZ?P9SwoA-%r0k z$mv?0>$vf64T0fFMc(LYwlLLF0lIfGFLv21U*O`+CMIc7Jd5!~RUMDe6~?oQ@c1mW z_kGZrhZE|KRFgF^g1%m>#PTtD=`81HWXjuT+YDncz7M~2K#Hi~1}yy3%-@c%3o*B- z=OsKx=q|j%k`{*i@z(fbK)A-{H)8IHG%^CU^nz4ziPB|s{d3Mjjq^Ftv+?iD7IdRS z-W^@To!B)u!JgK4+lz3l;VG?wb`qkHp(aLheoT47^7(~O#B{|$*~*#$ta>ouX(IKT zIB|~Xp7(OinU|?y;bxZn!W$Mp_PpVShP zA;?|?Y;6}(B_rG|i%dkK5z0!w;dBJs7(R*4-L~E1Ff!~2Je?Pu=D}bh(w_#KbJ_92 zEKNK~nTOy&<3(JkTS*+P@f-nHPQ-8yK?mEx)~7EBrtAd&+ADP0IQY!NbzWb$^a3R` zx;ajAaakmXSNu?v#Z71-Q<{NSRb*-pMvM>?WqDJ1IA2GJmfOAvUj1Gi(KSfWY2!`3 z{j`iHWi;BGX?1pAO1$1N>8j15e4uJ$QPJ+P$b)Pvn8o`W6i- zF%_kvaqKEYA<^^Aq+FYaD7Upa_lT_nb9%?~;|rm-7>Cf^pLI>y8PHy&AxOn!B{%f0LIC ziDfFm`o0L}pYFcv)vXtI=%O3s`zD%nmwd%Mgw1GI^;|8ci?Byh7emdl%V#xTovBgy zjqZ=r!;GW{o~~B6!1J>P&6WaKWsxz*e1#_9UPzLy zY-y|>2AGZ^y+@AujwJ+zJji1*cbT!jRWSMscvh8Ex9reuj#Kgq-KJ!!DbL*6DDUb1 z8N$b=f)AC8#mH1Pn87rg^DnA15dT434zdC(0I5=umdRC@{q}k>VPBrl?2Z7=#GUsEJfcTq7SQ%-fzp8+%D)X`c zlY4JqORf6-eopuJ$I$=U47~Wch%W7`!j-Pu+cl+6WXFQqLl#lLXLXMT~3V{w)` zsMmjR@+1YB&8%(udh>XmMD(jsqa8g280~29`ukpKh0t&na)$Rjh$OaB$lT{i3XYN> zkzf0!0!>@WhmTMfzn>4MYEB1XZ-|U*yptSlN6rM{g-PZrazXFkM&b$?56%s|pYD8E zpuwSH+RRk4ixqYJ@unx4K1K9uWRhv1c93R1=hs|%nXjXz`?*73*l}6Bs1+(;8d0== z2nJJ}5?h0)C$Yp9;xhycRQdq9_y5^bv{zO?r5f*nuU{(J(;O IsM$sS59UG?l>h($ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/tongzhi.png deleted file mode 100644 index 921bd1440ad5933af6385fb0af9c9a7bcbee5a21..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5943 zcmcK8=RaF-*Z^>n2r*-CVpBm;tBTmMN{x!zn-*=g_9nJkCA4NsDO$BRHEY(YT|yCi z*H%3FJ%7XVyg2tb*Y&y2{W&kr^*wj2!9z_7QWjDI0s;yxq?#eV@B8l}0pr`RsPbHV zNBGK6Q-z>>m~E4QfZ64&IvZ)dVMYfea&eH1C7dwj-;;QHh^be6QIeAcZ?Snx(81 zTnvMcV&x=`ba?ZS-yuU=G%C9ApAua=>uq{4M@OacbzqXOm(m+|GgvT6EE;^|*bZ7A zG@fdRY6JhF6szai>9K2EAbXati+>Fc+Rlv5)hD&&6~Kc)u&=_v%iIO30*gW8Jx#w* z^`nO3oDM??8-SM9QsLTO?e4FZFv3&yS>idREa!;@`*xt9lIppl(FMeLFi-Nx-DAqO z9h8d0jZOqH;c`fxv(k1WFni7Cm(-mn2^Dd+jg{@e0ZqcR$hqTk`X2coYAI9p45#&k zI+I3WP zb-Fp!;npIRw@-ZB0f$0p+*lTZf2Fk~`h&Y|OL_K$!(17Jmn(-q`6M>0__rkf5fF&n*W6i2w;q~{ zXD5KNU^V_^uU8WjJdYGj3y2T)Ofw}iFb%ll+1lCr5rn5IGaQZqXy(zIm(#zx?3JkA zT;G`FJm1%atz_sGdi*$7@irX;=iY$k<2!RxkBn6DQvc4WXg zgp7CmHtck3u4Y%rhPeRljPlUi{$hMp)E4(>jhoHHfK5q5E(sG@pMMkHw5cDKU1%;r zVM=HF6l%^I&go8OkB&EkpA{aPwE3x0ABdSjGSYkjW z3b!s4Xgqjt{BP*nJ2VqP-OJbslaD7!h_x+_gd>rqp4d#rJ=YPIO1Qp*wMhYTq4k!F zo@`&-ZnlV2{3IHm=AGb4Q4ydrE@s1$=M>i9oQQQz5d}Xi*$5ToW2n!`pP1qVxNdwR z;neLr7Kp`#qw6N6;*Wio;wLGfefIQ-rO*Itn4SU!?hC@|{tKL5&1#Waor(0*4c3&? zgeLX4yCI}s2ySwyIcx_|kOC=P=j2VnazxJu!F}zq=)sP$n$=WeMMI{uI>dW_67AHp zZJr1HuLLY_Qo;|kGo_EW(3}Jd;k`JL3<=(cu!Y}lLE^xMZ-;pVb^9I_gvdh!JQrkSAkHQkCW5WwuA1 z^#pkXnkV>Mg_EOhSUUp%%$~vqiwO7`@!TX(QKz_)M}}v&C-Fv4E)`?3_q>AI!AM_2 zPG-i`nc*<2Hath)V>Am8d#u_%4e)EqAar_}cy1z3{@M!StC~f!4(j3F8A+apI{c!T zpKyP4Q_t$w`aL89mD=V4*?B6`at88@diV$8p)o5Tny&eXGN133*~Un0L%{2q^vZX@ zbZ(9Y+<9GMbl9iF8g$_;)f>yGz)AkuiZugGI5iX*XNTz-dp zN<-?kbmt3%E}2XJCia{>w3QEPigBipA#M|C%tR&jhYmh%cGbE`lnRUOqb#l5`DCutB zUN(=%b3bvB@qOU_@y?gg?2|+Uw}l6*0jKmnTkv3S ze$vZxj^Vo`tqiQm8vJsDWd%Sks3vSZq$|-OUk2h%K3?BDeqYJM+;s8}Ua7kc9>DFV z+(2bNmpwNH74SXZj~gTz6$Ui&ijzlwkmrQH?jNuY&P^YapjKLfX(}@#CL!F zfER+54L}1j*AqshQAR;7y=>ZV*M6(WyXK!BatE;-Gy z>Hemx{(qC^Fz1b;2g5+@{+VzEVe#kg8%rgMR!&=iq_z+pc(dc<8Qwx{UvX%R^vGCKBI&iE;`qIhw8|!=c!$~FD-Bs-lm~W zPud*;CG`kyuiDqwr4_=~g?zy?x}U!$zl{ne{&ROErieB^z)7f1>ck_>^!2WBV>srV zq@+xk6VXaUQx&Kpo5^*NOC_Wb?Ycn}v;J;ppx33pN<}WSI6$&! z60;V1kd_Aj=7Ah6W`HAd_l?}+;wqwg(2nPP7HVF6IrztJ6iBML9JJR@vEHwX%bJ6<^x)w?pL+9SPf*ej7`wqUbuxWUMn)zFA~u z113rIali*I-Yg1T0*aQf6&LJaP-Nbfm2=qV^;(Pb5cZLVxJa)%_13JTuF}K@ZeLVy zzpbxWVb$TL#0gwdHMxLy#my4oS;~P=ZemYkKaw)t?sKh-t@T=N&~P=pL8)w!J9PRg z5RH$jQqM~w&-k;4li?ebJ3zH69?D^UhQ(IiU|tP>IP?i{N!HG6Yg*a+vp*@XVZHc( zd-9QMr2e3ya(Yzky;YosfG%!3K_ai`=xXAn=A|R728Gw&~IV6Q(e|>s;r_g8{bg)C0Sr z-W{VRsgdPUzM=)+*Lrv$z+uO}F z)(7Jo<%h-)XvuFzqh0&ew5|cg>$-Bl%N~ZnM8oEIl$FV+?JC2{d#@QfWrXQ}&DlKU z$M8A!J~j<&=(IKWOE%rW5+?bU61#4d2wqGq>M72Z#quq5$oF5}$PYG=cAp7fQgl~^ zXjq(-XCW7WHNx1(!L*{b$V5@4s?H%o0q1M-M0a9C{0*n3#i{3c@Ng}+vS0ZzJGA-3lr5Xxy>NVe0 z4wqO_6+B2dfEGNkILpcAPlk&!{2i+%&qVl3*GgBw@kDp%_;|5l2G)fsWIbU;G2la0 zHe-Rua3FtjuHIJ)I2k@XOXy-wl%51ri%sf zL#>O*W#oV`i%xHazWy8tuL#;Z0A6^EhL_q=DTWA(|ut|8-P&a zHg-qI(1$Kpp5~i*a|G&i2V6S0s0T9{L@q3E1_#u7t5r_y`IlL?+dtR&(iC8Vb^w%U z^H0U{7}6q5#_j%_=)&lS&{wBpyA+rOJNjJNEM?N-z;Q}F*kpgtBDZ*$v49YN^44l6 z$gtmHM&vPW+)fhdW%ys?IhI)XL7w};5`DTSk%(VC;}oKw$z{U_O8HlU!$FgwKf-Dz zE_CaRy|6^Hj>_innNAGOLFw}c8gb~RU%Qr7-2iosLnLDzcm93SRkpMu#*hJvClafX zQU(%WmN_-q-e10%D3;tA?e;Cf=Gpq>H%=c#}8-2vT&g5U1O zim^Wy3p*D}*oMmYdB9Txw4EC>fG!)NB;P5Smhag4y&`Bcb_v3lc1h}C5}R%3?xRbB z7Uj1R&?Ek`U%j|)PlxfnxSFzP1WOamp97fP&IM0Qx$#m_Fgflcf^!jup#sm*QGTn# z#|41%=qgv3r2gGLQFy8nc#io21ehZ^xlfc!>(a*JOJ6z9>0-*%(gc76VNn?pA9|A2 zA}d|km5uDv9G-thuP~>Ql_Bj`!Au5rtRm~vdnKu$26Q+ zrn^j1BMUPK_w{??XvR_>-{Ex1P7I5ZhAtaFO#9{9A8xEDAt8#d+8m&N!WBBD;*$-h zhNUk}$7KJd|5GbK_0T0cf0#E}gAURojYiZW+T3-A(qjvTp1CZyRZ~MqIGvGg7E=U+ z)O~n~Mvw!ei#Qr$d88s6<@&UFUr=`jMy={M_S}zMStg>{BqlJ`aqUfuX!S|BXZ|cb zwa?-w&-Ey(%{sFxPrmmk$WdEKd98<(_hh97K_-?vhRYdS0ym&MzG zQX^&2SJEeR`J~YW+fNiE0h!-tNwa+dbQpw2VFW6K)nWC3Z)Bv8&6LYB zO?{MKGB@~wS^O!M%`)xXUpKl{4hMtZ6^J>8E`qE4=_&)IMt>}|4k3(`;;P^-F$3i_ zt1`;cmhH1-yoNsH2UIN)HMPcA;}iCZzdyTg|Cr11Zu1mZGa^;>)#e7LgXT_T`{Yu*6fm5JHXoss(F z*)>#IT_zBkVvb4d8s)#eT=$8W;yCz*da2^UW)SGGHwN z!rnvr){+J>vT?M1zM}Gj2J_n1rmiFJ#i0Z3oR8YN1sSVQq!(70Tal?ty4Ox`X_=Qm zX*nv)5`oqd1`T(An2B1!Ruo1icMY5*1_r6UiM-u!t*&~S#J+)8@97ilefYhgab0)a z6G9=wAZ7n$B*YI;(v=P^F*iK&95LY3l#SuKC=pQPL>Zka|4vs9)X%=AsB8!^nBvEm zx2noP?(tt?Bg7VRG8II`hsSUe3vN`&2XQHJm(x-q~R8v-y+wXAJ+IwBko4V6%!ZA|$K3v>Q!;28QOHT$M(1Fr@d@KlEEg1x5+!9Z z&kJ)0A8Pp)?zyZ01M@?==!8-ome0j2*_iGXDT1;PfvH%$8OsmCZrJe$4TOq$zi0jR z7MOjGrO?mKA5#|aEmCk80%@_M)zlA9BELmk(T_9qPt(ji^q?uBjk$%ArH+hVo4L9$Eh7VgluX%FC%ImQ%~;ja6kB#RyJe)8@+^63oMJu?&Do{Q z&xn9ILH;Tqs?|NOy?1`H`;2*b$w(+@o;l@HJ3+B0tv5 zrY@ZYw~sB{I`!B#biiD-24%FFfA6S0f)+UiQP8XZ;lhZJt?_|$dpMISkV>REh#6s8Z!YpOm# zzu+v`aaiA@-YLpu^;`(IPM8DoE}O;mOw7 zUpYG9+zv7fri6!+O4d{#5?C*cHI>JQb*Rcyll2e@D!@Bjb+ diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/uparrow.png deleted file mode 100644 index dc004b22db3bf7eb1e9dc4ba9f0a15445fba0e2d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 730 zcmV<00ww*4P)Px%lu1NERA@u(mhYaBuR3UBnb(1 z)m0Q_o#!M;l1P#y<(4F&C`pQ+LbhN+J~jt@T!BK4oCP3L%=F=iThwv{^`43uvvkGxKo+ z``L`m?QSPd+7ea*M6?UQQL{lmCh$_qySAfi104kxfei1*B#Y}g0A;M3j{ zLkVcD_c8N91OGOT z-}j#l3!jEW-vUahBSMJXrs$mM{Bv7)TZz5|i0BxAou=5+D2kemM&o5#@HP@X1&HV* zfNiG8<2a7PAPC;14L_{Jq5?{(GeU^X=A3_6EEdCRwfZhA_+ccv3J}o@fDH!zzT-Hd z>$)GZh96YozXC)w3t*i&=kJ)0)TgC_A4K9G0j>1~W?p09ZzW?>sZ_o!HGIDk3k0;* zmzX&;i*FPPg=B2LjS9XWiN69wl>C$>KWE8xEsCPB(P;b_HGCI|9a72@f2O4UfKuwT z5Mm2}tEEyYESJmCxWIQxF!PL*a$~2!a>sF&xvo1mZs7BITCLW~dcA(HeXr+-Y@B5l zBrxuv-T3kZMx9)qK%RhQ2l5fJY@qe>JOS$#TD~Apz_NkX%O^g8-PyA07*naRCr$PeG8ZzRkiin)jc6#B0=RM0j{8Nx_S~(o|5V6At7BIf)YUlM6aL{ zQ2|9k*iHWFB4JUDb7}r_T36Qpw|@XA5^>QkQ4tC(AW|%9Yl?0= zn#%St-f{V4KR{4(jPWCwxS6GBBY)CSa+kGI1u zanAfGfP2|iZZDpkc_JvV-M~3D1ai;Wk=UWnT|h(^Or>`VH*SzoHV7{OxSbT`_QL$N zzjNKbga%t$AalBx92`~pF96EIm?t6sfrUiCU10n6LULU;ut7Kg-jV_-zh6-Fd@zJC z4s*am*riSe70NySeQ6V1h z86cvs7ZRC&_ui9p57G!E*0cCjvTd=C=TPVH!=A0i00BQNXvQaHiAxHB#PjL*GxO~L zrpZD~h{IO~R#}>Hj;{y?o%=43SU&X;Vrr=!pfU_>3t(7pX~rVI;_Q&!SA!Y`!02qbRmS26Hazk&|^28{vU zZE0CwGFdiVAn{!KVkW*RXhRg@^__tiEzM|p&a$QoM9rm72l20br#b`>R0g(Ln$gtc z8%+~PJhv#tq!>XRnGm-u4DcFD%Pwganx+V(!(5!SVRttxsL)S~Gr)ASmCRh!j3_-9 zNXO>%JM9v;!~y3_PtsNqceV%5{MZ?#%sJGgt|Igbchoi{OExX1vR7MqCw0 zdrw-8*qmX&x4koN6BODD5Ca~Zad%Z9s;P^wS#Y!wDJ#gdG$?+O51>t_VamQ||@n{{@Z95N~TTAd=G+64^7|h^}FQbmUV1%A~Ak z@LSvf6xs+GaD@TpYure4+OR-WQx_)!FL5QP&`8LDdkpNRh@v%`FuNgvs6DC0uxX8Z zF$KpG1J4uVSwQ^Z86Y|YfcO(ONf;1WU)??_=^q8V90C6nM0Z#TBO}udB9_YubS?u@Bu$fv zn+CCz2&~mpShQw=1o&L}b40iUigHJzD;o_CR@KX6-HVPUMLD-3mT>vJDq#*fi0Zq= zWbNNZ>JW%-f{<{4Nscar$JwSkBCzl1O=kZh2PkJK4)2-2|IE^ik22wM0B?47RoH7H z2AKK6TI;yiB#^kNFJs{5KnwxlDQ0|q#`NiT`0;MxCP(F!v3})pst6_OrtK+aYm22B z^J|H@CV{A?z8SztwK(vlFX88i+E-fdT=$qS{ylQqo?mo=0_Ad4Ug*PC2LlW~x2R?B zaeAp^fy8sE^O;CwV3)b=1>s67VSGnskd0!Cb*JA)ikMBfrr(B*`fY{lMMbMx&W$)0 zh?>_ofzc%`NrX+T;L75BBQGsRmx0Ah{bmA|xoo!O%@NyrA-OK=Bv3~Jk^Ph)6ILAE zIqS+*w5sGJ=vL|z&!?|tW~r(&$<8kUcNH|_Lr!oy5=bnkXNll@t%mUes`Z)D2`NGA z6YtiSu@aEQ6G_OWh;p2h<^HMyk@>6#G0ra}jXNdb+*cU!E&5xzAHM~m=?R{F4ZL3G zgd44daapy?s|qA;>JKo`v|Omw01y3~fR7b4;})m=r%J!TtTg&PAcPlqfQ~7ioOxn0 zD3c1L-Apf0zz_Hx%UJ*XDNDq$S5E6o}a7@S4($B9S~Pe3<#FVlw+R z38|J2QhWE}6BWgNP�e0V3je7ZTZDPXud1fy8q9*+g*s#nJ1yiEvjT;cRKnYb-&r zACQl`zS2p+tp&}P@LSS^0#VKM?Es(eEBaTR|DzP)uE*zR3zFao3=B1|e;tf32L^ES zfj$?F+VQO?t$SuX*W(IgPWO_7qso8<;C0Q%JJutCE-z@A8@$3Ycgv!Vy(QkeJ+c0O zyz()b-M4N^#W`yCdF5X<_5TL2)Q{ML;FEz*7B%CCjs+6Sr9MJLw@DIQ#?lPev&5^p z^hE$)0D?FtK4UP}9nAbdo6>gu*2HR0#S%Bu;;e`GnkzPczJAC*K-~=Gx}vtG=obI+ zP3bO<@FutHwVWM7#!8HTkBvKnsHQHGz`a)rB5W+Mx(wF_H=aM`P0SGy-*J<~_be1T z!|KfRxXr=aa@s-tw7)pXD9)r$+)7w%o$TI;$9P`1)<{}I{ko`_v{fX77HB2_Mp<=pXyz>ahHR>j=RLn z)ZOBwVATs8EJ0SaF`~n~P3a^0Bb=u&vG_!^U1w>=mDL4erY;5Od$o}7MPCMf54_S< z)bcO6WnVSZ-van^j_uj_h}C8M#Bu*B9o3wE9ti*C)E+a=DJG3oPWxBu7t86F5#hVl z`c1{36QNK@7#$7-BFEzuGhJ0oW?cQ|p_=*zhqFh8C&rCdvig1OThXVW<5; z_>Pq@oD154Vd;-8IEcZkE(+|fUTs}&r2SEkSZDLukw502{~LgVy#nFXF5C9oi(Ts; zb=u!aKh@OPNxu<&Hd>nDT4FrE{foF_roNN_v8oleF$~a`EiLnn2?Y{2(>jACNQFaL zOUvkPkDzL%dulp`=l%>LKD?goI4%!n5aC-j^~V9sag1Y%bR=MPK{HO9P$02f>RKX_ z;P8z%n-OEV)J;S+>@9Qs9VC4bi2u{+{pR*N$dF&vOx+03r<~%LLj86Pycm7M_S07H z9g2C>BUa7N=-x2bKka2Y=+VWQm)$lmJ_wcu6!BYpZdKci9_64}3w!6S>Z{turyN}Ju%#K3F9ka=GF}&XcWKudkc*cw+e?bcb;AkShXpdY1o|R?h>QMe zHswY}?#Y~%MN(4k0#`}%*&jK|TDWFM%>h)oKrFWoMD1UK>DWoTGJV`iW`5+h|5s;` z@G)yVZi%q6kT8ZTG!F|To=?4tneO*$K%CmOL8m>YWmY@wUr)b|4GU)2ZEa$I(m3B( zXfs3kh?`%s_r=(8PscQS_UuoC=rS-4AN_OMYy;PN%|ZB>HQ}A}prskZsjY?uqUQAP zppux(&$h?XjQyJh;OMpK*Yr(O4z{QD9~>Q^0qj5RZ@nizu(MhI#Uqz;$P0(`NBEFP ziA&A&A3kPHJj#syUt83ERsR0=sz6NrcM@b5w=B(wH|qv%H9zt0#fLKUQE0P|WX4en z(@|VGSvd4(7npZ}Xcq`CfiW{&%^G_bFz}wDW{8T-6@d)Cf4KfqT>A}3Yb-4z-TC+0 z<7mzmb9)xg87P&K1WJRDmSy*KbE5ao%gFbTvOqd|Qpeafi5bM#M!*jXn(;|rK}hUe zyx^B2=w#T5!OC9qYJpoW8wZF-NbzSjK!*Y>W|6RsX5d$rX1r&329YK)9P^i~WcHik zXpLqdW-g2oqL%^?e%1>A2 zf2cYAXCVJGh7)*xJyn3}B|+Bfj@+U%z}XBC1&GuLwkr6)Y(I{fG80+}N~bR=>!f%x^ree~4}V z+yoVI?pV-@b(yC(Pg38Y1z}Kl9m&&1)tRaDj6|4jNBwhF(criMC`*bR?-ceH94rYl=q)P6ndUBetKk`Y8up1J`BF zh9!qb+Xh6&^`R{s&w%VRt;9M}Uc04R5Jf`$^fvK`wHn}4Wf>i>&SCobQ%V*H?juXX-v8 ze(z*;DI6OPSjQlVgd&PA1S0nGOj>29$z!lXnKdisX0n7P;~(QrHB%n|=%+(JV4|~& ziOkRa#^sm)pooMR?-c?OS zKd|~Eh&`A-3jMrE_B_EvI9~`v6b|{9`os0)%AZ)8@exlfH`%C~(=Qh(L@xBg)$IGveyl7in;$$q%dwcgdE(=jvsK^jbS$H0Tc^jj;LdDx9O=5{aYC@IQD z8FE377Y`9#MR8Mqjz@2lb0c;)Y&=cVmE(gti^RK6IhK`(m^~_WRtSr&gnI>XCV0`^ z3+5ZFq&qcLVrKdV0)J-AU=sgm0QO2Zb{VVr)Th8C<@Oo^e^z`bd=j*8@-jE>Zx?I? zcovD7`d10Ks-g|tRnXk4(5srdsDw0Gg{+2`%GG@8Kf!d-B%^q*r5UbNA&Z;(12XOa zCL13Uk65B|tgMG!o-VPS4B{CPHJ5rAR7o%D=2?5E888|2Z$&LLytG`)ud6v*mK+`( z7tNCm8&&BR?A&}nyIHB3j9s6Va+)5hGO9nVL>|IB3#=|Dw zGU(xNmS(t?9VDJlU(C!mIY3|cO5os5T(N(uTC3Z~NWwzTgW!nhWHEyT zqK5XqY3XaYUz^@lHT7*GA79xq^Fk|`6)QEaG^dYP1iY)D84uLs)afHuBR=-U74J^J zpB4UDJ$SvkhV0UDVzc5;0seqjPF%FRl}og=cyi_m7j3$3D%QQ|Xi}6vRK$TNtfb-k zE`@3@>27TJtooAf!2*h!*PjRDK-UMQPJOWxM6K>nB*B;r*Y*O?3 zx52ogUL(!E&g~^rxABks%}bzV1ub){+dhWu#dG?ZQ1DiOb}{T{sANCk_J=}slb%MD zV$5~~On)WNpWOOTIOZ|S`2vJjl#a5i%<7*>6aSWI3WmCzh)raLgmGtG7khk>YU(0w z{^?~mHlJ#BW!HM_vSrN6R)JTfA0@R%KM%I^;`XwPhFF3tbY*`n3!WhyBi|1qQG4#T zlh*ahhEY~LgS!u0*~a2RjE`BG5hFF1J`Tj<%WU8p0Us-9#w{`dS55t|Lq}={qR|7l zpR`)keGHoe2Ih1xIXJ2e{M|v2~ct{`{04%7oC0CMEJO0D_rr-i;v}!U3tl5JY^+~BZ5MlEI4J! zkwDXx+2V<0sDREDAbeXEk{ZTA{1q#ay{2J1H5w2Vp#}z&;rb>+Rf=jfGo`z$rY<%u zmQP^%*XSin%e+?juLz_k{chNNpMQYd^{gG~@VJ1(I9T4pNF<1>I!3|FksY4Ndkr>~7R=K(afhLe@mLxE5vJrnj{{ z=a#*??J$03C5`g_#PSSMo<&|=o~+xh3>OmkTLmpUbPl}fkW@3>1Mqy|*o{qtO%K3F zhwa_zGZck=EiYFNf5b-2kpjs8(0$~`71yN_cRYS_R-BUbrNvDBW&)N~e*4hn1uYY1 zF>yE&6P|&0c)eTQ*oIc@GV-HlkeHeNJb^{3`XIO6mS*@`YjK|gO{*-;I48)2HWPcy z)E^<>9nJJPj;~iN&3Mhw-w)3qF;hRDfZzHIu2J_lS(+hACp&Ixw|+7!G{=tEJ&(_C zeCBy;Zqb_~q=;;l<+e-Nb-+`dn|C_~G(|hAJ?T!^T>h=?XCu&m7qrY7V+11pLN#@< z59VM$0XE{BffI_F;b>o3tXoeg5nRKJ;apYBcpiiv5cdGe=DmG=Jv$a|6k8u^Y9rt0 z6!5vdTGq+=?wWkGT4&Wve*@qz`W+WBE-fUD;WPikGe|`sfjM0`E{{&WI}HA&5(k>n z4hQ2A5Q<>h!QelG?HvT#M>ITxS(&9o=(T|OZ+r;AP$8i3G0Oqbs;O@UFxNp>PrE1z zAKTlRePrAjBxdTLAm9g{BJj#M;m20O_~=CDJIuw&66`M$aGF;TCbG-GVMWat+N0HM z_tN{5=p4wOEzKBJQ*qP`65Dd>(KJx1oTm<2v$4SHGB)iCJ7z9gNKiy}z@>hL#K0$u znz2tcTfflA=U1BjSHPGwMxz8GsEgR+dxMp44KLXqilP z7X>aE4|lmmf4z3Z0jY@6zgddy?En-g^Ln+lB4yKX8)pVdzn@vI{6y6TK;&nF&BO`` zVar-_czZNzYgzEjTn67QON7jHSuvRzlVyI4K+2CPrY`a-T_OwkR>HwV zi>6X#+wsP3-lp^s0}&S0edkCqwuBdKD$RYYbG z>0nrmnW?)8bgnFDiRiXMA~WuL_qYNXoJC}-ek%)~4dWo-KMI<0ZNr8FXh6-Ue*|W! zikME8V|YS=j4S{Xz;TcsGJ}>EwamAq2kIg~)zrTX;Oj1$Y}^#{@2q5Y!eT^|38WP^ zFE&n~mllXWZ6&hb^U{SZw%fb)MT&x~EO>@-*tpW_GOn8l*MtJ8JZ7cW1H4eWpjrsf zRQNuk=JfMGQfBWgF$U%qwG9)VrkzwEaWnN9289QHJQpN?(9*L1<+&Rl9K>?^WkmR{ z53Z}aB;cNcW=y(RFsVQW>wJr{!iQA#7ItWiffjt+Qq9yi0P=kc`-G2A3Y}T#%=~h) zftyqy;=*_?{WT`Ova!(*uXe-$-HmWl4XJTAcNXl8>p&I(wru0!1;hzBLs@B)fpEL7? z#boxjY8a{tq&$n5sg(@+d^Ka?&)s8yn0~-}OIKN`b^mnFs`r-SJ^Gn!;}_n0YRJP@ z>*-nVz&Wc*)vP!Yh+4^;C1#Ns)eMF|ca?!ZFwt$(?6y1qnEbW>`Jx<#CVvVk{=B7S z9c2=AB#_Fxi2hwBT;`CYu$zkvFz_S+ca}h>xK=SE%%q(V+X-*7>eLP@*&_|3rnfWd^OG~?rG@eUe%*4Zq58SrjkUhe6R>E++ z=;T-+0#q!Yx`~)BZU|s_u{#Vf)-u>6z-)$C<~*=uzv#^V`A&Sz?OFV~l5NZQ?zEdR zaLi;M2KODDngk+Q4LNsiwAQflGy|pr7$v2&dc1AhwT3w_zvM0b7?=;6=aZtG1mP%?fwM(u%H>@7`Ee9lRzr7i2hAte8I7Yu%izQ z(4zovXX2eyqGv$%P9|k1+se);m3HEwgLV$=+4EZ7yXWvI_%McY7&9NP5FN(g!@v+? zm^42c1EMzM)e~iFiRV+-GSk2N5d1_gpJfarYneUDzYl5+U~u}(0qCgp+OU7?F+jv$ zqXP$4^v>J3Yh-llrqtUI5ki%vIbXRNiMVEgh>KM-eF0GZ7!C~ zQcYc?T%9ffMUK9jkB74^feeb|=K!B2LGU32c^KHiOxG5ZnerFvcs_kAGf$YzuUW7s zI}lY3L)`*t&o4SbVZ{uWeXCJC1%FPonQgv-BK#t3TH_}J^}Luj{D?JVAUt*G=gj7YqE=U{dj=8SIyNkrVYju3S>)|?c@HlN8Ss#SiBkF0;<6!u zl;1_8 zL^oTB%tdZNcTFJW_mO=1Q(zvG-_$Lzp`DO{Nf{vgcKQMR>E9o-@p-qHa#bMZ_Yp}x z4!K28XeS^H5c;8T+M1u;=q6&<1)@H<==B(gWQKQtx`{Tl6*4dZ0|fr;zFS?~Aj@@u zl;1~s^hGw45Q*Xj$k0Z}KotgVw>0C!Ua;heKq~Je`W0X}I``{EV4=+^!@wV=5v3nZ zWJC#b*PCYoDT~BRT@TP_T}K@n3>l~}@Hg8oo$*-L`rmj(h^GQ6izJu29Yp7Q6+mcr z$}-T$it?Uf=UPuULwYWd%Hvl0J}|#~$_`~1xa$lM(RqbL#|MnH$xPCW+vs_W>BK*aFIO#LqutXk|- z@2-?2Vq&_akaTBvZml8tCXmYNmYxTrvsTby|0%=((^4y$xzDeNeHBP$CQ08-U}7|ueMesDD<^SA&|02!XiDs z-U#wI=bcJKIiq)e=0O=SNh6TTOp^W@b65{ih8x2t43?ts2YNfRkND(&j9aM$GWg1?8X$F|EqL?tGEEg@M zK*}@8gNt5I1Cf<7rrU3s{tZ3lnC0b}M^g_$GyUWp6V37f-BvWHfLB zDL-;;STLj1*0!8b7D`x_+M}Dp9kaXv3RYO1*|qN2Yp#_*3S@|)N)eyP7s5(c&An-y zd83^Kdu2h(-r%gioV@}qkm1L!O3lROVPR28ZZe{qBYm`T+rqWmB|%g-jFu3Hh+b6R z9bkKTSfaY_d!g|Q8F_$K__;m3@gPQ9Xc>VFg%$5Ua!K_ISgefzzZ8Cu+^_;#*C~9NBgMQ=OZ4Pc>l-#XF@1GIG$>yq*SE#KKcE9Z?^E zvM5U2cK`OS)z3~}cUw>k2ItNEO<|V;B)mCZ;5Vg^s|U}jSxrF&lD!1b$WmH4}`O~61XkQ#4| zSht=4(Ly5o6o7*8lK%)88%W{x2kf{1hKG;8@0A)up3>bzfiyV$YHm?GB9V5KI0l8= z!6dTRi$Aj)G+oQ(;-)WxQG~)4K`9d1#r>!4Ukn9N3yov@h5~7fzX`97nTeUiuW3hw z2gO4(z~YNO%>;M`z%v07U-)N=zbC>B7XJi@uTTC0YlNW77l=2E`zjL%_TwgapJR0tO0AO#sDF5QK76NcxsS zK)@6^6p@Kw@IovVmBR+<0Kuw}L)40j6|gcO2v+1M((QlHX`TAR?lb%O<=LIt&we*+ z+ZG?A#TJVZ1Thluxk6am{~p*vIA0W1m%&0gDD?3{s&$q_2!a_3xI{qG7q3ndaZ3ca zccTeQqr0Jg-4z)n-uujLl3wz9oxw2`b^dN~LGZNbg0RqGxTlz55!E-fh=P^U9`0HI z%Mv!eWf7XjK?oOXoQ>-c)LoCM(B=kmFwm|fx+{GU!acgm!V4iX3`;)q(8Hd`N_%iU z%rU&9cF2^CA6b4O17|Dg-&Xn`LCB=Xq7CT?X=v`WKLy2G`rFRaQ9Qg|71hm<18e6X zBf1=L7W$vCrl8|>HG44%YVNq_(H|K2=Pm2b0ofCq`H|kq=H8TwK<(u8V6yD`K;D?A z)sbF}N9csd`Fm-}k1l-`eQA={L>>n9j7;EKv?<6-dF#Mjy&aXN-b`|1m#xYGopiuo zy89amMzhlU0H~d+llE#xw38crdskO_z6l6aN@quEZN!WTuCfoCn5mWJnDFhB5@nWM z`Q>Ej8`a72xH5X<3(e;qhu; zY7FZyOn?b}wuB#gMf1J?ARK)TG_yP-RIS2B{u$br7vnz<4 z^}eK82OqbBeEo3BlEf#@R7vS}T8o@VzJ&Z_@PiX|!x{nJpOX(3I?=e9kl${2+7kB8 zpETQDfU;C@E0FKL|8~XbN7&*$w6pJ2dv^II)sFPM>qcp8A70QQ3dvoR4z`!-XVdxd z7)EOiR+*99O!)^y>v+n>ty*b8=x-8-yR+V3e>WJBA?rSq?9fdMq${Bdu0;VMN`$m` z2?+Vcl&!S%vs=SQh-H>`YX&jE&$BID#*_mCs*r(ABfR zxqmz}CI`r{A0Ee{S$QZ??qaZ%qkM_u%}QQC+rju-5f{E|3F8+vcNdDQN7?nrIZp6)UnNo(dFxc?k@dkP24! zX+MMrjjLKtAOtVx_=+%?konRl7)(gXZKt9Cr)3|~+2!Ksdii|>{3IX(?=9SFuP@2J E0O%A{EC2ui diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yinsi.png deleted file mode 100644 index b4b449fc49f6c89ab71a03fe29c7835c83b0e3da..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3620 zcmdT{XIoR*7EWS9NJI!2M5>{Ulz@Ps#()Hs-cj06gcuAAf=Dld2_+Pzs-bs59YQZr zKtu=%f>A6GKqG<(jtNDIC<6B|bMO5H_sjjT%d?+%t-aQH_ugl{sdhG|dyrB{5D2u# z-0ZXiF!t{>K>?tzb*U=>25^Xj=}Ax>TjmP@;+mf}IveT9FZQ@jauj{K{kDUrxj&UL z5#a<*s8ISzA);TxT`N-hlckmp7nGF=Opih)BEr+z8Q+Et5{AVOq=2uB2vnF1oQzjO zEk0J6f}5Pbu7En#GsM?Rvv<$>qGN#Xm^{|}?)aTqu3PL@@sQhFTv(jrcHLhOm>bA- z1+bXQElSoNL{|4-P!*ID93evk!Fs-7z{o^B0>m52G3vQLtS$;cn<=Dz*6tOw!+5`& zyCn!lDrKKu&hv(Sn{iH()4u>uzgP1vx0#4_xMS$PLb|0g=6)M zbBtoOKzI<@pR&L{r*6!PUNIz4Ad=q7q#HlYg@PoZ2Qz|PCmhm}jT^{a2V*W~w0Ne1 zU^?;bd2@5HU5~@TZRuVQ>@_Zz3N?`9oC4+E#;ewyqMjzj4hqKx)FkmiC(w;U$;gw77#Sp~6*PDTPoJ_yIiepD;So_vYwZOMl%!$_lKU=9iheugJDUfLq>r;h!V z=Dcj%b!7XvuWHup5lF38!jkZuvtQ8PE-dTV~p_b~F4*1+#lH8khDqf=o_G!eiF(mK+Ql7-ejy8ikcXcOKqOYlNd;FEROGS~SDz)NQtNg3e@}e>a z99V-_wyL`2BqythPFwo%tNU^}`cFQ!ybiCwaZqtoQaS=j za#d?~e7v=PAVBhzQDoagmRe1iIbD`MJwqVc!qM^7R;9&~uvYIy^#a*Z7U- z?76A1!k5|p2cUPvJ)-W8B++?1rM$w6@>F*?_+-}*@YiPWx?)1$Pcd;qF=81vbq^~xyZ@n7U$EH>M z9boH4$@Oi4`ELR=`V2;v_weDnE>0X(Hxyoyg_nMU=?o8lJ-etHq60fB;qjwvtp2xT zMrDV59+I=QVQfod-dFlz@jHfZZeUD%e`;u(A9XgPyYO@U&0%g@(-UP5d$lBM;ko+a zTAb~?%k-kugDc~ZfmMIVm60MzqdRlY7-RJpl2ePLON4_8^@PB6g$n~@M%=VlX$zsr zJ$bu4s#QB%L}n9e^F11Gf**YdDY~S;oM3G0>AfPkdzl2w;lH}kNcrH>d^as~jZ9iE z4$ZB9sToi6n7xOLYlq~&87#j)A{dSBa!0>1c93n(5jVq+PQZ?hDxkocc?+pgG$zkJ zDZop@Jb1{$3FBI~4PESf1-r*#&X~z;Z1_d}*h+k1Y&HSm3Wyy$c`%Ve5y+)v-U$ zJifEx@q^ZPXP}L59$Tow7(Ei_wDM_>^@-8D=PeyEhTuh$-9z-rst}JT*3|3J3GC>{ z^I}*-$db$O4T+XMIZ}llMQjG|>i@9M05|5f(4#xJiU(OS2hoKMqUXQi7*;tB z;{Apo{YOG&<>?USO3XKE)0!u5T=tKS7~RJ)tTQD&?T+@CwKTRp8CV#RdI(3g`V`#-iP0GQ z-S^|Is}D`Kyq1=Tg)_&ml-c}vYQMY7BXmaL(CoGJ!v@sQ6{6mj!-jof&?m*$O@{lz z_ii@3Zwr>K6t^SaO)L!LTk8-0&bnDb2!3Dn zvSg~uBOf!WZfE!T-b%t&E(R97o@NoqsvxMK1`Dw;hxmP_3^L|2OU+)Z#F}HoF~Y76 z3InTnLA+V2j-<%ma8x+TQn@+dW?7$bkFZ09)sx;t*+f~E!vGJX?Aw^okZ@Dw#*&sd z+#B9_Hn>)n)addx()H?$yW)Yr{0yfTqvQrdmU-kWjGN4a6UohPTSX}Q$CC5|Epnc4 zQRAU$loNj9PqNyD+aOVO(I<`g`{xO>TD2iV!fM2gilhB)s7>3s|l0<@o%4< z*uZZUozk3Bd&C`?2)WlbRm3-;+F{rhZR0_zDCF(&w2(Gw7+|D6_D63OK_%-Cb@o^w zS`aqHAl2;2g_INitUX5Vu>Y?U7AC9R+tE#G`a$99T19)v{9m4ocJFlZfK!YblGQyS zjqM%wZAXGH;mB}rRc8wdM0;{gU@%Cxpecbh3WABfcsYUO2D3#6-I8#bxe#romw%f) z6IJgLP|1pm`|CawfxNNsmBf9bRdRXBLI9zBzfbr>h7; zh?T!x2eZ=Zfx4ljoGIQpQ=~{|B17a3!H8yMM_p)@!#5S3uI#bHED1fVoz$3>Y3y{& zTaHvkoq{}ktRs_NEz>yVPl2S8=K^4taI-1mcHXXagQaiK4Hm1K){!F$Fk*klQ5Sfo z33Y!?=g=EB_LvbQ*qRC@xCNIJgm|5giEwSD+yk#(Cm2(2=K`UFcf5eo73s24rdWLQ zevvJSL7Plj7F&pi0l(xJ@pjq}Q6K16c4izSNS*l81YZ!Qz<@X^J>)q9l~N+JCVPn zyQ`pf;V(6CjD!Y!;N~LxU^$*_91-@Z=s$7EH1dXo!?Zo&h-C6239j8e1tjaAe~o$6 z7^#Gr1uKrs6HSC8I#O|IjLI{pygK%>)84}uxPK5$1vdEeNMvHE5wGfV?fYO>(`@8} z^pk34LNOe401ei4X+FrDI){6v^Y4)-0J zPU;DY6tE3P?ZUvy5U(MUr|jU zvq+#_01m(o-DQ9g;aU*z2K1hXHy(ETh1do$$31=;;F{+#oexzVFk#MC#Eml;T4GFs z&oL=$XL;b{@-WyL3xpj;;N3rWB0Otds*Ert8SVDi4d5uMMr(G-0YigE|80UJ_WeIx zx0%|WqNkQXeYziF342Y`@EzBJROB`3UkP0Yy*Yk$k?jcgbE%WGfdLv~y7IbuKZ5Ct z0we^)&klFw5PE0g>3Bp%;eWJJaU0g;MVNG)Y zm*Y2EJ}6d3c$QP)v7;`OUb9c-Dg%|bvT=tJfHSWyPS&)fKvXT$!p#9(jul?SgAS-4 oI+~xOM4&3=hs(A9H-O1UC1ko$e#aMSK=y&mjcrcXo%D+T7ldhw%>V!Z diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/yuncunchu.png deleted file mode 100644 index f2aa3269600eb74b1a67c576e7e3d2a725c623d6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8559 zcmdUV)mz-n5APRP%Hj)@;x0vsTXA<^ifbvZr9deTi@SS^ySo*(@Z#=JoC3wIxGfxh zf5N#t=VB%onPf7PCz;QaNrZ-)JT?X?1^@uqiV8B&7drUA0esJs+V zJx;z40Mvk@jO2%JCdbBTdLQH$!~y~W!1?%uc-}~u*Ka<(t22+5izc<_y(F%|CT877I zvKCeVVJILSK!Ai2iY*;L(-i~IfwL&EkVwFsunt@`R=|c8F^dK$@0T=RI zk{KBA0RhIm0lxUaEpiv(eu)fuS- zF@&Q7j{u-d7&0(9xMv%NB)utLWn{lF+D2vqwkzxy8yo6$KPw6IvsTmF7M;-9vAH7$ zDnS9fF-*gxG_=$*u*<|mlvD2QH<*V)npA3;*Ta@W0^>V6^WW&k4I}<_5+NqwtAbo> z9zW>KT|`k|d(txuVWS?@v)D;U*nl!XKp0YPs>nOL`SL59$NppI2leblX%k~r|7Ttr z{;S^eyP*ggB#Z=dKnJBuP4#eS2?c^LxdU|3$i5o$90b=0%0Dfy78Yl;(O%t^6S!O~ zA;cFrIEEC}wSs$>3&Zey$|};1F+!+?0kf12ymI3jzuQ@3G%R6USC>>>-7NUC^*Z~n zil5C(sjmr#m&uM%11y&ce^wvTf?z92q=aAMLIS(9aNnw6=G5&{lTu>Ti>ND(-?==7 zNAEH#Qv7w>00SG#$%NR{xyPXHv3*Yc_vs7Gk$PSSiJnm>ol7yk2KlKB9gQ%OJ60R8&@QWFBSn;1&TajR6F$nRiut5#>Kd%>rperJObP2#w~ zUl5fNP6hpxuGGvWeLfD|VA2a+g-d8}Qyi|*> zImxe&hgEqOY1n`9cw+bw@5K1+5b{4P9ard(HVA-k)tY^mgCxz#K7om#JHXQ+r|iLo0tb4BC)Zb*R8)!+S77R1Z-lP z)-#ge1F7S88lj`8z~=y~ES1#jmBIqPYFr?9-zx<=^B=9{^A-`#y_i|aN~-570s&bt zp1=eoko)$9)p#Fj*qk9ow4)n)dW&yz!ga9?o94<2jI_~Q+;5sC1#Ou{1+%S{*|Y=y zep4d@Z(;!7iq+q-kE~Kg>v!g%{Pn}sSxKtRZLMNQAyuHqXN^^h1^_FBvTblvAoZS; z5?1BpNkQNf>xA*CbXkoMo!mGSbL-2{QpFw?PUaqX9n=kA+Q3cR*EK8V3lI?#6nsc9 z$Z~wcY-UO6-v-D-wc?LEM)2>a9NOE*X| zMtrF(_E(61XANwq?`O%E_?O<&g7Hz%p+&hfGue9|I)Ae1x~EnhFLO~Jx=1-|=hXDO z5_=FU!gBWP2B!|>?`Xj#O()yO;;1<3Vq_>hwfO*YcN#}9RW?t^Db?#}_KPIs1B_}6 zQxFY%jRWaY$WgSy5&Qeso;u&$Tjskl?wcyKW`dv|8|Lo(`L>HbkYHC&KC3Y~)3l=X zQtz2E+vvHq?A-`c>E~N3uATQZZ=?%I)!7c`N9sKso|l^Sm22x-1gh;93XAJ(ReR3S zlrS)drzzzKEqcY0E#8Xr52>nG7(zeLPuNy`@!q5C)Jsb>@_~SY@)D$ehkMA~e$UHvUBhFynCa zA{Z#ee!lkSu{l@$c#%8XviiiIDtfwTj_uOZ)2CC7HP;$~eHoqsRkMHY2DM5lFNSG{HM1$Xi1EI7^ciydr-6p+U!Yk1v?y38Hmw*PHuO$j zJKIPNfwpSwcfBORzaJbC@O(FeCr>n%+_c-R`hZSztu_OSKnq}Tjtm)?SSK=Q)u6#? z7IGJBnL3U$47=X!|NbGr&`K6ILRX^*GsF3^(yGmzbs9py*kr%1@&jeiqJk=rt>e@!QbN_@Rg9lN z+K{reh>li;#ufhM!^1LH(QE@d+_q+!${qEP(|5|SNqhV-`l z+WebXD)h(GOa>zzyl)CYJ4`U9O!`5o>BG5Z+o%A?z$u?w98Fw=c>g={}Ml>B>OYVxRXN$I}2-1ID#+=3{3iAa>O*jU#_zk9O-^c0s9)<`-KA2 zPBcJ8(g_6LUt>IyHDF<8qLw?8H~m`0@pAGdgO4)NH<4{AS3#zm*>#io2IAVux@TRL z5%7-->Snms;~{kSzV~Ea*>-z{AK>+>?m?4w*C|s$cle*uQswsG5Cx# zTnVH=3X+^bqJNc{So#6p=JvMkB^QMLDS;H0^dS1dxxI7_fd@+0n~v{^&}!Z&_n812&#*?&L%b)8^m z#)_JC`uetYAu{y!$qAeac$NqxGjw2MKMg8N2&>d)@$3wgggZ98sY5CDWh3DZ6K>6b z8Z-=hMM!+l@vyiZtC-k&>`=*J>=g`GQckWz_QwP+kT!5FyR=fN(^;@N9=G3M8S#Ja zC)a#tHud0asZS)5SF9G%38c}$L#ivS9DSJm$2mdpE2UUG@=LM;ee1SvVQw42(;(}I zWSVfPZKk-r1&__wvULBL3z;fjh2%#$$Vy_y{_vf&>@69cj2~03lHKTy^u+B@r%2qfnfFLc4)jFTho=G}@yt2wPCV z6R#5^lC)s2>aSWq|NH`=>q%#g8}%nZ5fW!b7Xr8wKZI05&wIPR(!&Og3{;oSKW*gd zU!ZPrGY?K#C{>^ax@N7iuL{+s9eyLCoBULoe?wax4~8xLllfWN>??L|aCO6$NC!6% z>J8=w+0ap2Z}|}elYEcHWh(KDKtM|QYXY9ARw_D50nV0Yb2wR}e9X`cF>;9W+BV1O z##v)wX*}y{|5>D<0}Da$#W9!r?o;lQ7Tg@ZMM|bLAKwmXZT9$i+IO7Qn%I|bc)M}l z%!>cAZmQDNBj-w>Lw_63J%%``!Ud$`?nwAOD`DIcCxo)DgeAw^1ui;o9C}agE|)^JFz`mfG9r6hS+5s8g5?&!rdAQI&<6os+tKse#`6a4mk?QU7I5YN|twEELgI+}-J;RY0fs z)}VE?JPOn;fCiT=PevUW4|XHr%Djs_+@3Z2Aq8@xd>ndyEavllKS>+_y2DMw+zc%I z?xV%yy0g{2lQ>Qre@9RA$v7wWD>=n?7^qw3R9osM-9WFG{M#dp;`rcb){KHx-s~$u z#RpAvE+Ci;A0%2{PW*Y1-x05sjWd&kq29Cb0$h2#O7otTIl=Ai7XW<|4bYx9b9}hG zcyX_zReI^gOpyE80xFLP%CnI4`KMq1+lNsbtL0wx`w5@#grppV-`|Zg5Ocle0$%4Y zz>ID79)Ftw(9@OccJI;o_3KzM8h~Lor_V|bx z?=jkz4VmPi*LQZu4~%E^52MONSQ0^Zi6z~>4C`#3J_a zgxcX7yCBx~SItJP;#`Iw8d4dQB?|jpJ|E7k2|Nsants0`3xo7T z3*nOdY1-R1ji$CEO&`b$jB9DfvY}D$P^J4B@Z(R!5gRRTsh!WSR>y+yM_mrZfy03W z>MW#<<>7M*A)yDSRtoCFg(^~(I{958y|-y^h+JQx)r3!OEJleiI<0k!2+#34S_#xC z;in|WwEp~s)*{>qPUVbiA(_1A`kn7HHiSYJ}KQ$CIxc-mE$r8MTPNUAqi9Uc3G zBR2HWgKil4ZHXWB+ujx%-MtH&dl-$R9U#H1IKHy3hU(@)GBW=w`IYPk0|TLw2yM6w zZJD`fjOsh*?LEXrL;8*-zTzin(*LlX{tLEyn>_o`956dg%Rv=6YwhD3P#x}hf?Pm^ z-g~&Lf1Wut{tgYbxq|2|lt|m`B=tJcGppJgfMf;ZPWCT^guS-uZmx~k#st67<_@I) zJCd*PlKywH--a_^R@B#5=yOOsXkj5J$%x#wKkT^4eQ5S2wymy=B=nVe5h>Vc1v^tewKJ7=SaM&dw^Ulzj>$epykE)p80@_t zTN8%V;fhja=;|n~RQ%?5-tQcHMjAq?CN(%%FL-g#Rm8_5L*Pv%6dGhVA-G`y(gL zMAjQ(pMT_BLeXV`AEz&}3Es!xw-k$?tzQ+#f&(w9w6i-ua_$pD>;>u)eXv7*_1qi?uUH#;tPCS=-nDCP#wBMtl zl$A%T_5x7>SC3qSq_w_OYVdybihjb;QHn;_@!fVk{S#MB*P1w4j0Btz@~{$so|j+n zYvR(OfNki)oOT5D94^kU@$}vMSGvy z=kgf!R}M*juz{DUJ0fiSX##(%mECRuxvTk0JWGjL&tnixA*V#BoZJNeDkdSH-D>JL zxtg0&U1YO|y>29QNx$B$-(LO2cfAuAToHJb=Q=e1qLSE16Z5#m%z^+3fv z_w$9WqzWQeR2dZj5P3JWMGJmaH~x6p)p@P(Li!%TGBypJ?)%bG^QHMxOY z`nJPXAF@wLLc;;Pn+XpT>kEs$s%?1*noD`fX;j2>oL0(aB)M>(%!JlHm{KSACus{f{ow)W|xr-3xXW=$s}&Zm4@**2gjRVzcS$0wMG)WzV=W~ z8h?r+YtkCVsUR=8m$crDVldy#E{f0^@Lu->VNc4c*k0MnmRM2N)N{8*ixm`l$C-PA zx=(js>Rar6#V3ypbu5JBZ>eb>?CvoMY=sq^oWS1UL`GfzBw;}#box9w4o2os+ znPNrSM|hT#Q(@v*ux{z0MOGc=ls)Jt5{<$;^=5r=Hk8ef$Nw4wKs6O1^7*#LTOIsE zkDx~2O(JKCETocZsA={;js+u^8^^fw^B7Un)eJx^{o^K<=pj>!4&SpP9kP|HV(-E>d> zzrps63^O)IJIEqky#sZc#D>ItTrjND4WtZ_Bn8hm{GOLBoo zHm}@Zc>!4R>`oh~l}^pgOl_iyHG%Ux4|XuH{Fnqgy)ML%Uu&nlx@dGUQhqyx7%!O4 z$}-TYQ_G!NH_=>Jr6SzMTg8i3RVBb>{L3%E$;(?fl?t(V-7!2O-07z;Gr7LI6xm0s zwxwZfx|WeNNev#}P`TEx3v7=$4tndbq+c*HIAwGLNOc)}q}b)Fx@avd4c|*>ZqyV$ z9a9ym7(005yyzG-0f#8k7xMN`R=Nt*TnYGWug$Zr=(ANZu`siVUaZ>r*Jurp%P=rR z-rh|B0b7x7@>2o|ZSO>u`cz|9=+=sVwBKGnoL6Lu4zvqp%#~Lq!7-P`DYla!N9slf zO{KOZ#D7GTj+u|xcZ=^;BX0hR2vN59MV+37u)3X7GaP@ksGQg*$Pg=0=YPjMs@rQS zjtR)2NW{}_Yq;S;^;0u0V=c;IF|TKBEr=F8OO>Yr_8X2#n_TEUotc@GyvscwzfzxF z-V@3o6O#~ISl!&_SJwsR)iLsZjk##|JGAUqFgJYls-^`^%tvcIkECS3gVC*UuAlDo zXM#r@#i-BrmaXphXPpep!(|{KOtB_qN_J5|L3Yt*HoQM(IMs*lQxdtB>xGD`{UL1W z$}!53bSWZ*@IMbk?O~d*Lhoify(kXvDIxb_bDJF9f4mrCRChWmUu)}aZHT5j4C8#@ zTw2A5`c3nov<&r_H4*=h24_1dvWg$`n)K+U*0HrmZNDnsObwTwIjw1nhiXA{&8HhM#Wl8{v0W7o0_=*86&=aGwHPl$Bi_hAp=l3R)sgM|)=Sp@+BN*nj;X-R5O{-b%2-RGT z{r9g!{(;72)qYOPqM?-k>N_pFcM0LH{Udg9GY<3H_r^+CjdCUR4ke25=hbGTZ+X*M zpP3pGpg1^e<)TG?m^BED_Y!4>mK~PPL@sU3pf2dDqiw|FXP^}YfCC#^Q)xk=eh1VF zmYtkv!X{RKUTOz+TSfYgq{H@6Sl$Ftxnag~_Axz)9fn^WyH!y|&p;T)=3Bsq5U_$8 zU_rRe^ccbBtvP;KDh<}?Vd?nuD%5yvB z%3fjm!Ja^Nl{2MPXa_$LDNXgSe~M6k(UiEmTV$xo5_ zBC~UvFZL7rus6xj?zGSLnSSh$@X2GRaFb-G3xCuUc?H;HY7|}8R_-33@XFW=^qxB{ z7PWnZC*lS^&6|M|M6Y>}HUyxAm_4K}6JF7~SG`IJw!(aCyZuEgyp080EDgX$DQ*2_ z9S$A%rnGQ)$ ziD=?yc)W&N*VTVtnyhvbj%jvNd_|`)Hzjl7?mSIR26SNTZ=V-8={q*Pc+cD1J*MLz zL*rI%J_{F@{H#8PkQq6e`cxg2ZXX_G(|=;MJ~c2_Ejslq4d%gcUZglR<-%8{H(L7| zIE@Hb03)V?UyMC1c%-wEqC;A5OO1)sefS7tkoU~Fw(j?8V+b2L=U%}ESb4ebf+t_m z4L-+B>jAe>yf%E;G59k-fAVv2aen9{l04k$u9ZKbe5z@%lofsXKjJivUL%r=e^x~@ z`m&M0KGpJQGXl@6z9M&HjDW1w3!t|_ayZzxxas>e)W3~9Ib#66?9tTEWC#L4!i|Q~ zcwy}#P6q*UEv(qHfM;e=K3aCPynCjIt`t<&^lUeX!;_ICH#ht=bJkm(bLilfni1i5 zvTIs6IBc#Gty@uHL4BpXjt*1C5>LDnwaV^X_^2mGgh`e`k{c|hZxCXPHO|7e?Uj^! z^^VkB4zn|-{GjF()NS-zM!3i_hTNB*&*jZySxQF)-ar1g#r~IU(Y&9!HFd3y3_Q<6 zo;t+{EJOhxb<(cu9d{puFwVk|9<=buNg?WNB@2(vKIe+9m>=)nLRZ$`mjT?4QXpWE zVs37hPQL7};^^oa0JZ#_;#q9HEe_`jsj)yXVSxg?hX-dv+V2%0qq!mS?Y*CtQO3Mc z)teowJ*M=zBQfiR)_xfou_Sy(y~a$TM8MMm6^Rt6D{x-~u+SQULBnT4U$d>3FBjVA zjAh^cOQ^gJNKwq|?Ja5tzN|+n8p45QsURy=fNiv6U2fF98|F?9Lcb*V;IwmV^jl-IdL>F}weuCdS5l z(BnF%V#dhrI8FJhnZguJN)MJ(>3uRw5P&z*(mH*3L!CF9hL)>wpQq}zDXNr0W{piC zWBsze6Qh`z5t5< z^#c6AX1!wklMYo!{@hC6cV36E51b=x%A1PlHgXUp2_1+uJs4s2o`D;t0m{M)rcH-x z{@+}A9Oy0D44isCqj~gv_a}H?xVY&k^V88 Wj&QuM)qLro02F1_WU8giVE+e?z8vHL diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png b/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/zhifubao.png deleted file mode 100644 index 4aa6a5d2bc9e9bb9a957bc20d3921610672535d1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8091 zcmV;MA7tQ(P)Py9RY^oaRCr$PeG9Z*Rdx0^*WPEJn+LQ*G|=`JsZB|YZH2ZGB|HMf8gllz0fOP7 zBw$6WRDQu09IX~K79p*{wx}hsU>??TO@Q39&rNuXK#)o$j4F}>`D3V7`H=?6>+Hvx z9qZgA;mXDu-wIjT?A48Zz6h4{T&j&AQI2Q!q(c^v^BOM zdfYJec>JA*U-{)5ZEMmDk~D*eW`KDnm}Y=5qjTdeSYT`g@m3H$%gkF@@YXQeyA|al zUv9yQX*!AlBajxSMBiO}Tx3OaNzmy4<^njbMH5Lk-wxp0Ecsz8vcA3VTvC5GSCb4F zfixhhE{H;Ox&X~#qB&rm)g-ssY)149F+V23k6D5Buo2ARhsg+J9De#dJ|luG6Z0t` znw`y=t_cEnG!gsLN-PM&_5L}g`~tVCBZ(KP@c zn^nTQ8yD>$=4G|A_2q7fvnvELy!ei;1?auqGBEj$gYOZrZt8}`e69te9;bYk*AQ@3 zz9&?7qG#Y{hs3fxKX&C-AcabJIgwD0Q`5V1dUZ=w^gOd%7L@Ikd5kD`0OYIGGdmgk9JgLNbWM7X+EvTn``FZmG208cGWmdhEq zJTJr=oD(xZz{=VlaWxi^+Vhp^EAs*=Y~kRT_0s6BQy*ZNYL$Wj%E<3+avxHL@y zjPJ}d@O9s{E=vn#Y65Y*=qUgvq!qaFn=1yk_^x$g8i-R7h~q_^MzF?bz8UacEAjc7 zxI@Q_RBqU}vF}=m=0Z+XAVn{Hm_etdM6Pk$1q=}QJ2lr31PP&@`<~4rVUYtabi3r50L`y;VbP@p>A3eeV#x9V;VE7>t zl*{9mag%TCcg6rqzC7r+zt)+R!}pF=AVrVQV#q20C(a;@?Ve@8Cx}wbrTgPzAU1*2 zcja1zAppM}7kFdWFaY2=ih}uZ?E;QXAWl^dnl0;Q0w=-%QN=Hb{y2QaA`o-fDUP8s zHXASy%b_dn0@;5|_UmRi4FgFtz~D=DAK%p~5S3toBDu+&Ay0a07=Qa2c!e!7PiG?3BfrpbWHmQvee&C``qNSi>4UbMpGt!ip&{DeWzHPv#0Mg&&%+08W} zKUi6Ftq3`@f`BV)uJw=2wI07!!IKXefiz}NR|dz91yawIE9Ik&A@_WX zZ~3mZs8beSz3UNxOxqv$si22^p3vn;C($z@UcjBOM83xC8;M zXaREXHZ=lCW$c;x!=02~Xj>q|wE+1MQ=g;BaW?{Kk|^EH==lQCsqGf=XWjO{QRG zi{ots(jsBHoAW)sYtL)dYRdu{F13tXT6NU(?TtWEp8~}AvsOz~w+_XD{0V9xXOb4Q8{M~dS7Lnf!pr!?4J_b&AWv`C`j&XtKBXC}O$o%Qh6};8t{H=-%>)b>fn;lH5TEat?DdU6H7O92 zfT0nQ4gcK;q#;F#HfVAqV?%-D@vFIHc}7?+d^=IXjk7ufb|siANIaAWI-2>q-cTTp z7pVjcOY#u#0gOf<>5W#N1Oi}{?^=f~;B;7lICs}(!M1;x9^LJEHUepnHyyolCJ-PD z-|nANd}gB94=)feQptfor-Qg8Z5V+h$@WNJxf2NR*S>2lZC4;$0K6kTy4&+?1kxUF zI(p?$AW!?QHDM{h3GX1qN?2y1K^>$eZNms8X~tjomqUSonEPvGyD}bY6AC1ci}OPl z>FG_8i9PFhv*uKS>mdX~%7!mk8gih^&S*y@u50K!TMZ^$tdC1_-{78Or6{V!`P6L1 zkz+LGJ4luXZ`rH~zbq0(;axf9-ao-gu9}0AYKqd|G|B0l0F$a<4526uBF2>9f;>~;K(|;WR zJ3=6i7rqamfm}qAH;_gkITYDQ!P(lMb< zCHg)HCw6Qo;|6@*{U(%;e7SxHv4?^=LW=G$#AyW5@w9ZjXg7e#9UIEH0V(7u;rzm5 zb%7MT@Ph>U=Zs_S9G($KM;sOg{dbYD9`DFVPC7IAPXgDztu7F!8r=lOH95iFK1?H! z_PJB@WH9<11XLoA?!O4j{E~I;ut2*sX!pA}Mu8xf4rZW%vuDxJb zAeHD@5N6~Cdz(Phe9hY?)eb*u?ZsZvp$!BvOi-A9ufrv=Vs+H(J zb&%s!quao^Ooy$!*dR;Hq@u_D47njMpbgIE7+}!-fh*qAT{vehX!KxnnOw{3b`r9|1V3 zV_P{iz~KAUBUTS>AIRY-wG5dy_^vpom`(@)>|ZJ&J+7LW-ID`e{rW|5llD zJoQUc{qpST>&HqU>RGiXpE0{{=y||*?F)3o-CVB;4`AT_n2HwR#K zLwpUOZ4CJmk=P9>_Yl!;3G60dPn{FOG%z0x64M~npO~f&VCn{<%^vdy{IdNG9rheA zd=j8P&|xdbHvFy^h}z;#;B5f5fy6cjwgrT3m{0AU!M~G_avV&P93E|vIDzZuv*`pd z|6a-y;irBiW?})o)+vsn7o5cq_jPKg3;Ndu(ru4euK?Hx=8b;A+K73i{vQ7|z*eCc zoCsT-0Hza3i3Y5a8%&DdIY5Mes+Fvd>hM+cqOUNZ#g+~{DcYz%Vs*zNo$(Y2vDOap zjol0A=P8mp!nHb1Aj9Zn0{#d@X9D=OIIxir^K0{IW2d(FXV_GW^Iz@MRu}YFi}bv| z=H)72t@T~XMOH{>1OFZgc^ZQc2SMz@a^`6I12Mgy^ZYXGWB6b(l@-- zBww2qUjgxl{gS=DqnVJ0&I7OfN@4Pm7Z3>-%t|cdRwM>+o9|kGq9df7%>^AHH?To> zjr@a&aAt!fad$@WrIoE{9yi;`mybp6e8FVbGsV!uq#P?Q~Ut zwcR}r2d0?lzMv%jxNY(We&9@+`qpV-XipOsO_M~^grsQ9q;&8W! zd29*ZQkw znXxOuT!NShfte)vZ6KNn;MivSk7^eIcxm{De+d0-DlQs~rqUKs3Ic&_E_zg}FoeiS10jQrh=;UZ(Tl@rrHVcRcYI|@W7LlKf zU;SPjFIo#gOM*H5=u)((k~U;F?GFw5u2?V;J%uX&As{aXlX@;cIz<|lYaieT3G{%J z(St$1^Zk_ZH0{1`FgQ~R@j%lZdZ{7vxmisdw}XT@vo@bz7(E`&5YGbh=fJ!$t7Apr z?*O#Uip2Uo3+Sg=#i?*Pm2e%1GRtMU+=*G4Og*ZytOTz0)p5lkc>v(Ir%PP3-f1U+ z*F*C9TEE@#Hjrk$HruW^7@p07hMH~PYwi3!!p>mwYO4CKQ1AUmT=hFguEa4q0)7&b z){`UF)#lOjS(t45Hzi&S;8(JMCu101@Lg+q=E@&PDNYUhX+*WF{EK76&<9X=6|&a( zCCbDHPsig6L3}Zo%Nd)b>A_LE!OQmij1|z~JAKz4^E~W$;YNVwrN>rWp84MySfMKe zd#5PXPF@+wi&)S_y}lodfiDHFbyc=Xu#tGbU!s3Gbf61E;bM}ss?)*GcK>V%MR8TA z@=1{LVnMi=fj4HGKmF(qtb?;u#Pk38Q^YKsLHiC3H^;k;+ZeU%2?f`&aNdb?!F(~m z=d}@3F1rYpXYDH&9vI#LmxVIWgxmd+H6nvwal^jpY!y1*XOzDY%Aiox(a3xF%`%V+ z8FUfATF#$jb!@D#cI@7BCck)ahp6Mp7XW^1T7a4G(V%4g(}>3_FZvh(Urq~C`hNM} z3H(Y z4&FibAJ%^{CB)DAuJyLjz8x=8iIdfC+#b7Vi+>Eg6MslSUIX91Ls$uXQ3t!J(+OXQ zxBK(ynGpg}e{sBM3xIbdjf%k!1gq z;2c0Iv8YEdp~rA+R(ANVbubn0h+~`uFIrB(Rk69A$S`5GU$T~ra|iiv0LLVbCryXM z7yBjqn`uIb%Xi;KK8~dl3Z28ur^V%`BfHGE`(^v!+td*PN$t=+;R}Ar8dC$$smjN} z{H~4y&QWJ#e4o>qo{Vf=gs%fIcQcTSEc#aNP ze~b}``X7!bHv|0cL_tm@kZSY=Fg}$imNcAc7Kh_SJUqDkC?qef^%w3i2v}Nk?W!(6aoZ_Y`8{BHJ_Bm=Y9i%12>9okYkla@*v1H?&*L*BVE3zH5*8 z7C3G)vZ5D0%Ah1a^n`vO-h^{$=V$_oUi3)@{w`i(lC`c%G6Xg))R}p{32_`6q$<0& z)OYP~B^!BX-fS;8l_1We;YYAHcV=x&@9q9i#PRsZ$Zt>M3#1xd#f;^e0UXvGkvzLr zDr_1fkSZU~EVm|!B~D)qd@*pXKiBD_MR6SJ`dJV!^-K1MBL+IL#bWDzKB}-c>L*f< zU!bJ9a6L#|mlT$`{1D+2wUXY~ zxE+Y&&@i84@ZSWkox5{4>f8#k><4f@faBX8J1N8|;d~mC8*HL{uj;G%*8zH21YB8jt$&=z zr>5VQNrto=j2r!_;zpc7p)SXc7hVWZoL}3wGq7yD%rd%Sh|^ACkbj>nSq7^uE;yl) zFJgSMR<_1nQXE!gN$<_7=aVAq3$+rBS&OJ3)fogqA}4#4cz`2$W3a%{nrz#tMz?`+ zS))PM^Y65Sh`*@wHMAaFOCgJF5 zM)ag#60;{XHpIn(WRJjOHaF@4(6N;tG4qW<*07O^<=LmzAP70c++-x z66jfg*Z97;73b;A3hz{T0l;4cbGj$@2x{}_Klml<#$+diMsE+X?d*!m5LAXlKUw0k z+I*@^FKt6yvrUkwG4%9r&zUK;XU(eNGjl>7PUuqGEXV=;gc`)FF4 z>8&;o=uN8g{zH5^%^H+U6-TR+W!N_tve$g-fZh$F=^#u8 z^KYv(PowN@W6(AM-Uh}qEX0F;iTgt0U_~Is7f_~`+n^&eU78k1 zp%PwBL@QE5-o%@&)Ub8nSS99WDX$>lV;z{uYS%r?a%G`l-?V2QsW)J`yP6gV)XA?Y z{1ljHr50ruiKOo?K2F;5W1zY)nyH7L8tob!*Hn^jONzhCTW$O11u~rVf+!P0&d9Dm)%0uKMAldq2brjN9ZCVmv$JE1Xi#Vf8XdkMB4GSB#`=Iy%Jr) zgj>=EuKY9T0b=>(wioaT1X1+3#E?o9DuJ50Mlql&88eAnl6)c3${@5X5M|u)!c73Z zw-rZmwk6P`QqbyP64s0^pAe_tiEP_dK21QnU~&N-lQA+4Oj-A-&Vx%Sz7q6PrYZ!t zC6M&Kt~VHF##Rtk6N_&p@y+5O8fMW~4NsSh(;=)9Se2+YS6d7aZfA&FgAzT_R)5W% z+7gJukVf{CR$^!72ZgXUNelM|^GI7_gaa6gRX$#FG?y4>GSQhmx8QDNFxqKLSS?Ac z81Ix{JLcN$)3!kNFW4UeIJJ#}O$V(`$}tbA4}e0*?JVu>{#0yl>T&FL?kh~gOak5p zmTv<{Ju=M(_+b9lrg4~t?J%%bl3W><3g2m`bEkdU7D)XrlJ>{LPNN5Y2BPiE7*Y1^ zfLR(A!Ebi%##qq6z&8bp75mEcZ4I`XHqntll$X>tGBzEeY1mZ^5bh9Cu2l5{lZdNh zfv6y0Wi*#zAW;UG z`GY~(zFntN?E+EY94}H^;?>r8a~TE_VIYpA;0kyw0;!86twaxr42N-&B?cJuP~eI) zV~K#CjoO=qj1-YBT^-{vw5#KnN`yH;#<4Pz6CVx#EsSq!PlemQZmW9;@e10=-s zI8P_WDvXvdsozPwXgdIN*eIzH?jk=-SRRzDPbL{s;sV((5>7Hm@mQ=6@hDgB@JY$31q)W)V`TZ(+J%7%m)L^{NbQ%r}mj3Re=mI z+@nu0aC1I}%b-k>0VcjIDA}oQd`(>-its`uTuel{D`KDIWa&9y%pdT}_BYawI}-w_ z-$|;W%S?9wn4C5##(#4N+X@S&5vXN(tD7x8XOVKhR zvt(q8guF6z3y)+8)MzZ37f2m&J*ALb&cNkaCevVRk^$!RcES319twNrLm>NkHyIq8 zoPgPGc9ZW~pUO7G*U{xlAoW+lDi<*GwdO5XUZ&VEPA0lfgwfyD78GL5rK_8j+zI3W z0mG#i#5K97PojI&@??+kA_2>4Wh)bPEnB57w*patsvK6xM!!ZXgtG}536~7oEneat`Nw9z=lgylX~n*yN-K4 zX0mRSIe(n$dVw5x>jjPF+^BXs0Ix zGIB95mjF;d=4zP%+5nbo{j$BT<*qsH&{G0AFhjx|iRR?~+X~|s5EulBL4Ox2SVU3MlP*vG zj6hl(t-4^WXf6pl9l%@w$F*o8$>#qBqAdV#f#j!2T3c!h==mf8_8(03QKBy+KodN@l!Dz)leD1j|>|pTztsgLZHP { - - }) - .onSubmit((enterKey) => { +import {Core, ExpectExtend, InstrumentLog} from "deccjsunit/index" +import testsuite from "../../../test/List.test.ets" +import featureAbility from "@ohos.ability.featureAbility" - }) - .onEditChanged((isEditing) => { +@Entry +@Component +struct MyComponent { + aboutToAppear() { + console.info("start run testcase!!!!") + featureAbility.getWant() + .then((Want) => { + const core = Core.getInstance() + const expectExtend = new ExpectExtend({ + 'id': 'extend' + }) + const instrumentLog = new InstrumentLog({ + 'id': 'report', 'unity': 'true' + }) + core.addService('expect', expectExtend) + core.addService('report', instrumentLog) + core.init() + core.subscribeEvent('spec', instrumentLog) + core.subscribeEvent('suite', instrumentLog) + core.subscribeEvent('task', instrumentLog) + const configService = core.getDefaultService('config') + configService.setConfig(Want.parameters) + testsuite() + core.execute() + console.info('Operation successful. Data: ' + JSON.stringify(Want)); + }) + .catch((error) => { + console.error('Operation failed. Cause: ' + JSON.stringify(error)); + }) + } - }) - Column() { - Image($r('app.media.search')) - .objectFit(ImageFit.Contain) - .width(16) - .height(16) - .margin({ left: -300, top: 12 }) - } - } + build() { + Flex({ + direction: FlexDirection.Column, + alignItems: ItemAlign.Center, + justifyContent: FlexAlign.Center + }) { + Text('Hello World') + .fontSize(50) + .fontWeight(FontWeight.Bold) } + .width('100%') + .height('100%') } -} \ No newline at end of file +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/ExampleJsunit.test.ets similarity index 52% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets rename to frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/ExampleJsunit.test.ets index 45ee546a7..35824cab4 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/pages/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/ExampleJsunit.test.ets @@ -13,28 +13,15 @@ * limitations under the License. */ -import { spaceDialog } from "../common/components/dialog.ets" +import {describe, beforeAll, beforeEach, afterEach, afterAll, it, expect} from "deccjsunit/index" +import app from '@system.app' -@Entry -@Component -struct dialogPage { - spaceDialogController: CustomDialogController = new CustomDialogController({ - builder: spaceDialog({ cancel: this.spaceCancel, confirm: this.spaceAccept }), - cancel: this.spaceExist, - autoCancel: true, - alignment: DialogAlignment.Bottom, - offset: { dx: 0 , dy: -12 }, - customStyle: true +export default function exampleJsunit() { + describe('appInfoTest', function () { + it('app_info_test_001', 0, function () { + var info = app.getInfo() + expect("1.0").assertEqual('1.0') + expect(info.versionCode).assertEqual('3') + }) }) - spaceCancel() { - } - spaceAccept() { - } - spaceExist() { - } - aboutToAppear() { - this.spaceDialogController.open() - } - build() { - } -} \ No newline at end of file +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/List.test.ets similarity index 52% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets rename to frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/List.test.ets index f6dbf9c9b..e659c7498 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/dialogDataList.ets +++ b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/ets/test/List.test.ets @@ -13,9 +13,8 @@ * limitations under the License. */ -export const dialogData: any[] = [ - { 'name': '权限1', 'index': 1, 'message1': '是否允许"XX"访问健身运动','message2': '用于XXXX', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限2', 'index': 2, 'message1': '内容2','message2': '内容二', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限3', 'index': 3, 'message1': '内容3','message2': '内容三', 'icon': $r("app.media.ic_exercise") }, - { 'name': '权限4', 'index': 4, 'message1': '内容4','message2': '内容四', 'icon': $r("app.media.ic_exercise") } -] \ No newline at end of file +import exampleJsunit from "../test/ExampleJsunit.test.ets" + +export default function testsuite() { + exampleJsunit() +} diff --git a/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java new file mode 100644 index 000000000..9482d133c --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java @@ -0,0 +1,14 @@ +package com.ohos.permissionmanager; + +import ohos.aafwk.ability.delegation.AbilityDelegatorRegistry; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; + +public class ExampleOhosTest { + @Test + public void testBundleName() { + final String actualBundleName = AbilityDelegatorRegistry.getArguments().getTestBundleName(); + assertEquals("com.ohos.permissionmanager", actualBundleName); + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/element/string.json new file mode 100644 index 000000000..998415d35 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/element/string.json @@ -0,0 +1,12 @@ +{ + "string": [ + { + "name": "app_name", + "value": "finalApplication" + }, + { + "name": "mainability_description", + "value": "hap sample empty page" + } + ] +} diff --git a/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/media/icon.png b/frameworks/com.ohos.permissionmanager/entry/src/ohosTest/resources/base/media/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..ce307a8827bd75456441ceb57d530e4c8d45d36c GIT binary patch literal 6790 zcmX|G1ymHk)?T_}Vd;>R?p|tHQo6fg38|$UVM!6BLrPFWk?s;$LOP{GmJpBl$qoSA!PUg~PA65-S00{{S`XKG6NkG0RgjEntPrmV+?0|00mu7;+5 zrdpa{2QLqPJ4Y{j7=Mrl{BaxrkdY69+c~(w{Fv-v&aR%aEI&JYSeRTLWm!zbv;?)_ ziZB;fwGbbeL5Q}YLx`J$lp~A09KK8t_z}PZ=4ZzgdeKtgoc+o5EvN9A1K1_<>M?MBqb#!ASf&# zEX?<)!RH(7>1P+j=jqG(58}TVN-$psA6K}atCuI!KTJD&FMmH-78ZejBm)0qc{ESp z|LuG1{QnBUJRg_E=h1#XMWt2%fcoN@l7eAS!Es?Q+;XsRNPhiiE=@AqlLkJzF`O18 zbsbSmKN=aaq8k3NFYZfDWpKmM!coBU0(XnL8R{4=i|wi{!uWYM2je{U{B*K2PVdu&=E zTq*-XsEsJ$u5H4g6DIm2Y!DN`>^v|AqlwuCD;w45K0@eqauiqWf7l&o)+YLHm~|L~ z7$0v5mkobriU!H<@mVJHLlmQqzQ3d6Rh_-|%Yy2li*tHO>_vcnuZ7OR_xkAIuIU&x z-|8Y0wj|6|a6_I(v91y%k_kNw6pnkNdxjqG8!%Vz_d%c_!X+6-;1`GC9_FpjoHev5fEV7RhJ>r=mh-jp$fqbqRJ=obwdgLDVP5+s zy1=_DWG0Y-Jb3t^WXmkr(d9~08k-|#Ly zaNOmT(^9tIb&eb4%CzIT zAm3CUtWSr1t4?h1kk#NBi{U|pJslvME{q|_eS^3En>SOqSxyuN1x;Is@8~m?*>}** znrRFArP!K_52RpX*&JHMR<^lVdm8ypJ}0R(SD(51j;6@ni$6bQ+2XL+R^|NnSp5}(kzvMZ^(@4fD_{QVu$(&K6H|C37TG1Am9Re{<<3gd zh@`>;BqkXMW&p0T6rt|iB$)~CvFe(XC)F9WgAZn*0@t$oZo;!*}r@_`h?KKH&6A@3= zISXoQB+~`op>NP-buiA*^0n{@i{_?MRG)&k)c)k_F+-2Lud!S9pc+i`s74NpBCaGF zXN+pHkubw*msGBTY27BKHv)RRh3;nMg4&$fD_6X9Vt~;_4D+5XPH~#Kn-yjcy!$}1 zigv#FNY>TqMhtIBb@UoF!cE~Q8~;!Pek>SQQwHnHuWKoVBosAiOr}q>!>aE*Krc)V zBUMEcJ5NU0g8}-h6i1zpMY9>m4ne?=U2~`w7K7Q0gB_=p@$5K7p6}thw z-~3dMj?YNX2X$lZ+7ngQ$=s}3mizNN@kE%OtB)?c&i~2L55z8^=yz;xMHLmlY>&Q# zJj?!)M#q_SyfkQh)k?j8IfLtB)ZCp|*vf4_B zos?73yd^h-Ac+;?E4*bpf=o*^3x3-`TVjbY4n6!EN10K6o@fxdyps05Vo3PU)otB} z`3kR+2w7_C#8Z!q`J)p{Vh!+m9-UP!$STp+Hb}}#@#_u^SsUQg<}59< zTvH3%XS4G+6FF^(m6bVF&nSUIXcl;nw{=H$%fgeJ>CgDYiLdpDXr{;-AnG z8dvcrHYVMI&`R6;GWekI@Ir3!uo)oz4^{6q0m^}@f2tM9&=YHNi6-?rh0-{+k@cQm zdp`g#YdQn%MDVg2GR>wZ`n2<0l4)9nx1Wfr&!Dvz=bPwU!h2S?ez6MVc5APE4-xLB zi&W9Q8k2@0w!C53g?iAIQ}~p*3O(@zja6KQ=M3zfW*_6o5SwR-)6VBh~m7{^-=MC-owYH5-u40a}a0liho3QZZ5L{bS_xM1)4}19)zTU$$MY zq3eZML1WC{K%YFd`Be0M-rkO^l?h{kM{$2oK1*A@HVJ57*yhDkUF!2WZ&oA4Y-sK( zCY69%#`mBCi6>6uw(x4gbFaP0+FD*JKJ-q!F1E?vLJ+d35!I5d7@^eU?(CS|C^tmI5?lv@s{{*|1F zFg|OzNpZ0hxljdjaW%45O0MOttRrd(Z?h{HYbB-KFUx&9GfFL3b8NwZ$zNu)WbBD` zYkj$^UB5%3Pj1MDr>S2Ejr9pUcgA!;ZG!@{uAy12)vG=*^9-|dNQBc8&`oxBlU~#y zs!anJX&T?57Jdr^sb>e+V`MVfY>Y0ESg7MG<7W0g&bR-ZYzzZ%2H&Etcp zcd6QeXO1D!5A#zM0lx*GH}`M)2~ZFLE;sP^RSB5wVMNfiZXPd(cmO>j=OSA3`o5r& zna(|^jGXbdN7PK)U8b7^zYtYkkeb%<%F~=OqB~kXMQkq}ii|skh@WSRt>5za;cjP0 zZ~nD%6)wzedqE}BMLt~qKwlvTr33))#uP~xyw#*Eaa|DbMQ_%mG0U8numf8)0DX`r zRoG2bM;#g|p-8gWnwRV5SCW0tLjLO&9Z?K>FImeIxlGUgo0Zk`9Qzhj1eco~7XZy+hXc@YF&ZQ=? zn*^1O56yK^x{y}q`j7}blGCx%dydV!c7)g~tJzmHhV=W~jbWRRR{1<^oDK+1clprm zz$eCy7y9+?{E|YgkW~}}iB#I4XoJ*xr8R?i_Hv$=Cof5bo-Nj~f`-DLebH}&0% zfQj9@WGd4;N~Y?mzQsHJTJq6!Qzl^-vwol(+fMt#Pl=Wh#lI5Vmu@QM0=_r+1wHt` z+8WZ~c2}KQQ+q)~2Ki77QvV&`xb|xVcTms99&cD$Zz4+-^R4kvUBxG8gDk7Y`K*)JZ^2rL(+ZWV~%W(@6 z)0bPArG#BROa_PHs~&WplQ_UIrpd)1N1QGPfv!J(Z9jNT#i%H?CE6|pPZb9hJ1JW4 z^q;ft#!HRNV0YgPojzIYT`8LuET2rUe-J|c!9l4`^*;4WtY@Ew@pL>wkjmMgGfN7 ze}}GtmU0@<_#08~I-Suk=^*9GLW=H4xhsml;vAV{%hy5Eegl@!6qKqbG024%n2HHw zCc@ivW_$@5ZoHP70(7D+(`PvgjW1Pd`wsiuv-aCukMrafwDm)B!xXVy*j2opohhoU zcJz%ADmj>i3`-3-$7nQKBQQuGY;2Qt&+(L~C>vSGFj5{Mlv?T_^dql;{zkpe4R1}R z%XfZyQ}wr*sr>jrKgm*PWLjuVc%6&&`Kbf1SuFpHPN&>W)$GmqC;pIoBC`=4-hPY8 zT*>%I2fP}vGW;R=^!1be?ta2UQd2>alOFFbVl;(SQJ4Jk#)4Z0^wpWEVvY4=vyDk@ zqlModi@iVPMC+{?rm=4(n+<;|lmUO@UKYA>EPTS~AndtK^Wy^%#3<;(dQdk3WaUkRtzSMC9}7x2||CNpF#(3T4C)@ z$~RWs`BNABKX|{cmBt>Q=&gkXl&x!!NK_%5hW0LS)Z4PB>%sV?F-{Wyj#s7W%$F{D zXdK^Fp3wvy+48+GP6F_|^PCRx=ddcTO3sG;B23A49~Qaw31SZ0Rc~`r4qqt%#OGW{ zCA_(LG5^N>yzUn&kAgVmxb=EA8s&tBXC}S1CZ(KoW)(%^JjLTPo^fs`Va;`=YlVPgmB$!yB}<(4ym6OeZ3xAJJ#;)2+B%p3P1Wt+d$eo`vz`T zXfUP2))kBDPoscH;Jc7I3NU<({|@wM$&GaDt`n7WLgIY3IA7A6-_R?z8N3mz|}*i z(zl5ot--Oq@f2-nv{X(ujT2T(k1vY_qh93pK@>H-qc%2Xta)IP0Q%zt%bqYgI`o!wv!0QerB`nCN^1n|@$sVOQ!V0teVG!I z_fD%JvfDeT1cK#-{o6Gv7}& zY0#NWin~kVaf$aufV&;63Hbs|`QVZWpDX6IMk1Hj2G}fiH9e-^6u2zf^FIr^BwD<6zjw63+{yUe8PUFvk8v{sJ=R{d#`O!sz`Q13~< zPT$JS(w=yQfU2`zPCNfSw=&zup@DXc(98afjhv@1w_f!m2Z>rMJ19AB&dB%P#Ls3b z=lK7OILM+SQ&VEd=1GN6o&>YVVtIzoZ%=Z_SdqJN2}E43{bE`>w+A;=y->@^k{oCC z$F*WTY&?34;kfyFV?b*Xb1Pq`Z=%OgwEg)Rz)tx=`f%5#w_INP=x&z5!jI;#;N$ma zhO)+MDm;SxOEVL15; zGq(v2pL3&P1Sl)8P*;G-fd{l1QJsv@e@d8)1PK4w2m*M%V3j-V~L^$i|&C@b?D?9tfwE{B^}Z$k8e5FmQ>v7Xz)sG32g9t}YBt zyR$+*_00RmPx+0mW+vVG4mxd(n$(eQf3-w>JPl2UJpafrPaL5@2j}%{VE-) zBI%6Qpj*dsdH<;g!S!avA~bv^0E+ zfyJbSjPb+j;J52U)<|cIcntQBI2T#>2;tOxu{%D?kML476AErF(qN9hPva5Nkc@BF zC-tLF@3ZFb%Kpj)M<{)x*l|*Ia@ECeXo2E4h2f!aV=cHAhi_E_mfUth(sM4^hJq7B zQsGWqdZUm9S%F`$nQ*_#NcuD`&)Ek%_s{&^78{9Hm ztri&rYLOxgFdG>O@+XHy z9#;|&vBCPXH5Mon^I`jSuR$&~ZWtyB67ujzFSj!51>#C}C17~TffQ{c-!QFQkTQ%! zIR^b1`zHx|*1GU?tbBx23weFLz5H?y_Q%N&t$}k?w+``2A=aotj0;2v$~AL z{scF-cL{wsdrmPvf#a9OHyYLcwQD4Kcm)`LLwMh4WT~p29f7M!iafJSU`IV}QY5Wa z(n44-9oA}?J{a+ah*@31WTs#&J#o1`H98#6IQf;Wv0N_!);f&9g7o-k(lW5rWnDUR zQBFIRG+X=6NnsI@mxnwm;tf5;_Uxg?jZ8m-m0}&6+DA!qam(p$mN5R})yA_7m$q@| zFEd|dpS595rxQr-n#GjI5i-AhnUE>Cr;jpCqSrD~EwK_DqI^7%3#p5)%T_od!t3SOmH9MyXeeGO2(UQL;ax|x?Ncixmeo1=$ z{-);Au{*tfzOG?KQ~K|ak8-HQ?`Pekhe2WM(8s{xv-p>Zmu_6{G!-oE$7$mY`MOJorI=+mMx?H;`pr!;fVYz?5~yXBACruWB`Ph zZM}90_<^OBxIhyZ9BW$`>6JvO;%VFpqVr8|7t3~AmxYak6?`Pp#c;**_SYmi`&z23 z`p6_~ePvH)C6x-G9$hgL=eVALq`-AiamN>!3~Lxw&{H(b{B(7xSRm6<3<{%{yXiH# zos5Rv1L+8fUKJLo%P>4I&$}y \(.*\)$'` - if expr "$link" : '/.*' > /dev/null; then - PRG="$link" - else - PRG=`dirname "$PRG"`"/$link" - fi +while [ -h "$PRG" ]; do + ls=$(ls -ld "$PRG") + link=$(expr "$ls" : '.*-> \(.*\)$') + if expr "$link" : '/.*' >/dev/null; then + PRG="$link" + else + PRG=$(dirname "$PRG")"/$link" + fi done -SAVED="`pwd`" -cd "`dirname \"$PRG\"`/" >/dev/null -APP_HOME="`pwd -P`" +SAVED="$(pwd)" +cd "$(dirname \"$PRG\")/" >/dev/null +APP_HOME="$(pwd -P)" cd "$SAVED" >/dev/null APP_NAME="Gradle" -APP_BASE_NAME=`basename "$0"` +APP_BASE_NAME=$(basename "$0") # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' @@ -49,15 +49,15 @@ DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD="maximum" -warn () { - echo "$*" +warn() { + echo "$*" } -die () { - echo - echo "$*" - echo - exit 1 +die() { + echo + echo "$*" + echo + exit 1 } # OS specific support (must be 'true' or 'false'). @@ -65,117 +65,117 @@ cygwin=false msys=false darwin=false nonstop=false -case "`uname`" in - CYGWIN* ) - cygwin=true - ;; - Darwin* ) - darwin=true - ;; - MINGW* ) - msys=true - ;; - NONSTOP* ) - nonstop=true - ;; +case "$(uname)" in +CYGWIN*) + cygwin=true + ;; +Darwin*) + darwin=true + ;; +MINGW*) + msys=true + ;; +NONSTOP*) + nonstop=true + ;; esac CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar # Determine the Java command to use to start the JVM. -if [ -n "$JAVA_HOME" ] ; then - if [ -x "$JAVA_HOME/jre/sh/java" ] ; then - # IBM's JDK on AIX uses strange locations for the executables - JAVACMD="$JAVA_HOME/jre/sh/java" - else - JAVACMD="$JAVA_HOME/bin/java" - fi - if [ ! -x "$JAVACMD" ] ; then - die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME +if [ -n "$JAVA_HOME" ]; then + if [ -x "$JAVA_HOME/jre/sh/java" ]; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ]; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME Please set the JAVA_HOME variable in your environment to match the location of your Java installation." - fi + fi else - JAVACMD="java" - which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. Please set the JAVA_HOME variable in your environment to match the location of your Java installation." fi # Increase the maximum file descriptors if we can. -if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then - MAX_FD_LIMIT=`ulimit -H -n` - if [ $? -eq 0 ] ; then - if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then - MAX_FD="$MAX_FD_LIMIT" - fi - ulimit -n $MAX_FD - if [ $? -ne 0 ] ; then - warn "Could not set maximum file descriptor limit: $MAX_FD" - fi - else - warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ]; then + MAX_FD_LIMIT=$(ulimit -H -n) + if [ $? -eq 0 ]; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ]; then + MAX_FD="$MAX_FD_LIMIT" fi + ulimit -n $MAX_FD + if [ $? -ne 0 ]; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi fi # For Darwin, add options to specify how the application appears in the dock if $darwin; then - GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" fi # For Cygwin or MSYS, switch paths to Windows format before running java -if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then - APP_HOME=`cygpath --path --mixed "$APP_HOME"` - CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` - JAVACMD=`cygpath --unix "$JAVACMD"` - - # We build the pattern for arguments to be converted via cygpath - ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` - SEP="" - for dir in $ROOTDIRSRAW ; do - ROOTDIRS="$ROOTDIRS$SEP$dir" - SEP="|" - done - OURCYGPATTERN="(^($ROOTDIRS))" - # Add a user-defined pattern to the cygpath arguments - if [ "$GRADLE_CYGPATTERN" != "" ] ; then - OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" +if [ "$cygwin" = "true" -o "$msys" = "true" ]; then + APP_HOME=$(cygpath --path --mixed "$APP_HOME") + CLASSPATH=$(cygpath --path --mixed "$CLASSPATH") + JAVACMD=$(cygpath --unix "$JAVACMD") + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=$(find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null) + SEP="" + for dir in $ROOTDIRSRAW; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ]; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@"; do + CHECK=$(echo "$arg" | egrep -c "$OURCYGPATTERN" -) + CHECK2=$(echo "$arg" | egrep -c "^-") ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ]; then ### Added a condition + eval $(echo args$i)=$(cygpath --path --ignore --mixed "$arg") + else + eval $(echo args$i)="\"$arg\"" fi - # Now convert the arguments - kludge to limit ourselves to /bin/sh - i=0 - for arg in "$@" ; do - CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` - CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option - - if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition - eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` - else - eval `echo args$i`="\"$arg\"" - fi - i=`expr $i + 1` - done - case $i in - 0) set -- ;; - 1) set -- "$args0" ;; - 2) set -- "$args0" "$args1" ;; - 3) set -- "$args0" "$args1" "$args2" ;; - 4) set -- "$args0" "$args1" "$args2" "$args3" ;; - 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; - 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; - 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; - 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; - 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; - esac + i=$(expr $i + 1) + done + case $i in + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac fi # Escape application args -save () { - for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done - echo " " +save() { + for i; do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/"; done + echo " " } -APP_ARGS=`save "$@"` +APP_ARGS=$(save "$@") # Collect all arguments for the java command, following the shell quoting and substitution rules eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat b/frameworks/com.ohos.permissionmanager/gradlew.bat similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/gradlew.bat rename to frameworks/com.ohos.permissionmanager/gradlew.bat diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json b/frameworks/com.ohos.permissionmanager/package.json similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/package.json rename to frameworks/com.ohos.permissionmanager/package.json diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/.gitignore b/frameworks/com.ohos.permissionmanager/permissionmanager/.gitignore new file mode 100644 index 000000000..7d5b7a94f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/.gitignore @@ -0,0 +1,2 @@ +/build +/node_modules diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/build.gradle b/frameworks/com.ohos.permissionmanager/permissionmanager/build.gradle new file mode 100644 index 000000000..f6df7ecdb --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/build.gradle @@ -0,0 +1,28 @@ +apply plugin: 'com.huawei.ohos.hap' +apply plugin: 'com.huawei.ohos.decctest' +//For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 +ohos { + compileSdkVersion 7 + defaultConfig { + compatibleSdkVersion 7 + } + buildTypes { + release { + proguardOpt { + proguardEnabled false + rulesFiles 'proguard-rules.pro' + } + } + } + entryModules "entry" +} + +dependencies { + entryImplementation project(':entry') + implementation fileTree(dir: 'libs', include: ['*.jar', '*.har']) + testImplementation 'junit:junit:4.13.1' + ohosTestImplementation 'com.huawei.ohos.testkit:runner:2.0.0.200' +} +decc { + supportType = ['html','xml'] +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/proguard-rules.pro b/frameworks/com.ohos.permissionmanager/permissionmanager/proguard-rules.pro new file mode 100644 index 000000000..f7666e475 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/proguard-rules.pro @@ -0,0 +1 @@ +# config module specific ProGuard rules here. \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json new file mode 100644 index 000000000..5a463361f --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -0,0 +1,75 @@ +{ + "app": { + "bundleName": "com.ohos.permissionmanager", + "vendor": "ohos", + "version": { + "code": 1000000, + "name": "1.0.0" + } + }, + "deviceConfig": {}, + "module": { + "package": "com.ohos.permissionmanager", + "name": ".MyApplication", + "mainAbility": "com.ohos.permissionmanager.GrantAbility", + "deviceType": [ + "phone" + ], + "distro": { + "deliveryWithInstall": true, + "moduleName": "permissionmanager", + "moduleType": "feature", + "installationFree": false + }, + "abilities": [ + { + "visible": true, + "name": "com.ohos.permissionmanager.GrantAbility", + "icon": "$media:icon", + "description": "$string:grantability_description", + "label": "$string:permissionmanager_GrantAbility", + "type": "page", + "launchType": "standard", + "srcPath": "dynamic" + } + ], + "js": [ + { + "mode": { + "syntax": "ets", + "type": "pageAbility" + }, + "pages": [ + "pages/dialogPlus" + ], + "name": "dynamic", + "window": { + "designWidth": 720, + "autoDesignWidth": false + } + } + ], + "reqPermissions": [ + { + "name": "ohos.permission.GET_SENSITIVE_PERMISSIONS", + "reason": "get sensitive permissions" + }, + { + "name": "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", + "reason": "grant sensitive permissions" + }, + { + "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", + "reason": "revoke sensitive permissions" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", + "reason": "get bundle previleged info" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO", + "reason": "get bundle default info" + } + ] + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/default/app.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/default/app.ets new file mode 100644 index 000000000..2a3b62387 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/default/app.ets @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default { + onCreate() { + console.info('Application onCreate') + }, + onDestroy() { + console.info('Application onDestroy') + }, +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/app.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/app.ets new file mode 100644 index 000000000..2a3b62387 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/app.ets @@ -0,0 +1,23 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default { + onCreate() { + console.info('Application onCreate') + }, + onDestroy() { + console.info('Application onDestroy') + }, +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets similarity index 42% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index 689f130db..d8ece4856 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -13,95 +13,40 @@ * limitations under the License. */ -import { dialogData } from "../model/dialogDataList.ets" -import { permissionGroups, groups } from "../model/permissionGroup.ets" +import { getPermissionGroup } from "../utils/utils.ets" +import { BundleFlag, userId } from "../model/bundle.ets" import bundle from '@ohos.bundle'; +import featureAbility from '@ohos.ability.featureAbility'; +import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; @Extend(Button) function customizeButton() { .backgroundColor($r('app.color.default_background_color')) .fontColor($r('app.color.button_color')) } -@CustomDialog -export struct spaceDialog { - controller: CustomDialogController - cancel: () => void - confirm: () => void - - build() { - Column() { - Image($r('app.media.ic_ssensor')) - .width(24) - .height(24) - .margin({ - top: 24 - }) - Column() { - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text('是否允许“XX”使用身体传感器?').fontSize(16) - .margin({ - top: 16, - left: 24 - }) - } - } - Row() { - Flex({ justifyContent: FlexAlign.Start }) { - Text('用于XXXX。').fontSize(14) - .fontColor($r('app.color.secondary_font_color')) - .margin({ - top: 2, - left: 24 - }) - } - } - } - Row() { - Flex({ justifyContent: FlexAlign.SpaceAround }) { - Button('禁止') - .fontSize(16) - .onClick(() => { - this.controller.close() - this.cancel() - }).customizeButton() - Text('|').fontSize(30).fontColor($r('app.color.divider_color')) - Button('允许') - .fontSize(16) - .onClick(() => { - this.controller.close() - this.confirm() - }).customizeButton() - }.margin({ - top: 8 - }) - } - } - .backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .height(170) - .width(336) - } -} - @CustomDialog export struct privacyDialog { - @Prop count: number + @Link count: number + @Link result: Array controller: CustomDialogController - cancel: () => void - confirm: () => void - @State permissionList: Array = [] + cancel: (group, accessTokenId, permissionList, userFixedFlag) => void + confirm: (group, accessTokenId, permissionList, userFixedFlag) => void + @State accessTokenId: number = 0 + @State hasPrepared: boolean = false + @State reqPerms: Array = [] + @State grantGroups: Array = [] + @State userFixedFlag: number = 2 // means user fixed build() { Column() { - if (this.count < this.permissionList.length) { - Image(dialogData[this.count].icon) + if (this.hasPrepared && this.verify(this.reqPerms[this.count])) { + Image(this.grantGroups[this.count].icon) .width(24) .height(24) .margin({ top: 24 }) - Text(`${this.count + 1} / ${this.permissionList.length}`) + Text(`${this.count + 1} / ${this.reqPerms.length}`) .fontSize(14) .fontColor($r('app.color.secondary_font_color')) .margin({ @@ -110,7 +55,7 @@ export struct privacyDialog { Column() { Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text("是否允许该应用访问" + this.current().groupName).fontSize(16) + Text("是否允许该应用访问" + this.grantGroups[this.count].groupName).fontSize(16) .margin({ top: 16, left: 24 @@ -119,7 +64,7 @@ export struct privacyDialog { } Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text("用于" + this.current().description).fontSize(14) + Text("用于" + this.grantGroups[this.count].description).fontSize(14) .fontColor($r('app.color.secondary_font_color')) .margin({ top: 2, @@ -134,23 +79,19 @@ export struct privacyDialog { Button('禁止') .fontSize(16) .onClick(() => { - this.cancel() - setTimeout(() => { - if (this.count === this.permissionList.length) { - this.controller.close() - } - }, 1) + this.cancel(this.grantGroups[this.count], this.accessTokenId, this.reqPerms, this.userFixedFlag) + if (this.count === this.reqPerms.length) { + this.controller.close() + } }).customizeButton() Text('|').fontSize(30).fontColor($r('app.color.divider_color')) Button('允许') .fontSize(16) .onClick(() => { - this.confirm() - setTimeout(() => { - if (this.count === this.permissionList.length) { - this.controller.close() - } - }, 1) + this.confirm(this.grantGroups[this.count], this.accessTokenId, this.reqPerms, this.userFixedFlag) + if (this.count === this.reqPerms.length) { + this.controller.close() + } }).customizeButton() }.margin({ top: 8 @@ -162,16 +103,60 @@ export struct privacyDialog { .height(186) .width(336) } - current() { - var current = this.permissionList[this.count] - var permission = permissionGroups.filter(item => item.name == current) - var group = groups.filter(item => item.name == permission[0].group) - return group[0] + async verify(permission) { + if(this.count >= this.grantGroups.length) { + this.controller.close() + this.aboutToDisappear() + return false + } + if(this.grantGroups[this.count] == 0) { + this.result[this.count] = -1 + this.count ++ + return false + } + var acManager = abilityAccessCtrl.createAtManager() + var ret = await acManager.verifyAccessToken(this.accessTokenId, permission) + if(ret == 0) { + console.log("GrantAbility permission has already been granted:" + permission) + this.result[this.count] = 0 + this.count ++ + return false + } + this.result[this.count] = -1 + return true } aboutToAppear() { - bundle.getApplicationInfo('com.example.myapplication', 0x00000000, 0).then(res => { - this.permissionList = res.permissions + this.count = 0; + featureAbility.getWant((err, want) => { + this.reqPerms = want.parameters["ohos.user.grant.permission"] + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " bundleName=" + want.bundleName) + bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { + this.accessTokenId = res.accessTokenId + }) + this.reqPerms.forEach(item => { + var group = getPermissionGroup(item) + if(!group) { + this.grantGroups.push(0) + console.log("GrantAbility permission not find:" + item) + }else { + this.grantGroups.push(group) + } + }) + this.hasPrepared = true; + }) + } + + aboutToDisappear() { + console.log("GrantAbility result=" + JSON.stringify(this.result)) + featureAbility.terminateSelfWithResult({ + resultCode: 1, + want: { + parameters: { + "ohos.user.grant.permission": this.reqPerms, + "ohos.user.grant.permission.result": this.result + } + } }) } } diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets similarity index 49% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets index 5ac4cb35a..4530bc6fc 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/model/appNameList.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets @@ -13,20 +13,26 @@ * limitations under the License. */ -export const calendarListItem: any[] = [ - { 'name': '读取日历', 'index': 1 }, - { 'name': '新建/修改/删除日历', 'index': 2 } -] -export const dynamicListItem: any[] = [ - { 'name': 'xxxxxx', 'index': 1 }, - { 'name': 'xxxxxx', 'index': 2 } -] -export const allowedListItem: any[] = [ - { 'name': '相机', 'index': 1, permission:'' }, - { 'name': '麦克风', 'index': 2, permission:'' }, - { 'name': '媒体和文件', 'index': 3, permission:'仅媒体' }, - { 'name': '日历', 'index': 4, permission:'读取日历' } -] -export const bannedListItem: any[] = [ - { 'name': '悬浮窗', 'index': 1 } -] \ No newline at end of file +export const BundleFlag = { + GET_BUNDLE_DEFAULT : 0x00000000, + GET_BUNDLE_WITH_ABILITIES : 0x00000001, + GET_ABILITY_INFO_WITH_PERMISSION : 0x00000002, + GET_ABILITY_INFO_WITH_APPLICATION : 0x00000004, + GET_APPLICATION_INFO_WITH_PERMISSION : 0x00000008, + GET_BUNDLE_WITH_REQUESTED_PERMISSION : 0x00000010, + GET_ALL_APPLICATION_INFO : 0xFFFF0000, + /** + * @since 8 + */ + GET_ABILITY_INFO_WITH_METADATA : 0x00000020, + /** + * @since 8 + */ + GET_APPLICATION_INFO_WITH_METADATA : 0x00000040, + /** + * @since 8 + */ + GET_ABILITY_INFO_SYSTEMAPP_ONLY : 0x00000080 +} +export const userId: number = 0 + diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets new file mode 100644 index 000000000..3e25678d6 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets @@ -0,0 +1,335 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export const permissionGroups: any[] = [ + { + "permissionName": "ohos.permission.LOCATION_IN_BACKGROUND", + "groupName": "LOCATION", + "label": "定位权限", + "description": "允许应用在后台运行时获取位置信息。", + "groupId": 0 + }, + { + "permissionName": "ohos.permission.LOCATION", + "groupName": "LOCATION", + "label": "定位权限", + "description": "允许应用在前台运行时获取位置信息。", + "groupId": 0 + }, + { + "permissionName": "ohos.permission.CAMERA", + "groupName": "CAMERA", + "label": "拍摄照片和录制视频", + "description": "允许应用拍摄照片和视频。", + "groupId": 1 + }, + { + "permissionName": "ohos.permission.MICROPHONE", + "groupName": "MICROPHONE", + "label": "录制音频", + "description": "允许应用打开或关闭录音通路。", + "groupId": 2 + }, + { + "permissionName": "ohos.permission.ANSWER_CALL", + "groupName": "PHONE", + "label": "接听电话", + "description": "允许应用接听电话。", + "groupId": 3 + }, + { + "permissionName": "ohos.permission.MANAGE_VOICEMAIL", + "groupName": "PHONE", + "label": "语音信箱", + "description": "允许应用管理语音信箱。", + "groupId": 3 + }, + { + "permissionName": "ohos.permission.READ_CELL_MESSAGES", + "groupName": "SMS", + "label": "读取小区广播", + "description": "允许应用读取设备接收的小区广播信息。", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.READ_MESSAGES", + "groupName": "SMS", + "label": "读取短彩信", + "description": "允许应用读取设备接收的短彩信信息。", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.RECEIVE_MMS", + "groupName": "SMS", + "label": "接收彩信", + "description": "允许应用接收彩信。", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.RECEIVE_SMS", + "groupName": "SMS", + "label": "接收短信", + "description": "允许应用接收短信。", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.RECEIVE_WAP_MESSAGES", + "groupName": "SMS", + "label": "接收WAP消息", + "description": "允许应用接收和处理WAP消息。", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.SEND_MESSAGES", + "groupName": "SMS", + "label": "发送短彩信", + "description": "允许应用发送短彩信", + "groupId": 4 + }, + { + "permissionName": "ohos.permission.READ_CONTACTS", + "groupName": "CONTACTS", + "label": "读取通讯录", + "description": "允许应用读取设备上存储的联系人信息。", + "groupId": 5 + }, + { + "permissionName": "ohos.permission.WRITE_CONTACTS", + "groupName": "CONTACTS", + "label": "新建/修改/删除通讯录", + "description": "允许应用新建/修改/删除设备上存储的联系人信息。", + "groupId": 5 + }, + { + "permissionName": "ohos.permission.READ_CALL_LOG", + "groupName": "CALL_LOG", + "label": "读取通话记录", + "description": "允许应用读取设备上的通话记录信息。", + "groupId": 6 + }, + { + "permissionName": "ohos.permission.WRITE_CALL_LOG", + "groupName": "CALL_LOG", + "label": "新建/修改/删除通话记录", + "description": "允许新建/修改/删除设备上的通话记录信息。", + "groupId": 6 + }, + { + "permissionName": "ohos.permission.MEDIA_LOCATION", + "groupName": "MEDIA", + "label": "允许应用访问拍摄位置", + "description": "应用访问用户媒体文件中的拍摄位置信息如经纬度信息。", + "groupId": 7 + }, + { + "permissionName": "ohos.permission.READ_MEDIA", + "groupName": "MEDIA", + "label": "允许应用读取媒体文件", + "description": "允许应用访问户媒体文件,如视频、音频、图片等。", + "groupId": 7 + }, + { + "permissionName": "ohos.permission.WRITE_MEDIA", + "groupName": "MEDIA", + "label": "允许应用读写媒体文件", + "description": "允许应用读写户媒体文件,如视频、音频、图片等。", + "groupId": 7 + }, + { + "permissionName": "ohos.permission.READ_CALENDAR", + "groupName": "CALENDAR", + "label": "读取日历", + "description": "允许应用读取日历。", + "groupId": 8 + }, + { + "permissionName": "ohos.permission.WRITE_CALENDAR", + "groupName": "CALENDAR", + "label": "修建/修改/删除日历", + "description": "允许应用修建/修改/删除日历。", + "groupId": 8 + }, + { + "permissionName": "ohos.permission.ACTIVITY_MOTION", + "groupName": "SPORT", + "label": "读取用户的运动状态", + "description": "允许应用程序读取用户的运动状态。", + "groupId": 9 + }, + { + "permissionName": "ohos.permission.READ_HEALTH_DATA", + "groupName": "HEALTH", + "label": "读取用户的健康数据", + "description": "允许应用程序读取用户的健康数据。", + "groupId": 10 + }, + { + "permissionName": "ohos.permission.DISTRIBUTED_DATASYNC", + "groupName": "OTHER", + "label": "允许不同设备间数据交换", + "description": "允许应用与远程设备交换用户数据(如图片、音乐、视频、及应用数据等)。", + "groupId": 11 + } +] + +export const groups: any[] = [ + { + "name": "LOCATION", + "groupName": "位置信息", + "icon": $r('app.media.ic_public_gps'), + "description": "访问您的位置信息", + "permissions": [ + "ohos.permission.LOCATION_IN_BACKGROUND", + "ohos.permission.LOCATION" + ] + }, + { + "name": "CAMERA", + "groupName": "相机", + "icon": $r('app.media.ic_public_camera'), + "description": "访问您的相机", + "permissions": [ + "ohos.permission.CAMERA" + ] + }, + { + "name": "MICROPHONE", + "groupName": "麦克风", + "icon": $r('app.media.ic_public_voice'), + "description": "访问您的麦克风", + "permissions": [ + "ohos.permission.MICROPHONE" + ] + }, + { + "name": "PHONE", + "groupName": "电话", + "icon": $r('app.media.ic_public_phone'), + "description": "拨打电话和管理通话", + "permissions": [ + "ohos.permission.ANSWER_CALL", + "ohos.permission.MANAGE_VOICEMAIL" + ] + }, + { + "name": "SMS", + "groupName": "信息", + "icon": $r('app.media.ic_public_message'), + "description": "发送和查看短信", + "permissions": [ + "ohos.permission.READ_CELL_MESSAGES", + "ohos.permission.READ_MESSAGES", + "ohos.permission.RECEIVE_MMS", + "ohos.permission.RECEIVE_SMS", + "ohos.permission.RECEIVE_WAP_MESSAGES", + "ohos.permission.SEND_MESSAGES" + ] + }, + { + "name": "CONTACTS", + "groupName": "通讯录", + "icon": $r('app.media.ic_public_contacts_group'), + "description": "访问您的通讯录", + "permissions": [ + "ohos.permission.READ_CONTACTS", + "ohos.permission.WRITE_CONTACTS" + ] + }, + { + "name": "CALL_LOG", + "groupName": "通话记录", + "icon": $r('app.media.ic_call_logs'), + "description": "读取和写入手机通话记录", + "permissions": [ + "ohos.permission.READ_CALL_LOG", + "ohos.permission.WRITE_CALL_LOG" + ] + }, + { + "name": "MEDIA", + "groupName": "媒体和文件", + "icon": $r('app.media.ic_public_folder'), + "description": "访问您的媒体和文件", + "permissions": [ + "ohos.permission.MEDIA_LOCATION", + "ohos.permission.READ_MEDIA", + "ohos.permission.WRITE_MEDIA" + ] + }, + { + "name": "CALENDAR", + "groupName": "日历", + "icon": $r('app.media.ic_public_calendar'), + "description": "访问日历和活动", + "permissions": [ + "ohos.permission.READ_CALENDAR", + "ohos.permission.WRITE_CALENDAR" + ] + }, + { + "name": "SPORT", + "groupName": "健身运动", + "icon": $r('app.media.ic_sport'), + "description": "访问您的运动状态", + "permissions": [ + "ohos.permission.ACTIVITY_MOTION" + ] + }, + { + "name": "HEALTH", + "groupName": "身体传感器", + "icon": $r('app.media.ic_ssensor'), + "description": "访问您的健康数据", + "permissions": [ + "ohos.permission.READ_HEALTH_DATA" + ] + }, + { + "name": "OTHER", + "groupName": "其他权限", + "icon": $r('app.media.ic_more'), + "description": "访问您的位置信息", + "permissions": [ + "ohos.permission.DISTRIBUTED_DATASYNC" + ] + } +] + +export const userGrantPermissions: string[] = [ + "ohos.permission.LOCATION_IN_BACKGROUND", + "ohos.permission.LOCATION", + "ohos.permission.CAMERA", + "ohos.permission.MICROPHONE", + "ohos.permission.ANSWER_CALL", + "ohos.permission.MANAGE_VOICEMAIL", + "ohos.permission.READ_CELL_MESSAGES", + "ohos.permission.READ_MESSAGES", + "ohos.permission.RECEIVE_MMS", + "ohos.permission.RECEIVE_SMS", + "ohos.permission.RECEIVE_WAP_MESSAGES", + "ohos.permission.SEND_MESSAGES", + "ohos.permission.READ_CONTACTS", + "ohos.permission.WRITE_CONTACTS", + "ohos.permission.READ_CALL_LOG", + "ohos.permission.WRITE_CALL_LOG", + "ohos.permission.MEDIA_LOCATION", + "ohos.permission.READ_MEDIA", + "ohos.permission.WRITE_MEDIA", + "ohos.permission.READ_CALENDAR", + "ohos.permission.WRITE_CALENDAR", + "ohos.permission.ACTIVITY_MOTION", + "ohos.permission.READ_HEALTH_DATA", + "ohos.permission.DISTRIBUTED_DATASYNC" +] \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/utils.ets similarity index 66% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/utils.ets index 2e73d04e2..7c28551a8 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/ets/default/common/utils/utils.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/utils.ets @@ -12,3 +12,12 @@ * See the License for the specific language governing permissions and * limitations under the License. */ +import { permissionGroups, groups } from "../model/permissionGroup.ets" + +export function getPermissionGroup(permission: string) { + for (var i = 0; i < permissionGroups.length; i++) { + if (permissionGroups[i].permissionName == permission) { + return groups[permissionGroups[i].groupId] + } + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets new file mode 100644 index 000000000..aa0784455 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import { privacyDialog } from "../common/components/dialog.ets" +import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; + +@Entry +@Component +struct dialogPlusPage { + @State count: number = 0 + @State result: Array = [] + privacyDialogController: CustomDialogController = new CustomDialogController({ + builder: privacyDialog({ cancel: this.privacyCancel, confirm: this.privacyAccept, count:$count, result: $result }), + cancel: this.privacyExist, + autoCancel: true, + alignment: DialogAlignment.Center + }) + async privacyAccept(group, accessTokenId, permissionList, userFixedFlag) { + var acManager = abilityAccessCtrl.createAtManager() + group.permissions.forEach(async permission => { + const result = await acManager.grantUserGrantedPermission(accessTokenId, permission, userFixedFlag) + var index = permissionList.indexOf(permission) + if (index == -1) { + return; + } + if (result == 0) { + this.result[index] = 0 + console.log("GrantAbility grant permission:" + permission) + } else { + console.log("GrantAbility failed to grant permission:" + permission + " ret:" + result) + } + }) + this.count ++ + } + async privacyCancel(group, accessTokenId, permissionList, userFixedFlag) { + var acManager = abilityAccessCtrl.createAtManager() + group.permissions.forEach(async permission => { + const result = await acManager.revokeUserGrantedPermission(accessTokenId, permission, userFixedFlag) + var index = permissionList.indexOf(permission) + if (index != -1 && result == 0) { + this.result[index] = -1 + console.log("GrantAbility revoke permission:" + permission) + } + }) + this.count ++ + } + privacyExist() { + console.info("exist") + } + aboutToAppear() { + this.privacyDialogController.open() + } + build() { + } +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MainAbility.java b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MainAbility.java new file mode 100644 index 000000000..7ef883838 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MainAbility.java @@ -0,0 +1,17 @@ +package com.ohos.permissionmanager; + +import ohos.ace.ability.AceAbility; +import ohos.aafwk.content.Intent; + +public class MainAbility extends AceAbility { + @Override + public void onStart(Intent intent) { + setInstanceName("main_ability"); + super.onStart(intent); + } + + @Override + public void onStop() { + super.onStop(); + } +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MyApplication.java b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MyApplication.java new file mode 100644 index 000000000..8c75d4e56 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/java/com/ohos/permissionmanager/MyApplication.java @@ -0,0 +1,10 @@ +package com.ohos.permissionmanager; + +import ohos.aafwk.ability.AbilityPackage; + +public class MyApplication extends AbilityPackage { + @Override + public void onInitialize() { + super.onInitialize(); + } +} diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/element/color.json similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/color.json rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/element/color.json diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/element/string.json similarity index 68% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/element/string.json index bca2742b6..854142d25 100644 --- a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/element/string.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/element/string.json @@ -1,5 +1,13 @@ { "string": [ + { + "name": "permissionmanager_MainAbility", + "value": "permissionmanager_MainAbility" + }, + { + "name": "mainability_description", + "value": "eTS_Empty Ability" + }, { "name": "entry_MainAbility", "value": "entry_MainAbility" @@ -8,6 +16,14 @@ "name": "mainability_description", "value": "ETS_Category Ability" }, + { + "name": "permissionmanager_GrantAbility", + "value": "permissionmanager_GrantAbility" + }, + { + "name": "permissionmanager_description", + "value": "eTS_Empty Ability" + }, { "name": "settings", "value": "设置" @@ -59,6 +75,14 @@ { "name": "location_info_message", "value": "系统定位服务开关开启时,已允许19个应用获取此设备的位置。" + }, + { + "name": "grantability_description", + "value": "eTS_Empty Ability" + }, + { + "name": "entry_GrantAbility", + "value": "entry_GrantAbility" } ] } \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_call_logs.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_dropzone.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_dropzone.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_dropzone.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_exercise.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_exercise.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_exercise.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_forward.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_forward.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_forward.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_more.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_more.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_more.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_nearby.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_nearby.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_nearby.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_calendar.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_calendar.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_calendar.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_camera.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_camera.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_camera.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_contacts_group.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_contacts_group.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_contacts_group.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_folder.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_folder.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_folder.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_gps.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_gps.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_gps.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_message.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_message.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_message.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_phone.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_phone.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_phone.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_voice.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_public_voice.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_public_voice.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_sport.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_sport.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_sport.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_ssensor.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/ic_ssensor.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_ssensor.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/in_app_installations.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/in_app_installations.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/in_app_installations.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/in_app_installations.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/noinstallationpackage.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/noinstallationpackage.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/noinstallationpackage.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/nopermission.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/nopermission.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/nopermission.svg diff --git a/frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/searchnoresult.svg similarity index 100% rename from frameworks/com.ohos.permissionmanager/com.ohos.permissionmanager.MainAbility/entry/src/main/resources/base/media/searchnoresult.svg rename to frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/searchnoresult.svg diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/app.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/app.ets new file mode 100644 index 000000000..fd3108959 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/app.ets @@ -0,0 +1,26 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default { + onCreate() { + console.info('Application onCreate') + }, + onShow() { + console.info('Application onShow') + }, + onDestroy() { + console.info('Application onDestroy') + }, +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/en-US.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/en-US.json new file mode 100644 index 000000000..55561b837 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/en-US.json @@ -0,0 +1,8 @@ +{ + "strings": { + "hello": "Hello", + "world": "World" + }, + "Files": { + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/zh-CN.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/zh-CN.json new file mode 100644 index 000000000..cce1af067 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/i18n/zh-CN.json @@ -0,0 +1,8 @@ +{ + "strings": { + "hello": "您好", + "world": "世界" + }, + "Files": { + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/pages/index/index.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/pages/index/index.ets new file mode 100644 index 000000000..2ebd82564 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/default/pages/index/index.ets @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import {Core, ExpectExtend, InstrumentLog} from "deccjsunit/index" +import testsuite from "../../../test/List.test.ets" +import featureAbility from "@ohos.ability.featureAbility" + +@Entry +@Component +struct MyComponent { + aboutToAppear() { + console.info("start run testcase!!!!") + featureAbility.getWant() + .then((Want) => { + const core = Core.getInstance() + const expectExtend = new ExpectExtend({ + 'id': 'extend' + }) + const instrumentLog = new InstrumentLog({ + 'id': 'report', 'unity': 'true' + }) + core.addService('expect', expectExtend) + core.addService('report', instrumentLog) + core.init() + core.subscribeEvent('spec', instrumentLog) + core.subscribeEvent('suite', instrumentLog) + core.subscribeEvent('task', instrumentLog) + const configService = core.getDefaultService('config') + configService.setConfig(Want.parameters) + testsuite() + core.execute() + console.info('Operation successful. Data: ' + JSON.stringify(Want)); + }) + .catch((error) => { + console.error('Operation failed. Cause: ' + JSON.stringify(error)); + }) + } + + build() { + Flex({ + direction: FlexDirection.Column, + alignItems: ItemAlign.Center, + justifyContent: FlexAlign.Center + }) { + Text('Hello World') + .fontSize(50) + .fontWeight(FontWeight.Bold) + } + .width('100%') + .height('100%') + } +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/ExampleJsunit.test.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/ExampleJsunit.test.ets new file mode 100644 index 000000000..35824cab4 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/ExampleJsunit.test.ets @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import {describe, beforeAll, beforeEach, afterEach, afterAll, it, expect} from "deccjsunit/index" +import app from '@system.app' + +export default function exampleJsunit() { + describe('appInfoTest', function () { + it('app_info_test_001', 0, function () { + var info = app.getInfo() + expect("1.0").assertEqual('1.0') + expect(info.versionCode).assertEqual('3') + }) + }) +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/List.test.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/List.test.ets new file mode 100644 index 000000000..e659c7498 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/ets/test/List.test.ets @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import exampleJsunit from "../test/ExampleJsunit.test.ets" + +export default function testsuite() { + exampleJsunit() +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java new file mode 100644 index 000000000..9482d133c --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/java/com/ohos/permissionmanager/ExampleOhosTest.java @@ -0,0 +1,14 @@ +package com.ohos.permissionmanager; + +import ohos.aafwk.ability.delegation.AbilityDelegatorRegistry; +import org.junit.Test; + +import static org.junit.Assert.assertEquals; + +public class ExampleOhosTest { + @Test + public void testBundleName() { + final String actualBundleName = AbilityDelegatorRegistry.getArguments().getTestBundleName(); + assertEquals("com.ohos.permissionmanager", actualBundleName); + } +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/element/string.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/element/string.json new file mode 100644 index 000000000..0ad161e66 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/element/string.json @@ -0,0 +1,12 @@ +{ + "string": [ + { + "name": "app_name", + "value": "PermissionManager" + }, + { + "name": "mainability_description", + "value": "hap sample empty page" + } + ] +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/media/icon.png b/frameworks/com.ohos.permissionmanager/permissionmanager/src/ohosTest/resources/base/media/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..ce307a8827bd75456441ceb57d530e4c8d45d36c GIT binary patch literal 6790 zcmX|G1ymHk)?T_}Vd;>R?p|tHQo6fg38|$UVM!6BLrPFWk?s;$LOP{GmJpBl$qoSA!PUg~PA65-S00{{S`XKG6NkG0RgjEntPrmV+?0|00mu7;+5 zrdpa{2QLqPJ4Y{j7=Mrl{BaxrkdY69+c~(w{Fv-v&aR%aEI&JYSeRTLWm!zbv;?)_ ziZB;fwGbbeL5Q}YLx`J$lp~A09KK8t_z}PZ=4ZzgdeKtgoc+o5EvN9A1K1_<>M?MBqb#!ASf&# zEX?<)!RH(7>1P+j=jqG(58}TVN-$psA6K}atCuI!KTJD&FMmH-78ZejBm)0qc{ESp z|LuG1{QnBUJRg_E=h1#XMWt2%fcoN@l7eAS!Es?Q+;XsRNPhiiE=@AqlLkJzF`O18 zbsbSmKN=aaq8k3NFYZfDWpKmM!coBU0(XnL8R{4=i|wi{!uWYM2je{U{B*K2PVdu&=E zTq*-XsEsJ$u5H4g6DIm2Y!DN`>^v|AqlwuCD;w45K0@eqauiqWf7l&o)+YLHm~|L~ z7$0v5mkobriU!H<@mVJHLlmQqzQ3d6Rh_-|%Yy2li*tHO>_vcnuZ7OR_xkAIuIU&x z-|8Y0wj|6|a6_I(v91y%k_kNw6pnkNdxjqG8!%Vz_d%c_!X+6-;1`GC9_FpjoHev5fEV7RhJ>r=mh-jp$fqbqRJ=obwdgLDVP5+s zy1=_DWG0Y-Jb3t^WXmkr(d9~08k-|#Ly zaNOmT(^9tIb&eb4%CzIT zAm3CUtWSr1t4?h1kk#NBi{U|pJslvME{q|_eS^3En>SOqSxyuN1x;Is@8~m?*>}** znrRFArP!K_52RpX*&JHMR<^lVdm8ypJ}0R(SD(51j;6@ni$6bQ+2XL+R^|NnSp5}(kzvMZ^(@4fD_{QVu$(&K6H|C37TG1Am9Re{<<3gd zh@`>;BqkXMW&p0T6rt|iB$)~CvFe(XC)F9WgAZn*0@t$oZo;!*}r@_`h?KKH&6A@3= zISXoQB+~`op>NP-buiA*^0n{@i{_?MRG)&k)c)k_F+-2Lud!S9pc+i`s74NpBCaGF zXN+pHkubw*msGBTY27BKHv)RRh3;nMg4&$fD_6X9Vt~;_4D+5XPH~#Kn-yjcy!$}1 zigv#FNY>TqMhtIBb@UoF!cE~Q8~;!Pek>SQQwHnHuWKoVBosAiOr}q>!>aE*Krc)V zBUMEcJ5NU0g8}-h6i1zpMY9>m4ne?=U2~`w7K7Q0gB_=p@$5K7p6}thw z-~3dMj?YNX2X$lZ+7ngQ$=s}3mizNN@kE%OtB)?c&i~2L55z8^=yz;xMHLmlY>&Q# zJj?!)M#q_SyfkQh)k?j8IfLtB)ZCp|*vf4_B zos?73yd^h-Ac+;?E4*bpf=o*^3x3-`TVjbY4n6!EN10K6o@fxdyps05Vo3PU)otB} z`3kR+2w7_C#8Z!q`J)p{Vh!+m9-UP!$STp+Hb}}#@#_u^SsUQg<}59< zTvH3%XS4G+6FF^(m6bVF&nSUIXcl;nw{=H$%fgeJ>CgDYiLdpDXr{;-AnG z8dvcrHYVMI&`R6;GWekI@Ir3!uo)oz4^{6q0m^}@f2tM9&=YHNi6-?rh0-{+k@cQm zdp`g#YdQn%MDVg2GR>wZ`n2<0l4)9nx1Wfr&!Dvz=bPwU!h2S?ez6MVc5APE4-xLB zi&W9Q8k2@0w!C53g?iAIQ}~p*3O(@zja6KQ=M3zfW*_6o5SwR-)6VBh~m7{^-=MC-owYH5-u40a}a0liho3QZZ5L{bS_xM1)4}19)zTU$$MY zq3eZML1WC{K%YFd`Be0M-rkO^l?h{kM{$2oK1*A@HVJ57*yhDkUF!2WZ&oA4Y-sK( zCY69%#`mBCi6>6uw(x4gbFaP0+FD*JKJ-q!F1E?vLJ+d35!I5d7@^eU?(CS|C^tmI5?lv@s{{*|1F zFg|OzNpZ0hxljdjaW%45O0MOttRrd(Z?h{HYbB-KFUx&9GfFL3b8NwZ$zNu)WbBD` zYkj$^UB5%3Pj1MDr>S2Ejr9pUcgA!;ZG!@{uAy12)vG=*^9-|dNQBc8&`oxBlU~#y zs!anJX&T?57Jdr^sb>e+V`MVfY>Y0ESg7MG<7W0g&bR-ZYzzZ%2H&Etcp zcd6QeXO1D!5A#zM0lx*GH}`M)2~ZFLE;sP^RSB5wVMNfiZXPd(cmO>j=OSA3`o5r& zna(|^jGXbdN7PK)U8b7^zYtYkkeb%<%F~=OqB~kXMQkq}ii|skh@WSRt>5za;cjP0 zZ~nD%6)wzedqE}BMLt~qKwlvTr33))#uP~xyw#*Eaa|DbMQ_%mG0U8numf8)0DX`r zRoG2bM;#g|p-8gWnwRV5SCW0tLjLO&9Z?K>FImeIxlGUgo0Zk`9Qzhj1eco~7XZy+hXc@YF&ZQ=? zn*^1O56yK^x{y}q`j7}blGCx%dydV!c7)g~tJzmHhV=W~jbWRRR{1<^oDK+1clprm zz$eCy7y9+?{E|YgkW~}}iB#I4XoJ*xr8R?i_Hv$=Cof5bo-Nj~f`-DLebH}&0% zfQj9@WGd4;N~Y?mzQsHJTJq6!Qzl^-vwol(+fMt#Pl=Wh#lI5Vmu@QM0=_r+1wHt` z+8WZ~c2}KQQ+q)~2Ki77QvV&`xb|xVcTms99&cD$Zz4+-^R4kvUBxG8gDk7Y`K*)JZ^2rL(+ZWV~%W(@6 z)0bPArG#BROa_PHs~&WplQ_UIrpd)1N1QGPfv!J(Z9jNT#i%H?CE6|pPZb9hJ1JW4 z^q;ft#!HRNV0YgPojzIYT`8LuET2rUe-J|c!9l4`^*;4WtY@Ew@pL>wkjmMgGfN7 ze}}GtmU0@<_#08~I-Suk=^*9GLW=H4xhsml;vAV{%hy5Eegl@!6qKqbG024%n2HHw zCc@ivW_$@5ZoHP70(7D+(`PvgjW1Pd`wsiuv-aCukMrafwDm)B!xXVy*j2opohhoU zcJz%ADmj>i3`-3-$7nQKBQQuGY;2Qt&+(L~C>vSGFj5{Mlv?T_^dql;{zkpe4R1}R z%XfZyQ}wr*sr>jrKgm*PWLjuVc%6&&`Kbf1SuFpHPN&>W)$GmqC;pIoBC`=4-hPY8 zT*>%I2fP}vGW;R=^!1be?ta2UQd2>alOFFbVl;(SQJ4Jk#)4Z0^wpWEVvY4=vyDk@ zqlModi@iVPMC+{?rm=4(n+<;|lmUO@UKYA>EPTS~AndtK^Wy^%#3<;(dQdk3WaUkRtzSMC9}7x2||CNpF#(3T4C)@ z$~RWs`BNABKX|{cmBt>Q=&gkXl&x!!NK_%5hW0LS)Z4PB>%sV?F-{Wyj#s7W%$F{D zXdK^Fp3wvy+48+GP6F_|^PCRx=ddcTO3sG;B23A49~Qaw31SZ0Rc~`r4qqt%#OGW{ zCA_(LG5^N>yzUn&kAgVmxb=EA8s&tBXC}S1CZ(KoW)(%^JjLTPo^fs`Va;`=YlVPgmB$!yB}<(4ym6OeZ3xAJJ#;)2+B%p3P1Wt+d$eo`vz`T zXfUP2))kBDPoscH;Jc7I3NU<({|@wM$&GaDt`n7WLgIY3IA7A6-_R?z8N3mz|}*i z(zl5ot--Oq@f2-nv{X(ujT2T(k1vY_qh93pK@>H-qc%2Xta)IP0Q%zt%bqYgI`o!wv!0QerB`nCN^1n|@$sVOQ!V0teVG!I z_fD%JvfDeT1cK#-{o6Gv7}& zY0#NWin~kVaf$aufV&;63Hbs|`QVZWpDX6IMk1Hj2G}fiH9e-^6u2zf^FIr^BwD<6zjw63+{yUe8PUFvk8v{sJ=R{d#`O!sz`Q13~< zPT$JS(w=yQfU2`zPCNfSw=&zup@DXc(98afjhv@1w_f!m2Z>rMJ19AB&dB%P#Ls3b z=lK7OILM+SQ&VEd=1GN6o&>YVVtIzoZ%=Z_SdqJN2}E43{bE`>w+A;=y->@^k{oCC z$F*WTY&?34;kfyFV?b*Xb1Pq`Z=%OgwEg)Rz)tx=`f%5#w_INP=x&z5!jI;#;N$ma zhO)+MDm;SxOEVL15; zGq(v2pL3&P1Sl)8P*;G-fd{l1QJsv@e@d8)1PK4w2m*M%V3j-V~L^$i|&C@b?D?9tfwE{B^}Z$k8e5FmQ>v7Xz)sG32g9t}YBt zyR$+*_00RmPx+0mW+vVG4mxd(n$(eQf3-w>JPl2UJpafrPaL5@2j}%{VE-) zBI%6Qpj*dsdH<;g!S!avA~bv^0E+ zfyJbSjPb+j;J52U)<|cIcntQBI2T#>2;tOxu{%D?kML476AErF(qN9hPva5Nkc@BF zC-tLF@3ZFb%Kpj)M<{)x*l|*Ia@ECeXo2E4h2f!aV=cHAhi_E_mfUth(sM4^hJq7B zQsGWqdZUm9S%F`$nQ*_#NcuD`&)Ek%_s{&^78{9Hm ztri&rYLOxgFdG>O@+XHy z9#;|&vBCPXH5Mon^I`jSuR$&~ZWtyB67ujzFSj!51>#C}C17~TffQ{c-!QFQkTQ%! zIR^b1`zHx|*1GU?tbBx23weFLz5H?y_Q%N&t$}k?w+``2A=aotj0;2v$~AL z{scF-cL{wsdrmPvf#a9OHyYLcwQD4Kcm)`LLwMh4WT~p29f7M!iafJSU`IV}QY5Wa z(n44-9oA}?J{a+ah*@31WTs#&J#o1`H98#6IQf;Wv0N_!);f&9g7o-k(lW5rWnDUR zQBFIRG+X=6NnsI@mxnwm;tf5;_Uxg?jZ8m-m0}&6+DA!qam(p$mN5R})yA_7m$q@| zFEd|dpS595rxQr-n#GjI5i-AhnUE>Cr;jpCqSrD~EwK_DqI^7%3#p5)%T_od!t3SOmH9MyXeeGO2(UQL;ax|x?Ncixmeo1=$ z{-);Au{*tfzOG?KQ~K|ak8-HQ?`Pekhe2WM(8s{xv-p>Zmu_6{G!-oE$7$mY`MOJorI=+mMx?H;`pr!;fVYz?5~yXBACruWB`Ph zZM}90_<^OBxIhyZ9BW$`>6JvO;%VFpqVr8|7t3~AmxYak6?`Pp#c;**_SYmi`&z23 z`p6_~ePvH)C6x-G9$hgL=eVALq`-AiamN>!3~Lxw&{H(b{B(7xSRm6<3<{%{yXiH# zos5Rv1L+8fUKJLo%P>4I&$}y Date: Wed, 26 Jan 2022 11:57:37 +0800 Subject: [PATCH 34/51] update firstcaller Change-Id: I5e25ebe92d71fd932766a06b7c6cc560af9562f3 Signed-off-by: lsq --- interfaces/innerkits/accesstoken/include/access_token.h | 1 + interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/interfaces/innerkits/accesstoken/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h index bd69ff1d3..d4b050ed7 100644 --- a/interfaces/innerkits/accesstoken/include/access_token.h +++ b/interfaces/innerkits/accesstoken/include/access_token.h @@ -23,6 +23,7 @@ typedef unsigned int AccessTokenID; typedef unsigned int AccessTokenAttr; static const int DEFAULT_TOKEN_VERSION = 1; static const int DEFAULT_PERMISSION_FLAGS = 0; +static const int FIRSTCALLER_TOKENID_DEFAULT = 0; enum AccessTokenKitRet { RET_FAILED = -1, diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 336687a94..2fa8408f3 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -147,7 +147,14 @@ int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& int AccessTokenKit::VerifyAccessToken( AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName) { - return PERMISSION_DENIED; + int ret = AccessTokenKit::VerifyAccessToken(callerTokenID, permissionName); + if (ret != PERMISSION_GRANTED) { + return ret; + } + if (firstTokenID == FIRSTCALLER_TOKENID_DEFAULT) { + return ret; + } + return AccessTokenKit::VerifyAccessToken(firstTokenID, permissionName); } int AccessTokenKit::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) -- Gitee From 3f351164dc653a2e77f955ec0073c4084001b5bc Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 27 Jan 2022 11:33:14 +0800 Subject: [PATCH 35/51] Signed-off-by: chennian Changes to be committed: modified: frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json modified: frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets modified: services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp --- .../permissionmanager/src/main/config.json | 8 -------- .../ets/dynamic/common/components/dialog.ets | 9 +++++---- .../cpp/src/service/accesstoken_manager_stub.cpp | 16 +++++++++++----- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json index 5a463361f..eb73d812e 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -61,14 +61,6 @@ { "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", "reason": "revoke sensitive permissions" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "reason": "get bundle previleged info" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO", - "reason": "get bundle default info" } ] } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index d8ece4856..c9b8967fa 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -14,8 +14,6 @@ */ import { getPermissionGroup } from "../utils/utils.ets" -import { BundleFlag, userId } from "../model/bundle.ets" -import bundle from '@ohos.bundle'; import featureAbility from '@ohos.ability.featureAbility'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; @@ -128,9 +126,12 @@ export struct privacyDialog { aboutToAppear() { this.count = 0; + this.hasPrepared = false; featureAbility.getWant((err, want) => { - this.reqPerms = want.parameters["ohos.user.grant.permission"] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " bundleName=" + want.bundleName) + this.reqPerms = want.parameters['ohos.user.grant.permission'] + this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + + this.accessTokenId + "want.parameters = " + JSON.stringify(want.parameters)) bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { this.accessTokenId = res.accessTokenId }) diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index a9e0076e0..377c5dd1e 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -108,12 +108,14 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); return; @@ -124,11 +126,13 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -139,11 +143,13 @@ void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessagePa void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; -- Gitee From f9cebfac7ecbad9367f3ef4eee8a1ed62b8eee1f Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 27 Jan 2022 03:42:52 +0000 Subject: [PATCH 36/51] Signed-off-by:chennian --- .../src/main/ets/dynamic/common/components/dialog.ets | 3 --- 1 file changed, 3 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index c9b8967fa..8834e2d31 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -132,9 +132,6 @@ export struct privacyDialog { this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId + "want.parameters = " + JSON.stringify(want.parameters)) - bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { - this.accessTokenId = res.accessTokenId - }) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { -- Gitee From 39fd2c5c61a12f353a8ebc75e6f4f71680c9fa67 Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 27 Jan 2022 07:15:01 +0000 Subject: [PATCH 37/51] Signed-off-by:chennian --- .../src/main/ets/dynamic/common/components/dialog.ets | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index 8834e2d31..4e2b9c282 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -130,8 +130,7 @@ export struct privacyDialog { featureAbility.getWant((err, want) => { this.reqPerms = want.parameters['ohos.user.grant.permission'] this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " - + this.accessTokenId + "want.parameters = " + JSON.stringify(want.parameters)) + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId)) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { -- Gitee From 1941f4b8007cfb0c9ee0af008da6af0d772f0610 Mon Sep 17 00:00:00 2001 From: jiang-xiaofeng Date: Thu, 27 Jan 2022 23:48:54 +0800 Subject: [PATCH 38/51] fix compile error Signed-off-by:jiang-xiaofeng Signed-off-by: jiang-xiaofeng --- .../permissionmanager/src/main/config.json | 3 +-- .../src/main/ets/dynamic/common/components/dialog.ets | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json index eb73d812e..ae7cebf54 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -25,7 +25,6 @@ { "visible": true, "name": "com.ohos.permissionmanager.GrantAbility", - "icon": "$media:icon", "description": "$string:grantability_description", "label": "$string:permissionmanager_GrantAbility", "type": "page", @@ -64,4 +63,4 @@ } ] } -} \ No newline at end of file +} diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index 4e2b9c282..677a4a5d6 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -130,7 +130,7 @@ export struct privacyDialog { featureAbility.getWant((err, want) => { this.reqPerms = want.parameters['ohos.user.grant.permission'] this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId)) + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { -- Gitee From 1c85a7f690e2557d049db1342a59c4b7ae220c55 Mon Sep 17 00:00:00 2001 From: lsq Date: Fri, 28 Jan 2022 11:50:43 +0800 Subject: [PATCH 39/51] add api Change-Id: Ifc63361c31d6609ef97f2fe2141dae06bd5df06e Signed-off-by: lsq --- .../accesstoken/include/accesstoken_kit.h | 3 ++ .../accesstoken/src/accesstoken_kit.cpp | 9 ++++ .../unittest/src/accesstoken_kit_test.cpp | 49 ++++++++++++++++++- 3 files changed, 60 insertions(+), 1 deletion(-) diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index 6334ed496..fdc83a2b5 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -34,7 +34,10 @@ public: static AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); static int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); static int DeleteToken(AccessTokenID tokenID); + /* Get token type by ATM service */ static ATokenTypeEnum GetTokenType(AccessTokenID tokenID); + /* Get token type from flag in tokenId, which doesn't depend on ATM service */ + static ATokenTypeEnum GetTokenTypeFlag(AccessTokenID tokenID); static int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap); static AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex); static int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 2fa8408f3..3022ec14f 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -82,6 +82,15 @@ ATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) return AccessTokenManagerClient::GetInstance().GetTokenType(tokenID); } +ATokenTypeEnum AccessTokenKit::GetTokenTypeFlag(AccessTokenID tokenID) +{ + if (tokenID == 0) { + return TOKEN_INVALID; + } + AccessTokenIDInner *idInner = (AccessTokenIDInner *)&tokenID; + return (ATokenTypeEnum)(idInner->type); +} + int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 84fd25bc9..5ff41acf1 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -2028,4 +2028,51 @@ HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1) tokenID = 0xff; ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); ASSERT_EQ(ret, RET_FAILED); -} \ No newline at end of file +} + +/** + * @tc.name: GetTokenTypeFlag001 + * @tc.desc: cannot get token type with tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag001, TestSize.Level1) +{ + AccessTokenID tokenID = 0; + ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID); + ASSERT_EQ(ret, TOKEN_INVALID); +} + +/** + * @tc.name: GetTokenTypeFlag002 + * @tc.desc: Get token type with native tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag002, TestSize.Level1) +{ + uint64_t tokenId01 = GetAccessTokenId("GetTokenTypeFlag002", nullptr, 0, "system_core"); + + AccessTokenID tokenID = tokenId01 & 0xffffffff; + ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID); + ASSERT_EQ(ret, TOKEN_NATIVE); +} + +/** + * @tc.name: GetTokenTypeFlag003 + * @tc.desc: Get token type with hap tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) +{ + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + ASSERT_NE(0, tokenIdEx.tokenIdExStruct.tokenID); + + ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(ret, TOKEN_HAP); + + int res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID); + ASSERT_EQ(RET_SUCCESS, res); +} -- Gitee From 822a3f941034700d21ba32d00cde02ad625090d7 Mon Sep 17 00:00:00 2001 From: libing23 Date: Sat, 29 Jan 2022 09:47:46 +0800 Subject: [PATCH 40/51] modify bundle.json systemcapability spell Signed-off-by:libing23 --- bundle.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundle.json b/bundle.json index d8a704711..2189e8c96 100755 --- a/bundle.json +++ b/bundle.json @@ -13,7 +13,7 @@ "name": "access_token", "subsystem": "security", "syscap": [ - "Systemcapability.Security.AccessToken" + "SystemCapability.Security.AccessToken" ], "adapted_system_type": [ "standard" ], "rom": "2048KB", -- Gitee From 7b8e74950d643b7c31f079bfb5fbce19289e2116 Mon Sep 17 00:00:00 2001 From: lsq Date: Sun, 30 Jan 2022 10:05:21 +0800 Subject: [PATCH 41/51] delete redundant tokensync test Change-Id: I17879139c59d0402d168253c1da7e8f269c8c59e Signed-off-by: lsq --- .../test/unittest/src/tokensync_kit_test.cpp | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp index 52b2489d3..fab924095 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp @@ -34,19 +34,3 @@ void TokenSyncKitTest::SetUp() void TokenSyncKitTest::TearDown() {} -/** - * @tc.name: VerifyPermission001 - * @tc.desc: Verify user granted permission - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(TokenSyncKitTest, VerifyPermission001, TestSize.Level1) -{ - const std::string testBundleName = "ohos"; - const std::string testPermissionNameAlpha = "ohos.permission.ALPHA"; - const int testUserId = 0; - int ret = TokenSyncKit::VerifyPermission(testBundleName, testPermissionNameAlpha, testUserId); - - ASSERT_EQ(0, ret); -} - -- Gitee From 6d59f54de00ce1c2690fdb97bc9181b74ed7c10e Mon Sep 17 00:00:00 2001 From: handyohos Date: Wed, 2 Feb 2022 12:46:55 +0800 Subject: [PATCH 42/51] bugfix: qemu-arm-linux platform support access_token. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1)内核开启access token特性宏 2)access_token模块增加napi的隔离处理 3)qemu-arm-linux-min产品中增加access_token部件的编译 Signed-off-by: handyohos Change-Id: I0eb566dcee36bb6316692431ecbbff65c24f3bd8 #I4SL46 --- BUILD.gn | 2 +- interfaces/kits/BUILD.gn | 21 +++++++++++++++++++++ interfaces/kits/accesstoken/BUILD.gn | 4 ---- 3 files changed, 22 insertions(+), 5 deletions(-) create mode 100644 interfaces/kits/BUILD.gn diff --git a/BUILD.gn b/BUILD.gn index f88c0ba9d..d57c193e9 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -19,7 +19,7 @@ group("accesstoken_build_module") { "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", - "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl", + "//base/security/access_token/interfaces/kits:napi_packages", "//base/security/access_token/services/accesstokenmanager:accesstoken_manager_service", "//base/security/access_token/services/accesstokenmanager/main/sa_profile:accesstoken_sa_profile_standard", ] diff --git a/interfaces/kits/BUILD.gn b/interfaces/kits/BUILD.gn new file mode 100644 index 000000000..cf2e891f4 --- /dev/null +++ b/interfaces/kits/BUILD.gn @@ -0,0 +1,21 @@ +# Copyright (c) 2021 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +group("napi_packages") { + deps = [] + if (support_jsapi) { + deps += [ "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl" ] + } +} diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn index fe8d9002e..1c864538f 100644 --- a/interfaces/kits/accesstoken/BUILD.gn +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -13,10 +13,6 @@ import("//build/ohos.gni") -group("napi_packages") { - deps = [ "//base/security/access_token/interfaces/kits/accesstoken:libabilityaccessctrl" ] -} - ohos_shared_library("libabilityaccessctrl") { include_dirs = [ "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler/include", -- Gitee From 35fd2f6c1a41220954d4b3215a64d3684881712c Mon Sep 17 00:00:00 2001 From: xionglei6 Date: Wed, 9 Feb 2022 14:26:26 +0800 Subject: [PATCH 43/51] modify: cfg adapt parallel start Signed-off-by: xionglei6 --- services/accesstokenmanager/access_token.cfg | 5 ----- 1 file changed, 5 deletions(-) diff --git a/services/accesstokenmanager/access_token.cfg b/services/accesstokenmanager/access_token.cfg index ba4b720b8..b790a72f0 100644 --- a/services/accesstokenmanager/access_token.cfg +++ b/services/accesstokenmanager/access_token.cfg @@ -5,11 +5,6 @@ "mkdir /data/service/el0/access_token 0750 root system", "load_access_token_id " ] - }, { - "name" : "late-fs", - "cmds" : [ - "start accesstoken_service" - ] } ], "services" : [{ -- Gitee From c072b0b9130e6e5b51d12340cbe16eb9f926218f Mon Sep 17 00:00:00 2001 From: hanhaibin Date: Thu, 10 Feb 2022 08:42:22 +0800 Subject: [PATCH 44/51] Fix atomic ability part name change Signed-off-by: hanhaibin --- interfaces/kits/accesstoken/BUILD.gn | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn index 1c864538f..619418cab 100644 --- a/interfaces/kits/accesstoken/BUILD.gn +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -51,8 +51,7 @@ ohos_shared_library("libabilityaccessctrl") { ] cflags_cc = [ "-DHILOG_ENABLE" ] external_deps = [ - "ability_runtime:app_manager", - "ability_runtime:want", + "ability_base:want", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", ] -- Gitee From 27b8fba30ac81e8d8a780a6619ee12899789eb99 Mon Sep 17 00:00:00 2001 From: jiang-xiaofeng Date: Fri, 11 Feb 2022 14:48:18 +0800 Subject: [PATCH 45/51] display the name of application Signed-off-by: jiang-xiaofeng Signed-off-by: jiang-xiaofeng --- .../com.ohos.permissionmanager/build.gradle | 11 ------- .../permissionmanager/src/main/config.json | 10 +++++- .../ets/dynamic/common/components/dialog.ets | 31 +++++++++++++++++-- .../main/ets/dynamic/common/model/bundle.ets | 2 +- 4 files changed, 39 insertions(+), 15 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/build.gradle b/frameworks/com.ohos.permissionmanager/build.gradle index d867e2f57..924a888a1 100644 --- a/frameworks/com.ohos.permissionmanager/build.gradle +++ b/frameworks/com.ohos.permissionmanager/build.gradle @@ -3,17 +3,6 @@ apply plugin: 'com.huawei.ohos.app' //For instructions on signature configuration, see https://developer.harmonyos.com/cn/docs/documentation/doc-guides/ide_debug_device-0000001053822404#section1112183053510 ohos { - signingConfigs { - release { - storeFile file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.p12') - storePassword '0000001AA260E03E4EFC6DAE11257137D057327B7D76708207E97F857840A6BB0C3E2EDEBC8175EFE2D7' - keyAlias = 'zhouyan' - keyPassword '0000001ABE41800D8041F8025A346900B00C8D44BE5145EADC3F6C769D4F24BA17CD120C388C3E21659E' - signAlg = 'SHA256withECDSA' - profile file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.p7b') - certpath file('D:\\Huawei\\key\\permissionmanager\\permissionmanager.cer') - } - } compileSdkVersion 7 } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json index ae7cebf54..afb90ba92 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -3,7 +3,7 @@ "bundleName": "com.ohos.permissionmanager", "vendor": "ohos", "version": { - "code": 1000000, + "code": 1, "name": "1.0.0" } }, @@ -60,6 +60,14 @@ { "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", "reason": "revoke sensitive permissions" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", + "reason": "get applicationInfo" + }, + { + "name": "ohos.permission.GET_BUNDLE_INFO", + "reason": "get applicationInfo" } ] } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index 677a4a5d6..f1dd95144 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -14,8 +14,11 @@ */ import { getPermissionGroup } from "../utils/utils.ets" +import { BundleFlag, userId } from "../model/bundle.ets" import featureAbility from '@ohos.ability.featureAbility'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; +import bundle from '@ohos.bundle'; +import Resmgr from '@ohos.resourceManager'; @Extend(Button) function customizeButton() { .backgroundColor($r('app.color.default_background_color')) @@ -34,6 +37,7 @@ export struct privacyDialog { @State reqPerms: Array = [] @State grantGroups: Array = [] @State userFixedFlag: number = 2 // means user fixed + @State appName: string = "" build() { Column() { @@ -53,7 +57,7 @@ export struct privacyDialog { Column() { Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text("是否允许该应用访问" + this.grantGroups[this.count].groupName).fontSize(16) + Text("是否允许" + this.appName + "访问" + this.grantGroups[this.count].groupName).fontSize(16) .margin({ top: 16, left: 24 @@ -129,7 +133,7 @@ export struct privacyDialog { this.hasPrepared = false; featureAbility.getWant((err, want) => { this.reqPerms = want.parameters['ohos.user.grant.permission'] - this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] + this.accessTokenId = want.parameters['ohos.aafwk.param.callerToken'] console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) @@ -141,6 +145,29 @@ export struct privacyDialog { } }) this.hasPrepared = true; + bundle.getNameForUid(want.parameters['ohos.aafwk.param.callerUid'], (err, data) => { + if(err) { + console.log("GrantAbility getNameForUid error :" + err) + return + } + console.log("GrantAbility getNameForUid data :" + data) + bundle.getApplicationInfo(data, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(applicationInfo => { + console.log("GrantAbility applicationInfo :" + JSON.stringify(applicationInfo)) + Resmgr.getResourceManager(data).then(item => { + item.getString(applicationInfo.labelId, (err, value) => { + if (value == undefined) { + console.log("GrantAbility label :" ) + this.appName = applicationInfo.label.replace('$string:', '') + } else { + console.log("GrantAbility labelValue :" + value) + this.appName = value + } + }) + }) + }).catch(err => { + console.log("GrantAbility applicationInfo11 error :" + err) + }) + }) }) } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets index 4530bc6fc..7c29c39fc 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets @@ -34,5 +34,5 @@ export const BundleFlag = { */ GET_ABILITY_INFO_SYSTEMAPP_ONLY : 0x00000080 } -export const userId: number = 0 +export const userId: number = 100 -- Gitee From 7d68457cfdcc784f168a52e8d5d9f2acf0682b81 Mon Sep 17 00:00:00 2001 From: 17764556280 Date: Mon, 14 Feb 2022 10:02:18 +0800 Subject: [PATCH 46/51] modify bms part Signed-off-by: 17764556280 --- interfaces/kits/accesstoken/BUILD.gn | 4 ---- 1 file changed, 4 deletions(-) diff --git a/interfaces/kits/accesstoken/BUILD.gn b/interfaces/kits/accesstoken/BUILD.gn index 619418cab..ae9e53c0a 100644 --- a/interfaces/kits/accesstoken/BUILD.gn +++ b/interfaces/kits/accesstoken/BUILD.gn @@ -25,8 +25,6 @@ ohos_shared_library("libabilityaccessctrl") { "//foundation/communication/dsoftbus/interfaces/kits/common", "//foundation/communication/dsoftbus/interfaces/kits/bus_center", "//third_party/json/include", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base/include", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core/include/bundlemgr", "//foundation/aafwk/standard/interfaces/innerkits/ability_manager/include", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/interfaces/kits/accesstoken/napi/include", @@ -42,8 +40,6 @@ ohos_shared_library("libabilityaccessctrl") { "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//foundation/aafwk/standard/interfaces/innerkits/base:base", "//foundation/ace/napi:ace_napi", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base:appexecfwk_base", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core:appexecfwk_core", "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler:libeventhandler", "//foundation/distributedschedule/safwk/interfaces/innerkits/safwk:system_ability_fwk", "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy:samgr_proxy", -- Gitee From 297db215ff723f2d5bfb0a09cecfc539c31a252e Mon Sep 17 00:00:00 2001 From: jiang-xiaofeng Date: Mon, 14 Feb 2022 11:27:35 +0800 Subject: [PATCH 47/51] fix devil number Signed-off-by: jiang-xiaofeng Signed-off-by: jiang-xiaofeng --- .../ets/dynamic/common/components/dialog.ets | 54 ++++++++++--------- .../ets/dynamic/common/utils/constant.ets | 43 +++++++++++++++ .../resources/base/media/ic_call_logs.svg | 39 +++++--------- 3 files changed, 83 insertions(+), 53 deletions(-) create mode 100644 frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index f1dd95144..388e7f1b2 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -13,12 +13,13 @@ * limitations under the License. */ -import { getPermissionGroup } from "../utils/utils.ets" -import { BundleFlag, userId } from "../model/bundle.ets" -import featureAbility from '@ohos.ability.featureAbility'; -import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; -import bundle from '@ohos.bundle'; -import Resmgr from '@ohos.resourceManager'; +import { getPermissionGroup } from '../utils/utils.ets' +import { BundleFlag, userId } from '../model/bundle.ets' +import Constants from '../utils/constant.ets' +import featureAbility from '@ohos.ability.featureAbility' +import abilityAccessCtrl from '@ohos.abilityAccessCtrl' +import bundle from '@ohos.bundle' +import Resmgr from '@ohos.resourceManager' @Extend(Button) function customizeButton() { .backgroundColor($r('app.color.default_background_color')) @@ -28,13 +29,13 @@ import Resmgr from '@ohos.resourceManager'; @CustomDialog export struct privacyDialog { @Link count: number - @Link result: Array + @Link result: Array controller: CustomDialogController cancel: (group, accessTokenId, permissionList, userFixedFlag) => void confirm: (group, accessTokenId, permissionList, userFixedFlag) => void @State accessTokenId: number = 0 @State hasPrepared: boolean = false - @State reqPerms: Array = [] + @State reqPerms: Array = [] @State grantGroups: Array = [] @State userFixedFlag: number = 2 // means user fixed @State appName: string = "" @@ -43,34 +44,35 @@ export struct privacyDialog { Column() { if (this.hasPrepared && this.verify(this.reqPerms[this.count])) { Image(this.grantGroups[this.count].icon) - .width(24) - .height(24) + .width(Constants.DIALOG_ICON_WIDTH) + .height(Constants.DIALOG_ICON_HEIGHT) .margin({ - top: 24 + top: Constants.DIALOG_ICON_MARGIN_TOP }) Text(`${this.count + 1} / ${this.reqPerms.length}`) - .fontSize(14) + .fontSize(Constants.DIALOG_LABEL_FONT_SIZE) .fontColor($r('app.color.secondary_font_color')) .margin({ - top: 2 + top: Constants.DIALOG_LABEL_MARGIN_TOP }) Column() { Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text("是否允许" + this.appName + "访问" + this.grantGroups[this.count].groupName).fontSize(16) + Text("是否允许" + this.appName + "访问" + + this.grantGroups[this.count].groupName).fontSize(Constants.DIALOG_REQ_FONT_SIZE) .margin({ - top: 16, - left: 24 + top: Constants.DIALOG_REQ_MARGIN_TOP, + left: Constants.DIALOG_REQ_MARGIN_LEFT }) } } Row() { Flex({ justifyContent: FlexAlign.Start }) { - Text("用于" + this.grantGroups[this.count].description).fontSize(14) + Text("用于" + this.grantGroups[this.count].description).fontSize(Constants.DIALOG_DESP_FONT_SIZE) .fontColor($r('app.color.secondary_font_color')) .margin({ - top: 2, - left: 24 + top: Constants.DIALOG_DESP_MARGIN_TOP, + left: Constants.DIALOG_DESP_MARGIN_LEFT }) } } @@ -79,16 +81,16 @@ export struct privacyDialog { Row() { Flex({ justifyContent: FlexAlign.SpaceAround }) { Button('禁止') - .fontSize(16) + .fontSize(Constants.BUTTON_FONT_SIZE) .onClick(() => { this.cancel(this.grantGroups[this.count], this.accessTokenId, this.reqPerms, this.userFixedFlag) if (this.count === this.reqPerms.length) { this.controller.close() } }).customizeButton() - Text('|').fontSize(30).fontColor($r('app.color.divider_color')) + Text('|').fontSize(Constants.BUTTON_DIVIDER_FONT_SIZE).fontColor($r('app.color.divider_color')) Button('允许') - .fontSize(16) + .fontSize(Constants.BUTTON_FONT_SIZE) .onClick(() => { this.confirm(this.grantGroups[this.count], this.accessTokenId, this.reqPerms, this.userFixedFlag) if (this.count === this.reqPerms.length) { @@ -96,14 +98,14 @@ export struct privacyDialog { } }).customizeButton() }.margin({ - top: 8 + top: Constants.BUTTON_MARGIN_TOP }) } } .backgroundColor($r('app.color.default_background_color')) - .borderRadius(24) - .height(186) - .width(336) + .borderRadius(Constants.DIALOG_BORDER_RADIUS) + .height(Constants.DIALOG_HEIGHT) + .width(Constants.DIALOG_WIDTH) } async verify(permission) { if(this.count >= this.grantGroups.length) { diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets new file mode 100644 index 000000000..700486b60 --- /dev/null +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +export default class Constants { + // icon of dialog + static DIALOG_ICON_WIDTH = 24; + static DIALOG_ICON_HEIGHT = 24; + static DIALOG_ICON_MARGIN_TOP = 24; + + // label text of dialog + static DIALOG_LABEL_FONT_SIZE = 14; + static DIALOG_LABEL_MARGIN_TOP = 2; + + // request text of dialog + static DIALOG_REQ_FONT_SIZE = 16; + static DIALOG_REQ_MARGIN_TOP = 16; + static DIALOG_REQ_MARGIN_LEFT = 24; + + // description text of dialog + static DIALOG_DESP_FONT_SIZE = 14; + static DIALOG_DESP_MARGIN_TOP = 2; + static DIALOG_DESP_MARGIN_LEFT = 24; + + static BUTTON_FONT_SIZE = 16; + static BUTTON_DIVIDER_FONT_SIZE = 30; + static BUTTON_MARGIN_TOP = 8; + + static DIALOG_BORDER_RADIUS = 24; + static DIALOG_HEIGHT = 186; + static DIALOG_WIDTH = 336; +} \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg index d3ff7d855..42f8ad97c 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/resources/base/media/ic_call_logs.svg @@ -2,30 +2,15 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + + + + + -- Gitee From 8b203787af210c2564729a2927174fbba35574f3 Mon Sep 17 00:00:00 2001 From: wanchengzhen Date: Mon, 14 Feb 2022 13:59:39 +0800 Subject: [PATCH 48/51] Fix atomic ability bundle.json change Signed-off-by: wanchengzhen --- bundle.json | 1 + 1 file changed, 1 insertion(+) diff --git a/bundle.json b/bundle.json index 2189e8c96..c6b2039c0 100755 --- a/bundle.json +++ b/bundle.json @@ -20,6 +20,7 @@ "ram": "5102KB", "deps": { "components": [ + "ability_base", "hiviewdfx_hilog_native", "ipc_core", "ans_standard", -- Gitee From ded9807d5f2c1789f47df0b5980b528d5a669480 Mon Sep 17 00:00:00 2001 From: libing23 Date: Mon, 14 Feb 2022 23:45:18 +0800 Subject: [PATCH 49/51] add tokensync service Signed-off-by: libing23 --- frameworks/accesstoken/BUILD.gn | 1 + .../include/hap_token_info_for_sync_parcel.h | 40 ++ .../include/i_accesstoken_manager.h | 33 +- .../src/hap_token_info_for_sync_parcel.cpp | 76 ++++ frameworks/common/include/accesstoken_log.h | 25 +- frameworks/common/include/data_validator.h | 2 + frameworks/common/src/data_validator.cpp | 5 + ...nsync_manager.h => i_token_sync_manager.h} | 11 +- .../accesstoken/include/accesstoken_kit.h | 8 + .../accesstoken/include/hap_token_info.h | 6 + .../accesstoken/src/accesstoken_kit.cpp | 100 ++++- .../src/accesstoken_manager_client.cpp | 150 ++++++- .../src/accesstoken_manager_client.h | 8 + .../src/accesstoken_manager_proxy.cpp | 378 ++++++++++++---- .../src/accesstoken_manager_proxy.h | 11 + interfaces/innerkits/tokensync/BUILD.gn | 9 +- .../{tokensync_kit.h => token_sync_kit.h} | 9 +- .../{tokensync_kit.cpp => token_sync_kit.cpp} | 27 +- ...ient.cpp => token_sync_manager_client.cpp} | 41 +- ...r_client.h => token_sync_manager_client.h} | 11 +- ...proxy.cpp => token_sync_manager_proxy.cpp} | 84 +++- ...ger_proxy.h => token_sync_manager_proxy.h} | 10 +- interfaces/innerkits/tokensync/test/BUILD.gn | 5 +- ...c_kit_test.cpp => token_sync_kit_test.cpp} | 4 +- ...nsync_kit_test.h => token_sync_kit_test.h} | 0 services/accesstokenmanager/BUILD.gn | 4 + .../permission/permission_policy_set.h | 1 + .../service/accesstoken_manager_service.h | 9 + .../service/accesstoken_manager_stub.h | 9 + .../include/token/accesstoken_info_manager.h | 11 + .../token/accesstoken_remote_token_manager.h | 61 +++ .../cpp/include/token/hap_token_info_inner.h | 24 +- .../include/token/native_token_info_inner.h | 15 +- .../cpp/include/token/token_modify_notifier.h | 56 +++ .../main/cpp/src/database/data_translator.cpp | 12 +- .../main/cpp/src/database/sqlite_helper.cpp | 26 +- .../main/cpp/src/database/sqlite_storage.cpp | 12 +- .../permission_definition_cache.cpp | 6 +- .../cpp/src/permission/permission_manager.cpp | 56 ++- .../src/permission/permission_policy_set.cpp | 23 +- .../src/permission/permission_validator.cpp | 2 - .../service/accesstoken_manager_service.cpp | 70 ++- .../src/service/accesstoken_manager_stub.cpp | 129 +++++- .../cpp/src/token/accesstoken_id_manager.cpp | 10 +- .../src/token/accesstoken_info_manager.cpp | 412 +++++++++++++---- .../accesstoken_remote_token_manager.cpp | 154 +++++++ .../cpp/src/token/hap_token_info_inner.cpp | 162 ++++--- .../cpp/src/token/native_token_info_inner.cpp | 147 +++---- .../cpp/src/token/native_token_receptor.cpp | 14 +- .../cpp/src/token/token_modify_notifier.cpp | 119 +++++ services/tokensyncmanager/BUILD.gn | 39 +- .../include/command/base_remote_command.h | 67 +++ .../command/delete_remote_token_command.h | 52 +++ .../command/sync_remote_hap_token_command.h | 59 +++ .../sync_remote_native_token_command.h | 55 +++ .../command/update_remote_hap_token_command.h | 56 +++ .../include/common/constant.h | 95 ++++ .../include/device/device_info.h | 46 ++ .../include/device/device_info_manager.h | 104 +++++ .../include/device/device_info_repository.h | 77 ++++ .../include/protocol/remote_protocol.h | 38 ++ .../include/remote/remote_command_executor.h | 158 +++++++ .../include/remote/remote_command_factory.h | 58 +++ .../include/remote/remote_command_manager.h | 165 +++++++ .../include/remote/rpc_channel.h | 80 ++++ .../include/remote/soft_bus_channel.h | 365 +++++++++++++++ .../soft_bus_device_connection_listener.h | 76 ++++ .../include/remote/soft_bus_manager.h | 95 +++- .../remote/soft_bus_session_listener.h | 114 +++++ .../service/token_sync_event_handler.h | 43 ++ .../service/token_sync_manager_service.h} | 25 +- .../service/token_sync_manager_stub.h} | 15 +- .../src/command/base_remote_command.cpp | 259 +++++++++++ .../command/delete_remote_token_command.cpp | 104 +++++ .../command/sync_remote_hap_token_command.cpp | 109 +++++ .../sync_remote_native_token_command.cpp | 120 +++++ .../update_remote_hap_token_command.cpp | 105 +++++ .../tokensyncmanager/src/common/constant.cpp | 43 ++ .../src/device/device_info_manager.cpp | 167 +++++++ .../src/device/device_info_repository.cpp | 191 ++++++++ .../src/remote/remote_command_executor.cpp | 329 ++++++++++++++ .../src/remote/remote_command_factory.cpp | 75 ++++ .../src/remote/remote_command_manager.cpp | 292 ++++++++++++ .../src/remote/soft_bus_channel.cpp | 416 ++++++++++++++++++ .../soft_bus_device_connection_listener.cpp | 93 ++++ .../src/remote/soft_bus_manager.cpp | 342 +++++++++----- .../src/remote/soft_bus_session_listener.cpp | 135 ++++++ .../src/service/token_sync_event_handler.cpp | 54 +++ ...ice.cpp => token_sync_manager_service.cpp} | 133 +++++- ...r_stub.cpp => token_sync_manager_stub.cpp} | 45 +- 90 files changed, 6818 insertions(+), 674 deletions(-) create mode 100644 frameworks/accesstoken/include/hap_token_info_for_sync_parcel.h create mode 100644 frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp rename frameworks/tokensync/include/{i_tokensync_manager.h => i_token_sync_manager.h} (71%) mode change 100755 => 100644 interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h rename interfaces/innerkits/tokensync/include/{tokensync_kit.h => token_sync_kit.h} (69%) rename interfaces/innerkits/tokensync/src/{tokensync_kit.cpp => token_sync_kit.cpp} (47%) rename interfaces/innerkits/tokensync/src/{tokensync_manager_client.cpp => token_sync_manager_client.cpp} (59%) rename interfaces/innerkits/tokensync/src/{tokensync_manager_client.h => token_sync_manager_client.h} (75%) rename interfaces/innerkits/tokensync/src/{tokensync_manager_proxy.cpp => token_sync_manager_proxy.cpp} (37%) rename interfaces/innerkits/tokensync/src/{tokensync_manager_proxy.h => token_sync_manager_proxy.h} (74%) rename interfaces/innerkits/tokensync/test/unittest/src/{tokensync_kit_test.cpp => token_sync_kit_test.cpp} (93%) rename interfaces/innerkits/tokensync/test/unittest/src/{tokensync_kit_test.h => token_sync_kit_test.h} (100%) create mode 100644 services/accesstokenmanager/main/cpp/include/token/accesstoken_remote_token_manager.h create mode 100644 services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h create mode 100644 services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp create mode 100644 services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp create mode 100644 services/tokensyncmanager/include/command/base_remote_command.h create mode 100644 services/tokensyncmanager/include/command/delete_remote_token_command.h create mode 100644 services/tokensyncmanager/include/command/sync_remote_hap_token_command.h create mode 100644 services/tokensyncmanager/include/command/sync_remote_native_token_command.h create mode 100644 services/tokensyncmanager/include/command/update_remote_hap_token_command.h create mode 100644 services/tokensyncmanager/include/common/constant.h create mode 100644 services/tokensyncmanager/include/device/device_info.h create mode 100644 services/tokensyncmanager/include/device/device_info_manager.h create mode 100644 services/tokensyncmanager/include/device/device_info_repository.h create mode 100644 services/tokensyncmanager/include/protocol/remote_protocol.h create mode 100644 services/tokensyncmanager/include/remote/remote_command_executor.h create mode 100644 services/tokensyncmanager/include/remote/remote_command_factory.h create mode 100644 services/tokensyncmanager/include/remote/remote_command_manager.h create mode 100644 services/tokensyncmanager/include/remote/rpc_channel.h create mode 100644 services/tokensyncmanager/include/remote/soft_bus_channel.h create mode 100644 services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h create mode 100644 services/tokensyncmanager/include/remote/soft_bus_session_listener.h create mode 100644 services/tokensyncmanager/include/service/token_sync_event_handler.h rename services/tokensyncmanager/{src/service/tokensync_manager_service.h => include/service/token_sync_manager_service.h} (56%) rename services/tokensyncmanager/{src/service/tokensync_manager_stub.h => include/service/token_sync_manager_stub.h} (70%) create mode 100644 services/tokensyncmanager/src/command/base_remote_command.cpp create mode 100644 services/tokensyncmanager/src/command/delete_remote_token_command.cpp create mode 100644 services/tokensyncmanager/src/command/sync_remote_hap_token_command.cpp create mode 100644 services/tokensyncmanager/src/command/sync_remote_native_token_command.cpp create mode 100644 services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp create mode 100644 services/tokensyncmanager/src/common/constant.cpp create mode 100644 services/tokensyncmanager/src/device/device_info_manager.cpp create mode 100644 services/tokensyncmanager/src/device/device_info_repository.cpp create mode 100644 services/tokensyncmanager/src/remote/remote_command_executor.cpp create mode 100644 services/tokensyncmanager/src/remote/remote_command_factory.cpp create mode 100644 services/tokensyncmanager/src/remote/remote_command_manager.cpp create mode 100644 services/tokensyncmanager/src/remote/soft_bus_channel.cpp create mode 100644 services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp create mode 100644 services/tokensyncmanager/src/remote/soft_bus_session_listener.cpp create mode 100644 services/tokensyncmanager/src/service/token_sync_event_handler.cpp rename services/tokensyncmanager/src/service/{tokensync_manager_service.cpp => token_sync_manager_service.cpp} (31%) rename services/tokensyncmanager/src/service/{tokensync_manager_stub.cpp => token_sync_manager_stub.cpp} (51%) diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn index 1489a5df0..e7ebdac5b 100644 --- a/frameworks/accesstoken/BUILD.gn +++ b/frameworks/accesstoken/BUILD.gn @@ -39,6 +39,7 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") { sources = [ "src/hap_info_parcel.cpp", "src/hap_policy_parcel.cpp", + "src/hap_token_info_for_sync_parcel.cpp", "src/hap_token_info_parcel.cpp", "src/native_token_info_parcel.cpp", "src/permission_def_parcel.cpp", diff --git a/frameworks/accesstoken/include/hap_token_info_for_sync_parcel.h b/frameworks/accesstoken/include/hap_token_info_for_sync_parcel.h new file mode 100644 index 000000000..b0c838402 --- /dev/null +++ b/frameworks/accesstoken/include/hap_token_info_for_sync_parcel.h @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HAP_TOKEN_INFO_FOR_SYNC_PARCEL_H +#define HAP_TOKEN_INFO_FOR_SYNC_PARCEL_H + +#include "hap_token_info.h" +#include "parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct HapTokenInfoForSyncParcel final : public Parcelable { + HapTokenInfoForSyncParcel() = default; + + ~HapTokenInfoForSyncParcel() override = default; + + bool Marshalling(Parcel &out) const override; + + static HapTokenInfoForSyncParcel *Unmarshalling(Parcel &in); + + HapTokenInfoForSync hapTokenInfoForSyncParams; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // HAP_TOKEN_INFO_FOR_SYNC_PARCEL_H + diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index aec6c78be..12b1d3165 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -18,16 +18,16 @@ #include -#include "iremote_broker.h" -#include "errors.h" - #include "access_token.h" -#include "permission_def_parcel.h" -#include "permission_state_full_parcel.h" +#include "errors.h" +#include "hap_info_parcel.h" #include "hap_policy_parcel.h" +#include "hap_token_info_for_sync_parcel.h" #include "hap_token_info_parcel.h" -#include "hap_info_parcel.h" +#include "iremote_broker.h" #include "native_token_info_parcel.h" +#include "permission_def_parcel.h" +#include "permission_state_full_parcel.h" namespace OHOS { namespace Security { @@ -58,6 +58,18 @@ public: virtual int UpdateHapToken( AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0; + virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSyncParcel& hapSyncParcel) = 0; + virtual int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) = 0; + virtual int SetRemoteHapTokenInfo(const std::string& deviceID, + HapTokenInfoForSyncParcel& hapSyncParcel) = 0; + virtual int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoParcel) = 0; + virtual int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) = 0; + virtual int DeleteRemoteDeviceTokens(const std::string& deviceID) = 0; + + virtual int DumpToken(std::string& dumpInfo) = 0; + enum class InterfaceCode { VERIFY_ACCESSTOKEN = 0xff10, GET_DEF_PERMISSION = 0xff11, @@ -76,6 +88,15 @@ public: GET_NATIVE_TOKENINFO = 0xff24, GET_HAP_TOKENINFO = 0xff25, UPDATE_HAP_TOKEN = 0xff26, + + GET_HAP_TOKEN_FROM_REMOTE = 0xff27, + GET_ALL_NATIVE_TOKEN_FROM_REMOTE = 0xff28, + SET_REMOTE_HAP_TOKEN_INFO = 0xff29, + SET_REMOTE_NATIVE_TOKEN_INFO = 0xff2a, + DELETE_REMOTE_TOKEN_INFO = 0xff2b, + DELETE_REMOTE_DEVICE_TOKEN = 0xff2c, + + DUMP = 0xff30, }; }; } // namespace AccessToken diff --git a/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp new file mode 100644 index 000000000..1f3d64286 --- /dev/null +++ b/frameworks/accesstoken/src/hap_token_info_for_sync_parcel.cpp @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "hap_token_info_for_sync_parcel.h" +#include "hap_token_info_parcel.h" +#include "permission_state_full_parcel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +#define RETURN_IF_FALSE(expr) \ + if (!(expr)) { \ + return false; \ + } + +#define RELEASE_IF_FALSE(expr, obj) \ + if (!(expr)) { \ + delete (obj); \ + (obj) = nullptr; \ + return (obj); \ + } + +bool HapTokenInfoForSyncParcel::Marshalling(Parcel& out) const +{ + HapTokenInfoParcel baseInfoParcel; + baseInfoParcel.hapTokenInfoParams = this->hapTokenInfoForSyncParams.baseInfo; + out.WriteParcelable(&baseInfoParcel); + + const std::vector& permStateList = this->hapTokenInfoForSyncParams.permStateList; + int32_t permStateListSize = (int32_t)permStateList.size(); + RETURN_IF_FALSE(out.WriteInt32(permStateListSize)); + + for (int i = 0; i < permStateListSize; i++) { + PermissionStateFullParcel permStateParcel; + permStateParcel.permStatFull = permStateList[i]; + out.WriteParcelable(&permStateParcel); + } + + return true; +} + +HapTokenInfoForSyncParcel* HapTokenInfoForSyncParcel::Unmarshalling(Parcel& in) +{ + auto* hapTokenInfoForSyncParcel = new (std::nothrow) HapTokenInfoForSyncParcel(); + RELEASE_IF_FALSE(hapTokenInfoForSyncParcel != nullptr, hapTokenInfoForSyncParcel); + + sptr baseInfoParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(baseInfoParcel != nullptr, hapTokenInfoForSyncParcel); + hapTokenInfoForSyncParcel->hapTokenInfoForSyncParams.baseInfo = baseInfoParcel->hapTokenInfoParams; + + int permStateListSize; + RELEASE_IF_FALSE(in.ReadInt32(permStateListSize), hapTokenInfoForSyncParcel); + for (int i = 0; i < permStateListSize; i++) { + sptr permissionStateParcel = in.ReadParcelable(); + RELEASE_IF_FALSE(permissionStateParcel != nullptr, hapTokenInfoForSyncParcel); + hapTokenInfoForSyncParcel->hapTokenInfoForSyncParams.permStateList.emplace_back( + permissionStateParcel->permStatFull); + } + return hapTokenInfoForSyncParcel; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/frameworks/common/include/accesstoken_log.h b/frameworks/common/include/accesstoken_log.h index 3fb142587..ac4aaa107 100644 --- a/frameworks/common/include/accesstoken_log.h +++ b/frameworks/common/include/accesstoken_log.h @@ -22,19 +22,24 @@ #ifndef __cplusplus -#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) #else -#define ACCESSTOKEN_LOG_DEBUG(label, fmt, ...) OHOS::HiviewDFX::HiLog::Debug(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_INFO(label, fmt, ...) OHOS::HiviewDFX::HiLog::Info(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_WARN(label, fmt, ...) OHOS::HiviewDFX::HiLog::Warn(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_ERROR(label, fmt, ...) OHOS::HiviewDFX::HiLog::Error(label, fmt, ##__VA_ARGS__) -#define ACCESSTOKEN_LOG_FATAL(label, fmt, ...) OHOS::HiviewDFX::HiLog::Fatal(label, fmt, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_DEBUG(label, fmt, ...) \ + OHOS::HiviewDFX::HiLog::Debug(label, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_INFO(label, fmt, ...) \ + OHOS::HiviewDFX::HiLog::Info(label, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_WARN(label, fmt, ...) \ + OHOS::HiviewDFX::HiLog::Warn(label, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_ERROR(label, fmt, ...) \ + OHOS::HiviewDFX::HiLog::Error(label, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) +#define ACCESSTOKEN_LOG_FATAL(label, fmt, ...) \ + OHOS::HiviewDFX::HiLog::Fatal(label, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) #endif // __cplusplus diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h index f9cb353d1..8821598cf 100644 --- a/frameworks/common/include/data_validator.h +++ b/frameworks/common/include/data_validator.h @@ -14,6 +14,7 @@ */ #include +#include "access_token.h" #ifndef DATA_VALIDATOR_H #define DATA_VALIDATOR_H @@ -43,6 +44,7 @@ public: static bool IsDescValid(const std::string& desc); static bool IsPermissionFlagValid(int flag); static bool IsDcapValid(const std::string& dcap); + static bool IsTokenIDValid(AccessTokenID id); private: const static int MAX_LENGTH = 256; const static int MAX_APPIDDESC_LENGTH = 10240; diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 3eb3e0c67..a28479e7e 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -81,6 +81,11 @@ bool DataValidator::IsPermissionFlagValid(int flag) flag == PermissionFlag::PERMISSION_USER_FIXED || flag == PermissionFlag::PERMISSION_SYSTEM_FIXED; } + +bool DataValidator::IsTokenIDValid(AccessTokenID id) +{ + return id != 0; +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/frameworks/tokensync/include/i_tokensync_manager.h b/frameworks/tokensync/include/i_token_sync_manager.h similarity index 71% rename from frameworks/tokensync/include/i_tokensync_manager.h rename to frameworks/tokensync/include/i_token_sync_manager.h index 4555102b9..8975482ce 100644 --- a/frameworks/tokensync/include/i_tokensync_manager.h +++ b/frameworks/tokensync/include/i_token_sync_manager.h @@ -21,6 +21,9 @@ #include "iremote_broker.h" #include "errors.h" +#include "access_token.h" +#include "hap_token_info_for_sync_parcel.h" + namespace OHOS { namespace Security { namespace AccessToken { @@ -30,10 +33,14 @@ public: DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.ITokenSyncManager"); - virtual int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) = 0; + virtual int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) = 0; + virtual int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) = 0; + virtual int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) = 0; enum class InterfaceCode { - VERIFY_PERMISSION = 0xff01, + GET_REMOTE_HAP_TOKEN_INFO = 0xff01, + DELETE_REMOTE_HAP_TOKEN_INFO = 0xff02, + UPDATE_REMOTE_HAP_TOKEN_INFO = 0xff03 }; }; } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h index fdc83a2b5..495f451d9 100644 --- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h +++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h @@ -53,6 +53,14 @@ public: static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag); static int ClearUserGrantedPermissionState(AccessTokenID tokenID); + static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); + static int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); + static int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); + static int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList); + static int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); + static int DeleteRemoteDeviceTokens(const std::string& deviceID); + static int DumpToken(std::string& dumpInfo); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/accesstoken/include/hap_token_info.h b/interfaces/innerkits/accesstoken/include/hap_token_info.h index 26477f893..1d38ae684 100644 --- a/interfaces/innerkits/accesstoken/include/hap_token_info.h +++ b/interfaces/innerkits/accesstoken/include/hap_token_info.h @@ -53,6 +53,12 @@ public: AccessTokenID tokenID; AccessTokenAttr tokenAttr; }; + +class HapTokenInfoForSync final { +public: + HapTokenInfo baseInfo; + std::vector permStateList; +}; } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 3022ec14f..dbdad0dab 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -36,7 +36,7 @@ AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const H if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) || !DataValidator::IsDomainValid(policy.domain)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, input param failed", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "input param failed"); return res; } @@ -45,7 +45,8 @@ AccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const H AccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s tokenID=%{public}d", + __func__, remoteDeviceID.c_str(), remoteTokenID); return AccessTokenManagerClient::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); } @@ -54,7 +55,7 @@ int AccessTokenKit::UpdateHapToken(AccessTokenID tokenID, const std::string& app ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if ((tokenID == 0) || (!DataValidator::IsAppIDDescValid(appIDDesc)) || (!DataValidator::IsAplNumValid(policy.apl))) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, input param failed", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "input param failed"); return RET_FAILED; } return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenID, appIDDesc, policy); @@ -64,7 +65,7 @@ int AccessTokenKit::DeleteToken(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); return RET_FAILED; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); @@ -75,7 +76,7 @@ ATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); return TOKEN_INVALID; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); @@ -95,11 +96,11 @@ int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dc { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); return RET_FAILED; } if (!DataValidator::IsDcapValid(dcap)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: dcap is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "dcap is invalid"); return RET_FAILED; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, dcap=%{public}s", tokenID, dcap.c_str()); @@ -110,7 +111,7 @@ AccessTokenID AccessTokenKit::GetHapTokenID(int userID, const std::string& bundl { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (!DataValidator::IsUserIdValid(userID) || !DataValidator::IsBundleNameValid(bundleName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, hap token param failed", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "hap token param failed"); return 0; } ACCESSTOKEN_LOG_INFO(LABEL, "int userID=%{public}d, bundleName=%{public}s, instIndex=%{public}d", @@ -122,7 +123,7 @@ int AccessTokenKit::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapToke { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); return RET_FAILED; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d", tokenID); @@ -142,11 +143,11 @@ int AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (tokenID == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenID is invalid"); return PERMISSION_DENIED; } if (!DataValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "permissionName is invalid"); return PERMISSION_DENIED; } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, permissionName=%{public}s", tokenID, permissionName.c_str()); @@ -170,7 +171,7 @@ int AccessTokenKit::GetDefPermission(const std::string& permissionName, Permissi { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); if (!DataValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: permissionName is invalid", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "permissionName is invalid"); return RET_FAILED; } ACCESSTOKEN_LOG_INFO(LABEL, "permissionName=%{public}s", permissionName.c_str()); @@ -185,7 +186,7 @@ int AccessTokenKit::GetDefPermissions(AccessTokenID tokenID, std::vector& nativeTokenInfosRes) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + + return AccessTokenManagerClient::GetInstance().GetAllNativeTokenInfo(nativeTokenInfosRes); +} + +int AccessTokenKit::SetRemoteHapTokenInfo(const std::string& deviceID, + const HapTokenInfoForSync& hapSync) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s tokenID=%{public}d", + __func__, deviceID.c_str(), hapSync.baseInfo.tokenID); + return AccessTokenManagerClient::GetInstance().SetRemoteHapTokenInfo(deviceID, hapSync); +} + +int AccessTokenKit::SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s", __func__, deviceID.c_str()); + return AccessTokenManagerClient::GetInstance() + .SetRemoteNativeTokenInfo(deviceID, nativeTokenInfoList); +} + +int AccessTokenKit::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s tokenID=%{public}d", + __func__, deviceID.c_str(), tokenID); + return AccessTokenManagerClient::GetInstance().DeleteRemoteToken(deviceID, tokenID); +} + +int AccessTokenKit::DeleteRemoteDeviceTokens(const std::string& deviceID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s", __func__, deviceID.c_str()); + return AccessTokenManagerClient::GetInstance().DeleteRemoteDeviceTokens(deviceID); +} + +int AccessTokenKit::DumpToken(std::string& dumpInfo) +{ + return AccessTokenManagerClient::GetInstance().DumpToken(dumpInfo); +} } // namespace AccessToken } // namespace Security } // namespace OHOS diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index dcfec1f30..f7e5d4f0d 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -18,6 +18,7 @@ #include "accesstoken_log.h" #include "accesstoken_manager_proxy.h" #include "hap_token_info.h" +#include "hap_token_info_for_sync_parcel.h" #include "iservice_registry.h" #include "native_token_info.h" @@ -47,7 +48,7 @@ int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return PERMISSION_DENIED; } return proxy->VerifyAccessToken(tokenID, permissionName); @@ -59,7 +60,7 @@ int AccessTokenManagerClient::GetDefPermission( ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } PermissionDefParcel permissionDefParcel; @@ -73,7 +74,7 @@ int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vect ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } std::vector parcelList; @@ -91,7 +92,7 @@ int AccessTokenManagerClient::GetReqPermissions( ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } std::vector parcelList; @@ -108,7 +109,7 @@ int AccessTokenManagerClient::GetPermissionFlag(AccessTokenID tokenID, const std ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return DEFAULT_PERMISSION_FLAGS; } return proxy->GetPermissionFlag(tokenID, permissionName); @@ -119,7 +120,7 @@ int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std:: ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->GrantPermission(tokenID, permissionName, flag); @@ -130,7 +131,7 @@ int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std: ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->RevokePermission(tokenID, permissionName, flag); @@ -141,7 +142,7 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->ClearUserGrantedPermissionState(tokenID); @@ -153,7 +154,7 @@ AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& inf ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return res; } HapInfoParcel hapInfoParcel; @@ -169,7 +170,7 @@ int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID) ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->DeleteToken(tokenID); @@ -180,7 +181,7 @@ ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID) ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return TOKEN_INVALID; } return (ATokenTypeEnum)(proxy->GetTokenType(tokenID)); @@ -191,7 +192,7 @@ int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std:: ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->CheckNativeDCap(tokenID, dcap); @@ -202,7 +203,7 @@ AccessTokenID AccessTokenManagerClient::GetHapTokenID(int userID, const std::str ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->GetHapTokenID(userID, bundleName, instIndex); @@ -214,7 +215,7 @@ AccessTokenID AccessTokenManagerClient::AllocLocalTokenID( ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } return proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID); @@ -226,7 +227,7 @@ int AccessTokenManagerClient::UpdateHapToken( ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } HapPolicyParcel hapPolicyParcel; @@ -239,7 +240,7 @@ int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInf ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } HapTokenInfoParcel hapTokenInfoParcel; @@ -254,7 +255,7 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return RET_FAILED; } NativeTokenInfoParcel nativeTokenInfoParcel; @@ -263,6 +264,114 @@ int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTo return res; } +int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + + HapTokenInfoForSyncParcel hapSyncParcel; + int res = proxy->GetHapTokenInfoFromRemote(tokenID, hapSyncParcel); + hapSync = hapSyncParcel.hapTokenInfoForSyncParams; + return res; +} + +int AccessTokenManagerClient::GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + + std::vector parcelList; + int result = proxy->GetAllNativeTokenInfo(parcelList); + for (auto nativeTokenParcel : parcelList) { + NativeTokenInfo native = nativeTokenParcel.nativeTokenInfoParams; + nativeTokenInfosRes.emplace_back(native); + } + + return result; +} + +int AccessTokenManagerClient::SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + + HapTokenInfoForSyncParcel hapSyncParcel; + hapSyncParcel.hapTokenInfoForSyncParams = hapSync; + + int res = proxy->SetRemoteHapTokenInfo(deviceID, hapSyncParcel); + return res; +} + +int AccessTokenManagerClient::SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + std::vector hapTokenInfoParcels; + for (auto native : nativeTokenInfoList) { + NativeTokenInfoParcel nativeTokenInfoParcel; + nativeTokenInfoParcel.nativeTokenInfoParams = native; + hapTokenInfoParcels.emplace_back(nativeTokenInfoParcel); + } + PermissionStateFullParcel permStateParcel; + int res = proxy->SetRemoteNativeTokenInfo(deviceID, hapTokenInfoParcels); + return res; +} + +int AccessTokenManagerClient::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + + int res = proxy->DeleteRemoteToken(deviceID, tokenID); + return res; +} + +int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& deviceID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + + int res = proxy->DeleteRemoteDeviceTokens(deviceID); + return res; +} + +int AccessTokenManagerClient::DumpToken(std::string& dumpInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return RET_FAILED; + } + AccessTokenID res = proxy->DumpToken(dumpInfo); + return res; +} + sptr AccessTokenManagerClient::GetProxy() { if (proxy_ == nullptr) { @@ -270,25 +379,24 @@ sptr AccessTokenManagerClient::GetProxy() if (proxy_ == nullptr) { auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (sam == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbilityManager is null"); return nullptr; } auto accesstokenSa = sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); if (accesstokenSa == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__, + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbility %{public}d is null", IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE); return nullptr; } auto proxy = iface_cast(accesstokenSa); if (proxy == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "iface_cast get null"); return nullptr; } proxy_ = proxy; } } - return proxy_; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h old mode 100755 new mode 100644 index e3a9263f9..d3cc13fca --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -57,6 +57,14 @@ public: int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy); int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes); int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes); + int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); + int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); + int SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync); + int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList); + int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); + int DeleteRemoteDeviceTokens(const std::string& deviceID); + int DumpToken(std::string& dumpInfo); private: AccessTokenManagerClient(); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 0f330c8d5..e34fd9252 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -39,11 +39,11 @@ int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std: MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return PERMISSION_DENIED; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return PERMISSION_DENIED; } @@ -51,18 +51,18 @@ int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std: MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return PERMISSION_DENIED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::VERIFY_ACCESSTOKEN), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return PERMISSION_DENIED; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -72,7 +72,7 @@ int AccessTokenManagerProxy::GetDefPermission( MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return RET_FAILED; } @@ -80,24 +80,24 @@ int AccessTokenManagerProxy::GetDefPermission( MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSION), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } sptr resultSptr = reply.ReadParcelable(); if (resultSptr == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "read permission def parcel fail"); return RET_FAILED; } permissionDefResult = *resultSptr; int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -107,7 +107,7 @@ int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } @@ -115,13 +115,13 @@ int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSIONS), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } @@ -133,7 +133,7 @@ int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID, } } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -143,11 +143,11 @@ int AccessTokenManagerProxy::GetReqPermissions( MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } if (!data.WriteInt32(isSystemGrant)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write isSystemGrant", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write isSystemGrant"); return RET_FAILED; } @@ -155,13 +155,13 @@ int AccessTokenManagerProxy::GetReqPermissions( MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_REQ_PERMISSIONS), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } @@ -173,7 +173,7 @@ int AccessTokenManagerProxy::GetReqPermissions( } } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -182,11 +182,11 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return DEFAULT_PERMISSION_FLAGS; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return DEFAULT_PERMISSION_FLAGS; } @@ -194,18 +194,18 @@ int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std: MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return DEFAULT_PERMISSION_FLAGS; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return DEFAULT_PERMISSION_FLAGS; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -214,15 +214,15 @@ int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::s MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return RET_FAILED; } if (!data.WriteInt32(flag)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write flag", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write flag"); return RET_FAILED; } @@ -230,18 +230,18 @@ int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::s MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GRANT_PERMISSION), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -250,15 +250,15 @@ int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std:: MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return RET_FAILED; } if (!data.WriteInt32(flag)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write flag", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write flag"); return RET_FAILED; } @@ -266,18 +266,18 @@ int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std:: MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::REVOKE_PERMISSION), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -286,7 +286,7 @@ int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID token MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } @@ -294,18 +294,18 @@ int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID token MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::CLEAR_USER_GRANT_PERMISSION), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -329,20 +329,20 @@ AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken( MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); res.tokenIDEx = 0; return res; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::ALLOC_TOKEN_HAP), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); res.tokenIDEx = 0; return res; } unsigned long long result = reply.ReadUint64(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}llu", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}llu", result); res.tokenIDEx = result; return res; } @@ -353,7 +353,7 @@ int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID) data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } @@ -361,18 +361,18 @@ int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID) MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::TOKEN_DELETE), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -382,7 +382,7 @@ int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID) data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } @@ -390,18 +390,18 @@ int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID) MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_TOKEN_TYPE), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -411,29 +411,29 @@ int AccessTokenManagerProxy::CheckNativeDCap(AccessTokenID tokenID, const std::s data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return RET_FAILED; } if (!data.WriteString(dcap)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap"); return RET_FAILED; } MessageParcel reply; MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::CHECK_NATIVE_DCAP), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return RET_FAILED; } int result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -443,33 +443,33 @@ AccessTokenID AccessTokenManagerProxy::GetHapTokenID(int userID, const std::stri data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteInt32(userID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write tokenID", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return 0; } if (!data.WriteString(bundleName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap"); return 0; } if (!data.WriteInt32(instIndex)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap"); return 0; } MessageParcel reply; MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return 0; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_ID), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return 0; } int result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result); return result; } @@ -480,29 +480,29 @@ AccessTokenID AccessTokenManagerProxy::AllocLocalTokenID( data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteString(remoteDeviceID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap"); return 0; } if (!data.WriteUint32(remoteTokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write dcap", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap"); return 0; } MessageParcel reply; MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return 0; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::ALLOC_LOCAL_TOKEN_ID), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult); return 0; } AccessTokenID result = reply.ReadUint32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } @@ -511,7 +511,7 @@ int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTok MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return RET_FAILED; } @@ -519,24 +519,24 @@ int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTok MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_NATIVE_TOKENINFO), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); return RET_FAILED; } sptr resultSptr = reply.ReadParcelable(); if (resultSptr == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail"); return RET_FAILED; } nativeTokenInfoRes = *resultSptr; int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } @@ -545,7 +545,7 @@ int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo MessageParcel data; data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); if (!data.WriteUint32(tokenID)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName"); return RET_FAILED; } @@ -553,24 +553,24 @@ int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKENINFO), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); return RET_FAILED; } sptr resultSptr = reply.ReadParcelable(); if (resultSptr == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s ReadParcelable fail", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail"); return RET_FAILED; } hapTokenInfoRes = *resultSptr; int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } @@ -593,18 +593,236 @@ int AccessTokenManagerProxy::UpdateHapToken(AccessTokenID tokenID, MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return RET_FAILED; } int32_t requestResult = remote->SendRequest( static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); return RET_FAILED; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSyncParcel& hapSyncParcel) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_FROM_REMOTE), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + sptr hapResult = reply.ReadParcelable(); + if (hapResult == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail"); + return RET_FAILED; + } + hapSyncParcel = *hapResult; + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::GET_ALL_NATIVE_TOKEN_FROM_REMOTE), + data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + int32_t size = reply.ReadInt32(); + for (int i = 0; i < size; i++) { + sptr nativeResult = reply.ReadParcelable(); + if (nativeResult != nullptr) { + nativeTokenInfoRes.emplace_back(*nativeResult); + } + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::SetRemoteHapTokenInfo(const std::string& deviceID, + HapTokenInfoForSyncParcel& hapSyncParcel) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteString(deviceID)) { + return RET_FAILED; + } + if (!data.WriteParcelable(&hapSyncParcel)) { + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::SET_REMOTE_HAP_TOKEN_INFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoParcel) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteString(deviceID)) { + return RET_FAILED; + } + if (!data.WriteUint32(nativeTokenInfoParcel.size())) { + return RET_FAILED; + } + for (NativeTokenInfoParcel& parcel : nativeTokenInfoParcel) { + if (!data.WriteParcelable(&parcel)) { + return RET_FAILED; + } + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::SET_REMOTE_NATIVE_TOKEN_INFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteString(deviceID)) { + return RET_FAILED; + } + + if (!data.WriteUint32(tokenID)) { + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_TOKEN_INFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceID) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + if (!data.WriteString(deviceID)) { + return RET_FAILED; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_DEVICE_TOKEN), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int AccessTokenManagerProxy::DumpToken(std::string& dumpInfo) +{ + MessageParcel data; + data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return RET_FAILED; + } + int32_t requestResult = remote->SendRequest( + static_cast(IAccessTokenManager::InterfaceCode::DUMP), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return RET_FAILED; + } + + dumpInfo = reply.ReadString(); + AccessTokenID result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } } // namespace AccessToken diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 973714702..55655a6f4 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -23,6 +23,7 @@ #include "hap_info_parcel.h" #include "hap_policy_parcel.h" #include "hap_token_info_parcel.h" +#include "hap_token_info_for_sync_parcel.h" #include "i_accesstoken_manager.h" #include "iremote_proxy.h" #include "native_token_info_parcel.h" @@ -56,6 +57,16 @@ public: const HapPolicyParcel& policyPar) override; int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override; int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override; + + int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; + int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) override; + int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; + int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoParcel) override; + int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; + int DeleteRemoteDeviceTokens(const std::string& deviceID) override; + + int DumpToken(std::string& dumpInfo) override; private: static inline BrokerDelegator delegator_; }; diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn index 1d8ba9af6..aa92f46a9 100644 --- a/interfaces/innerkits/tokensync/BUILD.gn +++ b/interfaces/innerkits/tokensync/BUILD.gn @@ -36,6 +36,8 @@ ohos_shared_library("libtokensync_sdk") { "//base/security/access_token/frameworks/tokensync/include", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/interfaces/innerkits/tokensync/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/frameworks/accesstoken/include", #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission", ] @@ -44,14 +46,15 @@ ohos_shared_library("libtokensync_sdk") { #"main/cpp/src/permission/permission_kit.cpp", #"main/cpp/src/permission/permission_manager_client.cpp", #"main/cpp/src/permission/permission_manager_proxy.cpp", - "src/tokensync_kit.cpp", - "src/tokensync_manager_client.cpp", - "src/tokensync_manager_proxy.cpp", + "src/token_sync_kit.cpp", + "src/token_sync_manager_client.cpp", + "src/token_sync_manager_proxy.cpp", ] deps = [ #"//base/security/permission/frameworks/permission_standard/permissioncommunicationadapter:permission_standard_communication_adapter_cxx", #"//base/security/permission/frameworks/permission_standard/permissioninfrastructure:permission_standard_infrastructure_cxx", + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//utils/native/base:utils", ] diff --git a/interfaces/innerkits/tokensync/include/tokensync_kit.h b/interfaces/innerkits/tokensync/include/token_sync_kit.h similarity index 69% rename from interfaces/innerkits/tokensync/include/tokensync_kit.h rename to interfaces/innerkits/tokensync/include/token_sync_kit.h index 3ac9d29ee..e72b00594 100644 --- a/interfaces/innerkits/tokensync/include/tokensync_kit.h +++ b/interfaces/innerkits/tokensync/include/token_sync_kit.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -19,12 +19,17 @@ #include #include +#include "access_token.h" +#include "hap_token_info.h" + namespace OHOS { namespace Security { namespace AccessToken { class TokenSyncKit { public: - static int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId); + static int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID); + static int DeleteRemoteHapTokenInfo(AccessTokenID tokenID); + static int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo); }; } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/tokensync/src/tokensync_kit.cpp b/interfaces/innerkits/tokensync/src/token_sync_kit.cpp similarity index 47% rename from interfaces/innerkits/tokensync/src/tokensync_kit.cpp rename to interfaces/innerkits/tokensync/src/token_sync_kit.cpp index 2fbaee384..090153e7b 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_kit.cpp +++ b/interfaces/innerkits/tokensync/src/token_sync_kit.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,13 +13,13 @@ * limitations under the License. */ -#include "tokensync_kit.h" +#include "token_sync_kit.h" #include #include #include "accesstoken_log.h" -#include "tokensync_manager_client.h" +#include "token_sync_manager_client.h" namespace OHOS { namespace Security { @@ -30,12 +30,23 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncKit"}; } // namespace -int TokenSyncKit::VerifyPermission(const string& bundleName, const string& permissionName, int userId) +int TokenSyncKit::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); - ACCESSTOKEN_LOG_INFO(LABEL, "bundleName=%{public}s, permissionName=%{public}s, userId=%{public}d", - bundleName.c_str(), permissionName.c_str(), userId); - return TokenSyncManagerClient::GetInstance().VerifyPermission(bundleName, permissionName, userId); + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID=%{public}s tokenID=%{public}d", + __func__, deviceID.c_str(), tokenID); + return TokenSyncManagerClient::GetInstance().GetRemoteHapTokenInfo(deviceID, tokenID); +} + +int TokenSyncKit::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID=%{public}d", __func__, tokenID); + return TokenSyncManagerClient::GetInstance().DeleteRemoteHapTokenInfo(tokenID); +} + +int TokenSyncKit::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called tokenID=%{public}d", __func__, tokenInfo.baseInfo.tokenID); + return TokenSyncManagerClient::GetInstance().UpdateRemoteHapTokenInfo(tokenInfo); } } // namespace AccessToken } // namespace Security diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp similarity index 59% rename from interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp rename to interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp index b63d0ab49..3cd5a9d56 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_client.cpp +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,10 +13,10 @@ * limitations under the License. */ -#include "tokensync_manager_client.h" +#include "token_sync_manager_client.h" #include "accesstoken_log.h" - +#include "hap_token_info_for_sync_parcel.h" #include "iservice_registry.h" namespace OHOS { @@ -38,35 +38,56 @@ TokenSyncManagerClient::TokenSyncManagerClient() TokenSyncManagerClient::~TokenSyncManagerClient() {} -int TokenSyncManagerClient::VerifyPermission( - const std::string& bundleName, const std::string& permissionName, int userId) const +int TokenSyncManagerClient::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return -1; + } + return proxy->GetRemoteHapTokenInfo(deviceID, tokenID); +} + +int TokenSyncManagerClient::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + auto proxy = GetProxy(); + if (proxy == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); + return -1; + } + return proxy->DeleteRemoteHapTokenInfo(tokenID); +} + +int TokenSyncManagerClient::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const { ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); auto proxy = GetProxy(); if (proxy == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: proxy is null", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); return -1; } - return proxy->VerifyPermission(bundleName, permissionName, userId); + return proxy->UpdateRemoteHapTokenInfo(tokenInfo); } sptr TokenSyncManagerClient::GetProxy() const { auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (sam == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbilityManager is null", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbilityManager is null"); return nullptr; } auto tokensyncSa = sam->GetSystemAbility(ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); if (tokensyncSa == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: GetSystemAbility %{public}d is null", __func__, + ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbility %{public}d is null", ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); return nullptr; } auto proxy = iface_cast(tokensyncSa); if (proxy == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: iface_cast get null", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "iface_cast get null"); return nullptr; } return proxy; diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_client.h b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h similarity index 75% rename from interfaces/innerkits/tokensync/src/tokensync_manager_client.h rename to interfaces/innerkits/tokensync/src/token_sync_manager_client.h index a44602772..f416cba31 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_client.h +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -18,8 +18,9 @@ #include -#include "i_tokensync_manager.h" - +#include "access_token.h" +#include "hap_token_info.h" +#include "i_token_sync_manager.h" #include "nocopyable.h" namespace OHOS { @@ -31,7 +32,9 @@ public: virtual ~TokenSyncManagerClient(); - int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) const; + int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const; + int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const; + int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const; private: TokenSyncManagerClient(); diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp b/interfaces/innerkits/tokensync/src/token_sync_manager_proxy.cpp similarity index 37% rename from interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp rename to interfaces/innerkits/tokensync/src/token_sync_manager_proxy.cpp index f1988a60e..bf603c590 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.cpp +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_proxy.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,10 +13,9 @@ * limitations under the License. */ -#include "tokensync_manager_proxy.h" +#include "token_sync_manager_proxy.h" #include "accesstoken_log.h" - #include "parcel.h" #include "string_ex.h" @@ -33,21 +32,76 @@ TokenSyncManagerProxy::TokenSyncManagerProxy(const sptr& impl) : TokenSyncManagerProxy::~TokenSyncManagerProxy() {} -int TokenSyncManagerProxy::VerifyPermission( - const std::string& bundleName, const std::string& permissionName, int userId) +int TokenSyncManagerProxy::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) { MessageParcel data; data.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); - if (!data.WriteString(bundleName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write bundleName", __func__); + if (!data.WriteString(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write deviceID"); + return -1; + } + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); + return -1; + } + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return -1; + } + int32_t requestResult = remote->SendRequest( + static_cast(ITokenSyncManager::InterfaceCode::GET_REMOTE_HAP_TOKEN_INFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); return -1; } - if (!data.WriteString(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write permissionName", __func__); + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int TokenSyncManagerProxy::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) +{ + MessageParcel data; + data.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); + if (!data.WriteUint32(tokenID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID"); return -1; } - if (!data.WriteInt32(userId)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: Failed to write userId", __func__); + + MessageParcel reply; + MessageOption option; + sptr remote = Remote(); + if (remote == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); + return -1; + } + int32_t requestResult = remote->SendRequest( + static_cast(ITokenSyncManager::InterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO), data, reply, option); + if (requestResult != NO_ERROR) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); + return -1; + } + + int32_t result = reply.ReadInt32(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); + return result; +} + +int TokenSyncManagerProxy::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) +{ + MessageParcel data; + data.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); + + HapTokenInfoForSyncParcel tokenInfoParcel; + tokenInfoParcel.hapTokenInfoForSyncParams = tokenInfo; + + if (!data.WriteParcelable(&tokenInfoParcel)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenInfo"); return -1; } @@ -55,18 +109,18 @@ int TokenSyncManagerProxy::VerifyPermission( MessageOption option; sptr remote = Remote(); if (remote == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: remote service null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null."); return -1; } int32_t requestResult = remote->SendRequest( - static_cast(ITokenSyncManager::InterfaceCode::VERIFY_PERMISSION), data, reply, option); + static_cast(ITokenSyncManager::InterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO), data, reply, option); if (requestResult != NO_ERROR) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s send request fail, result: %{public}d", __func__, requestResult); + ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult); return -1; } int32_t result = reply.ReadInt32(); - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s get result from server data = %{public}d", __func__, result); + ACCESSTOKEN_LOG_DEBUG(LABEL, "get result from server data = %{public}d", result); return result; } } // namespace AccessToken diff --git a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h b/interfaces/innerkits/tokensync/src/token_sync_manager_proxy.h similarity index 74% rename from interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h rename to interfaces/innerkits/tokensync/src/token_sync_manager_proxy.h index c92e8be00..6e251e961 100644 --- a/interfaces/innerkits/tokensync/src/tokensync_manager_proxy.h +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_proxy.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -18,7 +18,9 @@ #include -#include "i_tokensync_manager.h" +#include "access_token.h" +#include "hap_token_info_for_sync_parcel.h" +#include "i_token_sync_manager.h" #include "iremote_broker.h" #include "iremote_proxy.h" @@ -30,7 +32,9 @@ public: explicit TokenSyncManagerProxy(const sptr& impl); virtual ~TokenSyncManagerProxy() override; - int VerifyPermission(const std::string& packageName, const std::string& permissionName, int userId) override; + int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) override; + int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) override; + int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) override; private: static inline BrokerDelegator delegator_; diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index 867549338..87a14097b 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -21,12 +21,13 @@ ohos_unittest("libtokensync_sdk_test") { include_dirs = [ "//utils/native/base/include", "//third_party/googletest/include", + "//base/security/access_token/interfaces/innerkits/tokensync/include", #"//base/security/permission/interfaces/innerkits/permission_standard/permissionsdk/main/cpp/include/permission/", - "//base/security/access_token/interfaces/innerkits/tokensync/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] - sources = [ "unittest/src/tokensync_kit_test.cpp" ] + sources = [ "unittest/src/token_sync_kit_test.cpp" ] cflags_cc = [ "-DHILOG_ENABLE" ] diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp similarity index 93% rename from interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp rename to interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp index fab924095..f4587575b 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.cpp @@ -13,9 +13,9 @@ * limitations under the License. */ -#include "tokensync_kit_test.h" +#include "token_sync_kit_test.h" -#include "tokensync_kit.h" +#include "token_sync_kit.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h b/interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.h similarity index 100% rename from interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.h rename to interfaces/innerkits/tokensync/test/unittest/src/token_sync_kit_test.h diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index a77a08994..62358bea1 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -33,6 +33,7 @@ ohos_shared_library("accesstoken_manager_service") { "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/tokensync/include", "//third_party/json/include", ] @@ -52,9 +53,11 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/src/service/accesstoken_manager_stub.cpp", "main/cpp/src/token/accesstoken_id_manager.cpp", "main/cpp/src/token/accesstoken_info_manager.cpp", + "main/cpp/src/token/accesstoken_remote_token_manager.cpp", "main/cpp/src/token/hap_token_info_inner.cpp", "main/cpp/src/token/native_token_info_inner.cpp", "main/cpp/src/token/native_token_receptor.cpp", + "main/cpp/src/token/token_modify_notifier.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] @@ -64,6 +67,7 @@ ohos_shared_library("accesstoken_manager_service") { #"//base/security/accesstoken/frameworks/accesstooken/common:permission_standard_infrastructure_cxx", "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", "//base/security/access_token/services/accesstokenmanager:access_token.rc", "//third_party/sqlite:sqlite", "//utils/native/base:utils", diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h index 84dc327c7..3208b6f20 100644 --- a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h +++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h @@ -48,6 +48,7 @@ public: int QueryPermissionFlag(const std::string& permissionName); void UpdatePermissionStatus(const std::string& permissionName, bool isGranted, int flag); void ToString(std::string& info); + void GetPermissionStateList(std::vector& stateList); private: static void MergePermissionStateFull(std::vector& permStateList, diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index 401437f40..cbb3cfa14 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -25,6 +25,7 @@ #include "singleton.h" #include "system_ability.h" #include "hap_token_info.h" +#include "access_token.h" namespace OHOS { namespace Security { @@ -57,7 +58,15 @@ public: int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override; int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override; + int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override; + int GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) override; + int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSyncParcel& hapSyncParcel) override; + int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoParcel) override; + int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) override; + int DeleteRemoteDeviceTokens(const std::string& deviceID) override; + int DumpToken(std::string& dumpInfo) override; private: bool Initialize() const; diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h index f01b0edec..c4fbb77e1 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -53,6 +53,15 @@ private: void CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply); void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply); + void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply); + void GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void SetRemoteNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply); + void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply); + void GetRemoteHapTokenIDInner(MessageParcel& data, MessageParcel& reply); + void DumpTokenInner(MessageParcel& data, MessageParcel& reply); + bool IsAuthorizedCalling() const; static const int SYSTEM_UID = 1000; static const int ROOT_UID = 0; diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index c8a337350..3e32c69a7 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -53,6 +53,17 @@ public: void Dump(std::string& dumpInfo); void RefreshTokenInfoIfNeeded(); + /* tokensync needed */ + int GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync); + int GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSync& hapSync); + void GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes); + int SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync); + int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList); + int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID); + int DeleteRemoteDeviceTokens(const std::string& deviceID); + private: AccessTokenInfoManager(); DISALLOW_COPY_AND_MOVE(AccessTokenInfoManager); diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_remote_token_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_remote_token_manager.h new file mode 100644 index 000000000..8cb735f6f --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_remote_token_manager.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_TOKEN_REMOTE_TOKEN_MANAGER_H +#define ACCESSTOKEN_TOKEN_REMOTE_TOKEN_MANAGER_H + +#include +#include +#include + +#include "access_token.h" +#include "hap_token_info.h" +#include "hap_token_info_inner.h" +#include "native_token_info.h" +#include "native_token_info_inner.h" +#include "nocopyable.h" +#include "rwlock.h" +#include "thread_pool.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class AccessTokenRemoteDevice final { +public: + std::string DeviceID_; // networkID + std::map MappingTokenIDPairMap_; +}; + +class AccessTokenRemoteTokenManager final { +public: + static AccessTokenRemoteTokenManager& GetInstance(); + ~AccessTokenRemoteTokenManager(); + AccessTokenID MapRemoteDeviceTokenToLocal(const std::string& deviceID, AccessTokenID remoteID); + int GetDeviceAllRemoteTokenID(const std::string& deviceID, std::vector& mapIDs); + AccessTokenID GetDeviceMappingTokenID(const std::string& deviceID, AccessTokenID remoteID); + int RemoveDeviceMappingTokenID(const std::string& deviceID, AccessTokenID remoteID); + +private: + AccessTokenRemoteTokenManager(); + DISALLOW_COPY_AND_MOVE(AccessTokenRemoteTokenManager); + + OHOS::Utils::RWLock remoteDeviceLock_; + std::map remoteDeviceMap_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ACCESSTOKEN_TOKEN_REMOTE_TOKEN_MANAGER_H + diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index 9d3557e43..b41808fbc 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -32,11 +32,12 @@ namespace Security { namespace AccessToken { class HapTokenInfoInner final { public: - HapTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), userID_(0), - instIndex_(0), apl_(APL_NORMAL) {}; + HapTokenInfoInner(); + HapTokenInfoInner(AccessTokenID id, const HapInfoParams& info, const HapPolicyParams& policy); + HapTokenInfoInner(AccessTokenID id, const HapTokenInfo &info, + const std::vector& permStateList); virtual ~HapTokenInfoInner(); - void Init(AccessTokenID id, const HapInfoParams& info, const HapPolicyParams& policy); void Update(const std::string& appIDDesc, const HapPolicyParams& policy); void TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const; void StoreHapInfo(std::vector& hapInfoValues, @@ -46,26 +47,25 @@ public: const std::vector& permDefRes, const std::vector& permStateRes); std::shared_ptr GetHapInfoPermissionPolicySet() const; + HapTokenInfo GetHapInfoBasic() const; int GetUserID() const; std::string GetBundleName() const; int GetInstIndex() const; AccessTokenID GetTokenID() const; void ToString(std::string& info) const; + bool IsRemote() const; + void SetRemote(bool isRemote); private: void StoreHapBasicInfo(std::vector& valueList) const; void TranslationIntoGenericValues(GenericValues& outGenericValues) const; int RestoreHapTokenBasicInfo(const GenericValues& inGenericValues); - char ver_; - AccessTokenID tokenID_; - AccessTokenAttr tokenAttr_; - int userID_; - std::string bundleName_; - int instIndex_; - std::string appID_; - std::string deviceID_; - ATokenAplEnum apl_; + HapTokenInfo tokenInfoBasic_; + + // true means sync from remote. + bool isRemote_; + std::shared_ptr permPolicySet_; }; } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h index 1a646f8c1..527d176d1 100644 --- a/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/native_token_info_inner.h @@ -34,7 +34,7 @@ static const std::string JSON_DCAPS = "dcaps"; class NativeTokenInfoInner final { public: - NativeTokenInfoInner() : ver_(DEFAULT_TOKEN_VERSION), tokenID_(0), tokenAttr_(0), apl_(APL_NORMAL) {}; + NativeTokenInfoInner(); NativeTokenInfoInner(NativeTokenInfo& info); virtual ~NativeTokenInfoInner(); @@ -51,18 +51,17 @@ public: std::vector GetDcap() const; AccessTokenID GetTokenID() const; std::string GetProcessName() const; - bool FromJsonString(const std::string& jsonString); + NativeTokenInfo GetNativeTokenInfo() const; + bool IsRemote() const; + void SetRemote(bool isRemote); private: int TranslationIntoGenericValues(GenericValues& outGenericValues) const; std::string DcapToString(const std::vector& dcap) const; - char ver_; - AccessTokenID tokenID_; - AccessTokenAttr tokenAttr_; - std::string processName_; - ATokenAplEnum apl_; - std::vector dcap_; + // true means sync from remote. + bool isRemote_; + NativeTokenInfo tokenInfoBasic_; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h new file mode 100644 index 000000000..c884f37b2 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/token/token_modify_notifier.h @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKEN_MODIFY_NOTIFIER_H +#define TOKEN_MODIFY_NOTIFIER_H + +#include +#include + +#include "access_token.h" +#include "nocopyable.h" +#include "rwlock.h" +#include "thread_pool.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class TokenModifyNotifier final { +public: + static TokenModifyNotifier& GetInstance(); + ~TokenModifyNotifier(); + void AddHapTokenObservation(AccessTokenID tokenID); + void NotifyTokenDelete(AccessTokenID tokenID); + void NotifyTokenModify(AccessTokenID tokenID); + void NotifyTokenChangedIfNeed(); + void NotifyTokenSyncTask(); + +private: + TokenModifyNotifier(); + DISALLOW_COPY_AND_MOVE(TokenModifyNotifier); + + bool hasInited_; + OHOS::Utils::RWLock initLock_; + OHOS::Utils::RWLock Notifylock_; + OHOS::ThreadPool notifyTokenWorker_; + std::set observationSet_; + std::vector deleteTokenList_; + std::vector modifiedTokenList_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // TOKEN_MODIFY_NOTIFIER_H + diff --git a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp index 4052d8210..d601e0ed4 100644 --- a/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp @@ -51,7 +51,7 @@ int DataTranslator::TranslationIntoPermissionDef(const GenericValues& inGenericV outPermissionDef.grantMode = inGenericValues.GetInt(FIELD_GRANT_MODE); int aplNum = inGenericValues.GetInt(FIELD_AVAILABLE_LEVEL); if (!DataValidator::IsAplNumValid(aplNum)) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s:Apl is wrong.", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "Apl is wrong."); return RET_FAILED; } outPermissionDef.availableLevel = (ATokenAplEnum)aplNum; @@ -69,7 +69,7 @@ int DataTranslator::TranslationIntoGenericValues(const PermissionStateFull& inPe { if (grantIndex >= inPermissionState.resDeviceID.size() || grantIndex >= inPermissionState.grantStatus.size() || grantIndex >= inPermissionState.grantFlags.size()) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: perm status grant size is wrong", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "perm status grant size is wrong"); return RET_FAILED; } outGenericValues.Put(FIELD_PERMISSION_NAME, inPermissionState.permissionName); @@ -86,27 +86,27 @@ int DataTranslator::TranslationIntoPermissionStateFull(const GenericValues& inGe outPermissionState.isGeneral = ((inGenericValues.GetInt(FIELD_GRANT_IS_GENERAL) == 1) ? true : false); outPermissionState.permissionName = inGenericValues.GetString(FIELD_PERMISSION_NAME); if (!DataValidator::IsPermissionNameValid(outPermissionState.permissionName)) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: permission name is wrong", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "permission name is wrong"); return RET_FAILED; } std::string devID = inGenericValues.GetString(FIELD_DEVICE_ID); if (!DataValidator::IsDeviceIdValid(devID)) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: devID is wrong", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "devID is wrong"); return RET_FAILED; } outPermissionState.resDeviceID.push_back(devID); int grantStatus = (PermissionState)inGenericValues.GetInt(FIELD_GRANT_STATE); if (!PermissionValidator::IsGrantStatusValid(grantStatus)) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: grantStatus is wrong", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "grantStatus is wrong"); return RET_FAILED; } outPermissionState.grantStatus.push_back(grantStatus); int grantFlag = (PermissionState)inGenericValues.GetInt(FIELD_GRANT_FLAG); if (!PermissionValidator::IsPermissionFlagValid(grantFlag)) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: grantFlag is wrong", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "grantFlag is wrong"); return RET_FAILED; } outPermissionState.grantFlags.push_back(grantFlag); diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp index 618b9cf2d..0e878fd33 100644 --- a/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_helper.cpp @@ -66,7 +66,7 @@ void SqliteHelper::Open() void SqliteHelper::Close() { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return; } int ret = sqlite3_close(db_); @@ -80,14 +80,14 @@ void SqliteHelper::Close() int SqliteHelper::BeginTransaction() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return GENERAL_ERROR; } char* errorMessage = nullptr; int result = 0; int ret = sqlite3_exec(db_, "BEGIN;", nullptr, nullptr, &errorMessage); if (ret != SQLITE_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + ACCESSTOKEN_LOG_ERROR(LABEL, "failed, errorMsg: %{public}s", errorMessage); result = GENERAL_ERROR; } sqlite3_free(errorMessage); @@ -97,14 +97,14 @@ int SqliteHelper::BeginTransaction() const int SqliteHelper::CommitTransaction() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return GENERAL_ERROR; } char* errorMessage = nullptr; int result = 0; int ret = sqlite3_exec(db_, "COMMIT;", nullptr, nullptr, &errorMessage); if (ret != SQLITE_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + ACCESSTOKEN_LOG_ERROR(LABEL, "failed, errorMsg: %{public}s", errorMessage); result = GENERAL_ERROR; } sqlite3_free(errorMessage); @@ -114,14 +114,14 @@ int SqliteHelper::CommitTransaction() const int SqliteHelper::RollbackTransaction() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return GENERAL_ERROR; } int result = 0; char* errorMessage = nullptr; int ret = sqlite3_exec(db_, "ROLLBACK;", nullptr, nullptr, &errorMessage); if (ret != SQLITE_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + ACCESSTOKEN_LOG_ERROR(LABEL, "failed, errorMsg: %{public}s", errorMessage); result = GENERAL_ERROR; } sqlite3_free(errorMessage); @@ -136,14 +136,14 @@ Statement SqliteHelper::Prepare(const std::string& sql) const int SqliteHelper::ExecuteSql(const std::string& sql) const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return GENERAL_ERROR; } char* errorMessage = nullptr; int result = 0; int res = sqlite3_exec(db_, sql.c_str(), nullptr, nullptr, &errorMessage); if (res != SQLITE_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, errorMessage); + ACCESSTOKEN_LOG_ERROR(LABEL, "failed, errorMsg: %{public}s", errorMessage); result = GENERAL_ERROR; } sqlite3_free(errorMessage); @@ -153,7 +153,7 @@ int SqliteHelper::ExecuteSql(const std::string& sql) const int SqliteHelper::GetVersion() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return GENERAL_ERROR; } auto statement = Prepare(PRAGMA_VERSION_COMMAND); @@ -161,14 +161,14 @@ int SqliteHelper::GetVersion() const while (statement.Step() == Statement::State::ROW) { version = statement.GetColumnInt(0); } - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: version: %{public}d", __func__, version); + ACCESSTOKEN_LOG_INFO(LABEL, "version: %{public}d", version); return version; } void SqliteHelper::SetVersion() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return; } auto statement = Prepare(PRAGMA_VERSION_COMMAND + " = " + std::to_string(currentVersion_)); @@ -178,7 +178,7 @@ void SqliteHelper::SetVersion() const std::string SqliteHelper::SpitError() const { if (db_ == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: do open data base first!", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "do open data base first!"); return ""; } return sqlite3_errmsg(db_); diff --git a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp index 46c1d3797..f929760e3 100644 --- a/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp +++ b/services/accesstokenmanager/main/cpp/src/database/sqlite_storage.cpp @@ -112,17 +112,17 @@ int SqliteStorage::Add(const DataType type, const std::vector& va } int ret = statement.Step(); if (ret != Statement::State::DONE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: failed, errorMsg: %{public}s", __func__, SpitError().c_str()); + ACCESSTOKEN_LOG_ERROR(LABEL, "failed, errorMsg: %{public}s", SpitError().c_str()); isExecuteSuccessfully = false; } statement.Reset(); } if (!isExecuteSuccessfully) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: rollback transaction.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "rollback transaction."); RollbackTransaction(); return FAILURE; } - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: commit transaction.", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "commit transaction."); CommitTransaction(); return SUCCESS; } @@ -190,17 +190,17 @@ int SqliteStorage::RefreshAll(const DataType type, const std::vector cacheGuard(this->cacheLock_); auto it = permissionDefinitionMap_.find(info.permissionName); if (it != permissionDefinitionMap_.end()) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s: info for permission: %{public}s has been insert, please check!", - __func__, info.permissionName.c_str()); + ACCESSTOKEN_LOG_WARN(LABEL, "info for permission: %{public}s has been insert, please check!", + info.permissionName.c_str()); return false; } permissionDefinitionMap_[info.permissionName] = info; @@ -77,7 +77,7 @@ int PermissionDefinitionCache::FindByPermissionName(const std::string& permissio Utils::UniqueReadGuard cacheGuard(this->cacheLock_); auto it = permissionDefinitionMap_.find(permissionName); if (it == permissionDefinitionMap_.end()) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: can not find definition info for permission: %{public}s", __func__, + ACCESSTOKEN_LOG_DEBUG(LABEL, "can not find definition info for permission: %{public}s", permissionName.c_str()); return RET_FAILED; } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index f648a59b3..018a3f2fa 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -19,6 +19,7 @@ #include "accesstoken_log.h" #include "permission_definition_cache.h" #include "permission_validator.h" +#include "token_modify_notifier.h" namespace OHOS { namespace Security { @@ -54,7 +55,7 @@ void PermissionManager::AddDefPermissions(std::shared_ptr tok permPolicySet->GetDefPermissions(permList); for (auto perm : permList) { if (!PermissionValidator::IsPermissionDefValid(perm)) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: invalid permission definition info: %{public}s", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "invalid permission definition info: %{public}s", TransferPermissionDefToString(perm).c_str()); continue; } @@ -67,7 +68,7 @@ void PermissionManager::AddDefPermissions(std::shared_ptr tok if (!PermissionDefinitionCache::GetInstance().HasDefinition(perm.permissionName)) { PermissionDefinitionCache::GetInstance().Insert(perm); } else { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: permission %{public}s has define", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "permission %{public}s has define", TransferPermissionDefToString(perm).c_str()); } } @@ -79,7 +80,7 @@ void PermissionManager::RemoveDefPermissions(AccessTokenID tokenID) std::shared_ptr tokenInfo = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); if (tokenInfo == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params(tokenID: 0x%{public}x)!", __func__, tokenID); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params(tokenID: 0x%{public}x)!", tokenID); return; } std::string bundleName = tokenInfo->GetBundleName(); @@ -91,18 +92,25 @@ int PermissionManager::VerifyAccessToken(AccessTokenID tokenID, const std::strin ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, tokenID, permissionName.c_str()); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return PERMISSION_DENIED; } - if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { + std::shared_ptr tokenInfoPtr = + AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); + if (tokenInfoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "can not find tokenInfo!"); + return PERMISSION_DENIED; + } + + if (!tokenInfoPtr->IsRemote() && !PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); return PERMISSION_DENIED; } std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return PERMISSION_DENIED; } @@ -113,12 +121,12 @@ int PermissionManager::GetDefPermission(const std::string& permissionName, Permi { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permissionName: %{public}s", __func__, permissionName.c_str()); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return RET_FAILED; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); return RET_FAILED; } return PermissionDefinitionCache::GetInstance().FindByPermissionName(permissionName, permissionDefResult); @@ -130,7 +138,7 @@ int PermissionManager::GetDefPermissions(AccessTokenID tokenID, std::vector permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return RET_FAILED; } @@ -146,7 +154,7 @@ int PermissionManager::GetReqPermissions( std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return RET_FAILED; } @@ -168,18 +176,18 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, tokenID, permissionName.c_str()); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return DEFAULT_PERMISSION_FLAGS; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); return DEFAULT_PERMISSION_FLAGS; } std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return DEFAULT_PERMISSION_FLAGS; } return permPolicySet->QueryPermissionFlag(permissionName); @@ -191,11 +199,15 @@ void PermissionManager::UpdateTokenPermissionState( std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } permPolicySet->UpdatePermissionStatus(permissionName, isGranted, flag); + std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); + if (infoPtr != nullptr && !infoPtr->IsRemote()) { + TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); + } AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); } @@ -205,16 +217,16 @@ void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, tokenID, permissionName.c_str(), flag); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); return; } if (!PermissionValidator::IsPermissionFlagValid(flag)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } UpdateTokenPermissionState(tokenID, permissionName, true, flag); @@ -226,16 +238,16 @@ void PermissionManager::RevokePermission(AccessTokenID tokenID, const std::strin "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, tokenID, permissionName.c_str(), flag); if (!PermissionValidator::IsPermissionNameValid(permissionName)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } if (!PermissionDefinitionCache::GetInstance().HasDefinition(permissionName)) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: no definition for permission: %{public}s!", __func__, permissionName.c_str()); + LABEL, "no definition for permission: %{public}s!", permissionName.c_str()); return; } if (!PermissionValidator::IsPermissionFlagValid(flag)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } UpdateTokenPermissionState(tokenID, permissionName, false, flag); @@ -247,7 +259,7 @@ void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) std::shared_ptr permPolicySet = AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); if (permPolicySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: invalid params!", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp index 31e64a4a0..9cb3d0507 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp @@ -96,7 +96,7 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic { std::shared_ptr policySet = std::make_shared(); if (policySet == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x new failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x new failed.", tokenId); return nullptr; } policySet->tokenId_ = tokenId; @@ -108,7 +108,7 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic if (ret == RET_SUCCESS) { policySet->permList_.emplace_back(def); } else { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x permDef is wrong.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x permDef is wrong.", tokenId); } } } @@ -120,8 +120,7 @@ std::shared_ptr PermissionPolicySet::RestorePermissionPolic if (ret == RET_SUCCESS) { MergePermissionStateFull(policySet->permStateList_, state); } else { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x permState is wrong.", - __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x permState is wrong.", tokenId); } } } @@ -238,6 +237,14 @@ void PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionNa } } +void PermissionPolicySet::GetPermissionStateList(std::vector& stateList) +{ + Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); + for (auto& state : permStateList_) { + stateList.emplace_back(state); + } +} + void PermissionPolicySet::PermDefToString(const PermissionDef& def, std::string& info) const { info.append(R"({"permissionName": ")" + def.permissionName + R"(")"); @@ -288,8 +295,10 @@ void PermissionPolicySet::PermStateFullToString(const PermissionStateFull& state void PermissionPolicySet::ToString(std::string& info) { Utils::UniqueReadGuard infoGuard(this->permPolicySetLock_); - info.append(R"(, "permDefList": [)"); + info.append(",\n\t"); + info.append(R"("permDefList": [)"); for (auto iter = permList_.begin(); iter != permList_.end(); iter++) { + info.append("\n\t\t"); PermDefToString(*iter, info); if (iter != (permList_.end() - 1)) { info.append(","); @@ -297,8 +306,10 @@ void PermissionPolicySet::ToString(std::string& info) } info.append("]"); - info.append(R"(, "permStateList": [)"); + info.append(",\n\t"); + info.append(R"("permStateList": [)"); for (auto iter = permStateList_.begin(); iter != permStateList_.end(); iter++) { + info.append("\n\t\t"); PermStateFullToString(*iter, info); if (iter != (permStateList_.end() - 1)) { info.append(","); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 3647ab976..848675ec4 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -116,8 +116,6 @@ void PermissionValidator::DeduplicateResDevID(const PermissionStateFull& permSta result.resDeviceID.emplace_back(*it); result.grantStatus.emplace_back(*stateIter); result.grantFlags.emplace_back(*flagIter); - ++stateIter; - ++flagIter; } result.permissionName = permState.permissionName; result.isGeneral = permState.isGeneral; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index df942dcf3..4fe4e741b 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -167,7 +167,7 @@ AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& in int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( info.hapInfoParameter, policy.hapPolicyParameter, tokenIdEx); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, hap token info create failed", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "hap token info create failed"); } return tokenIdEx; } @@ -231,6 +231,74 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT return AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, InfoParcel.nativeTokenInfoParams); } +int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSyncParcel& hapSyncParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + + return AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenID, + hapSyncParcel.hapTokenInfoForSyncParams); +} + +int AccessTokenManagerService::GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + + std::vector nativeVec; + AccessTokenInfoManager::GetInstance().GetAllNativeTokenInfo(nativeVec); + for (auto& native : nativeVec) { + NativeTokenInfoParcel nativeParcel; + nativeParcel.nativeTokenInfoParams = native; + nativeTokenInfosRes.emplace_back(nativeParcel); + } + + return RET_SUCCESS; +} + +int AccessTokenManagerService::SetRemoteHapTokenInfo(const std::string& deviceID, + HapTokenInfoForSyncParcel& hapSyncParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: 0x%{public}s", __func__, deviceID.c_str()); + + return AccessTokenInfoManager::GetInstance().SetRemoteHapTokenInfo(deviceID, + hapSyncParcel.hapTokenInfoForSyncParams); +} + +int AccessTokenManagerService::SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoParcel) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: 0x%{public}s", __func__, deviceID.c_str()); + + std::vector nativeList; + + for (auto& nativeParcel : nativeTokenInfoParcel) { + nativeList.emplace_back(nativeParcel.nativeTokenInfoParams); + } + + return AccessTokenInfoManager::GetInstance().SetRemoteNativeTokenInfo(deviceID, nativeList); +} + +int AccessTokenManagerService::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s, token id %{public}d", + __func__, deviceID.c_str(), tokenID); + + return AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID); +} + +int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& deviceID) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s", __func__, deviceID.c_str()); + + return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID); +} + +int AccessTokenManagerService::DumpToken(std::string& dumpInfo) +{ + AccessTokenInfoManager::GetInstance().Dump(dumpInfo); + return 0; +} + bool AccessTokenManagerService::Initialize() const { AccessTokenInfoManager::GetInstance().Init(); diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 377c5dd1e..afb050cda 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -51,7 +51,7 @@ int32_t AccessTokenManagerStub::OnRemoteRequest( void AccessTokenManagerStub::DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply) { if (!IsAuthorizedCalling()) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "permission denied"); reply.WriteInt32(RET_FAILED); return; } @@ -98,7 +98,7 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message std::vector permList; int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); + ACCESSTOKEN_LOG_INFO(LABEL, "permList size: %{public}d", (int) permList.size()); reply.WriteInt32((int32_t)permList.size()); for (auto permDef : permList) { reply.WriteParcelable(&permDef); @@ -116,7 +116,7 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && VerifyAccessToken(callingTokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "permission denied"); reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); return; } @@ -133,7 +133,7 @@ void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessagePa int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "permission denied"); reply.WriteInt32(RET_FAILED); return; } @@ -150,7 +150,7 @@ void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageP int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "permission denied"); reply.WriteInt32(RET_FAILED); return; } @@ -276,6 +276,111 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag reply.WriteInt32(result); } +void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + AccessTokenID tokenID = data.ReadUint32(); + HapTokenInfoForSyncParcel hapTokenParcel; + + int result = this->GetHapTokenInfoFromRemote(tokenID, hapTokenParcel); + reply.WriteParcelable(&hapTokenParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::vector nativeTokenInfosRes; + int result = this->GetAllNativeTokenInfo(nativeTokenInfosRes); + reply.WriteUint32(nativeTokenInfosRes.size()); + for (auto native : nativeTokenInfosRes) { + reply.WriteParcelable(&native); + } + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string deviceID = data.ReadString(); + sptr hapTokenParcel = data.ReadParcelable(); + int result = this->SetRemoteHapTokenInfo(deviceID, *hapTokenParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::SetRemoteNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string deviceID = data.ReadString(); + + std::vector nativeTokenInfoParcel; + uint32_t size = data.ReadUint32(); + + for (uint32_t i = 0; i < size; i++) { + sptr nativeParcel = data.ReadParcelable(); + nativeTokenInfoParcel.emplace_back(*nativeParcel); + } + + int result = this->SetRemoteNativeTokenInfo(deviceID, nativeTokenInfoParcel); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string deviceID = data.ReadString(); + AccessTokenID tokenID = data.ReadUint32(); + + int result = this->DeleteRemoteToken(deviceID, tokenID); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string deviceID = data.ReadString(); + + int result = this->DeleteRemoteDeviceTokens(deviceID); + reply.WriteInt32(result); +} + +void AccessTokenManagerStub::DumpTokenInner(MessageParcel& data, MessageParcel& reply) +{ + if (!IsAuthorizedCalling()) { + ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); + reply.WriteInt32(RET_FAILED); + return; + } + std::string dumpInfo; + int result = this->DumpToken(dumpInfo); + reply.WriteString(dumpInfo); + reply.WriteUint32(result); +} + bool AccessTokenManagerStub::IsAuthorizedCalling() const { int callingUid = IPCSkeleton::GetCallingUid(); @@ -319,6 +424,20 @@ AccessTokenManagerStub::AccessTokenManagerStub() &AccessTokenManagerStub::GetHapTokenInfoInner; requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN)] = &AccessTokenManagerStub::UpdateHapTokenInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_FROM_REMOTE)] = + &AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::GET_ALL_NATIVE_TOKEN_FROM_REMOTE)] = + &AccessTokenManagerStub::GetAllNativeTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::SET_REMOTE_HAP_TOKEN_INFO)] = + &AccessTokenManagerStub::SetRemoteHapTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::SET_REMOTE_NATIVE_TOKEN_INFO)] = + &AccessTokenManagerStub::SetRemoteNativeTokenInfoInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_TOKEN_INFO)] = + &AccessTokenManagerStub::DeleteRemoteTokenInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_DEVICE_TOKEN)] = + &AccessTokenManagerStub::DeleteRemoteDeviceTokensInner; + requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::DUMP)] = + &AccessTokenManagerStub::DumpTokenInner; } AccessTokenManagerStub::~AccessTokenManagerStub() diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp index 4237a5104..7bedb7555 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp @@ -65,7 +65,7 @@ AccessTokenID AccessTokenIDManager::CreateTokenId(ATokenTypeEnum type) const { unsigned int rand = GetRandomUint32(); if (rand == 0) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, get random failed", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "get random failed"); return 0; } @@ -85,7 +85,7 @@ AccessTokenID AccessTokenIDManager::CreateAndRegisterTokenId(ATokenTypeEnum type for (int i = 0; i < MAX_CREATE_TOKEN_ID_RETRY; i++) { tokenId = CreateTokenId(type); if (tokenId == 0) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, create tokenId failed", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "create tokenId failed"); return 0; } @@ -93,9 +93,9 @@ AccessTokenID AccessTokenIDManager::CreateAndRegisterTokenId(ATokenTypeEnum type if (ret == RET_SUCCESS) { break; } else if (i == MAX_CREATE_TOKEN_ID_RETRY - 1) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, reigster tokenId failed, maybe repeat, retry", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "reigster tokenId failed, maybe repeat, retry"); } else { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, reigster tokenId finally failed", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "reigster tokenId finally failed"); } } return tokenId; @@ -105,7 +105,7 @@ void AccessTokenIDManager::ReleaseTokenId(AccessTokenID id) { Utils::UniqueWriteGuard idGuard(this->tokenIdLock_); if (tokenIdSet_.count(id) == 0) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, id %{public}x is not exist", __func__, id); + ACCESSTOKEN_LOG_INFO(LABEL, "id %{public}x is not exist", id); return; } tokenIdSet_.erase(id); diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 1c7483c47..4fa86d047 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -17,6 +17,7 @@ #include "accesstoken_id_manager.h" #include "accesstoken_log.h" +#include "accesstoken_remote_token_manager.h" #include "data_storage.h" #include "data_translator.h" #include "data_validator.h" @@ -24,6 +25,8 @@ #include "generic_values.h" #include "hap_token_info_inner.h" #include "permission_manager.h" +#include "token_modify_notifier.h" +#include "token_sync_kit.h" namespace OHOS { namespace Security { @@ -32,8 +35,7 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenInfoManager"}; } -AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) -{} +AccessTokenInfoManager::AccessTokenInfoManager() : hasInited_(false) {} AccessTokenInfoManager::~AccessTokenInfoManager() { @@ -73,32 +75,31 @@ void AccessTokenInfoManager::InitHapTokenInfos() AccessTokenID tokenId = (AccessTokenID)tokenValue.GetInt(FIELD_TOKEN_ID); int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_HAP); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add id failed.", - __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x add id failed.", tokenId); continue; } std::shared_ptr hap = std::make_shared(); if (hap == nullptr) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x alloc failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x alloc failed.", tokenId); continue; } ret = hap->RestoreHapTokenInfo(tokenId, tokenValue, permDefRes, permStateRes); if (ret != RET_SUCCESS) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x restore failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x restore failed.", tokenId); continue; } ret = AddHapTokenInfo(hap); if (ret != RET_SUCCESS) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x add failed.", tokenId); continue; } ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s:restore hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", - __func__, tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetInstIndex()); + " restore hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", + tokenId, hap->GetBundleName().c_str(), hap->GetUserID(), hap->GetInstIndex()); } } @@ -110,32 +111,32 @@ void AccessTokenInfoManager::InitNativeTokenInfos() AccessTokenID tokenId = (AccessTokenID)nativeTokenValue.GetInt(FIELD_TOKEN_ID); int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(tokenId, TOKEN_NATIVE); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x add failed.", tokenId); continue; } std::shared_ptr native = std::make_shared(); if (native == nullptr) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x alloc failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x alloc failed.", tokenId); continue; } ret = native->RestoreNativeTokenInfo(tokenId, nativeTokenValue); if (ret != RET_SUCCESS) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x restore failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x restore failed.", tokenId); continue; } ret = AddNativeTokenInfo(native); if (ret != RET_SUCCESS) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenId 0x%{public}x add failed.", __func__, tokenId); + ACCESSTOKEN_LOG_ERROR(LABEL, "tokenId 0x%{public}x add failed.", tokenId); continue; } ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s:restore native token 0x%{public}x process name %{public}s ok!", - __func__, tokenId, native->GetProcessName().c_str()); + "restore native token 0x%{public}x process name %{public}s ok!", + tokenId, native->GetProcessName().c_str()); } } @@ -156,7 +157,7 @@ std::string AccessTokenInfoManager::GetHapUniqueStr(const std::shared_ptr& info) { if (info == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: token info is null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "token info is null."); return RET_FAILED; } AccessTokenID id = info->GetTokenID(); @@ -164,45 +165,51 @@ int AccessTokenInfoManager::AddHapTokenInfo(const std::shared_ptr infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) > 0) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x info has exist.", __func__, id); + ACCESSTOKEN_LOG_ERROR(LABEL, "token %{public}x info has exist.", id); return RET_FAILED; } - std::string HapUniqueKey = GetHapUniqueStr(info); - if (hapTokenIdMap_.count(HapUniqueKey) > 0) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x Unique info has exist.", __func__, id); - return RET_FAILED; + if (!info->IsRemote()) { + std::string HapUniqueKey = GetHapUniqueStr(info); + if (hapTokenIdMap_.count(HapUniqueKey) > 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "token %{public}x Unique info has exist.", id); + return RET_FAILED; + } + hapTokenIdMap_[HapUniqueKey] = id; } - hapTokenInfoMap_[id] = info; - hapTokenIdMap_[HapUniqueKey] = id; } - PermissionManager::GetInstance().AddDefPermissions(info, false); - + if (!info->IsRemote()) { + PermissionManager::GetInstance().AddDefPermissions(info, false); + } return RET_SUCCESS; } int AccessTokenInfoManager::AddNativeTokenInfo(const std::shared_ptr& info) { if (info == nullptr) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: token info is null.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "token info is null."); return RET_FAILED; } AccessTokenID id = info->GetTokenID(); std::string processName = info->GetProcessName(); Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); - if (nativeTokenInfoMap_.count(id) > 0 - || nativeTokenIdMap_.count(processName) > 0) { + if (nativeTokenInfoMap_.count(id) > 0) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x process name %{public}s has exist.", - __func__, id, processName.c_str()); + LABEL, "token %{public}x has exist.", id); return RET_FAILED; } + if (!info->IsRemote()) { + if (nativeTokenIdMap_.count(processName) > 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "token %{public}x process name %{public}s has exist.", id, processName.c_str()); + return RET_FAILED; + } + nativeTokenIdMap_[processName] = id; + } nativeTokenInfoMap_[id] = info; - nativeTokenIdMap_[processName] = id; + return RET_SUCCESS; } @@ -211,7 +218,7 @@ std::shared_ptr AccessTokenInfoManager::GetHapTokenInfoInner( Utils::UniqueReadGuard infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + LABEL, "token %{public}x is invalid.", id); return nullptr; } return hapTokenInfoMap_[id]; @@ -222,7 +229,7 @@ int AccessTokenInfoManager::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); if (infoPtr == nullptr) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + LABEL, "token %{public}x is invalid.", tokenID); return RET_FAILED; } infoPtr->TranslateToHapTokenInfo(InfoParcel); @@ -234,7 +241,7 @@ std::shared_ptr AccessTokenInfoManager::GetHapPermissionPol std::shared_ptr infoPtr = GetHapTokenInfoInner(id); if (infoPtr == nullptr) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + LABEL, "token %{public}x is invalid.", id); return nullptr; } return infoPtr->GetHapInfoPermissionPolicySet(); @@ -245,7 +252,7 @@ std::shared_ptr AccessTokenInfoManager::GetNativeTokenInfo Utils::UniqueReadGuard infoGuard(this->nativeTokenInfoLock_); if (nativeTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, id); + LABEL, "token %{public}x is invalid.", id); return nullptr; } return nativeTokenInfoMap_[id]; @@ -256,7 +263,7 @@ int AccessTokenInfoManager::GetNativeTokenInfo(AccessTokenID tokenID, NativeToke std::shared_ptr infoPtr = GetNativeTokenInfoInner(tokenID); if (infoPtr == nullptr) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + LABEL, "token %{public}x is invalid.", tokenID); return RET_FAILED; } @@ -269,35 +276,42 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); if (type != TOKEN_HAP) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is not hap.", __func__, id); + LABEL, "token %{public}x is not hap.", id); + return RET_FAILED; } + bool isRemote = false; // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. PermissionManager::GetInstance().RemoveDefPermissions(id); { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); if (hapTokenInfoMap_.count(id) == 0) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: hap token %{public}x is null.", __func__, id); + ACCESSTOKEN_LOG_ERROR(LABEL, "hap token %{public}x no exist.", id); return RET_FAILED; } const std::shared_ptr info = hapTokenInfoMap_[id]; if (info == nullptr) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: hap token %{public}x is null.", __func__, id); + ACCESSTOKEN_LOG_ERROR(LABEL, "hap token %{public}x is null.", id); return RET_FAILED; } - std::string HapUniqueKey = GetHapUniqueStr(info); - if (hapTokenIdMap_.count(HapUniqueKey) != 0) { - hapTokenIdMap_.erase(HapUniqueKey); + isRemote = info->IsRemote(); + if (!info->IsRemote()) { + std::string HapUniqueKey = GetHapUniqueStr(info); + if (hapTokenIdMap_.count(HapUniqueKey) != 0) { + hapTokenIdMap_.erase(HapUniqueKey); + } } - hapTokenInfoMap_.erase(id); } + AccessTokenIDManager::GetInstance().ReleaseTokenId(id); - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:remove hap token 0x%{public}x ok!", __func__, id); - RefreshTokenInfoIfNeeded(); + ACCESSTOKEN_LOG_INFO(LABEL, "remove hap token 0x%{public}x ok!", id); + if (!isRemote) { + RefreshTokenInfoIfNeeded(); + TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); + } + return RET_SUCCESS; } @@ -306,26 +320,34 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdType(id); if (type != TOKEN_NATIVE) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is not hap.", __func__, id); + LABEL, "token %{public}x is not hap.", id); + return RET_FAILED; } + bool isRemote = false; { Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); if (nativeTokenInfoMap_.count(id) == 0) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: native token %{public}x is null.", __func__, id); + LABEL, "native token %{public}x is null.", id); return RET_FAILED; } - std::string processName = nativeTokenInfoMap_[id]->GetProcessName(); - if (nativeTokenIdMap_.count(processName) != 0) { - nativeTokenIdMap_.erase(processName); + std::shared_ptr info = nativeTokenInfoMap_[id]; + isRemote = info->IsRemote(); + if (!isRemote) { + std::string processName = nativeTokenInfoMap_[id]->GetProcessName(); + if (nativeTokenIdMap_.count(processName) != 0) { + nativeTokenIdMap_.erase(processName); + } } nativeTokenInfoMap_.erase(id); } AccessTokenIDManager::GetInstance().ReleaseTokenId(id); - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:remove hap token 0x%{public}x ok!", __func__, id); - RefreshTokenInfoIfNeeded(); + ACCESSTOKEN_LOG_INFO(LABEL, "remove native token 0x%{public}x ok!", id); + if (!isRemote) { + RefreshTokenInfoIfNeeded(); + } return RET_SUCCESS; } @@ -334,34 +356,32 @@ int AccessTokenInfoManager::CreateHapTokenInfo( { if (!DataValidator::IsUserIdValid(info.userID) || !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || !DataValidator::IsDomainValid(policy.domain)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, hap token param failed", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "hap token param failed"); return RET_FAILED; } AccessTokenID tokenId = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(TOKEN_HAP); if (tokenId == 0) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, token Id create failed", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "token Id create failed"); return RET_FAILED; } - std::shared_ptr tokenInfo = std::make_shared(); + std::shared_ptr tokenInfo = std::make_shared(tokenId, info, policy); if (tokenInfo == nullptr) { AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, alloc token info failed", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "alloc token info failed"); return RET_FAILED; } - tokenInfo->Init(tokenId, info, policy); int ret = AddHapTokenInfo(tokenInfo); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, %{public}s add token info failed", - __func__, info.bundleName.c_str()); + ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s add token info failed", info.bundleName.c_str()); AccessTokenIDManager::GetInstance().ReleaseTokenId(tokenId); return RET_FAILED; } ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s:create hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", - __func__, tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex()); + "create hap token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d ok!", + tokenId, tokenInfo->GetBundleName().c_str(), tokenInfo->GetUserID(), tokenInfo->GetInstIndex()); tokenIdEx.tokenIdExStruct.tokenID = tokenId; tokenIdEx.tokenIdExStruct.tokenAttr = 0; @@ -374,7 +394,7 @@ int AccessTokenInfoManager::CheckNativeDCap(AccessTokenID tokenID, const std::st std::shared_ptr infoPtr = GetNativeTokenInfoInner(tokenID); if (infoPtr == nullptr) { ACCESSTOKEN_LOG_ERROR( - LABEL, "%{public}s: token %{public}x is invalid.", __func__, tokenID); + LABEL, "token %{public}x is invalid.", tokenID); return RET_FAILED; } @@ -397,16 +417,10 @@ AccessTokenID AccessTokenInfoManager::GetHapTokenID(int userID, const std::strin return 0; } -AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remoteDeviceID, - AccessTokenID remoteTokenID) -{ - return 0; -} - bool AccessTokenInfoManager::TryUpdateExistNativeToken(const std::shared_ptr& infoPtr) { if (infoPtr == nullptr) { - ACCESSTOKEN_LOG_WARN(LABEL, "%{public}s called, info is null", __func__); + ACCESSTOKEN_LOG_WARN(LABEL, "info is null"); return false; } @@ -418,7 +432,7 @@ bool AccessTokenInfoManager::TryUpdateExistNativeToken(const std::shared_ptrGetTokenID(), infoPtr->GetProcessName().c_str()); + "token 0x%{public}x process name %{public}s is new, add to manager!", + infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); AccessTokenID id = infoPtr->GetTokenID(); int ret = AccessTokenIDManager::GetInstance().RegisterTokenId(id, TOKEN_NATIVE); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, token Id register fail", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "token Id register fail"); continue; } ret = AddNativeTokenInfo(infoPtr); if (ret != RET_SUCCESS) { AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s: token 0x%{public}x process name %{public}s add to manager failed!", - __func__, infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); + "token 0x%{public}x process name %{public}s add to manager failed!", + infoPtr->GetTokenID(), infoPtr->GetProcessName().c_str()); } } } @@ -476,12 +490,12 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy) { if (!DataValidator::IsAppIDDescValid(appIDDesc)) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:token 0x%{public}x parm format error!", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "token 0x%{public}x parm format error!", tokenID); return RET_FAILED; } std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); if (infoPtr == nullptr) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s:token 0x%{public}x is null, can not update!", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "token 0x%{public}x is null, can not update!", tokenID); return RET_FAILED; } @@ -489,15 +503,238 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); infoPtr->Update(appIDDesc, policy); ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s: token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d update ok!", - __func__, tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); + "token 0x%{public}x bundle name %{public}s user %{public}d inst %{public}d update ok!", + tokenID, infoPtr->GetBundleName().c_str(), infoPtr->GetUserID(), infoPtr->GetInstIndex()); } PermissionManager::GetInstance().AddDefPermissions(infoPtr, true); + if (!infoPtr->IsRemote()) { + TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); + } RefreshTokenInfoIfNeeded(); return RET_SUCCESS; } +int AccessTokenInfoManager::GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) +{ + std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "token %{public}x is invalid.", tokenID); + return RET_FAILED; + } + hapSync.baseInfo = infoPtr->GetHapInfoBasic(); + std::shared_ptr permSetPtr = infoPtr->GetHapInfoPermissionPolicySet(); + if (permSetPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "token %{public}x permSet is invalid.", tokenID); + return RET_FAILED; + } + permSetPtr->GetPermissionStateList(hapSync.permStateList); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSync& hapSync) +{ + int ret = GetHapTokenSync(tokenID, hapSync); + TokenModifyNotifier::GetInstance().AddHapTokenObservation(tokenID); + return ret; +} + +void AccessTokenInfoManager::GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) +{ + Utils::UniqueReadGuard infoGuard(this->nativeTokenInfoLock_); + for (auto nativeTokenInner : nativeTokenInfoMap_) { + std::shared_ptr nativeTokenInnerPtr = nativeTokenInner.second; + if (nativeTokenInnerPtr == nullptr || nativeTokenInnerPtr->IsRemote()) { + continue; + } + NativeTokenInfo token; + nativeTokenInnerPtr->TranslateToNativeTokenInfo(token); + nativeTokenInfosRes.emplace_back(token); + } + return; +} + +int AccessTokenInfoManager::SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync) +{ + if (!DataValidator::IsDeviceIdValid(deviceID) + || !DataValidator::IsUserIdValid(hapSync.baseInfo.userID) + || !DataValidator::IsBundleNameValid(hapSync.baseInfo.bundleName)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", deviceID.c_str()); + return RET_FAILED; + } + + AccessTokenID remoteID = hapSync.baseInfo.tokenID; + AccessTokenID mapID = AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(deviceID, remoteID); + if (mapID != 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x update exist remote hap token %{public}x.", + deviceID.c_str(), remoteID, mapID); + HapPolicyParams policy = { + .apl = hapSync.baseInfo.apl, + .domain = "", // domain not used + .permList = {}, // permission define list never sync. + .permStateList = hapSync.permStateList + }; + return UpdateHapToken(mapID, hapSync.baseInfo.appID, policy); + } + + mapID = AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID); + if (mapID == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s token %{public}x map failed.", deviceID.c_str(), remoteID); + return RET_FAILED; + } + hapSync.baseInfo.tokenID = mapID; + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map to local token %{public}x.", + deviceID.c_str(), remoteID, mapID); + + // update remote token mapping id + hapSync.baseInfo.tokenID = mapID; + std::shared_ptr hap = std::make_shared(mapID, + hapSync.baseInfo, hapSync.permStateList); + if (hap == nullptr) { + AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x alloc local token failed.", + deviceID.c_str(), remoteID); + return RET_FAILED; + } + hap->SetRemote(true); + + int ret = AddHapTokenInfo(hap); + if (ret != RET_SUCCESS) { + AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x add local token failed.", + deviceID.c_str(), remoteID); + return RET_FAILED; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x new map token %{public}x.", + deviceID.c_str(), remoteID, mapID); + return RET_SUCCESS; +} + +int AccessTokenInfoManager::SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoList) +{ + if (!DataValidator::IsDeviceIdValid(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", deviceID.c_str()); + return RET_FAILED; + } + + for (NativeTokenInfo& nativeToken : nativeTokenInfoList) { + if (!DataValidator::IsAplNumValid(nativeToken.apl) + || nativeToken.ver != DEFAULT_TOKEN_VERSION + || !DataValidator::IsProcessNameValid(nativeToken.processName)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s token %{public}x is invalid.", deviceID.c_str(), nativeToken.tokenID); + continue; + } + + AccessTokenID remoteID = nativeToken.tokenID; + AccessTokenID mapID = AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(deviceID, remoteID); + if (mapID == 0) { + mapID = AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID); + } + if (mapID == 0) { + AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s token %{public}x map failed.", + deviceID.c_str(), remoteID); + continue; + } + nativeToken.tokenID = mapID; + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map to local token %{public}x.", + deviceID.c_str(), remoteID, mapID); + + std::shared_ptr nativePtr = std::make_shared(nativeToken); + if (nativePtr == nullptr) { + AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x alloc local token failed.", + deviceID.c_str(), remoteID); + continue; + } + nativePtr->SetRemote(true); + int ret = AddNativeTokenInfo(nativePtr); + if (ret != RET_SUCCESS) { + AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x add local token failed.", + deviceID.c_str(), remoteID); + continue; + } + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map token %{public}x add success.", + deviceID.c_str(), remoteID, mapID); + } + + return RET_SUCCESS; +} + +int AccessTokenInfoManager::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", deviceID.c_str()); + return RET_FAILED; + } + AccessTokenID mapID = AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(deviceID, tokenID); + if (mapID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x is not mapped", + deviceID.c_str(), tokenID); + return RET_FAILED; + } + + ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(mapID); + if (type == TOKEN_HAP) { + RemoveHapTokenInfo(mapID); + } else if (type == TOKEN_NATIVE) { + RemoveNativeTokenInfo(mapID); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "mapping tokenId 0x%{public}x type is unknown", mapID); + } + + return AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, tokenID); +} + +int AccessTokenInfoManager::DeleteRemoteDeviceTokens(const std::string& deviceID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", deviceID.c_str()); + return RET_FAILED; + } + std::vector remoteTokens; + int ret = AccessTokenRemoteTokenManager::GetInstance().GetDeviceAllRemoteTokenID(deviceID, remoteTokens); + if (ret == RET_FAILED) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s have no remote token", deviceID.c_str()); + return RET_FAILED; + } + for (AccessTokenID remoteID : remoteTokens) { + DeleteRemoteToken(deviceID, remoteID); + } + return RET_SUCCESS; +} + +AccessTokenID AccessTokenInfoManager::AllocLocalTokenID(const std::string& remoteDeviceID, + AccessTokenID remoteTokenID) +{ + if (!DataValidator::IsDeviceIdValid(remoteDeviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", remoteDeviceID.c_str()); + return 0; + } + AccessTokenID mapID = AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(remoteDeviceID, + remoteTokenID); + if (mapID != 0) { + return mapID; + } + int ret = TokenSyncKit::GetRemoteHapTokenInfo(remoteDeviceID, remoteTokenID); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s token %{public}x sync failed", + remoteDeviceID.c_str(), remoteTokenID); + return 0; + } + + return AccessTokenRemoteTokenManager::GetInstance().GetDeviceMappingTokenID(remoteDeviceID, remoteTokenID); +} + AccessTokenInfoManager& AccessTokenInfoManager::GetInstance() { static AccessTokenInfoManager instance; @@ -537,9 +774,10 @@ void AccessTokenInfoManager::StoreAllTokenInfo() void AccessTokenInfoManager::RefreshTokenInfoIfNeeded() { if (tokenDataWorker_.GetCurTaskNum() > 1) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: has refresh task!", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "has refresh task!"); return; } + tokenDataWorker_.AddTask([]() { AccessTokenInfoManager::GetInstance().StoreAllTokenInfo(); @@ -553,14 +791,18 @@ void AccessTokenInfoManager::Dump(std::string& dumpInfo) Utils::UniqueReadGuard hapInfoGuard(this->hapTokenInfoLock_); for (auto iter = hapTokenInfoMap_.begin(); iter != hapTokenInfoMap_.end(); iter++) { if (iter->second != nullptr) { + dumpInfo.append("\n"); iter->second->ToString(dumpInfo); + dumpInfo.append("\n"); } } Utils::UniqueReadGuard nativeInfoGuard(this->nativeTokenInfoLock_); for (auto iter = nativeTokenInfoMap_.begin(); iter != nativeTokenInfoMap_.end(); iter++) { if (iter->second != nullptr) { + dumpInfo.append("\n"); iter->second->ToString(dumpInfo); + dumpInfo.append("\n"); } } } diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp new file mode 100644 index 000000000..17cb414d0 --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_remote_token_manager.cpp @@ -0,0 +1,154 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "accesstoken_remote_token_manager.h" + +#include "accesstoken_id_manager.h" +#include "accesstoken_log.h" +#include "data_validator.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, + SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenRemoteTokenManager"}; +} +AccessTokenRemoteTokenManager::AccessTokenRemoteTokenManager() +{} + +AccessTokenRemoteTokenManager::~AccessTokenRemoteTokenManager() +{ +} + +AccessTokenRemoteTokenManager& AccessTokenRemoteTokenManager::GetInstance() +{ + static AccessTokenRemoteTokenManager instance; + return instance; +} + +AccessTokenID AccessTokenRemoteTokenManager::MapRemoteDeviceTokenToLocal(const std::string& deviceID, + AccessTokenID remoteID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s or token %{public}x is invalid.", deviceID.c_str(), remoteID); + return 0; + } + ATokenTypeEnum tokeType = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(remoteID); + if (tokeType != TOKEN_HAP && tokeType != TOKEN_NATIVE) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "token %{public}x type is invalid.", remoteID); + return 0; + } + + AccessTokenID mapID = 0; + Utils::UniqueWriteGuard infoGuard(this->remoteDeviceLock_); + std::map* mapPtr = nullptr; + if (remoteDeviceMap_.count(deviceID) > 0) { + AccessTokenRemoteDevice& device = remoteDeviceMap_[deviceID]; + if (device.MappingTokenIDPairMap_.count(remoteID) > 0) { + mapID = device.MappingTokenIDPairMap_[remoteID]; + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s token %{public}x has already mapped, maptokenID is %{public}x.", + deviceID.c_str(), remoteID, mapID); + return mapID; + } + mapPtr = &device.MappingTokenIDPairMap_; + } else { + AccessTokenRemoteDevice device; + remoteDeviceMap_[deviceID] = device; + mapPtr = &remoteDeviceMap_[deviceID].MappingTokenIDPairMap_; + } + + mapID = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(tokeType); + if (mapID == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s token %{public}x map local Token failed.", + deviceID.c_str(), remoteID); + return 0; + } + mapPtr->insert(std::pair(remoteID, mapID)); + return mapID; +} + +int AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID(const std::string& deviceID, + std::vector& remoteIDs) +{ + if (!DataValidator::IsDeviceIdValid(deviceID)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s is valid.", deviceID.c_str()); + return RET_FAILED; + } + Utils::UniqueReadGuard infoGuard(this->remoteDeviceLock_); + if (remoteDeviceMap_.count(deviceID) < 1) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.", deviceID.c_str()); + return RET_FAILED; + } + + for (auto mapEntry : remoteDeviceMap_[deviceID].MappingTokenIDPairMap_) { + remoteIDs.emplace_back(mapEntry.first); + } + return RET_SUCCESS; +} + +AccessTokenID AccessTokenRemoteTokenManager::GetDeviceMappingTokenID(const std::string& deviceID, + AccessTokenID remoteID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s or token %{public}x is invalid.", deviceID.c_str(), remoteID); + return 0; + } + + Utils::UniqueReadGuard infoGuard(this->remoteDeviceLock_); + if (remoteDeviceMap_.count(deviceID) < 1 || + remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.", deviceID.c_str()); + return 0; + } + + return remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID]; +} + +int AccessTokenRemoteTokenManager::RemoveDeviceMappingTokenID(const std::string& deviceID, + AccessTokenID remoteID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "device %{public}s or token %{public}x is invalid.", deviceID.c_str(), remoteID); + return RET_FAILED; + } + + Utils::UniqueWriteGuard infoGuard(this->remoteDeviceLock_); + if (remoteDeviceMap_.count(deviceID) < 1 || + remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) { + ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.", deviceID.c_str()); + return RET_FAILED; + } + + AccessTokenID mapID = remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID]; + AccessTokenIDManager::GetInstance().ReleaseTokenId(mapID); + + remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.erase(remoteID); + + if (remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.size() == 0) { + remoteDeviceMap_.erase(deviceID); + } + return RET_SUCCESS; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index d603a133b..ead8e42fb 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -28,30 +28,51 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "HapTokenInfoInner"}; } -HapTokenInfoInner::~HapTokenInfoInner() +HapTokenInfoInner::HapTokenInfoInner() : isRemote_(false) { - ACCESSTOKEN_LOG_DEBUG(LABEL, - "%{public}s called, tokenID: 0x%{public}x destruction", __func__, tokenID_); + tokenInfoBasic_.ver = DEFAULT_TOKEN_VERSION; + tokenInfoBasic_.tokenID = 0; + tokenInfoBasic_.tokenAttr = 0; + tokenInfoBasic_.userID = 0; + tokenInfoBasic_.instIndex = 0; + tokenInfoBasic_.apl = APL_NORMAL; } -void HapTokenInfoInner::Init(AccessTokenID id, const HapInfoParams &info, const HapPolicyParams &policy) +HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, + const HapInfoParams &info, const HapPolicyParams &policy) : isRemote_(false) { - tokenID_ = id; - userID_ = info.userID; - bundleName_ = info.bundleName; - instIndex_ = info.instIndex; - appID_ = info.appIDDesc; - deviceID_ = "0"; - apl_ = policy.apl; + tokenInfoBasic_.tokenID = id; + tokenInfoBasic_.userID = info.userID; + tokenInfoBasic_.ver = DEFAULT_TOKEN_VERSION; + tokenInfoBasic_.tokenAttr = 0; + tokenInfoBasic_.bundleName = info.bundleName; + tokenInfoBasic_.instIndex = info.instIndex; + tokenInfoBasic_.appID = info.appIDDesc; + tokenInfoBasic_.deviceID = "0"; + tokenInfoBasic_.apl = policy.apl; permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, policy.permList, policy.permStateList); } +HapTokenInfoInner::HapTokenInfoInner(AccessTokenID id, + const HapTokenInfo &info, const std::vector& permStateList) : isRemote_(false) +{ + tokenInfoBasic_ = info; + const std::vector permDefList; + permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(id, permDefList, permStateList); +} + +HapTokenInfoInner::~HapTokenInfoInner() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, + "tokenID: 0x%{public}x destruction", tokenInfoBasic_.tokenID); +} + void HapTokenInfoInner::Update(const std::string& appIDDesc, const HapPolicyParams& policy) { - appID_ = appIDDesc; - apl_ = policy.apl; + tokenInfoBasic_.appID = appIDDesc; + tokenInfoBasic_.apl = policy.apl; if (permPolicySet_ == nullptr) { - permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(tokenID_, + permPolicySet_ = PermissionPolicySet::BuildPermissionPolicySet(tokenInfoBasic_.tokenID, policy.permList, policy.permStateList); return; } @@ -62,69 +83,63 @@ void HapTokenInfoInner::Update(const std::string& appIDDesc, const HapPolicyPara void HapTokenInfoInner::TranslateToHapTokenInfo(HapTokenInfo& InfoParcel) const { - InfoParcel.apl = apl_; - InfoParcel.ver = ver_; - InfoParcel.userID = userID_; - InfoParcel.bundleName = bundleName_; - InfoParcel.instIndex = instIndex_; - InfoParcel.appID = appID_; - InfoParcel.deviceID = deviceID_; - InfoParcel.tokenID = tokenID_; - InfoParcel.tokenAttr = tokenAttr_; + InfoParcel = tokenInfoBasic_; } void HapTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const { - outGenericValues.Put(FIELD_TOKEN_ID, tokenID_); - outGenericValues.Put(FIELD_USER_ID, userID_); - outGenericValues.Put(FIELD_BUNDLE_NAME, bundleName_); - outGenericValues.Put(FIELD_INST_INDEX, instIndex_); - outGenericValues.Put(FIELD_APP_ID, appID_); - outGenericValues.Put(FIELD_DEVICE_ID, deviceID_); - outGenericValues.Put(FIELD_APL, apl_); - outGenericValues.Put(FIELD_TOKEN_VERSION, ver_); - outGenericValues.Put(FIELD_TOKEN_ATTR, tokenAttr_); + outGenericValues.Put(FIELD_TOKEN_ID, tokenInfoBasic_.tokenID); + outGenericValues.Put(FIELD_USER_ID, tokenInfoBasic_.userID); + outGenericValues.Put(FIELD_BUNDLE_NAME, tokenInfoBasic_.bundleName); + outGenericValues.Put(FIELD_INST_INDEX, tokenInfoBasic_.instIndex); + outGenericValues.Put(FIELD_APP_ID, tokenInfoBasic_.appID); + outGenericValues.Put(FIELD_DEVICE_ID, tokenInfoBasic_.deviceID); + outGenericValues.Put(FIELD_APL, tokenInfoBasic_.apl); + outGenericValues.Put(FIELD_TOKEN_VERSION, tokenInfoBasic_.ver); + outGenericValues.Put(FIELD_TOKEN_ATTR, tokenInfoBasic_.tokenAttr); } int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericValues) { - userID_ = inGenericValues.GetInt(FIELD_USER_ID); - bundleName_ = inGenericValues.GetString(FIELD_BUNDLE_NAME); - if (!DataValidator::IsBundleNameValid(bundleName_)) { + tokenInfoBasic_.userID = inGenericValues.GetInt(FIELD_USER_ID); + tokenInfoBasic_.bundleName = inGenericValues.GetString(FIELD_BUNDLE_NAME); + if (!DataValidator::IsBundleNameValid(tokenInfoBasic_.bundleName)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x bundle name is error", __func__, tokenID_); + "tokenID: 0x%{public}x bundle name is error", tokenInfoBasic_.tokenID); return RET_FAILED; } - instIndex_ = inGenericValues.GetInt(FIELD_INST_INDEX); - appID_ = inGenericValues.GetString(FIELD_APP_ID); - if (!DataValidator::IsAppIDDescValid(appID_)) { + tokenInfoBasic_.instIndex = inGenericValues.GetInt(FIELD_INST_INDEX); + tokenInfoBasic_.appID = inGenericValues.GetString(FIELD_APP_ID); + if (!DataValidator::IsAppIDDescValid(tokenInfoBasic_.appID)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x appID is error", __func__, tokenID_); + "tokenID: 0x%{public}x appID is error", tokenInfoBasic_.tokenID); return RET_FAILED; } - deviceID_ = inGenericValues.GetString(FIELD_DEVICE_ID); - if (!DataValidator::IsDeviceIdValid(deviceID_)) { + tokenInfoBasic_.deviceID = inGenericValues.GetString(FIELD_DEVICE_ID); + if (!DataValidator::IsDeviceIdValid(tokenInfoBasic_.deviceID)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x devId is error", __func__, tokenID_); + "tokenID: 0x%{public}x devId is error", tokenInfoBasic_.tokenID); return RET_FAILED; } int aplNum = inGenericValues.GetInt(FIELD_APL); if (DataValidator::IsAplNumValid(aplNum)) { - apl_ = (ATokenAplEnum)aplNum; + tokenInfoBasic_.apl = (ATokenAplEnum)aplNum; } else { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); + "tokenID: 0x%{public}x apl is error, value %{public}d", + tokenInfoBasic_.tokenID, aplNum); return RET_FAILED; } - ver_ = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); - if (ver_ != DEFAULT_TOKEN_VERSION) { + tokenInfoBasic_.ver = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); + if (tokenInfoBasic_.ver != DEFAULT_TOKEN_VERSION) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); + "tokenID: 0x%{public}x version is error, version %{public}d", + tokenInfoBasic_.tokenID, tokenInfoBasic_.ver); return RET_FAILED; } - tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenInfoBasic_.tokenAttr = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } @@ -132,7 +147,7 @@ int HapTokenInfoInner::RestoreHapTokenInfo(AccessTokenID tokenId, GenericValues& tokenValue, const std::vector& permDefRes, const std::vector& permStateRes) { - tokenID_ = tokenId; + tokenInfoBasic_.tokenID = tokenId; int ret = RestoreHapTokenBasicInfo(tokenValue); if (ret != RET_SUCCESS) { return RET_FAILED; @@ -153,6 +168,11 @@ void HapTokenInfoInner::StoreHapInfo(std::vector& hapInfoValues, std::vector& permDefValues, std::vector& permStateValues) const { + if (isRemote_) { + ACCESSTOKEN_LOG_INFO(LABEL, + "token %{public}x is remote hap token, will not store", tokenInfoBasic_.tokenID); + return; + } StoreHapBasicInfo(hapInfoValues); if (permPolicySet_ != nullptr) { permPolicySet_->StorePermissionPolicySet(permDefValues, permStateValues); @@ -166,35 +186,51 @@ std::shared_ptr HapTokenInfoInner::GetHapInfoPermissionPoli int HapTokenInfoInner::GetUserID() const { - return userID_; + return tokenInfoBasic_.userID; } std::string HapTokenInfoInner::GetBundleName() const { - return bundleName_; + return tokenInfoBasic_.bundleName; } int HapTokenInfoInner::GetInstIndex() const { - return instIndex_; + return tokenInfoBasic_.instIndex; } AccessTokenID HapTokenInfoInner::GetTokenID() const { - return tokenID_; + return tokenInfoBasic_.tokenID; +} + +HapTokenInfo HapTokenInfoInner::GetHapInfoBasic() const +{ + return tokenInfoBasic_; +} + +bool HapTokenInfoInner::IsRemote() const +{ + return isRemote_; +} + +void HapTokenInfoInner::SetRemote(bool isRemote) +{ + isRemote_ = isRemote; } void HapTokenInfoInner::ToString(std::string& info) const { - info.append(R"({"tokenID": )" + std::to_string(tokenID_)); - info.append(R"(, "tokenAttr": )" + std::to_string(tokenAttr_)); - info.append(R"(, "ver": )" + std::to_string(ver_)); - info.append(R"(, "userId": )" + std::to_string(userID_)); - info.append(R"(, "bundleName": ")" + bundleName_ + R"(")"); - info.append(R"(, "instIndex": )" + std::to_string(instIndex_)); - info.append(R"(, "appID": ")" + appID_ + R"(")"); - info.append(R"(, "deviceID": ")" + deviceID_ + R"(")"); - info.append(R"(, "apl": )" + std::to_string(apl_)); + info.append(R"({"tokenID": )" + std::to_string(tokenInfoBasic_.tokenID)); + info.append(R"(, "tokenAttr": )" + std::to_string(tokenInfoBasic_.tokenAttr)); + info.append(R"(, "ver": )" + std::to_string(tokenInfoBasic_.ver)); + info.append(R"(, "userId": )" + std::to_string(tokenInfoBasic_.userID)); + info.append(R"(, "bundleName": ")" + tokenInfoBasic_.bundleName + R"(")"); + info.append(R"(, "instIndex": )" + std::to_string(tokenInfoBasic_.instIndex)); + info.append(R"(, "appID": ")" + tokenInfoBasic_.appID + R"(")"); + info.append(R"(, "deviceID": ")" + tokenInfoBasic_.deviceID + R"(")"); + info.append(R"(, "apl": )" + std::to_string(tokenInfoBasic_.apl)); + info.append(R"(, "isRemote": )" + std::to_string(isRemote_)); if (permPolicySet_ != nullptr) { permPolicySet_->ToString(info); diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index ccdc9b415..0e5f70d85 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -29,35 +29,43 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "NativeTokenInfoInner"}; } +NativeTokenInfoInner::NativeTokenInfoInner() : isRemote_(false) +{ + tokenInfoBasic_.ver = DEFAULT_TOKEN_VERSION; + tokenInfoBasic_.tokenID = 0; + tokenInfoBasic_.tokenAttr = 0; + tokenInfoBasic_.apl = APL_NORMAL; +} + NativeTokenInfoInner::NativeTokenInfoInner(NativeTokenInfo& native) - : ver_(native.ver), tokenID_(native.tokenID), tokenAttr_(native.tokenAttr), - processName_(native.processName), apl_(native.apl), dcap_(native.dcap) -{} +{ + tokenInfoBasic_ = native; +} NativeTokenInfoInner::~NativeTokenInfoInner() { ACCESSTOKEN_LOG_DEBUG(LABEL, - "%{public}s called, tokenID: 0x%{public}x destruction", __func__, tokenID_); + "tokenID: 0x%{public}x destruction", tokenInfoBasic_.tokenID); } int NativeTokenInfoInner::Init(AccessTokenID id, const std::string& processName, int apl, const std::vector& dcap) { - tokenID_ = id; + tokenInfoBasic_.tokenID = id; if (!DataValidator::IsProcessNameValid(processName)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x process name is null", __func__, tokenID_); + "tokenID: 0x%{public}x process name is null", tokenInfoBasic_.tokenID); return RET_FAILED; } - processName_ = processName; + tokenInfoBasic_.processName = processName; if (!DataValidator::IsAplNumValid(apl)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x init failed, apl %{public}d is invalid", - __func__, tokenID_, apl); + "tokenID: 0x%{public}x init failed, apl %{public}d is invalid", + tokenInfoBasic_.tokenID, apl); return RET_FAILED; } - apl_ = (ATokenAplEnum)apl; - dcap_ = dcap; + tokenInfoBasic_.apl = (ATokenAplEnum)apl; + tokenInfoBasic_.dcap = dcap; return RET_SUCCESS; } @@ -75,111 +83,89 @@ std::string NativeTokenInfoInner::DcapToString(const std::vector& d int NativeTokenInfoInner::TranslationIntoGenericValues(GenericValues& outGenericValues) const { - outGenericValues.Put(FIELD_TOKEN_ID, tokenID_); - outGenericValues.Put(FIELD_PROCESS_NAME, processName_); - outGenericValues.Put(FIELD_APL, apl_); - outGenericValues.Put(FIELD_TOKEN_VERSION, ver_); - outGenericValues.Put(FIELD_DCAP, DcapToString(dcap_)); - outGenericValues.Put(FIELD_TOKEN_ATTR, tokenAttr_); + outGenericValues.Put(FIELD_TOKEN_ID, tokenInfoBasic_.tokenID); + outGenericValues.Put(FIELD_PROCESS_NAME, tokenInfoBasic_.processName); + outGenericValues.Put(FIELD_APL, tokenInfoBasic_.apl); + outGenericValues.Put(FIELD_TOKEN_VERSION, tokenInfoBasic_.ver); + outGenericValues.Put(FIELD_DCAP, DcapToString(tokenInfoBasic_.dcap)); + outGenericValues.Put(FIELD_TOKEN_ATTR, tokenInfoBasic_.tokenAttr); return RET_SUCCESS; } int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const GenericValues& inGenericValues) { - tokenID_ = tokenId; - processName_ = inGenericValues.GetString(FIELD_PROCESS_NAME); - if (!DataValidator::IsProcessNameValid(processName_)) { + tokenInfoBasic_.tokenID = tokenId; + tokenInfoBasic_.processName = inGenericValues.GetString(FIELD_PROCESS_NAME); + if (!DataValidator::IsProcessNameValid(tokenInfoBasic_.processName)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x process name is null", __func__, tokenID_); + "tokenID: 0x%{public}x process name is null", tokenInfoBasic_.tokenID); return RET_FAILED; } int aplNum = inGenericValues.GetInt(FIELD_APL); if (!DataValidator::IsAplNumValid(aplNum)) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x apl is error, value %{public}d", __func__, tokenID_, aplNum); + "tokenID: 0x%{public}x apl is error, value %{public}d", + tokenInfoBasic_.tokenID, aplNum); return RET_FAILED; } - apl_ = (ATokenAplEnum)aplNum; - ver_ = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); - if (ver_ != DEFAULT_TOKEN_VERSION) { + tokenInfoBasic_.apl = (ATokenAplEnum)aplNum; + tokenInfoBasic_.ver = (char)inGenericValues.GetInt(FIELD_TOKEN_VERSION); + if (tokenInfoBasic_.ver != DEFAULT_TOKEN_VERSION) { ACCESSTOKEN_LOG_ERROR(LABEL, - "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); + "tokenID: 0x%{public}x version is error, version %{public}d", + tokenInfoBasic_.tokenID, tokenInfoBasic_.ver); return RET_FAILED; } SetDcaps(inGenericValues.GetString(FIELD_DCAP)); - tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenInfoBasic_.tokenAttr = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } void NativeTokenInfoInner::TranslateToNativeTokenInfo(NativeTokenInfo& InfoParcel) const { - InfoParcel.apl = apl_; - InfoParcel.ver = ver_; - InfoParcel.processName = processName_; - InfoParcel.dcap = dcap_; - InfoParcel.tokenID = tokenID_; - InfoParcel.tokenAttr = tokenAttr_; + InfoParcel.apl = tokenInfoBasic_.apl; + InfoParcel.ver = tokenInfoBasic_.ver; + InfoParcel.processName = tokenInfoBasic_.processName; + InfoParcel.dcap = tokenInfoBasic_.dcap; + InfoParcel.tokenID = tokenInfoBasic_.tokenID; + InfoParcel.tokenAttr = tokenInfoBasic_.tokenAttr; } void NativeTokenInfoInner::StoreNativeInfo(std::vector& valueList) const { + if (isRemote_) { + return; + } GenericValues genericValues; TranslationIntoGenericValues(genericValues); valueList.emplace_back(genericValues); } -bool NativeTokenInfoInner::FromJsonString(const std::string& jsonString) +AccessTokenID NativeTokenInfoInner::GetTokenID() const { - nlohmann::json jsonObject = nlohmann::json::parse(jsonString); - if (jsonObject.is_discarded()) { - return false; - } - - if (jsonObject.find(JSON_PROCESS_NAME) != jsonObject.end()) { - processName_ = jsonObject.at(JSON_PROCESS_NAME).get(); - } - - if (jsonObject.find(JSON_APL) != jsonObject.end()) { - int aplNum = jsonObject.at(JSON_APL).get(); - if (DataValidator::IsAplNumValid(aplNum)) { - apl_ = (ATokenAplEnum)aplNum; - } - } - - if (jsonObject.find(JSON_VERSION) != jsonObject.end()) { - ver_ = jsonObject.at(JSON_VERSION).get(); - } - - if (jsonObject.find(JSON_TOKEN_ID) != jsonObject.end()) { - tokenID_ = jsonObject.at(JSON_TOKEN_ID).get(); - } - - if (jsonObject.find(JSON_TOKEN_ATTR) != jsonObject.end()) { - tokenAttr_ = jsonObject.at(JSON_TOKEN_ATTR).get(); - } - - if (jsonObject.find(JSON_DCAPS) != jsonObject.end()) { - dcap_ = jsonObject.at(JSON_DCAPS).get>(); - } + return tokenInfoBasic_.tokenID; +} - return true; +std::vector NativeTokenInfoInner::GetDcap() const +{ + return tokenInfoBasic_.dcap; } -AccessTokenID NativeTokenInfoInner::GetTokenID() const +std::string NativeTokenInfoInner::GetProcessName() const { - return tokenID_; + return tokenInfoBasic_.processName; } -std::vector NativeTokenInfoInner::GetDcap() const +bool NativeTokenInfoInner::IsRemote() const { - return dcap_; + return isRemote_; } -std::string NativeTokenInfoInner::GetProcessName() const +void NativeTokenInfoInner::SetRemote(bool isRemote) { - return processName_; + isRemote_ = isRemote; } void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) @@ -188,22 +174,23 @@ void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) while (true) { std::string::size_type offset = dcapStr.find(',', start); if (offset == std::string::npos) { - dcap_.push_back(dcapStr.substr(start)); + tokenInfoBasic_.dcap.push_back(dcapStr.substr(start)); break; } - dcap_.push_back(dcapStr.substr(start, offset)); + tokenInfoBasic_.dcap.push_back(dcapStr.substr(start, offset)); start = offset + 1; } } void NativeTokenInfoInner::ToString(std::string& info) const { - info.append(R"({"tokenID": )" + std::to_string(tokenID_)); - info.append(R"(, "tokenAttr": )" + std::to_string(tokenAttr_)); - info.append(R"(, "ver": )" + std::to_string(ver_)); - info.append(R"(, "processName": ")" + processName_ + R"(")"); - info.append(R"(, "apl": )" + std::to_string(apl_)); - info.append(R"(, "dcap": ")" + DcapToString(dcap_) + R"(")"); + info.append(R"({"tokenID": )" + std::to_string(tokenInfoBasic_.tokenID)); + info.append(R"(, "tokenAttr": )" + std::to_string(tokenInfoBasic_.tokenAttr)); + info.append(R"(, "ver": )" + std::to_string(tokenInfoBasic_.ver)); + info.append(R"(, "processName": ")" + tokenInfoBasic_.processName + R"(")"); + info.append(R"(, "apl": )" + std::to_string(tokenInfoBasic_.apl)); + info.append(R"(, "dcap": ")" + DcapToString(tokenInfoBasic_.dcap) + R"(")"); + info.append(R"(, "isRemote": )" + std::to_string(isRemote_)); info.append("}"); } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index d5ee4ac8e..c6369f017 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -105,24 +105,24 @@ int NativeTokenReceptor::ReadCfgFile(std::string& nativeRawData) { int32_t fd = open(NATIVE_TOKEN_CONFIG_FILE.c_str(), O_RDONLY); if (fd < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: open failed errno %{public}d.", __func__, errno); + ACCESSTOKEN_LOG_ERROR(LABEL, "open failed errno %{public}d.", errno); return RET_FAILED; } struct stat statBuffer; if (fstat(fd, &statBuffer) != 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: fstat failed.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "fstat failed."); close(fd); return RET_FAILED; } if (statBuffer.st_size == 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: config file size is invalid.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "config file size is invalid."); close(fd); return RET_FAILED; } if (statBuffer.st_size > MAX_NATIVE_CONFIG_FILE_SIZE) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: config file size is too large.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "config file size is too large."); close(fd); return RET_FAILED; } @@ -144,14 +144,14 @@ int NativeTokenReceptor::ReadCfgFile(std::string& nativeRawData) int NativeTokenReceptor::Init() { if (ready_) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: native token has been inited.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "native token has been inited."); return RET_SUCCESS; } std::string nativeRawData; int ret = ReadCfgFile(nativeRawData); if (ret != RET_SUCCESS) { - ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: readCfgFile failed.", __func__); + ACCESSTOKEN_LOG_ERROR(LABEL, "readCfgFile failed."); return RET_FAILED; } std::vector> tokenInfos; @@ -159,7 +159,7 @@ int NativeTokenReceptor::Init() AccessTokenInfoManager::GetInstance().ProcessNativeTokenInfos(tokenInfos); ready_ = true; - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: init ok.", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "init ok."); return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp new file mode 100644 index 000000000..49ba60e8f --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/token/token_modify_notifier.cpp @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_modify_notifier.h" + +#include "accesstoken_id_manager.h" +#include "accesstoken_info_manager.h" +#include "accesstoken_log.h" +#include "hap_token_info.h" +#include "hap_token_info_inner.h" +#include "token_sync_kit.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenModifyNotifier"}; +} + +TokenModifyNotifier::TokenModifyNotifier() : hasInited_(false) {} + +TokenModifyNotifier::~TokenModifyNotifier() {} + +void TokenModifyNotifier::AddHapTokenObservation(AccessTokenID tokenID) +{ + if (AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID) != TOKEN_HAP) { + ACCESSTOKEN_LOG_INFO(LABEL, "Observation token is not hap token"); + return; + } + Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + if (observationSet_.count(tokenID) <= 0) { + observationSet_.insert(tokenID); + } +} + +void TokenModifyNotifier::NotifyTokenDelete(AccessTokenID tokenID) +{ + Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + if (observationSet_.count(tokenID) <= 0) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "hap token is not observed"); + return; + } + observationSet_.erase(tokenID); + deleteTokenList_.emplace_back(tokenID); + NotifyTokenChangedIfNeed(); +} + +void TokenModifyNotifier::NotifyTokenModify(AccessTokenID tokenID) +{ + Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + if (observationSet_.count(tokenID) <= 0) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "hap token is not observed"); + return; + } + modifiedTokenList_.emplace_back(tokenID); + NotifyTokenChangedIfNeed(); +} + +TokenModifyNotifier& TokenModifyNotifier::GetInstance() +{ + static TokenModifyNotifier instance; + + if (!instance.hasInited_) { + Utils::UniqueWriteGuard infoGuard(instance.initLock_); + if (!instance.hasInited_) { + instance.notifyTokenWorker_.Start(1); + instance.hasInited_ = true; + } + } + + return instance; +} + +void TokenModifyNotifier::NotifyTokenSyncTask() +{ + Utils::UniqueWriteGuard infoGuard(this->Notifylock_); + for (AccessTokenID deleteToken : deleteTokenList_) { + TokenSyncKit::DeleteRemoteHapTokenInfo(deleteToken); + } + + for (AccessTokenID modifyToken : modifiedTokenList_) { + HapTokenInfoForSync hapSync; + int ret = AccessTokenInfoManager::GetInstance().GetHapTokenSync(modifyToken, hapSync); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "the hap token 0x%{public}x need to sync is not found!", modifyToken); + continue; + } + TokenSyncKit::UpdateRemoteHapTokenInfo(hapSync); + } + deleteTokenList_.clear(); + modifiedTokenList_.clear(); +} +void TokenModifyNotifier::NotifyTokenChangedIfNeed() +{ + if (notifyTokenWorker_.GetCurTaskNum() > 1) { + ACCESSTOKEN_LOG_INFO(LABEL, " has notify task!"); + return; + } + + notifyTokenWorker_.AddTask([]() { + TokenModifyNotifier::GetInstance().NotifyTokenSyncTask(); + }); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 42ca7f73b..599f6f026 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -27,25 +27,60 @@ ohos_shared_library("token_sync_manager_service") { include_dirs = [ "include/service", "include/remote", + "include/command", + "include/common", + "include/device", + "include/protocol", + "//third_party/json/include", "//utils/system/safwk/native/include", + "//third_party/json/include", "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/frameworks/tokensync/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//foundation/communication/dsoftbus/interfaces/kits/transport", "//foundation/communication/dsoftbus/interfaces/kits/common", "//foundation/communication/dsoftbus/interfaces/kits/bus_center", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base/include", + "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp/include", + "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp:devicemanagersdk", ] sources = [ + "src/command/base_remote_command.cpp", + "src/command/delete_remote_token_command.cpp", + "src/command/sync_remote_hap_token_command.cpp", + "src/command/sync_remote_native_token_command.cpp", + "src/command/update_remote_hap_token_command.cpp", + "src/common/constant.cpp", + "src/device/device_info_manager.cpp", + "src/device/device_info_repository.cpp", + "src/remote/remote_command_executor.cpp", + "src/remote/remote_command_factory.cpp", + "src/remote/remote_command_manager.cpp", + "src/remote/soft_bus_channel.cpp", + "src/remote/soft_bus_device_connection_listener.cpp", "src/remote/soft_bus_manager.cpp", - "src/service/tokensync_manager_service.cpp", - "src/service/tokensync_manager_stub.cpp", + "src/remote/soft_bus_session_listener.cpp", + "src/service/token_sync_event_handler.cpp", + "src/service/token_sync_manager_service.cpp", + "src/service/token_sync_manager_stub.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] deps = [ + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/frameworks/common:accesstoken_common_cxx", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "//base/security/access_token/services/tokensyncmanager:token_sync.rc", + "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", + "//foundation/aafwk/standard/interfaces/innerkits/base:base", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base:appexecfwk_base", + "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core:appexecfwk_core", + "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler:libeventhandler", + "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp:devicemanagersdk", + "//third_party/zlib:libz", "//utils/native/base:utils", ] diff --git a/services/tokensyncmanager/include/command/base_remote_command.h b/services/tokensyncmanager/include/command/base_remote_command.h new file mode 100644 index 000000000..6af5f58a0 --- /dev/null +++ b/services/tokensyncmanager/include/command/base_remote_command.h @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef BASE_REMOTE_COMMON_H +#define BASE_REMOTE_COMMON_H + +#include + +#include "constant.h" +#include "hap_token_info.h" +#include "native_token_info.h" +#include "nlohmann/json.hpp" +#include "permission_state_full.h" +#include "remote_protocol.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * The base class for command. You can treat this as remote command header. + */ +class BaseRemoteCommand { +public: + BaseRemoteCommand() = default; + virtual ~BaseRemoteCommand() = default; + + /* Prepare() is called in requestor */ + virtual void Prepare() = 0; + + /* Execute() is called in responser */ + virtual void Execute() = 0; + + /* Finish() is called in requestor, after get response, but the command object is not same with the request */ + virtual void Finish() = 0; + + virtual std::string ToJsonPayload() = 0; + nlohmann::json ToRemoteProtocolJson(); + void FromRemoteProtocolJson(const nlohmann::json& jsonObject); + + void ToPermStateJson(nlohmann::json& permStateJson, const PermissionStateFull& state); + void FromPermStateListJson(const nlohmann::json& hapTokenJson, + std::vector& permStateList); + + void FromHapTokenBasicInfoJson(const nlohmann::json& hapTokenJson, + HapTokenInfo& hapTokenBasicInfo); + + nlohmann::json ToHapTokenInfosJson(const HapTokenInfoForSync &tokenInfo); + void FromHapTokenInfoJson(const nlohmann::json& hapTokenJson, HapTokenInfoForSync& hapTokenInfo); + nlohmann::json ToNativeTokenInfoJson(const NativeTokenInfo& tokenInfo); + void FromNativeTokenInfoJson(const nlohmann::json& nativeTokenJson, NativeTokenInfo& nativeTokenInfo); + RemoteProtocol remoteProtocol_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // BASE_REMOTE_COMMON_H diff --git a/services/tokensyncmanager/include/command/delete_remote_token_command.h b/services/tokensyncmanager/include/command/delete_remote_token_command.h new file mode 100644 index 000000000..97e3a2444 --- /dev/null +++ b/services/tokensyncmanager/include/command/delete_remote_token_command.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DELETE_REMOTE_TOKEN_COMMAND_H +#define DELETE_REMOTE_TOKEN_COMMAND_H + +#include "base_remote_command.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * Command which used to get all native token info from other device. + */ +class DeleteRemoteTokenCommand : public BaseRemoteCommand { +public: + void Prepare() override; + + void Execute() override; + + void Finish() override; + + std::string ToJsonPayload() override; + + DeleteRemoteTokenCommand(const std::string &json); + DeleteRemoteTokenCommand(const std::string &srcDeviceId, const std::string &dstDeviceId, + AccessTokenID deleteID); + virtual ~DeleteRemoteTokenCommand() = default; + +private: + /** + * The command name. Should be equal to class name. + */ + const std::string COMMAND_NAME = "DeleteRemoteTokenCommand"; + AccessTokenID deleteTokenId_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif \ No newline at end of file diff --git a/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h b/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h new file mode 100644 index 000000000..3783c0c9c --- /dev/null +++ b/services/tokensyncmanager/include/command/sync_remote_hap_token_command.h @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SYNC_REMOTE_HAP_TOKEN_COMMAND_H +#define SYNC_REMOTE_HAP_TOKEN_COMMAND_H + +#include + +#include "access_token.h" +#include "base_remote_command.h" +#include "hap_token_info.h" +#include "permission_state_full.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * Command which used to get all native token info from other device. + */ +class SyncRemoteHapTokenCommand : public BaseRemoteCommand { +public: + void Prepare() override; + + void Execute() override; + + void Finish() override; + + std::string ToJsonPayload() override; + + SyncRemoteHapTokenCommand(const std::string &json); + SyncRemoteHapTokenCommand( const std::string &srcDeviceId, + const std::string &dstDeviceId, AccessTokenID id); + virtual ~SyncRemoteHapTokenCommand() = default; + +private: + /** + * The command name. Should be equal to class name. + */ + const std::string COMMAND_NAME = "SyncRemoteHapTokenCommand"; + HapTokenInfoForSync hapTokenInfo_; + AccessTokenID requestTokenId_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif + diff --git a/services/tokensyncmanager/include/command/sync_remote_native_token_command.h b/services/tokensyncmanager/include/command/sync_remote_native_token_command.h new file mode 100644 index 000000000..e398d7804 --- /dev/null +++ b/services/tokensyncmanager/include/command/sync_remote_native_token_command.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SYNC_REMOTE_NATIVE_TOKEN_COMMAND_H +#define SYNC_REMOTE_NATIVE_TOKEN_COMMAND_H + +#include +#include + +#include "base_remote_command.h" +#include "native_token_info.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * Command which used to get all native token info from other device. + */ +class SyncRemoteNativeTokenCommand : public BaseRemoteCommand { +public: + void Prepare() override; + + void Execute() override; + + void Finish() override; + + std::string ToJsonPayload() override; + + SyncRemoteNativeTokenCommand(const std::string &json); + SyncRemoteNativeTokenCommand(const std::string &srcDeviceId, const std::string &dstDeviceId); + virtual ~SyncRemoteNativeTokenCommand() = default; + +private: + /** + * The command name. Should be equal to class name. + */ + const std::string COMMAND_NAME = "SyncRemoteNativeTokenCommand"; + std::vector nativeTokenInfo_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif \ No newline at end of file diff --git a/services/tokensyncmanager/include/command/update_remote_hap_token_command.h b/services/tokensyncmanager/include/command/update_remote_hap_token_command.h new file mode 100644 index 000000000..1e6f88919 --- /dev/null +++ b/services/tokensyncmanager/include/command/update_remote_hap_token_command.h @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef UPDATE_REMOTE_HAP_TOKEN_COMMAND_H +#define UPDATE_REMOTE_HAP_TOKEN_COMMAND_H + +#include + +#include "access_token.h" +#include "base_remote_command.h" +#include "hap_token_info.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +/** + * Command which used to get all native token info from other device. + */ +class UpdateRemoteHapTokenCommand : public BaseRemoteCommand { +public: + void Prepare() override; + + void Execute() override; + + void Finish() override; + + std::string ToJsonPayload() override; + + UpdateRemoteHapTokenCommand(const std::string &json); + UpdateRemoteHapTokenCommand(const std::string &srcDeviceId, const std::string &dstDeviceId, + const HapTokenInfoForSync& tokenInfo); + virtual ~UpdateRemoteHapTokenCommand() = default; + +private: + /** + * The command name. Should be equal to class name. + */ + const std::string COMMAND_NAME = "UpdateRemoteHapTokenCommand"; + HapTokenInfoForSync updateTokenInfo_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif \ No newline at end of file diff --git a/services/tokensyncmanager/include/common/constant.h b/services/tokensyncmanager/include/common/constant.h new file mode 100644 index 000000000..be2191d96 --- /dev/null +++ b/services/tokensyncmanager/include/common/constant.h @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CONSTANT_H +#define CONSTANT_H + +#include +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +class Constant { +public: + /** + * Indicates message format version, should be compatible. + */ + const static int32_t DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION = 2; + + /** + * Status code, indicates general success. + */ + const static int32_t SUCCESS = 0; + + /** + * Status code, indicates general failure. + */ + const static int32_t FAILURE = -1; + + /** + * Status code, indicates failure but can retry. + */ + const static int32_t FAILURE_BUT_CAN_RETRY = -2; + + /** + * Status Code, indicates invalid command. + */ + const static int32_t INVALID_COMMAND = -14; + + /** + * Session Id, indicates invalid session. + */ + const static int32_t INVALID_SESSION = -1; + + /** + * Command status code, indicate a status of command before RPC call. + */ + const static int32_t STATUS_CODE_BEFORE_RPC = 100001; + + /** + * Command result string, indicates success. + */ + static const std::string COMMAND_RESULT_SUCCESS; + + /** + * Command result string, indicates failed. + */ + static const std::string COMMAND_RESULT_FAILED; + + /** + * Device id length. + */ + const static int32_t DEVICE_UUID_LENGTH = 65; + + /** + * Command status code, indicate a status of command before RPC call. + */ + const static int32_t DELAY_SYNC_TOKEN_MS = 3000; + + static constexpr int32_t ENCRYPTLEN = 4; + static constexpr int32_t ENCRYPTBEGIN = 0; + static constexpr int32_t ENCRYPTEND = 3; + static std::string EncryptDevId(std::string deviceId); + + /** + * GetLocalDeviceId + */ + static std::string GetLocalDeviceId(); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // CONSTANT_H \ No newline at end of file diff --git a/services/tokensyncmanager/include/device/device_info.h b/services/tokensyncmanager/include/device/device_info.h new file mode 100644 index 000000000..958aa0803 --- /dev/null +++ b/services/tokensyncmanager/include/device/device_info.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DEVICE_INFO_H +#define DEVICE_INFO_H + +#include + +namespace OHOS { +namespace Security { +namespace AccessToken { +enum DeviceIdType { + NETWORK_ID, + UNIVERSALLY_UNIQUE_ID, + UNIQUE_DISABILITY_ID, + UNKNOWN, +}; + +struct DeviceId { + std::string networkId; + std::string universallyUniqueId; + std::string uniqueDisabilityId; +}; + +struct DeviceInfo { + DeviceId deviceId; + std::string deviceName; + std::string deviceType; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // DEVICE_INFO_H \ No newline at end of file diff --git a/services/tokensyncmanager/include/device/device_info_manager.h b/services/tokensyncmanager/include/device/device_info_manager.h new file mode 100644 index 000000000..b5be6c827 --- /dev/null +++ b/services/tokensyncmanager/include/device/device_info_manager.h @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DEVICE_INFO_MANAGER_H +#define DEVICE_INFO_MANAGER_H + +#include + +#include "accesstoken_log.h" +#include "data_validator.h" +#include "device_info_repository.h" +#include "ipc_skeleton.h" +#include "parameter.h" +#include "soft_bus_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class DeviceInfoManager { +public: + static DeviceInfoManager &GetInstance(); + + /** + * Get device info by device id. + * + * @param nodeId Device id. + * @param deviceIdType Device id type {@link DeviceIdType} + * @return Optional deviceInfo + */ + bool GetDeviceInfo(const std::string &nodeId, DeviceIdType deviceIdType, DeviceInfo &deviceInfo) const; + + /** + * Check device info exist. Online and local device info will be here. + * + * @param nodeId Device id. + * @param deviceIdType Device id type {@link DeviceIdType} + * @return True for exist, false otherwise. + */ + bool ExistDeviceInfo(const std::string &nodeId, DeviceIdType deviceIdType) const; + + /** + * Add device info with device ids and device properties. + * + * @param networkId Device networkId. + * @param universallyUniqueId Device uuid. + * @param uniqueDisabilityId Device udid. + * @param deviceName Device name. + * @param deviceType Device type. + */ + void AddDeviceInfo(const std::string &networkId, const std::string &universallyUniqueId, + const std::string &uniqueDisabilityId, const std::string &deviceName, const std::string &deviceType); + + /** + * Remote all device info. + */ + void RemoveAllRemoteDeviceInfo(); + + /** + * Remove one device info. + * + * @param nodeId Device id. + */ + void RemoveRemoteDeviceInfo(const std::string &nodeId, DeviceIdType deviceIdType); + + /** + * Convert nodeId to deviceId(UUID) if possible. + * + * @param nodeId which is considered as indefinite id, maybe deviceId(UUID) or networkId. + * @return The deviceId if local or device online, otherwise return empty string. + */ + std::string ConvertToUniversallyUniqueIdOrFetch(const std::string &nodeId) const; + + /** + * Convert nodeId to deviceId(UDID) if possible. + * + * @param nodeId which is considered as indefinite id, maybe deviceId(UDID) or networkId. + * @return The deviceId if local or device online, otherwise return empty string. + */ + std::string ConvertToUniqueDisabilityIdOrFetch(const std::string &nodeId) const; + + /** + * Check nodeId is uuid or not. + * + * @param nodeId Node id. + * @return True if node id is uuid. False otherwise. + */ + bool IsDeviceUniversallyUniqueId(const std::string &nodeId) const; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // DEVICE_INFO_MANAGER_H \ No newline at end of file diff --git a/services/tokensyncmanager/include/device/device_info_repository.h b/services/tokensyncmanager/include/device/device_info_repository.h new file mode 100644 index 000000000..319e76838 --- /dev/null +++ b/services/tokensyncmanager/include/device/device_info_repository.h @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DEVICE_INFO_REPOSITORY_H +#define DEVICE_INFO_REPOSITORY_H + +#include +#include +#include +#include + +#include "constant.h" +#include "device_info.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class DeviceInfoRepository { +public: + static DeviceInfoRepository &GetInstance(); + + std::vector ListDeviceInfo(); + + bool FindDeviceInfo(const std::string &nodeId, DeviceIdType type, DeviceInfo &deviceInfo); + + void DeleteAllDeviceInfoExceptOne(const DeviceInfo deviceInfo); + + void SaveDeviceInfo(const DeviceInfo deviceInfo); + + void SaveDeviceInfo(const DeviceId deviceId, const std::string &deviceName, const std::string &deviceType); + + void SaveDeviceInfo(const std::string &networkId, const std::string &universallyUniqueId, + const std::string &uniqueDisabilityId, const std::string &deviceName, const std::string &deviceType); + + void DeleteDeviceInfo(const std::string &nodeId, const DeviceIdType type); + + void Clear(); + +private: + bool FindDeviceIdByNodeIdLocked(const std::string &nodeId, const DeviceIdType type, DeviceId &deviceId) const; + + bool FindDeviceInfoByDeviceIdLocked(const DeviceId deviceId, DeviceInfo &deviceInfo) const; + + bool FindDeviceIdByNetworkIdLocked(const std::string &networkId, DeviceId &deviceId) const; + + bool FindDeviceIdByUniversallyUniqueIdLocked(const std::string &universallyUniqueId, DeviceId &deviceId) const; + + bool FindDeviceIdByUniqueDisabilityIdLocked(const std::string &uniqueDisabilityId, DeviceId &deviceId) const; + + void DeleteDeviceInfoByDeviceIdLocked(const DeviceId deviceId); + + std::map deviceIdMapByNetworkId_; + + std::map deviceIdMapByUniversallyUniqueId_; + + std::map deviceIdMapByUniqueDisabilityId_; + + std::map deviceInfoMap_; + + std::recursive_mutex stackLock_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // DEVICE_INFO_REPOSITORY_H \ No newline at end of file diff --git a/services/tokensyncmanager/include/protocol/remote_protocol.h b/services/tokensyncmanager/include/protocol/remote_protocol.h new file mode 100644 index 000000000..97ada420b --- /dev/null +++ b/services/tokensyncmanager/include/protocol/remote_protocol.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef REMOTE_PROTOCOL_H +#define REMOTE_PROTOCOL_H + +namespace OHOS { +namespace Security { +namespace AccessToken { +struct RemoteProtocol { + std::string commandName; + std::string uniqueId; + int32_t requestVersion; + std::string srcDeviceId; + std::string srcDeviceLevel; + std::string dstDeviceId; + std::string dstDeviceLevel; + int32_t statusCode; + std::string message; + int32_t responseVersion; + std::string responseDeviceId; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif \ No newline at end of file diff --git a/services/tokensyncmanager/include/remote/remote_command_executor.h b/services/tokensyncmanager/include/remote/remote_command_executor.h new file mode 100644 index 000000000..f8982a9b5 --- /dev/null +++ b/services/tokensyncmanager/include/remote/remote_command_executor.h @@ -0,0 +1,158 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef REMOTE_COMMAND_EXECUTOR_H +#define REMOTE_COMMAND_EXECUTOR_H + +#include +#include + +#include "accesstoken_log.h" +#include "base_remote_command.h" +#include "remote_command_factory.h" +#include "rpc_channel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class RemoteCommandExecutor final { +public: + RemoteCommandExecutor(const std::string &targetNodeId); + virtual ~RemoteCommandExecutor(); + + const std::shared_ptr &GetChannel() const + { + return ptrChannel_; + } + void SetChannel(const std::shared_ptr &ptrChannel) + { + ptrChannel_ = ptrChannel; + } + + /** + * @brief Factory method to create a rpc channel. we will only create SoftBusChannel by now. + * + * @param targetNodeId target device node id(udid) + * @return Returns a shared_ptr if the operation is successful, returns nullptr otherwise. + * @see SoftBusChannel + * @since 1.0 + * @version 1.0 + */ + static const std::shared_ptr CreateChannel(const std::string &targetNodeId); + + /** + * @brief Process one command given. + * + * @param ptrCommand BaseRemoteCommand to execute. + * @return Returns SUCCESS if the operation is successful, returns minus integer otherwise. + * @see void + * @since 1.0 + * @version 1.0 + */ + int ProcessOneCommand(const std::shared_ptr &ptrCommand); + + /** + * @brief Add one command into the buffer + * + * @param ptrCommand BaseRemoteCommand to execute. + * @return Returns SUCCESS if the operation is successful, returns INVALID_COMMAND otherwise. + * @see ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + int AddCommand(const std::shared_ptr &ptrCommand); + + /** + * @brief Process all the command in the buffer + * + * @param standalone true if run in a new thread or event runner, otherwise false. + * @return Returns SUCCESS if the operation is successful, returns FAILURE otherwise. + * @see AddCommand ProcessOneCommand + * @since 1.0 + * @version 1.0 + */ + int ProcessBufferedCommands(bool standalone = false); + + /** + * @brief Process all the command in the buffer within a new thread. in deconstruct, we need to join this thread if + * needed. + * + * @param ptrCommand BaseRemoteCommand to execute. + * @return void + * @see ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + void ProcessBufferedCommandsWithThread(); + +private: + /** + * @brief execute a command in a specific place. + * for remote command, transfor the command json string by channel to softbus, and wait for softbus to response a + * json string. while remote response a json string, construct a remote command and finish it. + * if command buffer is empty, close the rpc channel. + * + * @param ptrCommand BaseRemoteCommand to execute. + * @param isRemote where to run. true for remote, false for local. + * @return Returns SUCCESS if the operation is successful, returns FAILURE otherwise. + * @see ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + int ExecuteRemoteCommand(const std::shared_ptr &ptrCommand, bool isRemote); + + /** + * @brief create a rpc channel if not exist. + * + * @param ptrCommand BaseRemoteCommand to execute. + * @param isRemote where to run. true for remote, false for local. + * @return void + * @see ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + void CreateChannelIfNeeded(); + + /** + * @brief finish a command + * + * @param ptrCommand BaseRemoteCommand to execute. + * @return Returns SUCCESS if the operation is successful, returns FAILURE otherwise. + * @see ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + int ClientProcessResult(const std::shared_ptr &ptrCommand); + +private: + // target device node id(udid) + std::string targetNodeId_; + + // cached channel for buffered commands + std::shared_ptr ptrChannel_; + + // mutex to lock commands buffer for concurrent access. + std::recursive_mutex mutex_; + + // commands buffer + std::deque> commands_; + + // consumer running flag, true if the consumer is RUNNING, false otherwise. @see ProcessBufferedCommands + bool running_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // REMOTE_COMMAND_EXECUTOR_H diff --git a/services/tokensyncmanager/include/remote/remote_command_factory.h b/services/tokensyncmanager/include/remote/remote_command_factory.h new file mode 100644 index 000000000..f9967cc20 --- /dev/null +++ b/services/tokensyncmanager/include/remote/remote_command_factory.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef REMOTE_COMMAND_FACTORY_H +#define REMOTE_COMMAND_FACTORY_H + +#include +#include +#include + +#include "access_token.h" +#include "delete_remote_token_command.h" +#include "hap_token_info.h" +#include "sync_remote_hap_token_command.h" +#include "sync_remote_native_token_command.h" +#include "update_remote_hap_token_command.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class RemoteCommandFactory { +public: + static RemoteCommandFactory &GetInstance(); + + std::shared_ptr NewSyncRemoteHapTokenCommand(const std::string &srcDeviceId, + const std::string &dstDeviceId, AccessTokenID tokenID); + + std::shared_ptr NewDeleteRemoteTokenCommand(const std::string &srcDeviceId, + const std::string &dstDeviceId, AccessTokenID tokenID); + + std::shared_ptr NewUpdateRemoteHapTokenCommand(const std::string &srcDeviceId, + const std::string &dstDeviceId, const HapTokenInfoForSync& tokenInfo); + + std::shared_ptr NewSyncRemoteNativeTokenCommand(const std::string &srcDeviceId, + const std::string &dstDeviceId); + + std::shared_ptr NewRemoteCommandFromJson( + const std::string &commandName, const std::string &commandJsonString); + +private: + const std::string TAG = "RemoteCommandFactory"; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // REMOTE_COMMAND_FACTORY_H diff --git a/services/tokensyncmanager/include/remote/remote_command_manager.h b/services/tokensyncmanager/include/remote/remote_command_manager.h new file mode 100644 index 000000000..b40619eda --- /dev/null +++ b/services/tokensyncmanager/include/remote/remote_command_manager.h @@ -0,0 +1,165 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef REMOTE_COMMAND_MANAGER_H +#define REMOTE_COMMAND_MANAGER_H + +#include +#include +#include +#include + +#include "accesstoken_log.h" +#include "base_remote_command.h" +#include "constant.h" +#include "data_validator.h" +#include "remote_command_executor.h" +#include "rpc_channel.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class RemoteCommandManager final { +public: + ~RemoteCommandManager(); + + /** + * @brief Singleton instance get method. + * + * @since 1.0 + * @version 1.0 + */ + static RemoteCommandManager &GetInstance(); + + /** + * @brief Init method. + * + * @see + * @since 1.0 + * @version 1.0 + */ + void Init(); + + /** + * @brief Execute a command now. + * + * @param udid The udid of a device which you want to execute on. if udid is empty, return -1. + * @param command A command extend BaseRemoteCommand. if command is nullptr, return -1. + * @return The execute result, returned from RemoteCommandExecutor. + * @see RemoteCommandExecutor.ExecuteOneCommand + * @since 1.0 + * @version 1.0 + */ + int ExecuteCommand(const std::string &udid, const std::shared_ptr &command); + + /** + * @brief Add a command to buffer. + * + * @param udid The udid of a device which you want to execute on. + * @param command A command extend BaseRemoteCommand. + * @return The add result, returned from RemoteCommandExecutor. by now, SUCCESS: 0. INVALID_COMMAND: -14 + * @see RemoteCommandExecutor.AddCommand + * @since 1.0 + * @version 1.0 + */ + int AddCommand(const std::string &udid, const std::shared_ptr &command); + + /** + * @brief Execute all buffered commands for given device. + * + * @param udid The udid of a device which you want to execute on. + * @return The execute result. SUCCESS: 0; FAILURE: -1. + * @see RemoteCommandExecutor.ProcessBufferedCommands + * @since 1.0 + * @version 1.0 + */ + int ProcessDeviceCommandImmediately(const std::string &udid); + + /** + * @brief Execute all buffered commands for all device asynchronized. + * + * @return The loop result. SUCCESS: 0. + * @see RemoteCommandExecutor.ProcessBufferedCommandsWithThread + * @since 1.0 + * @version 1.0 + */ + int Loop(); + + /** + * @brief Clear buffered commands. + * + * @since 1.0 + * @version 1.0 + */ + void Clear(); + + /** + * @brief Remove a command from buffer. + * + * @param udid The udid of a device which you want to remove. + */ + void RemoveCommand(const std::string &udid); + + /** + * @brief For event of device online, prepare channel and build connection with peer device. + * + * @param peerNodeId The udid of peer device. + * @return Result code indicates if notify successfully. SUCCESS: 0, FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int NotifyDeviceOnline(const std::string &peerNodeId); + + /** + * @brief For event of device offline, clean caches related to peer device. + * + * @param peerNodeId The peer device's nodeId, maybe uuid or udid . + * @return Result code indicates if notify successfully. SUCCESS: 0, FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int NotifyDeviceOffline(const std::string &peerNodeId); + + /** + * @brief Get remote command executor's channel for given nodeId. + * + * @param nodeId The peer device's nodeId, maybe uuid or udid or networkId. + * @return Channel instance if remote command executor has been created, null otherwise. + */ + std::shared_ptr GetExecutorChannel(const std::string &nodeId); + +private: + RemoteCommandManager(); + + // executors buffer + std::map> executors_; + // executors buffer mutex + std::mutex mutex_; + + /** + * @brief Fetch a executor from executors buffer. If not found, create one and cache it to buffer. + * + * @param nodeId The udid of a device which you want to get executor. + * @see void + * @since 1.0 + * @version 1.0 + */ + std::shared_ptr GetOrCreateRemoteCommandExecutor(const std::string &nodeId); +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif diff --git a/services/tokensyncmanager/include/remote/rpc_channel.h b/services/tokensyncmanager/include/remote/rpc_channel.h new file mode 100644 index 000000000..c8f61456a --- /dev/null +++ b/services/tokensyncmanager/include/remote/rpc_channel.h @@ -0,0 +1,80 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef RPC_CHANNEL_H +#define RPC_CHANNEL_H + +namespace OHOS { +namespace Security { +namespace AccessToken { +/* + * Channel used for communicate with peer devices. + */ +class RpcChannel { +public: + /** + * @brief Build connection with peer device. + * + * @return Result code represent if build successfully. 0 indicates success, -1 indicates failure. + * @since 1.0 + * @version 1.0 + */ + virtual int BuildConnection() = 0; + + /** + * @brief Execute BaseRemoteCommand at peer device. + * + * @param commandName The name of Command. + * @param jsonPayload The json payload of command. + * @return Executed result response string. + * @since 1.0 + * @version 1.0 + */ + virtual std::string ExecuteCommand(const std::string &commandName, const std::string &jsonPayload) = 0; + + /** + * @brief Handle data received. This interface only use for soft bus channel. + * + * @param session Session with peer device. + * @param bytes Data sent from the peer device. + * @param length Data length sent from the peer device. + * @since 1.0 + * @version 1.0 + */ + virtual void HandleDataReceived(int session, const unsigned char *bytes, int length) + {} + + /** + * @brief Close rpc connection when no data is being transmitted. + * + * @since 1.0 + * @version 1.0 + */ + virtual void CloseConnection() + {} + + /** + * @brief Release resources when the device offline. + * + * @since 1.0 + * @version 1.0 + */ + virtual void Release() {}; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif \ No newline at end of file diff --git a/services/tokensyncmanager/include/remote/soft_bus_channel.h b/services/tokensyncmanager/include/remote/soft_bus_channel.h new file mode 100644 index 000000000..f7e52e79e --- /dev/null +++ b/services/tokensyncmanager/include/remote/soft_bus_channel.h @@ -0,0 +1,365 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SOFT_BUS_CHANNEL_H +#define SOFT_BUS_CHANNEL_H + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "accesstoken_log.h" +#include "nlohmann/json.hpp" +#include "rpc_channel.h" +#include "session.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SoftBusChannel final : public RpcChannel, public std::enable_shared_from_this { +public: + SoftBusChannel(const std::string &deviceId); + virtual ~SoftBusChannel(); + + /** + * @brief Build connection with peer device. + * + * @return Result code, 0 indicated build successfully, -1 indicates failure. + * @since 1.0 + * @version 1.0 + * @see Release + */ + int BuildConnection() override; + + /** + * @brief Execute BaseRemoteCommand at peer device. + * + * @param commandName The name of Command. + * @param jsonPayload The json payload of command. + * @return Executed result response string. + * @since 1.0 + * @version 1.0 + */ + std::string ExecuteCommand(const std::string &commandName, const std::string &jsonPayload) override; + + /** + * @brief Handle data received. This interface only use for soft bus channel. + * + * @param session Session with peer device. + * @param bytes Data sent from the peer device. + * @param length Data length sent from the peer device. + * @since 1.0 + * @version 1.0 + */ + void HandleDataReceived(int session, const unsigned char *bytes, int length) override; + + /** + * @brief Close rpc connection when no data is being transmitted. it will run in a delayed task. + * + * @since 1.0 + * @version 1.0 + */ + void CloseConnection() override; + + /** + * @brief Release resources when the device offline. + * + * @since 1.0 + * @version 1.0 + */ + void Release() override; + +private: + /** + * @brief compress json command to char array command. + * + * @param type request or response + * @param id unique message id + * @param commandName command name + * @param jsonPayload command notated by json string + * @param bytes transfer data array + * @param bytesLength transfer data length + * @return The execute result, SUCCESS: 0; FAILURE: -1. + * @see Compress + * @since 1.0 + * @version 1.0 + */ + int PrepareBytes(const std::string &type, const std::string &id, const std::string &commandName, + const std::string &jsonPayload, const unsigned char *bytes, int &bytesLength); + + /** + * @brief compress string to char array. + * + * @param json string to be compressed + * @param compressedBytes compressed data array + * @param compressedLength compressed data length + * @return The execute result, SUCCESS: 0; FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int Compress(const std::string &json, const unsigned char *compressedBytes, int &compressedLength); + + /** + * @brief decompress char array to string. + * + * @param bytes compressed data array + * @param length compressed data length + * @return decompressed string + * @since 1.0 + * @version 1.0 + */ + std::string Decompress(const unsigned char *bytes, const int length); + + /** + * @brief transfer request data to soft bus. + * + * @param bytes data array to transfer + * @param bytesLength data length + * @return The execute result, SUCCESS: 0; FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int SendRequestBytes(const unsigned char *bytes, const int bytesLength); + + /** + * @brief transfer response data to soft bus. + * + * @param session response session id + * @param bytes data array to transfer + * @param bytesLength data length + * @return The execute result, SUCCESS: 0; FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int SendResponseBytes(int session, const unsigned char *bytes, const int bytesLength); + + /** + * @brief enforce session is available. if session is opened, reopen it. + * + * @return The execute result, SUCCESS: 0; FAILURE: -1. + * @since 1.0 + * @version 1.0 + */ + int CheckSessionMayReopenLocked(); + + /** + * @brief check session is available. + * + * @return The execute result, available: true, otherwise: false. + * @since 1.0 + * @version 1.0 + */ + bool IsSessionAvailable(); + + /** + * @brief cancel closing connection. + * + * @since 1.0 + * @version 1.0 + */ + void CancelCloseConnectionIfNeeded(); + + /** + * @brief request callback for HandleDataReceived + * + * @param id unique message id + * @param commandName command name + * @param jsonPayload command notated by json string + * @return decompressed string + * @see HandleDataReceived + * @since 1.0 + * @version 1.0 + */ + void HandleRequest( + int session, const std::string &id, const std::string &commandName, const std::string &jsonPayload); + + /** + * @brief response callback for HandleDataReceived + * + * @param id unique message id + * @param jsonPayload command notated by json string + * @return decompressed string + * @see HandleDataReceived + * @since 1.0 + * @version 1.0 + */ + void HandleResponse(const std::string &id, const std::string &jsonPayload); + + /** + * @brief temp function to generate uuid. + * + * @param buf uuid string + * @param bufSize uuid string size + * @since 1.0 + * @version 1.0 + */ + void random_uuid(char buf[37], int bufSize) + { + const int xbase = 15; + const int bbase = 255; + const int index6 = 6; + const int index8 = 8; + const int index3 = 3; + const int index5 = 5; + const int index7 = 7; + const int index9 = 9; + const int blen = 2; + const int uuidlen = 16; + const char *c = "89ab"; + char *p = buf; + int n; + + for (n = 0; n < uuidlen; ++n) { + int b = rand() % bbase; + switch (n) { + case index6: + if (sprintf_s(p, bufSize, "4%x", b % xbase) < 0) { + return; + } + break; + case index8: + if (sprintf_s(p, bufSize, "%c%x", c[rand() % strlen(c)], b % xbase) < 0) { + return; + } + break; + default: + if (sprintf_s(p, bufSize, "%02x", b) < 0) { + return; + } + break; + } + p += blen; + if (n == index3 || n == index5 || n == index7 || n == index9) { + *p++ = '-'; + break; + } + } + *p = 0; + // prevent array length warning + if (p - buf == bufSize) { + return; + } + n = 0; + } + + // bind device id for this channel + std::string deviceId_; + + // channel mutex + std::mutex mutex_; + + // connection closing state. true: in closing, false: otherwise + bool isDelayClosing_; + + // soft bus session mutex + std::mutex sessionMutex_; + + // soft bus session id, -1 for invalid session id. + int session_; + + // soft bus session busy flag, true: busy, false: otherwise + bool isSessionUsing_; + + // communication callbacks map. key: unique message id, value: response callback. + std::map> callbacks_; + + // callback function arguments: response string variable + std::string responseResult_; + // callback function execute variable + std::condition_variable loadedCond_; +}; + +class SoftBusMessage { +public: + SoftBusMessage( + const std::string &type, const std::string &id, const std::string &commandName, const std::string &jsonPayload) + : type_(type), id_(id), commandName_(commandName), jsonPayload_(jsonPayload) + {} + ~SoftBusMessage() = default; + + bool IsValid() const + { + if (this->type_.empty()) { + return false; + } + if (this->id_.empty()) { + return false; + } + if (this->commandName_.empty()) { + return false; + } + return !(this->jsonPayload_.empty()); + } + + /** + * Convert SoftBusMessage object to corresponding json string. + * + * @return Soft bus message json string. + */ + std::string ToJson() const + { + nlohmann::json json; + json["type"] = this->type_; + json["id"] = this->id_; + json["commandName"] = this->commandName_; + json["jsonPayload"] = this->jsonPayload_; + return json.dump(); + } + + const std::string &GetType() const + { + return type_; + } + const std::string &GetId() const + { + return id_; + } + const std::string &GetCommandName() const + { + return commandName_; + } + const std::string &GetJsonPayload() const + { + return jsonPayload_; + } + + static std::shared_ptr FromJson(const std::string &jsonString) + { + nlohmann::json json; + if (!json.accept(jsonString)) { + return nullptr; + } + json = json.parse(jsonString); + std::shared_ptr message = std::make_shared( + json.at("type"), json.at("id"), json.at("commandName"), json.at("jsonPayload")); + return message; + } + +private: + std::string type_; + std::string id_; + std::string commandName_; + std::string jsonPayload_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + +#endif // SOFT_BUS_CHANNEL_H diff --git a/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h b/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h new file mode 100644 index 000000000..c8722cbe1 --- /dev/null +++ b/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SOFT_BUS_DEVICE_CONNECTION_LISTENER_H +#define SOFT_BUS_DEVICE_CONNECTION_LISTENER_H + +#include +#include +#include + +#include "accesstoken_log.h" +#include "device_manager_callback.h" +#include "dm_device_info.h" +#include "softbus_bus_center.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using OHOS::DistributedHardware::DeviceStateCallback; +using OHOS::DistributedHardware::DmDeviceInfo; +using OHOS::DistributedHardware::DmInitCallback; + +class MyDmInitCallback final : public DmInitCallback { + void OnRemoteDied() override + {} +}; + +class SoftBusDeviceConnectionListener final : public DeviceStateCallback { +public: + SoftBusDeviceConnectionListener(); + ~SoftBusDeviceConnectionListener(); + + /** + * @brief node online callback + * + * @param deviceInfo node info + */ + void OnDeviceOnline(const DmDeviceInfo &deviceInfo) override; + + /** + * @brief node offline callback + * + * @param deviceInfo node info + */ + void OnDeviceOffline(const DmDeviceInfo &deviceInfo) override; + + /** + * @brief node ready callback + * + * @param deviceInfo node info + */ + void OnDeviceReady(const DmDeviceInfo &deviceInfo) override; + + /** + * @brief node changed callback + * + * @param deviceInfo node info + */ + void OnDeviceChanged(const DmDeviceInfo &deviceInfo) override; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif diff --git a/services/tokensyncmanager/include/remote/soft_bus_manager.h b/services/tokensyncmanager/include/remote/soft_bus_manager.h index d7ab6e7e3..0cbfd84ea 100644 --- a/services/tokensyncmanager/include/remote/soft_bus_manager.h +++ b/services/tokensyncmanager/include/remote/soft_bus_manager.h @@ -19,13 +19,15 @@ #include #include #include -#include #include #include #include "accesstoken_log.h" -#include "rwlock.h" +#include "device_manager.h" +#include "remote_command_executor.h" #include "session.h" +#include "soft_bus_device_connection_listener.h" +#include "soft_bus_session_listener.h" namespace OHOS { namespace Security { @@ -33,23 +35,71 @@ namespace AccessToken { class SoftBusManager final { public: virtual ~SoftBusManager(); + + /** + * @brief Get instance of SoftBusManager + * + * @return SoftBusManager's instance. + * @since 1.0 + * @version 1.0 + */ static SoftBusManager &GetInstance(); + + /** + * @brief Bind soft bus service. + * + * @since 1.0 + * @version 1.0 + */ void Initialize(); + + /** + * @brief Unbind soft bus service when DPMS has been destroyed. + * + * @since 1.0 + * @version 1.0 + */ void Destroy(); - static int OnSessionOpend(int sessionId, int result); - static void OnSessionClosed(int sessionId); - static void OnBytesReceived(int sessionId, const void *data, unsigned int dataLen); - static void OnMessageReceived(int sessionId, const void *data, unsigned int dataLen); - static void isSessionRespond(int sessionId); + /** + * @brief Open session with the peer device sychronized. + * + * @param deviceUdid The udid of peer device. + * @return Session id if open successfully, otherwise return -1(Constant::FAILURE). + * @since 1.0 + * @version 1.0 + */ + int OpenSession(const std::string &deviceUdid); - void InsertSessionRespondStatus(int sessionId); - bool IsSessionRespond(int sessionId); - int32_t SendRequest(); - bool IsSessionWaitingOpen(int sessionId); - bool IsSessionOpen(int sessionId); - void ModifySessionStatus(int sessionId); - void SetSessionWaitingOpen(int sessionId); + /** + * @brief Close session with the peer device. + * + * @param session The session id need to close. + * @return 0 if close successfully, otherwise return -1(Constant::FAILURE). + * @since 1.0 + * @version 1.0 + */ + int CloseSession(int sessionId); + + /** + * @brief Get UUID(networkId) by deviceNodeId. + * + * @param deviceNodeId The valid networkId or deviceId(UDID) or deviceUuid. + * @return uuid if deviceManager is ready, empty string otherwise. + * @since 1.0 + * @version 1.0 + */ + std::string GetUniversallyUniqueIdByNodeId(const std::string &deviceNodeId); + + /** + * @brief Get deviceId(UDID) by deviceNodeId. + * + * @param deviceNodeId The valid networkId or deviceId(UDID) or deviceUuid. + * @return udid if deviceManager work correctly, empty string otherwise. + * @since 1.0 + * @version 1.0 + */ + std::string GetUniqueDisabilityIdByNodeId(const std::string &deviceNodeId); public: static const std::string SESSION_NAME; @@ -57,7 +107,18 @@ public: private: SoftBusManager(); - static const std::string ACCESS_TOKEN_PACKAGE_NAME; + /** + * @brief Fulfill local device info + * + * @return 0 if operate successfully, otherwise return -1(Constant::FAILURE). + * @since 1.0 + * @version 1.0 + */ + int FulfillLocalDeviceInfo(); + std::string GetUuidByNodeId(const std::string &nodeId) const; + std::string GetUdidByNodeId(const std::string &nodeId) const; + + const static std::string ACCESS_TOKEN_PACKAGE_NAME; // soft bus session server opened flag bool isSoftBusServiceBindSuccess_; @@ -66,8 +127,8 @@ private: // init mutex std::mutex mutex_; - OHOS::Utils::RWLock sessIdLock_; - std::set sessOpenSet_; + // fulfill thread mutex + std::mutex fulfillMutex_; }; } // namespace AccessToken } // namespace Security diff --git a/services/tokensyncmanager/include/remote/soft_bus_session_listener.h b/services/tokensyncmanager/include/remote/soft_bus_session_listener.h new file mode 100644 index 000000000..1b0a1f69a --- /dev/null +++ b/services/tokensyncmanager/include/remote/soft_bus_session_listener.h @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SOFT_BUS_SESSION_LISTENER_H +#define SOFT_BUS_SESSION_LISTENER_H + +#include +#include +#include + +#include "accesstoken_log.h" +#include "session.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class SoftBusSessionListener final { +public: + /** + * @brief Called when a session is opened. + * + * This function can be used to verify the session or initialize resources related to the session. + * + * @param sessionId Indicates the session ID. + * @param result 0 if the session is opened successfully, returns an error code otherwise. + * @return Returns 0 if the session connection is accepted; returns a non-zero value + * otherwise (you do not need to call {@link CloseSession} to close the session). + * @since 1.0 + * @version 1.0 + */ + static int32_t OnSessionOpened(int32_t sessionId, int32_t result); + + /** + * @brief Called when a session is closed. + * + * This function can be used to release resources related to the session. + * You do not need to call {@link CloseSession}. + * + * @param sessionId Indicates the session ID. + * @since 1.0 + * @version 1.0 + */ + static void OnSessionClosed(int32_t sessionId); + + /** + * @brief Called when data is received. + * + * This function is used to notify that data is received. + * + * @param sessionId Indicates the session ID. + * @param data Indicates the pointer to the data received. + * @param dataLen Indicates the length of the data received. + * @since 1.0 + * @version 1.0 + */ + static void OnMessageReceived(int32_t sessionId, const void *data, uint32_t dataLen); + + /** + * @brief Called when message is received. + * + * This function is used to notify that message is received. + * + * @param sessionId Indicates the session ID. + * @param data Indicates the pointer to the message data received. + * @param dataLen Indicates the length of the message received. + * @since 1.0 + * @version 1.0 + */ + static void OnBytesReceived(int32_t sessionId, const void *data, uint32_t dataLen); + + /** + * @brief get the state of a session. + * + * This function is used to verify that session is opened. + * + * @param sessionId Indicates the session ID. + * @return -2: sessionId not used, -1: session is in opening, greater than 0: session is opened. + * @since 1.0 + * @version 1.0 + */ + static int64_t GetSessionState(int32_t sessionId); + + static void DeleteSessionIdFromMap(int32_t sessionId); + + static const int64_t STATE_OPENING = -1; + static const int64_t STATE_NOTFOUND = -2; + +private: + /** + * key: sessionId, value: status. + * status: -1: opening, >0: opened timestamp + */ + static std::map g_SessionOpenedMap_; + /** + * mutex for map + */ + static std::mutex g_SessionMutex_; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // SOFT_BUS_SESSION_LISTENER_H diff --git a/services/tokensyncmanager/include/service/token_sync_event_handler.h b/services/tokensyncmanager/include/service/token_sync_event_handler.h new file mode 100644 index 000000000..f9a0caf36 --- /dev/null +++ b/services/tokensyncmanager/include/service/token_sync_event_handler.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKEN_SYNC_EVENT_HANDLER_H +#define TOKEN_SYNC_EVENT_HANDLER_H + +#include + +#include "event_handler.h" +#include "event_runner.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class TokenSyncEventHandler : public AppExecFwk::EventHandler { +public: + TokenSyncEventHandler(const std::shared_ptr &runner); + virtual ~TokenSyncEventHandler(); + + bool ProxyPostTask(const Callback &callback, int64_t delayTime); + + bool ProxyPostTask(const Callback &callback, const std::string &name = std::string(), int64_t delayTime = 0); + + void ProxyRemoveTask(const std::string &name); + +private: +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // TOKEN_SYNC_EVENT_HANDLER_H diff --git a/services/tokensyncmanager/src/service/tokensync_manager_service.h b/services/tokensyncmanager/include/service/token_sync_manager_service.h similarity index 56% rename from services/tokensyncmanager/src/service/tokensync_manager_service.h rename to services/tokensyncmanager/include/service/token_sync_manager_service.h index 9af5026e9..620989974 100644 --- a/services/tokensyncmanager/src/service/tokensync_manager_service.h +++ b/services/tokensyncmanager/include/service/token_sync_manager_service.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,16 +13,19 @@ * limitations under the License. */ -#ifndef TOKENSYNC_MANAGER_SERVICE_H -#define TOKENSYNC_MANAGER_SERVICE_H +#ifndef TOKEN_SYNC_MANAGER_SERVICE_H +#define TOKEN_SYNC_MANAGER_SERVICE_H #include +#include "event_handler.h" +#include "hap_token_info_for_sync_parcel.h" #include "iremote_object.h" #include "nocopyable.h" #include "singleton.h" #include "system_ability.h" -#include "tokensync_manager_stub.h" +#include "token_sync_event_handler.h" +#include "token_sync_manager_stub.h" namespace OHOS { namespace Security { @@ -36,14 +39,22 @@ public: void OnStart() override; void OnStop() override; - int VerifyPermission(const std::string& bundleName, const std::string& permissionName, int userId) override; + std::shared_ptr GetSendEventHandler(); + std::shared_ptr GetRecvEventHandler(); + int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) override; + int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) override; + int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) override; private: - bool Initialize() const; + bool Initialize(); + std::shared_ptr sendRunner_; + std::shared_ptr recvRunner_; + std::shared_ptr sendHandler_; + std::shared_ptr recvHandler_; ServiceRunningState state_; }; } // namespace AccessToken } // namespace Security } // namespace OHOS -#endif // TOKENSYNC_MANAGER_SERVICE_H +#endif // TOKEN_SYNC_MANAGER_SERVICE_H diff --git a/services/tokensyncmanager/src/service/tokensync_manager_stub.h b/services/tokensyncmanager/include/service/token_sync_manager_stub.h similarity index 70% rename from services/tokensyncmanager/src/service/tokensync_manager_stub.h rename to services/tokensyncmanager/include/service/token_sync_manager_stub.h index a8d530d2e..f16fd8dd7 100644 --- a/services/tokensyncmanager/src/service/tokensync_manager_stub.h +++ b/services/tokensyncmanager/include/service/token_sync_manager_stub.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,11 +13,10 @@ * limitations under the License. */ -#ifndef TOKENSYNC_MANAGER_STUB_H -#define TOKENSYNC_MANAGER_STUB_H - -#include "i_tokensync_manager.h" +#ifndef TOKEN_SYNC_MANAGER_STUB_H +#define TOKEN_SYNC_MANAGER_STUB_H +#include "i_token_sync_manager.h" #include "iremote_stub.h" #include "nocopyable.h" @@ -32,9 +31,11 @@ public: int OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& options) override; private: - void VerifyPermissionInner(MessageParcel& data, MessageParcel& reply); + void GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); + void UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); }; } // namespace AccessToken } // namespace Security } // namespace OHOS -#endif // TOKENSYNC_MANAGER_STUB_H +#endif // TOKEN_SYNC_MANAGER_STUB_H diff --git a/services/tokensyncmanager/src/command/base_remote_command.cpp b/services/tokensyncmanager/src/command/base_remote_command.cpp new file mode 100644 index 000000000..c6aaf74b6 --- /dev/null +++ b/services/tokensyncmanager/src/command/base_remote_command.cpp @@ -0,0 +1,259 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "base_remote_command.h" + +#include "accesstoken_log.h" +#include "data_validator.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "BaseRemoteCommand"}; +} + +void BaseRemoteCommand::FromRemoteProtocolJson(const nlohmann::json& jsonObject) +{ + if (jsonObject.find("commandName") != jsonObject.end() && jsonObject.at("commandName").is_string()) { + remoteProtocol_.commandName = jsonObject.at("commandName").get(); + } + if (jsonObject.find("uniqueId") != jsonObject.end() && jsonObject.at("uniqueId").is_string()) { + remoteProtocol_.uniqueId = jsonObject.at("uniqueId").get(); + } + if (jsonObject.find("requestVersion") != jsonObject.end() && jsonObject.at("requestVersion").is_number()) { + remoteProtocol_.requestVersion = jsonObject.at("requestVersion").get(); + } + if (jsonObject.find("srcDeviceId") != jsonObject.end() && jsonObject.at("srcDeviceId").is_string()) { + remoteProtocol_.srcDeviceId = jsonObject.at("srcDeviceId").get(); + } + if (jsonObject.find("srcDeviceLevel") != jsonObject.end() && jsonObject.at("srcDeviceLevel").is_string()) { + remoteProtocol_.srcDeviceLevel = jsonObject.at("srcDeviceLevel").get(); + } + if (jsonObject.find("dstDeviceId") != jsonObject.end() && jsonObject.at("dstDeviceId").is_string()) { + remoteProtocol_.dstDeviceId = jsonObject.at("dstDeviceId").get(); + } + if (jsonObject.find("dstDeviceLevel") != jsonObject.end() && jsonObject.at("dstDeviceLevel").is_string()) { + remoteProtocol_.dstDeviceLevel = jsonObject.at("dstDeviceLevel").get(); + } + if (jsonObject.find("statusCode") != jsonObject.end() && jsonObject.at("statusCode").is_number()) { + remoteProtocol_.statusCode = jsonObject.at("statusCode").get(); + } + if (jsonObject.find("message") != jsonObject.end() && jsonObject.at("message").is_string()) { + remoteProtocol_.message = jsonObject.at("message").get(); + } + if (jsonObject.find("responseVersion") != jsonObject.end() && jsonObject.at("responseVersion").is_number()) { + remoteProtocol_.responseVersion = jsonObject.at("responseVersion").get(); + } + if (jsonObject.find("responseDeviceId") != jsonObject.end() && jsonObject.at("responseDeviceId").is_string()) { + remoteProtocol_.responseDeviceId = jsonObject.at("responseDeviceId").get(); + } +} + +nlohmann::json BaseRemoteCommand::ToRemoteProtocolJson() +{ + nlohmann::json j; + j["commandName"] = remoteProtocol_.commandName; + j["uniqueId"] = remoteProtocol_.uniqueId; + j["requestVersion"] = remoteProtocol_.requestVersion; + j["srcDeviceId"] = remoteProtocol_.srcDeviceId; + j["srcDeviceLevel"] = remoteProtocol_.srcDeviceLevel; + j["dstDeviceId"] = remoteProtocol_.dstDeviceId; + j["dstDeviceLevel"] = remoteProtocol_.dstDeviceLevel; + j["statusCode"] = remoteProtocol_.statusCode; + j["message"] = remoteProtocol_.message; + j["responseVersion"] = remoteProtocol_.responseVersion; + j["responseDeviceId"] = remoteProtocol_.responseDeviceId; + return j; +} + +nlohmann::json BaseRemoteCommand::ToNativeTokenInfoJson(const NativeTokenInfo& tokenInfo) +{ + nlohmann::json DcapsJson = nlohmann::json(tokenInfo.dcap); + nlohmann::json nativeTokenJson = nlohmann::json { + {"processName", tokenInfo.processName}, + {"apl", tokenInfo.apl}, + {"version", tokenInfo.ver}, + {"tokenId", tokenInfo.tokenID}, + {"tokenAttr", tokenInfo.tokenAttr}, + {"dcaps", DcapsJson}, + }; + return nativeTokenJson; +} + +void BaseRemoteCommand::ToPermStateJson(nlohmann::json& permStateJson, const PermissionStateFull& state) +{ + if (state.resDeviceID.size() != state.grantStatus.size() || state.resDeviceID.size() != state.grantFlags.size()) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "state grant config size is invalid"); + return; + } + nlohmann::json permConfigsJson; + int size = state.resDeviceID.size(); + for (int i = 0; i < size; i++) { + nlohmann::json permConfigJson = nlohmann::json { + {"resDeviceID", state.resDeviceID[i]}, + {"grantStatus", state.grantStatus[i]}, + {"grantFlags", state.grantFlags[i]}, + }; + permConfigsJson.emplace_back(permConfigJson); + } + + permStateJson["permissionName"] = state.permissionName; + permStateJson["isGeneral"] = state.isGeneral; + permStateJson["grantConfig"] = permConfigsJson; +} + +nlohmann::json BaseRemoteCommand::ToHapTokenInfosJson(const HapTokenInfoForSync& tokenInfo) +{ + nlohmann::json permStatesJson; + for (auto& permState : tokenInfo.permStateList) { + nlohmann::json permStateJson; + ToPermStateJson(permStateJson, permState); + permStatesJson.emplace_back(permStateJson); + } + + nlohmann::json hapTokensJson = nlohmann::json { + {"version", tokenInfo.baseInfo.ver}, + {"tokenID", tokenInfo.baseInfo.tokenID}, + {"tokenAttr", tokenInfo.baseInfo.tokenAttr}, + {"userID", tokenInfo.baseInfo.userID}, + {"bundleName", tokenInfo.baseInfo.bundleName}, + {"instIndex", tokenInfo.baseInfo.instIndex}, + {"appID", tokenInfo.baseInfo.appID}, + {"deviceID", tokenInfo.baseInfo.deviceID}, + {"apl", tokenInfo.baseInfo.apl}, + {"permState", permStatesJson} + }; + return hapTokensJson; +} + +void BaseRemoteCommand::FromHapTokenBasicInfoJson(const nlohmann::json& hapTokenJson, + HapTokenInfo& hapTokenBasicInfo) +{ + if (hapTokenJson.find("version") != hapTokenJson.end() && hapTokenJson.at("version").is_number()) { + hapTokenJson.at("version").get_to(hapTokenBasicInfo.ver); } + if (hapTokenJson.find("tokenID") != hapTokenJson.end() && hapTokenJson.at("tokenID").is_number()) { + hapTokenJson.at("tokenID").get_to(hapTokenBasicInfo.tokenID); + } + if (hapTokenJson.find("tokenAttr") != hapTokenJson.end() && hapTokenJson.at("tokenAttr").is_number()) { + hapTokenJson.at("tokenAttr").get_to(hapTokenBasicInfo.tokenAttr); + } + if (hapTokenJson.find("userID") != hapTokenJson.end() && hapTokenJson.at("userID").is_number()) { + hapTokenJson.at("userID").get_to(hapTokenBasicInfo.userID); + } + if (hapTokenJson.find("bundleName") != hapTokenJson.end() && hapTokenJson.at("bundleName").is_string()) { + hapTokenJson.at("bundleName").get_to(hapTokenBasicInfo.bundleName); + } + if (hapTokenJson.find("instIndex") != hapTokenJson.end() && hapTokenJson.at("instIndex").is_number()) { + hapTokenJson.at("instIndex").get_to(hapTokenBasicInfo.instIndex); + } + if (hapTokenJson.find("appID") != hapTokenJson.end() && hapTokenJson.at("appID").is_string()) { + hapTokenJson.at("appID").get_to(hapTokenBasicInfo.appID); + } + if (hapTokenJson.find("deviceID") != hapTokenJson.end() && hapTokenJson.at("deviceID").is_string()) { + hapTokenJson.at("deviceID").get_to(hapTokenBasicInfo.deviceID); + } + if (hapTokenJson.find("apl") != hapTokenJson.end() && hapTokenJson.at("apl").is_number()) { + int apl = hapTokenJson.at("apl").get(); + if (DataValidator::IsAplNumValid(apl)) { + hapTokenBasicInfo.apl = (ATokenAplEnum)apl; + } + } +} + +void BaseRemoteCommand::FromPermStateListJson(const nlohmann::json& hapTokenJson, + std::vector& permStateList) +{ + if (hapTokenJson.find("permState") != hapTokenJson.end() + && hapTokenJson.at("permState").is_array() + && hapTokenJson.at("permState").size() > 0) { + nlohmann::json permissionsJson = hapTokenJson.at("permState").get(); + for (auto permissionJson : permissionsJson) { + PermissionStateFull permission; + if (permissionJson.find("permissionName") == permissionJson.end() + || !permissionJson.at("permissionName").is_string() + || permissionJson.find("isGeneral") == permissionJson.end() + || !permissionJson.at("isGeneral").is_boolean() + || permissionJson.find("grantConfig") == permissionJson.end() + || !permissionJson.at("grantConfig").is_array() + || permissionJson.at("grantConfig").size() == 0) { + continue; + } + permissionJson.at("permissionName").get_to(permission.permissionName); + permissionJson.at("isGeneral").get_to(permission.isGeneral); + nlohmann::json grantConfigsJson = permissionJson.at("grantConfig").get(); + for (auto grantConfigJson :grantConfigsJson) { + if (grantConfigJson.find("resDeviceID") == grantConfigJson.end() + || !grantConfigJson.at("resDeviceID").is_string() + || grantConfigJson.find("grantStatus") == grantConfigJson.end() + || !grantConfigJson.at("grantStatus").is_number() + || grantConfigJson.find("grantFlags") == grantConfigJson.end() + || !grantConfigJson.at("grantFlags").is_number()) { + continue; + } + std::string deviceID; + grantConfigJson.at("resDeviceID").get_to(deviceID); + int grantStatus; + grantConfigJson.at("grantStatus").get_to(grantStatus); + int grantFlags; + grantConfigJson.at("grantFlags").get_to(grantFlags); + permission.resDeviceID.emplace_back(deviceID); + permission.grantStatus.emplace_back(grantStatus); + permission.grantFlags.emplace_back(grantFlags); + } + permStateList.emplace_back(permission); + } + } +} + +void BaseRemoteCommand::FromHapTokenInfoJson(const nlohmann::json& hapTokenJson, + HapTokenInfoForSync& hapTokenInfo) +{ + FromHapTokenBasicInfoJson(hapTokenJson, hapTokenInfo.baseInfo); + if (hapTokenInfo.baseInfo.tokenID == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "Hap token basic info is error."); + return; + } + FromPermStateListJson(hapTokenJson, hapTokenInfo.permStateList); +} + +void BaseRemoteCommand::FromNativeTokenInfoJson(const nlohmann::json& nativeTokenJson, + NativeTokenInfo& nativeTokenInfo) +{ + if (nativeTokenJson.find("processName") != nativeTokenJson.end() && nativeTokenJson.at("processName").is_string()) { + nativeTokenInfo.processName = nativeTokenJson.at("processName").get(); + } + if (nativeTokenJson.find("apl") != nativeTokenJson.end() && nativeTokenJson.at("apl").is_number()) { + int apl = nativeTokenJson.at("apl").get(); + if (DataValidator::IsAplNumValid(apl)) { + nativeTokenInfo.apl = (ATokenAplEnum)apl; + } + } + if (nativeTokenJson.find("version") != nativeTokenJson.end() && nativeTokenJson.at("version").is_number()) { + nativeTokenInfo.ver = nativeTokenJson.at("version").get(); + } + if (nativeTokenJson.find("tokenId") != nativeTokenJson.end() && nativeTokenJson.at("tokenId").is_number()) { + nativeTokenInfo.tokenID = nativeTokenJson.at("tokenId").get(); + } + if (nativeTokenJson.find("tokenAttr") != nativeTokenJson.end() && nativeTokenJson.at("tokenAttr").is_number()) { + nativeTokenInfo.tokenAttr = nativeTokenJson.at("tokenAttr").get(); + } + if (nativeTokenJson.find("dcaps") != nativeTokenJson.end() && nativeTokenJson.at("dcaps").is_array() + && nativeTokenJson.at("dcaps").size() > 0 && (nativeTokenJson.at("dcaps"))[0].is_string()) { + nativeTokenInfo.dcap = nativeTokenJson.at("dcaps").get>(); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/command/delete_remote_token_command.cpp b/services/tokensyncmanager/src/command/delete_remote_token_command.cpp new file mode 100644 index 000000000..65a3c04af --- /dev/null +++ b/services/tokensyncmanager/src/command/delete_remote_token_command.cpp @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "delete_remote_token_command.h" + +#include "accesstoken_kit.h" +#include "accesstoken_log.h" +#include "base_remote_command.h" +#include "device_info.h" +#include "device_info_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "DeleteRemoteTokenCommand"}; +} + +DeleteRemoteTokenCommand::DeleteRemoteTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, AccessTokenID deleteID) + : deleteTokenId_(deleteID) +{ + remoteProtocol_.commandName = COMMAND_NAME; + remoteProtocol_.uniqueId = COMMAND_NAME; + remoteProtocol_.srcDeviceId = srcDeviceId; + remoteProtocol_.dstDeviceId = dstDeviceId; + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + remoteProtocol_.requestVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; +} + +DeleteRemoteTokenCommand::DeleteRemoteTokenCommand(const std::string& json) +{ + nlohmann::json jsonObject = nlohmann::json::parse(json, nullptr, false); + BaseRemoteCommand::FromRemoteProtocolJson(jsonObject); + + if (jsonObject.find("tokenId") != jsonObject.end() && jsonObject.at("tokenId").is_number()) { + deleteTokenId_ = jsonObject.at("tokenId").get(); + } +} + +std::string DeleteRemoteTokenCommand::ToJsonPayload() +{ + nlohmann::json j = BaseRemoteCommand::ToRemoteProtocolJson(); + j["tokenId"] = deleteTokenId_; + return j.dump(); +} + +void DeleteRemoteTokenCommand::Prepare() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + ACCESSTOKEN_LOG_DEBUG(LABEL, "end as: DeleteRemoteTokenCommand"); +} + +void DeleteRemoteTokenCommand::Execute() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "execute: start as: DeleteRemoteTokenCommand"); + remoteProtocol_.responseDeviceId = Constant::GetLocalDeviceId(); + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + + DeviceInfo devInfo; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(remoteProtocol_.srcDeviceId, + DeviceIdType::UNKNOWN, devInfo); + if (!result) { + ACCESSTOKEN_LOG_INFO(LABEL, "error: get remote networkId failed"); + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + return; + } + + std::string networkID = devInfo.deviceId.networkId; + int ret = AccessTokenKit::DeleteRemoteToken(networkID, deleteTokenId_); + if (ret != RET_SUCCESS) { + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + remoteProtocol_.message = Constant::COMMAND_RESULT_FAILED; + } else { + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "execute: end as: DeleteRemoteTokenCommand"); +} + +void DeleteRemoteTokenCommand::Finish() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + ACCESSTOKEN_LOG_INFO(LABEL, "Finish: end as: DeleteUidPermissionCommand"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/tokensyncmanager/src/command/sync_remote_hap_token_command.cpp b/services/tokensyncmanager/src/command/sync_remote_hap_token_command.cpp new file mode 100644 index 000000000..fde09adb0 --- /dev/null +++ b/services/tokensyncmanager/src/command/sync_remote_hap_token_command.cpp @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sync_remote_hap_token_command.h" + +#include "accesstoken_kit.h" +#include "accesstoken_log.h" +#include "base_remote_command.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SyncRemoteHapTokenCommand"}; +} + +SyncRemoteHapTokenCommand::SyncRemoteHapTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, AccessTokenID id) : requestTokenId_(id) +{ + remoteProtocol_.commandName = COMMAND_NAME; + remoteProtocol_.uniqueId = COMMAND_NAME; + remoteProtocol_.srcDeviceId = srcDeviceId; + remoteProtocol_.dstDeviceId = dstDeviceId; + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + remoteProtocol_.requestVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + hapTokenInfo_.baseInfo.apl = APL_NORMAL; + hapTokenInfo_.baseInfo.appID = ""; + hapTokenInfo_.baseInfo.bundleName = ""; + hapTokenInfo_.baseInfo.deviceID = ""; + hapTokenInfo_.baseInfo.instIndex = 0; + hapTokenInfo_.baseInfo.tokenAttr = 0; + hapTokenInfo_.baseInfo.tokenID = 0; + hapTokenInfo_.baseInfo.userID = 0; + hapTokenInfo_.baseInfo.ver = DEFAULT_TOKEN_VERSION; +} + +SyncRemoteHapTokenCommand::SyncRemoteHapTokenCommand(const std::string &json) +{ + nlohmann::json jsonObject = nlohmann::json::parse(json, nullptr, false); + BaseRemoteCommand::FromRemoteProtocolJson(jsonObject); + if (jsonObject.find("requestTokenId") != jsonObject.end() && jsonObject.at("requestTokenId").is_number()) { + jsonObject.at("requestTokenId").get_to(requestTokenId_); + } + + if (jsonObject.find("HapTokenInfo") != jsonObject.end()) { + nlohmann::json hapTokenJson = jsonObject.at("HapTokenInfo").get(); + BaseRemoteCommand::FromHapTokenInfoJson(hapTokenJson, hapTokenInfo_); + } +} + +std::string SyncRemoteHapTokenCommand::ToJsonPayload() +{ + nlohmann::json j = BaseRemoteCommand::ToRemoteProtocolJson(); + j["requestTokenId"] = requestTokenId_; + j["HapTokenInfo"] = BaseRemoteCommand::ToHapTokenInfosJson(hapTokenInfo_); + return j.dump(); +} + +void SyncRemoteHapTokenCommand::Prepare() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + ACCESSTOKEN_LOG_DEBUG(LABEL, " end as: SyncRemoteHapTokenCommand"); +} + +void SyncRemoteHapTokenCommand::Execute() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "execute: start as: SyncRemoteHapTokenCommand"); + remoteProtocol_.responseDeviceId = Constant::GetLocalDeviceId(); + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + + int ret = AccessTokenKit::GetHapTokenInfoFromRemote(requestTokenId_, hapTokenInfo_); + if (ret != RET_SUCCESS) { + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + remoteProtocol_.message = Constant::COMMAND_RESULT_FAILED; + } else { + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "execute: end as: SyncRemoteHapTokenCommand"); +} + +void SyncRemoteHapTokenCommand::Finish() +{ + if (remoteProtocol_.statusCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Finish: end as: SyncRemoteHapTokenCommand get remote result error."); + return; + } + AccessTokenKit::SetRemoteHapTokenInfo(remoteProtocol_.dstDeviceId, hapTokenInfo_); + remoteProtocol_.statusCode = Constant::SUCCESS; + ACCESSTOKEN_LOG_INFO(LABEL, "Finish: end as: SyncRemoteHapTokenCommand"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/command/sync_remote_native_token_command.cpp b/services/tokensyncmanager/src/command/sync_remote_native_token_command.cpp new file mode 100644 index 000000000..4f45e6423 --- /dev/null +++ b/services/tokensyncmanager/src/command/sync_remote_native_token_command.cpp @@ -0,0 +1,120 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sync_remote_native_token_command.h" + +#include "accesstoken_kit.h" +#include "accesstoken_log.h" +#include "base_remote_command.h" +#include "device_info_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SyncRemoteNativeTokenCommand"}; +} + +SyncRemoteNativeTokenCommand::SyncRemoteNativeTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId) +{ + remoteProtocol_.commandName = COMMAND_NAME; + remoteProtocol_.uniqueId = COMMAND_NAME; + remoteProtocol_.srcDeviceId = srcDeviceId; + remoteProtocol_.dstDeviceId = dstDeviceId; + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + remoteProtocol_.requestVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; +} + +SyncRemoteNativeTokenCommand::SyncRemoteNativeTokenCommand(const std::string &json) +{ + nlohmann::json jsonObject = nlohmann::json::parse(json, nullptr, false); + BaseRemoteCommand::FromRemoteProtocolJson(jsonObject); + + if (jsonObject.find("NativeTokenInfos") != jsonObject.end() && jsonObject.at("NativeTokenInfos").is_array()) { + nlohmann::json nativeTokenListJson = jsonObject.at("NativeTokenInfos"); + for (auto& tokenJson : nativeTokenListJson) { + NativeTokenInfo token; + BaseRemoteCommand::FromNativeTokenInfoJson(tokenJson, token); + nativeTokenInfo_.emplace_back(token); + } + } +} + +std::string SyncRemoteNativeTokenCommand::ToJsonPayload() +{ + nlohmann::json j = BaseRemoteCommand::ToRemoteProtocolJson(); + nlohmann::json nativeTokensJson; + for (auto token : nativeTokenInfo_) { + nlohmann::json tokenJson = BaseRemoteCommand::ToNativeTokenInfoJson(token); + nativeTokensJson.emplace_back(tokenJson); + } + j["NativeTokenInfos"] = nativeTokensJson; + return j.dump(); +} + +void SyncRemoteNativeTokenCommand::Prepare() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + ACCESSTOKEN_LOG_DEBUG(LABEL, "end as: SyncRemoteNativeTokenCommand"); +} + +void SyncRemoteNativeTokenCommand::Execute() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "execute: start as: SyncRemoteNativeTokenCommand"); + remoteProtocol_.responseDeviceId = Constant::GetLocalDeviceId(); + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + + int ret = AccessTokenKit::GetAllNativeTokenInfo(nativeTokenInfo_); + if (ret != RET_SUCCESS) { + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + remoteProtocol_.message = Constant::COMMAND_RESULT_FAILED; + } else { + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "execute: end as: SyncRemoteNativeTokenCommand"); +} + +void SyncRemoteNativeTokenCommand::Finish() +{ + if (remoteProtocol_.statusCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Finish: end as: SyncRemoteHapTokenCommand get remote result error."); + return; + } + + DeviceInfo devInfo; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(remoteProtocol_.dstDeviceId, + DeviceIdType::UNKNOWN, devInfo); + if (!result) { + ACCESSTOKEN_LOG_ERROR(LABEL, "SyncRemoteNativeTokenCommand: get remote networkId failed"); + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + return; + } + int ret = AccessTokenKit::SetRemoteNativeTokenInfo(devInfo.deviceId.networkId, nativeTokenInfo_); + if (ret == RET_SUCCESS) { + remoteProtocol_.statusCode = Constant::SUCCESS; + } else { + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + } + ACCESSTOKEN_LOG_INFO(LABEL, "Finish: end as: SyncRemoteNativeTokenCommand ret %{public}d", ret); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp new file mode 100644 index 000000000..6910c984c --- /dev/null +++ b/services/tokensyncmanager/src/command/update_remote_hap_token_command.cpp @@ -0,0 +1,105 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "update_remote_hap_token_command.h" + +#include "accesstoken_kit.h" +#include "accesstoken_log.h" +#include "base_remote_command.h" +#include "device_info_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "UpdateRemoteHapTokenCommand"}; +} + +UpdateRemoteHapTokenCommand::UpdateRemoteHapTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, const HapTokenInfoForSync& tokenInfo) + : updateTokenInfo_(tokenInfo) +{ + remoteProtocol_.commandName = COMMAND_NAME; + remoteProtocol_.uniqueId = COMMAND_NAME; + remoteProtocol_.srcDeviceId = srcDeviceId; + remoteProtocol_.dstDeviceId = dstDeviceId; + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + remoteProtocol_.requestVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; +} + +UpdateRemoteHapTokenCommand::UpdateRemoteHapTokenCommand(const std::string &json) +{ + nlohmann::json jsonObject = nlohmann::json::parse(json, nullptr, false); + BaseRemoteCommand::FromRemoteProtocolJson(jsonObject); + + if (jsonObject.find("HapTokenInfos") != jsonObject.end()) { + nlohmann::json hapTokenJson = jsonObject.at("HapTokenInfos").get(); + BaseRemoteCommand::FromHapTokenInfoJson(hapTokenJson, updateTokenInfo_); + } +} + +std::string UpdateRemoteHapTokenCommand::ToJsonPayload() +{ + nlohmann::json j = BaseRemoteCommand::ToRemoteProtocolJson(); + j["HapTokenInfos"] = BaseRemoteCommand::ToHapTokenInfosJson(updateTokenInfo_); + return j.dump(); +} + +void UpdateRemoteHapTokenCommand::Prepare() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + ACCESSTOKEN_LOG_DEBUG(LABEL, "end as: UpdateRemoteHapTokenCommand"); +} + +void UpdateRemoteHapTokenCommand::Execute() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "execute: start as: UpdateRemoteHapTokenCommand"); + + remoteProtocol_.responseDeviceId = Constant::GetLocalDeviceId(); + remoteProtocol_.responseVersion = Constant::DISTRIBUTED_ACCESS_TOKEN_SERVICE_VERSION; + + DeviceInfo devInfo; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(remoteProtocol_.srcDeviceId, + DeviceIdType::UNKNOWN, devInfo); + if (!result) { + ACCESSTOKEN_LOG_INFO(LABEL, "UpdateRemoteHapTokenCommand: get remote networkId failed"); + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + return; + } + + std::string networkID = devInfo.deviceId.networkId; + int ret = AccessTokenKit::SetRemoteHapTokenInfo(networkID, updateTokenInfo_); + if (ret != RET_SUCCESS) { + remoteProtocol_.statusCode = Constant::FAILURE_BUT_CAN_RETRY; + remoteProtocol_.message = Constant::COMMAND_RESULT_FAILED; + } else { + remoteProtocol_.statusCode = Constant::SUCCESS; + remoteProtocol_.message = Constant::COMMAND_RESULT_SUCCESS; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "execute: end as: UpdateRemoteHapTokenCommand"); +} + +void UpdateRemoteHapTokenCommand::Finish() +{ + remoteProtocol_.statusCode = Constant::SUCCESS; + ACCESSTOKEN_LOG_INFO(LABEL, "Finish: end as: DeleteUidPermissionCommand"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS + diff --git a/services/tokensyncmanager/src/common/constant.cpp b/services/tokensyncmanager/src/common/constant.cpp new file mode 100644 index 000000000..dfa24e22f --- /dev/null +++ b/services/tokensyncmanager/src/common/constant.cpp @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "constant.h" +#include "parameter.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +const std::string Constant::COMMAND_RESULT_SUCCESS = "success"; +const std::string Constant::COMMAND_RESULT_FAILED = "execute command failed"; + +std::string Constant::EncryptDevId(std::string deviceId) +{ + std::string result = deviceId; + if (deviceId.size() >= ENCRYPTLEN) { + result.replace(ENCRYPTBEGIN, ENCRYPTEND, "****"); + } else { + result.replace(ENCRYPTBEGIN, result.size() - 1, "****"); + } + return result; +} + +std::string Constant::GetLocalDeviceId() +{ + char deviceIdCharArray[Constant::DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(deviceIdCharArray, Constant::DEVICE_UUID_LENGTH); + return deviceIdCharArray; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/device/device_info_manager.cpp b/services/tokensyncmanager/src/device/device_info_manager.cpp new file mode 100644 index 000000000..1066ad455 --- /dev/null +++ b/services/tokensyncmanager/src/device/device_info_manager.cpp @@ -0,0 +1,167 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "device_info_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "DeviceInfoManager"}; +} +DeviceInfoManager &DeviceInfoManager::GetInstance() +{ + static DeviceInfoManager instance; + return instance; +} + +bool DeviceInfoManager::GetDeviceInfo( + const std::string &nodeId, DeviceIdType deviceIdType, DeviceInfo &deviceInfo) const +{ + return DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, deviceIdType, deviceInfo); +} + +bool DeviceInfoManager::ExistDeviceInfo(const std::string &nodeId, DeviceIdType deviceIdType) const +{ + DeviceInfo deviceInfo; + return DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, deviceIdType, deviceInfo); +} + +void DeviceInfoManager::AddDeviceInfo(const std::string &networkId, const std::string &universallyUniqueId, + const std::string &uniqueDisabilityId, const std::string &deviceName, const std::string &deviceType) +{ + if (!DataValidator::IsDeviceIdValid(networkId) || + !DataValidator::IsDeviceIdValid(universallyUniqueId) || + !DataValidator::IsDeviceIdValid(uniqueDisabilityId) || deviceName.empty() || deviceType.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "addDeviceInfo: input param is invalid"); + } + DeviceInfoRepository::GetInstance().SaveDeviceInfo( + networkId, universallyUniqueId, uniqueDisabilityId, deviceName, deviceType); +} + +void DeviceInfoManager::RemoveAllRemoteDeviceInfo() +{ + char deviceIdCharArray[Constant::DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(deviceIdCharArray, Constant::DEVICE_UUID_LENGTH); + DeviceInfo localDeviceInfoOpt; + if (DeviceInfoRepository::GetInstance().FindDeviceInfo( + deviceIdCharArray, DeviceIdType::UNIQUE_DISABILITY_ID, localDeviceInfoOpt)) { + DeviceInfoRepository::GetInstance().DeleteAllDeviceInfoExceptOne(localDeviceInfoOpt); + } +} + +void DeviceInfoManager::RemoveRemoteDeviceInfo(const std::string &nodeId, DeviceIdType deviceIdType) +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "removeDeviceInfoByNetworkId: nodeId is invalid"); + } else { + DeviceInfo deviceInfo; + char deviceIdCharArray[Constant::DEVICE_UUID_LENGTH] = {0}; + GetDevUdid(deviceIdCharArray, Constant::DEVICE_UUID_LENGTH); + if (DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, deviceIdType, deviceInfo)) { + if (deviceInfo.deviceId.uniqueDisabilityId != deviceIdCharArray) { + DeviceInfoRepository::GetInstance().DeleteDeviceInfo(nodeId, deviceIdType); + } + } + } +} + +std::string DeviceInfoManager::ConvertToUniversallyUniqueIdOrFetch(const std::string &nodeId) const +{ + std::string result; + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ConvertToUniversallyUniqueIdOrFetch: nodeId is invalid."); + return result; + } + DeviceInfo deviceInfo; + if (DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, DeviceIdType::UNKNOWN, deviceInfo)) { + std::string universallyUniqueId = deviceInfo.deviceId.universallyUniqueId; + if (universallyUniqueId.empty()) { + std::string udid = SoftBusManager::GetInstance().GetUniversallyUniqueIdByNodeId(nodeId); + if (!udid.empty()) { + result = udid; + } + } else { + result = universallyUniqueId; + } + } + return result; +} + +std::string DeviceInfoManager::ConvertToUniqueDisabilityIdOrFetch(const std::string &nodeId) const +{ + std::string result; + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "ConvertToUniqueDisabilityIdOrFetch: nodeId is invalid."); + return result; + } + DeviceInfo deviceInfo; + if (DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, DeviceIdType::UNKNOWN, deviceInfo)) { + std::string uniqueDisabilityId = deviceInfo.deviceId.uniqueDisabilityId; + if (uniqueDisabilityId.empty()) { + std::string udid = SoftBusManager::GetInstance().GetUniqueDisabilityIdByNodeId(nodeId); + if (!udid.empty()) { + result = udid; + } else { + ACCESSTOKEN_LOG_DEBUG(LABEL, + "FindDeviceInfo succeed, udid and local udid is empty, nodeId(%{public}s)", + Constant::EncryptDevId(nodeId).c_str()); + } + } else { + ACCESSTOKEN_LOG_DEBUG(LABEL, + "FindDeviceInfo succeed, udid is empty, nodeId(%{public}s) ", + Constant::EncryptDevId(nodeId).c_str()); + result = uniqueDisabilityId; + } + } else { + ACCESSTOKEN_LOG_DEBUG( + LABEL, "FindDeviceInfo failed, nodeId(%{public}s)", Constant::EncryptDevId(nodeId).c_str()); + auto list = DeviceInfoRepository::GetInstance().ListDeviceInfo(); + auto iter = list.begin(); + for (; iter != list.end(); iter++) { + DeviceInfo info = (*iter); + ACCESSTOKEN_LOG_DEBUG( + LABEL, ">>> DeviceInfoRepository device name: %{public}s", info.deviceName.c_str()); + ACCESSTOKEN_LOG_DEBUG( + LABEL, ">>> DeviceInfoRepository device type: %{public}s", info.deviceType.c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, + ">>> DeviceInfoRepository device network id: %{public}s", + Constant::EncryptDevId(info.deviceId.networkId).c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, + ">>> DeviceInfoRepository device udid: %{public}s", + Constant::EncryptDevId(info.deviceId.uniqueDisabilityId).c_str()); + ACCESSTOKEN_LOG_DEBUG(LABEL, + ">>> DeviceInfoRepository device uuid: %{public}s", + Constant::EncryptDevId(info.deviceId.universallyUniqueId).c_str()); + } + } + return result; +} + +bool DeviceInfoManager::IsDeviceUniversallyUniqueId(const std::string &nodeId) const +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "IsDeviceUniversallyUniqueId: nodeId is invalid"); + return false; + } + DeviceInfo deviceInfo; + if (DeviceInfoRepository::GetInstance().FindDeviceInfo(nodeId, DeviceIdType::UNIVERSALLY_UNIQUE_ID, deviceInfo)) { + return deviceInfo.deviceId.universallyUniqueId == nodeId; + } + return false; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/tokensyncmanager/src/device/device_info_repository.cpp b/services/tokensyncmanager/src/device/device_info_repository.cpp new file mode 100644 index 000000000..6bbff99c1 --- /dev/null +++ b/services/tokensyncmanager/src/device/device_info_repository.cpp @@ -0,0 +1,191 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "device_info_repository.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +DeviceInfoRepository &DeviceInfoRepository::GetInstance() +{ + static DeviceInfoRepository instance; + return instance; +} + +std::vector DeviceInfoRepository::ListDeviceInfo() +{ + std::lock_guard guard(stackLock_); + std::vector deviceInfo; + + std::map::iterator it; + std::map::iterator itEnd; + it = deviceInfoMap_.begin(); + itEnd = deviceInfoMap_.end(); + while (it != itEnd) { + deviceInfo.push_back(it->second); + it++; + } + return deviceInfo; +} + +bool DeviceInfoRepository::FindDeviceInfo(const std::string &nodeId, DeviceIdType type, DeviceInfo &deviceInfo) +{ + std::lock_guard guard(stackLock_); + DeviceId deviceId; + if (FindDeviceIdByNodeIdLocked(nodeId, type, deviceId)) { + return FindDeviceInfoByDeviceIdLocked(deviceId, deviceInfo); + } + return false; +} + +bool DeviceInfoRepository::FindDeviceIdByNodeIdLocked( + const std::string &nodeId, const DeviceIdType type, DeviceId &deviceId) const +{ + if (type == DeviceIdType::NETWORK_ID) { + return FindDeviceIdByNetworkIdLocked(nodeId, deviceId); + } else if (type == DeviceIdType::UNIVERSALLY_UNIQUE_ID) { + return FindDeviceIdByUniversallyUniqueIdLocked(nodeId, deviceId); + } else if (type == DeviceIdType::UNIQUE_DISABILITY_ID) { + return FindDeviceIdByUniqueDisabilityIdLocked(nodeId, deviceId); + } else if (type == DeviceIdType::UNKNOWN) { + if (FindDeviceIdByNetworkIdLocked(nodeId, deviceId)) { + return true; + } else if (FindDeviceIdByUniversallyUniqueIdLocked(nodeId, deviceId)) { + return true; + } else if (FindDeviceIdByUniqueDisabilityIdLocked(nodeId, deviceId)) { + return true; + } + return false; + } else { + return false; + } +} + +bool DeviceInfoRepository::FindDeviceInfoByDeviceIdLocked(const DeviceId deviceId, DeviceInfo &deviceInfo) const +{ + std::string deviceInfoKey = deviceId.networkId + deviceId.universallyUniqueId + deviceId.uniqueDisabilityId; + if (deviceInfoMap_.count(deviceInfoKey) > 0) { + deviceInfo = deviceInfoMap_.at(deviceInfoKey); + return true; + } + return false; +} + +bool DeviceInfoRepository::FindDeviceIdByNetworkIdLocked(const std::string &networkId, DeviceId &deviceId) const +{ + if (deviceIdMapByNetworkId_.count(networkId) > 0) { + deviceId = deviceIdMapByNetworkId_.at(networkId); + return true; + } + return false; +} + +bool DeviceInfoRepository::FindDeviceIdByUniversallyUniqueIdLocked( + const std::string &universallyUniqueId, DeviceId &deviceId) const +{ + if (deviceIdMapByUniversallyUniqueId_.count(universallyUniqueId) > 0) { + deviceId = deviceIdMapByUniversallyUniqueId_.at(universallyUniqueId); + return true; + } + return false; +} + +bool DeviceInfoRepository::FindDeviceIdByUniqueDisabilityIdLocked( + const std::string &uniqueDisabilityId, DeviceId &deviceId) const +{ + if (deviceIdMapByUniqueDisabilityId_.count(uniqueDisabilityId) > 0) { + deviceId = deviceIdMapByUniqueDisabilityId_.at(uniqueDisabilityId); + return true; + } + return false; +} + +void DeviceInfoRepository::DeleteAllDeviceInfoExceptOne(const DeviceInfo deviceInfo) +{ + std::lock_guard guard(stackLock_); + deviceIdMapByNetworkId_.clear(); + deviceIdMapByUniversallyUniqueId_.clear(); + deviceIdMapByUniqueDisabilityId_.clear(); + deviceInfoMap_.clear(); + SaveDeviceInfo(deviceInfo); +} + +void DeviceInfoRepository::SaveDeviceInfo(const DeviceInfo deviceInfo) +{ + SaveDeviceInfo(deviceInfo.deviceId, deviceInfo.deviceName, deviceInfo.deviceType); +} + +void DeviceInfoRepository::SaveDeviceInfo( + const DeviceId deviceId, const std::string &deviceName, const std::string &deviceType) +{ + SaveDeviceInfo( + deviceId.networkId, deviceId.universallyUniqueId, deviceId.uniqueDisabilityId, deviceName, deviceType); +} + +void DeviceInfoRepository::SaveDeviceInfo(const std::string &networkId, const std::string &universallyUniqueId, + const std::string &uniqueDisabilityId, const std::string &deviceName, const std::string &deviceType) +{ + std::lock_guard guard(stackLock_); + + DeleteDeviceInfo(networkId, DeviceIdType::NETWORK_ID); + DeleteDeviceInfo(universallyUniqueId, DeviceIdType::UNIVERSALLY_UNIQUE_ID); + DeleteDeviceInfo(uniqueDisabilityId, DeviceIdType::UNIQUE_DISABILITY_ID); + + DeviceId deviceId; + deviceId.networkId = networkId; + deviceId.universallyUniqueId = universallyUniqueId; + deviceId.uniqueDisabilityId = uniqueDisabilityId; + + DeviceInfo deviceInfo; + deviceInfo.deviceId = deviceId; + deviceInfo.deviceName = deviceName; + deviceInfo.deviceType = deviceType; + + const std::string deviceInfoKey = networkId + universallyUniqueId + uniqueDisabilityId; + deviceIdMapByNetworkId_.insert(std::pair(networkId, deviceId)); + deviceIdMapByUniversallyUniqueId_.insert(std::pair(universallyUniqueId, deviceId)); + deviceIdMapByUniqueDisabilityId_.insert(std::pair(uniqueDisabilityId, deviceId)); + deviceInfoMap_.insert(std::pair(deviceInfoKey, deviceInfo)); +} + +void DeviceInfoRepository::DeleteDeviceInfo(const std::string &nodeId, const DeviceIdType type) +{ + std::lock_guard guard(stackLock_); + DeviceId deviceId; + if (FindDeviceIdByNodeIdLocked(nodeId, type, deviceId)) { + DeleteDeviceInfoByDeviceIdLocked(deviceId); + } +} + +void DeviceInfoRepository::DeleteDeviceInfoByDeviceIdLocked(const DeviceId deviceId) +{ + deviceIdMapByNetworkId_.erase(deviceId.networkId); + deviceIdMapByUniversallyUniqueId_.erase(deviceId.universallyUniqueId); + deviceIdMapByUniqueDisabilityId_.erase(deviceId.uniqueDisabilityId); + const std::string deviceInfoKey = deviceId.networkId + deviceId.universallyUniqueId + deviceId.uniqueDisabilityId; + deviceInfoMap_.erase(deviceInfoKey); +} + +void DeviceInfoRepository::Clear() +{ + std::lock_guard guard(stackLock_); + deviceIdMapByNetworkId_.clear(); + deviceIdMapByUniversallyUniqueId_.clear(); + deviceIdMapByUniqueDisabilityId_.clear(); + deviceInfoMap_.clear(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/tokensyncmanager/src/remote/remote_command_executor.cpp b/services/tokensyncmanager/src/remote/remote_command_executor.cpp new file mode 100644 index 000000000..e6200b465 --- /dev/null +++ b/services/tokensyncmanager/src/remote/remote_command_executor.cpp @@ -0,0 +1,329 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "remote_command_executor.h" + +#include "device_info_manager.h" +#include "parameter.h" +#include "singleton.h" +#include "soft_bus_channel.h" +#include "token_sync_event_handler.h" +#include "token_sync_manager_service.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "RemoteCommandExecutor"}; +static const std::string TASK_NAME = "RemoteCommandExecutor::ProcessBufferedCommandsWithThread"; +} // namespace +RemoteCommandExecutor::RemoteCommandExecutor(const std::string &targetNodeId) + : targetNodeId_(targetNodeId), ptrChannel_(nullptr), mutex_(), commands_(), running_(false) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "RemoteCommandExecutor()"); +} + +RemoteCommandExecutor::~RemoteCommandExecutor() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "~RemoteCommandExecutor() begin"); + running_ = false; + ACCESSTOKEN_LOG_DEBUG(LABEL, "~RemoteCommandExecutor() end"); +} + +const std::shared_ptr RemoteCommandExecutor::CreateChannel(const std::string &targetNodeId) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "CreateChannel: targetNodeId=%{public}s", targetNodeId.c_str()); + // only consider SoftBusChannel + std::shared_ptr ptrChannel = std::make_shared(targetNodeId); + if (ptrChannel == nullptr) { + ACCESSTOKEN_LOG_INFO( + LABEL, "CreateChannel: create channel failed, targetNodeId=%{public}s", targetNodeId.c_str()); + } + return ptrChannel; +} + +/* + * called by RemoteCommandExecutor, RemoteCommandManager + */ +int RemoteCommandExecutor::ProcessOneCommand(const std::shared_ptr &ptrCommand) +{ + if (ptrCommand == nullptr) { + ACCESSTOKEN_LOG_WARN( + LABEL, "targetNodeId %{public}s, attempt to process on null command.", targetNodeId_.c_str()); + return Constant::SUCCESS; + } + const std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId; + ACCESSTOKEN_LOG_INFO(LABEL, + "targetNodeId %{public}s, process one command start, uniqueId: %{public}s", + targetNodeId_.c_str(), + uniqueId.c_str()); + + ptrCommand->Prepare(); + int status = ptrCommand->remoteProtocol_.statusCode; + if (status != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "targetNodeId %{public}s, process one command error, uniqueId: %{public}s, message: " + "prepare failure code %{public}d", + targetNodeId_.c_str(), + uniqueId.c_str(), + status); + return status; + } + + char localUdid[Constant::DEVICE_UUID_LENGTH] = {0}; + ::GetDevUdid(localUdid, Constant::DEVICE_UUID_LENGTH); + if (targetNodeId_ == localUdid) { + return ExecuteRemoteCommand(ptrCommand, false); + } + + // otherwise a remote device + CreateChannelIfNeeded(); + if (ptrChannel_ == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "targetNodeId %{public}s, channel is null.", targetNodeId_.c_str()); + return Constant::FAILURE; + } + if (ptrChannel_->BuildConnection() != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "targetNodeId %{public}s, channel is not ready.", targetNodeId_.c_str()); + return Constant::FAILURE; + } + + return ExecuteRemoteCommand(ptrCommand, true); +} + +/* + * called by RemoteCommandManager + */ +int RemoteCommandExecutor::AddCommand(const std::shared_ptr &ptrCommand) +{ + if (ptrCommand == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "targetNodeId %{public}s, attempt to add an empty command.", + targetNodeId_.c_str()); + return Constant::INVALID_COMMAND; + } + + const std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId; + ACCESSTOKEN_LOG_DEBUG( + LABEL, "targetNodeId %{public}s, add uniqueId %{public}s", targetNodeId_.c_str(), uniqueId.c_str()); + + std::unique_lock lock(mutex_); + + // make sure do not have the same command in the command buffer + for (auto bufferedCommand : commands_) { + if (bufferedCommand->remoteProtocol_.uniqueId == uniqueId) { + ACCESSTOKEN_LOG_WARN(LABEL, + "targetNodeId %{public}s, add uniqueId %{public}s, already exist in the buffer, skip", + targetNodeId_.c_str(), + uniqueId.c_str()); + return Constant::SUCCESS; + } + } + + commands_.push_back(ptrCommand); + return Constant::SUCCESS; +} + +/* + * called by RemoteCommandExecutor.ProcessCommandThread, RemoteCommandManager + */ +int RemoteCommandExecutor::ProcessBufferedCommands(bool standalone) +{ + ACCESSTOKEN_LOG_INFO( + LABEL, "begin, targetNodeId: %{public}s, standalone: %{public}d", targetNodeId_.c_str(), standalone); + + std::unique_lock lock(mutex_); + + if (commands_.empty()) { + ACCESSTOKEN_LOG_WARN(LABEL, "no command, targetNodeId %{public}s", targetNodeId_.c_str()); + running_ = false; + return Constant::SUCCESS; + } + + running_ = true; + while (true) { + // interrupt + if (running_ == false) { + ACCESSTOKEN_LOG_INFO( + LABEL, "end with running flag == false, targetNodeId: %{public}s", targetNodeId_.c_str()); + return Constant::FAILURE; + } + // end + if (commands_.empty()) { + running_ = false; + ACCESSTOKEN_LOG_INFO(LABEL, "end, no command left, targetNodeId: %{public}s", targetNodeId_.c_str()); + return Constant::SUCCESS; + } + + // consume queue to execute + const std::shared_ptr bufferedCommand = commands_.front(); + int status = ProcessOneCommand(bufferedCommand); + if (status == Constant::SUCCESS) { + commands_.pop_front(); + continue; + } else if (status == Constant::FAILURE_BUT_CAN_RETRY) { + ACCESSTOKEN_LOG_WARN(LABEL, + "execute failed and wait to retry, targetNodeId: %{public}s, message: %{public}s, and will retry ", + targetNodeId_.c_str(), + bufferedCommand->remoteProtocol_.message.c_str()); + + // now, the retry at once will have no effective because the network problem + // so if the before the step, one command is added, and run this function + // it should also not need to restart to process the commands buffer at once. + running_ = false; + return Constant::FAILURE; + } else { + // this command failed, move on to execute next command + commands_.pop_front(); + ACCESSTOKEN_LOG_ERROR(LABEL, + "execute failed, targetNodeId: %{public}s, commandName: %{public}s, message: %{public}s", + targetNodeId_.c_str(), + bufferedCommand->remoteProtocol_.commandName.c_str(), + bufferedCommand->remoteProtocol_.message.c_str()); + } + } +} + +/* + * called by RemoteCommandManager + */ +void RemoteCommandExecutor::ProcessBufferedCommandsWithThread() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "begin, targetNodeId: %{public}s", targetNodeId_.c_str()); + + std::unique_lock lock(mutex_); + + if (commands_.empty()) { + ACCESSTOKEN_LOG_INFO(LABEL, "No buffered commands. targetNodeId: %{public}s", targetNodeId_.c_str()); + return; + } + if (running_) { + // task is running, do not need to start one more + ACCESSTOKEN_LOG_WARN(LABEL, "task busy. targetNodeId: %{public}s", targetNodeId_.c_str()); + return; + } + + running_ = true; + const std::function runner = std::bind(&RemoteCommandExecutor::ProcessBufferedCommands, this, true); + + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetSendEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return; + } + bool result = handler->ProxyPostTask(runner, TASK_NAME); + if (result == false) { + ACCESSTOKEN_LOG_ERROR(LABEL, "post task failed, targetNodeId: %{public}s", targetNodeId_.c_str()); + } + ACCESSTOKEN_LOG_INFO(LABEL, + "post task succeed, targetNodeId: %{public}s, taskName: %{public}s", + targetNodeId_.c_str(), + TASK_NAME.c_str()); +} + +int RemoteCommandExecutor::ExecuteRemoteCommand( + const std::shared_ptr &ptrCommand, const bool isRemote) +{ + std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId; + ACCESSTOKEN_LOG_INFO(LABEL, + "targetNodeId %{public}s, uniqueId %{public}s, remote %{public}d: start to execute", + targetNodeId_.c_str(), + uniqueId.c_str(), + isRemote); + + ptrCommand->remoteProtocol_.statusCode = Constant::STATUS_CODE_BEFORE_RPC; + + if (!isRemote) { + // Local device, play myself. + ptrCommand->Execute(); + int code = ClientProcessResult(ptrCommand); + ACCESSTOKEN_LOG_DEBUG(LABEL, + "command finished with status: %{public}d, message: %{public}s", + ptrCommand->remoteProtocol_.statusCode, + ptrCommand->remoteProtocol_.message.c_str()); + return code; + } + + std::string responseString = + ptrChannel_->ExecuteCommand(ptrCommand->remoteProtocol_.commandName, ptrCommand->ToJsonPayload()); + ACCESSTOKEN_LOG_INFO(LABEL, "command executed uniqueId %{public}s", uniqueId.c_str()); + if (responseString.empty()) { + ACCESSTOKEN_LOG_WARN(LABEL, + "targetNodeId %{public}s, uniqueId %{public}s, execute remote command error, response is empty.", + targetNodeId_.c_str(), + uniqueId.c_str()); + return Constant::FAILURE; + } + + std::shared_ptr ptrResponseCommand = + RemoteCommandFactory::GetInstance().NewRemoteCommandFromJson( + ptrCommand->remoteProtocol_.commandName, responseString); + if (ptrResponseCommand == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "targetNodeId %{public}s, get null response command!", targetNodeId_.c_str()); + return Constant::FAILURE; + } + int32_t result = ClientProcessResult(ptrResponseCommand); + if (commands_.empty()) { + ptrChannel_->CloseConnection(); + } + ACCESSTOKEN_LOG_DEBUG(LABEL, + "command finished with status: %{public}d, message: %{public}s", + ptrResponseCommand->remoteProtocol_.statusCode, + ptrResponseCommand->remoteProtocol_.message.c_str()); + return result; +} + +void RemoteCommandExecutor::CreateChannelIfNeeded() +{ + std::unique_lock lock(mutex_); + if (ptrChannel_ != nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "targetNodeId %{public}s, channel is exist.", targetNodeId_.c_str()); + return; + } + + ptrChannel_ = CreateChannel(targetNodeId_); +} + +int RemoteCommandExecutor::ClientProcessResult(const std::shared_ptr &ptrCommand) +{ + std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId; + if (ptrCommand->remoteProtocol_.statusCode == Constant::STATUS_CODE_BEFORE_RPC) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "targetNodeId %{public}s, uniqueId %{public}s, status code after RPC is same as before, the remote side " + "may not " + "support this command", + targetNodeId_.c_str(), + uniqueId.c_str()); + return Constant::FAILURE; + } + + ptrCommand->Finish(); + int status = ptrCommand->remoteProtocol_.statusCode; + if (status != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "targetNodeId %{public}s, uniqueId %{public}s, execute failed, message: %{public}s", + targetNodeId_.c_str(), + uniqueId.c_str(), + ptrCommand->remoteProtocol_.message.c_str()); + } else { + ACCESSTOKEN_LOG_INFO(LABEL, + "targetNodeId %{public}s, uniqueId %{public}s, execute succeed.", + targetNodeId_.c_str(), + uniqueId.c_str()); + } + return status; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/remote/remote_command_factory.cpp b/services/tokensyncmanager/src/remote/remote_command_factory.cpp new file mode 100644 index 000000000..266ef585b --- /dev/null +++ b/services/tokensyncmanager/src/remote/remote_command_factory.cpp @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "remote_command_factory.h" + +#include "nlohmann/json.hpp" + +namespace OHOS { +namespace Security { +namespace AccessToken { +RemoteCommandFactory &RemoteCommandFactory::GetInstance() +{ + static RemoteCommandFactory instance; + return instance; +} + +std::shared_ptr RemoteCommandFactory::NewSyncRemoteHapTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, AccessTokenID tokenID) +{ + return std::make_shared(srcDeviceId, dstDeviceId, tokenID); +} + +std::shared_ptr RemoteCommandFactory::NewDeleteRemoteTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, AccessTokenID tokenID) +{ + return std::make_shared(srcDeviceId, dstDeviceId, tokenID); +} + +std::shared_ptr RemoteCommandFactory::NewUpdateRemoteHapTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId, const HapTokenInfoForSync& tokenInfo) +{ + return std::make_shared(srcDeviceId, dstDeviceId, tokenInfo); +} + +std::shared_ptr RemoteCommandFactory::NewSyncRemoteNativeTokenCommand( + const std::string &srcDeviceId, const std::string &dstDeviceId) +{ + return std::make_shared(srcDeviceId, dstDeviceId); +} + +std::shared_ptr RemoteCommandFactory::NewRemoteCommandFromJson( + const std::string &commandName, const std::string &commandJsonString) +{ + const std::string SYNC_HAP_COMMAND_NAME = "SyncRemoteHapTokenCommand"; + const std::string DELETE_TOKEN_COMMAND_NAME = "DeleteRemoteTokenCommand"; + const std::string UPDATE_HAP_COMMAND_NAME = "UpdateRemoteHapTokenCommand"; + const std::string SYNC_NATIVE_COMMAND_NAME = "SyncRemoteNativeTokenCommand"; + + if (commandName == SYNC_HAP_COMMAND_NAME) { + return std::make_shared(commandJsonString); + } else if (commandName == DELETE_TOKEN_COMMAND_NAME) { + return std::make_shared(commandJsonString); + } else if (commandName == UPDATE_HAP_COMMAND_NAME) { + return std::make_shared(commandJsonString); + } else if (commandName == SYNC_NATIVE_COMMAND_NAME) { + return std::make_shared(commandJsonString); + } else { + return nullptr; + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/remote/remote_command_manager.cpp b/services/tokensyncmanager/src/remote/remote_command_manager.cpp new file mode 100644 index 000000000..9d98fada7 --- /dev/null +++ b/services/tokensyncmanager/src/remote/remote_command_manager.cpp @@ -0,0 +1,292 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "remote_command_manager.h" +#include "device_info_manager.h" +#include "sync_remote_native_token_command.h" +#include "remote_command_factory.h" +#include "token_sync_event_handler.h" +#include "token_sync_manager_service.h" +#include "accesstoken_kit.h" + +#include + + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "RemoteCommandManager"}; +} +RemoteCommandManager::RemoteCommandManager() : executors_(), mutex_() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "RemoteCommandManager()"); +} + +RemoteCommandManager::~RemoteCommandManager() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "~RemoteCommandManager()"); +} + +RemoteCommandManager &RemoteCommandManager::GetInstance() +{ + static RemoteCommandManager instance; + return instance; +} + +void RemoteCommandManager::Init() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "Init()"); +} + +int RemoteCommandManager::AddCommand(const std::string &udid, const std::shared_ptr &command) +{ + if (udid.empty() || command == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid: %{public}s, or null command", udid.c_str()); + return Constant::FAILURE; + } + std::string uniqueId = command->remoteProtocol_.uniqueId; + ACCESSTOKEN_LOG_INFO(LABEL, "udid: %{public}s, add uniqueId: %{public}s", udid.c_str(), uniqueId.c_str()); + + std::shared_ptr executor = GetOrCreateRemoteCommandExecutor(udid); + if (executor == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "cannot get or create remote command executor"); + return Constant::FAILURE; + } + + int result = executor->AddCommand(command); + ACCESSTOKEN_LOG_INFO(LABEL, "udid: %{public}s, add command result: %{public}d ", udid.c_str(), result); + return result; +} + +void RemoteCommandManager::RemoveCommand(const std::string &udid) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "remove command, udid: %{public}s", udid.c_str()); + executors_.erase(udid); +} + +int RemoteCommandManager::ExecuteCommand(const std::string &udid, const std::shared_ptr &command) +{ + if (udid.empty() || command == nullptr) { + ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid: %{public}s, or null command", udid.c_str()); + return Constant::FAILURE; + } + std::string uniqueId = command->remoteProtocol_.uniqueId; + ACCESSTOKEN_LOG_INFO(LABEL, "start with udid: %{public}s , uniqueId: %{public}s ", udid.c_str(), uniqueId.c_str()); + + std::shared_ptr executor = GetOrCreateRemoteCommandExecutor(udid); + if (executor == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "cannot get or create remote command executor"); + return Constant::FAILURE; + } + + int result = executor->ProcessOneCommand(command); + ACCESSTOKEN_LOG_INFO(LABEL, "remoteCommandExecutor processOneCommand result:%{public}d ", result); + return result; +} + +int RemoteCommandManager::ProcessDeviceCommandImmediately(const std::string &udid) +{ + if (udid.empty()) { + ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid: %{public}s", udid.c_str()); + return Constant::FAILURE; + } + ACCESSTOKEN_LOG_INFO(LABEL, "start with udid:%{public}s ", udid.c_str()); + auto executorIt = executors_.find(udid); + if (executorIt == executors_.end()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no executor found, udid:%{public}s", udid.c_str()); + return Constant::FAILURE; + } + + auto executor = executorIt->second; + if (executor == nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "RemoteCommandExecutor is null for udid %{public}s ", udid.c_str()); + return Constant::FAILURE; + } + + int result = executor->ProcessBufferedCommands(); + ACCESSTOKEN_LOG_INFO(LABEL, "processBufferedCommands result: %{public}d", result); + return result; +} + +int RemoteCommandManager::Loop() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "start"); + for (auto it = executors_.begin(); it != executors_.end(); it++) { + ACCESSTOKEN_LOG_INFO(LABEL, "udid:%{public}s", it->first.c_str()); + (*it).second->ProcessBufferedCommandsWithThread(); + } + return Constant::SUCCESS; +} + +/** + * caller: service connection listener + */ +void RemoteCommandManager::Clear() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "remove all remote command executors."); + + std::map> dummy; + executors_.swap(dummy); + executors_.clear(); +} + +/** + * caller: device listener + */ +int RemoteCommandManager::NotifyDeviceOnline(const std::string &nodeId) +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_INFO(LABEL, "invalid nodeId: %{public}s", nodeId.c_str()); + return Constant::FAILURE; + } + ACCESSTOKEN_LOG_INFO(LABEL, "operation start with nodeId: %{public}s", nodeId.c_str()); + + auto executor = GetOrCreateRemoteCommandExecutor(nodeId); + std::unique_lock lock(mutex_); + if (executor == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "cannot get or create remote command executor"); + return Constant::FAILURE; + } + + if (executor->GetChannel() == nullptr) { + auto channel = RemoteCommandExecutor::CreateChannel(nodeId); + if (channel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "create channel failed."); + return Constant::FAILURE; + } + executor->SetChannel(channel); + } + + lock.unlock(); + + std::function delayed = ([=]() { + const std::shared_ptr syncRemoteNativeTokenCommand = + RemoteCommandFactory::GetInstance().NewSyncRemoteNativeTokenCommand(Constant::GetLocalDeviceId(), + nodeId); + + const int32_t resultCode = RemoteCommandManager::GetInstance().ExecuteCommand( + nodeId, syncRemoteNativeTokenCommand); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_INFO(LABEL, + "%{public}s: RemoteExecutorManager executeCommand syncRemoteNativeTokenCommand failed, return %d", + __func__, resultCode); + return; + } + }); + + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetSendEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return Constant::FAILURE; + } + handler->ProxyPostTask(delayed, "HandleDeviceOnline", Constant::DELAY_SYNC_TOKEN_MS); + + return Constant::SUCCESS; +} + +/** + * caller: device listener + */ +int RemoteCommandManager::NotifyDeviceOffline(const std::string &nodeId) +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_INFO(LABEL, "invalid nodeId: %{public}s", nodeId.c_str()); + return Constant::FAILURE; + } + ACCESSTOKEN_LOG_INFO(LABEL, "operation start with nodeId: %{public}s", nodeId.c_str()); + + auto channel = GetExecutorChannel(nodeId); + if (channel != nullptr) { + channel->Release(); + } + + std::unique_lock lock(mutex_); + RemoveCommand(nodeId); + lock.unlock(); + + DeviceInfo devInfo; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(nodeId, DeviceIdType::UNKNOWN, devInfo); + if (!result) { + ACCESSTOKEN_LOG_INFO(LABEL, "get remote networkId failed"); + return Constant::FAILURE; + } + std::string networkId = devInfo.deviceId.networkId; + std::function delayed = ([=]() { + AccessTokenKit::DeleteRemoteDeviceTokens(networkId); + }); + + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetSendEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return Constant::FAILURE; + } + handler->ProxyPostTask(delayed, "HandleDeviceOffline"); + + ACCESSTOKEN_LOG_INFO(LABEL, "complete"); + return Constant::SUCCESS; +} + +std::shared_ptr RemoteCommandManager::GetOrCreateRemoteCommandExecutor(const std::string &nodeId) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "begin, nodeId %{public}s", nodeId.c_str()); + + std::unique_lock lock(mutex_); + auto executorIter = executors_.find(nodeId); + if (executorIter != executors_.end()) { + return executorIter->second; + } + + auto executor = std::make_shared(nodeId); + if (executor == nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "cannot create remote command executor, nodeId: %{public}s", nodeId.c_str()); + return nullptr; + } + + executors_.insert(std::pair>(nodeId, executor)); + ACCESSTOKEN_LOG_DEBUG(LABEL, "executor added, nodeId: %{public}s", nodeId.c_str()); + return executor; +} + +/** + * caller: session listener(onBytesReceived), device listener(offline) + */ +std::shared_ptr RemoteCommandManager::GetExecutorChannel(const std::string &nodeId) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "convert udid start, nodeId:%{public}s", nodeId.c_str()); + std::string udid = DeviceInfoManager::GetInstance().ConvertToUniqueDisabilityIdOrFetch(nodeId); + ACCESSTOKEN_LOG_DEBUG(LABEL, "convert udid, nodeId:%{public}s, udid: %{public}s", nodeId.c_str(), udid.c_str()); + if (!DataValidator::IsDeviceIdValid(udid)) { + ACCESSTOKEN_LOG_WARN( + LABEL, "converted udid is invalid, nodeId:%{public}s, udid: %{public}s", nodeId.c_str(), udid.c_str()); + return nullptr; + } + std::map>::iterator iter = executors_.find(udid); + if (iter == executors_.end()) { + ACCESSTOKEN_LOG_INFO(LABEL, "executor not found"); + return nullptr; + } + std::shared_ptr executor = iter->second; + if (executor == nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "executor is null"); + return nullptr; + } + return executor->GetChannel(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/remote/soft_bus_channel.cpp b/services/tokensyncmanager/src/remote/soft_bus_channel.cpp new file mode 100644 index 000000000..97e028db7 --- /dev/null +++ b/services/tokensyncmanager/src/remote/soft_bus_channel.cpp @@ -0,0 +1,416 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "soft_bus_channel.h" + +#include + +#include "device_info_manager.h" +#include "token_sync_event_handler.h" +#include "token_sync_manager_service.h" +#include "singleton.h" +#include "soft_bus_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusChannel"}; +} +namespace { +static const std::string REQUEST_TYPE = "request"; +static const std::string RESPONSE_TYPE = "response"; +static const std::string TASK_NAME_CLOSE_SESSION = "atm_soft_bus_channel_close_session"; +static const long EXECUTE_COMMAND_TIME_OUT = 3000; +static const long WAIT_SESSION_CLOSE_MILLISECONDS = 5 * 1000; +// send buf size for header +static const int RPC_TRANSFER_HEAD_BYTES_LENGTH = 1024 * 256; +// decompress buf size +static const int RPC_TRANSFER_BYTES_MAX_LENGTH = 1024 * 1024; +} // namespace +SoftBusChannel::SoftBusChannel(const std::string &deviceId) + : deviceId_(deviceId), mutex_(), callbacks_(), responseResult_(""), loadedCond_() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "SoftBusChannel(deviceId)"); + isDelayClosing_ = false; + session_ = Constant::INVALID_SESSION; + isSessionUsing_ = false; +} + +SoftBusChannel::~SoftBusChannel() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "~SoftBusChannel()"); +} + +int SoftBusChannel::BuildConnection() +{ + CancelCloseConnectionIfNeeded(); + if (session_ != Constant::INVALID_SESSION) { + ACCESSTOKEN_LOG_INFO(LABEL, "session is exist, no need open again."); + return Constant::SUCCESS; + } + + std::unique_lock lock(sessionMutex_); + if (session_ == Constant::INVALID_SESSION) { + ACCESSTOKEN_LOG_INFO(LABEL, "open session with device: %{public}s", (deviceId_.c_str())); + int session = SoftBusManager::GetInstance().OpenSession(deviceId_); + if (session == Constant::INVALID_SESSION) { + ACCESSTOKEN_LOG_ERROR(LABEL, "open session failed."); + return Constant::FAILURE; + } + session_ = session; + } + return Constant::SUCCESS; +} + +void SoftBusChannel::CloseConnection() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "close connection"); + std::unique_lock lock(mutex_); + if (isDelayClosing_) { + return; + } + + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetSendEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return; + } + auto thisPtr = shared_from_this(); + std::function delayed = ([thisPtr]() { + std::unique_lock lock(thisPtr->sessionMutex_); + if (thisPtr->isSessionUsing_) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "session is in using, cancel close session"); + } else { + SoftBusManager::GetInstance().CloseSession(thisPtr->session_); + thisPtr->session_ = Constant::INVALID_SESSION; + ACCESSTOKEN_LOG_INFO(LABEL, "close session for device: %{public}s", thisPtr->deviceId_.c_str()); + } + thisPtr->isDelayClosing_ = false; + }); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "close session after %{public}ld ms", WAIT_SESSION_CLOSE_MILLISECONDS); + handler->ProxyPostTask(delayed, TASK_NAME_CLOSE_SESSION, WAIT_SESSION_CLOSE_MILLISECONDS); + + isDelayClosing_ = true; +} + +void SoftBusChannel::Release() +{ + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetSendEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return; + } + handler->ProxyRemoveTask(TASK_NAME_CLOSE_SESSION); +} + +std::string SoftBusChannel::ExecuteCommand(const std::string &commandName, const std::string &jsonPayload) +{ + if (commandName.empty() || jsonPayload.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params, commandName: %{public}s, jsonPayload: %{public}s", + commandName.c_str(), jsonPayload.c_str()); + return ""; + } + + // to use a lib like libuuid + int uuidStrLen = 37; // 32+4+1 + char uuidbuf[uuidStrLen]; + random_uuid(uuidbuf, uuidStrLen); + std::string uuid(uuidbuf); + ACCESSTOKEN_LOG_DEBUG(LABEL, "generated message uuid: %{public}s", uuid.c_str()); + + int len = RPC_TRANSFER_HEAD_BYTES_LENGTH + jsonPayload.length(); + unsigned char *buf = (unsigned char *) malloc(len + 1); + if (buf == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory: %{public}d", len); + return ""; + } + memset_s(buf, len + 1, 0, len + 1); + int result = PrepareBytes(REQUEST_TYPE, uuid, commandName, jsonPayload, buf, len); + if (result != Constant::SUCCESS) { + free(buf); + return ""; + } + + std::unique_lock lock(sessionMutex_); + std::function callback = [&](const std::string &result) { + ACCESSTOKEN_LOG_INFO(LABEL, "onResponse called, data: %{public}s", result.c_str()); + responseResult_ = std::string(result); + loadedCond_.notify_all(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "onResponse called end"); + }; + callbacks_.insert(std::pair>(uuid, callback)); + + isSessionUsing_ = true; + lock.unlock(); + + int retCode = SendRequestBytes(buf, len); + free(buf); + + std::unique_lock lock2(sessionMutex_); + if (retCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "send request data failed: %{public}d ", retCode); + callbacks_.erase(uuid); + isSessionUsing_ = false; + return ""; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "wait command response"); + if (loadedCond_.wait_for(lock2, std::chrono::milliseconds(EXECUTE_COMMAND_TIME_OUT)) == std::cv_status::timeout) { + ACCESSTOKEN_LOG_WARN(LABEL, "time out to wait response."); + callbacks_.erase(uuid); + isSessionUsing_ = false; + return ""; + } + + isSessionUsing_ = false; + return responseResult_; +} + +void SoftBusChannel::HandleDataReceived(int session, const unsigned char *bytes, int length) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "HandleDataReceived"); + + if (session <= 0 || length <= 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params: session: %{public}d, data length: %{public}d", session, length); + return; + } + std::string receiveData = Decompress(bytes, length); + if (receiveData.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid parameter bytes"); + return; + } + std::shared_ptr message = SoftBusMessage::FromJson(receiveData); + if (message == nullptr) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "invalid json string: %{public}s", receiveData.c_str()); + return; + } + if (!message->IsValid()) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "invalid data, has empty field: %{public}s", receiveData.c_str()); + return; + } + + std::string type = message->GetType(); + if (REQUEST_TYPE == (type)) { + std::function delayed = ([=]() { + HandleRequest(session, message->GetId(), message->GetCommandName(), message->GetJsonPayload()); + }); + + std::shared_ptr handler = + DelayedSingleton::GetInstance()->GetRecvEventHandler(); + if (handler == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to get EventHandler"); + return; + } + handler->ProxyPostTask(delayed, "HandleDataReceived_HandleRequest"); + } else if (RESPONSE_TYPE == (type)) { + HandleResponse(message->GetId(), message->GetJsonPayload()); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid type: %{public}s ", type.c_str()); + } +} + +int SoftBusChannel::PrepareBytes(const std::string &type, const std::string &id, const std::string &commandName, + const std::string &jsonPayload, const unsigned char *bytes, int &bytesLength) +{ + SoftBusMessage messageEntity(type, id, commandName, jsonPayload); + std::string json = messageEntity.ToJson(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "softbus message json: %{public}s", json.c_str()); + return Compress(json, bytes, bytesLength); +} + +int SoftBusChannel::Compress(const std::string &json, const unsigned char *compressedBytes, int &compressedLength) +{ + uLong len = compressBound(json.size()); + // length will not so that long + if (compressedLength > 0 && (int) len > compressedLength) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "compress error. data length overflow, bound length: %{public}d, buffer length: %{public}d", (int) len, + compressedLength); + return Constant::FAILURE; + } + + int result = compress((Byte *) compressedBytes, &len, (unsigned char *) json.c_str(), json.size() + 1); + if (result != Z_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "compress failed! error code: %{public}d", result); + return result; + } + ACCESSTOKEN_LOG_DEBUG(LABEL, "compress complete. compress %{public}d bytes to %{public}d", compressedLength, + (int) len); + compressedLength = len; + return Constant::SUCCESS; +} + +std::string SoftBusChannel::Decompress(const unsigned char *bytes, const int length) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "input length: %{public}d", length); + uLong len = RPC_TRANSFER_BYTES_MAX_LENGTH; + unsigned char *buf = (unsigned char *) malloc(len + 1); + if (buf == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory!"); + return ""; + } + memset_s(buf, len + 1, 0, len + 1); + int result = uncompress(buf, &len, (unsigned char *) bytes, length); + if (result != Z_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, + "uncompress failed, error code: %{public}d, bound length: %{public}d, buffer length: %{public}d", result, + (int) len, length); + free(buf); + return ""; + } + buf[len] = '\0'; + std::string str((char *) buf); + free(buf); + ACCESSTOKEN_LOG_DEBUG(LABEL, "done, output: %{public}s", str.c_str()); + return str; +} + +int SoftBusChannel::SendRequestBytes(const unsigned char *bytes, const int bytesLength) +{ + if (bytesLength == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "bytes data is invalid."); + return Constant::FAILURE; + } + + std::unique_lock lock(sessionMutex_); + if (CheckSessionMayReopenLocked() != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "session invalid and reopen failed!"); + return Constant::FAILURE; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "send len (after compress len)= %{public}d", bytesLength); + int result = ::SendBytes(session_, bytes, bytesLength); + if (result != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to send! result= %{public}d", result); + return Constant::FAILURE; + } + ACCESSTOKEN_LOG_DEBUG(LABEL, "send successfully."); + return Constant::SUCCESS; +} + +int SoftBusChannel::CheckSessionMayReopenLocked() +{ + // when session is opened, we got a valid sessionid, when session closed, we will reset sessionid. + if (IsSessionAvailable()) { + return Constant::SUCCESS; + } + int session = SoftBusManager::GetInstance().OpenSession(deviceId_); + if (session != Constant::INVALID_SESSION) { + session_ = session; + return Constant::SUCCESS; + } + return Constant::FAILURE; +} + +bool SoftBusChannel::IsSessionAvailable() +{ + if (session_ == Constant::INVALID_SESSION) { + return false; + } + return session_ > Constant::INVALID_SESSION; +} + +void SoftBusChannel::CancelCloseConnectionIfNeeded() +{ + std::unique_lock lock(mutex_); + if (!isDelayClosing_) { + return; + } + ACCESSTOKEN_LOG_DEBUG(LABEL, "cancel close connection"); + + Release(); + isDelayClosing_ = false; +} + +void SoftBusChannel::HandleRequest(int session, const std::string &id, const std::string &commandName, + const std::string &jsonPayload) +{ + std::shared_ptr command = + RemoteCommandFactory::GetInstance().NewRemoteCommandFromJson(commandName, jsonPayload); + if (command == nullptr) { + // send result back directly + ACCESSTOKEN_LOG_WARN(LABEL, "command %{public}s cannot get from json %{public}s", commandName.c_str(), + jsonPayload.c_str()); + + int sendlen = RPC_TRANSFER_HEAD_BYTES_LENGTH + jsonPayload.length(); + unsigned char *sendbuf = (unsigned char *) malloc(sendlen + 1); + if (sendbuf == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory: %{public}d", sendlen); + return; + } + memset_s(sendbuf, sendlen + 1, 0, sendlen + 1); + int sendResult = PrepareBytes(RESPONSE_TYPE, id, commandName, jsonPayload, sendbuf, sendlen); + if (sendResult != Constant::SUCCESS) { + free(sendbuf); + return; + } + int sendResultCode = SendResponseBytes(session, sendbuf, sendlen); + free(sendbuf); + ACCESSTOKEN_LOG_DEBUG(LABEL, "send response result= %{public}d ", sendResultCode); + return; + } + + // execute command + command->Execute(); + ACCESSTOKEN_LOG_DEBUG(LABEL, "command uniqueId: %{public}s, finish with status: %{public}d, message: %{public}s", + command->remoteProtocol_.uniqueId.c_str(), command->remoteProtocol_.statusCode, + command->remoteProtocol_.message.c_str()); + + // send result back + std::string resultJsonPayload = command->ToJsonPayload(); + int len = RPC_TRANSFER_HEAD_BYTES_LENGTH + resultJsonPayload.length(); + unsigned char *buf = (unsigned char *) malloc(len + 1); + if (buf == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory: %{public}d", len); + return; + } + memset_s(buf, len + 1, 0, len + 1); + int result = PrepareBytes(RESPONSE_TYPE, id, commandName, resultJsonPayload, buf, len); + if (result != Constant::SUCCESS) { + free(buf); + return; + } + int retCode = SendResponseBytes(session, buf, len); + free(buf); + ACCESSTOKEN_LOG_DEBUG(LABEL, "send response result= %{public}d", retCode); +} + +void SoftBusChannel::HandleResponse(const std::string &id, const std::string &jsonPayload) +{ + std::unique_lock lock(sessionMutex_); + auto callback = callbacks_.find(id); + if (callback != callbacks_.end()) { + (callback->second)(jsonPayload); + callbacks_.erase(callback); + } +} + +int SoftBusChannel::SendResponseBytes(int session, const unsigned char *bytes, const int bytesLength) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "send len (after compress len)= %{public}d", bytesLength); + int result = ::SendBytes(session, bytes, bytesLength); + if (result != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "fail to send! result= %{public}d", result); + return Constant::FAILURE; + } + ACCESSTOKEN_LOG_DEBUG(LABEL, "send successfully."); + return Constant::SUCCESS; +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp b/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp new file mode 100644 index 000000000..f10ba7cfa --- /dev/null +++ b/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "soft_bus_device_connection_listener.h" +#include "remote_command_manager.h" +#include "soft_bus_manager.h" +#include "device_info_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusDeviceConnectionListener"}; +} +SoftBusDeviceConnectionListener::SoftBusDeviceConnectionListener() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "SoftBusDeviceConnectionListener()"); +} +SoftBusDeviceConnectionListener::~SoftBusDeviceConnectionListener() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "~SoftBusDeviceConnectionListener()"); +} + +void SoftBusDeviceConnectionListener::OnDeviceOnline(const DmDeviceInfo &info) +{ + std::string networkId = info.deviceId; + std::string uuid = SoftBusManager::GetInstance().GetUniversallyUniqueIdByNodeId(networkId); + std::string udid = SoftBusManager::GetInstance().GetUniqueDisabilityIdByNodeId(networkId); + + ACCESSTOKEN_LOG_INFO(LABEL, + "networkId: %{public}s, uuid: %{public}s, udid: %{public}s", + networkId.c_str(), + uuid.c_str(), + udid.c_str()); + + if (uuid != "" && udid != "") { + DeviceInfoManager::GetInstance().AddDeviceInfo( + networkId, uuid, udid, info.deviceName, std::to_string(info.deviceTypeId)); + RemoteCommandManager::GetInstance().NotifyDeviceOnline(udid); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "uuid or udid is empty, online failed."); + } + // no need to load local permissions by now. +} + +void SoftBusDeviceConnectionListener::OnDeviceOffline(const DmDeviceInfo &info) +{ + std::string networkId = info.deviceId; + std::string uuid = DeviceInfoManager::GetInstance().ConvertToUniversallyUniqueIdOrFetch(networkId); + std::string udid = DeviceInfoManager::GetInstance().ConvertToUniqueDisabilityIdOrFetch(networkId); + + ACCESSTOKEN_LOG_INFO(LABEL, + "networkId: %{public}s, uuid: %{public}s, udid: %{public}s", + networkId.c_str(), + uuid.c_str(), + udid.c_str()); + + if (uuid != "" && udid != "") { + RemoteCommandManager::GetInstance().NotifyDeviceOffline(uuid); + RemoteCommandManager::GetInstance().NotifyDeviceOffline(udid); + DeviceInfoManager::GetInstance().RemoveRemoteDeviceInfo(networkId, DeviceIdType::NETWORK_ID); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "uuid or udid is empty, offline failed."); + } +} + +void SoftBusDeviceConnectionListener::OnDeviceReady(const DmDeviceInfo &info) +{ + std::string networkId = info.deviceId; + ACCESSTOKEN_LOG_INFO(LABEL, "networkId: %{public}s", networkId.c_str()); +} + +void SoftBusDeviceConnectionListener::OnDeviceChanged(const DmDeviceInfo &info) +{ + std::string networkId = info.deviceId; + ACCESSTOKEN_LOG_INFO(LABEL, "networkId: %{public}s", networkId.c_str()); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp index c0d294b9e..6262abace 100644 --- a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp +++ b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2021 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -16,8 +16,8 @@ #include -#include "accesstoken.h" -#include "softbus_bus_center.h" +#include "device_info_manager.h" +#include "parameter.h" namespace OHOS { namespace Security { @@ -25,27 +25,27 @@ namespace AccessToken { namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusManager"}; } - namespace { +static const std::string SESSION_GROUP_ID = "atm_dsoftbus_session_group_id"; static const SessionAttribute SESSION_ATTR = {.dataType = TYPE_BYTES}; static const int REASON_EXIST = -3; -static const int OPENSESSION_RETRY_TIMES = 100; +static const int OPENSESSION_RETRY_TIMES = 10 * 3; static const int OPENSESSION_RETRY_INTERVAL_MS = 100; -static const int CREAT_SERVER_RETRY_INTERVAL_MS = 1000; +static const int UDID_MAX_LENGTH = 128; // udid/uuid max length } // namespace const std::string SoftBusManager::ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_access_token"; const std::string SoftBusManager::SESSION_NAME = "ohos.security.atm_channel"; -SoftBusManager::SoftBusManager() : isSoftBusServiceBindSuccess_(false), inited_(false), mutex_() +SoftBusManager::SoftBusManager() : isSoftBusServiceBindSuccess_(false), inited_(false), mutex_(), fulfillMutex_() { - ACCESSTOKEN_LOG_INFO(LABEL, "SoftBusManager()"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "SoftBusManager()"); } SoftBusManager::~SoftBusManager() { - ACCESSTOKEN_LOG_INFO(LABEL, "~SoftBusManager()"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "~SoftBusManager()"); } SoftBusManager &SoftBusManager::GetInstance() @@ -54,85 +54,65 @@ SoftBusManager &SoftBusManager::GetInstance() return instance; } -int SoftBusManager::OnSessionOpend(int sessionId, int result) -{ - if (result != 0) { - ACCESSTOKEN_LOG_INFO(LABEL, "session is open failed, result %{public}d", result); - return RET_FAILED; - } - SoftBusManager::GetInstance().ModifySessionStatus(sessionId); - ACCESSTOKEN_LOG_INFO(LABEL, "session is open"); - return 0; -} - -void SoftBusManager::OnSessionClosed(int sessionId) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "session is closed"); -} - -void SoftBusManager::OnBytesReceived(int sessionId, const void *data, unsigned int dataLen) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "session receive data."); -} - -void SoftBusManager::OnMessageReceived(int sessionId, const void *data, unsigned int dataLen) -{ - ACCESSTOKEN_LOG_INFO(LABEL, "session receive message."); -} - -bool SoftBusManager::IsSessionOpen(int sessionId) -{ - Utils::UniqueReadGuard idGuard(this->sessIdLock_); - if (sessOpenSet_.count(sessionId) == 0) { - return true; - } - return false; -} - -void SoftBusManager::ModifySessionStatus(int sessionId) -{ - Utils::UniqueWriteGuard idGuard(this->sessIdLock_); - if (sessOpenSet_.count(sessionId) > 0) { - sessOpenSet_.erase(sessionId); - } -} - -void SoftBusManager::SetSessionWaitingOpen(int sessionId) -{ - Utils::UniqueWriteGuard idGuard(this->sessIdLock_); - sessOpenSet_.insert(sessionId); -} - void SoftBusManager::Initialize() { bool inited = false; // cas failed means already inited. if (!inited_.compare_exchange_strong(inited, true)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "already initialized, skip"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "already initialized, skip"); return; } - while (1) { - std::unique_lock lock(mutex_); - // register session listener - ISessionListener sessionListener; - sessionListener.OnSessionOpened = SoftBusManager::OnSessionOpend; - sessionListener.OnSessionClosed = SoftBusManager::OnSessionClosed; - sessionListener.OnBytesReceived = SoftBusManager::OnBytesReceived; - sessionListener.OnMessageReceived = SoftBusManager::OnMessageReceived; - - int ret = ::CreateSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str(), &sessionListener); - ACCESSTOKEN_LOG_INFO(LABEL, "Initialize: createSessionServer, result: %{public}d", ret); - // REASON_EXIST - if ((ret != 0) && (ret != REASON_EXIST)) { - auto sleepTime = std::chrono::milliseconds(CREAT_SERVER_RETRY_INTERVAL_MS); - std::this_thread::sleep_for(sleepTime); - continue; + std::function runner = [&]() { + auto sleepTime = std::chrono::milliseconds(1000); + while (1) { + std::unique_lock lock(mutex_); + std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; + std::shared_ptr ptrDmInitCallback = std::make_shared(); + int ret = + DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(packageName, ptrDmInitCallback); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: InitDeviceManager error, result: %{public}d", ret); + std::this_thread::sleep_for(sleepTime); + continue; + } + + std::string extra = ""; + std::shared_ptr ptrDeviceStateCallback = + std::make_shared(); + ret = DistributedHardware::DeviceManager::GetInstance().RegisterDevStateCallback(packageName, extra, + ptrDeviceStateCallback); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: RegisterDevStateCallback error, result: %{public}d", ret); + std::this_thread::sleep_for(sleepTime); + continue; + } + + // register session listener + ISessionListener sessionListener; + sessionListener.OnSessionOpened = SoftBusSessionListener::OnSessionOpened; + sessionListener.OnSessionClosed = SoftBusSessionListener::OnSessionClosed; + sessionListener.OnBytesReceived = SoftBusSessionListener::OnBytesReceived; + sessionListener.OnMessageReceived = SoftBusSessionListener::OnMessageReceived; + + ret = ::CreateSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str(), &sessionListener); + ACCESSTOKEN_LOG_INFO(LABEL, "Initialize: createSessionServer, result: %{public}d", ret); + // REASON_EXIST + if ((ret != Constant::SUCCESS) && (ret != REASON_EXIST)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: CreateSessionServer error, result: %{public}d", ret); + + std::this_thread::sleep_for(sleepTime); + continue; + } + + isSoftBusServiceBindSuccess_ = true; + this->FulfillLocalDeviceInfo(); + return; } - isSoftBusServiceBindSuccess_ = true; - break; - } + }; + std::thread initThread(runner); + initThread.detach(); ACCESSTOKEN_LOG_DEBUG(LABEL, "Initialize thread started"); } @@ -142,54 +122,61 @@ void SoftBusManager::Destroy() isSoftBusServiceBindSuccess_); if (inited_.load() == false) { - ACCESSTOKEN_LOG_ERROR(LABEL, "not inited, skip"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "not inited, skip"); return; } std::unique_lock lock(mutex_); if (inited_.load() == false) { - ACCESSTOKEN_LOG_ERROR(LABEL, "not inited, skip"); + ACCESSTOKEN_LOG_DEBUG(LABEL, "not inited, skip"); return; } if (isSoftBusServiceBindSuccess_) { int32_t ret = ::RemoveSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str()); - ACCESSTOKEN_LOG_ERROR(LABEL, "destroy, RemoveSessionServer: %{public}d", ret); + ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, RemoveSessionServer: %{public}d", ret); isSoftBusServiceBindSuccess_ = false; } + std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; + int ret = DistributedHardware::DeviceManager::GetInstance().UnRegisterDevStateCallback(packageName); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UnRegisterDevStateCallback failed, code: %{public}d", ret); + } + ret = DistributedHardware::DeviceManager::GetInstance().UnInitDeviceManager(packageName); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UnInitDeviceManager failed, code: %{public}d", ret); + } + inited_.store(false); ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, done"); } -int32_t SoftBusManager::SendRequest() +int32_t SoftBusManager::OpenSession(const std::string &deviceId) { - NodeBasicInfo *info = nullptr; - int32_t infoNum; - int ret = GetAllNodeDeviceInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), &info, &infoNum); - if (ret != 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "can not get node device"); - return RET_FAILED; + DeviceInfo info; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(deviceId, DeviceIdType::UNKNOWN, info); + if (result == false) { + ACCESSTOKEN_LOG_WARN(LABEL, "device info notfound for deviceId %{public}s", deviceId.c_str()); + return Constant::FAILURE; } + std::string networkId = info.deviceId.networkId; + ACCESSTOKEN_LOG_INFO(LABEL, "openSession, networkId: %{public}s", networkId.c_str()); // async open session, should waitting for OnSessionOpened event. - int sessionId = ::OpenSession(SESSION_NAME.c_str(), SESSION_NAME.c_str(), info[0].networkId, - "0", &SESSION_ATTR); - if (sessionId < 0) { - ACCESSTOKEN_LOG_ERROR(LABEL, "open session failed"); - return RET_FAILED; - } + int sessionId = ::OpenSession(SESSION_NAME.c_str(), SESSION_NAME.c_str(), networkId.c_str(), + SESSION_GROUP_ID.c_str(), &SESSION_ATTR); - SetSessionWaitingOpen(sessionId); + ACCESSTOKEN_LOG_DEBUG(LABEL, "session info: sessionId: %{public}d, uuid: %{public}s, udid: %{public}s", sessionId, + info.deviceId.universallyUniqueId.c_str(), info.deviceId.uniqueDisabilityId.c_str()); // wait session opening int retryTimes = 0; int logSpan = 10; auto sleepTime = std::chrono::milliseconds(OPENSESSION_RETRY_INTERVAL_MS); - bool isOpen = false; while (retryTimes++ < OPENSESSION_RETRY_TIMES) { - if (!IsSessionOpen(sessionId)) { + if (SoftBusSessionListener::GetSessionState(sessionId) < 0) { std::this_thread::sleep_for(sleepTime); if (retryTimes % logSpan == 0) { ACCESSTOKEN_LOG_INFO(LABEL, "openSession, waitting for: %{public}d ms", @@ -197,18 +184,163 @@ int32_t SoftBusManager::SendRequest() } continue; } - isOpen = true; break; } - int cmd = 0; - ret = ::SendBytes(sessionId, &cmd, sizeof(int)); - if (ret != 0) { - ::CloseSession(sessionId); - ACCESSTOKEN_LOG_ERROR(LABEL, "send cmd failed ret = %{public}d", ret); - return RET_FAILED; + int64_t state = SoftBusSessionListener::GetSessionState(sessionId); + if (state < 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "openSession, timeout, session: %{public}" PRId64, state); + return Constant::FAILURE; + } + + SoftBusSessionListener::DeleteSessionIdFromMap(sessionId); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "openSession, succeed, session: %{public}" PRId64, state); + return sessionId; +} + +int SoftBusManager::CloseSession(int sessionId) +{ + if (sessionId < 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "closeSession: session is invalid"); + return Constant::FAILURE; } + ::CloseSession(sessionId); - return RET_SUCCESS; + ACCESSTOKEN_LOG_INFO(LABEL, "closeSession "); + return Constant::SUCCESS; +} + + +std::string SoftBusManager::GetUniversallyUniqueIdByNodeId(const std::string &nodeId) +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid nodeId: %{public}s", nodeId.c_str()); + return ""; + } + + std::string uuid = GetUuidByNodeId(nodeId); + if (uuid.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "softbus return null or empty string [%{public}s]", uuid.c_str()); + return ""; + } + + DeviceInfo info; + bool result = DeviceInfoManager::GetInstance().GetDeviceInfo(uuid, DeviceIdType::UNIVERSALLY_UNIQUE_ID, info); + if (result == false) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "local device info not found for uuid %{public}s", uuid.c_str()); + } else { + std::string dimUuid = info.deviceId.universallyUniqueId; + if (uuid == dimUuid) { + // refresh cache + std::function fulfillDeviceInfo = std::bind(&SoftBusManager::FulfillLocalDeviceInfo, this); + std::thread fulfill(fulfillDeviceInfo); + fulfill.detach(); + } + } + + return uuid; +} + +std::string SoftBusManager::GetUniqueDisabilityIdByNodeId(const std::string &nodeId) +{ + if (!DataValidator::IsDeviceIdValid(nodeId)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid nodeId: %{public}s", nodeId.c_str()); + return ""; + } + std::string udid = GetUdidByNodeId(nodeId); + if (udid.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "softbus return null or empty string: %{public}s", udid.c_str()); + return ""; + } + char localUdid[Constant::DEVICE_UUID_LENGTH] = {0}; + ::GetDevUdid(localUdid, Constant::DEVICE_UUID_LENGTH); + if (udid == localUdid) { + // refresh cache + std::function fulfillDeviceInfo = std::bind(&SoftBusManager::FulfillLocalDeviceInfo, this); + std::thread fulfill(fulfillDeviceInfo); + fulfill.detach(); + } + return udid; +} + +std::string SoftBusManager::GetUuidByNodeId(const std::string &nodeId) const +{ + uint8_t *info = (uint8_t *) malloc(UDID_MAX_LENGTH + 1); + if (info == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory: %{public}d", UDID_MAX_LENGTH); + return ""; + } + memset_s(info, UDID_MAX_LENGTH + 1, 0, UDID_MAX_LENGTH + 1); + int32_t ret = ::GetNodeKeyInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), nodeId.c_str(), + NodeDeviceInfoKey::NODE_KEY_UUID, info, UDID_MAX_LENGTH); + if (ret != Constant::SUCCESS) { + free(info); + ACCESSTOKEN_LOG_WARN(LABEL, "GetNodeKeyInfo error, return code: %{public}d", ret); + return ""; + } + std::string uuid((char *) info); + free(info); + ACCESSTOKEN_LOG_DEBUG(LABEL, "call softbus finished. nodeId(in): %{public}s, uuid: %{public}s", nodeId.c_str(), + uuid.c_str()); + return uuid; +} + +std::string SoftBusManager::GetUdidByNodeId(const std::string &nodeId) const +{ + uint8_t *info = (uint8_t *) malloc(UDID_MAX_LENGTH + 1); + if (info == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "no enough memory: %{public}d", UDID_MAX_LENGTH); + return ""; + } + memset_s(info, UDID_MAX_LENGTH + 1, 0, UDID_MAX_LENGTH + 1); + int32_t ret = ::GetNodeKeyInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), nodeId.c_str(), + NodeDeviceInfoKey::NODE_KEY_UDID, info, UDID_MAX_LENGTH); + if (ret != Constant::SUCCESS) { + free(info); + ACCESSTOKEN_LOG_WARN(LABEL, "GetNodeKeyInfo error, code: %{public}d", ret); + return ""; + } + std::string udid((char *) info); + free(info); + ACCESSTOKEN_LOG_DEBUG(LABEL, "call softbus finished: nodeId(in): %{public}s, udid: %{public}s", nodeId.c_str(), + udid.c_str()); + return udid; +} + +int SoftBusManager::FulfillLocalDeviceInfo() +{ + // repeated task will just skip + if (!fulfillMutex_.try_lock()) { + ACCESSTOKEN_LOG_INFO(LABEL, "FulfillLocalDeviceInfo already running, skip."); + return Constant::SUCCESS; + } + + NodeBasicInfo info; + int32_t ret = ::GetLocalNodeDeviceInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), &info); + if (ret != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetLocalNodeDeviceInfo error"); + fulfillMutex_.unlock(); + return Constant::FAILURE; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "call softbus finished, networkId:%{public}s, name:%{public}s, type:%{public}d", + info.networkId, info.deviceName, info.deviceTypeId); + + std::string uuid = GetUuidByNodeId(info.networkId); + std::string udid = GetUdidByNodeId(info.networkId); + if (uuid.empty() || udid.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "FulfillLocalDeviceInfo: uuid or udid is empty, abort."); + fulfillMutex_.unlock(); + return Constant::FAILURE; + } + + DeviceInfoManager::GetInstance().AddDeviceInfo(info.networkId, uuid, udid, info.deviceName, + std::to_string(info.deviceTypeId)); + ACCESSTOKEN_LOG_DEBUG(LABEL, "AddDeviceInfo finished, networkId:%{public}s, uuid:%{public}s, udid:%{public}s", + info.networkId, uuid.c_str(), udid.c_str()); + + fulfillMutex_.unlock(); + return Constant::SUCCESS; } } // namespace AccessToken } // namespace Security diff --git a/services/tokensyncmanager/src/remote/soft_bus_session_listener.cpp b/services/tokensyncmanager/src/remote/soft_bus_session_listener.cpp new file mode 100644 index 000000000..e138da60a --- /dev/null +++ b/services/tokensyncmanager/src/remote/soft_bus_session_listener.cpp @@ -0,0 +1,135 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "soft_bus_session_listener.h" +#include "remote_command_manager.h" +#include "soft_bus_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusSessionListener"}; +} +namespace { +// Indicates the pointer to the session name, which is the unique ID of the session server. The value cannot be empty +// and can contain a maximum of 64 characters. +static const int32_t SESSION_NAME_MAXLENGTH = 64; +static const int32_t SESSION_ACCEPTED = 0; +static const int32_t SESSION_REFUSED = -1; +} // namespace + +std::mutex SoftBusSessionListener::g_SessionMutex_; +std::map SoftBusSessionListener::g_SessionOpenedMap_; + +int32_t SoftBusSessionListener::OnSessionOpened(int32_t session, int32_t result) +{ + if (result != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "OnSessionOpened, result: %{public}d", result); + return SESSION_REFUSED; + } + + int32_t len = SESSION_NAME_MAXLENGTH + 1; + char contents[len]; + int32_t resultCode = ::GetPeerSessionName(session, contents, len); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "OnSessionOpened, GetPeerSessionName failed, result: %{public}d", resultCode); + return SESSION_REFUSED; + } + std::string peerSessionName(contents); + if (SoftBusManager::SESSION_NAME != peerSessionName) { + ACCESSTOKEN_LOG_ERROR(LABEL, "OnSessionOpened, unknown session name."); + return SESSION_REFUSED; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "OnSessionOpened, id = %{public}d", session); + + // store session state: opening + std::lock_guard guard(g_SessionMutex_); + auto iter = g_SessionOpenedMap_.find(session); + if (iter == g_SessionOpenedMap_.end()) { + g_SessionOpenedMap_.insert(std::pair(session, (int64_t) 1)); + } else { + iter->second = iter->second + 1; + } + + return SESSION_ACCEPTED; +} + +void SoftBusSessionListener::OnSessionClosed(int32_t session) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "OnSessionClosed"); + + // clear session state + std::lock_guard guard(g_SessionMutex_); + auto iter = g_SessionOpenedMap_.find(session); + if (iter != g_SessionOpenedMap_.end()) { + g_SessionOpenedMap_.erase(iter); + } +} + +void SoftBusSessionListener::OnMessageReceived(int32_t sessionId, const void *data, uint32_t dataLen) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "OnMessageReceived: data length = %{public}u", dataLen); +} + +void SoftBusSessionListener::OnBytesReceived(int32_t sessionId, const void *data, uint32_t dataLen) +{ + if (sessionId == Constant::INVALID_SESSION || dataLen == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "params invalid, data length: %{public}d", dataLen); + return; + } + + int32_t len = SESSION_NAME_MAXLENGTH + 1; + char contents[len]; + int32_t resultCode = ::GetPeerDeviceId(sessionId, contents, len); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetPeerDeviceId, failed, result: %{public}d", resultCode); + return; + } + std::string networkId(contents); + ACCESSTOKEN_LOG_INFO(LABEL, "networkId = %{public}s, data length = %{public}u", contents, dataLen); + auto channel = RemoteCommandManager::GetInstance().GetExecutorChannel(networkId); + if (channel == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetExecutorChannel, failed, networkId: %{public}s", contents); + return; + } + channel->HandleDataReceived(sessionId, (unsigned char *) data, dataLen); +} + +int64_t SoftBusSessionListener::GetSessionState(int32_t sessionId) +{ + // get session state + std::lock_guard guard(g_SessionMutex_); + auto iter = g_SessionOpenedMap_.find(sessionId); + if (iter == g_SessionOpenedMap_.end()) { + return STATE_NOTFOUND; + } + return (iter->second); +} + +void SoftBusSessionListener::DeleteSessionIdFromMap(int32_t sessionID) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "DeleteSessionIdFromMap"); + // delete sessionId in map + std::lock_guard guard(g_SessionMutex_); + auto iter = g_SessionOpenedMap_.find(sessionID); + if (iter != g_SessionOpenedMap_.end()) { + g_SessionOpenedMap_.erase(iter); + } +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/tokensyncmanager/src/service/token_sync_event_handler.cpp b/services/tokensyncmanager/src/service/token_sync_event_handler.cpp new file mode 100644 index 000000000..5aa524193 --- /dev/null +++ b/services/tokensyncmanager/src/service/token_sync_event_handler.cpp @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_sync_event_handler.h" + +#include "accesstoken_log.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncEventHandler"}; +} +TokenSyncEventHandler::TokenSyncEventHandler( + const std::shared_ptr &runner) + : AppExecFwk::EventHandler(runner) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "enter"); +} +TokenSyncEventHandler::~TokenSyncEventHandler() = default; + +bool TokenSyncEventHandler::ProxyPostTask(const Callback &callback, int64_t delayTime) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "PostTask without name"); + return AppExecFwk::EventHandler::PostTask(callback, delayTime); +} + +bool TokenSyncEventHandler::ProxyPostTask( + const Callback &callback, const std::string &name, int64_t delayTime) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "PostTask with name"); + return AppExecFwk::EventHandler::PostTask(callback, name, delayTime); +} + +void TokenSyncEventHandler::ProxyRemoveTask(const std::string &name) +{ + AppExecFwk::EventHandler::RemoveTask(name); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS \ No newline at end of file diff --git a/services/tokensyncmanager/src/service/tokensync_manager_service.cpp b/services/tokensyncmanager/src/service/token_sync_manager_service.cpp similarity index 31% rename from services/tokensyncmanager/src/service/tokensync_manager_service.cpp rename to services/tokensyncmanager/src/service/token_sync_manager_service.cpp index c471fa466..5a3c034b8 100644 --- a/services/tokensyncmanager/src/service/tokensync_manager_service.cpp +++ b/services/tokensyncmanager/src/service/token_sync_manager_service.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,10 +13,14 @@ * limitations under the License. */ -#include "tokensync_manager_service.h" +#include "token_sync_manager_service.h" #include + #include "accesstoken_log.h" +#include "device_info_repository.h" +#include "device_info.h" +#include "remote_command_manager.h" #include "soft_bus_manager.h" namespace OHOS { @@ -66,19 +70,126 @@ void TokenSyncManagerService::OnStop() state_ = ServiceRunningState::STATE_NOT_START; } -int TokenSyncManagerService::VerifyPermission( - const std::string& bundleName, const std::string& permissionName, int userId) +std::shared_ptr TokenSyncManagerService::GetSendEventHandler() { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, packageName: %{public}s, permissionName: %{public}s, userId: %{public}d", __func__, - bundleName.c_str(), permissionName.c_str(), userId); - int ret = SoftBusManager::GetInstance().SendRequest(); - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, ret %{public}d", __func__, ret); - return ret; + return sendHandler_; } -bool TokenSyncManagerService::Initialize() const +std::shared_ptr TokenSyncManagerService::GetRecvEventHandler() { + return recvHandler_; +} + +int TokenSyncManagerService::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) +{ + if (!DataValidator::IsDeviceIdValid(deviceID) || tokenID == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "Params is wrong."); + return RET_FAILED; + } + DeviceInfo devInfo; + bool result = DeviceInfoRepository::GetInstance().FindDeviceInfo(deviceID, DeviceIdType::UNKNOWN, devInfo); + if (!result) { + ACCESSTOKEN_LOG_INFO(LABEL, "FindDeviceInfo failed"); + return Constant::FAILURE; + } + std::string udid = devInfo.deviceId.uniqueDisabilityId; + const std::shared_ptr syncRemoteHapTokenCommand = + RemoteCommandFactory::GetInstance().NewSyncRemoteHapTokenCommand(Constant::GetLocalDeviceId(), + deviceID, tokenID); + + const int32_t resultCode = RemoteCommandManager::GetInstance().ExecuteCommand(udid, syncRemoteHapTokenCommand); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_INFO(LABEL, + "RemoteExecutorManager executeCommand SyncRemoteHapTokenCommand failed, return %d", resultCode); + return resultCode; + } + ACCESSTOKEN_LOG_INFO(LABEL, "get resultCode: %d", resultCode); + return RET_SUCCESS; +} + +int TokenSyncManagerService::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) +{ + if (tokenID == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "Params is wrong, token id is invalid."); + return RET_FAILED; + } + + std::vector devices = DeviceInfoRepository::GetInstance().ListDeviceInfo(); + std::string localUdid = Constant::GetLocalDeviceId(); + for (DeviceInfo device : devices) { + if (device.deviceId.uniqueDisabilityId == localUdid) { + ACCESSTOKEN_LOG_INFO(LABEL, "no need notify local device"); + continue; + } + const std::shared_ptr deleteRemoteTokenCommand = + RemoteCommandFactory::GetInstance().NewDeleteRemoteTokenCommand(Constant::GetLocalDeviceId(), + device.deviceId.networkId, tokenID); + + const int32_t resultCode = RemoteCommandManager::GetInstance().ExecuteCommand( + device.deviceId.uniqueDisabilityId, deleteRemoteTokenCommand); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_INFO(LABEL, + "RemoteExecutorManager executeCommand DeleteRemoteTokenCommand failed, return %d", resultCode); + continue; + } + ACCESSTOKEN_LOG_INFO(LABEL, "get resultCode: %d", resultCode); + } + return RET_SUCCESS; +} + +int TokenSyncManagerService::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) +{ + std::vector devices = DeviceInfoRepository::GetInstance().ListDeviceInfo(); + std::string localUdid = Constant::GetLocalDeviceId(); + for (DeviceInfo device : devices) { + if (device.deviceId.uniqueDisabilityId == localUdid) { + ACCESSTOKEN_LOG_INFO(LABEL, "no need notify local device"); + continue; + } + + const std::shared_ptr updateRemoteHapTokenCommand = + RemoteCommandFactory::GetInstance().NewUpdateRemoteHapTokenCommand(Constant::GetLocalDeviceId(), + device.deviceId.networkId, tokenInfo); + + const int32_t resultCode = RemoteCommandManager::GetInstance().ExecuteCommand( + device.deviceId.uniqueDisabilityId, updateRemoteHapTokenCommand); + if (resultCode != Constant::SUCCESS) { + ACCESSTOKEN_LOG_INFO(LABEL, + "RemoteExecutorManager executeCommand updateRemoteHapTokenCommand failed, return %d", resultCode); + continue; + } + ACCESSTOKEN_LOG_INFO(LABEL, "get resultCode: %d", resultCode); + } + + return RET_SUCCESS; +} + +bool TokenSyncManagerService::Initialize() +{ + sendRunner_ = AppExecFwk::EventRunner::Create(true); + if (!sendRunner_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "failed to create a sendRunner."); + return false; + } + + sendHandler_ = std::make_shared(sendRunner_); + if (!sendHandler_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "sendHandler_ is nullpter."); + return false; + } + + recvRunner_ = AppExecFwk::EventRunner::Create(true); + if (!recvRunner_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "failed to create a recvRunner."); + return false; + } + + recvHandler_ = std::make_shared(recvRunner_); + if (!recvHandler_) { + ACCESSTOKEN_LOG_ERROR(LABEL, "recvHandler_ is nullpter."); + return false; + } + SoftBusManager::GetInstance().Initialize(); return true; } diff --git a/services/tokensyncmanager/src/service/tokensync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp similarity index 51% rename from services/tokensyncmanager/src/service/tokensync_manager_stub.cpp rename to services/tokensyncmanager/src/service/token_sync_manager_stub.cpp index f6a3506f8..c44fc70bd 100644 --- a/services/tokensyncmanager/src/service/tokensync_manager_stub.cpp +++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Huawei Device Co., Ltd. + * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,10 +13,10 @@ * limitations under the License. */ -#include "tokensync_manager_stub.h" +#include "token_sync_manager_stub.h" #include "accesstoken_log.h" - +#include "hap_token_info_for_sync_parcel.h" #include "ipc_skeleton.h" #include "string_ex.h" @@ -37,8 +37,14 @@ int32_t TokenSyncManagerStub::OnRemoteRequest( return -1; } switch (code) { - case static_cast(ITokenSyncManager::InterfaceCode::VERIFY_PERMISSION): - VerifyPermissionInner(data, reply); + case static_cast(ITokenSyncManager::InterfaceCode::GET_REMOTE_HAP_TOKEN_INFO): + GetRemoteHapTokenInfoInner(data, reply); + break; + case static_cast(ITokenSyncManager::InterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO): + DeleteRemoteHapTokenInfoInner(data, reply); + break; + case static_cast(ITokenSyncManager::InterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO): + UpdateRemoteHapTokenInfoInner(data, reply); break; default: return IPCObjectStub::OnRemoteRequest(code, data, reply, option); @@ -46,12 +52,31 @@ int32_t TokenSyncManagerStub::OnRemoteRequest( return NO_ERROR; } -void TokenSyncManagerStub::VerifyPermissionInner(MessageParcel& data, MessageParcel& reply) +void TokenSyncManagerStub::GetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) { - std::string bundleName = data.ReadString(); - std::string permissionName = data.ReadString(); - int userId = data.ReadInt32(); - int result = this->VerifyPermission(bundleName, permissionName, userId); + std::string deviceID = data.ReadString(); + int tokenID = data.ReadUint32(); + + HapTokenInfoForSync tokenInfo; + int result = this->GetRemoteHapTokenInfo(deviceID, tokenID); + reply.WriteInt32(result); +} + +void TokenSyncManagerStub::DeleteRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + std::string deviceID = data.ReadString(); + int tokenID = data.ReadUint32(); + int result = this->DeleteRemoteHapTokenInfo(tokenID); + reply.WriteInt32(result); +} + +void TokenSyncManagerStub::UpdateRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) +{ + sptr tokenInfoParcelPtr = data.ReadParcelable(); + int result = RET_FAILED; + if (tokenInfoParcelPtr != nullptr) { + result = this->UpdateRemoteHapTokenInfo(tokenInfoParcelPtr->hapTokenInfoForSyncParams); + } reply.WriteInt32(result); } } // namespace AccessToken -- Gitee From b6ae6bee9a0179721f51ac7fb674243aa4b679ee Mon Sep 17 00:00:00 2001 From: libing23 Date: Tue, 15 Feb 2022 20:17:24 +0800 Subject: [PATCH 50/51] add tokensync unitest Signed-off-by: libing23 --- .../innerkits/accesstoken/test/BUILD.gn | 3 + .../unittest/src/accesstoken_kit_test.cpp | 921 ++++++++++++++++++ .../include/token/accesstoken_info_manager.h | 2 + .../cpp/include/token/hap_token_info_inner.h | 1 + .../cpp/src/permission/permission_manager.cpp | 33 +- .../src/token/accesstoken_info_manager.cpp | 143 ++- .../cpp/src/token/hap_token_info_inner.cpp | 5 + services/tokensyncmanager/BUILD.gn | 2 - 8 files changed, 1044 insertions(+), 66 deletions(-) mode change 100755 => 100644 interfaces/innerkits/accesstoken/test/BUILD.gn mode change 100755 => 100644 interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn old mode 100755 new mode 100644 index a39d7014d..e981ea0ec --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -23,6 +23,7 @@ ohos_unittest("libaccesstoken_sdk_test") { "//third_party/googletest/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//base/security/access_token/interfaces/innerkits/nativetoken/include", + "//base/security/access_token/frameworks/common/include", ] sources = [ "unittest/src/accesstoken_kit_test.cpp" ] @@ -34,6 +35,8 @@ ohos_unittest("libaccesstoken_sdk_test") { "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//utils/native/base:utils", ] + + external_deps = [ "hiviewdfx_hilog_native:libhilog" ] } group("unittest") { diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp old mode 100755 new mode 100644 index 5ff41acf1..c80c6301d --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -18,11 +18,14 @@ #include "accesstoken_kit.h" #include "nativetoken_kit.h" +#include "accesstoken_log.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKitTest"}; + static PermissionStateFull g_grantPermissionReq = { .permissionName = "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", .isGeneral = true, @@ -2076,3 +2079,921 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1) int res = AccessTokenKit::DeleteToken(tokenIdEx.tokenIdExStruct.tokenID); ASSERT_EQ(RET_SUCCESS, res); } + +/** + * @tc.name: SetRemoteHapTokenInfo001 + * @tc.desc: set remote hap token info success + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo001 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + // check local map token + HapTokenInfo resultInfo; + ret = AccessTokenKit::GetHapTokenInfo(mapID, resultInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(resultInfo.apl, remoteTokenInfo.baseInfo.apl); + ASSERT_EQ(resultInfo.ver, remoteTokenInfo.baseInfo.ver); + ASSERT_EQ(resultInfo.userID, remoteTokenInfo.baseInfo.userID); + ASSERT_EQ(resultInfo.bundleName, remoteTokenInfo.baseInfo.bundleName); + ASSERT_EQ(resultInfo.instIndex, remoteTokenInfo.baseInfo.instIndex); + ASSERT_EQ(resultInfo.appID, remoteTokenInfo.baseInfo.appID); + ASSERT_EQ(resultInfo.deviceID, remoteTokenInfo.baseInfo.deviceID); + ASSERT_NE(resultInfo.tokenID, remoteTokenInfo.baseInfo.tokenID); // tokenID already is map tokenID + ASSERT_EQ(resultInfo.tokenAttr, remoteTokenInfo.baseInfo.tokenAttr); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo002 + * @tc.desc: set remote hap token info, token info is wrong + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo002 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo rightBaseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + HapTokenInfo wrongBaseInfo = rightBaseInfo; + wrongBaseInfo.apl = (ATokenAplEnum)11; // wrong apl + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = wrongBaseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); + + std::string wrongStr(10241, 'x'); + + wrongBaseInfo = rightBaseInfo; + wrongBaseInfo.appID = wrongStr; // wrong appID + remoteTokenInfo.baseInfo = wrongBaseInfo; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); + + wrongBaseInfo = rightBaseInfo; + wrongBaseInfo.bundleName = wrongStr; // wrong bundleName + remoteTokenInfo.baseInfo = wrongBaseInfo; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); + + wrongBaseInfo = rightBaseInfo; + wrongBaseInfo.deviceID = wrongStr; // wrong deviceID + remoteTokenInfo.baseInfo = wrongBaseInfo; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); + + wrongBaseInfo = rightBaseInfo; + wrongBaseInfo.tokenID = 0; // wrong tokenID + remoteTokenInfo.baseInfo = wrongBaseInfo; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo003 + * @tc.desc: set remote hap token wrong permission grant + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo003 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {11}, // wrong flags + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo004 + * @tc.desc: update remote hap token when remote exist + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo004 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); + + remoteTokenInfo.permStateList[0].grantStatus[0] = PermissionState::PERMISSION_GRANTED; // second granted + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo005 + * @tc.desc: add remote hap token, it can not grant by GrantPermission + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo005 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); + + ret = AccessTokenKit::GrantPermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo006 + * @tc.desc: add remote hap token, it can not revoke by RevokePermission + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo006 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::RevokePermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo007 + * @tc.desc: add remote hap token, it can not delete by DeleteToken + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo007 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::DeleteToken(mapID); + ASSERT_EQ(ret, RET_FAILED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo008 + * @tc.desc: add remote hap token, it can not update by UpdateHapToken + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo008 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + HapPolicyParams policy; + + ret = AccessTokenKit::UpdateHapToken(mapID, "updateFailed", policy); + ASSERT_EQ(ret, RET_FAILED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo009 + * @tc.desc: add remote hap token, it can not clear by ClearUserGrantedPermissionState + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + // Get local map token ID + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::ClearUserGrantedPermissionState(mapID); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1"); + ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); +} + +/** + * @tc.name: SetRemoteHapTokenInfo010 + * @tc.desc: tokenID is not hap token + * @tc.type: FUNC + * @tc.require:AR000GK6T5 + */ +HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x28100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: DeleteRemoteDeviceToken001 + * @tc.desc: delete exist device mapping tokenId + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + HapTokenInfo info; + ret = AccessTokenKit::GetHapTokenInfo(mapID, info); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::GetHapTokenInfo(mapID, info); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: DeleteRemoteDeviceToken002 + * @tc.desc: delete exist device mapping tokenId + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + HapTokenInfo info; + ret = AccessTokenKit::GetHapTokenInfo(mapID, info); + ASSERT_EQ(ret, RET_SUCCESS); + + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0); + ASSERT_NE(ret, RET_SUCCESS); + + // deviceID is wrong + std::string wrongStr(10241, 'x'); + deviceID = wrongStr; + ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: DeleteRemoteDeviceToken003 + * @tc.desc: delete exist device mapping tokenId + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken003, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceToken003 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + + int ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: DeleteRemoteDeviceTokens001 + * @tc.desc: delete all mapping tokens of exist device + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo; + remoteTokenInfo1.baseInfo.tokenID = 0x20100001; + remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1"; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1); + ASSERT_EQ(ret, RET_SUCCESS); + + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100001); + ASSERT_NE(mapID1, 0); + + ret = AccessTokenKit::DeleteRemoteDeviceTokens(deviceID); + ASSERT_EQ(ret, RET_SUCCESS); + + HapTokenInfo info; + ret = AccessTokenKit::GetHapTokenInfo(mapID, info); + ASSERT_NE(ret, RET_SUCCESS); + ret = AccessTokenKit::GetHapTokenInfo(mapID1, info); + ASSERT_NE(ret, RET_SUCCESS); +} + +/** + * @tc.name: DeleteRemoteDeviceTokens002 + * @tc.desc: delete all mapping tokens of NOT exist device + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens002 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo; + remoteTokenInfo1.baseInfo.tokenID = 0x20100001; + remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1"; + ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1); + ASSERT_EQ(ret, RET_SUCCESS); + + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100001); + ASSERT_NE(mapID1, 0); + + ret = AccessTokenKit::DeleteRemoteDeviceTokens("1111111"); + ASSERT_NE(ret, RET_SUCCESS); + + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001); +} + +/** + * @tc.name: GetHapTokenInfoFromRemote001 + * @tc.desc: get normal local tokenInfo + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote001 start."); + AccessTokenIDEx tokenIdEx = {0}; + tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); + AccessTokenID localTokenID = tokenIdEx.tokenIdExStruct.tokenID; + + HapTokenInfoForSync infoSync; + int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(infoSync.baseInfo.apl, g_infoManagerTestPolicyPrams.apl); + ASSERT_EQ(infoSync.permStateList.size(), 2); + ASSERT_EQ(infoSync.permStateList[1].grantFlags.size(), 2); + + ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName); + ASSERT_EQ(infoSync.permStateList[0].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[0].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]); + ASSERT_EQ(infoSync.permStateList[0].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[0].resDeviceID[0]); + ASSERT_EQ(infoSync.permStateList[0].isGeneral, g_infoManagerTestPolicyPrams.permStateList[0].isGeneral); + + ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName); + ASSERT_EQ(infoSync.permStateList[1].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]); + ASSERT_EQ(infoSync.permStateList[1].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]); + ASSERT_EQ(infoSync.permStateList[1].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[0]); + ASSERT_EQ(infoSync.permStateList[1].isGeneral, g_infoManagerTestPolicyPrams.permStateList[1].isGeneral); + + ASSERT_EQ(infoSync.permStateList[1].grantFlags[1], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[1]); + ASSERT_EQ(infoSync.permStateList[1].grantStatus[1], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[1]); + ASSERT_EQ(infoSync.permStateList[1].resDeviceID[1], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[1]); + + ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName); + ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID); + ASSERT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex); + ASSERT_EQ(infoSync.baseInfo.appID, g_infoManagerTestInfoParms.appIDDesc); + ASSERT_EQ(infoSync.baseInfo.ver, 1); + ASSERT_EQ(infoSync.baseInfo.tokenID, localTokenID); + ASSERT_EQ(infoSync.baseInfo.tokenAttr, 0); + + AccessTokenKit::DeleteToken(localTokenID); +} + +/** + * @tc.name: GetHapTokenInfoFromRemote002 + * @tc.desc: get normal mapping tokenInfo + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote002 start."); + std::string deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2"; + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); + HapTokenInfo baseInfo = { + .apl = APL_NORMAL, + .ver = 1, + .userID = 1, + .bundleName = "com.ohos.access_token", + .instIndex = 1, + .appID = "testtesttesttest", + .deviceID = "ea82205d1f9964346ee12e17ec0f362bb7203fca7c62d82899ffa917f9cbe6b2", + .tokenID = 0x20100000, + .tokenAttr = 0 + }; + + PermissionStateFull infoManagerTestState = { + .grantFlags = {PermissionFlag::PERMISSION_USER_SET}, + .grantStatus = {PermissionState::PERMISSION_GRANTED}, + .isGeneral = true, + .permissionName = "ohos.permission.test1", + .resDeviceID = {"local"}}; + std::vector permStateList; + permStateList.emplace_back(infoManagerTestState); + + HapTokenInfoForSync remoteTokenInfo = { + .baseInfo = baseInfo, + .permStateList =permStateList + }; + + int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo); + ASSERT_EQ(ret, RET_SUCCESS); + + AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(deviceID, 0x20100000); + ASSERT_NE(mapID, 0); + + HapTokenInfoForSync infoSync; + ret = AccessTokenKit::GetHapTokenInfoFromRemote(mapID, infoSync); + ASSERT_NE(ret, RET_SUCCESS); + + AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000); +} + +/** + * @tc.name: GetHapTokenInfoFromRemote003 + * @tc.desc: get normal mapping tokenInfo + * @tc.type: FUNC + * @tc.require:AR000GK6TA + */ +HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote003, TestSize.Level1) +{ + ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote003 start."); + HapTokenInfoForSync infoSync; + int ret = AccessTokenKit::GetHapTokenInfoFromRemote(0, infoSync); + ASSERT_NE(ret, RET_SUCCESS); +} diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 3e32c69a7..3c4329380 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -77,6 +77,8 @@ private: bool TryUpdateExistNativeToken(const std::shared_ptr& infoPtr); int AllocNativeToken(const std::shared_ptr& infoPtr); void StoreAllTokenInfo(); + int CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); + int UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync); OHOS::ThreadPool tokenDataWorker_; bool hasInited_; diff --git a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h index b41808fbc..add61cb1d 100644 --- a/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h +++ b/services/accesstokenmanager/main/cpp/include/token/hap_token_info_inner.h @@ -52,6 +52,7 @@ public: std::string GetBundleName() const; int GetInstIndex() const; AccessTokenID GetTokenID() const; + void SetPermissionPolicySet(std::shared_ptr& policySet); void ToString(std::string& info) const; bool IsRemote() const; void SetRemote(bool isRemote); diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 018a3f2fa..392991acc 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -196,19 +196,24 @@ int PermissionManager::GetPermissionFlag(AccessTokenID tokenID, const std::strin void PermissionManager::UpdateTokenPermissionState( AccessTokenID tokenID, const std::string& permissionName, bool isGranted, int flag) { - std::shared_ptr permPolicySet = - AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); + return; + } + if (infoPtr->IsRemote()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote token can not update"); + return; + } + + std::shared_ptr permPolicySet = infoPtr->GetHapInfoPermissionPolicySet(); if (permPolicySet == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; } permPolicySet->UpdatePermissionStatus(permissionName, isGranted, flag); - std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); - if (infoPtr != nullptr && !infoPtr->IsRemote()) { - TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); - } - AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); + TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); } void PermissionManager::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) @@ -256,8 +261,17 @@ void PermissionManager::RevokePermission(AccessTokenID tokenID, const std::strin void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); - std::shared_ptr permPolicySet = - AccessTokenInfoManager::GetInstance().GetHapPermissionPolicySet(tokenID); + std::shared_ptr infoPtr = AccessTokenInfoManager::GetInstance().GetHapTokenInfoInner(tokenID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); + return; + } + if (infoPtr->IsRemote()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote token can not clear."); + return; + } + + std::shared_ptr permPolicySet = infoPtr->GetHapInfoPermissionPolicySet(); if (permPolicySet == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "invalid params!"); return; @@ -272,7 +286,6 @@ void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID) isGranted = (permDef.grantMode == SYSTEM_GRANT) ? true : false; permPolicySet->UpdatePermissionStatus(perm.permissionName, isGranted, DEFAULT_PERMISSION_FLAGS); } - AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); } std::string PermissionManager::TransferPermissionDefToString(const PermissionDef& inPermissionDef) diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp index 4fa86d047..c504c2c72 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_info_manager.cpp @@ -280,7 +280,6 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) return RET_FAILED; } - bool isRemote = false; // make sure that RemoveDefPermissions is called outside of the lock to avoid deadlocks. PermissionManager::GetInstance().RemoveDefPermissions(id); { @@ -295,22 +294,21 @@ int AccessTokenInfoManager::RemoveHapTokenInfo(AccessTokenID id) ACCESSTOKEN_LOG_ERROR(LABEL, "hap token %{public}x is null.", id); return RET_FAILED; } - isRemote = info->IsRemote(); - if (!info->IsRemote()) { - std::string HapUniqueKey = GetHapUniqueStr(info); - if (hapTokenIdMap_.count(HapUniqueKey) != 0) { - hapTokenIdMap_.erase(HapUniqueKey); - } + if (info->IsRemote()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote hap token %{public}x can not delete.", id); + return RET_FAILED; + } + std::string HapUniqueKey = GetHapUniqueStr(info); + if (hapTokenIdMap_.count(HapUniqueKey) != 0) { + hapTokenIdMap_.erase(HapUniqueKey); } hapTokenInfoMap_.erase(id); } AccessTokenIDManager::GetInstance().ReleaseTokenId(id); ACCESSTOKEN_LOG_INFO(LABEL, "remove hap token 0x%{public}x ok!", id); - if (!isRemote) { - RefreshTokenInfoIfNeeded(); - TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); - } + RefreshTokenInfoIfNeeded(); + TokenModifyNotifier::GetInstance().NotifyTokenDelete(id); return RET_SUCCESS; } @@ -328,18 +326,18 @@ int AccessTokenInfoManager::RemoveNativeTokenInfo(AccessTokenID id) { Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); if (nativeTokenInfoMap_.count(id) == 0) { - ACCESSTOKEN_LOG_ERROR( - LABEL, "native token %{public}x is null.", id); + ACCESSTOKEN_LOG_ERROR(LABEL, "native token %{public}x is null.", id); return RET_FAILED; } std::shared_ptr info = nativeTokenInfoMap_[id]; - isRemote = info->IsRemote(); - if (!isRemote) { - std::string processName = nativeTokenInfoMap_[id]->GetProcessName(); - if (nativeTokenIdMap_.count(processName) != 0) { - nativeTokenIdMap_.erase(processName); - } + if (info->IsRemote()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote native token %{public}x can not delete.", id); + return RET_FAILED; + } + std::string processName = nativeTokenInfoMap_[id]->GetProcessName(); + if (nativeTokenIdMap_.count(processName) != 0) { + nativeTokenIdMap_.erase(processName); } nativeTokenInfoMap_.erase(id); } @@ -499,6 +497,11 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, return RET_FAILED; } + if (infoPtr->IsRemote()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remote hap token 0x%{public}x can not update!", tokenID); + return RET_FAILED; + } + { Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); infoPtr->Update(appIDDesc, policy); @@ -508,9 +511,7 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, } PermissionManager::GetInstance().AddDefPermissions(infoPtr, true); - if (!infoPtr->IsRemote()) { - TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); - } + TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID); RefreshTokenInfoIfNeeded(); return RET_SUCCESS; } @@ -518,7 +519,7 @@ int AccessTokenInfoManager::UpdateHapToken(AccessTokenID tokenID, int AccessTokenInfoManager::GetHapTokenSync(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) { std::shared_ptr infoPtr = GetHapTokenInfoInner(tokenID); - if (infoPtr == nullptr) { + if (infoPtr == nullptr || infoPtr->IsRemote()) { ACCESSTOKEN_LOG_ERROR( LABEL, "token %{public}x is invalid.", tokenID); return RET_FAILED; @@ -557,11 +558,57 @@ void AccessTokenInfoManager::GetAllNativeTokenInfo(std::vector& return; } +int AccessTokenInfoManager::UpdateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync) +{ + std::shared_ptr infoPtr = GetHapTokenInfoInner(mapID); + if (infoPtr == nullptr) { + ACCESSTOKEN_LOG_INFO(LABEL, "token 0x%{public}x is null, can not update!", mapID); + return RET_FAILED; + } + + std::vector permList = {}; + std::shared_ptr newPermPolicySet = + PermissionPolicySet::BuildPermissionPolicySet(mapID, permList, hapSync.permStateList); + + { + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + infoPtr->SetPermissionPolicySet(newPermPolicySet); + } + return RET_SUCCESS; +} + +int AccessTokenInfoManager::CreateRemoteHapTokenInfo(AccessTokenID mapID, HapTokenInfoForSync& hapSync) +{ + // update remote token mapping id + hapSync.baseInfo.tokenID = mapID; + std::shared_ptr hap = std::make_shared(mapID, + hapSync.baseInfo, hapSync.permStateList); + if (hap == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "alloc local token failed."); + return RET_FAILED; + } + hap->SetRemote(true); + + int ret = AddHapTokenInfo(hap); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "add local token failed."); + return RET_FAILED; + } + + return RET_SUCCESS; +} + int AccessTokenInfoManager::SetRemoteHapTokenInfo(const std::string& deviceID, HapTokenInfoForSync& hapSync) { if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsUserIdValid(hapSync.baseInfo.userID) - || !DataValidator::IsBundleNameValid(hapSync.baseInfo.bundleName)) { + || !DataValidator::IsBundleNameValid(hapSync.baseInfo.bundleName) + || !DataValidator::IsAplNumValid(hapSync.baseInfo.apl) + || !DataValidator::IsTokenIDValid(hapSync.baseInfo.tokenID) + || !DataValidator::IsAppIDDescValid(hapSync.baseInfo.appID) + || !DataValidator::IsDeviceIdValid(hapSync.baseInfo.deviceID) + || hapSync.baseInfo.ver != DEFAULT_TOKEN_VERSION + || AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(hapSync.baseInfo.tokenID) != TOKEN_HAP) { ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s parms invalid", deviceID.c_str()); return RET_FAILED; } @@ -571,13 +618,7 @@ int AccessTokenInfoManager::SetRemoteHapTokenInfo(const std::string& deviceID, H if (mapID != 0) { ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x update exist remote hap token %{public}x.", deviceID.c_str(), remoteID, mapID); - HapPolicyParams policy = { - .apl = hapSync.baseInfo.apl, - .domain = "", // domain not used - .permList = {}, // permission define list never sync. - .permStateList = hapSync.permStateList - }; - return UpdateHapToken(mapID, hapSync.baseInfo.appID, policy); + return UpdateRemoteHapTokenInfo(mapID, hapSync); } mapID = AccessTokenRemoteTokenManager::GetInstance().MapRemoteDeviceTokenToLocal(deviceID, remoteID); @@ -586,31 +627,14 @@ int AccessTokenInfoManager::SetRemoteHapTokenInfo(const std::string& deviceID, H LABEL, "device %{public}s token %{public}x map failed.", deviceID.c_str(), remoteID); return RET_FAILED; } - hapSync.baseInfo.tokenID = mapID; - ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map to local token %{public}x.", - deviceID.c_str(), remoteID, mapID); - - // update remote token mapping id - hapSync.baseInfo.tokenID = mapID; - std::shared_ptr hap = std::make_shared(mapID, - hapSync.baseInfo, hapSync.permStateList); - if (hap == nullptr) { - AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); - ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x alloc local token failed.", - deviceID.c_str(), remoteID); - return RET_FAILED; - } - hap->SetRemote(true); - int ret = AddHapTokenInfo(hap); - if (ret != RET_SUCCESS) { + if (CreateRemoteHapTokenInfo(mapID, hapSync) == RET_FAILED) { AccessTokenRemoteTokenManager::GetInstance().RemoveDeviceMappingTokenID(deviceID, mapID); - ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s tokenId 0x%{public}x add local token failed.", - deviceID.c_str(), remoteID); + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map to local token %{public}x failed.", + deviceID.c_str(), remoteID, mapID); return RET_FAILED; } - - ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x new map token %{public}x.", + ACCESSTOKEN_LOG_INFO(LABEL, "device %{public}s token %{public}x map to local token %{public}x success.", deviceID.c_str(), remoteID, mapID); return RET_SUCCESS; } @@ -685,9 +709,20 @@ int AccessTokenInfoManager::DeleteRemoteToken(const std::string& deviceID, Acces ATokenTypeEnum type = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(mapID); if (type == TOKEN_HAP) { - RemoveHapTokenInfo(mapID); + Utils::UniqueWriteGuard infoGuard(this->hapTokenInfoLock_); + if (hapTokenInfoMap_.count(mapID) == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "hap token %{public}x no exist.", mapID); + return RET_FAILED; + } + hapTokenInfoMap_.erase(mapID); } else if (type == TOKEN_NATIVE) { - RemoveNativeTokenInfo(mapID); + Utils::UniqueWriteGuard infoGuard(this->nativeTokenInfoLock_); + if (nativeTokenInfoMap_.count(mapID) == 0) { + ACCESSTOKEN_LOG_ERROR( + LABEL, "native token %{public}x is null.", mapID); + return RET_FAILED; + } + nativeTokenInfoMap_.erase(mapID); } else { ACCESSTOKEN_LOG_ERROR(LABEL, "mapping tokenId 0x%{public}x type is unknown", mapID); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index ead8e42fb..bb2ab3d95 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -209,6 +209,11 @@ HapTokenInfo HapTokenInfoInner::GetHapInfoBasic() const return tokenInfoBasic_; } +void HapTokenInfoInner::SetPermissionPolicySet(std::shared_ptr& policySet) +{ + permPolicySet_ = policySet; +} + bool HapTokenInfoInner::IsRemote() const { return isRemote_; diff --git a/services/tokensyncmanager/BUILD.gn b/services/tokensyncmanager/BUILD.gn index 599f6f026..ef99ca14c 100644 --- a/services/tokensyncmanager/BUILD.gn +++ b/services/tokensyncmanager/BUILD.gn @@ -76,8 +76,6 @@ ohos_shared_library("token_sync_manager_service") { "//base/security/access_token/services/tokensyncmanager:token_sync.rc", "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//foundation/aafwk/standard/interfaces/innerkits/base:base", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_base:appexecfwk_base", - "//foundation/appexecfwk/standard/interfaces/innerkits/appexecfwk_core:appexecfwk_core", "//foundation/appexecfwk/standard/interfaces/innerkits/libeventhandler:libeventhandler", "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp:devicemanagersdk", "//third_party/zlib:libz", -- Gitee From fc7584b12704dbfea00d20afc2bb607d75c716f3 Mon Sep 17 00:00:00 2001 From: zhouyan Date: Tue, 15 Feb 2022 20:17:37 +0800 Subject: [PATCH 51/51] update PermissionManager.hap code Signed-off-by: zhouyan --- .../ets/dynamic/common/components/dialog.ets | 95 ++++++++++++------- .../main/ets/dynamic/common/model/bundle.ets | 2 +- .../dynamic/common/model/permissionGroup.ets | 2 +- .../ets/dynamic/common/utils/constant.ets | 10 +- .../src/main/ets/dynamic/pages/dialogPlus.ets | 14 +-- 5 files changed, 78 insertions(+), 45 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index 388e7f1b2..dd5ed3e8f 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -14,7 +14,7 @@ */ import { getPermissionGroup } from '../utils/utils.ets' -import { BundleFlag, userId } from '../model/bundle.ets' +import { BundleFlag, USER_ID } from '../model/bundle.ets' import Constants from '../utils/constant.ets' import featureAbility from '@ohos.ability.featureAbility' import abilityAccessCtrl from '@ohos.abilityAccessCtrl' @@ -34,7 +34,7 @@ export struct privacyDialog { cancel: (group, accessTokenId, permissionList, userFixedFlag) => void confirm: (group, accessTokenId, permissionList, userFixedFlag) => void @State accessTokenId: number = 0 - @State hasPrepared: boolean = false + @State initStatus: number = Constants.INIT_NEED_TO_WAIT @State reqPerms: Array = [] @State grantGroups: Array = [] @State userFixedFlag: number = 2 // means user fixed @@ -42,7 +42,7 @@ export struct privacyDialog { build() { Column() { - if (this.hasPrepared && this.verify(this.reqPerms[this.count])) { + if ((this.initStatus != Constants.INIT_NEED_TO_WAIT) && this.verify(this.reqPerms[this.count])) { Image(this.grantGroups[this.count].icon) .width(Constants.DIALOG_ICON_WIDTH) .height(Constants.DIALOG_ICON_HEIGHT) @@ -60,6 +60,7 @@ export struct privacyDialog { Flex({ justifyContent: FlexAlign.Start }) { Text("是否允许" + this.appName + "访问" + this.grantGroups[this.count].groupName).fontSize(Constants.DIALOG_REQ_FONT_SIZE) + .fontColor($r('app.color.secondary_font_color')) .margin({ top: Constants.DIALOG_REQ_MARGIN_TOP, left: Constants.DIALOG_REQ_MARGIN_LEFT @@ -108,7 +109,7 @@ export struct privacyDialog { .width(Constants.DIALOG_WIDTH) } async verify(permission) { - if(this.count >= this.grantGroups.length) { + if((this.initStatus == Constants.INIT_NEED_TO_TERMINATED) || (this.count >= this.grantGroups.length)) { this.controller.close() this.aboutToDisappear() return false @@ -119,10 +120,15 @@ export struct privacyDialog { return false } var acManager = abilityAccessCtrl.createAtManager() - var ret = await acManager.verifyAccessToken(this.accessTokenId, permission) - if(ret == 0) { - console.log("GrantAbility permission has already been granted:" + permission) - this.result[this.count] = 0 + var flag = await acManager.getPermissionFlags(this.accessTokenId, permission) + if(flag == this.userFixedFlag) { + console.log("GrantAbility permission has been fixed:" + permission) + var ret = await acManager.verifyAccessToken(this.accessTokenId, permission) + if (ret == 0) { + this.result[this.count] = 0 + } else { + this.result[this.count] = -1 + } this.count ++ return false } @@ -130,13 +136,48 @@ export struct privacyDialog { return true } + getApplicationName(uid) { + bundle.getNameForUid(uid).then((data) => { + console.log("GrantAbility getApplicationName bundleName:" + data) + bundle.getApplicationInfo(data, BundleFlag.GET_BUNDLE_DEFAULT, USER_ID).then(applicationInfo => { + Resmgr.getResourceManager(data).then(item => { + item.getString(applicationInfo.labelId, (err, value) => { + if (value == undefined) { + this.appName = applicationInfo.label + } else { + this.appName = value + } + console.log("GrantAbility hap label:" + applicationInfo.label + ", value:"+this.appName) + }) + }) + }).catch(err => { + console.log("GrantAbility applicationInfo error :" + err) + this.initStatus = Constants.INIT_NEED_TO_TERMINATED + }) + }).catch(err => { + console.log("GrantAbility getNameForUid error :" + JSON.stringify(err)) + this.initStatus = Constants.INIT_NEED_TO_TERMINATED + }) + } + aboutToAppear() { this.count = 0; - this.hasPrepared = false; + this.initStatus = Constants.INIT_NEED_TO_WAIT + this.result = [] featureAbility.getWant((err, want) => { + if (err.code != 0) { + console.log("GrantAbility featureAbility.getWant err:" + err) + this.initStatus = Constants.INIT_NEED_TO_TERMINATED + return + } this.reqPerms = want.parameters['ohos.user.grant.permission'] this.accessTokenId = want.parameters['ohos.aafwk.param.callerToken'] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId) + if (this.reqPerms == undefined || this.accessTokenId == undefined || this.reqPerms.length == 0) { + console.log("GrantAbility invalid parameters") + this.initStatus = Constants.INIT_NEED_TO_TERMINATED + return + } + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + ", tokenId = " + this.accessTokenId) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { @@ -146,37 +187,19 @@ export struct privacyDialog { this.grantGroups.push(group) } }) - this.hasPrepared = true; - bundle.getNameForUid(want.parameters['ohos.aafwk.param.callerUid'], (err, data) => { - if(err) { - console.log("GrantAbility getNameForUid error :" + err) - return - } - console.log("GrantAbility getNameForUid data :" + data) - bundle.getApplicationInfo(data, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(applicationInfo => { - console.log("GrantAbility applicationInfo :" + JSON.stringify(applicationInfo)) - Resmgr.getResourceManager(data).then(item => { - item.getString(applicationInfo.labelId, (err, value) => { - if (value == undefined) { - console.log("GrantAbility label :" ) - this.appName = applicationInfo.label.replace('$string:', '') - } else { - console.log("GrantAbility labelValue :" + value) - this.appName = value - } - }) - }) - }).catch(err => { - console.log("GrantAbility applicationInfo11 error :" + err) - }) - }) + this.initStatus = Constants.INIT_NEED_TO_VERIFY + this.getApplicationName(want.parameters['ohos.aafwk.param.callerUid']) }) } aboutToDisappear() { - console.log("GrantAbility result=" + JSON.stringify(this.result)) + var ret: number = Constants.RESULT_SUCCESS + if (this.initStatus == Constants.INIT_NEED_TO_TERMINATED) { + ret = Constants.RESULT_FAILURE + } + console.log("GrantAbility code:" + ret + ", result=" + JSON.stringify(this.result)) featureAbility.terminateSelfWithResult({ - resultCode: 1, + resultCode: ret, want: { parameters: { "ohos.user.grant.permission": this.reqPerms, diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets index 7c29c39fc..2d34276d3 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/bundle.ets @@ -34,5 +34,5 @@ export const BundleFlag = { */ GET_ABILITY_INFO_SYSTEMAPP_ONLY : 0x00000080 } -export const userId: number = 100 +export const USER_ID: number = 100 \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets index 3e25678d6..087c521e3 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/model/permissionGroup.ets @@ -300,7 +300,7 @@ export const groups: any[] = [ "name": "OTHER", "groupName": "其他权限", "icon": $r('app.media.ic_more'), - "description": "访问您的位置信息", + "description": "访问您的其他权限", "permissions": [ "ohos.permission.DISTRIBUTED_DATASYNC" ] diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets index 700486b60..076e16960 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/utils/constant.ets @@ -39,5 +39,13 @@ export default class Constants { static DIALOG_BORDER_RADIUS = 24; static DIALOG_HEIGHT = 186; - static DIALOG_WIDTH = 336; + static DIALOG_WIDTH = "100%"; + + // initial check status + static INIT_NEED_TO_WAIT = 0 + static INIT_NEED_TO_VERIFY = 1 + static INIT_NEED_TO_TERMINATED = 2 + + static RESULT_SUCCESS = 1 + static RESULT_FAILURE = 0 } \ No newline at end of file diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets index aa0784455..b6ef9eb80 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/pages/dialogPlus.ets @@ -33,13 +33,14 @@ struct dialogPlusPage { const result = await acManager.grantUserGrantedPermission(accessTokenId, permission, userFixedFlag) var index = permissionList.indexOf(permission) if (index == -1) { - return; - } - if (result == 0) { - this.result[index] = 0 console.log("GrantAbility grant permission:" + permission) - } else { - console.log("GrantAbility failed to grant permission:" + permission + " ret:" + result) + }else { + if (result == 0) { + this.result[index] = 0 + console.log("GrantAbility grant permission:" + permission) + } else { + console.log("GrantAbility failed to grant permission:" + permission + " ret:" + result) + } } }) this.count ++ @@ -65,3 +66,4 @@ struct dialogPlusPage { build() { } } + -- Gitee