From 929c88b5aa5e816ad26a6060239b7f0032ab65a5 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Wed, 23 Mar 2022 22:42:01 +0800
Subject: [PATCH] Signed-off-by: lsq <linshuqing2@huawei.com> Change-Id:
 I299117e115f64c2b0f8e3fdcb67fff79e5b8b2e1

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: Id99f2c06a8d2ce16360aff6611bfaa1f9998c403
---
 .../test/unittest/src/accesstoken_kit_test.cpp    | 15 ++++++++++++++-
 .../cpp/src/permission/permission_manager.cpp     | 10 +++++++++-
 .../src/service/accesstoken_manager_service.cpp   | 12 ++++++++----
 3 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 4e45faf9d..33f7db7ea 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -2191,7 +2191,7 @@ HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
     };
     permsList1.emplace_back(perm5);
     ret = AccessTokenKit::GetSelfPermissionsState(permsList1);
-    ASSERT_EQ(DYNAMIC_OPER, permsList1[0].state);
+    ASSERT_EQ(INVALID_OPER, permsList1[4].state);
     ASSERT_EQ(DYNAMIC_OPER, ret);
 
     std::vector<PermissionListState> permsList2;
@@ -2201,6 +2201,19 @@ HWTEST_F(AccessTokenKitTest, GetSelfPermissionsState001, TestSize.Level1)
     ASSERT_EQ(SETTING_OPER, permsList2[0].state);
     ASSERT_EQ(PASS_OPER, permsList2[1].state);
     ASSERT_EQ(PASS_OPER, ret);
+
+    permsList2.emplace_back(perm5);
+    ret = AccessTokenKit::GetSelfPermissionsState(permsList2);
+    ASSERT_EQ(SETTING_OPER, permsList2[0].state);
+    ASSERT_EQ(PASS_OPER, permsList2[1].state);
+    ASSERT_EQ(INVALID_OPER, permsList2[2].state);
+    ASSERT_EQ(PASS_OPER, ret);
+
+    std::vector<PermissionListState> permsList3;
+    permsList3.emplace_back(perm5);
+    ret = AccessTokenKit::GetSelfPermissionsState(permsList3);
+    ASSERT_EQ(INVALID_OPER, permsList3[0].state);
+    ASSERT_EQ(PASS_OPER, ret);
 }
 
 /**
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
index c6de37ecf..88c2404e9 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
@@ -205,6 +205,8 @@ void PermissionManager::GetSelfPermissionState(std::vector<PermissionStateFull>
     int32_t goalGrantFlags;
     for (auto& perm : permsList) {
         if (perm.permissionName == permState.permissionName) {
+            ACCESSTOKEN_LOG_INFO(LABEL,
+                "find goal permission: %{public}s!", permState.permissionName.c_str());
             foundGoal = true;
             goalGrantStatus = perm.grantStatus[0];
             goalGrantFlags = perm.grantFlags[0];
@@ -214,7 +216,13 @@ void PermissionManager::GetSelfPermissionState(std::vector<PermissionStateFull>
     if (foundGoal == false) {
         ACCESSTOKEN_LOG_WARN(LABEL,
             "can not find permission: %{public}s define!", permState.permissionName.c_str());
-        permState.state = DYNAMIC_OPER;
+        permState.state = INVALID_OPER;
+        return;
+    }
+    if (!PermissionDefinitionCache::GetInstance().HasDefinition(permState.permissionName)) {
+        ACCESSTOKEN_LOG_WARN(LABEL,
+            "no definition for permission: %{public}s!", permState.permissionName.c_str());
+        permState.state = INVALID_OPER;
         return;
     }
 
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
index 70445c5e4..2607d550f 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
@@ -139,14 +139,18 @@ PermissionOper AccessTokenManagerService::GetSelfPermissionsState(
 
     bool needRes = false;
     std::vector<PermissionStateFull> permsList;
-    int ret = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, false);
-    if (ret != RET_SUCCESS) {
+    int retUserGrant = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, false);
+    int retSysGrant = PermissionManager::GetInstance().GetReqPermissions(callingTokenID, permsList, true);
+    if ((retSysGrant != RET_SUCCESS) || (retUserGrant != RET_SUCCESS)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL,
+            "GetReqPermissions failed, retUserGrant:%{public}d, retSysGrant:%{public}d",
+            retUserGrant, retSysGrant);
         return INVALID_OPER;
     }
 
-    int32_t size = reqPermList.size();
+    uint32_t size = reqPermList.size();
     ACCESSTOKEN_LOG_INFO(LABEL, "reqPermList size: 0x%{public}x", size);
-    for (int32_t i = 0; i < size; i++) {
+    for (uint32_t i = 0; i < size; i++) {
         PermissionManager::GetInstance().GetSelfPermissionState(
             permsList, reqPermList[i].permsState);
         if (reqPermList[i].permsState.state == DYNAMIC_OPER) {
-- 
Gitee