From 17fa3dfc5bcd2bac1fc8faa32c9c7956c6d8d25e Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 27 Jan 2022 11:33:14 +0800 Subject: [PATCH 1/2] Signed-off-by: chennian Changes to be committed: modified: frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json modified: frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets modified: services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp --- .../permissionmanager/src/main/config.json | 8 -------- .../ets/dynamic/common/components/dialog.ets | 9 +++++---- .../cpp/src/service/accesstoken_manager_stub.cpp | 16 +++++++++++----- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json index 5a463361f..eb73d812e 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/config.json @@ -61,14 +61,6 @@ { "name": "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", "reason": "revoke sensitive permissions" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "reason": "get bundle previleged info" - }, - { - "name": "ohos.permission.GET_BUNDLE_INFO", - "reason": "get bundle default info" } ] } diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index d8ece4856..c9b8967fa 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -14,8 +14,6 @@ */ import { getPermissionGroup } from "../utils/utils.ets" -import { BundleFlag, userId } from "../model/bundle.ets" -import bundle from '@ohos.bundle'; import featureAbility from '@ohos.ability.featureAbility'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; @@ -128,9 +126,12 @@ export struct privacyDialog { aboutToAppear() { this.count = 0; + this.hasPrepared = false; featureAbility.getWant((err, want) => { - this.reqPerms = want.parameters["ohos.user.grant.permission"] - console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " bundleName=" + want.bundleName) + this.reqPerms = want.parameters['ohos.user.grant.permission'] + this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] + console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + + this.accessTokenId + "want.parameters = " + JSON.stringify(want.parameters)) bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { this.accessTokenId = res.accessTokenId }) diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index a9e0076e0..377c5dd1e 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -108,12 +108,14 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && - VerifyAccessToken(tokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED && + VerifyAccessToken(callingTokenID, "ohos.permission.GET_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(DEFAULT_PERMISSION_FLAGS); return; @@ -124,11 +126,13 @@ void AccessTokenManagerStub::GetPermissionFlagInner(MessageParcel& data, Message void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -139,11 +143,13 @@ void AccessTokenManagerStub::GrantPermissionInner(MessageParcel& data, MessagePa void AccessTokenManagerStub::RevokePermissionInner(MessageParcel& data, MessageParcel& reply) { + unsigned int callingTokenID = IPCSkeleton::GetCallingTokenID(); + ACCESSTOKEN_LOG_INFO(LABEL, "callingTokenID: %{public}d", callingTokenID); AccessTokenID tokenID = data.ReadUint32(); std::string permissionName = data.ReadString(); int flag = data.ReadInt32(); if (!IsAuthorizedCalling() && - VerifyAccessToken(tokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { + VerifyAccessToken(callingTokenID, "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS") == PERMISSION_DENIED) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; -- Gitee From 07dbb6ab3e3a1d745fdcc9593fdfb4e9b99e1c5c Mon Sep 17 00:00:00 2001 From: chennian Date: Thu, 27 Jan 2022 03:42:52 +0000 Subject: [PATCH 2/2] Signed-off-by:chennian --- .../src/main/ets/dynamic/common/components/dialog.ets | 3 --- 1 file changed, 3 deletions(-) diff --git a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets index c9b8967fa..8834e2d31 100644 --- a/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets +++ b/frameworks/com.ohos.permissionmanager/permissionmanager/src/main/ets/dynamic/common/components/dialog.ets @@ -132,9 +132,6 @@ export struct privacyDialog { this.accessTokenId = want.parameters['ohos.aafwk.param.callToken'] console.log("GrantAbility request permission=" + JSON.stringify(this.reqPerms) + " tokenId = " + this.accessTokenId + "want.parameters = " + JSON.stringify(want.parameters)) - bundle.getApplicationInfo(want.bundleName, BundleFlag.GET_BUNDLE_DEFAULT, userId).then(res => { - this.accessTokenId = res.accessTokenId - }) this.reqPerms.forEach(item => { var group = getPermissionGroup(item) if(!group) { -- Gitee