diff --git a/services/abilitymgr/include/ability_manager_service.h b/services/abilitymgr/include/ability_manager_service.h index a5050ce4158fb6b1a9f885daccda41d9abc21839..c25c0045e5860f467fe1e60449162808e35b4cfb 100644 --- a/services/abilitymgr/include/ability_manager_service.h +++ b/services/abilitymgr/include/ability_manager_service.h @@ -1102,6 +1102,7 @@ public: bool isForegroundToRestartApp = false, bool isImplicit = false, bool isUIAbilityOnly = false, + bool isAppCloneSelector = false, bool hideFailureTipDialog = false); int32_t StartExtensionAbilityInner( @@ -1177,7 +1178,9 @@ public: sptr asCallerSourceToken, int32_t userId = DEFAULT_INVAL_VALUE, int requestCode = DEFAULT_INVAL_VALUE, - bool isImplicit = false); + bool isImplicit = false, + bool isAppCloneSelector = false, + uint32_t callerAccessTokenId = 0); int ImplicitStartAbilityAsCaller( const Want &want, @@ -1904,7 +1907,8 @@ public: * FALSE: The Caller-Application is in focus or in foreground state. * @return Returns ERR_OK on check success, others on check failure. */ - int IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, bool isData = false); + int IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, + uint32_t callerAccessTokenId = 0, bool isData = false); void EnableListForSCBRecovery(int32_t userId) const; diff --git a/services/abilitymgr/include/ability_record.h b/services/abilitymgr/include/ability_record.h index cb936ddc609462e60c7ba00e7979ad3089aee57e..f8d5faa523c9e5867992df56246f46d4a7fc8ade 100644 --- a/services/abilitymgr/include/ability_record.h +++ b/services/abilitymgr/include/ability_record.h @@ -264,7 +264,7 @@ struct AbilityRequest { int32_t collaboratorType = CollaboratorType::DEFAULT_TYPE; int32_t callerTokenRecordId = -1; int32_t userId = -1; - uint32_t callerAccessTokenId = -1; + uint32_t callerAccessTokenId = 0; uint32_t specifyTokenId = 0; int callerUid = -1; // call ability int requestCode = -1; diff --git a/services/abilitymgr/include/dialog_session/dialog_session_manager.h b/services/abilitymgr/include/dialog_session/dialog_session_manager.h index e7a25b1a312ce5a96f9d9978da4320b85640e847..4121661dc2515053517c9810c81d8ae7d8a7a780 100644 --- a/services/abilitymgr/include/dialog_session/dialog_session_manager.h +++ b/services/abilitymgr/include/dialog_session/dialog_session_manager.h @@ -45,6 +45,7 @@ struct DialogCallerInfo { SelectorType type = SelectorType::WITHOUT_SELECTOR; // for app gallery selector bool needGrantUriPermission = false; + uint32_t callerAccessTokenId = 0; }; struct StartupSessionInfo { diff --git a/services/abilitymgr/include/utils/start_ability_utils.h b/services/abilitymgr/include/utils/start_ability_utils.h index 96716410949923059f2df2d39be4f5245e6974be..0dcba4d1fbf7fdebd96f44b54f84cf1df7fe3e89 100644 --- a/services/abilitymgr/include/utils/start_ability_utils.h +++ b/services/abilitymgr/include/utils/start_ability_utils.h @@ -92,6 +92,7 @@ struct StartAbilityWrapParam { bool isForegroundToRestartApp = false; bool isImplicit = false; bool isUIAbilityOnly = false; + bool isAppCloneSelector = false; bool hideFailureTipDialog = false; }; } diff --git a/services/abilitymgr/src/ability_manager_service.cpp b/services/abilitymgr/src/ability_manager_service.cpp index 9fe1a9780bf93ef4c1891d8feedd1ff1c63d357d..79036a4f774ab20b1397d157537e53351bbbb321 100644 --- a/services/abilitymgr/src/ability_manager_service.cpp +++ b/services/abilitymgr/src/ability_manager_service.cpp @@ -904,7 +904,8 @@ int AbilityManagerService::ImplicitStartAbilityAsCaller(const Want &want, const } int AbilityManagerService::StartAbilityAsCallerDetails(const Want &want, const sptr &callerToken, - sptr asCallerSourceToken, int32_t userId, int requestCode, bool isImplicit) + sptr asCallerSourceToken, int32_t userId, int requestCode, bool isImplicit, bool isAppCloneSelector, + uint32_t callerAccessTokenId) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); CHECK_CALLER_IS_SYSTEM_APP; @@ -932,8 +933,8 @@ int AbilityManagerService::StartAbilityAsCallerDetails(const Want &want, const s callerPkg.c_str(), targetPkg.c_str()); AbilityUtil::AddAbilityJumpRuleToBms(callerPkg, targetPkg, GetValidUserId(userId)); } - StartAbilityWrapParam startAbilityWrapParam = { - newWant, callerToken, requestCode, false, userId, true, 0, false, isImplicit, false }; + StartAbilityWrapParam startAbilityWrapParam = { newWant, callerToken, requestCode, false, userId, true, + callerAccessTokenId, false, isImplicit, false, isAppCloneSelector }; int32_t ret = StartAbilityWrap(startAbilityWrapParam); if (ret != ERR_OK) { TAG_LOGE(AAFwkTag::ABILITYMGR, "start ability as caller failed:%{public}d", ret); @@ -1018,7 +1019,8 @@ int AbilityManagerService::StartAbilityWrap(const StartAbilityWrapParam &startAb startAbilityWrapParam.requestCode, startAbilityWrapParam.isPendingWantCaller, startAbilityWrapParam.userId, startAbilityWrapParam.isStartAsCaller, startAbilityWrapParam.specifyTokenId, startAbilityWrapParam.isForegroundToRestartApp, startAbilityWrapParam.isImplicit, - startAbilityWrapParam.isUIAbilityOnly, startAbilityWrapParam.hideFailureTipDialog); + startAbilityWrapParam.isUIAbilityOnly, startAbilityWrapParam.isAppCloneSelector, + startAbilityWrapParam.hideFailureTipDialog); } void AbilityManagerService::SetReserveInfo(const std::string &linkString, AbilityRequest& abilityRequest) @@ -1159,7 +1161,8 @@ void AbilityManagerService::CheckExtensionRateLimit() int AbilityManagerService::StartAbilityInner(const Want &want, const sptr &callerToken, int requestCode, bool isPendingWantCaller, int32_t userId, bool isStartAsCaller, uint32_t specifyTokenId, - bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly, bool hideFailureTipDialog) + bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly, bool isAppCloneSelector, + bool hideFailureTipDialog) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); if (!isStartAsCaller || isImplicit) { @@ -1400,7 +1403,7 @@ int AbilityManagerService::StartAbilityInner(const Want &want, const sptr(abilityInfo), isStartAsCaller, appIndex); - result = afterCheckExecuter_ == nullptr ? ERR_NULL_AFTER_CHECK_EXECUTER : - afterCheckExecuter_->DoProcess(afterCheckParam); - bool isReplaceWantExist = newWant.GetBoolParam("queryWantFromErms", false); - newWant.RemoveParam("queryWantFromErms"); - if (result != ERR_OK && isReplaceWantExist == false) { - TAG_LOGE(AAFwkTag::ABILITYMGR, "doProcess failed or replaceWant absent"); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "doProcess failed or replaceWant absent"); - return result; - } + Want newWant = abilityRequest.want; + AbilityInterceptorParam afterCheckParam = AbilityInterceptorParam(newWant, requestCode, validUserId, + true, callerToken, std::make_shared(abilityInfo), isStartAsCaller, appIndex); + result = afterCheckExecuter_ == nullptr ? ERR_NULL_AFTER_CHECK_EXECUTER : + afterCheckExecuter_->DoProcess(afterCheckParam); + bool isReplaceWantExist = newWant.GetBoolParam("queryWantFromErms", false); + newWant.RemoveParam("queryWantFromErms"); + if (result != ERR_OK && isReplaceWantExist == false) { + TAG_LOGE(AAFwkTag::ABILITYMGR, "doProcess failed or replaceWant absent"); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "doProcess failed or replaceWant absent"); + return result; + } #ifdef SUPPORT_SCREEN - if (result != ERR_OK && isReplaceWantExist && callerBundleName != BUNDLE_NAME_DIALOG) { - result = DialogSessionManager::GetInstance().HandleErmsResult(abilityRequest, validUserId, newWant); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "HandleErmsResult failed"); - return result; - } - if (result == ERR_OK && - DialogSessionManager::GetInstance().IsCreateCloneSelectorDialog(abilityInfo.bundleName, validUserId)) { - TAG_LOGI(AAFwkTag::ABILITYMGR, "create clone selector dialog"); - result = CreateCloneSelectorDialog(abilityRequest, validUserId); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "CreateCloneSelectorDialog failed"); - return result; - } + if (result != ERR_OK && isReplaceWantExist && callerBundleName != BUNDLE_NAME_DIALOG) { + result = DialogSessionManager::GetInstance().HandleErmsResult(abilityRequest, validUserId, newWant); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "HandleErmsResult failed"); + return result; + } + if (result == ERR_OK && + DialogSessionManager::GetInstance().IsCreateCloneSelectorDialog(abilityInfo.bundleName, validUserId)) { + TAG_LOGI(AAFwkTag::ABILITYMGR, "create clone selector dialog"); + result = CreateCloneSelectorDialog(abilityRequest, validUserId); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "CreateCloneSelectorDialog failed"); + return result; + } #endif // SUPPORT_SCREEN + } if (!AbilityUtil::IsSystemDialogAbility(abilityInfo.bundleName, abilityInfo.name)) { TAG_LOGD(AAFwkTag::ABILITYMGR, "PreLoadAppDataAbilities:%{public}s.", abilityInfo.bundleName.c_str()); @@ -11411,7 +11414,7 @@ int AbilityManagerService::CheckCallAbilityPermission(const AbilityRequest &abil if (callerAbilityRecord != nullptr && callerAbilityRecord->GetAbilityInfo().extensionAbilityType == AppExecFwk::ExtensionAbilityType::APP_SERVICE) { verificationInfo.isBackgroundCall = false; - } else if (IsCallFromBackground(abilityRequest, verificationInfo.isBackgroundCall) != ERR_OK) { + } else if (IsCallFromBackground(abilityRequest, verificationInfo.isBackgroundCall, specifyTokenId) != ERR_OK) { return ERR_CHECK_CALL_FROM_BACKGROUND_FAILED; } @@ -11454,7 +11457,7 @@ int AbilityManagerService::CheckStartByCallPermission(const AbilityRequest &abil } int AbilityManagerService::IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, - bool isData) + uint32_t specifyTokenId, bool isData) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); if (!isData && AAFwk::PermissionVerification::GetInstance()->IsShellCall()) { @@ -11513,7 +11516,7 @@ int AbilityManagerService::IsCallFromBackground(const AbilityRequest &abilityReq if (processInfo.processName_.empty()) { TAG_LOGD(AAFwkTag::ABILITYMGR, "Can not find caller application by callerPid: %{private}d.", callerPid); if (AAFwk::PermissionVerification::GetInstance()->VerifyCallingPermission( - PermissionConstants::PERMISSION_START_ABILITIES_FROM_BACKGROUND)) { + PermissionConstants::PERMISSION_START_ABILITIES_FROM_BACKGROUND, specifyTokenId)) { TAG_LOGD(AAFwkTag::ABILITYMGR, "Caller has PERMISSION_START_ABILITIES_FROM_BACKGROUND, PASS."); isBackgroundCall = false; return ERR_OK; diff --git a/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp b/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp index 4b4d93e1123d084b0f4a4c199f791763e9db75f3..aa78e64de29524b1adca158d26168ae99c664826 100644 --- a/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp +++ b/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp @@ -236,6 +236,7 @@ void DialogSessionManager::GenerateDialogCallerInfo(AbilityRequest &abilityReque dialogCallerInfo->targetWant = abilityRequest.want; dialogCallerInfo->userId = userId; dialogCallerInfo->needGrantUriPermission = needGrantUriPermission; + dialogCallerInfo->callerAccessTokenId = abilityRequest.callerAccessTokenId; } void DialogSessionManager::NotifyAbilityRequestFailure(const std::string &dialogSessionId, const Want &want) @@ -305,7 +306,8 @@ int DialogSessionManager::SendDialogResult(const Want &want, const std::string & auto abilityMgr = DelayedSingleton::GetInstance(); CHECK_POINTER_AND_RETURN(abilityMgr, INNER_ERR); int ret = abilityMgr->StartAbilityAsCallerDetails(targetWant, callerToken, callerToken, dialogCallerInfo->userId, - dialogCallerInfo->requestCode, false); + dialogCallerInfo->requestCode, false, dialogCallerInfo->type == SelectorType::APP_CLONE_SELECTOR, + dialogCallerInfo->callerAccessTokenId); if (ret == ERR_OK) { ClearDialogContext(dialogSessionId); abilityMgr->RemoveSelectorIdentity(dialogCallerInfo->targetWant.GetIntParam(Want::PARAM_RESV_CALLER_TOKEN, 0)); diff --git a/services/abilitymgr/src/implicit_start_processor.cpp b/services/abilitymgr/src/implicit_start_processor.cpp index 5d1d059e748a7d54c304a4bf4459cd63853ff7c3..73cc584a549aed7641a86d7d251687f66e1a0b35 100644 --- a/services/abilitymgr/src/implicit_start_processor.cpp +++ b/services/abilitymgr/src/implicit_start_processor.cpp @@ -152,6 +152,7 @@ int ImplicitStartProcessor::ImplicitStartAbility(AbilityRequest &request, int32_ return ret; } AbilityUtil::WantSetParameterWindowMode(request.want, windowMode); + request.callerAccessTokenId = IPCSkeleton::GetCallingTokenID(); auto identity = IPCSkeleton::ResetCallingIdentity(); auto startAbilityTask = [imp = shared_from_this(), request, userId, identity] diff --git a/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp b/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp index b9a39e17245ff06b401a35855af767ac09ecb1dd..da00f00a4bbdf193eb50054a300fe91f8eeb6f87 100644 --- a/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp +++ b/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp @@ -675,8 +675,10 @@ HWTEST_F(AbilityManagerServiceThirdTest, GetValidUserId_001, TestSize.Level1) TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceThirdTest GetValidUserId_001 start"); auto abilityMs_ = std::make_shared(); MissionSnapshot missionSnapshot; - EXPECT_EQ(abilityMs_->GetValidUserId(100), 100); - EXPECT_EQ(abilityMs_->GetValidUserId(0), 0); + int32_t userId = 100; + EXPECT_EQ(abilityMs_->GetValidUserId(userId), userId); + int32_t invalidUserId = -1; + EXPECT_EQ(abilityMs_->GetValidUserId(invalidUserId), userId); TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceThirdTest GetValidUserId_001 end"); }