diff --git a/services/abilitymgr/include/ability_manager_service.h b/services/abilitymgr/include/ability_manager_service.h index 7f5466a64095fd7f3196df2efba09cf9bc949a99..e8eafdfa6a04bec5d81a4e3a816144ee80c0dfcc 100644 --- a/services/abilitymgr/include/ability_manager_service.h +++ b/services/abilitymgr/include/ability_manager_service.h @@ -1078,7 +1078,8 @@ public: uint32_t specifyTokenId = 0, bool isForegroundToRestartApp = false, bool isImplicit = false, - bool isUIAbilityOnly = false); + bool isUIAbilityOnly = false, + bool isAppCloneSelector = false); int StartAbilityInner( const Want &want, @@ -1090,7 +1091,8 @@ public: uint32_t specifyTokenId = 0, bool isForegroundToRestartApp = false, bool isImplicit = false, - bool isUIAbilityOnly = false); + bool isUIAbilityOnly = false, + bool isAppCloneSelector = false); int32_t StartExtensionAbilityInner( const Want &want, @@ -1165,7 +1167,9 @@ public: sptr asCallerSourceToken, int32_t userId = DEFAULT_INVAL_VALUE, int requestCode = DEFAULT_INVAL_VALUE, - bool isImplicit = false); + bool isImplicit = false, + bool isAppCloneSelector = false, + uint32_t callerAccessTokenId = 0); int ImplicitStartAbilityAsCaller( const Want &want, @@ -1890,7 +1894,8 @@ public: * FALSE: The Caller-Application is in focus or in foreground state. * @return Returns ERR_OK on check success, others on check failure. */ - int IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, bool isData = false); + int IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, + uint32_t callerAccessTokenId = 0, bool isData = false); void EnableListForSCBRecovery(int32_t userId) const; diff --git a/services/abilitymgr/include/ability_record.h b/services/abilitymgr/include/ability_record.h index 79b765ebba50246adbebed8b66a80c3bad361b11..147d4e9f12b66cc3efa0f3ee86c5ad4e126ec95c 100644 --- a/services/abilitymgr/include/ability_record.h +++ b/services/abilitymgr/include/ability_record.h @@ -259,7 +259,7 @@ struct AbilityRequest { int32_t collaboratorType = CollaboratorType::DEFAULT_TYPE; int32_t callerTokenRecordId = -1; int32_t userId = -1; - uint32_t callerAccessTokenId = -1; + uint32_t callerAccessTokenId = 0; uint32_t specifyTokenId = 0; int callerUid = -1; // call ability int requestCode = -1; diff --git a/services/abilitymgr/include/dialog_session/dialog_session_manager.h b/services/abilitymgr/include/dialog_session/dialog_session_manager.h index e7a25b1a312ce5a96f9d9978da4320b85640e847..4121661dc2515053517c9810c81d8ae7d8a7a780 100644 --- a/services/abilitymgr/include/dialog_session/dialog_session_manager.h +++ b/services/abilitymgr/include/dialog_session/dialog_session_manager.h @@ -45,6 +45,7 @@ struct DialogCallerInfo { SelectorType type = SelectorType::WITHOUT_SELECTOR; // for app gallery selector bool needGrantUriPermission = false; + uint32_t callerAccessTokenId = 0; }; struct StartupSessionInfo { diff --git a/services/abilitymgr/src/ability_manager_service.cpp b/services/abilitymgr/src/ability_manager_service.cpp index 807545a1d63b4894d871fa9dee33e6b5f4ff5a53..8ce8fb44163a39020ee45defeb8ea617f623d1fe 100644 --- a/services/abilitymgr/src/ability_manager_service.cpp +++ b/services/abilitymgr/src/ability_manager_service.cpp @@ -909,7 +909,8 @@ int AbilityManagerService::ImplicitStartAbilityAsCaller(const Want &want, const } int AbilityManagerService::StartAbilityAsCallerDetails(const Want &want, const sptr &callerToken, - sptr asCallerSourceToken, int32_t userId, int requestCode, bool isImplicit) + sptr asCallerSourceToken, int32_t userId, int requestCode, bool isImplicit, bool isAppCloneSelector, + uint32_t callerAccessTokenId) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); CHECK_CALLER_IS_SYSTEM_APP; @@ -938,7 +939,7 @@ int AbilityManagerService::StartAbilityAsCallerDetails(const Want &want, const s AbilityUtil::AddAbilityJumpRuleToBms(callerPkg, targetPkg, GetUserId()); } int32_t ret = StartAbilityWrap(newWant, callerToken, requestCode, false, userId, true, - 0, false, isImplicit, false); + callerAccessTokenId, false, isImplicit, false, isAppCloneSelector); if (ret != ERR_OK) { TAG_LOGE(AAFwkTag::ABILITYMGR, "start ability as caller failed:%{public}d", ret); } @@ -1013,7 +1014,7 @@ bool AbilityManagerService::StartAbilityInChain(StartAbilityParams ¶ms, int int AbilityManagerService::StartAbilityWrap(const Want &want, const sptr &callerToken, int requestCode, bool isPendingWantCaller, int32_t userId, bool isStartAsCaller, uint32_t specifyToken, - bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly) + bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly, bool isAppCloneSelector) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); StartAbilityParams startParams(const_cast(want)); @@ -1029,7 +1030,7 @@ int AbilityManagerService::StartAbilityWrap(const Want &want, const sptr &callerToken, int requestCode, bool isPendingWantCaller, int32_t userId, bool isStartAsCaller, uint32_t specifyTokenId, - bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly) + bool isForegroundToRestartApp, bool isImplicit, bool isUIAbilityOnly, bool isAppCloneSelector) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); if (!isStartAsCaller || isImplicit) { @@ -1410,7 +1411,7 @@ int AbilityManagerService::StartAbilityInner(const Want &want, const sptr(abilityInfo), isStartAsCaller, appIndex); - result = afterCheckExecuter_ == nullptr ? ERR_NULL_AFTER_CHECK_EXECUTER : - afterCheckExecuter_->DoProcess(afterCheckParam); - bool isReplaceWantExist = newWant.GetBoolParam("queryWantFromErms", false); - newWant.RemoveParam("queryWantFromErms"); - if (result != ERR_OK && isReplaceWantExist == false) { - TAG_LOGE(AAFwkTag::ABILITYMGR, "doProcess failed or replaceWant absent"); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "doProcess failed or replaceWant absent"); - return result; - } + Want newWant = abilityRequest.want; + AbilityInterceptorParam afterCheckParam = AbilityInterceptorParam(newWant, requestCode, GetUserId(), + true, callerToken, std::make_shared(abilityInfo), isStartAsCaller, appIndex); + result = afterCheckExecuter_ == nullptr ? ERR_NULL_AFTER_CHECK_EXECUTER : + afterCheckExecuter_->DoProcess(afterCheckParam); + bool isReplaceWantExist = newWant.GetBoolParam("queryWantFromErms", false); + newWant.RemoveParam("queryWantFromErms"); + if (result != ERR_OK && isReplaceWantExist == false) { + TAG_LOGE(AAFwkTag::ABILITYMGR, "doProcess failed or replaceWant absent"); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "doProcess failed or replaceWant absent"); + return result; + } #ifdef SUPPORT_SCREEN - if (result != ERR_OK && isReplaceWantExist && callerBundleName != BUNDLE_NAME_DIALOG) { - result = DialogSessionManager::GetInstance().HandleErmsResult(abilityRequest, GetUserId(), newWant); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "HandleErmsResult failed"); - return result; - } - if (result == ERR_OK && - DialogSessionManager::GetInstance().IsCreateCloneSelectorDialog(abilityInfo.bundleName, GetUserId())) { - TAG_LOGI(AAFwkTag::ABILITYMGR, "create clone selector dialog"); - result = CreateCloneSelectorDialog(abilityRequest, GetUserId()); - eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "CreateCloneSelectorDialog failed"); - return result; - } + if (result != ERR_OK && isReplaceWantExist && callerBundleName != BUNDLE_NAME_DIALOG) { + result = DialogSessionManager::GetInstance().HandleErmsResult(abilityRequest, GetUserId(), newWant); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "HandleErmsResult failed"); + return result; + } + if (result == ERR_OK && + DialogSessionManager::GetInstance().IsCreateCloneSelectorDialog(abilityInfo.bundleName, GetUserId())) { + TAG_LOGI(AAFwkTag::ABILITYMGR, "create clone selector dialog"); + result = CreateCloneSelectorDialog(abilityRequest, GetUserId()); + eventHelper_.SendStartAbilityErrorEvent(eventInfo, result, "CreateCloneSelectorDialog failed"); + return result; + } #endif // SUPPORT_SCREEN + } if (!AbilityUtil::IsSystemDialogAbility(abilityInfo.bundleName, abilityInfo.name)) { TAG_LOGD(AAFwkTag::ABILITYMGR, "PreLoadAppDataAbilities:%{public}s.", abilityInfo.bundleName.c_str()); @@ -11210,7 +11211,7 @@ int AbilityManagerService::CheckCallAbilityPermission(const AbilityRequest &abil if (callerAbilityRecord != nullptr && callerAbilityRecord->GetAbilityInfo().extensionAbilityType == AppExecFwk::ExtensionAbilityType::APP_SERVICE) { verificationInfo.isBackgroundCall = false; - } else if (IsCallFromBackground(abilityRequest, verificationInfo.isBackgroundCall) != ERR_OK) { + } else if (IsCallFromBackground(abilityRequest, verificationInfo.isBackgroundCall, specifyTokenId) != ERR_OK) { return ERR_CHECK_CALL_FROM_BACKGROUND_FAILED; } @@ -11253,7 +11254,7 @@ int AbilityManagerService::CheckStartByCallPermission(const AbilityRequest &abil } int AbilityManagerService::IsCallFromBackground(const AbilityRequest &abilityRequest, bool &isBackgroundCall, - bool isData) + uint32_t specifyTokenId, bool isData) { HITRACE_METER_NAME(HITRACE_TAG_ABILITY_MANAGER, __PRETTY_FUNCTION__); if (!isData && AAFwk::PermissionVerification::GetInstance()->IsShellCall()) { @@ -11312,7 +11313,7 @@ int AbilityManagerService::IsCallFromBackground(const AbilityRequest &abilityReq if (processInfo.processName_.empty()) { TAG_LOGD(AAFwkTag::ABILITYMGR, "Can not find caller application by callerPid: %{private}d.", callerPid); if (AAFwk::PermissionVerification::GetInstance()->VerifyCallingPermission( - PermissionConstants::PERMISSION_START_ABILITIES_FROM_BACKGROUND)) { + PermissionConstants::PERMISSION_START_ABILITIES_FROM_BACKGROUND, specifyTokenId)) { TAG_LOGD(AAFwkTag::ABILITYMGR, "Caller has PERMISSION_START_ABILITIES_FROM_BACKGROUND, PASS."); isBackgroundCall = false; return ERR_OK; diff --git a/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp b/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp index 4b4d93e1123d084b0f4a4c199f791763e9db75f3..aa78e64de29524b1adca158d26168ae99c664826 100644 --- a/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp +++ b/services/abilitymgr/src/dialog_session/dialog_session_manager.cpp @@ -236,6 +236,7 @@ void DialogSessionManager::GenerateDialogCallerInfo(AbilityRequest &abilityReque dialogCallerInfo->targetWant = abilityRequest.want; dialogCallerInfo->userId = userId; dialogCallerInfo->needGrantUriPermission = needGrantUriPermission; + dialogCallerInfo->callerAccessTokenId = abilityRequest.callerAccessTokenId; } void DialogSessionManager::NotifyAbilityRequestFailure(const std::string &dialogSessionId, const Want &want) @@ -305,7 +306,8 @@ int DialogSessionManager::SendDialogResult(const Want &want, const std::string & auto abilityMgr = DelayedSingleton::GetInstance(); CHECK_POINTER_AND_RETURN(abilityMgr, INNER_ERR); int ret = abilityMgr->StartAbilityAsCallerDetails(targetWant, callerToken, callerToken, dialogCallerInfo->userId, - dialogCallerInfo->requestCode, false); + dialogCallerInfo->requestCode, false, dialogCallerInfo->type == SelectorType::APP_CLONE_SELECTOR, + dialogCallerInfo->callerAccessTokenId); if (ret == ERR_OK) { ClearDialogContext(dialogSessionId); abilityMgr->RemoveSelectorIdentity(dialogCallerInfo->targetWant.GetIntParam(Want::PARAM_RESV_CALLER_TOKEN, 0)); diff --git a/services/abilitymgr/src/implicit_start_processor.cpp b/services/abilitymgr/src/implicit_start_processor.cpp index ad43e1d57d84fa85234987eb87005348b8cab8a0..3660cccb40a67e7101d8dc700ec62089050b2be4 100644 --- a/services/abilitymgr/src/implicit_start_processor.cpp +++ b/services/abilitymgr/src/implicit_start_processor.cpp @@ -152,6 +152,7 @@ int ImplicitStartProcessor::ImplicitStartAbility(AbilityRequest &request, int32_ return ret; } AbilityUtil::WantSetParameterWindowMode(request.want, windowMode); + request.callerAccessTokenId = IPCSkeleton::GetCallingTokenID(); auto identity = IPCSkeleton::ResetCallingIdentity(); auto startAbilityTask = [imp = shared_from_this(), request, userId, identity] diff --git a/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp b/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp index 3efb95faabb3496108fbefe3528440ca9ebebb78..ce80cf99fbf43546096f3eabb35578d72155a4ae 100644 --- a/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp +++ b/test/unittest/ability_manager_service_third_test/ability_manager_service_third_test.cpp @@ -679,8 +679,10 @@ HWTEST_F(AbilityManagerServiceThirdTest, GetValidUserId_001, TestSize.Level1) TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceThirdTest GetValidUserId_001 start"); auto abilityMs_ = std::make_shared(); MissionSnapshot missionSnapshot; - EXPECT_EQ(abilityMs_->GetValidUserId(100), 100); - EXPECT_EQ(abilityMs_->GetValidUserId(0), 0); + int32_t userId = 100; + EXPECT_EQ(abilityMs_->GetValidUserId(userId), userId); + int32_t invalidUserId = -1; + EXPECT_EQ(abilityMs_->GetValidUserId(invalidUserId), 0); TAG_LOGI(AAFwkTag::TEST, "AbilityManagerServiceThirdTest GetValidUserId_001 end"); }