From 1a647100d380b39e4865dd7af67e8a7aa40babb6 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 21 Jul 2022 16:55:01 +0800 Subject: [PATCH 1/2] add user Signed-off-by: unknown --- frameworks/native/ability/native/ability.cpp | 5 +- .../native/ability_runtime/js_ability.cpp | 2 +- .../kits/native/ability/native/ability.h | 1 + .../include/ability_manager_service.h | 2 - .../src/ability_manager_service.cpp | 61 ++++++------------- services/appmgr/include/app_running_record.h | 3 + services/appmgr/src/app_mgr_service_inner.cpp | 6 ++ services/appmgr/src/app_running_record.cpp | 10 +++ services/common/BUILD.gn | 5 +- .../common/include/permission_verification.h | 4 ++ .../common/src/permission_verification.cpp | 26 ++++++++ 11 files changed, 76 insertions(+), 49 deletions(-) diff --git a/frameworks/native/ability/native/ability.cpp b/frameworks/native/ability/native/ability.cpp index 55cc691b7b..07661fd131 100644 --- a/frameworks/native/ability/native/ability.cpp +++ b/frameworks/native/ability/native/ability.cpp @@ -84,6 +84,7 @@ const std::string LAUNCHER_BUNDLE_NAME = "com.ohos.launcher"; const std::string LAUNCHER_ABILITY_NAME = "com.ohos.launcher.MainAbility"; const std::string SHOW_ON_LOCK_SCREEN = "ShowOnLockScreen"; const std::string DLP_INDEX = "ohos.dlp.params.index"; +const std::string DLP_PARAMS_SECURITY_FLAG = "ohos.dlp.params.securityFlag"; #ifdef DISTRIBUTED_DATA_OBJECT_ENABLE constexpr int32_t DISTRIBUTED_OBJECT_TIMEOUT = 10000; @@ -197,6 +198,8 @@ void Ability::OnStart(const Want &want) appIndex_ = want.GetIntParam(DLP_INDEX, 0); (const_cast(want)).RemoveParam(DLP_INDEX); + securityFlag_ = want.GetBoolParam(DLP_PARAMS_SECURITY_FLAG, false); + (const_cast(want)).RemoveParam(DLP_PARAMS_SECURITY_FLAG); HILOG_INFO("%{public}s begin, ability is %{public}s.", __func__, abilityInfo_->name.c_str()); #ifdef SUPPORT_GRAPHICS @@ -2359,7 +2362,7 @@ void Ability::InitWindow(Rosen::WindowType winType, int32_t displayId, sptrInitWindow(winType, abilityContext_, sceneListener_, displayId, option, appIndex_ != 0); + abilityWindow_->InitWindow(winType, abilityContext_, sceneListener_, displayId, option, securityFlag_); } /** diff --git a/frameworks/native/ability/native/ability_runtime/js_ability.cpp b/frameworks/native/ability/native/ability_runtime/js_ability.cpp index fc1056c7ba..26dd4a98d6 100644 --- a/frameworks/native/ability/native/ability_runtime/js_ability.cpp +++ b/frameworks/native/ability/native/ability_runtime/js_ability.cpp @@ -429,7 +429,7 @@ void JsAbility::DoOnForeground(const Want &want) std::weak_ptr weakAbility = shared_from_this(); abilityDisplayMoveListener_ = new AbilityDisplayMoveListener(weakAbility); window->RegisterDisplayMoveListener(abilityDisplayMoveListener_); - window->SetPrivacyMode(appIndex_ != 0); + window->SetPrivacyMode(securityFlag_); } HILOG_INFO("%{public}s begin scene_->GoForeground, sceneFlag_:%{public}d.", __func__, Ability::sceneFlag_); diff --git a/interfaces/kits/native/ability/native/ability.h b/interfaces/kits/native/ability/native/ability.h index 146c31e409..a22246a00d 100644 --- a/interfaces/kits/native/ability/native/ability.h +++ b/interfaces/kits/native/ability/native/ability.h @@ -1667,6 +1667,7 @@ protected: std::shared_ptr setting_ = nullptr; LaunchParam launchParam_; int32_t appIndex_ = 0; + bool securityFlag_ = false; private: std::shared_ptr ParsePredictionArgsReference( diff --git a/services/abilitymgr/include/ability_manager_service.h b/services/abilitymgr/include/ability_manager_service.h index 90ffb4085f..a71776eaf9 100644 --- a/services/abilitymgr/include/ability_manager_service.h +++ b/services/abilitymgr/include/ability_manager_service.h @@ -993,8 +993,6 @@ private: void StartResidentApps(); - int VerifyMissionPermission(); - int VerifyAccountPermission(int32_t userId); bool CheckCallerEligibility(const AppExecFwk::AbilityInfo &abilityInfo, int callerUid); diff --git a/services/abilitymgr/src/ability_manager_service.cpp b/services/abilitymgr/src/ability_manager_service.cpp index 48401106dc..34627aeeb4 100644 --- a/services/abilitymgr/src/ability_manager_service.cpp +++ b/services/abilitymgr/src/ability_manager_service.cpp @@ -45,7 +45,6 @@ #include "iservice_registry.h" #include "itest_observer.h" #include "mission_info_mgr.h" -#include "permission_constants.h" #include "permission_verification.h" #include "sa_mgr_client.h" #include "system_ability_token_callback.h" @@ -1528,7 +1527,7 @@ int AbilityManagerService::ContinueMission(const std::string &srcDeviceId, const int32_t missionId, const sptr &callBack, AAFwk::WantParams &wantParams) { HILOG_INFO("ContinueMission missionId: %{public}d", missionId); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1601,7 +1600,7 @@ int AbilityManagerService::NotifyContinuationResult(int32_t missionId, int32_t r int AbilityManagerService::StartSyncRemoteMissions(const std::string& devId, bool fixConflict, int64_t tag) { - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1611,7 +1610,7 @@ int AbilityManagerService::StartSyncRemoteMissions(const std::string& devId, boo int AbilityManagerService::StopSyncRemoteMissions(const std::string& devId) { - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1628,7 +1627,7 @@ int AbilityManagerService::RegisterMissionListener(const std::string &deviceId, return REGISTER_REMOTE_MISSION_LISTENER_FAIL; } CHECK_POINTER_AND_RETURN(listener, ERR_INVALID_VALUE); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1645,7 +1644,7 @@ int AbilityManagerService::UnRegisterMissionListener(const std::string &deviceId return REGISTER_REMOTE_MISSION_LISTENER_FAIL; } CHECK_POINTER_AND_RETURN(listener, ERR_INVALID_VALUE); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1831,7 +1830,7 @@ int AbilityManagerService::LockMissionForCleanup(int32_t missionId) HILOG_INFO("request unlock mission for clean up all, id :%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1843,7 +1842,7 @@ int AbilityManagerService::UnlockMissionForCleanup(int32_t missionId) HILOG_INFO("request unlock mission for clean up all, id :%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1855,7 +1854,7 @@ int AbilityManagerService::RegisterMissionListener(const sptr HILOG_INFO("request RegisterMissionListener "); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1867,7 +1866,7 @@ int AbilityManagerService::UnRegisterMissionListener(const sptrVerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1880,7 +1879,7 @@ int AbilityManagerService::GetMissionInfos(const std::string& deviceId, int32_t HILOG_INFO("request GetMissionInfos."); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1911,7 +1910,7 @@ int AbilityManagerService::GetMissionInfo(const std::string& deviceId, int32_t m HILOG_INFO("request GetMissionInfo, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1947,7 +1946,7 @@ int AbilityManagerService::CleanMission(int32_t missionId) HILOG_INFO("request CleanMission, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1960,7 +1959,7 @@ int AbilityManagerService::CleanAllMissions() HILOG_INFO("request CleanAllMissions "); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1980,7 +1979,7 @@ int AbilityManagerService::MoveMissionToFront(int32_t missionId) HILOG_INFO("request MoveMissionToFront, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1998,7 +1997,7 @@ int AbilityManagerService::MoveMissionToFront(int32_t missionId, const StartOpti HILOG_INFO("request MoveMissionToFront, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -3900,7 +3899,7 @@ int AbilityManagerService::RegisterSnapshotHandler(const sptr& int32_t AbilityManagerService::GetMissionSnapshot(const std::string& deviceId, int32_t missionId, MissionSnapshot& missionSnapshot, bool isLowResolution) { - if (VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -4580,22 +4579,6 @@ bool AbilityManagerService::GetDataAbilityUri(const std::vectorIsSACall(); - if (isSaCall) { - return ERR_OK; - } - auto isCallingPerm = AAFwk::PermissionVerification::GetInstance()->VerifyCallingPermission( - PermissionConstants::PERMISSION_MANAGE_MISSION); - if (isCallingPerm) { - HILOG_DEBUG("%{public}s: Permission verification succeeded.", __func__); - return ERR_OK; - } - HILOG_ERROR("%{public}s: Permission verification failed", __func__); - return CHECK_PERMISSION_FAILED; -} - void AbilityManagerService::GetAbilityRunningInfo(std::vector &info, std::shared_ptr &abilityRecord) { @@ -4619,17 +4602,7 @@ int AbilityManagerService::VerifyAccountPermission(int32_t userId) if ((userId < 0) || (userController_ && (userController_->GetCurrentUserId() == userId))) { return ERR_OK; } - auto isSaCall = AAFwk::PermissionVerification::GetInstance()->IsSACall(); - if (isSaCall) { - return ERR_OK; - } - auto isCallingPerm = AAFwk::PermissionVerification::GetInstance()->VerifyCallingPermission( - PermissionConstants::PERMISSION_INTERACT_ACROSS_LOCAL_ACCOUNTS); - if (isCallingPerm) { - return ERR_OK; - } - HILOG_ERROR("%{public}s: Permission verification failed", __func__); - return CHECK_PERMISSION_FAILED; + return AAFwk::PermissionVerification::GetInstance()->VerifyAccountPermission(); } #ifdef ABILITY_COMMAND_FOR_TEST diff --git a/services/appmgr/include/app_running_record.h b/services/appmgr/include/app_running_record.h index 73868bfa52..9506905d3c 100644 --- a/services/appmgr/include/app_running_record.h +++ b/services/appmgr/include/app_running_record.h @@ -497,6 +497,8 @@ public: bool IsKilling() const; void SetAppIndex(const int32_t appIndex); int32_t GetAppIndex() const; + void SetSecurityFlag(bool securityFlag); + bool GetSecurityFlag() const; using Closure = std::function; void PostTask(std::string msg, int64_t timeOut, const Closure &task); @@ -586,6 +588,7 @@ private: std::shared_ptr renderRecord_ = nullptr; AppSpawnStartMsg startMsg_; int32_t appIndex_ = 0; + bool securityFlag_ = false; }; } // namespace AppExecFwk } // namespace OHOS diff --git a/services/appmgr/src/app_mgr_service_inner.cpp b/services/appmgr/src/app_mgr_service_inner.cpp index be4e1316e6..3a35588f1c 100644 --- a/services/appmgr/src/app_mgr_service_inner.cpp +++ b/services/appmgr/src/app_mgr_service_inner.cpp @@ -70,6 +70,7 @@ const std::string SO_PATH = "system/lib64/libmapleappkit.z.so"; const std::string RENDER_PARAM = "invalidparam"; const std::string COLD_START = "coldStart"; const std::string DLP_PARAMS_INDEX = "ohos.dlp.params.index"; +const std::string DLP_PARAMS_SECURITY_FLAG = "ohos.dlp.params.securityFlag"; const int32_t SIGNAL_KILL = 9; constexpr int32_t USER_SCALE = 200000; #define ENUM_TO_STRING(s) #s @@ -805,6 +806,7 @@ std::shared_ptr AppMgrServiceInner::CreateAppRunningRecord(con appRecord->SetDebugApp(true); } appRecord->SetAppIndex(want->GetIntParam(DLP_PARAMS_INDEX, 0)); + appRecord->SetSecurityFlag(want->GetBoolParam(DLP_PARAMS_SECURITY_FLAG, false)); } if (preToken) { @@ -1058,6 +1060,10 @@ void AppMgrServiceInner::StartAbility(const sptr &token, const sp return; } + if (want) { + want->SetParam(DLP_PARAMS_SECURITY_FLAG, appRecord->GetSecurityFlag()); + } + if (abilityInfo->launchMode == LaunchMode::SINGLETON) { int32_t ownerUserId = -1; if (want) { diff --git a/services/appmgr/src/app_running_record.cpp b/services/appmgr/src/app_running_record.cpp index 80247ce410..7084260f69 100644 --- a/services/appmgr/src/app_running_record.cpp +++ b/services/appmgr/src/app_running_record.cpp @@ -1090,6 +1090,16 @@ int32_t AppRunningRecord::GetAppIndex() const return appIndex_; } +void AppRunningRecord::SetSecurityFlag(bool securityFlag) +{ + securityFlag_ = securityFlag; +} + +bool AppRunningRecord::GetSecurityFlag() const +{ + return securityFlag_; +} + void AppRunningRecord::SetKilling() { isKilling_ = true; diff --git a/services/common/BUILD.gn b/services/common/BUILD.gn index 0cc42bb18e..0b894a0e9e 100644 --- a/services/common/BUILD.gn +++ b/services/common/BUILD.gn @@ -25,7 +25,10 @@ group("ams_common_target") { config("common_config") { visibility = [ ":*" ] - include_dirs = [ "include" ] + include_dirs = [ + "include", + "${ability_runtime_innerkits_path}/ability_manager/include", + ] cflags = [] if (target_cpu == "arm") { cflags += [ "-DBINDER_IPC_32BIT" ] diff --git a/services/common/include/permission_verification.h b/services/common/include/permission_verification.h index 4e3c7658df..feadb2de6f 100644 --- a/services/common/include/permission_verification.h +++ b/services/common/include/permission_verification.h @@ -38,6 +38,10 @@ public: bool VerifyDlpPermission(Want &want); + int VerifyAccountPermission(); + + int VerifyMissionPermission(); + private: DISALLOW_COPY_AND_MOVE(PermissionVerification); unsigned int GetCallingTokenID(); diff --git a/services/common/src/permission_verification.cpp b/services/common/src/permission_verification.cpp index 6ce2af1e4a..3b74145faf 100644 --- a/services/common/src/permission_verification.cpp +++ b/services/common/src/permission_verification.cpp @@ -15,6 +15,7 @@ #include "permission_verification.h" +#include "ability_manager_errors.h" #include "accesstoken_kit.h" #include "hilog_wrapper.h" #include "ipc_skeleton.h" @@ -113,6 +114,31 @@ bool PermissionVerification::VerifyDlpPermission(Want &want) return false; } +int PermissionVerification::VerifyAccountPermission() +{ + if (IsSACall()) { + return ERR_OK; + } + if (VerifyCallingPermission(PermissionConstants::PERMISSION_INTERACT_ACROSS_LOCAL_ACCOUNTS)) { + return ERR_OK; + } + HILOG_ERROR("%{public}s: Permission verification failed", __func__); + return CHECK_PERMISSION_FAILED; +} + +int PermissionVerification::VerifyMissionPermission() +{ + if (IsSACall()) { + return ERR_OK; + } + if (VerifyCallingPermission(PermissionConstants::PERMISSION_MANAGE_MISSION)) { + HILOG_DEBUG("%{public}s: Permission verification succeeded.", __func__); + return ERR_OK; + } + HILOG_ERROR("%{public}s: Permission verification failed", __func__); + return CHECK_PERMISSION_FAILED; +} + unsigned int PermissionVerification::GetCallingTokenID() { auto callerToken = IPCSkeleton::GetCallingTokenID(); -- Gitee From 6f7cc0e2486934024ef0f10e1b5358ac9b60312b Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 21 Jul 2022 17:33:25 +0800 Subject: [PATCH 2/2] add user Signed-off-by: unknown --- .../src/ability_manager_service.cpp | 32 +++++++++---------- .../common/include/permission_verification.h | 2 +- .../common/src/permission_verification.cpp | 8 ++--- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/services/abilitymgr/src/ability_manager_service.cpp b/services/abilitymgr/src/ability_manager_service.cpp index 34627aeeb4..9a7252a834 100644 --- a/services/abilitymgr/src/ability_manager_service.cpp +++ b/services/abilitymgr/src/ability_manager_service.cpp @@ -1527,7 +1527,7 @@ int AbilityManagerService::ContinueMission(const std::string &srcDeviceId, const int32_t missionId, const sptr &callBack, AAFwk::WantParams &wantParams) { HILOG_INFO("ContinueMission missionId: %{public}d", missionId); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1600,7 +1600,7 @@ int AbilityManagerService::NotifyContinuationResult(int32_t missionId, int32_t r int AbilityManagerService::StartSyncRemoteMissions(const std::string& devId, bool fixConflict, int64_t tag) { - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1610,7 +1610,7 @@ int AbilityManagerService::StartSyncRemoteMissions(const std::string& devId, boo int AbilityManagerService::StopSyncRemoteMissions(const std::string& devId) { - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1627,7 +1627,7 @@ int AbilityManagerService::RegisterMissionListener(const std::string &deviceId, return REGISTER_REMOTE_MISSION_LISTENER_FAIL; } CHECK_POINTER_AND_RETURN(listener, ERR_INVALID_VALUE); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1644,7 +1644,7 @@ int AbilityManagerService::UnRegisterMissionListener(const std::string &deviceId return REGISTER_REMOTE_MISSION_LISTENER_FAIL; } CHECK_POINTER_AND_RETURN(listener, ERR_INVALID_VALUE); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1830,7 +1830,7 @@ int AbilityManagerService::LockMissionForCleanup(int32_t missionId) HILOG_INFO("request unlock mission for clean up all, id :%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1842,7 +1842,7 @@ int AbilityManagerService::UnlockMissionForCleanup(int32_t missionId) HILOG_INFO("request unlock mission for clean up all, id :%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1854,7 +1854,7 @@ int AbilityManagerService::RegisterMissionListener(const sptr HILOG_INFO("request RegisterMissionListener "); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1866,7 +1866,7 @@ int AbilityManagerService::UnRegisterMissionListener(const sptrVerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1879,7 +1879,7 @@ int AbilityManagerService::GetMissionInfos(const std::string& deviceId, int32_t HILOG_INFO("request GetMissionInfos."); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1910,7 +1910,7 @@ int AbilityManagerService::GetMissionInfo(const std::string& deviceId, int32_t m HILOG_INFO("request GetMissionInfo, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1946,7 +1946,7 @@ int AbilityManagerService::CleanMission(int32_t missionId) HILOG_INFO("request CleanMission, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1959,7 +1959,7 @@ int AbilityManagerService::CleanAllMissions() HILOG_INFO("request CleanAllMissions "); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1979,7 +1979,7 @@ int AbilityManagerService::MoveMissionToFront(int32_t missionId) HILOG_INFO("request MoveMissionToFront, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -1997,7 +1997,7 @@ int AbilityManagerService::MoveMissionToFront(int32_t missionId, const StartOpti HILOG_INFO("request MoveMissionToFront, missionId:%{public}d", missionId); CHECK_POINTER_AND_RETURN(currentMissionListManager_, ERR_NO_INIT); - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } @@ -3899,7 +3899,7 @@ int AbilityManagerService::RegisterSnapshotHandler(const sptr& int32_t AbilityManagerService::GetMissionSnapshot(const std::string& deviceId, int32_t missionId, MissionSnapshot& missionSnapshot, bool isLowResolution) { - if (PermissionVerification::GetInstance()->VerifyMissionPermission() == CHECK_PERMISSION_FAILED) { + if (!PermissionVerification::GetInstance()->VerifyMissionPermission()) { HILOG_ERROR("%{public}s: Permission verification failed", __func__); return CHECK_PERMISSION_FAILED; } diff --git a/services/common/include/permission_verification.h b/services/common/include/permission_verification.h index feadb2de6f..1cae029b6b 100644 --- a/services/common/include/permission_verification.h +++ b/services/common/include/permission_verification.h @@ -40,7 +40,7 @@ public: int VerifyAccountPermission(); - int VerifyMissionPermission(); + bool VerifyMissionPermission(); private: DISALLOW_COPY_AND_MOVE(PermissionVerification); diff --git a/services/common/src/permission_verification.cpp b/services/common/src/permission_verification.cpp index 3b74145faf..ca57162280 100644 --- a/services/common/src/permission_verification.cpp +++ b/services/common/src/permission_verification.cpp @@ -126,17 +126,17 @@ int PermissionVerification::VerifyAccountPermission() return CHECK_PERMISSION_FAILED; } -int PermissionVerification::VerifyMissionPermission() +bool PermissionVerification::VerifyMissionPermission() { if (IsSACall()) { - return ERR_OK; + return true; } if (VerifyCallingPermission(PermissionConstants::PERMISSION_MANAGE_MISSION)) { HILOG_DEBUG("%{public}s: Permission verification succeeded.", __func__); - return ERR_OK; + return true; } HILOG_ERROR("%{public}s: Permission verification failed", __func__); - return CHECK_PERMISSION_FAILED; + return false; } unsigned int PermissionVerification::GetCallingTokenID() -- Gitee