From 157ed41fb1e49201bc883798f215e32dca61beee Mon Sep 17 00:00:00 2001
From: wu-liushuan <wuliushuan.30044128@h-partners.com>
Date: Sat, 9 Aug 2025 15:50:32 +0800
Subject: [PATCH] =?UTF-8?q?=E5=90=8C=E6=AD=A5=E4=B8=BB=E5=B9=B2=E6=89=93?=
 =?UTF-8?q?=E7=82=B9=E4=BA=8B=E4=BB=B620250809?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: wu-liushuan <wuliushuan.30044128@h-partners.com>
Change-Id: Ic82d22b73605a72feed65a0ceaf3a77328d10dcb
---
 .../include/ani_hisysevent_adapter.h          | 37 +++++++++++++++++++
 .../include/ani_request_permission.h          |  1 +
 .../src/ani_ability_access_ctrl.cpp           | 10 +++++
 .../src/ani_request_permission.cpp            | 20 ++++++++++
 4 files changed, 68 insertions(+)
 create mode 100644 frameworks/ets/ani/accesstoken/include/ani_hisysevent_adapter.h

diff --git a/frameworks/ets/ani/accesstoken/include/ani_hisysevent_adapter.h b/frameworks/ets/ani/accesstoken/include/ani_hisysevent_adapter.h
new file mode 100644
index 000000000..4cd455e2f
--- /dev/null
+++ b/frameworks/ets/ani/accesstoken/include/ani_hisysevent_adapter.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ACCESSTOKEN_ANI_HISYSEVENT_ADAPTER_H
+#define ACCESSTOKEN_ANI_HISYSEVENT_ADAPTER_H
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+enum ReqPermFromUserErrorCode {
+    TOKENID_INCONSISTENCY = 0,
+    ABILITY_FLAG_ERROR = 1,
+    GET_UI_CONTENT_FAILED = 2,
+    CREATE_MODAL_UI_FAILED = 3,
+    TRIGGER_RELEASE = 4,
+    TRIGGER_ONERROR = 5,
+    TRIGGER_DESTROY = 6,
+};
+enum VerifyAccessTokenEventCode {
+    VERIFY_TOKENID_INCONSISTENCY = 0,
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // ACCESSTOKEN_ANI_HISYSEVENT_ADAPTER_H
diff --git a/frameworks/ets/ani/accesstoken/include/ani_request_permission.h b/frameworks/ets/ani/accesstoken/include/ani_request_permission.h
index cfcbfcf3a..6f29adb86 100644
--- a/frameworks/ets/ani/accesstoken/include/ani_request_permission.h
+++ b/frameworks/ets/ani/accesstoken/include/ani_request_permission.h
@@ -80,6 +80,7 @@ public:
 private:
     int32_t sessionId_ = 0;
     std::shared_ptr<RequestAsyncContext> reqContext_ = nullptr;
+    std::atomic<bool> isOnResult_;
 };
 
 class AuthorizationResult : public Security::AccessToken::TokenCallbackStub {
diff --git a/frameworks/ets/ani/accesstoken/src/ani_ability_access_ctrl.cpp b/frameworks/ets/ani/accesstoken/src/ani_ability_access_ctrl.cpp
index a7e6c51e2..3bb43e639 100644
--- a/frameworks/ets/ani/accesstoken/src/ani_ability_access_ctrl.cpp
+++ b/frameworks/ets/ani/accesstoken/src/ani_ability_access_ctrl.cpp
@@ -22,6 +22,7 @@
 #include "access_token_error.h"
 #include "accesstoken_common_log.h"
 #include "accesstoken_kit.h"
+#include "ani_hisysevent_adapter.h"
 #include "ani_request_global_switch_on_setting.h"
 #include "ani_request_permission.h"
 #include "ani_request_permission_on_setting.h"
@@ -39,6 +40,8 @@ constexpr int32_t VALUE_MAX_LEN = 32;
 std::mutex g_lockCache;
 static PermissionParamCache g_paramCache;
 std::map<std::string, PermissionStatusCache> g_cache;
+static std::atomic<int32_t> g_cnt = 0;
+constexpr uint32_t REPORT_CNT = 10;
 static constexpr const char* PERMISSION_STATUS_CHANGE_KEY = "accesstoken.permission.change";
 }
 constexpr const char* PERM_STATE_CHANGE_FIELD_TOKEN_ID = "tokenID";
@@ -284,6 +287,13 @@ static ani_int CheckAccessTokenExecute([[maybe_unused]] ani_env* env, [[maybe_un
     asyncContext->permissionName = permissionName;
     static uint64_t selfTokenId = GetSelfTokenID();
     if (asyncContext->tokenId != static_cast<AccessTokenID>(selfTokenId)) {
+        int32_t cnt = g_cnt.fetch_add(1);
+        if (!AccessTokenKit::IsSystemAppByFullTokenID(selfTokenId) && cnt % REPORT_CNT == 0) {
+            AccessTokenID selfToken = static_cast<AccessTokenID>(selfTokenId);
+            (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "VERIFY_ACCESS_TOKEN_EVENT",
+                HiviewDFX::HiSysEvent::EventType::STATISTIC, "EVENT_CODE", VERIFY_TOKENID_INCONSISTENCY,
+                "SELF_TOKENID", selfToken, "CONTEXT_TOKENID", asyncContext->tokenId);
+        }
         asyncContext->grantStatus = AccessToken::AccessTokenKit::VerifyAccessToken(tokenID, permissionName);
         return static_cast<ani_int>(asyncContext->grantStatus);
     }
diff --git a/frameworks/ets/ani/accesstoken/src/ani_request_permission.cpp b/frameworks/ets/ani/accesstoken/src/ani_request_permission.cpp
index d9168c8f5..578a6cb4f 100644
--- a/frameworks/ets/ani/accesstoken/src/ani_request_permission.cpp
+++ b/frameworks/ets/ani/accesstoken/src/ani_request_permission.cpp
@@ -22,6 +22,7 @@
 #include "ability_manager_client.h"
 #include "accesstoken_common_log.h"
 #include "accesstoken_kit.h"
+#include "ani_hisysevent_adapter.h"
 #include "hisysevent.h"
 #include "token_setproc.h"
 #include "want.h"
@@ -205,6 +206,8 @@ static void CreateUIExtensionMainThread(std::shared_ptr<RequestAsyncContext>& as
             asyncContext->result.errorCode = AccessToken::RET_FAILED;
             asyncContext->uiExtensionFlag = false;
             asyncContext->loadlock.unlock();
+            (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+                HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", CREATE_MODAL_UI_FAILED);
             return;
         }
         uiExtCallback->SetSessionId(sessionId);
@@ -226,6 +229,8 @@ static void CreateServiceExtension(std::shared_ptr<RequestAsyncContext>& asyncCo
         LOGE(ATM_DOMAIN, ATM_TAG, "UIExtension ability can not pop service ablility window!");
         asyncContext->needDynamicRequest = false;
         asyncContext->result.errorCode = RET_FAILED;
+        (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+            HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", ABILITY_FLAG_ERROR);
         return;
     }
     OHOS::sptr<IRemoteObject> remoteObject = new (std::nothrow) AuthorizationResult(asyncContext);
@@ -290,6 +295,8 @@ static void GetInstanceId(std::shared_ptr<RequestAsyncContext>& asyncContext)
             asyncContext->uiExtensionContext, asyncContext->uiAbilityFlag);
         if (uiContent == nullptr) {
             LOGE(ATM_DOMAIN, ATM_TAG, "Failed to get ui content failed!");
+            (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+                HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", GET_UI_CONTENT_FAILED);
             return;
         }
         asyncContext->uiContentFlag = true;
@@ -463,6 +470,9 @@ void RequestPermissionsFromUserExecute([[maybe_unused]] ani_env* env, [[maybe_un
         ani_object result = reinterpret_cast<ani_object>(nullRef);
         ani_object error = BusinessErrorAni::CreateError(env, STS_ERROR_INNER, GetErrorMessage(STS_ERROR_INNER,
             "The specified context does not belong to the current application."));
+        (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+            HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", TOKENID_INCONSISTENCY,
+            "SELF_TOKEN", selfTokenID, "CONTEXT_TOKEN", asyncContext->tokenId);
         ExecuteAsyncCallback(env, callback, error, result);
         return;
     }
@@ -573,6 +583,7 @@ void RequestAsyncInstanceControl::AddCallbackByInstanceId(std::shared_ptr<Reques
 UIExtensionCallback::UIExtensionCallback(const std::shared_ptr<RequestAsyncContext>& reqContext)
 {
     this->reqContext_ = reqContext;
+    isOnResult_.exchange(false);
 }
 
 UIExtensionCallback::~UIExtensionCallback() {}
@@ -602,6 +613,7 @@ void UIExtensionCallback::ReleaseHandler(int32_t code)
 
 void UIExtensionCallback::OnResult(int32_t resultCode, const OHOS::AAFwk::Want& result)
 {
+    isOnResult_.exchange(true);
     LOGI(ATM_DOMAIN, ATM_TAG, "ResultCode is %{public}d.", resultCode);
     this->reqContext_->permissionList = result.GetStringArrayParam(PERMISSION_KEY);
     this->reqContext_->permissionsState = result.GetIntArrayParam(RESULT_KEY);
@@ -616,6 +628,8 @@ void UIExtensionCallback::OnReceive(const OHOS::AAFwk::WantParams& receive)
 void UIExtensionCallback::OnRelease(int32_t releaseCode)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "ReleaseCode is %{public}d.", releaseCode);
+    (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+        HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", TRIGGER_RELEASE, "INNER_CODE", releaseCode);
     ReleaseHandler(-1);
 }
 
@@ -624,6 +638,8 @@ void UIExtensionCallback::OnError(int32_t code, const std::string& name, const s
     LOGI(ATM_DOMAIN, ATM_TAG,
         "Code is %{public}d, name is %{public}s, message is %{public}s.", code, name.c_str(), message.c_str());
 
+    (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+        HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", TRIGGER_ONERROR, "INNER_CODE", code);
     ReleaseHandler(-1);
 }
 
@@ -635,6 +651,10 @@ void UIExtensionCallback::OnRemoteReady(const std::shared_ptr<OHOS::Ace::ModalUI
 void UIExtensionCallback::OnDestroy()
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "UIExtensionAbility destructed.");
+    if (!isOnResult_.load()) {
+        (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "REQ_PERM_FROM_USER_ERROR",
+            HiviewDFX::HiSysEvent::EventType::FAULT, "ERROR_CODE", TRIGGER_DESTROY);
+    }
     ReleaseHandler(-1);
 }
 
-- 
Gitee