diff --git a/utils/src/permission.cpp b/utils/src/permission.cpp index bae17d6dc170d0d07ac4f94091b4aafa940c7eeb..5fbc2b718095436f580fdb4b4adba84121d848d7 100644 --- a/utils/src/permission.cpp +++ b/utils/src/permission.cpp @@ -63,10 +63,9 @@ bool Permission::IsSystemCalling(bool isLocalSysCalling) if (IsSystemServiceCalling(false, isLocalSysCalling)) { return true; } - uint64_t accessTokenIDEx = isLocalSysCalling ? + uint64_t tokenId = isLocalSysCalling ? IPCSkeleton::GetSelfTokenID() : IPCSkeleton::GetCallingFullTokenID(); - bool isSystemApp = Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(accessTokenIDEx); - return isSystemApp; + return Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(tokenId); } bool Permission::CheckCallingPermission(const std::string& permission) diff --git a/window_scene/session/host/include/scene_session.h b/window_scene/session/host/include/scene_session.h index b4a50a4793ae9fc955754bf55279ebda5f49471a..7912549321a4f7d8388715d0b7bbff65081bc20b 100644 --- a/window_scene/session/host/include/scene_session.h +++ b/window_scene/session/host/include/scene_session.h @@ -351,6 +351,7 @@ protected: void SetMoveDragCallback(); std::string GetRatioPreferenceKey(); WSError NotifyClientToUpdateRectTask(std::shared_ptr rsTransaction); + bool CheckPermissionWithPropertyAnimation(const sptr& property) const; std::string GetRectInfo(const WSRect& rect) { @@ -377,6 +378,9 @@ private: WSError HandleEnterWinwdowArea(int32_t windowX, int32_t windowY); WSError HandlePointerStyle(const std::shared_ptr& pointerEvent); + // session lifecycle funcs + WSError ForegroundTask(const sptr& property); + #ifdef DEVICE_STATUS_ENABLE void RotateDragWindow(std::shared_ptr rsTransaction); #endif // DEVICE_STATUS_ENABLE diff --git a/window_scene/session/host/src/keyboard_session.cpp b/window_scene/session/host/src/keyboard_session.cpp index 88e23d63d135c441db25605bef70c971667e6c0d..370599002b91c47b2f9e29c3b928b60681b9f9de 100644 --- a/window_scene/session/host/src/keyboard_session.cpp +++ b/window_scene/session/host/src/keyboard_session.cpp @@ -67,6 +67,9 @@ SessionGravity KeyboardSession::GetKeyboardGravity() const WSError KeyboardSession::Show(sptr property) { + if (!CheckPermissionWithPropertyAnimation(property)) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto task = [weakThis = wptr(this), property]() { auto session = weakThis.promote(); if (!session) { @@ -86,6 +89,9 @@ WSError KeyboardSession::Show(sptr property) WSError KeyboardSession::Hide() { + if (!CheckPermissionWithPropertyAnimation(GetSessionProperty())) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto task = [weakThis = wptr(this)]() { auto session = weakThis.promote(); if (!session) { diff --git a/window_scene/session/host/src/scene_session.cpp b/window_scene/session/host/src/scene_session.cpp index 3937fd4cc6c0a5658969b3aea0c2828c905a3280..878c31eb5e7f29b8ddbb89cd0269fd056d2626b5 100644 --- a/window_scene/session/host/src/scene_session.cpp +++ b/window_scene/session/host/src/scene_session.cpp @@ -145,6 +145,9 @@ WSError SceneSession::Reconnect(const sptr& sessionStage, const s WSError SceneSession::Foreground(sptr property, bool isFromClient) { + if (!CheckPermissionWithPropertyAnimation(property)) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } // return when screen is locked and show without ShowWhenLocked flag if (false && GetWindowType() == WindowType::WINDOW_TYPE_APP_MAIN_WINDOW && GetStateFromManager(ManagerState::MANAGER_STATE_SCREEN_LOCKED) && !IsShowWhenLocked() && @@ -163,7 +166,11 @@ WSError SceneSession::Foreground(sptr property, bool isFr return WSError::WS_OK; } } + return ForegroundTask(property); +} +WSError SceneSession::ForegroundTask(const sptr& property) +{ auto task = [weakThis = wptr(this), property]() { auto session = weakThis.promote(); if (!session) { @@ -204,6 +211,9 @@ WSError SceneSession::Foreground(sptr property, bool isFr WSError SceneSession::Background(bool isFromClient) { + if (!CheckPermissionWithPropertyAnimation(GetSessionProperty())) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } if (isFromClient && SessionHelper::IsMainWindow(GetWindowType())) { int32_t callingPid = IPCSkeleton::GetCallingPid(); if (callingPid != -1 && callingPid != GetCallingPid()) { @@ -2752,6 +2762,8 @@ static bool IsNeedSystemPermissionByAction(WSPropertyChangeAction action, case WSPropertyChangeAction::ACTION_UPDATE_RAISEENABLED: case WSPropertyChangeAction::ACTION_UPDATE_MODE_SUPPORT_INFO: return true; + case WSPropertyChangeAction::ACTION_UPDATE_ANIMATION_FLAG: + return property->GetAnimationFlag() == static_cast(WindowAnimation::CUSTOM); case WSPropertyChangeAction::ACTION_UPDATE_FLAGS: { uint32_t oldFlags = sessionProperty->GetWindowFlags(); uint32_t flags = property->GetWindowFlags(); @@ -3884,4 +3896,15 @@ int32_t SceneSession::GetStatusBarHeight() TLOGD(WmsLogTag::WMS_IMMS, "StatusBarVectorHeight is %{public}d", height); return height; } + +bool SceneSession::CheckPermissionWithPropertyAnimation(const sptr& property) const +{ + if (property && property->GetAnimationFlag() == static_cast(WindowAnimation::CUSTOM)) { + if (!SessionPermission::IsSystemCalling() && !SessionPermission::IsStartByHdcd()) { + TLOGE(WmsLogTag::WMS_LIFE, "Not system app, no permission"); + return false; + } + } + return true; +} } // namespace OHOS::Rosen diff --git a/window_scene/session/host/src/sub_session.cpp b/window_scene/session/host/src/sub_session.cpp index 890dbe7340790d4ab6cff8609ddc1b8f40f57f59..745fd9626306e04da11e633a16ac4935e0ed3a8a 100644 --- a/window_scene/session/host/src/sub_session.cpp +++ b/window_scene/session/host/src/sub_session.cpp @@ -16,6 +16,7 @@ #include "session/host/include/sub_session.h" #include "screen_session_manager/include/screen_session_manager_client.h" +#include "common/include/session_permission.h" #include "key_event.h" #include "window_helper.h" #include "parameters.h" @@ -47,6 +48,9 @@ SubSession::~SubSession() WSError SubSession::Show(sptr property) { + if (!CheckPermissionWithPropertyAnimation(property)) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto task = [weakThis = wptr(this), property]() { auto session = weakThis.promote(); if (!session) { @@ -71,6 +75,9 @@ WSError SubSession::Show(sptr property) WSError SubSession::Hide() { + if (!CheckPermissionWithPropertyAnimation(GetSessionProperty())) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto task = [weakThis = wptr(this)]() { auto session = weakThis.promote(); if (!session) { diff --git a/window_scene/session/host/src/system_session.cpp b/window_scene/session/host/src/system_session.cpp index 0d2ef8628054f77a8001d6b5a71f3244025d90b2..a979ede0ec5ff7de02e087b408a153bb61a0965b 100644 --- a/window_scene/session/host/src/system_session.cpp +++ b/window_scene/session/host/src/system_session.cpp @@ -75,6 +75,9 @@ void SystemSession::UpdateCameraWindowStatus(bool isShowing) WSError SystemSession::Show(sptr property) { + if (!CheckPermissionWithPropertyAnimation(property)) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto type = GetWindowType(); if (((type == WindowType::WINDOW_TYPE_TOAST) || (type == WindowType::WINDOW_TYPE_FLOAT)) && !SessionPermission::IsSystemCalling()) { @@ -110,6 +113,9 @@ WSError SystemSession::Show(sptr property) WSError SystemSession::Hide() { + if (!CheckPermissionWithPropertyAnimation(GetSessionProperty())) { + return WSError::WS_ERROR_NOT_SYSTEM_APP; + } auto type = GetWindowType(); if (NeedSystemPermission(type)) { // Do not need to verify the permission to hide the input method status bar.