From 452f384a3d5bcc20cfdf20107221bb3ec5304366 Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Sat, 12 Mar 2022 10:55:27 +0800 Subject: [PATCH 1/7] add permission Signed-off-by: wangyanhandsome --- .../service/src/permission/auth_center.cpp | 56 +++++++++++++++++++ .../service/src/permission/auth_center.h | 51 +++++++++++++++++ .../src/permission/permission_helper.cpp | 56 +++++++++++++++++++ .../src/permission/permission_helper.h | 49 ++++++++++++++++ .../src/permission/permission_utils.cpp | 38 +++++++++++++ .../service/src/permission/permission_utils.h | 26 +++++++++ 6 files changed, 276 insertions(+) create mode 100644 services/bluetooth_standard/service/src/permission/auth_center.cpp create mode 100644 services/bluetooth_standard/service/src/permission/auth_center.h create mode 100644 services/bluetooth_standard/service/src/permission/permission_helper.cpp create mode 100644 services/bluetooth_standard/service/src/permission/permission_helper.h create mode 100644 services/bluetooth_standard/service/src/permission/permission_utils.cpp create mode 100644 services/bluetooth_standard/service/src/permission/permission_utils.h diff --git a/services/bluetooth_standard/service/src/permission/auth_center.cpp b/services/bluetooth_standard/service/src/permission/auth_center.cpp new file mode 100644 index 00000000..ed510acf --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/auth_center.cpp @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "auth_center.h" +#include +#include "permission_helper.h" + +namespace bluetooth { +#ifdef PERMISSION_ALWAYS_GRANT +bool g_permissionAlwaysGrant = true; +#else +bool g_permissionAlwaysGrant = false; +#endif + +AuthCenter &AuthCenter::GetInstance() +{ + static AuthCenter authCenter; + return authCenter; +} + +int AuthCenter::VerifyUseBluetoothPermission(const int &pid, const int &uid) +{ + if (g_permissionAlwaysGrant) { + return PERMISSION_GRANTED; + } + + return PermissionHelper::VerifyUseBluetoothPermission(pid, uid); +} + +int AuthCenter::VerifyDiscoverBluetoothPermission(const int &pid, const int &uid) +{ + if (g_permissionAlwaysGrant) { + return PERMISSION_GRANTED; + } + return PermissionHelper::VerifyDiscoverBluetoothPermission(pid, uid); +} + +int AuthCenter::VerifyManageBluetoothPermission(const int &pid, const int &uid) +{ + if (g_permissionAlwaysGrant) { + return PERMISSION_GRANTED; + } + return PermissionHelper::VerifyManageBluetoothPermission(pid, uid); +} +} \ No newline at end of file diff --git a/services/bluetooth_standard/service/src/permission/auth_center.h b/services/bluetooth_standard/service/src/permission/auth_center.h new file mode 100644 index 00000000..c6baa980 --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/auth_center.h @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AUTH_CENTER_H +#define AUTH_CENTER_H +namespace bluetooth { +class AuthCenter { +public: + static AuthCenter &GetInstance(); + + /** + * @Description Verify where the app has the permission to use bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyUseBluetoothPermission(const int &pid, const int &uid); + + /** + * @Description Verify where the app has the permission to discover bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyDiscoverBluetoothPermission(const int &pid, const int &uid); + + /** + * @Description Verify where the app has the permission to manager bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyManageBluetoothPermission(const int &pid, const int &uid); +}; +} +#endif \ No newline at end of file diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.cpp b/services/bluetooth_standard/service/src/permission/permission_helper.cpp new file mode 100644 index 00000000..8d550fd0 --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/permission_helper.cpp @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_helper.h" + +namespace bluetooth { +int PermissionHelper::VerifyPermission(const std::string &permissionName, const int &pid, const int &uid) +{ + auto callerToken = IPCSkeleton::GetCallingTokenID(); + int result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName); + if (result == Security::AccessToken::PermissionState::PERMISSION_GRANTED) { + return PERMISSION_GRANTED; + } else { + return PERMISSION_DENIED; + } +} + +int PermissionHelper::VerifyUseBluetoothPermission(const int &pid, const int &uid) +{ + if (VerifyPermission("ohos.permission.USE_BLUETOOTH", pid, uid) == PERMISSION_DENIED) { + return PERMISSION_DENIED; + } + + return PERMISSION_GRANTED; +} + +int PermissionHelper::VerifyDiscoverBluetoothPermission(const int &pid, const int &uid) +{ + if (VerifyPermission("ohos.permission.DISCOVER_BLUETOOTH", pid, uid) == PERMISSION_DENIED) { + return PERMISSION_DENIED; + } + + return PERMISSION_GRANTED; +} + +int PermissionHelper::VerifyManageBluetoothPermission(const int &pid, const int &uid) +{ + if (VerifyPermission("ohos.permission.MANAGE_BLUETOOTH", pid, uid) == PERMISSION_DENIED) { + return PERMISSION_DENIED; + } + + return PERMISSION_GRANTED; +} +} \ No newline at end of file diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.h b/services/bluetooth_standard/service/src/permission/permission_helper.h new file mode 100644 index 00000000..864a3230 --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/permission_helper.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_HELPER_H +#define PERMISSION_HELPER_H +namespace bluetooth { +class PermissionHelper { +public: + /** + * @Description Verify where the app has the permission to use bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyUseBluetoothPermission(const int &pid, const int &uid); + + /** + * @Description Verify where the app has the permission to discover bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyDiscoverBluetoothPermission(const int &pid, const int &uid); + + /** + * @Description Verify where the app has the permission to manager bluetooth + * + * @param pid the app's process id. + * @param uid the app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyManageBluetoothPermission(const int &pid, const int &uid); +}; +} +#endif \ No newline at end of file diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.cpp b/services/bluetooth_standard/service/src/permission/permission_utils.cpp new file mode 100644 index 00000000..dc8be257 --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/permission_utils.cpp @@ -0,0 +1,38 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "permission_utils.h" +#include "ipc_skeleton.h" +#include "auth_center.h" + +namespace bluetooth { +int PermissionUtils::VerifyUseBluetoothPermission() +{ + return AuthCenter::GetInstance().VerifyUseBluetoothPermission( + IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid()); +} + +int PermissionUtils::VerifyDiscoverBluetoothPermission() +{ + return AuthCenter::GetInstance().VerifyDiscoverBluetoothPermission( + IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid()); +} + +int PermissionUtils::VerifyManageBluetoothPermission() +{ + return AuthCenter::GetInstance().VerifyManageBluetoothPermission( + IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid()); +} +} \ No newline at end of file diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.h b/services/bluetooth_standard/service/src/permission/permission_utils.h new file mode 100644 index 00000000..b9255753 --- /dev/null +++ b/services/bluetooth_standard/service/src/permission/permission_utils.h @@ -0,0 +1,26 @@ +/* + * Copyright (C) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PERMISSION_UTILS_H +#define PERMISSION_UTILS_H +namespace bluetooth { +class PermissionUtils { +public: + static int VerifyUseBluetoothPermission(); + static int VerifyDiscoverBluetoothPermission(); + static int VerifyManageBluetoothPermission(); +}; +} +#endif \ No newline at end of file -- Gitee From ae94cbcf4f4dced53dbdbb3e7482136bf6d98d84 Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Sat, 12 Mar 2022 16:35:40 +0800 Subject: [PATCH 2/7] permission Signed-off-by: wangyanhandsome --- services/bluetooth_standard/service/BUILD.gn | 18 +++++++++++++-- .../service/src/common/adapter_manager.cpp | 11 +++++++++ .../service/src/permission/auth_center.cpp | 6 ++++- .../src/permission/permission_helper.cpp | 7 ++++++ .../src/permission/permission_helper.h | 23 ++++++++++++++----- .../src/permission/permission_utils.cpp | 2 ++ .../service/src/permission/permission_utils.h | 5 ++++ 7 files changed, 63 insertions(+), 9 deletions(-) mode change 100644 => 100755 services/bluetooth_standard/service/BUILD.gn mode change 100644 => 100755 services/bluetooth_standard/service/src/common/adapter_manager.cpp mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/auth_center.cpp mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/permission_helper.cpp mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/permission_helper.h mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/permission_utils.cpp mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/permission_utils.h diff --git a/services/bluetooth_standard/service/BUILD.gn b/services/bluetooth_standard/service/BUILD.gn old mode 100644 new mode 100755 index 6f0b87fc..4405978e --- a/services/bluetooth_standard/service/BUILD.gn +++ b/services/bluetooth_standard/service/BUILD.gn @@ -269,6 +269,12 @@ ServiceHidHostSrc = [ "src/hid_host/hid_host_uhid.cpp", ] +ServicePermissionSrc = [ + "src/permission/auth_center.cpp", + "src/permission/permission_helper.cpp", + "src/permission/permission_utils.cpp" +] + config("btservice_public_config") { include_dirs = [ "include", @@ -283,7 +289,8 @@ config("btservice_config") { "$BT_SERVICE_DIR/src", "$BT_SERVICE_DIR/src/base", "$BT_SERVICE_DIR/src/common", - "$BT_SERVICE_DIR/src/util", + "$BT_SERVICE_DIR/src/common", + "$BT_SERVICE_DIR/src/permission", "$BT_SERVICE_DIR/src/gavdp/a2dp_codec/aaccodecctrl_l2/include", "$BT_SERVICE_DIR/src/gavdp/a2dp_codec/sbccodecctrl/include", ] @@ -339,6 +346,7 @@ ohos_shared_library("btservice") { sources += ServiceTransportSrc sources += ServiceDISrc sources += ServiceHidHostSrc + sources += ServicePermissionSrc deps = [ "$PART_DIR/external:btdummy", @@ -348,7 +356,13 @@ ohos_shared_library("btservice") { "//utils/native/base:utilsecurec_shared", ] - external_deps = [ "hiviewdfx_hilog_native:libhilog" ] + defines = [ "PERMISSION_ALWAYS_GRANT" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "hiviewdfx_hilog_native:libhilog", + "ipc:ipc_core", + ] subsystem_name = "communication" part_name = "bluetooth_standard" diff --git a/services/bluetooth_standard/service/src/common/adapter_manager.cpp b/services/bluetooth_standard/service/src/common/adapter_manager.cpp old mode 100644 new mode 100755 index 70bcb649..40bbb87b --- a/services/bluetooth_standard/service/src/common/adapter_manager.cpp +++ b/services/bluetooth_standard/service/src/common/adapter_manager.cpp @@ -29,6 +29,7 @@ #include "base_def.h" #include "base_observer_list.h" #include "class_creator.h" +#include "permission_utils.h" #include "power_manager.h" #include "profile_config.h" #include "profile_service_manager.h" @@ -325,6 +326,11 @@ bool AdapterManager::Enable(const BTTransport transport) const LOG_DEBUG("%{public}s start transport is %{public}d", __PRETTY_FUNCTION__, transport); std::lock_guard lock(pimpl->syncMutex_); + if (PermissionUtils::VerifyDiscoverBluetoothPermission() == PERMISSION_DENIED) { + LOG_ERROR("Enable() false, check permission failed"); + return false; + } + if (GetSysState() != SYS_STATE_STARTED) { LOG_ERROR("AdapterManager system is stoped"); return false; @@ -353,6 +359,11 @@ bool AdapterManager::Disable(const BTTransport transport) const LOG_DEBUG("%{public}s start transport is %{public}d", __PRETTY_FUNCTION__, transport); std::lock_guard lock(pimpl->syncMutex_); + if (PermissionUtils::VerifyDiscoverBluetoothPermission() == PERMISSION_DENIED) { + LOG_ERROR("Disable() false, check permission failed"); + return false; + } + if (pimpl->adapters_[transport] == nullptr) { LOG_INFO("%{public}s BTTransport not register", __PRETTY_FUNCTION__); return false; diff --git a/services/bluetooth_standard/service/src/permission/auth_center.cpp b/services/bluetooth_standard/service/src/permission/auth_center.cpp old mode 100644 new mode 100755 index ed510acf..3a79992f --- a/services/bluetooth_standard/service/src/permission/auth_center.cpp +++ b/services/bluetooth_standard/service/src/permission/auth_center.cpp @@ -13,9 +13,11 @@ * limitations under the License. */ #include "auth_center.h" -#include +#include +#include "accesstoken_kit.h" #include "permission_helper.h" + namespace bluetooth { #ifdef PERMISSION_ALWAYS_GRANT bool g_permissionAlwaysGrant = true; @@ -23,6 +25,8 @@ bool g_permissionAlwaysGrant = true; bool g_permissionAlwaysGrant = false; #endif +using namespace OHOS::Security::AccessToken; + AuthCenter &AuthCenter::GetInstance() { static AuthCenter authCenter; diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.cpp b/services/bluetooth_standard/service/src/permission/permission_helper.cpp old mode 100644 new mode 100755 index 8d550fd0..3153898e --- a/services/bluetooth_standard/service/src/permission/permission_helper.cpp +++ b/services/bluetooth_standard/service/src/permission/permission_helper.cpp @@ -14,8 +14,14 @@ */ #include "permission_helper.h" +#include "accesstoken_kit.h" +#include "ipc_skeleton.h" +#include "log.h" namespace bluetooth { +using namespace OHOS; +using namespace Security::AccessToken; + int PermissionHelper::VerifyPermission(const std::string &permissionName, const int &pid, const int &uid) { auto callerToken = IPCSkeleton::GetCallingTokenID(); @@ -23,6 +29,7 @@ int PermissionHelper::VerifyPermission(const std::string &permissionName, const if (result == Security::AccessToken::PermissionState::PERMISSION_GRANTED) { return PERMISSION_GRANTED; } else { + LOG_INFO("callerToken=0x%{public}x has no permission_name=%{public}s", pid, permissionName.c_str()); return PERMISSION_DENIED; } } diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.h b/services/bluetooth_standard/service/src/permission/permission_helper.h old mode 100644 new mode 100755 index 864a3230..2aea7a99 --- a/services/bluetooth_standard/service/src/permission/permission_helper.h +++ b/services/bluetooth_standard/service/src/permission/permission_helper.h @@ -15,14 +15,25 @@ #ifndef PERMISSION_HELPER_H #define PERMISSION_HELPER_H +#include + namespace bluetooth { class PermissionHelper { public: + /** + * @Description Verify where the app has the permission. + * + * @param permissionName Permission name. + * @param pid The app's process id. + * @param uid The app id. + * @return int PERMISSION_DENIED or PERMISSION_GRANTED + */ + static int VerifyPermission(const std::string &permissionName, const int &pid, const int &uid); /** * @Description Verify where the app has the permission to use bluetooth * - * @param pid the app's process id. - * @param uid the app id. + * @param pid The app's process id. + * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED */ static int VerifyUseBluetoothPermission(const int &pid, const int &uid); @@ -30,8 +41,8 @@ public: /** * @Description Verify where the app has the permission to discover bluetooth * - * @param pid the app's process id. - * @param uid the app id. + * @param pid The app's process id. + * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED */ static int VerifyDiscoverBluetoothPermission(const int &pid, const int &uid); @@ -39,8 +50,8 @@ public: /** * @Description Verify where the app has the permission to manager bluetooth * - * @param pid the app's process id. - * @param uid the app id. + * @param pid The app's process id. + * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED */ static int VerifyManageBluetoothPermission(const int &pid, const int &uid); diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.cpp b/services/bluetooth_standard/service/src/permission/permission_utils.cpp old mode 100644 new mode 100755 index dc8be257..bda96658 --- a/services/bluetooth_standard/service/src/permission/permission_utils.cpp +++ b/services/bluetooth_standard/service/src/permission/permission_utils.cpp @@ -18,6 +18,8 @@ #include "auth_center.h" namespace bluetooth { +using namespace OHOS; + int PermissionUtils::VerifyUseBluetoothPermission() { return AuthCenter::GetInstance().VerifyUseBluetoothPermission( diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.h b/services/bluetooth_standard/service/src/permission/permission_utils.h old mode 100644 new mode 100755 index b9255753..a5cf5195 --- a/services/bluetooth_standard/service/src/permission/permission_utils.h +++ b/services/bluetooth_standard/service/src/permission/permission_utils.h @@ -15,7 +15,12 @@ #ifndef PERMISSION_UTILS_H #define PERMISSION_UTILS_H + +#include "accesstoken_kit.h" + namespace bluetooth { +using namespace OHOS::Security::AccessToken; + class PermissionUtils { public: static int VerifyUseBluetoothPermission(); -- Gitee From f707e4cf9ba23fe80a1fd025e79934f86a59c448 Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Sat, 12 Mar 2022 17:29:58 +0800 Subject: [PATCH 3/7] permission Signed-off-by: wangyanhandsome --- services/bluetooth_standard/service/BUILD.gn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/bluetooth_standard/service/BUILD.gn b/services/bluetooth_standard/service/BUILD.gn index 4405978e..68bef287 100755 --- a/services/bluetooth_standard/service/BUILD.gn +++ b/services/bluetooth_standard/service/BUILD.gn @@ -289,8 +289,8 @@ config("btservice_config") { "$BT_SERVICE_DIR/src", "$BT_SERVICE_DIR/src/base", "$BT_SERVICE_DIR/src/common", - "$BT_SERVICE_DIR/src/common", "$BT_SERVICE_DIR/src/permission", + "$BT_SERVICE_DIR/src/util", "$BT_SERVICE_DIR/src/gavdp/a2dp_codec/aaccodecctrl_l2/include", "$BT_SERVICE_DIR/src/gavdp/a2dp_codec/sbccodecctrl/include", ] -- Gitee From 09d1623d5e71c0d5cc112fdccd6b492e66c093be Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Sat, 12 Mar 2022 17:36:45 +0800 Subject: [PATCH 4/7] permission Signed-off-by: wangyanhandsome --- .../bluetooth_standard/service/src/permission/auth_center.cpp | 2 +- .../bluetooth_standard/service/src/permission/auth_center.h | 2 +- .../service/src/permission/permission_helper.cpp | 2 +- .../service/src/permission/permission_helper.h | 2 +- .../service/src/permission/permission_utils.cpp | 2 +- .../service/src/permission/permission_utils.h | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) mode change 100644 => 100755 services/bluetooth_standard/service/src/permission/auth_center.h diff --git a/services/bluetooth_standard/service/src/permission/auth_center.cpp b/services/bluetooth_standard/service/src/permission/auth_center.cpp index 3a79992f..2d9fda86 100755 --- a/services/bluetooth_standard/service/src/permission/auth_center.cpp +++ b/services/bluetooth_standard/service/src/permission/auth_center.cpp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/services/bluetooth_standard/service/src/permission/auth_center.h b/services/bluetooth_standard/service/src/permission/auth_center.h old mode 100644 new mode 100755 index c6baa980..6d3a1fbb --- a/services/bluetooth_standard/service/src/permission/auth_center.h +++ b/services/bluetooth_standard/service/src/permission/auth_center.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.cpp b/services/bluetooth_standard/service/src/permission/permission_helper.cpp index 3153898e..fad85f87 100755 --- a/services/bluetooth_standard/service/src/permission/permission_helper.cpp +++ b/services/bluetooth_standard/service/src/permission/permission_helper.cpp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.h b/services/bluetooth_standard/service/src/permission/permission_helper.h index 2aea7a99..31860544 100755 --- a/services/bluetooth_standard/service/src/permission/permission_helper.h +++ b/services/bluetooth_standard/service/src/permission/permission_helper.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.cpp b/services/bluetooth_standard/service/src/permission/permission_utils.cpp index bda96658..88242a0e 100755 --- a/services/bluetooth_standard/service/src/permission/permission_utils.cpp +++ b/services/bluetooth_standard/service/src/permission/permission_utils.cpp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/services/bluetooth_standard/service/src/permission/permission_utils.h b/services/bluetooth_standard/service/src/permission/permission_utils.h index a5cf5195..7d7cd17a 100755 --- a/services/bluetooth_standard/service/src/permission/permission_utils.h +++ b/services/bluetooth_standard/service/src/permission/permission_utils.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 Huawei Device Co., Ltd. + * Copyright (C) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at -- Gitee From ca2ae724df72d745861305dd8af9d24570e7346f Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Mon, 14 Mar 2022 10:07:26 +0800 Subject: [PATCH 5/7] permission Signed-off-by: wangyanhandsome --- .../service/src/permission/permission_helper.cpp | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.cpp b/services/bluetooth_standard/service/src/permission/permission_helper.cpp index fad85f87..46374ef6 100755 --- a/services/bluetooth_standard/service/src/permission/permission_helper.cpp +++ b/services/bluetooth_standard/service/src/permission/permission_helper.cpp @@ -25,7 +25,16 @@ using namespace Security::AccessToken; int PermissionHelper::VerifyPermission(const std::string &permissionName, const int &pid, const int &uid) { auto callerToken = IPCSkeleton::GetCallingTokenID(); - int result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName); + int result; + + if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_NATIVE) { + result = Security::AccessToken::AccessTokenKit::VerifyNativeToken(callerToken, permissionName); + } else if (Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(callerToken) == TOKEN_HAP) { + result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(callerToken, permissionName); + } else { + LOG_INFO("callerToken=0x%{public}x is invalid token", pid); + return PERMISSION_DENIED; + } if (result == Security::AccessToken::PermissionState::PERMISSION_GRANTED) { return PERMISSION_GRANTED; } else { -- Gitee From d47558b823c50c8529088f46494de21956d794b5 Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Mon, 14 Mar 2022 11:02:00 +0800 Subject: [PATCH 6/7] permission Signed-off-by: wangyanhandsome --- services/bluetooth_standard/service/BUILD.gn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/bluetooth_standard/service/BUILD.gn b/services/bluetooth_standard/service/BUILD.gn index 68bef287..ff7b6aaf 100755 --- a/services/bluetooth_standard/service/BUILD.gn +++ b/services/bluetooth_standard/service/BUILD.gn @@ -272,7 +272,7 @@ ServiceHidHostSrc = [ ServicePermissionSrc = [ "src/permission/auth_center.cpp", "src/permission/permission_helper.cpp", - "src/permission/permission_utils.cpp" + "src/permission/permission_utils.cpp", ] config("btservice_public_config") { -- Gitee From 604212b5d47473adf66c4b519eb9fc5c1c9446df Mon Sep 17 00:00:00 2001 From: wangyanhandsome Date: Mon, 14 Mar 2022 14:30:04 +0800 Subject: [PATCH 7/7] permission Signed-off-by: wangyanhandsome --- .../service/src/permission/auth_center.cpp | 2 +- .../service/src/permission/auth_center.h | 6 +++--- .../service/src/permission/permission_helper.h | 7 ++++--- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/services/bluetooth_standard/service/src/permission/auth_center.cpp b/services/bluetooth_standard/service/src/permission/auth_center.cpp index 2d9fda86..8f3017e9 100755 --- a/services/bluetooth_standard/service/src/permission/auth_center.cpp +++ b/services/bluetooth_standard/service/src/permission/auth_center.cpp @@ -13,7 +13,7 @@ * limitations under the License. */ #include "auth_center.h" -#include +#include "stdbool.h" #include "accesstoken_kit.h" #include "permission_helper.h" diff --git a/services/bluetooth_standard/service/src/permission/auth_center.h b/services/bluetooth_standard/service/src/permission/auth_center.h index 6d3a1fbb..cb14ded9 100755 --- a/services/bluetooth_standard/service/src/permission/auth_center.h +++ b/services/bluetooth_standard/service/src/permission/auth_center.h @@ -22,7 +22,7 @@ public: /** * @Description Verify where the app has the permission to use bluetooth - * + * * @param pid the app's process id. * @param uid the app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED @@ -31,7 +31,7 @@ public: /** * @Description Verify where the app has the permission to discover bluetooth - * + * * @param pid the app's process id. * @param uid the app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED @@ -40,7 +40,7 @@ public: /** * @Description Verify where the app has the permission to manager bluetooth - * + * * @param pid the app's process id. * @param uid the app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED diff --git a/services/bluetooth_standard/service/src/permission/permission_helper.h b/services/bluetooth_standard/service/src/permission/permission_helper.h index 31860544..7f6f5372 100755 --- a/services/bluetooth_standard/service/src/permission/permission_helper.h +++ b/services/bluetooth_standard/service/src/permission/permission_helper.h @@ -29,9 +29,10 @@ public: * @return int PERMISSION_DENIED or PERMISSION_GRANTED */ static int VerifyPermission(const std::string &permissionName, const int &pid, const int &uid); + /** * @Description Verify where the app has the permission to use bluetooth - * + * * @param pid The app's process id. * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED @@ -40,7 +41,7 @@ public: /** * @Description Verify where the app has the permission to discover bluetooth - * + * * @param pid The app's process id. * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED @@ -49,7 +50,7 @@ public: /** * @Description Verify where the app has the permission to manager bluetooth - * + * * @param pid The app's process id. * @param uid The app id. * @return int PERMISSION_DENIED or PERMISSION_GRANTED -- Gitee