From a6de10e7e21ecd9fe8c90a575a1b12135e65a6a0 Mon Sep 17 00:00:00 2001 From: zhai-peizhe Date: Sat, 13 Sep 2025 17:26:27 +0800 Subject: [PATCH] =?UTF-8?q?obs=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C?= =?UTF-8?q?=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhai-peizhe Change-Id: I8235150281b6f427d7e2240a3292786fce0d73fa --- .../src/data_share_called_config.cpp | 159 +++++++++--------- .../permission/src/data_share_permission.cpp | 19 ++- .../provider/src/js_datashare_ext_ability.cpp | 21 ++- .../include/data_share_permission.h | 114 ++++++------- 4 files changed, 158 insertions(+), 155 deletions(-) diff --git a/frameworks/native/permission/src/data_share_called_config.cpp b/frameworks/native/permission/src/data_share_called_config.cpp index b6b4e273..1c8d2ed9 100644 --- a/frameworks/native/permission/src/data_share_called_config.cpp +++ b/frameworks/native/permission/src/data_share_called_config.cpp @@ -25,11 +25,11 @@ #include "datashare_errno.h" #include "datashare_log.h" #include "datashare_string_utils.h" -#include "data_share_permission.h" -#include "hiview_datashare.h" +#include "data_share_permission.h" +#include "hiview_datashare.h" #include "if_system_ability_manager.h" #include "iservice_registry.h" -#include "ipc_skeleton.h" +#include "ipc_skeleton.h" #include "system_ability_definition.h" namespace OHOS::DataShare { @@ -38,23 +38,23 @@ using namespace OHOS::Security::AccessToken; DataShareCalledConfig::DataShareCalledConfig(const std::string &uri) { providerInfo_.uri = uri; - Uri uriTemp(providerInfo_.uri); - providerInfo_.schema = uriTemp.GetScheme(); - auto isProxyData = PROXY_URI_SCHEMA == providerInfo_.schema; - std::string bundleName = uriTemp.GetAuthority(); - if (!isProxyData) { - std::vector pathSegments; - uriTemp.GetPathSegments(pathSegments); - if (pathSegments.size() != 0) { - bundleName = pathSegments[0]; - } - } - providerInfo_.bundleName = bundleName; -} - -std::string DataShareCalledConfig::BundleName() -{ - return providerInfo_.bundleName; + Uri uriTemp(providerInfo_.uri); + providerInfo_.schema = uriTemp.GetScheme(); + auto isProxyData = PROXY_URI_SCHEMA == providerInfo_.schema; + std::string bundleName = uriTemp.GetAuthority(); + if (!isProxyData) { + std::vector pathSegments; + uriTemp.GetPathSegments(pathSegments); + if (pathSegments.size() != 0) { + bundleName = pathSegments[0]; + } + } + providerInfo_.bundleName = bundleName; +} + +std::string DataShareCalledConfig::BundleName() +{ + return providerInfo_.bundleName; } int32_t DataShareCalledConfig::GetUserByToken(uint32_t tokenId) @@ -66,8 +66,8 @@ int32_t DataShareCalledConfig::GetUserByToken(uint32_t tokenId) HapTokenInfo tokenInfo; auto result = AccessTokenKit::GetHapTokenInfo(tokenId, tokenInfo); if (result != RET_SUCCESS) { - LOG_ERROR("Get user failed!token:0x%{public}x, result:%{public}d", - tokenId, result); + LOG_ERROR("Get user failed!token:0x%{public}x, result:%{public}d", + tokenId, result); return -1; } return tokenInfo.userID; @@ -75,7 +75,7 @@ int32_t DataShareCalledConfig::GetUserByToken(uint32_t tokenId) int DataShareCalledConfig::GetFromProxyData() { - auto [success, bundleInfo] = GetBundleInfoFromBMS(providerInfo_.bundleName, providerInfo_.currentUserId); + auto [success, bundleInfo] = GetBundleInfoFromBMS(providerInfo_.bundleName, providerInfo_.currentUserId); if (!success) { LOG_ERROR("Get bundleInfo failed! bundleName:%{public}s, userId:%{public}d, uri:%{public}s", providerInfo_.bundleName.c_str(), providerInfo_.currentUserId, @@ -84,18 +84,11 @@ int DataShareCalledConfig::GetFromProxyData() } std::string uriWithoutQuery = providerInfo_.uri; DataShareStringUtils::RemoveFromQuery(uriWithoutQuery); - size_t schemePos = uriWithoutQuery.find(Constants::PARAM_URI_SEPARATOR); - if (schemePos != uriWithoutQuery.npos) { - uriWithoutQuery.replace(schemePos, Constants::PARAM_URI_SEPARATOR_LEN, Constants::URI_SEPARATOR); - } - schemePos = uriWithoutQuery.find(EXT_URI_SCHEMA_SEPARATOR); - if (schemePos != uriWithoutQuery.npos) { - uriWithoutQuery.replace(schemePos, strlen(EXT_URI_SCHEMA_SEPARATOR), PROXY_URI_SCHEMA_SEPARATOR); - } + for (auto &hapModuleInfo : bundleInfo.hapModuleInfos) { for (auto &data : hapModuleInfo.proxyDatas) { - if (data.uri.length() > uriWithoutQuery.length() || - uriWithoutQuery.compare(0, data.uri.length(), data.uri) != 0) { + if (data.uri.length() > uriWithoutQuery.length() || + uriWithoutQuery.compare(0, data.uri.length(), data.uri) != 0) { continue; } providerInfo_.readPermission = std::move(data.requiredReadPermission); @@ -104,78 +97,78 @@ int DataShareCalledConfig::GetFromProxyData() return E_OK; } } - LOG_ERROR("E_URI_NOT_EXIST uriWithoutQuery %{public}s", uriWithoutQuery.c_str()); + LOG_ERROR("E_URI_NOT_EXIST uriWithoutQuery %{public}s", uriWithoutQuery.c_str()); return E_URI_NOT_EXIST; } -std::pair DataShareCalledConfig::GetProviderInfo(int32_t user) +std::pair DataShareCalledConfig::GetProviderInfo(int32_t user) { - if (providerInfo_.bundleName.empty()) { - LOG_ERROR("BundleName not exist!, user:%{public}d, uri:%{public}s", - user, DataShareStringUtils::Anonymous(providerInfo_.uri).c_str()); + if (providerInfo_.bundleName.empty()) { + LOG_ERROR("BundleName not exist!, user:%{public}d, uri:%{public}s", + user, DataShareStringUtils::Anonymous(providerInfo_.uri).c_str()); return std::make_pair(E_BUNDLE_NAME_NOT_EXIST, DataShareCalledConfig::ProviderInfo{}); } - providerInfo_.currentUserId = user; + providerInfo_.currentUserId = user; auto ret = GetFromProxyData(); if (ret != E_OK) { - LOG_ERROR("GetFromProxyData Failed! ret:%{public}d,user:%{public}d,uri:%{public}s", - ret, user, providerInfo_.uri.c_str()); + LOG_ERROR("GetFromProxyData Failed! ret:%{public}d,user:%{public}d,uri:%{public}s", + ret, user, providerInfo_.uri.c_str()); } return std::make_pair(ret, providerInfo_); } -std::pair DataShareCalledConfig::GetBundleInfoFromBMS(std::string bundleName, int32_t user) +std::pair DataShareCalledConfig::GetBundleInfoFromBMS(std::string bundleName, int32_t user) { BundleInfo bundleInfo; auto bmsHelper = DelayedSingleton::GetInstance(); if (bmsHelper == nullptr) { LOG_ERROR("BmsHelper is nullptr!.uri: %{public}s", - DataShareStringUtils::Anonymous(bundleName).c_str()); + DataShareStringUtils::Anonymous(bundleName).c_str()); return std::make_pair(false, bundleInfo); } - - if (user == 0) { - user = Constants::ANY_USERID; - } - // because BMS and obs are in the same process. - // set IPCSkeleton tokenid to this process's tokenid. - // otherwise BMS may check permission failed. - std::string identity = IPCSkeleton::ResetCallingIdentity(); - bool ret = bmsHelper->GetBundleInfo(bundleName, - BundleFlag::GET_BUNDLE_WITH_EXTENSION_INFO, bundleInfo, user); - IPCSkeleton::SetCallingIdentity(identity); + + if (user == 0) { + user = Constants::ANY_USERID; + } + // because BMS and obs are in the same process. + // set IPCSkeleton tokenid to this process's tokenid. + // otherwise BMS may check permission failed. + std::string identity = IPCSkeleton::ResetCallingIdentity(); + bool ret = bmsHelper->GetBundleInfo(bundleName, + BundleFlag::GET_BUNDLE_WITH_EXTENSION_INFO, bundleInfo, user); + IPCSkeleton::SetCallingIdentity(identity); if (!ret) { - LOG_ERROR("Get BundleInfo failed! bundleName:%{public}s, userId:%{public}d", - bundleName.c_str(), user); + LOG_ERROR("Get BundleInfo failed! bundleName:%{public}s, userId:%{public}d", + bundleName.c_str(), user); return std::make_pair(false, bundleInfo); } return std::make_pair(true, bundleInfo); } - -std::pair DataShareCalledConfig::GetExtensionInfoFromBMS(std::string &uri, int32_t user) -{ - ExtensionAbilityInfo info; - auto bmsHelper = DelayedSingleton::GetInstance(); - if (bmsHelper == nullptr) { - LOG_ERROR("BmsHelper is nullptr!.uri: %{public}s", - DataShareStringUtils::Anonymous(uri).c_str()); - return std::make_pair(false, info); - } - - if (user == 0) { - user = Constants::ANY_USERID; - } - // because BMS and obs are in the same process. - // set IPCSkeleton tokenid to this process's tokenid. - // otherwise BMS may check permission failed. - std::string identity = IPCSkeleton::ResetCallingIdentity(); - bool ret = bmsHelper->QueryExtensionAbilityInfoByUri(uri, user, info); - IPCSkeleton::SetCallingIdentity(identity); - if (!ret) { - LOG_ERROR("QueryExtensionAbilityInfoByUri failed! uri:%{public}s, userId:%{public}d", - uri.c_str(), user); - return std::make_pair(false, info); - } - return std::make_pair(true, info); -} + +std::pair DataShareCalledConfig::GetExtensionInfoFromBMS(std::string &uri, int32_t user) +{ + ExtensionAbilityInfo info; + auto bmsHelper = DelayedSingleton::GetInstance(); + if (bmsHelper == nullptr) { + LOG_ERROR("BmsHelper is nullptr!.uri: %{public}s", + DataShareStringUtils::Anonymous(uri).c_str()); + return std::make_pair(false, info); + } + + if (user == 0) { + user = Constants::ANY_USERID; + } + // because BMS and obs are in the same process. + // set IPCSkeleton tokenid to this process's tokenid. + // otherwise BMS may check permission failed. + std::string identity = IPCSkeleton::ResetCallingIdentity(); + bool ret = bmsHelper->QueryExtensionAbilityInfoByUri(uri, user, info); + IPCSkeleton::SetCallingIdentity(identity); + if (!ret) { + LOG_ERROR("QueryExtensionAbilityInfoByUri failed! uri:%{public}s, userId:%{public}d", + uri.c_str(), user); + return std::make_pair(false, info); + } + return std::make_pair(true, info); +} } // namespace OHOS::DataShare diff --git a/frameworks/native/permission/src/data_share_permission.cpp b/frameworks/native/permission/src/data_share_permission.cpp index 3c951b93..a75cd25c 100644 --- a/frameworks/native/permission/src/data_share_permission.cpp +++ b/frameworks/native/permission/src/data_share_permission.cpp @@ -217,7 +217,7 @@ std::pair DataSharePermission::GetExtensionUriPermission(Uri & return std::make_pair(E_OK, permission); } -std::pair DataSharePermission::GetUriPermission(Uri &uri, int32_t user, bool isRead, bool isExtension) +std::pair DataSharePermission::GetUriPermission(Uri &uri, int32_t user, bool isRead, bool &isSilent) { std::string uriStr = uri.ToString(); if (uriStr.empty()) { @@ -233,12 +233,17 @@ std::pair DataSharePermission::GetUriPermission(Uri &uri, int3 std::string uriWithoutQuery = uriStr; DataShareStringUtils::RemoveFromQuery(uriWithoutQuery); Uri formatUri(uriWithoutQuery); - if (isExtension) { - std::tie(ret, permission) = GetExtensionUriPermission(formatUri, user, isRead); - } else { + std::string schema = uri.GetScheme(); + if (schema == SCHEMA_DATASHARE_PROXY) { std::tie(ret, permission) = GetSilentUriPermission(formatUri, user, isRead); + if (ret == E_OK) { + isSilent = true; + return std::make_pair(E_OK, permission); + } } + std::tie(ret, permission) = GetExtensionUriPermission(formatUri, user, isRead); if (ret == E_OK) { + isSilent = false; return std::make_pair(E_OK, permission); } return std::make_pair(ret, ""); @@ -321,7 +326,7 @@ bool DataSharePermission::VerifyPermission(uint32_t tokenID, std::string &permis return true; } -bool DataSharePermission::VerifyPermission(Uri &uri, uint32_t tokenID, std::string &permission, bool isExtension) +bool DataSharePermission::VerifyPermission(Uri &uri, uint32_t tokenID, std::string &permission, bool isSilentUri) { if (permission == NO_PERMISSION) { return true; @@ -335,11 +340,11 @@ bool DataSharePermission::VerifyPermission(Uri &uri, uint32_t tokenID, std::stri if (ret != E_OK) { LOG_WARN("GetCallingName failed, ret %{public}d", ret); } - if (permission.empty() && isExtension) { + if (permission.empty() && !isSilentUri) { return true; } - if (permission.empty() && !isExtension) { + if (permission.empty() && isSilentUri) { LOG_INFO("Permission empty! token: %{public}d", tokenID); Security::AccessToken::HapTokenInfo tokenInfo; auto result = Security::AccessToken::AccessTokenKit::GetHapTokenInfo(tokenID, tokenInfo); diff --git a/frameworks/native/provider/src/js_datashare_ext_ability.cpp b/frameworks/native/provider/src/js_datashare_ext_ability.cpp index 1c930db8..6481a3bb 100644 --- a/frameworks/native/provider/src/js_datashare_ext_ability.cpp +++ b/frameworks/native/provider/src/js_datashare_ext_ability.cpp @@ -25,7 +25,7 @@ #include "datashare_stub_impl.h" #include "ikvstore_data_service.h" #include "idata_share_service.h" -#include "ipc_skeleton.h" +#include "ipc_skeleton.h" #include "iservice_registry.h" #include "js_datashare_ext_ability_context.h" #include "js_proxy.h" @@ -826,11 +826,12 @@ bool JsDataShareExtAbility::RegisterObserver(const Uri &uri, const sptrRegisterObserverFromExtension(innerUri, dataObserver, callingUserId); + uint32_t token = IPCSkeleton::GetCallingTokenID(); + DataObsOption opt; + opt.SetFirstCallerTokenID(token); + opt.SetFirstCallerPid(IPCSkeleton::GetCallingPid()); + Uri innerUri = uri; + ErrCode ret = obsMgrClient->RegisterObserverFromExtension(innerUri, dataObserver, callingUserId, opt); if (ret != ERR_OK) { LOG_ERROR("obsMgrClient->RegisterObserver error return %{public}d", ret); return false; @@ -880,8 +881,12 @@ bool JsDataShareExtAbility::NotifyChangeWithUser(const Uri &uri, int32_t userId) LOG_ERROR("obsMgrClient is nullptr"); return false; } - Uri innerUri = uri; - ErrCode ret = obsMgrClient->NotifyChangeFromExtension(innerUri, userId); + uint32_t token = IPCSkeleton::GetCallingTokenID(); + DataObsOption opt; + opt.SetFirstCallerTokenID(token); + opt.SetFirstCallerPid(IPCSkeleton::GetCallingPid()); + Uri innerUri = uri; + ErrCode ret = obsMgrClient->NotifyChangeFromExtension(innerUri, userId, opt); if (ret != ERR_OK) { LOG_ERROR("obsMgrClient->NotifyChange error return %{public}d", ret); return false; diff --git a/interfaces/inner_api/permission/include/data_share_permission.h b/interfaces/inner_api/permission/include/data_share_permission.h index 66282185..5ad99652 100644 --- a/interfaces/inner_api/permission/include/data_share_permission.h +++ b/interfaces/inner_api/permission/include/data_share_permission.h @@ -20,14 +20,14 @@ #include "access_token.h" #include "accesstoken_kit.h" -#include "concurrent_map.h" -#include "common_event_manager.h" -#include "common_event_support.h" +#include "concurrent_map.h" +#include "common_event_manager.h" +#include "common_event_support.h" #include "uri.h" namespace OHOS { namespace DataShare { -class DataSharePermission : public std::enable_shared_from_this { +class DataSharePermission : public std::enable_shared_from_this { using Uri = OHOS::Uri; public: DataSharePermission() = default; @@ -43,9 +43,9 @@ public: */ static int VerifyPermission(Security::AccessToken::AccessTokenID tokenId, const Uri &uri, bool isRead); - void SubscribeCommonEvent(); - - std::pair GetExtensionUriPermission(Uri &uri, + void SubscribeCommonEvent(); + + std::pair GetExtensionUriPermission(Uri &uri, int32_t user, bool isRead); static int CheckExtensionTrusts(uint32_t consumerToken, uint32_t providerToken); @@ -55,60 +55,60 @@ public: static bool VerifyPermission(uint32_t tokenId, std::string &permission); - static bool VerifyPermission(Uri &uri, uint32_t tokenId, std::string &permission, bool isExtension); + static bool VerifyPermission(Uri &uri, uint32_t tokenId, std::string &permission, bool isSilentUri); - std::pair GetSilentUriPermission(Uri &uri, int32_t user, bool isRead); + std::pair GetSilentUriPermission(Uri &uri, int32_t user, bool isRead); static int32_t UriIsTrust(Uri &uri); - std::pair GetUriPermission(Uri &uri, int32_t user, bool isRead, bool isExtension); + std::pair GetUriPermission(Uri &uri, int32_t user, bool isRead, bool &isSilent); static int32_t IsExtensionValid(uint32_t tokenId, uint32_t fullToken, int32_t user); - - void DeleteCache(std::string bundleName); + + void DeleteCache(std::string bundleName); private: - class SysEventSubscriber : public EventFwk::CommonEventSubscriber { - public: - using SysEventCallback = void (SysEventSubscriber::*)(const std::string &bundleName); - explicit SysEventSubscriber(const EventFwk::CommonEventSubscribeInfo &info, - std::weak_ptr permission); - ~SysEventSubscriber() = default; - void OnReceiveEvent(const EventFwk::CommonEventData& event) override; - void OnUpdate(const std::string &bundleName); - void OnUninstall(const std::string &bundleName); - - private: - std::weak_ptr permission_; - std::map callbacks_; - static constexpr const char *USER_ID = "userId"; - }; - - static constexpr int32_t CACHE_SIZE = 32; - struct Permission { - std::string bundleName; - std::string readPermission; - std::string writePermission; - }; - - struct UriKey { - std::string uri; - int32_t userId; - - UriKey(std::string &uri, int32_t userId):uri(uri), userId(userId) {} - - bool operator<(const UriKey &other) const - { - if (uri < other.uri) { - return true; - } - if (userId < other.userId) { - return true; - } - return false; - } - }; - + class SysEventSubscriber : public EventFwk::CommonEventSubscriber { + public: + using SysEventCallback = void (SysEventSubscriber::*)(const std::string &bundleName); + explicit SysEventSubscriber(const EventFwk::CommonEventSubscribeInfo &info, + std::weak_ptr permission); + ~SysEventSubscriber() = default; + void OnReceiveEvent(const EventFwk::CommonEventData& event) override; + void OnUpdate(const std::string &bundleName); + void OnUninstall(const std::string &bundleName); + + private: + std::weak_ptr permission_; + std::map callbacks_; + static constexpr const char *USER_ID = "userId"; + }; + + static constexpr int32_t CACHE_SIZE = 32; + struct Permission { + std::string bundleName; + std::string readPermission; + std::string writePermission; + }; + + struct UriKey { + std::string uri; + int32_t userId; + + UriKey(std::string &uri, int32_t userId):uri(uri), userId(userId) {} + + bool operator<(const UriKey &other) const + { + if (uri < other.uri) { + return true; + } + if (userId < other.userId) { + return true; + } + return false; + } + }; + static constexpr const char *SCHEMA_DATASHARE = "datashare"; static constexpr const char *SCHEMA_DATASHARE_PROXY = "datashareproxy"; static constexpr const char *SCHEMA_PREFERENCE = "sharepreferences"; @@ -119,10 +119,10 @@ private: static int VerifyDataObsPermissionInner(Security::AccessToken::AccessTokenID tokenID, Uri &uri, bool isRead, bool &isTrust); - - std::shared_ptr subscriber_ = nullptr; - ConcurrentMap extensionCache_; - ConcurrentMap silentCache_; + + std::shared_ptr subscriber_ = nullptr; + ConcurrentMap extensionCache_; + ConcurrentMap silentCache_; }; } // namespace DataShare } // namespace OHOS -- Gitee