js-apis-privacyManager.md 29.2 KB
Newer Older
A
Annie_wang 已提交
1
# @ohos.privacyManager (Privacy Management)
A
Annie_wang 已提交
2

A
Annie_wang 已提交
3
The **privacyManager** module provides APIs for privacy management, such as management of permission usage records.
A
Annie_wang 已提交
4 5

> **NOTE**
A
Annie_wang 已提交
6 7 8
>
> - The initial APIs of this module are supported since API version 9. Newly added APIs will be marked with a superscript to indicate their earliest API version.
> - The APIs provided by this module are system APIs.
A
Annie_wang 已提交
9 10 11 12 13 14 15 16 17 18

## Modules to Import

```js
import privacyManager from '@ohos.privacyManager';
```


## privacyManager.addPermissionUsedRecord

A
Annie_wang 已提交
19
addPermissionUsedRecord(tokenID: number, permissionName: Permissions, successCount: number, failCount: number): Promise<void>
A
Annie_wang 已提交
20 21

Adds a permission usage record when an application protected by the permission is called by another service or application. This API uses a promise to return the result.
A
Annie_wang 已提交
22
The permission usage record includes the application identity (token ID) of the invoker, name of the permission used, and number of successful and failed accesses to the target application.
A
Annie_wang 已提交
23 24 25 26 27 28 29 30 31

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name  | Type                | Mandatory| Description                                      |
| -------- | -------------------  | ---- | ------------------------------------------ |
A
Annie_wang 已提交
32 33
| tokenID   |  number   | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).             |
| permissionName | Permissions | Yes  | Name of the permission.|
A
Annie_wang 已提交
34 35 36 37 38 39 40
| successCount | number | Yes  | Number of successful accesses.|
| failCount | number | Yes  | Number of failed accesses.|

**Return value**

| Type         | Description                               |
| :------------ | :---------------------------------- |
A
Annie_wang 已提交
41
| Promise<void> | Promise that returns no value.|
A
Annie_wang 已提交
42

A
Annie_wang 已提交
43 44 45
**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
46

A
Annie_wang 已提交
47 48
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
49
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, or the count value is invalid. |
A
Annie_wang 已提交
50 51
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
52 53
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
54

A
Annie_wang 已提交
55 56 57
**Example**

```js
A
Annie_wang 已提交
58 59 60 61 62 63 64 65 66 67 68 69
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
    privacyManager.addPermissionUsedRecord(tokenID, "ohos.permission.PERMISSION_USED_STATS", 1, 0).then(() => {
        console.log('addPermissionUsedRecord success');
    }).catch((err) => {
        console.log(`addPermissionUsedRecord fail, err->${JSON.stringify(err)}`);
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
A
Annie_wang 已提交
70 71 72 73
```

## privacyManager.addPermissionUsedRecord

A
Annie_wang 已提交
74
addPermissionUsedRecord(tokenID: number, permissionName: Permissions, successCount: number, failCount: number, callback: AsyncCallback<void>): void
A
Annie_wang 已提交
75 76

Adds a permission usage record when an application protected by the permission is called by another service or application. This API uses an asynchronous callback to return the result.
A
Annie_wang 已提交
77
The permission usage record includes the application identity (token ID) of the invoker, name of the permission used, and number of successful and failed accesses to the target application.
A
Annie_wang 已提交
78 79 80 81 82 83 84 85 86

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name  | Type                | Mandatory| Description                                      |
| -------- | -------------------  | ---- | ------------------------------------------ |
A
Annie_wang 已提交
87 88
| tokenID   |  number   | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).             |
| permissionName | Permissions | Yes  | Name of the permission.|
A
Annie_wang 已提交
89 90
| successCount | number | Yes  | Number of successful accesses.|
| failCount | number | Yes  | Number of failed accesses.|
A
Annie_wang 已提交
91 92 93 94 95
| callback | AsyncCallback<void> | Yes  | Callback invoked to return the result. If a usage record is added successfully, **err** is **undefine**. Otherwise, **err** is an error object.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
96

A
Annie_wang 已提交
97 98
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
99
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256, or the count value is invalid. |
A
Annie_wang 已提交
100 101
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
102 103
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
104 105 106 107

**Example**

```js
A
Annie_wang 已提交
108 109 110 111
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
A
Annie_wang 已提交
112
    privacyManager.addPermissionUsedRecord(tokenID, "ohos.permission.PERMISSION_USED_STATS", 1, 0, (err, data) => {
A
Annie_wang 已提交
113 114 115 116 117 118 119 120 121
        if (err) {
            console.log(`addPermissionUsedRecord fail, err->${JSON.stringify(err)}`);
        } else {
            console.log('addPermissionUsedRecord success');
        }
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
A
Annie_wang 已提交
122 123
```

L
lsq 已提交
124
## privacyManager.getPermissionUsedRecord
A
Annie_wang 已提交
125

L
lsq 已提交
126
getPermissionUsedRecord(request: PermissionUsedRequest): Promise<PermissionUsedResponse>
A
Annie_wang 已提交
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143

Obtains historical permission usage records. This API uses a promise to return the result.

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name  | Type                | Mandatory| Description                                      |
| -------- | -------------------  | ---- | ------------------------------------------ |
| request   |  [PermissionUsedRequest](#permissionusedrequest)   | Yes  | Request for querying permission usage records.             |

**Return value**

| Type         | Description                               |
| :------------ | :---------------------------------- |
A
Annie_wang 已提交
144 145 146 147 148
| Promise<[PermissionUsedResponse](#permissionusedresponse)> | Promise used to return the permission usage records.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
149

A
Annie_wang 已提交
150 151
| ID| Error Message|
| -------- | -------- |
A
Annie_wang 已提交
152
| 12100001 | The parameter is invalid. the value of flag in request is invalid. |
A
Annie_wang 已提交
153 154
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
155 156
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
157 158 159 160

**Example**

```js
A
Annie_wang 已提交
161 162
import privacyManager from '@ohos.privacyManager';

A
Annie_wang 已提交
163 164
let request = {
    "tokenId": 1,
A
Annie_wang 已提交
165
    "isRemote": false,
A
Annie_wang 已提交
166 167
    "deviceId": "device",
    "bundleName": "bundle",
A
Annie_wang 已提交
168
    "permissionNames": [],
A
Annie_wang 已提交
169 170 171 172
    "beginTime": 0,
    "endTime": 1,
    "flag":privacyManager.PermissionUsageFlag.FLAG_PERMISSION_USAGE_DETAIL,
};
A
Annie_wang 已提交
173
try {
L
lsq 已提交
174 175
    privacyManager.getPermissionUsedRecord(request).then((data) => {
        console.log(`getPermissionUsedRecord success, data->${JSON.stringify(data)}`);
A
Annie_wang 已提交
176
    }).catch((err) => {
L
lsq 已提交
177
        console.log(`getPermissionUsedRecord fail, err->${JSON.stringify(err)}`);
A
Annie_wang 已提交
178 179 180 181
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
A
Annie_wang 已提交
182 183
```

L
lsq 已提交
184
## privacyManager.getPermissionUsedRecord
A
Annie_wang 已提交
185

L
lsq 已提交
186
getPermissionUsedRecord(request: PermissionUsedRequest, callback: AsyncCallback&lt;PermissionUsedResponse&gt;): void
A
Annie_wang 已提交
187 188 189 190 191 192 193 194 195 196 197 198

Obtains historical permission usage records. This API uses an asynchronous callback to return the result.

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name  | Type                | Mandatory| Description                                      |
| -------- | -------------------  | ---- | ------------------------------------------ |
| request | [PermissionUsedRequest](#permissionusedrequest) | Yes| Request for querying permission usage records.|
A
Annie_wang 已提交
199 200 201 202 203
| callback | AsyncCallback<[PermissionUsedResponse](#permissionusedresponse)> | Yes| Callback invoked to return the result. If the query is successful, **err** is **undefine** and **data** is the permission usage record. Otherwise, **err** is an error object.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
204

A
Annie_wang 已提交
205 206
| ID| Error Message|
| -------- | -------- |
A
Annie_wang 已提交
207
| 12100001 | The parameter is invalid. the value of flag in request is invalid. |
A
Annie_wang 已提交
208 209
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
210 211
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
212 213 214 215

**Example**

```js
A
Annie_wang 已提交
216 217
import privacyManager from '@ohos.privacyManager';

A
Annie_wang 已提交
218 219
let request = {
    "tokenId": 1,
A
Annie_wang 已提交
220
    "isRemote": false,
A
Annie_wang 已提交
221 222
    "deviceId": "device",
    "bundleName": "bundle",
A
Annie_wang 已提交
223
    "permissionNames": [],
A
Annie_wang 已提交
224 225 226 227
    "beginTime": 0,
    "endTime": 1,
    "flag":privacyManager.PermissionUsageFlag.FLAG_PERMISSION_USAGE_DETAIL,
};
A
Annie_wang 已提交
228
try {
L
lsq 已提交
229
    privacyManager.getPermissionUsedRecord(request, (err, data) => {
A
Annie_wang 已提交
230
        if (err) {
L
lsq 已提交
231
            console.log(`getPermissionUsedRecord fail, err->${JSON.stringify(err)}`);
A
Annie_wang 已提交
232
        } else {
L
lsq 已提交
233
            console.log(`getPermissionUsedRecord success, data->${JSON.stringify(data)}`);
A
Annie_wang 已提交
234 235 236 237 238 239 240 241 242
        }
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.startUsingPermission

A
Annie_wang 已提交
243
startUsingPermission(tokenID: number, permissionName: Permissions): Promise&lt;void&gt;
A
Annie_wang 已提交
244

A
Annie_wang 已提交
245
Starts to use a permission and flushes the permission usage record. This API is called by a system application, either running in the foreground or background, and uses a promise to return the result. This API uses a promise to return the result.
A
Annie_wang 已提交
246 247 248 249 250 251 252 253 254

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name         | Type  | Mandatory| Description                                 |
| -------------- | ------ | ---- | ------------------------------------ |
A
Annie_wang 已提交
255 256
| tokenID        | number | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).|
| permissionName | Permissions | Yes  | Permission to use.                    |
A
Annie_wang 已提交
257 258 259 260 261 262 263

**Return value**

| Type         | Description                                   |
| ------------- | --------------------------------------- |
| Promise&lt;void&gt; | Promise that returns no value.|

A
Annie_wang 已提交
264 265 266
**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
267

A
Annie_wang 已提交
268 269
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
270
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. |
A
Annie_wang 已提交
271 272
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
273 274 275
| 12100004 | The interface is called repeatedly with the same input. It means the application specified by the tokenID has been using the specified permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
276

A
Annie_wang 已提交
277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295
**Example**

```js
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
    privacyManager.startUsingPermission(tokenID, "ohos.permission.PERMISSION_USED_STATS").then(() => {
        console.log('startUsingPermission success');
    }).catch((err) => {
        console.log(`startUsingPermission fail, err->${JSON.stringify(err)}`);
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.startUsingPermission

A
Annie_wang 已提交
296
startUsingPermission(tokenID: number, permissionName: Permissions, callback: AsyncCallback&lt;void&gt;): void
A
Annie_wang 已提交
297

A
Annie_wang 已提交
298
Starts to use a permission and flushes the permission usage record. This API is called by a system application, either running in the foreground or background, and uses a promise to return the result. This API uses an asynchronous callback to return the result.
A
Annie_wang 已提交
299 300 301 302 303 304 305 306 307

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name         | Type                 | Mandatory| Description                                 |
| -------------- | --------------------- | ---- | ------------------------------------ |
A
Annie_wang 已提交
308 309 310 311 312 313 314
| tokenID        | number                | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).|
| permissionName | Permissions                | Yes  | Permission to use.                    |
| callback       | AsyncCallback&lt;void&gt; | Yes  | Callback invoked to return the result. If the permission is successfully used, **err** is **undefine**. Otherwise, **err** is an error object.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
315

A
Annie_wang 已提交
316 317
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
318
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. |
A
Annie_wang 已提交
319 320
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
321 322 323
| 12100004 | The interface is called repeatedly with the same input. It means the application specified by the tokenID has been using the specified permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
324 325 326 327 328 329 330 331

**Example**

```js
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
A
Annie_wang 已提交
332
    privacyManager.startUsingPermission(tokenID, "ohos.permission.PERMISSION_USED_STATS", (err, data) => {
A
Annie_wang 已提交
333 334 335 336 337 338 339 340 341 342 343 344 345
        if (err) {
            console.log(`startUsingPermission fail, err->${JSON.stringify(err)}`);
        } else {
            console.log('startUsingPermission success');
        }
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.stopUsingPermission

A
Annie_wang 已提交
346
stopUsingPermission(tokenID: number, permissionName: Permissions): Promise&lt;void&gt;
A
Annie_wang 已提交
347

A
Annie_wang 已提交
348
Stops using a permission. This API is called by a system application and uses a promise to return the result. **startUsingPermission** and **stopUsingPermission** are used in pairs. This API uses a promise to return the result.
A
Annie_wang 已提交
349 350 351 352 353 354 355 356 357

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name         | Type  | Mandatory| Description                                 |
| -------------- | ------ | ---- | ------------------------------------ |
A
Annie_wang 已提交
358 359
| tokenID        | number | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).|
| permissionName | Permissions | Yes  | Permission to use.                    |
A
Annie_wang 已提交
360 361 362 363 364 365 366

**Return value**

| Type         | Description                                   |
| ------------- | --------------------------------------- |
| Promise&lt;void&gt; | Promise that returns no value.|

A
Annie_wang 已提交
367 368 369
**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
370

A
Annie_wang 已提交
371 372
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
373
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. |
A
Annie_wang 已提交
374 375
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
376 377 378
| 12100004 | The interface is not used with |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
379

A
Annie_wang 已提交
380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398
**Example**

```js
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
    privacyManager.stopUsingPermission(tokenID, "ohos.permission.PERMISSION_USED_STATS").then(() => {
        console.log('stopUsingPermission success');
    }).catch((err) => {
        console.log(`stopUsingPermission fail, err->${JSON.stringify(err)}`);
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.stopUsingPermission

A
Annie_wang 已提交
399
stopUsingPermission(tokenID: number, permissionName: Permissions, callback: AsyncCallback&lt;void&gt;): void
A
Annie_wang 已提交
400

A
Annie_wang 已提交
401
Stops using a permission. This API is called by a system application and uses a promise to return the result. **startUsingPermission** and **stopUsingPermission** are used in pairs. This API uses an asynchronous callback to return the result.
A
Annie_wang 已提交
402 403 404 405 406 407 408 409 410

**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name         | Type                 | Mandatory| Description                                 |
| -------------- | --------------------- | ---- | ------------------------------------ |
A
Annie_wang 已提交
411 412 413 414 415 416 417
| tokenID        | number                | Yes  | Application token ID of the invoker. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).|
| permissionName | Permissions                | Yes  | Permission to use.                     |
| callback       | AsyncCallback&lt;void&gt; | Yes  | Callback invoked to return the result. If the operation is successful, **err** is **undefine**. Otherwise, **err** is an error object.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
418

A
Annie_wang 已提交
419 420
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
421
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. |
A
Annie_wang 已提交
422 423
| 12100002 | The specified tokenID does not exist or refer to an application process. |
| 12100003 | The specified permission does not exist or is not an user_grant permission. |
A
Annie_wang 已提交
424 425 426
| 12100004 | The interface is not used with |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
427 428 429 430 431 432 433 434

**Example**

```js
import privacyManager from '@ohos.privacyManager';

let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
try {
A
Annie_wang 已提交
435
    privacyManager.stopUsingPermission(tokenID, "ohos.permission.PERMISSION_USED_STATS", (err, data) => {
A
Annie_wang 已提交
436 437 438 439 440 441 442 443 444 445 446 447 448
        if (err) {
            console.log(`stopUsingPermission fail, err->${JSON.stringify(err)}`);
        } else {
            console.log('stopUsingPermission success');
        }
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.on

A
Annie_wang 已提交
449
on(type: 'activeStateChange', permissionList: Array&lt;Permissions&gt;, callback: Callback&lt;ActiveChangeResponse&gt;): void
A
Annie_wang 已提交
450

A
Annie_wang 已提交
451
Subscribes to the permission usage status changes of the specified permissions.
A
Annie_wang 已提交
452

A
Annie_wang 已提交
453
**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)
A
Annie_wang 已提交
454 455 456 457 458 459 460

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name            | Type                  | Mandatory| Description                                                         |
| ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
A
Annie_wang 已提交
461
| type               | string                | Yes  | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event.  |
A
Annie_wang 已提交
462
| permissionList | Array&lt;Permissions&gt;   | Yes  | List of permissions to be observed. If this parameter is left empty, the usage changes of all permissions are observed.          |
A
Annie_wang 已提交
463 464 465 466 467
| callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | Yes| Callback invoked to return a change in the permission usage.|

**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
468

A
Annie_wang 已提交
469 470
| ID| Error Message|
| -------- | -------- |
Y
yu 已提交
471
| 12100001 | The parameter is invalid. The tokenID is 0, or the string size of permissionName is larger than 256. |
A
Annie_wang 已提交
472 473 474 475
| 12100004 | The interface is called repeatedly with the same input. |
| 12100005 | The registration time has exceeded the limitation. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
476 477 478 479 480 481

**Example**

```js
import privacyManager from '@ohos.privacyManager';

A
Annie_wang 已提交
482
let permissionList = [];
A
Annie_wang 已提交
483
try {
A
Annie_wang 已提交
484
    privacyManager.on('activeStateChange', permissionList, (data) => {
A
Annie_wang 已提交
485 486 487 488 489 490 491 492 493
        console.debug("receive permission state change, data:" + JSON.stringify(data));
    });
} catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
```

## privacyManager.off

A
Annie_wang 已提交
494
off(type: 'activeStateChange', permissionList: Array&lt;Permissions&gt;, callback?: Callback&lt;ActiveChangeResponse&gt;): void;
A
Annie_wang 已提交
495

A
Annie_wang 已提交
496
Unsubscribes from the permission usage status changes of the specified permissions.
A
Annie_wang 已提交
497

A
Annie_wang 已提交
498
**Required permissions**: ohos.permission.PERMISSION_USED_STATS (available only to system applications)
A
Annie_wang 已提交
499 500 501 502 503 504 505

**System capability**: SystemCapability.Security.AccessToken

**Parameters**

| Name            | Type                  | Mandatory| Description                                                         |
| ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
A
Annie_wang 已提交
506
| type               | string                | Yes  | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event.  |
A
Annie_wang 已提交
507
| permissionList | Array&lt;Permissions&gt;   | Yes  | List of permissions to be observed. If this parameter is left blank, the usage changes of all permissions are unsubscribed from. The value must be the same as that specified in **on()**.|
A
Annie_wang 已提交
508 509
| callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | No| Callback for the permission usage change event.|

A
Annie_wang 已提交
510 511 512
**Error codes**

For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
A
Annie_wang 已提交
513

A
Annie_wang 已提交
514 515
| ID| Error Message|
| -------- | -------- |
A
Annie_wang 已提交
516 517
| 12100001 | The permissionNames in the list are all invalid, or the list size exceeds 1024 bytes. |
| 12100004 | The interface is not used together with "on()".|
A
Annie_wang 已提交
518 519
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
A
Annie_wang 已提交
520

A
Annie_wang 已提交
521 522 523 524 525
**Example**

```js
import privacyManager from '@ohos.privacyManager';

A
Annie_wang 已提交
526
let permissionList = [];
A
Annie_wang 已提交
527
try {
A
Annie_wang 已提交
528
    privacyManager.off('activeStateChange', permissionList);
A
Annie_wang 已提交
529 530 531
}catch(err) {
    console.log(`catch err->${JSON.stringify(err)}`);
}
A
Annie_wang 已提交
532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552
```

## PermissionUsageFlag

Enumerates the modes for querying the permission usage records.

**System capability**: SystemCapability.Security.AccessToken

| Name                   | Value| Description                  |
| ----------------------- | ------ | ---------------------- |
| FLAG_PERMISSION_USAGE_SUMMARY             | 0    | Query the permission usage summary.|
| FLAG_PERMISSION_USAGE_DETAIL         | 1    | Query detailed permission usage records.        |

## PermissionUsedRequest

Represents the request for querying permission usage records.

**System capability**: SystemCapability.Security.AccessToken

| Name      | Type            | Mandatory  | Description                                      |
| -------- | -------------- | ---- | ---------------------------------------- |
A
Annie_wang 已提交
553 554
| tokenId  | number         | No   | Token ID of the application (invoker).                                |
| isRemote | boolean         | No   | Whether the token ID belongs to the application on a remote device. The default value is **false**.|
A
Annie_wang 已提交
555 556
| deviceId  | string         | No   | ID of the device hosting the target application.                                |
| bundleName | string         | No   | Bundle name of the target application.|
A
Annie_wang 已提交
557
| permissionNames  | Array&lt;Permissions&gt;         | No   | Permissions to query.                                |
A
Annie_wang 已提交
558 559 560 561 562 563 564 565 566 567 568 569 570 571
| beginTime | number         | No   | Start time of the query, in ms. The default value is **0**, indicating that no start time is set.|
| endTime | number         | No   | End time of the query, in ms. The default value is **0**, indicating that no end time is set.|
| flag | [PermissionUsageFlag](#permissionusageflag)         | Yes   | Query mode. The default value is **FLAG_PERMISSION_USAGE_SUMMARY**.|

## PermissionUsedResponse

Represents the permission usage records of all applications.

**System capability**: SystemCapability.Security.AccessToken

| Name      | Type            | Mandatory  | Description                                      |
| -------- | -------------- | ---- | ---------------------------------------- |
| beginTime | number         | No   | Start time of the query, in ms.|
| endTime | number         | No   | End time of the query, in ms.|
A
Annie_wang 已提交
572
| bundleRecords  | Array&lt;[BundleUsedRecord](#bundleusedrecord)&gt;         | No   | Permission usage records.                                |
A
Annie_wang 已提交
573 574 575

## BundleUsedRecord

A
Annie_wang 已提交
576
Represents the permission access records of an application.
A
Annie_wang 已提交
577 578 579 580 581

**System capability**: SystemCapability.Security.AccessToken

| Name      | Type            | Mandatory  | Description                                      |
| -------- | -------------- | ---- | ---------------------------------------- |
A
Annie_wang 已提交
582 583
| tokenId  | number         | No   | Token ID of the application (invoker).                                |
| isRemote | boolean         | No   | Whether the token ID belongs to the application on a remote device. The default value is **false**.|
A
Annie_wang 已提交
584 585
| deviceId  | string         | No   | ID of the device hosting the target application.                                |
| bundleName | string         | No   | Bundle name of the target application.|
A
Annie_wang 已提交
586
| permissionRecords  | Array&lt;[PermissionUsedRecord](#permissionusedrecord)&gt;         | No   | Permission usage records of the target application.                                |
A
Annie_wang 已提交
587 588 589

## PermissionUsedRecord

A
Annie_wang 已提交
590
Represents the usage records of a permission.
A
Annie_wang 已提交
591 592 593 594 595

**System capability**: SystemCapability.Security.AccessToken

| Name      | Type            | Mandatory  | Description                                      |
| -------- | -------------- | ---- | ---------------------------------------- |
A
Annie_wang 已提交
596
| permissionName  | Permissions         | No   | Name of the permission.                                |
A
Annie_wang 已提交
597 598
| accessCount | number         | No   | Total number of times that the permission is accessed.|
| rejectCount | number         | No   | Total number of times that the access to the permission is rejected.|
A
Annie_wang 已提交
599 600
| lastAccessTime | number         | No   | Last time when the permission was accessed, accurate to ms.|
| lastRejectTime | number         | No   | Last time when the access to the permission was rejected, accurate to ms.|
A
Annie_wang 已提交
601
| lastAccessDuration | number         | No   | Last access duration, in ms.|
A
Annie_wang 已提交
602 603
| accessRecords  | Array&lt;[UsedRecordDetail](#usedrecorddetail)&gt;         | No   | Successful access records. This parameter is valid only when **flag** is **FLAG_PERMISSION_USAGE_SUMMARY**. By default, 10 records are provided.                                |
| rejectRecords  | Array&lt;[UsedRecordDetail](#usedrecorddetail)&gt;         | No   | Rejected access records. This parameter is valid only when **flag** is **FLAG_PERMISSION_USAGE_SUMMARY**. By default, 10 records are provided.                                |
A
Annie_wang 已提交
604 605 606 607 608 609 610 611 612 613 614 615

## UsedRecordDetail

Represents the details of a single access record.

**System capability**: SystemCapability.Security.AccessToken

| Name      | Type            | Mandatory  | Description                                      |
| -------- | -------------- | ---- | ---------------------------------------- |
| status  | number         | No   | Access status.                                |
| timestamp | number         | No   | Access timestamp, in ms.|
| accessDuration  | number         | No   | Access duration, in ms.                                |
A
Annie_wang 已提交
616 617 618

## PermissionActiveStatus

A
Annie_wang 已提交
619
Enumerates the permission usage statuses.
A
Annie_wang 已提交
620 621 622

**System capability**: SystemCapability.Security.AccessToken

A
Annie_wang 已提交
623
| Name                     | Value    | Description             |
A
Annie_wang 已提交
624 625
| ------------------------- | ------ | ---------------- |
| PERM_INACTIVE             | 0      | The permission is not used.  |
A
Annie_wang 已提交
626 627
| PERM_ACTIVE_IN_FOREGROUND | 1      | The permission is being used by an application running in the foreground.|
| PERM_ACTIVE_IN_BACKGROUND | 2      | The permission is being used by an application running in the background.|
A
Annie_wang 已提交
628 629 630 631 632 633 634 635 636

## ActiveChangeResponse

Defines the detailed permission usage information.

 **System capability**: SystemCapability.Security.AccessToken

| Name          | Type                   | Readable| Writable| Description                  |
| -------------- | ---------------------- | ---- | ---- | --------------------- |
A
Annie_wang 已提交
637 638 639
| tokenId        | number                 | Yes  | No  | Token ID of the application.   |
| permissionName | Permissions                 | Yes  | No  | Name of the permission.|
| deviceId       | string                 | Yes  | No  | Device ID.                |
A
Annie_wang 已提交
640
| activeStatus   | [PermissionActiveStatus](#permissionactivestatus) | Yes  | No  | Permission usage status.       |