Skip to content

D
Docs

OpenHarmony / Docs
大约 2 年 前同步成功

通知 161
Star 293
Fork 28
D
Docs
提交 07872462 编写于 作者: A Annie_wang
浏览文件
操作

update docs 

Signed-off-by: NAnnie_wang <annie.wangli@huawei.com>
上级 1fc45a9f
隐藏空白更改
内联 并排
Showing with 200 addition and 79 deletion
en/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
浏览文件 @ 07872462
# @ohos.abilityAccessCtrl (Ability Access Control) # @ohos.abilityAccessCtrl (Application Access Control)
The **AbilityAccessCtrl** module provides APIs for application permission management, including authentication, authorization, and revocation. The **AbilityAccessCtrl** module provides APIs for application permission management, including authentication, authorization, and revocation.
...@@ -40,7 +40,7 @@ Implements ability access control. ...@@ -40,7 +40,7 @@ Implements ability access control.
checkAccessToken(tokenID: number, permissionName: Permissions): Promise&lt;GrantStatus&gt; checkAccessToken(tokenID: number, permissionName: Permissions): Promise&lt;GrantStatus&gt;
Checks whether an application has the specified permission. This API uses a promise to return the result. Checks whether a permission is granted to an application. This API uses a promise to return the result.
**System capability**: SystemCapability.Security.AccessToken **System capability**: SystemCapability.Security.AccessToken
...@@ -48,8 +48,8 @@ Checks whether an application has the specified permission. This API uses a prom ...@@ -48,8 +48,8 @@ Checks whether an application has the specified permission. This API uses a prom
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ | | -------- | ------------------- | ---- | ------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Permission to check.| | permissionName | Permissions | Yes | Permission to check. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
**Return value** **Return value**
...@@ -71,7 +71,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -71,7 +71,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
try { try {
atManager.checkAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => { atManager.checkAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => {
console.log(`checkAccessToken success, data->${JSON.stringify(data)}`); console.log(`checkAccessToken success, data->${JSON.stringify(data)}`);
...@@ -87,7 +87,7 @@ try { ...@@ -87,7 +87,7 @@ try {
verifyAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus verifyAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus
Verifies whether an application has the specified permission. This API returns the result synchronously. Verifies whether a permission is granted to an application. This API returns the result synchronously.
**System capability**: SystemCapability.Security.AccessToken **System capability**: SystemCapability.Security.AccessToken
...@@ -95,8 +95,8 @@ Verifies whether an application has the specified permission. This API returns t ...@@ -95,8 +95,8 @@ Verifies whether an application has the specified permission. This API returns t
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ | | -------- | ------------------- | ---- | ------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to verify.| | permissionName | Permissions | Yes | Permission to verify. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
**Return value** **Return value**
...@@ -116,7 +116,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -116,7 +116,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
```js ```js
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let data = atManager.verifyAccessTokenSync(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); let data = atManager.verifyAccessTokenSync(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
console.log(`data->${JSON.stringify(data)}`); console.log(`data->${JSON.stringify(data)}`);
``` ```
...@@ -137,8 +137,8 @@ Grants a user_grant permission to an application. This API uses a promise to ret ...@@ -137,8 +137,8 @@ Grants a user_grant permission to an application. This API uses a promise to ret
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ | | --------- | ------------------- | ---- | ------------------------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to grant.| | permissionName | Permissions | Yes | Permission to grant. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. | | permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
**Return value** **Return value**
...@@ -165,7 +165,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -165,7 +165,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let permissionFlag = 1; let permissionFlag = 1;
try { try {
atManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => { atManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => {
...@@ -194,10 +194,10 @@ Grants a user_grant permission to an application. This API uses an asynchronous ...@@ -194,10 +194,10 @@ Grants a user_grant permission to an application. This API uses an asynchronous
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ | | --------- | ------------------- | ---- | ------------------------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md).| | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md).|
| permissionName | Permissions | Yes | Name of the permission to grant.| | permissionName | Permissions | Yes | Permission to grant. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. | | permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
| callback | AsyncCallback&lt;void&gt; | Yes| Callback used to return the result. If the permission is granted successfully, **err** is **undefine**. Otherwise, **err** is an error object.| | callback | AsyncCallback&lt;void&gt; | Yes| Callback used to return the result. If the permission is granted successfully, **err** is **undefined**. Otherwise, **err** is an error object.|
**Error codes** **Error codes**
...@@ -208,7 +208,8 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -208,7 +208,8 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
| 12100001 | The parameter is invalid. The tokenID is 0 | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | TokenId does not exist. |
| 12100003 | Permission does not exist. | | 12100003 | Permission does not exist. |
| 12100006 | The specified application does not support the permissions granted or ungranted as specified. | | 12100006 | The application specified by the tokenID is not allowed to be granted with the specified permission. Either the application is a sandbox or the tokenID is from a remote device. |
| 12100007 | Service is abnormal. |
**Example** **Example**
...@@ -216,7 +217,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -216,7 +217,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let permissionFlag = 1; let permissionFlag = 1;
try { try {
atManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => { atManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => {
...@@ -247,8 +248,8 @@ Revokes a user_grant permission from an application. This API uses a promise to ...@@ -247,8 +248,8 @@ Revokes a user_grant permission from an application. This API uses a promise to
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ | | --------- | ------------------- | ---- | ------------------------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to revoke.| | permissionName | Permissions | Yes | Permission to revoke. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. | | permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
**Return value** **Return value**
...@@ -275,7 +276,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -275,7 +276,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let permissionFlag = 1; let permissionFlag = 1;
try { try {
atManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => { atManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => {
...@@ -304,10 +305,10 @@ Revokes a user_grant permission from an application. This API uses an asynchrono ...@@ -304,10 +305,10 @@ Revokes a user_grant permission from an application. This API uses an asynchrono
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ | | --------- | ------------------- | ---- | ------------------------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to revoke.| | permissionName | Permissions | Yes | Permission to revoke. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. | | permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
| callback | AsyncCallback&lt;void&gt; | Yes| Callback used to return the result. If the permission is revoked successfully, **err** is **undefine**. Otherwise, **err** is an error object.| | callback | AsyncCallback&lt;void&gt; | Yes| Callback used to return the result. If the permission is revoked successfully, **err** is **undefined**. Otherwise, **err** is an error object.|
**Error codes** **Error codes**
...@@ -318,7 +319,8 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -318,7 +319,8 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
| 12100001 | The parameter is invalid. The tokenID is 0 | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | TokenId does not exist. |
| 12100003 | Permission does not exist. | | 12100003 | Permission does not exist. |
| 12100006 | The specified application does not support the permissions granted or ungranted as specified. | | 12100006 | The application specified by the tokenID is not allowed to be revoked with the specified permission. Either the application is a sandbox or the tokenID is from a remote device. |
| 12100007 | Service is abnormal. |
**Example** **Example**
...@@ -326,7 +328,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -326,7 +328,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let permissionFlag = 1; let permissionFlag = 1;
try { try {
atManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => { atManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => {
...@@ -357,8 +359,8 @@ Obtains the flags of the specified permission of an application. This API uses a ...@@ -357,8 +359,8 @@ Obtains the flags of the specified permission of an application. This API uses a
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ | | --------- | ------------------- | ---- | ------------------------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to query.| | permissionName | Permissions | Yes | Target permission. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
**Return value** **Return value**
...@@ -375,7 +377,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -375,7 +377,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
| 12100001 | The parameter is invalid. The tokenID is 0 | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | The specified tokenID does not exist. | | 12100002 | The specified tokenID does not exist. |
| 12100003 | The specified permission does not exist. | | 12100003 | The specified permission does not exist. |
| 12100006 | The operation is not allowd. Either the application is a sandbox or the tokenID is from a remote device. | | 12100006 | The operation is not allowed. Either the application is a sandbox or the tokenID is from a remote device. |
| 12100007 | Service is abnormal. | | 12100007 | Service is abnormal. |
**Example** **Example**
...@@ -384,7 +386,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e ...@@ -384,7 +386,7 @@ For details about the error codes, see [Ability Access Control Error Codes](../e
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
try { try {
atManager.getPermissionFlags(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => { atManager.getPermissionFlags(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => {
console.log(`getPermissionFlags success, data->${JSON.stringify(data)}`); console.log(`getPermissionFlags success, data->${JSON.stringify(data)}`);
...@@ -525,7 +527,7 @@ try { ...@@ -525,7 +527,7 @@ try {
verifyAccessToken(tokenID: number, permissionName: Permissions): Promise&lt;GrantStatus&gt; verifyAccessToken(tokenID: number, permissionName: Permissions): Promise&lt;GrantStatus&gt;
Verifies whether an application has the specified permission. This API uses a promise to return the result. Verifies whether a permission is granted to an application. This API uses a promise to return the result.
> **NOTE**<br>You are advised to use [checkAccessToken](#checkaccesstoken9). > **NOTE**<br>You are advised to use [checkAccessToken](#checkaccesstoken9).
...@@ -535,8 +537,8 @@ Verifies whether an application has the specified permission. This API uses a pr ...@@ -535,8 +537,8 @@ Verifies whether an application has the specified permission. This API uses a pr
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ | | -------- | ------------------- | ---- | ------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | Permissions | Yes | Name of the permission to verify. Only valid permission names are supported.| | permissionName | Permissions | Yes | Permission to verify. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
**Return value** **Return value**
...@@ -550,18 +552,107 @@ Verifies whether an application has the specified permission. This API uses a pr ...@@ -550,18 +552,107 @@ Verifies whether an application has the specified permission. This API uses a pr
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let promise = atManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); let promise = atManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
promise.then(data => { promise.then(data => {
console.log(`promise: data->${JSON.stringify(data)}`); console.log(`promise: data->${JSON.stringify(data)}`);
}); });
``` ```
### requestPermissionsFromUser<sup>9+</sup>
requestPermissionsFromUser(context: Context, permissions: Array&lt;Permissions&gt;, requestCallback: AsyncCallback&lt;PermissionRequestResult&gt;) : void;
Requests user authorization in a dialog box. This API uses an asynchronous callback to return the result.
**Model restriction**: This API can be used only in the stage model.
**System capability**: SystemCapability.Security.AccessToken
**Parameters**
| Name| Type| Mandatory| Description|
| -------- | -------- | -------- | -------- |
| context | Context | Yes| Ability context of the application that requests the permission.|
| permissions | Array&lt;Permissions&gt; | Yes| Permissions requested. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
| callback | AsyncCallback&lt;[PermissionRequestResult](js-apis-permissionrequestresult.md)&gt; | Yes| Callback invoked to return the result.|
**Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message|
| -------- | -------- |
| 12100001 | Parameter invalid. |
**Example**
```js
import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager();
try {
atManager.requestPermissionsFromUser(this.context, ["ohos.permission.CAMERA"], (err, data)=>{
console.info("data:" + JSON.stringify(data));
console.info("data permissions:" + data.permissions);
console.info("data authResults:" + data.authResults);
});
} catch(err) {
console.log(`catch err->${JSON.stringify(err)}`);
}
```
### requestPermissionsFromUser<sup>9+</sup>
requestPermissionsFromUser(context: Context, permissions: Array&lt;Permissions&gt;) : Promise&lt;PermissionRequestResult&gt;;
Requests user authorization in a dialog box. This API uses a promise to return the result.
**Model restriction**: This API can be used only in the stage model.
**System capability**: SystemCapability.Security.AccessToken
**Parameters**
| Name| Type| Mandatory| Description|
| -------- | -------- | -------- | -------- |
| context | Context | Yes| Ability context of the application that requests the permission.|
| permissions | Array&lt;Permissions&gt; | Yes| Permissions requested. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
**Return value**
| Type| Description|
| -------- | -------- |
| Promise&lt;[PermissionRequestResult](js-apis-permissionrequestresult.md)&gt; | Promise used to return the result.|
**Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message|
| -------- | -------- |
| 12100001 | Parameter invalid. |
**Example**
```js
import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager();
try {
atManager.requestPermissionsFromUser(this.context, ["ohos.permission.CAMERA"]).then((data) => {
console.info("data:" + JSON.stringify(data));
console.info("data permissions:" + data.permissions);
console.info("data authResults:" + data.authResults);
}).catch((err) => {
console.info("data:" + JSON.stringify(err));
})
} catch(err) {
console.log(`catch err->${JSON.stringify(err)}`);
}
```
### verifyAccessToken<sup>(deprecated)</sup> ### verifyAccessToken<sup>(deprecated)</sup>
verifyAccessToken(tokenID: number, permissionName: string): Promise&lt;GrantStatus&gt; verifyAccessToken(tokenID: number, permissionName: string): Promise&lt;GrantStatus&gt;
Verifies whether an application has the specified permission. This API uses a promise to return the result. Verifies whether a permission is granted to an application. This API uses a promise to return the result.
> NOTE<br>This API is deprecated since API version 9. You are advised to use [checkAccessToken](#checkaccesstoken9). > NOTE<br>This API is deprecated since API version 9. You are advised to use [checkAccessToken](#checkaccesstoken9).
...@@ -571,8 +662,8 @@ Verifies whether an application has the specified permission. This API uses a pr ...@@ -571,8 +662,8 @@ Verifies whether an application has the specified permission. This API uses a pr
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ | | -------- | ------------------- | ---- | ------------------------------------------ |
| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). | | tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundleManager-applicationInfo.md). |
| permissionName | string | Yes | Name of the permission to verify.| | permissionName | string | Yes | Permission to check.|
**Return value** **Return value**
...@@ -586,7 +677,7 @@ Verifies whether an application has the specified permission. This API uses a pr ...@@ -586,7 +677,7 @@ Verifies whether an application has the specified permission. This API uses a pr
import abilityAccessCtrl from '@ohos.abilityAccessCtrl'; import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
let atManager = abilityAccessCtrl.createAtManager(); let atManager = abilityAccessCtrl.createAtManager();
let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID. let tokenID = 0; // Use bundleManager.getApplicationInfo() to obtain the token ID for a system application, and use bundleManager.getBundleInfoForSelf() to obtain the token ID for a non-system application.
let promise = atManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS"); let promise = atManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
promise.then(data => { promise.then(data => {
console.log(`promise: data->${JSON.stringify(data)}`); console.log(`promise: data->${JSON.stringify(data)}`);
...@@ -629,4 +720,4 @@ Defines the detailed permission grant state change information. ...@@ -629,4 +720,4 @@ Defines the detailed permission grant state change information.
| -------------- | ------------------------- | ---- | ---- | ------------------ | | -------------- | ------------------------- | ---- | ---- | ------------------ |
| change | [PermissionStateChangeType](#permissionstatechangetype9) | Yes | No | Operation that triggers the permission grant state change. | | change | [PermissionStateChangeType](#permissionstatechangetype9) | Yes | No | Operation that triggers the permission grant state change. |
| tokenID | number | Yes | No | Token ID of the application whose permission grant state changes are subscribed.| | tokenID | number | Yes | No | Token ID of the application whose permission grant state changes are subscribed.|
| permissionName | Permissions | Yes | No | Name of the permission whose grant state is changed.| | permissionName | Permissions | Yes | No | permission whose grant state is changed. For details about the permissions, see the [Application Permission List](../../security/permission-list.md).|
en/application-dev/reference/apis/js-apis-privacyManager.md
浏览文件 @ 07872462
# @ohos.privacyManager (Privacy Management) # @ohos.privacyManager (Privacy Management)
The **privacyManager** module provides APIs for privacy management, such as management of permission usage records. The **privacyManager** module provides APIs for privacy management, such as management of permission usage records.
...@@ -42,11 +42,14 @@ The permission usage record includes the application identity (token ID) of the ...@@ -42,11 +42,14 @@ The permission usage record includes the application identity (token ID) of the
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -89,11 +92,14 @@ The permission usage record includes the application identity (token ID) of the ...@@ -89,11 +92,14 @@ The permission usage record includes the application identity (token ID) of the
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -139,11 +145,14 @@ Obtains historical permission usage records. This API uses a promise to return t ...@@ -139,11 +145,14 @@ Obtains historical permission usage records. This API uses a promise to return t
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. the value of flag in request is invalid. |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -191,11 +200,14 @@ Obtains historical permission usage records. This API uses an asynchronous callb ...@@ -191,11 +200,14 @@ Obtains historical permission usage records. This API uses an asynchronous callb
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. the value of flag in request is invalid. |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -251,12 +263,15 @@ Starts to use a permission and flushes the permission usage record. This API is ...@@ -251,12 +263,15 @@ Starts to use a permission and flushes the permission usage record. This API is
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100004 | The interface is not used together. | | 12100004 | The interface is called repeatedly with the same input. It means the application specified by the tokenID has been using the specified permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -296,12 +311,15 @@ Starts to use a permission and flushes the permission usage record. This API is ...@@ -296,12 +311,15 @@ Starts to use a permission and flushes the permission usage record. This API is
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100004 | The interface is not used together. | | 12100004 | The interface is called repeatedly with the same input. It means the application specified by the tokenID has been using the specified permission. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -324,7 +342,7 @@ try { ...@@ -324,7 +342,7 @@ try {
## privacyManager.stopUsingPermission ## privacyManager.stopUsingPermission
stopUsingPermission(tokenID: number, permissionName: string): Promise&lt;void&gt; stopUsingPermission(tokenID: number, permissionName: Permissions): Promise&lt;void&gt;
Stops using a permission. This API is called by a system application and uses a promise to return the result. **startUsingPermission** and **stopUsingPermission** are used in pairs. This API uses a promise to return the result. Stops using a permission. This API is called by a system application and uses a promise to return the result. **startUsingPermission** and **stopUsingPermission** are used in pairs. This API uses a promise to return the result.
...@@ -348,12 +366,15 @@ Stops using a permission. This API is called by a system application and uses a ...@@ -348,12 +366,15 @@ Stops using a permission. This API is called by a system application and uses a
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100004 | The interface is not used together. | | 12100004 | The interface is not used with |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -393,12 +414,15 @@ Stops using a permission. This API is called by a system application and uses a ...@@ -393,12 +414,15 @@ Stops using a permission. This API is called by a system application and uses a
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100002 | TokenId does not exist. | | 12100002 | The specified tokenID does not exist or it does not refer to an application process. |
| 12100003 | Permission does not exist. | | 12100003 | The specified permission does not exist or it is not an user_grant permission. |
| 12100004 | The interface is not used together. | | 12100004 | The interface is not used with |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
...@@ -434,26 +458,29 @@ Subscribes to the permission usage status changes of the specified permissions. ...@@ -434,26 +458,29 @@ Subscribes to the permission usage status changes of the specified permissions.
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ------------------ | --------------------- | ---- | ------------------------------------------------------------ | | ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
| type | string | Yes | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event. | | type | string | Yes | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event. |
| permissionNameList | Array&lt;Permissions&gt; | No | List of permissions to be observed. If this parameter is left empty, the usage changes of all permissions are observed. | | permissionNameList | Array&lt;Permissions&gt; | Yes | List of permissions to be observed. If this parameter is left empty, the usage changes of all permissions are observed. |
| callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | Yes| Callback invoked to return a change in the permission usage.| | callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | Yes| Callback invoked to return a change in the permission usage.|
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The tokenID is 0 |
| 12100004 | The interface is not used together. | | 12100004 | The interface is called repeatedly with the same input. |
| 12100005 | The number of listeners exceeds the limit. | | 12100005 | The registration time has exceeded the limitation. |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
```js ```js
import privacyManager from '@ohos.privacyManager'; import privacyManager from '@ohos.privacyManager';
let permissionNameList: Array<Permissions> = []; let permissionNameList = [];
try { try {
atManager.on('activeStateChange', permissionNameList, (data) => { privacyManager.on('activeStateChange', permissionNameList, (data) => {
console.debug("receive permission state change, data:" + JSON.stringify(data)); console.debug("receive permission state change, data:" + JSON.stringify(data));
}); });
} catch(err) { } catch(err) {
...@@ -476,23 +503,26 @@ Unsubscribes from the permission usage status changes of the specified permissio ...@@ -476,23 +503,26 @@ Unsubscribes from the permission usage status changes of the specified permissio
| Name | Type | Mandatory| Description | | Name | Type | Mandatory| Description |
| ------------------ | --------------------- | ---- | ------------------------------------------------------------ | | ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
| type | string | Yes | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event. | | type | string | Yes | Event type to subscribe to. The value is **'activeStateChange'**, which indicates the permission usage change event. |
| permissionNameList | Array&lt;Permissions&gt; | No | List of permissions to be observed. If this parameter is left blank, the usage changes of all permissions are unsubscribed from. The value must be the same as that specified in **on()**.| | permissionNameList | Array&lt;Permissions&gt; | Yes | List of permissions to be observed. If this parameter is left blank, the usage changes of all permissions are unsubscribed from. The value must be the same as that specified in **on()**.|
| callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | No| Callback for the permission usage change event.| | callback | Callback&lt;[ActiveChangeResponse](#activechangeresponse)&gt; | No| Callback for the permission usage change event.|
**Error codes** **Error codes**
For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md). For details about the error codes, see [Ability Access Control Error Codes](../errorcodes/errorcode-access-token.md).
| ID| Error Message| | ID| Error Message|
| -------- | -------- | | -------- | -------- |
| 12100001 | Parameter invalid. | | 12100001 | The parameter is invalid. The permissionName in list is all invalid or the list size is larger than 1024. |
| 12100004 | The interface is not used together. | | 12100004 | The interface is not used with |
| 12100007 | Service is abnormal. |
| 12100008 | Out of memory. |
**Example** **Example**
```js ```js
import privacyManager from '@ohos.privacyManager'; import privacyManager from '@ohos.privacyManager';
let permissionNameList: Array<Permissions> = []; let permissionNameList = [];
try { try {
privacyManager.off('activeStateChange', permissionNameList); privacyManager.off('activeStateChange', permissionNameList);
}catch(err) { }catch(err) {
...@@ -589,7 +619,7 @@ Enumerates the permission usage statuses. ...@@ -589,7 +619,7 @@ Enumerates the permission usage statuses.
**System capability**: SystemCapability.Security.AccessToken **System capability**: SystemCapability.Security.AccessToken
| Name | Default Value| Description | | Name | Value | Description |
| ------------------------- | ------ | ---------------- | | ------------------------- | ------ | ---------------- |
| PERM_INACTIVE | 0 | The permission is not used. | | PERM_INACTIVE | 0 | The permission is not used. |
| PERM_ACTIVE_IN_FOREGROUND | 1 | The permission is being used by an application running in the foreground.| | PERM_ACTIVE_IN_FOREGROUND | 1 | The permission is being used by an application running in the foreground.|
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册