diff --git a/en/application-dev/security/Readme-EN.md b/en/application-dev/security/Readme-EN.md index fb56f3785ad37741139906b1ed0034ad05722af0..1be1ec0532e899d933aaa672d3e49437c5822b68 100644 --- a/en/application-dev/security/Readme-EN.md +++ b/en/application-dev/security/Readme-EN.md @@ -3,8 +3,8 @@ - Access Control - [Access Control (Permission) Overview](accesstoken-overview.md) - [Permission Application Guide](accesstoken-guidelines.md) - - [Permission Verification Guide](permission-verify-guidelines.md) - - [App Permission List](permission-list.md) + - [API Access Permission Verification](permission-verify-guidelines.md) + - [Application Permission List](permission-list.md) - User Authentication - [User Authentication Overview](userauth-overview.md) - [User Authentication Development](userauth-guidelines.md) diff --git a/en/application-dev/security/accesstoken-guidelines.md b/en/application-dev/security/accesstoken-guidelines.md index 1d52a333239bdb0b273b21b6a6dbe6bc6c49140f..93b5b158051c29b5860ccb1480788db3a677a183 100644 --- a/en/application-dev/security/accesstoken-guidelines.md +++ b/en/application-dev/security/accesstoken-guidelines.md @@ -2,7 +2,7 @@ ## When to Use -The [Ability Privilege Level (APL)](accesstoken-overview.md#app-apls) of an application can be **normal**, **system_basic**, or **system_core**. The default APL is **normal**. The [permission types](accesstoken-overview.md#permission-types) include **system_grant** and **user_grant**. For details about the permissions for apps, see the [App Permission List](permission-list.md). +The [Ability Privilege Level (APL)](accesstoken-overview.md#app-apls) of an application can be **normal**, **system_basic**, or **system_core**. The default APL is **normal**. The [permission types](accesstoken-overview.md#permission-types) include **system_grant** and **user_grant**. For details about the permissions for apps, see the [Application Permission List](permission-list.md). This document describes the following operations: diff --git a/en/application-dev/security/permission-verify-guidelines.md b/en/application-dev/security/permission-verify-guidelines.md index cca11b49b4f02be2631b354adf47c83d4d57e2c1..e1726db925256093c4f56badf362f8bbfedf7c82 100644 --- a/en/application-dev/security/permission-verify-guidelines.md +++ b/en/application-dev/security/permission-verify-guidelines.md @@ -1,12 +1,12 @@ -# Permission Verification Guide +# API Access Permission Verification ## When to Use -To protect sensitive data and eliminate security threads on core abilities, you can use the permissions in the [App Permission List](permission-list.md) to protect the related API from unauthorized calling. Each time before the API is called, a permission verification is performed to check whether the caller has the required permission. +To protect sensitive data and eliminate security threads on core abilities, you can use the permissions in the [Application Permission List](permission-list.md) to protect the related API from unauthorized calling. Each time before the API is called, a permission verification is performed to check whether the caller has the required permission. ## Available APIs -The table below lists only the API used in this guide. For more information, see [AbilityContext](../reference/apis/js-apis-ability-context.md). +The table below lists only the API used for access permission verification. For more information, see [AbilityContext](../reference/apis/js-apis-ability-context.md). | API | Description | | ------------------------------------------------------------ | --------------------------------------------------- | @@ -18,8 +18,11 @@ The table below lists only the API used in this guide. For more information, see The procedure is as follows: 1. Obtain the caller's identity (**tokenId**). + > **NOTE** + > + > You can use **getCallingTokenId** to obtain the caller's **tokenId**. For details, see [RPC](../reference/apis/js-apis-rpc.md#getcallingtokenid8). 2. Determine the permission to verify, which is **ohos.permission.PERMISSION** in this example. -3. Call **verifyAccessToken()** to perform a permission verification of the caller. +3. Call **verifyAccessToken()** to perform a permission verification for the caller. 4. Proceed based on the permission verification result. ```js @@ -42,5 +45,3 @@ The procedure is as follows: } ``` -> **NOTE**
-> You can use **getCallingTokenId** to obtain the caller's **tokenId**. For details, see [RPC](../reference/apis/js-apis-rpc.md#getcallingtokenid8).