Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Docs
提交
c30f0409
D
Docs
项目概览
OpenHarmony
/
Docs
1 年多 前同步成功
通知
159
Star
292
Fork
28
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
Docs
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
未验证
提交
c30f0409
编写于
1年前
作者:
O
openharmony_ci
提交者:
Gitee
1年前
浏览文件
操作
浏览文件
下载
差异文件
!23763 访问控制ArkTS告警信息整改-monthly挑单
Merge pull request !23763 from zhouyan/cherry-pick-1693813036
上级
1373bf59
c752f5e4
无相关合并请求
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
210 addition
and
119 deletion
+210
-119
zh-cn/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
...plication-dev/reference/apis/js-apis-abilityAccessCtrl.md
+162
-80
zh-cn/application-dev/reference/apis/js-apis-privacyManager.md
.../application-dev/reference/apis/js-apis-privacyManager.md
+41
-32
zh-cn/application-dev/security/permission-verify-guidelines.md
.../application-dev/security/permission-verify-guidelines.md
+7
-7
未找到文件。
zh-cn/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
浏览文件 @
c30f0409
...
...
@@ -7,7 +7,7 @@
## 导入模块
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
```
...
...
@@ -28,8 +28,8 @@ createAtManager(): AtManager
**示例:**
```
j
s
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
```
t
s
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
```
## AtManager
...
...
@@ -67,15 +67,16 @@ checkAccessToken(tokenID: number, permissionName: Permissions): Promise<Grant
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
try
{
atManager
.
checkAccessToken
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
).
then
((
data
)
=>
{
atManager
.
checkAccessToken
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
).
then
((
data
:
abilityAccessCtrl
.
GrantStatus
)
=>
{
console
.
log
(
`checkAccessToken success, data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`checkAccessToken fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -114,10 +115,12 @@ verifyAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus
**示例:**
```
js
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
data
=
atManager
.
verifyAccessTokenSync
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
);
```
ts
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
data
:
abilityAccessCtrl
.
GrantStatus
=
atManager
.
verifyAccessTokenSync
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
);
console
.
log
(
`data->
${
JSON
.
stringify
(
data
)}
`
);
```
...
...
@@ -161,16 +164,17 @@ grantUserGrantedPermission(tokenID: number, permissionName: Permissions, permiss
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
=
1
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
:
number
=
1
;
try
{
atManager
.
grantUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
).
then
(()
=>
{
console
.
log
(
'
grantUserGrantedPermission success
'
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`grantUserGrantedPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -213,14 +217,15 @@ grantUserGrantedPermission(tokenID: number, permissionName: Permissions, permiss
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
=
1
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
:
number
=
1
;
try
{
atManager
.
grantUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
,
(
err
,
data
)
=>
{
atManager
.
grantUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
,
(
err
:
BusinessError
,
data
:
void
)
=>
{
if
(
err
)
{
console
.
log
(
`grantUserGrantedPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -272,16 +277,17 @@ revokeUserGrantedPermission(tokenID: number, permissionName: Permissions, permis
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
=
1
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
:
number
=
1
;
try
{
atManager
.
revokeUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
).
then
(()
=>
{
console
.
log
(
'
revokeUserGrantedPermission success
'
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`revokeUserGrantedPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -324,14 +330,15 @@ revokeUserGrantedPermission(tokenID: number, permissionName: Permissions, permis
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
=
1
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionFlags
:
number
=
1
;
try
{
atManager
.
revokeUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
,
(
err
,
data
)
=>
{
atManager
.
revokeUserGrantedPermission
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
,
permissionFlags
,
(
err
:
BusinessError
,
data
:
void
)
=>
{
if
(
err
)
{
console
.
log
(
`revokeUserGrantedPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -382,15 +389,16 @@ getPermissionFlags(tokenID: number, permissionName: Permissions): Promise<num
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
try
{
atManager
.
getPermissionFlags
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
).
then
((
data
)
=>
{
atManager
.
getPermissionFlags
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
).
then
((
data
:
number
)
=>
{
console
.
log
(
`getPermissionFlags success, data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`getPermissionFlags fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -416,10 +424,12 @@ getVersion(): Promise<number>
**示例:**
```
js
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
```
ts
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
promise
=
atManager
.
getVersion
();
promise
.
then
(
data
=>
{
promise
.
then
(
(
data
:
number
)
=>
{
console
.
log
(
`promise: data->
${
JSON
.
stringify
(
data
)}
`
);
});
```
...
...
@@ -463,16 +473,16 @@ on(type: 'permissionStateChange', tokenIDList: Array<number>, permissionLi
**示例:**
```
j
s
import
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
```
t
s
import
abilityAccessCtrl
,
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
import
bundleManager
from
'
@ohos.bundle.bundleManager
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
appInfo
=
bundleManager
.
getApplicationInfoSync
(
'
com.example.myapplication
'
,
0
,
100
);
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
appInfo
:
bundleManager
.
ApplicationInfo
=
bundleManager
.
getApplicationInfoSync
(
'
com.example.myapplication
'
,
0
,
100
);
let
tokenIDList
:
Array
<
number
>
=
[
appInfo
.
accessTokenId
];
let
permissionList
:
Array
<
Permissions
>
=
[
'
ohos.permission.DISTRIBUTED_DATASYNC
'
];
try
{
atManager
.
on
(
'
permissionStateChange
'
,
tokenIDList
,
permissionList
,
(
data
)
=>
{
atManager
.
on
(
'
permissionStateChange
'
,
tokenIDList
,
permissionList
,
(
data
:
abilityAccessCtrl
.
PermissionStateChangeInfo
)
=>
{
console
.
debug
(
'
receive permission state change, data:
'
+
JSON
.
stringify
(
data
));
});
}
catch
(
err
)
{
...
...
@@ -516,12 +526,12 @@ off(type: 'permissionStateChange', tokenIDList: Array<number>, permissionL
**示例:**
```
j
s
import
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
```
t
s
import
abilityAccessCtrl
,
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
import
bundleManager
from
'
@ohos.bundle.bundleManager
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
appInfo
=
bundleManager
.
getApplicationInfoSync
(
'
com.example.myapplication
'
,
0
,
100
);
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
appInfo
:
bundleManager
.
ApplicationInfo
=
bundleManager
.
getApplicationInfoSync
(
'
com.example.myapplication
'
,
0
,
100
);
let
tokenIDList
:
Array
<
number
>
=
[
appInfo
.
accessTokenId
];
let
permissionList
:
Array
<
Permissions
>
=
[
'
ohos.permission.DISTRIBUTED_DATASYNC
'
];
try
{
...
...
@@ -558,15 +568,22 @@ verifyAccessToken(tokenID: number, permissionName: Permissions): Promise<Gran
**示例:**
```
js
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
```
ts
import
abilityAccessCtrl
,
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
promise
=
atManager
.
verifyAccessToken
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
);
promise
.
then
(
data
=>
{
console
.
log
(
`promise: data->
${
JSON
.
stringify
(
data
)}
`
);
});
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionName
:
Permissions
=
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
;
try
{
atManager
.
verifyAccessToken
(
tokenID
,
permissionName
).
then
((
data
:
abilityAccessCtrl
.
GrantStatus
)
=>
{
console
.
log
(
`promise: data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`verifyAccessToken fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
console
.
log
(
`catch err->
${
JSON
.
stringify
(
err
)}
`
);
}
```
### requestPermissionsFromUser<sup>9+</sup>
...
...
@@ -600,19 +617,68 @@ requestPermissionsFromUser(context: Context, permissionList: Array<Permission
**示例:**
```
js
ArkTS语法不支持直接使用globalThis,需要通过一个单例的map来做中转。开发者需要:
a. 在EntryAbility.ets中导入构建的单例对象GlobalThis。
```
ts
import
{
GlobalThis
}
from
'
../utils/globalThis
'
;
// 需要根据globalThis.ets的路径自行适配
```
b. 在onCreate中添加:
```
ts
GlobalThis
.
getInstance
().
setContext
(
'
context
'
,
this
.
context
);
```
> **说明:**
>
> 由于在ts中引入ets文件会有告警提示,需要将EntryAbility.ts的文件后缀修改为EntryAbility.ets,并在module.json5中同步修改。
**globalThis.ets示例代码如下:**
```
ts
import
common
from
'
@ohos.app.ability.common
'
;
// 构造单例对象
export
class
GlobalThis
{
private
constructor
()
{}
private
static
instance
:
GlobalThis
;
private
_uiContexts
=
new
Map
<
string
,
common
.
UIAbilityContext
>
();
public
static
getInstance
():
GlobalThis
{
if
(
!
GlobalThis
.
instance
)
{
GlobalThis
.
instance
=
new
GlobalThis
();
}
return
GlobalThis
.
instance
;
}
getContext
(
key
:
string
):
common
.
UIAbilityContext
|
undefined
{
return
this
.
_uiContexts
.
get
(
key
);
}
setContext
(
key
:
string
,
value
:
common
.
UIAbilityContext
):
void
{
this
.
_uiContexts
.
set
(
key
,
value
);
}
// 其他需要传递的内容依此扩展
}
```
```
ts
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
import
{
BusinessError
}
from
'
@ohos.base
'
;
import
common
from
'
@ohos.app.ability.common
'
;
import
{
GlobalThis
}
from
'
../utils/globalThis
'
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
try
{
atManager
.
requestPermissionsFromUser
(
this
.
context
,
[
'
ohos.permission.CAMERA
'
],
(
err
,
data
)
=>
{
console
.
info
(
'
data:
'
+
JSON
.
stringify
(
data
));
console
.
info
(
'
data permissions:
'
+
data
.
permissions
);
console
.
info
(
'
data authResults:
'
+
data
.
authResults
);
let
context
:
common
.
UIAbilityContext
=
GlobalThis
.
getInstance
().
getContext
(
'
context
'
);
atManager
.
requestPermissionsFromUser
(
context
,
[
'
ohos.permission.CAMERA
'
],
(
err
:
BusinessError
,
data
)
=>
{
console
.
info
(
'
data:
'
+
JSON
.
stringify
(
data
));
console
.
info
(
'
data permissions:
'
+
data
.
permissions
);
console
.
info
(
'
data authResults:
'
+
data
.
authResults
);
});
}
catch
(
err
)
{
console
.
log
(
`catch err->
${
JSON
.
stringify
(
err
)}
`
);
}
```
```
### requestPermissionsFromUser<sup>9+</sup>
...
...
@@ -651,21 +717,28 @@ requestPermissionsFromUser(context: Context, permissionList: Array<Permission
**示例:**
```
js
修改EntryAbility.ets和导入GlobalThis等步骤同上,此处不再重复
```
ts
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
import
{
BusinessError
}
from
'
@ohos.base
'
;
import
common
from
'
@ohos.app.ability.common
'
;
import
{
GlobalThis
}
from
'
../utils/globalThis
'
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
try
{
atManager
.
requestPermissionsFromUser
(
this
.
context
,
[
'
ohos.permission.CAMERA
'
]).
then
((
data
)
=>
{
let
context
:
common
.
UIAbilityContext
=
GlobalThis
.
getInstance
().
getContext
(
'
context
'
);
atManager
.
requestPermissionsFromUser
(
context
,
[
'
ohos.permission.CAMERA
'
]).
then
((
data
)
=>
{
console
.
info
(
'
data:
'
+
JSON
.
stringify
(
data
));
console
.
info
(
'
data permissions:
'
+
data
.
permissions
);
console
.
info
(
'
data authResults:
'
+
data
.
authResults
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
info
(
'
data:
'
+
JSON
.
stringify
(
err
));
})
}
catch
(
err
)
{
console
.
log
(
`catch err->
${
JSON
.
stringify
(
err
)}
`
);
}
```
```
### verifyAccessToken<sup>(deprecated)</sup>
...
...
@@ -694,15 +767,21 @@ verifyAccessToken(tokenID: number, permissionName: string): Promise<GrantStat
**示例:**
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
promise
=
atManager
.
verifyAccessToken
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
);
promise
.
then
(
data
=>
{
console
.
log
(
`promise: data->
${
JSON
.
stringify
(
data
)}
`
);
});
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
try
{
atManager
.
verifyAccessToken
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
).
then
((
data
:
abilityAccessCtrl
.
GrantStatus
)
=>
{
console
.
log
(
`promise: data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`verifyAccessToken fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
console
.
log
(
`catch err->
${
JSON
.
stringify
(
err
)}
`
);
}
```
### checkAccessTokenSync<sup>10+</sup>
...
...
@@ -736,10 +815,13 @@ checkAccessTokenSync(tokenID: number, permissionName: Permissions): GrantStatus;
**示例:**
```
js
let
atManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
data
=
atManager
.
checkAccessTokenSync
(
tokenID
,
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
);
```
ts
import
abilityAccessCtrl
,
{
Permissions
}
from
'
@ohos.abilityAccessCtrl
'
;
let
atManager
:
abilityAccessCtrl
.
AtManager
=
abilityAccessCtrl
.
createAtManager
();
let
tokenID
:
number
=
0
;
// 系统应用可以通过bundleManager.getApplicationInfo获取,普通应用可以通过bundleManager.getBundleInfoForSelf获取
let
permissionName
:
Permissions
=
'
ohos.permission.GRANT_SENSITIVE_PERMISSIONS
'
;
let
data
:
abilityAccessCtrl
.
GrantStatus
=
atManager
.
checkAccessTokenSync
(
tokenID
,
permissionName
);
console
.
log
(
`data->
${
JSON
.
stringify
(
data
)}
`
);
```
...
...
This diff is collapsed.
Click to expand it.
zh-cn/application-dev/reference/apis/js-apis-privacyManager.md
浏览文件 @
c30f0409
...
...
@@ -8,7 +8,7 @@
## 导入模块
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
```
...
...
@@ -53,14 +53,15 @@ addPermissionUsedRecord(tokenID: number, permissionName: Permissions, successCou
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
addPermissionUsedRecord
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
1
,
0
).
then
(()
=>
{
console
.
log
(
'
addPermissionUsedRecord success
'
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`addPermissionUsedRecord fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -103,12 +104,13 @@ addPermissionUsedRecord(tokenID: number, permissionName: Permissions, successCou
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
addPermissionUsedRecord
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
1
,
0
,
(
err
,
data
)
=>
{
privacyManager
.
addPermissionUsedRecord
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
1
,
0
,
(
err
:
BusinessError
,
data
:
void
)
=>
{
if
(
err
)
{
console
.
log
(
`addPermissionUsedRecord fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -156,10 +158,11 @@ getPermissionUsedRecord(request: PermissionUsedRequest): Promise<PermissionUs
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
request
=
{
let
request
:
privacyManager
.
PermissionUsedRequest
=
{
'
tokenId
'
:
1
,
'
isRemote
'
:
false
,
'
deviceId
'
:
'
device
'
,
...
...
@@ -172,7 +175,7 @@ let request = {
try
{
privacyManager
.
getPermissionUsedRecord
(
request
).
then
((
data
)
=>
{
console
.
log
(
`getPermissionUsedRecord success, data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`getPermissionUsedRecord fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -211,10 +214,11 @@ getPermissionUsedRecord(request: PermissionUsedRequest, callback: AsyncCallback&
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
request
=
{
let
request
:
privacyManager
.
PermissionUsedRequest
=
{
'
tokenId
'
:
1
,
'
isRemote
'
:
false
,
'
deviceId
'
:
'
device
'
,
...
...
@@ -225,7 +229,7 @@ let request = {
'
flag
'
:
privacyManager
.
PermissionUsageFlag
.
FLAG_PERMISSION_USAGE_DETAIL
,
};
try
{
privacyManager
.
getPermissionUsedRecord
(
request
,
(
err
,
data
)
=>
{
privacyManager
.
getPermissionUsedRecord
(
request
,
(
err
:
BusinessError
,
data
:
privacyManager
.
PermissionUsedResponse
)
=>
{
if
(
err
)
{
console
.
log
(
`getPermissionUsedRecord fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -275,14 +279,15 @@ startUsingPermission(tokenID: number, permissionName: Permissions): Promise<v
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
startUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
).
then
(()
=>
{
console
.
log
(
'
startUsingPermission success
'
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`startUsingPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -323,12 +328,13 @@ startUsingPermission(tokenID: number, permissionName: Permissions, callback: Asy
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
startUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
(
err
,
data
)
=>
{
privacyManager
.
startUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
(
err
:
BusinessError
,
data
:
void
)
=>
{
if
(
err
)
{
console
.
log
(
`startUsingPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -378,14 +384,15 @@ stopUsingPermission(tokenID: number, permissionName: Permissions): Promise<vo
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
stopUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
).
then
(()
=>
{
console
.
log
(
'
stopUsingPermission success
'
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`stopUsingPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -426,12 +433,13 @@ stopUsingPermission(tokenID: number, permissionName: Permissions, callback: Asyn
**示例:**
```
j
s
```
t
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
tokenID
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
let
tokenID
:
number
=
0
;
// 可以通过getApplicationInfo获取accessTokenId
try
{
privacyManager
.
stopUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
(
err
,
data
)
=>
{
privacyManager
.
stopUsingPermission
(
tokenID
,
'
ohos.permission.PERMISSION_USED_STATS
'
,
(
err
:
BusinessError
,
data
:
void
)
=>
{
if
(
err
)
{
console
.
log
(
`stopUsingPermission fail, err->
${
JSON
.
stringify
(
err
)}
`
);
}
else
{
...
...
@@ -479,12 +487,13 @@ on(type: 'activeStateChange', permissionList: Array<Permissions>, callback
**示例:**
```
js
import
privacyManager
from
'
@ohos.privacyManager
'
;
```
ts
import
privacyManager
,
{
Permissions
}
from
'
@ohos.privacyManager
'
;
import
{
BusinessError
}
from
'
@ohos.base
'
;
let
permissionList
=
[];
let
permissionList
:
Array
<
Permissions
>
=
[];
try
{
privacyManager
.
on
(
'
activeStateChange
'
,
permissionList
,
(
data
)
=>
{
privacyManager
.
on
(
'
activeStateChange
'
,
permissionList
,
(
data
:
privacyManager
.
ActiveChangeResponse
)
=>
{
console
.
debug
(
'
receive permission state change, data:
'
+
JSON
.
stringify
(
data
));
});
}
catch
(
err
)
{
...
...
@@ -525,10 +534,10 @@ off(type: 'activeStateChange', permissionList: Array<Permissions>, callbac
**示例:**
```
j
s
import
privacyManager
from
'
@ohos.privacyManager
'
;
```
t
s
import
privacyManager
,
{
Permissions
}
from
'
@ohos.privacyManager
'
;
let
permissionList
=
[];
let
permissionList
:
Array
<
Permissions
>
=
[];
try
{
privacyManager
.
off
(
'
activeStateChange
'
,
permissionList
);
}
catch
(
err
)
{
...
...
This diff is collapsed.
Click to expand it.
zh-cn/application-dev/security/permission-verify-guidelines.md
浏览文件 @
c30f0409
...
...
@@ -27,19 +27,20 @@ checkAccessToken(tokenID: number, permissionName: Permissions): Promise<Grant
3.
使用checkAccessToken接口对当前调用者进行权限校验。
4.
根据权限校验结果采取对应的措施。
```
j
s
```
t
s
import
abilityAccessCtrl
from
'
@ohos.abilityAccessCtrl
'
import
{
BusinessError
}
from
'
@ohos.base
'
;
import
rpc
from
'
@ohos.rpc
'
class
Stub
extends
rpc
.
RemoteObject
{
onRemote
Request
(
code
,
data
,
reply
,
o
ption
)
{
let
callerTokenId
=
rpc
.
IPCSkeleton
.
getCallingTokenId
();
onRemote
MessageRequest
(
code
:
number
,
data
:
rpc
.
MessageSequence
,
reply
:
rpc
.
MessageSequence
,
option
:
rpc
.
MessageO
ption
)
{
let
callerTokenId
:
number
=
rpc
.
IPCSkeleton
.
getCallingTokenId
();
console
.
log
(
"
RpcServer: getCallingTokenId result:
"
+
callerTokenId
);
var
a
tManager
=
abilityAccessCtrl
.
createAtManager
();
let
atManager
:
abilityAccessCtrl
.
A
tManager
=
abilityAccessCtrl
.
createAtManager
();
try
{
atManager
.
checkAccessToken
(
callerTokenId
,
"
ohos.permission.ACCELEROMETER
"
).
then
((
data
)
=>
{
atManager
.
checkAccessToken
(
callerTokenId
,
"
ohos.permission.ACCELEROMETER
"
).
then
((
data
:
abilityAccessCtrl
.
GrantStatus
)
=>
{
console
.
log
(
`checkAccessToken success, data->
${
JSON
.
stringify
(
data
)}
`
);
}).
catch
((
err
)
=>
{
}).
catch
((
err
:
BusinessError
)
=>
{
console
.
log
(
`checkAccessToken fail, err->
${
JSON
.
stringify
(
err
)}
`
);
});
}
catch
(
err
)
{
...
...
@@ -48,5 +49,4 @@ checkAccessToken(tokenID: number, permissionName: Permissions): Promise<Grant
return
true
;
}
}
```
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
新手
引导
客服
返回
顶部