diff --git a/en/application-dev/reference/apis/Readme-EN.md b/en/application-dev/reference/apis/Readme-EN.md index 16ca26e360b85d5f7b1e73b91882c1f839fecd04..d4984c913c6513270302417d873cf25d8ba2e60e 100644 --- a/en/application-dev/reference/apis/Readme-EN.md +++ b/en/application-dev/reference/apis/Readme-EN.md @@ -237,7 +237,7 @@ - [@ohos.file.environment (Directory Environment Capability)](js-apis-file-environment.md) - [@ohos.file.fileAccess (User File Access and Management)](js-apis-fileAccess.md) - [@ohos.file.fileExtensionInfo (User File Extension Information)](js-apis-fileExtensionInfo.md) - - [@ohos.file.fileUri (File URI)](js-apis-file-fileUri.md) + - [@ohos.file.fileuri (File URI)](js-apis-file-fileuri.md) - [@ohos.file.fs (File Management)](js-apis-file-fs.md) - [@ohos.file.hash (File Hash Processing)](js-apis-file-hash.md) - [@ohos.file.picker (File Picker)](js-apis-file-picker.md) diff --git a/en/application-dev/reference/apis/js-apis-file-fileUri.md b/en/application-dev/reference/apis/js-apis-file-fileuri.md similarity index 100% rename from en/application-dev/reference/apis/js-apis-file-fileUri.md rename to en/application-dev/reference/apis/js-apis-file-fileuri.md diff --git a/en/application-dev/reference/apis/js-apis-uripermissionmanager.md b/en/application-dev/reference/apis/js-apis-uripermissionmanager.md new file mode 100644 index 0000000000000000000000000000000000000000..638fe99e48efc36559d81b9b53b16293500c64c3 --- /dev/null +++ b/en/application-dev/reference/apis/js-apis-uripermissionmanager.md @@ -0,0 +1,143 @@ +# @ohos.application.uriPermissionManager (URI Permission Management) +> **NOTE** +> +> The initial APIs of this module are supported since API version 10. Newly added APIs will be marked with a superscript to indicate their earliest API version. + + +The **uriPermissionManager** module provides APIs for granting permissions on a file to or revoking the granted permission from an application. The file is identified by a uniform resource identifier (URI). + + +## Modules to Import + + +```js +import UriPermissionManager from '@ohos.application.uriPermissionManager'; +``` + + +## uriPermissionManager.grantUriPermission + +grantUriPermission(uri: string, flag: wantConstant.Flags, accessTokenId: number, callback: AsyncCallback<number>): void + +Grants permission on the file of the specified URI to an application. This API uses an asynchronous callback to return the result. + +**System capability**: SystemCapability.Ability.AbilityRuntime.Core + +**Parameters** + + | Name| Type| Mandatory| Description| + | -------- | -------- | -------- | -------- | + | uri | string | Yes| URI of the file, for example, **fileshare:///com.samples.filesharetest.FileShare/person/10**.| + | flag | [wantConstant.Flags](js-apis-ability-wantConstant.md#wantconstantflags) | Yes| Read or write permission on the file to grant.| + | targetBundleName | string | Yes| Bundle name of the application, to which the permission is granted.| + | callback | AsyncCallback<number> | Yes| Callback invoked to return the result. If the operation is successful, **0** is returned; otherwise, **-1** is returned.| + +**Example** + + ```js + import WantConstant from '@ohos.ability.wantConstant'; + let targetBundleName = 'com.example.test_case1' + let uri = "fileshare:///com.samples.filesharetest.FileShare/person/10" + uriPermissionManager.grantUriPermission(uri, WantConstant.Flags.FLAG_AUTH_READ_URI_PERMISSION, targetBundleName, (result) => { + console.log("result.code = " + result.code) + }) + ``` + + +## uriPermissionManager.grantUriPermission + +grantUriPermission(uri: string, flag: wantConstant.Flags, accessTokenId: number): Promise<number> + +Grants permission on the file of the specified URI to an application. This API uses a promise to return the result. + +**System capability**: SystemCapability.Ability.AbilityRuntime.Core + +**Parameters** + + | Name| Type| Mandatory| Description| + | -------- | -------- | -------- | -------- | + | uri | string | Yes| URI of the file, for example, **fileshare:///com.samples.filesharetest.FileShare/person/10**.| + | flag | [wantConstant.Flags](js-apis-ability-wantConstant.md#wantconstantflags) | Yes| Read or write permission on the file to grant.| + | targetBundleName | string | Yes| Bundle name of the application, to which the permission is granted.| + +**Return value** + + | Type| Description| + | -------- | -------- | + | Promise<number> | Promise used to return the result. If the operation is successful, **0** is returned; otherwise, **-1** is returned.| + +**Example** + + ```js + import WantConstant from '@ohos.ability.wantConstant'; + let targetBundleName = 'com.example.test_case1' + let uri = "fileshare:///com.samples.filesharetest.FileShare/person/10" + uriPermissionManager.grantUriPermission(uri, wantConstant.Flags.FLAG_AUTH_READ_URI_PERMISSION, targetBundleName) + .then((data) => { + console.log('Verification succeeded.' + data) + }).catch((error) => { + console.log('Verification failed.'); + }) + ``` +## uriPermissionManager.revokeUriPermission + +revokeUriPermission(uri: string, accessTokenId: number, callback: AsyncCallback<number>): void + +Revokes the permission on the file of the specified URI from an application. This API uses an asynchronous callback to return the result. + +**System capability**: SystemCapability.Ability.AbilityRuntime.Core + +**Parameters** + + | Name| Type| Mandatory| Description| + | -------- | -------- | -------- | -------- | + | uri | string | Yes| URI of the file, for example, **fileshare:///com.samples.filesharetest.FileShare/person/10**.| + | targetBundleName | string | Yes| Bundle name of the application, from which the permission is revoked.| + | callback | AsyncCallback<number> | Yes| Callback invoked to return the result. If the operation is successful, **0** is returned; otherwise, **-1** is returned.| + +**Example** + + ```js + import WantConstant from '@ohos.ability.wantConstant'; + let targetBundleName = 'com.example.test_case1' + let URI = "fileshare:///com.samples.filesharetest.FileShare/person/10" + uriPermissionManager.revokeUriPermission(uri, targetBundleName, (result) => { + console.log("result.code = " + result.code) + }) + ``` + + +## uriPermissionManager.revokeUriPermission + +revokeUriPermission(uri: string, flag: wantConstant.Flags, accessTokenId: number): Promise<number> + +Revokes the permission on the file of the specified URI from an application. This API uses a promise to return the result. + +**System capability**: SystemCapability.Ability.AbilityRuntime.Core + +**Parameters** + + | Name| Type| Mandatory| Description| + | -------- | -------- | -------- | -------- | + | uri | string | Yes| URI of the file, for example, **fileshare:///com.samples.filesharetest.FileShare/person/10**.| + | targetBundleName | string | Yes| Bundle name of the application, from which the permission is revoked.| + +**Return value** + + | Type| Description| + | -------- | -------- | + | Promise<number> | Promise used to return the result. If the operation is successful, **0** is returned; otherwise, **-1** is returned.| + +**Example** + + ```js + import WantConstant from '@ohos.ability.wantConstant'; + let targetBundleName = 'com.example.test_case1' + let uri = "fileshare:///com.samples.filesharetest.FileShare/person/10" + uriPermissionManager.revokeUriPermission(uri, targetBundleName) + .then((data) => { + console.log('Verification succeeded.' + data) + }).catch((error) => { + console.log('Verification failed.'); + }) + ``` diff --git a/en/application-dev/security/permission-list.md b/en/application-dev/security/permission-list.md index fc3d8593e3bfcf75888d985d69c556db2dbe15b4..f598c23376424ab5dbcb99e99691584ce444dc7d 100644 --- a/en/application-dev/security/permission-list.md +++ b/en/application-dev/security/permission-list.md @@ -436,7 +436,7 @@ Allows an application to obtain the sensitive permissions that have been granted ## ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION -Allows an application to set attributes for the applications of other users. +Allows an application to set the attributes of applications of other users. **Permission level**: system_core @@ -496,7 +496,7 @@ Allows an application to read data from a gyroscope sensor or uncalibrated gyros ## ohos.permission.INSTALL_BUNDLE -Allows an application to install and uninstall other applications. +Allows an application to install and uninstall other applications (except enterprise InHouse applications). **Permission level**: system_core @@ -974,6 +974,26 @@ Allows the device administrator to set bundle installation policies. **Enable via ACL**: TRUE +## ohos.permission.ENTERPRISE_SET_NETWORK + +Allows the device administrator application to set network information. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.ENTERPRISE_MANAGE_SET_APP_RUNNING_POLICY + +Allows the device administrator application to set application running policies. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + ## ohos.permission.NFC_TAG Allows an application to read NFC tag information. @@ -1146,7 +1166,7 @@ Allows an application to add, remove, and modify call logs. ## ohos.permission.WRITE_CONTACTS -Allows an application to add, remove, and modify contacts. +Allows an application to add, remove, and modify Contacts. **Permission level**: system_basic @@ -1500,7 +1520,7 @@ Allows an application to manage private credentials and query certificate status ## ohos.permission.ACCESS_PUSH_SERVICE -Allows an application to to access the Ability of the push service. +Allows an application to access the Ability of the push service. **Permission level**: system_basic @@ -1628,6 +1648,26 @@ Allows an application to have backup and restore capabilities. **Enable via ACL**: TRUE +## ohos.permission.CLOUDFILE_SYNC_MANAGER + +Allows an application to obtain the device-cloud synchronization management capability. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.CLOUDFILE_SYNC + +Allows an application to perform device-cloud synchronization. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + ## ohos.permission.FILE_ACCESS_MANAGER Allows a file management application to access user data files through the FAF. @@ -1640,7 +1680,7 @@ Allows a file management application to access user data files through the FAF. ## ohos.permission.MANAGE_AUDIO_CONFIG -Allows an application to to mute microphones globally. +Allows an application to mute microphones globally. **Permission level**: system_basic @@ -1757,3 +1797,83 @@ Allows an application to use ultrasonic sensing. **Authorization mode**: system_grant **Enable ACL**: FALSE + +## ohos.permission.INSTALL_ENTERPRISE_BUNDLE + +Allows an application to install and uninstall enterprise InHouse applications. + +**Permission level**: system_core + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.PROXY_AUTHORIZATION_URI + +Allows the application proxy to authorize the URI. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable ACL**: FALSE + +## ohos.permission.GET_INSTALLED_BUNDLE_LIST + +Allows an application to obtain the list of installed applications. + +**Permission level**: system_basic + +**Authorization mode**: user_grant + +**Enable via ACL**: TRUE + +## ohos.permission.MANAGE_DISTRIBUTED_ACCOUNTS + +Allows an application to manage distributed account information. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.GET_DISTRIBUTED_ACCOUNTS + +Allows an application to obtain distributed account information. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.GET_LOCAL_ACCOUNTS + +Allows an application to obtain local account information. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.READ_HIVIEW_SYSTEM + +Allows an application to access HiView data. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE + +## ohos.permission.WRITE_HIVIEW_SYSTEM + +Allows an application to modify HiView data. + +**Permission level**: system_basic + +**Authorization mode**: system_grant + +**Enable via ACL**: TRUE