diff --git a/en/application-dev/reference/apis/js-apis-abilityAccessCtrl.md b/en/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
index 003a5efd92057dc7127b74aa35553f3220bd890e..733fee0c5671f9e100191f8b23a54fd7b5edec67 100644
--- a/en/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
+++ b/en/application-dev/reference/apis/js-apis-abilityAccessCtrl.md
@@ -25,7 +25,7 @@ Creates an **AtManager** instance, which is used for ability access control.
| Type| Description|
| -------- | -------- |
-| [AtManager](#atmanager) | **AtManager** instance obtained.|
+| [AtManager](#atmanager) | **AtManager** instance created.|
**Example**
@@ -37,9 +37,9 @@ var AtManager = abilityAccessCtrl.createAtManager();
Implements ability access control.
-### verifyAccessToken
+### checkAccessToken9+
-verifyAccessToken(tokenID: number, permissionName: string): Promise<GrantStatus>
+checkAccessToken(tokenID: number, permissionName: string): Promise<GrantStatus>
Checks whether an application has been granted the specified permission. This API uses a promise to return the result.
@@ -49,24 +49,31 @@ Checks whether an application has been granted the specified permission. This AP
| Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ |
-| tokenID | number | Yes | ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to verify.|
**Return value**
| Type | Description |
| :------------ | :---------------------------------- |
-| Promise<GrantStatus> | Promise instance used to return the result.|
+| Promise<GrantStatus> | Promise used to return the permission grant state.|
**Example**
```js
-var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
-let promise = AtManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
-promise.then(data => {
- console.log(`promise: data->${JSON.stringify(data)}`);
-});
+import privacyManager from '@ohos.abilityAccessCtrl';
+
+let AtManager = abilityAccessCtrl.createAtManager();
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
+try {
+ AtManager.checkAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => {
+ console.log(`checkAccessToken success, data->${JSON.stringify(data)}`);
+ }).catch((err) => {
+ console.log(`checkAccessToken fail, err->${JSON.stringify(err)}`);
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
```
### verifyAccessTokenSync9+
@@ -81,7 +88,7 @@ Checks whether an application has been granted the specified permission. This AP
| Name | Type | Mandatory| Description |
| -------- | ------------------- | ---- | ------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. |
| permissionName | string | Yes | Name of the permission to verify.|
**Return value**
@@ -95,13 +102,13 @@ Checks whether an application has been granted the specified permission. This AP
```js
var AtManager = abilityAccessCtrl.createAtManager();
let tokenID = 0;
-let data = verifyAccessTokenSync(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+let data = AtManager.verifyAccessTokenSync(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
console.log(`data->${JSON.stringify(data)}`);
```
### grantUserGrantedPermission
-grantUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number): Promise<number>
+grantUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number): Promise<void>
Grants a user granted permission to an application. This API uses a promise to return the result.
@@ -115,31 +122,38 @@ This is a system API.
| Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to grant.|
-| permissionFlag | number | Yes | Permission flag. The value **1** means that a dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
+| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
**Return value**
| Type | Description |
| :------------ | :---------------------------------- |
-| Promise<number> | Promise instance used to return the result.|
+| Promise<void> | Promise that returns no value.|
**Example**
```js
-var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
+import privacyManager from '@ohos.abilityAccessCtrl';
+
+let AtManager = abilityAccessCtrl.createAtManager();
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
let permissionFlag = 1;
-let promise = AtManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag);
-promise.then(data => {
- console.log(`promise: data->${JSON.stringify(data)}`);
-});
+try {
+ AtManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => {
+ console.log('grantUserGrantedPermission success');
+ }).catch((err) => {
+ console.log(`grantUserGrantedPermission fail, err->${JSON.stringify(err)}`);
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
```
### grantUserGrantedPermission
-grantUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number, callback: AsyncCallback<number>): void
+grantUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number, callback: AsyncCallback<void>): void
Grants a user granted permission to an application. This API uses an asynchronous callback to return the result.
@@ -153,29 +167,35 @@ This is a system API.
| Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to grant.|
-| permissionFlag | number | Yes | Permission flag. The value **1** means that a dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
-| callback | AsyncCallback<number> | Yes| Callback used to return the result.|
+| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
+| callback | AsyncCallback<void> | Yes| Callback used to return the result.|
**Example**
```js
+import privacyManager from '@ohos.abilityAccessCtrl';
+
var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
let permissionFlag = 1;
-AtManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => {
- if (err) {
- console.log(`callback: err->${JSON.stringify(err)}`);
- } else {
- console.log(`callback: data->${JSON.stringify(data)}`);
- }
-});
+try {
+ AtManager.grantUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (data, err) => {
+ if (err) {
+ console.log(`grantUserGrantedPermission fail, err->${JSON.stringify(err)}`);
+ } else {
+ console.log('grantUserGrantedPermission success');
+ }
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
```
### revokeUserGrantedPermission
-revokeUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number): Promise<number>
+revokeUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number): Promise<void>
Revokes a user granted permission given to an application. This API uses a promise to return the result.
@@ -189,31 +209,38 @@ This is a system API.
| Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to revoke.|
-| permissionFlag | number | Yes | Permission flag. The value **1** means that a dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
+| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
**Return value**
| Type | Description |
| :------------ | :---------------------------------- |
-| Promise<number> | Promise instance used to return the result.|
+| Promise<void> | Promise that returns no value.|
**Example**
```js
-var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
+import privacyManager from '@ohos.abilityAccessCtrl';
+
+let AtManager = abilityAccessCtrl.createAtManager();
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
let permissionFlag = 1;
-let promise = AtManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag);
-promise.then(data => {
- console.log(`promise: data->${JSON.stringify(data)}`);
-});
+try {
+ AtManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag).then(() => {
+ console.log('revokeUserGrantedPermission success');
+ }).catch((err) => {
+ console.log(`revokeUserGrantedPermission fail, err->${JSON.stringify(err)}`);
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
```
### revokeUserGrantedPermission
-revokeUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number, callback: AsyncCallback<number>): void
+revokeUserGrantedPermission(tokenID: number, permissionName: string, permissionFlag: number, callback: AsyncCallback<void>): void
Revokes a user granted permission given to an application. This API uses an asynchronous callback to return the result.
@@ -227,24 +254,30 @@ This is a system API.
| Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to revoke.|
-| permissionFlag | number | Yes | Permission flag. The value **1** means that a dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
-| callback | AsyncCallback<number> | Yes| Callback used to return the result.|
+| permissionFlag | number | Yes | Permission flag. The value **1** means that the permission request dialog box will still be displayed after the user grants or denies the permission. The value **2** means that no dialog box will be displayed after the user grants or denies the permission. The value **3** means a system permission that cannot be changed. |
+| callback | AsyncCallback<void> | Yes| Callback used to return the result.|
**Example**
```js
+import privacyManager from '@ohos.abilityAccessCtrl';
+
var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
let permissionFlag = 1;
-AtManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (err, data) => {
- if (err) {
- console.log(`callback: err->${JSON.stringify(err)}`);
- } else {
- console.log(`callback: data->${JSON.stringify(data)}`);
- }
-});
+try {
+ AtManager.revokeUserGrantedPermission(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", permissionFlag, (data, err) => {
+ if (err) {
+ console.log(`revokeUserGrantedPermission fail, err->${JSON.stringify(err)}`);
+ } else {
+ console.log('revokeUserGrantedPermission success');
+ }
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
```
### getPermissionFlags
@@ -263,21 +296,167 @@ This is a system API.
| Name | Type | Mandatory| Description |
| --------- | ------------------- | ---- | ------------------------------------------------------------ |
-| tokenID | number | Yes | ID of the application. |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
| permissionName | string | Yes | Name of the permission to query.|
**Return value**
| Type | Description |
| :------------ | :---------------------------------- |
-| Promise<number> | Promise instance used to return the result.|
+| Promise<number> | Promise used to return the result.|
+
+**Example**
+
+```js
+import privacyManager from '@ohos.abilityAccessCtrl';
+
+let AtManager = abilityAccessCtrl.createAtManager();
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
+let permissionFlag = 1;
+try {
+ AtManager.getPermissionFlags(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS").then((data) => {
+ console.log(`getPermissionFlags success, data->${JSON.stringify(data)}`);
+ }).catch((err) = > {
+ console.log(`getPermissionFlags fail, err->${JSON.stringify(err)}`);
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
+```
+
+### getVersion9+
+
+getVersion(): Promise<number>
+
+Obtains the data version of the current permission management. This API uses a promise to return the result.
+
+This is a system API.
+
+**System capability**: SystemCapability.Security.AccessToken
+
+**Return value**
+
+| Type | Description |
+| :------------ | :---------------------------------- |
+| Promise<number> | Promise used to return the version.|
**Example**
```js
var AtManager = abilityAccessCtrl.createAtManager();
-let tokenID = 0;
-let promise = AtManager.getPermissionFlags(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
+let promise = AtManager.getVersion();
+promise.then(data => {
+ console.log(`promise: data->${JSON.stringify(data)}`);
+});
+```
+
+### on9+
+
+on(type: 'permissionStateChange', tokenIDList: Array<number>, permissionNameList: Array<string>, callback: Callback<PermissionStateChangeInfo>): void;
+
+Subscribes to permission grant state change events of a specified token ID list and permission list. This API uses an asynchronous callback to return the result.
+
+This is a system API.
+
+**Required permissions**: ohos.permission.GET_SENSITIVE_PERMISSIONS
+
+**System capability**: SystemCapability.Security.AccessToken
+
+**Parameters**
+
+| Name | Type | Mandatory| Description |
+| ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
+| type | string | Yes | Event type. The value is fixed at **'permissionStateChange'**, indicating the permission grant state change event. |
+| tokenIDList | Array<number> | No | List of token IDs. If this parameter is left empty, the permission grant state changes of all applications are subscribed to. |
+| permissionNameList | Array<string> | No | List of permission names. If this parameter is left empty, the permission grant state changes of all permissions are subscribed to. |
+| callback | Callback<[PermissionStateChangeInfo](#permissionstatechangeinfo9)> | Yes| Callback used to return the permission grant state change information.|
+
+**Example**
+
+```js
+import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
+
+let atManager = abilityAccessCtrl.createAtManager();
+let tokenIDList: Array = [];
+let permissionNameList: Array = [];
+try {
+ atManager.on('permissionStateChange', tokenIDList, permissionNameList, (data) => {
+ console.debug("receive permission state change, data:" + JSON.stringify(data));
+ });
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
+```
+
+### off9+
+
+off(type: 'permissionStateChange', tokenIDList: Array<number>, permissionNameList: Array<string>, callback?: Callback<PermissionStateChangeInfo>): void;
+
+Unsubscribes from permission grant state change events of a specified token ID list and permission list. This API uses an asynchronous callback to return the result.
+
+This is a system API.
+
+**Required permissions**: ohos.permission.GET_SENSITIVE_PERMISSIONS
+
+**System capability**: SystemCapability.Security.AccessToken
+
+**Parameters**
+
+| Name | Type | Mandatory| Description |
+| ------------------ | --------------------- | ---- | ------------------------------------------------------------ |
+| type | string | Yes | Event type. The value is fixed at **'permissionStateChange'**, indicating the permission grant state change event. |
+| tokenIDList | Array<number> | No | List of token IDs. If this parameter is left empty, the permission grant state changes of all applications are unsubscribed from. The value must be the same as that passed in **on()**.|
+| permissionNameList | Array<string> | No | List of permission names. If this parameter is left empty, the permission grant state changes of all permissions are unsubscribed from. The value must be the same as that passed in **on()**.|
+| callback | Callback<[PermissionStateChangeInfo](#permissionstatechangeinfo9)> | No| Callback used to return the permission grant state change information.|
+
+**Example**
+
+```js
+import abilityAccessCtrl from '@ohos.abilityAccessCtrl';
+
+let atManager = abilityAccessCtrl.createAtManager();
+let tokenIDList: Array = [];
+let permissionNameList: Array = [];
+try {
+ atManager.off('permissionStateChange', tokenIDList, permissionNameList);
+} catch(err) {
+ console.log(`catch err->${JSON.stringify(err)}`);
+}
+```
+
+### verifyAccessToken(deprecated)
+
+verifyAccessToken(tokenID: number, permissionName: string): Promise<GrantStatus>
+
+Checks whether an application has been granted the specified permission. This API uses a promise to return the result.
+
+> **NOTE**
+>
+> This API is deprecated since API version 9. You are advised to use [checkAccessToken](#checkaccesstoken9) instead.
+
+**System capability**: SystemCapability.Security.AccessToken
+
+**Parameters**
+
+| Name | Type | Mandatory| Description |
+| -------- | ------------------- | ---- | ------------------------------------------ |
+| tokenID | number | Yes | Token ID of the application. The value can be obtained from [ApplicationInfo](js-apis-bundle-ApplicationInfo.md). |
+| permissionName | string | Yes | Name of the permission to verify.|
+
+**Return value**
+
+| Type | Description |
+| :------------ | :---------------------------------- |
+| Promise<GrantStatus> | Promise used to return the permission grant state.|
+
+**Example**
+
+```js
+import privacyManager from '@ohos.abilityAccessCtrl';
+
+var AtManager = abilityAccessCtrl.createAtManager();
+let tokenID = 0; // You can use getApplicationInfo to obtain the access token ID.
+let promise = AtManager.verifyAccessToken(tokenID, "ohos.permission.GRANT_SENSITIVE_PERMISSIONS");
promise.then(data => {
console.log(`promise: data->${JSON.stringify(data)}`);
});
@@ -289,7 +468,34 @@ Enumerates the permission grant states.
**System capability**: SystemCapability.Security.AccessToken
-| Name | Default Value | Description |
-| ----------------------------- | ---------------------- | ----------------------- |
-| PERMISSION_DENIED | -1 | Permission denied. |
-| PERMISSION_GRANTED | 0 | Permission granted. |
+| Name | Default Value| Description |
+| ------------------ | ----- | ----------- |
+| PERMISSION_DENIED | -1 | Permission denied.|
+| PERMISSION_GRANTED | 0 | Permission granted.|
+
+### PermissionStateChangeType9+
+
+Enumerates the operations that trigger permission grant state changes.
+
+**System API**: This is a system API.
+
+**System capability**: SystemCapability.Security.AccessToken
+
+| Name | Default Value| Description |
+| ----------------------- | ------ | ----------------- |
+| PERMISSION_REVOKED_OPER | 0 | Operation to revoke the permission.|
+| PERMISSION_GRANTED_OPER | 1 | Operation to grant the permission.|
+
+### PermissionStateChangeInfo9+
+
+Defines the detailed permission grant state change information.
+
+**System API**: This is a system API.
+
+ **System capability**: SystemCapability.Security.AccessToken
+
+| Name | Type | Readable| Writable| Description |
+| -------------- | ------------------------- | ---- | ---- | ------------------ |
+| change | [PermissionStateChangeType](#permissionstatechangetype9) | Yes | No | Operation that triggers the permission grant state change. |
+| tokenID | number | Yes | No | Token ID of the application whose permission grant state changes are subscribed.|
+| permissionName | string | Yes | No | Name of the permission whose grant state is changed.|