Intermediate: Integration of Security Permission in Harmony OS App
Overview
In this article, I will create a demo app along with the integration of Security Permission which is based on Harmony OS. I will provide the use case of dynamic permission in Harmony OS based on application.
Harmony OS Security Introduction
Harmony OS based Application needs to access data of the system or other applications or calls a system capability to implement specific functions such as making phone calls, the system and the related applications should provide the required interfaces. To ensure security, the application permission mechanism is used to impose restrictions on these interfaces.
The mechanism involves multiple steps, including naming and grouping of permissions, definition of the permission scope, granting of authorized applications, and user participation and experience. The application permission management module manages the related parties from interface provider (access object) to interface user (access subject), system (on both the cloud and device sides), and users, of entire process. This ensures that restricted interfaces are properly used based on specified rules, effectively protecting users, applications, and devices against loss caused by inappropriate interface use.
API Overview
1. int verifyPermission(String permissionName, int pid, int uid): Checks whether a specified permission has been granted to an application with a given PID and UID.
Input parameters: permissionName, pid, and uid
Output parameters: none
Return value: IBundleManager.PERMISSION_DENIED or IBundleManager.PERMISSION_GRANTED
2. int verifyCallingPermission(String permissionName): Checks whether a specified permission has been granted to the process of the Inter-Process Communication (IPC) caller.
Input parameter: permissionName
Output parameters: none
Return value: IBundleManager.PERMISSION_DENIED or IBundleManager.PERMISSION_GRANTED
3. int verifySelfPermission(String permissionName): Checks whether a specified permission has been granted to this process.
Input parameter: permissionName
Output parameters: none
Return value: IBundleManager.PERMISSION_DENIED or IBundleManager.PERMISSION_GRANTED
4. int verifyCallingOrSelfPermission(String permissionName): Checks whether a specified permission has been granted to a remote process (if any) or this process.
Input parameter: permissionName
Output parameters: none
Return value: IBundleManager.PERMISSION_DENIED or IBundleManager.PERMISSION_GRANTED
5. boolean canRequestPermission(String permissionName): Checks whether a dialog box can be displayed for granting a specified permission.
Input parameter: permissionName
Output parameters: none
Return value: true indicates that a dialog box can be displayed; false indicates that a dialog box cannot be displayed.
6. void requestPermissionsFromUser (String[] permissions, int requestCode): Requests permissions from the system permission management module. You can request multiple permissions at a time. However, you are not advised to do so unless multiple sensitive permissions are needed in subsequent operations, because dialog boxes for different permissions are displayed one by one, which is time-consuming.
Input parameters: permissions (list of the permissions to be requested) and requestCode (code in the response to the permission request).
Output parameters: none
Returned value: none
7. void onRequestPermissionsFromUserResult (int requestCode, String[] permissions, int[] grantResults): Called when the requestPermissionsFromUser method is called.
Input parameters: requestCode (passed to requestPermission), permissions (names of the requested permissions), and grantResults (result of the permission request)
Output parameters: none
Returned value: none.
Prerequisite
- Harmony OS phone.
- Java JDK.
- DevEco Studio.
App Development
- Create a New Harmony OS Project.
2. Configure Project config.json.
3. Configure Project Gradle.
4. Configure App Gradle.
5. Create Ability class with XML UI.
MainAbilitySlice.java:
This ability performs all the operation of dynamic Permission.
MainAbility.java:
ability_main.xml:
App Build Result
Tips and Tricks
- An application can be configured and requested with a maximum of 1024 custom permissions.
- To avoid conflicts with system permissions, a custom permission name defined by an application cannot start with ohos and its length cannot exceed 256 characters.
- The grant mode of a custom permission cannot be user_grant.
- The permission restriction scope for a custom permission cannot be restricted.
Conclusion
In this article, we have learned how to implement Permission in Harmony OS application. In this application, I have explained that how user can provide secure and robustness application by Huawei Harmony OS.
Thanks for reading this article. Be sure to like and comments to this article, if you found it helpful. It means a lot to me.
References
