| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
feat: use caller identity for skill target permission verification When launching target ServiceExtension or UIAbility through skill execution, use the real caller's tokenId for permission verification instead of aimgr's SA identity. This avoids bypassing all permission checks and eliminates the need to grant extra permissions to aimgr. - Add SKILL_EXECUTE_PARAM_CALLER_TOKEN_ID Want parameter key - Pass callerTokenId via Want from ExecuteInAppSkill(withTokenId) - CheckStaticCfgPermission: detect skill path, skip SA shortcut, verify permissions using caller's tokenId - Derive callerUid from callerTokenId inside launch functions via GetHapTokenInfo, no extra function parameters needed Change-Id: I0f871ce89953afc3cf69548b75d125cee3ede5d1 Signed-off-by: RuiChen_01 <chenrui193@huawei.com> Co-Authored-By: Agent Signed-off-by: RuiChen_01 <chenrui193@huawei.com> | 1 个月前 | |
change external_deps to deps Co-Authored-By: manual Signed-off-by: zhongshield1 <zhangzezhong8@huawei-partners.com> | 1 个月前 | |
hidesensitivetype修改默认值 Signed-off-by: lidongrui <lidongrui3@huawei.com> Co-Authored-By: lidongrui | 1 个月前 |
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
| 1 个月前 | ||
| 1 个月前 | ||
| 1 个月前 |