@ohos.dlpPermission (DLP) (System API)
Data loss prevention (DLP) is a system solution provided to prevent data disclosure. The dlpPermission module provides APIs for cross-device file access management, encrypted storage, and access authorization.
NOTE
- The initial APIs of this module are supported since API version 10. Newly added APIs will be marked with a superscript to indicate their earliest API version.
- This topic describes only the system APIs provided by the module. For details about its public APIs, see @ohos.dlpPermission.
Modules to Import
import dlpPermission from '@ohos.dlpPermission';
dlpPermission.getDLPGatheringPolicy
getDLPGatheringPolicy(): Promise<GatheringPolicyType>
Obtains the DLP sandbox gathering policy. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<GatheringPolicyType> | Promise used to return the DLP sandbox aggregation policy obtained. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res: Promise<dlpPermission.GatheringPolicyType> = dlpPermission.getDLPGatheringPolicy(); // Obtain the sandbox gathering policy.
console.info('res', JSON.stringify(res));
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getDLPGatheringPolicy
getDLPGatheringPolicy(callback: AsyncCallback<GatheringPolicyType>): void
Obtains the DLP sandbox gathering policy. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<GatheringPolicyType> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getDLPGatheringPolicy((err, res) => {
if (err != undefined) {
console.error('getDLPGatheringPolicy error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the sandbox gathering policy.
} catch (err) {
console.error('getDLPGatheringPolicy error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.installDLPSandbox
installDLPSandbox(bundleName: string, access: DLPFileAccess, userId: number, uri: string): Promise<DLPSandboxInfo>
Installs a DLP sandbox application for an application. This API uses a promise to return the application sandbox installed.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | Yes | Bundle name of the application. |
| access | DLPFileAccess | Yes | Permission on the DLP file. |
| userId | number | Yes | Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is 100. |
| uri | string | Yes | URI of the DLP file. |
Return value
| Type | Description |
|---|---|
| Promise<DLPSandboxInfo> | Promise used to return the information about the sandbox application installed. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
let res: Promise<dlpPermission.DLPSandboxInfo> = dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri); // Install a DLP sandbox application.
console.info('res', JSON.stringify(res));
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.installDLPSandbox
installDLPSandbox(bundleName: string, access: DLPFileAccess, userId: number, uri:string, callback: AsyncCallback<DLPSandboxInfo>): void
Installs a DLP sandbox application for an application. This API uses an asynchronous callback to return the index of the sandbox application installed.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | Yes | Bundle name of the application. |
| access | DLPFileAccess | Yes | Permission on the DLP file. |
| userId | number | Yes | Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is 100. |
| uri | string | Yes | URI of the DLP file. |
| callback | AsyncCallback<DLPSandboxInfo> | Yes | Callback invoked to return the information about the sandbox application installed. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri, (err, res) => {
if (err != undefined) {
console.error('installDLPSandbox error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Install a DLP sandbox application.
} catch (err) {
console.error('installDLPSandbox error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.uninstallDLPSandbox
uninstallDLPSandbox(bundleName: string, userId: number, appIndex: number): Promise<void>
Uninstalls a DLP sandbox application for an application. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | Yes | Bundle name of the application. |
| userId | number | Yes | Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is 100. |
| appIndex | number | Yes | Index of the DLP sandbox application. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri).then((res)=>{
console.info('res', JSON.stringify(res));
dlpPermission.uninstallDLPSandbox('com.ohos.note', 100, res.appIndex); // Uninstall a DLP sandbox application.
}); // Install a DLP sandbox application.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.uninstallDLPSandbox
uninstallDLPSandbox(bundleName: string, userId: number, appIndex: number, callback: AsyncCallback<void>): void
Uninstalls a DLP sandbox application for an application. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | Yes | Bundle name of the application. |
| userId | number | Yes | Current user ID, which is the OS account ID obtained by the account subsystem. The default super user ID is 100. |
| appIndex | number | Yes | DLP sandbox appliction index, which is the value returned after installDLPSandbox is successfully called. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the uninstallation result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.installDLPSandbox('com.ohos.note', dlpPermission.DLPFileAccess.READ_ONLY, 100, uri).then((res)=>{
console.info('res', JSON.stringify(res));
dlpPermission.uninstallDLPSandbox('com.ohos.note', 100, res.appIndex, (err, res) => {
if (err != undefined) {
console.error('uninstallDLPSandbox error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Install a DLP sandbox application.
} catch (err) {
console.error('uninstallDLPSandbox error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.on('uninstallDLPSandbox')
on(type: 'uninstallDLPSandbox', listener: Callback<DLPSandboxState>): void
Subscribes to a DLP sandbox uninstall event.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| type | 'uninstallDLPSandbox' | Yes | Event type. It has a fixed value of uninstallDLPSandbox, which indicates the DLP sandbox application uninstall event. |
| listener | Callback<DLPSandboxState> | Yes | Callback invoked when a sandbox application is uninstalled. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.on('uninstallDLPSandbox', (info: dlpPermission.DLPSandboxState) => {
console.info('uninstallDLPSandbox event', info.appIndex, info.bundleName)
// Subscribe to the DLP sandbox application uninstall event.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.off('uninstallDLPSandbox')
off(type: 'uninstallDLPSandbox', listener?: Callback<DLPSandboxState>): void
Unsubscribes from the DLP sandbox uninstall event.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| type | 'uninstallDLPSandbox' | Yes | Event type. It has a fixed value of uninstallDLPSandbox, which indicates the DLP sandbox application uninstall event. |
| listener | Callback<DLPSandboxState> | No | Callback for the sandbox uninstall event. By default, this parameter is left blank, which unregisters all callbacks for the sandbox uninstall event. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.off('uninstallDLPSandbox', (info: dlpPermission.DLPSandboxState) => {
console.info('uninstallDLPSandbox event', info.appIndex, info.bundleName)
// Unsubscribe from the DLP sandbox uninstall events.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
DLPFile
Provides APIs for managing DLP files. A DLPFile instance indicates a DLP file object. You can use generateDLPFile or openDLPFile to obtain a DLPFile instance.
Attributes
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Read Only | Mandatory | Description |
|---|---|---|---|---|
| dlpProperty | DLPProperty | No | Yes | Authorized user information. |
addDLPLinkFile
addDLPLinkFile(linkFileName: string): Promise<void>
Adds a link file to the Filesystem in Userspace (FUSE). The link file is a virtual file mapped to the ciphertext in the FUSE. The read and write operations on the link file will be synchronized to the DLP file. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to add. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
addDLPLinkFile
addDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void
Adds a link file to the FUSE. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to add. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link', async (err, res) => {
if (err != undefined) {
console.error('addDLPLinkFile error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Open a DLP file.
} catch (err) {
console.error('addDLPLinkFile error,', (err as BusinessError).code, (err as BusinessError).message);
}
stopFuseLink
stopFuseLink(): Promise<void>
Stops the read and write on the FUSE. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(); // Stop read/write on the link file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
stopFuseLink
stopFuseLink(callback: AsyncCallback<void>): void
Stops the read and write on the FUSE. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(async (err, res) => {
if (err != undefined) {
console.error('stopFuseLink error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Open a DLP file.
} catch (err) {
console.error('stopFuseLink error,', (err as BusinessError).code, (err as BusinessError).message);
}
resumeFuseLink
resumeFuseLink(): Promise<void>
Resumes the read and write on the FUSE. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(); // Stop read/write on the link file.
dlpFile.resumeFuseLink(); // Resume read/write on the link file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
resumeFuseLink
resumeFuseLink(callback: AsyncCallback<void>): void
Resumes the read and write on the FUSE. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(); // Stop read/write on the link file.
dlpFile.resumeFuseLink(async (err, res) => {
if (err != undefined) {
console.error('resumeFuseLink error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Open a DLP file.
} catch (err) {
console.error('resumeFuseLink error,', (err as BusinessError).code, (err as BusinessError).message);
}
replaceDLPLinkFile
replaceDLPLinkFile(linkFileName: string): Promise<void>
Replaces a link file. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to replace. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(); // Stop read/write on the link file.
dlpFile.replaceDLPLinkFile('test_new.txt.dlp.link'); // Replace the link file.
dlpFile.resumeFuseLink(); // Resume read/write on the link file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
replaceDLPLinkFile
replaceDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void
Replaces a link file. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to replace. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.stopFuseLink(); // Stop read/write on the link file.
dlpFile.replaceDLPLinkFile('test_new.txt.dlp.link', async (err, res) => { // Replace a link file.
if (err != undefined) {
console.error('replaceDLPLinkFile error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
await dlpFile.resumeFuseLink(); // Resume read/write on the link file.
}
});
}); // Open a DLP file.
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
}
deleteDLPLinkFile
deleteDLPLinkFile(linkFileName: string): Promise<void>
Deletes a link file from the FUSE. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to delete. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.deleteDLPLinkFile('test.txt.dlp.link'); // Delete the link file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
deleteDLPLinkFile
deleteDLPLinkFile(linkFileName: string, callback: AsyncCallback<void>): void
Deletes a link file. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| linkFileName | string | Yes | Name of the link file to delete. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.addDLPLinkFile('test.txt.dlp.link'); // Add a link file.
dlpFile.deleteDLPLinkFile('test.txt.dlp.link', async (err, res) => { // Delete a link file.
if (err != undefined) {
console.error('deleteDLPLinkFile error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Open a DLP file.
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
}
recoverDLPFile
recoverDLPFile(plaintextFd: number): Promise<void>
Recovers the plaintext of a DLP file. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| plaintextFd | number | Yes | FD of the target plaintext file. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100008 | Not DLP file. |
| 19100009 | Failed to operate the DLP file. |
| 19100010 | DLP file is read-only. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
let destFile = fs.openSync("destUri");
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.recoverDLPFile(destFile.fd); // Recover the plain text from the DLP file.
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
fs.closeSync(destFile);
recoverDLPFile
recoverDLPFile(plaintextFd: number, callback: AsyncCallback<void>): void
Recovers the plaintext of a DLP file. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| plaintextFd | number | Yes | FD of the target plaintext file. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100008 | Not DLP file. |
| 19100009 | Failed to operate the DLP file. |
| 19100010 | DLP file is read-only. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
let destFile = fs.openSync("destUri");
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.recoverDLPFile(destFile.fd, async (err, res) => { // Recover the plaintext of a DLP file.
if (err != undefined) {
console.error('recoverDLPFile error,', err.code, err.message);
await dlpFile.closeDLPFile(); // Close the DLPFile instance.
} else {
console.info('res', JSON.stringify(res));
}
});
}); // Open a DLP file.
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
}
closeDLPFile
closeDLPFile(): Promise<void>
Closes this DLPFile instance. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
NOTE
If a DLP file is no longer used, close the dlpFile instance to release the memory.
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
closeDLPFile
closeDLPFile(callback: AsyncCallback<void>): void
Closes this DLPFile instance. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
NOTE
If a DLP file is no longer used, close the dlpFile instance to release the memory.
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 19100001 | Invalid parameter value. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.closeDLPFile((err, res) => {// Close the DLP file.
if (err != undefined) {
console.error('closeDLPFile error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
fs.closeSync(file);
});
}); // Open a DLP file.
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
fs.closeSync(file);
}
dlpPermission.generateDLPFile
generateDLPFile(plaintextFd: number, ciphertextFd: number, property: DLPProperty): Promise<DLPFile>
Generates a DLP file, which is an encrypted file that can be accessed only by authorized users. The users can have the full control permission or read-only permission on the DLP file. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| plaintextFd | number | Yes | FD of the plaintext file to be encrypted. |
| ciphertextFd | number | Yes | FD of the encrypted file. |
| property | DLPProperty | Yes | Authorized user information, which includes the authorized user list, owner account, and contact account information. |
Return value
| Type | Description |
|---|---|
| Promise<DLPFile> | Promise used to return the result. If the operation is successful, a DLPFile instance is returned. Otherwise, null is returned. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import { BusinessError } from '@ohos.base';
let dlpUri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt";
let file = fs.openSync(uri);
let dlp = fs.openSync(dlpUri);
try {
let dlpProperty: dlpPermission.DLPProperty = {
ownerAccount: 'zhangsan',
ownerAccountType: dlpPermission.AccountType.DOMAIN_ACCOUNT,
authUserList: [],
contactAccount: 'zhangsan',
offlineAccess: true,
ownerAccountID: 'xxxxxxx',
everyoneAccessList: []
};
dlpPermission.generateDLPFile(file.fd, dlp.fd, dlpProperty).then((dlpFile)=>{
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Generate a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
fs.closeSync(dlp);
dlpPermission.generateDLPFile
generateDLPFile(plaintextFd: number, ciphertextFd: number, property: DLPProperty, callback: AsyncCallback<DLPFile>): void
Generates a DLP file, which is an encrypted file that can be accessed only by authorized users. The users can have the full control permission or read-only permission on the DLP file. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| plaintextFd | number | Yes | FD of the plaintext file to be encrypted. |
| ciphertextFd | number | Yes | FD of the encrypted file. |
| property | DLPProperty | Yes | Authorized user information, which includes the authorized user list, owner account, and contact account information. |
| callback | AsyncCallback<DLPFile> | Yes | Callback invoked to return the DLPFile instance created. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import { BusinessError } from '@ohos.base';
let dlpUri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt";
let file = fs.openSync(uri);
let dlp = fs.openSync(dlpUri);
try {
let dlpProperty: dlpPermission.DLPProperty = {
ownerAccount: 'zhangsan',
ownerAccountType: dlpPermission.AccountType.DOMAIN_ACCOUNT,
authUserList: [],
contactAccount: 'zhangsan',
offlineAccess: true,
ownerAccountID: 'xxxxxxx',
everyoneAccessList: []
};
dlpPermission.generateDLPFile(file.fd, dlp.fd, dlpProperty, (err, res) => { // Generate a DLP file.
if (err != undefined) {
console.error('generateDLPFile error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
});
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
fs.closeSync(file);
}
dlpPermission.openDLPFile11+
openDLPFile(ciphertextFd: number, appId: string): Promise<DLPFile>
Opens a DLP file. This API uses a promise to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| ciphertextFd | number | Yes | FD of the encrypted file. |
| appId | string | Yes | ID of the caller. |
Return value
| Type | Description |
|---|---|
| Promise<DLPFile> | Promise used to return the result. If the operation is successful, a DLPFile instance is returned. Otherwise, null is returned. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100008 | Not DLP file. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
| 19100018 | Not authorized application. |
| 19100019 | The DLP file has expired. |
| 19100020 | No network connection. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId).then((dlpFile)=>{
dlpFile.closeDLPFile(); // Close the DLPFile instance.
}); // Open a DLP file.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
dlpPermission.openDLPFile11+
openDLPFile(ciphertextFd: number, appId: string, callback: AsyncCallback<DLPFile>): void
Opens a DLP file. This API uses an asynchronous callback to return the result.
System API: This is a system API.
Required permissions: ohos.permission.ACCESS_DLP_FILE
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| ciphertextFd | number | Yes | FD of the encrypted file. |
| appId | string | Yes | ID of the caller. |
| callback | AsyncCallback<DLPFile> | Yes | Callback invoked to return the DLPFile instance opened. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 201 | Permission denied. |
| 202 | Non-system applications use system APIs. |
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100002 | Credential task error. |
| 19100003 | Credential task time out. |
| 19100004 | Credential service error. |
| 19100005 | Remote credential server error. |
| 19100008 | Not DLP file. |
| 19100009 | Failed to operate the DLP file. |
| 19100011 | System service exception. |
| 19100018 | Not authorized application. |
| 19100019 | The DLP file has expired. |
| 19100020 | No network connection. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import bundleManager from '@ohos.bundle.bundleManager';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
let bundleFlags = bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_SIGNATURE_INFO;
let appId = "";
let bundleName = 'com.ohos.note';
let userId = 100;
try{
bundleManager.getBundleInfo(bundleName, bundleFlags, userId, (err, data) => {
if (err) {
console.error('error', err.code, err.message);
} else {
appId = data.signatureInfo.appId;
}
})
} catch (err) {
console.error('error', err.code, err.message);
}
try {
dlpPermission.openDLPFile(file.fd, appId, (err, res) => { // Open a DLP file.
if (err != undefined) {
console.error('openDLPFile error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
});
} catch (err) {
console.error('error,', (err as BusinessError).code, (err as BusinessError).message);
fs.closeSync(file);
}
DLPSandboxInfo
Represents the DLP sandbox information.
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| appIndex | number | Yes | No | Index of the DLP sandbox application. |
| tokenID | number | Yes | No | Token ID of the DLP sandbox application. |
DLPSandboxState
Represents the DLP sandbox identity information.
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| bundleName | string | Yes | No | Bundle name of the application. |
| appIndex | number | Yes | No | Index of the DLP sandbox application. |
AccountType
Enumerates the types of authorized accounts.
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Value | Description |
|---|---|---|
| CLOUD_ACCOUNT | 1 | Cloud account. |
| DOMAIN_ACCOUNT | 2 | Domain account. |
AuthUser
Represents the user authorization information.
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Read Only | Mandatory | Description |
|---|---|---|---|---|
| authAccount | string | No | Yes | Account of the user who can access the DLP file. |
| authAccountType | AccountType | No | Yes | Type of the account. |
| dlpFileAccess | DLPFileAccess | No | Yes | Permission granted to the user. |
| permExpiryTime | number | No | Yes | Time when the authorization expires. |
DLPProperty
Represents the authorization information.
System API: This is a system API.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Read Only | Mandatory | Description |
|---|---|---|---|---|
| ownerAccount | string | No | Yes | Account of the owner who can set the permission. |
| ownerAccountID | string | No | Yes | Account ID of the owner. |
| ownerAccountType | AccountType | No | Yes | Account type of the owner. |
| authUserList | Array<AuthUser> | No | No | List of users who are authorized to access the DLP file. By default, this parameter is left blank. |
| contactAccount | string | No | Yes | Account of the contact. |
| offlineAccess | boolean | No | Yes | Whether the file can be accessed offline. |
| everyoneAccessList | Array<DLPFileAccess> | No | No | Permission granted to everyone. This parameter is left blank by default. |
| expireTime11+ | number | No | No | Timestamp when the file permission has expired. This parameter is left blank by default. |
GatheringPolicyType
Enumerates the DLP sandbox gathering policy types. GATHERING allows the DLP files of the same permission type to be opened in a sandbox. For example, open different tab pages in a sandbox. NON_GATHERING allows different DLP files to be opened in different sandboxes.
System capability: SystemCapability.Security.DataLossPrevention
System API: This is a system API.
Parameters
| Name | Value | Description |
|---|---|---|
| GATHERING | 1 | Allows the DLP files of the same permission type to be opened in a sandbox. For example, the files of the same permission type can be opened in tab pages of a window. |
| NON_GATHERING | 2 | Allows the DLP files of different permission types to be opened in different sandboxes. |