@ohos.dlpPermission (DLP)
Data loss prevention (DLP) is a system solution provided to prevent data disclosure. The dlpPermission module provides APIs for cross-device file access management, encrypted storage, and access authorization.
NOTE
The initial APIs of this module are supported since API version 10. Newly added APIs will be marked with a superscript to indicate their earliest API version.
Modules to Import
import dlpPermission from '@ohos.dlpPermission';
dlpPermission.isDLPFile
isDLPFile(fd: number): Promise<boolean>
Checks whether a file is a DLP file based on the file descriptor (FD). This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| fd | number | Yes | FD of the file to check. |
Return value
| Type | Description |
|---|---|
| Promise<boolean> | Promise used to return the result. The value true means the file is a DLP file; the value false means the opposite. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
try {
let res = dlpPermission.isDLPFile(file.fd); // Check whether the file is a DLP file.
console.info('res', res);
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
fs.closeSync(file);
dlpPermission.isDLPFile
isDLPFile(fd: number, callback: AsyncCallback<boolean>): void
Checks whether a file is a DLP file based on the FD. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| fd | number | Yes | FD of the file to check. |
| callback | AsyncCallback<boolean> | Yes | Callback invoked to return the result. The value true means the file is a DLP file; the value false means the opposite. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
let file = fs.openSync(uri);
try {
dlpPermission.isDLPFile(file.fd, (err, res) => {
if (err != undefined) {
console.error('isDLPFile error,', err.code, err.message);
} else {
console.info('res', res);
}
fs.closeSync(file);
});
} catch (err) {
console.error('isDLPFile error,', (err as BusinessError).code, (err as BusinessError).message);
fs.closeSync(file);
}
dlpPermission.getDLPPermissionInfo
getDLPPermissionInfo(): Promise<DLPPermissionInfo>
Obtains the permission information of this DLP file. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<DLPPermissionInfo> | Promise used to return the permission information about the DLP file. The operation is successful if no error is reported. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100001 | Invalid parameter value. |
| 19100006 | This API can only be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.isInSandbox().then((inSandbox) => {// Check whether the application is running in a sandbox.
if (inSandbox) {
let res: Promise<dlpPermission.DLPPermissionInfo> = dlpPermission.getDLPPermissionInfo(); // Obtain the permission information.
console.info('res', JSON.stringify(res));
}
});
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getDLPPermissionInfo
getDLPPermissionInfo(callback: AsyncCallback<DLPPermissionInfo>): void
Obtains the permission information of this DLP file. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<DLPPermissionInfo> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100006 | This API can only be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import fs from '@ohos.file.fs';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.isInSandbox().then((inSandbox) => {// Check whether the application is running in a sandbox.
if (inSandbox) {
dlpPermission.getDLPPermissionInfo((err, res) => {
if (err != undefined) {
console.error('getDLPPermissionInfo error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the permission information.
}
});
} catch (err) {
console.error('getDLPPermissionInfo error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.getOriginalFileName
getOriginalFileName(fileName: string): string
Obtains the original file name of a DLP file. This API returns the result synchronously.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| fileName | string | Yes | Name of the target file. |
Return value
| Type | Description |
|---|---|
| string | Original name of the DLP file obtained. For example, if the DLP file name is test.txt.dlp, the original file name returned is test.txt. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res = dlpPermission.getOriginalFileName('test.txt.dlp'); // Obtain the original file name.
console.info('res', res);
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getDLPSuffix
getDLPSuffix(): string
Obtains the DLP file name extension. This API returns the result synchronously.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| string | DLP file name extension obtained. For example, if the original file is text.txt and the returned file name extension is .dlp, the DLP file name is test.txt.dlp. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res = dlpPermission.getDLPSuffix(); // Obtain the DLP file name extension.
console.info('res', res);
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.on('openDLPFile')
on(type: 'openDLPFile', listener: Callback<AccessedDLPFileInfo>): void
Subscribes to a DLP file open event. The application will be notified when the DLP file is opened.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| type | 'openDLPFile' | Yes | Event type. It has a fixed value of openDLPFile, which indicates the DLP file open event. |
| listener | Callback<AccessedDLPFileInfo> | Yes | Callback invoked when a DLP file is opened. A notification will be sent to the application. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.on('openDLPFile', (info: dlpPermission.AccessedDLPFileInfo) => {
console.info('openDlpFile event', info.uri, info.lastOpenTime)
// Subscribe to the DLP file open event.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.off('openDLPFile')
off(type: 'openDLPFile', listener?: Callback<AccessedDLPFileInfo>): void
Unsubscribes from the DLP file open event. The application will not be notified when a DLP file is opened.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| type | 'openDLPFile' | Yes | Event type. It has a fixed value of openDLPFile, which indicates the DLP file open event. |
| listener | Callback<AccessedDLPFileInfo> | No | Callback for the DLP file open event. The application will not be notified when a DLP file is opened. By default, this parameter is left blank, which unregisters all callbacks for the file open event. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.off('openDLPFile', (info: dlpPermission.AccessedDLPFileInfo) => {
console.info('openDlpFile event', info.uri, info.lastOpenTime)
// Unsubscribe from the DLP file open events.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.isInSandbox
isInSandbox(): Promise<boolean>
Checks whether this application is running in a DLP sandbox environment. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<boolean> | Promise used to return the result. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let inSandbox = dlpPermission.isInSandbox(); // Check whether the application is running in a sandbox.
console.info('res', inSandbox);
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.isInSandbox
isInSandbox(callback: AsyncCallback<boolean>): void
Checks whether this application is running in a DLP sandbox environment. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<boolean> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.isInSandbox((err, data) => {
if (err) {
console.error('isInSandbox error,', err.code, err.message);
} else {
console.info('isInSandbox, data', JSON.stringify(data));
}
}); // Check whether the application is running in the sandbox.
} catch (err) {
console.error('isInSandbox error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.getDLPSupportedFileTypes
getDLPSupportedFileTypes(): Promise<Array<string>>
Obtains the file name extension types that support DLP. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<Array<string>> | Promise used to return the file name extension types obtained. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res = dlpPermission.getDLPSupportedFileTypes(); // Obtain the file types that support DLP.
console.info('res', JSON.stringify(res));
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getDLPSupportedFileTypes
getDLPSupportedFileTypes(callback: AsyncCallback<Array<string>>): void
Obtains the file name extension types that support DLP. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<Array<string>> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getDLPSupportedFileTypes((err, res) => {
if (err != undefined) {
console.error('getDLPSupportedFileTypes error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the file types that support DLP.
} catch (err) {
console.error('getDLPSupportedFileTypes error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.setRetentionState
setRetentionState(docUris: Array<string>): Promise<void>
Sets the sandbox retention state. This API uses a promise to return the result.
A sandbox application is automatically installed when a DLP file is opened, and automatically uninstalled when the DLP file is closed. Once the sandbox retention state is set for a DLP file, the sandbox application will not be automatically uninstalled when the DLP file is closed.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| docUris | Array<string> | Yes | URIs of the files to be set with the retention state. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100006 | This API can only be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.isInSandbox().then((inSandbox) => {// Check whether the application is running in a sandbox.
if (inSandbox) {
dlpPermission.setRetentionState([uri]); // Set the retention state for a sandbox application.
}
});
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.setRetentionState
setRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void
Sets the sandbox retention state. This API uses an asynchronous callback to return the result. A sandbox application is automatically installed when a DLP file is opened, and automatically uninstalled when the DLP file is closed. Once the sandbox retention state is set for a DLP file, the sandbox application will not be automatically uninstalled when the DLP file is closed.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| docUris | Array<string> | Yes | URIs of the files to be set with the retention state. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100006 | This API can only be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.setRetentionState([uri], (err, res) => {
if (err != undefined) {
console.error('setRetentionState error,', err.code, err.message);
} else {
console.info('setRetentionState success');
console.info('res', JSON.stringify(res));
}
}); // Set the sandbox retention state.
} catch (err) {
console.error('setRetentionState error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.cancelRetentionState
cancelRetentionState(docUris: Array<string>): Promise<void>
Cancels the sandbox retention state, that is, allows the sandbox application to be automatically uninstalled when the DLP file is closed. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| docUris | Array<string> | Yes | URIs of the files whose retention state is to be canceled. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.cancelRetentionState([uri]); // Cancel the retention state for a sandbox application.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.cancelRetentionState
cancelRetentionState(docUris: Array<string>, callback: AsyncCallback<void>): void
Cancels the sandbox retention state, that is, allows the sandbox application to be automatically uninstalled when the DLP file is closed. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| docUris | Array<string> | Yes | URIs of the files whose retention state is to be canceled. |
| callback | AsyncCallback<void> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
let uri = "file://docs/storage/Users/currentUser/Desktop/test.txt.dlp";
try {
dlpPermission.cancelRetentionState([uri], (err, res) => {
if (err != undefined) {
console.error('cancelRetentionState error,', err.code, err.message);
} else {
console.info('cancelRetentionState success');
}
}); // Cancel the sandbox retention state.
} catch (err) {
console.error('cancelRetentionState error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.getRetentionSandboxList
getRetentionSandboxList(bundleName?: string): Promise<Array<RetentionSandboxInfo>>
Obtains the sandbox applications in the retention state of an application. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | No | Bundle name of the application. By default, this parameter is left empty, which obtains the sandbox retention information about the current application. |
Return value
| Type | Description |
|---|---|
| Promise<Array<RetentionSandboxInfo>> | Promise used to return the sandbox retention information obtained. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res: Promise<Array<dlpPermission.RetentionSandboxInfo>> = dlpPermission.getRetentionSandboxList(); // Obtain all the sandbox applications in the retention state.
console.info('res', JSON.stringify(res))
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getRetentionSandboxList
getRetentionSandboxList(bundleName: string, callback: AsyncCallback<Array<RetentionSandboxInfo>>): void
Obtains the sandbox applications in the retention state of an application. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| bundleName | string | Yes | Bundle name of the application. |
| callback | AsyncCallback<Array<RetentionSandboxInfo>> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getRetentionSandboxList("bundleName", (err, res) => {
if (err != undefined) {
console.error('getRetentionSandboxList error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the sandbox retention information.
} catch (err) {
console.error('getRetentionSandboxList error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.getRetentionSandboxList
getRetentionSandboxList(callback: AsyncCallback<Array<RetentionSandboxInfo>>): void
Obtains the sandbox applications in the retention state of this application. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<Array<RetentionSandboxInfo>> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getRetentionSandboxList((err, res) => {
if (err != undefined) {
console.error('getRetentionSandboxList error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the sandbox retention information.
} catch (err) {
console.error('getRetentionSandboxList error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.getDLPFileAccessRecords
getDLPFileAccessRecords(): Promise<Array<AccessedDLPFileInfo>>
Obtains the list of DLP files that are accessed recently. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<Array<AccessedDLPFileInfo>> | Promise used to return the list of recently accessed files obtained. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
let res: Promise<Array<dlpPermission.AccessedDLPFileInfo>> = dlpPermission.getDLPFileAccessRecords(); // Obtain the list of recently accessed DLP files.
console.info('res', JSON.stringify(res))
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getDLPFileAccessRecords
getDLPFileAccessRecords(callback: AsyncCallback<Array<AccessedDLPFileInfo>>): void
Obtains the list of DLP files that are accessed recently. This API uses an asynchronous callback to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| callback | AsyncCallback<Array<AccessedDLPFileInfo>> | Yes | Callback invoked to return the result. If the operation is successful, err is undefined. Otherwise, err is an error object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getDLPFileAccessRecords((err, res) => {
if (err != undefined) {
console.error('getDLPFileAccessRecords error,', err.code, err.message);
} else {
console.info('res', JSON.stringify(res));
}
}); // Obtain the list of recently accessed DLP files.
} catch (err) {
console.error('getDLPFileAccessRecords error,', (err as BusinessError).code, (err as BusinessError).message);
}
dlpPermission.startDLPManagerForResult11+
startDLPManagerForResult(context: common.UIAbilityContext, want: Want): Promise<DLPManagerResult>
Starts the DLP manager application on the current UIAbility page in borderless mode. This API uses a promise to return the result.
Model restriction: This API can be used only in the stage model.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| context | common.UIAbilityContext | Yes | UIAbility context. |
| want | Want | Yes | Object that requests the start of the DLP manager application. |
Return value
| Type | Description |
|---|---|
| Promise<DLPManagerResult> | Promise used to return the DLPManagerResult object. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
| 19100016 | Uri does not exist in want. |
| 19100017 | DisplayName does not exist in want (under parameters). |
Example
import dlpPermission from '@ohos.dlpPermission';
import common from '@ohos.app.ability.common';
import AbilityConstant from '@ohos.app.ability.AbilityConstant';
import UIAbility from '@ohos.app.ability.UIAbility'
import Want from '@ohos.app.ability.Want';
import { BusinessError } from '@ohos.base';
try {
let context = getContext () as common.UIAbilityContext; // Obtain the UIAbility context.
let want: Want = {
"uri": "file://docs/storage/Users/currentUser/Desktop/1.txt",
"parameters": {
"displayName": "1.txt"
}
}; // Request parameters.
dlpPermission.startDLPManagerForResult(context, want).then((res) => {
console.info('res.resultCode', res.resultCode);
console.info('res.want', JSON.stringify(res.want));
}); // Start the DLP manager application.
} catch (err) {
console.error('error', err.code, err.message); // Error reported if the operation fails.
}
dlpPermission.setSandboxAppConfig11+
setSandboxAppConfig(configInfo: string): Promise<void>
Sets sandbox application configuration. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Parameters
| Name | Type | Mandatory | Description |
|---|---|---|---|
| configInfo | string | Yes | Sandbox application configuration. |
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
| 19100018 | Not authorized application. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.setSandboxAppConfig('configInfo'); // Set sandbox application configuration.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.cleanSandboxAppConfig11+
cleanSandboxAppConfig(): Promise<void>
Cleans sandbox application configuration. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<void> | Promise that returns no value. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100007 | This API cannot be called by DLP sandbox applications. |
| 19100011 | System service exception. |
| 19100018 | Not authorized application. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.cleanSandboxAppConfig(); // Clean sandbox application configuration.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
dlpPermission.getSandboxAppConfig11+
getSandboxAppConfig(): Promise<string>
Obtains sandbox application configuration. This API uses a promise to return the result.
System capability: SystemCapability.Security.DataLossPrevention
Return value
| Type | Description |
|---|---|
| Promise<string> | Promise used to return the sandbox application configuration obtained. |
Error codes
For details about the error codes, see DLP Service Error Codes.
| ID | Error Message |
|---|---|
| 401 | Parameter error. |
| 19100001 | Invalid parameter value. |
| 19100011 | System service exception. |
| 19100018 | Not authorized application. |
Example
import dlpPermission from '@ohos.dlpPermission';
import { BusinessError } from '@ohos.base';
try {
dlpPermission.getSandboxAppConfig().then((res) => {
console.info('res', JSON.stringify(res));
}); // Obtain the sandbox application configuration.
} catch (err) {
console.error('error', (err as BusinessError).code, (err as BusinessError).message); // Error reported if the operation fails.
}
ActionFlagType
Enumerates the operations that can be performed on a DLP file. For example, the DLP sandbox application can dim its button based on this parameter.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Value | Description |
|---|---|---|
| ACTION_VIEW | 0x00000001 | View the file. |
| ACTION_SAVE | 0x00000002 | Save the file. |
| ACTION_SAVE_AS | 0x00000004 | Save the file as another file. |
| ACTION_EDIT | 0x00000008 | Edit the file. |
| ACTION_SCREEN_CAPTURE | 0x00000010 | Capture screenshots of the file. |
| ACTION_SCREEN_SHARE | 0x00000020 | Share the screen of the file. |
| ACTION_SCREEN_RECORD | 0x00000040 | Record the screen on which the file is open. |
| ACTION_COPY | 0x00000080 | Copy the file. |
| ACTION_PRINT | 0x00000100 | Print the file. |
| ACTION_EXPORT | 0x00000200 | Export the file. |
| ACTION_PERMISSION_CHANGE | 0x00000400 | Modify the permissions on the file. |
DLPFileAccess
Enumerates the permissions on a DLP file.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Value | Description |
|---|---|---|
| NO_PERMISSION | 0 | The user has no permission on the file. |
| READ_ONLY | 1 | The user has only the permission to read the file. |
| CONTENT_EDIT | 2 | The user has the permission to edit the file. |
| FULL_CONTROL | 3 | The user has full control on the file. |
DLPPermissionInfo
Represents the permission information about a DLP file.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| dlpFileAccess | DLPFileAccess | Yes | No | User permission on the DLP file, for example, read-only. |
| flags | number | Yes | No | Operations that can be performed on the DLP file. It is a combination of different ActionFlagTypes. |
AccessedDLPFileInfo
Represents the information about a DLP file opened.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| uri | string | Yes | No | URI of the DLP file. |
| lastOpenTime | number | Yes | No | Time when the file was last opened. |
DLPManagerResult11+
Represents information about the trigger of the DLP manager application.
Model restriction: This API can be used only in the stage model.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| resultCode | number | Yes | No | Result code returned after the DLP manager application is started and exits. |
| want | Want | Yes | No | Data returned after the DLP manager application is started and exits. |
RetentionSandboxInfo
Represents the sandbox retention information.
System capability: SystemCapability.Security.DataLossPrevention
| Name | Type | Readable | Writable | Description |
|---|---|---|---|---|
| appIndex | number | Yes | No | Index of the DLP sandbox application. |
| bundleName | string | Yes | No | Bundle name of the application. |
| docUris | Array<string> | Yes | No | URI list of the DLP files. |