• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "app_control_manager_host_impl.h"
17 
18 #include "app_log_wrapper.h"
19 #include "appexecfwk_errors.h"
20 #include "app_control_constants.h"
21 #include "bundle_permission_mgr.h"
22 #include "ipc_skeleton.h"
23 
24 namespace OHOS {
25 namespace AppExecFwk {
26 namespace {
27     const std::string PERMISSION_DISPOSED_STATUS = "ohos.permission.MANAGE_DISPOSED_APP_STATUS";
28 }
AppControlManagerHostImpl()29 AppControlManagerHostImpl::AppControlManagerHostImpl()
30 {
31     appControlManager_ = DelayedSingleton<AppControlManager>::GetInstance();
32     callingNameMap_ = {
33         {AppControlConstants::EDM_UID, AppControlConstants::EDM_CALLING}
34     };
35     ruleTypeMap_ = {
36         {AppInstallControlRuleType::DISALLOWED_UNINSTALL, AppControlConstants::APP_DISALLOWED_UNINSTALL},
37         {AppInstallControlRuleType::ALLOWED_INSTALL, AppControlConstants::APP_ALLOWED_INSTALL}
38     };
39 }
40 
~AppControlManagerHostImpl()41 AppControlManagerHostImpl::~AppControlManagerHostImpl()
42 {
43 }
44 
AddAppInstallControlRule(const std::vector<std::string> & appIds,const AppInstallControlRuleType controlRuleType,int32_t userId)45 ErrCode AppControlManagerHostImpl::AddAppInstallControlRule(const std::vector<std::string> &appIds,
46     const AppInstallControlRuleType controlRuleType, int32_t userId)
47 {
48     APP_LOGD("AddAppInstallControlRule start");
49     std::string callingName = GetCallingName();
50     std::string ruleType = GetControlRuleType(controlRuleType);
51     if (callingName.empty()) {
52         APP_LOGE("callingName is invalid");
53         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
54     }
55     if (ruleType.empty()) {
56         APP_LOGE("controlRuleType is invalid");
57         return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
58     }
59     return appControlManager_->AddAppInstallControlRule(callingName, appIds, ruleType, userId);
60 }
61 
DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,const std::vector<std::string> & appIds,int32_t userId)62 ErrCode AppControlManagerHostImpl::DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,
63     const std::vector<std::string> &appIds, int32_t userId)
64 {
65     APP_LOGD("DeleteAppInstallControlRule start");
66     std::string ruleType = GetControlRuleType(controlRuleType);
67     if (ruleType.empty()) {
68         APP_LOGE("controlRuleType is invalid");
69         return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
70     }
71     std::string callingName = GetCallingName();
72     if (callingName.empty()) {
73         APP_LOGE("callingName is invalid");
74         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
75     }
76     return appControlManager_->DeleteAppInstallControlRule(callingName, ruleType, appIds, userId);
77 }
78 
DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,int32_t userId)79 ErrCode AppControlManagerHostImpl::DeleteAppInstallControlRule(const AppInstallControlRuleType controlRuleType,
80     int32_t userId)
81 {
82     APP_LOGD("CleanAppInstallControlRule start");
83     std::string callingName = GetCallingName();
84     std::string ruleType = GetControlRuleType(controlRuleType);
85     if (callingName.empty()) {
86         APP_LOGE("callingName is invalid");
87         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
88     }
89     if (ruleType.empty()) {
90         APP_LOGE("controlRuleType is invalid");
91         return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
92     }
93     return appControlManager_->DeleteAppInstallControlRule(callingName, ruleType, userId);
94 }
95 
GetAppInstallControlRule(const AppInstallControlRuleType controlRuleType,int32_t userId,std::vector<std::string> & appIds)96 ErrCode AppControlManagerHostImpl::GetAppInstallControlRule(
97     const AppInstallControlRuleType controlRuleType, int32_t userId, std::vector<std::string> &appIds)
98 {
99     APP_LOGD("GetAppInstallControlRule start");
100     std::string callingName = GetCallingName();
101     std::string ruleType = GetControlRuleType(controlRuleType);
102     if (callingName.empty()) {
103         APP_LOGE("callingName is invalid");
104         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
105     }
106     if (ruleType.empty()) {
107         APP_LOGE("controlRuleType is invalid");
108         return ERR_BUNDLE_MANAGER_APP_CONTROL_RULE_TYPE_INVALID;
109     }
110     return appControlManager_->GetAppInstallControlRule(callingName, ruleType, userId, appIds);
111 }
112 
AddAppRunningControlRule(const std::vector<AppRunningControlRule> & controlRules,int32_t userId)113 ErrCode AppControlManagerHostImpl::AddAppRunningControlRule(
114     const std::vector<AppRunningControlRule> &controlRules, int32_t userId)
115 {
116     std::string callingName = GetCallingName();
117     if (callingName.empty()) {
118         APP_LOGE("callingName is invalid");
119         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
120     }
121     return appControlManager_->AddAppRunningControlRule(callingName, controlRules, userId);
122 }
123 
DeleteAppRunningControlRule(const std::vector<AppRunningControlRule> & controlRules,int32_t userId)124 ErrCode AppControlManagerHostImpl::DeleteAppRunningControlRule(
125     const std::vector<AppRunningControlRule> &controlRules, int32_t userId)
126 {
127     std::string callingName = GetCallingName();
128     if (callingName.empty()) {
129         APP_LOGE("callingName is invalid");
130         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
131     }
132     return appControlManager_->DeleteAppRunningControlRule(callingName, controlRules, userId);
133 }
134 
DeleteAppRunningControlRule(int32_t userId)135 ErrCode AppControlManagerHostImpl::DeleteAppRunningControlRule(int32_t userId)
136 {
137     std::string callingName = GetCallingName();
138     if (callingName.empty()) {
139         APP_LOGE("callingName is invalid");
140         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
141     }
142     return appControlManager_->DeleteAppRunningControlRule(callingName, userId);
143 }
144 
GetAppRunningControlRule(int32_t userId,std::vector<std::string> & appIds)145 ErrCode AppControlManagerHostImpl::GetAppRunningControlRule(int32_t userId, std::vector<std::string> &appIds)
146 {
147     std::string callingName = GetCallingName();
148     if (callingName.empty()) {
149         APP_LOGE("callingName is invalid");
150         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
151     }
152     return appControlManager_->GetAppRunningControlRule(callingName, userId, appIds);
153 }
154 
GetAppRunningControlRule(const std::string & bundleName,int32_t userId,AppRunningControlRuleResult & controlRuleResult)155 ErrCode AppControlManagerHostImpl::GetAppRunningControlRule(
156     const std::string &bundleName, int32_t userId, AppRunningControlRuleResult &controlRuleResult)
157 {
158     int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
159     if (uid != AppControlConstants::FOUNDATION_UID) {
160         APP_LOGW("calling permission denied");
161         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
162     }
163     return appControlManager_->GetAppRunningControlRule(bundleName, userId, controlRuleResult);
164 }
165 
GetCallingName()166 std::string AppControlManagerHostImpl::GetCallingName()
167 {
168     int32_t uid = OHOS::IPCSkeleton::GetCallingUid();
169     auto item = callingNameMap_.find(uid);
170     if (item == callingNameMap_.end()) {
171         APP_LOGW("calling uid is invalid");
172         return "";
173     }
174     return item->second;
175 }
176 
GetControlRuleType(const AppInstallControlRuleType controlRuleType)177 std::string AppControlManagerHostImpl::GetControlRuleType(const AppInstallControlRuleType controlRuleType)
178 {
179     auto item = ruleTypeMap_.find(controlRuleType);
180     if (item == ruleTypeMap_.end()) {
181         APP_LOGW("controlRuleType:%{public}d is invalid", static_cast<int32_t>(controlRuleType));
182         return "";
183     }
184     return item->second;
185 }
186 
GetCallingUserId()187 int32_t AppControlManagerHostImpl::GetCallingUserId()
188 {
189     return OHOS::IPCSkeleton::GetCallingUid() / Constants::BASE_USER_RANGE;
190 }
191 
SetDisposedStatus(const std::string & appId,const Want & want)192 ErrCode AppControlManagerHostImpl::SetDisposedStatus(const std::string &appId, const Want &want)
193 {
194     APP_LOGD("host begin to SetDisposedStatus");
195     if (!BundlePermissionMgr::VerifySystemApp()) {
196         APP_LOGE("non-system app calling system api");
197         return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
198     }
199     if (!BundlePermissionMgr::VerifyCallingPermission(PERMISSION_DISPOSED_STATUS)) {
200         APP_LOGW("verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
201         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
202     }
203     ErrCode ret = appControlManager_->SetDisposedStatus(appId, want, GetCallingUserId());
204     if (ret != ERR_OK) {
205         APP_LOGW("host SetDisposedStatus error:%{public}d", ret);
206     }
207     return ret;
208 }
209 
DeleteDisposedStatus(const std::string & appId)210 ErrCode AppControlManagerHostImpl::DeleteDisposedStatus(const std::string &appId)
211 {
212     APP_LOGD("host begin to DeleteDisposedStatus");
213     if (!BundlePermissionMgr::VerifySystemApp()) {
214         APP_LOGE("non-system app calling system api");
215         return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
216     }
217     if (!BundlePermissionMgr::VerifyCallingPermission(PERMISSION_DISPOSED_STATUS)) {
218         APP_LOGW("verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
219         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
220     }
221     ErrCode ret = appControlManager_->DeleteDisposedStatus(appId, GetCallingUserId());
222     if (ret != ERR_OK) {
223         APP_LOGW("host DeletetDisposedStatus error:%{public}d", ret);
224     }
225     return ret;
226 }
227 
GetDisposedStatus(const std::string & appId,Want & want)228 ErrCode AppControlManagerHostImpl::GetDisposedStatus(const std::string &appId, Want &want)
229 {
230     APP_LOGE("host begin to GetDisposedStatus");
231     if (!BundlePermissionMgr::VerifySystemApp()) {
232         APP_LOGE("non-system app calling system api");
233         return ERR_BUNDLE_MANAGER_SYSTEM_API_DENIED;
234     }
235     if (!BundlePermissionMgr::VerifyCallingPermission(PERMISSION_DISPOSED_STATUS)) {
236         APP_LOGW("verify permission ohos.permission.MANAGE_DISPOSED_STATUS failed");
237         return ERR_BUNDLE_MANAGER_PERMISSION_DENIED;
238     }
239     ErrCode ret = appControlManager_->GetDisposedStatus(appId, want, GetCallingUserId());
240     if (ret != ERR_OK) {
241         APP_LOGW("host GetDisposedStatus error:%{public}d", ret);
242     }
243     return ret;
244 }
245 }
246 }