1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "enterprise_device_mgr_stub.h"
17
18 #include <ipc_skeleton.h>
19
20 #include "accesstoken_kit.h"
21 #include "admin.h"
22 #include "ent_info.h"
23 #include "string_ex.h"
24 #include "tokenid_kit.h"
25
26 using namespace OHOS::HiviewDFX;
27
28 namespace OHOS {
29 namespace EDM {
30 constexpr int32_t DEFAULT_USER_ID = 100;
31
EnterpriseDeviceMgrStub()32 EnterpriseDeviceMgrStub::EnterpriseDeviceMgrStub()
33 {
34 AddCallFuncMap();
35 EDMLOGI("EnterpriseDeviceMgrStub()");
36 }
37
AddCallFuncMap()38 void EnterpriseDeviceMgrStub::AddCallFuncMap()
39 {
40 memberFuncMap_[EdmInterfaceCode::ADD_DEVICE_ADMIN] = &EnterpriseDeviceMgrStub::EnableAdminInner;
41 memberFuncMap_[EdmInterfaceCode::REMOVE_DEVICE_ADMIN] = &EnterpriseDeviceMgrStub::DisableAdminInner;
42 memberFuncMap_[EdmInterfaceCode::REMOVE_SUPER_ADMIN] = &EnterpriseDeviceMgrStub::DisableSuperAdminInner;
43 memberFuncMap_[EdmInterfaceCode::GET_ENABLED_ADMIN] = &EnterpriseDeviceMgrStub::GetEnabledAdminInner;
44 memberFuncMap_[EdmInterfaceCode::GET_ENT_INFO] = &EnterpriseDeviceMgrStub::GetEnterpriseInfoInner;
45 memberFuncMap_[EdmInterfaceCode::SET_ENT_INFO] = &EnterpriseDeviceMgrStub::SetEnterpriseInfoInner;
46 memberFuncMap_[EdmInterfaceCode::IS_SUPER_ADMIN] = &EnterpriseDeviceMgrStub::IsSuperAdminInner;
47 memberFuncMap_[EdmInterfaceCode::IS_ADMIN_ENABLED] = &EnterpriseDeviceMgrStub::IsAdminEnabledInner;
48 memberFuncMap_[EdmInterfaceCode::SUBSCRIBE_MANAGED_EVENT] = &EnterpriseDeviceMgrStub::SubscribeManagedEventInner;
49 memberFuncMap_[EdmInterfaceCode::UNSUBSCRIBE_MANAGED_EVENT] =
50 &EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner;
51 memberFuncMap_[EdmInterfaceCode::AUTHORIZE_ADMIN] = &EnterpriseDeviceMgrStub::AuthorizeAdminInner;
52 }
53
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)54 int32_t EnterpriseDeviceMgrStub::OnRemoteRequest(uint32_t code, MessageParcel &data, MessageParcel &reply,
55 MessageOption &option)
56 {
57 bool isSystemApp =
58 Security::AccessToken::TokenIdKit::IsSystemAppByFullTokenID(IPCSkeleton::GetCallingFullTokenID());
59 Security::AccessToken::ATokenTypeEnum tokenType =
60 Security::AccessToken::AccessTokenKit::GetTokenTypeFlag(IPCSkeleton::GetCallingTokenID());
61 if (!isSystemApp && tokenType != Security::AccessToken::ATokenTypeEnum::TOKEN_NATIVE &&
62 tokenType != Security::AccessToken::ATokenTypeEnum::TOKEN_SHELL) {
63 EDMLOGE("EnterpriseDeviceMgrStub not system app or native process");
64 reply.WriteInt32(EdmReturnErrCode::SYSTEM_API_DENIED);
65 return EdmReturnErrCode::SYSTEM_API_DENIED;
66 }
67 std::u16string descriptor = GetDescriptor();
68 std::u16string remoteDescriptor = data.ReadInterfaceToken();
69 EDMLOGI("EnterpriseDeviceMgrStub code %{public}u", code);
70 if (descriptor != remoteDescriptor) {
71 EDMLOGE("EnterpriseDeviceMgrStub code %{public}d client and service descriptors are inconsistent", code);
72 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
73 return EdmReturnErrCode::PARAM_ERROR;
74 }
75 if (SERVICE_FLAG(code)) {
76 auto func = memberFuncMap_.find(code);
77 if (func != memberFuncMap_.end()) {
78 auto memberFunc = func->second;
79 if (memberFunc != nullptr) {
80 return (this->*memberFunc)(data, reply);
81 }
82 }
83 }
84 if (POLICY_FLAG(code)) {
85 EDMLOGD("POLICY_FLAG(code:%{public}x)\n", code);
86 int32_t hasUserId;
87 int32_t userId = DEFAULT_USER_ID;
88 data.ReadInt32(hasUserId);
89 if (hasUserId == 1) {
90 data.ReadInt32(userId);
91 }
92 if (FUNC_TO_OPERATE(code) == static_cast<int>(FuncOperateType::GET)) {
93 EDMLOGD("GetDevicePolicyInner");
94 return GetDevicePolicyInner(code, data, reply, userId);
95 } else {
96 EDMLOGD("HandleDevicePolicyInner");
97 return HandleDevicePolicyInner(code, data, reply, userId);
98 }
99 } else {
100 EDMLOGE("!POLICY_FLAG(code)");
101 }
102
103 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
104 }
105
EnableAdminInner(MessageParcel & data,MessageParcel & reply)106 ErrCode EnterpriseDeviceMgrStub::EnableAdminInner(MessageParcel &data, MessageParcel &reply)
107 {
108 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
109 if (!admin) {
110 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
111 return EdmReturnErrCode::PARAM_ERROR;
112 }
113 EDMLOGD("EnableAdminInner bundleName:: %{public}s : abilityName : %{public}s ", admin->GetBundleName().c_str(),
114 admin->GetAbilityName().c_str());
115 std::unique_ptr<EntInfo> entInfo(data.ReadParcelable<EntInfo>());
116 if (!entInfo) {
117 EDMLOGE("EnterpriseDeviceMgrStub::EnableAdminInner read parcel fail");
118 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
119 return EdmReturnErrCode::PARAM_ERROR;
120 }
121 int32_t type = data.ReadInt32();
122 int32_t userId = data.ReadInt32();
123 AdminType adminType = AdminType::UNKNOWN;
124 if (type == static_cast<int32_t>(AdminType::NORMAL) || type == static_cast<int32_t>(AdminType::ENT)) {
125 adminType = static_cast<AdminType>(type);
126 }
127 ErrCode retCode = EnableAdmin(*admin, *entInfo, adminType, userId);
128 reply.WriteInt32(retCode);
129 return ERR_OK;
130 }
131
DisableAdminInner(MessageParcel & data,MessageParcel & reply)132 ErrCode EnterpriseDeviceMgrStub::DisableAdminInner(MessageParcel &data, MessageParcel &reply)
133 {
134 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
135 if (!admin) {
136 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
137 return EdmReturnErrCode::PARAM_ERROR;
138 }
139 int32_t userId = data.ReadInt32();
140 ErrCode retCode = DisableAdmin(*admin, userId);
141 reply.WriteInt32(retCode);
142 return ERR_OK;
143 }
144
DisableSuperAdminInner(MessageParcel & data,MessageParcel & reply)145 ErrCode EnterpriseDeviceMgrStub::DisableSuperAdminInner(MessageParcel &data, MessageParcel &reply)
146 {
147 std::string bundleName = data.ReadString();
148 EDMLOGD("DisableSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
149 ErrCode retCode = DisableSuperAdmin(bundleName);
150 reply.WriteInt32(retCode);
151 return retCode;
152 }
153
HandleDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)154 ErrCode EnterpriseDeviceMgrStub::HandleDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
155 int32_t userId)
156 {
157 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
158 if (!admin) {
159 EDMLOGW("HandleDevicePolicyInner: ReadParcelable failed");
160 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
161 return ERR_EDM_PARAM_ERROR;
162 }
163 ErrCode errCode = HandleDevicePolicy(code, *admin, data, reply, userId);
164 reply.WriteInt32(errCode);
165 return errCode;
166 }
167
GetDevicePolicyInner(uint32_t code,MessageParcel & data,MessageParcel & reply,int32_t userId)168 ErrCode EnterpriseDeviceMgrStub::GetDevicePolicyInner(uint32_t code, MessageParcel &data, MessageParcel &reply,
169 int32_t userId)
170 {
171 return GetDevicePolicy(code, data, reply, userId);
172 }
173
GetEnabledAdminInner(MessageParcel & data,MessageParcel & reply)174 ErrCode EnterpriseDeviceMgrStub::GetEnabledAdminInner(MessageParcel &data, MessageParcel &reply)
175 {
176 EDMLOGD("EnterpriseDeviceMgrStub:GetEnabledAdmin");
177 int32_t type = static_cast<int32_t>(AdminType::UNKNOWN);
178 if (!data.ReadInt32(type)) {
179 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
180 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdminInner read type fail %{public}u", type);
181 return EdmReturnErrCode::PARAM_ERROR;
182 }
183 std::vector<std::string> enabledAdminList;
184 ErrCode res = GetEnabledAdmin((AdminType)type, enabledAdminList);
185 if (FAILED(res)) {
186 EDMLOGE("EnterpriseDeviceMgrStub:GetEnabledAdmin failed:%{public}d", res);
187 reply.WriteInt32(res);
188 return res;
189 }
190 reply.WriteInt32(ERR_OK);
191 reply.WriteStringVector(enabledAdminList);
192 return ERR_OK;
193 }
194
GetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)195 ErrCode EnterpriseDeviceMgrStub::GetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
196 {
197 EDMLOGD("EnterpriseDeviceMgrStub:GetEnterpriseInfoInner");
198 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
199 if (!admin) {
200 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
201 return EdmReturnErrCode::PARAM_ERROR;
202 }
203 EDMLOGD("GetEnterpriseInfoInner bundleName:: %{public}s : abilityName : %{public}s ",
204 admin->GetBundleName().c_str(), admin->GetAbilityName().c_str());
205
206 return GetEnterpriseInfo(*admin, reply);
207 }
208
IsSuperAdminInner(MessageParcel & data,MessageParcel & reply)209 ErrCode EnterpriseDeviceMgrStub::IsSuperAdminInner(MessageParcel &data, MessageParcel &reply)
210 {
211 EDMLOGD("EnterpriseDeviceMgrStub:IsSuperAdminInner");
212 std::string bundleName = data.ReadString();
213 EDMLOGD("IsSuperAdminInner bundleName:: %{public}s :", bundleName.c_str());
214 bool ret = IsSuperAdmin(bundleName);
215 reply.WriteInt32(ERR_OK);
216 reply.WriteBool(ret);
217 return ERR_OK;
218 }
219
IsAdminEnabledInner(MessageParcel & data,MessageParcel & reply)220 ErrCode EnterpriseDeviceMgrStub::IsAdminEnabledInner(MessageParcel &data, MessageParcel &reply)
221 {
222 EDMLOGD("EnterpriseDeviceMgrStub:IsAdminEnabled");
223 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
224 if (!admin) {
225 EDMLOGE("EnterpriseDeviceMgrStub::IsAdminEnabledInner read parcel fail");
226 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
227 return EdmReturnErrCode::PARAM_ERROR;
228 }
229 int32_t userId = data.ReadInt32();
230 bool ret = IsAdminEnabled(*admin, userId);
231 reply.WriteInt32(ERR_OK);
232 reply.WriteBool(ret);
233 return ERR_OK;
234 }
235
SetEnterpriseInfoInner(MessageParcel & data,MessageParcel & reply)236 ErrCode EnterpriseDeviceMgrStub::SetEnterpriseInfoInner(MessageParcel &data, MessageParcel &reply)
237 {
238 EDMLOGD("EnterpriseDeviceMgrStub:SetEnterpriseInfoInner");
239 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
240 if (!admin) {
241 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
242 return EdmReturnErrCode::PARAM_ERROR;
243 }
244 std::unique_ptr<EntInfo> entInfo(data.ReadParcelable<EntInfo>());
245 if (!entInfo) {
246 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
247 return EdmReturnErrCode::PARAM_ERROR;
248 }
249 ErrCode ret = SetEnterpriseInfo(*admin, *entInfo);
250 reply.WriteInt32(ret);
251 return ERR_OK;
252 }
253
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)254 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
255 {
256 EDMLOGD("EnterpriseDeviceMgrStub:SubscribeManagedEventInner");
257 return SubscribeManagedEventInner(data, reply, true);
258 }
259
UnsubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply)260 ErrCode EnterpriseDeviceMgrStub::UnsubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply)
261 {
262 EDMLOGD("EnterpriseDeviceMgrStub:UnsubscribeManagedEventInner");
263 return SubscribeManagedEventInner(data, reply, false);
264 }
265
SubscribeManagedEventInner(MessageParcel & data,MessageParcel & reply,bool subscribe)266 ErrCode EnterpriseDeviceMgrStub::SubscribeManagedEventInner(MessageParcel &data, MessageParcel &reply, bool subscribe)
267 {
268 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
269 if (!admin) {
270 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
271 return EdmReturnErrCode::PARAM_ERROR;
272 }
273 std::vector<uint32_t> events;
274 data.ReadUInt32Vector(&events);
275 ErrCode code;
276 if (subscribe) {
277 code = SubscribeManagedEvent(*admin, events);
278 } else {
279 code = UnsubscribeManagedEvent(*admin, events);
280 }
281 reply.WriteInt32(code);
282 return code;
283 }
284
AuthorizeAdminInner(MessageParcel & data,MessageParcel & reply)285 ErrCode EnterpriseDeviceMgrStub::AuthorizeAdminInner(MessageParcel &data, MessageParcel &reply)
286 {
287 EDMLOGD("EnterpriseDeviceMgrStub:AuthorizeAdminInner.");
288 std::unique_ptr<AppExecFwk::ElementName> admin(data.ReadParcelable<AppExecFwk::ElementName>());
289 if (!admin) {
290 reply.WriteInt32(EdmReturnErrCode::PARAM_ERROR);
291 return EdmReturnErrCode::PARAM_ERROR;
292 }
293 std::string bundleName = data.ReadString();
294 ErrCode ret = AuthorizeAdmin(*admin, bundleName);
295 reply.WriteInt32(ret);
296 return ERR_OK;
297 }
298 } // namespace EDM
299 } // namespace OHOS