1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "admin_manager.h"
17
18 #include <algorithm>
19 #include <ctime>
20 #include <fstream>
21 #include <iostream>
22
23 #include "directory_ex.h"
24 #include "edm_constants.h"
25 #include "edm_log.h"
26 #include "permission_manager.h"
27 #include "super_admin.h"
28
29 namespace OHOS {
30 namespace EDM {
31 std::shared_ptr<AdminManager> AdminManager::instance_;
32 std::mutex AdminManager::mutexLock_;
33
GetInstance()34 std::shared_ptr<AdminManager> AdminManager::GetInstance()
35 {
36 if (instance_ == nullptr) {
37 std::lock_guard<std::mutex> autoLock(mutexLock_);
38 if (instance_ == nullptr) {
39 instance_.reset(new (std::nothrow) AdminManager());
40 }
41 }
42 return instance_;
43 }
44
AdminManager()45 AdminManager::AdminManager()
46 {
47 EDMLOGI("AdminManager::AdminManager");
48 }
49
~AdminManager()50 AdminManager::~AdminManager()
51 {
52 EDMLOGI("AdminManager::~AdminManager");
53 admins_.clear();
54 }
55
GetReqPermission(const std::vector<std::string> & permissions,std::vector<EdmPermission> & reqPermissions)56 ErrCode AdminManager::GetReqPermission(const std::vector<std::string> &permissions,
57 std::vector<EdmPermission> &reqPermissions)
58 {
59 EDMLOGD("AdminManager::GetReqPermission");
60 PermissionManager::GetInstance()->GetReqPermission(permissions, reqPermissions);
61 return reqPermissions.empty() ? ERR_EDM_EMPTY_PERMISSIONS : ERR_OK;
62 }
63
GetAdminByUserId(int32_t userId,std::vector<std::shared_ptr<Admin>> & userAdmin)64 bool AdminManager::GetAdminByUserId(int32_t userId, std::vector<std::shared_ptr<Admin>> &userAdmin)
65 {
66 userAdmin.clear();
67 auto iter = admins_.find(userId);
68 if (iter == admins_.end()) {
69 EDMLOGW("GetAdminByUserId::get userId Admin failed. userId = %{public}d", userId);
70 return false;
71 }
72 userAdmin = iter->second;
73 return true;
74 }
75
GetAdminBySubscribeEvent(ManagedEvent event,std::unordered_map<int32_t,std::vector<std::shared_ptr<Admin>>> & subscribeAdmins)76 void AdminManager::GetAdminBySubscribeEvent(ManagedEvent event,
77 std::unordered_map<int32_t, std::vector<std::shared_ptr<Admin>>> &subscribeAdmins)
78 {
79 for (const auto &adminItem : admins_) {
80 std::vector<std::shared_ptr<Admin>> subAdmin;
81 for (const auto &it : adminItem.second) {
82 std::vector<ManagedEvent> events = it->adminInfo_.managedEvents_;
83 if (std::find(events.begin(), events.end(), event) != events.end()) {
84 subAdmin.push_back(it);
85 }
86 }
87 if (!subAdmin.empty()) {
88 subscribeAdmins[adminItem.first] = subAdmin;
89 }
90 }
91 }
92
SetAdminValue(AppExecFwk::ExtensionAbilityInfo & abilityInfo,EntInfo & entInfo,AdminType role,std::vector<std::string> & permissions,int32_t userId)93 ErrCode AdminManager::SetAdminValue(AppExecFwk::ExtensionAbilityInfo &abilityInfo, EntInfo &entInfo, AdminType role,
94 std::vector<std::string> &permissions, int32_t userId)
95 {
96 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
97 if (adminPoliciesStorageRdb == nullptr) {
98 EDMLOGE("AdminManager::SetAdminValue get adminPoliciesStorageRdb failed.");
99 return ERR_GET_STORAGE_RDB_FAILED;
100 }
101 std::vector<AdminPermission> reqPermission;
102 std::vector<std::string> permissionNames;
103 std::vector<std::shared_ptr<Admin>> admin;
104 PermissionManager::GetInstance()->GetReqPermission(permissions, reqPermission);
105 if (reqPermission.empty()) {
106 EDMLOGW("SetAdminValue::the application is requesting useless permissions");
107 }
108 for (const auto &it : reqPermission) {
109 if (role == AdminType::NORMAL && it.adminType == AdminType::ENT) {
110 return ERR_EDM_DENY_PERMISSION;
111 }
112 permissionNames.push_back(it.permissionName);
113 }
114
115 std::shared_ptr<Admin> adminItem = GetAdminByPkgName(abilityInfo.bundleName, userId);
116 if (!adminItem && !adminPoliciesStorageRdb->InsertAdmin(userId, abilityInfo, entInfo, role, permissions)) {
117 EDMLOGE("AdminManager::SetAdminValue failed.");
118 return ERR_EDM_ADD_ADMIN_FAILED;
119 } else if (adminItem && !adminPoliciesStorageRdb->UpdateAdmin(userId, abilityInfo, entInfo, role, permissions)) {
120 EDMLOGE("AdminManager::SetAdminValue failed.");
121 return ERR_EDM_ADD_ADMIN_FAILED;
122 }
123 bool ret = GetAdminByUserId(userId, admin);
124 if (role == AdminType::NORMAL) {
125 admin.emplace_back(std::make_shared<Admin>());
126 } else {
127 admin.emplace_back(std::make_shared<SuperAdmin>());
128 }
129 if (!ret) {
130 admins_.insert(std::pair<int32_t, std::vector<std::shared_ptr<Admin>>>(userId, admin));
131 adminItem = admin.back();
132 } else if (ret && !adminItem) {
133 admins_[userId] = admin;
134 adminItem = admin.back();
135 }
136 adminItem->adminInfo_.adminType_ = role;
137 adminItem->adminInfo_.entInfo_ = entInfo;
138 adminItem->adminInfo_.permission_ = permissionNames;
139 adminItem->adminInfo_.packageName_ = abilityInfo.bundleName;
140 adminItem->adminInfo_.className_ = abilityInfo.name;
141 return ERR_OK;
142 }
143
GetAdminByPkgName(const std::string & packageName,int32_t userId)144 std::shared_ptr<Admin> AdminManager::GetAdminByPkgName(const std::string &packageName, int32_t userId)
145 {
146 std::shared_ptr<Admin> subOrSuperAdmin;
147 if (SUCCEEDED(GetSubOrSuperAdminByPkgName(packageName, subOrSuperAdmin))) {
148 EDMLOGD("GetAdminByPkgName::get sub-super or super admin: %{public}s", packageName.c_str());
149 return subOrSuperAdmin;
150 }
151 std::vector<std::shared_ptr<Admin>> userAdmin;
152 if (!GetAdminByUserId(userId, userAdmin)) {
153 EDMLOGW("GetAdminByPkgName::get userId Admin failed. userId = %{public}d", userId);
154 return nullptr;
155 }
156 for (const auto &item : userAdmin) {
157 if (item->adminInfo_.packageName_ == packageName) {
158 return item;
159 }
160 }
161 EDMLOGD("GetAdminByPkgName::get admin failed. admin size = %{public}u, packageName = %{public}s",
162 (uint32_t)userAdmin.size(), packageName.c_str());
163 return nullptr;
164 }
165
DeleteAdmin(const std::string & packageName,int32_t userId)166 ErrCode AdminManager::DeleteAdmin(const std::string &packageName, int32_t userId)
167 {
168 auto iterMap = admins_.find(userId);
169 if (iterMap == admins_.end()) {
170 EDMLOGW("DeleteAdmin::get userId Admin failed. userId = %{public}d", userId);
171 return ERR_EDM_UNKNOWN_ADMIN;
172 }
173 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
174 if (adminPoliciesStorageRdb == nullptr) {
175 EDMLOGE("AdminManager::DeleteAdmin get adminPoliciesStorageRdb failed.");
176 return ERR_GET_STORAGE_RDB_FAILED;
177 }
178 if (!adminPoliciesStorageRdb->DeleteAdmin(userId, packageName)) {
179 EDMLOGW("delete admin (%{public}s) failed!", packageName.c_str());
180 return ERR_EDM_DEL_ADMIN_FAILED;
181 }
182 auto iter = std::remove_if(iterMap->second.begin(), iterMap->second.end(),
183 [&](std::shared_ptr<Admin> admin) { return admin->adminInfo_.packageName_ == packageName; });
184 iterMap->second.erase(iter, iterMap->second.end());
185 if (iterMap->second.empty()) {
186 admins_.erase(iterMap);
187 }
188 return ERR_OK;
189 }
190
GetGrantedPermission(std::vector<std::string> & permissions,AdminType type)191 ErrCode AdminManager::GetGrantedPermission(std::vector<std::string> &permissions, AdminType type)
192 {
193 if (permissions.empty()) {
194 EDMLOGW("GetGrantedPermission::permissions is empty");
195 return ERR_OK;
196 }
197 // filtering out non-edm permissions
198 std::vector<AdminPermission> reqPermission;
199 PermissionManager::GetInstance()->GetReqPermission(permissions, reqPermission);
200 if (reqPermission.empty()) {
201 EDMLOGW("GetGrantedPermission::edm permission is empty");
202 return ERR_OK;
203 }
204
205 // filter out super permissions if admin is NORMAL
206 std::vector<std::string> permissionNameList;
207 for (const auto &it : reqPermission) {
208 if ((type == AdminType::NORMAL) && (it.adminType == AdminType::ENT)) {
209 continue;
210 }
211 permissionNameList.push_back(it.permissionName);
212 }
213 permissions.assign(permissionNameList.begin(), permissionNameList.end());
214 return ERR_OK;
215 }
216
UpdateAdmin(AppExecFwk::ExtensionAbilityInfo & abilityInfo,const std::vector<std::string> & permissions,int32_t userId)217 ErrCode AdminManager::UpdateAdmin(AppExecFwk::ExtensionAbilityInfo &abilityInfo,
218 const std::vector<std::string> &permissions, int32_t userId)
219 {
220 auto adminItem = GetAdminByPkgName(abilityInfo.bundleName, userId);
221 if (adminItem == nullptr) {
222 EDMLOGW("UpdateAdmin::get null admin, never get here");
223 return ERR_EDM_UNKNOWN_ADMIN;
224 }
225 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
226 if (adminPoliciesStorageRdb == nullptr) {
227 EDMLOGE("AdminManager::UpdateAdmin get adminPoliciesStorageRdb failed.");
228 return ERR_GET_STORAGE_RDB_FAILED;
229 }
230
231 std::vector<std::string> combinePermission = permissions;
232 ErrCode ret = GetGrantedPermission(combinePermission, adminItem->adminInfo_.adminType_);
233 if (ret != ERR_OK) {
234 EDMLOGW("UpdateAdmin::GetGrantedPermission failed");
235 return ret;
236 }
237
238 if (!adminPoliciesStorageRdb->UpdateAdmin(userId, abilityInfo.bundleName, abilityInfo.name, combinePermission)) {
239 EDMLOGW("UpdateAdmin::update admin failed.");
240 return ERR_EDM_UNKNOWN_ADMIN;
241 }
242 adminItem->adminInfo_.permission_ = combinePermission;
243 adminItem->adminInfo_.packageName_ = abilityInfo.bundleName;
244 adminItem->adminInfo_.className_ = abilityInfo.name;
245 return ERR_OK;
246 }
247
248 // success is returned as long as there is a super administrator
IsSuperAdminExist()249 bool AdminManager::IsSuperAdminExist()
250 {
251 std::vector<std::shared_ptr<Admin>> userAdmin;
252 bool ret = GetAdminByUserId(DEFAULT_USER_ID, userAdmin);
253 if (!ret) {
254 EDMLOGD("IsSuperAdminExist::not find super Admin");
255 return false;
256 }
257 return std::any_of(userAdmin.begin(), userAdmin.end(),
258 [](const std::shared_ptr<Admin> &admin) { return admin->adminInfo_.adminType_ == AdminType::ENT; });
259 }
260
IsSuperAdmin(const std::string & bundleName)261 bool AdminManager::IsSuperAdmin(const std::string &bundleName)
262 {
263 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, DEFAULT_USER_ID);
264 if (admin == nullptr) {
265 EDMLOGW("IsSuperAdmin: admin == nullptr.");
266 return false;
267 }
268 if (admin->adminInfo_.adminType_ == AdminType::ENT) {
269 EDMLOGW("IsSuperAdmin: admin->adminInfo_.adminType_ == AdminType::ENT.");
270 return true;
271 }
272 return false;
273 }
274
IsAdminExist()275 bool AdminManager::IsAdminExist()
276 {
277 return !admins_.empty();
278 }
279
IsSuperOrSubSuperAdmin(const std::string & bundleName)280 bool AdminManager::IsSuperOrSubSuperAdmin(const std::string &bundleName)
281 {
282 std::shared_ptr<Admin> superAdmin;
283 superAdmin = GetAdminByPkgName(bundleName, DEFAULT_USER_ID);
284 if (superAdmin == nullptr) {
285 return false;
286 }
287 return superAdmin->adminInfo_.adminType_ == AdminType::ENT ||
288 superAdmin->adminInfo_.adminType_ == AdminType::SUB_SUPER_ADMIN;
289 }
290
291 /*
292 * There are different administrator types according to the input parameters.
293 * Returns a list of package names
294 */
GetEnabledAdmin(AdminType role,std::vector<std::string> & packageNameList,int32_t userId)295 void AdminManager::GetEnabledAdmin(AdminType role, std::vector<std::string> &packageNameList, int32_t userId)
296 {
297 packageNameList.clear();
298 std::vector<std::shared_ptr<Admin>> userAdmin;
299 bool ret = GetAdminByUserId(userId, userAdmin);
300 if (!ret) {
301 EDMLOGW("GetEnabledAdmin::not find enabled Admin. userId = %{public}d", userId);
302 return;
303 }
304 EDMLOGD("AdminManager:GetEnabledAdmin adminType: %{public}d , admin size: %{public}zu", role, userAdmin.size());
305 if (static_cast<int32_t>(role) >= static_cast<int32_t>(AdminType::UNKNOWN) ||
306 static_cast<int32_t>(role) < static_cast<int32_t>(AdminType::NORMAL)) {
307 EDMLOGD("there is no admin(%{public}u) device manager package name list!", role);
308 return;
309 }
310
311 for (const auto &item : userAdmin) {
312 if (item->adminInfo_.adminType_ == role) {
313 std::string adminName = item->adminInfo_.packageName_ + "/" + item->adminInfo_.className_;
314 packageNameList.push_back(adminName);
315 }
316 }
317 }
318
GetSubOrSuperAdminByPkgName(const std::string & subAdminName,std::shared_ptr<Admin> & subOrSuperAdmin)319 ErrCode AdminManager::GetSubOrSuperAdminByPkgName(const std::string &subAdminName,
320 std::shared_ptr<Admin> &subOrSuperAdmin)
321 {
322 std::vector<std::shared_ptr<Admin>> userAdmin;
323 if (!GetAdminByUserId(DEFAULT_USER_ID, userAdmin)) {
324 EDMLOGW("GetSubOrSuperAdminByPkgName::not find Admin under default user id");
325 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
326 }
327 auto adminItem = std::find_if(userAdmin.begin(), userAdmin.end(), [&](const std::shared_ptr<Admin> &admin) {
328 return admin->adminInfo_.packageName_ == subAdminName && (admin->adminInfo_.adminType_ == AdminType::ENT ||
329 admin->adminInfo_.adminType_ == AdminType::SUB_SUPER_ADMIN);
330 });
331 if (adminItem == userAdmin.end()) {
332 EDMLOGW("GetSubOrSuperAdminByPkgName::not find sub-super admin or super Admin");
333 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
334 }
335 subOrSuperAdmin = *adminItem;
336 return ERR_OK;
337 }
338
GetSubSuperAdminsByParentName(const std::string & parentName,std::vector<std::string> & subAdmins)339 ErrCode AdminManager::GetSubSuperAdminsByParentName(const std::string &parentName, std::vector<std::string> &subAdmins)
340 {
341 subAdmins.clear();
342 std::vector<std::shared_ptr<Admin>> userAdmin;
343 if (!GetAdminByUserId(DEFAULT_USER_ID, userAdmin)) {
344 EDMLOGE("GetSubSuperAdminsByParentName::not find Admin under default user id.");
345 return ERR_EDM_SUPER_ADMIN_NOT_FOUND;
346 }
347 for (const auto &admin : userAdmin) {
348 if (admin->adminInfo_.adminType_ == AdminType::SUB_SUPER_ADMIN &&
349 admin->adminInfo_.parentAdminName_ == parentName) {
350 subAdmins.push_back(admin->adminInfo_.packageName_);
351 }
352 }
353 return ERR_OK;
354 }
355
GetEntInfo(const std::string & packageName,EntInfo & entInfo,int32_t userId)356 ErrCode AdminManager::GetEntInfo(const std::string &packageName, EntInfo &entInfo, int32_t userId)
357 {
358 std::vector<std::shared_ptr<Admin>> userAdmin;
359 bool ret = GetAdminByUserId(userId, userAdmin);
360 if (!ret) {
361 EDMLOGW("GetEntInfo::not find Admin. userId = %{public}d", userId);
362 return ERR_EDM_UNKNOWN_ADMIN;
363 }
364 for (const auto &item : userAdmin) {
365 if (item->adminInfo_.packageName_ == packageName) {
366 entInfo = item->adminInfo_.entInfo_;
367 return ERR_OK;
368 }
369 }
370 return ERR_EDM_UNKNOWN_ADMIN;
371 }
372
SetEntInfo(const std::string & packageName,EntInfo & entInfo,int32_t userId)373 ErrCode AdminManager::SetEntInfo(const std::string &packageName, EntInfo &entInfo, int32_t userId)
374 {
375 std::vector<std::shared_ptr<Admin>> userAdmin;
376 bool ret = GetAdminByUserId(userId, userAdmin);
377 if (!ret) {
378 EDMLOGW("SetEntInfo::not find Admin. userId = %{public}d", userId);
379 return ERR_EDM_UNKNOWN_ADMIN;
380 }
381 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
382 if (adminPoliciesStorageRdb == nullptr) {
383 EDMLOGE("AdminManager::SetEntInfo get adminPoliciesStorageRdb failed.");
384 return ERR_GET_STORAGE_RDB_FAILED;
385 }
386 for (auto &item : userAdmin) {
387 if (item->adminInfo_.packageName_ == packageName &&
388 adminPoliciesStorageRdb->UpdateEntInfo(userId, packageName, entInfo)) {
389 item->adminInfo_.entInfo_ = entInfo;
390 return ERR_OK;
391 }
392 }
393 return ERR_EDM_UNKNOWN_ADMIN;
394 }
395
SaveSubscribeEvents(const std::vector<uint32_t> & events,const std::string & bundleName,int32_t userId)396 ErrCode AdminManager::SaveSubscribeEvents(const std::vector<uint32_t> &events, const std::string &bundleName,
397 int32_t userId)
398 {
399 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, userId);
400 if (admin == nullptr) {
401 return ERR_EDM_UNKNOWN_ADMIN;
402 }
403 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
404 if (adminPoliciesStorageRdb == nullptr) {
405 EDMLOGE("AdminManager::SaveSubscribeEvents get adminPoliciesStorageRdb failed.");
406 return ERR_GET_STORAGE_RDB_FAILED;
407 }
408 std::vector<ManagedEvent> oldManagedEvents = admin->adminInfo_.managedEvents_;
409 size_t eventsNumber = admin->adminInfo_.managedEvents_.size();
410 for (const auto &event : events) {
411 std::vector<ManagedEvent> managedEvents = admin->adminInfo_.managedEvents_;
412 ManagedEvent subEvent = static_cast<ManagedEvent>(event);
413 if (std::find(managedEvents.begin(), managedEvents.end(), subEvent) == managedEvents.end()) {
414 admin->adminInfo_.managedEvents_.push_back(subEvent);
415 }
416 }
417 if (admin->adminInfo_.managedEvents_.size() > eventsNumber &&
418 !adminPoliciesStorageRdb->UpdateManagedEvents(userId, admin->adminInfo_.packageName_,
419 admin->adminInfo_.managedEvents_)) {
420 admin->adminInfo_.managedEvents_ = oldManagedEvents;
421 return ERR_EDM_UNKNOWN_ADMIN;
422 }
423 return ERR_OK;
424 }
425
RemoveSubscribeEvents(const std::vector<uint32_t> & events,const std::string & bundleName,int32_t userId)426 ErrCode AdminManager::RemoveSubscribeEvents(const std::vector<uint32_t> &events, const std::string &bundleName,
427 int32_t userId)
428 {
429 std::shared_ptr<Admin> admin = GetAdminByPkgName(bundleName, userId);
430 if (admin == nullptr) {
431 return ERR_EDM_UNKNOWN_ADMIN;
432 }
433 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
434 if (adminPoliciesStorageRdb == nullptr) {
435 EDMLOGE("AdminManager::RemoveSubscribeEvents get adminPoliciesStorageRdb failed.");
436 return ERR_GET_STORAGE_RDB_FAILED;
437 }
438
439 std::vector<ManagedEvent> oldManagedEvents = admin->adminInfo_.managedEvents_;
440 size_t eventsNumber = admin->adminInfo_.managedEvents_.size();
441 auto iter = std::remove_if(admin->adminInfo_.managedEvents_.begin(), admin->adminInfo_.managedEvents_.end(),
442 [&](ManagedEvent managedEvent) {
443 return std::find(events.begin(), events.end(), static_cast<uint32_t>(managedEvent)) != events.end();
444 });
445 admin->adminInfo_.managedEvents_.erase(iter, admin->adminInfo_.managedEvents_.end());
446
447 if (admin->adminInfo_.managedEvents_.size() < eventsNumber &&
448 !adminPoliciesStorageRdb->UpdateManagedEvents(userId, admin->adminInfo_.packageName_,
449 admin->adminInfo_.managedEvents_)) {
450 admin->adminInfo_.managedEvents_ = oldManagedEvents;
451 return ERR_EDM_UNKNOWN_ADMIN;
452 }
453 return ERR_OK;
454 }
455
SaveAuthorizedAdmin(const std::string & bundleName,const std::vector<std::string> & permissions,const std::string & parentName)456 ErrCode AdminManager::SaveAuthorizedAdmin(const std::string &bundleName, const std::vector<std::string> &permissions,
457 const std::string &parentName)
458 {
459 std::vector<std::shared_ptr<Admin>> admin;
460 if (!GetAdminByUserId(DEFAULT_USER_ID, admin)) {
461 return ERR_SAVE_AUTHORIZED_ADMIN_FAILED;
462 }
463 std::shared_ptr<Admin> adminItem = GetAdminByPkgName(bundleName, DEFAULT_USER_ID);
464 if (!adminItem &&
465 !AdminPoliciesStorageRdb::GetInstance()->InsertAuthorizedAdmin(bundleName, permissions, parentName)) {
466 EDMLOGE("AdminManager::InsertAuthorizedAdmin save authorized failed.");
467 return ERR_SAVE_AUTHORIZED_ADMIN_FAILED;
468 }
469 if (adminItem) {
470 if (adminItem->GetAdminType() != AdminType::SUB_SUPER_ADMIN) {
471 EDMLOGE("AdminManager::UpdateAuthorizedAdmin can only update sub-super admin.");
472 return ERR_SAVE_AUTHORIZED_ADMIN_FAILED;
473 }
474 if (!AdminPoliciesStorageRdb::GetInstance()->UpdateAuthorizedAdmin(bundleName, permissions, parentName)) {
475 EDMLOGE("AdminManager::UpdateAuthorizedAdmin save authorized failed.");
476 return ERR_SAVE_AUTHORIZED_ADMIN_FAILED;
477 }
478 }
479 if (!adminItem) {
480 admin.emplace_back(std::make_shared<Admin>());
481 admins_[DEFAULT_USER_ID] = admin;
482 adminItem = admin.back();
483 adminItem->adminInfo_.adminType_ = AdminType::SUB_SUPER_ADMIN;
484 }
485 adminItem->adminInfo_.packageName_ = bundleName;
486 adminItem->adminInfo_.permission_ = permissions;
487 adminItem->adminInfo_.parentAdminName_ = parentName;
488 return ERR_OK;
489 }
490
GetSuperAdmin()491 std::shared_ptr<Admin> AdminManager::GetSuperAdmin()
492 {
493 if (admins_.find(DEFAULT_USER_ID) != admins_.end()) {
494 auto item = std::find_if(admins_[DEFAULT_USER_ID].begin(), admins_[DEFAULT_USER_ID].end(),
495 [&](const std::shared_ptr<Admin>& admin) { return admin->GetAdminType() == AdminType::ENT; });
496 if (item != admins_[DEFAULT_USER_ID].end()) {
497 return *item;
498 }
499 }
500 return nullptr;
501 }
502
503 // init
Init()504 void AdminManager::Init()
505 {
506 auto adminPoliciesStorageRdb = AdminPoliciesStorageRdb::GetInstance();
507 if (adminPoliciesStorageRdb != nullptr) {
508 admins_ = adminPoliciesStorageRdb->QueryAllAdmin();
509 } else {
510 EDMLOGE("AdminManager::Init failed.");
511 }
512 }
513 } // namespace EDM
514 } // namespace OHOS
515